> > > commit 68fb298d059854253e8267680aeee1ee1f3158a3 > Author: Paul Wouters <[email protected]> > Date: Sun Jul 4 22:15:51 2021 -0400 > > pluto: When Child state fails, don't tear down IKE SA > > In complete_v2_state_transition() for a child SA state STF_FATAL > error, don't call delete_ike_family() > >
A create child sa transaction can finish in one of three ways: - ok ... - fail, the specific sa needs to be deleted but the ike sa remains - fatal, something bad happened the entire family is dead; thing INVALID_SYNTAX https://github.com/libreswan/libreswan/commit/1f72ba5ce87a34bc3140e2e8fcaf843011f6a959 went through and eliminated remaining cases where fail+v2n was returned; it sounds like we've still got cases where FATAL is being returned. so this is going in the wrong direction
_______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
