Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: cd35ed4) | patch
ikev2: don't add DH group in ESP transform proposals 92/27492/4
authorFilip Tehlar <ftehlar@cisco.com>
Sat, 6 Jun 2020 01:19:31 +0000 (01:19 +0000)
committerBenoît Ganne <bganne@cisco.com>
Thu, 11 Jun 2020 16:50:55 +0000 (16:50 +0000)
commit4cb21c8e5d70d20df94f5d892471a11488547881
tree64ecd774eeba28c4102145f5fcfc21a4cde396d0tree | snapshot
parentcd35ed48d44615c49617e6d0135396b57cd43cd5commit | diff
ikev2: don't add DH group in ESP transform proposals

Type: fix

Anouncing DH group in esp transform proposals will enable PFS which is
not suppored now. This fixes issue during rekey when using strongswan as
responder.

Change-Id: Ib9f586113ae0ab9dc67e6ceadff43f8aac463820
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
src/plugins/ikev2/ikev2.c diff | blob | history
src/plugins/ikev2/ikev2_cli.c diff | blob | history
Vector Packet Processing