[Openswan dev] Initiate on demand and netkey
Avesh Agarwal
avagarwa at redhat.com
Fri Feb 4 11:20:36 EST 2011
On 02/04/2011 09:26 AM, Mattias Walstrom wrote:
> We have had problems with initiate on demand triggering, and it often goes well but sometimes this results in different understanding about which SPI to use for the traffic on both ends (and communication is lost).
>
> As I had understood, intiate on demand is only useful for MAST/KLIPS, or have I missed something here?
>
> Index: openswan-2.6.32/programs/pluto/initiate.c
> ===================================================================
> --- openswan-2.6.32.orig/programs/pluto/initiate.c
> +++ openswan-2.6.32/programs/pluto/initiate.c
> @@ -730,6 +730,9 @@ initiate_ondemand_body(struct find_oppo_
> /* on klips/mast assume we will do something */
> work = (kern_interface == USE_KLIPS || kern_interface == USE_MASTKLIPS);
>
> + if (!work)
> + return work;
> +
> /* What connection shall we use?
> * First try for one that explicitly handles the clients.
> */
We use initiation on demand with netkey frequently. The issue you are
stating, needs to be fixed somewhere else.
Thanks and Regards
Avesh
> _______________________________________________
> Dev mailing list
> Dev at openswan.org
> http://lists.openswan.org/mailman/listinfo/dev
More information about the Dev
mailing list