diff options
author | Benoît Ganne <bganne@cisco.com> | 2021-09-29 18:51:31 +0200 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2021-10-07 15:21:11 +0000 |
commit | 9d22cb363e95d679f58481eb767eed81a58e8237 (patch) | |
tree | dd98eb7f940731fadb87192a8b3c97abfeb65426 /src/plugins/ikev2 | |
parent | 9e17887db97bb9f6507270f9fa9923c10816e0df (diff) |
ikev2: do not send IDi on responder AUTH
The IDi is not mentioned in the RFC for the responder AUTH message, and
it confuses some IKE implementations.
Type: fix
Change-Id: I2bcefa1efd315412a6f5fa592668d4e0da510264
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Diffstat (limited to 'src/plugins/ikev2')
-rw-r--r-- | src/plugins/ikev2/ikev2.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c index 3d95da315f1..fe4c154e9c9 100644 --- a/src/plugins/ikev2/ikev2.c +++ b/src/plugins/ikev2/ikev2.c @@ -2385,7 +2385,6 @@ ikev2_generate_message (vlib_buffer_t *b, ikev2_sa_t *sa, ike_header_t *ike, if (sa->state == IKEV2_STATE_AUTHENTICATED) { ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR); - ikev2_payload_add_id (chain, &sa->i_id, IKEV2_PAYLOAD_IDI); ikev2_payload_add_auth (chain, &sa->r_auth); ikev2_payload_add_sa (chain, sa->childs[0].r_proposals); ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI); |