Try to rekey without KE exchange if peer returns INVALID_KE_PAYLOAD(NONE)
authorMartin Willi <martin@revosec.ch>
Fri, 8 Jun 2012 08:35:02 +0000 (10:35 +0200)
committerMartin Willi <martin@revosec.ch>
Fri, 8 Jun 2012 08:35:02 +0000 (10:35 +0200)
commit82ad53b776972782c39c2c49fe7cc040bd56f56f
tree8b52d5776a909606ba37024b7065d18cecf1bc87
parent2d4c347af9ffe408ba252b1fa3b6c16583a4715c
Try to rekey without KE exchange if peer returns INVALID_KE_PAYLOAD(NONE)

According to RFC5996, implementations should just ignore the KE payload
if they select a non-PFS proposals. Some implementations don't, but
return MODP_NONE in INVALID_KE_PAYLOAD, hence we accept that, too.
src/libcharon/sa/ikev2/tasks/child_create.c