diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2016-08-31 11:44:11 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2016-08-31 11:47:25 +0200 |
| commit | f883cd6df6d3d1471ea1249fb3189b6e8c5c29d0 (patch) | |
| tree | 156b4453ef74e474412e5aeebd6b22f3686e05c4 | |
| parent | bbd46207777bf191ddc3cfd42c0b1576efe9357e (diff) | |
| download | strongswan-f883cd6df6d3d1471ea1249fb3189b6e8c5c29d0.tar.bz2 strongswan-f883cd6df6d3d1471ea1249fb3189b6e8c5c29d0.tar.xz | |
swanctl: Document how DH groups in CHILD_SA proposals are applied
References #1039.
| -rw-r--r-- | src/swanctl/swanctl.opt | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/src/swanctl/swanctl.opt b/src/swanctl/swanctl.opt index fe5b293fb..15cbc6cfc 100644 --- a/src/swanctl/swanctl.opt +++ b/src/swanctl/swanctl.opt @@ -472,7 +472,7 @@ connections.<conn>.children.<child>.ah_proposals = For AH, this includes an integrity algorithm and an optional Diffie-Hellman group. If a DH group is specified, CHILD_SA/Quick Mode rekeying and initial negotiation uses a separate Diffie-Hellman exchange using the specified - group. + group (refer to _esp_proposals_ for details). In IKEv2, multiple algorithms of the same kind can be specified in a single proposal, from which one gets selected. In IKEv1, only one algorithm per @@ -495,11 +495,18 @@ connections.<conn>.children.<child>.esp_proposals = default mode algorithm is used instead of the separate encryption/integrity algorithms. - If a DH group is specified, CHILD_SA/Quick Mode rekeying and initial (non - IKE_AUTH piggybacked) negotiation uses a separate Diffie-Hellman exchange - using the specified group. Extended Sequence Number support may be indicated - with the _esn_ and _noesn_ values, both may be included to indicate support - for both modes. If omitted, _noesn_ is assumed. + If a DH group is specified, CHILD_SA/Quick Mode rekeying and initial + negotiation use a separate Diffie-Hellman exchange using the specified + group. However, for IKEv2, the keys of the CHILD_SA created implicitly with + the IKE_SA will always be derived from the IKE_SA's key material. So any DH + group specified here will only apply when the CHILD_SA is later rekeyed or + is created with a separate CREATE_CHILD_SA exchange. A proposal mismatch + might, therefore, not immediately be noticed when the SA is established, but + may later cause rekeying to fail. + + Extended Sequence Number support may be indicated with the _esn_ and _noesn_ + values, both may be included to indicate support for both modes. If omitted, + _noesn_ is assumed. In IKEv2, multiple algorithms of the same kind can be specified in a single proposal, from which one gets selected. In IKEv1, only one algorithm per |