[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Sat Aug 30 06:10:21 EEST 2014
New commits:
commit 04a7374e3026e0d8440aac4127a6473b02b09ab7
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Aug 29 23:09:05 2014 -0400
libswan: reject ESP_* ciphers we don't want to support (but want to know)
This is in alg_info_esp_aa2sadb() which is a somewhat dubious function,
as the sadb numbering does not fully cover the possible entries for IKEv2,
and conflicts with some entries in IKEv1 (eg ESP_SEED_CBC which has been removed)
commit 2c33f7277644eac1b4028bf0372bb1251b174ff4
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Aug 29 23:05:41 2014 -0400
testing: updated algparse.c and known good output
- Some more test cases fixed, such as rejected ESP_DES, ESP_BLOWFISH
- Added some new algos, like camellia and aes_ctr variants
- Removed the aes_[gc]cm_[8|12|16] as those are handled via aliases
- Camellia now uses the IKEv2 entry (23) not the IKEv1 entry (22)
- aes_cbc is now aes_xcbc
two errors remain:
esp=modp1024 fails (only works when specifying algo-hash;modpXXX)
ah=null should fail but not assertion fail
More information about the Swan-commit
mailing list