[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Fri May 16 16:15:16 EEST 2014
New commits:
commit 9094e3cc6a20da24749ca5157c67d25d4e7d3068
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu May 15 21:26:38 2014 -0400
IKEv1: extend passerts in compute_proto_keymat() to cover all ESP's
This functionality is identical for IKEv1 and IKEv2 and should be
factored out for re-use.
commit 01ade14688b135b7c4e4a5fdadd6739b3b396278
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu May 15 20:55:17 2014 -0400
pluto: Implement key size checking for ike= and esp=
This also changes parser_alg_info_add to return an err_t
This prevents things like ike=3des666 and esp=aes333-sha1 from being
loaded as a valid policy.
commit 552aa8d4b68f9bcac6d0f9b3d71f37c71d3804c0
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu May 15 20:53:49 2014 -0400
alg_info: Change unset ESP default from ESP_3DES to ESP_AES
I don't think this code can actually be hit, because if there is no esp=
line we put in our default proposal (which allows AES and 3DES)
commit 647c5bc7091590209e846d4bc145ea2607b3fee2
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu May 15 20:51:45 2014 -0400
ietf_constants: Add valid key sizes for encryption algorithms
Add min, default and max along with their RFC number (where available)
commit 2d0a4be2968457d58954b79b6496927cb7f157d0
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu May 15 15:44:01 2014 -0400
pluto: don't die when the only loaded proposal is completely invalid
More information about the Swan-commit
mailing list