[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Sun Jun 14 22:33:05 EEST 2015
New commits:
commit 896957f821355ddbfab834b6cbd4d1944c81035c
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jun 14 15:32:07 2015 -0400
testing: updated most kev2-liveness-0* tests
But not ikev2-liveness-07 bcause I think that still shows a problem
commit 150b8c9d4d73eca5d820916bfe54a689cd08c6e4
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jun 14 00:17:24 2015 -0400
pluto: ikev2 retransmit detection logic was broken
It would false mark informational responses (after the first two) as
duplicates.
It would also flag duplicates when receiving an IKEv2 Request, and
not answer, but that would only lead to receibing a duplicated request.
So it is better to just process the duplicate on the first go and answer.
commit 132b01f472abbc4228c2c6191d5616769b813a9c
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jun 14 00:14:43 2015 -0400
pluto: ikev2_send_informational() did not update msgid counters
It cannot do this via ikev2_update_msgid_counters() because it
has no pointer to the message digest (md)
But since we know we are the initiator for this exchange, we know
which state counters to update, so just do it directly.
commit 44e3bdbbafb219e54bcc3d49c5fd078dda13b006
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jun 14 00:11:48 2015 -0400
pluto: process_encrypted_informational_ikev2() fix for msgid counter
Only some branches in process_encrypted_informational_ikev2() that
needed to call ikev2_update_msgid_counters() did so.
To simplify things, don't call these in the branches but just at the
end of the function. There is one catch, one branch deletes the state,
so in ikev2_update_msgid_counters() check for st == NULL and just
do nothing.
More information about the Swan-commit
mailing list