[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Mon Nov 2 09:28:37 UTC 2015
New commits:
commit 9b00af3417381bfb707ada1b960b4701ec83a8af
Author: Wolfgang Nothdurft <Wolfgang.Nothdurft at linogate.de>
Date: Mon Nov 2 18:28:13 2015 +0900
pluto: set id before invalidating the certificate (lbz#245)
Signed-off-by: Paul Wouters <pwouters at redhat.com>
commit 3689dd5655b13b847879449952c6a0142b11442f
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Oct 31 18:56:23 2015 -0400
updated CHANGES
commit 849c182c0443fc469845a3cd6554b87edd7d0b7b
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Oct 31 18:54:53 2015 -0400
pluto: Add support for replay-window=
The size of the IPsec SA replay window protection. The default
is kernel stack specific, but usually 32. Linux NETKEY/XFRM
and Linux KLIPS support up to 64. A value of 0 disables replay
protection. Disabling of replay protection is sometimes used
on a pair of IPsec servers in a High Availability setup. Note
that technically, at least the Linux kernel can install IPsec
SA's with an IPsec SA Sequence Number, but this is currently
not supported by libreswan.
More information about the Swan-commit
mailing list