[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Sat Oct 10 03:46:04 UTC 2015
New commits:
commit d9512bb27c8526995182c4cf6981c9fad690d291
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Oct 9 23:44:40 2015 -0400
pluto: OE move orphan_holdpass() call into delete_state()
We were missing cases where failures did not lead to a proper shunt.
Instead of duplicating the code further, move it into delete_state()
and if the state is a failed OE initiator state, call orphan_holdpass()
to install the bare shunt.
commit 2165abd4ca3cd7bc7fe4ffe8e52b5a727d595178
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Oct 9 20:28:02 2015 -0400
testing: update description text
commit 475dd15fcc41c96ce51865262c01234c21cdb17b
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Oct 9 18:15:38 2015 -0400
pluto: deleting opportunistic Parent with no Child SA
This happens when OE is enabled on responder behind NAT with a
port forward (like Amazon AWS)
With the state deleted, any traffic received will cause our own
ACQUIRE (if the other end is in private-or-clear) to initiate on
our own to the remote. For now, we then fail open with a passthrough
but in the future, we will do NAT OE.
More information about the Swan-commit
mailing list