[Swan-commit] Changes to ref refs/heads/master

Antony Antony antony at vault.libreswan.fi
Mon Jun 26 07:45:05 UTC 2017 

New commits:
commit 6a26fe3bcc5334b91b8c6c2ef416fffec253dcad
Merge: 16647a1 3c9ab9b
Author: Antony Antony <antony at phenome.org>
Date:   Sun Jun 25 21:32:07 2017 +0000

    Merge branch 'ikev2-duplicate-acquire' into master

commit 16647a115b7c0fb5cee30c0f4b215049d715e2de
Author: Antony Antony <antony at phenome.org>
Date:   Sun Jun 25 20:57:12 2017 +0000

    ikev2: change sig hash calculation on initiator add I3
    
    merge commit 59b1d0413025f changed the code path for retransmit on
    the responder now the AUTH message get re-transmitted. However, the
    inititator parent has advanced with success of previous AUTH message
    to I3. The child state didn't, e.g kernel didn't support ESP algorithm.
    
    To allow allow processing of re-transmitted AUTH message add I3
    to ikev2_calculate_psk_sighash. testcase that shows this regression
    newoe-02-klips
    
    Now parent state advance to established if the child fails.

commit 754a074342588a6700b5d3e788067dca3b3d9a8b
Author: Antony Antony <antony at phenome.org>
Date:   Sat Jun 24 23:57:06 2017 +0200

    build: add missing \ from commit d6eb581

commit 3c9ab9b61024cd0928fdb0680dc81afb25b37a69
Author: Antony Antony <antony at phenome.org>
Date:   Thu Jun 22 13:40:04 2017 +0200

    ikev2: CREATE_CHILD_SA responder count as pending phase 2

commit 87a4c8c497e45887daba5f88e3cafab3db573aad
Author: Antony Antony <antony at phenome.org>
Date:   Thu Jun 22 13:30:45 2017 +0200

    ikev2: CREATE_CHILD_SA responder accept TSi and TSr before crypto start

commit 019abb3a2c8f99649774f5fcce038d1e69ebf15d
Author: Antony Antony <antony at phenome.org>
Date:   Thu Jun 22 11:15:10 2017 +0200

    ikev2: rekey responder check REKEY_SA and match SPI before crypto starts
    
    when CREATE_CHILD_SA request arrives check if it is a REKEY_SA,
    and match SPI if necessary, before crypto starts.
    Copy the TSi TSr after the crypto finsh.

commit 33d379659a85dabd09a3273e7ffa8643be9631a1
Author: Antony Antony <antony at phenome.org>
Date:   Thu Jun 22 10:20:29 2017 +0200

    ikev2: improve comments

commit cca86d25dd73f188d49c4bb47e03250e005393a8
Author: Antony Antony <antony at phenome.org>
Date:   Wed Jun 21 14:29:39 2017 +0200

    ikev2: when a new acuqire is triggered check pending connections
    
    this prevent multiple acquire in lan-to-lan case.
    Check for duplicates for the same connection.
    Only check for pending, established connections should not trigger
    an acquire.

commit 06bdc0b3c7ab041d9ba7f69ddcb43032470bd622
Author: Antony Antony <antony at phenome.org>
Date:   Wed Jun 21 12:50:42 2017 +0200

    pluto: improve duplicate_state debug log msessage

commit 7faf617e18d250373800d0ce0378d09dcaa73edd
Author: Antony Antony <antony at phenome.org>
Date:   Wed Jun 21 12:34:38 2017 +0200

    pluto: remove a confusing comment

More information about the Swan-commit mailing list