[Swan-commit] Changes to ref refs/heads/master
Antony Antony
antony at vault.libreswan.fi
Mon Jun 26 07:45:05 UTC 2017
New commits:
commit 6a26fe3bcc5334b91b8c6c2ef416fffec253dcad
Merge: 16647a1 3c9ab9b
Author: Antony Antony <antony at phenome.org>
Date: Sun Jun 25 21:32:07 2017 +0000
Merge branch 'ikev2-duplicate-acquire' into master
commit 16647a115b7c0fb5cee30c0f4b215049d715e2de
Author: Antony Antony <antony at phenome.org>
Date: Sun Jun 25 20:57:12 2017 +0000
ikev2: change sig hash calculation on initiator add I3
merge commit 59b1d0413025f changed the code path for retransmit on
the responder now the AUTH message get re-transmitted. However, the
inititator parent has advanced with success of previous AUTH message
to I3. The child state didn't, e.g kernel didn't support ESP algorithm.
To allow allow processing of re-transmitted AUTH message add I3
to ikev2_calculate_psk_sighash. testcase that shows this regression
newoe-02-klips
Now parent state advance to established if the child fails.
commit 754a074342588a6700b5d3e788067dca3b3d9a8b
Author: Antony Antony <antony at phenome.org>
Date: Sat Jun 24 23:57:06 2017 +0200
build: add missing \ from commit d6eb581
commit 3c9ab9b61024cd0928fdb0680dc81afb25b37a69
Author: Antony Antony <antony at phenome.org>
Date: Thu Jun 22 13:40:04 2017 +0200
ikev2: CREATE_CHILD_SA responder count as pending phase 2
commit 87a4c8c497e45887daba5f88e3cafab3db573aad
Author: Antony Antony <antony at phenome.org>
Date: Thu Jun 22 13:30:45 2017 +0200
ikev2: CREATE_CHILD_SA responder accept TSi and TSr before crypto start
commit 019abb3a2c8f99649774f5fcce038d1e69ebf15d
Author: Antony Antony <antony at phenome.org>
Date: Thu Jun 22 11:15:10 2017 +0200
ikev2: rekey responder check REKEY_SA and match SPI before crypto starts
when CREATE_CHILD_SA request arrives check if it is a REKEY_SA,
and match SPI if necessary, before crypto starts.
Copy the TSi TSr after the crypto finsh.
commit 33d379659a85dabd09a3273e7ffa8643be9631a1
Author: Antony Antony <antony at phenome.org>
Date: Thu Jun 22 10:20:29 2017 +0200
ikev2: improve comments
commit cca86d25dd73f188d49c4bb47e03250e005393a8
Author: Antony Antony <antony at phenome.org>
Date: Wed Jun 21 14:29:39 2017 +0200
ikev2: when a new acuqire is triggered check pending connections
this prevent multiple acquire in lan-to-lan case.
Check for duplicates for the same connection.
Only check for pending, established connections should not trigger
an acquire.
commit 06bdc0b3c7ab041d9ba7f69ddcb43032470bd622
Author: Antony Antony <antony at phenome.org>
Date: Wed Jun 21 12:50:42 2017 +0200
pluto: improve duplicate_state debug log msessage
commit 7faf617e18d250373800d0ce0378d09dcaa73edd
Author: Antony Antony <antony at phenome.org>
Date: Wed Jun 21 12:34:38 2017 +0200
pluto: remove a confusing comment
More information about the Swan-commit
mailing list