[Swan-commit] Changes to ref refs/heads/master

Antony Antony antony at vault.libreswan.fi
Mon May 22 18:48:53 UTC 2017 

New commits:
commit f75de1d83274d40b8283d103ef2d3c1326251549
Merge: 48cf18e 4a3dd32
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 20:47:02 2017 +0200

    Merge branch 'ikev2-liveness-hold'
    
    fixes to ikev2 liveness action=hold
    improve delete state loggging

commit 4a3dd32899eb905a8de65f6f8899942ee9e59062
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 00:33:20 2017 +0200

    ikev2: fix liveness/dpd action hold and cleanup liveness logging

commit 6526eb96abe58e0a7ccd5fd459d3542778c4b9ae
Author: Antony Antony <antony at phenome.org>
Date:   Fri May 19 17:54:01 2017 +0200

    pluto: refactor delete_state to log details
    
    log sending delete notifiction while deleting a state.

commit 625c91ad2aeeefa037628ae8cee0e50b283e5867
Author: Antony Antony <antony at phenome.org>
Date:   Fri May 19 23:59:57 2017 +0200

    testing: ikev2 dpd action hold tests

commit 48cf18eecd3746495c06788c074cc0e4c8ee3c71
Merge: ec0ed22 9da04e4
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 20:45:48 2017 +0200

    Merge branch 'ikev2-dnsoe'

commit 9da04e4ec56634d34e6b0bcf0266975c626433c1
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 20:04:39 2017 +0200

    testing: update from ikev2-fetch-ipseckey

commit cdfde86746c4d982b04360e0a4095d1b9e3a927e
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 20:01:36 2017 +0200

    ikev2: add support for fetching ipseckey from dns
    
    The pluto fetch DNS rr IPSECKEY and add it to pluto publickey store.
    USE_DNSSEC must be defined, and linked with libunbound and ldns
    librearies.
    
    Unbound use libevent asynchronous calls to fetch IPSECKEY RR.
    ldns is used to parse libunbound wireformat output.

commit 2ede905f42effa728d580986343b9effee16d530
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 20:00:43 2017 +0200

    dnssec: update addconn using unbound_resolve

commit ed89ce96b77a18e7e8061b81b6041ff196037578
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 19:59:49 2017 +0200

    makefile: add USE_DNSSEC to programs/pluto/Makefile

commit 50412035e8119fb969ad36c0e0d12bb1eb00a33c
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 19:58:18 2017 +0200

    dnnsec: update unbound.c make dnsondemand optional

commit 6a25ede831345385b320c754a5a0fbfe83d17b58
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 19:56:59 2017 +0200

    dnssec: add publickey constants and remove KEY RR

commit f313926814c34fea872178aca28690be3c4ceb4b
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 19:56:31 2017 +0200

    dnssec: update include/dnssec.h

commit f98881b731f3281d264e85130cdbae8c5573c56f
Author: Antony Antony <antony at phenome.org>
Date:   Mon May 22 19:54:34 2017 +0200

    Makefile: add USE_DNSSEC

commit 719da8e918931ffaa34e4a7da388955ad0d5c8b6
Author: Antony Antony <antony at phenome.org>
Date:   Mon Mar 20 08:39:36 2017 +0100

    Makefile: add -lldns. may be create a new variable for it?

commit 6b3c3e89b10174b8ac9c53af4c658fc4280d4ab8
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Apr 7 16:47:50 2017 -0400

    config: add dnssec-options in config file
    
    Add more options to support dnssec validaion in libreswan.
    dnssec-enable, dnssec-rootkey-file, dnssec-anchors

commit 07028768e1e67755eb780e2c15a85e646bc1a832
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Apr 4 21:11:06 2017 -0400

    building: add copy unbound-event.h work around broken unbound installs
    
    USE_UNBOUND_EVENT_H_COPY?=true option to work around libunbound
    installation missing unbound-event.h

commit 8136eb6f5eb2d55d7adee59050b9569a96736728
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Apr 4 20:37:04 2017 -0400

    packaging: add dependency on ldns and for fedora unbound-devel version
    
    The ldns code is used for the new DNS parsing code for IPSECKEY
    
    The unbound version in fedora is needed to work around a bug where
    the unbound-devel package does not install unbound-event.h. In
    debian and RHEL/CentOS, this bug is not yet fixed so we cannot yet
    put in minimum package versions. However, for RHEL we will package
    and ship fixed versions in download.libreswan.org RHEL repositories,
    also because the 1.4.20 version in RHEL6 and RHEL7 is missing the
    unbound-event.h support.

commit 95d0ca95eec25d94947cc59191669e6dd749eca7
Author: Antony Antony <antony at phenome.org>
Date:   Wed Mar 22 13:16:00 2017 +0100

    ikev2: add bit more logging for STF_SUSPEND
    
    It helps when debugging with multiple states

More information about the Swan-commit mailing list