[Swan-commit] Changes to ref refs/heads/master

Antony Antony antony at vault.libreswan.fi
Fri Sep 15 13:35:08 UTC 2017 

New commits:
commit b02672ebb25469c7e4003ad8100caa0dc38194ab
Merge: 7097a65 d15292b
Author: Antony Antony <antony at phenome.org>
Date:   Fri Sep 15 07:12:47 2017 +0200

    Merge branch 'pam-timeout'  PAM thread fixes
    
    A few fixes for PAM thread and continue function, for both XAUTH and IKEv2.
    - IKEv1 suspend st when PAM thread is busy, ignoring client re-transmit
    - Add a timer, PAM_TIMEOUT, to cancel PAM thread
    - When the timer expire responder send an AUTH failed notification
    - Workaround(could be improved) to run conintuation when cancelling thread.

commit d15292b9c547bd6c74f5724c4d13b041d5bd2350
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 14 03:39:20 2017 +0200

    xauth: add debug log, time elapsed in pam theread

commit ccb8424a9400a7aee3a17aa3d0a9ae3d71521fd0
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 14 02:08:20 2017 +0200

    ikev1: call set_suspend to prevent re-sending prev reply
    
    While doing PAM work do not reply to re-transmits from the other side.

commit 7c4e562b8ba06587b2e30383b2d0ad0adea266e2
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 14 01:41:16 2017 +0200

    xauth: workaround to call cleanup/continuaation in xauth_cancel
    
    It seems pthread_cancel() does not call the
    thread cancellation clean-up handlers. It is noted in 3665392f5

commit 8432bb8ed3ffc5f5930fc77d0c350031f9dfa712
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 14 00:00:47 2017 +0200

    xauth: add PAM_TIMEOUT event
    
    	add a timer event PAM_TIMEOUT, in the main thread
    	if the timeout fires timeout cancel pam thread

commit 8e4bdf4610cd2e02f098b68602d08b47724e4c79
Author: Antony Antony <antony at phenome.org>
Date:   Wed Sep 13 23:53:48 2017 +0200

    xauth: keep track of the event created in xauth_thread_cleanup
    
    otherwsise struct *event will leak.

commit 5f3c6aee769856f7aa6bbe20d1346006a45f4566
Author: Antony Antony <antony at phenome.org>
Date:   Wed Sep 13 13:53:22 2017 +0200

    testing: add xauth-pluto-20-pam-timeout ikev2-child-restart-mismatch

commit 7097a65bfd56b161070135a8abac50bc676fb328
Author: Antony Antony <antony at phenome.org>
Date:   Wed Sep 13 03:19:12 2017 +0200

    pluto: pending child, when deleting parent, restart only if necessary
    
    When the parent is deleted,
    A pending child states should only restart connection if necessary,
    e.g rekey=yes, and it serial is  > newest_ipsec_sa

More information about the Swan-commit mailing list