[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Sun Feb 11 00:20:33 UTC 2018
New commits:
commit 66f84cfeef57d3564eea9471194ff311dcd3c63e
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Feb 10 19:16:43 2018 -0500
IKEv2: fix anonymous IKE SA state counting.
When deleting, a state could end up without st_connection when
it was getting counted. Connection was used to determine anonymous
versus authenticated state. So instead, mark anonymity on the
state (st_ikev2_anon) and ensure all child states copy that marker.
Then categorize_state() does not need connection anymore.
Also base anonymous states on AUTH_NULL and not on POLICY_OPPORTUNISTIC,
since we can have authenticated opportunistic connections.
commit 4dd4d058c4e2ce5241755551e3ef09bf324fda26
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Feb 10 19:15:54 2018 -0500
pluto: only call update_state_stats() for actual state change
This resolves a comment left by Hugh
commit 9d104d37930cdb9b305fdd0c8251bd84f686edde
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Feb 10 18:41:52 2018 -0500
testing: newoe-18-poc-poc modified to check IKE/IPsec SA counters
The timing is a little tricky, and is now based on the fact that
east seems to run final.sh before it runs final on the others.
More information about the Swan-commit
mailing list