[Swan-commit] Changes to ref refs/heads/master
Andrew Cagney
cagney at vault.libreswan.fi
Sat Jul 7 16:54:27 UTC 2018
New commits:
commit d26d2c02f46537397cf0bbb2d4d3d4451bb28ae3
Merge: 2b1e481 f0e2d05
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Jul 7 12:47:10 2018 -0400
kernel: filter out unsupported algorithms like RIPEMD (unless so configured)
kernel_alg.c was adding algorithms to the kernel algorithm db without
first checking if pluto is configured to support them.
This sets things up for all sorts of far more interesting changes:
- store ike_algs in the kernel algorithm db (and not
SADB/netkey centric structs)
- delete yet more magic switches that map between SADB and IKEv[12] values
- fixing (by deleting, see above) code that only builds when certain
SADB algorithms are present
- sorting out NULL_KAME
Merge commit 'f0e2d057ec3d73d6880b15cb639d6f17191d8a9a'
commit f0e2d057ec3d73d6880b15cb639d6f17191d8a9a
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Jul 6 21:35:58 2018 -0400
testing: don't expect RIPEMD or NULL_AUTH_AES_GMAC (when fips)
commit 6ac7d16c93fe447e0a529571bc381a25b38874bb
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Jul 6 21:34:05 2018 -0400
kernal: discard unsupported algorithms returned by netkey/sadb
Namely RIPEMD and NULL_AUTH_AES_GMAC (when FIPS).
Fortunately the algorithm parser would reject any attempts to use them.
More information about the Swan-commit
mailing list