[Swan-commit] Changes to ref refs/heads/master
Andrew Cagney
cagney at vault.libreswan.fi
Thu Jun 28 13:33:14 UTC 2018
New commits:
commit b087748a142aab2a6eb15d9fe9c2cf90f2ba9db5
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Apr 26 17:10:29 2018 -0400
ikev2: map DH=&ike_alg_dh_none into .st_pfs_group=NULL when accepting response
In IKEv2, a proposal that contains neither INTEG nor DH transforms can
be valid - in both cases it is interpreted as proposing 'none'. When
this happen, common code expects INTEG = &ike_alg_integ_none and DH =
NULL.
This would all be ok except that there's a bug in the proposal code
when --impair allow-null-none [sic]. The result is a core dump
(INTEG=NULL, oops), and the simplest fix ends up also 'fixing' DH (as
in it will be set to &ike_alg_dh_none instead of NULL).
This patch prevents DH = &ike_alg_dh_none getting into common code.
More information about the Swan-commit
mailing list