[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Mon Oct 22 12:48:04 UTC 2018
New commits:
commit 47a4017d59d758373065cf7ea3f03351983e8309
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 14:46:51 2018 +0200
testing: dist_certs.py: add west variant west-eku
west-eku has only the Windows IPsec Protection EKU without serverAuth or clientAuth
commit af20913907dd3b1932cb9b272e7955f416c1edce
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 14:46:13 2018 +0200
testing: added ikev2-x509-02-eku to TESTLIST
commit 8c3a5b684e3d8bf76dbf84a2ddc0d4bad5fc2be1
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 14:44:59 2018 +0200
testing: Added ikev2-x509-02-eku
This tests certificates with non-empty EKU that does not contain either
serverAuth or clientAuth, for libreswan/nss with support for NSS
IPsec profiles.
See also:
https://bugzilla.mozilla.org/show_bug.cgi?id=1252891
https://bugzilla.redhat.com/show_bug.cgi?id=1639404
commit 420be83bc6a5b10e2cd4d6ca41cf3ac6bf0c929a
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 14:16:40 2018 +0200
testing: cleanup comments from ikev2-x509-01
commit 64fc51f8077822913e057cd4fb85bf93ad4abdf3
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 11:15:00 2018 +0200
testing: conn west-east-x509 should not use leftcert= and rightcert=
Because these certs should come in via IKE and get validated by NSS
and not simply matched as EE cert used from a preloaded cert.
commit bb148ad3d40ecec319a1fae413abc05d7b6f0172
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 11:13:56 2018 +0200
testing: fixup ikev2-x509-01
Don't keep east + west certs on both east and west.
Don't set leftcert= and rightcert= on both ends (via deep also= statement)
commit 2401fee80eba7e184925ecbd413fc17a716474c9
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Oct 22 10:30:22 2018 +0200
pluto: clarify a log message
More information about the Swan-commit
mailing list