[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Mon Sep 17 02:45:29 UTC 2018
New commits:
commit 16110828b5de9d5e34c24938fd8b329b1de72039
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 16 22:42:40 2018 -0400
libswan: switch unbound code from ub_ctx_add_ta_autr() to ub_ctx_add_ta_file()
For an as of yet unexplained reason, on fedora 28 at least, the function
ub_ctx_add_ta_autr() causes pluto to not initiate the listen() code properly.
As the system OS should be doing the updating of the trust keys file anyway,
using ub_ctx_add_ta_file() should be fine. But once the bug causin this has
been found, things should be moved back again to ub_ctx_add_ta_autr()
commit d3248e4a0c4ef49a69868541fab2d05cdb676717
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 16 22:41:34 2018 -0400
libswan: remove workaround for unbound < 1.4.12 because we now need >= 1.5.0 anyway
This workaround would define ub_ctx_add_ta_autr() to ub_ctx_add_ta_file()
The first one can support RFC-5011 rollover if it can write to the file.
More information about the Swan-commit
mailing list