[Swan-commit] Changes to ref refs/heads/master

D. Hugh Redelmeier hugh at vault.libreswan.fi
Sun Feb 24 21:06:05 UTC 2019

New commits:
commit 1c5ad72ce4f8f86e4954384a6bd4d8a8cb5c4a70
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Feb 24 16:02:06 2019 -0500

    pluto: nss_cert_verify.c: rework log_bad_cert and verify_end_cert
    Lack of NSS documentation made this hard.
    - Report each error in list, not just first (suppressing contiguous duplicates).
      Funny thing: it may be that all entries in list are the same!
    - add the profile (IPSec / TLS Client / TLS Server) used to the log message
    - make the control and data flows clearer (not clear).
    - loop over each profile to use (don't try IPSec profile separately)
    - add lots of passerts and pexpects and warning comments
    - avoid leaks present in old code

More information about the Swan-commit mailing list