[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Sat May 11 01:29:09 UTC 2019
New commits:
commit d2c3d9f3c960b82fe468b4aa5ad8104ae8d8606a
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri May 10 21:27:20 2019 -0400
testing: fixup newoe-18-private-private-32
It was showing that idle OE connections were getting re-initiated for rekey.
This was due to bad timings. Since idleness is determined by (oddly!)
rekeymargin=, set that value small enough to observe expired OE IPsec SA's
commit be3c17c0db8a56de681cde00c85c79b13d385edb
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri May 10 21:24:25 2019 -0400
IKEv2: expire_ike_because_child_not_used() should use was_eroute_idle()
It was using manual calls to get_sa_info() to determine idleness, but we
have the function was_eroute_idle() for that.
Also leave a note that "idleness" is oddly based on the rekeymargin= value.
No need to address this now, soon we should install softidle timers into the
kernel so the kernel will tell us when an IPsec SA is idle, instead of having
IKE keep asking the kernel and then checking it manually.
commit f32ade09d7caee5a9fc28f80cdbf4a25d1332889
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri May 10 21:22:23 2019 -0400
IKEv2: rewrite documentation of expire_ike_because_child_not_used()
commit d1f512e0a40915a0921af4f32d0bcc8bcb54908f
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri May 10 18:43:20 2019 -0400
pluto: Fix misleading debug message claiming "Liveness" message
It is an Informational message, which could be a liveness message,
but also a Delete message or MOBIKE update message.
More information about the Swan-commit
mailing list