[Swan-commit] Changes to ref refs/heads/master

Andrew Cagney cagney at vault.libreswan.fi
Fri Nov 22 21:07:27 UTC 2019


New commits:
commit 024ac3d7c6d6c932b74a7a4e21c0bea9595dd0b8
Author: Andrew Cagney <cagney at gnu.org>
Date:   Fri Nov 22 10:39:22 2019 -0500

    ikev2 msgids: when the response is STF_FATAL only update the IKE SA's msgids
    
    For instance in ikev2-20-ikesa-reauth:
    
    - initiator sends IKE_AUTH request; re-routes response to new child
    
    - response routed to CHILD SA but auth FAILS so the CHILD is deleted,
      MD.ST is set to the IKE SA, and STF_FATAL is returned
    
    - msgid code can't update the child as it is no more
    
    Arguably the real bug is trying to route the response to the CHILD SA
    before the IKE SA has established.  Later.

commit 7af71cfd47d66307e1740e63456f3e4dc096f1cc
Author: Andrew Cagney <cagney at gnu.org>
Date:   Fri Nov 22 11:58:58 2019 -0500

    ikev2 msgids: share more debug-logging code; if the WIP SA is NULL, log it as lost



More information about the Swan-commit mailing list