[Swan-commit] Changes to ref refs/heads/master

Antony Antony antony at vault.libreswan.fi
Mon Apr 6 05:41:25 UTC 2020 

New commits:
commit c620a4229610795efff215429c71cc0f12a27a5b
Author: Antony Antony <antony at phenome.org>
Date:   Sat Apr 4 22:18:26 2020 +0000

    ikev2-child-rekey-08-deadlock

commit cb7ec6ca0a882c84f65653c1ddaa78b31820ca87
Author: Antony Antony <antony at phenome.org>
Date:   Sat Apr 4 22:17:45 2020 +0000

    ikev2-child-rekey-07-deadlock

commit 9d6040831c59f36f1d485879234ca4b44fb94e91
Author: Antony Antony <antony at phenome.org>
Date:   Sat Apr 4 18:11:24 2020 +0000

    testing: ikev2-child-rekey-06-deadlock remove iptable LOG
    
    -j LOG is inconsitant between namespace and kvm testrun.
    It is not really necessary, so comment it. It could be handy to run the
    test manually.

commit d8573b79f7b2c13c7a886d441d5f4742d4cb25de
Author: Antony Antony <antony at phenome.org>
Date:   Fri Apr 3 10:52:34 2020 +0000

    testing: ikev2-child-rekey-07-deadlock

commit a6a3bccf68e6c388c0bd41fa63c4363801380800
Author: Antony Antony <antony at phenome.org>
Date:   Fri Apr 3 09:25:20 2020 +0000

    ikev2: insert new v2D message to the tail of pending v2D requests
    
    optimized to send out v2D message before v2_CREATE_CHILD_SA jobs.
    Delete would also get a quicker response from the other end, because,
    there are no crypto operations i.e. v2DH,KE,nonce to respond to
    a  v2_INFORMATIONAL request.
    
    this queue may have v2_CREATE_CHILD_SA or/and v2_INFORMATIONAL (v2D).
    add new v2_INFORMATIONAL, v2D request to the tail of v2D requests,
    instead adding to the tail of the queue.

commit a5fa7aedd2fb6488ce64c3b2d9f065ff673d9c92
Author: Antony Antony <antony at phenome.org>
Date:   Mon Mar 23 18:13:37 2020 +0000

    ikev2: queue up IKEv2 informational, delete, message instead of jamming
    
    Pluto, when initiating a new IKEv2 informational, an IKEv2
    Delete child message(v2D), initiator did not check un-acknowledged messages.
    It would just jam and violate IKEv2 window of one. The result is
    rekey response would be dropped, and message window would jump.
    
    now the v2D message would be queued when there is unacknlowledged message.

More information about the Swan-commit mailing list