[Swan-commit] Changes to ref refs/heads/main

Paul Wouters paul at vault.libreswan.fi
Thu Jul 9 01:31:39 UTC 2020 

New commits:
commit 6dfa073c0dbb297ebd1904cd83ed6aac28bd66ce
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Jul 8 21:31:02 2020 -0400

    testing: update for ipsec status for non-tcp tests

commit 9f160676da0e9cd51f4727484a1a3dcdb8bd3407
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Jul 8 21:29:36 2020 -0400

    testing: update tcp test cases
    
    - change the old listen-tcp=4500 to listen-tcp=yes
    - update for new sanitizer for socket
    - other minor diffs I can't explain but seem right

commit 5a0fa11d80cbcb19d2fc93e46f9b5e417f039e3b
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Jul 8 21:29:02 2020 -0400

    testing: sanitizer: handle socket numbers that can change.

commit e1cebcc60d6a3993ff0816e87291420a8ecab5cd
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Jul 8 21:22:47 2020 -0400

    pluto: remove ikeport/nat-ikeport, add listen-udp/listen-tcp
    
    Moving UDP 500 to another port does not work anyway, because then
    it would not use the non-ESP marker. Moving the global nat-t port
    also makes less sense, since we can add them per connection now anyway
    with leftikeport/rightikeport.
    
    What does make sense is an option to enable/disable the global listen
    ports for UDP or TCP.
    
    This also frees up the --ikeport for whack to be used for the leftikeport/
    rightikeport options.
    
    In "ipsec status", remove the ikeport= output, and in the interface list,
    add UDP or TCP to indicate which protocol it is listening for.
    
    Note: It seems the nat_traversal.c code sometimes compared against
    pluto_nat_port, which won't work when custom ikeports are used. This
    will need fixing.

commit 8cae1e59dd7c3a51ecdca946aa1b9135f7cb4c4b
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Jul 8 21:21:58 2020 -0400

    pluto: minor fixup to obsolete protostack= value logging

commit fee1ccc0d62151c224809b9a1b02ed1ee4cda354
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Jul 8 21:18:20 2020 -0400

    documentation: updated CHANGES

commit 31a6b70cdf2d4f95fca786dbd0565e02bdf67c3c
Author: Vukasin Karadzic <vukasin.karadzic at gmail.com>
Date:   Wed Jul 8 16:03:43 2020 -0400

    IKEv2: redirect - don't reply on failure to read informational request
    
    Signed-off-by: Paul Wouters <pwouters at redhat.com>

More information about the Swan-commit mailing list