[Swan-commit] Changes to ref refs/heads/master

Andrew Cagney cagney at vault.libreswan.fi
Tue Jun 9 12:39:13 UTC 2020


New commits:
commit 156bc32b6222f063c9f6166a90490ed4b4df1bd9
Author: Andrew Cagney <cagney at gnu.org>
Date:   Mon Jun 8 18:42:44 2020 -0400

    ikev2: add STF_V2_DELETE_EXCHANGE_INITIATOR_IKE_SA, to trigger deleting the IKE_SA
    
    When an IKE_AUTH response authenticates but contains an unacceptable
    child an additional delete notification is required.  Returning this
    will trigger a delete IKE SA notification.
    
    (technically, and in theory, since the IKE SA is established it can
    hang around and just the child needs to be deleted (allowing further
    CHILD SAs to establish) - later)
    
    The current implemention fiddles the Message IDs so that
    delete_state() can do a record'n'send.  It should really trigger a
    delete transition.
    
    While not visible in the whack output (why not?); the code then
    typically triggers a revive-cons.



More information about the Swan-commit mailing list