[Swan-commit] Changes to ref refs/heads/master

Andrew Cagney cagney at vault.libreswan.fi
Tue Jun 16 19:13:36 UTC 2020


New commits:
commit 59e543cbffb459826cc90eca66fba2b11cf3fda7
Author: Andrew Cagney <cagney at gnu.org>
Date:   Tue Jun 16 15:06:31 2020 -0400

    iface: don't flag {left,right}ikeport as needing IKE encapsulation prefix
    
    This is so that outgoing packets will interop with port 500.
    Like for port 4500, incomming packets to {left,right}ikeport
    are allowed to have an IKE encapsulation prefix.
    
    There's a bigger problem here - code is looking at the local
    interface's .add_ike_encapsulation_prefix when deciding if the ESP=0
    prefix is allowed/required but what determines this is some combination
    of the protocol, remote port number, and havnig espin* enabled.
    
    Later.



More information about the Swan-commit mailing list