[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Sun Nov 8 04:00:59 UTC 2020
New commits:
commit cbfd173fb580eb20de6f16caa6b323b17de89a41
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Nov 7 22:54:17 2020 -0500
Revert "ikev2: in ikev2_child_outI() use submit_ke_and_nonce()"
Again notice how this is using .st_oakley.ta_dh, and not the pfs group.
- case STATE_V2_REKEY_IKE_I0:
- request_ke_and_nonce("IKE REKEY Initiator KE and nonce ni",
- st, st->st_oakley.ta_dh,
- ikev2_child_outI_continue);
- break; /* return STF_SUSPEND; */
This reverts commit 3ebd6bef643485d43c48fdc019fa120d00d296d9.
commit 3b96a696267a0d78cc1f638b6835742abf3eb457
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Nov 7 22:51:29 2020 -0500
Revert "ikev2: in ikev2_child_inIoutR() use submit_ke_and_nonce()"
Notice how the old code checks if .st_pfs_group is non-NULL, but then
passes in .st_oakley.ta_dh:
- if (child->sa.st_pfs_group != NULL) {
- request_ke_and_nonce("Child Responder KE and nonce nr",
- &child->sa, child->sa.st_oakley.ta_dh,
- ikev2_child_inIoutR_continue);
- } else {
- request_nonce("Child Responder nonce nr",
- &child->sa, ikev2_child_inIoutR_continue);
- }
Something subtle going on that the patch didn't mimic.
This reverts commit 77fab9906b5b20800f35a696e344611e28a5ec4a.
More information about the Swan-commit
mailing list