[Swan-commit] Changes to ref refs/heads/main

Paul Wouters paul at vault.libreswan.fi
Fri Oct 23 01:13:36 UTC 2020 

New commits:
commit 078a64164df1ab16de71ffd40d13e1033750217f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 21:12:18 2020 -0400

    building: Introduce USE_IKEv1= (default true) to disable IKEv1 at compile time.

commit 1e044c9d7a95eb78875f56518e5d7dc7355e8753
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:18:20 2020 -0400

    building: Some XAUTH -> PAMAUTH changes
    
    - Rename XAUTH_HAVE_PAM to AUTH_HAVE_PAM
    - Rename some functions from xauth* to pamauth*
    
    This is so we can see more clearly which is really XAUTH and which
    is just pam auth. As pam auth is used by IKEv1 xauth and by IKEv2
    pam-authorize.

commit 5770304974dc6d4bb5f366fe3e0909619a0522b0
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:53:07 2020 -0400

    pluto: should_send_delete() used in IKEv1 and IKEv2 uses IKEv1 macros
    
    It used IS_ISAKMP_SA_ESTABLISHED() which will not find IKEv2 established
    states. Use IS_IKE_SA_ESTABLISHED() instead which covers both.

commit ab3e092aab4d9ff8e22ee98cdab5baf4b20bffca
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:42:00 2020 -0400

    pluto: in show_kernel_alg_connection() don't use IKEv1 function.
    
    This code is also called for IKEv2, so should not call ikev1_quick_pfs()
    
    This is to show a different strong for PFS between parent and child.
    
    This isn't supported anyway, so I am not sure this code was ever called
    as intended. For IKEv2 it will not print "<Phase1>" without calling
    ikev1_quick_pfs() that always resulted in NULL and then printing "<Phase1>"
    anyways.

commit d491a68dbfb8bec138bb2d635e92277e5bc86ec4
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:40:01 2020 -0400

    pluto: Simplify outgoing function check for IKE version in ipsecdoi_initiate()

commit 8e165018a383a954bf7b8fd39765b91598c4bad7
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:36:33 2020 -0400

    pluto: rename ikev1 pcr_copute functions
    
    rename pcr_compute_dh_iv() and pcr_compute_dh() to pcr_compute_dh_iv_v1()
    and pcr_compute_dh_v1()

commit f8dec53d26c76e08b6e9502850195f4c774796ca
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:33:03 2020 -0400

    pluto: rename schedule_next_child_delete() to ikev2_schedule_next_child_delete()

commit 905c376b6dade8dd37b0a67a69e1c95548a1cb3c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:24:32 2020 -0400

    building: re-group some ikev1/ikev2 .o files in programs/pluto/Makefile

commit ed660b6f229ce99da662a4a8a184c512ba31f926
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 22 19:09:34 2020 -0400

    pluto: In connection_check_phase2(), don't look for states of wrong IKE version

More information about the Swan-commit mailing list