[Swan-commit] Changes to ref refs/heads/main

Paul Wouters paul at vault.libreswan.fi
Fri Sep 25 02:34:33 UTC 2020 

New commits:
commit 3038c586c4c6f530393d2aef0b1d5241f30a4c5d
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 22:32:36 2020 -0400

    setup: fixup 216e62360a746 that broke "ipsec restart" in namespaces
    
    It error'ed with "unknown initsystem 'namespaces'.
    
    run whack --shutdown to stop and ipsec pluto to start again.

commit d54ea37ea9f7a98c8d0a0c4f809eea53cb9fd8b3
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 22:32:01 2020 -0400

    pluto: skip testing it conn is better than ourselves in refine_host_connection()

commit c56c9688f073174bf6d6a18df4ccf6a826bcbe20
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 22:31:08 2020 -0400

    Revert "X509: don't try to match up ID on SAN when ID type is ID_DER_ASN1_DN"
    
    This reverts commit ce787640e439c05d0b4af278c03331966be589a3.

commit ee5b5f89ab556b2f65d91aebd4c09e5933f32768
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 22:05:20 2020 -0400

    testing: ikev2-48-nat-cp-start  give test a bit more start up time.
    
    console output commited showed a ping fail because auto=start was
    still starting up. Wait 10s so slow VMs can come up in time too
    and update console to expect working pings.

commit 20691d04d4cf24e0e7f2a0d286cb9bc84d33051c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 22:04:39 2020 -0400

    testing: ikev2-ikeport-04-rw-nat-initiator  was using obsolete LOGDROP

commit 271e9ef08f62fc3565844c2677f38e7ea5e50c52
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 22:00:04 2020 -0400

    testing: fixup ikev2-59-multiple-acquires-alias for UP policy
    
    From a while ago where ipsec auto --start adds the UP policy

commit cebee921c76ddd5b2dcf7dba0473200d57246d91
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 21:57:42 2020 -0400

    testing: fixup ikev2-03-basic-rawrsa-ckaid for namespaces
    
    you cannot rm /etc/ipsec.secrets since it is a bind mount. Truncate
    it instead.

commit e2334d2e407ec9000ad78c3b40679db9769be9f2
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 24 21:54:38 2020 -0400

    testing: fixup ikev2-03-basic-rawrsa-rsasigkey for namespaces
    
    you cannot rm /etc/ipsec.secrets since it is a bind mount. Truncate
    it instead.

More information about the Swan-commit mailing list