[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Sat Apr 3 23:58:42 UTC 2021
New commits:
commit 0cc0153e36dae1b075571febca6dea1f8dfc755e
Merge: f2e8b33 a08714d
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Apr 3 19:58:12 2021 -0400
ikev2: include the ID in psk auth messages
Merge commit 'a08714dd3fa0610092a87ebb76be774dc79bcf79'
commit a08714dd3fa0610092a87ebb76be774dc79bcf79
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Apr 3 11:14:21 2021 -0400
testing: expect authenticated using authby=secret and peer ID* '...'
commit 53602c445a9708ddacd1f5749acfde1e2a7ccf3b
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Apr 3 09:10:08 2021 -0400
ikev2: rework PSK auth code and log message
Include the [peer's] ID and string to PSK authentication messages vis:
authenticated using authby=secret and peer ID_FQDN '@west'
which makes the line:
IKEv2 mode peer ID is ID_FQDN: '@west'
redundant.
Also:
- rename ikev2_verify_psk_auth() -> v2_authsig_and_log_using_psk()
since it always logs an authentication message
- in ikev2_calculate_psk_sighash() use .st_sa_role X VERIFY to select
keying material; not .st_state magic
- drop more reundant log lines
- specify RC_LOG_SERIOUS
- prefix with "authentication failed: ..." or "authenticated using"
- posfix with the ID's type and string
- don't pass a logger to get_connection_{psk,ppk}()
(which means it can't log)
commit c8b29c658d8ee6b229d27ce98d2088918dc56a8a
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Apr 2 14:54:42 2021 -0400
ikev2: move v2_authsig_and_log() to ikev2_auth.[hc]
More information about the Swan-commit
mailing list