[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Sat Aug 7 23:42:29 UTC 2021
New commits:
commit f81804ac4513f75cc81c4274443b848a11e320d8
Author: Andrew Cagney <cagney at gnu.org>
Date: Sat Aug 7 13:34:31 2021 -0400
whack: use the whack message's .sec_label
... instead of the redundant whack end's .sec_label (drop the latter).
Only thing wrong with the field was the lack of pickling.
If the sec_lable fails vetting, reject the connection (was stumbling
on). Given FIPS / SElinux are in play this is safer.
Add the field connection .config .sec_label potentially freeing up
connection .spd .{this,that} .sec_label for just negotiation.
More information about the Swan-commit
mailing list