[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Fri Dec 24 20:23:21 EET 2021
New commits:
commit 865facabff6b5acc5a2ec4a8fbc2c975f29041de
Merge: 919204a9de 755cff7b46
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Dec 24 13:23:03 2021 -0500
ikev1: when checking peer, don't stomp on the connection's that.cert
Merge commit '755cff7b46c6cce352b7658aacd636ca3965d076'
commit 755cff7b46c6cce352b7658aacd636ca3965d076
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Dec 24 13:21:30 2021 -0500
testing: expect peercert=<nick> when the cert was in the config file
commit 291c6700b9d6dfab9ae7e7d52937de2d8e10f216
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Dec 24 11:08:57 2021 -0500
ikev1: when checking peer, don't stomp on the (instance) connection's that.cert
This is consistent with IKEv2.
The .st_remote_certs.verified field contains the cert.
One asthetic change is that, when the cert comes from the wire,
peercert=<nickname> no longer appears when showing an spd_route
(peercert is a host, not client, thing anyway).
More information about the Swan-commit
mailing list