[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Fri Feb 12 20:50:02 UTC 2021
New commits:
commit b73b22da36b8d63a9b008f60ec0ef24785b2d94b
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Feb 12 15:46:17 2021 -0500
pluto: get_newer_sa_from_connection() should not have numeric assumption
It would check serialno and assume a larger number meant a more recent
state, but this is not always true. An initiating state #1 can end up
established after a responder state #2 finished first, in which #1 is
the latest, since it will be the last one that updated c->newest_isakmp_sa
Basically, whatever is in c->newest_isakmp_sa is per definition the
newest.
More information about the Swan-commit
mailing list