[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Sun Feb 28 03:41:41 UTC 2021
New commits:
commit 06b3aa7e49c3678cabbaeffa83725bdffc11b685
Author: Kavinda Wewegama <kavinda.wewegama at forcepointgov.com>
Date: Sat Feb 27 02:23:20 2021 -0600
pluto: fix bug where an extra SPD entry was created with the incorrect security label
* SPD entries should only have labels specified in `policy-label` of
connection configurations.
Signed-off-by: Paul Wouters <pwouters at redhat.com>
commit 88b2c79668a833c0f59211c81136ab8bded11b3b
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Feb 27 22:27:53 2021 -0500
pluto: Labeled IPsec: first check exact matching policy before calling within_range()
The within_range() call otherwise fails in SElinux enforcing mode because it is
not valid for the policy label configured, only the policy labels that are
constructed from the ACQUIREs obtained.
commit 31ca65bcbfd7c31264babccd2cf26374589e452a
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Feb 27 22:27:38 2021 -0500
testing: labeled ipsec test updates
commit 8a18bda6eb0b6d0c97594bf4acf0b7f06a115e63
Author: Kavinda Wewegama <kavinda.wewegama at forcepointgov.com>
Date: Sat Feb 27 01:24:16 2021 -0600
pluto: simplify security label check logic per code review feedback
Signed-off-by: Paul Wouters <pwouters at redhat.com>
commit d53918c5f51fbb32500ae4a897001c38e889ea50
Author: Kavinda Wewegama <kavinda.wewegama at forcepointgov.com>
Date: Thu Feb 25 21:11:12 2021 -0600
pluto: address code review comments
Signed-off-by: Paul Wouters <pwouters at redhat.com>
commit 441691e3a5398cf5723fa7f6dbb27c1d7482c604
Author: Kavinda Wewegama <kavinda.wewegama at forcepointgov.com>
Date: Tue Feb 23 19:02:19 2021 -0600
pluto: fix IKEv2 labeled IPsec issues at Responder
* Use the TS_SECLABEL security label arriving from the Initiator for the
child/IPsec SA instead of the `policy-label` from the connection
configuration.
Signed-off-by: Paul Wouters <pwouters at redhat.com>
More information about the Swan-commit
mailing list