[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Tue Jul 6 20:45:15 UTC 2021
New commits:
commit dd6e583da3b9baf6309027ad416a4586507445a3
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 16:41:42 2021 -0400
IKEv2: Add state machine entry for failed CREATE_CHILD_SA
Previously, we would tear down everything, including the IKE SA
and other established Child SAs. Now, when receiving a TS_UNACCEPTABLE
or similar error, only that CREATE_CHILD_SA state is deleted.
commit 21d6686de4e65a75a3fd76a8bd178b425d3b7894
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 16:39:35 2021 -0400
pluto: Don't delete existing IKE SA of connection instance
In release_dead_interfaces() if the connection was an instance,
deletion would delete everything associated with it. This is
fine for a responder cleaning up a roadwarrior, but is too
aggressive for site-to-site with one end on dynamic IP, so using
right=%any, causing connection instantiation as well.
commit 36f2c27b0444bc896c6f5754ea4faa68b46ee4b7
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 16:32:13 2021 -0400
testing: fix comment
commit 961dd5c2594aa1fad3bcddbfec4dc3f294706c9c
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 13:19:19 2021 -0400
testing: updated TESTLIST
commit 21d8616184c089cee3d17a7f70722879ae40af8e
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 13:12:37 2021 -0400
testing: updated ikev2-rw-multiple-subnets-4-mismatch
commit 95280350b1f2e91da96c6bbf30e3c0ed73fffe81
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 12:46:43 2021 -0400
testing: WIP: ikev2-rw-multiple-subnets-4-mismatch
Add impair for revival for now. Revival is interfering and
causing the subnetS= based conn to be torn down and restarted.
Revival should really only pick the conns that did not work (eg
road/0x1) and re-add a pending queue item with some backoff mechanism.
commit 0cee63787d06f8b3576681ba3ad6eca76499a366
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 12:45:58 2021 -0400
testing: updated TESTLIST for ikev2-rw-multiple-subnets-4-mismatch-split-up
commit ff6fc0c9e5517d2817130ccf29616a617b144ba8
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Jul 6 12:45:01 2021 -0400
testing: added ikev2-rw-multiple-subnets-4-mismatch-split-up
More information about the Swan-commit
mailing list