[Swan-commit] Changes to ref refs/heads/main

Paul Wouters paul at vault.libreswan.fi
Tue Jul 6 20:45:15 UTC 2021


New commits:
commit dd6e583da3b9baf6309027ad416a4586507445a3
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 16:41:42 2021 -0400

    IKEv2: Add state machine entry for failed CREATE_CHILD_SA
    
    Previously, we would tear down everything, including the IKE SA
    and other established Child SAs. Now, when receiving a TS_UNACCEPTABLE
    or similar error, only that CREATE_CHILD_SA state is deleted.

commit 21d6686de4e65a75a3fd76a8bd178b425d3b7894
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 16:39:35 2021 -0400

    pluto: Don't delete existing IKE SA of connection instance
    
    In release_dead_interfaces() if the connection was an instance,
    deletion would delete everything associated with it. This is
    fine for a responder cleaning up a roadwarrior, but is too
    aggressive for site-to-site with one end on dynamic IP, so using
    right=%any, causing connection instantiation as well.

commit 36f2c27b0444bc896c6f5754ea4faa68b46ee4b7
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 16:32:13 2021 -0400

    testing: fix comment

commit 961dd5c2594aa1fad3bcddbfec4dc3f294706c9c
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 13:19:19 2021 -0400

    testing: updated TESTLIST

commit 21d8616184c089cee3d17a7f70722879ae40af8e
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 13:12:37 2021 -0400

    testing: updated ikev2-rw-multiple-subnets-4-mismatch

commit 95280350b1f2e91da96c6bbf30e3c0ed73fffe81
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 12:46:43 2021 -0400

    testing: WIP: ikev2-rw-multiple-subnets-4-mismatch
    
    Add impair for revival for now. Revival is interfering and
    causing the subnetS= based conn to be torn down and restarted.
    
    Revival should really only pick the conns that did not work (eg
    road/0x1) and re-add a pending queue item with some backoff mechanism.

commit 0cee63787d06f8b3576681ba3ad6eca76499a366
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 12:45:58 2021 -0400

    testing: updated TESTLIST for ikev2-rw-multiple-subnets-4-mismatch-split-up

commit ff6fc0c9e5517d2817130ccf29616a617b144ba8
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Tue Jul 6 12:45:01 2021 -0400

    testing: added ikev2-rw-multiple-subnets-4-mismatch-split-up



More information about the Swan-commit mailing list