[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Wed Jul 7 17:34:10 UTC 2021
New commits:
commit 45f0b7223d0c9319c8f36fe835f3839ca4461ea8
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Wed Jul 7 13:32:39 2021 -0400
testing: fixup ikev2-rw-multiple-subnets
Test now passes.
commit bfc51288969645f5d78179b22252466f3a245551
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Wed Jul 7 13:28:18 2021 -0400
IKEv2: When considering matching ID, assume connaliases match
Before, two connection aliasses (eg subnetS=) on the responder
with %any %formcert would have one instantiating, and then later
when checking if the 2nd alias conn matches the ID of the first
one would fail because the %fromcert in one had been updated to
the received ID and the other conn was still in %fromcert state.
This caused a responder with rightsubnets= and right=%any to
return TS_UNACCEPTABLE for all but the first connection.
Resolves: https://github.com/libreswan/libreswan/issues/470
(in combination with 1b7b62f21e3d3ad9457de9e910aa48002368898a)
More information about the Swan-commit
mailing list