[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Fri Jul 23 21:56:42 UTC 2021
New commits:
commit 70f6bee6f2e4393a9c9bcb1a6a70010f9b549ba1
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Jul 23 17:56:21 2021 -0400
testing: updated TESTLIST
commit a5eb5418ca11fdf97d9a3d01d033c93ad38ba366
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Jul 23 17:55:44 2021 -0400
testing: added ikev2-labeled-ipsec-05-any
commit cdbf203f8411f663f083d8609b2d4d9d4ac70d24
Author: Kavinda Wewegama <kavinda.wewegama at forcepoint.com>
Date: Thu Jul 22 21:04:33 2021 -0500
pluto: fix bug in labeled IPsec and peer wildcard IP interaction
This fix implements the following desired behavior:
- A connection configured with a peer wildcard IP (`%any`) and labeled
IPsec (`policy-label`) is a template (`CK_TEMPLATE`) for both of these
reasons. Call this template T1.
- When that T1 gets instantiated with just an actual peer IP, the new
`struct connection` needs to also be a template due to its label being
the same as `policy-label`. Call this new template T2.
- T2 is later instantiated with a specific label used for network
transmission (i.e. NOT `policy-label`) to get an instance
(`CK_INSTANCE`).
Signed-off-by: Paul Wouters <paul.wouters at aiven.io>
More information about the Swan-commit
mailing list