[Swan-commit] Changes to ref refs/heads/main

Andrew Cagney cagney at vault.libreswan.fi
Thu Jul 29 12:12:19 UTC 2021


New commits:
commit 922efb8f3b900ead4a7a6c2314d76bfb93ff5e6d
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 22:16:12 2021 -0400

    ikev2: in CREATE_CHILD_SA responder return TS_UNACCEPTABLE when install fails

commit 53a8d0a293980ae874052baff782edfe8e686b34
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 22:06:46 2021 -0400

    ikev2: in IKE_AUTH responder, install SA before emitting response
    
    and return TS_UNACCEPTABLE if that doesn't work

commit 2ad38edb5a117494f50f318992b9ec8d484c5233
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 21:50:33 2021 -0400

    ikev2: sprinkle const over emit_v2_child_response_payloads()
    
    and return bool, only result is fatal error

commit 0e2061e98dea6b9d82c47fdb494b29652e962486
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 21:47:36 2021 -0400

    ikev2: compute keys in process_v2_child_request_payloads()
    
    ... and log
    
    In emit_v2_child_response_payloads(), was logging values
    before they were computed.

commit 52f7eeb710e07d288adefb6721d08a5a3b334906
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 21:39:50 2021 -0400

    ikev2: emit ESP_TFC_PADDING_NOT_SUPPORTED in emit_v2_child_response_payloads()
    
    Responder only emitted it in IKE_AUTH (and regardless of Child).

commit d4d9ee77b77f74c0bc04ebad2271551c61db64af
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 21:24:17 2021 -0400

    ikev2: move ipcomp to process_v2_child_request_payloads()

commit 4bc1aed01d4053661783503c1b852f0801c4c444
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 21:07:17 2021 -0400

    ikev2: compute child's CPI before calling emit_v2_child_response_payloads()

commit b20a395f58dde7853616f2ef184178ca824d16f8
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 20:08:38 2021 -0400

    ikev2: move transport check to process_v2_child_request_payloads()
    
    - rename .st_seen_use_transport -> .st_seen_and_use_transport_mode
      only set when transport mode is being used
    - drop likely dead code in IKE_AUTH emitting USE_TRANSPORT_MODE based
      on the IKE's policy (likely dead)
    - set proto_info to transport mode as needed
    - greatly simplified emit_v2_child_response_payloads() emits
      USE_TRANSPORT_MODE when .st_seen_and_use_transport_mode

commit 15386210cd756450d7ae191c396400b861e1e86f
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Jul 28 19:26:22 2021 -0400

    ikev2: add process_v2_child_request_payloads() stub function



More information about the Swan-commit mailing list