[Swan-commit] Changes to ref refs/heads/main

Paul Wouters paul at vault.libreswan.fi
Thu Jun 24 15:17:52 UTC 2021 

New commits:
commit 2bfbc3a17a725c63521741020d3c80591d1148ab
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 11:16:19 2021 -0400

    testing: cleanup ipv6-addresspool-05-dual-stack
    
    This avoids throwing "starter: left is KH_NOTSET" errors

commit 7f24494028822a15520463f67b29e56a836b9d88
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 11:10:41 2021 -0400

    testing: generate-dnssec.sh no longer uses -r /dev/urandom
    
    this avoids:
    
    dnssec-keygen: fatal: The -r option has been deprecated.
    System random data is always used.

commit e171e47fe94087c7c3966c9561bc44dba31810b4
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 11:05:22 2021 -0400

    testing: cleanup ipv6-addresspool-04-src-address-selection
    
    This avoids throwing "starter: left is KH_NOTSET" errors

commit 769c53050b0cf55fec30b36f8743e4170e57bdb1
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 11:00:40 2021 -0400

    testing: cleanup ikev2-70-src-address-selection
    
    This avoids throwing "starter: left is KH_NOTSET" errors

commit 11c1c9d736e0147dbcedafa3a709ebcc73713ff2
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 10:45:45 2021 -0400

    testing: addconn-05  updated error output

commit cc1f0788032306dfd207d567569e06d4e48307ac
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 10:39:48 2021 -0400

    libipsecconf: fail to load conn when encountering KH_NOTSET
    
    Something bad happened, eg a parse error, and it should not be
    ignored. This could lead to subnet= being "half defined" and
    cause different behaviour between loading a conn with auto=add
    or via ipsec auto --add

commit 22973ed6b8a8f1aa23db5c79808fa261855c76b4
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 10:38:44 2021 -0400

    testing: ikev2-asymmetric-01-parsing addconn update
    
    addconn no longer prints bogus "ignoring: "

commit efe15f56ec86b01a1e5fddf5b80b2a902c3d6e1b
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 10:37:57 2021 -0400

    addconn: don't print misleading "ignoring: "
    
    It was not actually ignoring it - it would fail to load the connection.

commit 91db84a49d5754a6f802b521085aa1c727f40501
Author: Paul Wouters <paul.wouters at aiven.io>
Date:   Thu Jun 24 10:03:47 2021 -0400

    pluto: extract_end() should fail, not pexpect, on bad subnet
    
    This happens when having a typo in leftsubnet= while using
    auto=add or auto=start. In contrast, running addconn via
    "ipsec auto --add" will properly fail to load such a connection.

More information about the Swan-commit mailing list