[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Thu Oct 14 03:17:29 UTC 2021
New commits:
commit f11b8c2272758f7fa35966138516cc975c9b922d
Merge: 9dc4406bdd 8cdcbf297e
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Wed Oct 13 23:17:18 2021 -0400
Merge branch 'esn-replay'
commit 8cdcbf297e80811ebb4379637af2a304e4a20ea8
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:52:35 2021 -0400
testing: rename removed-iface-01 to ikev2-removed-iface-01
commit a0a0e0d05994d69c0e95bee8fcdb3868ab419180
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:50:30 2021 -0400
testing: rename nss-cert-pkcs11-uri-01 to ikev2-nss-cert-pkcs11-uri-01
commit 6da3b41a4e3796cfaa0cdf3e77254c3bdde13f54
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:49:04 2021 -0400
testing: rename nss-cert-08-mismatch to ikev2-nss-cert-08-mismatch
commit 2bf61899e97e6c8684bac543bf8646b2c3848c93
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:46:23 2021 -0400
testing: renamed netkey-tfc-0* to ikev2-tfc-0*
commit 864752b341da53f7473ce9b05679777ca2603a90
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:42:08 2021 -0400
testing: fixup more ikev1/ikev2 tests
basic-pluto-09-orienting is IKEv1 but used ikev2=never instead of
ikev2=no due to Red Hat compat for RHEL8, so it got accidentally
zapped with ESN_YES
delete-sa-0[12] were accidentally changed from IKEv1 to IKEv2 in
the Great Default IKEv2 Change. Fix them back to IKEv1.
Rename ipv6-addresspool-04-src-address-selection to
ikev2-ipv6-addresspool-04-src-address-selection
commit 61ff4d54688c922da8c1bb728cdf664fd8185c70
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:41:12 2021 -0400
testing: rename two tests to clearly show these are IKEv2
While renaming, might as well rename netkey -> xfrm
commit b242ddc5e826b0a0e07f2910aae156576f857185
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:38:22 2021 -0400
testing: rename ipv6-addresspool-04-src-address-selection to ikev2-ipv6-addresspool-04-src-address-selection
commit f7e6c9d70762078b7f8f55a579605ab7e851ed4a
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:18:01 2021 -0400
testing: rename algo-pluto-09 to ikev2-algo-pluto-09
It was always an IKEv2 test, and is very misleadingly named
commit d1f51786c6875a00634aec192be48e3865a4a5df
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:17:11 2021 -0400
testing: delete-sa-02 is supposed to be an IKEv1 test
accidentally got changed when our default changed.
commit 55653fc705daf0ac5d3d5faa7cc420118dae6341
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:12:39 2021 -0400
pluto: change ESN warning to debug message
Otherwise, it is too noisy on the whack output for default esn settings
that use IKEv1.
commit e01170318ce2772f40c9d6ecfed0e0f59587680a
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 23:03:33 2021 -0400
testing: bulk IKEv2 ESN update
commit a9ebf38be998ab87d0bcfbac14cf15b79e73810c
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 22:20:59 2021 -0400
testing: add sanitizer for xfrm ESN output
commit bc3df432726d2946e1b255409fc0a3f28ece831c
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 16:23:43 2021 -0400
documentation: fix comment in sanitizer
commit 6adc316a55a22cd6645b0ef5a0ee2bbb5a24f109
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 14:15:07 2021 -0400
IKEv1: log a warning for trying ESN with IKEv1
commit 9ce46792a239ab7fb5ccf131039ff5d0630b1e5a
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 13:03:18 2021 -0400
pluto: Update to IKEv1 IPSEC Security Association Attributes registry
Add five new values, although we don't plan to support any of these.
commit b4ddfa7df00fe498e4a426822783d69848772b0a
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 13:12:33 2021 -0400
documentation: clarify esn= is only supported for IKEv2
commit 48a84fcac52b18de0f451ef0eb1061d901055ca2
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Oct 12 12:12:29 2021 -0400
pluto: dont set ta.esn_enabled to true in failure case
commit 11116585b2542f0a678a2e10ca0d1923acffb812
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Oct 8 13:53:06 2021 -0400
documentation: update CHANGES
commit 64710f298e7f63c3aa853d339e6644f749424df5
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Oct 8 13:42:47 2021 -0400
IKEv2: Enable ESN for default proposal
commit 65329243d67d8ab8f2d4242eeb6400330f215d7b
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Oct 8 13:42:02 2021 -0400
libipsecconf: change default esn= value from "no" to "either"
commit d9643a015715c45e47e1262a668425621b874162
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Oct 8 13:41:22 2021 -0400
pluto: Raise default replay-window size from implicit 32 to 128
commit 829ee3bf325779bb9ec165b679d3905f3678e4e0
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Oct 8 13:40:21 2021 -0400
testing: updates to Extended Sequence Number (ESN) tests
More information about the Swan-commit
mailing list