[Swan-commit] Changes to ref refs/heads/main

Andrew Cagney cagney at vault.libreswan.fi
Wed Sep 15 04:00:05 UTC 2021

New commits:
commit 66fe07bf696dde79cd35094c79438ed63a9c5de9
Author: Andrew Cagney <cagney at gnu.org>
Date:   Tue Sep 14 17:30:39 2021 -0400

    ikev2: cleanup ikev2_states.[hc]
    Make log_v2_payload_errors() and ikev2_verify_payloads() static.

commit 2ba1ea02dffe40569a7abf50d81e07f2028723a1
Author: Andrew Cagney <cagney at gnu.org>
Date:   Tue Sep 14 17:12:36 2021 -0400

    ikev2: split fragmentation and transition lookup code
    Replace code searching through all possible transitions (regardless of
    state) while similtaneously trying to juggle fragments, decryption and
    - if the state is .v2.secure:
      - use the state's transition to check if the message is plausable
      - accumulate fragments, then decrypt / unpack
      - if needed, segway into SKEYSEED
        (the SKEYSEED should be computed in the background; scary)
    - call find_v2_state_transition() (which matches payloads against just
      the curren state's transitions)

commit c205d6de661838e2d972ff91c72487d37eeb1342
Author: Andrew Cagney <cagney at gnu.org>
Date:   Mon Sep 13 18:16:57 2021 -0400

    ikev2: add struct finite_state .v2.secured
    - in ikev2_states, set .v2.secured as needed
    - in init_ikev2() passert() that all secured states
      only accept secured (aka SK) payloads
    - in find_v2_state_transition() use .v2.secured
      instead of SK

More information about the Swan-commit mailing list