[Swan-commit] Changes to ref refs/heads/main

Andrew Cagney cagney at vault.libreswan.fi
Tue Sep 21 19:10:42 UTC 2021


New commits:
commit 6a9aac807a89659c874beaaa5af2a0ba801a7c90
Author: Andrew Cagney <cagney at gnu.org>
Date:   Tue Sep 21 11:29:23 2021 -0400

    ikev2: rebuild fragmented messages using fragment 1 as the starting point
    
    Hence, save fragment 1 when it arrives.
    
    Fragment 1 can contain integrity protected (but unencrypted) payloads
    and those payloads need to be included.
    
    SKEYSEED complicates this: if fragment 1 isn't first, then another
    fragment is saved initially.  This way should SKEYSEED fail then
    there's a message to use when building the unprotected error response.



More information about the Swan-commit mailing list