[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Tue Sep 21 19:10:42 UTC 2021
New commits:
commit 6a9aac807a89659c874beaaa5af2a0ba801a7c90
Author: Andrew Cagney <cagney at gnu.org>
Date: Tue Sep 21 11:29:23 2021 -0400
ikev2: rebuild fragmented messages using fragment 1 as the starting point
Hence, save fragment 1 when it arrives.
Fragment 1 can contain integrity protected (but unencrypted) payloads
and those payloads need to be included.
SKEYSEED complicates this: if fragment 1 isn't first, then another
fragment is saved initially. This way should SKEYSEED fail then
there's a message to use when building the unprotected error response.
More information about the Swan-commit
mailing list