[Swan-commit] Changes to ref refs/heads/main

Andrew Cagney cagney at vault.libreswan.fi
Wed Apr 6 17:53:06 EEST 2022


New commits:
commit 1ea0e9919e1a53aece4df441403e979f9e6aa825
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Apr 6 10:51:57 2022 -0400

    testing: in ikev1-02-fuzzer add both rsasig and secret connections
    
    Increase odds that fuzzer will be accepted.
    (targeted fuzz script still needs work)

commit f627bf4249c7a70f51742c6cce4fbd911d9520d0
Author: Andrew Cagney <cagney at gnu.org>
Date:   Mon Apr 4 18:11:31 2022 -0400

    ikev1: don't zap RSASIG+PSK when that was proposed by peer
    
    Given a proposal with both RSASIG+PSK, authby (nee policy) was
    being cleared of any authentication bits.  Logic in find host-pair
    then interpreted that as accept any.
    
    Now the code matches like for like.  This means that an IKEv1
    Main Mode proposal containing PSK is dropped when the
    only connection option is authby=secret (which gives the fuzzy
    tests grief).



More information about the Swan-commit mailing list