[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Wed Apr 6 17:53:06 EEST 2022
New commits:
commit 1ea0e9919e1a53aece4df441403e979f9e6aa825
Author: Andrew Cagney <cagney at gnu.org>
Date: Wed Apr 6 10:51:57 2022 -0400
testing: in ikev1-02-fuzzer add both rsasig and secret connections
Increase odds that fuzzer will be accepted.
(targeted fuzz script still needs work)
commit f627bf4249c7a70f51742c6cce4fbd911d9520d0
Author: Andrew Cagney <cagney at gnu.org>
Date: Mon Apr 4 18:11:31 2022 -0400
ikev1: don't zap RSASIG+PSK when that was proposed by peer
Given a proposal with both RSASIG+PSK, authby (nee policy) was
being cleared of any authentication bits. Logic in find host-pair
then interpreted that as accept any.
Now the code matches like for like. This means that an IKEv1
Main Mode proposal containing PSK is dropped when the
only connection option is authby=secret (which gives the fuzzy
tests grief).
More information about the Swan-commit
mailing list