[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Fri Mar 25 19:25:37 EET 2022
New commits:
commit 73c6022477387cc8f29ba9456afffff83960c4ac
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Mar 25 12:27:56 2022 -0400
ikev2: update CERT{,REQ} code
Move/rename to ikev2_cert.[hc]:
- emit_v2CERT{,REQ}()
- need_v2CERTREQ_in_{IKE_SA_INIT_response,IKE_AUTH_request}()
- use remote .policy_authby when considering emit_v2CERTREQ()
- use local .policy_authby when considering emit_v2CERT()
also:
- rename has_preloaded_public_key() to remote_has_preloaded_pubkey()
Note: the code deciding if the IKE_AUTH request should include
a CERTREQ had issues:
- initiator only sent CERTREQ when it was also sending a CERT
- it relied on c->polcy having the correct authby policy; #666
More information about the Swan-commit
mailing list