[Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at vault.libreswan.fi
Mon Sep 19 19:37:45 EEST 2022
New commits:
commit e6b8f15f7a2fdace62b988eb5125649188b67f47
Merge: 9286dafa1a a4fd2b32eb
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Mon Sep 19 12:37:32 2022 -0400
Merge branch 'maxvalues'
commit a4fd2b32ebf645cb7d44d305847aa68affa59927
Merge: 448d43ac1b 9286dafa1a
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Mon Sep 19 12:36:11 2022 -0400
Merge branch 'main' into maxvalues
commit 448d43ac1bdc958fdd02e2e6e7154bf8830b50c7
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Sun Sep 11 20:12:48 2022 -0400
* pluto: extrac_connect() should check for lifetime=0
commit 033780e40326a86567825763d4054f35cacfb704
Merge: 5c7ee62122 4d13c41305
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Fri Sep 9 20:00:44 2022 -0400
Merge branch 'main' into maxvalues
commit 5c7ee621222964d7271cd75f8c927601910e64b6
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Sep 8 18:47:36 2022 -0400
testing: expect 2^32
commit 4981a8f7f04b5a7b2862f50840aa87dad02252ba
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Sep 8 16:22:28 2022 -0400
config: sprinkle uintmax_t over max-bytes/max-packets
And call constants IPSEC_SA_MAX_OPERATIONS... which kind of
matches FIPS terminology (sounds good, doesn't mean anything).
commit da915c78a43f9a5242d20d156ec1d1e2ea7d19ee
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Sep 8 15:34:34 2022 -0400
libipsecconf: allow numbers > UINT_MAX
Was issuing a warning but then truncating them.
commit 3cb8f5851de5a47fc07cb6ca40bd839a7a804ffb
Author: Paul Wouters <paul.wouters at aiven.io>
Date: Tue Sep 6 21:54:19 2022 -0400
WIP: pluto/libipsecconf: handle maxbytes / maxpackets
- NUMERIC_ARG was missing for whack
- requires we cannot specify 64M/G/T/ etc :/
- Change IPSEC_SA_MAX_DEFAULT to 2^32 as per NIST, not ~(int64_t)0
- confread int option needs to use long int so it can store 2^32
- still overflows an int somewhere, so setting 2^32+1 results in "1"
when using config files (whack arg works fine)
More information about the Swan-commit
mailing list