[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Thu Oct 19 19:51:19 EEST 2023
New commits:
commit a9957a8fec94ec089d4157da9e4f273c78900726
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Oct 19 10:54:32 2023 -0400
ikev1: move clear_retransmits() in submit_task() to STF_SUSPEND
close #657; note #1339
Add the note on why it it is still broken:
XXX: Clearing retransmits here is wrong (it is a
slight improvement on submit_task()).
Retransmits should only be cleared after the
integrity of the packet has been proven and here
that is likely not the case. For instance, the
exchange is suspended while the DH needed to prove
integrity is computed.
A better location might be in STF_v1N, assuming the
packet's integrity was verified.
More information about the Swan-commit
mailing list