[Swan-dev] [Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at nohats.ca
Sat Dec 27 05:48:48 EET 2014
Do these commits fix any specific known issue with the connection finding code?
Sent from my iPhone
> On Dec 26, 2014, at 17:40, D. Hugh Redelmeier <hugh at vault.libreswan.fi> wrote:
>
> New commits:
> commit 06153610adef409206289b2e29c044f69b115178
> Author: D. Hugh Redelmeier <hugh at mimosa.com>
> Date: Fri Dec 26 17:32:20 2014 -0500
>
> Muck about with the fine points of policy lset_t matching
>
> - Make find_host_connection more rigorous in matching required policy.
>
> - Some callers of find_host_connection need to step to the next
> matching connection with a matching policy, add
> find_next_host_connection to do that.
>
> - Ditch the imaginary distinction between aggr_inI1_outR1_psk and
> aggr_inI1_outR1_rsasig: the two entries were indistinguishable.
>
> - Fixed comments in microcode for Aggressive mode.
>
> - Simplified pick_initiator.
>
> - Simplify collect_rw_ca_candidates
> + replace find_host_connection call with find_host_pair call
> because policy filtering was not used
> + simplified loop logic
> + eliminated reference parameter requiring caller-initialized variable;
> made corresponding simplification to callers
>
> - POLICY_IKEV1_DISABLE => POLICY_IKEV1_ALLOW
> This caused a lot of changes to tests' reference output
>
> _______________________________________________
> Swan-commit mailing list
> Swan-commit at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-commit
More information about the Swan-dev
mailing list