[Swan-dev] regression due to xfrmi merge : SHA2 to SHA1
Antony Antony
antony at phenome.org
Sun Jan 26 11:40:42 UTC 2020
after xfrmi merge a change IPsec algorithm was noticed. Sorry I didn't
notice this on xfrmi branch alone.
Careful committing new console outputs before this is fixed. If you commit
new outputs now once this regression is fixed those tests may flip back.
cagney: is pointing at commit 32e11cc9b4946ab6e655485993700a67cf4e784a I am
not sure, I will get to it today. I will take look tomorrow. I have a
feeling he is right:) Thanks cagney.
https://testing.libreswan.org/v3.28-1515-g43fdc02c8c-master/certoe-03-poc-whack/OUTPUT/road.console.diff
-003 "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23 #2: Authenticated using RSA with IKEv2_AUTH_HASH_SHA2_512
+003 "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23 #2: Authenticated using RSA with IKEv2_AUTH_HASH_SHA1
Also note some flipped the other way.
https://testing.libreswan.org/v3.28-1499-g0eb656232d-master/ikev2-liveness-11-silent/OUTPUT/west.console.diff
-003 "west-east" #2: Authenticated using RSA with IKEv2_AUTH_HASH_SHA1
+003 "west-east" #2: Authenticated using RSA with IKEv2_AUTH_HASH_SHA2_512
-antony
More information about the Swan-dev
mailing list