New commits:
commit 79ee4b3d6e73c065a1914344a8d76a3947d67200
Author: Andrew Cagney
Date: Fri May 14 15:27:57 2021 -0400
logging: eliminate lswlog_to_{error,debug}_stream()
Add and use failsafe_logger, when all else fails.
Note: this drops the code trying to send
New commits:
commit 1d4ab289c438d272a5198ebaa1df90b1f390200c
Author: Andrew Cagney
Date: Fri May 14 20:35:10 2021 -0400
ikev2: switch responder to child after ikev2_child_sa_respond()
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit d977089ec0aa58dc14e26d89456dd5c12e3b2832
Author: Andrew Cagney
Date: Fri May 14 18:59:01 2021 -0400
ikev2: move IKE_SA_established call out of ikev2_child_sa_respond()
... and only call when establishing the IKE SA's first child.
commit
New commits:
commit 2bcbadc0b415fedbe69428496ba97caf2fc96266
Author: Andrew Cagney
Date: Fri May 14 16:24:07 2021 -0400
server: fix printf("%s", NULL) from enum_name() call
Follow-up: server: update helper pool logs
___
Swan-commit
New commits:
commit 72dcc4d87e7de3a89714951b8b49f2a7e923b378
Author: Andrew Cagney
Date: Fri May 14 15:48:53 2021 -0400
connection: s/newest_isakmp_sa/newest_ike_sa/
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit f408c3bdb76376f1a3991a042dc1aca7580ce9f3
Author: Andrew Cagney
Date: Thu May 13 10:31:01 2021 -0400
connections: in release_connection(), don't expect CK_INSTANCE
Caller's problem.
___
Swan-commit mailing list
New commits:
commit 0c0fb5de16fe7894b3d4afb34fcc00557e3ff72c
Author: Andrew Cagney
Date: Fri May 14 13:31:18 2021 -0400
logging: delete log_pexpect.c; duplicate of pexpect.c
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit ef682eae2cfc2e77f8b0bf5c036427bbb5c807a2
Author: Andrew Cagney
Date: Fri May 14 13:15:54 2021 -0400
server: update helper pool logs
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit ec340f440ce58cad656df25e255ec610b2f70580
Author: Andrew Cagney
Date: Fri May 14 11:19:21 2021 -0400
ikev2: in respoder, move IKE_AUTH state switch to after processing CHILD's
SA payload
commit 272a9c923a925058750e8269c8db7f96524be244
Author: Andrew Cagney
Date: Fri
New commits:
commit 1e569d9cb876222bcd85c922d9ae56ae219646c2
Author: Andrew Cagney
Date: Fri May 14 10:26:36 2021 -0400
testing: add refcnt.awk to post-mortem.sh
Still experimental so ignore result.
(otoh, when leak detective fails this may help)
New commits:
commit 892d5997740112d05d5fba24256824f696106bb9
Author: Kavinda Wewegama
Date: Wed May 12 13:21:34 2021 -0500
pluto: unshare policy labels in connection `end`s
* Prior to this fix, `pluto` would trigger a double free error when
cleaning up `connection`s.
On Fri, 14 May 2021, Ivan Kuznetsov wrote:
No, config lines are not ignored. Here is status output, it shows 'ike_life:
86400s' and 'ipsec_life: 28800s' implemented
[root@vpn3 ipsec.d]# ipsec auto --status | grep bkp/0x2
000 "bkp/0x2":
000 "bkp/0x2": ike_life: 86400s; ipsec_life: 28800s;
Hi Paul
No, config lines are not ignored. Here is status output, it shows
'ike_life: 86400s' and 'ipsec_life: 28800s' implemented
[root@vpn3 ipsec.d]# ipsec auto --status | grep bkp/0x2
000 "bkp/0x2":
172.16.80.0/20===11.22.33.44<11.22.33.44>...55.66.77.88<55.66.77.88>===10.1.102.0/24;
If you have those empty lines in your config, perhaps that is causing the lines
to be ignored ?
Otherwise, show us the logs from the rekey event? It should tell us why.
Sent from my iPhone
> On May 14, 2021, at 03:46, Ivan Kuznetsov wrote:
>
> Hello
>
> We use libreswan 3.32 under Linux
New commits:
commit 9ad30ed18b861d9d3a118942c89d9ae82a08a43b
Author: Andrew Cagney
Date: Fri May 14 07:30:07 2021 -0400
demux: change struct pbs_in *pbs to struct payload_digest *pd
Some notifies need content of the packet header.
(An astute reader will also notice that .chain
Hello
We use libreswan 3.32 under Linux and have a IPsec peer recently
upgraded their Cisco ASA. Tunnel was migrated to IKEv2. All works fine
except the libreswan side restarts ISAKMP too often, mostly after 1h.
ESP is restarted too. Settings for lifetime are 24h for phase 1 and 8h
for phase
16 matches
Mail list logo
