[Swan-commit] Changes to ref refs/heads/master
New commits: commit 448fa55b649d55fdbf03c4bc039d4cd6237bce6f Author: Paul Wouters Date: Sat May 11 17:31:15 2019 -0400 testing: add impair revival for ikev1-rekey-connswitch ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d908d71f3a4e4241c1a1a2e52eb1a870597c9185 Author: Paul Wouters Date: Sat May 11 17:24:33 2019 -0400 testing: add libipsecconf-04 and add 03/04 to TESTLIST ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit ac1e643e953fe661e9d06ea44db8252f7ef46510 Author: Paul Wouters Date: Sat May 11 17:16:31 2019 -0400 testing: ikev1-hostpair-02 impair revival to match up state numbers ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 5e8fae6bf3e0e066d2c9642a54b0d3a39e7510e4 Author: Tuomo Soini Date: Sat May 11 19:39:57 2019 +0300 _updown.netkey.in: use -m intead of --max-count for busybox compatibility ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 75ae4c0b82a91f7aecba95d91b481be505582b1c Author: Andrew Cagney Date: Fri May 10 13:47:07 2019 -0400 ikev2: when PAM fails immediately delete the state using STF_FATAL Presumably when the MITM fails to prove their credentials the first time it's unlikely they will succeed with their second attempt. Stops a retransmit going through the same code path triggering a PEXPECT. Also tweak the cert code path that was triggering the PEXPECT to fail immediately when re-called. The code was returning STF_FAIL+v2N which does nothing to the state. Add note suggesting code should return STF_ZOMBIFY - where complete_v2_state_transition() sends the now recorded auth-failed notification and transitions the state to zombie. That way it can linger, responding to any duplicate and equally invalid auth requests. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit