New commits: commit 9094e3cc6a20da24749ca5157c67d25d4e7d3068 Author: Paul Wouters <pwout...@redhat.com> Date: Thu May 15 21:26:38 2014 -0400
IKEv1: extend passerts in compute_proto_keymat() to cover all ESP's This functionality is identical for IKEv1 and IKEv2 and should be factored out for re-use. commit 01ade14688b135b7c4e4a5fdadd6739b3b396278 Author: Paul Wouters <pwout...@redhat.com> Date: Thu May 15 20:55:17 2014 -0400 pluto: Implement key size checking for ike= and esp= This also changes parser_alg_info_add to return an err_t This prevents things like ike=3des666 and esp=aes333-sha1 from being loaded as a valid policy. commit 552aa8d4b68f9bcac6d0f9b3d71f37c71d3804c0 Author: Paul Wouters <pwout...@redhat.com> Date: Thu May 15 20:53:49 2014 -0400 alg_info: Change unset ESP default from ESP_3DES to ESP_AES I don't think this code can actually be hit, because if there is no esp= line we put in our default proposal (which allows AES and 3DES) commit 647c5bc7091590209e846d4bc145ea2607b3fee2 Author: Paul Wouters <pwout...@redhat.com> Date: Thu May 15 20:51:45 2014 -0400 ietf_constants: Add valid key sizes for encryption algorithms Add min, default and max along with their RFC number (where available) commit 2d0a4be2968457d58954b79b6496927cb7f157d0 Author: Paul Wouters <pwout...@redhat.com> Date: Thu May 15 15:44:01 2014 -0400 pluto: don't die when the only loaded proposal is completely invalid _______________________________________________ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit