New commits: commit f5916aebe1d167eb27d5402758de33b56814d03d Author: Paul Wouters <pwout...@redhat.com> Date: Fri Jun 6 01:15:03 2014 -0400
IKEv2: Fix process_informational_ikev2() for Delete payloads [Paul/Hugh] An incomplete Child SA has the same SPIs as its Parent SA and could accidentally be matched by the state machine to process the Informational Exchange. If such informational message contained an IKE SA Delete payload, it would trigger a passert in v2_delete_my_family() which insisted to be given a Parent SA. We now switch to the parent if detected. The RFC forbids mixing IKE and IPsec Deletes. IKE SA delete payload SPI numbers and SPI size MUST be zero. This was not enforced. Syntax errors in Delete payloads were ignored instead of failed. Convoluted SPI logging simplified. commit a5a70ff1d7b1bd372af4598e394b4ab5e2b00255 Author: Paul Wouters <pwout...@redhat.com> Date: Fri Jun 6 01:14:35 2014 -0400 updated comments in state.h commit a9f2b106fa90deef61c9eec6f4fedadf9e708afe Author: Paul Wouters <pwout...@redhat.com> Date: Fri Jun 6 01:13:50 2014 -0400 minor cleanup in state.c commit 91d37c9d0a310a2a93338aab039055791ba63a13 Author: Paul Wouters <pwout...@redhat.com> Date: Fri Jun 6 01:13:12 2014 -0400 update a comment commit d36225e7a3b29067b415843b82576f873121e4e4 Author: Paul Wouters <pwout...@redhat.com> Date: Fri Jun 6 01:12:27 2014 -0400 Add comment to process_v2_packet() got lsb#185 commit cc6b565dfdc084e2a5f501b120b440b4bad20cd8 Merge: ede0f7c f0067c9 Author: Paul Wouters <pwout...@redhat.com> Date: Thu Jun 5 22:08:15 2014 -0400 Merge branch 'master' of ssh://vault.foobar.fi/srv/src/libreswan commit ede0f7c58831c2d643256cd45b2db02aa72bcc28 Author: Paul Wouters <pwout...@redhat.com> Date: Thu Jun 5 13:22:21 2014 -0400 testing: ikev2-algo-sha2-06 needs different esp= line to trigger the bug _______________________________________________ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit