New commits: commit 04a7374e3026e0d8440aac4127a6473b02b09ab7 Author: Paul Wouters <pwout...@redhat.com> Date: Fri Aug 29 23:09:05 2014 -0400
libswan: reject ESP_* ciphers we don't want to support (but want to know) This is in alg_info_esp_aa2sadb() which is a somewhat dubious function, as the sadb numbering does not fully cover the possible entries for IKEv2, and conflicts with some entries in IKEv1 (eg ESP_SEED_CBC which has been removed) commit 2c33f7277644eac1b4028bf0372bb1251b174ff4 Author: Paul Wouters <pwout...@redhat.com> Date: Fri Aug 29 23:05:41 2014 -0400 testing: updated algparse.c and known good output - Some more test cases fixed, such as rejected ESP_DES, ESP_BLOWFISH - Added some new algos, like camellia and aes_ctr variants - Removed the aes_[gc]cm_[8|12|16] as those are handled via aliases - Camellia now uses the IKEv2 entry (23) not the IKEv1 entry (22) - aes_cbc is now aes_xcbc two errors remain: esp=modp1024 fails (only works when specifying algo-hash;modpXXX) ah=null should fail but not assertion fail _______________________________________________ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit