New commits:
commit 50c32130ae572011814512e7447ed68b1cf9aca7
Author: Andrew Cagney
Date: Wed Dec 22 21:40:23 2021 -0500
kvm: fix <
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 75e690ed70ef0927c2fc50030551be0b3c39e42c
Author: Andrew Cagney
Date: Wed Dec 22 20:11:19 2021 -0500
kvm: build the RPM on the fedora build machine
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 25fd3dec754ab38bb960ce2029d696cf8281d1a1
Author: Andrew Cagney
Date: Thu Dec 16 14:05:59 2021 -0500
kvm: call the build domains {fedora,netbsd,openbsd}
... dropping the -build suffix
___
Swan-commit mailing list
New commits:
commit 44df507c272af1c3ca8dc649632aabdac6d22459
Author: Andrew Cagney
Date: Wed Dec 22 17:09:31 2021 -0500
connections: in refine_host_connection*() skip OPPO
Spell out that:
- OPPO
- NULL ID
are skipped (except when it's the current connection)
On Sun, 19 Dec 2021 at 21:42, Andrew Cagney wrote:
>
> > >
> > >
> > > if (peer_id != NULL && !same_id(peer_id, >spd.that.id) &&
> > > (c->spd.that.id.kind != ID_FROMCERT && !id_is_any(>spd.that.id))) {
> > > continue; /* incompatible ID */
> > > }
>
> More
New commits:
commit 21a939e449f34f82f7313d63099cf21021c9b467
Author: Andrew Cagney
Date: Wed Dec 22 12:41:36 2021 -0500
connections: in refine_host_connection*(), drop micro-optimized pre-check
It only performed a subset of the checks found in the main loop.
Notably the
New commits:
commit 15463b7cbb3b5eba5094c206d902c259fa64a595
Author: Andrew Cagney
Date: Sat Dec 18 20:23:41 2021 -0500
ikev1: drop redundant call to v1_verify_certs() in oakley_id_and_auth()
oakley_id_and_auth() calls ikev1_decode_peer_id which calls
v1_verify_certs() and
New commits:
commit 62809c773e01f0dbae5197af0a89bb314da5e202
Author: Andrew Cagney
Date: Wed Dec 22 11:06:49 2021 -0500
host-pair: eliminate find_host_pair()
code uses FOR_EACH_HOST_PAIR_CONNECTION()
commit eae3c975304eea0b973ba8e2bbaae91128a6de2a
Author: Andrew Cagney
Date:
Hello
We have a linux box with libreswan 3.32 and kernel
4.1.12-112.14.10.el6uek.x86_64 (Oracle Linux 6) terminating a number of
IPsec site-to-site tunnels with our customers.
The problem tunnel configuration is typical for us, customer side uses a
Mikrotik router. Public IP's are masked as