[Swan-commit] Changes to ref refs/heads/main

New commits: commit 50c32130ae572011814512e7447ed68b1cf9aca7 Author: Andrew Cagney Date: Wed Dec 22 21:40:23 2021 -0500 kvm: fix < ___ Swan-commit mailing list Swan-commit@lists.libreswan.org

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 75e690ed70ef0927c2fc50030551be0b3c39e42c Author: Andrew Cagney Date: Wed Dec 22 20:11:19 2021 -0500 kvm: build the RPM on the fedora build machine ___ Swan-commit mailing list Swan-commit@lists.libreswan.org

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 25fd3dec754ab38bb960ce2029d696cf8281d1a1 Author: Andrew Cagney Date: Thu Dec 16 14:05:59 2021 -0500 kvm: call the build domains {fedora,netbsd,openbsd} ... dropping the -build suffix ___ Swan-commit mailing list

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 44df507c272af1c3ca8dc649632aabdac6d22459 Author: Andrew Cagney Date: Wed Dec 22 17:09:31 2021 -0500 connections: in refine_host_connection*() skip OPPO Spell out that: - OPPO - NULL ID are skipped (except when it's the current connection)

Re: [Swan-dev] questions about find_next_v2_host_connection

On Sun, 19 Dec 2021 at 21:42, Andrew Cagney wrote: > > > > > > > > > > if (peer_id != NULL && !same_id(peer_id, >spd.that.id) && > > > (c->spd.that.id.kind != ID_FROMCERT && !id_is_any(>spd.that.id))) { > > > continue; /* incompatible ID */ > > > } > > More

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 21a939e449f34f82f7313d63099cf21021c9b467 Author: Andrew Cagney Date: Wed Dec 22 12:41:36 2021 -0500 connections: in refine_host_connection*(), drop micro-optimized pre-check It only performed a subset of the checks found in the main loop. Notably the

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 15463b7cbb3b5eba5094c206d902c259fa64a595 Author: Andrew Cagney Date: Sat Dec 18 20:23:41 2021 -0500 ikev1: drop redundant call to v1_verify_certs() in oakley_id_and_auth() oakley_id_and_auth() calls ikev1_decode_peer_id which calls v1_verify_certs() and

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 62809c773e01f0dbae5197af0a89bb314da5e202 Author: Andrew Cagney Date: Wed Dec 22 11:06:49 2021 -0500 host-pair: eliminate find_host_pair() code uses FOR_EACH_HOST_PAIR_CONNECTION() commit eae3c975304eea0b973ba8e2bbaae91128a6de2a Author: Andrew Cagney Date:

[Swan] Libreswan don't want to up a child SA

Hello We have a linux box with libreswan 3.32 and kernel 4.1.12-112.14.10.el6uek.x86_64 (Oracle Linux 6) terminating a number of IPsec site-to-site tunnels with our customers. The problem tunnel configuration is typical for us, customer side uses a Mikrotik router. Public IP's are masked as