On Fri, 9 Feb 2024, Phil Nightowl wrote:
Along your advice, I changed the config files on host1.privlan (applicable
to any host on my 192.168.1.x except server.privlan). SSH access is fixed,
the config on host1.privlan does not use opportunistic encryption any longer
and works fine. Adding
New commits:
commit 9fa1a0905074acf95db0a5275ac5b56a598ba873
Author: Andrew Cagney
Date: Thu Feb 8 21:02:58 2024 -0500
ikev2: add --impair omit_v2_notification:...
replace --impair omit_v2N_SIGNATURE_HASH_ALGORITHMS
commit 622513f3268a5f417da465d332c305634a888a3e
Author: Andrew
New commits:
commit d300ead77078a338efa0ce7964c4822aa933bbc0
Author: Paul Wouters
Date: Thu Feb 8 20:55:27 2024 -0500
documentation: remove alsoflip= mentions
commit 81fa930d8935eda428da53762063cd55e8a6a927
Author: Paul Wouters
Date: Thu Feb 8 20:53:30 2024 -0500
pluto: Do not run
New commits:
commit ed5fd98798be091039e21f908dd5138c1ed550da
Author: Andrew Cagney
Date: Thu Feb 8 18:41:51 2024 -0500
testing: --impair ignore_v2_notification tweaks
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit f8a709d0dd296083cb0ded6280e5ca9efe4dfbe5
Author: Andrew Cagney
Date: Thu Feb 8 16:41:37 2024 -0500
ppk: when ppk=insist and IKE_SA_INIT doesn't agree to PPK, fail
See:
ppk stumbles on to IKE_AUTH even though PPK isn't negotiated during
IKE_SA_INIT #1610
> > > I would try 4.12.
> >
> > Can you tell me that this is not strictly required to make it work? Of
> > course, I am going to upgrade at some point - but It will make my life much
> > easier if I don't have to do it on all hosts involved and right now.
>
> No I can't without knowing a lot
New commits:
commit ba73ffecdfe51aecf5be763b7cf48513c35b0e81
Author: Andrew Cagney
Date: Thu Feb 8 17:03:45 2024 -0500
testing NetBSD: update to 10.0_RC4
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 09cdb01ee154e3db032ebef42413696fd3877b76
Author: Andrew Cagney
Date: Thu Feb 8 14:36:17 2024 -0500
impair: add --impair ignore_v2_notification:NAME
replace ignore_v2N_SIGNATURE_HASH_ALGORITHMS
commit 203d39e24fc192897529d39974d6605cbcd2e86a
Author: Andrew
New commits:
commit b378b6da5e3b58fce112165c2b0687ec6b5c8390
Author: Andrew Cagney
Date: Thu Feb 8 10:56:00 2024 -0500
ikev2: add chacha to default non-FIPS IKE+ESP proposals
commit 85ffd7ba82ba080ae6af591a0121bb350f168e79
Author: Andrew Cagney
Date: Thu Feb 8 14:20:22 2024 -0500
New commits:
commit f5b02380eef9f03d7147ac2a4043fefd55bb74b7
Author: Andrew Cagney
Date: Wed Feb 7 12:24:41 2024 -0500
ikev2: use accept_v2_notification(USE_TRANSPORT_MODE)
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 59105aa3b55e29cada8b044e18008059b832b55b
Author: Andrew Cagney
Date: Wed Feb 7 22:07:09 2024 -0500
ikev2: make ECP MODP groups first for IKE
commit b06bae1a3dd567db7c437c935e6df16ef30521d4
Author: Andrew Cagney
Date: Wed Feb 7 22:09:33 2024 -0500
testing:
On Thu, 8 Feb 2024, Phil Nightowl wrote:
I would try 4.12.
Can you tell me that this is not strictly required to make it work? Of
course, I am going to upgrade at some point - but It will make my life much
easier if I don't have to do it on all hosts involved and right now.
No I can't
New commits:
commit d20ead7ffd94d68972c965f3e54d2b97c3694402
Author: Andrew Cagney
Date: Thu Feb 8 07:34:12 2024 -0500
ikev2: use accept_v2_notification(v2N_MOBIKE_SUPPORTED)
commit e2fe587982422984d1ecd6facb9eb8e9bc15d201
Author: Andrew Cagney
Date: Thu Feb 8 07:33:44 2024 -0500
> > Currently, server.privlan has libreswan 4.10, other hosts mostly 4.3.
>
> I would try 4.12.
Can you tell me that this is not strictly required to make it work? Of
course, I am going to upgrade at some point - but It will make my life much
easier if I don't have to do it on all hosts
14 matches
Mail list logo
