New commits:
commit d1d2eb043bd96c13f56e70c2ccb38d84c7c41dd5
Author: Andrew Cagney
Date: Thu May 9 20:32:55 2024 -0400
enums: return bool from enum_enum_name()
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 3dfdde8d8a75e69c0cface899e4b7defa023e3fa
Author: Andrew Cagney
Date: Thu May 9 10:22:54 2024 -0400
enums: sprinkle S(E) over remaining tables
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 6add1540483ef8c27fdc9442e99c3885f7b6762e
Author: Andrew Cagney
Date: Thu May 9 12:51:45 2024 -0400
state: drop #define ta_ikev1_encrypt and ta_ikev1_integ_hash
code is using .ta_encrypt
___
Swan-commit mailing list
New commits:
commit 15396a459d145f23c68f8eabd568b7b161b950a3
Author: Andrew Cagney
Date: Thu May 9 09:27:44 2024 -0400
ikev1: delete now redundant ESP_ switch computing needed keymat
More CVE-2024-3652 follow-up. Can't break a switch that isn't there.
On Thu, 9 May 2024, Phil Nightowl wrote:
Then be sure to have a leftsubnet= on your client or else it will try to
use the pre-NAT IP and your remote peer would likely not accept that.
There already is a
leftsubnet=0.0.0.0/0
rightsubnet=srv.ii.nn.tt/32
in the roadwarrior's
New commits:
commit e6b3b173449ccb842584be6cd58037b1960ea5d2
Author: Andrew Cagney
Date: Thu May 9 09:59:43 2024 -0400
ikev1: rename ISAKMP_NEXT_MCFG_ATTR -> ISAKMP_NEXT_MODECFG
Where MODECFG is the name used when logging.
(based on the draft RFC, it should be called
New commits:
commit 4a5e3e08bc5ba2a158abd09abacf72ea0a0d10db
Author: Andrew Cagney
Date: Wed May 8 21:24:45 2024 -0400
ikev1: add IKEv1_ prefix to AH_ and ESP_ macros
update enum_name tables, drop "(UNUSED)"; ike_alg tables decide
what is used.
commit
New commits:
commit c9675037a68645f21a9875f93f3d3db951189a18
Author: Andrew Cagney
Date: Thu May 9 09:04:05 2024 -0400
ikev1: compute the ESP keymat length twice
Once using a big switch and once like IKEv2. pexpect() same
___
> Then be sure to have a leftsubnet= on your client or else it will try to
> use the pre-NAT IP and your remote peer would likely not accept that.
There already is a
leftsubnet=0.0.0.0/0
rightsubnet=srv.ii.nn.tt/32
in the roadwarrior's config. The config file of the server