New commits:
commit 16110828b5de9d5e34c24938fd8b329b1de72039
Author: Paul Wouters <[email protected]>
Date: Sun Sep 16 22:42:40 2018 -0400
libswan: switch unbound code from ub_ctx_add_ta_autr() to
ub_ctx_add_ta_file()
For an as of yet unexplained reason, on fedora 28 at least, the function
ub_ctx_add_ta_autr() causes pluto to not initiate the listen() code
properly.
As the system OS should be doing the updating of the trust keys file anyway,
using ub_ctx_add_ta_file() should be fine. But once the bug causin this has
been found, things should be moved back again to ub_ctx_add_ta_autr()
commit d3248e4a0c4ef49a69868541fab2d05cdb676717
Author: Paul Wouters <[email protected]>
Date: Sun Sep 16 22:41:34 2018 -0400
libswan: remove workaround for unbound < 1.4.12 because we now need >=
1.5.0 anyway
This workaround would define ub_ctx_add_ta_autr() to ub_ctx_add_ta_file()
The first one can support RFC-5011 rollover if it can write to the file.
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
