New commits:
commit 4ad51cb37251996d8d37294b3e2f5693aae34ed8
Merge: 4bff279 4a1ca2e
Author: Paul Wouters <[email protected]>
Date: Sun Dec 9 17:12:56 2018 -0500
Merge branch 'v1-v2-split'
commit 4a1ca2e3d1979c941c7686be380b3a669c270bae
Merge: 7f6ccad 4bff279
Author: Paul Wouters <[email protected]>
Date: Sun Dec 9 17:10:59 2018 -0500
Merge branch 'master' into v1-v2-split
commit 7f6ccada3494bee97c86ba4932135c721d831b57
Author: Paul Wouters <[email protected]>
Date: Sun Dec 2 17:28:05 2018 -0500
testing: Fixup output when IKE policy is printed
This happens in status output and in some Initiate output
- +IKEV2_PROPOSE removed from all output as flag no longer exists
- for ikev1 tests, removed +IKEv2_ALLOW
- for ikev2 tests, removed +IKEv1_ALLOW
commit 4733cdc3eff124507d4572c813d2fd92d0677d80
Author: Paul Wouters <[email protected]>
Date: Sun Dec 2 17:07:52 2018 -0500
testing: switch all ikev1 test cases to have ikev2=no
Either in a conn, or in conn %default
Some test cases test non-ike related things, such as seccomp or nflog.
These could be switched to use ikev2 instead of ikev1. For now, to
make converting easier, these were not changed.
commit eca76eb3b28ba9e13443e4fa61888ed5d875403b
Author: Paul Wouters <[email protected]>
Date: Sun Dec 2 11:21:23 2018 -0500
testing: convert all ikev2 test cases to not have the ikev2= keyword
Since ikev2 is now the default.
commit c04f8ac554031ea730cd5105b850c3312f14d6cf
Author: Paul Wouters <[email protected]>
Date: Sat Dec 1 17:21:39 2018 -0500
testing: remove ikev2-02-responder-send-notify
It tests the now obsolete CAN-IKEv2 (and did it badly, it wasn't
even in any console output)
commit f8b46e9cfbb2e10d020ecda6e3d687b4c592175a
Author: Paul Wouters <[email protected]>
Date: Sat Dec 1 17:12:45 2018 -0500
pluto: Remove POLICY_IKEV2_PROPOSE and its use
Connections are either IKEv1 or IKEv2, not both.
For now, this is still represented by two policy bits
(POLICY_IKEv1_ALLOW and POLICY_IKEv2_ALLOW) and should
be further simplified.
This also removes the retry logic that tried to switch between
v1/v2 after keying failures.
No longer send CAN-IKEv2 VID in IKEv1. Mark VID on receiving as obsolete.
whack: map --ikev2-propose to --ikev2-allow
commit 82edf0501cd43abfe53464de8b1e6be2c91d80fe
Author: Paul Wouters <[email protected]>
Date: Sat Dec 1 17:08:31 2018 -0500
testing: removed ikev2-01-fallback-ikev1
There is no more fallback between ikev1 and ikev2 connections.
commit 68aab53041b930f271cf916d98c23a3107f2190d
Merge: 8dd2a94 b5c0b09
Author: Paul Wouters <[email protected]>
Date: Sat Dec 1 16:23:28 2018 -0500
Merge branch 'master' into v1-v2-split
commit 8dd2a940b98ca4a43e5e49a73e96ef6eae2c67f2
Author: Paul Wouters <[email protected]>
Date: Mon Nov 19 11:37:18 2018 +0700
libipsecconf/whack: Forbid connections from being IKEv1 or IKEv2.
Connections can only be IKEv1 OR IKEv2
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
