New commits:
commit f81804ac4513f75cc81c4274443b848a11e320d8
Author: Andrew Cagney <[email protected]>
Date: Sat Aug 7 13:34:31 2021 -0400
whack: use the whack message's .sec_label
... instead of the redundant whack end's .sec_label (drop the latter).
Only thing wrong with the field was the lack of pickling.
If the sec_lable fails vetting, reject the connection (was stumbling
on). Given FIPS / SElinux are in play this is safer.
Add the field connection .config .sec_label potentially freeing up
connection .spd .{this,that} .sec_label for just negotiation.
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
