New commits:
commit 73c6022477387cc8f29ba9456afffff83960c4ac
Author: Andrew Cagney <[email protected]>
Date: Fri Mar 25 12:27:56 2022 -0400
ikev2: update CERT{,REQ} code
Move/rename to ikev2_cert.[hc]:
- emit_v2CERT{,REQ}()
- need_v2CERTREQ_in_{IKE_SA_INIT_response,IKE_AUTH_request}()
- use remote .policy_authby when considering emit_v2CERTREQ()
- use local .policy_authby when considering emit_v2CERT()
also:
- rename has_preloaded_public_key() to remote_has_preloaded_pubkey()
Note: the code deciding if the IKE_AUTH request should include
a CERTREQ had issues:
- initiator only sent CERTREQ when it was also sending a CERT
- it relied on c->polcy having the correct authby policy; #666
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
