New commits:
commit 1ea0e9919e1a53aece4df441403e979f9e6aa825
Author: Andrew Cagney <[email protected]>
Date: Wed Apr 6 10:51:57 2022 -0400
testing: in ikev1-02-fuzzer add both rsasig and secret connections
Increase odds that fuzzer will be accepted.
(targeted fuzz script still needs work)
commit f627bf4249c7a70f51742c6cce4fbd911d9520d0
Author: Andrew Cagney <[email protected]>
Date: Mon Apr 4 18:11:31 2022 -0400
ikev1: don't zap RSASIG+PSK when that was proposed by peer
Given a proposal with both RSASIG+PSK, authby (nee policy) was
being cleared of any authentication bits. Logic in find host-pair
then interpreted that as accept any.
Now the code matches like for like. This means that an IKEv1
Main Mode proposal containing PSK is dropped when the
only connection option is authby=secret (which gives the fuzzy
tests grief).
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
