New commits:
commit 6f4c530538ce199931fca9baa73b2e33931ad5b7
Author: Andrew Cagney <[email protected]>
Date: Wed Dec 4 15:42:17 2024 -0500
ikev2: re-work crypto checks in open_v2_message()
The check was logging a pexpect when IKE_SESSION_RESUME
sent an unsecured response. Even though the responder
has determined the keys, the response needs to be sent
in the clear so that the initiator can read "Nr" and
use that to generate its copy of the keys.
commit eefe607065b9e3ca1189d03278f910ac3f690cf1
Author: Andrew Cagney <[email protected]>
Date: Wed Dec 4 15:16:51 2024 -0500
ikev2: drop llog_pexpect(IKE_SESSION_RESUME isn't encrypted)
it is
commit 113db6207227d95024401e85f8d60871fed5817f
Author: Andrew Cagney <[email protected]>
Date: Wed Dec 4 09:23:01 2024 -0500
ikev2: tweak session resume ticket in ipsec connectionstatus
commit e1b1294b7d69c3885d57b15b8f64f5c86a3ab4b7
Author: Andrew Cagney <[email protected]>
Date: Wed Dec 4 09:46:17 2024 -0500
testing: make IKE_SESSION_RESUME tests good
update output, add sanitizer for ticket line
close #1958 session resume tests need sanitizing before being good
commit 180ea0814ca073776e1130da7a18faf3b3e220e1
Author: Andrew Cagney <[email protected]>
Date: Wed Dec 4 09:49:56 2024 -0500
ikev2: pass notification data to record_v2N_notification() as shunk_t
replace possibly NULL chunk_t pointer
use empty_shunk, when empty!
commit 6858bfa77351776e81aa7614576fa6ea935c8516
Author: Andrew Cagney <[email protected]>
Date: Wed Dec 4 15:09:17 2024 -0500
ikev2: drop IKE parameter to emit_v2N_spi_response()
use md.sender in log message instead;
also clarify that SPI could be NULL
_______________________________________________
Swan-commit mailing list -- [email protected]
To unsubscribe send an email to [email protected]
