strongSwan

19.07.2019

16:20 strongSwan Issue #3128: maximum of Security Associations

> for ikelifetime and keylife I put the same value is what is problematic
No, the margin is probably large enough ...

15:32 strongSwan Issue #3128: maximum of Security Associations

> i see log at 10:36 IKE SA rekeyed but not CHILD_SA établished
The CHILD_SAs should not be affected by IKE_SA re...

14:26 strongSwan Issue #3128 (Feedback): maximum of Security Associations

> i'm coming back to you to see if there's a maximum number of ipsec Security Associations
There isn't.
> at th...

14:25 strongSwan Issue #3125: IKEV2 linux to linux VPN connection support

> we are using the rightsourceip parameter because we want to set-up a VPN connection from two linux node then we nee...

11:43 strongSwan Issue #3125: IKEV2 linux to linux VPN connection support

Seems you are misunderstanding the purpose of _left|rightsourceip_, please read [[VirtualIP]].

18.07.2019

14:30 strongSwan Revision 2d70280d: memory: Use explicit_bzero() as memwipe() if available

memory: Use explicit_bzero() as memwipe() if available

09:25 strongSwan Issue #3123: ESP rekey fail because of TSi from initiator.

> Why does strongswan v5.7.1 narrow TSi (in CREATE_CHILD_SA request payload) to the virtual IP?
> It's different beh...

17.07.2019

14:20 strongSwan Issue #3121 (Closed): make fails "/bin/bash: line 1: -N: command not found"

11:44 strongSwan Revision 05e3751e: fuzz: Support build with -fsanitize=fuzzer instead of libFuzzer.a

fuzz: Support build with -fsanitize=fuzzer instead of libFuzzer.a
Recent clang versions (6.0+) include libFuzzer and...

10:39 strongSwan Issue #3123 (Feedback): ESP rekey fail because of TSi from initiator.

> Is TSi value from my device(strongswan v5.7.1) spec out?
What do you mean?
> Should it be same or larger tha...