[Swan-commit] Changes to ref refs/heads/master

Paul Wouters paul at vault.libreswan.fi
Fri Dec 6 03:57:54 EET 2013


New commits:
commit 34f59bd644589ed387b1a5fa71a782fcca1af61c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:55:51 2013 -0500

    testing: Added testparams.sh for all strongswan test cases

commit 146649242b96f1410975c755bfa5e7ac3bdcadbf
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:55:18 2013 -0500

    testing: update to ikev2-delete-01 - but not fully functional yet

commit c577b07f2cc921bf94dd51e485240412d1195e92
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:49:43 2013 -0500

    testing: updated basic-pluto-06 (serpent esp) testcase.

commit 03d107ec26109ab66e1484eac834ec5dfcd4bbaa
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:48:09 2013 -0500

    netlink: Debugging line about xfrm_algo type was using loglog()
    
    Resulting it showing on the whack prompt.

commit 491e234410e4a4db5155afc1a2b79b46390375c4
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:29:24 2013 -0500

    testing: fix sanitizer to not cut ipsec/parent SA algo/ciphers
    
    We used to cut out half the line, losing the encr/alg/keysize logging.
    
    This will cause some testcase output differences that will need to get fixed.

commit de20306c1db5834b459792bc00d64c9315aec7ab
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:28:36 2013 -0500

    alg_info: Don't add GCM salt in parser_alg_info_add()
    
    Also removed some goto statements

commit 524ce40b3370be98f2b4f9f01b7f83f925891596
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:25:19 2013 -0500

    IKE: Remove GCM salt in kernel_alg_db_add(), add to IKEv1 compute_proto_keymat()
    
    Renamed kernel_alg_esp_enc_keylen to kernel_alg_esp_enc_max_keylen,
    which matches what the function actually does. Remove the AES exception
    for not using the maximum (256) but a hardcoded 128.

commit fe50a76e9701dbbeb50d294f0d126fb47b35c798
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:22:35 2013 -0500

    whack: change --debug-klips to --debug-kernel to match pluto args

commit 909c15573e0d9551ea7c8ad3516ce6b3e893e224
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:21:09 2013 -0500

    IKEv2: Allow GCM proposals without INTEG, improve logging
    
    Ensure an integ none transform cannot be in a set with another integ
    transform. Ensure GCM has either no integ or integ non transform.
    
    Added ikev2_enc_requires_integ() for some deduplication of code.
    
    Fix logging in spdb_v2_match_child that swapped "failed/success"

commit 97f6b9d930b6b8b67f9bc0c31215874d0c7cdc90
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:20:27 2013 -0500

    IKEv1: remove addition of GCM salt bytes, de-uncrustify some mess

commit 8e2013f667d3ee40d219bebd93f641b6cbbdb650
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:19:52 2013 -0500

    xfrm.h: sync up with latest kernel version (adds XFRMA_SA_EXTRA_FLAGS)

commit 1edbaca1c539ef5fd31c6865d9e16a0da44a1b28
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:18:45 2013 -0500

    netlink: Rmove addition of 4 bytes of GCM salt - improve debugging
    
    Log registration failures for esp and ike (CCM/GCM register calls are here)

commit fd8c7cd568047ab397d685cf53711ed4d20c66ec
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:17:39 2013 -0500

    kernel.c: setup_half_ipsec_sa() add GCM cases to add 4 byte salt
    
    Also remove a bunch of debugging errors in favour of a passert()

commit 47895de58b579ee13865cc92bdc3654e9f7cfbbb
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:16:28 2013 -0500

    IKEv2: abort failed IKE without a bodged continued attempt to build a packet

commit 0e451a825793e478bd1b00358011a78bf8ca9b9a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:14:00 2013 -0500

    IKEv2: add GCM salt addition to keymat size in ikev2_derive_child_keys()
    
    Note instead of the old solution of changing key size from the configuration
    or negotiation, we only change the keymat size. It's much cleaner than hacking
    the key size all over.

commit 31dd604cc54005de1839499bcf2546faf460f4db
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:12:43 2013 -0500

    IKEv2: Added ikev2_sec_proto_id enum, moved AES defines, added comments

commit 1ace75f64622127572ed7ede06ddae9269753a13
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:08:45 2013 -0500

    testing: improve sanitizer for strongswan

commit 85aaad685ff2e6f36e893477a7e632fcdacca0d7
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 20:07:38 2013 -0500

    testing: added interop-ikev1-strongswan-04-psk-aes-gcm which passes

commit ecffe00c65c51289044eef4c0810576c8735c2a1
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Dec 5 19:30:32 2013 -0500

    testing: interop-ikev2-strongswan-09-psk-aes-gcm passes



More information about the Swan-commit mailing list