[Swan-commit] Changes to ref refs/heads/master
D. Hugh Redelmeier
hugh at vault.libreswan.fi
Sun Jan 19 04:33:07 EET 2014
New commits:
commit 28bacb320e269ce5385af4d469d66a37e8bc29c2
Merge: fc72cb6 262ac3a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 21:28:37 2014 -0500
Merge branch 'master' into xauth_2014jan12
Conflicts:
include/constants.h
Unnoticed conflict:
programs/pluto/defs.h
commit fc72cb620772c105aa4fa0cc024ff23ebb367e38
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 21:11:39 2014 -0500
delete misleading leftovers
commit 0e402c916f2cd60f6610534cb75f66d6fdc2dd15
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 21:10:48 2014 -0500
make memeq macro safer
commit 92d7f586df864e9f60e4e9bc1e27543a9a405b8b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 15:51:55 2014 -0500
Get rid of pointless "volatile" (Coverity scan).
Redo some of the variables that were volatile
commit bf1cb7db10892ffec23f8baaa488c778bdc8cc7f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 15:35:57 2014 -0500
Extended jam_str and add_str to inform the caller of truncation.
This would allow callers to handle that case (but none of the 50 do).
Inspired by OpenBSD's strlcpy(3) and strlcat(3).
commit 7cd53e92abcc09e6a9540f8c31e3b1eea24e18dc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 09:33:27 2014 -0500
tidy certificate handling
commit 11ef11546719a64d6889b85bc3d060a22b2dd87f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 09:30:45 2014 -0500
make storage class of definition and declaration match
commit 1684db1d347040ce17f2cf96271f67788925db66
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 08:38:50 2014 -0500
load_cert: elimiinate unused support for forcedtype, a significant simplification
commit c3bd0f721b9e588dde3df6ec974555d93a183a2e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 08:29:13 2014 -0500
handle file I/O errors in load_cert
commit 1127e4ccd5dfe24025672243194abed0c0ea284a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 08:27:16 2014 -0500
fix memory leak in alg_info_ah_create_from_str() error case
commit 782c053cd756adf49f6fe135f26349437163b7b0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Jan 18 08:25:59 2014 -0500
Simplify alloc.c code.
commit 786b0b433c09198ac4b49e26f7c811ace20e26e6
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Jan 17 21:20:35 2014 -0500
- introduced add_str() to do what coders mistakenly think strncat() does
- replaced many uses of strncat(), often bogus, with add_str()
- replaced a few of the remaining uses of strcpy() with jam_str()
- fix many questionable uses of st_xauth_username
many uses of strncat were bogus; so too with a couple of remaining uses of strncp
commit d4c0ccdeeebada66210908a9cbcc610075e2e4fb
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Jan 17 11:44:26 2014 -0800
testing: updated testing/pluto/ikev2-12-transport-psk
commit b5513657dad6cc6e6c7497809027e94d1626b1df
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Jan 17 11:43:06 2014 -0800
testing: WIP update for nat-transport-02
commit b725e555e9ff623bfb24e39342876f1a88885f97
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Jan 17 10:56:12 2014 -0800
testing: add netcat to kickstart files
commit 9d44cdf21d725cf3907b996ad7089d68db3ba74b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Jan 17 02:22:45 2014 -0500
fix misuse of strncat (odd function that)
commit c8f1afe3c44ad8b22ab069fdf053cb1ba18c9827
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Jan 16 23:29:29 2014 -0500
alg_info.c:
- fix bug introduced in 8ca36783dd35b6ce7575a36dfa59e9ccb4deab9a
- get rid of gotos
- tidy
commit b1a7fb3ef16b297ce58dfbe90ebb1cf888f40ef9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Jan 16 22:44:51 2014 -0500
- Unify alg_enum_search_prefix and alg_enum_search_ppfix as alg_enum_search
- tidy alg_enum_search
- fix incorrect comments in programs/pluto/plutoalg.c
- get rid of some more gotos
commit 17f64e6347ca1493a6702402d4b6da702f772261
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:46:24 2014 -0800
testing: updated interop-ikev2-strongswan-09-psk-aes-gcm
commit eefb60f94f8a9f066135f53c8a9d53910b5472f1
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:46:07 2014 -0800
testing: updated interop-ikev2-strongswan-09-psk-aes-ccm
commit 38a9fd28a0a62d106212b41dea6978ada41271eb
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:45:47 2014 -0800
testing: update interop-ikev2-strongswan-07-strongswan
commit db2a192b2baa65d08defc9bb6d54f71aa74d62ce
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:44:51 2014 -0800
testing: fixup interop-ikev2-strongswan-08-nonat
commit 6f60dcabc0af6b7e7a5445099eb6eb65a0fd700b
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:44:19 2014 -0800
testing: fixup interop-ikev2-strongswan-06-aes192
commit e4307b6fee86b9dbcca92896062567c2dfd47094
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:43:41 2014 -0800
testing: updates interop-ikev2-strongswan-05-psk-md5
commit 0b6ba231501350c1ba0ce25882ede64b68017795
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:35:25 2014 -0800
testing: fixup TESTLIST
commit f87ff1eea04eb482c7ce64787a518b33a3591927
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:27:02 2014 -0800
testing: updated strongswan sanitizer for 5.0 -> 5.1.1 output
commit 6c716b87ca1802b40dd6c892ae8e68ef169f3b8f
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:07:06 2014 -0800
set date for changes
commit 091ac9974f3c0a39218584e48361b6896801b4dc
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:02:50 2014 -0800
testing: large chunk of test case updates.
commit e162566cc8cc5cc742f35ae1e4c3b6297d6673e2
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 23:02:41 2014 -0800
updated changes
commit 556a99d72a49393ab69f5ce898e95cb0b9a1e493
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 22:37:17 2014 -0800
testing: swan-prep now runs iptables-restore /etc/sysconfig/iptables
On fedora 19 I experienced a bug where the "stop" command for the
iptables service/systemctl system is missing. This works around it
by calling iptables-restore directly.
commit ba07ac7177b316f1b1cde230d228917ca1ce2907
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 22:36:44 2014 -0800
pluto: added and fixed typo in debug line
commit d1ef40a632e162c3e1c786a59e93a4cc590439de
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 22:35:56 2014 -0800
pluto: fix a debugging line for displaying esp information.
We don't know why the extra set of { } is needed. But it fixed a
displaying bug.
commit 4018e7d897adc7a11006eddad5211bc1670d830c
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 22:35:07 2014 -0800
pluto: Handle "sha2" as alias for "sha2_256" for esp= as well
commit 33bc84361365d4fd3b7affa5d2b29fe91bb6fd6c
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 22:34:14 2014 -0800
testing: fix host-ping-sanitize.sed for new ping use of "seq" instead of "req"
commit 4a3f7d1389c191a9707f9b4dd13076fdbe56e7af
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 20:37:26 2014 -0800
testing: function name to skip a test is "skiptest" not "skip"
commit 8734221430e413662ffa165de7e48152264eb814
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 20:16:51 2014 -0800
testing: added systemd fixup to suppress "vaccuming"
We sometimes see:
[ 00.00] systemd-journald[135]: Vacuuming done, freed 0 bytes
This strips these potential lines from the console output
commit a70894df29a2177bd1bf4c64126a127df4b3e023
Author: Antony Antony <antony at phenome.org>
Date: Thu Jan 16 02:43:24 2014 +0200
testing: fix synax error
commit 4d4df4af38dd873273ff52ba7458cd7671ad600c
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 14:42:04 2014 -0800
testing: added ikev2-15-fuzzer
commit 4148c24698be6c4ae8282160db424ca9cb211317
Author: root <pwouters at redhat.com>
Date: Wed Jan 15 12:07:39 2014 -0800
testing: add sanitizer for "ipsec: module verification failed"
commit 7451260268ed524c24eb443a364b7bcb81c9ce41
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 11:40:03 2014 -0800
testing: incomplete update for ikev2-13-ah
commit ca850152f2850bb2c912e1058a708958a6ccc15f
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 11:39:33 2014 -0800
testing: updated output for basic-pluto-01
commit bdd990e23901b848e148cefbbfdbc12187e72197
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 11:38:27 2014 -0800
IKEv2: Some more logic to support AH.
commit acba60b200539d99da2b4716ec96e3298c3d34e9
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Jan 15 11:33:48 2014 -0800
ietf constants: added PROTO_v2_AH and PROTO_v2_ISAKMP
There is some code duplication here that could be removed and/or turned
into enums.
commit 3e17703f428fca88bb86ee00e9e9c1712b542094
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Jan 15 04:15:11 2014 -0500
- fix fix to programs/pluto/plutoalg.c
- get rid of some whitespace mistakes in source code.
commit 78d30c3e28fadd3981de02d4bc9e7926ffa314dc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Jan 15 03:44:33 2014 -0500
Change DBG_* and IMPAIR_* flag processing to allow many more to be added.
Note that the actual lset_t representation still limit these to 64.
commit e0c9fcbefe38add4d228aecd2f0d511288ee4532
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Jan 14 14:08:14 2014 -0500
tweak xauth.c comments
commit 29dd476e7672a341cd7153aa10f09573b3db5de2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Jan 13 16:54:50 2014 -0500
Use memeq() and zero() where appropriate
commit 61df410705438a72e145ef23083164892ede22c7
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 17:10:32 2014 -0500
testing: switch nat-pluto-01 back to klips
commit 9e179a607fe40c1006eaf44a0e60f8e120f6f3df
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 17:09:33 2014 -0500
testing: added interop-ikev2-strongswan-12-ah-initiator to TESTLIST
commit f0b413006f864c20b3f995ba6afcdf23c566905e
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 17:06:32 2014 -0500
testing: fixup nat-pluto-02
commit 8535160d38ce16cdc3fd5790e3b40b62b335b0f9
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 16:46:10 2014 -0500
testing: ensure nic has no default route
commit 9a0e563a933c37e1a6007c3a8b5b0fac299f78f8
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 16:45:39 2014 -0500
testing: fixup nat-pluto-01
commit d9a7052f3d54789452770823a57fb25fe9df1f42
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 16:16:39 2014 -0500
testing: ensure nic has no default route in baseconfigs/
It should only have a default route when we connect it to the internet
using eth3 (which has dhcp and should give a default route)
commit 015e26612d9bde9a5c7646a5aaa96ad41031e6fd
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 15:43:39 2014 -0500
testing: swan-install support for sysv disabling ipsec on boot
commit e442ac808f124d58ef0c7a912e613022f60d4c66
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 15:38:58 2014 -0500
testing: swan-prep: fix double issue of net.ipv6.conf.all.disable_ipv6
I assume the 2nd entry was supposed to use net.ipv6.conf.default.disable_ipv6
commit 301be8cd41e307277616fba16c28327545e82559
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 15:32:39 2014 -0500
testing: remove unused swan-init cmd and links in kickstart files
commit 16c837adf5c43bbf93cd250d241d96d82f4ed9cd
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 14:34:45 2014 -0500
testing: swan-prep disable service keyword is 'no'. Always create LOGDROP
commit 043a63e89a6587580ff5ceff345929ba18394ee9
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 13 14:14:10 2014 -0500
KLIPS: ifdef out unused pfkey_spirange_build() and pfkey_x_kmprivate_build()
commit 304ee0f27d05525090952955e3caf5cadd15275c
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 20:06:02 2014 -0500
testing: kickstart add install of bind-utils, net-tools and rpm-build
commit c43551ac1eb3366c438fa98286ccf362e13be330
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 20:01:17 2014 -0500
testing: disable firewalld (introduced post f17)
commit 943681929ad81f6343865a916d9619e8bd5d6750
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 02:18:45 2014 -0500
testing: wait slightly shorter on VMs to boot
commit 05f477c52d1b638157a53a10de7388530ca5e54a
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 02:18:29 2014 -0500
fixup alg_info.c
commit 5e5817fd2226b36da2a99035f6902ba6f97ef90c
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 02:09:47 2014 -0500
updated changes
commit 6d14e6fd38b24c8e7c4367db3195e86b732ea88d
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 02:07:44 2014 -0500
testing: about 25 test cases updated
commit 9639c67be37a10570086c31bc2fd3b5ba39b34d3
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 01:45:24 2014 -0500
testing: fixup a ping command output
commit a66bb320e35f171037f90dd302baed6f2f30691c
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 00:39:58 2014 -0500
testing: the classic OE conns in config form (unused, reference only)
commit a7560a9bfe96293cfd9db46faab27e3d060626ac
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 00:39:10 2014 -0500
regenerated man page
commit 9a894c028764ab0dd92e201c5e7cc881c08143e6
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Jan 12 00:38:35 2014 -0500
testing: swan-prep runs restorecon on SElinux based systems.
This avoids some audit warnings
commit 652a223ba7b19e9092d80d7c90609a5c46588631
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Jan 11 23:46:57 2014 -0500
pluto: sha2 -> sha2_256 alias handling. Also allow null auth
(needed for IKE AES GCM/CCM later)
commit 9ee89c4d3297c7ecfff4bf04a514037d7e909e24
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Jan 11 23:46:19 2014 -0500
added comments
commit 1f6fbf0c39367f6247e34183603ae3657147f09d
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Jan 11 23:43:21 2014 -0500
pluto: allow esp=idXXX similar to auth and modp
commit 3d205b5a1a048b3a7f1ce177c87874c28a2fc5b9
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Jan 11 16:44:37 2014 -0500
plutoalg.c: Remove a goto
commit 69caecc522448a4c36d679d0f3ca48c0864b2182
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Jan 12 00:49:13 2014 -0500
Partial cleanup of xauth code:
- add comment bloc describing multithreading hazards
- add const attribute to "conv" to make clear it isn't a hazard
- reduce scope of some variables
- eliminate get_internal_addresses' pointless return value
- clean up get_internal_addresses internally.
- fix return type of do_pam_authentication
- simplify do_pam_authentication locking, eliminating a bug
- fix return type of do_file_authentication
- fix tangled and incorrect error handling in do_file_authentication
- fix description of password file for do_file_authentication
- implement optional connectionname field in password file
More information about the Swan-commit
mailing list