[Swan-commit] Changes to ref refs/heads/master
Antony Antony
antony at vault.libreswan.fi
Thu Oct 2 08:20:17 EEST 2014
New commits:
commit c3aa6f799f98d807e516bdefe502cdd0f0990b63
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Oct 1 23:25:09 2014 -0400
testing: add comments to dist_certs warning about repeated commonName (bug?)
commit bda3a982e9d8057a3dcfdd485d48205550639753
Merge: cada926 8fc966b
Author: Antony Antony <antony at phenome.org>
Date: Thu Oct 2 01:08:02 2014 +0300
Merge branch 'hugh-2014aug' of vault.libreswan.fi:/srv/src/libreswan into hugh-2014aug
commit 8fc966b2d43f5577871df6c635edf1884e9d3fc5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Oct 1 18:02:45 2014 -0400
testing: fix dist_certs:
- make date calculation simple and correct
- improved detection of missing commands
- add "set -ue" to make the script more robust
- as a consequence, it became evident that several
certs were generated twice. As an expedient
we applied b0511b9817f8262ef1f5715066caa96c60e12e52
to paper-over this problem
Thanks to Matt Rogers and Antony Antony helping a lot!
commit b0511b9817f8262ef1f5715066caa96c60e12e52
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Oct 1 17:57:33 2014 -0400
testing: work around probable bug in dist_cert
Thanks for Matt Rogers and Antony Antony figuring this out.
commit cada926efcaa89eebf8011500c7b746b9e7b4ba1
Merge: 7d99e77 5a63a7a
Author: Antony Antony <antony at phenome.org>
Date: Wed Oct 1 23:22:19 2014 +0300
Merge branch 'master' into hugh-2014aug
Conflicts:
testing/sanitizers/loopback.sed
commit 7d99e773cb545c7ec92b86048ae1e977a8a11cb6
Author: Antony Antony <antony at phenome.org>
Date: Wed Oct 1 18:38:01 2014 +0300
testing: re-sanitize pid
commit fbeedde1bb2ea5fd3d946a58f53b8fc4bbf11df7
Author: Antony Antony <antony at phenome.org>
Date: Wed Oct 1 18:31:13 2014 +0300
testing: removed duplicate pid sanitizing. Use command specific pid sanitizer
commit 8ac0762e0adb5f9e0958d79bcaa568de6c3b1a2d
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 25 21:25:43 2014 -0500
testing: be more specific when sanitizing tcpdump pid
commit 99ce6e663c7067acde3bdb282a73cd47a36c8479
Author: Paul Wouters <pwouters at redhat.com>
Date: Tue Sep 30 14:25:51 2014 -0400
testing: add console file
commit 00c3d496755f67214651ee647fa5cde26a191578
Author: Paul Wouters <pwouters at redhat.com>
Date: Tue Sep 30 13:48:05 2014 -0400
testing: adding two secrets files for x509-pluto-03
commit 482db6572a1977a3a17f83314cb256aae2bffec8
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:22:42 2014 -0400
testing: updated x509-pluto-02 init.sh. output needs updating
commit 56b95b10f55cb6ff53ba94a04267acbf7e34e3b1
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:19:11 2014 -0400
testing: deleted obsoleted test x509-pluto-08
It tested bogus pem files, which we no longer support. NSS does
the work for us.
commit cafb3cba67f6863bbf3f7e2470643e2527418846
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:16:30 2014 -0400
testing: fixup compress-pluto-01/description.txt
commit b41855f0c670979c8f78fe8e134323b16b280cf0
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:16:01 2014 -0400
testing: deleted some obsoletes aggr-pluto-03 files
commit 3eb71ee012befaca3989f171f4225357730c853a
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:15:26 2014 -0400
testing: add new files in agg-pluto-0[123] test cases
commit 5dc784e43844b9e1e84795b06534d7603c0c6015
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:13:42 2014 -0400
testing: updated TESTLIST. enabled aggr-pluto-0[12], made 03 wip and deleted 04
commit 7992532f99b6f400119664a9a3d16d63997efaba
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:12:40 2014 -0400
testing: updated tests aggr-pluto-0[12]
commit 82e0e85ff316e653addafa0b3fdc358a269ed3b3
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 18:11:41 2014 -0400
testing: WIP: added x509-pluto-04 to test CA mismatch
commit 685c5305c1a40437a7706846a234934b00098c08
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 16:49:39 2014 -0400
testing: removed aggr-pluto-04-cookies
This seems like a test to implement DCOOKIES in IKEv1. That never
happened so this test cannot test anything and has been removed.
commit 67afe5489e1b757e0273a845a3e881ad7bd4d8a2
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 15:31:27 2014 -0400
testing: enable test x509-pluto-02
commit b1abc49d134dacc8fef508891def37ad94eae655
Author: Antony Antony <antony at phenome.org>
Date: Mon Sep 29 18:50:42 2014 +0300
testing: replace spaces with a tab introduced in 83fb5baec
commit 83fb5baec63fa6f0795aaf4df325b633f41470eb
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:53:03 2014 -0400
testing: ikev2-18-x509-alias slight tweaks in config file
commit b02819f3e13417c98b13da6af2f12b0b01c2895a
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:52:36 2014 -0400
testing: updated ikev2-algo-06-aes-aes_xcbc (code needs a fix still)
commit bccb0ae1b4c3328d586c1788a69a6684c615f410
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:22:58 2014 -0400
testing: updated dscription of test
commit a974fb7d978fae7949924033cc97cd720501ca62
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:21:24 2014 -0400
testing: changed ikev1-cryptoload-01 slightly to cause less variance
We only show to number of tunnels after the final 10s wait.
commit 853272b4e3cc29712184786da2c5253f0ea8f65c
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:14:19 2014 -0400
testing: added reference output for ikev1-cryptoload-00
commit 7e79eb75dfb6483ff2f8aa2582aeec3e98b8299f
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:09:05 2014 -0400
testing: ikev3-12-x509* update reference for efence banner disabling
commit 01b9980388cde9a094d16c3d2a58b3b30729073a
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:08:42 2014 -0400
testing: fix ping in basic-pluto-03 and update reference output
commit 13b8a0a033d53084f8307d661df59eb19667f873
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 00:28:40 2014 -0400
testing: update reference output to use new ping -n
commit cadd5d0cdf7c9b6b929706ee5143a3486541e83c
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 00:24:48 2014 -0400
testing: change ping commands to alway use -n (no dns)
commit 1ad580a56d462e8d913fc63385b3b6b30e869b45
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 00:18:26 2014 -0400
testing: ah-pluto* tests no longer call ipsec status
commit fdf454b09db7e0e303de93fdf8765db6ff1efb56
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 00:06:54 2014 -0400
testing: algo-pluto-04 fail faster with impair
commit 336fb1b864128352af22d0ab4d5001a8b59042f2
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 10:44:28 2014 -0400
testing: when make check runs with UPDATE*=1, regenerate all certs
commit 4e8bde34ffda7c0765d5abe754b6261ff1e374d4
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 00:00:32 2014 -0400
testing: psk-pluto-06 was missing left= entry
commit a9e52f24e0e4cca60816a5c89fd788f16240b360
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Sep 29 00:00:10 2014 -0400
testing: ikev2-major-version-initiator no longer calls ipsec look
commit 82d41158967a774f8c112cc9b60dcc6e79b3bb7e
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:59:30 2014 -0400
testing: updated ikev2-18-x509-alias config and output
commit b8374bbcdd9824445d750941ae38475794ab5bd6
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:58:05 2014 -0400
testing: updated ikev2-18-x509-alias test
commit 97dc8b5d7db87354fc35a4ead35a6a929e919f56
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:57:35 2014 -0400
testing: update reference to ikev2-17-rekey
commit 1bc0dbe7e38959e4f55eeecfcd47a603b7a36872
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:57:08 2014 -0400
testing: update reference for compress-* tests
commit bbd14cab2a05ef0c661af047d9d1422e2ecd0881
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:56:03 2014 -0400
testing: update reference od dpd-02-reverse
commit c60ce018d05c3d5442e9aa1c832a2232201e4309
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:54:37 2014 -0400
testing: update reference for basic-pluto-14-klips-route
see description for possible packet leak
commit 9847ff13ad82cba35cf393cdb697b653067c8c3a
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:52:04 2014 -0400
add comment
commit 1344a28687dbaef985cc9d7c42c8cdfa50e9109f
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 23:51:26 2014 -0400
testing: changed some tests wip->good and bad->good
commit c8a0d84c594605146c1b0a0ee497aef79403fbc8
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:57:34 2014 -0400
testing: disagle efence banner
commit 2c49ed3de02aaf94f8a439bd481aaad9891a4ac2
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:56:59 2014 -0400
testing: disable efence banner
commit e98cdf578c1e67aa61f9cb0a8e1760dd224a4d16
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:56:17 2014 -0400
testing: disable efence banner
commit 4a913de37ac24126c792ad2e5f430a828f2e7a09
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:42:45 2014 -0400
add baseline to trigger error
commit 9569977c31910e18756f29c9af696002c61f0701
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:24:33 2014 -0400
testing: fix testcase basic-pluto-13-netkey-route
note that it does show an unexpected hold/trap for the trigger packet:
src 192.0.1.254 dst 192.0.2.254
proto esp spi 0xSPISPIXX reqid REQID mode transport
replay-window 0
sel src 192.0.1.254/32 dst 192.0.2.254/32 proto icmp type 8 code 0 dev eth1
Are we supposed to delete that?
commit 55a2a23f824490b4d866f95ee7e72987d258533c
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:16:55 2014 -0400
testing: updated psk-pluto-02 (but reference needs fixing still)
the reference output is garbled at the end because --impair--retransmits
does not release the whack, so we still suffer a time out and a ctrl-c
and text flow issues
commit b4e5851fa2939ace0da9bed798ea599e33ae127f
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 15:08:33 2014 -0400
testing: basic-pluto-13-netkey-route update
add protostack= so we get what we think.
update reference output
add auto=ondemand to west.conf
commit 4a8b325f77c56042b45a28757ad8d0fc368898f7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 28 21:23:11 2014 -0400
pluto: separate SEND_V2_NOTIFICATION from SEND_NOTIFICATION
commit fc0871bf51a428e011cef8c564b08910bd838552
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 13:24:01 2014 -0400
alg_parse: another fix for my code change from the last two days
alg_info_ah_add() should not use the aklen check (introduced friday)
parser_alg_info_add() was missing break;s in the newly added nested
switch statements causing unexpected failures.
commit 32bc93c3c17b83b3c430adf4e2923e0df502a432
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Sep 28 13:23:06 2014 -0400
testing: updated lib/libswan/algparse test and reference output
commit d28d667677a2cbe1fd8e8e3360cd28a0e609a75b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 28 12:06:14 2014 -0400
apparently IPSec is wrong and IPsec is correct (RFC 2401, for example)
commit dc4846485c00e0f0ef82cbc8394b44e3541dd412
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 28 12:02:22 2014 -0400
apparently DNSsec is wrong and DNSSEC is correct (RFC 2535, for example). DUMB.
commit 878c25d64f837545cc6f4e0b68419759524075d1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 28 11:55:54 2014 -0400
apparently IPSec is wrong and IPsec is correct (RFC 2401, for example)
commit 5118ccdd84c2e5458c7f21ce04ded8f211f4a6fb
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 28 10:58:14 2014 -0400
pluto: fix 9cb6cd0bac8e799853074661262d4c08d011f8d8
st can be NULL in complete_v2_state_transition(*, STF_OK)
commit 9cb6cd0bac8e799853074661262d4c08d011f8d8
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 28 01:03:52 2014 -0400
pluto: clean up complete_v*_state_transitions and related things
- rename struct state's st_reserve_msgid => st_msgid_reserved (more accurate)
- clean out unused fields of struct state: st_doi, st_situation, st_childsa
- moved some struct state fields to more appropriate places (e.g. v1 fields
with the v1 group of fields)
- consistently spell /* FALL THROUGH */ and delete any following empty line.
- in complete_v*_state_transition, carefully handle cases where mdp
might not be meaningful
- in complete_v1_state_transition, only accept info from VIDs if STF_OK.
- in complete_v2_state_transition, change case STF_TOOMUCHCRYPTO so that
it no longer falls through into case STF_FATAL. I think that this was
a bug. If not, then the corresponding code in complete_v1_state_transition
already had this new bug.
- success_v2_state_transition didn't need a struct msg_digest ** parameter;
struct msg_digest * is enough.
- in v1, a msgid of 0 is properly called v1_MAINMODE_MSGID
commit 476dc86eb2ad8aa2c2baced821d64c7a16975932
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 23:24:55 2014 -0400
testing: ah-pluto* simplifications and psk-pluto-0 update
commit 6da53db07984cf066866140e6f52b1df1502692b
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 23:24:24 2014 -0400
testing: added more tests in testing/lib/libswan/algparse.c
commit 97a3fd1cdb0554b6d45fcff7208fa77540fa2156
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 23:22:16 2014 -0400
complete parser_alg_info_add() error handling for bad ciphers
This fixes yesterday's fix that broke 3des and covers more illegal
combinations such esp=aes_gcm-md5, ah=aes_gcm and properly fixes
ah=null taking into account the "ah=null" INT_MAX hack.
commit 91c4c9882d9742fd02b5aa834698177bfba84e29
Merge: 35074d0 31e3714
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 27 21:03:04 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit 35074d00f0307454bed31de3e5ccec941efa8364
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 27 20:48:24 2014 -0400
tweak swantest
- "./" at the start of a filename is redundant (unless it is used as a command)
- trailing whitespace is redundant
- the % operator is easier to read when surrounded by spaces
- fix some grammar and spelling
commit 31e37140bbd227161981c6f7727b7e77bd460a22
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 27 18:19:55 2014 -0400
pluto: with a heavy heart, delete enough "const"s to quiet the compiler
commit 563589ae030b250f430ce88bc1da21e9430586eb
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:36:54 2014 -0400
testing: updated passthrough tests
The firewall rules were incorrect for some cases, causing it to
block unencrypted passthrough traffic. Also the pid sanitizer
changed.
commit b1d9a1bffc5380bbf6635d59e71d47d9e7c7e954
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:36:16 2014 -0400
testing: updated nat-transport-02 for changed pid sanitizer
commit 673f8beccd160caa5ab843c314f007690cbf6a7d
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:35:19 2014 -0400
testing: updated reference output for major/minor version numbers
The error handling changed slightly, so the output changed
commit dd141189d0de535864ddd1a64d938aa8a9877293
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:33:34 2014 -0400
testing: simplified algo-pluto-07
no need for anything on east or west pinging whatsoever.
commit 123f339f518d1396e968761ec187051ee94ffa76
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:32:57 2014 -0400
testing: nat-transport-02 is now good
commit 8a8cdc59a862c5a84f0be102111bed74aaa61167
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:31:59 2014 -0400
testing: change log message from "esp string error" to "phase2alg string error"
commit 0b12575633948f900016a5431494ce139a86e3d7
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:31:13 2014 -0400
log message: change "esp string error" to "phase2alg string error"
These appear for esp as well as ah
commit 4fffa41119fb9645387bc3715ce80f1751cdad83
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Sep 27 00:28:31 2014 -0400
alg_info.c: do not allow ah=null as a valid phase2alg for a connection
Such connections willl no longer load
commit 6ed8e22e9010b664da1a52bdf689d677f6cfc297
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 19:25:29 2014 -0400
testing: updated reference output for l2tp-0[12]
commit 5b651740fc7e279955cbb665e698dd49bc3e9394
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 19:24:12 2014 -0400
testing: update reference output for dnssec-pluto-01
commit 95e6fd6566fe9b68a5bc1846ab670b41d94b7504
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 19:23:46 2014 -0400
testing: fix testtype for compress-pluto-netkey-klips-04
commit c342fbb0d4d91853d80c82bd97ba94de8923c83d
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 19:22:38 2014 -0400
testing: updated compress testcases
note that compress with netkey does not properly show traffic
statistics on down, because we didn't ask the kernel for "IPCOMP"
commit 8c4bb4200e6e332b6c029fddf316a25eb42f0105
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 19:04:21 2014 -0400
update addconn bug description in CHANGES
commit 784b4481340280ac4fd381a6cc542b419e585806
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 19:00:03 2014 -0400
updated changes
commit cf923bd729b34e529ac591a76baa716a98a0cb96
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 18:57:42 2014 -0400
* NETKEY: don't trust PF_KEY API to tell us about IPCOMP support
pfkey_register_response() does not register an entry for
msg->sadb_msg_satype=10 to indicate IPCOMP, so we override
detection. Seems the PF_KEY API in Linux with NETKEY/XFRM
is not worh using at all. (previous lies discovered are for
algorithms supported and not announced as well as algorithms
claimed supported for which we called rmmod/rm)
commit c80413ffdc04a3f19e1ced07baa7163b23c0eeb9
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 17:34:09 2014 -0400
testing: consolidate pid sanitizers and add to default list
commit d6c1a6350d47016b12c436566ccb6039dfc62f8d
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:54:30 2014 -0400
testing: add missing consoles for algo-pluto-04
commit 1635c603b57e1755e8af3140481f6acc72543b5e
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:53:46 2014 -0400
testing: add wip interop-ikev2-strongswan-17-delete-sa-responder
commit fb4ed937c9ff6cad8b277bb3cf2270d1a42e8269
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:43:20 2014 -0400
testing: change some wip -> good for strongswan tests
commit cc53d81d777960b1c946e51121b916b1d86e18ae
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:42:05 2014 -0400
testing: updated strongswan tests - mostly due to strongswan 5.1.* -> 5.2.* changes
commit 97de0a15daa410388d028ec268d43c10eb1631a3
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:27:52 2014 -0400
testing: interop-ikev2-strongswan-10-nat-initiator fix iptables rule
swan-prep must be called before trying to use the LOGDROP table.
commit 9e01481f471c75ebf66e9afcf254d33536a835b0
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:12:14 2014 -0400
testing: interop-ikev2-strongswan-14-delete-sa updated
output changed due to updated strongswan version
commit e5f4b98ec0e35edc56e57c1d44a3e55aba672344
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 26 12:10:11 2014 -0400
testing: fixup ikev*-isakmp-reserved-flags-* tunnel identifiers
1001 -> 1000 due to a code cleanup
commit 3cd7ac107bfeaa41ada73a4ec00f88557610c8af
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 01:50:53 2014 -0400
pluto: poke at update_retransmit_history
- remove mentions from v2 code (the problem is handled differently in the protocol)
- give it a clearer name update_retransmit_history => remember_received_packet
- fix bug by making routine idempotent
commit ab3070aaccb53147593066bc8d5e3c5088b38995
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 01:18:27 2014 -0400
pluto: eliminate three redundant calls to delete_event
commit 50c6591900090a3b2090c4599c972fab4770ec44
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 01:15:08 2014 -0400
pluto: crypto helper: remove 13 copies of a useless test (leave a passert)
commit a0047d353e1a3a4ebc030c8676bd6f352983f668
Merge: 8c2b833 20811cf
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 01:06:57 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 8c2b8332536402465c3195c0cda9a19e0ee29bb3
Merge: 87df398 267c7a0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 01:05:55 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit 87df3981a125b83a3e89839cda1089dfbd138623
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 00:30:50 2014 -0400
pluto: more clarification of crypto helper code
commit ef0b12b17a1543ca2f2ed2563dfb8385d2abda72
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 26 00:17:34 2014 -0400
pluto: eliminate some confusing non-indentation (uncrustify bug)
commit 267c7a02ffb5d48298c24bc76cf82a8984ee4b32
Merge: cf1f385 e368a09
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu Sep 25 23:30:10 2014 -0400
Merge branch 'master' into hugh-2014aug
commit cf1f3859f4ff65dea6c34c179fd2bc969dc7d191
Merge: bca7b6d 643decc
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu Sep 25 22:23:53 2014 -0400
Merge branch 'master' into hugh-2014aug
Conflicts:
programs/pluto/ikev2.c
programs/pluto/ikev2_parent.c
commit bca7b6de2e252a54edfb51b18d3d683a0e0d70db
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 16 05:44:37 2014 -0500
testing: fix SPIs matching strongswan.sed
commit 00cf51145a934529f57f220eb7f444723d5c783e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 25 03:47:09 2014 -0400
pluto: hack to fix crashes in complete_v1_state_transition and complete_v2_state_transition
commit c521c9cbde08d7d9264f9ef6183c2d575c5e8338
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 24 23:09:48 2014 -0400
delete programs/configs/d.ipsec.conf/retransmits.xml
Not used since af8816e946a3ad763492c36643af8af5bbcf75e4
commit f303745ed99c0d41f17e272d7ed4583e7123d057
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 24 23:00:18 2014 -0400
pluto: fix a few comments
commit 1741b7dc2c87ecbb8357c8c57cc606d158bc41c0
Merge: 26b3150 98e090a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 24 22:59:24 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 26b315083b2c30c71126ea1e19e9c0b2ff61c6ec
Author: Antony Antony <antony at phenome.org>
Date: Wed Sep 24 20:52:28 2014 +0300
testing: in swantest grep for "general protection" and "CORE FOUND"
commit 4388c88bb8b0bd637a4a918393cc45e5aaa1a683
Merge: 8602595 fe88173
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 24 13:36:05 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 8602595bad176cc749cc37b2065ccbf1d8d74550
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 24 03:50:50 2014 -0400
pluto: more crypto-helper tidying
- correct handling of case where crypto finishes
and finds state object has been deleted
- a few inconsequential buglets fixed.
- more explanation
commit fa1fa6d584c750883bf85d17fc5bb3896c5f7df9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 23 18:09:30 2014 -0400
pluto: clarify crypto helper code
commit 228d44b86f3b1688aca84d1cda3d67ac539827fc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 23 18:08:22 2014 -0400
pluto: make indentation of v1 microcode slightly less confusing
commit 03df524170f139d4be5ede0a4bc35283b8202f6f
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 23 21:18:31 2014 +0300
testing: ujson for printing float numbers json don't support double_precision
commit 6f8a2f603c67e89e492a9a86e561442c74312471
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 23 20:05:52 2014 +0300
testing: kern-list-fixups.sed
delete the line "sha1_ssse3: Neither AVX nor AVX2 nor SSSE3 is available"
It started appear with kernel 3.16.2-201.fc20.x86_64
commit 202c546d673a69f2b3c5cfd6e9e27a49118c2422
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 23 19:10:05 2014 +0300
testing: OUTPUT/RESULT is one line per JSON without indent
a crude way to stop tests. Need to be called from directory
~/libreswan/testing/pluto
commit 92284ccd4dc3b4b70f4e27f09abfef950e493dcb
Merge: b4d4645 bcd9dd7
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 23 08:38:01 2014 +0300
Merge branch 'master' into hugh-2014aug
commit b4d4645aae5a7740a26a3ce61a6ee5dd00ea7373
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 23 08:32:02 2014 +0300
testing: use json instead of ujso to get indent in dump
commit 94540e151b910629b32e1f185e72e697cd731d9d
Merge: ad26757 4042074
Author: Antony Antony <antony at phenome.org>
Date: Sun Sep 14 06:46:02 2014 -0500
Merge branch 'hugh-2014aug' of vault.libreswan.fi:/srv/src/libreswan into hugh-2014aug
commit 40420749cfe328f2679dfb2b733ad50e5caa9851
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 22 22:32:45 2014 -0400
pluto: add way of suppressing msg_digest pool at compile time -- for debugging
commit b376e55b6fad6e17b9e12f08c15652a8a9a24d6b
Merge: 532facb ca37e3c
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 23 04:11:17 2014 +0300
Merge branch 'hugh-2014aug' of vault.libreswan.fi:/srv/src/libreswan into hugh-2014aug
commit ca37e3cdc81e2bbc31166a245fb52910254eb780
Merge: 2baa48c a35e05e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 22 14:50:23 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 532facb2a675b2552a0dc4b0fb60a667bf9e208e
Author: Antony Antony <antony at phenome.org>
Date: Mon Sep 22 20:22:32 2014 +0300
testing: ikev1-cryptoload-00 wip
commit 2baa48caf018ec4056c24543272b1a58dab66105
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 18:21:15 2014 -0500
ikev2: add debug message for state transition after deleting praent state and STF_OK
commit 9cdfa75aaebb17b2fc9657cdbf258fdb90cd5605
Merge: 481399f 57dc5d7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 22 01:23:09 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 481399f9f1d263c7871baca802221cdc140c43f5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 21 23:34:13 2014 -0400
pluto: eliminate useless block and indentation
(Separate from b647540d8b7e1a052181dead8b72886e19e263ca so that diff would be clearer.)
commit b647540d8b7e1a052181dead8b72886e19e263ca
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 21 23:32:05 2014 -0400
pluto: try to eliminate dangling pointers after delete_state
Also: reorganize some of the code associated with delete_state
commit b0e5c0cdf6601ab251c820db296be12a591e4a40
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 21 23:15:51 2014 -0400
pluto: fix wrong indentation in packet.h
commit 3d901ce953e62fc31ae4f05e0f2922a9d2c4e992
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 21 16:34:01 2014 -0400
pluto: slight tidy of server.c
commit 7599ee6f248025ab2e0b98441d182b60722b8109
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 21 16:26:52 2014 -0400
pluto: shred freed struct msg_digest (might catch dangling pointers)
commit e31794c744c818effd5e11f66715b518fb529c7e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 21 16:21:53 2014 -0400
pluto: imporve comment on some PBS macros
commit 02d13a97dc83df42d4f1bd47252571f8681b0454
Merge: 06aceee f98a140
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 20 10:49:07 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 06aceee6d759d7159b96f92e20fa3223154885da
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 20 10:47:14 2014 -0400
pluto: fix spelling mistake in comment
commit 40416fbc71e71fa9bdc525c898013345c0d96ff2
Merge: 7e103f7 345ab46
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 19 14:04:57 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 7e103f7dc17c1bb25372aa61659dd830e9b8cc2a
Merge: 7161340 c2f4010
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 19 12:58:28 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 7161340cb0f6d1dd20e8fb8855c98964c82ac40a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 19 12:57:04 2014 -0400
pluto: fix pfree (broken in 83f2e3da82f90b511f0812ed3d61fb671615f9f5)
commit 1c9c60b121ab79200438213aeab248fd26fd0dc4
Merge: 7316865 0f55803
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 19 00:43:45 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 731686537a79cb0b6f59d065912b4e662ce81067
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 23:55:10 2014 -0400
pluto: minor tidying of V2 code
commit b87b106de752776cbee40751dd0b634efaed68bc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 23:33:45 2014 -0400
pluto-testlist-scan.sh: detect SEGFAULT in logs
commit 79ed57f1b5fb86264658bddaa72ef9ebd970c13d
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 23:15:42 2014 -0400
pluto: get rid of fake md: wasn't fundamentally required
commit 2eed8b1c73e269468a62a8bbd1fb2639112d1ee4
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 23:15:16 2014 -0400
pluto: parse SPIs better in v1 delete payload
commit 2c0fdac913f440d592ece13efeb4e315784c0038
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 23:14:42 2014 -0400
pluto: protect code in complete_v1_state_transition that requires non-NULL st
commit 34aea0c89239a2195400c514577919542bf459e9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 23:14:03 2014 -0400
pluto: note calls of delete_event that are probably redundant
commit 83f2e3da82f90b511f0812ed3d61fb671615f9f5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 21:52:13 2014 -0400
leak detective: when detecting, clear each chunk of memory that is freed
commit 8f5f2f95960e4d390051e807ffb75573658c61f6
Merge: 2e7e5da 22d3ad7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 18 21:51:16 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 2e7e5dacdb14340f5b0758d83cfca9151a5fef1d
Author: Antony Antony <antony at phenome.org>
Date: Fri Sep 19 00:19:00 2014 +0300
ikev2: a simple end with STF_OK and parent state is gone.
if this works add a couple of log lines.
commit cb76db4ea1937b80a4f6f2c31c786c9ae4e174fc
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 22:44:52 2014 +0300
pluto: missing names due to ba8bc4e6d4 and STATE_UNDEFINED is called the same.
commit d129716e966c823610bc2988fd5bd3747e0a61dc
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 19:42:33 2014 +0200
delete-state-01 wip test check with efence
commit 465025b1900545e064bcccc5b862f7b92e52d250
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 18:26:23 2014 +0300
ikev2-delete-03-valgrind: fix the --up line
commit ed55efbb6801974f205de11489bc8938c87b37a1
Merge: ba8bc4e d47a860
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 08:52:24 2014 +0300
Merge branch 'master' into hugh-2014aug
commit ba8bc4e6d46bd69ba1c04ae6780ef4e50051772c
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 17 22:59:15 2014 -0400
pluto: slight simplification of complete_v2_state_transition
commit 874a1e9f4197943826b8df4ec2593dbcf7362e06
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 04:54:24 2014 +0300
testing: ikev2-delete-03-valgrind
commit 54f0ec0a27ef9861c025e0d01c6892266489d6c2
Author: Antony Antony <antony at phenome.org>
Date: Thu Sep 18 04:49:10 2014 +0300
ikev2 : set md->st = NULL after a call to delete_state,
beceasue delete_state zero(st) and pfere(st).
commit 2c5d1a43d81d781aa6894bc6b64047c4a701f1a4
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 17 16:47:03 2014 -0400
look: careful about locale for sort
refines d4a8877f3b7f7935dcf6b35724d2eb7aee68d324
commit 8d319882aa131d17ff910c0af05307ba775140be
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 17 16:23:58 2014 -0400
testing: reorder cert listing in reference output
Reflects d4a8877f3b7f7935dcf6b35724d2eb7aee68d324
commit f05cac682952d2d4969d68f2de208500fc864199
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 17 02:35:46 2014 -0400
pluto: fix comment
commit ed1310d16fcc8ba5536528778586a11468edeaf4
Merge: bd436b9 86c4434
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 16 17:46:01 2014 -0400
Merge branch 'master' into hugh-2014aug
Conflicts:
programs/pluto/ikev2_crypto.c
programs/pluto/kernel.c
commit bd436b92148b503ae81e1dc8c043c039015dbdaa
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 16 17:02:23 2014 -0400
pluto: tweak ikev2_child_inIoutR
commit 1b162c6b963bac64022d1c27d9a877bd963d8eb2
Author: Antony Antony <antony at phenome.org>
Date: Mon Sep 15 05:36:41 2014 -0500
ikev2: CREATE_CHILD_SA refuse KEi
commit 1199ec32d368ba8ad6b70a2ca9a8e5d03e673f64
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 16 19:04:40 2014 +0200
testing: interop-ikev2-strongswan-15-create_child_sa is not sending NO_ADD_SAS
instead establish CHILD SA.
commit d296a4090a5b311e652ab8d64592dd09c181208a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 16 10:39:00 2014 -0400
testing: git rid of ", retransmits=yes" from reference log files
Needed because of af8816e946a3ad763492c36643af8af5bbcf75e4
commit 093fd0b5d2f9fe18619f868ace0e0ba60d63d460
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 16 01:46:37 2014 -0400
Revert "testing: status changed from hashlen= to hashsize="
This reverts commit f2b21913b434f49a541d96f014a05b7677a86894.
The original commit was inappropriate for this branch.
commit 575d946842d4a9b681fbe1ecb094a965f21496ce
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 16 01:45:27 2014 -0400
pluto: improve buffering of logging to file
commit 8218e47392ed5bd1eba0f6b6ce755d85bc2ba654
Merge: af8816e f354aad
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 16 01:13:06 2014 -0400
Merge branch 'master' into hugh-2014aug
commit af8816e946a3ad763492c36643af8af5bbcf75e4
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 15 20:06:33 2014 -0400
pluto: get rid of --noretransmits and retransmits=yes/no in ipsec.conf.
It wasn't working for the only purpose we applied it to.
It turns out that it was misleadingly named. The documentation was
more accurate:
At times it may be desirable to turn off all timed events in
pluto, this can be done with-noretransmits</option>.
I don't see a use for this capability.
To achieve the function suggested by the name, use --impair-retransmits.
commit 7a413b91f3598d26780039567790e745e3724096
Merge: 2ca853e 567ad59
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 15 19:13:31 2014 -0400
Merge branch 'master' into hugh-2014aug
commit ad2675709b5579de799652299c33c4b44bc037fe
Author: Antony Antony <antony at phenome.org>
Date: Sun Sep 14 06:26:02 2014 -0500
testing: fix typo.
during retries genrate tables and summary only if there is a change.
commit 2ca853ee1da2218722f4aa70a238377af0aab1cc
Merge: c3600a3 c4c178d
Author: Antony Antony <antony at phenome.org>
Date: Sun Sep 14 06:10:26 2014 -0500
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit c4c178d69e0dd9237db95f9fe9264c824d007fe0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 14 22:04:41 2014 -0400
testing: one more hashsize => hashlen
commit b3924ab0c584795024d2ac64439e0f0f6a255945
Merge: 4671b45 775ebab
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 14 20:24:14 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit 4671b455a605df1f0d6ba2d095fac14bee791aa2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 14 20:23:31 2014 -0400
testing: tweak a few more reference logs
commit 775ebab5007a5cc3ec279ed3ce95ebfa2fe77db2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 13 23:43:55 2014 -0400
pluto: add warnings that current code only supports CBC mode for IKEv2 messages
commit f75ec2e35fb6537320793a0328034620803b84f8
Merge: cca0a33 601ea6b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 13 23:08:54 2014 -0400
Merge branch 'master' into hugh-2014aug
commit cca0a33cb28c381fde33976896cfb05a777be0bd
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 13 22:59:18 2014 -0400
testing improvements
- change reference logs to reflect change in logging of transform keylengths
- "hashsize" => "hashlen"
- many auto=route or auto=add => auth=ignore
- esp=aes-aes_cbc => esp=aes-aes_xcbc
- extra ; in --status output
- add /testing/pluto/bin/wait-until-pluto-started in several */*init.sh files
- psk-pluto-06/roadinit.sh: remove ifconfig and route
commit c3600a3b1bb7ead75d5175ef70d2566135c06913
Merge: 723ddb1 46b93d5
Author: Antony Antony <antony at phenome.org>
Date: Sat Sep 13 08:02:36 2014 -0500
Merge branch 'master' into hugh-2014aug
commit 723ddb1c053f92751fe72e8b0abcf3cf08e8a3a9
Merge: 2406a97 64e73d8
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 12 12:28:23 2014 -0400
Merge branch 'master' into hugh-2014aug
Conflicts:
testing/pluto/TESTLIST
commit 2406a97d8bf8fb9003cdbcbd0aa4a20e2841a91c
Merge: baea762 cc6e7a9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 12 11:54:27 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit baea76260b18e4fba9282df3a3513151d182db02
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 12 11:52:24 2014 -0400
pluto: decrypted message's PBS must persist
fix f2de5ef7555a00fccb7596390155aa5d23e5036f
commit f2de5ef7555a00fccb7596390155aa5d23e5036f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 11 14:26:53 2014 -0400
pluto: tidy and fix bugs in IKEv2 message decryption
- detect message too short for crypto overhead
- detect message not a multiple of the block size
- detect out-of-range padding length
- elminate alloca() from ikev2_parent.c
commit bb33769c2070795eb07f3e8fe9defd8f12baf418
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 11 14:19:08 2014 -0400
eliminate or document unused variables and assignments
commit 295d726c55d93a1acaeaa03991b55bf0e7ff43b1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 11 14:13:50 2014 -0400
constants.c: eliminate unused af_inet_name and af_inet6_name
commit 10ad5ede566c53e4f1cd920dc8ceb5f98511d8a9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Sep 11 10:42:34 2014 -0400
Pluto: get rid of #define iv_size enc_blocksize (confusing and dangerous)
commit d9f22ffa8c97d145e3e0b450c0ca1a29fbc73b0d
Merge: a501858 a94a4f1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 10 01:28:55 2014 -0400
Merge branch 'master' into hugh-2014aug
commit a5018582bffd59ab5275875b78b24f1d07b4e3ed
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 10 01:18:31 2014 -0400
tidy ikev2_parent.c:
- handle SPI more gracefully
- create and use emit_iv
- eliminate redundant check for encrypted payload
- eliminate ikev2_create_child_sa_in, a synonym for ikev2_child_inIoutR
- check for correct size of SPI list in Delete payload
commit e33ba4aa226532eeaf3d99b806ba760b542077ef
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Wed Sep 10 01:17:50 2014 -0400
strip_prefix: use strneq
commit d96c7396c082446ca26fc1ca985b2a109720bfb1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 9 13:52:13 2014 -0400
fix returns pointlessly split across lines by uncrustify
commit fd1a172a9b80946dad73b1b798236d4c906e4fe8
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 9 11:24:32 2014 -0400
eliminate ghosts of unused fields in ipsec_xmit_state
commit 52b2c216e2ef2d1182b0a621fc5cf02ca9a2eeb7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Tue Sep 9 11:23:48 2014 -0400
pluto: fix comment format
commit d60d6602f6e4e8e6ccec2657956055dc9c97d098
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 8 22:10:24 2014 -0400
debug: dont use DBG_CRYPT for non-private key logging
commit 91e38ea04f6c66b127314cf420b81ca3c81b63af
Merge: 47e1cbb 31b94bc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 8 22:09:38 2014 -0400
Merge branch 'master' into hugh-2014aug
Conflicts:
programs/pluto/kernel.c
commit 47e1cbbbb39402f5e4a1941056c730693bd0dee9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 8 22:01:37 2014 -0400
testing: fixup a number of reference outputs
algo-pluto-09
ikev2-12-x509-ikev1
ikev2-12-x509-ikev1-rw
ikev2-18-x509-alias
ikev2-delete-01
ikev2-delete-02
nat-pluto-01
nat-pluto-03
netkey-algo-cast-01
netkey-algo-null-01
netkey-algo-null-02
pluto-rekey-02
psk-pluto-01
psk-pluto-02
xauth-pluto-03
commit 41f9c291da828193a87d3e0b191bffbe696f98d2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 8 21:53:49 2014 -0400
testing: updated TESTLIST with some wip -> good
commit 4402b8d0376e9bf41461e4bf035b8124a1d5aacc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 8 21:52:48 2014 -0400
testing: strongswan sanitizer should not need a space
commit 255f33e8d178c1dedcb91ce2e58dc457a8ec081b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 8 15:59:47 2014 -0400
testing: update basic-pluto-07 reference output
commit 2c32b19fecbf5ed2c47e080df8a92fb4e134d1b7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 7 22:43:06 2014 -0400
testing: added testing/utils/pluto-testlist-scan.sh to aid analysis of test results
commit 39ba273902d1ad86bdbb3ef971d90b37fa0fb7e0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 7 22:10:59 2014 -0400
testing: call hashlen hashlen, not hashsize
commit 7bd65cf27cf5655ca33b65ad74b3675f7bc59495
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Sep 7 22:09:18 2014 -0400
testing: get rid of accidental "_" as a prefix
commit b8b53df13813006713d0a40cbdaea5d032efcd63
Merge: d74a038 e11eb2a
Author: Antony Antony <antony at phenome.org>
Date: Sun Sep 7 18:06:51 2014 +0300
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit e11eb2a5f69c0fb5a813ea7321b062c8c81e83bb
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 23:51:17 2014 -0400
pluto: undo bug introduced in 0395c26ac17af9b02e4f1b84d7279288fc985ced
bonus: fix comment that prompted the error
commit 37338ae1a765d39e98563a0aeb1408cb158233be
Merge: 2d973fe 965cde0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:46:03 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 2d973fec3f6de5f3efb44f2a7a8de51227b69c6c
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:40:05 2014 -0400
testing: IPIP spi numbers changed in 0395c26ac17af9b02e4f1b84d7279288fc985ced
commit c61ef6d158f9755fa38b76fc65e9ba514dc06821
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:39:00 2014 -0400
re-sanitize.sh: fix typo
commit 4496d4fe75267fb716f4e6ea70b7c9ec896b6125
Merge: 46450fb 964b1da
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:37:36 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit 964b1da826a32a48ccb7d9b51bf945b7a672813e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:34:40 2014 -0400
pluto and test reference files: get rid of ", trunclen=0" in IKE hash description
commit fdc1c8bcfc7a62a95fa0d2f5a4a6167957cb5657
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:31:06 2014 -0400
spigrp.c: reposition comment
commit d86b696a9f32860128b9f0400f27b3f431ec5275
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 22:29:31 2014 -0400
spi.c: get rid of 9-year-old temporary debugging output
commit d74a03887b9514c78351629dc034e76937d2bc17
Merge: 59b6278 965cde0
Author: Antony Antony <antony at phenome.org>
Date: Sat Sep 6 23:00:31 2014 +0300
Merge branch 'master' into hugh-2014aug
commit 802a8daa4fbfc1766ac5bf68b0b710b7856b6964
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Sep 6 15:20:32 2014 -0400
pluto: strip_prefix should usually have a "_" at the end of the prefix literal
commit 46450fb8872f4d0bac04f23bdf92be4a517aea2f
Merge: a6e8b4c 0a4ca86
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 5 02:40:05 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
Conflicts:
testing/pluto/ikev2-algo-sha2-08/east.conf
testing/pluto/ikev2-algo-sha2-08/west.conf
commit 0a4ca865ee180e500088d4abf255d164b53d5348
Merge: 0395c26 9dd7a3c
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 5 01:39:04 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 0395c26ac17af9b02e4f1b84d7279288fc985ced
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Sep 5 01:38:00 2014 -0400
pluto: tidy, mostly setup_half_ipsec_sa
commit a6e8b4c3e025fbee1e8cdd050fe4dde2e2235076
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu Sep 4 21:07:29 2014 -0400
testing: add ikev2-algo-sha2-08 for sha2-truncbug=yes
commit cc6e7a913e0f7b8741174d35cb0d3324ae71d998
Author: Antony Antony <antony at phenome.org>
Date: Wed Sep 3 07:18:56 2014 -0500
ikev2: use from_state instead st->st_state. clang warn st could be null
commit ce9caa5fad6381818f2189eaa684775863a91826
Merge: fbbaeef 7f66aca
Author: Antony Antony <antony at phenome.org>
Date: Tue Sep 2 18:31:35 2014 +0200
Merge branch 'master' into hugh-2014aug
commit fbbaeefb3fb0f54a6ef5cf7c2fac6c2ba44b95c5
Merge: f057027 33a1804
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Mon Sep 1 18:02:29 2014 -0400
Merge branch 'master' into hugh-2014aug
commit f057027a12df74c99fa5ce404deb8d9e0edc8dc1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Aug 31 15:31:24 2014 -0400
Pluto: make gen_reqid more robust
commit 0c359885bd78efeb8ea7774c8d82051d1d6018ff
Merge: e2384ef bdf11c2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sun Aug 31 15:26:51 2014 -0400
Merge branch 'master' into hugh-2014aug
commit e2384efe41a389cbab905f81bacd3aa802b0671f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Aug 30 15:49:39 2014 -0400
systematize reqid handling:
- add the type reqid_t (previously various types were used)
- add macro to centralize mapping from base reqid to one for an SA
- fix some corner cases
- catch invalid --reqid value in whack
commit 568390053b211fb0d8aaf8e03be54fad893aa035
Merge: 5fbd5f5 f26c355
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Aug 30 10:20:24 2014 -0400
Merge branch 'master' into hugh-2014aug
Conflicts:
lib/libswan/alg_info.c
commit 59b62786b8f25b96bb5a23a1a8621eab11caa5ab
Merge: dfcc5a3 0a4ca86
Author: Antony Antony <antony at phenome.org>
Date: Sat Aug 30 02:46:14 2014 -0500
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
commit 5fbd5f5724de7ba351b9fba2e6c5adfb2234b2f3
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Aug 30 02:25:16 2014 -0400
enum_showb: simplify interface
commit e6ac1beebded16c6cb26f5eccf28c818ac26ba76
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Aug 30 01:55:12 2014 -0400
kernel_alg.c:kernel_alg_esp_info fiddling:
- note that it uses a function-static variable (dangerous; NOT fixed)
- add warning not in callers too
- add comment about questionable test in kernel_alg_esp_info
- replace calls to enum_name with enum_showb where beneficial
commit 7da51e7eec83d1b93990ba42650ca5ebd4b99db3
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Aug 30 01:21:40 2014 -0400
programs/pluto/kernel_bsdkame.c: use a C99 standard designated initializer
commit 41e4d102359b795969c4d7b458f994a900ba2c57
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Sat Aug 30 01:15:10 2014 -0400
examine all user-space function-static variables
- make const if possible (thus safe)
- make auto if possible (also safe)
- if not safe, make sure that there is a warning comment
- narrow usage of escaped pointers: make sure they are pointer-to-const
Fix bugs in rsasigkey.c's hexOut:
- third character of output was always '\0' (useless)
- added code to handle output overflow
commit 35d6710922a76a7df9e3cb63bbdfa6afa8e54386
Merge: 31608dc 32ad067
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 29 19:30:03 2014 -0400
Merge branch 'master' into hugh-2014aug
commit 31608dc489608a6888a9836de71ee57637885319
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 29 19:23:31 2014 -0400
"const" generally belongs at the front of a type specifier
commit a751b7227bb8c70b3abc208e92fcb9cc6d41e909
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 29 19:11:10 2014 -0400
Clean up Pluto's hashers:
- make them type-safe
+ added "thunk" routines to convert union hash_ctx *
+ use size_t for sizes in caller and callee
+ eliminate use of casts for function pointers
- rename userland osMD5* => lsMD5*.
- leave kernel osMD5* as-is (seems odd)
- use names instead of numerals
- make SHA384 first-class
- eliminate ikev2_natd_hasher
commit bc4b5138c76e3e6a566a0827576d7225cd6e1706
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 29 16:16:32 2014 -0400
Clean up SHA2 hashing so that lying casts are not used.
The struct hash_desc initialization had casts that lied and could misbehaviour.
Also: simplify hash finalization in compute_digest.
commit dfcc5a391c4ba5d7e114e1f9abde1075b62cdbe0
Author: Antony Antony <antony at phenome.org>
Date: Fri Aug 29 11:32:34 2014 -0500
ikev2: remove the function ikev2_create_child_sa_in_refuse
It was sending v2N_NO_ADDITIONAL_SAS
commit 7868cda74daab3f119beffa47a83fe73e3523945
Merge: c2edf81 82325a5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 23:04:30 2014 -0400
Merge branch 'master' into hugh-2014aug
commit c2edf81cfeaf98797b446eafdb0a70f7a1f6ca00
Merge: 1322fff ad6ad1f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 23:00:13 2014 -0400
Merge branch 'master' into hugh-2014aug
Conflicts:
lib/libswan/alg_info.c
programs/pluto/plutoalg.c
testing/pluto/TESTLIST
commit 1322fffff2cf10ac7a04ad6d33948b4a4a93956d
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 18:32:12 2014 -0400
Pluto: tidy alg stuff
- rename kernel_alg_esp_enc_ok => check_kernel_encrypt_alg to reflect return type
- rename is_virtual_net_allowed => check_virtual_net_allowed to reflect return type
- indicate success via boolean result, not int: ike_alg_register_hash, ike_alg_register_enc
- return void where no caller uses result: ike_alg_twofish, ike_alg_serpent_init, ike_alg_aes_init, ike_alg_sha2_init
- ike_alg_sha2_init: try adding each keysize separately
- pfkey_register_response:
+ unify klips_pfkey_register_response and linux_pfkey_register_response => pfkey_register_response
+ move initialization of kernel alg lists from pfkey_register_response to stack init routine
+ handle AH in pfkey_register_response
- tidy struct ike_alg, struct encrypt_desc, struct hash_desc
- add comments noting some mysteries
- updated some comment to post-FreeS/WAN
- tidy kernel_alg_register_pfkey; relocate call to kernel_alg_init
- reorganize sadb_alg_ptr
- get rid of field aliases:
esp_ealg_id
esp_aalg_id
esp_ealg_keylen
esp_aalg_keylen
- get rid of ESPTOINFO and IKETOINFO
- don't convert types thoughtlessly (eg. signed to unsigned)
- ike_alg_show_status: for auth algs, show trunclen
(struct hash_desc field hash_integ_len)
commit 724c1f926b8965f4a1ece1eaa7139879e6fd7f91
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 18:30:06 2014 -0400
testing/utils/sanitize.sh: fix spelling, trailing whitespace
commit 2a45410ffc48953bd983e8f8ed8cd6183f38889a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 18:29:32 2014 -0400
testing/utils/re-sanitize.sh: add documentation; add "set -ui"
commit 005c2370a27ef0231e21ed81ac7484702c6fca55
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 18:28:34 2014 -0400
testing/pluto/setup.sh: change so script will survive "set -ui"
commit e29fd62c87879710fa7a79cb3e7dfc7e7ef536ab
Merge: dd93173 332bb09
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 28 18:22:45 2014 -0400
Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
Conflicts:
programs/pluto/ikev1_quick.c
commit 332bb09aa1514ea79960581589740ac1dc0570f0
Author: Antony Antony <antony at phenome.org>
Date: Wed Aug 27 04:53:52 2014 +0200
ikev2: clarify another case pexpect in complete_v2_state_transition
commit 44ca79b9b3622258691e8246b90a8cef80cd603f
Author: Antony Antony <antony at phenome.org>
Date: Sun Aug 24 02:42:14 2014 -0500
ikev2 : improve function names
commit 74a22e4ca47e8ee1fa156c0a0e11790ae8d406e0
Author: Antony Antony <antony at phenome.org>
Date: Fri Aug 22 23:00:31 2014 +0200
ikev2: remove extra comments
commit dd93173b1665d62e50e635b96ede3ccd55fdfbad
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 22 03:17:23 2014 -0400
pluto: tidy some of the "alg" handling.
- properly protect parameters in macro bodies with parenthesis
- use bool return values where natural
- fix comments to be truthful
- reduce scope of auto variables
- explicitly compare pointers with NULL in bool contexts
- local simplifications
- improve a couple of messages
commit ab9829fb7f57af948787c13c00dbbd38128c86cb
Author: Antony Antony <antony at phenome.org>
Date: Thu Aug 21 23:06:08 2014 -0500
ikev2: partial support CREATE_CHILD_SA as a responder
commit 0c62c92b423586890ae9bf0dad762b19a11074ba
Merge: be1e58f d11a724
Author: Antony Antony <antony at phenome.org>
Date: Thu Aug 21 23:05:17 2014 -0500
Merge branch 'master' into hugh-2014aug
Conflicts:
programs/pluto/ikev2_child.c
programs/pluto/ikev2_parent.c
commit be1e58f0d9934e745f45ea9a50fbf46c995b3114
Author: Antony Antony <antony at phenome.org>
Date: Thu Aug 21 12:29:06 2014 -0500
ikev2: improve debug message.
commit add5a86dfebbba7db06dd566c6b8474bbd97b810
Merge: b900c5a 1dc40b6
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 21 01:45:22 2014 -0400
Merge branch 'master' into hugh-2014aug
commit b900c5afb24bc4e4d3e70d48432a31fd41041566
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Thu Aug 21 01:35:10 2014 -0400
Pluto: fallout from code reading
tidy:
fix grammar in comments and messages
fix some whitespace
testing pointers for NULL should be explicit
reduce scope of locals
use symbols, not magic numerals
remove some redundant parentheses
clarify:
rename build_ke => build_ke_and_nonce
rename unpack_KE => unpack_KE_from_helper
rename enum member pcr_build_kenonce => pcr_build_ke_and_nonce
add const to some pointer parameters
use enum type instead of int where appropriate
improve pluto_cryptoop_strings
Correct:
In TS handling, some functions returned -1 for exceptions
but the callers stored the result in unsigned int variables.
Fix:
document function return values
retype index variables and parameters
handle -1 results
Simplify:
eliminate struct msg_digest's pst (redundant and only sometimes accurate)
refactor TS matching code, reducing redundancy
remove redundant payload checking (already done by state machine)
archaeology:
add pexpects for exploratory purposes
add explanitory comments capturing discoveries
document functions better (note -1 returns)
add comments for mysteries (possible bugs)
More information about the Swan-commit
mailing list