[Swan-commit] Changes to ref refs/heads/master

Antony Antony antony at vault.libreswan.fi
Thu Oct 2 08:20:17 EEST 2014


New commits:
commit c3aa6f799f98d807e516bdefe502cdd0f0990b63
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Oct 1 23:25:09 2014 -0400

    testing: add comments to dist_certs warning about repeated commonName (bug?)

commit bda3a982e9d8057a3dcfdd485d48205550639753
Merge: cada926 8fc966b
Author: Antony Antony <antony at phenome.org>
Date:   Thu Oct 2 01:08:02 2014 +0300

    Merge branch 'hugh-2014aug' of vault.libreswan.fi:/srv/src/libreswan into hugh-2014aug

commit 8fc966b2d43f5577871df6c635edf1884e9d3fc5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Oct 1 18:02:45 2014 -0400

    testing: fix dist_certs:
    
    - make date calculation simple and correct
    
    - improved detection of missing commands
    
    - add "set -ue" to make the script more robust
    
    - as a consequence, it became evident that several
      certs were generated twice.  As an expedient
      we applied b0511b9817f8262ef1f5715066caa96c60e12e52
      to paper-over this problem
    
    Thanks to Matt Rogers and Antony Antony helping a lot!

commit b0511b9817f8262ef1f5715066caa96c60e12e52
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Oct 1 17:57:33 2014 -0400

    testing: work around probable bug in dist_cert
    
    Thanks for Matt Rogers and Antony Antony figuring this out.

commit cada926efcaa89eebf8011500c7b746b9e7b4ba1
Merge: 7d99e77 5a63a7a
Author: Antony Antony <antony at phenome.org>
Date:   Wed Oct 1 23:22:19 2014 +0300

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	testing/sanitizers/loopback.sed

commit 7d99e773cb545c7ec92b86048ae1e977a8a11cb6
Author: Antony Antony <antony at phenome.org>
Date:   Wed Oct 1 18:38:01 2014 +0300

    testing: re-sanitize pid

commit fbeedde1bb2ea5fd3d946a58f53b8fc4bbf11df7
Author: Antony Antony <antony at phenome.org>
Date:   Wed Oct 1 18:31:13 2014 +0300

    testing: removed duplicate pid sanitizing. Use command specific pid sanitizer

commit 8ac0762e0adb5f9e0958d79bcaa568de6c3b1a2d
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 25 21:25:43 2014 -0500

    testing: be more specific when sanitizing tcpdump pid

commit 99ce6e663c7067acde3bdb282a73cd47a36c8479
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Sep 30 14:25:51 2014 -0400

    testing: add console file

commit 00c3d496755f67214651ee647fa5cde26a191578
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Sep 30 13:48:05 2014 -0400

    testing: adding two secrets files for x509-pluto-03

commit 482db6572a1977a3a17f83314cb256aae2bffec8
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:22:42 2014 -0400

    testing: updated x509-pluto-02 init.sh.  output needs updating

commit 56b95b10f55cb6ff53ba94a04267acbf7e34e3b1
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:19:11 2014 -0400

    testing: deleted obsoleted test x509-pluto-08
    
    It tested bogus pem files, which we no longer support. NSS does
    the work for us.

commit cafb3cba67f6863bbf3f7e2470643e2527418846
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:16:30 2014 -0400

    testing: fixup compress-pluto-01/description.txt

commit b41855f0c670979c8f78fe8e134323b16b280cf0
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:16:01 2014 -0400

    testing: deleted some obsoletes aggr-pluto-03 files

commit 3eb71ee012befaca3989f171f4225357730c853a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:15:26 2014 -0400

    testing: add new files in agg-pluto-0[123] test cases

commit 5dc784e43844b9e1e84795b06534d7603c0c6015
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:13:42 2014 -0400

    testing: updated TESTLIST. enabled aggr-pluto-0[12], made 03 wip and deleted 04

commit 7992532f99b6f400119664a9a3d16d63997efaba
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:12:40 2014 -0400

    testing: updated tests aggr-pluto-0[12]

commit 82e0e85ff316e653addafa0b3fdc358a269ed3b3
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 18:11:41 2014 -0400

    testing: WIP: added x509-pluto-04 to test CA mismatch

commit 685c5305c1a40437a7706846a234934b00098c08
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 16:49:39 2014 -0400

    testing: removed aggr-pluto-04-cookies
    
    This seems like a test to implement DCOOKIES in IKEv1. That never
    happened so this test cannot test anything and has been removed.

commit 67afe5489e1b757e0273a845a3e881ad7bd4d8a2
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 15:31:27 2014 -0400

    testing: enable test x509-pluto-02

commit b1abc49d134dacc8fef508891def37ad94eae655
Author: Antony Antony <antony at phenome.org>
Date:   Mon Sep 29 18:50:42 2014 +0300

    testing: replace spaces with a tab introduced in 83fb5baec

commit 83fb5baec63fa6f0795aaf4df325b633f41470eb
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:53:03 2014 -0400

    testing: ikev2-18-x509-alias slight tweaks in config file

commit b02819f3e13417c98b13da6af2f12b0b01c2895a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:52:36 2014 -0400

    testing: updated ikev2-algo-06-aes-aes_xcbc (code needs a fix still)

commit bccb0ae1b4c3328d586c1788a69a6684c615f410
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:22:58 2014 -0400

    testing: updated dscription of test

commit a974fb7d978fae7949924033cc97cd720501ca62
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:21:24 2014 -0400

    testing: changed ikev1-cryptoload-01  slightly to cause less variance
    
    We only show to number of tunnels after the final 10s wait.

commit 853272b4e3cc29712184786da2c5253f0ea8f65c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:14:19 2014 -0400

    testing: added reference output for ikev1-cryptoload-00

commit 7e79eb75dfb6483ff2f8aa2582aeec3e98b8299f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:09:05 2014 -0400

    testing: ikev3-12-x509*  update reference for efence banner disabling

commit 01b9980388cde9a094d16c3d2a58b3b30729073a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:08:42 2014 -0400

    testing: fix ping in basic-pluto-03 and update reference output

commit 13b8a0a033d53084f8307d661df59eb19667f873
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 00:28:40 2014 -0400

    testing: update reference output to use new ping -n

commit cadd5d0cdf7c9b6b929706ee5143a3486541e83c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 00:24:48 2014 -0400

    testing: change ping commands to alway use -n (no dns)

commit 1ad580a56d462e8d913fc63385b3b6b30e869b45
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 00:18:26 2014 -0400

    testing: ah-pluto* tests no longer call ipsec status

commit fdf454b09db7e0e303de93fdf8765db6ff1efb56
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 00:06:54 2014 -0400

    testing: algo-pluto-04 fail faster with impair

commit 336fb1b864128352af22d0ab4d5001a8b59042f2
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 10:44:28 2014 -0400

    testing: when make check runs with UPDATE*=1, regenerate all certs

commit 4e8bde34ffda7c0765d5abe754b6261ff1e374d4
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 00:00:32 2014 -0400

    testing: psk-pluto-06 was missing left= entry

commit a9e52f24e0e4cca60816a5c89fd788f16240b360
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Sep 29 00:00:10 2014 -0400

    testing: ikev2-major-version-initiator no longer calls ipsec look

commit 82d41158967a774f8c112cc9b60dcc6e79b3bb7e
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:59:30 2014 -0400

    testing: updated ikev2-18-x509-alias config and output

commit b8374bbcdd9824445d750941ae38475794ab5bd6
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:58:05 2014 -0400

    testing: updated ikev2-18-x509-alias test

commit 97dc8b5d7db87354fc35a4ead35a6a929e919f56
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:57:35 2014 -0400

    testing: update reference to ikev2-17-rekey

commit 1bc0dbe7e38959e4f55eeecfcd47a603b7a36872
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:57:08 2014 -0400

    testing: update reference for compress-* tests

commit bbd14cab2a05ef0c661af047d9d1422e2ecd0881
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:56:03 2014 -0400

    testing: update reference od dpd-02-reverse

commit c60ce018d05c3d5442e9aa1c832a2232201e4309
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:54:37 2014 -0400

    testing: update reference for basic-pluto-14-klips-route
    
    see description for possible packet leak

commit 9847ff13ad82cba35cf393cdb697b653067c8c3a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:52:04 2014 -0400

    add comment

commit 1344a28687dbaef985cc9d7c42c8cdfa50e9109f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 23:51:26 2014 -0400

    testing: changed some tests wip->good and bad->good

commit c8a0d84c594605146c1b0a0ee497aef79403fbc8
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:57:34 2014 -0400

    testing: disagle efence banner

commit 2c49ed3de02aaf94f8a439bd481aaad9891a4ac2
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:56:59 2014 -0400

    testing: disable efence banner

commit e98cdf578c1e67aa61f9cb0a8e1760dd224a4d16
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:56:17 2014 -0400

    testing: disable efence banner

commit 4a913de37ac24126c792ad2e5f430a828f2e7a09
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:42:45 2014 -0400

    add baseline to trigger error

commit 9569977c31910e18756f29c9af696002c61f0701
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:24:33 2014 -0400

    testing: fix testcase basic-pluto-13-netkey-route
    
    note that it does show an unexpected hold/trap for the trigger packet:
    
    src 192.0.1.254 dst 192.0.2.254
           proto esp spi 0xSPISPIXX reqid REQID mode transport
           replay-window 0
           sel src 192.0.1.254/32 dst 192.0.2.254/32 proto icmp type 8 code 0 dev eth1
    
    Are we supposed to delete that?

commit 55a2a23f824490b4d866f95ee7e72987d258533c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:16:55 2014 -0400

    testing: updated psk-pluto-02 (but reference needs fixing still)
    
    the reference output is garbled at the end because --impair--retransmits
    does not release the whack, so we still suffer a time out and a ctrl-c
    and text flow issues

commit b4e5851fa2939ace0da9bed798ea599e33ae127f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 15:08:33 2014 -0400

    testing: basic-pluto-13-netkey-route update
    
    add protostack= so we get what we think.
    update reference output
    add auto=ondemand to west.conf

commit 4a8b325f77c56042b45a28757ad8d0fc368898f7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 28 21:23:11 2014 -0400

    pluto: separate SEND_V2_NOTIFICATION from SEND_NOTIFICATION

commit fc0871bf51a428e011cef8c564b08910bd838552
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 13:24:01 2014 -0400

    alg_parse: another fix for my code change from the last two days
    
    alg_info_ah_add() should not use the aklen check (introduced friday)
    
    parser_alg_info_add() was missing break;s in the newly added nested
    switch statements causing unexpected failures.

commit 32bc93c3c17b83b3c430adf4e2923e0df502a432
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Sep 28 13:23:06 2014 -0400

    testing: updated lib/libswan/algparse test and reference output

commit d28d667677a2cbe1fd8e8e3360cd28a0e609a75b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 28 12:06:14 2014 -0400

    apparently IPSec is wrong and IPsec is correct (RFC 2401, for example)

commit dc4846485c00e0f0ef82cbc8394b44e3541dd412
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 28 12:02:22 2014 -0400

    apparently DNSsec is wrong and DNSSEC is correct (RFC 2535, for example). DUMB.

commit 878c25d64f837545cc6f4e0b68419759524075d1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 28 11:55:54 2014 -0400

    apparently IPSec is wrong and IPsec is correct (RFC 2401, for example)

commit 5118ccdd84c2e5458c7f21ce04ded8f211f4a6fb
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 28 10:58:14 2014 -0400

    pluto: fix 9cb6cd0bac8e799853074661262d4c08d011f8d8
    
    st can be NULL in complete_v2_state_transition(*, STF_OK)

commit 9cb6cd0bac8e799853074661262d4c08d011f8d8
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 28 01:03:52 2014 -0400

    pluto: clean up complete_v*_state_transitions and related things
    
    - rename struct state's st_reserve_msgid => st_msgid_reserved (more accurate)
    
    - clean out unused fields of struct state: st_doi, st_situation, st_childsa
    
    - moved some struct state fields to more appropriate places (e.g. v1 fields
      with the v1 group of fields)
    
    - consistently spell /* FALL THROUGH */ and delete any following empty line.
    
    - in complete_v*_state_transition, carefully handle cases where mdp
      might not be meaningful
    
    - in complete_v1_state_transition, only accept info from VIDs if STF_OK.
    
    - in complete_v2_state_transition, change case STF_TOOMUCHCRYPTO so that
      it no longer falls through into case STF_FATAL.  I think that this was
      a bug.  If not, then the corresponding code in complete_v1_state_transition
      already had this new bug.
    
    - success_v2_state_transition didn't need a struct msg_digest ** parameter;
      struct msg_digest * is enough.
    
    - in v1, a msgid of 0 is properly called v1_MAINMODE_MSGID

commit 476dc86eb2ad8aa2c2baced821d64c7a16975932
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 23:24:55 2014 -0400

    testing: ah-pluto* simplifications and psk-pluto-0 update

commit 6da53db07984cf066866140e6f52b1df1502692b
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 23:24:24 2014 -0400

    testing: added more tests in testing/lib/libswan/algparse.c

commit 97a3fd1cdb0554b6d45fcff7208fa77540fa2156
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 23:22:16 2014 -0400

    complete parser_alg_info_add() error handling for bad ciphers
    
    This fixes yesterday's fix that broke 3des and covers more illegal
    combinations such esp=aes_gcm-md5, ah=aes_gcm and properly fixes
    ah=null taking into account the "ah=null" INT_MAX hack.

commit 91c4c9882d9742fd02b5aa834698177bfba84e29
Merge: 35074d0 31e3714
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 27 21:03:04 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit 35074d00f0307454bed31de3e5ccec941efa8364
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 27 20:48:24 2014 -0400

    tweak swantest
    
    - "./" at the start of a filename is redundant (unless it is used as a command)
    
    - trailing whitespace is redundant
    
    - the % operator is easier to read when surrounded by spaces
    
    - fix some grammar and spelling

commit 31e37140bbd227161981c6f7727b7e77bd460a22
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 27 18:19:55 2014 -0400

    pluto: with a heavy heart, delete enough "const"s to quiet the compiler

commit 563589ae030b250f430ce88bc1da21e9430586eb
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:36:54 2014 -0400

    testing: updated passthrough tests
    
    The firewall rules were incorrect for some cases, causing it to
    block unencrypted passthrough traffic. Also the pid sanitizer
    changed.

commit b1d9a1bffc5380bbf6635d59e71d47d9e7c7e954
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:36:16 2014 -0400

    testing: updated nat-transport-02 for changed pid sanitizer

commit 673f8beccd160caa5ab843c314f007690cbf6a7d
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:35:19 2014 -0400

    testing: updated reference output for major/minor version numbers
    
    The error handling changed slightly, so the output changed

commit dd141189d0de535864ddd1a64d938aa8a9877293
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:33:34 2014 -0400

    testing: simplified algo-pluto-07
    
    no need for anything on east or west pinging whatsoever.

commit 123f339f518d1396e968761ec187051ee94ffa76
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:32:57 2014 -0400

    testing: nat-transport-02 is now good

commit 8a8cdc59a862c5a84f0be102111bed74aaa61167
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:31:59 2014 -0400

    testing: change log message from "esp string error" to "phase2alg string error"

commit 0b12575633948f900016a5431494ce139a86e3d7
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:31:13 2014 -0400

    log message: change "esp string error" to "phase2alg string error"
    
    These appear for esp as well as ah

commit 4fffa41119fb9645387bc3715ce80f1751cdad83
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Sep 27 00:28:31 2014 -0400

    alg_info.c: do not allow ah=null as a valid phase2alg for a connection
    
    Such connections willl no longer load

commit 6ed8e22e9010b664da1a52bdf689d677f6cfc297
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 19:25:29 2014 -0400

    testing: updated reference output for l2tp-0[12]

commit 5b651740fc7e279955cbb665e698dd49bc3e9394
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 19:24:12 2014 -0400

    testing: update reference output for dnssec-pluto-01

commit 95e6fd6566fe9b68a5bc1846ab670b41d94b7504
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 19:23:46 2014 -0400

    testing: fix testtype for compress-pluto-netkey-klips-04

commit c342fbb0d4d91853d80c82bd97ba94de8923c83d
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 19:22:38 2014 -0400

    testing: updated compress testcases
    
    note that compress with netkey does not properly show traffic
    statistics on down, because we didn't ask the kernel for "IPCOMP"

commit 8c4bb4200e6e332b6c029fddf316a25eb42f0105
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 19:04:21 2014 -0400

    update addconn bug description in CHANGES

commit 784b4481340280ac4fd381a6cc542b419e585806
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 19:00:03 2014 -0400

    updated changes

commit cf923bd729b34e529ac591a76baa716a98a0cb96
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 18:57:42 2014 -0400

    * NETKEY: don't trust PF_KEY API to tell us about IPCOMP support
    
    pfkey_register_response() does not register an entry for
     msg->sadb_msg_satype=10 to indicate IPCOMP, so we override
    detection. Seems the PF_KEY API in Linux with NETKEY/XFRM
    is not worh using at all. (previous lies discovered are for
    algorithms supported and not announced as well as algorithms
    claimed supported for which we called rmmod/rm)

commit c80413ffdc04a3f19e1ced07baa7163b23c0eeb9
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 17:34:09 2014 -0400

    testing: consolidate pid sanitizers and add to default list

commit d6c1a6350d47016b12c436566ccb6039dfc62f8d
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:54:30 2014 -0400

    testing: add missing consoles for algo-pluto-04

commit 1635c603b57e1755e8af3140481f6acc72543b5e
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:53:46 2014 -0400

    testing: add wip interop-ikev2-strongswan-17-delete-sa-responder

commit fb4ed937c9ff6cad8b277bb3cf2270d1a42e8269
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:43:20 2014 -0400

    testing: change some wip -> good for strongswan tests

commit cc53d81d777960b1c946e51121b916b1d86e18ae
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:42:05 2014 -0400

    testing: updated strongswan tests - mostly due to strongswan 5.1.* -> 5.2.* changes

commit 97de0a15daa410388d028ec268d43c10eb1631a3
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:27:52 2014 -0400

    testing: interop-ikev2-strongswan-10-nat-initiator fix iptables rule
    
    swan-prep must be called before trying to use the LOGDROP table.

commit 9e01481f471c75ebf66e9afcf254d33536a835b0
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:12:14 2014 -0400

    testing: interop-ikev2-strongswan-14-delete-sa updated
    
    output changed due to updated strongswan version

commit e5f4b98ec0e35edc56e57c1d44a3e55aba672344
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Sep 26 12:10:11 2014 -0400

    testing: fixup ikev*-isakmp-reserved-flags-* tunnel identifiers
    
    1001 -> 1000 due to a code cleanup

commit 3cd7ac107bfeaa41ada73a4ec00f88557610c8af
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 01:50:53 2014 -0400

    pluto: poke at update_retransmit_history
    
    - remove mentions from v2 code (the problem is handled differently in the protocol)
    
    - give it a clearer name update_retransmit_history => remember_received_packet
    
    - fix bug by making routine idempotent

commit ab3070aaccb53147593066bc8d5e3c5088b38995
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 01:18:27 2014 -0400

    pluto: eliminate three redundant calls to delete_event

commit 50c6591900090a3b2090c4599c972fab4770ec44
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 01:15:08 2014 -0400

    pluto: crypto helper: remove 13 copies of a useless test (leave a passert)

commit a0047d353e1a3a4ebc030c8676bd6f352983f668
Merge: 8c2b833 20811cf
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 01:06:57 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 8c2b8332536402465c3195c0cda9a19e0ee29bb3
Merge: 87df398 267c7a0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 01:05:55 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit 87df3981a125b83a3e89839cda1089dfbd138623
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 00:30:50 2014 -0400

    pluto: more clarification of crypto helper code

commit ef0b12b17a1543ca2f2ed2563dfb8385d2abda72
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 26 00:17:34 2014 -0400

    pluto: eliminate some confusing non-indentation (uncrustify bug)

commit 267c7a02ffb5d48298c24bc76cf82a8984ee4b32
Merge: cf1f385 e368a09
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 25 23:30:10 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit cf1f3859f4ff65dea6c34c179fd2bc969dc7d191
Merge: bca7b6d 643decc
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 25 22:23:53 2014 -0400

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	programs/pluto/ikev2.c
    	programs/pluto/ikev2_parent.c

commit bca7b6de2e252a54edfb51b18d3d683a0e0d70db
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 16 05:44:37 2014 -0500

    testing: fix SPIs matching strongswan.sed

commit 00cf51145a934529f57f220eb7f444723d5c783e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 25 03:47:09 2014 -0400

    pluto: hack to fix crashes in complete_v1_state_transition and complete_v2_state_transition

commit c521c9cbde08d7d9264f9ef6183c2d575c5e8338
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 24 23:09:48 2014 -0400

    delete programs/configs/d.ipsec.conf/retransmits.xml
    Not used since af8816e946a3ad763492c36643af8af5bbcf75e4

commit f303745ed99c0d41f17e272d7ed4583e7123d057
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 24 23:00:18 2014 -0400

    pluto: fix a few comments

commit 1741b7dc2c87ecbb8357c8c57cc606d158bc41c0
Merge: 26b3150 98e090a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 24 22:59:24 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 26b315083b2c30c71126ea1e19e9c0b2ff61c6ec
Author: Antony Antony <antony at phenome.org>
Date:   Wed Sep 24 20:52:28 2014 +0300

    testing: in swantest grep for "general protection" and "CORE FOUND"

commit 4388c88bb8b0bd637a4a918393cc45e5aaa1a683
Merge: 8602595 fe88173
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 24 13:36:05 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 8602595bad176cc749cc37b2065ccbf1d8d74550
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 24 03:50:50 2014 -0400

    pluto: more crypto-helper tidying
    
    - correct handling of case where crypto finishes
      and finds state object has been deleted
    
    - a few inconsequential buglets fixed.
    
    - more explanation

commit fa1fa6d584c750883bf85d17fc5bb3896c5f7df9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 23 18:09:30 2014 -0400

    pluto: clarify crypto helper code

commit 228d44b86f3b1688aca84d1cda3d67ac539827fc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 23 18:08:22 2014 -0400

    pluto: make indentation of v1 microcode slightly less confusing

commit 03df524170f139d4be5ede0a4bc35283b8202f6f
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 23 21:18:31 2014 +0300

    testing: ujson for printing float numbers json don't support double_precision

commit 6f8a2f603c67e89e492a9a86e561442c74312471
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 23 20:05:52 2014 +0300

    testing: kern-list-fixups.sed
    delete the line "sha1_ssse3: Neither AVX nor AVX2 nor SSSE3 is available"
    It started appear with kernel 3.16.2-201.fc20.x86_64

commit 202c546d673a69f2b3c5cfd6e9e27a49118c2422
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 23 19:10:05 2014 +0300

    testing: OUTPUT/RESULT is one line per JSON without indent
    a crude way to stop tests. Need to be called from directory
    ~/libreswan/testing/pluto

commit 92284ccd4dc3b4b70f4e27f09abfef950e493dcb
Merge: b4d4645 bcd9dd7
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 23 08:38:01 2014 +0300

    Merge branch 'master' into hugh-2014aug

commit b4d4645aae5a7740a26a3ce61a6ee5dd00ea7373
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 23 08:32:02 2014 +0300

    testing: use json instead of ujso to get indent in dump

commit 94540e151b910629b32e1f185e72e697cd731d9d
Merge: ad26757 4042074
Author: Antony Antony <antony at phenome.org>
Date:   Sun Sep 14 06:46:02 2014 -0500

    Merge branch 'hugh-2014aug' of vault.libreswan.fi:/srv/src/libreswan into hugh-2014aug

commit 40420749cfe328f2679dfb2b733ad50e5caa9851
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 22 22:32:45 2014 -0400

    pluto: add way of suppressing msg_digest pool at compile time -- for debugging

commit b376e55b6fad6e17b9e12f08c15652a8a9a24d6b
Merge: 532facb ca37e3c
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 23 04:11:17 2014 +0300

    Merge branch 'hugh-2014aug' of vault.libreswan.fi:/srv/src/libreswan into hugh-2014aug

commit ca37e3cdc81e2bbc31166a245fb52910254eb780
Merge: 2baa48c a35e05e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 22 14:50:23 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 532facb2a675b2552a0dc4b0fb60a667bf9e208e
Author: Antony Antony <antony at phenome.org>
Date:   Mon Sep 22 20:22:32 2014 +0300

    testing: ikev1-cryptoload-00 wip

commit 2baa48caf018ec4056c24543272b1a58dab66105
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 18:21:15 2014 -0500

    ikev2: add debug message for state transition after deleting praent state and  STF_OK

commit 9cdfa75aaebb17b2fc9657cdbf258fdb90cd5605
Merge: 481399f 57dc5d7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 22 01:23:09 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 481399f9f1d263c7871baca802221cdc140c43f5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 21 23:34:13 2014 -0400

    pluto: eliminate useless block and indentation
    (Separate from b647540d8b7e1a052181dead8b72886e19e263ca so that diff would be clearer.)

commit b647540d8b7e1a052181dead8b72886e19e263ca
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 21 23:32:05 2014 -0400

    pluto: try to eliminate dangling pointers after delete_state
    Also: reorganize some of the code associated with delete_state

commit b0e5c0cdf6601ab251c820db296be12a591e4a40
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 21 23:15:51 2014 -0400

    pluto: fix wrong indentation in packet.h

commit 3d901ce953e62fc31ae4f05e0f2922a9d2c4e992
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 21 16:34:01 2014 -0400

    pluto: slight tidy of server.c

commit 7599ee6f248025ab2e0b98441d182b60722b8109
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 21 16:26:52 2014 -0400

    pluto: shred freed struct msg_digest (might catch dangling pointers)

commit e31794c744c818effd5e11f66715b518fb529c7e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 21 16:21:53 2014 -0400

    pluto: imporve comment on some PBS macros

commit 02d13a97dc83df42d4f1bd47252571f8681b0454
Merge: 06aceee f98a140
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 20 10:49:07 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 06aceee6d759d7159b96f92e20fa3223154885da
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 20 10:47:14 2014 -0400

    pluto: fix spelling mistake in comment

commit 40416fbc71e71fa9bdc525c898013345c0d96ff2
Merge: 7e103f7 345ab46
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 19 14:04:57 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 7e103f7dc17c1bb25372aa61659dd830e9b8cc2a
Merge: 7161340 c2f4010
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 19 12:58:28 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 7161340cb0f6d1dd20e8fb8855c98964c82ac40a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 19 12:57:04 2014 -0400

    pluto: fix pfree (broken in 83f2e3da82f90b511f0812ed3d61fb671615f9f5)

commit 1c9c60b121ab79200438213aeab248fd26fd0dc4
Merge: 7316865 0f55803
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 19 00:43:45 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 731686537a79cb0b6f59d065912b4e662ce81067
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 23:55:10 2014 -0400

    pluto: minor tidying of V2 code

commit b87b106de752776cbee40751dd0b634efaed68bc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 23:33:45 2014 -0400

    pluto-testlist-scan.sh: detect SEGFAULT in logs

commit 79ed57f1b5fb86264658bddaa72ef9ebd970c13d
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 23:15:42 2014 -0400

    pluto: get rid of fake md: wasn't fundamentally required

commit 2eed8b1c73e269468a62a8bbd1fb2639112d1ee4
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 23:15:16 2014 -0400

    pluto: parse SPIs better in v1 delete payload

commit 2c0fdac913f440d592ece13efeb4e315784c0038
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 23:14:42 2014 -0400

    pluto: protect code in complete_v1_state_transition that requires non-NULL st

commit 34aea0c89239a2195400c514577919542bf459e9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 23:14:03 2014 -0400

    pluto: note calls of delete_event that are probably redundant

commit 83f2e3da82f90b511f0812ed3d61fb671615f9f5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 21:52:13 2014 -0400

    leak detective: when detecting, clear each chunk of memory that is freed

commit 8f5f2f95960e4d390051e807ffb75573658c61f6
Merge: 2e7e5da 22d3ad7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 18 21:51:16 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 2e7e5dacdb14340f5b0758d83cfca9151a5fef1d
Author: Antony Antony <antony at phenome.org>
Date:   Fri Sep 19 00:19:00 2014 +0300

    ikev2: a simple end with STF_OK and parent state is gone.
    if this works add a couple of log lines.

commit cb76db4ea1937b80a4f6f2c31c786c9ae4e174fc
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 22:44:52 2014 +0300

    pluto: missing names due to ba8bc4e6d4 and STATE_UNDEFINED is called the same.

commit d129716e966c823610bc2988fd5bd3747e0a61dc
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 19:42:33 2014 +0200

    delete-state-01 wip test check with efence

commit 465025b1900545e064bcccc5b862f7b92e52d250
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 18:26:23 2014 +0300

    ikev2-delete-03-valgrind: fix the --up line

commit ed55efbb6801974f205de11489bc8938c87b37a1
Merge: ba8bc4e d47a860
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 08:52:24 2014 +0300

    Merge branch 'master' into hugh-2014aug

commit ba8bc4e6d46bd69ba1c04ae6780ef4e50051772c
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 17 22:59:15 2014 -0400

    pluto: slight simplification of complete_v2_state_transition

commit 874a1e9f4197943826b8df4ec2593dbcf7362e06
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 04:54:24 2014 +0300

    testing: ikev2-delete-03-valgrind

commit 54f0ec0a27ef9861c025e0d01c6892266489d6c2
Author: Antony Antony <antony at phenome.org>
Date:   Thu Sep 18 04:49:10 2014 +0300

    ikev2 : set md->st = NULL after a call to delete_state,
    beceasue delete_state zero(st) and pfere(st).

commit 2c5d1a43d81d781aa6894bc6b64047c4a701f1a4
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 17 16:47:03 2014 -0400

    look: careful about locale for sort
    
    refines d4a8877f3b7f7935dcf6b35724d2eb7aee68d324

commit 8d319882aa131d17ff910c0af05307ba775140be
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 17 16:23:58 2014 -0400

    testing: reorder cert listing in reference output
    Reflects d4a8877f3b7f7935dcf6b35724d2eb7aee68d324

commit f05cac682952d2d4969d68f2de208500fc864199
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 17 02:35:46 2014 -0400

    pluto: fix comment

commit ed1310d16fcc8ba5536528778586a11468edeaf4
Merge: bd436b9 86c4434
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 16 17:46:01 2014 -0400

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	programs/pluto/ikev2_crypto.c
    	programs/pluto/kernel.c

commit bd436b92148b503ae81e1dc8c043c039015dbdaa
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 16 17:02:23 2014 -0400

    pluto: tweak ikev2_child_inIoutR

commit 1b162c6b963bac64022d1c27d9a877bd963d8eb2
Author: Antony Antony <antony at phenome.org>
Date:   Mon Sep 15 05:36:41 2014 -0500

    ikev2: CREATE_CHILD_SA refuse KEi

commit 1199ec32d368ba8ad6b70a2ca9a8e5d03e673f64
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 16 19:04:40 2014 +0200

    testing: interop-ikev2-strongswan-15-create_child_sa is not sending  NO_ADD_SAS
    instead establish CHILD SA.

commit d296a4090a5b311e652ab8d64592dd09c181208a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 16 10:39:00 2014 -0400

    testing: git rid of ", retransmits=yes" from reference log files
    Needed because of af8816e946a3ad763492c36643af8af5bbcf75e4

commit 093fd0b5d2f9fe18619f868ace0e0ba60d63d460
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 16 01:46:37 2014 -0400

    Revert "testing: status changed from hashlen= to hashsize="
    
    This reverts commit f2b21913b434f49a541d96f014a05b7677a86894.
    The original commit was inappropriate for this branch.

commit 575d946842d4a9b681fbe1ecb094a965f21496ce
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 16 01:45:27 2014 -0400

    pluto: improve buffering of logging to file

commit 8218e47392ed5bd1eba0f6b6ce755d85bc2ba654
Merge: af8816e f354aad
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 16 01:13:06 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit af8816e946a3ad763492c36643af8af5bbcf75e4
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 15 20:06:33 2014 -0400

    pluto: get rid of --noretransmits and retransmits=yes/no in ipsec.conf.
    
    It wasn't working for the only purpose we applied it to.
    It turns out that it was misleadingly named.  The documentation was
    more accurate:
          At times it may be desirable to turn off all timed events in
          pluto, this can be done with-noretransmits</option>.
    
    I don't see a use for this capability.
    To achieve the function suggested by the name, use --impair-retransmits.

commit 7a413b91f3598d26780039567790e745e3724096
Merge: 2ca853e 567ad59
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 15 19:13:31 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit ad2675709b5579de799652299c33c4b44bc037fe
Author: Antony Antony <antony at phenome.org>
Date:   Sun Sep 14 06:26:02 2014 -0500

    testing: fix typo.
    during retries genrate tables and summary only if there is  a change.

commit 2ca853ee1da2218722f4aa70a238377af0aab1cc
Merge: c3600a3 c4c178d
Author: Antony Antony <antony at phenome.org>
Date:   Sun Sep 14 06:10:26 2014 -0500

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit c4c178d69e0dd9237db95f9fe9264c824d007fe0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 14 22:04:41 2014 -0400

    testing: one more hashsize => hashlen

commit b3924ab0c584795024d2ac64439e0f0f6a255945
Merge: 4671b45 775ebab
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 14 20:24:14 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit 4671b455a605df1f0d6ba2d095fac14bee791aa2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 14 20:23:31 2014 -0400

    testing: tweak a few more reference logs

commit 775ebab5007a5cc3ec279ed3ce95ebfa2fe77db2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 13 23:43:55 2014 -0400

    pluto: add warnings that current code only supports CBC mode for IKEv2 messages

commit f75ec2e35fb6537320793a0328034620803b84f8
Merge: cca0a33 601ea6b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 13 23:08:54 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit cca0a33cb28c381fde33976896cfb05a777be0bd
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 13 22:59:18 2014 -0400

    testing improvements
    - change reference logs to reflect change in logging of transform keylengths
    - "hashsize" => "hashlen"
    - many auto=route or auto=add => auth=ignore
    - esp=aes-aes_cbc => esp=aes-aes_xcbc
    - extra ; in --status output
    - add /testing/pluto/bin/wait-until-pluto-started in several */*init.sh files
    - psk-pluto-06/roadinit.sh: remove ifconfig and route

commit c3600a3b1bb7ead75d5175ef70d2566135c06913
Merge: 723ddb1 46b93d5
Author: Antony Antony <antony at phenome.org>
Date:   Sat Sep 13 08:02:36 2014 -0500

    Merge branch 'master' into hugh-2014aug

commit 723ddb1c053f92751fe72e8b0abcf3cf08e8a3a9
Merge: 2406a97 64e73d8
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 12 12:28:23 2014 -0400

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	testing/pluto/TESTLIST

commit 2406a97d8bf8fb9003cdbcbd0aa4a20e2841a91c
Merge: baea762 cc6e7a9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 12 11:54:27 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit baea76260b18e4fba9282df3a3513151d182db02
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 12 11:52:24 2014 -0400

    pluto: decrypted message's PBS must persist
    fix f2de5ef7555a00fccb7596390155aa5d23e5036f

commit f2de5ef7555a00fccb7596390155aa5d23e5036f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 11 14:26:53 2014 -0400

    pluto: tidy and fix bugs in IKEv2 message decryption
    - detect message too short for crypto overhead
    - detect message not a multiple of the block size
    - detect out-of-range padding length
    - elminate alloca() from ikev2_parent.c

commit bb33769c2070795eb07f3e8fe9defd8f12baf418
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 11 14:19:08 2014 -0400

    eliminate or document unused variables and assignments

commit 295d726c55d93a1acaeaa03991b55bf0e7ff43b1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 11 14:13:50 2014 -0400

    constants.c: eliminate unused af_inet_name and af_inet6_name

commit 10ad5ede566c53e4f1cd920dc8ceb5f98511d8a9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Sep 11 10:42:34 2014 -0400

    Pluto: get rid of #define iv_size enc_blocksize (confusing and dangerous)

commit d9f22ffa8c97d145e3e0b450c0ca1a29fbc73b0d
Merge: a501858 a94a4f1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 10 01:28:55 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit a5018582bffd59ab5275875b78b24f1d07b4e3ed
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 10 01:18:31 2014 -0400

    tidy ikev2_parent.c:
    - handle SPI more gracefully
    - create and use emit_iv
    - eliminate redundant check for encrypted payload
    - eliminate ikev2_create_child_sa_in, a synonym for ikev2_child_inIoutR
    - check for correct size of SPI list in Delete payload

commit e33ba4aa226532eeaf3d99b806ba760b542077ef
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Sep 10 01:17:50 2014 -0400

    strip_prefix: use strneq

commit d96c7396c082446ca26fc1ca985b2a109720bfb1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 9 13:52:13 2014 -0400

    fix returns pointlessly split across lines by uncrustify

commit fd1a172a9b80946dad73b1b798236d4c906e4fe8
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 9 11:24:32 2014 -0400

    eliminate ghosts of unused fields in ipsec_xmit_state

commit 52b2c216e2ef2d1182b0a621fc5cf02ca9a2eeb7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Tue Sep 9 11:23:48 2014 -0400

    pluto: fix comment format

commit d60d6602f6e4e8e6ccec2657956055dc9c97d098
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 8 22:10:24 2014 -0400

    debug: dont use DBG_CRYPT for non-private key logging

commit 91e38ea04f6c66b127314cf420b81ca3c81b63af
Merge: 47e1cbb 31b94bc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 8 22:09:38 2014 -0400

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	programs/pluto/kernel.c

commit 47e1cbbbb39402f5e4a1941056c730693bd0dee9
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 8 22:01:37 2014 -0400

    testing: fixup a number of reference outputs
    
    algo-pluto-09
    ikev2-12-x509-ikev1
    ikev2-12-x509-ikev1-rw
    ikev2-18-x509-alias
    ikev2-delete-01
    ikev2-delete-02
    nat-pluto-01
    nat-pluto-03
    netkey-algo-cast-01
    netkey-algo-null-01
    netkey-algo-null-02
    pluto-rekey-02
    psk-pluto-01
    psk-pluto-02
    xauth-pluto-03

commit 41f9c291da828193a87d3e0b191bffbe696f98d2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 8 21:53:49 2014 -0400

    testing: updated TESTLIST with some wip -> good

commit 4402b8d0376e9bf41461e4bf035b8124a1d5aacc
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 8 21:52:48 2014 -0400

    testing: strongswan sanitizer should not need a space

commit 255f33e8d178c1dedcb91ce2e58dc457a8ec081b
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 8 15:59:47 2014 -0400

    testing: update basic-pluto-07 reference output

commit 2c32b19fecbf5ed2c47e080df8a92fb4e134d1b7
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 7 22:43:06 2014 -0400

    testing: added testing/utils/pluto-testlist-scan.sh to aid analysis of test results

commit 39ba273902d1ad86bdbb3ef971d90b37fa0fb7e0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 7 22:10:59 2014 -0400

    testing: call hashlen hashlen, not hashsize

commit 7bd65cf27cf5655ca33b65ad74b3675f7bc59495
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Sep 7 22:09:18 2014 -0400

    testing: get rid of accidental "_" as a prefix

commit b8b53df13813006713d0a40cbdaea5d032efcd63
Merge: d74a038 e11eb2a
Author: Antony Antony <antony at phenome.org>
Date:   Sun Sep 7 18:06:51 2014 +0300

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit e11eb2a5f69c0fb5a813ea7321b062c8c81e83bb
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 23:51:17 2014 -0400

    pluto: undo bug introduced in 0395c26ac17af9b02e4f1b84d7279288fc985ced
    bonus: fix comment that prompted the error

commit 37338ae1a765d39e98563a0aeb1408cb158233be
Merge: 2d973fe 965cde0
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:46:03 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 2d973fec3f6de5f3efb44f2a7a8de51227b69c6c
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:40:05 2014 -0400

    testing: IPIP spi numbers changed in 0395c26ac17af9b02e4f1b84d7279288fc985ced

commit c61ef6d158f9755fa38b76fc65e9ba514dc06821
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:39:00 2014 -0400

    re-sanitize.sh: fix typo

commit 4496d4fe75267fb716f4e6ea70b7c9ec896b6125
Merge: 46450fb 964b1da
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:37:36 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit 964b1da826a32a48ccb7d9b51bf945b7a672813e
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:34:40 2014 -0400

    pluto and test reference files: get rid of ", trunclen=0" in IKE hash description

commit fdc1c8bcfc7a62a95fa0d2f5a4a6167957cb5657
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:31:06 2014 -0400

    spigrp.c: reposition comment

commit d86b696a9f32860128b9f0400f27b3f431ec5275
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 22:29:31 2014 -0400

    spi.c: get rid of 9-year-old temporary debugging output

commit d74a03887b9514c78351629dc034e76937d2bc17
Merge: 59b6278 965cde0
Author: Antony Antony <antony at phenome.org>
Date:   Sat Sep 6 23:00:31 2014 +0300

    Merge branch 'master' into hugh-2014aug

commit 802a8daa4fbfc1766ac5bf68b0b710b7856b6964
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Sep 6 15:20:32 2014 -0400

    pluto: strip_prefix should usually have a "_" at the end of the prefix literal

commit 46450fb8872f4d0bac04f23bdf92be4a517aea2f
Merge: a6e8b4c 0a4ca86
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 5 02:40:05 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
    
    Conflicts:
    	testing/pluto/ikev2-algo-sha2-08/east.conf
    	testing/pluto/ikev2-algo-sha2-08/west.conf

commit 0a4ca865ee180e500088d4abf255d164b53d5348
Merge: 0395c26 9dd7a3c
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 5 01:39:04 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 0395c26ac17af9b02e4f1b84d7279288fc985ced
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Sep 5 01:38:00 2014 -0400

    pluto: tidy, mostly setup_half_ipsec_sa

commit a6e8b4c3e025fbee1e8cdd050fe4dde2e2235076
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Sep 4 21:07:29 2014 -0400

    testing: add ikev2-algo-sha2-08 for sha2-truncbug=yes

commit cc6e7a913e0f7b8741174d35cb0d3324ae71d998
Author: Antony Antony <antony at phenome.org>
Date:   Wed Sep 3 07:18:56 2014 -0500

    ikev2: use from_state instead st->st_state. clang warn st could be null

commit ce9caa5fad6381818f2189eaa684775863a91826
Merge: fbbaeef 7f66aca
Author: Antony Antony <antony at phenome.org>
Date:   Tue Sep 2 18:31:35 2014 +0200

    Merge branch 'master' into hugh-2014aug

commit fbbaeefb3fb0f54a6ef5cf7c2fac6c2ba44b95c5
Merge: f057027 33a1804
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Mon Sep 1 18:02:29 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit f057027a12df74c99fa5ce404deb8d9e0edc8dc1
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Aug 31 15:31:24 2014 -0400

    Pluto: make gen_reqid more robust

commit 0c359885bd78efeb8ea7774c8d82051d1d6018ff
Merge: e2384ef bdf11c2
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sun Aug 31 15:26:51 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit e2384efe41a389cbab905f81bacd3aa802b0671f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Aug 30 15:49:39 2014 -0400

    systematize reqid handling:
    
    - add the type reqid_t (previously various types were used)
    - add macro to centralize mapping from base reqid to one for an SA
    - fix some corner cases
    - catch invalid --reqid value in whack

commit 568390053b211fb0d8aaf8e03be54fad893aa035
Merge: 5fbd5f5 f26c355
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Aug 30 10:20:24 2014 -0400

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	lib/libswan/alg_info.c

commit 59b62786b8f25b96bb5a23a1a8621eab11caa5ab
Merge: dfcc5a3 0a4ca86
Author: Antony Antony <antony at phenome.org>
Date:   Sat Aug 30 02:46:14 2014 -0500

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug

commit 5fbd5f5724de7ba351b9fba2e6c5adfb2234b2f3
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Aug 30 02:25:16 2014 -0400

    enum_showb: simplify interface

commit e6ac1beebded16c6cb26f5eccf28c818ac26ba76
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Aug 30 01:55:12 2014 -0400

    kernel_alg.c:kernel_alg_esp_info fiddling:
    
    - note that it uses a function-static variable (dangerous; NOT fixed)
    - add warning not in callers too
    - add comment about questionable test in kernel_alg_esp_info
    - replace calls to enum_name with enum_showb where beneficial

commit 7da51e7eec83d1b93990ba42650ca5ebd4b99db3
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Aug 30 01:21:40 2014 -0400

    programs/pluto/kernel_bsdkame.c: use a C99 standard designated initializer

commit 41e4d102359b795969c4d7b458f994a900ba2c57
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Sat Aug 30 01:15:10 2014 -0400

    examine all user-space function-static variables
    
    - make const if possible (thus safe)
    - make auto if possible (also safe)
    - if not safe, make sure that there is a warning comment
    - narrow usage of escaped pointers: make sure they are pointer-to-const
    
    Fix bugs in rsasigkey.c's hexOut:
    - third character of output was always '\0' (useless)
    - added code to handle output overflow

commit 35d6710922a76a7df9e3cb63bbdfa6afa8e54386
Merge: 31608dc 32ad067
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Aug 29 19:30:03 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit 31608dc489608a6888a9836de71ee57637885319
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Aug 29 19:23:31 2014 -0400

    "const" generally belongs at the front of a type specifier

commit a751b7227bb8c70b3abc208e92fcb9cc6d41e909
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Aug 29 19:11:10 2014 -0400

    Clean up Pluto's hashers:
    
    - make them type-safe
      + added "thunk" routines to convert union hash_ctx *
      + use size_t for sizes in caller and callee
      + eliminate use of casts for function pointers
    - rename userland osMD5* => lsMD5*.
    - leave kernel osMD5* as-is (seems odd)
    - use names instead of numerals
    - make SHA384 first-class
    - eliminate ikev2_natd_hasher

commit bc4b5138c76e3e6a566a0827576d7225cd6e1706
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Aug 29 16:16:32 2014 -0400

    Clean up SHA2 hashing so that lying casts are not used.
    
    The struct hash_desc initialization had casts that lied and could misbehaviour.
    Also: simplify hash finalization in compute_digest.

commit dfcc5a391c4ba5d7e114e1f9abde1075b62cdbe0
Author: Antony Antony <antony at phenome.org>
Date:   Fri Aug 29 11:32:34 2014 -0500

    ikev2: remove the function ikev2_create_child_sa_in_refuse
    It was sending v2N_NO_ADDITIONAL_SAS

commit 7868cda74daab3f119beffa47a83fe73e3523945
Merge: c2edf81 82325a5
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 23:04:30 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit c2edf81cfeaf98797b446eafdb0a70f7a1f6ca00
Merge: 1322fff ad6ad1f
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 23:00:13 2014 -0400

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	lib/libswan/alg_info.c
    	programs/pluto/plutoalg.c
    	testing/pluto/TESTLIST

commit 1322fffff2cf10ac7a04ad6d33948b4a4a93956d
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 18:32:12 2014 -0400

    Pluto: tidy alg stuff
    
    - rename kernel_alg_esp_enc_ok => check_kernel_encrypt_alg to reflect return type
    - rename is_virtual_net_allowed => check_virtual_net_allowed to reflect return type
    - indicate success via boolean result, not int: ike_alg_register_hash, ike_alg_register_enc
    - return void where no caller uses result: ike_alg_twofish, ike_alg_serpent_init, ike_alg_aes_init, ike_alg_sha2_init
    - ike_alg_sha2_init: try adding each keysize separately
    - pfkey_register_response:
      + unify klips_pfkey_register_response and linux_pfkey_register_response => pfkey_register_response
      + move initialization of kernel alg lists from pfkey_register_response to stack init routine
      + handle AH in pfkey_register_response
    - tidy struct ike_alg, struct encrypt_desc, struct hash_desc
    - add comments noting some mysteries
    - updated some comment to post-FreeS/WAN
    - tidy kernel_alg_register_pfkey; relocate call to kernel_alg_init
    - reorganize sadb_alg_ptr
    - get rid of field aliases:
    	esp_ealg_id
    	esp_aalg_id
    	esp_ealg_keylen
    	esp_aalg_keylen
    - get rid of ESPTOINFO and IKETOINFO
    - don't convert types thoughtlessly (eg. signed to unsigned)
    - ike_alg_show_status: for auth algs, show trunclen
      (struct hash_desc field hash_integ_len)

commit 724c1f926b8965f4a1ece1eaa7139879e6fd7f91
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 18:30:06 2014 -0400

    testing/utils/sanitize.sh: fix spelling, trailing whitespace

commit 2a45410ffc48953bd983e8f8ed8cd6183f38889a
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 18:29:32 2014 -0400

    testing/utils/re-sanitize.sh: add documentation; add "set -ui"

commit 005c2370a27ef0231e21ed81ac7484702c6fca55
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 18:28:34 2014 -0400

    testing/pluto/setup.sh: change so script will survive "set -ui"

commit e29fd62c87879710fa7a79cb3e7dfc7e7ef536ab
Merge: dd93173 332bb09
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 28 18:22:45 2014 -0400

    Merge branch 'hugh-2014aug' of vault.libreswan.org:/srv/src/libreswan into hugh-2014aug
    
    Conflicts:
    	programs/pluto/ikev1_quick.c

commit 332bb09aa1514ea79960581589740ac1dc0570f0
Author: Antony Antony <antony at phenome.org>
Date:   Wed Aug 27 04:53:52 2014 +0200

    ikev2: clarify another case pexpect in complete_v2_state_transition

commit 44ca79b9b3622258691e8246b90a8cef80cd603f
Author: Antony Antony <antony at phenome.org>
Date:   Sun Aug 24 02:42:14 2014 -0500

    ikev2 : improve function names

commit 74a22e4ca47e8ee1fa156c0a0e11790ae8d406e0
Author: Antony Antony <antony at phenome.org>
Date:   Fri Aug 22 23:00:31 2014 +0200

    ikev2: remove extra comments

commit dd93173b1665d62e50e635b96ede3ccd55fdfbad
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Fri Aug 22 03:17:23 2014 -0400

    pluto: tidy some of the "alg" handling.
    
    - properly protect parameters in macro bodies with parenthesis
    - use bool return values where natural
    - fix comments to be truthful
    - reduce scope of auto variables
    - explicitly compare pointers with NULL in bool contexts
    - local simplifications
    - improve a couple of messages

commit ab9829fb7f57af948787c13c00dbbd38128c86cb
Author: Antony Antony <antony at phenome.org>
Date:   Thu Aug 21 23:06:08 2014 -0500

    ikev2: partial support CREATE_CHILD_SA as a responder

commit 0c62c92b423586890ae9bf0dad762b19a11074ba
Merge: be1e58f d11a724
Author: Antony Antony <antony at phenome.org>
Date:   Thu Aug 21 23:05:17 2014 -0500

    Merge branch 'master' into hugh-2014aug
    
    Conflicts:
    	programs/pluto/ikev2_child.c
    	programs/pluto/ikev2_parent.c

commit be1e58f0d9934e745f45ea9a50fbf46c995b3114
Author: Antony Antony <antony at phenome.org>
Date:   Thu Aug 21 12:29:06 2014 -0500

    ikev2: improve debug message.

commit add5a86dfebbba7db06dd566c6b8474bbd97b810
Merge: b900c5a 1dc40b6
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 21 01:45:22 2014 -0400

    Merge branch 'master' into hugh-2014aug

commit b900c5afb24bc4e4d3e70d48432a31fd41041566
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Thu Aug 21 01:35:10 2014 -0400

    Pluto: fallout from code reading
    
    tidy:
    	fix grammar in comments and messages
    	fix some whitespace
    	testing pointers for NULL should be explicit
    	reduce scope of locals
    	use symbols, not magic numerals
    	remove some redundant parentheses
    
    clarify:
    	rename build_ke => build_ke_and_nonce
    	rename unpack_KE => unpack_KE_from_helper
    	rename enum member pcr_build_kenonce => pcr_build_ke_and_nonce
    	add const to some pointer parameters
    	use enum type instead of int where appropriate
    	improve pluto_cryptoop_strings
    
    Correct:
    	In TS handling, some functions returned -1 for exceptions
    	but the callers stored the result in unsigned int variables.
    	Fix:
    		document function return values
    		retype index variables and parameters
    		handle -1 results
    
    Simplify:
    	eliminate struct msg_digest's pst (redundant and only sometimes accurate)
    	refactor TS matching code, reducing redundancy
    	remove redundant payload checking (already done by state machine)
    
    archaeology:
    	add pexpects for exploratory purposes
    	add explanitory comments capturing discoveries
    		document functions better (note -1 returns)
    	add comments for mysteries (possible bugs)



More information about the Swan-commit mailing list