[Swan-commit] Changes to ref refs/heads/master
D. Hugh Redelmeier
hugh at vault.libreswan.fi
Fri Aug 10 20:24:30 UTC 2018
New commits:
commit 59165f0a975e60b1c28a9626117300f53bf1e818
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 10 16:21:58 2018 -0400
testing: change Strongswan reference logs to reflect changes in c7cc3dbdd0782c157d2676740212c24e35c18415
- Order of DPD vendor ID and FRAGMENTATION vendor ID is reversed
commit c7cc3dbdd0782c157d2676740212c24e35c18415
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 10 16:07:20 2018 -0400
pluto: improve next payload backpatching and start using it in IKEv1 code
- backpatch target info is now in the PBS that will receive the payload.
No searching is required.
- backpatching better supports payloads within payloads
- rename struct_desc's "np" (next payload) to "pt" (payload type)
since this is about the current payload, not the next one.
- make sure that every struct_desc used for payload output has a
correct pt. This meant the generic struct_desc should not be used.
pt should only be explicitly initialized in a struct_desc for a
payload.
- the struct_desc pt field is now used at the start of out_struct,
before the field loop.
- ft_mnp (message next payload) is renamed ft_fcp (first contained
payload) and can be used in more places, not just the IKE message
header.
- some backpatch problems are reported as expectation failures.
This is an escalation from just appearing in debug logging.
More checking is performed.
- IKEv1 Vendor ID emitting is handled better: common routines are used
instead of replicated and accidentally mutated code.
- even more np calculation could be eliminated
- scatter a lot more "const"s
- use an empty struct (ikev2_encrypted_portion) as a wrapper PBS for
encrypted payloads. This requires some consideration of backpatching
mechanism (see calls to move_pbs_previous_np()).
- simplify ikev2_create_psk_auth() by eliminating a parameter
- simplify ikev2_calculate_psk_sighash()
- eliminate non-static array bounds ("hash_len") from
ikev2_create_psk_auth() and ikev2_verify_psk_auth().
This is (optonally) supported by compilers but the
C Committee seems to consider it a mistake.
- rename ikev2_np_cp_or_sa to ikev2_np_cp_or (awkward, but better
reflects what it does). This routine should be elminated.
- simplify nat_traversal_insert_vid() by replacing struct state *
parameter with a const struct connection * parameter
- rename ikev2_record_fragments to ikev2_record_outbound_fragments
to better reflect its function.
- improved some logging
commit fdb390f0035070fc8b03cf124ccb12ac4428f289
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 10 14:35:30 2018 -0400
programs/pluto/ikev1_send.c: tweak whitespace
commit 9d56aac9b076ace3093df0b08686d53c1b627822
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 10 14:31:05 2018 -0400
addrtypeof.c: delete an unexpected blank line in source
commit f9b8292842149ac56f54574053342027153b6f95
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date: Fri Aug 10 14:28:15 2018 -0400
testing: fix spelling in a couple of description.txt files
More information about the Swan-commit
mailing list