From paul at vault.libreswan.fi Thu Aug 1 03:32:32 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Thu, 01 Aug 2019 03:32:32 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <45zbTD0qwVz7S8Ph@vault.libreswan.fi> New commits: commit ee88ba615882ea95058906456b6b18ece7b6bc25 Author: Paul Wouters Date: Wed Jul 31 23:32:05 2019 -0400 testing: update for f30 and change of interfaces/routing commit 98a84a4adb0df7f2a4c32624cf96cac9e67f50cb Author: Paul Wouters Date: Wed Jul 31 23:31:50 2019 -0400 testing: some fixes due to newer NSS commit d56785b7b001a53e6e0eb39595e19f1af5923dc8 Author: Paul Wouters Date: Wed Jul 31 23:15:49 2019 -0400 testing: ikev2-x509-02-smoketest updated Went from 3 failures to 1 due to updated NSS. commit bf0772b5b67343a9be6569aaeec4740abcdc7951 Author: Paul Wouters Date: Wed Jul 31 23:09:48 2019 -0400 testing: newoe-27-replace-sa-authnull-authnull no longer has unexplained outBytes commit 153385c1119ba5843131d5695a9972b03593b49d Author: Paul Wouters Date: Wed Jul 31 23:09:21 2019 -0400 testing: dnsoe-06 - a road key changed? commit 14aa754b347fa97e055806693d499eaf07dc495f Author: Paul Wouters Date: Wed Jul 31 23:08:28 2019 -0400 testing: vti interface number changed due to removal of eth2 on west/east commit dc3e14a4c9b09d154b7f6bf0c3b7a25e93367093 Author: Paul Wouters Date: Wed Jul 31 23:07:56 2019 -0400 testing: linux audit on fedora30+ kernel also log: UID="root" AUID="unset" From tis at vault.libreswan.fi Thu Aug 1 15:19:17 2019 From: tis at vault.libreswan.fi (Tuomo Soini) Date: Thu, 01 Aug 2019 15:19:17 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <45zv8j5j4Yz7Rs0b@vault.libreswan.fi> New commits: commit ad1a2931124179fa273d066ebe0d38fb88028b2c Author: Tuomo Soini Date: Thu Aug 1 18:19:10 2019 +0300 _updown.netkey: fix syntax error in checking routes This was broken by d745bf5656955abf0da6353cfe65759770746038 From paul at vault.libreswan.fi Thu Aug 1 15:36:53 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Thu, 01 Aug 2019 15:36:53 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <45zvY16m6cz7Rs0b@vault.libreswan.fi> New commits: commit f7d3fd1c8f7deae8f4a0fa4c5c11f90595dd23c0 Author: Paul Wouters Date: Thu Aug 1 11:36:34 2019 -0400 testing: ip xfrm monitor output is now santized away commit 268507011d98935342ae5673696052f04e5405e8 Author: Paul Wouters Date: Thu Aug 1 11:35:58 2019 -0400 testing: add sanitizer for the ip xfrm monitor command terminating. It sometimes causes a race condition in the console output, which is now worse between namespaces and kvm testing. From paul at vault.libreswan.fi Thu Aug 1 15:37:44 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Thu, 01 Aug 2019 15:37:44 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <45zvZ04GpVz7Rs0b@vault.libreswan.fi> New commits: commit 198bafbf6ed6e1f666e52ed615ac4967c5b9c9e6 Author: Paul Wouters Date: Thu Aug 1 11:37:15 2019 -0400 testing: various updated related to eth2/route changes and f30 From antony at vault.libreswan.fi Thu Aug 1 18:10:31 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Thu, 01 Aug 2019 18:10:31 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <45zyyH2WyLz7S8Ph@vault.libreswan.fi> New commits: commit 1becc86ca9aa2947cc2ede2ec8d4df32747b4154 Author: Antony Antony Date: Thu Aug 1 13:03:22 2019 +0000 testing: fixes to nsrun no prefix From paul at vault.libreswan.fi Thu Aug 1 20:43:54 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Thu, 01 Aug 2019 20:43:54 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4602MG3fltz7T1vY@vault.libreswan.fi> New commits: commit d4f9f3067303ffd4e3b4c55113bb8ed24abdad4d Author: Paul Wouters Date: Thu Aug 1 16:43:36 2019 -0400 testing: updated TESTLIST commit 5dd85a99c6a00f9e3e62956cfe23bc224a04337f Author: Paul Wouters Date: Thu Aug 1 16:42:39 2019 -0400 testing: ikev1 strongswan interop updates for newer strongswan on fedora30 Remove dh22-24 interop test cases as we do not support those DH groups anymore per default From paul at vault.libreswan.fi Fri Aug 2 16:42:19 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Fri, 02 Aug 2019 16:42:19 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <460Xy35GlDz7Rs0b@vault.libreswan.fi> New commits: commit 88ef3ed751bd188bfd561a62f351970d369289ce Author: Paul Wouters Date: Fri Aug 2 12:40:10 2019 -0400 _updown.netkey: fix for iproute2 >= 5.1 Basically, the command ip route get addr/cidr would ignore the /cidr part silently before 5.1. This now gives an error. See the thread here: https://www.spinics.net/lists/netdev/msg570779.html From paul at vault.libreswan.fi Fri Aug 2 17:08:18 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Fri, 02 Aug 2019 17:08:18 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <460YX263Wzz7T1vW@vault.libreswan.fi> New commits: commit d4a53c75454540b556ac6a3c683d648aa309b41c Author: Paul Wouters Date: Fri Aug 2 13:07:34 2019 -0400 _uodown.netkey: cleanup of 88ef3ed751 Use PLUTO_PEER_CLIENT_NET which is the network without /CIDR commit 36b99b9c5f0fecd212e70e3301c297ea104aa32b Author: Paul Wouters Date: Fri Aug 2 13:01:24 2019 -0400 documentation: updated CHANGES From paul at vault.libreswan.fi Fri Aug 2 17:48:45 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Fri, 02 Aug 2019 17:48:45 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <460ZQj5jVfz7T1vb@vault.libreswan.fi> New commits: commit 0c2b0b2ebf028125678403cca47a954452dc693c Author: Paul Wouters Date: Fri Aug 2 13:48:06 2019 -0400 testing: large chunk of ikev2 strongswan interop test updates mostly to account for newer strongswan shunts and f30 / routing changes. From antony at vault.libreswan.fi Fri Aug 2 18:00:52 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 02 Aug 2019 18:00:52 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <460Zhh411dz7T1vb@vault.libreswan.fi> New commits: commit 239af0c680c094c8442bdb87ee2b7b7950ef3748 Author: Antony Antony Date: Fri Aug 2 17:59:07 2019 +0000 testing: remove F30 - systemd-networkd From cagney at vault.libreswan.fi Sat Aug 3 15:37:51 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 03 Aug 2019 15:37:51 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4617TC3vtYz7T1vZ@vault.libreswan.fi> New commits: commit 4c28fbc62a54a5a6a2c7caf8f8a5bc062e74156a Author: Andrew Cagney Date: Sat Aug 3 11:37:31 2019 -0400 building: fix BSD bitrot From cagney at vault.libreswan.fi Sun Aug 4 12:32:41 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 04 Aug 2019 12:32:41 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <461gK56vD1z7T1vZ@vault.libreswan.fi> New commits: commit d57e19aa2d97d5c88290893fbc0211779af7a106 Author: Andrew Cagney Date: Sun Aug 4 08:20:34 2019 -0400 subnet: change type of ip_subnet.addr to ip_endpoint Since libreswan's ip_subnet contains a routeable endpoint vis: (NETWORK)PREFIX | HOST(IDENTIFIER) : PORT / MASK an endpoint is needed to store PREFIX|HOST:PORT. From cagney at vault.libreswan.fi Sun Aug 4 16:06:42 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 04 Aug 2019 16:06:42 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <461m421P3sz7T1vc@vault.libreswan.fi> New commits: commit 725cf020349664cd97f2a3264b8df2e2d5587295 Author: Andrew Cagney Date: Sun Jul 28 09:21:20 2019 -0400 subnet: implement subnet_{mash,floor,ceiling} using a common mashup() function, test Where mashup() strips :PORT from the subnet's (routepoint's) endpoint and then applies applicable masks to the underlying PREFIX|HOST address. subnet_mask() replaces maskof(). subnet_{floor,ceiling}() drops ip_ prefix. From paul at vault.libreswan.fi Sun Aug 4 21:41:12 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Sun, 04 Aug 2019 21:41:12 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <461vV01y0gz7T1vd@vault.libreswan.fi> New commits: commit 8bb225798220221396d63cb039d0f3dbb7fb739e Author: Paul Wouters Date: Sun Aug 4 16:57:57 2019 -0400 pluto: Support for rightid=%any without matching SAN for IKE ID In add_connection(), remember when we have an id=%any entry, since we forgot when we replaced the %any ID with our ID_IP from our IP address. Later when subjectAltName (SAN) checks happen, we can ignore a mismatch of IKE ID and SAN if configured with rightid=%any commit 1aff700e7e1f9607ef3c0ac99eec4098523a0b2d Author: Paul Wouters Date: Sun Aug 4 16:57:15 2019 -0400 testing: add generating certs without SAN to dist_certs.py commit 87dd5e20635b0be3424d776649e0a2fe0ea7b009 Author: Paul Wouters Date: Sun Aug 4 16:56:46 2019 -0400 testing: add ikev2-x509-32-id-any to TESTLIST commit adff91c315d05140b29a5fb79da7abe02d8d6039 Author: Paul Wouters Date: Sun Aug 4 16:55:49 2019 -0400 testing: added ikev2-x509-32-id-any to test rightid=%any This allows the SAN to not be present or not match at all. commit 7822a4463fc807d240db6e0e73eecf1113bdd69c Author: Paul Wouters Date: Sun Aug 4 16:37:37 2019 -0400 pluto: rename a variable ipstr to iptxt to avoid confusion with ipstr() function. From cagney at vault.libreswan.fi Mon Aug 5 17:36:52 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 05 Aug 2019 17:36:52 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <462Q1c1nbfz7T1vd@vault.libreswan.fi> New commits: commit 76664adf9da45d3a249c784bea881562636f5e77 Merge: 8bb2257 b6529e9 Author: Andrew Cagney Date: Mon Aug 5 13:35:37 2019 -0400 pluto: sprinkle pbs_in_address() Clean up pbs_left(), pbs->cur, and initaddr(). Merge commit 'b6529e9d2cb3cb014957ae10fffb0b928d19eefe commit b6529e9d2cb3cb014957ae10fffb0b928d19eefe Author: Andrew Cagney Date: Fri Jul 26 21:41:49 2019 -0400 doi: use pbs_in_address() to parse the peer ID's address commit 8ca2b3a6b1baa4d2c84c0f0fbc5136361814d8f4 Author: Andrew Cagney Date: Mon Aug 5 08:41:52 2019 -0400 ikev2: use pbs_in_address() to parse the internal ip address commit 5f41ad35b69b3834c262bb01cbcf848004d929b6 Author: Andrew Cagney Date: Mon Aug 5 08:35:30 2019 -0400 ikev2: use pbs_in_address() to parse internal DNS address commit 03d29693a40c9c55a70053a79bf83fc60e542f15 Author: Andrew Cagney Date: Mon Aug 5 08:26:22 2019 -0400 ikev1: use pbs_in_address() to decode network id commit 13207242708407c9ff1f19a7a7b5cafe4356df85 Author: Andrew Cagney Date: Mon Aug 5 08:09:22 2019 -0400 nat: use pbs_in_address() to parse the OA address commit a88ff11266a8cbec1261dd1e4e9826b0c9c51f3e Author: Andrew Cagney Date: Sun Aug 4 12:18:17 2019 -0400 ikev2: use pbs_in_address() to parse redirect address From cagney at vault.libreswan.fi Mon Aug 5 17:46:57 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 05 Aug 2019 17:46:57 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <462QFF2CGSz7T1vb@vault.libreswan.fi> New commits: commit 5b657ceacd405598fe3857de00f404ae36f646d4 Author: Andrew Cagney Date: Mon Aug 5 13:41:36 2019 -0400 ip_address: delete loopbackaddr(), unused From paul at vault.libreswan.fi Mon Aug 5 18:30:02 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Mon, 05 Aug 2019 18:30:02 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <462RBy0NSrz7T1vd@vault.libreswan.fi> New commits: commit 779ae44800c08232d6a3b8eb6c7475f6b4e004af Merge: c692ba6 5b657ce Author: Paul Wouters Date: Mon Aug 5 14:29:30 2019 -0400 Merge branch 'master' of vault.libreswan.fi:/srv/src/libreswan commit c692ba62e2aa898837497ad22361bf1dda6ef7a9 Author: Stephen Kitt Date: Sun Aug 4 20:06:12 2019 -0400 pluto: Bump WHACK_MAGIC The changes to deltatime_t's definition in 5d83f9af1f9ccf16570bcb613447d91c81a0c95a and the addition of whack_ddns result in changes to the transmitted messages, so WHACK_MAGIC should be bumped. Signed-off-by: Paul Wouters From cagney at vault.libreswan.fi Mon Aug 5 20:22:16 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 05 Aug 2019 20:22:16 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <462ThS5xQVz7T1vd@vault.libreswan.fi> New commits: commit e68460cda1ea392c8af08aaa7065674a7a019ffa Merge: 779ae44 14dd3c0 Author: Andrew Cagney Date: Mon Aug 5 16:20:33 2019 -0400 pluto: use address_from_in*_addr() when bytes in in*_addr Merge commit '14dd3c06a98b50053a3d4a42408336db167584fd' commit 14dd3c06a98b50053a3d4a42408336db167584fd Author: Andrew Cagney Date: Sun Jul 28 13:11:49 2019 -0400 ip_address: in colon()+trydotted() use address_from_in{,6}_addr() since address size is known commit 56105dd14bc66d17288ddde2ee6e985df52f0466 Author: Andrew Cagney Date: Mon Aug 5 14:28:03 2019 -0400 addresspool: use address_from_in_addr() to create ip_address from range.start+index commit 416f6f9f6a1dbeeb15389d2b11770da65d860fda Author: Andrew Cagney Date: Mon Aug 5 14:12:32 2019 -0400 ikev1: use address_from_in_addr() on the CISCO load balance address notification commit 6be98d0e777992284886d8d44babe4abab4a8e91 Author: Andrew Cagney Date: Mon Aug 5 14:04:19 2019 -0400 kernel: in find_raw_ifaces4(), use address_from_in_addr() to create the address from struct in_addr Since it "can't fail". commit a900ab5150dc7c0c3f712decd3ab02c2c6c48c16 Author: Andrew Cagney Date: Mon Aug 5 13:56:11 2019 -0400 ikev1: use address_from_in_addr() to convert the CISCO in_addrs to ip_addresses From tis at vault.libreswan.fi Tue Aug 6 08:20:21 2019 From: tis at vault.libreswan.fi (Tuomo Soini) Date: Tue, 06 Aug 2019 08:20:21 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <462nd14T1vz7T1w0@vault.libreswan.fi> New commits: commit 04536185192889c18f43c034c049150116285fc8 Author: Tuomo Soini Date: Tue Aug 6 11:19:43 2019 +0300 ipsec: only run restorecon when it exists From cagney at vault.libreswan.fi Tue Aug 6 13:55:09 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 06 Aug 2019 13:55:09 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <462x3K0lSXz7T1vh@vault.libreswan.fi> New commits: commit 8aa1ebcae29341010bdf16c06a5c7fd77e90abf3 Author: Andrew Cagney Date: Mon Aug 5 17:03:34 2019 -0400 ip_subnet: rename networkof() to subnet_endpoint(), since it returns PREFIX+HOST:PORT And not just the network prefix. From cagney at vault.libreswan.fi Tue Aug 6 16:11:14 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 06 Aug 2019 16:11:14 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46304L5LRMz7T1vm@vault.libreswan.fi> New commits: commit e81b69172fc0fd32317da48163e0c29f260f8463 Author: Andrew Cagney Date: Tue Aug 6 10:43:06 2019 -0400 testing: KVM_OS->KVM_GUEST_OS; testing/libvirt/fedora30.[mk.ks}->testing/libvirt/f30.{mk.ks} From hugh at vault.libreswan.fi Tue Aug 6 16:20:28 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Tue, 06 Aug 2019 16:20:28 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4630H05c81z7T1w2@vault.libreswan.fi> New commits: commit a61b0755e42f3d8c6496deab41913a3b0c1a8931 Author: D. Hugh Redelmeier Date: Tue Aug 6 12:18:54 2019 -0400 libswan: ip_subnet: simplify and clarify mashup() From cagney at vault.libreswan.fi Tue Aug 6 16:42:12 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 06 Aug 2019 16:42:12 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4630m414Wzz7T1w2@vault.libreswan.fi> New commits: commit 53f878af447d66d33788f5cf511cc9c7762d3b64 Author: Andrew Cagney Date: Tue Aug 6 12:37:42 2019 -0400 testing: update f30's $(KVM_KICKSTART_FILE) missing from rename From paul at vault.libreswan.fi Tue Aug 6 16:58:24 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Tue, 06 Aug 2019 16:58:24 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46316m2BPGz7T1w6@vault.libreswan.fi> New commits: commit 968eb34180af93c02af1ffa90ac307b5910fe09b Author: Paul Wouters Date: Tue Aug 6 12:58:02 2019 -0400 testing: update audit sanitizer commit 91f60a831e3c2750e7e7747630a95f1c3818b425 Author: Paul Wouters Date: Tue Aug 6 12:57:37 2019 -0400 documentation: updated CHANGES commit 488c6c0784ade1a3f82515e267b3a882ad24daad Author: Paul Wouters Date: Tue Aug 6 12:57:10 2019 -0400 pluto: SECCOMP add getrandom() used by unbound commit 84cd0071a41df01ac89bd23796e3ec93112895ed Author: Paul Wouters Date: Tue Aug 6 12:56:15 2019 -0400 testing: some fixups to 192.9 fallout, seccomp syscall updates, misc fixes commit f6f3251d2c6167eb1d9c06e2f8cb8cb6abd8cb49 Author: Paul Wouters Date: Tue Aug 6 12:46:58 2019 -0400 pluto: add getdents64() to SECCOMP white list From cagney at vault.libreswan.fi Tue Aug 6 17:12:36 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 06 Aug 2019 17:12:36 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4631R81shqz7T1w8@vault.libreswan.fi> New commits: commit 0cc807898268644978f0a8c2a316ab2d71148856 Author: Andrew Cagney Date: Tue Aug 6 13:08:05 2019 -0400 nss: add more CKM_* macros to lswlog_nss_ckm() From cagney at vault.libreswan.fi Tue Aug 6 19:15:05 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 06 Aug 2019 19:15:05 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46348T5YM9z7T1wB@vault.libreswan.fi> New commits: commit 0d8251b5dcafd449792a14795870d5d9d9643654 Author: Andrew Cagney Date: Tue Aug 6 15:13:37 2019 -0400 crypto: during start up log the name of each algorithm test before it is run Being radio silent doesn't help when tests fail. From paul at vault.libreswan.fi Wed Aug 7 02:15:04 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Wed, 07 Aug 2019 02:15:04 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463FT45SSzz7T1wR@vault.libreswan.fi> New commits: commit 5ccfe4c1522f3c1403931e216e50bad0f64e2380 Author: Paul Wouters Date: Tue Aug 6 22:14:54 2019 -0400 testing: small misc update From cagney at vault.libreswan.fi Wed Aug 7 03:38:17 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 07 Aug 2019 03:38:17 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463HK536Zgz7T1w8@vault.libreswan.fi> New commits: commit a41556e8bd558329584d45221fad6197a9dbb92c Author: Andrew Cagney Date: Tue Aug 6 22:48:50 2019 -0400 nss: add more CKM_* types to lswlog_nss_ckm() From antony at vault.libreswan.fi Wed Aug 7 11:46:58 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Wed, 07 Aug 2019 11:46:58 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463V8y16j6z7T1wX@vault.libreswan.fi> New commits: commit 875a1bbb17a42759f1558c070e9524bf8d4a5956 Author: Antony Antony Date: Sat Aug 3 11:01:32 2019 +0000 testing: f*{28,30}.mk add iputils to get ping on a minimal install On minimal instlll need to specify iputils to get ping, for example on Docker or podman. commit 529c4043a2952279fa8b6648c3e28b4164ace49c Author: Antony Antony Date: Sat Aug 3 22:29:11 2019 +0000 testing: f30 systemd-network files missing network prefix len From cagney at vault.libreswan.fi Wed Aug 7 15:14:41 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 07 Aug 2019 15:14:41 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463Zmd65SQz7T1w8@vault.libreswan.fi> New commits: commit ea46bc3cbed0a9d22372ada8e23f81d9c03a48e7 Author: Andrew Cagney Date: Mon Aug 5 17:06:51 2019 -0400 eroute: replace networkof()+add_port() with more explicit subnet_endpoint()+set_endpoint_port() networkof() returns PREFIX|HOST:PORT, not just prefix. Use host-byte-order when manipulating {src,dst}_port. Check that the src/dst subnets were specified before using them. From cagney at vault.libreswan.fi Wed Aug 7 16:29:53 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 07 Aug 2019 16:29:53 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463cRP5xMCz7T1wX@vault.libreswan.fi> New commits: commit 1410c471ff1b80c332478937328cafa3d63e653d Author: Andrew Cagney Date: Wed Aug 7 12:29:19 2019 -0400 web: don't get confused generating summaries.json when the web directory is a soft-link From cagney at vault.libreswan.fi Wed Aug 7 17:14:01 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 07 Aug 2019 17:14:01 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463dQK1yfNz7T1w8@vault.libreswan.fi> New commits: commit 73bb9e4437ac4d580d2ca1f056bbeaf40c487bd3 Author: Andrew Cagney Date: Mon Aug 5 17:04:54 2019 -0400 kernel: merge the xfrm_to_ip_address()+add_port() sequence into xfrm_to_endpoint() From cagney at vault.libreswan.fi Wed Aug 7 17:36:27 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 07 Aug 2019 17:36:27 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <463dwC3mzrz7T3kr@vault.libreswan.fi> New commits: commit 97109fbb9e34122b41f8ab3dff8f69f7ab3b0fbe Author: Andrew Cagney Date: Mon Aug 5 17:09:04 2019 -0400 ip_address: delete set_port(), uses eliminated From hugh at vault.libreswan.fi Thu Aug 8 15:14:12 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Thu, 08 Aug 2019 15:14:12 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464Bjc0Gwzz7T1wX@vault.libreswan.fi> New commits: commit d3fbb038df53ed46267c93a71fbe00e481be2df5 Author: D. Hugh Redelmeier Date: Thu Aug 8 11:12:26 2019 -0400 pluto: kernel_netlink.c: finish adjusting indentation of a complex test in netlink_acquire() Started in 73bb9e4437ac4d580d2ca1f056bbeaf40c487bd3 From cagney at vault.libreswan.fi Thu Aug 8 15:42:58 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 08 Aug 2019 15:42:58 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464CLp4Xwyz7T1wX@vault.libreswan.fi> New commits: commit 2952fa5d7eb4795676bd5b40e139aeeab48e4434 Author: Andrew Cagney Date: Sun Jul 28 10:05:07 2019 -0400 interfaces: in starter_iface_find() clearly handle IPv6 Instead of relying on the sin_addr and sin6_addr mapping to the same struct offset, explictly convert the sockaddr to an endpoint, and from the to an address. Should fix: ??? what should happen for IPv6? From hugh at vault.libreswan.fi Thu Aug 8 16:01:45 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Thu, 08 Aug 2019 16:01:45 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464CmT0vVwz7T3kr@vault.libreswan.fi> New commits: commit 0f4cdd099a4522c930fbcf9ea0e268235cf2a70f Author: D. Hugh Redelmeier Date: Thu Aug 8 11:57:45 2019 -0400 eroute, spi, spigrp commands: improve error_s - reduce scopes - declare with correct type (err_t) - rename as "e" since each scope is now tiny. Continues work started in ea46bc3cbed0a9d22372ada8e23f81d9c03a48e7 From cagney at vault.libreswan.fi Thu Aug 8 17:34:07 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 08 Aug 2019 17:34:07 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464Fq33RWgz7T1wX@vault.libreswan.fi> New commits: commit 2e8cd25805937f73c33fae020c4ccb51b7cc571e Author: Andrew Cagney Date: Thu Aug 8 13:28:33 2019 -0400 ip_info: .ia_sz->ip_size, .version->.ip_version, .sa_sz->sockaddr_size I might rembember .ip_size, I never remember .ia_sz. From cagney at vault.libreswan.fi Thu Aug 8 17:58:57 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 08 Aug 2019 17:58:57 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464GMj0lMsz7T1wX@vault.libreswan.fi> New commits: commit ac63367a043f90e49211d43d99665bd9bdcd0c68 Author: Andrew Cagney Date: Wed Aug 7 09:44:20 2019 -0400 crypt: wrap all PK11_Derive() calls using crypt_derive() So that we never loose errors. From cagney at vault.libreswan.fi Thu Aug 8 19:49:41 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 08 Aug 2019 19:49:41 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464JqT0RNdz7T3lB@vault.libreswan.fi> New commits: commit 7076aaef88533f92817af163e909e3aa87206625 Author: Andrew Cagney Date: Thu Aug 8 13:50:29 2019 -0400 ip_address: use address_from_in_addr() to convert getnetbyname()'s result This code path doesn't support IPv6 (should it?). From paul at vault.libreswan.fi Thu Aug 8 21:37:32 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Thu, 08 Aug 2019 21:37:32 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464MCw2KYTz7T1wX@vault.libreswan.fi> New commits: commit 4a753a68a885a5c701e3a112e15a6972e81596d3 Author: Paul Wouters Date: Thu Aug 8 17:32:55 2019 -0400 testing: nic-internet should use eth2 now - use dhclient directly Using dhclient directly avoids init system weirdness, like systemd.nicX not supporting ONBOOT=no From cagney at vault.libreswan.fi Thu Aug 8 21:39:09 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 08 Aug 2019 21:39:09 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464MFn3vv7z7T1wX@vault.libreswan.fi> New commits: commit c7a340e130264e973db2989454cbe0c0f00172da Author: Andrew Cagney Date: Thu Aug 8 17:36:51 2019 -0400 crypto: in key_from_symkey_bytes() explicitly return NULL when zero bytes Rather than call PK11_Derive() and have that return NULL. Turns out ac63367a043f90e49211d43d99665bd9bdcd0c68 was too pedantic. From cagney at vault.libreswan.fi Fri Aug 9 00:22:25 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 09 Aug 2019 00:22:25 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464Qt94v7lz7T3lL@vault.libreswan.fi> New commits: commit 4d9ca0c86bf625c2f6f328012591335c0490f901 Author: Andrew Cagney Date: Thu Aug 8 13:02:22 2019 -0400 ip_address: replace initaddr() with data_to_address() Replace int af with struct ip_info. Change 'data' to 'const void *' from 'unsigned char *' Add hunk_to_address() wrapper. Always initialize address parameter. Add MUST_USE_RESULT. Don't assume data is correctly aligned. From antony at vault.libreswan.fi Fri Aug 9 11:06:23 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 09 Aug 2019 11:06:23 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464j9C1BPRz7T3lL@vault.libreswan.fi> New commits: commit 86acab92641841802094a971e3e881031aa56775 Merge: 3c92566 acca345 Author: Antony Antony Date: Fri Aug 9 10:51:47 2019 +0000 Merge branch 'namespace-test' commit 3c925661c86b7fd3a24fa363e73e3a8cee06785a Author: Antony Antony Date: Wed Aug 7 14:12:50 2019 +0000 testing: more fixes systemd-network config files DHCP=no is the default. DNS is only useful with systemd-resolved no plans for that yet. IPForward=yes is still ignored? commit acca345056b65cb44d6871a9bf08152ac14201b3 Author: Antony Antony Date: Wed Jul 31 02:06:10 2019 +0000 testing: nsrun fixes add docker and podman support commit 090e910a08d43cf67d0ca2b31c6d211f5ef4c37e Author: Antony Antony Date: Sat Aug 3 10:37:25 2019 +0000 testing: guestbin/swan-transmogrify fixes it throwing errors running on unknown host name e.g docker t1.build commit f9d0a706b9b6b1900e709ec5e9b731fe833afff0 Author: Antony Antony Date: Sat Aug 3 10:36:43 2019 +0000 initsystems: systemd install failing to restart is not fatal commit 39f09ad0581d43b51f7381af21636b80c86b4671 Author: Antony Antony Date: Fri Aug 2 11:28:17 2019 +0000 testing: docker Dockerfile-fedora-min-packages commit b1b58e880a45063cbde869137b9589412452c6a8 Author: Antony Antony Date: Fri Aug 2 11:27:13 2019 +0000 testing: mk/docker-targets.mk changes for podman From antony at vault.libreswan.fi Fri Aug 9 11:37:56 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 09 Aug 2019 11:37:56 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464jsc4bzRz7T3lP@vault.libreswan.fi> New commits: commit b044da9cf5b5f58d88d905526c92e07f2e138837 Author: Antony Antony Date: Fri Aug 9 11:36:54 2019 +0000 testing: travis need docker as the default it does not support podman From antony at vault.libreswan.fi Fri Aug 9 11:51:37 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 09 Aug 2019 11:51:37 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464k9P5nYFz7T3lL@vault.libreswan.fi> New commits: commit 4e7c165db8b2605fa1f8da7bd97eeb035f88bdbd Author: Antony Antony Date: Fri Aug 9 11:50:53 2019 +0000 testing: more undoing of podman to docker for travis tests From cagney at vault.libreswan.fi Fri Aug 9 12:25:05 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 09 Aug 2019 12:25:05 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464kw1656Bz7T3lR@vault.libreswan.fi> New commits: commit 54a2f4270d6da970e3876ff45724fb13d37b4288 Author: Andrew Cagney Date: Fri Aug 9 08:24:25 2019 -0400 ip_address: tweak comment, suggest adding if_info to structure From antony at vault.libreswan.fi Fri Aug 9 13:31:50 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 09 Aug 2019 13:31:50 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464mP24Gl7z7T3lL@vault.libreswan.fi> New commits: commit 141fbbe8a891940491b612c04bf36a49bbe15e53 Author: Antony Antony Date: Fri Aug 9 13:31:15 2019 +0000 testing: more fixes to travis. podman changes broke travis From hugh at vault.libreswan.fi Fri Aug 9 13:38:41 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Fri, 09 Aug 2019 13:38:41 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464mXx2JR7z7T3lL@vault.libreswan.fi> New commits: commit 63e235b3c33dcbef2ec5a1615c99f403ae51f542 Author: D. Hugh Redelmeier Date: Fri Aug 9 09:38:14 2019 -0400 ip_address.h: fix spelling in a comment From antony at vault.libreswan.fi Fri Aug 9 13:51:06 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 09 Aug 2019 13:51:06 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464mqG4mrYz7T3lS@vault.libreswan.fi> New commits: commit 462528da03cd50a6ac2f9a5e22beb1dfd1cc3cc7 Author: Antony Antony Date: Fri Aug 9 13:50:24 2019 +0000 testing: one more fix to get fedora travis working. From antony at vault.libreswan.fi Fri Aug 9 14:03:10 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Fri, 09 Aug 2019 14:03:10 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <464n5B6kYDz7T3lS@vault.libreswan.fi> New commits: commit 0626de9099d6f5f2946ba274103227294ef30fbf Author: Antony Antony Date: Fri Aug 9 14:02:44 2019 +0000 ttesting: one more fix to get centos travis working. From cagney at vault.libreswan.fi Sat Aug 10 01:51:23 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 10 Aug 2019 01:51:23 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4654pN0BdVz7T3lR@vault.libreswan.fi> New commits: commit af47006ad6d8e6348f4b56645e87a559ed3bc3e4 Author: Andrew Cagney Date: Fri Aug 9 21:43:23 2019 -0400 crypto: in kev2_child_sa_keymat() explicitly return NULL when esp=null-none i.e., a request for zero bytes of KEYMAT. From cagney at vault.libreswan.fi Sat Aug 10 12:51:29 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 10 Aug 2019 12:51:29 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <465MS14X7Nz7T3lR@vault.libreswan.fi> New commits: commit a22b942b30a44cab2c9d399099de58a64a5a7077 Author: Andrew Cagney Date: Thu Aug 8 20:30:29 2019 -0400 ip_endpoint: eliminate endpoint_type(), use endpoint_info() From cagney at vault.libreswan.fi Sat Aug 10 14:12:19 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 10 Aug 2019 14:12:19 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <465PFH5SMzz7T3lR@vault.libreswan.fi> New commits: commit e3bc60c1c89b5181fa7ddce7312b464f5970b534 Author: Andrew Cagney Date: Thu Aug 8 14:48:55 2019 -0400 testing: switch KVM_GUEST_OS=f30 From cagney at vault.libreswan.fi Sun Aug 11 12:05:58 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 11 Aug 2019 12:05:58 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <465yP226Vpz7T3lM@vault.libreswan.fi> New commits: commit a31bc5e7f37d75d510dce0260bcd96a9d0bc5c3d Author: Andrew Cagney Date: Thu Aug 8 20:43:11 2019 -0400 ip_subnet: eliminate subnettypeof(), use subnet_info() From cagney at vault.libreswan.fi Sun Aug 11 13:04:09 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 11 Aug 2019 13:04:09 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <465zh96C2vz7T3lT@vault.libreswan.fi> New commits: commit f02948ba6e8f2ef4f162d387d37daeede8a735fa Author: Andrew Cagney Date: Sat Aug 10 13:35:31 2019 -0400 *check: print total failures From cagney at vault.libreswan.fi Sun Aug 11 13:10:21 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 11 Aug 2019 13:10:21 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <465zqK10Vbz7T3lV@vault.libreswan.fi> New commits: commit 940d1ad48ae98f6663f00bfc7ac1829d81e3dbf3 Author: Andrew Cagney Date: Sat Aug 10 13:34:52 2019 -0400 ipcheck: make testing the addreses :: and 0.0.0.0 (aka any) explicit Were being tested implicitly via subnet tests. From cagney at vault.libreswan.fi Mon Aug 12 11:53:36 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 12 Aug 2019 11:53:36 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <466Z4J72xrz7QQvR@vault.libreswan.fi> New commits: commit dd18b5ddde1414cce4e6436d32c60b3d387065d2 Author: Andrew Cagney Date: Sun Aug 11 08:53:44 2019 -0400 ip: adopt {address,endpoint,subnet}_type() as name for getting IP info/type/version The code: address_type(a) == subnet_type(s) is more meaningful than: address_info(a) == subnet_info(b) From cagney at vault.libreswan.fi Mon Aug 12 15:09:37 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 12 Aug 2019 15:09:37 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <466fQT5SxSz7QQvb@vault.libreswan.fi> New commits: commit df8a8210846886073d997a11ca57570836fc6079 Author: Andrew Cagney Date: Sat Aug 10 13:34:52 2019 -0400 ipcheck: test *_type() From cagney at vault.libreswan.fi Mon Aug 12 20:56:19 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 12 Aug 2019 20:56:19 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <466p6W3WYJz7QQw0@vault.libreswan.fi> New commits: commit 033fdf060896616d669a229a045dde5f84f2d70c Author: Andrew Cagney Date: Thu Aug 8 22:14:58 2019 -0400 crypto: eliminate all the append_{symkey,chunk,bytes}_{symkey,chunk,bytes}() functions The append*() functions are sufficient. From cagney at vault.libreswan.fi Mon Aug 12 20:59:06 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 12 Aug 2019 20:59:06 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <466p9k3pF3z7QQvb@vault.libreswan.fi> New commits: commit 7dce6d453ff57b6078e4bc34353614ca8dc10173 Author: Andrew Cagney Date: Mon Aug 12 13:21:19 2019 -0400 ip: move all the old port manipulation functions to ip_endpoint.[hc] Since, presumably, it is the endpoints that have the ports. From hugh at vault.libreswan.fi Tue Aug 13 04:04:23 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Tue, 13 Aug 2019 04:04:23 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <466zcR1L7Wz7QQw0@vault.libreswan.fi> New commits: commit 33da1c2fbb3cf728213137df27ff7fba33bc47f6 Author: D. Hugh Redelmeier Date: Tue Aug 13 00:03:42 2019 -0400 libswan: modernize and simplify sameaddr.c From hugh at vault.libreswan.fi Tue Aug 13 04:34:35 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Tue, 13 Aug 2019 04:34:35 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4670HH3zwrz7QQw0@vault.libreswan.fi> New commits: commit 93097b6f4edd20be727c2d7e09b276c6d510c8a1 Author: D. Hugh Redelmeier Date: Tue Aug 13 00:27:30 2019 -0400 pluto: server.c: create_socket(): simplify port handling The previous version overwrote ifp->addr's port, used ifp->addr, and then rewrote it to pluto_port, but only if the bind call succeeded. That's confusing and posibly buggy on the bind failure path. This commit leaves ifp->addr alone and changes the port on a copy. I don't know if ifp->addr's port matters. The name "addr" is unpleasant to grep for so I didn't. From hugh at vault.libreswan.fi Tue Aug 13 04:41:06 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Tue, 13 Aug 2019 04:41:06 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <4670Qp6ztJz7QQw0@vault.libreswan.fi> New commits: commit 57bcf6c319bab1998d69559f1c024310cc8f9eb6 Author: D. Hugh Redelmeier Date: Tue Aug 13 00:39:41 2019 -0400 pluto: sprinkle const on struct raw_iface *ifp parameters From cagney at vault.libreswan.fi Tue Aug 13 12:01:19 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 13 Aug 2019 12:01:19 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467BBl60TYz7QQw1@vault.libreswan.fi> New commits: commit fe5ab465d8c44cc0def8e878fdc21a2c06b841af Author: Andrew Cagney Date: Thu Aug 8 22:34:05 2019 -0400 crypto: eliminate hash_desc .symkey_to_symkey FIPS algorithms no longer uses the code. From cagney at vault.libreswan.fi Tue Aug 13 12:02:26 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 13 Aug 2019 12:02:26 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467BD22nHbz7QQw1@vault.libreswan.fi> New commits: commit 56503adb817ea5db26a8768954e6f94c8fc17fcb Author: Andrew Cagney Date: Mon Aug 12 20:48:09 2019 -0400 crypto: rename appendix_b_keymat_e() to ikev1_appendix_b_keymat_e() From cagney at vault.libreswan.fi Tue Aug 13 12:38:21 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 13 Aug 2019 12:38:21 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467C1T5FHZz7QRSN@vault.libreswan.fi> New commits: commit fe6d5ab772808a1f46889da83dde611779ee0ec9 Author: Andrew Cagney Date: Tue Aug 13 08:30:23 2019 -0400 ip: don't use unspecified values when formatting an address From cagney at vault.libreswan.fi Tue Aug 13 12:45:50 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 13 Aug 2019 12:45:50 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467CB65bfdz7QRSN@vault.libreswan.fi> New commits: commit 1c8e213f19ea7ded957f6fb9634e1bc89ffb6f9f Author: Andrew Cagney Date: Mon Aug 12 12:48:54 2019 -0400 ip: eliminate address_is_valid() et.al. instead use address_type() != NULL Seeing as an address with no type isn't exactly valid. From hugh at vault.libreswan.fi Tue Aug 13 18:08:04 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Tue, 13 Aug 2019 18:08:04 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467LKw4Tw2z7QRSZ@vault.libreswan.fi> New commits: commit 50912bf3e95b0981b878b55100b181ef5f27d1fc Author: D. Hugh Redelmeier Date: Tue Aug 13 14:04:04 2019 -0400 library: fix bug in 33da1c2fbb3cf728213137df27ff7fba33bc47f6 In addrinsubnet(), correct one != to be ==. Detected by Cagney. From cagney at vault.libreswan.fi Tue Aug 13 19:40:56 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 13 Aug 2019 19:40:56 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467NP45LF5z7QQw1@vault.libreswan.fi> New commits: commit 12f5c8777d9e611db6ca2a3fc5ef173d29550719 Author: Andrew Cagney Date: Tue Aug 13 13:06:45 2019 -0400 ip: replace address_any(af) with address_any(ip_info) From cagney at vault.libreswan.fi Wed Aug 14 00:52:54 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 14 Aug 2019 00:52:54 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467WK20jJjz7QQw1@vault.libreswan.fi> New commits: commit 01b2d777ed391b4cf51604f6507b4719c1fadbae Author: Andrew Cagney Date: Mon Aug 12 21:42:33 2019 -0400 crypto: extract the IKEv2 prf(prf(shared-secret)) calculation and move it to ikev2_prf.[hc] From cagney at vault.libreswan.fi Wed Aug 14 12:19:25 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 14 Aug 2019 12:19:25 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <467pY9543cz7QYyK@vault.libreswan.fi> New commits: commit d7262813eb8502aa88a9f77b265b510073185f8a Author: Andrew Cagney Date: Mon Aug 12 15:46:09 2019 -0400 ip: add ip_sockaddr, update functions converting to/from endpoints Clean up the code unionising sockaddr, sockaddr_in and sockaddr_in6. Don't assume that an ip_address contains a sockaddr. Replace {sockaddrof,socaddrlenof)() with (new) endpoint_to_sockaddr(). Test the round trip sockaddr_to_endpoint() -> endpoint_to_sockaddr(). Follow-up 93097b6f4edd20be727c2d7e09b276c6d510c8a1. From cagney at vault.libreswan.fi Thu Aug 15 11:43:51 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 15 Aug 2019 11:43:51 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <468Pjg2Gbnz7SGhb@vault.libreswan.fi> New commits: commit 301f3a38a0b51cc29c0032e7546fb70ad1ddeee3 Author: Andrew Cagney Date: Wed Aug 14 22:56:35 2019 -0400 crypto: move {hash,prf,integ,encrypt,dh}_ops definition to ike_alg_*_ops.h But in the case of PRF, also rename prf_ops to prf_mac_ops. From cagney at vault.libreswan.fi Fri Aug 16 00:13:24 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 16 Aug 2019 00:13:24 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <468kLX0S44z7VJ5t@vault.libreswan.fi> New commits: commit fd682e24745d4c404818d8cdc445a8f056a6f844 Author: Andrew Cagney Date: Thu Aug 15 13:21:00 2019 -0400 crypto: convert the IKEv[12] specific PRF based algorithms to prf_{ikev1,ikev2}_ops structures So that multiple implementations can be be used simultaneously. commit 46aca761c691941e67fd402aeb226baf2bda8993 Author: Andrew Cagney Date: Thu Aug 15 12:42:07 2019 -0400 chunk: #include "lswalloc.h" for pfree() From cagney at vault.libreswan.fi Fri Aug 16 01:51:00 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 16 Aug 2019 01:51:00 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <468mW83SClz7SGhb@vault.libreswan.fi> New commits: commit 9233444c5ba47219de88a52e3b98f5450c53ed5b Author: Andrew Cagney Date: Thu Aug 15 21:50:26 2019 -0400 Revert "crypto: convert the IKEv[12] specific PRF based algorithms to prf_{ikev1,ikev2}_ops structures" Something ikev2 related broke. This reverts commit fd682e24745d4c404818d8cdc445a8f056a6f844. From cagney at vault.libreswan.fi Fri Aug 16 20:14:35 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 16 Aug 2019 20:14:35 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469F0W5207z7X0Wr@vault.libreswan.fi> New commits: commit 4e7f13418400674101b261f1d64ca17ef4cd0dc1 Author: Andrew Cagney Date: Fri Aug 16 13:40:46 2019 -0400 logging: DBG_dump_chunk() -> DBG_dump_hunk() - so it works with chunks and shunks From cagney at vault.libreswan.fi Fri Aug 16 21:42:51 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 16 Aug 2019 21:42:51 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469GyM27Vyz7X0Wv@vault.libreswan.fi> New commits: commit 45fd5740b5fcb356905d0ee62d62435e875b75fb Author: Andrew Cagney Date: Fri Aug 16 17:38:07 2019 -0400 crypto: make all the test code consistent and explicitly skip disabled algorithms when FIPS (not just AES_XCBC). From cagney at vault.libreswan.fi Fri Aug 16 22:01:41 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 16 Aug 2019 22:01:41 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469HN50DLMz7X0Wx@vault.libreswan.fi> New commits: commit a4c47864a4378f173b93fcceefb0b015196648db Author: Andrew Cagney Date: Fri Aug 16 13:13:30 2019 -0400 crypto: *_chunk() -> *_hunk() so things work with shunks and chunks From cagney at vault.libreswan.fi Fri Aug 16 22:40:17 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 16 Aug 2019 22:40:17 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469JDd4Mw6z7X0Wx@vault.libreswan.fi> New commits: commit 85667977c20bbf92f4c7907bc8c84331ee6ff1e9 Author: Andrew Cagney Date: Fri Aug 16 18:30:26 2019 -0400 building: don't unconditionally invoke GIT as a way of detecting the 'travis' branch Invoking GIT is very expensive (especially on KVMs) and needs to be avoided. From cagney at vault.libreswan.fi Sat Aug 17 01:13:02 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 17 Aug 2019 01:13:02 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469Mct21Vvz7X0Wv@vault.libreswan.fi> New commits: commit c1127c03a9724a221c09dfc690d3d5f1498a940f Author: Andrew Cagney Date: Thu Aug 15 21:52:37 2019 -0400 crypto: convert the IKEv[12] specific PRF based algorithms to prf_{ikev1,ikev2}_ops structures (v2) This time with correct IKEv2 SPI[ir] values. This unreverts commit fd682e24745d4c404818d8cdc445a8f056a6f844. From cagney at vault.libreswan.fi Sat Aug 17 02:02:38 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 17 Aug 2019 02:02:38 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469Nk620mGz7X0Wx@vault.libreswan.fi> New commits: commit 5feb5bdd3f3f27417aefe1cb8beab4c82f65df41 Author: Andrew Cagney Date: Fri Aug 16 20:19:53 2019 -0400 crypto: rename ike_alg_prf_md5 to more correct ike_alg_prf_hmac_md5, et.al. From cagney at vault.libreswan.fi Sat Aug 17 02:11:50 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 17 Aug 2019 02:11:50 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469Nwk1Df0z7X2pM@vault.libreswan.fi> New commits: commit b5723f2dc61de341342a8c0f71b975d4659a0532 Author: Andrew Cagney Date: Fri Aug 16 20:13:13 2019 -0400 crypto: test the MD5 PRF since CAVP doesn't From cagney at vault.libreswan.fi Sat Aug 17 02:38:29 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 17 Aug 2019 02:38:29 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469PWT5Jf1z7X2pM@vault.libreswan.fi> New commits: commit 5c6b84787a633d4a3e0f705853701f521668718e Author: Andrew Cagney Date: Fri Aug 16 22:24:02 2019 -0400 crypto: move prf ops to libswan so that libswan's Makefile can control what is built ... for pluto, cavp, and algparse From cagney at vault.libreswan.fi Sat Aug 17 11:46:45 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 17 Aug 2019 11:46:45 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469dh50pqfz7X2pM@vault.libreswan.fi> New commits: commit d31ddeb5ded9e40b0faf5b36aae8fe44670a3f02 Author: Andrew Cagney Date: Sat Aug 17 07:43:12 2019 -0400 ip: eliminate addrlenof(), use address_type() From cagney at vault.libreswan.fi Sat Aug 17 13:06:35 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 17 Aug 2019 13:06:35 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469gSD00wlz7X2ph@vault.libreswan.fi> New commits: commit b473d2b9be0a244672aa2934e3feaac55ad23b82 Author: Andrew Cagney Date: Sat Aug 17 08:08:56 2019 -0400 redirect: in emit_redirect_notification_decoded_dest() delete '-' in column 1 negating a bool Looks like a merge botch. Worryingly, fixing this doesn't seem to affect test results - it would have caused the initiator code path to always fail? See 4e3d1805639c05e3fd00c4d175979916111476b5 From hugh at vault.libreswan.fi Sat Aug 17 14:50:01 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Sat, 17 Aug 2019 14:50:01 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469jlY6SH0z7X6jy@vault.libreswan.fi> New commits: commit 720e0a22dd8b34fb12dbb9258cae5fbcd2b21672 Author: D. Hugh Redelmeier Date: Sat Aug 17 10:49:27 2019 -0400 testing: fix some whitespace From hugh at vault.libreswan.fi Sat Aug 17 15:05:49 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Sat, 17 Aug 2019 15:05:49 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469k5n0YHVz7X2ph@vault.libreswan.fi> New commits: commit 32b1dd1e80b06983bd681fced8d68a0e94de1270 Author: D. Hugh Redelmeier Date: Sat Aug 17 11:05:05 2019 -0400 initsystems/sysvinit/init.debian.in: fix whitespace From hugh at vault.libreswan.fi Sat Aug 17 16:49:09 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Sat, 17 Aug 2019 16:49:09 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <469mP15XcFz7XCcL@vault.libreswan.fi> New commits: commit 124a8564aa2e2ab7b5fa79c047deae8bd62004de Author: D. Hugh Redelmeier Date: Sat Aug 17 12:45:32 2019 -0400 libswan: enum_search, enum_match: tweak - remove '-' from first column of a comment block (odd, inconsequential) - move declaration of index variable into FOR statement. - put blank line after each IF that may not fall through From hugh at vault.libreswan.fi Sun Aug 18 02:37:54 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Sun, 18 Aug 2019 02:37:54 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46B1SL0x3xz7XCcT@vault.libreswan.fi> New commits: commit 044447b1811474f16d3dc0e84c7bc5ea060b7679 Author: D. Hugh Redelmeier Date: Sat Aug 17 22:35:58 2019 -0400 pervasive: fix some whitespace From cagney at vault.libreswan.fi Sun Aug 18 12:49:01 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 18 Aug 2019 12:49:01 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46BH1T3qRXz7X2pb@vault.libreswan.fi> New commits: commit 0fb91a13925be85ae8d2320a2d17bcea355c9183 Author: Andrew Cagney Date: Sat Aug 17 09:20:07 2019 -0400 packet: add pbs_out_address(), use From cagney at vault.libreswan.fi Sun Aug 18 16:59:16 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 18 Aug 2019 16:59:16 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46BNZF00cwz7XCcT@vault.libreswan.fi> New commits: commit a082cee331dce836681819a0087cf31a9f928d9f Author: Andrew Cagney Date: Sat Aug 17 09:52:43 2019 -0400 ip: add address_is_specified() et.al., test This means there's the mutually exclusive: address_is_invalid() (really address_type() == NULL) AF_UNSPEC==0 i.e., ip_address was initialized to zero address_is_any() AF_INET,AF_INET6; bytes==0; IPv6 calls this the unspecified address; headers mash up the terms ANY and UNSPECIFIED. address_is_specified() AF_INET,AF_INET6, bytes != 0 (any other AF_* value will abort) A more correct term for "specified" might be "unicast" (as in unicast, anycast, multicast), but then there's the problem of a "unicast" address being indistinguishable from an "anycast" address (and in pluto "any" refers to the zero address, ulgh). From hugh at vault.libreswan.fi Mon Aug 19 15:21:05 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Mon, 19 Aug 2019 15:21:05 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46ByLT2D18z7XCcL@vault.libreswan.fi> New commits: commit c58e68f266d05124414bcf24cdbf8799db4600df Author: D. Hugh Redelmeier Date: Mon Aug 19 11:16:32 2019 -0400 libswan: constants.c: enum_match: refactor From cagney at vault.libreswan.fi Mon Aug 19 15:33:29 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 19 Aug 2019 15:33:29 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Bycn4x0rz7XCcg@vault.libreswan.fi> New commits: commit b408893798b888abb994eeea879c102b3ab6a522 Author: Andrew Cagney Date: Sat Aug 17 09:52:43 2019 -0400 ip: use address_is_specified() for detecting valid non-any addresses Replace code snippets such as: address_type(a) == NULL || addrisany(a) addrbytesptr_read(a,NULL) == 0 || isanyaddr(a) address_type(a) != NULL && !addrisany(a) !addrisany(a) where the intent is clearly test for a specified address (remember, addrisany() returns true for "invalid" addresses). From tis at vault.libreswan.fi Mon Aug 19 16:04:32 2019 From: tis at vault.libreswan.fi (Tuomo Soini) Date: Mon, 19 Aug 2019 16:04:32 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46BzJc6skgz7XCcg@vault.libreswan.fi> New commits: commit 93dcd88c3dcea15b145a13a3a83913d3520a77fe Author: Tuomo Soini Date: Mon Aug 19 19:02:27 2019 +0300 setlibreswanversion: Cleanup coding style and simplify logics From cagney at vault.libreswan.fi Mon Aug 19 19:19:33 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 19 Aug 2019 19:19:33 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46C3dd1tnqz7XCcj@vault.libreswan.fi> New commits: commit 599fc8ec81b910fd0220ad2068958c0f9634fe3d Author: Andrew Cagney Date: Mon Aug 19 14:57:06 2019 -0400 ip: add {jam,str}_said(), revive ip_said tests "int.106 at 0.0.0.0" changed to "%unk-262" in '08? 'f' format is tested but not used? 't' format is used (but only just) but wasn't tested? From cagney at vault.libreswan.fi Tue Aug 20 11:57:34 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 20 Aug 2019 11:57:34 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46CTnB2Zh0z7XCcL@vault.libreswan.fi> New commits: commit 5236ae4b91f151911de18163396aee6a975e133f Author: Andrew Cagney Date: Mon Aug 19 17:08:33 2019 -0400 chunk: replace decode_hex_to_chunk() with chunk_from_hex() From cagney at vault.libreswan.fi Tue Aug 20 12:27:52 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 20 Aug 2019 12:27:52 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46CVS85qkwz7XCcj@vault.libreswan.fi> New commits: commit 904e961916a934010ff23f6f9febd1ff34b1bb77 Author: Andrew Cagney Date: Tue Aug 20 08:26:22 2019 -0400 ip: try to test the limits of str_said()'s buffer From cagney at vault.libreswan.fi Tue Aug 20 12:29:22 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 20 Aug 2019 12:29:22 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46CVTt478mz7XCcq@vault.libreswan.fi> New commits: commit 48eb0d0e4e8f56e75bbe97bfee836a1bd2733ec9 Author: Andrew Cagney Date: Mon Aug 19 17:09:05 2019 -0400 crypto: move remaining pluto/ike_alg_* files to lib/libswan Update makefiles From cagney at vault.libreswan.fi Tue Aug 20 12:30:51 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 20 Aug 2019 12:30:51 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46CVWb0vKCz7XCcy@vault.libreswan.fi> New commits: commit 53c059eca88d92d228d395e33854c4854fbb88d9 Author: Andrew Cagney Date: Mon Aug 19 22:24:26 2019 -0400 crypto: add .backend to {hash,prf,encrypt,dh}_ops From antony at vault.libreswan.fi Tue Aug 20 18:36:14 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Tue, 20 Aug 2019 18:36:14 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46CfdB71nWz7XCcL@vault.libreswan.fi> New commits: commit 658e5162e4fb1e99fb767e1b474304ad4dac47fe Author: Antony Antony Date: Tue Aug 20 17:57:43 2019 +0000 building: make travis branch detection conditional unconditionally invoke GIT to detect 'travis' branch" expensive slows down on 9pfs mount This reverts commit 85667977c20bbf92f4c7907bc8c84331ee6ff1e9. From antony at vault.libreswan.fi Tue Aug 20 20:41:21 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Tue, 20 Aug 2019 20:41:21 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46CjPY4GLXz7XCcL@vault.libreswan.fi> New commits: commit 89f0fc463c9089e3d2e632fef581d2adf03fd4dd Author: Antony Antony Date: Tue Aug 20 20:01:28 2019 +0000 testing: travis export distro From cagney at vault.libreswan.fi Tue Aug 20 22:28:06 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 20 Aug 2019 22:28:06 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Clmk4qPfz7XCcL@vault.libreswan.fi> New commits: commit a32521cc89c05712bc393a62b1273f4e9b0ae13e Author: Andrew Cagney Date: Mon Aug 19 12:57:36 2019 -0400 ip: eliminate addrtot() From cagney at vault.libreswan.fi Tue Aug 20 22:29:50 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Tue, 20 Aug 2019 22:29:50 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Clpk3mfcz7XCd0@vault.libreswan.fi> New commits: commit 3b951c628ea79b7408293a9a33ad266cfcf18382 Author: Andrew Cagney Date: Mon Aug 19 16:11:17 2019 -0400 ip: delete satoa.c, not built From hugh at vault.libreswan.fi Wed Aug 21 00:59:17 2019 From: hugh at vault.libreswan.fi (D. Hugh Redelmeier) Date: Wed, 21 Aug 2019 00:59:17 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Cq791Mfhz7XGNh@vault.libreswan.fi> New commits: commit 25721bed624550d03153d732b57b74a7025b5bf6 Author: D. Hugh Redelmeier Date: Tue Aug 20 20:56:12 2019 -0400 pervasive: eliminate blank lines that precede "}" - these blank lines make to code longer but not more readable - they were often introduced by uncrustify From cagney at vault.libreswan.fi Wed Aug 21 11:58:13 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Wed, 21 Aug 2019 11:58:13 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46D5lT6692z7XGNp@vault.libreswan.fi> New commits: commit bfd5aef52180aafd5fde754f3f7006eaf0832b03 Author: Andrew Cagney Date: Tue Aug 20 21:13:08 2019 -0400 ip: eliminate addrbytesptr_read() From cagney at vault.libreswan.fi Thu Aug 22 12:08:06 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 22 Aug 2019 12:08:06 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46DjwQ6WThz7Rndy@vault.libreswan.fi> New commits: commit e9163a01f4775b830cbbc1a4998091b7e128f92c Author: Andrew Cagney Date: Thu Aug 15 11:41:17 2019 -0400 state: merge .st_remote{addr,port} into .st_remote_endpoint From paul at vault.libreswan.fi Thu Aug 22 16:36:12 2019 From: paul at vault.libreswan.fi (Paul Wouters) Date: Thu, 22 Aug 2019 16:36:12 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Dqsm5fj7z7XKTM@vault.libreswan.fi> New commits: commit 436908a20b9769092ac992106fe35b8b0cdb8606 Author: Paul Wouters Date: Thu Aug 22 12:35:57 2019 -0400 documentation: updated CHANGES commit ede549206262b8846f7d73d53fc2f87b2e7782ba Author: Rishabh04-02 Date: Thu Aug 22 12:33:08 2019 -0400 testing: updated TESTLIST Signed-off-by: Paul Wouters Signed-off-by: Tuomo Soini commit 03cfc61175c5d250adf40934ed28aa5c4d9c2254 Author: Rishabh04-02 Date: Thu Aug 22 12:29:37 2019 -0400 testing: Add test cases for various asymmetric authentication use cases These test cases test various scenario's that could happen when using Opportunistic IPsec with LetsEncrypt. Signed-off-by: Paul Wouters Signed-off-by: Tuomo Soini commit e9ecb49534310336e800c7a90fd03f5a86c2d699 Author: Rishabh04-02 Date: Thu Aug 22 12:24:50 2019 -0400 letsencrypt: Added "ipsec letsencrypt" command The "ipsec letsencrypt" command is used to setup Opportunistic IPsec using LetsEncrypt certificates. To setup a client (eg laptop) use: ipsec letsencrypt --client To setup a server use: ipsec letsencrypt --server The server setup requires certbot to generate the server side certificate For further documentation see: https://libreswan.org/wiki/Documentation:_Libreswan_Opportunistic_IPsec_using_LetsEncrypt Signed-off-by: Paul Wouters Signed-off-by: Tuomo Soini commit 1de84ec1777bd8f776f565ae6e7153d3390248bf Author: Rishabh04-02 Date: Thu Aug 22 12:23:07 2019 -0400 documentation: Updated Opportunistic IPsec for LetsEncrypt configurations Signed-off-by: Paul Wouters Signed-off-by: uomo Soini From cagney at vault.libreswan.fi Thu Aug 22 19:34:00 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Thu, 22 Aug 2019 19:34:00 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Dvpw2t14z7XKTP@vault.libreswan.fi> New commits: commit 9e9a27a25e50704e72810f2f8354ac03071bd79b Author: Andrew Cagney Date: Thu Aug 22 15:02:12 2019 -0400 ip: delete samesaid(), unused From cagney at vault.libreswan.fi Fri Aug 23 02:22:43 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 23 Aug 2019 02:22:43 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46F4tX06sxz7XKTM@vault.libreswan.fi> New commits: commit 1a0ab74521c42ae79756daa28bdca64ace677185 Author: Andrew Cagney Date: Thu Aug 22 22:16:07 2019 -0400 ipcheck: remember to call init_ip_info() From cagney at vault.libreswan.fi Fri Aug 23 20:11:21 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 23 Aug 2019 20:11:21 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46FXbY2rbFz7XKTP@vault.libreswan.fi> New commits: commit 9e05e92d5acbf48173dc625dff60a0e4e27043d4 Author: Andrew Cagney Date: Thu Aug 22 19:46:20 2019 -0400 ip: reduce isanyaddr() to: address_is_invalid() || address_is_any() I suspect calling code should be using one of those. For instance, whack using address_is_invalid() to detect missing parameters, and address_is_any() to detect one not-allowed value. As side effects: abort when in_family is "corrupt"; and don't assume ip_address contains a sockaddr. From cagney at vault.libreswan.fi Fri Aug 23 20:28:58 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Fri, 23 Aug 2019 20:28:58 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46FXzt28wyz7Y8sh@vault.libreswan.fi> New commits: commit 03f3cf757ce31d7296870d73f85ad91c7f177ed3 Author: Andrew Cagney Date: Thu Aug 22 21:50:38 2019 -0400 ip_info: add .{loopback,any}_address; rename .{none,all}->.{no,all}_addresses Initialize at runtime using address_from_in*_addr() and subnet(). From cagney at vault.libreswan.fi Sat Aug 24 12:50:41 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 24 Aug 2019 12:50:41 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Fymd5PCvz7Rk1P@vault.libreswan.fi> New commits: commit 009eb83dc181076f93192c979d1e05cdb575ff5c Author: Andrew Cagney Date: Fri Aug 23 21:16:42 2019 -0400 ip programs: add more init_sa_info() calls Consequence of the not-so-static ip_info structures needing to use ntohl() to initialize IPv4 addresses embedded in in_sockaddr. If ip_address were to replace in_sockaddr with uint8_t[4] then init_sa_info() could (hopefully) go; however that first requires all code assuming in_sockaddr switching to in_info .... From cagney at vault.libreswan.fi Sat Aug 24 12:51:19 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 24 Aug 2019 12:51:19 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46FynM4x4Rz7Rk1Q@vault.libreswan.fi> New commits: commit 4db73363305945f9469c9079e94d4e20f9616a5a Author: Andrew Cagney Date: Thu Aug 22 22:17:06 2019 -0400 ip: simplify address_is_{any,specified}, replace isloopbackaddr() with address_is_loopback() Use ip_info->*_address. Update tests. From cagney at vault.libreswan.fi Sat Aug 24 22:05:53 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 24 Aug 2019 22:05:53 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46GC5F3Q7Yz7Rk1P@vault.libreswan.fi> New commits: commit 779c55283148e3f79a75cef04eef6e70a400f45e Author: Andrew Cagney Date: Thu Aug 22 19:57:19 2019 -0400 ip: implement addrtypeof() using address_type() From cagney at vault.libreswan.fi Sun Aug 25 01:21:16 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 25 Aug 2019 01:21:16 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46GHQh6Bhgz7Rk1P@vault.libreswan.fi> New commits: commit b87c827c47abe17a2da33ad4ad7512a9516b8636 Author: Andrew Cagney Date: Fri Aug 23 09:44:02 2019 -0400 whack: initialize client using ip_info.any_address ... no need for address_any() and initsubnet() and being happy(); or blatting sin_family. Eliminate: ??? is this a crude way of seting client to anyaddr? From cagney at vault.libreswan.fi Sun Aug 25 13:54:03 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 25 Aug 2019 13:54:03 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Gc7H2SNTz7Rk1Q@vault.libreswan.fi> New commits: commit 590b4e7730ca30e5f43d6d15b0d679f5c484de93 Author: Andrew Cagney Date: Fri Aug 23 22:11:55 2019 -0400 kernel: use address_type()->af to extract an addresses family From cagney at vault.libreswan.fi Sun Aug 25 14:01:48 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 25 Aug 2019 14:01:48 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46GcJD0w43z7Rk1P@vault.libreswan.fi> New commits: commit de0fba769c3918cfe5f866c1637426be0ce6a48d Author: Andrew Cagney Date: Thu Aug 22 20:08:48 2019 -0400 ip: simplify netlink_query_add() - use address_shunk() to get at the bytes and don't switch on AF_* From cagney at vault.libreswan.fi Sun Aug 25 14:11:54 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 25 Aug 2019 14:11:54 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46GcWt6tb9z7RnfD@vault.libreswan.fi> New commits: commit 2479fe65c4216e78a1cc4983f6f835d8d0d4f60b Author: Andrew Cagney Date: Fri Aug 23 22:10:26 2019 -0400 kernel: use address_as_*hunk() when moving to/from xfrm structures and don't use in_family From cagney at vault.libreswan.fi Sun Aug 25 14:41:36 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sun, 25 Aug 2019 14:41:36 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46GdB8110zz7XCcL@vault.libreswan.fi> New commits: commit 3342e0d3ccb05914846211ccd9a3b44e8b8b8457 Author: Andrew Cagney Date: Sat Aug 10 12:42:55 2019 -0400 ip: update ideas on how ip_{address,endpoint,subnet} should be defined From cagney at vault.libreswan.fi Mon Aug 26 12:53:33 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Mon, 26 Aug 2019 12:53:33 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46HBl14l1tz7XGNq@vault.libreswan.fi> New commits: commit 5b9c4d114b827712d8b08945687ee2f22fedc47a Author: Andrew Cagney Date: Sun Aug 25 21:22:12 2019 -0400 ip range: cleanup ttorange(), add more tests - replace sin_addr pokeing with addrcmp() (which seems to fix IPv6 - unexpected bonus) - allow IPv6 (see above), add tests; but, unlike IPv4, don't bother checking that the range contains the expected number of addresses - drop srclen parameter, always 0 - drop NON_ZERO parameter, always true (well, at least in real code, the tests had it set to false) - change AF to IP_INFO From antony at vault.libreswan.fi Thu Aug 29 09:26:13 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Thu, 29 Aug 2019 09:26:13 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46Jy0P5Jjlz7QQLX@vault.libreswan.fi> New commits: commit 28ec865105637ada96fe0f9cdf33d0c4357ee66f Author: Antony Antony Date: Wed Aug 28 10:23:00 2019 +0000 testing: kvm build eth0 MAC address hack is optional only for F28 F30 use systemd-networkd it does not need chages ifcfg file change. commit 35037afd14bcfea004c835c7815cd16df5cf10be Author: Antony Antony Date: Mon Aug 26 19:35:49 2019 +0000 testing: f30 remove network-scripts breaks travis f28 commit ede89df890d2ea43c19262a2c8d502bdfcc4d03f Author: Antony Antony Date: Mon Aug 26 18:29:30 2019 +0000 testing: us abs_top_srcdir for nsrun targets commit 64849b329ff4ea05b616db7bd11265cc843adb50 Author: Antony Antony Date: Mon Aug 26 10:26:44 2019 +0000 testing: nsrun fix testtype and --no-host-tweaks commit 3bfd6da587780f0cd06131e2c41ffa9a47d2a70d Author: Antony Antony Date: Tue Jul 30 12:15:15 2019 +0000 libswan: re-create version.c every time run a make this would help to keep the pluto --version upto date while developing if change something and commit it and rebuild pluto version wouldn't change. Now it will. commit 456545c1b6b9ea223e8db82f3a02a58f1bf3226f Author: Antony Antony Date: Wed Aug 21 13:05:31 2019 +0000 testing: option to istall rpm inside kvm KVM_INSTLL_RPM=true KVM_INSTLL_RPM=true will install "testing" rpm in the build machine. the rpm is built using packaging/fedora/libreswan-testing.spec.in It install ipsec to /usr/local commit 16983350448d69ef1c8b5dcb69ea73e94130bebc Author: Antony Antony Date: Wed Aug 21 12:45:10 2019 +0000 testing: f30 replace python to python3 rpm install fix a bandaid to fix more python on !# lines in the code. F30 catches a few more. From antony at vault.libreswan.fi Thu Aug 29 11:55:13 2019 From: antony at vault.libreswan.fi (Antony Antony) Date: Thu, 29 Aug 2019 11:55:13 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46K1JK4MTYz7QQLX@vault.libreswan.fi> New commits: commit aff9299805c53ba88bc3c8217185080db86c4610 Author: Antony Antony Date: Thu Aug 29 11:52:35 2019 +0000 Revert "libswan: re-create version.c every time run a make" not good to merge to master. It will trigger on "make install-base" This reverts commit 3bfd6da587780f0cd06131e2c41ffa9a47d2a70d. From cagney at vault.libreswan.fi Sat Aug 31 23:56:07 2019 From: cagney at vault.libreswan.fi (Andrew Cagney) Date: Sat, 31 Aug 2019 23:56:07 +0000 Subject: [Swan-commit] Changes to ref refs/heads/master Message-ID: <46LYCC4gYQz7QQM5@vault.libreswan.fi> New commits: commit 6349153f6f4ba362a093d5926ea2ccf1c6daf08b Author: Andrew Cagney Date: Sat Aug 31 09:24:25 2019 -0400 ikev2: in ikev2_emit_ts() use pbs_out_address() Not sin*_addr.