[Swan-commit] Changes to ref refs/heads/master

Paul Wouters paul at vault.libreswan.fi
Fri Nov 8 21:25:03 UTC 2019 

New commits:
commit 97ccaae86ddf2184dce3261561d2ad1a9b2a0246
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Nov 8 14:49:25 2019 -0500

    pluto: be more lenient for left/rightauth in ignoring inherited default values

commit b1c197f849431f68350a77870d2c574f33e1c53f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Nov 8 14:46:50 2019 -0500

    testing: updated libipsecconf-06-ikev2-hash-algo

commit e82532cf7ba24039c75f5b3487b9024436680efe
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Nov 8 14:31:46 2019 -0500

    testing: added ikev2-x509-36-leftrightauth to TESTLIST

commit 4f13f0d0bc29c0086a2627cd195c7f0f1e4c7a93
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Nov 8 14:31:18 2019 -0500

    testing: added ikev2-x509-36-leftrightauth

commit 12ea6f7e31bb4ec8519415d5917af9eab5b10e64
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Nov 8 13:26:51 2019 -0500

    testing: update certoe-* test cases for new digsig default

commit bbc3e5b63cd7f45e92b88516a3f9ed34013d241f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Nov 7 15:16:07 2019 -0500

    testing: update/remove ikev2-ecdsa-01 -> ikev2-x509-ecdsa-01

commit 16ee652f0bfa406e54e57bda3b1143d7bccc6ea0
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Nov 7 12:09:33 2019 -0500

    Revert "testing: WIP fixing up interop-ikev2-strongswan-45-initiator-ecdsa-384"
    
    This reverts commit 1c8fdf9cbb8f4458e5a3fcc00724a42a18b26981.

commit 2231fb0e692ce6c65a01775e1bb0e8073a10f5b9
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Nov 6 17:59:35 2019 -0500

    testing: various digsig related fixups

commit e33e486f380102de94d9fb8d9967fcae88111a8b
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Nov 6 17:09:28 2019 -0500

    testing: added interop-ikev2-strongswan-04-x509-responder-02
    
    Shows an interop issue when we specify authby=rsa-sha2 instead of
    authby=rsa-sha2_256. Might be a misconfiguration on strongswan

commit 539862abbf32cdd293f709a555c5a7110492001c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Nov 6 16:25:48 2019 -0500

    testing: ikev2-x509-01-nss-debug use different tmp dirs per host
    
    so with namespaces, these do not conflict

commit 7bca1d63c8648369885ad2c5622a7ed743d9c344
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Nov 6 12:10:55 2019 -0500

    testing: update ikev2-x509-02-smoketest for new hashalgo output

commit fe8fddcd253a0d7646fe715cc9a54d1cf3c4a08c
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Nov 5 23:16:47 2019 -0500

    testing: update for showing SHA1 as part of the Authenticated by line for IKEv1

commit ef24d67ab7f5612204846fb4743b0b502b0ecc5a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Nov 5 23:16:00 2019 -0500

    testing: WIP fixing up interop-ikev2-strongswan-45-initiator-ecdsa-384
    
    we need to use our own openssl generated certs, as strongswan pki
    tool cannot set the (extended) key usage flags that NSS requires.

commit e30890a7175a322d1aec62a4db6ed96915abe52f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Nov 5 17:26:19 2019 -0500

    testing: fixup interop-ikev2-strongswan-41-responder-digsig-rsa-pss-256
    
    stronger 5.3 became stricter and needed a config change

commit d860fcb97ffdc42ba4c2f65bd1f485994fe02a1e
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Nov 5 14:06:36 2019 -0500

    pluto: strip IKE specific policies from conns
    
    - Strip ECDSA and RSASIG_v1_5 from IKEv1
    - Strip sighash algos from IKEv1
    - Only display v2-sighash for ikev2 connections in status

commit 7152bcd65fa65730d63c4acf1c0dacf31a38d88f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Nov 5 14:06:11 2019 -0500

    pluto: fixup printing of hash algo for IKEv1 conns

commit 7174ecfd40afc222f4e2821bc8dfe9af432af388
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Nov 5 09:20:11 2019 -0500

    testing: removal of sha1 from output in digsig

commit f2107b0adaf4cb180aa5475c2ebad948e0ef121b
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Nov 4 17:11:06 2019 -0500

    WIP: remove POL_SIGHASH_SHA1 - all steered using POLICY_RSASIG_v1_5

commit fcb28b477baa5a1eadeb3d4e6f97f02958f3c2f3
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 31 21:36:02 2019 -0400

    IKEv2: DigSig logic updates

commit 6d65b8a095e99ab86358b9c521e2741d7397575d
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 31 21:35:51 2019 -0400

    testing: update TESTLIST

commit 32af33727ba3924b3ee3414d633ba5f7a94759ce
Author: Paul Wouters <pwouters at redhat.com>
Date:   Thu Oct 31 21:34:44 2019 -0400

    testing: DigSig test updates

commit e8f01f9b717334ca5fa293884bfb4a13afb182b1
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Oct 23 00:01:57 2019 +0200

    testing; updated TESTLIST

commit f92e954186cfaead9f4d7a5d7d858fc040ab4783
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 23:56:31 2019 +0200

    testing: sync up TESTLIST - remove old test

commit 8031f65d172d9b72b1f235df3e5e24ce33ef4cd8
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 23:55:56 2019 +0200

    testing: update ikev2-digsig-02-legacy

commit 1b3dc96496e2a0e73f889f61b987a9cabf13fc6e
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 23:53:33 2019 +0200

    testing: updated ikev2-digsig-01-defaults

commit 66501bf542487b7ad639e9334667fd4bad91d5c6
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 23:52:51 2019 +0200

    testing: added ikev2-digsig-03-rsa-sha2

commit 6f7577b70f9017a7b033a0a4d6607f119526325a
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 23:44:21 2019 +0200

    testing: update ikev2-digsig-01

commit 6f28b2899b03dd36b6cacb09b0022448f9f81ea5
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 22:06:56 2019 +0200

    testing: added libipsecconf-06-ikev2-hash-algo

commit 804ea19d442d805edd57713284bce5d5371ffa5d
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 22:06:23 2019 +0200

    testing: added libipsecconf-06-ikev2-hash-algo

commit 609fc31b6816a1ab470d5f07d635887ea23c1554
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue Oct 22 15:10:55 2019 +0200

    WIP: fixup sighash policy bits and defaults

commit ce2fe9c84b2f201fd1e038c816b59e6ca1687e58
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon Oct 21 09:48:05 2019 +0200

    WIP: print hash and set legacy policies

commit fa04e16b4e6cc0bb141f41d32dc94046a72ae98b
Author: Tuomo Soini <tis at foobar.fi>
Date:   Mon Oct 21 19:29:58 2019 +0300

    cleanup whitespaces, no actual changes

commit f41a2faee33ca72377686a0fa08f0346de513c17
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sat Oct 19 16:17:06 2019 +0200

    testing: add ikev2-digsig-01

commit 4d3b2df0d54d4480bfa7140e38d6601160f93a72
Author: Paul Wouters <pwouters at redhat.com>
Date:   Fri Oct 18 19:29:49 2019 +0200

    WIP

More information about the Swan-commit mailing list