[Swan-dev] break down of 5.0 fixes v2
Andrew Cagney
andrew.cagney at gmail.com
Tue Dec 26 17:51:43 EET 2023
We've started pushing more stuff into mainline, which for all
Looking over the commits since:
documentation: more README.md tweaks
7312fe13a454e81b167c83d85d1e6dab33777906
This group are straight forward doco updates:
documentation: use @@IPSEC_CONFDDIR@@ and not @@IPSEC__CONFDDIR@@
documentation: fix typo in ipsec-pluto.8 - IPSEC_CONF{,D}DIR
documentation: fix typo in ipsec-pluto.8 - @@{IPSEC_,}RUNDIR@@
The next group, which fixing @@ in XML include files, are more
invasive and even managed to break on FreeBSD (a good reminder of how
frail this is). I'd say probably - our builder is happy again:
documentation: use ENTITY includes to build ipsec.conf.5.xml
documentation: update html rule; fix substitution when including
documentation: update .man rule, fix substutions in includes
building freebsd: use GNU sed when transforming
This next one is maybe - it's little more than nice to have:
x509: log more details when cert add fails
The next should go in. They help with maintaining the branch:
testing: swan-prep fixes
testing: update TESTLIST for cat tests that are good, not wip
testing: addconn-25-missing-cert - add pluto log check
testing: updated TESTLIST for addconn-25-missing-cert
Next we have this pair. With the second reverting much of the first.
Let's pretend this never happened.
testing: minor tweaks for certoe-17-asymmetric-cert-nat* and
certoe-11-symmetric-cert-nat
testing: add new cat ipsec policies to two tests
These two, which tweak WIP tests, are a toss up:
testing: don't make addconn-24-conn-default-rsasigkey "pass"
testing: drop notvalidanymore cert, unused
The next set shouldn't go into the 5.0 branch. Changing the
configuration is dangerous at the best of times. Which is why, post
release candidate, they should be confined to fixing known broken
builds:
building: do not abuse USE_IPTABLES or USE_NFTABLES
building: add sanity check for USE_CAT and USE_NFLOG
building: fix logics in sanity check
building: when USE_NFLOG is disabled, disable it really
... with more to come ...
More information about the Swan-dev
mailing list