[Swan-commit] Changes to ref refs/heads/master
New commits: commit 13c7f562f1564c19335aa626f0847ef2bc44a3c1 Author: D. Hugh Redelmeier Date: Thu Feb 28 17:19:46 2019 -0500 pluto; nss_cert_verify.c: minor tweaks - eliminate a leak - sprinkle pexpect - simplify commit bc4f8fffd73efde153ace49af47db3b36c70e145 Author: D. Hugh Redelmeier Date: Thu Feb 28 17:17:04 2019 -0500 pluto/ikev2-x509-26-criticalflag: fix reference logs - remove spurious trailing whitespace on routing tables - reflect some changes in logging (STATE_* removed?) - reflect change in logging by verify_end_cert ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 89b7331dfc65efc98da130fb56dff702d4cd5bcb Author: Paul Wouters Date: Thu Feb 28 17:17:08 2019 -0500 documentation: add note to subnetS man page entry to warn about spaces ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 4caa946a25c02588255fc9aaf9529aa6caea2332 Author: Tuomo Soini Date: Thu Feb 28 22:37:53 2019 +0200 _stackmanager: Fix check for writing to /proc/sys/net/core/xfrm_acq_expires Fixes logics broken by 449ac1b68a0d6c90f1d1ce7397a8016ab3184b42 https://github.com/libreswan/libreswan/issues/229 was originally fixed by commit c1b541a48aec54cbd4523d9433f93519f7c86934 ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 449ac1b68a0d6c90f1d1ce7397a8016ab3184b42 Author: Paul Wouters Date: Thu Feb 28 14:53:58 2019 -0500 _stackmanager: Only try to write /proc/sys/net/core/xfrm_acq_expires when needed This supresses a few warnings that can pop up (eg on EC2 docker containers) Also do not test for writable access, as that test itself seems to generate a writeable error anyway. So just write and let the error speak for itself. if the value set is different from the value, warn the user/syslog: changing /proc/sys/net/core/xfrm_acq_expires from 30 to 15 Related to https://github.com/libreswan/libreswan/issues/229 ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 42988682df9c24142e1b2f3172095f44a8a99b39 Author: Paul Wouters Date: Thu Feb 28 13:15:59 2019 -0500 documentation: fixed typo in man page (found by Jaroslav) ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
Re: [Swan-commit] Changes to ref refs/heads/master
On Wed, 27 Feb 2019 at 23:25, Paul Wouters wrote: > > New commits: > commit c46b7d010ba30670a768b1651070a666211e648c > Author: Paul Wouters > Date: Wed Feb 27 23:24:24 2019 -0500 > > IKEv1: Another follow up on aa6b8949 > > It also broke msgid handling for DPD and DELETE routines. I suspect this doesn't fix the bug (I went through and tracked down and fixed all the cases that caused a test fail, this one didn't come up): - the host ordered msgid and stored in the header, will be switched to network order on the way out - so the hash code should be fed the hton(msgid) value (in fact, there are so many cases of the same code it should be moved to a function) Andrew ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
Re: [Swan-commit] [Swan-dev] Changes to ref refs/heads/master
On Thu, 28 Feb 2019, Andrew Cagney wrote: New commits: commit c46b7d010ba30670a768b1651070a666211e648c Author: Paul Wouters Date: Wed Feb 27 23:24:24 2019 -0500 IKEv1: Another follow up on aa6b8949 It also broke msgid handling for DPD and DELETE routines. I suspect this doesn't fix the bug (I went through and tracked down and fixed all the cases that caused a test fail, this one didn't come up): - the host ordered msgid and stored in the header, will be switched to network order on the way out - so the hash code should be fed the hton(msgid) value (in fact, there are so many cases of the same code it should be moved to a function) interop tests show it did fix it :) One issue is that the msgid is random, and if you stuff it in the ike header using the struct, it is assumed host order and will be flipped by out_struct() The hash calculation therefor needs the flipped version to do its hash calculation. I agree we could use a single function for this. Note there is one case where this must not be done. I left a comment. See c46b7d010ba30670a7 Paul ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 27c4b93abd0bcbd77b780b9269dc94e2b63ae7cb Author: Andrew Cagney Date: Thu Feb 28 10:33:44 2019 -0500 kvm: mkdir $(KVM_LOCALDIR) if it doesn't exist But not: mkdir -p ... ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit