[Swan-commit] Changes to ref refs/heads/main
New commits: commit f703f4d32ab4d01199f7755fde1a193d96e881c5 Author: D. Hugh Redelmeier Date: Sat Sep 9 10:33:04 2023 -0400 confread: convince Clang that a variable is not NULL Too bad there isn't a type annotation to declare that a pointer will never be NULL. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit f2c2917fdfc70ba04f02f30cb8c909fa734607ea Author: D. Hugh Redelmeier Date: Wed Jul 26 01:54:46 2023 -0400 pluto packet.c: conform to memcpy rules The C standare (suprisingly) requires memcpy pointer args to be to valid addresses, even if the length is zero. It appears (to lclint) that we violated this. Now memcpy is only called if the length is not zero. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 9d8189f5f40f8c311cc239b1c26afc1d2bf40128 Author: D. Hugh Redelmeier Date: Wed Jul 26 01:35:16 2023 -0400 netlink_attrib: guard memcpy from invalid pointers A common assumption is that memcpy address arguments need not be valid if the length is zero. The C standard says this is wrong. In the case of this memcpy call, the source pointer might be NULL if the length is zero. We now skip the memcpy if the length is 0. Found by lclint. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 18611dc4276db2861c89d1bee431a8f69d507239 Author: D. Hugh Redelmeier Date: Wed Jul 26 00:55:36 2023 -0400 ttoaddress_dns.c: add passert to help lclint and other readers ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit fe56260b04a40f4fbd94688c5029aaf5479e7b79 Author: D. Hugh Redelmeier Date: Mon Apr 24 03:34:04 2023 -0400 testing/pluto/ikev2-68-sa-clones-pktgen/pktgen.sh: change fgrep to grep ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit b2df16e5f3eeb252caafce94f697f274aa55b9d8 Author: D. Hugh Redelmeier Date: Sun Jan 22 16:08:09 2023 -0500 kernel.c: simplify control flow of install_outbound_ipsec_kernel_policies() The use of the variable "ok" was more intricate than required. Coverity highlighted some dead code that was part of this. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit e93da2d14f735792bdadd5d5739be14a02db8d7d Author: D. Hugh Redelmeier Date: Sun Jan 22 15:27:38 2023 -0500 pluto: updown.c: do_updown() remove redundant conjunct The test for spd != NULL must be redundant since the subsequent call to do_updown_verb requires that spd be non-NULL. Coverity found this. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 8cbf89d3e0b2c73f723bab1428e213493fa84f64 Author: D. Hugh Redelmeier Date: Thu Aug 18 00:51:45 2022 -0400 mk/config.mk: fix typo in comment ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3f3c5d657fce769bbe98959528565446e2256b6f Author: D. Hugh Redelmeier Date: Tue Aug 16 12:00:06 2022 -0400 mk/kvm-targets.mk: fix typo in comment ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 71d59dfe65a91c6800fb308a973628d44758c1f0 Author: D. Hugh Redelmeier Date: Tue Jul 26 13:58:03 2022 -0400 pluto: kernel_xfrm: netlink_policy_expire() exits iff it should not A test was backwards. In effect, netlink_policy_expire() was a no-op in good times and a crash in bad. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 4120dc96a004af55630cb70a664e23c19d1cce9b Author: D. Hugh Redelmeier Date: Sat Jun 18 16:08:57 2022 -0400 testing: jambufcheck.c: simplify check_jambuf() to help Coverity Scan understand it ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 6c58b5aad7c026cf107b036c7dc778d6ed4788c1 Author: D. Hugh Redelmeier Date: Tue Jun 7 01:01:31 2022 -0400 pluto: for Coverity Scan change definition of ipsec_attr_val_descs_roof Replace variable ipsec_attr_val_descs_roof with enum IPSEC_ATTR_VAL_DESCS_ROOF. This makes its value transparent to Coverity Scan, eliminating a "High Impart" diagnostic. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit ee2d529b464f7ec20bcc9356640ccfd8d40d48f0 Author: D. Hugh Redelmeier Date: Tue Jun 7 00:21:19 2022 -0400 libswan: ttoaddress.c: tweak colon() to make Coverity Scan happy The induction variable i goes up by steps of two. Furthermore, sizeof(u.byte) is even. So the previous condition "i < sizeof(u.byte)" implied the necessary condition "i <= sizeof(u.byte) - 2" Coverity Scan doesn't know this and thought an array overrun could happen. I replaced the first condition with the second to help Coverity Scan (and humans). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 49a0f0c78ee728a45b5f80a562d6ba162446473b Author: D. Hugh Redelmeier Date: Mon Jun 6 23:53:01 2022 -0400 testing: ip_address_check.c Handle missing case: should make test more robust and quiet Coverity Scan ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit f52734b489fe3039a54557fbdfb43ddaa2db00d7 Author: D. Hugh Redelmeier Date: Sat Mar 26 18:29:54 2022 -0400 Pluto: more fiddling with show_established_child_details Pervasive: rename get_sa_info get_sa_bundle_info to be more accurate in show_established_child_details(): - replace per-SA calls of get_sa_info with per-SA-bundle calls - pretend to count IPCOMP bytes. This really just shows AH or ESP bytes for the same SA bundle. commit 8bfb3d41786d09dfd9c750d02a51d74fe60e85c3 Author: D. Hugh Redelmeier Date: Sat Mar 26 18:04:40 2022 -0400 Pluto: simplify kernel.c:was_eroute_idle() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 1062a663482b9b3841f0a48e5c99b4dd70757793 Author: D. Hugh Redelmeier Date: Fri Mar 25 16:15:15 2022 -0400 pluto: tidy things around ipsec_proto_info.present and get_sa_info() - get_sa_info does nothing for IPCOMP so don't call it for such SAs - get rid of a few confusing redundant parentheses - remove redundant test terms from get_sa_info - show_established_child_details: display flow counts for each kind of SA in the same order. - show_established_child_details: don't try to display flow counts for IPCOMP from get_sa_info since it never gives any ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 18d9382b410197e3b02175978a8f29cc132d229f Author: D. Hugh Redelmeier Date: Fri Mar 25 12:25:27 2022 -0400 pluto: kernel.c: simplify fmt_common_shell_out() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 88de99f13e51e42de16eff8367e09c83ee3583c1 Author: D. Hugh Redelmeier Date: Thu Mar 24 13:45:13 2022 -0400 pluto: kernel.c: simplify fmt_common_shell_out() - prompted by Coverity Scan: NULL safety hidden by complicated control flow. Fixed by merging jam_common_shell_out() and fmt_common_shell_out(). - added local macros to tame boilerplate - removed redundant single quotes from around numeric values (but not IP addresses) The list of definitions sent to the shell is large! Surely we could trim it. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 95e464d78658080eae04a99da9d2aafed1b808cf Author: D. Hugh Redelmeier Date: Tue Feb 8 20:41:01 2022 -0500 improve Hugh's name. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 537ac5b75a555bd54c07a3eff01091b35e782db5 Author: D. Hugh Redelmeier Date: Sun Feb 6 18:05:34 2022 -0500 pluto crypt_dh_v1.c: simplify calc_skeyids_iv Coverity Scan pointed out that local "hasher" was always dereferenced so it must never have been NULL. So conditional initialization is redundant. So use of hasher can be replaced by its (now simple) definition. Add a const to the st parameter. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit b639690497ec524a222f25c5a2b46673a91e7d31 Author: D. Hugh Redelmeier Date: Sun Feb 6 17:39:56 2022 -0500 pluto ikev2_hostpair.*: scatter a few "const"s ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 35596becd8732e0c5fec8f1ae7b6585b23d53576 Author: D. Hugh Redelmeier Date: Sun Feb 6 17:09:00 2022 -0500 pluto kernel.c: simplify jam_common_shell_out() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 540a038eb7e8cec67657028c77d37eeb1bf12203 Author: D. Hugh Redelmeier Date: Sun Feb 6 16:46:28 2022 -0500 pluto show.c: eliminate unreachable code commit 8a187c8ff0cf8760a7a58c00764d1a85d23f5de1 Author: D. Hugh Redelmeier Date: Sun Feb 6 16:33:09 2022 -0500 pluto ikev1_dpd.c: note false positive from Coverity Scan commit 5762b4b78a650fbf5677620fbcd3c85010a74e6b Author: D. Hugh Redelmeier Date: Sun Feb 6 16:31:28 2022 -0500 pluto state.c: remove cluttering redundant parens ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 29455c0e438613cc4487bd4e811c064a9b461f32 Author: D. Hugh Redelmeier Date: Sun Feb 6 11:00:22 2022 -0500 pluto: fix a typo in comments ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3e3e93b78d190090ed40e852278568658bf4d569 Author: D. Hugh Redelmeier Date: Sun Feb 6 10:48:32 2022 -0500 pluto: remove last vestiges of KLIPS's ipsec* interface names Simplifies kernel_linux.c's process_raw_ifaces(). It is now more like kernel_bsd.c's version. Coverity Scan pointed at some anomalies in the vestigial code. commit cfac10de1741ed5ad12bac1d7d0b2b1edc47547b Author: D. Hugh Redelmeier Date: Sun Feb 6 10:46:03 2022 -0500 pluto: orient.c: avoid appearance of NULL dereference Simplify and clarify the code. Let's hope this makes Coverity Scan happier. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 95aa219e0b1ff41a9faa864e1fb135072b849d29 Author: D. Hugh Redelmeier Date: Sat Feb 5 18:18:27 2022 -0500 pluto: ikev2_create_child_sa.c: avoid NULL dereferences Coverity Scan found these. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 7a3d54b2275a2b08436cf7ea5156c19d29d21093 Author: D. Hugh Redelmeier Date: Sat Feb 5 16:02:19 2022 -0500 pluto: ikev1_quick.c: paper over a bug in fc_try() Coverity Scan found an uninitialized variable reference in fc_try. I have initialize those variables, but possibly to an incorrect value. The bug was introduced in 605c8010007. I made parallel code in ikev2_ts.c slightly clearer. It does not have the bug because the uninitialized variables are never used. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3e990ff054ca60ada98f83962e95cf8d0378bb22 Author: D. Hugh Redelmeier Date: Sun Dec 19 15:24:00 2021 -0500 pluto: add "const" to all auto declarations of "ike_version" when immutable Knowing that the ike_version is immutable should help make the code more understandable. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 2819a96ab86984b935088cf49a17229a54a90f14 Author: D. Hugh Redelmeier Date: Mon Dec 6 12:34:52 2021 -0500 enumcheck: placate Coverity Scan; eliminate one heap use Coverity didn't see that a second call to strchr couldn't yield NULL if an earlier call with the same arguments didn't yield NULL. Eliminating the second call should fix it. The code duplicated a string into the heap in order to truncate it. We eliminated the need for a copy by using length-bounded string operations. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 35de0797f640a6492b24bb7682c2ed02f090c341 Author: D. Hugh Redelmeier Date: Mon Dec 6 11:13:00 2021 -0500 rsasigkey: add comment justifying code that Coverity Scan warns about Coverity thinks that rand(2) should not be used by security-related programs. In this case, it is only used to randomize a key length, offline: harmless. commit c907892ee17170a9f31e6da3ef255002087b5311 Author: D. Hugh Redelmeier Date: Mon Dec 6 11:09:00 2021 -0500 pluto: fetch.c: add comment justifying code that Coverity Scan warns about Coverity thinks that sizeof() is probably meant to be sizeof(thing). In this particular case, Coverity is wrong. commit 46a47184427ec48f84614c39d8f79cc9eaab37f7 Author: D. Hugh Redelmeier Date: Mon Dec 6 11:06:37 2021 -0500 cavp: prevent a null dereference Detected by Coverity Scan. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 692fe41d86e2458079a857d0a0ed9e838efd2de8 Author: D. Hugh Redelmeier Date: Wed Nov 17 18:18:47 2021 -0500 pluto: ikev1.c: remove redundant test that worried Coverity Scan After dereferencing md, the code tried to handle the case where md is NULL. Since the code hasn't crashed at the deref, this case must not come up. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit a7f126151a98b3ca5e11bc8358ef614170cf78f8 Author: D. Hugh Redelmeier Date: Tue Sep 28 12:22:48 2021 -0400 pluto: kernel_xfrm.c: rewrite create_xfrm_migrate_sa() to make it simpler The new version should have identical results (except for catching some impossible situations). Nested IFs are eliminated. Abstractions (usually pointer variables) are introduced to combine cases. The code length is not reduced. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 2293faf5aae12ddf920c99bdb338fe9007b022ba Author: D. Hugh Redelmeier Date: Sun Sep 5 22:52:39 2021 -0400 pluto: kernel_xfrm.c: netlink_raw_policy(): use right type for .mode mode in struct xfrm_user_tmpl isn't a bool (although that accidentally works). Nor is it our enum encap_mode (although that would accidentally work). The correct values are macros from linux's xfrm.h. Fix our code appropriately. Check for array bound overflow via assert. Better to crash than scribble. Should not happen. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 5f3a31626eba6aefc35a82b436db9516b25d69bd Author: D. Hugh Redelmeier Date: Sun Sep 5 22:22:17 2021 -0400 libswan/ttosaid.c: fix comment for ttosaid() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit b33fb71f61dce66c0e18eb0380ab3221fc998376 Author: D. Hugh Redelmeier Date: Sun Sep 5 11:37:36 2021 -0400 pluto: kernel.c: improve debug message in route_and_eroute() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit d51d4458707febf44719f98144dd7e4faea97f6b Author: D. Hugh Redelmeier Date: Fri Sep 3 18:55:07 2021 -0400 libswan: ike_alg_dh_nss_modp_ops.c: nss_modp_clone_local_secret_ke: add a ??? ??? if pexpect fails, and we are going to clone anyway, should we not use publicValue.len as len? ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 0f25ad250cbcc02a78eb50ec04d33c14540f82b0 Author: D. Hugh Redelmeier Date: Mon Aug 23 11:56:00 2021 -0400 libswan: fd.c: tiny simplification of fd_dup() commit 6012050ab666fa43630ac3f23c969e353c90e68c Author: D. Hugh Redelmeier Date: Mon Aug 23 11:53:49 2021 -0400 libswan: addr_lookup.c: improve readability of comment It makes more sense with punctuation. But it is still not clear to me. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 294c9820e07c7c1fd360d374c4dce8e476c63ba3 Author: D. Hugh Redelmeier Date: Fri Aug 20 15:22:17 2021 -0400 pluto: ikev1_spdb_struct.c: eliminate off-by-one indentation ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 0f3ac98fe26a4b6e4829f1ce98e5a0c8f492edae Author: D. Hugh Redelmeier Date: Fri Aug 20 10:54:07 2021 -0400 passert.h: PASSERT should not return a value I don't know why PASSERT expands to an expression. In any case, it should not be used as an expression. In an attempt to prevent this, I've made it yield a void result. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3186fae0f657e48affd7343b3cf1bfec3775852f Author: D. Hugh Redelmeier Date: Thu Jul 29 14:50:15 2021 -0400 libipsecconf: tiny simplification to parser.y ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit e0543f498cfc881c817c5ac1c0c2eecd58ff0ea4 Author: D. Hugh Redelmeier Date: Thu Jul 29 13:31:03 2021 -0400 pluto: labeled_ipsec.c: fix spelling error in previous commit commit 7ff5d57272f531ad0eee4893ea8aea209e67d00a Author: D. Hugh Redelmeier Date: Thu Jul 29 13:22:14 2021 -0400 pluto: labeled_ipsec.c: judiciously zero errno For certain liberary calls, we report errno, even though the documentation does not specify that it is set. For clarity, we zero it before thse calls. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 351003c40b5c75291b8539345b0bc0c7158d2838 Author: D. Hugh Redelmeier Date: Fri Jul 2 00:44:21 2021 -0400 pluto: rejig code generating and using textual SAIDs - move SAMIGTOT_BUF from include/ip_said.h to kernel_xfrm.c (only user) - kernel.c: replace set_text_said() with more convenient said_str() - kernel.h: replace .text_said with .story because it isn't always an SAID. - kernel_xfrm.c: simplify create_xfrm_migrate_sa(). Don't display false SAIDs. - kernel_xfrm.c: simplify migrate_xfrm_sa() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 386c3b86d7af497ead3c544634eb8d142e3e96d0 Author: D. Hugh Redelmeier Date: Wed Jun 23 10:11:35 2021 -0400 libreswan.h: make definition of ULTOT_BUF clearer ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit f74726bdc60113f0fb58a2c10d4c81e6c35123fe Author: D. Hugh Redelmeier Date: Wed Jun 23 10:03:37 2021 -0400 testing: fix type in filename in pluto/TESTLIST ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 292ec75828cd9fbb8914e338444301bacbfc3f98 Author: D. Hugh Redelmeier Date: Sat Jun 19 09:55:40 2021 -0400 pluto: kernel_xfrm.c: modest simplifications ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 2dfd2fded83c004c53a40e8b27c20c4153c5efae Author: D. Hugh Redelmeier Date: Fri Jun 18 11:20:22 2021 -0400 pluto: kernel.c: remove unreachable RETURN fromtrap_connection ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3aafd213427305959965dfe3a4be066c3e30 Author: D. Hugh Redelmeier Date: Fri Jun 18 11:11:31 2021 -0400 pluto: kernel_xfrm.c: avoid null-dereference discovered by Coverity Null dereferences often indicate a logic error. Any such error remains. This change makes the control flow slightly clearer by reducing duplicated tests. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 85ff55b619f36efedf7baf0f61497d09434133b9 Author: D. Hugh Redelmeier Date: Thu Jun 17 15:05:43 2021 -0400 pluto: define and use enum encapsulation_mode commit bb4b8f5595ba68346a6d2b7619879f97d456c50a Author: D. Hugh Redelmeier Date: Thu Jun 17 15:04:33 2021 -0400 pluto: kernel.c: exploit enum_show in raw_policy() commit ea1660af9853c20acfbc5eb7a5daa2e22b749ff9 Author: D. Hugh Redelmeier Date: Thu Jun 17 14:55:30 2021 -0400 pluto: ipsec_doi.c: improve formatting of code commit 9b21fa0cfdad551b4f01ef6d2150e83d8557b4f0 Author: D. Hugh Redelmeier Date: Thu Jun 17 13:50:22 2021 -0400 pluto: ikev1_spdb_struct.c: improve formatting commit f656a02d33173590dd4b6e05c732fbd6f8b7de10 Author: D. Hugh Redelmeier Date: Thu Jun 17 12:20:07 2021 -0400 libswan: constants.c: fix a typo in comments ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit df58403c72de69d243efed461c17f113f7818e17 Author: D. Hugh Redelmeier Date: Wed Jun 16 14:39:43 2021 -0400 pluto/whack: add const to all struct pickler objects ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit a8fe696f67534be498e730c45f5337edc153ec1a Author: D. Hugh Redelmeier Date: Wed Jun 16 12:07:33 2021 -0400 pluto: ikev2_ts.c: convert large const by-value parameters to by-ref Coverity complains about pointlessly copying large (1k) parameters. It's right. Thank "const" for making this transformation evident. Wishful thinking: a compiler ought to be able to do this transformation. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 0e67cf45937b7cd8b03c7bee24a3871dbb7618d6 Author: D. Hugh Redelmeier Date: Wed Jun 16 02:47:01 2021 -0400 pluto: get rid of fake_md from aggr_outI1_continue() Stimulus: Coverity flagged a possible null pointer dereference of fake_md->smc I hadn't heard of this crash actually happening. The reason is that the "result" parameter for complete_v1_state_transition would normally be STF_IGNORE and the function would return early with no crash. In theory, STF_INTERNAL_ERROR was possible but probably never happened. I added a pexpect(e == STF_IGNORE) to aggr_outI1_continue. This should be replaced by appropriate logging. Unfortunately I no longer know how to log. aggr_outI1_continue's call of complete_v1_state_transition is now hardwired to use STF_IGNORE complete_v1_state_transition's passert(md != NULL) was moved to avoid demanding an md when none is needed. (This passert seems silly since all hardware we run on will catch null pointer dereferences.) At this point, fake_md became useless. And also md's fake_dne field. I cannot guarantee that Coverity will see that the NULL dereference is eliminated. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 704e36d5e8a738a449b11a90555c7f810a35446b Author: D. Hugh Redelmeier Date: Mon Jun 14 17:37:17 2021 -0400 pluto: initiate.c: fix typo in comment ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 978fae35ee3e8da00fe5a733dfc4a0247a0b3b36 Author: D. Hugh Redelmeier Date: Sat May 29 11:15:58 2021 -0400 pervasive: eliminate a few more erratic spaces in C code ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 44bddacf03d513c12a2ddbddf80c53e175a719ef Author: D. Hugh Redelmeier Date: Fri May 28 19:52:53 2021 -0400 pervasive: get rid of more erratic spaces in our code ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit eae6309fac1d28f9b142913d1ab6e8db32f59350 Author: D. Hugh Redelmeier Date: Fri May 28 19:37:14 2021 -0400 pervasive: get rid of some erratic spaces ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 9c4c07ce525a12a113d1cca83c55a2e077c29930 Author: D. Hugh Redelmeier Date: Fri May 28 17:59:28 2021 -0400 libswan: fix bug in constants.c's enum_match It's interesting that this hasn't been detected (it was introduced in February). That probably means that it doesn't matter. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit e3507b731e12b5beec3ca24e5d85ab52935a987c Author: D. Hugh Redelmeier Date: Fri May 28 16:54:32 2021 -0400 pluto: fix typo in comment in ikev2_parent.c ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 39bfa7ef66f9eb38b975c4c3d0eef02ec65898d7 Author: D. Hugh Redelmeier Date: Fri May 28 16:44:18 2021 -0400 pluto: move has_v2_IKE_AUTH_child_sa_payloads() and make it file-static commit 51a3c1f8583a35d0f97ad9d729e3058b8335df28 Author: D. Hugh Redelmeier Date: Fri May 28 16:40:04 2021 -0400 pluto: add const to parameter of has_v2_IKE_AUTH_child_sa_payloads() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 00bd0a75480d3e1197bf18d9d931e2391130b44f Author: D. Hugh Redelmeier Date: Sat May 22 16:46:26 2021 -0400 pluto: iface.c: simplify find_raw_ifaces4() - Eliminate use of realloc(3). - Logic is otherwise unchanged but code now exploits modern C to reduce scope of variables. - Improve comments. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit ca8aa7b78b3f357a4e66f915ee617077476e4061 Author: D. Hugh Redelmeier Date: Fri May 21 13:19:55 2021 -0400 pluto: fetch.c: fetch_curl(): add checks to make Coverity happy Results returned by curl_easy_setopt() might indicate errors. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 79da7aa1fa5f60c0c42ea81ecc8c3d2bb32a3ecd Author: D. Hugh Redelmeier Date: Sun May 9 01:21:35 2021 -0400 pluto: ikev2.c: avoid pointless NULL test of md in v2_dispatch() Coverity pointed out that code would previously have dereferenced md. commit 3d54ece650ac3691f18446865eccb7d5f3e3cfc1 Author: D. Hugh Redelmeier Date: Sun May 9 01:16:09 2021 -0400 pluto: ikev2_parent.c: avoid NULL dereference in ikev2_rekey_expire_pred() Coverity found this. There might well be a more elegant way to write the function. commit c6626240fe933f4979091a5a52abe39dee652c74 Author: D. Hugh Redelmeier Date: Sun May 9 01:03:45 2021 -0400 pluto: ikev2.c: clarify a case analysis in process_v2_child_ix() This avoids a Coverity warning. Not a bug fix. commit 154e04c2910534cc04cc2144b630a35314acca70 Author: D. Hugh Redelmeier Date: Sun May 9 00:52:16 2021 -0400 pluto: ikev2_retry.c: cut retransmit_v2_msg() short if we have no IKE SA Coverity points out that this case would have caused a lot dereferencing of "ike" when it is NULL. Fixed. commit 35ba67696e34342866b3c490c1b19b9ce3badf72 Author: D. Hugh Redelmeier Date: Sun May 9 00:40:47 2021 -0400 pluto: ikev1.c: eliminate dead code in informational() Found by Coverity. commit 633f74629e452fd9f8f288ac30102b557c428ddf Author: D. Hugh Redelmeier Date: Sun May 9 00:31:20 2021 -0400 pluto: kernel_xfrm.c: add comment to migrate_xfrm_sa() to discribe Coverity warning ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit af815465667ccebc758de5396340b678206c0e25 Author: D. Hugh Redelmeier Date: Sun May 9 00:02:58 2021 -0400 pluto: kernel_xfrm.c: netlink_acquire() eliminate dead variable and code - uctx was only ever assigned once, set to NULL - the only use was a test guarding code. That code could never be executed. - this was found by Coverity ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 726ce81d4d60eb84b4c6caddd8335aa88f919aa6 Author: D. Hugh Redelmeier Date: Sat May 8 23:52:50 2021 -0400 pluto: host_pair.c: avoid a NULL dereference Coverity points out that a NULL pointer could be dereferenced. Avoid that. commit dd449749813372555d551bde66fd0c37b650decb Author: D. Hugh Redelmeier Date: Sat May 8 23:30:22 2021 -0400 pluto: kernel.c: cheap trick to avoid appearance of reference to uninitialized variable This suppresses a Coverity warning. We "know" that proto_info[0].proto is defined because at least one protocol must be present. Even though Coverity does not see this, changing the order of statements should calm Coverity (for an incidental reason). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits:
commit 9945236619b17fa13dfd1cfbe60359dcbf3fcd21
Author: D. Hugh Redelmeier
Date: Fri May 7 23:58:52 2021 -0400
pluto: packet.c: add consistency check to pbs_in_struct
pbs_in_struct now requires that if and only if the structure has a
length field then the obj_pbs isn't NULL.
There are a few places where this part was intentionally ignored.
This required adding a dummy pbs variable ("ignored").
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 4af9072e62237daad9fea9bb769f6dfbdf2e4ea1 Author: D. Hugh Redelmeier Date: Thu May 6 15:18:02 2021 -0400 libswan/ttoaddress.c: use getaddrinfo(3) instead of gethostbyname2(3) (attempt 2) Modernization. Much simplification. I'm not sure if we lose support for hex representation of IP addresses. Unit tests still pass. I'm not sure if what happens when putitive domain names contain bad characters. Unit tests still pass. If there is an IPv4 result from getaddrinfo(3), we return the first. Otherwise we return the first of all results returned. The diagnostics from getaddrinfo(3) leave a lot to be desired. Our previous hand-rolled code was much more descriptive. commit 12904485cf450db89bf9ca8f32d5e27acb11affe Author: D. Hugh Redelmeier Date: Thu May 6 15:02:39 2021 -0400 testing: testing/programs/ipcheck/ip_address_check.c: test DNS resolution better - allow the "family" to be 0 (AF_UNSPEC) for inferring family from text - do a few more DNS tests. + families AF_UNSPEC and AF_INET6 + non-resolvable domains + IPV6-only and IPv4-only domains. There's a lot of room for more tests. commit d55306239d81a6a98a1627c4dcff1dfa5dc6e558 Author: D. Hugh Redelmeier Date: Thu May 6 15:00:41 2021 -0400 include/ip_sockaddr.h: spelling in comments ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 06fb615b009ad1b016aeca797a7f8fec7c8d4ae2 Author: D. Hugh Redelmeier Date: Tue May 4 11:53:30 2021 -0400 Revert "libswan/ttoaddress.c: use getaddrinfo(3) instead of gethostbyname2(3)" This reverts commit 379929c054bbe6022abbc456f5c1fd9bd453470d. Not yet working. commit 9e29a49d53f9ddff8d942fdc98169626146b2604 Author: D. Hugh Redelmeier Date: Tue May 4 11:53:01 2021 -0400 Revert "libswan/ttoaddress.c: attempt to fix a crash in ttoaddress_dns" This reverts commit 202d1b7c6f3cfd63bcf066e278c30163f1b8752a. Not yet working. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit c2d07de65afa3ee9f46f4c0c8c2b52b4bb4c0426 Author: D. Hugh Redelmeier Date: Tue May 4 10:57:58 2021 -0400 testing/programs/ipcheck/ip_range_check.c: fix typo caught by Coverity Scan ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 1dad494d64c1775670ddc4d9d5d11dd10a660977 Author: D. Hugh Redelmeier Date: Tue May 4 00:51:50 2021 -0400 pluto/ikev2_cookie.c: convert pexpect into passert (Coverity complains about unreachable code) We know that the failing case is impossible. Be bold (but verify). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 202d1b7c6f3cfd63bcf066e278c30163f1b8752a Author: D. Hugh Redelmeier Date: Tue May 4 00:11:22 2021 -0400 libswan/ttoaddress.c: attempt to fix a crash in ttoaddress_dns Cagney observed a crash in the version of ttoaddress_dns that uses getaddrinfo. It looks as if freeaddrinfo is trying to free something that wasn't malloced. The best explanation is that getaddrinfo does NOT set *res if some failure is recognized (this is not documented). This commit initialized res to NULL. That should work if freeaddrinfo does or does not set *res on failure. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3bfbe401cb372cff53267bd0f3a63884bb3f510a Author: D. Hugh Redelmeier Date: Mon May 3 14:54:03 2021 -0400 pluto/fetch.c: add a bit missing from 131892b682bff4577ea1c72a5e8fa95e2a7afa5b ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 379929c054bbe6022abbc456f5c1fd9bd453470d Author: D. Hugh Redelmeier Date: Mon May 3 12:37:40 2021 -0400 libswan/ttoaddress.c: use getaddrinfo(3) instead of gethostbyname2(3) Modernization. Much simplification. I'm not sure if we lose support for hex representation of IP addresses. Unit tests still pass. I'm not sure if what happens when putitive domain names contain bad characters. Unit tests still pass. We always accept the first result from getaddrinfo(3). This may change prioritization of IPv4 vs IPv6, but at least it matches RFC 3484 (according to the man page). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit cd02dfbf37c0a1c17d63ae126ab290d27580f086 Author: D. Hugh Redelmeier Date: Sun May 2 10:03:01 2021 -0400 libswan, pluto: make sure references to refcnt are atomic C (pre-11) doesn't guarantee that any integral type is atomic. All but one use was protected by a mutex. Fix that one. Also: document a benign race condition. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit f543770846d26127bf310b26f0e834f408609a3f Author: D. Hugh Redelmeier Date: Fri Apr 30 16:05:19 2021 -0400 libswan/ttoaddress.c: clarify tryname() - getting the wrong address family from gethostbyname2 should be impossible. Instead of handling this, passert. - explain dusty old getnetbyname(3) - ignore result from getnetbyname if it is of the wrong address family - simplify context-depedent choice of diagnostics ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 8268aa67302f5d8a8b29a50a9ae301ad2067cbe6 Author: D. Hugh Redelmeier Date: Fri Apr 30 15:49:31 2021 -0400 libswan/ttoaddress.c: update comment in ttoaddress_dns() commit 0b40894dff88e6ff0265cca29582a4f85edea27f Author: D. Hugh Redelmeier Date: Fri Apr 30 15:21:51 2021 -0400 libswan: refcnt.c: be a little more paranoid in refcnt_init() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit c139182fff018ef9609c1e02441aedbd691b8e3a Author: D. Hugh Redelmeier Date: Fri Apr 30 15:16:34 2021 -0400 pluto: virtual_ip.c: clarify struct virtual_ip ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 8bca5286e698786d0bd766562e76758be98ec022 Author: D. Hugh Redelmeier Date: Fri Apr 30 15:08:09 2021 -0400 refcnt.h: rename O to OBJ (for readability) ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 6c72aad7404f013c9bccd50371fa8079bb424023 Author: D. Hugh Redelmeier Date: Mon Apr 26 22:21:45 2021 -0400 C code: IF and its THEN clause should be on separate lines ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit ba33726a2a9dd44c9e34929c5aac35b40f2f5446 Author: D. Hugh Redelmeier Date: Mon Apr 26 22:07:50 2021 -0400 C code: restore some tabs that had decayed into spaces ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 67422c63b69a31e1af1c3e47cb778bf5249c6286 Author: D. Hugh Redelmeier Date: Mon Apr 26 21:45:50 2021 -0400 pervasive: get rid of trailing whitespace in our C code ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 71af152cbf2b1570705259e5f1ec31f62df17590 Author: D. Hugh Redelmeier Date: Mon Apr 26 21:31:33 2021 -0400 include: remove unused lsw_select.h ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit b3b8cd668e5f4306816376ee444eebec4822b6c1 Author: D. Hugh Redelmeier Date: Mon Mar 29 17:23:21 2021 -0400 pluto: ikev2_spdb_struct.c: fix a couple of problems jam_v2_proposal: - previous version tried to motor through a buffer overflow. I think that it is impossible; added a passert to check. - use jam_hex_bytes to eliminate a loop. - previously used sizeof(proposal->remote_spi.size) where sizeof(proposal->remote_spi.bytes) was meant. Twice. Fixed. ikev2_proposal_to_proto_info: - seemed to ignore (with warning) an (probably) impossible case. Instead, it now rejects that case. commit c20e0d3a789bd9a457205e5e1be00808f4528147 Author: D. Hugh Redelmeier Date: Mon Mar 29 17:22:03 2021 -0400 libswan: slightly simplify jam_bytes.c commit d744a0fb8cdd660f35b32aa97b8ad4b78efb986b Author: D. Hugh Redelmeier Date: Mon Mar 29 16:45:02 2021 -0400 testing/utils/pcap2skb/pcap2skb.c: simplify Reworked contorted loop structure. Reduced scope of autos. Added "static" and "const". Fixed innocuous signedness sloppiness. UNTESTED ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 259c73fb19daed33a9d9e6e5f3c9a0d4166ca117 Author: D. Hugh Redelmeier Date: Mon Mar 29 11:34:48 2021 -0400 libswan: unbound.c: unbound_resolve(): convert loop to memcpy ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit d8ffbbae13dfb69541086b6e118f5136bbd37407 Author: D. Hugh Redelmeier Date: Mon Mar 29 02:07:22 2021 -0400 pervasive: correct some "it's" to "its" ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 72c8aa3b4c41f4fc71573c3f57c38866bfa1c29a Author: D. Hugh Redelmeier Date: Fri Mar 26 18:38:10 2021 -0400 testing: "unexpecedly" => "unexpectedly" ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 671c8675dfb1ae938628670376453e46ebc67c9d Author: D. Hugh Redelmeier Date: Fri Mar 26 18:23:58 2021 -0400 pluto: modify 8d1f8aec2ca811954811337008b4aee1a8900286 to make it more declarative This version is clearer because .sec_label isn't ovrewritten. This version has an identical effect to 8d1f8aec2ca811954811337008b4aee1a8900286. Perhaps this is a mistake: before 8d1f8aec2ca811954811337008b4aee1a8900286 st->st_acquired_sec_label had priority over st->st_seen_sec_label. This was reversed by 8d1f8aec2ca811954811337008b4aee1a8900286. I don't know if this reversal was intentional. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 27219552bfbf02f09c55356cee6563f1bb8bbf6a Author: D. Hugh Redelmeier Date: Fri Mar 26 17:58:40 2021 -0400 lib_swan: ip_bytes.c: bytes_sub(): avoid mixing signed and unsigned Mixing is surprisingly treacherous since it works in most cases and in most environments. Also: check whether the result is logically negative (unexpected, I think). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 3e968bad23671e086f2a1ac9e7098e76c5240e66 Author: D. Hugh Redelmeier Date: Fri Mar 26 11:08:53 2021 -0400 lib: add comments to IP range code ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 0fb1f526be7fffc66fcff5bfaa23bfa3a10f7543 Author: D. Hugh Redelmeier Date: Mon Mar 15 16:02:29 2021 -0400 libswan: ip_selector.c: avoid useless roundtrip unsigned->int->unsigned ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 01eeb01f542b257bd0f63e092274dad6e78393e9 Author: D. Hugh Redelmeier Date: Sat Mar 13 21:21:12 2021 -0500 pluto: connections.c: find_connection_for_clients(): rearrange how connection_bufs are used - avoid having an inner-scope variable with the same as an outer-scope variable - give them names reflecting what they hold ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 605949eac6718cf42059b55ed69aa9466381a186 Author: D. Hugh Redelmeier Date: Sat Mar 13 18:21:23 2021 -0500 pluto: kernel.c: setup_half_ipsec_sa: eliminate pointless and confusing test ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit a2f59d965e9f8dc6b9aeb44a24f91cbbeda75525 Author: D. Hugh Redelmeier Date: Sat Mar 13 17:26:07 2021 -0500 pluto: beautify some closing parentheses Every little bit helps to make complicated expressions understandable. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 6c05c55d937f6c3aa5c93b1a9dcccdce2c9de07e Author: D. Hugh Redelmeier Date: Sat Mar 13 17:12:37 2021 -0500 pluto: connections.c: find_connection_for_clients() simplify expression || is associative so the extra parens were pointless and made the expression harder to read. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 1c03fe90d1d87c4b8b203e686aaf764ba9ada107 Author: D. Hugh Redelmeier Date: Wed Mar 10 13:00:25 2021 -0500 pluto: ikev2_ts.c: clarify control structure of score_ends_seclabel 2a2376e5bfa6c19e9a334e2a651b54135e64ab21 added a test that was always true. This made the control flow hard to comprehend. This commit eliminates the redundant test. Also: reordered code so the remaining test is simpler to understand (no ! operator) Also: move a passert earlier. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 54791ba8ae573960322abec34f44bed9aa64e97e Author: D. Hugh Redelmeier Date: Mon Mar 8 12:06:16 2021 -0500 Pluto: ikev2_ts.c: deduplicate code in ts_has_seclabel() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit c73f8ce93cc87ed78fb9ab543cbcfbb143f269f5 Author: D. Hugh Redelmeier Date: Sun Mar 7 11:27:20 2021 -0500 Pluto: ikev2_ts.c: fix passert in score_ends_seclabel() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 4ee98813e547758fd3282d1d6acede4810fb5265 Author: D. Hugh Redelmeier Date: Sat Mar 6 11:59:26 2021 -0500 pluto: ikev2_ts.c: eliminate proper_seclabel() Replaced by vet_seclabel(). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 7fed6ce5a9c598fb69b3a9678a3f66c82ede7203 Author: D. Hugh Redelmeier Date: Fri Mar 5 17:13:35 2021 -0500 pluto: unify checking of form of security label into vet_seclab() Some places may have been missed. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 5455a91defc0084a196bc35d7b2d5cd7ab9ab87b Author: D. Hugh Redelmeier Date: Fri Mar 5 17:05:09 2021 -0500 pluto: kernel.c: simplify setup_half_ipsec_sa() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit cf919e16683a941dedde8641ebaeb174fde912cf Author: D. Hugh Redelmeier Date: Thu Mar 4 21:04:18 2021 -0500 pluto: consistently test for empty security labels by checking .len This was mostly the case but not universal. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/main
New commits: commit 90bc38af6ca7b4418d36048fcc26b6df02d39c65 Author: D. Hugh Redelmeier Date: Thu Mar 4 20:47:21 2021 -0500 pluto: ikev2_ts.c: score_ends_seclabel() early-out for outer loop ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
