[Swan-commit] Changes to ref refs/heads/master
New commits: commit ffc124dff6754da9a88f19d229554fce58862f3a Author: D. Hugh Redelmeier Date: Sat Jul 28 15:30:38 2018 -0400 pluto: out_struct debugging controlled by DBG_EMITTING, not DBG_PARSING commit 0d36f4249a4fec6683b330164cdd3cdccd10108a Author: D. Hugh Redelmeier Date: Sat Jul 28 15:21:53 2018 -0400 pluto: invent and use struct_desc ikev2_encrypted_portion - this is in fact an empty struct but it handles book-keeping more elegantly than hand-rolled pbs_stream. - added code to out_struct to make search for containing PBS clearer commit 00756e0bdd53a252b13295b259e34fd7736f2a74 Author: D. Hugh Redelmeier Date: Sat Jul 28 14:58:14 2018 -0400 libswan: slightly simplify lswlog_ike_alg() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 661c5452af2f178df8fc6118c55a9cfa67fda404 Author: D. Hugh Redelmeier Date: Sun Jul 29 14:41:43 2018 -0400 pluto: refer to ISAKMP_NEXT_NONE and ISAKMP_NEXT_v2NONE by name - More to come. - Add a couple of useful comments too. commit 090808f18ca4250b9cf62039f60b5f6ccff14cdd Author: D. Hugh Redelmeier Date: Sun Jul 29 14:33:49 2018 -0400 pluto: fix misleading indentation in out_vid() commit fcd702b9bacf7880228da159ce36c0d5fd75b9a0 Author: D. Hugh Redelmeier Date: Sun Jul 29 14:30:10 2018 -0400 pluto: fix nasty source line break in process_v1_packet() commit 2eda0f18f5a076acada12fbfede26d6114c0f68c Author: D. Hugh Redelmeier Date: Sun Jul 29 14:28:45 2018 -0400 pluto_constants.h: delete unused and buggy IS_AUTH_RESPONSE() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 32b25cd15a5b606c01004ea2ea6bda0ba5fb2c8d Author: D. Hugh Redelmeier Date: Fri Aug 3 15:30:11 2018 -0400 libipsecconf: fix off-by-one error in f28c65e2c5a132562172522a73c88a2fcf4a841e Bug reported by Cagney. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 59165f0a975e60b1c28a9626117300f53bf1e818 Author: D. Hugh Redelmeier Date: Fri Aug 10 16:21:58 2018 -0400 testing: change Strongswan reference logs to reflect changes in c7cc3dbdd0782c157d2676740212c24e35c18415 - Order of DPD vendor ID and FRAGMENTATION vendor ID is reversed commit c7cc3dbdd0782c157d2676740212c24e35c18415 Author: D. Hugh Redelmeier Date: Fri Aug 10 16:07:20 2018 -0400 pluto: improve next payload backpatching and start using it in IKEv1 code - backpatch target info is now in the PBS that will receive the payload. No searching is required. - backpatching better supports payloads within payloads - rename struct_desc's "np" (next payload) to "pt" (payload type) since this is about the current payload, not the next one. - make sure that every struct_desc used for payload output has a correct pt. This meant the generic struct_desc should not be used. pt should only be explicitly initialized in a struct_desc for a payload. - the struct_desc pt field is now used at the start of out_struct, before the field loop. - ft_mnp (message next payload) is renamed ft_fcp (first contained payload) and can be used in more places, not just the IKE message header. - some backpatch problems are reported as expectation failures. This is an escalation from just appearing in debug logging. More checking is performed. - IKEv1 Vendor ID emitting is handled better: common routines are used instead of replicated and accidentally mutated code. - even more np calculation could be eliminated - scatter a lot more "const"s - use an empty struct (ikev2_encrypted_portion) as a wrapper PBS for encrypted payloads. This requires some consideration of backpatching mechanism (see calls to move_pbs_previous_np()). - simplify ikev2_create_psk_auth() by eliminating a parameter - simplify ikev2_calculate_psk_sighash() - eliminate non-static array bounds ("hash_len") from ikev2_create_psk_auth() and ikev2_verify_psk_auth(). This is (optonally) supported by compilers but the C Committee seems to consider it a mistake. - rename ikev2_np_cp_or_sa to ikev2_np_cp_or (awkward, but better reflects what it does). This routine should be elminated. - simplify nat_traversal_insert_vid() by replacing struct state * parameter with a const struct connection * parameter - rename ikev2_record_fragments to ikev2_record_outbound_fragments to better reflect its function. - improved some logging commit fdb390f0035070fc8b03cf124ccb12ac4428f289 Author: D. Hugh Redelmeier Date: Fri Aug 10 14:35:30 2018 -0400 programs/pluto/ikev1_send.c: tweak whitespace commit 9d56aac9b076ace3093df0b08686d53c1b627822 Author: D. Hugh Redelmeier Date: Fri Aug 10 14:31:05 2018 -0400 addrtypeof.c: delete an unexpected blank line in source commit f9b8292842149ac56f54574053342027153b6f95 Author: D. Hugh Redelmeier Date: Fri Aug 10 14:28:15 2018 -0400 testing: fix spelling in a couple of description.txt files ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 0d63ca83e965a29c676905ac55c6e5238c8dc97a Author: D. Hugh Redelmeier Date: Mon Aug 13 13:08:25 2018 -0400 pluto: negotiate_hash_algo_from_notification() prevent buffer overrun; tidy - if the Other Side sent a payload listing too many hash algorithms, an internal buffer would overflow. Now a diagnostic will be issued. Is the diagnotic emitted via the correct routine? - reduced the scope of local variables - eliminated pointless initialization - moved common code outside the switch cases - fixed typo in comment ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d7eb264d9c1923c8d1e911490445198d1ee8d582 Author: D. Hugh Redelmeier Date: Tue Aug 14 01:53:11 2018 -0400 pluto: ikev2_parent.c: simplify and add some ??? ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit c2e3fb0c0302c166b298ea9933da766011fba523 Author: D. Hugh Redelmeier Date: Tue Aug 14 02:19:02 2018 -0400 pluto: build payloads with struct initializers; tidy - for output payload structs, switch to using struct initializer to fill in fields where possible. This replaced field assignment subsequent to the struct declaration - fix leaks of auth_chain and add comments to explain required discipline - sprinkle more "const" - reduce scope of auto variables by declaring them as late as possible. - try to combine declaration of each auto variable with its initial assignment - simplify ikev1_close_message; add a couple of pexpects ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit f4d19f8a5e566b654881e4b2f7cbe23475f98c8e Author: D. Hugh Redelmeier Date: Sun Aug 12 13:26:32 2018 -0400 whack.h: bump WHACK_MAGIC to reflect recent change fd547b0ffa5ec14b50bd25a71d5c220f2e532ed2 added sighash_policy to the whack_message so WHACK_MAGIC must be changed to prevent undetected mis-matches between whack and pluto. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 5cecaafc89167260c8aa4fbc937b867343a502ae Author: D. Hugh Redelmeier Date: Mon Aug 13 11:46:48 2018 -0400 pluto: sprinkle "static"; formatting tweaks ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 623f4f53e84a0ddc71a54f7fc4c4d2cf9c8dd7d7 Author: D. Hugh Redelmeier Date: Tue Aug 14 10:52:14 2018 -0400 Revert "pluto: build payloads with struct initializers; tidy" This reverts commit c2e3fb0c0302c166b298ea9933da766011fba523. Seems to have broken too much china. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 9280af4e6ddc6f57a013c6c81dca81f54ae0ed55 Author: D. Hugh Redelmeier Date: Sun Aug 19 01:01:54 2018 -0400 pluto: simplify build_id_payload() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 56dc77beba667853b0d2f017d373497942d686ab Author: D. Hugh Redelmeier Date: Sun Aug 19 02:12:46 2018 -0400 pluto: clarify odd bits in aggr_inI2 commit 3f29a679a4c02a13fd152c2f86bebba87739f32f Author: D. Hugh Redelmeier Date: Sun Aug 19 02:10:25 2018 -0400 pluto: aggr_inR1_outI2_tail: correctly build ID payload for hashing commit d05bc7443be96d1c299e04420930d2846ba8e7d6 Author: D. Hugh Redelmeier Date: Sun Aug 19 02:06:52 2018 -0400 pluto: aggr_inR1_outI2_crypto_continue: add a passert to check an assumption commit bca7372f2e92b764d9af15b95a9f83a873e3a8ef Author: D. Hugh Redelmeier Date: Sun Aug 19 01:31:44 2018 -0400 pluto: delete main_inR3; rename main_inR3_tail as main_inR3 main_inR3 only called main_inR3_tail main_inR3 was the only caller of main_inR3_tail ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 5b106e8e94b0ca58a600e82c5a2e15b48464aa9e Author: D. Hugh Redelmeier Date: Sun Aug 19 02:36:05 2018 -0400 pluto: add and use v2_build_id_payload() This replaces a bunch of ugly casts with one. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 6dc99409a6b0e35e875d4d30512091afb393b63f Author: D. Hugh Redelmeier Date: Mon Aug 20 17:38:44 2018 -0400 pluto: tweak some whitespace ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 109a16cf2b2d1fd09ba59ead8b5a7a44c33944bc Author: D. Hugh Redelmeier Date: Sun Aug 26 22:37:48 2018 -0400 pluto: minimize scopes of variables also: - exploit auto struct initialization - ditch some seam-enabling code - convert an embarrassing pexpect to passert (it never fired) ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 448263e0bf0ba85ab86d397ef3c1ef915602513f Author: D. Hugh Redelmeier Date: Sat Aug 18 03:58:58 2018 -0400 pluto: build payloads with struct initializers; tidy These changes are linked by changes to np (next payload) emitting. - for output payload structs, switch to using struct initializer to fill in fields where possible. This replaced field assignment subsequent to the struct declaration - fix leaks of auth_chain and add comments to explain required discipline - sprinkle more "const" - reduce scope of auto variables by declaring them as late as possible. - try to combine declaration of each auto variable with its initial assignment - eliminate out_modify_previous_np commit 078039811827db0cc97cc30190dd615318a02578 Author: D. Hugh Redelmeier Date: Sat Aug 18 03:58:13 2018 -0400 pluto: simplify ikev1_close_message; add a couple of pexpects ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 4dfd1845c3458a2d4f1b79ec49c83c4871bd03d9 Author: D. Hugh Redelmeier Date: Tue Aug 21 11:37:09 2018 -0400 pluto: simplify his_id_was_instantiated macro ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 28a2fe33d375c55ac914fe7a6fd550823fd29a4c Author: D. Hugh Redelmeier Date: Tue Aug 21 11:59:25 2018 -0400 pluto: make process_v1_packet() slightly more readable ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit f01486bbd06322d73ce782f98334d5a5c37b51a7 Author: D. Hugh Redelmeier Date: Fri Jul 20 22:16:59 2018 -0400 pervasive: use PRINTF_LIKE and UNUSED instead of bulky GCC-isms ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 12b0082e835ffee4b37ac76850f243e2068c295b Author: D. Hugh Redelmeier Date: Fri Jul 20 22:00:13 2018 -0400 libipsecconf: respect that starter_error_append takes a format ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit a8c55f6eeda62b89a22214e3717f40fc691c8ebd Author: D. Hugh Redelmeier Date: Sat Jul 14 17:13:00 2018 -0400 pluto: don't ignore failure of ikev2_emit_sa_proposals() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 39cff244051bec854f911cdffcd2abd00906f302 Author: D. Hugh Redelmeier Date: Sun Jul 15 16:09:57 2018 -0400 pluto: fix some spelling and indentation commit 9f8edb14e70bcdca8e5afbe366bc6ba7319b0481 Author: D. Hugh Redelmeier Date: Sun Jul 15 16:05:28 2018 -0400 pluto: minor format improvement ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit c2ecdefb06fed7f51cbf6571f3a431b5643a1d7a Author: D. Hugh Redelmeier Date: Mon Jul 16 19:28:50 2018 -0400 pluto: convert all struct_desc initialization to use C new-style Too many fields to understand at a glance at an old-style initializer. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 6b72aa1f32af0a43dc9a811e4b5615ad212813cd Author: D. Hugh Redelmeier Date: Mon Jul 16 22:51:55 2018 -0400 kernel: fix spelling mistake in a comment ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 5f67c7c0d685bf6e48646bbc7ea43ddd1d6192ce Author: D. Hugh Redelmeier Date: Tue Jul 24 14:41:45 2018 -0400 addcon: simplify; log to stderr when appropriate - systematically change "printf{ to "fprintf(stderr, " where it is followed by exit(1) - change some INT variables to more correct BOOL - "verbose" isn't a BOOL. Don't treat it as one. - eliminate some duplicated code in main() commit 3922bd40876c135a9853855e018e2b2db02366c0 Author: D. Hugh Redelmeier Date: Tue Jul 24 14:39:42 2018 -0400 lib/libwhack/aliascomp.c: simplify lsw_alias_cmp commit 6fdacb7f94f1e37c4f28fee817b2346684c327d7 Author: D. Hugh Redelmeier Date: Tue Jul 24 14:34:43 2018 -0400 ipsecconf: remove useless duplicate line from ipsec_conf_keywords[] ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit df4ab8d344024a25fb954f3c39adaa280a859360 Author: D. Hugh Redelmeier Date: Tue Jul 24 22:04:48 2018 -0400 makefiles: fix grammar of a message ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 486f4d7a422fe2d7c25595efb4246859e2c04e78 Author: D. Hugh Redelmeier Date: Sun Jul 22 22:22:57 2018 -0400 pervasive: contraction for "let us" is "let's", not "lets" ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 1daf10d71431b5061b0a0c94a45a2dc2207072b6 Author: D. Hugh Redelmeier Date: Sun Jul 22 19:10:34 2018 -0400 pervasive: eliminate newline after "static" in function definitions ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit e987cf92205ee19ae11ebfc9d62cab8b8ce15538 Author: D. Hugh Redelmeier Date: Fri Jul 20 22:41:03 2018 -0400 libipsecconf: since resolvip isn't used, get rid of it ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit ec8db8c71a76a4e98cd9ff4f899878669cd79284 Author: D. Hugh Redelmeier Date: Sat Jul 14 04:07:43 2018 -0400 pluto: sa_t and its constants are not bools; make them enums ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit b858f9398aa5e9552b345ecea11f970774e7a8b6 Author: D. Hugh Redelmeier Date: Mon Jul 16 09:15:14 2018 -0400 pluto: reduce boilerplace in generating notify payloads and in using critical() - Most calls to ship_v2N had stereotyped parameters. Added, documented, and used ship_v2Ns and ship_v2Nsp wrapper functions to exploit this. - Added EXPECT code to detect violations of the RFC's rule that specific notifications must include SPI information and that no other notification may do so. This pexpect does get triggered in our test suite, highlighting that we have a bug. (We knew that already.) - Eliminated the first argument tocritical(). All calls had supplied "false" as the first argument. - general tidying commit 19b7099dac5ce68413adb247a6951ae70301419f Author: D. Hugh Redelmeier Date: Mon Jul 16 09:06:02 2018 -0400 pluto: connections.c: formatting improvement commit 1b7be1e6cd5435176553d1e1e669f6c7fdee03c7 Author: D. Hugh Redelmeier Date: Sun Jul 15 21:06:35 2018 -0400 pervasive: add a space after each comma that hasn't got one commit b6ab1e0bf54af98d4aaa8f73f3ea43a2fd59b28c Author: D. Hugh Redelmeier Date: Sun Jul 15 20:59:27 2018 -0400 pluto: kernel.c: improve a line break commit 5ca5ca7c450402d51e350442af74ec2a326b7fd3 Author: D. Hugh Redelmeier Date: Sun Jul 15 20:51:56 2018 -0400 pluto: kernel_netlink.c: make broken source lines more legible commit 3f883756ec19e3224c426f43588b1c5d980b3836 Author: D. Hugh Redelmeier Date: Sun Jul 15 20:01:56 2018 -0400 pluto: tidy show.c's log_state() commit 35525205a596ca123876dc41d58fd323b39d80c1 Author: D. Hugh Redelmeier Date: Sun Jul 15 19:26:35 2018 -0400 pluto: tidy connections.h - delete unused struct connection's member "initiated" - delete declaration of parse_mark_mask() since it is never defined nor used - add ??? for struct connection's member "tunnel_addr_family" noting that it is set but never used. - whitespace and comment fiddling ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 5618b2c31d6a80a3ffa2901c024e9db5448c7d9d Author: D. Hugh Redelmeier Date: Sat Jul 14 08:59:54 2018 -0400 pluto: tidy aspects of IKEv2 proposal handling - clarify that COOKIE_SIZE is also the v2 IKE SPI size - replace magic numbers for v2 IKE SPI size and ESP SPI size - check that protocol IDs are OK in non-IKE context - clarify that "MUST be zero" applies to the SPI length and not the SPI itself - eliminate redundant tests for invalid SPI sizes - eliminate some casts ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit b6e8244a3fda063707192878446429f30b8b4d0c Author: D. Hugh Redelmeier Date: Sun Sep 9 20:51:28 2018 -0400 pluto: remove surplus whitespace ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 6d0aea9400c33c4269ed35454826a2c94bc39230 Author: D. Hugh Redelmeier Date: Wed Sep 5 02:40:10 2018 -0400 pervasive: eliminate many casts to unsigned long and long This should allow the compilers to catch more of our mistakes. In many cases we use inttypes.h macros for formatting (PRI[ux]32 etc.). These don't seem to exist in the kernel code environment so we often cannot eliminate a cast in kernel code. commit 5cd319ac093b12e91d0a30e38b52627672ed22fe Author: D. Hugh Redelmeier Date: Mon Sep 3 15:43:51 2018 -0400 pluto: server.c: use temporary macros as if they followed regular scope rule; avoid a couple of casts commit 3141a3ff8f408097be7e789acab2cb4a4d58e4b8 Author: D. Hugh Redelmeier Date: Mon Sep 3 15:15:24 2018 -0400 pluto: simplify and correct indentation of linux_audit_conn() commit ed4a6cb56ec3ad75742eb41126cf2fa18f1fff47 Author: D. Hugh Redelmeier Date: Mon Sep 3 14:10:45 2018 -0400 pluto: fix three broken attempts to print microseconds in ikev2_ipseckey.c commit c5891a5b1c4bc37a5130b49e1d8ee237008dca28 Author: D. Hugh Redelmeier Date: Mon Sep 3 11:55:55 2018 -0400 pluto: clarify packet.c by using modern C features ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 6505c353d090ca4c7bf5196acd2b7347b3966eb0 Author: D. Hugh Redelmeier Date: Fri Jul 6 00:48:26 2018 -0400 pluto: clarify some related IKEv1 functions - ikev1_decode_peer_id sometimes has a surprising side-effect: changing the connection for a state. Carefully document this. - move a number of auto declarations as late as possible, usually combining them with initialization. - adding "const" - simplifying control-flow within functions ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d2180e3ef9df096d54faadd84a2210c14c6a344d Author: D. Hugh Redelmeier Date: Sun Jul 8 11:18:19 2018 -0400 pluto: remove last vestiges of warningsarefatal Complete 5e9b2306981cc09b4c3cd4bf46a0ec9a5723afa5 ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 5855c1155f9f678525dc3ba56b60ae5842d6e0fe Author: D. Hugh Redelmeier Date: Mon Jul 9 19:11:18 2018 -0400 pervasive: get rid of self-reference using "FreeS/WAN" and "Openswan" ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 13e38a1ae0e0c41cf8d1673839706765c3880a5e Author: D. Hugh Redelmeier Date: Wed Jul 11 09:38:48 2018 -0400 pluto: a few more tweaks to add_connect - ensure alg_info_ike and alg_info_esp fields are initialized to NULL (initializing a pointer's raw memory to 0x00 is not guaranteed to initialize the pointer to NULL) - there are two distinct err_buf variables. Reduce the scope of one so that their scopes don't overlap. - make it manifest that c->alg_info_esp is set only once to a non-NULL value. This makes it clear that there is no leak caused by an apparent second assignment. commit 82b21dde2fed4de55f097e1ea0029378b51ef0bf Author: D. Hugh Redelmeier Date: Wed Jul 11 09:02:35 2018 -0400 pluto: ike_alg_show_connection: combine declaration and initialization This reduces the scope of the variable st and eliminates the portion of the scope where it was uninitialized. commit e1c8467ea3e3bf8ee5dfb2a10ca1952716f774c2 Author: D. Hugh Redelmeier Date: Wed Jul 11 09:00:44 2018 -0400 ah_info.c and esp_info.c: update a ??? comment commit efbcf791f7b17fa0e3ea1e0bc23a318e2742f310 Author: D. Hugh Redelmeier Date: Wed Jul 11 08:57:38 2018 -0400 parser.y: explicitly test pointer in boolean context ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 98633cbb425d50572335042055bf460215a940cd Author: D. Hugh Redelmeier Date: Fri Jul 6 09:38:58 2018 -0400 pluto: a few tweaks to ikev1_xauth.c - change result of xauth_launch_authent from always ignored 0 to void - add ??? comments where result of xauth_send_status is ignored - rename locals "xauth" to "xic" (more accurate) - add some blank lines to separate cases. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 2b1e4815e9806b06ee11d8ab25fda7fcc858bea8 Author: D. Hugh Redelmeier Date: Sat Jul 7 11:10:41 2018 -0400 testing: ditch many definitions of exit_tool. Never used. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d4cbcd8d3575dab0dc99175b91be735b949860cf Author: D. Hugh Redelmeier Date: Fri Jul 13 09:34:56 2018 -0400 testing: use /dev/urandom for dnssec-keygen and dnssec-signzone By default, these use /dev/random. This can be very very slow. random(4) says /dev/urandom should be used instead and it is much faster. There might be security issues -- the entropy is perhaps suspect. But for testing this should not be an issue. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 3304569945ef35d2d4666ef24383ce1b0f8d Author: D. Hugh Redelmeier Date: Thu Jul 12 15:18:27 2018 -0400 pluto: ikev2_process_sa_payload: *chosen_proposal must be empty on entry and full on return commit 300036d602bd363e171b1d31a6fac69e9e56795e Author: D. Hugh Redelmeier Date: Thu Jul 12 13:32:31 2018 -0400 pluto: sprinkle a few more consts commit 14d9fa0f1218a08c506b7a7561ac02528e1a798c Author: D. Hugh Redelmeier Date: Thu Jul 12 13:07:28 2018 -0400 pluto: opportunistic argument to ikev2_process_sa_payload must be bool commit d23fb67075a07e6a7a2a1b4c09589c60534431e8 Author: D. Hugh Redelmeier Date: Thu Jul 12 12:51:38 2018 -0400 pluto: cut down repetition in building V2 proposals - replace ikev2_proposals_from_alg_info_ike with ikev2_need_ike_proposals and ikev2_proposals_from_alg_info_esp with ikev2_need_esp_or_ah_proposals - the replacements have fewer arguments so calls are simpler - moved a passert from after each ikev2_proposals_from_alg_info_esp call to inside ikev2_proposals_from_alg_info_esp. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 91c40a3fba269ff428804846841e06f1dd8c7fbf Author: D. Hugh Redelmeier Date: Thu Jul 12 09:55:22 2018 -0400 pluto: ikev2_proposals_from_alg_info_ike: passert(*result !- NULL) at end - Every caller but one passerted this after the call - added: the passert into ikev2_proposals_from_alg_info_ike - removed: each after-call passert - tested: effectively a passert has been added at the one call point that didn't already have it. The new passert did not fire during a test suite run. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit f28c65e2c5a132562172522a73c88a2fcf4a841e Author: D. Hugh Redelmeier Date: Mon Jul 9 01:55:40 2018 -0400 confread: more carefully handle diagnostics Problems: - err_t was used for mutable errors + for heap-allocated strings: leaks + for static-allocated buffers: contents might be overwritten - multiple errors might cause all but the last to be discarded - some errors might get lost because they were treated as non-fatal Solution: - use a new mechanism for accumulating heap-allocate messages: starter_errors_t - the messages are printed even if the condition isn't considered fatal ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 157af04c882710935c4282dc7d8b78a0895203c8 Author: D. Hugh Redelmeier Date: Fri Jul 13 15:16:45 2018 -0400 pluto: fix ikev2_need_esp_or_ah_proposals broken in d23fb67075a07e6a7a2a1b4c09589c60534431e8 ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 7eab94e0bbdf4ccd8e404ae0a20c08aab0bd2705 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Tue Jan 23 13:37:39 2018 -0500 pluto: flag type asssertions with comments Some function-type typedefs are useful but cannot be used in function definitions. Our rule is: each function definition that cannot use the appropriate typedef must be within the scope of a declaration of that same function that does use the typedef. These type assertions look odd to the casual reader. They look like variable declarations. We add /* type assertion */ to each to help the reader. It would be nice to always have such a declaration adjacent to the definition but GCC whines if there has already been a declaration. We used to have such declarations, but as comments. But comments aren't checked (or maintained) so I've ditched them. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit fca0f0ec8d3527150a41a57b7234ba0fca00466c Author: D. Hugh Redelmeier Date: Wed Sep 12 04:07:39 2018 -0400 pluto: lsw_find_secret_by_id(): tidy three lines ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d30e7da4854373d9089d051be2566db25996ef29 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Wed Apr 18 10:55:19 2018 -0400 pluto: simplify ship_v2BOGUS() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 685c9771aa052456e02ab3712a05ec2796540f64 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Wed Apr 18 11:10:02 2018 -0400 pluto: absorb more into ship_v2BOGUS() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 8b088c1f854ece4a01fce63dd51f6d7785dbcff3 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Wed Apr 18 11:48:40 2018 -0400 pluto: allow INITIAL_CONTACT to delete multiple connections This is an unlikely case but it can be contrived. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 3987d674826968921bf3e99a0956acafd4371692 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Wed Apr 18 13:18:31 2018 -0400 pluto: fix typo: playload => payload (but it was a nice one) ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 91f7de765cefc33bd8685b6d69d31db64462e4c5 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Sat Apr 21 19:28:38 2018 -0400 eliminate scattered and redundant #includes of commit 8868fd661759028b6576584a3996081cc28c8e61 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Sat Apr 21 19:27:42 2018 -0400 c-swan: make functions file-static where appropriate ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit fff2f721ad6f56812bf01cf63c4a6c646f8342ba Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Mon Apr 16 17:14:37 2018 -0400 Tidy: - use struct initializers to advantage (lots more to be done) - replace most calls to zero() that initialized pointers since that is an error. Often with struct initializers. vfy_chain_pkix() still has questionable calls to zero(). - shrink the scope of some variables. Often combining definition with first or only assignment. - sprinkle some "const" attributes - simplify some control structures - add or improve some comments - unwind peculiar structure of ikev2_addr_change(). ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 007b8753f9a36dbc91fa708564ead702cd4fb60f Author: D. Hugh Redelmeier Date: Fri Jun 29 03:11:20 2018 -0400 linux/include/libreswan.h: fix typo just introduced ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit bc3ea96bc4f9b070db9f8bc36a435e66ffd38917 Author: D. Hugh Redelmeier Date: Thu Jun 28 22:29:17 2018 -0400 pervasive: SET_V4_LEN and SET_V6_LEN to avoid ifdef boilerplace - fixes a number of errors in boilerplate ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 51eda7543c74b43df25ac9330be8899c98393dd4 Author: D. Hugh Redelmeier Date: Fri Jun 22 09:45:51 2018 -0400 pluto: fix leak of whack file descriptor in ikev2_parent_outI1 ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 03bff8c06bcaf20583f05f7404aba872927bad62 Author: D. Hugh Redelmeier Date: Wed Jun 27 22:10:18 2018 -0400 pluto: connections.c: note a trick; make switch coverage clear for static analysis ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 78dc1a2ff82543567d75268ef4052f3514886cb9 Author: D. Hugh Redelmeier Date: Wed Jun 27 22:27:57 2018 -0400 pluto: ikev2_parent.c: simplify some functions commit 92ddee8cbb0da7390ea903c38b6241657b3b4292 Author: D. Hugh Redelmeier Date: Wed Jun 27 22:17:37 2018 -0400 pluto: simplicy ikev2_send_cert_decision() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit a1485e92caa85bc8215c772983d5c682e0e0905e Author: D. Hugh Redelmeier Date: Sun Oct 28 22:25:11 2018 -0400 libswan: x509dn.c: simplify, clarify, make more careful ASN.1 Distinguished Name decoding - redo init_rdn()/get_next_rdn() - never completely ignore errors from init_rdn and get_next_rdn (Sometimes the report only goes to the debug log.) - redo match_dn() - in string matching, be careful with 0x80 bit. It means something different in each string type. - eliminate redundant #includes - reduce scope of autos - add clarifying comments - catch more errors commit 7d213b695fe0c4d84b6a139fea9c8902cae1ed19 Author: D. Hugh Redelmeier Date: Sun Oct 28 22:16:34 2018 -0400 libswan: id.c: same_dn_any_order(): simplify and add (but suppress) instrumentation commit fe495c85a8aebfe4c5ddbddf219ef02d5746ef2e Author: D. Hugh Redelmeier Date: Sun Oct 28 22:13:43 2018 -0400 pluto: ikev2.c: survive excessive recursion in ikev2_decode_peer_id_and_certs() commit 8dc12c29b483a623875831450b48045f1b4aee08 Author: D. Hugh Redelmeier Date: Sun Oct 28 22:06:07 2018 -0400 pluto: keys.c: make a pair of messages distinct; reduce scope of autos commit 5ec162076628b4a392e4c966f4203f9bef11 Author: D. Hugh Redelmeier Date: Sun Oct 28 22:02:05 2018 -0400 pluto: ikev2_parent.c: fix misleading indentation ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 542f32f1f1c9a8dfce850271eeea445ac3653e75 Author: D. Hugh Redelmeier Date: Sat Nov 3 10:31:44 2018 -0400 lib/libswan/x509dn.c dn_parse() For each ',' or '/' in an ASN.1 string, double it in the ASCII-fied version. This is the inverse of what is done in the ASCII to ASN.1 code. Our code never did this before. Surely a bug. commit 62a04f2022e4b450d87b0f9eacb1ea7840c2701f Author: D. Hugh Redelmeier Date: Sat Nov 3 10:28:49 2018 -0400 lib/libswan/asn1.c: eliminate loop from is_printablestring() A bounded version of strspn(3) would be the best for this routine but none exists so a bit of a dance must be done with the last byte of the chunk. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 784bca5c25b0005107b25df47fdc560a8f163af0 Author: D. Hugh Redelmeier Date: Sat Nov 3 12:53:04 2018 -0400 pervasive: exploit chunk_eq() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 0cab6cc8ca89b80a9256960de4d68d66af3fb563 Author: D. Hugh Redelmeier Date: Fri Nov 2 16:04:39 2018 -0400 pluto: grammar ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 9632d141261ead3786b850eb0f524c06fc4edcc1 Author: D. Hugh Redelmeier Date: Mon Nov 5 13:28:17 2018 -0500 pluto/ikev2_message.c: avoid GCC 6.10 warning ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 4c7f1808fa60cbe60511b7e944de6c4ff3f099db Author: D. Hugh Redelmeier Date: Wed Nov 7 03:02:46 2018 -0500 libipsecconf: rename various *_MAX things as *_ROOF for accuracy ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 004d90abf6a2da93bc9f73c0f330fa39cd458725 Author: D. Hugh Redelmeier Date: Fri Nov 9 11:32:47 2018 -0500 asn1.h: note that asn1_length_signature() and is_asn1_der_encoded_signature() are are unused commit 22ebd1806bca81bafb99f1cefa28cbdf623d1afd Author: D. Hugh Redelmeier Date: Fri Nov 9 11:32:02 2018 -0500 af_info.h: add "extern" for consistency ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 0a78dbb08b27e3498073a98594abba7248a9634d Author: D. Hugh Redelmeier Date: Sun Nov 4 17:58:45 2018 -0500 libswan/asn1.c: another implementation of is_printablestring() This one is probably faster than the original (not measured). It is probably faster and more straight-forward than 62a04f2022e4b450d87b0f9eacb1ea7840c2701f The new one doesn't need to scribble on its input. The character set is a little harder to change, but the standard dictating it is very unlikely to change. (I generated the table with a program but the chance of ever having to run it again is zero, so I'm throwing it away.) ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 4b504a2410bd193326295cb3119682eda11fec91 Author: D. Hugh Redelmeier Date: Wed Oct 3 02:08:51 2018 -0400 libswan: fix some flaws with resolve_ppp_peer - remove incorrect introductory comments - rename to "resolve_point_to_point_peer" to make name clearer (corresponds to flag IFF_POINTOPOINT) - reduce scope of ifa - call getnameinfo(3) with a correct (smaller) bound on buffer "peer" - put braces around large body of FOR - simplify control flow, eliminating second call to freeifaddrs(3) ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 3b9ce2aacaf7ada0b02bcc19c864358f6e8d33ec Author: D. Hugh Redelmeier Date: Fri Sep 28 14:13:45 2018 -0400 pluto: ikev1_xauth.h: more clearly type state transition functions ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 268fca7cc9802c4bb7fff5133d3ef7c11ac0ddfa Author: D. Hugh Redelmeier Date: Fri Sep 21 03:45:33 2018 -0400 libswan: tidy secrets.[ch] - eliminate deadwood from secrets.h. Some functions disappear, some become file-static. - sprinkle const - simplify control flow of functions - reduce scope of autos - move asssignments embedded in boolean expressions - delete unused and buggy lsw_get_defaultsecret() - add add_secret(), absorbing create_empty_idlist() and eliminating duplicated and error-prone code - in lsw_find_secret_by_id(), print match values in octal (more natural) - add a few ??? comments ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit feae8224e3a9e6bf0f77631d7afd5f4201889798 Author: D. Hugh Redelmeier Date: Thu Sep 20 02:18:13 2018 -0400 pluto: tidy keys.c - eliminate redundant parameters of lsw_get_secret - reduce scope of auto variables - sprinkle const - make get_ppk() unconditionally set *ppk_id - many other simplifications commit e06490182b12b3d9584245b0b0d9fd4f2466047c Author: D. Hugh Redelmeier Date: Thu Sep 20 02:08:17 2018 -0400 libswan: partially handle PKK_ECDSA in lsw_free_preshared_secrets() I don't know how to free the whole structure properly. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit b257545675ae4564d866758eb3ef4230d7c1ede2 Author: D. Hugh Redelmeier Date: Tue Sep 25 17:14:36 2018 -0400 libipsecconf: fix off-by-one in config file "include" handling ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit fa004e7d4b83fbeaa8d0f6d8430a96aed97a97b9 Author: D. Hugh Redelmeier Date: Wed Sep 19 12:51:01 2018 -0400 pluto: ikev1.c: when rejecting an unexpected payload, log the state name ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 24234af0ec214cb86bd570d3964724ddab405bc5 Author: D. Hugh Redelmeier Date: Sat Sep 22 14:47:57 2018 -0400 pluto: rename out_byte => out_repeated_byte ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 9a4b391b006fcfd7a90dea888d31019cc545cf3f Author: D. Hugh Redelmeier Date: Fri Sep 28 11:17:24 2018 -0400 pluto: IKEv2: create functions for boilerplate for starting and ending SK/SKF payloads This hairy code now appears only once instead of being repeated, perhaps imperfectly, n times. Possible future project: absorbing fragmentation into this. Currently some packets are not considered for fragmentation which would seem to be a mistake. Sprinkled const. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 27eac7de24933451bd9b80a38bd009b0163c304c Author: D. Hugh Redelmeier Date: Fri Sep 28 12:45:16 2018 -0400 pluto: crl_queue.c: deep_clone_general_names: initialize new .next to NULL ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 063415a2a8ef5446bc43a959b31356a8d7e16504 Author: D. Hugh Redelmeier Date: Fri Sep 28 13:26:07 2018 -0400 pluto: add and use in_main_thread(); make main_thread private ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit f29644c394ce01d15f0b464df9c0f22786d39bef Author: D. Hugh Redelmeier Date: Fri Sep 28 13:36:37 2018 -0400 pluto: fetch.[ch]: make list_distribution_points() file-static ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 7086a92e4e3df700971279521ee68c2805d068c0 Author: D. Hugh Redelmeier Date: Fri Sep 28 13:39:38 2018 -0400 pluto: foodgroups.h: delete unused and undefined "policygroups_dir" ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 341f5aa875965193148d89a146ac25930af5cc2d Author: D. Hugh Redelmeier Date: Fri Sep 28 13:47:50 2018 -0400 pluto: hostpair: make "remove_host_pair" file-static ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 47e98df56ce71be370c9f701ea2a2c4e0bc88c62 Author: D. Hugh Redelmeier Date: Fri Sep 28 14:05:58 2018 -0400 pluto: ikev1_send.[ch]: eliminate "send_recorded_v1_ike_msg" ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit df2084833a023e577936ce0bbc1bf339734fa25b Author: D. Hugh Redelmeier Date: Thu Dec 27 23:57:27 2018 -0500 pluto: slightly clarify uniquify_his_cpi() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 20f4002247ba4540cdc3b4ebe6f7c73828682649 Author: D. Hugh Redelmeier Date: Wed Jan 2 15:54:08 2019 -0500 pluto: rename and remodularize emit_v2N* - new names specify what should be included in the payload "sa": an SA (i.e. protoid and SPI) "chunk": a chunk "pl": a sub-payload will be added by the caller. - changed emit_* to out_* so uncommited change won't silently fail - provide for callers to emit sub-payloads after the call. This will be exploited later. - eliminated a leak in add_redirect_payload ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit fed15202f0f59d9125e2ba77c5e6571ac0ef8de6 Author: D. Hugh Redelmeier Date: Fri Jan 4 23:23:20 2019 -0500 pluto: tidy build_redirected_from_notify_data and ikev2_parent_outI1_common; eliminate leak ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d451f77d58f00986bb0605d4948be67a26385b31 Author: D. Hugh Redelmeier Date: Fri Jan 18 10:58:57 2019 -0500 make older GCC's happy All these were prompted by diagnostics from GCC 4.8.5. They probably matter for other GCCs. - GCC does not consider EMPTY_CHUNK a constant: don't use it as a static initializer. - GCC doesn't completely understand the way we initialized a sub-struct field in a struct initializer. Rewrite in a way that it does understand. - GCC had stricter field initialization enforcement. Initialize fields uselessly to silence it. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit abb02a4e3a9d4403151aae29cc6b7bc27dcabac3 Author: D. Hugh Redelmeier Date: Mon Jan 21 10:14:06 2019 -0500 Pluto: a little bit of weeding - reduce heap use + Hashes fit in a buffer of modest and bounded size. If the lifetime of the buffer suits stack allocation, use auto. This reduces code complexity and the real chance of leaks. ikev2_calculate_ecdsa_hash ikev2_verify_ecdsa_hash (a leak eliminated) + replace create_unified_ppk_id with emit_unified_ppk_id so no heap-allocated chunk is required. Simpler too. - delay heap use + move chunk cloning to caller of rfc_resource_record_to_rsa_pubkey + unsure of unpack_ECDSA_public_key so added ??? comment - use bool-valued expression in boolean contexts (don't use pointers or ints; result of bitwise operator OK) - reduce scope of autos; don't reuse autos - add a couple of ??? comments - in a function definition, if the argument list is too long for one line, put each argument on its own line. crypt_hash_init, crypt_hash_digest_bytes - sprinkle const - in ikev2_ecdsa.c: sporadic use of FALSE and TRUE replaced by false and true. - use size_t for sizes, even though previous unsigned int would work: this makes it clearer that variable is about sizes. - spelling ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit c6dd1d5b3f95b015501cc0870ca74136583bb95b Author: D. Hugh Redelmeier Date: Sat Jan 19 11:50:18 2019 -0500 libswan: fallout from compound literals being objects - add const qualifier in CHUNKO - eliminate compound literal from an initializer ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 199ac9a7405ee86013941b7627a38f77b060dec5 Author: D. Hugh Redelmeier Date: Sat Jan 19 10:53:49 2019 -0500 EMPTY_CHUNK: add const qualifier to type of EMPTY_CHUNK Since a C compound literal is an object, it can be modified. EMPTY_CHUNK expands into a compound literal. In theory, every use of EMPTY_CHUNK creates a distinct object. Adding "const" to the type signals the compiler and the programmer that these objects cannot and must not be modified. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 67542646a6f47d9e061a407be4c71950a354ff40 Author: D. Hugh Redelmeier Date: Tue Dec 18 13:57:04 2018 -0500 pluto: state.h: clarify comments on struct state fields that are keying material ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 294fa14ed6b3d9459e4a8de74af01ec3f9ac4050 Merge: 9cee999 6451564 Author: D. Hugh Redelmeier Date: Tue Dec 18 14:07:20 2018 -0500 Merge branch 'master' of vault.libreswan.org:/srv/src/libreswan commit 9cee99943a49e7324e18f451bbad75a900c42eaf Author: D. Hugh Redelmeier Date: Tue Dec 18 14:06:13 2018 -0500 pluto: state.h: reclarify comments on struct state fields that are keying material ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 13d61c89710b2d0cd721fd55911c1625fc6cacec Author: D. Hugh Redelmeier Date: Thu Dec 20 13:50:55 2018 -0500 pluto: ikev2_log_parentSA: restore tcpdump -E functionality; simplify ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit dfd3e6a775952209721fbb182ee3d15cde609691 Author: D. Hugh Redelmeier Date: Sun Dec 23 22:48:48 2018 -0500 pluto: fix crasher introduced in 169270757d ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 2c027458e5ff744c39baececfebfa9eaf57cccf2 Author: D. Hugh Redelmeier Date: Tue Dec 11 01:46:47 2018 -0500 pluto: ikev2_parent.c: simplify add_st_to_ike_sa_send_list() commit a708e0871809c73bfc8e0f6da543a6ff1110f450 Author: D. Hugh Redelmeier Date: Tue Dec 11 01:45:28 2018 -0500 pluto: ikev2_parent.c: improve format of comments in ikev2_ike_sa_established() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 7015798dd7e0dafb07f9b3301992fb5a8a5f612f Author: D. Hugh Redelmeier Date: Tue Dec 11 01:57:26 2018 -0500 pluto: tweak comments in event_schedule() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d3ff44035a4b96764f07dfc68c5c733490c9aea6 Author: D. Hugh Redelmeier Date: Fri Dec 14 14:59:53 2018 -0500 pluto: ikev1.c: replace reference to v2 field with the corresponding v1 field st_skey_ei_nss => st_skeyid_e_nss ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit d78acb3ea6f6d4c1a19b489c3d95b133e8cf2c9a Author: D. Hugh Redelmeier Date: Fri Dec 21 10:48:32 2018 -0500 pluto: ikev2_parent.c: fix a confusing intentation mistake ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 96702cd31f95f8c0214d29cc440e193e5ad01b45 Merge: 1692707 ca6287c Author: D. Hugh Redelmeier Date: Fri Dec 21 11:40:02 2018 -0500 Merge branch 'master' of vault.libreswan.org:/srv/src/libreswan commit 169270757d6a2d61df730d1971613dff98db57eb Author: D. Hugh Redelmeier Date: Fri Dec 21 11:17:23 2018 -0500 pluto: plug multiple leaks of null_auth in ikev2_parent_inR1outI2_tail() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 526a3c46693bdd521fbe4c739a33c4e8f5ce89c8 Author: D. Hugh Redelmeier Date: Fri Dec 21 10:32:26 2018 -0500 Revert "pluto: emit_v2N's "critical" parameter since it was identical in each call" This reverts commit 731aaeee4199340b6aaf42eab5fa56b7919cde0f. Paul: eventually this parameter will be exploited ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit a2b6a07a5200a0e5dc4bfd400c834e662b98e0cc Author: D. Hugh Redelmeier Date: Fri Dec 21 10:55:21 2018 -0500 pluto: plug a leak in ikev2_parent_inI2outR2_id_tail() ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit 60505257ae2d788ccd5ee66eb481712ed5596ca2 Author: D. Hugh Redelmeier Date: Fri Dec 21 11:41:50 2018 -0500 pluto: get rid of a scope in ikev2_parent_inR1outI2_tail ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit
[Swan-commit] Changes to ref refs/heads/master
New commits: commit e01b644c1cc518696512a26dd8288ea9d61e55ad Author: D. Hugh Redelmeier Date: Wed Dec 5 11:24:59 2018 -0500 clarify interface to several event-deletion functions Each deals with a pointer to a pointer to the event. If the pointer to the event is NULL, the function does nothing. This is considered normal and boring: no logging is performed. So callers need not check for this case. This was true for some functions but not all functions and it was not documented The pointer to the event is set to NULL by the deletion routine. This eliminates a dangling pointer. Previously this was usually true but not always and was not documented. If the event pointer is not NULL, it must point to a known event. On pain of assertion failure. Simplify callers by exploiting these interface changes. Simplify find_ifaces(). Inline unlink_pluto_event(). const added; spelling fixed. ___ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit