[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit ffc124dff6754da9a88f19d229554fce58862f3a
Author: D. Hugh Redelmeier 
Date:   Sat Jul 28 15:30:38 2018 -0400

pluto: out_struct debugging controlled by DBG_EMITTING, not DBG_PARSING

commit 0d36f4249a4fec6683b330164cdd3cdccd10108a
Author: D. Hugh Redelmeier 
Date:   Sat Jul 28 15:21:53 2018 -0400

pluto: invent and use struct_desc ikev2_encrypted_portion

- this is in fact an empty struct but it handles book-keeping
  more elegantly than hand-rolled pbs_stream.

- added code to out_struct to make search for containing PBS clearer

commit 00756e0bdd53a252b13295b259e34fd7736f2a74
Author: D. Hugh Redelmeier 
Date:   Sat Jul 28 14:58:14 2018 -0400

libswan: slightly simplify lswlog_ike_alg()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 661c5452af2f178df8fc6118c55a9cfa67fda404
Author: D. Hugh Redelmeier 
Date:   Sun Jul 29 14:41:43 2018 -0400

pluto: refer to ISAKMP_NEXT_NONE and ISAKMP_NEXT_v2NONE by name

- More to come.

- Add a couple of useful comments too.

commit 090808f18ca4250b9cf62039f60b5f6ccff14cdd
Author: D. Hugh Redelmeier 
Date:   Sun Jul 29 14:33:49 2018 -0400

pluto: fix misleading indentation in out_vid()

commit fcd702b9bacf7880228da159ce36c0d5fd75b9a0
Author: D. Hugh Redelmeier 
Date:   Sun Jul 29 14:30:10 2018 -0400

pluto: fix nasty source line break in process_v1_packet()

commit 2eda0f18f5a076acada12fbfede26d6114c0f68c
Author: D. Hugh Redelmeier 
Date:   Sun Jul 29 14:28:45 2018 -0400

pluto_constants.h: delete unused and buggy IS_AUTH_RESPONSE()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 32b25cd15a5b606c01004ea2ea6bda0ba5fb2c8d
Author: D. Hugh Redelmeier 
Date:   Fri Aug 3 15:30:11 2018 -0400

libipsecconf: fix off-by-one error in 
f28c65e2c5a132562172522a73c88a2fcf4a841e

Bug reported by Cagney.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 59165f0a975e60b1c28a9626117300f53bf1e818
Author: D. Hugh Redelmeier 
Date:   Fri Aug 10 16:21:58 2018 -0400

testing: change Strongswan reference logs to reflect changes in 
c7cc3dbdd0782c157d2676740212c24e35c18415

- Order of DPD vendor ID and FRAGMENTATION vendor ID is reversed

commit c7cc3dbdd0782c157d2676740212c24e35c18415
Author: D. Hugh Redelmeier 
Date:   Fri Aug 10 16:07:20 2018 -0400

pluto: improve next payload backpatching and start using it in IKEv1 code

- backpatch target info is now in the PBS that will receive the payload.
  No searching is required.

- backpatching better supports payloads within payloads

- rename struct_desc's "np" (next payload) to "pt" (payload type)
  since this is about the current payload, not the next one.

- make sure that every struct_desc used for payload output has a
  correct pt.  This meant the generic struct_desc should not be used.
  pt should only be explicitly initialized in a struct_desc for a
  payload.

- the struct_desc pt field is now used at the start of out_struct,
  before the field loop.

- ft_mnp (message next payload) is renamed ft_fcp (first contained
  payload) and can be used in more places, not just the IKE message
  header.

- some backpatch problems are reported as expectation failures.
  This is an escalation from just appearing in debug logging.
  More checking is performed.

- IKEv1 Vendor ID emitting is handled better: common routines are used
  instead of replicated and accidentally mutated code.

- even more np calculation could be eliminated

- scatter a lot more "const"s

- use an empty struct (ikev2_encrypted_portion) as a wrapper PBS for
  encrypted payloads.  This requires some consideration of backpatching
  mechanism (see calls to move_pbs_previous_np()).

- simplify ikev2_create_psk_auth() by eliminating a parameter

- simplify ikev2_calculate_psk_sighash()

- eliminate non-static array bounds ("hash_len") from
  ikev2_create_psk_auth() and ikev2_verify_psk_auth().
  This is (optonally) supported by compilers but the
  C Committee seems to consider it a mistake.

- rename ikev2_np_cp_or_sa to ikev2_np_cp_or (awkward, but better
  reflects what it does).  This routine should be elminated.

- simplify nat_traversal_insert_vid() by replacing struct state *
  parameter with a const struct connection * parameter

- rename ikev2_record_fragments to ikev2_record_outbound_fragments
  to better reflect its function.

- improved some logging

commit fdb390f0035070fc8b03cf124ccb12ac4428f289
Author: D. Hugh Redelmeier 
Date:   Fri Aug 10 14:35:30 2018 -0400

programs/pluto/ikev1_send.c: tweak whitespace

commit 9d56aac9b076ace3093df0b08686d53c1b627822
Author: D. Hugh Redelmeier 
Date:   Fri Aug 10 14:31:05 2018 -0400

addrtypeof.c: delete an unexpected blank line in source

commit f9b8292842149ac56f54574053342027153b6f95
Author: D. Hugh Redelmeier 
Date:   Fri Aug 10 14:28:15 2018 -0400

testing: fix spelling in a couple of description.txt files

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 0d63ca83e965a29c676905ac55c6e5238c8dc97a
Author: D. Hugh Redelmeier 
Date:   Mon Aug 13 13:08:25 2018 -0400

pluto: negotiate_hash_algo_from_notification() prevent buffer overrun; tidy

- if the Other Side sent a payload listing too many hash algorithms,
  an internal buffer would overflow.  Now a diagnostic will be issued.
  Is the diagnotic emitted via the correct routine?

- reduced the scope of local variables

- eliminated pointless initialization

- moved common code outside the switch cases

- fixed typo in comment

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d7eb264d9c1923c8d1e911490445198d1ee8d582
Author: D. Hugh Redelmeier 
Date:   Tue Aug 14 01:53:11 2018 -0400

pluto: ikev2_parent.c: simplify and add some ???

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit c2e3fb0c0302c166b298ea9933da766011fba523
Author: D. Hugh Redelmeier 
Date:   Tue Aug 14 02:19:02 2018 -0400

pluto: build payloads with struct initializers; tidy

- for output payload structs, switch to using struct initializer to
  fill in fields where possible.  This replaced field assignment subsequent
  to the struct declaration

- fix leaks of auth_chain and add comments to explain required discipline

- sprinkle more "const"

- reduce scope of auto variables by declaring them as late as possible.

- try to combine declaration of each auto variable with its initial
  assignment

- simplify ikev1_close_message; add a couple of pexpects

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit f4d19f8a5e566b654881e4b2f7cbe23475f98c8e
Author: D. Hugh Redelmeier 
Date:   Sun Aug 12 13:26:32 2018 -0400

whack.h: bump WHACK_MAGIC to reflect recent change

fd547b0ffa5ec14b50bd25a71d5c220f2e532ed2 added sighash_policy to the
whack_message so WHACK_MAGIC must be changed to prevent undetected
mis-matches between whack and pluto.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 5cecaafc89167260c8aa4fbc937b867343a502ae
Author: D. Hugh Redelmeier 
Date:   Mon Aug 13 11:46:48 2018 -0400

pluto: sprinkle "static"; formatting tweaks

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 623f4f53e84a0ddc71a54f7fc4c4d2cf9c8dd7d7
Author: D. Hugh Redelmeier 
Date:   Tue Aug 14 10:52:14 2018 -0400

Revert "pluto: build payloads with struct initializers; tidy"

This reverts commit c2e3fb0c0302c166b298ea9933da766011fba523.
Seems to have broken too much china.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 9280af4e6ddc6f57a013c6c81dca81f54ae0ed55
Author: D. Hugh Redelmeier 
Date:   Sun Aug 19 01:01:54 2018 -0400

pluto: simplify build_id_payload()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 56dc77beba667853b0d2f017d373497942d686ab
Author: D. Hugh Redelmeier 
Date:   Sun Aug 19 02:12:46 2018 -0400

pluto: clarify odd bits in aggr_inI2

commit 3f29a679a4c02a13fd152c2f86bebba87739f32f
Author: D. Hugh Redelmeier 
Date:   Sun Aug 19 02:10:25 2018 -0400

pluto: aggr_inR1_outI2_tail: correctly build ID payload for hashing

commit d05bc7443be96d1c299e04420930d2846ba8e7d6
Author: D. Hugh Redelmeier 
Date:   Sun Aug 19 02:06:52 2018 -0400

pluto: aggr_inR1_outI2_crypto_continue: add a passert to check an assumption

commit bca7372f2e92b764d9af15b95a9f83a873e3a8ef
Author: D. Hugh Redelmeier 
Date:   Sun Aug 19 01:31:44 2018 -0400

pluto: delete main_inR3; rename main_inR3_tail as main_inR3

main_inR3 only called main_inR3_tail
main_inR3 was the only caller of main_inR3_tail

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 5b106e8e94b0ca58a600e82c5a2e15b48464aa9e
Author: D. Hugh Redelmeier 
Date:   Sun Aug 19 02:36:05 2018 -0400

pluto: add and use v2_build_id_payload()

This replaces a bunch of ugly casts with one.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 6dc99409a6b0e35e875d4d30512091afb393b63f
Author: D. Hugh Redelmeier 
Date:   Mon Aug 20 17:38:44 2018 -0400

pluto: tweak some whitespace

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 109a16cf2b2d1fd09ba59ead8b5a7a44c33944bc
Author: D. Hugh Redelmeier 
Date:   Sun Aug 26 22:37:48 2018 -0400

pluto: minimize scopes of variables

also:

- exploit auto struct initialization

- ditch some seam-enabling code

- convert an embarrassing pexpect to passert
  (it never fired)

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 448263e0bf0ba85ab86d397ef3c1ef915602513f
Author: D. Hugh Redelmeier 
Date:   Sat Aug 18 03:58:58 2018 -0400

pluto: build payloads with struct initializers; tidy

These changes are linked by changes to np (next payload) emitting.

- for output payload structs, switch to using struct initializer to
  fill in fields where possible.  This replaced field assignment subsequent
  to the struct declaration

- fix leaks of auth_chain and add comments to explain required discipline

- sprinkle more "const"

- reduce scope of auto variables by declaring them as late as possible.

- try to combine declaration of each auto variable with its initial
  assignment

- eliminate out_modify_previous_np

commit 078039811827db0cc97cc30190dd615318a02578
Author: D. Hugh Redelmeier 
Date:   Sat Aug 18 03:58:13 2018 -0400

pluto: simplify ikev1_close_message; add a couple of pexpects

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 4dfd1845c3458a2d4f1b79ec49c83c4871bd03d9
Author: D. Hugh Redelmeier 
Date:   Tue Aug 21 11:37:09 2018 -0400

pluto: simplify his_id_was_instantiated macro

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 28a2fe33d375c55ac914fe7a6fd550823fd29a4c
Author: D. Hugh Redelmeier 
Date:   Tue Aug 21 11:59:25 2018 -0400

pluto: make process_v1_packet() slightly more readable

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit f01486bbd06322d73ce782f98334d5a5c37b51a7
Author: D. Hugh Redelmeier 
Date:   Fri Jul 20 22:16:59 2018 -0400

pervasive: use PRINTF_LIKE and UNUSED instead of bulky GCC-isms

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 12b0082e835ffee4b37ac76850f243e2068c295b
Author: D. Hugh Redelmeier 
Date:   Fri Jul 20 22:00:13 2018 -0400

libipsecconf: respect that starter_error_append takes a format

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit a8c55f6eeda62b89a22214e3717f40fc691c8ebd
Author: D. Hugh Redelmeier 
Date:   Sat Jul 14 17:13:00 2018 -0400

pluto: don't ignore failure of ikev2_emit_sa_proposals()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 39cff244051bec854f911cdffcd2abd00906f302
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 16:09:57 2018 -0400

pluto: fix some spelling and indentation

commit 9f8edb14e70bcdca8e5afbe366bc6ba7319b0481
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 16:05:28 2018 -0400

pluto: minor format improvement

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit c2ecdefb06fed7f51cbf6571f3a431b5643a1d7a
Author: D. Hugh Redelmeier 
Date:   Mon Jul 16 19:28:50 2018 -0400

pluto: convert all struct_desc initialization to use C new-style

Too many fields to understand at a glance at an old-style initializer.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 6b72aa1f32af0a43dc9a811e4b5615ad212813cd
Author: D. Hugh Redelmeier 
Date:   Mon Jul 16 22:51:55 2018 -0400

kernel: fix spelling mistake in a comment

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 5f67c7c0d685bf6e48646bbc7ea43ddd1d6192ce
Author: D. Hugh Redelmeier 
Date:   Tue Jul 24 14:41:45 2018 -0400

addcon: simplify; log to stderr when appropriate

- systematically change "printf{ to "fprintf(stderr, " where it is
  followed by exit(1)

- change some INT variables to more correct BOOL

- "verbose" isn't a BOOL.  Don't treat it as one.

- eliminate some duplicated code in main()

commit 3922bd40876c135a9853855e018e2b2db02366c0
Author: D. Hugh Redelmeier 
Date:   Tue Jul 24 14:39:42 2018 -0400

lib/libwhack/aliascomp.c: simplify lsw_alias_cmp

commit 6fdacb7f94f1e37c4f28fee817b2346684c327d7
Author: D. Hugh Redelmeier 
Date:   Tue Jul 24 14:34:43 2018 -0400

ipsecconf: remove useless duplicate line from ipsec_conf_keywords[]

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit df4ab8d344024a25fb954f3c39adaa280a859360
Author: D. Hugh Redelmeier 
Date:   Tue Jul 24 22:04:48 2018 -0400

makefiles: fix grammar of a message

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 486f4d7a422fe2d7c25595efb4246859e2c04e78
Author: D. Hugh Redelmeier 
Date:   Sun Jul 22 22:22:57 2018 -0400

pervasive: contraction for "let us" is "let's", not "lets"

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 1daf10d71431b5061b0a0c94a45a2dc2207072b6
Author: D. Hugh Redelmeier 
Date:   Sun Jul 22 19:10:34 2018 -0400

pervasive: eliminate newline after "static" in function definitions

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit e987cf92205ee19ae11ebfc9d62cab8b8ce15538
Author: D. Hugh Redelmeier 
Date:   Fri Jul 20 22:41:03 2018 -0400

libipsecconf: since resolvip isn't used, get rid of it

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit ec8db8c71a76a4e98cd9ff4f899878669cd79284
Author: D. Hugh Redelmeier 
Date:   Sat Jul 14 04:07:43 2018 -0400

pluto: sa_t and its constants are not bools; make them enums

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit b858f9398aa5e9552b345ecea11f970774e7a8b6
Author: D. Hugh Redelmeier 
Date:   Mon Jul 16 09:15:14 2018 -0400

pluto: reduce boilerplace in generating notify payloads and in using 
critical()

- Most calls to ship_v2N had stereotyped parameters.  Added,
  documented, and used ship_v2Ns and ship_v2Nsp wrapper functions to
  exploit this.

- Added EXPECT code to detect violations of the RFC's rule
  that specific notifications must include SPI information
  and that no other notification may do so.

  This pexpect does get triggered in our test suite, highlighting that
  we have a bug.  (We knew that already.)

- Eliminated the first argument tocritical().  All calls had supplied
  "false" as the first argument.

- general tidying

commit 19b7099dac5ce68413adb247a6951ae70301419f
Author: D. Hugh Redelmeier 
Date:   Mon Jul 16 09:06:02 2018 -0400

pluto: connections.c: formatting improvement

commit 1b7be1e6cd5435176553d1e1e669f6c7fdee03c7
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 21:06:35 2018 -0400

pervasive: add a space after each comma that hasn't got one

commit b6ab1e0bf54af98d4aaa8f73f3ea43a2fd59b28c
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 20:59:27 2018 -0400

pluto: kernel.c: improve a line break

commit 5ca5ca7c450402d51e350442af74ec2a326b7fd3
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 20:51:56 2018 -0400

pluto: kernel_netlink.c: make broken source lines more legible

commit 3f883756ec19e3224c426f43588b1c5d980b3836
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 20:01:56 2018 -0400

pluto: tidy show.c's log_state()

commit 35525205a596ca123876dc41d58fd323b39d80c1
Author: D. Hugh Redelmeier 
Date:   Sun Jul 15 19:26:35 2018 -0400

pluto: tidy connections.h

- delete unused struct connection's member "initiated"

- delete declaration of parse_mark_mask() since it is never defined nor used

- add ??? for struct connection's member "tunnel_addr_family"
  noting that it is set but never used.

- whitespace and comment fiddling

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 5618b2c31d6a80a3ffa2901c024e9db5448c7d9d
Author: D. Hugh Redelmeier 
Date:   Sat Jul 14 08:59:54 2018 -0400

pluto: tidy aspects of IKEv2 proposal handling

- clarify that COOKIE_SIZE is also the v2 IKE SPI size

- replace magic numbers for v2 IKE SPI size and ESP SPI size

- check that protocol IDs are OK in non-IKE context

- clarify that "MUST be zero" applies to the SPI length
  and not the SPI itself

- eliminate redundant tests for invalid SPI sizes

- eliminate some casts

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit b6e8244a3fda063707192878446429f30b8b4d0c
Author: D. Hugh Redelmeier 
Date:   Sun Sep 9 20:51:28 2018 -0400

pluto: remove surplus whitespace

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 6d0aea9400c33c4269ed35454826a2c94bc39230
Author: D. Hugh Redelmeier 
Date:   Wed Sep 5 02:40:10 2018 -0400

pervasive: eliminate many casts to unsigned long and long

This should allow the compilers to catch more of our mistakes.

In many cases we use inttypes.h macros for formatting (PRI[ux]32 etc.).
These don't seem to exist in the kernel code environment so we
often cannot eliminate a cast in kernel code.

commit 5cd319ac093b12e91d0a30e38b52627672ed22fe
Author: D. Hugh Redelmeier 
Date:   Mon Sep 3 15:43:51 2018 -0400

pluto: server.c: use temporary macros as if they followed regular scope 
rule; avoid a couple of casts

commit 3141a3ff8f408097be7e789acab2cb4a4d58e4b8
Author: D. Hugh Redelmeier 
Date:   Mon Sep 3 15:15:24 2018 -0400

pluto: simplify and correct indentation of linux_audit_conn()

commit ed4a6cb56ec3ad75742eb41126cf2fa18f1fff47
Author: D. Hugh Redelmeier 
Date:   Mon Sep 3 14:10:45 2018 -0400

pluto: fix three broken attempts to print microseconds in ikev2_ipseckey.c

commit c5891a5b1c4bc37a5130b49e1d8ee237008dca28
Author: D. Hugh Redelmeier 
Date:   Mon Sep 3 11:55:55 2018 -0400

pluto: clarify packet.c by using modern C features

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 6505c353d090ca4c7bf5196acd2b7347b3966eb0
Author: D. Hugh Redelmeier 
Date:   Fri Jul 6 00:48:26 2018 -0400

pluto: clarify some related IKEv1 functions

- ikev1_decode_peer_id sometimes has a surprising side-effect:
  changing the connection for a state.  Carefully document this.

- move a number of auto declarations as late as possible, usually
  combining them with initialization.

- adding "const"

- simplifying control-flow within functions

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d2180e3ef9df096d54faadd84a2210c14c6a344d
Author: D. Hugh Redelmeier 
Date:   Sun Jul 8 11:18:19 2018 -0400

pluto: remove last vestiges of warningsarefatal

Complete 5e9b2306981cc09b4c3cd4bf46a0ec9a5723afa5

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 5855c1155f9f678525dc3ba56b60ae5842d6e0fe
Author: D. Hugh Redelmeier 
Date:   Mon Jul 9 19:11:18 2018 -0400

pervasive: get rid of self-reference using "FreeS/WAN" and "Openswan"

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 13e38a1ae0e0c41cf8d1673839706765c3880a5e
Author: D. Hugh Redelmeier 
Date:   Wed Jul 11 09:38:48 2018 -0400

pluto: a few more tweaks to add_connect

- ensure alg_info_ike and alg_info_esp fields are initialized to NULL
  (initializing a pointer's raw memory to 0x00 is not guaranteed to 
initialize
  the pointer to NULL)

- there are two distinct err_buf variables.  Reduce the scope of one
  so that their scopes don't overlap.

- make it manifest that c->alg_info_esp is set only once to a non-NULL 
value.
  This makes it clear that there is no leak caused by an apparent second
  assignment.

commit 82b21dde2fed4de55f097e1ea0029378b51ef0bf
Author: D. Hugh Redelmeier 
Date:   Wed Jul 11 09:02:35 2018 -0400

pluto: ike_alg_show_connection: combine declaration and initialization

This reduces the scope of the variable st and eliminates the portion of the
scope where it was uninitialized.

commit e1c8467ea3e3bf8ee5dfb2a10ca1952716f774c2
Author: D. Hugh Redelmeier 
Date:   Wed Jul 11 09:00:44 2018 -0400

ah_info.c and esp_info.c: update a ??? comment

commit efbcf791f7b17fa0e3ea1e0bc23a318e2742f310
Author: D. Hugh Redelmeier 
Date:   Wed Jul 11 08:57:38 2018 -0400

parser.y: explicitly test pointer in boolean context

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 98633cbb425d50572335042055bf460215a940cd
Author: D. Hugh Redelmeier 
Date:   Fri Jul 6 09:38:58 2018 -0400

pluto: a few tweaks to ikev1_xauth.c

- change result of xauth_launch_authent from always ignored 0 to void

- add ??? comments where result of xauth_send_status is ignored

- rename locals "xauth" to "xic" (more accurate)

- add some blank lines to separate cases.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 2b1e4815e9806b06ee11d8ab25fda7fcc858bea8
Author: D. Hugh Redelmeier 
Date:   Sat Jul 7 11:10:41 2018 -0400

testing: ditch many definitions of exit_tool.  Never used.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d4cbcd8d3575dab0dc99175b91be735b949860cf
Author: D. Hugh Redelmeier 
Date:   Fri Jul 13 09:34:56 2018 -0400

testing: use /dev/urandom for dnssec-keygen and dnssec-signzone

By default, these use /dev/random.  This can be very very slow.
random(4) says /dev/urandom should be used instead and it is much
faster.

There might be security issues -- the entropy is perhaps suspect.  But
for testing this should not be an issue.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 3304569945ef35d2d4666ef24383ce1b0f8d
Author: D. Hugh Redelmeier 
Date:   Thu Jul 12 15:18:27 2018 -0400

pluto: ikev2_process_sa_payload: *chosen_proposal must be empty on entry 
and full on return

commit 300036d602bd363e171b1d31a6fac69e9e56795e
Author: D. Hugh Redelmeier 
Date:   Thu Jul 12 13:32:31 2018 -0400

pluto: sprinkle a few more consts

commit 14d9fa0f1218a08c506b7a7561ac02528e1a798c
Author: D. Hugh Redelmeier 
Date:   Thu Jul 12 13:07:28 2018 -0400

pluto: opportunistic argument to ikev2_process_sa_payload must be bool

commit d23fb67075a07e6a7a2a1b4c09589c60534431e8
Author: D. Hugh Redelmeier 
Date:   Thu Jul 12 12:51:38 2018 -0400

pluto: cut down repetition in building V2 proposals

- replace ikev2_proposals_from_alg_info_ike with ikev2_need_ike_proposals
  and ikev2_proposals_from_alg_info_esp with ikev2_need_esp_or_ah_proposals

- the replacements have fewer arguments so calls are simpler

- moved a passert from after each ikev2_proposals_from_alg_info_esp call to
  inside ikev2_proposals_from_alg_info_esp.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 91c40a3fba269ff428804846841e06f1dd8c7fbf
Author: D. Hugh Redelmeier 
Date:   Thu Jul 12 09:55:22 2018 -0400

pluto: ikev2_proposals_from_alg_info_ike: passert(*result !- NULL) at end

- Every caller but one passerted this after the call

- added: the passert into ikev2_proposals_from_alg_info_ike

- removed: each after-call passert

- tested: effectively a passert has been added at the one call point
  that didn't already have it.  The new passert did not fire during a
  test suite run.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit f28c65e2c5a132562172522a73c88a2fcf4a841e
Author: D. Hugh Redelmeier 
Date:   Mon Jul 9 01:55:40 2018 -0400

confread: more carefully handle diagnostics

Problems:

- err_t was used for mutable errors

  + for heap-allocated strings: leaks

  + for static-allocated buffers: contents might be overwritten

- multiple errors might cause all but the last to be discarded

- some errors might get lost because they were treated as non-fatal

Solution:

- use a new mechanism for accumulating heap-allocate messages: 
starter_errors_t

- the  messages are printed even if the condition isn't considered fatal

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 157af04c882710935c4282dc7d8b78a0895203c8
Author: D. Hugh Redelmeier 
Date:   Fri Jul 13 15:16:45 2018 -0400

pluto: fix ikev2_need_esp_or_ah_proposals broken in 
d23fb67075a07e6a7a2a1b4c09589c60534431e8

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 7eab94e0bbdf4ccd8e404ae0a20c08aab0bd2705
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Tue Jan 23 13:37:39 2018 -0500

pluto: flag type asssertions with comments

Some function-type typedefs are useful but cannot be used in function
definitions.

Our rule is: each function definition that cannot use the appropriate
typedef must be within the scope of a declaration of that same
function that does use the typedef.

These type assertions look odd to the casual reader.  They look like
variable declarations.  We add /* type assertion */ to each to help the
reader.

It would be nice to always have such a declaration adjacent to the
definition but GCC whines if there has already been a declaration.  We
used to have such declarations, but as comments.  But comments aren't
checked (or maintained) so I've ditched them.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit fca0f0ec8d3527150a41a57b7234ba0fca00466c
Author: D. Hugh Redelmeier 
Date:   Wed Sep 12 04:07:39 2018 -0400

pluto: lsw_find_secret_by_id(): tidy three lines

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d30e7da4854373d9089d051be2566db25996ef29
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Wed Apr 18 10:55:19 2018 -0400

pluto: simplify ship_v2BOGUS()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 685c9771aa052456e02ab3712a05ec2796540f64
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Wed Apr 18 11:10:02 2018 -0400

pluto: absorb more into ship_v2BOGUS()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 8b088c1f854ece4a01fce63dd51f6d7785dbcff3
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Wed Apr 18 11:48:40 2018 -0400

pluto: allow INITIAL_CONTACT to delete multiple connections

This is an unlikely case but it can be contrived.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 3987d674826968921bf3e99a0956acafd4371692
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Wed Apr 18 13:18:31 2018 -0400

pluto: fix typo: playload => payload (but it was a nice one)

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 91f7de765cefc33bd8685b6d69d31db64462e4c5
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Sat Apr 21 19:28:38 2018 -0400

eliminate scattered and redundant #includes of 

commit 8868fd661759028b6576584a3996081cc28c8e61
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Sat Apr 21 19:27:42 2018 -0400

c-swan: make functions file-static where appropriate

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit fff2f721ad6f56812bf01cf63c4a6c646f8342ba
Author: D. Hugh Redelmeier <h...@mimosa.com>
Date:   Mon Apr 16 17:14:37 2018 -0400

Tidy:

- use struct initializers to advantage (lots more to be done)

- replace most calls to zero() that initialized pointers since that is an 
error.
  Often with struct initializers.
  vfy_chain_pkix() still has questionable calls to zero().

- shrink the scope of some variables.
  Often combining definition with first or only assignment.

- sprinkle some "const" attributes

- simplify some control structures

- add or improve some comments

- unwind peculiar structure of ikev2_addr_change().

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 007b8753f9a36dbc91fa708564ead702cd4fb60f
Author: D. Hugh Redelmeier 
Date:   Fri Jun 29 03:11:20 2018 -0400

linux/include/libreswan.h: fix typo just introduced

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit bc3ea96bc4f9b070db9f8bc36a435e66ffd38917
Author: D. Hugh Redelmeier 
Date:   Thu Jun 28 22:29:17 2018 -0400

pervasive: SET_V4_LEN and SET_V6_LEN to avoid ifdef boilerplace

- fixes a number of errors in boilerplate

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 51eda7543c74b43df25ac9330be8899c98393dd4
Author: D. Hugh Redelmeier 
Date:   Fri Jun 22 09:45:51 2018 -0400

pluto: fix leak of whack file descriptor in ikev2_parent_outI1

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 03bff8c06bcaf20583f05f7404aba872927bad62
Author: D. Hugh Redelmeier 
Date:   Wed Jun 27 22:10:18 2018 -0400

pluto: connections.c: note a trick; make switch coverage clear for static 
analysis

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 78dc1a2ff82543567d75268ef4052f3514886cb9
Author: D. Hugh Redelmeier 
Date:   Wed Jun 27 22:27:57 2018 -0400

pluto: ikev2_parent.c: simplify some functions

commit 92ddee8cbb0da7390ea903c38b6241657b3b4292
Author: D. Hugh Redelmeier 
Date:   Wed Jun 27 22:17:37 2018 -0400

pluto: simplicy ikev2_send_cert_decision()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit a1485e92caa85bc8215c772983d5c682e0e0905e
Author: D. Hugh Redelmeier 
Date:   Sun Oct 28 22:25:11 2018 -0400

libswan: x509dn.c: simplify, clarify, make more careful ASN.1 Distinguished 
Name decoding

- redo init_rdn()/get_next_rdn()

- never completely ignore errors from init_rdn and get_next_rdn
  (Sometimes the report only goes to the debug log.)

- redo match_dn()

- in string matching, be careful with 0x80 bit.  It means something
  different in each string type.

- eliminate redundant #includes

- reduce scope of autos

- add clarifying comments

- catch more errors

commit 7d213b695fe0c4d84b6a139fea9c8902cae1ed19
Author: D. Hugh Redelmeier 
Date:   Sun Oct 28 22:16:34 2018 -0400

libswan: id.c: same_dn_any_order(): simplify and add (but suppress) 
instrumentation

commit fe495c85a8aebfe4c5ddbddf219ef02d5746ef2e
Author: D. Hugh Redelmeier 
Date:   Sun Oct 28 22:13:43 2018 -0400

pluto: ikev2.c: survive excessive recursion in 
ikev2_decode_peer_id_and_certs()

commit 8dc12c29b483a623875831450b48045f1b4aee08
Author: D. Hugh Redelmeier 
Date:   Sun Oct 28 22:06:07 2018 -0400

pluto: keys.c: make a pair of messages distinct; reduce scope of autos

commit 5ec162076628b4a392e4c966f4203f9bef11
Author: D. Hugh Redelmeier 
Date:   Sun Oct 28 22:02:05 2018 -0400

pluto: ikev2_parent.c: fix misleading indentation

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 542f32f1f1c9a8dfce850271eeea445ac3653e75
Author: D. Hugh Redelmeier 
Date:   Sat Nov 3 10:31:44 2018 -0400

lib/libswan/x509dn.c dn_parse()

For each ',' or '/' in an ASN.1 string, double it in the ASCII-fied version.
This is the inverse of what is done in the ASCII to ASN.1 code.

Our code never did this before.  Surely a bug.

commit 62a04f2022e4b450d87b0f9eacb1ea7840c2701f
Author: D. Hugh Redelmeier 
Date:   Sat Nov 3 10:28:49 2018 -0400

lib/libswan/asn1.c: eliminate loop from is_printablestring()

A bounded version of strspn(3) would be the best for this routine but
none exists so a bit of a dance must be done with the last byte of the
chunk.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 784bca5c25b0005107b25df47fdc560a8f163af0
Author: D. Hugh Redelmeier 
Date:   Sat Nov 3 12:53:04 2018 -0400

pervasive: exploit chunk_eq()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 0cab6cc8ca89b80a9256960de4d68d66af3fb563
Author: D. Hugh Redelmeier 
Date:   Fri Nov 2 16:04:39 2018 -0400

pluto: grammar

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 9632d141261ead3786b850eb0f524c06fc4edcc1
Author: D. Hugh Redelmeier 
Date:   Mon Nov 5 13:28:17 2018 -0500

pluto/ikev2_message.c: avoid GCC 6.10 warning

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 4c7f1808fa60cbe60511b7e944de6c4ff3f099db
Author: D. Hugh Redelmeier 
Date:   Wed Nov 7 03:02:46 2018 -0500

libipsecconf: rename various *_MAX things as *_ROOF for accuracy

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 004d90abf6a2da93bc9f73c0f330fa39cd458725
Author: D. Hugh Redelmeier 
Date:   Fri Nov 9 11:32:47 2018 -0500

asn1.h: note that asn1_length_signature() and 
is_asn1_der_encoded_signature() are are unused

commit 22ebd1806bca81bafb99f1cefa28cbdf623d1afd
Author: D. Hugh Redelmeier 
Date:   Fri Nov 9 11:32:02 2018 -0500

af_info.h: add "extern" for consistency

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 0a78dbb08b27e3498073a98594abba7248a9634d
Author: D. Hugh Redelmeier 
Date:   Sun Nov 4 17:58:45 2018 -0500

libswan/asn1.c: another implementation of is_printablestring()

This one is probably faster than the original (not measured).

It is probably faster and more straight-forward than
  62a04f2022e4b450d87b0f9eacb1ea7840c2701f
The new one doesn't need to scribble on its input.

The character set is a little harder to change, but the standard
dictating it is very unlikely to change.  (I generated the table with
a program but the chance of ever having to run it again is zero, so
I'm throwing it away.)

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 4b504a2410bd193326295cb3119682eda11fec91
Author: D. Hugh Redelmeier 
Date:   Wed Oct 3 02:08:51 2018 -0400

libswan: fix some flaws with resolve_ppp_peer

- remove incorrect introductory comments

- rename to "resolve_point_to_point_peer" to make name clearer
  (corresponds to flag IFF_POINTOPOINT)

- reduce scope of ifa

- call getnameinfo(3) with a correct (smaller) bound on buffer "peer"

- put braces around large body of FOR

- simplify control flow, eliminating second call to freeifaddrs(3)

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 3b9ce2aacaf7ada0b02bcc19c864358f6e8d33ec
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 14:13:45 2018 -0400

pluto: ikev1_xauth.h: more clearly type state transition functions

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 268fca7cc9802c4bb7fff5133d3ef7c11ac0ddfa
Author: D. Hugh Redelmeier 
Date:   Fri Sep 21 03:45:33 2018 -0400

libswan: tidy secrets.[ch]

- eliminate deadwood from secrets.h.  Some functions disappear, some
  become file-static.

- sprinkle const

- simplify control flow of functions

- reduce scope of autos

- move asssignments embedded in boolean expressions

- delete unused and buggy lsw_get_defaultsecret()

- add add_secret(), absorbing create_empty_idlist() and eliminating
  duplicated and error-prone code

- in lsw_find_secret_by_id(), print match values in octal (more natural)

- add a few ??? comments

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit feae8224e3a9e6bf0f77631d7afd5f4201889798
Author: D. Hugh Redelmeier 
Date:   Thu Sep 20 02:18:13 2018 -0400

pluto: tidy keys.c

- eliminate redundant parameters of lsw_get_secret

- reduce scope of auto variables

- sprinkle const

- make get_ppk() unconditionally set *ppk_id

- many other simplifications

commit e06490182b12b3d9584245b0b0d9fd4f2466047c
Author: D. Hugh Redelmeier 
Date:   Thu Sep 20 02:08:17 2018 -0400

libswan: partially handle PKK_ECDSA in lsw_free_preshared_secrets()

I don't know how to free the whole structure properly.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit b257545675ae4564d866758eb3ef4230d7c1ede2
Author: D. Hugh Redelmeier 
Date:   Tue Sep 25 17:14:36 2018 -0400

libipsecconf: fix off-by-one in config file "include" handling

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit fa004e7d4b83fbeaa8d0f6d8430a96aed97a97b9
Author: D. Hugh Redelmeier 
Date:   Wed Sep 19 12:51:01 2018 -0400

pluto: ikev1.c: when rejecting an unexpected payload, log the state name

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 24234af0ec214cb86bd570d3964724ddab405bc5
Author: D. Hugh Redelmeier 
Date:   Sat Sep 22 14:47:57 2018 -0400

pluto: rename out_byte => out_repeated_byte

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 9a4b391b006fcfd7a90dea888d31019cc545cf3f
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 11:17:24 2018 -0400

pluto: IKEv2: create functions for boilerplate for starting and ending 
SK/SKF payloads

This hairy code now appears only once instead of being repeated,
perhaps imperfectly, n times.

Possible future project: absorbing fragmentation into this.  Currently
some packets are not considered for fragmentation which would seem to
be a mistake.

Sprinkled const.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 27eac7de24933451bd9b80a38bd009b0163c304c
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 12:45:16 2018 -0400

pluto: crl_queue.c: deep_clone_general_names: initialize new .next to NULL

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 063415a2a8ef5446bc43a959b31356a8d7e16504
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 13:26:07 2018 -0400

pluto: add and use in_main_thread(); make main_thread private

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit f29644c394ce01d15f0b464df9c0f22786d39bef
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 13:36:37 2018 -0400

pluto: fetch.[ch]: make list_distribution_points() file-static

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 7086a92e4e3df700971279521ee68c2805d068c0
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 13:39:38 2018 -0400

pluto: foodgroups.h: delete unused and undefined "policygroups_dir"

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 341f5aa875965193148d89a146ac25930af5cc2d
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 13:47:50 2018 -0400

pluto: hostpair: make "remove_host_pair" file-static

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 47e98df56ce71be370c9f701ea2a2c4e0bc88c62
Author: D. Hugh Redelmeier 
Date:   Fri Sep 28 14:05:58 2018 -0400

pluto: ikev1_send.[ch]: eliminate "send_recorded_v1_ike_msg"

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit df2084833a023e577936ce0bbc1bf339734fa25b
Author: D. Hugh Redelmeier 
Date:   Thu Dec 27 23:57:27 2018 -0500

pluto: slightly clarify uniquify_his_cpi()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 20f4002247ba4540cdc3b4ebe6f7c73828682649
Author: D. Hugh Redelmeier 
Date:   Wed Jan 2 15:54:08 2019 -0500

pluto: rename and remodularize emit_v2N*

- new names specify what should be included in the payload
  "sa": an SA (i.e. protoid and SPI)
  "chunk": a chunk
  "pl": a sub-payload will be added by the caller.

- changed emit_* to out_* so uncommited change won't silently fail

- provide for callers to emit sub-payloads after the call.
  This will be exploited later.

- eliminated a leak in add_redirect_payload

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit fed15202f0f59d9125e2ba77c5e6571ac0ef8de6
Author: D. Hugh Redelmeier 
Date:   Fri Jan 4 23:23:20 2019 -0500

pluto: tidy build_redirected_from_notify_data and 
ikev2_parent_outI1_common; eliminate leak

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d451f77d58f00986bb0605d4948be67a26385b31
Author: D. Hugh Redelmeier 
Date:   Fri Jan 18 10:58:57 2019 -0500

make older GCC's happy

All these were prompted by diagnostics from GCC 4.8.5.  They probably
matter for other GCCs.

- GCC does not consider EMPTY_CHUNK a constant: don't use it as a
  static initializer.

- GCC doesn't completely understand the way we initialized a
  sub-struct field in a struct initializer.  Rewrite in a way that it
  does understand.

- GCC had stricter field initialization enforcement.  Initialize fields
  uselessly to silence it.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit abb02a4e3a9d4403151aae29cc6b7bc27dcabac3
Author: D. Hugh Redelmeier 
Date:   Mon Jan 21 10:14:06 2019 -0500

Pluto: a little bit of weeding

- reduce heap use

  + Hashes fit in a buffer of modest and bounded size.  If the
lifetime of the buffer suits stack allocation, use auto.
This reduces code complexity and the real chance of leaks.
ikev2_calculate_ecdsa_hash
ikev2_verify_ecdsa_hash (a leak eliminated)

  + replace create_unified_ppk_id with emit_unified_ppk_id
so no heap-allocated chunk is required.  Simpler too.

- delay heap use

  + move chunk cloning to caller of rfc_resource_record_to_rsa_pubkey

  + unsure of unpack_ECDSA_public_key so added ??? comment

- use bool-valued expression in boolean contexts (don't use pointers
  or ints; result of bitwise operator OK)

- reduce scope of autos; don't reuse autos

- add a couple of ??? comments

- in a function definition, if the argument list is too long for one
  line, put each argument on its own line.
crypt_hash_init,
crypt_hash_digest_bytes

- sprinkle const

- in ikev2_ecdsa.c: sporadic use of FALSE and TRUE replaced by false
  and true.

- use size_t for sizes, even though previous unsigned int would work:
  this makes it clearer that variable is about sizes.

- spelling

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit c6dd1d5b3f95b015501cc0870ca74136583bb95b
Author: D. Hugh Redelmeier 
Date:   Sat Jan 19 11:50:18 2019 -0500

libswan: fallout from compound literals being objects

- add const qualifier in CHUNKO

- eliminate compound literal from an initializer

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 199ac9a7405ee86013941b7627a38f77b060dec5
Author: D. Hugh Redelmeier 
Date:   Sat Jan 19 10:53:49 2019 -0500

EMPTY_CHUNK: add const qualifier to type of EMPTY_CHUNK

Since a C compound literal is an object, it can be modified.
EMPTY_CHUNK expands into a compound literal.
In theory, every use of EMPTY_CHUNK creates a distinct object.
Adding "const" to the type signals the compiler and the
programmer that these objects cannot and must not be modified.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 67542646a6f47d9e061a407be4c71950a354ff40
Author: D. Hugh Redelmeier 
Date:   Tue Dec 18 13:57:04 2018 -0500

pluto: state.h: clarify comments on struct state fields that are keying 
material

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 294fa14ed6b3d9459e4a8de74af01ec3f9ac4050
Merge: 9cee999 6451564
Author: D. Hugh Redelmeier 
Date:   Tue Dec 18 14:07:20 2018 -0500

Merge branch 'master' of vault.libreswan.org:/srv/src/libreswan

commit 9cee99943a49e7324e18f451bbad75a900c42eaf
Author: D. Hugh Redelmeier 
Date:   Tue Dec 18 14:06:13 2018 -0500

pluto: state.h: reclarify comments on struct state fields that are keying 
material

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 13d61c89710b2d0cd721fd55911c1625fc6cacec
Author: D. Hugh Redelmeier 
Date:   Thu Dec 20 13:50:55 2018 -0500

pluto: ikev2_log_parentSA: restore tcpdump -E functionality; simplify

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit dfd3e6a775952209721fbb182ee3d15cde609691
Author: D. Hugh Redelmeier 
Date:   Sun Dec 23 22:48:48 2018 -0500

pluto: fix crasher introduced in 169270757d

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 2c027458e5ff744c39baececfebfa9eaf57cccf2
Author: D. Hugh Redelmeier 
Date:   Tue Dec 11 01:46:47 2018 -0500

pluto: ikev2_parent.c: simplify add_st_to_ike_sa_send_list()

commit a708e0871809c73bfc8e0f6da543a6ff1110f450
Author: D. Hugh Redelmeier 
Date:   Tue Dec 11 01:45:28 2018 -0500

pluto: ikev2_parent.c: improve format of comments in 
ikev2_ike_sa_established()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 7015798dd7e0dafb07f9b3301992fb5a8a5f612f
Author: D. Hugh Redelmeier 
Date:   Tue Dec 11 01:57:26 2018 -0500

pluto: tweak comments in event_schedule()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d3ff44035a4b96764f07dfc68c5c733490c9aea6
Author: D. Hugh Redelmeier 
Date:   Fri Dec 14 14:59:53 2018 -0500

pluto: ikev1.c: replace reference to v2 field with the corresponding v1 
field

st_skey_ei_nss => st_skeyid_e_nss

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit d78acb3ea6f6d4c1a19b489c3d95b133e8cf2c9a
Author: D. Hugh Redelmeier 
Date:   Fri Dec 21 10:48:32 2018 -0500

pluto: ikev2_parent.c: fix a confusing intentation mistake

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 96702cd31f95f8c0214d29cc440e193e5ad01b45
Merge: 1692707 ca6287c
Author: D. Hugh Redelmeier 
Date:   Fri Dec 21 11:40:02 2018 -0500

Merge branch 'master' of vault.libreswan.org:/srv/src/libreswan

commit 169270757d6a2d61df730d1971613dff98db57eb
Author: D. Hugh Redelmeier 
Date:   Fri Dec 21 11:17:23 2018 -0500

pluto: plug multiple leaks of null_auth in ikev2_parent_inR1outI2_tail()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 526a3c46693bdd521fbe4c739a33c4e8f5ce89c8
Author: D. Hugh Redelmeier 
Date:   Fri Dec 21 10:32:26 2018 -0500

Revert "pluto: emit_v2N's "critical" parameter since it was identical in 
each call"
This reverts commit 731aaeee4199340b6aaf42eab5fa56b7919cde0f.

Paul: eventually this parameter will be exploited

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit a2b6a07a5200a0e5dc4bfd400c834e662b98e0cc
Author: D. Hugh Redelmeier 
Date:   Fri Dec 21 10:55:21 2018 -0500

pluto: plug a leak in ikev2_parent_inI2outR2_id_tail()

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit 60505257ae2d788ccd5ee66eb481712ed5596ca2
Author: D. Hugh Redelmeier 
Date:   Fri Dec 21 11:41:50 2018 -0500

pluto: get rid of a scope in ikev2_parent_inR1outI2_tail

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit

[Swan-commit] Changes to ref refs/heads/master

[D. Hugh Redelmeier]

New commits:
commit e01b644c1cc518696512a26dd8288ea9d61e55ad
Author: D. Hugh Redelmeier 
Date:   Wed Dec 5 11:24:59 2018 -0500

clarify interface to several event-deletion functions

Each deals with a pointer to a pointer to the event.

If the pointer to the event is NULL, the function does nothing.  This
is considered normal and boring: no logging is performed.  So callers
need not check for this case.  This was true for some functions but
not all functions and it was not documented

The pointer to the event is set to NULL by the deletion routine.
This eliminates a dangling pointer.  Previously this was usually true
but not always and was not documented.

If the event pointer is not NULL, it must point to a known event.
On pain of assertion failure.

Simplify callers by exploiting these interface changes.

Simplify find_ifaces().

Inline unlink_pluto_event().

const added; spelling fixed.

___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit