chiark / gitweb /
Ian Jackson [Sat, 23 Nov 2019 23:41:19 +0000 (23:41 +0000)]
privcache: Remove some spurious \n in messages
I really oughtn't to have done this, but there is much code in secnet
which sets a bad example.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 19:13:13 +0000 (19:13 +0000)]
privcache: Better debug
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 8 Oct 2019 16:22:49 +0000 (17:22 +0100)]
privcache: Use new pathprefix_template facility
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 29 Sep 2019 13:21:19 +0000 (14:21 +0100)]
privcache: New closure for signature key handling
This will be used by site.c, when it needs to load a key to make a
signature as demanded by the peer.
This commit introduces 5 spurious \n's in messages.
It also introduces a few ` = ' style errors.
These will be removed later.
No callers yet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 8 Oct 2019 14:45:50 +0000 (15:45 +0100)]
util: pathprefix_template: New facility
We will use this for constructing public and private key filenames to
load.
No callers yet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 29 Sep 2019 13:34:00 +0000 (14:34 +0100)]
sigscheme: Interface for signature schemes
There are no implementations yet. This is split out like this for
review of the api.
We use struct buffer_if to feed key data into the scheme, in both
cases. This will be convenient for implementations, The loadpub
caller will have the data from base91s, probably. The loadpriv caller
will have it from a file, but we read the file in the common code.
The API we are introducing now expects each private key buffer to be
fed to the sig schemes one by one until they it finds one that likes
it. This is in fact not necessary; it was needed in an earlier design
which does not otherwise survive in the published git history. This
rather suboptimal API will be changed later.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 29 Sep 2019 13:21:31 +0000 (14:21 +0100)]
sigpubkey/sigprivkey: Provide a dispose() method
This is needed allow the site code to load and unload keys
dynamically.
This is just the interface, with no implemntation and no callers,
split out like this for early review.
The two xxx's will be fixed rather later in
"rsa1: Provide dispose functions"
(but, obviously, before we add any callers).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 29 Sep 2019 12:58:02 +0000 (13:58 +0100)]
sigpubkey/sigprivkey: Provide a hash_if
Sometimes, the caller is going to want to hash things for themselves.
(Notably, site.c will want to hash the advertisements of public key
set updates.)
The hash to be used should be the one used by the signature scheme, as
that has the same security properties.
In rsa.c this moves the hash_if from common to ops, and it is now
convenient to abolish rsa_hash which is a pointless veneer over
hash_hash.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 8 Oct 2019 14:51:41 +0000 (15:51 +0100)]
sigkey handling: Introduce serialt type
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 29 Sep 2019 19:28:46 +0000 (20:28 +0100)]
sigkey handling: define MAX_SIG_KEYS
This is going to control the number of different public keys we will
use from a keyset, and also the number we will look at when listed as
acceptable by a relying peer.
No users yet in this commit, though.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 29 Sep 2019 19:27:30 +0000 (20:27 +0100)]
sigkey handling: Introduce sigkeyid type
We provide helper macros for use with printf.
The reference to pubkeys.fl.pl comment is to code which doesn't exist
yet but comes later.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 28 Nov 2019 13:57:44 +0000 (13:57 +0000)]
pubkey handling: Document key sets, id, etc. plan
None of this is implemented yet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Wed, 4 Dec 2019 21:55:15 +0000 (21:55 +0000)]
mtest/t-prefix: Drop redundant setting of seddery
This is in mtest/common.tcl already.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 19:52:43 +0000 (19:52 +0000)]
rsa: emsa_pkcs1: Fix a message
This function is called during verification too, so the message
shouldn't talk about signing.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 6 Oct 2019 22:34:33 +0000 (23:34 +0100)]
conffile: find_cl_if: fix fail_if_invalid==False
If the key was not found, this would segfault, so passing False didn't
work properly. Currently nothing does, so this bug is latent.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 8 Nov 2019 21:18:05 +0000 (21:18 +0000)]
make-secnet-sites: Tainted: Fix a lot of bad return values
This code had remnants of a previously intended calling convention,
where object return chaining would be used.
Unfortunately in the currently used calling style, we expect to get a
boolean back everywhere, where true meas `ok'. Returning `self' is
always treated as `ok' because it's trueish.
Luckily this doesn't cause actual security bugs because we always
return from all of the top-level entrypoints via ._rtn[val] which
checks the ._ok setting, which does properly track problems. So we
fail an assertion rather than printing a nice message. This is not
pretty but it is not a vulnerability.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 3 Dec 2019 22:10:08 +0000 (22:10 +0000)]
stest: Drop a redundant test
We were going to use this for key rollover tests etc. But in fact
we (much later in this series) will introduce new tests for the new
key loading arrangements. Actual key rollover will come *much* later
and there is little point having this placeholder in the meantime.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 13:42:50 +0000 (13:42 +0000)]
autogen.sh: Write a comment about need for autoheader
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 13:27:18 +0000 (13:27 +0000)]
configure.ac: Do not check for lack of standard headers
This makes configure rather faster.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 13:37:23 +0000 (13:37 +0000)]
configure.ac: Drop AC_STDC_HEADERS
This is obsolete, as the docs say:
AC_STDC_HEADERS
Replaced by 'AC_HEADER_STDC'
AC_HEADER_STDC
This macro is obsolescent, as current systems have conforming
header files. New programs need not use this macro.
Unfortunately dropping it is not properly effective because it's
implied by some other stuff. We are going to deal with that in a
moment.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 13:03:46 +0000 (13:03 +0000)]
configure.ac: Drop checks for systems lacking stdint.h
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 00:59:39 +0000 (00:59 +0000)]
stest: Check that received packet is as expected
It turns out that if secnet decides the link to the peer is too
broken, it loops outbound packets back to its host. Normally this is
not obvious, because the host naturally drops such packets.
But in stest we weren't actually looking at the incoming packets at
all, so we would treat this as success!
So, instead, match the start of the packet, including the source and
destination addresses and the icmp type. (This crude match will fail
if the reply contains any IP options, but the ping comes from the peer
secnet so it won't have.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 00:59:31 +0000 (00:59 +0000)]
stest: Decode the slip packets that come via fake netlink
This will allow us to do something more sophisticated with the packet
contents.
The only functional change right now is to ignore empty `packets'.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Mon, 25 Nov 2019 00:01:34 +0000 (00:01 +0000)]
stest: If one of our secnets dies, call the test a failure
This involves use of TclX's `signal' facility. In my tests it was
easy to make Tcl deadlock by doing too much work in the signal
handler. In particular reaping children is a bad idea. Also signals
are not blocked during the signal handler so it would have to be
reentrant.
Instead, use `after idle'. That is quite soon enough for the reap to
run, and in my tests with TclX 8.4 it all works properly.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:20:51 +0000 (22:20 +0000)]
stest: Use `finish' for success exits
vwait is a bit funny. This is better, and it also kills our child
secnets.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Mon, 25 Nov 2019 00:01:01 +0000 (00:01 +0000)]
stest: Kill our child secnets when we call finish
This stops them hanging around and, often, printing more stuff after
the test has actually failed.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Mon, 25 Nov 2019 00:00:30 +0000 (00:00 +0000)]
stest: Record the pids of of the secnets we spawn
Nothing uses this yet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 13:59:29 +0000 (13:59 +0000)]
stest: Replace the call to `exit 1' with a new proc `finish'
This is going to be used for success exits too, in a moment.
This will let us do more work when we are exiting.
The only change for now is some extra stderr output.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 00:38:01 +0000 (00:38 +0000)]
stest: Support not running secnet ourselves
Now the user can set SECNET_STEST_DIVERT_inside=1 (say) and instead of
actually running secnet, we print the rune we would run and ask the
user when they have started it.
A freshly started secnet (with this config, at least) just sits there
waiting for its first packet to deal with. So if the user does this
for the 2nd secnet, that's fine - the first one will happily wait
until the test actually gets going.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 00:37:35 +0000 (00:37 +0000)]
stest: Don't prefix ./ with another ./, in socktmp
Makes things slightly prettier.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 00:19:11 +0000 (00:19 +0000)]
stest: Print the special env vars we pass to secnet
We don't dump the whole environment, just selected bits.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 00:03:58 +0000 (00:03 +0000)]
stest: Print the secnet runes we run
We can't use prexec here because we aren't using exec at all.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:59:32 +0000 (23:59 +0000)]
tests, mtest: Provide and use `prexec' for helping with debugging
This prints the make-secnet-sites runes we are about to run.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 29 Nov 2019 23:37:01 +0000 (23:37 +0000)]
dir-locals: Provide python-indent-offset too
python-indent is obsolete since Emacs 24.3. It has been made into an
alias for python-indent-offset, but the alias is not marked safe as a
file variable. Specifying python-indent-offset should make this work
on all relevant versions of Emacs (at least in the default
configuration).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 19:13:46 +0000 (19:13 +0000)]
stest: Add debug logs
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 17:57:56 +0000 (17:57 +0000)]
stest: Use new `prefix' option.
This lets us distinguish output from our two secnets.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 17:50:46 +0000 (17:50 +0000)]
stest: Use stderr, not tty, for logging
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 17:57:46 +0000 (17:57 +0000)]
logfile: New `prefix' option.
This allows the config file to add a fixed string to log messages.
This will be useful in our test suite, which mixes up output from
two instances of secnet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 17:52:31 +0000 (17:52 +0000)]
logfile: Do not log differently with --nodetach
This is actually quite anoying. There is no good reason for leaving
off the timestamps in tests, or manual debugging, etc.
If at some point we want to support running under some kind of
log-capturing daemon supervisor which timestamps everything, we can
easily make this conditional again.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 17:51:04 +0000 (17:51 +0000)]
logfile: Remove redundant check for st->f
st->f is now always non-null. If no filename is specified, it is
stderr.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 17:50:28 +0000 (17:50 +0000)]
logfile: Log to stderr by default (`filename' key now optional)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 01:00:20 +0000 (01:00 +0000)]
secnet: Make stderr line buffered
This helps not interleave output in tests. We write output in lines,
so this is fine.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 3 Dec 2019 20:44:11 +0000 (20:44 +0000)]
test-example: Fix a dependency on Subdir.mk
This should be *this* directory's Subdir.mk.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 3 Dec 2019 20:42:36 +0000 (20:42 +0000)]
test-example: Replace a literal with $@
No functional change. This makes the command a bit more general.
At some much later point this will make a future commit simpler...
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 22:59:57 +0000 (22:59 +0000)]
comprehensive-test: Test that clean target works
We have to have a list of exceptions for the output of configure.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:50:21 +0000 (22:50 +0000)]
build system: Add some missing clean and cdeps hooks
Tested with
git-clean -nX | grep -v \*~ | grep -v '~$' | grep -v Makefile | grep -v '\.mk$'
We now clean, additionally,
.msgcode-test.d
.version.d
ipaddrset.confirm
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:48:40 +0000 (22:48 +0000)]
build system: Switch to using subdirmk's clean and cdeps
Even in the toplevel. This cleans some more things but doesn't fix
all the lack of clean bugs. Right now the effect is to remove
Subdir.mk.tmp and main.mk.tmp, if they exist.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 5 Dec 2019 01:48:04 +0000 (01:48 +0000)]
stest: Fix breakage if nproc is not installed
This needs to echo 1, not try to run it. The effect is a message on
stderr and passing `make -j'. That is actually mostly OK since we
have few tests right now...
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 15 Nov 2019 23:32:15 +0000 (23:32 +0000)]
build system, tests: Marginally speed some things up with -f
This avoids an additional redirection through the stub Makefiles.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 23:08:36 +0000 (23:08 +0000)]
comprehensive-test: Test the stest/ and mtest/ directories
Running these separately after make clean will help spot missing
dependencies.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 23:21:34 +0000 (23:21 +0000)]
pretest-to-tested: Script for helping run comprehensive-test
This runs it on every commit between tested and pretest, advancing
tested as it goes.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 6 Dec 2019 22:24:26 +0000 (22:24 +0000)]
comprehensive-test: new script
This does an in-tree build, and two out-of-tree builds, one absolute,
and one relative. It runs `make check' (not fullcheck, which is very
slow indeed).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 5 Dec 2019 02:21:56 +0000 (02:21 +0000)]
stest/udp-preload: Be more relaxed about paths
We would give ENAMETOOLONG if the specified path plus a maximal IPv6
address string wouldn't fit. But in practice we don't use IPv6
addresses which stringify to anything that long, and this imposes an
annoyingly short restriction on the length of the emulation socket
directory path (a restriction which is going to be not met in my own
working tree when I add more sophisticated tests).
Instead, pass the suffix string to sun_prep and do the length check on
the actual length. This means that addresses with short strings can
work, even if in principle addresses with long strings might fail.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 5 Dec 2019 02:15:45 +0000 (02:15 +0000)]
stest/udp-preload.c: Fix error handling of sun_prep
If sun_prep returned an error (eg, path too long), this would
segfault.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 29 Nov 2019 20:18:14 +0000 (20:18 +0000)]
build system: Cope if HEAD refers to a packed ref
In this case, there may be no corresponding .git/refs/<whatever>.
Simply tolerate this.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 7 Dec 2019 15:28:29 +0000 (15:28 +0000)]
subdirmk: Suppress MAKEFILE_TEMPLATES when running `make clean'
See the README hunk for the reasoning.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 7 Dec 2019 15:17:12 +0000 (15:17 +0000)]
subdirmk: break out subdirmk_target in generated Makefile
We are going to want to reuse this. Make it a simply-expanded make
variable rather than a perl variable, so that it only gets computed
once.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 3 Dec 2019 23:07:00 +0000 (23:07 +0000)]
subdirmk: stub Makefiles: filter out `all'
Otherwise `make all' generates this:
Makefile:3: target 'all' given more than once in the same rule
which is harmless but mildly irritating.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Mon, 25 Nov 2019 13:35:00 +0000 (13:35 +0000)]
Ian Jackson [Sun, 24 Nov 2019 22:45:07 +0000 (22:45 +0000)]
subdirmk: clean.sd.mk: Delete .*~ too (eg .gitignore~)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:45:07 +0000 (22:45 +0000)]
subdirmk: clean.sd.mk: Delete .*~ too (eg .gitignore~)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:44:36 +0000 (22:44 +0000)]
subdirmk: cdeps.sd.mk: Honour &CDEPS_OBJECTS
This makes this facility more flexible.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:44:36 +0000 (22:44 +0000)]
subdirmk: cdeps.sd.mk: Honour &CDEPS_OBJECTS
This makes this facility more flexible.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 22:08:45 +0000 (22:08 +0000)]
Ian Jackson [Sat, 23 Nov 2019 18:42:31 +0000 (18:42 +0000)]
subdirmk: Fix bug in regen.mk.in
Apparently, if you just write `;', make knows that the command can't
have done anything. It therefore concludes tha the target file cannot
have been updated and doesn't bother rereading it.
The result is that you end up using last run's makefiles.
Writing @: fixes this.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 23 Nov 2019 18:42:31 +0000 (18:42 +0000)]
subdirmk: Fix bug in regen.mk.in
Apparently, if you just write `;', make knows that the command can't
have done anything. It therefore concludes tha the target file cannot
have been updated and doesn't bother rereading it.
The result is that you end up using last run's makefiles.
Writing @: fixes this.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 24 Nov 2019 18:43:20 +0000 (18:43 +0000)]
Ian Jackson [Sun, 17 Nov 2019 01:26:26 +0000 (01:26 +0000)]
subdirmk: Change stub force target to `run-main.mk'
This produces significantly better error messages:
[some error from actual makefiles]
make[1]: Leaving directory '/home/ian/wherever'
Makefile:6: recipe for target 'run-main.mk' failed
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 17 Nov 2019 01:26:26 +0000 (01:26 +0000)]
subdirmk: Change stub force target to `run-main.mk'
This produces significantly better error messages:
[some error from actual makefiles]
make[1]: Leaving directory '/home/ian/wherever'
Makefile:6: recipe for target 'run-main.mk' failed
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 17 Nov 2019 01:21:51 +0000 (01:21 +0000)]
subdirmk: Fix bug when target in subdir exists
If you try to make a file that exists, the % rule doesn't seem to
match. But providing the dependency for all of $(MAKCMDGOALS)
works.
We have to mention `all' explicitly because it might not appear in
$(MAKECMDGOALS).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 17 Nov 2019 01:21:51 +0000 (01:21 +0000)]
subdirmk: Fix bug when target in subdir exists
If you try to make a file that exists, the % rule doesn't seem to
match. But providing the dependency for all of $(MAKCMDGOALS)
works.
We have to mention `all' explicitly because it might not appear in
$(MAKECMDGOALS).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:41:59 +0000 (23:41 +0000)]
changelog: start 0.5.2~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:13:24 +0000 (23:13 +0000)]
stest: Suppress a GCC warning (for stretch)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:10:09 +0000 (23:10 +0000)]
finalise 0.5.1
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:09:54 +0000 (23:09 +0000)]
make-secnet-sites: Add test for -P option
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:04:12 +0000 (23:04 +0000)]
make-secnet-sites: Actually fix -P option (!)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 23:04:00 +0000 (23:04 +0000)]
mtest: Provide for sedderyb
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 22:32:28 +0000 (22:32 +0000)]
Release checklist: mention Subdir.sd.mk
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 22:13:07 +0000 (22:13 +0000)]
changelog: Prepare 0.5.1 (more)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 21 Nov 2019 01:01:23 +0000 (01:01 +0000)]
changelog: Prepare 0.5.1
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 22 Nov 2019 22:30:32 +0000 (22:30 +0000)]
Ian Jackson [Tue, 19 Nov 2019 00:42:31 +0000 (00:42 +0000)]
build system: Add warning suppressions for GCC9
We suppress 4 instances like:
udp.c:113:45: error: increment of a boolean expression [-Werror=bool-operation]
113 | if (us->experienced[!!dest][af][success]++)
| ^~
This is a very convenient idiom (using the saturating property of
boolean addition) and there is no sensible replacement.
And we suppress 6 instances like:
tun.c:322:6: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
322 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
All write to ifr_name. strncpy is precisely right for this, since the
API supports non-null-terminated names of length IFNAMSIZ. That is
why I used strncpy.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 19 Nov 2019 01:16:29 +0000 (01:16 +0000)]
polypath.c: Fix a compiler warning
polypath.c:520:20: error: '*' in boolean context, suggest '&&' instead [-Werror=int-in-bool-context]
520 | *allreasonable *= reasonable;
| ^~
This is not really a very helpful suggstion because there is no &&=.
Happily the compiler doesn't (currently) complain about &= which is
the same when both arguments are bools.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 19 Nov 2019 01:03:44 +0000 (01:03 +0000)]
make-secnet-sites: sort the properties in level.output_props
This makes the test suite less sensitive to python version.
Now it works with 2.7.13, 3.5.3,, 3.7.5.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 19 Nov 2019 00:54:58 +0000 (00:54 +0000)]
make-secnet-sites: sort the properties
This makes the test suite less sensitive to python version.
Now it works with 2.7.13, 3.5.3.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 19 Nov 2019 00:51:10 +0000 (00:51 +0000)]
mtest: diff: Write output files and seddery rune
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 19 Nov 2019 00:49:54 +0000 (00:49 +0000)]
tests: Introduce `diff' proc
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 19 Nov 2019 01:04:47 +0000 (01:04 +0000)]
build system: tests: Add missing standard clean
We want (i) recursion from the parent (ii) automatic cleaning of
&CLEAN (which is set by cdeps.sd.mk, amongst other things).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 15 Nov 2019 22:59:58 +0000 (22:59 +0000)]
build system: Drop `check' from `all'
Otherwise there's no way to make everything but not run tets.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 15 Nov 2019 22:56:34 +0000 (22:56 +0000)]
build system: Do always regenerate version.o
We make two changes which affect only the litle recursive make of
version.o. We only build version.o in the little sub-make when
relinking and then we want to always do it. So the setting of OBJECTS
is pointless, and instead we make version.c depend on FORCE.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Fri, 15 Nov 2019 22:37:12 +0000 (22:37 +0000)]
build system: Fix nits following switch to subdirmk
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 20:23:27 +0000 (20:23 +0000)]
Docs: Fix some leftover ; and ,
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:45:50 +0000 (19:45 +0000)]
subdirmk: Docs, go back to ^ and ~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:45:50 +0000 (19:45 +0000)]
subdirmk: Docs, go back to ^ and ~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:40:59 +0000 (19:40 +0000)]
subdirmk: Go back to ^ and ~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:40:59 +0000 (19:40 +0000)]
subdirmk: Go back to ^ and ~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:36:39 +0000 (19:36 +0000)]
subdirmk: Implement new syntax
But I plan to go back to ^ and ~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:36:39 +0000 (19:36 +0000)]
subdirmk: Implement new syntax
But I plan to go back to ^ and ~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 14 Nov 2019 19:02:07 +0000 (19:02 +0000)]
Ian Jackson [Thu, 14 Nov 2019 15:43:14 +0000 (15:43 +0000)]
docs: Discuss variable settings and inclusion order
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
~ian / secnet.git / log