Version bump to 5.9.1dr1

diff --git a/NEWS b/NEWS
index a7fe72488e613f53ae79e32585ca0a063ca50fd4..f284dfb13cdf345e64cfcd479c128c6299fd9e6b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,10 @@
+strongswan-5.9.1
+----------------
+
+- Remote attestation via TNC: Support of SHA-256 based TPM 2.0 BIOS measurements
+  introduced with the Linux 5.4 kernel.
+
+
 strongswan-5.9.0
 ----------------
 

diff --git a/configure.ac b/configure.ac
index 5aa3c6e68e3e556d39a6f99f1de89da47d6cb41a..3319e0647926d35f9ef3e03fc1d054a437edbe16 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -19,7 +19,7 @@
 #  initialize & set some vars
 # ============================
 
-AC_INIT([strongSwan],[5.9.0])
+AC_INIT([strongSwan],[5.9.1dr1])
 AM_INIT_AUTOMAKE(m4_esyscmd([
        echo tar-ustar
        echo subdir-objects

diff --git a/src/libimcv/imc/imc_os_info.c b/src/libimcv/imc/imc_os_info.c
index cc23bb2503246903e522769ad5dbd75602e9f51f..13f6d93f3af53d92f0a476c585d222dc5bca9dad 100644 (file)
--- a/src/libimcv/imc/imc_os_info.c
+++ b/src/libimcv/imc/imc_os_info.c
@@ -487,7 +487,13 @@ static bool extract_platform_info(os_type_t *type, chunk_t *name,
                                os_type = OS_TYPE_DEBIAN;
 
                                os_version.ptr = buf;
-                               pos = strchr(buf, '\n');
+
+                               /* extract major release number only */
+                               pos = strchr(buf, '.');
+                               if (!pos)
+                               {
+                                       pos = strchr(buf, '\n');
+                               }
                                if (!pos)
                                {
                                        DBG1(DBG_PTS, "failed to find end of release string");

diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql
index c5e44a8e53635c6634033a6e36db5cae93c9c6d4..5220a82a66eeb57176923ed4d48d027de7a441b9 100644 (file)
--- a/src/libimcv/imv/data.sql
+++ b/src/libimcv/imv/data.sql
@@ -601,7 +601,13 @@ INSERT INTO products (      /* 100 */
 INSERT INTO products (      /* 101 */
   name
 ) VALUES (
- 'Debian 10.5 x86_64'
+ 'Debian 9.13 x86_64'
+);
+
+INSERT INTO products (      /* 102 */
+  name
+) VALUES (
+ 'Debian 10 x86_64'
 );
 
 /* Directories */
@@ -1324,6 +1330,12 @@ INSERT INTO groups_product_defaults (
   5, 101
 );
 
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  5, 102
+);
+
 INSERT INTO groups_product_defaults (
   group_id, product_id
 ) VALUES (

diff --git a/testing/hosts/default/usr/local/bin/init_collector b/testing/hosts/default/usr/local/bin/init_collector
index df1462862828e6fe6005f120223056b861b9d8bd..c9206fec9c01e41fd51ad821cb14c1b086bfa7e6 100755 (executable)
--- a/testing/hosts/default/usr/local/bin/init_collector
+++ b/testing/hosts/default/usr/local/bin/init_collector
@@ -1,6 +1,6 @@
 #! /bin/sh
 
 cat /usr/local/share/strongswan/templates/database/sw-collector/sw_collector_tables.sql | sqlite3 /etc/db.d/collector.db
-sed -i "s:DEBIAN_VERSION:`cat /etc/debian_version`:" /etc/pts/collector.sql
+sed -i "s/DEBIAN_VERSION/10/" /etc/pts/collector.sql
 cat /etc/pts/collector.sql | sqlite3 /etc/db.d/collector.db
 LEAK_DETECTIVE_DISABLE=1 /usr/local/sbin/sw-collector

diff --git a/testing/testing.conf b/testing/testing.conf
index 1369c930f6fcb632c9f3d3ceb868ac5877724c87..cb95d35d21c46dcba1b357fb7df596df29bcf740 100644 (file)
--- a/testing/testing.conf
+++ b/testing/testing.conf
@@ -24,14 +24,14 @@ fi
 : ${TESTDIR=/srv/strongswan-testing}
 
 # Kernel configuration
-: ${KERNELVERSION=5.7.9}
+: ${KERNELVERSION=5.8.10}
 : ${KERNEL=linux-$KERNELVERSION}
 : ${KERNELTARBALL=$KERNEL.tar.xz}
-: ${KERNELCONFIG=$DIR/../config/kernel/config-5.7}
+: ${KERNELCONFIG=$DIR/../config/kernel/config-5.8}
 : ${KERNELPATCH=ha-5.0-abicompat.patch.bz2}
 
 # strongSwan version used in tests
-: ${SWANVERSION=5.9.0}
+: ${SWANVERSION=5.9.1dr1}
 
 # Build directory where the guest kernel and images will be built
 : ${BUILDDIR=$TESTDIR/build}

diff --git a/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat b/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat
index f685f6c1dd74413bf207d1214a7b44f33c45eb0b..54da736b02a88a7fbb2d1947d30705794c33fe1d 100644 (file)
--- a/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat
@@ -7,7 +7,7 @@ carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 dave::cat /etc/tnc_config
 alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+alice::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
 alice::/usr/local/bin/init_tnc

diff --git a/testing/tests/tnc/tnccs-20-os-pts/pretest.dat b/testing/tests/tnc/tnccs-20-os-pts/pretest.dat
index 43e109731e9833a0f08fe46fdce0cff53bd77d88..5d002b793cbb7d63cead15dcf5ceeef54ed3d56c 100644 (file)
--- a/testing/tests/tnc/tnccs-20-os-pts/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-os-pts/pretest.dat
@@ -3,7 +3,7 @@ carol::iptables-restore < /etc/iptables.rules
 dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config

diff --git a/testing/tests/tnc/tnccs-20-os/pretest.dat b/testing/tests/tnc/tnccs-20-os/pretest.dat
index c4ca538428f689876b306d03c5742a563df38c8b..b98c41f2b40514cdfadc5a5ca0461b64438192d2 100644 (file)
--- a/testing/tests/tnc/tnccs-20-os/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-os/pretest.dat
@@ -4,7 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 moon::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config

diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat
index 55206321a9fb0cb3ee9ea5873ee1457ae0dcb6c0..8c34c7e13ef1f856fd8cef80ddb7460afb7ee7ac 100644 (file)
--- a/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat
@@ -13,7 +13,7 @@ dave::cat /etc/tnc_config
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+alice::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
 alice::/usr/local/bin/init_tnc

diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
index e3be3fe36d4f23fca430f89551059487658f0783..115400645151bbe19c92f8f80ea763b628d395fa 100644 (file)
--- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
@@ -7,7 +7,7 @@ carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 dave::cat /etc/tnc_config
 alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+alice::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
 alice::/usr/local/bin/init_tnc

diff --git a/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat b/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat
index 2579d091bd0f0d713955ae70f02a0f89be6949be..5a539e3de410b3c0f5fccbd3bb09ff1a9ccd0834 100644 (file)
--- a/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat
@@ -3,7 +3,7 @@ carol::iptables-restore < /etc/iptables.rules
 dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config

diff --git a/testing/tests/tnc/tnccs-20-pts/pretest.dat b/testing/tests/tnc/tnccs-20-pts/pretest.dat
index 2579d091bd0f0d713955ae70f02a0f89be6949be..5a539e3de410b3c0f5fccbd3bb09ff1a9ccd0834 100644 (file)
--- a/testing/tests/tnc/tnccs-20-pts/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pts/pretest.dat
@@ -3,7 +3,7 @@ carol::iptables-restore < /etc/iptables.rules
 dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config