From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Mon, 5 Oct 2020 19:43:44 +0000 (+0200)
Subject: Version bump to 5.9.1dr1
X-Git-Tag: 5.9.1dr1^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3d96b7bc9e239da3feea2a430b31ab12ce48641;p=thirdparty%2Fstrongswan.git

Version bump to 5.9.1dr1
---

diff --git a/NEWS b/NEWS
index a7fe72488e..f284dfb13c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,10 @@
+strongswan-5.9.1
+----------------
+
+- Remote attestation via TNC: Support of SHA-256 based TPM 2.0 BIOS measurements
+  introduced with the Linux 5.4 kernel.
+
+
 strongswan-5.9.0
 ----------------
 
diff --git a/configure.ac b/configure.ac
index 5aa3c6e68e..3319e06479 100644
--- a/configure.ac
+++ b/configure.ac
@@ -19,7 +19,7 @@
 #  initialize & set some vars
 # ============================
 
-AC_INIT([strongSwan],[5.9.0])
+AC_INIT([strongSwan],[5.9.1dr1])
 AM_INIT_AUTOMAKE(m4_esyscmd([
 	echo tar-ustar
 	echo subdir-objects
diff --git a/src/libimcv/imc/imc_os_info.c b/src/libimcv/imc/imc_os_info.c
index cc23bb2503..13f6d93f3a 100644
--- a/src/libimcv/imc/imc_os_info.c
+++ b/src/libimcv/imc/imc_os_info.c
@@ -487,7 +487,13 @@ static bool extract_platform_info(os_type_t *type, chunk_t *name,
 				os_type = OS_TYPE_DEBIAN;
 
 				os_version.ptr = buf;
-				pos = strchr(buf, '\n');
+
+				/* extract major release number only */
+				pos = strchr(buf, '.');
+				if (!pos)
+				{
+					pos = strchr(buf, '\n');
+				}
 				if (!pos)
 				{
 					DBG1(DBG_PTS, "failed to find end of release string");
diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql
index c5e44a8e53..5220a82a66 100644
--- a/src/libimcv/imv/data.sql
+++ b/src/libimcv/imv/data.sql
@@ -601,7 +601,13 @@ INSERT INTO products (      /* 100 */
 INSERT INTO products (      /* 101 */
   name
 ) VALUES (
- 'Debian 10.5 x86_64'
+ 'Debian 9.13 x86_64'
+);
+
+INSERT INTO products (      /* 102 */
+  name
+) VALUES (
+ 'Debian 10 x86_64'
 );
 
 /* Directories */
@@ -1324,6 +1330,12 @@ INSERT INTO groups_product_defaults (
   5, 101
 );
 
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  5, 102
+);
+
 INSERT INTO groups_product_defaults (
   group_id, product_id
 ) VALUES (
diff --git a/testing/hosts/default/usr/local/bin/init_collector b/testing/hosts/default/usr/local/bin/init_collector
index df14628628..c9206fec9c 100755
--- a/testing/hosts/default/usr/local/bin/init_collector
+++ b/testing/hosts/default/usr/local/bin/init_collector
@@ -1,6 +1,6 @@
 #! /bin/sh
 
 cat /usr/local/share/strongswan/templates/database/sw-collector/sw_collector_tables.sql | sqlite3 /etc/db.d/collector.db
-sed -i "s:DEBIAN_VERSION:`cat /etc/debian_version`:" /etc/pts/collector.sql
+sed -i "s/DEBIAN_VERSION/10/" /etc/pts/collector.sql
 cat /etc/pts/collector.sql | sqlite3 /etc/db.d/collector.db
 LEAK_DETECTIVE_DISABLE=1 /usr/local/sbin/sw-collector
diff --git a/testing/testing.conf b/testing/testing.conf
index 1369c930f6..cb95d35d21 100644
--- a/testing/testing.conf
+++ b/testing/testing.conf
@@ -24,14 +24,14 @@ fi
 : ${TESTDIR=/srv/strongswan-testing}
 
 # Kernel configuration
-: ${KERNELVERSION=5.7.9}
+: ${KERNELVERSION=5.8.10}
 : ${KERNEL=linux-$KERNELVERSION}
 : ${KERNELTARBALL=$KERNEL.tar.xz}
-: ${KERNELCONFIG=$DIR/../config/kernel/config-5.7}
+: ${KERNELCONFIG=$DIR/../config/kernel/config-5.8}
 : ${KERNELPATCH=ha-5.0-abicompat.patch.bz2}
 
 # strongSwan version used in tests
-: ${SWANVERSION=5.9.0}
+: ${SWANVERSION=5.9.1dr1}
 
 # Build directory where the guest kernel and images will be built
 : ${BUILDDIR=$TESTDIR/build}
diff --git a/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat b/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat
index f685f6c1dd..54da736b02 100644
--- a/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-ev-pt-tls/pretest.dat
@@ -7,7 +7,7 @@ carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 dave::cat /etc/tnc_config
 alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+alice::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
 alice::/usr/local/bin/init_tnc
diff --git a/testing/tests/tnc/tnccs-20-os-pts/pretest.dat b/testing/tests/tnc/tnccs-20-os-pts/pretest.dat
index 43e109731e..5d002b793c 100644
--- a/testing/tests/tnc/tnccs-20-os-pts/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-os-pts/pretest.dat
@@ -3,7 +3,7 @@ carol::iptables-restore < /etc/iptables.rules
 dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config
diff --git a/testing/tests/tnc/tnccs-20-os/pretest.dat b/testing/tests/tnc/tnccs-20-os/pretest.dat
index c4ca538428..b98c41f2b4 100644
--- a/testing/tests/tnc/tnccs-20-os/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-os/pretest.dat
@@ -4,7 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 moon::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config
diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat
index 55206321a9..8c34c7e13e 100644
--- a/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat
@@ -13,7 +13,7 @@ dave::cat /etc/tnc_config
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+alice::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
 alice::/usr/local/bin/init_tnc
diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
index e3be3fe36d..1154006451 100644
--- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
@@ -7,7 +7,7 @@ carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
 dave::cat /etc/tnc_config
 alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
-alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+alice::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
 alice::/usr/local/bin/init_tnc
diff --git a/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat b/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat
index 2579d091bd..5a539e3de4 100644
--- a/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pts-no-ecc/pretest.dat
@@ -3,7 +3,7 @@ carol::iptables-restore < /etc/iptables.rules
 dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config
diff --git a/testing/tests/tnc/tnccs-20-pts/pretest.dat b/testing/tests/tnc/tnccs-20-pts/pretest.dat
index 2579d091bd..5a539e3de4 100644
--- a/testing/tests/tnc/tnccs-20-pts/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pts/pretest.dat
@@ -3,7 +3,7 @@ carol::iptables-restore < /etc/iptables.rules
 dave::iptables-restore < /etc/iptables.rules
 carol::echo 0 > /proc/sys/net/ipv4/ip_forward
 dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
+moon::sed -i "s/DEBIAN_VERSION/10/" /etc/pts/data1.sql
 moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config