diff -Naur libreswan-3.23-orig/programs/pluto/kernel_netlink.c libreswan-3.23/programs/pluto/kernel_netlink.c --- libreswan-3.23-orig/programs/pluto/kernel_netlink.c 2018-01-25 15:19:46.000000000 -0500 +++ libreswan-3.23/programs/pluto/kernel_netlink.c 2018-02-19 18:56:24.433527475 -0500 @@ -51,8 +51,9 @@ #include #include -#include "libreswan.h" /* before xfrm.h otherwise break on F22 */ +//#include #include "linux/xfrm.h" /* local (if configured) or system copy */ +#include "libreswan.h" /* before xfrm.h otherwise break on F22 */ #include "libreswan/pfkeyv2.h" #include "libreswan/pfkey.h" diff -Naur libreswan-3.23-orig/programs/pluto/linux_audit.c libreswan-3.23/programs/pluto/linux_audit.c --- libreswan-3.23-orig/programs/pluto/linux_audit.c 2018-01-25 15:19:46.000000000 -0500 +++ libreswan-3.23/programs/pluto/linux_audit.c 2018-02-19 18:58:51.356837932 -0500 @@ -74,6 +74,15 @@ #include "pluto_stats.h" +#if __GNUC__ >= 7 + /* + * GCC 7+ warns about the following calls that truncate a string using + * snprintf(). We are truncating the log message for a reason. + */ +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wformat-truncation" +#endif + static bool log_to_audit = FALSE; /* audit log messages for kernel */ void linux_audit_init(void) @@ -159,13 +168,13 @@ char raddr[ADDRTOT_BUF]; char laddr[ADDRTOT_BUF]; char audit_str[AUDIT_LOG_SIZE]; - char cipher_str[AUDIT_LOG_SIZE]; - char spi_str[AUDIT_LOG_SIZE]; + char cipher_str[20]; + char spi_str[20]; struct connection *const c = st->st_connection; bool initiator = FALSE; char head[IDTOA_BUF]; - char integname[IDTOA_BUF]; - char prfname[IDTOA_BUF]; + char integname[20]; + char prfname[20]; struct esb_buf esb, esb2; /* we need to free() this */ char *conn_encode = audit_encode_nv_string("conn-name",c->name,0); @@ -300,3 +309,6 @@ AUDIT_CRYPTO_IPSEC_SA : AUDIT_CRYPTO_IKE_SA, audit_str, raddr, AUDIT_RESULT_OK); } +#if __GNUC__ >= 7 +#pragma GCC diagnostic pop +#endif diff -Naur libreswan-3.23-orig/programs/pluto/log.h libreswan-3.23/programs/pluto/log.h --- libreswan-3.23-orig/programs/pluto/log.h 2018-01-25 15:19:46.000000000 -0500 +++ libreswan-3.23/programs/pluto/log.h 2018-02-19 18:56:24.433527475 -0500 @@ -154,7 +154,7 @@ #ifdef USE_LINUX_AUDIT #include /* from audit-libs devel */ -#define AUDIT_LOG_SIZE 256 +#define AUDIT_LOG_SIZE 512 /* should really be in libaudit.h */ #define AUDIT_RESULT_FAIL 0 #define AUDIT_RESULT_OK 1 diff -Naur libreswan-3.23-orig/programs/pluto/pluto_constants.c libreswan-3.23/programs/pluto/pluto_constants.c --- libreswan-3.23-orig/programs/pluto/pluto_constants.c 2018-01-25 15:19:46.000000000 -0500 +++ libreswan-3.23/programs/pluto/pluto_constants.c 2018-02-19 18:56:24.434527471 -0500 @@ -478,7 +478,7 @@ policy & ~(POLICY_SHUNT_MASK | POLICY_FAIL_MASK), pbitnamesbuf, sizeof(pbitnamesbuf)); - static char buf[200]; /* NOT RE-ENTRANT! I hope that it is big enough! */ + static char buf[512]; /* NOT RE-ENTRANT! I hope that it is big enough! */ lset_t shunt = (policy & POLICY_SHUNT_MASK) >> POLICY_SHUNT_SHIFT; lset_t fail = (policy & POLICY_FAIL_MASK) >> POLICY_FAIL_SHIFT;