diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-08-23 20:25:09 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-08-23 20:25:09 +0000 |
commit | eed3bb6c48563b865be5560448577e7cfe4ce443 (patch) | |
tree | a35911c5b0d26edcb0da52cc166e5b7be1e3d383 /programs | |
parent | 3ad120037ad5203580a68f3cafbb2664071fb654 (diff) | |
download | vyos-strongswan-eed3bb6c48563b865be5560448577e7cfe4ce443.tar.gz vyos-strongswan-eed3bb6c48563b865be5560448577e7cfe4ce443.zip |
- Updated to new upstream version.
Diffstat (limited to 'programs')
-rw-r--r-- | programs/Makefile.program | 4 | ||||
-rw-r--r-- | programs/pluto/Makefile | 6 | ||||
-rw-r--r-- | programs/pluto/alg_info.c | 10 | ||||
-rw-r--r-- | programs/pluto/connections.c | 11 | ||||
-rw-r--r-- | programs/pluto/keys.c | 10 | ||||
-rw-r--r-- | programs/pluto/vendor.c | 6 | ||||
-rw-r--r-- | programs/pluto/vendor.h | 4 |
7 files changed, 32 insertions, 19 deletions
diff --git a/programs/Makefile.program b/programs/Makefile.program index 6868c258a..14d2d8269 100644 --- a/programs/Makefile.program +++ b/programs/Makefile.program @@ -22,6 +22,10 @@ endif #CFLAGS+= ${WERROR} +ifeq ($(USE_NAT_TRAVERSAL),true) + CFLAGS+= -DNAT_TRAVERSAL +endif + ifneq ($(LD_LIBRARY_PATH),) LDFLAGS=-L$(LD_LIBRARY_PATH) endif diff --git a/programs/pluto/Makefile b/programs/pluto/Makefile index 515b3fac0..908060038 100644 --- a/programs/pluto/Makefile +++ b/programs/pluto/Makefile @@ -12,7 +12,7 @@ # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # -# RCSID $Id: Makefile,v 1.44 2006/01/25 17:22:19 as Exp $ +# RCSID $Id: Makefile,v 1.45 2006/07/06 12:33:08 as Exp $ # relative path to top directory of FreeS/WAN source # Note: referenced in ${FREESWANSRCDIR}/Makefile.inc @@ -108,11 +108,11 @@ ifeq ($(USE_KERNEL26),true) endif ifeq ($(USE_NAT_TRAVERSAL),true) -NAT_DEFS=-DNAT_TRAVERSAL -DVIRTUAL_IP + NAT_DEFS=-DNAT_TRAVERSAL -DVIRTUAL_IP endif ifeq ($(USE_NAT_TRAVERSAL_TRANSPORT_MODE),true) -NAT_DEFS+=-DI_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT + NAT_DEFS+=-DI_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT endif DEFINES = $(EXTRA_DEFINES) \ diff --git a/programs/pluto/alg_info.c b/programs/pluto/alg_info.c index 4ac7f2ca9..af2753312 100644 --- a/programs/pluto/alg_info.c +++ b/programs/pluto/alg_info.c @@ -2,7 +2,7 @@ * Algorithm info parsing and creation functions * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> * - * $Id: alg_info.c,v 1.5 2004/09/29 22:42:49 as Exp $ + * $Id: alg_info.c,v 1.6 2006/08/03 10:18:21 as Exp $ * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -192,6 +192,10 @@ aalg_getbyname_esp(const char *const str, int len) if (!str || !*str) return -1; + /* interpret 'SHA' as 'SHA1' */ + if (strncasecmp("SHA", str, len) == 0) + return enum_search(&auth_alg_names, "AUTH_ALGORITHM_HMAC_SHA1"); + ret = enum_search_prefix(&auth_alg_names,"AUTH_ALGORITHM_HMAC_", str ,len); if (ret >= 0) return ret; @@ -337,6 +341,10 @@ aalg_getbyname_ike(const char *const str, int len) if (!str || !*str) return -1; + /* interpret 'SHA1' as 'SHA' */ + if (strncasecmp("SHA1", str, len) == 0) + return enum_search(&oakley_hash_names, "OAKLEY_SHA"); + ret = enum_search_prefix(&oakley_hash_names,"OAKLEY_", str, len); if (ret >= 0) return ret; diff --git a/programs/pluto/connections.c b/programs/pluto/connections.c index 6cf6a6a8b..8bd3ed49b 100644 --- a/programs/pluto/connections.c +++ b/programs/pluto/connections.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: connections.c,v 1.43 2006/04/29 18:16:02 as Exp $ + * RCSID $Id: connections.c,v 1.44 2006/07/06 19:20:09 as Exp $ */ #include <string.h> @@ -116,7 +116,8 @@ find_host_pair(const ip_address *myaddr, u_int16_t myport hisaddr = aftoinfo(addrtypeof(myaddr))->any; #ifdef NAT_TRAVERSAL - if (nat_traversal_enabled) { + if (nat_traversal_enabled) + { /** * port is not relevant in host_pair. with nat_traversal we * always use pluto_port (500) @@ -151,9 +152,11 @@ find_host_pair_connections(const ip_address *myaddr, u_int16_t myport struct host_pair *hp = find_host_pair(myaddr, myport, hisaddr, hisport); #ifdef NAT_TRAVERSAL - if (nat_traversal_enabled && hp && hisaddr) { + if (nat_traversal_enabled && hp && hisaddr) + { struct connection *c; - for (c = hp->connections; c != NULL; c = c->hp_next) { + for (c = hp->connections; c != NULL; c = c->hp_next) + { if ((c->spd.this.host_port==myport) && (c->spd.that.host_port==hisport)) return c; } diff --git a/programs/pluto/keys.c b/programs/pluto/keys.c index 21092383a..55d13282c 100644 --- a/programs/pluto/keys.c +++ b/programs/pluto/keys.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: keys.c,v 1.24 2006/01/27 08:59:40 as Exp $ + * RCSID $Id: keys.c,v 1.25 2006/07/06 19:23:28 as Exp $ */ #include <stddef.h> @@ -55,11 +55,6 @@ #include "timer.h" #include "fetch.h" -#ifdef NAT_TRAVERSAL -#define PB_STREAM_UNDEFINED -#include "nat_traversal.h" -#endif - const char *shared_secrets_file = SHARED_SECRETS_FILE; typedef struct id_list id_list_t; @@ -186,9 +181,8 @@ get_secret(const struct connection *c, enum PrivateKeyKind kind, bool asym) his_id = &rw_id; } #ifdef NAT_TRAVERSAL - else if (nat_traversal_enabled + else if (kind == PPK_PSK && (c->policy & POLICY_PSK) - && kind == PPK_PSK && ((c->kind == CK_TEMPLATE && c->spd.that.id.kind == ID_NONE) || (c->kind == CK_INSTANCE && id_is_ipaddr(&c->spd.that.id)))) { diff --git a/programs/pluto/vendor.c b/programs/pluto/vendor.c index 3a8ac15a9..a51971cde 100644 --- a/programs/pluto/vendor.c +++ b/programs/pluto/vendor.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: vendor.c,v 1.38 2006/06/04 09:42:35 as Exp $ + * RCSID $Id: vendor.c,v 1.39 2006/07/06 12:32:41 as Exp $ */ #include <stdlib.h> @@ -200,8 +200,10 @@ static struct vid_struct _vid_tab[] = { */ DEC_MD5_VID(STRONGSWAN_4_0_0, "strongSwan 4.0.0") DEC_MD5_VID(STRONGSWAN_4_0_1, "strongSwan 4.0.1") + DEC_MD5_VID(STRONGSWAN_4_0_1, "strongSwan 4.0.2") - DEC_MD5_VID(STRONGSWAN, "strongSwan 2.7.2") + DEC_MD5_VID(STRONGSWAN, "strongSwan 2.7.3") + DEC_MD5_VID(STRONGSWAN_2_7_2, "strongSwan 2.7.2") DEC_MD5_VID(STRONGSWAN_2_7_1, "strongSwan 2.7.1") DEC_MD5_VID(STRONGSWAN_2_7_0, "strongSwan 2.7.0") DEC_MD5_VID(STRONGSWAN_2_6_4, "strongSwan 2.6.4") diff --git a/programs/pluto/vendor.h b/programs/pluto/vendor.h index e0c3a5f30..c4ed6d294 100644 --- a/programs/pluto/vendor.h +++ b/programs/pluto/vendor.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: vendor.h,v 1.33 2006/06/04 09:42:35 as Exp $ + * RCSID $Id: vendor.h,v 1.34 2006/07/06 12:32:41 as Exp $ */ #ifndef _VENDOR_H_ @@ -78,9 +78,11 @@ enum known_vendorid { VID_STRONGSWAN_2_6_4 = 57, VID_STRONGSWAN_2_7_0 = 58, VID_STRONGSWAN_2_7_1 = 59, + VID_STRONGSWAN_2_7_2 = 60, VID_STRONGSWAN_4_0_0 = 70, VID_STRONGSWAN_4_0_1 = 71, + VID_STRONGSWAN_4_0_2 = 72, /* 101 - 200 : NAT-Traversal */ VID_NATT_STENBERG_01 =101, |