summaryrefslogtreecommitdiff
path: root/programs
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2006-08-23 20:25:09 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2006-08-23 20:25:09 +0000
commiteed3bb6c48563b865be5560448577e7cfe4ce443 (patch)
treea35911c5b0d26edcb0da52cc166e5b7be1e3d383 /programs
parent3ad120037ad5203580a68f3cafbb2664071fb654 (diff)
downloadvyos-strongswan-eed3bb6c48563b865be5560448577e7cfe4ce443.tar.gz
vyos-strongswan-eed3bb6c48563b865be5560448577e7cfe4ce443.zip
- Updated to new upstream version.
Diffstat (limited to 'programs')
-rw-r--r--programs/Makefile.program4
-rw-r--r--programs/pluto/Makefile6
-rw-r--r--programs/pluto/alg_info.c10
-rw-r--r--programs/pluto/connections.c11
-rw-r--r--programs/pluto/keys.c10
-rw-r--r--programs/pluto/vendor.c6
-rw-r--r--programs/pluto/vendor.h4
7 files changed, 32 insertions, 19 deletions
diff --git a/programs/Makefile.program b/programs/Makefile.program
index 6868c258a..14d2d8269 100644
--- a/programs/Makefile.program
+++ b/programs/Makefile.program
@@ -22,6 +22,10 @@ endif
#CFLAGS+= ${WERROR}
+ifeq ($(USE_NAT_TRAVERSAL),true)
+ CFLAGS+= -DNAT_TRAVERSAL
+endif
+
ifneq ($(LD_LIBRARY_PATH),)
LDFLAGS=-L$(LD_LIBRARY_PATH)
endif
diff --git a/programs/pluto/Makefile b/programs/pluto/Makefile
index 515b3fac0..908060038 100644
--- a/programs/pluto/Makefile
+++ b/programs/pluto/Makefile
@@ -12,7 +12,7 @@
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
-# RCSID $Id: Makefile,v 1.44 2006/01/25 17:22:19 as Exp $
+# RCSID $Id: Makefile,v 1.45 2006/07/06 12:33:08 as Exp $
# relative path to top directory of FreeS/WAN source
# Note: referenced in ${FREESWANSRCDIR}/Makefile.inc
@@ -108,11 +108,11 @@ ifeq ($(USE_KERNEL26),true)
endif
ifeq ($(USE_NAT_TRAVERSAL),true)
-NAT_DEFS=-DNAT_TRAVERSAL -DVIRTUAL_IP
+ NAT_DEFS=-DNAT_TRAVERSAL -DVIRTUAL_IP
endif
ifeq ($(USE_NAT_TRAVERSAL_TRANSPORT_MODE),true)
-NAT_DEFS+=-DI_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT
+ NAT_DEFS+=-DI_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT
endif
DEFINES = $(EXTRA_DEFINES) \
diff --git a/programs/pluto/alg_info.c b/programs/pluto/alg_info.c
index 4ac7f2ca9..af2753312 100644
--- a/programs/pluto/alg_info.c
+++ b/programs/pluto/alg_info.c
@@ -2,7 +2,7 @@
* Algorithm info parsing and creation functions
* Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
*
- * $Id: alg_info.c,v 1.5 2004/09/29 22:42:49 as Exp $
+ * $Id: alg_info.c,v 1.6 2006/08/03 10:18:21 as Exp $
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -192,6 +192,10 @@ aalg_getbyname_esp(const char *const str, int len)
if (!str || !*str)
return -1;
+ /* interpret 'SHA' as 'SHA1' */
+ if (strncasecmp("SHA", str, len) == 0)
+ return enum_search(&auth_alg_names, "AUTH_ALGORITHM_HMAC_SHA1");
+
ret = enum_search_prefix(&auth_alg_names,"AUTH_ALGORITHM_HMAC_", str ,len);
if (ret >= 0)
return ret;
@@ -337,6 +341,10 @@ aalg_getbyname_ike(const char *const str, int len)
if (!str || !*str)
return -1;
+ /* interpret 'SHA1' as 'SHA' */
+ if (strncasecmp("SHA1", str, len) == 0)
+ return enum_search(&oakley_hash_names, "OAKLEY_SHA");
+
ret = enum_search_prefix(&oakley_hash_names,"OAKLEY_", str, len);
if (ret >= 0)
return ret;
diff --git a/programs/pluto/connections.c b/programs/pluto/connections.c
index 6cf6a6a8b..8bd3ed49b 100644
--- a/programs/pluto/connections.c
+++ b/programs/pluto/connections.c
@@ -11,7 +11,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * RCSID $Id: connections.c,v 1.43 2006/04/29 18:16:02 as Exp $
+ * RCSID $Id: connections.c,v 1.44 2006/07/06 19:20:09 as Exp $
*/
#include <string.h>
@@ -116,7 +116,8 @@ find_host_pair(const ip_address *myaddr, u_int16_t myport
hisaddr = aftoinfo(addrtypeof(myaddr))->any;
#ifdef NAT_TRAVERSAL
- if (nat_traversal_enabled) {
+ if (nat_traversal_enabled)
+ {
/**
* port is not relevant in host_pair. with nat_traversal we
* always use pluto_port (500)
@@ -151,9 +152,11 @@ find_host_pair_connections(const ip_address *myaddr, u_int16_t myport
struct host_pair *hp = find_host_pair(myaddr, myport, hisaddr, hisport);
#ifdef NAT_TRAVERSAL
- if (nat_traversal_enabled && hp && hisaddr) {
+ if (nat_traversal_enabled && hp && hisaddr)
+ {
struct connection *c;
- for (c = hp->connections; c != NULL; c = c->hp_next) {
+ for (c = hp->connections; c != NULL; c = c->hp_next)
+ {
if ((c->spd.this.host_port==myport) && (c->spd.that.host_port==hisport))
return c;
}
diff --git a/programs/pluto/keys.c b/programs/pluto/keys.c
index 21092383a..55d13282c 100644
--- a/programs/pluto/keys.c
+++ b/programs/pluto/keys.c
@@ -11,7 +11,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * RCSID $Id: keys.c,v 1.24 2006/01/27 08:59:40 as Exp $
+ * RCSID $Id: keys.c,v 1.25 2006/07/06 19:23:28 as Exp $
*/
#include <stddef.h>
@@ -55,11 +55,6 @@
#include "timer.h"
#include "fetch.h"
-#ifdef NAT_TRAVERSAL
-#define PB_STREAM_UNDEFINED
-#include "nat_traversal.h"
-#endif
-
const char *shared_secrets_file = SHARED_SECRETS_FILE;
typedef struct id_list id_list_t;
@@ -186,9 +181,8 @@ get_secret(const struct connection *c, enum PrivateKeyKind kind, bool asym)
his_id = &rw_id;
}
#ifdef NAT_TRAVERSAL
- else if (nat_traversal_enabled
+ else if (kind == PPK_PSK
&& (c->policy & POLICY_PSK)
- && kind == PPK_PSK
&& ((c->kind == CK_TEMPLATE && c->spd.that.id.kind == ID_NONE) ||
(c->kind == CK_INSTANCE && id_is_ipaddr(&c->spd.that.id))))
{
diff --git a/programs/pluto/vendor.c b/programs/pluto/vendor.c
index 3a8ac15a9..a51971cde 100644
--- a/programs/pluto/vendor.c
+++ b/programs/pluto/vendor.c
@@ -11,7 +11,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * RCSID $Id: vendor.c,v 1.38 2006/06/04 09:42:35 as Exp $
+ * RCSID $Id: vendor.c,v 1.39 2006/07/06 12:32:41 as Exp $
*/
#include <stdlib.h>
@@ -200,8 +200,10 @@ static struct vid_struct _vid_tab[] = {
*/
DEC_MD5_VID(STRONGSWAN_4_0_0, "strongSwan 4.0.0")
DEC_MD5_VID(STRONGSWAN_4_0_1, "strongSwan 4.0.1")
+ DEC_MD5_VID(STRONGSWAN_4_0_1, "strongSwan 4.0.2")
- DEC_MD5_VID(STRONGSWAN, "strongSwan 2.7.2")
+ DEC_MD5_VID(STRONGSWAN, "strongSwan 2.7.3")
+ DEC_MD5_VID(STRONGSWAN_2_7_2, "strongSwan 2.7.2")
DEC_MD5_VID(STRONGSWAN_2_7_1, "strongSwan 2.7.1")
DEC_MD5_VID(STRONGSWAN_2_7_0, "strongSwan 2.7.0")
DEC_MD5_VID(STRONGSWAN_2_6_4, "strongSwan 2.6.4")
diff --git a/programs/pluto/vendor.h b/programs/pluto/vendor.h
index e0c3a5f30..c4ed6d294 100644
--- a/programs/pluto/vendor.h
+++ b/programs/pluto/vendor.h
@@ -11,7 +11,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * RCSID $Id: vendor.h,v 1.33 2006/06/04 09:42:35 as Exp $
+ * RCSID $Id: vendor.h,v 1.34 2006/07/06 12:32:41 as Exp $
*/
#ifndef _VENDOR_H_
@@ -78,9 +78,11 @@ enum known_vendorid {
VID_STRONGSWAN_2_6_4 = 57,
VID_STRONGSWAN_2_7_0 = 58,
VID_STRONGSWAN_2_7_1 = 59,
+ VID_STRONGSWAN_2_7_2 = 60,
VID_STRONGSWAN_4_0_0 = 70,
VID_STRONGSWAN_4_0_1 = 71,
+ VID_STRONGSWAN_4_0_2 = 72,
/* 101 - 200 : NAT-Traversal */
VID_NATT_STENBERG_01 =101,