New upstream version 5.5.3

author: Yves-Alexis Perez <corsac@corsac.net> 2017-05-30 20:59:31 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-05-30 20:59:31 +0200
commit: bba25e2ff6c4a193acb54560ea4417537bd2954e (patch)
tree: 9e074fe343f9ab6f5ce1e9c5142d9a6cf180fcda /src/libcharon/plugins/kernel_pfroute
parent: 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (diff)
download: vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.tar.gz
vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.zip
2 files changed, 73 insertions, 52 deletions
diff --git a/src/libcharon/plugins/kernel_pfroute/Makefile.in b/src/libcharon/plugins/kernel_pfroute/Makefile.in
index 1e4b3e207..e7005bbff 100644
--- a/src/libcharon/plugins/kernel_pfroute/Makefile.in
+++ b/src/libcharon/plugins/kernel_pfroute/Makefile.in
@@ -358,6 +358,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -380,6 +381,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c
index efcf1c2a7..6d06ee179 100644
--- a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c
+++ b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c
@@ -601,9 +601,12 @@ typedef struct {
 } rt_enumerator_t;
 
 METHOD(enumerator_t, rt_enumerate, bool,
-	rt_enumerator_t *this, int *xtype, struct sockaddr **addr)
+	rt_enumerator_t *this, va_list args)
 {
-	int i, type;
+	struct sockaddr **addr;
+	int i, type, *xtype;
+
+	VA_ARGS_VGET(args, xtype, addr);
 
 	if (this->remaining < sizeof(this->addr->sa_len) ||
 		this->remaining < this->addr->sa_len)
@@ -637,7 +640,8 @@ static enumerator_t *create_rt_enumerator(int types, int remaining,
 
 	INIT(this,
 		.public = {
-			.enumerate = (void*)_rt_enumerate,
+			.enumerate = enumerator_enumerate_default,
+			.venumerate = _rt_enumerate,
 			.destroy = (void*)free,
 		},
 		.types = types,
@@ -1050,41 +1054,45 @@ typedef struct {
 	kernel_address_type_t which;
 } address_enumerator_t;
 
-/**
- * cleanup function for address enumerator
- */
-static void address_enumerator_destroy(address_enumerator_t *data)
+CALLBACK(address_enumerator_destroy, void,
+	address_enumerator_t *data)
 {
 	data->this->lock->unlock(data->this->lock);
 	free(data);
 }
 
-/**
- * filter for addresses
- */
-static bool filter_addresses(address_enumerator_t *data,
-							 addr_entry_t** in, host_t** out)
+CALLBACK(filter_addresses, bool,
+	address_enumerator_t *data, enumerator_t *orig, va_list args)
 {
-	host_t *ip;
-	if (!(data->which & ADDR_TYPE_VIRTUAL) && (*in)->virtual)
-	{   /* skip virtual interfaces added by us */
-		return FALSE;
-	}
-	if (!(data->which & ADDR_TYPE_REGULAR) && !(*in)->virtual)
-	{	/* address is regular, but not requested */
-		return FALSE;
-	}
-	ip = (*in)->ip;
-	if (ip->get_family(ip) == AF_INET6)
+	addr_entry_t *addr;
+	host_t *ip, **out;
+	struct sockaddr_in6 *sin6;
+
+	VA_ARGS_VGET(args, out);
+
+	while (orig->enumerate(orig, &addr))
 	{
-		struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)ip->get_sockaddr(ip);
-		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr))
-		{   /* skip addresses with a unusable scope */
-			return FALSE;
+		if (!(data->which & ADDR_TYPE_VIRTUAL) && addr->virtual)
+		{   /* skip virtual interfaces added by us */
+			continue;
 		}
+		if (!(data->which & ADDR_TYPE_REGULAR) && !addr->virtual)
+		{	/* address is regular, but not requested */
+			continue;
+		}
+		ip = addr->ip;
+		if (ip->get_family(ip) == AF_INET6)
+		{
+			sin6 = (struct sockaddr_in6 *)ip->get_sockaddr(ip);
+			if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr))
+			{   /* skip addresses with a unusable scope */
+				continue;
+			}
+		}
+		*out = ip;
+		return TRUE;
 	}
-	*out = ip;
-	return TRUE;
+	return FALSE;
 }
 
 /**
@@ -1094,29 +1102,34 @@ static enumerator_t *create_iface_enumerator(iface_entry_t *iface,
 											 address_enumerator_t *data)
 {
 	return enumerator_create_filter(iface->addrs->create_enumerator(iface->addrs),
-									(void*)filter_addresses, data, NULL);
+									filter_addresses, data, NULL);
 }
 
-/**
- * filter for interfaces
- */
-static bool filter_interfaces(address_enumerator_t *data, iface_entry_t** in,
-							  iface_entry_t** out)
+CALLBACK(filter_interfaces, bool,
+	address_enumerator_t *data, enumerator_t *orig, va_list args)
 {
-	if (!(data->which & ADDR_TYPE_IGNORED) && !(*in)->usable)
-	{	/* skip interfaces excluded by config */
-		return FALSE;
-	}
-	if (!(data->which & ADDR_TYPE_LOOPBACK) && ((*in)->flags & IFF_LOOPBACK))
-	{	/* ignore loopback devices */
-		return FALSE;
-	}
-	if (!(data->which & ADDR_TYPE_DOWN) && !((*in)->flags & IFF_UP))
-	{	/* skip interfaces not up */
-		return FALSE;
+	iface_entry_t *iface, **out;
+
+	VA_ARGS_VGET(args, out);
+
+	while (orig->enumerate(orig, &iface))
+	{
+		if (!(data->which & ADDR_TYPE_IGNORED) && !iface->usable)
+		{	/* skip interfaces excluded by config */
+			continue;
+		}
+		if (!(data->which & ADDR_TYPE_LOOPBACK) && (iface->flags & IFF_LOOPBACK))
+		{	/* ignore loopback devices */
+			continue;
+		}
+		if (!(data->which & ADDR_TYPE_DOWN) && !(iface->flags & IFF_UP))
+		{	/* skip interfaces not up */
+			continue;
+		}
+		*out = iface;
+		return TRUE;
 	}
-	*out = *in;
-	return TRUE;
+	return FALSE;
 }
 
 METHOD(kernel_net_t, create_address_enumerator, enumerator_t*,
@@ -1133,9 +1146,9 @@ METHOD(kernel_net_t, create_address_enumerator, enumerator_t*,
 	return enumerator_create_nested(
 				enumerator_create_filter(
 					this->ifaces->create_enumerator(this->ifaces),
-					(void*)filter_interfaces, data, NULL),
+					filter_interfaces, data, NULL),
 				(void*)create_iface_enumerator, data,
-				(void*)address_enumerator_destroy);
+				address_enumerator_destroy);
 }
 
 METHOD(kernel_net_t, get_features, kernel_feature_t,
@@ -1789,13 +1802,18 @@ METHOD(enumerator_t, destroy_subnet_enumerator, void,
 }
 
 METHOD(enumerator_t, enumerate_subnets, bool,
-	subnet_enumerator_t *this, host_t **net, uint8_t *mask, char **ifname)
+	subnet_enumerator_t *this, va_list args)
 {
 	enumerator_t *enumerator;
+	host_t **net;
 	struct rt_msghdr *rtm;
 	struct sockaddr *addr;
+	uint8_t *mask;
+	char **ifname;
 	int type;
 
+	VA_ARGS_VGET(args, net, mask, ifname);
+
 	if (!this->current)
 	{
 		this->current = this->buf;
@@ -1888,7 +1906,8 @@ METHOD(kernel_net_t, create_local_subnet_enumerator, enumerator_t*,
 
 	INIT(enumerator,
 		.public = {
-			.enumerate = (void*)_enumerate_subnets,
+			.enumerate = enumerator_enumerate_default,
+			.venumerate = _enumerate_subnets,
 			.destroy = _destroy_subnet_enumerator,
 		},
 		.buf = buf,
author	Yves-Alexis Perez <corsac@corsac.net>	2017-05-30 20:59:31 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-05-30 20:59:31 +0200
commit	bba25e2ff6c4a193acb54560ea4417537bd2954e (patch)
tree	9e074fe343f9ab6f5ce1e9c5142d9a6cf180fcda /src/libcharon/plugins/kernel_pfroute
parent	05ddd767992d68bb38c7f16ece142e8c2e9ae016 (diff)
download	vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.tar.gz vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.zip