diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-11-28 11:42:20 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-11-28 11:42:20 +0000 |
commit | f73fba54dc8b30c6482e1e8abf15bbf455592fcd (patch) | |
tree | a449515607c5e51a5c703d7a9b1149c9e4a11560 /src/libcharon/plugins/socket_default | |
parent | b8064f4099997a9e2179f3ad4ace605f5ccac3a1 (diff) | |
download | vyos-strongswan-f73fba54dc8b30c6482e1e8abf15bbf455592fcd.tar.gz vyos-strongswan-f73fba54dc8b30c6482e1e8abf15bbf455592fcd.zip |
[svn-upgrade] new version strongswan (4.5.0)
Diffstat (limited to 'src/libcharon/plugins/socket_default')
4 files changed, 50 insertions, 34 deletions
diff --git a/src/libcharon/plugins/socket_default/Makefile.in b/src/libcharon/plugins/socket_default/Makefile.in index df63d862e..bd85386b2 100644 --- a/src/libcharon/plugins/socket_default/Makefile.in +++ b/src/libcharon/plugins/socket_default/Makefile.in @@ -44,6 +44,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ $(top_srcdir)/m4/config/lt~obsolete.m4 \ $(top_srcdir)/m4/macros/with.m4 \ $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ $(top_srcdir)/configure.in am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) @@ -168,6 +169,8 @@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ @@ -199,14 +202,17 @@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ +c_plugins = @c_plugins@ datadir = @datadir@ datarootdir = @datarootdir@ +dbusservicedir = @dbusservicedir@ default_pkcs11 = @default_pkcs11@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ gtk_CFLAGS = @gtk_CFLAGS@ gtk_LIBS = @gtk_LIBS@ +h_plugins = @h_plugins@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -221,24 +227,31 @@ ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ +libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ libexecdir = @libexecdir@ -libhydra_plugins = @libhydra_plugins@ -libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ localstatedir = @localstatedir@ lt_ECHO = @lt_ECHO@ +maemo_CFLAGS = @maemo_CFLAGS@ +maemo_LIBS = @maemo_LIBS@ +manager_plugins = @manager_plugins@ mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ +openac_plugins = @openac_plugins@ +p_plugins = @p_plugins@ pdfdir = @pdfdir@ piddir = @piddir@ +pki_plugins = @pki_plugins@ plugindir = @plugindir@ pluto_plugins = @pluto_plugins@ +pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -246,7 +259,10 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ +s_plugins = @s_plugins@ sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ diff --git a/src/libcharon/plugins/socket_default/socket_default_plugin.c b/src/libcharon/plugins/socket_default/socket_default_plugin.c index 45390ddae..b5dea68b6 100644 --- a/src/libcharon/plugins/socket_default/socket_default_plugin.c +++ b/src/libcharon/plugins/socket_default/socket_default_plugin.c @@ -1,4 +1,6 @@ /* + * Copyright (C) 2010 Tobias Brunner + * Hochschule fuer Technik Rapperswil * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * @@ -31,17 +33,13 @@ struct private_socket_default_plugin_t { */ socket_default_plugin_t public; - /** - * Socket instance. - */ - socket_default_socket_t *socket; }; METHOD(plugin_t, destroy, void, private_socket_default_plugin_t *this) { - charon->socket->remove_socket(charon->socket, &this->socket->socket); - this->socket->destroy(this->socket); + charon->socket->remove_socket(charon->socket, + (socket_constructor_t)socket_default_socket_create); free(this); } @@ -53,16 +51,15 @@ plugin_t *socket_default_plugin_create() private_socket_default_plugin_t *this; INIT(this, - .public.plugin.destroy = _destroy, - .socket = socket_default_socket_create(), + .public = { + .plugin = { + .destroy = _destroy, + }, + }, ); - if (!this->socket) - { - free(this); - return NULL; - } - charon->socket->add_socket(charon->socket, &this->socket->socket); + charon->socket->add_socket(charon->socket, + (socket_constructor_t)socket_default_socket_create); return &this->public.plugin; } diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c index bc998182e..e95646643 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.c +++ b/src/libcharon/plugins/socket_default/socket_default_socket.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2009 Tobias Brunner + * Copyright (C) 2006-2010 Tobias Brunner * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter @@ -42,11 +42,12 @@ #include <sys/sysctl.h> #endif +#include <hydra.h> #include <daemon.h> #include <threading/thread.h> /* Maximum size of a packet */ -#define MAX_PACKET 5000 +#define MAX_PACKET 10000 /* length of non-esp marker */ #define MARKER_LEN sizeof(u_int32_t) @@ -116,12 +117,17 @@ struct private_socket_default_socket_t { * IPv6 socket for NATT (4500) */ int ipv6_natt; + + /** + * Maximum packet size to receive + */ + int max_packet; }; METHOD(socket_t, receiver, status_t, private_socket_default_socket_t *this, packet_t **packet) { - char buffer[MAX_PACKET]; + char buffer[this->max_packet]; chunk_t data; packet_t *pkt; host_t *source = NULL, *dest = NULL; @@ -195,7 +201,7 @@ METHOD(socket_t, receiver, status_t, msg.msg_name = &src; msg.msg_namelen = sizeof(src); iov.iov_base = buffer; - iov.iov_len = sizeof(buffer); + iov.iov_len = this->max_packet; msg.msg_iov = &iov; msg.msg_iovlen = 1; msg.msg_control = ancillary; @@ -207,6 +213,11 @@ METHOD(socket_t, receiver, status_t, DBG1(DBG_NET, "error reading socket: %s", strerror(errno)); return FAILED; } + if (msg.msg_flags & MSG_TRUNC) + { + DBG1(DBG_NET, "receive buffer too small, packet discarded"); + return FAILED; + } DBG3(DBG_NET, "received packet %b", buffer, bytes_read); if (bytes_read < MARKER_LEN) @@ -351,12 +362,6 @@ METHOD(socket_t, sender, status_t, if (data.len != 1 || data.ptr[0] != 0xFF) { /* add non esp marker to packet */ - if (data.len > MAX_PACKET - MARKER_LEN) - { - DBG1(DBG_NET, "unable to send packet: it's too big (%d bytes)", - data.len); - return FAILED; - } marked = chunk_alloc(data.len + MARKER_LEN); memset(marked.ptr, 0, MARKER_LEN); memcpy(marked.ptr + MARKER_LEN, data.ptr, data.len); @@ -521,8 +526,8 @@ static int open_socket(private_socket_default_socket_t *this, } } - if (!charon->kernel_interface->bypass_socket(charon->kernel_interface, - skt, family)) + if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface, + skt, family)) { DBG1(DBG_NET, "installing IKE bypass policy failed"); } @@ -541,7 +546,7 @@ static int open_socket(private_socket_default_socket_t *this, return skt; } -METHOD(socket_default_socket_t, destroy, void, +METHOD(socket_t, destroy, void, private_socket_default_socket_t *this) { if (this->ipv4) @@ -575,9 +580,11 @@ socket_default_socket_t *socket_default_socket_create() .socket = { .send = _sender, .receive = _receiver, + .destroy = _destroy, }, - .destroy = _destroy, }, + .max_packet = lib->settings->get_int(lib->settings, + "charon.max_packet", MAX_PACKET), ); #ifdef __APPLE__ diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.h b/src/libcharon/plugins/socket_default/socket_default_socket.h index 755016662..89aa6f435 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.h +++ b/src/libcharon/plugins/socket_default/socket_default_socket.h @@ -35,10 +35,6 @@ struct socket_default_socket_t { */ socket_t socket; - /** - * Destroy a socket_default_socket_t. - */ - void (*destroy)(socket_default_socket_t *this); }; /** |