Updated version 5.6.0 from 'upstream/5.6.0'

with Debian dir e138a03837a338ec35cc53a33de19381770a5f0c
author: Yves-Alexis Perez <corsac@corsac.net> 2017-09-01 17:21:25 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-09-01 17:21:25 +0200
commit: d35f9a428e3443c4478b3ba1b03d7f69ce43436c (patch)
tree: c57633158ae938ac37bac0be0564fc9360746999 /src/libcharon/plugins/stroke/stroke_config.c
parent: debb2443d93d74388b2330341a787e5ba420909d (diff)
parent: 11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
download: vyos-strongswan-d35f9a428e3443c4478b3ba1b03d7f69ce43436c.tar.gz
vyos-strongswan-d35f9a428e3443c4478b3ba1b03d7f69ce43436c.zip
1 files changed, 20 insertions, 7 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index 00f74831c..ac0129210 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -136,7 +136,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
 /**
  * parse a proposal string, either into ike_cfg or child_cfg
  */
-static void add_proposals(private_stroke_config_t *this, char *string,
+static bool add_proposals(private_stroke_config_t *this, char *string,
 				ike_cfg_t *ike_cfg, child_cfg_t *child_cfg, protocol_id_t proto)
 {
 	if (string)
@@ -170,10 +170,11 @@ static void add_proposals(private_stroke_config_t *this, char *string,
 				continue;
 			}
 			DBG1(DBG_CFG, "skipped invalid proposal string: %s", single);
+			return FALSE;
 		}
 		if (strict)
 		{
-			return;
+			return TRUE;
 		}
 		/* add default porposal to the end if not strict */
 	}
@@ -187,6 +188,7 @@ static void add_proposals(private_stroke_config_t *this, char *string,
 		child_cfg->add_proposal(child_cfg, proposal_create_default(proto));
 		child_cfg->add_proposal(child_cfg, proposal_create_default_aead(proto));
 	}
+	return TRUE;
 }
 
 /**
@@ -289,7 +291,12 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
 							 msg->add_conn.fragmentation,
 							 msg->add_conn.ikedscp);
 
-	add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL, PROTO_IKE);
+	if (!add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg,
+					   NULL, PROTO_IKE))
+	{
+		ike_cfg->destroy(ike_cfg);
+		return NULL;
+	}
 	return ike_cfg;
 }
 
@@ -1050,6 +1057,7 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
 									stroke_msg_t *msg)
 {
 	child_cfg_t *child_cfg;
+	bool success;
 	child_cfg_create_t child = {
 		.lifetime = {
 			.time = {
@@ -1100,13 +1108,18 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
 
 	if (msg->add_conn.algorithms.ah)
 	{
-		add_proposals(this, msg->add_conn.algorithms.ah,
-					  NULL, child_cfg, PROTO_AH);
+		success = add_proposals(this, msg->add_conn.algorithms.ah,
+								NULL, child_cfg, PROTO_AH);
 	}
 	else
 	{
-		add_proposals(this, msg->add_conn.algorithms.esp,
-					  NULL, child_cfg, PROTO_ESP);
+		success = add_proposals(this, msg->add_conn.algorithms.esp,
+								NULL, child_cfg, PROTO_ESP);
+	}
+	if (!success)
+	{
+		child_cfg->destroy(child_cfg);
+		return NULL;
 	}
 	return child_cfg;
 }
author	Yves-Alexis Perez <corsac@corsac.net>	2017-09-01 17:21:25 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-09-01 17:21:25 +0200
commit	d35f9a428e3443c4478b3ba1b03d7f69ce43436c (patch)
tree	c57633158ae938ac37bac0be0564fc9360746999 /src/libcharon/plugins/stroke/stroke_config.c
parent	debb2443d93d74388b2330341a787e5ba420909d (diff)
parent	11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
download	vyos-strongswan-d35f9a428e3443c4478b3ba1b03d7f69ce43436c.tar.gz vyos-strongswan-d35f9a428e3443c4478b3ba1b03d7f69ce43436c.zip