summaryrefslogtreecommitdiff
path: root/src/libcharon/plugins/stroke
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-09-01 17:21:25 +0200
committerYves-Alexis Perez <corsac@corsac.net>2017-09-01 17:21:25 +0200
commit11d6b62db969bdd808d0f56706cb18f113927a31 (patch)
tree8aa7d8fb611c3da6a3523cb78a082f62ffd0dac8 /src/libcharon/plugins/stroke
parentbba25e2ff6c4a193acb54560ea4417537bd2954e (diff)
downloadvyos-strongswan-11d6b62db969bdd808d0f56706cb18f113927a31.tar.gz
vyos-strongswan-11d6b62db969bdd808d0f56706cb18f113927a31.zip
New upstream version 5.6.0
Diffstat (limited to 'src/libcharon/plugins/stroke')
-rw-r--r--src/libcharon/plugins/stroke/Makefile.in8
-rw-r--r--src/libcharon/plugins/stroke/stroke_config.c27
2 files changed, 26 insertions, 9 deletions
diff --git a/src/libcharon/plugins/stroke/Makefile.in b/src/libcharon/plugins/stroke/Makefile.in
index 0af607fd7..70374b32f 100644
--- a/src/libcharon/plugins/stroke/Makefile.in
+++ b/src/libcharon/plugins/stroke/Makefile.in
@@ -315,8 +315,6 @@ RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
RUBYGEMDIR = @RUBYGEMDIR@
-RUBYINCLUDE = @RUBYINCLUDE@
-RUBYLIB = @RUBYLIB@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -417,6 +415,8 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+ruby_CFLAGS = @ruby_CFLAGS@
+ruby_LIBS = @ruby_LIBS@
runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
@@ -445,6 +445,10 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
tss2_CFLAGS = @tss2_CFLAGS@
tss2_LIBS = @tss2_LIBS@
+tss2_socket_CFLAGS = @tss2_socket_CFLAGS@
+tss2_socket_LIBS = @tss2_socket_LIBS@
+tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@
+tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@
urandom_device = @urandom_device@
xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index 00f74831c..ac0129210 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -136,7 +136,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
/**
* parse a proposal string, either into ike_cfg or child_cfg
*/
-static void add_proposals(private_stroke_config_t *this, char *string,
+static bool add_proposals(private_stroke_config_t *this, char *string,
ike_cfg_t *ike_cfg, child_cfg_t *child_cfg, protocol_id_t proto)
{
if (string)
@@ -170,10 +170,11 @@ static void add_proposals(private_stroke_config_t *this, char *string,
continue;
}
DBG1(DBG_CFG, "skipped invalid proposal string: %s", single);
+ return FALSE;
}
if (strict)
{
- return;
+ return TRUE;
}
/* add default porposal to the end if not strict */
}
@@ -187,6 +188,7 @@ static void add_proposals(private_stroke_config_t *this, char *string,
child_cfg->add_proposal(child_cfg, proposal_create_default(proto));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(proto));
}
+ return TRUE;
}
/**
@@ -289,7 +291,12 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
msg->add_conn.fragmentation,
msg->add_conn.ikedscp);
- add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL, PROTO_IKE);
+ if (!add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg,
+ NULL, PROTO_IKE))
+ {
+ ike_cfg->destroy(ike_cfg);
+ return NULL;
+ }
return ike_cfg;
}
@@ -1050,6 +1057,7 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
stroke_msg_t *msg)
{
child_cfg_t *child_cfg;
+ bool success;
child_cfg_create_t child = {
.lifetime = {
.time = {
@@ -1100,13 +1108,18 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
if (msg->add_conn.algorithms.ah)
{
- add_proposals(this, msg->add_conn.algorithms.ah,
- NULL, child_cfg, PROTO_AH);
+ success = add_proposals(this, msg->add_conn.algorithms.ah,
+ NULL, child_cfg, PROTO_AH);
}
else
{
- add_proposals(this, msg->add_conn.algorithms.esp,
- NULL, child_cfg, PROTO_ESP);
+ success = add_proposals(this, msg->add_conn.algorithms.esp,
+ NULL, child_cfg, PROTO_ESP);
+ }
+ if (!success)
+ {
+ child_cfg->destroy(child_cfg);
+ return NULL;
}
return child_cfg;
}