diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2013-01-02 14:18:20 +0100 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2013-01-02 14:18:20 +0100 |
commit | 2ea5b8ab2fa64487af984af2162039596a06015a (patch) | |
tree | 58f9a4372d6007b33b1fca63ab18b53aa34b090d /src/libstrongswan/plugins/af_alg | |
parent | 4e331141b8693e5214b82fdd6c3c6f4fa65eafca (diff) | |
parent | c1343b3278cdf99533b7902744d15969f9d6fdc1 (diff) | |
download | vyos-strongswan-2ea5b8ab2fa64487af984af2162039596a06015a.tar.gz vyos-strongswan-2ea5b8ab2fa64487af984af2162039596a06015a.zip |
Merge tag 'upstream/5.0.1'
Upstream version 5.0.1
Diffstat (limited to 'src/libstrongswan/plugins/af_alg')
-rw-r--r-- | src/libstrongswan/plugins/af_alg/Makefile.in | 14 | ||||
-rw-r--r-- | src/libstrongswan/plugins/af_alg/af_alg_crypter.c | 22 | ||||
-rw-r--r-- | src/libstrongswan/plugins/af_alg/af_alg_hasher.c | 16 | ||||
-rw-r--r-- | src/libstrongswan/plugins/af_alg/af_alg_ops.c | 73 | ||||
-rw-r--r-- | src/libstrongswan/plugins/af_alg/af_alg_ops.h | 9 | ||||
-rw-r--r-- | src/libstrongswan/plugins/af_alg/af_alg_prf.c | 24 | ||||
-rw-r--r-- | src/libstrongswan/plugins/af_alg/af_alg_signer.c | 22 |
7 files changed, 104 insertions, 76 deletions
diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in index 679e883e1..d3da24718 100644 --- a/src/libstrongswan/plugins/af_alg/Makefile.in +++ b/src/libstrongswan/plugins/af_alg/Makefile.in @@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; @@ -86,7 +87,7 @@ libstrongswan_af_alg_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ @MONOLITHIC_FALSE@am_libstrongswan_af_alg_la_rpath = -rpath \ @MONOLITHIC_FALSE@ $(plugindir) @MONOLITHIC_TRUE@am_libstrongswan_af_alg_la_rpath = -DEFAULT_INCLUDES = -I.@am__isrc@ +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles am__mv = mv -f @@ -112,6 +113,7 @@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ +BFDLIB = @BFDLIB@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ @@ -206,11 +208,14 @@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ clearsilver_LIBS = @clearsilver_LIBS@ datadir = @datadir@ datarootdir = @datarootdir@ dbusservicedir = @dbusservicedir@ -default_pkcs11 = @default_pkcs11@ +dev_headers = @dev_headers@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ @@ -227,11 +232,12 @@ imcvdir = @imcvdir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ ipsecdir = @ipsecdir@ ipsecgroup = @ipsecgroup@ ipseclibdir = @ipseclibdir@ ipsecuser = @ipsecuser@ -libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ libexecdir = @libexecdir@ linux_headers = @linux_headers@ @@ -247,6 +253,7 @@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ @@ -256,7 +263,6 @@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ -pluto_plugins = @pluto_plugins@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c index 9c547140d..5d0976d95 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c @@ -131,32 +131,26 @@ static size_t lookup_alg(encryption_algorithm_t algo, char **name, return 0; } -METHOD(crypter_t, decrypt, void, +METHOD(crypter_t, decrypt, bool, private_af_alg_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *dst) { if (dst) { *dst = chunk_alloc(data.len); - this->ops->crypt(this->ops, ALG_OP_DECRYPT, iv, data, dst->ptr); - } - else - { - this->ops->crypt(this->ops, ALG_OP_DECRYPT, iv, data, data.ptr); + return this->ops->crypt(this->ops, ALG_OP_DECRYPT, iv, data, dst->ptr); } + return this->ops->crypt(this->ops, ALG_OP_DECRYPT, iv, data, data.ptr); } -METHOD(crypter_t, encrypt, void, +METHOD(crypter_t, encrypt, bool, private_af_alg_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *dst) { if (dst) { *dst = chunk_alloc(data.len); - this->ops->crypt(this->ops, ALG_OP_ENCRYPT, iv, data, dst->ptr); - } - else - { - this->ops->crypt(this->ops, ALG_OP_ENCRYPT, iv, data, data.ptr); + return this->ops->crypt(this->ops, ALG_OP_ENCRYPT, iv, data, dst->ptr); } + return this->ops->crypt(this->ops, ALG_OP_ENCRYPT, iv, data, data.ptr); } METHOD(crypter_t, get_block_size, size_t, @@ -177,10 +171,10 @@ METHOD(crypter_t, get_key_size, size_t, return this->keymat_size; } -METHOD(crypter_t, set_key, void, +METHOD(crypter_t, set_key, bool, private_af_alg_crypter_t *this, chunk_t key) { - this->ops->set_key(this->ops, key); + return this->ops->set_key(this->ops, key); } METHOD(crypter_t, destroy, void, diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c index ef2350497..47a6e5e0e 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c @@ -99,30 +99,28 @@ METHOD(hasher_t, get_hash_size, size_t, return this->size; } -METHOD(hasher_t, reset, void, +METHOD(hasher_t, reset, bool, private_af_alg_hasher_t *this) { this->ops->reset(this->ops); + return TRUE; } -METHOD(hasher_t, get_hash, void, +METHOD(hasher_t, get_hash, bool, private_af_alg_hasher_t *this, chunk_t chunk, u_int8_t *hash) { - this->ops->hash(this->ops, chunk, hash, this->size); + return this->ops->hash(this->ops, chunk, hash, this->size); } -METHOD(hasher_t, allocate_hash, void, +METHOD(hasher_t, allocate_hash, bool, private_af_alg_hasher_t *this, chunk_t chunk, chunk_t *hash) { if (hash) { *hash = chunk_alloc(get_hash_size(this)); - get_hash(this, chunk, hash->ptr); - } - else - { - get_hash(this, chunk, NULL); + return get_hash(this, chunk, hash->ptr); } + return get_hash(this, chunk, NULL); } METHOD(hasher_t, destroy, void, diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c index a7b5de264..7fe47c578 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c @@ -54,7 +54,7 @@ METHOD(af_alg_ops_t, reset, void, } } -METHOD(af_alg_ops_t, hash, void, +METHOD(af_alg_ops_t, hash, bool, private_af_alg_ops_t *this, chunk_t data, char *out, size_t outlen) { ssize_t len; @@ -62,39 +62,52 @@ METHOD(af_alg_ops_t, hash, void, while (this->op == -1) { this->op = accept(this->tfm, NULL, 0); - if (this->op == -1) + if (this->op == -1 && errno != EINTR) { DBG1(DBG_LIB, "opening AF_ALG hasher failed: %s", strerror(errno)); - sleep(1); + return FALSE; } } + do { len = send(this->op, data.ptr, data.len, out ? 0 : MSG_MORE); if (len == -1) { + if (errno == EINTR) + { + continue; + } DBG1(DBG_LIB, "writing to AF_ALG hasher failed: %s", strerror(errno)); - sleep(1); - } - else - { - data = chunk_skip(data, len); + return FALSE; } + data = chunk_skip(data, len); } while (data.len); if (out) { - while (read(this->op, out, outlen) != outlen) + while (outlen) { - DBG1(DBG_LIB, "reading AF_ALG hasher failed: %s", strerror(errno)); - sleep(1); + len = read(this->op, out, outlen); + if (len == -1) + { + if (errno == EINTR) + { + continue; + } + DBG1(DBG_LIB, "reading AF_ALG hasher failed: %s", strerror(errno)); + return FALSE; + } + outlen -= len; + out += len; } reset(this); } + return TRUE; } -METHOD(af_alg_ops_t, crypt, void, +METHOD(af_alg_ops_t, crypt, bool, private_af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data, char *out) { @@ -107,11 +120,16 @@ METHOD(af_alg_ops_t, crypt, void, ssize_t len; int op; - while ((op = accept(this->tfm, NULL, 0)) == -1) + do { - DBG1(DBG_LIB, "accepting AF_ALG crypter failed: %s", strerror(errno)); - sleep(1); + op = accept(this->tfm, NULL, 0); + if (op == -1 && errno != EINTR) + { + DBG1(DBG_LIB, "accepting AF_ALG crypter failed: %s", strerror(errno)); + return FALSE; + } } + while (op == -1); memset(buf, 0, sizeof(buf)); @@ -143,30 +161,39 @@ METHOD(af_alg_ops_t, crypt, void, len = sendmsg(op, &msg, 0); if (len == -1) { - DBG1(DBG_LIB, "writing to AF_ALG crypter failed: %s", - strerror(errno)); - sleep(1); - continue; + if (errno == EINTR) + { + continue; + } + DBG1(DBG_LIB, "writing to AF_ALG crypter failed: %s", strerror(errno)); + return FALSE; } - if (read(op, out, len) != len) + while (read(op, out, len) != len) { - DBG1(DBG_LIB, "reading from AF_ALG crypter failed: %s", - strerror(errno)); + if (errno != EINTR) + { + DBG1(DBG_LIB, "reading from AF_ALG crypter failed: %s", + strerror(errno)); + return FALSE; + } } data = chunk_skip(data, len); /* no IV for subsequent data chunks */ msg.msg_controllen = 0; } close(op); + return TRUE; } -METHOD(af_alg_ops_t, set_key, void, +METHOD(af_alg_ops_t, set_key, bool, private_af_alg_ops_t *this, chunk_t key) { if (setsockopt(this->tfm, SOL_ALG, ALG_SET_KEY, key.ptr, key.len) == -1) { DBG1(DBG_LIB, "setting AF_ALG key failed: %s", strerror(errno)); + return FALSE; } + return TRUE; } METHOD(af_alg_ops_t, destroy, void, diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.h b/src/libstrongswan/plugins/af_alg/af_alg_ops.h index ad164029f..e34f22977 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_ops.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.h @@ -46,8 +46,9 @@ struct af_alg_ops_t { * @param data data to hash * @param out buffer to write hash to, NULL for append mode * @param outlen number of bytes to read into out + * @return TRUE if successful */ - void (*hash)(af_alg_ops_t *this, chunk_t data, char *out, size_t outlen); + bool (*hash)(af_alg_ops_t *this, chunk_t data, char *out, size_t outlen); /** * Reset hasher state. @@ -61,16 +62,18 @@ struct af_alg_ops_t { * @param iv iv to use * @param data data to encrypt/decrypt * @param out buffer write processed data to + * @return TRUE if successful */ - void (*crypt)(af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data, + bool (*crypt)(af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data, char *out); /** * Set the key for en-/decryption or HMAC/XCBC operations. * * @param key key to set for transform + * @return TRUE if successful */ - void (*set_key)(af_alg_ops_t *this, chunk_t key); + bool (*set_key)(af_alg_ops_t *this, chunk_t key); /** * Destroy a af_alg_ops_t. diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.c b/src/libstrongswan/plugins/af_alg/af_alg_prf.c index a7912291f..720738a84 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_prf.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.c @@ -105,24 +105,21 @@ static size_t lookup_alg(pseudo_random_function_t algo, char **name, bool *xcbc) return 0; } -METHOD(prf_t, get_bytes, void, +METHOD(prf_t, get_bytes, bool, private_af_alg_prf_t *this, chunk_t seed, u_int8_t *buffer) { - this->ops->hash(this->ops, seed, buffer, this->block_size); + return this->ops->hash(this->ops, seed, buffer, this->block_size); } -METHOD(prf_t, allocate_bytes, void, +METHOD(prf_t, allocate_bytes, bool, private_af_alg_prf_t *this, chunk_t seed, chunk_t *chunk) { if (chunk) { *chunk = chunk_alloc(this->block_size); - get_bytes(this, seed, chunk->ptr); - } - else - { - get_bytes(this, seed, NULL); + return get_bytes(this, seed, chunk->ptr); } + return get_bytes(this, seed, NULL); } METHOD(prf_t, get_block_size, size_t, @@ -137,7 +134,7 @@ METHOD(prf_t, get_key_size, size_t, return this->block_size; } -METHOD(prf_t, set_key, void, +METHOD(prf_t, set_key, bool, private_af_alg_prf_t *this, chunk_t key) { char buf[this->block_size]; @@ -155,12 +152,15 @@ METHOD(prf_t, set_key, void, else if (key.len > this->block_size) { memset(buf, 0, this->block_size); - this->ops->set_key(this->ops, chunk_from_thing(buf)); - this->ops->hash(this->ops, key, buf, this->block_size); + if (!this->ops->set_key(this->ops, chunk_from_thing(buf)) || + !this->ops->hash(this->ops, key, buf, this->block_size)) + { + return FALSE; + } key = chunk_from_thing(buf); } } - this->ops->set_key(this->ops, key); + return this->ops->set_key(this->ops, key); } METHOD(prf_t, destroy, void, diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c index 6cd79f8f2..d995b1351 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c @@ -107,24 +107,21 @@ static size_t lookup_alg(integrity_algorithm_t algo, char **name, return 0; } -METHOD(signer_t, get_signature, void, +METHOD(signer_t, get_signature, bool, private_af_alg_signer_t *this, chunk_t data, u_int8_t *buffer) { - this->ops->hash(this->ops, data, buffer, this->block_size); + return this->ops->hash(this->ops, data, buffer, this->block_size); } -METHOD(signer_t, allocate_signature, void, +METHOD(signer_t, allocate_signature, bool, private_af_alg_signer_t *this, chunk_t data, chunk_t *chunk) { if (chunk) { *chunk = chunk_alloc(this->block_size); - get_signature(this, data, chunk->ptr); - } - else - { - get_signature(this, data, NULL); + return get_signature(this, data, chunk->ptr); } + return get_signature(this, data, NULL); } METHOD(signer_t, verify_signature, bool, @@ -136,7 +133,10 @@ METHOD(signer_t, verify_signature, bool, { return FALSE; } - get_signature(this, data, sig); + if (!get_signature(this, data, sig)) + { + return FALSE; + } return memeq(signature.ptr, sig, signature.len); } @@ -152,10 +152,10 @@ METHOD(signer_t, get_block_size, size_t, return this->block_size; } -METHOD(signer_t, set_key, void, +METHOD(signer_t, set_key, bool, private_af_alg_signer_t *this, chunk_t key) { - this->ops->set_key(this->ops, key); + return this->ops->set_key(this->ops, key); } METHOD(signer_t, destroy, void, |