diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2008-10-29 11:11:01 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2008-10-29 11:11:01 +0000 |
| commit | 8b80ab5a6950ce6515f477624794defd7531642a (patch) | |
| tree | aa8303f3806c5615fbeafc4dc82febe3cd7c24dc /src/libstrongswan/plugins/openssl | |
| parent | db67c87db3c9089ea8d2e14f617bf3d9e2af261f (diff) | |
| download | vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.tar.gz vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.zip | |
[svn-upgrade] Integrating new upstream version, strongswan (4.2.8)
Diffstat (limited to 'src/libstrongswan/plugins/openssl')
6 files changed, 111 insertions, 97 deletions
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index f83b0ce38..746b5cf4b 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -192,6 +192,8 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c index 9f7df4bca..aeab15f26 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_ec_private_key.c 4051 2008-06-10 09:08:27Z tobias $ + * $Id: openssl_ec_private_key.c 4317 2008-09-02 11:00:13Z martin $ */ #include "openssl_ec_private_key.h" @@ -399,27 +399,30 @@ static openssl_ec_private_key_t *build(private_builder_t *this) */ static void add(private_builder_t *this, builder_part_t part, ...) { - va_list args; - - if (this->key) - { - DBG1("ignoring surplus build part %N", builder_part_names, part); - return; - } - - switch (part) + if (!this->key) { - case BUILD_BLOB_ASN1_DER: + va_list args; + chunk_t chunk; + + switch (part) { - va_start(args, part); - this->key = load(va_arg(args, chunk_t)); - va_end(args); - break; + case BUILD_BLOB_ASN1_DER: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load(chunk_clone(chunk)); + va_end(args); + return; + } + default: + break; } - default: - DBG1("ignoring unsupported build part %N", builder_part_names, part); - break; } + if (this->key) + { + destroy((private_openssl_ec_private_key_t*)this->key); + } + builder_cancel(&this->public); } /** diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index 2056575ba..923df3938 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_ec_public_key.c 4051 2008-06-10 09:08:27Z tobias $ + * $Id: openssl_ec_public_key.c 4317 2008-09-02 11:00:13Z martin $ */ #include "openssl_ec_public_key.h" @@ -401,27 +401,30 @@ static openssl_ec_public_key_t *build(private_builder_t *this) */ static void add(private_builder_t *this, builder_part_t part, ...) { - va_list args; - - if (this->key) + if (!this->key) { - DBG1("ignoring surplus build part %N", builder_part_names, part); - return; - } + va_list args; + chunk_t chunk; - switch (part) - { - case BUILD_BLOB_ASN1_DER: + switch (part) { - va_start(args, part); - this->key = load(va_arg(args, chunk_t)); - va_end(args); - break; + case BUILD_BLOB_ASN1_DER: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load(chunk_clone(chunk)); + va_end(args); + return; + } + default: + break; } - default: - DBG1("ignoring unsupported build part %N", builder_part_names, part); - break; } + if (this->key) + { + destroy((private_openssl_ec_public_key_t*)this->key); + } + builder_cancel(&this->public); } /** diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 7fdd7c224..82c54a95e 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_plugin.c 4107 2008-06-25 12:39:32Z tobias $ + * $Id: openssl_plugin.c 4309 2008-08-28 11:07:57Z martin $ */ #include <openssl/evp.h> @@ -87,7 +87,7 @@ plugin_t *plugin_create() ENGINE_register_all_complete(); /* crypter */ - lib->crypto->add_crypter(lib->crypto, ENCR_DES, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, (crypter_constructor_t)openssl_crypter_create); lib->crypto->add_crypter(lib->crypto, ENCR_3DES, (crypter_constructor_t)openssl_crypter_create); @@ -99,9 +99,9 @@ plugin_t *plugin_create() (crypter_constructor_t)openssl_crypter_create); lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_NULL, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, + lib->crypto->add_crypter(lib->crypto, ENCR_NULL, (crypter_constructor_t)openssl_crypter_create); /* hasher */ @@ -118,15 +118,23 @@ plugin_t *plugin_create() lib->crypto->add_hasher(lib->crypto, HASH_SHA512, (hasher_constructor_t)openssl_hasher_create); + /* ec diffie hellman */ + lib->crypto->add_dh(lib->crypto, ECP_192_BIT, + (dh_constructor_t)openssl_ec_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, ECP_224_BIT, + (dh_constructor_t)openssl_ec_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, ECP_256_BIT, + (dh_constructor_t)openssl_ec_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, ECP_384_BIT, + (dh_constructor_t)openssl_ec_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, ECP_521_BIT, + (dh_constructor_t)openssl_ec_diffie_hellman_create); + /* diffie hellman */ - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, @@ -135,18 +143,10 @@ plugin_t *plugin_create() (dh_constructor_t)openssl_diffie_hellman_create); lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, (dh_constructor_t)openssl_diffie_hellman_create); - - /* ec diffie hellman */ - lib->crypto->add_dh(lib->crypto, ECP_192_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_224_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_256_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_384_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_521_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, + (dh_constructor_t)openssl_diffie_hellman_create); + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, + (dh_constructor_t)openssl_diffie_hellman_create); /* rsa */ lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 7595eed3a..8ad75215a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_rsa_private_key.c 3963 2008-05-15 12:41:06Z tobias $ + * $Id: openssl_rsa_private_key.c 4317 2008-09-02 11:00:13Z martin $ */ #include "openssl_rsa_private_key.h" @@ -369,34 +369,37 @@ static openssl_rsa_private_key_t *build(private_builder_t *this) */ static void add(private_builder_t *this, builder_part_t part, ...) { - va_list args; - - if (this->key) + if (!this->key) { - DBG1("ignoring surplus build part %N", builder_part_names, part); - return; - } + va_list args; + chunk_t chunk; - switch (part) - { - case BUILD_BLOB_ASN1_DER: - { - va_start(args, part); - this->key = load(va_arg(args, chunk_t)); - va_end(args); - break; - } - case BUILD_KEY_SIZE: + switch (part) { - va_start(args, part); - this->key = generate(va_arg(args, u_int)); - va_end(args); - break; + case BUILD_BLOB_ASN1_DER: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load(chunk_clone(chunk)); + va_end(args); + return; + } + case BUILD_KEY_SIZE: + { + va_start(args, part); + this->key = generate(va_arg(args, u_int)); + va_end(args); + return; + } + default: + break; } - default: - DBG1("ignoring unsupported build part %N", builder_part_names, part); - break; } + if (this->key) + { + destroy((private_openssl_rsa_private_key_t*)this->key); + } + builder_cancel(&this->public); } /** diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 755b86e96..61b5b9b64 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: openssl_rsa_public_key.c 3963 2008-05-15 12:41:06Z tobias $ + * $Id: openssl_rsa_public_key.c 4317 2008-09-02 11:00:13Z martin $ */ #include "openssl_rsa_public_key.h" @@ -387,27 +387,30 @@ static openssl_rsa_public_key_t *build(private_builder_t *this) */ static void add(private_builder_t *this, builder_part_t part, ...) { - va_list args; - - if (this->key) + if (!this->key) { - DBG1("ignoring surplus build part %N", builder_part_names, part); - return; - } + va_list args; + chunk_t chunk; - switch (part) - { - case BUILD_BLOB_ASN1_DER: + switch (part) { - va_start(args, part); - this->key = load(va_arg(args, chunk_t)); - va_end(args); - break; + case BUILD_BLOB_ASN1_DER: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load(chunk_clone(chunk)); + va_end(args); + return; + } + default: + break; } - default: - DBG1("ignoring unsupported build part %N", builder_part_names, part); - break; } + if (this->key) + { + destroy((private_openssl_rsa_public_key_t*)this->key); + } + builder_cancel(&this->public); } /** |