summaryrefslogtreecommitdiff
path: root/src/libstrongswan/utils
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2007-10-26 14:10:02 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2007-10-26 14:10:02 +0000
commit49104abddf3d71d5abf5cf75dc7f95fa6c55fa63 (patch)
tree28f7a72e5dec4abf908fd7874bdab776281310bc /src/libstrongswan/utils
parent7b0305f59ddab9ea026b202a8c569912e5bf9a90 (diff)
downloadvyos-strongswan-49104abddf3d71d5abf5cf75dc7f95fa6c55fa63.tar.gz
vyos-strongswan-49104abddf3d71d5abf5cf75dc7f95fa6c55fa63.zip
[svn-upgrade] Integrating new upstream version, strongswan (4.1.8)
Diffstat (limited to 'src/libstrongswan/utils')
-rw-r--r--src/libstrongswan/utils/enumerator.c44
-rw-r--r--src/libstrongswan/utils/enumerator.h57
-rw-r--r--src/libstrongswan/utils/identification.c49
-rw-r--r--src/libstrongswan/utils/leak_detective.c3
-rw-r--r--src/libstrongswan/utils/linked_list.c108
-rw-r--r--src/libstrongswan/utils/linked_list.h46
-rw-r--r--src/libstrongswan/utils/optionsfrom.c148
-rw-r--r--src/libstrongswan/utils/optionsfrom.h37
8 files changed, 463 insertions, 29 deletions
diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c
new file mode 100644
index 000000000..842a2e997
--- /dev/null
+++ b/src/libstrongswan/utils/enumerator.c
@@ -0,0 +1,44 @@
+/**
+ * @file enumerator.c
+ *
+ * @brief Implementation of enumerator_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "enumerator.h"
+
+
+/**
+ * Implementation of enumerator_create_empty().enumerate
+ */
+static bool enumerate_empty(enumerator_t *enumerator, ...)
+{
+ return FALSE;
+}
+
+/**
+ * See header
+ */
+enumerator_t* enumerator_create_empty()
+{
+ enumerator_t *this = malloc_thing(enumerator_t);
+ this->enumerate = enumerate_empty;
+ this->destroy = (void*)free;
+ return this;
+}
+
diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/utils/enumerator.h
new file mode 100644
index 000000000..df1d78206
--- /dev/null
+++ b/src/libstrongswan/utils/enumerator.h
@@ -0,0 +1,57 @@
+/**
+ * @file enumerator.h
+ *
+ * @brief Interface of enumerator_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef ENUMERATOR_H_
+#define ENUMERATOR_H_
+
+#include <library.h>
+
+typedef struct enumerator_t enumerator_t;
+
+/**
+ * @brief Enumerate is simpler, but more flexible than iterator.
+ */
+struct enumerator_t {
+
+ /**
+ * @brief Enumerate collection.
+ *
+ * The enumerate function takes a variable argument list containing
+ * pointers where the enumerated values get written.
+ *
+ * @param ... variable list of enumerated items, implementation dependant
+ * @return TRUE if pointers returned
+ */
+ bool (*enumerate)(enumerator_t *this, ...);
+
+ /**
+ * @brief Destroy a enumerator instance.
+ */
+ void (*destroy)(enumerator_t *this);
+};
+
+/**
+ * @brief Create an enumerator which enumerates over nothing
+ */
+enumerator_t* enumerator_create_empty();
+
+#endif /* ENUMERATOR_H_ */
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index ba0a76893..18f6d6824 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -19,6 +19,8 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
+ *
+ * RCSID $Id: identification.c 3256 2007-10-07 13:42:43Z andreas $
*/
#define _GNU_SOURCE
@@ -199,19 +201,6 @@ static void update_chunk(chunk_t *ch, int n)
}
/**
- * Prints a binary string in hexadecimal form
- */
-void hex_str(chunk_t bin, chunk_t *str)
-{
- u_int i;
- update_chunk(str, snprintf(str->ptr,str->len,"0x"));
- for (i = 0; i < bin.len; i++)
- {
- update_chunk(str, snprintf(str->ptr,str->len,"%02X",*bin.ptr++));
- }
-}
-
-/**
* Remove any malicious characters from a chunk. We are very restrictive, but
* whe use these strings only to present it to the user.
*/
@@ -402,9 +391,9 @@ static status_t dntoa(chunk_t dn, chunk_t *str)
/* print OID */
oid_code = known_oid(oid);
- if (oid_code == OID_UNKNOWN)
- { /* OID not found in list */
- hex_str(oid, str);
+ if (oid_code == OID_UNKNOWN)
+ {
+ update_chunk(str, snprintf(str->ptr,str->len,"0x#B", &oid));
}
else
{
@@ -467,12 +456,16 @@ static bool same_dn(chunk_t a, chunk_t b)
|| (type_a == ASN1_IA5STRING && known_oid(oid_a) == OID_PKCS9_EMAIL)))
{
if (strncasecmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ {
return FALSE;
+ }
}
else
{
- if (strncmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
- return FALSE;
+ if (!strneq(value_a.ptr, value_b.ptr, value_b.len))
+ {
+ return FALSE;
+ }
}
}
/* both DNs must have same number of RDNs */
@@ -540,12 +533,16 @@ bool match_dn(chunk_t a, chunk_t b, int *wildcards)
|| (type_a == ASN1_IA5STRING && known_oid(oid_a) == OID_PKCS9_EMAIL)))
{
if (strncasecmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ {
return FALSE;
+ }
}
else
{
- if (strncmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ if (!strneq(value_a.ptr, value_b.ptr, value_b.len))
+ {
return FALSE;
+ }
}
}
/* both DNs must have same number of RDNs */
@@ -931,7 +928,7 @@ static int print(FILE *stream, const struct printf_info *info,
case ID_FQDN:
{
proper = sanitize_chunk(this->encoded);
- written = fprintf(stream, "@%.*s", proper.len, proper.ptr);
+ written = fprintf(stream, "%.*s", proper.len, proper.ptr);
chunk_free(&proper);
return written;
}
@@ -1071,8 +1068,15 @@ identification_t *identification_create_from_string(char *string)
if (inet_pton(AF_INET, string, &address) <= 0)
{
- free(this);
- return NULL;
+ /* not IPv4, mostly FQDN */
+ this->type = ID_FQDN;
+ this->encoded.ptr = strdup(string);
+ this->encoded.len = strlen(string);
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_string;
+ this->public.equals = (bool (*)
+ (identification_t*,identification_t*))equals_strcasecmp;
+ return &(this->public);
}
this->encoded = chunk_clone(chunk);
this->type = ID_IPV4_ADDR;
@@ -1137,6 +1141,7 @@ identification_t *identification_create_from_string(char *string)
identification_t *identification_create_from_encoding(id_type_t type, chunk_t encoded)
{
private_identification_t *this = identification_create();
+
this->type = type;
switch (type)
{
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index a28ebba51..dab18fd5c 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -190,7 +190,8 @@ whitelist_t whitelist[] = {
{getprotobynumber, 291},
{getservbyport, 311},
{register_printf_function, 159},
- {syslog, 45},
+ {syslog, 44},
+ {vsyslog, 41},
{dlopen, 109},
# ifdef LIBCURL
/* from /usr/lib/libcurl.so.3 */
diff --git a/src/libstrongswan/utils/linked_list.c b/src/libstrongswan/utils/linked_list.c
index de52ea46a..5cd8ffd7a 100644
--- a/src/libstrongswan/utils/linked_list.c
+++ b/src/libstrongswan/utils/linked_list.c
@@ -6,6 +6,7 @@
*/
/*
+ * Copyright (C) 2007 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -140,6 +141,52 @@ struct private_iterator_t {
void *hook_param;
};
+typedef struct private_enumerator_t private_enumerator_t;
+
+/**
+ * linked lists enumerator implementation
+ */
+struct private_enumerator_t {
+
+ /**
+ * implements enumerator interface
+ */
+ enumerator_t enumerator;
+
+ /**
+ * next item to enumerate
+ */
+ element_t *next;
+};
+
+/**
+ * Implementation of private_enumerator_t.enumerator.enumerate.
+ */
+static bool enumerate(private_enumerator_t *this, void **item)
+{
+ if (this->next == NULL)
+ {
+ return FALSE;
+ }
+ *item = this->next->value;
+ this->next = this->next->next;
+ return TRUE;
+}
+
+/**
+ * Implementation of linked_list_t.create_enumerator.
+ */
+static enumerator_t* create_enumerator(private_linked_list_t *this)
+{
+ private_enumerator_t *enumerator = malloc_thing(private_enumerator_t);
+
+ enumerator->enumerator.enumerate = (void*)enumerate;
+ enumerator->enumerator.destroy = (void*)free;
+ enumerator->next = this->first;
+
+ return &enumerator->enumerator;
+}
+
/**
* Implementation of iterator_t.get_count.
*/
@@ -630,9 +677,9 @@ static status_t get_last(private_linked_list_t *this, void **item)
}
/**
- * Implementation of linked_list_t.invoke.
+ * Implementation of linked_list_t.invoke_offset.
*/
-static void invoke(private_linked_list_t *this, size_t offset)
+static void invoke_offset(private_linked_list_t *this, size_t offset)
{
element_t *current = this->first;
@@ -645,13 +692,62 @@ static void invoke(private_linked_list_t *this, size_t offset)
}
/**
+ * Implementation of linked_list_t.invoke_function.
+ */
+static void invoke_function(private_linked_list_t *this, void(*fn)(void*))
+{
+ element_t *current = this->first;
+
+ while (current)
+ {
+ fn(current->value);
+ current = current->next;
+ }
+}
+
+/**
+ * Implementation of linked_list_t.clone_offset
+ */
+static linked_list_t *clone_offset(private_linked_list_t *this, size_t offset)
+{
+ linked_list_t *clone = linked_list_create();
+ element_t *current = this->first;
+
+ while (current)
+ {
+ void* (**method)(void*) = current->value + offset;
+ clone->insert_last(clone, (*method)(current->value));
+ current = current->next;
+ }
+
+ return clone;
+}
+
+/**
+ * Implementation of linked_list_t.clone_function
+ */
+static linked_list_t *clone_function(private_linked_list_t *this, void* (*fn)(void*))
+{
+ linked_list_t *clone = linked_list_create();
+ element_t *current = this->first;
+
+ while (current)
+ {
+ clone->insert_last(clone, fn(current->value));
+ current = current->next;
+ }
+
+ return clone;
+}
+
+/**
* Implementation of linked_list_t.destroy.
*/
static void destroy(private_linked_list_t *this)
{
void *value;
/* Remove all list items before destroying list */
- while (this->public.remove_first(&(this->public), &value) == SUCCESS)
+ while (remove_first(this, &value) == SUCCESS)
{
/* values are not destroyed so memory leaks are possible
* if list is not empty when deleting */
@@ -744,6 +840,7 @@ linked_list_t *linked_list_create()
this->public.get_count = (int (*) (linked_list_t *)) get_count;
this->public.create_iterator = (iterator_t * (*) (linked_list_t *,bool))create_iterator;
this->public.create_iterator_locked = (iterator_t * (*) (linked_list_t *,pthread_mutex_t*))create_iterator_locked;
+ this->public.create_enumerator = (enumerator_t*(*)(linked_list_t*))create_enumerator;
this->public.get_first = (status_t (*) (linked_list_t *, void **item))get_first;
this->public.get_last = (status_t (*) (linked_list_t *, void **item))get_last;
this->public.insert_first = (void (*) (linked_list_t *, void *item))insert_first;
@@ -753,7 +850,10 @@ linked_list_t *linked_list_create()
this->public.insert_at_position = (status_t (*) (linked_list_t *,size_t, void *))insert_at_position;
this->public.remove_at_position = (status_t (*) (linked_list_t *,size_t, void **))remove_at_position;
this->public.get_at_position = (status_t (*) (linked_list_t *,size_t, void **))get_at_position;
- this->public.invoke = (void (*)(linked_list_t*,size_t))invoke;
+ this->public.invoke_offset = (void (*)(linked_list_t*,size_t))invoke_offset;
+ this->public.invoke_function = (void (*)(linked_list_t*,void(*)(void*)))invoke_function;
+ this->public.clone_offset = (linked_list_t * (*)(linked_list_t*,size_t))clone_offset;
+ this->public.clone_function = (linked_list_t * (*)(linked_list_t*,void*(*)(void*)))clone_function;
this->public.destroy = (void (*) (linked_list_t *))destroy;
this->public.destroy_offset = (void (*) (linked_list_t *,size_t))destroy_offset;
this->public.destroy_function = (void (*)(linked_list_t*,void(*)(void*)))destroy_function;
diff --git a/src/libstrongswan/utils/linked_list.h b/src/libstrongswan/utils/linked_list.h
index 58bcbbdaa..ebe5c187c 100644
--- a/src/libstrongswan/utils/linked_list.h
+++ b/src/libstrongswan/utils/linked_list.h
@@ -6,6 +6,7 @@
*/
/*
+ * Copyright (C) 2007 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -30,6 +31,7 @@ typedef struct linked_list_t linked_list_t;
#include <library.h>
#include <utils/iterator.h>
+#include <utils/enumerator.h>
/**
* @brief Class implementing a double linked list.
@@ -55,6 +57,9 @@ struct linked_list_t {
* @brief Creates a iterator for the given list.
*
* @warning Created iterator_t object has to get destroyed by the caller.
+ *
+ * @deprecated Iterator is obsolete and will disappear, it is too
+ * complicated to implement. Use enumerator instead.
*
* @param this calling object
* @param forward iterator direction (TRUE: front to end)
@@ -74,7 +79,18 @@ struct linked_list_t {
*/
iterator_t *(*create_iterator_locked) (linked_list_t *this,
pthread_mutex_t *mutex);
-
+
+ /**
+ * @brief Create an enumerator over the list.
+ *
+ * The enumerator is a "lightweight" iterator. It only has two methods
+ * and should therefore be much easier to implement.
+ *
+ * @param this calling object
+ * @return enumerator over list items
+ */
+ enumerator_t* (*create_enumerator)(linked_list_t *this);
+
/**
* @brief Inserts a new item at the beginning of the list.
*
@@ -183,7 +199,33 @@ struct linked_list_t {
* @param this calling object
* @param offset offset of the method to invoke on objects
*/
- void (*invoke) (linked_list_t *this, size_t offset);
+ void (*invoke_offset) (linked_list_t *this, size_t offset);
+
+ /**
+ * @brief Invoke a function on all of the contained objects.
+ *
+ * @param this calling object
+ * @param offset offset of the method to invoke on objects
+ */
+ void (*invoke_function) (linked_list_t *this, void (*)(void*));
+
+ /**
+ * @brief Clones a list and its objects using the objects' clone method.
+ *
+ * @param this calling object
+ * @param offset offset ot the objects clone function
+ * @return cloned list
+ */
+ linked_list_t *(*clone_offset) (linked_list_t *this, size_t offset);
+
+ /**
+ * @brief Clones a list and its objects using a given function.
+ *
+ * @param this calling object
+ * @param function function that clones an object
+ * @return cloned list
+ */
+ linked_list_t *(*clone_function) (linked_list_t *this, void*(*)(void*));
/**
* @brief Destroys a linked_list object.
diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c
new file mode 100644
index 000000000..ffa571b05
--- /dev/null
+++ b/src/libstrongswan/utils/optionsfrom.c
@@ -0,0 +1,148 @@
+/**
+ * @file optionsfrom.c
+ *
+ * @brief read command line options from a file
+ *
+ */
+
+/*
+ * Copyright (C) 1998, 1999 Henry Spencer.
+ *
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Library General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
+ * License for more details.
+ *
+ */
+
+#include <stdio.h>
+#include <errno.h>
+
+#include <library.h>
+#include <debug.h>
+#include <utils/lexparser.h>
+
+#include "optionsfrom.h"
+
+#define MAX_USES 20 /* loop-detection limit */
+#define SOME_ARGS 10 /* first guess at how many arguments we'll need */
+
+/*
+ * Defined in header.
+ */
+bool optionsfrom(const char *filename, int *argcp, char **argvp[], int optind)
+{
+ static int nuses = 0;
+ char **newargv;
+ int newargc;
+ int next; /* place for next argument */
+ int room; /* how many more new arguments we can hold */
+ size_t bytes;
+ chunk_t chunk, src, line, token;
+ bool good = TRUE;
+ int linepos = 0;
+ FILE *fd;
+
+ /* avoid endless loops with recursive --optionsfrom arguments */
+ nuses++;
+ if (nuses >= MAX_USES)
+ {
+ DBG1("optionsfrom called %d times - looping?", (*argvp)[0], nuses);
+ return FALSE;
+ }
+
+ fd = fopen(filename, "r");
+ if (fd == NULL)
+ {
+ DBG1("optionsfrom: unable to open file '%s': %s",
+ filename, strerror(errno));
+ return FALSE;
+ }
+
+ /* determine the file size */
+ fseek(fd, 0, SEEK_END);
+ chunk.len = ftell(fd);
+ rewind(fd);
+
+ /* allocate one byte more just in case of a missing final newline */
+ chunk.ptr = malloc(chunk.len + 1);
+
+ /* read the whole file into a chunk */
+ bytes = fread(chunk.ptr, 1, chunk.len, fd);
+ fclose(fd);
+
+ newargc = *argcp + SOME_ARGS;
+ newargv = malloc((newargc + 1) * sizeof(char *));
+ memcpy(newargv, *argvp, optind * sizeof(char *));
+ room = SOME_ARGS;
+ next = optind;
+ newargv[next] = NULL;
+
+ /* we keep the chunk pointer so that we can still free it */
+ src = chunk;
+
+ while (fetchline(&src, &line) && good)
+ {
+ linepos++;
+ while (eat_whitespace(&line))
+ {
+ if (*line.ptr == '"'|| *line.ptr == '\'')
+ {
+ char delimiter = *line.ptr;
+
+ line.ptr++;
+ line.len--;
+ if (!extract_token(&token, delimiter, &line))
+ {
+ DBG1("optionsfrom: missing terminator at %s:%d",
+ filename, linepos);
+ good = FALSE;
+ break;
+ }
+ }
+ else
+ {
+ if (!extract_token(&token, ' ', &line))
+ {
+ /* last token in a line */
+ token = line;
+ line.len = 0;
+ }
+ }
+
+ /* do we have to allocate more memory for additional arguments? */
+ if (room == 0)
+ {
+ newargc += SOME_ARGS;
+ newargv = realloc(newargv, (newargc+1) * sizeof(char *));
+ room = SOME_ARGS;
+ }
+
+ /* terminate the token by replacing the delimiter with a null character */
+ *(token.ptr + token.len) = '\0';
+
+ /* assign the token to the next argument */
+ newargv[next] = token.ptr;
+ next++;
+ room--;
+ }
+ }
+
+ if (!good) /* error of some kind */
+ {
+ free(chunk.ptr);
+ free(newargv);
+ return FALSE;
+ }
+
+ memcpy(newargv + next, *argvp + optind, (*argcp + 1 - optind) * sizeof(char *));
+ *argcp += next - optind;
+ *argvp = newargv;
+ return TRUE;
+}
+
diff --git a/src/libstrongswan/utils/optionsfrom.h b/src/libstrongswan/utils/optionsfrom.h
new file mode 100644
index 000000000..d6b9efde5
--- /dev/null
+++ b/src/libstrongswan/utils/optionsfrom.h
@@ -0,0 +1,37 @@
+/**
+ * @file optionsfrom.h
+ *
+ * @brief Read command line options from a file
+ *
+ */
+
+/*
+ * Copyright (C) 1998, 1999 Henry Spencer.
+ * Copyright (C) 2007 Andreas Steffen, Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef OPTIONSFROM_H_
+#define OPTIONSFROM_H_
+
+/**
+ * @brief Pick up more options from a file, in the middle of an option scan
+ *
+ * @param filename file containing the options
+ * @param argcp pointer to argc
+ * @param argvp pointer to argv[]
+ * @param optind current optind, number of next argument
+ * @return TRUE if optionsfrom parsing successful
+ */
+bool optionsfrom(const char *filename, int *argcp, char **argvp[], int optind);
+
+#endif /*OPTIONSFROM_H_*/