Imported Upstream version 4.5.1

8 files changed, 100 insertions, 47 deletions

diff --git a/src/libstrongswan/utils/backtrace.c b/src/libstrongswan/utils/backtrace.c
index a67245194..41224e8c2 100644
--- a/src/libstrongswan/utils/backtrace.c
+++ b/src/libstrongswan/utils/backtrace.c
@@ -132,10 +132,11 @@ static void log_(private_backtrace_t *this, FILE *file, bool detailed)
 /**
  * Implementation of backtrace_t.contains_function
  */
-static bool contains_function(private_backtrace_t *this, char *function)
+static bool contains_function(private_backtrace_t *this,
+							  char *function[], int count)
 {
 #ifdef HAVE_DLADDR
-	int i;
+	int i, j;
 
 	for (i = 0; i< this->frame_count; i++)
 	{
@@ -143,9 +144,12 @@ static bool contains_function(private_backtrace_t *this, char *function)
 
 		if (dladdr(this->frames[i], &info) && info.dli_sname)
 		{
-			if (streq(info.dli_sname, function))
+			for (j = 0; j < count; j++)
 			{
-				return TRUE;
+				if (streq(info.dli_sname, function[j]))
+				{
+					return TRUE;
+				}
 			}
 		}
 	}
@@ -179,7 +183,7 @@ backtrace_t *backtrace_create(int skip)
 	this->frame_count = frame_count;
 
 	this->public.log = (void(*)(backtrace_t*,FILE*,bool))log_;
-	this->public.contains_function = (bool(*)(backtrace_t*, char *function))contains_function;
+	this->public.contains_function = (bool(*)(backtrace_t*, char *function[], int count))contains_function;
 	this->public.destroy = (void(*)(backtrace_t*))destroy;
 
 	return &this->public;
diff --git a/src/libstrongswan/utils/backtrace.h b/src/libstrongswan/utils/backtrace.h
index c6b0ec78f..e8ccfc1bd 100644
--- a/src/libstrongswan/utils/backtrace.h
+++ b/src/libstrongswan/utils/backtrace.h
@@ -41,12 +41,13 @@ struct backtrace_t {
 	void (*log)(backtrace_t *this, FILE *file, bool detailed);
 
 	/**
-	 * Check if the backtrace contains a frame in a specific function.
+	 * Check if the backtrace contains a frame having a function in a list.
 	 *
-	 * @param		function name
-	 * @return		TRUE if function is in the stack
+	 * @param		function name array
+	 * @param		number of elements in function array
+	 * @return		TRUE if one of the functions is in the stack
 	 */
-	bool (*contains_function)(backtrace_t *this, char *function);
+	bool (*contains_function)(backtrace_t *this, char *function[], int count);
 
 	/**
 	 * Destroy a backtrace instance.
diff --git a/src/libstrongswan/utils/hashtable.c b/src/libstrongswan/utils/hashtable.c
index dde57dc65..49b0bb68c 100644
--- a/src/libstrongswan/utils/hashtable.c
+++ b/src/libstrongswan/utils/hashtable.c
@@ -186,7 +186,7 @@ static void rehash(private_hashtable_t *this)
 	linked_list_t **old_table;
 	u_int row, old_capacity;
 
-	if (this->capacity < MAX_CAPACITY)
+	if (this->capacity >= MAX_CAPACITY)
 	{
 		return;
 	}
@@ -249,6 +249,7 @@ METHOD(hashtable_t, put, void*,
 			{
 				old_value = pair->value;
 				pair->value = value;
+				pair->key = key;
 				break;
 			}
 		}
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c
index 112d07e5c..ffeebd05c 100644
--- a/src/libstrongswan/utils/host.c
+++ b/src/libstrongswan/utils/host.c
@@ -476,6 +476,10 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port)
 	{
 		return host_create_any_port(af ? af : AF_INET6, port);
 	}
+	if (af == AF_INET && strchr(string, ':'))
+	{	/* do not try to convert v6 addresses for v4 family */
+		return NULL;
+	}
 
 	memset(&hints, 0, sizeof(hints));
 	hints.ai_family = af;
@@ -564,6 +568,41 @@ host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port)
 /*
  * Described in header.
  */
+host_t *host_create_from_subnet(char *string, int *bits)
+{
+	char *pos, buf[64];
+	host_t *net;
+
+	pos = strchr(string, '/');
+	if (pos)
+	{
+		if (pos - string >= sizeof(buf))
+		{
+			return NULL;
+		}
+		strncpy(buf, string, pos - string);
+		buf[pos - string] = '\0';
+		*bits = atoi(pos + 1);
+		return host_create_from_string(buf, 0);
+	}
+	net = host_create_from_string(buf, 0);
+	if (net)
+	{
+		if (net->get_family(net) == AF_INET)
+		{
+			*bits = 32;
+		}
+		else
+		{
+			*bits = 128;
+		}
+	}
+	return net;
+}
+
+/*
+ * Described in header.
+ */
 host_t *host_create_any(int family)
 {
 	private_host_t *this = host_create_empty();
diff --git a/src/libstrongswan/utils/host.h b/src/libstrongswan/utils/host.h
index f5796154c..0a1be6e47 100644
--- a/src/libstrongswan/utils/host.h
+++ b/src/libstrongswan/utils/host.h
@@ -190,6 +190,15 @@ host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port);
 host_t *host_create_from_sockaddr(sockaddr_t *sockaddr);
 
 /**
+ * Create a host from a CIDR subnet definition (1.2.3.0/24), return bits.
+ *
+ * @param string		string to parse
+ * @param bits			gets the number of network bits in CIDR notation
+ * @return				network start address, NULL on error
+ */
+host_t *host_create_from_subnet(char *string, int *bits);
+
+/**
  * Create a host without an address, a "any" host.
  *
  * @param family		family of the any host
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index 0696c1030..fd2716deb 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -281,11 +281,13 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
 	chunk_t oid_data, data, printable;
 	u_char type;
 	int oid, written;
-	bool finished = FALSE;
+	bool finished = FALSE, empty = TRUE;
 
 	e = create_rdn_enumerator(dn);
 	while (e->enumerate(e, &oid_data, &type, &data))
 	{
+		empty = FALSE;
+
 		oid = asn1_known_oid(oid_data);
 
 		if (oid == OID_UNKNOWN)
@@ -329,7 +331,11 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
 			break;
 		}
 	}
-	if (!finished)
+	if (empty)
+	{
+		snprintf(buf, len, "");
+	}
+	else if (!finished)
 	{
 		snprintf(buf, len, "(invalid ID_DER_ASN1_DN)");
 	}
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 5673fc32d..52e92951b 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -218,25 +218,23 @@ char *whitelist[] = {
 	"gcry_create_nonce",
 	/* NSPR */
 	"PR_CallOnce",
+	/* libapr */
+	"apr_pool_create_ex",
+	/* glib */
+	"g_type_init_with_debug_flags",
+	"g_type_register_static",
+	"g_type_class_ref",
+	"g_type_create_instance",
+	"g_type_add_interface_static",
+	"g_type_interface_add_prerequisite",
+	"g_socket_connection_factory_lookup_type",
+	/* libgpg */
+	"gpg_err_init",
+	/* gnutls */
+	"gnutls_global_init",
 };
 
 /**
- * check if a stack frame contains functions listed above
- */
-static bool is_whitelisted(backtrace_t *backtrace)
-{
-	int i;
-	for (i = 0; i < sizeof(whitelist)/sizeof(char*); i++)
-	{
-		if (backtrace->contains_function(backtrace, whitelist[i]))
-		{
-			return TRUE;
-		}
-	}
-	return FALSE;
-}
-
-/**
  * Report leaks at library destruction
  */
 static void report(private_leak_detective_t *this, bool detailed)
@@ -248,7 +246,8 @@ static void report(private_leak_detective_t *this, bool detailed)
 
 		for (hdr = first_header.next; hdr != NULL; hdr = hdr->next)
 		{
-			if (is_whitelisted(hdr->backtrace))
+			if (hdr->backtrace->contains_function(hdr->backtrace,
+											whitelist, countof(whitelist)))
 			{
 				whitelisted++;
 			}
diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c
index d8f635c62..e51780290 100644
--- a/src/libstrongswan/utils/optionsfrom.c
+++ b/src/libstrongswan/utils/optionsfrom.c
@@ -61,11 +61,8 @@ struct private_options_t {
 	char *buffers[MAX_USES];
 };
 
-/**
- * Defined in header
- */
-bool from(private_options_t *this, char *filename, int *argcp, char **argvp[],
-		  int optind)
+METHOD(options_t, from, bool,
+	private_options_t *this, char *filename, int *argcp, char **argvp[], int optind)
 {
 	int newargc;
 	int next;			/* place for next argument */
@@ -182,10 +179,8 @@ bool from(private_options_t *this, char *filename, int *argcp, char **argvp[],
 	return good;
 }
 
-/**
- * Defined in header
- */
-void destroy(private_options_t *this)
+METHOD(options_t, destroy, void,
+	private_options_t *this)
 {
 	while (this->nuses >= 0)
 	{
@@ -200,17 +195,16 @@ void destroy(private_options_t *this)
  */
 options_t *options_create(void)
 {
-	private_options_t *this = malloc_thing(private_options_t);
+	private_options_t *this;
 
-	/* initialize */
-	this->newargv = NULL;
-	this->room = 0;
-	this->nuses = -1;
-	memset(this->buffers, '\0', MAX_USES);
+	INIT(this,
+		.public = {
+			.from = _from,
+			.destroy = _destroy,
 
-	/* public functions */
-	this->public.from = (bool (*) (options_t*,char*,int*,char***,int))from;
-	this->public.destroy = (void (*) (options_t*))destroy;
+		},
+		.nuses = -1,
+	);
 
 	return &this->public;
 }