[svn-upgrade] Integrating new upstream version, strongswan (4.2.14)

12 files changed, 57 insertions, 28 deletions

diff --git a/src/libstrongswan/utils/backtrace.h b/src/libstrongswan/utils/backtrace.h
index 72effd01e..061d9f356 100644
--- a/src/libstrongswan/utils/backtrace.h
+++ b/src/libstrongswan/utils/backtrace.h
@@ -59,5 +59,4 @@ struct backtrace_t {
  */
 backtrace_t *backtrace_create(int skip);
 
-#endif /* BACKTRACE_H_ @}*/
-
+#endif /** BACKTRACE_H_ @}*/
diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/utils/enumerator.h
index d82f650db..98f300609 100644
--- a/src/libstrongswan/utils/enumerator.h
+++ b/src/libstrongswan/utils/enumerator.h
@@ -12,7 +12,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: enumerator.h 4142 2008-07-02 08:09:07Z martin $
+ * $Id: enumerator.h 5003 2009-03-24 17:43:01Z martin $
  */
  
 /**
@@ -122,7 +122,7 @@ enumerator_t* enumerator_create_token(char *string, char *sep, char *trim);
  * @return						the nested enumerator
  */
 enumerator_t *enumerator_create_nested(enumerator_t *outer,
-					enumerator_t *(inner_constructor)(void *outer, void *data),
+					enumerator_t *(*inner_constructor)(void *outer, void *data),
 					void *data, void (*destroy_data)(void *data));
 
 /**
@@ -157,4 +157,4 @@ enumerator_t *enumerator_create_filter(enumerator_t *unfiltered,
 enumerator_t *enumerator_create_cleaner(enumerator_t *wrapped,
 					void (*cleanup)(void *data), void *data);
 
-#endif /* ENUMERATOR_H_ @} */
+#endif /** ENUMERATOR_H_ @}*/
diff --git a/src/libstrongswan/utils/hashtable.h b/src/libstrongswan/utils/hashtable.h
index 3d3005e73..28804caf8 100644
--- a/src/libstrongswan/utils/hashtable.h
+++ b/src/libstrongswan/utils/hashtable.h
@@ -12,7 +12,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: hashtable.h 4762 2008-12-05 10:01:52Z martin $
+ * $Id: hashtable.h 5003 2009-03-24 17:43:01Z martin $
  */
 
 /**
@@ -113,4 +113,4 @@ struct hashtable_t {
 hashtable_t *hashtable_create(hashtable_hash_t hash, hashtable_equals_t equals,
 							  u_int capacity);
 
-#endif /* HASHTABLE_H_ @} */
+#endif /** HASHTABLE_H_ @}*/
diff --git a/src/libstrongswan/utils/host.h b/src/libstrongswan/utils/host.h
index 5f00872b8..0a2541d96 100644
--- a/src/libstrongswan/utils/host.h
+++ b/src/libstrongswan/utils/host.h
@@ -207,4 +207,4 @@ host_t *host_create_any(int family);
 int host_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
 					 const void *const *args);
 
-#endif /* HOST_H_ @}*/
+#endif /** HOST_H_ @}*/
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index ff97f3610..bce6b1cc2 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -14,7 +14,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: identification.c 4936 2009-03-12 18:07:32Z tobias $
+ * $Id: identification.c 5036 2009-03-26 13:25:46Z martin $
  */
 
 #define _GNU_SOURCE
@@ -716,6 +716,37 @@ static id_type_t get_type(private_identification_t *this)
 }
 
 /**
+ * Implementation of identification_t.contains_wildcards fro ID_DER_ASN1_DN.
+ */
+static bool contains_wildcards_dn(private_identification_t *this)
+{
+	chunk_t rdn, attribute;
+	chunk_t oid, value;
+	asn1_t type;
+	bool next;
+	
+	if (!init_rdn(this->encoded, &rdn, &attribute, &next))
+	{
+		return FALSE;
+	}	
+	/* fetch next RDN */
+	while (next)
+	{
+		/* parse next RDN and check for errors */
+		if (!get_next_rdn(&rdn, &attribute, &oid, &value, &type, &next))
+		{
+			return FALSE;
+		}
+		/* check if RDN is a wildcard */
+		if (value.len == 1 && *value.ptr == '*')
+		{
+			return TRUE;
+		}
+	}
+	return FALSE;
+}
+
+/**
  * Implementation of identification_t.contains_wildcards.
  */
 static bool contains_wildcards(private_identification_t *this)
@@ -728,10 +759,9 @@ static bool contains_wildcards(private_identification_t *this)
 		case ID_RFC822_ADDR:
 			return memchr(this->encoded.ptr, '*', this->encoded.len) != NULL;
 		case ID_DER_ASN1_DN:
-			/* TODO */
+			return contains_wildcards_dn(this);
 		default:
 			return FALSE;
-		
 	}
 }
 
diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h
index 070984490..2284b7b46 100644
--- a/src/libstrongswan/utils/identification.h
+++ b/src/libstrongswan/utils/identification.h
@@ -14,7 +14,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: identification.h 4936 2009-03-12 18:07:32Z tobias $
+ * $Id: identification.h 5003 2009-03-24 17:43:01Z martin $
  */
  
 /**
@@ -197,8 +197,8 @@ struct identification_t {
 	 * Check if an ID matches a wildcard ID.
 	 * 
 	 * An identification_t may contain wildcards, such as
-	 * *@strongswan.org. This call checks if a given ID
-	 * (e.g. tester@strongswan.org) belongs to a such wildcard
+	 * *.strongswan.org. This call checks if a given ID
+	 * (e.g. tester.strongswan.org) belongs to a such wildcard
 	 * ID. Returns > 0 if
 	 * - IDs are identical
 	 * - other is of type ID_ANY
@@ -243,7 +243,7 @@ struct identification_t {
  * The input string may be e.g. one of the following:
  * - ID_IPV4_ADDR:		192.168.0.1
  * - ID_IPV6_ADDR:		2001:0db8:85a3:08d3:1319:8a2e:0370:7345
- * - ID_FQDN:			@www.strongswan.org (@indicates FQDN)
+ * - ID_FQDN:			www.strongswan.org (optionally with a prepended @)
  * - ID_RFC822_ADDR:	alice@wonderland.org
  * - ID_DER_ASN1_DN:	C=CH, O=Linux strongSwan, CN=bob
  *
@@ -283,4 +283,4 @@ identification_t * identification_create_from_encoding(id_type_t type, chunk_t e
 int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
 							   const void *const *args);
 
-#endif /* IDENTIFICATION_H_ @} */
+#endif /** IDENTIFICATION_H_ @}*/
diff --git a/src/libstrongswan/utils/iterator.h b/src/libstrongswan/utils/iterator.h
index 28ee74cd6..02eb1b9c0 100644
--- a/src/libstrongswan/utils/iterator.h
+++ b/src/libstrongswan/utils/iterator.h
@@ -13,7 +13,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: iterator.h 4577 2008-11-05 08:37:09Z martin $
+ * $Id: iterator.h 5003 2009-03-24 17:43:01Z martin $
  */
  
 /**
@@ -113,4 +113,4 @@ struct iterator_t {
 	void (*destroy) (iterator_t *this);
 };
 
-#endif /*ITERATOR_H_ @} */
+#endif /** ITERATOR_H_ @}*/
diff --git a/src/libstrongswan/utils/leak_detective.h b/src/libstrongswan/utils/leak_detective.h
index 3773fb8e5..cd30dcd5f 100644
--- a/src/libstrongswan/utils/leak_detective.h
+++ b/src/libstrongswan/utils/leak_detective.h
@@ -44,5 +44,5 @@ struct leak_detective_t {
  */
 leak_detective_t *leak_detective_create();
 
-#endif /* LEAK_DETECTIVE_H_ @}*/
+#endif /** LEAK_DETECTIVE_H_ @}*/
 
diff --git a/src/libstrongswan/utils/lexparser.h b/src/libstrongswan/utils/lexparser.h
index c47f65718..6ae970e1e 100644
--- a/src/libstrongswan/utils/lexparser.h
+++ b/src/libstrongswan/utils/lexparser.h
@@ -13,7 +13,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: lexparser.h 4877 2009-02-18 09:45:54Z martin $
+ * $Id: lexparser.h 5003 2009-03-24 17:43:01Z martin $
  */
  
 /**
@@ -47,7 +47,7 @@ bool extract_token(chunk_t *token, const char termination, chunk_t *src);
 bool extract_token_str(chunk_t *token, const char *termination, chunk_t *src);
 
 /**
- *  Fetches a new text line terminated by \n or \r\n
+ *  Fetches a new text line terminated by \\n or \\r\\n
  */
 bool fetchline(chunk_t *src, chunk_t *line);
 
@@ -66,4 +66,4 @@ err_t extract_name_value(chunk_t *name, chunk_t *value, chunk_t *line);
  */
 err_t extract_parameter_value(chunk_t *name, chunk_t *value, chunk_t *line);
 
-#endif /* LEXPARSER_H_ @} */
+#endif /** LEXPARSER_H_ @}*/
diff --git a/src/libstrongswan/utils/linked_list.h b/src/libstrongswan/utils/linked_list.h
index ba47e7dfb..aa603fefa 100644
--- a/src/libstrongswan/utils/linked_list.h
+++ b/src/libstrongswan/utils/linked_list.h
@@ -14,7 +14,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: linked_list.h 4576 2008-11-05 08:32:38Z martin $
+ * $Id: linked_list.h 5003 2009-03-24 17:43:01Z martin $
  */
  
 /**
@@ -272,4 +272,4 @@ struct linked_list_t {
  */
 linked_list_t *linked_list_create(void);
 
-#endif /*LINKED_LIST_H_ @} */
+#endif /** LINKED_LIST_H_ @}*/
diff --git a/src/libstrongswan/utils/mutex.h b/src/libstrongswan/utils/mutex.h
index 4cdd96a99..46c939fb8 100644
--- a/src/libstrongswan/utils/mutex.h
+++ b/src/libstrongswan/utils/mutex.h
@@ -13,7 +13,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  * 
- * $Id: mutex.h 4697 2008-11-25 19:30:02Z tobias $
+ * $Id: mutex.h 5003 2009-03-24 17:43:01Z martin $
  */
 
 /**
@@ -185,4 +185,4 @@ condvar_t *condvar_create(condvar_type_t type);
  */
 rwlock_t *rwlock_create(rwlock_type_t type);
 
-#endif /* MUTEX_H_ @}*/
+#endif /** MUTEX_H_ @}*/
diff --git a/src/libstrongswan/utils/optionsfrom.h b/src/libstrongswan/utils/optionsfrom.h
index 424b9dc61..9372971ca 100644
--- a/src/libstrongswan/utils/optionsfrom.h
+++ b/src/libstrongswan/utils/optionsfrom.h
@@ -13,7 +13,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: optionsfrom.h 3589 2008-03-13 14:14:44Z martin $
+ * $Id: optionsfrom.h 5003 2009-03-24 17:43:01Z martin $
  */
  
 /**
@@ -56,4 +56,4 @@ struct options_t {
  */
 options_t *options_create(void);
 
-#endif /*OPTIONSFROM_H_ @} */
+#endif /** OPTIONSFROM_H_ @}*/