summaryrefslogtreecommitdiff
path: root/src/starter
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-05-30 20:59:31 +0200
committerYves-Alexis Perez <corsac@corsac.net>2017-05-30 20:59:31 +0200
commitbba25e2ff6c4a193acb54560ea4417537bd2954e (patch)
tree9e074fe343f9ab6f5ce1e9c5142d9a6cf180fcda /src/starter
parent05ddd767992d68bb38c7f16ece142e8c2e9ae016 (diff)
downloadvyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.tar.gz
vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.zip
New upstream version 5.5.3
Diffstat (limited to 'src/starter')
-rw-r--r--src/starter/Makefile.in2
-rw-r--r--src/starter/args.c2
-rw-r--r--src/starter/confread.h3
-rw-r--r--src/starter/keywords.c33
-rw-r--r--src/starter/keywords.h1
-rw-r--r--src/starter/keywords.txt1
-rw-r--r--src/starter/parser/conf_parser.c55
-rw-r--r--src/starter/starterstroke.c1
-rw-r--r--src/starter/tests/Makefile.in2
9 files changed, 68 insertions, 32 deletions
diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in
index 3c89b0c77..97a0713c3 100644
--- a/src/starter/Makefile.in
+++ b/src/starter/Makefile.in
@@ -400,6 +400,7 @@ docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
gtk_CFLAGS = @gtk_CFLAGS@
gtk_LIBS = @gtk_LIBS@
host = @host@
@@ -422,6 +423,7 @@ json_CFLAGS = @json_CFLAGS@
json_LIBS = @json_LIBS@
libdir = @libdir@
libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
libiptc_CFLAGS = @libiptc_CFLAGS@
libiptc_LIBS = @libiptc_LIBS@
linux_headers = @linux_headers@
diff --git a/src/starter/args.c b/src/starter/args.c
index 0874cc7e5..477a52082 100644
--- a/src/starter/args.c
+++ b/src/starter/args.c
@@ -110,6 +110,7 @@ static const char *LST_authby[] = {
static const char *LST_fragmentation[] = {
"no",
+ "accept",
"yes",
"force",
NULL
@@ -164,6 +165,7 @@ static const token_info_t token_info[] =
{ ARG_TIME, offsetof(starter_conn_t, dpd_timeout), NULL },
{ ARG_ENUM, offsetof(starter_conn_t, dpd_action), LST_dpd_action },
{ ARG_ENUM, offsetof(starter_conn_t, close_action), LST_dpd_action },
+ { ARG_ENUM, offsetof(starter_conn_t, sha256_96), LST_bool },
{ ARG_TIME, offsetof(starter_conn_t, inactivity), NULL },
{ ARG_MISC, 0, NULL /* KW_MODECONFIG */ },
{ ARG_MISC, 0, NULL /* KW_XAUTH */ },
diff --git a/src/starter/confread.h b/src/starter/confread.h
index 45f34ce23..8ee730daa 100644
--- a/src/starter/confread.h
+++ b/src/starter/confread.h
@@ -65,6 +65,7 @@ typedef enum {
typedef enum {
/* same as in ike_cfg.h */
FRAGMENTATION_NO,
+ FRAGMENTATION_ACCEPT,
FRAGMENTATION_YES,
FRAGMENTATION_FORCE,
} fragmentation_t;
@@ -161,6 +162,8 @@ struct starter_conn {
dpd_action_t close_action;
+ bool sha256_96;
+
time_t inactivity;
bool me_mediation;
diff --git a/src/starter/keywords.c b/src/starter/keywords.c
index 762c5d947..505b66010 100644
--- a/src/starter/keywords.c
+++ b/src/starter/keywords.c
@@ -54,7 +54,7 @@ struct kw_entry {
kw_token_t token;
};
-#define TOTAL_KEYWORDS 139
+#define TOTAL_KEYWORDS 140
#define MIN_WORD_LENGTH 2
#define MAX_WORD_LENGTH 17
#define MIN_HASH_VALUE 9
@@ -80,7 +80,7 @@ hash (str, len)
258, 258, 258, 258, 258, 258, 258, 258, 258, 258,
258, 258, 258, 258, 258, 258, 258, 258, 258, 258,
258, 258, 258, 258, 258, 258, 258, 258, 258, 14,
- 129, 258, 258, 258, 258, 258, 258, 258, 258, 258,
+ 129, 258, 258, 258, 4, 258, 258, 258, 258, 258,
258, 258, 258, 258, 258, 258, 258, 258, 258, 258,
258, 258, 258, 258, 258, 258, 258, 258, 258, 258,
258, 258, 258, 258, 258, 258, 258, 258, 258, 258,
@@ -202,6 +202,7 @@ static const struct kw_entry wordlist[] =
{"klipsdebug", KW_SETUP_DEPRECATED},
{"ldapbase", KW_CA_DEPRECATED},
{"overridemtu", KW_SETUP_DEPRECATED},
+ {"sha256_96", KW_SHA256_96},
{"ocspuri1", KW_OCSPURI},
{"dpdtimeout", KW_DPDTIMEOUT},
{"aaa_identity", KW_AAA_IDENTITY},
@@ -278,20 +279,20 @@ static const short lookup[] =
48, 49, 50, 51, 52, 53, 54, 55, 56, 57,
58, 59, -1, -1, 60, 61, 62, -1, 63, -1,
64, -1, 65, 66, 67, 68, 69, 70, 71, 72,
- -1, 73, 74, 75, 76, 77, 78, -1, 79, -1,
- -1, 80, 81, -1, 82, -1, -1, 83, 84, 85,
- 86, 87, 88, -1, 89, -1, 90, 91, -1, 92,
- 93, -1, 94, 95, -1, 96, -1, -1, 97, 98,
- 99, 100, -1, 101, -1, 102, 103, 104, -1, 105,
- 106, 107, 108, 109, 110, 111, 112, 113, 114, 115,
- -1, 116, -1, 117, -1, 118, -1, -1, 119, 120,
- -1, -1, -1, -1, -1, 121, -1, 122, -1, 123,
- 124, 125, -1, -1, -1, -1, -1, 126, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, 127, -1,
- -1, 128, 129, -1, 130, -1, 131, -1, -1, -1,
- -1, -1, -1, 132, -1, 133, -1, 134, 135, -1,
- -1, -1, -1, 136, -1, -1, -1, -1, -1, -1,
- 137, -1, -1, -1, -1, -1, -1, 138
+ -1, 73, 74, 75, 76, 77, 78, 79, 80, -1,
+ -1, 81, 82, -1, 83, -1, -1, 84, 85, 86,
+ 87, 88, 89, -1, 90, -1, 91, 92, -1, 93,
+ 94, -1, 95, 96, -1, 97, -1, -1, 98, 99,
+ 100, 101, -1, 102, -1, 103, 104, 105, -1, 106,
+ 107, 108, 109, 110, 111, 112, 113, 114, 115, 116,
+ -1, 117, -1, 118, -1, 119, -1, -1, 120, 121,
+ -1, -1, -1, -1, -1, 122, -1, 123, -1, 124,
+ 125, 126, -1, -1, -1, -1, -1, 127, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, 128, -1,
+ -1, 129, 130, -1, 131, -1, 132, -1, -1, -1,
+ -1, -1, -1, 133, -1, 134, -1, 135, 136, -1,
+ -1, -1, -1, 137, -1, -1, -1, -1, -1, -1,
+ 138, -1, -1, -1, -1, -1, -1, 139
};
#ifdef __GNUC__
diff --git a/src/starter/keywords.h b/src/starter/keywords.h
index 94af493f8..0cb46a740 100644
--- a/src/starter/keywords.h
+++ b/src/starter/keywords.h
@@ -64,6 +64,7 @@ enum kw_token_t {
KW_DPDTIMEOUT,
KW_DPDACTION,
KW_CLOSEACTION,
+ KW_SHA256_96,
KW_INACTIVITY,
KW_MODECONFIG,
KW_XAUTH,
diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt
index ee0bd31e1..3f92dc83f 100644
--- a/src/starter/keywords.txt
+++ b/src/starter/keywords.txt
@@ -61,6 +61,7 @@ dpddelay, KW_DPDDELAY
dpdtimeout, KW_DPDTIMEOUT
dpdaction, KW_DPDACTION
closeaction, KW_CLOSEACTION
+sha256_96, KW_SHA256_96
inactivity, KW_INACTIVITY
modeconfig, KW_MODECONFIG
xauth, KW_XAUTH
diff --git a/src/starter/parser/conf_parser.c b/src/starter/parser/conf_parser.c
index 6d1c54d20..66e0ae8e4 100644
--- a/src/starter/parser/conf_parser.c
+++ b/src/starter/parser/conf_parser.c
@@ -158,10 +158,13 @@ typedef struct {
} dictionary_enumerator_t;
METHOD(enumerator_t, dictionary_enumerate, bool,
- dictionary_enumerator_t *this, char **key, char **value)
+ dictionary_enumerator_t *this, va_list args)
{
setting_t *setting;
section_t *parent;
+ char **key, **value;
+
+ VA_ARGS_VGET(args, key, value);
while (TRUE)
{
@@ -221,7 +224,8 @@ METHOD(dictionary_t, dictionary_create_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_dictionary_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _dictionary_enumerate,
.destroy = _dictionary_enumerator_destroy,
},
.seen = hashtable_create(hashtable_hash_str, hashtable_equals_str, 8),
@@ -290,24 +294,43 @@ static dictionary_t *section_dictionary_create(private_conf_parser_t *parser,
return &this->public;
}
-static bool conn_filter(void *unused, section_t **section, char **name)
+CALLBACK(conn_filter, bool,
+ void *unused, enumerator_t *orig, va_list args)
{
- if (streq((*section)->name, "%default"))
+ section_t *section;
+ char **name;
+
+ VA_ARGS_VGET(args, name);
+
+ while (orig->enumerate(orig, &section))
{
- return FALSE;
+ if (!streq(section->name, "%default"))
+ {
+ *name = section->name;
+ return TRUE;
+ }
}
- *name = (*section)->name;
- return TRUE;
+ return FALSE;
}
-static bool ca_filter(void *unused, void *key, char **name, section_t **section)
+CALLBACK(ca_filter, bool,
+ void *unused, enumerator_t *orig, va_list args)
{
- if (streq((*section)->name, "%default"))
+ void *key;
+ section_t *section;
+ char **name;
+
+ VA_ARGS_VGET(args, name);
+
+ while (orig->enumerate(orig, &key, &section))
{
- return FALSE;
+ if (!streq(section->name, "%default"))
+ {
+ *name = section->name;
+ return TRUE;
+ }
}
- *name = (*section)->name;
- return TRUE;
+ return FALSE;
}
METHOD(conf_parser_t, get_sections, enumerator_t*,
@@ -317,12 +340,12 @@ METHOD(conf_parser_t, get_sections, enumerator_t*,
{
case CONF_PARSER_CONN:
return enumerator_create_filter(
- array_create_enumerator(this->conns_order),
- (void*)conn_filter, NULL, NULL);
+ array_create_enumerator(this->conns_order),
+ conn_filter, NULL, NULL);
case CONF_PARSER_CA:
return enumerator_create_filter(
- this->cas->create_enumerator(this->cas),
- (void*)ca_filter, NULL, NULL);
+ this->cas->create_enumerator(this->cas),
+ ca_filter, NULL, NULL);
case CONF_PARSER_CONFIG_SETUP:
default:
return enumerator_create_empty();
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index b92c00c87..90af9372a 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -220,6 +220,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
msg->add_conn.dpd.timeout = conn->dpd_timeout;
msg->add_conn.dpd.action = conn->dpd_action;
msg->add_conn.close_action = conn->close_action;
+ msg->add_conn.sha256_96 = conn->sha256_96;
msg->add_conn.inactivity = conn->inactivity;
msg->add_conn.ikeme.mediation = conn->me_mediation;
push_string(&msg, add_conn.ikeme.mediated_by, conn->me_mediated_by);
diff --git a/src/starter/tests/Makefile.in b/src/starter/tests/Makefile.in
index 8e9028a7e..6ce8bdaee 100644
--- a/src/starter/tests/Makefile.in
+++ b/src/starter/tests/Makefile.in
@@ -352,6 +352,7 @@ docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
gtk_CFLAGS = @gtk_CFLAGS@
gtk_LIBS = @gtk_LIBS@
host = @host@
@@ -374,6 +375,7 @@ json_CFLAGS = @json_CFLAGS@
json_LIBS = @json_LIBS@
libdir = @libdir@
libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
libiptc_CFLAGS = @libiptc_CFLAGS@
libiptc_LIBS = @libiptc_LIBS@
linux_headers = @linux_headers@