summaryrefslogtreecommitdiff
path: root/src/starter
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
committerYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
commite1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (patch)
treeae0c8b5f4cd8289d0797882ea18969f33ea59a1e /src/starter
parent11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
downloadvyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.tar.gz
vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.zip
New upstream version 5.6.1
Diffstat (limited to 'src/starter')
-rw-r--r--src/starter/Makefile.am14
-rw-r--r--src/starter/Makefile.in16
-rw-r--r--src/starter/confread.c20
-rw-r--r--src/starter/keywords.c1
-rw-r--r--src/starter/keywords.h4
-rw-r--r--src/starter/keywords.h.in203
-rw-r--r--src/starter/keywords.txt1
-rw-r--r--src/starter/tests/Makefile.in2
8 files changed, 236 insertions, 25 deletions
diff --git a/src/starter/Makefile.am b/src/starter/Makefile.am
index a3c58126e..457c0650e 100644
--- a/src/starter/Makefile.am
+++ b/src/starter/Makefile.am
@@ -39,15 +39,21 @@ starter_LDADD = \
libstarter.la \
$(SOCKLIB) $(PTHREADLIB) $(ATOMICLIB)
-EXTRA_DIST = keywords.txt ipsec.conf ipsec.secrets Android.mk
-MAINTAINERCLEANFILES = keywords.c
-BUILT_SOURCES = keywords.c parser/parser.h
+EXTRA_DIST = keywords.h.in keywords.txt ipsec.conf ipsec.secrets Android.mk
+MAINTAINERCLEANFILES = keywords.h keywords.c
+BUILT_SOURCES = keywords.h keywords.c parser/parser.h
if USE_LOAD_WARNING
AM_CPPFLAGS += -DLOAD_WARNING
endif
-keywords.c: $(srcdir)/keywords.txt $(srcdir)/keywords.h
+keywords.h: $(srcdir)/keywords.h.in
+ $(AM_V_GEN) \
+ sed \
+ -e "s:\@GPERF_LEN_TYPE\@:$(GPERF_LEN_TYPE):" \
+ $< > $@
+
+keywords.c: $(srcdir)/keywords.txt keywords.h
$(AM_V_GEN) \
$(GPERF) -m 10 -C -G -D -t < $(srcdir)/keywords.txt > $@
diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in
index 2fa22ae97..80fd2c68d 100644
--- a/src/starter/Makefile.in
+++ b/src/starter/Makefile.in
@@ -289,9 +289,11 @@ ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
+FUZZING_LDFLAGS = @FUZZING_LDFLAGS@
GEM = @GEM@
GENHTML = @GENHTML@
GPERF = @GPERF@
+GPERF_LEN_TYPE = @GPERF_LEN_TYPE@
GPRBUILD = @GPRBUILD@
GREP = @GREP@
INSTALL = @INSTALL@
@@ -524,9 +526,9 @@ starter_LDADD = \
libstarter.la \
$(SOCKLIB) $(PTHREADLIB) $(ATOMICLIB)
-EXTRA_DIST = keywords.txt ipsec.conf ipsec.secrets Android.mk
-MAINTAINERCLEANFILES = keywords.c
-BUILT_SOURCES = keywords.c parser/parser.h
+EXTRA_DIST = keywords.h.in keywords.txt ipsec.conf ipsec.secrets Android.mk
+MAINTAINERCLEANFILES = keywords.h keywords.c
+BUILT_SOURCES = keywords.h keywords.c parser/parser.h
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -995,7 +997,13 @@ uninstall-am: uninstall-ipsecPROGRAMS
.PRECIOUS: Makefile
-keywords.c: $(srcdir)/keywords.txt $(srcdir)/keywords.h
+keywords.h: $(srcdir)/keywords.h.in
+ $(AM_V_GEN) \
+ sed \
+ -e "s:\@GPERF_LEN_TYPE\@:$(GPERF_LEN_TYPE):" \
+ $< > $@
+
+keywords.c: $(srcdir)/keywords.txt keywords.h
$(AM_V_GEN) \
$(GPERF) -m 10 -C -G -D -t < $(srcdir)/keywords.txt > $@
diff --git a/src/starter/confread.c b/src/starter/confread.c
index f98fc8936..f154f8951 100644
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@@ -40,17 +40,9 @@
#define SA_REPLACEMENT_RETRIES_DEFAULT 3
#define SA_REPLAY_WINDOW_DEFAULT -1 /* use charon.replay_window */
-static const char ike_defaults[] = "aes128-sha256-curve25519";
-static const char esp_defaults[] = "aes128-sha256";
-
static const char firewall_defaults[] = IPSEC_SCRIPT " _updown iptables";
/**
- * Provided by GPERF
- */
-extern kw_entry_t *in_word_set (char *str, unsigned int len);
-
-/**
* Process deprecated keywords
*/
static bool is_deprecated(kw_token_t token, char *name, char *conn)
@@ -95,7 +87,7 @@ static void load_setup(starter_config_t *cfg, conf_parser_t *parser)
{
enumerator_t *enumerator;
dictionary_t *dict;
- kw_entry_t *entry;
+ const kw_entry_t *entry;
char *key, *value;
DBG2(DBG_APP, "Loading config setup");
@@ -146,7 +138,7 @@ static void load_ca(starter_ca_t *ca, starter_config_t *cfg,
{
enumerator_t *enumerator;
dictionary_t *dict;
- kw_entry_t *entry;
+ const kw_entry_t *entry;
kw_token_t token;
char *key, *value;
@@ -211,7 +203,6 @@ static void conn_defaults(starter_conn_t *conn)
conn->mode = MODE_TUNNEL;
conn->options = SA_OPTION_MOBIKE;
- conn->ike = strdupnull(ike_defaults);
/* esp defaults are set after parsing the conn section */
conn->sa_ike_life_seconds = IKE_LIFETIME_DEFAULT;
conn->sa_ipsec_life_seconds = IPSEC_LIFETIME_DEFAULT;
@@ -559,7 +550,7 @@ static void load_conn(starter_conn_t *conn, starter_config_t *cfg,
{
enumerator_t *enumerator;
dictionary_t *dict;
- kw_entry_t *entry;
+ const kw_entry_t *entry;
kw_token_t token;
char *key, *value;
@@ -627,11 +618,6 @@ static void load_conn(starter_conn_t *conn, starter_config_t *cfg,
handle_firewall("left", &conn->left, cfg);
handle_firewall("right", &conn->right, cfg);
-
- if (!conn->esp && !conn->ah)
- {
- conn->esp = strdupnull(esp_defaults);
- }
}
/*
diff --git a/src/starter/keywords.c b/src/starter/keywords.c
index 505b66010..0e2d0fb4b 100644
--- a/src/starter/keywords.c
+++ b/src/starter/keywords.c
@@ -47,6 +47,7 @@ error "gperf generated tables don't work with this execution character set. Plea
#include <string.h>
+#define IN_GPERF_GENERATED_FILE
#include "keywords.h"
struct kw_entry {
diff --git a/src/starter/keywords.h b/src/starter/keywords.h
index 0cb46a740..27d16b0b8 100644
--- a/src/starter/keywords.h
+++ b/src/starter/keywords.h
@@ -196,4 +196,8 @@ struct kw_entry_t {
kw_token_t token;
};
+#ifndef IN_GPERF_GENERATED_FILE
+const kw_entry_t *in_word_set(register const char*, register unsigned);
+#endif
+
#endif /* _KEYWORDS_H_ */
diff --git a/src/starter/keywords.h.in b/src/starter/keywords.h.in
new file mode 100644
index 000000000..d2b08f2cf
--- /dev/null
+++ b/src/starter/keywords.h.in
@@ -0,0 +1,203 @@
+/*
+ * Copyright (C) 2005 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil, Switzerland
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef _KEYWORDS_H_
+#define _KEYWORDS_H_
+
+typedef enum kw_token_t kw_token_t;
+typedef struct kw_entry_t kw_entry_t;
+
+enum kw_token_t {
+ /* config setup keywords */
+ KW_CHARONDEBUG,
+ KW_UNIQUEIDS,
+ KW_CACHECRLS,
+ KW_STRICTCRLPOLICY,
+ KW_PKCS11_DEPRECATED,
+ KW_SETUP_DEPRECATED,
+
+#define KW_SETUP_FIRST KW_CHARONDEBUG
+#define KW_SETUP_LAST KW_SETUP_DEPRECATED
+
+ /* conn section keywords */
+ KW_CONN_NAME,
+ KW_CONN_SETUP,
+ KW_KEYEXCHANGE,
+ KW_TYPE,
+ KW_COMPRESS,
+ KW_INSTALLPOLICY,
+ KW_AGGRESSIVE,
+ KW_AUTHBY,
+ KW_EAP_IDENTITY,
+ KW_AAA_IDENTITY,
+ KW_MOBIKE,
+ KW_FORCEENCAPS,
+ KW_FRAGMENTATION,
+ KW_IKEDSCP,
+ KW_IKELIFETIME,
+ KW_KEYLIFE,
+ KW_REKEYMARGIN,
+ KW_LIFEBYTES,
+ KW_MARGINBYTES,
+ KW_LIFEPACKETS,
+ KW_MARGINPACKETS,
+ KW_KEYINGTRIES,
+ KW_REKEYFUZZ,
+ KW_REKEY,
+ KW_REAUTH,
+ KW_IKE,
+ KW_ESP,
+ KW_AH,
+ KW_DPDDELAY,
+ KW_DPDTIMEOUT,
+ KW_DPDACTION,
+ KW_CLOSEACTION,
+ KW_SHA256_96,
+ KW_INACTIVITY,
+ KW_MODECONFIG,
+ KW_XAUTH,
+ KW_XAUTH_IDENTITY,
+ KW_MEDIATION,
+ KW_MEDIATED_BY,
+ KW_ME_PEERID,
+ KW_REQID,
+ KW_REPLAY_WINDOW,
+ KW_MARK,
+ KW_MARK_IN,
+ KW_MARK_OUT,
+ KW_TFC,
+ KW_PFS_DEPRECATED,
+ KW_CONN_DEPRECATED,
+
+#define KW_CONN_FIRST KW_CONN_SETUP
+#define KW_CONN_LAST KW_CONN_DEPRECATED
+
+ /* ca section keywords */
+ KW_CA_NAME,
+ KW_CA_SETUP,
+ KW_CACERT,
+ KW_CRLURI,
+ KW_CRLURI2,
+ KW_OCSPURI,
+ KW_OCSPURI2,
+ KW_CERTURIBASE,
+ KW_CA_DEPRECATED,
+
+#define KW_CA_FIRST KW_CA_SETUP
+#define KW_CA_LAST KW_CA_DEPRECATED
+
+ /* end keywords */
+ KW_HOST,
+ KW_IKEPORT,
+ KW_SUBNET,
+ KW_PROTOPORT,
+ KW_SOURCEIP,
+ KW_DNS,
+ KW_FIREWALL,
+ KW_HOSTACCESS,
+ KW_ALLOWANY,
+ KW_UPDOWN,
+ KW_AUTH1,
+ KW_AUTH2,
+ KW_ID,
+ KW_ID2,
+ KW_SIGKEY,
+ KW_CERT,
+ KW_CERT2,
+ KW_CERTPOLICY,
+ KW_SENDCERT,
+ KW_CA,
+ KW_CA2,
+ KW_GROUPS,
+ KW_GROUPS2,
+ KW_END_DEPRECATED,
+
+#define KW_END_FIRST KW_HOST
+#define KW_END_LAST KW_END_DEPRECATED
+
+ /* left end keywords */
+ KW_LEFT,
+ KW_LEFTIKEPORT,
+ KW_LEFTSUBNET,
+ KW_LEFTPROTOPORT,
+ KW_LEFTSOURCEIP,
+ KW_LEFTDNS,
+ KW_LEFTFIREWALL,
+ KW_LEFTHOSTACCESS,
+ KW_LEFTALLOWANY,
+ KW_LEFTUPDOWN,
+ KW_LEFTAUTH,
+ KW_LEFTAUTH2,
+ KW_LEFTID,
+ KW_LEFTID2,
+ KW_LEFTSIGKEY,
+ KW_LEFTCERT,
+ KW_LEFTCERT2,
+ KW_LEFTCERTPOLICY,
+ KW_LEFTSENDCERT,
+ KW_LEFTCA,
+ KW_LEFTCA2,
+ KW_LEFTGROUPS,
+ KW_LEFTGROUPS2,
+ KW_LEFT_DEPRECATED,
+
+#define KW_LEFT_FIRST KW_LEFT
+#define KW_LEFT_LAST KW_LEFT_DEPRECATED
+
+ /* right end keywords */
+ KW_RIGHT,
+ KW_RIGHTIKEPORT,
+ KW_RIGHTSUBNET,
+ KW_RIGHTPROTOPORT,
+ KW_RIGHTSOURCEIP,
+ KW_RIGHTDNS,
+ KW_RIGHTFIREWALL,
+ KW_RIGHTHOSTACCESS,
+ KW_RIGHTALLOWANY,
+ KW_RIGHTUPDOWN,
+ KW_RIGHTAUTH,
+ KW_RIGHTAUTH2,
+ KW_RIGHTID,
+ KW_RIGHTID2,
+ KW_RIGHTSIGKEY,
+ KW_RIGHTCERT,
+ KW_RIGHTCERT2,
+ KW_RIGHTCERTPOLICY,
+ KW_RIGHTSENDCERT,
+ KW_RIGHTCA,
+ KW_RIGHTCA2,
+ KW_RIGHTGROUPS,
+ KW_RIGHTGROUPS2,
+ KW_RIGHT_DEPRECATED,
+
+#define KW_RIGHT_FIRST KW_RIGHT
+#define KW_RIGHT_LAST KW_RIGHT_DEPRECATED
+
+ /* general section keywords */
+ KW_ALSO,
+ KW_AUTO,
+
+};
+
+struct kw_entry_t {
+ char *name;
+ kw_token_t token;
+};
+
+#ifndef IN_GPERF_GENERATED_FILE
+const kw_entry_t *in_word_set(register const char*, register @GPERF_LEN_TYPE@);
+#endif
+
+#endif /* _KEYWORDS_H_ */
diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt
index 3f92dc83f..dd673bc7a 100644
--- a/src/starter/keywords.txt
+++ b/src/starter/keywords.txt
@@ -16,6 +16,7 @@
#include <string.h>
+#define IN_GPERF_GENERATED_FILE
#include "keywords.h"
%}
diff --git a/src/starter/tests/Makefile.in b/src/starter/tests/Makefile.in
index fc5b86397..ce0c7b43c 100644
--- a/src/starter/tests/Makefile.in
+++ b/src/starter/tests/Makefile.in
@@ -241,9 +241,11 @@ ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
+FUZZING_LDFLAGS = @FUZZING_LDFLAGS@
GEM = @GEM@
GENHTML = @GENHTML@
GPERF = @GPERF@
+GPERF_LEN_TYPE = @GPERF_LEN_TYPE@
GPRBUILD = @GPRBUILD@
GREP = @GREP@
INSTALL = @INSTALL@