summaryrefslogtreecommitdiff
path: root/src/stroke
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2009-06-23 11:25:24 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2009-06-23 11:25:24 +0000
commit41787e147279ff0695e9d759487266a60b80867b (patch)
tree8f28566c8fd7106c80d2536d2df540dbb4499cc5 /src/stroke
parentc3e7f611ea8273c6b3909cb006ade4903a74aad0 (diff)
downloadvyos-strongswan-41787e147279ff0695e9d759487266a60b80867b.tar.gz
vyos-strongswan-41787e147279ff0695e9d759487266a60b80867b.zip
[svn-upgrade] Integrating new upstream version, strongswan (4.3.2)
Diffstat (limited to 'src/stroke')
-rw-r--r--src/stroke/Makefile.am5
-rw-r--r--src/stroke/Makefile.in32
-rw-r--r--src/stroke/stroke.c14
-rw-r--r--src/stroke/stroke_keywords.c130
-rw-r--r--src/stroke/stroke_keywords.h3
-rw-r--r--src/stroke/stroke_keywords.txt3
-rw-r--r--src/stroke/stroke_msg.h11
7 files changed, 110 insertions, 88 deletions
diff --git a/src/stroke/Makefile.am b/src/stroke/Makefile.am
index df20252e2..afca95fce 100644
--- a/src/stroke/Makefile.am
+++ b/src/stroke/Makefile.am
@@ -3,8 +3,9 @@ ipsec_PROGRAMS = stroke
stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
INCLUDES = -I$(top_srcdir)/src/libstrongswan
EXTRA_DIST = stroke_keywords.txt
+BUILT_SOURCES = stroke_keywords.c
MAINTAINERCLEANFILES = stroke_keywords.c
AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\"
-stroke_keywords.c: stroke_keywords.txt stroke_keywords.h
- $(GPERF) -C -G -t < $< > $@
+stroke_keywords.c: $(srcdir)/stroke_keywords.txt $(srcdir)/stroke_keywords.h
+ $(GPERF) -m 10 -D -C -G -t < $(srcdir)/stroke_keywords.txt > $@
diff --git a/src/stroke/Makefile.in b/src/stroke/Makefile.in
index 0d78d9425..dde80348e 100644
--- a/src/stroke/Makefile.in
+++ b/src/stroke/Makefile.in
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.10.1 from Makefile.am.
+# Makefile.in generated by automake 1.10.2 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -79,6 +79,7 @@ CPPFLAGS = @CPPFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -101,6 +102,9 @@ LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@
+LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@
+LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
@@ -112,6 +116,7 @@ MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
NM = @NM@
NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
OTOOL = @OTOOL@
OTOOL64 = @OTOOL64@
@@ -125,6 +130,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@
PERL = @PERL@
PKG_CONFIG = @PKG_CONFIG@
RANLIB = @RANLIB@
+RUBY = @RUBY@
+RUBYINCLUDE = @RUBYINCLUDE@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
@@ -185,6 +192,7 @@ oldincludedir = @oldincludedir@
pdfdir = @pdfdir@
piddir = @piddir@
plugindir = @plugindir@
+pluto_plugins = @pluto_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
@@ -196,6 +204,7 @@ srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
xml_CFLAGS = @xml_CFLAGS@
@@ -203,9 +212,11 @@ xml_LIBS = @xml_LIBS@
stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h
INCLUDES = -I$(top_srcdir)/src/libstrongswan
EXTRA_DIST = stroke_keywords.txt
+BUILT_SOURCES = stroke_keywords.c
MAINTAINERCLEANFILES = stroke_keywords.c
AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\"
-all: all-am
+all: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) all-am
.SUFFIXES:
.SUFFIXES: .c .lo .o .obj
@@ -213,8 +224,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
- cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
- && exit 0; \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
exit 1;; \
esac; \
done; \
@@ -311,7 +322,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
- $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@@ -380,13 +391,15 @@ distdir: $(DISTFILES)
fi; \
done
check-am: all-am
-check: check-am
+check: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) check-am
all-am: Makefile $(PROGRAMS)
installdirs:
for dir in "$(DESTDIR)$(ipsecdir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
-install: install-am
+install: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
@@ -410,6 +423,7 @@ distclean-generic:
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
clean: clean-am
@@ -487,8 +501,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
tags uninstall uninstall-am uninstall-ipsecPROGRAMS
-stroke_keywords.c: stroke_keywords.txt stroke_keywords.h
- $(GPERF) -C -G -t < $< > $@
+stroke_keywords.c: $(srcdir)/stroke_keywords.txt $(srcdir)/stroke_keywords.h
+ $(GPERF) -m 10 -D -C -G -t < $(srcdir)/stroke_keywords.txt > $@
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff --git a/src/stroke/stroke.c b/src/stroke/stroke.c
index 01cbcb5b0..c27a8ca3e 100644
--- a/src/stroke/stroke.c
+++ b/src/stroke/stroke.c
@@ -12,8 +12,6 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * RCSID $Id: stroke.c 4783 2008-12-10 13:00:02Z martin $
*/
#include <stdlib.h>
@@ -27,6 +25,7 @@
#include <errno.h>
#include <stdio.h>
#include <stddef.h>
+#include <string.h>
#include "stroke_msg.h"
#include "stroke_keywords.h"
@@ -54,10 +53,13 @@ static char* push_string(stroke_msg_t *msg, char *string)
static int send_stroke_msg (stroke_msg_t *msg)
{
- struct sockaddr_un ctl_addr = { AF_UNIX, STROKE_SOCKET };
+ struct sockaddr_un ctl_addr;
int sock;
char buffer[64];
int byte_count;
+
+ ctl_addr.sun_family = AF_UNIX;
+ strcpy(ctl_addr.sun_path, STROKE_SOCKET);
msg->output_verbosity = 1; /* CONTROL */
@@ -246,7 +248,8 @@ static int reread(stroke_keyword_t kw)
}
static int purge_flags[] = {
- PURGE_OCSP
+ PURGE_OCSP,
+ PURGE_IKE,
};
static int purge(stroke_keyword_t kw)
@@ -330,6 +333,8 @@ static void exit_usage(char *error)
printf(" stroke rereadsecrets|rereadcrls|rereadall\n");
printf(" Purge ocsp cache entries:\n");
printf(" stroke purgeocsp\n");
+ printf(" Purge IKE_SAs without a CHILD_SA:\n");
+ printf(" stroke purgeike\n");
printf(" Show leases of a pool:\n");
printf(" stroke leases [POOL [ADDRESS]]\n");
exit_error(error);
@@ -441,6 +446,7 @@ int main(int argc, char *argv[])
res = reread(token->kw);
break;
case STROKE_PURGE_OCSP:
+ case STROKE_PURGE_IKE:
res = purge(token->kw);
break;
case STROKE_LEASES:
diff --git a/src/stroke/stroke_keywords.c b/src/stroke/stroke_keywords.c
index a5d17edc2..bb9705743 100644
--- a/src/stroke/stroke_keywords.c
+++ b/src/stroke/stroke_keywords.c
@@ -1,5 +1,5 @@
/* C code produced by gperf version 3.0.3 */
-/* Command-line: /usr/bin/gperf -C -G -t */
+/* Command-line: /usr/bin/gperf -m 10 -D -C -G -t */
/* Computed positions: -k'1,5,7' */
#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
@@ -43,8 +43,6 @@ error "gperf generated tables don't work with this execution character set. Plea
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * RCSID $Id: stroke_keywords.txt 4783 2008-12-10 13:00:02Z martin $
*/
#include <string.h>
@@ -56,12 +54,12 @@ struct stroke_token {
stroke_keyword_t kw;
};
-#define TOTAL_KEYWORDS 32
+#define TOTAL_KEYWORDS 33
#define MIN_WORD_LENGTH 2
#define MAX_WORD_LENGTH 15
#define MIN_HASH_VALUE 3
-#define MAX_HASH_VALUE 65
-/* maximum key range = 63, duplicates = 0 */
+#define MAX_HASH_VALUE 39
+/* maximum key range = 37, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -77,32 +75,32 @@ hash (str, len)
{
static const unsigned char asso_values[] =
{
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 0, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 0, 0, 5,
- 45, 0, 66, 10, 66, 15, 66, 66, 0, 66,
- 66, 20, 0, 66, 10, 10, 0, 10, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66, 66, 66, 66, 66,
- 66, 66, 66, 66, 66, 66
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 17, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 0, 4, 1,
+ 1, 0, 40, 17, 40, 18, 40, 4, 0, 40,
+ 40, 12, 17, 40, 6, 3, 19, 12, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+ 40, 40, 40, 40, 40, 40
};
register int hval = len;
@@ -127,53 +125,46 @@ hash (str, len)
static const struct stroke_token wordlist[] =
{
- {""}, {""}, {""},
{"add", STROKE_ADD},
- {""}, {""},
+ {"del", STROKE_DEL},
+ {"down", STROKE_DOWN},
{"leases", STROKE_LEASES},
{"listall", STROKE_LIST_ALL},
{"loglevel", STROKE_LOGLEVEL},
- {""},
- {"listacerts", STROKE_LIST_ACERTS},
- {"listpubkeys", STROKE_LIST_PUBKEYS},
- {"up", STROKE_UP},
{"listcrls", STROKE_LIST_CRLS},
- {"purgeocsp", STROKE_PURGE_OCSP},
+ {"listacerts", STROKE_LIST_ACERTS},
{"route", STROKE_ROUTE},
{"listaacerts", STROKE_LIST_AACERTS},
- {""},
- {"listalgs", STROKE_LIST_ALGS},
- {"rereadall", STROKE_REREAD_ALL},
- {""},
{"listcacerts", STROKE_LIST_CACERTS},
- {"rereadacerts", STROKE_REREAD_ACERTS},
- {"rereadaacerts", STROKE_REREAD_AACERTS},
+ {"up", STROKE_UP},
+ {"rereadall", STROKE_REREAD_ALL},
{"listcerts", STROKE_LIST_CERTS},
{"rereadcrls", STROKE_REREAD_CRLS},
- {"status", STROKE_STATUS},
- {"unroute", STROKE_UNROUTE},
+ {"rereadacerts", STROKE_REREAD_ACERTS},
+ {"rereadaacerts", STROKE_REREAD_AACERTS},
{"rereadcacerts", STROKE_REREAD_CACERTS},
- {"statusall", STROKE_STATUSALL},
- {""},
- {"listcainfos", STROKE_LIST_CAINFOS},
- {""},
+ {"status", STROKE_STATUS},
{"rereadsecrets", STROKE_REREAD_SECRETS},
- {""}, {""}, {""}, {""},
{"listocsp", STROKE_LIST_OCSP},
- {""},
- {"listgroups", STROKE_LIST_GROUPS},
- {""}, {""},
+ {"statusall", STROKE_STATUSALL},
+ {"listalgs", STROKE_LIST_ALGS},
+ {"delete", STROKE_DELETE},
+ {"purgeocsp", STROKE_PURGE_OCSP},
{"listocspcerts", STROKE_LIST_OCSPCERTS},
- {""},
+ {"purgeike", STROKE_PURGE_IKE},
+ {"listcainfos", STROKE_LIST_CAINFOS},
+ {"unroute", STROKE_UNROUTE},
+ {"listpubkeys", STROKE_LIST_PUBKEYS},
{"rereadocspcerts", STROKE_REREAD_OCSPCERTS},
- {""}, {""},
- {"del", STROKE_DEL},
- {"down", STROKE_DOWN},
- {""},
- {"delete", STROKE_DELETE},
- {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
- {""}, {""}, {""}, {""},
- {"down-srcip", STROKE_DOWN_SRCIP}
+ {"down-srcip", STROKE_DOWN_SRCIP},
+ {"listgroups", STROKE_LIST_GROUPS}
+ };
+
+static const short lookup[] =
+ {
+ -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
+ 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
+ 25, 26, 27, 28, 29, 30, 31, -1, -1, -1, -1, 32
};
#ifdef __GNUC__
@@ -193,10 +184,15 @@ in_word_set (str, len)
if (key <= MAX_HASH_VALUE && key >= 0)
{
- register const char *s = wordlist[key].name;
+ register int index = lookup[key];
+
+ if (index >= 0)
+ {
+ register const char *s = wordlist[index].name;
- if (*str == *s && !strcmp (str + 1, s + 1))
- return &wordlist[key];
+ if (*str == *s && !strcmp (str + 1, s + 1))
+ return &wordlist[index];
+ }
}
}
return 0;
diff --git a/src/stroke/stroke_keywords.h b/src/stroke/stroke_keywords.h
index e089b5660..6332000db 100644
--- a/src/stroke/stroke_keywords.h
+++ b/src/stroke/stroke_keywords.h
@@ -11,8 +11,6 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * RCSID $Id: stroke_keywords.h 4783 2008-12-10 13:00:02Z martin $
*/
#ifndef _STROKE_KEYWORDS_H_
@@ -50,6 +48,7 @@ typedef enum {
STROKE_REREAD_CRLS,
STROKE_REREAD_ALL,
STROKE_PURGE_OCSP,
+ STROKE_PURGE_IKE,
STROKE_LEASES
} stroke_keyword_t;
diff --git a/src/stroke/stroke_keywords.txt b/src/stroke/stroke_keywords.txt
index 3ec259a24..96fa0bf3a 100644
--- a/src/stroke/stroke_keywords.txt
+++ b/src/stroke/stroke_keywords.txt
@@ -12,8 +12,6 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * RCSID $Id: stroke_keywords.txt 4783 2008-12-10 13:00:02Z martin $
*/
#include <string.h>
@@ -57,4 +55,5 @@ rereadacerts, STROKE_REREAD_ACERTS
rereadcrls, STROKE_REREAD_CRLS
rereadall, STROKE_REREAD_ALL
purgeocsp, STROKE_PURGE_OCSP
+purgeike, STROKE_PURGE_IKE
leases, STROKE_LEASES
diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h
index 81ad2e397..704c88c58 100644
--- a/src/stroke/stroke_msg.h
+++ b/src/stroke/stroke_msg.h
@@ -18,8 +18,6 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * RCSID $Id: stroke_msg.h 4783 2008-12-10 13:00:02Z martin $
*/
#ifndef STROKE_MSG_H_
@@ -105,6 +103,8 @@ enum purge_flag_t {
PURGE_NONE = 0x0000,
/** purge ocsp cache entries */
PURGE_OCSP = 0x0001,
+ /** purge IKE_SAs without a CHILD_SA */
+ PURGE_IKE = 0x0002,
};
/**
@@ -123,9 +123,15 @@ typedef struct stroke_end_t stroke_end_t;
* definition of a peer in a stroke message
*/
struct stroke_end_t {
+ char *auth;
+ char *auth2;
char *id;
+ char *id2;
+ char *eap_id;
char *cert;
+ char *cert2;
char *ca;
+ char *ca2;
char *groups;
char *updown;
char *address;
@@ -206,6 +212,7 @@ struct stroke_msg_t {
struct {
char *name;
int ikev2;
+ /* next three are deprecated, use stroke_end_t.auth instead */
int auth_method;
u_int32_t eap_type;
u_int32_t eap_vendor;