diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-06-23 11:25:24 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-06-23 11:25:24 +0000 |
commit | 41787e147279ff0695e9d759487266a60b80867b (patch) | |
tree | 8f28566c8fd7106c80d2536d2df540dbb4499cc5 /src/stroke | |
parent | c3e7f611ea8273c6b3909cb006ade4903a74aad0 (diff) | |
download | vyos-strongswan-41787e147279ff0695e9d759487266a60b80867b.tar.gz vyos-strongswan-41787e147279ff0695e9d759487266a60b80867b.zip |
[svn-upgrade] Integrating new upstream version, strongswan (4.3.2)
Diffstat (limited to 'src/stroke')
-rw-r--r-- | src/stroke/Makefile.am | 5 | ||||
-rw-r--r-- | src/stroke/Makefile.in | 32 | ||||
-rw-r--r-- | src/stroke/stroke.c | 14 | ||||
-rw-r--r-- | src/stroke/stroke_keywords.c | 130 | ||||
-rw-r--r-- | src/stroke/stroke_keywords.h | 3 | ||||
-rw-r--r-- | src/stroke/stroke_keywords.txt | 3 | ||||
-rw-r--r-- | src/stroke/stroke_msg.h | 11 |
7 files changed, 110 insertions, 88 deletions
diff --git a/src/stroke/Makefile.am b/src/stroke/Makefile.am index df20252e2..afca95fce 100644 --- a/src/stroke/Makefile.am +++ b/src/stroke/Makefile.am @@ -3,8 +3,9 @@ ipsec_PROGRAMS = stroke stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h INCLUDES = -I$(top_srcdir)/src/libstrongswan EXTRA_DIST = stroke_keywords.txt +BUILT_SOURCES = stroke_keywords.c MAINTAINERCLEANFILES = stroke_keywords.c AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\" -stroke_keywords.c: stroke_keywords.txt stroke_keywords.h - $(GPERF) -C -G -t < $< > $@ +stroke_keywords.c: $(srcdir)/stroke_keywords.txt $(srcdir)/stroke_keywords.h + $(GPERF) -m 10 -D -C -G -t < $(srcdir)/stroke_keywords.txt > $@ diff --git a/src/stroke/Makefile.in b/src/stroke/Makefile.in index 0d78d9425..dde80348e 100644 --- a/src/stroke/Makefile.in +++ b/src/stroke/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -79,6 +79,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -101,6 +102,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -112,6 +116,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -125,6 +130,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -185,6 +192,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -196,6 +204,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -203,9 +212,11 @@ xml_LIBS = @xml_LIBS@ stroke_SOURCES = stroke.c stroke_msg.h stroke_keywords.c stroke_keywords.h INCLUDES = -I$(top_srcdir)/src/libstrongswan EXTRA_DIST = stroke_keywords.txt +BUILT_SOURCES = stroke_keywords.c MAINTAINERCLEANFILES = stroke_keywords.c AM_CFLAGS = -DIPSEC_PIDDIR=\"${piddir}\" -all: all-am +all: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: .SUFFIXES: .c .lo .o .obj @@ -213,8 +224,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -311,7 +322,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS @@ -380,13 +391,15 @@ distdir: $(DISTFILES) fi; \ done check-am: all-am -check: check-am +check: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) check-am all-am: Makefile $(PROGRAMS) installdirs: for dir in "$(DESTDIR)$(ipsecdir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done -install: install-am +install: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am @@ -410,6 +423,7 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." + -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am @@ -487,8 +501,8 @@ uninstall-am: uninstall-ipsecPROGRAMS tags uninstall uninstall-am uninstall-ipsecPROGRAMS -stroke_keywords.c: stroke_keywords.txt stroke_keywords.h - $(GPERF) -C -G -t < $< > $@ +stroke_keywords.c: $(srcdir)/stroke_keywords.txt $(srcdir)/stroke_keywords.h + $(GPERF) -m 10 -D -C -G -t < $(srcdir)/stroke_keywords.txt > $@ # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/src/stroke/stroke.c b/src/stroke/stroke.c index 01cbcb5b0..c27a8ca3e 100644 --- a/src/stroke/stroke.c +++ b/src/stroke/stroke.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * RCSID $Id: stroke.c 4783 2008-12-10 13:00:02Z martin $ */ #include <stdlib.h> @@ -27,6 +25,7 @@ #include <errno.h> #include <stdio.h> #include <stddef.h> +#include <string.h> #include "stroke_msg.h" #include "stroke_keywords.h" @@ -54,10 +53,13 @@ static char* push_string(stroke_msg_t *msg, char *string) static int send_stroke_msg (stroke_msg_t *msg) { - struct sockaddr_un ctl_addr = { AF_UNIX, STROKE_SOCKET }; + struct sockaddr_un ctl_addr; int sock; char buffer[64]; int byte_count; + + ctl_addr.sun_family = AF_UNIX; + strcpy(ctl_addr.sun_path, STROKE_SOCKET); msg->output_verbosity = 1; /* CONTROL */ @@ -246,7 +248,8 @@ static int reread(stroke_keyword_t kw) } static int purge_flags[] = { - PURGE_OCSP + PURGE_OCSP, + PURGE_IKE, }; static int purge(stroke_keyword_t kw) @@ -330,6 +333,8 @@ static void exit_usage(char *error) printf(" stroke rereadsecrets|rereadcrls|rereadall\n"); printf(" Purge ocsp cache entries:\n"); printf(" stroke purgeocsp\n"); + printf(" Purge IKE_SAs without a CHILD_SA:\n"); + printf(" stroke purgeike\n"); printf(" Show leases of a pool:\n"); printf(" stroke leases [POOL [ADDRESS]]\n"); exit_error(error); @@ -441,6 +446,7 @@ int main(int argc, char *argv[]) res = reread(token->kw); break; case STROKE_PURGE_OCSP: + case STROKE_PURGE_IKE: res = purge(token->kw); break; case STROKE_LEASES: diff --git a/src/stroke/stroke_keywords.c b/src/stroke/stroke_keywords.c index a5d17edc2..bb9705743 100644 --- a/src/stroke/stroke_keywords.c +++ b/src/stroke/stroke_keywords.c @@ -1,5 +1,5 @@ /* C code produced by gperf version 3.0.3 */ -/* Command-line: /usr/bin/gperf -C -G -t */ +/* Command-line: /usr/bin/gperf -m 10 -D -C -G -t */ /* Computed positions: -k'1,5,7' */ #if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \ @@ -43,8 +43,6 @@ error "gperf generated tables don't work with this execution character set. Plea * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * RCSID $Id: stroke_keywords.txt 4783 2008-12-10 13:00:02Z martin $ */ #include <string.h> @@ -56,12 +54,12 @@ struct stroke_token { stroke_keyword_t kw; }; -#define TOTAL_KEYWORDS 32 +#define TOTAL_KEYWORDS 33 #define MIN_WORD_LENGTH 2 #define MAX_WORD_LENGTH 15 #define MIN_HASH_VALUE 3 -#define MAX_HASH_VALUE 65 -/* maximum key range = 63, duplicates = 0 */ +#define MAX_HASH_VALUE 39 +/* maximum key range = 37, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -77,32 +75,32 @@ hash (str, len) { static const unsigned char asso_values[] = { - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 0, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 0, 0, 5, - 45, 0, 66, 10, 66, 15, 66, 66, 0, 66, - 66, 20, 0, 66, 10, 10, 0, 10, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, - 66, 66, 66, 66, 66, 66 + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 17, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 0, 4, 1, + 1, 0, 40, 17, 40, 18, 40, 4, 0, 40, + 40, 12, 17, 40, 6, 3, 19, 12, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 40, 40, 40 }; register int hval = len; @@ -127,53 +125,46 @@ hash (str, len) static const struct stroke_token wordlist[] = { - {""}, {""}, {""}, {"add", STROKE_ADD}, - {""}, {""}, + {"del", STROKE_DEL}, + {"down", STROKE_DOWN}, {"leases", STROKE_LEASES}, {"listall", STROKE_LIST_ALL}, {"loglevel", STROKE_LOGLEVEL}, - {""}, - {"listacerts", STROKE_LIST_ACERTS}, - {"listpubkeys", STROKE_LIST_PUBKEYS}, - {"up", STROKE_UP}, {"listcrls", STROKE_LIST_CRLS}, - {"purgeocsp", STROKE_PURGE_OCSP}, + {"listacerts", STROKE_LIST_ACERTS}, {"route", STROKE_ROUTE}, {"listaacerts", STROKE_LIST_AACERTS}, - {""}, - {"listalgs", STROKE_LIST_ALGS}, - {"rereadall", STROKE_REREAD_ALL}, - {""}, {"listcacerts", STROKE_LIST_CACERTS}, - {"rereadacerts", STROKE_REREAD_ACERTS}, - {"rereadaacerts", STROKE_REREAD_AACERTS}, + {"up", STROKE_UP}, + {"rereadall", STROKE_REREAD_ALL}, {"listcerts", STROKE_LIST_CERTS}, {"rereadcrls", STROKE_REREAD_CRLS}, - {"status", STROKE_STATUS}, - {"unroute", STROKE_UNROUTE}, + {"rereadacerts", STROKE_REREAD_ACERTS}, + {"rereadaacerts", STROKE_REREAD_AACERTS}, {"rereadcacerts", STROKE_REREAD_CACERTS}, - {"statusall", STROKE_STATUSALL}, - {""}, - {"listcainfos", STROKE_LIST_CAINFOS}, - {""}, + {"status", STROKE_STATUS}, {"rereadsecrets", STROKE_REREAD_SECRETS}, - {""}, {""}, {""}, {""}, {"listocsp", STROKE_LIST_OCSP}, - {""}, - {"listgroups", STROKE_LIST_GROUPS}, - {""}, {""}, + {"statusall", STROKE_STATUSALL}, + {"listalgs", STROKE_LIST_ALGS}, + {"delete", STROKE_DELETE}, + {"purgeocsp", STROKE_PURGE_OCSP}, {"listocspcerts", STROKE_LIST_OCSPCERTS}, - {""}, + {"purgeike", STROKE_PURGE_IKE}, + {"listcainfos", STROKE_LIST_CAINFOS}, + {"unroute", STROKE_UNROUTE}, + {"listpubkeys", STROKE_LIST_PUBKEYS}, {"rereadocspcerts", STROKE_REREAD_OCSPCERTS}, - {""}, {""}, - {"del", STROKE_DEL}, - {"down", STROKE_DOWN}, - {""}, - {"delete", STROKE_DELETE}, - {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, - {""}, {""}, {""}, {""}, - {"down-srcip", STROKE_DOWN_SRCIP} + {"down-srcip", STROKE_DOWN_SRCIP}, + {"listgroups", STROKE_LIST_GROUPS} + }; + +static const short lookup[] = + { + -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, + 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, + 25, 26, 27, 28, 29, 30, 31, -1, -1, -1, -1, 32 }; #ifdef __GNUC__ @@ -193,10 +184,15 @@ in_word_set (str, len) if (key <= MAX_HASH_VALUE && key >= 0) { - register const char *s = wordlist[key].name; + register int index = lookup[key]; + + if (index >= 0) + { + register const char *s = wordlist[index].name; - if (*str == *s && !strcmp (str + 1, s + 1)) - return &wordlist[key]; + if (*str == *s && !strcmp (str + 1, s + 1)) + return &wordlist[index]; + } } } return 0; diff --git a/src/stroke/stroke_keywords.h b/src/stroke/stroke_keywords.h index e089b5660..6332000db 100644 --- a/src/stroke/stroke_keywords.h +++ b/src/stroke/stroke_keywords.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * RCSID $Id: stroke_keywords.h 4783 2008-12-10 13:00:02Z martin $ */ #ifndef _STROKE_KEYWORDS_H_ @@ -50,6 +48,7 @@ typedef enum { STROKE_REREAD_CRLS, STROKE_REREAD_ALL, STROKE_PURGE_OCSP, + STROKE_PURGE_IKE, STROKE_LEASES } stroke_keyword_t; diff --git a/src/stroke/stroke_keywords.txt b/src/stroke/stroke_keywords.txt index 3ec259a24..96fa0bf3a 100644 --- a/src/stroke/stroke_keywords.txt +++ b/src/stroke/stroke_keywords.txt @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * RCSID $Id: stroke_keywords.txt 4783 2008-12-10 13:00:02Z martin $ */ #include <string.h> @@ -57,4 +55,5 @@ rereadacerts, STROKE_REREAD_ACERTS rereadcrls, STROKE_REREAD_CRLS rereadall, STROKE_REREAD_ALL purgeocsp, STROKE_PURGE_OCSP +purgeike, STROKE_PURGE_IKE leases, STROKE_LEASES diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h index 81ad2e397..704c88c58 100644 --- a/src/stroke/stroke_msg.h +++ b/src/stroke/stroke_msg.h @@ -18,8 +18,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * RCSID $Id: stroke_msg.h 4783 2008-12-10 13:00:02Z martin $ */ #ifndef STROKE_MSG_H_ @@ -105,6 +103,8 @@ enum purge_flag_t { PURGE_NONE = 0x0000, /** purge ocsp cache entries */ PURGE_OCSP = 0x0001, + /** purge IKE_SAs without a CHILD_SA */ + PURGE_IKE = 0x0002, }; /** @@ -123,9 +123,15 @@ typedef struct stroke_end_t stroke_end_t; * definition of a peer in a stroke message */ struct stroke_end_t { + char *auth; + char *auth2; char *id; + char *id2; + char *eap_id; char *cert; + char *cert2; char *ca; + char *ca2; char *groups; char *updown; char *address; @@ -206,6 +212,7 @@ struct stroke_msg_t { struct { char *name; int ikev2; + /* next three are deprecated, use stroke_end_t.auth instead */ int auth_method; u_int32_t eap_type; u_int32_t eap_vendor; |