summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2016-07-16 15:19:53 +0200
committerYves-Alexis Perez <corsac@debian.org>2016-07-16 15:19:53 +0200
commitbf372706c469764d59e9f29c39e3ecbebd72b8d2 (patch)
tree0f0e296e2d50e4a7faf99ae6fa428d2681e81ea1 /src
parent518dd33c94e041db0444c7d1f33da363bb8e3faf (diff)
downloadvyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.tar.gz
vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.zip
Imported Upstream version 5.5.0
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am8
-rw-r--r--src/Makefile.in91
-rw-r--r--src/_copyright/Makefile.in27
-rw-r--r--src/_updown/Makefile.in26
-rw-r--r--src/aikgen/Makefile.am9
-rw-r--r--src/aikgen/Makefile.in36
-rw-r--r--src/aikgen/aikgen.c229
-rw-r--r--src/aikpub2/Makefile.am15
-rw-r--r--src/aikpub2/Makefile.in763
-rw-r--r--src/aikpub2/aikpub2.c305
-rw-r--r--src/charon-cmd/Makefile.am2
-rw-r--r--src/charon-cmd/Makefile.in33
-rw-r--r--src/charon-cmd/cmd/cmd_connection.c42
-rw-r--r--src/charon-nm/Makefile.am2
-rw-r--r--src/charon-nm/Makefile.in31
-rw-r--r--src/charon-nm/nm/nm_service.c84
-rw-r--r--src/charon-svc/Makefile.in27
-rw-r--r--src/charon-systemd/Makefile.am3
-rw-r--r--src/charon-systemd/Makefile.in32
-rw-r--r--src/charon-tkm/Makefile.in26
-rw-r--r--src/charon-tkm/src/tkm/tkm_diffie_hellman.c6
-rw-r--r--src/charon-tkm/src/tkm/tkm_kernel_ipsec.c97
-rw-r--r--src/charon-tkm/src/tkm/tkm_kernel_sad.c32
-rw-r--r--src/charon-tkm/src/tkm/tkm_kernel_sad.h10
-rw-r--r--src/charon-tkm/src/tkm/tkm_keymat.c8
-rw-r--r--src/charon-tkm/src/tkm/tkm_nonceg.c2
-rw-r--r--src/charon-tkm/src/tkm/tkm_spi_generator.c12
-rw-r--r--src/charon-tkm/tests/nonceg_tests.c6
-rw-r--r--src/charon/Makefile.am2
-rw-r--r--src/charon/Makefile.in32
-rw-r--r--src/checksum/Makefile.am5
-rw-r--r--src/checksum/Makefile.in79
-rw-r--r--src/checksum/checksum_builder.c2
-rw-r--r--src/conftest/Makefile.am2
-rw-r--r--src/conftest/Makefile.in32
-rw-r--r--src/conftest/actions.c2
-rw-r--r--src/conftest/config.c26
-rw-r--r--src/conftest/hooks/custom_proposal.c4
-rw-r--r--src/conftest/hooks/log_proposals.c2
-rw-r--r--src/conftest/hooks/rebuild_auth.c2
-rw-r--r--src/conftest/hooks/reset_seq.c2
-rw-r--r--src/conftest/hooks/set_ike_spi.c4
-rw-r--r--src/conftest/hooks/set_length.c4
-rw-r--r--src/conftest/hooks/set_proposal_number.c2
-rw-r--r--src/conftest/hooks/set_reserved.c6
-rw-r--r--src/dumm/Makefile.in27
-rw-r--r--src/dumm/mconsole.c18
-rw-r--r--src/include/Makefile.in26
-rw-r--r--src/include/linux/pfkeyv2.h2
-rw-r--r--src/ipsec/Makefile.in27
-rw-r--r--src/ipsec/_ipsec.82
-rw-r--r--src/libcharon/Android.mk1
-rw-r--r--src/libcharon/Makefile.am5
-rw-r--r--src/libcharon/Makefile.in83
-rw-r--r--src/libcharon/attributes/mem_pool.c16
-rw-r--r--src/libcharon/bus/bus.c2
-rw-r--r--src/libcharon/bus/bus.h10
-rw-r--r--src/libcharon/bus/listeners/listener.h2
-rw-r--r--src/libcharon/config/child_cfg.c172
-rw-r--r--src/libcharon/config/child_cfg.h116
-rw-r--r--src/libcharon/config/ike_cfg.c87
-rw-r--r--src/libcharon/config/ike_cfg.h19
-rw-r--r--src/libcharon/config/peer_cfg.c89
-rw-r--r--src/libcharon/config/peer_cfg.h97
-rw-r--r--src/libcharon/config/proposal.c66
-rw-r--r--src/libcharon/config/proposal.h10
-rw-r--r--src/libcharon/control/controller.c76
-rw-r--r--src/libcharon/control/controller.h4
-rw-r--r--src/libcharon/daemon.c63
-rw-r--r--src/libcharon/encoding/generator.c64
-rw-r--r--src/libcharon/encoding/generator.h2
-rw-r--r--src/libcharon/encoding/message.c42
-rw-r--r--src/libcharon/encoding/message.h16
-rw-r--r--src/libcharon/encoding/parser.c64
-rw-r--r--src/libcharon/encoding/parser.h2
-rw-r--r--src/libcharon/encoding/payloads/auth_payload.c8
-rw-r--r--src/libcharon/encoding/payloads/cert_payload.c6
-rw-r--r--src/libcharon/encoding/payloads/certreq_payload.c6
-rw-r--r--src/libcharon/encoding/payloads/configuration_attribute.c12
-rw-r--r--src/libcharon/encoding/payloads/configuration_attribute.h4
-rw-r--r--src/libcharon/encoding/payloads/cp_payload.c14
-rw-r--r--src/libcharon/encoding/payloads/cp_payload.h4
-rw-r--r--src/libcharon/encoding/payloads/delete_payload.c28
-rw-r--r--src/libcharon/encoding/payloads/delete_payload.h8
-rw-r--r--src/libcharon/encoding/payloads/eap_payload.c28
-rw-r--r--src/libcharon/encoding/payloads/eap_payload.h12
-rw-r--r--src/libcharon/encoding/payloads/encodings.h6
-rw-r--r--src/libcharon/encoding/payloads/encrypted_fragment_payload.h6
-rw-r--r--src/libcharon/encoding/payloads/encrypted_payload.c48
-rw-r--r--src/libcharon/encoding/payloads/encrypted_payload.h2
-rw-r--r--src/libcharon/encoding/payloads/endpoint_notify.c44
-rw-r--r--src/libcharon/encoding/payloads/endpoint_notify.h4
-rw-r--r--src/libcharon/encoding/payloads/fragment_payload.c18
-rw-r--r--src/libcharon/encoding/payloads/fragment_payload.h6
-rw-r--r--src/libcharon/encoding/payloads/hash_payload.c6
-rw-r--r--src/libcharon/encoding/payloads/id_payload.c18
-rw-r--r--src/libcharon/encoding/payloads/ike_header.c40
-rw-r--r--src/libcharon/encoding/payloads/ike_header.h24
-rw-r--r--src/libcharon/encoding/payloads/ke_payload.c8
-rw-r--r--src/libcharon/encoding/payloads/nonce_payload.c4
-rw-r--r--src/libcharon/encoding/payloads/notify_payload.c24
-rw-r--r--src/libcharon/encoding/payloads/notify_payload.h8
-rw-r--r--src/libcharon/encoding/payloads/payload.c2
-rw-r--r--src/libcharon/encoding/payloads/payload.h2
-rw-r--r--src/libcharon/encoding/payloads/proposal_substructure.c120
-rw-r--r--src/libcharon/encoding/payloads/proposal_substructure.h22
-rw-r--r--src/libcharon/encoding/payloads/sa_payload.c32
-rw-r--r--src/libcharon/encoding/payloads/sa_payload.h14
-rw-r--r--src/libcharon/encoding/payloads/traffic_selector_substructure.c10
-rw-r--r--src/libcharon/encoding/payloads/traffic_selector_substructure.h4
-rw-r--r--src/libcharon/encoding/payloads/transform_attribute.c14
-rw-r--r--src/libcharon/encoding/payloads/transform_attribute.h6
-rw-r--r--src/libcharon/encoding/payloads/transform_substructure.c18
-rw-r--r--src/libcharon/encoding/payloads/transform_substructure.h6
-rw-r--r--src/libcharon/encoding/payloads/ts_payload.c6
-rw-r--r--src/libcharon/encoding/payloads/unknown_payload.c4
-rw-r--r--src/libcharon/encoding/payloads/vendor_id_payload.c4
-rw-r--r--src/libcharon/kernel/kernel_handler.c10
-rw-r--r--src/libcharon/kernel/kernel_interface.c115
-rw-r--r--src/libcharon/kernel/kernel_interface.h185
-rw-r--r--src/libcharon/kernel/kernel_ipsec.h299
-rw-r--r--src/libcharon/kernel/kernel_listener.h8
-rw-r--r--src/libcharon/kernel/kernel_net.h12
-rw-r--r--src/libcharon/network/receiver.c32
-rw-r--r--src/libcharon/network/socket.h2
-rw-r--r--src/libcharon/network/socket_manager.c4
-rw-r--r--src/libcharon/network/socket_manager.h2
-rw-r--r--src/libcharon/plugins/addrblock/Makefile.in27
-rw-r--r--src/libcharon/plugins/android_dns/Makefile.in27
-rw-r--r--src/libcharon/plugins/android_log/Makefile.in27
-rw-r--r--src/libcharon/plugins/attr/Makefile.in27
-rw-r--r--src/libcharon/plugins/attr/attr_provider.c4
-rw-r--r--src/libcharon/plugins/attr_sql/Makefile.in27
-rw-r--r--src/libcharon/plugins/certexpire/Makefile.in27
-rw-r--r--src/libcharon/plugins/connmark/Makefile.in27
-rw-r--r--src/libcharon/plugins/connmark/connmark_listener.c45
-rw-r--r--src/libcharon/plugins/coupling/Makefile.in27
-rw-r--r--src/libcharon/plugins/dhcp/Makefile.in27
-rw-r--r--src/libcharon/plugins/dhcp/dhcp_socket.c34
-rw-r--r--src/libcharon/plugins/dhcp/dhcp_transaction.c6
-rw-r--r--src/libcharon/plugins/dhcp/dhcp_transaction.h4
-rw-r--r--src/libcharon/plugins/dnscert/Makefile.in27
-rw-r--r--src/libcharon/plugins/dnscert/dnscert.c8
-rw-r--r--src/libcharon/plugins/dnscert/dnscert.h2
-rw-r--r--src/libcharon/plugins/duplicheck/Makefile.in27
-rw-r--r--src/libcharon/plugins/duplicheck/duplicheck.c2
-rw-r--r--src/libcharon/plugins/duplicheck/duplicheck_msg.h2
-rw-r--r--src/libcharon/plugins/duplicheck/duplicheck_notify.c2
-rw-r--r--src/libcharon/plugins/eap_aka/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_aka/eap_aka_peer.c16
-rw-r--r--src/libcharon/plugins/eap_aka/eap_aka_server.c14
-rw-r--r--src/libcharon/plugins/eap_aka_3gpp2/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c10
-rw-r--r--src/libcharon/plugins/eap_dynamic/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_dynamic/eap_dynamic.c12
-rw-r--r--src/libcharon/plugins/eap_gtc/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_gtc/eap_gtc.c18
-rw-r--r--src/libcharon/plugins/eap_identity/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_identity/eap_identity.c18
-rw-r--r--src/libcharon/plugins/eap_md5/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_md5/eap_md5.c20
-rw-r--r--src/libcharon/plugins/eap_mschapv2/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c58
-rw-r--r--src/libcharon/plugins/eap_peap/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_peap/eap_peap.c6
-rw-r--r--src/libcharon/plugins/eap_peap/eap_peap_avp.c8
-rw-r--r--src/libcharon/plugins/eap_peap/eap_peap_avp.h2
-rw-r--r--src/libcharon/plugins/eap_peap/eap_peap_peer.c4
-rw-r--r--src/libcharon/plugins/eap_peap/eap_peap_server.c4
-rw-r--r--src/libcharon/plugins/eap_radius/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius.c32
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius_accounting.c28
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius_accounting.h2
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius_dae.c4
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius_forward.c6
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius_provider.c4
-rw-r--r--src/libcharon/plugins/eap_radius/eap_radius_provider.h4
-rw-r--r--src/libcharon/plugins/eap_sim/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_sim/eap_sim_peer.c16
-rw-r--r--src/libcharon/plugins/eap_sim/eap_sim_server.c14
-rw-r--r--src/libcharon/plugins/eap_sim_file/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_sim_pcsc/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.c82
-rw-r--r--src/libcharon/plugins/eap_simaka_reauth/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c6
-rw-r--r--src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c4
-rw-r--r--src/libcharon/plugins/eap_simaka_sql/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_tls/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_tls/eap_tls.c6
-rw-r--r--src/libcharon/plugins/eap_tnc/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_ttls/Makefile.in27
-rw-r--r--src/libcharon/plugins/eap_ttls/eap_ttls.c6
-rw-r--r--src/libcharon/plugins/eap_ttls/eap_ttls_avp.c10
-rw-r--r--src/libcharon/plugins/eap_ttls/eap_ttls_peer.c6
-rw-r--r--src/libcharon/plugins/error_notify/Makefile.in27
-rw-r--r--src/libcharon/plugins/error_notify/error_notify_listener.c5
-rw-r--r--src/libcharon/plugins/error_notify/error_notify_msg.h1
-rw-r--r--src/libcharon/plugins/ext_auth/Makefile.in27
-rw-r--r--src/libcharon/plugins/farp/Makefile.in27
-rw-r--r--src/libcharon/plugins/farp/farp_listener.c2
-rw-r--r--src/libcharon/plugins/farp/farp_spoofer.c18
-rw-r--r--src/libcharon/plugins/forecast/Makefile.in27
-rw-r--r--src/libcharon/plugins/forecast/forecast_forwarder.c6
-rw-r--r--src/libcharon/plugins/forecast/forecast_listener.c32
-rw-r--r--src/libcharon/plugins/ha/Makefile.in27
-rw-r--r--src/libcharon/plugins/ha/ha_attribute.c12
-rw-r--r--src/libcharon/plugins/ha/ha_cache.c4
-rw-r--r--src/libcharon/plugins/ha/ha_child.c4
-rw-r--r--src/libcharon/plugins/ha/ha_dispatcher.c20
-rw-r--r--src/libcharon/plugins/ha/ha_ike.c6
-rw-r--r--src/libcharon/plugins/ha/ha_kernel.c20
-rw-r--r--src/libcharon/plugins/ha/ha_kernel.h2
-rw-r--r--src/libcharon/plugins/ha/ha_message.c86
-rw-r--r--src/libcharon/plugins/ha/ha_message.h44
-rw-r--r--src/libcharon/plugins/ha/ha_segments.h2
-rw-r--r--src/libcharon/plugins/ha/ha_tunnel.c28
-rw-r--r--src/libcharon/plugins/ipseckey/Makefile.in27
-rw-r--r--src/libcharon/plugins/ipseckey/ipseckey.c10
-rw-r--r--src/libcharon/plugins/ipseckey/ipseckey.h2
-rw-r--r--src/libcharon/plugins/ipseckey/ipseckey_cred.c2
-rw-r--r--src/libcharon/plugins/kernel_iph/Makefile.in27
-rw-r--r--src/libcharon/plugins/kernel_iph/kernel_iph_net.c13
-rw-r--r--src/libcharon/plugins/kernel_libipsec/Makefile.in27
-rw-r--r--src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c101
-rw-r--r--src/libcharon/plugins/kernel_netlink/Makefile.am2
-rw-r--r--src/libcharon/plugins/kernel_netlink/Makefile.in31
-rw-r--r--src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c1098
-rw-r--r--src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c126
-rw-r--r--src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c8
-rw-r--r--src/libcharon/plugins/kernel_pfkey/Makefile.in27
-rw-r--r--src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c690
-rw-r--r--src/libcharon/plugins/kernel_pfroute/Makefile.in27
-rw-r--r--src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c34
-rw-r--r--src/libcharon/plugins/kernel_wfp/Makefile.in27
-rw-r--r--src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c260
-rw-r--r--src/libcharon/plugins/led/Makefile.in27
-rw-r--r--src/libcharon/plugins/load_tester/Makefile.in27
-rw-r--r--src/libcharon/plugins/load_tester/load_tester.c2
-rw-r--r--src/libcharon/plugins/load_tester/load_tester_config.c58
-rw-r--r--src/libcharon/plugins/load_tester/load_tester_creds.c4
-rw-r--r--src/libcharon/plugins/load_tester/load_tester_ipsec.c45
-rw-r--r--src/libcharon/plugins/lookip/Makefile.in27
-rw-r--r--src/libcharon/plugins/maemo/Makefile.in27
-rw-r--r--src/libcharon/plugins/maemo/maemo_service.c36
-rw-r--r--src/libcharon/plugins/medcli/Makefile.in27
-rw-r--r--src/libcharon/plugins/medcli/medcli_config.c88
-rw-r--r--src/libcharon/plugins/medsrv/Makefile.in27
-rw-r--r--src/libcharon/plugins/medsrv/medsrv_config.c20
-rw-r--r--src/libcharon/plugins/osx_attr/Makefile.in27
-rw-r--r--src/libcharon/plugins/p_cscf/Makefile.am1
-rw-r--r--src/libcharon/plugins/p_cscf/Makefile.in28
-rw-r--r--src/libcharon/plugins/radattr/Makefile.in27
-rw-r--r--src/libcharon/plugins/resolve/Makefile.in27
-rw-r--r--src/libcharon/plugins/resolve/resolve_handler.c203
-rw-r--r--src/libcharon/plugins/smp/Makefile.in27
-rw-r--r--src/libcharon/plugins/smp/smp.c2
-rw-r--r--src/libcharon/plugins/socket_default/Makefile.in27
-rw-r--r--src/libcharon/plugins/socket_default/socket_default_socket.c32
-rw-r--r--src/libcharon/plugins/socket_dynamic/Makefile.in27
-rw-r--r--src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c10
-rw-r--r--src/libcharon/plugins/socket_win/Makefile.in27
-rw-r--r--src/libcharon/plugins/socket_win/socket_win_socket.c6
-rw-r--r--src/libcharon/plugins/sql/Makefile.in27
-rw-r--r--src/libcharon/plugins/sql/sql_config.c50
-rw-r--r--src/libcharon/plugins/sql/sql_logger.c2
-rw-r--r--src/libcharon/plugins/stroke/Makefile.in27
-rw-r--r--src/libcharon/plugins/stroke/stroke_config.c132
-rw-r--r--src/libcharon/plugins/stroke/stroke_control.c18
-rw-r--r--src/libcharon/plugins/stroke/stroke_counter.c10
-rw-r--r--src/libcharon/plugins/stroke/stroke_cred.c47
-rw-r--r--src/libcharon/plugins/stroke/stroke_list.c10
-rw-r--r--src/libcharon/plugins/stroke/stroke_socket.c2
-rw-r--r--src/libcharon/plugins/systime_fix/Makefile.in27
-rw-r--r--src/libcharon/plugins/tnc_ifmap/Makefile.in27
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c2
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c4
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.h2
-rw-r--r--src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c6
-rw-r--r--src/libcharon/plugins/tnc_pdp/Makefile.in27
-rw-r--r--src/libcharon/plugins/tnc_pdp/tnc_pdp.c16
-rw-r--r--src/libcharon/plugins/uci/Makefile.in27
-rw-r--r--src/libcharon/plugins/uci/uci_config.c36
-rw-r--r--src/libcharon/plugins/unity/Makefile.in27
-rw-r--r--src/libcharon/plugins/unity/unity_handler.c8
-rw-r--r--src/libcharon/plugins/unity/unity_provider.c4
-rw-r--r--src/libcharon/plugins/updown/Makefile.in27
-rw-r--r--src/libcharon/plugins/updown/updown_listener.c12
-rw-r--r--src/libcharon/plugins/vici/Makefile.in27
-rw-r--r--src/libcharon/plugins/vici/README.md11
-rw-r--r--src/libcharon/plugins/vici/libvici.c18
-rw-r--r--src/libcharon/plugins/vici/perl/Makefile.in26
-rw-r--r--src/libcharon/plugins/vici/python/MANIFEST.in1
-rw-r--r--src/libcharon/plugins/vici/python/Makefile.am20
-rw-r--r--src/libcharon/plugins/vici/python/Makefile.in46
-rw-r--r--src/libcharon/plugins/vici/python/README.rst24
-rw-r--r--src/libcharon/plugins/vici/python/setup.py.in18
-rw-r--r--src/libcharon/plugins/vici/python/vici/protocol.py11
-rw-r--r--src/libcharon/plugins/vici/ruby/Makefile.in28
-rw-r--r--src/libcharon/plugins/vici/suites/test_socket.c4
-rw-r--r--src/libcharon/plugins/vici/vici_attribute.c6
-rw-r--r--src/libcharon/plugins/vici/vici_config.c329
-rw-r--r--src/libcharon/plugins/vici/vici_control.c6
-rw-r--r--src/libcharon/plugins/vici/vici_dispatcher.c6
-rw-r--r--src/libcharon/plugins/vici/vici_message.c2
-rw-r--r--src/libcharon/plugins/vici/vici_query.c36
-rw-r--r--src/libcharon/plugins/vici/vici_socket.c6
-rw-r--r--src/libcharon/plugins/whitelist/Makefile.in27
-rw-r--r--src/libcharon/plugins/xauth_eap/Makefile.in27
-rw-r--r--src/libcharon/plugins/xauth_eap/xauth_eap.c2
-rw-r--r--src/libcharon/plugins/xauth_generic/Makefile.in27
-rw-r--r--src/libcharon/plugins/xauth_noauth/Makefile.in27
-rw-r--r--src/libcharon/plugins/xauth_pam/Makefile.in27
-rw-r--r--src/libcharon/processing/jobs/acquire_job.c4
-rw-r--r--src/libcharon/processing/jobs/acquire_job.h2
-rw-r--r--src/libcharon/processing/jobs/adopt_children_job.c2
-rw-r--r--src/libcharon/processing/jobs/delete_child_sa_job.c4
-rw-r--r--src/libcharon/processing/jobs/delete_child_sa_job.h2
-rw-r--r--src/libcharon/processing/jobs/inactivity_job.c10
-rw-r--r--src/libcharon/processing/jobs/inactivity_job.h2
-rw-r--r--src/libcharon/processing/jobs/migrate_job.c4
-rw-r--r--src/libcharon/processing/jobs/migrate_job.h2
-rw-r--r--src/libcharon/processing/jobs/rekey_child_sa_job.c4
-rw-r--r--src/libcharon/processing/jobs/rekey_child_sa_job.h2
-rw-r--r--src/libcharon/processing/jobs/rekey_ike_sa_job.c6
-rw-r--r--src/libcharon/processing/jobs/retransmit_job.c4
-rw-r--r--src/libcharon/processing/jobs/retransmit_job.h2
-rw-r--r--src/libcharon/processing/jobs/update_sa_job.c4
-rw-r--r--src/libcharon/processing/jobs/update_sa_job.h2
-rw-r--r--src/libcharon/sa/child_sa.c398
-rw-r--r--src/libcharon/sa/child_sa.h18
-rw-r--r--src/libcharon/sa/child_sa_manager.c14
-rw-r--r--src/libcharon/sa/child_sa_manager.h4
-rw-r--r--src/libcharon/sa/eap/eap_manager.c8
-rw-r--r--src/libcharon/sa/eap/eap_manager.h6
-rw-r--r--src/libcharon/sa/eap/eap_method.h6
-rw-r--r--src/libcharon/sa/ike_sa.c72
-rw-r--r--src/libcharon/sa/ike_sa.h48
-rw-r--r--src/libcharon/sa/ike_sa_id.c20
-rw-r--r--src/libcharon/sa/ike_sa_id.h14
-rw-r--r--src/libcharon/sa/ike_sa_manager.c94
-rw-r--r--src/libcharon/sa/ike_sa_manager.h4
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.c48
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.h8
-rw-r--r--src/libcharon/sa/ikev1/task_manager_v1.c100
-rw-r--r--src/libcharon/sa/ikev1/tasks/aggressive_mode.c17
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_delete.c2
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_dpd.c8
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_dpd.h2
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_natd.c4
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_vendor.c2
-rw-r--r--src/libcharon/sa/ikev1/tasks/main_mode.c22
-rw-r--r--src/libcharon/sa/ikev1/tasks/mode_config.c2
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_delete.c10
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_delete.h2
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_mode.c60
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_mode.h6
-rw-r--r--src/libcharon/sa/ikev1/tasks/xauth.c2
-rw-r--r--src/libcharon/sa/ikev2/authenticators/eap_authenticator.c16
-rw-r--r--src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c4
-rw-r--r--src/libcharon/sa/ikev2/connect_manager.c34
-rw-r--r--src/libcharon/sa/ikev2/keymat_v2.c20
-rw-r--r--src/libcharon/sa/ikev2/task_manager_v2.c284
-rw-r--r--src/libcharon/sa/ikev2/tasks/child_create.c74
-rw-r--r--src/libcharon/sa/ikev2/tasks/child_create.h2
-rw-r--r--src/libcharon/sa/ikev2/tasks/child_delete.c73
-rw-r--r--src/libcharon/sa/ikev2/tasks/child_delete.h2
-rw-r--r--src/libcharon/sa/ikev2/tasks/child_rekey.c146
-rw-r--r--src/libcharon/sa/ikev2/tasks/child_rekey.h23
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_auth.c23
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c8
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_delete.c62
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_init.c12
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_me.c2
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_mobike.c2
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_natd.c6
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_rekey.c261
-rw-r--r--src/libcharon/sa/ikev2/tasks/ike_rekey.h10
-rw-r--r--src/libcharon/sa/redirect_manager.c2
-rw-r--r--src/libcharon/sa/shunt_manager.c110
-rw-r--r--src/libcharon/sa/task_manager.h25
-rw-r--r--src/libcharon/sa/trap_manager.c26
-rw-r--r--src/libcharon/sa/trap_manager.h10
-rw-r--r--src/libcharon/tests/Makefile.am34
-rw-r--r--src/libcharon/tests/Makefile.in333
-rw-r--r--src/libcharon/tests/exchange_tests.c64
-rw-r--r--src/libcharon/tests/exchange_tests.h20
-rw-r--r--src/libcharon/tests/libcharon_tests.c3
-rw-r--r--src/libcharon/tests/libcharon_tests.h12
-rw-r--r--src/libcharon/tests/suites/test_child_create.c106
-rw-r--r--src/libcharon/tests/suites/test_child_delete.c366
-rw-r--r--src/libcharon/tests/suites/test_child_rekey.c1569
-rw-r--r--src/libcharon/tests/suites/test_ike_delete.c137
-rw-r--r--src/libcharon/tests/suites/test_ike_rekey.c1480
-rw-r--r--src/libcharon/tests/suites/test_message_chapoly.c8
-rw-r--r--src/libcharon/tests/suites/test_proposal.c81
-rw-r--r--src/libcharon/tests/utils/exchange_test_asserts.c182
-rw-r--r--src/libcharon/tests/utils/exchange_test_asserts.h343
-rw-r--r--src/libcharon/tests/utils/exchange_test_helper.c372
-rw-r--r--src/libcharon/tests/utils/exchange_test_helper.h128
-rw-r--r--src/libcharon/tests/utils/job_asserts.h59
-rw-r--r--src/libcharon/tests/utils/mock_dh.c87
-rw-r--r--src/libcharon/tests/utils/mock_dh.h37
-rw-r--r--src/libcharon/tests/utils/mock_ipsec.c128
-rw-r--r--src/libcharon/tests/utils/mock_ipsec.h36
-rw-r--r--src/libcharon/tests/utils/mock_nonce_gen.c91
-rw-r--r--src/libcharon/tests/utils/mock_nonce_gen.h37
-rw-r--r--src/libcharon/tests/utils/mock_sender.c85
-rw-r--r--src/libcharon/tests/utils/mock_sender.h56
-rw-r--r--src/libcharon/tests/utils/sa_asserts.h145
-rw-r--r--src/libfast/Makefile.am2
-rw-r--r--src/libfast/Makefile.in33
-rw-r--r--src/libimcv/Android.mk4
-rw-r--r--src/libimcv/Makefile.am10
-rw-r--r--src/libimcv/Makefile.in74
-rw-r--r--src/libimcv/generic/generic_attr_bool.c4
-rw-r--r--src/libimcv/generic/generic_attr_chunk.c2
-rw-r--r--src/libimcv/generic/generic_attr_string.c2
-rw-r--r--src/libimcv/ietf/ietf_attr.c2
-rw-r--r--src/libimcv/ietf/ietf_attr.h2
-rw-r--r--src/libimcv/ietf/ietf_attr_assess_result.c8
-rw-r--r--src/libimcv/ietf/ietf_attr_assess_result.h4
-rw-r--r--src/libimcv/ietf/ietf_attr_attr_request.c10
-rw-r--r--src/libimcv/ietf/ietf_attr_attr_request.h4
-rw-r--r--src/libimcv/ietf/ietf_attr_fwd_enabled.c4
-rw-r--r--src/libimcv/ietf/ietf_attr_installed_packages.c4
-rw-r--r--src/libimcv/ietf/ietf_attr_numeric_version.c26
-rw-r--r--src/libimcv/ietf/ietf_attr_numeric_version.h14
-rw-r--r--src/libimcv/ietf/ietf_attr_op_status.c14
-rw-r--r--src/libimcv/ietf/ietf_attr_op_status.h6
-rw-r--r--src/libimcv/ietf/ietf_attr_port_filter.c16
-rw-r--r--src/libimcv/ietf/ietf_attr_port_filter.h4
-rw-r--r--src/libimcv/ietf/ietf_attr_product_info.c8
-rw-r--r--src/libimcv/ietf/ietf_attr_product_info.h4
-rw-r--r--src/libimcv/ietf/ietf_attr_remediation_instr.c4
-rw-r--r--src/libimcv/ietf/ietf_attr_string_version.c2
-rw-r--r--src/libimcv/imc/imc_agent.c8
-rw-r--r--src/libimcv/imc/imc_agent.h2
-rw-r--r--src/libimcv/imc/imc_os_info.c2
-rw-r--r--src/libimcv/imc/imc_os_info.h4
-rw-r--r--src/libimcv/imc/imc_state.h4
-rw-r--r--src/libimcv/imv/data.sql170
-rw-r--r--src/libimcv/imv/imv_database.h2
-rw-r--r--src/libimcv/ita/ita_attr.c2
-rw-r--r--src/libimcv/ita/ita_attr.h2
-rw-r--r--src/libimcv/ita/ita_attr_angel.c2
-rw-r--r--src/libimcv/ita/ita_attr_command.c2
-rw-r--r--src/libimcv/ita/ita_attr_dummy.c2
-rw-r--r--src/libimcv/ita/ita_attr_get_settings.c4
-rw-r--r--src/libimcv/ita/ita_attr_settings.c4
-rw-r--r--src/libimcv/pa_tnc/pa_tnc_attr_manager.h2
-rw-r--r--src/libimcv/plugins/imc_attestation/Makefile.am3
-rw-r--r--src/libimcv/plugins/imc_attestation/Makefile.in30
-rw-r--r--src/libimcv/plugins/imc_attestation/imc_attestation_process.c43
-rw-r--r--src/libimcv/plugins/imc_attestation/imc_attestation_state.c8
-rw-r--r--src/libimcv/plugins/imc_attestation/imc_attestation_state.h2
-rw-r--r--src/libimcv/plugins/imc_hcd/Makefile.in27
-rw-r--r--src/libimcv/plugins/imc_hcd/imc_hcd_state.c6
-rw-r--r--src/libimcv/plugins/imc_os/Makefile.in27
-rw-r--r--src/libimcv/plugins/imc_os/imc_os.c2
-rw-r--r--src/libimcv/plugins/imc_os/imc_os_state.c6
-rw-r--r--src/libimcv/plugins/imc_scanner/Makefile.in27
-rw-r--r--src/libimcv/plugins/imc_scanner/imc_scanner.c4
-rw-r--r--src/libimcv/plugins/imc_scanner/imc_scanner_state.c6
-rw-r--r--src/libimcv/plugins/imc_swid/Makefile.in27
-rw-r--r--src/libimcv/plugins/imc_swid/imc_swid_state.c14
-rw-r--r--src/libimcv/plugins/imc_swid/imc_swid_state.h2
-rw-r--r--src/libimcv/plugins/imc_test/Makefile.in27
-rw-r--r--src/libimcv/plugins/imc_test/imc_test_state.c6
-rw-r--r--src/libimcv/plugins/imv_attestation/Makefile.am3
-rw-r--r--src/libimcv/plugins/imv_attestation/Makefile.in32
-rw-r--r--src/libimcv/plugins/imv_attestation/attest_db.c2
-rw-r--r--src/libimcv/plugins/imv_attestation/imv_attestation_agent.c7
-rw-r--r--src/libimcv/plugins/imv_attestation/imv_attestation_process.c37
-rw-r--r--src/libimcv/plugins/imv_hcd/Makefile.am1
-rw-r--r--src/libimcv/plugins/imv_hcd/Makefile.in28
-rw-r--r--src/libimcv/plugins/imv_os/Makefile.am3
-rw-r--r--src/libimcv/plugins/imv_os/Makefile.in30
-rw-r--r--src/libimcv/plugins/imv_scanner/Makefile.am3
-rw-r--r--src/libimcv/plugins/imv_scanner/Makefile.in30
-rw-r--r--src/libimcv/plugins/imv_scanner/imv_scanner_agent.c8
-rw-r--r--src/libimcv/plugins/imv_swid/Makefile.am1
-rw-r--r--src/libimcv/plugins/imv_swid/Makefile.in28
-rw-r--r--src/libimcv/plugins/imv_test/Makefile.in27
-rw-r--r--src/libimcv/pts/components/ita/ita_comp_ima.h2
-rw-r--r--src/libimcv/pts/components/ita/ita_comp_tboot.c20
-rw-r--r--src/libimcv/pts/components/ita/ita_comp_tboot.h2
-rw-r--r--src/libimcv/pts/components/ita/ita_comp_tgrub.c20
-rw-r--r--src/libimcv/pts/components/ita/ita_comp_tgrub.h2
-rw-r--r--src/libimcv/pts/components/pts_comp_evidence.c14
-rw-r--r--src/libimcv/pts/components/pts_comp_evidence.h10
-rw-r--r--src/libimcv/pts/components/pts_comp_func_name.c22
-rw-r--r--src/libimcv/pts/components/pts_comp_func_name.h12
-rw-r--r--src/libimcv/pts/components/pts_component.h10
-rw-r--r--src/libimcv/pts/components/pts_component_manager.c10
-rw-r--r--src/libimcv/pts/components/pts_component_manager.h8
-rw-r--r--src/libimcv/pts/pts.c766
-rw-r--r--src/libimcv/pts/pts.h74
-rw-r--r--src/libimcv/pts/pts_file_meas.c8
-rw-r--r--src/libimcv/pts/pts_file_meas.h6
-rw-r--r--src/libimcv/pts/pts_file_meta.h12
-rw-r--r--src/libimcv/pts/pts_ima_bios_list.c9
-rw-r--r--src/libimcv/pts/pts_meas_algo.c18
-rw-r--r--src/libimcv/pts/pts_meas_algo.h8
-rw-r--r--src/libimcv/pts/pts_pcr.c54
-rw-r--r--src/libimcv/pts/pts_pcr.h16
-rw-r--r--src/libimcv/pts/pts_simple_evid_final.h47
-rw-r--r--src/libimcv/pwg/pwg_attr.c2
-rw-r--r--src/libimcv/pwg/pwg_attr.h2
-rw-r--r--src/libimcv/pwg/pwg_attr_vendor_smi_code.c2
-rw-r--r--src/libimcv/swid/swid_error.c4
-rw-r--r--src/libimcv/swid/swid_error.h4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_aik.c6
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c6
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h2
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c12
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c8
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c6
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c20
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h8
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c14
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h4
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c18
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h2
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c16
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c249
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h29
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c2
-rw-r--r--src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c12
-rw-r--r--src/libimcv/tcg/seg/tcg_seg_attr_max_size.c2
-rw-r--r--src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c2
-rw-r--r--src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c2
-rw-r--r--src/libimcv/tcg/swid/tcg_swid_attr_req.c20
-rw-r--r--src/libimcv/tcg/swid/tcg_swid_attr_req.h10
-rw-r--r--src/libimcv/tcg/tcg_attr.c2
-rw-r--r--src/libimcv/tcg/tcg_attr.h2
-rw-r--r--src/libipsec/Makefile.in27
-rw-r--r--src/libipsec/esp_context.c12
-rw-r--r--src/libipsec/esp_context.h8
-rw-r--r--src/libipsec/esp_packet.c28
-rw-r--r--src/libipsec/esp_packet.h6
-rw-r--r--src/libipsec/ip_packet.c58
-rw-r--r--src/libipsec/ip_packet.h6
-rw-r--r--src/libipsec/ipsec_event_listener.h2
-rw-r--r--src/libipsec/ipsec_event_relay.c6
-rw-r--r--src/libipsec/ipsec_event_relay.h2
-rw-r--r--src/libipsec/ipsec_policy.c8
-rw-r--r--src/libipsec/ipsec_policy.h4
-rw-r--r--src/libipsec/ipsec_policy_mgr.c14
-rw-r--r--src/libipsec/ipsec_policy_mgr.h2
-rw-r--r--src/libipsec/ipsec_processor.c4
-rw-r--r--src/libipsec/ipsec_sa.c36
-rw-r--r--src/libipsec/ipsec_sa.h28
-rw-r--r--src/libipsec/ipsec_sa_mgr.c62
-rw-r--r--src/libipsec/ipsec_sa_mgr.h24
-rw-r--r--src/libipsec/tests/Makefile.in27
-rw-r--r--src/libipsec/tests/suites/test_chapoly.c6
-rw-r--r--src/libpttls/Makefile.in27
-rw-r--r--src/libpttls/pt_tls.c11
-rw-r--r--src/libpttls/pt_tls.h6
-rw-r--r--src/libpttls/pt_tls_client.c16
-rw-r--r--src/libpttls/pt_tls_server.c14
-rw-r--r--src/libradius/Makefile.in27
-rw-r--r--src/libradius/radius_config.c2
-rw-r--r--src/libradius/radius_config.h2
-rw-r--r--src/libradius/radius_message.c30
-rw-r--r--src/libradius/radius_message.h10
-rw-r--r--src/libradius/radius_mppe.h10
-rw-r--r--src/libradius/radius_socket.c18
-rw-r--r--src/libradius/radius_socket.h4
-rw-r--r--src/libsimaka/Makefile.in27
-rw-r--r--src/libsimaka/simaka_card.h6
-rw-r--r--src/libsimaka/simaka_manager.c6
-rw-r--r--src/libsimaka/simaka_manager.h8
-rw-r--r--src/libsimaka/simaka_message.c26
-rw-r--r--src/libsimaka/simaka_message.h4
-rw-r--r--src/libsimaka/simaka_provider.h4
-rw-r--r--src/libstrongswan/Makefile.am4
-rw-r--r--src/libstrongswan/Makefile.in117
-rw-r--r--src/libstrongswan/asn1/asn1.c6
-rw-r--r--src/libstrongswan/asn1/asn1.h4
-rw-r--r--src/libstrongswan/asn1/oid.c891
-rw-r--r--src/libstrongswan/asn1/oid.h431
-rw-r--r--src/libstrongswan/asn1/oid.txt1
-rw-r--r--src/libstrongswan/bio/bio_reader.c58
-rw-r--r--src/libstrongswan/bio/bio_reader.h26
-rw-r--r--src/libstrongswan/bio/bio_writer.c14
-rw-r--r--src/libstrongswan/bio/bio_writer.h12
-rw-r--r--src/libstrongswan/collections/array.c20
-rw-r--r--src/libstrongswan/collections/array.h2
-rw-r--r--src/libstrongswan/credentials/auth_cfg.h2
-rw-r--r--src/libstrongswan/credentials/containers/pkcs12.c10
-rw-r--r--src/libstrongswan/credentials/containers/pkcs12.h2
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.c1
-rw-r--r--src/libstrongswan/crypto/crypto_factory.c4
-rw-r--r--src/libstrongswan/crypto/hashers/hasher.h2
-rw-r--r--src/libstrongswan/crypto/iv/iv_gen.h6
-rw-r--r--src/libstrongswan/crypto/iv/iv_gen_null.c4
-rw-r--r--src/libstrongswan/crypto/iv/iv_gen_rand.c4
-rw-r--r--src/libstrongswan/crypto/iv/iv_gen_seq.c28
-rw-r--r--src/libstrongswan/crypto/mac.h2
-rw-r--r--src/libstrongswan/crypto/mgf1/mgf1.c2
-rw-r--r--src/libstrongswan/crypto/nonce_gen.h2
-rw-r--r--src/libstrongswan/crypto/pkcs5.c12
-rw-r--r--src/libstrongswan/crypto/prf_plus.c4
-rw-r--r--src/libstrongswan/crypto/prf_plus.h2
-rw-r--r--src/libstrongswan/crypto/prfs/mac_prf.c2
-rw-r--r--src/libstrongswan/crypto/prfs/prf.h2
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.c2
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.h8
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.c298
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.txt5
-rw-r--r--src/libstrongswan/crypto/rngs/rng.c4
-rw-r--r--src/libstrongswan/crypto/rngs/rng.h4
-rw-r--r--src/libstrongswan/crypto/signers/mac_signer.c8
-rw-r--r--src/libstrongswan/crypto/signers/signer.h2
-rw-r--r--src/libstrongswan/eap/eap.h12
-rw-r--r--src/libstrongswan/ipsec/ipsec_types.c16
-rw-r--r--src/libstrongswan/ipsec/ipsec_types.h29
-rw-r--r--src/libstrongswan/networking/host.c20
-rw-r--r--src/libstrongswan/networking/host.h12
-rw-r--r--src/libstrongswan/networking/packet.c6
-rw-r--r--src/libstrongswan/networking/packet.h4
-rw-r--r--src/libstrongswan/networking/tun_device.c16
-rw-r--r--src/libstrongswan/networking/tun_device.h4
-rw-r--r--src/libstrongswan/pen/pen.h6
-rw-r--r--src/libstrongswan/plugins/acert/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/aes/aes_crypter.c82
-rw-r--r--src/libstrongswan/plugins/aesni/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/aesni/aesni_ccm.c8
-rw-r--r--src/libstrongswan/plugins/aesni/aesni_cmac.c2
-rw-r--r--src/libstrongswan/plugins/aesni/aesni_ctr.c2
-rw-r--r--src/libstrongswan/plugins/aesni/aesni_gcm.c2
-rw-r--r--src/libstrongswan/plugins/aesni/aesni_xcbc.c2
-rw-r--r--src/libstrongswan/plugins/af_alg/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_hasher.c2
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_ops.c2
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_ops.h2
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_plugin.c19
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_prf.c2
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_signer.c2
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/agent/agent_private_key.c20
-rw-r--r--src/libstrongswan/plugins/bliss/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/bliss/tests/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/blowfish/blowfish_crypter.c6
-rw-r--r--src/libstrongswan/plugins/ccm/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/ccm/ccm_aead.c6
-rw-r--r--src/libstrongswan/plugins/chapoly/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/chapoly/chapoly_aead.c8
-rw-r--r--src/libstrongswan/plugins/chapoly/chapoly_drv_portable.c42
-rw-r--r--src/libstrongswan/plugins/chapoly/chapoly_drv_ssse3.c66
-rw-r--r--src/libstrongswan/plugins/cmac/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/cmac/cmac.c16
-rw-r--r--src/libstrongswan/plugins/constraints/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/ctr/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/ctr/ctr_ipsec_crypter.c2
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/curl/curl_plugin.c5
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/des/des_crypter.c14
-rw-r--r--src/libstrongswan/plugins/dnskey/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/dnskey/dnskey_builder.c8
-rw-r--r--src/libstrongswan/plugins/files/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf.c26
-rw-r--r--src/libstrongswan/plugins/gcm/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/gcm/gcm_aead.c4
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c2
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rng.c2
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/hmac/hmac.c8
-rw-r--r--src/libstrongswan/plugins/keychain/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/md4/md4_hasher.c48
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/md5/md5_hasher.c52
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/nonce/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/nonce/nonce_nonceg.c2
-rw-r--r--src/libstrongswan/plugins/ntru/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_drbg.c14
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_drbg.h8
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_ke.c4
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crl.c49
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crypter.c55
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c56
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_private_key.c10
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_public_key.c19
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_gcm.c26
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_hasher.c4
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_hmac.c36
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_pkcs12.c6
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_pkcs7.c12
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c41
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rng.c9
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c41
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c27
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_sha1_prf.c4
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_util.c15
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_util.h43
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_x509.c60
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_rng.c2
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c10
-rw-r--r--src/libstrongswan/plugins/pem/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/pem/pem_builder.c2
-rw-r--r--src/libstrongswan/plugins/pgp/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_builder.c6
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_cert.c8
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_utils.c10
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_utils.h2
-rw-r--r--src/libstrongswan/plugins/pkcs1/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/pkcs11/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c2
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c12
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_rng.c2
-rw-r--r--src/libstrongswan/plugins/pkcs12/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/pkcs12/pkcs12_decode.c4
-rw-r--r--src/libstrongswan/plugins/pkcs7/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/pkcs8/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/plugin_feature.c2
-rw-r--r--src/libstrongswan/plugins/plugin_feature.h2
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c34
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/random/random_rng.c2
-rw-r--r--src/libstrongswan/plugins/rc2/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/rc2/rc2_crypter.c20
-rw-r--r--src/libstrongswan/plugins/rdrand/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/rdrand/rdrand_rng.c76
-rw-r--r--src/libstrongswan/plugins/revocation/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/sha1/sha1_hasher.c34
-rw-r--r--src/libstrongswan/plugins/sha1/sha1_prf.c16
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/sha2/sha2_hasher.c58
-rw-r--r--src/libstrongswan/plugins/sha3/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/soup/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/sshkey/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/unbound/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/winhttp/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/winhttp/winhttp_fetcher.c2
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c3
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in27
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc.c16
-rw-r--r--src/libstrongswan/processing/jobs/job.h2
-rw-r--r--src/libstrongswan/processing/scheduler.c4
-rw-r--r--src/libstrongswan/processing/scheduler.h4
-rw-r--r--src/libstrongswan/selectors/traffic_selector.c80
-rw-r--r--src/libstrongswan/selectors/traffic_selector.h36
-rw-r--r--src/libstrongswan/settings/settings.c14
-rw-r--r--src/libstrongswan/settings/settings.h10
-rw-r--r--src/libstrongswan/settings/settings_lexer.c233
-rw-r--r--src/libstrongswan/settings/settings_parser.c44
-rw-r--r--src/libstrongswan/settings/settings_parser.h8
-rw-r--r--src/libstrongswan/tests/Makefile.am2
-rw-r--r--src/libstrongswan/tests/Makefile.in31
-rw-r--r--src/libstrongswan/tests/suites/test_array.c2
-rw-r--r--src/libstrongswan/tests/suites/test_asn1.c6
-rw-r--r--src/libstrongswan/tests/suites/test_bio_reader.c20
-rw-r--r--src/libstrongswan/tests/suites/test_chunk.c38
-rw-r--r--src/libstrongswan/tests/suites/test_host.c6
-rw-r--r--src/libstrongswan/tests/suites/test_iv_gen.c32
-rw-r--r--src/libstrongswan/tests/suites/test_ntru.c8
-rw-r--r--src/libstrongswan/tests/suites/test_printf.c12
-rw-r--r--src/libstrongswan/tests/suites/test_traffic_selector.c40
-rw-r--r--src/libstrongswan/tests/suites/test_utils.c96
-rw-r--r--src/libstrongswan/tests/test_runner.c30
-rw-r--r--src/libstrongswan/tests/test_runner.h4
-rw-r--r--src/libstrongswan/tests/utils/test_rng.c2
-rw-r--r--src/libstrongswan/threading/thread.c26
-rw-r--r--src/libstrongswan/utils/chunk.c62
-rw-r--r--src/libstrongswan/utils/chunk.h18
-rw-r--r--src/libstrongswan/utils/compat/android.h17
-rw-r--r--src/libstrongswan/utils/cpu_feature.c2
-rw-r--r--src/libstrongswan/utils/identification.c9
-rw-r--r--src/libstrongswan/utils/identification.h2
-rw-r--r--src/libstrongswan/utils/integrity_checker.c10
-rw-r--r--src/libstrongswan/utils/integrity_checker.h8
-rw-r--r--src/libstrongswan/utils/leak_detective.c34
-rw-r--r--src/libstrongswan/utils/utils.c2
-rw-r--r--src/libstrongswan/utils/utils/align.c6
-rw-r--r--src/libstrongswan/utils/utils/align.h2
-rw-r--r--src/libstrongswan/utils/utils/byteorder.h47
-rw-r--r--src/libstrongswan/utils/utils/memory.c2
-rw-r--r--src/libstrongswan/utils/utils/memory.h2
-rw-r--r--src/libstrongswan/utils/utils/string.h8
-rw-r--r--src/libstrongswan/utils/utils/time.c2
-rw-r--r--src/libstrongswan/utils/utils/types.h15
-rw-r--r--src/libtls/Makefile.in28
-rw-r--r--src/libtls/tests/Makefile.in27
-rw-r--r--src/libtls/tests/suites/test_socket.c4
-rw-r--r--src/libtls/tls.c6
-rw-r--r--src/libtls/tls_aead.c16
-rw-r--r--src/libtls/tls_aead.h4
-rw-r--r--src/libtls/tls_aead_expl.c16
-rw-r--r--src/libtls/tls_aead_impl.c16
-rw-r--r--src/libtls/tls_aead_null.c12
-rw-r--r--src/libtls/tls_crypto.c6
-rw-r--r--src/libtls/tls_fragmentation.c6
-rw-r--r--src/libtls/tls_peer.c10
-rw-r--r--src/libtls/tls_protection.c4
-rw-r--r--src/libtls/tls_server.c8
-rw-r--r--src/libtnccs/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnc_imc/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnc_imv/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnc_tnccs/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnc_tnccs/tnc_tnccs_manager.c14
-rw-r--r--src/libtnccs/plugins/tnccs_11/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnccs_11/tnccs_11.c10
-rw-r--r--src/libtnccs/plugins/tnccs_20/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnccs_20/batch/pb_tnc_batch.c16
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.c10
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.h4
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.c8
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.h4
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.c30
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.h16
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_experimental_msg.c2
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_language_preference_msg.c2
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.c16
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.h8
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_reason_string_msg.c2
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ietf/pb_remediation_parameters_msg.c4
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ita/pb_mutual_capability_msg.c2
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/ita/pb_noskip_test_msg.c2
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/pb_tnc_msg.h4
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.c12
-rw-r--r--src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.h6
-rw-r--r--src/libtnccs/plugins/tnccs_20/tnccs_20.c8
-rw-r--r--src/libtnccs/plugins/tnccs_20/tnccs_20_client.c14
-rw-r--r--src/libtnccs/plugins/tnccs_20/tnccs_20_client.h2
-rw-r--r--src/libtnccs/plugins/tnccs_20/tnccs_20_server.c6
-rw-r--r--src/libtnccs/plugins/tnccs_dynamic/Makefile.in27
-rw-r--r--src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c8
-rw-r--r--src/libtnccs/tnc/tnccs/tnccs.h6
-rw-r--r--src/libtnccs/tnc/tnccs/tnccs_manager.h2
-rw-r--r--src/libtncif/Makefile.in27
-rw-r--r--src/libtncif/tncif_identity.c4
-rw-r--r--src/libtpmtss/Makefile.am25
-rw-r--r--src/libtpmtss/Makefile.in788
-rw-r--r--src/libtpmtss/tpm_tss.c54
-rw-r--r--src/libtpmtss/tpm_tss.h140
-rw-r--r--src/libtpmtss/tpm_tss_quote_info.c330
-rw-r--r--src/libtpmtss/tpm_tss_quote_info.h151
-rw-r--r--src/libtpmtss/tpm_tss_trousers.c655
-rw-r--r--src/libtpmtss/tpm_tss_trousers.h52
-rw-r--r--src/libtpmtss/tpm_tss_tss2.c696
-rw-r--r--src/libtpmtss/tpm_tss_tss2.h31
-rw-r--r--src/libtpmtss/tpm_tss_tss2_names.c123
-rw-r--r--src/libtpmtss/tpm_tss_tss2_names.h30
-rw-r--r--src/manager/Makefile.in27
-rw-r--r--src/manager/controller/control_controller.c4
-rw-r--r--src/manager/gateway.c2
-rw-r--r--src/manager/gateway.h2
-rw-r--r--src/medsrv/Makefile.in27
-rw-r--r--src/pki/Makefile.am2
-rw-r--r--src/pki/Makefile.in32
-rw-r--r--src/pki/man/Makefile.in40
-rw-r--r--src/pool/Makefile.in28
-rw-r--r--src/pool/sqlite.sql2
-rw-r--r--src/pt-tls-client/Makefile.in27
-rw-r--r--src/pt-tls-client/pt-tls-client.c2
-rw-r--r--src/scepclient/Makefile.in28
-rw-r--r--src/starter/Makefile.am5
-rw-r--r--src/starter/Makefile.in38
-rw-r--r--src/starter/confread.c2
-rw-r--r--src/starter/confread.h20
-rw-r--r--src/starter/parser/lexer.c233
-rw-r--r--src/starter/parser/parser.c40
-rw-r--r--src/starter/parser/parser.h8
-rw-r--r--src/starter/tests/Makefile.in27
-rw-r--r--src/stroke/Makefile.in27
-rw-r--r--src/stroke/stroke_msg.h32
-rw-r--r--src/swanctl/Makefile.am2
-rw-r--r--src/swanctl/Makefile.in35
-rw-r--r--src/swanctl/commands/list_conns.c112
-rw-r--r--src/swanctl/commands/list_sas.c7
-rw-r--r--src/swanctl/commands/load_authorities.c2
-rw-r--r--src/swanctl/commands/load_conns.c2
-rw-r--r--src/swanctl/commands/load_pools.c2
-rw-r--r--src/swanctl/swanctl.conf6
-rw-r--r--src/swanctl/swanctl.conf.5.main14
-rw-r--r--src/swanctl/swanctl.opt12
902 files changed, 24024 insertions, 9225 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index a9df10cc6..938335e78 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -32,6 +32,10 @@ if USE_LIBPTTLS
SUBDIRS += libpttls
endif
+if USE_LIBTPMTSS
+ SUBDIRS += libtpmtss
+endif
+
if USE_IMCV
SUBDIRS += libimcv
endif
@@ -131,3 +135,7 @@ endif
if USE_AIKGEN
SUBDIRS += aikgen
endif
+
+if USE_AIKPUB2
+ SUBDIRS += aikpub2
+endif
diff --git a/src/Makefile.in b/src/Makefile.in
index 1d012fb22..51317383f 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -85,33 +95,34 @@ host_triplet = @host@
@USE_LIBTNCIF_TRUE@am__append_6 = libtncif
@USE_LIBTNCCS_TRUE@am__append_7 = libtnccs
@USE_LIBPTTLS_TRUE@am__append_8 = libpttls
-@USE_IMCV_TRUE@am__append_9 = libimcv
-@USE_LIBCHARON_TRUE@am__append_10 = libcharon
-@USE_FILE_CONFIG_TRUE@am__append_11 = starter
-@USE_IPSEC_SCRIPT_TRUE@am__append_12 = ipsec _copyright
-@USE_CHARON_TRUE@am__append_13 = charon
-@USE_SYSTEMD_TRUE@am__append_14 = charon-systemd
-@USE_NM_TRUE@am__append_15 = charon-nm
-@USE_STROKE_TRUE@am__append_16 = stroke
-@USE_UPDOWN_TRUE@am__append_17 = _updown
-@USE_SCEPCLIENT_TRUE@am__append_18 = scepclient
-@USE_PKI_TRUE@am__append_19 = pki
-@USE_SWANCTL_TRUE@am__append_20 = swanctl
-@USE_CONFTEST_TRUE@am__append_21 = conftest
-@USE_DUMM_TRUE@am__append_22 = dumm
-@USE_FAST_TRUE@am__append_23 = libfast
-@USE_MANAGER_TRUE@am__append_24 = manager
-@USE_MEDSRV_TRUE@am__append_25 = medsrv
-@USE_ATTR_SQL_TRUE@am__append_26 = pool
-@USE_ATTR_SQL_FALSE@@USE_SQL_TRUE@am__append_27 = pool
-@USE_TKM_TRUE@am__append_28 = charon-tkm
-@USE_CMD_TRUE@am__append_29 = charon-cmd
-@USE_SVC_TRUE@am__append_30 = charon-svc
-@USE_LIBPTTLS_TRUE@am__append_31 = pt-tls-client
-@USE_INTEGRITY_TEST_TRUE@am__append_32 = checksum
-@USE_AIKGEN_TRUE@am__append_33 = aikgen
+@USE_LIBTPMTSS_TRUE@am__append_9 = libtpmtss
+@USE_IMCV_TRUE@am__append_10 = libimcv
+@USE_LIBCHARON_TRUE@am__append_11 = libcharon
+@USE_FILE_CONFIG_TRUE@am__append_12 = starter
+@USE_IPSEC_SCRIPT_TRUE@am__append_13 = ipsec _copyright
+@USE_CHARON_TRUE@am__append_14 = charon
+@USE_SYSTEMD_TRUE@am__append_15 = charon-systemd
+@USE_NM_TRUE@am__append_16 = charon-nm
+@USE_STROKE_TRUE@am__append_17 = stroke
+@USE_UPDOWN_TRUE@am__append_18 = _updown
+@USE_SCEPCLIENT_TRUE@am__append_19 = scepclient
+@USE_PKI_TRUE@am__append_20 = pki
+@USE_SWANCTL_TRUE@am__append_21 = swanctl
+@USE_CONFTEST_TRUE@am__append_22 = conftest
+@USE_DUMM_TRUE@am__append_23 = dumm
+@USE_FAST_TRUE@am__append_24 = libfast
+@USE_MANAGER_TRUE@am__append_25 = manager
+@USE_MEDSRV_TRUE@am__append_26 = medsrv
+@USE_ATTR_SQL_TRUE@am__append_27 = pool
+@USE_ATTR_SQL_FALSE@@USE_SQL_TRUE@am__append_28 = pool
+@USE_TKM_TRUE@am__append_29 = charon-tkm
+@USE_CMD_TRUE@am__append_30 = charon-cmd
+@USE_SVC_TRUE@am__append_31 = charon-svc
+@USE_LIBPTTLS_TRUE@am__append_32 = pt-tls-client
+@USE_INTEGRITY_TEST_TRUE@am__append_33 = checksum
+@USE_AIKGEN_TRUE@am__append_34 = aikgen
+@USE_AIKPUB2_TRUE@am__append_35 = aikpub2
subdir = src
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -125,6 +136,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -184,11 +196,12 @@ am__define_uniq_tagged_files = \
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = . include libstrongswan libipsec libsimaka libtls \
- libradius libtncif libtnccs libpttls libimcv libcharon starter \
- ipsec _copyright charon charon-systemd charon-nm stroke \
- _updown scepclient pki swanctl conftest dumm libfast manager \
- medsrv pool charon-tkm charon-cmd charon-svc pt-tls-client \
- checksum aikgen
+ libradius libtncif libtnccs libpttls libtpmtss libimcv \
+ libcharon starter ipsec _copyright charon charon-systemd \
+ charon-nm stroke _updown scepclient pki swanctl conftest dumm \
+ libfast manager medsrv pool charon-tkm charon-cmd charon-svc \
+ pt-tls-client checksum aikgen aikpub2
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -220,6 +233,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -269,6 +283,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -303,6 +318,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -414,6 +430,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -452,7 +469,8 @@ SUBDIRS = . include $(am__append_1) $(am__append_2) $(am__append_3) \
$(am__append_22) $(am__append_23) $(am__append_24) \
$(am__append_25) $(am__append_26) $(am__append_27) \
$(am__append_28) $(am__append_29) $(am__append_30) \
- $(am__append_31) $(am__append_32) $(am__append_33)
+ $(am__append_31) $(am__append_32) $(am__append_33) \
+ $(am__append_34) $(am__append_35)
all: all-recursive
.SUFFIXES:
@@ -468,7 +486,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -763,6 +780,8 @@ uninstall-am:
mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
ps ps-am tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/_copyright/Makefile.in b/src/_copyright/Makefile.in
index 432bde59b..5f7d50fd9 100644
--- a/src/_copyright/Makefile.in
+++ b/src/_copyright/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = _copyright$(EXEEXT)
subdir = src/_copyright
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -169,12 +178,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -224,6 +235,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -258,6 +270,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -369,6 +382,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -418,7 +432,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/_copyright/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/_copyright/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -734,6 +747,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/_updown/Makefile.in b/src/_updown/Makefile.in
index 08fce3e2c..1d15c0c93 100644
--- a/src/_updown/Makefile.in
+++ b/src/_updown/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,7 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/_updown
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -93,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -146,12 +156,14 @@ am__can_run_installinfo = \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -201,6 +213,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -235,6 +248,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -346,6 +360,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -392,7 +407,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/_updown/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/_updown/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -607,6 +621,8 @@ uninstall-am: uninstall-ipsecSCRIPTS
mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \
uninstall-am uninstall-ipsecSCRIPTS
+.PRECIOUS: Makefile
+
_updown : _updown.in
$(AM_V_GEN) \
diff --git a/src/aikgen/Makefile.am b/src/aikgen/Makefile.am
index dc59d20cf..860a8f7a6 100644
--- a/src/aikgen/Makefile.am
+++ b/src/aikgen/Makefile.am
@@ -2,14 +2,13 @@ bin_PROGRAMS = aikgen
aikgen_SOURCES = aikgen.c
-aikgen_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-aikgen.o : $(top_builddir)/config.status
+aikgen_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
-if USE_TROUSERS
- aikgen_LDADD += -ltspi
-endif
+aikgen.o : $(top_builddir)/config.status
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libtpmtss \
-DIPSEC_CONFDIR=\"${sysconfdir}\" \
-DPLUGINS=\""${aikgen_plugins}\""
diff --git a/src/aikgen/Makefile.in b/src/aikgen/Makefile.in
index 8fb9126e5..1e2b7dd8b 100644
--- a/src/aikgen/Makefile.in
+++ b/src/aikgen/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,10 +89,7 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
bin_PROGRAMS = aikgen$(EXEEXT)
-@USE_TROUSERS_TRUE@am__append_1 = -ltspi
subdir = src/aikgen
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -104,10 +112,9 @@ am__installdirs = "$(DESTDIR)$(bindir)"
PROGRAMS = $(bin_PROGRAMS)
am_aikgen_OBJECTS = aikgen.$(OBJEXT)
aikgen_OBJECTS = $(am_aikgen_OBJECTS)
-am__DEPENDENCIES_1 =
aikgen_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(am__DEPENDENCIES_1)
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -172,12 +179,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -227,6 +236,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -261,6 +271,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -372,6 +383,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -402,9 +414,11 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
aikgen_SOURCES = aikgen.c
aikgen_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(am__append_1)
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
+
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libtpmtss \
-DIPSEC_CONFDIR=\"${sysconfdir}\" \
-DPLUGINS=\""${aikgen_plugins}\""
@@ -424,7 +438,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/aikgen/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/aikgen/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -739,6 +752,9 @@ uninstall-am: uninstall-binPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-binPROGRAMS
+.PRECIOUS: Makefile
+
+
aikgen.o : $(top_builddir)/config.status
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/aikgen/aikgen.c b/src/aikgen/aikgen.c
index 192636afc..3e2d44477 100644
--- a/src/aikgen/aikgen.c
+++ b/src/aikgen/aikgen.c
@@ -1,38 +1,25 @@
/*
- * Copyright (C) 2014 Andreas Steffen
+ * Copyright (C) 2014-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
- * Copyright (c) 2008 Hal Finney
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
*/
+#include "tpm_tss.h"
+
#include <library.h>
#include <utils/debug.h>
#include <utils/optionsfrom.h>
#include <credentials/certificates/x509.h>
#include <credentials/keys/public_key.h>
-#include <asn1/oid.h>
-#include <asn1/asn1.h>
-
-#include <trousers/tss.h>
-#include <trousers/trousers.h>
#include <syslog.h>
#include <getopt.h>
@@ -44,12 +31,9 @@
/* default name of AIK private key blob */
#define DEFAULT_FILENAME_AIKBLOB AIK_DIR "aikBlob.bin"
-/* default name of AIK private key blob */
+/* default name of AIK public key */
#define DEFAULT_FILENAME_AIKPUBKEY AIK_DIR "aikPub.der"
-/* size in bytes of a TSS AIK public key blob */
-#define AIK_PUBKEY_BLOB_SIZE 284
-
/* logging */
static bool log_to_stderr = TRUE;
static bool log_to_syslog = TRUE;
@@ -64,9 +48,7 @@ public_key_t *ca_pubkey;
chunk_t ca_modulus;
chunk_t aik_pubkey;
chunk_t aik_keyid;
-
-/* TPM context */
-TSS_HCONTEXT hContext;
+tpm_tss_t *tpm;
/**
* logging function for aikgen
@@ -128,12 +110,13 @@ static void init_log(const char *program)
/**
* @brief exit aikgen
*
- * @param status 0 = OK, 1 = general discomfort
+ * @param status 0 = OK, -1 = general discomfort
*/
static void exit_aikgen(err_t message, ...)
{
int status = 0;
+ DESTROY_IF(tpm);
DESTROY_IF(cacert);
DESTROY_IF(ca_pubkey);
free(ca_modulus.ptr);
@@ -141,13 +124,6 @@ static void exit_aikgen(err_t message, ...)
free(aik_keyid.ptr);
options->destroy(options);
- /* clean up TPM context */
- if (hContext)
- {
- Tspi_Context_FreeMemory(hContext, NULL);
- Tspi_Context_Close(hContext);
- }
-
/* print any error message to stderr */
if (message != NULL && *message != '\0')
{
@@ -158,7 +134,7 @@ static void exit_aikgen(err_t message, ...)
vsnprintf(m, sizeof(m), message, args);
va_end(args);
- fprintf(stderr, "error: %s\n", m);
+ fprintf(stderr, "aikgen error: %s\n", m);
status = -1;
}
library_deinit();
@@ -178,7 +154,7 @@ static void usage(const char *message)
" [--aikblob <filename>] [--aikpubkey <filename>] \n"
" [--idreq <filename>] [--force]"
" [--quiet] [--debug <level>]\n"
- " aikgen --help\n"
+ " aikgen --help\n"
"\n"
"Options:\n"
" --cacert (-c) certificate of [privacy] CA\n"
@@ -216,24 +192,7 @@ int main(int argc, char *argv[])
bool force = FALSE;
chunk_t identity_req;
chunk_t aik_blob;
- chunk_t aik_pubkey_blob;
- chunk_t aik_modulus;
- chunk_t aik_exponent;
-
- /* TPM variables */
- TSS_RESULT result;
- TSS_HTPM hTPM;
- TSS_HKEY hSRK;
- TSS_HKEY hPCAKey;
- TSS_HPOLICY hSrkPolicy;
- TSS_HPOLICY hTPMPolicy;
- TSS_HKEY hIdentKey;
- TSS_UUID SRK_UUID = TSS_UUID_SRK;
- BYTE secret[] = TSS_WELL_KNOWN_SECRET;
- BYTE *IdentityReq;
- UINT32 IdentityReqLen;
- BYTE *blob;
- UINT32 blobLen;
+ hasher_t *hasher;
atexit(library_deinit);
if (!library_init(NULL, "aikgen"))
@@ -370,105 +329,29 @@ int main(int argc, char *argv[])
if (ca_pubkey->get_type(ca_pubkey) != KEY_RSA ||
ca_pubkey->get_keysize(ca_pubkey) != 2048)
{
- exit_aikgen("ca public key must be RSA 2048 but is %N %d",
+ exit_aikgen("CA public key must be RSA 2048 but is %N %d",
key_type_names, ca_pubkey->get_type(ca_pubkey),
ca_pubkey->get_keysize(ca_pubkey));
}
if (!ca_pubkey->get_encoding(ca_pubkey, PUBKEY_RSA_MODULUS, &ca_modulus))
{
- exit_aikgen("could not extract RSA modulus from ca public key");
- }
-
- /* initialize TSS context and connect to it */
- result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Context_Create", result);
- }
- result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Context_Connect", result);
- }
-
- /* get SRK plus SRK policy and set SRK secret */
- result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
- SRK_UUID, &hSRK);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Context_LoadKeyByUUID for SRK", result);
- }
- result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSrkPolicy);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_GetPolicyObject for SRK", result);
- }
- result = Tspi_Policy_SetSecret(hSrkPolicy, TSS_SECRET_MODE_SHA1, 20, secret);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Policy_SetSecret for SRK", result);
- }
-
- /* get TPM plus TPM policy and set TPM secret */
- result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Context_GetTpmObject", result);
- }
- result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTPMPolicy);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_GetPolicyObject for TPM", result);
- }
- result = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_SHA1, 20, secret);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Policy_SetSecret for TPM", result);
- }
-
- /* create context for a 2048 bit AIK */
- result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
- TSS_KEY_TYPE_IDENTITY | TSS_KEY_SIZE_2048 |
- TSS_KEY_VOLATILE | TSS_KEY_NOT_MIGRATABLE, &hIdentKey);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Context_CreateObject for key", result);
+ exit_aikgen("could not extract RSA modulus from CA public key");
}
- /* create context for the Privacy CA public key and assign modulus */
- result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
- TSS_KEY_TYPE_LEGACY|TSS_KEY_SIZE_2048, &hPCAKey);
- if (result != TSS_SUCCESS)
+ /* try to find a TPM 1.2 */
+ tpm = tpm_tss_probe(TPM_VERSION_1_2);
+ if (!tpm)
{
- exit_aikgen("tss 0x%x on Tspi_Context_CreateObject for PCA", result);
- }
- result = Tspi_SetAttribData (hPCAKey, TSS_TSPATTRIB_RSAKEY_INFO,
- TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, ca_modulus.len,
- ca_modulus.ptr);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_SetAttribData for PCA modulus", result);
- }
- result = Tspi_SetAttribUint32(hPCAKey, TSS_TSPATTRIB_KEY_INFO,
- TSS_TSPATTRIB_KEYINFO_ENCSCHEME, TSS_ES_RSAESPKCSV15);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_SetAttribUint32 for PCA "
- "encryption scheme", result);
+ exit_aikgen("no TPM 1.2 found");
}
- /* generate AIK */
- DBG1(DBG_LIB, "Generating identity key...");
- result = Tspi_TPM_CollateIdentityRequest(hTPM, hSRK, hPCAKey, 0, NULL,
- hIdentKey, TSS_ALG_AES, &IdentityReqLen, &IdentityReq);
- if (result != TSS_SUCCESS)
+ if (!tpm->generate_aik(tpm, ca_modulus, &aik_blob, &aik_pubkey,
+ &identity_req))
{
- exit_aikgen("tss 0x%x on Tspi_TPM_CollateIdentityRequest", result);
+ exit_aikgen("could not generate AIK");
}
- identity_req = chunk_create(IdentityReq, IdentityReqLen);
- DBG3(DBG_LIB, "Identity Request: %B", &identity_req);
- /* optionally output identity request encrypted with ca public key */
+ /* optionally output identity request encrypted with CA public key */
if (idreq_filename)
{
if (!chunk_write(identity_req, idreq_filename, 0022, force))
@@ -480,24 +363,7 @@ int main(int argc, char *argv[])
idreq_filename, identity_req.len);
}
- /* load identity key */
- result = Tspi_Key_LoadKey (hIdentKey, hSRK);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_Key_LoadKey for AIK\n", result);
- }
-
- /* output AIK private key in TSS blob format */
- result = Tspi_GetAttribData (hIdentKey, TSS_TSPATTRIB_KEY_BLOB,
- TSS_TSPATTRIB_KEYBLOB_BLOB, &blobLen, &blob);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_GetAttribData for private key blob",
- result);
- }
- aik_blob = chunk_create(blob, blobLen);
- DBG3(DBG_LIB, "AIK private key blob: %B", &aik_blob);
-
+ /* output AIK private key blob */
if (!chunk_write(aik_blob, aikblob_filename, 0022, force))
{
exit_aikgen("could not write AIK blob file '%s': %s",
@@ -506,32 +372,7 @@ int main(int argc, char *argv[])
DBG1(DBG_LIB, "AIK private key blob written to '%s' (%u bytes)",
aikblob_filename, aik_blob.len);
- /* output AIK Public Key in TSS blob format */
- result = Tspi_GetAttribData (hIdentKey, TSS_TSPATTRIB_KEY_BLOB,
- TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobLen, &blob);
- if (result != TSS_SUCCESS)
- {
- exit_aikgen("tss 0x%x on Tspi_GetAttribData for public key blob",
- result);
- }
- aik_pubkey_blob = chunk_create(blob, blobLen);
- DBG3(DBG_LIB, "AIK public key blob: %B", &aik_pubkey_blob);
-
- /* create a trusted AIK public key */
- if (aik_pubkey_blob.len != AIK_PUBKEY_BLOB_SIZE)
- {
- exit_aikgen("AIK public key is not in TSS blob format");
- }
- aik_modulus = chunk_skip(aik_pubkey_blob, AIK_PUBKEY_BLOB_SIZE - 256);
- aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
-
- /* output subjectPublicKeyInfo encoding of AIK public key */
- if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER, NULL,
- &aik_pubkey, CRED_PART_RSA_MODULUS, aik_modulus,
- CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
- {
- exit_aikgen("subjectPublicKeyInfo encoding of AIK key failed");
- }
+ /* output AIK public key */
if (!chunk_write(aik_pubkey, aikpubkey_filename, 0022, force))
{
exit_aikgen("could not write AIK public key file '%s': %s",
@@ -541,12 +382,14 @@ int main(int argc, char *argv[])
aikpubkey_filename, aik_pubkey.len);
/* display AIK keyid derived from subjectPublicKeyInfo encoding */
- if (!lib->encoding->encode(lib->encoding, KEYID_PUBKEY_INFO_SHA1, NULL,
- &aik_keyid, CRED_PART_RSA_MODULUS, aik_modulus,
- CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
+ hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
+ if (!hasher || !hasher->allocate_hash(hasher, aik_pubkey, &aik_keyid))
{
- exit_aikgen("computation of AIK keyid failed");
+ DESTROY_IF(hasher);
+ exit_aikgen("SHA1 hash algorithm not supported, computation of AIK "
+ "keyid failed");
}
+ hasher->destroy(hasher);
DBG1(DBG_LIB, "AIK keyid: %#B", &aik_keyid);
exit_aikgen(NULL);
diff --git a/src/aikpub2/Makefile.am b/src/aikpub2/Makefile.am
new file mode 100644
index 000000000..a9ab13870
--- /dev/null
+++ b/src/aikpub2/Makefile.am
@@ -0,0 +1,15 @@
+bin_PROGRAMS = aikpub2
+
+aikpub2_SOURCES = aikpub2.c
+
+aikpub2_LDADD = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
+
+aikpub2.o : $(top_builddir)/config.status
+
+AM_CPPFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libtpmtss \
+ -DIPSEC_CONFDIR=\"${sysconfdir}\" \
+ -DPLUGINS=\""${aikgen_plugins}\""
diff --git a/src/aikpub2/Makefile.in b/src/aikpub2/Makefile.in
new file mode 100644
index 000000000..adb40e415
--- /dev/null
+++ b/src/aikpub2/Makefile.in
@@ -0,0 +1,763 @@
+# Makefile.in generated by automake 1.15 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+bin_PROGRAMS = aikpub2$(EXEEXT)
+subdir = src/aikpub2
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
+ $(top_srcdir)/m4/config/ltoptions.m4 \
+ $(top_srcdir)/m4/config/ltsugar.m4 \
+ $(top_srcdir)/m4/config/ltversion.m4 \
+ $(top_srcdir)/m4/config/lt~obsolete.m4 \
+ $(top_srcdir)/m4/macros/split-package-version.m4 \
+ $(top_srcdir)/m4/macros/with.m4 \
+ $(top_srcdir)/m4/macros/enable-disable.m4 \
+ $(top_srcdir)/m4/macros/add-plugin.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__installdirs = "$(DESTDIR)$(bindir)"
+PROGRAMS = $(bin_PROGRAMS)
+am_aikpub2_OBJECTS = aikpub2.$(OBJEXT)
+aikpub2_OBJECTS = $(am_aikpub2_OBJECTS)
+aikpub2_DEPENDENCIES = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(aikpub2_SOURCES)
+DIST_SOURCES = $(aikpub2_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+ETAGS = etags
+CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+ATOMICLIB = @ATOMICLIB@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BFDLIB = @BFDLIB@
+BTLIB = @BTLIB@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
+COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+EASY_INSTALL = @EASY_INSTALL@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GEM = @GEM@
+GENHTML = @GENHTML@
+GPERF = @GPERF@
+GPRBUILD = @GPRBUILD@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LCOV = @LCOV@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MYSQLCFLAG = @MYSQLCFLAG@
+MYSQLCONFIG = @MYSQLCONFIG@
+MYSQLLIB = @MYSQLLIB@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_LIB = @OPENSSL_LIB@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@
+PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@
+PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@
+PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PLUGIN_CFLAGS = @PLUGIN_CFLAGS@
+PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+PY_TEST = @PY_TEST@
+RANLIB = @RANLIB@
+RTLIB = @RTLIB@
+RUBY = @RUBY@
+RUBYGEMDIR = @RUBYGEMDIR@
+RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
+STRIP = @STRIP@
+UNWINDLIB = @UNWINDLIB@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+aikgen_plugins = @aikgen_plugins@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
+clearsilver_LIBS = @clearsilver_LIBS@
+cmd_plugins = @cmd_plugins@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbusservicedir = @dbusservicedir@
+dev_headers = @dev_headers@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+fips_mode = @fips_mode@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+h_plugins = @h_plugins@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+imcvdir = @imcvdir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
+ipsecuser = @ipsecuser@
+json_CFLAGS = @json_CFLAGS@
+json_LIBS = @json_LIBS@
+libdir = @libdir@
+libexecdir = @libexecdir@
+libiptc_CFLAGS = @libiptc_CFLAGS@
+libiptc_LIBS = @libiptc_LIBS@
+linux_headers = @linux_headers@
+localedir = @localedir@
+localstatedir = @localstatedir@
+maemo_CFLAGS = @maemo_CFLAGS@
+maemo_LIBS = @maemo_LIBS@
+manager_plugins = @manager_plugins@
+mandir = @mandir@
+medsrv_plugins = @medsrv_plugins@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
+oldincludedir = @oldincludedir@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
+pdfdir = @pdfdir@
+piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+pki_plugins = @pki_plugins@
+plugindir = @plugindir@
+pool_plugins = @pool_plugins@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+random_device = @random_device@
+resolv_conf = @resolv_conf@
+routing_table = @routing_table@
+routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
+s_plugins = @s_plugins@
+sbindir = @sbindir@
+scepclient_plugins = @scepclient_plugins@
+scripts_plugins = @scripts_plugins@
+sharedstatedir = @sharedstatedir@
+soup_CFLAGS = @soup_CFLAGS@
+soup_LIBS = @soup_LIBS@
+srcdir = @srcdir@
+starter_plugins = @starter_plugins@
+strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
+swanctldir = @swanctldir@
+sysconfdir = @sysconfdir@
+systemd_CFLAGS = @systemd_CFLAGS@
+systemd_LIBS = @systemd_LIBS@
+systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@
+systemd_daemon_LIBS = @systemd_daemon_LIBS@
+systemd_journal_CFLAGS = @systemd_journal_CFLAGS@
+systemd_journal_LIBS = @systemd_journal_LIBS@
+systemdsystemunitdir = @systemdsystemunitdir@
+t_plugins = @t_plugins@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+urandom_device = @urandom_device@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+aikpub2_SOURCES = aikpub2.c
+aikpub2_LDADD = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
+
+AM_CPPFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libtpmtss \
+ -DIPSEC_CONFDIR=\"${sysconfdir}\" \
+ -DPLUGINS=\""${aikgen_plugins}\""
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/aikpub2/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/aikpub2/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+install-binPROGRAMS: $(bin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \
+ fi; \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed 's/$(EXEEXT)$$//' | \
+ while read p p1; do if test -f $$p \
+ || test -f $$p1 \
+ ; then echo "$$p"; echo "$$p"; else :; fi; \
+ done | \
+ sed -e 'p;s,.*/,,;n;h' \
+ -e 's|.*|.|' \
+ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
+ sed 'N;N;N;s,\n, ,g' | \
+ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
+ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
+ if ($$2 == $$4) files[d] = files[d] " " $$1; \
+ else { print "f", $$3 "/" $$4, $$1; } } \
+ END { for (d in files) print "f", d, files[d] }' | \
+ while read type dir files; do \
+ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
+ test -z "$$files" || { \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \
+ } \
+ ; done
+
+uninstall-binPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+ files=`for p in $$list; do echo "$$p"; done | \
+ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
+ -e 's/$$/$(EXEEXT)/' \
+ `; \
+ test -n "$$list" || exit 0; \
+ echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(bindir)" && rm -f $$files
+
+clean-binPROGRAMS:
+ @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \
+ echo " rm -f" $$list; \
+ rm -f $$list || exit $$?; \
+ test -n "$(EXEEXT)" || exit 0; \
+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f" $$list; \
+ rm -f $$list
+
+aikpub2$(EXEEXT): $(aikpub2_OBJECTS) $(aikpub2_DEPENDENCIES) $(EXTRA_aikpub2_DEPENDENCIES)
+ @rm -f aikpub2$(EXEEXT)
+ $(AM_V_CCLD)$(LINK) $(aikpub2_OBJECTS) $(aikpub2_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aikpub2.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+ for dir in "$(DESTDIR)$(bindir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-binPROGRAMS
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-binPROGRAMS
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean \
+ clean-binPROGRAMS clean-generic clean-libtool cscopelist-am \
+ ctags ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-binPROGRAMS \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-binPROGRAMS
+
+.PRECIOUS: Makefile
+
+
+aikpub2.o : $(top_builddir)/config.status
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/aikpub2/aikpub2.c b/src/aikpub2/aikpub2.c
new file mode 100644
index 000000000..fea58ed27
--- /dev/null
+++ b/src/aikpub2/aikpub2.c
@@ -0,0 +1,305 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "tpm_tss.h"
+
+#include <library.h>
+#include <utils/debug.h>
+#include <utils/optionsfrom.h>
+
+#include <syslog.h>
+#include <getopt.h>
+#include <errno.h>
+
+/* default directory where AIK keys are stored */
+#define AIK_DIR IPSEC_CONFDIR "/pts/"
+
+/* default name of AIK public key blob */
+#define DEFAULT_FILENAME_AIKPUBKEY AIK_DIR "aikPub.der"
+
+/* logging */
+static bool log_to_stderr = TRUE;
+static bool log_to_syslog = TRUE;
+static level_t default_loglevel = 1;
+
+/* options read by optionsfrom */
+options_t *options;
+
+chunk_t aik_pubkey;
+chunk_t aik_keyid;
+
+/**
+ * logging function for aikpub2
+ */
+static void aikpub2_dbg(debug_t group, level_t level, char *fmt, ...)
+{
+ char buffer[8192];
+ char *current = buffer, *next;
+ va_list args;
+
+ if (level <= default_loglevel)
+ {
+ if (log_to_stderr)
+ {
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ va_end(args);
+ fprintf(stderr, "\n");
+ }
+ if (log_to_syslog)
+ {
+ /* write in memory buffer first */
+ va_start(args, fmt);
+ vsnprintf(buffer, sizeof(buffer), fmt, args);
+ va_end(args);
+
+ /* do a syslog with every line */
+ while (current)
+ {
+ next = strchr(current, '\n');
+ if (next)
+ {
+ *(next++) = '\0';
+ }
+ syslog(LOG_INFO, "%s\n", current);
+ current = next;
+ }
+ }
+ }
+}
+
+/**
+ * Initialize logging to stderr/syslog
+ */
+static void init_log(const char *program)
+{
+ dbg = aikpub2_dbg;
+
+ if (log_to_stderr)
+ {
+ setbuf(stderr, NULL);
+ }
+ if (log_to_syslog)
+ {
+ openlog(program, LOG_CONS | LOG_NDELAY | LOG_PID, LOG_AUTHPRIV);
+ }
+}
+
+/**
+ * @brief exit aikgen
+ *
+ * @param status 0 = OK, -1 = general discomfort
+ */
+static void exit_aikpub2(err_t message, ...)
+{
+ int status = 0;
+
+ free(aik_pubkey.ptr);
+ free(aik_keyid.ptr);
+ options->destroy(options);
+
+ /* print any error message to stderr */
+ if (message != NULL && *message != '\0')
+ {
+ va_list args;
+ char m[8192];
+
+ va_start(args, message);
+ vsnprintf(m, sizeof(m), message, args);
+ va_end(args);
+
+ fprintf(stderr, "aikpub2 error: %s\n", m);
+ status = -1;
+ }
+ library_deinit();
+ exit(status);
+}
+
+/**
+ * @brief prints the usage of the program to the stderr output
+ *
+ * If message is set, program is exited with 1 (error)
+ * @param message message in case of an error
+ */
+static void usage(const char *message)
+{
+ fprintf(stderr,
+ "Usage: aikpub2 --handle <handle> --out <filename>\n"
+ " [--force] [--quiet] [--debug <level>]\n"
+ " aikpub2 --help\n"
+ "\n"
+ "Options:\n"
+ " --handle (-H) TSS 2.0 AIK object handle\n"
+ " --out (-o) AIK public key in PKCS #1 format\n"
+ " --force (-f) force to overwrite existing files\n"
+ " --help (-h) show usage and exit\n"
+ "\n"
+ "Debugging output:\n"
+ " --debug (-l) changes the log level (-1..4, default: 1)\n"
+ " --quiet (-q) do not write log output to stderr\n"
+ );
+ exit_aikpub2(message);
+}
+
+
+/**
+ * @brief main of aikpub2 which extracts an Attestation Identity Key (AIK)
+ *
+ * @param argc number of arguments
+ * @param argv pointer to the argument values
+ */
+int main(int argc, char *argv[])
+{
+ /* external values */
+ extern char * optarg;
+ extern int optind;
+
+ char *aik_out_filename = DEFAULT_FILENAME_AIKPUBKEY;
+ uint32_t aik_handle = 0;
+ bool force = FALSE;
+ hasher_t *hasher;
+ tpm_tss_t *tpm;
+
+ atexit(library_deinit);
+ if (!library_init(NULL, "aikpub2"))
+ {
+ exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
+ }
+ if (lib->integrity &&
+ !lib->integrity->check_file(lib->integrity, "aikpub2", argv[0]))
+ {
+ fprintf(stderr, "integrity check of aikpub2 failed\n");
+ exit(SS_RC_DAEMON_INTEGRITY);
+ }
+
+ /* initialize global variables */
+ options = options_create();
+
+ for (;;)
+ {
+ static const struct option long_opts[] = {
+ /* name, has_arg, flag, val */
+ { "help", no_argument, NULL, 'h' },
+ { "optionsfrom", required_argument, NULL, '+' },
+ { "handle", required_argument, NULL, 'H' },
+ { "in", required_argument, NULL, 'i' },
+ { "out", required_argument, NULL, 'o' },
+ { "force", no_argument, NULL, 'f' },
+ { "quiet", no_argument, NULL, 'q' },
+ { "debug", required_argument, NULL, 'l' },
+ { 0,0,0,0 }
+ };
+
+ /* parse next option */
+ int c = getopt_long(argc, argv, "h+:H:i:o:fql:", long_opts, NULL);
+
+ switch (c)
+ {
+ case EOF: /* end of flags */
+ break;
+
+ case 'h': /* --help */
+ usage(NULL);
+
+ case '+': /* --optionsfrom <filename> */
+ if (!options->from(options, optarg, &argc, &argv, optind))
+ {
+ exit_aikpub2("optionsfrom failed");
+ }
+ continue;
+
+ case 'H': /* --handle <handle> */
+ aik_handle = strtoll(optarg, NULL, 16);
+ continue;
+
+ case 'o': /* --out <filename> */
+ aik_out_filename = optarg;
+ continue;
+
+ case 'f': /* --force */
+ force = TRUE;
+ continue;
+
+ case 'q': /* --quiet */
+ log_to_stderr = FALSE;
+ continue;
+
+ case 'l': /* --debug <level> */
+ default_loglevel = atoi(optarg);
+ continue;
+
+ default:
+ usage("unknown option");
+ }
+ /* break from loop */
+ break;
+ }
+
+ init_log("aikpub2");
+
+ if (!lib->plugins->load(lib->plugins,
+ lib->settings->get_str(lib->settings, "aikpub2.load", PLUGINS)))
+ {
+ exit_aikpub2("plugin loading failed");
+ }
+ if (!aik_handle)
+ {
+ usage("--handle option is required");
+ }
+
+ /* try to find a TPM 2.0 */
+ tpm = tpm_tss_probe(TPM_VERSION_2_0);
+ if (!tpm)
+ {
+ exit_aikpub2("no TPM 2.0 found");
+ }
+
+ /* get AIK public key from TPM */
+ aik_pubkey = tpm->get_public(tpm, aik_handle);
+ tpm->destroy(tpm);
+
+ /* exit if AIK public key retrieval failed */
+ if (aik_pubkey.len == 0)
+ {
+ exit_aikpub2("retrieval of AIK public key failed");
+ }
+
+ /* store AIK subjectPublicKeyInfo to file */
+ if (!chunk_write(aik_pubkey, aik_out_filename, 0022, force))
+ {
+ exit_aikpub2("could not write AIK public key file '%s': %s",
+ aik_out_filename, strerror(errno));
+ }
+ DBG1(DBG_LIB, "AIK public key written to '%s' (%u bytes)",
+ aik_out_filename, aik_pubkey.len);
+
+ /* AIK keyid derived from subjectPublicKeyInfo encoding */
+ hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
+ if (!hasher)
+ {
+ exit_aikpub2("SHA1 hash algorithm not supported");
+ }
+ if (!hasher->allocate_hash(hasher, aik_pubkey, &aik_keyid))
+ {
+ hasher->destroy(hasher);
+ exit_aikpub2("computing SHA1 fingerprint failed");
+ }
+ hasher->destroy(hasher);
+
+ DBG1(DBG_LIB, "AIK keyid: %#B", &aik_keyid);
+
+ exit_aikpub2(NULL);
+ return -1; /* should never be reached */
+}
diff --git a/src/charon-cmd/Makefile.am b/src/charon-cmd/Makefile.am
index 1f4033aad..1d4bf70cc 100644
--- a/src/charon-cmd/Makefile.am
+++ b/src/charon-cmd/Makefile.am
@@ -20,4 +20,4 @@ AM_CPPFLAGS = \
charon_cmd_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
diff --git a/src/charon-cmd/Makefile.in b/src/charon-cmd/Makefile.in
index f48410270..098eb9474 100644
--- a/src/charon-cmd/Makefile.in
+++ b/src/charon-cmd/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
sbin_PROGRAMS = charon-cmd$(EXEEXT)
subdir = src/charon-cmd
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(srcdir)/charon-cmd.8.in $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = charon-cmd.8
@@ -110,7 +119,8 @@ am__DEPENDENCIES_1 =
charon_cmd_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -205,12 +215,15 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/charon-cmd.8.in \
+ $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +273,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +308,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +420,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -451,7 +467,7 @@ AM_CPPFLAGS = \
charon_cmd_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
all: all-am
@@ -469,7 +485,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/charon-cmd/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/charon-cmd/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -850,6 +865,8 @@ uninstall-man: uninstall-man8
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-man uninstall-man8 uninstall-sbinPROGRAMS
+.PRECIOUS: Makefile
+
charon-cmd.o : $(top_builddir)/config.status
diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index 0c6a504e9..71df92f7e 100644
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -142,10 +142,18 @@ static peer_cfg_t* create_peer_cfg(private_cmd_connection_t *this)
{
ike_cfg_t *ike_cfg;
peer_cfg_t *peer_cfg;
- u_int16_t local_port, remote_port = IKEV2_UDP_PORT;
+ uint16_t local_port, remote_port = IKEV2_UDP_PORT;
ike_version_t version = IKE_ANY;
- bool aggressive = FALSE;
proposal_t *proposal;
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_SEND_IF_ASKED,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ .rekey_time = 36000, /* 10h */
+ .jitter_time = 600, /* 10min */
+ .over_time = 600, /* 10min */
+ .dpd = 30,
+ };
switch (this->profile)
{
@@ -159,7 +167,7 @@ static peer_cfg_t* create_peer_cfg(private_cmd_connection_t *this)
case PROF_V1_XAUTH_AM:
case PROF_V1_XAUTH_PSK_AM:
case PROF_V1_HYBRID_AM:
- aggressive = TRUE;
+ peer.aggressive = TRUE;
/* FALL */
case PROF_V1_PUB:
case PROF_V1_XAUTH:
@@ -189,13 +197,7 @@ static peer_cfg_t* create_peer_cfg(private_cmd_connection_t *this)
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
}
- peer_cfg = peer_cfg_create("cmd", ike_cfg,
- CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
- 36000, 0, /* rekey 10h, reauth none */
- 600, 600, /* jitter, over 10min */
- TRUE, aggressive, TRUE, /* mobike, aggressive, pull */
- 30, 0, /* DPD delay, timeout */
- FALSE, NULL, NULL); /* mediation */
+ peer_cfg = peer_cfg_create("cmd", ike_cfg, &peer);
return peer_cfg;
}
@@ -335,18 +337,18 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this,
traffic_selector_t *ts;
proposal_t *proposal;
bool has_v4 = FALSE, has_v6 = FALSE;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = 10800 /* 3h */,
- .rekey = 10200 /* 2h50min */,
- .jitter = 300 /* 5min */
- }
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = 10800 /* 3h */,
+ .rekey = 10200 /* 2h50min */,
+ .jitter = 300 /* 5min */
+ }
+ },
+ .mode = MODE_TUNNEL,
};
- child_cfg = child_cfg_create("cmd", &lifetime,
- NULL, FALSE, MODE_TUNNEL, /* updown, hostaccess */
- ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
- 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create("cmd", &child);
if (this->child_proposals->get_count(this->child_proposals))
{
while (this->child_proposals->remove_first(this->child_proposals,
diff --git a/src/charon-nm/Makefile.am b/src/charon-nm/Makefile.am
index b6f0c8b54..6ab7f27c5 100644
--- a/src/charon-nm/Makefile.am
+++ b/src/charon-nm/Makefile.am
@@ -21,4 +21,4 @@ AM_CFLAGS = \
charon_nm_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB) ${nm_LIBS}
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB) ${nm_LIBS}
diff --git a/src/charon-nm/Makefile.in b/src/charon-nm/Makefile.in
index 490a08023..715412ad2 100644
--- a/src/charon-nm/Makefile.in
+++ b/src/charon-nm/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = charon-nm$(EXEEXT)
subdir = src/charon-nm
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -111,7 +120,7 @@ charon_nm_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
- $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -176,12 +185,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -231,6 +242,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -265,6 +277,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -376,6 +389,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -425,7 +439,7 @@ AM_CFLAGS = \
charon_nm_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB) ${nm_LIBS}
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB) ${nm_LIBS}
all: all-am
@@ -443,7 +457,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/charon-nm/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/charon-nm/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -779,6 +792,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/charon-nm/nm/nm_service.c b/src/charon-nm/nm/nm_service.c
index fc7e89958..5991c2465 100644
--- a/src/charon-nm/nm/nm_service.c
+++ b/src/charon-nm/nm/nm_service.c
@@ -68,7 +68,7 @@ static GValue* handler_to_val(nm_handler_t *handler,
array = g_array_new (FALSE, TRUE, sizeof (guint32));
while (enumerator->enumerate(enumerator, &chunk))
{
- g_array_append_val (array, *(u_int32_t*)chunk.ptr);
+ g_array_append_val (array, *(uint32_t*)chunk.ptr);
}
enumerator->destroy(enumerator);
val = g_slice_new0 (GValue);
@@ -113,7 +113,7 @@ static void signal_ipv4_config(NMVPNPlugin *plugin,
enumerator->destroy(enumerator);
val = g_slice_new0(GValue);
g_value_init(val, G_TYPE_UINT);
- g_value_set_uint(val, *(u_int32_t*)me->get_address(me).ptr);
+ g_value_set_uint(val, *(uint32_t*)me->get_address(me).ptr);
g_hash_table_insert(config, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val);
val = g_slice_new0(GValue);
@@ -289,7 +289,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
NMSettingVPN *vpn;
identification_t *user = NULL, *gateway = NULL;
const char *address, *str;
- bool virtual, encap, ipcomp;
+ bool virtual, encap;
ike_cfg_t *ike_cfg;
peer_cfg_t *peer_cfg;
child_cfg_t *child_cfg;
@@ -300,12 +300,23 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
certificate_t *cert = NULL;
x509_t *x509;
bool agent = FALSE, smartcard = FALSE, loose_gateway_id = FALSE;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = 10800 /* 3h */,
- .rekey = 10200 /* 2h50min */,
- .jitter = 300 /* 5min */
- }
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_SEND_IF_ASKED,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ .rekey_time = 36000, /* 10h */
+ .jitter_time = 600, /* 10min */
+ .over_time = 600, /* 10min */
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = 10800 /* 3h */,
+ .rekey = 10200 /* 2h50min */,
+ .jitter = 300 /* 5min */
+ },
+ },
+ .mode = MODE_TUNNEL,
};
/**
@@ -339,32 +350,29 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
return FALSE;
}
str = nm_setting_vpn_get_data_item(vpn, "virtual");
- virtual = str && streq(str, "yes");
+ virtual = streq(str, "yes");
str = nm_setting_vpn_get_data_item(vpn, "encap");
- encap = str && streq(str, "yes");
+ encap = streq(str, "yes");
str = nm_setting_vpn_get_data_item(vpn, "ipcomp");
- ipcomp = str && streq(str, "yes");
+ child.ipcomp = streq(str, "yes");
str = nm_setting_vpn_get_data_item(vpn, "method");
- if (str)
+ if (streq(str, "psk"))
{
- if (streq(str, "psk"))
- {
- auth_class = AUTH_CLASS_PSK;
- }
- else if (streq(str, "agent"))
- {
- auth_class = AUTH_CLASS_PUBKEY;
- agent = TRUE;
- }
- else if (streq(str, "key"))
- {
- auth_class = AUTH_CLASS_PUBKEY;
- }
- else if (streq(str, "smartcard"))
- {
- auth_class = AUTH_CLASS_PUBKEY;
- smartcard = TRUE;
- }
+ auth_class = AUTH_CLASS_PSK;
+ }
+ else if (streq(str, "agent"))
+ {
+ auth_class = AUTH_CLASS_PUBKEY;
+ agent = TRUE;
+ }
+ else if (streq(str, "key"))
+ {
+ auth_class = AUTH_CLASS_PUBKEY;
+ }
+ else if (streq(str, "smartcard"))
+ {
+ auth_class = AUTH_CLASS_PUBKEY;
+ smartcard = TRUE;
}
/**
@@ -533,13 +541,8 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
- peer_cfg = peer_cfg_create(priv->name, ike_cfg,
- CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
- 36000, 0, /* rekey 10h, reauth none */
- 600, 600, /* jitter, over 10min */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- 0, 0, /* DPD delay, timeout */
- FALSE, NULL, NULL); /* mediation */
+
+ peer_cfg = peer_cfg_create(priv->name, ike_cfg, &peer);
if (virtual)
{
peer_cfg->add_virtual_ip(peer_cfg, host_create_from_string("0.0.0.0", 0));
@@ -561,10 +564,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
auth->add(auth, AUTH_RULE_IDENTITY_LOOSE, loose_gateway_id);
peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(priv->name, &lifetime,
- NULL, TRUE, MODE_TUNNEL, /* updown, hostaccess */
- ACTION_NONE, ACTION_NONE, ACTION_NONE, ipcomp,
- 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create(priv->name, &child);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
ts = traffic_selector_create_dynamic(0, 0, 65535);
diff --git a/src/charon-svc/Makefile.in b/src/charon-svc/Makefile.in
index 4f9143d9b..4afa62507 100644
--- a/src/charon-svc/Makefile.in
+++ b/src/charon-svc/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
bin_PROGRAMS = charon-svc$(EXEEXT)
subdir = src/charon-svc
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -170,12 +179,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -225,6 +236,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -259,6 +271,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -370,6 +383,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -424,7 +438,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/charon-svc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/charon-svc/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -739,6 +752,8 @@ uninstall-am: uninstall-binPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-binPROGRAMS
+.PRECIOUS: Makefile
+
charon-svc.o : $(top_builddir)/config.status
diff --git a/src/charon-systemd/Makefile.am b/src/charon-systemd/Makefile.am
index 9942a3682..6dd7e2726 100644
--- a/src/charon-systemd/Makefile.am
+++ b/src/charon-systemd/Makefile.am
@@ -14,4 +14,5 @@ charon_systemd_CPPFLAGS = \
charon_systemd_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- $(systemd_LIBS) $(systemd_daemon_LIBS) $(systemd_journal_LIBS) -lm $(PTHREADLIB) $(DLLIB)
+ $(systemd_LIBS) $(systemd_daemon_LIBS) $(systemd_journal_LIBS) \
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
diff --git a/src/charon-systemd/Makefile.in b/src/charon-systemd/Makefile.in
index b4f624d45..3dcf3d75a 100644
--- a/src/charon-systemd/Makefile.in
+++ b/src/charon-systemd/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
sbin_PROGRAMS = charon-systemd$(EXEEXT)
subdir = src/charon-systemd
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -109,7 +118,7 @@ charon_systemd_DEPENDENCIES = \
$(top_builddir)/src/libcharon/libcharon.la \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
- $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -174,12 +183,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -229,6 +240,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -263,6 +275,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -374,6 +387,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -414,7 +428,8 @@ charon_systemd_CPPFLAGS = \
charon_systemd_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- $(systemd_LIBS) $(systemd_daemon_LIBS) $(systemd_journal_LIBS) -lm $(PTHREADLIB) $(DLLIB)
+ $(systemd_LIBS) $(systemd_daemon_LIBS) $(systemd_journal_LIBS) \
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
all: all-am
@@ -432,7 +447,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/charon-systemd/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/charon-systemd/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -762,6 +776,8 @@ uninstall-am: uninstall-sbinPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-sbinPROGRAMS
+.PRECIOUS: Makefile
+
charon-systemd.o : $(top_builddir)/config.status
diff --git a/src/charon-tkm/Makefile.in b/src/charon-tkm/Makefile.in
index 81afd4de5..1eaf46a89 100644
--- a/src/charon-tkm/Makefile.in
+++ b/src/charon-tkm/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -78,7 +88,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/charon-tkm
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -92,6 +101,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -116,12 +126,14 @@ am__can_run_installinfo = \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -171,6 +183,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -205,6 +218,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -316,6 +330,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -391,7 +406,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/charon-tkm/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/charon-tkm/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -563,6 +577,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
all: build_charon
diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
index c4953b6aa..5f2cbfe0c 100644
--- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
@@ -123,7 +123,7 @@ int register_dh_mapping()
int count, i;
char *iana_id_str, *tkm_id_str;
diffie_hellman_group_t *iana_id;
- u_int64_t *tkm_id;
+ uint64_t *tkm_id;
hashtable_t *map;
enumerator_t *enumerator;
@@ -138,7 +138,7 @@ int register_dh_mapping()
{
iana_id = malloc_thing(diffie_hellman_group_t);
*iana_id = settings_value_as_int(iana_id_str, 0);
- tkm_id = malloc_thing(u_int64_t);
+ tkm_id = malloc_thing(uint64_t);
*tkm_id = settings_value_as_int(tkm_id_str, 0);
map->put(map, iana_id, tkm_id);
@@ -227,7 +227,7 @@ tkm_diffie_hellman_t *tkm_diffie_hellman_create(diffie_hellman_group_t group)
return NULL;
}
- u_int64_t *dha_id = group_map->get(group_map, &group);
+ uint64_t *dha_id = group_map->get(group_map, &group);
if (!dha_id)
{
free(this);
diff --git a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
index 2d22fbdc3..c9be8989a 100644
--- a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
+++ b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
@@ -54,7 +54,7 @@ struct private_tkm_kernel_ipsec_t {
METHOD(kernel_ipsec_t, get_spi, status_t,
private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
bool result;
@@ -68,26 +68,21 @@ METHOD(kernel_ipsec_t, get_spi, status_t,
}
}
- result = this->rng->get_bytes(this->rng, sizeof(u_int32_t),
- (u_int8_t *)spi);
+ result = this->rng->get_bytes(this->rng, sizeof(uint32_t),
+ (uint8_t *)spi);
return result ? SUCCESS : FAILED;
}
METHOD(kernel_ipsec_t, get_cpi, status_t,
private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, add_sa, status_t,
- private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t* src_ts, linked_list_t* dst_ts)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
esa_info_t esa;
esp_spi_type spi_loc, spi_rem;
@@ -97,43 +92,43 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
esa_id_type esa_id;
nonce_type nc_rem;
- if (enc_key.ptr == NULL)
+ if (data->enc_key.ptr == NULL)
{
DBG1(DBG_KNL, "Unable to get ESA information");
return FAILED;
}
- esa = *(esa_info_t *)(enc_key.ptr);
+ esa = *(esa_info_t *)(data->enc_key.ptr);
/* only handle the case where we have both distinct ESP spi's available */
- if (esa.spi_r == spi)
+ if (esa.spi_r == id->spi)
{
chunk_free(&esa.nonce_i);
chunk_free(&esa.nonce_r);
return SUCCESS;
}
- if (initiator)
+ if (data->initiator)
{
- spi_loc = spi;
+ spi_loc = id->spi;
spi_rem = esa.spi_r;
- local = dst;
- peer = src;
+ local = id->dst;
+ peer = id->src;
nonce_loc = &esa.nonce_i;
nonce_rem = &esa.nonce_r;
}
else
{
spi_loc = esa.spi_r;
- spi_rem = spi;
- local = src;
- peer = dst;
+ spi_rem = id->spi;
+ local = id->src;
+ peer = id->dst;
nonce_loc = &esa.nonce_r;
nonce_rem = &esa.nonce_i;
}
esa_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_ESA);
- if (!tkm->sad->insert(tkm->sad, esa_id, reqid, local, peer, spi_loc, spi_rem,
- protocol))
+ if (!tkm->sad->insert(tkm->sad, esa_id, data->reqid, local, peer,
+ spi_loc, spi_rem, id->proto))
{
DBG1(DBG_KNL, "unable to add entry (%llu) to SAD", esa_id);
goto sad_failure;
@@ -146,8 +141,8 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
nonce_loc_id = tkm->chunk_map->get_id(tkm->chunk_map, nonce_loc);
if (nonce_loc_id == 0 && esa.dh_id == 0)
{
- if (ike_esa_create_first(esa_id, esa.isa_id, reqid, 1, spi_loc, spi_rem)
- != TKM_OK)
+ if (ike_esa_create_first(esa_id, esa.isa_id, data->reqid, 1, spi_loc,
+ spi_rem) != TKM_OK)
{
DBG1(DBG_KNL, "child SA (%llu, first) creation failed", esa_id);
goto failure;
@@ -157,9 +152,9 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
else if (nonce_loc_id != 0 && esa.dh_id == 0)
{
chunk_to_sequence(nonce_rem, &nc_rem, sizeof(nonce_type));
- if (ike_esa_create_no_pfs(esa_id, esa.isa_id, reqid, 1, nonce_loc_id,
- nc_rem, initiator, spi_loc, spi_rem)
- != TKM_OK)
+ if (ike_esa_create_no_pfs(esa_id, esa.isa_id, data->reqid, 1,
+ nonce_loc_id, nc_rem, data->initiator,
+ spi_loc, spi_rem) != TKM_OK)
{
DBG1(DBG_KNL, "child SA (%llu, no PFS) creation failed", esa_id);
goto failure;
@@ -171,8 +166,9 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
else
{
chunk_to_sequence(nonce_rem, &nc_rem, sizeof(nonce_type));
- if (ike_esa_create(esa_id, esa.isa_id, reqid, 1, esa.dh_id, nonce_loc_id,
- nc_rem, initiator, spi_loc, spi_rem) != TKM_OK)
+ if (ike_esa_create(esa_id, esa.isa_id, data->reqid, 1, esa.dh_id,
+ nonce_loc_id, nc_rem, data->initiator, spi_loc,
+ spi_rem) != TKM_OK)
{
DBG1(DBG_KNL, "child SA (%llu) creation failed", esa_id);
goto failure;
@@ -192,7 +188,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
DBG1(DBG_KNL, "added child SA (esa: %llu, isa: %llu, esp_spi_loc: %x, "
"esp_spi_rem: %x, role: %s)", esa_id, esa.isa_id, ntohl(spi_loc),
- ntohl(spi_rem), initiator ? "initiator" : "responder");
+ ntohl(spi_rem), data->initiator ? "initiator" : "responder");
chunk_free(&esa.nonce_i);
chunk_free(&esa.nonce_r);
@@ -208,20 +204,21 @@ sad_failure:
}
METHOD(kernel_ipsec_t, query_sa, status_t,
- private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark, u_int64_t *bytes,
- u_int64_t *packets, time_t *time)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, del_sa, status_t,
- private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
esa_id_type esa_id, other_esa_id;
- esa_id = tkm->sad->get_esa_id(tkm->sad, src, dst, spi, protocol);
+ esa_id = tkm->sad->get_esa_id(tkm->sad, id->src, id->dst,
+ id->spi, id->proto);
if (esa_id)
{
other_esa_id = tkm->sad->get_other_esa_id(tkm->sad, esa_id);
@@ -236,7 +233,7 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
}
DBG1(DBG_KNL, "deleting child SA (esa: %llu, spi: %x)", esa_id,
- ntohl(spi));
+ ntohl(id->spi));
if (ike_esa_reset(esa_id) != TKM_OK)
{
DBG1(DBG_KNL, "child SA (%llu) deletion failed", esa_id);
@@ -249,9 +246,8 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
}
METHOD(kernel_ipsec_t, update_sa, status_t,
- private_tkm_kernel_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
- bool old_encap, bool new_encap, mark_t mark)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
return NOT_SUPPORTED;
}
@@ -264,27 +260,22 @@ METHOD(kernel_ipsec_t, flush_sas, status_t,
}
METHOD(kernel_ipsec_t, add_policy, status_t,
- private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
return SUCCESS;
}
METHOD(kernel_ipsec_t, query_policy, status_t,
- private_tkm_kernel_ipsec_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, del_policy, status_t,
- private_tkm_kernel_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_tkm_kernel_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
return SUCCESS;
}
@@ -338,7 +329,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
}
METHOD(kernel_ipsec_t, enable_udp_decap, bool,
- private_tkm_kernel_ipsec_t *this, int fd, int family, u_int16_t port)
+ private_tkm_kernel_ipsec_t *this, int fd, int family, uint16_t port)
{
int type = UDP_ENCAP_ESPINUDP;
diff --git a/src/charon-tkm/src/tkm/tkm_kernel_sad.c b/src/charon-tkm/src/tkm/tkm_kernel_sad.c
index 2556f6b8b..22d2aac13 100644
--- a/src/charon-tkm/src/tkm/tkm_kernel_sad.c
+++ b/src/charon-tkm/src/tkm/tkm_kernel_sad.c
@@ -59,7 +59,7 @@ struct sad_entry_t {
/**
* Reqid.
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* Source address of CHILD SA.
@@ -74,17 +74,17 @@ struct sad_entry_t {
/**
* Local SPI of CHILD SA.
*/
- u_int32_t spi_loc;
+ uint32_t spi_loc;
/**
* Remote SPI of CHILD SA.
*/
- u_int32_t spi_rem;
+ uint32_t spi_rem;
/**
* Protocol of CHILD SA (ESP/AH).
*/
- u_int8_t proto;
+ uint8_t proto;
};
@@ -105,8 +105,8 @@ static void sad_entry_destroy(sad_entry_t *entry)
* Find a list entry with given src, dst, (remote) spi and proto values.
*/
static bool sad_entry_match(sad_entry_t * const entry, const host_t * const src,
- const host_t * const dst, const u_int32_t * const spi,
- const u_int8_t * const proto)
+ const host_t * const dst, const uint32_t * const spi,
+ const uint8_t * const proto)
{
if (entry->src == NULL || entry->dst == NULL)
{
@@ -122,9 +122,9 @@ static bool sad_entry_match(sad_entry_t * const entry, const host_t * const src,
* Find a list entry with given reqid, spi and proto values.
*/
static bool sad_entry_match_dst(sad_entry_t * const entry,
- const u_int32_t * const reqid,
- const u_int32_t * const spi,
- const u_int8_t * const proto)
+ const uint32_t * const reqid,
+ const uint32_t * const spi,
+ const uint8_t * const proto)
{
return entry->reqid == *reqid &&
entry->spi_rem == *spi &&
@@ -145,7 +145,7 @@ static bool sad_entry_match_esa_id(sad_entry_t * const entry,
*/
static bool sad_entry_match_other_esa(sad_entry_t * const entry,
const esa_id_type * const esa_id,
- const u_int32_t * const reqid)
+ const uint32_t * const reqid)
{
return entry->reqid == *reqid &&
entry->esa_id != *esa_id;
@@ -172,8 +172,8 @@ static bool sad_entry_equal(sad_entry_t * const left, sad_entry_t * const right)
METHOD(tkm_kernel_sad_t, insert, bool,
private_tkm_kernel_sad_t * const this, const esa_id_type esa_id,
- const u_int32_t reqid, const host_t * const src, const host_t * const dst,
- const u_int32_t spi_loc, const u_int32_t spi_rem, const u_int8_t proto)
+ const uint32_t reqid, const host_t * const src, const host_t * const dst,
+ const uint32_t spi_loc, const uint32_t spi_rem, const uint8_t proto)
{
status_t result;
sad_entry_t *new_entry;
@@ -212,7 +212,7 @@ METHOD(tkm_kernel_sad_t, insert, bool,
METHOD(tkm_kernel_sad_t, get_esa_id, esa_id_type,
private_tkm_kernel_sad_t * const this, const host_t * const src,
- const host_t * const dst, const u_int32_t spi, const u_int8_t proto)
+ const host_t * const dst, const uint32_t spi, const uint8_t proto)
{
esa_id_type id = 0;
sad_entry_t *entry = NULL;
@@ -242,7 +242,7 @@ METHOD(tkm_kernel_sad_t, get_other_esa_id, esa_id_type,
{
esa_id_type id = 0;
sad_entry_t *entry = NULL;
- u_int32_t reqid;
+ uint32_t reqid;
status_t res;
this->mutex->lock(this->mutex);
@@ -274,8 +274,8 @@ METHOD(tkm_kernel_sad_t, get_other_esa_id, esa_id_type,
}
METHOD(tkm_kernel_sad_t, get_dst_host, host_t *,
- private_tkm_kernel_sad_t * const this, const u_int32_t reqid,
- const u_int32_t spi, const u_int8_t proto)
+ private_tkm_kernel_sad_t * const this, const uint32_t reqid,
+ const uint32_t spi, const uint8_t proto)
{
host_t *dst = NULL;
sad_entry_t *entry = NULL;
diff --git a/src/charon-tkm/src/tkm/tkm_kernel_sad.h b/src/charon-tkm/src/tkm/tkm_kernel_sad.h
index 3a84deffc..ba6462192 100644
--- a/src/charon-tkm/src/tkm/tkm_kernel_sad.h
+++ b/src/charon-tkm/src/tkm/tkm_kernel_sad.h
@@ -46,9 +46,9 @@ struct tkm_kernel_sad_t {
* @return TRUE if entry was inserted, FALSE otherwise
*/
bool (*insert)(tkm_kernel_sad_t * const this, const esa_id_type esa_id,
- const u_int32_t reqid, const host_t * const src,
- const host_t * const dst, const u_int32_t spi_loc,
- const u_int32_t spi_rem, const u_int8_t proto);
+ const uint32_t reqid, const host_t * const src,
+ const host_t * const dst, const uint32_t spi_loc,
+ const uint32_t spi_rem, const uint8_t proto);
/**
* Get ESA id for entry with given parameters.
@@ -61,7 +61,7 @@ struct tkm_kernel_sad_t {
*/
esa_id_type (*get_esa_id)(tkm_kernel_sad_t * const this,
const host_t * const src, const host_t * const dst,
- const u_int32_t spi, const u_int8_t proto);
+ const uint32_t spi, const uint8_t proto);
/**
* Get ESA id for entry associated with same security policy as the
@@ -82,7 +82,7 @@ struct tkm_kernel_sad_t {
* @return destination host of entry if found, NULL otherwise
*/
host_t * (*get_dst_host)(tkm_kernel_sad_t * const this,
- const u_int32_t reqid, const u_int32_t spi, const u_int8_t proto);
+ const uint32_t reqid, const uint32_t spi, const uint8_t proto);
/**
* Remove entry with given ESA id from SAD.
diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c
index 1e1fa4f30..a7cce0f62 100644
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -96,8 +96,8 @@ struct private_tkm_keymat_t {
static void aead_create_from_keys(aead_t **in, aead_t **out,
const chunk_t * const sk_ai, const chunk_t * const sk_ar,
const chunk_t * const sk_ei, const chunk_t * const sk_er,
- const u_int16_t enc_alg, const u_int16_t int_alg,
- const u_int16_t key_size, bool initiator)
+ const uint16_t enc_alg, const uint16_t int_alg,
+ const uint16_t key_size, bool initiator)
{
*in = *out = NULL;
signer_t *signer_i, *signer_r;
@@ -187,8 +187,8 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
chunk_t nonce_i, chunk_t nonce_r, ike_sa_id_t *id,
pseudo_random_function_t rekey_function, chunk_t rekey_skd)
{
- u_int16_t enc_alg, int_alg, key_size;
- u_int64_t nc_id, spi_loc, spi_rem;
+ uint16_t enc_alg, int_alg, key_size;
+ uint64_t nc_id, spi_loc, spi_rem;
chunk_t *nonce, c_ai, c_ar, c_ei, c_er;
tkm_diffie_hellman_t *tkm_dh;
dh_id_type dh_id;
diff --git a/src/charon-tkm/src/tkm/tkm_nonceg.c b/src/charon-tkm/src/tkm/tkm_nonceg.c
index 336f16ecd..493ea2922 100644
--- a/src/charon-tkm/src/tkm/tkm_nonceg.c
+++ b/src/charon-tkm/src/tkm/tkm_nonceg.c
@@ -39,7 +39,7 @@ struct private_tkm_nonceg_t {
};
METHOD(nonce_gen_t, get_nonce, bool,
- private_tkm_nonceg_t *this, size_t size, u_int8_t *buffer)
+ private_tkm_nonceg_t *this, size_t size, uint8_t *buffer)
{
nonce_type nonce;
uint64_t nc_id;
diff --git a/src/charon-tkm/src/tkm/tkm_spi_generator.c b/src/charon-tkm/src/tkm/tkm_spi_generator.c
index eff0ca91e..b9ce83727 100644
--- a/src/charon-tkm/src/tkm/tkm_spi_generator.c
+++ b/src/charon-tkm/src/tkm/tkm_spi_generator.c
@@ -25,8 +25,8 @@
*/
typedef struct {
rng_t *rng;
- u_int64_t spi_mask;
- u_int64_t spi_label;
+ uint64_t spi_mask;
+ uint64_t spi_label;
} get_spi_args_t;
static get_spi_args_t *spi_args;
@@ -37,12 +37,12 @@ static get_spi_args_t *spi_args;
* @param this Callback args containing rng_t and spi mask & label
* @return labeled SPI
*/
-CALLBACK(tkm_get_spi, u_int64_t,
+CALLBACK(tkm_get_spi, uint64_t,
const get_spi_args_t const *this)
{
- u_int64_t spi;
+ uint64_t spi;
- if (!this->rng->get_bytes(this->rng, sizeof(spi), (u_int8_t*)&spi))
+ if (!this->rng->get_bytes(this->rng, sizeof(spi), (uint8_t*)&spi))
{
return 0;
}
@@ -54,7 +54,7 @@ bool tkm_spi_generator_register(plugin_t *plugin,
plugin_feature_t *feature,
bool reg, void *cb_data)
{
- u_int64_t spi_mask, spi_label;
+ uint64_t spi_mask, spi_label;
char *spi_val;
rng_t *rng;
diff --git a/src/charon-tkm/tests/nonceg_tests.c b/src/charon-tkm/tests/nonceg_tests.c
index d150891eb..67c1635ef 100644
--- a/src/charon-tkm/tests/nonceg_tests.c
+++ b/src/charon-tkm/tests/nonceg_tests.c
@@ -37,7 +37,7 @@ START_TEST(test_nonceg_allocate_nonce)
tkm_nonceg_t *ng = tkm_nonceg_create();
const size_t length = 256;
- u_int8_t zero[length];
+ uint8_t zero[length];
memset(zero, 0, length);
chunk_t nonce;
@@ -61,10 +61,10 @@ START_TEST(test_nonceg_get_nonce)
tkm_nonceg_t *ng = tkm_nonceg_create();
const size_t length = 128;
- u_int8_t zero[length];
+ uint8_t zero[length];
memset(zero, 0, length);
- u_int8_t *buf = malloc(length + 1);
+ uint8_t *buf = malloc(length + 1);
memset(buf, 0, length);
/* set end marker */
buf[length] = 255;
diff --git a/src/charon/Makefile.am b/src/charon/Makefile.am
index c6a6f40f9..b78bbd757 100644
--- a/src/charon/Makefile.am
+++ b/src/charon/Makefile.am
@@ -15,6 +15,6 @@ AM_CPPFLAGS = \
charon_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
EXTRA_DIST = Android.mk
diff --git a/src/charon/Makefile.in b/src/charon/Makefile.in
index b4abeff25..51f62fc37 100644
--- a/src/charon/Makefile.in
+++ b/src/charon/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = charon$(EXEEXT)
subdir = src/charon
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -107,7 +116,8 @@ am__DEPENDENCIES_1 =
charon_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -172,12 +182,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -227,6 +239,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -261,6 +274,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -372,6 +386,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -413,7 +428,7 @@ AM_CPPFLAGS = \
charon_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
EXTRA_DIST = Android.mk
all: all-am
@@ -432,7 +447,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/charon/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/charon/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -748,6 +762,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
charon.o : $(top_builddir)/config.status
diff --git a/src/checksum/Makefile.am b/src/checksum/Makefile.am
index 9cc5fb6b2..87bbf9f28 100644
--- a/src/checksum/Makefile.am
+++ b/src/checksum/Makefile.am
@@ -53,6 +53,11 @@ if USE_LIBPTTLS
libs += $(DESTDIR)$(ipseclibdir)/libpttls.so
endif
+if USE_LIBTPMTSS
+ deps += $(top_builddir)/src/libtpmtss/libtpmtss.la
+ libs += $(DESTDIR)$(ipseclibdir)/libtpmtss.so
+endif
+
if USE_LIBTNCCS
deps += $(top_builddir)/src/libtnccs/libtnccs.la
libs += $(DESTDIR)$(ipseclibdir)/libtnccs.so
diff --git a/src/checksum/Makefile.in b/src/checksum/Makefile.in
index 2584beb76..ef14d1236 100644
--- a/src/checksum/Makefile.in
+++ b/src/checksum/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -88,26 +98,26 @@ EXTRA_PROGRAMS = checksum_builder$(EXEEXT)
@USE_RADIUS_TRUE@am__append_7 = $(DESTDIR)$(ipseclibdir)/libradius.so
@USE_LIBPTTLS_TRUE@am__append_8 = $(top_builddir)/src/libpttls/libpttls.la
@USE_LIBPTTLS_TRUE@am__append_9 = $(DESTDIR)$(ipseclibdir)/libpttls.so
-@USE_LIBTNCCS_TRUE@am__append_10 = $(top_builddir)/src/libtnccs/libtnccs.la
-@USE_LIBTNCCS_TRUE@am__append_11 = $(DESTDIR)$(ipseclibdir)/libtnccs.so
-@MONOLITHIC_FALSE@@USE_LIBTNCCS_TRUE@am__append_12 = -DT_PLUGINS=\""${t_plugins}\""
-@USE_SIMAKA_TRUE@am__append_13 = $(top_builddir)/src/libsimaka/libsimaka.la
-@USE_SIMAKA_TRUE@am__append_14 = $(DESTDIR)$(ipseclibdir)/libsimaka.so
-@USE_IMCV_TRUE@am__append_15 = $(top_builddir)/src/libimcv/libimcv.la
-@USE_IMCV_TRUE@am__append_16 = $(DESTDIR)$(ipseclibdir)/libimcv.so
-@USE_CHARON_TRUE@am__append_17 = $(top_builddir)/src/libcharon/libcharon.la
-@USE_CHARON_TRUE@am__append_18 = $(DESTDIR)$(ipseclibdir)/libcharon.so
-@USE_CHARON_TRUE@am__append_19 = $(DESTDIR)$(ipsecdir)/charon
-@MONOLITHIC_FALSE@@USE_CHARON_TRUE@am__append_20 = -DC_PLUGINS=\""${c_plugins}\""
-@USE_CMD_TRUE@am__append_21 = $(DESTDIR)$(sbindir)/charon-cmd
-@USE_SCEPCLIENT_TRUE@am__append_22 = $(DESTDIR)$(ipsecdir)/scepclient
-@USE_PKI_TRUE@am__append_23 = $(DESTDIR)$(bindir)/pki
-@USE_SWANCTL_TRUE@am__append_24 = $(DESTDIR)$(sbindir)/swanctl
-@USE_ATTR_SQL_TRUE@am__append_25 = $(DESTDIR)$(ipsecdir)/pool
-@USE_IMV_ATTESTATION_TRUE@am__append_26 = $(DESTDIR)$(ipsecdir)/attest
+@USE_LIBTPMTSS_TRUE@am__append_10 = $(top_builddir)/src/libtpmtss/libtpmtss.la
+@USE_LIBTPMTSS_TRUE@am__append_11 = $(DESTDIR)$(ipseclibdir)/libtpmtss.so
+@USE_LIBTNCCS_TRUE@am__append_12 = $(top_builddir)/src/libtnccs/libtnccs.la
+@USE_LIBTNCCS_TRUE@am__append_13 = $(DESTDIR)$(ipseclibdir)/libtnccs.so
+@MONOLITHIC_FALSE@@USE_LIBTNCCS_TRUE@am__append_14 = -DT_PLUGINS=\""${t_plugins}\""
+@USE_SIMAKA_TRUE@am__append_15 = $(top_builddir)/src/libsimaka/libsimaka.la
+@USE_SIMAKA_TRUE@am__append_16 = $(DESTDIR)$(ipseclibdir)/libsimaka.so
+@USE_IMCV_TRUE@am__append_17 = $(top_builddir)/src/libimcv/libimcv.la
+@USE_IMCV_TRUE@am__append_18 = $(DESTDIR)$(ipseclibdir)/libimcv.so
+@USE_CHARON_TRUE@am__append_19 = $(top_builddir)/src/libcharon/libcharon.la
+@USE_CHARON_TRUE@am__append_20 = $(DESTDIR)$(ipseclibdir)/libcharon.so
+@USE_CHARON_TRUE@am__append_21 = $(DESTDIR)$(ipsecdir)/charon
+@MONOLITHIC_FALSE@@USE_CHARON_TRUE@am__append_22 = -DC_PLUGINS=\""${c_plugins}\""
+@USE_CMD_TRUE@am__append_23 = $(DESTDIR)$(sbindir)/charon-cmd
+@USE_SCEPCLIENT_TRUE@am__append_24 = $(DESTDIR)$(ipsecdir)/scepclient
+@USE_PKI_TRUE@am__append_25 = $(DESTDIR)$(bindir)/pki
+@USE_SWANCTL_TRUE@am__append_26 = $(DESTDIR)$(sbindir)/swanctl
+@USE_ATTR_SQL_TRUE@am__append_27 = $(DESTDIR)$(ipsecdir)/pool
+@USE_IMV_ATTESTATION_TRUE@am__append_28 = $(DESTDIR)$(ipsecdir)/attest
subdir = src/checksum
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -121,6 +131,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -236,12 +247,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -291,6 +304,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -325,6 +339,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -436,6 +451,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -481,7 +497,7 @@ CLEANFILES = checksum.c $(EXTRA_PROGRAMS)
AM_CPPFLAGS = -I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libcharon \
-DPLUGINDIR=\"${DESTDIR}${plugindir}\" $(am__append_1) \
- $(am__append_12) $(am__append_20)
+ $(am__append_14) $(am__append_22)
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
@@ -491,15 +507,15 @@ AM_CFLAGS = \
# as these are not relinked during installation.
deps = $(top_builddir)/src/libstrongswan/libstrongswan.la \
$(am__append_2) $(am__append_4) $(am__append_6) \
- $(am__append_8) $(am__append_10) $(am__append_13) \
- $(am__append_15) $(am__append_17)
+ $(am__append_8) $(am__append_10) $(am__append_12) \
+ $(am__append_15) $(am__append_17) $(am__append_19)
libs = $(DESTDIR)$(ipseclibdir)/libstrongswan.so $(am__append_3) \
$(am__append_5) $(am__append_7) $(am__append_9) \
- $(am__append_11) $(am__append_14) $(am__append_16) \
- $(am__append_18)
-exes = $(am__append_19) $(am__append_21) $(am__append_22) \
- $(am__append_23) $(am__append_24) $(am__append_25) \
- $(am__append_26)
+ $(am__append_11) $(am__append_13) $(am__append_16) \
+ $(am__append_18) $(am__append_20)
+exes = $(am__append_21) $(am__append_23) $(am__append_24) \
+ $(am__append_25) $(am__append_26) $(am__append_27) \
+ $(am__append_28)
all: all-am
.SUFFIXES:
@@ -516,7 +532,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/checksum/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/checksum/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -827,6 +842,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
tags tags-am uninstall uninstall-am uninstall-hook \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
checksum.c : checksum_builder $(deps) $(exes)
./checksum_builder $(libs) $(exes) > checksum.c
diff --git a/src/checksum/checksum_builder.c b/src/checksum/checksum_builder.c
index 65399f5bc..e8998d5a7 100644
--- a/src/checksum/checksum_builder.c
+++ b/src/checksum/checksum_builder.c
@@ -33,7 +33,7 @@ integrity_checker_t *integrity;
static void build_checksum(char *path, char *name, char *sname)
{
void *handle, *symbol;
- u_int32_t fsum, ssum;
+ uint32_t fsum, ssum;
size_t fsize = 0;
size_t ssize = 0;
diff --git a/src/conftest/Makefile.am b/src/conftest/Makefile.am
index 2d4e439da..4e4e0beff 100644
--- a/src/conftest/Makefile.am
+++ b/src/conftest/Makefile.am
@@ -20,6 +20,6 @@ conftest_SOURCES = conftest.c conftest.h config.c config.h actions.c actions.h \
conftest_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
EXTRA_DIST = README
diff --git a/src/conftest/Makefile.in b/src/conftest/Makefile.in
index f5647f9d9..7b499897c 100644
--- a/src/conftest/Makefile.in
+++ b/src/conftest/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = conftest$(EXEEXT)
subdir = src/conftest
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp README
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -121,7 +130,8 @@ am__DEPENDENCIES_1 =
conftest_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -186,12 +196,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp README
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -241,6 +253,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -275,6 +288,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -386,6 +400,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -433,7 +448,7 @@ conftest_SOURCES = conftest.c conftest.h config.c config.h actions.c actions.h \
conftest_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
- -lm $(PTHREADLIB) $(DLLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
EXTRA_DIST = README
all: all-am
@@ -452,7 +467,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/conftest/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/conftest/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -848,6 +862,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/conftest/actions.c b/src/conftest/actions.c
index 256b63d1b..36c3c8e74 100644
--- a/src/conftest/actions.c
+++ b/src/conftest/actions.c
@@ -117,7 +117,7 @@ static job_requeue_t rekey_child(char *config)
enumerator_t *enumerator, *children;
ike_sa_t *ike_sa;
child_sa_t *child_sa;
- u_int32_t spi, proto;
+ uint32_t spi, proto;
host_t *dst = NULL;
enumerator = charon->controller->create_ike_sa_enumerator(
diff --git a/src/conftest/config.c b/src/conftest/config.c
index c83db7ecd..06a685047 100644
--- a/src/conftest/config.c
+++ b/src/conftest/config.c
@@ -139,25 +139,23 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
static child_cfg_t *load_child_config(private_config_t *this,
settings_t *settings, char *config, char *child)
{
+ child_cfg_create_t data = {
+ .mode = MODE_TUNNEL,
+ };
child_cfg_t *child_cfg;
- lifetime_cfg_t lifetime = {};
enumerator_t *enumerator;
proposal_t *proposal;
traffic_selector_t *ts;
- ipsec_mode_t mode = MODE_TUNNEL;
char *token;
- u_int32_t tfc;
if (settings->get_bool(settings, "configs.%s.%s.transport",
FALSE, config, child))
{
- mode = MODE_TRANSPORT;
+ data.mode = MODE_TRANSPORT;
}
- tfc = settings->get_int(settings, "configs.%s.%s.tfc_padding",
- 0, config, child);
- child_cfg = child_cfg_create(child, &lifetime, NULL, FALSE, mode,
- ACTION_NONE, ACTION_NONE, ACTION_NONE,
- FALSE, 0, 0, NULL, NULL, tfc);
+ data.tfc = settings->get_int(settings, "configs.%s.%s.tfc_padding",
+ 0, config, child);
+ child_cfg = child_cfg_create(child, &data);
token = settings->get_str(settings, "configs.%s.%s.proposal",
NULL, config, child);
@@ -249,11 +247,15 @@ static peer_cfg_t *load_peer_config(private_config_t *this,
identification_t *lid, *rid;
char *child, *policy, *pool;
uintptr_t strength;
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_ALWAYS_SEND,
+ .unique = UNIQUE_NO,
+ .keyingtries = 1,
+ .no_mobike = TRUE,
+ };
ike_cfg = load_ike_config(this, settings, config);
- peer_cfg = peer_cfg_create(config, ike_cfg, CERT_ALWAYS_SEND,
- UNIQUE_NO, 1, 0, 0, 0, 0, FALSE, FALSE, TRUE,
- 0, 0, FALSE, NULL, NULL);
+ peer_cfg = peer_cfg_create(config, ike_cfg, &peer);
auth = auth_cfg_create();
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
diff --git a/src/conftest/hooks/custom_proposal.c b/src/conftest/hooks/custom_proposal.c
index ee4404575..c4f8385c0 100644
--- a/src/conftest/hooks/custom_proposal.c
+++ b/src/conftest/hooks/custom_proposal.c
@@ -52,7 +52,7 @@ struct private_custom_proposal_t {
* Load custom proposal configuration to proposal list
*/
static linked_list_t* load_proposals(private_custom_proposal_t *this,
- protocol_id_t proto, u_int64_t spi)
+ protocol_id_t proto, uint64_t spi)
{
enumerator_t *props, *algs;
char *number, *key, *value;
@@ -65,7 +65,7 @@ static linked_list_t* load_proposals(private_custom_proposal_t *this,
{
const proposal_token_t *token = NULL;
proposal_t *proposal;
- u_int16_t type, alg, keysize = 0;
+ uint16_t type, alg, keysize = 0;
char *end;
proposal = proposal_create(proto, atoi(number));
diff --git a/src/conftest/hooks/log_proposals.c b/src/conftest/hooks/log_proposals.c
index c0d458eae..40629014b 100644
--- a/src/conftest/hooks/log_proposals.c
+++ b/src/conftest/hooks/log_proposals.c
@@ -54,7 +54,7 @@ METHOD(listener_t, message, bool,
proposals = list->create_enumerator(list);
while (proposals->enumerate(proposals, &proposal))
{
- u_int64_t spi = proposal->get_spi(proposal);
+ uint64_t spi = proposal->get_spi(proposal);
if (proposal->get_protocol(proposal) != PROTO_IKE)
{
diff --git a/src/conftest/hooks/rebuild_auth.c b/src/conftest/hooks/rebuild_auth.c
index bc2f00071..42a9cb4e1 100644
--- a/src/conftest/hooks/rebuild_auth.c
+++ b/src/conftest/hooks/rebuild_auth.c
@@ -67,7 +67,7 @@ static bool rebuild_auth(private_rebuild_auth_t *this, ike_sa_t *ike_sa,
char reserved[3];
generator_t *generator;
chunk_t data;
- u_int32_t *lenpos;
+ uint32_t *lenpos;
payload = message->get_payload(message,
message->get_request(message) ? PLV2_ID_INITIATOR : PLV2_ID_RESPONDER);
diff --git a/src/conftest/hooks/reset_seq.c b/src/conftest/hooks/reset_seq.c
index 717bcdbb9..93c61438e 100644
--- a/src/conftest/hooks/reset_seq.c
+++ b/src/conftest/hooks/reset_seq.c
@@ -154,7 +154,7 @@ static job_requeue_t reset_cb(struct reset_cb_data_t *data)
* Schedule sequence number reset job
*/
static void schedule_reset_job(private_reset_seq_t *this, host_t *dst,
- u_int32_t spi)
+ uint32_t spi)
{
struct reset_cb_data_t *data;
chunk_t chunk;
diff --git a/src/conftest/hooks/set_ike_spi.c b/src/conftest/hooks/set_ike_spi.c
index bda02580d..cc4d5afe4 100644
--- a/src/conftest/hooks/set_ike_spi.c
+++ b/src/conftest/hooks/set_ike_spi.c
@@ -42,12 +42,12 @@ struct private_set_ike_spi_t {
/**
* Initiator SPI
*/
- u_int64_t spii;
+ uint64_t spii;
/**
* Responder SPI
*/
- u_int64_t spir;
+ uint64_t spir;
};
METHOD(listener_t, message, bool,
diff --git a/src/conftest/hooks/set_length.c b/src/conftest/hooks/set_length.c
index b1a1a4723..7f6415841 100644
--- a/src/conftest/hooks/set_length.c
+++ b/src/conftest/hooks/set_length.c
@@ -75,7 +75,7 @@ METHOD(listener_t, message, bool,
if (type == payload->get_type(payload))
{
encoding_rule_t *rules;
- u_int16_t *len;
+ uint16_t *len;
int i, count;
count = payload->get_encoding_rules(payload, &rules);
@@ -83,7 +83,7 @@ METHOD(listener_t, message, bool,
{
if (rules[i].type == PAYLOAD_LENGTH)
{
- len = (u_int16_t*)(((void*)payload) + rules[i].offset);
+ len = (uint16_t*)(((void*)payload) + rules[i].offset);
DBG1(DBG_CFG, "adjusting length of %N payload "
"from %d to %d", payload_type_short_names, type,
*len, *len + this->diff);
diff --git a/src/conftest/hooks/set_proposal_number.c b/src/conftest/hooks/set_proposal_number.c
index 4e572d608..dd814ad15 100644
--- a/src/conftest/hooks/set_proposal_number.c
+++ b/src/conftest/hooks/set_proposal_number.c
@@ -57,7 +57,7 @@ static void copy_proposal_algs(proposal_t *from, proposal_t *to,
transform_type_t type)
{
enumerator_t *enumerator;
- u_int16_t alg, key_size;
+ uint16_t alg, key_size;
enumerator = from->create_enumerator(from, type);
while (enumerator->enumerate(enumerator, &alg, &key_size))
diff --git a/src/conftest/hooks/set_reserved.c b/src/conftest/hooks/set_reserved.c
index 488e8df1c..7ce6f1b88 100644
--- a/src/conftest/hooks/set_reserved.c
+++ b/src/conftest/hooks/set_reserved.c
@@ -85,11 +85,11 @@ static void set_bit(private_set_reserved_t *this, message_t *message,
* Set reserved byte of a payload
*/
static void set_byte(private_set_reserved_t *this, message_t *message,
- payload_type_t type, u_int nr, u_int8_t byteval)
+ payload_type_t type, u_int nr, uint8_t byteval)
{
enumerator_t *payloads;
payload_t *payload;
- u_int8_t *byte;
+ uint8_t *byte;
if (type == PLV2_TRANSFORM_SUBSTRUCTURE || type == PLV2_PROPOSAL_SUBSTRUCTURE)
{
@@ -172,7 +172,7 @@ METHOD(listener_t, message, bool,
enumerator_t *bits, *bytes, *types;
payload_type_t type;
char *nr, *name;
- u_int8_t byteval;
+ uint8_t byteval;
types = conftest->test->create_section_enumerator(conftest->test,
"hooks.%s", this->name);
diff --git a/src/dumm/Makefile.in b/src/dumm/Makefile.in
index 6525fbcb4..d3bb11f61 100644
--- a/src/dumm/Makefile.in
+++ b/src/dumm/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = dumm$(EXEEXT) irdumm$(EXEEXT)
subdir = src/dumm
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -208,12 +217,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -263,6 +274,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -297,6 +309,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -408,6 +421,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -472,7 +486,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/dumm/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/dumm/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -841,6 +854,8 @@ uninstall-am: uninstall-ipsecPROGRAMS uninstall-ipseclibLTLIBRARIES
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
all-local: ext
diff --git a/src/dumm/mconsole.c b/src/dumm/mconsole.c
index 54c4fe395..4563d6f9e 100644
--- a/src/dumm/mconsole.c
+++ b/src/dumm/mconsole.c
@@ -54,9 +54,9 @@ struct private_mconsole_t {
typedef struct mconsole_request mconsole_request;
/** mconsole request message */
struct mconsole_request {
- u_int32_t magic;
- u_int32_t version;
- u_int32_t len;
+ uint32_t magic;
+ uint32_t version;
+ uint32_t len;
char data[MCONSOLE_MAX_DATA];
};
@@ -64,24 +64,24 @@ struct mconsole_request {
typedef struct mconsole_reply mconsole_reply;
/** mconsole reply message */
struct mconsole_reply {
- u_int32_t err;
- u_int32_t more;
- u_int32_t len;
+ uint32_t err;
+ uint32_t more;
+ uint32_t len;
char data[MCONSOLE_MAX_DATA];
};
typedef struct mconsole_notify mconsole_notify;
/** mconsole notify message */
struct mconsole_notify {
- u_int32_t magic;
- u_int32_t version;
+ uint32_t magic;
+ uint32_t version;
enum {
MCONSOLE_SOCKET,
MCONSOLE_PANIC,
MCONSOLE_HANG,
MCONSOLE_USER_NOTIFY,
} type;
- u_int32_t len;
+ uint32_t len;
char data[MCONSOLE_MAX_DATA];
};
diff --git a/src/include/Makefile.in b/src/include/Makefile.in
index 9f4becb40..c909af9a1 100644
--- a/src/include/Makefile.in
+++ b/src/include/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -78,7 +88,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/include
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -92,6 +101,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -116,12 +126,14 @@ am__can_run_installinfo = \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -171,6 +183,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -205,6 +218,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -316,6 +330,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -362,7 +377,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/include/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/include/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -537,6 +551,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/include/linux/pfkeyv2.h b/src/include/linux/pfkeyv2.h
index 7379d1a94..7a1e995a3 100644
--- a/src/include/linux/pfkeyv2.h
+++ b/src/include/linux/pfkeyv2.h
@@ -159,7 +159,7 @@ struct sadb_spirange {
struct sadb_x_kmprivate {
uint16_t sadb_x_kmprivate_len;
uint16_t sadb_x_kmprivate_exttype;
- u_int32_t sadb_x_kmprivate_reserved;
+ uint32_t sadb_x_kmprivate_reserved;
} __attribute__((packed));
/* sizeof(struct sadb_x_kmprivate) == 8 */
diff --git a/src/ipsec/Makefile.in b/src/ipsec/Makefile.in
index 72022ed56..c4cb5af4c 100644
--- a/src/ipsec/Makefile.in
+++ b/src/ipsec/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/ipsec
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(dist_man8_MANS)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -150,12 +159,14 @@ man8dir = $(mandir)/man8
NROFF = nroff
MANS = $(dist_man8_MANS)
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(dist_man8_MANS) $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -205,6 +216,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -239,6 +251,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -350,6 +363,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -397,7 +411,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/ipsec/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/ipsec/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -660,6 +673,8 @@ uninstall-man: uninstall-man8
ps ps-am tags-am uninstall uninstall-am uninstall-hook \
uninstall-man uninstall-man8 uninstall-sbinSCRIPTS
+.PRECIOUS: Makefile
+
_ipsec.8 : _ipsec.8.in
$(AM_V_GEN) \
diff --git a/src/ipsec/_ipsec.8 b/src/ipsec/_ipsec.8
index 686c1ce80..b0acc6c0c 100644
--- a/src/ipsec/_ipsec.8
+++ b/src/ipsec/_ipsec.8
@@ -1,4 +1,4 @@
-.TH IPSEC 8 "2013-10-29" "5.4.0rc1" "strongSwan"
+.TH IPSEC 8 "2013-10-29" "5.5.0rc1" "strongSwan"
.
.SH NAME
.
diff --git a/src/libcharon/Android.mk b/src/libcharon/Android.mk
index 55e6bc58b..4f3d78c6d 100644
--- a/src/libcharon/Android.mk
+++ b/src/libcharon/Android.mk
@@ -10,6 +10,7 @@ attributes/mem_pool.c attributes/mem_pool.h \
bus/bus.c bus/bus.h \
bus/listeners/listener.h \
bus/listeners/logger.h \
+bus/listeners/custom_logger.h \
bus/listeners/file_logger.c bus/listeners/file_logger.h \
config/backend_manager.c config/backend_manager.h config/backend.h \
config/child_cfg.c config/child_cfg.h \
diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am
index 9f0707813..550f6eb9c 100644
--- a/src/libcharon/Makefile.am
+++ b/src/libcharon/Makefile.am
@@ -154,12 +154,15 @@ AM_CPPFLAGS = \
-DIPSEC_DIR=\"${ipsecdir}\" \
-DIPSEC_PIDDIR=\"${piddir}\"
+AM_CFLAGS = \
+ @COVERAGE_CFLAGS@
+
AM_LDFLAGS = \
-no-undefined
libcharon_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- -lm $(PTHREADLIB) $(DLLIB) $(SOCKLIB)
+ -lm $(PTHREADLIB) $(ATOMICLIB) $(DLLIB) $(SOCKLIB)
if USE_WINDOWS
libcharon_la_LIBADD += -lws2_32
diff --git a/src/libcharon/Makefile.in b/src/libcharon/Makefile.in
index 2ccae216e..3ea9b8089 100644
--- a/src/libcharon/Makefile.in
+++ b/src/libcharon/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -284,8 +294,6 @@ host_triplet = @host@
@USE_ATTR_SQL_TRUE@am__append_146 = plugins/attr_sql
@MONOLITHIC_TRUE@@USE_ATTR_SQL_TRUE@am__append_147 = plugins/attr_sql/libstrongswan-attr-sql.la
subdir = src/libcharon
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -299,6 +307,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -336,31 +345,32 @@ am__DEPENDENCIES_1 =
libcharon_la_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) $(am__append_7) \
- $(am__append_9) $(am__append_11) $(am__append_13) \
- $(am__append_15) $(am__append_17) $(am__append_19) \
- $(am__append_21) $(am__append_23) $(am__append_25) \
- $(am__append_27) $(am__append_29) $(am__append_31) \
- $(am__append_33) $(am__append_35) $(am__append_37) \
- $(am__append_39) $(am__append_41) $(am__append_43) \
- $(am__append_45) $(am__append_47) $(am__append_49) \
- $(am__append_51) $(am__append_53) $(am__append_54) \
- $(am__append_56) $(am__append_58) $(am__append_60) \
- $(am__append_62) $(am__append_64) $(am__append_66) \
- $(am__append_68) $(am__append_70) $(am__append_72) \
- $(am__append_73) $(am__append_74) $(am__append_76) \
- $(am__append_78) $(am__append_79) $(am__append_81) \
- $(am__append_83) $(am__append_85) $(am__append_87) \
- $(am__append_89) $(am__append_91) $(am__append_93) \
- $(am__append_95) $(am__append_97) $(am__append_99) \
- $(am__append_101) $(am__append_103) $(am__append_105) \
- $(am__append_107) $(am__append_109) $(am__append_111) \
- $(am__append_113) $(am__append_115) $(am__append_117) \
- $(am__append_119) $(am__append_121) $(am__append_123) \
- $(am__append_125) $(am__append_127) $(am__append_129) \
- $(am__append_131) $(am__append_133) $(am__append_135) \
- $(am__append_137) $(am__append_139) $(am__append_141) \
- $(am__append_143) $(am__append_145) $(am__append_147)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__append_7) $(am__append_9) \
+ $(am__append_11) $(am__append_13) $(am__append_15) \
+ $(am__append_17) $(am__append_19) $(am__append_21) \
+ $(am__append_23) $(am__append_25) $(am__append_27) \
+ $(am__append_29) $(am__append_31) $(am__append_33) \
+ $(am__append_35) $(am__append_37) $(am__append_39) \
+ $(am__append_41) $(am__append_43) $(am__append_45) \
+ $(am__append_47) $(am__append_49) $(am__append_51) \
+ $(am__append_53) $(am__append_54) $(am__append_56) \
+ $(am__append_58) $(am__append_60) $(am__append_62) \
+ $(am__append_64) $(am__append_66) $(am__append_68) \
+ $(am__append_70) $(am__append_72) $(am__append_73) \
+ $(am__append_74) $(am__append_76) $(am__append_78) \
+ $(am__append_79) $(am__append_81) $(am__append_83) \
+ $(am__append_85) $(am__append_87) $(am__append_89) \
+ $(am__append_91) $(am__append_93) $(am__append_95) \
+ $(am__append_97) $(am__append_99) $(am__append_101) \
+ $(am__append_103) $(am__append_105) $(am__append_107) \
+ $(am__append_109) $(am__append_111) $(am__append_113) \
+ $(am__append_115) $(am__append_117) $(am__append_119) \
+ $(am__append_121) $(am__append_123) $(am__append_125) \
+ $(am__append_127) $(am__append_129) $(am__append_131) \
+ $(am__append_133) $(am__append_135) $(am__append_137) \
+ $(am__append_139) $(am__append_141) $(am__append_143) \
+ $(am__append_145) $(am__append_147)
am__libcharon_la_SOURCES_DIST = attributes/attributes.c \
attributes/attributes.h attributes/attribute_provider.h \
attributes/attribute_handler.h attributes/attribute_manager.c \
@@ -747,6 +757,7 @@ DIST_SUBDIRS = . plugins/load_tester plugins/socket_default \
plugins/xauth_generic plugins/xauth_eap plugins/xauth_pam \
plugins/xauth_noauth plugins/resolve plugins/attr \
plugins/attr_sql tests
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -778,6 +789,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -827,6 +839,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -861,6 +874,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -972,6 +986,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -1112,12 +1127,15 @@ AM_CPPFLAGS = \
-DIPSEC_DIR=\"${ipsecdir}\" \
-DIPSEC_PIDDIR=\"${piddir}\"
+AM_CFLAGS = \
+ @COVERAGE_CFLAGS@
+
AM_LDFLAGS = \
-no-undefined
libcharon_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la -lm \
- $(PTHREADLIB) $(DLLIB) $(SOCKLIB) $(am__append_4) \
+ $(PTHREADLIB) $(ATOMICLIB) $(DLLIB) $(SOCKLIB) $(am__append_4) \
$(am__append_7) $(am__append_9) $(am__append_11) \
$(am__append_13) $(am__append_15) $(am__append_17) \
$(am__append_19) $(am__append_21) $(am__append_23) \
@@ -1233,7 +1251,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -2231,6 +2248,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
daemon.lo : $(top_builddir)/config.status
diff --git a/src/libcharon/attributes/mem_pool.c b/src/libcharon/attributes/mem_pool.c
index 833c3e950..a2b7c2803 100644
--- a/src/libcharon/attributes/mem_pool.c
+++ b/src/libcharon/attributes/mem_pool.c
@@ -142,7 +142,7 @@ static host_t* offset2host(private_mem_pool_t *pool, int offset)
{
chunk_t addr;
host_t *host;
- u_int32_t *pos;
+ uint32_t *pos;
offset--;
if (offset > pool->size)
@@ -153,11 +153,11 @@ static host_t* offset2host(private_mem_pool_t *pool, int offset)
addr = chunk_clone(pool->base->get_address(pool->base));
if (pool->base->get_family(pool->base) == AF_INET6)
{
- pos = (u_int32_t*)(addr.ptr + 12);
+ pos = (uint32_t*)(addr.ptr + 12);
}
else
{
- pos = (u_int32_t*)addr.ptr;
+ pos = (uint32_t*)addr.ptr;
}
*pos = htonl(offset + ntohl(*pos));
host = host_create_from_chunk(pool->base->get_family(pool->base), addr, 0);
@@ -171,7 +171,7 @@ static host_t* offset2host(private_mem_pool_t *pool, int offset)
static int host2offset(private_mem_pool_t *pool, host_t *addr)
{
chunk_t host, base;
- u_int32_t hosti, basei;
+ uint32_t hosti, basei;
if (addr->get_family(addr) != pool->base->get_family(pool->base))
{
@@ -189,8 +189,8 @@ static int host2offset(private_mem_pool_t *pool, host_t *addr)
host = chunk_skip(host, 12);
base = chunk_skip(base, 12);
}
- hosti = ntohl(*(u_int32_t*)(host.ptr));
- basei = ntohl(*(u_int32_t*)(base.ptr));
+ hosti = ntohl(*(uint32_t*)(host.ptr));
+ basei = ntohl(*(uint32_t*)(base.ptr));
if (hosti > basei + pool->size)
{
return -1;
@@ -634,7 +634,7 @@ static private_mem_pool_t *create_generic(char *name)
*/
static u_int network_id_diff(host_t *host, int hostbits)
{
- u_int32_t last;
+ uint32_t last;
chunk_t addr;
if (!hostbits)
@@ -705,7 +705,7 @@ mem_pool_t *mem_pool_create_range(char *name, host_t *from, host_t *to)
{
private_mem_pool_t *this;
chunk_t fromaddr, toaddr;
- u_int32_t diff;
+ uint32_t diff;
fromaddr = from->get_address(from);
toaddr = to->get_address(to);
diff --git a/src/libcharon/bus/bus.c b/src/libcharon/bus/bus.c
index 53ded6be7..e17d629d2 100644
--- a/src/libcharon/bus/bus.c
+++ b/src/libcharon/bus/bus.c
@@ -688,7 +688,7 @@ METHOD(bus_t, child_rekey, void,
}
METHOD(bus_t, children_migrate, void,
- private_bus_t *this, ike_sa_id_t *new, u_int32_t unique)
+ private_bus_t *this, ike_sa_id_t *new, uint32_t unique)
{
enumerator_t *enumerator;
ike_sa_t *ike_sa;
diff --git a/src/libcharon/bus/bus.h b/src/libcharon/bus/bus.h
index b6757b140..305cbe4ae 100644
--- a/src/libcharon/bus/bus.h
+++ b/src/libcharon/bus/bus.h
@@ -101,9 +101,13 @@ enum alert_t {
/** received IKE message with invalid body, argument is message_t*,
* followed by a status_t result returned by message_t.parse_body(). */
ALERT_PARSE_ERROR_BODY,
- /** sending a retransmit for a message, argument is packet_t, if the message
- * got fragmented only the first fragment is passed */
+ /** sending a retransmit for a message, arguments are packet_t and number
+ * of the retransmit, if the message got fragmented only the first fragment
+ * is passed */
ALERT_RETRANSMIT_SEND,
+ /** received response for retransmitted request, argument is packet_t, if
+ * the message got fragmented only the first fragment is passed */
+ ALERT_RETRANSMIT_SEND_CLEARED,
/** sending retransmits timed out, argument is packet_t, if available and if
* the message got fragmented only the first fragment is passed */
ALERT_RETRANSMIT_SEND_TIMEOUT,
@@ -432,7 +436,7 @@ struct bus_t {
* @param new ID of new SA when called for the old, NULL otherwise
* @param uniue unique ID of new SA when called for the old, 0 otherwise
*/
- void (*children_migrate)(bus_t *this, ike_sa_id_t *new, u_int32_t unique);
+ void (*children_migrate)(bus_t *this, ike_sa_id_t *new, uint32_t unique);
/**
* Virtual IP assignment hook.
diff --git a/src/libcharon/bus/listeners/listener.h b/src/libcharon/bus/listeners/listener.h
index c7a8d8d1e..be2726ede 100644
--- a/src/libcharon/bus/listeners/listener.h
+++ b/src/libcharon/bus/listeners/listener.h
@@ -200,7 +200,7 @@ struct listener_t {
* @return TRUE to stay registered, FALSE to unregister
*/
bool (*children_migrate)(listener_t *this, ike_sa_t *ike_sa,
- ike_sa_id_t *new, u_int32_t unique);
+ ike_sa_id_t *new, uint32_t unique);
/**
* Hook called to invoke additional authorization rules.
diff --git a/src/libcharon/config/child_cfg.c b/src/libcharon/config/child_cfg.c
index 3d3c7419b..76d7f2c58 100644
--- a/src/libcharon/config/child_cfg.c
+++ b/src/libcharon/config/child_cfg.c
@@ -1,8 +1,9 @@
/*
- * Copyright (C) 2008-2015 Tobias Brunner
+ * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2005-2007 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -110,12 +111,12 @@ struct private_child_cfg_t {
/**
* Inactivity timeout
*/
- u_int32_t inactivity;
+ uint32_t inactivity;
/**
* Reqid to install CHILD_SA with
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* Optional mark to install inbound CHILD_SA with
@@ -130,7 +131,17 @@ struct private_child_cfg_t {
/**
* Traffic Flow Confidentiality padding, if enabled
*/
- u_int32_t tfc;
+ uint32_t tfc;
+
+ /**
+ * Optional manually-set IPsec policy priorities
+ */
+ uint32_t manual_prio;
+
+ /**
+ * Optional restriction of IPsec policy to a given network interface
+ */
+ char *interface;
/**
* set up IPsec transport SA in MIPv6 proxy mode
@@ -145,7 +156,7 @@ struct private_child_cfg_t {
/**
* anti-replay window size
*/
- u_int32_t replay_window;
+ uint32_t replay_window;
};
METHOD(child_cfg_t, get_name, char*,
@@ -200,25 +211,40 @@ METHOD(child_cfg_t, get_proposals, linked_list_t*,
METHOD(child_cfg_t, select_proposal, proposal_t*,
private_child_cfg_t*this, linked_list_t *proposals, bool strip_dh,
- bool private)
+ bool private, bool prefer_self)
{
- enumerator_t *stored_enum, *supplied_enum;
- proposal_t *stored, *supplied, *selected = NULL;
+ enumerator_t *prefer_enum, *match_enum;
+ proposal_t *proposal, *match, *selected = NULL;
- stored_enum = this->proposals->create_enumerator(this->proposals);
- supplied_enum = proposals->create_enumerator(proposals);
+ if (prefer_self)
+ {
+ prefer_enum = this->proposals->create_enumerator(this->proposals);
+ match_enum = proposals->create_enumerator(proposals);
+ }
+ else
+ {
+ prefer_enum = proposals->create_enumerator(proposals);
+ match_enum = this->proposals->create_enumerator(this->proposals);
+ }
- /* compare all stored proposals with all supplied. Stored ones are preferred. */
- while (stored_enum->enumerate(stored_enum, &stored))
+ while (prefer_enum->enumerate(prefer_enum, &proposal))
{
- stored = stored->clone(stored);
- while (supplied_enum->enumerate(supplied_enum, &supplied))
+ proposal = proposal->clone(proposal);
+ if (prefer_self)
+ {
+ proposals->reset_enumerator(proposals, match_enum);
+ }
+ else
+ {
+ this->proposals->reset_enumerator(this->proposals, match_enum);
+ }
+ while (match_enum->enumerate(match_enum, &match))
{
if (strip_dh)
{
- stored->strip_dh(stored, MODP_NONE);
+ proposal->strip_dh(proposal, MODP_NONE);
}
- selected = stored->select(stored, supplied, private);
+ selected = proposal->select(proposal, match, private);
if (selected)
{
DBG2(DBG_CFG, "received proposals: %#P", proposals);
@@ -227,17 +253,15 @@ METHOD(child_cfg_t, select_proposal, proposal_t*,
break;
}
}
- stored->destroy(stored);
+ proposal->destroy(proposal);
if (selected)
{
break;
}
- supplied_enum->destroy(supplied_enum);
- supplied_enum = proposals->create_enumerator(proposals);
}
- stored_enum->destroy(stored_enum);
- supplied_enum->destroy(supplied_enum);
- if (selected == NULL)
+ prefer_enum->destroy(prefer_enum);
+ match_enum->destroy(match_enum);
+ if (!selected)
{
DBG1(DBG_CFG, "received proposals: %#P", proposals);
DBG1(DBG_CFG, "configured proposals: %#P", this->proposals);
@@ -405,7 +429,7 @@ METHOD(child_cfg_t, get_hostaccess, bool,
* Note: The distribution of random values is not perfect, but it
* should get the job done.
*/
-static u_int64_t apply_jitter(u_int64_t rekey, u_int64_t jitter)
+static uint64_t apply_jitter(uint64_t rekey, uint64_t jitter)
{
if (jitter == 0)
{
@@ -417,10 +441,14 @@ static u_int64_t apply_jitter(u_int64_t rekey, u_int64_t jitter)
#define APPLY_JITTER(l) l.rekey = apply_jitter(l.rekey, l.jitter)
METHOD(child_cfg_t, get_lifetime, lifetime_cfg_t*,
- private_child_cfg_t *this)
+ private_child_cfg_t *this, bool jitter)
{
lifetime_cfg_t *lft = malloc_thing(lifetime_cfg_t);
memcpy(lft, &this->lifetime, sizeof(lifetime_cfg_t));
+ if (!jitter)
+ {
+ lft->time.jitter = lft->bytes.jitter = lft->packets.jitter = 0;
+ }
APPLY_JITTER(lft->time);
APPLY_JITTER(lft->bytes);
APPLY_JITTER(lft->packets);
@@ -456,7 +484,7 @@ METHOD(child_cfg_t, get_dh_group, diffie_hellman_group_t,
{
enumerator_t *enumerator;
proposal_t *proposal;
- u_int16_t dh_group = MODP_NONE;
+ uint16_t dh_group = MODP_NONE;
enumerator = this->proposals->create_enumerator(this->proposals);
while (enumerator->enumerate(enumerator, &proposal))
@@ -476,13 +504,13 @@ METHOD(child_cfg_t, use_ipcomp, bool,
return this->use_ipcomp;
}
-METHOD(child_cfg_t, get_inactivity, u_int32_t,
+METHOD(child_cfg_t, get_inactivity, uint32_t,
private_child_cfg_t *this)
{
return this->inactivity;
}
-METHOD(child_cfg_t, get_reqid, u_int32_t,
+METHOD(child_cfg_t, get_reqid, uint32_t,
private_child_cfg_t *this)
{
return this->reqid;
@@ -494,29 +522,34 @@ METHOD(child_cfg_t, get_mark, mark_t,
return inbound ? this->mark_in : this->mark_out;
}
-METHOD(child_cfg_t, get_tfc, u_int32_t,
+METHOD(child_cfg_t, get_tfc, uint32_t,
private_child_cfg_t *this)
{
return this->tfc;
}
-METHOD(child_cfg_t, get_replay_window, u_int32_t,
+METHOD(child_cfg_t, get_manual_prio, uint32_t,
private_child_cfg_t *this)
{
- return this->replay_window;
+ return this->manual_prio;
}
-METHOD(child_cfg_t, set_replay_window, void,
- private_child_cfg_t *this, u_int32_t replay_window)
+METHOD(child_cfg_t, get_interface, char*,
+ private_child_cfg_t *this)
{
- this->replay_window = replay_window;
+ return this->interface;
+}
+
+METHOD(child_cfg_t, get_replay_window, uint32_t,
+ private_child_cfg_t *this)
+{
+ return this->replay_window;
}
-METHOD(child_cfg_t, set_mipv6_options, void,
- private_child_cfg_t *this, bool proxy_mode, bool install_policy)
+METHOD(child_cfg_t, set_replay_window, void,
+ private_child_cfg_t *this, uint32_t replay_window)
{
- this->proxy_mode = proxy_mode;
- this->install_policy = install_policy;
+ this->replay_window = replay_window;
}
METHOD(child_cfg_t, use_proxy_mode, bool,
@@ -532,7 +565,7 @@ METHOD(child_cfg_t, install_policy, bool,
}
#define LT_PART_EQUALS(a, b) ({ a.life == b.life && a.rekey == b.rekey && a.jitter == b.jitter; })
-#define LIFETIME_EQUALS(a, b) ({ LT_PART_EQUALS(a.time, b.time) && LT_PART_EQUALS(a.bytes, b.bytes) && LT_PART_EQUALS(a.packets, b.packets); })
+#define LIFETIME_EQUALS(a, b) ({ LT_PART_EQUALS(a.time, b.time) && LT_PART_EQUALS(a.bytes, b.bytes) && LT_PART_EQUALS(a.packets, b.packets); })
METHOD(child_cfg_t, equals, bool,
private_child_cfg_t *this, child_cfg_t *other_pub)
@@ -576,10 +609,12 @@ METHOD(child_cfg_t, equals, bool,
this->mark_out.value == other->mark_out.value &&
this->mark_out.mask == other->mark_out.mask &&
this->tfc == other->tfc &&
+ this->manual_prio == other->manual_prio &&
this->replay_window == other->replay_window &&
this->proxy_mode == other->proxy_mode &&
this->install_policy == other->install_policy &&
- streq(this->updown, other->updown);
+ streq(this->updown, other->updown) &&
+ streq(this->interface, other->interface);
}
METHOD(child_cfg_t, get_ref, child_cfg_t*,
@@ -597,10 +632,8 @@ METHOD(child_cfg_t, destroy, void,
this->proposals->destroy_offset(this->proposals, offsetof(proposal_t, destroy));
this->my_ts->destroy_offset(this->my_ts, offsetof(traffic_selector_t, destroy));
this->other_ts->destroy_offset(this->other_ts, offsetof(traffic_selector_t, destroy));
- if (this->updown)
- {
- free(this->updown);
- }
+ free(this->updown);
+ free(this->interface);
free(this->name);
free(this);
}
@@ -609,12 +642,7 @@ METHOD(child_cfg_t, destroy, void,
/*
* Described in header-file
*/
-child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
- char *updown, bool hostaccess,
- ipsec_mode_t mode, action_t start_action,
- action_t dpd_action, action_t close_action,
- bool ipcomp, u_int32_t inactivity, u_int32_t reqid,
- mark_t *mark_in, mark_t *mark_out, u_int32_t tfc)
+child_cfg_t *child_cfg_create(char *name, child_cfg_create_t *data)
{
private_child_cfg_t *this;
@@ -634,12 +662,13 @@ child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
.get_close_action = _get_close_action,
.get_lifetime = _get_lifetime,
.get_dh_group = _get_dh_group,
- .set_mipv6_options = _set_mipv6_options,
.use_ipcomp = _use_ipcomp,
.get_inactivity = _get_inactivity,
.get_reqid = _get_reqid,
.get_mark = _get_mark,
.get_tfc = _get_tfc,
+ .get_manual_prio = _get_manual_prio,
+ .get_interface = _get_interface,
.get_replay_window = _get_replay_window,
.set_replay_window = _set_replay_window,
.use_proxy_mode = _use_proxy_mode,
@@ -649,35 +678,30 @@ child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
.destroy = _destroy,
},
.name = strdup(name),
- .updown = strdupnull(updown),
- .hostaccess = hostaccess,
- .mode = mode,
- .start_action = start_action,
- .dpd_action = dpd_action,
- .close_action = close_action,
- .use_ipcomp = ipcomp,
- .inactivity = inactivity,
- .reqid = reqid,
- .proxy_mode = FALSE,
- .install_policy = TRUE,
+ .updown = strdupnull(data->updown),
+ .hostaccess = data->hostaccess,
+ .reqid = data->reqid,
+ .mode = data->mode,
+ .proxy_mode = data->proxy_mode,
+ .start_action = data->start_action,
+ .dpd_action = data->dpd_action,
+ .close_action = data->close_action,
+ .mark_in = data->mark_in,
+ .mark_out = data->mark_out,
+ .lifetime = data->lifetime,
+ .inactivity = data->inactivity,
+ .use_ipcomp = data->ipcomp,
+ .tfc = data->tfc,
+ .manual_prio = data->priority,
+ .interface = strdupnull(data->interface),
+ .install_policy = !data->suppress_policies,
.refcount = 1,
.proposals = linked_list_create(),
.my_ts = linked_list_create(),
.other_ts = linked_list_create(),
- .tfc = tfc,
.replay_window = lib->settings->get_int(lib->settings,
- "%s.replay_window", DEFAULT_REPLAY_WINDOW, lib->ns),
+ "%s.replay_window", DEFAULT_REPLAY_WINDOW, lib->ns),
);
- if (mark_in)
- {
- this->mark_in = *mark_in;
- }
- if (mark_out)
- {
- this->mark_out = *mark_out;
- }
- memcpy(&this->lifetime, lifetime, sizeof(lifetime_cfg_t));
-
return &this->public;
}
diff --git a/src/libcharon/config/child_cfg.h b/src/libcharon/config/child_cfg.h
index 22641f77e..e736b2737 100644
--- a/src/libcharon/config/child_cfg.h
+++ b/src/libcharon/config/child_cfg.h
@@ -1,8 +1,9 @@
/*
- * Copyright (C) 2008-2015 Tobias Brunner
+ * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2005-2007 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -25,6 +26,7 @@
typedef enum action_t action_t;
typedef struct child_cfg_t child_cfg_t;
+typedef struct child_cfg_create_t child_cfg_create_t;
#include <library.h>
#include <selectors/traffic_selector.h>
@@ -98,10 +100,12 @@ struct child_cfg_t {
* @param proposals list from which proposals are selected
* @param strip_dh TRUE strip out diffie hellman groups
* @param private accept algorithms from a private range
+ * @param prefer_self whether to prefer configured or supplied proposals
* @return selected proposal, or NULL if nothing matches
*/
proposal_t* (*select_proposal)(child_cfg_t*this, linked_list_t *proposals,
- bool strip_dh, bool private);
+ bool strip_dh, bool private,
+ bool prefer_self);
/**
* Add a traffic selector to the config.
@@ -155,9 +159,10 @@ struct child_cfg_t {
* The rekey limits automatically contain a jitter to avoid simultaneous
* rekeying. These values will change with each call to this function.
*
+ * @param jitter subtract jitter value to randomize lifetimes
* @return lifetime_cfg_t (has to be freed)
*/
- lifetime_cfg_t* (*get_lifetime) (child_cfg_t *this);
+ lifetime_cfg_t* (*get_lifetime) (child_cfg_t *this, bool jitter);
/**
* Get the mode to use for the CHILD_SA.
@@ -210,14 +215,14 @@ struct child_cfg_t {
*
* @return inactivity timeout in s
*/
- u_int32_t (*get_inactivity)(child_cfg_t *this);
+ uint32_t (*get_inactivity)(child_cfg_t *this);
/**
* Specific reqid to use for CHILD_SA.
*
* @return reqid
*/
- u_int32_t (*get_reqid)(child_cfg_t *this);
+ uint32_t (*get_reqid)(child_cfg_t *this);
/**
* Optional mark for CHILD_SA.
@@ -232,30 +237,35 @@ struct child_cfg_t {
*
* @return TFC padding, 0 to disable, -1 for MTU
*/
- u_int32_t (*get_tfc)(child_cfg_t *this);
+ uint32_t (*get_tfc)(child_cfg_t *this);
/**
- * Get anti-replay window size
+ * Get optional manually-set IPsec policy priority
*
- * @return anti-replay window size
+ * @return manually-set IPsec policy priority (automatic if 0)
*/
- u_int32_t (*get_replay_window)(child_cfg_t *this);
+ uint32_t (*get_manual_prio)(child_cfg_t *this);
/**
- * Set anti-replay window size
+ * Get optional network interface restricting IPsec policy
*
- * @param window anti-replay window size
+ * @return network interface)
*/
- void (*set_replay_window)(child_cfg_t *this, u_int32_t window);
+ char* (*get_interface)(child_cfg_t *this);
/**
- * Sets two options needed for Mobile IPv6 interoperability.
+ * Get anti-replay window size
*
- * @param proxy_mode use IPsec transport proxy mode (default FALSE)
- * @param install_policy install IPsec kernel policies (default TRUE)
+ * @return anti-replay window size
*/
- void (*set_mipv6_options)(child_cfg_t *this, bool proxy_mode,
- bool install_policy);
+ uint32_t (*get_replay_window)(child_cfg_t *this);
+
+ /**
+ * Set anti-replay window size
+ *
+ * @param window anti-replay window size
+ */
+ void (*set_replay_window)(child_cfg_t *this, uint32_t window);
/**
* Check whether IPsec transport SA should be set up in proxy mode.
@@ -297,38 +307,56 @@ struct child_cfg_t {
void (*destroy) (child_cfg_t *this);
};
+
+/**
+ * Data passed to the constructor of a child_cfg_t object.
+ */
+struct child_cfg_create_t {
+ /** Specific reqid to use for CHILD_SA, 0 for auto assignment */
+ uint32_t reqid;
+ /** Optional inbound mark */
+ mark_t mark_in;
+ /** Optional outbound mark */
+ mark_t mark_out;
+ /** Mode to propose for CHILD_SA */
+ ipsec_mode_t mode;
+ /** Use IPsec transport proxy mode */
+ bool proxy_mode;
+ /** Use IPComp, if peer supports it */
+ bool ipcomp;
+ /** TFC padding size, 0 to disable, -1 to pad to PMTU */
+ uint32_t tfc;
+ /** Optional manually-set IPsec policy priority */
+ uint32_t priority;
+ /** Optional network interface restricting IPsec policy (cloned) */
+ char *interface;
+ /** lifetime_cfg_t for this child_cfg */
+ lifetime_cfg_t lifetime;
+ /** Inactivity timeout in s before closing a CHILD_SA */
+ uint32_t inactivity;
+ /** Start action */
+ action_t start_action;
+ /** DPD action */
+ action_t dpd_action;
+ /** Close action */
+ action_t close_action;
+ /** updown script to execute on up/down event (cloned) */
+ char *updown;
+ /** TRUE to allow access to the local host */
+ bool hostaccess;
+ /** Don't install IPsec policies */
+ bool suppress_policies;
+};
+
/**
* Create a configuration template for CHILD_SA setup.
*
- * The "name" string gets cloned.
- *
- * The lifetime_cfg_t object gets cloned.
- * To prevent two peers to start rekeying at the same time, a jitter may be
- * specified. Rekeying of an SA starts at (x.rekey - random(0, x.jitter)).
- *
* After a call to create, a reference is obtained (refcount = 1).
*
- * @param name name of the child_cfg
- * @param lifetime lifetime_cfg_t for this child_cfg
- * @param updown updown script to execute on up/down event
- * @param hostaccess TRUE to allow access to the local host
- * @param mode mode to propose for CHILD_SA, transport, tunnel or BEET
- * @param start_action start action
- * @param dpd_action DPD action
- * @param close_action close action
- * @param ipcomp use IPComp, if peer supports it
- * @param inactivity inactivity timeout in s before closing a CHILD_SA
- * @param reqid specific reqid to use for CHILD_SA, 0 for auto assign
- * @param mark_in optional inbound mark (can be NULL)
- * @param mark_out optional outbound mark (can be NULL)
- * @param tfc TFC padding size, 0 to disable, -1 to pad to PMTU
+ * @param name name of the child_cfg (cloned)
+ * @param data data for this child_cfg
* @return child_cfg_t object
*/
-child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
- char *updown, bool hostaccess,
- ipsec_mode_t mode, action_t start_action,
- action_t dpd_action, action_t close_action,
- bool ipcomp, u_int32_t inactivity, u_int32_t reqid,
- mark_t *mark_in, mark_t *mark_out, u_int32_t tfc);
+child_cfg_t *child_cfg_create(char *name, child_cfg_create_t *data);
#endif /** CHILD_CFG_H_ @}*/
diff --git a/src/libcharon/config/ike_cfg.c b/src/libcharon/config/ike_cfg.c
index a720e1493..7d52ac88f 100644
--- a/src/libcharon/config/ike_cfg.c
+++ b/src/libcharon/config/ike_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2015 Tobias Brunner
+ * Copyright (C) 2012-2016 Tobias Brunner
* Copyright (C) 2005-2007 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -83,12 +83,12 @@ struct private_ike_cfg_t {
/**
* our source port
*/
- u_int16_t my_port;
+ uint16_t my_port;
/**
* destination port
*/
- u_int16_t other_port;
+ uint16_t other_port;
/**
* should we send a certificate request?
@@ -108,7 +108,7 @@ struct private_ike_cfg_t {
/**
* DSCP value to use on sent IKE packets
*/
- u_int8_t dscp;
+ uint8_t dscp;
/**
* List of proposals to use
@@ -143,7 +143,7 @@ METHOD(ike_cfg_t, fragmentation, fragmentation_t,
/**
* Common function for resolve_me/other
*/
-static host_t* resolve(linked_list_t *hosts, int family, u_int16_t port)
+static host_t* resolve(linked_list_t *hosts, int family, uint16_t port)
{
enumerator_t *enumerator;
host_t *host = NULL;
@@ -192,7 +192,7 @@ static u_int match(linked_list_t *hosts, linked_list_t *ranges, host_t *cand)
traffic_selector_t *ts;
char *str;
host_t *host;
- u_int8_t mask;
+ uint8_t mask;
u_int quality = 0;
/* try single hosts first */
@@ -261,19 +261,19 @@ METHOD(ike_cfg_t, get_other_addr, char*,
return this->other;
}
-METHOD(ike_cfg_t, get_my_port, u_int16_t,
+METHOD(ike_cfg_t, get_my_port, uint16_t,
private_ike_cfg_t *this)
{
return this->my_port;
}
-METHOD(ike_cfg_t, get_other_port, u_int16_t,
+METHOD(ike_cfg_t, get_other_port, uint16_t,
private_ike_cfg_t *this)
{
return this->other_port;
}
-METHOD(ike_cfg_t, get_dscp, u_int8_t,
+METHOD(ike_cfg_t, get_dscp, uint8_t,
private_ike_cfg_t *this)
{
return this->dscp;
@@ -310,42 +310,57 @@ METHOD(ike_cfg_t, get_proposals, linked_list_t*,
}
METHOD(ike_cfg_t, select_proposal, proposal_t*,
- private_ike_cfg_t *this, linked_list_t *proposals, bool private)
+ private_ike_cfg_t *this, linked_list_t *proposals, bool private,
+ bool prefer_self)
{
- enumerator_t *stored_enum, *supplied_enum;
- proposal_t *stored, *supplied, *selected;
+ enumerator_t *prefer_enum, *match_enum;
+ proposal_t *proposal, *match, *selected = NULL;
- stored_enum = this->proposals->create_enumerator(this->proposals);
- supplied_enum = proposals->create_enumerator(proposals);
-
-
- /* compare all stored proposals with all supplied. Stored ones are preferred.*/
- while (stored_enum->enumerate(stored_enum, (void**)&stored))
+ if (prefer_self)
+ {
+ prefer_enum = this->proposals->create_enumerator(this->proposals);
+ match_enum = proposals->create_enumerator(proposals);
+ }
+ else
{
- proposals->reset_enumerator(proposals, supplied_enum);
+ prefer_enum = proposals->create_enumerator(proposals);
+ match_enum = this->proposals->create_enumerator(this->proposals);
+ }
- while (supplied_enum->enumerate(supplied_enum, (void**)&supplied))
+ while (prefer_enum->enumerate(prefer_enum, (void**)&proposal))
+ {
+ if (prefer_self)
+ {
+ proposals->reset_enumerator(proposals, match_enum);
+ }
+ else
{
- selected = stored->select(stored, supplied, private);
+ this->proposals->reset_enumerator(this->proposals, match_enum);
+ }
+ while (match_enum->enumerate(match_enum, (void**)&match))
+ {
+ selected = proposal->select(proposal, match, private);
if (selected)
{
- /* they match, return */
- stored_enum->destroy(stored_enum);
- supplied_enum->destroy(supplied_enum);
DBG2(DBG_CFG, "received proposals: %#P", proposals);
DBG2(DBG_CFG, "configured proposals: %#P", this->proposals);
DBG2(DBG_CFG, "selected proposal: %P", selected);
- return selected;
+ break;
}
}
+ if (selected)
+ {
+ break;
+ }
}
- /* no proposal match :-(, will result in a NO_PROPOSAL_CHOSEN... */
- stored_enum->destroy(stored_enum);
- supplied_enum->destroy(supplied_enum);
- DBG1(DBG_CFG, "received proposals: %#P", proposals);
- DBG1(DBG_CFG, "configured proposals: %#P", this->proposals);
-
- return NULL;
+ prefer_enum->destroy(prefer_enum);
+ match_enum->destroy(match_enum);
+ if (!selected)
+ {
+ DBG1(DBG_CFG, "received proposals: %#P", proposals);
+ DBG1(DBG_CFG, "configured proposals: %#P", this->proposals);
+ }
+ return selected;
}
METHOD(ike_cfg_t, get_dh_group, diffie_hellman_group_t,
@@ -353,7 +368,7 @@ METHOD(ike_cfg_t, get_dh_group, diffie_hellman_group_t,
{
enumerator_t *enumerator;
proposal_t *proposal;
- u_int16_t dh_group = MODP_NONE;
+ uint16_t dh_group = MODP_NONE;
enumerator = this->proposals->create_enumerator(this->proposals);
while (enumerator->enumerate(enumerator, &proposal))
@@ -545,9 +560,9 @@ int ike_cfg_get_family(ike_cfg_t *cfg, bool local)
* Described in header.
*/
ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
- char *me, u_int16_t my_port,
- char *other, u_int16_t other_port,
- fragmentation_t fragmentation, u_int8_t dscp)
+ char *me, uint16_t my_port,
+ char *other, uint16_t other_port,
+ fragmentation_t fragmentation, uint8_t dscp)
{
private_ike_cfg_t *this;
diff --git a/src/libcharon/config/ike_cfg.h b/src/libcharon/config/ike_cfg.h
index a72960f4f..5655a3497 100644
--- a/src/libcharon/config/ike_cfg.h
+++ b/src/libcharon/config/ike_cfg.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2015 Tobias Brunner
+ * Copyright (C) 2012-2016 Tobias Brunner
* Copyright (C) 2005-2007 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -128,21 +128,21 @@ struct ike_cfg_t {
*
* @return source address port, host order
*/
- u_int16_t (*get_my_port)(ike_cfg_t *this);
+ uint16_t (*get_my_port)(ike_cfg_t *this);
/**
* Get the port to use as destination port.
*
* @return destination address, host order
*/
- u_int16_t (*get_other_port)(ike_cfg_t *this);
+ uint16_t (*get_other_port)(ike_cfg_t *this);
/**
* Get the DSCP value to use for IKE packets send from connections.
*
* @return DSCP value
*/
- u_int8_t (*get_dscp)(ike_cfg_t *this);
+ uint8_t (*get_dscp)(ike_cfg_t *this);
/**
* Adds a proposal to the list.
@@ -165,16 +165,17 @@ struct ike_cfg_t {
linked_list_t* (*get_proposals) (ike_cfg_t *this);
/**
- * Select a proposed from suggested proposals.
+ * Select a proposal from a list of supplied proposals.
*
* Returned proposal must be destroyed after use.
*
* @param proposals list of proposals to select from
* @param private accept algorithms from a private range
+ * @param prefer_self whether to prefer configured or supplied proposals
* @return selected proposal, or NULL if none matches.
*/
proposal_t *(*select_proposal) (ike_cfg_t *this, linked_list_t *proposals,
- bool private);
+ bool private, bool prefer_self);
/**
* Should we send a certificate request in IKE_SA_INIT?
@@ -250,9 +251,9 @@ struct ike_cfg_t {
* @return ike_cfg_t object.
*/
ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
- char *me, u_int16_t my_port,
- char *other, u_int16_t other_port,
- fragmentation_t fragmentation, u_int8_t dscp);
+ char *me, uint16_t my_port,
+ char *other, uint16_t other_port,
+ fragmentation_t fragmentation, uint8_t dscp);
/**
* Determine the address family of the local or remtoe address(es). If multiple
diff --git a/src/libcharon/config/peer_cfg.c b/src/libcharon/config/peer_cfg.c
index d28a79507..6463c7a36 100644
--- a/src/libcharon/config/peer_cfg.c
+++ b/src/libcharon/config/peer_cfg.c
@@ -1,8 +1,8 @@
/*
- * Copyright (C) 2007-2015 Tobias Brunner
+ * Copyright (C) 2007-2016 Tobias Brunner
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -88,7 +88,7 @@ struct private_peer_cfg_t {
/**
* number of tries after giving up if peer does not respond
*/
- u_int32_t keyingtries;
+ uint32_t keyingtries;
/**
* enable support for MOBIKE
@@ -108,32 +108,32 @@ struct private_peer_cfg_t {
/**
* Time before starting rekeying
*/
- u_int32_t rekey_time;
+ uint32_t rekey_time;
/**
* Time before starting reauthentication
*/
- u_int32_t reauth_time;
+ uint32_t reauth_time;
/**
* Time, which specifies the range of a random value subtracted from above.
*/
- u_int32_t jitter_time;
+ uint32_t jitter_time;
/**
* Delay before deleting a rekeying/reauthenticating SA
*/
- u_int32_t over_time;
+ uint32_t over_time;
/**
* DPD check intervall
*/
- u_int32_t dpd;
+ uint32_t dpd;
/**
* DPD timeout intervall (used for IKEv1 only)
*/
- u_int32_t dpd_timeout;
+ uint32_t dpd_timeout;
/**
* List of virtual IPs (host_t*) to request
@@ -455,13 +455,13 @@ METHOD(peer_cfg_t, get_unique_policy, unique_policy_t,
return this->unique;
}
-METHOD(peer_cfg_t, get_keyingtries, u_int32_t,
+METHOD(peer_cfg_t, get_keyingtries, uint32_t,
private_peer_cfg_t *this)
{
return this->keyingtries;
}
-METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
+METHOD(peer_cfg_t, get_rekey_time, uint32_t,
private_peer_cfg_t *this, bool jitter)
{
if (this->rekey_time == 0)
@@ -475,7 +475,7 @@ METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
return this->rekey_time - (random() % this->jitter_time);
}
-METHOD(peer_cfg_t, get_reauth_time, u_int32_t,
+METHOD(peer_cfg_t, get_reauth_time, uint32_t,
private_peer_cfg_t *this, bool jitter)
{
if (this->reauth_time == 0)
@@ -489,7 +489,7 @@ METHOD(peer_cfg_t, get_reauth_time, u_int32_t,
return this->reauth_time - (random() % this->jitter_time);
}
-METHOD(peer_cfg_t, get_over_time, u_int32_t,
+METHOD(peer_cfg_t, get_over_time, uint32_t,
private_peer_cfg_t *this)
{
return this->over_time;
@@ -513,13 +513,13 @@ METHOD(peer_cfg_t, use_pull_mode, bool,
return this->pull_mode;
}
-METHOD(peer_cfg_t, get_dpd, u_int32_t,
+METHOD(peer_cfg_t, get_dpd, uint32_t,
private_peer_cfg_t *this)
{
return this->dpd;
}
-METHOD(peer_cfg_t, get_dpd_timeout, u_int32_t,
+METHOD(peer_cfg_t, get_dpd_timeout, uint32_t,
private_peer_cfg_t *this)
{
return this->dpd_timeout;
@@ -724,29 +724,22 @@ METHOD(peer_cfg_t, destroy, void,
/*
* Described in header-file
*/
-peer_cfg_t *peer_cfg_create(char *name,
- ike_cfg_t *ike_cfg, cert_policy_t cert_policy,
- unique_policy_t unique, u_int32_t keyingtries,
- u_int32_t rekey_time, u_int32_t reauth_time,
- u_int32_t jitter_time, u_int32_t over_time,
- bool mobike, bool aggressive, bool pull_mode,
- u_int32_t dpd, u_int32_t dpd_timeout,
- bool mediation, peer_cfg_t *mediated_by,
- identification_t *peer_id)
+peer_cfg_t *peer_cfg_create(char *name, ike_cfg_t *ike_cfg,
+ peer_cfg_create_t *data)
{
private_peer_cfg_t *this;
- if (rekey_time && jitter_time > rekey_time)
+ if (data->rekey_time && data->jitter_time > data->rekey_time)
{
- jitter_time = rekey_time;
+ data->jitter_time = data->rekey_time;
}
- if (reauth_time && jitter_time > reauth_time)
+ if (data->reauth_time && data->jitter_time > data->reauth_time)
{
- jitter_time = reauth_time;
+ data->jitter_time = data->reauth_time;
}
- if (dpd && dpd_timeout && dpd > dpd_timeout)
+ if (data->dpd && data->dpd_timeout && data->dpd > data->dpd_timeout)
{
- dpd_timeout = dpd;
+ data->dpd_timeout = data->dpd;
}
INIT(this,
@@ -789,33 +782,29 @@ peer_cfg_t *peer_cfg_create(char *name,
.ike_cfg = ike_cfg,
.child_cfgs = linked_list_create(),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
- .cert_policy = cert_policy,
- .unique = unique,
- .keyingtries = keyingtries,
- .rekey_time = rekey_time,
- .reauth_time = reauth_time,
- .jitter_time = jitter_time,
- .over_time = over_time,
- .use_mobike = mobike,
- .aggressive = aggressive,
- .pull_mode = pull_mode,
- .dpd = dpd,
- .dpd_timeout = dpd_timeout,
+ .cert_policy = data->cert_policy,
+ .unique = data->unique,
+ .keyingtries = data->keyingtries,
+ .rekey_time = data->rekey_time,
+ .reauth_time = data->reauth_time,
+ .jitter_time = data->jitter_time,
+ .over_time = data->over_time,
+ .use_mobike = !data->no_mobike,
+ .aggressive = data->aggressive,
+ .pull_mode = !data->push_mode,
+ .dpd = data->dpd,
+ .dpd_timeout = data->dpd_timeout,
.vips = linked_list_create(),
.pools = linked_list_create(),
.local_auth = linked_list_create(),
.remote_auth = linked_list_create(),
.refcount = 1,
- );
-
#ifdef ME
- this->mediation = mediation;
- this->mediated_by = mediated_by;
- this->peer_id = peer_id;
-#else /* ME */
- DESTROY_IF(mediated_by);
- DESTROY_IF(peer_id);
+ .mediation = data->mediation,
+ .mediated_by = data->mediated_by,
+ .peer_id = data->peer_id,
#endif /* ME */
+ );
return &this->public;
}
diff --git a/src/libcharon/config/peer_cfg.h b/src/libcharon/config/peer_cfg.h
index b612a2ef1..8e4d5331c 100644
--- a/src/libcharon/config/peer_cfg.h
+++ b/src/libcharon/config/peer_cfg.h
@@ -1,8 +1,8 @@
/*
- * Copyright (C) 2007-2015 Tobias Brunner
+ * Copyright (C) 2007-2016 Tobias Brunner
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -26,6 +26,7 @@
typedef enum cert_policy_t cert_policy_t;
typedef enum unique_policy_t unique_policy_t;
typedef struct peer_cfg_t peer_cfg_t;
+typedef struct peer_cfg_create_t peer_cfg_create_t;
#include <library.h>
#include <utils/identification.h>
@@ -222,30 +223,30 @@ struct peer_cfg_t {
*
* @return max number retries
*/
- u_int32_t (*get_keyingtries) (peer_cfg_t *this);
+ uint32_t (*get_keyingtries) (peer_cfg_t *this);
/**
* Get a time to start rekeying.
*
- * @param jitter remove a jitter value to randomize time
+ * @param jitter subtract a jitter value to randomize time
* @return time in s when to start rekeying, 0 disables rekeying
*/
- u_int32_t (*get_rekey_time)(peer_cfg_t *this, bool jitter);
+ uint32_t (*get_rekey_time)(peer_cfg_t *this, bool jitter);
/**
* Get a time to start reauthentication.
*
- * @param jitter remove a jitter value to randomize time
+ * @param jitter subtract a jitter value to randomize time
* @return time in s when to start reauthentication, 0 disables it
*/
- u_int32_t (*get_reauth_time)(peer_cfg_t *this, bool jitter);
+ uint32_t (*get_reauth_time)(peer_cfg_t *this, bool jitter);
/**
* Get the timeout of a rekeying/reauthenticating SA.
*
* @return timeout in s
*/
- u_int32_t (*get_over_time)(peer_cfg_t *this);
+ uint32_t (*get_over_time)(peer_cfg_t *this);
/**
* Use MOBIKE (RFC4555) if peer supports it?
@@ -273,14 +274,14 @@ struct peer_cfg_t {
*
* @return dpd_delay in seconds
*/
- u_int32_t (*get_dpd) (peer_cfg_t *this);
+ uint32_t (*get_dpd) (peer_cfg_t *this);
/**
* Get the DPD timeout interval (IKEv1 only)
*
* @return dpd_timeout in seconds
*/
- u_int32_t (*get_dpd_timeout) (peer_cfg_t *this);
+ uint32_t (*get_dpd_timeout) (peer_cfg_t *this);
/**
* Add a virtual IP to request as initiator.
@@ -367,42 +368,52 @@ struct peer_cfg_t {
};
/**
+ * Data passed to the constructor of a peer_cfg_t object.
+ */
+struct peer_cfg_create_t {
+ /** Whether to send a certificate payload */
+ cert_policy_t cert_policy;
+ /** Uniqueness of an IKE_SA */
+ unique_policy_t unique;
+ /** How many keying tries should be done before giving up */
+ uint32_t keyingtries;
+ /** Timeout in seconds before starting rekeying */
+ uint32_t rekey_time;
+ /** Timeout in seconds before starting reauthentication */
+ uint32_t reauth_time;
+ /** Time range in seconds to randomly subtract from rekey/reauth time */
+ uint32_t jitter_time;
+ /** Maximum overtime in seconds before closing a rekeying/reauth SA */
+ uint32_t over_time;
+ /** Disable MOBIKE (RFC4555) */
+ bool no_mobike;
+ /** Use/accept aggressive mode with IKEv1 */
+ bool aggressive;
+ /** TRUE to use modeconfig push, FALSE for pull */
+ bool push_mode;
+ /** DPD check interval, 0 to disable */
+ uint32_t dpd;
+ /** DPD timeout interval (IKEv1 only), if 0 default applies */
+ uint32_t dpd_timeout;
+#ifdef ME
+ /** TRUE if this is a mediation connection */
+ bool mediation;
+ /** peer_cfg_t of the mediation connection to mediate through (adopted) */
+ peer_cfg_t *mediated_by;
+ /** ID that identifies our peer at the mediation server (adopted) */
+ identification_t *peer_id;
+#endif /* ME */
+};
+
+/**
* Create a configuration object for IKE_AUTH and later.
*
- * name-string gets cloned, ID's not.
- * Virtual IPs are used if they are != NULL. A %any host means the virtual
- * IP should be obtained from the other peer.
- * Lifetimes are in seconds. To prevent to peers to start rekeying at the
- * same time, a jitter may be specified. Rekeying of an SA starts at
- * (rekeylifetime - random(0, jitter)).
- *
- * @param name name of the peer_cfg
- * @param ike_cfg IKE config to use when acting as initiator
- * @param cert_policy should we send a certificate payload?
- * @param unique uniqueness of an IKE_SA
- * @param keyingtries how many keying tries should be done before giving up
- * @param rekey_time timeout before starting rekeying
- * @param reauth_time timeout before starting reauthentication
- * @param jitter_time timerange to randomly subtract from rekey/reauth time
- * @param over_time maximum overtime before closing a rekeying/reauth SA
- * @param mobike use MOBIKE (RFC4555) if peer supports it
- * @param aggressive use/accept aggressive mode with IKEv1
- * @param pull_mode TRUE to use modeconfig pull, FALSE for push
- * @param dpd DPD check interval, 0 to disable
- * @param dpd_timeout DPD timeout interval (IKEv1 only), if 0 default applies
- * @param mediation TRUE if this is a mediation connection
- * @param mediated_by peer_cfg_t of the mediation connection to mediate through
- * @param peer_id ID that identifies our peer at the mediation server
+ * @param name name of the peer_cfg (cloned)
+ * @param ike_cfg IKE config to use when acting as initiator (adopted)
+ * @param data data for this peer_cfg
* @return peer_cfg_t object
*/
-peer_cfg_t *peer_cfg_create(char *name,
- ike_cfg_t *ike_cfg, cert_policy_t cert_policy,
- unique_policy_t unique, u_int32_t keyingtries,
- u_int32_t rekey_time, u_int32_t reauth_time,
- u_int32_t jitter_time, u_int32_t over_time,
- bool mobike, bool aggressive, bool pull_mode,
- u_int32_t dpd, u_int32_t dpd_timeout,
- bool mediation, peer_cfg_t *mediated_by,
- identification_t *peer_id);
+peer_cfg_t *peer_cfg_create(char *name, ike_cfg_t *ike_cfg,
+ peer_cfg_create_t *data);
#endif /** PEER_CFG_H_ @}*/
diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c
index 95b6a00ea..a83acec23 100644
--- a/src/libcharon/config/proposal.c
+++ b/src/libcharon/config/proposal.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2014 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2006-2010 Martin Willi
* Copyright (C) 2013-2015 Andreas Steffen
* Hochschule fuer Technik Rapperswil
@@ -61,7 +61,7 @@ struct private_proposal_t {
/**
* senders SPI
*/
- u_int64_t spi;
+ uint64_t spi;
/**
* Proposal number
@@ -76,14 +76,14 @@ typedef struct {
/** Type of the transform */
transform_type_t type;
/** algorithm identifier */
- u_int16_t alg;
+ uint16_t alg;
/** key size in bits, or zero if not needed */
- u_int16_t key_size;
+ uint16_t key_size;
} entry_t;
METHOD(proposal_t, add_algorithm, void,
private_proposal_t *this, transform_type_t type,
- u_int16_t alg, u_int16_t key_size)
+ uint16_t alg, uint16_t key_size)
{
entry_t entry = {
.type = type,
@@ -97,8 +97,8 @@ METHOD(proposal_t, add_algorithm, void,
/**
* filter function for peer configs
*/
-static bool alg_filter(uintptr_t type, entry_t **in, u_int16_t *alg,
- void **unused, u_int16_t *key_size)
+static bool alg_filter(uintptr_t type, entry_t **in, uint16_t *alg,
+ void **unused, uint16_t *key_size)
{
entry_t *entry = *in;
@@ -127,7 +127,7 @@ METHOD(proposal_t, create_enumerator, enumerator_t*,
METHOD(proposal_t, get_algorithm, bool,
private_proposal_t *this, transform_type_t type,
- u_int16_t *alg, u_int16_t *key_size)
+ uint16_t *alg, uint16_t *key_size)
{
enumerator_t *enumerator;
bool found = FALSE;
@@ -147,7 +147,7 @@ METHOD(proposal_t, has_dh_group, bool,
{
bool found = FALSE, any = FALSE;
enumerator_t *enumerator;
- u_int16_t current;
+ uint16_t current;
enumerator = create_enumerator(this, DIFFIE_HELLMAN_GROUP);
while (enumerator->enumerate(enumerator, &current, NULL))
@@ -193,7 +193,7 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
proposal_t *selected, transform_type_t type, bool priv)
{
enumerator_t *e1, *e2;
- u_int16_t alg1, alg2, ks1, ks2;
+ uint16_t alg1, alg2, ks1, ks2;
bool found = FALSE, optional = FALSE;
if (type == INTEGRITY_ALGORITHM &&
@@ -210,7 +210,7 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
e1 = create_enumerator(this, type);
e2 = other->create_enumerator(other, type);
- if (!e1->enumerate(e1, NULL, NULL))
+ if (!e1->enumerate(e1, &alg1, NULL))
{
if (!e2->enumerate(e2, &alg2, NULL))
{
@@ -219,12 +219,23 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
else if (optional)
{
do
- { /* if the other peer proposes NONE, we accept the proposal */
+ { /* if NONE is proposed, we accept the proposal */
found = !alg2;
}
while (!found && e2->enumerate(e2, &alg2, NULL));
}
}
+ else if (!e2->enumerate(e2, NULL, NULL))
+ {
+ if (optional)
+ {
+ do
+ { /* if NONE is proposed, we accept the proposal */
+ found = !alg1;
+ }
+ while (!found && e1->enumerate(e1, &alg1, NULL));
+ }
+ }
e1->destroy(e1);
e1 = create_enumerator(this, type);
@@ -244,7 +255,6 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
"but peer implementation is unknown, skipped");
continue;
}
- /* ok, we have an algorithm */
selected->add_algorithm(selected, type, alg1, ks1);
found = TRUE;
break;
@@ -288,9 +298,7 @@ METHOD(proposal_t, select_proposal, proposal_t*,
}
DBG2(DBG_CFG, " proposal matches");
-
selected->set_spi(selected, other->get_spi(other));
-
return selected;
}
@@ -301,12 +309,12 @@ METHOD(proposal_t, get_protocol, protocol_id_t,
}
METHOD(proposal_t, set_spi, void,
- private_proposal_t *this, u_int64_t spi)
+ private_proposal_t *this, uint64_t spi)
{
this->spi = spi;
}
-METHOD(proposal_t, get_spi, u_int64_t,
+METHOD(proposal_t, get_spi, uint64_t,
private_proposal_t *this)
{
return this->spi;
@@ -319,7 +327,7 @@ static bool algo_list_equals(private_proposal_t *this, proposal_t *other,
transform_type_t type)
{
enumerator_t *e1, *e2;
- u_int16_t alg1, alg2, ks1, ks2;
+ uint16_t alg1, alg2, ks1, ks2;
bool equals = TRUE;
e1 = create_enumerator(this, type);
@@ -418,7 +426,7 @@ static void check_proposal(private_proposal_t *this)
{
enumerator_t *e;
entry_t *entry;
- u_int16_t alg, ks;
+ uint16_t alg, ks;
bool all_aead = TRUE;
int i;
@@ -445,6 +453,16 @@ static void check_proposal(private_proposal_t *this)
}
}
e->destroy(e);
+ /* remove MODP_NONE from IKE proposal */
+ e = array_create_enumerator(this->transforms);
+ while (e->enumerate(e, &entry))
+ {
+ if (entry->type == DIFFIE_HELLMAN_GROUP && !entry->alg)
+ {
+ array_remove_at(this->transforms, e);
+ }
+ }
+ e->destroy(e);
}
if (this->protocol == PROTO_ESP)
@@ -516,7 +534,7 @@ static int print_alg(private_proposal_t *this, printf_hook_data_t *data,
{
enumerator_t *enumerator;
size_t written = 0;
- u_int16_t alg, size;
+ uint16_t alg, size;
enumerator = create_enumerator(this, kind);
while (enumerator->enumerate(enumerator, &alg, &size))
@@ -861,16 +879,18 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead)
case MODP_768_BIT:
/* weak */
break;
- case MODP_2048_BIT:
- case MODP_2048_256:
case MODP_2048_224:
case MODP_1536_BIT:
- case MODP_1024_BIT:
case MODP_1024_160:
case ECP_224_BIT:
case ECP_224_BP:
case ECP_192_BIT:
case NTRU_112_BIT:
+ /* rarely used */
+ break;
+ case MODP_2048_BIT:
+ case MODP_2048_256:
+ case MODP_1024_BIT:
add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0);
break;
default:
diff --git a/src/libcharon/config/proposal.h b/src/libcharon/config/proposal.h
index 78b868868..f9f277820 100644
--- a/src/libcharon/config/proposal.h
+++ b/src/libcharon/config/proposal.h
@@ -78,13 +78,13 @@ struct proposal_t {
* @param key_size key size to use
*/
void (*add_algorithm) (proposal_t *this, transform_type_t type,
- u_int16_t alg, u_int16_t key_size);
+ uint16_t alg, uint16_t key_size);
/**
* Get an enumerator over algorithms for a specifc algo type.
*
* @param type kind of algorithm
- * @return enumerator over u_int16_t alg, u_int16_t key_size
+ * @return enumerator over uint16_t alg, uint16_t key_size
*/
enumerator_t *(*create_enumerator) (proposal_t *this, transform_type_t type);
@@ -99,7 +99,7 @@ struct proposal_t {
* @return TRUE if algorithm of this kind available
*/
bool (*get_algorithm) (proposal_t *this, transform_type_t type,
- u_int16_t *alg, u_int16_t *key_size);
+ uint16_t *alg, uint16_t *key_size);
/**
* Check if the proposal has a specific DH group.
@@ -141,14 +141,14 @@ struct proposal_t {
*
* @return spi for proto
*/
- u_int64_t (*get_spi) (proposal_t *this);
+ uint64_t (*get_spi) (proposal_t *this);
/**
* Set the SPI of the proposal.
*
* @param spi spi to set for proto
*/
- void (*set_spi) (proposal_t *this, u_int64_t spi);
+ void (*set_spi) (proposal_t *this, uint64_t spi);
/**
* Get the proposal number, as encoded in SA payload
diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c
index 6dd54b473..93ff70bf3 100644
--- a/src/libcharon/control/controller.c
+++ b/src/libcharon/control/controller.c
@@ -105,7 +105,7 @@ struct interface_listener_t {
/**
* unique ID, used for various methods
*/
- u_int32_t id;
+ uint32_t id;
/**
* semaphore to implement wait_for_listener()
@@ -272,6 +272,28 @@ METHOD(listener_t, ike_state_change, bool,
}
#endif /* ME */
case IKE_DESTROYING:
+ return listener_done(this);
+ default:
+ break;
+ }
+ }
+ return TRUE;
+}
+
+METHOD(listener_t, ike_state_change_terminate, bool,
+ interface_listener_t *this, ike_sa_t *ike_sa, ike_sa_state_t state)
+{
+ ike_sa_t *target;
+
+ this->lock->lock(this->lock);
+ target = this->ike_sa;
+ this->lock->unlock(this->lock);
+
+ if (target == ike_sa)
+ {
+ switch (state)
+ {
+ case IKE_DESTROYING:
if (ike_sa->get_state(ike_sa) == IKE_DELETING)
{ /* proper termination */
this->status = SUCCESS;
@@ -304,10 +326,6 @@ METHOD(listener_t, child_state_change, bool,
case CHILD_DESTROYING:
switch (child_sa->get_state(child_sa))
{
- case CHILD_DELETING:
- /* proper delete */
- this->status = SUCCESS;
- break;
case CHILD_RETRYING:
/* retrying with a different DH group; survive another
* initiation round */
@@ -331,6 +349,38 @@ METHOD(listener_t, child_state_change, bool,
return TRUE;
}
+METHOD(listener_t, child_state_change_terminate, bool,
+ interface_listener_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa,
+ child_sa_state_t state)
+{
+ ike_sa_t *target;
+
+ this->lock->lock(this->lock);
+ target = this->ike_sa;
+ this->lock->unlock(this->lock);
+
+ if (target == ike_sa)
+ {
+ switch (state)
+ {
+ case CHILD_DESTROYING:
+ switch (child_sa->get_state(child_sa))
+ {
+ case CHILD_DELETING:
+ /* proper delete */
+ this->status = SUCCESS;
+ break;
+ default:
+ break;
+ }
+ return listener_done(this);
+ default:
+ break;
+ }
+ }
+ return TRUE;
+}
+
METHOD(job_t, destroy_job, void,
interface_job_t *this)
{
@@ -493,7 +543,7 @@ METHOD(job_t, terminate_ike_execute, job_requeue_t,
interface_job_t *job)
{
interface_listener_t *listener = &job->listener;
- u_int32_t unique_id = listener->id;
+ uint32_t unique_id = listener->id;
ike_sa_t *ike_sa;
ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
@@ -528,7 +578,7 @@ METHOD(job_t, terminate_ike_execute, job_requeue_t,
}
METHOD(controller_t, terminate_ike, status_t,
- controller_t *this, u_int32_t unique_id,
+ controller_t *this, uint32_t unique_id,
controller_cb_t callback, void *param, u_int timeout)
{
interface_job_t *job;
@@ -537,8 +587,8 @@ METHOD(controller_t, terminate_ike, status_t,
INIT(job,
.listener = {
.public = {
- .ike_state_change = _ike_state_change,
- .child_state_change = _child_state_change,
+ .ike_state_change = _ike_state_change_terminate,
+ .child_state_change = _child_state_change_terminate,
},
.logger = {
.public = {
@@ -582,7 +632,7 @@ METHOD(job_t, terminate_child_execute, job_requeue_t,
interface_job_t *job)
{
interface_listener_t *listener = &job->listener;
- u_int32_t id = listener->id;
+ uint32_t id = listener->id;
child_sa_t *child_sa;
ike_sa_t *ike_sa;
@@ -630,7 +680,7 @@ METHOD(job_t, terminate_child_execute, job_requeue_t,
}
METHOD(controller_t, terminate_child, status_t,
- controller_t *this, u_int32_t unique_id,
+ controller_t *this, uint32_t unique_id,
controller_cb_t callback, void *param, u_int timeout)
{
interface_job_t *job;
@@ -639,8 +689,8 @@ METHOD(controller_t, terminate_child, status_t,
INIT(job,
.listener = {
.public = {
- .ike_state_change = _ike_state_change,
- .child_state_change = _child_state_change,
+ .ike_state_change = _ike_state_change_terminate,
+ .child_state_change = _child_state_change_terminate,
},
.logger = {
.public = {
diff --git a/src/libcharon/control/controller.h b/src/libcharon/control/controller.h
index 5ffeac522..9524f53b9 100644
--- a/src/libcharon/control/controller.h
+++ b/src/libcharon/control/controller.h
@@ -111,7 +111,7 @@ struct controller_t {
* - NEED_MORE, if callback returned FALSE
* - OUT_OF_RES if timed out
*/
- status_t (*terminate_ike)(controller_t *this, u_int32_t unique_id,
+ status_t (*terminate_ike)(controller_t *this, uint32_t unique_id,
controller_cb_t callback, void *param,
u_int timeout);
@@ -131,7 +131,7 @@ struct controller_t {
* - NEED_MORE, if callback returned FALSE
* - OUT_OF_RES if timed out
*/
- status_t (*terminate_child)(controller_t *this, u_int32_t unique_id,
+ status_t (*terminate_child)(controller_t *this, uint32_t unique_id,
controller_cb_t callback, void *param,
u_int timeout);
diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c
index cef8b8992..532d0812e 100644
--- a/src/libcharon/daemon.c
+++ b/src/libcharon/daemon.c
@@ -1,9 +1,9 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -54,6 +54,7 @@
#include <library.h>
#include <bus/listeners/sys_logger.h>
#include <bus/listeners/file_logger.h>
+#include <collections/array.h>
#include <config/proposal.h>
#include <plugins/plugin_feature.h>
#include <kernel/kernel_handler.h>
@@ -701,46 +702,68 @@ static void destroy(private_daemon_t *this)
*/
static void run_scripts(private_daemon_t *this, char *verb)
{
+ struct {
+ char *name;
+ char *path;
+ } *script;
+ array_t *scripts = NULL;
enumerator_t *enumerator;
char *key, *value, *pos, buf[1024];
FILE *cmd;
+ /* copy the scripts so we don't hold any locks while executing them */
enumerator = lib->settings->create_key_value_enumerator(lib->settings,
"%s.%s-scripts", lib->ns, verb);
while (enumerator->enumerate(enumerator, &key, &value))
{
- DBG1(DBG_DMN, "executing %s script '%s' (%s):", verb, key, value);
- cmd = popen(value, "r");
+ INIT(script,
+ .name = key,
+ .path = value,
+ );
+ array_insert_create(&scripts, ARRAY_TAIL, script);
+ }
+ enumerator->destroy(enumerator);
+
+ enumerator = array_create_enumerator(scripts);
+ while (enumerator->enumerate(enumerator, &script))
+ {
+ DBG1(DBG_DMN, "executing %s script '%s' (%s)", verb, script->name,
+ script->path);
+ cmd = popen(script->path, "r");
if (!cmd)
{
DBG1(DBG_DMN, "executing %s script '%s' (%s) failed: %s",
- verb, key, value, strerror(errno));
- continue;
+ verb, script->name, script->path, strerror(errno));
}
- while (TRUE)
+ else
{
- if (!fgets(buf, sizeof(buf), cmd))
+ while (TRUE)
{
- if (ferror(cmd))
+ if (!fgets(buf, sizeof(buf), cmd))
{
- DBG1(DBG_DMN, "reading from %s script '%s' (%s) failed",
- verb, key, value);
+ if (ferror(cmd))
+ {
+ DBG1(DBG_DMN, "reading from %s script '%s' (%s) failed",
+ verb, script->name, script->path);
+ }
+ break;
}
- break;
- }
- else
- {
- pos = buf + strlen(buf);
- if (pos > buf && pos[-1] == '\n')
+ else
{
- pos[-1] = '\0';
+ pos = buf + strlen(buf);
+ if (pos > buf && pos[-1] == '\n')
+ {
+ pos[-1] = '\0';
+ }
+ DBG1(DBG_DMN, "%s: %s", script->name, buf);
}
- DBG1(DBG_DMN, "%s: %s", key, buf);
}
+ pclose(cmd);
}
- pclose(cmd);
+ free(script);
}
enumerator->destroy(enumerator);
+ array_destroy(scripts);
}
METHOD(daemon_t, start, void,
diff --git a/src/libcharon/encoding/generator.c b/src/libcharon/encoding/generator.c
index a0a508f53..41aacd4ed 100644
--- a/src/libcharon/encoding/generator.c
+++ b/src/libcharon/encoding/generator.c
@@ -68,22 +68,22 @@ struct private_generator_t {
/**
* Buffer used to generate the data into.
*/
- u_int8_t *buffer;
+ uint8_t *buffer;
/**
* Current write position in buffer (one byte aligned).
*/
- u_int8_t *out_position;
+ uint8_t *out_position;
/**
* Position of last byte in buffer.
*/
- u_int8_t *roof_position;
+ uint8_t *roof_position;
/**
* Current bit writing to in current byte (between 0 and 7).
*/
- u_int8_t current_bit;
+ uint8_t current_bit;
/**
* Associated data struct to read informations from.
@@ -93,7 +93,7 @@ struct private_generator_t {
/**
* Offset of the header length field in the buffer.
*/
- u_int32_t header_length_offset;
+ uint32_t header_length_offset;
/**
* Attribute format of the last generated transform attribute.
@@ -107,7 +107,7 @@ struct private_generator_t {
* Depending on the value of attribute_format this field is used
* to hold the length of the transform attribute in bytes.
*/
- u_int16_t attribute_length;
+ uint16_t attribute_length;
/**
* TRUE, if debug messages should be logged during generation.
@@ -142,7 +142,7 @@ static int get_length(private_generator_t *this)
/**
* Get current offset in buffer (in bytes).
*/
-static u_int32_t get_offset(private_generator_t *this)
+static uint32_t get_offset(private_generator_t *this)
{
return this->out_position - this->buffer;
}
@@ -179,7 +179,7 @@ static void write_bytes_to_buffer(private_generator_t *this, void *bytes,
int number_of_bytes)
{
int i;
- u_int8_t *read_position = (u_int8_t *)bytes;
+ uint8_t *read_position = (uint8_t *)bytes;
make_space_available(this, number_of_bytes * 8);
@@ -195,7 +195,7 @@ static void write_bytes_to_buffer(private_generator_t *this, void *bytes,
* Generates a U_INT-Field type and writes it to buffer.
*/
static void generate_u_int_type(private_generator_t *this,
- encoding_type_t int_type,u_int32_t offset)
+ encoding_type_t int_type,uint32_t offset)
{
int number_of_bits = 0;
@@ -242,12 +242,12 @@ static void generate_u_int_type(private_generator_t *this,
{
case U_INT_4:
{
- u_int8_t high, low;
+ uint8_t high, low;
if (this->current_bit == 0)
{
/* high of current byte in buffer has to be set to the new value*/
- high = *((u_int8_t *)(this->data_struct + offset)) << 4;
+ high = *((uint8_t *)(this->data_struct + offset)) << 4;
/* low in buffer is not changed */
low = *(this->out_position) & 0x0F;
/* high is set, low_val is not changed */
@@ -264,7 +264,7 @@ static void generate_u_int_type(private_generator_t *this,
/* high in buffer is not changed */
high = *(this->out_position) & 0xF0;
/* low of current byte in buffer has to be set to the new value*/
- low = *((u_int8_t *)(this->data_struct + offset)) & 0x0F;
+ low = *((uint8_t *)(this->data_struct + offset)) & 0x0F;
*(this->out_position) = high | low;
if (this->debug)
{
@@ -287,7 +287,7 @@ static void generate_u_int_type(private_generator_t *this,
case U_INT_8:
{
/* 8 bit values are written as they are */
- *this->out_position = *((u_int8_t *)(this->data_struct + offset));
+ *this->out_position = *((uint8_t *)(this->data_struct + offset));
if (this->debug)
{
DBG3(DBG_ENC, " => %d", *(this->out_position));
@@ -297,8 +297,8 @@ static void generate_u_int_type(private_generator_t *this,
}
case ATTRIBUTE_TYPE:
{
- u_int8_t attribute_format_flag;
- u_int16_t val;
+ uint8_t attribute_format_flag;
+ uint16_t val;
/* attribute type must not change first bit of current byte */
if (this->current_bit != 1)
@@ -308,7 +308,7 @@ static void generate_u_int_type(private_generator_t *this,
}
attribute_format_flag = *(this->out_position) & 0x80;
/* get attribute type value as 16 bit integer*/
- val = *((u_int16_t*)(this->data_struct + offset));
+ val = *((uint16_t*)(this->data_struct + offset));
/* unset most significant bit */
val &= 0x7FFF;
if (attribute_format_flag)
@@ -321,7 +321,7 @@ static void generate_u_int_type(private_generator_t *this,
DBG3(DBG_ENC, " => %d", val);
}
/* write bytes to buffer (set bit is overwritten) */
- write_bytes_to_buffer(this, &val, sizeof(u_int16_t));
+ write_bytes_to_buffer(this, &val, sizeof(uint16_t));
this->current_bit = 0;
break;
@@ -330,33 +330,33 @@ static void generate_u_int_type(private_generator_t *this,
case PAYLOAD_LENGTH:
case ATTRIBUTE_LENGTH:
{
- u_int16_t val = htons(*((u_int16_t*)(this->data_struct + offset)));
+ uint16_t val = htons(*((uint16_t*)(this->data_struct + offset)));
if (this->debug)
{
- DBG3(DBG_ENC, " %b", &val, sizeof(u_int16_t));
+ DBG3(DBG_ENC, " %b", &val, sizeof(uint16_t));
}
- write_bytes_to_buffer(this, &val, sizeof(u_int16_t));
+ write_bytes_to_buffer(this, &val, sizeof(uint16_t));
break;
}
case U_INT_32:
{
- u_int32_t val = htonl(*((u_int32_t*)(this->data_struct + offset)));
+ uint32_t val = htonl(*((uint32_t*)(this->data_struct + offset)));
if (this->debug)
{
- DBG3(DBG_ENC, " %b", &val, sizeof(u_int32_t));
+ DBG3(DBG_ENC, " %b", &val, sizeof(uint32_t));
}
- write_bytes_to_buffer(this, &val, sizeof(u_int32_t));
+ write_bytes_to_buffer(this, &val, sizeof(uint32_t));
break;
}
case IKE_SPI:
{
/* 64 bit are written as-is, no host order conversion */
write_bytes_to_buffer(this, this->data_struct + offset,
- sizeof(u_int64_t));
+ sizeof(uint64_t));
if (this->debug)
{
DBG3(DBG_ENC, " %b", this->data_struct + offset,
- sizeof(u_int64_t));
+ sizeof(uint64_t));
}
break;
}
@@ -372,10 +372,10 @@ static void generate_u_int_type(private_generator_t *this,
/**
* Generate a FLAG filed
*/
-static void generate_flag(private_generator_t *this, u_int32_t offset)
+static void generate_flag(private_generator_t *this, uint32_t offset)
{
- u_int8_t flag_value;
- u_int8_t flag;
+ uint8_t flag_value;
+ uint8_t flag;
flag_value = (*((bool *) (this->data_struct + offset))) ? 1 : 0;
/* get flag position */
@@ -406,7 +406,7 @@ static void generate_flag(private_generator_t *this, u_int32_t offset)
/**
* Generates a bytestream from a chunk_t.
*/
-static void generate_from_chunk(private_generator_t *this, u_int32_t offset)
+static void generate_from_chunk(private_generator_t *this, uint32_t offset)
{
chunk_t *value;
@@ -427,11 +427,11 @@ static void generate_from_chunk(private_generator_t *this, u_int32_t offset)
}
METHOD(generator_t, get_chunk, chunk_t,
- private_generator_t *this, u_int32_t **lenpos)
+ private_generator_t *this, uint32_t **lenpos)
{
chunk_t data;
- *lenpos = (u_int32_t*)(this->buffer + this->header_length_offset);
+ *lenpos = (uint32_t*)(this->buffer + this->header_length_offset);
data = chunk_create(this->buffer, get_length(this));
if (this->debug)
{
@@ -537,7 +537,7 @@ METHOD(generator_t, generate_payload, void,
generate_u_int_type(this, U_INT_16, rules[i].offset);
/* this field hold the length of the attribute */
this->attribute_length =
- *((u_int16_t *)(this->data_struct + rules[i].offset));
+ *((uint16_t *)(this->data_struct + rules[i].offset));
}
break;
case ATTRIBUTE_VALUE:
diff --git a/src/libcharon/encoding/generator.h b/src/libcharon/encoding/generator.h
index c2c0aad2a..375530776 100644
--- a/src/libcharon/encoding/generator.h
+++ b/src/libcharon/encoding/generator.h
@@ -57,7 +57,7 @@ struct generator_t {
* @param lenpos receives a pointer to fill in length value
* @param return chunk to internal buffer.
*/
- chunk_t (*get_chunk) (generator_t *this, u_int32_t **lenpos);
+ chunk_t (*get_chunk) (generator_t *this, uint32_t **lenpos);
/**
* Destroys a generator_t object.
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index bbdc4629d..1fd644203 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -829,7 +829,7 @@ typedef struct {
* fragments we expect.
* For IKEv2 we store the total number of fragment we received last.
*/
- u_int16_t last;
+ uint16_t last;
/**
* Length of all currently received fragments.
@@ -858,12 +858,12 @@ struct private_message_t {
/**
* Minor version of message.
*/
- u_int8_t major_version;
+ uint8_t major_version;
/**
* Major version of message.
*/
- u_int8_t minor_version;
+ uint8_t minor_version;
/**
* First Payload in message.
@@ -903,7 +903,7 @@ struct private_message_t {
/**
* Message ID of this message.
*/
- u_int32_t message_id;
+ uint32_t message_id;
/**
* ID of assigned IKE_SA.
@@ -953,7 +953,7 @@ struct private_message_t {
typedef struct {
/** fragment number */
- u_int8_t num;
+ uint8_t num;
/** fragment data */
chunk_t data;
@@ -1024,48 +1024,48 @@ METHOD(message_t, get_ike_sa_id, ike_sa_id_t*,
}
METHOD(message_t, set_message_id, void,
- private_message_t *this,u_int32_t message_id)
+ private_message_t *this,uint32_t message_id)
{
this->message_id = message_id;
}
-METHOD(message_t, get_message_id, u_int32_t,
+METHOD(message_t, get_message_id, uint32_t,
private_message_t *this)
{
return this->message_id;
}
-METHOD(message_t, get_initiator_spi, u_int64_t,
+METHOD(message_t, get_initiator_spi, uint64_t,
private_message_t *this)
{
return (this->ike_sa_id->get_initiator_spi(this->ike_sa_id));
}
-METHOD(message_t, get_responder_spi, u_int64_t,
+METHOD(message_t, get_responder_spi, uint64_t,
private_message_t *this)
{
return (this->ike_sa_id->get_responder_spi(this->ike_sa_id));
}
METHOD(message_t, set_major_version, void,
- private_message_t *this, u_int8_t major_version)
+ private_message_t *this, uint8_t major_version)
{
this->major_version = major_version;
}
-METHOD(message_t, get_major_version, u_int8_t,
+METHOD(message_t, get_major_version, uint8_t,
private_message_t *this)
{
return this->major_version;
}
METHOD(message_t, set_minor_version, void,
- private_message_t *this,u_int8_t minor_version)
+ private_message_t *this,uint8_t minor_version)
{
this->minor_version = minor_version;
}
-METHOD(message_t, get_minor_version, u_int8_t,
+METHOD(message_t, get_minor_version, uint8_t,
private_message_t *this)
{
return this->minor_version;
@@ -1331,7 +1331,7 @@ static char* get_string(private_message_t *this, char *buf, int len)
if (payload->get_type(payload) == PLV2_EAP)
{
eap_payload_t *eap = (eap_payload_t*)payload;
- u_int32_t vendor;
+ uint32_t vendor;
eap_type_t type;
char method[64] = "";
@@ -1790,7 +1790,7 @@ static status_t finalize_message(private_message_t *this, keymat_t *keymat,
{
keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
chunk_t chunk;
- u_int32_t *lenpos;
+ uint32_t *lenpos;
if (encrypted)
{
@@ -1893,7 +1893,7 @@ static message_t *clone_message(private_message_t *this)
* Create a single fragment with the given data
*/
static message_t *create_fragment(private_message_t *this, payload_type_t next,
- u_int16_t num, u_int16_t count, chunk_t data)
+ uint16_t num, uint16_t count, chunk_t data)
{
enumerator_t *enumerator;
payload_t *fragment, *payload;
@@ -1972,11 +1972,11 @@ METHOD(message_t, fragment, status_t,
message_t *fragment;
packet_t *packet;
payload_type_t next = PL_NONE;
- u_int16_t num, count;
+ uint16_t num, count;
host_t *src, *dst;
chunk_t data;
status_t status;
- u_int32_t *lenpos;
+ uint32_t *lenpos;
size_t len;
src = this->packet->get_source(this->packet);
@@ -2703,7 +2703,7 @@ METHOD(message_t, parse_body, status_t,
/**
* Store the fragment data for the fragment with the given fragment number.
*/
-static status_t add_fragment(private_message_t *this, u_int16_t num,
+static status_t add_fragment(private_message_t *this, uint16_t num,
chunk_t data)
{
fragment_t *fragment;
@@ -2777,7 +2777,7 @@ METHOD(message_t, add_fragment_v1, status_t,
{
fragment_payload_t *payload;
chunk_t data;
- u_int8_t num;
+ uint8_t num;
status_t status;
if (!this->frag)
@@ -2840,7 +2840,7 @@ METHOD(message_t, add_fragment_v2, status_t,
payload_t *payload;
enumerator_t *enumerator;
chunk_t data;
- u_int16_t total, num;
+ uint16_t total, num;
status_t status;
if (!this->frag)
diff --git a/src/libcharon/encoding/message.h b/src/libcharon/encoding/message.h
index a03aa8e96..8c4372974 100644
--- a/src/libcharon/encoding/message.h
+++ b/src/libcharon/encoding/message.h
@@ -49,56 +49,56 @@ struct message_t {
*
* @param major_version major version to set
*/
- void (*set_major_version) (message_t *this, u_int8_t major_version);
+ void (*set_major_version) (message_t *this, uint8_t major_version);
/**
* Gets the IKE major version of the message.
*
* @return major version of the message
*/
- u_int8_t (*get_major_version) (message_t *this);
+ uint8_t (*get_major_version) (message_t *this);
/**
* Sets the IKE minor version of the message.
*
* @param minor_version minor version to set
*/
- void (*set_minor_version) (message_t *this, u_int8_t minor_version);
+ void (*set_minor_version) (message_t *this, uint8_t minor_version);
/**
* Gets the IKE minor version of the message.
*
* @return minor version of the message
*/
- u_int8_t (*get_minor_version) (message_t *this);
+ uint8_t (*get_minor_version) (message_t *this);
/**
* Sets the Message ID of the message.
*
* @param message_id message_id to set
*/
- void (*set_message_id) (message_t *this, u_int32_t message_id);
+ void (*set_message_id) (message_t *this, uint32_t message_id);
/**
* Gets the Message ID of the message.
*
* @return message_id type of the message
*/
- u_int32_t (*get_message_id) (message_t *this);
+ uint32_t (*get_message_id) (message_t *this);
/**
* Gets the initiator SPI of the message.
*
* @return initiator spi of the message
*/
- u_int64_t (*get_initiator_spi) (message_t *this);
+ uint64_t (*get_initiator_spi) (message_t *this);
/**
* Gets the responder SPI of the message.
*
* @return responder spi of the message
*/
- u_int64_t (*get_responder_spi) (message_t *this);
+ uint64_t (*get_responder_spi) (message_t *this);
/**
* Sets the IKE_SA ID of the message.
diff --git a/src/libcharon/encoding/parser.c b/src/libcharon/encoding/parser.c
index f8340367e..c9d6b0d8f 100644
--- a/src/libcharon/encoding/parser.c
+++ b/src/libcharon/encoding/parser.c
@@ -61,27 +61,27 @@ struct private_parser_t {
/**
* major IKE version
*/
- u_int8_t major_version;
+ uint8_t major_version;
/**
* Current bit for reading in input data.
*/
- u_int8_t bit_pos;
+ uint8_t bit_pos;
/**
* Current byte for reading in input data.
*/
- u_int8_t *byte_pos;
+ uint8_t *byte_pos;
/**
* Input data to parse.
*/
- u_int8_t *input;
+ uint8_t *input;
/**
* Roof of input, used for length-checking.
*/
- u_int8_t *input_roof;
+ uint8_t *input_roof;
/**
* Set of encoding rules for this parsing session.
@@ -113,9 +113,9 @@ static bool bad_bitpos(private_parser_t *this, int number)
* Parse a 4-Bit unsigned integer from the current parsing position.
*/
static bool parse_uint4(private_parser_t *this, int rule_number,
- u_int8_t *output_pos)
+ uint8_t *output_pos)
{
- if (this->byte_pos + sizeof(u_int8_t) > this->input_roof)
+ if (this->byte_pos + sizeof(uint8_t) > this->input_roof)
{
return short_input(this, rule_number);
}
@@ -150,9 +150,9 @@ static bool parse_uint4(private_parser_t *this, int rule_number,
* Parse a 8-Bit unsigned integer from the current parsing position.
*/
static bool parse_uint8(private_parser_t *this, int rule_number,
- u_int8_t *output_pos)
+ uint8_t *output_pos)
{
- if (this->byte_pos + sizeof(u_int8_t) > this->input_roof)
+ if (this->byte_pos + sizeof(uint8_t) > this->input_roof)
{
return short_input(this, rule_number);
}
@@ -173,9 +173,9 @@ static bool parse_uint8(private_parser_t *this, int rule_number,
* Parse a 15-Bit unsigned integer from the current parsing position.
*/
static bool parse_uint15(private_parser_t *this, int rule_number,
- u_int16_t *output_pos)
+ uint16_t *output_pos)
{
- if (this->byte_pos + sizeof(u_int16_t) > this->input_roof)
+ if (this->byte_pos + sizeof(uint16_t) > this->input_roof)
{
return short_input(this, rule_number);
}
@@ -185,11 +185,11 @@ static bool parse_uint15(private_parser_t *this, int rule_number,
}
if (output_pos)
{
- memcpy(output_pos, this->byte_pos, sizeof(u_int16_t));
+ memcpy(output_pos, this->byte_pos, sizeof(uint16_t));
*output_pos = ntohs(*output_pos) & ~0x8000;
DBG3(DBG_ENC, " => %hu", *output_pos);
}
- this->byte_pos += sizeof(u_int16_t);
+ this->byte_pos += sizeof(uint16_t);
this->bit_pos = 0;
return TRUE;
}
@@ -198,9 +198,9 @@ static bool parse_uint15(private_parser_t *this, int rule_number,
* Parse a 16-Bit unsigned integer from the current parsing position.
*/
static bool parse_uint16(private_parser_t *this, int rule_number,
- u_int16_t *output_pos)
+ uint16_t *output_pos)
{
- if (this->byte_pos + sizeof(u_int16_t) > this->input_roof)
+ if (this->byte_pos + sizeof(uint16_t) > this->input_roof)
{
return short_input(this, rule_number);
}
@@ -210,20 +210,20 @@ static bool parse_uint16(private_parser_t *this, int rule_number,
}
if (output_pos)
{
- memcpy(output_pos, this->byte_pos, sizeof(u_int16_t));
+ memcpy(output_pos, this->byte_pos, sizeof(uint16_t));
*output_pos = ntohs(*output_pos);
DBG3(DBG_ENC, " => %hu", *output_pos);
}
- this->byte_pos += sizeof(u_int16_t);
+ this->byte_pos += sizeof(uint16_t);
return TRUE;
}
/**
* Parse a 32-Bit unsigned integer from the current parsing position.
*/
static bool parse_uint32(private_parser_t *this, int rule_number,
- u_int32_t *output_pos)
+ uint32_t *output_pos)
{
- if (this->byte_pos + sizeof(u_int32_t) > this->input_roof)
+ if (this->byte_pos + sizeof(uint32_t) > this->input_roof)
{
return short_input(this, rule_number);
}
@@ -233,11 +233,11 @@ static bool parse_uint32(private_parser_t *this, int rule_number,
}
if (output_pos)
{
- memcpy(output_pos, this->byte_pos, sizeof(u_int32_t));
+ memcpy(output_pos, this->byte_pos, sizeof(uint32_t));
*output_pos = ntohl(*output_pos);
DBG3(DBG_ENC, " => %u", *output_pos);
}
- this->byte_pos += sizeof(u_int32_t);
+ this->byte_pos += sizeof(uint32_t);
return TRUE;
}
@@ -245,7 +245,7 @@ static bool parse_uint32(private_parser_t *this, int rule_number,
* Parse a given amount of bytes and writes them to a specific location
*/
static bool parse_bytes(private_parser_t *this, int rule_number,
- u_int8_t *output_pos, int bytes)
+ uint8_t *output_pos, int bytes)
{
if (this->byte_pos + bytes > this->input_roof)
{
@@ -270,13 +270,13 @@ static bool parse_bytes(private_parser_t *this, int rule_number,
static bool parse_bit(private_parser_t *this, int rule_number,
bool *output_pos)
{
- if (this->byte_pos + sizeof(u_int8_t) > this->input_roof)
+ if (this->byte_pos + sizeof(uint8_t) > this->input_roof)
{
return short_input(this, rule_number);
}
if (output_pos)
{
- u_int8_t mask;
+ uint8_t mask;
mask = 0x01 << (7 - this->bit_pos);
*output_pos = *this->byte_pos & mask;
@@ -312,7 +312,7 @@ static bool parse_list(private_parser_t *this, int rule_number,
}
while (length > 0)
{
- u_int8_t *pos_before = this->byte_pos;
+ uint8_t *pos_before = this->byte_pos;
payload_t *payload;
DBG2(DBG_ENC, " %d bytes left, parsing recursively %N",
@@ -368,7 +368,7 @@ METHOD(parser_t, parse_payload, status_t,
payload_t *pld;
void *output;
int payload_length = 0, spi_size = 0, attribute_length = 0, header_length;
- u_int16_t ts_type = 0;
+ uint16_t ts_type = 0;
bool attribute_format = FALSE;
int rule_number, rule_count;
encoding_rule_t *rule;
@@ -468,7 +468,7 @@ METHOD(parser_t, parse_payload, status_t,
return PARSE_ERROR;
}
/* parsed u_int16 should be aligned */
- payload_length = *(u_int16_t*)(output + rule->offset);
+ payload_length = *(uint16_t*)(output + rule->offset);
/* all payloads must have at least 4 bytes header */
if (payload_length < 4)
{
@@ -484,7 +484,7 @@ METHOD(parser_t, parse_payload, status_t,
pld->destroy(pld);
return PARSE_ERROR;
}
- spi_size = *(u_int8_t*)(output + rule->offset);
+ spi_size = *(uint8_t*)(output + rule->offset);
break;
}
case SPI:
@@ -564,7 +564,7 @@ METHOD(parser_t, parse_payload, status_t,
pld->destroy(pld);
return PARSE_ERROR;
}
- attribute_length = *(u_int16_t*)(output + rule->offset);
+ attribute_length = *(uint16_t*)(output + rule->offset);
break;
}
case ATTRIBUTE_LENGTH_OR_VALUE:
@@ -574,7 +574,7 @@ METHOD(parser_t, parse_payload, status_t,
pld->destroy(pld);
return PARSE_ERROR;
}
- attribute_length = *(u_int16_t*)(output + rule->offset);
+ attribute_length = *(uint16_t*)(output + rule->offset);
break;
}
case ATTRIBUTE_VALUE:
@@ -595,7 +595,7 @@ METHOD(parser_t, parse_payload, status_t,
pld->destroy(pld);
return PARSE_ERROR;
}
- ts_type = *(u_int8_t*)(output + rule->offset);
+ ts_type = *(uint8_t*)(output + rule->offset);
break;
}
case ADDRESS:
@@ -642,7 +642,7 @@ METHOD(parser_t, reset_context, void,
}
METHOD(parser_t, set_major_version, void,
- private_parser_t *this, u_int8_t major_version)
+ private_parser_t *this, uint8_t major_version)
{
this->major_version = major_version;
}
diff --git a/src/libcharon/encoding/parser.h b/src/libcharon/encoding/parser.h
index 5fd3e86ee..8f073556e 100644
--- a/src/libcharon/encoding/parser.h
+++ b/src/libcharon/encoding/parser.h
@@ -68,7 +68,7 @@ struct parser_t {
*
* @param major_version the major IKE version
*/
- void (*set_major_version) (parser_t *this, u_int8_t major_version);
+ void (*set_major_version) (parser_t *this, uint8_t major_version);
/**
* Destroys a parser_t object.
diff --git a/src/libcharon/encoding/payloads/auth_payload.c b/src/libcharon/encoding/payloads/auth_payload.c
index ee3ed54fd..9d03bb694 100644
--- a/src/libcharon/encoding/payloads/auth_payload.c
+++ b/src/libcharon/encoding/payloads/auth_payload.c
@@ -35,7 +35,7 @@ struct private_auth_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -50,17 +50,17 @@ struct private_auth_payload_t {
/**
* Reserved bytes
*/
- u_int8_t reserved_byte[3];
+ uint8_t reserved_byte[3];
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Method of the AUTH Data.
*/
- u_int8_t auth_method;
+ uint8_t auth_method;
/**
* The contained auth data value.
diff --git a/src/libcharon/encoding/payloads/cert_payload.c b/src/libcharon/encoding/payloads/cert_payload.c
index 43993ae48..ea25ca73c 100644
--- a/src/libcharon/encoding/payloads/cert_payload.c
+++ b/src/libcharon/encoding/payloads/cert_payload.c
@@ -55,7 +55,7 @@ struct private_cert_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -70,12 +70,12 @@ struct private_cert_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Encoding of the CERT Data.
*/
- u_int8_t encoding;
+ uint8_t encoding;
/**
* The contained cert data value.
diff --git a/src/libcharon/encoding/payloads/certreq_payload.c b/src/libcharon/encoding/payloads/certreq_payload.c
index 6ac90a2a0..09bfa2458 100644
--- a/src/libcharon/encoding/payloads/certreq_payload.c
+++ b/src/libcharon/encoding/payloads/certreq_payload.c
@@ -38,7 +38,7 @@ struct private_certreq_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -53,12 +53,12 @@ struct private_certreq_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Encoding of the CERT Data.
*/
- u_int8_t encoding;
+ uint8_t encoding;
/**
* The contained certreq data value.
diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c
index 4ecdf569d..32e4828ba 100644
--- a/src/libcharon/encoding/payloads/configuration_attribute.c
+++ b/src/libcharon/encoding/payloads/configuration_attribute.c
@@ -48,12 +48,12 @@ struct private_configuration_attribute_t {
/**
* Type of the attribute.
*/
- u_int16_t attr_type;
+ uint16_t attr_type;
/**
* Length of the attribute, value if af_flag set.
*/
- u_int16_t length_or_value;
+ uint16_t length_or_value;
/**
* Attribute value as chunk.
@@ -272,7 +272,7 @@ METHOD(configuration_attribute_t, get_chunk, chunk_t,
return this->value;
}
-METHOD(configuration_attribute_t, get_value, u_int16_t,
+METHOD(configuration_attribute_t, get_value, uint16_t,
private_configuration_attribute_t *this)
{
if (this->af_flag)
@@ -328,7 +328,7 @@ configuration_attribute_t *configuration_attribute_create_chunk(
this = (private_configuration_attribute_t*)
configuration_attribute_create(type);
- this->attr_type = ((u_int16_t)attr_type) & 0x7FFF;
+ this->attr_type = ((uint16_t)attr_type) & 0x7FFF;
this->value = chunk_clone(chunk);
this->length_or_value = chunk.len;
@@ -339,13 +339,13 @@ configuration_attribute_t *configuration_attribute_create_chunk(
* Described in header.
*/
configuration_attribute_t *configuration_attribute_create_value(
- configuration_attribute_type_t attr_type, u_int16_t value)
+ configuration_attribute_type_t attr_type, uint16_t value)
{
private_configuration_attribute_t *this;
this = (private_configuration_attribute_t*)
configuration_attribute_create(PLV1_CONFIGURATION_ATTRIBUTE);
- this->attr_type = ((u_int16_t)attr_type) & 0x7FFF;
+ this->attr_type = ((uint16_t)attr_type) & 0x7FFF;
this->length_or_value = value;
this->af_flag = TRUE;
diff --git a/src/libcharon/encoding/payloads/configuration_attribute.h b/src/libcharon/encoding/payloads/configuration_attribute.h
index 946c1b500..417ba731b 100644
--- a/src/libcharon/encoding/payloads/configuration_attribute.h
+++ b/src/libcharon/encoding/payloads/configuration_attribute.h
@@ -57,7 +57,7 @@ struct configuration_attribute_t {
*
* @return attribute value
*/
- u_int16_t (*get_value) (configuration_attribute_t *this);
+ uint16_t (*get_value) (configuration_attribute_t *this);
/**
* Destroys an configuration_attribute_t object.
@@ -92,6 +92,6 @@ configuration_attribute_t *configuration_attribute_create_chunk(
* @return created PLV1_CONFIGURATION_ATTRIBUTE configuration attribute
*/
configuration_attribute_t *configuration_attribute_create_value(
- configuration_attribute_type_t attr_type, u_int16_t value);
+ configuration_attribute_type_t attr_type, uint16_t value);
#endif /** CONFIGURATION_ATTRIBUTE_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/cp_payload.c b/src/libcharon/encoding/payloads/cp_payload.c
index ef9df84f7..d86693ee2 100644
--- a/src/libcharon/encoding/payloads/cp_payload.c
+++ b/src/libcharon/encoding/payloads/cp_payload.c
@@ -44,7 +44,7 @@ struct private_cp_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -59,17 +59,17 @@ struct private_cp_payload_t {
/**
* Reserved bytes
*/
- u_int8_t reserved_byte[3];
+ uint8_t reserved_byte[3];
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Identifier field, IKEv1 only
*/
- u_int16_t identifier;
+ uint16_t identifier;
/**
* List of attributes, as configuration_attribute_t
@@ -79,7 +79,7 @@ struct private_cp_payload_t {
/**
* Config Type.
*/
- u_int8_t cfg_type;
+ uint8_t cfg_type;
/**
* PLV2_CONFIGURATION or PLV1_CONFIGURATION
@@ -269,13 +269,13 @@ METHOD(cp_payload_t, get_config_type, config_type_t,
return this->cfg_type;
}
-METHOD(cp_payload_t, get_identifier, u_int16_t,
+METHOD(cp_payload_t, get_identifier, uint16_t,
private_cp_payload_t *this)
{
return this->identifier;
}
METHOD(cp_payload_t, set_identifier, void,
- private_cp_payload_t *this, u_int16_t identifier)
+ private_cp_payload_t *this, uint16_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/encoding/payloads/cp_payload.h b/src/libcharon/encoding/payloads/cp_payload.h
index d466989d6..3e4763fb6 100644
--- a/src/libcharon/encoding/payloads/cp_payload.h
+++ b/src/libcharon/encoding/payloads/cp_payload.h
@@ -82,14 +82,14 @@ struct cp_payload_t {
*
@param identifier identifier to set
*/
- void (*set_identifier) (cp_payload_t *this, u_int16_t identifier);
+ void (*set_identifier) (cp_payload_t *this, uint16_t identifier);
/**
* Get the configuration payload identifier (IKEv1 only).
*
* @return identifier
*/
- u_int16_t (*get_identifier) (cp_payload_t *this);
+ uint16_t (*get_identifier) (cp_payload_t *this);
/**
* Destroys an cp_payload_t object.
diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c
index f11ea485c..584e6f22b 100644
--- a/src/libcharon/encoding/payloads/delete_payload.c
+++ b/src/libcharon/encoding/payloads/delete_payload.c
@@ -36,7 +36,7 @@ struct private_delete_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -51,27 +51,27 @@ struct private_delete_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* IKEv1 Domain of Interpretation
*/
- u_int32_t doi;
+ uint32_t doi;
/**
* Protocol ID.
*/
- u_int8_t protocol_id;
+ uint8_t protocol_id;
/**
* SPI Size.
*/
- u_int8_t spi_size;
+ uint8_t spi_size;
/**
* Number of SPI's.
*/
- u_int16_t spi_count;
+ uint16_t spi_count;
/**
* The contained SPI's.
@@ -257,7 +257,7 @@ METHOD(delete_payload_t, get_protocol_id, protocol_id_t,
}
METHOD(delete_payload_t, add_spi, void,
- private_delete_payload_t *this, u_int32_t spi)
+ private_delete_payload_t *this, uint32_t spi)
{
switch (this->protocol_id)
{
@@ -273,7 +273,7 @@ METHOD(delete_payload_t, add_spi, void,
}
METHOD(delete_payload_t, set_ike_spi, void,
- private_delete_payload_t *this, u_int64_t spi_i, u_int64_t spi_r)
+ private_delete_payload_t *this, uint64_t spi_i, uint64_t spi_r)
{
free(this->spis.ptr);
this->spis = chunk_cat("cc", chunk_from_thing(spi_i),
@@ -283,15 +283,15 @@ METHOD(delete_payload_t, set_ike_spi, void,
}
METHOD(delete_payload_t, get_ike_spi, bool,
- private_delete_payload_t *this, u_int64_t *spi_i, u_int64_t *spi_r)
+ private_delete_payload_t *this, uint64_t *spi_i, uint64_t *spi_r)
{
if (this->protocol_id != PROTO_IKE ||
- this->spis.len < 2 * sizeof(u_int64_t))
+ this->spis.len < 2 * sizeof(uint64_t))
{
return FALSE;
}
- memcpy(spi_i, this->spis.ptr, sizeof(u_int64_t));
- memcpy(spi_r, this->spis.ptr + sizeof(u_int64_t), sizeof(u_int64_t));
+ memcpy(spi_i, this->spis.ptr, sizeof(uint64_t));
+ memcpy(spi_r, this->spis.ptr + sizeof(uint64_t), sizeof(uint64_t));
return TRUE;
}
@@ -306,7 +306,7 @@ typedef struct {
} spi_enumerator_t;
METHOD(enumerator_t, spis_enumerate, bool,
- spi_enumerator_t *this, u_int32_t *spi)
+ spi_enumerator_t *this, uint32_t *spi)
{
if (this->spis.len >= sizeof(*spi))
{
@@ -322,7 +322,7 @@ METHOD(delete_payload_t, create_spi_enumerator, enumerator_t*,
{
spi_enumerator_t *e;
- if (this->spi_size != sizeof(u_int32_t))
+ if (this->spi_size != sizeof(uint32_t))
{
return enumerator_create_empty();
}
diff --git a/src/libcharon/encoding/payloads/delete_payload.h b/src/libcharon/encoding/payloads/delete_payload.h
index 6728718cd..06ed76c2e 100644
--- a/src/libcharon/encoding/payloads/delete_payload.h
+++ b/src/libcharon/encoding/payloads/delete_payload.h
@@ -51,7 +51,7 @@ struct delete_payload_t {
*
* @param spi spi to add
*/
- void (*add_spi) (delete_payload_t *this, u_int32_t spi);
+ void (*add_spi) (delete_payload_t *this, uint32_t spi);
/**
* Set the IKE SPIs for an IKEv1 delete.
@@ -59,7 +59,7 @@ struct delete_payload_t {
* @param spi_i initiator SPI
* @param spi_r responder SPI
*/
- void (*set_ike_spi)(delete_payload_t *this, u_int64_t spi_i, u_int64_t spi_r);
+ void (*set_ike_spi)(delete_payload_t *this, uint64_t spi_i, uint64_t spi_r);
/**
* Get the IKE SPIs from an IKEv1 delete.
@@ -68,12 +68,12 @@ struct delete_payload_t {
* @param spi_r responder SPI
* @return TRUE if SPIs extracted successfully
*/
- bool (*get_ike_spi)(delete_payload_t *this, u_int64_t *spi_i, u_int64_t *spi_r);
+ bool (*get_ike_spi)(delete_payload_t *this, uint64_t *spi_i, uint64_t *spi_r);
/**
* Get an enumerator over the SPIs in network order.
*
- * @return enumerator over SPIs, u_int32_t
+ * @return enumerator over SPIs, uint32_t
*/
enumerator_t *(*create_spi_enumerator) (delete_payload_t *this);
diff --git a/src/libcharon/encoding/payloads/eap_payload.c b/src/libcharon/encoding/payloads/eap_payload.c
index ebdf8a3fe..8c3fc5933 100644
--- a/src/libcharon/encoding/payloads/eap_payload.c
+++ b/src/libcharon/encoding/payloads/eap_payload.c
@@ -38,7 +38,7 @@ struct private_eap_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -53,7 +53,7 @@ struct private_eap_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* EAP message data, if available
@@ -102,8 +102,8 @@ static encoding_rule_t encodings[] = {
METHOD(payload_t, verify, status_t,
private_eap_payload_t *this)
{
- u_int16_t length;
- u_int8_t code;
+ uint16_t length;
+ uint8_t code;
if (this->data.len < 4)
{
@@ -208,7 +208,7 @@ METHOD(eap_payload_t, get_code, eap_code_t,
return 0;
}
-METHOD(eap_payload_t, get_identifier, u_int8_t,
+METHOD(eap_payload_t, get_identifier, uint8_t,
private_eap_payload_t *this)
{
if (this->data.len > 1)
@@ -224,7 +224,7 @@ METHOD(eap_payload_t, get_identifier, u_int8_t,
* @return the new offset or 0 if failed
*/
static size_t extract_type(private_eap_payload_t *this, size_t offset,
- eap_type_t *type, u_int32_t *vendor)
+ eap_type_t *type, uint32_t *vendor)
{
if (this->data.len > offset)
{
@@ -245,7 +245,7 @@ static size_t extract_type(private_eap_payload_t *this, size_t offset,
}
METHOD(eap_payload_t, get_type, eap_type_t,
- private_eap_payload_t *this, u_int32_t *vendor)
+ private_eap_payload_t *this, uint32_t *vendor)
{
eap_type_t type;
@@ -270,7 +270,7 @@ typedef struct {
} type_enumerator_t;
METHOD(enumerator_t, enumerate_types, bool,
- type_enumerator_t *this, eap_type_t *type, u_int32_t *vendor)
+ type_enumerator_t *this, eap_type_t *type, uint32_t *vendor)
{
this->offset = extract_type(this->payload, this->offset, type, vendor);
return this->offset;
@@ -281,7 +281,7 @@ METHOD(eap_payload_t, get_types, enumerator_t*,
{
type_enumerator_t *enumerator;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
size_t offset;
offset = extract_type(this, 4, &type, &vendor);
@@ -373,7 +373,7 @@ eap_payload_t *eap_payload_create_data_own(chunk_t data)
/*
* Described in header
*/
-eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier)
+eap_payload_t *eap_payload_create_code(eap_code_t code, uint8_t identifier)
{
chunk_t data;
@@ -385,7 +385,7 @@ eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier)
/**
* Write the given type either expanded or not
*/
-static void write_type(bio_writer_t *writer, eap_type_t type, u_int32_t vendor,
+static void write_type(bio_writer_t *writer, eap_type_t type, uint32_t vendor,
bool expanded)
{
if (expanded)
@@ -403,12 +403,12 @@ static void write_type(bio_writer_t *writer, eap_type_t type, u_int32_t vendor,
/*
* Described in header
*/
-eap_payload_t *eap_payload_create_nak(u_int8_t identifier, eap_type_t type,
- u_int32_t vendor, bool expanded)
+eap_payload_t *eap_payload_create_nak(uint8_t identifier, eap_type_t type,
+ uint32_t vendor, bool expanded)
{
enumerator_t *enumerator;
eap_type_t reg_type;
- u_int32_t reg_vendor;
+ uint32_t reg_vendor;
bio_writer_t *writer;
chunk_t data;
bool added_any = FALSE, found_vendor = FALSE;
diff --git a/src/libcharon/encoding/payloads/eap_payload.h b/src/libcharon/encoding/payloads/eap_payload.h
index e8ed1c5e7..abaefde28 100644
--- a/src/libcharon/encoding/payloads/eap_payload.h
+++ b/src/libcharon/encoding/payloads/eap_payload.h
@@ -72,7 +72,7 @@ struct eap_payload_t {
*
* @return unique identifier
*/
- u_int8_t (*get_identifier) (eap_payload_t *this);
+ uint8_t (*get_identifier) (eap_payload_t *this);
/**
* Get the EAP method type.
@@ -80,13 +80,13 @@ struct eap_payload_t {
* @param vendor pointer receiving vendor identifier
* @return EAP method type, vendor specific if vendor != 0
*/
- eap_type_t (*get_type) (eap_payload_t *this, u_int32_t *vendor);
+ eap_type_t (*get_type) (eap_payload_t *this, uint32_t *vendor);
/**
* Enumerate the EAP method types contained in an EAP-Nak (i.e. get_type()
* returns EAP_NAK).
*
- * @return enumerator over (eap_type_t type, u_int32_t vendor)
+ * @return enumerator over (eap_type_t type, uint32_t vendor)
*/
enumerator_t* (*get_types) (eap_payload_t *this);
@@ -136,7 +136,7 @@ eap_payload_t *eap_payload_create_data_own(chunk_t data);
* @param identifier EAP identifier to use in payload
* @return eap_payload_t object
*/
-eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier);
+eap_payload_t *eap_payload_create_code(eap_code_t code, uint8_t identifier);
/**
* Creates an eap_payload_t EAP_RESPONSE containing an EAP_NAK.
@@ -147,7 +147,7 @@ eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier);
* @param expanded TRUE to send an expanded Nak
* @return eap_payload_t object
*/
-eap_payload_t *eap_payload_create_nak(u_int8_t identifier, eap_type_t type,
- u_int32_t vendor, bool expanded);
+eap_payload_t *eap_payload_create_nak(uint8_t identifier, eap_type_t type,
+ uint32_t vendor, bool expanded);
#endif /** EAP_PAYLOAD_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/encodings.h b/src/libcharon/encoding/payloads/encodings.h
index 54830bc8c..442bf7489 100644
--- a/src/libcharon/encoding/payloads/encodings.h
+++ b/src/libcharon/encoding/payloads/encodings.h
@@ -289,10 +289,10 @@ enum encoding_type_t {
/**
* Representating an IKE_SPI field in an IKEv2 Header.
*
- * When generating the value of the u_int64_t pointing to
+ * When generating the value of the uint64_t pointing to
* is written (host and networ order is not changed).
*
- * When parsing 8 bytes are read and written into the u_int64_t pointing to.
+ * When parsing 8 bytes are read and written into the uint64_t pointing to.
*/
IKE_SPI,
@@ -342,7 +342,7 @@ struct encoding_rule_t {
* When generating, data are read from this offset in the
* data struct.
*/
- u_int32_t offset;
+ uint32_t offset;
};
#endif /** ENCODINGS_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/encrypted_fragment_payload.h b/src/libcharon/encoding/payloads/encrypted_fragment_payload.h
index 1c2cc379f..6ff61dd65 100644
--- a/src/libcharon/encoding/payloads/encrypted_fragment_payload.h
+++ b/src/libcharon/encoding/payloads/encrypted_fragment_payload.h
@@ -42,14 +42,14 @@ struct encrypted_fragment_payload_t {
*
* @return fragment number
*/
- u_int16_t (*get_fragment_number)(encrypted_fragment_payload_t *this);
+ uint16_t (*get_fragment_number)(encrypted_fragment_payload_t *this);
/**
* Get the total number of fragments.
*
* @return total number of fragments
*/
- u_int16_t (*get_total_fragments)(encrypted_fragment_payload_t *this);
+ uint16_t (*get_total_fragments)(encrypted_fragment_payload_t *this);
/**
* Get the (decrypted) content of this payload.
@@ -80,6 +80,6 @@ encrypted_fragment_payload_t *encrypted_fragment_payload_create();
* @return encrypted_fragment_payload_t object
*/
encrypted_fragment_payload_t *encrypted_fragment_payload_create_from_data(
- u_int16_t num, u_int16_t total, chunk_t data);
+ uint16_t num, uint16_t total, chunk_t data);
#endif /** ENCRYPTED_FRAGMENT_PAYLOAD_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/encrypted_payload.c b/src/libcharon/encoding/payloads/encrypted_payload.c
index d1a267836..a033f6081 100644
--- a/src/libcharon/encoding/payloads/encrypted_payload.c
+++ b/src/libcharon/encoding/payloads/encrypted_payload.c
@@ -43,17 +43,17 @@ struct private_encrypted_payload_t {
* next_payload means here the first payload of the
* contained, encrypted payload.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Flags, including reserved bits
*/
- u_int8_t flags;
+ uint8_t flags;
/**
* Length of this payload
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Chunk containing the IV, plain, padding and ICV.
@@ -88,17 +88,17 @@ struct private_encrypted_fragment_payload_t {
* the original encrypted payload, for all other fragments it MUST be set
* to zero.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Flags, including reserved bits
*/
- u_int8_t flags;
+ uint8_t flags;
/**
* Length of this payload
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Chunk containing the IV, plain, padding and ICV.
@@ -108,12 +108,12 @@ struct private_encrypted_fragment_payload_t {
/**
* Fragment number
*/
- u_int16_t fragment_number;
+ uint16_t fragment_number;
/**
* Total fragments
*/
- u_int16_t total_fragments;
+ uint16_t total_fragments;
/**
* AEAD transform to use
@@ -366,7 +366,7 @@ static chunk_t generate(private_encrypted_payload_t *this,
{
payload_t *current, *next;
enumerator_t *enumerator;
- u_int32_t *lenpos;
+ uint32_t *lenpos;
chunk_t chunk = chunk_empty;
enumerator = this->payloads->create_enumerator(this->payloads);
@@ -402,9 +402,9 @@ METHOD(encrypted_payload_t, generate_payloads, void,
static chunk_t append_header(private_encrypted_payload_t *this, chunk_t assoc)
{
struct {
- u_int8_t next_payload;
- u_int8_t flags;
- u_int16_t length;
+ uint8_t next_payload;
+ uint8_t flags;
+ uint16_t length;
} __attribute__((packed)) header = {
.next_payload = this->next_payload,
.flags = this->flags,
@@ -416,7 +416,7 @@ static chunk_t append_header(private_encrypted_payload_t *this, chunk_t assoc)
/**
* Encrypts the data in plain and returns it in an allocated chunk.
*/
-static status_t encrypt_content(char *label, aead_t *aead, u_int64_t mid,
+static status_t encrypt_content(char *label, aead_t *aead, uint64_t mid,
chunk_t plain, chunk_t assoc, chunk_t *encrypted)
{
chunk_t iv, padding, icv, crypt;
@@ -486,7 +486,7 @@ static status_t encrypt_content(char *label, aead_t *aead, u_int64_t mid,
}
METHOD(encrypted_payload_t, encrypt, status_t,
- private_encrypted_payload_t *this, u_int64_t mid, chunk_t assoc)
+ private_encrypted_payload_t *this, uint64_t mid, chunk_t assoc)
{
generator_t *generator;
chunk_t plain;
@@ -512,7 +512,7 @@ METHOD(encrypted_payload_t, encrypt, status_t,
}
METHOD(encrypted_payload_t, encrypt_v1, status_t,
- private_encrypted_payload_t *this, u_int64_t mid, chunk_t iv)
+ private_encrypted_payload_t *this, uint64_t mid, chunk_t iv)
{
generator_t *generator;
chunk_t plain, padding;
@@ -869,13 +869,13 @@ METHOD2(payload_t, encrypted_payload_t, frag_get_length, size_t,
return this->payload_length;
}
-METHOD(encrypted_fragment_payload_t, get_fragment_number, u_int16_t,
+METHOD(encrypted_fragment_payload_t, get_fragment_number, uint16_t,
private_encrypted_fragment_payload_t *this)
{
return this->fragment_number;
}
-METHOD(encrypted_fragment_payload_t, get_total_fragments, u_int16_t,
+METHOD(encrypted_fragment_payload_t, get_total_fragments, uint16_t,
private_encrypted_fragment_payload_t *this)
{
return this->total_fragments;
@@ -906,11 +906,11 @@ static chunk_t append_header_frag(private_encrypted_fragment_payload_t *this,
chunk_t assoc)
{
struct {
- u_int8_t next_payload;
- u_int8_t flags;
- u_int16_t length;
- u_int16_t fragment_number;
- u_int16_t total_fragments;
+ uint8_t next_payload;
+ uint8_t flags;
+ uint16_t length;
+ uint16_t fragment_number;
+ uint16_t total_fragments;
} __attribute__((packed)) header = {
.next_payload = this->next_payload,
.flags = this->flags,
@@ -922,7 +922,7 @@ static chunk_t append_header_frag(private_encrypted_fragment_payload_t *this,
}
METHOD(encrypted_payload_t, frag_encrypt, status_t,
- private_encrypted_fragment_payload_t *this, u_int64_t mid, chunk_t assoc)
+ private_encrypted_fragment_payload_t *this, uint64_t mid, chunk_t assoc)
{
status_t status;
@@ -1015,7 +1015,7 @@ encrypted_fragment_payload_t *encrypted_fragment_payload_create()
* Described in header
*/
encrypted_fragment_payload_t *encrypted_fragment_payload_create_from_data(
- u_int16_t num, u_int16_t total, chunk_t plain)
+ uint16_t num, uint16_t total, chunk_t plain)
{
private_encrypted_fragment_payload_t *this;
diff --git a/src/libcharon/encoding/payloads/encrypted_payload.h b/src/libcharon/encoding/payloads/encrypted_payload.h
index be59e3c2d..19c60c5be 100644
--- a/src/libcharon/encoding/payloads/encrypted_payload.h
+++ b/src/libcharon/encoding/payloads/encrypted_payload.h
@@ -88,7 +88,7 @@ struct encrypted_payload_t {
* - FAILED if encryption failed
* - INVALID_STATE if aead not supplied, but needed
*/
- status_t (*encrypt) (encrypted_payload_t *this, u_int64_t mid,
+ status_t (*encrypt) (encrypted_payload_t *this, uint64_t mid,
chunk_t assoc);
/**
diff --git a/src/libcharon/encoding/payloads/endpoint_notify.c b/src/libcharon/encoding/payloads/endpoint_notify.c
index ebe5f32f7..afeee72e4 100644
--- a/src/libcharon/encoding/payloads/endpoint_notify.c
+++ b/src/libcharon/encoding/payloads/endpoint_notify.c
@@ -33,7 +33,7 @@ struct private_endpoint_notify_t {
/**
* Priority
*/
- u_int32_t priority;
+ uint32_t priority;
/**
* Family
@@ -83,36 +83,36 @@ static private_endpoint_notify_t *endpoint_notify_create();
/**
* Helper functions to parse integer values
*/
-static status_t parse_uint8(u_int8_t **cur, u_int8_t *top, u_int8_t *val)
+static status_t parse_uint8(uint8_t **cur, uint8_t *top, uint8_t *val)
{
- if (*cur + sizeof(u_int8_t) > top)
+ if (*cur + sizeof(uint8_t) > top)
{
return FAILED;
}
- *val = *(u_int8_t*)*cur;
- *cur += sizeof(u_int8_t);
+ *val = *(uint8_t*)*cur;
+ *cur += sizeof(uint8_t);
return SUCCESS;
}
-static status_t parse_uint16(u_int8_t **cur, u_int8_t *top, u_int16_t *val)
+static status_t parse_uint16(uint8_t **cur, uint8_t *top, uint16_t *val)
{
- if (*cur + sizeof(u_int16_t) > top)
+ if (*cur + sizeof(uint16_t) > top)
{
return FAILED;
}
- *val = ntohs(*(u_int16_t*)*cur);
- *cur += sizeof(u_int16_t);
+ *val = ntohs(*(uint16_t*)*cur);
+ *cur += sizeof(uint16_t);
return SUCCESS;
}
-static status_t parse_uint32(u_int8_t **cur, u_int8_t *top, u_int32_t *val)
+static status_t parse_uint32(uint8_t **cur, uint8_t *top, uint32_t *val)
{
- if (*cur + sizeof(u_int32_t) > top)
+ if (*cur + sizeof(uint32_t) > top)
{
return FAILED;
}
- *val = ntohl(*(u_int32_t*)*cur);
- *cur += sizeof(u_int32_t);
+ *val = ntohl(*(uint32_t*)*cur);
+ *cur += sizeof(uint32_t);
return SUCCESS;
}
@@ -121,11 +121,11 @@ static status_t parse_uint32(u_int8_t **cur, u_int8_t *top, u_int32_t *val)
*/
static status_t parse_notification_data(private_endpoint_notify_t *this, chunk_t data)
{
- u_int8_t family, type, addr_family;
- u_int16_t port;
+ uint8_t family, type, addr_family;
+ uint16_t port;
chunk_t addr;
- u_int8_t *cur = data.ptr;
- u_int8_t *top = data.ptr + data.len;
+ uint8_t *cur = data.ptr;
+ uint8_t *top = data.ptr + data.len;
DBG3(DBG_IKE, "me_endpoint_data %B", &data);
@@ -191,9 +191,9 @@ static chunk_t build_notification_data(private_endpoint_notify_t *this)
{
chunk_t prio_chunk, family_chunk, type_chunk, port_chunk, addr_chunk;
chunk_t data;
- u_int32_t prio;
- u_int16_t port;
- u_int8_t family, type;
+ uint32_t prio;
+ uint16_t port;
+ uint8_t family, type;
prio = htonl(this->priority);
prio_chunk = chunk_from_thing(prio);
@@ -237,14 +237,14 @@ METHOD(endpoint_notify_t, build_notify, notify_payload_t*,
}
-METHOD(endpoint_notify_t, get_priority, u_int32_t,
+METHOD(endpoint_notify_t, get_priority, uint32_t,
private_endpoint_notify_t *this)
{
return this->priority;
}
METHOD(endpoint_notify_t, set_priority, void,
- private_endpoint_notify_t *this, u_int32_t priority)
+ private_endpoint_notify_t *this, uint32_t priority)
{
this->priority = priority;
}
diff --git a/src/libcharon/encoding/payloads/endpoint_notify.h b/src/libcharon/encoding/payloads/endpoint_notify.h
index 853aadf3d..f4cf89fd7 100644
--- a/src/libcharon/encoding/payloads/endpoint_notify.h
+++ b/src/libcharon/encoding/payloads/endpoint_notify.h
@@ -82,14 +82,14 @@ struct endpoint_notify_t {
*
* @return priority
*/
- u_int32_t (*get_priority) (endpoint_notify_t *this);
+ uint32_t (*get_priority) (endpoint_notify_t *this);
/**
* Sets the priority of this endpoint.
*
* @param priority priority
*/
- void (*set_priority) (endpoint_notify_t *this, u_int32_t priority);
+ void (*set_priority) (endpoint_notify_t *this, uint32_t priority);
/**
* Returns the endpoint type of this endpoint.
diff --git a/src/libcharon/encoding/payloads/fragment_payload.c b/src/libcharon/encoding/payloads/fragment_payload.c
index 7f158f548..fecd05f05 100644
--- a/src/libcharon/encoding/payloads/fragment_payload.c
+++ b/src/libcharon/encoding/payloads/fragment_payload.c
@@ -35,32 +35,32 @@ struct private_fragment_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Reserved byte
*/
- u_int8_t reserved;
+ uint8_t reserved;
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Fragment ID.
*/
- u_int16_t fragment_id;
+ uint16_t fragment_id;
/**
* Fragment number.
*/
- u_int8_t fragment_number;
+ uint8_t fragment_number;
/**
* Flags
*/
- u_int8_t flags;
+ uint8_t flags;
/**
* The contained fragment data.
@@ -145,13 +145,13 @@ METHOD(payload_t, get_length, size_t,
return this->payload_length;
}
-METHOD(fragment_payload_t, get_id, u_int16_t,
+METHOD(fragment_payload_t, get_id, uint16_t,
private_fragment_payload_t *this)
{
return this->fragment_id;
}
-METHOD(fragment_payload_t, get_number, u_int8_t,
+METHOD(fragment_payload_t, get_number, uint8_t,
private_fragment_payload_t *this)
{
return this->fragment_number;
@@ -210,7 +210,7 @@ fragment_payload_t *fragment_payload_create()
/*
* Described in header
*/
-fragment_payload_t *fragment_payload_create_from_data(u_int8_t num, bool last,
+fragment_payload_t *fragment_payload_create_from_data(uint8_t num, bool last,
chunk_t data)
{
private_fragment_payload_t *this;
diff --git a/src/libcharon/encoding/payloads/fragment_payload.h b/src/libcharon/encoding/payloads/fragment_payload.h
index a49cf32dd..a756601a0 100644
--- a/src/libcharon/encoding/payloads/fragment_payload.h
+++ b/src/libcharon/encoding/payloads/fragment_payload.h
@@ -42,14 +42,14 @@ struct fragment_payload_t {
*
* @return fragment ID
*/
- u_int16_t (*get_id)(fragment_payload_t *this);
+ uint16_t (*get_id)(fragment_payload_t *this);
/**
* Get the fragment number. Defines the order of the fragments.
*
* @return fragment number
*/
- u_int8_t (*get_number)(fragment_payload_t *this);
+ uint8_t (*get_number)(fragment_payload_t *this);
/**
* Check if this is the last fragment.
@@ -88,7 +88,7 @@ fragment_payload_t *fragment_payload_create();
* @param data fragment data (gets cloned)
* @return fragment_payload_t object
*/
-fragment_payload_t *fragment_payload_create_from_data(u_int8_t num, bool last,
+fragment_payload_t *fragment_payload_create_from_data(uint8_t num, bool last,
chunk_t data);
#endif /** FRAGMENT_PAYLOAD_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/hash_payload.c b/src/libcharon/encoding/payloads/hash_payload.c
index a12b018e5..eac820742 100644
--- a/src/libcharon/encoding/payloads/hash_payload.c
+++ b/src/libcharon/encoding/payloads/hash_payload.c
@@ -34,17 +34,17 @@ struct private_hash_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Reserved byte
*/
- u_int8_t reserved;
+ uint8_t reserved;
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* The contained hash value.
diff --git a/src/libcharon/encoding/payloads/id_payload.c b/src/libcharon/encoding/payloads/id_payload.c
index bb8aab748..ae0b19a9d 100644
--- a/src/libcharon/encoding/payloads/id_payload.c
+++ b/src/libcharon/encoding/payloads/id_payload.c
@@ -38,7 +38,7 @@ struct private_id_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -53,17 +53,17 @@ struct private_id_payload_t {
/**
* Reserved bytes
*/
- u_int8_t reserved_byte[3];
+ uint8_t reserved_byte[3];
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Type of the ID Data.
*/
- u_int8_t id_type;
+ uint8_t id_type;
/**
* The contained id data value.
@@ -73,12 +73,12 @@ struct private_id_payload_t {
/**
* Tunneled protocol ID for IKEv1 quick modes.
*/
- u_int8_t protocol_id;
+ uint8_t protocol_id;
/**
* Tunneled port for IKEv1 quick modes.
*/
- u_int16_t port;
+ uint16_t port;
/**
* one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, IDv1 and PLV1_NAT_OA
@@ -334,7 +334,7 @@ METHOD(id_payload_t, get_ts, traffic_selector_t*,
METHOD(id_payload_t, get_encoded, chunk_t,
private_id_payload_t *this)
{
- u_int16_t port = htons(this->port);
+ uint16_t port = htons(this->port);
return chunk_cat("cccc", chunk_from_thing(this->id_type),
chunk_from_thing(this->protocol_id),
chunk_from_thing(port), this->id_data);
@@ -400,7 +400,7 @@ id_payload_t *id_payload_create_from_identification(payload_type_t type,
id_payload_t *id_payload_create_from_ts(traffic_selector_t *ts)
{
private_id_payload_t *this;
- u_int8_t mask;
+ uint8_t mask;
host_t *net;
this = (private_id_payload_t*)id_payload_create(PLV1_ID);
@@ -419,7 +419,7 @@ id_payload_t *id_payload_create_from_ts(traffic_selector_t *ts)
}
else if (ts->to_subnet(ts, &net, &mask))
{
- u_int8_t netmask[16], len, byte;
+ uint8_t netmask[16], len, byte;
if (ts->get_type(ts) == TS_IPV4_ADDR_RANGE)
{
diff --git a/src/libcharon/encoding/payloads/ike_header.c b/src/libcharon/encoding/payloads/ike_header.c
index c96738a34..61a0424e3 100644
--- a/src/libcharon/encoding/payloads/ike_header.c
+++ b/src/libcharon/encoding/payloads/ike_header.c
@@ -37,31 +37,31 @@ struct private_ike_header_t {
/**
* SPI of the initiator.
*/
- u_int64_t initiator_spi;
+ uint64_t initiator_spi;
/**
* SPI of the responder.
*/
- u_int64_t responder_spi;
+ uint64_t responder_spi;
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* IKE major version.
*/
- u_int8_t maj_version;
+ uint8_t maj_version;
/**
* IKE minor version.
*/
- u_int8_t min_version;
+ uint8_t min_version;
/**
* Exchange type .
*/
- u_int8_t exchange_type;
+ uint8_t exchange_type;
/**
* Flags of the Message.
@@ -106,12 +106,12 @@ struct private_ike_header_t {
/**
* Associated Message-ID.
*/
- u_int32_t message_id;
+ uint32_t message_id;
/**
* Length of the whole IKEv2-Message (header and all payloads).
*/
- u_int32_t length;
+ uint32_t length;
};
ENUM_BEGIN(exchange_type_names, ID_PROT, TRANSACTION,
@@ -290,50 +290,50 @@ METHOD(payload_t, get_length, size_t,
return this->length;
}
-METHOD(ike_header_t, get_initiator_spi, u_int64_t,
+METHOD(ike_header_t, get_initiator_spi, uint64_t,
private_ike_header_t *this)
{
return this->initiator_spi;
}
METHOD(ike_header_t, set_initiator_spi, void,
- private_ike_header_t *this, u_int64_t initiator_spi)
+ private_ike_header_t *this, uint64_t initiator_spi)
{
this->initiator_spi = initiator_spi;
}
-METHOD(ike_header_t, get_responder_spi, u_int64_t,
+METHOD(ike_header_t, get_responder_spi, uint64_t,
private_ike_header_t *this)
{
return this->responder_spi;
}
METHOD(ike_header_t, set_responder_spi, void,
- private_ike_header_t *this, u_int64_t responder_spi)
+ private_ike_header_t *this, uint64_t responder_spi)
{
this->responder_spi = responder_spi;
}
-METHOD(ike_header_t, get_maj_version, u_int8_t,
+METHOD(ike_header_t, get_maj_version, uint8_t,
private_ike_header_t *this)
{
return this->maj_version;
}
METHOD(ike_header_t, set_maj_version, void,
- private_ike_header_t *this, u_int8_t major)
+ private_ike_header_t *this, uint8_t major)
{
this->maj_version = major;
}
-METHOD(ike_header_t, get_min_version, u_int8_t,
+METHOD(ike_header_t, get_min_version, uint8_t,
private_ike_header_t *this)
{
return this->min_version;
}
METHOD(ike_header_t, set_min_version, void,
- private_ike_header_t *this, u_int8_t minor)
+ private_ike_header_t *this, uint8_t minor)
{
this->min_version = minor;
}
@@ -411,26 +411,26 @@ METHOD(ike_header_t, set_authonly_flag, void,
this->flags.authonly = authonly;
}
-METHOD(ike_header_t, get_exchange_type, u_int8_t,
+METHOD(ike_header_t, get_exchange_type, uint8_t,
private_ike_header_t *this)
{
return this->exchange_type;
}
METHOD(ike_header_t, set_exchange_type, void,
- private_ike_header_t *this, u_int8_t exchange_type)
+ private_ike_header_t *this, uint8_t exchange_type)
{
this->exchange_type = exchange_type;
}
-METHOD(ike_header_t, get_message_id, u_int32_t,
+METHOD(ike_header_t, get_message_id, uint32_t,
private_ike_header_t *this)
{
return this->message_id;
}
METHOD(ike_header_t, set_message_id, void,
- private_ike_header_t *this, u_int32_t message_id)
+ private_ike_header_t *this, uint32_t message_id)
{
this->message_id = message_id;
}
diff --git a/src/libcharon/encoding/payloads/ike_header.h b/src/libcharon/encoding/payloads/ike_header.h
index d9a44dd0c..fa89c3939 100644
--- a/src/libcharon/encoding/payloads/ike_header.h
+++ b/src/libcharon/encoding/payloads/ike_header.h
@@ -153,56 +153,56 @@ struct ike_header_t {
*
* @return initiator_spi
*/
- u_int64_t (*get_initiator_spi) (ike_header_t *this);
+ uint64_t (*get_initiator_spi) (ike_header_t *this);
/**
* Set the initiator spi.
*
* @param initiator_spi initiator_spi
*/
- void (*set_initiator_spi) (ike_header_t *this, u_int64_t initiator_spi);
+ void (*set_initiator_spi) (ike_header_t *this, uint64_t initiator_spi);
/**
* Get the responder spi.
*
* @return responder_spi
*/
- u_int64_t (*get_responder_spi) (ike_header_t *this);
+ uint64_t (*get_responder_spi) (ike_header_t *this);
/**
* Set the responder spi.
*
* @param responder_spi responder_spi
*/
- void (*set_responder_spi) (ike_header_t *this, u_int64_t responder_spi);
+ void (*set_responder_spi) (ike_header_t *this, uint64_t responder_spi);
/**
* Get the major version.
*
* @return major version
*/
- u_int8_t (*get_maj_version) (ike_header_t *this);
+ uint8_t (*get_maj_version) (ike_header_t *this);
/**
* Set the major version.
*
* @param major major version
*/
- void (*set_maj_version) (ike_header_t *this, u_int8_t major);
+ void (*set_maj_version) (ike_header_t *this, uint8_t major);
/**
* Get the minor version.
*
* @return minor version
*/
- u_int8_t (*get_min_version) (ike_header_t *this);
+ uint8_t (*get_min_version) (ike_header_t *this);
/**
* Set the minor version.
*
* @param minor minor version
*/
- void (*set_min_version) (ike_header_t *this, u_int8_t minor);
+ void (*set_min_version) (ike_header_t *this, uint8_t minor);
/**
* Get the response flag.
@@ -293,28 +293,28 @@ struct ike_header_t {
*
* @return exchange type
*/
- u_int8_t (*get_exchange_type) (ike_header_t *this);
+ uint8_t (*get_exchange_type) (ike_header_t *this);
/**
* Set the exchange type.
*
* @param exchange_type exchange type
*/
- void (*set_exchange_type) (ike_header_t *this, u_int8_t exchange_type);
+ void (*set_exchange_type) (ike_header_t *this, uint8_t exchange_type);
/**
* Get the message id.
*
* @return message id
*/
- u_int32_t (*get_message_id) (ike_header_t *this);
+ uint32_t (*get_message_id) (ike_header_t *this);
/**
* Set the message id.
*
* @param initiator_spi message id
*/
- void (*set_message_id) (ike_header_t *this, u_int32_t message_id);
+ void (*set_message_id) (ike_header_t *this, uint32_t message_id);
/**
* Destroys a ike_header_t object.
diff --git a/src/libcharon/encoding/payloads/ke_payload.c b/src/libcharon/encoding/payloads/ke_payload.c
index 50fd73f90..37f3adf88 100644
--- a/src/libcharon/encoding/payloads/ke_payload.c
+++ b/src/libcharon/encoding/payloads/ke_payload.c
@@ -36,7 +36,7 @@ struct private_ke_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -51,17 +51,17 @@ struct private_ke_payload_t {
/**
* Reserved bytes
*/
- u_int8_t reserved_byte[2];
+ uint8_t reserved_byte[2];
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* DH Group Number.
*/
- u_int16_t dh_group_number;
+ uint16_t dh_group_number;
/**
* Key Exchange Data of this KE payload.
diff --git a/src/libcharon/encoding/payloads/nonce_payload.c b/src/libcharon/encoding/payloads/nonce_payload.c
index b0d1c601a..17a0417dc 100644
--- a/src/libcharon/encoding/payloads/nonce_payload.c
+++ b/src/libcharon/encoding/payloads/nonce_payload.c
@@ -37,7 +37,7 @@ struct private_nonce_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -52,7 +52,7 @@ struct private_nonce_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* The contained nonce value.
diff --git a/src/libcharon/encoding/payloads/notify_payload.c b/src/libcharon/encoding/payloads/notify_payload.c
index f32a1273f..ca7ef3a45 100644
--- a/src/libcharon/encoding/payloads/notify_payload.c
+++ b/src/libcharon/encoding/payloads/notify_payload.c
@@ -260,7 +260,7 @@ struct private_notify_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -275,27 +275,27 @@ struct private_notify_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Domain of interpretation, IKEv1 only.
*/
- u_int32_t doi;
+ uint32_t doi;
/**
* Protocol id.
*/
- u_int8_t protocol_id;
+ uint8_t protocol_id;
/**
* Spi size.
*/
- u_int8_t spi_size;
+ uint8_t spi_size;
/**
* Notify message type.
*/
- u_int16_t notify_type;
+ uint16_t notify_type;
/**
* Security parameter index (spi).
@@ -596,14 +596,14 @@ METHOD(payload_t, get_length, size_t,
return this->payload_length;
}
-METHOD(notify_payload_t, get_protocol_id, u_int8_t,
+METHOD(notify_payload_t, get_protocol_id, uint8_t,
private_notify_payload_t *this)
{
return this->protocol_id;
}
METHOD(notify_payload_t, set_protocol_id, void,
- private_notify_payload_t *this, u_int8_t protocol_id)
+ private_notify_payload_t *this, uint8_t protocol_id)
{
this->protocol_id = protocol_id;
}
@@ -620,7 +620,7 @@ METHOD(notify_payload_t, set_notify_type, void,
this->notify_type = notify_type;
}
-METHOD(notify_payload_t, get_spi, u_int32_t,
+METHOD(notify_payload_t, get_spi, uint32_t,
private_notify_payload_t *this)
{
switch (this->protocol_id)
@@ -629,7 +629,7 @@ METHOD(notify_payload_t, get_spi, u_int32_t,
case PROTO_ESP:
if (this->spi.len == 4)
{
- return *((u_int32_t*)this->spi.ptr);
+ return *((uint32_t*)this->spi.ptr);
}
default:
break;
@@ -638,7 +638,7 @@ METHOD(notify_payload_t, get_spi, u_int32_t,
}
METHOD(notify_payload_t, set_spi, void,
- private_notify_payload_t *this, u_int32_t spi)
+ private_notify_payload_t *this, uint32_t spi)
{
chunk_free(&this->spi);
switch (this->protocol_id)
@@ -646,7 +646,7 @@ METHOD(notify_payload_t, set_spi, void,
case PROTO_AH:
case PROTO_ESP:
this->spi = chunk_alloc(4);
- *((u_int32_t*)this->spi.ptr) = spi;
+ *((uint32_t*)this->spi.ptr) = spi;
break;
default:
break;
diff --git a/src/libcharon/encoding/payloads/notify_payload.h b/src/libcharon/encoding/payloads/notify_payload.h
index 690757383..04160bbfc 100644
--- a/src/libcharon/encoding/payloads/notify_payload.h
+++ b/src/libcharon/encoding/payloads/notify_payload.h
@@ -200,14 +200,14 @@ struct notify_payload_t {
*
* @return protocol id of this payload
*/
- u_int8_t (*get_protocol_id) (notify_payload_t *this);
+ uint8_t (*get_protocol_id) (notify_payload_t *this);
/**
* Sets the protocol id of this payload.
*
* @param protocol_id protocol id to set
*/
- void (*set_protocol_id) (notify_payload_t *this, u_int8_t protocol_id);
+ void (*set_protocol_id) (notify_payload_t *this, uint8_t protocol_id);
/**
* Gets the notify message type of this payload.
@@ -230,7 +230,7 @@ struct notify_payload_t {
*
* @return SPI value
*/
- u_int32_t (*get_spi) (notify_payload_t *this);
+ uint32_t (*get_spi) (notify_payload_t *this);
/**
* Sets the spi of this payload.
@@ -239,7 +239,7 @@ struct notify_payload_t {
*
* @param spi SPI value
*/
- void (*set_spi) (notify_payload_t *this, u_int32_t spi);
+ void (*set_spi) (notify_payload_t *this, uint32_t spi);
/**
* Returns the currently set spi of this payload.
diff --git a/src/libcharon/encoding/payloads/payload.c b/src/libcharon/encoding/payloads/payload.c
index f7c2754e0..6d1894edb 100644
--- a/src/libcharon/encoding/payloads/payload.c
+++ b/src/libcharon/encoding/payloads/payload.c
@@ -268,7 +268,7 @@ payload_t *payload_create(payload_type_t type)
/**
* See header.
*/
-bool payload_is_known(payload_type_t type, u_int8_t maj_ver)
+bool payload_is_known(payload_type_t type, uint8_t maj_ver)
{
if (type >= PL_HEADER)
{
diff --git a/src/libcharon/encoding/payloads/payload.h b/src/libcharon/encoding/payloads/payload.h
index 72003894f..8ba1ef9f5 100644
--- a/src/libcharon/encoding/payloads/payload.h
+++ b/src/libcharon/encoding/payloads/payload.h
@@ -413,7 +413,7 @@ payload_t *payload_create(payload_type_t type);
* @param maj_ver major IKE version (use 0 to skip version check)
* @return FALSE if payload type handled as unknown payload
*/
-bool payload_is_known(payload_type_t type, u_int8_t maj_ver);
+bool payload_is_known(payload_type_t type, uint8_t maj_ver);
/**
* Get the value field in a payload using encoding rules.
diff --git a/src/libcharon/encoding/payloads/proposal_substructure.c b/src/libcharon/encoding/payloads/proposal_substructure.c
index 65ce667c7..1a435a823 100644
--- a/src/libcharon/encoding/payloads/proposal_substructure.c
+++ b/src/libcharon/encoding/payloads/proposal_substructure.c
@@ -45,37 +45,37 @@ struct private_proposal_substructure_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* reserved byte
*/
- u_int8_t reserved;
+ uint8_t reserved;
/**
* Length of this payload.
*/
- u_int16_t proposal_length;
+ uint16_t proposal_length;
/**
* Proposal number.
*/
- u_int8_t proposal_number;
+ uint8_t proposal_number;
/**
* Protocol ID.
*/
- u_int8_t protocol_id;
+ uint8_t protocol_id;
/**
* SPI size of the following SPI.
*/
- u_int8_t spi_size;
+ uint8_t spi_size;
/**
* Number of transforms.
*/
- u_int8_t transforms_count;
+ uint8_t transforms_count;
/**
* SPI is stored as chunk.
@@ -479,24 +479,24 @@ METHOD(proposal_substructure_t, set_is_last_proposal, void,
}
METHOD(proposal_substructure_t, set_proposal_number, void,
- private_proposal_substructure_t *this,u_int8_t proposal_number)
+ private_proposal_substructure_t *this,uint8_t proposal_number)
{
this->proposal_number = proposal_number;
}
-METHOD(proposal_substructure_t, get_proposal_number, u_int8_t,
+METHOD(proposal_substructure_t, get_proposal_number, uint8_t,
private_proposal_substructure_t *this)
{
return this->proposal_number;
}
METHOD(proposal_substructure_t, set_protocol_id, void,
- private_proposal_substructure_t *this,u_int8_t protocol_id)
+ private_proposal_substructure_t *this,uint8_t protocol_id)
{
this->protocol_id = protocol_id;
}
-METHOD(proposal_substructure_t, get_protocol_id, u_int8_t,
+METHOD(proposal_substructure_t, get_protocol_id, uint8_t,
private_proposal_substructure_t *this)
{
return this->protocol_id;
@@ -518,7 +518,7 @@ METHOD(proposal_substructure_t, get_spi, chunk_t,
}
METHOD(proposal_substructure_t, get_cpi, bool,
- private_proposal_substructure_t *this, u_int16_t *cpi)
+ private_proposal_substructure_t *this, uint16_t *cpi)
{
transform_substructure_t *transform;
@@ -554,7 +554,7 @@ static void add_to_proposal_v2(proposal_t *proposal,
{
transform_attribute_t *tattr;
enumerator_t *enumerator;
- u_int16_t key_length = 0;
+ uint16_t key_length = 0;
enumerator = transform->create_attribute_enumerator(transform);
while (enumerator->enumerate(enumerator, &tattr))
@@ -576,8 +576,8 @@ static void add_to_proposal_v2(proposal_t *proposal,
* Map IKEv1 to IKEv2 algorithms
*/
typedef struct {
- u_int16_t ikev1;
- u_int16_t ikev2;
+ uint16_t ikev1;
+ uint16_t ikev2;
} algo_map_t;
/**
@@ -681,8 +681,8 @@ static algo_map_t map_auth[] = {
/**
* Map an IKEv1 to an IKEv2 identifier
*/
-static u_int16_t ikev2_from_ikev1(algo_map_t *map, int count, u_int16_t def,
- u_int16_t value)
+static uint16_t ikev2_from_ikev1(algo_map_t *map, int count, uint16_t def,
+ uint16_t value)
{
int i;
@@ -699,7 +699,7 @@ static u_int16_t ikev2_from_ikev1(algo_map_t *map, int count, u_int16_t def,
/**
* Map an IKEv2 to an IKEv1 identifier
*/
-static u_int16_t ikev1_from_ikev2(algo_map_t *map, int count, u_int16_t value)
+static uint16_t ikev1_from_ikev2(algo_map_t *map, int count, uint16_t value)
{
int i;
@@ -716,7 +716,7 @@ static u_int16_t ikev1_from_ikev2(algo_map_t *map, int count, u_int16_t value)
/**
* Get IKEv2 algorithm from IKEv1 identifier
*/
-static u_int16_t get_alg_from_ikev1(transform_type_t type, u_int16_t value)
+static uint16_t get_alg_from_ikev1(transform_type_t type, uint16_t value)
{
switch (type)
{
@@ -737,7 +737,7 @@ static u_int16_t get_alg_from_ikev1(transform_type_t type, u_int16_t value)
/**
* Get IKEv1 algorithm from IKEv2 identifier
*/
-static u_int16_t get_ikev1_from_alg(transform_type_t type, u_int16_t value)
+static uint16_t get_ikev1_from_alg(transform_type_t type, uint16_t value)
{
switch (type)
{
@@ -755,8 +755,8 @@ static u_int16_t get_ikev1_from_alg(transform_type_t type, u_int16_t value)
/**
* Get IKEv2 algorithm from IKEv1 ESP/AH transform ID
*/
-static u_int16_t get_alg_from_ikev1_transid(transform_type_t type,
- u_int16_t value)
+static uint16_t get_alg_from_ikev1_transid(transform_type_t type,
+ uint16_t value)
{
switch (type)
{
@@ -774,8 +774,8 @@ static u_int16_t get_alg_from_ikev1_transid(transform_type_t type,
/**
* Get IKEv1 ESP/AH transform ID from IKEv2 identifier
*/
-static u_int16_t get_ikev1_transid_from_alg(transform_type_t type,
- u_int16_t value)
+static uint16_t get_ikev1_transid_from_alg(transform_type_t type,
+ uint16_t value)
{
switch (type)
{
@@ -791,7 +791,7 @@ static u_int16_t get_ikev1_transid_from_alg(transform_type_t type,
/**
* Get IKEv1 authentication algorithm from IKEv2 identifier
*/
-static u_int16_t get_alg_from_ikev1_auth(u_int16_t value)
+static uint16_t get_alg_from_ikev1_auth(uint16_t value)
{
return ikev2_from_ikev1(map_auth, countof(map_auth), AUTH_UNDEFINED, value);
}
@@ -799,7 +799,7 @@ static u_int16_t get_alg_from_ikev1_auth(u_int16_t value)
/**
* Get IKEv1 authentication algorithm from IKEv2 identifier
*/
-static u_int16_t get_ikev1_auth_from_alg(u_int16_t value)
+static uint16_t get_ikev1_auth_from_alg(uint16_t value)
{
return ikev1_from_ikev2(map_auth, countof(map_auth), value);
}
@@ -807,7 +807,7 @@ static u_int16_t get_ikev1_auth_from_alg(u_int16_t value)
/**
* Get IKEv1 authentication attribute from auth_method_t
*/
-static u_int16_t get_ikev1_auth(auth_method_t method)
+static uint16_t get_ikev1_auth(auth_method_t method)
{
switch (method)
{
@@ -842,7 +842,7 @@ static u_int16_t get_ikev1_auth(auth_method_t method)
/**
* Get IKEv1 encapsulation mode
*/
-static u_int16_t get_ikev1_mode(ipsec_mode_t mode, encap_t udp)
+static uint16_t get_ikev1_mode(ipsec_mode_t mode, encap_t udp)
{
switch (mode)
{
@@ -880,8 +880,8 @@ static void add_to_proposal_v1_ike(proposal_t *proposal,
transform_attribute_type_t type;
transform_attribute_t *tattr;
enumerator_t *enumerator;
- u_int16_t value, key_length = 0;
- u_int16_t encr = ENCR_UNDEFINED;
+ uint16_t value, key_length = 0;
+ uint16_t encr = ENCR_UNDEFINED;
enumerator = transform->create_attribute_enumerator(transform);
while (enumerator->enumerate(enumerator, &tattr))
@@ -932,7 +932,8 @@ static void add_to_proposal_v1(proposal_t *proposal,
transform_attribute_type_t type;
transform_attribute_t *tattr;
enumerator_t *enumerator;
- u_int16_t encr, value, key_length = 0;
+ uint16_t encr, value, key_length = 0;
+ extended_sequence_numbers_t esn = NO_EXT_SEQ_NUMBERS;
enumerator = transform->create_attribute_enumerator(transform);
while (enumerator->enumerate(enumerator, &tattr))
@@ -952,15 +953,16 @@ static void add_to_proposal_v1(proposal_t *proposal,
proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP,
value, 0);
break;
+ case TATTR_PH2_EXT_SEQ_NUMBER:
+ esn = EXT_SEQ_NUMBERS;
+ break;
default:
break;
}
}
enumerator->destroy(enumerator);
- /* TODO-IKEv1: handle ESN attribute */
- proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS,
- NO_EXT_SEQ_NUMBERS, 0);
+ proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS, esn, 0);
if (proto == PROTO_ESP)
{
encr = get_alg_from_ikev1_transid(ENCRYPTION_ALGORITHM,
@@ -985,15 +987,15 @@ METHOD(proposal_substructure_t, get_proposals, void,
transform_substructure_t *transform;
enumerator_t *enumerator;
proposal_t *proposal = NULL;
- u_int64_t spi = 0;
+ uint64_t spi = 0;
switch (this->spi.len)
{
case 4:
- spi = *((u_int32_t*)this->spi.ptr);
+ spi = *((uint32_t*)this->spi.ptr);
break;
case 8:
- spi = *((u_int64_t*)this->spi.ptr);
+ spi = *((uint64_t*)this->spi.ptr);
break;
default:
break;
@@ -1042,7 +1044,7 @@ METHOD(proposal_substructure_t, create_substructure_enumerator, enumerator_t*,
/**
* Get an attribute from any transform, 0 if not found
*/
-static u_int64_t get_attr(private_proposal_substructure_t *this,
+static uint64_t get_attr(private_proposal_substructure_t *this,
transform_attribute_type_t type)
{
enumerator_t *transforms, *attributes;
@@ -1071,7 +1073,7 @@ static u_int64_t get_attr(private_proposal_substructure_t *this,
/**
* Look up a lifetime duration of a given kind in all transforms
*/
-static u_int64_t get_life_duration(private_proposal_substructure_t *this,
+static uint64_t get_life_duration(private_proposal_substructure_t *this,
transform_attribute_type_t type_attr, ikev1_life_type_t type,
transform_attribute_type_t dur_attr)
{
@@ -1105,10 +1107,10 @@ static u_int64_t get_life_duration(private_proposal_substructure_t *this,
return 0;
}
-METHOD(proposal_substructure_t, get_lifetime, u_int32_t,
+METHOD(proposal_substructure_t, get_lifetime, uint32_t,
private_proposal_substructure_t *this)
{
- u_int32_t duration;
+ uint32_t duration;
switch (this->protocol_id)
{
@@ -1129,7 +1131,7 @@ METHOD(proposal_substructure_t, get_lifetime, u_int32_t,
}
}
-METHOD(proposal_substructure_t, get_lifebytes, u_int64_t,
+METHOD(proposal_substructure_t, get_lifebytes, uint64_t,
private_proposal_substructure_t *this)
{
switch (this->protocol_id)
@@ -1259,11 +1261,11 @@ proposal_substructure_t *proposal_substructure_create(payload_type_t type)
* Add an IKEv1 IKE proposal to the substructure
*/
static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
- proposal_t *proposal, u_int32_t lifetime,
+ proposal_t *proposal, uint32_t lifetime,
auth_method_t method, int number)
{
transform_substructure_t *transform;
- u_int16_t alg, key_size;
+ uint16_t alg, key_size;
enumerator_t *enumerator;
transform = transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE,
@@ -1330,11 +1332,11 @@ static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
* Add an IKEv1 ESP/AH proposal to the substructure
*/
static void set_from_proposal_v1(private_proposal_substructure_t *this,
- proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
+ proposal_t *proposal, uint32_t lifetime, uint64_t lifebytes,
ipsec_mode_t mode, encap_t udp, int number)
{
transform_substructure_t *transform = NULL;
- u_int16_t alg, transid, key_size;
+ uint16_t alg, transid, key_size;
enumerator_t *enumerator;
enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
@@ -1410,6 +1412,18 @@ static void set_from_proposal_v1(private_proposal_substructure_t *this,
TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
}
+ enumerator = proposal->create_enumerator(proposal,
+ EXTENDED_SEQUENCE_NUMBERS);
+ while (enumerator->enumerate(enumerator, &alg, NULL))
+ {
+ if (alg == EXT_SEQ_NUMBERS)
+ {
+ transform->add_transform_attribute(transform,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
+ TATTR_PH2_EXT_SEQ_NUMBER, alg));
+ }
+ }
+ enumerator->destroy(enumerator);
add_transform_substructure(this, transform);
}
@@ -1420,7 +1434,7 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
proposal_t *proposal)
{
transform_substructure_t *transform;
- u_int16_t alg, key_size;
+ uint16_t alg, key_size;
enumerator_t *enumerator;
/* encryption algorithm is only available in ESP */
@@ -1485,8 +1499,8 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
*/
static void set_data(private_proposal_substructure_t *this, proposal_t *proposal)
{
- u_int64_t spi64;
- u_int32_t spi32;
+ uint64_t spi64;
+ uint32_t spi32;
/* add SPI, if necessary */
switch (proposal->get_protocol(proposal))
@@ -1533,7 +1547,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
* See header.
*/
proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
- proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
+ proposal_t *proposal, uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode, encap_t udp)
{
private_proposal_substructure_t *this;
@@ -1562,7 +1576,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
* See header.
*/
proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
- linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes,
+ linked_list_t *proposals, uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode, encap_t udp)
{
private_proposal_substructure_t *this = NULL;
@@ -1607,8 +1621,8 @@ proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
* See header.
*/
proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
- u_int32_t lifetime, u_int64_t lifebytes, u_int16_t cpi,
- ipsec_mode_t mode, encap_t udp, u_int8_t proposal_number)
+ uint32_t lifetime, uint64_t lifebytes, uint16_t cpi,
+ ipsec_mode_t mode, encap_t udp, uint8_t proposal_number)
{
private_proposal_substructure_t *this;
transform_substructure_t *transform;
diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h
index c4614b88f..796c10890 100644
--- a/src/libcharon/encoding/payloads/proposal_substructure.h
+++ b/src/libcharon/encoding/payloads/proposal_substructure.h
@@ -59,13 +59,13 @@ struct proposal_substructure_t {
* @param id proposal number to set
*/
void (*set_proposal_number) (proposal_substructure_t *this,
- u_int8_t proposal_number);
+ uint8_t proposal_number);
/**
* get proposal number of current proposal.
*
* @return proposal number of current proposal substructure.
*/
- u_int8_t (*get_proposal_number) (proposal_substructure_t *this);
+ uint8_t (*get_proposal_number) (proposal_substructure_t *this);
/**
* Sets the protocol id of current proposal.
@@ -73,14 +73,14 @@ struct proposal_substructure_t {
* @param id protocol id to set
*/
void (*set_protocol_id) (proposal_substructure_t *this,
- u_int8_t protocol_id);
+ uint8_t protocol_id);
/**
* get protocol id of current proposal.
*
* @return protocol id of current proposal substructure.
*/
- u_int8_t (*get_protocol_id) (proposal_substructure_t *this);
+ uint8_t (*get_protocol_id) (proposal_substructure_t *this);
/**
* Sets the next_payload field of this substructure
@@ -114,7 +114,7 @@ struct proposal_substructure_t {
* @param cpi the CPI if a supported algorithm is proposed
* @return TRUE if a supported algorithm is proposed
*/
- bool (*get_cpi) (proposal_substructure_t *this, u_int16_t *cpi);
+ bool (*get_cpi) (proposal_substructure_t *this, uint16_t *cpi);
/**
* Get proposals contained in a propsal_substructure_t.
@@ -135,14 +135,14 @@ struct proposal_substructure_t {
*
* @return lifetime, in seconds
*/
- u_int32_t (*get_lifetime)(proposal_substructure_t *this);
+ uint32_t (*get_lifetime)(proposal_substructure_t *this);
/**
* Get the (shortest) life duration of a proposal (IKEv1 only).
*
* @return life duration, in bytes
*/
- u_int64_t (*get_lifebytes)(proposal_substructure_t *this);
+ uint64_t (*get_lifebytes)(proposal_substructure_t *this);
/**
* Get the first authentication method from the proposal (IKEv1 only).
@@ -193,7 +193,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
* @return proposal_substructure_t object PLV1_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
- proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
+ proposal_t *proposal, uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode, encap_t udp);
/**
@@ -208,7 +208,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
* @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
- linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes,
+ linked_list_t *proposals, uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode, encap_t udp);
/**
@@ -224,7 +224,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
* @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
- u_int32_t lifetime, u_int64_t lifebytes, u_int16_t cpi,
- ipsec_mode_t mode, encap_t udp, u_int8_t proposal_number);
+ uint32_t lifetime, uint64_t lifebytes, uint16_t cpi,
+ ipsec_mode_t mode, encap_t udp, uint8_t proposal_number);
#endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/sa_payload.c b/src/libcharon/encoding/payloads/sa_payload.c
index 407038a2d..9c0b071da 100644
--- a/src/libcharon/encoding/payloads/sa_payload.c
+++ b/src/libcharon/encoding/payloads/sa_payload.c
@@ -41,7 +41,7 @@ struct private_sa_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -56,7 +56,7 @@ struct private_sa_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Proposals in this payload are stored in a linked_list_t.
@@ -71,12 +71,12 @@ struct private_sa_payload_t {
/**
* IKEv1 DOI
*/
- u_int32_t doi;
+ uint32_t doi;
/**
* IKEv1 situation
*/
- u_int32_t situation;
+ uint32_t situation;
};
/**
@@ -342,7 +342,7 @@ METHOD(sa_payload_t, get_proposals, linked_list_t*,
}
METHOD(sa_payload_t, get_ipcomp_proposals, linked_list_t*,
- private_sa_payload_t *this, u_int16_t *cpi)
+ private_sa_payload_t *this, uint16_t *cpi)
{
int current_proposal = -1, unsupported_proposal = -1;
enumerator_t *enumerator;
@@ -353,8 +353,8 @@ METHOD(sa_payload_t, get_ipcomp_proposals, linked_list_t*,
enumerator = this->proposals->create_enumerator(this->proposals);
while (enumerator->enumerate(enumerator, &substruct))
{
- u_int8_t proposal_number = substruct->get_proposal_number(substruct);
- u_int8_t protocol_id = substruct->get_protocol_id(substruct);
+ uint8_t proposal_number = substruct->get_proposal_number(substruct);
+ uint8_t protocol_id = substruct->get_protocol_id(substruct);
if (proposal_number == unsupported_proposal)
{
@@ -403,12 +403,12 @@ METHOD(sa_payload_t, create_substructure_enumerator, enumerator_t*,
return this->proposals->create_enumerator(this->proposals);
}
-METHOD(sa_payload_t, get_lifetime, u_int32_t,
+METHOD(sa_payload_t, get_lifetime, uint32_t,
private_sa_payload_t *this)
{
proposal_substructure_t *substruct;
enumerator_t *enumerator;
- u_int32_t lifetime = 0;
+ uint32_t lifetime = 0;
enumerator = this->proposals->create_enumerator(this->proposals);
if (enumerator->enumerate(enumerator, &substruct))
@@ -420,12 +420,12 @@ METHOD(sa_payload_t, get_lifetime, u_int32_t,
return lifetime;
}
-METHOD(sa_payload_t, get_lifebytes, u_int64_t,
+METHOD(sa_payload_t, get_lifebytes, uint64_t,
private_sa_payload_t *this)
{
proposal_substructure_t *substruct;
enumerator_t *enumerator;
- u_int64_t lifebytes = 0;
+ uint64_t lifebytes = 0;
enumerator = this->proposals->create_enumerator(this->proposals);
if (enumerator->enumerate(enumerator, &substruct))
@@ -558,9 +558,9 @@ sa_payload_t *sa_payload_create_from_proposal_v2(proposal_t *proposal)
* Described in header.
*/
sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
- u_int32_t lifetime, u_int64_t lifebytes,
+ uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode,
- encap_t udp, u_int16_t cpi)
+ encap_t udp, uint16_t cpi)
{
proposal_substructure_t *substruct;
private_sa_payload_t *this;
@@ -580,7 +580,7 @@ sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
substruct->set_is_last_proposal(substruct, FALSE);
if (cpi)
{
- u_int8_t proposal_number = substruct->get_proposal_number(substruct);
+ uint8_t proposal_number = substruct->get_proposal_number(substruct);
substruct = proposal_substructure_create_for_ipcomp_v1(lifetime,
lifebytes, cpi, mode, udp, proposal_number);
@@ -602,9 +602,9 @@ sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
* Described in header.
*/
sa_payload_t *sa_payload_create_from_proposal_v1(proposal_t *proposal,
- u_int32_t lifetime, u_int64_t lifebytes,
+ uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode,
- encap_t udp, u_int16_t cpi)
+ encap_t udp, uint16_t cpi)
{
private_sa_payload_t *this;
linked_list_t *proposals;
diff --git a/src/libcharon/encoding/payloads/sa_payload.h b/src/libcharon/encoding/payloads/sa_payload.h
index 0ddf3619c..f01c45130 100644
--- a/src/libcharon/encoding/payloads/sa_payload.h
+++ b/src/libcharon/encoding/payloads/sa_payload.h
@@ -57,21 +57,21 @@ struct sa_payload_t {
* @param cpi the CPI of the first IPComp (sub)proposal
* @return a list containing proposal_ts
*/
- linked_list_t *(*get_ipcomp_proposals) (sa_payload_t *this, u_int16_t *cpi);
+ linked_list_t *(*get_ipcomp_proposals) (sa_payload_t *this, uint16_t *cpi);
/**
* Get the (shortest) lifetime of a proposal (IKEv1 only).
*
* @return lifetime, in seconds
*/
- u_int32_t (*get_lifetime)(sa_payload_t *this);
+ uint32_t (*get_lifetime)(sa_payload_t *this);
/**
* Get the (shortest) life duration of a proposal (IKEv1 only).
*
* @return life duration, in bytes
*/
- u_int64_t (*get_lifebytes)(sa_payload_t *this);
+ uint64_t (*get_lifebytes)(sa_payload_t *this);
/**
* Get the first authentication method from the proposal (IKEv1 only).
@@ -138,9 +138,9 @@ sa_payload_t *sa_payload_create_from_proposal_v2(proposal_t *proposal);
* @return sa_payload_t object
*/
sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
- u_int32_t lifetime, u_int64_t lifebytes,
+ uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode, encap_t udp,
- u_int16_t cpi);
+ uint16_t cpi);
/**
* Creates an IKEv1 sa_payload_t object from a single proposal.
@@ -155,8 +155,8 @@ sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
* @return sa_payload_t object
*/
sa_payload_t *sa_payload_create_from_proposal_v1(proposal_t *proposal,
- u_int32_t lifetime, u_int64_t lifebytes,
+ uint32_t lifetime, uint64_t lifebytes,
auth_method_t auth, ipsec_mode_t mode, encap_t udp,
- u_int16_t cpi);
+ uint16_t cpi);
#endif /** SA_PAYLOAD_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/traffic_selector_substructure.c b/src/libcharon/encoding/payloads/traffic_selector_substructure.c
index 83618ff5d..f69fee3ae 100644
--- a/src/libcharon/encoding/payloads/traffic_selector_substructure.c
+++ b/src/libcharon/encoding/payloads/traffic_selector_substructure.c
@@ -35,27 +35,27 @@ struct private_traffic_selector_substructure_t {
/**
* Type of traffic selector.
*/
- u_int8_t ts_type;
+ uint8_t ts_type;
/**
* IP Protocol ID.
*/
- u_int8_t ip_protocol_id;
+ uint8_t ip_protocol_id;
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Start port number.
*/
- u_int16_t start_port;
+ uint16_t start_port;
/**
* End port number.
*/
- u_int16_t end_port;
+ uint16_t end_port;
/**
* Starting address.
diff --git a/src/libcharon/encoding/payloads/traffic_selector_substructure.h b/src/libcharon/encoding/payloads/traffic_selector_substructure.h
index d3fbe8476..c7a54435b 100644
--- a/src/libcharon/encoding/payloads/traffic_selector_substructure.h
+++ b/src/libcharon/encoding/payloads/traffic_selector_substructure.h
@@ -62,7 +62,7 @@ struct traffic_selector_substructure_t {
* @return type of traffic selector
*
*/
- u_int8_t (*get_protocol_id) (traffic_selector_substructure_t *this);
+ uint8_t (*get_protocol_id) (traffic_selector_substructure_t *this);
/**
* Set the IP protocol ID of Traffic selector
@@ -70,7 +70,7 @@ struct traffic_selector_substructure_t {
* @param protocol_id protocol ID of traffic selector
*/
void (*set_protocol_id) (traffic_selector_substructure_t *this,
- u_int8_t protocol_id);
+ uint8_t protocol_id);
/**
* Get the start port and address as host_t object.
diff --git a/src/libcharon/encoding/payloads/transform_attribute.c b/src/libcharon/encoding/payloads/transform_attribute.c
index 4a5b52dcf..860607faf 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.c
+++ b/src/libcharon/encoding/payloads/transform_attribute.c
@@ -85,12 +85,12 @@ struct private_transform_attribute_t {
/**
* Type of the attribute.
*/
- u_int16_t attribute_type;
+ uint16_t attribute_type;
/**
* Attribute Length if attribute_format is 0, attribute Value otherwise.
*/
- u_int16_t attribute_length_or_value;
+ uint16_t attribute_length_or_value;
/**
* Attribute value as chunk if attribute_format is 0 (FALSE).
@@ -185,10 +185,10 @@ METHOD(transform_attribute_t, get_value_chunk, chunk_t,
return this->attribute_value;
}
-METHOD(transform_attribute_t, get_value, u_int64_t,
+METHOD(transform_attribute_t, get_value, uint64_t,
private_transform_attribute_t *this)
{
- u_int64_t value = 0;
+ uint64_t value = 0;
if (this->attribute_format)
{
@@ -203,7 +203,7 @@ METHOD(transform_attribute_t, get_value, u_int64_t,
return untoh64((char*)&value);
}
-METHOD(transform_attribute_t, get_attribute_type, u_int16_t,
+METHOD(transform_attribute_t, get_attribute_type, uint16_t,
private_transform_attribute_t *this)
{
return this->attribute_type;
@@ -250,7 +250,7 @@ transform_attribute_t *transform_attribute_create(payload_type_t type)
* Described in header.
*/
transform_attribute_t *transform_attribute_create_value(payload_type_t type,
- transform_attribute_type_t kind, u_int64_t value)
+ transform_attribute_type_t kind, uint64_t value)
{
private_transform_attribute_t *this;
@@ -265,7 +265,7 @@ transform_attribute_t *transform_attribute_create_value(payload_type_t type,
}
else if (value <= UINT32_MAX)
{
- u_int32_t val32;
+ uint32_t val32;
val32 = htonl(value);
this->attribute_value = chunk_clone(chunk_from_thing(val32));
diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h
index 87e283b18..2e86a409c 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.h
+++ b/src/libcharon/encoding/payloads/transform_attribute.h
@@ -109,14 +109,14 @@ struct transform_attribute_t {
*
* @return value
*/
- u_int64_t (*get_value) (transform_attribute_t *this);
+ uint64_t (*get_value) (transform_attribute_t *this);
/**
* get the type of the attribute.
*
* @return type of the value
*/
- u_int16_t (*get_attribute_type) (transform_attribute_t *this);
+ uint16_t (*get_attribute_type) (transform_attribute_t *this);
/**
* Destroys an transform_attribute_t object.
@@ -141,6 +141,6 @@ transform_attribute_t *transform_attribute_create(payload_type_t type);
* @return transform_attribute_t object
*/
transform_attribute_t *transform_attribute_create_value(payload_type_t type,
- transform_attribute_type_t kind, u_int64_t value);
+ transform_attribute_type_t kind, uint64_t value);
#endif /** TRANSFORM_ATTRIBUTE_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/transform_substructure.c b/src/libcharon/encoding/payloads/transform_substructure.c
index 6885d6181..11e4b462d 100644
--- a/src/libcharon/encoding/payloads/transform_substructure.c
+++ b/src/libcharon/encoding/payloads/transform_substructure.c
@@ -40,32 +40,32 @@ struct private_transform_substructure_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Reserved byte
*/
- u_int8_t reserved[3];
+ uint8_t reserved[3];
/**
* Length of this payload.
*/
- u_int16_t transform_length;
+ uint16_t transform_length;
/**
* Type or number, Type of the transform in IKEv2, number in IKEv2.
*/
- u_int8_t transform_ton;
+ uint8_t transform_ton;
/**
* Transform ID, as encoded in IKEv1.
*/
- u_int8_t transform_id_v1;
+ uint8_t transform_id_v1;
/**
* Transform ID, as encoded in IKEv2.
*/
- u_int16_t transform_id_v2;
+ uint16_t transform_id_v2;
/**
* Transforms Attributes are stored in a linked_list_t.
@@ -235,13 +235,13 @@ METHOD(payload_t, set_next_type, void,
{
}
-METHOD(transform_substructure_t, get_transform_type_or_number, u_int8_t,
+METHOD(transform_substructure_t, get_transform_type_or_number, uint8_t,
private_transform_substructure_t *this)
{
return this->transform_ton;
}
-METHOD(transform_substructure_t, get_transform_id, u_int16_t,
+METHOD(transform_substructure_t, get_transform_id, uint16_t,
private_transform_substructure_t *this)
{
if (this->type == PLV2_TRANSFORM_SUBSTRUCTURE)
@@ -303,7 +303,7 @@ transform_substructure_t *transform_substructure_create(payload_type_t type)
* Described in header
*/
transform_substructure_t *transform_substructure_create_type(payload_type_t type,
- u_int8_t type_or_number, u_int16_t id)
+ uint8_t type_or_number, uint16_t id)
{
private_transform_substructure_t *this;
diff --git a/src/libcharon/encoding/payloads/transform_substructure.h b/src/libcharon/encoding/payloads/transform_substructure.h
index ba821d3bd..e75dc27bb 100644
--- a/src/libcharon/encoding/payloads/transform_substructure.h
+++ b/src/libcharon/encoding/payloads/transform_substructure.h
@@ -72,14 +72,14 @@ struct transform_substructure_t {
*
* @return Transform type of current transform substructure.
*/
- u_int8_t (*get_transform_type_or_number) (transform_substructure_t *this);
+ uint8_t (*get_transform_type_or_number) (transform_substructure_t *this);
/**
* Get transform id of the current transform.
*
* @return Transform id of current transform substructure.
*/
- u_int16_t (*get_transform_id) (transform_substructure_t *this);
+ uint16_t (*get_transform_id) (transform_substructure_t *this);
/**
* Create an enumerator over transform attributes.
@@ -111,6 +111,6 @@ transform_substructure_t *transform_substructure_create(payload_type_t type);
* @return transform_substructure_t object
*/
transform_substructure_t *transform_substructure_create_type(payload_type_t type,
- u_int8_t type_or_number, u_int16_t id);
+ uint8_t type_or_number, uint16_t id);
#endif /** TRANSFORM_SUBSTRUCTURE_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/ts_payload.c b/src/libcharon/encoding/payloads/ts_payload.c
index e74b9ae1b..0b2d4de57 100644
--- a/src/libcharon/encoding/payloads/ts_payload.c
+++ b/src/libcharon/encoding/payloads/ts_payload.c
@@ -42,7 +42,7 @@ struct private_ts_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -62,12 +62,12 @@ struct private_ts_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* Number of traffic selectors
*/
- u_int8_t ts_num;
+ uint8_t ts_num;
/**
* Contains the traffic selectors of type traffic_selector_substructure_t.
diff --git a/src/libcharon/encoding/payloads/unknown_payload.c b/src/libcharon/encoding/payloads/unknown_payload.c
index c69254fc0..adbf2c8f2 100644
--- a/src/libcharon/encoding/payloads/unknown_payload.c
+++ b/src/libcharon/encoding/payloads/unknown_payload.c
@@ -39,7 +39,7 @@ struct private_unknown_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -54,7 +54,7 @@ struct private_unknown_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* The contained data.
diff --git a/src/libcharon/encoding/payloads/vendor_id_payload.c b/src/libcharon/encoding/payloads/vendor_id_payload.c
index 400e0640d..7db9a69d3 100644
--- a/src/libcharon/encoding/payloads/vendor_id_payload.c
+++ b/src/libcharon/encoding/payloads/vendor_id_payload.c
@@ -34,7 +34,7 @@ struct private_vendor_id_payload_t {
/**
* Next payload type.
*/
- u_int8_t next_payload;
+ uint8_t next_payload;
/**
* Critical flag.
@@ -49,7 +49,7 @@ struct private_vendor_id_payload_t {
/**
* Length of this payload.
*/
- u_int16_t payload_length;
+ uint16_t payload_length;
/**
* The contained data.
diff --git a/src/libcharon/kernel/kernel_handler.c b/src/libcharon/kernel/kernel_handler.c
index be37d30e5..71121908b 100644
--- a/src/libcharon/kernel/kernel_handler.c
+++ b/src/libcharon/kernel/kernel_handler.c
@@ -39,7 +39,7 @@ struct private_kernel_handler_t {
/**
* convert an IP protocol identifier to the IKEv2 specific protocol identifier.
*/
-static inline protocol_id_t proto_ip2ike(u_int8_t protocol)
+static inline protocol_id_t proto_ip2ike(uint8_t protocol)
{
switch (protocol)
{
@@ -53,7 +53,7 @@ static inline protocol_id_t proto_ip2ike(u_int8_t protocol)
}
METHOD(kernel_listener_t, acquire, bool,
- private_kernel_handler_t *this, u_int32_t reqid,
+ private_kernel_handler_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
{
if (src_ts && dst_ts)
@@ -71,7 +71,7 @@ METHOD(kernel_listener_t, acquire, bool,
}
METHOD(kernel_listener_t, expire, bool,
- private_kernel_handler_t *this, u_int8_t protocol, u_int32_t spi,
+ private_kernel_handler_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, bool hard)
{
protocol_id_t proto = proto_ip2ike(protocol);
@@ -93,7 +93,7 @@ METHOD(kernel_listener_t, expire, bool,
}
METHOD(kernel_listener_t, mapping, bool,
- private_kernel_handler_t *this, u_int8_t protocol, u_int32_t spi,
+ private_kernel_handler_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, host_t *remote)
{
protocol_id_t proto = proto_ip2ike(protocol);
@@ -108,7 +108,7 @@ METHOD(kernel_listener_t, mapping, bool,
}
METHOD(kernel_listener_t, migrate, bool,
- private_kernel_handler_t *this, u_int32_t reqid,
+ private_kernel_handler_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
policy_dir_t direction, host_t *local, host_t *remote)
{
diff --git a/src/libcharon/kernel/kernel_interface.c b/src/libcharon/kernel/kernel_interface.c
index 40c4ee589..7b39a020c 100644
--- a/src/libcharon/kernel/kernel_interface.c
+++ b/src/libcharon/kernel/kernel_interface.c
@@ -1,6 +1,7 @@
/*
- * Copyright (C) 2008-2015 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2008-2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2010 Martin Willi
* Copyright (C) 2010 revosec AG
*
@@ -62,12 +63,12 @@ struct kernel_algorithm_t {
/**
* Identifier specified in IKE
*/
- u_int16_t ike;
+ uint16_t ike;
/**
* Identifier as defined in pfkeyv2.h
*/
- u_int16_t kernel;
+ uint16_t kernel;
/**
* Name of the algorithm in linux crypto API
@@ -166,7 +167,7 @@ METHOD(kernel_interface_t, get_features, kernel_feature_t,
METHOD(kernel_interface_t, get_spi, status_t,
private_kernel_interface_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
if (!this->ipsec)
{
@@ -177,7 +178,7 @@ METHOD(kernel_interface_t, get_spi, status_t,
METHOD(kernel_interface_t, get_cpi, status_t,
private_kernel_interface_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
if (!this->ipsec)
{
@@ -191,7 +192,7 @@ METHOD(kernel_interface_t, get_cpi, status_t,
*/
typedef struct {
/** allocated reqid */
- u_int32_t reqid;
+ uint32_t reqid;
/** references to this entry */
u_int refs;
/** inbound mark used for SA */
@@ -327,9 +328,9 @@ static array_t *array_from_ts_list(linked_list_t *list)
METHOD(kernel_interface_t, alloc_reqid, status_t,
private_kernel_interface_t *this,
linked_list_t *local_ts, linked_list_t *remote_ts,
- mark_t mark_in, mark_t mark_out, u_int32_t *reqid)
+ mark_t mark_in, mark_t mark_out, uint32_t *reqid)
{
- static u_int32_t counter = 0;
+ static uint32_t counter = 0;
reqid_entry_t *entry = NULL, *tmpl;
status_t status = SUCCESS;
@@ -379,7 +380,7 @@ METHOD(kernel_interface_t, alloc_reqid, status_t,
}
METHOD(kernel_interface_t, release_reqid, status_t,
- private_kernel_interface_t *this, u_int32_t reqid,
+ private_kernel_interface_t *this, uint32_t reqid,
mark_t mark_in, mark_t mark_out)
{
reqid_entry_t *entry, tmpl = {
@@ -415,59 +416,48 @@ METHOD(kernel_interface_t, release_reqid, status_t,
}
METHOD(kernel_interface_t, add_sa, status_t,
- private_kernel_interface_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts)
+ private_kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->add_sa(this->ipsec, src, dst, spi, protocol, reqid,
- mark, tfc, lifetime, enc_alg, enc_key, int_alg, int_key, mode,
- ipcomp, cpi, replay_window, initiator, encap, esn, inbound,
- update, src_ts, dst_ts);
+ return this->ipsec->add_sa(this->ipsec, id, data);
}
METHOD(kernel_interface_t, update_sa, status_t,
- private_kernel_interface_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
- bool encap, bool new_encap, mark_t mark)
+ private_kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->update_sa(this->ipsec, spi, protocol, cpi, src, dst,
- new_src, new_dst, encap, new_encap, mark);
+ return this->ipsec->update_sa(this->ipsec, id, data);
}
METHOD(kernel_interface_t, query_sa, status_t,
- private_kernel_interface_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time)
+ private_kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->query_sa(this->ipsec, src, dst, spi, protocol, mark,
- bytes, packets, time);
+ return this->ipsec->query_sa(this->ipsec, id, data, bytes, packets, time);
}
METHOD(kernel_interface_t, del_sa, status_t,
- private_kernel_interface_t *this, host_t *src, host_t *dst, u_int32_t spi,
- u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->del_sa(this->ipsec, src, dst, spi, protocol, cpi, mark);
+ return this->ipsec->del_sa(this->ipsec, id, data);
}
METHOD(kernel_interface_t, flush_sas, status_t,
@@ -481,44 +471,36 @@ METHOD(kernel_interface_t, flush_sas, status_t,
}
METHOD(kernel_interface_t, add_policy, status_t,
- private_kernel_interface_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_kernel_interface_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->add_policy(this->ipsec, src, dst, src_ts, dst_ts,
- direction, type, sa, mark, priority);
+ return this->ipsec->add_policy(this->ipsec, id, data);
}
METHOD(kernel_interface_t, query_policy, status_t,
- private_kernel_interface_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_kernel_interface_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->query_policy(this->ipsec, src_ts, dst_ts,
- direction, mark, use_time);
+ return this->ipsec->query_policy(this->ipsec, id, data, use_time);
}
METHOD(kernel_interface_t, del_policy, status_t,
- private_kernel_interface_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_kernel_interface_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
if (!this->ipsec)
{
return NOT_SUPPORTED;
}
- return this->ipsec->del_policy(this->ipsec, src, dst, src_ts, dst_ts,
- direction, type, sa, mark, priority);
+ return this->ipsec->del_policy(this->ipsec, id, data);
}
METHOD(kernel_interface_t, flush_policies, status_t,
@@ -542,13 +524,14 @@ METHOD(kernel_interface_t, get_source_addr, host_t*,
}
METHOD(kernel_interface_t, get_nexthop, host_t*,
- private_kernel_interface_t *this, host_t *dest, int prefix, host_t *src)
+ private_kernel_interface_t *this, host_t *dest, int prefix, host_t *src,
+ char **iface)
{
if (!this->net)
{
return NULL;
}
- return this->net->get_nexthop(this->net, dest, prefix, src);
+ return this->net->get_nexthop(this->net, dest, prefix, src, iface);
}
METHOD(kernel_interface_t, get_interface, bool,
@@ -594,7 +577,7 @@ METHOD(kernel_interface_t, del_ip, status_t,
METHOD(kernel_interface_t, add_route, status_t,
private_kernel_interface_t *this, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name)
+ uint8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name)
{
if (!this->net)
{
@@ -606,7 +589,7 @@ METHOD(kernel_interface_t, add_route, status_t,
METHOD(kernel_interface_t, del_route, status_t,
private_kernel_interface_t *this, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name)
+ uint8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name)
{
if (!this->net)
{
@@ -627,7 +610,7 @@ METHOD(kernel_interface_t, bypass_socket, bool,
}
METHOD(kernel_interface_t, enable_udp_decap, bool,
- private_kernel_interface_t *this, int fd, int family, u_int16_t port)
+ private_kernel_interface_t *this, int fd, int family, uint16_t port)
{
if (!this->ipsec)
{
@@ -683,6 +666,10 @@ METHOD(kernel_interface_t, get_address_by_ts, status_t,
if (ts->includes(ts, host))
{
*ip = host_create_any(family);
+ if (vip)
+ {
+ *vip = FALSE;
+ }
host->destroy(host);
DBG2(DBG_KNL, "using host %H", *ip);
return SUCCESS;
@@ -803,7 +790,7 @@ METHOD(kernel_interface_t, remove_listener, void,
}
METHOD(kernel_interface_t, acquire, void,
- private_kernel_interface_t *this, u_int32_t reqid,
+ private_kernel_interface_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
{
kernel_listener_t *listener;
@@ -823,7 +810,7 @@ METHOD(kernel_interface_t, acquire, void,
}
METHOD(kernel_interface_t, expire, void,
- private_kernel_interface_t *this, u_int8_t protocol, u_int32_t spi,
+ private_kernel_interface_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, bool hard)
{
kernel_listener_t *listener;
@@ -844,7 +831,7 @@ METHOD(kernel_interface_t, expire, void,
}
METHOD(kernel_interface_t, mapping, void,
- private_kernel_interface_t *this, u_int8_t protocol, u_int32_t spi,
+ private_kernel_interface_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, host_t *remote)
{
kernel_listener_t *listener;
@@ -865,7 +852,7 @@ METHOD(kernel_interface_t, mapping, void,
}
METHOD(kernel_interface_t, migrate, void,
- private_kernel_interface_t *this, u_int32_t reqid,
+ private_kernel_interface_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
policy_dir_t direction, host_t *local, host_t *remote)
{
@@ -919,8 +906,8 @@ METHOD(kernel_interface_t, tun, void,
}
METHOD(kernel_interface_t, register_algorithm, void,
- private_kernel_interface_t *this, u_int16_t alg_id, transform_type_t type,
- u_int16_t kernel_id, char *kernel_name)
+ private_kernel_interface_t *this, uint16_t alg_id, transform_type_t type,
+ uint16_t kernel_id, char *kernel_name)
{
kernel_algorithm_t *algorithm;
@@ -937,8 +924,8 @@ METHOD(kernel_interface_t, register_algorithm, void,
}
METHOD(kernel_interface_t, lookup_algorithm, bool,
- private_kernel_interface_t *this, u_int16_t alg_id, transform_type_t type,
- u_int16_t *kernel_id, char **kernel_name)
+ private_kernel_interface_t *this, uint16_t alg_id, transform_type_t type,
+ uint16_t *kernel_id, char **kernel_name)
{
kernel_algorithm_t *algorithm;
enumerator_t *enumerator;
diff --git a/src/libcharon/kernel/kernel_interface.h b/src/libcharon/kernel/kernel_interface.h
index 6793c6cc6..225b40932 100644
--- a/src/libcharon/kernel/kernel_interface.h
+++ b/src/libcharon/kernel/kernel_interface.h
@@ -1,9 +1,9 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -108,7 +108,7 @@ struct kernel_interface_t {
* @return SUCCESS if operation completed
*/
status_t (*get_spi)(kernel_interface_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi);
+ uint8_t protocol, uint32_t *spi);
/**
* Get a Compression Parameter Index (CPI) from the kernel.
@@ -119,7 +119,7 @@ struct kernel_interface_t {
* @return SUCCESS if operation completed
*/
status_t (*get_cpi)(kernel_interface_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi);
+ uint16_t *cpi);
/**
* Allocate or confirm a reqid to use for a given SA pair.
@@ -141,7 +141,7 @@ struct kernel_interface_t {
status_t (*alloc_reqid)(kernel_interface_t *this,
linked_list_t *local_ts, linked_list_t *remote_ts,
mark_t mark_in, mark_t mark_out,
- u_int32_t *reqid);
+ uint32_t *reqid);
/**
* Release a previously allocated reqid.
@@ -151,7 +151,7 @@ struct kernel_interface_t {
* @param mark_out outbound mark on SA
* @return SUCCESS if reqid released
*/
- status_t (*release_reqid)(kernel_interface_t *this, u_int32_t reqid,
+ status_t (*release_reqid)(kernel_interface_t *this, uint32_t reqid,
mark_t mark_in, mark_t mark_out);
/**
@@ -160,41 +160,12 @@ struct kernel_interface_t {
* This function does install a single SA for a single protocol in one
* direction.
*
- * @param src source address for this SA
- * @param dst destination address for this SA
- * @param spi SPI allocated by us or remote peer
- * @param protocol protocol for this SA (ESP/AH)
- * @param reqid reqid for this SA
- * @param mark optional mark for this SA
- * @param tfc Traffic Flow Confidentiality padding for this SA
- * @param lifetime lifetime_cfg_t for this SA
- * @param enc_alg Algorithm to use for encryption (ESP only)
- * @param enc_key key to use for encryption
- * @param int_alg Algorithm to use for integrity protection
- * @param int_key key to use for integrity protection
- * @param mode mode of the SA (tunnel, transport)
- * @param ipcomp IPComp transform to use
- * @param cpi CPI for IPComp
- * @param replay_window anti-replay window size
- * @param initiator TRUE if initiator of the exchange creating this SA
- * @param encap enable UDP encapsulation for NAT traversal
- * @param esn TRUE to use Extended Sequence Numbers
- * @param inbound TRUE if this is an inbound SA
- * @param update TRUE if an SPI has already been allocated for SA
- * @param src_ts list of source traffic selectors
- * @param dst_ts list of destination traffic selectors
+ * @param id data identifying this SA
+ * @param data data for this SA
* @return SUCCESS if operation completed
*/
- status_t (*add_sa) (kernel_interface_t *this,
- host_t *src, host_t *dst, u_int32_t spi,
- u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime,
- u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key,
- ipsec_mode_t mode, u_int16_t ipcomp, u_int16_t cpi,
- u_int32_t replay_window, bool initiator, bool encap,
- bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts);
+ status_t (*add_sa)(kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data);
/**
* Update the hosts on an installed SA.
@@ -204,85 +175,55 @@ struct kernel_interface_t {
* to identify SAs. Therefore if the destination address changed we
* create a new SA and delete the old one.
*
- * @param spi SPI of the SA
- * @param protocol protocol for this SA (ESP/AH)
- * @param cpi CPI for IPComp, 0 if no IPComp is used
- * @param src current source address
- * @param dst current destination address
- * @param new_src new source address
- * @param new_dst new destination address
- * @param encap current use of UDP encapsulation
- * @param new_encap new use of UDP encapsulation
- * @param mark optional mark for this SA
+ * @param id data identifying this SA
+ * @param data updated data for this SA
* @return SUCCESS if operation completed, NOT_SUPPORTED if
- * the kernel interface can't update the SA
+ * the kernel interface can't update the SA
*/
- status_t (*update_sa)(kernel_interface_t *this,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
- host_t *src, host_t *dst,
- host_t *new_src, host_t *new_dst,
- bool encap, bool new_encap, mark_t mark);
+ status_t (*update_sa)(kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data);
/**
* Query the number of bytes processed by an SA from the SAD.
*
- * @param src source address for this SA
- * @param dst destination address for this SA
- * @param spi SPI allocated by us or remote peer
- * @param protocol protocol for this SA (ESP/AH)
- * @param mark optional mark for this SA
+ * @param id data identifying this SA
+ * @param data data to query the SA
* @param[out] bytes the number of bytes processed by SA
* @param[out] packets number of packets processed by SA
* @param[out] time last (monotonic) time of SA use
* @return SUCCESS if operation completed
*/
- status_t (*query_sa) (kernel_interface_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time);
+ status_t (*query_sa)(kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes,
+ uint64_t *packets, time_t *time);
/**
* Delete a previously installed SA from the SAD.
*
- * @param src source address for this SA
- * @param dst destination address for this SA
- * @param spi SPI allocated by us or remote peer
- * @param protocol protocol for this SA (ESP/AH)
- * @param cpi CPI for IPComp or 0
- * @param mark optional mark for this SA
+ * @param id data identifying this SA
+ * @param data data to delete the SA
* @return SUCCESS if operation completed
*/
- status_t (*del_sa) (kernel_interface_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
- mark_t mark);
+ status_t (*del_sa)(kernel_interface_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data);
/**
* Flush all SAs from the SAD.
*
* @return SUCCESS if operation completed
*/
- status_t (*flush_sas) (kernel_interface_t *this);
+ status_t (*flush_sas)(kernel_interface_t *this);
/**
* Add a policy to the SPD.
*
- * @param src source address of SA
- * @param dst dest address of SA
- * @param src_ts traffic selector to match traffic source
- * @param dst_ts traffic selector to match traffic dest
- * @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param type type of policy, POLICY_(IPSEC|PASS|DROP)
- * @param sa details about the SA(s) tied to this policy
- * @param mark mark for this policy
- * @param priority priority of this policy
+ * @param id data identifying this policy
+ * @param data data for this policy
* @return SUCCESS if operation completed
*/
- status_t (*add_policy) (kernel_interface_t *this,
- host_t *src, host_t *dst,
- traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type,
- ipsec_sa_cfg_t *sa, mark_t mark,
- policy_priority_t priority);
+ status_t (*add_policy)(kernel_interface_t *this,
+ kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data);
/**
* Query the use time of a policy.
@@ -290,47 +231,33 @@ struct kernel_interface_t {
* The use time of a policy is the time the policy was used
* for the last time.
*
- * @param src_ts traffic selector to match traffic source
- * @param dst_ts traffic selector to match traffic dest
- * @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param mark optional mark
- * @param[out] use_time the (monotonic) time of this SA's last use
+ * @param id data identifying this policy
+ * @param data data to query the policy
+ * @param[out] use_time the monotonic timestamp of this SA's last use
* @return SUCCESS if operation completed
*/
- status_t (*query_policy) (kernel_interface_t *this,
- traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts,
- policy_dir_t direction, mark_t mark,
- time_t *use_time);
+ status_t (*query_policy)(kernel_interface_t *this,
+ kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data,
+ time_t *use_time);
/**
* Remove a policy from the SPD.
*
- * @param src source address of SA
- * @param dst dest address of SA
- * @param src_ts traffic selector to match traffic source
- * @param dst_ts traffic selector to match traffic dest
- * @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param type type of policy, POLICY_(IPSEC|PASS|DROP)
- * @param sa details about the SA(s) tied to this policy
- * @param mark mark for this policy
- * @param priority priority of the policy
+ * @param id data identifying this policy
+ * @param data data for this policy
* @return SUCCESS if operation completed
*/
- status_t (*del_policy) (kernel_interface_t *this,
- host_t *src, host_t *dst,
- traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type,
- ipsec_sa_cfg_t *sa, mark_t mark,
- policy_priority_t priority);
+ status_t (*del_policy)(kernel_interface_t *this,
+ kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data);
/**
* Flush all policies from the SPD.
*
* @return SUCCESS if operation completed
*/
- status_t (*flush_policies) (kernel_interface_t *this);
+ status_t (*flush_policies)(kernel_interface_t *this);
/**
* Get our outgoing source address for a destination.
@@ -358,10 +285,12 @@ struct kernel_interface_t {
* @param dest target destination address
* @param prefix prefix length if dest is a subnet, -1 for auto
* @param src source address to check, or NULL
+ * @param[out] iface allocated name of the interface to reach dest, if
+ * available (optional)
* @return next hop address, NULL if unreachable
*/
host_t* (*get_nexthop)(kernel_interface_t *this, host_t *dest,
- int prefix, host_t *src);
+ int prefix, host_t *src, char **iface);
/**
* Get the interface name of a local address. Interfaces that are down or
@@ -426,7 +355,7 @@ struct kernel_interface_t {
* ALREADY_DONE if the route already exists
*/
status_t (*add_route) (kernel_interface_t *this, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway, host_t *src_ip,
+ uint8_t prefixlen, host_t *gateway, host_t *src_ip,
char *if_name);
/**
@@ -440,7 +369,7 @@ struct kernel_interface_t {
* @return SUCCESS if operation completed
*/
status_t (*del_route) (kernel_interface_t *this, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway, host_t *src_ip,
+ uint8_t prefixlen, host_t *gateway, host_t *src_ip,
char *if_name);
/**
@@ -461,7 +390,7 @@ struct kernel_interface_t {
* @return TRUE if UDP decapsulation was enabled successfully
*/
bool (*enable_udp_decap)(kernel_interface_t *this, int fd, int family,
- u_int16_t port);
+ uint16_t port);
/**
@@ -561,7 +490,7 @@ struct kernel_interface_t {
* @param src_ts source traffic selector
* @param dst_ts destination traffic selector
*/
- void (*acquire)(kernel_interface_t *this, u_int32_t reqid,
+ void (*acquire)(kernel_interface_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts);
/**
@@ -572,7 +501,7 @@ struct kernel_interface_t {
* @param dst destination address of expired SA
* @param hard TRUE if it is a hard expire, FALSE otherwise
*/
- void (*expire)(kernel_interface_t *this, u_int8_t protocol, u_int32_t spi,
+ void (*expire)(kernel_interface_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, bool hard);
/**
@@ -583,7 +512,7 @@ struct kernel_interface_t {
* @param dst original destination address of SA
* @param remote new remote host
*/
- void (*mapping)(kernel_interface_t *this, u_int8_t protocol, u_int32_t spi,
+ void (*mapping)(kernel_interface_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, host_t *remote);
/**
@@ -596,7 +525,7 @@ struct kernel_interface_t {
* @param local local host address to be used in the IKE_SA
* @param remote remote host address to be used in the IKE_SA
*/
- void (*migrate)(kernel_interface_t *this, u_int32_t reqid,
+ void (*migrate)(kernel_interface_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
policy_dir_t direction, host_t *local, host_t *remote);
@@ -623,8 +552,8 @@ struct kernel_interface_t {
* @param kernel_id the kernel id of the algorithm
* @param kernel_name the kernel name of the algorithm
*/
- void (*register_algorithm)(kernel_interface_t *this, u_int16_t alg_id,
- transform_type_t type, u_int16_t kernel_id,
+ void (*register_algorithm)(kernel_interface_t *this, uint16_t alg_id,
+ transform_type_t type, uint16_t kernel_id,
char *kernel_name);
/**
@@ -637,8 +566,8 @@ struct kernel_interface_t {
* @param kernel_name the kernel name of the algorithm (optional)
* @return TRUE if algorithm was found
*/
- bool (*lookup_algorithm)(kernel_interface_t *this, u_int16_t alg_id,
- transform_type_t type, u_int16_t *kernel_id,
+ bool (*lookup_algorithm)(kernel_interface_t *this, uint16_t alg_id,
+ transform_type_t type, uint16_t *kernel_id,
char **kernel_name);
/**
diff --git a/src/libcharon/kernel/kernel_ipsec.h b/src/libcharon/kernel/kernel_ipsec.h
index 31e06308e..0ad566068 100644
--- a/src/libcharon/kernel/kernel_ipsec.h
+++ b/src/libcharon/kernel/kernel_ipsec.h
@@ -1,9 +1,10 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -25,6 +26,14 @@
#define KERNEL_IPSEC_H_
typedef struct kernel_ipsec_t kernel_ipsec_t;
+typedef struct kernel_ipsec_sa_id_t kernel_ipsec_sa_id_t;
+typedef struct kernel_ipsec_add_sa_t kernel_ipsec_add_sa_t;
+typedef struct kernel_ipsec_update_sa_t kernel_ipsec_update_sa_t;
+typedef struct kernel_ipsec_query_sa_t kernel_ipsec_query_sa_t;
+typedef struct kernel_ipsec_del_sa_t kernel_ipsec_del_sa_t;
+typedef struct kernel_ipsec_policy_id_t kernel_ipsec_policy_id_t;
+typedef struct kernel_ipsec_manage_policy_t kernel_ipsec_manage_policy_t;
+typedef struct kernel_ipsec_query_policy_t kernel_ipsec_query_policy_t;
#include <networking/host.h>
#include <ipsec/ipsec_types.h>
@@ -33,6 +42,137 @@ typedef struct kernel_ipsec_t kernel_ipsec_t;
#include <kernel/kernel_interface.h>
/**
+ * Data required to identify an SA in the kernel
+ */
+struct kernel_ipsec_sa_id_t {
+ /** Source address */
+ host_t *src;
+ /** Destination address */
+ host_t *dst;
+ /** SPI */
+ uint32_t spi;
+ /** Protocol (ESP/AH) */
+ uint8_t proto;
+ /** Optional mark */
+ mark_t mark;
+};
+
+/**
+ * Data required to add an SA to the kernel
+ */
+struct kernel_ipsec_add_sa_t {
+ /** Reqid */
+ uint32_t reqid;
+ /** Mode (tunnel, transport...) */
+ ipsec_mode_t mode;
+ /** List of source traffic selectors */
+ linked_list_t *src_ts;
+ /** List of destination traffic selectors */
+ linked_list_t *dst_ts;
+ /** Network interface restricting policy */
+ char *interface;
+ /** Lifetime configuration */
+ lifetime_cfg_t *lifetime;
+ /** Encryption algorithm */
+ uint16_t enc_alg;
+ /** Encryption key */
+ chunk_t enc_key;
+ /** Integrity protection algorithm */
+ uint16_t int_alg;
+ /** Integrity protection key */
+ chunk_t int_key;
+ /** Anti-replay window size */
+ uint32_t replay_window;
+ /** Traffic Flow Confidentiality padding */
+ uint32_t tfc;
+ /** IPComp transform */
+ uint16_t ipcomp;
+ /** CPI for IPComp */
+ uint16_t cpi;
+ /** TRUE to enable UDP encapsulation for NAT traversal */
+ bool encap;
+ /** TRUE to use Extended Sequence Numbers */
+ bool esn;
+ /** TRUE if initiator of the exchange creating the SA */
+ bool initiator;
+ /** TRUE if this is an inbound SA */
+ bool inbound;
+ /** TRUE if an SPI has already been allocated for this SA */
+ bool update;
+};
+
+/**
+ * Data required to update the hosts of an SA in the kernel
+ */
+struct kernel_ipsec_update_sa_t {
+ /** CPI in case IPComp is used */
+ uint16_t cpi;
+ /** New source address */
+ host_t *new_src;
+ /** New destination address */
+ host_t *new_dst;
+ /** TRUE if UDP encapsulation is currently enabled */
+ bool encap;
+ /** TRUE to enable UDP encapsulation */
+ bool new_encap;
+};
+
+/**
+ * Data required to query an SA in the kernel
+ */
+struct kernel_ipsec_query_sa_t {
+ uint16_t cpi;
+};
+
+/**
+ * Data required to delete an SA in the kernel
+ */
+struct kernel_ipsec_del_sa_t {
+ /** CPI in case IPComp is used */
+ uint16_t cpi;
+};
+
+/**
+ * Data identifying a policy in the kernel
+ */
+struct kernel_ipsec_policy_id_t {
+ /** Direction of traffic */
+ policy_dir_t dir;
+ /** Source traffic selector */
+ traffic_selector_t *src_ts;
+ /** Destination traffic selector */
+ traffic_selector_t *dst_ts;
+ /** Optional mark */
+ mark_t mark;
+ /** Network interface restricting policy */
+ char *interface;
+};
+
+/**
+ * Data required to add/delete a policy to/from the kernel
+ */
+struct kernel_ipsec_manage_policy_t {
+ /** Type of policy */
+ policy_type_t type;
+ /** Priority class */
+ policy_priority_t prio;
+ /** Manually-set priority (automatic if set to 0) */
+ uint32_t manual_prio;
+ /** Source address of the SA(s) tied to this policy */
+ host_t *src;
+ /** Destination address of the SA(s) tied to this policy */
+ host_t *dst;
+ /** Details about the SA(s) tied to this policy */
+ ipsec_sa_cfg_t *sa;
+};
+
+/**
+ * Data required to query a policy in the kernel
+ */
+struct kernel_ipsec_query_policy_t {
+};
+
+/**
* Interface to the ipsec subsystem of the kernel.
*
* The kernel ipsec interface handles the communication with the kernel
@@ -62,7 +202,7 @@ struct kernel_ipsec_t {
* @return SUCCESS if operation completed
*/
status_t (*get_spi)(kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi);
+ uint8_t protocol, uint32_t *spi);
/**
* Get a Compression Parameter Index (CPI) from the kernel.
@@ -73,7 +213,7 @@ struct kernel_ipsec_t {
* @return SUCCESS if operation completed
*/
status_t (*get_cpi)(kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi);
+ uint16_t *cpi);
/**
* Add an SA to the SAD.
@@ -81,41 +221,12 @@ struct kernel_ipsec_t {
* This function does install a single SA for a single protocol in one
* direction.
*
- * @param src source address for this SA
- * @param dst destination address for this SA
- * @param spi SPI allocated by us or remote peer
- * @param protocol protocol for this SA (ESP/AH)
- * @param reqid unique ID for this SA
- * @param mark mark for this SA
- * @param tfc Traffic Flow Confidentiality padding for this SA
- * @param lifetime lifetime_cfg_t for this SA
- * @param enc_alg Algorithm to use for encryption (ESP only)
- * @param enc_key key to use for encryption
- * @param int_alg Algorithm to use for integrity protection
- * @param int_key key to use for integrity protection
- * @param mode mode of the SA (tunnel, transport)
- * @param ipcomp IPComp transform to use
- * @param cpi CPI for IPComp
- * @param replay_window anti-replay window size
- * @param initiator TRUE if initiator of the exchange creating this SA
- * @param encap enable UDP encapsulation for NAT traversal
- * @param esn TRUE to use Extended Sequence Numbers
- * @param inbound TRUE if this is an inbound SA
- * @param update TRUE if an SPI has already been allocated for SA
- * @param src_ts list of source traffic selectors
- * @param dst_ts list of destination traffic selectors
+ * @param id data identifying this SA
+ * @param data data for this SA
* @return SUCCESS if operation completed
*/
- status_t (*add_sa) (kernel_ipsec_t *this,
- host_t *src, host_t *dst, u_int32_t spi,
- u_int8_t protocol, u_int32_t reqid,
- mark_t mark, u_int32_t tfc, lifetime_cfg_t *lifetime,
- u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key,
- ipsec_mode_t mode, u_int16_t ipcomp, u_int16_t cpi,
- u_int32_t replay_window, bool initiator, bool encap,
- bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts);
+ status_t (*add_sa)(kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data);
/**
* Update the hosts on an installed SA.
@@ -125,85 +236,55 @@ struct kernel_ipsec_t {
* to identify SAs. Therefore if the destination address changed we
* create a new SA and delete the old one.
*
- * @param spi SPI of the SA
- * @param protocol protocol for this SA (ESP/AH)
- * @param cpi CPI for IPComp, 0 if no IPComp is used
- * @param src current source address
- * @param dst current destination address
- * @param new_src new source address
- * @param new_dst new destination address
- * @param encap current use of UDP encapsulation
- * @param new_encap new use of UDP encapsulation
- * @param mark optional mark for this SA
+ * @param id data identifying this SA
+ * @param data updated data for this SA
* @return SUCCESS if operation completed, NOT_SUPPORTED if
- * the kernel interface can't update the SA
+ * the kernel interface can't update the SA
*/
- status_t (*update_sa)(kernel_ipsec_t *this,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
- host_t *src, host_t *dst,
- host_t *new_src, host_t *new_dst,
- bool encap, bool new_encap, mark_t mark);
+ status_t (*update_sa)(kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data);
/**
* Query the number of bytes processed by an SA from the SAD.
*
- * @param src source address for this SA
- * @param dst destination address for this SA
- * @param spi SPI allocated by us or remote peer
- * @param protocol protocol for this SA (ESP/AH)
- * @param mark optional mark for this SA
+ * @param id data identifying this SA
+ * @param data data to query the SA
* @param[out] bytes the number of bytes processed by SA
* @param[out] packets number of packets processed by SA
* @param[out] time last (monotonic) time of SA use
* @return SUCCESS if operation completed
*/
- status_t (*query_sa) (kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time);
+ status_t (*query_sa)(kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes,
+ uint64_t *packets, time_t *time);
/**
- * Delete a previusly installed SA from the SAD.
+ * Delete a previously installed SA from the SAD.
*
- * @param src source address for this SA
- * @param dst destination address for this SA
- * @param spi SPI allocated by us or remote peer
- * @param protocol protocol for this SA (ESP/AH)
- * @param cpi CPI for IPComp or 0
- * @param mark optional mark for this SA
+ * @param id data identifying this SA
+ * @param data data to delete the SA
* @return SUCCESS if operation completed
*/
- status_t (*del_sa) (kernel_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
- mark_t mark);
+ status_t (*del_sa)(kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data);
/**
* Flush all SAs from the SAD.
*
* @return SUCCESS if operation completed
*/
- status_t (*flush_sas) (kernel_ipsec_t *this);
+ status_t (*flush_sas)(kernel_ipsec_t *this);
/**
* Add a policy to the SPD.
*
- * @param src source address of SA
- * @param dst dest address of SA
- * @param src_ts traffic selector to match traffic source
- * @param dst_ts traffic selector to match traffic dest
- * @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param type type of policy, POLICY_(IPSEC|PASS|DROP)
- * @param sa details about the SA(s) tied to this policy
- * @param mark mark for this policy
- * @param priority priority of this policy
+ * @param id data identifying this policy
+ * @param data data for this policy
* @return SUCCESS if operation completed
*/
- status_t (*add_policy) (kernel_ipsec_t *this,
- host_t *src, host_t *dst,
- traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type,
- ipsec_sa_cfg_t *sa, mark_t mark,
- policy_priority_t priority);
+ status_t (*add_policy)(kernel_ipsec_t *this,
+ kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data);
/**
* Query the use time of a policy.
@@ -212,47 +293,33 @@ struct kernel_ipsec_t {
* time. It is not the system time, but a monotonic timestamp as returned
* by time_monotonic.
*
- * @param src_ts traffic selector to match traffic source
- * @param dst_ts traffic selector to match traffic dest
- * @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param mark optional mark
+ * @param id data identifying this policy
+ * @param data data to query the policy
* @param[out] use_time the monotonic timestamp of this SA's last use
* @return SUCCESS if operation completed
*/
- status_t (*query_policy) (kernel_ipsec_t *this,
- traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts,
- policy_dir_t direction, mark_t mark,
- time_t *use_time);
+ status_t (*query_policy)(kernel_ipsec_t *this,
+ kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data,
+ time_t *use_time);
/**
* Remove a policy from the SPD.
*
- * @param src source address of SA
- * @param dst dest address of SA
- * @param src_ts traffic selector to match traffic source
- * @param dst_ts traffic selector to match traffic dest
- * @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param type type of policy, POLICY_(IPSEC|PASS|DROP)
- * @param sa details about the SA(s) tied to this policy
- * @param mark mark for this policy
- * @param priority priority of the policy
+ * @param id data identifying this policy
+ * @param data data for this policy
* @return SUCCESS if operation completed
*/
- status_t (*del_policy) (kernel_ipsec_t *this,
- host_t *src, host_t *dst,
- traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type,
- ipsec_sa_cfg_t *sa, mark_t mark,
- policy_priority_t priority);
+ status_t (*del_policy)(kernel_ipsec_t *this,
+ kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data);
/**
* Flush all policies from the SPD.
*
* @return SUCCESS if operation completed
*/
- status_t (*flush_policies) (kernel_ipsec_t *this);
+ status_t (*flush_policies)(kernel_ipsec_t *this);
/**
* Install a bypass policy for the given socket.
@@ -272,12 +339,12 @@ struct kernel_ipsec_t {
* @return TRUE if UDP decapsulation was enabled successfully
*/
bool (*enable_udp_decap)(kernel_ipsec_t *this, int fd, int family,
- u_int16_t port);
+ uint16_t port);
/**
* Destroy the implementation.
*/
- void (*destroy) (kernel_ipsec_t *this);
+ void (*destroy)(kernel_ipsec_t *this);
};
/**
diff --git a/src/libcharon/kernel/kernel_listener.h b/src/libcharon/kernel/kernel_listener.h
index 6426fae2a..aaeb4f5b7 100644
--- a/src/libcharon/kernel/kernel_listener.h
+++ b/src/libcharon/kernel/kernel_listener.h
@@ -43,7 +43,7 @@ struct kernel_listener_t {
* @param dst_ts destination traffic selector
* @return TRUE to remain registered, FALSE to unregister
*/
- bool (*acquire)(kernel_listener_t *this, u_int32_t reqid,
+ bool (*acquire)(kernel_listener_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts);
/**
@@ -55,7 +55,7 @@ struct kernel_listener_t {
* @param hard TRUE if it is a hard expire, FALSE otherwise
* @return TRUE to remain registered, FALSE to unregister
*/
- bool (*expire)(kernel_listener_t *this, u_int8_t protocol, u_int32_t spi,
+ bool (*expire)(kernel_listener_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, bool hard);
/**
@@ -67,7 +67,7 @@ struct kernel_listener_t {
* @param remote new remote host
* @return TRUE to remain registered, FALSE to unregister
*/
- bool (*mapping)(kernel_listener_t *this, u_int8_t protocol, u_int32_t spi,
+ bool (*mapping)(kernel_listener_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, host_t *remote);
/**
@@ -81,7 +81,7 @@ struct kernel_listener_t {
* @param remote remote host address to be used in the IKE_SA
* @return TRUE to remain registered, FALSE to unregister
*/
- bool (*migrate)(kernel_listener_t *this, u_int32_t reqid,
+ bool (*migrate)(kernel_listener_t *this, uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
policy_dir_t direction, host_t *local, host_t *remote);
diff --git a/src/libcharon/kernel/kernel_net.h b/src/libcharon/kernel/kernel_net.h
index 7fc644a7e..1d78d6edd 100644
--- a/src/libcharon/kernel/kernel_net.h
+++ b/src/libcharon/kernel/kernel_net.h
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2008-2012 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -88,10 +88,12 @@ struct kernel_net_t {
* @param dest target destination address
* @param prefix prefix length if dest is a subnet, -1 for auto
* @param src source address to check, or NULL
+ * @param[out] iface allocated name of the interface to reach dest, if
+ * available (optional)
* @return next hop address, NULL if unreachable
*/
host_t* (*get_nexthop)(kernel_net_t *this, host_t *dest, int prefix,
- host_t *src);
+ host_t *src, char **iface);
/**
* Get the interface name of a local address. Interfaces that are down or
@@ -156,7 +158,7 @@ struct kernel_net_t {
* ALREADY_DONE if the route already exists
*/
status_t (*add_route) (kernel_net_t *this, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway, host_t *src_ip,
+ uint8_t prefixlen, host_t *gateway, host_t *src_ip,
char *if_name);
/**
@@ -170,7 +172,7 @@ struct kernel_net_t {
* @return SUCCESS if operation completed
*/
status_t (*del_route) (kernel_net_t *this, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway, host_t *src_ip,
+ uint8_t prefixlen, host_t *gateway, host_t *src_ip,
char *if_name);
/**
diff --git a/src/libcharon/network/receiver.c b/src/libcharon/network/receiver.c
index ee357ca4d..1bf93ad40 100644
--- a/src/libcharon/network/receiver.c
+++ b/src/libcharon/network/receiver.c
@@ -81,17 +81,17 @@ struct private_receiver_t {
/**
* how many times we have used "secret" so far
*/
- u_int32_t secret_used;
+ uint32_t secret_used;
/**
* time we did the cookie switch
*/
- u_int32_t secret_switch;
+ uint32_t secret_switch;
/**
* time offset to use, hides our system time
*/
- u_int32_t secret_offset;
+ uint32_t secret_offset;
/**
* the RNG to use for secret generation
@@ -106,7 +106,7 @@ struct private_receiver_t {
/**
* require cookies after this many half open IKE_SAs
*/
- u_int32_t cookie_threshold;
+ uint32_t cookie_threshold;
/**
* timestamp of last cookie requested
@@ -116,7 +116,7 @@ struct private_receiver_t {
/**
* how many half open IKE_SAs per peer before blocking
*/
- u_int32_t block_threshold;
+ uint32_t block_threshold;
/**
* Drop IKE_SA_INIT requests if processor job load exceeds this limit
@@ -192,9 +192,9 @@ static void send_notify(message_t *request, int major, exchange_type_t exchange,
* build a cookie
*/
static bool cookie_build(private_receiver_t *this, message_t *message,
- u_int32_t t, chunk_t secret, chunk_t *cookie)
+ uint32_t t, chunk_t secret, chunk_t *cookie)
{
- u_int64_t spi = message->get_initiator_spi(message);
+ uint64_t spi = message->get_initiator_spi(message);
host_t *ip = message->get_source(message);
chunk_t input, hash;
@@ -216,14 +216,14 @@ static bool cookie_build(private_receiver_t *this, message_t *message,
static bool cookie_verify(private_receiver_t *this, message_t *message,
chunk_t cookie)
{
- u_int32_t t, now;
+ uint32_t t, now;
chunk_t reference;
chunk_t secret;
now = time_monotonic(NULL);
- t = *(u_int32_t*)cookie.ptr;
+ t = *(uint32_t*)cookie.ptr;
- if (cookie.len != sizeof(u_int32_t) +
+ if (cookie.len != sizeof(uint32_t) +
this->hasher->get_hash_size(this->hasher) ||
t < now - this->secret_offset - COOKIE_LIFETIME)
{
@@ -269,15 +269,15 @@ static bool check_cookie(private_receiver_t *this, message_t *message)
data = message->get_packet_data(message);
if (data.len <
IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH +
- sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher) ||
+ sizeof(uint32_t) + this->hasher->get_hash_size(this->hasher) ||
*(data.ptr + 16) != PLV2_NOTIFY ||
- *(u_int16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
+ *(uint16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
{
/* no cookie found */
return FALSE;
}
data.ptr += IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH;
- data.len = sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher);
+ data.len = sizeof(uint32_t) + this->hasher->get_hash_size(this->hasher);
if (!cookie_verify(this, message, data))
{
DBG2(DBG_NET, "found cookie, but content invalid");
@@ -290,7 +290,7 @@ static bool check_cookie(private_receiver_t *this, message_t *message)
* Check if we currently require cookies
*/
static bool cookie_required(private_receiver_t *this,
- u_int half_open, u_int32_t now)
+ u_int half_open, uint32_t now)
{
if (this->cookie_threshold && half_open >= this->cookie_threshold)
{
@@ -322,7 +322,7 @@ static bool cookie_required(private_receiver_t *this,
static bool drop_ike_sa_init(private_receiver_t *this, message_t *message)
{
u_int half_open, half_open_r;
- u_int32_t now;
+ uint32_t now;
now = time_monotonic(NULL);
half_open = charon->ike_sa_manager->get_half_open_count(
@@ -620,7 +620,7 @@ METHOD(receiver_t, destroy, void,
receiver_t *receiver_create()
{
private_receiver_t *this;
- u_int32_t now = time_monotonic(NULL);
+ uint32_t now = time_monotonic(NULL);
INIT(this,
.public = {
diff --git a/src/libcharon/network/socket.h b/src/libcharon/network/socket.h
index e3cda3bea..b084d96a2 100644
--- a/src/libcharon/network/socket.h
+++ b/src/libcharon/network/socket.h
@@ -99,7 +99,7 @@ struct socket_t {
* @param nat_t TRUE to get the port used to float in case of NAT-T
* @return the port
*/
- u_int16_t (*get_port)(socket_t *this, bool nat_t);
+ uint16_t (*get_port)(socket_t *this, bool nat_t);
/**
* Get the address families this socket is listening on.
diff --git a/src/libcharon/network/socket_manager.c b/src/libcharon/network/socket_manager.c
index 2a07e503c..564608d77 100644
--- a/src/libcharon/network/socket_manager.c
+++ b/src/libcharon/network/socket_manager.c
@@ -89,10 +89,10 @@ METHOD(socket_manager_t, sender, status_t,
return status;
}
-METHOD(socket_manager_t, get_port, u_int16_t,
+METHOD(socket_manager_t, get_port, uint16_t,
private_socket_manager_t *this, bool nat_t)
{
- u_int16_t port = 0;
+ uint16_t port = 0;
this->lock->read_lock(this->lock);
if (this->socket)
{
diff --git a/src/libcharon/network/socket_manager.h b/src/libcharon/network/socket_manager.h
index a07d0804c..cde7859c2 100644
--- a/src/libcharon/network/socket_manager.h
+++ b/src/libcharon/network/socket_manager.h
@@ -58,7 +58,7 @@ struct socket_manager_t {
* @param nat_t TRUE to get the port used to float in case of NAT-T
* @return the port, or 0, if no socket is registered
*/
- u_int16_t (*get_port)(socket_manager_t *this, bool nat_t);
+ uint16_t (*get_port)(socket_manager_t *this, bool nat_t);
/**
* Get the address families the registered socket is listening on.
diff --git a/src/libcharon/plugins/addrblock/Makefile.in b/src/libcharon/plugins/addrblock/Makefile.in
index b4ae6fa3e..3b49a8582 100644
--- a/src/libcharon/plugins/addrblock/Makefile.in
+++ b/src/libcharon/plugins/addrblock/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/addrblock
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/addrblock/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/addrblock/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/android_dns/Makefile.in b/src/libcharon/plugins/android_dns/Makefile.in
index d90149827..5f6ecbf14 100644
--- a/src/libcharon/plugins/android_dns/Makefile.in
+++ b/src/libcharon/plugins/android_dns/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/android_dns
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/android_dns/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/android_dns/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/android_log/Makefile.in b/src/libcharon/plugins/android_log/Makefile.in
index 64fecd9e3..bee30d9a9 100644
--- a/src/libcharon/plugins/android_log/Makefile.in
+++ b/src/libcharon/plugins/android_log/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/android_log
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/android_log/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/android_log/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/attr/Makefile.in b/src/libcharon/plugins/attr/Makefile.in
index acb7d07c0..607fe3f87 100644
--- a/src/libcharon/plugins/attr/Makefile.in
+++ b/src/libcharon/plugins/attr/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/attr
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/attr/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/attr/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/attr/attr_provider.c b/src/libcharon/plugins/attr/attr_provider.c
index 1de571c3f..f4c143641 100644
--- a/src/libcharon/plugins/attr/attr_provider.c
+++ b/src/libcharon/plugins/attr/attr_provider.c
@@ -272,10 +272,10 @@ static void load_entries(private_attr_provider_t *this)
{
if (family == AF_INET)
{ /* IPv4 attributes contain a subnet mask */
- u_int32_t netmask = 0;
+ uint32_t netmask = 0;
if (mask)
- { /* shifting u_int32_t by 32 or more is undefined */
+ { /* shifting uint32_t by 32 or more is undefined */
mask = 32 - mask;
netmask = htonl((0xFFFFFFFF >> mask) << mask);
}
diff --git a/src/libcharon/plugins/attr_sql/Makefile.in b/src/libcharon/plugins/attr_sql/Makefile.in
index 8ee9f3f92..d533a56b5 100644
--- a/src/libcharon/plugins/attr_sql/Makefile.in
+++ b/src/libcharon/plugins/attr_sql/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/attr_sql
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/attr_sql/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/attr_sql/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/certexpire/Makefile.in b/src/libcharon/plugins/certexpire/Makefile.in
index be19d615e..31e786158 100644
--- a/src/libcharon/plugins/certexpire/Makefile.in
+++ b/src/libcharon/plugins/certexpire/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/certexpire
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -463,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/certexpire/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/certexpire/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -779,6 +792,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/connmark/Makefile.in b/src/libcharon/plugins/connmark/Makefile.in
index eaf4f1ec9..c312821aa 100644
--- a/src/libcharon/plugins/connmark/Makefile.in
+++ b/src/libcharon/plugins/connmark/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/connmark
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -463,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/connmark/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/connmark/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/connmark/connmark_listener.c b/src/libcharon/plugins/connmark/connmark_listener.c
index 607316f7b..29f7cac42 100644
--- a/src/libcharon/plugins/connmark/connmark_listener.c
+++ b/src/libcharon/plugins/connmark/connmark_listener.c
@@ -24,6 +24,7 @@
#include <libiptc/libiptc.h>
#include <linux/netfilter/xt_esp.h>
#include <linux/netfilter/xt_tcpudp.h>
+#include <linux/netfilter/xt_mark.h>
#include <linux/netfilter/xt_MARK.h>
#include <linux/netfilter/xt_policy.h>
#include <linux/netfilter/xt_CONNMARK.h>
@@ -56,7 +57,7 @@ struct private_connmark_listener_t {
static bool ts2in(traffic_selector_t *ts,
struct in_addr *addr, struct in_addr *mask)
{
- u_int8_t bits;
+ uint8_t bits;
host_t *net;
if (ts->get_type(ts) == TS_IPV4_ADDR_RANGE &&
@@ -119,15 +120,15 @@ static bool manage_rule(struct iptc_handle *ipth, const char *chain,
*/
static bool manage_pre_esp_in_udp(private_connmark_listener_t *this,
struct iptc_handle *ipth, bool add,
- u_int mark, u_int32_t spi,
+ u_int mark, uint32_t spi,
host_t *dst, host_t *src)
{
- u_int16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
+ uint16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
XT_ALIGN(sizeof(struct xt_udp));
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_mark_tginfo2));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -177,15 +178,15 @@ static bool manage_pre_esp_in_udp(private_connmark_listener_t *this,
*/
static bool manage_pre_esp(private_connmark_listener_t *this,
struct iptc_handle *ipth, bool add,
- u_int mark, u_int32_t spi,
+ u_int mark, uint32_t spi,
host_t *dst, host_t *src)
{
- u_int16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
+ uint16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
XT_ALIGN(sizeof(struct xt_esp));
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_mark_tginfo2));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -234,7 +235,7 @@ static bool manage_pre_esp(private_connmark_listener_t *this,
*/
static bool manage_pre(private_connmark_listener_t *this,
struct iptc_handle *ipth, bool add,
- u_int mark, u_int32_t spi, bool encap,
+ u_int mark, uint32_t spi, bool encap,
host_t *dst, host_t *src)
{
if (encap)
@@ -249,15 +250,15 @@ static bool manage_pre(private_connmark_listener_t *this,
*/
static bool manage_in(private_connmark_listener_t *this,
struct iptc_handle *ipth, bool add,
- u_int mark, u_int32_t spi,
+ u_int mark, uint32_t spi,
traffic_selector_t *dst, traffic_selector_t *src)
{
- u_int16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
+ uint16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
XT_ALIGN(sizeof(struct xt_policy_info));
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_connmark_tginfo1));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -315,12 +316,12 @@ static bool manage_out(private_connmark_listener_t *this,
struct iptc_handle *ipth, bool add,
traffic_selector_t *dst, traffic_selector_t *src)
{
- u_int16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
+ uint16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
XT_ALIGN(sizeof(struct xt_mark_mtinfo1));
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_connmark_tginfo1));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -401,7 +402,7 @@ static bool manage_policies(private_connmark_listener_t *this,
{
traffic_selector_t *local, *remote;
enumerator_t *enumerator;
- u_int32_t spi;
+ uint32_t spi;
u_int mark;
bool done = TRUE;
diff --git a/src/libcharon/plugins/coupling/Makefile.in b/src/libcharon/plugins/coupling/Makefile.in
index 44598c3ea..a71d75518 100644
--- a/src/libcharon/plugins/coupling/Makefile.in
+++ b/src/libcharon/plugins/coupling/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/coupling
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/coupling/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/coupling/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/dhcp/Makefile.in b/src/libcharon/plugins/dhcp/Makefile.in
index 3d39fda29..843d05eae 100644
--- a/src/libcharon/plugins/dhcp/Makefile.in
+++ b/src/libcharon/plugins/dhcp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/dhcp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/dhcp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/dhcp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/dhcp/dhcp_socket.c b/src/libcharon/plugins/dhcp/dhcp_socket.c
index 0fd1d33fd..807c68274 100644
--- a/src/libcharon/plugins/dhcp/dhcp_socket.c
+++ b/src/libcharon/plugins/dhcp/dhcp_socket.c
@@ -151,8 +151,8 @@ typedef enum {
* DHCP option encoding, a TLV
*/
typedef struct __attribute__((packed)) {
- u_int8_t type;
- u_int8_t len;
+ uint8_t type;
+ uint8_t len;
char data[];
} dhcp_option_t;
@@ -160,22 +160,22 @@ typedef struct __attribute__((packed)) {
* DHCP message format, with a maximum size options buffer
*/
typedef struct __attribute__((packed)) {
- u_int8_t opcode;
- u_int8_t hw_type;
- u_int8_t hw_addr_len;
- u_int8_t hop_count;
- u_int32_t transaction_id;
- u_int16_t number_of_seconds;
- u_int16_t flags;
- u_int32_t client_address;
- u_int32_t your_address;
- u_int32_t server_address;
- u_int32_t gateway_address;
+ uint8_t opcode;
+ uint8_t hw_type;
+ uint8_t hw_addr_len;
+ uint8_t hop_count;
+ uint32_t transaction_id;
+ uint16_t number_of_seconds;
+ uint16_t flags;
+ uint32_t client_address;
+ uint32_t your_address;
+ uint32_t server_address;
+ uint32_t gateway_address;
char client_hw_addr[6];
char client_hw_padding[10];
char server_hostname[64];
char boot_filename[128];
- u_int32_t magic_cookie;
+ uint32_t magic_cookie;
char options[252];
} dhcp_t;
@@ -191,7 +191,7 @@ static int prepare_dhcp(private_dhcp_socket_t *this,
dhcp_option_t *option;
int optlen = 0;
host_t *src;
- u_int32_t id;
+ uint32_t id;
memset(dhcp, 0, sizeof(*dhcp));
dhcp->opcode = BOOTREQUEST;
@@ -366,10 +366,10 @@ METHOD(dhcp_socket_t, enroll, dhcp_transaction_t*,
private_dhcp_socket_t *this, identification_t *identity)
{
dhcp_transaction_t *transaction;
- u_int32_t id;
+ uint32_t id;
int try;
- if (!this->rng->get_bytes(this->rng, sizeof(id), (u_int8_t*)&id))
+ if (!this->rng->get_bytes(this->rng, sizeof(id), (uint8_t*)&id))
{
DBG1(DBG_CFG, "DHCP DISCOVER failed, no transaction ID");
return NULL;
diff --git a/src/libcharon/plugins/dhcp/dhcp_transaction.c b/src/libcharon/plugins/dhcp/dhcp_transaction.c
index 22d3f3fdf..3ee88a698 100644
--- a/src/libcharon/plugins/dhcp/dhcp_transaction.c
+++ b/src/libcharon/plugins/dhcp/dhcp_transaction.c
@@ -32,7 +32,7 @@ struct private_dhcp_transaction_t {
/**
* DHCP transaction ID
*/
- u_int32_t id;
+ uint32_t id;
/**
* Peer identity
@@ -63,7 +63,7 @@ typedef struct {
chunk_t data;
} attribute_entry_t;
-METHOD(dhcp_transaction_t, get_id, u_int32_t,
+METHOD(dhcp_transaction_t, get_id, uint32_t,
private_dhcp_transaction_t *this)
{
return this->id;
@@ -157,7 +157,7 @@ METHOD(dhcp_transaction_t, destroy, void,
/**
* See header
*/
-dhcp_transaction_t *dhcp_transaction_create(u_int32_t id,
+dhcp_transaction_t *dhcp_transaction_create(uint32_t id,
identification_t *identity)
{
private_dhcp_transaction_t *this;
diff --git a/src/libcharon/plugins/dhcp/dhcp_transaction.h b/src/libcharon/plugins/dhcp/dhcp_transaction.h
index 35f08e836..0c614f7b1 100644
--- a/src/libcharon/plugins/dhcp/dhcp_transaction.h
+++ b/src/libcharon/plugins/dhcp/dhcp_transaction.h
@@ -37,7 +37,7 @@ struct dhcp_transaction_t {
*
* @return DHCP transaction identifier
*/
- u_int32_t (*get_id)(dhcp_transaction_t *this);
+ uint32_t (*get_id)(dhcp_transaction_t *this);
/**
* Get the peer identity this transaction is used for.
@@ -103,7 +103,7 @@ struct dhcp_transaction_t {
* @param identity peer identity this transaction is used for
* @return transaction instance
*/
-dhcp_transaction_t *dhcp_transaction_create(u_int32_t id,
+dhcp_transaction_t *dhcp_transaction_create(uint32_t id,
identification_t *identity);
#endif /** DHCP_TRANSACTION_H_ @}*/
diff --git a/src/libcharon/plugins/dnscert/Makefile.in b/src/libcharon/plugins/dnscert/Makefile.in
index 04fc31a3a..5f035ba35 100644
--- a/src/libcharon/plugins/dnscert/Makefile.in
+++ b/src/libcharon/plugins/dnscert/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/dnscert
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/dnscert/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/dnscert/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/dnscert/dnscert.c b/src/libcharon/plugins/dnscert/dnscert.c
index 882ad9f0c..b360eac34 100644
--- a/src/libcharon/plugins/dnscert/dnscert.c
+++ b/src/libcharon/plugins/dnscert/dnscert.c
@@ -41,17 +41,17 @@ struct private_dnscert_t {
/**
* Certificate type
*/
- u_int16_t cert_type;
+ uint16_t cert_type;
/**
* Key tag
*/
- u_int16_t key_tag;
+ uint16_t key_tag;
/**
* Algorithm
*/
- u_int8_t algorithm;
+ uint8_t algorithm;
/**
* Certificate
@@ -65,7 +65,7 @@ METHOD(dnscert_t, get_cert_type, dnscert_type_t,
return this->cert_type;
}
-METHOD(dnscert_t, get_key_tag, u_int16_t,
+METHOD(dnscert_t, get_key_tag, uint16_t,
private_dnscert_t *this)
{
return this->key_tag;
diff --git a/src/libcharon/plugins/dnscert/dnscert.h b/src/libcharon/plugins/dnscert/dnscert.h
index 567a9dfac..31a26ff76 100644
--- a/src/libcharon/plugins/dnscert/dnscert.h
+++ b/src/libcharon/plugins/dnscert/dnscert.h
@@ -119,7 +119,7 @@ struct dnscert_t {
*
* @return keytag
*/
- u_int16_t (*get_key_tag)(dnscert_t *this);
+ uint16_t (*get_key_tag)(dnscert_t *this);
/**
* Get the algorithm.
diff --git a/src/libcharon/plugins/duplicheck/Makefile.in b/src/libcharon/plugins/duplicheck/Makefile.in
index da4534c21..9e3133b1d 100644
--- a/src/libcharon/plugins/duplicheck/Makefile.in
+++ b/src/libcharon/plugins/duplicheck/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = duplicheck$(EXEEXT)
subdir = src/libcharon/plugins/duplicheck
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -210,12 +219,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -265,6 +276,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -299,6 +311,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -410,6 +423,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -471,7 +485,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/duplicheck/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/duplicheck/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -841,6 +854,8 @@ uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/duplicheck/duplicheck.c b/src/libcharon/plugins/duplicheck/duplicheck.c
index 7c4cd5ce1..442fa4a99 100644
--- a/src/libcharon/plugins/duplicheck/duplicheck.c
+++ b/src/libcharon/plugins/duplicheck/duplicheck.c
@@ -71,7 +71,7 @@ int main(int argc, char *argv[])
{
char buf[128];
int fd, len;
- u_int16_t msglen;
+ uint16_t msglen;
fd = make_connection();
if (fd < 0)
diff --git a/src/libcharon/plugins/duplicheck/duplicheck_msg.h b/src/libcharon/plugins/duplicheck/duplicheck_msg.h
index 99e297104..0f405746e 100644
--- a/src/libcharon/plugins/duplicheck/duplicheck_msg.h
+++ b/src/libcharon/plugins/duplicheck/duplicheck_msg.h
@@ -35,7 +35,7 @@ typedef struct duplicheck_msg_t duplicheck_msg_t;
*/
struct duplicheck_msg_t {
/** length of the identity following, in network order (excluding len). */
- u_int16_t len;
+ uint16_t len;
/** identity string, not null terminated */
char identity[];
} __attribute__((__packed__));
diff --git a/src/libcharon/plugins/duplicheck/duplicheck_notify.c b/src/libcharon/plugins/duplicheck/duplicheck_notify.c
index f77b48b09..501d1229f 100644
--- a/src/libcharon/plugins/duplicheck/duplicheck_notify.c
+++ b/src/libcharon/plugins/duplicheck/duplicheck_notify.c
@@ -75,7 +75,7 @@ METHOD(duplicheck_notify_t, send_, void,
{
enumerator_t *enumerator;
stream_t *stream;
- u_int16_t nlen;
+ uint16_t nlen;
char buf[512];
int len;
diff --git a/src/libcharon/plugins/eap_aka/Makefile.in b/src/libcharon/plugins/eap_aka/Makefile.in
index b5ffd8c24..8ac12c1f2 100644
--- a/src/libcharon/plugins/eap_aka/Makefile.in
+++ b/src/libcharon/plugins/eap_aka/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_aka
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -465,7 +479,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_aka/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_aka/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -780,6 +793,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_aka/eap_aka_peer.c b/src/libcharon/plugins/eap_aka/eap_aka_peer.c
index 810a19c55..3ab053ba6 100644
--- a/src/libcharon/plugins/eap_aka/eap_aka_peer.c
+++ b/src/libcharon/plugins/eap_aka/eap_aka_peer.c
@@ -62,7 +62,7 @@ struct private_eap_aka_peer_t {
/**
* EAP message identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* MSK
@@ -77,7 +77,7 @@ struct private_eap_aka_peer_t {
/**
* Counter value if reauthentication is used
*/
- u_int16_t counter;
+ uint16_t counter;
};
/**
@@ -105,7 +105,7 @@ static bool create_client_error(private_eap_aka_peer_t *this,
eap_payload_t **out)
{
simaka_message_t *message;
- u_int16_t encoded;
+ uint16_t encoded;
DBG1(DBG_IKE, "sending client error '%N'",
simaka_client_error_names, AKA_UNABLE_TO_PROCESS);
@@ -347,7 +347,7 @@ static status_t process_challenge(private_eap_aka_peer_t *this,
*/
static bool counter_too_small(private_eap_aka_peer_t *this, chunk_t chunk)
{
- u_int16_t counter;
+ uint16_t counter;
memcpy(&counter, chunk.ptr, sizeof(counter));
counter = htons(counter);
@@ -483,7 +483,7 @@ static status_t process_notification(private_eap_aka_peer_t *this,
{
if (type == AT_NOTIFICATION)
{
- u_int16_t code;
+ uint16_t code;
memcpy(&code, data.ptr, sizeof(code));
code = ntohs(code);
@@ -594,7 +594,7 @@ METHOD(eap_method_t, initiate, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_aka_peer_t *this, u_int32_t *vendor)
+ private_eap_aka_peer_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_AKA;
@@ -611,14 +611,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_aka_peer_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_aka_peer_t *this, u_int8_t identifier)
+ private_eap_aka_peer_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_aka/eap_aka_server.c b/src/libcharon/plugins/eap_aka/eap_aka_server.c
index 04bfc170b..1ede56757 100644
--- a/src/libcharon/plugins/eap_aka/eap_aka_server.c
+++ b/src/libcharon/plugins/eap_aka/eap_aka_server.c
@@ -65,7 +65,7 @@ struct private_eap_aka_server_t {
/**
* EAP message identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* Expected Result XRES
@@ -238,7 +238,7 @@ static status_t challenge(private_eap_aka_server_t *this, eap_payload_t **out)
* Initiate EAP-AKA/Request/Re-authentication message
*/
static status_t reauthenticate(private_eap_aka_server_t *this,
- char mk[HASH_SIZE_SHA1], u_int16_t counter,
+ char mk[HASH_SIZE_SHA1], uint16_t counter,
eap_payload_t **out)
{
simaka_message_t *message;
@@ -341,7 +341,7 @@ static status_t process_identity(private_eap_aka_server_t *this,
if (this->use_reauth)
{
char mk[HASH_SIZE_SHA1];
- u_int16_t counter;
+ uint16_t counter;
permanent = this->mgr->provider_is_reauth(this->mgr, id, mk, &counter);
if (permanent)
@@ -564,7 +564,7 @@ static status_t process_client_error(private_eap_aka_server_t *this,
{
if (type == AT_CLIENT_ERROR_CODE)
{
- u_int16_t code;
+ uint16_t code;
memcpy(&code, data.ptr, sizeof(code));
DBG1(DBG_IKE, "received EAP-AKA client error '%N'",
@@ -637,7 +637,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_aka_server_t *this, u_int32_t *vendor)
+ private_eap_aka_server_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_AKA;
@@ -654,14 +654,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_aka_server_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_aka_server_t *this, u_int8_t identifier)
+ private_eap_aka_server_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
index e0ad6fe2e..7dc9003c9 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
+++ b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
@MONOLITHIC_FALSE@am__append_1 = $(top_builddir)/src/libsimaka/libsimaka.la
subdir = src/libcharon/plugins/eap_aka_3gpp2
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -467,7 +481,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_aka_3gpp2/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_aka_3gpp2/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -783,6 +796,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c
index 93ea8d08c..cfe6407b0 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c
+++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c
@@ -54,7 +54,7 @@ static chunk_t fmk = chunk_from_chars(0x41, 0x48, 0x41, 0x47);
/**
* Binary represnation of the polynom T^160 + T^5 + T^3 + T^2 + 1
*/
-static u_int8_t g[] = {
+static uint8_t g[] = {
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x2d
@@ -63,7 +63,7 @@ static u_int8_t g[] = {
/**
* Predefined random bits from the RAND Corporation book
*/
-static u_int8_t a[] = {
+static uint8_t a[] = {
0x9d, 0xe9, 0xc9, 0xc8, 0xef, 0xd5, 0x78, 0x11,
0x48, 0x23, 0x14, 0x01, 0x90, 0x1f, 0x2d, 0x49,
0x3f, 0x4c, 0x63, 0x65
@@ -72,7 +72,7 @@ static u_int8_t a[] = {
/**
* Predefined random bits from the RAND Corporation book
*/
-static u_int8_t b[] = {
+static uint8_t b[] = {
0x75, 0xef, 0xd1, 0x5c, 0x4b, 0x8f, 0x8f, 0x51,
0x4e, 0xf3, 0xbc, 0xc3, 0x79, 0x4a, 0x76, 0x5e,
0x7e, 0xec, 0x45, 0xe0
@@ -171,7 +171,7 @@ static void mpz_mod_poly(mpz_t r, mpz_t a, mpz_t b)
* XOR the key into the SHA1 IV
*/
static bool step3(prf_t *prf, u_char k[AKA_K_LEN],
- u_char payload[AKA_PAYLOAD_LEN], u_int8_t h[HASH_SIZE_SHA1])
+ u_char payload[AKA_PAYLOAD_LEN], uint8_t h[HASH_SIZE_SHA1])
{
/* use the keyed hasher to build the hash */
return prf->set_key(prf, chunk_create(k, AKA_K_LEN)) &&
@@ -243,7 +243,7 @@ static bool fx(prf_t *prf, u_char f, u_char k[AKA_K_LEN],
/**
* Calculation function of f1() and f1star()
*/
-static bool f1x(prf_t *prf, u_int8_t f, u_char k[AKA_K_LEN],
+static bool f1x(prf_t *prf, uint8_t f, u_char k[AKA_K_LEN],
u_char rand[AKA_RAND_LEN], u_char sqn[AKA_SQN_LEN],
u_char amf[AKA_AMF_LEN], u_char mac[AKA_MAC_LEN])
{
diff --git a/src/libcharon/plugins/eap_dynamic/Makefile.in b/src/libcharon/plugins/eap_dynamic/Makefile.in
index 821f6de6c..f81d54fc2 100644
--- a/src/libcharon/plugins/eap_dynamic/Makefile.in
+++ b/src/libcharon/plugins/eap_dynamic/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_dynamic
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_dynamic/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_dynamic/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_dynamic/eap_dynamic.c b/src/libcharon/plugins/eap_dynamic/eap_dynamic.c
index 3216446af..d0f0595de 100644
--- a/src/libcharon/plugins/eap_dynamic/eap_dynamic.c
+++ b/src/libcharon/plugins/eap_dynamic/eap_dynamic.c
@@ -73,7 +73,7 @@ static bool entry_matches(eap_vendor_type_t *item, eap_vendor_type_t *other)
* Load the given EAP method
*/
static eap_method_t *load_method(private_eap_dynamic_t *this,
- eap_type_t type, u_int32_t vendor)
+ eap_type_t type, uint32_t vendor)
{
eap_method_t *method;
@@ -171,7 +171,7 @@ METHOD(eap_method_t, process, status_t,
private_eap_dynamic_t *this, eap_payload_t *in, eap_payload_t **out)
{
eap_type_t received_type, type;
- u_int32_t received_vendor, vendor;
+ uint32_t received_vendor, vendor;
received_type = in->get_type(in, &received_vendor);
if (received_vendor == 0 && received_type == EAP_NAK)
@@ -225,7 +225,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_dynamic_t *this, u_int32_t *vendor)
+ private_eap_dynamic_t *this, uint32_t *vendor)
{
if (this->method)
{
@@ -245,7 +245,7 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_dynamic_t *this)
{
if (this->method)
@@ -256,7 +256,7 @@ METHOD(eap_method_t, get_identifier, u_int8_t,
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_dynamic_t *this, u_int8_t identifier)
+ private_eap_dynamic_t *this, uint8_t identifier)
{
if (this->method)
{
@@ -335,7 +335,7 @@ static void get_supported_eap_types(private_eap_dynamic_t *this)
{
enumerator_t *enumerator;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
enumerator = charon->eap->create_enumerator(charon->eap, EAP_SERVER);
while (enumerator->enumerate(enumerator, &type, &vendor))
diff --git a/src/libcharon/plugins/eap_gtc/Makefile.in b/src/libcharon/plugins/eap_gtc/Makefile.in
index cfd7c4e24..f11d86051 100644
--- a/src/libcharon/plugins/eap_gtc/Makefile.in
+++ b/src/libcharon/plugins/eap_gtc/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_gtc
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_gtc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_gtc/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc.c b/src/libcharon/plugins/eap_gtc/eap_gtc.c
index 5fcd9ebc9..6f5c38edd 100644
--- a/src/libcharon/plugins/eap_gtc/eap_gtc.c
+++ b/src/libcharon/plugins/eap_gtc/eap_gtc.c
@@ -46,7 +46,7 @@ struct private_eap_gtc_t {
/**
* EAP message identififier
*/
- u_int8_t identifier;
+ uint8_t identifier;
};
typedef struct eap_gtc_header_t eap_gtc_header_t;
@@ -56,15 +56,15 @@ typedef struct eap_gtc_header_t eap_gtc_header_t;
*/
struct eap_gtc_header_t {
/** EAP code (REQUEST/RESPONSE) */
- u_int8_t code;
+ uint8_t code;
/** unique message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of whole message */
- u_int16_t length;
+ uint16_t length;
/** EAP type */
- u_int8_t type;
+ uint8_t type;
/** type data */
- u_int8_t data[];
+ uint8_t data[];
} __attribute__((__packed__));
METHOD(eap_method_t, initiate_peer, status_t,
@@ -186,7 +186,7 @@ METHOD(eap_method_t, process_server, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_gtc_t *this, u_int32_t *vendor)
+ private_eap_gtc_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_GTC;
@@ -198,14 +198,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_gtc_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_gtc_t *this, u_int8_t identifier)
+ private_eap_gtc_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_identity/Makefile.in b/src/libcharon/plugins/eap_identity/Makefile.in
index 1c544f360..e9755aa71 100644
--- a/src/libcharon/plugins/eap_identity/Makefile.in
+++ b/src/libcharon/plugins/eap_identity/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_identity
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_identity/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_identity/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_identity/eap_identity.c b/src/libcharon/plugins/eap_identity/eap_identity.c
index 6ecde065c..7d6dc4add 100644
--- a/src/libcharon/plugins/eap_identity/eap_identity.c
+++ b/src/libcharon/plugins/eap_identity/eap_identity.c
@@ -43,7 +43,7 @@ struct private_eap_identity_t {
/**
* EAP identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
};
typedef struct eap_identity_header_t eap_identity_header_t;
@@ -53,15 +53,15 @@ typedef struct eap_identity_header_t eap_identity_header_t;
*/
struct eap_identity_header_t {
/** EAP code (REQUEST/RESPONSE) */
- u_int8_t code;
+ uint8_t code;
/** unique message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of whole message */
- u_int16_t length;
+ uint16_t length;
/** EAP type */
- u_int8_t type;
+ uint8_t type;
/** identity data */
- u_int8_t data[];
+ uint8_t data[];
} __attribute__((__packed__));
METHOD(eap_method_t, process_peer, status_t,
@@ -124,7 +124,7 @@ METHOD(eap_method_t, initiate_server, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_identity_t *this, u_int32_t *vendor)
+ private_eap_identity_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_IDENTITY;
@@ -141,14 +141,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_identity_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_identity_t *this, u_int8_t identifier)
+ private_eap_identity_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_md5/Makefile.in b/src/libcharon/plugins/eap_md5/Makefile.in
index e967262b6..82ba96d26 100644
--- a/src/libcharon/plugins/eap_md5/Makefile.in
+++ b/src/libcharon/plugins/eap_md5/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_md5
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_md5/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_md5/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_md5/eap_md5.c b/src/libcharon/plugins/eap_md5/eap_md5.c
index d314e7a9e..2cb0db466 100644
--- a/src/libcharon/plugins/eap_md5/eap_md5.c
+++ b/src/libcharon/plugins/eap_md5/eap_md5.c
@@ -49,7 +49,7 @@ struct private_eap_md5_t {
/**
* EAP message identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
};
typedef struct eap_md5_header_t eap_md5_header_t;
@@ -59,17 +59,17 @@ typedef struct eap_md5_header_t eap_md5_header_t;
*/
struct eap_md5_header_t {
/** EAP code (REQUEST/RESPONSE) */
- u_int8_t code;
+ uint8_t code;
/** unique message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of whole message */
- u_int16_t length;
+ uint16_t length;
/** EAP type */
- u_int8_t type;
+ uint8_t type;
/** length of value (challenge) */
- u_int8_t value_size;
+ uint8_t value_size;
/** actual value */
- u_int8_t value[];
+ uint8_t value[];
} __attribute__((__packed__));
#define CHALLENGE_LEN 16
@@ -204,7 +204,7 @@ METHOD(eap_method_t, process_server, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_md5_t *this, u_int32_t *vendor)
+ private_eap_md5_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_MD5;
@@ -222,14 +222,14 @@ METHOD(eap_method_t, is_mutual, bool,
return FALSE;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_md5_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_md5_t *this, u_int8_t identifier)
+ private_eap_md5_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_mschapv2/Makefile.in b/src/libcharon/plugins/eap_mschapv2/Makefile.in
index d96343a5c..c3b31cd9a 100644
--- a/src/libcharon/plugins/eap_mschapv2/Makefile.in
+++ b/src/libcharon/plugins/eap_mschapv2/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_mschapv2
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_mschapv2/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_mschapv2/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
index 16978f486..12f61f7f8 100644
--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
@@ -70,12 +70,12 @@ struct private_eap_mschapv2_t
/**
* EAP message identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* MS-CHAPv2-ID (session ID, increases with each retry)
*/
- u_int8_t mschapv2id;
+ uint8_t mschapv2id;
/**
* Number of retries
@@ -179,21 +179,21 @@ typedef struct eap_mschapv2_response_t eap_mschapv2_response_t;
struct eap_mschapv2_header_t
{
/** EAP code (REQUEST/RESPONSE) */
- u_int8_t code;
+ uint8_t code;
/** unique message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of whole message */
- u_int16_t length;
+ uint16_t length;
/** EAP type */
- u_int8_t type;
+ uint8_t type;
/** MS-CHAPv2 OpCode */
- u_int8_t opcode;
+ uint8_t opcode;
/** MS-CHAPv2-ID (equals identifier) */
- u_int8_t ms_chapv2_id;
+ uint8_t ms_chapv2_id;
/** MS-Length (defined as length - 5) */
- u_int16_t ms_length;
+ uint16_t ms_length;
/** packet data (determined by OpCode) */
- u_int8_t data[];
+ uint8_t data[];
}__attribute__((__packed__));
/**
@@ -202,11 +202,11 @@ struct eap_mschapv2_header_t
struct eap_mschapv2_challenge_t
{
/** Value-Size */
- u_int8_t value_size;
+ uint8_t value_size;
/** Challenge */
- u_int8_t challenge[CHALLENGE_LEN];
+ uint8_t challenge[CHALLENGE_LEN];
/** Name */
- u_int8_t name[];
+ uint8_t name[];
}__attribute__((__packed__));
/**
@@ -215,21 +215,21 @@ struct eap_mschapv2_challenge_t
struct eap_mschapv2_response_t
{
/** Value-Size */
- u_int8_t value_size;
+ uint8_t value_size;
/** Response */
struct
{
/* Peer-Challenge*/
- u_int8_t peer_challenge[CHALLENGE_LEN];
+ uint8_t peer_challenge[CHALLENGE_LEN];
/* Reserved (=zero) */
- u_int8_t peer_reserved[8];
+ uint8_t peer_reserved[8];
/* NT-Response */
- u_int8_t nt_response[24];
+ uint8_t nt_response[24];
/* Flags (=zero) */
- u_int8_t flags;
+ uint8_t flags;
} response;
/** Name */
- u_int8_t name[];
+ uint8_t name[];
}__attribute__((__packed__));
/**
@@ -597,10 +597,10 @@ static chunk_t extract_username(chunk_t id)
/**
* Set the ms_length field using aligned write
*/
-static void set_ms_length(eap_mschapv2_header_t *eap, u_int16_t len)
+static void set_ms_length(eap_mschapv2_header_t *eap, uint16_t len)
{
len = htons(len - 5);
- memcpy(&eap->ms_length, &len, sizeof(u_int16_t));
+ memcpy(&eap->ms_length, &len, sizeof(uint16_t));
}
METHOD(eap_method_t, initiate_peer, status_t,
@@ -617,7 +617,7 @@ METHOD(eap_method_t, initiate_server, status_t,
eap_mschapv2_header_t *eap;
eap_mschapv2_challenge_t *cha;
const char *name = MSCHAPV2_HOST_NAME;
- u_int16_t len = CHALLENGE_PAYLOAD_LEN + sizeof(MSCHAPV2_HOST_NAME) - 1;
+ uint16_t len = CHALLENGE_PAYLOAD_LEN + sizeof(MSCHAPV2_HOST_NAME) - 1;
rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
if (!rng || !rng->allocate_bytes(rng, CHALLENGE_LEN, &this->challenge))
@@ -690,7 +690,7 @@ static status_t process_peer_challenge(private_eap_mschapv2_t *this,
eap_mschapv2_challenge_t *cha;
eap_mschapv2_response_t *res;
chunk_t data, peer_challenge, userid, username, nt_hash;
- u_int16_t len = RESPONSE_PAYLOAD_LEN;
+ uint16_t len = RESPONSE_PAYLOAD_LEN;
data = in->get_data(in);
eap = (eap_mschapv2_header_t*)data.ptr;
@@ -779,7 +779,7 @@ static status_t process_peer_success(private_eap_mschapv2_t *this,
chunk_t data, auth_string = chunk_empty;
char *message, *token, *msg = NULL;
int message_len;
- u_int16_t len = SHORT_HEADER_LEN;
+ uint16_t len = SHORT_HEADER_LEN;
data = in->get_data(in);
eap = (eap_mschapv2_header_t*)data.ptr;
@@ -1011,7 +1011,7 @@ static status_t process_server_retry(private_eap_mschapv2_t *this,
rng_t *rng;
chunk_t hex;
char msg[FAILURE_MESSAGE_LEN];
- u_int16_t len = HEADER_LEN + FAILURE_MESSAGE_LEN - 1; /* no null byte */
+ uint16_t len = HEADER_LEN + FAILURE_MESSAGE_LEN - 1; /* no null byte */
if (++this->retries > MAX_RETRIES)
{
@@ -1127,7 +1127,7 @@ static status_t process_server_response(private_eap_mschapv2_t *this,
{
chunk_t hex;
char msg[AUTH_RESPONSE_LEN + sizeof(SUCCESS_MESSAGE)];
- u_int16_t len = HEADER_LEN + AUTH_RESPONSE_LEN + sizeof(SUCCESS_MESSAGE);
+ uint16_t len = HEADER_LEN + AUTH_RESPONSE_LEN + sizeof(SUCCESS_MESSAGE);
eap = alloca(len);
eap->code = EAP_REQUEST;
@@ -1213,7 +1213,7 @@ METHOD(eap_method_t, process_server, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_mschapv2_t *this, u_int32_t *vendor)
+ private_eap_mschapv2_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_MSCHAPV2;
@@ -1230,14 +1230,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_mschapv2_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_mschapv2_t *this, u_int8_t identifier)
+ private_eap_mschapv2_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_peap/Makefile.in b/src/libcharon/plugins/eap_peap/Makefile.in
index 0f920fef8..2a01a369f 100644
--- a/src/libcharon/plugins/eap_peap/Makefile.in
+++ b/src/libcharon/plugins/eap_peap/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_peap
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -467,7 +481,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_peap/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_peap/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -784,6 +797,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_peap/eap_peap.c b/src/libcharon/plugins/eap_peap/eap_peap.c
index c24dd578c..4778a0977 100644
--- a/src/libcharon/plugins/eap_peap/eap_peap.c
+++ b/src/libcharon/plugins/eap_peap/eap_peap.c
@@ -76,7 +76,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_peap_t *this, u_int32_t *vendor)
+ private_eap_peap_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_PEAP;
@@ -93,14 +93,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_peap_t *this)
{
return this->tls_eap->get_identifier(this->tls_eap);
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_peap_t *this, u_int8_t identifier)
+ private_eap_peap_t *this, uint8_t identifier)
{
this->tls_eap->set_identifier(this->tls_eap, identifier);
}
diff --git a/src/libcharon/plugins/eap_peap/eap_peap_avp.c b/src/libcharon/plugins/eap_peap/eap_peap_avp.c
index 3f541ba23..d5ce5fbc1 100644
--- a/src/libcharon/plugins/eap_peap/eap_peap_avp.c
+++ b/src/libcharon/plugins/eap_peap/eap_peap_avp.c
@@ -47,7 +47,7 @@ struct private_eap_peap_avp_t {
METHOD(eap_peap_avp_t, build, void,
private_eap_peap_avp_t *this, bio_writer_t *writer, chunk_t data)
{
- u_int8_t code;
+ uint8_t code;
eap_packet_t *pkt;
chunk_t avp_data;
@@ -71,10 +71,10 @@ METHOD(eap_peap_avp_t, build, void,
METHOD(eap_peap_avp_t, process, status_t,
private_eap_peap_avp_t* this, bio_reader_t *reader, chunk_t *data,
- u_int8_t identifier)
+ uint8_t identifier)
{
- u_int8_t code;
- u_int16_t len;
+ uint8_t code;
+ uint16_t len;
eap_packet_t *pkt;
chunk_t avp_data;
diff --git a/src/libcharon/plugins/eap_peap/eap_peap_avp.h b/src/libcharon/plugins/eap_peap/eap_peap_avp.h
index 98c5f1912..cc5930b62 100644
--- a/src/libcharon/plugins/eap_peap/eap_peap_avp.h
+++ b/src/libcharon/plugins/eap_peap/eap_peap_avp.h
@@ -45,7 +45,7 @@ struct eap_peap_avp_t {
* - NEED_MORE if another invocation of process/build needed
*/
status_t (*process)(eap_peap_avp_t *this, bio_reader_t *reader,
- chunk_t *data, u_int8_t identifier);
+ chunk_t *data, uint8_t identifier);
/**
* Build EAP-PEAP Message AVP to send out.
diff --git a/src/libcharon/plugins/eap_peap/eap_peap_peer.c b/src/libcharon/plugins/eap_peap/eap_peap_peer.c
index f482c5b54..2668ac432 100644
--- a/src/libcharon/plugins/eap_peap/eap_peap_peer.c
+++ b/src/libcharon/plugins/eap_peap/eap_peap_peer.c
@@ -71,7 +71,7 @@ METHOD(tls_application_t, process, status_t,
eap_payload_t *in;
eap_code_t code;
eap_type_t type, received_type;
- u_int32_t vendor, received_vendor;
+ uint32_t vendor, received_vendor;
status = this->avp->process(this->avp, reader, &data,
this->ph1_method->get_identifier(this->ph1_method));
@@ -191,7 +191,7 @@ METHOD(tls_application_t, build, status_t,
chunk_t data;
eap_code_t code;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
if (this->out)
{
diff --git a/src/libcharon/plugins/eap_peap/eap_peap_server.c b/src/libcharon/plugins/eap_peap/eap_peap_server.c
index 33b01e95e..7f8348e06 100644
--- a/src/libcharon/plugins/eap_peap/eap_peap_server.c
+++ b/src/libcharon/plugins/eap_peap/eap_peap_server.c
@@ -167,7 +167,7 @@ METHOD(tls_application_t, process, status_t,
eap_payload_t *in;
eap_code_t code;
eap_type_t type = EAP_NAK, received_type;
- u_int32_t vendor, received_vendor;
+ uint32_t vendor, received_vendor;
status = this->avp->process(this->avp, reader, &data,
this->ph1_method->get_identifier(this->ph1_method));
@@ -336,7 +336,7 @@ METHOD(tls_application_t, build, status_t,
chunk_t data;
eap_code_t code;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
if (this->ph2_method == NULL && this->start_phase2 && this->start_phase2_id)
{
diff --git a/src/libcharon/plugins/eap_radius/Makefile.in b/src/libcharon/plugins/eap_radius/Makefile.in
index 881a5b7e3..cdba38cde 100644
--- a/src/libcharon/plugins/eap_radius/Makefile.in
+++ b/src/libcharon/plugins/eap_radius/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_radius
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -470,7 +484,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_radius/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_radius/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -789,6 +802,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_radius/eap_radius.c b/src/libcharon/plugins/eap_radius/eap_radius.c
index 237f065fa..a2530e653 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius.c
@@ -55,12 +55,12 @@ struct private_eap_radius_t {
/**
* EAP vendor, if any
*/
- u_int32_t vendor;
+ uint32_t vendor;
/**
* EAP message identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* RADIUS client instance
@@ -86,15 +86,15 @@ static void add_eap_identity(private_eap_radius_t *this,
{
struct {
/** EAP code (REQUEST/RESPONSE) */
- u_int8_t code;
+ uint8_t code;
/** unique message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of whole message */
- u_int16_t length;
+ uint16_t length;
/** EAP type */
- u_int8_t type;
+ uint8_t type;
/** identity data */
- u_int8_t data[];
+ uint8_t data[];
} __attribute__((__packed__)) *hdr;
chunk_t id, prefix;
size_t len;
@@ -156,7 +156,7 @@ void eap_radius_build_attributes(radius_message_t *request)
ike_sa_t *ike_sa;
host_t *host;
char buf[40], *station_id_fmt;;
- u_int32_t value;
+ uint32_t value;
chunk_t chunk;
/* virtual NAS-Port-Type */
@@ -314,8 +314,8 @@ static void process_filter_id(radius_message_t *msg)
{
enumerator_t *enumerator;
int type;
- u_int8_t tunnel_tag;
- u_int32_t tunnel_type;
+ uint8_t tunnel_tag;
+ uint32_t tunnel_type;
chunk_t filter_id = chunk_empty, data;
bool is_esp_tunnel = FALSE;
@@ -395,7 +395,7 @@ static void process_timeout(radius_message_t *msg)
/**
* Add a Cisco Unity configuration attribute
*/
-static void add_unity_attribute(eap_radius_provider_t *provider, u_int32_t id,
+static void add_unity_attribute(eap_radius_provider_t *provider, uint32_t id,
int type, chunk_t data)
{
switch (type)
@@ -417,7 +417,7 @@ static void add_unity_attribute(eap_radius_provider_t *provider, u_int32_t id,
* Add a DNS/NBNS configuration attribute
*/
static void add_nameserver_attribute(eap_radius_provider_t *provider,
- u_int32_t id, int type, chunk_t data)
+ uint32_t id, int type, chunk_t data)
{
/* these are from different vendors, but there is currently no conflict */
switch (type)
@@ -444,7 +444,7 @@ static void add_nameserver_attribute(eap_radius_provider_t *provider,
* Add a UNITY_LOCAL_LAN or UNITY_SPLIT_INCLUDE attribute
*/
static void add_unity_split_attribute(eap_radius_provider_t *provider,
- u_int32_t id, configuration_attribute_type_t type,
+ uint32_t id, configuration_attribute_type_t type,
chunk_t data)
{
enumerator_t *enumerator;
@@ -701,7 +701,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_radius_t *this, u_int32_t *vendor)
+ private_eap_radius_t *this, uint32_t *vendor)
{
*vendor = this->vendor;
return this->type;
@@ -721,14 +721,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_radius_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_radius_t *this, u_int8_t identifier)
+ private_eap_radius_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
index 4b7260349..0c302af51 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
@@ -54,7 +54,7 @@ struct private_eap_radius_accounting_t {
/**
* Session ID prefix
*/
- u_int32_t prefix;
+ uint32_t prefix;
/**
* Format string we use for Called/Calling-Station-Id for a host
@@ -101,8 +101,8 @@ typedef enum {
*/
typedef struct {
struct {
- u_int64_t sent;
- u_int64_t received;
+ uint64_t sent;
+ uint64_t received;
} bytes, packets;
} usage_t;
@@ -133,7 +133,7 @@ static inline void sub_usage(usage_t *a, usage_t b)
*/
typedef struct {
/** unique CHILD_SA identifier */
- u_int32_t id;
+ uint32_t id;
/** usage stats for this SA */
usage_t usage;
} sa_entry_t;
@@ -172,7 +172,7 @@ typedef struct {
radius_acct_terminate_cause_t cause;
/* interim interval and timestamp of last update */
struct {
- u_int32_t interval;
+ uint32_t interval;
time_t last;
} interim;
/** did we send Accounting-Start */
@@ -237,7 +237,7 @@ static int sa_find(const void *a, const void *b)
/**
* Update or create usage counters of a cached SA
*/
-static void update_sa(entry_t *entry, u_int32_t id, usage_t usage)
+static void update_sa(entry_t *entry, uint32_t id, usage_t usage)
{
sa_entry_t *sa, lookup;
@@ -402,7 +402,7 @@ static void add_ike_sa_parameters(private_eap_radius_accounting_t *this,
host_t *vip, *host;
char buf[MAX_RADIUS_ATTRIBUTE_SIZE + 1];
chunk_t data;
- u_int32_t value;
+ uint32_t value;
/* virtual NAS-Port-Type */
value = htonl(5);
@@ -461,7 +461,7 @@ static void add_ike_sa_parameters(private_eap_radius_accounting_t *this,
* Get an existing or create a new entry from the locked session table
*/
static entry_t* get_or_create_entry(private_eap_radius_accounting_t *this,
- ike_sa_id_t *id, u_int32_t unique)
+ ike_sa_id_t *id, uint32_t unique)
{
entry_t *entry;
time_t now;
@@ -520,7 +520,7 @@ static job_requeue_t send_interim(interim_data_t *data)
enumerator_t *enumerator;
ike_sa_t *ike_sa;
entry_t *entry;
- u_int32_t value;
+ uint32_t value;
array_t *stats;
sa_entry_t *sa, *found;
@@ -681,7 +681,7 @@ static void send_start(private_eap_radius_accounting_t *this, ike_sa_t *ike_sa)
{
radius_message_t *message;
entry_t *entry;
- u_int32_t value;
+ uint32_t value;
if (this->acct_req_vip && !has_vip(ike_sa))
{
@@ -735,7 +735,7 @@ static void send_stop(private_eap_radius_accounting_t *this, ike_sa_t *ike_sa)
enumerator_t *enumerator;
entry_t *entry;
sa_entry_t *sa;
- u_int32_t value;
+ uint32_t value;
this->mutex->lock(this->mutex);
entry = this->sessions->remove(this->sessions, ike_sa->get_id(ike_sa));
@@ -931,7 +931,7 @@ METHOD(listener_t, child_rekey, bool,
METHOD(listener_t, children_migrate, bool,
private_eap_radius_accounting_t *this, ike_sa_t *ike_sa, ike_sa_id_t *new,
- u_int32_t unique)
+ uint32_t unique)
{
enumerator_t *enumerator;
sa_entry_t *sa, *sa_new, *cached;
@@ -1020,7 +1020,7 @@ eap_radius_accounting_t *eap_radius_accounting_create()
.destroy = _destroy,
},
/* use system time as Session ID prefix */
- .prefix = (u_int32_t)time(NULL),
+ .prefix = (uint32_t)time(NULL),
.sessions = hashtable_create((hashtable_hash_t)hash,
(hashtable_equals_t)equals, 32),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
@@ -1050,7 +1050,7 @@ eap_radius_accounting_t *eap_radius_accounting_create()
/**
* See header
*/
-void eap_radius_accounting_start_interim(ike_sa_t *ike_sa, u_int32_t interval)
+void eap_radius_accounting_start_interim(ike_sa_t *ike_sa, uint32_t interval)
{
if (singleton)
{
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_accounting.h b/src/libcharon/plugins/eap_radius/eap_radius_accounting.h
index 8d4f9a0e1..f7a19c9b5 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_accounting.h
+++ b/src/libcharon/plugins/eap_radius/eap_radius_accounting.h
@@ -52,6 +52,6 @@ eap_radius_accounting_t *eap_radius_accounting_create();
* @param ike_sa IKE_SA to send updates for
* @param interval interval for interim updates
*/
-void eap_radius_accounting_start_interim(ike_sa_t *ike_sa, u_int32_t interval);
+void eap_radius_accounting_start_interim(ike_sa_t *ike_sa, uint32_t interval);
#endif /** EAP_RADIUS_ACCOUNTING_H_ @}*/
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_dae.c b/src/libcharon/plugins/eap_radius/eap_radius_dae.c
index a0bf99efd..fc9b39c3e 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_dae.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_dae.c
@@ -293,7 +293,7 @@ static void process_disconnect(private_eap_radius_dae_t *this,
* Apply a new lifetime to an IKE_SA
*/
static void apply_lifetime(private_eap_radius_dae_t *this, ike_sa_id_t *id,
- u_int32_t lifetime)
+ uint32_t lifetime)
{
ike_sa_t *ike_sa;
@@ -323,7 +323,7 @@ static void process_coa(private_eap_radius_dae_t *this,
ike_sa_id_t *id;
chunk_t data;
int type;
- u_int32_t lifetime = 0;
+ uint32_t lifetime = 0;
bool lifetime_seen = FALSE;
ids = get_matching_ike_sas(this, request, client);
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_forward.c b/src/libcharon/plugins/eap_radius/eap_radius_forward.c
index 52ea84070..919e861be 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_forward.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_forward.c
@@ -63,9 +63,9 @@ struct private_eap_radius_forward_t {
*/
typedef struct {
/** vendor ID, 0 for standard attributes */
- u_int32_t vendor;
+ uint32_t vendor;
/** attribute type */
- u_int8_t type;
+ uint8_t type;
} attr_t;
/**
@@ -132,7 +132,7 @@ static bool is_attribute_selected(linked_list_t *selector,
radius_attribute_type_t type, chunk_t data)
{
enumerator_t *enumerator;
- u_int32_t vendor = 0;
+ uint32_t vendor = 0;
attr_t *sel;
bool found = FALSE;
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_provider.c b/src/libcharon/plugins/eap_radius/eap_radius_provider.c
index 0f207fbe6..9a87ad38d 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_provider.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_provider.c
@@ -469,7 +469,7 @@ METHOD(attribute_provider_t, create_attribute_enumerator, enumerator_t*,
}
METHOD(eap_radius_provider_t, add_framed_ip, void,
- private_eap_radius_provider_t *this, u_int32_t id, host_t *ip)
+ private_eap_radius_provider_t *this, uint32_t id, host_t *ip)
{
this->listener.mutex->lock(this->listener.mutex);
add_addr(this, this->listener.unclaimed, id, ip);
@@ -477,7 +477,7 @@ METHOD(eap_radius_provider_t, add_framed_ip, void,
}
METHOD(eap_radius_provider_t, add_attribute, void,
- private_eap_radius_provider_t *this, u_int32_t id,
+ private_eap_radius_provider_t *this, uint32_t id,
configuration_attribute_type_t type, chunk_t data)
{
attr_t *attr;
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_provider.h b/src/libcharon/plugins/eap_radius/eap_radius_provider.h
index 5a62f4a38..80971bddb 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_provider.h
+++ b/src/libcharon/plugins/eap_radius/eap_radius_provider.h
@@ -42,7 +42,7 @@ struct eap_radius_provider_t {
* @param id IKE_SA unique identifier
* @param ip IP address received from RADIUS server, gets owned
*/
- void (*add_framed_ip)(eap_radius_provider_t *this, u_int32_t id,
+ void (*add_framed_ip)(eap_radius_provider_t *this, uint32_t id,
host_t *ip);
/**
@@ -52,7 +52,7 @@ struct eap_radius_provider_t {
* @param type attribute type
* @param data attribute data
*/
- void (*add_attribute)(eap_radius_provider_t *this, u_int32_t id,
+ void (*add_attribute)(eap_radius_provider_t *this, uint32_t id,
configuration_attribute_type_t type, chunk_t data);
/**
diff --git a/src/libcharon/plugins/eap_sim/Makefile.in b/src/libcharon/plugins/eap_sim/Makefile.in
index aaa24bb17..f1b8adb71 100644
--- a/src/libcharon/plugins/eap_sim/Makefile.in
+++ b/src/libcharon/plugins/eap_sim/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_sim
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -465,7 +479,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_sim/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_sim/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -780,6 +793,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_sim/eap_sim_peer.c b/src/libcharon/plugins/eap_sim/eap_sim_peer.c
index 2637b4314..37f8a879e 100644
--- a/src/libcharon/plugins/eap_sim/eap_sim_peer.c
+++ b/src/libcharon/plugins/eap_sim/eap_sim_peer.c
@@ -64,7 +64,7 @@ struct private_eap_sim_peer_t {
/**
* EAP message identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* EAP-SIM crypto helper
@@ -99,7 +99,7 @@ struct private_eap_sim_peer_t {
/**
* Counter value if reauthentication is used
*/
- u_int16_t counter;
+ uint16_t counter;
};
/* version of SIM protocol we speak */
@@ -130,7 +130,7 @@ static bool create_client_error(private_eap_sim_peer_t *this,
simaka_client_error_t code, eap_payload_t **out)
{
simaka_message_t *message;
- u_int16_t encoded;
+ uint16_t encoded;
DBG1(DBG_IKE, "sending client error '%N'", simaka_client_error_names, code);
@@ -404,7 +404,7 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
*/
static bool counter_too_small(private_eap_sim_peer_t *this, chunk_t chunk)
{
- u_int16_t counter;
+ uint16_t counter;
memcpy(&counter, chunk.ptr, sizeof(counter));
counter = htons(counter);
@@ -540,7 +540,7 @@ static status_t process_notification(private_eap_sim_peer_t *this,
{
if (type == AT_NOTIFICATION)
{
- u_int16_t code;
+ uint16_t code;
memcpy(&code, data.ptr, sizeof(code));
code = ntohs(code);
@@ -650,7 +650,7 @@ METHOD(eap_method_t, initiate, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_sim_peer_t *this, u_int32_t *vendor)
+ private_eap_sim_peer_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_SIM;
@@ -667,14 +667,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_sim_peer_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_sim_peer_t *this, u_int8_t identifier)
+ private_eap_sim_peer_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_sim/eap_sim_server.c b/src/libcharon/plugins/eap_sim/eap_sim_server.c
index 5aa54db3e..3b413cfc6 100644
--- a/src/libcharon/plugins/eap_sim/eap_sim_server.c
+++ b/src/libcharon/plugins/eap_sim/eap_sim_server.c
@@ -67,7 +67,7 @@ struct private_eap_sim_server_t {
/**
* unique EAP identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* concatenated SRES values
@@ -163,7 +163,7 @@ METHOD(eap_method_t, initiate, status_t,
* Initiate EAP-SIM/Request/Re-authentication message
*/
static status_t reauthenticate(private_eap_sim_server_t *this,
- char mk[HASH_SIZE_SHA1], u_int16_t counter,
+ char mk[HASH_SIZE_SHA1], uint16_t counter,
eap_payload_t **out)
{
simaka_message_t *message;
@@ -328,7 +328,7 @@ static status_t process_start(private_eap_sim_server_t *this,
if (this->use_reauth && !nonce.len)
{
char mk[HASH_SIZE_SHA1];
- u_int16_t counter;
+ uint16_t counter;
permanent = this->mgr->provider_is_reauth(this->mgr, id,
mk, &counter);
@@ -495,7 +495,7 @@ static status_t process_client_error(private_eap_sim_server_t *this,
{
if (type == AT_CLIENT_ERROR_CODE)
{
- u_int16_t code;
+ uint16_t code;
memcpy(&code, data.ptr, sizeof(code));
DBG1(DBG_IKE, "received EAP-SIM client error '%N'",
@@ -551,7 +551,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_sim_server_t *this, u_int32_t *vendor)
+ private_eap_sim_server_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_SIM;
@@ -568,14 +568,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_sim_server_t *this)
{
return this->identifier;
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_sim_server_t *this, u_int8_t identifier)
+ private_eap_sim_server_t *this, uint8_t identifier)
{
this->identifier = identifier;
}
diff --git a/src/libcharon/plugins/eap_sim_file/Makefile.in b/src/libcharon/plugins/eap_sim_file/Makefile.in
index 6e61f99de..40ff9f245 100644
--- a/src/libcharon/plugins/eap_sim_file/Makefile.in
+++ b/src/libcharon/plugins/eap_sim_file/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_sim_file
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -468,7 +482,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_sim_file/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_sim_file/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -784,6 +797,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_sim_pcsc/Makefile.in b/src/libcharon/plugins/eap_sim_pcsc/Makefile.in
index e821e3ee2..354c7a12d 100644
--- a/src/libcharon/plugins/eap_sim_pcsc/Makefile.in
+++ b/src/libcharon/plugins/eap_sim_pcsc/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
@MONOLITHIC_FALSE@am__append_1 = $(top_builddir)/src/libsimaka/libsimaka.la
subdir = src/libcharon/plugins/eap_sim_pcsc
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -206,12 +215,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -261,6 +272,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -295,6 +307,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -406,6 +419,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -468,7 +482,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_sim_pcsc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_sim_pcsc/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -782,6 +795,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in b/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in
index b883f0abd..4e3105ffd 100644
--- a/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_simaka_pseudonym
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -206,12 +215,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -261,6 +272,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -295,6 +307,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -406,6 +419,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -467,7 +481,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_simaka_pseudonym/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_simaka_pseudonym/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -782,6 +795,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.c b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.c
index b5bbdd60f..758bce4d9 100644
--- a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.c
+++ b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.c
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2016 Tobias Brunner
* Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -31,17 +32,32 @@ struct private_eap_simaka_pseudonym_card_t {
eap_simaka_pseudonym_card_t public;
/**
- * Permanent -> pseudonym mappings
+ * Permanent -> pseudonym mappings (entry_t*)
*/
hashtable_t *pseudonym;
-
- /**
- * Reverse pseudonym -> permanent mappings
- */
- hashtable_t *permanent;
};
/**
+ * Mapping between real and pseudonym identity
+ */
+typedef struct {
+
+ /** Real identity */
+ identification_t *id;
+
+ /** Pseudonym */
+ identification_t *pseudonym;
+
+} entry_t;
+
+static void destroy_entry(entry_t *this)
+{
+ this->id->destroy(this->id);
+ this->pseudonym->destroy(this->pseudonym);
+ free(this);
+}
+
+/**
* hashtable hash function
*/
static u_int hash(identification_t *key)
@@ -60,12 +76,12 @@ static bool equals(identification_t *key1, identification_t *key2)
METHOD(simaka_card_t, get_pseudonym, identification_t*,
private_eap_simaka_pseudonym_card_t *this, identification_t *id)
{
- identification_t *pseudonym;
+ entry_t *entry;
- pseudonym = this->pseudonym->get(this->pseudonym, id);
- if (pseudonym)
+ entry = this->pseudonym->get(this->pseudonym, id);
+ if (entry)
{
- return pseudonym->clone(pseudonym);
+ return entry->pseudonym->clone(entry->pseudonym);
}
return NULL;
}
@@ -74,17 +90,17 @@ METHOD(simaka_card_t, set_pseudonym, void,
private_eap_simaka_pseudonym_card_t *this, identification_t *id,
identification_t *pseudonym)
{
- identification_t *permanent;
-
- /* create new entries */
- id = id->clone(id);
- pseudonym = pseudonym->clone(pseudonym);
- permanent = this->permanent->put(this->permanent, pseudonym, id);
- pseudonym = this->pseudonym->put(this->pseudonym, id, pseudonym);
+ entry_t *entry;
- /* delete old entries */
- DESTROY_IF(permanent);
- DESTROY_IF(pseudonym);
+ INIT(entry,
+ .id = id->clone(id),
+ .pseudonym = pseudonym->clone(pseudonym),
+ );
+ entry = this->pseudonym->put(this->pseudonym, entry->id, entry);
+ if (entry)
+ {
+ destroy_entry(entry);
+ }
}
METHOD(simaka_card_t, get_quintuplet, status_t,
@@ -98,26 +114,7 @@ METHOD(simaka_card_t, get_quintuplet, status_t,
METHOD(eap_simaka_pseudonym_card_t, destroy, void,
private_eap_simaka_pseudonym_card_t *this)
{
- enumerator_t *enumerator;
- identification_t *id;
- void *key;
-
- enumerator = this->pseudonym->create_enumerator(this->pseudonym);
- while (enumerator->enumerate(enumerator, &key, &id))
- {
- id->destroy(id);
- }
- enumerator->destroy(enumerator);
-
- enumerator = this->permanent->create_enumerator(this->permanent);
- while (enumerator->enumerate(enumerator, &key, &id))
- {
- id->destroy(id);
- }
- enumerator->destroy(enumerator);
-
- this->pseudonym->destroy(this->pseudonym);
- this->permanent->destroy(this->permanent);
+ this->pseudonym->destroy_function(this->pseudonym, (void*)destroy_entry);
free(this);
}
@@ -142,9 +139,6 @@ eap_simaka_pseudonym_card_t *eap_simaka_pseudonym_card_create()
.destroy = _destroy,
},
.pseudonym = hashtable_create((void*)hash, (void*)equals, 0),
- .permanent = hashtable_create((void*)hash, (void*)equals, 0),
);
-
return &this->public;
}
-
diff --git a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
index 5417f9639..2d5747e01 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_simaka_reauth
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -466,7 +480,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_simaka_reauth/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_simaka_reauth/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -781,6 +794,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c
index 5bc5fd382..153ec0f0d 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c
@@ -45,7 +45,7 @@ typedef struct {
/** associated permanent identity */
identification_t *permanent;
/** counter value */
- u_int16_t counter;
+ uint16_t counter;
/** master key */
char mk[HASH_SIZE_SHA1];
} reauth_data_t;
@@ -68,7 +68,7 @@ static bool equals(identification_t *key1, identification_t *key2)
METHOD(simaka_card_t, get_reauth, identification_t*,
private_eap_simaka_reauth_card_t *this, identification_t *id,
- char mk[HASH_SIZE_SHA1], u_int16_t *counter)
+ char mk[HASH_SIZE_SHA1], uint16_t *counter)
{
reauth_data_t *data;
identification_t *reauth;
@@ -89,7 +89,7 @@ METHOD(simaka_card_t, get_reauth, identification_t*,
METHOD(simaka_card_t, set_reauth, void,
private_eap_simaka_reauth_card_t *this, identification_t *id,
- identification_t* next, char mk[HASH_SIZE_SHA1], u_int16_t counter)
+ identification_t* next, char mk[HASH_SIZE_SHA1], uint16_t counter)
{
reauth_data_t *data;
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
index 937095ec1..543b5579b 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
@@ -53,7 +53,7 @@ typedef struct {
/** currently used reauthentication identity */
identification_t *id;
/** counter value */
- u_int16_t counter;
+ uint16_t counter;
/** master key */
char mk[HASH_SIZE_SHA1];
} reauth_data_t;
@@ -92,7 +92,7 @@ static identification_t *gen_identity(private_eap_simaka_reauth_provider_t *this
METHOD(simaka_provider_t, is_reauth, identification_t*,
private_eap_simaka_reauth_provider_t *this, identification_t *id,
- char mk[HASH_SIZE_SHA1], u_int16_t *counter)
+ char mk[HASH_SIZE_SHA1], uint16_t *counter)
{
identification_t *permanent;
reauth_data_t *data;
diff --git a/src/libcharon/plugins/eap_simaka_sql/Makefile.in b/src/libcharon/plugins/eap_simaka_sql/Makefile.in
index c858e467c..a491899ac 100644
--- a/src/libcharon/plugins/eap_simaka_sql/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_sql/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_simaka_sql
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -466,7 +480,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_simaka_sql/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_simaka_sql/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -781,6 +794,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_tls/Makefile.in b/src/libcharon/plugins/eap_tls/Makefile.in
index c953d0e9c..c912f9ff4 100644
--- a/src/libcharon/plugins/eap_tls/Makefile.in
+++ b/src/libcharon/plugins/eap_tls/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_tls
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_tls/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_tls/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_tls/eap_tls.c b/src/libcharon/plugins/eap_tls/eap_tls.c
index bc01ba5df..79e87dc89 100644
--- a/src/libcharon/plugins/eap_tls/eap_tls.c
+++ b/src/libcharon/plugins/eap_tls/eap_tls.c
@@ -74,7 +74,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_tls_t *this, u_int32_t *vendor)
+ private_eap_tls_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_TLS;
@@ -91,14 +91,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_tls_t *this)
{
return this->tls_eap->get_identifier(this->tls_eap);
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_tls_t *this, u_int8_t identifier)
+ private_eap_tls_t *this, uint8_t identifier)
{
this->tls_eap->set_identifier(this->tls_eap, identifier);
}
diff --git a/src/libcharon/plugins/eap_tnc/Makefile.in b/src/libcharon/plugins/eap_tnc/Makefile.in
index 2f197ed33..efef3af20 100644
--- a/src/libcharon/plugins/eap_tnc/Makefile.in
+++ b/src/libcharon/plugins/eap_tnc/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_tnc
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -468,7 +482,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_tnc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_tnc/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -782,6 +795,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_ttls/Makefile.in b/src/libcharon/plugins/eap_ttls/Makefile.in
index b563acdda..6f39b8455 100644
--- a/src/libcharon/plugins/eap_ttls/Makefile.in
+++ b/src/libcharon/plugins/eap_ttls/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/eap_ttls
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_ttls/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/eap_ttls/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -786,6 +799,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c
index c99d47f8d..9987c43d4 100644
--- a/src/libcharon/plugins/eap_ttls/eap_ttls.c
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c
@@ -76,7 +76,7 @@ METHOD(eap_method_t, process, status_t,
}
METHOD(eap_method_t, get_type, eap_type_t,
- private_eap_ttls_t *this, u_int32_t *vendor)
+ private_eap_ttls_t *this, uint32_t *vendor)
{
*vendor = 0;
return EAP_TTLS;
@@ -93,14 +93,14 @@ METHOD(eap_method_t, get_msk, status_t,
return FAILED;
}
-METHOD(eap_method_t, get_identifier, u_int8_t,
+METHOD(eap_method_t, get_identifier, uint8_t,
private_eap_ttls_t *this)
{
return this->tls_eap->get_identifier(this->tls_eap);
}
METHOD(eap_method_t, set_identifier, void,
- private_eap_ttls_t *this, u_int8_t identifier)
+ private_eap_ttls_t *this, uint8_t identifier)
{
this->tls_eap->set_identifier(this->tls_eap, identifier);
}
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c
index 47e0f8afb..f75e3e0a6 100644
--- a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c
@@ -58,8 +58,8 @@ METHOD(eap_ttls_avp_t, build, void,
{
char zero_padding[] = { 0x00, 0x00, 0x00 };
chunk_t avp_padding;
- u_int8_t avp_flags;
- u_int32_t avp_len;
+ uint8_t avp_flags;
+ uint32_t avp_len;
avp_flags = 0x40;
avp_len = 8 + data.len;
@@ -81,9 +81,9 @@ METHOD(eap_ttls_avp_t, process, status_t,
if (this->process_header)
{
bio_reader_t *header;
- u_int32_t avp_code;
- u_int8_t avp_flags;
- u_int32_t avp_len;
+ uint32_t avp_code;
+ uint8_t avp_flags;
+ uint32_t avp_len;
bool success;
len = min(reader->remaining(reader), AVP_HEADER_LEN - this->inpos);
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
index e0b59a681..be6a0812e 100644
--- a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
@@ -75,8 +75,8 @@ METHOD(tls_application_t, process, status_t,
eap_packet_t *pkt;
eap_code_t code;
eap_type_t type, received_type;
- u_int32_t vendor, received_vendor;
- u_int16_t eap_len;
+ uint32_t vendor, received_vendor;
+ uint16_t eap_len;
size_t eap_pos = 0;
bool concatenated = FALSE;
@@ -240,7 +240,7 @@ METHOD(tls_application_t, build, status_t,
chunk_t data;
eap_code_t code;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
if (this->method == NULL && this->start_phase2)
{
diff --git a/src/libcharon/plugins/error_notify/Makefile.in b/src/libcharon/plugins/error_notify/Makefile.in
index 03dfe3d60..d3fd2a198 100644
--- a/src/libcharon/plugins/error_notify/Makefile.in
+++ b/src/libcharon/plugins/error_notify/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = error-notify$(EXEEXT)
subdir = src/libcharon/plugins/error_notify
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -211,12 +220,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -266,6 +277,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -300,6 +312,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -411,6 +424,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -473,7 +487,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/error_notify/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/error_notify/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -843,6 +856,8 @@ uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/error_notify/error_notify_listener.c b/src/libcharon/plugins/error_notify/error_notify_listener.c
index ce577c62c..be84ec05b 100644
--- a/src/libcharon/plugins/error_notify/error_notify_listener.c
+++ b/src/libcharon/plugins/error_notify/error_notify_listener.c
@@ -83,6 +83,11 @@ METHOD(listener_t, alert, bool,
snprintf(msg.str, sizeof(msg.str), "parsing IKE message from "
"%#H failed", message->get_source(message));
break;
+ case ALERT_RETRANSMIT_SEND:
+ msg.type = htonl(ERROR_NOTIFY_RETRANSMIT_SEND);
+ snprintf(msg.str, sizeof(msg.str), "IKE message retransmission "
+ "number %u", va_arg(args, u_int));
+ break;
case ALERT_RETRANSMIT_SEND_TIMEOUT:
msg.type = htonl(ERROR_NOTIFY_RETRANSMIT_SEND_TIMEOUT);
snprintf(msg.str, sizeof(msg.str),
diff --git a/src/libcharon/plugins/error_notify/error_notify_msg.h b/src/libcharon/plugins/error_notify/error_notify_msg.h
index c66080276..74b590800 100644
--- a/src/libcharon/plugins/error_notify/error_notify_msg.h
+++ b/src/libcharon/plugins/error_notify/error_notify_msg.h
@@ -48,6 +48,7 @@ enum {
ERROR_NOTIFY_CERT_EXPIRED = 17,
ERROR_NOTIFY_CERT_REVOKED = 18,
ERROR_NOTIFY_NO_ISSUER_CERT = 19,
+ ERROR_NOTIFY_RETRANSMIT_SEND = 20,
};
/**
diff --git a/src/libcharon/plugins/ext_auth/Makefile.in b/src/libcharon/plugins/ext_auth/Makefile.in
index fce2e8e63..c49c55fdb 100644
--- a/src/libcharon/plugins/ext_auth/Makefile.in
+++ b/src/libcharon/plugins/ext_auth/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/ext_auth
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/ext_auth/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/ext_auth/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/farp/Makefile.in b/src/libcharon/plugins/farp/Makefile.in
index 2afc5ad76..4674a78b4 100644
--- a/src/libcharon/plugins/farp/Makefile.in
+++ b/src/libcharon/plugins/farp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/farp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/farp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/farp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/farp/farp_listener.c b/src/libcharon/plugins/farp/farp_listener.c
index 87c84359c..e19fc5972 100644
--- a/src/libcharon/plugins/farp/farp_listener.c
+++ b/src/libcharon/plugins/farp/farp_listener.c
@@ -50,7 +50,7 @@ typedef struct {
/** list of remote selectors */
linked_list_t *remote;
/** reqid of CHILD_SA */
- u_int32_t reqid;
+ uint32_t reqid;
} entry_t;
METHOD(listener_t, child_updown, bool,
diff --git a/src/libcharon/plugins/farp/farp_spoofer.c b/src/libcharon/plugins/farp/farp_spoofer.c
index 9f66d7407..c2715bd5a 100644
--- a/src/libcharon/plugins/farp/farp_spoofer.c
+++ b/src/libcharon/plugins/farp/farp_spoofer.c
@@ -54,15 +54,15 @@ struct private_farp_spoofer_t {
* IP over Ethernet ARP message
*/
typedef struct __attribute__((packed)) {
- u_int16_t hardware_type;
- u_int16_t protocol_type;
- u_int8_t hardware_size;
- u_int8_t protocol_size;
- u_int16_t opcode;
- u_int8_t sender_mac[6];
- u_int8_t sender_ip[4];
- u_int8_t target_mac[6];
- u_int8_t target_ip[4];
+ uint16_t hardware_type;
+ uint16_t protocol_type;
+ uint8_t hardware_size;
+ uint8_t protocol_size;
+ uint16_t opcode;
+ uint8_t sender_mac[6];
+ uint8_t sender_ip[4];
+ uint8_t target_mac[6];
+ uint8_t target_ip[4];
} arp_t;
/**
diff --git a/src/libcharon/plugins/forecast/Makefile.in b/src/libcharon/plugins/forecast/Makefile.in
index 4f2a407b4..d29134f33 100644
--- a/src/libcharon/plugins/forecast/Makefile.in
+++ b/src/libcharon/plugins/forecast/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/forecast
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -464,7 +478,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/forecast/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/forecast/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -779,6 +792,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/forecast/forecast_forwarder.c b/src/libcharon/plugins/forecast/forecast_forwarder.c
index 40aaa7f25..ce3909737 100644
--- a/src/libcharon/plugins/forecast/forecast_forwarder.c
+++ b/src/libcharon/plugins/forecast/forecast_forwarder.c
@@ -55,7 +55,7 @@ struct private_kernel_listener_t {
/**
* current broadcast address of internal network
*/
- u_int32_t broadcast;
+ uint32_t broadcast;
/**
* LAN interface index
@@ -105,7 +105,7 @@ static void send_net(private_forecast_forwarder_t *this,
/**
* Send a broadcast/multicast packet to a peer
*/
-static void send_peer(private_forecast_forwarder_t *this, u_int32_t dst,
+static void send_peer(private_forecast_forwarder_t *this, uint32_t dst,
void *buf, size_t len, int mark)
{
struct sockaddr_in addr = {
@@ -317,7 +317,7 @@ static void join_groups(private_kernel_listener_t *this, struct sockaddr *addr)
/**
* Attach the socket filter to the socket
*/
-static bool attach_filter(int fd, u_int32_t broadcast)
+static bool attach_filter(int fd, uint32_t broadcast)
{
struct sock_filter filter_code[] = {
/* destination address: is ... */
diff --git a/src/libcharon/plugins/forecast/forecast_listener.c b/src/libcharon/plugins/forecast/forecast_listener.c
index 8f7f2600c..3f252db2d 100644
--- a/src/libcharon/plugins/forecast/forecast_listener.c
+++ b/src/libcharon/plugins/forecast/forecast_listener.c
@@ -67,7 +67,7 @@ struct private_forecast_listener_t {
/**
* Broadcast address on LAN interface, network order
*/
- u_int32_t broadcast;
+ uint32_t broadcast;
};
/**
@@ -85,13 +85,13 @@ typedef struct {
/** remote IKE_SA endpoint */
host_t *rhost;
/** inbound SPI */
- u_int32_t spi;
+ uint32_t spi;
/** use UDP encapsulation */
bool encap;
/** whether we should allow reencapsulation of IPsec received forecasts */
bool reinject;
/** broadcast address used for that entry */
- u_int32_t broadcast;
+ uint32_t broadcast;
} entry_t;
/**
@@ -115,7 +115,7 @@ static void entry_destroy(entry_t *entry)
static bool ts2in(traffic_selector_t *ts,
struct in_addr *addr, struct in_addr *mask)
{
- u_int8_t bits;
+ uint8_t bits;
host_t *net;
if (ts->get_type(ts) == TS_IPV4_ADDR_RANGE &&
@@ -179,12 +179,12 @@ static bool manage_rule(struct iptc_handle *ipth, const char *chain,
static bool manage_pre_esp_in_udp(struct iptc_handle *ipth,
entry_t *entry, bool add)
{
- u_int16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
+ uint16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
XT_ALIGN(sizeof(struct xt_udp));
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_mark_tginfo2));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -240,12 +240,12 @@ static bool manage_pre_esp_in_udp(struct iptc_handle *ipth,
*/
static bool manage_pre_esp(struct iptc_handle *ipth, entry_t *entry, bool add)
{
- u_int16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
+ uint16_t match_size = XT_ALIGN(sizeof(struct ipt_entry_match)) +
XT_ALIGN(sizeof(struct xt_esp));
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry)) + match_size;
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_mark_tginfo2));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -306,10 +306,10 @@ static bool manage_pre(struct iptc_handle *ipth, entry_t *entry, bool add)
*/
static bool manage_out(struct iptc_handle *ipth, entry_t *entry, bool add)
{
- u_int16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry));
- u_int16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
+ uint16_t target_offset = XT_ALIGN(sizeof(struct ipt_entry));
+ uint16_t target_size = XT_ALIGN(sizeof(struct ipt_entry_target)) +
XT_ALIGN(sizeof(struct xt_mark_tginfo2));
- u_int16_t entry_size = target_offset + target_size;
+ uint16_t entry_size = target_offset + target_size;
u_char ipt[entry_size], *pos = ipt;
struct ipt_entry *e;
@@ -617,7 +617,7 @@ METHOD(listener_t, ike_update, bool,
* Filter to map entries to ts/mark
*/
static bool ts_filter(entry_t *entry, traffic_selector_t **ts,
- traffic_selector_t **out, void *dummy, u_int32_t *mark,
+ traffic_selector_t **out, void *dummy, uint32_t *mark,
void *dummy2, bool *reinject)
{
*out = *ts;
diff --git a/src/libcharon/plugins/ha/Makefile.in b/src/libcharon/plugins/ha/Makefile.in
index 677c36afe..420b8bdb7 100644
--- a/src/libcharon/plugins/ha/Makefile.in
+++ b/src/libcharon/plugins/ha/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/ha
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -472,7 +486,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/ha/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/ha/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -796,6 +809,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/ha/ha_attribute.c b/src/libcharon/plugins/ha/ha_attribute.c
index 2b271a8e7..b20ef876a 100644
--- a/src/libcharon/plugins/ha/ha_attribute.c
+++ b/src/libcharon/plugins/ha/ha_attribute.c
@@ -83,7 +83,7 @@ static host_t* offset2host(pool_t *pool, int offset)
{
chunk_t addr;
host_t *host;
- u_int32_t *pos;
+ uint32_t *pos;
if (offset > pool->size)
{
@@ -93,11 +93,11 @@ static host_t* offset2host(pool_t *pool, int offset)
addr = chunk_clone(pool->base->get_address(pool->base));
if (pool->base->get_family(pool->base) == AF_INET6)
{
- pos = (u_int32_t*)(addr.ptr + 12);
+ pos = (uint32_t*)(addr.ptr + 12);
}
else
{
- pos = (u_int32_t*)addr.ptr;
+ pos = (uint32_t*)addr.ptr;
}
*pos = htonl(offset + ntohl(*pos));
host = host_create_from_chunk(pool->base->get_family(pool->base), addr, 0);
@@ -111,7 +111,7 @@ static host_t* offset2host(pool_t *pool, int offset)
static int host2offset(pool_t *pool, host_t *addr)
{
chunk_t host, base;
- u_int32_t hosti, basei;
+ uint32_t hosti, basei;
if (addr->get_family(addr) != pool->base->get_family(pool->base))
{
@@ -129,8 +129,8 @@ static int host2offset(pool_t *pool, host_t *addr)
host = chunk_skip(host, 12);
base = chunk_skip(base, 12);
}
- hosti = ntohl(*(u_int32_t*)(host.ptr));
- basei = ntohl(*(u_int32_t*)(base.ptr));
+ hosti = ntohl(*(uint32_t*)(host.ptr));
+ basei = ntohl(*(uint32_t*)(base.ptr));
if (hosti > basei + pool->size)
{
return -1;
diff --git a/src/libcharon/plugins/ha/ha_cache.c b/src/libcharon/plugins/ha/ha_cache.c
index 0650f7fd9..8394eb722 100644
--- a/src/libcharon/plugins/ha/ha_cache.c
+++ b/src/libcharon/plugins/ha/ha_cache.c
@@ -186,11 +186,13 @@ METHOD(ha_cache_t, delete_, void,
{
entry_t *entry;
+ this->mutex->lock(this->mutex);
entry = this->cache->remove(this->cache, ike_sa);
if (entry)
{
entry_destroy(entry);
}
+ this->mutex->unlock(this->mutex);
}
/**
@@ -204,7 +206,7 @@ static status_t rekey_children(ike_sa_t *ike_sa)
linked_list_t *children;
struct {
protocol_id_t protocol;
- u_int32_t spi;
+ uint32_t spi;
} *info;
children = linked_list_create();
diff --git a/src/libcharon/plugins/ha/ha_child.c b/src/libcharon/plugins/ha/ha_child.c
index 7dafb1693..8c9f66aa7 100644
--- a/src/libcharon/plugins/ha/ha_child.c
+++ b/src/libcharon/plugins/ha/ha_child.c
@@ -55,7 +55,7 @@ METHOD(listener_t, child_keys, bool,
ha_message_t *m;
chunk_t secret;
proposal_t *proposal;
- u_int16_t alg, len;
+ uint16_t alg, len;
linked_list_t *local_ts, *remote_ts;
enumerator_t *enumerator;
traffic_selector_t *ts;
@@ -69,7 +69,7 @@ METHOD(listener_t, child_keys, bool,
m = ha_message_create(HA_CHILD_ADD);
m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
- m->add_attribute(m, HA_INITIATOR, (u_int8_t)initiator);
+ m->add_attribute(m, HA_INITIATOR, (uint8_t)initiator);
m->add_attribute(m, HA_INBOUND_SPI, child_sa->get_spi(child_sa, TRUE));
m->add_attribute(m, HA_OUTBOUND_SPI, child_sa->get_spi(child_sa, FALSE));
m->add_attribute(m, HA_INBOUND_CPI, child_sa->get_cpi(child_sa, TRUE));
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index ce90f5bfe..ee66b8442 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -131,8 +131,8 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL, *old_sa = NULL;
ike_version_t version = IKEV2;
- u_int16_t encr = 0, len = 0, integ = 0, prf = 0, old_prf = PRF_UNDEFINED;
- u_int16_t dh_grp = 0;
+ uint16_t encr = 0, len = 0, integ = 0, prf = 0, old_prf = PRF_UNDEFINED;
+ uint16_t dh_grp = 0;
chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty;
chunk_t secret = chunk_empty, old_skd = chunk_empty;
chunk_t dh_local = chunk_empty, dh_remote = chunk_empty, psk = chunk_empty;
@@ -486,7 +486,7 @@ static void process_ike_mid(private_ha_dispatcher_t *this,
ha_message_value_t value;
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL;
- u_int32_t mid = 0;
+ uint32_t mid = 0;
enumerator = message->create_attribute_enumerator(message);
while (enumerator->enumerate(enumerator, &attribute, &value))
@@ -652,11 +652,11 @@ static void process_child_add(private_ha_dispatcher_t *this,
child_sa_t *child_sa;
proposal_t *proposal;
bool initiator = FALSE, failed = FALSE, ok = FALSE;
- u_int32_t inbound_spi = 0, outbound_spi = 0;
- u_int16_t inbound_cpi = 0, outbound_cpi = 0;
- u_int8_t mode = MODE_TUNNEL, ipcomp = 0;
- u_int16_t encr = 0, integ = 0, len = 0, dh_grp = 0;
- u_int16_t esn = NO_EXT_SEQ_NUMBERS;
+ uint32_t inbound_spi = 0, outbound_spi = 0;
+ uint16_t inbound_cpi = 0, outbound_cpi = 0;
+ uint8_t mode = MODE_TUNNEL, ipcomp = 0;
+ uint16_t encr = 0, integ = 0, len = 0, dh_grp = 0;
+ uint16_t esn = NO_EXT_SEQ_NUMBERS;
u_int seg_i, seg_o;
chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty, secret = chunk_empty;
chunk_t encr_i, integ_i, encr_r, integ_r;
@@ -777,7 +777,7 @@ static void process_child_add(private_ha_dispatcher_t *this,
if (ike_sa->get_version(ike_sa) == IKEV1)
{
keymat_v1_t *keymat_v1 = (keymat_v1_t*)ike_sa->get_keymat(ike_sa);
- u_int32_t spi_i, spi_r;
+ uint32_t spi_i, spi_r;
spi_i = initiator ? inbound_spi : outbound_spi;
spi_r = initiator ? outbound_spi : inbound_spi;
@@ -889,7 +889,7 @@ static void process_child_delete(private_ha_dispatcher_t *this,
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL;
child_sa_t *child_sa;
- u_int32_t spi = 0;
+ uint32_t spi = 0;
enumerator = message->create_attribute_enumerator(message);
while (enumerator->enumerate(enumerator, &attribute, &value))
diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c
index 3ffcaee6b..992ccb06c 100644
--- a/src/libcharon/plugins/ha/ha_ike.c
+++ b/src/libcharon/plugins/ha/ha_ike.c
@@ -78,7 +78,7 @@ METHOD(listener_t, ike_keys, bool,
ha_message_t *m;
chunk_t secret;
proposal_t *proposal;
- u_int16_t alg, len;
+ uint16_t alg, len;
if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
@@ -168,7 +168,7 @@ METHOD(listener_t, ike_updown, bool,
{
enumerator_t *enumerator;
peer_cfg_t *peer_cfg;
- u_int32_t extension, condition;
+ uint32_t extension, condition;
host_t *addr;
ike_sa_id_t *id;
identification_t *eap_id;
@@ -349,7 +349,7 @@ METHOD(listener_t, message_hook, bool,
ha_message_t *m;
notify_payload_t *notify;
chunk_t data;
- u_int32_t seq;
+ uint32_t seq;
notify = message->get_notify(message, DPD_R_U_THERE);
if (notify)
diff --git a/src/libcharon/plugins/ha/ha_kernel.c b/src/libcharon/plugins/ha/ha_kernel.c
index bd43dc351..061741eb7 100644
--- a/src/libcharon/plugins/ha/ha_kernel.c
+++ b/src/libcharon/plugins/ha/ha_kernel.c
@@ -15,8 +15,8 @@
#include "ha_kernel.h"
-typedef u_int32_t u32;
-typedef u_int8_t u8;
+typedef uint32_t u32;
+typedef uint8_t u8;
#include <sys/utsname.h>
#include <string.h>
@@ -115,9 +115,9 @@ static jhash_version_t get_jhash_version()
/**
* jhash algorithm of two words, as used in kernel (using 0 as initval)
*/
-static u_int32_t jhash(jhash_version_t version, u_int32_t a, u_int32_t b)
+static uint32_t jhash(jhash_version_t version, uint32_t a, uint32_t b)
{
- u_int32_t c = 0;
+ uint32_t c = 0;
switch (version)
{
@@ -162,7 +162,7 @@ static u_int32_t jhash(jhash_version_t version, u_int32_t a, u_int32_t b)
/**
* Segmentate a calculated hash
*/
-static u_int hash2segment(private_ha_kernel_t *this, u_int64_t hash)
+static u_int hash2segment(private_ha_kernel_t *this, uint64_t hash)
{
return ((hash * this->count) >> 32) + 1;
}
@@ -170,11 +170,11 @@ static u_int hash2segment(private_ha_kernel_t *this, u_int64_t hash)
/**
* Get a host as an integer for hashing
*/
-static u_int32_t host2int(host_t *host)
+static uint32_t host2int(host_t *host)
{
if (host->get_family(host) == AF_INET)
{
- return *(u_int32_t*)host->get_address(host).ptr;
+ return *(uint32_t*)host->get_address(host).ptr;
}
return 0;
}
@@ -183,7 +183,7 @@ METHOD(ha_kernel_t, get_segment, u_int,
private_ha_kernel_t *this, host_t *host)
{
unsigned long hash;
- u_int32_t addr;
+ uint32_t addr;
addr = host2int(host);
hash = jhash(this->version, ntohl(addr), 0);
@@ -192,10 +192,10 @@ METHOD(ha_kernel_t, get_segment, u_int,
}
METHOD(ha_kernel_t, get_segment_spi, u_int,
- private_ha_kernel_t *this, host_t *host, u_int32_t spi)
+ private_ha_kernel_t *this, host_t *host, uint32_t spi)
{
unsigned long hash;
- u_int32_t addr;
+ uint32_t addr;
addr = host2int(host);
hash = jhash(this->version, ntohl(addr), ntohl(spi));
diff --git a/src/libcharon/plugins/ha/ha_kernel.h b/src/libcharon/plugins/ha/ha_kernel.h
index 7b56f1e3a..bd0a3825b 100644
--- a/src/libcharon/plugins/ha/ha_kernel.h
+++ b/src/libcharon/plugins/ha/ha_kernel.h
@@ -45,7 +45,7 @@ struct ha_kernel_t {
* @param spi SPI to include in hash
* @return segment number
*/
- u_int (*get_segment_spi)(ha_kernel_t *this, host_t *host, u_int32_t spi);
+ u_int (*get_segment_spi)(ha_kernel_t *this, host_t *host, uint32_t spi);
/**
* Get the segment an arbitrary integer is in.
diff --git a/src/libcharon/plugins/ha/ha_message.c b/src/libcharon/plugins/ha/ha_message.c
index b40219ce1..42dfaf0e2 100644
--- a/src/libcharon/plugins/ha/ha_message.c
+++ b/src/libcharon/plugins/ha/ha_message.c
@@ -67,10 +67,10 @@ typedef struct ike_sa_id_encoding_t ike_sa_id_encoding_t;
* Encoding if an ike_sa_id_t
*/
struct ike_sa_id_encoding_t {
- u_int8_t ike_version;
- u_int64_t initiator_spi;
- u_int64_t responder_spi;
- u_int8_t initiator;
+ uint8_t ike_version;
+ uint64_t initiator_spi;
+ uint64_t responder_spi;
+ uint8_t initiator;
} __attribute__((packed));
typedef struct identification_encoding_t identification_encoding_t;
@@ -79,8 +79,8 @@ typedef struct identification_encoding_t identification_encoding_t;
* Encoding of a identification_t
*/
struct identification_encoding_t {
- u_int8_t type;
- u_int8_t len;
+ uint8_t type;
+ uint8_t len;
char encoding[];
} __attribute__((packed));
@@ -90,8 +90,8 @@ typedef struct host_encoding_t host_encoding_t;
* encoding of a host_t
*/
struct host_encoding_t {
- u_int16_t port;
- u_int8_t family;
+ uint16_t port;
+ uint8_t family;
char encoding[];
} __attribute__((packed));
@@ -101,11 +101,11 @@ typedef struct ts_encoding_t ts_encoding_t;
* encoding of a traffic_selector_t
*/
struct ts_encoding_t {
- u_int8_t type;
- u_int8_t protocol;
- u_int16_t from_port;
- u_int16_t to_port;
- u_int8_t dynamic;
+ uint8_t type;
+ uint8_t protocol;
+ uint16_t from_port;
+ uint16_t to_port;
+ uint8_t dynamic;
char encoding[];
} __attribute__((packed));
@@ -139,9 +139,9 @@ METHOD(ha_message_t, add_attribute, void,
size_t len;
va_list args;
- check_buf(this, sizeof(u_int8_t));
+ check_buf(this, sizeof(uint8_t));
this->buf.ptr[this->buf.len] = attribute;
- this->buf.len += sizeof(u_int8_t);
+ this->buf.len += sizeof(uint8_t);
va_start(args, attribute);
switch (attribute)
@@ -215,13 +215,13 @@ METHOD(ha_message_t, add_attribute, void,
this->buf.len += len;
break;
}
- /* u_int8_t */
+ /* uint8_t */
case HA_IKE_VERSION:
case HA_INITIATOR:
case HA_IPSEC_MODE:
case HA_IPCOMP:
{
- u_int8_t val;
+ uint8_t val;
val = va_arg(args, u_int);
check_buf(this, sizeof(val));
@@ -229,7 +229,7 @@ METHOD(ha_message_t, add_attribute, void,
this->buf.len += sizeof(val);
break;
}
- /* u_int16_t */
+ /* uint16_t */
case HA_ALG_DH:
case HA_ALG_PRF:
case HA_ALG_OLD_PRF:
@@ -241,26 +241,26 @@ METHOD(ha_message_t, add_attribute, void,
case HA_SEGMENT:
case HA_ESN:
{
- u_int16_t val;
+ uint16_t val;
val = va_arg(args, u_int);
check_buf(this, sizeof(val));
- *(u_int16_t*)(this->buf.ptr + this->buf.len) = htons(val);
+ *(uint16_t*)(this->buf.ptr + this->buf.len) = htons(val);
this->buf.len += sizeof(val);
break;
}
- /** u_int32_t */
+ /** uint32_t */
case HA_CONDITIONS:
case HA_EXTENSIONS:
case HA_INBOUND_SPI:
case HA_OUTBOUND_SPI:
case HA_MID:
{
- u_int32_t val;
+ uint32_t val;
val = va_arg(args, u_int);
check_buf(this, sizeof(val));
- *(u_int32_t*)(this->buf.ptr + this->buf.len) = htonl(val);
+ *(uint32_t*)(this->buf.ptr + this->buf.len) = htonl(val);
this->buf.len += sizeof(val);
break;
}
@@ -277,11 +277,11 @@ METHOD(ha_message_t, add_attribute, void,
chunk_t chunk;
chunk = va_arg(args, chunk_t);
- check_buf(this, chunk.len + sizeof(u_int16_t));
- *(u_int16_t*)(this->buf.ptr + this->buf.len) = htons(chunk.len);
- memcpy(this->buf.ptr + this->buf.len + sizeof(u_int16_t),
+ check_buf(this, chunk.len + sizeof(uint16_t));
+ *(uint16_t*)(this->buf.ptr + this->buf.len) = htons(chunk.len);
+ memcpy(this->buf.ptr + this->buf.len + sizeof(uint16_t),
chunk.ptr, chunk.len);
- this->buf.len += chunk.len + sizeof(u_int16_t);;
+ this->buf.len += chunk.len + sizeof(uint16_t);;
break;
}
/** traffic_selector_t */
@@ -309,7 +309,7 @@ METHOD(ha_message_t, add_attribute, void,
default:
{
DBG1(DBG_CFG, "unable to encode, attribute %d unknown", attribute);
- this->buf.len -= sizeof(u_int8_t);
+ this->buf.len -= sizeof(uint8_t);
break;
}
}
@@ -435,22 +435,22 @@ METHOD(enumerator_t, attribute_enumerate, bool,
this->buf = chunk_skip(this->buf, len + 1);
return TRUE;
}
- /* u_int8_t */
+ /* uint8_t */
case HA_IKE_VERSION:
case HA_INITIATOR:
case HA_IPSEC_MODE:
case HA_IPCOMP:
{
- if (this->buf.len < sizeof(u_int8_t))
+ if (this->buf.len < sizeof(uint8_t))
{
return FALSE;
}
- value->u8 = *(u_int8_t*)this->buf.ptr;
+ value->u8 = *(uint8_t*)this->buf.ptr;
*attr_out = attr;
- this->buf = chunk_skip(this->buf, sizeof(u_int8_t));
+ this->buf = chunk_skip(this->buf, sizeof(uint8_t));
return TRUE;
}
- /** u_int16_t */
+ /** uint16_t */
case HA_ALG_DH:
case HA_ALG_PRF:
case HA_ALG_OLD_PRF:
@@ -462,29 +462,29 @@ METHOD(enumerator_t, attribute_enumerate, bool,
case HA_SEGMENT:
case HA_ESN:
{
- if (this->buf.len < sizeof(u_int16_t))
+ if (this->buf.len < sizeof(uint16_t))
{
return FALSE;
}
- value->u16 = ntohs(*(u_int16_t*)this->buf.ptr);
+ value->u16 = ntohs(*(uint16_t*)this->buf.ptr);
*attr_out = attr;
- this->buf = chunk_skip(this->buf, sizeof(u_int16_t));
+ this->buf = chunk_skip(this->buf, sizeof(uint16_t));
return TRUE;
}
- /** u_int32_t */
+ /** uint32_t */
case HA_CONDITIONS:
case HA_EXTENSIONS:
case HA_INBOUND_SPI:
case HA_OUTBOUND_SPI:
case HA_MID:
{
- if (this->buf.len < sizeof(u_int32_t))
+ if (this->buf.len < sizeof(uint32_t))
{
return FALSE;
}
- value->u32 = ntohl(*(u_int32_t*)this->buf.ptr);
+ value->u32 = ntohl(*(uint32_t*)this->buf.ptr);
*attr_out = attr;
- this->buf = chunk_skip(this->buf, sizeof(u_int32_t));
+ this->buf = chunk_skip(this->buf, sizeof(uint32_t));
return TRUE;
}
/** chunk_t */
@@ -499,12 +499,12 @@ METHOD(enumerator_t, attribute_enumerate, bool,
{
size_t len;
- if (this->buf.len < sizeof(u_int16_t))
+ if (this->buf.len < sizeof(uint16_t))
{
return FALSE;
}
- len = ntohs(*(u_int16_t*)this->buf.ptr);
- this->buf = chunk_skip(this->buf, sizeof(u_int16_t));
+ len = ntohs(*(uint16_t*)this->buf.ptr);
+ this->buf = chunk_skip(this->buf, sizeof(uint16_t));
if (this->buf.len < len)
{
return FALSE;
diff --git a/src/libcharon/plugins/ha/ha_message.h b/src/libcharon/plugins/ha/ha_message.h
index fe1786edf..630c8af8f 100644
--- a/src/libcharon/plugins/ha/ha_message.h
+++ b/src/libcharon/plugins/ha/ha_message.h
@@ -92,9 +92,9 @@ enum ha_message_attribute_t {
HA_REMOTE_ADDR,
/** char*, name of configuration */
HA_CONFIG_NAME,
- /** u_int32_t, bitset of ike_condition_t */
+ /** uint32_t, bitset of ike_condition_t */
HA_CONDITIONS,
- /** u_int32_t, bitset of ike_extension_t */
+ /** uint32_t, bitset of ike_extension_t */
HA_EXTENSIONS,
/** host_t*, local virtual IP */
HA_LOCAL_VIP,
@@ -102,7 +102,7 @@ enum ha_message_attribute_t {
HA_REMOTE_VIP,
/** host_t*, known peer addresses (used for MOBIKE) */
HA_PEER_ADDR,
- /** u_int8_t, initiator of an exchange, TRUE for local */
+ /** uint8_t, initiator of an exchange, TRUE for local */
HA_INITIATOR,
/** chunk_t, initiators nonce */
HA_NONCE_I,
@@ -112,41 +112,41 @@ enum ha_message_attribute_t {
HA_SECRET,
/** chunk_t, SKd of old SA if rekeying */
HA_OLD_SKD,
- /** u_int16_t, pseudo random function */
+ /** uint16_t, pseudo random function */
HA_ALG_PRF,
- /** u_int16_t, old pseudo random function if rekeying */
+ /** uint16_t, old pseudo random function if rekeying */
HA_ALG_OLD_PRF,
- /** u_int16_t, encryption algorithm */
+ /** uint16_t, encryption algorithm */
HA_ALG_ENCR,
- /** u_int16_t, encryption key size in bytes */
+ /** uint16_t, encryption key size in bytes */
HA_ALG_ENCR_LEN,
- /** u_int16_t, integrity protection algorithm */
+ /** uint16_t, integrity protection algorithm */
HA_ALG_INTEG,
- /** u_int16_t, DH group */
+ /** uint16_t, DH group */
HA_ALG_DH,
- /** u_int8_t, IPsec mode, TUNNEL|TRANSPORT|... */
+ /** uint8_t, IPsec mode, TUNNEL|TRANSPORT|... */
HA_IPSEC_MODE,
- /** u_int8_t, IPComp protocol */
+ /** uint8_t, IPComp protocol */
HA_IPCOMP,
- /** u_int32_t, inbound security parameter index */
+ /** uint32_t, inbound security parameter index */
HA_INBOUND_SPI,
- /** u_int32_t, outbound security parameter index */
+ /** uint32_t, outbound security parameter index */
HA_OUTBOUND_SPI,
- /** u_int16_t, inbound security parameter index */
+ /** uint16_t, inbound security parameter index */
HA_INBOUND_CPI,
- /** u_int16_t, outbound security parameter index */
+ /** uint16_t, outbound security parameter index */
HA_OUTBOUND_CPI,
/** traffic_selector_t*, local traffic selector */
HA_LOCAL_TS,
/** traffic_selector_t*, remote traffic selector */
HA_REMOTE_TS,
- /** u_int32_t, message ID */
+ /** uint32_t, message ID */
HA_MID,
- /** u_int16_t, HA segment */
+ /** uint16_t, HA segment */
HA_SEGMENT,
- /** u_int16_t, Extended Sequence numbers */
+ /** uint16_t, Extended Sequence numbers */
HA_ESN,
- /** u_int8_t, IKE version */
+ /** uint8_t, IKE version */
HA_IKE_VERSION,
/** chunk_t, own DH public value */
HA_LOCAL_DH,
@@ -162,9 +162,9 @@ enum ha_message_attribute_t {
* Union to enumerate typed attributes in a message
*/
union ha_message_value_t {
- u_int8_t u8;
- u_int16_t u16;
- u_int32_t u32;
+ uint8_t u8;
+ uint16_t u16;
+ uint32_t u32;
char *str;
chunk_t chunk;
ike_sa_id_t *ike_sa_id;
diff --git a/src/libcharon/plugins/ha/ha_segments.h b/src/libcharon/plugins/ha/ha_segments.h
index 76da38082..31d47e371 100644
--- a/src/libcharon/plugins/ha/ha_segments.h
+++ b/src/libcharon/plugins/ha/ha_segments.h
@@ -25,7 +25,7 @@
typedef struct ha_segments_t ha_segments_t;
-typedef u_int16_t segment_mask_t;
+typedef uint16_t segment_mask_t;
/**
* maximum number of segments
diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c
index dd2399366..a0e514614 100644
--- a/src/libcharon/plugins/ha/ha_tunnel.c
+++ b/src/libcharon/plugins/ha/ha_tunnel.c
@@ -79,7 +79,7 @@ struct private_ha_tunnel_t {
/**
* Reqid of installed trap
*/
- u_int32_t trap;
+ uint32_t trap;
/**
* backend for HA SA
@@ -183,10 +183,22 @@ static void setup_tunnel(private_ha_tunnel_t *this,
auth_cfg_t *auth_cfg;
child_cfg_t *child_cfg;
traffic_selector_t *ts;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = 21600, .rekey = 20400, .jitter = 400,
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_NEVER_SEND,
+ .unique = UNIQUE_KEEP,
+ .rekey_time = 86400, /* 24h */
+ .jitter_time = 7200, /* 2h */
+ .over_time = 3600, /* 1h */
+ .no_mobike = TRUE,
+ .dpd = 30,
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = 21600, .rekey = 20400, .jitter = 400,
+ },
},
+ .mode = MODE_TRANSPORT,
};
/* setup credentials */
@@ -208,9 +220,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
remote, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
- peer_cfg = peer_cfg_create("ha", ike_cfg, CERT_NEVER_SEND,
- UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE,
- TRUE, 30, 0, FALSE, NULL, NULL);
+ peer_cfg = peer_cfg_create("ha", ike_cfg, &peer);
auth_cfg = auth_cfg_create();
auth_cfg->add(auth_cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
@@ -224,9 +234,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
identification_create_from_string(remote));
peer_cfg->add_auth_cfg(peer_cfg, auth_cfg, FALSE);
- child_cfg = child_cfg_create("ha", &lifetime, NULL, TRUE, MODE_TRANSPORT,
- ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
- 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create("ha", &child);
ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_PORT, HA_PORT);
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);
diff --git a/src/libcharon/plugins/ipseckey/Makefile.in b/src/libcharon/plugins/ipseckey/Makefile.in
index 0b7a29194..38a63ea02 100644
--- a/src/libcharon/plugins/ipseckey/Makefile.in
+++ b/src/libcharon/plugins/ipseckey/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/ipseckey
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/ipseckey/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/ipseckey/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/ipseckey/ipseckey.c b/src/libcharon/plugins/ipseckey/ipseckey.c
index ca126d772..5ca1e27bc 100644
--- a/src/libcharon/plugins/ipseckey/ipseckey.c
+++ b/src/libcharon/plugins/ipseckey/ipseckey.c
@@ -34,17 +34,17 @@ struct private_ipseckey_t {
/**
* Precedence
*/
- u_int8_t precedence;
+ uint8_t precedence;
/**
* Gateway type
*/
- u_int8_t gateway_type;
+ uint8_t gateway_type;
/**
* Algorithm
*/
- u_int8_t algorithm;
+ uint8_t algorithm;
/**
* Gateway
@@ -57,7 +57,7 @@ struct private_ipseckey_t {
chunk_t public_key;
};
-METHOD(ipseckey_t, get_precedence, u_int8_t,
+METHOD(ipseckey_t, get_precedence, uint8_t,
private_ipseckey_t *this)
{
return this->precedence;
@@ -102,7 +102,7 @@ ipseckey_t *ipseckey_create_frm_rr(rr_t *rr)
{
private_ipseckey_t *this;
bio_reader_t *reader = NULL;
- u_int8_t label;
+ uint8_t label;
chunk_t tmp;
INIT(this,
diff --git a/src/libcharon/plugins/ipseckey/ipseckey.h b/src/libcharon/plugins/ipseckey/ipseckey.h
index 5885daeee..b19ec8920 100644
--- a/src/libcharon/plugins/ipseckey/ipseckey.h
+++ b/src/libcharon/plugins/ipseckey/ipseckey.h
@@ -85,7 +85,7 @@ struct ipseckey_t {
*
* @return precedence
*/
- u_int8_t (*get_precedence)(ipseckey_t *this);
+ uint8_t (*get_precedence)(ipseckey_t *this);
/**
* Get the type of the gateway.
diff --git a/src/libcharon/plugins/ipseckey/ipseckey_cred.c b/src/libcharon/plugins/ipseckey/ipseckey_cred.c
index 3ff6dd87d..6c041ce26 100644
--- a/src/libcharon/plugins/ipseckey/ipseckey_cred.c
+++ b/src/libcharon/plugins/ipseckey/ipseckey_cred.c
@@ -136,7 +136,7 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
rr_set_t *rrset;
rr_t *rrsig;
bio_reader_t *reader;
- u_int32_t nBefore, nAfter;
+ uint32_t nBefore, nAfter;
chunk_t ignore;
char *fqdn;
diff --git a/src/libcharon/plugins/kernel_iph/Makefile.in b/src/libcharon/plugins/kernel_iph/Makefile.in
index de5bfd517..19e7701c6 100644
--- a/src/libcharon/plugins/kernel_iph/Makefile.in
+++ b/src/libcharon/plugins/kernel_iph/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/kernel_iph
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/kernel_iph/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/kernel_iph/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/kernel_iph/kernel_iph_net.c b/src/libcharon/plugins/kernel_iph/kernel_iph_net.c
index 6a8a96821..efeb98045 100644
--- a/src/libcharon/plugins/kernel_iph/kernel_iph_net.c
+++ b/src/libcharon/plugins/kernel_iph/kernel_iph_net.c
@@ -562,7 +562,8 @@ METHOD(kernel_net_t, get_source_addr, host_t*,
}
METHOD(kernel_net_t, get_nexthop, host_t*,
- private_kernel_iph_net_t *this, host_t *dest, int prefix, host_t *src)
+ private_kernel_iph_net_t *this, host_t *dest, int prefix, host_t *src,
+ char **iface)
{
MIB_IPFORWARD_ROW2 route;
SOCKADDR_INET best, *sai_dst, *sai_src = NULL;
@@ -592,6 +593,10 @@ METHOD(kernel_net_t, get_nexthop, host_t*,
{
if (!nexthop->is_anyaddr(nexthop))
{
+ if (iface)
+ {
+ *iface = NULL;
+ }
return nexthop;
}
nexthop->destroy(nexthop);
@@ -617,7 +622,7 @@ METHOD(kernel_net_t, del_ip, status_t,
* Add or remove a route
*/
static status_t manage_route(private_kernel_iph_net_t *this, bool add,
- chunk_t dst, u_int8_t prefixlen, host_t *gtw, char *name)
+ chunk_t dst, uint8_t prefixlen, host_t *gtw, char *name)
{
MIB_IPFORWARD_ROW2 row = {
.DestinationPrefix = {
@@ -705,14 +710,14 @@ static status_t manage_route(private_kernel_iph_net_t *this, bool add,
}
METHOD(kernel_net_t, add_route, status_t,
- private_kernel_iph_net_t *this, chunk_t dst, u_int8_t prefixlen,
+ private_kernel_iph_net_t *this, chunk_t dst, uint8_t prefixlen,
host_t *gateway, host_t *src, char *name)
{
return manage_route(this, TRUE, dst, prefixlen, gateway, name);
}
METHOD(kernel_net_t, del_route, status_t,
- private_kernel_iph_net_t *this, chunk_t dst, u_int8_t prefixlen,
+ private_kernel_iph_net_t *this, chunk_t dst, uint8_t prefixlen,
host_t *gateway, host_t *src, char *name)
{
return manage_route(this, FALSE, dst, prefixlen, gateway, name);
diff --git a/src/libcharon/plugins/kernel_libipsec/Makefile.in b/src/libcharon/plugins/kernel_libipsec/Makefile.in
index 018a25a62..9bfdb950f 100644
--- a/src/libcharon/plugins/kernel_libipsec/Makefile.in
+++ b/src/libcharon/plugins/kernel_libipsec/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/kernel_libipsec
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -466,7 +480,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/kernel_libipsec/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/kernel_libipsec/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -781,6 +794,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
index 4c8771e96..77e37e249 100644
--- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
+++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
@@ -108,7 +108,7 @@ struct route_entry_t {
/** Destination net */
chunk_t dst_net;
/** Destination net prefixlen */
- u_int8_t prefixlen;
+ uint8_t prefixlen;
/** Reference to exclude route, if any */
exclude_route_t *exclude;
};
@@ -151,15 +151,15 @@ typedef struct policy_entry_t policy_entry_t;
*/
struct policy_entry_t {
/** Direction of this policy: in, out, forward */
- u_int8_t direction;
+ uint8_t direction;
/** Parameters of installed policy */
struct {
/** Subnet and port */
host_t *net;
/** Subnet mask */
- u_int8_t mask;
+ uint8_t mask;
/** Protocol */
- u_int8_t proto;
+ uint8_t proto;
} src, dst;
/** Associated route installed for this policy */
route_entry_t *route;
@@ -222,7 +222,7 @@ static inline bool policy_entry_equals(policy_entry_t *a,
/**
* Expiration callback
*/
-static void expire(u_int8_t protocol, u_int32_t spi, host_t *dst, bool hard)
+static void expire(uint8_t protocol, uint32_t spi, host_t *dst, bool hard)
{
charon->kernel->expire(charon->kernel, protocol, spi, dst, hard);
}
@@ -235,55 +235,51 @@ METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
return ipsec->sas->get_spi(ipsec->sas, src, dst, protocol, spi);
}
METHOD(kernel_ipsec_t, get_cpi, status_t,
private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, add_sa, status_t,
- private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
- return ipsec->sas->add_sa(ipsec->sas, src, dst, spi, protocol, reqid, mark,
- tfc, lifetime, enc_alg, enc_key, int_alg, int_key,
- mode, ipcomp, cpi, initiator, encap, esn,
- inbound, update);
+ return ipsec->sas->add_sa(ipsec->sas, id->src, id->dst, id->spi, id->proto,
+ data->reqid, id->mark, data->tfc, data->lifetime,
+ data->enc_alg, data->enc_key, data->int_alg, data->int_key,
+ data->mode, data->ipcomp, data->cpi, data->initiator,
+ data->encap, data->esn, data->inbound, data->update);
}
METHOD(kernel_ipsec_t, update_sa, status_t,
- private_kernel_libipsec_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
- bool encap, bool new_encap, mark_t mark)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, query_sa, status_t,
- private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark, u_int64_t *bytes,
- u_int64_t *packets, time_t *time)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
- return ipsec->sas->query_sa(ipsec->sas, src, dst, spi, protocol, mark,
- bytes, packets, time);
+ return ipsec->sas->query_sa(ipsec->sas, id->src, id->dst, id->spi,
+ id->proto, id->mark, bytes, packets, time);
}
METHOD(kernel_ipsec_t, del_sa, status_t,
- private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
- return ipsec->sas->del_sa(ipsec->sas, src, dst, spi, protocol, cpi, mark);
+ return ipsec->sas->del_sa(ipsec->sas, id->src, id->dst, id->spi, id->proto,
+ data->cpi, id->mark);
}
METHOD(kernel_ipsec_t, flush_sas, status_t,
@@ -312,7 +308,7 @@ static void add_exclude_route(private_kernel_libipsec_ipsec_t *this,
if (!route->exclude)
{
DBG2(DBG_KNL, "installing new exclude route for %H src %H", dst, src);
- gtw = charon->kernel->get_nexthop(charon->kernel, dst, -1, NULL);
+ gtw = charon->kernel->get_nexthop(charon->kernel, dst, -1, NULL, NULL);
if (gtw)
{
char *if_name = NULL;
@@ -438,7 +434,8 @@ static bool install_route(private_kernel_libipsec_ipsec_t *this,
);
#ifndef __linux__
/* on Linux we cant't install a gateway */
- route->gateway = charon->kernel->get_nexthop(charon->kernel, dst, -1, src);
+ route->gateway = charon->kernel->get_nexthop(charon->kernel, dst, -1, src,
+ NULL);
#endif
if (policy->route)
@@ -509,22 +506,22 @@ static bool install_route(private_kernel_libipsec_ipsec_t *this,
}
METHOD(kernel_ipsec_t, add_policy, status_t,
- private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark,
- policy_priority_t priority)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
policy_entry_t *policy, *found = NULL;
status_t status;
- status = ipsec->policies->add_policy(ipsec->policies, src, dst, src_ts,
- dst_ts, direction, type, sa, mark, priority);
+ status = ipsec->policies->add_policy(ipsec->policies, data->src, data->dst,
+ id->src_ts, id->dst_ts, id->dir,
+ data->type, data->sa, id->mark,
+ data->prio);
if (status != SUCCESS)
{
return status;
}
/* we track policies in order to install routes */
- policy = create_policy_entry(src_ts, dst_ts, direction);
+ policy = create_policy_entry(id->src_ts, id->dst_ts, id->dir);
this->mutex->lock(this->mutex);
if (this->policies->find_first(this->policies,
@@ -540,7 +537,8 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
}
policy->refs++;
- if (!install_route(this, src, dst, src_ts, dst_ts, policy))
+ if (!install_route(this, data->src, data->dst, id->src_ts, id->dst_ts,
+ policy))
{
return FAILED;
}
@@ -548,26 +546,25 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
}
METHOD(kernel_ipsec_t, query_policy, status_t,
- private_kernel_libipsec_ipsec_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, del_policy, status_t,
- private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_kernel_libipsec_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
policy_entry_t *policy, *found = NULL;
status_t status;
- status = ipsec->policies->del_policy(ipsec->policies, src, dst, src_ts,
- dst_ts, direction, type, sa, mark, priority);
+ status = ipsec->policies->del_policy(ipsec->policies, data->src, data->dst,
+ id->src_ts, id->dst_ts, id->dir,
+ data->type, data->sa, id->mark,
+ data->prio);
- policy = create_policy_entry(src_ts, dst_ts, direction);
+ policy = create_policy_entry(id->src_ts, id->dst_ts, id->dir);
this->mutex->lock(this->mutex);
if (this->policies->find_first(this->policies,
@@ -596,8 +593,8 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
route->src_ip, route->if_name) != SUCCESS)
{
DBG1(DBG_KNL, "error uninstalling route installed with "
- "policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ "policy %R === %R %N", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
}
remove_exclude_route(this, route);
}
@@ -641,7 +638,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
}
METHOD(kernel_ipsec_t, enable_udp_decap, bool,
- private_kernel_libipsec_ipsec_t *this, int fd, int family, u_int16_t port)
+ private_kernel_libipsec_ipsec_t *this, int fd, int family, uint16_t port)
{
return NOT_SUPPORTED;
}
diff --git a/src/libcharon/plugins/kernel_netlink/Makefile.am b/src/libcharon/plugins/kernel_netlink/Makefile.am
index 973e2c2f4..41c7304c6 100644
--- a/src/libcharon/plugins/kernel_netlink/Makefile.am
+++ b/src/libcharon/plugins/kernel_netlink/Makefile.am
@@ -20,6 +20,8 @@ libstrongswan_kernel_netlink_la_SOURCES = \
kernel_netlink_net.h kernel_netlink_net.c \
kernel_netlink_shared.h kernel_netlink_shared.c
+libstrongswan_kernel_netlink_la_LIBADD = $(DLLIB)
+
libstrongswan_kernel_netlink_la_LDFLAGS = -module -avoid-version
diff --git a/src/libcharon/plugins/kernel_netlink/Makefile.in b/src/libcharon/plugins/kernel_netlink/Makefile.in
index 55dcabf6f..2435dea92 100644
--- a/src/libcharon/plugins/kernel_netlink/Makefile.in
+++ b/src/libcharon/plugins/kernel_netlink/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ host_triplet = @host@
TESTS = tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libcharon/plugins/kernel_netlink
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -129,7 +138,8 @@ am__uninstall_files_from_dir = { \
}
am__installdirs = "$(DESTDIR)$(plugindir)"
LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
-libstrongswan_kernel_netlink_la_LIBADD =
+am__DEPENDENCIES_1 =
+libstrongswan_kernel_netlink_la_DEPENDENCIES = $(am__DEPENDENCIES_1)
am_libstrongswan_kernel_netlink_la_OBJECTS = kernel_netlink_plugin.lo \
kernel_netlink_ipsec.lo kernel_netlink_net.lo \
kernel_netlink_shared.lo
@@ -241,12 +251,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -296,6 +308,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -330,6 +343,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -441,6 +455,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -487,6 +502,7 @@ libstrongswan_kernel_netlink_la_SOURCES = \
kernel_netlink_net.h kernel_netlink_net.c \
kernel_netlink_shared.h kernel_netlink_shared.c
+libstrongswan_kernel_netlink_la_LIBADD = $(DLLIB)
libstrongswan_kernel_netlink_la_LDFLAGS = -module -avoid-version
tests_SOURCES = \
tests.h tests.c \
@@ -520,7 +536,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/kernel_netlink/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/kernel_netlink/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -1001,6 +1016,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
index 6d9d63a98..9c2a7c315 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -1,11 +1,11 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2008-2016 Andreas Steffen
* Copyright (C) 2006-2007 Fabian Hartmann, Noah Heusser
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -18,6 +18,7 @@
* for more details.
*/
+#define _GNU_SOURCE
#include <sys/types.h>
#include <sys/socket.h>
#include <stdint.h>
@@ -26,11 +27,13 @@
#include <linux/rtnetlink.h>
#include <linux/xfrm.h>
#include <linux/udp.h>
+#include <net/if.h>
#include <unistd.h>
#include <time.h>
#include <errno.h>
#include <string.h>
#include <fcntl.h>
+#include <dlfcn.h>
#include "kernel_netlink_ipsec.h"
#include "kernel_netlink_shared.h"
@@ -38,6 +41,7 @@
#include <daemon.h>
#include <utils/debug.h>
#include <threading/mutex.h>
+#include <threading/condvar.h>
#include <collections/array.h>
#include <collections/hashtable.h>
#include <collections/linked_list.h>
@@ -72,7 +76,7 @@
#endif
/** Base priority for installed policies */
-#define PRIO_BASE 384
+#define PRIO_BASE 100000
/** Default lifetime of an acquire XFRM state (in seconds) */
#define DEFAULT_ACQUIRE_LIFETIME 165
@@ -287,6 +291,11 @@ struct private_kernel_netlink_ipsec_t {
mutex_t *mutex;
/**
+ * Condvar to synchronize access to individual policies
+ */
+ condvar_t *condvar;
+
+ /**
* Hash table of installed policies (policy_entry_t)
*/
hashtable_t *policies;
@@ -326,6 +335,12 @@ struct private_kernel_netlink_ipsec_t {
* Installed port based IKE bypass policies, as bypass_t
*/
array_t *bypass;
+
+ /**
+ * Custom priority calculation function
+ */
+ uint32_t (*get_priority)(kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data);
};
typedef struct route_entry_t route_entry_t;
@@ -347,7 +362,7 @@ struct route_entry_t {
chunk_t dst_net;
/** Destination net prefixlen */
- u_int8_t prefixlen;
+ uint8_t prefixlen;
};
/**
@@ -413,8 +428,9 @@ static bool ipsec_sa_equals(ipsec_sa_t *sa, ipsec_sa_t *other_sa)
{
return sa->src->ip_equals(sa->src, other_sa->src) &&
sa->dst->ip_equals(sa->dst, other_sa->dst) &&
- memeq(&sa->mark, &other_sa->mark, sizeof(mark_t)) &&
- memeq(&sa->cfg, &other_sa->cfg, sizeof(ipsec_sa_cfg_t));
+ sa->mark.value == other_sa->mark.value &&
+ sa->mark.mask == other_sa->mark.mask &&
+ ipsec_sa_cfg_equals(&sa->cfg, &other_sa->cfg);
}
/**
@@ -463,14 +479,17 @@ static void ipsec_sa_destroy(private_kernel_netlink_ipsec_t *this,
}
typedef struct policy_sa_t policy_sa_t;
-typedef struct policy_sa_fwd_t policy_sa_fwd_t;
+typedef struct policy_sa_out_t policy_sa_out_t;
/**
* Mapping between a policy and an IPsec SA.
*/
struct policy_sa_t {
/** Priority assigned to the policy when installed with this SA */
- u_int32_t priority;
+ uint32_t priority;
+
+ /** Automatic priority assigned to the policy when installed with this SA */
+ uint32_t auto_priority;
/** Type of the policy */
policy_type_t type;
@@ -480,10 +499,10 @@ struct policy_sa_t {
};
/**
- * For forward policies we also cache the traffic selectors in order to install
+ * For outbound policies we also cache the traffic selectors in order to install
* the route.
*/
-struct policy_sa_fwd_t {
+struct policy_sa_out_t {
/** Generic interface */
policy_sa_t generic;
@@ -495,7 +514,7 @@ struct policy_sa_fwd_t {
};
/**
- * Create a policy_sa(_fwd)_t object
+ * Create a policy_sa(_in)_t object
*/
static policy_sa_t *policy_sa_create(private_kernel_netlink_ipsec_t *this,
policy_dir_t dir, policy_type_t type, host_t *src, host_t *dst,
@@ -504,14 +523,14 @@ static policy_sa_t *policy_sa_create(private_kernel_netlink_ipsec_t *this,
{
policy_sa_t *policy;
- if (dir == POLICY_FWD)
+ if (dir == POLICY_OUT)
{
- policy_sa_fwd_t *fwd;
- INIT(fwd,
+ policy_sa_out_t *out;
+ INIT(out,
.src_ts = src_ts->clone(src_ts),
.dst_ts = dst_ts->clone(dst_ts),
);
- policy = &fwd->generic;
+ policy = &out->generic;
}
else
{
@@ -523,16 +542,16 @@ static policy_sa_t *policy_sa_create(private_kernel_netlink_ipsec_t *this,
}
/**
- * Destroy a policy_sa(_fwd)_t object
+ * Destroy a policy_sa(_in)_t object
*/
static void policy_sa_destroy(policy_sa_t *policy, policy_dir_t *dir,
private_kernel_netlink_ipsec_t *this)
{
- if (*dir == POLICY_FWD)
+ if (*dir == POLICY_OUT)
{
- policy_sa_fwd_t *fwd = (policy_sa_fwd_t*)policy;
- fwd->src_ts->destroy(fwd->src_ts);
- fwd->dst_ts->destroy(fwd->dst_ts);
+ policy_sa_out_t *out = (policy_sa_out_t*)policy;
+ out->src_ts->destroy(out->src_ts);
+ out->dst_ts->destroy(out->dst_ts);
}
ipsec_sa_destroy(this, policy->sa);
free(policy);
@@ -546,13 +565,13 @@ typedef struct policy_entry_t policy_entry_t;
struct policy_entry_t {
/** Direction of this policy: in, out, forward */
- u_int8_t direction;
+ uint8_t direction;
/** Parameters of installed policy */
struct xfrm_selector sel;
/** Optional mark */
- u_int32_t mark;
+ uint32_t mark;
/** Associated route installed for this policy */
route_entry_t *route;
@@ -561,7 +580,13 @@ struct policy_entry_t {
linked_list_t *used_by;
/** reqid for this policy */
- u_int32_t reqid;
+ uint32_t reqid;
+
+ /** Number of threads waiting to work on this policy */
+ int waiting;
+
+ /** TRUE if a thread is working on this policy */
+ bool working;
};
/**
@@ -604,39 +629,73 @@ static bool policy_equals(policy_entry_t *key, policy_entry_t *other_key)
}
/**
+ * Determine number of set bits in 16 bit port mask
+ */
+static inline uint32_t port_mask_bits(uint16_t port_mask)
+{
+ uint32_t bits;
+ uint16_t bit_mask = 0x8000;
+
+ port_mask = ntohs(port_mask);
+
+ for (bits = 0; bits < 16; bits++)
+ {
+ if (!(port_mask & bit_mask))
+ {
+ break;
+ }
+ bit_mask >>= 1;
+ }
+ return bits;
+}
+
+/**
* Calculate the priority of a policy
+ *
+ * bits 0-0: restriction to network interface (0..1) 1 bit
+ * bits 1-6: src + dst port mask bits (2 * 0..16) 6 bits
+ * bits 7-7: restriction to protocol (0..1) 1 bit
+ * bits 8-16: src + dst network mask bits (2 * 0..128) 9 bits
+ * 17 bits
+ *
+ * smallest value: 000000000 0 000000 0: 0, lowest priority = 100'000
+ * largest value : 100000000 1 100000 1: 65'729, highst priority = 34'271
*/
-static inline u_int32_t get_priority(policy_entry_t *policy,
- policy_priority_t prio)
+static uint32_t get_priority(policy_entry_t *policy, policy_priority_t prio,
+ char *interface)
{
- u_int32_t priority = PRIO_BASE;
+ uint32_t priority = PRIO_BASE, sport_mask_bits, dport_mask_bits;
+
switch (prio)
{
case POLICY_PRIORITY_FALLBACK:
- priority <<= 1;
- /* fall-through */
+ priority += PRIO_BASE;
+ /* fall-through to next case */
case POLICY_PRIORITY_ROUTED:
- priority <<= 1;
- /* fall-through */
+ priority += PRIO_BASE;
+ /* fall-through to next case */
case POLICY_PRIORITY_DEFAULT:
- priority <<= 1;
- /* fall-through */
+ priority += PRIO_BASE;
+ /* fall-through to next case */
case POLICY_PRIORITY_PASS:
break;
}
- /* calculate priority based on selector size, small size = high prio */
- priority -= policy->sel.prefixlen_s;
- priority -= policy->sel.prefixlen_d;
- priority <<= 2; /* make some room for the two flags */
- priority += policy->sel.sport_mask || policy->sel.dport_mask ? 0 : 2;
- priority += policy->sel.proto ? 0 : 1;
+ sport_mask_bits = port_mask_bits(policy->sel.sport_mask);
+ dport_mask_bits = port_mask_bits(policy->sel.dport_mask);
+
+ /* calculate priority */
+ priority -= (policy->sel.prefixlen_s + policy->sel.prefixlen_d) * 256;
+ priority -= policy->sel.proto ? 128 : 0;
+ priority -= (sport_mask_bits + dport_mask_bits) * 2;
+ priority -= (interface != NULL);
+
return priority;
}
/**
* Convert the general ipsec mode to the one defined in xfrm.h
*/
-static u_int8_t mode2kernel(ipsec_mode_t mode)
+static uint8_t mode2kernel(ipsec_mode_t mode)
{
switch (mode)
{
@@ -663,7 +722,7 @@ static void host2xfrm(host_t *host, xfrm_address_t *xfrm)
/**
* Convert a struct xfrm_address to a host_t
*/
-static host_t* xfrm2host(int family, xfrm_address_t *xfrm, u_int16_t port)
+static host_t* xfrm2host(int family, xfrm_address_t *xfrm, uint16_t port)
{
chunk_t chunk;
@@ -685,7 +744,7 @@ static host_t* xfrm2host(int family, xfrm_address_t *xfrm, u_int16_t port)
* Convert a traffic selector address range to subnet and its mask.
*/
static void ts2subnet(traffic_selector_t* ts,
- xfrm_address_t *net, u_int8_t *mask)
+ xfrm_address_t *net, uint8_t *mask)
{
host_t *net_host;
chunk_t net_chunk;
@@ -700,7 +759,7 @@ static void ts2subnet(traffic_selector_t* ts,
* Convert a traffic selector port range to port/portmask
*/
static void ts2ports(traffic_selector_t* ts,
- u_int16_t *port, u_int16_t *mask)
+ uint16_t *port, uint16_t *mask)
{
uint16_t from, to, bitmask;
int bit;
@@ -739,10 +798,11 @@ static void ts2ports(traffic_selector_t* ts,
* Convert a pair of traffic_selectors to an xfrm_selector
*/
static struct xfrm_selector ts2selector(traffic_selector_t *src,
- traffic_selector_t *dst)
+ traffic_selector_t *dst,
+ char *interface)
{
struct xfrm_selector sel;
- u_int16_t port;
+ uint16_t port;
memset(&sel, 0, sizeof(sel));
sel.family = (src->get_type(src) == TS_IPV4_ADDR_RANGE) ? AF_INET : AF_INET6;
@@ -763,7 +823,7 @@ static struct xfrm_selector ts2selector(traffic_selector_t *src,
sel.dport = htons(traffic_selector_icmp_code(port));
sel.dport_mask = sel.dport ? ~0 : 0;
}
- sel.ifindex = 0;
+ sel.ifindex = interface ? if_nametoindex(interface) : 0;
sel.user = 0;
return sel;
@@ -775,8 +835,8 @@ static struct xfrm_selector ts2selector(traffic_selector_t *src,
static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src)
{
u_char *addr;
- u_int8_t prefixlen;
- u_int16_t port = 0;
+ uint8_t prefixlen;
+ uint16_t port = 0;
host_t *host = NULL;
if (src)
@@ -833,7 +893,7 @@ static void process_acquire(private_kernel_netlink_ipsec_t *this,
struct rtattr *rta;
size_t rtasize;
traffic_selector_t *src_ts, *dst_ts;
- u_int32_t reqid = 0;
+ uint32_t reqid = 0;
int proto = 0;
acquire = NLMSG_DATA(hdr);
@@ -878,8 +938,8 @@ static void process_expire(private_kernel_netlink_ipsec_t *this,
struct nlmsghdr *hdr)
{
struct xfrm_user_expire *expire;
- u_int32_t spi;
- u_int8_t protocol;
+ uint32_t spi;
+ uint8_t protocol;
host_t *dst;
expire = NLMSG_DATA(hdr);
@@ -913,7 +973,7 @@ static void process_migrate(private_kernel_netlink_ipsec_t *this,
host_t *local = NULL, *remote = NULL;
host_t *old_src = NULL, *old_dst = NULL;
host_t *new_src = NULL, *new_dst = NULL;
- u_int32_t reqid = 0;
+ uint32_t reqid = 0;
policy_dir_t dir;
policy_id = NLMSG_DATA(hdr);
@@ -981,7 +1041,7 @@ static void process_mapping(private_kernel_netlink_ipsec_t *this,
struct nlmsghdr *hdr)
{
struct xfrm_user_mapping *mapping;
- u_int32_t spi;
+ uint32_t spi;
mapping = NLMSG_DATA(hdr);
spi = mapping->id.spi;
@@ -1033,7 +1093,8 @@ static bool receive_events(private_kernel_netlink_ipsec_t *this, int fd,
/* no data ready, select again */
return TRUE;
default:
- DBG1(DBG_KNL, "unable to receive from xfrm event socket");
+ DBG1(DBG_KNL, "unable to receive from XFRM event socket: %s "
+ "(%d)", strerror(errno), errno);
sleep(1);
return TRUE;
}
@@ -1061,8 +1122,8 @@ static bool receive_events(private_kernel_netlink_ipsec_t *this, int fd,
process_mapping(this, hdr);
break;
default:
- DBG1(DBG_KNL, "received unknown event from xfrm event "
- "socket: %d", hdr->nlmsg_type);
+ DBG1(DBG_KNL, "received unknown event from XFRM event "
+ "socket: %d", hdr->nlmsg_type);
break;
}
hdr = NLMSG_NEXT(hdr, len);
@@ -1080,13 +1141,13 @@ METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
* Get an SPI for a specific protocol from the kernel.
*/
static status_t get_spi_internal(private_kernel_netlink_ipsec_t *this,
- host_t *src, host_t *dst, u_int8_t proto, u_int32_t min, u_int32_t max,
- u_int32_t *spi)
+ host_t *src, host_t *dst, uint8_t proto, uint32_t min, uint32_t max,
+ uint32_t *spi)
{
netlink_buf_t request;
struct nlmsghdr *hdr, *out;
struct xfrm_userspi_info *userspi;
- u_int32_t received_spi = 0;
+ uint32_t received_spi = 0;
size_t len;
memset(&request, 0, sizeof(request));
@@ -1147,7 +1208,7 @@ static status_t get_spi_internal(private_kernel_netlink_ipsec_t *this,
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
if (get_spi_internal(this, src, dst, protocol,
0xc0000000, 0xcFFFFFFF, spi) != SUCCESS)
@@ -1162,9 +1223,9 @@ METHOD(kernel_ipsec_t, get_spi, status_t,
METHOD(kernel_ipsec_t, get_cpi, status_t,
private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
- u_int32_t received_spi = 0;
+ uint32_t received_spi = 0;
if (get_spi_internal(this, src, dst, IPPROTO_COMP,
0x100, 0xEFFF, &received_spi) != SUCCESS)
@@ -1173,13 +1234,24 @@ METHOD(kernel_ipsec_t, get_cpi, status_t,
return FAILED;
}
- *cpi = htons((u_int16_t)ntohl(received_spi));
+ *cpi = htons((uint16_t)ntohl(received_spi));
DBG2(DBG_KNL, "got CPI %.4x", ntohs(*cpi));
return SUCCESS;
}
/**
+ * Format the mark for debug messages
+ */
+static void format_mark(char *buf, int buflen, mark_t mark)
+{
+ if (mark.value)
+ {
+ snprintf(buf, buflen, " (mark %u/0x%08x)", mark.value, mark.mask);
+ }
+}
+
+/**
* Add a XFRM mark to message if required
*/
static bool add_mark(struct nlmsghdr *hdr, int buflen, mark_t mark)
@@ -1200,53 +1272,67 @@ static bool add_mark(struct nlmsghdr *hdr, int buflen, mark_t mark)
}
METHOD(kernel_ipsec_t, add_sa, status_t,
- private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t* src_ts, linked_list_t* dst_ts)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
netlink_buf_t request;
- char *alg_name;
+ char *alg_name, markstr[32] = "";
struct nlmsghdr *hdr;
struct xfrm_usersa_info *sa;
- u_int16_t icv_size = 64;
- ipsec_mode_t original_mode = mode;
+ uint16_t icv_size = 64, ipcomp = data->ipcomp;
+ ipsec_mode_t mode = data->mode, original_mode = data->mode;
traffic_selector_t *first_src_ts, *first_dst_ts;
status_t status = FAILED;
/* if IPComp is used, we install an additional IPComp SA. if the cpi is 0
* we are in the recursive call below */
- if (ipcomp != IPCOMP_NONE && cpi != 0)
+ if (ipcomp != IPCOMP_NONE && data->cpi != 0)
{
lifetime_cfg_t lft = {{0,0,0},{0,0,0},{0,0,0}};
- add_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, reqid, mark,
- tfc, &lft, ENCR_UNDEFINED, chunk_empty, AUTH_UNDEFINED,
- chunk_empty, mode, ipcomp, 0, 0, initiator, FALSE, FALSE,
- inbound, update, src_ts, dst_ts);
+ kernel_ipsec_sa_id_t ipcomp_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = htonl(ntohs(data->cpi)),
+ .proto = IPPROTO_COMP,
+ .mark = id->mark,
+ };
+ kernel_ipsec_add_sa_t ipcomp_sa = {
+ .reqid = data->reqid,
+ .mode = data->mode,
+ .src_ts = data->src_ts,
+ .dst_ts = data->dst_ts,
+ .lifetime = &lft,
+ .enc_alg = ENCR_UNDEFINED,
+ .int_alg = AUTH_UNDEFINED,
+ .tfc = data->tfc,
+ .ipcomp = data->ipcomp,
+ .initiator = data->initiator,
+ .inbound = data->inbound,
+ .update = data->update,
+ };
+ add_sa(this, &ipcomp_id, &ipcomp_sa);
ipcomp = IPCOMP_NONE;
/* use transport mode ESP SA, IPComp uses tunnel mode */
mode = MODE_TRANSPORT;
}
memset(&request, 0, sizeof(request));
+ format_mark(markstr, sizeof(markstr), id->mark);
- DBG2(DBG_KNL, "adding SAD entry with SPI %.8x and reqid {%u} (mark "
- "%u/0x%08x)", ntohl(spi), reqid, mark.value, mark.mask);
+ DBG2(DBG_KNL, "adding SAD entry with SPI %.8x and reqid {%u}%s",
+ ntohl(id->spi), data->reqid, markstr);
hdr = &request.hdr;
hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
- hdr->nlmsg_type = update ? XFRM_MSG_UPDSA : XFRM_MSG_NEWSA;
+ hdr->nlmsg_type = data->update ? XFRM_MSG_UPDSA : XFRM_MSG_NEWSA;
hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_info));
sa = NLMSG_DATA(hdr);
- host2xfrm(src, &sa->saddr);
- host2xfrm(dst, &sa->id.daddr);
- sa->id.spi = spi;
- sa->id.proto = protocol;
- sa->family = src->get_family(src);
+ host2xfrm(id->src, &sa->saddr);
+ host2xfrm(id->dst, &sa->id.daddr);
+ sa->id.spi = id->spi;
+ sa->id.proto = id->proto;
+ sa->family = id->src->get_family(id->src);
sa->mode = mode2kernel(mode);
switch (mode)
{
@@ -1260,10 +1346,13 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
* selector can be installed other traffic would get dropped */
break;
}
- if (src_ts->get_first(src_ts, (void**)&first_src_ts) == SUCCESS &&
- dst_ts->get_first(dst_ts, (void**)&first_dst_ts) == SUCCESS)
+ if (data->src_ts->get_first(data->src_ts,
+ (void**)&first_src_ts) == SUCCESS &&
+ data->dst_ts->get_first(data->dst_ts,
+ (void**)&first_dst_ts) == SUCCESS)
{
- sa->sel = ts2selector(first_src_ts, first_dst_ts);
+ sa->sel = ts2selector(first_src_ts, first_dst_ts,
+ data->interface);
if (!this->proto_port_transport)
{
/* don't install proto/port on SA. This would break
@@ -1279,18 +1368,18 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
break;
}
- sa->reqid = reqid;
- sa->lft.soft_byte_limit = XFRM_LIMIT(lifetime->bytes.rekey);
- sa->lft.hard_byte_limit = XFRM_LIMIT(lifetime->bytes.life);
- sa->lft.soft_packet_limit = XFRM_LIMIT(lifetime->packets.rekey);
- sa->lft.hard_packet_limit = XFRM_LIMIT(lifetime->packets.life);
+ sa->reqid = data->reqid;
+ sa->lft.soft_byte_limit = XFRM_LIMIT(data->lifetime->bytes.rekey);
+ sa->lft.hard_byte_limit = XFRM_LIMIT(data->lifetime->bytes.life);
+ sa->lft.soft_packet_limit = XFRM_LIMIT(data->lifetime->packets.rekey);
+ sa->lft.hard_packet_limit = XFRM_LIMIT(data->lifetime->packets.life);
/* we use lifetimes since added, not since used */
- sa->lft.soft_add_expires_seconds = lifetime->time.rekey;
- sa->lft.hard_add_expires_seconds = lifetime->time.life;
+ sa->lft.soft_add_expires_seconds = data->lifetime->time.rekey;
+ sa->lft.hard_add_expires_seconds = data->lifetime->time.life;
sa->lft.soft_use_expires_seconds = 0;
sa->lft.hard_use_expires_seconds = 0;
- switch (enc_alg)
+ switch (data->enc_alg)
{
case ENCR_UNDEFINED:
/* no encryption */
@@ -1313,71 +1402,73 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
{
struct xfrm_algo_aead *algo;
- alg_name = lookup_algorithm(ENCRYPTION_ALGORITHM, enc_alg);
+ alg_name = lookup_algorithm(ENCRYPTION_ALGORITHM, data->enc_alg);
if (alg_name == NULL)
{
DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
- encryption_algorithm_names, enc_alg);
+ encryption_algorithm_names, data->enc_alg);
goto failed;
}
DBG2(DBG_KNL, " using encryption algorithm %N with key size %d",
- encryption_algorithm_names, enc_alg, enc_key.len * 8);
+ encryption_algorithm_names, data->enc_alg,
+ data->enc_key.len * 8);
algo = netlink_reserve(hdr, sizeof(request), XFRMA_ALG_AEAD,
- sizeof(*algo) + enc_key.len);
+ sizeof(*algo) + data->enc_key.len);
if (!algo)
{
goto failed;
}
- algo->alg_key_len = enc_key.len * 8;
+ algo->alg_key_len = data->enc_key.len * 8;
algo->alg_icv_len = icv_size;
strncpy(algo->alg_name, alg_name, sizeof(algo->alg_name));
algo->alg_name[sizeof(algo->alg_name) - 1] = '\0';
- memcpy(algo->alg_key, enc_key.ptr, enc_key.len);
+ memcpy(algo->alg_key, data->enc_key.ptr, data->enc_key.len);
break;
}
default:
{
struct xfrm_algo *algo;
- alg_name = lookup_algorithm(ENCRYPTION_ALGORITHM, enc_alg);
+ alg_name = lookup_algorithm(ENCRYPTION_ALGORITHM, data->enc_alg);
if (alg_name == NULL)
{
DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
- encryption_algorithm_names, enc_alg);
+ encryption_algorithm_names, data->enc_alg);
goto failed;
}
DBG2(DBG_KNL, " using encryption algorithm %N with key size %d",
- encryption_algorithm_names, enc_alg, enc_key.len * 8);
+ encryption_algorithm_names, data->enc_alg,
+ data->enc_key.len * 8);
algo = netlink_reserve(hdr, sizeof(request), XFRMA_ALG_CRYPT,
- sizeof(*algo) + enc_key.len);
+ sizeof(*algo) + data->enc_key.len);
if (!algo)
{
goto failed;
}
- algo->alg_key_len = enc_key.len * 8;
+ algo->alg_key_len = data->enc_key.len * 8;
strncpy(algo->alg_name, alg_name, sizeof(algo->alg_name));
algo->alg_name[sizeof(algo->alg_name) - 1] = '\0';
- memcpy(algo->alg_key, enc_key.ptr, enc_key.len);
+ memcpy(algo->alg_key, data->enc_key.ptr, data->enc_key.len);
}
}
- if (int_alg != AUTH_UNDEFINED)
+ if (data->int_alg != AUTH_UNDEFINED)
{
u_int trunc_len = 0;
- alg_name = lookup_algorithm(INTEGRITY_ALGORITHM, int_alg);
+ alg_name = lookup_algorithm(INTEGRITY_ALGORITHM, data->int_alg);
if (alg_name == NULL)
{
DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
- integrity_algorithm_names, int_alg);
+ integrity_algorithm_names, data->int_alg);
goto failed;
}
DBG2(DBG_KNL, " using integrity algorithm %N with key size %d",
- integrity_algorithm_names, int_alg, int_key.len * 8);
+ integrity_algorithm_names, data->int_alg, data->int_key.len * 8);
- switch (int_alg)
+ switch (data->int_alg)
{
case AUTH_HMAC_MD5_128:
case AUTH_HMAC_SHA2_256_128:
@@ -1398,31 +1489,31 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
* use specified truncation size supported by newer kernels.
* also use this for untruncated MD5 and SHA1. */
algo = netlink_reserve(hdr, sizeof(request), XFRMA_ALG_AUTH_TRUNC,
- sizeof(*algo) + int_key.len);
+ sizeof(*algo) + data->int_key.len);
if (!algo)
{
goto failed;
}
- algo->alg_key_len = int_key.len * 8;
+ algo->alg_key_len = data->int_key.len * 8;
algo->alg_trunc_len = trunc_len;
strncpy(algo->alg_name, alg_name, sizeof(algo->alg_name));
algo->alg_name[sizeof(algo->alg_name) - 1] = '\0';
- memcpy(algo->alg_key, int_key.ptr, int_key.len);
+ memcpy(algo->alg_key, data->int_key.ptr, data->int_key.len);
}
else
{
struct xfrm_algo* algo;
algo = netlink_reserve(hdr, sizeof(request), XFRMA_ALG_AUTH,
- sizeof(*algo) + int_key.len);
+ sizeof(*algo) + data->int_key.len);
if (!algo)
{
goto failed;
}
- algo->alg_key_len = int_key.len * 8;
+ algo->alg_key_len = data->int_key.len * 8;
strncpy(algo->alg_name, alg_name, sizeof(algo->alg_name));
algo->alg_name[sizeof(algo->alg_name) - 1] = '\0';
- memcpy(algo->alg_key, int_key.ptr, int_key.len);
+ memcpy(algo->alg_key, data->int_key.ptr, data->int_key.len);
}
}
@@ -1451,7 +1542,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
algo->alg_name[sizeof(algo->alg_name) - 1] = '\0';
}
- if (encap)
+ if (data->encap)
{
struct xfrm_encap_tmpl *tmpl;
@@ -1461,8 +1552,8 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
goto failed;
}
tmpl->encap_type = UDP_ENCAP_ESPINUDP;
- tmpl->encap_sport = htons(src->get_port(src));
- tmpl->encap_dport = htons(dst->get_port(dst));
+ tmpl->encap_sport = htons(id->src->get_port(id->src));
+ tmpl->encap_dport = htons(id->dst->get_port(id->dst));
memset(&tmpl->encap_oa, 0, sizeof (xfrm_address_t));
/* encap_oa could probably be derived from the
* traffic selectors [rfc4306, p39]. In the netlink kernel
@@ -1476,14 +1567,14 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
* checks it marks them "checksum ok" so OA isn't needed. */
}
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), id->mark))
{
goto failed;
}
- if (tfc && protocol == IPPROTO_ESP && mode == MODE_TUNNEL)
+ if (data->tfc && id->proto == IPPROTO_ESP && mode == MODE_TUNNEL)
{ /* the kernel supports TFC padding only for tunnel mode ESP SAs */
- u_int32_t *tfcpad;
+ uint32_t *tfcpad;
tfcpad = netlink_reserve(hdr, sizeof(request), XFRMA_TFCPAD,
sizeof(*tfcpad));
@@ -1491,19 +1582,25 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
{
goto failed;
}
- *tfcpad = tfc;
+ *tfcpad = data->tfc;
}
- if (protocol != IPPROTO_COMP)
+ if (id->proto != IPPROTO_COMP)
{
- if (replay_window != 0 && (esn || replay_window > 32))
+ /* generally, we don't need a replay window for outbound SAs, however,
+ * when using ESN the kernel rejects the attribute if it is 0 */
+ if (!data->inbound && data->replay_window)
+ {
+ data->replay_window = data->esn ? 1 : 0;
+ }
+ if (data->replay_window != 0 && (data->esn || data->replay_window > 32))
{
/* for ESN or larger replay windows we need the new
* XFRMA_REPLAY_ESN_VAL attribute to configure a bitmap */
struct xfrm_replay_state_esn *replay;
- u_int32_t bmp_size;
+ uint32_t bmp_size;
- bmp_size = round_up(replay_window, sizeof(u_int32_t) * 8) / 8;
+ bmp_size = round_up(data->replay_window, sizeof(uint32_t) * 8) / 8;
replay = netlink_reserve(hdr, sizeof(request), XFRMA_REPLAY_ESN_VAL,
sizeof(*replay) + bmp_size);
if (!replay)
@@ -1511,11 +1608,12 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
goto failed;
}
/* bmp_len contains number uf __u32's */
- replay->bmp_len = bmp_size / sizeof(u_int32_t);
- replay->replay_window = replay_window;
- DBG2(DBG_KNL, " using replay window of %u packets", replay_window);
+ replay->bmp_len = bmp_size / sizeof(uint32_t);
+ replay->replay_window = data->replay_window;
+ DBG2(DBG_KNL, " using replay window of %u packets",
+ data->replay_window);
- if (esn)
+ if (data->esn)
{
DBG2(DBG_KNL, " using extended sequence numbers (ESN)");
sa->flags |= XFRM_STATE_ESN;
@@ -1523,22 +1621,16 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
}
else
{
- DBG2(DBG_KNL, " using replay window of %u packets", replay_window);
- sa->replay_window = replay_window;
+ DBG2(DBG_KNL, " using replay window of %u packets",
+ data->replay_window);
+ sa->replay_window = data->replay_window;
}
}
if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS)
{
- if (mark.value)
- {
- DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x "
- "(mark %u/0x%08x)", ntohl(spi), mark.value, mark.mask);
- }
- else
- {
- DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x", ntohl(spi));
- }
+ DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x%s", ntohl(id->spi),
+ markstr);
goto failed;
}
@@ -1555,10 +1647,9 @@ failed:
* Allocates into one the replay state structure we get from the kernel.
*/
static void get_replay_state(private_kernel_netlink_ipsec_t *this,
- u_int32_t spi, u_int8_t protocol,
- host_t *dst, mark_t mark,
+ kernel_ipsec_sa_id_t *sa,
struct xfrm_replay_state_esn **replay_esn,
- u_int32_t *replay_esn_len,
+ uint32_t *replay_esn_len,
struct xfrm_replay_state **replay,
struct xfrm_lifetime_cur **lifetime)
{
@@ -1572,7 +1663,7 @@ static void get_replay_state(private_kernel_netlink_ipsec_t *this,
memset(&request, 0, sizeof(request));
DBG2(DBG_KNL, "querying replay state from SAD entry with SPI %.8x",
- ntohl(spi));
+ ntohl(sa->spi));
hdr = &request.hdr;
hdr->nlmsg_flags = NLM_F_REQUEST;
@@ -1582,12 +1673,12 @@ static void get_replay_state(private_kernel_netlink_ipsec_t *this,
aevent_id = NLMSG_DATA(hdr);
aevent_id->flags = XFRM_AE_RVAL;
- host2xfrm(dst, &aevent_id->sa_id.daddr);
- aevent_id->sa_id.spi = spi;
- aevent_id->sa_id.proto = protocol;
- aevent_id->sa_id.family = dst->get_family(dst);
+ host2xfrm(sa->dst, &aevent_id->sa_id.daddr);
+ aevent_id->sa_id.spi = sa->spi;
+ aevent_id->sa_id.proto = sa->proto;
+ aevent_id->sa_id.family = sa->dst->get_family(sa->dst);
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), sa->mark))
{
return;
}
@@ -1608,8 +1699,7 @@ static void get_replay_state(private_kernel_netlink_ipsec_t *this,
{
struct nlmsgerr *err = NLMSG_DATA(hdr);
DBG1(DBG_KNL, "querying replay state from SAD entry "
- "failed: %s (%d)", strerror(-err->error),
- -err->error);
+ "failed: %s (%d)", strerror(-err->error), -err->error);
break;
}
default:
@@ -1657,9 +1747,9 @@ static void get_replay_state(private_kernel_netlink_ipsec_t *this,
}
METHOD(kernel_ipsec_t, query_sa, status_t,
- private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
netlink_buf_t request;
struct nlmsghdr *out = NULL, *hdr;
@@ -1667,11 +1757,13 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
struct xfrm_usersa_info *sa = NULL;
status_t status = FAILED;
size_t len;
+ char markstr[32] = "";
memset(&request, 0, sizeof(request));
+ format_mark(markstr, sizeof(markstr), id->mark);
- DBG2(DBG_KNL, "querying SAD entry with SPI %.8x (mark %u/0x%08x)",
- ntohl(spi), mark.value, mark.mask);
+ DBG2(DBG_KNL, "querying SAD entry with SPI %.8x%s", ntohl(id->spi),
+ markstr);
hdr = &request.hdr;
hdr->nlmsg_flags = NLM_F_REQUEST;
@@ -1679,12 +1771,12 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_id));
sa_id = NLMSG_DATA(hdr);
- host2xfrm(dst, &sa_id->daddr);
- sa_id->spi = spi;
- sa_id->proto = protocol;
- sa_id->family = dst->get_family(dst);
+ host2xfrm(id->dst, &sa_id->daddr);
+ sa_id->spi = id->spi;
+ sa_id->proto = id->proto;
+ sa_id->family = id->dst->get_family(id->dst);
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), id->mark))
{
return FAILED;
}
@@ -1705,19 +1797,9 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
{
struct nlmsgerr *err = NLMSG_DATA(hdr);
- if (mark.value)
- {
- DBG1(DBG_KNL, "querying SAD entry with SPI %.8x "
- "(mark %u/0x%08x) failed: %s (%d)",
- ntohl(spi), mark.value, mark.mask,
- strerror(-err->error), -err->error);
- }
- else
- {
- DBG1(DBG_KNL, "querying SAD entry with SPI %.8x "
- "failed: %s (%d)", ntohl(spi),
- strerror(-err->error), -err->error);
- }
+ DBG1(DBG_KNL, "querying SAD entry with SPI %.8x%s failed: "
+ "%s (%d)", ntohl(id->spi), markstr,
+ strerror(-err->error), -err->error);
break;
}
default:
@@ -1732,7 +1814,8 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
if (sa == NULL)
{
- DBG2(DBG_KNL, "unable to query SAD entry with SPI %.8x", ntohl(spi));
+ DBG2(DBG_KNL, "unable to query SAD entry with SPI %.8x%s",
+ ntohl(id->spi), markstr);
}
else
{
@@ -1758,23 +1841,33 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
}
METHOD(kernel_ipsec_t, del_sa, status_t,
- private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
netlink_buf_t request;
struct nlmsghdr *hdr;
struct xfrm_usersa_id *sa_id;
+ char markstr[32] = "";
/* if IPComp was used, we first delete the additional IPComp SA */
- if (cpi)
- {
- del_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, 0, mark);
+ if (data->cpi)
+ {
+ kernel_ipsec_sa_id_t ipcomp_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = htonl(ntohs(data->cpi)),
+ .proto = IPPROTO_COMP,
+ .mark = id->mark,
+ };
+ kernel_ipsec_del_sa_t ipcomp = {};
+ del_sa(this, &ipcomp_id, &ipcomp);
}
memset(&request, 0, sizeof(request));
+ format_mark(markstr, sizeof(markstr), id->mark);
- DBG2(DBG_KNL, "deleting SAD entry with SPI %.8x (mark %u/0x%08x)",
- ntohl(spi), mark.value, mark.mask);
+ DBG2(DBG_KNL, "deleting SAD entry with SPI %.8x%s", ntohl(id->spi),
+ markstr);
hdr = &request.hdr;
hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
@@ -1782,12 +1875,12 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_id));
sa_id = NLMSG_DATA(hdr);
- host2xfrm(dst, &sa_id->daddr);
- sa_id->spi = spi;
- sa_id->proto = protocol;
- sa_id->family = dst->get_family(dst);
+ host2xfrm(id->dst, &sa_id->daddr);
+ sa_id->spi = id->spi;
+ sa_id->proto = id->proto;
+ sa_id->family = id->dst->get_family(id->dst);
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), id->mark))
{
return FAILED;
}
@@ -1795,30 +1888,21 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
switch (this->socket_xfrm->send_ack(this->socket_xfrm, hdr))
{
case SUCCESS:
- DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x (mark %u/0x%08x)",
- ntohl(spi), mark.value, mark.mask);
+ DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x%s",
+ ntohl(id->spi), markstr);
return SUCCESS;
case NOT_FOUND:
return NOT_FOUND;
default:
- if (mark.value)
- {
- DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x "
- "(mark %u/0x%08x)", ntohl(spi), mark.value, mark.mask);
- }
- else
- {
- DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x",
- ntohl(spi));
- }
+ DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x%s",
+ ntohl(id->spi), markstr);
return FAILED;
}
}
METHOD(kernel_ipsec_t, update_sa, status_t,
- private_kernel_netlink_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
- bool old_encap, bool new_encap, mark_t mark)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
netlink_buf_t request;
struct nlmsghdr *hdr, *out = NULL;
@@ -1831,19 +1915,33 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
struct xfrm_replay_state *replay = NULL;
struct xfrm_replay_state_esn *replay_esn = NULL;
struct xfrm_lifetime_cur *lifetime = NULL;
- u_int32_t replay_esn_len = 0;
+ uint32_t replay_esn_len = 0;
+ kernel_ipsec_del_sa_t del = { 0 };
status_t status = FAILED;
+ char markstr[32] = "";
/* if IPComp is used, we first update the IPComp SA */
- if (cpi)
- {
- update_sa(this, htonl(ntohs(cpi)), IPPROTO_COMP, 0,
- src, dst, new_src, new_dst, FALSE, FALSE, mark);
+ if (data->cpi)
+ {
+ kernel_ipsec_sa_id_t ipcomp_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = htonl(ntohs(data->cpi)),
+ .proto = IPPROTO_COMP,
+ .mark = id->mark,
+ };
+ kernel_ipsec_update_sa_t ipcomp = {
+ .new_src = data->new_src,
+ .new_dst = data->new_dst,
+ };
+ update_sa(this, &ipcomp_id, &ipcomp);
}
memset(&request, 0, sizeof(request));
+ format_mark(markstr, sizeof(markstr), id->mark);
- DBG2(DBG_KNL, "querying SAD entry with SPI %.8x for update", ntohl(spi));
+ DBG2(DBG_KNL, "querying SAD entry with SPI %.8x%s for update",
+ ntohl(id->spi), markstr);
/* query the existing SA first */
hdr = &request.hdr;
@@ -1852,12 +1950,12 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_id));
sa_id = NLMSG_DATA(hdr);
- host2xfrm(dst, &sa_id->daddr);
- sa_id->spi = spi;
- sa_id->proto = protocol;
- sa_id->family = dst->get_family(dst);
+ host2xfrm(id->dst, &sa_id->daddr);
+ sa_id->spi = id->spi;
+ sa_id->proto = id->proto;
+ sa_id->family = id->dst->get_family(id->dst);
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), id->mark))
{
return FAILED;
}
@@ -1892,23 +1990,25 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
}
if (out_sa == NULL)
{
- DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x%s",
+ ntohl(id->spi), markstr);
goto failed;
}
- get_replay_state(this, spi, protocol, dst, mark, &replay_esn,
- &replay_esn_len, &replay, &lifetime);
+ get_replay_state(this, id, &replay_esn, &replay_esn_len, &replay,
+ &lifetime);
/* delete the old SA (without affecting the IPComp SA) */
- if (del_sa(this, src, dst, spi, protocol, 0, mark) != SUCCESS)
+ if (del_sa(this, id, &del) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to delete old SAD entry with SPI %.8x",
- ntohl(spi));
+ DBG1(DBG_KNL, "unable to delete old SAD entry with SPI %.8x%s",
+ ntohl(id->spi), markstr);
goto failed;
}
- DBG2(DBG_KNL, "updating SAD entry with SPI %.8x from %#H..%#H to %#H..%#H",
- ntohl(spi), src, dst, new_src, new_dst);
+ DBG2(DBG_KNL, "updating SAD entry with SPI %.8x%s from %#H..%#H to "
+ "%#H..%#H", ntohl(id->spi), markstr, id->src, id->dst, data->new_src,
+ data->new_dst);
/* copy over the SA from out to request */
hdr = &request.hdr;
hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
@@ -1916,15 +2016,15 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_info));
sa = NLMSG_DATA(hdr);
memcpy(sa, NLMSG_DATA(out), sizeof(struct xfrm_usersa_info));
- sa->family = new_dst->get_family(new_dst);
+ sa->family = data->new_dst->get_family(data->new_dst);
- if (!src->ip_equals(src, new_src))
+ if (!id->src->ip_equals(id->src, data->new_src))
{
- host2xfrm(new_src, &sa->saddr);
+ host2xfrm(data->new_src, &sa->saddr);
}
- if (!dst->ip_equals(dst, new_dst))
+ if (!id->dst->ip_equals(id->dst, data->new_dst))
{
- host2xfrm(new_dst, &sa->id.daddr);
+ host2xfrm(data->new_dst, &sa->id.daddr);
}
rta = XFRM_RTA(out, struct xfrm_usersa_info);
@@ -1932,13 +2032,13 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
while (RTA_OK(rta, rtasize))
{
/* copy all attributes, but not XFRMA_ENCAP if we are disabling it */
- if (rta->rta_type != XFRMA_ENCAP || new_encap)
+ if (rta->rta_type != XFRMA_ENCAP || data->new_encap)
{
if (rta->rta_type == XFRMA_ENCAP)
{ /* update encap tmpl */
tmpl = RTA_DATA(rta);
- tmpl->encap_sport = ntohs(new_src->get_port(new_src));
- tmpl->encap_dport = ntohs(new_dst->get_port(new_dst));
+ tmpl->encap_sport = ntohs(data->new_src->get_port(data->new_src));
+ tmpl->encap_dport = ntohs(data->new_dst->get_port(data->new_dst));
}
netlink_add_attribute(hdr, rta->rta_type,
chunk_create(RTA_DATA(rta), RTA_PAYLOAD(rta)),
@@ -1947,7 +2047,7 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
rta = RTA_NEXT(rta, rtasize);
}
- if (tmpl == NULL && new_encap)
+ if (tmpl == NULL && data->new_encap)
{ /* add tmpl if we are enabling it */
tmpl = netlink_reserve(hdr, sizeof(request), XFRMA_ENCAP, sizeof(*tmpl));
if (!tmpl)
@@ -1955,8 +2055,8 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
goto failed;
}
tmpl->encap_type = UDP_ENCAP_ESPINUDP;
- tmpl->encap_sport = ntohs(new_src->get_port(new_src));
- tmpl->encap_dport = ntohs(new_dst->get_port(new_dst));
+ tmpl->encap_sport = ntohs(data->new_src->get_port(data->new_src));
+ tmpl->encap_dport = ntohs(data->new_dst->get_port(data->new_dst));
memset(&tmpl->encap_oa, 0, sizeof (xfrm_address_t));
}
@@ -1987,7 +2087,7 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
else
{
DBG1(DBG_KNL, "unable to copy replay state from old SAD entry with "
- "SPI %.8x", ntohl(spi));
+ "SPI %.8x%s", ntohl(id->spi), markstr);
}
if (lifetime)
{
@@ -2004,12 +2104,13 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
else
{
DBG1(DBG_KNL, "unable to copy usage stats from old SAD entry with "
- "SPI %.8x", ntohl(spi));
+ "SPI %.8x%s", ntohl(id->spi), markstr);
}
if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x%s",
+ ntohl(id->spi), markstr);
goto failed;
}
@@ -2032,7 +2133,7 @@ METHOD(kernel_ipsec_t, flush_sas, status_t,
struct nlmsghdr *hdr;
struct xfrm_usersa_flush *flush;
struct {
- u_int8_t proto;
+ uint8_t proto;
char *name;
} protos[] = {
{ IPPROTO_AH, "AH" },
@@ -2066,6 +2167,118 @@ METHOD(kernel_ipsec_t, flush_sas, status_t,
}
/**
+ * Unlock the mutex and signal waiting threads
+ */
+static void policy_change_done(private_kernel_netlink_ipsec_t *this,
+ policy_entry_t *policy)
+{
+ policy->working = FALSE;
+ if (policy->waiting)
+ { /* don't need to wake threads waiting for other policies */
+ this->condvar->broadcast(this->condvar);
+ }
+ this->mutex->unlock(this->mutex);
+}
+
+/**
+ * Install a route for the given policy if enabled and required
+ */
+static void install_route(private_kernel_netlink_ipsec_t *this,
+ policy_entry_t *policy, policy_sa_t *mapping, ipsec_sa_t *ipsec)
+{
+ policy_sa_out_t *out = (policy_sa_out_t*)mapping;
+ route_entry_t *route;
+ host_t *iface;
+
+ INIT(route,
+ .prefixlen = policy->sel.prefixlen_d,
+ );
+
+ if (charon->kernel->get_address_by_ts(charon->kernel, out->src_ts,
+ &route->src_ip, NULL) == SUCCESS)
+ {
+ if (!ipsec->dst->is_anyaddr(ipsec->dst))
+ {
+ route->gateway = charon->kernel->get_nexthop(charon->kernel,
+ ipsec->dst, -1, ipsec->src,
+ &route->if_name);
+ }
+ else
+ { /* for shunt policies */
+ iface = xfrm2host(policy->sel.family, &policy->sel.daddr, 0);
+ route->gateway = charon->kernel->get_nexthop(charon->kernel,
+ iface, policy->sel.prefixlen_d,
+ route->src_ip, &route->if_name);
+ iface->destroy(iface);
+ }
+ route->dst_net = chunk_alloc(policy->sel.family == AF_INET ? 4 : 16);
+ memcpy(route->dst_net.ptr, &policy->sel.daddr, route->dst_net.len);
+
+ /* get the interface to install the route for, if we haven't one yet.
+ * If we have a local address, use it. Otherwise (for shunt policies)
+ * use the route's source address. */
+ if (!route->if_name)
+ {
+ iface = ipsec->src;
+ if (iface->is_anyaddr(iface))
+ {
+ iface = route->src_ip;
+ }
+ if (!charon->kernel->get_interface(charon->kernel, iface,
+ &route->if_name))
+ {
+ route_entry_destroy(route);
+ return;
+ }
+ }
+ if (policy->route)
+ {
+ route_entry_t *old = policy->route;
+ if (route_entry_equals(old, route))
+ {
+ route_entry_destroy(route);
+ return;
+ }
+ /* uninstall previously installed route */
+ if (charon->kernel->del_route(charon->kernel, old->dst_net,
+ old->prefixlen, old->gateway,
+ old->src_ip, old->if_name) != SUCCESS)
+ {
+ DBG1(DBG_KNL, "error uninstalling route installed with policy "
+ "%R === %R %N", out->src_ts, out->dst_ts, policy_dir_names,
+ policy->direction);
+ }
+ route_entry_destroy(old);
+ policy->route = NULL;
+ }
+
+ DBG2(DBG_KNL, "installing route: %R via %H src %H dev %s", out->dst_ts,
+ route->gateway, route->src_ip, route->if_name);
+ switch (charon->kernel->add_route(charon->kernel, route->dst_net,
+ route->prefixlen, route->gateway,
+ route->src_ip, route->if_name))
+ {
+ default:
+ DBG1(DBG_KNL, "unable to install source route for %H",
+ route->src_ip);
+ /* FALL */
+ case ALREADY_DONE:
+ /* route exists, do not uninstall */
+ route_entry_destroy(route);
+ break;
+ case SUCCESS:
+ /* cache the installed route */
+ policy->route = route;
+ break;
+ }
+ }
+ else
+ {
+ free(route);
+ }
+}
+
+/**
* Add or update a policy in the kernel.
*
* Note: The mutex has to be locked when entering this function
@@ -2111,11 +2324,11 @@ static status_t add_policy_internal(private_kernel_netlink_ipsec_t *this,
policy_info->lft.soft_use_expires_seconds = 0;
policy_info->lft.hard_use_expires_seconds = 0;
- if (mapping->type == POLICY_IPSEC)
+ if (mapping->type == POLICY_IPSEC && ipsec->cfg.reqid)
{
struct xfrm_user_tmpl *tmpl;
struct {
- u_int8_t proto;
+ uint8_t proto;
bool use;
} protos[] = {
{ IPPROTO_COMP, ipsec->cfg.ipcomp.transform != IPCOMP_NONE },
@@ -2136,7 +2349,7 @@ static status_t add_policy_internal(private_kernel_netlink_ipsec_t *this,
count * sizeof(*tmpl));
if (!tmpl)
{
- this->mutex->unlock(this->mutex);
+ policy_change_done(this, policy);
return FAILED;
}
@@ -2169,7 +2382,7 @@ static status_t add_policy_internal(private_kernel_netlink_ipsec_t *this,
if (!add_mark(hdr, sizeof(request), ipsec->mark))
{
- this->mutex->unlock(this->mutex);
+ policy_change_done(this, policy);
return FAILED;
}
this->mutex->unlock(this->mutex);
@@ -2181,169 +2394,84 @@ static status_t add_policy_internal(private_kernel_netlink_ipsec_t *this,
hdr->nlmsg_type = XFRM_MSG_UPDPOLICY;
status = this->socket_xfrm->send_ack(this->socket_xfrm, hdr);
}
+
+ this->mutex->lock(this->mutex);
if (status != SUCCESS)
{
+ policy_change_done(this, policy);
return FAILED;
}
-
- /* find the policy again */
- this->mutex->lock(this->mutex);
- policy = this->policies->get(this->policies, &clone);
- if (!policy ||
- policy->used_by->find_first(policy->used_by,
- NULL, (void**)&mapping) != SUCCESS)
- { /* policy or mapping is already gone, ignore */
- this->mutex->unlock(this->mutex);
- return SUCCESS;
- }
-
/* install a route, if:
- * - this is a forward policy (to just get one for each child)
- * - we are in tunnel/BEET mode or install a bypass policy
+ * - this is an outbound policy (to just get one for each child)
* - routing is not disabled via strongswan.conf
+ * - the selector is not for a specific protocol/port
+ * - we are in tunnel/BEET mode or install a bypass policy
*/
- if (policy->direction == POLICY_FWD && this->install_routes &&
- (mapping->type != POLICY_IPSEC || ipsec->cfg.mode != MODE_TRANSPORT))
+ if (policy->direction == POLICY_OUT && this->install_routes &&
+ !policy->sel.proto && !policy->sel.dport && !policy->sel.sport)
{
- policy_sa_fwd_t *fwd = (policy_sa_fwd_t*)mapping;
- route_entry_t *route;
- host_t *iface;
-
- INIT(route,
- .prefixlen = policy->sel.prefixlen_s,
- );
-
- if (charon->kernel->get_address_by_ts(charon->kernel, fwd->dst_ts,
- &route->src_ip, NULL) == SUCCESS)
- {
- /* get the nexthop to src (src as we are in POLICY_FWD) */
- if (!ipsec->src->is_anyaddr(ipsec->src))
- {
- route->gateway = charon->kernel->get_nexthop(charon->kernel,
- ipsec->src, -1, ipsec->dst);
- }
- else
- { /* for shunt policies */
- iface = xfrm2host(policy->sel.family, &policy->sel.saddr, 0);
- route->gateway = charon->kernel->get_nexthop(charon->kernel,
- iface, policy->sel.prefixlen_s,
- route->src_ip);
- iface->destroy(iface);
- }
- route->dst_net = chunk_alloc(policy->sel.family == AF_INET ? 4 : 16);
- memcpy(route->dst_net.ptr, &policy->sel.saddr, route->dst_net.len);
-
- /* get the interface to install the route for. If we have a local
- * address, use it. Otherwise (for shunt policies) use the
- * routes source address. */
- iface = ipsec->dst;
- if (iface->is_anyaddr(iface))
- {
- iface = route->src_ip;
- }
- /* install route via outgoing interface */
- if (!charon->kernel->get_interface(charon->kernel, iface,
- &route->if_name))
- {
- this->mutex->unlock(this->mutex);
- route_entry_destroy(route);
- return SUCCESS;
- }
-
- if (policy->route)
- {
- route_entry_t *old = policy->route;
- if (route_entry_equals(old, route))
- {
- this->mutex->unlock(this->mutex);
- route_entry_destroy(route);
- return SUCCESS;
- }
- /* uninstall previously installed route */
- if (charon->kernel->del_route(charon->kernel, old->dst_net,
- old->prefixlen, old->gateway,
- old->src_ip, old->if_name) != SUCCESS)
- {
- DBG1(DBG_KNL, "error uninstalling route installed with "
- "policy %R === %R %N", fwd->src_ts,
- fwd->dst_ts, policy_dir_names,
- policy->direction);
- }
- route_entry_destroy(old);
- policy->route = NULL;
- }
-
- DBG2(DBG_KNL, "installing route: %R via %H src %H dev %s",
- fwd->src_ts, route->gateway, route->src_ip, route->if_name);
- switch (charon->kernel->add_route(charon->kernel, route->dst_net,
- route->prefixlen, route->gateway,
- route->src_ip, route->if_name))
- {
- default:
- DBG1(DBG_KNL, "unable to install source route for %H",
- route->src_ip);
- /* FALL */
- case ALREADY_DONE:
- /* route exists, do not uninstall */
- route_entry_destroy(route);
- break;
- case SUCCESS:
- /* cache the installed route */
- policy->route = route;
- break;
- }
- }
- else
+ if (mapping->type == POLICY_PASS ||
+ (mapping->type == POLICY_IPSEC && ipsec->cfg.mode != MODE_TRANSPORT))
{
- free(route);
+ install_route(this, policy, mapping, ipsec);
}
}
- this->mutex->unlock(this->mutex);
+ policy_change_done(this, policy);
return SUCCESS;
}
METHOD(kernel_ipsec_t, add_policy, status_t,
- private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
policy_entry_t *policy, *current;
policy_sa_t *assigned_sa, *current_sa;
enumerator_t *enumerator;
bool found = FALSE, update = TRUE;
+ char markstr[32] = "";
+ uint32_t cur_priority = 0;
+ int use_count;
/* create a policy */
INIT(policy,
- .sel = ts2selector(src_ts, dst_ts),
- .mark = mark.value & mark.mask,
- .direction = direction,
- .reqid = sa->reqid,
+ .sel = ts2selector(id->src_ts, id->dst_ts, id->interface),
+ .mark = id->mark.value & id->mark.mask,
+ .direction = id->dir,
+ .reqid = data->sa->reqid,
);
+ format_mark(markstr, sizeof(markstr), id->mark);
/* find the policy, which matches EXACTLY */
this->mutex->lock(this->mutex);
current = this->policies->get(this->policies, policy);
if (current)
{
- if (current->reqid && sa->reqid && current->reqid != sa->reqid)
+ if (current->reqid && data->sa->reqid &&
+ current->reqid != data->sa->reqid)
{
- DBG1(DBG_CFG, "unable to install policy %R === %R %N (mark "
- "%u/0x%08x) for reqid %u, the same policy for reqid %u exists",
- src_ts, dst_ts, policy_dir_names, direction,
- mark.value, mark.mask, sa->reqid, current->reqid);
+ DBG1(DBG_CFG, "unable to install policy %R === %R %N%s for reqid "
+ "%u, the same policy for reqid %u exists",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir, markstr,
+ data->sa->reqid, current->reqid);
policy_entry_destroy(this, policy);
this->mutex->unlock(this->mutex);
return INVALID_STATE;
}
/* use existing policy */
- DBG2(DBG_KNL, "policy %R === %R %N (mark %u/0x%08x) "
- "already exists, increasing refcount",
- src_ts, dst_ts, policy_dir_names, direction,
- mark.value, mark.mask);
+ DBG2(DBG_KNL, "policy %R === %R %N%s already exists, increasing "
+ "refcount", id->src_ts, id->dst_ts, policy_dir_names, id->dir,
+ markstr);
policy_entry_destroy(this, policy);
policy = current;
found = TRUE;
+
+ policy->waiting++;
+ while (policy->working)
+ {
+ this->condvar->wait(this->condvar, this->mutex);
+ }
+ policy->waiting--;
+ policy->working = TRUE;
}
else
{ /* use the new one, if we have no such policy */
@@ -2352,28 +2480,52 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
}
/* cache the assigned IPsec SA */
- assigned_sa = policy_sa_create(this, direction, type, src, dst, src_ts,
- dst_ts, mark, sa);
- assigned_sa->priority = get_priority(policy, priority);
+ assigned_sa = policy_sa_create(this, id->dir, data->type, data->src,
+ data->dst, id->src_ts, id->dst_ts, id->mark, data->sa);
+ assigned_sa->auto_priority = get_priority(policy, data->prio, id->interface);
+ assigned_sa->priority = this->get_priority ? this->get_priority(id, data)
+ : data->manual_prio;
+ assigned_sa->priority = assigned_sa->priority ?: assigned_sa->auto_priority;
/* insert the SA according to its priority */
enumerator = policy->used_by->create_enumerator(policy->used_by);
while (enumerator->enumerate(enumerator, (void**)&current_sa))
{
- if (current_sa->priority >= assigned_sa->priority)
+ if (current_sa->priority > assigned_sa->priority)
{
break;
}
- update = FALSE;
+ if (current_sa->priority == assigned_sa->priority)
+ {
+ /* in case of equal manual prios order SAs by automatic priority */
+ if (current_sa->auto_priority > assigned_sa->auto_priority)
+ {
+ break;
+ }
+ /* prefer SAs with a reqid over those without */
+ if (current_sa->auto_priority == assigned_sa->auto_priority &&
+ (!current_sa->sa->cfg.reqid || assigned_sa->sa->cfg.reqid))
+ {
+ break;
+ }
+ }
+ if (update)
+ {
+ cur_priority = current_sa->priority;
+ update = FALSE;
+ }
}
- policy->used_by->insert_before(policy->used_by, enumerator,
- assigned_sa);
+ policy->used_by->insert_before(policy->used_by, enumerator, assigned_sa);
enumerator->destroy(enumerator);
+ use_count = policy->used_by->get_count(policy->used_by);
if (!update)
{ /* we don't update the policy if the priority is lower than that of
* the currently installed one */
- this->mutex->unlock(this->mutex);
+ policy_change_done(this, policy);
+ DBG2(DBG_KNL, "not updating policy %R === %R %N%s [priority %u,"
+ "refcount %d]", id->src_ts, id->dst_ts, policy_dir_names,
+ id->dir, markstr, cur_priority, use_count);
return SUCCESS;
}
@@ -2382,36 +2534,36 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
found = TRUE;
}
- DBG2(DBG_KNL, "%s policy %R === %R %N (mark %u/0x%08x)",
- found ? "updating" : "adding", src_ts, dst_ts,
- policy_dir_names, direction, mark.value, mark.mask);
+ DBG2(DBG_KNL, "%s policy %R === %R %N%s [priority %u, refcount %d]",
+ found ? "updating" : "adding", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir, markstr, assigned_sa->priority, use_count);
if (add_policy_internal(this, policy, assigned_sa, found) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to %s policy %R === %R %N",
- found ? "update" : "add", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG1(DBG_KNL, "unable to %s policy %R === %R %N%s",
+ found ? "update" : "add", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir, markstr);
return FAILED;
}
return SUCCESS;
}
METHOD(kernel_ipsec_t, query_policy, status_t,
- private_kernel_netlink_ipsec_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
netlink_buf_t request;
struct nlmsghdr *out = NULL, *hdr;
struct xfrm_userpolicy_id *policy_id;
struct xfrm_userpolicy_info *policy = NULL;
size_t len;
+ char markstr[32] = "";
memset(&request, 0, sizeof(request));
+ format_mark(markstr, sizeof(markstr), id->mark);
- DBG2(DBG_KNL, "querying policy %R === %R %N (mark %u/0x%08x)",
- src_ts, dst_ts, policy_dir_names, direction,
- mark.value, mark.mask);
+ DBG2(DBG_KNL, "querying policy %R === %R %N%s", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir, markstr);
hdr = &request.hdr;
hdr->nlmsg_flags = NLM_F_REQUEST;
@@ -2419,10 +2571,10 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_userpolicy_id));
policy_id = NLMSG_DATA(hdr);
- policy_id->sel = ts2selector(src_ts, dst_ts);
- policy_id->dir = direction;
+ policy_id->sel = ts2selector(id->src_ts, id->dst_ts, id->interface);
+ policy_id->dir = id->dir;
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), id->mark))
{
return FAILED;
}
@@ -2443,7 +2595,7 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
{
struct nlmsgerr *err = NLMSG_DATA(hdr);
DBG1(DBG_KNL, "querying policy failed: %s (%d)",
- strerror(-err->error), -err->error);
+ strerror(-err->error), -err->error);
break;
}
default:
@@ -2458,8 +2610,8 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
if (policy == NULL)
{
- DBG2(DBG_KNL, "unable to query policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG2(DBG_KNL, "unable to query policy %R === %R %N%s", id->src_ts,
+ id->dst_ts, policy_dir_names, id->dir, markstr);
free(out);
return FAILED;
}
@@ -2479,10 +2631,8 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
}
METHOD(kernel_ipsec_t, del_policy, status_t,
- private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t prio)
+ private_kernel_netlink_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
policy_entry_t *current, policy;
enumerator_t *enumerator;
@@ -2491,78 +2641,94 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
struct nlmsghdr *hdr;
struct xfrm_userpolicy_id *policy_id;
bool is_installed = TRUE;
- u_int32_t priority;
+ uint32_t priority, auto_priority, cur_priority;
ipsec_sa_t assigned_sa = {
- .src = src,
- .dst = dst,
- .mark = mark,
- .cfg = *sa,
+ .src = data->src,
+ .dst = data->dst,
+ .mark = id->mark,
+ .cfg = *data->sa,
};
+ char markstr[32] = "";
+ int use_count;
+ status_t status = SUCCESS;
- DBG2(DBG_KNL, "deleting policy %R === %R %N (mark %u/0x%08x)",
- src_ts, dst_ts, policy_dir_names, direction,
- mark.value, mark.mask);
+ format_mark(markstr, sizeof(markstr), id->mark);
+
+ DBG2(DBG_KNL, "deleting policy %R === %R %N%s", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir, markstr);
/* create a policy */
memset(&policy, 0, sizeof(policy_entry_t));
- policy.sel = ts2selector(src_ts, dst_ts);
- policy.mark = mark.value & mark.mask;
- policy.direction = direction;
+ policy.sel = ts2selector(id->src_ts, id->dst_ts, id->interface);
+ policy.mark = id->mark.value & id->mark.mask;
+ policy.direction = id->dir;
/* find the policy */
this->mutex->lock(this->mutex);
current = this->policies->get(this->policies, &policy);
if (!current)
{
- if (mark.value)
- {
- DBG1(DBG_KNL, "deleting policy %R === %R %N (mark %u/0x%08x) "
- "failed, not found", src_ts, dst_ts, policy_dir_names,
- direction, mark.value, mark.mask);
- }
- else
- {
- DBG1(DBG_KNL, "deleting policy %R === %R %N failed, not found",
- src_ts, dst_ts, policy_dir_names, direction);
- }
+ DBG1(DBG_KNL, "deleting policy %R === %R %N%s failed, not found",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir, markstr);
this->mutex->unlock(this->mutex);
return NOT_FOUND;
}
+ current->waiting++;
+ while (current->working)
+ {
+ this->condvar->wait(this->condvar, this->mutex);
+ }
+ current->working = TRUE;
+ current->waiting--;
/* remove mapping to SA by reqid and priority */
- priority = get_priority(current, prio);
+ auto_priority = get_priority(current, data->prio,id->interface);
+ priority = this->get_priority ? this->get_priority(id, data)
+ : data->manual_prio;
+ priority = priority ?: auto_priority;
+
enumerator = current->used_by->create_enumerator(current->used_by);
while (enumerator->enumerate(enumerator, (void**)&mapping))
{
- if (priority == mapping->priority && type == mapping->type &&
+ if (priority == mapping->priority &&
+ auto_priority == mapping->auto_priority &&
+ data->type == mapping->type &&
ipsec_sa_equals(mapping->sa, &assigned_sa))
{
current->used_by->remove_at(current->used_by, enumerator);
- policy_sa_destroy(mapping, &direction, this);
+ policy_sa_destroy(mapping, &id->dir, this);
break;
}
- is_installed = FALSE;
+ if (is_installed)
+ {
+ cur_priority = mapping->priority;
+ is_installed = FALSE;
+ }
}
enumerator->destroy(enumerator);
- if (current->used_by->get_count(current->used_by) > 0)
+ use_count = current->used_by->get_count(current->used_by);
+ if (use_count > 0)
{ /* policy is used by more SAs, keep in kernel */
DBG2(DBG_KNL, "policy still used by another CHILD_SA, not removed");
if (!is_installed)
{ /* no need to update as the policy was not installed for this SA */
- this->mutex->unlock(this->mutex);
+ policy_change_done(this, current);
+ DBG2(DBG_KNL, "not updating policy %R === %R %N%s [priority %u, "
+ "refcount %d]", id->src_ts, id->dst_ts, policy_dir_names,
+ id->dir, markstr, cur_priority, use_count);
return SUCCESS;
}
+ current->used_by->get_first(current->used_by, (void**)&mapping);
- DBG2(DBG_KNL, "updating policy %R === %R %N (mark %u/0x%08x)",
- src_ts, dst_ts, policy_dir_names, direction,
- mark.value, mark.mask);
+ DBG2(DBG_KNL, "updating policy %R === %R %N%s [priority %u, "
+ "refcount %d]", id->src_ts, id->dst_ts, policy_dir_names, id->dir,
+ markstr, mapping->priority, use_count);
- current->used_by->get_first(current->used_by, (void**)&mapping);
if (add_policy_internal(this, current, mapping, TRUE) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to update policy %R === %R %N",
- src_ts, dst_ts, policy_dir_names, direction);
+ DBG1(DBG_KNL, "unable to update policy %R === %R %N%s",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir, markstr);
return FAILED;
}
return SUCCESS;
@@ -2577,11 +2743,11 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
policy_id = NLMSG_DATA(hdr);
policy_id->sel = current->sel;
- policy_id->dir = direction;
+ policy_id->dir = id->dir;
- if (!add_mark(hdr, sizeof(request), mark))
+ if (!add_mark(hdr, sizeof(request), id->mark))
{
- this->mutex->unlock(this->mutex);
+ policy_change_done(this, current);
return FAILED;
}
@@ -2592,32 +2758,32 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
route->prefixlen, route->gateway,
route->src_ip, route->if_name) != SUCCESS)
{
- DBG1(DBG_KNL, "error uninstalling route installed with "
- "policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG1(DBG_KNL, "error uninstalling route installed with policy "
+ "%R === %R %N%s", id->src_ts, id->dst_ts, policy_dir_names,
+ id->dir, markstr);
}
}
-
- this->policies->remove(this->policies, current);
- policy_entry_destroy(this, current);
this->mutex->unlock(this->mutex);
if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS)
{
- if (mark.value)
- {
- DBG1(DBG_KNL, "unable to delete policy %R === %R %N "
- "(mark %u/0x%08x)", src_ts, dst_ts, policy_dir_names,
- direction, mark.value, mark.mask);
- }
- else
- {
- DBG1(DBG_KNL, "unable to delete policy %R === %R %N",
- src_ts, dst_ts, policy_dir_names, direction);
- }
- return FAILED;
+ DBG1(DBG_KNL, "unable to delete policy %R === %R %N%s", id->src_ts,
+ id->dst_ts, policy_dir_names, id->dir, markstr);
+ status = FAILED;
}
- return SUCCESS;
+
+ this->mutex->lock(this->mutex);
+ if (!current->waiting)
+ { /* only if no other thread still needs the policy */
+ this->policies->remove(this->policies, current);
+ policy_entry_destroy(this, current);
+ this->mutex->unlock(this->mutex);
+ }
+ else
+ {
+ policy_change_done(this, current);
+ }
+ return status;
}
METHOD(kernel_ipsec_t, flush_policies, status_t,
@@ -2676,15 +2842,15 @@ static bool add_socket_bypass(private_kernel_netlink_ipsec_t *this,
policy.dir = XFRM_POLICY_OUT;
if (setsockopt(fd, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
{
- DBG1(DBG_KNL, "unable to set IPSEC_POLICY on socket: %s",
- strerror(errno));
+ DBG1(DBG_KNL, "unable to set IPSEC_POLICY on socket: %s (%d)",
+ strerror(errno), errno);
return FALSE;
}
policy.dir = XFRM_POLICY_IN;
if (setsockopt(fd, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
{
- DBG1(DBG_KNL, "unable to set IPSEC_POLICY on socket: %s",
- strerror(errno));
+ DBG1(DBG_KNL, "unable to set IPSEC_POLICY on socket: %s (%d)",
+ strerror(errno), errno);
return FALSE;
}
return TRUE;
@@ -2699,7 +2865,7 @@ typedef struct {
/** layer 4 protocol */
int proto;
/** port number, network order */
- u_int16_t port;
+ uint16_t port;
} bypass_t;
/**
@@ -2839,7 +3005,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
}
METHOD(kernel_ipsec_t, enable_udp_decap, bool,
- private_kernel_netlink_ipsec_t *this, int fd, int family, u_int16_t port)
+ private_kernel_netlink_ipsec_t *this, int fd, int family, uint16_t port)
{
int type = UDP_ENCAP_ESPINUDP;
@@ -2873,6 +3039,7 @@ METHOD(kernel_ipsec_t, destroy, void,
enumerator->destroy(enumerator);
this->policies->destroy(this->policies);
this->sas->destroy(this->sas);
+ this->condvar->destroy(this->condvar);
this->mutex->destroy(this->mutex);
free(this);
}
@@ -2912,6 +3079,9 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
(hashtable_equals_t)ipsec_sa_equals, 32),
.bypass = array_create(sizeof(bypass_t), 0),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .condvar = condvar_create(CONDVAR_TYPE_DEFAULT),
+ .get_priority = dlsym(RTLD_DEFAULT,
+ "kernel_netlink_get_priority_custom"),
.policy_update = lib->settings->get_bool(lib->settings,
"%s.plugins.kernel-netlink.policy_update", FALSE, lib->ns),
.install_routes = lib->settings->get_bool(lib->settings,
@@ -2955,7 +3125,8 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
this->socket_xfrm_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_XFRM);
if (this->socket_xfrm_events <= 0)
{
- DBG1(DBG_KNL, "unable to create XFRM event socket");
+ DBG1(DBG_KNL, "unable to create XFRM event socket: %s (%d)",
+ strerror(errno), errno);
destroy(this);
return NULL;
}
@@ -2963,7 +3134,8 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
XFRMNLGRP(MIGRATE) | XFRMNLGRP(MAPPING);
if (bind(this->socket_xfrm_events, (struct sockaddr*)&addr, sizeof(addr)))
{
- DBG1(DBG_KNL, "unable to bind XFRM event socket");
+ DBG1(DBG_KNL, "unable to bind XFRM event socket: %s (%d)",
+ strerror(errno), errno);
destroy(this);
return NULL;
}
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
index f4394a14f..93c2ccccb 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2008-2014 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -278,7 +278,7 @@ struct route_entry_t {
chunk_t dst_net;
/** Destination net prefixlen */
- u_int8_t prefixlen;
+ uint8_t prefixlen;
};
/**
@@ -513,12 +513,12 @@ struct private_kernel_netlink_net_t {
/**
* MTU to set on installed routes
*/
- u_int32_t mtu;
+ uint32_t mtu;
/**
* MSS to set on installed routes
*/
- u_int32_t mss;
+ uint32_t mss;
};
/**
@@ -526,7 +526,7 @@ struct private_kernel_netlink_net_t {
*/
static status_t manage_srcroute(private_kernel_netlink_net_t *this,
int nlmsg_type, int flags, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway,
+ uint8_t prefixlen, host_t *gateway,
host_t *src_ip, char *if_name);
/**
@@ -1217,7 +1217,7 @@ static void process_route(private_kernel_netlink_net_t *this, struct nlmsghdr *h
struct rtmsg* msg = NLMSG_DATA(hdr);
struct rtattr *rta = RTM_RTA(msg);
size_t rtasize = RTM_PAYLOAD(hdr);
- u_int32_t rta_oif = 0;
+ uint32_t rta_oif = 0;
host_t *host = NULL;
/* ignore routes added by us or in the local routing table (local addrs) */
@@ -1243,7 +1243,7 @@ static void process_route(private_kernel_netlink_net_t *this, struct nlmsghdr *h
case RTA_OIF:
if (RTA_PAYLOAD(rta) == sizeof(rta_oif))
{
- rta_oif = *(u_int32_t*)RTA_DATA(rta);
+ rta_oif = *(uint32_t*)RTA_DATA(rta);
}
break;
}
@@ -1297,7 +1297,8 @@ static bool receive_events(private_kernel_netlink_net_t *this, int fd,
/* no data ready, select again */
return TRUE;
default:
- DBG1(DBG_KNL, "unable to receive from rt event socket");
+ DBG1(DBG_KNL, "unable to receive from RT event socket %s (%d)",
+ strerror(errno), errno);
sleep(1);
return TRUE;
}
@@ -1501,6 +1502,32 @@ static int get_interface_index(private_kernel_netlink_net_t *this, char* name)
}
/**
+ * get the name of an interface by index (allocated)
+ */
+static char *get_interface_name_by_index(private_kernel_netlink_net_t *this,
+ int index)
+{
+ iface_entry_t *iface;
+ char *name = NULL;
+
+ DBG2(DBG_KNL, "getting iface name for index %d", index);
+
+ this->lock->read_lock(this->lock);
+ if (this->ifaces->find_first(this->ifaces, (void*)iface_entry_by_index,
+ (void**)&iface, &index) == SUCCESS)
+ {
+ name = strdup(iface->ifname);
+ }
+ this->lock->unlock(this->lock);
+
+ if (!name)
+ {
+ DBG1(DBG_KNL, "unable to get interface name for %d", index);
+ }
+ return name;
+}
+
+/**
* check if an address or net (addr with prefix net bits) is in
* subnet (net with net_len net bits)
*/
@@ -1545,10 +1572,10 @@ typedef struct {
chunk_t src;
chunk_t dst;
host_t *src_host;
- u_int8_t dst_len;
- u_int32_t table;
- u_int32_t oif;
- u_int32_t priority;
+ uint8_t dst_len;
+ uint32_t table;
+ uint32_t oif;
+ uint32_t priority;
} rt_entry_t;
/**
@@ -1630,20 +1657,20 @@ static rt_entry_t *parse_route(struct nlmsghdr *hdr, rt_entry_t *route)
case RTA_OIF:
if (RTA_PAYLOAD(rta) == sizeof(route->oif))
{
- route->oif = *(u_int32_t*)RTA_DATA(rta);
+ route->oif = *(uint32_t*)RTA_DATA(rta);
}
break;
case RTA_PRIORITY:
if (RTA_PAYLOAD(rta) == sizeof(route->priority))
{
- route->priority = *(u_int32_t*)RTA_DATA(rta);
+ route->priority = *(uint32_t*)RTA_DATA(rta);
}
break;
#ifdef HAVE_RTA_TABLE
case RTA_TABLE:
if (RTA_PAYLOAD(rta) == sizeof(route->table))
{
- route->table = *(u_int32_t*)RTA_DATA(rta);
+ route->table = *(uint32_t*)RTA_DATA(rta);
}
break;
#endif /* HAVE_RTA_TABLE*/
@@ -1658,7 +1685,7 @@ static rt_entry_t *parse_route(struct nlmsghdr *hdr, rt_entry_t *route)
*/
static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest,
int prefix, bool nexthop, host_t *candidate,
- u_int recursion)
+ char **iface, u_int recursion)
{
netlink_buf_t request;
struct nlmsghdr *hdr, *out, *current;
@@ -1774,16 +1801,16 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest,
}
route->src_host = src;
}
- /* insert route, sorted by priority and network prefix */
+ /* insert route, sorted by network prefix and priority */
enumerator = routes->create_enumerator(routes);
while (enumerator->enumerate(enumerator, &other))
{
- if (route->priority < other->priority)
+ if (route->dst_len > other->dst_len)
{
break;
}
- if (route->priority == other->priority &&
- route->dst_len > other->dst_len)
+ if (route->dst_len == other->dst_len &&
+ route->priority < other->priority)
{
break;
}
@@ -1860,7 +1887,7 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest,
if (gtw && !gtw->ip_equals(gtw, dest))
{
route->src_host = get_route(this, gtw, -1, FALSE, candidate,
- recursion + 1);
+ iface, recursion + 1);
}
DESTROY_IF(gtw);
if (route->src_host)
@@ -1878,10 +1905,18 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest,
enumerator->destroy(enumerator);
if (nexthop)
- { /* nexthop lookup, return gateway if any */
+ { /* nexthop lookup, return gateway and oif if any */
+ if (iface)
+ {
+ *iface = NULL;
+ }
if (best || routes->get_first(routes, (void**)&best) == SUCCESS)
{
addr = host_create_from_chunk(msg->rtm_family, best->gtw, 0);
+ if (iface && route->oif)
+ {
+ *iface = get_interface_name_by_index(this, route->oif);
+ }
}
if (!addr && !match_net)
{ /* fallback to destination address */
@@ -1901,8 +1936,16 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest,
if (addr)
{
- DBG2(DBG_KNL, "using %H as %s to reach %H/%d", addr,
- nexthop ? "nexthop" : "address", dest, prefix);
+ if (nexthop && iface && *iface)
+ {
+ DBG2(DBG_KNL, "using %H as nexthop and %s as dev to reach %H/%d",
+ addr, *iface, dest, prefix);
+ }
+ else
+ {
+ DBG2(DBG_KNL, "using %H as %s to reach %H/%d", addr,
+ nexthop ? "nexthop" : "address", dest, prefix);
+ }
}
else if (!recursion)
{
@@ -1915,13 +1958,14 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest,
METHOD(kernel_net_t, get_source_addr, host_t*,
private_kernel_netlink_net_t *this, host_t *dest, host_t *src)
{
- return get_route(this, dest, -1, FALSE, src, 0);
+ return get_route(this, dest, -1, FALSE, src, NULL, 0);
}
METHOD(kernel_net_t, get_nexthop, host_t*,
- private_kernel_netlink_net_t *this, host_t *dest, int prefix, host_t *src)
+ private_kernel_netlink_net_t *this, host_t *dest, int prefix, host_t *src,
+ char **iface)
{
- return get_route(this, dest, prefix, TRUE, src, 0);
+ return get_route(this, dest, prefix, TRUE, src, iface, 0);
}
/**
@@ -2144,7 +2188,7 @@ METHOD(kernel_net_t, del_ip, status_t,
*/
static status_t manage_srcroute(private_kernel_netlink_net_t *this,
int nlmsg_type, int flags, chunk_t dst_net,
- u_int8_t prefixlen, host_t *gateway,
+ uint8_t prefixlen, host_t *gateway,
host_t *src_ip, char *if_name)
{
netlink_buf_t request;
@@ -2160,7 +2204,7 @@ static status_t manage_srcroute(private_kernel_netlink_net_t *this,
if (this->routing_table == 0 && prefixlen == 0)
{
chunk_t half_net;
- u_int8_t half_prefixlen;
+ uint8_t half_prefixlen;
status_t status;
half_net = chunk_alloca(dst_net.len);
@@ -2206,22 +2250,22 @@ static status_t manage_srcroute(private_kernel_netlink_net_t *this,
if (this->mtu || this->mss)
{
chunk = chunk_alloca(RTA_LENGTH((sizeof(struct rtattr) +
- sizeof(u_int32_t)) * 2));
+ sizeof(uint32_t)) * 2));
chunk.len = 0;
rta = (struct rtattr*)chunk.ptr;
if (this->mtu)
{
rta->rta_type = RTAX_MTU;
- rta->rta_len = RTA_LENGTH(sizeof(u_int32_t));
- memcpy(RTA_DATA(rta), &this->mtu, sizeof(u_int32_t));
+ rta->rta_len = RTA_LENGTH(sizeof(uint32_t));
+ memcpy(RTA_DATA(rta), &this->mtu, sizeof(uint32_t));
chunk.len = rta->rta_len;
}
if (this->mss)
{
rta = (struct rtattr*)(chunk.ptr + RTA_ALIGN(chunk.len));
rta->rta_type = RTAX_ADVMSS;
- rta->rta_len = RTA_LENGTH(sizeof(u_int32_t));
- memcpy(RTA_DATA(rta), &this->mss, sizeof(u_int32_t));
+ rta->rta_len = RTA_LENGTH(sizeof(uint32_t));
+ memcpy(RTA_DATA(rta), &this->mss, sizeof(uint32_t));
chunk.len = RTA_ALIGN(chunk.len) + rta->rta_len;
}
netlink_add_attribute(hdr, RTA_METRICS, chunk, sizeof(request));
@@ -2231,7 +2275,7 @@ static status_t manage_srcroute(private_kernel_netlink_net_t *this,
}
METHOD(kernel_net_t, add_route, status_t,
- private_kernel_netlink_net_t *this, chunk_t dst_net, u_int8_t prefixlen,
+ private_kernel_netlink_net_t *this, chunk_t dst_net, uint8_t prefixlen,
host_t *gateway, host_t *src_ip, char *if_name)
{
status_t status;
@@ -2262,7 +2306,7 @@ METHOD(kernel_net_t, add_route, status_t,
}
METHOD(kernel_net_t, del_route, status_t,
- private_kernel_netlink_net_t *this, chunk_t dst_net, u_int8_t prefixlen,
+ private_kernel_netlink_net_t *this, chunk_t dst_net, uint8_t prefixlen,
host_t *gateway, host_t *src_ip, char *if_name)
{
status_t status;
@@ -2384,7 +2428,7 @@ static status_t init_address_list(private_kernel_netlink_net_t *this)
* create or delete a rule to use our routing table
*/
static status_t manage_rule(private_kernel_netlink_net_t *this, int nlmsg_type,
- int family, u_int32_t table, u_int32_t prio)
+ int family, uint32_t table, uint32_t prio)
{
netlink_buf_t request;
struct nlmsghdr *hdr;
@@ -2644,7 +2688,8 @@ kernel_netlink_net_t *kernel_netlink_net_create()
this->socket_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
if (this->socket_events < 0)
{
- DBG1(DBG_KNL, "unable to create RT event socket");
+ DBG1(DBG_KNL, "unable to create RT event socket: %s (%d)",
+ strerror(errno), errno);
destroy(this);
return NULL;
}
@@ -2652,7 +2697,8 @@ kernel_netlink_net_t *kernel_netlink_net_create()
RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE | RTMGRP_LINK;
if (bind(this->socket_events, (struct sockaddr*)&addr, sizeof(addr)))
{
- DBG1(DBG_KNL, "unable to bind RT event socket");
+ DBG1(DBG_KNL, "unable to bind RT event socket: %s (%d)",
+ strerror(errno), errno);
destroy(this);
return NULL;
}
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
index f7ce992a3..7165b655b 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
@@ -309,7 +309,7 @@ static status_t send_once(private_netlink_socket_t *this, struct nlmsghdr *in,
while (!entry->complete)
{
if (this->parallel &&
- lib->watcher->get_state(lib->watcher) == WATCHER_RUNNING)
+ lib->watcher->get_state(lib->watcher) != WATCHER_STOPPED)
{
if (this->timeout)
{
@@ -594,13 +594,15 @@ netlink_socket_t *netlink_socket_create(int protocol, enum_name_t *names,
}
if (this->socket == -1)
{
- DBG1(DBG_KNL, "unable to create netlink socket");
+ DBG1(DBG_KNL, "unable to create netlink socket: %s (%d)",
+ strerror(errno), errno);
destroy(this);
return NULL;
}
if (bind(this->socket, (struct sockaddr*)&addr, sizeof(addr)))
{
- DBG1(DBG_KNL, "unable to bind netlink socket");
+ DBG1(DBG_KNL, "unable to bind netlink socket: %s (%d)",
+ strerror(errno), errno);
destroy(this);
return NULL;
}
diff --git a/src/libcharon/plugins/kernel_pfkey/Makefile.in b/src/libcharon/plugins/kernel_pfkey/Makefile.in
index f2876a272..8866f13d4 100644
--- a/src/libcharon/plugins/kernel_pfkey/Makefile.in
+++ b/src/libcharon/plugins/kernel_pfkey/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/kernel_pfkey
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/kernel_pfkey/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/kernel_pfkey/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index d505f1c33..1b22ea549 100644
--- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2008-2015 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2008 Andreas Steffen
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -141,17 +141,17 @@
#define SOL_UDP IPPROTO_UDP
#endif
-/** base priority for installed policies */
-#define PRIO_BASE 384
+/** Base priority for installed policies */
+#define PRIO_BASE 100000
#ifdef __APPLE__
/** from xnu/bsd/net/pfkeyv2.h */
#define SADB_X_EXT_NATT 0x002
struct sadb_sa_2 {
struct sadb_sa sa;
- u_int16_t sadb_sa_natt_port;
- u_int16_t sadb_reserved0;
- u_int32_t sadb_reserved1;
+ uint16_t sadb_sa_natt_port;
+ uint16_t sadb_reserved0;
+ uint32_t sadb_reserved1;
};
#endif
@@ -286,7 +286,7 @@ struct route_entry_t {
chunk_t dst_net;
/** destination net prefixlen */
- u_int8_t prefixlen;
+ uint8_t prefixlen;
/** reference to exclude route, if any */
exclude_route_t *exclude;
@@ -352,7 +352,7 @@ static bool ipsec_sa_equals(ipsec_sa_t *sa, ipsec_sa_t *other_sa)
{
return sa->src->ip_equals(sa->src, other_sa->src) &&
sa->dst->ip_equals(sa->dst, other_sa->dst) &&
- memeq(&sa->cfg, &other_sa->cfg, sizeof(ipsec_sa_cfg_t));
+ ipsec_sa_cfg_equals(&sa->cfg, &other_sa->cfg);
}
/**
@@ -400,14 +400,17 @@ static void ipsec_sa_destroy(private_kernel_pfkey_ipsec_t *this,
}
typedef struct policy_sa_t policy_sa_t;
-typedef struct policy_sa_in_t policy_sa_in_t;
+typedef struct policy_sa_out_t policy_sa_out_t;
/**
* Mapping between a policy and an IPsec SA.
*/
struct policy_sa_t {
/** Priority assigned to the policy when installed with this SA */
- u_int32_t priority;
+ uint32_t priority;
+
+ /** Base priority assigned to the policy when installed with this SA */
+ uint32_t auto_priority;
/** Type of the policy */
policy_type_t type;
@@ -417,10 +420,10 @@ struct policy_sa_t {
};
/**
- * For input policies we also cache the traffic selectors in order to install
+ * For outbound policies we also cache the traffic selectors in order to install
* the route.
*/
-struct policy_sa_in_t {
+struct policy_sa_out_t {
/** Generic interface */
policy_sa_t generic;
@@ -440,14 +443,14 @@ static policy_sa_t *policy_sa_create(private_kernel_pfkey_ipsec_t *this,
{
policy_sa_t *policy;
- if (dir == POLICY_IN)
+ if (dir == POLICY_OUT)
{
- policy_sa_in_t *in;
- INIT(in,
+ policy_sa_out_t *out;
+ INIT(out,
.src_ts = src_ts->clone(src_ts),
.dst_ts = dst_ts->clone(dst_ts),
);
- policy = &in->generic;
+ policy = &out->generic;
}
else
{
@@ -464,11 +467,11 @@ static policy_sa_t *policy_sa_create(private_kernel_pfkey_ipsec_t *this,
static void policy_sa_destroy(policy_sa_t *policy, policy_dir_t *dir,
private_kernel_pfkey_ipsec_t *this)
{
- if (*dir == POLICY_IN)
+ if (*dir == POLICY_OUT)
{
- policy_sa_in_t *in = (policy_sa_in_t*)policy;
- in->src_ts->destroy(in->src_ts);
- in->dst_ts->destroy(in->dst_ts);
+ policy_sa_out_t *out = (policy_sa_out_t*)policy;
+ out->src_ts->destroy(out->src_ts);
+ out->dst_ts->destroy(out->dst_ts);
}
ipsec_sa_destroy(this, policy->sa);
free(policy);
@@ -481,19 +484,19 @@ typedef struct policy_entry_t policy_entry_t;
*/
struct policy_entry_t {
/** Index assigned by the kernel */
- u_int32_t index;
+ uint32_t index;
/** Direction of this policy: in, out, forward */
- u_int8_t direction;
+ uint8_t direction;
/** Parameters of installed policy */
struct {
/** Subnet and port */
host_t *net;
/** Subnet mask */
- u_int8_t mask;
+ uint8_t mask;
/** Protocol */
- u_int8_t proto;
+ uint8_t proto;
} src, dst;
/** Associated route installed for this policy */
@@ -514,8 +517,8 @@ static policy_entry_t *create_policy_entry(traffic_selector_t *src_ts,
INIT(policy,
.direction = dir,
);
- u_int16_t port;
- u_int8_t proto;
+ uint16_t port;
+ uint8_t proto;
src_ts->to_subnet(src_ts, &policy->src.net, &policy->src.mask);
dst_ts->to_subnet(dst_ts, &policy->dst.net, &policy->dst.mask);
@@ -583,40 +586,51 @@ static inline bool policy_entry_equals(policy_entry_t *current,
* compare the given kernel index with that of a policy
*/
static inline bool policy_entry_match_byindex(policy_entry_t *current,
- u_int32_t *index)
+ uint32_t *index)
{
return current->index == *index;
}
/**
* Calculate the priority of a policy
+ *
+ * This is the same formula we use in the kernel-netlink interface, but some
+ * features are currently not or only partially supported by PF_KEY.
+ *
+ * bits 0-0: reserved for interface restriction (0..1) 1 bit
+ * bits 1-6: src + dst port mask bits (2 * 0..16) 6 bits
+ * bits 7-7: restriction to protocol (0..1) 1 bit
+ * bits 8-16: src + dst network mask bits (2 * 0..128) 9 bits
+ * 17 bits
+ *
+ * smallest value: 000000000 0 000000 0: 0, lowest priority = 100'000
+ * largest value : 100000000 1 100000 0: 65'728, highst priority = 34'272
*/
-static inline u_int32_t get_priority(policy_entry_t *policy,
+static inline uint32_t get_priority(policy_entry_t *policy,
policy_priority_t prio)
{
- u_int32_t priority = PRIO_BASE;
+ uint32_t priority = PRIO_BASE;
+
switch (prio)
{
case POLICY_PRIORITY_FALLBACK:
- priority <<= 1;
+ priority += PRIO_BASE;
/* fall-through */
case POLICY_PRIORITY_ROUTED:
- priority <<= 1;
+ priority += PRIO_BASE;
/* fall-through */
case POLICY_PRIORITY_DEFAULT:
- priority <<= 1;
- /* fall-trough */
+ priority += PRIO_BASE;
+ /* fall-through */
case POLICY_PRIORITY_PASS:
break;
}
- /* calculate priority based on selector size, small size = high prio */
- priority -= policy->src.mask;
- priority -= policy->dst.mask;
- priority <<= 2; /* make some room for the two flags */
- priority += policy->src.net->get_port(policy->src.net) ||
- policy->dst.net->get_port(policy->dst.net) ?
- 0 : 2;
- priority += policy->src.proto != IPSEC_PROTO_ANY ? 0 : 1;
+
+ /* calculate priority */
+ priority -= (policy->src.mask + policy->dst.mask) * 256;
+ priority -= policy->src.proto != IPSEC_PROTO_ANY ? 128 : 0;
+ priority -= policy->src.net->get_port(policy->src.net) ? 32 : 0;
+ priority -= policy->dst.net->get_port(policy->dst.net) ? 32 : 0;
return priority;
}
@@ -697,7 +711,7 @@ ENUM(sadb_ext_type_names, SADB_EXT_RESERVED, SADB_EXT_MAX,
/**
* convert a protocol identifier to the PF_KEY sa type
*/
-static u_int8_t proto2satype(u_int8_t proto)
+static uint8_t proto2satype(uint8_t proto)
{
switch (proto)
{
@@ -715,7 +729,7 @@ static u_int8_t proto2satype(u_int8_t proto)
/**
* convert a PF_KEY sa type to a protocol identifier
*/
-static u_int8_t satype2proto(u_int8_t satype)
+static uint8_t satype2proto(uint8_t satype)
{
switch (satype)
{
@@ -733,7 +747,7 @@ static u_int8_t satype2proto(u_int8_t satype)
/**
* convert the general ipsec mode to the one defined in ipsec.h
*/
-static u_int8_t mode2kernel(ipsec_mode_t mode)
+static uint8_t mode2kernel(ipsec_mode_t mode)
{
switch (mode)
{
@@ -753,7 +767,7 @@ static u_int8_t mode2kernel(ipsec_mode_t mode)
/**
* convert the general policy direction to the one defined in ipsec.h
*/
-static u_int8_t dir2kernel(policy_dir_t dir)
+static uint8_t dir2kernel(policy_dir_t dir)
{
switch (dir)
{
@@ -773,7 +787,7 @@ static u_int8_t dir2kernel(policy_dir_t dir)
/**
* convert the policy type to the one defined in ipsec.h
*/
-static inline u_int16_t type2kernel(policy_type_t type)
+static inline uint16_t type2kernel(policy_type_t type)
{
switch (type)
{
@@ -791,7 +805,7 @@ static inline u_int16_t type2kernel(policy_type_t type)
/**
* convert the policy direction in ipsec.h to the general one.
*/
-static policy_dir_t kernel2dir(u_int8_t dir)
+static policy_dir_t kernel2dir(uint8_t dir)
{
switch (dir)
{
@@ -898,7 +912,7 @@ static kernel_algorithm_t compression_algs[] = {
static int lookup_algorithm(transform_type_t type, int ikev2)
{
kernel_algorithm_t *list;
- u_int16_t alg = 0;
+ uint16_t alg = 0;
switch (type)
{
@@ -929,7 +943,7 @@ static int lookup_algorithm(transform_type_t type, int ikev2)
/**
* Helper to set a port in a sockaddr_t, the port has to be in host order
*/
-static void set_port(sockaddr_t *addr, u_int16_t port)
+static void set_port(sockaddr_t *addr, uint16_t port)
{
switch (addr->sa_family)
{
@@ -971,8 +985,8 @@ static size_t hostcpy(void *dest, host_t *host, bool include_port)
/**
* add a host to the given sadb_msg
*/
-static void add_addr_ext(struct sadb_msg *msg, host_t *host, u_int16_t type,
- u_int8_t proto, u_int8_t prefixlen, bool include_port)
+static void add_addr_ext(struct sadb_msg *msg, host_t *host, uint16_t type,
+ uint8_t proto, uint8_t prefixlen, bool include_port)
{
struct sadb_address *addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
size_t len;
@@ -988,7 +1002,7 @@ static void add_addr_ext(struct sadb_msg *msg, host_t *host, u_int16_t type,
/**
* adds an empty address extension to the given sadb_msg
*/
-static void add_anyaddr_ext(struct sadb_msg *msg, int family, u_int8_t type)
+static void add_anyaddr_ext(struct sadb_msg *msg, int family, uint8_t type)
{
socklen_t len = (family == AF_INET) ? sizeof(struct sockaddr_in) :
sizeof(struct sockaddr_in6);
@@ -1039,7 +1053,7 @@ static traffic_selector_t* sadb_address2ts(struct sadb_address *address)
{
traffic_selector_t *ts;
host_t *host;
- u_int8_t proto;
+ uint8_t proto;
proto = address->sadb_address_proto;
proto = proto == IPSEC_PROTO_ANY ? 0 : proto;
@@ -1240,7 +1254,7 @@ static void process_acquire(private_kernel_pfkey_ipsec_t *this,
struct sadb_msg* msg)
{
pfkey_msg_t response;
- u_int32_t index, reqid = 0;
+ uint32_t index, reqid = 0;
traffic_selector_t *src_ts, *dst_ts;
policy_entry_t *policy;
policy_sa_t *sa;
@@ -1292,8 +1306,8 @@ static void process_expire(private_kernel_pfkey_ipsec_t *this,
struct sadb_msg* msg)
{
pfkey_msg_t response;
- u_int8_t protocol;
- u_int32_t spi;
+ uint8_t protocol;
+ uint32_t spi;
host_t *dst;
bool hard;
@@ -1330,7 +1344,7 @@ static void process_migrate(private_kernel_pfkey_ipsec_t *this,
pfkey_msg_t response;
traffic_selector_t *src_ts, *dst_ts;
policy_dir_t dir;
- u_int32_t reqid = 0;
+ uint32_t reqid = 0;
host_t *local = NULL, *remote = NULL;
DBG2(DBG_KNL, "received an SADB_X_MIGRATE");
@@ -1350,13 +1364,13 @@ static void process_migrate(private_kernel_pfkey_ipsec_t *this,
if (response.x_kmaddress)
{
sockaddr_t *local_addr, *remote_addr;
- u_int32_t local_len;
+ uint32_t local_len;
local_addr = (sockaddr_t*)&response.x_kmaddress[1];
local = host_create_from_sockaddr(local_addr);
local_len = (local_addr->sa_family == AF_INET6)?
sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in);
- remote_addr = (sockaddr_t*)((u_int8_t*)local_addr + local_len);
+ remote_addr = (sockaddr_t*)((uint8_t*)local_addr + local_len);
remote = host_create_from_sockaddr(remote_addr);
DBG2(DBG_KNL, " kmaddress: %H...%H", local, remote);
}
@@ -1384,7 +1398,7 @@ static void process_mapping(private_kernel_pfkey_ipsec_t *this,
struct sadb_msg* msg)
{
pfkey_msg_t response;
- u_int32_t spi;
+ uint32_t spi;
sockaddr_t *sa;
host_t *dst, *new;
@@ -1517,14 +1531,14 @@ static bool receive_events(private_kernel_pfkey_ipsec_t *this, int fd,
*/
static status_t get_spi_internal(private_kernel_pfkey_ipsec_t *this,
- host_t *src, host_t *dst, u_int8_t proto, u_int32_t min, u_int32_t max,
- u_int32_t *spi)
+ host_t *src, host_t *dst, uint8_t proto, uint32_t min, uint32_t max,
+ uint32_t *spi)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_spirange *range;
pfkey_msg_t response;
- u_int32_t received_spi = 0;
+ uint32_t received_spi = 0;
size_t len;
memset(&request, 0, sizeof(request));
@@ -1570,7 +1584,7 @@ static status_t get_spi_internal(private_kernel_pfkey_ipsec_t *this,
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
if (get_spi_internal(this, src, dst, protocol,
0xc0000000, 0xcFFFFFFF, spi) != SUCCESS)
@@ -1585,9 +1599,9 @@ METHOD(kernel_ipsec_t, get_spi, status_t,
METHOD(kernel_ipsec_t, get_cpi, status_t,
private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
- u_int32_t received_spi = 0;
+ uint32_t received_spi = 0;
DBG2(DBG_KNL, "getting CPI");
@@ -1598,20 +1612,15 @@ METHOD(kernel_ipsec_t, get_cpi, status_t,
return FAILED;
}
- *cpi = htons((u_int16_t)ntohl(received_spi));
+ *cpi = htons((uint16_t)ntohl(received_spi));
DBG2(DBG_KNL, "got CPI %.4x", ntohs(*cpi));
return SUCCESS;
}
METHOD(kernel_ipsec_t, add_sa, status_t,
- private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst, u_int32_t spi,
- u_int8_t protocol, u_int32_t reqid, mark_t mark, u_int32_t tfc,
- lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -1620,22 +1629,42 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
struct sadb_lifetime *lft;
struct sadb_key *key;
size_t len;
+ uint16_t ipcomp = data->ipcomp;
+ ipsec_mode_t mode = data->mode;
/* if IPComp is used, we install an additional IPComp SA. if the cpi is 0
* we are in the recursive call below */
- if (ipcomp != IPCOMP_NONE && cpi != 0)
+ if (ipcomp != IPCOMP_NONE && data->cpi != 0)
{
lifetime_cfg_t lft = {{0,0,0},{0,0,0},{0,0,0}};
- add_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, reqid, mark,
- tfc, &lft, ENCR_UNDEFINED, chunk_empty, AUTH_UNDEFINED,
- chunk_empty, mode, ipcomp, 0, 0, FALSE, FALSE, FALSE, inbound,
- update, NULL, NULL);
+ kernel_ipsec_sa_id_t ipcomp_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = htonl(ntohs(data->cpi)),
+ .proto = IPPROTO_COMP,
+ .mark = id->mark,
+ };
+ kernel_ipsec_add_sa_t ipcomp_sa = {
+ .reqid = data->reqid,
+ .mode = data->mode,
+ .src_ts = data->src_ts,
+ .dst_ts = data->dst_ts,
+ .lifetime = &lft,
+ .enc_alg = ENCR_UNDEFINED,
+ .int_alg = AUTH_UNDEFINED,
+ .tfc = data->tfc,
+ .ipcomp = data->ipcomp,
+ .initiator = data->initiator,
+ .inbound = data->inbound,
+ .update = data->update,
+ };
+ add_sa(this, &ipcomp_id, &ipcomp_sa);
ipcomp = IPCOMP_NONE;
/* use transport mode ESP SA, IPComp uses tunnel mode */
mode = MODE_TRANSPORT;
}
- if (update)
+ if (data->update)
{
/* As we didn't know the reqid during SPI allocation, we used reqid
* zero. Unfortunately we can't SADB_UPDATE to the new reqid, hence we
@@ -1643,10 +1672,16 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
* selector does not count for that, therefore we have to delete
* that state before installing the new SA to avoid deleting the
* the new state after installing it. */
- mark_t zeromark = {0, 0};
-
- if (this->public.interface.del_sa(&this->public.interface,
- src, dst, spi, protocol, 0, zeromark) != SUCCESS)
+ kernel_ipsec_sa_id_t del_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = id->spi,
+ .proto = id->proto,
+ };
+ kernel_ipsec_del_sa_t del = { 0 };
+
+ if (this->public.interface.del_sa(&this->public.interface, &del_id,
+ &del) != SUCCESS)
{
DBG1(DBG_KNL, "deleting SPI allocation SA failed");
}
@@ -1655,20 +1690,20 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
memset(&request, 0, sizeof(request));
DBG2(DBG_KNL, "adding SAD entry with SPI %.8x and reqid {%u}",
- ntohl(spi), reqid);
+ ntohl(id->spi), data->reqid);
msg = (struct sadb_msg*)request;
msg->sadb_msg_version = PF_KEY_V2;
msg->sadb_msg_type = SADB_ADD;
- msg->sadb_msg_satype = proto2satype(protocol);
+ msg->sadb_msg_satype = proto2satype(id->proto);
msg->sadb_msg_len = PFKEY_LEN(sizeof(struct sadb_msg));
#ifdef __APPLE__
- if (encap)
+ if (data->encap)
{
struct sadb_sa_2 *sa_2;
sa_2 = (struct sadb_sa_2*)PFKEY_EXT_ADD_NEXT(msg);
- sa_2->sadb_sa_natt_port = dst->get_port(dst);
+ sa_2->sadb_sa_natt_port = id->dst->get_port(id->dst);
sa = &sa_2->sa;
sa->sadb_sa_flags |= SADB_X_EXT_NATT;
len = sizeof(struct sadb_sa_2);
@@ -1681,22 +1716,29 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
}
sa->sadb_sa_exttype = SADB_EXT_SA;
sa->sadb_sa_len = PFKEY_LEN(len);
- sa->sadb_sa_spi = spi;
- if (protocol == IPPROTO_COMP)
+ sa->sadb_sa_spi = id->spi;
+ if (id->proto == IPPROTO_COMP)
{
- sa->sadb_sa_encrypt = lookup_algorithm(COMPRESSION_ALGORITHM, ipcomp);
+ sa->sadb_sa_encrypt = lookup_algorithm(COMPRESSION_ALGORITHM,
+ ipcomp);
}
else
{
/* Linux interprets sadb_sa_replay as number of packets/bits in the
- * replay window, whereas on BSD it's the size of the window in bytes */
+ * replay window, whereas on BSD it's the size of the window in bytes.
+ * Only set for the inbound SA as it's not relevant for the outbound
+ * SA and might waste memory with large windows. */
+ if (data->inbound)
+ {
#ifdef __linux__
- sa->sadb_sa_replay = min(replay_window, 32);
+ sa->sadb_sa_replay = min(data->replay_window, 32);
#else
- sa->sadb_sa_replay = (replay_window + 7) / 8;
+ sa->sadb_sa_replay = (data->replay_window + 7) / 8;
#endif
- sa->sadb_sa_auth = lookup_algorithm(INTEGRITY_ALGORITHM, int_alg);
- sa->sadb_sa_encrypt = lookup_algorithm(ENCRYPTION_ALGORITHM, enc_alg);
+ }
+ sa->sadb_sa_auth = lookup_algorithm(INTEGRITY_ALGORITHM, data->int_alg);
+ sa->sadb_sa_encrypt = lookup_algorithm(ENCRYPTION_ALGORITHM,
+ data->enc_alg);
}
PFKEY_EXT_ADD(msg, sa);
@@ -1704,86 +1746,88 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
sa2->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
sa2->sadb_x_sa2_len = PFKEY_LEN(sizeof(struct sadb_spirange));
sa2->sadb_x_sa2_mode = mode2kernel(mode);
- sa2->sadb_x_sa2_reqid = reqid;
+ sa2->sadb_x_sa2_reqid = data->reqid;
PFKEY_EXT_ADD(msg, sa2);
- add_addr_ext(msg, src, SADB_EXT_ADDRESS_SRC, 0, 0, FALSE);
- add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
+ add_addr_ext(msg, id->src, SADB_EXT_ADDRESS_SRC, 0, 0, FALSE);
+ add_addr_ext(msg, id->dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
lft = (struct sadb_lifetime*)PFKEY_EXT_ADD_NEXT(msg);
lft->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
lft->sadb_lifetime_len = PFKEY_LEN(sizeof(struct sadb_lifetime));
- lft->sadb_lifetime_allocations = lifetime->packets.rekey;
- lft->sadb_lifetime_bytes = lifetime->bytes.rekey;
- lft->sadb_lifetime_addtime = lifetime->time.rekey;
+ lft->sadb_lifetime_allocations = data->lifetime->packets.rekey;
+ lft->sadb_lifetime_bytes = data->lifetime->bytes.rekey;
+ lft->sadb_lifetime_addtime = data->lifetime->time.rekey;
lft->sadb_lifetime_usetime = 0; /* we only use addtime */
PFKEY_EXT_ADD(msg, lft);
lft = (struct sadb_lifetime*)PFKEY_EXT_ADD_NEXT(msg);
lft->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
lft->sadb_lifetime_len = PFKEY_LEN(sizeof(struct sadb_lifetime));
- lft->sadb_lifetime_allocations = lifetime->packets.life;
- lft->sadb_lifetime_bytes = lifetime->bytes.life;
- lft->sadb_lifetime_addtime = lifetime->time.life;
+ lft->sadb_lifetime_allocations = data->lifetime->packets.life;
+ lft->sadb_lifetime_bytes = data->lifetime->bytes.life;
+ lft->sadb_lifetime_addtime = data->lifetime->time.life;
lft->sadb_lifetime_usetime = 0; /* we only use addtime */
PFKEY_EXT_ADD(msg, lft);
- if (enc_alg != ENCR_UNDEFINED)
+ if (data->enc_alg != ENCR_UNDEFINED)
{
if (!sa->sadb_sa_encrypt)
{
DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
- encryption_algorithm_names, enc_alg);
+ encryption_algorithm_names, data->enc_alg);
return FAILED;
}
DBG2(DBG_KNL, " using encryption algorithm %N with key size %d",
- encryption_algorithm_names, enc_alg, enc_key.len * 8);
+ encryption_algorithm_names, data->enc_alg, data->enc_key.len * 8);
key = (struct sadb_key*)PFKEY_EXT_ADD_NEXT(msg);
key->sadb_key_exttype = SADB_EXT_KEY_ENCRYPT;
- key->sadb_key_bits = enc_key.len * 8;
- key->sadb_key_len = PFKEY_LEN(sizeof(struct sadb_key) + enc_key.len);
- memcpy(key + 1, enc_key.ptr, enc_key.len);
+ key->sadb_key_bits = data->enc_key.len * 8;
+ key->sadb_key_len = PFKEY_LEN(sizeof(struct sadb_key) + data->enc_key.len);
+ memcpy(key + 1, data->enc_key.ptr, data->enc_key.len);
PFKEY_EXT_ADD(msg, key);
}
- if (int_alg != AUTH_UNDEFINED)
+ if (data->int_alg != AUTH_UNDEFINED)
{
if (!sa->sadb_sa_auth)
{
DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
- integrity_algorithm_names, int_alg);
+ integrity_algorithm_names, data->int_alg);
return FAILED;
}
DBG2(DBG_KNL, " using integrity algorithm %N with key size %d",
- integrity_algorithm_names, int_alg, int_key.len * 8);
+ integrity_algorithm_names, data->int_alg, data->int_key.len * 8);
key = (struct sadb_key*)PFKEY_EXT_ADD_NEXT(msg);
key->sadb_key_exttype = SADB_EXT_KEY_AUTH;
- key->sadb_key_bits = int_key.len * 8;
- key->sadb_key_len = PFKEY_LEN(sizeof(struct sadb_key) + int_key.len);
- memcpy(key + 1, int_key.ptr, int_key.len);
+ key->sadb_key_bits = data->int_key.len * 8;
+ key->sadb_key_len = PFKEY_LEN(sizeof(struct sadb_key) + data->int_key.len);
+ memcpy(key + 1, data->int_key.ptr, data->int_key.len);
PFKEY_EXT_ADD(msg, key);
}
#ifdef HAVE_NATT
- if (encap)
+ if (data->encap)
{
- add_encap_ext(msg, src, dst);
+ add_encap_ext(msg, id->src, id->dst);
}
#endif /*HAVE_NATT*/
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x",
+ ntohl(id->spi));
return FAILED;
}
else if (out->sadb_msg_errno)
{
DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x: %s (%d)",
- ntohl(spi), strerror(out->sadb_msg_errno), out->sadb_msg_errno);
+ ntohl(id->spi), strerror(out->sadb_msg_errno),
+ out->sadb_msg_errno);
free(out);
return FAILED;
}
@@ -1793,9 +1837,8 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
}
METHOD(kernel_ipsec_t, update_sa, status_t,
- private_kernel_pfkey_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
- bool encap, bool new_encap, mark_t mark)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -1806,72 +1849,84 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
/* we can't update the SA if any of the ip addresses have changed.
* that's because we can't use SADB_UPDATE and by deleting and readding the
* SA the sequence numbers would get lost */
- if (!src->ip_equals(src, new_src) ||
- !dst->ip_equals(dst, new_dst))
+ if (!id->src->ip_equals(id->src, data->new_src) ||
+ !id->dst->ip_equals(id->dst, data->new_dst))
{
DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x: address "
- "changes are not supported", ntohl(spi));
+ "changes are not supported", ntohl(id->spi));
return NOT_SUPPORTED;
}
/* if IPComp is used, we first update the IPComp SA */
- if (cpi)
- {
- update_sa(this, htonl(ntohs(cpi)), IPPROTO_COMP, 0,
- src, dst, new_src, new_dst, FALSE, FALSE, mark);
+ if (data->cpi)
+ {
+ kernel_ipsec_sa_id_t ipcomp_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = htonl(ntohs(data->cpi)),
+ .proto = IPPROTO_COMP,
+ .mark = id->mark,
+ };
+ kernel_ipsec_update_sa_t ipcomp = {
+ .new_src = data->new_src,
+ .new_dst = data->new_dst,
+ };
+ update_sa(this, &ipcomp_id, &ipcomp);
}
memset(&request, 0, sizeof(request));
- DBG2(DBG_KNL, "querying SAD entry with SPI %.8x", ntohl(spi));
+ DBG2(DBG_KNL, "querying SAD entry with SPI %.8x for update",
+ ntohl(id->spi));
msg = (struct sadb_msg*)request;
msg->sadb_msg_version = PF_KEY_V2;
msg->sadb_msg_type = SADB_GET;
- msg->sadb_msg_satype = proto2satype(protocol);
+ msg->sadb_msg_satype = proto2satype(id->proto);
msg->sadb_msg_len = PFKEY_LEN(sizeof(struct sadb_msg));
sa = (struct sadb_sa*)PFKEY_EXT_ADD_NEXT(msg);
sa->sadb_sa_exttype = SADB_EXT_SA;
sa->sadb_sa_len = PFKEY_LEN(sizeof(struct sadb_sa));
- sa->sadb_sa_spi = spi;
+ sa->sadb_sa_spi = id->spi;
PFKEY_EXT_ADD(msg, sa);
/* the kernel wants a SADB_EXT_ADDRESS_SRC to be present even though
* it is not used for anything. */
- add_anyaddr_ext(msg, dst->get_family(dst), SADB_EXT_ADDRESS_SRC);
- add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
+ add_anyaddr_ext(msg, id->dst->get_family(id->dst), SADB_EXT_ADDRESS_SRC);
+ add_addr_ext(msg, id->dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x",
+ ntohl(id->spi));
return FAILED;
}
else if (out->sadb_msg_errno)
{
DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x: %s (%d)",
- ntohl(spi), strerror(out->sadb_msg_errno),
- out->sadb_msg_errno);
+ ntohl(id->spi), strerror(out->sadb_msg_errno),
+ out->sadb_msg_errno);
free(out);
return FAILED;
}
else if (parse_pfkey_message(out, &response) != SUCCESS)
{
DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x: parsing "
- "response from kernel failed", ntohl(spi));
+ "response from kernel failed", ntohl(id->spi));
free(out);
return FAILED;
}
DBG2(DBG_KNL, "updating SAD entry with SPI %.8x from %#H..%#H to %#H..%#H",
- ntohl(spi), src, dst, new_src, new_dst);
+ ntohl(id->spi), id->src, id->dst, data->new_src, data->new_dst);
memset(&request, 0, sizeof(request));
msg = (struct sadb_msg*)request;
msg->sadb_msg_version = PF_KEY_V2;
msg->sadb_msg_type = SADB_UPDATE;
- msg->sadb_msg_satype = proto2satype(protocol);
+ msg->sadb_msg_satype = proto2satype(id->proto);
msg->sadb_msg_len = PFKEY_LEN(sizeof(struct sadb_msg));
#ifdef __APPLE__
@@ -1880,9 +1935,9 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
sa_2 = (struct sadb_sa_2*)PFKEY_EXT_ADD_NEXT(msg);
sa_2->sa.sadb_sa_len = PFKEY_LEN(sizeof(struct sadb_sa_2));
memcpy(&sa_2->sa, response.sa, sizeof(struct sadb_sa));
- if (encap)
+ if (data->encap)
{
- sa_2->sadb_sa_natt_port = new_dst->get_port(new_dst);
+ sa_2->sadb_sa_natt_port = data->new_dst->get_port(data->new_dst);
sa_2->sa.sadb_sa_flags |= SADB_X_EXT_NATT;
}
}
@@ -1908,9 +1963,9 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
}
#ifdef HAVE_NATT
- if (new_encap)
+ if (data->new_encap)
{
- add_encap_ext(msg, new_src, new_dst);
+ add_encap_ext(msg, data->new_src, data->new_dst);
}
#endif /*HAVE_NATT*/
@@ -1918,14 +1973,14 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x",
+ ntohl(id->spi));
return FAILED;
}
else if (out->sadb_msg_errno)
{
DBG1(DBG_KNL, "unable to update SAD entry with SPI %.8x: %s (%d)",
- ntohl(spi), strerror(out->sadb_msg_errno),
- out->sadb_msg_errno);
+ ntohl(id->spi), strerror(out->sadb_msg_errno), out->sadb_msg_errno);
free(out);
return FAILED;
}
@@ -1935,9 +1990,9 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
}
METHOD(kernel_ipsec_t, query_sa, status_t,
- private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -1947,42 +2002,44 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
memset(&request, 0, sizeof(request));
- DBG2(DBG_KNL, "querying SAD entry with SPI %.8x", ntohl(spi));
+ DBG2(DBG_KNL, "querying SAD entry with SPI %.8x", ntohl(id->spi));
msg = (struct sadb_msg*)request;
msg->sadb_msg_version = PF_KEY_V2;
msg->sadb_msg_type = SADB_GET;
- msg->sadb_msg_satype = proto2satype(protocol);
+ msg->sadb_msg_satype = proto2satype(id->proto);
msg->sadb_msg_len = PFKEY_LEN(sizeof(struct sadb_msg));
sa = (struct sadb_sa*)PFKEY_EXT_ADD_NEXT(msg);
sa->sadb_sa_exttype = SADB_EXT_SA;
sa->sadb_sa_len = PFKEY_LEN(sizeof(struct sadb_sa));
- sa->sadb_sa_spi = spi;
+ sa->sadb_sa_spi = id->spi;
PFKEY_EXT_ADD(msg, sa);
/* the Linux Kernel doesn't care for the src address, but other systems do
* (e.g. FreeBSD)
*/
- add_addr_ext(msg, src, SADB_EXT_ADDRESS_SRC, 0, 0, FALSE);
- add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
+ add_addr_ext(msg, id->src, SADB_EXT_ADDRESS_SRC, 0, 0, FALSE);
+ add_addr_ext(msg, id->dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x",
+ ntohl(id->spi));
return FAILED;
}
else if (out->sadb_msg_errno)
{
DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x: %s (%d)",
- ntohl(spi), strerror(out->sadb_msg_errno),
- out->sadb_msg_errno);
+ ntohl(id->spi), strerror(out->sadb_msg_errno),
+ out->sadb_msg_errno);
free(out);
return FAILED;
}
else if (parse_pfkey_message(out, &response) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to query SAD entry with SPI %.8x",
+ ntohl(id->spi));
free(out);
return FAILED;
}
@@ -2013,8 +2070,8 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
}
METHOD(kernel_ipsec_t, del_sa, status_t,
- private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -2022,48 +2079,57 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
size_t len;
/* if IPComp was used, we first delete the additional IPComp SA */
- if (cpi)
+ if (data->cpi)
{
- del_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, 0, mark);
+ kernel_ipsec_sa_id_t ipcomp_id = {
+ .src = id->src,
+ .dst = id->dst,
+ .spi = htonl(ntohs(data->cpi)),
+ .proto = IPPROTO_COMP,
+ .mark = id->mark,
+ };
+ kernel_ipsec_del_sa_t ipcomp = { 0 };
+ del_sa(this, &ipcomp_id, &ipcomp);
}
memset(&request, 0, sizeof(request));
- DBG2(DBG_KNL, "deleting SAD entry with SPI %.8x", ntohl(spi));
+ DBG2(DBG_KNL, "deleting SAD entry with SPI %.8x", ntohl(id->spi));
msg = (struct sadb_msg*)request;
msg->sadb_msg_version = PF_KEY_V2;
msg->sadb_msg_type = SADB_DELETE;
- msg->sadb_msg_satype = proto2satype(protocol);
+ msg->sadb_msg_satype = proto2satype(id->proto);
msg->sadb_msg_len = PFKEY_LEN(sizeof(struct sadb_msg));
sa = (struct sadb_sa*)PFKEY_EXT_ADD_NEXT(msg);
sa->sadb_sa_exttype = SADB_EXT_SA;
sa->sadb_sa_len = PFKEY_LEN(sizeof(struct sadb_sa));
- sa->sadb_sa_spi = spi;
+ sa->sadb_sa_spi = id->spi;
PFKEY_EXT_ADD(msg, sa);
/* the Linux Kernel doesn't care for the src address, but other systems do
* (e.g. FreeBSD)
*/
- add_addr_ext(msg, src, SADB_EXT_ADDRESS_SRC, 0, 0, FALSE);
- add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
+ add_addr_ext(msg, id->src, SADB_EXT_ADDRESS_SRC, 0, 0, FALSE);
+ add_addr_ext(msg, id->dst, SADB_EXT_ADDRESS_DST, 0, 0, FALSE);
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x", ntohl(spi));
+ DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x",
+ ntohl(id->spi));
return FAILED;
}
else if (out->sadb_msg_errno)
{
DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x: %s (%d)",
- ntohl(spi), strerror(out->sadb_msg_errno),
- out->sadb_msg_errno);
+ ntohl(id->spi), strerror(out->sadb_msg_errno),
+ out->sadb_msg_errno);
free(out);
return FAILED;
}
- DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x", ntohl(spi));
+ DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x", ntohl(id->spi));
free(out);
return SUCCESS;
}
@@ -2074,7 +2140,7 @@ METHOD(kernel_ipsec_t, flush_sas, status_t,
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct {
- u_int8_t proto;
+ uint8_t proto;
char *name;
} protos[] = {
{ SADB_SATYPE_AH, "AH" },
@@ -2138,7 +2204,7 @@ static void add_exclude_route(private_kernel_pfkey_ipsec_t *this,
if (!route->exclude)
{
DBG2(DBG_KNL, "installing new exclude route for %H src %H", dst, src);
- gtw = charon->kernel->get_nexthop(charon->kernel, dst, -1, NULL);
+ gtw = charon->kernel->get_nexthop(charon->kernel, dst, -1, NULL, NULL);
if (gtw)
{
char *if_name = NULL;
@@ -2226,56 +2292,58 @@ static void remove_exclude_route(private_kernel_pfkey_ipsec_t *this,
}
/**
- * Try to install a route to the given inbound policy
+ * Try to install a route to the given outbound policy
*/
static bool install_route(private_kernel_pfkey_ipsec_t *this,
- policy_entry_t *policy, policy_sa_in_t *in)
+ policy_entry_t *policy, policy_sa_out_t *out)
{
route_entry_t *route, *old;
host_t *host, *src, *dst;
bool is_virtual;
- if (charon->kernel->get_address_by_ts(charon->kernel, in->dst_ts, &host,
+ if (charon->kernel->get_address_by_ts(charon->kernel, out->src_ts, &host,
&is_virtual) != SUCCESS)
{
return FALSE;
}
- /* switch src/dst, as we handle an IN policy */
- src = in->generic.sa->dst;
- dst = in->generic.sa->src;
-
INIT(route,
- .prefixlen = policy->src.mask,
+ .prefixlen = policy->dst.mask,
.src_ip = host,
- .dst_net = chunk_clone(policy->src.net->get_address(policy->src.net)),
+ .dst_net = chunk_clone(policy->dst.net->get_address(policy->dst.net)),
);
+ src = out->generic.sa->src;
+ dst = out->generic.sa->dst;
+
if (!dst->is_anyaddr(dst))
{
route->gateway = charon->kernel->get_nexthop(charon->kernel, dst, -1,
- src);
+ src, &route->if_name);
/* if the IP is virtual, we install the route over the interface it has
* been installed on. Otherwise we use the interface we use for IKE, as
* this is required for example on Linux. */
if (is_virtual)
{
+ free(route->if_name);
+ route->if_name = NULL;
src = route->src_ip;
}
}
else
{ /* for shunt policies */
route->gateway = charon->kernel->get_nexthop(charon->kernel,
- policy->src.net, policy->src.mask,
- route->src_ip);
+ policy->dst.net, policy->dst.mask,
+ route->src_ip, &route->if_name);
/* we don't have a source address, use the address we found */
src = route->src_ip;
}
/* get interface for route, using source address */
- if (!charon->kernel->get_interface(charon->kernel, src, &route->if_name))
+ if (!route->if_name &&
+ !charon->kernel->get_interface(charon->kernel, src, &route->if_name))
{
route_entry_destroy(route);
return FALSE;
@@ -2296,7 +2364,7 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this,
old->src_ip, old->if_name) != SUCCESS)
{
DBG1(DBG_KNL, "error uninstalling route installed with policy "
- "%R === %R %N", in->src_ts, in->dst_ts,
+ "%R === %R %N", out->src_ts, out->dst_ts,
policy_dir_names, policy->direction);
}
route_entry_destroy(old);
@@ -2306,22 +2374,22 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this,
/* if remote traffic selector covers the IKE peer, add an exclude route */
if (charon->kernel->get_features(charon->kernel) & KERNEL_REQUIRE_EXCLUDE_ROUTE)
{
- if (in->src_ts->is_host(in->src_ts, dst))
+ if (out->dst_ts->is_host(out->dst_ts, dst))
{
DBG1(DBG_KNL, "can't install route for %R === %R %N, conflicts "
- "with IKE traffic", in->src_ts, in->dst_ts, policy_dir_names,
+ "with IKE traffic", out->src_ts, out->dst_ts, policy_dir_names,
policy->direction);
route_entry_destroy(route);
return FALSE;
}
- if (in->src_ts->includes(in->src_ts, dst))
+ if (out->dst_ts->includes(out->dst_ts, dst))
{
- add_exclude_route(this, route, in->generic.sa->dst, dst);
+ add_exclude_route(this, route, out->generic.sa->src, dst);
}
}
DBG2(DBG_KNL, "installing route: %R via %H src %H dev %s",
- in->src_ts, route->gateway, route->src_ip, route->if_name);
+ out->dst_ts, route->gateway, route->src_ip, route->if_name);
switch (charon->kernel->add_route(charon->kernel, route->dst_net,
route->prefixlen, route->gateway,
@@ -2338,7 +2406,7 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this,
return TRUE;
default:
DBG1(DBG_KNL, "installing route failed: %R via %H src %H dev %s",
- in->src_ts, route->gateway, route->src_ip, route->if_name);
+ out->dst_ts, route->gateway, route->src_ip, route->if_name);
remove_exclude_route(this, route);
route_entry_destroy(route);
return FALSE;
@@ -2381,53 +2449,56 @@ static status_t add_policy_internal(private_kernel_pfkey_ipsec_t *this,
pol->sadb_x_policy_priority = mapping->priority;
#endif
- /* one or more sadb_x_ipsecrequest extensions are added to the
- * sadb_x_policy extension */
- proto_mode = ipsec->cfg.mode;
+ if (mapping->type == POLICY_IPSEC && ipsec->cfg.reqid)
+ {
+ /* one or more sadb_x_ipsecrequest extensions are added to the
+ * sadb_x_policy extension */
+ proto_mode = ipsec->cfg.mode;
+
+ req = (struct sadb_x_ipsecrequest*)(pol + 1);
- req = (struct sadb_x_ipsecrequest*)(pol + 1);
+ if (ipsec->cfg.ipcomp.transform != IPCOMP_NONE)
+ {
+ req->sadb_x_ipsecrequest_proto = IPPROTO_COMP;
+
+ /* !!! the length here MUST be in octets instead of 64 bit words */
+ req->sadb_x_ipsecrequest_len = sizeof(struct sadb_x_ipsecrequest);
+ req->sadb_x_ipsecrequest_mode = mode2kernel(ipsec->cfg.mode);
+ req->sadb_x_ipsecrequest_reqid = ipsec->cfg.reqid;
+ req->sadb_x_ipsecrequest_level = (policy->direction == POLICY_OUT) ?
+ IPSEC_LEVEL_UNIQUE : IPSEC_LEVEL_USE;
+ if (ipsec->cfg.mode == MODE_TUNNEL)
+ {
+ len = hostcpy(req + 1, ipsec->src, FALSE);
+ req->sadb_x_ipsecrequest_len += len;
+ len = hostcpy((char*)(req + 1) + len, ipsec->dst, FALSE);
+ req->sadb_x_ipsecrequest_len += len;
+ /* use transport mode for other SAs */
+ proto_mode = MODE_TRANSPORT;
+ }
- if (ipsec->cfg.ipcomp.transform != IPCOMP_NONE)
- {
- req->sadb_x_ipsecrequest_proto = IPPROTO_COMP;
+ pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len);
+ req = (struct sadb_x_ipsecrequest*)((char*)(req) +
+ req->sadb_x_ipsecrequest_len);
+ }
+ req->sadb_x_ipsecrequest_proto = ipsec->cfg.esp.use ? IPPROTO_ESP
+ : IPPROTO_AH;
/* !!! the length here MUST be in octets instead of 64 bit words */
req->sadb_x_ipsecrequest_len = sizeof(struct sadb_x_ipsecrequest);
- req->sadb_x_ipsecrequest_mode = mode2kernel(ipsec->cfg.mode);
+ req->sadb_x_ipsecrequest_mode = mode2kernel(proto_mode);
req->sadb_x_ipsecrequest_reqid = ipsec->cfg.reqid;
- req->sadb_x_ipsecrequest_level = (policy->direction == POLICY_OUT) ?
- IPSEC_LEVEL_UNIQUE : IPSEC_LEVEL_USE;
- if (ipsec->cfg.mode == MODE_TUNNEL)
+ req->sadb_x_ipsecrequest_level = IPSEC_LEVEL_UNIQUE;
+ if (proto_mode == MODE_TUNNEL)
{
len = hostcpy(req + 1, ipsec->src, FALSE);
req->sadb_x_ipsecrequest_len += len;
len = hostcpy((char*)(req + 1) + len, ipsec->dst, FALSE);
req->sadb_x_ipsecrequest_len += len;
- /* use transport mode for other SAs */
- proto_mode = MODE_TRANSPORT;
}
pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len);
- req = (struct sadb_x_ipsecrequest*)((char*)(req) +
- req->sadb_x_ipsecrequest_len);
- }
-
- req->sadb_x_ipsecrequest_proto = ipsec->cfg.esp.use ? IPPROTO_ESP
- : IPPROTO_AH;
- /* !!! the length here MUST be in octets instead of 64 bit words */
- req->sadb_x_ipsecrequest_len = sizeof(struct sadb_x_ipsecrequest);
- req->sadb_x_ipsecrequest_mode = mode2kernel(proto_mode);
- req->sadb_x_ipsecrequest_reqid = ipsec->cfg.reqid;
- req->sadb_x_ipsecrequest_level = IPSEC_LEVEL_UNIQUE;
- if (proto_mode == MODE_TUNNEL)
- {
- len = hostcpy(req + 1, ipsec->src, FALSE);
- req->sadb_x_ipsecrequest_len += len;
- len = hostcpy((char*)(req + 1) + len, ipsec->dst, FALSE);
- req->sadb_x_ipsecrequest_len += len;
}
-
- pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len);
PFKEY_EXT_ADD(msg, pol);
add_addr_ext(msg, policy->src.net, SADB_EXT_ADDRESS_SRC, policy->src.proto,
@@ -2492,37 +2563,42 @@ static status_t add_policy_internal(private_kernel_pfkey_ipsec_t *this,
free(out);
/* install a route, if:
- * - this is an inbound policy (to just get one for each child)
- * - we are in tunnel mode or install a bypass policy
+ * - this is an outbound policy (to just get one for each child)
* - routing is not disabled via strongswan.conf
+ * - the selector is not for a specific protocol/port
+ * - we are in tunnel mode or install a bypass policy
*/
- if (policy->direction == POLICY_IN && this->install_routes &&
- (mapping->type != POLICY_IPSEC || ipsec->cfg.mode != MODE_TRANSPORT))
+ if (policy->direction == POLICY_OUT && this->install_routes &&
+ policy->src.proto == IPSEC_PROTO_ANY &&
+ !policy->src.net->get_port(policy->src.net) &&
+ !policy->dst.net->get_port(policy->dst.net))
{
- install_route(this, policy, (policy_sa_in_t*)mapping);
+ if (mapping->type == POLICY_PASS ||
+ (mapping->type == POLICY_IPSEC && ipsec->cfg.mode != MODE_TRANSPORT))
+ {
+ install_route(this, policy, (policy_sa_out_t*)mapping);
+ }
}
this->mutex->unlock(this->mutex);
return SUCCESS;
}
METHOD(kernel_ipsec_t, add_policy, status_t,
- private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
policy_entry_t *policy, *found = NULL;
policy_sa_t *assigned_sa, *current_sa;
enumerator_t *enumerator;
bool update = TRUE;
- if (dir2kernel(direction) == IPSEC_DIR_INVALID)
+ if (dir2kernel(id->dir) == IPSEC_DIR_INVALID)
{ /* FWD policies are not supported on all platforms */
return SUCCESS;
}
/* create a policy */
- policy = create_policy_entry(src_ts, dst_ts, direction);
+ policy = create_policy_entry(id->src_ts, id->dst_ts, id->dir);
/* find a matching policy */
this->mutex->lock(this->mutex);
@@ -2531,7 +2607,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
(void**)&found, policy) == SUCCESS)
{ /* use existing policy */
DBG2(DBG_KNL, "policy %R === %R %N already exists, increasing "
- "refcount", src_ts, dst_ts, policy_dir_names, direction);
+ "refcount", id->src_ts, id->dst_ts, policy_dir_names, id->dir);
policy_entry_destroy(policy, this);
policy = found;
}
@@ -2542,18 +2618,35 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
}
/* cache the assigned IPsec SA */
- assigned_sa = policy_sa_create(this, direction, type, src, dst, src_ts,
- dst_ts, sa);
- assigned_sa->priority = get_priority(policy, priority);
+ assigned_sa = policy_sa_create(this, id->dir, data->type, data->src,
+ data->dst, id->src_ts, id->dst_ts, data->sa);
+ assigned_sa->auto_priority = get_priority(policy, data->prio);
+ assigned_sa->priority = data->manual_prio ? data->manual_prio :
+ assigned_sa->auto_priority;
+
/* insert the SA according to its priority */
enumerator = policy->used_by->create_enumerator(policy->used_by);
while (enumerator->enumerate(enumerator, (void**)&current_sa))
{
- if (current_sa->priority >= assigned_sa->priority)
+ if (current_sa->priority > assigned_sa->priority)
{
break;
}
+ if (current_sa->priority == assigned_sa->priority)
+ {
+ /* in case of equal manual prios order SAs by automatic priority */
+ if (current_sa->auto_priority > assigned_sa->auto_priority)
+ {
+ break;
+ }
+ /* prefer SAs with a reqid over those without */
+ if (current_sa->auto_priority == assigned_sa->auto_priority &&
+ (!current_sa->sa->cfg.reqid || assigned_sa->sa->cfg.reqid))
+ {
+ break;
+ }
+ }
update = FALSE;
}
policy->used_by->insert_before(policy->used_by, enumerator, assigned_sa);
@@ -2567,23 +2660,22 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
}
DBG2(DBG_KNL, "%s policy %R === %R %N",
- found ? "updating" : "adding", src_ts, dst_ts,
- policy_dir_names, direction);
+ found ? "updating" : "adding", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
if (add_policy_internal(this, policy, assigned_sa, found) != SUCCESS)
{
DBG1(DBG_KNL, "unable to %s policy %R === %R %N",
- found ? "update" : "add", src_ts, dst_ts,
- policy_dir_names, direction);
+ found ? "update" : "add", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
return FAILED;
}
return SUCCESS;
}
METHOD(kernel_ipsec_t, query_policy, status_t,
- private_kernel_pfkey_ipsec_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -2592,16 +2684,16 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
pfkey_msg_t response;
size_t len;
- if (dir2kernel(direction) == IPSEC_DIR_INVALID)
+ if (dir2kernel(id->dir) == IPSEC_DIR_INVALID)
{ /* FWD policies are not supported on all platforms */
return NOT_FOUND;
}
- DBG2(DBG_KNL, "querying policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG2(DBG_KNL, "querying policy %R === %R %N", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
/* create a policy */
- policy = create_policy_entry(src_ts, dst_ts, direction);
+ policy = create_policy_entry(id->src_ts, id->dst_ts, id->dir);
/* find a matching policy */
this->mutex->lock(this->mutex);
@@ -2609,8 +2701,8 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
(linked_list_match_t)policy_entry_equals,
(void**)&found, policy) != SUCCESS)
{
- DBG1(DBG_KNL, "querying policy %R === %R %N failed, not found", src_ts,
- dst_ts, policy_dir_names, direction);
+ DBG1(DBG_KNL, "querying policy %R === %R %N failed, not found",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir);
policy_entry_destroy(policy, this);
this->mutex->unlock(this->mutex);
return NOT_FOUND;
@@ -2630,7 +2722,7 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
pol->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
pol->sadb_x_policy_id = policy->index;
pol->sadb_x_policy_len = PFKEY_LEN(sizeof(struct sadb_x_policy));
- pol->sadb_x_policy_dir = dir2kernel(direction);
+ pol->sadb_x_policy_dir = dir2kernel(id->dir);
pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
PFKEY_EXT_ADD(msg, pol);
@@ -2643,30 +2735,31 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to query policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG1(DBG_KNL, "unable to query policy %R === %R %N", id->src_ts,
+ id->dst_ts, policy_dir_names, id->dir);
return FAILED;
}
else if (out->sadb_msg_errno)
{
- DBG1(DBG_KNL, "unable to query policy %R === %R %N: %s (%d)", src_ts,
- dst_ts, policy_dir_names, direction,
- strerror(out->sadb_msg_errno), out->sadb_msg_errno);
+ DBG1(DBG_KNL, "unable to query policy %R === %R %N: %s (%d)",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir,
+ strerror(out->sadb_msg_errno), out->sadb_msg_errno);
free(out);
return FAILED;
}
else if (parse_pfkey_message(out, &response) != SUCCESS)
{
DBG1(DBG_KNL, "unable to query policy %R === %R %N: parsing response "
- "from kernel failed", src_ts, dst_ts, policy_dir_names,
- direction);
+ "from kernel failed", id->src_ts, id->dst_ts, policy_dir_names,
+ id->dir);
free(out);
return FAILED;
}
else if (response.lft_current == NULL)
{
DBG2(DBG_KNL, "unable to query policy %R === %R %N: kernel reports no "
- "use time", src_ts, dst_ts, policy_dir_names, direction);
+ "use time", id->src_ts, id->dst_ts, policy_dir_names,
+ id->dir);
free(out);
return FAILED;
}
@@ -2686,10 +2779,8 @@ METHOD(kernel_ipsec_t, query_policy, status_t,
}
METHOD(kernel_ipsec_t, del_policy, status_t,
- private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t prio)
+ private_kernel_pfkey_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -2698,24 +2789,24 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
policy_sa_t *mapping, *to_remove = NULL;
enumerator_t *enumerator;
bool first = TRUE, is_installed = TRUE;
- u_int32_t priority;
+ uint32_t priority, auto_priority;
size_t len;
ipsec_sa_t assigned_sa = {
- .src = src,
- .dst = dst,
- .cfg = *sa,
+ .src = data->src,
+ .dst = data->dst,
+ .cfg = *data->sa,
};
- if (dir2kernel(direction) == IPSEC_DIR_INVALID)
+ if (dir2kernel(id->dir) == IPSEC_DIR_INVALID)
{ /* FWD policies are not supported on all platforms */
return SUCCESS;
}
- DBG2(DBG_KNL, "deleting policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG2(DBG_KNL, "deleting policy %R === %R %N", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
/* create a policy */
- policy = create_policy_entry(src_ts, dst_ts, direction);
+ policy = create_policy_entry(id->src_ts, id->dst_ts, id->dir);
/* find a matching policy */
this->mutex->lock(this->mutex);
@@ -2723,8 +2814,8 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
(linked_list_match_t)policy_entry_equals,
(void**)&found, policy) != SUCCESS)
{
- DBG1(DBG_KNL, "deleting policy %R === %R %N failed, not found", src_ts,
- dst_ts, policy_dir_names, direction);
+ DBG1(DBG_KNL, "deleting policy %R === %R %N failed, not found",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir);
policy_entry_destroy(policy, this);
this->mutex->unlock(this->mutex);
return NOT_FOUND;
@@ -2734,11 +2825,14 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
/* remove mapping to SA by reqid and priority, if multiple match, which
* could happen when rekeying due to an address change, remove the oldest */
- priority = get_priority(policy, prio);
+ auto_priority = get_priority(policy, data->prio);
+ priority = data->manual_prio ? data->manual_prio : auto_priority;
enumerator = policy->used_by->create_enumerator(policy->used_by);
while (enumerator->enumerate(enumerator, (void**)&mapping))
{
if (priority == mapping->priority &&
+ auto_priority == mapping->auto_priority &&
+ data->type == mapping->type &&
ipsec_sa_equals(mapping->sa, &assigned_sa))
{
to_remove = mapping;
@@ -2762,7 +2856,7 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
if (policy->used_by->get_count(policy->used_by) > 0)
{ /* policy is used by more SAs, keep in kernel */
DBG2(DBG_KNL, "policy still used by another CHILD_SA, not removed");
- policy_sa_destroy(mapping, &direction, this);
+ policy_sa_destroy(mapping, &id->dir, this);
if (!is_installed)
{ /* no need to update as the policy was not installed for this SA */
@@ -2770,13 +2864,13 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
return SUCCESS;
}
- DBG2(DBG_KNL, "updating policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG2(DBG_KNL, "updating policy %R === %R %N", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
policy->used_by->get_first(policy->used_by, (void**)&mapping);
if (add_policy_internal(this, policy, mapping, TRUE) != SUCCESS)
{
DBG1(DBG_KNL, "unable to update policy %R === %R %N",
- src_ts, dst_ts, policy_dir_names, direction);
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir);
return FAILED;
}
return SUCCESS;
@@ -2793,7 +2887,7 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
pol = (struct sadb_x_policy*)PFKEY_EXT_ADD_NEXT(msg);
pol->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
pol->sadb_x_policy_len = PFKEY_LEN(sizeof(struct sadb_x_policy));
- pol->sadb_x_policy_dir = dir2kernel(direction);
+ pol->sadb_x_policy_dir = dir2kernel(id->dir);
pol->sadb_x_policy_type = type2kernel(mapping->type);
PFKEY_EXT_ADD(msg, pol);
@@ -2810,28 +2904,28 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
route->src_ip, route->if_name) != SUCCESS)
{
DBG1(DBG_KNL, "error uninstalling route installed with "
- "policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ "policy %R === %R %N", id->src_ts, id->dst_ts,
+ policy_dir_names, id->dir);
}
remove_exclude_route(this, route);
}
this->policies->remove(this->policies, found, NULL);
- policy_sa_destroy(mapping, &direction, this);
+ policy_sa_destroy(mapping, &id->dir, this);
policy_entry_destroy(policy, this);
this->mutex->unlock(this->mutex);
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
- DBG1(DBG_KNL, "unable to delete policy %R === %R %N", src_ts, dst_ts,
- policy_dir_names, direction);
+ DBG1(DBG_KNL, "unable to delete policy %R === %R %N", id->src_ts,
+ id->dst_ts, policy_dir_names, id->dir);
return FAILED;
}
else if (out->sadb_msg_errno)
{
- DBG1(DBG_KNL, "unable to delete policy %R === %R %N: %s (%d)", src_ts,
- dst_ts, policy_dir_names, direction,
- strerror(out->sadb_msg_errno), out->sadb_msg_errno);
+ DBG1(DBG_KNL, "unable to delete policy %R === %R %N: %s (%d)",
+ id->src_ts, id->dst_ts, policy_dir_names, id->dir,
+ strerror(out->sadb_msg_errno), out->sadb_msg_errno);
free(out);
return FAILED;
}
@@ -2876,7 +2970,7 @@ METHOD(kernel_ipsec_t, flush_policies, status_t,
* Register a socket for ACQUIRE/EXPIRE messages
*/
static status_t register_pfkey_socket(private_kernel_pfkey_ipsec_t *this,
- u_int8_t satype)
+ uint8_t satype)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
@@ -2931,7 +3025,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
}
memset(&policy, 0, sizeof(policy));
- policy.sadb_x_policy_len = sizeof(policy) / sizeof(u_int64_t);
+ policy.sadb_x_policy_len = sizeof(policy) / sizeof(uint64_t);
policy.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
policy.sadb_x_policy_type = IPSEC_POLICY_BYPASS;
@@ -2953,7 +3047,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
}
METHOD(kernel_ipsec_t, enable_udp_decap, bool,
- private_kernel_pfkey_ipsec_t *this, int fd, int family, u_int16_t port)
+ private_kernel_pfkey_ipsec_t *this, int fd, int family, uint16_t port)
{
#ifndef __APPLE__
int type = UDP_ENCAP_ESPINUDP;
diff --git a/src/libcharon/plugins/kernel_pfroute/Makefile.in b/src/libcharon/plugins/kernel_pfroute/Makefile.in
index 77d83cbca..1c3f49120 100644
--- a/src/libcharon/plugins/kernel_pfroute/Makefile.in
+++ b/src/libcharon/plugins/kernel_pfroute/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/kernel_pfroute
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/kernel_pfroute/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/kernel_pfroute/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c
index 4eebdfdad..236e3417f 100644
--- a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c
+++ b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2009-2013 Tobias Brunner
+ * Copyright (C) 2009-2016 Tobias Brunner
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -209,7 +209,7 @@ struct route_entry_t {
chunk_t dst_net;
/** Destination net prefixlen */
- u_int8_t prefixlen;
+ uint8_t prefixlen;
};
/**
@@ -420,7 +420,7 @@ struct private_kernel_pfroute_net_t
* Forward declaration
*/
static status_t manage_route(private_kernel_pfroute_net_t *this, int op,
- chunk_t dst_net, u_int8_t prefixlen,
+ chunk_t dst_net, uint8_t prefixlen,
host_t *gateway, char *if_name);
/**
@@ -1381,7 +1381,7 @@ static void add_rt_ifname(struct rt_msghdr *hdr, int type, char *name)
* Add or remove a route
*/
static status_t manage_route(private_kernel_pfroute_net_t *this, int op,
- chunk_t dst_net, u_int8_t prefixlen,
+ chunk_t dst_net, uint8_t prefixlen,
host_t *gateway, char *if_name)
{
struct {
@@ -1473,7 +1473,7 @@ static status_t manage_route(private_kernel_pfroute_net_t *this, int op,
}
METHOD(kernel_net_t, add_route, status_t,
- private_kernel_pfroute_net_t *this, chunk_t dst_net, u_int8_t prefixlen,
+ private_kernel_pfroute_net_t *this, chunk_t dst_net, uint8_t prefixlen,
host_t *gateway, host_t *src_ip, char *if_name)
{
status_t status;
@@ -1502,7 +1502,7 @@ METHOD(kernel_net_t, add_route, status_t,
}
METHOD(kernel_net_t, del_route, status_t,
- private_kernel_pfroute_net_t *this, chunk_t dst_net, u_int8_t prefixlen,
+ private_kernel_pfroute_net_t *this, chunk_t dst_net, uint8_t prefixlen,
host_t *gateway, host_t *src_ip, char *if_name)
{
status_t status;
@@ -1533,7 +1533,7 @@ METHOD(kernel_net_t, del_route, status_t,
* address.
*/
static host_t *get_route(private_kernel_pfroute_net_t *this, bool nexthop,
- host_t *dest, host_t *src)
+ host_t *dest, host_t *src, char **iface)
{
struct {
struct rt_msghdr hdr;
@@ -1612,6 +1612,15 @@ retry:
host = gtw;
}
}
+ if (type == RTAX_IFP && addr->sa_family == AF_LINK)
+ {
+ struct sockaddr_dl *sdl = (struct sockaddr_dl*)addr;
+ if (iface)
+ {
+ free(*iface);
+ *iface = strndup(sdl->sdl_data, sdl->sdl_nlen);
+ }
+ }
}
else
{
@@ -1680,13 +1689,18 @@ retry:
METHOD(kernel_net_t, get_source_addr, host_t*,
private_kernel_pfroute_net_t *this, host_t *dest, host_t *src)
{
- return get_route(this, FALSE, dest, src);
+ return get_route(this, FALSE, dest, src, NULL);
}
METHOD(kernel_net_t, get_nexthop, host_t*,
- private_kernel_pfroute_net_t *this, host_t *dest, int prefix, host_t *src)
+ private_kernel_pfroute_net_t *this, host_t *dest, int prefix, host_t *src,
+ char **iface)
{
- return get_route(this, TRUE, dest, src);
+ if (iface)
+ {
+ *iface = NULL;
+ }
+ return get_route(this, TRUE, dest, src, iface);
}
/**
diff --git a/src/libcharon/plugins/kernel_wfp/Makefile.in b/src/libcharon/plugins/kernel_wfp/Makefile.in
index cfe643f26..e002b4f0d 100644
--- a/src/libcharon/plugins/kernel_wfp/Makefile.in
+++ b/src/libcharon/plugins/kernel_wfp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
noinst_PROGRAMS = ipsecdump$(EXEEXT)
subdir = src/libcharon/plugins/kernel_wfp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -211,12 +220,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -266,6 +277,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -300,6 +312,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -411,6 +424,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -479,7 +493,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/kernel_wfp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/kernel_wfp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -809,6 +822,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
tags tags-am uninstall uninstall-am \
uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
index e1c429885..6ad26b72f 100644
--- a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
+++ b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
@@ -45,7 +45,7 @@ struct private_kernel_wfp_ipsec_t {
/**
* Mix value to distribute SPI allocation randomly
*/
- u_int32_t mixspi;
+ uint32_t mixspi;
/**
* IKE bypass filters, as UINT64 filter LUID
@@ -103,16 +103,16 @@ struct private_kernel_wfp_ipsec_t {
*/
typedef struct {
/** SPI for this SA */
- u_int32_t spi;
+ uint32_t spi;
/** protocol, IPPROTO_ESP/IPPROTO_AH */
- u_int8_t protocol;
+ uint8_t protocol;
/** hard lifetime of SA */
- u_int32_t lifetime;
+ uint32_t lifetime;
/** destination host address for this SPI */
host_t *dst;
struct {
/** algorithm */
- u_int16_t alg;
+ uint16_t alg;
/** key */
chunk_t key;
} integ, encr;
@@ -144,13 +144,13 @@ typedef struct {
/** policy destinaiton addresses */
traffic_selector_t *dst;
/** WFP allocated LUID for inbound filter ID */
- u_int64_t policy_in;
+ uint64_t policy_in;
/** WFP allocated LUID for outbound filter ID */
- u_int64_t policy_out;
+ uint64_t policy_out;
/** WFP allocated LUID for forward inbound filter ID, tunnel mode only */
- u_int64_t policy_fwd_in;
+ uint64_t policy_fwd_in;
/** WFP allocated LUID for forward outbound filter ID, tunnel mode only */
- u_int64_t policy_fwd_out;
+ uint64_t policy_fwd_out;
/** have installed a route for it? */
bool route;
} sp_entry_t;
@@ -170,7 +170,7 @@ static void sp_entry_destroy(sp_entry_t *sp)
*/
typedef struct {
/** reqid of entry */
- u_int32_t reqid;
+ uint32_t reqid;
/** outer address on local host */
host_t *local;
/** outer address on remote host */
@@ -186,17 +186,17 @@ typedef struct {
/** UDP encapsulation */
bool encap;
/** provider context, for tunnel mode only */
- u_int64_t provider;
+ uint64_t provider;
/** WFP allocated LUID for SA context */
- u_int64_t sa_id;
+ uint64_t sa_id;
/** WFP allocated LUID for tunnel mode IP-IPv4 inbound filter */
- u_int64_t ip_ipv4_in;
+ uint64_t ip_ipv4_in;
/** WFP allocated LUID for tunnel mode IP-IPv4 outbound filter */
- u_int64_t ip_ipv4_out;
+ uint64_t ip_ipv4_out;
/** WFP allocated LUID for tunnel mode IP-IPv6 inbound filter */
- u_int64_t ip_ipv6_in;
+ uint64_t ip_ipv6_in;
/** WFP allocated LUID for tunnel mode IP-IPv6 outbound filter */
- u_int64_t ip_ipv6_out;
+ uint64_t ip_ipv6_out;
} entry_t;
/**
@@ -206,7 +206,7 @@ typedef struct {
/** destination net of route */
host_t *dst;
/** prefix length of dst */
- u_int8_t mask;
+ uint8_t mask;
/** source address for route */
host_t *src;
/** gateway of route, NULL if directly attached */
@@ -348,9 +348,9 @@ static FWPM_FILTER_CONDITION0 *append_condition(FWPM_FILTER_CONDITION0 *conds[],
/**
* Convert an IPv4 prefix to a host order subnet mask
*/
-static u_int32_t prefix2mask(u_int8_t prefix)
+static uint32_t prefix2mask(uint8_t prefix)
{
- u_int8_t netmask[4] = {};
+ uint8_t netmask[4] = {};
int i;
for (i = 0; i < sizeof(netmask); i++)
@@ -370,7 +370,7 @@ static u_int32_t prefix2mask(u_int8_t prefix)
* Convert a 16-bit range to a WFP condition
*/
static void range2cond(FWPM_FILTER_CONDITION0 *cond,
- u_int16_t from, u_int16_t to)
+ uint16_t from, uint16_t to)
{
if (from == to)
{
@@ -399,11 +399,11 @@ static bool ts2condition(traffic_selector_t *ts, const GUID *target,
FWPM_FILTER_CONDITION0 *cond;
FWP_BYTE_ARRAY16 *addr;
FWP_RANGE0 *range;
- u_int16_t from_port, to_port;
+ uint16_t from_port, to_port;
void *from, *to;
- u_int8_t proto;
+ uint8_t proto;
host_t *net;
- u_int8_t prefix;
+ uint8_t prefix;
from = ts->get_from_address(ts).ptr;
to = ts->get_to_address(ts).ptr;
@@ -496,7 +496,7 @@ static bool ts2condition(traffic_selector_t *ts, const GUID *target,
{
if (target == &FWPM_CONDITION_IP_LOCAL_ADDRESS)
{
- u_int8_t from_type, to_type, from_code, to_code;
+ uint8_t from_type, to_type, from_code, to_code;
from_type = traffic_selector_icmp_type(from_port);
to_type = traffic_selector_icmp_type(to_port);
@@ -736,7 +736,7 @@ static bool install_sp(private_kernel_wfp_ipsec_t *this, sp_entry_t *sp,
*/
static bool install_ipip_ale(private_kernel_wfp_ipsec_t *this,
host_t *local, host_t *remote, GUID *context,
- bool inbound, int proto, u_int64_t *filter_id)
+ bool inbound, int proto, uint64_t *filter_id)
{
traffic_selector_t *lts, *rts;
FWPM_FILTER_CONDITION0 *conds = NULL;
@@ -1013,7 +1013,7 @@ static bool install_sa(private_kernel_wfp_ipsec_t *this, entry_t *entry,
.ipVersion = version,
};
struct {
- u_int16_t alg;
+ uint16_t alg;
chunk_t key;
} integ = {}, encr = {};
DWORD res;
@@ -1099,9 +1099,9 @@ static bool install_sa(private_kernel_wfp_ipsec_t *this, entry_t *entry,
*/
static void host2address6(host_t *host, void *out)
{
- u_int32_t *src, *dst = out;
+ uint32_t *src, *dst = out;
- src = (u_int32_t*)host->get_address(host).ptr;
+ src = (uint32_t*)host->get_address(host).ptr;
dst[0] = untoh32(&src[3]);
dst[1] = untoh32(&src[2]);
@@ -1273,7 +1273,7 @@ static bool generate_guid(private_kernel_wfp_ipsec_t *this, GUID *guid)
{
return FALSE;
}
- ok = rng->get_bytes(rng, sizeof(GUID), (u_int8_t*)guid);
+ ok = rng->get_bytes(rng, sizeof(GUID), (uint8_t*)guid);
rng->destroy(rng);
return ok;
}
@@ -1379,7 +1379,7 @@ static bool install_tunnel_sps(private_kernel_wfp_ipsec_t *this, entry_t *entry)
* Reduce refcount, or uninstall a route if all refs gone
*/
static bool uninstall_route(private_kernel_wfp_ipsec_t *this,
- host_t *dst, u_int8_t mask, host_t *src, host_t *gtw)
+ host_t *dst, uint8_t mask, host_t *src, host_t *gtw)
{
route_t *route, key = {
.dst = dst,
@@ -1421,7 +1421,7 @@ static bool uninstall_route(private_kernel_wfp_ipsec_t *this,
* Install a single route, or refcount if exists
*/
static bool install_route(private_kernel_wfp_ipsec_t *this,
- host_t *dst, u_int8_t mask, host_t *src, host_t *gtw)
+ host_t *dst, uint8_t mask, host_t *src, host_t *gtw)
{
route_t *route, key = {
.dst = dst,
@@ -1476,7 +1476,7 @@ static bool manage_route(private_kernel_wfp_ipsec_t *this,
bool add)
{
host_t *src, *dst, *gtw;
- u_int8_t mask;
+ uint8_t mask;
bool done;
if (!dst_ts->to_subnet(dst_ts, &dst, &mask))
@@ -1489,7 +1489,7 @@ static bool manage_route(private_kernel_wfp_ipsec_t *this,
dst->destroy(dst);
return FALSE;
}
- gtw = charon->kernel->get_nexthop(charon->kernel, remote, -1, local);
+ gtw = charon->kernel->get_nexthop(charon->kernel, remote, -1, local, NULL);
if (add)
{
done = install_route(this, dst, mask, src, gtw);
@@ -1578,7 +1578,7 @@ static bool install(private_kernel_wfp_ipsec_t *this, entry_t *entry)
*/
typedef struct {
/** reqid this trap is installed for */
- u_int32_t reqid;
+ uint32_t reqid;
/** is this a forward policy trap for tunnel mode? */
bool fwd;
/** do we have installed a route for this trap policy? */
@@ -1629,7 +1629,7 @@ static u_int hash_trap(trap_t *trap)
static void acquire(private_kernel_wfp_ipsec_t *this, UINT64 filter_id,
traffic_selector_t *src, traffic_selector_t *dst)
{
- u_int32_t reqid = 0;
+ uint32_t reqid = 0;
trap_t *trap, key = {
.filter_id = filter_id,
};
@@ -1654,7 +1654,7 @@ static void acquire(private_kernel_wfp_ipsec_t *this, UINT64 filter_id,
* Create a single host traffic selector from an FWP address definition
*/
static traffic_selector_t *addr2ts(FWP_IP_VERSION version, void *data,
- u_int8_t protocol, u_int16_t from_port, u_int16_t to_port)
+ uint8_t protocol, uint16_t from_port, uint16_t to_port)
{
ts_type_t type;
UINT32 ints[4];
@@ -1689,9 +1689,9 @@ static void WINAPI event_callback(void *user, const FWPM_NET_EVENT1 *event)
{
private_kernel_wfp_ipsec_t *this = user;
traffic_selector_t *local = NULL, *remote = NULL;
- u_int8_t protocol = 0;
- u_int16_t from_local = 0, to_local = 65535;
- u_int16_t from_remote = 0, to_remote = 65535;
+ uint8_t protocol = 0;
+ uint16_t from_local = 0, to_local = 65535;
+ uint16_t from_remote = 0, to_remote = 65535;
if ((event->header.flags & FWPM_NET_EVENT_FLAG_LOCAL_ADDR_SET) &&
(event->header.flags & FWPM_NET_EVENT_FLAG_REMOTE_ADDR_SET))
@@ -1861,7 +1861,7 @@ static bool uninstall_trap(private_kernel_wfp_ipsec_t *this, trap_t *trap)
* Create and install a new trap entry
*/
static bool add_trap(private_kernel_wfp_ipsec_t *this,
- u_int32_t reqid, bool fwd, host_t *local, host_t *remote,
+ uint32_t reqid, bool fwd, host_t *local, host_t *remote,
traffic_selector_t *src, traffic_selector_t *dst)
{
trap_t *trap;
@@ -1893,7 +1893,7 @@ static bool add_trap(private_kernel_wfp_ipsec_t *this,
* Uninstall and remove a new trap entry
*/
static bool remove_trap(private_kernel_wfp_ipsec_t *this,
- u_int32_t reqid, bool fwd,
+ uint32_t reqid, bool fwd,
traffic_selector_t *src, traffic_selector_t *dst)
{
enumerator_t *enumerator;
@@ -1949,10 +1949,10 @@ static bool init_spi(private_kernel_wfp_ipsec_t *this)
{
return FALSE;
}
- ok = rng->get_bytes(rng, sizeof(this->nextspi), (u_int8_t*)&this->nextspi);
+ ok = rng->get_bytes(rng, sizeof(this->nextspi), (uint8_t*)&this->nextspi);
if (ok)
{
- ok = rng->get_bytes(rng, sizeof(this->mixspi), (u_int8_t*)&this->mixspi);
+ ok = rng->get_bytes(rng, sizeof(this->mixspi), (uint8_t*)&this->mixspi);
}
rng->destroy(rng);
return ok;
@@ -1966,7 +1966,7 @@ static u_int permute(u_int x, u_int p)
u_int qr;
x = x % p;
- qr = ((u_int64_t)x * x) % p;
+ qr = ((uint64_t)x * x) % p;
if (x <= p / 2)
{
return qr;
@@ -1976,7 +1976,7 @@ static u_int permute(u_int x, u_int p)
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
/* To avoid sequencial SPIs, we use a one-to-one permuation function on
* an incrementing counter, that is a full period PRNG for the range we
@@ -1993,7 +1993,7 @@ METHOD(kernel_ipsec_t, get_spi, status_t,
METHOD(kernel_ipsec_t, get_cpi, status_t,
private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
return NOT_SUPPORTED;
}
@@ -2005,7 +2005,7 @@ typedef struct {
/* backref to kernel backend */
private_kernel_wfp_ipsec_t *this;
/* SPI of expiring SA */
- u_int32_t spi;
+ uint32_t spi;
/* destination address of expiring SA */
host_t *dst;
/* is this a hard expire, or a rekey request? */
@@ -2027,7 +2027,7 @@ static void expire_data_destroy(expire_data_t *data)
static job_requeue_t expire_job(expire_data_t *data)
{
private_kernel_wfp_ipsec_t *this = data->this;
- u_int8_t protocol;
+ uint8_t protocol;
entry_t *entry = NULL;
sa_entry_t key = {
.spi = data->spi,
@@ -2074,8 +2074,8 @@ static job_requeue_t expire_job(expire_data_t *data)
/**
* Schedule an expire event for an SA
*/
-static void schedule_expire(private_kernel_wfp_ipsec_t *this, u_int32_t spi,
- host_t *dst, u_int32_t lifetime, bool hard)
+static void schedule_expire(private_kernel_wfp_ipsec_t *this, uint32_t spi,
+ host_t *dst, uint32_t lifetime, bool hard)
{
expire_data_t *data;
@@ -2093,57 +2093,55 @@ static void schedule_expire(private_kernel_wfp_ipsec_t *this, u_int32_t spi,
}
METHOD(kernel_ipsec_t, add_sa, status_t,
- private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
host_t *local, *remote;
entry_t *entry;
- if (inbound)
+ if (data->inbound)
{
/* comes first, create new entry */
- local = dst->clone(dst);
- remote = src->clone(src);
+ local = id->dst->clone(id->dst);
+ remote = id->src->clone(id->src);
INIT(entry,
- .reqid = reqid,
+ .reqid = data->reqid,
.isa = {
- .spi = spi,
+ .spi = id->spi,
.dst = local,
- .protocol = protocol,
- .lifetime = lifetime->time.life,
+ .protocol = id->proto,
+ .lifetime = data->lifetime->time.life,
.encr = {
- .alg = enc_alg,
- .key = chunk_clone(enc_key),
+ .alg = data->enc_alg,
+ .key = chunk_clone(data->enc_key),
},
.integ = {
- .alg = int_alg,
- .key = chunk_clone(int_key),
+ .alg = data->int_alg,
+ .key = chunk_clone(data->int_key),
},
},
.sps = array_create(0, 0),
.local = local,
.remote = remote,
- .mode = mode,
- .encap = encap,
+ .mode = data->mode,
+ .encap = data->encap,
);
- if (lifetime->time.life)
+ if (data->lifetime->time.life)
{
- schedule_expire(this, spi, local, lifetime->time.life, TRUE);
+ schedule_expire(this, id->spi, local,
+ data->lifetime->time.life, TRUE);
}
- if (lifetime->time.rekey && lifetime->time.rekey != lifetime->time.life)
+ if (data->lifetime->time.rekey &&
+ data->lifetime->time.rekey != data->lifetime->time.life)
{
- schedule_expire(this, spi, local, lifetime->time.rekey, FALSE);
+ schedule_expire(this, id->spi, local,
+ data->lifetime->time.rekey, FALSE);
}
this->mutex->lock(this->mutex);
- this->tsas->put(this->tsas, (void*)(uintptr_t)reqid, entry);
+ this->tsas->put(this->tsas, (void*)(uintptr_t)data->reqid, entry);
this->isas->put(this->isas, &entry->isa, entry);
this->mutex->unlock(this->mutex);
}
@@ -2151,29 +2149,29 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
{
/* comes after inbound, update entry */
this->mutex->lock(this->mutex);
- entry = this->tsas->remove(this->tsas, (void*)(uintptr_t)reqid);
+ entry = this->tsas->remove(this->tsas, (void*)(uintptr_t)data->reqid);
this->mutex->unlock(this->mutex);
if (!entry)
{
DBG1(DBG_KNL, "adding outbound SA failed, no inbound SA found "
- "for reqid %u ", reqid);
+ "for reqid %u ", data->reqid);
return NOT_FOUND;
}
/* TODO: should we check for local/remote, mode etc.? */
entry->osa = (sa_entry_t){
- .spi = spi,
+ .spi = id->spi,
.dst = entry->remote,
- .protocol = protocol,
- .lifetime = lifetime->time.life,
+ .protocol = id->proto,
+ .lifetime = data->lifetime->time.life,
.encr = {
- .alg = enc_alg,
- .key = chunk_clone(enc_key),
+ .alg = data->enc_alg,
+ .key = chunk_clone(data->enc_key),
},
.integ = {
- .alg = int_alg,
- .key = chunk_clone(int_key),
+ .alg = data->int_alg,
+ .key = chunk_clone(data->int_key),
},
};
@@ -2186,14 +2184,13 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
}
METHOD(kernel_ipsec_t, update_sa, status_t,
- private_kernel_wfp_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
- bool encap, bool new_encap, mark_t mark)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
entry_t *entry;
sa_entry_t key = {
- .dst = dst,
- .spi = spi,
+ .dst = id->dst,
+ .spi = id->spi,
};
UINT64 sa_id = 0;
IPSEC_SA_CONTEXT1 *ctx;
@@ -2233,16 +2230,16 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
DBG1(DBG_KNL, "getting WFP SA context for updated failed: 0x%08x", res);
return FAILED;
}
- if (!hosts2traffic(this, new_dst, new_src, &ctx->inboundSa->traffic) ||
- !hosts2traffic(this, new_dst, new_src, &ctx->outboundSa->traffic))
+ if (!hosts2traffic(this, data->new_dst, data->new_src, &ctx->inboundSa->traffic) ||
+ !hosts2traffic(this, data->new_dst, data->new_src, &ctx->outboundSa->traffic))
{
FwpmFreeMemory0((void**)&ctx);
return FAILED;
}
- if (new_encap != encap)
+ if (data->new_encap != data->encap)
{
- if (new_encap)
+ if (data->new_encap)
{
ctx->inboundSa->udpEncapsulation = &ports;
ctx->outboundSa->udpEncapsulation = &ports;
@@ -2273,8 +2270,8 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
entry->local->destroy(entry->local);
entry->remote->destroy(entry->remote);
- entry->local = new_dst->clone(new_dst);
- entry->remote = new_src->clone(new_src);
+ entry->local = data->new_dst->clone(data->new_dst);
+ entry->remote = data->new_src->clone(data->new_src);
entry->isa.dst = entry->local;
entry->osa.dst = entry->remote;
@@ -2290,9 +2287,9 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
}
METHOD(kernel_ipsec_t, query_sa, status_t,
- private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark, u_int64_t *bytes,
- u_int64_t *packets, time_t *time)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
/* It does not seem that WFP provides any means of getting per-SA traffic
* statistics. IPsecGetStatistics0/1() provides global stats, and
@@ -2302,13 +2299,13 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
}
METHOD(kernel_ipsec_t, del_sa, status_t,
- private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
entry_t *entry;
sa_entry_t key = {
- .dst = dst,
- .spi = spi,
+ .dst = id->dst,
+ .spi = id->spi,
};
this->mutex->lock(this->mutex);
@@ -2341,25 +2338,23 @@ METHOD(kernel_ipsec_t, flush_sas, status_t,
}
METHOD(kernel_ipsec_t, add_policy, status_t,
- private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark,
- policy_priority_t priority)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
status_t status = SUCCESS;
entry_t *entry;
sp_entry_t *sp;
sa_entry_t key = {
- .spi = sa->esp.use ? sa->esp.spi : sa->ah.spi,
- .dst = dst,
+ .spi = data->sa->esp.use ? data->sa->esp.spi : data->sa->ah.spi,
+ .dst = data->dst,
};
- if (sa->esp.use && sa->ah.use)
+ if (data->sa->esp.use && data->sa->ah.use)
{
return NOT_SUPPORTED;
}
- switch (type)
+ switch (data->type)
{
case POLICY_IPSEC:
break;
@@ -2368,7 +2363,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
return NOT_SUPPORTED;
}
- switch (direction)
+ switch (id->dir)
{
case POLICY_OUT:
break;
@@ -2380,18 +2375,20 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
return NOT_SUPPORTED;
}
- switch (priority)
+ switch (data->prio)
{
case POLICY_PRIORITY_DEFAULT:
break;
case POLICY_PRIORITY_ROUTED:
- if (!add_trap(this, sa->reqid, FALSE, src, dst, src_ts, dst_ts))
+ if (!add_trap(this, data->sa->reqid, FALSE, data->src, data->dst,
+ id->src_ts, id->dst_ts))
{
return FAILED;
}
- if (sa->mode == MODE_TUNNEL)
+ if (data->sa->mode == MODE_TUNNEL)
{
- if (!add_trap(this, sa->reqid, TRUE, src, dst, src_ts, dst_ts))
+ if (!add_trap(this, data->sa->reqid, TRUE, data->src, data->dst,
+ id->src_ts, id->dst_ts))
{
return FAILED;
}
@@ -2406,14 +2403,14 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
entry = this->osas->get(this->osas, &key);
if (entry)
{
- if (sa->mode == MODE_TUNNEL || array_count(entry->sps) == 0)
+ if (data->sa->mode == MODE_TUNNEL || array_count(entry->sps) == 0)
{
INIT(sp,
- .src = src_ts->clone(src_ts),
- .dst = dst_ts->clone(dst_ts),
+ .src = id->src_ts->clone(id->src_ts),
+ .dst = id->dst_ts->clone(id->dst_ts),
);
array_insert(entry->sps, -1, sp);
- if (array_count(entry->sps) == sa->policy_count)
+ if (array_count(entry->sps) == data->sa->policy_count)
{
if (!install(this, entry))
{
@@ -2442,25 +2439,24 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
}
METHOD(kernel_ipsec_t, query_policy, status_t,
- private_kernel_wfp_ipsec_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
/* see query_sa() for some notes */
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, del_policy, status_t,
- private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_kernel_wfp_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
- if (direction == POLICY_OUT && priority == POLICY_PRIORITY_ROUTED)
+ if (id->dir == POLICY_OUT && data->prio == POLICY_PRIORITY_ROUTED)
{
- if (remove_trap(this, sa->reqid, FALSE, src_ts, dst_ts))
+ if (remove_trap(this, data->sa->reqid, FALSE, id->src_ts,
+ id->dst_ts))
{
- remove_trap(this, sa->reqid, TRUE, src_ts, dst_ts);
+ remove_trap(this, data->sa->reqid, TRUE, id->src_ts,
+ id->dst_ts);
return SUCCESS;
}
return NOT_FOUND;
@@ -2479,7 +2475,7 @@ METHOD(kernel_ipsec_t, flush_policies, status_t,
* Add a bypass policy for a specific UDP port
*/
static bool add_bypass(private_kernel_wfp_ipsec_t *this,
- int family, u_int16_t port, bool inbound, UINT64 *luid)
+ int family, uint16_t port, bool inbound, UINT64 *luid)
{
FWPM_FILTER_CONDITION0 *cond, *conds = NULL;
int count = 0;
@@ -2547,7 +2543,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
} saddr;
int addrlen = sizeof(saddr);
UINT64 filter_out, filter_in = 0;
- u_int16_t port;
+ uint16_t port;
if (getsockname(fd, &saddr.sa, &addrlen) == SOCKET_ERROR)
{
@@ -2584,7 +2580,7 @@ METHOD(kernel_ipsec_t, bypass_socket, bool,
}
METHOD(kernel_ipsec_t, enable_udp_decap, bool,
- private_kernel_wfp_ipsec_t *this, int fd, int family, u_int16_t port)
+ private_kernel_wfp_ipsec_t *this, int fd, int family, uint16_t port)
{
return FALSE;
}
diff --git a/src/libcharon/plugins/led/Makefile.in b/src/libcharon/plugins/led/Makefile.in
index 63bbf1975..e0c2cba50 100644
--- a/src/libcharon/plugins/led/Makefile.in
+++ b/src/libcharon/plugins/led/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/led
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/led/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/led/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/load_tester/Makefile.in b/src/libcharon/plugins/load_tester/Makefile.in
index 14fcd6f4c..856bdd8aa 100644
--- a/src/libcharon/plugins/load_tester/Makefile.in
+++ b/src/libcharon/plugins/load_tester/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = load-tester$(EXEEXT)
subdir = src/libcharon/plugins/load_tester
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -213,12 +222,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -268,6 +279,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -302,6 +314,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -413,6 +426,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -478,7 +492,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/load_tester/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/load_tester/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -852,6 +865,8 @@ uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/load_tester/load_tester.c b/src/libcharon/plugins/load_tester/load_tester.c
index f5a998ecc..94b934d09 100644
--- a/src/libcharon/plugins/load_tester/load_tester.c
+++ b/src/libcharon/plugins/load_tester/load_tester.c
@@ -65,7 +65,7 @@ static FILE* make_connection()
static int initiate(unsigned int count, unsigned int delay)
{
FILE *stream;
- char c;
+ int c;
stream = make_connection();
if (!stream)
diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c
index 8f6abde0c..28421c212 100644
--- a/src/libcharon/plugins/load_tester/load_tester_config.c
+++ b/src/libcharon/plugins/load_tester/load_tester_config.c
@@ -124,7 +124,7 @@ struct private_load_tester_config_t {
/**
* Current port for unique initiator ports
*/
- u_int16_t unique_port;
+ uint16_t unique_port;
/**
* IKE_SA rekeying delay
@@ -154,7 +154,7 @@ struct private_load_tester_config_t {
/**
* Dynamic source port, if used
*/
- u_int16_t port;
+ uint16_t port;
/**
* IKE version to use for load testing
@@ -454,8 +454,8 @@ static void generate_auth_cfg(private_load_tester_config_t *this, char *str,
/**
* Parse a protoport specifier
*/
-static bool parse_protoport(char *token, u_int16_t *from_port,
- u_int16_t *to_port, u_int8_t *protocol)
+static bool parse_protoport(char *token, uint16_t *from_port,
+ uint16_t *to_port, uint8_t *protocol)
{
char *sep, *port = "", *endptr;
struct protoent *proto;
@@ -494,7 +494,7 @@ static bool parse_protoport(char *token, u_int16_t *from_port,
{
return FALSE;
}
- *protocol = (u_int8_t)p;
+ *protocol = (uint8_t)p;
}
}
if (streq(port, "%any"))
@@ -557,8 +557,8 @@ static void add_ts(private_load_tester_config_t *this,
{
enumerator_t *enumerator;
char *subnet, *pos;
- u_int16_t from_port, to_port;
- u_int8_t proto;
+ uint16_t from_port, to_port;
+ uint8_t proto;
enumerator = enumerator_create_token(string, ",", " ");
while (enumerator->enumerate(enumerator, &subnet))
@@ -688,13 +688,25 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
peer_cfg_t *peer_cfg;
char local[32], *remote;
host_t *addr;
- ipsec_mode_t mode = MODE_TUNNEL;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = this->child_rekey * 2,
- .rekey = this->child_rekey,
- .jitter = 0
- }
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_SEND_IF_ASKED,
+ .unique = UNIQUE_NO,
+ .keyingtries = 1,
+ .rekey_time = this->ike_rekey,
+ .over_time = this->ike_rekey,
+ .no_mobike = TRUE,
+ .dpd = this->dpd_delay,
+ .dpd_timeout = this->dpd_timeout,
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = this->child_rekey * 2,
+ .rekey = this->child_rekey,
+ .jitter = 0
+ },
+ },
+ .mode = MODE_TUNNEL,
};
if (num)
@@ -737,14 +749,8 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
FRAGMENTATION_NO, 0);
}
ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal));
- peer_cfg = peer_cfg_create("load-test", ike_cfg,
- CERT_SEND_IF_ASKED, UNIQUE_NO, 1, /* keytries */
- this->ike_rekey, 0, /* rekey, reauth */
- 0, this->ike_rekey, /* jitter, overtime */
- FALSE, FALSE, TRUE, /* mobike, aggressive, pull */
- this->dpd_delay, /* dpd_delay */
- this->dpd_timeout, /* dpd_timeout */
- FALSE, NULL, NULL);
+ peer_cfg = peer_cfg_create("load-test", ike_cfg, &peer);
+
if (this->vip)
{
peer_cfg->add_virtual_ip(peer_cfg, this->vip->clone(this->vip));
@@ -768,17 +774,15 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
{
if (streq(this->mode, "transport"))
{
- mode = MODE_TRANSPORT;
+ child.mode = MODE_TRANSPORT;
}
else if (streq(this->mode, "beet"))
{
- mode = MODE_BEET;
+ child.mode = MODE_BEET;
}
}
- child_cfg = child_cfg_create("load-test", &lifetime, NULL, TRUE, mode,
- ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
- 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create("load-test", &child);
child_cfg->add_proposal(child_cfg, this->esp->clone(this->esp));
if (num)
diff --git a/src/libcharon/plugins/load_tester/load_tester_creds.c b/src/libcharon/plugins/load_tester/load_tester_creds.c
index d62c7295d..2f482962a 100644
--- a/src/libcharon/plugins/load_tester/load_tester_creds.c
+++ b/src/libcharon/plugins/load_tester/load_tester_creds.c
@@ -57,7 +57,7 @@ struct private_load_tester_creds_t {
/**
* serial number to issue certificates
*/
- u_int32_t serial;
+ uint32_t serial;
/**
* Preshared key for IKE
@@ -307,7 +307,7 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
identification_t *dn = NULL;
linked_list_t *sans;
char buf[128];
- u_int32_t serial;
+ uint32_t serial;
time_t now;
if (this->ca == NULL)
diff --git a/src/libcharon/plugins/load_tester/load_tester_ipsec.c b/src/libcharon/plugins/load_tester/load_tester_ipsec.c
index 6a86bb899..4e20c8f3a 100644
--- a/src/libcharon/plugins/load_tester/load_tester_ipsec.c
+++ b/src/libcharon/plugins/load_tester/load_tester_ipsec.c
@@ -36,7 +36,7 @@ struct private_load_tester_ipsec_t {
METHOD(kernel_ipsec_t, get_spi, status_t,
private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi)
+ uint8_t protocol, uint32_t *spi)
{
*spi = (uint32_t)ref_get(&this->spi);
return SUCCESS;
@@ -44,69 +44,58 @@ METHOD(kernel_ipsec_t, get_spi, status_t,
METHOD(kernel_ipsec_t, get_cpi, status_t,
private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- u_int16_t *cpi)
+ uint16_t *cpi)
{
return FAILED;
}
METHOD(kernel_ipsec_t, add_sa, status_t,
- private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, u_int32_t replay_window,
- bool initiator, bool encap, bool esn, bool inbound, bool update,
- linked_list_t *src_ts, linked_list_t *dst_ts)
+ private_load_tester_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
{
return SUCCESS;
}
METHOD(kernel_ipsec_t, update_sa, status_t,
- private_load_tester_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src,
- host_t *new_dst, bool encap, bool new_encap, mark_t mark)
+ private_load_tester_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
{
return SUCCESS;
}
METHOD(kernel_ipsec_t, query_sa, status_t,
- private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time)
+ private_load_tester_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
{
return NOT_SUPPORTED;
}
METHOD(kernel_ipsec_t, del_sa, status_t,
- private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_load_tester_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
{
return SUCCESS;
}
METHOD(kernel_ipsec_t, add_policy, status_t,
- private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_load_tester_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
return SUCCESS;
}
METHOD(kernel_ipsec_t, query_policy, status_t,
- private_load_tester_ipsec_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
- time_t *use_time)
+ private_load_tester_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
{
*use_time = 1;
return SUCCESS;
}
METHOD(kernel_ipsec_t, del_policy, status_t,
- private_load_tester_ipsec_t *this, host_t *src, host_t *dst,
- traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
- mark_t mark, policy_priority_t priority)
+ private_load_tester_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
{
return SUCCESS;
}
diff --git a/src/libcharon/plugins/lookip/Makefile.in b/src/libcharon/plugins/lookip/Makefile.in
index 9b56d94fe..69aa3792c 100644
--- a/src/libcharon/plugins/lookip/Makefile.in
+++ b/src/libcharon/plugins/lookip/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = lookip$(EXEEXT)
subdir = src/libcharon/plugins/lookip
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -209,12 +218,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -264,6 +275,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -298,6 +310,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -409,6 +422,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/lookip/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/lookip/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -839,6 +852,8 @@ uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/maemo/Makefile.in b/src/libcharon/plugins/maemo/Makefile.in
index 5cc654967..78525bf6c 100644
--- a/src/libcharon/plugins/maemo/Makefile.in
+++ b/src/libcharon/plugins/maemo/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/maemo
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -468,7 +482,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/maemo/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/maemo/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -805,6 +818,8 @@ uninstall-am: uninstall-dbusserviceDATA uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-dbusserviceDATA uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
org.strongswan.charon.service: $(srcdir)/org.strongswan.charon.service.in
$(AM_V_GEN) \
diff --git a/src/libcharon/plugins/maemo/maemo_service.c b/src/libcharon/plugins/maemo/maemo_service.c
index 2e96f8fb4..3e5861b87 100644
--- a/src/libcharon/plugins/maemo/maemo_service.c
+++ b/src/libcharon/plugins/maemo/maemo_service.c
@@ -236,12 +236,23 @@ static gboolean initiate_connection(private_maemo_service_t *this,
traffic_selector_t *ts;
auth_cfg_t *auth;
certificate_t *cert;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = 10800, /* 3h */
- .rekey = 10200, /* 2h50min */
- .jitter = 300 /* 5min */
- }
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_SEND_IF_ASKED,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ .rekey_time = 36000, /* 10h */
+ .jitter_time = 600, /* 10min */
+ .over_time = 600, /* 10min */
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = 10800, /* 3h */
+ .rekey = 10200, /* 2h50min */
+ .jitter = 300 /* 5min */
+ },
+ },
+ .mode = MODE_TUNNEL,
};
if (this->status == VPN_STATUS_CONNECTED ||
@@ -329,14 +340,7 @@ static gboolean initiate_connection(private_maemo_service_t *this,
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
- peer_cfg = peer_cfg_create(this->current, ike_cfg,
- CERT_SEND_IF_ASKED,
- UNIQUE_REPLACE, 1, /* keyingtries */
- 36000, 0, /* rekey 10h, reauth none */
- 600, 600, /* jitter, over 10min */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- 0, 0, /* DPD delay, timeout */
- FALSE, NULL, NULL); /* mediation */
+ peer_cfg = peer_cfg_create(this->current, ike_cfg, &peer);
peer_cfg->add_virtual_ip(peer_cfg, host_create_from_string("0.0.0.0", 0));
auth = auth_cfg_create();
@@ -348,9 +352,7 @@ static gboolean initiate_connection(private_maemo_service_t *this,
auth->add(auth, AUTH_RULE_IDENTITY, gateway);
peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(this->current, &lifetime, NULL /* updown */,
- TRUE, MODE_TUNNEL, ACTION_NONE, ACTION_NONE,
- ACTION_NONE, FALSE, 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create(this->current, &child);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
ts = traffic_selector_create_dynamic(0, 0, 65535);
diff --git a/src/libcharon/plugins/medcli/Makefile.in b/src/libcharon/plugins/medcli/Makefile.in
index 32c428487..fe301a7d9 100644
--- a/src/libcharon/plugins/medcli/Makefile.in
+++ b/src/libcharon/plugins/medcli/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/medcli
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -463,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/medcli/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/medcli/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -779,6 +792,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c
index 25b138387..4452739c1 100644
--- a/src/libcharon/plugins/medcli/medcli_config.c
+++ b/src/libcharon/plugins/medcli/medcli_config.c
@@ -82,12 +82,25 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
child_cfg_t *child_cfg;
chunk_t me, other;
char *address, *local_net, *remote_net;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = this->rekey * 60 + this->rekey,
- .rekey = this->rekey,
- .jitter = this->rekey
- }
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_NEVER_SEND,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ .rekey_time = this->rekey * 60,
+ .jitter_time = this->rekey * 5,
+ .over_time = this->rekey * 3,
+ .dpd = this->dpd,
+ .mediation = TRUE,
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = this->rekey * 60 + this->rekey,
+ .rekey = this->rekey,
+ .jitter = this->rekey
+ },
+ },
+ .mode = MODE_TUNNEL,
};
/* query mediation server config:
@@ -107,14 +120,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
address, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
- med_cfg = peer_cfg_create(
- "mediation", ike_cfg,
- CERT_NEVER_SEND, UNIQUE_REPLACE,
- 1, this->rekey*60, 0, /* keytries, rekey, reauth */
- this->rekey*5, this->rekey*3, /* jitter, overtime */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- this->dpd, 0, /* DPD delay, timeout */
- TRUE, NULL, NULL); /* mediation, med by, peer id */
+ med_cfg = peer_cfg_create("mediation", ike_cfg, &peer);
e->destroy(e);
auth = auth_cfg_create();
@@ -144,15 +150,10 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
DESTROY_IF(e);
return NULL;
}
- peer_cfg = peer_cfg_create(
- name, this->ike->get_ref(this->ike),
- CERT_NEVER_SEND, UNIQUE_REPLACE,
- 1, this->rekey*60, 0, /* keytries, rekey, reauth */
- this->rekey*5, this->rekey*3, /* jitter, overtime */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- this->dpd, 0, /* DPD delay, timeout */
- FALSE, med_cfg, /* mediation, med by */
- identification_create_from_encoding(ID_KEY_ID, other));
+ peer.mediation = FALSE;
+ peer.mediated_by = med_cfg;
+ peer.peer_id = identification_create_from_encoding(ID_KEY_ID, other);
+ peer_cfg = peer_cfg_create(name, this->ike->get_ref(this->ike), &peer);
auth = auth_cfg_create();
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
@@ -165,9 +166,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
identification_create_from_encoding(ID_KEY_ID, other));
peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(name, &lifetime, NULL, TRUE, MODE_TUNNEL,
- ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
- 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create(name, &child);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, ts_from_string(local_net));
@@ -205,12 +204,24 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
chunk_t me, other;
child_cfg_t *child_cfg;
auth_cfg_t *auth;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = this->rekey * 60 + this->rekey,
- .rekey = this->rekey,
- .jitter = this->rekey
- }
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_NEVER_SEND,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ .rekey_time = this->rekey * 60,
+ .jitter_time = this->rekey * 5,
+ .over_time = this->rekey * 3,
+ .dpd = this->dpd,
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = this->rekey * 60 + this->rekey,
+ .rekey = this->rekey,
+ .jitter = this->rekey
+ },
+ },
+ .mode = MODE_TUNNEL,
};
DESTROY_IF(this->current);
@@ -220,14 +231,7 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
this->current = NULL;
return FALSE;
}
- this->current = peer_cfg_create(
- name, this->ike->get_ref(this->ike),
- CERT_NEVER_SEND, UNIQUE_REPLACE,
- 1, this->rekey*60, 0, /* keytries, rekey, reauth */
- this->rekey*5, this->rekey*3, /* jitter, overtime */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- this->dpd, 0, /* DPD delay, timeout */
- FALSE, NULL, NULL); /* mediation, med by, peer id */
+ this->current = peer_cfg_create(name, this->ike->get_ref(this->ike), &peer);
auth = auth_cfg_create();
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
@@ -240,9 +244,7 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
identification_create_from_encoding(ID_KEY_ID, other));
this->current->add_auth_cfg(this->current, auth, FALSE);
- child_cfg = child_cfg_create(name, &lifetime, NULL, TRUE, MODE_TUNNEL,
- ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
- 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create(name, &child);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_proposal(child_cfg, proposal_create_default_aead(PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, ts_from_string(local_net));
diff --git a/src/libcharon/plugins/medsrv/Makefile.in b/src/libcharon/plugins/medsrv/Makefile.in
index de0217a80..d4154fea4 100644
--- a/src/libcharon/plugins/medsrv/Makefile.in
+++ b/src/libcharon/plugins/medsrv/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/medsrv
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/medsrv/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/medsrv/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/medsrv/medsrv_config.c b/src/libcharon/plugins/medsrv/medsrv_config.c
index 02d805e06..be7f481b6 100644
--- a/src/libcharon/plugins/medsrv/medsrv_config.c
+++ b/src/libcharon/plugins/medsrv/medsrv_config.c
@@ -87,14 +87,18 @@ METHOD(backend_t, create_peer_cfg_enumerator, enumerator_t*,
if (e->enumerate(e, &name))
{
- peer_cfg = peer_cfg_create(
- name, this->ike->get_ref(this->ike),
- CERT_NEVER_SEND, UNIQUE_REPLACE,
- 1, this->rekey*60, 0, /* keytries, rekey, reauth */
- this->rekey*5, this->rekey*3, /* jitter, overtime */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- this->dpd, 0, /* DPD delay, timeout */
- TRUE, NULL, NULL); /* mediation, med by, peer id */
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_NEVER_SEND,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ .rekey_time = this->rekey * 60,
+ .jitter_time = this->rekey * 5,
+ .over_time = this->rekey * 3,
+ .dpd = this->dpd,
+ .mediation = TRUE,
+ };
+ peer_cfg = peer_cfg_create(name, this->ike->get_ref(this->ike),
+ &peer);
e->destroy(e);
auth = auth_cfg_create();
diff --git a/src/libcharon/plugins/osx_attr/Makefile.in b/src/libcharon/plugins/osx_attr/Makefile.in
index 6a1a81f08..ec488defe 100644
--- a/src/libcharon/plugins/osx_attr/Makefile.in
+++ b/src/libcharon/plugins/osx_attr/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/osx_attr
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -463,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/osx_attr/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/osx_attr/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/p_cscf/Makefile.am b/src/libcharon/plugins/p_cscf/Makefile.am
index 1e00a56a8..f37f3f514 100644
--- a/src/libcharon/plugins/p_cscf/Makefile.am
+++ b/src/libcharon/plugins/p_cscf/Makefile.am
@@ -1,6 +1,5 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
- -I$(top_srcdir)/src/libhydra \
-I$(top_srcdir)/src/libcharon
AM_CFLAGS = \
diff --git a/src/libcharon/plugins/p_cscf/Makefile.in b/src/libcharon/plugins/p_cscf/Makefile.in
index 7f78db85a..67ab4bfe3 100644
--- a/src/libcharon/plugins/p_cscf/Makefile.in
+++ b/src/libcharon/plugins/p_cscf/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/p_cscf
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -433,7 +447,6 @@ xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
- -I$(top_srcdir)/src/libhydra \
-I$(top_srcdir)/src/libcharon
AM_CFLAGS = \
@@ -462,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/p_cscf/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/p_cscf/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/radattr/Makefile.in b/src/libcharon/plugins/radattr/Makefile.in
index 3f39ba237..9b7ab4c53 100644
--- a/src/libcharon/plugins/radattr/Makefile.in
+++ b/src/libcharon/plugins/radattr/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/radattr
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -463,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/radattr/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/radattr/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/resolve/Makefile.in b/src/libcharon/plugins/resolve/Makefile.in
index 70d97cc32..38b709ef0 100644
--- a/src/libcharon/plugins/resolve/Makefile.in
+++ b/src/libcharon/plugins/resolve/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/resolve
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/resolve/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/resolve/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/resolve/resolve_handler.c b/src/libcharon/plugins/resolve/resolve_handler.c
index ec3decc4d..9077b51d4 100644
--- a/src/libcharon/plugins/resolve/resolve_handler.c
+++ b/src/libcharon/plugins/resolve/resolve_handler.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2016 Tobias Brunner
* Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -21,6 +21,8 @@
#include <unistd.h>
#include <utils/debug.h>
+#include <utils/process.h>
+#include <collections/array.h>
#include <threading/mutex.h>
/* path to resolvconf executable */
@@ -47,12 +49,12 @@ struct private_resolve_handler_t {
char *file;
/**
- * use resolvconf instead of writing directly to resolv.conf
+ * Use resolvconf instead of writing directly to resolv.conf
*/
bool use_resolvconf;
/**
- * prefix to be used for interface names sent to resolvconf
+ * Prefix to be used for interface names sent to resolvconf
*/
char *iface_prefix;
@@ -60,13 +62,55 @@ struct private_resolve_handler_t {
* Mutex to access file exclusively
*/
mutex_t *mutex;
+
+ /**
+ * Reference counting for DNS servers dns_server_t
+ */
+ array_t *servers;
};
/**
+ * Reference counting for DNS servers
+ */
+typedef struct {
+
+ /**
+ * DNS server address
+ */
+ host_t *server;
+
+ /**
+ * Reference count
+ */
+ u_int refcount;
+
+} dns_server_t;
+
+/**
+ * Compare a server and a stored reference
+ */
+static int dns_server_find(const void *a, const void *b)
+{
+ host_t *server = (host_t*)a;
+ dns_server_t *item = (dns_server_t*)b;
+ return chunk_compare(server->get_address(server),
+ item->server->get_address(item->server));
+}
+
+/**
+ * Sort references by DNS server
+ */
+static int dns_server_sort(const void *a, const void *b, void *user)
+{
+ const dns_server_t *da = a, *db = b;
+ return chunk_compare(da->server->get_address(da->server),
+ db->server->get_address(db->server));
+}
+
+/**
* Writes the given nameserver to resolv.conf
*/
-static bool write_nameserver(private_resolve_handler_t *this,
- identification_t *server, host_t *addr)
+static bool write_nameserver(private_resolve_handler_t *this, host_t *addr)
{
FILE *in, *out;
char buf[1024];
@@ -79,8 +123,7 @@ static bool write_nameserver(private_resolve_handler_t *this,
out = fopen(this->file, "w");
if (out)
{
- fprintf(out, "nameserver %H # by strongSwan, from %Y\n", addr,
- server);
+ fprintf(out, "nameserver %H # by strongSwan\n", addr);
DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file);
handled = TRUE;
@@ -104,8 +147,7 @@ static bool write_nameserver(private_resolve_handler_t *this,
/**
* Removes the given nameserver from resolv.conf
*/
-static void remove_nameserver(private_resolve_handler_t *this,
- identification_t *server, host_t *addr)
+static void remove_nameserver(private_resolve_handler_t *this, host_t *addr)
{
FILE *in, *out;
char line[1024], matcher[512];
@@ -119,8 +161,7 @@ static void remove_nameserver(private_resolve_handler_t *this,
if (out)
{
snprintf(matcher, sizeof(matcher),
- "nameserver %H # by strongSwan, from %Y\n",
- addr, server);
+ "nameserver %H # by strongSwan\n", addr);
/* copy all, but matching line */
while (fgets(line, sizeof(line), in))
@@ -144,50 +185,91 @@ static void remove_nameserver(private_resolve_handler_t *this,
/**
* Add or remove the given nameserver by invoking resolvconf.
*/
-static bool invoke_resolvconf(private_resolve_handler_t *this,
- identification_t *server, host_t *addr,
+static bool invoke_resolvconf(private_resolve_handler_t *this, host_t *addr,
bool install)
{
- char cmd[128];
- bool success = TRUE;
+ process_t *process;
+ FILE *shell;
+ int in, out, retval;
/* we use the nameserver's IP address as part of the interface name to
* make them unique */
- if (snprintf(cmd, sizeof(cmd), "%s %s %s%H", RESOLVCONF_EXEC,
- install ? "-a" : "-d", this->iface_prefix, addr) >= sizeof(cmd))
+ process = process_start_shell(NULL, install ? &in : NULL, &out, NULL,
+ "2>&1 %s %s %s%H", RESOLVCONF_EXEC,
+ install ? "-a" : "-d", this->iface_prefix, addr);
+
+ if (!process)
{
return FALSE;
}
-
if (install)
{
- FILE *out;
-
- out = popen(cmd, "w");
- if (!out)
+ shell = fdopen(in, "w");
+ if (shell)
{
- return FALSE;
+ DBG1(DBG_IKE, "installing DNS server %H via resolvconf", addr);
+ fprintf(shell, "nameserver %H\n", addr);
+ fclose(shell);
}
- DBG1(DBG_IKE, "installing DNS server %H via resolvconf", addr);
- fprintf(out, "nameserver %H\n", addr);
- success = !ferror(out);
- if (pclose(out))
+ else
{
+ close(in);
+ close(out);
+ process->wait(process, NULL);
return FALSE;
}
}
else
{
- ignore_result(system(cmd));
+ DBG1(DBG_IKE, "removing DNS server %H via resolvconf", addr);
+ }
+ shell = fdopen(out, "r");
+ if (shell)
+ {
+ while (TRUE)
+ {
+ char resp[128], *e;
+
+ if (fgets(resp, sizeof(resp), shell) == NULL)
+ {
+ if (ferror(shell))
+ {
+ DBG1(DBG_IKE, "error reading from resolvconf");
+ }
+ break;
+ }
+ else
+ {
+ e = resp + strlen(resp);
+ if (e > resp && e[-1] == '\n')
+ {
+ e[-1] = '\0';
+ }
+ DBG1(DBG_IKE, "resolvconf: %s", resp);
+ }
+ }
+ fclose(shell);
+ }
+ else
+ {
+ close(out);
+ }
+ if (!process->wait(process, &retval) || retval != EXIT_SUCCESS)
+ {
+ if (install)
+ { /* revert changes when installing fails */
+ invoke_resolvconf(this, addr, FALSE);
+ return FALSE;
+ }
}
- return success;
+ return TRUE;
}
METHOD(attribute_handler_t, handle, bool,
private_resolve_handler_t *this, ike_sa_t *ike_sa,
configuration_attribute_type_t type, chunk_t data)
{
- identification_t *server;
+ dns_server_t *found = NULL;
host_t *addr;
bool handled;
@@ -208,16 +290,34 @@ METHOD(attribute_handler_t, handle, bool,
DESTROY_IF(addr);
return FALSE;
}
- server = ike_sa->get_other_id(ike_sa);
this->mutex->lock(this->mutex);
- if (this->use_resolvconf)
+ if (array_bsearch(this->servers, addr, dns_server_find, &found) == -1)
{
- handled = invoke_resolvconf(this, server, addr, TRUE);
+ if (this->use_resolvconf)
+ {
+ handled = invoke_resolvconf(this, addr, TRUE);
+ }
+ else
+ {
+ handled = write_nameserver(this, addr);
+ }
+ if (handled)
+ {
+ INIT(found,
+ .server = addr->clone(addr),
+ .refcount = 1,
+ );
+ array_insert_create(&this->servers, ARRAY_TAIL, found);
+ array_sort(this->servers, dns_server_sort, NULL);
+ }
}
else
{
- handled = write_nameserver(this, server, addr);
+ DBG1(DBG_IKE, "DNS server %H already installed, increasing refcount",
+ addr);
+ found->refcount++;
+ handled = TRUE;
}
this->mutex->unlock(this->mutex);
addr->destroy(addr);
@@ -233,9 +333,9 @@ METHOD(attribute_handler_t, release, void,
private_resolve_handler_t *this, ike_sa_t *ike_sa,
configuration_attribute_type_t type, chunk_t data)
{
- identification_t *server;
+ dns_server_t *found = NULL;
host_t *addr;
- int family;
+ int family, idx;
switch (type)
{
@@ -249,16 +349,30 @@ METHOD(attribute_handler_t, release, void,
return;
}
addr = host_create_from_chunk(family, data, 0);
- server = ike_sa->get_other_id(ike_sa);
this->mutex->lock(this->mutex);
- if (this->use_resolvconf)
- {
- invoke_resolvconf(this, server, addr, FALSE);
- }
- else
+ idx = array_bsearch(this->servers, addr, dns_server_find, &found);
+ if (idx != -1)
{
- remove_nameserver(this, server, addr);
+ if (--found->refcount > 0)
+ {
+ DBG1(DBG_IKE, "DNS server %H still used, decreasing refcount",
+ addr);
+ }
+ else
+ {
+ if (this->use_resolvconf)
+ {
+ invoke_resolvconf(this, addr, FALSE);
+ }
+ else
+ {
+ remove_nameserver(this, addr);
+ }
+ array_remove(this->servers, idx, NULL);
+ found->server->destroy(found->server);
+ free(found);
+ }
}
this->mutex->unlock(this->mutex);
@@ -341,6 +455,7 @@ METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
METHOD(resolve_handler_t, destroy, void,
private_resolve_handler_t *this)
{
+ array_destroy(this->servers);
this->mutex->destroy(this->mutex);
free(this);
}
diff --git a/src/libcharon/plugins/smp/Makefile.in b/src/libcharon/plugins/smp/Makefile.in
index 221cda71a..72a168cb5 100644
--- a/src/libcharon/plugins/smp/Makefile.in
+++ b/src/libcharon/plugins/smp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/smp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/smp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/smp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/smp/smp.c b/src/libcharon/plugins/smp/smp.c
index 56b19c792..56891b263 100644
--- a/src/libcharon/plugins/smp/smp.c
+++ b/src/libcharon/plugins/smp/smp.c
@@ -374,7 +374,7 @@ static void request_control_terminate(xmlTextReaderPtr reader,
xmlTextReaderNodeType(reader) == XML_READER_TYPE_TEXT)
{
const char *str;
- u_int32_t id;
+ uint32_t id;
status_t status;
str = xmlTextReaderConstValue(reader);
diff --git a/src/libcharon/plugins/socket_default/Makefile.in b/src/libcharon/plugins/socket_default/Makefile.in
index 3dcfaf4a6..112d8d218 100644
--- a/src/libcharon/plugins/socket_default/Makefile.in
+++ b/src/libcharon/plugins/socket_default/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/socket_default
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/socket_default/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/socket_default/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
index 6e432d9cf..ba22b0c2b 100644
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -84,12 +84,12 @@ struct private_socket_default_socket_t {
/**
* Configured port (or random, if initially 0)
*/
- u_int16_t port;
+ uint16_t port;
/**
* Configured port for NAT-T (or random, if initially 0)
*/
- u_int16_t natt;
+ uint16_t natt;
/**
* IPv4 socket (500 or port)
@@ -114,22 +114,22 @@ struct private_socket_default_socket_t {
/**
* DSCP value set on IPv4 socket
*/
- u_int8_t dscp4;
+ uint8_t dscp4;
/**
* DSCP value set on IPv4 socket for NAT-T (4500 or natt)
*/
- u_int8_t dscp4_natt;
+ uint8_t dscp4_natt;
/**
* DSCP value set on IPv6 socket (500 or port)
*/
- u_int8_t dscp6;
+ uint8_t dscp6;
/**
* DSCP value set on IPv6 socket for NAT-T (4500 or natt)
*/
- u_int8_t dscp6_natt;
+ uint8_t dscp6_natt;
/**
* Maximum packet size to receive
@@ -153,7 +153,7 @@ struct private_socket_default_socket_t {
*/
#ifdef IP_PKTINFO
-static host_t *get_dst_v4(struct cmsghdr *cmsgptr, u_int16_t port)
+static host_t *get_dst_v4(struct cmsghdr *cmsgptr, uint16_t port)
{
struct sockaddr_in dst = {
.sin_family = AF_INET,
@@ -174,7 +174,7 @@ static host_t *get_dst_v4(struct cmsghdr *cmsgptr, u_int16_t port)
#elif defined(IP_RECVDSTADDR)
-static host_t *get_dst_v4(struct cmsghdr *cmsgptr, u_int16_t port)
+static host_t *get_dst_v4(struct cmsghdr *cmsgptr, uint16_t port)
{
struct sockaddr_in dst = {
.sin_family = AF_INET,
@@ -193,7 +193,7 @@ static host_t *get_dst_v4(struct cmsghdr *cmsgptr, u_int16_t port)
#else /* IP_PKTINFO || IP_RECVDSTADDR */
-static host_t *get_dst_v4(struct cmsghdr *cmsgptr, u_int16_t port)
+static host_t *get_dst_v4(struct cmsghdr *cmsgptr, uint16_t port)
{
return NULL;
}
@@ -206,7 +206,7 @@ static host_t *get_dst_v4(struct cmsghdr *cmsgptr, u_int16_t port)
*/
#ifdef HAVE_IN6_PKTINFO
-static host_t *get_dst_v6(struct cmsghdr *cmsgptr, u_int16_t port)
+static host_t *get_dst_v6(struct cmsghdr *cmsgptr, uint16_t port)
{
struct in6_pktinfo *pktinfo;
struct sockaddr_in6 dst = {
@@ -225,7 +225,7 @@ static host_t *get_dst_v6(struct cmsghdr *cmsgptr, u_int16_t port)
#else /* HAVE_IN6_PKTINFO */
-static host_t *get_dst_v6(struct cmsghdr *cmsgptr, u_int16_t port)
+static host_t *get_dst_v6(struct cmsghdr *cmsgptr, uint16_t port)
{
return NULL;
}
@@ -241,7 +241,7 @@ METHOD(socket_t, receiver, status_t,
host_t *source = NULL, *dest = NULL;
int i, rr, index, bytes_read = 0, selected = -1;
bool oldstate;
- u_int16_t port = 0;
+ uint16_t port = 0;
struct pollfd pfd[] = {
{ .fd = this->ipv4, .events = POLLIN },
{ .fd = this->ipv4_natt, .events = POLLIN },
@@ -464,7 +464,7 @@ METHOD(socket_t, sender, status_t,
host_t *src, *dst;
struct msghdr msg;
struct iovec iov;
- u_int8_t *dscp;
+ uint8_t *dscp;
src = packet->get_source(packet);
dst = packet->get_destination(packet);
@@ -521,7 +521,7 @@ METHOD(socket_t, sender, status_t,
{
if (family == AF_INET)
{
- u_int8_t ds4;
+ uint8_t ds4;
ds4 = packet->get_dscp(packet) << 2;
if (setsockopt(skt, SOL_IP, IP_TOS, &ds4, sizeof(ds4)) == 0)
@@ -584,7 +584,7 @@ METHOD(socket_t, sender, status_t,
return SUCCESS;
}
-METHOD(socket_t, get_port, u_int16_t,
+METHOD(socket_t, get_port, uint16_t,
private_socket_default_socket_t *this, bool nat_t)
{
return nat_t ? this->natt : this->port;
@@ -610,7 +610,7 @@ METHOD(socket_t, supported_families, socket_family_t,
* open a socket to send and receive packets
*/
static int open_socket(private_socket_default_socket_t *this,
- int family, u_int16_t *port)
+ int family, uint16_t *port)
{
int on = TRUE;
union {
diff --git a/src/libcharon/plugins/socket_dynamic/Makefile.in b/src/libcharon/plugins/socket_dynamic/Makefile.in
index 88bc22f5e..9f5f4a2e9 100644
--- a/src/libcharon/plugins/socket_dynamic/Makefile.in
+++ b/src/libcharon/plugins/socket_dynamic/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/socket_dynamic
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/socket_dynamic/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/socket_dynamic/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c
index b89cae47b..ba92e10f2 100644
--- a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c
+++ b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c
@@ -107,7 +107,7 @@ struct dynsock_t {
/**
* Bound source port
*/
- u_int16_t port;
+ uint16_t port;
};
/**
@@ -324,7 +324,7 @@ METHOD(socket_t, receiver, status_t,
/**
* Get the port allocated dynamically using bind()
*/
-static bool get_dynamic_port(int fd, int family, u_int16_t *port)
+static bool get_dynamic_port(int fd, int family, uint16_t *port)
{
union {
struct sockaddr_storage ss;
@@ -367,7 +367,7 @@ static bool get_dynamic_port(int fd, int family, u_int16_t *port)
* open a socket to send and receive packets
*/
static int open_socket(private_socket_dynamic_socket_t *this,
- int family, u_int16_t *port)
+ int family, uint16_t *port)
{
union {
struct sockaddr_storage ss;
@@ -481,7 +481,7 @@ static dynsock_t *get_any_socket(private_socket_dynamic_socket_t *this,
* Find/Create a socket to send from host
*/
static dynsock_t *find_socket(private_socket_dynamic_socket_t *this,
- int family, u_int16_t port)
+ int family, uint16_t port)
{
dynsock_t *skt, lookup = {
.family = family,
@@ -636,7 +636,7 @@ METHOD(socket_t, sender, status_t,
return SUCCESS;
}
-METHOD(socket_t, get_port, u_int16_t,
+METHOD(socket_t, get_port, uint16_t,
private_socket_dynamic_socket_t *this, bool nat_t)
{
/* we return 0 here for users that have no explicit port configured, the
diff --git a/src/libcharon/plugins/socket_win/Makefile.in b/src/libcharon/plugins/socket_win/Makefile.in
index 683011062..1b6b9f64a 100644
--- a/src/libcharon/plugins/socket_win/Makefile.in
+++ b/src/libcharon/plugins/socket_win/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/socket_win
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -463,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/socket_win/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/socket_win/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/socket_win/socket_win_socket.c b/src/libcharon/plugins/socket_win/socket_win_socket.c
index 94af08e80..c42783c77 100644
--- a/src/libcharon/plugins/socket_win/socket_win_socket.c
+++ b/src/libcharon/plugins/socket_win/socket_win_socket.c
@@ -51,7 +51,7 @@ struct private_socket_win_socket_t {
/**
* Port for each socket
*/
- u_int16_t ports[SOCKET_COUNT];
+ uint16_t ports[SOCKET_COUNT];
/**
* IPv4/IPv6 dual-use sockets
@@ -205,7 +205,7 @@ METHOD(socket_t, receiver, status_t,
METHOD(socket_t, sender, status_t,
private_socket_win_socket_t *this, packet_t *packet)
{
- u_int16_t port;
+ uint16_t port;
int i = -1, j;
host_t *src, *dst;
WSAMSG msg;
@@ -316,7 +316,7 @@ METHOD(socket_t, sender, status_t,
return SUCCESS;
}
-METHOD(socket_t, get_port, u_int16_t,
+METHOD(socket_t, get_port, uint16_t,
private_socket_win_socket_t *this, bool nat)
{
return this->ports[nat != 0];
diff --git a/src/libcharon/plugins/sql/Makefile.in b/src/libcharon/plugins/sql/Makefile.in
index b09379b02..b9cae90ec 100644
--- a/src/libcharon/plugins/sql/Makefile.in
+++ b/src/libcharon/plugins/sql/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/sql
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/sql/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/sql/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/sql/sql_config.c b/src/libcharon/plugins/sql/sql_config.c
index ce24d180a..bbc20dca7 100644
--- a/src/libcharon/plugins/sql/sql_config.c
+++ b/src/libcharon/plugins/sql/sql_config.c
@@ -170,12 +170,22 @@ static child_cfg_t *build_child_cfg(private_sql_config_t *this, enumerator_t *e)
if (e->enumerate(e, &id, &name, &lifetime, &rekeytime, &jitter, &updown,
&hostaccess, &mode, &start, &dpd, &close, &ipcomp, &reqid))
{
- lifetime_cfg_t lft = {
- .time = { .life = lifetime, .rekey = rekeytime, .jitter = jitter }
+ child_cfg_create_t child = {
+ .mode = mode,
+ .reqid = reqid,
+ .ipcomp = ipcomp,
+ .lifetime = {
+ .time = {
+ .life = lifetime, .rekey = rekeytime, .jitter = jitter
+ },
+ },
+ .start_action = start,
+ .dpd_action = dpd,
+ .close_action = close,
+ .updown = updown,
+ .hostaccess = hostaccess,
};
- child_cfg = child_cfg_create(name, &lft, updown, hostaccess, mode,
- start, dpd, close, ipcomp, 0, reqid,
- NULL, NULL, 0);
+ child_cfg = child_cfg_create(name, &child);
add_esp_proposals(this, child_cfg, id);
add_traffic_selectors(this, child_cfg, id);
return child_cfg;
@@ -290,6 +300,7 @@ static ike_cfg_t* get_ike_cfg_by_id(private_sql_config_t *this, int id)
return ike_cfg;
}
+#ifdef ME
/**
* Query a peer config by its id
*/
@@ -322,6 +333,7 @@ static peer_cfg_t *get_peer_cfg_by_id(private_sql_config_t *this, int id)
}
return peer_cfg;
}
+#endif /* ME */
/**
* Check if the two IDs match (the first one is optional)
@@ -353,7 +365,7 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
&mediation, &mediated_by, &p_type, &p_data))
{
identification_t *local_id, *remote_id, *peer_id = NULL;
- peer_cfg_t *peer_cfg, *mediated_cfg;
+ peer_cfg_t *peer_cfg, *mediated_cfg = NULL;
ike_cfg_t *ike;
host_t *vip = NULL;
auth_cfg_t *auth;
@@ -367,22 +379,38 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
continue;
}
ike = get_ike_cfg_by_id(this, ike_cfg);
+
+#ifdef ME
mediated_cfg = mediated_by ? get_peer_cfg_by_id(this, mediated_by) : NULL;
if (p_type)
{
peer_id = identification_create_from_encoding(p_type, p_data);
}
+#endif
if (virtual)
{
vip = host_create_from_string(virtual, 0);
}
if (ike)
{
- peer_cfg = peer_cfg_create(
- name, ike, cert_policy, uniqueid,
- keyingtries, rekeytime, reauthtime, jitter, overtime,
- mobike, FALSE, TRUE, dpd_delay, 0,
- mediation, mediated_cfg, peer_id);
+ peer_cfg_create_t peer = {
+ .cert_policy = cert_policy,
+ .unique = uniqueid,
+ .keyingtries = keyingtries,
+ .rekey_time = rekeytime,
+ .reauth_time = reauthtime,
+ .jitter_time = jitter,
+ .over_time = overtime,
+ .no_mobike = !mobike,
+ .dpd = dpd_delay,
+#ifdef ME
+ .mediation = mediation,
+ .mediated_by = mediated_cfg,
+ .peer_id = peer_id,
+#endif /* ME */
+ };
+
+ peer_cfg = peer_cfg_create(name, ike, &peer);
if (vip)
{
peer_cfg->add_virtual_ip(peer_cfg, vip);
diff --git a/src/libcharon/plugins/sql/sql_logger.c b/src/libcharon/plugins/sql/sql_logger.c
index 0fa06eac5..46a894028 100644
--- a/src/libcharon/plugins/sql/sql_logger.c
+++ b/src/libcharon/plugins/sql/sql_logger.c
@@ -63,7 +63,7 @@ METHOD(logger_t, log_, void,
chunk_t local_spi, remote_spi;
host_t *local_host, *remote_host;
identification_t *local_id, *remote_id;
- u_int64_t ispi, rspi;
+ uint64_t ispi, rspi;
ike_sa_id_t *id;
id = ike_sa->get_id(ike_sa);
diff --git a/src/libcharon/plugins/stroke/Makefile.in b/src/libcharon/plugins/stroke/Makefile.in
index 2b22b333a..9f63cb0b5 100644
--- a/src/libcharon/plugins/stroke/Makefile.in
+++ b/src/libcharon/plugins/stroke/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/stroke
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -474,7 +488,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/stroke/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/stroke/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -796,6 +809,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index d0eb2aac3..f2d110434 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -252,7 +252,7 @@ static void swap_ends(stroke_msg_t *msg)
static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg)
{
ike_cfg_t *ike_cfg;
- u_int16_t ikeport;
+ uint16_t ikeport;
char me[256], other[256];
swap_ends(msg);
@@ -616,12 +616,17 @@ static mem_pool_t *create_pool_range(char *str)
static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
stroke_msg_t *msg, ike_cfg_t *ike_cfg)
{
- identification_t *peer_id = NULL;
- peer_cfg_t *mediated_by = NULL;
- unique_policy_t unique;
- u_int32_t rekey = 0, reauth = 0, over, jitter;
peer_cfg_t *peer_cfg;
auth_cfg_t *auth_cfg;
+ peer_cfg_create_t peer = {
+ .cert_policy = msg->add_conn.me.sendcert,
+ .keyingtries = msg->add_conn.rekey.tries,
+ .no_mobike = !msg->add_conn.mobike,
+ .aggressive = msg->add_conn.aggressive,
+ .push_mode = msg->add_conn.pushmode,
+ .dpd = msg->add_conn.dpd.delay,
+ .dpd_timeout = msg->add_conn.dpd.timeout,
+ };
#ifdef ME
if (msg->add_conn.ikeme.mediation && msg->add_conn.ikeme.mediated_by)
@@ -633,14 +638,17 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
if (msg->add_conn.ikeme.mediation)
{
+ peer.mediation = TRUE;
/* force unique connections for mediation connections */
msg->add_conn.unique = 1;
}
if (msg->add_conn.ikeme.mediated_by)
{
- mediated_by = charon->backends->get_peer_cfg_by_name(charon->backends,
- msg->add_conn.ikeme.mediated_by);
+ peer_cfg_t *mediated_by;
+
+ mediated_by = charon->backends->get_peer_cfg_by_name(
+ charon->backends, msg->add_conn.ikeme.mediated_by);
if (!mediated_by)
{
DBG1(DBG_CFG, "mediation connection '%s' not found, aborting",
@@ -655,58 +663,55 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
mediated_by->destroy(mediated_by);
return NULL;
}
+ peer.mediated_by = mediated_by;
if (msg->add_conn.ikeme.peerid)
{
- peer_id = identification_create_from_string(msg->add_conn.ikeme.peerid);
+ peer.peer_id = identification_create_from_string(
+ msg->add_conn.ikeme.peerid);
}
else if (msg->add_conn.other.id)
{
- peer_id = identification_create_from_string(msg->add_conn.other.id);
+ peer.peer_id = identification_create_from_string(
+ msg->add_conn.other.id);
}
}
#endif /* ME */
- jitter = msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100;
- over = msg->add_conn.rekey.margin;
+ peer.jitter_time = msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100;
+ peer.over_time = msg->add_conn.rekey.margin;
if (msg->add_conn.rekey.reauth)
{
- reauth = msg->add_conn.rekey.ike_lifetime - over;
+ peer.reauth_time = msg->add_conn.rekey.ike_lifetime - peer.over_time;
}
else
{
- rekey = msg->add_conn.rekey.ike_lifetime - over;
+ peer.rekey_time = msg->add_conn.rekey.ike_lifetime - peer.over_time;
}
switch (msg->add_conn.unique)
{
case 1: /* yes */
case 2: /* replace */
- unique = UNIQUE_REPLACE;
+ peer.unique = UNIQUE_REPLACE;
break;
case 3: /* keep */
- unique = UNIQUE_KEEP;
+ peer.unique = UNIQUE_KEEP;
break;
case 4: /* never */
- unique = UNIQUE_NEVER;
+ peer.unique = UNIQUE_NEVER;
break;
default: /* no */
- unique = UNIQUE_NO;
+ peer.unique = UNIQUE_NO;
break;
}
if (msg->add_conn.dpd.action == 0)
{ /* dpdaction=none disables DPD */
- msg->add_conn.dpd.delay = 0;
+ peer.dpd = 0;
}
/* other.sourceip is managed in stroke_attributes. If it is set, we define
* the pool name as the connection name, which the attribute provider
* uses to serve pool addresses. */
- peer_cfg = peer_cfg_create(msg->add_conn.name, ike_cfg,
- msg->add_conn.me.sendcert, unique,
- msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
- msg->add_conn.mobike, msg->add_conn.aggressive,
- msg->add_conn.pushmode == 0,
- msg->add_conn.dpd.delay, msg->add_conn.dpd.timeout,
- msg->add_conn.ikeme.mediation, mediated_by, peer_id);
+ peer_cfg = peer_cfg_create(msg->add_conn.name, ike_cfg, &peer);
if (msg->add_conn.other.sourceip)
{
@@ -883,8 +888,8 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
/**
* Parse a protoport specifier
*/
-static bool parse_protoport(char *token, u_int16_t *from_port,
- u_int16_t *to_port, u_int8_t *protocol)
+static bool parse_protoport(char *token, uint16_t *from_port,
+ uint16_t *to_port, uint8_t *protocol)
{
char *sep, *port = "", *endptr;
struct protoent *proto;
@@ -923,7 +928,7 @@ static bool parse_protoport(char *token, u_int16_t *from_port,
{
return FALSE;
}
- *protocol = (u_int8_t)p;
+ *protocol = (uint8_t)p;
}
}
if (streq(port, "%any"))
@@ -1002,8 +1007,8 @@ static void add_ts(private_stroke_config_t *this,
{
enumerator_t *enumerator;
char *subnet, *pos;
- u_int16_t from_port, to_port;
- u_int8_t proto;
+ uint16_t from_port, to_port;
+ uint8_t proto;
enumerator = enumerator_create_token(end->subnets, ",", " ");
while (enumerator->enumerate(enumerator, &subnet))
@@ -1070,45 +1075,50 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
stroke_msg_t *msg)
{
child_cfg_t *child_cfg;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = msg->add_conn.rekey.ipsec_lifetime,
- .rekey = msg->add_conn.rekey.ipsec_lifetime - msg->add_conn.rekey.margin,
- .jitter = msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = msg->add_conn.rekey.ipsec_lifetime,
+ .rekey = msg->add_conn.rekey.ipsec_lifetime - msg->add_conn.rekey.margin,
+ .jitter = msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100
+ },
+ .bytes = {
+ .life = msg->add_conn.rekey.life_bytes,
+ .rekey = msg->add_conn.rekey.life_bytes - msg->add_conn.rekey.margin_bytes,
+ .jitter = msg->add_conn.rekey.margin_bytes * msg->add_conn.rekey.fuzz / 100
+ },
+ .packets = {
+ .life = msg->add_conn.rekey.life_packets,
+ .rekey = msg->add_conn.rekey.life_packets - msg->add_conn.rekey.margin_packets,
+ .jitter = msg->add_conn.rekey.margin_packets * msg->add_conn.rekey.fuzz / 100
+ },
},
- .bytes = {
- .life = msg->add_conn.rekey.life_bytes,
- .rekey = msg->add_conn.rekey.life_bytes - msg->add_conn.rekey.margin_bytes,
- .jitter = msg->add_conn.rekey.margin_bytes * msg->add_conn.rekey.fuzz / 100
+ .mark_in = {
+ .value = msg->add_conn.mark_in.value,
+ .mask = msg->add_conn.mark_in.mask
},
- .packets = {
- .life = msg->add_conn.rekey.life_packets,
- .rekey = msg->add_conn.rekey.life_packets - msg->add_conn.rekey.margin_packets,
- .jitter = msg->add_conn.rekey.margin_packets * msg->add_conn.rekey.fuzz / 100
- }
- };
- mark_t mark_in = {
- .value = msg->add_conn.mark_in.value,
- .mask = msg->add_conn.mark_in.mask
- };
- mark_t mark_out = {
- .value = msg->add_conn.mark_out.value,
- .mask = msg->add_conn.mark_out.mask
+ .mark_out = {
+ .value = msg->add_conn.mark_out.value,
+ .mask = msg->add_conn.mark_out.mask
+ },
+ .reqid = msg->add_conn.reqid,
+ .mode = msg->add_conn.mode,
+ .proxy_mode = msg->add_conn.proxy_mode,
+ .ipcomp = msg->add_conn.ipcomp,
+ .tfc = msg->add_conn.tfc,
+ .inactivity = msg->add_conn.inactivity,
+ .dpd_action = map_action(msg->add_conn.dpd.action),
+ .close_action = map_action(msg->add_conn.close_action),
+ .updown = msg->add_conn.me.updown,
+ .hostaccess = msg->add_conn.me.hostaccess,
+ .suppress_policies = !msg->add_conn.install_policy,
};
- child_cfg = child_cfg_create(
- msg->add_conn.name, &lifetime, msg->add_conn.me.updown,
- msg->add_conn.me.hostaccess, msg->add_conn.mode, ACTION_NONE,
- map_action(msg->add_conn.dpd.action),
- map_action(msg->add_conn.close_action), msg->add_conn.ipcomp,
- msg->add_conn.inactivity, msg->add_conn.reqid,
- &mark_in, &mark_out, msg->add_conn.tfc);
+ child_cfg = child_cfg_create(msg->add_conn.name, &child);
if (msg->add_conn.replay_window != -1)
{
child_cfg->set_replay_window(child_cfg, msg->add_conn.replay_window);
}
- child_cfg->set_mipv6_options(child_cfg, msg->add_conn.proxy_mode,
- msg->add_conn.install_policy);
add_ts(this, &msg->add_conn.me, child_cfg, TRUE);
add_ts(this, &msg->add_conn.other, child_cfg, FALSE);
diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c
index 36da5ff21..fb60d3973 100644
--- a/src/libcharon/plugins/stroke/stroke_control.c
+++ b/src/libcharon/plugins/stroke/stroke_control.c
@@ -198,7 +198,7 @@ METHOD(stroke_control_t, initiate, void,
/**
* Parse a terminate/rekey specifier
*/
-static bool parse_specifier(char *string, u_int32_t *id,
+static bool parse_specifier(char *string, uint32_t *id,
char **name, bool *child, bool *all)
{
int len;
@@ -266,7 +266,7 @@ static bool parse_specifier(char *string, u_int32_t *id,
* Report the result of a terminate() call to console
*/
static void report_terminate_status(private_stroke_control_t *this,
- status_t status, FILE *out, u_int32_t id, bool child)
+ status_t status, FILE *out, uint32_t id, bool child)
{
char *prefix, *postfix;
@@ -300,7 +300,7 @@ static void report_terminate_status(private_stroke_control_t *this,
/**
* Call the charon controller to terminate a CHILD_SA
*/
-static void charon_terminate(private_stroke_control_t *this, u_int32_t id,
+static void charon_terminate(private_stroke_control_t *this, uint32_t id,
stroke_msg_t *msg, FILE *out, bool child)
{
if (msg->output_verbosity >= 0)
@@ -336,7 +336,7 @@ METHOD(stroke_control_t, terminate, void,
private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
{
char *name;
- u_int32_t id;
+ uint32_t id;
bool child, all;
ike_sa_t *ike_sa;
enumerator_t *enumerator;
@@ -424,7 +424,7 @@ METHOD(stroke_control_t, rekey, void,
private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
{
char *name;
- u_int32_t id;
+ uint32_t id;
bool child, all, finished = FALSE;
ike_sa_t *ike_sa;
enumerator_t *enumerator;
@@ -591,13 +591,13 @@ METHOD(stroke_control_t, purge_ike, void,
/**
* Find an existing CHILD_SA/reqid
*/
-static u_int32_t find_reqid(child_cfg_t *child_cfg)
+static uint32_t find_reqid(child_cfg_t *child_cfg)
{
enumerator_t *enumerator, *children;
child_sa_t *child_sa;
ike_sa_t *ike_sa;
char *name;
- u_int32_t reqid;
+ uint32_t reqid;
reqid = charon->traps->find_reqid(charon->traps, child_cfg);
if (reqid)
@@ -636,7 +636,7 @@ static void charon_route(peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
char *name, FILE *out)
{
ipsec_mode_t mode;
- u_int32_t reqid;
+ uint32_t reqid;
mode = child_cfg->get_mode(child_cfg);
if (mode == MODE_PASS || mode == MODE_DROP)
@@ -731,7 +731,7 @@ METHOD(stroke_control_t, unroute, void,
{
child_sa_t *child_sa;
enumerator_t *enumerator;
- u_int32_t id = 0;
+ uint32_t id = 0;
if (charon->shunts->uninstall(charon->shunts, msg->unroute.name))
{
diff --git a/src/libcharon/plugins/stroke/stroke_counter.c b/src/libcharon/plugins/stroke/stroke_counter.c
index 5fa1fb165..e93fd4ef2 100644
--- a/src/libcharon/plugins/stroke/stroke_counter.c
+++ b/src/libcharon/plugins/stroke/stroke_counter.c
@@ -58,7 +58,7 @@ struct private_stroke_counter_t {
/**
* Global counter values
*/
- u_int64_t counter[COUNTER_MAX];
+ uint64_t counter[COUNTER_MAX];
/**
* Counters for specific connection names, char* => entry_t
@@ -78,7 +78,7 @@ typedef struct {
/** connection name */
char *name;
/** counter values for connection */
- u_int64_t counter[COUNTER_MAX];
+ uint64_t counter[COUNTER_MAX];
} entry_t;
/**
@@ -290,7 +290,7 @@ METHOD(listener_t, message_hook, bool,
* Print a single counter value to out
*/
static void print_counter(FILE *out, stroke_counter_type_t type,
- u_int64_t counter)
+ uint64_t counter)
{
fprintf(out, "%-18N %12llu\n", stroke_counter_type_names, type, counter);
}
@@ -300,7 +300,7 @@ static void print_counter(FILE *out, stroke_counter_type_t type,
*/
static void print_one(private_stroke_counter_t *this, FILE *out, char *name)
{
- u_int64_t counter[COUNTER_MAX];
+ uint64_t counter[COUNTER_MAX];
entry_t *entry;
int i;
@@ -365,7 +365,7 @@ static void print_all(private_stroke_counter_t *this, FILE *out)
*/
static void print_global(private_stroke_counter_t *this, FILE *out)
{
- u_int64_t counter[COUNTER_MAX];
+ uint64_t counter[COUNTER_MAX];
int i;
this->lock->lock(this->lock);
diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c
index 42928882a..929e6fc84 100644
--- a/src/libcharon/plugins/stroke/stroke_cred.c
+++ b/src/libcharon/plugins/stroke/stroke_cred.c
@@ -754,6 +754,8 @@ typedef struct {
chunk_t keyid;
/** number of tries */
int try;
+ /** provided PIN */
+ shared_key_t *shared;
} pin_cb_data_t;
/**
@@ -798,7 +800,9 @@ static shared_key_t* pin_cb(pin_cb_data_t *data, shared_key_type_t type,
{
*match_other = ID_MATCH_NONE;
}
- return shared_key_create(SHARED_PIN, chunk_clone(secret));
+ DESTROY_IF(data->shared);
+ data->shared = shared_key_create(SHARED_PIN, chunk_clone(secret));
+ return data->shared->get_ref(data->shared);
}
}
return NULL;
@@ -815,7 +819,7 @@ static bool load_pin(mem_cred_t *secrets, chunk_t line, int line_nr,
private_key_t *key = NULL;
u_int slot;
chunk_t chunk;
- shared_key_t *shared;
+ shared_key_t *shared = NULL;
identification_t *id;
mem_cred_t *mem = NULL;
callback_cred_t *cb = NULL;
@@ -867,10 +871,11 @@ static bool load_pin(mem_cred_t *secrets, chunk_t line, int line_nr,
return TRUE;
}
/* use callback credential set to prompt for the pin */
- pin_data.prompt = prompt;
- pin_data.card = smartcard;
- pin_data.keyid = chunk;
- pin_data.try = 0;
+ pin_data = (pin_cb_data_t){
+ .prompt = prompt,
+ .card = smartcard,
+ .keyid = chunk,
+ };
cb = callback_cred_create_shared((void*)pin_cb, &pin_data);
lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);
}
@@ -880,30 +885,48 @@ static bool load_pin(mem_cred_t *secrets, chunk_t line, int line_nr,
shared = shared_key_create(SHARED_PIN, secret);
id = identification_create_from_encoding(ID_KEY_ID, chunk);
mem = mem_cred_create();
- mem->add_shared(mem, shared, id, NULL);
+ mem->add_shared(mem, shared->get_ref(shared), id, NULL);
lib->credmgr->add_local_set(lib->credmgr, &mem->set, FALSE);
}
/* unlock: smartcard needs the pin and potentially calls public set */
key = (private_key_t*)load_from_smartcard(format, slot, module, keyid,
CRED_PRIVATE_KEY, KEY_ANY);
+
+ if (key)
+ {
+ DBG1(DBG_CFG, " loaded private key from %.*s", (int)sc.len, sc.ptr);
+ secrets->add_key(secrets, key);
+ }
if (mem)
{
+ if (!key)
+ {
+ shared->destroy(shared);
+ shared = NULL;
+ }
lib->credmgr->remove_local_set(lib->credmgr, &mem->set);
mem->destroy(mem);
}
if (cb)
{
+ if (key)
+ {
+ shared = pin_data.shared;
+ }
+ else
+ {
+ DESTROY_IF(pin_data.shared);
+ }
lib->credmgr->remove_local_set(lib->credmgr, &cb->set);
cb->destroy(cb);
}
- chunk_clear(&chunk);
-
- if (key)
+ if (shared)
{
- DBG1(DBG_CFG, " loaded private key from %.*s", (int)sc.len, sc.ptr);
- secrets->add_key(secrets, key);
+ id = identification_create_from_encoding(ID_KEY_ID, chunk);
+ secrets->add_shared(secrets, shared, id, NULL);
}
+ chunk_clear(&chunk);
return TRUE;
}
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index 0371c7032..6c5703a16 100644
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -206,7 +206,7 @@ static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all)
static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
{
time_t use_in, use_out, rekey, now;
- u_int64_t bytes_in, bytes_out, packets_in, packets_out;
+ uint64_t bytes_in, bytes_out, packets_in, packets_out;
proposal_t *proposal;
linked_list_t *my_ts, *other_ts;
child_cfg_t *config;
@@ -244,7 +244,7 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
proposal = child_sa->get_proposal(child_sa);
if (proposal)
{
- u_int16_t alg, ks;
+ uint16_t alg, ks;
bool first = TRUE;
if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM,
@@ -286,7 +286,7 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
{
fprintf(out, " (%" PRIu64 " pkt%s, %" PRIu64 "s ago)",
packets_in, (packets_in == 1) ? "": "s",
- (u_int64_t)(now - use_in));
+ (uint64_t)(now - use_in));
}
child_sa->get_usestats(child_sa, FALSE,
@@ -296,7 +296,7 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
{
fprintf(out, " (%" PRIu64 " pkt%s, %" PRIu64 "s ago)",
packets_out, (packets_out == 1) ? "": "s",
- (u_int64_t)(now - use_out));
+ (uint64_t)(now - use_out));
}
fprintf(out, ", rekeying ");
@@ -474,7 +474,7 @@ METHOD(stroke_list_t, status, void,
ike_version_t ike_version;
char *pool;
host_t *host;
- u_int32_t dpd;
+ uint32_t dpd;
time_t since, now;
u_int size, online, offline, i;
struct utsname utsname;
diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
index ee32dbca2..4f7483666 100644
--- a/src/libcharon/plugins/stroke/stroke_socket.c
+++ b/src/libcharon/plugins/stroke/stroke_socket.c
@@ -613,7 +613,7 @@ static void stroke_config(private_stroke_socket_t *this,
static bool on_accept(private_stroke_socket_t *this, stream_t *stream)
{
stroke_msg_t *msg;
- u_int16_t len;
+ uint16_t len;
FILE *out;
/* read length */
diff --git a/src/libcharon/plugins/systime_fix/Makefile.in b/src/libcharon/plugins/systime_fix/Makefile.in
index 0daff4434..125e3c176 100644
--- a/src/libcharon/plugins/systime_fix/Makefile.in
+++ b/src/libcharon/plugins/systime_fix/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/systime_fix
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/systime_fix/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/systime_fix/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/tnc_ifmap/Makefile.in b/src/libcharon/plugins/tnc_ifmap/Makefile.in
index f124a1b38..0ea265e10 100644
--- a/src/libcharon/plugins/tnc_ifmap/Makefile.in
+++ b/src/libcharon/plugins/tnc_ifmap/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/tnc_ifmap
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -206,12 +215,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -261,6 +272,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -295,6 +307,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -406,6 +419,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -473,7 +487,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/tnc_ifmap/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/tnc_ifmap/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -791,6 +804,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
index 2bad4fab0..ad4f2f8c2 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c
@@ -145,7 +145,7 @@ tnc_ifmap_listener_t *tnc_ifmap_listener_create(bool reload)
{
private_tnc_ifmap_listener_t *this;
job_t *job;
- u_int32_t reschedule;
+ uint32_t reschedule;
INIT(this,
.public = {
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c
index f2c00a528..ea48338cd 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.c
@@ -40,7 +40,7 @@ struct private_tnc_ifmap_renew_session_job_t {
/**
* Reschedule time interval in seconds
*/
- u_int32_t reschedule;
+ uint32_t reschedule;
};
METHOD(job_t, destroy, void,
@@ -83,7 +83,7 @@ METHOD(job_t, get_priority, job_priority_t,
* Described in header
*/
tnc_ifmap_renew_session_job_t *tnc_ifmap_renew_session_job_create(
- tnc_ifmap_soap_t *ifmap, u_int32_t reschedule)
+ tnc_ifmap_soap_t *ifmap, uint32_t reschedule)
{
private_tnc_ifmap_renew_session_job_t *this;
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.h b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.h
index f1587a1f6..18a3d5734 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.h
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_renew_session_job.h
@@ -46,6 +46,6 @@ struct tnc_ifmap_renew_session_job_t {
* @param reschedule reschedule time in seconds
*/
tnc_ifmap_renew_session_job_t *tnc_ifmap_renew_session_job_create(
- tnc_ifmap_soap_t *ifmap, u_int32_t reschedule);
+ tnc_ifmap_soap_t *ifmap, uint32_t reschedule);
#endif /** TNC_IFMAP_RENEW_SESSION_JOB_H_ @}*/
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
index a652e7067..8e69de095 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
@@ -186,7 +186,7 @@ METHOD(tnc_ifmap_soap_t, purgePublisher, bool,
* Create an access-request based on device_name and ike_sa_id
*/
static xmlNodePtr create_access_request(private_tnc_ifmap_soap_t *this,
- u_int32_t id)
+ uint32_t id)
{
xmlNodePtr node;
char buf[BUF_LEN];
@@ -415,7 +415,7 @@ METHOD(tnc_ifmap_soap_t, publish_ike_sa, bool,
identification_t *id, *eap_id, *group;
host_t *host;
auth_cfg_t *auth;
- u_int32_t ike_sa_id;
+ uint32_t ike_sa_id;
bool is_user = FALSE, first = TRUE, success;
/* extract relevant data from IKE_SA*/
@@ -584,7 +584,7 @@ METHOD(tnc_ifmap_soap_t, publish_virtual_ips, bool,
{
tnc_ifmap_soap_msg_t *soap_msg;
xmlNodePtr request, node;
- u_int32_t ike_sa_id;
+ uint32_t ike_sa_id;
enumerator_t *enumerator;
host_t *vip;
bool success;
diff --git a/src/libcharon/plugins/tnc_pdp/Makefile.in b/src/libcharon/plugins/tnc_pdp/Makefile.in
index bfd8cf820..f2398c3f4 100644
--- a/src/libcharon/plugins/tnc_pdp/Makefile.in
+++ b/src/libcharon/plugins/tnc_pdp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/tnc_pdp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -207,12 +216,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -262,6 +273,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -296,6 +308,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -407,6 +420,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -476,7 +490,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/tnc_pdp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/tnc_pdp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -791,6 +804,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/tnc_pdp/tnc_pdp.c b/src/libcharon/plugins/tnc_pdp/tnc_pdp.c
index 91456f8da..17f0cd464 100644
--- a/src/libcharon/plugins/tnc_pdp/tnc_pdp.c
+++ b/src/libcharon/plugins/tnc_pdp/tnc_pdp.c
@@ -74,7 +74,7 @@ struct private_tnc_pdp_t {
/**
* PT-TLS port of the server
*/
- u_int16_t pt_tls_port;
+ uint16_t pt_tls_port;
/**
* PT-TLS IPv4 socket
@@ -158,7 +158,7 @@ static void free_client_entry(client_entry_t *this)
/**
* Open IPv4 or IPv6 UDP socket
*/
-static int open_udp_socket(int family, u_int16_t port)
+static int open_udp_socket(int family, uint16_t port)
{
int on = TRUE;
struct sockaddr_storage addr;
@@ -233,7 +233,7 @@ static int open_udp_socket(int family, u_int16_t port)
/**
* Open IPv4 or IPv6 TCP socket
*/
-static int open_tcp_socket(int family, u_int16_t port)
+static int open_tcp_socket(int family, uint16_t port)
{
int on = TRUE;
struct sockaddr_storage addr;
@@ -339,8 +339,8 @@ static void send_message(private_tnc_pdp_t *this, radius_message_t *message,
/**
* Encrypt a MS-MPPE-Send/Recv-Key
*/
-static chunk_t encrypt_mppe_key(private_tnc_pdp_t *this, u_int8_t type,
- chunk_t key, u_int16_t *salt,
+static chunk_t encrypt_mppe_key(private_tnc_pdp_t *this, uint8_t type,
+ chunk_t key, uint16_t *salt,
radius_message_t *request)
{
chunk_t a, r, seed, data;
@@ -420,8 +420,8 @@ static void send_response(private_tnc_pdp_t *this, radius_message_t *request,
{
radius_message_t *response;
chunk_t data, recv, send;
- u_int32_t tunnel_type;
- u_int16_t salt = 0;
+ uint32_t tunnel_type;
+ uint16_t salt = 0;
response = radius_message_create(code);
data = eap->get_data(eap);
@@ -477,7 +477,7 @@ static void process_eap(private_tnc_pdp_t *this, radius_message_t *request,
eap_payload_t *in, *out = NULL;
eap_method_t *method;
eap_type_t eap_type;
- u_int32_t eap_vendor;
+ uint32_t eap_vendor;
chunk_t data, message = chunk_empty, msk = chunk_empty;
chunk_t user_name = chunk_empty, nas_id = chunk_empty;
identification_t *group = NULL;
diff --git a/src/libcharon/plugins/uci/Makefile.in b/src/libcharon/plugins/uci/Makefile.in
index a1c64ca1b..84eed9a45 100644
--- a/src/libcharon/plugins/uci/Makefile.in
+++ b/src/libcharon/plugins/uci/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/uci
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/uci/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/uci/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -778,6 +791,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/uci/uci_config.c b/src/libcharon/plugins/uci/uci_config.c
index 2a8e40380..e0578fe9b 100644
--- a/src/libcharon/plugins/uci/uci_config.c
+++ b/src/libcharon/plugins/uci/uci_config.c
@@ -126,12 +126,23 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
child_cfg_t *child_cfg;
ike_cfg_t *ike_cfg;
auth_cfg_t *auth;
- lifetime_cfg_t lifetime = {
- .time = {
- .life = create_rekey(esp_rekey) + 300,
- .rekey = create_rekey(esp_rekey),
- .jitter = 300
- }
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_SEND_IF_ASKED,
+ .unique = UNIQUE_NO,
+ .keyingtries = 1,
+ .jitter_time = 1800,
+ .over_time = 900,
+ .dpd = 60,
+ };
+ child_cfg_create_t child = {
+ .lifetime = {
+ .time = {
+ .life = create_rekey(esp_rekey) + 300,
+ .rekey = create_rekey(esp_rekey),
+ .jitter = 300
+ },
+ },
+ .mode = MODE_TUNNEL,
};
/* defaults */
@@ -157,13 +168,8 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
remote_addr, IKEV2_UDP_PORT,
FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE));
- this->peer_cfg = peer_cfg_create(
- name, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO,
- 1, create_rekey(ike_rekey), 0, /* keytries, rekey, reauth */
- 1800, 900, /* jitter, overtime */
- TRUE, FALSE, TRUE, /* mobike, aggressive, pull */
- 60, 0, /* DPD delay, timeout */
- FALSE, NULL, NULL); /* mediation, med by, peer id */
+ peer.rekey_time = create_rekey(ike_rekey);
+ this->peer_cfg = peer_cfg_create(name, ike_cfg, &peer);
auth = auth_cfg_create();
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
auth->add(auth, AUTH_RULE_IDENTITY,
@@ -179,9 +185,7 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
}
this->peer_cfg->add_auth_cfg(this->peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(name, &lifetime, NULL, TRUE, MODE_TUNNEL,
- ACTION_NONE, ACTION_NONE, ACTION_NONE,
- FALSE, 0, 0, NULL, NULL, 0);
+ child_cfg = child_cfg_create(name, &child);
child_cfg->add_proposal(child_cfg, create_proposal(esp_proposal, PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, create_ts(local_net));
child_cfg->add_traffic_selector(child_cfg, FALSE, create_ts(remote_net));
diff --git a/src/libcharon/plugins/unity/Makefile.in b/src/libcharon/plugins/unity/Makefile.in
index 00bb1498c..cfc1c5f4c 100644
--- a/src/libcharon/plugins/unity/Makefile.in
+++ b/src/libcharon/plugins/unity/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/unity
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/unity/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/unity/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -778,6 +791,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/unity/unity_handler.c b/src/libcharon/plugins/unity/unity_handler.c
index 9fc9be61a..570727823 100644
--- a/src/libcharon/plugins/unity/unity_handler.c
+++ b/src/libcharon/plugins/unity/unity_handler.c
@@ -206,7 +206,9 @@ static job_requeue_t add_exclude_async(entry_t *entry)
{
enumerator_t *enumerator;
child_cfg_t *child_cfg;
- lifetime_cfg_t lft = { .time = { .life = 0 } };
+ child_cfg_create_t child = {
+ .mode = MODE_PASS,
+ };
ike_sa_t *ike_sa;
char name[128];
host_t *host;
@@ -216,9 +218,7 @@ static job_requeue_t add_exclude_async(entry_t *entry)
{
create_shunt_name(ike_sa, entry->ts, name, sizeof(name));
- child_cfg = child_cfg_create(name, &lft, NULL, TRUE, MODE_PASS,
- ACTION_NONE, ACTION_NONE, ACTION_NONE,
- FALSE, 0, 0, NULL, NULL, FALSE);
+ child_cfg = child_cfg_create(name, &child);
child_cfg->add_traffic_selector(child_cfg, FALSE,
entry->ts->clone(entry->ts));
host = ike_sa->get_my_host(ike_sa);
diff --git a/src/libcharon/plugins/unity/unity_provider.c b/src/libcharon/plugins/unity/unity_provider.c
index 1e297a39e..07f5f9b61 100644
--- a/src/libcharon/plugins/unity/unity_provider.c
+++ b/src/libcharon/plugins/unity/unity_provider.c
@@ -53,7 +53,7 @@ static void append_ts(bio_writer_t *writer, traffic_selector_t *ts)
{
host_t *net, *mask;
chunk_t padding;
- u_int8_t bits;
+ uint8_t bits;
if (!ts->to_subnet(ts, &net, &bits))
{
@@ -115,7 +115,7 @@ METHOD(enumerator_t, attribute_destroy, void,
*/
static bool use_ts(traffic_selector_t *ts)
{
- u_int8_t mask;
+ uint8_t mask;
host_t *net;
if (ts->get_type(ts) != TS_IPV4_ADDR_RANGE)
diff --git a/src/libcharon/plugins/updown/Makefile.in b/src/libcharon/plugins/updown/Makefile.in
index 863e14430..612535d85 100644
--- a/src/libcharon/plugins/updown/Makefile.in
+++ b/src/libcharon/plugins/updown/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/updown
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/updown/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/updown/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/updown/updown_listener.c b/src/libcharon/plugins/updown/updown_listener.c
index e51caab10..6a1581c85 100644
--- a/src/libcharon/plugins/updown/updown_listener.c
+++ b/src/libcharon/plugins/updown/updown_listener.c
@@ -55,7 +55,7 @@ typedef struct cache_entry_t cache_entry_t;
*/
struct cache_entry_t {
/** requid of the CHILD_SA */
- u_int32_t reqid;
+ uint32_t reqid;
/** cached interface name */
char *iface;
};
@@ -63,7 +63,7 @@ struct cache_entry_t {
/**
* Insert an interface name to the cache
*/
-static void cache_iface(private_updown_listener_t *this, u_int32_t reqid,
+static void cache_iface(private_updown_listener_t *this, uint32_t reqid,
char *iface)
{
cache_entry_t *entry = malloc_thing(cache_entry_t);
@@ -77,7 +77,7 @@ static void cache_iface(private_updown_listener_t *this, u_int32_t reqid,
/**
* Remove a cached interface name and return it.
*/
-static char* uncache_iface(private_updown_listener_t *this, u_int32_t reqid)
+static char* uncache_iface(private_updown_listener_t *this, uint32_t reqid)
{
enumerator_t *enumerator;
cache_entry_t *entry;
@@ -257,7 +257,7 @@ static void invoke_once(private_updown_listener_t *this, ike_sa_t *ike_sa,
{
host_t *me, *other, *host;
char *iface;
- u_int8_t mask;
+ uint8_t mask;
mark_t mark;
bool is_host, is_ipv6;
int out;
@@ -344,13 +344,13 @@ static void invoke_once(private_updown_listener_t *this, ike_sa_t *ike_sa,
}
push_vip_env(this, ike_sa, envp, countof(envp), TRUE);
push_vip_env(this, ike_sa, envp, countof(envp), FALSE);
- mark = config->get_mark(config, TRUE);
+ mark = child_sa->get_mark(child_sa, TRUE);
if (mark.value)
{
push_env(envp, countof(envp), "PLUTO_MARK_IN=%u/0x%08x",
mark.value, mark.mask);
}
- mark = config->get_mark(config, FALSE);
+ mark = child_sa->get_mark(child_sa, FALSE);
if (mark.value)
{
push_env(envp, countof(envp), "PLUTO_MARK_OUT=%u/0x%08x",
diff --git a/src/libcharon/plugins/vici/Makefile.in b/src/libcharon/plugins/vici/Makefile.in
index 86ed00792..b943c09ce 100644
--- a/src/libcharon/plugins/vici/Makefile.in
+++ b/src/libcharon/plugins/vici/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -84,8 +94,6 @@ check_PROGRAMS = $(am__EXEEXT_1)
@USE_PYTHON_EGGS_TRUE@am__append_2 = python
@USE_PERL_CPAN_TRUE@am__append_3 = perl
subdir = src/libcharon/plugins/vici
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -99,6 +107,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -274,6 +283,7 @@ am__tty_colors = { \
fi; \
}
DIST_SUBDIRS = ruby python perl
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -305,6 +315,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -354,6 +365,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -388,6 +400,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -499,6 +512,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -602,7 +616,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/vici/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/vici/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -1319,6 +1332,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES \
tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md
index 52929bd74..cf5a85a8d 100644
--- a/src/libcharon/plugins/vici/README.md
+++ b/src/libcharon/plugins/vici/README.md
@@ -277,8 +277,8 @@ Terminates an SA while streaming _control-log_ events.
{
child = <terminate a CHILD_SA by configuration name>
ike = <terminate an IKE_SA by configuration name>
- child_id = <terminate a CHILD_SA by its reqid>
- ike_id = <terminate an IKE_SA by its unique id>
+ child-id = <terminate a CHILD_SA by its reqid>
+ ike-id = <terminate an IKE_SA by its unique id>
timeout = <timeout in ms before returning>
loglevel = <loglevel to issue "control-log" events for>
} => {
@@ -337,7 +337,7 @@ events.
{
noblock = <use non-blocking mode if key is set>
ike = <filter listed IKE_SAs by its name>
- ike_id = <filter listed IKE_SA by its unique id>
+ ike-id = <filter listed IKE_SA by its unique id>
} => {
# completes after streaming list-sa events
}
@@ -734,6 +734,8 @@ _list-conns_ command.
<list of valid remote IKE endpoint addresses>
]
version = <IKE version as string, IKEv1|IKEv2 or 0 for any>
+ reauth_time = <IKE_SA reauthentication interval in seconds>
+ rekey_time = <IKE_SA rekeying interval in seconds>
local*, remote* = { # multiple local and remote auth sections
class = <authentication type>
@@ -758,6 +760,9 @@ _list-conns_ command.
children = {
<CHILD_SA config name>* = {
mode = <IPsec mode>
+ rekey_time = <CHILD_SA rekeying interval in seconds>
+ rekey_bytes = <CHILD_SA rekeying interval in bytes>
+ rekey_packets = <CHILD_SA rekeying interval in packets>
local-ts = [
<list of local traffic selectors>
]
diff --git a/src/libcharon/plugins/vici/libvici.c b/src/libcharon/plugins/vici/libvici.c
index 7c98c8b69..0b549a511 100644
--- a/src/libcharon/plugins/vici/libvici.c
+++ b/src/libcharon/plugins/vici/libvici.c
@@ -123,7 +123,7 @@ static bool read_error(vici_conn_t *conn, int err)
/**
* Handle a command response message
*/
-static bool handle_response(vici_conn_t *conn, u_int32_t len)
+static bool handle_response(vici_conn_t *conn, uint32_t len)
{
chunk_t buf;
@@ -140,11 +140,11 @@ static bool handle_response(vici_conn_t *conn, u_int32_t len)
/**
* Dispatch received event message
*/
-static bool handle_event(vici_conn_t *conn, u_int32_t len)
+static bool handle_event(vici_conn_t *conn, uint32_t len)
{
vici_message_t *message;
event_t *event;
- u_int8_t namelen;
+ uint8_t namelen;
char name[257], *buf;
if (len < sizeof(namelen))
@@ -198,8 +198,8 @@ static bool handle_event(vici_conn_t *conn, u_int32_t len)
CALLBACK(on_read, bool,
vici_conn_t *conn, stream_t *stream)
{
- u_int32_t len;
- u_int8_t op;
+ uint32_t len;
+ uint8_t op;
ssize_t hlen;
hlen = stream->read(stream, &len, sizeof(len), FALSE);
@@ -358,8 +358,8 @@ vici_res_t* vici_submit(vici_req_t *req, vici_conn_t *conn)
vici_message_t *message;
vici_res_t *res;
chunk_t data;
- u_int32_t len;
- u_int8_t namelen, op;
+ uint32_t len;
+ uint8_t namelen, op;
message = req->b->finalize(req->b);
if (!message)
@@ -678,8 +678,8 @@ void vici_free_res(vici_res_t *res)
int vici_register(vici_conn_t *conn, char *name, vici_event_cb_t cb, void *user)
{
event_t *event;
- u_int32_t len;
- u_int8_t namelen, op;
+ uint32_t len;
+ uint8_t namelen, op;
int ret = 1;
op = cb ? VICI_EVENT_REGISTER : VICI_EVENT_UNREGISTER;
diff --git a/src/libcharon/plugins/vici/perl/Makefile.in b/src/libcharon/plugins/vici/perl/Makefile.in
index 550d3e980..e32e9668c 100644
--- a/src/libcharon/plugins/vici/perl/Makefile.in
+++ b/src/libcharon/plugins/vici/perl/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -78,7 +88,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/vici/perl
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -92,6 +101,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -116,12 +126,14 @@ am__can_run_installinfo = \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -171,6 +183,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -205,6 +218,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -316,6 +330,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -370,7 +385,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/vici/perl/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/vici/perl/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -547,6 +561,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
all-local: Vici-Session/pm_to_blib
diff --git a/src/libcharon/plugins/vici/python/MANIFEST.in b/src/libcharon/plugins/vici/python/MANIFEST.in
index 1aba38f67..9d5d250d0 100644
--- a/src/libcharon/plugins/vici/python/MANIFEST.in
+++ b/src/libcharon/plugins/vici/python/MANIFEST.in
@@ -1 +1,2 @@
include LICENSE
+include README.rst
diff --git a/src/libcharon/plugins/vici/python/Makefile.am b/src/libcharon/plugins/vici/python/Makefile.am
index 5936f2a5e..20a6f436d 100644
--- a/src/libcharon/plugins/vici/python/Makefile.am
+++ b/src/libcharon/plugins/vici/python/Makefile.am
@@ -1,4 +1,4 @@
-EXTRA_DIST = LICENSE MANIFEST.in \
+EXTRA_DIST = LICENSE README.rst MANIFEST.in \
setup.py.in \
vici/test/__init__.py \
vici/test/test_protocol.py \
@@ -10,26 +10,34 @@ EXTRA_DIST = LICENSE MANIFEST.in \
$(srcdir)/setup.py: $(srcdir)/setup.py.in
$(AM_V_GEN) sed \
- -e "s:@EGG_VERSION@:$(PACKAGE_VERSION):" \
+ -e "s:@EGG_VERSION@:$(PYTHON_PACKAGE_VERSION):" \
$(srcdir)/setup.py.in > $@
-all-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+all-local: dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
-dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) $(srcdir)/setup.py
+dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) $(srcdir)/setup.py
(cd $(srcdir); $(PYTHON) setup.py bdist_egg \
-b $(shell readlink -f $(builddir))/build \
-d $(shell readlink -f $(builddir))/dist)
+package: $(EXTRA_DIST) $(srcdir)/setup.py
+ (cd $(srcdir); $(PYTHON) setup.py sdist \
+ -d $(shell readlink -f $(builddir))/dist \
+ bdist_wheel --universal \
+ -d $(shell readlink -f $(builddir))/dist)
+
clean-local:
(cd $(srcdir); [ ! -f setup.py ] || $(PYTHON) setup.py clean -a)
rm -rf $(srcdir)/setup.py $(srcdir)/vici.egg-info $(builddir)/dist
if PYTHON_EGGS_INSTALL
-install-exec-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+install-exec-local: dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
$(EASY_INSTALL) $(PYTHONEGGINSTALLDIR) \
- dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+ dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
endif
if USE_PY_TEST
TESTS = $(PY_TEST)
endif
+
+.PHONY: package
diff --git a/src/libcharon/plugins/vici/python/Makefile.in b/src/libcharon/plugins/vici/python/Makefile.in
index 894a7e275..7d1c64267 100644
--- a/src/libcharon/plugins/vici/python/Makefile.in
+++ b/src/libcharon/plugins/vici/python/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -78,7 +88,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/vici/python
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -92,6 +101,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -138,12 +148,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -193,6 +205,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -227,6 +240,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -338,6 +352,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -366,7 +381,7 @@ top_srcdir = @top_srcdir@
urandom_device = @urandom_device@
xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
-EXTRA_DIST = LICENSE MANIFEST.in \
+EXTRA_DIST = LICENSE README.rst MANIFEST.in \
setup.py.in \
vici/test/__init__.py \
vici/test/test_protocol.py \
@@ -392,7 +407,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/vici/python/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/vici/python/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -663,26 +677,36 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
$(srcdir)/setup.py: $(srcdir)/setup.py.in
$(AM_V_GEN) sed \
- -e "s:@EGG_VERSION@:$(PACKAGE_VERSION):" \
+ -e "s:@EGG_VERSION@:$(PYTHON_PACKAGE_VERSION):" \
$(srcdir)/setup.py.in > $@
-all-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+all-local: dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
-dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) $(srcdir)/setup.py
+dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) $(srcdir)/setup.py
(cd $(srcdir); $(PYTHON) setup.py bdist_egg \
-b $(shell readlink -f $(builddir))/build \
-d $(shell readlink -f $(builddir))/dist)
+package: $(EXTRA_DIST) $(srcdir)/setup.py
+ (cd $(srcdir); $(PYTHON) setup.py sdist \
+ -d $(shell readlink -f $(builddir))/dist \
+ bdist_wheel --universal \
+ -d $(shell readlink -f $(builddir))/dist)
+
clean-local:
(cd $(srcdir); [ ! -f setup.py ] || $(PYTHON) setup.py clean -a)
rm -rf $(srcdir)/setup.py $(srcdir)/vici.egg-info $(builddir)/dist
-@PYTHON_EGGS_INSTALL_TRUE@install-exec-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+@PYTHON_EGGS_INSTALL_TRUE@install-exec-local: dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
@PYTHON_EGGS_INSTALL_TRUE@ $(EASY_INSTALL) $(PYTHONEGGINSTALLDIR) \
-@PYTHON_EGGS_INSTALL_TRUE@ dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+@PYTHON_EGGS_INSTALL_TRUE@ dist/vici-$(PYTHON_PACKAGE_VERSION)-py$(PYTHON_VERSION).egg
+
+.PHONY: package
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/vici/python/README.rst b/src/libcharon/plugins/vici/python/README.rst
new file mode 100644
index 000000000..3990f6300
--- /dev/null
+++ b/src/libcharon/plugins/vici/python/README.rst
@@ -0,0 +1,24 @@
+About
+-----
+
+The strongSwan VICI protocol allows external applications to monitor, configure
+and control the IKE daemon charon. This Python package provides a native client
+side implementation of the VICI protocol, well suited to script automated tasks
+in a reliable way.
+
+
+Example Usage
+-------------
+
+.. code-block:: python
+
+ >>> import vici
+ >>> s = vici.Session()
+ >>> s.version()
+ OrderedDict([('daemon', b'charon'), ('version', b'5.4.0'),
+ ('sysname', b'Linux'), ('release', b'3.13.0-27-generic'), ('machine', b'x86_64')])
+ >>> s.load_pool({"p1": {"addrs": "10.0.0.0/24"}})
+ OrderedDict([('success', b'yes')])
+ >>> s.get_pools()
+ OrderedDict([('p1', OrderedDict([('base', b'10.0.0.0'), ('size', b'254'),
+ ('online', b'0'), ('offline', b'0')]))])
diff --git a/src/libcharon/plugins/vici/python/setup.py.in b/src/libcharon/plugins/vici/python/setup.py.in
index 0e4ad8236..62b0c5899 100644
--- a/src/libcharon/plugins/vici/python/setup.py.in
+++ b/src/libcharon/plugins/vici/python/setup.py.in
@@ -1,25 +1,21 @@
from setuptools import setup
-
-long_description = (
- "The strongSwan VICI protocol allows external application to monitor, "
- "configure and control the IKE daemon charon. This python package provides "
- "a native client side implementation of the VICI protocol, well suited to "
- "script automated tasks in a reliable way."
-)
+with open('README.rst') as file:
+ long_description = file.read()
setup(
name="vici",
version="@EGG_VERSION@",
- description="Native python interface for strongSwan VICI",
- author="Bjorn Schuberg",
+ description="Native Python interface for strongSwan's VICI protocol",
+ long_description=long_description,
+ author="strongSwan Project",
+ author_email="info@strongswan.org",
url="https://wiki.strongswan.org/projects/strongswan/wiki/Vici",
license="MIT",
packages=["vici"],
- long_description=long_description,
include_package_data=True,
classifiers=(
- "Development Status :: 3 - Alpha",
+ "Development Status :: 5 - Production/Stable",
"Intended Audience :: Developers",
"Intended Audience :: System Administrators",
"License :: OSI Approved :: MIT License",
diff --git a/src/libcharon/plugins/vici/python/vici/protocol.py b/src/libcharon/plugins/vici/python/vici/protocol.py
index 855a7b2e2..4951817eb 100644
--- a/src/libcharon/plugins/vici/python/vici/protocol.py
+++ b/src/libcharon/plugins/vici/python/vici/protocol.py
@@ -20,15 +20,22 @@ class Transport(object):
self.socket.sendall(struct.pack("!I", len(packet)) + packet)
def receive(self):
- raw_length = self.socket.recv(self.HEADER_LENGTH)
+ raw_length = self._recvall(self.HEADER_LENGTH)
length, = struct.unpack("!I", raw_length)
- payload = self.socket.recv(length)
+ payload = self._recvall(length)
return payload
def close(self):
self.socket.shutdown(socket.SHUT_RDWR)
self.socket.close()
+ def _recvall(self, count):
+ """Ensure to read count bytes from the socket"""
+ data = b""
+ while len(data) < count:
+ data += self.socket.recv(count - len(data))
+ return data
+
class Packet(object):
CMD_REQUEST = 0 # Named request message
diff --git a/src/libcharon/plugins/vici/ruby/Makefile.in b/src/libcharon/plugins/vici/ruby/Makefile.in
index b87d83de4..aceb28adc 100644
--- a/src/libcharon/plugins/vici/ruby/Makefile.in
+++ b/src/libcharon/plugins/vici/ruby/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -78,7 +88,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/vici/ruby
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -92,6 +101,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -116,12 +126,14 @@ am__can_run_installinfo = \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -171,6 +183,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -205,6 +218,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -316,6 +330,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -360,7 +375,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/vici/ruby/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/vici/ruby/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -455,8 +469,8 @@ distclean-generic:
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-@RUBY_GEMS_INSTALL_FALSE@uninstall-local:
@RUBY_GEMS_INSTALL_FALSE@install-data-local:
+@RUBY_GEMS_INSTALL_FALSE@uninstall-local:
clean: clean-am
clean-am: clean-generic clean-libtool clean-local mostlyclean-am
@@ -538,6 +552,8 @@ uninstall-am: uninstall-local
mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \
uninstall-am uninstall-local
+.PRECIOUS: Makefile
+
vici.gemspec: $(srcdir)/vici.gemspec.in
$(AM_V_GEN) sed \
diff --git a/src/libcharon/plugins/vici/suites/test_socket.c b/src/libcharon/plugins/vici/suites/test_socket.c
index 8d545c6c1..d0c0fa76f 100644
--- a/src/libcharon/plugins/vici/suites/test_socket.c
+++ b/src/libcharon/plugins/vici/suites/test_socket.c
@@ -32,7 +32,7 @@ static void echo_inbound(void *user, u_int id, chunk_t buf)
ck_assert_int_eq(data->id, id);
/* count number of bytes, including the header */
- data->bytes += buf.len + sizeof(u_int32_t);
+ data->bytes += buf.len + sizeof(uint32_t);
/* echo back data chunk */
data->s->send(data->s, id, chunk_clone(buf));
}
@@ -81,7 +81,7 @@ START_TEST(test_echo)
0x00,0x00,0x00,0x0A, 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x02A,
);
char buf[m.len];
- u_int32_t len;
+ uint32_t len;
lib->processor->set_threads(lib->processor, 4);
diff --git a/src/libcharon/plugins/vici/vici_attribute.c b/src/libcharon/plugins/vici/vici_attribute.c
index 9064d3d8c..e0d9b4ae8 100644
--- a/src/libcharon/plugins/vici/vici_attribute.c
+++ b/src/libcharon/plugins/vici/vici_attribute.c
@@ -233,7 +233,7 @@ static bool have_vips_from_pool(mem_pool_t *pool, linked_list_t *vips)
enumerator_t *enumerator;
host_t *host;
chunk_t start, end, current;
- u_int32_t size;
+ uint32_t size;
bool found = FALSE;
host = pool->get_base(pool);
@@ -477,10 +477,10 @@ CALLBACK(pool_li, bool,
{
if (host->get_family(host) == AF_INET)
{ /* IPv4 attributes contain a subnet mask */
- u_int32_t netmask = 0;
+ uint32_t netmask = 0;
if (mask)
- { /* shifting u_int32_t by 32 or more is undefined */
+ { /* shifting uint32_t by 32 or more is undefined */
mask = 32 - mask;
netmask = htonl((0xFFFFFFFF >> mask) << mask);
}
diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index 6ebbedc47..d919e1d94 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -57,22 +57,32 @@
/**
* Magic value for an undefined lifetime
*/
-#define LFT_UNDEFINED (~(u_int64_t)0)
+#define LFT_UNDEFINED (~(uint64_t)0)
/**
* Default IKE rekey time
*/
-#define LFT_DEFAULT_IKE_REKEY (4 * 60 * 60)
+#define LFT_DEFAULT_IKE_REKEY_TIME (4 * 60 * 60)
/**
* Default CHILD rekey time
*/
-#define LFT_DEFAULT_CHILD_REKEY (1 * 60 * 60)
+#define LFT_DEFAULT_CHILD_REKEY_TIME (1 * 60 * 60)
+
+/**
+ * Default CHILD rekey bytes
+ */
+#define LFT_DEFAULT_CHILD_REKEY_BYTES 0
+
+/**
+ * Default CHILD rekey packets
+ */
+#define LFT_DEFAULT_CHILD_REKEY_PACKETS 0
/**
* Undefined replay window
*/
-#define REPLAY_UNDEFINED (~(u_int32_t)0)
+#define REPLAY_UNDEFINED (~(uint32_t)0)
typedef struct private_vici_config_t private_vici_config_t;
@@ -242,7 +252,7 @@ typedef struct {
typedef struct {
request_data_t *request;
auth_cfg_t *cfg;
- u_int32_t round;
+ uint32_t round;
} auth_data_t;
/**
@@ -259,20 +269,20 @@ static void free_auth_data(auth_data_t *data)
*/
typedef struct {
request_data_t *request;
- u_int32_t version;
+ uint32_t version;
bool aggressive;
bool encap;
bool mobike;
bool send_certreq;
bool pull;
cert_policy_t send_cert;
- u_int64_t dpd_delay;
- u_int64_t dpd_timeout;
+ uint64_t dpd_delay;
+ uint64_t dpd_timeout;
fragmentation_t fragmentation;
unique_policy_t unique;
- u_int32_t keyingtries;
- u_int32_t local_port;
- u_int32_t remote_port;
+ uint32_t keyingtries;
+ uint32_t local_port;
+ uint32_t remote_port;
char *local_addrs;
char *remote_addrs;
linked_list_t *local;
@@ -281,10 +291,10 @@ typedef struct {
linked_list_t *children;
linked_list_t *vips;
char *pools;
- u_int64_t reauth_time;
- u_int64_t rekey_time;
- u_int64_t over_time;
- u_int64_t rand_time;
+ uint64_t reauth_time;
+ uint64_t rekey_time;
+ uint64_t over_time;
+ uint64_t rand_time;
} peer_data_t;
/**
@@ -422,24 +432,12 @@ static void free_peer_data(peer_data_t *data)
*/
typedef struct {
request_data_t *request;
- lifetime_cfg_t lft;
- char* updown;
- bool hostaccess;
- bool ipcomp;
- bool policies;
- ipsec_mode_t mode;
- u_int32_t replay_window;
- action_t dpd_action;
- action_t start_action;
- action_t close_action;
- u_int32_t reqid;
- u_int32_t tfc;
- mark_t mark_in;
- mark_t mark_out;
- u_int64_t inactivity;
linked_list_t *proposals;
linked_list_t *local_ts;
linked_list_t *remote_ts;
+ uint32_t replay_window;
+ bool policies;
+ child_cfg_create_t cfg;
} child_data_t;
/**
@@ -447,35 +445,39 @@ typedef struct {
*/
static void log_child_data(child_data_t *data, char *name)
{
+ child_cfg_create_t *cfg = &data->cfg;
+
DBG2(DBG_CFG, " child %s:", name);
- DBG2(DBG_CFG, " rekey_time = %llu", data->lft.time.rekey);
- DBG2(DBG_CFG, " life_time = %llu", data->lft.time.life);
- DBG2(DBG_CFG, " rand_time = %llu", data->lft.time.jitter);
- DBG2(DBG_CFG, " rekey_bytes = %llu", data->lft.bytes.rekey);
- DBG2(DBG_CFG, " life_bytes = %llu", data->lft.bytes.life);
- DBG2(DBG_CFG, " rand_bytes = %llu", data->lft.bytes.jitter);
- DBG2(DBG_CFG, " rekey_packets = %llu", data->lft.packets.rekey);
- DBG2(DBG_CFG, " life_packets = %llu", data->lft.packets.life);
- DBG2(DBG_CFG, " rand_packets = %llu", data->lft.packets.jitter);
- DBG2(DBG_CFG, " updown = %s", data->updown);
- DBG2(DBG_CFG, " hostaccess = %u", data->hostaccess);
- DBG2(DBG_CFG, " ipcomp = %u", data->ipcomp);
- DBG2(DBG_CFG, " mode = %N", ipsec_mode_names, data->mode);
+ DBG2(DBG_CFG, " rekey_time = %llu", cfg->lifetime.time.rekey);
+ DBG2(DBG_CFG, " life_time = %llu", cfg->lifetime.time.life);
+ DBG2(DBG_CFG, " rand_time = %llu", cfg->lifetime.time.jitter);
+ DBG2(DBG_CFG, " rekey_bytes = %llu", cfg->lifetime.bytes.rekey);
+ DBG2(DBG_CFG, " life_bytes = %llu", cfg->lifetime.bytes.life);
+ DBG2(DBG_CFG, " rand_bytes = %llu", cfg->lifetime.bytes.jitter);
+ DBG2(DBG_CFG, " rekey_packets = %llu", cfg->lifetime.packets.rekey);
+ DBG2(DBG_CFG, " life_packets = %llu", cfg->lifetime.packets.life);
+ DBG2(DBG_CFG, " rand_packets = %llu", cfg->lifetime.packets.jitter);
+ DBG2(DBG_CFG, " updown = %s", cfg->updown);
+ DBG2(DBG_CFG, " hostaccess = %u", cfg->hostaccess);
+ DBG2(DBG_CFG, " ipcomp = %u", cfg->ipcomp);
+ DBG2(DBG_CFG, " mode = %N", ipsec_mode_names, cfg->mode);
DBG2(DBG_CFG, " policies = %u", data->policies);
if (data->replay_window != REPLAY_UNDEFINED)
{
DBG2(DBG_CFG, " replay_window = %u", data->replay_window);
}
- DBG2(DBG_CFG, " dpd_action = %N", action_names, data->dpd_action);
- DBG2(DBG_CFG, " start_action = %N", action_names, data->start_action);
- DBG2(DBG_CFG, " close_action = %N", action_names, data->close_action);
- DBG2(DBG_CFG, " reqid = %u", data->reqid);
- DBG2(DBG_CFG, " tfc = %d", data->tfc);
+ DBG2(DBG_CFG, " dpd_action = %N", action_names, cfg->dpd_action);
+ DBG2(DBG_CFG, " start_action = %N", action_names, cfg->start_action);
+ DBG2(DBG_CFG, " close_action = %N", action_names, cfg->close_action);
+ DBG2(DBG_CFG, " reqid = %u", cfg->reqid);
+ DBG2(DBG_CFG, " tfc = %d", cfg->tfc);
+ DBG2(DBG_CFG, " priority = %d", cfg->priority);
+ DBG2(DBG_CFG, " interface = %s", cfg->interface);
DBG2(DBG_CFG, " mark_in = %u/%u",
- data->mark_in.value, data->mark_in.mask);
+ cfg->mark_in.value, cfg->mark_in.mask);
DBG2(DBG_CFG, " mark_out = %u/%u",
- data->mark_out.value, data->mark_out.mask);
- DBG2(DBG_CFG, " inactivity = %llu", data->inactivity);
+ cfg->mark_out.value, cfg->mark_out.mask);
+ DBG2(DBG_CFG, " inactivity = %llu", cfg->inactivity);
DBG2(DBG_CFG, " proposals = %#P", data->proposals);
DBG2(DBG_CFG, " local_ts = %#R", data->local_ts);
DBG2(DBG_CFG, " remote_ts = %#R", data->remote_ts);
@@ -492,7 +494,8 @@ static void free_child_data(child_data_t *data)
offsetof(traffic_selector_t, destroy));
data->remote_ts->destroy_offset(data->remote_ts,
offsetof(traffic_selector_t, destroy));
- free(data->updown);
+ free(data->cfg.updown);
+ free(data->cfg.interface);
}
/**
@@ -568,8 +571,8 @@ CALLBACK(parse_ts, bool,
struct protoent *protoent;
struct servent *svc;
long int p;
- u_int16_t from = 0, to = 0xffff;
- u_int8_t proto = 0;
+ uint16_t from = 0, to = 0xffff;
+ uint8_t proto = 0;
if (!vici_stringify(v, buf, sizeof(buf)))
{
@@ -613,7 +616,7 @@ CALLBACK(parse_ts, bool,
{
return FALSE;
}
- proto = (u_int8_t)p;
+ proto = (uint8_t)p;
}
}
if (streq(port, "opaque"))
@@ -809,10 +812,10 @@ CALLBACK(parse_action, bool,
}
/**
- * Parse a u_int32_t
+ * Parse a uint32_t
*/
CALLBACK(parse_uint32, bool,
- u_int32_t *out, chunk_t v)
+ uint32_t *out, chunk_t v)
{
char buf[16], *end;
u_long l;
@@ -831,10 +834,10 @@ CALLBACK(parse_uint32, bool,
}
/**
- * Parse a u_int64_t
+ * Parse a uint64_t
*/
CALLBACK(parse_uint64, bool,
- u_int64_t *out, chunk_t v)
+ uint64_t *out, chunk_t v)
{
char buf[16], *end;
unsigned long long l;
@@ -856,7 +859,7 @@ CALLBACK(parse_uint64, bool,
* Parse a relative time
*/
CALLBACK(parse_time, bool,
- u_int64_t *out, chunk_t v)
+ uint64_t *out, chunk_t v)
{
char buf[16], *end;
u_long l;
@@ -906,7 +909,7 @@ CALLBACK(parse_time, bool,
* Parse byte volume
*/
CALLBACK(parse_bytes, bool,
- u_int64_t *out, chunk_t v)
+ uint64_t *out, chunk_t v)
{
char buf[16], *end;
unsigned long long l;
@@ -968,7 +971,7 @@ CALLBACK(parse_mark, bool,
* Parse TFC padding option
*/
CALLBACK(parse_tfc, bool,
- u_int32_t *out, chunk_t v)
+ uint32_t *out, chunk_t v)
{
if (chunk_equals(v, chunk_from_str("mtu")))
{
@@ -1327,29 +1330,31 @@ CALLBACK(child_kv, bool,
child_data_t *child, vici_message_t *message, char *name, chunk_t value)
{
parse_rule_t rules[] = {
- { "updown", parse_string, &child->updown },
- { "hostaccess", parse_bool, &child->hostaccess },
- { "mode", parse_mode, &child->mode },
- { "policies", parse_bool, &child->policies },
- { "replay_window", parse_uint32, &child->replay_window },
- { "rekey_time", parse_time, &child->lft.time.rekey },
- { "life_time", parse_time, &child->lft.time.life },
- { "rand_time", parse_time, &child->lft.time.jitter },
- { "rekey_bytes", parse_bytes, &child->lft.bytes.rekey },
- { "life_bytes", parse_bytes, &child->lft.bytes.life },
- { "rand_bytes", parse_bytes, &child->lft.bytes.jitter },
- { "rekey_packets", parse_uint64, &child->lft.packets.rekey },
- { "life_packets", parse_uint64, &child->lft.packets.life },
- { "rand_packets", parse_uint64, &child->lft.packets.jitter },
- { "dpd_action", parse_action, &child->dpd_action },
- { "start_action", parse_action, &child->start_action },
- { "close_action", parse_action, &child->close_action },
- { "ipcomp", parse_bool, &child->ipcomp },
- { "inactivity", parse_time, &child->inactivity },
- { "reqid", parse_uint32, &child->reqid },
- { "mark_in", parse_mark, &child->mark_in },
- { "mark_out", parse_mark, &child->mark_out },
- { "tfc_padding", parse_tfc, &child->tfc },
+ { "updown", parse_string, &child->cfg.updown },
+ { "hostaccess", parse_bool, &child->cfg.hostaccess },
+ { "mode", parse_mode, &child->cfg.mode },
+ { "policies", parse_bool, &child->policies },
+ { "replay_window", parse_uint32, &child->replay_window },
+ { "rekey_time", parse_time, &child->cfg.lifetime.time.rekey },
+ { "life_time", parse_time, &child->cfg.lifetime.time.life },
+ { "rand_time", parse_time, &child->cfg.lifetime.time.jitter },
+ { "rekey_bytes", parse_bytes, &child->cfg.lifetime.bytes.rekey },
+ { "life_bytes", parse_bytes, &child->cfg.lifetime.bytes.life },
+ { "rand_bytes", parse_bytes, &child->cfg.lifetime.bytes.jitter },
+ { "rekey_packets", parse_uint64, &child->cfg.lifetime.packets.rekey },
+ { "life_packets", parse_uint64, &child->cfg.lifetime.packets.life },
+ { "rand_packets", parse_uint64, &child->cfg.lifetime.packets.jitter },
+ { "dpd_action", parse_action, &child->cfg.dpd_action },
+ { "start_action", parse_action, &child->cfg.start_action },
+ { "close_action", parse_action, &child->cfg.close_action },
+ { "ipcomp", parse_bool, &child->cfg.ipcomp },
+ { "inactivity", parse_time, &child->cfg.inactivity },
+ { "reqid", parse_uint32, &child->cfg.reqid },
+ { "mark_in", parse_mark, &child->cfg.mark_in },
+ { "mark_out", parse_mark, &child->cfg.mark_out },
+ { "tfc_padding", parse_tfc, &child->cfg.tfc },
+ { "priority", parse_uint32, &child->cfg.priority },
+ { "interface", parse_string, &child->cfg.interface },
};
return parse_rules(rules, countof(rules), name, value,
@@ -1430,6 +1435,42 @@ CALLBACK(peer_kv, bool,
&peer->request->reply);
}
+/**
+ * Check and update lifetimes
+ */
+static void check_lifetimes(lifetime_cfg_t *lft)
+{
+ /* if no hard lifetime specified, add one at soft lifetime + 10% */
+ if (lft->time.life == LFT_UNDEFINED)
+ {
+ lft->time.life = lft->time.rekey * 110 / 100;
+ }
+ if (lft->bytes.life == LFT_UNDEFINED)
+ {
+ lft->bytes.life = lft->bytes.rekey * 110 / 100;
+ }
+ if (lft->packets.life == LFT_UNDEFINED)
+ {
+ lft->packets.life = lft->packets.rekey * 110 / 100;
+ }
+ /* if no rand time defined, use difference of hard and soft */
+ if (lft->time.jitter == LFT_UNDEFINED)
+ {
+ lft->time.jitter = lft->time.life -
+ min(lft->time.life, lft->time.rekey);
+ }
+ if (lft->bytes.jitter == LFT_UNDEFINED)
+ {
+ lft->bytes.jitter = lft->bytes.life -
+ min(lft->bytes.life, lft->bytes.rekey);
+ }
+ if (lft->packets.jitter == LFT_UNDEFINED)
+ {
+ lft->packets.jitter = lft->packets.life -
+ min(lft->packets.life, lft->packets.rekey);
+ }
+}
+
CALLBACK(children_sn, bool,
peer_data_t *peer, vici_message_t *message, vici_parse_context_t *ctx,
char *name)
@@ -1439,29 +1480,28 @@ CALLBACK(children_sn, bool,
.proposals = linked_list_create(),
.local_ts = linked_list_create(),
.remote_ts = linked_list_create(),
- .mode = MODE_TUNNEL,
.policies = TRUE,
.replay_window = REPLAY_UNDEFINED,
- .dpd_action = ACTION_NONE,
- .start_action = ACTION_NONE,
- .close_action = ACTION_NONE,
- .lft = {
- .time = {
- .rekey = LFT_DEFAULT_CHILD_REKEY,
- .life = LFT_UNDEFINED,
- .jitter = LFT_UNDEFINED,
- },
- .bytes = {
- .rekey = LFT_UNDEFINED,
- .life = LFT_UNDEFINED,
- .jitter = LFT_UNDEFINED,
+ .cfg = {
+ .mode = MODE_TUNNEL,
+ .lifetime = {
+ .time = {
+ .rekey = LFT_DEFAULT_CHILD_REKEY_TIME,
+ .life = LFT_UNDEFINED,
+ .jitter = LFT_UNDEFINED,
+ },
+ .bytes = {
+ .rekey = LFT_DEFAULT_CHILD_REKEY_BYTES,
+ .life = LFT_UNDEFINED,
+ .jitter = LFT_UNDEFINED,
+ },
+ .packets = {
+ .rekey = LFT_DEFAULT_CHILD_REKEY_PACKETS,
+ .life = LFT_UNDEFINED,
+ .jitter = LFT_UNDEFINED,
+ },
},
- .packets = {
- .rekey = LFT_UNDEFINED,
- .life = LFT_UNDEFINED,
- .jitter = LFT_UNDEFINED,
- },
- }
+ },
};
child_cfg_t *cfg;
proposal_t *proposal;
@@ -1496,55 +1536,13 @@ CALLBACK(children_sn, bool,
child.proposals->insert_last(child.proposals, proposal);
}
}
+ child.cfg.suppress_policies = !child.policies;
- /* if no hard lifetime specified, add one at soft lifetime + 10% */
- if (child.lft.time.life == LFT_UNDEFINED)
- {
- child.lft.time.life = child.lft.time.rekey * 110 / 100;
- }
- if (child.lft.bytes.life == LFT_UNDEFINED)
- {
- child.lft.bytes.life = child.lft.bytes.rekey * 110 / 100;
- }
- if (child.lft.packets.life == LFT_UNDEFINED)
- {
- child.lft.packets.life = child.lft.packets.rekey * 110 / 100;
- }
- /* if no soft lifetime specified, add one at hard lifetime - 10% */
- if (child.lft.bytes.rekey == LFT_UNDEFINED)
- {
- child.lft.bytes.rekey = child.lft.bytes.life * 90 / 100;
- }
- if (child.lft.packets.rekey == LFT_UNDEFINED)
- {
- child.lft.packets.rekey = child.lft.packets.life * 90 / 100;
- }
- /* if no rand time defined, use difference of hard and soft */
- if (child.lft.time.jitter == LFT_UNDEFINED)
- {
- child.lft.time.jitter = child.lft.time.life -
- min(child.lft.time.life, child.lft.time.rekey);
- }
- if (child.lft.bytes.jitter == LFT_UNDEFINED)
- {
- child.lft.bytes.jitter = child.lft.bytes.life -
- min(child.lft.bytes.life, child.lft.bytes.rekey);
- }
- if (child.lft.packets.jitter == LFT_UNDEFINED)
- {
- child.lft.packets.jitter = child.lft.packets.life -
- min(child.lft.packets.life, child.lft.packets.rekey);
- }
+ check_lifetimes(&child.cfg.lifetime);
log_child_data(&child, name);
- cfg = child_cfg_create(name, &child.lft, child.updown,
- child.hostaccess, child.mode, child.start_action,
- child.dpd_action, child.close_action, child.ipcomp,
- child.inactivity, child.reqid, &child.mark_in,
- &child.mark_out, child.tfc);
-
- cfg->set_mipv6_options(cfg, FALSE, child.policies);
+ cfg = child_cfg_create(name, &child.cfg);
if (child.replay_window != REPLAY_UNDEFINED)
{
@@ -1649,12 +1647,12 @@ CALLBACK(peer_sn, bool,
/**
* Find reqid of an existing CHILD_SA
*/
-static u_int32_t find_reqid(child_cfg_t *cfg)
+static uint32_t find_reqid(child_cfg_t *cfg)
{
enumerator_t *enumerator, *children;
child_sa_t *child_sa;
ike_sa_t *ike_sa;
- u_int32_t reqid;
+ uint32_t reqid;
reqid = charon->traps->find_reqid(charon->traps, cfg);
if (reqid)
@@ -1723,7 +1721,7 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name,
enumerator_t *enumerator, *children;
child_sa_t *child_sa;
ike_sa_t *ike_sa;
- u_int32_t id = 0, others;
+ uint32_t id = 0, others;
array_t *ids = NULL, *ikeids = NULL;
char *name;
@@ -1987,6 +1985,7 @@ CALLBACK(config_sn, bool,
.rand_time = LFT_UNDEFINED,
};
enumerator_t *enumerator;
+ peer_cfg_create_t cfg;
peer_cfg_t *peer_cfg;
ike_cfg_t *ike_cfg;
child_cfg_t *child_cfg;
@@ -2046,7 +2045,7 @@ CALLBACK(config_sn, bool,
if (peer.rekey_time == LFT_UNDEFINED && peer.reauth_time == LFT_UNDEFINED)
{
/* apply a default rekey time if no rekey/reauth time set */
- peer.rekey_time = LFT_DEFAULT_IKE_REKEY;
+ peer.rekey_time = LFT_DEFAULT_IKE_REKEY_TIME;
peer.reauth_time = 0;
}
if (peer.rekey_time == LFT_UNDEFINED)
@@ -2083,12 +2082,22 @@ CALLBACK(config_sn, bool,
peer.local_addrs, peer.local_port,
peer.remote_addrs, peer.remote_port,
peer.fragmentation, 0);
- peer_cfg = peer_cfg_create(name, ike_cfg, peer.send_cert, peer.unique,
- peer.keyingtries, peer.rekey_time, peer.reauth_time,
- peer.rand_time, peer.over_time, peer.mobike,
- peer.aggressive, peer.pull,
- peer.dpd_delay, peer.dpd_timeout,
- FALSE, NULL, NULL);
+
+ cfg = (peer_cfg_create_t){
+ .cert_policy = peer.send_cert,
+ .unique = peer.unique,
+ .keyingtries = peer.keyingtries,
+ .rekey_time = peer.rekey_time,
+ .reauth_time = peer.reauth_time,
+ .jitter_time = peer.rand_time,
+ .over_time = peer.over_time,
+ .no_mobike = !peer.mobike,
+ .aggressive = peer.aggressive,
+ .push_mode = !peer.pull,
+ .dpd = peer.dpd_delay,
+ .dpd_timeout = peer.dpd_timeout,
+ };
+ peer_cfg = peer_cfg_create(name, ike_cfg, &cfg);
while (peer.local->remove_first(peer.local,
(void**)&auth) == SUCCESS)
diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
index c526d2fda..44003819a 100644
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
@@ -507,12 +507,12 @@ CALLBACK(redirect, vici_message_t*,
/**
* Find reqid of an existing CHILD_SA
*/
-static u_int32_t find_reqid(child_cfg_t *cfg)
+static uint32_t find_reqid(child_cfg_t *cfg)
{
enumerator_t *enumerator, *children;
child_sa_t *child_sa;
ike_sa_t *ike_sa;
- u_int32_t reqid;
+ uint32_t reqid;
reqid = charon->traps->find_reqid(charon->traps, cfg);
if (reqid)
@@ -583,7 +583,7 @@ CALLBACK(uninstall, vici_message_t*,
{
child_sa_t *child_sa;
enumerator_t *enumerator;
- u_int32_t reqid = 0;
+ uint32_t reqid = 0;
char *child;
child = request->get_str(request, NULL, "child");
diff --git a/src/libcharon/plugins/vici/vici_dispatcher.c b/src/libcharon/plugins/vici/vici_dispatcher.c
index 31292d6b3..ffe0d61e5 100644
--- a/src/libcharon/plugins/vici/vici_dispatcher.c
+++ b/src/libcharon/plugins/vici/vici_dispatcher.c
@@ -119,10 +119,10 @@ static void send_op(private_vici_dispatcher_t *this, u_int id,
bio_writer_t *writer;
u_int len;
- len = sizeof(u_int8_t);
+ len = sizeof(uint8_t);
if (name)
{
- len += sizeof(u_int8_t) + strlen(name);
+ len += sizeof(uint8_t) + strlen(name);
}
if (message)
{
@@ -308,7 +308,7 @@ CALLBACK(inbound, void,
{
bio_reader_t *reader;
chunk_t chunk;
- u_int8_t type;
+ uint8_t type;
char name[257];
reader = bio_reader_create(data);
diff --git a/src/libcharon/plugins/vici/vici_message.c b/src/libcharon/plugins/vici/vici_message.c
index fb6e8a1ab..58b896773 100644
--- a/src/libcharon/plugins/vici/vici_message.c
+++ b/src/libcharon/plugins/vici/vici_message.c
@@ -137,7 +137,7 @@ typedef struct {
METHOD(enumerator_t, parse_enumerate, bool,
parse_enumerator_t *this, vici_type_t *out, char **name, chunk_t *value)
{
- u_int8_t type;
+ uint8_t type;
chunk_t data;
if (!this->reader->remaining(this->reader) ||
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index 284c23ee0..04cea004e 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -86,8 +86,8 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
child_sa_t *child, time_t now)
{
time_t t;
- u_int64_t bytes, packets;
- u_int16_t alg, ks;
+ uint64_t bytes, packets;
+ uint16_t alg, ks;
proposal_t *proposal;
enumerator_t *enumerator;
traffic_selector_t *ts;
@@ -152,7 +152,7 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
b->add_kv(b, "packets-in", "%" PRIu64, packets);
if (t)
{
- b->add_kv(b, "use-in", "%"PRIu64, (u_int64_t)(now - t));
+ b->add_kv(b, "use-in", "%"PRIu64, (uint64_t)(now - t));
}
child->get_usestats(child, FALSE, &t, &bytes, &packets);
@@ -160,7 +160,7 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
b->add_kv(b, "packets-out", "%"PRIu64, packets);
if (t)
{
- b->add_kv(b, "use-out", "%"PRIu64, (u_int64_t)(now - t));
+ b->add_kv(b, "use-out", "%"PRIu64, (uint64_t)(now - t));
}
t = child->get_lifetime(child, FALSE);
@@ -272,7 +272,7 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b,
ike_sa_id_t *id;
identification_t *eap;
proposal_t *proposal;
- u_int16_t alg, ks;
+ uint16_t alg, ks;
host_t *host;
b->add_kv(b, "uniqueid", "%u", ike_sa->get_unique_id(ike_sa));
@@ -682,9 +682,11 @@ CALLBACK(list_conns, vici_message_t*,
peer_cfg_t *peer_cfg;
ike_cfg_t *ike_cfg;
child_cfg_t *child_cfg;
- char *ike, *str;
+ char *ike, *str, *interface;
+ uint32_t manual_prio;
linked_list_t *list;
traffic_selector_t *ts;
+ lifetime_cfg_t *lft;
vici_builder_t *b;
ike = request->get_str(request, NULL, "ike");
@@ -725,6 +727,10 @@ CALLBACK(list_conns, vici_message_t*,
b->add_kv(b, "version", "%N", ike_version_names,
peer_cfg->get_ike_version(peer_cfg));
+ b->add_kv(b, "reauth_time", "%u",
+ peer_cfg->get_reauth_time(peer_cfg, FALSE));
+ b->add_kv(b, "rekey_time", "%u",
+ peer_cfg->get_rekey_time(peer_cfg, FALSE));
build_auth_cfgs(peer_cfg, TRUE, b);
build_auth_cfgs(peer_cfg, FALSE, b);
@@ -739,6 +745,12 @@ CALLBACK(list_conns, vici_message_t*,
b->add_kv(b, "mode", "%N", ipsec_mode_names,
child_cfg->get_mode(child_cfg));
+ lft = child_cfg->get_lifetime(child_cfg, FALSE);
+ b->add_kv(b, "rekey_time", "%"PRIu64, lft->time.rekey);
+ b->add_kv(b, "rekey_bytes", "%"PRIu64, lft->bytes.rekey);
+ b->add_kv(b, "rekey_packets", "%"PRIu64, lft->packets.rekey);
+ free(lft);
+
b->begin_list(b, "local-ts");
list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
selectors = list->create_enumerator(list);
@@ -761,6 +773,18 @@ CALLBACK(list_conns, vici_message_t*,
list->destroy_offset(list, offsetof(traffic_selector_t, destroy));
b->end_list(b /* remote-ts */);
+ interface = child_cfg->get_interface(child_cfg);
+ if (interface)
+ {
+ b->add_kv(b, "interface", "%s", interface);
+ }
+
+ manual_prio = child_cfg->get_manual_prio(child_cfg);
+ if (manual_prio)
+ {
+ b->add_kv(b, "priority", "%u", manual_prio);
+ }
+
b->end_section(b);
}
children->destroy(children);
diff --git a/src/libcharon/plugins/vici/vici_socket.c b/src/libcharon/plugins/vici/vici_socket.c
index 67fd7e8e3..2a55fd061 100644
--- a/src/libcharon/plugins/vici/vici_socket.c
+++ b/src/libcharon/plugins/vici/vici_socket.c
@@ -95,11 +95,11 @@ typedef struct {
/** bytes of length header sent/received */
u_char hdrlen;
/** bytes of length header */
- char hdr[sizeof(u_int32_t)];
+ char hdr[sizeof(uint32_t)];
/** send/receive buffer on heap */
chunk_t buf;
/** bytes sent/received in buffer */
- u_int32_t done;
+ uint32_t done;
} msg_buf_t;
/**
@@ -411,7 +411,7 @@ CALLBACK(on_write, bool,
static bool do_read(private_vici_socket_t *this, entry_t *entry,
stream_t *stream, char *errmsg, size_t errlen)
{
- u_int32_t msglen;
+ uint32_t msglen;
ssize_t len;
/* assemble the length header first */
diff --git a/src/libcharon/plugins/whitelist/Makefile.in b/src/libcharon/plugins/whitelist/Makefile.in
index 549ef6bce..47fcf91cd 100644
--- a/src/libcharon/plugins/whitelist/Makefile.in
+++ b/src/libcharon/plugins/whitelist/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = whitelist$(EXEEXT)
subdir = src/libcharon/plugins/whitelist
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -210,12 +219,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -265,6 +276,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -299,6 +311,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -410,6 +423,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -470,7 +484,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/whitelist/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/whitelist/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -840,6 +853,8 @@ uninstall-am: uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipsecPROGRAMS uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/xauth_eap/Makefile.in b/src/libcharon/plugins/xauth_eap/Makefile.in
index 6992df820..0e88f8e32 100644
--- a/src/libcharon/plugins/xauth_eap/Makefile.in
+++ b/src/libcharon/plugins/xauth_eap/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/xauth_eap
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/xauth_eap/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/xauth_eap/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/xauth_eap/xauth_eap.c b/src/libcharon/plugins/xauth_eap/xauth_eap.c
index f21d02697..9e103be1c 100644
--- a/src/libcharon/plugins/xauth_eap/xauth_eap.c
+++ b/src/libcharon/plugins/xauth_eap/xauth_eap.c
@@ -113,7 +113,7 @@ static bool verify_eap(private_xauth_eap_t *this, eap_method_t *backend)
eap_payload_t *request, *response;
eap_method_t *frontend;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
status_t status;
if (backend->initiate(backend, &request) != NEED_MORE)
diff --git a/src/libcharon/plugins/xauth_generic/Makefile.in b/src/libcharon/plugins/xauth_generic/Makefile.in
index 057a734a3..e20b46f57 100644
--- a/src/libcharon/plugins/xauth_generic/Makefile.in
+++ b/src/libcharon/plugins/xauth_generic/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/xauth_generic
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/xauth_generic/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/xauth_generic/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/xauth_noauth/Makefile.in b/src/libcharon/plugins/xauth_noauth/Makefile.in
index 6b0104e30..b8adbbf43 100644
--- a/src/libcharon/plugins/xauth_noauth/Makefile.in
+++ b/src/libcharon/plugins/xauth_noauth/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/xauth_noauth
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/xauth_noauth/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/xauth_noauth/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/plugins/xauth_pam/Makefile.in b/src/libcharon/plugins/xauth_pam/Makefile.in
index ae6a4d070..79c466689 100644
--- a/src/libcharon/plugins/xauth_pam/Makefile.in
+++ b/src/libcharon/plugins/xauth_pam/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libcharon/plugins/xauth_pam
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/xauth_pam/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/plugins/xauth_pam/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/processing/jobs/acquire_job.c b/src/libcharon/processing/jobs/acquire_job.c
index 207f534ba..cd4a4ca89 100644
--- a/src/libcharon/processing/jobs/acquire_job.c
+++ b/src/libcharon/processing/jobs/acquire_job.c
@@ -32,7 +32,7 @@ struct private_acquire_job_t {
/**
* reqid of the child to rekey
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* acquired source traffic selector
@@ -70,7 +70,7 @@ METHOD(job_t, get_priority, job_priority_t,
/*
* Described in header
*/
-acquire_job_t *acquire_job_create(u_int32_t reqid,
+acquire_job_t *acquire_job_create(uint32_t reqid,
traffic_selector_t *src_ts,
traffic_selector_t *dst_ts)
{
diff --git a/src/libcharon/processing/jobs/acquire_job.h b/src/libcharon/processing/jobs/acquire_job.h
index 2b5bf4805..4d31f0569 100644
--- a/src/libcharon/processing/jobs/acquire_job.h
+++ b/src/libcharon/processing/jobs/acquire_job.h
@@ -47,7 +47,7 @@ struct acquire_job_t {
* @param dst_ts destination traffic selector
* @return acquire_job_t object
*/
-acquire_job_t *acquire_job_create(u_int32_t reqid,
+acquire_job_t *acquire_job_create(uint32_t reqid,
traffic_selector_t *src_ts,
traffic_selector_t *dst_ts);
diff --git a/src/libcharon/processing/jobs/adopt_children_job.c b/src/libcharon/processing/jobs/adopt_children_job.c
index c39689012..ff8e78b6b 100644
--- a/src/libcharon/processing/jobs/adopt_children_job.c
+++ b/src/libcharon/processing/jobs/adopt_children_job.c
@@ -64,7 +64,7 @@ METHOD(job_t, execute, job_requeue_t,
ike_sa_id_t *id;
ike_sa_t *ike_sa;
child_sa_t *child_sa;
- u_int32_t unique;
+ uint32_t unique;
ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, this->id);
if (ike_sa)
diff --git a/src/libcharon/processing/jobs/delete_child_sa_job.c b/src/libcharon/processing/jobs/delete_child_sa_job.c
index 0d85883be..70dbc1b4a 100644
--- a/src/libcharon/processing/jobs/delete_child_sa_job.c
+++ b/src/libcharon/processing/jobs/delete_child_sa_job.c
@@ -38,7 +38,7 @@ struct private_delete_child_sa_job_t {
/**
* inbound SPI of the CHILD_SA
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* SA destination address
@@ -89,7 +89,7 @@ METHOD(job_t, get_priority, job_priority_t,
* Described in header
*/
delete_child_sa_job_t *delete_child_sa_job_create(protocol_id_t protocol,
- u_int32_t spi, host_t *dst, bool expired)
+ uint32_t spi, host_t *dst, bool expired)
{
private_delete_child_sa_job_t *this;
diff --git a/src/libcharon/processing/jobs/delete_child_sa_job.h b/src/libcharon/processing/jobs/delete_child_sa_job.h
index 6fa53644c..349f5debb 100644
--- a/src/libcharon/processing/jobs/delete_child_sa_job.h
+++ b/src/libcharon/processing/jobs/delete_child_sa_job.h
@@ -51,6 +51,6 @@ struct delete_child_sa_job_t {
* @return delete_child_sa_job_t object
*/
delete_child_sa_job_t *delete_child_sa_job_create(protocol_id_t protocol,
- u_int32_t spi, host_t *dst, bool expired);
+ uint32_t spi, host_t *dst, bool expired);
#endif /** DELETE_CHILD_SA_JOB_H_ @}*/
diff --git a/src/libcharon/processing/jobs/inactivity_job.c b/src/libcharon/processing/jobs/inactivity_job.c
index f0f90eedf..bf16e51b5 100644
--- a/src/libcharon/processing/jobs/inactivity_job.c
+++ b/src/libcharon/processing/jobs/inactivity_job.c
@@ -32,12 +32,12 @@ struct private_inactivity_job_t {
/**
* Unique CHILD_SA identifier to check
*/
- u_int32_t id;
+ uint32_t id;
/**
* Inactivity timeout
*/
- u_int32_t timeout;
+ uint32_t timeout;
/**
* Close IKE_SA if last remaining CHILD inactive?
@@ -55,7 +55,7 @@ METHOD(job_t, execute, job_requeue_t,
private_inactivity_job_t *this)
{
ike_sa_t *ike_sa;
- u_int32_t reschedule = 0;
+ uint32_t reschedule = 0;
ike_sa = charon->child_sa_manager->checkout_by_id(charon->child_sa_manager,
this->id, NULL);
@@ -63,7 +63,7 @@ METHOD(job_t, execute, job_requeue_t,
{
enumerator_t *enumerator;
child_sa_t *child_sa;
- u_int32_t delete = 0;
+ uint32_t delete = 0;
protocol_id_t proto = 0;
int children = 0;
status_t status = SUCCESS;
@@ -136,7 +136,7 @@ METHOD(job_t, get_priority, job_priority_t,
/**
* See header
*/
-inactivity_job_t *inactivity_job_create(u_int32_t unique_id, u_int32_t timeout,
+inactivity_job_t *inactivity_job_create(uint32_t unique_id, uint32_t timeout,
bool close_ike)
{
private_inactivity_job_t *this;
diff --git a/src/libcharon/processing/jobs/inactivity_job.h b/src/libcharon/processing/jobs/inactivity_job.h
index ff19fe560..240782fa8 100644
--- a/src/libcharon/processing/jobs/inactivity_job.h
+++ b/src/libcharon/processing/jobs/inactivity_job.h
@@ -47,7 +47,7 @@ struct inactivity_job_t {
* @param close_ike close IKE_SA if the last remaining CHILD_SA is inactive?
* @return inactivity checking job
*/
-inactivity_job_t *inactivity_job_create(u_int32_t unique_id, u_int32_t timeout,
+inactivity_job_t *inactivity_job_create(uint32_t unique_id, uint32_t timeout,
bool close_ike);
#endif /** INACTIVITY_JOB_H_ @}*/
diff --git a/src/libcharon/processing/jobs/migrate_job.c b/src/libcharon/processing/jobs/migrate_job.c
index 097dbdffd..461ba11d1 100644
--- a/src/libcharon/processing/jobs/migrate_job.c
+++ b/src/libcharon/processing/jobs/migrate_job.c
@@ -34,7 +34,7 @@ struct private_migrate_job_t {
/**
* reqid of the CHILD_SA if it already exists
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* source traffic selector
@@ -144,7 +144,7 @@ METHOD(job_t, get_priority, job_priority_t,
/*
* Described in header
*/
-migrate_job_t *migrate_job_create(u_int32_t reqid,
+migrate_job_t *migrate_job_create(uint32_t reqid,
traffic_selector_t *src_ts,
traffic_selector_t *dst_ts,
policy_dir_t dir,
diff --git a/src/libcharon/processing/jobs/migrate_job.h b/src/libcharon/processing/jobs/migrate_job.h
index 0f2b9aaad..140635bed 100644
--- a/src/libcharon/processing/jobs/migrate_job.h
+++ b/src/libcharon/processing/jobs/migrate_job.h
@@ -54,7 +54,7 @@ struct migrate_job_t {
* @param remote remote host address to be used in the IKE_SA
* @return migrate_job_t object
*/
-migrate_job_t *migrate_job_create(u_int32_t reqid,
+migrate_job_t *migrate_job_create(uint32_t reqid,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
policy_dir_t dir, host_t *local, host_t *remote);
diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.c b/src/libcharon/processing/jobs/rekey_child_sa_job.c
index 057876b33..d76f4f65b 100644
--- a/src/libcharon/processing/jobs/rekey_child_sa_job.c
+++ b/src/libcharon/processing/jobs/rekey_child_sa_job.c
@@ -38,7 +38,7 @@ struct private_rekey_child_sa_job_t {
/**
* inbound SPI of the CHILD_SA
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* SA destination address
@@ -86,7 +86,7 @@ METHOD(job_t, get_priority, job_priority_t,
* Described in header
*/
rekey_child_sa_job_t *rekey_child_sa_job_create(protocol_id_t protocol,
- u_int32_t spi, host_t *dst)
+ uint32_t spi, host_t *dst)
{
private_rekey_child_sa_job_t *this;
diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.h b/src/libcharon/processing/jobs/rekey_child_sa_job.h
index 364bb5ae7..1de06fd07 100644
--- a/src/libcharon/processing/jobs/rekey_child_sa_job.h
+++ b/src/libcharon/processing/jobs/rekey_child_sa_job.h
@@ -49,5 +49,5 @@ struct rekey_child_sa_job_t {
* @return rekey_child_sa_job_t object
*/
rekey_child_sa_job_t *rekey_child_sa_job_create(protocol_id_t protocol,
- u_int32_t spi, host_t *dst);
+ uint32_t spi, host_t *dst);
#endif /** REKEY_CHILD_SA_JOB_H_ @}*/
diff --git a/src/libcharon/processing/jobs/rekey_ike_sa_job.c b/src/libcharon/processing/jobs/rekey_ike_sa_job.c
index 403d826a3..148db2f92 100644
--- a/src/libcharon/processing/jobs/rekey_ike_sa_job.c
+++ b/src/libcharon/processing/jobs/rekey_ike_sa_job.c
@@ -49,11 +49,11 @@ METHOD(job_t, destroy, void,
/**
* Check if we should delay a reauth, and by how many seconds
*/
-static u_int32_t get_retry_delay(ike_sa_t *ike_sa)
+static uint32_t get_retry_delay(ike_sa_t *ike_sa)
{
enumerator_t *enumerator;
child_sa_t *child_sa;
- u_int32_t retry = 0;
+ uint32_t retry = 0;
/* avoid reauth collisions for certain IKE_SA/CHILD_SA states */
if (ike_sa->get_state(ike_sa) != IKE_ESTABLISHED)
@@ -87,7 +87,7 @@ METHOD(job_t, execute, job_requeue_t,
{
ike_sa_t *ike_sa;
status_t status = SUCCESS;
- u_int32_t retry = 0;
+ uint32_t retry = 0;
ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
this->ike_sa_id);
diff --git a/src/libcharon/processing/jobs/retransmit_job.c b/src/libcharon/processing/jobs/retransmit_job.c
index 48c326804..4daa41868 100644
--- a/src/libcharon/processing/jobs/retransmit_job.c
+++ b/src/libcharon/processing/jobs/retransmit_job.c
@@ -32,7 +32,7 @@ struct private_retransmit_job_t {
/**
* Message ID of the request to resend.
*/
- u_int32_t message_id;
+ uint32_t message_id;
/**
* ID of the IKE_SA which the message belongs to.
@@ -79,7 +79,7 @@ METHOD(job_t, get_priority, job_priority_t,
/*
* Described in header.
*/
-retransmit_job_t *retransmit_job_create(u_int32_t message_id,ike_sa_id_t *ike_sa_id)
+retransmit_job_t *retransmit_job_create(uint32_t message_id,ike_sa_id_t *ike_sa_id)
{
private_retransmit_job_t *this;
diff --git a/src/libcharon/processing/jobs/retransmit_job.h b/src/libcharon/processing/jobs/retransmit_job.h
index c4545534b..595513cef 100644
--- a/src/libcharon/processing/jobs/retransmit_job.h
+++ b/src/libcharon/processing/jobs/retransmit_job.h
@@ -49,7 +49,7 @@ struct retransmit_job_t {
* @param ike_sa_id identification of the ike_sa as ike_sa_id_t
* @return retransmit_job_t object
*/
-retransmit_job_t *retransmit_job_create(u_int32_t message_id,
+retransmit_job_t *retransmit_job_create(uint32_t message_id,
ike_sa_id_t *ike_sa_id);
#endif /** RETRANSMIT_JOB_H_ @}*/
diff --git a/src/libcharon/processing/jobs/update_sa_job.c b/src/libcharon/processing/jobs/update_sa_job.c
index 862506d90..3360b7dc5 100644
--- a/src/libcharon/processing/jobs/update_sa_job.c
+++ b/src/libcharon/processing/jobs/update_sa_job.c
@@ -41,7 +41,7 @@ struct private_update_sa_job_t {
/**
* SPI of the CHILD_SA
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* Old SA destination address
@@ -92,7 +92,7 @@ METHOD(job_t, get_priority, job_priority_t,
* Described in header
*/
update_sa_job_t *update_sa_job_create(protocol_id_t protocol,
- u_int32_t spi, host_t *dst, host_t *new)
+ uint32_t spi, host_t *dst, host_t *new)
{
private_update_sa_job_t *this;
diff --git a/src/libcharon/processing/jobs/update_sa_job.h b/src/libcharon/processing/jobs/update_sa_job.h
index 9c19f5b6e..ed978dc8b 100644
--- a/src/libcharon/processing/jobs/update_sa_job.h
+++ b/src/libcharon/processing/jobs/update_sa_job.h
@@ -49,6 +49,6 @@ struct update_sa_job_t {
* @return update_sa_job_t object
*/
update_sa_job_t *update_sa_job_create(protocol_id_t protocol,
- u_int32_t spi, host_t *dst, host_t *new);
+ uint32_t spi, host_t *dst, host_t *new);
#endif /** UPDATE_SA_JOB_H_ @}*/
diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c
index 56b7cb5a4..8a405d93c 100644
--- a/src/libcharon/sa/child_sa.c
+++ b/src/libcharon/sa/child_sa.c
@@ -1,9 +1,10 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Coypright (C) 2016 Andreas Steffen
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -63,22 +64,22 @@ struct private_child_sa_t {
/**
* our actually used SPI, 0 if unused
*/
- u_int32_t my_spi;
+ uint32_t my_spi;
/**
* others used SPI, 0 if unused
*/
- u_int32_t other_spi;
+ uint32_t other_spi;
/**
* our Compression Parameter Index (CPI) used, 0 if unused
*/
- u_int16_t my_cpi;
+ uint16_t my_cpi;
/**
* others Compression Parameter Index (CPI) used, 0 if unused
*/
- u_int16_t other_cpi;
+ uint16_t other_cpi;
/**
* Array for local traffic selectors
@@ -98,7 +99,7 @@ struct private_child_sa_t {
/**
* reqid used for this child_sa
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* Did we allocate/confirm and must release the reqid?
@@ -113,7 +114,7 @@ struct private_child_sa_t {
/*
* Unique CHILD_SA identifier
*/
- u_int32_t unique_id;
+ uint32_t unique_id;
/**
* inbound mark used for this child_sa
@@ -198,28 +199,28 @@ struct private_child_sa_t {
/**
* last number of inbound bytes
*/
- u_int64_t my_usebytes;
+ uint64_t my_usebytes;
/**
* last number of outbound bytes
*/
- u_int64_t other_usebytes;
+ uint64_t other_usebytes;
/**
* last number of inbound packets
*/
- u_int64_t my_usepackets;
+ uint64_t my_usepackets;
/**
* last number of outbound bytes
*/
- u_int64_t other_usepackets;
+ uint64_t other_usepackets;
};
/**
* convert an IKEv2 specific protocol identifier to the IP protocol identifier.
*/
-static inline u_int8_t proto_ike2ip(protocol_id_t protocol)
+static inline uint8_t proto_ike2ip(protocol_id_t protocol)
{
switch (protocol)
{
@@ -238,13 +239,13 @@ METHOD(child_sa_t, get_name, char*,
return this->config->get_name(this->config);
}
-METHOD(child_sa_t, get_reqid, u_int32_t,
+METHOD(child_sa_t, get_reqid, uint32_t,
private_child_sa_t *this)
{
return this->reqid;
}
-METHOD(child_sa_t, get_unique_id, u_int32_t,
+METHOD(child_sa_t, get_unique_id, uint32_t,
private_child_sa_t *this)
{
return this->unique_id;
@@ -269,13 +270,13 @@ METHOD(child_sa_t, get_state, child_sa_state_t,
return this->state;
}
-METHOD(child_sa_t, get_spi, u_int32_t,
+METHOD(child_sa_t, get_spi, uint32_t,
private_child_sa_t *this, bool inbound)
{
return inbound ? this->my_spi : this->other_spi;
}
-METHOD(child_sa_t, get_cpi, u_int16_t,
+METHOD(child_sa_t, get_cpi, uint16_t,
private_child_sa_t *this, bool inbound)
{
return inbound ? this->my_cpi : this->other_cpi;
@@ -461,17 +462,24 @@ METHOD(child_sa_t, create_policy_enumerator, enumerator_t*,
static status_t update_usebytes(private_child_sa_t *this, bool inbound)
{
status_t status = FAILED;
- u_int64_t bytes, packets;
+ uint64_t bytes, packets;
time_t time;
if (inbound)
{
if (this->my_spi)
{
- status = charon->kernel->query_sa(charon->kernel, this->other_addr,
- this->my_addr, this->my_spi,
- proto_ike2ip(this->protocol), this->mark_in,
- &bytes, &packets, &time);
+ kernel_ipsec_sa_id_t id = {
+ .src = this->other_addr,
+ .dst = this->my_addr,
+ .spi = this->my_spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = this->mark_in,
+ };
+ kernel_ipsec_query_sa_t query = {};
+
+ status = charon->kernel->query_sa(charon->kernel, &id, &query,
+ &bytes, &packets, &time);
if (status == SUCCESS)
{
if (bytes > this->my_usebytes)
@@ -492,10 +500,17 @@ static status_t update_usebytes(private_child_sa_t *this, bool inbound)
{
if (this->other_spi)
{
- status = charon->kernel->query_sa(charon->kernel, this->my_addr,
- this->other_addr, this->other_spi,
- proto_ike2ip(this->protocol), this->mark_out,
- &bytes, &packets, &time);
+ kernel_ipsec_sa_id_t id = {
+ .src = this->my_addr,
+ .dst = this->other_addr,
+ .spi = this->other_spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = this->mark_out,
+ };
+ kernel_ipsec_query_sa_t query = {};
+
+ status = charon->kernel->query_sa(charon->kernel, &id, &query,
+ &bytes, &packets, &time);
if (status == SUCCESS)
{
if (bytes > this->other_usebytes)
@@ -531,15 +546,24 @@ static bool update_usetime(private_child_sa_t *this, bool inbound)
if (inbound)
{
- if (charon->kernel->query_policy(charon->kernel, other_ts,
- my_ts, POLICY_IN, this->mark_in, &in) == SUCCESS)
+ kernel_ipsec_policy_id_t id = {
+ .dir = POLICY_IN,
+ .src_ts = other_ts,
+ .dst_ts = my_ts,
+ .mark = this->mark_in,
+ };
+ kernel_ipsec_query_policy_t query = {};
+
+ if (charon->kernel->query_policy(charon->kernel, &id, &query,
+ &in) == SUCCESS)
{
last_use = max(last_use, in);
}
if (this->mode != MODE_TRANSPORT)
{
- if (charon->kernel->query_policy(charon->kernel, other_ts,
- my_ts, POLICY_FWD, this->mark_in, &fwd) == SUCCESS)
+ id.dir = POLICY_FWD;
+ if (charon->kernel->query_policy(charon->kernel, &id, &query,
+ &fwd) == SUCCESS)
{
last_use = max(last_use, fwd);
}
@@ -547,8 +571,17 @@ static bool update_usetime(private_child_sa_t *this, bool inbound)
}
else
{
- if (charon->kernel->query_policy(charon->kernel, my_ts,
- other_ts, POLICY_OUT, this->mark_out, &out) == SUCCESS)
+ kernel_ipsec_policy_id_t id = {
+ .dir = POLICY_OUT,
+ .src_ts = my_ts,
+ .dst_ts = other_ts,
+ .mark = this->mark_out,
+ .interface = this->config->get_interface(this->config),
+ };
+ kernel_ipsec_query_policy_t query = {};
+
+ if (charon->kernel->query_policy(charon->kernel, &id, &query,
+ &out) == SUCCESS)
{
last_use = max(last_use, out);
}
@@ -573,7 +606,7 @@ static bool update_usetime(private_child_sa_t *this, bool inbound)
METHOD(child_sa_t, get_usestats, void,
private_child_sa_t *this, bool inbound,
- time_t *time, u_int64_t *bytes, u_int64_t *packets)
+ time_t *time, uint64_t *bytes, uint64_t *packets)
{
if ((!bytes && !packets) || update_usebytes(this, inbound) != FAILED)
{
@@ -625,7 +658,7 @@ METHOD(child_sa_t, get_installtime, time_t,
return this->install_time;
}
-METHOD(child_sa_t, alloc_spi, u_int32_t,
+METHOD(child_sa_t, alloc_spi, uint32_t,
private_child_sa_t *this, protocol_id_t protocol)
{
if (charon->kernel->get_spi(charon->kernel, this->other_addr, this->my_addr,
@@ -639,7 +672,7 @@ METHOD(child_sa_t, alloc_spi, u_int32_t,
return 0;
}
-METHOD(child_sa_t, alloc_cpi, u_int16_t,
+METHOD(child_sa_t, alloc_cpi, uint16_t,
private_child_sa_t *this)
{
if (charon->kernel->get_cpi(charon->kernel, this->other_addr, this->my_addr,
@@ -651,16 +684,18 @@ METHOD(child_sa_t, alloc_cpi, u_int16_t,
}
METHOD(child_sa_t, install, status_t,
- private_child_sa_t *this, chunk_t encr, chunk_t integ, u_int32_t spi,
- u_int16_t cpi, bool initiator, bool inbound, bool tfcv3,
+ private_child_sa_t *this, chunk_t encr, chunk_t integ, uint32_t spi,
+ uint16_t cpi, bool initiator, bool inbound, bool tfcv3,
linked_list_t *my_ts, linked_list_t *other_ts)
{
- u_int16_t enc_alg = ENCR_UNDEFINED, int_alg = AUTH_UNDEFINED, size;
- u_int16_t esn = NO_EXT_SEQ_NUMBERS;
+ uint16_t enc_alg = ENCR_UNDEFINED, int_alg = AUTH_UNDEFINED, size;
+ uint16_t esn = NO_EXT_SEQ_NUMBERS;
linked_list_t *src_ts = NULL, *dst_ts = NULL;
time_t now;
+ kernel_ipsec_sa_id_t id;
+ kernel_ipsec_add_sa_t sa;
lifetime_cfg_t *lifetime;
- u_int32_t tfc = 0;
+ uint32_t tfc = 0;
host_t *src, *dst;
status_t status;
bool update = FALSE;
@@ -716,7 +751,7 @@ METHOD(child_sa_t, install, status_t,
this->reqid_allocated = TRUE;
}
- lifetime = this->config->get_lifetime(this->config);
+ lifetime = this->config->get_lifetime(this->config, TRUE);
now = time_monotonic(NULL);
if (lifetime->time.rekey)
@@ -752,12 +787,36 @@ METHOD(child_sa_t, install, status_t,
dst_ts = other_ts;
}
- status = charon->kernel->add_sa(charon->kernel,
- src, dst, spi, proto_ike2ip(this->protocol), this->reqid,
- inbound ? this->mark_in : this->mark_out, tfc,
- lifetime, enc_alg, encr, int_alg, integ, this->mode,
- this->ipcomp, cpi, this->config->get_replay_window(this->config),
- initiator, this->encap, esn, inbound, update, src_ts, dst_ts);
+ id = (kernel_ipsec_sa_id_t){
+ .src = src,
+ .dst = dst,
+ .spi = spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = inbound ? this->mark_in : this->mark_out,
+ };
+ sa = (kernel_ipsec_add_sa_t){
+ .reqid = this->reqid,
+ .mode = this->mode,
+ .src_ts = src_ts,
+ .dst_ts = dst_ts,
+ .interface = inbound ? NULL : this->config->get_interface(this->config),
+ .lifetime = lifetime,
+ .enc_alg = enc_alg,
+ .enc_key = encr,
+ .int_alg = int_alg,
+ .int_key = integ,
+ .replay_window = this->config->get_replay_window(this->config),
+ .tfc = tfc,
+ .ipcomp = this->ipcomp,
+ .cpi = cpi,
+ .encap = this->encap,
+ .esn = esn,
+ .initiator = initiator,
+ .inbound = inbound,
+ .update = update,
+ };
+
+ status = charon->kernel->add_sa(charon->kernel, &id, &sa);
free(lifetime);
@@ -825,24 +884,62 @@ static void prepare_sa_cfg(private_child_sa_t *this, ipsec_sa_cfg_t *my_sa,
static status_t install_policies_internal(private_child_sa_t *this,
host_t *my_addr, host_t *other_addr, traffic_selector_t *my_ts,
traffic_selector_t *other_ts, ipsec_sa_cfg_t *my_sa,
- ipsec_sa_cfg_t *other_sa, policy_type_t type, policy_priority_t priority)
+ ipsec_sa_cfg_t *other_sa, policy_type_t type,
+ policy_priority_t priority, uint32_t manual_prio)
{
+ kernel_ipsec_policy_id_t out_id = {
+ .dir = POLICY_OUT,
+ .src_ts = my_ts,
+ .dst_ts = other_ts,
+ .mark = this->mark_out,
+ .interface = this->config->get_interface(this->config),
+ }, in_id = {
+ .dir = POLICY_IN,
+ .src_ts = other_ts,
+ .dst_ts = my_ts,
+ .mark = this->mark_in,
+ };
+ kernel_ipsec_manage_policy_t out_policy = {
+ .type = type,
+ .prio = priority,
+ .manual_prio = manual_prio,
+ .src = my_addr,
+ .dst = other_addr,
+ .sa = other_sa,
+ }, in_policy = {
+ .type = type,
+ .prio = priority,
+ .manual_prio = manual_prio,
+ .src = other_addr,
+ .dst = my_addr,
+ .sa = my_sa,
+ };
status_t status = SUCCESS;
- status |= charon->kernel->add_policy(charon->kernel,
- my_addr, other_addr, my_ts, other_ts,
- POLICY_OUT, type, other_sa,
- this->mark_out, priority);
-
- status |= charon->kernel->add_policy(charon->kernel,
- other_addr, my_addr, other_ts, my_ts,
- POLICY_IN, type, my_sa,
- this->mark_in, priority);
+
+ status |= charon->kernel->add_policy(charon->kernel, &out_id, &out_policy);
+ status |= charon->kernel->add_policy(charon->kernel, &in_id, &in_policy);
if (this->mode != MODE_TRANSPORT)
{
- status |= charon->kernel->add_policy(charon->kernel,
- other_addr, my_addr, other_ts, my_ts,
- POLICY_FWD, type, my_sa,
- this->mark_in, priority);
+ in_id.dir = POLICY_FWD;
+ status |= charon->kernel->add_policy(charon->kernel, &in_id, &in_policy);
+
+ /* install an "outbound" FWD policy in case there is a drop policy
+ * matching outbound forwarded traffic, to allow another tunnel to use
+ * the reversed subnets and do the same we don't set a reqid (this also
+ * allows the kernel backend to distinguish between the two types of
+ * FWD policies). To avoid problems with symmetrically overlapping
+ * policies of two SAs we install them with reduced priority. As they
+ * basically act as bypass policies for drop policies we use a higher
+ * priority than is used for them. */
+ out_id.dir = POLICY_FWD;
+ other_sa->reqid = 0;
+ if (priority == POLICY_PRIORITY_DEFAULT)
+ {
+ out_policy.prio = POLICY_PRIORITY_ROUTED;
+ }
+ status |= charon->kernel->add_policy(charon->kernel, &out_id, &out_policy);
+ /* reset the reqid for any other further policies */
+ other_sa->reqid = this->reqid;
}
return status;
}
@@ -853,20 +950,52 @@ static status_t install_policies_internal(private_child_sa_t *this,
static void del_policies_internal(private_child_sa_t *this,
host_t *my_addr, host_t *other_addr, traffic_selector_t *my_ts,
traffic_selector_t *other_ts, ipsec_sa_cfg_t *my_sa,
- ipsec_sa_cfg_t *other_sa, policy_type_t type, policy_priority_t priority)
+ ipsec_sa_cfg_t *other_sa, policy_type_t type,
+ policy_priority_t priority, uint32_t manual_prio)
{
+ kernel_ipsec_policy_id_t out_id = {
+ .dir = POLICY_OUT,
+ .src_ts = my_ts,
+ .dst_ts = other_ts,
+ .mark = this->mark_out,
+ .interface = this->config->get_interface(this->config),
+ }, in_id = {
+ .dir = POLICY_IN,
+ .src_ts = other_ts,
+ .dst_ts = my_ts,
+ .mark = this->mark_in,
+ };
+ kernel_ipsec_manage_policy_t out_policy = {
+ .type = type,
+ .prio = priority,
+ .manual_prio = manual_prio,
+ .src = my_addr,
+ .dst = other_addr,
+ .sa = other_sa,
+ }, in_policy = {
+ .type = type,
+ .prio = priority,
+ .manual_prio = manual_prio,
+ .src = other_addr,
+ .dst = my_addr,
+ .sa = my_sa,
+ };
- charon->kernel->del_policy(charon->kernel,
- my_addr, other_addr, my_ts, other_ts, POLICY_OUT, type,
- other_sa, this->mark_out, priority);
- charon->kernel->del_policy(charon->kernel,
- other_addr, my_addr, other_ts, my_ts, POLICY_IN,
- type, my_sa, this->mark_in, priority);
+ charon->kernel->del_policy(charon->kernel, &out_id, &out_policy);
+ charon->kernel->del_policy(charon->kernel, &in_id, &in_policy);
if (this->mode != MODE_TRANSPORT)
{
- charon->kernel->del_policy(charon->kernel,
- other_addr, my_addr, other_ts, my_ts, POLICY_FWD,
- type, my_sa, this->mark_in, priority);
+ in_id.dir = POLICY_FWD;
+ charon->kernel->del_policy(charon->kernel, &in_id, &in_policy);
+
+ out_id.dir = POLICY_FWD;
+ other_sa->reqid = 0;
+ if (priority == POLICY_PRIORITY_DEFAULT)
+ {
+ out_policy.prio = POLICY_PRIORITY_ROUTED;
+ }
+ charon->kernel->del_policy(charon->kernel, &out_id, &out_policy);
+ other_sa->reqid = this->reqid;
}
}
@@ -912,8 +1041,10 @@ METHOD(child_sa_t, add_policies, status_t,
{
policy_priority_t priority;
ipsec_sa_cfg_t my_sa, other_sa;
+ uint32_t manual_prio;
prepare_sa_cfg(this, &my_sa, &other_sa);
+ manual_prio = this->config->get_manual_prio(this->config);
/* if we're not in state CHILD_INSTALLING (i.e. if there is no SAD
* entry) we install a trap policy */
@@ -927,18 +1058,20 @@ METHOD(child_sa_t, add_policies, status_t,
{
/* install outbound drop policy to avoid packets leaving unencrypted
* when updating policies */
- if (priority == POLICY_PRIORITY_DEFAULT && require_policy_update())
+ if (priority == POLICY_PRIORITY_DEFAULT && manual_prio == 0 &&
+ require_policy_update())
{
status |= install_policies_internal(this, this->my_addr,
this->other_addr, my_ts, other_ts,
&my_sa, &other_sa, POLICY_DROP,
- POLICY_PRIORITY_FALLBACK);
+ POLICY_PRIORITY_FALLBACK, 0);
}
/* install policies */
status |= install_policies_internal(this, this->my_addr,
this->other_addr, my_ts, other_ts,
- &my_sa, &other_sa, POLICY_IPSEC, priority);
+ &my_sa, &other_sa, POLICY_IPSEC,
+ priority, manual_prio);
if (status != SUCCESS)
{
@@ -994,11 +1127,22 @@ METHOD(child_sa_t, update, status_t,
/* update our (initiator) SA */
if (this->my_spi)
{
- if (charon->kernel->update_sa(charon->kernel,
- this->my_spi, proto_ike2ip(this->protocol),
- this->ipcomp != IPCOMP_NONE ? this->my_cpi : 0,
- this->other_addr, this->my_addr, other, me,
- this->encap, encap, this->mark_in) == NOT_SUPPORTED)
+ kernel_ipsec_sa_id_t id = {
+ .src = this->other_addr,
+ .dst = this->my_addr,
+ .spi = this->my_spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = this->mark_in,
+ };
+ kernel_ipsec_update_sa_t sa = {
+ .cpi = this->ipcomp != IPCOMP_NONE ? this->my_cpi : 0,
+ .new_src = other,
+ .new_dst = me,
+ .encap = this->encap,
+ .new_encap = encap,
+ };
+ if (charon->kernel->update_sa(charon->kernel, &id,
+ &sa) == NOT_SUPPORTED)
{
set_state(this, old);
return NOT_SUPPORTED;
@@ -1008,11 +1152,22 @@ METHOD(child_sa_t, update, status_t,
/* update his (responder) SA */
if (this->other_spi)
{
- if (charon->kernel->update_sa(charon->kernel,
- this->other_spi, proto_ike2ip(this->protocol),
- this->ipcomp != IPCOMP_NONE ? this->other_cpi : 0,
- this->my_addr, this->other_addr, me, other,
- this->encap, encap, this->mark_out) == NOT_SUPPORTED)
+ kernel_ipsec_sa_id_t id = {
+ .src = this->my_addr,
+ .dst = this->other_addr,
+ .spi = this->other_spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = this->mark_out,
+ };
+ kernel_ipsec_update_sa_t sa = {
+ .cpi = this->ipcomp != IPCOMP_NONE ? this->other_cpi : 0,
+ .new_src = me,
+ .new_dst = other,
+ .encap = this->encap,
+ .new_encap = encap,
+ };
+ if (charon->kernel->update_sa(charon->kernel, &id,
+ &sa) == NOT_SUPPORTED)
{
set_state(this, old);
return NOT_SUPPORTED;
@@ -1028,18 +1183,21 @@ METHOD(child_sa_t, update, status_t,
ipsec_sa_cfg_t my_sa, other_sa;
enumerator_t *enumerator;
traffic_selector_t *my_ts, *other_ts;
+ uint32_t manual_prio;
prepare_sa_cfg(this, &my_sa, &other_sa);
+ manual_prio = this->config->get_manual_prio(this->config);
/* always use high priorities, as hosts getting updated are INSTALLED */
enumerator = create_policy_enumerator(this);
while (enumerator->enumerate(enumerator, &my_ts, &other_ts))
{
traffic_selector_t *old_my_ts = NULL, *old_other_ts = NULL;
+
/* remove old policies first */
del_policies_internal(this, this->my_addr, this->other_addr,
- my_ts, other_ts, &my_sa, &other_sa,
- POLICY_IPSEC, POLICY_PRIORITY_DEFAULT);
+ my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC,
+ POLICY_PRIORITY_DEFAULT, manual_prio);
/* check if we have to update a "dynamic" traffic selector */
if (!me->ip_equals(me, this->my_addr) &&
@@ -1062,17 +1220,20 @@ METHOD(child_sa_t, update, status_t,
/* reinstall updated policies */
install_policies_internal(this, me, other, my_ts, other_ts,
&my_sa, &other_sa, POLICY_IPSEC,
- POLICY_PRIORITY_DEFAULT);
+ POLICY_PRIORITY_DEFAULT, manual_prio);
/* update fallback policies after the new policy is in place */
- del_policies_internal(this, this->my_addr, this->other_addr,
- old_my_ts ?: my_ts,
- old_other_ts ?: other_ts,
- &my_sa, &other_sa, POLICY_DROP,
- POLICY_PRIORITY_FALLBACK);
- install_policies_internal(this, me, other, my_ts, other_ts,
+ if (manual_prio == 0)
+ {
+ del_policies_internal(this, this->my_addr, this->other_addr,
+ old_my_ts ?: my_ts,
+ old_other_ts ?: other_ts,
+ &my_sa, &other_sa, POLICY_DROP,
+ POLICY_PRIORITY_FALLBACK, 0);
+ install_policies_internal(this, me, other, my_ts, other_ts,
&my_sa, &other_sa, POLICY_DROP,
- POLICY_PRIORITY_FALLBACK);
+ POLICY_PRIORITY_FALLBACK, 0);
+ }
DESTROY_IF(old_my_ts);
DESTROY_IF(old_other_ts);
}
@@ -1115,20 +1276,24 @@ METHOD(child_sa_t, destroy, void,
if (this->config->install_policy(this->config))
{
ipsec_sa_cfg_t my_sa, other_sa;
+ uint32_t manual_prio;
prepare_sa_cfg(this, &my_sa, &other_sa);
+ manual_prio = this->config->get_manual_prio(this->config);
/* delete all policies in the kernel */
enumerator = create_policy_enumerator(this);
while (enumerator->enumerate(enumerator, &my_ts, &other_ts))
{
del_policies_internal(this, this->my_addr, this->other_addr,
- my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, priority);
- if (priority == POLICY_PRIORITY_DEFAULT && require_policy_update())
+ my_ts, other_ts, &my_sa, &other_sa,
+ POLICY_IPSEC, priority, manual_prio);
+ if (priority == POLICY_PRIORITY_DEFAULT && manual_prio == 0 &&
+ require_policy_update())
{
del_policies_internal(this, this->my_addr, this->other_addr,
- my_ts, other_ts, &my_sa, &other_sa, POLICY_DROP,
- POLICY_PRIORITY_FALLBACK);
+ my_ts, other_ts, &my_sa, &other_sa,
+ POLICY_DROP, POLICY_PRIORITY_FALLBACK, 0);
}
}
enumerator->destroy(enumerator);
@@ -1137,17 +1302,31 @@ METHOD(child_sa_t, destroy, void,
/* delete SAs in the kernel, if they are set up */
if (this->my_spi)
{
- charon->kernel->del_sa(charon->kernel,
- this->other_addr, this->my_addr, this->my_spi,
- proto_ike2ip(this->protocol), this->my_cpi,
- this->mark_in);
+ kernel_ipsec_sa_id_t id = {
+ .src = this->other_addr,
+ .dst = this->my_addr,
+ .spi = this->my_spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = this->mark_in,
+ };
+ kernel_ipsec_del_sa_t sa = {
+ .cpi = this->my_cpi,
+ };
+ charon->kernel->del_sa(charon->kernel, &id, &sa);
}
if (this->other_spi)
{
- charon->kernel->del_sa(charon->kernel,
- this->my_addr, this->other_addr, this->other_spi,
- proto_ike2ip(this->protocol), this->other_cpi,
- this->mark_out);
+ kernel_ipsec_sa_id_t id = {
+ .src = this->my_addr,
+ .dst = this->other_addr,
+ .spi = this->other_spi,
+ .proto = proto_ike2ip(this->protocol),
+ .mark = this->mark_out,
+ };
+ kernel_ipsec_del_sa_t sa = {
+ .cpi = this->other_cpi,
+ };
+ charon->kernel->del_sa(charon->kernel, &id, &sa);
}
if (this->reqid_allocated)
@@ -1174,7 +1353,7 @@ METHOD(child_sa_t, destroy, void,
static host_t* get_proxy_addr(child_cfg_t *config, host_t *ike, bool local)
{
host_t *host = NULL;
- u_int8_t mask;
+ uint8_t mask;
enumerator_t *enumerator;
linked_list_t *ts_list, *list;
traffic_selector_t *ts;
@@ -1207,11 +1386,12 @@ static host_t* get_proxy_addr(child_cfg_t *config, host_t *ike, bool local)
* Described in header.
*/
child_sa_t * child_sa_create(host_t *me, host_t* other,
- child_cfg_t *config, u_int32_t rekey, bool encap,
+ child_cfg_t *config, uint32_t rekey, bool encap,
u_int mark_in, u_int mark_out)
{
private_child_sa_t *this;
- static refcount_t unique_id = 0, unique_mark = 0, mark;
+ static refcount_t unique_id = 0, unique_mark = 0;
+ refcount_t mark;
INIT(this,
.public = {
diff --git a/src/libcharon/sa/child_sa.h b/src/libcharon/sa/child_sa.h
index debe8eb2c..bc7df996a 100644
--- a/src/libcharon/sa/child_sa.h
+++ b/src/libcharon/sa/child_sa.h
@@ -128,7 +128,7 @@ struct child_sa_t {
*
* @return reqid of the CHILD SA
*/
- u_int32_t (*get_reqid)(child_sa_t *this);
+ uint32_t (*get_reqid)(child_sa_t *this);
/**
* Get the unique numerical identifier for this CHILD_SA.
@@ -138,7 +138,7 @@ struct child_sa_t {
*
* @return unique CHILD_SA identifier
*/
- u_int32_t (*get_unique_id)(child_sa_t *this);
+ uint32_t (*get_unique_id)(child_sa_t *this);
/**
* Get the config used to set up this child sa.
@@ -171,7 +171,7 @@ struct child_sa_t {
* @param inbound TRUE to get inbound SPI, FALSE for outbound.
* @return SPI of the CHILD SA
*/
- u_int32_t (*get_spi) (child_sa_t *this, bool inbound);
+ uint32_t (*get_spi) (child_sa_t *this, bool inbound);
/**
* Get the CPI of this CHILD_SA.
@@ -183,7 +183,7 @@ struct child_sa_t {
* @param inbound TRUE to get inbound CPI, FALSE for outbound.
* @return CPI of the CHILD SA
*/
- u_int16_t (*get_cpi) (child_sa_t *this, bool inbound);
+ uint16_t (*get_cpi) (child_sa_t *this, bool inbound);
/**
* Get the protocol which this CHILD_SA uses to protect traffic.
@@ -300,7 +300,7 @@ struct child_sa_t {
* @param[out] packets number of processed packets (NULL to ignore)
*/
void (*get_usestats)(child_sa_t *this, bool inbound, time_t *time,
- u_int64_t *bytes, u_int64_t *packets);
+ uint64_t *bytes, uint64_t *packets);
/**
* Get the mark used with this CHILD_SA.
@@ -335,14 +335,14 @@ struct child_sa_t {
* @param spi SPI output pointer
* @return SPI, 0 on failure
*/
- u_int32_t (*alloc_spi)(child_sa_t *this, protocol_id_t protocol);
+ uint32_t (*alloc_spi)(child_sa_t *this, protocol_id_t protocol);
/**
* Allocate a CPI to use for IPComp.
*
* @return CPI, 0 on failure
*/
- u_int16_t (*alloc_cpi)(child_sa_t *this);
+ uint16_t (*alloc_cpi)(child_sa_t *this);
/**
* Install an IPsec SA for one direction.
@@ -359,7 +359,7 @@ struct child_sa_t {
* @return SUCCESS or FAILED
*/
status_t (*install)(child_sa_t *this, chunk_t encr, chunk_t integ,
- u_int32_t spi, u_int16_t cpi,
+ uint32_t spi, uint16_t cpi,
bool initiator, bool inbound, bool tfcv3,
linked_list_t *my_ts, linked_list_t *other_ts);
/**
@@ -404,7 +404,7 @@ struct child_sa_t {
* @return child_sa_t object
*/
child_sa_t * child_sa_create(host_t *me, host_t *other, child_cfg_t *config,
- u_int32_t reqid, bool encap,
+ uint32_t reqid, bool encap,
u_int mark_in, u_int mark_out);
#endif /** CHILD_SA_H_ @}*/
diff --git a/src/libcharon/sa/child_sa_manager.c b/src/libcharon/sa/child_sa_manager.c
index 071a119da..13f22cf5f 100644
--- a/src/libcharon/sa/child_sa_manager.c
+++ b/src/libcharon/sa/child_sa_manager.c
@@ -59,11 +59,11 @@ typedef struct {
/** the associated IKE_SA */
ike_sa_id_t *ike_id;
/** unique CHILD_SA identifier */
- u_int32_t unique_id;
+ uint32_t unique_id;
/** inbound SPI */
- u_int32_t spi_in;
+ uint32_t spi_in;
/** outbound SPI */
- u_int32_t spi_out;
+ uint32_t spi_out;
/** inbound host address */
host_t *host_in;
/** outbound host address and port */
@@ -202,7 +202,7 @@ METHOD(child_sa_manager_t, remove_, void,
* Check out an IKE_SA for a given CHILD_SA
*/
static ike_sa_t *checkout_ikesa(private_child_sa_manager_t *this,
- ike_sa_id_t *id, u_int32_t unique_id, child_sa_t **child_sa)
+ ike_sa_id_t *id, uint32_t unique_id, child_sa_t **child_sa)
{
enumerator_t *enumerator;
child_sa_t *current;
@@ -238,7 +238,7 @@ static ike_sa_t *checkout_ikesa(private_child_sa_manager_t *this,
}
METHOD(child_sa_manager_t, checkout_by_id, ike_sa_t*,
- private_child_sa_manager_t *this, u_int32_t unique_id,
+ private_child_sa_manager_t *this, uint32_t unique_id,
child_sa_t **child_sa)
{
ike_sa_id_t *id;
@@ -262,11 +262,11 @@ METHOD(child_sa_manager_t, checkout_by_id, ike_sa_t*,
}
METHOD(child_sa_manager_t, checkout, ike_sa_t*,
- private_child_sa_manager_t *this, protocol_id_t protocol, u_int32_t spi,
+ private_child_sa_manager_t *this, protocol_id_t protocol, uint32_t spi,
host_t *dst, child_sa_t **child_sa)
{
ike_sa_id_t *id;
- u_int32_t unique_id;
+ uint32_t unique_id;
child_entry_t *entry, key = {
.spi_in = spi,
.spi_out = spi,
diff --git a/src/libcharon/sa/child_sa_manager.h b/src/libcharon/sa/child_sa_manager.h
index 4d57528e8..f1d6ad9e0 100644
--- a/src/libcharon/sa/child_sa_manager.h
+++ b/src/libcharon/sa/child_sa_manager.h
@@ -59,7 +59,7 @@ struct child_sa_manager_t {
* @return IKE_SA, NULL if not found
*/
ike_sa_t *(*checkout)(child_sa_manager_t *this,
- protocol_id_t protocol, u_int32_t spi, host_t *dst,
+ protocol_id_t protocol, uint32_t spi, host_t *dst,
child_sa_t **child_sa);
/**
@@ -72,7 +72,7 @@ struct child_sa_manager_t {
* @param child_sa returns CHILD_SA managed by IKE_SA
* @return IKE_SA, NULL if not found
*/
- ike_sa_t *(*checkout_by_id)(child_sa_manager_t *this, u_int32_t unique_id,
+ ike_sa_t *(*checkout_by_id)(child_sa_manager_t *this, uint32_t unique_id,
child_sa_t **child_sa);
/**
diff --git a/src/libcharon/sa/eap/eap_manager.c b/src/libcharon/sa/eap/eap_manager.c
index 1886307e9..e4fcbc8f0 100644
--- a/src/libcharon/sa/eap/eap_manager.c
+++ b/src/libcharon/sa/eap/eap_manager.c
@@ -35,7 +35,7 @@ struct eap_entry_t {
/**
* vendor ID, 0 for default EAP methods
*/
- u_int32_t vendor;
+ uint32_t vendor;
/**
* Role of the method returned by the constructor, EAP_SERVER or EAP_PEER
@@ -70,7 +70,7 @@ struct private_eap_manager_t {
};
METHOD(eap_manager_t, add_method, void,
- private_eap_manager_t *this, eap_type_t type, u_int32_t vendor,
+ private_eap_manager_t *this, eap_type_t type, uint32_t vendor,
eap_role_t role, eap_constructor_t constructor)
{
eap_entry_t *entry = malloc_thing(eap_entry_t);
@@ -109,7 +109,7 @@ METHOD(eap_manager_t, remove_method, void,
* filter the registered methods
*/
static bool filter_methods(uintptr_t role, eap_entry_t **entry,
- eap_type_t *type, void *in, u_int32_t *vendor)
+ eap_type_t *type, void *in, uint32_t *vendor)
{
if ((*entry)->role != (eap_role_t)role)
{
@@ -144,7 +144,7 @@ METHOD(eap_manager_t, create_enumerator, enumerator_t*,
}
METHOD(eap_manager_t, create_instance, eap_method_t*,
- private_eap_manager_t *this, eap_type_t type, u_int32_t vendor,
+ private_eap_manager_t *this, eap_type_t type, uint32_t vendor,
eap_role_t role, identification_t *server, identification_t *peer)
{
enumerator_t *enumerator;
diff --git a/src/libcharon/sa/eap/eap_manager.h b/src/libcharon/sa/eap/eap_manager.h
index e318ef57a..4ed1cae20 100644
--- a/src/libcharon/sa/eap/eap_manager.h
+++ b/src/libcharon/sa/eap/eap_manager.h
@@ -44,7 +44,7 @@ struct eap_manager_t {
* @param role EAP role of the registered method
* @param constructor constructor function, returns an eap_method_t
*/
- void (*add_method)(eap_manager_t *this, eap_type_t type, u_int32_t vendor,
+ void (*add_method)(eap_manager_t *this, eap_type_t type, uint32_t vendor,
eap_role_t role, eap_constructor_t constructor);
/**
@@ -61,7 +61,7 @@ struct eap_manager_t {
* even though it is registered as method with this manager).
*
* @param role EAP role of methods to enumerate
- * @return enumerator over (eap_type_t type, u_int32_t vendor)
+ * @return enumerator over (eap_type_t type, uint32_t vendor)
*/
enumerator_t* (*create_enumerator)(eap_manager_t *this, eap_role_t role);
@@ -76,7 +76,7 @@ struct eap_manager_t {
* @return EAP method instance, NULL if no constructor found
*/
eap_method_t* (*create_instance)(eap_manager_t *this, eap_type_t type,
- u_int32_t vendor, eap_role_t role,
+ uint32_t vendor, eap_role_t role,
identification_t *server,
identification_t *peer);
diff --git a/src/libcharon/sa/eap/eap_method.h b/src/libcharon/sa/eap/eap_method.h
index 689c0f990..8e25f7df8 100644
--- a/src/libcharon/sa/eap/eap_method.h
+++ b/src/libcharon/sa/eap/eap_method.h
@@ -96,7 +96,7 @@ struct eap_method_t {
* @param vendor pointer receiving vendor identifier for type, 0 for none
* @return type of the EAP method
*/
- eap_type_t (*get_type) (eap_method_t *this, u_int32_t *vendor);
+ eap_type_t (*get_type) (eap_method_t *this, uint32_t *vendor);
/**
* Check if this EAP method authenticates the server.
@@ -126,7 +126,7 @@ struct eap_method_t {
*
* @return current EAP identifier
*/
- u_int8_t (*get_identifier) (eap_method_t *this);
+ uint8_t (*get_identifier) (eap_method_t *this);
/**
* Set the EAP identifier to a deterministic value, overwriting
@@ -134,7 +134,7 @@ struct eap_method_t {
*
* @param identifier current EAP identifier
*/
- void (*set_identifier) (eap_method_t *this, u_int8_t identifier);
+ void (*set_identifier) (eap_method_t *this, uint8_t identifier);
/**
* Get authentication details performed by this EAP method.
diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index bcbff3211..009277ddd 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -1,9 +1,9 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -71,6 +71,7 @@ ENUM(ike_sa_state_names, IKE_CREATED, IKE_DESTROYING,
"ESTABLISHED",
"PASSIVE",
"REKEYING",
+ "REKEYED",
"DELETING",
"DESTROYING",
);
@@ -101,7 +102,7 @@ struct private_ike_sa_t {
/**
* unique numerical ID for this IKE_SA.
*/
- u_int32_t unique_id;
+ uint32_t unique_id;
/**
* Current state of the IKE_SA
@@ -233,12 +234,12 @@ struct private_ike_sa_t {
/**
* number pending UPDATE_SA_ADDRESS (MOBIKE)
*/
- u_int32_t pending_updates;
+ uint32_t pending_updates;
/**
* NAT keep alive interval
*/
- u_int32_t keepalive_interval;
+ uint32_t keepalive_interval;
/**
* The schedueld keep alive job, if any
@@ -249,7 +250,7 @@ struct private_ike_sa_t {
* interval for retries during initiation (e.g. if DNS resolution failed),
* 0 to disable (default)
*/
- u_int32_t retry_initiate_interval;
+ uint32_t retry_initiate_interval;
/**
* TRUE if a retry_initiate_job has been queued
@@ -259,12 +260,12 @@ struct private_ike_sa_t {
/**
* Timestamps for this IKE_SA
*/
- u_int32_t stats[STAT_MAX];
+ uint32_t stats[STAT_MAX];
/**
* how many times we have retried so far (keyingtries)
*/
- u_int32_t keyingtry;
+ uint32_t keyingtry;
/**
* local host address to be used for IKE, set via MIGRATE kernel message
@@ -343,7 +344,7 @@ static time_t get_use_time(private_ike_sa_t* this, bool inbound)
return use_time;
}
-METHOD(ike_sa_t, get_unique_id, u_int32_t,
+METHOD(ike_sa_t, get_unique_id, uint32_t,
private_ike_sa_t *this)
{
return this->unique_id;
@@ -359,7 +360,7 @@ METHOD(ike_sa_t, get_name, char*,
return "(unnamed)";
}
-METHOD(ike_sa_t, get_statistic, u_int32_t,
+METHOD(ike_sa_t, get_statistic, uint32_t,
private_ike_sa_t *this, statistic_t kind)
{
if (kind < STAT_MAX)
@@ -370,7 +371,7 @@ METHOD(ike_sa_t, get_statistic, u_int32_t,
}
METHOD(ike_sa_t, set_statistic, void,
- private_ike_sa_t *this, statistic_t kind, u_int32_t value)
+ private_ike_sa_t *this, statistic_t kind, uint32_t value)
{
if (kind < STAT_MAX)
{
@@ -604,7 +605,7 @@ METHOD(ike_sa_t, set_proposal, void,
}
METHOD(ike_sa_t, set_message_id, void,
- private_ike_sa_t *this, bool initiate, u_int32_t mid)
+ private_ike_sa_t *this, bool initiate, uint32_t mid)
{
if (initiate)
{
@@ -814,7 +815,7 @@ METHOD(ike_sa_t, set_state, void,
this->state == IKE_PASSIVE)
{
job_t *job;
- u_int32_t t;
+ uint32_t t;
/* calculate rekey, reauth and lifetime */
this->stats[STAT_ESTABLISHED] = time_monotonic(NULL);
@@ -1035,12 +1036,12 @@ METHOD(ike_sa_t, has_mapping_changed, bool,
}
METHOD(ike_sa_t, set_pending_updates, void,
- private_ike_sa_t *this, u_int32_t updates)
+ private_ike_sa_t *this, uint32_t updates)
{
this->pending_updates = updates;
}
-METHOD(ike_sa_t, get_pending_updates, u_int32_t,
+METHOD(ike_sa_t, get_pending_updates, uint32_t,
private_ike_sa_t *this)
{
return this->pending_updates;
@@ -1203,6 +1204,7 @@ METHOD(ike_sa_t, generate_message_fragmented, status_t,
packet_t *packet;
status_t status;
bool use_frags = FALSE;
+ bool pre_generated = FALSE;
if (this->ike_cfg)
{
@@ -1237,14 +1239,21 @@ METHOD(ike_sa_t, generate_message_fragmented, status_t,
return SUCCESS;
}
+ pre_generated = message->is_encoded(message);
this->stats[STAT_OUTBOUND] = time_monotonic(NULL);
message->set_ike_sa_id(message, this->ike_sa_id);
- charon->bus->message(charon->bus, message, FALSE, TRUE);
+ if (!pre_generated)
+ {
+ charon->bus->message(charon->bus, message, FALSE, TRUE);
+ }
status = message->fragment(message, this->keymat, this->fragment_size,
&fragments);
if (status == SUCCESS)
{
- charon->bus->message(charon->bus, message, FALSE, FALSE);
+ if (!pre_generated)
+ {
+ charon->bus->message(charon->bus, message, FALSE, FALSE);
+ }
*packets = enumerator_create_filter(fragments, (void*)filter_fragments,
this, NULL);
}
@@ -1432,7 +1441,7 @@ static void resolve_hosts(private_ike_sa_t *this)
}
METHOD(ike_sa_t, initiate, status_t,
- private_ike_sa_t *this, child_cfg_t *child_cfg, u_int32_t reqid,
+ private_ike_sa_t *this, child_cfg_t *child_cfg, uint32_t reqid,
traffic_selector_t *tsi, traffic_selector_t *tsr)
{
bool defer_initiate = FALSE;
@@ -1642,7 +1651,7 @@ METHOD(ike_sa_t, add_child_sa, void,
}
METHOD(ike_sa_t, get_child_sa, child_sa_t*,
- private_ike_sa_t *this, protocol_id_t protocol, u_int32_t spi, bool inbound)
+ private_ike_sa_t *this, protocol_id_t protocol, uint32_t spi, bool inbound)
{
enumerator_t *enumerator;
child_sa_t *current, *found = NULL;
@@ -1721,7 +1730,7 @@ METHOD(ike_sa_t, remove_child_sa, void,
}
METHOD(ike_sa_t, rekey_child_sa, status_t,
- private_ike_sa_t *this, protocol_id_t protocol, u_int32_t spi)
+ private_ike_sa_t *this, protocol_id_t protocol, uint32_t spi)
{
if (this->state == IKE_PASSIVE)
{
@@ -1732,7 +1741,7 @@ METHOD(ike_sa_t, rekey_child_sa, status_t,
}
METHOD(ike_sa_t, delete_child_sa, status_t,
- private_ike_sa_t *this, protocol_id_t protocol, u_int32_t spi, bool expired)
+ private_ike_sa_t *this, protocol_id_t protocol, uint32_t spi, bool expired)
{
if (this->state == IKE_PASSIVE)
{
@@ -1744,7 +1753,7 @@ METHOD(ike_sa_t, delete_child_sa, status_t,
}
METHOD(ike_sa_t, destroy_child_sa, status_t,
- private_ike_sa_t *this, protocol_id_t protocol, u_int32_t spi)
+ private_ike_sa_t *this, protocol_id_t protocol, uint32_t spi)
{
enumerator_t *enumerator;
child_sa_t *child_sa;
@@ -2301,7 +2310,7 @@ METHOD(ike_sa_t, redirect, status_t,
}
METHOD(ike_sa_t, retransmit, status_t,
- private_ike_sa_t *this, u_int32_t message_id)
+ private_ike_sa_t *this, uint32_t message_id)
{
if (this->state == IKE_PASSIVE)
{
@@ -2316,7 +2325,7 @@ METHOD(ike_sa_t, retransmit, status_t,
case IKE_CONNECTING:
{
/* retry IKE_SA_INIT/Main Mode if we have multiple keyingtries */
- u_int32_t tries = this->peer_cfg->get_keyingtries(this->peer_cfg);
+ uint32_t tries = this->peer_cfg->get_keyingtries(this->peer_cfg);
charon->bus->alert(charon->bus, ALERT_PEER_INIT_UNREACHABLE,
this->keyingtry);
this->keyingtry++;
@@ -2348,7 +2357,8 @@ METHOD(ike_sa_t, retransmit, status_t,
reestablish(this);
break;
}
- if (this->state != IKE_CONNECTING)
+ if (this->state != IKE_CONNECTING &&
+ this->state != IKE_REKEYED)
{
charon->bus->ike_updown(charon->bus, &this->public, FALSE);
}
@@ -2358,9 +2368,9 @@ METHOD(ike_sa_t, retransmit, status_t,
}
METHOD(ike_sa_t, set_auth_lifetime, status_t,
- private_ike_sa_t *this, u_int32_t lifetime)
+ private_ike_sa_t *this, uint32_t lifetime)
{
- u_int32_t diff, hard, soft, now;
+ uint32_t diff, hard, soft, now;
bool send_update;
diff = this->peer_cfg->get_over_time(this->peer_cfg);
@@ -2500,6 +2510,7 @@ METHOD(ike_sa_t, roam, status_t,
case IKE_DELETING:
case IKE_DESTROYING:
case IKE_PASSIVE:
+ case IKE_REKEYED:
return SUCCESS;
default:
break;
@@ -2609,6 +2620,12 @@ METHOD(ike_sa_t, queue_task, void,
this->task_manager->queue_task(this->task_manager, task);
}
+METHOD(ike_sa_t, queue_task_delayed, void,
+ private_ike_sa_t *this, task_t *task, uint32_t delay)
+{
+ this->task_manager->queue_task_delayed(this->task_manager, task, delay);
+}
+
METHOD(ike_sa_t, inherit_pre, void,
private_ike_sa_t *this, ike_sa_t *other_public)
{
@@ -2927,6 +2944,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, bool initiator,
.create_task_enumerator = _create_task_enumerator,
.flush_queue = _flush_queue,
.queue_task = _queue_task,
+ .queue_task_delayed = _queue_task_delayed,
#ifdef ME
.act_as_mediation_server = _act_as_mediation_server,
.get_server_reflexive_host = _get_server_reflexive_host,
diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h
index 836360e3c..6f5040d7c 100644
--- a/src/libcharon/sa/ike_sa.h
+++ b/src/libcharon/sa/ike_sa.h
@@ -1,9 +1,9 @@
/*
- * Copyright (C) 2006-2015 Tobias Brunner
+ * Copyright (C) 2006-2016 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -58,12 +58,12 @@ typedef struct ike_sa_t ike_sa_t;
/**
* After which time rekeying should be retried if it failed, in seconds.
*/
-#define RETRY_INTERVAL 30
+#define RETRY_INTERVAL 15
/**
* Jitter to subtract from RETRY_INTERVAL to randomize rekey retry.
*/
-#define RETRY_JITTER 20
+#define RETRY_JITTER 10
/**
* Number of redirects allowed within REDIRECT_LOOP_DETECT_PERIOD.
@@ -309,6 +309,11 @@ enum ike_sa_state_t {
IKE_REKEYING,
/**
+ * IKE_SA has been rekeyed (or is redundant)
+ */
+ IKE_REKEYED,
+
+ /**
* IKE_SA is in progress of deletion
*/
IKE_DELETING,
@@ -353,7 +358,7 @@ struct ike_sa_t {
*
* @return unique ID
*/
- u_int32_t (*get_unique_id) (ike_sa_t *this);
+ uint32_t (*get_unique_id) (ike_sa_t *this);
/**
* Get the state of the IKE_SA.
@@ -382,7 +387,7 @@ struct ike_sa_t {
* @param kind kind of requested value
* @return value as integer
*/
- u_int32_t (*get_statistic)(ike_sa_t *this, statistic_t kind);
+ uint32_t (*get_statistic)(ike_sa_t *this, statistic_t kind);
/**
* Set statistic value of the IKE_SA.
@@ -390,7 +395,7 @@ struct ike_sa_t {
* @param kind kind of value to update
* @param value value as integer
*/
- void (*set_statistic)(ike_sa_t *this, statistic_t kind, u_int32_t value);
+ void (*set_statistic)(ike_sa_t *this, statistic_t kind, uint32_t value);
/**
* Get the own host address.
@@ -557,7 +562,7 @@ struct ike_sa_t {
* @param initiate TRUE to set message ID for initiating
* @param mid message id to set
*/
- void (*set_message_id)(ike_sa_t *this, bool initiate, u_int32_t mid);
+ void (*set_message_id)(ike_sa_t *this, bool initiate, uint32_t mid);
/**
* Add an additional address for the peer.
@@ -630,14 +635,14 @@ struct ike_sa_t {
*
* @return number of pending updates
*/
- u_int32_t (*get_pending_updates)(ike_sa_t *this);
+ uint32_t (*get_pending_updates)(ike_sa_t *this);
/**
* Set the number of queued MOBIKE address updates.
*
* @param updates number of pending updates
*/
- void (*set_pending_updates)(ike_sa_t *this, u_int32_t updates);
+ void (*set_pending_updates)(ike_sa_t *this, uint32_t updates);
#ifdef ME
/**
@@ -752,7 +757,7 @@ struct ike_sa_t {
* - DESTROY_ME if initialization failed
*/
status_t (*initiate) (ike_sa_t *this, child_cfg_t *child_cfg,
- u_int32_t reqid, traffic_selector_t *tsi,
+ uint32_t reqid, traffic_selector_t *tsi,
traffic_selector_t *tsr);
/**
@@ -850,7 +855,7 @@ struct ike_sa_t {
* - SUCCESS
* - NOT_FOUND if request doesn't have to be retransmited
*/
- status_t (*retransmit) (ike_sa_t *this, u_int32_t message_id);
+ status_t (*retransmit) (ike_sa_t *this, uint32_t message_id);
/**
* Sends a DPD request to the peer.
@@ -924,7 +929,7 @@ struct ike_sa_t {
* @return child_sa, or NULL if none found
*/
child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol,
- u_int32_t spi, bool inbound);
+ uint32_t spi, bool inbound);
/**
* Get the number of CHILD_SAs.
@@ -958,7 +963,7 @@ struct ike_sa_t {
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS, if rekeying initiated
*/
- status_t (*rekey_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
+ status_t (*rekey_child_sa) (ike_sa_t *this, protocol_id_t protocol, uint32_t spi);
/**
* Close the CHILD SA with the specified protocol/SPI.
@@ -975,7 +980,7 @@ struct ike_sa_t {
* - SUCCESS, if delete message sent
*/
status_t (*delete_child_sa)(ike_sa_t *this, protocol_id_t protocol,
- u_int32_t spi, bool expired);
+ uint32_t spi, bool expired);
/**
* Destroy a CHILD SA with the specified protocol/SPI.
@@ -988,7 +993,7 @@ struct ike_sa_t {
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS
*/
- status_t (*destroy_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
+ status_t (*destroy_child_sa) (ike_sa_t *this, protocol_id_t protocol, uint32_t spi);
/**
* Rekey the IKE_SA.
@@ -1028,7 +1033,7 @@ struct ike_sa_t {
* @param lifetime lifetime in seconds
* @return DESTROY_ME to destroy the IKE_SA
*/
- status_t (*set_auth_lifetime)(ike_sa_t *this, u_int32_t lifetime);
+ status_t (*set_auth_lifetime)(ike_sa_t *this, uint32_t lifetime);
/**
* Add a virtual IP to use for this IKE_SA and its children.
@@ -1119,6 +1124,15 @@ struct ike_sa_t {
void (*queue_task)(ike_sa_t *this, task_t *task);
/**
+ * Queue a task in the manager, but delay its initiation for at least the
+ * given number of seconds.
+ *
+ * @param task task to queue
+ * @param delay minimum delay in s before initiating the task
+ */
+ void (*queue_task_delayed)(ike_sa_t *this, task_t *task, uint32_t delay);
+
+ /**
* Inherit required attributes to new SA before rekeying.
*
* Some properties of the SA must be applied before starting IKE_SA
diff --git a/src/libcharon/sa/ike_sa_id.c b/src/libcharon/sa/ike_sa_id.c
index e52086483..b4e66ed73 100644
--- a/src/libcharon/sa/ike_sa_id.c
+++ b/src/libcharon/sa/ike_sa_id.c
@@ -34,17 +34,17 @@ struct private_ike_sa_id_t {
/**
* Major IKE version of IKE_SA.
*/
- u_int8_t ike_version;
+ uint8_t ike_version;
/**
* SPI of initiator.
*/
- u_int64_t initiator_spi;
+ uint64_t initiator_spi;
/**
* SPI of responder.
*/
- u_int64_t responder_spi;
+ uint64_t responder_spi;
/**
* Role for specific IKE_SA.
@@ -52,31 +52,31 @@ struct private_ike_sa_id_t {
bool is_initiator_flag;
};
-METHOD(ike_sa_id_t, get_ike_version, u_int8_t,
+METHOD(ike_sa_id_t, get_ike_version, uint8_t,
private_ike_sa_id_t *this)
{
return this->ike_version;
}
METHOD(ike_sa_id_t, set_responder_spi, void,
- private_ike_sa_id_t *this, u_int64_t responder_spi)
+ private_ike_sa_id_t *this, uint64_t responder_spi)
{
this->responder_spi = responder_spi;
}
METHOD(ike_sa_id_t, set_initiator_spi, void,
- private_ike_sa_id_t *this, u_int64_t initiator_spi)
+ private_ike_sa_id_t *this, uint64_t initiator_spi)
{
this->initiator_spi = initiator_spi;
}
-METHOD(ike_sa_id_t, get_initiator_spi, u_int64_t,
+METHOD(ike_sa_id_t, get_initiator_spi, uint64_t,
private_ike_sa_id_t *this)
{
return this->initiator_spi;
}
-METHOD(ike_sa_id_t, get_responder_spi, u_int64_t,
+METHOD(ike_sa_id_t, get_responder_spi, uint64_t,
private_ike_sa_id_t *this)
{
return this->responder_spi;
@@ -134,8 +134,8 @@ METHOD(ike_sa_id_t, destroy, void,
/*
* Described in header.
*/
-ike_sa_id_t * ike_sa_id_create(u_int8_t ike_version, u_int64_t initiator_spi,
- u_int64_t responder_spi, bool is_initiator_flag)
+ike_sa_id_t * ike_sa_id_create(uint8_t ike_version, uint64_t initiator_spi,
+ uint64_t responder_spi, bool is_initiator_flag)
{
private_ike_sa_id_t *this;
diff --git a/src/libcharon/sa/ike_sa_id.h b/src/libcharon/sa/ike_sa_id.h
index 5eb754e95..b3a9ef61f 100644
--- a/src/libcharon/sa/ike_sa_id.h
+++ b/src/libcharon/sa/ike_sa_id.h
@@ -41,7 +41,7 @@ struct ike_sa_id_t {
*
* @return IKE version
*/
- u_int8_t (*get_ike_version) (ike_sa_id_t *this);
+ uint8_t (*get_ike_version) (ike_sa_id_t *this);
/**
* Set the SPI of the responder.
@@ -50,28 +50,28 @@ struct ike_sa_id_t {
*
* @param responder_spi SPI of responder to set
*/
- void (*set_responder_spi) (ike_sa_id_t *this, u_int64_t responder_spi);
+ void (*set_responder_spi) (ike_sa_id_t *this, uint64_t responder_spi);
/**
* Set the SPI of the initiator.
*
* @param initiator_spi SPI to set
*/
- void (*set_initiator_spi) (ike_sa_id_t *this, u_int64_t initiator_spi);
+ void (*set_initiator_spi) (ike_sa_id_t *this, uint64_t initiator_spi);
/**
* Get the initiator SPI.
*
* @return SPI of the initiator
*/
- u_int64_t (*get_initiator_spi) (ike_sa_id_t *this);
+ uint64_t (*get_initiator_spi) (ike_sa_id_t *this);
/**
* Get the responder SPI.
*
* @return SPI of the responder
*/
- u_int64_t (*get_responder_spi) (ike_sa_id_t *this);
+ uint64_t (*get_responder_spi) (ike_sa_id_t *this);
/**
* Check if two ike_sa_id_t objects are equal.
@@ -131,7 +131,7 @@ struct ike_sa_id_t {
* @param is_initiaor TRUE if we are the original initiator
* @return ike_sa_id_t object
*/
-ike_sa_id_t * ike_sa_id_create(u_int8_t ike_version, u_int64_t initiator_spi,
- u_int64_t responder_spi, bool is_initiaor);
+ike_sa_id_t * ike_sa_id_create(uint8_t ike_version, uint64_t initiator_spi,
+ uint64_t responder_spi, bool is_initiaor);
#endif /** IKE_SA_ID_H_ @}*/
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index 307ea3b4a..ce44207c4 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -113,7 +113,7 @@ struct entry_t {
/**
* message ID or hash of currently processing message, -1 if none
*/
- u_int32_t processing;
+ uint32_t processing;
};
/**
@@ -265,7 +265,7 @@ struct init_hash_t {
chunk_t hash;
/** our SPI allocated for the IKE_SA based on this message */
- u_int64_t our_spi;
+ uint64_t our_spi;
};
typedef struct segment_t segment_t;
@@ -977,9 +977,9 @@ static void remove_connected_peers(private_ike_sa_manager_t *this, entry_t *entr
/**
* Get a random SPI for new IKE_SAs
*/
-static u_int64_t get_spi(private_ike_sa_manager_t *this)
+static uint64_t get_spi(private_ike_sa_manager_t *this)
{
- u_int64_t spi;
+ uint64_t spi;
this->spi_lock->read_lock(this->spi_lock);
if (this->spi_cb.cb)
@@ -987,7 +987,7 @@ static u_int64_t get_spi(private_ike_sa_manager_t *this)
spi = this->spi_cb.cb(this->spi_cb.data);
}
else if (!this->rng ||
- !this->rng->get_bytes(this->rng, sizeof(spi), (u_int8_t*)&spi))
+ !this->rng->get_bytes(this->rng, sizeof(spi), (uint8_t*)&spi))
{
spi = 0;
}
@@ -1007,8 +1007,8 @@ static bool get_init_hash(hasher_t *hasher, message_t *message, chunk_t *hash)
if (message->get_first_payload_type(message) == PLV1_FRAGMENT)
{ /* only hash the source IP, port and SPI for fragmented init messages */
- u_int16_t port;
- u_int64_t spi;
+ uint16_t port;
+ uint64_t spi;
src = message->get_source(message);
if (!hasher->allocate_hash(hasher, src->get_address(src), NULL))
@@ -1050,13 +1050,13 @@ static bool get_init_hash(hasher_t *hasher, message_t *message, chunk_t *hash)
* FAILED if the SPI allocation failed
*/
static status_t check_and_put_init_hash(private_ike_sa_manager_t *this,
- chunk_t init_hash, u_int64_t *our_spi)
+ chunk_t init_hash, uint64_t *our_spi)
{
table_item_t *item;
u_int row, segment;
mutex_t *mutex;
init_hash_t *init;
- u_int64_t spi;
+ uint64_t spi;
row = chunk_hash(init_hash) & this->table_mask;
segment = row & this->segment_mask;
@@ -1174,8 +1174,8 @@ METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
{
ike_sa_id_t *ike_sa_id;
ike_sa_t *ike_sa;
- u_int8_t ike_version;
- u_int64_t spi;
+ uint8_t ike_version;
+ uint64_t spi;
ike_version = version == IKEV1 ? IKEV1_MAJOR_VERSION : IKEV2_MAJOR_VERSION;
@@ -1208,7 +1208,7 @@ METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
/**
* Get the message ID or message hash to detect early retransmissions
*/
-static u_int32_t get_message_id_or_hash(message_t *message)
+static uint32_t get_message_id_or_hash(message_t *message)
{
if (message->get_major_version(message) == IKEV1_MAJOR_VERSION)
{
@@ -1273,7 +1273,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
if (is_init)
{
hasher_t *hasher;
- u_int64_t our_spi;
+ uint64_t our_spi;
chunk_t hash;
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
@@ -1415,7 +1415,8 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
{
continue;
}
- if (entry->ike_sa->get_state(entry->ike_sa) == IKE_DELETING)
+ if (entry->ike_sa->get_state(entry->ike_sa) == IKE_DELETING ||
+ entry->ike_sa->get_state(entry->ike_sa) == IKE_REKEYED)
{ /* skip IKE_SAs which are not usable, wake other waiting threads */
entry->condvar->signal(entry->condvar);
continue;
@@ -1455,7 +1456,7 @@ out:
}
METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
- private_ike_sa_manager_t *this, u_int32_t id)
+ private_ike_sa_manager_t *this, uint32_t id)
{
enumerator_t *enumerator;
entry_t *entry;
@@ -2094,10 +2095,41 @@ METHOD(ike_sa_manager_t, set_spi_cb, void,
this->spi_lock->unlock(this->spi_lock);
}
+/**
+ * Destroy all entries
+ */
+static void destroy_all_entries(private_ike_sa_manager_t *this)
+{
+ enumerator_t *enumerator;
+ entry_t *entry;
+ u_int segment;
+
+ enumerator = create_table_enumerator(this);
+ while (enumerator->enumerate(enumerator, &entry, &segment))
+ {
+ charon->bus->set_sa(charon->bus, entry->ike_sa);
+ if (entry->half_open)
+ {
+ remove_half_open(this, entry);
+ }
+ if (entry->my_id && entry->other_id)
+ {
+ remove_connected_peers(this, entry);
+ }
+ if (entry->init_hash.ptr)
+ {
+ remove_init_hash(this, entry->init_hash);
+ }
+ remove_entry_at((private_enumerator_t*)enumerator);
+ entry_destroy(entry);
+ }
+ enumerator->destroy(enumerator);
+ charon->bus->set_sa(charon->bus, NULL);
+}
+
METHOD(ike_sa_manager_t, flush, void,
private_ike_sa_manager_t *this)
{
- /* destroy all list entries */
enumerator_t *enumerator;
entry_t *entry;
u_int segment;
@@ -2153,31 +2185,11 @@ METHOD(ike_sa_manager_t, flush, void,
DBG2(DBG_MGR, "destroy all entries");
/* Step 4: destroy all entries */
- enumerator = create_table_enumerator(this);
- while (enumerator->enumerate(enumerator, &entry, &segment))
- {
- charon->bus->set_sa(charon->bus, entry->ike_sa);
- if (entry->half_open)
- {
- remove_half_open(this, entry);
- }
- if (entry->my_id && entry->other_id)
- {
- remove_connected_peers(this, entry);
- }
- if (entry->init_hash.ptr)
- {
- remove_init_hash(this, entry->init_hash);
- }
- remove_entry_at((private_enumerator_t*)enumerator);
- entry_destroy(entry);
- }
- enumerator->destroy(enumerator);
- charon->bus->set_sa(charon->bus, NULL);
+ destroy_all_entries(this);
unlock_all_segments(this);
this->spi_lock->write_lock(this->spi_lock);
- this->rng->destroy(this->rng);
+ DESTROY_IF(this->rng);
this->rng = NULL;
this->spi_cb.cb = NULL;
this->spi_cb.data = NULL;
@@ -2189,7 +2201,11 @@ METHOD(ike_sa_manager_t, destroy, void,
{
u_int i;
- /* these are already cleared in flush() above */
+ /* in case new SAs were checked in after flush() was called */
+ lock_all_segments(this);
+ destroy_all_entries(this);
+ unlock_all_segments(this);
+
free(this->ike_sa_table);
free(this->half_open_table);
free(this->connected_peers_table);
diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h
index f1b7c2579..4298c54e2 100644
--- a/src/libcharon/sa/ike_sa_manager.h
+++ b/src/libcharon/sa/ike_sa_manager.h
@@ -38,7 +38,7 @@ typedef struct ike_sa_manager_t ike_sa_manager_t;
* @param data data supplied during registration of the callback
* @return allocated SPI, 0 on failure
*/
-typedef u_int64_t (*spi_cb_t)(void *data);
+typedef uint64_t (*spi_cb_t)(void *data);
/**
* Manages and synchronizes access to all IKE_SAs.
@@ -147,7 +147,7 @@ struct ike_sa_manager_t {
* - checked out IKE_SA, if found
* - NULL, if not found
*/
- ike_sa_t* (*checkout_by_id) (ike_sa_manager_t* this, u_int32_t id);
+ ike_sa_t* (*checkout_by_id) (ike_sa_manager_t* this, uint32_t id);
/**
* Check out an IKE_SA by the policy/connection name.
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index e428966ad..be6b03bef 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -32,7 +32,7 @@ typedef struct private_keymat_v1_t private_keymat_v1_t;
*/
typedef struct {
/** message ID */
- u_int32_t mid;
+ uint32_t mid;
/** current IV */
chunk_t iv;
/** last block of encrypted message */
@@ -128,7 +128,7 @@ static void iv_data_destroy(iv_data_t *this)
*/
typedef struct {
/** message ID */
- u_int32_t mid;
+ uint32_t mid;
/** Ni_b (Nonce from first message) */
chunk_t n_i;
/** Nr_b (Nonce from second message) */
@@ -272,7 +272,7 @@ static bool expand_skeyid_e(chunk_t skeyid_e, size_t key_size, prf_t *prf,
static aead_t *create_aead(proposal_t *proposal, prf_t *prf, chunk_t skeyid_e)
{
private_aead_t *this;
- u_int16_t alg, key_size;
+ uint16_t alg, key_size;
crypter_t *crypter;
chunk_t ka;
@@ -324,7 +324,7 @@ static aead_t *create_aead(proposal_t *proposal, prf_t *prf, chunk_t skeyid_e)
/**
* Converts integrity algorithm to PRF algorithm
*/
-static u_int16_t auth_to_prf(u_int16_t alg)
+static uint16_t auth_to_prf(uint16_t alg)
{
switch (alg)
{
@@ -348,7 +348,7 @@ static u_int16_t auth_to_prf(u_int16_t alg)
/**
* Converts integrity algorithm to hash algorithm
*/
-static u_int16_t auth_to_hash(u_int16_t alg)
+static uint16_t auth_to_hash(uint16_t alg)
{
switch (alg)
{
@@ -370,7 +370,7 @@ static u_int16_t auth_to_hash(u_int16_t alg)
/**
* Adjust the key length for PRF algorithms that expect a fixed key length.
*/
-static void adjust_keylen(u_int16_t alg, chunk_t *key)
+static void adjust_keylen(uint16_t alg, chunk_t *key)
{
switch (alg)
{
@@ -393,10 +393,10 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
{
chunk_t g_xy, g_xi, g_xr, dh_me, spi_i, spi_r, nonces, data, skeyid_e;
chunk_t skeyid;
- u_int16_t alg;
+ uint16_t alg;
- spi_i = chunk_alloca(sizeof(u_int64_t));
- spi_r = chunk_alloca(sizeof(u_int64_t));
+ spi_i = chunk_alloca(sizeof(uint64_t));
+ spi_r = chunk_alloca(sizeof(uint64_t));
if (!proposal->get_algorithm(proposal, PSEUDO_RANDOM_FUNCTION, &alg, NULL))
{ /* no PRF negotiated, use HMAC version of integrity algorithm instead */
@@ -431,8 +431,8 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
}
DBG4(DBG_IKE, "shared Diffie Hellman secret %B", &g_xy);
- *((u_int64_t*)spi_i.ptr) = id->get_initiator_spi(id);
- *((u_int64_t*)spi_r.ptr) = id->get_responder_spi(id);
+ *((uint64_t*)spi_i.ptr) = id->get_initiator_spi(id);
+ *((uint64_t*)spi_r.ptr) = id->get_responder_spi(id);
nonces = chunk_cata("cc", nonce_i, nonce_r);
switch (auth)
@@ -585,11 +585,11 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
METHOD(keymat_v1_t, derive_child_keys, bool,
private_keymat_v1_t *this, proposal_t *proposal, diffie_hellman_t *dh,
- u_int32_t spi_i, u_int32_t spi_r, chunk_t nonce_i, chunk_t nonce_r,
+ uint32_t spi_i, uint32_t spi_r, chunk_t nonce_i, chunk_t nonce_r,
chunk_t *encr_i, chunk_t *integ_i, chunk_t *encr_r, chunk_t *integ_r)
{
- u_int16_t enc_alg, int_alg, enc_size = 0, int_size = 0;
- u_int8_t protocol;
+ uint16_t enc_alg, int_alg, enc_size = 0, int_size = 0;
+ uint8_t protocol;
prf_plus_t *prf_plus;
chunk_t seed, secret = chunk_empty;
bool success = FALSE;
@@ -725,7 +725,7 @@ failure:
METHOD(keymat_v1_t, create_hasher, bool,
private_keymat_v1_t *this, proposal_t *proposal)
{
- u_int16_t alg;
+ uint16_t alg;
if (!proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &alg, NULL) ||
(alg = auth_to_hash(alg)) == HASH_UNKNOWN)
{
@@ -754,7 +754,7 @@ METHOD(keymat_v1_t, get_hash, bool,
ike_sa_id_t *ike_sa_id, chunk_t sa_i, chunk_t id, chunk_t *hash)
{
chunk_t data;
- u_int64_t spi, spi_other;
+ uint64_t spi, spi_other;
/* HASH_I = prf(SKEYID, g^xi | g^xr | CKY-I | CKY-R | SAi_b | IDii_b )
* HASH_R = prf(SKEYID, g^xr | g^xi | CKY-R | CKY-I | SAi_b | IDir_b )
@@ -810,7 +810,7 @@ static chunk_t get_message_data(message_t *message, generator_t *generator)
{
payload_t *payload, *next;
enumerator_t *enumerator;
- u_int32_t *lenpos;
+ uint32_t *lenpos;
if (message->is_encoded(message))
{ /* inbound, although the message is generated, we cannot access the
@@ -850,7 +850,7 @@ static chunk_t get_message_data(message_t *message, generator_t *generator)
* Try to find data about a Quick Mode with the given message ID,
* if none is found, state is generated.
*/
-static qm_data_t *lookup_quick_mode(private_keymat_v1_t *this, u_int32_t mid)
+static qm_data_t *lookup_quick_mode(private_keymat_v1_t *this, uint32_t mid)
{
enumerator_t *enumerator;
qm_data_t *qm, *found = NULL;
@@ -885,7 +885,7 @@ static qm_data_t *lookup_quick_mode(private_keymat_v1_t *this, u_int32_t mid)
METHOD(keymat_v1_t, get_hash_phase2, bool,
private_keymat_v1_t *this, message_t *message, chunk_t *hash)
{
- u_int32_t mid, mid_n;
+ uint32_t mid, mid_n;
chunk_t data = chunk_empty;
bool add_message = TRUE;
char *name = "Hash";
@@ -993,7 +993,7 @@ static bool generate_iv(private_keymat_v1_t *this, iv_data_t *iv)
else
{
/* initial phase 2 IV = hash(last_phase1_block | mid) */
- u_int32_t net;;
+ uint32_t net;;
chunk_t data;
net = htonl(iv->mid);
@@ -1014,7 +1014,7 @@ static bool generate_iv(private_keymat_v1_t *this, iv_data_t *iv)
/**
* Try to find an IV for the given message ID, if not found, generate it.
*/
-static iv_data_t *lookup_iv(private_keymat_v1_t *this, u_int32_t mid)
+static iv_data_t *lookup_iv(private_keymat_v1_t *this, uint32_t mid)
{
enumerator_t *enumerator;
iv_data_t *iv, *found = NULL;
@@ -1057,7 +1057,7 @@ static iv_data_t *lookup_iv(private_keymat_v1_t *this, u_int32_t mid)
}
METHOD(keymat_v1_t, get_iv, bool,
- private_keymat_v1_t *this, u_int32_t mid, chunk_t *out)
+ private_keymat_v1_t *this, uint32_t mid, chunk_t *out)
{
iv_data_t *iv;
@@ -1071,7 +1071,7 @@ METHOD(keymat_v1_t, get_iv, bool,
}
METHOD(keymat_v1_t, update_iv, bool,
- private_keymat_v1_t *this, u_int32_t mid, chunk_t last_block)
+ private_keymat_v1_t *this, uint32_t mid, chunk_t last_block)
{
iv_data_t *iv = lookup_iv(this, mid);
if (iv)
@@ -1084,7 +1084,7 @@ METHOD(keymat_v1_t, update_iv, bool,
}
METHOD(keymat_v1_t, confirm_iv, bool,
- private_keymat_v1_t *this, u_int32_t mid)
+ private_keymat_v1_t *this, uint32_t mid)
{
iv_data_t *iv = lookup_iv(this, mid);
if (iv)
diff --git a/src/libcharon/sa/ikev1/keymat_v1.h b/src/libcharon/sa/ikev1/keymat_v1.h
index cc9f3b339..46eeea8b6 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.h
+++ b/src/libcharon/sa/ikev1/keymat_v1.h
@@ -72,7 +72,7 @@ struct keymat_v1_t {
* @param integ_r allocated responders integrity key
*/
bool (*derive_child_keys)(keymat_v1_t *this, proposal_t *proposal,
- diffie_hellman_t *dh, u_int32_t spi_i, u_int32_t spi_r,
+ diffie_hellman_t *dh, uint32_t spi_i, uint32_t spi_r,
chunk_t nonce_i, chunk_t nonce_r,
chunk_t *encr_i, chunk_t *integ_i,
chunk_t *encr_r, chunk_t *integ_r);
@@ -127,7 +127,7 @@ struct keymat_v1_t {
* @param iv chunk receiving IV, internal data
* @return TRUE if IV allocated successfully
*/
- bool (*get_iv)(keymat_v1_t *this, u_int32_t mid, chunk_t *iv);
+ bool (*get_iv)(keymat_v1_t *this, uint32_t mid, chunk_t *iv);
/**
* Updates the IV for the next message with the given message ID.
@@ -141,7 +141,7 @@ struct keymat_v1_t {
* @param last_block last block of encrypted message (gets cloned)
* @return TRUE if IV updated successfully
*/
- bool (*update_iv)(keymat_v1_t *this, u_int32_t mid, chunk_t last_block);
+ bool (*update_iv)(keymat_v1_t *this, uint32_t mid, chunk_t last_block);
/**
* Confirms the updated IV for the given message ID.
@@ -152,7 +152,7 @@ struct keymat_v1_t {
* @param mid message ID
* @return TRUE if IV confirmed successfully
*/
- bool (*confirm_iv)(keymat_v1_t *this, u_int32_t mid);
+ bool (*confirm_iv)(keymat_v1_t *this, uint32_t mid);
};
/**
diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c
index 3c601a4fa..b0c4f5f84 100644
--- a/src/libcharon/sa/ikev1/task_manager_v1.c
+++ b/src/libcharon/sa/ikev1/task_manager_v1.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2007-2015 Tobias Brunner
+ * Copyright (C) 2007-2016 Tobias Brunner
* Copyright (C) 2007-2011 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -67,7 +67,7 @@ struct exchange_t {
/**
* Message ID used for this transaction
*/
- u_int32_t mid;
+ uint32_t mid;
/**
* generated packet for retransmission
@@ -104,12 +104,12 @@ struct private_task_manager_t {
/**
* Message ID of the last response
*/
- u_int32_t mid;
+ uint32_t mid;
/**
* Hash of a previously received message
*/
- u_int32_t hash;
+ uint32_t hash;
/**
* packet(s) for retransmission
@@ -119,7 +119,7 @@ struct private_task_manager_t {
/**
* Sequence number of the last sent message
*/
- u_int32_t seqnr;
+ uint32_t seqnr;
/**
* how many times we have retransmitted so far
@@ -135,12 +135,12 @@ struct private_task_manager_t {
/**
* Message ID of the exchange
*/
- u_int32_t mid;
+ uint32_t mid;
/**
* Hashes of old responses we can ignore
*/
- u_int32_t old_hashes[MAX_OLD_HASHES];
+ uint32_t old_hashes[MAX_OLD_HASHES];
/**
* Position in old hash array
@@ -150,7 +150,7 @@ struct private_task_manager_t {
/**
* Sequence number of the last sent message
*/
- u_int32_t seqnr;
+ uint32_t seqnr;
/**
* how many times we have retransmitted so far
@@ -212,12 +212,12 @@ struct private_task_manager_t {
/**
* Sequence number for sending DPD requests
*/
- u_int32_t dpd_send;
+ uint32_t dpd_send;
/**
* Sequence number for received DPD requests
*/
- u_int32_t dpd_recv;
+ uint32_t dpd_recv;
};
/**
@@ -341,11 +341,11 @@ static bool generate_message(private_task_manager_t *this, message_t *message,
/**
* Retransmit a packet (or its fragments)
*/
-static status_t retransmit_packet(private_task_manager_t *this, u_int32_t seqnr,
+static status_t retransmit_packet(private_task_manager_t *this, uint32_t seqnr,
u_int mid, u_int retransmitted, array_t *packets)
{
packet_t *packet;
- u_int32_t t;
+ uint32_t t;
array_get(packets, 0, &packet);
if (retransmitted > this->retransmit_tries)
@@ -354,14 +354,15 @@ static status_t retransmit_packet(private_task_manager_t *this, u_int32_t seqnr,
charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_TIMEOUT, packet);
return DESTROY_ME;
}
- t = (u_int32_t)(this->retransmit_timeout * 1000.0 *
+ t = (uint32_t)(this->retransmit_timeout * 1000.0 *
pow(this->retransmit_base, retransmitted));
if (retransmitted)
{
DBG1(DBG_IKE, "sending retransmit %u of %s message ID %u, seq %u",
retransmitted, seqnr < RESPONDING_SEQ ? "request" : "response",
mid, seqnr < RESPONDING_SEQ ? seqnr : seqnr - RESPONDING_SEQ);
- charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND, packet);
+ charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND, packet,
+ retransmitted);
}
send_packets(this, packets);
lib->scheduler->schedule_job_ms(lib->scheduler, (job_t*)
@@ -370,7 +371,7 @@ static status_t retransmit_packet(private_task_manager_t *this, u_int32_t seqnr,
}
METHOD(task_manager_t, retransmit, status_t,
- private_task_manager_t *this, u_int32_t seqnr)
+ private_task_manager_t *this, uint32_t seqnr)
{
status_t status = SUCCESS;
@@ -514,26 +515,26 @@ METHOD(task_manager_t, initiate, status_t,
new_mid = TRUE;
break;
}
- if (!mode_config_expected(this) &&
- activate_task(this, TASK_QUICK_MODE))
+ if (activate_task(this, TASK_ISAKMP_DELETE))
{
- exchange = QUICK_MODE;
+ exchange = INFORMATIONAL_V1;
new_mid = TRUE;
break;
}
- if (activate_task(this, TASK_INFORMATIONAL))
+ if (activate_task(this, TASK_QUICK_DELETE))
{
exchange = INFORMATIONAL_V1;
new_mid = TRUE;
break;
}
- if (activate_task(this, TASK_QUICK_DELETE))
+ if (!mode_config_expected(this) &&
+ activate_task(this, TASK_QUICK_MODE))
{
- exchange = INFORMATIONAL_V1;
+ exchange = QUICK_MODE;
new_mid = TRUE;
break;
}
- if (activate_task(this, TASK_ISAKMP_DELETE))
+ if (activate_task(this, TASK_INFORMATIONAL))
{
exchange = INFORMATIONAL_V1;
new_mid = TRUE;
@@ -807,7 +808,7 @@ static void send_notify(private_task_manager_t *this, message_t *request,
message_t *response;
array_t *packets = NULL;
host_t *me, *other;
- u_int32_t mid;
+ uint32_t mid;
if (request->get_exchange_type(request) == INFORMATIONAL_V1)
{ /* don't respond to INFORMATIONAL requests to avoid a notify war */
@@ -857,7 +858,7 @@ static bool process_dpd(private_task_manager_t *this, message_t *message)
{
notify_payload_t *notify;
notify_type_t type;
- u_int32_t seq;
+ uint32_t seq;
chunk_t data;
type = DPD_R_U_THERE;
@@ -910,7 +911,7 @@ static bool process_dpd(private_task_manager_t *this, message_t *message)
* Check if we already have a quick mode task queued for the exchange with the
* given message ID
*/
-static bool have_quick_mode_task(private_task_manager_t *this, u_int32_t mid)
+static bool have_quick_mode_task(private_task_manager_t *this, uint32_t mid)
{
enumerator_t *enumerator;
quick_mode_t *qm;
@@ -935,9 +936,9 @@ static bool have_quick_mode_task(private_task_manager_t *this, u_int32_t mid)
}
/**
- * Check if we still have an aggressive mode task queued
+ * Check if we still have a specific task queued
*/
-static bool have_aggressive_mode_task(private_task_manager_t *this)
+static bool have_task_queued(private_task_manager_t *this, task_type_t type)
{
enumerator_t *enumerator;
task_t *task;
@@ -946,7 +947,7 @@ static bool have_aggressive_mode_task(private_task_manager_t *this)
enumerator = this->passive_tasks->create_enumerator(this->passive_tasks);
while (enumerator->enumerate(enumerator, &task))
{
- if (task->get_type(task) == TASK_AGGRESSIVE_MODE)
+ if (task->get_type(task) == type)
{
found = TRUE;
break;
@@ -1180,6 +1181,12 @@ static status_t process_response(private_task_manager_t *this,
}
enumerator->destroy(enumerator);
+ if (this->initiating.retransmitted)
+ {
+ packet_t *packet = NULL;
+ array_get(this->initiating.packets, 0, &packet);
+ charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_CLEARED, packet);
+ }
this->initiating.type = EXCHANGE_TYPE_UNDEFINED;
clear_packets(this->initiating.packets);
@@ -1305,7 +1312,7 @@ static status_t queue_message(private_task_manager_t *this, message_t *msg)
METHOD(task_manager_t, process_message, status_t,
private_task_manager_t *this, message_t *msg)
{
- u_int32_t hash, mid, i;
+ uint32_t hash, mid, i;
host_t *me, *other;
status_t status;
@@ -1405,7 +1412,7 @@ METHOD(task_manager_t, process_message, status_t,
/* drop XAuth/Mode Config/Quick Mode messages until we received the last
* Aggressive Mode message. since Informational messages are not
* retransmitted we queue them. */
- if (have_aggressive_mode_task(this))
+ if (have_task_queued(this, TASK_AGGRESSIVE_MODE))
{
if (msg->get_exchange_type(msg) == INFORMATIONAL_V1)
{
@@ -1427,6 +1434,13 @@ METHOD(task_manager_t, process_message, status_t,
return queue_message(this, msg);
}
+ /* some peers send INITIAL_CONTACT notifies during XAuth, cache it */
+ if (have_task_queued(this, TASK_XAUTH) &&
+ msg->get_exchange_type(msg) == INFORMATIONAL_V1)
+ {
+ return queue_message(this, msg);
+ }
+
msg->set_request(msg, TRUE);
charon->bus->message(charon->bus, msg, TRUE, FALSE);
status = parse_message(this, msg);
@@ -1499,8 +1513,8 @@ static bool has_queued(private_task_manager_t *this, task_type_t type)
return found;
}
-METHOD(task_manager_t, queue_task, void,
- private_task_manager_t *this, task_t *task)
+METHOD(task_manager_t, queue_task_delayed, void,
+ private_task_manager_t *this, task_t *task, uint32_t delay)
{
task_type_t type = task->get_type(task);
@@ -1521,6 +1535,12 @@ METHOD(task_manager_t, queue_task, void,
this->queued_tasks->insert_last(this->queued_tasks, task);
}
+METHOD(task_manager_t, queue_task, void,
+ private_task_manager_t *this, task_t *task)
+{
+ queue_task_delayed(this, task, 0);
+}
+
METHOD(task_manager_t, queue_ike, void,
private_task_manager_t *this)
{
@@ -1660,7 +1680,7 @@ METHOD(task_manager_t, queue_mobike, void,
}
METHOD(task_manager_t, queue_child, void,
- private_task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
+ private_task_manager_t *this, child_cfg_t *cfg, uint32_t reqid,
traffic_selector_t *tsi, traffic_selector_t *tsr)
{
quick_mode_t *task;
@@ -1739,7 +1759,7 @@ static traffic_selector_t* get_first_ts(child_sa_t *child_sa, bool local)
}
METHOD(task_manager_t, queue_child_rekey, void,
- private_task_manager_t *this, protocol_id_t protocol, u_int32_t spi)
+ private_task_manager_t *this, protocol_id_t protocol, uint32_t spi)
{
child_sa_t *child_sa;
child_cfg_t *cfg;
@@ -1754,6 +1774,7 @@ METHOD(task_manager_t, queue_child_rekey, void,
{
if (is_redundant(this, child_sa))
{
+ child_sa->set_state(child_sa, CHILD_REKEYED);
queue_task(this, (task_t*)quick_delete_create(this->ike_sa,
protocol, spi, FALSE, FALSE));
}
@@ -1774,7 +1795,7 @@ METHOD(task_manager_t, queue_child_rekey, void,
}
METHOD(task_manager_t, queue_child_delete, void,
- private_task_manager_t *this, protocol_id_t protocol, u_int32_t spi,
+ private_task_manager_t *this, protocol_id_t protocol, uint32_t spi,
bool expired)
{
queue_task(this, (task_t*)quick_delete_create(this->ike_sa, protocol,
@@ -1785,7 +1806,7 @@ METHOD(task_manager_t, queue_dpd, void,
private_task_manager_t *this)
{
peer_cfg_t *peer_cfg;
- u_int32_t t, retransmit;
+ uint32_t t, retransmit;
queue_task(this, (task_t*)isakmp_dpd_create(this->ike_sa, DPD_R_U_THERE,
this->dpd_send++));
@@ -1798,7 +1819,7 @@ METHOD(task_manager_t, queue_dpd, void,
/* use the same timeout as a retransmitting IKE message would have */
for (retransmit = 0; retransmit <= this->retransmit_tries; retransmit++)
{
- t += (u_int32_t)(this->retransmit_timeout * 1000.0 *
+ t += (uint32_t)(this->retransmit_timeout * 1000.0 *
pow(this->retransmit_base, retransmit));
}
}
@@ -1871,7 +1892,7 @@ METHOD(task_manager_t, incr_mid, void,
}
METHOD(task_manager_t, reset, void,
- private_task_manager_t *this, u_int32_t initiate, u_int32_t respond)
+ private_task_manager_t *this, uint32_t initiate, uint32_t respond)
{
enumerator_t *enumerator;
task_t *task;
@@ -1960,6 +1981,7 @@ task_manager_v1_t *task_manager_v1_create(ike_sa_t *ike_sa)
.task_manager = {
.process_message = _process_message,
.queue_task = _queue_task,
+ .queue_task_delayed = _queue_task_delayed,
.queue_ike = _queue_ike,
.queue_ike_rekey = _queue_ike_rekey,
.queue_ike_reauth = _queue_ike_reauth,
diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
index 710bf1cd2..9b5f676a3 100644
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@@ -77,7 +77,7 @@ struct private_aggressive_mode_t {
/**
* Negotiated SA lifetime
*/
- u_int32_t lifetime;
+ uint32_t lifetime;
/**
* Negotiated authentication method
@@ -164,7 +164,7 @@ static status_t send_notify(private_aggressive_mode_t *this, notify_type_t type)
{
notify_payload_t *notify;
ike_sa_id_t *ike_sa_id;
- u_int64_t spi_i, spi_r;
+ uint64_t spi_i, spi_r;
chunk_t spi;
notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
@@ -219,7 +219,7 @@ METHOD(task_t, build_i, status_t,
linked_list_t *proposals;
identification_t *id;
packet_t *packet;
- u_int16_t group;
+ uint16_t group;
DBG0(DBG_IKE, "initiating Aggressive Mode IKE_SA %s[%d] to %H",
this->ike_sa->get_name(this->ike_sa),
@@ -377,7 +377,8 @@ METHOD(task_t, process_r, status_t,
id_payload_t *id_payload;
identification_t *id;
linked_list_t *list;
- u_int16_t group;
+ uint16_t group;
+ bool prefer_configured;
this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
DBG0(DBG_IKE, "%H is initiating a Aggressive Mode IKE_SA",
@@ -401,8 +402,10 @@ METHOD(task_t, process_r, status_t,
}
list = sa_payload->get_proposals(sa_payload);
+ prefer_configured = lib->settings->get_bool(lib->settings,
+ "%s.prefer_configured_proposals", TRUE, lib->ns);
this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
- list, FALSE);
+ list, FALSE, prefer_configured);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
@@ -629,7 +632,7 @@ METHOD(task_t, process_i, status_t,
id_payload_t *id_payload;
identification_t *id, *cid;
linked_list_t *list;
- u_int32_t lifetime;
+ uint32_t lifetime;
sa_payload = (sa_payload_t*)message->get_payload(message,
PLV1_SECURITY_ASSOCIATION);
@@ -640,7 +643,7 @@ METHOD(task_t, process_i, status_t,
}
list = sa_payload->get_proposals(sa_payload);
this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
- list, FALSE);
+ list, FALSE, TRUE);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_delete.c b/src/libcharon/sa/ikev1/tasks/isakmp_delete.c
index a56805afb..df0293d4f 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_delete.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_delete.c
@@ -81,7 +81,7 @@ METHOD(task_t, process_r, status_t,
payload_t *payload;
delete_payload_t *delete_payload;
ike_sa_id_t *id;
- u_int64_t spi_i, spi_r;
+ uint64_t spi_i, spi_r;
bool found = FALSE;
/* some peers send DELETE payloads for other IKE_SAs, e.g. those for expired
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c
index 5522e9221..840d352b1 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c
@@ -33,7 +33,7 @@ struct private_isakmp_dpd_t {
/**
* Sequence number.
*/
- u_int32_t seqnr;
+ uint32_t seqnr;
/**
* DPD notify type
@@ -51,8 +51,8 @@ METHOD(task_t, build, status_t,
{
notify_payload_t *notify;
ike_sa_id_t *ike_sa_id;
- u_int64_t spi_i, spi_r;
- u_int32_t seqnr;
+ uint64_t spi_i, spi_r;
+ uint32_t seqnr;
chunk_t spi;
notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
@@ -100,7 +100,7 @@ METHOD(task_t, destroy, void,
* Described in header.
*/
isakmp_dpd_t *isakmp_dpd_create(ike_sa_t *ike_sa, notify_type_t type,
- u_int32_t seqnr)
+ uint32_t seqnr)
{
private_isakmp_dpd_t *this;
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.h b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.h
index 06a0175eb..9a69b423c 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.h
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.h
@@ -47,6 +47,6 @@ struct isakmp_dpd_t {
* @return ISAKMP_DPD task to handle by the task_manager
*/
isakmp_dpd_t *isakmp_dpd_create(ike_sa_t *ike_sa, notify_type_t type,
- u_int32_t seqnr);
+ uint32_t seqnr);
#endif /** ISAKMP_DPD_H_ @}*/
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_natd.c b/src/libcharon/sa/ikev1/tasks/isakmp_natd.c
index cb1a31371..d17948cd0 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_natd.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_natd.c
@@ -129,8 +129,8 @@ static chunk_t generate_natd_hash(private_isakmp_natd_t *this,
{
hasher_t *hasher;
chunk_t natd_chunk, natd_hash;
- u_int64_t spi_i, spi_r;
- u_int16_t port;
+ uint64_t spi_i, spi_r;
+ uint16_t port;
hasher = this->keymat->get_hasher(this->keymat);
if (!hasher)
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c
index 0162fd84e..f28b83e8a 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c
@@ -170,7 +170,7 @@ static struct {
* for fragmentation of base ISAKMP messages (Cisco adds that and thus sends
* 0xc0000000)
*/
-static const u_int32_t fragmentation_ike = 0x80000000;
+static const uint32_t fragmentation_ike = 0x80000000;
static bool is_known_vid(chunk_t data, int i)
{
diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
index 3ea4a2a85..628ea0de8 100644
--- a/src/libcharon/sa/ikev1/tasks/main_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
@@ -77,7 +77,7 @@ struct private_main_mode_t {
/**
* Negotiated SA lifetime
*/
- u_int32_t lifetime;
+ uint32_t lifetime;
/**
* Negotiated authentication method
@@ -173,7 +173,7 @@ static status_t send_notify(private_main_mode_t *this, notify_type_t type)
{
notify_payload_t *notify;
ike_sa_id_t *ike_sa_id;
- u_int64_t spi_i, spi_r;
+ uint64_t spi_i, spi_r;
chunk_t spi;
notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
@@ -215,7 +215,7 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
host_t *host;
notify_payload_t *notify;
ike_sa_id_t *ike_sa_id;
- u_int64_t spi_i, spi_r;
+ uint64_t spi_i, spi_r;
chunk_t spi;
idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE);
@@ -303,7 +303,7 @@ METHOD(task_t, build_i, status_t,
}
case MM_SA:
{
- u_int16_t group;
+ uint16_t group;
if (!this->ph1->create_hasher(this->ph1))
{
@@ -367,7 +367,7 @@ METHOD(task_t, process_r, status_t,
{
linked_list_t *list;
sa_payload_t *sa_payload;
- bool private;
+ bool private, prefer_configured;
this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
DBG0(DBG_IKE, "%H is initiating a Main Mode IKE_SA",
@@ -392,9 +392,11 @@ METHOD(task_t, process_r, status_t,
list = sa_payload->get_proposals(sa_payload);
private = this->ike_sa->supports_extension(this->ike_sa,
- EXT_STRONGSWAN);
+ EXT_STRONGSWAN);
+ prefer_configured = lib->settings->get_bool(lib->settings,
+ "%s.prefer_configured_proposals", TRUE, lib->ns);
this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
- list, private);
+ list, private, prefer_configured);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
@@ -411,7 +413,7 @@ METHOD(task_t, process_r, status_t,
}
case MM_SA:
{
- u_int16_t group;
+ uint16_t group;
if (!this->ph1->create_hasher(this->ph1))
{
@@ -627,7 +629,7 @@ METHOD(task_t, process_i, status_t,
linked_list_t *list;
sa_payload_t *sa_payload;
auth_method_t method;
- u_int32_t lifetime;
+ uint32_t lifetime;
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
@@ -641,7 +643,7 @@ METHOD(task_t, process_i, status_t,
private = this->ike_sa->supports_extension(this->ike_sa,
EXT_STRONGSWAN);
this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
- list, private);
+ list, private, TRUE);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
diff --git a/src/libcharon/sa/ikev1/tasks/mode_config.c b/src/libcharon/sa/ikev1/tasks/mode_config.c
index b9f924009..7098d24a2 100644
--- a/src/libcharon/sa/ikev1/tasks/mode_config.c
+++ b/src/libcharon/sa/ikev1/tasks/mode_config.c
@@ -58,7 +58,7 @@ struct private_mode_config_t {
/**
* Identifier to include in response
*/
- u_int16_t identifier;
+ uint16_t identifier;
};
/**
diff --git a/src/libcharon/sa/ikev1/tasks/quick_delete.c b/src/libcharon/sa/ikev1/tasks/quick_delete.c
index ade59a2dd..66ef50811 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_delete.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_delete.c
@@ -69,7 +69,7 @@ struct private_quick_delete_t {
/**
* Inbound SPI of CHILD_SA to delete
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* Send delete even if SA does not exist
@@ -86,9 +86,9 @@ struct private_quick_delete_t {
* Delete the specified CHILD_SA, if found
*/
static bool delete_child(private_quick_delete_t *this, protocol_id_t protocol,
- u_int32_t spi, bool remote_close)
+ uint32_t spi, bool remote_close)
{
- u_int64_t bytes_in, bytes_out;
+ uint64_t bytes_in, bytes_out;
child_sa_t *child_sa;
linked_list_t *my_ts, *other_ts;
child_cfg_t *child_cfg;
@@ -200,7 +200,7 @@ METHOD(task_t, process_r, status_t,
payload_t *payload;
delete_payload_t *delete_payload;
protocol_id_t protocol;
- u_int32_t spi;
+ uint32_t spi;
payloads = message->create_payload_enumerator(message);
while (payloads->enumerate(payloads, &payload))
@@ -260,7 +260,7 @@ METHOD(task_t, destroy, void,
* Described in header.
*/
quick_delete_t *quick_delete_create(ike_sa_t *ike_sa, protocol_id_t protocol,
- u_int32_t spi, bool force, bool expired)
+ uint32_t spi, bool force, bool expired)
{
private_quick_delete_t *this;
diff --git a/src/libcharon/sa/ikev1/tasks/quick_delete.h b/src/libcharon/sa/ikev1/tasks/quick_delete.h
index 4df30c8fe..6227b364b 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_delete.h
+++ b/src/libcharon/sa/ikev1/tasks/quick_delete.h
@@ -50,6 +50,6 @@ struct quick_delete_t {
* @return quick_delete task to handle by the task_manager
*/
quick_delete_t *quick_delete_create(ike_sa_t *ike_sa, protocol_id_t protocol,
- u_int32_t spi, bool force, bool expired);
+ uint32_t spi, bool force, bool expired);
#endif /** QUICK_DELETE_H_ @}*/
diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index b4fe04663..bbd1cb09f 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -98,22 +98,22 @@ struct private_quick_mode_t {
/**
* Initiators ESP SPI
*/
- u_int32_t spi_i;
+ uint32_t spi_i;
/**
* Responder ESP SPI
*/
- u_int32_t spi_r;
+ uint32_t spi_r;
/**
* Initiators IPComp CPI
*/
- u_int16_t cpi_i;
+ uint16_t cpi_i;
/**
* Responders IPComp CPI
*/
- u_int16_t cpi_r;
+ uint16_t cpi_r;
/**
* selected CHILD_SA proposal
@@ -143,17 +143,17 @@ struct private_quick_mode_t {
/**
* Negotiated lifetime of new SA
*/
- u_int32_t lifetime;
+ uint32_t lifetime;
/**
- * Negotaited lifebytes of new SA
+ * Negotiated lifebytes of new SA
*/
- u_int64_t lifebytes;
+ uint64_t lifebytes;
/**
* Reqid to use, 0 for auto-allocate
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* Explicit inbound mark value to use, if any
@@ -168,7 +168,7 @@ struct private_quick_mode_t {
/**
* SPI of SA we rekey
*/
- u_int32_t rekey;
+ uint32_t rekey;
/**
* Delete old child after successful rekey
@@ -193,7 +193,7 @@ struct private_quick_mode_t {
/**
* Message ID of handled quick mode exchange
*/
- u_int32_t mid;
+ uint32_t mid;
/** states of quick mode */
enum {
@@ -207,7 +207,7 @@ struct private_quick_mode_t {
*/
static void schedule_inactivity_timeout(private_quick_mode_t *this)
{
- u_int32_t timeout;
+ uint32_t timeout;
bool close_ike;
timeout = this->config->get_inactivity(this->config);
@@ -722,12 +722,12 @@ static void get_lifetimes(private_quick_mode_t *this)
{
lifetime_cfg_t *lft;
- lft = this->config->get_lifetime(this->config);
+ lft = this->config->get_lifetime(this->config, TRUE);
if (lft->time.life)
{
this->lifetime = lft->time.life;
}
- else if (lft->bytes.life)
+ if (lft->bytes.life)
{
this->lifebytes = lft->bytes.life;
}
@@ -739,8 +739,8 @@ static void get_lifetimes(private_quick_mode_t *this)
*/
static void apply_lifetimes(private_quick_mode_t *this, sa_payload_t *sa_payload)
{
- u_int32_t lifetime;
- u_int64_t lifebytes;
+ uint32_t lifetime;
+ uint64_t lifebytes;
lifetime = sa_payload->get_lifetime(sa_payload);
lifebytes = sa_payload->get_lifebytes(sa_payload);
@@ -863,7 +863,7 @@ METHOD(task_t, build_i, status_t,
if (group != MODP_NONE)
{
proposal_t *proposal;
- u_int16_t preferred_group;
+ uint16_t preferred_group;
proposal = this->ike_sa->get_proposal(this->ike_sa);
proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP,
@@ -1007,7 +1007,6 @@ static void check_for_rekeyed_child(private_quick_mode_t *this)
{
case CHILD_INSTALLED:
case CHILD_REKEYING:
- case CHILD_REKEYED:
policies = child_sa->create_policy_enumerator(child_sa);
if (policies->enumerate(policies, &local, &remote) &&
local->equals(local, this->tsr) &&
@@ -1026,9 +1025,10 @@ static void check_for_rekeyed_child(private_quick_mode_t *this)
child_sa->get_unique_id(child_sa));
}
policies->destroy(policies);
- break;
- default:
- break;
+ break;
+ case CHILD_REKEYED:
+ default:
+ break;
}
}
}
@@ -1050,8 +1050,8 @@ METHOD(task_t, process_r, status_t,
sa_payload_t *sa_payload;
linked_list_t *tsi, *tsr, *hostsi, *hostsr, *list = NULL;
peer_cfg_t *peer_cfg;
- u_int16_t group;
- bool private;
+ uint16_t group;
+ bool private, prefer_configured;
sa_payload = (sa_payload_t*)message->get_payload(message,
PLV1_SECURITY_ASSOCIATION);
@@ -1109,8 +1109,10 @@ METHOD(task_t, process_r, status_t,
}
private = this->ike_sa->supports_extension(this->ike_sa,
EXT_STRONGSWAN);
- this->proposal = this->config->select_proposal(this->config,
- list, FALSE, private);
+ prefer_configured = lib->settings->get_bool(lib->settings,
+ "%s.prefer_configured_proposals", TRUE, lib->ns);
+ this->proposal = this->config->select_proposal(this->config, list,
+ FALSE, private, prefer_configured);
list->destroy_offset(list, offsetof(proposal_t, destroy));
get_lifetimes(this);
@@ -1323,8 +1325,8 @@ METHOD(task_t, process_i, status_t,
}
private = this->ike_sa->supports_extension(this->ike_sa,
EXT_STRONGSWAN);
- this->proposal = this->config->select_proposal(this->config,
- list, FALSE, private);
+ this->proposal = this->config->select_proposal(this->config, list,
+ FALSE, private, TRUE);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
@@ -1365,14 +1367,14 @@ METHOD(task_t, get_type, task_type_t,
return TASK_QUICK_MODE;
}
-METHOD(quick_mode_t, get_mid, u_int32_t,
+METHOD(quick_mode_t, get_mid, uint32_t,
private_quick_mode_t *this)
{
return this->mid;
}
METHOD(quick_mode_t, use_reqid, void,
- private_quick_mode_t *this, u_int32_t reqid)
+ private_quick_mode_t *this, uint32_t reqid)
{
this->reqid = reqid;
}
@@ -1385,7 +1387,7 @@ METHOD(quick_mode_t, use_marks, void,
}
METHOD(quick_mode_t, rekey, void,
- private_quick_mode_t *this, u_int32_t spi)
+ private_quick_mode_t *this, uint32_t spi)
{
this->rekey = spi;
}
diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.h b/src/libcharon/sa/ikev1/tasks/quick_mode.h
index 062d63465..fe684568a 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.h
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.h
@@ -46,14 +46,14 @@ struct quick_mode_t {
*
* @return message ID, or 0 (not defined yet or as initiator)
*/
- u_int32_t (*get_mid)(quick_mode_t *this);
+ uint32_t (*get_mid)(quick_mode_t *this);
/**
* Use a specific reqid to install this CHILD_SA.
*
* @param reqid reqid to use
*/
- void (*use_reqid)(quick_mode_t *this, u_int32_t reqid);
+ void (*use_reqid)(quick_mode_t *this, uint32_t reqid);
/**
* Use specific mark values, overriding configuration.
@@ -68,7 +68,7 @@ struct quick_mode_t {
*
* @param spi spi of SA to rekey
*/
- void (*rekey)(quick_mode_t *this, u_int32_t spi);
+ void (*rekey)(quick_mode_t *this, uint32_t spi);
};
/**
diff --git a/src/libcharon/sa/ikev1/tasks/xauth.c b/src/libcharon/sa/ikev1/tasks/xauth.c
index ecdfc780d..968b4386c 100644
--- a/src/libcharon/sa/ikev1/tasks/xauth.c
+++ b/src/libcharon/sa/ikev1/tasks/xauth.c
@@ -68,7 +68,7 @@ struct private_xauth_t {
/**
* received identifier
*/
- u_int16_t identifier;
+ uint16_t identifier;
/**
* status of Xauth exchange
diff --git a/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c b/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c
index 91f6187f9..3ab59fada 100644
--- a/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c
+++ b/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c
@@ -104,7 +104,7 @@ struct private_eap_authenticator_t {
* load an EAP method
*/
static eap_method_t *load_method(private_eap_authenticator_t *this,
- eap_type_t type, u_int32_t vendor, eap_role_t role)
+ eap_type_t type, uint32_t vendor, eap_role_t role)
{
identification_t *server, *peer, *aaa;
auth_cfg_t *auth;
@@ -143,7 +143,7 @@ static eap_payload_t* server_initiate_eap(private_eap_authenticator_t *this,
auth_cfg_t *auth;
eap_type_t type;
identification_t *id;
- u_int32_t vendor;
+ uint32_t vendor;
eap_payload_t *out;
char *action;
@@ -237,7 +237,7 @@ static eap_payload_t* server_process_eap(private_eap_authenticator_t *this,
eap_payload_t *in)
{
eap_type_t type, received_type, conf_type;
- u_int32_t vendor, received_vendor, conf_vendor;
+ uint32_t vendor, received_vendor, conf_vendor;
eap_payload_t *out;
auth_cfg_t *auth;
@@ -341,7 +341,7 @@ static eap_payload_t* client_process_eap(private_eap_authenticator_t *this,
eap_payload_t *in)
{
eap_type_t type, conf_type;
- u_int32_t vendor, conf_vendor;
+ uint32_t vendor, conf_vendor;
auth_cfg_t *auth;
eap_payload_t *out;
identification_t *id;
@@ -449,7 +449,7 @@ static bool verify_auth(private_eap_authenticator_t *this, message_t *message,
auth_cfg_t *auth;
keymat_v2_t *keymat;
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
auth_payload = (auth_payload_t*)message->get_payload(message,
PLV2_AUTH);
@@ -595,7 +595,7 @@ METHOD(authenticator_t, process_client, status_t,
}
if (this->require_mutual && !this->method->is_mutual(this->method))
{ /* we require mutual authentication due to EAP-only */
- u_int32_t vendor;
+ uint32_t vendor;
DBG1(DBG_IKE, "EAP-only authentication requires a mutual and "
"MSK deriving EAP method, but %N is not",
@@ -623,7 +623,7 @@ METHOD(authenticator_t, process_client, status_t,
case EAP_SUCCESS:
{
eap_type_t type;
- u_int32_t vendor;
+ uint32_t vendor;
auth_cfg_t *cfg;
if (this->method->get_msk(this->method, &this->msk) == SUCCESS)
@@ -685,7 +685,7 @@ METHOD(authenticator_t, is_mutual, bool,
{
if (this->method)
{
- u_int32_t vendor;
+ uint32_t vendor;
if (this->method->get_type(this->method, &vendor) != EAP_IDENTITY ||
vendor != 0)
diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
index 04ccd4f4f..6fd34e0a6 100644
--- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
+++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
@@ -63,7 +63,7 @@ struct private_pubkey_authenticator_t {
static bool parse_signature_auth_data(chunk_t *auth_data, key_type_t *key_type,
signature_scheme_t *scheme)
{
- u_int8_t len;
+ uint8_t len;
int oid;
if (!auth_data->len)
@@ -91,7 +91,7 @@ static bool build_signature_auth_data(chunk_t *auth_data,
signature_scheme_t scheme)
{
chunk_t data;
- u_int8_t len;
+ uint8_t len;
int oid;
oid = signature_scheme_to_oid(scheme);
diff --git a/src/libcharon/sa/ikev2/connect_manager.c b/src/libcharon/sa/ikev2/connect_manager.c
index 161c4fdaf..280796d8c 100644
--- a/src/libcharon/sa/ikev2/connect_manager.c
+++ b/src/libcharon/sa/ikev2/connect_manager.c
@@ -92,10 +92,10 @@ typedef struct endpoint_pair_t endpoint_pair_t;
*/
struct endpoint_pair_t {
/** pair id */
- u_int32_t id;
+ uint32_t id;
/** priority */
- u_int64_t priority;
+ uint64_t priority;
/** local endpoint */
host_t *local;
@@ -107,7 +107,7 @@ struct endpoint_pair_t {
check_state_t state;
/** number of retransmissions */
- u_int32_t retransmitted;
+ uint32_t retransmitted;
/** the generated packet */
packet_t *packet;
@@ -132,8 +132,8 @@ static endpoint_pair_t *endpoint_pair_create(endpoint_notify_t *initiator,
{
endpoint_pair_t *this;
- u_int32_t pi = initiator->get_priority(initiator);
- u_int32_t pr = responder->get_priority(responder);
+ uint32_t pi = initiator->get_priority(initiator);
+ uint32_t pr = responder->get_priority(responder);
INIT(this,
.priority = pow(2, 32) * min(pi, pr) + 2 * max(pi, pr)
@@ -313,7 +313,7 @@ typedef struct check_t check_t;
*/
struct check_t {
/** message id */
- u_int32_t mid;
+ uint32_t mid;
/** source of the connectivity check */
host_t *src;
@@ -375,7 +375,7 @@ struct callback_data_t {
chunk_t connect_id;
/** message (pair) id */
- u_int32_t mid;
+ uint32_t mid;
};
/**
@@ -406,7 +406,7 @@ static callback_data_t *callback_data_create(private_connect_manager_t *connect_
* Creates a new retransmission data object
*/
static callback_data_t *retransmit_data_create(private_connect_manager_t *connect_manager,
- chunk_t connect_id, u_int32_t mid)
+ chunk_t connect_id, uint32_t mid)
{
callback_data_t *this = callback_data_create(connect_manager, connect_id);
this->mid = mid;
@@ -576,7 +576,7 @@ static status_t get_pair_by_hosts(linked_list_t *pairs, host_t *local,
(void**)pair, local, remote);
}
-static bool match_pair_by_id(endpoint_pair_t *current, u_int32_t *id)
+static bool match_pair_by_id(endpoint_pair_t *current, uint32_t *id)
{
return current->id == *id;
}
@@ -584,7 +584,7 @@ static bool match_pair_by_id(endpoint_pair_t *current, u_int32_t *id)
/**
* Searches for a pair with a specific id
*/
-static status_t get_pair_by_id(check_list_t *checklist, u_int32_t id,
+static status_t get_pair_by_id(check_list_t *checklist, uint32_t id,
endpoint_pair_t **pair)
{
return checklist->pairs->find_first(checklist->pairs,
@@ -669,7 +669,7 @@ static void prune_pairs(linked_list_t *pairs)
{
enumerator_t *enumerator, *search;
endpoint_pair_t *current, *other;
- u_int32_t id = 0;
+ uint32_t id = 0;
enumerator = pairs->create_enumerator(pairs);
search = pairs->create_enumerator(pairs);
@@ -826,7 +826,7 @@ static status_t process_payloads(message_t *message, check_t *check)
static chunk_t build_signature(private_connect_manager_t *this,
check_list_t *checklist, check_t *check, bool outbound)
{
- u_int32_t mid;
+ uint32_t mid;
chunk_t mid_chunk, key_chunk, sig_chunk;
chunk_t sig_hash;
@@ -851,7 +851,7 @@ static chunk_t build_signature(private_connect_manager_t *this,
}
static void queue_retransmission(private_connect_manager_t *this, check_list_t *checklist, endpoint_pair_t *pair);
-static void schedule_checks(private_connect_manager_t *this, check_list_t *checklist, u_int32_t time);
+static void schedule_checks(private_connect_manager_t *this, check_list_t *checklist, uint32_t time);
static void finish_checks(private_connect_manager_t *this, check_list_t *checklist);
/**
@@ -1019,11 +1019,11 @@ static void queue_retransmission(private_connect_manager_t *this, check_list_t *
job = (job_t*)callback_job_create((callback_job_cb_t)retransmit, data,
(callback_job_cleanup_t)callback_data_destroy, NULL);
- u_int32_t retransmission = pair->retransmitted + 1;
- u_int32_t rto = ME_INTERVAL;
+ uint32_t retransmission = pair->retransmitted + 1;
+ uint32_t rto = ME_INTERVAL;
if (retransmission > ME_BOOST)
{
- rto = (u_int32_t)(ME_INTERVAL * pow(ME_RETRANS_BASE, retransmission - ME_BOOST));
+ rto = (uint32_t)(ME_INTERVAL * pow(ME_RETRANS_BASE, retransmission - ME_BOOST));
}
DBG2(DBG_IKE, "scheduling retransmission %d of pair '%d' in %dms",
retransmission, pair->id, rto);
@@ -1165,7 +1165,7 @@ static job_requeue_t sender(callback_data_t *data)
* Schedules checks for a checklist (time in ms)
*/
static void schedule_checks(private_connect_manager_t *this,
- check_list_t *checklist, u_int32_t time)
+ check_list_t *checklist, uint32_t time)
{
callback_data_t *data = callback_data_create(this, checklist->connect_id);
checklist->sender = (job_t*)callback_job_create((callback_job_cb_t)sender,
diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index 55cb5dd9c..e37399841 100644
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -99,8 +99,8 @@ METHOD(keymat_t, create_nonce_gen, nonce_gen_t*,
/**
* Derive IKE keys for a combined AEAD algorithm
*/
-static bool derive_ike_aead(private_keymat_v2_t *this, u_int16_t alg,
- u_int16_t key_size, prf_plus_t *prf_plus)
+static bool derive_ike_aead(private_keymat_v2_t *this, uint16_t alg,
+ uint16_t key_size, prf_plus_t *prf_plus)
{
aead_t *aead_i, *aead_r;
chunk_t key = chunk_empty;
@@ -189,8 +189,8 @@ failure:
/**
* Derive IKE keys for traditional encryption and MAC algorithms
*/
-static bool derive_ike_traditional(private_keymat_v2_t *this, u_int16_t enc_alg,
- u_int16_t enc_size, u_int16_t int_alg, prf_plus_t *prf_plus)
+static bool derive_ike_traditional(private_keymat_v2_t *this, uint16_t enc_alg,
+ uint16_t enc_size, uint16_t int_alg, prf_plus_t *prf_plus)
{
crypter_t *crypter_i = NULL, *crypter_r = NULL;
signer_t *signer_i, *signer_r;
@@ -302,11 +302,11 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
chunk_t skeyseed, key, secret, full_nonce, fixed_nonce, prf_plus_seed;
chunk_t spi_i, spi_r;
prf_plus_t *prf_plus = NULL;
- u_int16_t alg, key_size, int_alg;
+ uint16_t alg, key_size, int_alg;
prf_t *rekey_prf = NULL;
- spi_i = chunk_alloca(sizeof(u_int64_t));
- spi_r = chunk_alloca(sizeof(u_int64_t));
+ spi_i = chunk_alloca(sizeof(uint64_t));
+ spi_r = chunk_alloca(sizeof(uint64_t));
if (!dh->get_shared_secret(dh, &secret))
{
@@ -354,8 +354,8 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
break;
}
fixed_nonce = chunk_cat("cc", nonce_i, nonce_r);
- *((u_int64_t*)spi_i.ptr) = id->get_initiator_spi(id);
- *((u_int64_t*)spi_r.ptr) = id->get_responder_spi(id);
+ *((uint64_t*)spi_i.ptr) = id->get_initiator_spi(id);
+ *((uint64_t*)spi_r.ptr) = id->get_responder_spi(id);
prf_plus_seed = chunk_cat("ccc", full_nonce, spi_i, spi_r);
/* KEYMAT = prf+ (SKEYSEED, Ni | Nr | SPIi | SPIr)
@@ -489,7 +489,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
chunk_t nonce_i, chunk_t nonce_r, chunk_t *encr_i, chunk_t *integ_i,
chunk_t *encr_r, chunk_t *integ_r)
{
- u_int16_t enc_alg, int_alg, enc_size = 0, int_size = 0;
+ uint16_t enc_alg, int_alg, enc_size = 0, int_size = 0;
chunk_t seed, secret = chunk_empty;
prf_plus_t *prf_plus;
diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
index c2f972ab1..41a4e1b75 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2007-2015 Tobias Brunner
+ * Copyright (C) 2007-2016 Tobias Brunner
* Copyright (C) 2007-2010 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -43,30 +43,14 @@
#include <encoding/payloads/unknown_payload.h>
#include <processing/jobs/retransmit_job.h>
#include <processing/jobs/delete_ike_sa_job.h>
+#include <processing/jobs/initiate_tasks_job.h>
#ifdef ME
#include <sa/ikev2/tasks/ike_me.h>
#endif
-typedef struct exchange_t exchange_t;
-
-/**
- * An exchange in the air, used do detect and handle retransmission
- */
-struct exchange_t {
-
- /**
- * Message ID used for this transaction
- */
- u_int32_t mid;
-
- /**
- * generated packet for retransmission
- */
- packet_t *packet;
-};
-
typedef struct private_task_manager_t private_task_manager_t;
+typedef struct queued_task_t queued_task_t;
/**
* private data of the task manager
@@ -90,7 +74,7 @@ struct private_task_manager_t {
/**
* Message ID of the exchange
*/
- u_int32_t mid;
+ uint32_t mid;
/**
* packet(s) for retransmission
@@ -111,7 +95,7 @@ struct private_task_manager_t {
/**
* Message ID of the exchange
*/
- u_int32_t mid;
+ uint32_t mid;
/**
* how many times we have retransmitted so far
@@ -182,6 +166,22 @@ struct private_task_manager_t {
};
/**
+ * Queued tasks
+ */
+struct queued_task_t {
+
+ /**
+ * Queued task
+ */
+ task_t *task;
+
+ /**
+ * Time before which the task is not to be initiated
+ */
+ timeval_t time;
+};
+
+/**
* Reset retransmission packet list
*/
static void clear_packets(array_t *array)
@@ -216,6 +216,12 @@ METHOD(task_manager_t, flush_queue, void,
}
while (array_remove(array, ARRAY_TAIL, &task))
{
+ if (queue == TASK_QUEUE_QUEUED)
+ {
+ queued_task_t *queued = (queued_task_t*)task;
+ task = queued->task;
+ free(queued);
+ }
task->destroy(task);
}
}
@@ -229,22 +235,28 @@ METHOD(task_manager_t, flush, void,
}
/**
- * move a task of a specific type from the queue to the active list
+ * Move a task of a specific type from the queue to the active list, if it is
+ * not delayed.
*/
static bool activate_task(private_task_manager_t *this, task_type_t type)
{
enumerator_t *enumerator;
- task_t *task;
+ queued_task_t *queued;
+ timeval_t now;
bool found = FALSE;
+ time_monotonic(&now);
+
enumerator = array_create_enumerator(this->queued_tasks);
- while (enumerator->enumerate(enumerator, (void**)&task))
+ while (enumerator->enumerate(enumerator, (void**)&queued))
{
- if (task->get_type(task) == type)
+ if (queued->task->get_type(queued->task) == type &&
+ !timercmp(&now, &queued->time, <))
{
DBG2(DBG_IKE, " activating %N task", task_type_names, type);
array_remove_at(this->queued_tasks, enumerator);
- array_insert(this->active_tasks, ARRAY_TAIL, task);
+ array_insert(this->active_tasks, ARRAY_TAIL, queued->task);
+ free(queued);
found = TRUE;
break;
}
@@ -303,12 +315,12 @@ static bool generate_message(private_task_manager_t *this, message_t *message,
}
METHOD(task_manager_t, retransmit, status_t,
- private_task_manager_t *this, u_int32_t message_id)
+ private_task_manager_t *this, uint32_t message_id)
{
if (message_id == this->initiating.mid &&
array_count(this->initiating.packets))
{
- u_int32_t timeout;
+ uint32_t timeout;
job_t *job;
enumerator_t *enumerator;
packet_t *packet;
@@ -336,7 +348,7 @@ METHOD(task_manager_t, retransmit, status_t,
{
if (this->initiating.retransmitted <= this->retransmit_tries)
{
- timeout = (u_int32_t)(this->retransmit_timeout * 1000.0 *
+ timeout = (uint32_t)(this->retransmit_timeout * 1000.0 *
pow(this->retransmit_base, this->initiating.retransmitted));
}
else
@@ -352,7 +364,8 @@ METHOD(task_manager_t, retransmit, status_t,
{
DBG1(DBG_IKE, "retransmit %d of request with message ID %d",
this->initiating.retransmitted, message_id);
- charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND, packet);
+ charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND, packet,
+ this->initiating.retransmitted);
}
if (!mobike)
{
@@ -534,6 +547,7 @@ METHOD(task_manager_t, initiate, status_t,
break;
}
case IKE_REKEYING:
+ case IKE_REKEYED:
if (activate_task(this, TASK_IKE_DELETE))
{
exchange = INFORMATIONAL;
@@ -610,7 +624,8 @@ METHOD(task_manager_t, initiate, status_t,
case FAILED:
default:
this->initiating.type = EXCHANGE_TYPE_UNDEFINED;
- if (this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING)
+ if (this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING &&
+ this->ike_sa->get_state(this->ike_sa) != IKE_REKEYED)
{
charon->bus->ike_updown(charon->bus, this->ike_sa, FALSE);
}
@@ -694,6 +709,13 @@ static status_t process_response(private_task_manager_t *this,
}
enumerator->destroy(enumerator);
+ if (this->initiating.retransmitted)
+ {
+ packet_t *packet = NULL;
+ array_get(this->initiating.packets, 0, &packet);
+ charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_CLEARED, packet);
+ }
+
/* catch if we get resetted while processing */
this->reset = FALSE;
enumerator = array_create_enumerator(this->active_tasks);
@@ -751,8 +773,7 @@ static bool handle_collisions(private_task_manager_t *this, task_t *task)
/* do we have to check */
if (type == TASK_IKE_REKEY || type == TASK_CHILD_REKEY ||
- type == TASK_CHILD_DELETE || type == TASK_IKE_DELETE ||
- type == TASK_IKE_REAUTH)
+ type == TASK_CHILD_DELETE || type == TASK_IKE_DELETE)
{
/* find an exchange collision, and notify these tasks */
enumerator = array_create_enumerator(this->active_tasks);
@@ -761,8 +782,7 @@ static bool handle_collisions(private_task_manager_t *this, task_t *task)
switch (active->get_type(active))
{
case TASK_IKE_REKEY:
- if (type == TASK_IKE_REKEY || type == TASK_IKE_DELETE ||
- type == TASK_IKE_REAUTH)
+ if (type == TASK_IKE_REKEY || type == TASK_IKE_DELETE)
{
ike_rekey_t *rekey = (ike_rekey_t*)active;
rekey->collide(rekey, task);
@@ -799,7 +819,7 @@ static status_t build_response(private_task_manager_t *this, message_t *request)
host_t *me, *other;
bool delete = FALSE, hook = FALSE;
ike_sa_id_t *id = NULL;
- u_int64_t responder_spi = 0;
+ uint64_t responder_spi = 0;
bool result;
me = request->get_destination(request);
@@ -839,6 +859,10 @@ static status_t build_response(private_task_manager_t *this, message_t *request)
/* FALL */
case DESTROY_ME:
/* destroy IKE_SA, but SEND response first */
+ if (handle_collisions(this, task))
+ {
+ array_remove_at(this->passive_tasks, enumerator);
+ }
delete = TRUE;
break;
}
@@ -901,9 +925,11 @@ static status_t process_request(private_task_manager_t *this,
payload_t *payload;
notify_payload_t *notify;
delete_payload_t *delete;
+ ike_sa_state_t state;
if (array_count(this->passive_tasks) == 0)
{ /* create tasks depending on request type, if not already some queued */
+ state = this->ike_sa->get_state(this->ike_sa);
switch (message->get_exchange_type(message))
{
case IKE_SA_INIT:
@@ -939,8 +965,8 @@ static status_t process_request(private_task_manager_t *this,
{ /* FIXME: we should prevent this on mediation connections */
bool notify_found = FALSE, ts_found = FALSE;
- if (this->ike_sa->get_state(this->ike_sa) == IKE_CREATED ||
- this->ike_sa->get_state(this->ike_sa) == IKE_CONNECTING)
+ if (state == IKE_CREATED ||
+ state == IKE_CONNECTING)
{
DBG1(DBG_IKE, "received CREATE_CHILD_SA request for "
"unestablished IKE_SA, rejected");
@@ -1005,6 +1031,14 @@ static status_t process_request(private_task_manager_t *this,
case PLV2_NOTIFY:
{
notify = (notify_payload_t*)payload;
+ if (state == IKE_REKEYED)
+ {
+ DBG1(DBG_IKE, "received unexpected notify %N "
+ "for rekeyed IKE_SA, ignored",
+ notify_type_names,
+ notify->get_notify_type(notify));
+ break;
+ }
switch (notify->get_notify_type(notify))
{
case ADDITIONAL_IP4_ADDRESS:
@@ -1252,7 +1286,7 @@ static void send_notify_response(private_task_manager_t *this,
static status_t parse_message(private_task_manager_t *this, message_t *msg)
{
status_t status;
- u_int8_t type = 0;
+ uint8_t type = 0;
status = msg->parse_body(msg, this->ike_sa->get_keymat(this->ike_sa));
@@ -1345,8 +1379,10 @@ METHOD(task_manager_t, process_message, status_t,
{
host_t *me, *other;
status_t status;
- u_int32_t mid;
+ uint32_t mid;
bool schedule_delete_job = FALSE;
+ ike_sa_state_t state;
+ exchange_type_t type;
charon->bus->message(charon->bus, msg, TRUE, FALSE);
status = parse_message(this, msg);
@@ -1387,15 +1423,16 @@ METHOD(task_manager_t, process_message, status_t,
{
if (mid == this->responding.mid)
{
- /* reject initial messages if not received in specific states */
- if ((msg->get_exchange_type(msg) == IKE_SA_INIT &&
- this->ike_sa->get_state(this->ike_sa) != IKE_CREATED) ||
- (msg->get_exchange_type(msg) == IKE_AUTH &&
- this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING))
+ /* reject initial messages if not received in specific states,
+ * after rekeying we only expect a DELETE in an INFORMATIONAL */
+ type = msg->get_exchange_type(msg);
+ state = this->ike_sa->get_state(this->ike_sa);
+ if ((type == IKE_SA_INIT && state != IKE_CREATED) ||
+ (type == IKE_AUTH && state != IKE_CONNECTING) ||
+ (state == IKE_REKEYED && type != INFORMATIONAL))
{
DBG1(DBG_IKE, "ignoring %N in IKE_SA state %N",
- exchange_type_names, msg->get_exchange_type(msg),
- ike_sa_state_names, this->ike_sa->get_state(this->ike_sa));
+ exchange_type_names, type, ike_sa_state_names, state);
return FAILED;
}
if (!this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
@@ -1499,18 +1536,19 @@ METHOD(task_manager_t, process_message, status_t,
return SUCCESS;
}
-METHOD(task_manager_t, queue_task, void,
- private_task_manager_t *this, task_t *task)
+METHOD(task_manager_t, queue_task_delayed, void,
+ private_task_manager_t *this, task_t *task, uint32_t delay)
{
+ enumerator_t *enumerator;
+ queued_task_t *queued;
+ timeval_t time;
+
if (task->get_type(task) == TASK_IKE_MOBIKE)
{ /* there is no need to queue more than one mobike task */
- enumerator_t *enumerator;
- task_t *current;
-
enumerator = array_create_enumerator(this->queued_tasks);
- while (enumerator->enumerate(enumerator, &current))
+ while (enumerator->enumerate(enumerator, &queued))
{
- if (current->get_type(current) == TASK_IKE_MOBIKE)
+ if (queued->task->get_type(queued->task) == TASK_IKE_MOBIKE)
{
enumerator->destroy(enumerator);
task->destroy(task);
@@ -1519,8 +1557,35 @@ METHOD(task_manager_t, queue_task, void,
}
enumerator->destroy(enumerator);
}
- DBG2(DBG_IKE, "queueing %N task", task_type_names, task->get_type(task));
- array_insert(this->queued_tasks, ARRAY_TAIL, task);
+ time_monotonic(&time);
+ if (delay)
+ {
+ job_t *job;
+
+ DBG2(DBG_IKE, "queueing %N task (delayed by %us)", task_type_names,
+ task->get_type(task), delay);
+ time.tv_sec += delay;
+
+ job = (job_t*)initiate_tasks_job_create(
+ this->ike_sa->get_id(this->ike_sa));
+ lib->scheduler->schedule_job_tv(lib->scheduler, job, time);
+ }
+ else
+ {
+ DBG2(DBG_IKE, "queueing %N task", task_type_names,
+ task->get_type(task));
+ }
+ INIT(queued,
+ .task = task,
+ .time = time,
+ );
+ array_insert(this->queued_tasks, ARRAY_TAIL, queued);
+}
+
+METHOD(task_manager_t, queue_task, void,
+ private_task_manager_t *this, task_t *task)
+{
+ queue_task_delayed(this, task, 0);
}
/**
@@ -1530,12 +1595,12 @@ static bool has_queued(private_task_manager_t *this, task_type_t type)
{
enumerator_t *enumerator;
bool found = FALSE;
- task_t *task;
+ queued_task_t *queued;
enumerator = array_create_enumerator(this->queued_tasks);
- while (enumerator->enumerate(enumerator, &task))
+ while (enumerator->enumerate(enumerator, &queued))
{
- if (task->get_type(task) == type)
+ if (queued->task->get_type(queued->task) == type)
{
found = TRUE;
break;
@@ -1614,7 +1679,7 @@ static void trigger_mbb_reauth(private_task_manager_t *this)
child_cfg_t *cfg;
ike_sa_t *new;
host_t *host;
- task_t *task;
+ queued_task_t *queued;
new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
this->ike_sa->get_version(this->ike_sa), TRUE);
@@ -1645,13 +1710,14 @@ static void trigger_mbb_reauth(private_task_manager_t *this)
enumerator->destroy(enumerator);
enumerator = array_create_enumerator(this->queued_tasks);
- while (enumerator->enumerate(enumerator, &task))
+ while (enumerator->enumerate(enumerator, &queued))
{
- if (task->get_type(task) == TASK_CHILD_CREATE)
+ if (queued->task->get_type(queued->task) == TASK_CHILD_CREATE)
{
- task->migrate(task, new);
- new->queue_task(new, task);
+ queued->task->migrate(queued->task, new);
+ new->queue_task(new, queued->task);
array_remove_at(this->queued_tasks, enumerator);
+ free(queued);
}
}
enumerator->destroy(enumerator);
@@ -1726,7 +1792,7 @@ METHOD(task_manager_t, queue_mobike, void,
}
METHOD(task_manager_t, queue_child, void,
- private_task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
+ private_task_manager_t *this, child_cfg_t *cfg, uint32_t reqid,
traffic_selector_t *tsi, traffic_selector_t *tsr)
{
child_create_t *task;
@@ -1740,13 +1806,13 @@ METHOD(task_manager_t, queue_child, void,
}
METHOD(task_manager_t, queue_child_rekey, void,
- private_task_manager_t *this, protocol_id_t protocol, u_int32_t spi)
+ private_task_manager_t *this, protocol_id_t protocol, uint32_t spi)
{
queue_task(this, (task_t*)child_rekey_create(this->ike_sa, protocol, spi));
}
METHOD(task_manager_t, queue_child_delete, void,
- private_task_manager_t *this, protocol_id_t protocol, u_int32_t spi,
+ private_task_manager_t *this, protocol_id_t protocol, uint32_t spi,
bool expired)
{
queue_task(this, (task_t*)child_delete_create(this->ike_sa,
@@ -1776,34 +1842,62 @@ METHOD(task_manager_t, adopt_tasks, void,
private_task_manager_t *this, task_manager_t *other_public)
{
private_task_manager_t *other = (private_task_manager_t*)other_public;
- task_t *task;
+ queued_task_t *queued;
+ timeval_t now;
+
+ time_monotonic(&now);
/* move queued tasks from other to this */
- while (array_remove(other->queued_tasks, ARRAY_TAIL, &task))
+ while (array_remove(other->queued_tasks, ARRAY_TAIL, &queued))
{
- DBG2(DBG_IKE, "migrating %N task", task_type_names, task->get_type(task));
- task->migrate(task, this->ike_sa);
- array_insert(this->queued_tasks, ARRAY_HEAD, task);
+ DBG2(DBG_IKE, "migrating %N task", task_type_names,
+ queued->task->get_type(queued->task));
+ queued->task->migrate(queued->task, this->ike_sa);
+ /* don't delay tasks on the new IKE_SA */
+ queued->time = now;
+ array_insert(this->queued_tasks, ARRAY_HEAD, queued);
}
}
/**
- * Migrates child-creating tasks from src to dst
+ * Migrates child-creating tasks from other to this
*/
static void migrate_child_tasks(private_task_manager_t *this,
- array_t *src, array_t *dst)
+ private_task_manager_t *other,
+ task_queue_t queue)
{
enumerator_t *enumerator;
+ array_t *array;
task_t *task;
- enumerator = array_create_enumerator(src);
+ switch (queue)
+ {
+ case TASK_QUEUE_ACTIVE:
+ array = other->active_tasks;
+ break;
+ case TASK_QUEUE_QUEUED:
+ array = other->queued_tasks;
+ break;
+ default:
+ return;
+ }
+
+ enumerator = array_create_enumerator(array);
while (enumerator->enumerate(enumerator, &task))
{
+ queued_task_t *queued = NULL;
+
+ if (queue == TASK_QUEUE_QUEUED)
+ {
+ queued = (queued_task_t*)task;
+ task = queued->task;
+ }
if (task->get_type(task) == TASK_CHILD_CREATE)
{
- array_remove_at(src, enumerator);
+ array_remove_at(array, enumerator);
task->migrate(task, this->ike_sa);
- array_insert(dst, ARRAY_TAIL, task);
+ queue_task(this, task);
+ free(queued);
}
}
enumerator->destroy(enumerator);
@@ -1815,9 +1909,9 @@ METHOD(task_manager_t, adopt_child_tasks, void,
private_task_manager_t *other = (private_task_manager_t*)other_public;
/* move active child tasks from other to this */
- migrate_child_tasks(this, other->active_tasks, this->queued_tasks);
+ migrate_child_tasks(this, other, TASK_QUEUE_ACTIVE);
/* do the same for queued tasks */
- migrate_child_tasks(this, other->queued_tasks, this->queued_tasks);
+ migrate_child_tasks(this, other, TASK_QUEUE_QUEUED);
}
METHOD(task_manager_t, busy, bool,
@@ -1827,10 +1921,12 @@ METHOD(task_manager_t, busy, bool,
}
METHOD(task_manager_t, reset, void,
- private_task_manager_t *this, u_int32_t initiate, u_int32_t respond)
+ private_task_manager_t *this, uint32_t initiate, uint32_t respond)
{
enumerator_t *enumerator;
+ queued_task_t *queued;
task_t *task;
+ timeval_t now;
/* reset message counters and retransmit packets */
clear_packets(this->responding.packets);
@@ -1849,11 +1945,13 @@ METHOD(task_manager_t, reset, void,
}
this->initiating.type = EXCHANGE_TYPE_UNDEFINED;
+ time_monotonic(&now);
/* reset queued tasks */
enumerator = array_create_enumerator(this->queued_tasks);
- while (enumerator->enumerate(enumerator, &task))
+ while (enumerator->enumerate(enumerator, &queued))
{
- task->migrate(task, this->ike_sa);
+ queued->time = now;
+ queued->task->migrate(queued->task, this->ike_sa);
}
enumerator->destroy(enumerator);
@@ -1861,12 +1959,25 @@ METHOD(task_manager_t, reset, void,
while (array_remove(this->active_tasks, ARRAY_TAIL, &task))
{
task->migrate(task, this->ike_sa);
- array_insert(this->queued_tasks, ARRAY_HEAD, task);
+ INIT(queued,
+ .task = task,
+ .time = now,
+ );
+ array_insert(this->queued_tasks, ARRAY_HEAD, queued);
}
this->reset = TRUE;
}
+/**
+ * Filter queued tasks
+ */
+static bool filter_queued(void *unused, queued_task_t **queued, task_t **task)
+{
+ *task = (*queued)->task;
+ return TRUE;
+}
+
METHOD(task_manager_t, create_task_enumerator, enumerator_t*,
private_task_manager_t *this, task_queue_t queue)
{
@@ -1877,7 +1988,9 @@ METHOD(task_manager_t, create_task_enumerator, enumerator_t*,
case TASK_QUEUE_PASSIVE:
return array_create_enumerator(this->passive_tasks);
case TASK_QUEUE_QUEUED:
- return array_create_enumerator(this->queued_tasks);
+ return enumerator_create_filter(
+ array_create_enumerator(this->queued_tasks),
+ (void*)filter_queued, NULL, NULL);
default:
return enumerator_create_empty();
}
@@ -1913,6 +2026,7 @@ task_manager_v2_t *task_manager_v2_create(ike_sa_t *ike_sa)
.task_manager = {
.process_message = _process_message,
.queue_task = _queue_task,
+ .queue_task_delayed = _queue_task_delayed,
.queue_ike = _queue_ike,
.queue_ike_rekey = _queue_ike_rekey,
.queue_ike_reauth = _queue_ike_reauth,
diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index 3d4ded944..64a82850b 100644
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -1,8 +1,8 @@
/*
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -29,7 +29,7 @@
#include <encoding/payloads/delete_payload.h>
#include <processing/jobs/delete_ike_sa_job.h>
#include <processing/jobs/inactivity_job.h>
-
+#include <processing/jobs/initiate_tasks_job.h>
typedef struct private_child_create_t private_child_create_t;
@@ -151,27 +151,27 @@ struct private_child_create_t {
/**
* Own allocated SPI
*/
- u_int32_t my_spi;
+ uint32_t my_spi;
/**
* SPI received in proposal
*/
- u_int32_t other_spi;
+ uint32_t other_spi;
/**
* Own allocated Compression Parameter Index (CPI)
*/
- u_int16_t my_cpi;
+ uint16_t my_cpi;
/**
* Other Compression Parameter Index (CPI), received via IPCOMP_SUPPORTED
*/
- u_int16_t other_cpi;
+ uint16_t other_cpi;
/**
* reqid to use if we are rekeying
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* Explicit inbound mark value
@@ -205,6 +205,25 @@ struct private_child_create_t {
};
/**
+ * Schedule a retry if creating the CHILD_SA temporary failed
+ */
+static void schedule_delayed_retry(private_child_create_t *this)
+{
+ child_create_t *task;
+ uint32_t retry;
+
+ retry = RETRY_INTERVAL - (random() % RETRY_JITTER);
+
+ task = child_create_create(this->ike_sa,
+ this->config->get_ref(this->config), FALSE,
+ this->packet_tsi, this->packet_tsr);
+ task->use_reqid(task, this->reqid);
+ DBG1(DBG_IKE, "creating CHILD_SA failed, trying again in %d seconds",
+ retry);
+ this->ike_sa->queue_task_delayed(this->ike_sa, (task_t*)task, retry);
+}
+
+/**
* get the nonce from a message
*/
static status_t get_nonce(message_t *message, chunk_t *nonce)
@@ -306,7 +325,7 @@ static bool allocate_spi(private_child_create_t *this)
*/
static void schedule_inactivity_timeout(private_child_create_t *this)
{
- u_int32_t timeout, id;
+ uint32_t timeout, id;
bool close_ike;
timeout = this->config->get_inactivity(this->config);
@@ -386,7 +405,7 @@ static linked_list_t* get_transport_nat_ts(private_child_create_t *this,
linked_list_t *out;
traffic_selector_t *ts;
host_t *ike, *first = NULL;
- u_int8_t mask;
+ uint8_t mask;
if (local)
{
@@ -464,7 +483,7 @@ static status_t select_and_install(private_child_create_t *this,
chunk_t integ_i = chunk_empty, integ_r = chunk_empty;
linked_list_t *my_ts, *other_ts;
host_t *me, *other;
- bool private;
+ bool private, prefer_configured;
if (this->proposals == NULL)
{
@@ -481,8 +500,10 @@ static status_t select_and_install(private_child_create_t *this,
other = this->ike_sa->get_other_host(this->ike_sa);
private = this->ike_sa->supports_extension(this->ike_sa, EXT_STRONGSWAN);
+ prefer_configured = lib->settings->get_bool(lib->settings,
+ "%s.prefer_configured_proposals", TRUE, lib->ns);
this->proposal = this->config->select_proposal(this->config,
- this->proposals, no_dh, private);
+ this->proposals, no_dh, private, prefer_configured);
if (this->proposal == NULL)
{
DBG1(DBG_IKE, "no acceptable proposal found");
@@ -501,7 +522,7 @@ static status_t select_and_install(private_child_create_t *this,
if (!this->proposal->has_dh_group(this->proposal, this->dh_group))
{
- u_int16_t group;
+ uint16_t group;
if (this->proposal->get_algorithm(this->proposal, DIFFIE_HELLMAN_GROUP,
&group, NULL))
@@ -798,7 +819,7 @@ static bool build_payloads(private_child_create_t *this, message_t *message)
* Adds an IPCOMP_SUPPORTED notify to the message, allocating a CPI
*/
static void add_ipcomp_notify(private_child_create_t *this,
- message_t *message, u_int8_t ipcomp)
+ message_t *message, uint8_t ipcomp)
{
this->my_cpi = this->child_sa->alloc_cpi(this->child_sa);
if (this->my_cpi)
@@ -838,11 +859,11 @@ static void handle_notify(private_child_create_t *this, notify_payload_t *notify
case IPCOMP_SUPPORTED:
{
ipcomp_transform_t ipcomp;
- u_int16_t cpi;
+ uint16_t cpi;
chunk_t data;
data = notify->get_notification_data(notify);
- cpi = *(u_int16_t*)data.ptr;
+ cpi = *(uint16_t*)data.ptr;
ipcomp = (ipcomp_transform_t)(*(data.ptr + 2));
switch (ipcomp)
{
@@ -1232,13 +1253,13 @@ METHOD(task_t, build_r, status_t,
if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING)
{
DBG1(DBG_IKE, "unable to create CHILD_SA while rekeying IKE_SA");
- message->add_notify(message, TRUE, NO_ADDITIONAL_SAS, chunk_empty);
+ message->add_notify(message, TRUE, TEMPORARY_FAILURE, chunk_empty);
return SUCCESS;
}
if (this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
{
DBG1(DBG_IKE, "unable to create CHILD_SA while deleting IKE_SA");
- message->add_notify(message, TRUE, NO_ADDITIONAL_SAS, chunk_empty);
+ message->add_notify(message, TRUE, TEMPORARY_FAILURE, chunk_empty);
return SUCCESS;
}
@@ -1310,7 +1331,7 @@ METHOD(task_t, build_r, status_t,
return SUCCESS;
case INVALID_ARG:
{
- u_int16_t group = htons(this->dh_group);
+ uint16_t group = htons(this->dh_group);
message->add_notify(message, FALSE, INVALID_KE_PAYLOAD,
chunk_from_thing(group));
handle_child_sa_failure(this, message);
@@ -1441,10 +1462,21 @@ METHOD(task_t, process_i, status_t,
/* an error in CHILD_SA creation is not critical */
return SUCCESS;
}
+ case TEMPORARY_FAILURE:
+ {
+ DBG1(DBG_IKE, "received %N notify, will retry later",
+ notify_type_names, type);
+ enumerator->destroy(enumerator);
+ if (!this->rekey)
+ { /* the rekey task will retry itself if necessary */
+ schedule_delayed_retry(this);
+ }
+ return SUCCESS;
+ }
case INVALID_KE_PAYLOAD:
{
chunk_t data;
- u_int16_t group = MODP_NONE;
+ uint16_t group = MODP_NONE;
data = notify->get_notification_data(notify);
if (data.len == sizeof(group))
@@ -1529,7 +1561,7 @@ METHOD(task_t, process_i, status_t,
}
METHOD(child_create_t, use_reqid, void,
- private_child_create_t *this, u_int32_t reqid)
+ private_child_create_t *this, uint32_t reqid)
{
this->reqid = reqid;
}
diff --git a/src/libcharon/sa/ikev2/tasks/child_create.h b/src/libcharon/sa/ikev2/tasks/child_create.h
index 46d9403ee..f48d7b0a9 100644
--- a/src/libcharon/sa/ikev2/tasks/child_create.h
+++ b/src/libcharon/sa/ikev2/tasks/child_create.h
@@ -49,7 +49,7 @@ struct child_create_t {
*
* @param reqid reqid to use
*/
- void (*use_reqid) (child_create_t *this, u_int32_t reqid);
+ void (*use_reqid) (child_create_t *this, uint32_t reqid);
/**
* Use specific mark values to override configuration.
diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.c b/src/libcharon/sa/ikev2/tasks/child_delete.c
index 877ae0531..6fa8836ac 100644
--- a/src/libcharon/sa/ikev2/tasks/child_delete.c
+++ b/src/libcharon/sa/ikev2/tasks/child_delete.c
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2009-2016 Tobias Brunner
* Copyright (C) 2006-2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -18,7 +19,7 @@
#include <daemon.h>
#include <encoding/payloads/delete_payload.h>
#include <sa/ikev2/tasks/child_create.h>
-
+#include <sa/ikev2/tasks/child_rekey.h>
typedef struct private_child_delete_t private_child_delete_t;
@@ -50,7 +51,7 @@ struct private_child_delete_t {
/**
* Inbound SPI of CHILD_SA to delete
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* whether to enforce delete action policy
@@ -86,7 +87,7 @@ static void build_payloads(private_child_delete_t *this, message_t *message)
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
protocol_id_t protocol = child_sa->get_protocol(child_sa);
- u_int32_t spi = child_sa->get_spi(child_sa, TRUE);
+ uint32_t spi = child_sa->get_spi(child_sa, TRUE);
switch (protocol)
{
@@ -119,6 +120,33 @@ static void build_payloads(private_child_delete_t *this, message_t *message)
}
/**
+ * Check if the given CHILD_SA is the redundant SA created in a rekey collision.
+ */
+static bool is_redundant(private_child_delete_t *this, child_sa_t *child)
+{
+ enumerator_t *tasks;
+ task_t *task;
+
+ tasks = this->ike_sa->create_task_enumerator(this->ike_sa,
+ TASK_QUEUE_ACTIVE);
+ while (tasks->enumerate(tasks, &task))
+ {
+ if (task->get_type(task) == TASK_CHILD_REKEY)
+ {
+ child_rekey_t *rekey = (child_rekey_t*)task;
+
+ if (rekey->is_redundant(rekey, child))
+ {
+ tasks->destroy(tasks);
+ return TRUE;
+ }
+ }
+ }
+ tasks->destroy(tasks);
+ return FALSE;
+}
+
+/**
* read in payloads and find the children to delete
*/
static void process_payloads(private_child_delete_t *this, message_t *message)
@@ -126,7 +154,7 @@ static void process_payloads(private_child_delete_t *this, message_t *message)
enumerator_t *payloads, *spis;
payload_t *payload;
delete_payload_t *delete_payload;
- u_int32_t spi;
+ uint32_t spi;
protocol_id_t protocol;
child_sa_t *child_sa;
@@ -157,24 +185,31 @@ static void process_payloads(private_child_delete_t *this, message_t *message)
switch (child_sa->get_state(child_sa))
{
- case CHILD_REKEYING:
+ case CHILD_REKEYED:
this->rekeyed = TRUE;
- /* we reply as usual, rekeying will fail */
break;
case CHILD_DELETING:
/* we don't send back a delete if we initiated ourself */
if (!this->initiator)
{
- this->ike_sa->destroy_child_sa(this->ike_sa,
- protocol, spi);
continue;
}
/* fall through */
+ case CHILD_REKEYING:
+ /* we reply as usual, rekeying will fail */
case CHILD_INSTALLED:
if (!this->initiator)
- { /* reestablish installed children if required */
- this->check_delete_action = TRUE;
+ {
+ if (is_redundant(this, child_sa))
+ {
+ this->rekeyed = TRUE;
+ }
+ else
+ {
+ this->check_delete_action = TRUE;
+ }
}
+ break;
default:
break;
}
@@ -199,14 +234,14 @@ static status_t destroy_and_reestablish(private_child_delete_t *this)
child_sa_t *child_sa;
child_cfg_t *child_cfg;
protocol_id_t protocol;
- u_int32_t spi, reqid;
+ uint32_t spi, reqid;
action_t action;
status_t status = SUCCESS;
enumerator = this->child_sas->create_enumerator(this->child_sas);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
- /* signal child down event if we are not rekeying */
+ /* signal child down event if we weren't rekeying */
if (!this->rekeyed)
{
charon->bus->child_updown(charon->bus, child_sa, FALSE);
@@ -254,7 +289,7 @@ static void log_children(private_child_delete_t *this)
linked_list_t *my_ts, *other_ts;
enumerator_t *enumerator;
child_sa_t *child_sa;
- u_int64_t bytes_in, bytes_out;
+ uint64_t bytes_in, bytes_out;
enumerator = this->child_sas->create_enumerator(this->child_sas);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
@@ -308,7 +343,7 @@ METHOD(task_t, build_i, status_t,
this->spi = child_sa->get_spi(child_sa, TRUE);
}
this->child_sas->insert_last(this->child_sas, child_sa);
- if (child_sa->get_state(child_sa) == CHILD_REKEYING)
+ if (child_sa->get_state(child_sa) == CHILD_REKEYED)
{
this->rekeyed = TRUE;
}
@@ -347,11 +382,7 @@ METHOD(task_t, process_r, status_t,
METHOD(task_t, build_r, status_t,
private_child_delete_t *this, message_t *message)
{
- /* if we are rekeying, we send an empty informational */
- if (this->ike_sa->get_state(this->ike_sa) != IKE_REKEYING)
- {
- build_payloads(this, message);
- }
+ build_payloads(this, message);
DBG1(DBG_IKE, "CHILD_SA closed");
return destroy_and_reestablish(this);
}
@@ -391,7 +422,7 @@ METHOD(task_t, destroy, void,
* Described in header.
*/
child_delete_t *child_delete_create(ike_sa_t *ike_sa, protocol_id_t protocol,
- u_int32_t spi, bool expired)
+ uint32_t spi, bool expired)
{
private_child_delete_t *this;
diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.h b/src/libcharon/sa/ikev2/tasks/child_delete.h
index 1ada0699e..1e9b2d2f7 100644
--- a/src/libcharon/sa/ikev2/tasks/child_delete.h
+++ b/src/libcharon/sa/ikev2/tasks/child_delete.h
@@ -56,6 +56,6 @@ struct child_delete_t {
* @return child_delete task to handle by the task_manager
*/
child_delete_t *child_delete_create(ike_sa_t *ike_sa, protocol_id_t protocol,
- u_int32_t spi, bool expired);
+ uint32_t spi, bool expired);
#endif /** CHILD_DELETE_H_ @}*/
diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
index 6f0c2b2c7..c04ec141f 100644
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
@@ -1,7 +1,8 @@
/*
+ * Copyright (C) 2009-2016 Tobias Brunner
* Copyright (C) 2005-2007 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -54,7 +55,7 @@ struct private_child_rekey_t {
/**
* Inbound SPI of CHILD_SA to rekey
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* the CHILD_CREATE task which is reused to simplify rekeying
@@ -91,7 +92,7 @@ struct private_child_rekey_t {
*/
static void schedule_delayed_rekey(private_child_rekey_t *this)
{
- u_int32_t retry;
+ uint32_t retry;
job_t *job;
retry = RETRY_INTERVAL - (random() % RETRY_JITTER);
@@ -130,7 +131,7 @@ static void find_child(private_child_rekey_t *this, message_t *message)
{
notify_payload_t *notify;
protocol_id_t protocol;
- u_int32_t spi;
+ uint32_t spi;
notify = message->get_notify(message, REKEY_SA);
if (notify)
@@ -150,7 +151,7 @@ METHOD(task_t, build_i, status_t,
private_child_rekey_t *this, message_t *message)
{
notify_payload_t *notify;
- u_int32_t reqid;
+ uint32_t reqid;
child_cfg_t *config;
this->child_sa = this->ike_sa->get_child_sa(this->ike_sa, this->protocol,
@@ -159,14 +160,21 @@ METHOD(task_t, build_i, status_t,
{ /* check if it is an outbound CHILD_SA */
this->child_sa = this->ike_sa->get_child_sa(this->ike_sa, this->protocol,
this->spi, FALSE);
- if (!this->child_sa)
- { /* CHILD_SA is gone, unable to rekey. As an empty CREATE_CHILD_SA
- * exchange is invalid, we fall back to an INFORMATIONAL exchange.*/
- message->set_exchange_type(message, INFORMATIONAL);
- return SUCCESS;
+ if (this->child_sa)
+ {
+ /* we work only with the inbound SPI */
+ this->spi = this->child_sa->get_spi(this->child_sa, TRUE);
}
- /* we work only with the inbound SPI */
- this->spi = this->child_sa->get_spi(this->child_sa, TRUE);
+ }
+ if (!this->child_sa ||
+ (!this->child_create &&
+ this->child_sa->get_state(this->child_sa) != CHILD_INSTALLED) ||
+ (this->child_create &&
+ this->child_sa->get_state(this->child_sa) != CHILD_REKEYING))
+ {
+ /* CHILD_SA is gone or in the wrong state, unable to rekey */
+ message->set_exchange_type(message, EXCHANGE_TYPE_UNDEFINED);
+ return SUCCESS;
}
config = this->child_sa->get_config(this->child_sa);
@@ -217,13 +225,19 @@ METHOD(task_t, build_r, status_t,
private_child_rekey_t *this, message_t *message)
{
child_cfg_t *config;
- u_int32_t reqid;
+ uint32_t reqid;
+ child_sa_state_t state;
- if (this->child_sa == NULL ||
- this->child_sa->get_state(this->child_sa) == CHILD_DELETING)
+ if (!this->child_sa)
{
DBG1(DBG_IKE, "unable to rekey, CHILD_SA not found");
- message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
+ message->add_notify(message, TRUE, CHILD_SA_NOT_FOUND, chunk_empty);
+ return SUCCESS;
+ }
+ if (this->child_sa->get_state(this->child_sa) == CHILD_DELETING)
+ {
+ DBG1(DBG_IKE, "unable to rekey, we are deleting the CHILD_SA");
+ message->add_notify(message, TRUE, TEMPORARY_FAILURE, chunk_empty);
return SUCCESS;
}
@@ -237,14 +251,16 @@ METHOD(task_t, build_r, status_t,
this->child_create->set_config(this->child_create, config->get_ref(config));
this->child_create->task.build(&this->child_create->task, message);
+ state = this->child_sa->get_state(this->child_sa);
+ this->child_sa->set_state(this->child_sa, CHILD_REKEYING);
+
if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
- {
- /* rekeying failed, reuse old child */
- this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
+ { /* rekeying failed, reuse old child */
+ this->child_sa->set_state(this->child_sa, state);
return SUCCESS;
}
- this->child_sa->set_state(this->child_sa, CHILD_REKEYING);
+ this->child_sa->set_state(this->child_sa, CHILD_REKEYED);
/* invoke rekey hook */
charon->bus->child_rekey(charon->bus, this->child_sa,
@@ -284,9 +300,9 @@ static child_sa_t *handle_collision(private_child_rekey_t *this)
if (child_sa)
{
child_sa->set_close_action(child_sa, ACTION_NONE);
- if (child_sa->get_state(child_sa) != CHILD_REKEYING)
+ if (child_sa->get_state(child_sa) != CHILD_REKEYED)
{
- child_sa->set_state(child_sa, CHILD_REKEYING);
+ child_sa->set_state(child_sa, CHILD_REKEYED);
}
}
}
@@ -324,7 +340,7 @@ METHOD(task_t, process_i, status_t,
private_child_rekey_t *this, message_t *message)
{
protocol_id_t protocol;
- u_int32_t spi;
+ uint32_t spi;
child_sa_t *to_delete;
if (message->get_notify(message, NO_ADDITIONAL_SAS))
@@ -337,6 +353,34 @@ METHOD(task_t, process_i, status_t,
this->ike_sa->get_id(this->ike_sa), TRUE));
return SUCCESS;
}
+ if (message->get_notify(message, CHILD_SA_NOT_FOUND))
+ {
+ child_cfg_t *child_cfg;
+ uint32_t reqid;
+
+ if (this->collision &&
+ this->collision->get_type(this->collision) == TASK_CHILD_DELETE)
+ { /* ignore this error if we already deleted the CHILD_SA on the
+ * peer's behalf (could happen if the other peer does not detect
+ * the collision and did not respond with TEMPORARY_FAILURE) */
+ return SUCCESS;
+ }
+ DBG1(DBG_IKE, "peer didn't find the CHILD_SA we tried to rekey");
+ /* FIXME: according to RFC 7296 we should only create a new CHILD_SA if
+ * it does not exist yet, we currently have no good way of checking for
+ * that (we could go by name, but that might be tricky e.g. due to
+ * narrowing) */
+ spi = this->child_sa->get_spi(this->child_sa, TRUE);
+ reqid = this->child_sa->get_reqid(this->child_sa);
+ protocol = this->child_sa->get_protocol(this->child_sa);
+ child_cfg = this->child_sa->get_config(this->child_sa);
+ child_cfg->get_ref(child_cfg);
+ charon->bus->child_updown(charon->bus, this->child_sa, FALSE);
+ this->ike_sa->destroy_child_sa(this->ike_sa, protocol, spi);
+ return this->ike_sa->initiate(this->ike_sa,
+ child_cfg->get_ref(child_cfg), reqid,
+ NULL, NULL);
+ }
if (this->child_create->task.process(&this->child_create->task,
message) == NEED_MORE)
@@ -346,10 +390,10 @@ METHOD(task_t, process_i, status_t,
}
if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
{
- /* establishing new child failed, reuse old. but not when we
- * received a delete in the meantime */
- if (!(this->collision &&
- this->collision->get_type(this->collision) == TASK_CHILD_DELETE))
+ /* establishing new child failed, reuse old and try again. but not when
+ * we received a delete in the meantime */
+ if (!this->collision ||
+ this->collision->get_type(this->collision) != TASK_CHILD_DELETE)
{
schedule_delayed_rekey(this);
}
@@ -377,9 +421,9 @@ METHOD(task_t, process_i, status_t,
return SUCCESS;
}
/* disable updown event for redundant CHILD_SA */
- if (to_delete->get_state(to_delete) != CHILD_REKEYING)
+ if (to_delete->get_state(to_delete) != CHILD_REKEYED)
{
- to_delete->set_state(to_delete, CHILD_REKEYING);
+ to_delete->set_state(to_delete, CHILD_REKEYED);
}
spi = to_delete->get_spi(to_delete, TRUE);
protocol = to_delete->get_protocol(to_delete);
@@ -398,6 +442,18 @@ METHOD(task_t, get_type, task_type_t,
return TASK_CHILD_REKEY;
}
+METHOD(child_rekey_t, is_redundant, bool,
+ private_child_rekey_t *this, child_sa_t *child)
+{
+ if (this->collision &&
+ this->collision->get_type(this->collision) == TASK_CHILD_REKEY)
+ {
+ private_child_rekey_t *rekey = (private_child_rekey_t*)this->collision;
+ return child == rekey->child_create->get_child(rekey->child_create);
+ }
+ return FALSE;
+}
+
METHOD(child_rekey_t, collide, void,
private_child_rekey_t *this, task_t *other)
{
@@ -406,9 +462,18 @@ METHOD(child_rekey_t, collide, void,
if (other->get_type(other) == TASK_CHILD_REKEY)
{
private_child_rekey_t *rekey = (private_child_rekey_t*)other;
+ child_sa_t *other_child;
+
if (rekey->child_sa != this->child_sa)
+ { /* not the same child => no collision */
+ other->destroy(other);
+ return;
+ }
+ /* ignore passive tasks that did not successfully create a CHILD_SA */
+ other_child = rekey->child_create->get_child(rekey->child_create);
+ if (!other_child ||
+ other_child->get_state(other_child) != CHILD_INSTALLED)
{
- /* not the same child => no collision */
other->destroy(other);
return;
}
@@ -416,19 +481,11 @@ METHOD(child_rekey_t, collide, void,
else if (other->get_type(other) == TASK_CHILD_DELETE)
{
child_delete_t *del = (child_delete_t*)other;
- if (this->collision &&
- this->collision->get_type(this->collision) == TASK_CHILD_REKEY)
+ if (is_redundant(this, del->get_child(del)))
{
- private_child_rekey_t *rekey;
-
- rekey = (private_child_rekey_t*)this->collision;
- if (del->get_child(del) == rekey->child_create->get_child(rekey->child_create))
- {
- /* peer deletes redundant child created in collision */
- this->other_child_destroyed = TRUE;
- other->destroy(other);
- return;
- }
+ this->other_child_destroyed = TRUE;
+ other->destroy(other);
+ return;
}
if (del->get_child(del) != this->child_sa)
{
@@ -439,7 +496,7 @@ METHOD(child_rekey_t, collide, void,
}
else
{
- /* any other task is not critical for collisisions, ignore */
+ /* any other task is not critical for collisions, ignore */
other->destroy(other);
return;
}
@@ -485,7 +542,7 @@ METHOD(task_t, destroy, void,
* Described in header.
*/
child_rekey_t *child_rekey_create(ike_sa_t *ike_sa, protocol_id_t protocol,
- u_int32_t spi)
+ uint32_t spi)
{
private_child_rekey_t *this;
@@ -496,6 +553,7 @@ child_rekey_t *child_rekey_create(ike_sa_t *ike_sa, protocol_id_t protocol,
.migrate = _migrate,
.destroy = _destroy,
},
+ .is_redundant = _is_redundant,
.collide = _collide,
},
.ike_sa = ike_sa,
diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.h b/src/libcharon/sa/ikev2/tasks/child_rekey.h
index 23384653d..0ad1a062d 100644
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.h
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.h
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2016 Tobias Brunner
* Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -39,13 +40,25 @@ struct child_rekey_t {
task_t task;
/**
- * Register a rekeying task which collides with this one
+ * Check if the given SA is the redundant CHILD_SA created during a rekey
+ * collision.
+ *
+ * This is called if the other peer deletes the redundant SA before we were
+ * able to handle the CREATE_CHILD_SA response.
+ *
+ * @param child CHILD_SA to check
+ * @return TRUE if the SA is the redundant CHILD_SA
+ */
+ bool (*is_redundant)(child_rekey_t *this, child_sa_t *child);
+
+ /**
+ * Register a rekeying/delete task which collides with this one
*
* If two peers initiate rekeying at the same time, the collision must
* be handled gracefully. The task manager is aware of what exchanges
- * are going on and notifies the outgoing task by passing the incoming.
+ * are going on and notifies the active task by passing the passive.
*
- * @param other incoming task
+ * @param other passive task (adopted)
*/
void (*collide)(child_rekey_t* this, task_t *other);
};
@@ -59,6 +72,6 @@ struct child_rekey_t {
* @return child_rekey task to handle by the task_manager
*/
child_rekey_t *child_rekey_create(ike_sa_t *ike_sa, protocol_id_t protocol,
- u_int32_t spi);
+ uint32_t spi);
#endif /** CHILD_REKEY_H_ @}*/
diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c b/src/libcharon/sa/ikev2/tasks/ike_auth.c
index 79a436fbf..036910d0e 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_auth.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c
@@ -186,7 +186,7 @@ static status_t collect_other_init_data(private_ike_auth_t *this,
*/
static void get_reserved_id_bytes(private_ike_auth_t *this, id_payload_t *id)
{
- u_int8_t *byte;
+ uint8_t *byte;
int i;
for (i = 0; i < countof(this->reserved); i++)
@@ -564,6 +564,10 @@ METHOD(task_t, process_r, status_t,
this->ike_sa->enable_extension(this->ike_sa,
EXT_EAP_ONLY_AUTHENTICATION);
}
+ if (message->get_notify(message, INITIAL_CONTACT))
+ {
+ this->initial_contact = TRUE;
+ }
}
if (this->other_auth == NULL)
@@ -652,14 +656,6 @@ METHOD(task_t, process_r, status_t,
return NEED_MORE;
}
- /* If authenticated (with non-EAP) and received INITIAL_CONTACT,
- * delete any existing IKE_SAs with that peer. */
- if (message->get_message_id(message) == 1 &&
- message->get_notify(message, INITIAL_CONTACT))
- {
- this->initial_contact = TRUE;
- }
-
/* another auth round done, invoke authorize hook */
if (!charon->bus->authorize(charon->bus, FALSE))
{
@@ -749,13 +745,6 @@ METHOD(task_t, build_r, status_t,
get_reserved_id_bytes(this, id_payload);
message->add_payload(message, (payload_t*)id_payload);
- if (this->initial_contact)
- {
- charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
- this->ike_sa, TRUE);
- this->initial_contact = FALSE;
- }
-
if ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS) == AUTH_CLASS_EAP)
{ /* EAP-only authentication */
if (!this->ike_sa->supports_extension(this->ike_sa,
@@ -830,7 +819,7 @@ METHOD(task_t, build_r, status_t,
}
if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
- this->ike_sa, FALSE))
+ this->ike_sa, this->initial_contact))
{
DBG1(DBG_IKE, "cancelling IKE_SA setup due to uniqueness policy");
charon->bus->alert(charon->bus, ALERT_UNIQUE_KEEP);
diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c b/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c
index a7d162e68..47b0a3ed1 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c
@@ -45,14 +45,14 @@ struct private_ike_auth_lifetime_t {
static void add_auth_lifetime(private_ike_auth_lifetime_t *this, message_t *message)
{
chunk_t chunk;
- u_int32_t lifetime;
+ uint32_t lifetime;
lifetime = this->ike_sa->get_statistic(this->ike_sa, STAT_REAUTH);
if (lifetime)
{
lifetime -= time_monotonic(NULL);
chunk = chunk_from_thing(lifetime);
- *(u_int32_t*)chunk.ptr = htonl(lifetime);
+ *(uint32_t*)chunk.ptr = htonl(lifetime);
message->add_notify(message, FALSE, AUTH_LIFETIME, chunk);
}
}
@@ -64,13 +64,13 @@ static void process_payloads(private_ike_auth_lifetime_t *this, message_t *messa
{
notify_payload_t *notify;
chunk_t data;
- u_int32_t lifetime;
+ uint32_t lifetime;
notify = message->get_notify(message, AUTH_LIFETIME);
if (notify)
{
data = notify->get_notification_data(notify);
- lifetime = ntohl(*(u_int32_t*)data.ptr);
+ lifetime = ntohl(*(uint32_t*)data.ptr);
this->ike_sa->set_auth_lifetime(this->ike_sa, lifetime);
}
}
diff --git a/src/libcharon/sa/ikev2/tasks/ike_delete.c b/src/libcharon/sa/ikev2/tasks/ike_delete.c
index e972dba07..fd36b144a 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_delete.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_delete.c
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2016 Tobias Brunner
* Copyright (C) 2006-2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -17,7 +18,7 @@
#include <daemon.h>
#include <encoding/payloads/delete_payload.h>
-
+#include <sa/ikev2/tasks/ike_rekey.h>
typedef struct private_ike_delete_t private_ike_delete_t;
@@ -45,11 +46,6 @@ struct private_ike_delete_t {
* are we deleting a rekeyed SA?
*/
bool rekeyed;
-
- /**
- * are we responding to a delete, but have initated our own?
- */
- bool simultaneous;
};
METHOD(task_t, build_i, status_t,
@@ -68,7 +64,8 @@ METHOD(task_t, build_i, status_t,
delete_payload = delete_payload_create(PLV2_DELETE, PROTO_IKE);
message->add_payload(message, (payload_t*)delete_payload);
- if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING)
+ if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING ||
+ this->ike_sa->get_state(this->ike_sa) == IKE_REKEYED)
{
this->rekeyed = TRUE;
}
@@ -93,6 +90,33 @@ METHOD(task_t, process_i, status_t,
return DESTROY_ME;
}
+/**
+ * Check if this delete happened after a rekey collsion
+ */
+static bool after_rekey_collision(private_ike_delete_t *this)
+{
+ enumerator_t *tasks;
+ task_t *task;
+
+ tasks = this->ike_sa->create_task_enumerator(this->ike_sa,
+ TASK_QUEUE_ACTIVE);
+ while (tasks->enumerate(tasks, &task))
+ {
+ if (task->get_type(task) == TASK_IKE_REKEY)
+ {
+ ike_rekey_t *rekey = (ike_rekey_t*)task;
+
+ if (rekey->did_collide(rekey))
+ {
+ tasks->destroy(tasks);
+ return TRUE;
+ }
+ }
+ }
+ tasks->destroy(tasks);
+ return FALSE;
+}
+
METHOD(task_t, process_r, status_t,
private_ike_delete_t *this, message_t *message)
{
@@ -119,16 +143,24 @@ METHOD(task_t, process_r, status_t,
switch (this->ike_sa->get_state(this->ike_sa))
{
+ case IKE_REKEYING:
+ /* if the peer concurrently deleted the IKE_SA we treat this as
+ * regular delete. however, in case the peer did not detect a rekey
+ * collision it will delete the replaced IKE_SA if we are still in
+ * state IKE_REKEYING */
+ if (after_rekey_collision(this))
+ {
+ this->rekeyed = TRUE;
+ break;
+ }
+ /* fall-through */
case IKE_ESTABLISHED:
this->ike_sa->set_state(this->ike_sa, IKE_DELETING);
this->ike_sa->reestablish(this->ike_sa);
return NEED_MORE;
- case IKE_REKEYING:
+ case IKE_REKEYED:
this->rekeyed = TRUE;
break;
- case IKE_DELETING:
- this->simultaneous = TRUE;
- break;
default:
break;
}
@@ -141,11 +173,6 @@ METHOD(task_t, build_r, status_t,
{
DBG0(DBG_IKE, "IKE_SA deleted");
- if (this->simultaneous)
- {
- /* wait for peer's response for our delete request */
- return SUCCESS;
- }
if (!this->rekeyed)
{ /* invoke ike_down() hook if SA has not been rekeyed */
charon->bus->ike_updown(charon->bus, this->ike_sa, FALSE);
@@ -164,7 +191,6 @@ METHOD(task_t, migrate, void,
private_ike_delete_t *this, ike_sa_t *ike_sa)
{
this->ike_sa = ike_sa;
- this->simultaneous = FALSE;
}
METHOD(task_t, destroy, void,
diff --git a/src/libcharon/sa/ikev2/tasks/ike_init.c b/src/libcharon/sa/ikev2/tasks/ike_init.c
index 78579be95..801b6d8f3 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_init.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_init.c
@@ -221,7 +221,7 @@ static void handle_supported_hash_algorithms(private_ike_init_t *this,
notify_payload_t *notify)
{
bio_reader_t *reader;
- u_int16_t algo;
+ uint16_t algo;
bool added = FALSE;
reader = bio_reader_create(notify->get_notification_data(notify));
@@ -373,13 +373,15 @@ static void process_payloads(private_ike_init_t *this, message_t *message)
{
sa_payload_t *sa_payload = (sa_payload_t*)payload;
linked_list_t *proposal_list;
- bool private;
+ bool private, prefer_configured;
proposal_list = sa_payload->get_proposals(sa_payload);
private = this->ike_sa->supports_extension(this->ike_sa,
EXT_STRONGSWAN);
+ prefer_configured = lib->settings->get_bool(lib->settings,
+ "%s.prefer_configured_proposals", TRUE, lib->ns);
this->proposal = this->config->select_proposal(this->config,
- proposal_list, private);
+ proposal_list, private, prefer_configured);
if (!this->proposal)
{
charon->bus->alert(charon->bus, ALERT_PROPOSAL_MISMATCH_IKE,
@@ -633,7 +635,7 @@ METHOD(task_t, build_r, status_t,
if (this->dh == NULL ||
!this->proposal->has_dh_group(this->proposal, this->dh_group))
{
- u_int16_t group;
+ uint16_t group;
if (this->proposal->get_algorithm(this->proposal, DIFFIE_HELLMAN_GROUP,
&group, NULL))
@@ -765,7 +767,7 @@ METHOD(task_t, process_i, status_t,
bad_group = this->dh_group;
data = notify->get_notification_data(notify);
- this->dh_group = ntohs(*((u_int16_t*)data.ptr));
+ this->dh_group = ntohs(*((uint16_t*)data.ptr));
DBG1(DBG_IKE, "peer didn't accept DH group %N, "
"it requested %N", diffie_hellman_group_names,
bad_group, diffie_hellman_group_names, this->dh_group);
diff --git a/src/libcharon/sa/ikev2/tasks/ike_me.c b/src/libcharon/sa/ikev2/tasks/ike_me.c
index 10d412ffd..f077ccfb5 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_me.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_me.c
@@ -128,7 +128,7 @@ static void gather_and_add_endpoints(private_ike_me_t *this, message_t *message)
{
enumerator_t *enumerator;
host_t *addr, *host;
- u_int16_t port;
+ uint16_t port;
/* get the port that is used to communicate with the ms */
host = this->ike_sa->get_my_host(this->ike_sa);
diff --git a/src/libcharon/sa/ikev2/tasks/ike_mobike.c b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
index 3f7bb175f..dc0f24fb8 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_mobike.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
@@ -299,7 +299,7 @@ static void update_children(private_ike_mobike_t *this)
/**
* Apply the port of the old host, if its ip equals the new, use port otherwise.
*/
-static void apply_port(host_t *host, host_t *old, u_int16_t port, bool local)
+static void apply_port(host_t *host, host_t *old, uint16_t port, bool local)
{
if (host->ip_equals(host, old))
{
diff --git a/src/libcharon/sa/ikev2/tasks/ike_natd.c b/src/libcharon/sa/ikev2/tasks/ike_natd.c
index 4bf5264dd..f3f32d7af 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_natd.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_natd.c
@@ -99,8 +99,8 @@ static chunk_t generate_natd_hash(private_ike_natd_t *this,
{
chunk_t natd_chunk, spi_i_chunk, spi_r_chunk, addr_chunk, port_chunk;
chunk_t natd_hash;
- u_int64_t spi_i, spi_r;
- u_int16_t port;
+ uint64_t spi_i, spi_r;
+ uint16_t port;
/* prepare all required chunks */
spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
@@ -142,7 +142,7 @@ static notify_payload_t *build_natd_payload(private_ike_natd_t *this,
config = this->ike_sa->get_ike_cfg(this->ike_sa);
if (force_encap(config) && type == NAT_DETECTION_SOURCE_IP)
{
- u_int32_t addr;
+ uint32_t addr;
/* chunk_hash() is randomly keyed so this produces a random IPv4 address
* that changes with every restart but otherwise stays the same */
diff --git a/src/libcharon/sa/ikev2/tasks/ike_rekey.c b/src/libcharon/sa/ikev2/tasks/ike_rekey.c
index eaba04e3a..2f0552a33 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_rekey.c
@@ -1,7 +1,8 @@
/*
+ * Copyright (C) 2015-2016 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -66,9 +67,30 @@ struct private_ike_rekey_t {
* colliding task detected by the task manager
*/
task_t *collision;
+
+ /**
+ * TRUE if rekeying can't be handled temporarily
+ */
+ bool failed_temporarily;
};
/**
+ * Schedule a retry if rekeying temporary failed
+ */
+static void schedule_delayed_rekey(private_ike_rekey_t *this)
+{
+ uint32_t retry;
+ job_t *job;
+
+ retry = RETRY_INTERVAL - (random() % RETRY_JITTER);
+ job = (job_t*)rekey_ike_sa_job_create(
+ this->ike_sa->get_id(this->ike_sa), FALSE);
+ DBG1(DBG_IKE, "IKE_SA rekeying failed, trying again in %d seconds", retry);
+ this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED);
+ lib->scheduler->schedule_job(lib->scheduler, job, retry);
+}
+
+/**
* Check if an IKE_SA has any queued tasks, return initiation job
*/
static job_t* check_queued_tasks(ike_sa_t *ike_sa)
@@ -83,7 +105,6 @@ static job_t* check_queued_tasks(ike_sa_t *ike_sa)
job = (job_t*)initiate_tasks_job_create(ike_sa->get_id(ike_sa));
}
enumerator->destroy(enumerator);
-
return job;
}
@@ -117,20 +138,9 @@ static void establish_new(private_ike_rekey_t *this)
}
this->new_sa = NULL;
charon->bus->set_sa(charon->bus, this->ike_sa);
- }
-}
-METHOD(task_t, process_r_delete, status_t,
- private_ike_rekey_t *this, message_t *message)
-{
- establish_new(this);
- return this->ike_delete->task.process(&this->ike_delete->task, message);
-}
-
-METHOD(task_t, build_r_delete, status_t,
- private_ike_rekey_t *this, message_t *message)
-{
- return this->ike_delete->task.build(&this->ike_delete->task, message);
+ this->ike_sa->set_state(this->ike_sa, IKE_REKEYED);
+ }
}
METHOD(task_t, build_i_delete, status_t,
@@ -172,36 +182,59 @@ METHOD(task_t, build_i, status_t,
return NEED_MORE;
}
-METHOD(task_t, process_r, status_t,
- private_ike_rekey_t *this, message_t *message)
+/**
+ * Check if there are any half-open children
+ */
+static bool have_half_open_children(private_ike_rekey_t *this)
{
enumerator_t *enumerator;
child_sa_t *child_sa;
-
- if (this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
- {
- DBG1(DBG_IKE, "peer initiated rekeying, but we are deleting");
- return NEED_MORE;
- }
+ task_t *task;
enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
switch (child_sa->get_state(child_sa))
{
- case CHILD_CREATED:
case CHILD_REKEYING:
case CHILD_RETRYING:
case CHILD_DELETING:
- /* we do not allow rekeying while we have children in-progress */
- DBG1(DBG_IKE, "peer initiated rekeying, but a child is half-open");
enumerator->destroy(enumerator);
- return NEED_MORE;
+ return TRUE;
default:
break;
}
}
enumerator->destroy(enumerator);
+ enumerator = this->ike_sa->create_task_enumerator(this->ike_sa,
+ TASK_QUEUE_ACTIVE);
+ while (enumerator->enumerate(enumerator, (void**)&task))
+ {
+ if (task->get_type(task) == TASK_CHILD_CREATE)
+ {
+ enumerator->destroy(enumerator);
+ return TRUE;
+ }
+ }
+ enumerator->destroy(enumerator);
+ return FALSE;
+}
+
+METHOD(task_t, process_r, status_t,
+ private_ike_rekey_t *this, message_t *message)
+{
+ if (this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
+ {
+ DBG1(DBG_IKE, "peer initiated rekeying, but we are deleting");
+ this->failed_temporarily = TRUE;
+ return NEED_MORE;
+ }
+ if (have_half_open_children(this))
+ {
+ DBG1(DBG_IKE, "peer initiated rekeying, but a child is half-open");
+ this->failed_temporarily = TRUE;
+ return NEED_MORE;
+ }
this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
this->ike_sa->get_version(this->ike_sa), FALSE);
@@ -219,33 +252,57 @@ METHOD(task_t, process_r, status_t,
METHOD(task_t, build_r, status_t,
private_ike_rekey_t *this, message_t *message)
{
+ if (this->failed_temporarily)
+ {
+ message->add_notify(message, TRUE, TEMPORARY_FAILURE, chunk_empty);
+ return SUCCESS;
+ }
if (this->new_sa == NULL)
{
/* IKE_SA/a CHILD_SA is in an inacceptable state, deny rekeying */
message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
return SUCCESS;
}
-
if (this->ike_init->task.build(&this->ike_init->task, message) == FAILED)
{
+ this->ike_init->task.destroy(&this->ike_init->task);
+ this->ike_init = NULL;
charon->bus->set_sa(charon->bus, this->ike_sa);
return SUCCESS;
}
charon->bus->set_sa(charon->bus, this->ike_sa);
- this->ike_sa->set_state(this->ike_sa, IKE_REKEYING);
- /* rekeying successful, delete the IKE_SA using a subtask */
- this->ike_delete = ike_delete_create(this->ike_sa, FALSE);
- this->public.task.build = _build_r_delete;
- this->public.task.process = _process_r_delete;
-
- /* the peer does have to delete the IKE_SA. If it does not, we get a
- * unusable IKE_SA in REKEYING state without a replacement. We consider
- * this a timeout condition by the peer, and trigger a delete actively. */
- lib->scheduler->schedule_job(lib->scheduler, (job_t*)
- delete_ike_sa_job_create(this->ike_sa->get_id(this->ike_sa), TRUE), 90);
+ if (this->ike_sa->get_state(this->ike_sa) != IKE_REKEYING)
+ { /* in case of a collision we let the initiating task handle this */
+ establish_new(this);
+ /* make sure the IKE_SA is gone in case the peer fails to delete it */
+ lib->scheduler->schedule_job(lib->scheduler, (job_t*)
+ delete_ike_sa_job_create(this->ike_sa->get_id(this->ike_sa), TRUE),
+ 90);
+ }
+ return SUCCESS;
+}
- return NEED_MORE;
+/**
+ * Conclude any undetected rekey collision.
+ *
+ * If the peer does not detect the collision it will delete this IKE_SA.
+ * Depending on when our request reaches the peer and we receive the delete
+ * this may get called at different times.
+ *
+ * Returns TRUE if there was a collision, FALSE otherwise.
+ */
+static bool conclude_undetected_collision(private_ike_rekey_t *this)
+{
+ if (this->collision &&
+ this->collision->get_type(this->collision) == TASK_IKE_REKEY)
+ {
+ DBG1(DBG_IKE, "peer did not notice IKE_SA rekey collision, abort "
+ "active rekeying");
+ establish_new((private_ike_rekey_t*)this->collision);
+ return TRUE;
+ }
+ return FALSE;
}
METHOD(task_t, process_i, status_t,
@@ -266,18 +323,9 @@ METHOD(task_t, process_i, status_t,
{
case FAILED:
/* rekeying failed, fallback to old SA */
- if (!(this->collision && (
- this->collision->get_type(this->collision) == TASK_IKE_DELETE ||
- this->collision->get_type(this->collision) == TASK_IKE_REAUTH)))
+ if (!conclude_undetected_collision(this))
{
- job_t *job;
- u_int32_t retry = RETRY_INTERVAL - (random() % RETRY_JITTER);
- job = (job_t*)rekey_ike_sa_job_create(
- this->ike_sa->get_id(this->ike_sa), FALSE);
- DBG1(DBG_IKE, "IKE_SA rekeying failed, "
- "trying again in %d seconds", retry);
- this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED);
- lib->scheduler->schedule_job(lib->scheduler, job, retry);
+ schedule_delayed_rekey(this);
}
return SUCCESS;
case NEED_MORE:
@@ -293,55 +341,53 @@ METHOD(task_t, process_i, status_t,
this->collision->get_type(this->collision) == TASK_IKE_REKEY)
{
private_ike_rekey_t *other = (private_ike_rekey_t*)this->collision;
+ host_t *host;
+ chunk_t this_nonce, other_nonce;
- /* ike_init can be NULL, if child_sa is half-open */
- if (other->ike_init)
- {
- host_t *host;
- chunk_t this_nonce, other_nonce;
-
- this_nonce = this->ike_init->get_lower_nonce(this->ike_init);
- other_nonce = other->ike_init->get_lower_nonce(other->ike_init);
+ this_nonce = this->ike_init->get_lower_nonce(this->ike_init);
+ other_nonce = other->ike_init->get_lower_nonce(other->ike_init);
- /* if we have the lower nonce, delete rekeyed SA. If not, delete
- * the redundant. */
- if (memcmp(this_nonce.ptr, other_nonce.ptr,
- min(this_nonce.len, other_nonce.len)) > 0)
+ /* if we have the lower nonce, delete rekeyed SA. If not, delete
+ * the redundant. */
+ if (memcmp(this_nonce.ptr, other_nonce.ptr,
+ min(this_nonce.len, other_nonce.len)) < 0)
+ {
+ DBG1(DBG_IKE, "IKE_SA rekey collision lost, deleting redundant "
+ "IKE_SA %s[%d]", this->new_sa->get_name(this->new_sa),
+ this->new_sa->get_unique_id(this->new_sa));
+ /* apply host for a proper delete */
+ host = this->ike_sa->get_my_host(this->ike_sa);
+ this->new_sa->set_my_host(this->new_sa, host->clone(host));
+ host = this->ike_sa->get_other_host(this->ike_sa);
+ this->new_sa->set_other_host(this->new_sa, host->clone(host));
+ /* IKE_SAs in state IKE_REKEYED are silently deleted, so we use
+ * IKE_REKEYING */
+ this->new_sa->set_state(this->new_sa, IKE_REKEYING);
+ if (this->new_sa->delete(this->new_sa) == DESTROY_ME)
{
- /* peer should delete this SA. Add a timeout just in case. */
- job_t *job = (job_t*)delete_ike_sa_job_create(
- other->new_sa->get_id(other->new_sa), TRUE);
- lib->scheduler->schedule_job(lib->scheduler, job, 10);
- DBG1(DBG_IKE, "IKE_SA rekey collision won, waiting for delete");
- charon->ike_sa_manager->checkin(charon->ike_sa_manager, other->new_sa);
- other->new_sa = NULL;
+ this->new_sa->destroy(this->new_sa);
}
else
{
- DBG1(DBG_IKE, "IKE_SA rekey collision lost, "
- "deleting redundant IKE_SA");
- /* apply host for a proper delete */
- host = this->ike_sa->get_my_host(this->ike_sa);
- this->new_sa->set_my_host(this->new_sa, host->clone(host));
- host = this->ike_sa->get_other_host(this->ike_sa);
- this->new_sa->set_other_host(this->new_sa, host->clone(host));
- this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED);
- this->new_sa->set_state(this->new_sa, IKE_REKEYING);
- if (this->new_sa->delete(this->new_sa) == DESTROY_ME)
- {
- this->new_sa->destroy(this->new_sa);
- }
- else
- {
- charon->ike_sa_manager->checkin(
- charon->ike_sa_manager, this->new_sa);
- }
- charon->bus->set_sa(charon->bus, this->ike_sa);
- this->new_sa = NULL;
- establish_new(other);
- return SUCCESS;
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager,
+ this->new_sa);
}
+ charon->bus->set_sa(charon->bus, this->ike_sa);
+ this->new_sa = NULL;
+ establish_new(other);
+ return SUCCESS;
}
+ /* peer should delete this SA. Add a timeout just in case. */
+ job_t *job = (job_t*)delete_ike_sa_job_create(
+ other->new_sa->get_id(other->new_sa), TRUE);
+ lib->scheduler->schedule_job(lib->scheduler, job,
+ HALF_OPEN_IKE_SA_TIMEOUT);
+ DBG1(DBG_IKE, "IKE_SA rekey collision won, waiting for delete for "
+ "redundant IKE_SA %s[%d]", other->new_sa->get_name(other->new_sa),
+ other->new_sa->get_unique_id(other->new_sa));
+ other->new_sa->set_state(other->new_sa, IKE_REKEYED);
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, other->new_sa);
+ other->new_sa = NULL;
charon->bus->set_sa(charon->bus, this->ike_sa);
}
@@ -361,11 +407,41 @@ METHOD(task_t, get_type, task_type_t,
return TASK_IKE_REKEY;
}
+METHOD(ike_rekey_t, did_collide, bool,
+ private_ike_rekey_t *this)
+{
+ return this->collision &&
+ this->collision->get_type(this->collision) == TASK_IKE_REKEY;
+}
+
METHOD(ike_rekey_t, collide, void,
private_ike_rekey_t* this, task_t *other)
{
DBG1(DBG_IKE, "detected %N collision with %N", task_type_names,
TASK_IKE_REKEY, task_type_names, other->get_type(other));
+
+ switch (other->get_type(other))
+ {
+ case TASK_IKE_DELETE:
+ conclude_undetected_collision(this);
+ other->destroy(other);
+ return;
+ case TASK_IKE_REKEY:
+ {
+ private_ike_rekey_t *rekey = (private_ike_rekey_t*)other;
+
+ if (!rekey->ike_init)
+ {
+ DBG1(DBG_IKE, "colliding exchange did not result in an IKE_SA, "
+ "ignore");
+ other->destroy(other);
+ return;
+ }
+ break;
+ }
+ default:
+ break;
+ }
DESTROY_IF(this->collision);
this->collision = other;
}
@@ -425,6 +501,7 @@ ike_rekey_t *ike_rekey_create(ike_sa_t *ike_sa, bool initiator)
.migrate = _migrate,
.destroy = _destroy,
},
+ .did_collide = _did_collide,
.collide = _collide,
},
.ike_sa = ike_sa,
diff --git a/src/libcharon/sa/ikev2/tasks/ike_rekey.h b/src/libcharon/sa/ikev2/tasks/ike_rekey.h
index 6a12e9034..86b512c92 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_rekey.h
+++ b/src/libcharon/sa/ikev2/tasks/ike_rekey.h
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2016 Tobias Brunner
* Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -38,6 +39,13 @@ struct ike_rekey_t {
task_t task;
/**
+ * Check if there was a rekey collision.
+ *
+ * @return TRUE if there was a rekey collision before
+ */
+ bool (*did_collide)(ike_rekey_t *this);
+
+ /**
* Register a rekeying task which collides with this one.
*
* If two peers initiate rekeying at the same time, the collision must
diff --git a/src/libcharon/sa/redirect_manager.c b/src/libcharon/sa/redirect_manager.c
index ff92ac29f..45b7e79df 100644
--- a/src/libcharon/sa/redirect_manager.c
+++ b/src/libcharon/sa/redirect_manager.c
@@ -248,7 +248,7 @@ identification_t *redirect_data_parse(chunk_t data, chunk_t *nonce)
bio_reader_t *reader;
id_type_t id_type;
chunk_t gateway;
- u_int8_t type;
+ uint8_t type;
reader = bio_reader_create(data);
if (!reader->read_uint8(reader, &type) ||
diff --git a/src/libcharon/sa/shunt_manager.c b/src/libcharon/sa/shunt_manager.c
index 0e9cf6e1f..40e291be5 100644
--- a/src/libcharon/sa/shunt_manager.c
+++ b/src/libcharon/sa/shunt_manager.c
@@ -1,6 +1,6 @@
/*
- * Copyright (C) 2015 Tobias Brunner
- * Copyright (C) 2011 Andreas Steffen
+ * Copyright (C) 2015-2016 Tobias Brunner
+ * Copyright (C) 2011-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -68,6 +68,8 @@ static bool install_shunt_policy(child_cfg_t *child)
policy_type_t policy_type;
policy_priority_t policy_prio;
status_t status = SUCCESS;
+ uint32_t manual_prio;
+ char *interface;
ipsec_sa_cfg_t sa = { .mode = MODE_TRANSPORT };
switch (child->get_mode(child))
@@ -92,6 +94,9 @@ static bool install_shunt_policy(child_cfg_t *child)
other_ts_list = child->get_traffic_selectors(child, FALSE, NULL, hosts);
hosts->destroy(hosts);
+ manual_prio = child->get_manual_prio(child);
+ interface = child->get_interface(child);
+
/* enumerate pairs of traffic selectors */
e_my_ts = my_ts_list->create_enumerator(my_ts_list);
while (e_my_ts->enumerate(e_my_ts, &my_ts))
@@ -110,25 +115,37 @@ static bool install_shunt_policy(child_cfg_t *child)
continue;
}
/* install out policy */
- status |= charon->kernel->add_policy(charon->kernel,
- host_any, host_any,
- my_ts, other_ts, POLICY_OUT, policy_type,
- &sa, child->get_mark(child, FALSE),
- policy_prio);
-
+ kernel_ipsec_policy_id_t id = {
+ .dir = POLICY_OUT,
+ .src_ts = my_ts,
+ .dst_ts = other_ts,
+ .mark = child->get_mark(child, FALSE),
+ .interface = interface,
+ };
+ kernel_ipsec_manage_policy_t policy = {
+ .type = policy_type,
+ .prio = policy_prio,
+ .manual_prio = manual_prio,
+ .src = host_any,
+ .dst = host_any,
+ .sa = &sa,
+ };
+ status |= charon->kernel->add_policy(charon->kernel, &id, &policy);
+ /* install "outbound" forward policy */
+ id.dir = POLICY_FWD;
+ status |= charon->kernel->add_policy(charon->kernel, &id, &policy);
/* install in policy */
- status |= charon->kernel->add_policy(charon->kernel,
- host_any, host_any,
- other_ts, my_ts, POLICY_IN, policy_type,
- &sa, child->get_mark(child, TRUE),
- policy_prio);
-
- /* install forward policy */
- status |= charon->kernel->add_policy(charon->kernel,
- host_any, host_any,
- other_ts, my_ts, POLICY_FWD, policy_type,
- &sa, child->get_mark(child, TRUE),
- policy_prio);
+ id = (kernel_ipsec_policy_id_t){
+ .dir = POLICY_IN,
+ .src_ts = other_ts,
+ .dst_ts = my_ts,
+ .mark = child->get_mark(child, TRUE),
+ .interface = interface,
+ };
+ status |= charon->kernel->add_policy(charon->kernel, &id, &policy);
+ /* install "inbound" forward policy */
+ id.dir = POLICY_FWD;
+ status |= charon->kernel->add_policy(charon->kernel, &id, &policy);
}
e_other_ts->destroy(e_other_ts);
}
@@ -205,6 +222,8 @@ static void uninstall_shunt_policy(child_cfg_t *child)
policy_type_t policy_type;
policy_priority_t policy_prio;
status_t status = SUCCESS;
+ uint32_t manual_prio;
+ char *interface;
ipsec_sa_cfg_t sa = { .mode = MODE_TRANSPORT };
switch (child->get_mode(child))
@@ -229,6 +248,9 @@ static void uninstall_shunt_policy(child_cfg_t *child)
other_ts_list = child->get_traffic_selectors(child, FALSE, NULL, hosts);
hosts->destroy(hosts);
+ manual_prio = child->get_manual_prio(child);
+ interface = child->get_interface(child);
+
/* enumerate pairs of traffic selectors */
e_my_ts = my_ts_list->create_enumerator(my_ts_list);
while (e_my_ts->enumerate(e_my_ts, &my_ts))
@@ -247,25 +269,37 @@ static void uninstall_shunt_policy(child_cfg_t *child)
continue;
}
/* uninstall out policy */
- status |= charon->kernel->del_policy(charon->kernel,
- host_any, host_any,
- my_ts, other_ts, POLICY_OUT, policy_type,
- &sa, child->get_mark(child, FALSE),
- policy_prio);
-
+ kernel_ipsec_policy_id_t id = {
+ .dir = POLICY_OUT,
+ .src_ts = my_ts,
+ .dst_ts = other_ts,
+ .mark = child->get_mark(child, FALSE),
+ .interface = interface,
+ };
+ kernel_ipsec_manage_policy_t policy = {
+ .type = policy_type,
+ .prio = policy_prio,
+ .manual_prio = manual_prio,
+ .src = host_any,
+ .dst = host_any,
+ .sa = &sa,
+ };
+ status |= charon->kernel->del_policy(charon->kernel, &id, &policy);
+ /* uninstall "outbound" forward policy */
+ id.dir = POLICY_FWD;
+ status |= charon->kernel->del_policy(charon->kernel, &id, &policy);
/* uninstall in policy */
- status |= charon->kernel->del_policy(charon->kernel,
- host_any, host_any,
- other_ts, my_ts, POLICY_IN, policy_type,
- &sa, child->get_mark(child, TRUE),
- policy_prio);
-
- /* uninstall forward policy */
- status |= charon->kernel->del_policy(charon->kernel,
- host_any, host_any,
- other_ts, my_ts, POLICY_FWD, policy_type,
- &sa, child->get_mark(child, TRUE),
- policy_prio);
+ id = (kernel_ipsec_policy_id_t){
+ .dir = POLICY_IN,
+ .src_ts = other_ts,
+ .dst_ts = my_ts,
+ .mark = child->get_mark(child, TRUE),
+ .interface = interface,
+ };
+ status |= charon->kernel->del_policy(charon->kernel, &id, &policy);
+ /* uninstall "inbound" forward policy */
+ id.dir = POLICY_FWD;
+ status |= charon->kernel->del_policy(charon->kernel, &id, &policy);
}
e_other_ts->destroy(e_other_ts);
}
diff --git a/src/libcharon/sa/task_manager.h b/src/libcharon/sa/task_manager.h
index e7a6bf463..86077d373 100644
--- a/src/libcharon/sa/task_manager.h
+++ b/src/libcharon/sa/task_manager.h
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2013-2016 Tobias Brunner
* Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -122,7 +123,17 @@ struct task_manager_t {
*
* @param task task to queue
*/
- void (*queue_task) (task_manager_t *this, task_t *task);
+ void (*queue_task)(task_manager_t *this, task_t *task);
+
+ /**
+ * Queue a task in the manager, but delay its initiation for at least the
+ * given number of seconds.
+ *
+ * @param task task to queue
+ * @param delay minimum delay in s before initiating the task
+ */
+ void (*queue_task_delayed)(task_manager_t *this, task_t *task,
+ uint32_t delay);
/**
* Queue IKE_SA establishing tasks.
@@ -160,7 +171,7 @@ struct task_manager_t {
* @param tsi initiator traffic selector, if packet-triggered
* @param tsr responder traffic selector, if packet-triggered
*/
- void (*queue_child)(task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
+ void (*queue_child)(task_manager_t *this, child_cfg_t *cfg, uint32_t reqid,
traffic_selector_t *tsi, traffic_selector_t *tsr);
/**
@@ -170,7 +181,7 @@ struct task_manager_t {
* @param spi CHILD_SA SPI to rekey
*/
void (*queue_child_rekey)(task_manager_t *this, protocol_id_t protocol,
- u_int32_t spi);
+ uint32_t spi);
/**
* Queue CHILD_SA delete tasks.
@@ -180,7 +191,7 @@ struct task_manager_t {
* @param expired TRUE if SA already expired
*/
void (*queue_child_delete)(task_manager_t *this, protocol_id_t protocol,
- u_int32_t spi, bool expired);
+ uint32_t spi, bool expired);
/**
* Queue liveness checking tasks.
@@ -199,7 +210,7 @@ struct task_manager_t {
* - INVALID_STATE if retransmission not required
* - SUCCESS if retransmission sent
*/
- status_t (*retransmit) (task_manager_t *this, u_int32_t message_id);
+ status_t (*retransmit) (task_manager_t *this, uint32_t message_id);
/**
* Migrate all queued tasks from other to this.
@@ -242,7 +253,7 @@ struct task_manager_t {
* @param initiate message ID / DPD seq to initiate exchanges (send)
* @param respond message ID / DPD seq to respond to exchanges (expect)
*/
- void (*reset) (task_manager_t *this, u_int32_t initiate, u_int32_t respond);
+ void (*reset) (task_manager_t *this, uint32_t initiate, uint32_t respond);
/**
* Check if we are currently waiting for a reply.
diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c
index 85e220775..40a0682f2 100644
--- a/src/libcharon/sa/trap_manager.c
+++ b/src/libcharon/sa/trap_manager.c
@@ -115,7 +115,7 @@ typedef struct {
/** pending IKE_SA connecting upon acquire */
ike_sa_t *ike_sa;
/** reqid of pending trap policy */
- u_int32_t reqid;
+ uint32_t reqid;
/** destination address (wildcard case) */
host_t *dst;
} acquire_t;
@@ -143,7 +143,7 @@ static void destroy_acquire(acquire_t *this)
/**
* match an acquire entry by reqid
*/
-static bool acquire_by_reqid(acquire_t *this, u_int32_t *reqid)
+static bool acquire_by_reqid(acquire_t *this, uint32_t *reqid)
{
return this->reqid == *reqid;
}
@@ -156,9 +156,9 @@ static bool acquire_by_dst(acquire_t *this, host_t *dst)
return this->dst && this->dst->ip_equals(this->dst, dst);
}
-METHOD(trap_manager_t, install, u_int32_t,
+METHOD(trap_manager_t, install, uint32_t,
private_trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child,
- u_int32_t reqid)
+ uint32_t reqid)
{
entry_t *entry, *found = NULL;
ike_cfg_t *ike_cfg;
@@ -197,9 +197,7 @@ METHOD(trap_manager_t, install, u_int32_t,
me = charon->kernel->get_source_addr(charon->kernel, other, NULL);
if (!me)
{
- DBG1(DBG_CFG, "installing trap failed, local address unknown");
- other->destroy(other);
- return 0;
+ me = host_create_any(other->get_family(other));
}
me->set_port(me, ike_cfg->get_my_port(ike_cfg));
}
@@ -307,7 +305,7 @@ METHOD(trap_manager_t, install, u_int32_t,
}
METHOD(trap_manager_t, uninstall, bool,
- private_trap_manager_t *this, u_int32_t reqid)
+ private_trap_manager_t *this, uint32_t reqid)
{
enumerator_t *enumerator;
entry_t *entry, *found = NULL;
@@ -366,12 +364,12 @@ METHOD(trap_manager_t, create_enumerator, enumerator_t*,
(void*)this->lock->unlock);
}
-METHOD(trap_manager_t, find_reqid, u_int32_t,
+METHOD(trap_manager_t, find_reqid, uint32_t,
private_trap_manager_t *this, child_cfg_t *child)
{
enumerator_t *enumerator;
entry_t *entry;
- u_int32_t reqid = 0;
+ uint32_t reqid = 0;
this->lock->read_lock(this->lock);
enumerator = this->traps->create_enumerator(this->traps);
@@ -392,7 +390,7 @@ METHOD(trap_manager_t, find_reqid, u_int32_t,
}
METHOD(trap_manager_t, acquire, void,
- private_trap_manager_t *this, u_int32_t reqid,
+ private_trap_manager_t *this, uint32_t reqid,
traffic_selector_t *src, traffic_selector_t *dst)
{
enumerator_t *enumerator;
@@ -430,7 +428,7 @@ METHOD(trap_manager_t, acquire, void,
if (wildcard)
{ /* for wildcard acquires we check that we don't have a pending acquire
* with the same peer */
- u_int8_t mask;
+ uint8_t mask;
dst->to_subnet(dst, &host, &mask);
if (this->acquires->find_first(this->acquires, (void*)acquire_by_dst,
@@ -483,8 +481,8 @@ METHOD(trap_manager_t, acquire, void,
if (ike_sa)
{
ike_cfg_t *ike_cfg;
- u_int16_t port;
- u_int8_t mask;
+ uint16_t port;
+ uint8_t mask;
ike_sa->set_peer_cfg(ike_sa, peer);
ike_cfg = ike_sa->get_ike_cfg(ike_sa);
diff --git a/src/libcharon/sa/trap_manager.h b/src/libcharon/sa/trap_manager.h
index 0491107fd..083ea3dbf 100644
--- a/src/libcharon/sa/trap_manager.h
+++ b/src/libcharon/sa/trap_manager.h
@@ -40,8 +40,8 @@ struct trap_manager_t {
* @param reqid optional reqid to use
* @return reqid of installed CHILD_SA, 0 if failed
*/
- u_int32_t (*install)(trap_manager_t *this, peer_cfg_t *peer,
- child_cfg_t *child, u_int32_t reqid);
+ uint32_t (*install)(trap_manager_t *this, peer_cfg_t *peer,
+ child_cfg_t *child, uint32_t reqid);
/**
* Uninstall a trap policy.
@@ -49,7 +49,7 @@ struct trap_manager_t {
* @param id reqid of CHILD_SA to uninstall, returned by install()
* @return TRUE if uninstalled successfully
*/
- bool (*uninstall)(trap_manager_t *this, u_int32_t reqid);
+ bool (*uninstall)(trap_manager_t *this, uint32_t reqid);
/**
* Create an enumerator over all installed traps.
@@ -64,7 +64,7 @@ struct trap_manager_t {
* @param child CHILD_SA config to get the reqid for
* @return reqid of trap, 0 if not found
*/
- u_int32_t (*find_reqid)(trap_manager_t *this, child_cfg_t *child);
+ uint32_t (*find_reqid)(trap_manager_t *this, child_cfg_t *child);
/**
* Acquire an SA triggered by an installed trap.
@@ -73,7 +73,7 @@ struct trap_manager_t {
* @param src source of the triggering packet
* @param dst destination of the triggering packet
*/
- void (*acquire)(trap_manager_t *this, u_int32_t reqid,
+ void (*acquire)(trap_manager_t *this, uint32_t reqid,
traffic_selector_t *src, traffic_selector_t *dst);
/**
diff --git a/src/libcharon/tests/Makefile.am b/src/libcharon/tests/Makefile.am
index 0589269aa..b8670246b 100644
--- a/src/libcharon/tests/Makefile.am
+++ b/src/libcharon/tests/Makefile.am
@@ -1,8 +1,9 @@
-TESTS = libcharon_tests
+TESTS = libcharon_tests exchange_tests
check_PROGRAMS = $(TESTS)
libcharon_tests_SOURCES = \
+ suites/test_proposal.c \
suites/test_ike_cfg.c \
suites/test_mem_pool.c \
suites/test_message_chapoly.c \
@@ -21,3 +22,34 @@ libcharon_tests_LDADD = \
$(top_builddir)/src/libcharon/libcharon.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libstrongswan/tests/libtest.la
+
+
+exchange_tests_SOURCES = \
+ suites/test_child_create.c \
+ suites/test_child_delete.c \
+ suites/test_child_rekey.c \
+ suites/test_ike_delete.c \
+ suites/test_ike_rekey.c \
+ utils/exchange_test_asserts.h utils/exchange_test_asserts.c \
+ utils/exchange_test_helper.h utils/exchange_test_helper.c \
+ utils/job_asserts.h \
+ utils/mock_dh.h utils/mock_dh.c \
+ utils/mock_ipsec.h utils/mock_ipsec.c \
+ utils/mock_nonce_gen.h utils/mock_nonce_gen.c \
+ utils/mock_sender.h utils/mock_sender.c \
+ utils/sa_asserts.h \
+ exchange_tests.h exchange_tests.c
+
+exchange_tests_CFLAGS = \
+ -I$(top_srcdir)/src/libcharon \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libstrongswan/tests \
+ -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \
+ -DPLUGINS=\""${s_plugins}\"" \
+ @COVERAGE_CFLAGS@
+
+exchange_tests_LDFLAGS = @COVERAGE_LDFLAGS@
+exchange_tests_LDADD = \
+ $(top_builddir)/src/libcharon/libcharon.la \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libstrongswan/tests/libtest.la
diff --git a/src/libcharon/tests/Makefile.in b/src/libcharon/tests/Makefile.in
index 87dea161a..7a0d34292 100644
--- a/src/libcharon/tests/Makefile.in
+++ b/src/libcharon/tests/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -77,11 +87,9 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
-TESTS = libcharon_tests$(EXEEXT)
+TESTS = libcharon_tests$(EXEEXT) exchange_tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libcharon/tests
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,13 +103,41 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES =
-am__EXEEXT_1 = libcharon_tests$(EXEEXT)
+am__EXEEXT_1 = libcharon_tests$(EXEEXT) exchange_tests$(EXEEXT)
am__dirstamp = $(am__leading_dot)dirstamp
+am_exchange_tests_OBJECTS = \
+ suites/exchange_tests-test_child_create.$(OBJEXT) \
+ suites/exchange_tests-test_child_delete.$(OBJEXT) \
+ suites/exchange_tests-test_child_rekey.$(OBJEXT) \
+ suites/exchange_tests-test_ike_delete.$(OBJEXT) \
+ suites/exchange_tests-test_ike_rekey.$(OBJEXT) \
+ utils/exchange_tests-exchange_test_asserts.$(OBJEXT) \
+ utils/exchange_tests-exchange_test_helper.$(OBJEXT) \
+ utils/exchange_tests-mock_dh.$(OBJEXT) \
+ utils/exchange_tests-mock_ipsec.$(OBJEXT) \
+ utils/exchange_tests-mock_nonce_gen.$(OBJEXT) \
+ utils/exchange_tests-mock_sender.$(OBJEXT) \
+ exchange_tests-exchange_tests.$(OBJEXT)
+exchange_tests_OBJECTS = $(am_exchange_tests_OBJECTS)
+exchange_tests_DEPENDENCIES = \
+ $(top_builddir)/src/libcharon/libcharon.la \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libstrongswan/tests/libtest.la
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+exchange_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(exchange_tests_CFLAGS) $(CFLAGS) $(exchange_tests_LDFLAGS) \
+ $(LDFLAGS) -o $@
am_libcharon_tests_OBJECTS = \
+ suites/libcharon_tests-test_proposal.$(OBJEXT) \
suites/libcharon_tests-test_ike_cfg.$(OBJEXT) \
suites/libcharon_tests-test_mem_pool.$(OBJEXT) \
suites/libcharon_tests-test_message_chapoly.$(OBJEXT) \
@@ -111,10 +147,6 @@ libcharon_tests_DEPENDENCIES = \
$(top_builddir)/src/libcharon/libcharon.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libstrongswan/tests/libtest.la
-AM_V_lt = $(am__v_lt_@AM_V@)
-am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
-am__v_lt_0 = --silent
-am__v_lt_1 =
libcharon_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(libcharon_tests_CFLAGS) $(CFLAGS) $(libcharon_tests_LDFLAGS) \
@@ -153,8 +185,8 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
am__v_CCLD_0 = @echo " CCLD " $@;
am__v_CCLD_1 =
-SOURCES = $(libcharon_tests_SOURCES)
-DIST_SOURCES = $(libcharon_tests_SOURCES)
+SOURCES = $(exchange_tests_SOURCES) $(libcharon_tests_SOURCES)
+DIST_SOURCES = $(exchange_tests_SOURCES) $(libcharon_tests_SOURCES)
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
n|no|NO) false;; \
@@ -201,12 +233,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +290,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +325,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +437,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -430,6 +467,7 @@ urandom_device = @urandom_device@
xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
libcharon_tests_SOURCES = \
+ suites/test_proposal.c \
suites/test_ike_cfg.c \
suites/test_mem_pool.c \
suites/test_message_chapoly.c \
@@ -449,6 +487,36 @@ libcharon_tests_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libstrongswan/tests/libtest.la
+exchange_tests_SOURCES = \
+ suites/test_child_create.c \
+ suites/test_child_delete.c \
+ suites/test_child_rekey.c \
+ suites/test_ike_delete.c \
+ suites/test_ike_rekey.c \
+ utils/exchange_test_asserts.h utils/exchange_test_asserts.c \
+ utils/exchange_test_helper.h utils/exchange_test_helper.c \
+ utils/job_asserts.h \
+ utils/mock_dh.h utils/mock_dh.c \
+ utils/mock_ipsec.h utils/mock_ipsec.c \
+ utils/mock_nonce_gen.h utils/mock_nonce_gen.c \
+ utils/mock_sender.h utils/mock_sender.c \
+ utils/sa_asserts.h \
+ exchange_tests.h exchange_tests.c
+
+exchange_tests_CFLAGS = \
+ -I$(top_srcdir)/src/libcharon \
+ -I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libstrongswan/tests \
+ -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \
+ -DPLUGINS=\""${s_plugins}\"" \
+ @COVERAGE_CFLAGS@
+
+exchange_tests_LDFLAGS = @COVERAGE_LDFLAGS@
+exchange_tests_LDADD = \
+ $(top_builddir)/src/libcharon/libcharon.la \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libstrongswan/tests/libtest.la
+
all: all-am
.SUFFIXES:
@@ -465,7 +533,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/tests/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libcharon/tests/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -498,6 +565,40 @@ suites/$(am__dirstamp):
suites/$(DEPDIR)/$(am__dirstamp):
@$(MKDIR_P) suites/$(DEPDIR)
@: > suites/$(DEPDIR)/$(am__dirstamp)
+suites/exchange_tests-test_child_create.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+suites/exchange_tests-test_child_delete.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+suites/exchange_tests-test_child_rekey.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+suites/exchange_tests-test_ike_delete.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+suites/exchange_tests-test_ike_rekey.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+utils/$(am__dirstamp):
+ @$(MKDIR_P) utils
+ @: > utils/$(am__dirstamp)
+utils/$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) utils/$(DEPDIR)
+ @: > utils/$(DEPDIR)/$(am__dirstamp)
+utils/exchange_tests-exchange_test_asserts.$(OBJEXT): \
+ utils/$(am__dirstamp) utils/$(DEPDIR)/$(am__dirstamp)
+utils/exchange_tests-exchange_test_helper.$(OBJEXT): \
+ utils/$(am__dirstamp) utils/$(DEPDIR)/$(am__dirstamp)
+utils/exchange_tests-mock_dh.$(OBJEXT): utils/$(am__dirstamp) \
+ utils/$(DEPDIR)/$(am__dirstamp)
+utils/exchange_tests-mock_ipsec.$(OBJEXT): utils/$(am__dirstamp) \
+ utils/$(DEPDIR)/$(am__dirstamp)
+utils/exchange_tests-mock_nonce_gen.$(OBJEXT): utils/$(am__dirstamp) \
+ utils/$(DEPDIR)/$(am__dirstamp)
+utils/exchange_tests-mock_sender.$(OBJEXT): utils/$(am__dirstamp) \
+ utils/$(DEPDIR)/$(am__dirstamp)
+
+exchange_tests$(EXEEXT): $(exchange_tests_OBJECTS) $(exchange_tests_DEPENDENCIES) $(EXTRA_exchange_tests_DEPENDENCIES)
+ @rm -f exchange_tests$(EXEEXT)
+ $(AM_V_CCLD)$(exchange_tests_LINK) $(exchange_tests_OBJECTS) $(exchange_tests_LDADD) $(LIBS)
+suites/libcharon_tests-test_proposal.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
suites/libcharon_tests-test_ike_cfg.$(OBJEXT): suites/$(am__dirstamp) \
suites/$(DEPDIR)/$(am__dirstamp)
suites/libcharon_tests-test_mem_pool.$(OBJEXT): \
@@ -512,14 +613,28 @@ libcharon_tests$(EXEEXT): $(libcharon_tests_OBJECTS) $(libcharon_tests_DEPENDENC
mostlyclean-compile:
-rm -f *.$(OBJEXT)
-rm -f suites/*.$(OBJEXT)
+ -rm -f utils/*.$(OBJEXT)
distclean-compile:
-rm -f *.tab.c
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/exchange_tests-exchange_tests.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcharon_tests-libcharon_tests.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/exchange_tests-test_child_create.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/exchange_tests-test_child_delete.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/exchange_tests-test_child_rekey.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/exchange_tests-test_ike_delete.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_mem_pool.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_proposal.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-mock_dh.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-mock_ipsec.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-mock_sender.Po@am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@@ -545,6 +660,188 @@ distclean-compile:
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+suites/exchange_tests-test_child_create.o: suites/test_child_create.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_child_create.o -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_child_create.Tpo -c -o suites/exchange_tests-test_child_create.o `test -f 'suites/test_child_create.c' || echo '$(srcdir)/'`suites/test_child_create.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_child_create.Tpo suites/$(DEPDIR)/exchange_tests-test_child_create.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_child_create.c' object='suites/exchange_tests-test_child_create.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_child_create.o `test -f 'suites/test_child_create.c' || echo '$(srcdir)/'`suites/test_child_create.c
+
+suites/exchange_tests-test_child_create.obj: suites/test_child_create.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_child_create.obj -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_child_create.Tpo -c -o suites/exchange_tests-test_child_create.obj `if test -f 'suites/test_child_create.c'; then $(CYGPATH_W) 'suites/test_child_create.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_child_create.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_child_create.Tpo suites/$(DEPDIR)/exchange_tests-test_child_create.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_child_create.c' object='suites/exchange_tests-test_child_create.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_child_create.obj `if test -f 'suites/test_child_create.c'; then $(CYGPATH_W) 'suites/test_child_create.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_child_create.c'; fi`
+
+suites/exchange_tests-test_child_delete.o: suites/test_child_delete.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_child_delete.o -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_child_delete.Tpo -c -o suites/exchange_tests-test_child_delete.o `test -f 'suites/test_child_delete.c' || echo '$(srcdir)/'`suites/test_child_delete.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_child_delete.Tpo suites/$(DEPDIR)/exchange_tests-test_child_delete.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_child_delete.c' object='suites/exchange_tests-test_child_delete.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_child_delete.o `test -f 'suites/test_child_delete.c' || echo '$(srcdir)/'`suites/test_child_delete.c
+
+suites/exchange_tests-test_child_delete.obj: suites/test_child_delete.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_child_delete.obj -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_child_delete.Tpo -c -o suites/exchange_tests-test_child_delete.obj `if test -f 'suites/test_child_delete.c'; then $(CYGPATH_W) 'suites/test_child_delete.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_child_delete.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_child_delete.Tpo suites/$(DEPDIR)/exchange_tests-test_child_delete.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_child_delete.c' object='suites/exchange_tests-test_child_delete.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_child_delete.obj `if test -f 'suites/test_child_delete.c'; then $(CYGPATH_W) 'suites/test_child_delete.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_child_delete.c'; fi`
+
+suites/exchange_tests-test_child_rekey.o: suites/test_child_rekey.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_child_rekey.o -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_child_rekey.Tpo -c -o suites/exchange_tests-test_child_rekey.o `test -f 'suites/test_child_rekey.c' || echo '$(srcdir)/'`suites/test_child_rekey.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_child_rekey.Tpo suites/$(DEPDIR)/exchange_tests-test_child_rekey.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_child_rekey.c' object='suites/exchange_tests-test_child_rekey.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_child_rekey.o `test -f 'suites/test_child_rekey.c' || echo '$(srcdir)/'`suites/test_child_rekey.c
+
+suites/exchange_tests-test_child_rekey.obj: suites/test_child_rekey.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_child_rekey.obj -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_child_rekey.Tpo -c -o suites/exchange_tests-test_child_rekey.obj `if test -f 'suites/test_child_rekey.c'; then $(CYGPATH_W) 'suites/test_child_rekey.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_child_rekey.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_child_rekey.Tpo suites/$(DEPDIR)/exchange_tests-test_child_rekey.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_child_rekey.c' object='suites/exchange_tests-test_child_rekey.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_child_rekey.obj `if test -f 'suites/test_child_rekey.c'; then $(CYGPATH_W) 'suites/test_child_rekey.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_child_rekey.c'; fi`
+
+suites/exchange_tests-test_ike_delete.o: suites/test_ike_delete.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_ike_delete.o -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_ike_delete.Tpo -c -o suites/exchange_tests-test_ike_delete.o `test -f 'suites/test_ike_delete.c' || echo '$(srcdir)/'`suites/test_ike_delete.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_ike_delete.Tpo suites/$(DEPDIR)/exchange_tests-test_ike_delete.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ike_delete.c' object='suites/exchange_tests-test_ike_delete.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_ike_delete.o `test -f 'suites/test_ike_delete.c' || echo '$(srcdir)/'`suites/test_ike_delete.c
+
+suites/exchange_tests-test_ike_delete.obj: suites/test_ike_delete.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_ike_delete.obj -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_ike_delete.Tpo -c -o suites/exchange_tests-test_ike_delete.obj `if test -f 'suites/test_ike_delete.c'; then $(CYGPATH_W) 'suites/test_ike_delete.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ike_delete.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_ike_delete.Tpo suites/$(DEPDIR)/exchange_tests-test_ike_delete.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ike_delete.c' object='suites/exchange_tests-test_ike_delete.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_ike_delete.obj `if test -f 'suites/test_ike_delete.c'; then $(CYGPATH_W) 'suites/test_ike_delete.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ike_delete.c'; fi`
+
+suites/exchange_tests-test_ike_rekey.o: suites/test_ike_rekey.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_ike_rekey.o -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Tpo -c -o suites/exchange_tests-test_ike_rekey.o `test -f 'suites/test_ike_rekey.c' || echo '$(srcdir)/'`suites/test_ike_rekey.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Tpo suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ike_rekey.c' object='suites/exchange_tests-test_ike_rekey.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_ike_rekey.o `test -f 'suites/test_ike_rekey.c' || echo '$(srcdir)/'`suites/test_ike_rekey.c
+
+suites/exchange_tests-test_ike_rekey.obj: suites/test_ike_rekey.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT suites/exchange_tests-test_ike_rekey.obj -MD -MP -MF suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Tpo -c -o suites/exchange_tests-test_ike_rekey.obj `if test -f 'suites/test_ike_rekey.c'; then $(CYGPATH_W) 'suites/test_ike_rekey.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ike_rekey.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Tpo suites/$(DEPDIR)/exchange_tests-test_ike_rekey.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ike_rekey.c' object='suites/exchange_tests-test_ike_rekey.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o suites/exchange_tests-test_ike_rekey.obj `if test -f 'suites/test_ike_rekey.c'; then $(CYGPATH_W) 'suites/test_ike_rekey.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ike_rekey.c'; fi`
+
+utils/exchange_tests-exchange_test_asserts.o: utils/exchange_test_asserts.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-exchange_test_asserts.o -MD -MP -MF utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Tpo -c -o utils/exchange_tests-exchange_test_asserts.o `test -f 'utils/exchange_test_asserts.c' || echo '$(srcdir)/'`utils/exchange_test_asserts.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Tpo utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/exchange_test_asserts.c' object='utils/exchange_tests-exchange_test_asserts.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-exchange_test_asserts.o `test -f 'utils/exchange_test_asserts.c' || echo '$(srcdir)/'`utils/exchange_test_asserts.c
+
+utils/exchange_tests-exchange_test_asserts.obj: utils/exchange_test_asserts.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-exchange_test_asserts.obj -MD -MP -MF utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Tpo -c -o utils/exchange_tests-exchange_test_asserts.obj `if test -f 'utils/exchange_test_asserts.c'; then $(CYGPATH_W) 'utils/exchange_test_asserts.c'; else $(CYGPATH_W) '$(srcdir)/utils/exchange_test_asserts.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Tpo utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/exchange_test_asserts.c' object='utils/exchange_tests-exchange_test_asserts.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-exchange_test_asserts.obj `if test -f 'utils/exchange_test_asserts.c'; then $(CYGPATH_W) 'utils/exchange_test_asserts.c'; else $(CYGPATH_W) '$(srcdir)/utils/exchange_test_asserts.c'; fi`
+
+utils/exchange_tests-exchange_test_helper.o: utils/exchange_test_helper.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-exchange_test_helper.o -MD -MP -MF utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Tpo -c -o utils/exchange_tests-exchange_test_helper.o `test -f 'utils/exchange_test_helper.c' || echo '$(srcdir)/'`utils/exchange_test_helper.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Tpo utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/exchange_test_helper.c' object='utils/exchange_tests-exchange_test_helper.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-exchange_test_helper.o `test -f 'utils/exchange_test_helper.c' || echo '$(srcdir)/'`utils/exchange_test_helper.c
+
+utils/exchange_tests-exchange_test_helper.obj: utils/exchange_test_helper.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-exchange_test_helper.obj -MD -MP -MF utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Tpo -c -o utils/exchange_tests-exchange_test_helper.obj `if test -f 'utils/exchange_test_helper.c'; then $(CYGPATH_W) 'utils/exchange_test_helper.c'; else $(CYGPATH_W) '$(srcdir)/utils/exchange_test_helper.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Tpo utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/exchange_test_helper.c' object='utils/exchange_tests-exchange_test_helper.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-exchange_test_helper.obj `if test -f 'utils/exchange_test_helper.c'; then $(CYGPATH_W) 'utils/exchange_test_helper.c'; else $(CYGPATH_W) '$(srcdir)/utils/exchange_test_helper.c'; fi`
+
+utils/exchange_tests-mock_dh.o: utils/mock_dh.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_dh.o -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_dh.Tpo -c -o utils/exchange_tests-mock_dh.o `test -f 'utils/mock_dh.c' || echo '$(srcdir)/'`utils/mock_dh.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_dh.Tpo utils/$(DEPDIR)/exchange_tests-mock_dh.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_dh.c' object='utils/exchange_tests-mock_dh.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_dh.o `test -f 'utils/mock_dh.c' || echo '$(srcdir)/'`utils/mock_dh.c
+
+utils/exchange_tests-mock_dh.obj: utils/mock_dh.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_dh.obj -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_dh.Tpo -c -o utils/exchange_tests-mock_dh.obj `if test -f 'utils/mock_dh.c'; then $(CYGPATH_W) 'utils/mock_dh.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_dh.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_dh.Tpo utils/$(DEPDIR)/exchange_tests-mock_dh.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_dh.c' object='utils/exchange_tests-mock_dh.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_dh.obj `if test -f 'utils/mock_dh.c'; then $(CYGPATH_W) 'utils/mock_dh.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_dh.c'; fi`
+
+utils/exchange_tests-mock_ipsec.o: utils/mock_ipsec.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_ipsec.o -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_ipsec.Tpo -c -o utils/exchange_tests-mock_ipsec.o `test -f 'utils/mock_ipsec.c' || echo '$(srcdir)/'`utils/mock_ipsec.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_ipsec.Tpo utils/$(DEPDIR)/exchange_tests-mock_ipsec.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_ipsec.c' object='utils/exchange_tests-mock_ipsec.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_ipsec.o `test -f 'utils/mock_ipsec.c' || echo '$(srcdir)/'`utils/mock_ipsec.c
+
+utils/exchange_tests-mock_ipsec.obj: utils/mock_ipsec.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_ipsec.obj -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_ipsec.Tpo -c -o utils/exchange_tests-mock_ipsec.obj `if test -f 'utils/mock_ipsec.c'; then $(CYGPATH_W) 'utils/mock_ipsec.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_ipsec.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_ipsec.Tpo utils/$(DEPDIR)/exchange_tests-mock_ipsec.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_ipsec.c' object='utils/exchange_tests-mock_ipsec.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_ipsec.obj `if test -f 'utils/mock_ipsec.c'; then $(CYGPATH_W) 'utils/mock_ipsec.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_ipsec.c'; fi`
+
+utils/exchange_tests-mock_nonce_gen.o: utils/mock_nonce_gen.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_nonce_gen.o -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Tpo -c -o utils/exchange_tests-mock_nonce_gen.o `test -f 'utils/mock_nonce_gen.c' || echo '$(srcdir)/'`utils/mock_nonce_gen.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Tpo utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_nonce_gen.c' object='utils/exchange_tests-mock_nonce_gen.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_nonce_gen.o `test -f 'utils/mock_nonce_gen.c' || echo '$(srcdir)/'`utils/mock_nonce_gen.c
+
+utils/exchange_tests-mock_nonce_gen.obj: utils/mock_nonce_gen.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_nonce_gen.obj -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Tpo -c -o utils/exchange_tests-mock_nonce_gen.obj `if test -f 'utils/mock_nonce_gen.c'; then $(CYGPATH_W) 'utils/mock_nonce_gen.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_nonce_gen.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Tpo utils/$(DEPDIR)/exchange_tests-mock_nonce_gen.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_nonce_gen.c' object='utils/exchange_tests-mock_nonce_gen.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_nonce_gen.obj `if test -f 'utils/mock_nonce_gen.c'; then $(CYGPATH_W) 'utils/mock_nonce_gen.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_nonce_gen.c'; fi`
+
+utils/exchange_tests-mock_sender.o: utils/mock_sender.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_sender.o -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_sender.Tpo -c -o utils/exchange_tests-mock_sender.o `test -f 'utils/mock_sender.c' || echo '$(srcdir)/'`utils/mock_sender.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_sender.Tpo utils/$(DEPDIR)/exchange_tests-mock_sender.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_sender.c' object='utils/exchange_tests-mock_sender.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_sender.o `test -f 'utils/mock_sender.c' || echo '$(srcdir)/'`utils/mock_sender.c
+
+utils/exchange_tests-mock_sender.obj: utils/mock_sender.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT utils/exchange_tests-mock_sender.obj -MD -MP -MF utils/$(DEPDIR)/exchange_tests-mock_sender.Tpo -c -o utils/exchange_tests-mock_sender.obj `if test -f 'utils/mock_sender.c'; then $(CYGPATH_W) 'utils/mock_sender.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_sender.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/exchange_tests-mock_sender.Tpo utils/$(DEPDIR)/exchange_tests-mock_sender.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/mock_sender.c' object='utils/exchange_tests-mock_sender.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o utils/exchange_tests-mock_sender.obj `if test -f 'utils/mock_sender.c'; then $(CYGPATH_W) 'utils/mock_sender.c'; else $(CYGPATH_W) '$(srcdir)/utils/mock_sender.c'; fi`
+
+exchange_tests-exchange_tests.o: exchange_tests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT exchange_tests-exchange_tests.o -MD -MP -MF $(DEPDIR)/exchange_tests-exchange_tests.Tpo -c -o exchange_tests-exchange_tests.o `test -f 'exchange_tests.c' || echo '$(srcdir)/'`exchange_tests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/exchange_tests-exchange_tests.Tpo $(DEPDIR)/exchange_tests-exchange_tests.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='exchange_tests.c' object='exchange_tests-exchange_tests.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o exchange_tests-exchange_tests.o `test -f 'exchange_tests.c' || echo '$(srcdir)/'`exchange_tests.c
+
+exchange_tests-exchange_tests.obj: exchange_tests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -MT exchange_tests-exchange_tests.obj -MD -MP -MF $(DEPDIR)/exchange_tests-exchange_tests.Tpo -c -o exchange_tests-exchange_tests.obj `if test -f 'exchange_tests.c'; then $(CYGPATH_W) 'exchange_tests.c'; else $(CYGPATH_W) '$(srcdir)/exchange_tests.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/exchange_tests-exchange_tests.Tpo $(DEPDIR)/exchange_tests-exchange_tests.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='exchange_tests.c' object='exchange_tests-exchange_tests.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o exchange_tests-exchange_tests.obj `if test -f 'exchange_tests.c'; then $(CYGPATH_W) 'exchange_tests.c'; else $(CYGPATH_W) '$(srcdir)/exchange_tests.c'; fi`
+
+suites/libcharon_tests-test_proposal.o: suites/test_proposal.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_proposal.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo -c -o suites/libcharon_tests-test_proposal.o `test -f 'suites/test_proposal.c' || echo '$(srcdir)/'`suites/test_proposal.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo suites/$(DEPDIR)/libcharon_tests-test_proposal.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_proposal.c' object='suites/libcharon_tests-test_proposal.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_proposal.o `test -f 'suites/test_proposal.c' || echo '$(srcdir)/'`suites/test_proposal.c
+
+suites/libcharon_tests-test_proposal.obj: suites/test_proposal.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_proposal.obj -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo -c -o suites/libcharon_tests-test_proposal.obj `if test -f 'suites/test_proposal.c'; then $(CYGPATH_W) 'suites/test_proposal.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_proposal.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo suites/$(DEPDIR)/libcharon_tests-test_proposal.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_proposal.c' object='suites/libcharon_tests-test_proposal.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_proposal.obj `if test -f 'suites/test_proposal.c'; then $(CYGPATH_W) 'suites/test_proposal.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_proposal.c'; fi`
+
suites/libcharon_tests-test_ike_cfg.o: suites/test_ike_cfg.c
@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_ike_cfg.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo -c -o suites/libcharon_tests-test_ike_cfg.o `test -f 'suites/test_ike_cfg.c' || echo '$(srcdir)/'`suites/test_ike_cfg.c
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po
@@ -816,6 +1113,8 @@ distclean-generic:
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
-rm -f suites/$(DEPDIR)/$(am__dirstamp)
-rm -f suites/$(am__dirstamp)
+ -rm -f utils/$(DEPDIR)/$(am__dirstamp)
+ -rm -f utils/$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -826,7 +1125,7 @@ clean-am: clean-checkPROGRAMS clean-generic clean-libtool \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR) suites/$(DEPDIR)
+ -rm -rf ./$(DEPDIR) suites/$(DEPDIR) utils/$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -872,7 +1171,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR) suites/$(DEPDIR)
+ -rm -rf ./$(DEPDIR) suites/$(DEPDIR) utils/$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -907,6 +1206,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libcharon/tests/exchange_tests.c b/src/libcharon/tests/exchange_tests.c
new file mode 100644
index 000000000..eab50a875
--- /dev/null
+++ b/src/libcharon/tests/exchange_tests.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <test_runner.h>
+#include <daemon.h>
+
+#include "utils/exchange_test_helper.h"
+
+/* declare test suite constructors */
+#define TEST_SUITE(x) test_suite_t* x();
+#define TEST_SUITE_DEPEND(x, ...) TEST_SUITE(x)
+#include "exchange_tests.h"
+#undef TEST_SUITE
+#undef TEST_SUITE_DEPEND
+
+static test_configuration_t tests[] = {
+#define TEST_SUITE(x) \
+ { .suite = x, },
+#define TEST_SUITE_DEPEND(x, type, ...) \
+ { .suite = x, .feature = PLUGIN_DEPENDS(type, __VA_ARGS__) },
+#include "exchange_tests.h"
+ { .suite = NULL, }
+};
+
+static bool test_runner_init(bool init)
+{
+ if (init)
+ {
+ char *plugins, *plugindir;
+
+ libcharon_init();
+
+ plugins = getenv("TESTS_PLUGINS") ?:
+ lib->settings->get_str(lib->settings,
+ "tests.load", PLUGINS);
+ plugindir = lib->settings->get_str(lib->settings,
+ "tests.plugindir", PLUGINDIR);
+ plugin_loader_add_plugindirs(plugindir, plugins);
+ exchange_test_helper_init(plugins);
+ }
+ else
+ {
+ exchange_test_helper_deinit();
+ libcharon_deinit();
+ }
+ return TRUE;
+}
+
+int main(int argc, char *argv[])
+{
+ return test_runner_run("exchanges", tests, test_runner_init);
+}
diff --git a/src/libcharon/tests/exchange_tests.h b/src/libcharon/tests/exchange_tests.h
new file mode 100644
index 000000000..30086721f
--- /dev/null
+++ b/src/libcharon/tests/exchange_tests.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+TEST_SUITE(ike_delete_suite_create)
+TEST_SUITE(ike_rekey_suite_create)
+TEST_SUITE(child_create_suite_create)
+TEST_SUITE(child_delete_suite_create)
+TEST_SUITE(child_rekey_suite_create)
diff --git a/src/libcharon/tests/libcharon_tests.c b/src/libcharon/tests/libcharon_tests.c
index 4692c3094..e25e5434f 100644
--- a/src/libcharon/tests/libcharon_tests.c
+++ b/src/libcharon/tests/libcharon_tests.c
@@ -53,9 +53,6 @@ static bool test_runner_init(bool init)
}
else
{
- lib->processor->set_threads(lib->processor, 0);
- lib->processor->cancel(lib->processor);
- lib->plugins->unload(lib->plugins);
libcharon_deinit();
}
return TRUE;
diff --git a/src/libcharon/tests/libcharon_tests.h b/src/libcharon/tests/libcharon_tests.h
index fb82baccb..f770f464d 100644
--- a/src/libcharon/tests/libcharon_tests.h
+++ b/src/libcharon/tests/libcharon_tests.h
@@ -1,4 +1,7 @@
/*
+ * Copyright (C) 2014-2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2014 Martin Willi
* Copyright (C) 2014 revosec AG
*
@@ -13,6 +16,15 @@
* for more details.
*/
+/**
+ * @defgroup libcharon-tests tests
+ * @ingroup libcharon
+ *
+ * @defgroup test_utils_c test_utils
+ * @ingroup libcharon-tests
+ */
+
+TEST_SUITE(proposal_suite_create)
TEST_SUITE(ike_cfg_suite_create)
TEST_SUITE(mem_pool_suite_create)
TEST_SUITE_DEPEND(message_chapoly_suite_create, AEAD, ENCR_CHACHA20_POLY1305, 32)
diff --git a/src/libcharon/tests/suites/test_child_create.c b/src/libcharon/tests/suites/test_child_create.c
new file mode 100644
index 000000000..20a47f6bf
--- /dev/null
+++ b/src/libcharon/tests/suites/test_child_create.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <daemon.h>
+#include <tests/utils/exchange_test_helper.h>
+#include <tests/utils/exchange_test_asserts.h>
+#include <tests/utils/job_asserts.h>
+#include <tests/utils/sa_asserts.h>
+
+/**
+ * One of the peers tries to create a new CHILD_SA while the other concurrently
+ * started to rekey the IKE_SA. TEMPORARY_FAILURE should be returned on both
+ * sides and the peers should prepare to retry.
+ */
+START_TEST(test_collision_ike_rekey)
+{
+ child_cfg_t *child_cfg;
+ child_cfg_create_t child = {
+ .mode = MODE_TUNNEL,
+ };
+ ike_sa_t *a, *b;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ assert_hook_not_called(child_updown);
+ child_cfg = child_cfg_create("child", &child);
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
+ child_cfg->add_traffic_selector(child_cfg, TRUE,
+ traffic_selector_create_dynamic(0, 0, 65535));
+ child_cfg->add_traffic_selector(child_cfg, FALSE,
+ traffic_selector_create_dynamic(0, 0, 65535));
+ call_ikesa(a, initiate, child_cfg, 0, NULL, NULL);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+
+ call_ikesa(b, rekey);
+
+ /* CREATE_CHILD_SA { SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_not_called(child_updown);
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_hook_not_called(child_updown);
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 1);
+ assert_scheduler();
+ assert_hook();
+
+ /* CREATE_CHILD_SA { N(TEMP_FAIL) } --> */
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_ESTABLISHED);
+ assert_scheduler();
+
+ /* make sure no message was sent after handling the TEMPORARY_FAILURE and
+ * that the task to retry creating the CHILD_SA is queued and not active
+ * and it can't be initiated immediately */
+ ck_assert(!exchange_test_helper->sender->dequeue(exchange_test_helper->sender));
+ assert_num_tasks(a, 0, TASK_QUEUE_ACTIVE);
+ assert_num_tasks(a, 1, TASK_QUEUE_QUEUED);
+ call_ikesa(a, initiate, NULL, 0, NULL, NULL);
+ assert_num_tasks(a, 0, TASK_QUEUE_ACTIVE);
+
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+Suite *child_create_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("child create");
+
+ tc = tcase_create("collisions ike rekey");
+ tcase_add_test(tc, test_collision_ike_rekey);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libcharon/tests/suites/test_child_delete.c b/src/libcharon/tests/suites/test_child_delete.c
new file mode 100644
index 000000000..437e919c7
--- /dev/null
+++ b/src/libcharon/tests/suites/test_child_delete.c
@@ -0,0 +1,366 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <daemon.h>
+#include <tests/utils/exchange_test_helper.h>
+#include <tests/utils/exchange_test_asserts.h>
+#include <tests/utils/job_asserts.h>
+#include <tests/utils/sa_asserts.h>
+
+/**
+ * Regular CHILD_SA deletion either initiated by the original initiator or
+ * responder of the IKE_SA.
+ */
+START_TEST(test_regular)
+{
+ ike_sa_t *a, *b;
+
+ if (_i)
+ { /* responder deletes the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator deletes the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ assert_hook_not_called(child_updown);
+ call_ikesa(a, delete_child_sa, PROTO_ESP, _i+1, FALSE);
+ assert_child_sa_state(a, _i+1, CHILD_DELETING);
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * Both peers initiate the CHILD_SA deletion concurrently and should handle
+ * the collision properly.
+ */
+START_TEST(test_collision)
+{
+ ike_sa_t *a, *b;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ /* both peers delete the CHILD_SA concurrently */
+ assert_hook_not_called(child_updown);
+ call_ikesa(a, delete_child_sa, PROTO_ESP, 1, FALSE);
+ assert_child_sa_state(a, 1, CHILD_DELETING);
+ call_ikesa(b, delete_child_sa, PROTO_ESP, 2, FALSE);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_hook();
+
+ /* RFC 7296 says:
+ *
+ * Normally, the response in the INFORMATIONAL exchange will contain
+ * Delete payloads for the paired SAs going in the other direction.
+ * There is one exception. If, by chance, both ends of a set of SAs
+ * independently decide to close them, each may send a Delete payload
+ * and the two requests may cross in the network. If a node receives a
+ * delete request for SAs for which it has already issued a delete
+ * request, it MUST delete the outgoing SAs while processing the request
+ * and the incoming SAs while processing the response. In that case,
+ * the responses MUST NOT include Delete payloads for the deleted SAs,
+ * since that would result in duplicate deletion and could in theory
+ * delete the wrong SA.
+ *
+ * We don't handle SAs separately so we expect both are still installed,
+ * but the INFORMATIONAL response should not contain a DELETE payload.
+ */
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_not_called(child_updown);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ /* <-- INFORMATIONAL { D } */
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_DELETING);
+ assert_hook();
+
+ /* <-- INFORMATIONAL { } */
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(IN);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+ /* INFORMATIONAL { } --> */
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(IN);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * This is like the collision above but one of the DELETEs is dropped or delayed
+ * so the other peer is not aware that there is a collision.
+ */
+START_TEST(test_collision_drop)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ /* both peers delete the CHILD_SA concurrently */
+ assert_hook_not_called(child_updown);
+ call_ikesa(a, delete_child_sa, PROTO_ESP, 1, FALSE);
+ assert_child_sa_state(a, 1, CHILD_DELETING);
+ call_ikesa(b, delete_child_sa, PROTO_ESP, 2, FALSE);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_not_called(child_updown);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_hook();
+
+ /* drop/delay the responder's message */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- INFORMATIONAL { } */
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(IN);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } (delayed/retransmitted) */
+ assert_hook_not_called(child_updown);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ assert_hook();
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(IN);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a rekey of the IKE_SA of the CHILD_SA the other
+ * peer is concurrently trying to delete.
+ *
+ * delete ----\ /---- rekey IKE
+ * \-----/----> detect collision
+ * detect collision <---------/ /---- delete
+ * TEMP_FAIL ----\ /
+ * \----/----->
+ * <--------/
+ */
+START_TEST(test_collision_ike_rekey)
+{
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1;
+
+ if (_i)
+ { /* responder deletes the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator deletes the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ call_ikesa(a, delete_child_sa, PROTO_ESP, spi_a, FALSE);
+ assert_child_sa_state(a, spi_a, CHILD_DELETING);
+ call_ikesa(b, rekey);
+ assert_ike_sa_state(b, IKE_REKEYING);
+
+ /* this should never get called as there is no successful rekeying */
+ assert_hook_not_called(ike_rekey);
+
+ /* RFC 7296, 2.25.2: If a peer receives a request to delete a Child SA when
+ * it is currently rekeying the IKE SA, it SHOULD reply as usual, with a
+ * Delete payload.
+ */
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(OUT, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ /* RFC 7296, 2.25.1: If a peer receives a request to rekey the IKE SA, and
+ * it is currently, rekeying, or closing a Child SA of that IKE SA, it
+ * SHOULD reply with TEMPORARY_FAILURE.
+ */
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_DELETING);
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(child_updown, FALSE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { N(TEMP_FAIL) } --> */
+ /* we expect a job to retry the rekeying is scheduled */
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_ESTABLISHED);
+ assert_scheduler();
+
+ /* ike_rekey */
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a delete of the IKE_SA of the CHILD_SA the other
+ * peer is concurrently trying to delete.
+ *
+ * delete ----\ /---- delete IKE
+ * \-----/----> detect collision
+ * <---------/ /---- delete
+ * delete ----\ /
+ * \----/----->
+ * sa already gone <--------/
+ */
+START_TEST(test_collision_ike_delete)
+{
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1;
+ message_t *msg;
+ status_t s;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ call_ikesa(a, delete_child_sa, PROTO_ESP, spi_a, FALSE);
+ assert_child_sa_state(a, spi_a, CHILD_DELETING);
+ call_ikesa(b, delete);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* RFC 7296, 2.25.2 does not explicitly state what the behavior SHOULD be if
+ * a peer receives a request to delete a CHILD_SA when it is currently
+ * closing the IKE SA. We expect a regular response.
+ */
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(OUT, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ /* RFC 7296, 2.25.1 does not explicitly state what the behavior SHOULD be if
+ * a peer receives a request to close the IKE SA if it is currently deleting
+ * a Child SA of that IKE SA. Let's just close the IKE_SA and forget the
+ * delete.
+ */
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(OUT);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } */
+ /* the SA is already gone */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+ msg->destroy(msg);
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_not_called(child_updown);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+ assert_hook();
+}
+END_TEST
+
+Suite *child_delete_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("child delete");
+
+ tc = tcase_create("regular");
+ tcase_add_loop_test(tc, test_regular, 0, 2);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions");
+ tcase_add_test(tc, test_collision);
+ tcase_add_test(tc, test_collision_drop);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions ike rekey");
+ tcase_add_loop_test(tc, test_collision_ike_rekey, 0, 2);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions ike delete");
+ tcase_add_loop_test(tc, test_collision_ike_delete, 0, 2);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libcharon/tests/suites/test_child_rekey.c b/src/libcharon/tests/suites/test_child_rekey.c
new file mode 100644
index 000000000..fcac49388
--- /dev/null
+++ b/src/libcharon/tests/suites/test_child_rekey.c
@@ -0,0 +1,1569 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <daemon.h>
+#include <tests/utils/exchange_test_helper.h>
+#include <tests/utils/exchange_test_asserts.h>
+#include <tests/utils/job_asserts.h>
+#include <tests/utils/sa_asserts.h>
+
+/**
+ * Initiate rekeying the CHILD_SA with the given SPI on the given IKE_SA.
+ */
+#define initiate_rekey(sa, spi) ({ \
+ assert_hook_not_called(child_updown); \
+ assert_hook_not_called(child_rekey); \
+ call_ikesa(sa, rekey_child_sa, PROTO_ESP, spi); \
+ assert_child_sa_state(sa, spi, CHILD_REKEYING); \
+ assert_hook(); \
+ assert_hook(); \
+})
+
+/**
+ * Regular CHILD_SA rekey either initiated by the original initiator or
+ * responder of the IKE_SA.
+ */
+START_TEST(test_regular)
+{
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1, spi_b = 2-_i;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ initiate_rekey(a, spi_a);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_called(child_rekey);
+ assert_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, spi_b, CHILD_REKEYED);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */
+ assert_hook_called(child_rekey);
+ assert_no_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_DELETING);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_not_called(child_rekey);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_not_called(child_rekey);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+
+ /* child_updown */
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * CHILD_SA rekey where the responder does not agree with the DH group selected
+ * by the initiator, either initiated by the original initiator or responder of
+ * the IKE_SA.
+ */
+START_TEST(test_regular_ke_invalid)
+{
+ exchange_test_sa_conf_t conf = {
+ .initiator = {
+ .esp = "aes128-sha256-modp2048-modp3072",
+ },
+ .responder = {
+ .esp = "aes128-sha256-modp3072-modp2048",
+ },
+ };
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1, spi_b = 2-_i;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, &conf);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, &conf);
+ }
+ initiate_rekey(a, spi_a);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_not_called(child_rekey);
+ assert_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(INVAL_KE) } */
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_called(child_rekey);
+ assert_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, spi_b, CHILD_REKEYED);
+ assert_child_sa_state(b, 6, CHILD_INSTALLED);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */
+ assert_hook_called(child_rekey);
+ assert_no_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_DELETING);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_not_called(child_rekey);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 6, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_not_called(child_rekey);
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+
+ /* child_updown */
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * Check that the responder ignores soft expires while waiting for the delete
+ * after a rekeying.
+ */
+START_TEST(test_regular_responder_ignore_soft_expire)
+{
+ ike_sa_t *a, *b;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ initiate_rekey(a, 1);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_called(child_rekey);
+ assert_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYED);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */
+ assert_hook_called(child_rekey);
+ assert_no_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_DELETING);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_hook();
+
+ /* we don't expect this to get called anymore */
+ assert_hook_not_called(child_rekey);
+ /* this should not produce a message, if it does there won't be a delete
+ * payload below */
+ call_ikesa(b, rekey_child_sa, PROTO_ESP, 2);
+ assert_child_sa_state(b, 2, CHILD_REKEYED);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+ /* <-- INFORMATIONAL { D } */
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * Check that the responder handles hard expires properly while waiting for the
+ * delete after a rekeying (e.g. if the initiator of the rekeying fails to
+ * delete the CHILD_SA for some reason).
+ */
+START_TEST(test_regular_responder_handle_hard_expire)
+{
+ ike_sa_t *a, *b;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ initiate_rekey(a, 1);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_called(child_rekey);
+ assert_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYED);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */
+ assert_hook_called(child_rekey);
+ assert_no_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_DELETING);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_hook();
+
+ /* we don't expect this to get called anymore */
+ assert_hook_not_called(child_rekey);
+ /* this is similar to a regular delete collision */
+ assert_single_payload(OUT, PLV2_DELETE);
+ call_ikesa(b, delete_child_sa, PROTO_ESP, 2, TRUE);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_state(a, 2, CHILD_DELETING);
+ /* <-- INFORMATIONAL { D } */
+ assert_single_payload(IN, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_child_sa_state(a, 1, CHILD_DELETING);
+ /* <-- INFORMATIONAL { } */
+ assert_message_empty(IN);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 3, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ /* INFORMATIONAL { } --> */
+ assert_message_empty(IN);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * Both peers initiate the CHILD_SA reekying concurrently and should handle
+ * the collision properly depending on the nonces.
+ */
+START_TEST(test_collision)
+{
+ ike_sa_t *a, *b;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* When rekeyings collide we get two CHILD_SAs with a total of four nonces.
+ * The CHILD_SA with the lowest nonce SHOULD be deleted by the peer that
+ * created that CHILD_SA. The replaced CHILD_SA is deleted by the peer that
+ * initiated the surviving SA.
+ * Four nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /----- ...
+ * ... -----\
+ * We test this four times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[4];
+ /* SPIs of the deleted CHILD_SA (either redundant or replaced) */
+ uint32_t spi_del_a, spi_del_b;
+ /* SPIs of the kept CHILD_SA */
+ uint32_t spi_a, spi_b;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF, 0xFF }, 3, 2, 6, 4 },
+ { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 4, 3, 5 },
+ { { 0xFF, 0xFF, 0x00, 0xFF }, 3, 2, 6, 4 },
+ { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 4, 3, 5 },
+ };
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a, 1);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b, 2);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_rekey(child_rekey, 2, 5);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYED);
+ assert_child_sa_state(b, 5, CHILD_INSTALLED);
+ assert_hook();
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_rekey(child_rekey, 1, 6);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_state(a, 6, CHILD_INSTALLED);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */
+ if (data[_i].spi_del_a == 1)
+ { /* currently we call this again if we keep our own replacement as we
+ * already called it above */
+ assert_hook_rekey(child_rekey, 1, data[_i].spi_a);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_hook();
+ }
+ else
+ {
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_hook();
+ }
+ assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING);
+ assert_child_sa_state(a, data[_i].spi_del_b, CHILD_REKEYED);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ /* CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } --> */
+ if (data[_i].spi_del_b == 2)
+ {
+ assert_hook_rekey(child_rekey, 2, data[_i].spi_b);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_hook();
+ }
+ else
+ {
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_hook();
+ }
+ assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING);
+ assert_child_sa_state(b, data[_i].spi_del_a, CHILD_REKEYED);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(child_rekey);
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 2);
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 2);
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * This is like the rekey collision above, but one peer deletes the
+ * redundant/old SA before the other peer receives the CREATE_CHILD_SA
+ * response:
+ *
+ * rekey ----\ /---- rekey
+ * \-----/----> detect collision
+ * detect collision <---------/ /----
+ * ----\ /
+ * \----/----->
+ * handle delete <--------/------- delete SA
+ * --------/------->
+ * handle rekey <------/
+ * delete SA ---------------->
+ * <----------------
+ */
+START_TEST(test_collision_delayed_response)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Four nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /----- ...
+ * ... -----\
+ * We test this four times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[4];
+ /* SPIs of the deleted CHILD_SA (either redundant or replaced) */
+ uint32_t spi_del_a, spi_del_b;
+ /* SPIs of the kept CHILD_SA */
+ uint32_t spi_a, spi_b;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF, 0xFF }, 3, 2, 6, 4 },
+ { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 4, 3, 5 },
+ { { 0xFF, 0xFF, 0x00, 0xFF }, 3, 2, 6, 4 },
+ { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 4, 3, 5 },
+ };
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a, 1);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b, 2);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_rekey(child_rekey, 2, 5);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYED);
+ assert_child_sa_state(b, 5, CHILD_INSTALLED);
+ assert_hook();
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_rekey(child_rekey, 1, 6);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_state(a, 6, CHILD_INSTALLED);
+ assert_hook();
+
+ /* delay the CREATE_CHILD_SA response from b to a */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } --> */
+ if (data[_i].spi_del_b == 2)
+ {
+ assert_hook_rekey(child_rekey, 2, data[_i].spi_b);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_hook();
+ }
+ else
+ {
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_hook();
+ }
+ assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING);
+ assert_child_sa_state(b, data[_i].spi_del_a, CHILD_REKEYED);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ if (data[_i].spi_del_b == 2)
+ {
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ }
+ else
+ {
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_count(a, 1);
+ }
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, data[_i].spi_del_a, CHILD_REKEYED);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 2);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } (delayed) */
+ if (data[_i].spi_del_a == 1)
+ {
+ assert_hook_rekey(child_rekey, 1, data[_i].spi_a);
+ exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ assert_hook();
+ }
+ else
+ {
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ assert_hook();
+ }
+ assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 2);
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(child_rekey);
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * In this scenario one of the peers does not notice that there is a
+ * rekey collision:
+ *
+ * rekey ----\ /---- rekey
+ * \ /
+ * detect collision <-----\---/
+ * -------\-------->
+ * \ /---- delete old SA
+ * \-/----> detect collision
+ * detect collision <---------/ /---- TEMP_FAIL
+ * delete -----------/---->
+ * aborts rekeying <---------/
+ */
+START_TEST(test_collision_delayed_request)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Three nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * N3/5 <-----\--/
+ * ... -----\ \-------> ...
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF } },
+ { { 0xFF, 0x00, 0xFF } },
+ { { 0xFF, 0xFF, 0x00 } },
+ };
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a, 1);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b, 2);
+
+ /* delay the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_rekey(child_rekey, 1, 5);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_hook();
+ /* CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } --> */
+ assert_hook_rekey(child_rekey, 2, 4);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(child_rekey);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> (delayed) */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_no_jobs_scheduled();
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ assert_scheduler();
+
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * Similar to above one peer fails to notice the collision but the
+ * CREATE_CHILD_SA request is even more delayed:
+ *
+ * rekey ----\ /---- rekey
+ * \ /
+ * detect collision <-----\---/
+ * -------\-------->
+ * detect collision <-------\-------- delete old SA
+ * delete ---------\------>
+ * \----->
+ * /---- CHILD_SA_NOT_FOUND
+ * aborts rekeying <----------/
+ */
+START_TEST(test_collision_delayed_request_more)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Three nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * N3/5 <-----\--/
+ * ... -----\ \-------> ...
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF } },
+ { { 0xFF, 0x00, 0xFF } },
+ { { 0xFF, 0xFF, 0x00 } },
+ };
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a, 1);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b, 2);
+
+ /* delay the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_rekey(child_rekey, 1, 5);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_hook();
+ /* CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } --> */
+ assert_hook_rekey(child_rekey, 2, 4);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(child_rekey);
+
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_single_notify(OUT, CHILD_SA_NOT_FOUND);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_child_sa_state(b, 4, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+ /* <-- CREATE_CHILD_SA { N(NO_CHILD_SA) } */
+ assert_no_jobs_scheduled();
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 5, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ assert_scheduler();
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * Both peers initiate the CHILD_SA reekying concurrently but the proposed DH
+ * groups are not the same after handling the INVALID_KE_PAYLOAD they should
+ * still handle the collision properly depending on the nonces.
+ */
+START_TEST(test_collision_ke_invalid)
+{
+ exchange_test_sa_conf_t conf = {
+ .initiator = {
+ .esp = "aes128-sha256-modp2048-modp3072",
+ },
+ .responder = {
+ .esp = "aes128-sha256-modp3072-modp2048",
+ },
+ };
+ ike_sa_t *a, *b;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, &conf);
+
+ /* Eight nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /---- INVAL_KE
+ * INVAL_KE -----\ /
+ * <-----\--/
+ * N5/7 -----\ \------->
+ * \ /---- N6/8
+ * \--/----> N7/9
+ * N8/10 <--------/ /---- ...
+ * ... ------\
+ *
+ * We test this four times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[4];
+ /* SPIs of the deleted CHILD_SA (either redundant or replaced) */
+ uint32_t spi_del_a, spi_del_b;
+ /* SPIs of the kept CHILD_SA */
+ uint32_t spi_a, spi_b;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF, 0xFF }, 7, 2,10, 8 },
+ { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 8, 7, 9 },
+ { { 0xFF, 0xFF, 0x00, 0xFF }, 7, 2,10, 8 },
+ { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 8, 7, 9 },
+ };
+
+ /* make sure the nonces of the first try don't affect the retries */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(a, 1);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(b, 2);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(INVAL_KE) } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+ /* CREATE_CHILD_SA { N(INVAL_KE) } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_rekey(child_rekey, 2, 9);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYED);
+ assert_child_sa_state(b, 9, CHILD_INSTALLED);
+ assert_hook();
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_rekey(child_rekey, 1, 10);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_state(a,10, CHILD_INSTALLED);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */
+ if (data[_i].spi_del_a == 1)
+ { /* currently we call this again if we keep our own replacement as we
+ * already called it above */
+ assert_hook_rekey(child_rekey, 1, data[_i].spi_a);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_hook();
+ }
+ else
+ {
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ }
+ assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING);
+ assert_child_sa_state(a, data[_i].spi_del_b, CHILD_REKEYED);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ /* CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } --> */
+ if (data[_i].spi_del_b == 2)
+ {
+ assert_hook_rekey(child_rekey, 2, data[_i].spi_b);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_hook();
+ }
+ else
+ {
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ }
+ assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING);
+ assert_child_sa_state(b, data[_i].spi_del_a, CHILD_REKEYED);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(child_rekey);
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 2);
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 2);
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * This is a variation of the above but with the retry by one peer delayed so
+ * that to the other peer it looks like there is no collision.
+ */
+START_TEST(test_collision_ke_invalid_delayed_retry)
+{
+ exchange_test_sa_conf_t conf = {
+ .initiator = {
+ .esp = "aes128-sha256-modp2048-modp3072",
+ },
+ .responder = {
+ .esp = "aes128-sha256-modp3072-modp2048",
+ },
+ };
+ ike_sa_t *a, *b;
+ message_t *msg;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, &conf);
+
+ /* Seven nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /---- INVAL_KE
+ * INVAL_KE -----\ /
+ * <-----\--/
+ * N5/7 -----\ \------->
+ * <-----\--------- N6/8
+ * N7/9 -------\------->
+ * <-------\------- DELETE
+ * ... ------\ \----->
+ * /---- TEMP_FAIL
+ *
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF } },
+ { { 0xFF, 0x00, 0xFF } },
+ { { 0xFF, 0xFF, 0x00 } },
+ };
+
+ /* make sure the nonces of the first try don't affect the retries */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(a, 1);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(b, 2);
+
+ /* this should never get called as this results in a successful rekeying */
+ assert_hook_not_called(child_updown);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ assert_hook_not_called(child_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(INVAL_KE) } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_hook();
+ /* CREATE_CHILD_SA { N(INVAL_KE) } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_hook();
+
+ /* delay the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_rekey(child_rekey, 1, 9);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 1, CHILD_REKEYED);
+ assert_child_sa_state(a, 9, CHILD_INSTALLED);
+ assert_hook();
+ /* CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } --> */
+ assert_hook_rekey(child_rekey, 2, 8);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_child_sa_state(b, 8, CHILD_INSTALLED);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(child_rekey);
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> (delayed) */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_child_sa_state(b, 2, CHILD_DELETING);
+ assert_child_sa_state(b, 8, CHILD_INSTALLED);
+
+ /* <-- INFORMATIONAL { D } */
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 9, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_no_jobs_scheduled();
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, 9, CHILD_INSTALLED);
+ assert_child_sa_count(a, 1);
+ assert_scheduler();
+
+ /* INFORMATIONAL { D } --> */
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, 8, CHILD_INSTALLED);
+ assert_child_sa_count(b, 1);
+
+ /* child_rekey/child_updown */
+ assert_hook();
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a DELETE of the CHILD_SA the other peer is
+ * concurrently trying to rekey.
+ *
+ * rekey ----\ /---- delete
+ * \-----/----> detect collision
+ * detect collision <---------/ /---- TEMP_FAIL
+ * delete ----\ /
+ * \----/----->
+ * aborts rekeying <--------/
+ */
+START_TEST(test_collision_delete)
+{
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1, spi_b = 2-_i;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ initiate_rekey(a, spi_a);
+ call_ikesa(b, delete_child_sa, PROTO_ESP, spi_b, FALSE);
+ assert_child_sa_state(b, spi_b, CHILD_DELETING);
+
+ /* this should never get called as there is no successful rekeying on
+ * either side */
+ assert_hook_not_called(child_rekey);
+
+ /* RFC 7296, 2.25.1: If a peer receives a request to rekey a CHILD_SA that
+ * it is currently trying to close, it SHOULD reply with TEMPORARY_FAILURE.
+ */
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_not_called(child_updown);
+ assert_notify(IN, REKEY_SA);
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, spi_b, CHILD_DELETING);
+ assert_hook();
+
+ /* RFC 7296, 2.25.1: If a peer receives a request to delete a CHILD_SA that
+ * it is currently trying to rekey, it SHOULD reply as usual, with a DELETE
+ * payload.
+ */
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_single_payload(OUT, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_hook_not_called(child_updown);
+ /* we don't expect a job to retry the rekeying */
+ assert_no_jobs_scheduled();
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_scheduler();
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(child_updown, FALSE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ /* child_rekey */
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a DELETE of the CHILD_SA the other peer is
+ * concurrently trying to rekey. However, the delete request is delayed or
+ * dropped, so the peer doing the rekeying is unaware of the collision.
+ *
+ * rekey ----\ /---- delete
+ * \-----/----> detect collision
+ * reschedule <---------/------ TEMP_FAIL
+ * <--------/
+ * delete ---------------->
+ *
+ * The job will not find the SA to retry rekeying.
+ */
+START_TEST(test_collision_delete_drop_delete)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+ uint32_t spi_a = _i+1, spi_b = 2-_i;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ initiate_rekey(a, spi_a);
+ call_ikesa(b, delete_child_sa, PROTO_ESP, spi_b, FALSE);
+ assert_child_sa_state(b, spi_b, CHILD_DELETING);
+
+ /* this should never get called as there is no successful rekeying on
+ * either side */
+ assert_hook_not_called(child_rekey);
+
+ /* RFC 7296, 2.25.1: If a peer receives a request to rekey a CHILD_SA that
+ * it is currently trying to close, it SHOULD reply with TEMPORARY_FAILURE.
+ */
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_hook_not_called(child_updown);
+ assert_notify(IN, REKEY_SA);
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_state(b, spi_b, CHILD_DELETING);
+ assert_hook();
+
+ /* delay the DELETE request */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_hook_not_called(child_updown);
+ /* we expect a job to retry the rekeying is scheduled */
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_INSTALLED);
+ assert_scheduler();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } (delayed) */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_single_payload(OUT, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(child_updown, FALSE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ /* child_rekey */
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a DELETE of the CHILD_SA the other peer is
+ * concurrently trying to rekey. However, the rekey request is delayed or
+ * dropped, so the peer doing the deleting is unaware of the collision.
+ *
+ * rekey ----\ /---- delete
+ * detect collision <----\-----/
+ * delete ------\--------->
+ * \-------->
+ * /---- CHILD_SA_NOT_FOUND
+ * aborts rekeying <----------/
+ */
+ START_TEST(test_collision_delete_drop_rekey)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+ uint32_t spi_a = _i+1, spi_b = 2-_i;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ initiate_rekey(a, spi_a);
+ call_ikesa(b, delete_child_sa, PROTO_ESP, spi_b, FALSE);
+ assert_child_sa_state(b, spi_b, CHILD_DELETING);
+
+ /* this should never get called as there is no successful rekeying on
+ * either side */
+ assert_hook_not_called(child_rekey);
+
+ /* delay the CREATE_CHILD_SA request */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* RFC 7296, 2.25.1: If a peer receives a request to delete a CHILD_SA that
+ * it is currently trying to rekey, it SHOULD reply as usual, with a DELETE
+ * payload.
+ */
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_single_payload(OUT, PLV2_DELETE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_count(a, 0);
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(child_updown, FALSE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_child_sa_count(b, 0);
+ assert_hook();
+
+ /* RFC 7296, 2.25.1: If a peer receives a to rekey a Child SA that does not
+ * exist, it SHOULD reply with CHILD_SA_NOT_FOUND.
+ */
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> (delayed) */
+ assert_hook_not_called(child_updown);
+ assert_notify(IN, REKEY_SA);
+ assert_single_notify(OUT, CHILD_SA_NOT_FOUND);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(NO_CHILD_SA) } */
+ assert_hook_not_called(child_updown);
+ /* no jobs or tasks should get scheduled/queued */
+ assert_no_jobs_scheduled();
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_scheduler();
+ assert_hook();
+
+ /* child_rekey */
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * FIXME: Not sure what we can do about the following:
+ *
+ * One of the hosts initiates a rekeying of a CHILD_SA and after responding to
+ * it the other peer deletes the new SA. However, the rekey response is
+ * delayed or dropped, so the peer doing the rekeying receives a delete for an
+ * unknown CHILD_SA and then has a rekeyed CHILD_SA that should not exist.
+ *
+ * rekey ---------------->
+ * /---- rekey
+ * unknown SA <----------/----- delete new SA
+ * ----------/----->
+ * <--------/
+ *
+ * The peers' states are now out of sync.
+ *
+ * Perhaps the rekey initiator could keep track of deletes for non-existing SAs
+ * while rekeying and then check against the SPIs when handling the
+ * CREATE_CHILD_SA response.
+ */
+
+
+/**
+ * One of the hosts initiates a rekey of the IKE_SA of the CHILD_SA the other
+ * peer is concurrently trying to rekey.
+ *
+ * rekey ----\ /---- rekey IKE
+ * \-----/----> detect collision
+ * detect collision <---------/ /---- TEMP_FAIL
+ * TEMP_FAIL ----\ /
+ * \----/----->
+ * <--------/
+ */
+START_TEST(test_collision_ike_rekey)
+{
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ initiate_rekey(a, spi_a);
+ call_ikesa(b, rekey);
+ assert_ike_sa_state(b, IKE_REKEYING);
+
+ /* these should never get called as there is no successful rekeying on
+ * either side */
+ assert_hook_not_called(ike_rekey);
+ assert_hook_not_called(child_rekey);
+
+ /* RFC 7296, 2.25.2: If a peer receives a request to rekey a CHILD_SA when
+ * it is currently rekeying the IKE SA, it SHOULD reply with
+ * TEMPORARY_FAILURE.
+ */
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+
+ /* RFC 7296, 2.25.1: If a peer receives a request to rekey the IKE SA, and
+ * it is currently, rekeying, or closing a Child SA of that IKE SA, it
+ * SHOULD reply with TEMPORARY_FAILURE.
+ */
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_REKEYING);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ /* we expect a job to retry the rekeying is scheduled */
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_child_sa_state(a, spi_a, CHILD_INSTALLED);
+ assert_scheduler();
+
+ /* CREATE_CHILD_SA { N(TEMP_FAIL) } --> */
+ /* we expect a job to retry the rekeying is scheduled */
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_ESTABLISHED);
+ assert_scheduler();
+
+ /* ike_rekey/child_rekey */
+ assert_hook();
+ assert_hook();
+
+ assert_sa_idle(a);
+ assert_sa_idle(b);
+
+ call_ikesa(a, destroy);
+ call_ikesa(b, destroy);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a delete of the IKE_SA of the CHILD_SA the other
+ * peer is concurrently trying to rekey.
+ *
+ * rekey ----\ /---- delete IKE
+ * \-----/----> detect collision
+ * <---------/ /---- TEMP_FAIL
+ * delete ----\ /
+ * \----/----->
+ * sa already gone <--------/
+ */
+START_TEST(test_collision_ike_delete)
+{
+ ike_sa_t *a, *b;
+ uint32_t spi_a = _i+1;
+ message_t *msg;
+ status_t s;
+
+ if (_i)
+ { /* responder rekeys the CHILD_SA (SPI 2) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the CHILD_SA (SPI 1) */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ initiate_rekey(a, spi_a);
+ call_ikesa(b, delete);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* this should never get called as there is no successful rekeying on
+ * either side */
+ assert_hook_not_called(child_rekey);
+
+ /* RFC 7296, 2.25.2 does not explicitly state what the behavior SHOULD be if
+ * a peer receives a request to rekey a CHILD_SA when it is currently
+ * closing the IKE SA. We expect a TEMPORARY_FAILURE notify.
+ */
+
+ /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* RFC 7296, 2.25.1 does not explicitly state what the behavior SHOULD be if
+ * a peer receives a request to close the IKE SA if it is currently rekeying
+ * a Child SA of that IKE SA. Let's just close the IKE_SA and forget the
+ * rekeying.
+ */
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(OUT);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ /* the SA is already gone */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+ msg->destroy(msg);
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* child_rekey */
+ assert_hook();
+}
+END_TEST
+
+Suite *child_rekey_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("child rekey");
+
+ tc = tcase_create("regular");
+ tcase_add_loop_test(tc, test_regular, 0, 2);
+ tcase_add_loop_test(tc, test_regular_ke_invalid, 0, 2);
+ tcase_add_test(tc, test_regular_responder_ignore_soft_expire);
+ tcase_add_test(tc, test_regular_responder_handle_hard_expire);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions rekey");
+ tcase_add_loop_test(tc, test_collision, 0, 4);
+ tcase_add_loop_test(tc, test_collision_delayed_response, 0, 4);
+ tcase_add_loop_test(tc, test_collision_delayed_request, 0, 3);
+ tcase_add_loop_test(tc, test_collision_delayed_request_more, 0, 3);
+ tcase_add_loop_test(tc, test_collision_ke_invalid, 0, 4);
+ tcase_add_loop_test(tc, test_collision_ke_invalid_delayed_retry, 0, 3);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions delete");
+ tcase_add_loop_test(tc, test_collision_delete, 0, 2);
+ tcase_add_loop_test(tc, test_collision_delete_drop_delete, 0, 2);
+ tcase_add_loop_test(tc, test_collision_delete_drop_rekey, 0, 2);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions ike rekey");
+ tcase_add_loop_test(tc, test_collision_ike_rekey, 0, 2);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions ike delete");
+ tcase_add_loop_test(tc, test_collision_ike_delete, 0, 2);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libcharon/tests/suites/test_ike_delete.c b/src/libcharon/tests/suites/test_ike_delete.c
new file mode 100644
index 000000000..d79f9bc50
--- /dev/null
+++ b/src/libcharon/tests/suites/test_ike_delete.c
@@ -0,0 +1,137 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <tests/utils/exchange_test_helper.h>
+#include <tests/utils/exchange_test_asserts.h>
+#include <tests/utils/sa_asserts.h>
+
+/**
+ * Regular IKE_SA delete either initiated by the original initiator or
+ * responder of the IKE_SA.
+ */
+START_TEST(test_regular)
+{
+ ike_sa_t *a, *b;
+ status_t s;
+
+ if (_i)
+ { /* responder deletes the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator deletes the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+ call_ikesa(a, delete);
+ assert_ike_sa_state(a, IKE_DELETING);
+ assert_hook();
+ assert_hook();
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { } */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ assert_hook();
+ assert_hook();
+}
+END_TEST
+
+/**
+ * Both peers initiate the IKE_SA deletion concurrently and should handle the
+ * collision properly.
+ */
+START_TEST(test_collision)
+{
+ ike_sa_t *a, *b;
+ status_t s;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+ call_ikesa(a, delete);
+ assert_ike_sa_state(a, IKE_DELETING);
+ call_ikesa(b, delete);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_hook();
+ assert_hook();
+
+ /* RFC 7296 says: If a peer receives a request to close an IKE SA that it
+ * is currently trying to close, it SHOULD reply as usual, and forget about
+ * its own close request.
+ * So we expect the SA to just get closed with an empty response still sent.
+ */
+
+ /* INFORMATIONAL { D } --> */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_message_empty(OUT);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_message_empty(OUT);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ assert_hook();
+ assert_hook();
+}
+END_TEST
+
+Suite *ike_delete_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("ike delete");
+
+ tc = tcase_create("regular");
+ tcase_add_loop_test(tc, test_regular, 0, 2);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions");
+ tcase_add_test(tc, test_collision);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libcharon/tests/suites/test_ike_rekey.c b/src/libcharon/tests/suites/test_ike_rekey.c
new file mode 100644
index 000000000..ba39657a4
--- /dev/null
+++ b/src/libcharon/tests/suites/test_ike_rekey.c
@@ -0,0 +1,1480 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <tests/utils/exchange_test_helper.h>
+#include <tests/utils/exchange_test_asserts.h>
+#include <tests/utils/job_asserts.h>
+#include <tests/utils/sa_asserts.h>
+
+/**
+ * Initiate rekeying the given IKE_SA.
+ */
+#define initiate_rekey(sa) ({ \
+ assert_hook_not_called(ike_rekey); \
+ call_ikesa(sa, rekey); \
+ assert_ike_sa_state(a, IKE_REKEYING); \
+ assert_hook(); \
+})
+
+/**
+ * Regular IKE_SA rekeying either initiated by the original initiator or
+ * responder of the IKE_SA.
+ */
+START_TEST(test_regular)
+{
+ ike_sa_t *a, *b, *new_sa;
+ status_t s;
+
+ if (_i)
+ { /* responder rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ initiate_rekey(a);
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_rekey(ike_rekey, 1, 3);
+ assert_no_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYED);
+ assert_child_sa_count(b, 0);
+ new_sa = assert_ike_sa_checkout(3, 4, FALSE);
+ assert_ike_sa_state(new_sa, IKE_ESTABLISHED);
+ assert_child_sa_count(new_sa, 1);
+ assert_ike_sa_count(1);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, KEr } */
+ assert_hook_rekey(ike_rekey, 1, 3);
+ assert_no_notify(IN, REKEY_SA);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_DELETING);
+ assert_child_sa_count(a, 0);
+ new_sa = assert_ike_sa_checkout(3, 4, TRUE);
+ assert_ike_sa_state(new_sa, IKE_ESTABLISHED);
+ assert_child_sa_count(new_sa, 1);
+ assert_ike_sa_count(2);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(ike_rekey);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ /* <-- INFORMATIONAL { } */
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+
+ /* ike_rekey/ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * IKE_SA rekeying where the responder does not agree with the DH group selected
+ * by the initiator, either initiated by the original initiator or responder of
+ * the IKE_SA.
+ */
+START_TEST(test_regular_ke_invalid)
+{
+ exchange_test_sa_conf_t conf = {
+ .initiator = {
+ .ike = "aes128-sha256-modp2048-modp3072",
+ },
+ .responder = {
+ .ike = "aes128-sha256-modp3072-modp2048",
+ },
+ };
+ ike_sa_t *a, *b, *sa;
+ status_t s;
+
+ lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals",
+ FALSE, lib->ns);
+ if (_i)
+ { /* responder rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, &conf);
+ }
+ else
+ { /* initiator rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, &conf);
+ }
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals",
+ TRUE, lib->ns);
+
+ initiate_rekey(a);
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_ESTABLISHED);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+
+ /* <-- CREATE_CHILD_SA { N(INVAL_KE) } */
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_rekey(ike_rekey, 1, 3);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYED);
+ assert_child_sa_count(b, 0);
+ sa = assert_ike_sa_checkout(3, 5, FALSE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(1);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, KEr } */
+ assert_hook_rekey(ike_rekey, 1, 3);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_DELETING);
+ assert_child_sa_count(a, 0);
+ sa = assert_ike_sa_checkout(3, 5, TRUE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(2);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(ike_rekey);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ /* <-- INFORMATIONAL { } */
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+
+ /* ike_rekey/ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * Both peers initiate the IKE_SA rekeying concurrently and should handle the
+ * collision properly depending on the nonces.
+ */
+START_TEST(test_collision)
+{
+ ike_sa_t *a, *b, *sa;
+ status_t status;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* When rekeyings collide we get two IKE_SAs with a total of four nonces.
+ * The IKE_SA with the lowest nonce SHOULD be deleted by the peer that
+ * created that IKE_SA. The replaced IKE_SA is deleted by the peer that
+ * initiated the surviving SA.
+ * Four nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * IKE_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /----- ...
+ * ... -----\
+ * We test this four times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[4];
+ /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+ uint32_t del_a_i, del_a_r;
+ uint32_t del_b_i, del_b_r;
+ /* SPIs of the kept IKE_SA */
+ uint32_t spi_i, spi_r;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ { { 0xFF, 0xFF, 0x00, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 2, 4, 6, 3, 5 },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* simplify next steps by checking in original IKE_SAs */
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, a);
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, b);
+ assert_ike_sa_count(2);
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, KEr } */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ /* as original initiator a is initiator of both SAs it could delete */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+ assert_ike_sa_state(sa, IKE_DELETING);
+ assert_child_sa_count(sa, 0);
+ /* if b won it will delete the original SA a initiated */
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i == 1);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_child_sa_count(sa, 0);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+ data[_i].del_a_i == 1);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(4);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Nr, KEr } --> */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ /* if b wins it deletes the SA originally initiated by a */
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i != 1);
+ assert_ike_sa_state(sa, IKE_DELETING);
+ assert_child_sa_count(sa, 0);
+ /* a only deletes SAs for which b is responder */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_child_sa_count(sa, 0);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+ data[_i].del_b_i == 1);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(6);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(ike_rekey);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(5);
+ /* <-- INFORMATIONAL { D } */
+ assert_single_payload(IN, PLV2_DELETE);
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i == 1);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(4);
+ /* <-- INFORMATIONAL { } */
+ assert_message_empty(IN);
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(3);
+ /* INFORMATIONAL { } --> */
+ assert_message_empty(IN);
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i != 1);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(2);
+
+ /* ike_rekey/ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * Both peers initiate the IKE_SA rekeying concurrently but the proposed DH
+ * gropus are not the same. After handling the INVALID_KE_PAYLOAD they should
+ * still handle the collision properly depending on the nonces.
+ */
+START_TEST(test_collision_ke_invalid)
+{
+ exchange_test_sa_conf_t conf = {
+ .initiator = {
+ .ike = "aes128-sha256-modp2048-modp3072",
+ },
+ .responder = {
+ .ike = "aes128-sha256-modp3072-modp2048",
+ },
+ };
+ ike_sa_t *a, *b, *sa;
+ status_t status;
+
+ lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals",
+ FALSE, lib->ns);
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, &conf);
+
+ lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals",
+ TRUE, lib->ns);
+
+ /* Six nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * IKE_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /---- INVAL_KE
+ * INVAL_KE -----\ /
+ * <-----\--/
+ * N1/3 -----\ \------->
+ * \ /---- N2/4
+ * \--/----> N5/7
+ * N6/8 <--------/ /---- ...
+ * ... ------\
+ * We test this four times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[4];
+ /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+ uint32_t del_a_i, del_a_r;
+ uint32_t del_b_i, del_b_r;
+ /* SPIs of the kept IKE_SA */
+ uint32_t spi_i, spi_r;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF, 0xFF }, 3, 7, 1, 2, 4, 8 },
+ { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 2, 4, 8, 3, 7 },
+ { { 0xFF, 0xFF, 0x00, 0xFF }, 3, 7, 1, 2, 4, 8 },
+ { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 2, 4, 8, 3, 7 },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(INVAL_KE) } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ assert_hook_not_called(ike_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { N(INVAL_KE) } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* simplify next steps by checking in original IKE_SAs */
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, a);
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, b);
+ assert_ike_sa_count(2);
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, KEr } */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ /* as original initiator a is initiator of both SAs it could delete */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+ assert_ike_sa_state(sa, IKE_DELETING);
+ assert_child_sa_count(sa, 0);
+ /* if b won it will delete the original SA a initiated */
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i == 1);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_child_sa_count(sa, 0);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+ data[_i].del_a_i == 1);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(4);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Nr, KEr } --> */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ /* if b wins it deletes the SA originally initiated by a */
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i != 1);
+ assert_ike_sa_state(sa, IKE_DELETING);
+ assert_child_sa_count(sa, 0);
+ /* a only deletes SAs for which b is responder */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_child_sa_count(sa, 0);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+ data[_i].del_b_i == 1);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(6);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(ike_rekey);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(5);
+ /* <-- INFORMATIONAL { D } */
+ assert_single_payload(IN, PLV2_DELETE);
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i == 1);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(4);
+ /* <-- INFORMATIONAL { } */
+ assert_message_empty(IN);
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(3);
+ /* INFORMATIONAL { } --> */
+ assert_message_empty(IN);
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i != 1);
+ status = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, status);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(2);
+
+ /* ike_rekey/ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * This is like the collision above but one of the retries is delayed.
+ */
+START_TEST(test_collision_ke_invalid_delayed_retry)
+{
+ exchange_test_sa_conf_t conf = {
+ .initiator = {
+ .ike = "aes128-sha256-modp2048-modp3072",
+ },
+ .responder = {
+ .ike = "aes128-sha256-modp3072-modp2048",
+ },
+ };
+ ike_sa_t *a, *b, *sa;
+ message_t *msg;
+ status_t s;
+
+ lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals",
+ FALSE, lib->ns);
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, &conf);
+
+ lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals",
+ TRUE, lib->ns);
+
+ /* Five nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * IKE_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /---- INVAL_KE
+ * INVAL_KE -----\ /
+ * <-----\--/
+ * N1/3 -----\ \------->
+ * <-----\--------- N2/4
+ * N5/7 -------\------->
+ * <-------\------- DELETE
+ * ... ------\ \----->
+ * /---- TEMP_FAIL
+ *
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF } },
+ { { 0xFF, 0x00, 0xFF } },
+ { { 0xFF, 0xFF, 0x00 } },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(INVAL_KE) } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ assert_hook_not_called(ike_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { N(INVAL_KE) } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ assert_hook_not_called(child_rekey);
+ assert_single_notify(IN, INVALID_KE_PAYLOAD);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* delay the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Nr, KEr } --> */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_child_sa_count(b, 0);
+ sa = assert_ike_sa_checkout(4, 7, TRUE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(1);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> (delayed) */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ sa = assert_ike_sa_checkout(4, 7, FALSE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(2);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ /* the SA is already gone */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+ msg->destroy(msg);
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_not_called(ike_rekey);
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+
+ /* ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * This is like the rekey collision above, but one peer deletes the
+ * redundant/old SA before the other peer receives the CREATE_CHILD_SA
+ * response:
+ * Peer A Peer B
+ * rekey ----\ /---- rekey
+ * \-----/----> detect collision
+ * detect collision <---------/ /----
+ * -----------/---->
+ * handle delete <---------/------ delete redundant/old SA
+ * ---------/------>
+ * handle rekey <-------/
+ * delete SA ---------------->
+ * <----------------
+ *
+ * If peer B won the collision it deletes the old IKE_SA, in which case
+ * this situation is handled as if peer B was not aware of the collision (see
+ * below). That is, peer A finalizes the rekeying initiated by the peer and
+ * deletes the IKE_SA (it has no way of knowing whether the peer was aware of
+ * the collision or not). Peer B will expect the redundant IKE_SA to get
+ * deleted, but that will never happen if the response arrives after the SA is
+ * already gone. So a job should be queued that deletes it after a while.
+ *
+ * If peer B lost it will switch to the new IKE_SA and delete the redundant
+ * IKE_SA and expect a delete for the old IKE_SA. In this case peer A will
+ * simply retransmit until it receives a response to the rekey request, all the
+ * while ignoring the delete requests for the unknown IKE_SA. Afterwards,
+ * everything works as in a regular collision (however, until peer A receives
+ * the response it will not be able to receive any messages on the new IKE_SA).
+ */
+START_TEST(test_collision_delayed_response)
+{
+ ike_sa_t *a, *b, *sa;
+ message_t *msg, *d;
+ status_t s;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Four nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * IKE_SA):
+ * N1/3 -----\ /----- N2/4
+ * \--/-----> N3/5
+ * N4/6 <-------/ /----- ...
+ * ... -----\
+ * We test this four times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[4];
+ /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+ uint32_t del_a_i, del_a_r;
+ uint32_t del_b_i, del_b_r;
+ /* SPIs of the kept IKE_SA */
+ uint32_t spi_i, spi_r;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ { { 0xFF, 0xFF, 0x00, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 2, 4, 6, 3, 5 },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_REKEYING);
+ assert_child_sa_count(b, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* delay the CREATE_CHILD_SA response from b to a */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* simplify next steps by checking in original IKE_SAs */
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, a);
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, b);
+ assert_ike_sa_count(2);
+
+ /* CREATE_CHILD_SA { SA, Nr, KEr } --> */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ /* besides the job that retransmits the delete, we expect a job that
+ * deletes the redundant IKE_SA if we expect the other to delete it */
+ assert_jobs_scheduled(data[_i].del_b_i == 1 ? 2 : 1);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ /* if b wins it deletes the SA originally initiated by a */
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+ data[_i].del_b_i != 1);
+ assert_ike_sa_state(sa, IKE_DELETING);
+ assert_child_sa_count(sa, 0);
+ /* a only deletes SAs for which b is responder */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_child_sa_count(sa, 0);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+ data[_i].del_b_i == 1);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(4);
+ assert_scheduler();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } */
+ if (data[_i].del_b_i == 1)
+ { /* b won, it deletes the replaced IKE_SA */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, a,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, a);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r, FALSE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(4);
+ assert_hook();
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_not_called(ike_rekey);
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, b,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, b);
+ assert_ike_sa_count(3);
+ assert_hook();
+ /* the job will later remove this redundant IKE_SA on b */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_sa_idle(sa);
+ /* <-- CREATE_CHILD_SA { SA, Nr, KEr } (delayed) */
+ /* the IKE_SA (a) does not exist anymore */
+ msg->destroy(msg);
+ }
+ else
+ { /* b lost, the delete is for the non-existing redundant IKE_SA */
+ d = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { SA, Nr, KEr } (delayed) */
+ assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+ exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ /* as original initiator a is initiator of both SAs it could delete */
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+ assert_ike_sa_state(sa, IKE_DELETING);
+ assert_child_sa_count(sa, 0);
+ /* this is the redundant SA b is trying to delete */
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r, FALSE);
+ assert_ike_sa_state(sa, IKE_REKEYED);
+ assert_child_sa_count(sa, 0);
+ sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+ data[_i].del_a_i == 1);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(6);
+ assert_hook();
+
+ /* we don't expect this hook to get called anymore */
+ assert_hook_not_called(ike_rekey);
+
+ /* INFORMATIONAL { D } --> */
+ assert_single_payload(IN, PLV2_DELETE);
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+ s = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(5);
+ /* <-- INFORMATIONAL { } */
+ assert_message_empty(IN);
+ sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+ s = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(4);
+
+ /* <-- INFORMATIONAL { D } (retransmit/delayed) */
+ assert_single_payload(IN, PLV2_DELETE);
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r, FALSE);
+ s = exchange_test_helper->process_message(exchange_test_helper, sa, d);
+ ck_assert_int_eq(DESTROY_ME, s);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(3);
+ /* INFORMATIONAL { } --> */
+ assert_message_empty(IN);
+ sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r, TRUE);
+ s = exchange_test_helper->process_message(exchange_test_helper, sa,
+ NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+ assert_ike_sa_count(2);
+ /* ike_rekey */
+ assert_hook();
+ }
+
+ /* ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * In this scenario one of the peers does not notice that there is a rekey
+ * collision because the other request is dropped:
+ *
+ * rekey ----\ /---- rekey
+ * \ /
+ * detect collision <-----\---/
+ * -------\-------->
+ * detect collision <-------\-------- delete old SA
+ * delete ---------\------>
+ * rekey done \-----> SA not found (or it never arrives)
+ */
+START_TEST(test_collision_dropped_request)
+{
+ ike_sa_t *a, *b, *sa;
+ message_t *msg;
+ status_t s;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Three nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * N3/5 <-----\--/
+ * ... -----\ \-------> ...
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+ uint32_t del_a_i, del_a_r;
+ uint32_t del_b_i, del_b_r;
+ /* SPIs of the kept IKE_SA */
+ uint32_t spi_i, spi_r;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0x00, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ { { 0xFF, 0xFF, 0x00 }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0xFF, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ /* drop the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+ msg->destroy(msg);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_child_sa_count(b, 0);
+ sa = assert_ike_sa_checkout(4, 5, TRUE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(1);
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ sa = assert_ike_sa_checkout(4, 5, FALSE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(2);
+ assert_hook();
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_not_called(ike_rekey);
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+
+ /* ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * In this scenario one of the peers does not notice that there is a rekey
+ * collision because the other request is delayed:
+ *
+ * rekey ----\ /---- rekey
+ * \ /
+ * detect collision <-----\---/
+ * -------\-------->
+ * \ /---- delete old SA
+ * \-/----> detect collision
+ * detect collision <---------/ /---- TEMP_FAIL
+ * delete -----------/---->
+ * rekey done /
+ * sa already gone <--------/
+ */
+START_TEST(test_collision_delayed_request)
+{
+ ike_sa_t *a, *b, *sa;
+ message_t *msg;
+ status_t s;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Three nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * N3/5 <-----\--/
+ * ... -----\ \-------> ...
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+ uint32_t del_a_i, del_a_r;
+ uint32_t del_b_i, del_b_r;
+ /* SPIs of the kept IKE_SA */
+ uint32_t spi_i, spi_r;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0x00, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ { { 0xFF, 0xFF, 0x00 }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0xFF, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* delay the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_child_sa_count(b, 0);
+ sa = assert_ike_sa_checkout(4, 5, TRUE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(1);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> (delayed) */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ sa = assert_ike_sa_checkout(4, 5, FALSE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(2);
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ /* the SA is already gone */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+ msg->destroy(msg);
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_not_called(ike_rekey);
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+
+ /* ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * In this scenario one of the peers does not notice that there is a rekey
+ * collision and the delete arrives after the TEMPORARY_FAILURE notify:
+ *
+ * rekey ----\ /---- rekey
+ * \ /
+ * detect collision <-----\---/
+ * -------\-------->
+ * \ /---- delete old SA
+ * \-/----> detect collision
+ * no reschedule <---------/------ TEMP_FAIL
+ * detect collision <--------/
+ * delete ---------------->
+ * rekey done
+ */
+START_TEST(test_collision_delayed_request_and_delete)
+{
+ ike_sa_t *a, *b, *sa;
+ message_t *msg;
+ status_t s;
+
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+
+ /* Three nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+ * CHILD_SA):
+ * N1/3 -----\ /----- N2/4
+ * N3/5 <-----\--/
+ * ... -----\ \-------> ...
+ * We test this three times, each time a different nonce is the lowest.
+ */
+ struct {
+ /* Nonces used at each point */
+ u_char nonces[3];
+ /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+ uint32_t del_a_i, del_a_r;
+ uint32_t del_b_i, del_b_r;
+ /* SPIs of the kept IKE_SA */
+ uint32_t spi_i, spi_r;
+ } data[] = {
+ { { 0x00, 0xFF, 0xFF }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0x00, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ { { 0xFF, 0xFF, 0x00 }, 3, 5, 1, 2, 4, 6 },
+ { { 0xFF, 0xFF, 0xFF }, 1, 2, 4, 6, 3, 5 },
+ };
+ /* these should never get called as this results in a successful rekeying */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+ initiate_rekey(a);
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+ initiate_rekey(b);
+
+ /* delay the CREATE_CHILD_SA request from a to b */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+ exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+ assert_hook_not_called(ike_rekey);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYING);
+ assert_child_sa_count(a, 1);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_child_sa_count(b, 0);
+ sa = assert_ike_sa_checkout(4, 5, TRUE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(1);
+ assert_hook();
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> (delayed) */
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, msg);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* delay the INFORMATIONAL request from b to a */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_hook_rekey(ike_rekey, 1, 4);
+ assert_no_jobs_scheduled();
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_REKEYED);
+ assert_child_sa_count(a, 0);
+ sa = assert_ike_sa_checkout(4, 5, FALSE);
+ assert_ike_sa_state(sa, IKE_ESTABLISHED);
+ assert_child_sa_count(sa, 1);
+ assert_ike_sa_count(2);
+ assert_scheduler();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } (delayed) */
+ assert_single_payload(IN, PLV2_DELETE);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_not_called(ike_rekey);
+ assert_message_empty(IN);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+
+ /* ike_updown/child_updown */
+ assert_hook();
+ assert_hook();
+
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a DELETE of the IKE_SA the other peer is
+ * concurrently trying to rekey.
+ *
+ * rekey ----\ /---- delete
+ * \-----/----> detect collision
+ * detect collision <---------/ /---- TEMP_FAIL
+ * delete ----\ /
+ * \----/----->
+ * sa already gone <--------/
+ */
+START_TEST(test_collision_delete)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+ status_t s;
+
+ if (_i)
+ { /* responder rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ /* this should never get called as this does not result in a successful
+ * rekeying on either side */
+ assert_hook_not_called(ike_rekey);
+
+ initiate_rekey(a);
+ call_ikesa(b, delete);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* RFC 7296, 2.25.2: If a peer receives a request to rekey an IKE SA that
+ * it is currently trying to close, it SHOULD reply with TEMPORARY_FAILURE.
+ */
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_not_called(ike_updown);
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* RFC 7296, 2.25.2: If a peer receives a request to close an IKE SA that
+ * it is currently rekeying, it SHOULD reply as usual, and forget its own
+ * rekeying request.
+ */
+
+ /* <-- INFORMATIONAL { D } */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_message_empty(OUT);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ /* the SA is already gone */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+ msg->destroy(msg);
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* ike_rekey */
+ assert_hook();
+}
+END_TEST
+
+/**
+ * One of the hosts initiates a DELETE of the IKE_SA the other peer is
+ * concurrently trying to rekey. However, the delete request is delayed or
+ * dropped, so the peer doing the rekeying is unaware of the collision.
+ *
+ * rekey ----\ /---- delete
+ * \-----/----> detect collision
+ * reschedule <---------/------ TEMP_FAIL
+ * <--------/
+ * delete ---------------->
+ */
+START_TEST(test_collision_delete_drop_delete)
+{
+ ike_sa_t *a, *b;
+ message_t *msg;
+ status_t s;
+
+ if (_i)
+ { /* responder rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &b, &a, NULL);
+ }
+ else
+ { /* initiator rekeys the IKE_SA */
+ exchange_test_helper->establish_sa(exchange_test_helper,
+ &a, &b, NULL);
+ }
+ /* this should never get called as this does not result in a successful
+ * rekeying on either side */
+ assert_hook_not_called(ike_rekey);
+
+ initiate_rekey(a);
+ call_ikesa(b, delete);
+ assert_ike_sa_state(b, IKE_DELETING);
+
+ /* RFC 7296, 2.25.2: If a peer receives a request to rekey an IKE SA that
+ * it is currently trying to close, it SHOULD reply with TEMPORARY_FAILURE.
+ */
+
+ /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+ assert_hook_not_called(ike_updown);
+ assert_single_notify(OUT, TEMPORARY_FAILURE);
+ exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ assert_ike_sa_state(b, IKE_DELETING);
+ assert_ike_sa_count(0);
+ assert_hook();
+
+ /* delay the DELETE request */
+ msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+ /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */
+ assert_hook_not_called(ike_updown);
+ assert_hook_not_called(child_updown);
+ /* we expect a job to retry the rekeying is scheduled */
+ assert_jobs_scheduled(1);
+ exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+ assert_ike_sa_state(a, IKE_ESTABLISHED);
+ assert_scheduler();
+ assert_hook();
+ assert_hook();
+
+ /* <-- INFORMATIONAL { D } (delayed) */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ assert_single_payload(IN, PLV2_DELETE);
+ assert_message_empty(OUT);
+ s = exchange_test_helper->process_message(exchange_test_helper, a, msg);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(a, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* INFORMATIONAL { } --> */
+ assert_hook_updown(ike_updown, FALSE);
+ assert_hook_updown(child_updown, FALSE);
+ s = exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+ ck_assert_int_eq(DESTROY_ME, s);
+ call_ikesa(b, destroy);
+ assert_hook();
+ assert_hook();
+
+ /* ike_rekey */
+ assert_hook();
+}
+END_TEST
+
+Suite *ike_rekey_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("ike rekey");
+
+ tc = tcase_create("regular");
+ tcase_add_loop_test(tc, test_regular, 0, 2);
+ tcase_add_loop_test(tc, test_regular_ke_invalid, 0, 2);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions rekey");
+ tcase_add_loop_test(tc, test_collision, 0, 4);
+ tcase_add_loop_test(tc, test_collision_ke_invalid, 0, 4);
+ tcase_add_loop_test(tc, test_collision_ke_invalid_delayed_retry, 0, 3);
+ tcase_add_loop_test(tc, test_collision_delayed_response, 0, 4);
+ tcase_add_loop_test(tc, test_collision_dropped_request, 0, 3);
+ tcase_add_loop_test(tc, test_collision_delayed_request, 0, 3);
+ tcase_add_loop_test(tc, test_collision_delayed_request_and_delete, 0, 3);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("collisions delete");
+ tcase_add_loop_test(tc, test_collision_delete, 0, 2);
+ tcase_add_loop_test(tc, test_collision_delete_drop_delete, 0, 2);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libcharon/tests/suites/test_message_chapoly.c b/src/libcharon/tests/suites/test_message_chapoly.c
index e871cf6c2..f4a74abb4 100644
--- a/src/libcharon/tests/suites/test_message_chapoly.c
+++ b/src/libcharon/tests/suites/test_message_chapoly.c
@@ -40,7 +40,7 @@ METHOD(aead_t, get_iv_gen, iv_gen_t*,
}
METHOD(iv_gen_t, get_iv, bool,
- iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer)
+ iv_gen_t *this, uint64_t seq, size_t size, uint8_t *buffer)
{
if (size != 8)
{
@@ -51,7 +51,7 @@ METHOD(iv_gen_t, get_iv, bool,
}
METHOD(iv_gen_t, allocate_iv, bool,
- iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk)
+ iv_gen_t *this, uint64_t seq, size_t size, chunk_t *chunk)
{
if (size != 8)
{
@@ -66,10 +66,10 @@ METHOD(iv_gen_t, allocate_iv, bool,
*/
START_TEST(test_chacha20poly1305)
{
- u_int64_t spii, spir;
+ uint64_t spii, spir;
ike_sa_id_t *id;
message_t *m;
- u_int32_t window = htonl(10);
+ uint32_t window = htonl(10);
chunk_t chunk, exp;
keymat_t keymat = {
.get_version = _get_version,
diff --git a/src/libcharon/tests/suites/test_proposal.c b/src/libcharon/tests/suites/test_proposal.c
new file mode 100644
index 000000000..a6226f68f
--- /dev/null
+++ b/src/libcharon/tests/suites/test_proposal.c
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <config/proposal.h>
+
+static struct {
+ char *self;
+ char *other;
+ char *expected;
+} select_data[] = {
+ { "aes128", "aes128", "aes128" },
+ { "aes128", "aes256", NULL },
+ { "aes128-aes256", "aes256-aes128", "aes128" },
+ { "aes256-aes128", "aes128-aes256", "aes256" },
+ { "aes128-aes256-sha1-sha256", "aes256-aes128-sha256-sha1", "aes128-sha1" },
+ { "aes256-aes128-sha256-sha1", "aes128-aes256-sha1-sha256", "aes256-sha256" },
+ { "aes128-sha256-modp3072", "aes128-sha256", NULL },
+ { "aes128-sha256", "aes128-sha256-modp3072", NULL },
+ { "aes128-sha256-modp3072", "aes128-sha256-modpnone", NULL },
+ { "aes128-sha256-modpnone", "aes128-sha256-modp3072", NULL },
+ { "aes128-sha256-modp3072-modpnone", "aes128-sha256", "aes128-sha256" },
+ { "aes128-sha256", "aes128-sha256-modp3072-modpnone", "aes128-sha256" },
+ { "aes128-sha256-modp3072-modpnone", "aes128-sha256-modpnone-modp3072", "aes128-sha256-modp3072" },
+ { "aes128-sha256-modpnone-modp3072", "aes128-sha256-modp3072-modpnone", "aes128-sha256-modpnone" },
+};
+
+START_TEST(test_select)
+{
+ proposal_t *self, *other, *selected, *expected;
+
+ self = proposal_create_from_string(PROTO_ESP,
+ select_data[_i].self);
+ other = proposal_create_from_string(PROTO_ESP,
+ select_data[_i].other);
+ selected = self->select(self, other, FALSE);
+ if (select_data[_i].expected)
+ {
+ expected = proposal_create_from_string(PROTO_ESP,
+ select_data[_i].expected);
+ ck_assert(selected);
+ ck_assert_msg(expected->equals(expected, selected), "proposal %P does "
+ "not match expected %P", selected, expected);
+ expected->destroy(expected);
+ }
+ else
+ {
+ ck_assert(!selected);
+ }
+ DESTROY_IF(selected);
+ other->destroy(other);
+ self->destroy(self);
+}
+END_TEST
+
+Suite *proposal_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("proposal");
+
+ tc = tcase_create("select");
+ tcase_add_loop_test(tc, test_select, 0, countof(select_data));
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libcharon/tests/utils/exchange_test_asserts.c b/src/libcharon/tests/utils/exchange_test_asserts.c
new file mode 100644
index 000000000..2602b97b7
--- /dev/null
+++ b/src/libcharon/tests/utils/exchange_test_asserts.c
@@ -0,0 +1,182 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <inttypes.h>
+
+#include <test_suite.h>
+
+#include "exchange_test_asserts.h"
+
+/*
+ * Described in header
+ */
+bool exchange_test_asserts_hook(listener_t *listener)
+{
+ listener_hook_assert_t *this = (listener_hook_assert_t*)listener;
+
+ this->count++;
+ return TRUE;
+}
+
+/*
+ * Described in header
+ */
+bool exchange_test_asserts_ike_updown(listener_t *listener, ike_sa_t *ike_sa,
+ bool up)
+{
+ listener_hook_assert_t *this = (listener_hook_assert_t*)listener;
+
+ this->count++;
+ assert_listener_msg(this->up == up, this, "IKE_SA not '%s'",
+ this->up ? "up" : "down");
+ return TRUE;
+}
+
+/*
+ * Described in header
+ */
+bool exchange_test_asserts_child_updown(listener_t *listener, ike_sa_t *ike_sa,
+ child_sa_t *child_sa, bool up)
+{
+ listener_hook_assert_t *this = (listener_hook_assert_t*)listener;
+
+ this->count++;
+ assert_listener_msg(this->up == up, this, "CHILD_SA not '%s'",
+ this->up ? "up" : "down");
+ return TRUE;
+}
+
+/*
+ * Described in header
+ */
+bool exchange_test_asserts_ike_rekey(listener_t *listener, ike_sa_t *old,
+ ike_sa_t *new)
+{
+ listener_hook_assert_t *this = (listener_hook_assert_t*)listener;
+ ike_sa_id_t *id;
+ uint64_t spi;
+
+ this->count++;
+ id = old->get_id(old);
+ spi = id->get_initiator_spi(id);
+ assert_listener_msg(this->spi_old == spi, this, "unexpected old IKE_SA "
+ "%.16"PRIx64"_i instead of %.16"PRIx64"_i",
+ be64toh(spi), be64toh(this->spi_old));
+ id = new->get_id(new);
+ spi = id->get_initiator_spi(id);
+ assert_listener_msg(this->spi_new == spi, this, "unexpected new IKE_SA "
+ "%.16"PRIx64"_i instead of %.16"PRIx64"_i",
+ be64toh(spi), be64toh(this->spi_new));
+ return TRUE;
+}
+
+/*
+ * Described in header
+ */
+bool exchange_test_asserts_child_rekey(listener_t *listener, ike_sa_t *ike_sa,
+ child_sa_t *old, child_sa_t *new)
+{
+ listener_hook_assert_t *this = (listener_hook_assert_t*)listener;
+ uint32_t spi, expected;
+
+ this->count++;
+ spi = old->get_spi(old, TRUE);
+ expected = this->spi_old;
+ assert_listener_msg(expected == spi, this, "unexpected old CHILD_SA %.8x "
+ "instead of %.8x", spi, expected);
+ spi = new->get_spi(new, TRUE);
+ expected = this->spi_new;
+ assert_listener_msg(expected == spi, this, "unexpected new CHILD_SA %.8x "
+ "instead of %.8x", spi, expected);
+ return TRUE;
+}
+
+/**
+ * Assert a given message rule
+ */
+static void assert_message_rule(listener_message_assert_t *this, message_t *msg,
+ listener_message_rule_t *rule)
+{
+ if (rule->expected)
+ {
+ if (rule->payload)
+ {
+ assert_listener_msg(msg->get_payload(msg, rule->payload),
+ this, "expected payload (%N) not found",
+ payload_type_names, rule->payload);
+
+ }
+ if (rule->notify)
+ {
+ assert_listener_msg(msg->get_notify(msg, rule->notify),
+ this, "expected notify payload (%N) not found",
+ notify_type_names, rule->notify);
+ }
+ }
+ else
+ {
+ if (rule->payload)
+ {
+ assert_listener_msg(!msg->get_payload(msg, rule->payload),
+ this, "unexpected payload (%N) found",
+ payload_type_names, rule->payload);
+
+ }
+ if (rule->notify)
+ {
+ assert_listener_msg(!msg->get_notify(msg, rule->notify),
+ this, "unexpected notify payload (%N) found",
+ notify_type_names, rule->notify);
+ }
+ }
+}
+
+/*
+ * Described in header
+ */
+bool exchange_test_asserts_message(listener_t *listener, ike_sa_t *ike_sa,
+ message_t *message, bool incoming, bool plain)
+{
+ listener_message_assert_t *this = (listener_message_assert_t*)listener;
+
+ if (plain && this->incoming == incoming)
+ {
+ if (this->count >= 0)
+ {
+ enumerator_t *enumerator;
+ int count = 0;
+ enumerator = message->create_payload_enumerator(message);
+ while (enumerator->enumerate(enumerator, NULL))
+ {
+ count++;
+ }
+ enumerator->destroy(enumerator);
+ assert_listener_msg(this->count == count, this, "unexpected payload "
+ "count in message (%d != %d)", this->count,
+ count);
+ }
+ if (this->num_rules)
+ {
+ int i;
+
+ for (i = 0; i < this->num_rules; i++)
+ {
+ assert_message_rule(this, message, &this->rules[i]);
+ }
+ }
+ return FALSE;
+ }
+ return TRUE;
+}
diff --git a/src/libcharon/tests/utils/exchange_test_asserts.h b/src/libcharon/tests/utils/exchange_test_asserts.h
new file mode 100644
index 000000000..32afcc2e4
--- /dev/null
+++ b/src/libcharon/tests/utils/exchange_test_asserts.h
@@ -0,0 +1,343 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * Special assertions using listener_t.
+ *
+ * @defgroup exchange_test_asserts exchange_test_asserts
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef EXCHANGE_TEST_ASSERTS_H_
+#define EXCHANGE_TEST_ASSERTS_H_
+
+#include <bus/listeners/listener.h>
+
+typedef struct listener_hook_assert_t listener_hook_assert_t;
+typedef struct listener_message_assert_t listener_message_assert_t;
+typedef struct listener_message_rule_t listener_message_rule_t;
+
+struct listener_hook_assert_t {
+
+ /**
+ * Implemented interface
+ */
+ listener_t listener;
+
+ /**
+ * Original source file
+ */
+ const char *file;
+
+ /**
+ * Source line
+ */
+ int line;
+
+ /**
+ * Name of the hook
+ */
+ const char *name;
+
+ /**
+ * Expected number of calls (-1 to ignore)
+ */
+ int expected;
+
+ /**
+ * Number of times the hook was called
+ */
+ int count;
+
+ /**
+ * Expected updown result
+ */
+ bool up;
+
+ /**
+ * Initiator/Inbound SPIs to expect in rekey event
+ */
+ uint64_t spi_old, spi_new;
+};
+
+/**
+ * Basic callback for methods on listener_t, counting the number of calls.
+ */
+bool exchange_test_asserts_hook(listener_t *this);
+
+/**
+ * Implementation of listener_t::ike_updown.
+ */
+bool exchange_test_asserts_ike_updown(listener_t *this, ike_sa_t *ike_sa,
+ bool up);
+
+/**
+ * Implementation of listener_t::child_updown.
+ */
+bool exchange_test_asserts_child_updown(listener_t *this, ike_sa_t *ike_sa,
+ child_sa_t *child_sa, bool up);
+
+/**
+ * Implementation of listener_t::ike_rekey.
+ */
+bool exchange_test_asserts_ike_rekey(listener_t *this, ike_sa_t *old,
+ ike_sa_t *new);
+
+/**
+ * Implementation of listener_t::child_rekey.
+ */
+bool exchange_test_asserts_child_rekey(listener_t *this, ike_sa_t *ike_sa,
+ child_sa_t *old, child_sa_t *new);
+
+/**
+ * Check if a statement evaluates to TRUE, use original source file and line
+ * in the error message if not.
+ *
+ * @param x statement to evaluate
+ * @param l listener providing original source file and line
+ * @param fmt printf format string
+ * @param ... arguments for fmt
+ */
+#define assert_listener_msg(x, l, fmt, ...) ({ \
+ test_fail_if_worker_failed(); \
+ if (!(x)) \
+ { \
+ test_fail_msg((l)->file, (l)->line, "%s: " fmt, #x, ##__VA_ARGS__); \
+ } \
+})
+
+/**
+ * Initialize an assertion that enforces that the given hook was called.
+ * Must be matched by a call to assert_hook().
+ *
+ * @param name name of the hook
+ */
+#define assert_hook_called(name) \
+ _assert_hook_init(name, exchange_test_asserts_hook, .expected = 1)
+
+/**
+ * Initialize an assertion that enforces that the given hook was not called.
+ * Must be matched by a call to assert_hook().
+ *
+ * @param name name of the hook
+ */
+#define assert_hook_not_called(name) \
+ _assert_hook_init(name, exchange_test_asserts_hook, .expected = 0)
+
+/**
+ * Initialize an assertion that enforces that the given updown hook was called
+ * with the expected result.
+ * Must be matched by a call to assert_hook().
+ *
+ * @param name name of the hook
+ * @param e whether to expect up in the hook to be TRUE or not
+ */
+#define assert_hook_updown(name, e) \
+ _assert_hook_init(name, \
+ streq(#name, "ike_updown") ? (void*)exchange_test_asserts_ike_updown \
+ : (void*)exchange_test_asserts_child_updown, \
+ .expected = 1, \
+ .up = e, \
+ )
+
+/**
+ * Initialize an assertion that enforces that the given rekey hook was called
+ * with the SAs with the matching initiator/inbound SPIs.
+ * Must be matched by a call to assert_hook().
+ *
+ * @param name name of the hook
+ * @param old SPI of the old SA
+ * @param new SPI of the new SA
+ */
+#define assert_hook_rekey(name, old, new) \
+ _assert_hook_init(name, \
+ streq(#name, "ike_rekey") ? (void*)exchange_test_asserts_ike_rekey \
+ : (void*)exchange_test_asserts_child_rekey, \
+ .expected = 1, \
+ .spi_old = old, \
+ .spi_new = new, \
+ )
+
+/**
+ * Initialize assertions against invocations of listener_t hooks. Each call
+ * must be matched by a call to assert_hook().
+ */
+#define _assert_hook_init(n, callback, ...) \
+do { \
+ listener_hook_assert_t _hook_listener = { \
+ .listener = { .n = (void*)callback, }, \
+ .file = __FILE__, \
+ .line = __LINE__, \
+ .name = #n, \
+ ##__VA_ARGS__ \
+ }; \
+ exchange_test_helper->add_listener(exchange_test_helper, &_hook_listener.listener)
+
+/**
+ * Enforce the most recently initialized hook assertion.
+ */
+#define assert_hook() \
+ charon->bus->remove_listener(charon->bus, &_hook_listener.listener); \
+ if (_hook_listener.expected > 0) { \
+ if (_hook_listener.count > 0) { \
+ assert_listener_msg(_hook_listener.expected == _hook_listener.count, \
+ &_hook_listener, "hook '%s' was called %d times " \
+ "instead of %d", _hook_listener.name, \
+ _hook_listener.count, _hook_listener.expected); \
+ } else { \
+ assert_listener_msg(_hook_listener.count, &_hook_listener, \
+ "hook '%s' was not called (expected %d)", _hook_listener.name, \
+ _hook_listener.expected); \
+ } \
+ } else if (_hook_listener.expected == 0) { \
+ assert_listener_msg(_hook_listener.count == 0, &_hook_listener, \
+ "hook '%s' was called unexpectedly", _hook_listener.name); \
+ } \
+} while(FALSE)
+
+/**
+ * Rules regarding payloads/notifies to expect/not expect in a message
+ */
+struct listener_message_rule_t {
+
+ /**
+ * Whether the payload/notify is expected in the message, FALSE to fail if
+ * it is found
+ */
+ bool expected;
+
+ /**
+ * Payload type to expect/not expect
+ */
+ payload_type_t payload;
+
+ /**
+ * Notify type to expect/not expect (paylod type does not have to be
+ * specified)
+ */
+ notify_type_t notify;
+};
+
+/**
+ * Data used to check plaintext messages via listener_t
+ */
+struct listener_message_assert_t {
+
+ /**
+ * Implemented interface
+ */
+ listener_t listener;
+
+ /**
+ * Original source file
+ */
+ const char *file;
+
+ /**
+ * Source line
+ */
+ int line;
+
+ /**
+ * Whether to check the next inbound or outbound message
+ */
+ bool incoming;
+
+ /**
+ * Payload count to expect (-1 to ignore the count)
+ */
+ int count;
+
+ /**
+ * Payloads to expect or not expect in a message
+ */
+ listener_message_rule_t *rules;
+
+ /**
+ * Number of rules
+ */
+ int num_rules;
+};
+
+/**
+ * Implementation of listener_t::message collecting data and asserting
+ * certain things.
+ */
+bool exchange_test_asserts_message(listener_t *this, ike_sa_t *ike_sa,
+ message_t *message, bool incoming, bool plain);
+
+/**
+ * Assert that the next in- or outbound plaintext message is empty.
+ *
+ * @param dir IN or OUT to check the next in- or outbound message
+ */
+#define assert_message_empty(dir) \
+ _assert_payload(dir, 0)
+
+/**
+ * Assert that the next in- or outbound plaintext message contains exactly
+ * one payload of the given type.
+ *
+ * @param dir IN or OUT to check the next in- or outbound message
+ * @param expected expected payload type
+ */
+#define assert_single_payload(dir, expected) \
+ _assert_payload(dir, 1, { TRUE, expected, 0 })
+
+/**
+ * Assert that the next in- or outbound plaintext message contains exactly
+ * one notify of the given type.
+ *
+ * @param dir IN or OUT to check the next in- or outbound message
+ * @param expected expected notify type
+ */
+#define assert_single_notify(dir, expected) \
+ _assert_payload(dir, 1, { TRUE, 0, expected })
+
+/**
+ * Assert that the next in- or outbound plaintext message contains a notify
+ * of the given type.
+ *
+ * @param dir IN or OUT to check the next in- or outbound message
+ * @param expected expected notify type
+ */
+#define assert_notify(dir, expected) \
+ _assert_payload(dir, -1, { TRUE, 0, expected })
+
+/**
+ * Assert that the next in- or outbound plaintext message does not contain a
+ * notify of the given type.
+ *
+ * @param dir IN or OUT to check the next in- or outbound message
+ * @param unexpected not expected notify type
+ */
+#define assert_no_notify(dir, unexpected) \
+ _assert_payload(dir, -1, { FALSE, 0, unexpected })
+
+#define _assert_payload(dir, c, ...) ({ \
+ listener_message_rule_t _rules[] = { __VA_ARGS__ }; \
+ listener_message_assert_t _listener = { \
+ .listener = { .message = exchange_test_asserts_message, }, \
+ .file = __FILE__, \
+ .line = __LINE__, \
+ .incoming = streq(#dir, "IN") ? TRUE : FALSE, \
+ .count = c, \
+ .rules = _rules, \
+ .num_rules = countof(_rules), \
+ }; \
+ exchange_test_helper->add_listener(exchange_test_helper, &_listener.listener); \
+})
+
+#endif /** EXCHANGE_TEST_ASSERTS_H_ @}*/
diff --git a/src/libcharon/tests/utils/exchange_test_helper.c b/src/libcharon/tests/utils/exchange_test_helper.c
new file mode 100644
index 000000000..f32906d5d
--- /dev/null
+++ b/src/libcharon/tests/utils/exchange_test_helper.c
@@ -0,0 +1,372 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "exchange_test_helper.h"
+#include "mock_dh.h"
+#include "mock_ipsec.h"
+#include "mock_nonce_gen.h"
+
+#include <collections/array.h>
+#include <credentials/sets/mem_cred.h>
+
+typedef struct private_exchange_test_helper_t private_exchange_test_helper_t;
+typedef struct private_backend_t private_backend_t;
+
+/**
+ * Private data
+ */
+struct private_exchange_test_helper_t {
+
+ /**
+ * Public interface
+ */
+ exchange_test_helper_t public;
+
+ /**
+ * Credentials
+ */
+ mem_cred_t *creds;
+
+ /**
+ * IKE_SA SPI counter
+ */
+ refcount_t ike_spi;
+
+ /**
+ * List of registered listeners
+ */
+ array_t *listeners;
+};
+
+/**
+ * Custom backend_t implementation
+ */
+struct private_backend_t {
+
+ /**
+ * Public interface
+ */
+ backend_t public;
+
+ /**
+ * Responder ike_cfg
+ */
+ ike_cfg_t *ike_cfg;
+
+ /**
+ * Responder peer_cfg/child_cfg
+ */
+ peer_cfg_t *peer_cfg;
+};
+
+CALLBACK(get_ike_spi, uint64_t,
+ private_exchange_test_helper_t *this)
+{
+ return (uint64_t)ref_get(&this->ike_spi);
+}
+
+/*
+ * Described in header
+ */
+exchange_test_helper_t *exchange_test_helper;
+
+static ike_cfg_t *create_ike_cfg(bool initiator, exchange_test_sa_conf_t *conf)
+{
+ ike_cfg_t *ike_cfg;
+ char *proposal = NULL;
+
+ ike_cfg = ike_cfg_create(IKEV2, TRUE, FALSE, "127.0.0.1", IKEV2_UDP_PORT,
+ "127.0.0.1", IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
+ if (conf)
+ {
+ proposal = initiator ? conf->initiator.ike : conf->responder.ike;
+ }
+ if (proposal)
+ {
+ ike_cfg->add_proposal(ike_cfg,
+ proposal_create_from_string(PROTO_IKE, proposal));
+ }
+ else
+ {
+ ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+ }
+ return ike_cfg;
+}
+
+static child_cfg_t *create_child_cfg(bool initiator,
+ exchange_test_sa_conf_t *conf)
+{
+ child_cfg_t *child_cfg;
+ child_cfg_create_t child = {
+ .mode = MODE_TUNNEL,
+ };
+ char *proposal = NULL;
+
+ child_cfg = child_cfg_create(initiator ? "init" : "resp", &child);
+ if (conf)
+ {
+ proposal = initiator ? conf->initiator.esp : conf->responder.esp;
+ }
+ if (proposal)
+ {
+ child_cfg->add_proposal(child_cfg,
+ proposal_create_from_string(PROTO_ESP, proposal));
+ }
+ else
+ {
+ child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
+ }
+ child_cfg->add_traffic_selector(child_cfg, TRUE,
+ traffic_selector_create_dynamic(0, 0, 65535));
+ child_cfg->add_traffic_selector(child_cfg, FALSE,
+ traffic_selector_create_dynamic(0, 0, 65535));
+ return child_cfg;
+}
+
+static void add_auth_cfg(peer_cfg_t *peer_cfg, bool initiator, bool local)
+{
+ auth_cfg_t *auth;
+ char *id = "init";
+
+ auth = auth_cfg_create();
+ auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
+ if (initiator ^ local)
+ {
+ id = "resp";
+ }
+ auth->add(auth, AUTH_RULE_IDENTITY, identification_create_from_string(id));
+ peer_cfg->add_auth_cfg(peer_cfg, auth, local);
+}
+
+static peer_cfg_t *create_peer_cfg(bool initiator,
+ exchange_test_sa_conf_t *conf)
+{
+ peer_cfg_t *peer_cfg;
+ peer_cfg_create_t peer = {
+ .cert_policy = CERT_SEND_IF_ASKED,
+ .unique = UNIQUE_REPLACE,
+ .keyingtries = 1,
+ };
+
+ peer_cfg = peer_cfg_create(initiator ? "init" : "resp",
+ create_ike_cfg(initiator, conf), &peer);
+ add_auth_cfg(peer_cfg, initiator, TRUE);
+ add_auth_cfg(peer_cfg, initiator, FALSE);
+ return peer_cfg;
+}
+
+METHOD(backend_t, create_ike_cfg_enumerator, enumerator_t*,
+ private_backend_t *this, host_t *me, host_t *other)
+{
+ return enumerator_create_single(this->ike_cfg, NULL);
+}
+
+METHOD(backend_t, create_peer_cfg_enumerator, enumerator_t*,
+ private_backend_t *this, identification_t *me, identification_t *other)
+{
+ return enumerator_create_single(this->peer_cfg, NULL);
+}
+
+METHOD(exchange_test_helper_t, process_message, status_t,
+ private_exchange_test_helper_t *this, ike_sa_t *ike_sa, message_t *message)
+{
+ status_t status = FAILED;
+ ike_sa_id_t *id;
+
+ if (!message)
+ {
+ message = this->public.sender->dequeue(this->public.sender);
+ }
+ id = message->get_ike_sa_id(message);
+ id = id->clone(id);
+ id->switch_initiator(id);
+ if (!id->get_responder_spi(id) || id->equals(id, ike_sa->get_id(ike_sa)))
+ {
+ charon->bus->set_sa(charon->bus, ike_sa);
+ status = ike_sa->process_message(ike_sa, message);
+ charon->bus->set_sa(charon->bus, NULL);
+ }
+ message->destroy(message);
+ id->destroy(id);
+ return status;
+}
+
+METHOD(exchange_test_helper_t, establish_sa, void,
+ private_exchange_test_helper_t *this, ike_sa_t **init, ike_sa_t **resp,
+ exchange_test_sa_conf_t *conf)
+{
+ private_backend_t backend = {
+ .public = {
+ .create_ike_cfg_enumerator = _create_ike_cfg_enumerator,
+ .create_peer_cfg_enumerator = _create_peer_cfg_enumerator,
+ .get_peer_cfg_by_name = (void*)return_null,
+ },
+ };
+ ike_sa_id_t *id_i, *id_r;
+ ike_sa_t *sa_i, *sa_r;
+ peer_cfg_t *peer_cfg;
+ child_cfg_t *child_cfg;
+
+ sa_i = *init = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
+ IKEV2, TRUE);
+ id_i = sa_i->get_id(sa_i);
+
+ sa_r = *resp = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
+ IKEV2, FALSE);
+ id_r = sa_r->get_id(sa_r);
+
+ peer_cfg = create_peer_cfg(TRUE, conf);
+ child_cfg = create_child_cfg(TRUE, conf);
+ peer_cfg->add_child_cfg(peer_cfg, child_cfg->get_ref(child_cfg));
+ sa_i->set_peer_cfg(sa_i, peer_cfg);
+ peer_cfg->destroy(peer_cfg);
+ call_ikesa(sa_i, initiate, child_cfg, 0, NULL, NULL);
+
+ backend.ike_cfg = create_ike_cfg(FALSE, conf);
+ peer_cfg = backend.peer_cfg = create_peer_cfg(FALSE, conf);
+ child_cfg = create_child_cfg(FALSE, conf);
+ peer_cfg->add_child_cfg(peer_cfg, child_cfg->get_ref(child_cfg));
+ child_cfg->destroy(child_cfg);
+ charon->backends->add_backend(charon->backends, &backend.public);
+
+ /* IKE_SA_INIT --> */
+ id_r->set_initiator_spi(id_r, id_i->get_initiator_spi(id_i));
+ process_message(this, sa_r, NULL);
+ /* <-- IKE_SA_INIT */
+ id_i->set_responder_spi(id_i, id_r->get_responder_spi(id_r));
+ process_message(this, sa_i, NULL);
+ /* IKE_AUTH --> */
+ process_message(this, sa_r, NULL);
+ /* <-- IKE_AUTH */
+ process_message(this, sa_i, NULL);
+
+ charon->backends->remove_backend(charon->backends, &backend.public);
+ DESTROY_IF(backend.peer_cfg);
+ DESTROY_IF(backend.ike_cfg);
+}
+
+METHOD(exchange_test_helper_t, add_listener, void,
+ private_exchange_test_helper_t *this, listener_t *listener)
+{
+ array_insert_create(&this->listeners, ARRAY_TAIL, listener);
+ charon->bus->add_listener(charon->bus, listener);
+}
+
+/**
+ * Enable logging in charon as requested
+ */
+static void initialize_logging()
+{
+ int level = LEVEL_SILENT;
+ char *verbosity;
+
+ verbosity = getenv("TESTS_VERBOSITY");
+ if (verbosity)
+ {
+ level = atoi(verbosity);
+ }
+ lib->settings->set_int(lib->settings, "%s.filelog.stderr.default",
+ lib->settings->get_int(lib->settings, "%s.filelog.stderr.default",
+ level, lib->ns), lib->ns);
+ lib->settings->set_bool(lib->settings, "%s.filelog.stderr.ike_name", TRUE,
+ lib->ns);
+ charon->load_loggers(charon, NULL, TRUE);
+}
+
+/**
+ * Create a nonce generator with the first byte
+ */
+static nonce_gen_t *create_nonce_gen()
+{
+ return mock_nonce_gen_create(exchange_test_helper->nonce_first_byte);
+}
+
+/*
+ * Described in header
+ */
+void exchange_test_helper_init(char *plugins)
+{
+ private_exchange_test_helper_t *this;
+ plugin_feature_t features[] = {
+ PLUGIN_REGISTER(DH, mock_dh_create),
+ /* we only need to support a limited number of DH groups */
+ PLUGIN_PROVIDE(DH, MODP_2048_BIT),
+ PLUGIN_PROVIDE(DH, MODP_3072_BIT),
+ PLUGIN_PROVIDE(DH, ECP_256_BIT),
+ PLUGIN_REGISTER(NONCE_GEN, create_nonce_gen),
+ PLUGIN_PROVIDE(NONCE_GEN),
+ PLUGIN_DEPENDS(RNG, RNG_WEAK),
+ };
+
+ INIT(this,
+ .public = {
+ .sender = mock_sender_create(),
+ .establish_sa = _establish_sa,
+ .process_message = _process_message,
+ .add_listener = _add_listener,
+ },
+ .creds = mem_cred_create(),
+ );
+
+ initialize_logging();
+ lib->plugins->add_static_features(lib->plugins, "exchange-test-helper",
+ features, countof(features), TRUE, NULL, NULL);
+ /* the libcharon unit tests only load the libstrongswan plugins, unless
+ * TESTS_PLUGINS is defined */
+ charon->initialize(charon, plugins);
+ lib->plugins->status(lib->plugins, LEVEL_CTRL);
+
+ /* the original sender is not initialized because there is no socket */
+ charon->sender = (sender_t*)this->public.sender;
+ /* and there is no kernel plugin loaded
+ * TODO: we'd have more control if we'd implement kernel_interface_t */
+ charon->kernel->add_ipsec_interface(charon->kernel, mock_ipsec_create);
+ /* like SPIs for IPsec SAs, make IKE SPIs predictable */
+ charon->ike_sa_manager->set_spi_cb(charon->ike_sa_manager, get_ike_spi,
+ this);
+
+ lib->credmgr->add_set(lib->credmgr, &this->creds->set);
+
+ this->creds->add_shared(this->creds,
+ shared_key_create(SHARED_IKE, chunk_clone(chunk_from_str("test"))),
+ identification_create_from_string("%any"), NULL);
+
+ exchange_test_helper = &this->public;
+}
+
+/*
+ * Described in header
+ */
+void exchange_test_helper_deinit()
+{
+ private_exchange_test_helper_t *this;
+ listener_t *listener;
+
+ this = (private_exchange_test_helper_t*)exchange_test_helper;
+
+ while (array_remove(this->listeners, ARRAY_HEAD, &listener))
+ {
+ charon->bus->remove_listener(charon->bus, listener);
+ }
+ lib->credmgr->remove_set(lib->credmgr, &this->creds->set);
+ this->creds->destroy(this->creds);
+ /* flush SAs before destroying the sender (in case of test failures) */
+ charon->ike_sa_manager->flush(charon->ike_sa_manager);
+ /* charon won't destroy this as it didn't initialize the original sender */
+ charon->sender->destroy(charon->sender);
+ charon->sender = NULL;
+ array_destroy(this->listeners);
+ free(this);
+}
diff --git a/src/libcharon/tests/utils/exchange_test_helper.h b/src/libcharon/tests/utils/exchange_test_helper.h
new file mode 100644
index 000000000..e1fdb012a
--- /dev/null
+++ b/src/libcharon/tests/utils/exchange_test_helper.h
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * This class and singleton object initializes charon and provides helper
+ * methods to create unit tests for IKEv2 exchanges.
+ *
+ * It also registers special implementations for the kernel_ipsec_t interface,
+ * the sender and provides dummy configs and credentials.
+ *
+ * @defgroup exchange_test_helper exchange_test_helper
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef EXCHANGE_TEST_HELPER_H_
+#define EXCHANGE_TEST_HELPER_H_
+
+#include <daemon.h>
+
+#include "mock_sender.h"
+
+typedef struct exchange_test_helper_t exchange_test_helper_t;
+typedef struct exchange_test_sa_conf_t exchange_test_sa_conf_t;
+
+struct exchange_test_helper_t {
+
+ /**
+ * Sender instance used during tests
+ */
+ mock_sender_t *sender;
+
+ /**
+ * Set the initial byte of all nonces generated by future nonce
+ * generators (already instatiated nonce generators are not affected).
+ */
+ u_char nonce_first_byte;
+
+ /**
+ * Creates an established IKE_SA/CHILD_SA
+ *
+ * @param[out] init IKE_SA of the initiator
+ * @param[out] resp IKE_SA of the responder
+ * @param conf configuration for SAs
+ */
+ void (*establish_sa)(exchange_test_helper_t *this, ike_sa_t **init,
+ ike_sa_t **resp, exchange_test_sa_conf_t *conf);
+
+ /**
+ * Pass a message to the given IKE_SA for processing, setting the IKE_SA on
+ * the bus while processing the message.
+ *
+ * @param ike_sa the IKE_SA receiving the message
+ * @param message the message, or NULL to pass the next message in the
+ * send queue (adopted)
+ * @return return value from ike_sa_t::process_message()
+ */
+ status_t (*process_message)(exchange_test_helper_t *this, ike_sa_t *sa,
+ message_t *message);
+
+ /**
+ * Register a listener with the bus.
+ *
+ * Don't use bus_t::add_listener() directly for listeners on the stack
+ * as that could lead to invalid listeners registered when hooks are
+ * triggered during cleanup if a test case fails. All of the listeners
+ * added this way are unregistered with the bus before cleaning up.
+ *
+ * @param listener listener to add to the bus
+ */
+ void (*add_listener)(exchange_test_helper_t *this, listener_t *listener);
+};
+
+struct exchange_test_sa_conf_t {
+
+ /**
+ * Configuration for initiator and responder
+ */
+ struct {
+ /** IKE proposal */
+ char *ike;
+ /** ESP proposal */
+ char *esp;
+ } initiator, responder;
+};
+
+/**
+ * Since we don't use the IKE_SA manager to checkout SAs use this to call a
+ * method on the given IKE_SA in its context.
+ */
+#define call_ikesa(sa, method, ...) ({ \
+ charon->bus->set_sa(charon->bus, sa); \
+ sa->method(sa, ##__VA_ARGS__); \
+ charon->bus->set_sa(charon->bus, NULL); \
+})
+
+/**
+ * The one and only instance of the helper object.
+ *
+ * Set between exchange_test_helper_setup() and exchange_test_helper_teardown()
+ * calls.
+ */
+extern exchange_test_helper_t *exchange_test_helper;
+
+/**
+ * Initialize charon and the helper object.
+ *
+ * @param plugins plugins to load
+ */
+void exchange_test_helper_init(char *plugins);
+
+/**
+ * Deinitialize the helper object.
+ */
+void exchange_test_helper_deinit();
+
+#endif /** EXCHANGE_TEST_HELPER_H_ @} */
diff --git a/src/libcharon/tests/utils/job_asserts.h b/src/libcharon/tests/utils/job_asserts.h
new file mode 100644
index 000000000..3491f08c3
--- /dev/null
+++ b/src/libcharon/tests/utils/job_asserts.h
@@ -0,0 +1,59 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * Special assertions against job handling.
+ *
+ * @defgroup job_asserts job_asserts
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef JOB_ASSERTS_H_
+#define JOB_ASSERTS_H_
+
+/**
+ * Initialize an assertion that enforces that no jobs were scheduled.
+ * Must be matched by a call to assert_scheduler().
+ */
+#define assert_no_jobs_scheduled() _assert_jobs_scheduled(0)
+
+/**
+ * Initialize an assertion that enforces that a specific number of jobs was
+ * scheduled.
+ * Must be matched by a call to assert_scheduler().
+ *
+ * @param count expected number of jobs getting scheduled
+ */
+#define assert_jobs_scheduled(count) _assert_jobs_scheduled(count)
+
+/**
+ * Initialize assertions against job scheduling.
+ * Must be matched by a call to assert_scheduler().
+ */
+#define _assert_jobs_scheduled(count) \
+do { \
+ u_int _initial = lib->scheduler->get_job_load(lib->scheduler); \
+ u_int _expected = count
+
+/**
+ * Enforce scheduler asserts.
+ */
+#define assert_scheduler() \
+ u_int _actual = lib->scheduler->get_job_load(lib->scheduler) - _initial; \
+ test_assert_msg(_expected == _actual, "unexpected number of jobs " \
+ "scheduled (%u != %u)", _expected, _actual); \
+} while(FALSE)
+
+#endif /** JOB_ASSERTS_H_ @}*/
diff --git a/src/libcharon/tests/utils/mock_dh.c b/src/libcharon/tests/utils/mock_dh.c
new file mode 100644
index 000000000..153bf1166
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_dh.c
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * Copyright (C) 2008 Martin Willi
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "mock_dh.h"
+
+typedef struct private_diffie_hellman_t private_diffie_hellman_t;
+
+/**
+ * Private data
+ */
+struct private_diffie_hellman_t {
+
+ /**
+ * Public interface
+ */
+ diffie_hellman_t public;
+
+ /**
+ * Instantiated DH group
+ */
+ diffie_hellman_group_t group;
+};
+
+METHOD(diffie_hellman_t, get_my_public_value, bool,
+ private_diffie_hellman_t *this, chunk_t *value)
+{
+ *value = chunk_empty;
+ return TRUE;
+}
+
+METHOD(diffie_hellman_t, set_other_public_value, bool,
+ private_diffie_hellman_t *this, chunk_t value)
+{
+ return TRUE;
+}
+
+METHOD(diffie_hellman_t, get_shared_secret, bool,
+ private_diffie_hellman_t *this, chunk_t *secret)
+{
+ *secret = chunk_empty;
+ return TRUE;
+}
+
+METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
+ private_diffie_hellman_t *this)
+{
+ return this->group;
+}
+
+METHOD(diffie_hellman_t, destroy, void,
+ private_diffie_hellman_t *this)
+{
+ free(this);
+}
+
+/**
+ * See header
+ */
+diffie_hellman_t *mock_dh_create(diffie_hellman_group_t group)
+{
+ private_diffie_hellman_t *this;
+
+ INIT(this,
+ .public = {
+ .get_shared_secret = _get_shared_secret,
+ .set_other_public_value = _set_other_public_value,
+ .get_my_public_value = _get_my_public_value,
+ .get_dh_group = _get_dh_group,
+ .destroy = _destroy,
+ },
+ .group = group,
+ );
+ return &this->public;
+}
diff --git a/src/libcharon/tests/utils/mock_dh.h b/src/libcharon/tests/utils/mock_dh.h
new file mode 100644
index 000000000..332c65537
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_dh.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * Provides a DH implementation that does no real work to make the tests run
+ * faster.
+ *
+ * @defgroup mock_dh mock_dh
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef MOCK_DH_H_
+#define MOCK_DH_H_
+
+#include <crypto/diffie_hellman.h>
+
+/**
+ * Creates a diffie_hellman_t object.
+ *
+ * @param group Diffie Hellman group, supports MODP_NULL only
+ * @return created object
+ */
+diffie_hellman_t *mock_dh_create(diffie_hellman_group_t group);
+
+#endif /** MOCK_DH_H_ @}*/
diff --git a/src/libcharon/tests/utils/mock_ipsec.c b/src/libcharon/tests/utils/mock_ipsec.c
new file mode 100644
index 000000000..d57a26a87
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_ipsec.c
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * Copyright (C) 2008 Martin Willi
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "mock_ipsec.h"
+
+typedef struct private_kernel_ipsec_t private_kernel_ipsec_t;
+
+/**
+ * Private data
+ */
+struct private_kernel_ipsec_t {
+
+ /**
+ * Public interface
+ */
+ kernel_ipsec_t public;
+
+ /**
+ * Allocated SPI
+ */
+ refcount_t spi;
+};
+
+METHOD(kernel_ipsec_t, get_spi, status_t,
+ private_kernel_ipsec_t *this, host_t *src, host_t *dst, uint8_t protocol,
+ uint32_t *spi)
+{
+ *spi = (uint32_t)ref_get(&this->spi);
+ return SUCCESS;
+}
+
+METHOD(kernel_ipsec_t, get_cpi, status_t,
+ private_kernel_ipsec_t *this, host_t *src, host_t *dst, uint16_t *cpi)
+{
+ return FAILED;
+}
+
+METHOD(kernel_ipsec_t, add_sa, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_add_sa_t *data)
+{
+ return SUCCESS;
+}
+
+METHOD(kernel_ipsec_t, update_sa, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_update_sa_t *data)
+{
+ return SUCCESS;
+}
+
+METHOD(kernel_ipsec_t, query_sa, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_query_sa_t *data, uint64_t *bytes, uint64_t *packets,
+ time_t *time)
+{
+ return NOT_SUPPORTED;
+}
+
+METHOD(kernel_ipsec_t, del_sa, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_sa_id_t *id,
+ kernel_ipsec_del_sa_t *data)
+{
+ return SUCCESS;
+}
+
+METHOD(kernel_ipsec_t, add_policy, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
+{
+ return SUCCESS;
+}
+
+METHOD(kernel_ipsec_t, query_policy, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_query_policy_t *data, time_t *use_time)
+{
+ *use_time = 1;
+ return SUCCESS;
+}
+
+METHOD(kernel_ipsec_t, del_policy, status_t,
+ private_kernel_ipsec_t *this, kernel_ipsec_policy_id_t *id,
+ kernel_ipsec_manage_policy_t *data)
+{
+ return SUCCESS;
+}
+
+/*
+ * Described in header
+ */
+kernel_ipsec_t *mock_ipsec_create()
+{
+ private_kernel_ipsec_t *this;
+
+ INIT(this,
+ .public = {
+ .get_spi = _get_spi,
+ .get_cpi = _get_cpi,
+ .add_sa = _add_sa,
+ .update_sa = _update_sa,
+ .query_sa = _query_sa,
+ .del_sa = _del_sa,
+ .flush_sas = (void*)return_failed,
+ .add_policy = _add_policy,
+ .query_policy = _query_policy,
+ .del_policy = _del_policy,
+ .flush_policies = (void*)return_failed,
+ .bypass_socket = (void*)return_true,
+ .enable_udp_decap = (void*)return_true,
+ .destroy = (void*)free,
+ },
+ );
+ return &this->public;
+}
diff --git a/src/libcharon/tests/utils/mock_ipsec.h b/src/libcharon/tests/utils/mock_ipsec.h
new file mode 100644
index 000000000..cbf21524a
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_ipsec.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * kernel_ipsec_t implementation used for exchange unit tests. Currently
+ * returns sequential SPIs, all other methods are noops.
+ *
+ * @defgroup mock_ipsec mock_ipsec
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef MOCK_IPSEC_H_
+#define MOCK_IPSEC_H_
+
+#include <kernel/kernel_ipsec.h>
+
+/**
+ * Create an instance of kernel_ipsec_t
+ *
+ * @return created object
+ */
+kernel_ipsec_t *mock_ipsec_create();
+
+#endif /** MOCK_IPSEC_H_ @}*/
diff --git a/src/libcharon/tests/utils/mock_nonce_gen.c b/src/libcharon/tests/utils/mock_nonce_gen.c
new file mode 100644
index 000000000..30910f991
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_nonce_gen.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "mock_nonce_gen.h"
+
+typedef struct private_nonce_gen_t private_nonce_gen_t;
+
+struct private_nonce_gen_t {
+
+ /**
+ * Public interface
+ */
+ nonce_gen_t public;
+
+ /**
+ * Random number generator
+ */
+ rng_t* rng;
+
+ /**
+ * First byte to set to the nonces
+ */
+ u_char first;
+};
+
+METHOD(nonce_gen_t, get_nonce, bool,
+ private_nonce_gen_t *this, size_t size, uint8_t *buffer)
+{
+ if (size > 0)
+ {
+ buffer[0] = this->first;
+ buffer++;
+ size--;
+ }
+ return this->rng->get_bytes(this->rng, size, buffer);
+}
+
+METHOD(nonce_gen_t, allocate_nonce, bool,
+ private_nonce_gen_t *this, size_t size, chunk_t *chunk)
+{
+ *chunk = chunk_alloc(size);
+ if (!get_nonce(this, chunk->len, chunk->ptr))
+ {
+ chunk_free(chunk);
+ return FALSE;
+ }
+ return TRUE;
+}
+
+METHOD(nonce_gen_t, destroy, void,
+ private_nonce_gen_t *this)
+{
+ DESTROY_IF(this->rng);
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+nonce_gen_t *mock_nonce_gen_create(u_char first)
+{
+ private_nonce_gen_t *this;
+
+ INIT(this,
+ .public = {
+ .get_nonce = _get_nonce,
+ .allocate_nonce = _allocate_nonce,
+ .destroy = _destroy,
+ },
+ .rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK),
+ .first = first,
+ );
+ if (!this->rng)
+ {
+ destroy(this);
+ return NULL;
+ }
+ return &this->public;
+}
diff --git a/src/libcharon/tests/utils/mock_nonce_gen.h b/src/libcharon/tests/utils/mock_nonce_gen.h
new file mode 100644
index 000000000..feeab8bc0
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_nonce_gen.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * Special nonce generator that sets the first byte of the generated nonces to
+ * a fixed specified value.
+ *
+ * @defgroup mock_nonce_gen mock_nonce_gen
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef MOCK_NONCE_GEN_H_
+#define MOCK_NONCE_GEN_H_
+
+#include <crypto/nonce_gen.h>
+
+/**
+ * Creates a nonce_gen_t instance.
+ *
+ * @param first first byte to set in generated nonces
+ * @return created object
+ */
+nonce_gen_t *mock_nonce_gen_create(u_char first);
+
+#endif /** MOCK_NONCE_GEN_H_ @} */
diff --git a/src/libcharon/tests/utils/mock_sender.c b/src/libcharon/tests/utils/mock_sender.c
new file mode 100644
index 000000000..c090ff439
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_sender.c
@@ -0,0 +1,85 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "mock_sender.h"
+
+#include <collections/linked_list.h>
+
+typedef struct private_mock_sender_t private_mock_sender_t;
+
+/**
+ * Private data
+ */
+struct private_mock_sender_t {
+
+ /**
+ * Public interface
+ */
+ mock_sender_t public;
+
+ /**
+ * Packet queue, as message_t*
+ */
+ linked_list_t *queue;
+};
+
+
+METHOD(sender_t, send_, void,
+ private_mock_sender_t *this, packet_t *packet)
+{
+ message_t *message;
+
+ message = message_create_from_packet(packet);
+ message->parse_header(message);
+ this->queue->insert_last(this->queue, message);
+}
+
+METHOD(mock_sender_t, dequeue, message_t*,
+ private_mock_sender_t *this)
+{
+ message_t *message = NULL;
+
+ this->queue->remove_first(this->queue, (void**)&message);
+ return message;
+}
+
+METHOD(sender_t, destroy, void,
+ private_mock_sender_t *this)
+{
+ this->queue->destroy_offset(this->queue, offsetof(message_t, destroy));
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+mock_sender_t *mock_sender_create()
+{
+ private_mock_sender_t *this;
+
+ INIT(this,
+ .public = {
+ .interface = {
+ .send = _send_,
+ .send_no_marker = (void*)nop,
+ .flush = (void*)nop,
+ .destroy = _destroy,
+ },
+ .dequeue = _dequeue,
+ },
+ .queue = linked_list_create(),
+ );
+ return &this->public;
+}
diff --git a/src/libcharon/tests/utils/mock_sender.h b/src/libcharon/tests/utils/mock_sender.h
new file mode 100644
index 000000000..5eabddadc
--- /dev/null
+++ b/src/libcharon/tests/utils/mock_sender.h
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * sender_t implementation that does not pass the sent packet to a socket but
+ * instead provides it for immediate delivery to an ike_sa_t object.
+ *
+ * @defgroup mock_sender mock_sender
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef MOCK_SENDER_H_
+#define MOCK_SENDER_H_
+
+#include <encoding/message.h>
+#include <network/sender.h>
+
+typedef struct mock_sender_t mock_sender_t;
+
+struct mock_sender_t {
+
+ /**
+ * Implemented interface
+ */
+ sender_t interface;
+
+ /**
+ * Remove the next packet in the send queue as message_t object. The IKE
+ * header is already parsed (which is assumed does not fail) so it can
+ * directly be passed to ike_sa_t::process_message().
+ *
+ * @return message or NULL if none is queued
+ */
+ message_t *(*dequeue)(mock_sender_t *this);
+};
+
+/**
+ * Creates a mock_sender_t instance.
+ *
+ * @return created object
+ */
+mock_sender_t *mock_sender_create();
+
+#endif /** MOCK_SENDER_H_ @} */
diff --git a/src/libcharon/tests/utils/sa_asserts.h b/src/libcharon/tests/utils/sa_asserts.h
new file mode 100644
index 000000000..7afa3b55b
--- /dev/null
+++ b/src/libcharon/tests/utils/sa_asserts.h
@@ -0,0 +1,145 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * Special assertions against IKE_SAs and CHILD_SAs (e.g. regarding their
+ * state).
+ *
+ * @defgroup sa_asserts sa_asserts
+ * @{ @ingroup test_utils_c
+ */
+
+#ifndef SA_ASSERTS_H_
+#define SA_ASSERTS_H_
+
+#include <inttypes.h>
+
+/**
+ * Check that there exists a specific number of IKE_SAs in the manager.
+ */
+#define assert_ike_sa_count(count) \
+({ \
+ typeof(count) _count = count; \
+ u_int _actual = charon->ike_sa_manager->get_count(charon->ike_sa_manager); \
+ test_assert_msg(_count == _actual, "unexpected number of IKE_SAs in " \
+ "manager (%d != %d)", _count, _actual); \
+})
+
+/**
+ * Check that the IKE_SA with the given SPIs and initiator flag is in the
+ * manager and return it. Does not actually keep the SA checked out as
+ * that would block cleaning up if asserts against it fail (since we control
+ * access to SAs it's also not really necessary).
+ */
+#define assert_ike_sa_checkout(spi_i, spi_r, initiator) \
+({ \
+ typeof(spi_i) _spi_i = spi_i; \
+ typeof(spi_r) _spi_r = spi_r; \
+ typeof(initiator) _init = initiator; \
+ ike_sa_id_t *_id = ike_sa_id_create(IKEV2, _spi_i, _spi_r, _init); \
+ ike_sa_t *_ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, _id); \
+ test_assert_msg(_ike_sa, "IKE_SA with SPIs %.16"PRIx64"_i %.16"PRIx64"_r " \
+ "(%d) does not exist", be64toh(_spi_i), be64toh(_spi_r), _init); \
+ _id->destroy(_id); \
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, _ike_sa); \
+ _ike_sa; \
+})
+
+/**
+ * Check if the given IKE_SA is in the expected state.
+ */
+#define assert_ike_sa_state(ike_sa, state) \
+({ \
+ typeof(ike_sa) _sa = ike_sa; \
+ typeof(state) _state = state; \
+ test_assert_msg(_state == _sa->get_state(_sa), "%N != %N", \
+ ike_sa_state_names, _state, \
+ ike_sa_state_names, _sa->get_state(_sa)); \
+})
+
+/**
+ * Check that there exists a specific number of CHILD_SAs.
+ */
+#define assert_child_sa_count(ike_sa, count) \
+({ \
+ typeof(ike_sa) _sa = ike_sa; \
+ typeof(count) _count = count; \
+ test_assert_msg(_count == _sa->get_child_count(_sa), "unexpected number " \
+ "of CHILD_SAs in IKE_SA %s (%d != %d)", #ike_sa, _count, \
+ _sa->get_child_count(_sa)); \
+})
+
+/**
+ * Check if the CHILD_SA with the given SPI is in the expected state.
+ */
+#define assert_child_sa_state(ike_sa, spi, state) \
+({ \
+ typeof(ike_sa) _sa = ike_sa; \
+ typeof(spi) _spi = spi; \
+ typeof(state) _state = state; \
+ child_sa_t *_child = _sa->get_child_sa(_sa, PROTO_ESP, _spi, TRUE) ?: \
+ _sa->get_child_sa(_sa, PROTO_ESP, _spi, FALSE); \
+ test_assert_msg(_child, "CHILD_SA with SPI %.8x does not exist", \
+ ntohl(_spi)); \
+ test_assert_msg(_state == _child->get_state(_child), "%N != %N", \
+ child_sa_state_names, _state, \
+ child_sa_state_names, _child->get_state(_child)); \
+})
+
+/**
+ * Assert that the CHILD_SA with the given inbound SPI does not exist.
+ */
+#define assert_child_sa_not_exists(ike_sa, spi) \
+({ \
+ typeof(ike_sa) _sa = ike_sa; \
+ typeof(spi) _spi = spi; \
+ child_sa_t *_child = _sa->get_child_sa(_sa, PROTO_ESP, _spi, TRUE) ?: \
+ _sa->get_child_sa(_sa, PROTO_ESP, _spi, FALSE); \
+ test_assert_msg(!_child, "CHILD_SA with SPI %.8x exists", ntohl(_spi)); \
+})
+
+/**
+ * Assert that there is a specific number of tasks in a given queue
+ *
+ * @param ike_sa IKE_SA to check
+ * @param count number of expected tasks
+ * @param queue queue to check (task_queue_t)
+ */
+#define assert_num_tasks(ike_sa, count, queue) \
+({ \
+ typeof(ike_sa) _sa = ike_sa; \
+ typeof(count) _count = count; \
+ int _c = 0; task_t *_task; \
+ enumerator_t *_enumerator = _sa->create_task_enumerator(_sa, queue); \
+ while (_enumerator->enumerate(_enumerator, &_task)) { _c++; } \
+ _enumerator->destroy(_enumerator); \
+ test_assert_msg(_count == _c, "unexpected number of tasks in " #queue " " \
+ "of IKE_SA %s (%d != %d)", #ike_sa, _count, _c); \
+})
+
+/**
+ * Assert that all task queues of the given IKE_SA are empty
+ *
+ * @param ike_sa IKE_SA to check
+ */
+#define assert_sa_idle(ike_sa) \
+({ \
+ typeof(ike_sa) _ike_sa = ike_sa; \
+ assert_num_tasks(_ike_sa, 0, TASK_QUEUE_QUEUED); \
+ assert_num_tasks(_ike_sa, 0, TASK_QUEUE_ACTIVE); \
+ assert_num_tasks(_ike_sa, 0, TASK_QUEUE_PASSIVE); \
+})
+
+#endif /** SA_ASSERTS_H_ @}*/
diff --git a/src/libfast/Makefile.am b/src/libfast/Makefile.am
index 48079c66a..1a2da9791 100644
--- a/src/libfast/Makefile.am
+++ b/src/libfast/Makefile.am
@@ -22,4 +22,4 @@ endif
libfast_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- -lfcgi $(clearsilver_LIBS) $(PTHREADLIB)
+ -lfcgi $(clearsilver_LIBS) $(PTHREADLIB) $(ATOMICLIB)
diff --git a/src/libfast/Makefile.in b/src/libfast/Makefile.in
index 0c692542d..4c489db65 100644
--- a/src/libfast/Makefile.in
+++ b/src/libfast/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libfast
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(am__nobase_fast_include_HEADERS_DIST)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am \
+ $(am__nobase_fast_include_HEADERS_DIST) $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -132,7 +142,8 @@ LTLIBRARIES = $(ipseclib_LTLIBRARIES)
am__DEPENDENCIES_1 =
libfast_la_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
am_libfast_la_OBJECTS = fast_dispatcher.lo fast_request.lo \
fast_session.lo fast_smtp.lo
libfast_la_OBJECTS = $(am_libfast_la_OBJECTS)
@@ -204,12 +215,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +272,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +307,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +419,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -453,7 +469,7 @@ libfast_la_SOURCES = \
libfast_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- -lfcgi $(clearsilver_LIBS) $(PTHREADLIB)
+ -lfcgi $(clearsilver_LIBS) $(PTHREADLIB) $(ATOMICLIB)
all: all-am
@@ -471,7 +487,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libfast/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libfast/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -804,6 +819,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES \
uninstall-ipseclibLTLIBRARIES \
uninstall-nobase_fast_includeHEADERS
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/Android.mk b/src/libimcv/Android.mk
index 80e2aaadb..89ce5801a 100644
--- a/src/libimcv/Android.mk
+++ b/src/libimcv/Android.mk
@@ -48,7 +48,6 @@ libimcv_la_SOURCES := \
pts/pts_pcr.h pts/pts_pcr.c \
pts/pts_proto_caps.h \
pts/pts_req_func_comp_evid.h \
- pts/pts_simple_evid_final.h \
pts/pts_creds.h pts/pts_creds.c \
pts/pts_database.h pts/pts_database.c \
pts/pts_dh_group.h pts/pts_dh_group.c \
@@ -107,6 +106,7 @@ LOCAL_SRC_FILES := $(filter %.c,$(libimcv_la_SOURCES))
LOCAL_C_INCLUDES += \
$(strongswan_PATH)/src/libtncif \
+ $(strongswan_PATH)/src/libtpmtss \
$(strongswan_PATH)/src/libstrongswan
LOCAL_CFLAGS := $(strongswan_CFLAGS)
@@ -119,6 +119,6 @@ LOCAL_ARM_MODE := arm
LOCAL_PRELINK_MODULE := false
-LOCAL_SHARED_LIBRARIES += libstrongswan libtncif
+LOCAL_SHARED_LIBRARIES += libstrongswan libtncif libtpmtss
include $(BUILD_SHARED_LIBRARY)
diff --git a/src/libimcv/Makefile.am b/src/libimcv/Makefile.am
index 7683da3af..8cde4b7fc 100644
--- a/src/libimcv/Makefile.am
+++ b/src/libimcv/Makefile.am
@@ -1,6 +1,7 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtpmtss \
-DIPSEC_SCRIPT=\"${ipsec_script}\"
ipseclib_LTLIBRARIES = libimcv.la
@@ -10,11 +11,8 @@ libimcv_la_LDFLAGS = \
libimcv_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(top_builddir)/src/libtncif/libtncif.la
-
-if USE_TROUSERS
- libimcv_la_LIBADD += -ltspi
-endif
+ $(top_builddir)/src/libtncif/libtncif.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la
if USE_WINDOWS
libimcv_la_LIBADD += -lws2_32
@@ -66,7 +64,6 @@ libimcv_la_SOURCES = \
pts/pts_pcr.h pts/pts_pcr.c \
pts/pts_proto_caps.h \
pts/pts_req_func_comp_evid.h \
- pts/pts_simple_evid_final.h \
pts/pts_creds.h pts/pts_creds.c \
pts/pts_database.h pts/pts_database.c \
pts/pts_dh_group.h pts/pts_dh_group.c \
@@ -207,5 +204,6 @@ imcv_tests_CFLAGS = \
imcv_tests_LDFLAGS = @COVERAGE_LDFLAGS@
imcv_tests_LDADD = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libstrongswan/tests/libtest.la
diff --git a/src/libimcv/Makefile.in b/src/libimcv/Makefile.in
index 200f9590e..7983b7758 100644
--- a/src/libimcv/Makefile.in
+++ b/src/libimcv/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -18,7 +18,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,26 +91,23 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
-@USE_TROUSERS_TRUE@am__append_1 = -ltspi
-@USE_WINDOWS_TRUE@am__append_2 = -lws2_32
+@USE_WINDOWS_TRUE@am__append_1 = -lws2_32
ipsec_PROGRAMS = imv_policy_manager$(EXEEXT)
-@USE_IMC_TEST_TRUE@am__append_3 = plugins/imc_test
-@USE_IMV_TEST_TRUE@am__append_4 = plugins/imv_test
-@USE_IMC_SCANNER_TRUE@am__append_5 = plugins/imc_scanner
-@USE_IMV_SCANNER_TRUE@am__append_6 = plugins/imv_scanner
-@USE_IMC_OS_TRUE@am__append_7 = plugins/imc_os
-@USE_IMV_OS_TRUE@am__append_8 = plugins/imv_os
-@USE_IMC_ATTESTATION_TRUE@am__append_9 = plugins/imc_attestation
-@USE_IMV_ATTESTATION_TRUE@am__append_10 = plugins/imv_attestation
-@USE_IMC_SWID_TRUE@am__append_11 = plugins/imc_swid
-@USE_IMV_SWID_TRUE@am__append_12 = plugins/imv_swid
-@USE_IMC_HCD_TRUE@am__append_13 = plugins/imc_hcd
-@USE_IMV_HCD_TRUE@am__append_14 = plugins/imv_hcd
+@USE_IMC_TEST_TRUE@am__append_2 = plugins/imc_test
+@USE_IMV_TEST_TRUE@am__append_3 = plugins/imv_test
+@USE_IMC_SCANNER_TRUE@am__append_4 = plugins/imc_scanner
+@USE_IMV_SCANNER_TRUE@am__append_5 = plugins/imv_scanner
+@USE_IMC_OS_TRUE@am__append_6 = plugins/imc_os
+@USE_IMV_OS_TRUE@am__append_7 = plugins/imv_os
+@USE_IMC_ATTESTATION_TRUE@am__append_8 = plugins/imc_attestation
+@USE_IMV_ATTESTATION_TRUE@am__append_9 = plugins/imv_attestation
+@USE_IMC_SWID_TRUE@am__append_10 = plugins/imc_swid
+@USE_IMV_SWID_TRUE@am__append_11 = plugins/imv_swid
+@USE_IMC_HCD_TRUE@am__append_12 = plugins/imc_hcd
+@USE_IMV_HCD_TRUE@am__append_13 = plugins/imv_hcd
TESTS = imcv_tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libimcv
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(dist_templates_DATA)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -114,6 +121,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(dist_templates_DATA) \
+ $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -151,7 +160,8 @@ LTLIBRARIES = $(ipseclib_LTLIBRARIES)
am__DEPENDENCIES_1 =
libimcv_la_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(top_builddir)/src/libtncif/libtncif.la $(am__DEPENDENCIES_1) \
+ $(top_builddir)/src/libtncif/libtncif.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(am__DEPENDENCIES_1)
am__dirstamp = $(am__leading_dot)dirstamp
am_libimcv_la_OBJECTS = imcv.lo imc/imc_agent.lo imc/imc_msg.lo \
@@ -230,6 +240,7 @@ am_imcv_tests_OBJECTS = ita/imcv_tests-ita_attr_command.$(OBJEXT) \
imcv_tests-imcv.$(OBJEXT) imcv_tests-imcv_tests.$(OBJEXT)
imcv_tests_OBJECTS = $(am_imcv_tests_OBJECTS)
imcv_tests_DEPENDENCIES = $(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libstrongswan/tests/libtest.la
imcv_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
@@ -348,6 +359,7 @@ DIST_SUBDIRS = . plugins/imc_test plugins/imv_test plugins/imc_scanner \
plugins/imc_attestation plugins/imv_attestation \
plugins/imc_swid plugins/imv_swid plugins/imc_hcd \
plugins/imv_hcd
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -379,6 +391,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -428,6 +441,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -462,6 +476,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -573,6 +588,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -604,6 +620,7 @@ xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtpmtss \
-DIPSEC_SCRIPT=\"${ipsec_script}\"
ipseclib_LTLIBRARIES = libimcv.la
@@ -612,8 +629,8 @@ libimcv_la_LDFLAGS = \
libimcv_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(top_builddir)/src/libtncif/libtncif.la $(am__append_1) \
- $(am__append_2)
+ $(top_builddir)/src/libtncif/libtncif.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la $(am__append_1)
libimcv_la_SOURCES = \
imcv.h imcv.c \
imc/imc_agent.h imc/imc_agent.c imc/imc_state.h \
@@ -660,7 +677,6 @@ libimcv_la_SOURCES = \
pts/pts_pcr.h pts/pts_pcr.c \
pts/pts_proto_caps.h \
pts/pts_req_func_comp_evid.h \
- pts/pts_simple_evid_final.h \
pts/pts_creds.h pts/pts_creds.c \
pts/pts_database.h pts/pts_database.c \
pts/pts_dh_group.h pts/pts_dh_group.c \
@@ -726,10 +742,10 @@ imv_policy_manager_LDADD = \
$(top_builddir)/src/libtncif/libtncif.la
#imv/imv_policy_manager.o : $(top_builddir)/config.status
-SUBDIRS = . $(am__append_3) $(am__append_4) $(am__append_5) \
- $(am__append_6) $(am__append_7) $(am__append_8) \
- $(am__append_9) $(am__append_10) $(am__append_11) \
- $(am__append_12) $(am__append_13) $(am__append_14)
+SUBDIRS = . $(am__append_2) $(am__append_3) $(am__append_4) \
+ $(am__append_5) $(am__append_6) $(am__append_7) \
+ $(am__append_8) $(am__append_9) $(am__append_10) \
+ $(am__append_11) $(am__append_12) $(am__append_13)
imcv_tests_SOURCES = \
ita/ita_attr_command.c \
pa_tnc/pa_tnc_attr_manager.c \
@@ -749,6 +765,7 @@ imcv_tests_CFLAGS = \
imcv_tests_LDFLAGS = @COVERAGE_LDFLAGS@
imcv_tests_LDADD = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libstrongswan/tests/libtest.la
@@ -768,7 +785,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -1999,6 +2015,8 @@ uninstall-am: uninstall-dist_templatesDATA uninstall-ipsecPROGRAMS \
uninstall-dist_templatesDATA uninstall-ipsecPROGRAMS \
uninstall-ipsecSCRIPTS uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/generic/generic_attr_bool.c b/src/libimcv/generic/generic_attr_bool.c
index 3f570d9f8..5668b94fd 100644
--- a/src/libimcv/generic/generic_attr_bool.c
+++ b/src/libimcv/generic/generic_attr_bool.c
@@ -118,11 +118,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_generic_attr_bool_t *this, u_int32_t *offset)
+ private_generic_attr_bool_t *this, uint32_t *offset)
{
enum_name_t *pa_attr_names;
bio_reader_t *reader;
- u_int32_t status;
+ uint32_t status;
*offset = 0;
diff --git a/src/libimcv/generic/generic_attr_chunk.c b/src/libimcv/generic/generic_attr_chunk.c
index 98a539987..2227e2041 100644
--- a/src/libimcv/generic/generic_attr_chunk.c
+++ b/src/libimcv/generic/generic_attr_chunk.c
@@ -93,7 +93,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_generic_attr_chunk_t *this, u_int32_t *offset)
+ private_generic_attr_chunk_t *this, uint32_t *offset)
{
enum_name_t *pa_attr_names;
*offset = 0;
diff --git a/src/libimcv/generic/generic_attr_string.c b/src/libimcv/generic/generic_attr_string.c
index e63c0126a..4983ef91f 100644
--- a/src/libimcv/generic/generic_attr_string.c
+++ b/src/libimcv/generic/generic_attr_string.c
@@ -88,7 +88,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_generic_attr_string_t *this, u_int32_t *offset)
+ private_generic_attr_string_t *this, uint32_t *offset)
{
enum_name_t *pa_attr_names;
u_char *pos;
diff --git a/src/libimcv/ietf/ietf_attr.c b/src/libimcv/ietf/ietf_attr.c
index 38b777fce..cfac6ed17 100644
--- a/src/libimcv/ietf/ietf_attr.c
+++ b/src/libimcv/ietf/ietf_attr.c
@@ -47,7 +47,7 @@ ENUM(ietf_attr_names, IETF_ATTR_TESTING, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED,
/**
* See header
*/
-pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, size_t length,
+pa_tnc_attr_t* ietf_attr_create_from_data(uint32_t type, size_t length,
chunk_t value)
{
switch (type)
diff --git a/src/libimcv/ietf/ietf_attr.h b/src/libimcv/ietf/ietf_attr.h
index 169ed78e8..7154674af 100644
--- a/src/libimcv/ietf/ietf_attr.h
+++ b/src/libimcv/ietf/ietf_attr.h
@@ -59,7 +59,7 @@ extern enum_name_t *ietf_attr_names;
* @param length attribute length
* @param value attribute value or segment
*/
-pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, size_t length,
+pa_tnc_attr_t* ietf_attr_create_from_data(uint32_t type, size_t length,
chunk_t value);
#endif /** IETF_ATTR_H_ @}*/
diff --git a/src/libimcv/ietf/ietf_attr_assess_result.c b/src/libimcv/ietf/ietf_attr_assess_result.c
index 1cffdcaae..894212508 100644
--- a/src/libimcv/ietf/ietf_attr_assess_result.c
+++ b/src/libimcv/ietf/ietf_attr_assess_result.c
@@ -67,7 +67,7 @@ struct private_ietf_attr_assess_result_t {
/**
* Assessment Result
*/
- u_int32_t result;
+ uint32_t result;
/**
* Reference count
@@ -117,7 +117,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_assess_result_t *this, u_int32_t *offset)
+ private_ietf_attr_assess_result_t *this, uint32_t *offset)
{
bio_reader_t *reader;
@@ -162,7 +162,7 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
}
-METHOD(ietf_attr_assess_result_t, get_result, u_int32_t,
+METHOD(ietf_attr_assess_result_t, get_result, uint32_t,
private_ietf_attr_assess_result_t *this)
{
return this->result;
@@ -171,7 +171,7 @@ METHOD(ietf_attr_assess_result_t, get_result, u_int32_t,
/**
* Described in header.
*/
-pa_tnc_attr_t *ietf_attr_assess_result_create(u_int32_t result)
+pa_tnc_attr_t *ietf_attr_assess_result_create(uint32_t result)
{
private_ietf_attr_assess_result_t *this;
diff --git a/src/libimcv/ietf/ietf_attr_assess_result.h b/src/libimcv/ietf/ietf_attr_assess_result.h
index b1a5166dc..fe7c1aaf3 100644
--- a/src/libimcv/ietf/ietf_attr_assess_result.h
+++ b/src/libimcv/ietf/ietf_attr_assess_result.h
@@ -43,7 +43,7 @@ struct ietf_attr_assess_result_t {
*
* @return Assessment Result
*/
- u_int32_t (*get_result)(ietf_attr_assess_result_t *this);
+ uint32_t (*get_result)(ietf_attr_assess_result_t *this);
};
@@ -51,7 +51,7 @@ struct ietf_attr_assess_result_t {
* Creates an ietf_attr_assess_result_t object
*
*/
-pa_tnc_attr_t* ietf_attr_assess_result_create(u_int32_t result);
+pa_tnc_attr_t* ietf_attr_assess_result_create(uint32_t result);
/**
* Creates an ietf_attr_assess_result_t object from received data
diff --git a/src/libimcv/ietf/ietf_attr_attr_request.c b/src/libimcv/ietf/ietf_attr_attr_request.c
index 08658e2f7..2a0b7f062 100644
--- a/src/libimcv/ietf/ietf_attr_attr_request.c
+++ b/src/libimcv/ietf/ietf_attr_attr_request.c
@@ -136,7 +136,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(ietf_attr_attr_request_t, add, void,
- private_ietf_attr_attr_request_t *this, pen_t vendor_id, u_int32_t type)
+ private_ietf_attr_attr_request_t *this, pen_t vendor_id, uint32_t type)
{
enum_name_t *pa_attr_names;
pen_type_t *entry;
@@ -160,12 +160,12 @@ METHOD(ietf_attr_attr_request_t, add, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_attr_request_t *this, u_int32_t *offset)
+ private_ietf_attr_attr_request_t *this, uint32_t *offset)
{
bio_reader_t *reader;
pen_t vendor_id;
- u_int32_t type;
- u_int8_t reserved;
+ uint32_t type;
+ uint8_t reserved;
int count;
*offset = 0;
@@ -228,7 +228,7 @@ METHOD(ietf_attr_attr_request_t, create_enumerator, enumerator_t*,
/**
* Described in header.
*/
-pa_tnc_attr_t *ietf_attr_attr_request_create(pen_t vendor_id, u_int32_t type)
+pa_tnc_attr_t *ietf_attr_attr_request_create(pen_t vendor_id, uint32_t type)
{
private_ietf_attr_attr_request_t *this;
diff --git a/src/libimcv/ietf/ietf_attr_attr_request.h b/src/libimcv/ietf/ietf_attr_attr_request.h
index 47b038605..4c4ede04a 100644
--- a/src/libimcv/ietf/ietf_attr_attr_request.h
+++ b/src/libimcv/ietf/ietf_attr_attr_request.h
@@ -44,7 +44,7 @@ struct ietf_attr_attr_request_t {
* @param vendor_id Attribute Vendor ID
* @param type Attribute Type
*/
- void (*add)(ietf_attr_attr_request_t *this, pen_t vendor_id, u_int32_t type);
+ void (*add)(ietf_attr_attr_request_t *this, pen_t vendor_id, uint32_t type);
/**
* Creates an enumerator over all attribute types contained
@@ -59,7 +59,7 @@ struct ietf_attr_attr_request_t {
* Creates an ietf_attr_attr_request_t object
*
*/
-pa_tnc_attr_t* ietf_attr_attr_request_create(pen_t vendor_id, u_int32_t type);
+pa_tnc_attr_t* ietf_attr_attr_request_create(pen_t vendor_id, uint32_t type);
/**
* @param length Total length of attribute value
diff --git a/src/libimcv/ietf/ietf_attr_fwd_enabled.c b/src/libimcv/ietf/ietf_attr_fwd_enabled.c
index 876a740c0..93eca3b3c 100644
--- a/src/libimcv/ietf/ietf_attr_fwd_enabled.c
+++ b/src/libimcv/ietf/ietf_attr_fwd_enabled.c
@@ -117,10 +117,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_fwd_enabled_t *this, u_int32_t *offset)
+ private_ietf_attr_fwd_enabled_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t fwd_status;
+ uint32_t fwd_status;
*offset = 0;
diff --git a/src/libimcv/ietf/ietf_attr_installed_packages.c b/src/libimcv/ietf/ietf_attr_installed_packages.c
index 39eea555a..7a870ac40 100644
--- a/src/libimcv/ietf/ietf_attr_installed_packages.c
+++ b/src/libimcv/ietf/ietf_attr_installed_packages.c
@@ -169,13 +169,13 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_installed_packages_t *this, u_int32_t *offset)
+ private_ietf_attr_installed_packages_t *this, uint32_t *offset)
{
bio_reader_t *reader;
package_entry_t *entry;
status_t status = NEED_MORE;
chunk_t name, version;
- u_int16_t reserved;
+ uint16_t reserved;
u_char *pos;
if (this->offset == 0)
diff --git a/src/libimcv/ietf/ietf_attr_numeric_version.c b/src/libimcv/ietf/ietf_attr_numeric_version.c
index c8fd6c1ca..7a3e78fd0 100644
--- a/src/libimcv/ietf/ietf_attr_numeric_version.c
+++ b/src/libimcv/ietf/ietf_attr_numeric_version.c
@@ -73,27 +73,27 @@ struct private_ietf_attr_numeric_version_t {
/**
* Major Version Number
*/
- u_int32_t major_version;
+ uint32_t major_version;
/**
* Minor Version Number
*/
- u_int32_t minor_version;
+ uint32_t minor_version;
/**
* IBuild Number
*/
- u_int32_t build;
+ uint32_t build;
/**
* Service Pack Major Number
*/
- u_int16_t service_pack_major;
+ uint16_t service_pack_major;
/**
* Service Pack Minor Number
*/
- u_int16_t service_pack_minor;
+ uint16_t service_pack_minor;
/**
* Reference count
@@ -148,7 +148,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_numeric_version_t *this, u_int32_t *offset)
+ private_ietf_attr_numeric_version_t *this, uint32_t *offset)
{
bio_reader_t *reader;
@@ -198,7 +198,7 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
METHOD(ietf_attr_numeric_version_t, get_version, void,
- private_ietf_attr_numeric_version_t *this, u_int32_t *major, u_int32_t *minor)
+ private_ietf_attr_numeric_version_t *this, uint32_t *major, uint32_t *minor)
{
if (major)
{
@@ -210,14 +210,14 @@ METHOD(ietf_attr_numeric_version_t, get_version, void,
}
}
-METHOD(ietf_attr_numeric_version_t, get_build, u_int32_t,
+METHOD(ietf_attr_numeric_version_t, get_build, uint32_t,
private_ietf_attr_numeric_version_t *this)
{
return this->build;
}
METHOD(ietf_attr_numeric_version_t, get_service_pack, void,
- private_ietf_attr_numeric_version_t *this, u_int16_t *major, u_int16_t *minor)
+ private_ietf_attr_numeric_version_t *this, uint16_t *major, uint16_t *minor)
{
if (major)
{
@@ -232,10 +232,10 @@ METHOD(ietf_attr_numeric_version_t, get_service_pack, void,
/**
* Described in header.
*/
-pa_tnc_attr_t *ietf_attr_numeric_version_create(u_int32_t major, u_int32_t minor,
- u_int32_t build,
- u_int16_t service_pack_major,
- u_int16_t service_pack_minor)
+pa_tnc_attr_t *ietf_attr_numeric_version_create(uint32_t major, uint32_t minor,
+ uint32_t build,
+ uint16_t service_pack_major,
+ uint16_t service_pack_minor)
{
private_ietf_attr_numeric_version_t *this;
diff --git a/src/libimcv/ietf/ietf_attr_numeric_version.h b/src/libimcv/ietf/ietf_attr_numeric_version.h
index 8808d48ed..afb3823e4 100644
--- a/src/libimcv/ietf/ietf_attr_numeric_version.h
+++ b/src/libimcv/ietf/ietf_attr_numeric_version.h
@@ -45,7 +45,7 @@ struct ietf_attr_numeric_version_t {
* @param minor Minor Version Number
*/
void (*get_version)(ietf_attr_numeric_version_t *this,
- u_int32_t *major, u_int32_t *minor);
+ uint32_t *major, uint32_t *minor);
/**
* Gets the Build Number
@@ -53,7 +53,7 @@ struct ietf_attr_numeric_version_t {
* @param major Major Version Number
* @param minor Minor Version Number
*/
- u_int32_t (*get_build)(ietf_attr_numeric_version_t *this);
+ uint32_t (*get_build)(ietf_attr_numeric_version_t *this);
/**
* Gets the Major and Minor Numbers of the Service Pack
@@ -62,17 +62,17 @@ struct ietf_attr_numeric_version_t {
* @param minor Servcie Pack Minor Number
*/
void (*get_service_pack)(ietf_attr_numeric_version_t *this,
- u_int16_t *major, u_int16_t *minor);
+ uint16_t *major, uint16_t *minor);
};
/**
* Creates an ietf_attr_numeric_version_t object
*
*/
-pa_tnc_attr_t* ietf_attr_numeric_version_create(u_int32_t major, u_int32_t minor,
- u_int32_t build,
- u_int16_t service_pack_major,
- u_int16_t service_pack_minor);
+pa_tnc_attr_t* ietf_attr_numeric_version_create(uint32_t major, uint32_t minor,
+ uint32_t build,
+ uint16_t service_pack_major,
+ uint16_t service_pack_minor);
/**
* Creates an ietf_attr_numeric_version_t object from received data
diff --git a/src/libimcv/ietf/ietf_attr_op_status.c b/src/libimcv/ietf/ietf_attr_op_status.c
index d061a52f9..f04c89b96 100644
--- a/src/libimcv/ietf/ietf_attr_op_status.c
+++ b/src/libimcv/ietf/ietf_attr_op_status.c
@@ -93,12 +93,12 @@ struct private_ietf_attr_op_status_t {
/**
* Status
*/
- u_int8_t status;
+ uint8_t status;
/**
* Result
*/
- u_int8_t result;
+ uint8_t result;
/**
* Last Use
@@ -164,11 +164,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_op_status_t *this, u_int32_t *offset)
+ private_ietf_attr_op_status_t *this, uint32_t *offset)
{
bio_reader_t *reader;
chunk_t last_use;
- u_int16_t reserved;
+ uint16_t reserved;
struct tm t;
*offset = 0;
@@ -245,13 +245,13 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
}
-METHOD(ietf_attr_op_status_t, get_status, u_int8_t,
+METHOD(ietf_attr_op_status_t, get_status, uint8_t,
private_ietf_attr_op_status_t *this)
{
return this->status;
}
-METHOD(ietf_attr_op_status_t, get_result, u_int8_t,
+METHOD(ietf_attr_op_status_t, get_result, uint8_t,
private_ietf_attr_op_status_t *this)
{
return this->result;
@@ -266,7 +266,7 @@ METHOD(ietf_attr_op_status_t, get_last_use, time_t,
/**
* Described in header.
*/
-pa_tnc_attr_t *ietf_attr_op_status_create(u_int8_t status, u_int8_t result,
+pa_tnc_attr_t *ietf_attr_op_status_create(uint8_t status, uint8_t result,
time_t last_use)
{
private_ietf_attr_op_status_t *this;
diff --git a/src/libimcv/ietf/ietf_attr_op_status.h b/src/libimcv/ietf/ietf_attr_op_status.h
index ceb13fe75..c91735a55 100644
--- a/src/libimcv/ietf/ietf_attr_op_status.h
+++ b/src/libimcv/ietf/ietf_attr_op_status.h
@@ -70,14 +70,14 @@ struct ietf_attr_op_status_t {
*
* @return Operational Status
*/
- u_int8_t (*get_status)(ietf_attr_op_status_t *this);
+ uint8_t (*get_status)(ietf_attr_op_status_t *this);
/**
* Gets the Operational Result
*
* @return Operational Result
*/
- u_int8_t (*get_result)(ietf_attr_op_status_t *this);
+ uint8_t (*get_result)(ietf_attr_op_status_t *this);
/**
* Gets the time of last use
@@ -94,7 +94,7 @@ struct ietf_attr_op_status_t {
* @param result Operational Result
* @param last_use Time of last use
*/
-pa_tnc_attr_t* ietf_attr_op_status_create(u_int8_t status, u_int8_t result,
+pa_tnc_attr_t* ietf_attr_op_status_create(uint8_t status, uint8_t result,
time_t last_use);
/**
diff --git a/src/libimcv/ietf/ietf_attr_port_filter.c b/src/libimcv/ietf/ietf_attr_port_filter.c
index 6f7ff54cc..05920fdd8 100644
--- a/src/libimcv/ietf/ietf_attr_port_filter.c
+++ b/src/libimcv/ietf/ietf_attr_port_filter.c
@@ -30,8 +30,8 @@ typedef struct port_entry_t port_entry_t;
*/
struct port_entry_t {
bool blocked;
- u_int8_t protocol;
- u_int16_t port;
+ uint8_t protocol;
+ uint16_t port;
};
/**
@@ -142,11 +142,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_port_filter_t *this, u_int32_t *offset)
+ private_ietf_attr_port_filter_t *this, uint32_t *offset)
{
bio_reader_t *reader;
port_entry_t *entry;
- u_int8_t blocked;
+ uint8_t blocked;
*offset = 0;
@@ -201,8 +201,8 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
METHOD(ietf_attr_port_filter_t, add_port, void,
- private_ietf_attr_port_filter_t *this, bool blocked, u_int8_t protocol,
- u_int16_t port)
+ private_ietf_attr_port_filter_t *this, bool blocked, uint8_t protocol,
+ uint16_t port)
{
port_entry_t *entry;
@@ -217,8 +217,8 @@ METHOD(ietf_attr_port_filter_t, add_port, void,
* Enumerate port filter entries
*/
static bool port_filter(void *null, port_entry_t **entry,
- bool *blocked, void *i2, u_int8_t *protocol, void *i3,
- u_int16_t *port)
+ bool *blocked, void *i2, uint8_t *protocol, void *i3,
+ uint16_t *port)
{
*blocked = (*entry)->blocked;
*protocol = (*entry)->protocol;
diff --git a/src/libimcv/ietf/ietf_attr_port_filter.h b/src/libimcv/ietf/ietf_attr_port_filter.h
index e6c5a3f61..db35453c4 100644
--- a/src/libimcv/ietf/ietf_attr_port_filter.h
+++ b/src/libimcv/ietf/ietf_attr_port_filter.h
@@ -46,11 +46,11 @@ struct ietf_attr_port_filter_t {
* @param port TCP/UDP port number
*/
void (*add_port)(ietf_attr_port_filter_t *this, bool blocked,
- u_int8_t protocol, u_int16_t port);
+ uint8_t protocol, uint16_t port);
/**
* Enumerates over all ports
- * Format: bool *blocked, u_int8_t *protocol, u_int16_t *port
+ * Format: bool *blocked, uint8_t *protocol, uint16_t *port
*
* @return enumerator
*/
diff --git a/src/libimcv/ietf/ietf_attr_product_info.c b/src/libimcv/ietf/ietf_attr_product_info.c
index 37c89e9e5..ed1a74b43 100644
--- a/src/libimcv/ietf/ietf_attr_product_info.c
+++ b/src/libimcv/ietf/ietf_attr_product_info.c
@@ -74,7 +74,7 @@ struct private_ietf_attr_product_info_t {
/**
* Product ID
*/
- u_int16_t product_id;
+ uint16_t product_id;
/**
* Product Name
@@ -131,7 +131,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_product_info_t *this, u_int32_t *offset)
+ private_ietf_attr_product_info_t *this, uint32_t *offset)
{
bio_reader_t *reader;
chunk_t product_name;
@@ -190,7 +190,7 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
METHOD(ietf_attr_product_info_t, get_info, chunk_t,
- private_ietf_attr_product_info_t *this, pen_t *vendor_id, u_int16_t *id)
+ private_ietf_attr_product_info_t *this, pen_t *vendor_id, uint16_t *id)
{
if (vendor_id)
{
@@ -206,7 +206,7 @@ METHOD(ietf_attr_product_info_t, get_info, chunk_t,
/**
* Described in header.
*/
-pa_tnc_attr_t *ietf_attr_product_info_create(pen_t vendor_id, u_int16_t id,
+pa_tnc_attr_t *ietf_attr_product_info_create(pen_t vendor_id, uint16_t id,
chunk_t name)
{
private_ietf_attr_product_info_t *this;
diff --git a/src/libimcv/ietf/ietf_attr_product_info.h b/src/libimcv/ietf/ietf_attr_product_info.h
index 5151b5808..53e240955 100644
--- a/src/libimcv/ietf/ietf_attr_product_info.h
+++ b/src/libimcv/ietf/ietf_attr_product_info.h
@@ -46,7 +46,7 @@ struct ietf_attr_product_info_t {
* @return Product Name
*/
chunk_t (*get_info)(ietf_attr_product_info_t *this,
- pen_t *vendor_id, u_int16_t *id);
+ pen_t *vendor_id, uint16_t *id);
};
@@ -54,7 +54,7 @@ struct ietf_attr_product_info_t {
* Creates an ietf_attr_product_info_t object
*
*/
-pa_tnc_attr_t* ietf_attr_product_info_create(pen_t vendor_id, u_int16_t id,
+pa_tnc_attr_t* ietf_attr_product_info_create(pen_t vendor_id, uint16_t id,
chunk_t name);
/**
diff --git a/src/libimcv/ietf/ietf_attr_remediation_instr.c b/src/libimcv/ietf/ietf_attr_remediation_instr.c
index 64070374e..c834b23fd 100644
--- a/src/libimcv/ietf/ietf_attr_remediation_instr.c
+++ b/src/libimcv/ietf/ietf_attr_remediation_instr.c
@@ -165,10 +165,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_remediation_instr_t *this, u_int32_t *offset)
+ private_ietf_attr_remediation_instr_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t reserved;
+ uint8_t reserved;
status_t status = SUCCESS;
u_char *pos;
diff --git a/src/libimcv/ietf/ietf_attr_string_version.c b/src/libimcv/ietf/ietf_attr_string_version.c
index c46200b8f..f78138747 100644
--- a/src/libimcv/ietf/ietf_attr_string_version.c
+++ b/src/libimcv/ietf/ietf_attr_string_version.c
@@ -134,7 +134,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ietf_attr_string_version_t *this, u_int32_t *offset)
+ private_ietf_attr_string_version_t *this, uint32_t *offset)
{
bio_reader_t *reader;
status_t status = FAILED;
diff --git a/src/libimcv/imc/imc_agent.c b/src/libimcv/imc/imc_agent.c
index 0d622f1b8..3a7a16bc2 100644
--- a/src/libimcv/imc/imc_agent.c
+++ b/src/libimcv/imc/imc_agent.c
@@ -46,7 +46,7 @@ struct private_imc_agent_t {
/**
* number of message types registered by IMC
*/
- u_int32_t type_count;
+ uint32_t type_count;
/**
* ID of IMC as assigned by TNCC
@@ -320,7 +320,7 @@ static char* get_str_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
/**
* Read an UInt32 attribute
*/
-static u_int32_t get_uint_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
+static uint32_t get_uint_attribute(private_imc_agent_t *this, TNC_ConnectionID id,
TNC_AttributeID attribute_id)
{
TNC_UInt32 len;
@@ -341,7 +341,7 @@ METHOD(imc_agent_t, create_state, TNC_Result,
TNC_ConnectionID conn_id;
char *tnccs_p = NULL, *tnccs_v = NULL, *t_p = NULL, *t_v = NULL;
bool has_long = FALSE, has_excl = FALSE, has_soh = FALSE;
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
conn_id = state->get_connection_id(state);
if (find_connection(this, conn_id))
@@ -550,7 +550,7 @@ METHOD(imc_agent_t, destroy, void,
* Described in header.
*/
imc_agent_t *imc_agent_create(const char *name,
- pen_type_t *supported_types, u_int32_t type_count,
+ pen_type_t *supported_types, uint32_t type_count,
TNC_IMCID id, TNC_Version *actual_version)
{
private_imc_agent_t *this;
diff --git a/src/libimcv/imc/imc_agent.h b/src/libimcv/imc/imc_agent.h
index 8bdfb6c32..bac1b4832 100644
--- a/src/libimcv/imc/imc_agent.h
+++ b/src/libimcv/imc/imc_agent.h
@@ -198,7 +198,7 @@ struct imc_agent_t {
*
*/
imc_agent_t *imc_agent_create(const char *name,
- pen_type_t *supported_types, u_int32_t type_count,
+ pen_type_t *supported_types, uint32_t type_count,
TNC_IMCID id, TNC_Version *actual_version);
#endif /** IMC_AGENT_H_ @}*/
diff --git a/src/libimcv/imc/imc_os_info.c b/src/libimcv/imc/imc_os_info.c
index 55e152af5..3315c209f 100644
--- a/src/libimcv/imc/imc_os_info.c
+++ b/src/libimcv/imc/imc_os_info.c
@@ -69,7 +69,7 @@ METHOD(imc_os_info_t, get_name, chunk_t,
}
METHOD(imc_os_info_t, get_numeric_version, void,
- private_imc_os_info_t *this, u_int32_t *major, u_int32_t *minor)
+ private_imc_os_info_t *this, uint32_t *major, uint32_t *minor)
{
u_char *pos;
diff --git a/src/libimcv/imc/imc_os_info.h b/src/libimcv/imc/imc_os_info.h
index ef7fb6d43..680e2b7a3 100644
--- a/src/libimcv/imc/imc_os_info.h
+++ b/src/libimcv/imc/imc_os_info.h
@@ -54,8 +54,8 @@ struct imc_os_info_t {
* @param major OS major version number
* @param minor OS minor version number
*/
- void (*get_numeric_version)(imc_os_info_t *this, u_int32_t *major,
- u_int32_t *minor);
+ void (*get_numeric_version)(imc_os_info_t *this, uint32_t *major,
+ uint32_t *minor);
/**
* Get the OS version or release
diff --git a/src/libimcv/imc/imc_state.h b/src/libimcv/imc/imc_state.h
index efcf567f0..d8aeab996 100644
--- a/src/libimcv/imc/imc_state.h
+++ b/src/libimcv/imc/imc_state.h
@@ -72,14 +72,14 @@ struct imc_state_t {
*
* @param max_msg_len maximum size of a PA-TNC message
*/
- void (*set_max_msg_len)(imc_state_t *this, u_int32_t max_msg_len);
+ void (*set_max_msg_len)(imc_state_t *this, uint32_t max_msg_len);
/**
* Get the maximum size of a PA-TNC message for this TNCCS connection
*
* @return maximum size of a PA-TNC message
*/
- u_int32_t (*get_max_msg_len)(imc_state_t *this);
+ uint32_t (*get_max_msg_len)(imc_state_t *this);
/**
* Get attribute segmentation contracts associated with TNCCS Connection
diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql
index 9162e3f87..6f88e173a 100644
--- a/src/libimcv/imv/data.sql
+++ b/src/libimcv/imv/data.sql
@@ -412,6 +412,90 @@ INSERT INTO products ( /* 69 */
'Debian 7.9 armv7l'
);
+INSERT INTO products ( /* 70 */
+ name
+) VALUES (
+ 'Ubuntu 15.04 i686'
+);
+
+INSERT INTO products ( /* 71 */
+ name
+) VALUES (
+ 'Ubuntu 15.04 x86_64'
+);
+
+INSERT INTO products ( /* 72 */
+ name
+) VALUES (
+ 'Ubuntu 15.10 i686'
+);
+
+INSERT INTO products ( /* 73 */
+ name
+) VALUES (
+ 'Ubuntu 15.10 x86_64'
+);
+
+INSERT INTO products ( /* 74 */
+ name
+) VALUES (
+ 'Ubuntu 16.04 i686'
+);
+
+INSERT INTO products ( /* 75 */
+ name
+) VALUES (
+ 'Ubuntu 16.04 x86_64'
+);
+
+INSERT INTO products ( /* 76 */
+ name
+) VALUES (
+ 'Debian 7.10 i686'
+);
+
+INSERT INTO products ( /* 77 */
+ name
+) VALUES (
+ 'Debian 7.10 x86_64'
+);
+
+INSERT INTO products ( /* 78 */
+ name
+) VALUES (
+ 'Debian 7.10 armv6l'
+);
+
+INSERT INTO products ( /* 79 */
+ name
+) VALUES (
+ 'Debian 7.10 armv7l'
+);
+
+INSERT INTO products ( /* 80 */
+ name
+) VALUES (
+ 'Android 6.0'
+);
+
+INSERT INTO products ( /* 81 */
+ name
+) VALUES (
+ 'Android 6.0.1'
+);
+
+INSERT INTO products ( /* 82 */
+ name
+) VALUES (
+ 'Debian 8.5 i686'
+);
+
+INSERT INTO products ( /* 83 */
+ name
+) VALUES (
+ 'Debian 8.5 x86_64'
+);
+
/* Directories */
INSERT INTO directories ( /* 1 */
@@ -541,19 +625,19 @@ INSERT INTO files ( /* 6 */
INSERT INTO algorithms (
id, name
) VALUES (
- 32768, 'SHA1'
+ 32768, 'SHA1'
);
INSERT INTO algorithms (
id, name
) VALUES (
- 16384, 'SHA256'
+ 16384, 'SHA256'
);
INSERT INTO algorithms (
id, name
) VALUES (
- 8192, 'SHA384'
+ 8192, 'SHA384'
);
/* File Hashes */
@@ -919,6 +1003,12 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
+ 4, 76
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
5, 2
);
@@ -991,6 +1081,18 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
+ 5, 77
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 83
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
6, 9
);
@@ -1045,6 +1147,24 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
+ 6, 70
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 72
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 74
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
7, 8
);
@@ -1105,6 +1225,24 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
+ 7, 71
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 73
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 75
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
3, 21
);
@@ -1165,6 +1303,12 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
+ 3, 51
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
3, 63
);
@@ -1177,7 +1321,13 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
- 3, 51
+ 3, 80
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 3, 81
);
INSERT INTO groups_product_defaults (
@@ -1243,6 +1393,12 @@ INSERT INTO groups_product_defaults (
INSERT INTO groups_product_defaults (
group_id, product_id
) VALUES (
+ 14, 78
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
15, 65
);
@@ -1252,6 +1408,12 @@ INSERT INTO groups_product_defaults (
15, 69
);
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 15, 79
+);
+
/* Policies */
INSERT INTO policies ( /* 1 */
diff --git a/src/libimcv/imv/imv_database.h b/src/libimcv/imv/imv_database.h
index 79551cc79..d0b2db2b4 100644
--- a/src/libimcv/imv/imv_database.h
+++ b/src/libimcv/imv/imv_database.h
@@ -46,7 +46,7 @@ struct imv_database_t {
*/
imv_session_t* (*add_session)(imv_database_t *this,
TNC_ConnectionID conn_id,
- u_int32_t ar_id_type, chunk_t ar_id_value);
+ uint32_t ar_id_type, chunk_t ar_id_value);
/**
* Remove and delete a session
diff --git a/src/libimcv/ita/ita_attr.c b/src/libimcv/ita/ita_attr.c
index 35c882c37..1d8db71cb 100644
--- a/src/libimcv/ita/ita_attr.c
+++ b/src/libimcv/ita/ita_attr.c
@@ -35,7 +35,7 @@ ENUM(ita_attr_names, ITA_ATTR_COMMAND, ITA_ATTR_DEVICE_ID,
/**
* See header
*/
-pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, size_t length,
+pa_tnc_attr_t* ita_attr_create_from_data(uint32_t type, size_t length,
chunk_t value)
{
switch (type)
diff --git a/src/libimcv/ita/ita_attr.h b/src/libimcv/ita/ita_attr.h
index 7378a1cbe..726537420 100644
--- a/src/libimcv/ita/ita_attr.h
+++ b/src/libimcv/ita/ita_attr.h
@@ -53,7 +53,7 @@ extern enum_name_t *ita_attr_names;
* @param length attribute length
* @param value attribute value or segment
*/
-pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, size_t length,
+pa_tnc_attr_t* ita_attr_create_from_data(uint32_t type, size_t length,
chunk_t value);
#endif /** ITA_ATTR_H_ @}*/
diff --git a/src/libimcv/ita/ita_attr_angel.c b/src/libimcv/ita/ita_attr_angel.c
index 110863608..133089759 100644
--- a/src/libimcv/ita/ita_attr_angel.c
+++ b/src/libimcv/ita/ita_attr_angel.c
@@ -81,7 +81,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ita_attr_angel_t *this, u_int32_t *offset)
+ private_ita_attr_angel_t *this, uint32_t *offset)
{
return SUCCESS;
}
diff --git a/src/libimcv/ita/ita_attr_command.c b/src/libimcv/ita/ita_attr_command.c
index a6b187f13..03a534125 100644
--- a/src/libimcv/ita/ita_attr_command.c
+++ b/src/libimcv/ita/ita_attr_command.c
@@ -101,7 +101,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ita_attr_command_t *this, u_int32_t *offset)
+ private_ita_attr_command_t *this, uint32_t *offset)
{
*offset = 0;
diff --git a/src/libimcv/ita/ita_attr_dummy.c b/src/libimcv/ita/ita_attr_dummy.c
index 0d21ac6ea..8fa23cf99 100644
--- a/src/libimcv/ita/ita_attr_dummy.c
+++ b/src/libimcv/ita/ita_attr_dummy.c
@@ -99,7 +99,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ita_attr_dummy_t *this, u_int32_t *offset)
+ private_ita_attr_dummy_t *this, uint32_t *offset)
{
*offset = 0;
diff --git a/src/libimcv/ita/ita_attr_get_settings.c b/src/libimcv/ita/ita_attr_get_settings.c
index 3c047fb82..4c50cffd9 100644
--- a/src/libimcv/ita/ita_attr_get_settings.c
+++ b/src/libimcv/ita/ita_attr_get_settings.c
@@ -140,10 +140,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ita_attr_get_settings_t *this, u_int32_t *offset)
+ private_ita_attr_get_settings_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t count;
+ uint32_t count;
chunk_t name;
status_t status = FAILED;
diff --git a/src/libimcv/ita/ita_attr_settings.c b/src/libimcv/ita/ita_attr_settings.c
index ced347705..c7c968a26 100644
--- a/src/libimcv/ita/ita_attr_settings.c
+++ b/src/libimcv/ita/ita_attr_settings.c
@@ -169,10 +169,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_ita_attr_settings_t *this, u_int32_t *offset)
+ private_ita_attr_settings_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t count;
+ uint32_t count;
chunk_t name, value;
entry_t *entry;
status_t status = FAILED;
diff --git a/src/libimcv/pa_tnc/pa_tnc_attr_manager.h b/src/libimcv/pa_tnc/pa_tnc_attr_manager.h
index 8607feede..1fec8e3f9 100644
--- a/src/libimcv/pa_tnc/pa_tnc_attr_manager.h
+++ b/src/libimcv/pa_tnc/pa_tnc_attr_manager.h
@@ -28,7 +28,7 @@ typedef struct pa_tnc_attr_manager_t pa_tnc_attr_manager_t;
#include <library.h>
#include <bio/bio_reader.h>
-typedef pa_tnc_attr_t* (*pa_tnc_attr_create_t)(u_int32_t type, size_t length,
+typedef pa_tnc_attr_t* (*pa_tnc_attr_create_t)(uint32_t type, size_t length,
chunk_t value);
/**
diff --git a/src/libimcv/plugins/imc_attestation/Makefile.am b/src/libimcv/plugins/imc_attestation/Makefile.am
index e7b1f1ce1..14b1646e5 100644
--- a/src/libimcv/plugins/imc_attestation/Makefile.am
+++ b/src/libimcv/plugins/imc_attestation/Makefile.am
@@ -1,7 +1,8 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
diff --git a/src/libimcv/plugins/imc_attestation/Makefile.in b/src/libimcv/plugins/imc_attestation/Makefile.in
index 6d9533d21..d2b8168b9 100644
--- a/src/libimcv/plugins/imc_attestation/Makefile.in
+++ b/src/libimcv/plugins/imc_attestation/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imc_attestation
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -432,7 +446,8 @@ xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
@@ -462,7 +477,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_attestation/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imc_attestation/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -766,6 +780,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation_process.c b/src/libimcv/plugins/imc_attestation/imc_attestation_process.c
index f24aec881..56713bb04 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation_process.c
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation_process.c
@@ -1,5 +1,6 @@
/*
- * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen
+ * Copyright (C) 2011-2012 Sansar Choinyambuu
+ * Copyright (C) 2011-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -225,9 +226,9 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
{
tcg_pts_attr_req_file_meas_t *attr_cast;
char *pathname;
- u_int16_t request_id;
+ uint16_t request_id;
bool is_directory;
- u_int32_t delimiter;
+ uint32_t delimiter;
pts_file_meas_t *measurements;
pen_type_t error_code;
@@ -282,7 +283,7 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
tcg_pts_attr_req_file_meta_t *attr_cast;
char *pathname;
bool is_directory;
- u_int8_t delimiter;
+ uint8_t delimiter;
pts_file_meta_t *metadata;
pen_type_t error_code;
@@ -336,8 +337,8 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
pts_comp_evidence_t *evid;
pts_component_t *comp;
pen_type_t error_code;
- u_int32_t depth;
- u_int8_t flags;
+ uint32_t depth;
+ uint8_t flags;
status_t status;
enumerator_t *e;
@@ -420,11 +421,11 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
}
case TCG_PTS_GEN_ATTEST_EVID:
{
- pts_simple_evid_final_flag_t flags;
- pts_meas_algorithms_t comp_hash_algorithm;
pts_comp_evidence_t *evid;
- chunk_t pcr_composite, quote_sig;
- bool use_quote2;
+ tpm_quote_mode_t quote_mode;
+ tpm_tss_quote_info_t *quote_info;
+ chunk_t quote_sig;
+ bool use_quote2, use_version_info;
/* Send cached Component Evidence entries */
while (attestation_state->next_evidence(attestation_state, &evid))
@@ -434,21 +435,23 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
}
use_quote2 = lib->settings->get_bool(lib->settings,
- "%s.plugins.imc-attestation.use_quote2", TRUE,
- lib->ns);
- if (!pts->quote_tpm(pts, use_quote2, &pcr_composite, &quote_sig))
+ "%s.plugins.imc-attestation.use_quote2",
+ TRUE, lib->ns);
+ use_version_info = lib->settings->get_bool(lib->settings,
+ "%s.plugins.imc-attestation.use_version_info",
+ FALSE, lib->ns);
+ quote_mode = use_quote2 ? (use_version_info ?
+ TPM_QUOTE2_VERSION_INFO :
+ TPM_QUOTE2) :
+ TPM_QUOTE;
+
+ if (!pts->quote(pts, &quote_mode, &quote_info, &quote_sig))
{
DBG1(DBG_IMC, "error occurred during TPM quote operation");
return FALSE;
}
- /* Send Simple Evidence Final attribute */
- flags = use_quote2 ? PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 :
- PTS_SIMPLE_EVID_FINAL_QUOTE_INFO;
- comp_hash_algorithm = PTS_MEAS_ALGO_SHA1;
-
- attr = tcg_pts_attr_simple_evid_final_create(flags,
- comp_hash_algorithm, pcr_composite, quote_sig);
+ attr = tcg_pts_attr_simple_evid_final_create(quote_info, quote_sig);
msg->add_attribute(msg, attr);
break;
}
diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation_state.c b/src/libimcv/plugins/imc_attestation/imc_attestation_state.c
index 0b594cb10..b789a2104 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation_state.c
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation_state.c
@@ -64,7 +64,7 @@ struct private_imc_attestation_state_t {
/**
* Maximum PA-TNC message size for this TNCCS connection
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* PA-TNC attribute segmentation contracts associated with TNCCS connection
@@ -114,12 +114,12 @@ METHOD(imc_state_t, set_flags, void,
}
METHOD(imc_state_t, set_max_msg_len, void,
- private_imc_attestation_state_t *this, u_int32_t max_msg_len)
+ private_imc_attestation_state_t *this, uint32_t max_msg_len)
{
this->max_msg_len = max_msg_len;
}
-METHOD(imc_state_t, get_max_msg_len, u_int32_t,
+METHOD(imc_state_t, get_max_msg_len, uint32_t,
private_imc_attestation_state_t *this)
{
return this->max_msg_len;
@@ -175,7 +175,7 @@ METHOD(imc_attestation_state_t, get_pts, pts_t*,
METHOD(imc_attestation_state_t, create_component, pts_component_t*,
private_imc_attestation_state_t *this, pts_comp_func_name_t *name,
- u_int32_t depth)
+ uint32_t depth)
{
enumerator_t *enumerator;
pts_component_t *component;
diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation_state.h b/src/libimcv/plugins/imc_attestation/imc_attestation_state.h
index 854c8825b..aaf27547c 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation_state.h
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation_state.h
@@ -57,7 +57,7 @@ struct imc_attestation_state_t {
* @return created functional component instance or NULL
*/
pts_component_t* (*create_component)(imc_attestation_state_t *this,
- pts_comp_func_name_t *name, u_int32_t depth);
+ pts_comp_func_name_t *name, uint32_t depth);
/**
* Add an entry to the Component Evidence cache list
diff --git a/src/libimcv/plugins/imc_hcd/Makefile.in b/src/libimcv/plugins/imc_hcd/Makefile.in
index 0d603c9e7..44aaf878b 100644
--- a/src/libimcv/plugins/imc_hcd/Makefile.in
+++ b/src/libimcv/plugins/imc_hcd/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imc_hcd
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -198,12 +207,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -253,6 +264,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -287,6 +299,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -398,6 +411,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_hcd/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imc_hcd/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -759,6 +772,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imc_hcd/imc_hcd_state.c b/src/libimcv/plugins/imc_hcd/imc_hcd_state.c
index ce93d7ef7..60ccdce81 100644
--- a/src/libimcv/plugins/imc_hcd/imc_hcd_state.c
+++ b/src/libimcv/plugins/imc_hcd/imc_hcd_state.c
@@ -59,7 +59,7 @@ struct private_imc_hcd_state_t {
/**
* Maximum PA-TNC message size for this TNCCS connection
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* PA-TNC attribute segmentation contracts associated with TNCCS connection
@@ -93,12 +93,12 @@ METHOD(imc_state_t, set_flags, void,
}
METHOD(imc_state_t, set_max_msg_len, void,
- private_imc_hcd_state_t *this, u_int32_t max_msg_len)
+ private_imc_hcd_state_t *this, uint32_t max_msg_len)
{
this->max_msg_len = max_msg_len;
}
-METHOD(imc_state_t, get_max_msg_len, u_int32_t,
+METHOD(imc_state_t, get_max_msg_len, uint32_t,
private_imc_hcd_state_t *this)
{
return this->max_msg_len;
diff --git a/src/libimcv/plugins/imc_os/Makefile.in b/src/libimcv/plugins/imc_os/Makefile.in
index d1787da3c..93d532db2 100644
--- a/src/libimcv/plugins/imc_os/Makefile.in
+++ b/src/libimcv/plugins/imc_os/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imc_os
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -198,12 +207,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -253,6 +264,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -287,6 +299,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -398,6 +411,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_os/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imc_os/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -759,6 +772,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imc_os/imc_os.c b/src/libimcv/plugins/imc_os/imc_os.c
index af1862ad3..cabcd0a9e 100644
--- a/src/libimcv/plugins/imc_os/imc_os.c
+++ b/src/libimcv/plugins/imc_os/imc_os.c
@@ -162,7 +162,7 @@ static void add_product_info(imc_msg_t *msg)
static void add_numeric_version(imc_msg_t *msg)
{
pa_tnc_attr_t *attr;
- u_int32_t major, minor;
+ uint32_t major, minor;
os->get_numeric_version(os, &major, &minor);
DBG1(DBG_IMC, "operating system numeric version is %d.%d",
diff --git a/src/libimcv/plugins/imc_os/imc_os_state.c b/src/libimcv/plugins/imc_os/imc_os_state.c
index 139ab0597..a38696a81 100644
--- a/src/libimcv/plugins/imc_os/imc_os_state.c
+++ b/src/libimcv/plugins/imc_os/imc_os_state.c
@@ -59,7 +59,7 @@ struct private_imc_os_state_t {
/**
* Maximum PA-TNC message size for this TNCCS connection
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* PA-TNC attribute segmentation contracts associated with TNCCS connection
@@ -93,12 +93,12 @@ METHOD(imc_state_t, set_flags, void,
}
METHOD(imc_state_t, set_max_msg_len, void,
- private_imc_os_state_t *this, u_int32_t max_msg_len)
+ private_imc_os_state_t *this, uint32_t max_msg_len)
{
this->max_msg_len = max_msg_len;
}
-METHOD(imc_state_t, get_max_msg_len, u_int32_t,
+METHOD(imc_state_t, get_max_msg_len, uint32_t,
private_imc_os_state_t *this)
{
return this->max_msg_len;
diff --git a/src/libimcv/plugins/imc_scanner/Makefile.in b/src/libimcv/plugins/imc_scanner/Makefile.in
index 2f03a7c70..44d827945 100644
--- a/src/libimcv/plugins/imc_scanner/Makefile.in
+++ b/src/libimcv/plugins/imc_scanner/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imc_scanner
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -199,12 +208,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -254,6 +265,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -288,6 +300,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -399,6 +412,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_scanner/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imc_scanner/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -760,6 +773,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imc_scanner/imc_scanner.c b/src/libimcv/plugins/imc_scanner/imc_scanner.c
index c67636f8f..bf2479cf5 100644
--- a/src/libimcv/plugins/imc_scanner/imc_scanner.c
+++ b/src/libimcv/plugins/imc_scanner/imc_scanner.c
@@ -128,8 +128,8 @@ static bool do_netstat(ietf_attr_port_filter_t *attr)
while (fgets(buf, sizeof(buf), file))
{
u_char *pos;
- u_int8_t new_protocol, protocol;
- u_int16_t new_port, port;
+ uint8_t new_protocol, protocol;
+ uint16_t new_port, port;
int i;
enumerator_t *enumerator;
bool allowed, found = FALSE;
diff --git a/src/libimcv/plugins/imc_scanner/imc_scanner_state.c b/src/libimcv/plugins/imc_scanner/imc_scanner_state.c
index d357859fa..c1b7a50e4 100644
--- a/src/libimcv/plugins/imc_scanner/imc_scanner_state.c
+++ b/src/libimcv/plugins/imc_scanner/imc_scanner_state.c
@@ -59,7 +59,7 @@ struct private_imc_scanner_state_t {
/**
* Maximum PA-TNC message size for this TNCCS connection
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* PA-TNC attribute segmentation contracts associated with TNCCS connection
@@ -93,12 +93,12 @@ METHOD(imc_state_t, set_flags, void,
}
METHOD(imc_state_t, set_max_msg_len, void,
- private_imc_scanner_state_t *this, u_int32_t max_msg_len)
+ private_imc_scanner_state_t *this, uint32_t max_msg_len)
{
this->max_msg_len = max_msg_len;
}
-METHOD(imc_state_t, get_max_msg_len, u_int32_t,
+METHOD(imc_state_t, get_max_msg_len, uint32_t,
private_imc_scanner_state_t *this)
{
return this->max_msg_len;
diff --git a/src/libimcv/plugins/imc_swid/Makefile.in b/src/libimcv/plugins/imc_swid/Makefile.in
index 981f86401..5eec53129 100644
--- a/src/libimcv/plugins/imc_swid/Makefile.in
+++ b/src/libimcv/plugins/imc_swid/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imc_swid
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_swid/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imc_swid/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -818,6 +831,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES uninstall-ipsecDATA \
tags tags-am uninstall uninstall-am uninstall-imcvLTLIBRARIES \
uninstall-ipsecDATA uninstall-swidDATA
+.PRECIOUS: Makefile
+
$(swid_tag) : regid.2004-03.org.strongswan_strongSwan.swidtag.in
$(AM_V_GEN) \
diff --git a/src/libimcv/plugins/imc_swid/imc_swid_state.c b/src/libimcv/plugins/imc_swid/imc_swid_state.c
index 65c279b3f..8d5e8e089 100644
--- a/src/libimcv/plugins/imc_swid/imc_swid_state.c
+++ b/src/libimcv/plugins/imc_swid/imc_swid_state.c
@@ -59,7 +59,7 @@ struct private_imc_swid_state_t {
/**
* Maximum PA-TNC message size for this TNCCS connection
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* PA-TNC attribute segmentation contracts associated with TNCCS connection
@@ -69,7 +69,7 @@ struct private_imc_swid_state_t {
/**
* Event ID Epoch
*/
- u_int32_t eid_epoch;
+ uint32_t eid_epoch;
};
METHOD(imc_state_t, get_connection_id, TNC_ConnectionID,
@@ -98,12 +98,12 @@ METHOD(imc_state_t, set_flags, void,
}
METHOD(imc_state_t, set_max_msg_len, void,
- private_imc_swid_state_t *this, u_int32_t max_msg_len)
+ private_imc_swid_state_t *this, uint32_t max_msg_len)
{
this->max_msg_len = max_msg_len;
}
-METHOD(imc_state_t, get_max_msg_len, u_int32_t,
+METHOD(imc_state_t, get_max_msg_len, uint32_t,
private_imc_swid_state_t *this)
{
return this->max_msg_len;
@@ -146,7 +146,7 @@ METHOD(imc_state_t, destroy, void,
free(this);
}
-METHOD(imc_swid_state_t, get_eid_epoch, u_int32_t,
+METHOD(imc_swid_state_t, get_eid_epoch, uint32_t,
private_imc_swid_state_t *this)
{
return this->eid_epoch;
@@ -158,11 +158,11 @@ METHOD(imc_swid_state_t, get_eid_epoch, u_int32_t,
imc_state_t *imc_swid_state_create(TNC_ConnectionID connection_id)
{
private_imc_swid_state_t *this;
- u_int32_t eid_epoch;
+ uint32_t eid_epoch;
nonce_gen_t *ng;
ng = lib->crypto->create_nonce_gen(lib->crypto);
- if (!ng || !ng->get_nonce(ng, 4, (u_int8_t*)&eid_epoch))
+ if (!ng || !ng->get_nonce(ng, 4, (uint8_t*)&eid_epoch))
{
DBG1(DBG_TNC, "failed to generate random EID epoch value");
DESTROY_IF(ng);
diff --git a/src/libimcv/plugins/imc_swid/imc_swid_state.h b/src/libimcv/plugins/imc_swid/imc_swid_state.h
index cb3ac4589..c2719d21b 100644
--- a/src/libimcv/plugins/imc_swid/imc_swid_state.h
+++ b/src/libimcv/plugins/imc_swid/imc_swid_state.h
@@ -43,7 +43,7 @@ struct imc_swid_state_t {
*
* @return Event ID Epoch
*/
- u_int32_t (*get_eid_epoch)(imc_swid_state_t *this);
+ uint32_t (*get_eid_epoch)(imc_swid_state_t *this);
};
diff --git a/src/libimcv/plugins/imc_test/Makefile.in b/src/libimcv/plugins/imc_test/Makefile.in
index 7bf459044..508f7fe4b 100644
--- a/src/libimcv/plugins/imc_test/Makefile.in
+++ b/src/libimcv/plugins/imc_test/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imc_test
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -198,12 +207,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -253,6 +264,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -287,6 +299,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -398,6 +411,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imc_test/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imc_test/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -759,6 +772,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imc_test/imc_test_state.c b/src/libimcv/plugins/imc_test/imc_test_state.c
index d3f6805ad..047c82502 100644
--- a/src/libimcv/plugins/imc_test/imc_test_state.c
+++ b/src/libimcv/plugins/imc_test/imc_test_state.c
@@ -61,7 +61,7 @@ struct private_imc_test_state_t {
/**
* Maximum PA-TNC message size for this TNCCS connection
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* PA-TNC attribute segmentation contracts associated with TNCCS connection
@@ -124,12 +124,12 @@ METHOD(imc_state_t, set_flags, void,
}
METHOD(imc_state_t, set_max_msg_len, void,
- private_imc_test_state_t *this, u_int32_t max_msg_len)
+ private_imc_test_state_t *this, uint32_t max_msg_len)
{
this->max_msg_len = max_msg_len;
}
-METHOD(imc_state_t, get_max_msg_len, u_int32_t,
+METHOD(imc_state_t, get_max_msg_len, uint32_t,
private_imc_test_state_t *this)
{
return this->max_msg_len;
diff --git a/src/libimcv/plugins/imv_attestation/Makefile.am b/src/libimcv/plugins/imv_attestation/Makefile.am
index 6c5bf8913..f353d30fc 100644
--- a/src/libimcv/plugins/imv_attestation/Makefile.am
+++ b/src/libimcv/plugins/imv_attestation/Makefile.am
@@ -2,6 +2,7 @@ AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
-I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss \
-DPLUGINS=\""${attest_plugins}\""
AM_CFLAGS = \
@@ -11,6 +12,7 @@ imcv_LTLIBRARIES = imv-attestation.la
imv_attestation_la_LIBADD = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la
imv_attestation_la_SOURCES = imv_attestation.c \
@@ -27,6 +29,7 @@ attest_SOURCES = attest.c \
attest_db.h attest_db.c
attest_LDADD = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la
attest.o : $(top_builddir)/config.status
diff --git a/src/libimcv/plugins/imv_attestation/Makefile.in b/src/libimcv/plugins/imv_attestation/Makefile.in
index d3f790091..61b92e0e4 100644
--- a/src/libimcv/plugins/imv_attestation/Makefile.in
+++ b/src/libimcv/plugins/imv_attestation/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = attest$(EXEEXT)
subdir = src/libimcv/plugins/imv_attestation
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -131,6 +140,7 @@ am__installdirs = "$(DESTDIR)$(imcvdir)" "$(DESTDIR)$(ipsecdir)"
LTLIBRARIES = $(imcv_LTLIBRARIES)
imv_attestation_la_DEPENDENCIES = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la
am_imv_attestation_la_OBJECTS = imv_attestation.lo \
imv_attestation_state.lo imv_attestation_agent.lo \
@@ -149,6 +159,7 @@ am_attest_OBJECTS = attest.$(OBJEXT) attest_usage.$(OBJEXT) \
attest_db.$(OBJEXT)
attest_OBJECTS = $(am_attest_OBJECTS)
attest_DEPENDENCIES = $(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
@@ -210,12 +221,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -265,6 +278,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -299,6 +313,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -410,6 +425,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -442,6 +458,7 @@ AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
-I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss \
-DPLUGINS=\""${attest_plugins}\""
AM_CFLAGS = \
@@ -450,6 +467,7 @@ AM_CFLAGS = \
imcv_LTLIBRARIES = imv-attestation.la
imv_attestation_la_LIBADD = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la
imv_attestation_la_SOURCES = imv_attestation.c \
@@ -465,6 +483,7 @@ attest_SOURCES = attest.c \
attest_LDADD = \
$(top_builddir)/src/libimcv/libimcv.la \
+ $(top_builddir)/src/libtpmtss/libtpmtss.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la
EXTRA_DIST = build-database.sh
@@ -484,7 +503,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_attestation/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imv_attestation/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -847,6 +865,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES uninstall-ipsecPROGRAMS
tags tags-am uninstall uninstall-am uninstall-imcvLTLIBRARIES \
uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
attest.o : $(top_builddir)/config.status
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libimcv/plugins/imv_attestation/attest_db.c b/src/libimcv/plugins/imv_attestation/attest_db.c
index f1a1f923e..034418428 100644
--- a/src/libimcv/plugins/imv_attestation/attest_db.c
+++ b/src/libimcv/plugins/imv_attestation/attest_db.c
@@ -853,7 +853,7 @@ METHOD(attest_db_t, list_devices, void,
time_t timestamp;
int id, last_id = 0, ar_id = 0, last_ar_id = 0, device_count = 0, trusted;
int session_id, rec;
- u_int32_t ar_id_type;
+ uint32_t ar_id_type;
u_int tstamp;
e = this->db->query(this->db,
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
index 91c12f33b..89ba86930 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
@@ -217,7 +217,12 @@ static TNC_Result receive_msg(private_imv_attestation_agent_t *this,
DBG1(DBG_IMV, "received TCG-PTS error '%N'",
pts_error_code_names, error_code.type);
DBG1(DBG_IMV, "error information: %B", &msg_info);
- fatal_error = TRUE;
+
+ /* TPM 2.0 doesn't return TPM Version Information */
+ if (error_code.type != TCG_PTS_TPM_VERS_NOT_SUPPORTED)
+ {
+ fatal_error = TRUE;
+ }
}
break;
}
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
index c3e053d9b..b1ee16bf8 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
@@ -418,45 +418,31 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg,
case TCG_PTS_SIMPLE_EVID_FINAL:
{
tcg_pts_attr_simple_evid_final_t *attr_cast;
- uint8_t flags;
- pts_meas_algorithms_t comp_hash_algorithm;
- chunk_t pcr_comp, tpm_quote_sig, evid_sig;
- chunk_t pcr_composite, quote_info, result_buf;
+ tpm_tss_quote_info_t *quote_info;
+ chunk_t quoted = chunk_empty, quote_sig, evid_sig, result_buf;
imv_workitem_t *workitem;
imv_reason_string_t *reason_string;
+ hash_algorithm_t digest_alg;
enumerator_t *enumerator;
- bool use_quote2, use_ver_info;
bio_writer_t *result;
attr_cast = (tcg_pts_attr_simple_evid_final_t*)attr;
- flags = attr_cast->get_quote_info(attr_cast, &comp_hash_algorithm,
- &pcr_comp, &tpm_quote_sig);
+ attr_cast->get_quote_info(attr_cast, &quote_info, &quote_sig);
- if (flags != PTS_SIMPLE_EVID_FINAL_NO)
+ if (quote_info->get_quote_mode(quote_info) != TPM_QUOTE_NONE)
{
- use_quote2 = (flags == PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 ||
- flags == PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER);
- use_ver_info = (flags == PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER);
-
/* Construct PCR Composite and TPM Quote Info structures */
- if (!pts->get_quote_info(pts, use_quote2, use_ver_info,
- comp_hash_algorithm, &pcr_composite, &quote_info))
- {
- DBG1(DBG_IMV, "unable to construct TPM Quote Info");
- return FALSE;
- }
-
- if (!chunk_equals_const(pcr_comp, pcr_composite))
+ if (!pts->get_quote(pts, quote_info, &quoted))
{
- DBG1(DBG_IMV, "received PCR Composite does not match "
- "constructed one");
+ DBG1(DBG_IMV, "unable to construct TPM Quote Info digest");
attestation_state->set_measurement_error(attestation_state,
IMV_ATTESTATION_ERROR_TPM_QUOTE_FAIL);
goto quote_error;
}
- DBG2(DBG_IMV, "received PCR Composite matches constructed one");
+ digest_alg = quote_info->get_pcr_digest_alg(quote_info);
- if (!pts->verify_quote_signature(pts, quote_info, tpm_quote_sig))
+ if (!pts->verify_quote_signature(pts, digest_alg, quoted,
+ quote_sig))
{
attestation_state->set_measurement_error(attestation_state,
IMV_ATTESTATION_ERROR_TPM_QUOTE_FAIL);
@@ -465,8 +451,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg,
DBG2(DBG_IMV, "TPM Quote Info signature verification successful");
quote_error:
- free(pcr_composite.ptr);
- free(quote_info.ptr);
+ chunk_free(&quoted);
/**
* Finalize any pending measurement registrations and check
diff --git a/src/libimcv/plugins/imv_hcd/Makefile.am b/src/libimcv/plugins/imv_hcd/Makefile.am
index 28926d45e..0dce300ef 100644
--- a/src/libimcv/plugins/imv_hcd/Makefile.am
+++ b/src/libimcv/plugins/imv_hcd/Makefile.am
@@ -1,6 +1,7 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtpmtss \
-I$(top_srcdir)/src/libimcv
AM_CFLAGS = \
diff --git a/src/libimcv/plugins/imv_hcd/Makefile.in b/src/libimcv/plugins/imv_hcd/Makefile.in
index c179a94e4..4fdbbf49c 100644
--- a/src/libimcv/plugins/imv_hcd/Makefile.in
+++ b/src/libimcv/plugins/imv_hcd/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imv_hcd
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -198,12 +207,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -253,6 +264,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -287,6 +299,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -398,6 +411,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -429,6 +443,7 @@ xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtpmtss \
-I$(top_srcdir)/src/libimcv
AM_CFLAGS = \
@@ -459,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_hcd/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imv_hcd/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -763,6 +777,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imv_os/Makefile.am b/src/libimcv/plugins/imv_os/Makefile.am
index 3b3f793f1..f5bc9010c 100644
--- a/src/libimcv/plugins/imv_os/Makefile.am
+++ b/src/libimcv/plugins/imv_os/Makefile.am
@@ -1,7 +1,8 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
diff --git a/src/libimcv/plugins/imv_os/Makefile.in b/src/libimcv/plugins/imv_os/Makefile.in
index c6f925aa0..d2997a940 100644
--- a/src/libimcv/plugins/imv_os/Makefile.in
+++ b/src/libimcv/plugins/imv_os/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
@USE_WINDOWS_FALSE@ipsec_PROGRAMS = pacman$(EXEEXT)
subdir = src/libimcv/plugins/imv_os
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -206,12 +215,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -261,6 +272,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -295,6 +307,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -406,6 +419,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -437,7 +451,8 @@ xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
@@ -471,7 +486,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_os/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imv_os/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -831,6 +845,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES uninstall-ipsecPROGRAMS
tags tags-am uninstall uninstall-am uninstall-imcvLTLIBRARIES \
uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
@USE_WINDOWS_FALSE@pacman.o : $(top_builddir)/config.status
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libimcv/plugins/imv_scanner/Makefile.am b/src/libimcv/plugins/imv_scanner/Makefile.am
index 98814437e..3b3ee818f 100644
--- a/src/libimcv/plugins/imv_scanner/Makefile.am
+++ b/src/libimcv/plugins/imv_scanner/Makefile.am
@@ -1,7 +1,8 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
diff --git a/src/libimcv/plugins/imv_scanner/Makefile.in b/src/libimcv/plugins/imv_scanner/Makefile.in
index 0eee4d1e0..ffca30cd9 100644
--- a/src/libimcv/plugins/imv_scanner/Makefile.in
+++ b/src/libimcv/plugins/imv_scanner/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imv_scanner
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -431,7 +445,8 @@ xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv \
+ -I$(top_srcdir)/src/libtpmtss
AM_CFLAGS = \
$(PLUGIN_CFLAGS)
@@ -461,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_scanner/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imv_scanner/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -765,6 +779,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imv_scanner/imv_scanner_agent.c b/src/libimcv/plugins/imv_scanner/imv_scanner_agent.c
index acef11cad..8dce4986f 100644
--- a/src/libimcv/plugins/imv_scanner/imv_scanner_agent.c
+++ b/src/libimcv/plugins/imv_scanner/imv_scanner_agent.c
@@ -185,13 +185,13 @@ METHOD(imv_agent_if_t, receive_message_long, TNC_Result,
typedef struct port_range_t port_range_t;
struct port_range_t {
- u_int16_t start, stop;
+ uint16_t start, stop;
};
/**
* Parse a TCP or UDP port list from an argument string
*/
-static linked_list_t* get_port_list(u_int8_t protocol_family,
+static linked_list_t* get_port_list(uint8_t protocol_family,
bool closed_port_policy, char *arg_str)
{
chunk_t port_list, port_item, port_start;
@@ -336,8 +336,8 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
{
TNC_IMV_Evaluation_Result eval;
TNC_IMV_Action_Recommendation rec;
- u_int8_t protocol_family, protocol;
- u_int16_t port;
+ uint8_t protocol_family, protocol;
+ uint16_t port;
bool closed_port_policy, blocked, first;
char result_str[BUF_LEN], *pos, *protocol_str;
size_t len;
diff --git a/src/libimcv/plugins/imv_swid/Makefile.am b/src/libimcv/plugins/imv_swid/Makefile.am
index 3a63b67d2..73da84b55 100644
--- a/src/libimcv/plugins/imv_swid/Makefile.am
+++ b/src/libimcv/plugins/imv_swid/Makefile.am
@@ -1,6 +1,7 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtpmtss \
-I$(top_srcdir)/src/libimcv
AM_CFLAGS = \
diff --git a/src/libimcv/plugins/imv_swid/Makefile.in b/src/libimcv/plugins/imv_swid/Makefile.in
index ce246da57..aea48e7af 100644
--- a/src/libimcv/plugins/imv_swid/Makefile.in
+++ b/src/libimcv/plugins/imv_swid/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imv_swid
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -432,6 +446,7 @@ xml_LIBS = @xml_LIBS@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
-I$(top_srcdir)/src/libtncif \
+ -I$(top_srcdir)/src/libtpmtss \
-I$(top_srcdir)/src/libimcv
AM_CFLAGS = \
@@ -465,7 +480,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_swid/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imv_swid/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +784,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/plugins/imv_test/Makefile.in b/src/libimcv/plugins/imv_test/Makefile.in
index 19cef2073..30fa3c7a9 100644
--- a/src/libimcv/plugins/imv_test/Makefile.in
+++ b/src/libimcv/plugins/imv_test/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libimcv/plugins/imv_test
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -199,12 +208,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -254,6 +265,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -288,6 +300,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -399,6 +412,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libimcv/plugins/imv_test/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libimcv/plugins/imv_test/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -764,6 +777,8 @@ uninstall-am: uninstall-imcvLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-imcvLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libimcv/pts/components/ita/ita_comp_ima.h b/src/libimcv/pts/components/ita/ita_comp_ima.h
index 546d0a4b2..0577eccd9 100644
--- a/src/libimcv/pts/components/ita/ita_comp_ima.h
+++ b/src/libimcv/pts/components/ita/ita_comp_ima.h
@@ -29,7 +29,7 @@
* @param depth Sub-component depth
* @param pts_db PTS measurement database
*/
-pts_component_t* pts_ita_comp_ima_create(u_int32_t depth,
+pts_component_t* pts_ita_comp_ima_create(uint32_t depth,
pts_database_t *pts_db);
#endif /** PTS_ITA_COMP_IMA_H_ @}*/
diff --git a/src/libimcv/pts/components/ita/ita_comp_tboot.c b/src/libimcv/pts/components/ita/ita_comp_tboot.c
index 3d990f6f2..324c41f12 100644
--- a/src/libimcv/pts/components/ita/ita_comp_tboot.c
+++ b/src/libimcv/pts/components/ita/ita_comp_tboot.c
@@ -43,7 +43,7 @@ struct pts_ita_comp_tboot_t {
/**
* Sub-component depth
*/
- u_int32_t depth;
+ uint32_t depth;
/**
* PTS measurement database
@@ -93,20 +93,20 @@ METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
return this->name;
}
-METHOD(pts_component_t, get_evidence_flags, u_int8_t,
+METHOD(pts_component_t, get_evidence_flags, uint8_t,
pts_ita_comp_tboot_t *this)
{
return PTS_REQ_FUNC_COMP_EVID_PCR;
}
-METHOD(pts_component_t, get_depth, u_int32_t,
+METHOD(pts_component_t, get_depth, uint32_t,
pts_ita_comp_tboot_t *this)
{
return this->depth;
}
METHOD(pts_component_t, measure, status_t,
- pts_ita_comp_tboot_t *this, u_int8_t qualifier, pts_t *pts,
+ pts_ita_comp_tboot_t *this, uint8_t qualifier, pts_t *pts,
pts_comp_evidence_t **evidence)
{
@@ -117,7 +117,7 @@ METHOD(pts_component_t, measure, status_t,
pts_comp_evidence_t *evid;
char *meas_hex, *pcr_before_hex, *pcr_after_hex;
chunk_t measurement, pcr_before, pcr_after;
- u_int32_t extended_pcr;
+ uint32_t extended_pcr;
switch (this->seq_no++)
{
@@ -183,11 +183,11 @@ METHOD(pts_component_t, measure, status_t,
}
METHOD(pts_component_t, verify, status_t,
- pts_ita_comp_tboot_t *this, u_int8_t qualifier,pts_t *pts,
+ pts_ita_comp_tboot_t *this, uint8_t qualifier,pts_t *pts,
pts_comp_evidence_t *evidence)
{
bool has_pcr_info;
- u_int32_t extended_pcr, vid, name;
+ uint32_t extended_pcr, vid, name;
enum_name_t *names;
pts_meas_algorithms_t algo;
pts_pcr_transform_t transform;
@@ -264,7 +264,7 @@ METHOD(pts_component_t, verify, status_t,
}
METHOD(pts_component_t, finalize, bool,
- pts_ita_comp_tboot_t *this, u_int8_t qualifier, bio_writer_t *result)
+ pts_ita_comp_tboot_t *this, uint8_t qualifier, bio_writer_t *result)
{
char result_buf[BUF_LEN];
@@ -304,7 +304,7 @@ METHOD(pts_component_t, destroy, void,
pts_ita_comp_tboot_t *this)
{
int count;
- u_int32_t vid, name;
+ uint32_t vid, name;
enum_name_t *names;
if (ref_put(&this->ref))
@@ -328,7 +328,7 @@ METHOD(pts_component_t, destroy, void,
/**
* See header
*/
-pts_component_t *pts_ita_comp_tboot_create(u_int32_t depth,
+pts_component_t *pts_ita_comp_tboot_create(uint32_t depth,
pts_database_t *pts_db)
{
pts_ita_comp_tboot_t *this;
diff --git a/src/libimcv/pts/components/ita/ita_comp_tboot.h b/src/libimcv/pts/components/ita/ita_comp_tboot.h
index 1e1a14831..0459500cc 100644
--- a/src/libimcv/pts/components/ita/ita_comp_tboot.h
+++ b/src/libimcv/pts/components/ita/ita_comp_tboot.h
@@ -29,7 +29,7 @@
* @param depth Sub-component depth
* @param pts_db PTS measurement database
*/
-pts_component_t* pts_ita_comp_tboot_create(u_int32_t depth,
+pts_component_t* pts_ita_comp_tboot_create(uint32_t depth,
pts_database_t *pts_db);
#endif /** PTS_ITA_COMP_TBOOT_H_ @}*/
diff --git a/src/libimcv/pts/components/ita/ita_comp_tgrub.c b/src/libimcv/pts/components/ita/ita_comp_tgrub.c
index e9555726a..a5a1a9b96 100644
--- a/src/libimcv/pts/components/ita/ita_comp_tgrub.c
+++ b/src/libimcv/pts/components/ita/ita_comp_tgrub.c
@@ -42,7 +42,7 @@ struct pts_ita_comp_tgrub_t {
/**
* Sub-component depth
*/
- u_int32_t depth;
+ uint32_t depth;
/**
* PTS measurement database
@@ -62,27 +62,27 @@ METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
return this->name;
}
-METHOD(pts_component_t, get_evidence_flags, u_int8_t,
+METHOD(pts_component_t, get_evidence_flags, uint8_t,
pts_ita_comp_tgrub_t *this)
{
return PTS_REQ_FUNC_COMP_EVID_PCR;
}
-METHOD(pts_component_t, get_depth, u_int32_t,
+METHOD(pts_component_t, get_depth, uint32_t,
pts_ita_comp_tgrub_t *this)
{
return this->depth;
}
METHOD(pts_component_t, measure, status_t,
- pts_ita_comp_tgrub_t *this, u_int8_t qualifier, pts_t *pts,
+ pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
pts_comp_evidence_t **evidence)
{
size_t pcr_len;
pts_pcr_transform_t pcr_transform;
pts_meas_algorithms_t hash_algo;
pts_comp_evidence_t *evid;
- u_int32_t extended_pcr;
+ uint32_t extended_pcr;
time_t measurement_time;
chunk_t measurement, pcr_before, pcr_after;
@@ -90,7 +90,7 @@ METHOD(pts_component_t, measure, status_t,
extended_pcr = PCR_DEBUG;
time(&measurement_time);
- if (!pts->read_pcr(pts, extended_pcr, &pcr_after))
+ if (!pts->read_pcr(pts, extended_pcr, &pcr_after, HASH_SHA1))
{
DBG1(DBG_PTS, "error occurred while reading PCR: %d", extended_pcr);
return FAILED;
@@ -116,11 +116,11 @@ METHOD(pts_component_t, measure, status_t,
}
METHOD(pts_component_t, verify, status_t,
- pts_ita_comp_tgrub_t *this, u_int8_t qualifier, pts_t *pts,
+ pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
pts_comp_evidence_t *evidence)
{
bool has_pcr_info;
- u_int32_t extended_pcr;
+ uint32_t extended_pcr;
pts_meas_algorithms_t algo;
pts_pcr_transform_t transform;
pts_pcr_t *pcrs;
@@ -155,7 +155,7 @@ METHOD(pts_component_t, verify, status_t,
}
METHOD(pts_component_t, finalize, bool,
- pts_ita_comp_tgrub_t *this, u_int8_t qualifier, bio_writer_t *result)
+ pts_ita_comp_tgrub_t *this, uint8_t qualifier, bio_writer_t *result)
{
return FALSE;
}
@@ -180,7 +180,7 @@ METHOD(pts_component_t, destroy, void,
/**
* See header
*/
-pts_component_t *pts_ita_comp_tgrub_create(u_int32_t depth,
+pts_component_t *pts_ita_comp_tgrub_create(uint32_t depth,
pts_database_t *pts_db)
{
pts_ita_comp_tgrub_t *this;
diff --git a/src/libimcv/pts/components/ita/ita_comp_tgrub.h b/src/libimcv/pts/components/ita/ita_comp_tgrub.h
index 59913c82d..7c856ebb9 100644
--- a/src/libimcv/pts/components/ita/ita_comp_tgrub.h
+++ b/src/libimcv/pts/components/ita/ita_comp_tgrub.h
@@ -29,7 +29,7 @@
* @param depth Sub-component depth
* @param pts_db PTS measurement database
*/
-pts_component_t* pts_ita_comp_tgrub_create(u_int32_t depth,
+pts_component_t* pts_ita_comp_tgrub_create(uint32_t depth,
pts_database_t *pts_db);
#endif /** PTS_ITA_COMP_TGRUB_H_ @}*/
diff --git a/src/libimcv/pts/components/pts_comp_evidence.c b/src/libimcv/pts/components/pts_comp_evidence.c
index 08c3d5e9a..f039deb7a 100644
--- a/src/libimcv/pts/components/pts_comp_evidence.c
+++ b/src/libimcv/pts/components/pts_comp_evidence.c
@@ -37,7 +37,7 @@ struct private_pts_comp_evidence_t {
/**
* Sub-Component Depth
*/
- u_int32_t depth;
+ uint32_t depth;
/**
* Measurement Time
@@ -62,7 +62,7 @@ struct private_pts_comp_evidence_t {
/**
* PCR the measurement was extended into
*/
- u_int32_t extended_pcr;
+ uint32_t extended_pcr;
/**
* PCR value before extension
@@ -92,7 +92,7 @@ struct private_pts_comp_evidence_t {
};
METHOD(pts_comp_evidence_t, get_comp_func_name, pts_comp_func_name_t*,
- private_pts_comp_evidence_t *this, u_int32_t *depth)
+ private_pts_comp_evidence_t *this, uint32_t *depth)
{
if (depth)
{
@@ -101,14 +101,14 @@ METHOD(pts_comp_evidence_t, get_comp_func_name, pts_comp_func_name_t*,
return this->name;
}
-METHOD(pts_comp_evidence_t, get_extended_pcr, u_int32_t,
+METHOD(pts_comp_evidence_t, get_extended_pcr, uint32_t,
private_pts_comp_evidence_t *this)
{
return this->extended_pcr;
}
METHOD(pts_comp_evidence_t, get_measurement, chunk_t,
- private_pts_comp_evidence_t *this, u_int32_t *extended_pcr,
+ private_pts_comp_evidence_t *this, uint32_t *extended_pcr,
pts_meas_algorithms_t *algo, pts_pcr_transform_t *transform,
time_t *measurement_time)
{
@@ -193,8 +193,8 @@ METHOD(pts_comp_evidence_t, destroy, void,
* See header
*/
pts_comp_evidence_t *pts_comp_evidence_create(pts_comp_func_name_t *name,
- u_int32_t depth,
- u_int32_t extended_pcr,
+ uint32_t depth,
+ uint32_t extended_pcr,
pts_meas_algorithms_t algo,
pts_pcr_transform_t transform,
time_t measurement_time,
diff --git a/src/libimcv/pts/components/pts_comp_evidence.h b/src/libimcv/pts/components/pts_comp_evidence.h
index 55776ce8b..6178c2abd 100644
--- a/src/libimcv/pts/components/pts_comp_evidence.h
+++ b/src/libimcv/pts/components/pts_comp_evidence.h
@@ -70,14 +70,14 @@ struct pts_comp_evidence_t {
* @result Component Functional Name
*/
pts_comp_func_name_t* (*get_comp_func_name)(pts_comp_evidence_t *this,
- u_int32_t *depth);
+ uint32_t *depth);
/**
* Gets the PCR the measurement was extended into
*
* @result PCR the measurement was extended into
*/
- u_int32_t (*get_extended_pcr)(pts_comp_evidence_t *this);
+ uint32_t (*get_extended_pcr)(pts_comp_evidence_t *this);
/**
* Gets the measurement and the algorithms used
@@ -89,7 +89,7 @@ struct pts_comp_evidence_t {
* @result Measurement hash value
*/
chunk_t (*get_measurement)(pts_comp_evidence_t *this,
- u_int32_t *extended_pcr,
+ uint32_t *extended_pcr,
pts_meas_algorithms_t *algo,
pts_pcr_transform_t *transform,
time_t *measurement_time);
@@ -150,8 +150,8 @@ struct pts_comp_evidence_t {
* @param measurement Measurement hash value
*/
pts_comp_evidence_t* pts_comp_evidence_create(pts_comp_func_name_t *name,
- u_int32_t depth,
- u_int32_t extended_pcr,
+ uint32_t depth,
+ uint32_t extended_pcr,
pts_meas_algorithms_t algo,
pts_pcr_transform_t transform,
time_t measurement_time,
diff --git a/src/libimcv/pts/components/pts_comp_func_name.c b/src/libimcv/pts/components/pts_comp_func_name.c
index e12522ed1..00494e1ad 100644
--- a/src/libimcv/pts/components/pts_comp_func_name.c
+++ b/src/libimcv/pts/components/pts_comp_func_name.c
@@ -35,40 +35,40 @@ struct private_pts_comp_func_name_t {
/**
* PTS Component Functional Name Vendor ID
*/
- u_int32_t vid;
+ uint32_t vid;
/**
* PTS Component Functional Name
*/
- u_int32_t name;
+ uint32_t name;
/**
* PTS Component Functional Name Qualifier
*/
- u_int8_t qualifier;
+ uint8_t qualifier;
};
-METHOD(pts_comp_func_name_t, get_vendor_id, u_int32_t,
+METHOD(pts_comp_func_name_t, get_vendor_id, uint32_t,
private_pts_comp_func_name_t *this)
{
return this->vid;
}
-METHOD(pts_comp_func_name_t, get_name, u_int32_t,
+METHOD(pts_comp_func_name_t, get_name, uint32_t,
private_pts_comp_func_name_t *this)
{
return this->name;
}
-METHOD(pts_comp_func_name_t, get_qualifier, u_int8_t,
+METHOD(pts_comp_func_name_t, get_qualifier, uint8_t,
private_pts_comp_func_name_t *this)
{
return this->qualifier;
}
METHOD(pts_comp_func_name_t, set_qualifier, void,
- private_pts_comp_func_name_t *this, u_int8_t qualifier)
+ private_pts_comp_func_name_t *this, uint8_t qualifier)
{
this->qualifier = qualifier;
}
@@ -117,12 +117,12 @@ METHOD(pts_comp_func_name_t, log_, void,
if (names && types)
{
- DBG2(DBG_PTS, "%s%N functional component '%N' [%s] '%N'",
+ DBG3(DBG_PTS, "%s%N functional component '%N' [%s] '%N'",
label, pen_names, this->vid, names, this->name, flags, types, type);
}
else
{
- DBG2(DBG_PTS, "%s0x%06x functional component 0x%08x 0x%02x",
+ DBG3(DBG_PTS, "%s0x%06x functional component 0x%08x 0x%02x",
label, this->vid, this->name, this->qualifier);
}
}
@@ -136,8 +136,8 @@ METHOD(pts_comp_func_name_t, destroy, void,
/**
* See header
*/
-pts_comp_func_name_t* pts_comp_func_name_create(u_int32_t vid, u_int32_t name,
- u_int8_t qualifier)
+pts_comp_func_name_t* pts_comp_func_name_create(uint32_t vid, uint32_t name,
+ uint8_t qualifier)
{
private_pts_comp_func_name_t *this;
diff --git a/src/libimcv/pts/components/pts_comp_func_name.h b/src/libimcv/pts/components/pts_comp_func_name.h
index 90ad7083f..cb069c404 100644
--- a/src/libimcv/pts/components/pts_comp_func_name.h
+++ b/src/libimcv/pts/components/pts_comp_func_name.h
@@ -38,28 +38,28 @@ struct pts_comp_func_name_t {
*
* @return PTS Component Functional Name Vendor ID
*/
- u_int32_t (*get_vendor_id)(pts_comp_func_name_t *this);
+ uint32_t (*get_vendor_id)(pts_comp_func_name_t *this);
/**
* Get the PTS Component Functional Name
*
* @return PTS Component Functional Name
*/
- u_int32_t (*get_name)(pts_comp_func_name_t *this);
+ uint32_t (*get_name)(pts_comp_func_name_t *this);
/**
* Get the PTS Component Functional Name Qualifier
*
* @return PTS Component Functional Name Qualifier
*/
- u_int8_t (*get_qualifier)(pts_comp_func_name_t *this);
+ uint8_t (*get_qualifier)(pts_comp_func_name_t *this);
/**
* Set the PTS Component Functional Name Qualifier
*
* @param qualifier PTS Component Functional Name Qualifier to be set
*/
- void (*set_qualifier)(pts_comp_func_name_t *this, u_int8_t qualifier);
+ void (*set_qualifier)(pts_comp_func_name_t *this, uint8_t qualifier);
/**
* Check to PTS Component Functional Names for equality
@@ -97,7 +97,7 @@ struct pts_comp_func_name_t {
* @param name PTS Component Functional Name
* @param qualifier PTS Component Functional Name Qualifier
*/
-pts_comp_func_name_t* pts_comp_func_name_create(u_int32_t vid, u_int32_t name,
- u_int8_t qualifier);
+pts_comp_func_name_t* pts_comp_func_name_create(uint32_t vid, uint32_t name,
+ uint8_t qualifier);
#endif /** PTS_FUNC_COMP_NAME_H_ @}*/
diff --git a/src/libimcv/pts/components/pts_component.h b/src/libimcv/pts/components/pts_component.h
index 71b1ad59c..1ca4458bf 100644
--- a/src/libimcv/pts/components/pts_component.h
+++ b/src/libimcv/pts/components/pts_component.h
@@ -49,14 +49,14 @@ struct pts_component_t {
*
* @return PTS Component Functional Name
*/
- u_int8_t (*get_evidence_flags)(pts_component_t *this);
+ uint8_t (*get_evidence_flags)(pts_component_t *this);
/**
* Get the PTS Sub-component Depth
*
* @return PTS Sub-component Depth
*/
- u_int32_t (*get_depth)(pts_component_t *this);
+ uint32_t (*get_depth)(pts_component_t *this);
/**
* Do evidence measurements on the PTS Functional Component
@@ -67,7 +67,7 @@ struct pts_component_t {
* @param measurements additional file measurements (NULL if not present)
* @return status return code
*/
- status_t (*measure)(pts_component_t *this, u_int8_t qualifier, pts_t *pts,
+ status_t (*measure)(pts_component_t *this, uint8_t qualifier, pts_t *pts,
pts_comp_evidence_t** evidence);
/**
@@ -78,7 +78,7 @@ struct pts_component_t {
* @param evidence component evidence measurement to be verified
* @return status return code
*/
- status_t (*verify)(pts_component_t *this, u_int8_t qualifier, pts_t *pts,
+ status_t (*verify)(pts_component_t *this, uint8_t qualifier, pts_t *pts,
pts_comp_evidence_t *evidence);
/**
@@ -89,7 +89,7 @@ struct pts_component_t {
* @param result writer appending concise measurement result
* @return TRUE if finalization successful
*/
- bool (*finalize)(pts_component_t *this, u_int8_t qualifier,
+ bool (*finalize)(pts_component_t *this, uint8_t qualifier,
bio_writer_t *result);
/**
diff --git a/src/libimcv/pts/components/pts_component_manager.c b/src/libimcv/pts/components/pts_component_manager.c
index 9c1375b79..4f0004fe8 100644
--- a/src/libimcv/pts/components/pts_component_manager.c
+++ b/src/libimcv/pts/components/pts_component_manager.c
@@ -77,7 +77,7 @@ struct component_entry_t {
/**
* Vendor-Specific Component Functional Name
*/
- u_int32_t name;
+ uint32_t name;
/**
* Functional Component creation method
@@ -165,7 +165,7 @@ METHOD(pts_component_manager_t, get_qualifier_type_names, enum_name_t*,
}
METHOD(pts_component_manager_t, add_component, void,
- private_pts_component_manager_t *this, pen_t vendor_id, u_int32_t name,
+ private_pts_component_manager_t *this, pen_t vendor_id, uint32_t name,
pts_component_create_t create)
{
enumerator_t *enumerator;
@@ -210,13 +210,13 @@ METHOD(pts_component_manager_t, remove_vendor, void,
enumerator->destroy(enumerator);
}
-METHOD(pts_component_manager_t, get_qualifier, u_int8_t,
+METHOD(pts_component_manager_t, get_qualifier, uint8_t,
private_pts_component_manager_t *this, pts_comp_func_name_t *name,
char *flags)
{
enumerator_t *enumerator;
vendor_entry_t *entry;
- u_int8_t qualifier, size, flag, type = 0;
+ uint8_t qualifier, size, flag, type = 0;
int i;
enumerator = this->list->create_enumerator(this->list);
@@ -252,7 +252,7 @@ METHOD(pts_component_manager_t, get_qualifier, u_int8_t,
METHOD(pts_component_manager_t, create, pts_component_t*,
private_pts_component_manager_t *this,
- pts_comp_func_name_t *name, u_int32_t depth, pts_database_t *pts_db)
+ pts_comp_func_name_t *name, uint32_t depth, pts_database_t *pts_db)
{
enumerator_t *enumerator, *e2;
vendor_entry_t *entry;
diff --git a/src/libimcv/pts/components/pts_component_manager.h b/src/libimcv/pts/components/pts_component_manager.h
index 00f8765ca..bd1974b92 100644
--- a/src/libimcv/pts/components/pts_component_manager.h
+++ b/src/libimcv/pts/components/pts_component_manager.h
@@ -30,7 +30,7 @@ typedef struct pts_component_manager_t pts_component_manager_t;
#include <library.h>
#include <pen/pen.h>
-typedef pts_component_t* (*pts_component_create_t)(u_int32_t depth,
+typedef pts_component_t* (*pts_component_create_t)(uint32_t depth,
pts_database_t *pts_db);
/**
@@ -61,7 +61,7 @@ struct pts_component_manager_t {
* @param create Functional Component creation method
*/
void (*add_component)(pts_component_manager_t *this, pen_t vendor_id,
- u_int32_t name, pts_component_create_t create);
+ uint32_t name, pts_component_create_t create);
/**
* Remove vendor-specific components and associated namespace
@@ -95,7 +95,7 @@ struct pts_component_manager_t {
* @param flags Qualifier Flags as a string in a char buffer
* @return Qualifier Type
*/
- u_int8_t (*get_qualifier)(pts_component_manager_t *this,
+ uint8_t (*get_qualifier)(pts_component_manager_t *this,
pts_comp_func_name_t *name, char *flags);
/**
@@ -107,7 +107,7 @@ struct pts_component_manager_t {
* @return Component object if supported, NULL else
*/
pts_component_t* (*create)(pts_component_manager_t *this,
- pts_comp_func_name_t *name, u_int32_t depth,
+ pts_comp_func_name_t *name, uint32_t depth,
pts_database_t *pts_db);
/**
diff --git a/src/libimcv/pts/pts.c b/src/libimcv/pts/pts.c
index 1ca72098e..2ba949e40 100644
--- a/src/libimcv/pts/pts.c
+++ b/src/libimcv/pts/pts.c
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2011-2012 Sansar Choinyambuu
- * Copyright (C) 2012-2014 Andreas Steffen
+ * Copyright (C) 2012-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -21,21 +21,8 @@
#include <bio/bio_writer.h>
#include <bio/bio_reader.h>
-#ifdef TSS_TROUSERS
-#ifdef _BASETSD_H_
-/* MinGW defines _BASETSD_H_, but TSS checks for _BASETSD_H */
-# define _BASETSD_H
-#endif
-#include <trousers/tss.h>
-#include <trousers/trousers.h>
-#else
-#ifndef TPM_TAG_QUOTE_INFO2
-#define TPM_TAG_QUOTE_INFO2 0x0036
-#endif
-#ifndef TPM_LOC_ZERO
-#define TPM_LOC_ZERO 0x01
-#endif
-#endif
+#include <tpm_tss.h>
+#include <tpm_tss_trousers.h>
#include <sys/types.h>
#include <sys/stat.h>
@@ -43,6 +30,13 @@
#include <unistd.h>
#include <errno.h>
+#ifndef TPM_TAG_QUOTE_INFO2
+#define TPM_TAG_QUOTE_INFO2 0x0036
+#endif
+#ifndef TPM_LOC_ZERO
+#define TPM_LOC_ZERO 0x01
+#endif
+
typedef struct private_pts_t private_pts_t;
/**
@@ -102,9 +96,9 @@ struct private_pts_t {
bool is_imc;
/**
- * Do we have an activated TPM
+ * Active TPM
*/
- bool has_tpm;
+ tpm_tss_t *tpm;
/**
* Contains a TPM_CAP_VERSION_INFO struct
@@ -112,14 +106,14 @@ struct private_pts_t {
chunk_t tpm_version_info;
/**
- * Contains TSS Blob structure for AIK
+ * AIK object handle
*/
- chunk_t aik_blob;
+ uint32_t aik_handle;
/**
- * Contains a Attestation Identity Key or Certificate
+ * Contains an Attestation Identity Key Certificate
*/
- certificate_t *aik;
+ certificate_t *aik_cert;
/**
* Primary key referening AIK in database
@@ -191,7 +185,6 @@ METHOD(pts_t, set_dh_hash_algorithm, void,
}
}
-
METHOD(pts_t, create_dh_nonce, bool,
private_pts_t *this, pts_dh_group_t group, int nonce_len)
{
@@ -306,41 +299,6 @@ METHOD(pts_t, calculate_secret, bool,
return TRUE;
}
-#ifdef TSS_TROUSERS
-
-/**
- * Print TPM 1.2 Version Info
- */
-static void print_tpm_version_info(private_pts_t *this)
-{
- TPM_CAP_VERSION_INFO *info;
-
- info = (TPM_CAP_VERSION_INFO*)this->tpm_version_info.ptr;
-
- if (this->tpm_version_info.len >=
- sizeof(*info) - sizeof(info->vendorSpecific))
- {
- DBG2(DBG_PTS, "TPM Version Info: Chip Version: %u.%u.%u.%u, "
- "Spec Level: %u, Errata Rev: %u, Vendor ID: %.4s",
- info->version.major, info->version.minor,
- info->version.revMajor, info->version.revMinor,
- untoh16(&info->specLevel), info->errataRev, info->tpmVendorID);
- }
- else
- {
- DBG1(DBG_PTS, "could not parse tpm version info");
- }
-}
-
-#else
-
-static void print_tpm_version_info(private_pts_t *this)
-{
- DBG1(DBG_PTS, "unknown TPM version: no TSS implementation available");
-}
-
-#endif /* TSS_TROUSERS */
-
METHOD(pts_t, get_platform_id, int,
private_pts_t *this)
{
@@ -356,104 +314,135 @@ METHOD(pts_t, set_platform_id, void,
METHOD(pts_t, get_tpm_version_info, bool,
private_pts_t *this, chunk_t *info)
{
- if (!this->has_tpm)
- {
- return FALSE;
- }
- *info = this->tpm_version_info;
- print_tpm_version_info(this);
- return TRUE;
+ *info = this->tpm ? this->tpm->get_version_info(this->tpm) :
+ this->tpm_version_info;
+ return info->len > 0;
}
METHOD(pts_t, set_tpm_version_info, void,
private_pts_t *this, chunk_t info)
{
this->tpm_version_info = chunk_clone(info);
- print_tpm_version_info(this);
-}
-
-/**
- * Load an AIK Blob (TSS_TSPATTRIB_KEYBLOB_BLOB attribute)
- */
-static void load_aik_blob(private_pts_t *this)
-{
- char *path;
- chunk_t *map;
-
- path = lib->settings->get_str(lib->settings,
- "%s.plugins.imc-attestation.aik_blob", NULL, lib->ns);
- if (path)
- {
- map = chunk_map(path, FALSE);
- if (map)
- {
- DBG2(DBG_PTS, "loaded AIK Blob from '%s'", path);
- DBG3(DBG_PTS, "AIK Blob: %B", map);
- this->aik_blob = chunk_clone(*map);
- chunk_unmap(map);
- }
- else
- {
- DBG1(DBG_PTS, "unable to map AIK Blob file '%s': %s",
- path, strerror(errno));
- }
- }
- else
- {
- DBG1(DBG_PTS, "AIK Blob is not available");
- }
+ /* print_tpm_version_info(this); */
}
/**
- * Load an AIK certificate or public key
+ * Load an AIK handle and an optional AIK certificate and
+ * in the case of a TPM 1.2 an AIK private key blob plus matching public key,
* the certificate having precedence over the public key if both are present
*/
static void load_aik(private_pts_t *this)
{
- char *cert_path, *key_path;
+ char *handle_str, *cert_path, *key_path, *blob_path;
+ chunk_t aik_pubkey = chunk_empty;
+ handle_str = lib->settings->get_str(lib->settings,
+ "%s.plugins.imc-attestation.aik_handle", NULL, lib->ns);
cert_path = lib->settings->get_str(lib->settings,
"%s.plugins.imc-attestation.aik_cert", NULL, lib->ns);
key_path = lib->settings->get_str(lib->settings,
"%s.plugins.imc-attestation.aik_pubkey", NULL, lib->ns);
+ blob_path = lib->settings->get_str(lib->settings,
+ "%s.plugins.imc-attestation.aik_blob", NULL, lib->ns);
+ if (handle_str)
+ {
+ this->aik_handle = strtoll(handle_str, NULL, 16);
+ }
if (cert_path)
{
- this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+ this->aik_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE,
CERT_X509, BUILD_FROM_FILE,
cert_path, BUILD_END);
- if (this->aik)
+ if (this->aik_cert)
{
DBG2(DBG_PTS, "loaded AIK certificate from '%s'", cert_path);
- return;
}
}
- if (key_path)
+
+ if (this->tpm->get_version(this->tpm) == TPM_VERSION_1_2)
{
- this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
- CERT_TRUSTED_PUBKEY, BUILD_FROM_FILE,
- key_path, BUILD_END);
- if (this->aik)
+ tpm_tss_trousers_t *tpm_12;
+ chunk_t aik_blob = chunk_empty;
+ chunk_t *map;
+
+ /* get AIK private key blob */
+ if (blob_path)
{
- DBG2(DBG_PTS, "loaded AIK public key from '%s'", key_path);
- return;
+ map = chunk_map(blob_path, FALSE);
+ if (map)
+ {
+ DBG2(DBG_PTS, "loaded AIK Blob from '%s'", blob_path);
+ DBG3(DBG_PTS, "AIK Blob: %B", map);
+ aik_blob = chunk_clone(*map);
+ chunk_unmap(map);
+ }
+ else
+ {
+ DBG1(DBG_PTS, "unable to map AIK Blob file '%s': %s",
+ blob_path, strerror(errno));
+ }
}
+ else
+ {
+ DBG1(DBG_PTS, "AIK Blob is not available");
+ }
+
+ /* get AIK public key */
+ if (key_path)
+ {
+ map = chunk_map(key_path, FALSE);
+ if (map)
+ {
+ DBG2(DBG_PTS, "loaded AIK public key from '%s'", key_path);
+ aik_pubkey = chunk_clone(*map);
+ chunk_unmap(map);
+ }
+ else
+ {
+ DBG1(DBG_PTS, "unable to map AIK public key file '%s': %s",
+ key_path, strerror(errno));
+ }
+ }
+ else
+ {
+ DBG1(DBG_PTS, "AIK public key is not available");
+ }
+
+ /* Load AIK item into TPM 1.2 object */
+ tpm_12 = (tpm_tss_trousers_t *)this->tpm;
+ tpm_12->load_aik(tpm_12, aik_blob, aik_pubkey, this->aik_handle);
}
- DBG1(DBG_PTS, "neither AIK certificate nor public key is available");
+ /* if no signed X.509 AIK certificate is available use public key instead */
+ if (!this->aik_cert)
+ {
+ aik_pubkey = this->tpm->get_public(this->tpm, this->aik_handle);
+ if (aik_pubkey.len > 0)
+ {
+ this->aik_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+ CERT_TRUSTED_PUBKEY, BUILD_BLOB,
+ aik_pubkey, BUILD_END);
+ chunk_free(&aik_pubkey);
+ }
+ else
+ {
+ DBG1(DBG_PTS, "neither AIK certificate nor public key is available");
+ }
+ }
}
METHOD(pts_t, get_aik, certificate_t*,
private_pts_t *this)
{
- return this->aik;
+ return this->aik_cert;
}
METHOD(pts_t, set_aik, void,
private_pts_t *this, certificate_t *aik, int aik_id)
{
- DESTROY_IF(this->aik);
- this->aik = aik->get_ref(aik);
+ DESTROY_IF(this->aik_cert);
+ this->aik_cert = aik->get_ref(aik);
this->aik_id = aik_id;
}
@@ -611,312 +600,64 @@ METHOD(pts_t, get_metadata, pts_file_meta_t*,
return metadata;
}
-
-#ifdef TSS_TROUSERS
-
METHOD(pts_t, read_pcr, bool,
- private_pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value)
+ private_pts_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ hash_algorithm_t alg)
{
- TSS_HCONTEXT hContext;
- TSS_HTPM hTPM;
- TSS_RESULT result;
- BYTE *buf;
- UINT32 len;
-
- bool success = FALSE;
-
- result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS)
- {
- DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
- return FALSE;
- }
-
- result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_TPM_PcrRead(hTPM, pcr_num, &len, &buf);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- *pcr_value = chunk_clone(chunk_create(buf, len));
- DBG3(DBG_PTS, "PCR %d value:%B", pcr_num, pcr_value);
- success = TRUE;
-
-err:
- if (!success)
- {
- DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
- }
- Tspi_Context_FreeMemory(hContext, NULL);
- Tspi_Context_Close(hContext);
-
- return success;
+ return this->tpm ? this->tpm->read_pcr(this->tpm, pcr_num, pcr_value, alg)
+ : FALSE;
}
METHOD(pts_t, extend_pcr, bool,
- private_pts_t *this, u_int32_t pcr_num, chunk_t input, chunk_t *output)
+ private_pts_t *this, uint32_t pcr_num, chunk_t *pcr_value, chunk_t data,
+ hash_algorithm_t alg)
{
- TSS_HCONTEXT hContext;
- TSS_HTPM hTPM;
- TSS_RESULT result;
- u_int32_t pcr_length;
- chunk_t pcr_value = chunk_empty;
-
- result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS)
+ if (!this->tpm->extend_pcr(this->tpm, pcr_num, pcr_value, data, alg))
{
- DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x",
- result);
return FALSE;
}
- result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
-
- pcr_value = chunk_alloc(PTS_PCR_LEN);
- result = Tspi_TPM_PcrExtend(hTPM, pcr_num, PTS_PCR_LEN, input.ptr,
- NULL, &pcr_length, &pcr_value.ptr);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
-
- *output = pcr_value;
- *output = chunk_clone(*output);
-
- DBG3(DBG_PTS, "PCR %d extended with: %B", pcr_num, &input);
- DBG3(DBG_PTS, "PCR %d value after extend: %B", pcr_num, output);
-
- chunk_clear(&pcr_value);
- Tspi_Context_FreeMemory(hContext, NULL);
- Tspi_Context_Close(hContext);
+ DBG3(DBG_PTS, "PCR %d extended with: %#B", pcr_num, &data);
+ DBG3(DBG_PTS, "PCR %d after extension: %#B", pcr_num, pcr_value);
return TRUE;
-
-err:
- DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
-
- chunk_clear(&pcr_value);
- Tspi_Context_FreeMemory(hContext, NULL);
- Tspi_Context_Close(hContext);
-
- return FALSE;
}
-METHOD(pts_t, quote_tpm, bool,
- private_pts_t *this, bool use_quote2, chunk_t *pcr_comp, chunk_t *quote_sig)
+METHOD(pts_t, quote, bool,
+ private_pts_t *this, tpm_quote_mode_t *quote_mode,
+ tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig)
{
- TSS_HCONTEXT hContext;
- TSS_HTPM hTPM;
- TSS_HKEY hAIK;
- TSS_HKEY hSRK;
- TSS_HPOLICY srkUsagePolicy;
- TSS_UUID SRK_UUID = TSS_UUID_SRK;
- BYTE secret[] = TSS_WELL_KNOWN_SECRET;
- TSS_HPCRS hPcrComposite;
- TSS_VALIDATION valData;
- TSS_RESULT result;
- chunk_t quote_info;
- BYTE* versionInfo;
- u_int32_t versionInfoSize, pcr;
+ chunk_t pcr_value, pcr_computed;
+ uint32_t pcr, pcr_sel = 0;
enumerator_t *enumerator;
- bool success = FALSE;
-
- result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS)
- {
- DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x",
- result);
- return FALSE;
- }
- result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS)
- {
- goto err1;
- }
- result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS)
- {
- goto err1;
- }
-
- /* Retrieve SRK from TPM and set the authentication to well known secret*/
- result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
- SRK_UUID, &hSRK);
- if (result != TSS_SUCCESS)
- {
- goto err1;
- }
-
- result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
- if (result != TSS_SUCCESS)
- {
- goto err1;
- }
- result = Tspi_Policy_SetSecret(srkUsagePolicy, TSS_SECRET_MODE_SHA1,
- 20, secret);
- if (result != TSS_SUCCESS)
- {
- goto err1;
- }
- result = Tspi_Context_LoadKeyByBlob (hContext, hSRK, this->aik_blob.len,
- this->aik_blob.ptr, &hAIK);
- if (result != TSS_SUCCESS)
- {
- goto err1;
- }
-
- /* Create PCR composite object */
- result = use_quote2 ?
- Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS,
- TSS_PCRS_STRUCT_INFO_SHORT, &hPcrComposite) :
- Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS,
- TSS_PCRS_STRUCT_DEFAULT, &hPcrComposite);
- if (result != TSS_SUCCESS)
- {
- goto err2;
- }
-
- /* Select PCRs */
+ /* select PCRs */
+ DBG2(DBG_PTS, "PCR values hashed into PCR Composite:");
enumerator = this->pcrs->create_enumerator(this->pcrs);
while (enumerator->enumerate(enumerator, &pcr))
{
- result = use_quote2 ?
- Tspi_PcrComposite_SelectPcrIndexEx(hPcrComposite, pcr,
- TSS_PCRS_DIRECTION_RELEASE) :
- Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcr);
- if (result != TSS_SUCCESS)
+ if (this->tpm->read_pcr(this->tpm, pcr, &pcr_value, HASH_SHA1))
{
- break;
- }
- }
- enumerator->destroy(enumerator);
+ pcr_computed = this->pcrs->get(this->pcrs, pcr);
+ DBG2(DBG_PTS, "PCR %2d %#B %s", pcr, &pcr_value,
+ chunk_equals(pcr_value, pcr_computed) ? "ok" : "differs");
+ chunk_free(&pcr_value);
+ };
- if (result != TSS_SUCCESS)
- {
- goto err3;
+ /* add PCR to selection list */
+ pcr_sel |= (1 << pcr);
}
-
- /* Set the Validation Data */
- valData.ulExternalDataLength = this->secret.len;
- valData.rgbExternalData = (BYTE *)this->secret.ptr;
-
+ enumerator->destroy(enumerator);
/* TPM Quote */
- result = use_quote2 ?
- Tspi_TPM_Quote2(hTPM, hAIK, FALSE, hPcrComposite, &valData,
- &versionInfoSize, &versionInfo):
- Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &valData);
- if (result != TSS_SUCCESS)
- {
- goto err4;
- }
-
- /* Set output chunks */
- *pcr_comp = chunk_alloc(HASH_SIZE_SHA1);
-
- if (use_quote2)
- {
- /* TPM_Composite_Hash is last 20 bytes of TPM_Quote_Info2 structure */
- memcpy(pcr_comp->ptr, valData.rgbData + valData.ulDataLength - HASH_SIZE_SHA1,
- HASH_SIZE_SHA1);
- }
- else
- {
- /* TPM_Composite_Hash is 8-28th bytes of TPM_Quote_Info structure */
- memcpy(pcr_comp->ptr, valData.rgbData + 8, HASH_SIZE_SHA1);
- }
- DBG3(DBG_PTS, "Hash of PCR Composite: %#B", pcr_comp);
-
- quote_info = chunk_create(valData.rgbData, valData.ulDataLength);
- DBG3(DBG_PTS, "TPM Quote Info: %B",&quote_info);
-
- *quote_sig = chunk_clone(chunk_create(valData.rgbValidationData,
- valData.ulValidationDataLength));
- DBG3(DBG_PTS, "TPM Quote Signature: %B",quote_sig);
-
- success = TRUE;
-
- /* Cleanup */
-err4:
- Tspi_Context_FreeMemory(hContext, NULL);
-
-err3:
- Tspi_Context_CloseObject(hContext, hPcrComposite);
-
-err2:
- Tspi_Context_CloseObject(hContext, hAIK);
-
-err1:
- Tspi_Context_Close(hContext);
- if (!success)
- {
- DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
- }
- return success;
-}
-
-#else /* TSS_TROUSERS */
-
-METHOD(pts_t, read_pcr, bool,
- private_pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value)
-{
- return FALSE;
-}
-
-METHOD(pts_t, extend_pcr, bool,
- private_pts_t *this, u_int32_t pcr_num, chunk_t input, chunk_t *output)
-{
- return FALSE;
-}
-
-METHOD(pts_t, quote_tpm, bool,
- private_pts_t *this, bool use_quote2, chunk_t *pcr_comp, chunk_t *quote_sig)
-{
- return FALSE;
+ return this->tpm->quote(this->tpm, this->aik_handle, pcr_sel, HASH_SHA1,
+ this->secret, quote_mode, quote_info, quote_sig);
}
-#endif /* TSS_TROUSERS */
-
-/**
- * TPM_QUOTE_INFO structure:
- * 4 bytes of version
- * 4 bytes 'Q' 'U' 'O' 'T'
- * 20 byte SHA1 of TCPA_PCR_COMPOSITE
- * 20 byte nonce
- *
- * TPM_QUOTE_INFO2 structure:
- * 2 bytes Tag 0x0036 TPM_Tag_Quote_info2
- * 4 bytes 'Q' 'U' 'T' '2'
- * 20 bytes nonce
- * 26 bytes PCR_INFO_SHORT
- */
-
-METHOD(pts_t, get_quote_info, bool,
- private_pts_t *this, bool use_quote2, bool use_ver_info,
- pts_meas_algorithms_t comp_hash_algo,
- chunk_t *out_pcr_comp, chunk_t *out_quote_info)
+METHOD(pts_t, get_quote, bool,
+ private_pts_t *this, tpm_tss_quote_info_t *quote_info, chunk_t *quoted)
{
- chunk_t selection, pcr_comp, hash_pcr_comp;
- bio_writer_t *writer;
- hasher_t *hasher;
+ tpm_tss_pcr_composite_t *pcr_composite;
+ bool success;
if (!this->pcrs->get_count(this->pcrs))
{
@@ -930,128 +671,93 @@ METHOD(pts_t, get_quote_info, bool,
"unable to construct TPM Quote Info");
return FALSE;
}
- if (use_quote2 && use_ver_info && !this->tpm_version_info.ptr)
- {
- DBG1(DBG_PTS, "TPM Version Information unavailable, ",
- "unable to construct TPM Quote Info2");
- return FALSE;
- }
-
- pcr_comp = this->pcrs->get_composite(this->pcrs);
-
-
- /* Output the TPM_PCR_COMPOSITE expected from IMC */
- if (comp_hash_algo)
+ if (quote_info->get_quote_mode(quote_info) == TPM_QUOTE2_VERSION_INFO)
{
- hash_algorithm_t algo;
-
- algo = pts_meas_algo_to_hash(comp_hash_algo);
- hasher = lib->crypto->create_hasher(lib->crypto, algo);
-
- /* Hash the PCR Composite Structure */
- if (!hasher || !hasher->allocate_hash(hasher, pcr_comp, out_pcr_comp))
+ if (!this->tpm_version_info.ptr)
{
- DESTROY_IF(hasher);
- free(pcr_comp.ptr);
+ DBG1(DBG_PTS, "TPM Version Information unavailable, ",
+ "unable to construct TPM Quote Info2");
return FALSE;
}
- DBG3(DBG_PTS, "constructed PCR Composite hash: %#B", out_pcr_comp);
- hasher->destroy(hasher);
+ quote_info->set_version_info(quote_info, this->tpm_version_info);
}
- else
- {
- *out_pcr_comp = chunk_clone(pcr_comp);
- }
-
- /* SHA1 hash of PCR Composite to construct TPM_QUOTE_INFO */
- hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
- if (!hasher || !hasher->allocate_hash(hasher, pcr_comp, &hash_pcr_comp))
- {
- DESTROY_IF(hasher);
- chunk_free(out_pcr_comp);
- free(pcr_comp.ptr);
- return FALSE;
- }
- hasher->destroy(hasher);
-
- /* Construct TPM_QUOTE_INFO/TPM_QUOTE_INFO2 structure */
- writer = bio_writer_create(TPM_QUOTE_INFO_LEN);
-
- if (use_quote2)
- {
- /* TPM Structure Tag */
- writer->write_uint16(writer, TPM_TAG_QUOTE_INFO2);
-
- /* Magic QUT2 value */
- writer->write_data(writer, chunk_create("QUT2", 4));
-
- /* Secret assessment value 20 bytes (nonce) */
- writer->write_data(writer, this->secret);
-
- /* PCR selection */
- selection.ptr = pcr_comp.ptr;
- selection.len = 2 + this->pcrs->get_selection_size(this->pcrs);
- writer->write_data(writer, selection);
-
- /* TPM Locality Selection */
- writer->write_uint8(writer, TPM_LOC_ZERO);
-
- /* PCR Composite Hash */
- writer->write_data(writer, hash_pcr_comp);
-
- if (use_ver_info)
- {
- /* TPM version Info */
- writer->write_data(writer, this->tpm_version_info);
- }
- }
- else
- {
- /* Version number */
- writer->write_data(writer, chunk_from_chars(1, 1, 0, 0));
-
- /* Magic QUOT value */
- writer->write_data(writer, chunk_create("QUOT", 4));
-
- /* PCR Composite Hash */
- writer->write_data(writer, hash_pcr_comp);
-
- /* Secret assessment value 20 bytes (nonce) */
- writer->write_data(writer, this->secret);
- }
-
- /* TPM Quote Info */
- *out_quote_info = writer->extract_buf(writer);
- DBG3(DBG_PTS, "constructed TPM Quote Info: %B", out_quote_info);
+ pcr_composite = this->pcrs->get_composite(this->pcrs);
- writer->destroy(writer);
- free(pcr_comp.ptr);
- free(hash_pcr_comp.ptr);
+ success = quote_info->get_quote(quote_info, this->secret,
+ pcr_composite, quoted);
+ chunk_free(&pcr_composite->pcr_select);
+ chunk_free(&pcr_composite->pcr_composite);
+ free(pcr_composite);
- return TRUE;
+ return success;
}
METHOD(pts_t, verify_quote_signature, bool,
- private_pts_t *this, chunk_t data, chunk_t signature)
+ private_pts_t *this, hash_algorithm_t digest_alg, chunk_t digest,
+ chunk_t signature)
{
- public_key_t *aik_pub_key;
+ public_key_t *aik_pubkey;
+ signature_scheme_t scheme;
- aik_pub_key = this->aik->get_public_key(this->aik);
- if (!aik_pub_key)
+ aik_pubkey = this->aik_cert->get_public_key(this->aik_cert);
+ if (!aik_pubkey)
{
DBG1(DBG_PTS, "failed to get public key from AIK certificate");
return FALSE;
}
- if (!aik_pub_key->verify(aik_pub_key, SIGN_RSA_EMSA_PKCS1_SHA1,
- data, signature))
+ /* Determine signing scheme */
+ switch (aik_pubkey->get_type(aik_pubkey))
+ {
+ case KEY_RSA:
+ switch (digest_alg)
+ {
+ case HASH_SHA1:
+ scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
+ break;
+ case HASH_SHA256:
+ scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
+ break;
+ case HASH_SHA384:
+ scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
+ break;
+ case HASH_SHA512:
+ scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
+ break;
+ default:
+ scheme = SIGN_UNKNOWN;
+ }
+ break;
+ case KEY_ECDSA:
+ switch (digest_alg)
+ {
+ case HASH_SHA256:
+ scheme = SIGN_ECDSA_256;
+ break;
+ case HASH_SHA384:
+ scheme = SIGN_ECDSA_384;
+ break;
+ case HASH_SHA512:
+ scheme = SIGN_ECDSA_521;
+ break;
+ default:
+ scheme = SIGN_UNKNOWN;
+ }
+ break;
+ default:
+ DBG1(DBG_PTS, "%N AIK key type not supported", key_type_names,
+ aik_pubkey->get_type(aik_pubkey));
+ return FALSE;
+ }
+
+ if (!aik_pubkey->verify(aik_pubkey, scheme, digest, signature))
{
DBG1(DBG_PTS, "signature verification failed for TPM Quote Info");
- DESTROY_IF(aik_pub_key);
+ DESTROY_IF(aik_pubkey);
return FALSE;
}
- aik_pub_key->destroy(aik_pub_key);
+ aik_pubkey->destroy(aik_pubkey);
return TRUE;
}
@@ -1064,78 +770,17 @@ METHOD(pts_t, get_pcrs, pts_pcr_t*,
METHOD(pts_t, destroy, void,
private_pts_t *this)
{
+ DESTROY_IF(this->tpm);
DESTROY_IF(this->pcrs);
- DESTROY_IF(this->aik);
+ DESTROY_IF(this->aik_cert);
DESTROY_IF(this->dh);
free(this->initiator_nonce.ptr);
free(this->responder_nonce.ptr);
free(this->secret.ptr);
- free(this->aik_blob.ptr);
free(this->tpm_version_info.ptr);
free(this);
}
-
-#ifdef TSS_TROUSERS
-
-/**
- * Check for a TPM by querying for TPM Version Info
- */
-static bool has_tpm(private_pts_t *this)
-{
- TSS_HCONTEXT hContext;
- TSS_HTPM hTPM;
- TSS_RESULT result;
- u_int32_t version_info_len;
-
- result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS)
- {
- DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x",
- result);
- return FALSE;
- }
- result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_VERSION_VAL, 0, NULL,
- &version_info_len,
- &this->tpm_version_info.ptr);
- this->tpm_version_info.len = version_info_len;
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- this->tpm_version_info = chunk_clone(this->tpm_version_info);
-
- Tspi_Context_FreeMemory(hContext, NULL);
- Tspi_Context_Close(hContext);
- return TRUE;
-
- err:
- DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
- Tspi_Context_FreeMemory(hContext, NULL);
- Tspi_Context_Close(hContext);
- return FALSE;
-}
-
-#else /* TSS_TROUSERS */
-
-static bool has_tpm(private_pts_t *this)
-{
- return FALSE;
-}
-
-#endif /* TSS_TROUSERS */
-
-
/**
* See header
*/
@@ -1174,9 +819,9 @@ pts_t *pts_create(bool is_imc)
.get_metadata = _get_metadata,
.read_pcr = _read_pcr,
.extend_pcr = _extend_pcr,
- .quote_tpm = _quote_tpm,
+ .quote = _quote,
.get_pcrs = _get_pcrs,
- .get_quote_info = _get_quote_info,
+ .get_quote = _get_quote,
.verify_quote_signature = _verify_quote_signature,
.destroy = _destroy,
},
@@ -1189,12 +834,11 @@ pts_t *pts_create(bool is_imc)
if (is_imc)
{
- if (has_tpm(this))
+ this->tpm = tpm_tss_probe(TPM_VERSION_ANY);
+ if (this->tpm)
{
- this->has_tpm = TRUE;
this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_D;
load_aik(this);
- load_aik_blob(this);
}
}
else
diff --git a/src/libimcv/pts/pts.h b/src/libimcv/pts/pts.h
index d525306dd..f3da659dc 100644
--- a/src/libimcv/pts/pts.h
+++ b/src/libimcv/pts/pts.h
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2011 Sansar Choinyambuu
- * Copyright (C) 2012-2014 Andreas Steffen
+ * Copyright (C) 2012-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -32,9 +32,10 @@ typedef struct pts_t pts_t;
#include "pts_dh_group.h"
#include "pts_pcr.h"
#include "pts_req_func_comp_evid.h"
-#include "pts_simple_evid_final.h"
#include "components/pts_comp_func_name.h"
+#include <tpm_tss_quote_info.h>
+
#include <library.h>
#include <collections/linked_list.h>
@@ -71,11 +72,6 @@ typedef struct pts_t pts_t;
#define ASSESSMENT_SECRET_LEN 20
/**
- * Length of the TPM_QUOTE_INFO structure, TPM Spec 1.2
- */
-#define TPM_QUOTE_INFO_LEN 48
-
-/**
* Hashing algorithm used by tboot and trustedGRUB
*/
#define TRUSTED_HASH_ALGO PTS_MEAS_ALGO_SHA1
@@ -236,39 +232,39 @@ struct pts_t {
pts_file_meta_t* (*get_metadata)(pts_t *this, char *pathname, bool is_dir);
/**
- * Reads given PCR value and returns it
- * Expects owner secret to be WELL_KNOWN_SECRET
+ * Retrieve the current value of a PCR register in a given PCR bank
*
- * @param pcr_num Number of PCR to read
- * @param pcr_value Chunk to save pcr read output
- * @return NULL in case of TSS error, PCR value otherwise
+ * @param pcr_num PCR number
+ * @param pcr_value PCR value returned
+ * @param alg hash algorithm, selects PCR bank (TPM 2.0 only)
+ * @return TRUE if PCR value retrieval succeeded
*/
- bool (*read_pcr)(pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value);
+ bool (*read_pcr)(pts_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ hash_algorithm_t alg);
/**
- * Extends given PCR with given value
- * Expects owner secret to be WELL_KNOWN_SECRET
+ * Extend a PCR register in a given PCR bank with a hash value
*
- * @param pcr_num Number of PCR to extend
- * @param input Value to extend
- * @param output Chunk to save PCR value after extension
- * @return FALSE in case of TSS error, TRUE otherwise
+ * @param pcr_num PCR number
+ * @param pcr_value extended PCR value returned
+ * @param hash data to be extended into the PCR
+ * @param alg hash algorithm, selects PCR bank (TPM 2.0 only)
+ * @return TRUE if PCR extension succeeded
*/
- bool (*extend_pcr)(pts_t *this, u_int32_t pcr_num, chunk_t input,
- chunk_t *output);
+ bool (*extend_pcr)(pts_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ chunk_t data, hash_algorithm_t alg);
/**
* Quote over PCR's
* Expects owner and SRK secret to be WELL_KNOWN_SECRET and no password set for AIK
*
- * @param use_quote2 Version of the Quote function to be used
- * @param pcr_comp Chunk to save PCR composite structure
- * @param quote_sig Chunk to save quote operation output
- * without external data (anti-replay protection)
- * @return FALSE in case of TSS error, TRUE otherwise
+ * @param quote_mode type of Quote signature
+ * @param quote_info returns various info covered by Quote signature
+ * @param quote_sig returns Quote signature
+ * @return FALSE in case of Quote error, TRUE otherwise
*/
- bool (*quote_tpm)(pts_t *this, bool use_quote2, chunk_t *pcr_comp,
- chunk_t *quote_sig);
+ bool (*quote)(pts_t *this, tpm_quote_mode_t *quote_mode,
+ tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig);
/**
* Get the shadow PCR set
@@ -277,28 +273,26 @@ struct pts_t {
*/
pts_pcr_t* (*get_pcrs)(pts_t *this);
- /**
- * Constructs and returns TPM Quote Info structure expected from IMC
+ /**
+ * Computes digest of the constructed TPM Quote Info structure
*
- * @param use_quote2 Version of the TPM_QUOTE_INFO to be constructed
- * @param use_ver_info Version info is concatenated to TPM_QUOTE_INFO2
- * @param comp_hash_algo Composite Hash Algorithm
- * @param pcr_comp Output variable to store PCR Composite
- * @param quote_info Output variable to store TPM Quote Info
+ * @param quote_info TPM Quote Info as received from IMC
+ * @param quoted Encoding of TPM Quote Info
* @return FALSE in case of any error, TRUE otherwise
*/
- bool (*get_quote_info)(pts_t *this, bool use_quote2, bool ver_info_included,
- pts_meas_algorithms_t comp_hash_algo,
- chunk_t *pcr_comp, chunk_t *quote_info);
+ bool (*get_quote)(pts_t *this, tpm_tss_quote_info_t *quote_info,
+ chunk_t *quoted);
/**
* Constructs and returns PCR Quote Digest structure expected from IMC
*
- * @param data Calculated TPM Quote Digest
+ * @param digest_alg Hash algorithm used for TPM Quote Digest
+ * @param digest Calculated TPM Quote Digest
* @param signature TPM Quote Signature received from IMC
* @return FALSE if signature is not verified
*/
- bool (*verify_quote_signature)(pts_t *this, chunk_t data, chunk_t signature);
+ bool (*verify_quote_signature)(pts_t *this, hash_algorithm_t digest_alg,
+ chunk_t digest, chunk_t signature);
/**
* Destroys a pts_t object.
diff --git a/src/libimcv/pts/pts_file_meas.c b/src/libimcv/pts/pts_file_meas.c
index 966d54ba2..6cfb86cb3 100644
--- a/src/libimcv/pts/pts_file_meas.c
+++ b/src/libimcv/pts/pts_file_meas.c
@@ -39,7 +39,7 @@ struct private_pts_file_meas_t {
/**
* ID of PTS File Measurement Request
*/
- u_int16_t request_id;
+ uint16_t request_id;
/**
* List of File Measurements
@@ -70,7 +70,7 @@ static void free_entry(entry_t *entry)
}
}
-METHOD(pts_file_meas_t, get_request_id, u_int16_t,
+METHOD(pts_file_meas_t, get_request_id, uint16_t,
private_pts_file_meas_t *this)
{
return this->request_id;
@@ -266,7 +266,7 @@ METHOD(pts_file_meas_t, destroy, void,
/**
* See header
*/
-pts_file_meas_t *pts_file_meas_create(u_int16_t request_id)
+pts_file_meas_t *pts_file_meas_create(uint16_t request_id)
{
private_pts_file_meas_t *this;
@@ -334,7 +334,7 @@ static bool hash_file(hasher_t *hasher, char *pathname, u_char *hash)
/**
* See header
*/
-pts_file_meas_t *pts_file_meas_create_from_path(u_int16_t request_id,
+pts_file_meas_t *pts_file_meas_create_from_path(uint16_t request_id,
char *pathname, bool is_dir, bool use_rel_name,
pts_meas_algorithms_t alg)
{
diff --git a/src/libimcv/pts/pts_file_meas.h b/src/libimcv/pts/pts_file_meas.h
index 4bf28e280..514006925 100644
--- a/src/libimcv/pts/pts_file_meas.h
+++ b/src/libimcv/pts/pts_file_meas.h
@@ -38,7 +38,7 @@ struct pts_file_meas_t {
*
* @return ID of PTS File Measurement Request
*/
- u_int16_t (*get_request_id)(pts_file_meas_t *this);
+ uint16_t (*get_request_id)(pts_file_meas_t *this);
/**
* Get the number of measured files
@@ -94,7 +94,7 @@ struct pts_file_meas_t {
*
* @param request_id ID of PTS File Measurement Request
*/
-pts_file_meas_t* pts_file_meas_create(u_int16_t request_id);
+pts_file_meas_t* pts_file_meas_create(uint16_t request_id);
/**
* Creates a pts_file_meas_t object measuring a file/directory
@@ -105,7 +105,7 @@ pts_file_meas_t* pts_file_meas_create(u_int16_t request_id);
* @param use_rel_name TRUE if relative filenames are to be used
* @param alg PTS hash measurement algorithm to be used
*/
-pts_file_meas_t* pts_file_meas_create_from_path(u_int16_t request_id,
+pts_file_meas_t* pts_file_meas_create_from_path(uint16_t request_id,
char* pathname, bool is_dir, bool use_rel_name,
pts_meas_algorithms_t alg);
diff --git a/src/libimcv/pts/pts_file_meta.h b/src/libimcv/pts/pts_file_meta.h
index 3f1813306..b02b142db 100644
--- a/src/libimcv/pts/pts_file_meta.h
+++ b/src/libimcv/pts/pts_file_meta.h
@@ -34,12 +34,12 @@ typedef struct pts_file_metadata_t pts_file_metadata_t;
*/
struct pts_file_metadata_t {
pts_file_type_t type;
- u_int64_t filesize;
- u_int64_t created;
- u_int64_t modified;
- u_int64_t accessed;
- u_int64_t owner;
- u_int64_t group;
+ uint64_t filesize;
+ uint64_t created;
+ uint64_t modified;
+ uint64_t accessed;
+ uint64_t owner;
+ uint64_t group;
char *filename;
};
diff --git a/src/libimcv/pts/pts_ima_bios_list.c b/src/libimcv/pts/pts_ima_bios_list.c
index 5051b6c2d..7caa514a5 100644
--- a/src/libimcv/pts/pts_ima_bios_list.c
+++ b/src/libimcv/pts/pts_ima_bios_list.c
@@ -61,6 +61,8 @@ enum event_type_t {
EV_EFI_PLATFORM_FIRMWARE_BLOB = 0x80000008,
EV_EFI_HANDOFF_TABLES = 0x80000009,
+ EV_EFI_HCRTM_EVENT = 0x80000010,
+
EV_EFI_VARIABLE_AUTHORITY = 0x800000E0
};
@@ -85,7 +87,6 @@ ENUM_BEGIN(event_type_names, EV_PREBOOT_CERT, EV_OMIT_BOOT_DEVICE_EVENTS,
"Nonhost Info",
"Omit Boot Device Events"
);
-
ENUM_NEXT(event_type_names, EV_EFI_EVENT_BASE, EV_EFI_HANDOFF_TABLES,
EV_OMIT_BOOT_DEVICE_EVENTS,
"EFI Event Base",
@@ -99,8 +100,12 @@ ENUM_NEXT(event_type_names, EV_EFI_EVENT_BASE, EV_EFI_HANDOFF_TABLES,
"EFI Platform Firmware Blob",
"EFI Handoff Tables"
);
-ENUM_NEXT(event_type_names, EV_EFI_VARIABLE_AUTHORITY, EV_EFI_VARIABLE_AUTHORITY,
+ENUM_NEXT(event_type_names, EV_EFI_HCRTM_EVENT, EV_EFI_HCRTM_EVENT,
EV_EFI_HANDOFF_TABLES,
+ "EFI HCRTM Event"
+);
+ENUM_NEXT(event_type_names, EV_EFI_VARIABLE_AUTHORITY, EV_EFI_VARIABLE_AUTHORITY,
+ EV_EFI_HCRTM_EVENT,
"EFI Variable Authority"
);
ENUM_END(event_type_names, EV_EFI_VARIABLE_AUTHORITY);
diff --git a/src/libimcv/pts/pts_meas_algo.c b/src/libimcv/pts/pts_meas_algo.c
index c06371123..246c37714 100644
--- a/src/libimcv/pts/pts_meas_algo.c
+++ b/src/libimcv/pts/pts_meas_algo.c
@@ -158,6 +158,24 @@ hash_algorithm_t pts_meas_algo_to_hash(pts_meas_algorithms_t algorithm)
/**
* Described in header.
*/
+pts_meas_algorithms_t pts_meas_algo_from_hash(hash_algorithm_t algorithm)
+{
+ switch (algorithm)
+ {
+ case HASH_SHA1:
+ return PTS_MEAS_ALGO_SHA1;
+ case HASH_SHA256:
+ return PTS_MEAS_ALGO_SHA256;
+ case HASH_SHA384:
+ return PTS_MEAS_ALGO_SHA384;
+ default:
+ return PTS_MEAS_ALGO_NONE;
+ }
+}
+
+/**
+ * Described in header.
+ */
size_t pts_meas_algo_hash_size(pts_meas_algorithms_t algorithm)
{
switch (algorithm)
diff --git a/src/libimcv/pts/pts_meas_algo.h b/src/libimcv/pts/pts_meas_algo.h
index eec7e7981..d70310679 100644
--- a/src/libimcv/pts/pts_meas_algo.h
+++ b/src/libimcv/pts/pts_meas_algo.h
@@ -96,6 +96,14 @@ pts_meas_algorithms_t pts_meas_algo_select(pts_meas_algorithms_t supported_algos
hash_algorithm_t pts_meas_algo_to_hash(pts_meas_algorithms_t algorithm);
/**
+ * Convert hash_algorithm_t to pts_meas_algorithms_t
+ *
+ * @param algorithm PTS measurement algorithm type
+ * @return libstrongswan hash algorithm type
+ */
+pts_meas_algorithms_t pts_meas_algo_from_hash(hash_algorithm_t algorithm);
+
+/**
* Return the hash size of a pts_meas_algorithm
*
* @param algorithm PTS measurement algorithm type
diff --git a/src/libimcv/pts/pts_pcr.c b/src/libimcv/pts/pts_pcr.c
index 0af93b608..d514532c5 100644
--- a/src/libimcv/pts/pts_pcr.c
+++ b/src/libimcv/pts/pts_pcr.c
@@ -40,17 +40,17 @@ struct private_pts_pcr_t {
/**
* Number of extended PCR registers
*/
- u_int32_t pcr_count;
+ uint32_t pcr_count;
/**
* Highest extended PCR register
*/
- u_int32_t pcr_max;
+ uint32_t pcr_max;
/**
* Bitmap of extended PCR registers
*/
- u_int8_t pcr_select[PTS_PCR_MAX_NUM / 8];
+ uint8_t pcr_select[PTS_PCR_MAX_NUM / 8];
/**
* Hasher used to extend shadow PCRs
@@ -59,16 +59,16 @@ struct private_pts_pcr_t {
};
-METHOD(pts_pcr_t, get_count, u_int32_t,
+METHOD(pts_pcr_t, get_count, uint32_t,
private_pts_pcr_t *this)
{
return this->pcr_count;
}
METHOD(pts_pcr_t, select_pcr, bool,
- private_pts_pcr_t *this, u_int32_t pcr)
+ private_pts_pcr_t *this, uint32_t pcr)
{
- u_int32_t i, f;
+ uint32_t i, f;
if (pcr >= PTS_PCR_MAX_NUM)
{
@@ -106,7 +106,7 @@ typedef struct {
/** implements enumerator_t */
enumerator_t public;
/** current PCR */
- u_int32_t pcr;
+ uint32_t pcr;
/** back reference to parent */
private_pts_pcr_t *pcrs;
} pcr_enumerator_t;
@@ -116,11 +116,11 @@ typedef struct {
*/
static bool pcr_enumerator_enumerate(pcr_enumerator_t *this, ...)
{
- u_int32_t *pcr, i, f;
+ uint32_t *pcr, i, f;
va_list args;
va_start(args, this);
- pcr = va_arg(args, u_int32_t*);
+ pcr = va_arg(args, uint32_t*);
va_end(args);
while (this->pcr <= this->pcrs->pcr_max)
@@ -158,13 +158,13 @@ METHOD(pts_pcr_t, create_enumerator, enumerator_t*,
}
METHOD(pts_pcr_t, get, chunk_t,
- private_pts_pcr_t *this, u_int32_t pcr)
+ private_pts_pcr_t *this, uint32_t pcr)
{
return (pcr < PTS_PCR_MAX_NUM) ? this->pcrs[pcr] : chunk_empty;
}
METHOD(pts_pcr_t, set, bool,
- private_pts_pcr_t *this, u_int32_t pcr, chunk_t value)
+ private_pts_pcr_t *this, uint32_t pcr, chunk_t value)
{
if (value.len != PTS_PCR_LEN)
{
@@ -180,7 +180,7 @@ METHOD(pts_pcr_t, set, bool,
}
METHOD(pts_pcr_t, extend, chunk_t,
- private_pts_pcr_t *this, u_int32_t pcr, chunk_t measurement)
+ private_pts_pcr_t *this, uint32_t pcr, chunk_t measurement)
{
if (measurement.len != PTS_PCR_LEN)
{
@@ -200,26 +200,25 @@ METHOD(pts_pcr_t, extend, chunk_t,
return this->pcrs[pcr];
}
-METHOD(pts_pcr_t, get_composite, chunk_t,
+METHOD(pts_pcr_t, get_composite, tpm_tss_pcr_composite_t*,
private_pts_pcr_t *this)
{
- chunk_t composite;
+ tpm_tss_pcr_composite_t *pcr_composite;
enumerator_t *enumerator;
- u_int16_t selection_size;
- u_int32_t pcr_field_size, pcr;
+ uint16_t selection_size;
+ uint32_t pcr_field_size, pcr;
u_char *pos;
selection_size = get_selection_size(this);
pcr_field_size = this->pcr_count * PTS_PCR_LEN;
- composite = chunk_alloc(2 + selection_size + 4 + pcr_field_size);
- pos = composite.ptr;
- htoun16(pos, selection_size);
- pos += 2;
- memcpy(pos, this->pcr_select, selection_size);
- pos += selection_size;
- htoun32(pos, pcr_field_size);
- pos += 4;
+ INIT(pcr_composite,
+ .pcr_select = chunk_alloc(selection_size),
+ .pcr_composite = chunk_alloc(pcr_field_size),
+ );
+
+ memcpy(pcr_composite->pcr_select.ptr, this->pcr_select, selection_size);
+ pos = pcr_composite->pcr_composite.ptr;
enumerator = create_enumerator(this);
while (enumerator->enumerate(enumerator, &pcr))
@@ -229,14 +228,13 @@ METHOD(pts_pcr_t, get_composite, chunk_t,
}
enumerator->destroy(enumerator);
- DBG3(DBG_PTS, "constructed PCR Composite: %B", &composite);
- return composite;
+ return pcr_composite;
}
METHOD(pts_pcr_t, destroy, void,
private_pts_pcr_t *this)
{
- u_int32_t i;
+ uint32_t i;
for (i = 0; i < PTS_PCR_MAX_NUM; i++)
{
@@ -253,7 +251,7 @@ pts_pcr_t *pts_pcr_create(void)
{
private_pts_pcr_t *this;
hasher_t *hasher;
- u_int32_t i;
+ uint32_t i;
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (!hasher)
diff --git a/src/libimcv/pts/pts_pcr.h b/src/libimcv/pts/pts_pcr.h
index f638b5ee4..df84c679f 100644
--- a/src/libimcv/pts/pts_pcr.h
+++ b/src/libimcv/pts/pts_pcr.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012 Andreas Steffen
+ * Copyright (C) 2012-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@ typedef struct pts_pcr_t pts_pcr_t;
#include <library.h>
+#include <tpm_tss_quote_info.h>
+
/**
* Maximum number of PCR's of TPM, TPM Spec 1.2
*/
@@ -45,7 +47,7 @@ struct pts_pcr_t {
*
* @return number of selected PCRs
*/
- u_int32_t (*get_count)(pts_pcr_t *this);
+ uint32_t (*get_count)(pts_pcr_t *this);
/**
* Mark a PCR as selected
@@ -53,7 +55,7 @@ struct pts_pcr_t {
* @param pcr index of PCR
* @return TRUE if PCR index exists
*/
- bool (*select_pcr)(pts_pcr_t *this, u_int32_t pcr);
+ bool (*select_pcr)(pts_pcr_t *this, uint32_t pcr);
/**
* Get the size of the selection field in bytes
@@ -75,7 +77,7 @@ struct pts_pcr_t {
* @param pcr index of PCR
* @return content of PCR
*/
- chunk_t (*get)(pts_pcr_t *this, u_int32_t pcr);
+ chunk_t (*get)(pts_pcr_t *this, uint32_t pcr);
/**
* Set the content of a PCR
@@ -84,7 +86,7 @@ struct pts_pcr_t {
* @param value new value of PCR
* @return TRUE if value could be set
*/
- bool (*set)(pts_pcr_t *this, u_int32_t pcr, chunk_t value);
+ bool (*set)(pts_pcr_t *this, uint32_t pcr, chunk_t value);
/**
* Extend the content of a PCR
@@ -93,14 +95,14 @@ struct pts_pcr_t {
* @param measurement measurment value to be extended into PCR
* @return new content of PCR
*/
- chunk_t (*extend)(pts_pcr_t *this, u_int32_t pcr, chunk_t measurement);
+ chunk_t (*extend)(pts_pcr_t *this, uint32_t pcr, chunk_t measurement);
/**
* Create a PCR Composite object over all selected PCRs
*
* @return PCR Composite object (must be freed)
*/
- chunk_t (*get_composite)(pts_pcr_t *this);
+ tpm_tss_pcr_composite_t* (*get_composite)(pts_pcr_t *this);
/**
diff --git a/src/libimcv/pts/pts_simple_evid_final.h b/src/libimcv/pts/pts_simple_evid_final.h
deleted file mode 100644
index 0c8dea0cc..000000000
--- a/src/libimcv/pts/pts_simple_evid_final.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_simple_evid_final pts_rsimple_evid_final
- * @{ @ingroup pts
- */
-
-#ifndef PTS_SIMPLE_EVID_FINAL_H_
-#define PTS_SIMPLE_EVID_FINAL_H_
-
-typedef enum pts_simple_evid_final_flag_t pts_simple_evid_final_flag_t;
-
-#include <library.h>
-
-/**
- * PTS Simple Evidence Final Flags
- */
-enum pts_simple_evid_final_flag_t {
- /** TPM PCR Composite and TPM Quote Signature not included */
- PTS_SIMPLE_EVID_FINAL_NO = 0x00,
- /** TPM PCR Composite and TPM Quote Signature included
- * using TPM_QUOTE_INFO */
- PTS_SIMPLE_EVID_FINAL_QUOTE_INFO = 0x40,
- /** TPM PCR Composite and TPM Quote Signature included
- * using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO not appended */
- PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 = 0x80,
- /** TPM PCR Composite and TPM Quote Signature included
- * using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO appended */
- PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER = 0xC0,
- /** Evidence Signature included */
- PTS_SIMPLE_EVID_FINAL_EVID_SIG = 0x20,
-};
-
-#endif /** PTS_SIMPLE_EVID_FINAL_H_ @}*/
diff --git a/src/libimcv/pwg/pwg_attr.c b/src/libimcv/pwg/pwg_attr.c
index 8a2eb2828..123df05d6 100644
--- a/src/libimcv/pwg/pwg_attr.c
+++ b/src/libimcv/pwg/pwg_attr.c
@@ -75,7 +75,7 @@ ENUM_END(pwg_attr_names, PWG_HCD_CONFIGURATION_STATE);
/**
* See header
*/
-pa_tnc_attr_t* pwg_attr_create_from_data(u_int32_t type, size_t length, chunk_t value)
+pa_tnc_attr_t* pwg_attr_create_from_data(uint32_t type, size_t length, chunk_t value)
{
switch (type)
{
diff --git a/src/libimcv/pwg/pwg_attr.h b/src/libimcv/pwg/pwg_attr.h
index 01db42cd2..2782075b2 100644
--- a/src/libimcv/pwg/pwg_attr.h
+++ b/src/libimcv/pwg/pwg_attr.h
@@ -69,7 +69,7 @@ extern enum_name_t *pwg_attr_names;
* @param length attribute length
* @param value attribute value or segment
*/
-pa_tnc_attr_t* pwg_attr_create_from_data(u_int32_t type, size_t length,
+pa_tnc_attr_t* pwg_attr_create_from_data(uint32_t type, size_t length,
chunk_t value);
#endif /** PWG_ATTR_H_ @}*/
diff --git a/src/libimcv/pwg/pwg_attr_vendor_smi_code.c b/src/libimcv/pwg/pwg_attr_vendor_smi_code.c
index 7931259aa..0b03f12ec 100644
--- a/src/libimcv/pwg/pwg_attr_vendor_smi_code.c
+++ b/src/libimcv/pwg/pwg_attr_vendor_smi_code.c
@@ -117,7 +117,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_pwg_attr_vendor_smi_code_t *this, u_int32_t *offset)
+ private_pwg_attr_vendor_smi_code_t *this, uint32_t *offset)
{
bio_reader_t *reader;
uint32_t vendor_smi_code;
diff --git a/src/libimcv/swid/swid_error.c b/src/libimcv/swid/swid_error.c
index 7f3c34476..7c7427fb1 100644
--- a/src/libimcv/swid/swid_error.c
+++ b/src/libimcv/swid/swid_error.c
@@ -27,8 +27,8 @@ ENUM(swid_error_code_names, TCG_SWID_ERROR, TCG_SWID_RESPONSE_TOO_LARGE,
/**
* Described in header.
*/
-pa_tnc_attr_t* swid_error_create(swid_error_code_t code, u_int32_t request_id,
- u_int32_t max_attr_size, char *description)
+pa_tnc_attr_t* swid_error_create(swid_error_code_t code, uint32_t request_id,
+ uint32_t max_attr_size, char *description)
{
bio_writer_t *writer;
chunk_t msg_info;
diff --git a/src/libimcv/swid/swid_error.h b/src/libimcv/swid/swid_error.h
index b459ba686..2ed099186 100644
--- a/src/libimcv/swid/swid_error.h
+++ b/src/libimcv/swid/swid_error.h
@@ -52,7 +52,7 @@ extern enum_name_t *swid_error_code_names;
* @param max_attr_size Maximum IF-M attribute size (if applicable)
* @param description Optional description string or NULL
*/
-pa_tnc_attr_t* swid_error_create(swid_error_code_t code, u_int32_t request,
- u_int32_t max_attr_size, char *description);
+pa_tnc_attr_t* swid_error_create(swid_error_code_t code, uint32_t request,
+ uint32_t max_attr_size, char *description);
#endif /** SWID_ERROR_H_ @}*/
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_aik.c b/src/libimcv/tcg/pts/tcg_pts_attr_aik.c
index 194cf1b68..3ca24faec 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_aik.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_aik.c
@@ -108,7 +108,7 @@ METHOD(pa_tnc_attr_t, build, void,
private_tcg_pts_attr_aik_t *this)
{
bio_writer_t *writer;
- u_int8_t flags = PTS_AIK_FLAGS_NONE;
+ uint8_t flags = PTS_AIK_FLAGS_NONE;
cred_encoding_type_t encoding_type = CERT_ASN1_DER;
chunk_t aik_blob;
@@ -136,10 +136,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_aik_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_aik_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t flags;
+ uint8_t flags;
certificate_type_t type;
chunk_t aik_blob;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c
index 2a1506898..5cb81c122 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c
@@ -140,11 +140,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_dh_nonce_finish_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_dh_nonce_finish_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t reserved, nonce_len;
- u_int16_t hash_algo;
+ uint8_t reserved, nonce_len;
+ uint16_t hash_algo;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h
index 78b5025bc..cbc9847fa 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h
@@ -43,7 +43,7 @@ struct tcg_pts_attr_dh_nonce_finish_t {
*
* @return Length of nonce
*/
- u_int8_t (*get_nonce_len)(tcg_pts_attr_dh_nonce_finish_t *this);
+ uint8_t (*get_nonce_len)(tcg_pts_attr_dh_nonce_finish_t *this);
/**
* Get selected hash algorithm
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c
index 0349ce53e..9c24759ea 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c
@@ -72,7 +72,7 @@ struct private_tcg_pts_attr_dh_nonce_params_req_t {
/**
* Minimum acceptable length of nonce
*/
- u_int8_t min_nonce_len;
+ uint8_t min_nonce_len;
/**
* Diffie Hellman group set
@@ -129,11 +129,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_dh_nonce_params_req_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_dh_nonce_params_req_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t reserved;
- u_int16_t dh_groups;
+ uint8_t reserved;
+ uint16_t dh_groups;
*offset = 0;
@@ -179,7 +179,7 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
}
-METHOD(tcg_pts_attr_dh_nonce_params_req_t, get_min_nonce_len, u_int8_t,
+METHOD(tcg_pts_attr_dh_nonce_params_req_t, get_min_nonce_len, uint8_t,
private_tcg_pts_attr_dh_nonce_params_req_t *this)
{
return this->min_nonce_len;
@@ -194,7 +194,7 @@ METHOD(tcg_pts_attr_dh_nonce_params_req_t, get_dh_groups, pts_dh_group_t,
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_req_create(u_int8_t min_nonce_len,
+pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_req_create(uint8_t min_nonce_len,
pts_dh_group_t dh_groups)
{
private_tcg_pts_attr_dh_nonce_params_req_t *this;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h
index 4396bf687..3d83b6d86 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h
@@ -44,7 +44,7 @@ struct tcg_pts_attr_dh_nonce_params_req_t {
*
* @return Minimum acceptable length of nonce
*/
- u_int8_t (*get_min_nonce_len)(tcg_pts_attr_dh_nonce_params_req_t *this);
+ uint8_t (*get_min_nonce_len)(tcg_pts_attr_dh_nonce_params_req_t *this);
/**
* Get supported Diffie Hellman Groups
@@ -60,7 +60,7 @@ struct tcg_pts_attr_dh_nonce_params_req_t {
* @param min_nonce_len Minimum acceptable length of nonce
* @param dh_groups Initiator's supported DH groups
*/
-pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_req_create(u_int8_t min_nonce_len,
+pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_req_create(uint8_t min_nonce_len,
pts_dh_group_t dh_groups);
/**
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c
index fa1dbdd3a..a4e66a670 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c
@@ -148,12 +148,12 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_dh_nonce_params_resp_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_dh_nonce_params_resp_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t reserved;
- u_int8_t nonce_len;
- u_int16_t dh_group, hash_algo_set;
+ uint32_t reserved;
+ uint8_t nonce_len;
+ uint16_t dh_group, hash_algo_set;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c b/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c
index 397882926..aba34a817 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c
@@ -149,8 +149,8 @@ METHOD(pa_tnc_attr_t, build, void,
{
bio_writer_t *writer;
enumerator_t *enumerator;
- u_int64_t count;
- u_int16_t request_id;
+ uint64_t count;
+ uint16_t request_id;
char *filename;
chunk_t measurement;
bool first = TRUE;
@@ -192,7 +192,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_file_meas_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_file_meas_t *this, uint32_t *offset)
{
bio_reader_t *reader;
chunk_t measurement, filename;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c
index b7b4d7e3f..e203f71c5 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c
@@ -118,10 +118,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_gen_attest_evid_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_gen_attest_evid_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t reserved;
+ uint32_t reserved;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c b/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c
index 8fda2b1f5..e2da704dc 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c
@@ -121,10 +121,10 @@ METHOD(pa_tnc_attr_t, add_segment, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_get_aik_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_get_aik_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t reserved;
+ uint32_t reserved;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c b/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c
index a4c9dba87..e98d7b40e 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c
@@ -118,10 +118,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_get_tpm_version_info_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_get_tpm_version_info_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t reserved;
+ uint32_t reserved;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c b/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c
index 8b0502a91..ce38b626a 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c
@@ -121,10 +121,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_meas_algo_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_meas_algo_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int16_t reserved, algorithms;
+ uint16_t reserved, algorithms;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c b/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c
index 0a562c0bc..ba017438c 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c
@@ -123,10 +123,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_proto_caps_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_proto_caps_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int16_t reserved, flags;
+ uint16_t reserved, flags;
*offset = 0;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c
index a3c3ce56e..b4f336713 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c
@@ -85,12 +85,12 @@ struct private_tcg_pts_attr_req_file_meas_t {
/**
* Request ID
*/
- u_int16_t request_id;
+ uint16_t request_id;
/**
* UTF8 Encoding of Delimiter Character
*/
- u_int32_t delimiter;
+ uint32_t delimiter;
/**
* Fully Qualified File Pathname
@@ -130,7 +130,7 @@ METHOD(pa_tnc_attr_t, set_noskip_flag,void,
METHOD(pa_tnc_attr_t, build, void,
private_tcg_pts_attr_req_file_meas_t *this)
{
- u_int8_t flags = PTS_REQ_FILE_MEAS_NO_FLAGS;
+ uint8_t flags = PTS_REQ_FILE_MEAS_NO_FLAGS;
chunk_t pathname;
bio_writer_t *writer;
@@ -156,11 +156,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_req_file_meas_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_req_file_meas_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t flags;
- u_int8_t reserved;
+ uint8_t flags;
+ uint8_t reserved;
chunk_t pathname;
*offset = 0;
@@ -220,13 +220,13 @@ METHOD(tcg_pts_attr_req_file_meas_t, get_directory_flag, bool,
return this->directory_flag;
}
-METHOD(tcg_pts_attr_req_file_meas_t, get_request_id, u_int16_t,
+METHOD(tcg_pts_attr_req_file_meas_t, get_request_id, uint16_t,
private_tcg_pts_attr_req_file_meas_t *this)
{
return this->request_id;
}
-METHOD(tcg_pts_attr_req_file_meas_t, get_delimiter, u_int32_t,
+METHOD(tcg_pts_attr_req_file_meas_t, get_delimiter, uint32_t,
private_tcg_pts_attr_req_file_meas_t *this)
{
return this->delimiter;
@@ -242,8 +242,8 @@ METHOD(tcg_pts_attr_req_file_meas_t, get_pathname, char*,
* Described in header.
*/
pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create(bool directory_flag,
- u_int16_t request_id,
- u_int32_t delimiter,
+ uint16_t request_id,
+ uint32_t delimiter,
char *pathname)
{
private_tcg_pts_attr_req_file_meas_t *this;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h
index 20a54dfaf..cbf429dab 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h
@@ -50,14 +50,14 @@ struct tcg_pts_attr_req_file_meas_t {
*
* @return Request ID
*/
- u_int16_t (*get_request_id)(tcg_pts_attr_req_file_meas_t *this);
+ uint16_t (*get_request_id)(tcg_pts_attr_req_file_meas_t *this);
/**
* Get Delimiter
*
* @return UTF-8 encoding of a Delimiter Character
*/
- u_int32_t (*get_delimiter)(tcg_pts_attr_req_file_meas_t *this);
+ uint32_t (*get_delimiter)(tcg_pts_attr_req_file_meas_t *this);
/**
* Get Fully Qualified File Pathname
@@ -77,8 +77,8 @@ struct tcg_pts_attr_req_file_meas_t {
* @param pathname File Pathname
*/
pa_tnc_attr_t* tcg_pts_attr_req_file_meas_create(bool directory_flag,
- u_int16_t request_id,
- u_int32_t delimiter,
+ uint16_t request_id,
+ uint32_t delimiter,
char *pathname);
/**
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c
index f6befa8b9..d8acf0625 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c
@@ -83,7 +83,7 @@ struct private_tcg_pts_attr_req_file_meta_t {
/**
* UTF8 Encoding of Delimiter Character
*/
- u_int8_t delimiter;
+ uint8_t delimiter;
/**
* Fully Qualified File Pathname
@@ -123,7 +123,7 @@ METHOD(pa_tnc_attr_t, set_noskip_flag,void,
METHOD(pa_tnc_attr_t, build, void,
private_tcg_pts_attr_req_file_meta_t *this)
{
- u_int8_t flags = PTS_REQ_FILE_META_NO_FLAGS;
+ uint8_t flags = PTS_REQ_FILE_META_NO_FLAGS;
chunk_t pathname;
bio_writer_t *writer;
@@ -149,11 +149,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_req_file_meta_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_req_file_meta_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t flags;
- u_int16_t reserved;
+ uint8_t flags;
+ uint16_t reserved;
chunk_t pathname;
*offset = 0;
@@ -212,7 +212,7 @@ METHOD(tcg_pts_attr_req_file_meta_t, get_directory_flag, bool,
return this->directory_flag;
}
-METHOD(tcg_pts_attr_req_file_meta_t, get_delimiter, u_int8_t,
+METHOD(tcg_pts_attr_req_file_meta_t, get_delimiter, uint8_t,
private_tcg_pts_attr_req_file_meta_t *this)
{
return this->delimiter;
@@ -228,7 +228,7 @@ METHOD(tcg_pts_attr_req_file_meta_t, get_pathname, char*,
* Described in header.
*/
pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create(bool directory_flag,
- u_int8_t delimiter,
+ uint8_t delimiter,
char *pathname)
{
private_tcg_pts_attr_req_file_meta_t *this;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h
index c2f1cca74..91ab5c678 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h
@@ -50,7 +50,7 @@ struct tcg_pts_attr_req_file_meta_t {
*
* @return UTF-8 encoding of a Delimiter Character
*/
- u_int8_t (*get_delimiter)(tcg_pts_attr_req_file_meta_t *this);
+ uint8_t (*get_delimiter)(tcg_pts_attr_req_file_meta_t *this);
/**
* Get Fully Qualified File Pathname
@@ -69,7 +69,7 @@ struct tcg_pts_attr_req_file_meta_t {
* @param pathname File Pathname
*/
pa_tnc_attr_t* tcg_pts_attr_req_file_meta_create(bool directory_flag,
- u_int8_t delimiter,
+ uint8_t delimiter,
char *pathname);
/**
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c
index 03891104c..da21003e3 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c
@@ -110,16 +110,16 @@ typedef struct entry_t entry_t;
* Functional component entry
*/
struct entry_t {
- u_int8_t flags;
- u_int32_t depth;
+ uint8_t flags;
+ uint32_t depth;
pts_comp_func_name_t *name;
};
/**
* Enumerate functional component entries
*/
-static bool entry_filter(void *null, entry_t **entry, u_int8_t *flags,
- void *i2, u_int32_t *depth, void *i3,
+static bool entry_filter(void *null, entry_t **entry, uint8_t *flags,
+ void *i2, uint32_t *depth, void *i3,
pts_comp_func_name_t **name)
{
*flags = (*entry)->flags;
@@ -195,11 +195,11 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_req_func_comp_evid_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_req_func_comp_evid_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t depth, vendor_id, name;
- u_int8_t flags, fam_and_qualifier, qualifier;
+ uint32_t depth, vendor_id, name;
+ uint8_t flags, fam_and_qualifier, qualifier;
status_t status = FAILED;
entry_t *entry = NULL;
@@ -296,8 +296,8 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
METHOD(tcg_pts_attr_req_func_comp_evid_t, add_component, void,
- private_tcg_pts_attr_req_func_comp_evid_t *this, u_int8_t flags,
- u_int32_t depth, pts_comp_func_name_t *name)
+ private_tcg_pts_attr_req_func_comp_evid_t *this, uint8_t flags,
+ uint32_t depth, pts_comp_func_name_t *name)
{
entry_t *entry;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h
index 2f8657ed2..43abcbb4d 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h
@@ -47,7 +47,7 @@ struct tcg_pts_attr_req_func_comp_evid_t {
* @param name Functional Component Name
*/
void (*add_component)(tcg_pts_attr_req_func_comp_evid_t *this,
- u_int8_t flags, u_int32_t depth,
+ uint8_t flags, uint32_t depth,
pts_comp_func_name_t *name);
/**
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c
index d94ee89a5..c249ca151 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c
@@ -181,9 +181,9 @@ METHOD(pa_tnc_attr_t, build, void,
bio_writer_t *writer;
bool has_pcr_info;
char utc_time_buf[25], *policy_uri;
- u_int8_t flags;
- u_int16_t len;
- u_int32_t depth, extended_pcr;
+ uint8_t flags;
+ uint16_t len;
+ uint32_t depth, extended_pcr;
pts_comp_func_name_t *name;
pts_meas_algorithms_t hash_algorithm;
pts_pcr_transform_t transform;
@@ -301,14 +301,14 @@ bool measurement_time_from_utc(time_t *measurement_time, chunk_t utc_time)
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_simple_comp_evid_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_simple_comp_evid_t *this, uint32_t *offset)
{
bio_reader_t *reader;
pts_comp_func_name_t *name;
- u_int8_t flags, fam_and_qualifier, qualifier, reserved;
- u_int8_t measurement_type, transform, validation;
- u_int16_t hash_algorithm, len;
- u_int32_t depth, vendor_id, comp_name, extended_pcr;
+ uint8_t flags, fam_and_qualifier, qualifier, reserved;
+ uint8_t measurement_type, transform, validation;
+ uint16_t hash_algorithm, len;
+ uint32_t depth, vendor_id, comp_name, extended_pcr;
chunk_t measurement, utc_time, policy_uri, pcr_before, pcr_after;
time_t measurement_time;
bool has_pcr_info = FALSE, has_validation = FALSE;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c
index cfeaec6e9..267c85776 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2011-2012 Sansar Choinyambuu
- * Copyright (C) 2011-2014 Andreas Steffen
+ * Copyright (C) 2011-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -15,7 +15,6 @@
*/
#include "tcg_pts_attr_simple_evid_final.h"
-#include "pts/pts_simple_evid_final.h"
#include <pa_tnc/pa_tnc_msg.h>
#include <bio/bio_writer.h>
@@ -27,6 +26,7 @@ typedef struct private_tcg_pts_attr_simple_evid_final_t private_tcg_pts_attr_sim
/**
* Simple Evidence Final
* see section 3.15.2 of PTS Protocol: Binding to TNC IF-M Specification
+ * plus non-standard extensions to cover the TPM 2.0 Quote Info format
*
* 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
@@ -37,17 +37,57 @@ typedef struct private_tcg_pts_attr_simple_evid_final_t private_tcg_pts_attr_sim
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* ~ Optional TPM PCR Composite (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Opt. TPM Qual. Signer Length | Optional TPM Qualified Signer ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ~ Optional TPM Qualified Signer (Variable Length) ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Opt. TPM Clock Info Length | Optional TPM Clock Info ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ~ Optional TPM Clock Info (Variable Length) ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Opt. TPM Version Info Length | Optional TPM Version Info ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ~ Optional TPM Version Info (Variable Length) |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Opt. TPM PCR Selection Length | Opt. TPM PCR Selection ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * ~ Optional TPM PCR Selection (Variable Length) ~
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Optional TPM Quote Signature Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* ~ Optional TPM Quote Signature (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* ~ Optional Evidence Signature (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
+*/
#define PTS_SIMPLE_EVID_FINAL_SIZE 2
#define PTS_SIMPLE_EVID_FINAL_RESERVED 0x00
-#define PTS_SIMPLE_EVID_FINAL_FLAG_MASK 0xC0
+
+/**
+ * PTS Simple Evidence Final Flags
+ */
+enum pts_simple_evid_final_flag_t {
+ /** TPM PCR Composite and TPM Quote Signature not included */
+ PTS_SIMPLE_EVID_FINAL_NO = 0x00,
+ /** TPM Quote Info and TPM Quite Signature included
+ * using TPM 2.0 Quote Info format */
+ PTS_SIMPLE_EVID_FINAL_EVID_QUOTE_INFO_TPM2 = 0x10,
+ /** Evidence Signature included */
+ PTS_SIMPLE_EVID_FINAL_EVID_SIG = 0x20,
+ /** TPM PCR Composite and TPM Quote Signature included
+ * using TPM_QUOTE_INFO */
+ PTS_SIMPLE_EVID_FINAL_QUOTE_INFO = 0x40,
+ /** TPM PCR Composite and TPM Quote Signature included
+ * using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO not appended */
+ PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 = 0x80,
+ /** TPM PCR Composite and TPM Quote Signature included
+ * using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO appended */
+ PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER = 0xC0,
+ /** Mask for the TPM Quote Info flags */
+ PTS_SIMPLE_EVID_FINAL_QUOTE_INFO_MASK = 0xD0
+};
+
/**
* Private data of an tcg_pts_attr_simple_evid_final_t object.
*/
@@ -79,24 +119,14 @@ struct private_tcg_pts_attr_simple_evid_final_t {
bool noskip_flag;
/**
- * Set of flags for Simple Evidence Final
- */
- u_int8_t flags;
-
- /**
- * Optional Composite Hash Algorithm
- */
- pts_meas_algorithms_t comp_hash_algorithm;
-
- /**
- * Optional TPM PCR Composite
+ * Optional TPM Quote Info
*/
- chunk_t pcr_comp;
+ tpm_tss_quote_info_t *quote_info;
/**
* Optional TPM Quote Signature
*/
- chunk_t tpm_quote_sig;
+ chunk_t quote_sig;
/**
* Is Evidence Signature included?
@@ -156,9 +186,9 @@ METHOD(pa_tnc_attr_t, destroy, void,
{
if (ref_put(&this->ref))
{
+ DESTROY_IF(this->quote_info);
free(this->value.ptr);
- free(this->pcr_comp.ptr);
- free(this->tpm_quote_sig.ptr);
+ free(this->quote_sig.ptr);
free(this->evid_sig.ptr);
free(this);
}
@@ -167,14 +197,36 @@ METHOD(pa_tnc_attr_t, destroy, void,
METHOD(pa_tnc_attr_t, build, void,
private_tcg_pts_attr_simple_evid_final_t *this)
{
+ chunk_t pcr_digest, pcr_select, qualified_signer, clock_info, version_info;
+ hash_algorithm_t pcr_digest_alg;
+ tpm_quote_mode_t quote_mode;
bio_writer_t *writer;
- u_int8_t flags;
+ uint8_t flags;
if (this->value.ptr)
{
return;
}
- flags = this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_MASK;
+
+ quote_mode = this->quote_info->get_quote_mode(this->quote_info);
+ switch (quote_mode)
+ {
+ case TPM_QUOTE:
+ flags = PTS_SIMPLE_EVID_FINAL_QUOTE_INFO;
+ break;
+ case TPM_QUOTE2:
+ flags = PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2;
+ break;
+ case TPM_QUOTE2_VERSION_INFO:
+ flags = PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER;
+ break;
+ case TPM_QUOTE_TPM2:
+ flags = PTS_SIMPLE_EVID_FINAL_EVID_QUOTE_INFO_TPM2;
+ break;
+ case TPM_QUOTE_NONE:
+ default:
+ flags = PTS_SIMPLE_EVID_FINAL_NO;
+ }
if (this->has_evid_sig)
{
@@ -185,25 +237,35 @@ METHOD(pa_tnc_attr_t, build, void,
writer->write_uint8 (writer, flags);
writer->write_uint8 (writer, PTS_SIMPLE_EVID_FINAL_RESERVED);
- /** Optional Composite Hash Algorithm field is always present
- * Field has value of all zeroes if not used.
- * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011
- */
- writer->write_uint16(writer, this->comp_hash_algorithm);
+ pcr_digest_alg = this->quote_info->get_pcr_digest_alg(this->quote_info);
+ pcr_digest = this->quote_info->get_pcr_digest(this->quote_info);
+
+ writer->write_uint16(writer, pts_meas_algo_from_hash(pcr_digest_alg));
/* Optional fields */
- if (this->flags != PTS_SIMPLE_EVID_FINAL_NO)
+ if (quote_mode != TPM_QUOTE_NONE)
{
- writer->write_uint32 (writer, this->pcr_comp.len);
- writer->write_data (writer, this->pcr_comp);
-
- writer->write_uint32 (writer, this->tpm_quote_sig.len);
- writer->write_data (writer, this->tpm_quote_sig);
+ writer->write_data32(writer, pcr_digest);
}
- if (this->has_evid_sig)
+ if (quote_mode == TPM_QUOTE_TPM2)
{
- writer->write_data (writer, this->evid_sig);
+ version_info = this->quote_info->get_version_info(this->quote_info);
+ this->quote_info->get_tpm2_info(this->quote_info, &qualified_signer,
+ &clock_info, &pcr_select);
+ writer->write_data16(writer, qualified_signer);
+ writer->write_data16(writer, clock_info);
+ writer->write_data16(writer, version_info);
+ writer->write_data16(writer, pcr_select);
+ }
+
+ if (quote_mode != TPM_QUOTE_NONE)
+ {
+ writer->write_data32(writer, this->quote_sig);
+ if (this->has_evid_sig)
+ {
+ writer->write_data(writer, this->evid_sig);
+ }
}
this->value = writer->extract_buf(writer);
@@ -212,12 +274,16 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_simple_evid_final_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_simple_evid_final_t *this, uint32_t *offset)
{
+ hash_algorithm_t pcr_digest_alg;
+ tpm_quote_mode_t quote_mode;
bio_reader_t *reader;
- u_int8_t flags, reserved;
- u_int16_t algorithm;
- u_int32_t pcr_comp_len, tpm_quote_sig_len, evid_sig_len;
+ uint8_t flags, reserved;
+ uint16_t algorithm;
+ uint32_t evid_sig_len;
+ chunk_t pcr_digest = chunk_empty, quote_sig, evid_sig;
+ chunk_t qualified_signer, clock_info, version_info, pcr_select;
status_t status = FAILED;
*offset = 0;
@@ -236,56 +302,99 @@ METHOD(pa_tnc_attr_t, process, status_t,
reader->read_uint8(reader, &flags);
reader->read_uint8(reader, &reserved);
- this->flags = flags & PTS_SIMPLE_EVID_FINAL_FLAG_MASK;
-
this->has_evid_sig = (flags & PTS_SIMPLE_EVID_FINAL_EVID_SIG) != 0;
+ flags &= PTS_SIMPLE_EVID_FINAL_QUOTE_INFO_MASK;
+
+ switch (flags)
+ {
+ case PTS_SIMPLE_EVID_FINAL_QUOTE_INFO:
+ quote_mode = TPM_QUOTE;
+ break;
+ case PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2:
+ quote_mode = TPM_QUOTE2;
+ break;
+ case PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER:
+ quote_mode = TPM_QUOTE2_VERSION_INFO;
+ break;
+ case PTS_SIMPLE_EVID_FINAL_EVID_QUOTE_INFO_TPM2:
+ quote_mode = TPM_QUOTE_TPM2;
+ break;
+ case PTS_SIMPLE_EVID_FINAL_NO:
+ default:
+ quote_mode = TPM_QUOTE_NONE;
+ break;
+ }
+
/** Optional Composite Hash Algorithm field is always present
* Field has value of all zeroes if not used.
* Implemented adhering the suggestion of Paul Sangster 28.Oct.2011
*/
-
reader->read_uint16(reader, &algorithm);
- this->comp_hash_algorithm = algorithm;
+ pcr_digest_alg = pts_meas_algo_to_hash(algorithm);
- /* Optional Composite Hash Algorithm and TPM PCR Composite fields */
- if (this->flags != PTS_SIMPLE_EVID_FINAL_NO)
+ /* Optional fields */
+ if (quote_mode != TPM_QUOTE_NONE)
{
- if (!reader->read_uint32(reader, &pcr_comp_len))
+ if (!reader->read_data32(reader, &pcr_digest))
{
DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
- "PCR Composite Length");
+ "PCR Composite");
goto end;
}
- if (!reader->read_data(reader, pcr_comp_len, &this->pcr_comp))
+ }
+ this->quote_info = tpm_tss_quote_info_create(quote_mode, pcr_digest_alg,
+ pcr_digest);
+
+ if (quote_mode == TPM_QUOTE_TPM2)
+ {
+ if (!reader->read_data16(reader, &qualified_signer))
{
DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
- "PCR Composite");
+ "Qualified Signer");
goto end;
}
- this->pcr_comp = chunk_clone(this->pcr_comp);
-
- if (!reader->read_uint32(reader, &tpm_quote_sig_len))
+ if (!reader->read_data16(reader, &clock_info))
+ {
+ DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
+ "Clock Info");
+ goto end;
+ }
+ if (!reader->read_data16(reader, &version_info))
+ {
+ DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
+ "Version Info");
+ goto end;
+ }
+ if (!reader->read_data16(reader, &pcr_select))
{
DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
- "TPM Quote Singature Length");
+ "PCR select");
goto end;
}
- if (!reader->read_data(reader, tpm_quote_sig_len, &this->tpm_quote_sig))
+ this->quote_info->set_tpm2_info(this->quote_info, qualified_signer,
+ clock_info, pcr_select);
+ this->quote_info->set_version_info(this->quote_info, version_info);
+ }
+
+
+ if (quote_mode != TPM_QUOTE_NONE)
+ {
+ if (!reader->read_data32(reader, &quote_sig))
{
DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
"TPM Quote Singature");
goto end;
}
- this->tpm_quote_sig = chunk_clone(this->tpm_quote_sig);
+ this->quote_sig = chunk_clone(quote_sig);
}
/* Optional Evidence Signature field */
if (this->has_evid_sig)
{
evid_sig_len = reader->remaining(reader);
- reader->read_data(reader, evid_sig_len, &this->evid_sig);
- this->evid_sig = chunk_clone(this->evid_sig);
+ reader->read_data(reader, evid_sig_len, &evid_sig);
+ this->evid_sig = chunk_clone(evid_sig);
}
reader->destroy(reader);
@@ -296,23 +405,18 @@ end:
return status;
}
-METHOD(tcg_pts_attr_simple_evid_final_t, get_quote_info, u_int8_t,
+METHOD(tcg_pts_attr_simple_evid_final_t, get_quote_info, void,
private_tcg_pts_attr_simple_evid_final_t *this,
- pts_meas_algorithms_t *comp_hash_algo, chunk_t *pcr_comp, chunk_t *tpm_quote_sig)
+ tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig)
{
- if (comp_hash_algo)
- {
- *comp_hash_algo = this->comp_hash_algorithm;
- }
- if (pcr_comp)
+ if (quote_info)
{
- *pcr_comp = this->pcr_comp;
+ *quote_info = this->quote_info;
}
- if (tpm_quote_sig)
+ if (quote_sig)
{
- *tpm_quote_sig = this->tpm_quote_sig;
+ *quote_sig = this->quote_sig;
}
- return this->flags;
}
METHOD(tcg_pts_attr_simple_evid_final_t, get_evid_sig, bool,
@@ -335,9 +439,8 @@ METHOD(tcg_pts_attr_simple_evid_final_t, set_evid_sig, void,
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(u_int8_t flags,
- pts_meas_algorithms_t comp_hash_algorithm,
- chunk_t pcr_comp, chunk_t tpm_quote_sig)
+pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(
+ tpm_tss_quote_info_t *quote_info, chunk_t quote_sig)
{
private_tcg_pts_attr_simple_evid_final_t *this;
@@ -359,10 +462,8 @@ pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(u_int8_t flags,
.set_evid_sig = _set_evid_sig,
},
.type = { PEN_TCG, TCG_PTS_SIMPLE_EVID_FINAL },
- .flags = flags,
- .comp_hash_algorithm = comp_hash_algorithm,
- .pcr_comp = pcr_comp,
- .tpm_quote_sig = tpm_quote_sig,
+ .quote_info = quote_info,
+ .quote_sig = quote_sig,
.ref = 1,
);
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h
index 8343b5b30..849174a8f 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2011 Sansar Choinyambuu
- * Copyright (C) 2014 Andreas Steffen
+ * Copyright (C) 2014-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -28,6 +28,8 @@ typedef struct tcg_pts_attr_simple_evid_final_t tcg_pts_attr_simple_evid_final_t
#include "tcg_pts_attr_meas_algo.h"
#include "pa_tnc/pa_tnc_attr.h"
+#include <tpm_tss_quote_info.h>
+
/**
* Class implementing the TCG PTS Simple Evidence Final attribute
*
@@ -40,16 +42,14 @@ struct tcg_pts_attr_simple_evid_final_t {
pa_tnc_attr_t pa_tnc_attribute;
/**
- * Get Optional PCR Composite and TPM Quote Signature
+ * Get Optional TPM Quote Info and TPM Quote Signature
*
- * @param comp_hash_algo Optional Composite Hash Algorithm
- * @param pcr_comp Optional PCR Composite
- * @param tpm_quote sig Optional TPM Quote Signature
- * @return PTS_SIMPLE_EVID_FINAL flags
+ * @param quote_info Optional TPM Quote Info
+ * @param quote sig Optional TPM Quote Signature
*/
- u_int8_t (*get_quote_info)(tcg_pts_attr_simple_evid_final_t *this,
- pts_meas_algorithms_t *comp_hash_algo,
- chunk_t *pcr_comp, chunk_t *tpm_quote_sig);
+ void (*get_quote_info)(tcg_pts_attr_simple_evid_final_t *this,
+ tpm_tss_quote_info_t **quote_info,
+ chunk_t *quote_sig);
/**
* Get Optional Evidence Signature
@@ -73,16 +73,11 @@ struct tcg_pts_attr_simple_evid_final_t {
/**
* Creates an tcg_pts_attr_simple_evid_final_t object
*
- * @param flags Set of flags
- * @param comp_hash_algorithm Composite Hash Algorithm
- * @param pcr_comp Optional TPM PCR Composite
- * @param tpm_quote_sign Optional TPM Quote Signature
+ * @param quote_info Optional TPM Quote Info
+ * @param quote_sig Optional TPM Quote Signature
*/
pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create(
- u_int8_t flags,
- pts_meas_algorithms_t comp_hash_algorithm,
- chunk_t pcr_comp,
- chunk_t tpm_quote_sign);
+ tpm_tss_quote_info_t *quote_info, chunk_t quote_sig);
/**
* Creates an tcg_pts_attr_simple_evid_final_t object from received data
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c b/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c
index db877e9c5..fca1932a9 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c
@@ -122,7 +122,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_tpm_version_info_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_tpm_version_info_t *this, uint32_t *offset)
{
bio_reader_t *reader;
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c b/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c
index 7c176fdf6..df5898c3e 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c
@@ -144,7 +144,7 @@ METHOD(pa_tnc_attr_t, build, void,
bio_writer_t *writer;
enumerator_t *enumerator;
pts_file_metadata_t *entry;
- u_int64_t number_of_files;
+ uint64_t number_of_files;
if (this->value.ptr)
{
@@ -179,14 +179,14 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_file_meta_t *this, u_int32_t *offset)
+ private_tcg_pts_attr_file_meta_t *this, uint32_t *offset)
{
bio_reader_t *reader;
pts_file_metadata_t *entry;
- u_int8_t type, reserved;
- u_int16_t len;
- u_int64_t number_of_files, filesize, created, modified, accessed;
- u_int64_t owner, group;
+ uint8_t type, reserved;
+ uint16_t len;
+ uint64_t number_of_files, filesize, created, modified, accessed;
+ uint64_t owner, group;
chunk_t filename;
status_t status = FAILED;
diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c b/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c
index 010eaf83d..e56a96f94 100644
--- a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c
+++ b/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c
@@ -124,7 +124,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_seg_attr_max_size_t *this, u_int32_t *offset)
+ private_tcg_seg_attr_max_size_t *this, uint32_t *offset)
{
bio_reader_t *reader;
diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c
index 995f64cad..985e57be8 100644
--- a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c
+++ b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c
@@ -128,7 +128,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_seg_attr_next_seg_t *this, u_int32_t *offset)
+ private_tcg_seg_attr_next_seg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
uint8_t flags;
diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c
index 4f767539c..7cd585a04 100644
--- a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c
+++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c
@@ -119,7 +119,7 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_seg_attr_seg_env_t *this, u_int32_t *offset)
+ private_tcg_seg_attr_seg_env_t *this, uint32_t *offset)
{
bio_reader_t *reader;
diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_req.c b/src/libimcv/tcg/swid/tcg_swid_attr_req.c
index 561242758..f02bbcb85 100644
--- a/src/libimcv/tcg/swid/tcg_swid_attr_req.c
+++ b/src/libimcv/tcg/swid/tcg_swid_attr_req.c
@@ -80,17 +80,17 @@ struct private_tcg_swid_attr_req_t {
/**
* SWID request flags
*/
- u_int8_t flags;
+ uint8_t flags;
/**
* Request ID
*/
- u_int32_t request_id;
+ uint32_t request_id;
/**
* Earliest EID
*/
- u_int32_t earliest_eid;
+ uint32_t earliest_eid;
/**
* List of Target Tag Identifiers
@@ -162,10 +162,10 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_swid_attr_req_t *this, u_int32_t *offset)
+ private_tcg_swid_attr_req_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int32_t tag_id_count;
+ uint32_t tag_id_count;
chunk_t tag_creator, unique_sw_id;
swid_tag_id_t *tag_id;
@@ -244,19 +244,19 @@ METHOD(pa_tnc_attr_t, destroy, void,
}
}
-METHOD(tcg_swid_attr_req_t, get_flags, u_int8_t,
+METHOD(tcg_swid_attr_req_t, get_flags, uint8_t,
private_tcg_swid_attr_req_t *this)
{
return this->flags;
}
-METHOD(tcg_swid_attr_req_t, get_request_id, u_int32_t,
+METHOD(tcg_swid_attr_req_t, get_request_id, uint32_t,
private_tcg_swid_attr_req_t *this)
{
return this->request_id;
}
-METHOD(tcg_swid_attr_req_t, get_earliest_eid, u_int32_t,
+METHOD(tcg_swid_attr_req_t, get_earliest_eid, uint32_t,
private_tcg_swid_attr_req_t *this)
{
return this->earliest_eid;
@@ -277,8 +277,8 @@ METHOD(tcg_swid_attr_req_t, get_targets, swid_inventory_t*,
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_swid_attr_req_create(u_int8_t flags, u_int32_t request_id,
- u_int32_t eid)
+pa_tnc_attr_t *tcg_swid_attr_req_create(uint8_t flags, uint32_t request_id,
+ uint32_t eid)
{
private_tcg_swid_attr_req_t *this;
diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_req.h b/src/libimcv/tcg/swid/tcg_swid_attr_req.h
index fd2ccdc4f..b28c33a8b 100644
--- a/src/libimcv/tcg/swid/tcg_swid_attr_req.h
+++ b/src/libimcv/tcg/swid/tcg_swid_attr_req.h
@@ -53,21 +53,21 @@ struct tcg_swid_attr_req_t {
*
* @return Flags
*/
- u_int8_t (*get_flags)(tcg_swid_attr_req_t *this);
+ uint8_t (*get_flags)(tcg_swid_attr_req_t *this);
/**
* Get Request ID
*
* @return Request ID
*/
- u_int32_t (*get_request_id)(tcg_swid_attr_req_t *this);
+ uint32_t (*get_request_id)(tcg_swid_attr_req_t *this);
/**
* Get Earliest EID
*
* @return Event ID
*/
- u_int32_t (*get_earliest_eid)(tcg_swid_attr_req_t *this);
+ uint32_t (*get_earliest_eid)(tcg_swid_attr_req_t *this);
/**
* Add Tag ID
@@ -92,8 +92,8 @@ struct tcg_swid_attr_req_t {
* @param request_id Request ID
* @param eid Earliest Event ID
*/
-pa_tnc_attr_t* tcg_swid_attr_req_create(u_int8_t flags, u_int32_t request_id,
- u_int32_t eid);
+pa_tnc_attr_t* tcg_swid_attr_req_create(uint8_t flags, uint32_t request_id,
+ uint32_t eid);
/**
* Creates an tcg_swid_attr_req_t object from received data
diff --git a/src/libimcv/tcg/tcg_attr.c b/src/libimcv/tcg/tcg_attr.c
index 3ed6e8699..ab1fa43a5 100644
--- a/src/libimcv/tcg/tcg_attr.c
+++ b/src/libimcv/tcg/tcg_attr.c
@@ -185,7 +185,7 @@ ENUM_END(tcg_attr_names, TCG_PTS_AIK);
/**
* See header
*/
-pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, size_t length, chunk_t value)
+pa_tnc_attr_t* tcg_attr_create_from_data(uint32_t type, size_t length, chunk_t value)
{
switch (type)
{
diff --git a/src/libimcv/tcg/tcg_attr.h b/src/libimcv/tcg/tcg_attr.h
index 3a9a7b2e7..d915c785c 100644
--- a/src/libimcv/tcg/tcg_attr.h
+++ b/src/libimcv/tcg/tcg_attr.h
@@ -101,7 +101,7 @@ extern enum_name_t *tcg_attr_names;
* @param length attribute length
* @param value attribute value or segment
*/
-pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, size_t length,
+pa_tnc_attr_t* tcg_attr_create_from_data(uint32_t type, size_t length,
chunk_t value);
#endif /** TCG_ATTR_H_ @}*/
diff --git a/src/libipsec/Makefile.in b/src/libipsec/Makefile.in
index a08d8c51f..19a2577b7 100644
--- a/src/libipsec/Makefile.in
+++ b/src/libipsec/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libipsec
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -215,6 +224,7 @@ am__define_uniq_tagged_files = \
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -246,6 +256,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -295,6 +306,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -329,6 +341,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -440,6 +453,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -509,7 +523,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libipsec/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libipsec/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -894,6 +907,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libipsec/esp_context.c b/src/libipsec/esp_context.c
index 2b003e390..6c7e9a1c9 100644
--- a/src/libipsec/esp_context.c
+++ b/src/libipsec/esp_context.c
@@ -49,7 +49,7 @@ struct private_esp_context_t {
* The highest sequence number that was successfully verified
* and authenticated, or assigned in an outbound context
*/
- u_int32_t last_seqno;
+ uint32_t last_seqno;
/**
* The bit in the window of the highest authenticated sequence number
@@ -103,7 +103,7 @@ static inline bool get_window_bit(private_esp_context_t *this, u_int index)
/**
* Returns TRUE if the supplied seqno is not already marked in the window
*/
-static bool check_window(private_esp_context_t *this, u_int32_t seqno)
+static bool check_window(private_esp_context_t *this, uint32_t seqno)
{
u_int offset;
@@ -113,7 +113,7 @@ static bool check_window(private_esp_context_t *this, u_int32_t seqno)
}
METHOD(esp_context_t, verify_seqno, bool,
- private_esp_context_t *this, u_int32_t seqno)
+ private_esp_context_t *this, uint32_t seqno)
{
if (!this->inbound)
{
@@ -145,7 +145,7 @@ METHOD(esp_context_t, verify_seqno, bool,
}
METHOD(esp_context_t, set_authenticated_seqno, void,
- private_esp_context_t *this, u_int32_t seqno)
+ private_esp_context_t *this, uint32_t seqno)
{
u_int i, shift;
@@ -173,14 +173,14 @@ METHOD(esp_context_t, set_authenticated_seqno, void,
}
}
-METHOD(esp_context_t, get_seqno, u_int32_t,
+METHOD(esp_context_t, get_seqno, uint32_t,
private_esp_context_t *this)
{
return this->last_seqno;
}
METHOD(esp_context_t, next_seqno, bool,
- private_esp_context_t *this, u_int32_t *seqno)
+ private_esp_context_t *this, uint32_t *seqno)
{
if (this->inbound || this->last_seqno == UINT32_MAX)
{ /* inbound or segno would cycle */
diff --git a/src/libipsec/esp_context.h b/src/libipsec/esp_context.h
index b33daf589..322dab97f 100644
--- a/src/libipsec/esp_context.h
+++ b/src/libipsec/esp_context.h
@@ -46,7 +46,7 @@ struct esp_context_t {
*
* @return current sequence number, in host byte order
*/
- u_int32_t (*get_seqno)(esp_context_t *this);
+ uint32_t (*get_seqno)(esp_context_t *this);
/**
* Allocate the next outbound ESP sequence number.
@@ -54,7 +54,7 @@ struct esp_context_t {
* @param seqno the sequence number, in host byte order
* @return FALSE if the sequence number cycled or inbound context
*/
- bool (*next_seqno)(esp_context_t *this, u_int32_t *seqno);
+ bool (*next_seqno)(esp_context_t *this, uint32_t *seqno);
/**
* Verify an ESP sequence number. Checks whether a packet with this
@@ -66,7 +66,7 @@ struct esp_context_t {
* @param seqno the sequence number to verify, in host byte order
* @return TRUE when sequence number is valid
*/
- bool (*verify_seqno)(esp_context_t *this, u_int32_t seqno);
+ bool (*verify_seqno)(esp_context_t *this, uint32_t seqno);
/**
* Adds a sequence number that was successfully verified and
@@ -76,7 +76,7 @@ struct esp_context_t {
* @param seqno verified and authenticated seq number in host byte order
*/
void (*set_authenticated_seqno)(esp_context_t *this,
- u_int32_t seqno);
+ uint32_t seqno);
/**
* Destroy an esp_context_t
diff --git a/src/libipsec/esp_packet.c b/src/libipsec/esp_packet.c
index 822302280..50bc8b4f7 100644
--- a/src/libipsec/esp_packet.c
+++ b/src/libipsec/esp_packet.c
@@ -52,7 +52,7 @@ struct private_esp_packet_t {
/**
* Next Header info (e.g. IPPROTO_IPIP)
*/
- u_int8_t next_header;
+ uint8_t next_header;
};
@@ -97,14 +97,14 @@ METHOD(packet_t, set_data, void,
return this->packet->set_data(this->packet, data);
}
-METHOD(packet_t, get_dscp, u_int8_t,
+METHOD(packet_t, get_dscp, uint8_t,
private_esp_packet_t *this)
{
return this->packet->get_dscp(this->packet);
}
METHOD(packet_t, set_dscp, void,
- private_esp_packet_t *this, u_int8_t value)
+ private_esp_packet_t *this, uint8_t value)
{
this->packet->set_dscp(this->packet, value);
}
@@ -127,10 +127,10 @@ METHOD(packet_t, clone_, packet_t*,
}
METHOD(esp_packet_t, parse_header, bool,
- private_esp_packet_t *this, u_int32_t *spi)
+ private_esp_packet_t *this, uint32_t *spi)
{
bio_reader_t *reader;
- u_int32_t seq;
+ uint32_t seq;
reader = bio_reader_create(this->packet->get_data(this->packet));
if (!reader->read_uint32(reader, spi) ||
@@ -156,7 +156,7 @@ static bool check_padding(chunk_t padding)
for (i = 0; i < padding.len; ++i)
{
- if (padding.ptr[i] != (u_int8_t)(i + 1))
+ if (padding.ptr[i] != (uint8_t)(i + 1))
{
return FALSE;
}
@@ -169,7 +169,7 @@ static bool check_padding(chunk_t padding)
*/
static bool remove_padding(private_esp_packet_t *this, chunk_t plaintext)
{
- u_int8_t next_header, pad_length;
+ uint8_t next_header, pad_length;
chunk_t padding, payload;
bio_reader_t *reader;
@@ -211,7 +211,7 @@ METHOD(esp_packet_t, decrypt, status_t,
private_esp_packet_t *this, esp_context_t *esp_context)
{
bio_reader_t *reader;
- u_int32_t spi, seq;
+ uint32_t spi, seq;
chunk_t data, iv, icv, aad, ciphertext, plaintext;
aead_t *aead;
@@ -272,16 +272,16 @@ static void generate_padding(chunk_t padding)
for (i = 0; i < padding.len; ++i)
{
- padding.ptr[i] = (u_int8_t)(i + 1);
+ padding.ptr[i] = (uint8_t)(i + 1);
}
}
METHOD(esp_packet_t, encrypt, status_t,
- private_esp_packet_t *this, esp_context_t *esp_context, u_int32_t spi)
+ private_esp_packet_t *this, esp_context_t *esp_context, uint32_t spi)
{
chunk_t iv, icv, aad, padding, payload, ciphertext;
bio_writer_t *writer;
- u_int32_t next_seqno;
+ uint32_t next_seqno;
size_t blocksize, plainlen;
aead_t *aead;
iv_gen_t *iv_gen;
@@ -316,7 +316,7 @@ METHOD(esp_packet_t, encrypt, status_t,
plainlen += padding.len;
/* len = spi, seq, IV, plaintext, ICV */
- writer = bio_writer_create(2 * sizeof(u_int32_t) + iv.len + plainlen +
+ writer = bio_writer_create(2 * sizeof(uint32_t) + iv.len + plainlen +
icv.len);
writer->write_uint32(writer, ntohl(spi));
writer->write_uint32(writer, next_seqno);
@@ -349,7 +349,7 @@ METHOD(esp_packet_t, encrypt, status_t,
DBG3(DBG_ESP, "ESP before encryption:\n payload = %B\n padding = %B\n "
"padding length = %hhu, next header = %hhu", &payload, &padding,
- (u_int8_t)padding.len, this->next_header);
+ (uint8_t)padding.len, this->next_header);
/* encrypt/authenticate the content inline */
if (!aead->encrypt(aead, ciphertext, aad, iv, NULL))
@@ -368,7 +368,7 @@ METHOD(esp_packet_t, encrypt, status_t,
return SUCCESS;
}
-METHOD(esp_packet_t, get_next_header, u_int8_t,
+METHOD(esp_packet_t, get_next_header, uint8_t,
private_esp_packet_t *this)
{
return this->next_header;
diff --git a/src/libipsec/esp_packet.h b/src/libipsec/esp_packet.h
index f1941a3ba..c42acba43 100644
--- a/src/libipsec/esp_packet.h
+++ b/src/libipsec/esp_packet.h
@@ -64,7 +64,7 @@ struct esp_packet_t {
* @return TRUE when successful, FALSE otherwise (e.g. when the
* length of the packet is invalid)
*/
- bool (*parse_header)(esp_packet_t *this, u_int32_t *spi);
+ bool (*parse_header)(esp_packet_t *this, uint32_t *spi);
/**
* Authenticate and decrypt the packet. Also verifies the sequence number
@@ -94,7 +94,7 @@ struct esp_packet_t {
* - NOT_FOUND if no suitable IV generator provided
*/
status_t (*encrypt)(esp_packet_t *this, esp_context_t *esp_context,
- u_int32_t spi);
+ uint32_t spi);
/**
* Get the next header field of a packet.
@@ -103,7 +103,7 @@ struct esp_packet_t {
*
* @return next header field
*/
- u_int8_t (*get_next_header)(esp_packet_t *this);
+ uint8_t (*get_next_header)(esp_packet_t *this);
/**
* Get the plaintext payload of this packet.
diff --git a/src/libipsec/ip_packet.c b/src/libipsec/ip_packet.c
index 21dbd5e89..0fdd5d340 100644
--- a/src/libipsec/ip_packet.c
+++ b/src/libipsec/ip_packet.c
@@ -31,14 +31,14 @@
* and unfortunately Android does not define a variant with BSD names.
*/
struct tcphdr {
- u_int16_t source;
- u_int16_t dest;
- u_int32_t seq;
- u_int32_t ack_seq;
- u_int16_t flags;
- u_int16_t window;
- u_int16_t check;
- u_int16_t urg_ptr;
+ uint16_t source;
+ uint16_t dest;
+ uint32_t seq;
+ uint32_t ack_seq;
+ uint16_t flags;
+ uint16_t window;
+ uint16_t check;
+ uint16_t urg_ptr;
} __attribute__((packed));
/**
@@ -47,10 +47,10 @@ struct tcphdr {
* the BSD member names, but this is simpler and more consistent with the above.
*/
struct udphdr {
- u_int16_t source;
- u_int16_t dest;
- u_int16_t len;
- u_int16_t check;
+ uint16_t source;
+ uint16_t dest;
+ uint16_t len;
+ uint16_t check;
} __attribute__((packed));
typedef struct private_ip_packet_t private_ip_packet_t;
@@ -88,16 +88,16 @@ struct private_ip_packet_t {
/**
* IP version
*/
- u_int8_t version;
+ uint8_t version;
/**
* Protocol|Next Header field
*/
- u_int8_t next_header;
+ uint8_t next_header;
};
-METHOD(ip_packet_t, get_version, u_int8_t,
+METHOD(ip_packet_t, get_version, uint8_t,
private_ip_packet_t *this)
{
return this->version;
@@ -127,7 +127,7 @@ METHOD(ip_packet_t, get_payload, chunk_t,
return this->payload;
}
-METHOD(ip_packet_t, get_next_header, u_int8_t,
+METHOD(ip_packet_t, get_next_header, uint8_t,
private_ip_packet_t *this)
{
return this->next_header;
@@ -151,8 +151,8 @@ METHOD(ip_packet_t, destroy, void,
/**
* Parse transport protocol header
*/
-static bool parse_transport_header(chunk_t packet, u_int8_t proto,
- u_int16_t *sport, u_int16_t *dport)
+static bool parse_transport_header(chunk_t packet, uint8_t proto,
+ uint16_t *sport, uint16_t *dport)
{
switch (proto)
{
@@ -196,8 +196,8 @@ static bool parse_transport_header(chunk_t packet, u_int8_t proto,
ip_packet_t *ip_packet_create(chunk_t packet)
{
private_ip_packet_t *this;
- u_int8_t version, next_header;
- u_int16_t sport = 0, dport = 0;
+ uint8_t version, next_header;
+ uint16_t sport = 0, dport = 0;
host_t *src, *dst;
chunk_t payload;
@@ -296,19 +296,19 @@ failed:
/**
* Calculate the checksum for the pseudo IP header
*/
-static u_int16_t pseudo_header_checksum(host_t *src, host_t *dst,
- u_int8_t proto, chunk_t payload)
+static uint16_t pseudo_header_checksum(host_t *src, host_t *dst,
+ uint8_t proto, chunk_t payload)
{
switch (src->get_family(src))
{
case AF_INET:
{
struct __attribute__((packed)) {
- u_int32_t src;
- u_int32_t dst;
+ uint32_t src;
+ uint32_t dst;
u_char zero;
u_char proto;
- u_int16_t len;
+ uint16_t len;
} pseudo = {
.proto = proto,
.len = htons(payload.len),
@@ -324,7 +324,7 @@ static u_int16_t pseudo_header_checksum(host_t *src, host_t *dst,
struct __attribute__((packed)) {
u_char src[16];
u_char dst[16];
- u_int32_t len;
+ uint32_t len;
u_char zero[3];
u_char next_header;
} pseudo = {
@@ -344,10 +344,10 @@ static u_int16_t pseudo_header_checksum(host_t *src, host_t *dst,
/**
* Apply transport ports and calculate header checksums
*/
-static void fix_transport_header(host_t *src, host_t *dst, u_int8_t proto,
+static void fix_transport_header(host_t *src, host_t *dst, uint8_t proto,
chunk_t payload)
{
- u_int16_t sum = 0, sport, dport;
+ uint16_t sum = 0, sport, dport;
sport = src->get_port(src);
dport = dst->get_port(dst);
@@ -407,7 +407,7 @@ static void fix_transport_header(host_t *src, host_t *dst, u_int8_t proto,
* Described in header.
*/
ip_packet_t *ip_packet_create_from_data(host_t *src, host_t *dst,
- u_int8_t next_header, chunk_t data)
+ uint8_t next_header, chunk_t data)
{
chunk_t packet;
int family;
diff --git a/src/libipsec/ip_packet.h b/src/libipsec/ip_packet.h
index fa38eac2c..1e1d619a2 100644
--- a/src/libipsec/ip_packet.h
+++ b/src/libipsec/ip_packet.h
@@ -37,7 +37,7 @@ struct ip_packet_t {
*
* @return ip version
*/
- u_int8_t (*get_version)(ip_packet_t *this);
+ uint8_t (*get_version)(ip_packet_t *this);
/**
* Get the source address of this packet
@@ -58,7 +58,7 @@ struct ip_packet_t {
*
* @return protocol|next header field
*/
- u_int8_t (*get_next_header)(ip_packet_t *this);
+ uint8_t (*get_next_header)(ip_packet_t *this);
/**
* Get the complete IP packet (including the header)
@@ -113,7 +113,7 @@ ip_packet_t *ip_packet_create(chunk_t packet);
* @return ip_packet_t instance, or NULL if invalid
*/
ip_packet_t *ip_packet_create_from_data(host_t *src, host_t *dst,
- u_int8_t next_header, chunk_t data);
+ uint8_t next_header, chunk_t data);
/**
* Encode a UDP packet from the given data.
diff --git a/src/libipsec/ipsec_event_listener.h b/src/libipsec/ipsec_event_listener.h
index f15f6fe52..e784cedb3 100644
--- a/src/libipsec/ipsec_event_listener.h
+++ b/src/libipsec/ipsec_event_listener.h
@@ -40,7 +40,7 @@ struct ipsec_event_listener_t {
* @param dst destination address of expired SA
* @param hard TRUE if this is a hard expire, FALSE otherwise
*/
- void (*expire)(u_int8_t protocol, u_int32_t spi, host_t *dst, bool hard);
+ void (*expire)(uint8_t protocol, uint32_t spi, host_t *dst, bool hard);
};
#endif /** IPSEC_EVENT_LISTENER_H_ @}*/
diff --git a/src/libipsec/ipsec_event_relay.c b/src/libipsec/ipsec_event_relay.c
index 048063053..94cc6527f 100644
--- a/src/libipsec/ipsec_event_relay.c
+++ b/src/libipsec/ipsec_event_relay.c
@@ -67,12 +67,12 @@ typedef struct {
/**
* Protocol of the SA
*/
- u_int8_t protocol;
+ uint8_t protocol;
/**
* SPI of the SA, if any
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* SA destination address
@@ -135,7 +135,7 @@ static job_requeue_t handle_events(private_ipsec_event_relay_t *this)
}
METHOD(ipsec_event_relay_t, expire, void,
- private_ipsec_event_relay_t *this, u_int8_t protocol, u_int32_t spi,
+ private_ipsec_event_relay_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, bool hard)
{
ipsec_event_t *event;
diff --git a/src/libipsec/ipsec_event_relay.h b/src/libipsec/ipsec_event_relay.h
index 1dddf121b..056352e84 100644
--- a/src/libipsec/ipsec_event_relay.h
+++ b/src/libipsec/ipsec_event_relay.h
@@ -43,7 +43,7 @@ struct ipsec_event_relay_t {
* @param dst destination address of expired SA
* @param hard TRUE for a hard expire, FALSE otherwise
*/
- void (*expire)(ipsec_event_relay_t *this, u_int8_t protocol, u_int32_t spi,
+ void (*expire)(ipsec_event_relay_t *this, uint8_t protocol, uint32_t spi,
host_t *dst, bool hard);
/**
diff --git a/src/libipsec/ipsec_policy.c b/src/libipsec/ipsec_policy.c
index 8407921ac..8077d3c8d 100644
--- a/src/libipsec/ipsec_policy.c
+++ b/src/libipsec/ipsec_policy.c
@@ -54,7 +54,7 @@ struct private_ipsec_policy_t {
/**
* If any of the two TS has a protocol selector we cache it here
*/
- u_int8_t protocol;
+ uint8_t protocol;
/**
* Traffic direction
@@ -90,7 +90,7 @@ struct private_ipsec_policy_t {
METHOD(ipsec_policy_t, match, bool,
private_ipsec_policy_t *this, traffic_selector_t *src_ts,
- traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid,
+ traffic_selector_t *dst_ts, policy_dir_t direction, uint32_t reqid,
mark_t mark, policy_priority_t priority)
{
return (this->direction == direction &&
@@ -104,7 +104,7 @@ METHOD(ipsec_policy_t, match, bool,
METHOD(ipsec_policy_t, match_packet, bool,
private_ipsec_policy_t *this, ip_packet_t *packet)
{
- u_int8_t proto = packet->get_next_header(packet);
+ uint8_t proto = packet->get_next_header(packet);
host_t *src = packet->get_source(packet),
*dst = packet->get_destination(packet);
@@ -125,7 +125,7 @@ METHOD(ipsec_policy_t, get_destination_ts, traffic_selector_t*,
return this->dst_ts;
}
-METHOD(ipsec_policy_t, get_reqid, u_int32_t,
+METHOD(ipsec_policy_t, get_reqid, uint32_t,
private_ipsec_policy_t *this)
{
return this->sa.reqid;
diff --git a/src/libipsec/ipsec_policy.h b/src/libipsec/ipsec_policy.h
index 23a9ea99d..6d67a602e 100644
--- a/src/libipsec/ipsec_policy.h
+++ b/src/libipsec/ipsec_policy.h
@@ -77,7 +77,7 @@ struct ipsec_policy_t {
*
* @return the reqid
*/
- u_int32_t (*get_reqid)(ipsec_policy_t *this);
+ uint32_t (*get_reqid)(ipsec_policy_t *this);
/**
* Get another reference to this policy
@@ -99,7 +99,7 @@ struct ipsec_policy_t {
*/
bool (*match)(ipsec_policy_t *this, traffic_selector_t *src_ts,
traffic_selector_t *dst_ts, policy_dir_t direction,
- u_int32_t reqid, mark_t mark, policy_priority_t priority);
+ uint32_t reqid, mark_t mark, policy_priority_t priority);
/**
* Check if this policy matches the given IP packet
diff --git a/src/libipsec/ipsec_policy_mgr.c b/src/libipsec/ipsec_policy_mgr.c
index 3f312ffd2..8570e07a8 100644
--- a/src/libipsec/ipsec_policy_mgr.c
+++ b/src/libipsec/ipsec_policy_mgr.c
@@ -57,7 +57,7 @@ typedef struct {
/**
* Priority used to sort policies
*/
- u_int32_t priority;
+ uint32_t priority;
/**
* The policy
@@ -70,13 +70,13 @@ typedef struct {
* Calculate the pseudo-priority to sort policies. This is the same algorithm
* used by the NETLINK kernel interface (i.e. high priority -> low value).
*/
-static u_int32_t calculate_priority(policy_priority_t policy_priority,
+static uint32_t calculate_priority(policy_priority_t policy_priority,
traffic_selector_t *src,
traffic_selector_t *dst)
{
- u_int32_t priority = PRIO_BASE;
- u_int16_t port;
- u_int8_t mask, proto;
+ uint32_t priority = PRIO_BASE;
+ uint16_t port;
+ uint8_t mask, proto;
host_t *net;
switch (policy_priority)
@@ -182,7 +182,7 @@ METHOD(ipsec_policy_mgr_t, del_policy, status_t,
{
enumerator_t *enumerator;
ipsec_policy_entry_t *current, *found = NULL;
- u_int32_t priority;
+ uint32_t priority;
if (type != POLICY_IPSEC || direction == POLICY_FWD)
{ /* we ignore these policies as we currently have no use for them */
@@ -235,7 +235,7 @@ METHOD(ipsec_policy_mgr_t, flush_policies, status_t,
METHOD(ipsec_policy_mgr_t, find_by_packet, ipsec_policy_t*,
private_ipsec_policy_mgr_t *this, ip_packet_t *packet, bool inbound,
- u_int32_t reqid)
+ uint32_t reqid)
{
enumerator_t *enumerator;
ipsec_policy_entry_t *current;
diff --git a/src/libipsec/ipsec_policy_mgr.h b/src/libipsec/ipsec_policy_mgr.h
index 0ea797e7a..97e147e40 100644
--- a/src/libipsec/ipsec_policy_mgr.h
+++ b/src/libipsec/ipsec_policy_mgr.h
@@ -105,7 +105,7 @@ struct ipsec_policy_mgr_t {
*/
ipsec_policy_t *(*find_by_packet)(ipsec_policy_mgr_t *this,
ip_packet_t *packet, bool inbound,
- u_int32_t reqid);
+ uint32_t reqid);
/**
* Destroy an ipsec_policy_mgr_t
diff --git a/src/libipsec/ipsec_processor.c b/src/libipsec/ipsec_processor.c
index ee297a34b..af79707d1 100644
--- a/src/libipsec/ipsec_processor.c
+++ b/src/libipsec/ipsec_processor.c
@@ -93,8 +93,8 @@ static job_requeue_t process_inbound(private_ipsec_processor_t *this)
esp_packet_t *packet;
ip_packet_t *ip_packet;
ipsec_sa_t *sa;
- u_int8_t next_header;
- u_int32_t spi, reqid;
+ uint8_t next_header;
+ uint32_t spi, reqid;
packet = (esp_packet_t*)this->inbound_queue->dequeue(this->inbound_queue);
diff --git a/src/libipsec/ipsec_sa.c b/src/libipsec/ipsec_sa.c
index ccbbb1b3c..ba020658b 100644
--- a/src/libipsec/ipsec_sa.c
+++ b/src/libipsec/ipsec_sa.c
@@ -36,7 +36,7 @@ struct private_ipsec_sa_t {
/**
* SPI of this SA
*/
- u_int32_t spi;
+ uint32_t spi;
/**
* Source address
@@ -51,12 +51,12 @@ struct private_ipsec_sa_t {
/**
* Protocol
*/
- u_int8_t protocol;
+ uint8_t protocol;
/**
* Reqid of this SA
*/
- u_int32_t reqid;
+ uint32_t reqid;
/**
* Lifetime configuration
@@ -90,9 +90,9 @@ struct private_ipsec_sa_t {
/** last time of use */
time_t time;
/** number of packets processed */
- u_int64_t packets;
+ uint64_t packets;
/** number of bytes processed */
- u_int64_t bytes;
+ uint64_t bytes;
} use;
/**
@@ -132,19 +132,19 @@ METHOD(ipsec_sa_t, set_destination, void,
this->dst = addr->clone(addr);
}
-METHOD(ipsec_sa_t, get_spi, u_int32_t,
+METHOD(ipsec_sa_t, get_spi, uint32_t,
private_ipsec_sa_t *this)
{
return this->spi;
}
-METHOD(ipsec_sa_t, get_reqid, u_int32_t,
+METHOD(ipsec_sa_t, get_reqid, uint32_t,
private_ipsec_sa_t *this)
{
return this->reqid;
}
-METHOD(ipsec_sa_t, get_protocol, u_int8_t,
+METHOD(ipsec_sa_t, get_protocol, uint8_t,
private_ipsec_sa_t *this)
{
return this->protocol;
@@ -169,7 +169,7 @@ METHOD(ipsec_sa_t, get_esp_context, esp_context_t*,
}
METHOD(ipsec_sa_t, get_usestats, void,
- private_ipsec_sa_t *this, u_int64_t *bytes, u_int64_t *packets,
+ private_ipsec_sa_t *this, uint64_t *bytes, uint64_t *packets,
time_t *time)
{
if (bytes)
@@ -210,7 +210,7 @@ METHOD(ipsec_sa_t, expire, void,
}
METHOD(ipsec_sa_t, update_usestats, void,
- private_ipsec_sa_t *this, u_int32_t bytes)
+ private_ipsec_sa_t *this, uint32_t bytes)
{
this->use.time = time_monotonic(NULL);
this->use.packets++;
@@ -239,21 +239,21 @@ METHOD(ipsec_sa_t, update_usestats, void,
}
METHOD(ipsec_sa_t, match_by_spi_dst, bool,
- private_ipsec_sa_t *this, u_int32_t spi, host_t *dst)
+ private_ipsec_sa_t *this, uint32_t spi, host_t *dst)
{
return this->spi == spi && this->dst->ip_equals(this->dst, dst) &&
!this->hard_expired;
}
METHOD(ipsec_sa_t, match_by_spi_src_dst, bool,
- private_ipsec_sa_t *this, u_int32_t spi, host_t *src, host_t *dst)
+ private_ipsec_sa_t *this, uint32_t spi, host_t *src, host_t *dst)
{
return this->spi == spi && this->src->ip_equals(this->src, src) &&
this->dst->ip_equals(this->dst, dst);
}
METHOD(ipsec_sa_t, match_by_reqid, bool,
- private_ipsec_sa_t *this, u_int32_t reqid, bool inbound)
+ private_ipsec_sa_t *this, uint32_t reqid, bool inbound)
{
return this->reqid == reqid && this->inbound == inbound &&
!this->hard_expired;
@@ -271,11 +271,11 @@ METHOD(ipsec_sa_t, destroy, void,
/**
* Described in header.
*/
-ipsec_sa_t *ipsec_sa_create(u_int32_t spi, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t reqid, mark_t mark, u_int32_t tfc,
- lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
- u_int16_t ipcomp, u_int16_t cpi, bool encap, bool esn, bool inbound)
+ipsec_sa_t *ipsec_sa_create(uint32_t spi, host_t *src, host_t *dst,
+ uint8_t protocol, uint32_t reqid, mark_t mark, uint32_t tfc,
+ lifetime_cfg_t *lifetime, uint16_t enc_alg, chunk_t enc_key,
+ uint16_t int_alg, chunk_t int_key, ipsec_mode_t mode,
+ uint16_t ipcomp, uint16_t cpi, bool encap, bool esn, bool inbound)
{
private_ipsec_sa_t *this;
diff --git a/src/libipsec/ipsec_sa.h b/src/libipsec/ipsec_sa.h
index 8dad29ac5..36fe48379 100644
--- a/src/libipsec/ipsec_sa.h
+++ b/src/libipsec/ipsec_sa.h
@@ -70,21 +70,21 @@ struct ipsec_sa_t {
*
* @return SPI of this SA
*/
- u_int32_t (*get_spi)(ipsec_sa_t *this);
+ uint32_t (*get_spi)(ipsec_sa_t *this);
/**
* Get the reqid of this SA
*
* @return reqid of this SA
*/
- u_int32_t (*get_reqid)(ipsec_sa_t *this);
+ uint32_t (*get_reqid)(ipsec_sa_t *this);
/**
* Get the protocol (e.g. IPPROTO_ESP) of this SA
*
* @return protocol of this SA
*/
- u_int8_t (*get_protocol)(ipsec_sa_t *this);
+ uint8_t (*get_protocol)(ipsec_sa_t *this);
/**
* Returns whether this SA is inbound or outbound
@@ -116,7 +116,7 @@ struct ipsec_sa_t {
* @param packets receives number of processed packets, or NULL
* @param time receives last use time of this SA, or NULL
*/
- void (*get_usestats)(ipsec_sa_t *this, u_int64_t *bytes, u_int64_t *packets,
+ void (*get_usestats)(ipsec_sa_t *this, uint64_t *bytes, uint64_t *packets,
time_t *time);
/**
@@ -124,7 +124,7 @@ struct ipsec_sa_t {
*
* @param bytes length of packet processed
*/
- void (*update_usestats)(ipsec_sa_t *this, u_int32_t bytes);
+ void (*update_usestats)(ipsec_sa_t *this, uint32_t bytes);
/**
* Expire this SA, soft or hard.
@@ -145,7 +145,7 @@ struct ipsec_sa_t {
* @param dst destination address
* @return TRUE if this SA matches all parameters, FALSE otherwise
*/
- bool (*match_by_spi_dst)(ipsec_sa_t *this, u_int32_t spi, host_t *dst);
+ bool (*match_by_spi_dst)(ipsec_sa_t *this, uint32_t spi, host_t *dst);
/**
* Check if this SA matches all given parameters
@@ -155,7 +155,7 @@ struct ipsec_sa_t {
* @param dst destination address
* @return TRUE if this SA matches all parameters, FALSE otherwise
*/
- bool (*match_by_spi_src_dst)(ipsec_sa_t *this, u_int32_t spi, host_t *src,
+ bool (*match_by_spi_src_dst)(ipsec_sa_t *this, uint32_t spi, host_t *src,
host_t *dst);
/**
@@ -167,7 +167,7 @@ struct ipsec_sa_t {
* @param inbound TRUE for inbound SA, FALSE for outbound
* @return TRUE if this SA matches all parameters, FALSE otherwise
*/
- bool (*match_by_reqid)(ipsec_sa_t *this, u_int32_t reqid, bool inbound);
+ bool (*match_by_reqid)(ipsec_sa_t *this, uint32_t reqid, bool inbound);
/**
* Destroy an ipsec_sa_t
@@ -199,12 +199,12 @@ struct ipsec_sa_t {
* @param inbound TRUE if this is an inbound SA, FALSE otherwise
* @return the IPsec SA, or NULL if the creation failed
*/
-ipsec_sa_t *ipsec_sa_create(u_int32_t spi, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t reqid, mark_t mark,
- u_int32_t tfc, lifetime_cfg_t *lifetime,
- u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key,
- ipsec_mode_t mode, u_int16_t ipcomp, u_int16_t cpi,
+ipsec_sa_t *ipsec_sa_create(uint32_t spi, host_t *src, host_t *dst,
+ uint8_t protocol, uint32_t reqid, mark_t mark,
+ uint32_t tfc, lifetime_cfg_t *lifetime,
+ uint16_t enc_alg, chunk_t enc_key,
+ uint16_t int_alg, chunk_t int_key,
+ ipsec_mode_t mode, uint16_t ipcomp, uint16_t cpi,
bool encap, bool esn, bool inbound);
#endif /** IPSEC_SA_H_ @}*/
diff --git a/src/libipsec/ipsec_sa_mgr.c b/src/libipsec/ipsec_sa_mgr.c
index 9d461f2c1..ec35c6ea3 100644
--- a/src/libipsec/ipsec_sa_mgr.c
+++ b/src/libipsec/ipsec_sa_mgr.c
@@ -109,19 +109,19 @@ typedef struct {
/**
* 0 if this is a hard expire, otherwise the offset in s (soft->hard)
*/
- u_int32_t hard_offset;
+ uint32_t hard_offset;
} ipsec_sa_expired_t;
/*
* Used for the hash table of allocated SPIs
*/
-static bool spi_equals(u_int32_t *spi, u_int32_t *other_spi)
+static bool spi_equals(uint32_t *spi, uint32_t *other_spi)
{
return *spi == *other_spi;
}
-static u_int spi_hash(u_int32_t *spi)
+static u_int spi_hash(uint32_t *spi)
{
return chunk_hash(chunk_from_thing(*spi));
}
@@ -237,26 +237,26 @@ static bool match_entry_by_sa_ptr(ipsec_sa_entry_t *item, ipsec_sa_t *sa)
return item->sa == sa;
}
-static bool match_entry_by_spi_inbound(ipsec_sa_entry_t *item, u_int32_t *spi,
+static bool match_entry_by_spi_inbound(ipsec_sa_entry_t *item, uint32_t *spi,
bool *inbound)
{
return item->sa->get_spi(item->sa) == *spi &&
item->sa->is_inbound(item->sa) == *inbound;
}
-static bool match_entry_by_spi_src_dst(ipsec_sa_entry_t *item, u_int32_t *spi,
+static bool match_entry_by_spi_src_dst(ipsec_sa_entry_t *item, uint32_t *spi,
host_t *src, host_t *dst)
{
return item->sa->match_by_spi_src_dst(item->sa, *spi, src, dst);
}
static bool match_entry_by_reqid_inbound(ipsec_sa_entry_t *item,
- u_int32_t *reqid, bool *inbound)
+ uint32_t *reqid, bool *inbound)
{
return item->sa->match_by_reqid(item->sa, *reqid, *inbound);
}
-static bool match_entry_by_spi_dst(ipsec_sa_entry_t *item, u_int32_t *spi,
+static bool match_entry_by_spi_dst(ipsec_sa_entry_t *item, uint32_t *spi,
host_t *dst)
{
return item->sa->match_by_spi_dst(item->sa, *spi, dst);
@@ -299,7 +299,7 @@ static job_requeue_t sa_expired(ipsec_sa_expired_t *expired)
if (this->sas->find_first(this->sas, (void*)match_entry_by_ptr,
NULL, expired->entry) == SUCCESS)
{
- u_int32_t hard_offset;
+ uint32_t hard_offset;
hard_offset = expired->hard_offset;
expired->entry->sa->expire(expired->entry->sa, hard_offset == 0);
@@ -328,7 +328,7 @@ static void schedule_expiration(private_ipsec_sa_mgr_t *this,
lifetime_cfg_t *lifetime = entry->sa->get_lifetime(entry->sa);
ipsec_sa_expired_t *expired;
callback_job_t *job;
- u_int32_t timeout;
+ uint32_t timeout;
if (!lifetime->time.life)
{ /* no expiration at all */
@@ -362,7 +362,7 @@ static void schedule_expiration(private_ipsec_sa_mgr_t *this,
static void flush_allocated_spis(private_ipsec_sa_mgr_t *this)
{
enumerator_t *enumerator;
- u_int32_t *current;
+ uint32_t *current;
DBG2(DBG_ESP, "flushing allocated SPIs");
enumerator = this->allocated_spis->create_enumerator(this->allocated_spis);
@@ -378,9 +378,9 @@ static void flush_allocated_spis(private_ipsec_sa_mgr_t *this)
/**
* Pre-allocate an SPI for an inbound SA
*/
-static bool allocate_spi(private_ipsec_sa_mgr_t *this, u_int32_t spi)
+static bool allocate_spi(private_ipsec_sa_mgr_t *this, uint32_t spi)
{
- u_int32_t *spi_alloc;
+ uint32_t *spi_alloc;
if (this->allocated_spis->get(this->allocated_spis, &spi) ||
this->sas->find_first(this->sas, (void*)match_entry_by_spi_inbound,
@@ -388,17 +388,17 @@ static bool allocate_spi(private_ipsec_sa_mgr_t *this, u_int32_t spi)
{
return FALSE;
}
- spi_alloc = malloc_thing(u_int32_t);
+ spi_alloc = malloc_thing(uint32_t);
*spi_alloc = spi;
this->allocated_spis->put(this->allocated_spis, spi_alloc, spi_alloc);
return TRUE;
}
METHOD(ipsec_sa_mgr_t, get_spi, status_t,
- private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, u_int8_t protocol,
- u_int32_t *spi)
+ private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, uint8_t protocol,
+ uint32_t *spi)
{
- u_int32_t spi_new;
+ uint32_t spi_new;
this->mutex->lock(this->mutex);
if (!this->rng)
@@ -415,7 +415,7 @@ METHOD(ipsec_sa_mgr_t, get_spi, status_t,
do
{
if (!this->rng->get_bytes(this->rng, sizeof(spi_new),
- (u_int8_t*)&spi_new))
+ (uint8_t*)&spi_new))
{
this->mutex->unlock(this->mutex);
DBG1(DBG_ESP, "failed to allocate SPI");
@@ -435,11 +435,11 @@ METHOD(ipsec_sa_mgr_t, get_spi, status_t,
}
METHOD(ipsec_sa_mgr_t, add_sa, status_t,
- private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, u_int32_t spi,
- u_int8_t protocol, u_int32_t reqid, mark_t mark, u_int32_t tfc,
- lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
- u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode, u_int16_t ipcomp,
- u_int16_t cpi, bool initiator, bool encap, bool esn, bool inbound,
+ private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, uint32_t spi,
+ uint8_t protocol, uint32_t reqid, mark_t mark, uint32_t tfc,
+ lifetime_cfg_t *lifetime, uint16_t enc_alg, chunk_t enc_key,
+ uint16_t int_alg, chunk_t int_key, ipsec_mode_t mode, uint16_t ipcomp,
+ uint16_t cpi, bool initiator, bool encap, bool esn, bool inbound,
bool update)
{
ipsec_sa_entry_t *entry;
@@ -465,7 +465,7 @@ METHOD(ipsec_sa_mgr_t, add_sa, status_t,
if (update)
{ /* remove any pre-allocated SPIs */
- u_int32_t *spi_alloc;
+ uint32_t *spi_alloc;
spi_alloc = this->allocated_spis->remove(this->allocated_spis, &spi);
free(spi_alloc);
@@ -489,8 +489,8 @@ METHOD(ipsec_sa_mgr_t, add_sa, status_t,
}
METHOD(ipsec_sa_mgr_t, update_sa, status_t,
- private_ipsec_sa_mgr_t *this, u_int32_t spi, u_int8_t protocol,
- u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
+ private_ipsec_sa_mgr_t *this, uint32_t spi, uint8_t protocol,
+ uint16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
bool encap, bool new_encap, mark_t mark)
{
ipsec_sa_entry_t *entry = NULL;
@@ -528,8 +528,8 @@ METHOD(ipsec_sa_mgr_t, update_sa, status_t,
METHOD(ipsec_sa_mgr_t, query_sa, status_t,
private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time)
+ uint32_t spi, uint8_t protocol, mark_t mark,
+ uint64_t *bytes, uint64_t *packets, time_t *time)
{
ipsec_sa_entry_t *entry = NULL;
@@ -549,8 +549,8 @@ METHOD(ipsec_sa_mgr_t, query_sa, status_t,
}
METHOD(ipsec_sa_mgr_t, del_sa, status_t,
- private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, u_int32_t spi,
- u_int8_t protocol, u_int16_t cpi, mark_t mark)
+ private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, uint32_t spi,
+ uint8_t protocol, uint16_t cpi, mark_t mark)
{
ipsec_sa_entry_t *current, *found = NULL;
enumerator_t *enumerator;
@@ -583,7 +583,7 @@ METHOD(ipsec_sa_mgr_t, del_sa, status_t,
}
METHOD(ipsec_sa_mgr_t, checkout_by_reqid, ipsec_sa_t*,
- private_ipsec_sa_mgr_t *this, u_int32_t reqid, bool inbound)
+ private_ipsec_sa_mgr_t *this, uint32_t reqid, bool inbound)
{
ipsec_sa_entry_t *entry;
ipsec_sa_t *sa = NULL;
@@ -600,7 +600,7 @@ METHOD(ipsec_sa_mgr_t, checkout_by_reqid, ipsec_sa_t*,
}
METHOD(ipsec_sa_mgr_t, checkout_by_spi, ipsec_sa_t*,
- private_ipsec_sa_mgr_t *this, u_int32_t spi, host_t *dst)
+ private_ipsec_sa_mgr_t *this, uint32_t spi, host_t *dst)
{
ipsec_sa_entry_t *entry;
ipsec_sa_t *sa = NULL;
diff --git a/src/libipsec/ipsec_sa_mgr.h b/src/libipsec/ipsec_sa_mgr.h
index a57eab4e7..708af1fda 100644
--- a/src/libipsec/ipsec_sa_mgr.h
+++ b/src/libipsec/ipsec_sa_mgr.h
@@ -49,7 +49,7 @@ struct ipsec_sa_mgr_t {
* @return SUCCESS of operation successful
*/
status_t (*get_spi)(ipsec_sa_mgr_t *this, host_t *src, host_t *dst,
- u_int8_t protocol, u_int32_t *spi);
+ uint8_t protocol, uint32_t *spi);
/**
* Add a new SA
@@ -77,11 +77,11 @@ struct ipsec_sa_mgr_t {
* @return SUCCESS if operation completed
*/
status_t (*add_sa)(ipsec_sa_mgr_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int32_t reqid,
- mark_t mark, u_int32_t tfc, lifetime_cfg_t *lifetime,
- u_int16_t enc_alg, chunk_t enc_key, u_int16_t int_alg,
- chunk_t int_key, ipsec_mode_t mode, u_int16_t ipcomp,
- u_int16_t cpi, bool initiator, bool encap, bool esn,
+ uint32_t spi, uint8_t protocol, uint32_t reqid,
+ mark_t mark, uint32_t tfc, lifetime_cfg_t *lifetime,
+ uint16_t enc_alg, chunk_t enc_key, uint16_t int_alg,
+ chunk_t int_key, ipsec_mode_t mode, uint16_t ipcomp,
+ uint16_t cpi, bool initiator, bool encap, bool esn,
bool inbound, bool update);
/**
@@ -100,7 +100,7 @@ struct ipsec_sa_mgr_t {
* @return SUCCESS if operation completed
*/
status_t (*update_sa)(ipsec_sa_mgr_t *this,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
+ uint32_t spi, uint8_t protocol, uint16_t cpi,
host_t *src, host_t *dst,
host_t *new_src, host_t *new_dst,
bool encap, bool new_encap, mark_t mark);
@@ -119,8 +119,8 @@ struct ipsec_sa_mgr_t {
* @return SUCCESS if operation completed
*/
status_t (*query_sa)(ipsec_sa_mgr_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, mark_t mark,
- u_int64_t *bytes, u_int64_t *packets, time_t *time);
+ uint32_t spi, uint8_t protocol, mark_t mark,
+ uint64_t *bytes, uint64_t *packets, time_t *time);
/**
* Delete a previously added SA
@@ -134,7 +134,7 @@ struct ipsec_sa_mgr_t {
* @return SUCCESS if operation completed
*/
status_t (*del_sa)(ipsec_sa_mgr_t *this, host_t *src, host_t *dst,
- u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
+ uint32_t spi, uint8_t protocol, uint16_t cpi,
mark_t mark);
/**
@@ -159,7 +159,7 @@ struct ipsec_sa_mgr_t {
* @param dst destination address (e.g. of an inbound packet)
* @return the matching IPsec SA, or NULL if none is found
*/
- ipsec_sa_t *(*checkout_by_spi)(ipsec_sa_mgr_t *this, u_int32_t spi,
+ ipsec_sa_t *(*checkout_by_spi)(ipsec_sa_mgr_t *this, uint32_t spi,
host_t *dst);
/**
@@ -177,7 +177,7 @@ struct ipsec_sa_mgr_t {
* @param inbound TRUE for an inbound SA, FALSE for an outbound SA
* @return the matching IPsec SA, or NULL if none is found
*/
- ipsec_sa_t *(*checkout_by_reqid)(ipsec_sa_mgr_t *this, u_int32_t reqid,
+ ipsec_sa_t *(*checkout_by_reqid)(ipsec_sa_mgr_t *this, uint32_t reqid,
bool inbound);
/**
diff --git a/src/libipsec/tests/Makefile.in b/src/libipsec/tests/Makefile.in
index ebf6e7e93..db73e1fe0 100644
--- a/src/libipsec/tests/Makefile.in
+++ b/src/libipsec/tests/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ host_triplet = @host@
TESTS = ipsec_tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libipsec/tests
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -196,12 +205,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -251,6 +262,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -285,6 +297,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -396,6 +409,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libipsec/tests/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libipsec/tests/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -866,6 +879,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libipsec/tests/suites/test_chapoly.c b/src/libipsec/tests/suites/test_chapoly.c
index 31dc2ac7b..67099deb2 100644
--- a/src/libipsec/tests/suites/test_chapoly.c
+++ b/src/libipsec/tests/suites/test_chapoly.c
@@ -27,7 +27,7 @@ METHOD(aead_t, get_iv_gen, iv_gen_t*,
}
METHOD(iv_gen_t, get_iv, bool,
- iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer)
+ iv_gen_t *this, uint64_t seq, size_t size, uint8_t *buffer)
{
if (size != 8)
{
@@ -38,7 +38,7 @@ METHOD(iv_gen_t, get_iv, bool,
}
METHOD(iv_gen_t, allocate_iv, bool,
- iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk)
+ iv_gen_t *this, uint64_t seq, size_t size, chunk_t *chunk)
{
if (size != 8)
{
@@ -58,7 +58,7 @@ START_TEST(test_chapoly)
esp_packet_t *esp;
esp_context_t *ctx;
chunk_t data, exp;
- u_int32_t seq = 0;
+ uint32_t seq = 0;
icmp = ip_packet_create(chunk_clone(chunk_from_chars(
0x45,0x00,0x00,0x54,0xa6,0xf2,0x00,0x00,
diff --git a/src/libpttls/Makefile.in b/src/libpttls/Makefile.in
index c4eb8b4a9..a4d4b332b 100644
--- a/src/libpttls/Makefile.in
+++ b/src/libpttls/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
@USE_WINDOWS_TRUE@am__append_1 = -lws2_32
subdir = src/libpttls
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -465,7 +479,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libpttls/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libpttls/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -798,6 +811,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libpttls/pt_tls.c b/src/libpttls/pt_tls.c
index 3c1f874d7..01493f45c 100644
--- a/src/libpttls/pt_tls.c
+++ b/src/libpttls/pt_tls.c
@@ -17,6 +17,7 @@
#include <utils/debug.h>
#include <pen/pen.h>
+
/**
* Described in header.
*/
@@ -87,12 +88,12 @@ static bio_reader_t* read_tls(tls_socket_t *tls, size_t len)
/**
* Read a PT-TLS message, return header data
*/
-bio_reader_t* pt_tls_read(tls_socket_t *tls, u_int32_t *vendor,
- u_int32_t *type, u_int32_t *identifier)
+bio_reader_t* pt_tls_read(tls_socket_t *tls, uint32_t *vendor,
+ uint32_t *type, uint32_t *identifier)
{
bio_reader_t *reader;
- u_int32_t len;
- u_int8_t reserved;
+ uint32_t len;
+ uint8_t reserved;
reader = read_tls(tls, PT_TLS_HEADER_LEN);
if (!reader)
@@ -135,7 +136,7 @@ bio_reader_t* pt_tls_read(tls_socket_t *tls, u_int32_t *vendor,
* Prepend a PT-TLS header to a writer, send data, destroy writer
*/
bool pt_tls_write(tls_socket_t *tls, pt_tls_message_type_t type,
- u_int32_t identifier, chunk_t data)
+ uint32_t identifier, chunk_t data)
{
bio_writer_t *writer;
chunk_t out;
diff --git a/src/libpttls/pt_tls.h b/src/libpttls/pt_tls.h
index b2f3198a4..2cee8e10f 100644
--- a/src/libpttls/pt_tls.h
+++ b/src/libpttls/pt_tls.h
@@ -105,8 +105,8 @@ enum pt_tls_auth_t {
* @param identifier receives Message Identifer
* @return reader over message value, NULL on error
*/
-bio_reader_t* pt_tls_read(tls_socket_t *tls, u_int32_t *vendor,
- u_int32_t *type, u_int32_t *identifier);
+bio_reader_t* pt_tls_read(tls_socket_t *tls, uint32_t *vendor,
+ uint32_t *type, uint32_t *identifier);
/**
* Prepend a PT-TLS header to a writer, send data, destroy writer.
@@ -118,7 +118,7 @@ bio_reader_t* pt_tls_read(tls_socket_t *tls, u_int32_t *vendor,
* @return TRUE if data written successfully
*/
bool pt_tls_write(tls_socket_t *tls, pt_tls_message_type_t type,
- u_int32_t identifier, chunk_t data);
+ uint32_t identifier, chunk_t data);
/**
* Dummy libpttls initialization function needed for integrity test
diff --git a/src/libpttls/pt_tls_client.c b/src/libpttls/pt_tls_client.c
index bd5b96f70..167918811 100644
--- a/src/libpttls/pt_tls_client.c
+++ b/src/libpttls/pt_tls_client.c
@@ -60,7 +60,7 @@ struct private_pt_tls_client_t {
/**
* Current PT-TLS message identifier
*/
- u_int32_t identifier;
+ uint32_t identifier;
};
/**
@@ -101,8 +101,8 @@ static bool negotiate_version(private_pt_tls_client_t *this)
{
bio_writer_t *writer;
bio_reader_t *reader;
- u_int32_t type, vendor, identifier, reserved;
- u_int8_t version;
+ uint32_t type, vendor, identifier, reserved;
+ uint8_t version;
bool res;
DBG1(DBG_TNC, "sending offer for PT-TLS version %d", PT_TLS_VERSION);
@@ -143,8 +143,8 @@ static bool negotiate_version(private_pt_tls_client_t *this)
*/
static status_t do_sasl(private_pt_tls_client_t *this, sasl_mechanism_t *sasl)
{
- u_int32_t type, vendor, identifier;
- u_int8_t result;
+ uint32_t type, vendor, identifier;
+ uint8_t result;
bio_reader_t *reader;
bio_writer_t *writer;
chunk_t data;
@@ -277,8 +277,8 @@ static status_t select_and_do_sasl(private_pt_tls_client_t *this)
{
bio_reader_t *reader;
sasl_mechanism_t *sasl = NULL;
- u_int32_t type, vendor, identifier;
- u_int8_t len;
+ uint32_t type, vendor, identifier;
+ uint8_t len;
chunk_t chunk;
char buf[21];
status_t status = NEED_MORE;
@@ -364,7 +364,7 @@ static bool assess(private_pt_tls_client_t *this, tls_t *tnccs)
size_t buflen = PT_TLS_MAX_MESSAGE_LEN;
char buf[buflen];
bio_reader_t *reader;
- u_int32_t vendor, type, identifier;
+ uint32_t vendor, type, identifier;
chunk_t data;
switch (tnccs->build(tnccs, buf, &buflen, &msglen))
diff --git a/src/libpttls/pt_tls_server.c b/src/libpttls/pt_tls_server.c
index cedc2632c..a1c645319 100644
--- a/src/libpttls/pt_tls_server.c
+++ b/src/libpttls/pt_tls_server.c
@@ -55,7 +55,7 @@ struct private_pt_tls_server_t {
/**
* Message Identifier
*/
- u_int32_t identifier;
+ uint32_t identifier;
/**
* TNCCS protocol handler, implemented as tls_t
@@ -71,8 +71,8 @@ static bool negotiate_version(private_pt_tls_server_t *this)
{
bio_reader_t *reader;
bio_writer_t *writer;
- u_int32_t vendor, type, identifier;
- u_int8_t reserved, vmin, vmax, vpref;
+ uint32_t vendor, type, identifier;
+ uint8_t reserved, vmin, vmax, vpref;
bool res;
reader = pt_tls_read(this->tls, &vendor, &type, &identifier);
@@ -161,7 +161,7 @@ static status_t process_sasl(private_pt_tls_server_t *this,
static status_t read_sasl(private_pt_tls_server_t *this,
sasl_mechanism_t *sasl)
{
- u_int32_t vendor, type, identifier;
+ uint32_t vendor, type, identifier;
bio_reader_t *reader;
status_t status;
chunk_t data;
@@ -260,11 +260,11 @@ static bool send_sasl_mechs(private_pt_tls_server_t *this)
static status_t read_sasl_mech_selection(private_pt_tls_server_t *this,
sasl_mechanism_t **out)
{
- u_int32_t vendor, type, identifier;
+ uint32_t vendor, type, identifier;
sasl_mechanism_t *sasl;
bio_reader_t *reader;
chunk_t chunk;
- u_int8_t len;
+ uint8_t len;
char buf[21];
reader = pt_tls_read(this->tls, &vendor, &type, &identifier);
@@ -406,7 +406,7 @@ static status_t assess(private_pt_tls_server_t *this, tls_t *tnccs)
size_t buflen = PT_TLS_MAX_MESSAGE_LEN;
char buf[buflen];
bio_reader_t *reader;
- u_int32_t vendor, type, identifier;
+ uint32_t vendor, type, identifier;
chunk_t data;
status_t status;
diff --git a/src/libradius/Makefile.in b/src/libradius/Makefile.in
index 9b03099da..f5a5d1231 100644
--- a/src/libradius/Makefile.in
+++ b/src/libradius/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libradius
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -196,12 +205,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -251,6 +262,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -285,6 +297,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -396,6 +409,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libradius/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libradius/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -762,6 +775,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libradius/radius_config.c b/src/libradius/radius_config.c
index 663173411..521cd1dec 100644
--- a/src/libradius/radius_config.c
+++ b/src/libradius/radius_config.c
@@ -200,7 +200,7 @@ METHOD(radius_config_t, destroy, void,
* See header
*/
radius_config_t *radius_config_create(char *name, char *address,
- u_int16_t auth_port, u_int16_t acct_port,
+ uint16_t auth_port, uint16_t acct_port,
char *nas_identifier, char *secret,
int sockets, int preference,
u_int tries, double timeout, double base)
diff --git a/src/libradius/radius_config.h b/src/libradius/radius_config.h
index c0ff057c8..c9a2f63bd 100644
--- a/src/libradius/radius_config.h
+++ b/src/libradius/radius_config.h
@@ -118,7 +118,7 @@ struct radius_config_t {
* @param base base to calculate retransmission timeout
*/
radius_config_t *radius_config_create(char *name, char *address,
- u_int16_t auth_port, u_int16_t acct_port,
+ uint16_t auth_port, uint16_t acct_port,
char *nas_identifier, char *secret,
int sockets, int preference,
u_int tries, double timeout, double base);
diff --git a/src/libradius/radius_message.c b/src/libradius/radius_message.c
index 01c829841..9705d3b53 100644
--- a/src/libradius/radius_message.c
+++ b/src/libradius/radius_message.c
@@ -28,15 +28,15 @@ typedef struct rattr_t rattr_t;
*/
struct rmsg_t {
/** message code, radius_message_code_t */
- u_int8_t code;
+ uint8_t code;
/** message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of Code, Identifier, Length, Authenticator and Attributes */
- u_int16_t length;
+ uint16_t length;
/** message authenticator, MD5 hash */
- u_int8_t authenticator[HASH_SIZE_MD5];
+ uint8_t authenticator[HASH_SIZE_MD5];
/** variable list of packed attributes */
- u_int8_t attributes[];
+ uint8_t attributes[];
} __attribute__((packed));
/**
@@ -44,11 +44,11 @@ struct rmsg_t {
*/
struct rattr_t {
/** attribute type, radius_attribute_type_t */
- u_int8_t type;
+ uint8_t type;
/** length of the attriubte, including the Type, Length and Value fields */
- u_int8_t length;
+ uint8_t length;
/** variable length attribute value */
- u_int8_t value[];
+ uint8_t value[];
} __attribute__((packed));
/**
@@ -293,7 +293,7 @@ typedef struct {
/** inner attribute enumerator */
enumerator_t *inner;
/** current vendor ID */
- u_int32_t vendor;
+ uint32_t vendor;
/** reader for current vendor ID */
bio_reader_t *reader;
} vendor_enumerator_t;
@@ -303,7 +303,7 @@ METHOD(enumerator_t, vendor_enumerate, bool,
{
chunk_t inner_data;
int inner_type;
- u_int8_t type8, len;
+ uint8_t type8, len;
while (TRUE)
{
@@ -449,7 +449,7 @@ METHOD(radius_message_t, crypt, bool,
}
METHOD(radius_message_t, sign, bool,
- private_radius_message_t *this, u_int8_t *req_auth, chunk_t secret,
+ private_radius_message_t *this, uint8_t *req_auth, chunk_t secret,
hasher_t *hasher, signer_t *signer, rng_t *rng, bool msg_auth)
{
if (rng)
@@ -516,7 +516,7 @@ METHOD(radius_message_t, sign, bool,
}
METHOD(radius_message_t, verify, bool,
- private_radius_message_t *this, u_int8_t *req_auth, chunk_t secret,
+ private_radius_message_t *this, uint8_t *req_auth, chunk_t secret,
hasher_t *hasher, signer_t *signer)
{
char buf[HASH_SIZE_MD5], res_auth[HASH_SIZE_MD5];
@@ -606,19 +606,19 @@ METHOD(radius_message_t, get_code, radius_message_code_t,
return this->msg->code;
}
-METHOD(radius_message_t, get_identifier, u_int8_t,
+METHOD(radius_message_t, get_identifier, uint8_t,
private_radius_message_t *this)
{
return this->msg->identifier;
}
METHOD(radius_message_t, set_identifier, void,
- private_radius_message_t *this, u_int8_t identifier)
+ private_radius_message_t *this, uint8_t identifier)
{
this->msg->identifier = identifier;
}
-METHOD(radius_message_t, get_authenticator, u_int8_t*,
+METHOD(radius_message_t, get_authenticator, uint8_t*,
private_radius_message_t *this)
{
return this->msg->authenticator;
diff --git a/src/libradius/radius_message.h b/src/libradius/radius_message.h
index e6cb40b18..c72773312 100644
--- a/src/libradius/radius_message.h
+++ b/src/libradius/radius_message.h
@@ -241,21 +241,21 @@ struct radius_message_t {
*
* @return message identifier
*/
- u_int8_t (*get_identifier)(radius_message_t *this);
+ uint8_t (*get_identifier)(radius_message_t *this);
/**
* Set the message identifier.
*
* @param identifier message identifier
*/
- void (*set_identifier)(radius_message_t *this, u_int8_t identifier);
+ void (*set_identifier)(radius_message_t *this, uint8_t identifier);
/**
* Get the 16 byte authenticator.
*
* @return pointer to the Authenticator field
*/
- u_int8_t* (*get_authenticator)(radius_message_t *this);
+ uint8_t* (*get_authenticator)(radius_message_t *this);
/**
* Get the RADIUS message in its encoded form.
@@ -275,7 +275,7 @@ struct radius_message_t {
* @param msg_auth calculate and add Message-Authenticator
* @return TRUE if signed successfully
*/
- bool (*sign)(radius_message_t *this, u_int8_t *req_auth, chunk_t secret,
+ bool (*sign)(radius_message_t *this, uint8_t *req_auth, chunk_t secret,
hasher_t *hasher, signer_t *signer, rng_t *rng, bool msg_auth);
/**
@@ -286,7 +286,7 @@ struct radius_message_t {
* @param signer HMAC-MD5 signer with secret set
* @param hasher MD5 hasher
*/
- bool (*verify)(radius_message_t *this, u_int8_t *req_auth, chunk_t secret,
+ bool (*verify)(radius_message_t *this, uint8_t *req_auth, chunk_t secret,
hasher_t *hasher, signer_t *signer);
/**
diff --git a/src/libradius/radius_mppe.h b/src/libradius/radius_mppe.h
index 1b7a732ec..5006ca9d0 100644
--- a/src/libradius/radius_mppe.h
+++ b/src/libradius/radius_mppe.h
@@ -30,11 +30,11 @@
typedef struct mppe_key_t mppe_key_t;
struct mppe_key_t {
- u_int32_t id;
- u_int8_t type;
- u_int8_t length;
- u_int16_t salt;
- u_int8_t key[];
+ uint32_t id;
+ uint8_t type;
+ uint8_t length;
+ uint16_t salt;
+ uint8_t key[];
} __attribute__((packed));
#endif /** RADIUS_MPPE_H_ @}*/
diff --git a/src/libradius/radius_socket.c b/src/libradius/radius_socket.c
index 065f2644e..115be79fb 100644
--- a/src/libradius/radius_socket.c
+++ b/src/libradius/radius_socket.c
@@ -60,7 +60,7 @@ struct private_radius_socket_t {
/**
* Server port for authentication
*/
- u_int16_t auth_port;
+ uint16_t auth_port;
/**
* socket file descriptor for authentication
@@ -70,7 +70,7 @@ struct private_radius_socket_t {
/**
* Server port for accounting
*/
- u_int16_t acct_port;
+ uint16_t acct_port;
/**
* socket file descriptor for accounting
@@ -85,7 +85,7 @@ struct private_radius_socket_t {
/**
* current RADIUS identifier
*/
- u_int8_t identifier;
+ uint8_t identifier;
/**
* hasher to use for response verification
@@ -127,7 +127,7 @@ struct private_radius_socket_t {
* Check or establish RADIUS connection
*/
static bool check_connection(private_radius_socket_t *this,
- int *fd, u_int16_t port)
+ int *fd, uint16_t port)
{
if (*fd == -1)
{
@@ -166,7 +166,7 @@ static bool check_connection(private_radius_socket_t *this,
/**
* Receive the response to the message with the given ID
*/
-static status_t receive_response(int fd, int timeout, u_int8_t id,
+static status_t receive_response(int fd, int timeout, uint8_t id,
radius_message_t **response)
{
radius_message_t *msg;
@@ -224,7 +224,7 @@ METHOD(radius_socket_t, request, radius_message_t*,
radius_message_t *response;
chunk_t data;
int *fd, retransmit = 0, timeout;
- u_int16_t port;
+ uint16_t port;
rng_t *rng = NULL;
if (request->get_code(request) == RMC_ACCOUNTING_REQUEST)
@@ -299,7 +299,7 @@ METHOD(radius_socket_t, request, radius_message_t*,
/**
* Decrypt a MS-MPPE-Send/Recv-Key
*/
-static chunk_t decrypt_mppe_key(private_radius_socket_t *this, u_int16_t salt,
+static chunk_t decrypt_mppe_key(private_radius_socket_t *this, uint16_t salt,
chunk_t C, radius_message_t *request)
{
chunk_t decrypted;
@@ -375,8 +375,8 @@ METHOD(radius_socket_t, destroy, void,
/**
* See header
*/
-radius_socket_t *radius_socket_create(char *address, u_int16_t auth_port,
- u_int16_t acct_port, chunk_t secret,
+radius_socket_t *radius_socket_create(char *address, uint16_t auth_port,
+ uint16_t acct_port, chunk_t secret,
u_int tries, double timeout, double base)
{
private_radius_socket_t *this;
diff --git a/src/libradius/radius_socket.h b/src/libradius/radius_socket.h
index 84b146a7d..acc6c368f 100644
--- a/src/libradius/radius_socket.h
+++ b/src/libradius/radius_socket.h
@@ -96,8 +96,8 @@ struct radius_socket_t {
* @param timeout retransmission timeout
* @param base base to calculate retransmission timeout
*/
-radius_socket_t *radius_socket_create(char *address, u_int16_t auth_port,
- u_int16_t acct_port, chunk_t secret,
+radius_socket_t *radius_socket_create(char *address, uint16_t auth_port,
+ uint16_t acct_port, chunk_t secret,
u_int tries, double timeout, double base);
#endif /** RADIUS_SOCKET_H_ @}*/
diff --git a/src/libsimaka/Makefile.in b/src/libsimaka/Makefile.in
index e813eb085..a7bc8e321 100644
--- a/src/libsimaka/Makefile.in
+++ b/src/libsimaka/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
@USE_WINDOWS_TRUE@am__append_1 = -lws2_32
subdir = src/libsimaka
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -199,12 +208,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -254,6 +265,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -288,6 +300,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -399,6 +412,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libsimaka/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libsimaka/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -762,6 +775,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libsimaka/simaka_card.h b/src/libsimaka/simaka_card.h
index 52cb32514..b705923f6 100644
--- a/src/libsimaka/simaka_card.h
+++ b/src/libsimaka/simaka_card.h
@@ -66,7 +66,7 @@ struct simaka_card_t {
* @param ck buffer receiving encryption key ck
* @param ik buffer receiving integrity key ik
* @param res buffer receiving authentication result res
- * @param res_len nubmer of bytes written to res buffer
+ * @param res_len number of bytes written to res buffer
* @return SUCCESS, FAILED, or INVALID_STATE if out of sync
*/
status_t (*get_quintuplet)(simaka_card_t *this, identification_t *id,
@@ -112,7 +112,7 @@ struct simaka_card_t {
*/
void (*set_reauth)(simaka_card_t *this, identification_t *id,
identification_t *next, char mk[HASH_SIZE_SHA1],
- u_int16_t counter);
+ uint16_t counter);
/**
* Retrieve parameters for fast reauthentication stored via set_reauth().
@@ -123,7 +123,7 @@ struct simaka_card_t {
* @return fast reauthentication identity, NULL if not found
*/
identification_t* (*get_reauth)(simaka_card_t *this, identification_t *id,
- char mk[HASH_SIZE_SHA1], u_int16_t *counter);
+ char mk[HASH_SIZE_SHA1], uint16_t *counter);
};
#endif /** SIMAKA_CARD_H_ @}*/
diff --git a/src/libsimaka/simaka_manager.c b/src/libsimaka/simaka_manager.c
index e85dd660b..47f1f6f8a 100644
--- a/src/libsimaka/simaka_manager.c
+++ b/src/libsimaka/simaka_manager.c
@@ -207,7 +207,7 @@ METHOD(simaka_manager_t, card_get_pseudonym, identification_t*,
METHOD(simaka_manager_t, card_set_reauth, void,
private_simaka_manager_t *this, identification_t *id, identification_t *next,
- char mk[HASH_SIZE_SHA1], u_int16_t counter)
+ char mk[HASH_SIZE_SHA1], uint16_t counter)
{
enumerator_t *enumerator;
simaka_card_t *card;
@@ -227,7 +227,7 @@ METHOD(simaka_manager_t, card_set_reauth, void,
METHOD(simaka_manager_t, card_get_reauth, identification_t*,
private_simaka_manager_t *this, identification_t *id, char mk[HASH_SIZE_SHA1],
- u_int16_t *counter)
+ uint16_t *counter)
{
enumerator_t *enumerator;
simaka_card_t *card;
@@ -393,7 +393,7 @@ METHOD(simaka_manager_t, provider_gen_pseudonym, identification_t*,
METHOD(simaka_manager_t, provider_is_reauth, identification_t*,
private_simaka_manager_t *this, identification_t *id, char mk[HASH_SIZE_SHA1],
- u_int16_t *counter)
+ uint16_t *counter)
{
enumerator_t *enumerator;
simaka_provider_t *provider;
diff --git a/src/libsimaka/simaka_manager.h b/src/libsimaka/simaka_manager.h
index bdd50296e..b10d1659b 100644
--- a/src/libsimaka/simaka_manager.h
+++ b/src/libsimaka/simaka_manager.h
@@ -84,7 +84,7 @@ struct simaka_manager_t {
* @param ck buffer receiving encryption key ck
* @param ik buffer receiving integrity key ik
* @param res buffer receiving authentication result res
- * @param res_len nubmer of bytes written to res buffer
+ * @param res_len number of bytes written to res buffer
* @return SUCCESS, FAILED, or INVALID_STATE if out of sync
*/
status_t (*card_get_quintuplet)(simaka_manager_t *this, identification_t *id,
@@ -131,7 +131,7 @@ struct simaka_manager_t {
*/
void (*card_set_reauth)(simaka_manager_t *this, identification_t *id,
identification_t *next, char mk[HASH_SIZE_SHA1],
- u_int16_t counter);
+ uint16_t counter);
/**
* Retrieve fast reauthentication parameters from one of the registered cards.
@@ -143,7 +143,7 @@ struct simaka_manager_t {
*/
identification_t* (*card_get_reauth)(simaka_manager_t *this,
identification_t *id, char mk[HASH_SIZE_SHA1],
- u_int16_t *counter);
+ uint16_t *counter);
/**
* Register a triplet provider (server) at the manager.
@@ -228,7 +228,7 @@ struct simaka_manager_t {
*/
identification_t* (*provider_is_reauth)(simaka_manager_t *this,
identification_t *id, char mk[HASH_SIZE_SHA1],
- u_int16_t *counter);
+ uint16_t *counter);
/**
* Generate a fast reauth id using one of the registered providers.
diff --git a/src/libsimaka/simaka_message.c b/src/libsimaka/simaka_message.c
index 7dd15480b..234d7ef2a 100644
--- a/src/libsimaka/simaka_message.c
+++ b/src/libsimaka/simaka_message.c
@@ -30,17 +30,17 @@ typedef struct attr_t attr_t;
*/
struct hdr_t {
/** EAP code (REQUEST/RESPONSE) */
- u_int8_t code;
+ uint8_t code;
/** unique message identifier */
- u_int8_t identifier;
+ uint8_t identifier;
/** length of whole message */
- u_int16_t length;
+ uint16_t length;
/** EAP type => EAP_SIM/EAP_AKA */
- u_int8_t type;
+ uint8_t type;
/** SIM subtype */
- u_int8_t subtype;
+ uint8_t subtype;
/** reserved bytes */
- u_int16_t reserved;
+ uint16_t reserved;
} __attribute__((__packed__));
/**
@@ -48,9 +48,9 @@ struct hdr_t {
*/
struct attr_hdr_t {
/** attribute type */
- u_int8_t type;
+ uint8_t type;
/** attibute length */
- u_int8_t length;
+ uint8_t length;
} __attribute__((__packed__));
/**
@@ -204,7 +204,7 @@ METHOD(simaka_message_t, is_request, bool,
return this->hdr->code == EAP_REQUEST;
}
-METHOD(simaka_message_t, get_identifier, u_int8_t,
+METHOD(simaka_message_t, get_identifier, uint8_t,
private_simaka_message_t *this)
{
return this->hdr->identifier;
@@ -366,7 +366,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
case AT_IDENTITY:
case AT_VERSION_LIST:
{
- u_int16_t len;
+ uint16_t len;
if (hdr->length < 1 || in.len < 4)
{
@@ -610,7 +610,7 @@ METHOD(simaka_message_t, generate, bool,
chunk_t out, encr, data, *target, mac = chunk_empty;
simaka_attribute_t type;
attr_hdr_t *hdr;
- u_int16_t len;
+ uint16_t len;
signer_t *signer;
call_hook(this, FALSE, TRUE);
@@ -684,7 +684,7 @@ METHOD(simaka_message_t, generate, bool,
case AT_VERSION_LIST:
case AT_RES:
{
- u_int16_t len, padding;
+ uint16_t len, padding;
len = htons(data.len);
if (type == AT_RES)
@@ -912,7 +912,7 @@ simaka_message_t *simaka_message_create_from_payload(chunk_t data,
/**
* See header.
*/
-simaka_message_t *simaka_message_create(bool request, u_int8_t identifier,
+simaka_message_t *simaka_message_create(bool request, uint8_t identifier,
eap_type_t type, simaka_subtype_t subtype,
simaka_crypto_t *crypto)
{
diff --git a/src/libsimaka/simaka_message.h b/src/libsimaka/simaka_message.h
index 9e2c7dea9..2393d3450 100644
--- a/src/libsimaka/simaka_message.h
+++ b/src/libsimaka/simaka_message.h
@@ -176,7 +176,7 @@ struct simaka_message_t {
*
* @return EAP message identifier
*/
- u_int8_t (*get_identifier)(simaka_message_t *this);
+ uint8_t (*get_identifier)(simaka_message_t *this);
/**
* Get the EAP type of the message.
@@ -257,7 +257,7 @@ struct simaka_message_t {
* @param crypto EAP-SIM/AKA crypto helper
* @return empty message of requested kind, NULL on error
*/
-simaka_message_t *simaka_message_create(bool request, u_int8_t identifier,
+simaka_message_t *simaka_message_create(bool request, uint8_t identifier,
eap_type_t type, simaka_subtype_t subtype,
simaka_crypto_t *crypto);
diff --git a/src/libsimaka/simaka_provider.h b/src/libsimaka/simaka_provider.h
index f1bf80049..ef1c73908 100644
--- a/src/libsimaka/simaka_provider.h
+++ b/src/libsimaka/simaka_provider.h
@@ -62,7 +62,7 @@ struct simaka_provider_t {
* @param id permanent identity of peer to create challenge for
* @param rand buffer receiving random value rand
* @param xres buffer receiving expected authentication result xres
- * @param xres_len nubmer of bytes written to xres buffer
+ * @param xres_len number of bytes written to xres buffer
* @param ck buffer receiving encryption key ck
* @param ik buffer receiving integrity key ik
* @param autn authentication token autn
@@ -112,7 +112,7 @@ struct simaka_provider_t {
* @return permanent identity, NULL if id not a reauth identity
*/
identification_t* (*is_reauth)(simaka_provider_t *this, identification_t *id,
- char mk[HASH_SIZE_SHA1], u_int16_t *counter);
+ char mk[HASH_SIZE_SHA1], uint16_t *counter);
/**
* Generate a fast reauthentication identity, associated to a master key.
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 0bac61b44..9be93f1f8 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -120,7 +120,9 @@ endif
library.lo : $(top_builddir)/config.status
-libstrongswan_la_LIBADD = $(DLLIB) $(BTLIB) $(SOCKLIB) $(RTLIB) $(BFDLIB) $(UNWINDLIB)
+libstrongswan_la_LIBADD = \
+ $(DLLIB) $(ATOMICLIB) $(BTLIB) $(SOCKLIB) \
+ $(RTLIB) $(BFDLIB) $(UNWINDLIB)
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index d88c96f03..d1b65bdb2 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -221,12 +231,6 @@ host_triplet = @host@
@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_123 = plugins/test_vectors/libstrongswan-test-vectors.la
@USE_BLISS_TRUE@am__append_124 = plugins/bliss/tests
subdir = src/libstrongswan
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- settings/settings_parser.h settings/settings_parser.c \
- settings/settings_lexer.c $(top_srcdir)/depcomp \
- $(top_srcdir)/ylwrap \
- $(am__nobase_strongswan_include_HEADERS_DIST) \
- $(noinst_HEADERS)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -240,6 +244,9 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am \
+ $(am__nobase_strongswan_include_HEADERS_DIST) \
+ $(noinst_HEADERS) $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -280,26 +287,27 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
- $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
- $(am__DEPENDENCIES_1) $(am__append_19) $(am__append_21) \
- $(am__append_23) $(am__append_25) $(am__append_27) \
- $(am__append_29) $(am__append_31) $(am__append_33) \
- $(am__append_35) $(am__append_37) $(am__append_39) \
- $(am__append_41) $(am__append_43) $(am__append_45) \
- $(am__append_47) $(am__append_49) $(am__append_51) \
- $(am__append_53) $(am__append_55) $(am__append_57) \
- $(am__append_59) $(am__append_61) $(am__append_63) \
- $(am__append_65) $(am__append_67) $(am__append_69) \
- $(am__append_71) $(am__append_73) $(am__append_75) \
- $(am__append_77) $(am__append_79) $(am__append_81) \
- $(am__append_83) $(am__append_85) $(am__append_87) \
- $(am__append_89) $(am__append_91) $(am__append_93) \
- $(am__append_95) $(am__append_97) $(am__append_99) \
- $(am__append_101) $(am__append_103) $(am__append_105) \
- $(am__append_107) $(am__append_109) $(am__append_111) \
- $(am__append_113) $(am__append_115) $(am__append_117) \
- $(am__append_119) $(am__append_121) $(am__append_123)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) $(am__append_19) \
+ $(am__append_21) $(am__append_23) $(am__append_25) \
+ $(am__append_27) $(am__append_29) $(am__append_31) \
+ $(am__append_33) $(am__append_35) $(am__append_37) \
+ $(am__append_39) $(am__append_41) $(am__append_43) \
+ $(am__append_45) $(am__append_47) $(am__append_49) \
+ $(am__append_51) $(am__append_53) $(am__append_55) \
+ $(am__append_57) $(am__append_59) $(am__append_61) \
+ $(am__append_63) $(am__append_65) $(am__append_67) \
+ $(am__append_69) $(am__append_71) $(am__append_73) \
+ $(am__append_75) $(am__append_77) $(am__append_79) \
+ $(am__append_81) $(am__append_83) $(am__append_85) \
+ $(am__append_87) $(am__append_89) $(am__append_91) \
+ $(am__append_93) $(am__append_95) $(am__append_97) \
+ $(am__append_99) $(am__append_101) $(am__append_103) \
+ $(am__append_105) $(am__append_107) $(am__append_109) \
+ $(am__append_111) $(am__append_113) $(am__append_115) \
+ $(am__append_117) $(am__append_119) $(am__append_121) \
+ $(am__append_123)
am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \
asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c \
bio/bio_writer.c collections/blocking_queue.c \
@@ -632,6 +640,9 @@ DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \
plugins/chapoly plugins/ctr plugins/ccm plugins/gcm \
plugins/ntru plugins/bliss plugins/test_vectors tests \
plugins/bliss/tests
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ $(top_srcdir)/ylwrap settings/settings_lexer.c \
+ settings/settings_parser.c settings/settings_parser.h
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -663,6 +674,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -712,6 +724,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -746,6 +759,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -857,6 +871,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -1003,27 +1018,28 @@ settings/settings_types.h
@USE_DEV_HEADERS_TRUE@utils/utils/string.h utils/utils/memory.h utils/utils/tty.h utils/utils/path.h \
@USE_DEV_HEADERS_TRUE@utils/utils/status.h utils/utils/object.h utils/utils/time.h utils/utils/align.h
-libstrongswan_la_LIBADD = $(DLLIB) $(BTLIB) $(SOCKLIB) $(RTLIB) \
- $(BFDLIB) $(UNWINDLIB) $(am__append_2) $(am__append_4) \
- $(am__append_5) $(am__append_13) $(am__append_15) \
- $(am__append_17) $(am__append_19) $(am__append_21) \
- $(am__append_23) $(am__append_25) $(am__append_27) \
- $(am__append_29) $(am__append_31) $(am__append_33) \
- $(am__append_35) $(am__append_37) $(am__append_39) \
- $(am__append_41) $(am__append_43) $(am__append_45) \
- $(am__append_47) $(am__append_49) $(am__append_51) \
- $(am__append_53) $(am__append_55) $(am__append_57) \
- $(am__append_59) $(am__append_61) $(am__append_63) \
- $(am__append_65) $(am__append_67) $(am__append_69) \
- $(am__append_71) $(am__append_73) $(am__append_75) \
- $(am__append_77) $(am__append_79) $(am__append_81) \
- $(am__append_83) $(am__append_85) $(am__append_87) \
- $(am__append_89) $(am__append_91) $(am__append_93) \
- $(am__append_95) $(am__append_97) $(am__append_99) \
- $(am__append_101) $(am__append_103) $(am__append_105) \
- $(am__append_107) $(am__append_109) $(am__append_111) \
- $(am__append_113) $(am__append_115) $(am__append_117) \
- $(am__append_119) $(am__append_121) $(am__append_123)
+libstrongswan_la_LIBADD = $(DLLIB) $(ATOMICLIB) $(BTLIB) $(SOCKLIB) \
+ $(RTLIB) $(BFDLIB) $(UNWINDLIB) $(am__append_2) \
+ $(am__append_4) $(am__append_5) $(am__append_13) \
+ $(am__append_15) $(am__append_17) $(am__append_19) \
+ $(am__append_21) $(am__append_23) $(am__append_25) \
+ $(am__append_27) $(am__append_29) $(am__append_31) \
+ $(am__append_33) $(am__append_35) $(am__append_37) \
+ $(am__append_39) $(am__append_41) $(am__append_43) \
+ $(am__append_45) $(am__append_47) $(am__append_49) \
+ $(am__append_51) $(am__append_53) $(am__append_55) \
+ $(am__append_57) $(am__append_59) $(am__append_61) \
+ $(am__append_63) $(am__append_65) $(am__append_67) \
+ $(am__append_69) $(am__append_71) $(am__append_73) \
+ $(am__append_75) $(am__append_77) $(am__append_79) \
+ $(am__append_81) $(am__append_83) $(am__append_85) \
+ $(am__append_87) $(am__append_89) $(am__append_91) \
+ $(am__append_93) $(am__append_95) $(am__append_97) \
+ $(am__append_99) $(am__append_101) $(am__append_103) \
+ $(am__append_105) $(am__append_107) $(am__append_109) \
+ $(am__append_111) $(am__append_113) $(am__append_115) \
+ $(am__append_117) $(am__append_119) $(am__append_121) \
+ $(am__append_123)
AM_CPPFLAGS = -I$(top_srcdir)/src/libstrongswan \
-DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_LIB_DIR=\"${ipseclibdir}\" \
-DPLUGINDIR=\"${plugindir}\" \
@@ -1124,7 +1140,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -2322,6 +2337,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES \
uninstall-ipseclibLTLIBRARIES \
uninstall-nobase_strongswan_includeHEADERS
+.PRECIOUS: Makefile
+
library.lo : $(top_builddir)/config.status
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index 628bb99e6..2ee414abf 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -592,15 +592,15 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level, const c
/*
* Described in header
*/
-u_int64_t asn1_parse_integer_uint64(chunk_t blob)
+uint64_t asn1_parse_integer_uint64(chunk_t blob)
{
- u_int64_t val = 0;
+ uint64_t val = 0;
int i;
for (i = 0; i < blob.len; i++)
{ /* if it is longer than 8 bytes, we just use the 8 LSBs */
val <<= 8;
- val |= (u_int64_t)blob.ptr[i];
+ val |= (uint64_t)blob.ptr[i];
}
return val;
}
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index 8ac005610..f0b3e17e8 100644
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -172,13 +172,13 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level0,
const char* name);
/**
- * Converts an ASN.1 INTEGER object to an u_int64_t. If the INTEGER is longer
+ * Converts an ASN.1 INTEGER object to an uint64_t. If the INTEGER is longer
* than 8 bytes only the 8 LSBs are returned.
*
* @param blob body of an ASN.1 coded integer object
* @return converted integer
*/
-u_int64_t asn1_parse_integer_uint64(chunk_t blob);
+uint64_t asn1_parse_integer_uint64(chunk_t blob);
/**
* Print the value of an ASN.1 simple object
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index ed953d482..c23746e57 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -28,8 +28,8 @@ const oid_t oid_names[] = {
{ 0x01, 0, 1, 8, "pilotAttributeType" }, /* 15 */
{ 0x01, 17, 0, 9, "UID" }, /* 16 */
{ 0x19, 0, 0, 9, "DC" }, /* 17 */
- {0x55, 66, 1, 0, "X.500" }, /* 18 */
- { 0x04, 38, 1, 1, "X.509" }, /* 19 */
+ {0x55, 67, 1, 0, "X.500" }, /* 18 */
+ { 0x04, 39, 1, 1, "X.509" }, /* 19 */
{ 0x03, 21, 0, 2, "CN" }, /* 20 */
{ 0x04, 22, 0, 2, "S" }, /* 21 */
{ 0x05, 23, 0, 2, "SN" }, /* 22 */
@@ -46,447 +46,448 @@ const oid_t oid_names[] = {
{ 0x2B, 34, 0, 2, "I" }, /* 33 */
{ 0x2D, 35, 0, 2, "ID" }, /* 34 */
{ 0x2E, 36, 0, 2, "dnQualifier" }, /* 35 */
- { 0x41, 37, 0, 2, "pseudonym" }, /* 36 */
- { 0x48, 0, 0, 2, "role" }, /* 37 */
- { 0x1D, 0, 1, 1, "id-ce" }, /* 38 */
- { 0x09, 40, 0, 2, "subjectDirectoryAttrs" }, /* 39 */
- { 0x0E, 41, 0, 2, "subjectKeyIdentifier" }, /* 40 */
- { 0x0F, 42, 0, 2, "keyUsage" }, /* 41 */
- { 0x10, 43, 0, 2, "privateKeyUsagePeriod" }, /* 42 */
- { 0x11, 44, 0, 2, "subjectAltName" }, /* 43 */
- { 0x12, 45, 0, 2, "issuerAltName" }, /* 44 */
- { 0x13, 46, 0, 2, "basicConstraints" }, /* 45 */
- { 0x14, 47, 0, 2, "crlNumber" }, /* 46 */
- { 0x15, 48, 0, 2, "reasonCode" }, /* 47 */
- { 0x17, 49, 0, 2, "holdInstructionCode" }, /* 48 */
- { 0x18, 50, 0, 2, "invalidityDate" }, /* 49 */
- { 0x1B, 51, 0, 2, "deltaCrlIndicator" }, /* 50 */
- { 0x1C, 52, 0, 2, "issuingDistributionPoint" }, /* 51 */
- { 0x1D, 53, 0, 2, "certificateIssuer" }, /* 52 */
- { 0x1E, 54, 0, 2, "nameConstraints" }, /* 53 */
- { 0x1F, 55, 0, 2, "crlDistributionPoints" }, /* 54 */
- { 0x20, 57, 1, 2, "certificatePolicies" }, /* 55 */
- { 0x00, 0, 0, 3, "anyPolicy" }, /* 56 */
- { 0x21, 58, 0, 2, "policyMappings" }, /* 57 */
- { 0x23, 59, 0, 2, "authorityKeyIdentifier" }, /* 58 */
- { 0x24, 60, 0, 2, "policyConstraints" }, /* 59 */
- { 0x25, 62, 1, 2, "extendedKeyUsage" }, /* 60 */
- { 0x00, 0, 0, 3, "anyExtendedKeyUsage" }, /* 61 */
- { 0x2E, 63, 0, 2, "freshestCRL" }, /* 62 */
- { 0x36, 64, 0, 2, "inhibitAnyPolicy" }, /* 63 */
- { 0x37, 65, 0, 2, "targetInformation" }, /* 64 */
- { 0x38, 0, 0, 2, "noRevAvail" }, /* 65 */
- {0x2A, 190, 1, 0, "" }, /* 66 */
- { 0x83, 79, 1, 1, "" }, /* 67 */
- { 0x08, 0, 1, 2, "jp" }, /* 68 */
- { 0x8C, 0, 1, 3, "" }, /* 69 */
- { 0x9A, 0, 1, 4, "" }, /* 70 */
- { 0x4B, 0, 1, 5, "" }, /* 71 */
- { 0x3D, 0, 1, 6, "" }, /* 72 */
- { 0x01, 0, 1, 7, "security" }, /* 73 */
- { 0x01, 0, 1, 8, "algorithm" }, /* 74 */
- { 0x01, 0, 1, 9, "symm-encryption-alg" }, /* 75 */
- { 0x02, 77, 0, 10, "camellia128-cbc" }, /* 76 */
- { 0x03, 78, 0, 10, "camellia192-cbc" }, /* 77 */
- { 0x04, 0, 0, 10, "camellia256-cbc" }, /* 78 */
- { 0x86, 0, 1, 1, "" }, /* 79 */
- { 0x48, 0, 1, 2, "us" }, /* 80 */
- { 0x86, 149, 1, 3, "" }, /* 81 */
- { 0xF6, 87, 1, 4, "" }, /* 82 */
- { 0x7D, 0, 1, 5, "NortelNetworks" }, /* 83 */
- { 0x07, 0, 1, 6, "Entrust" }, /* 84 */
- { 0x41, 0, 1, 7, "nsn-ce" }, /* 85 */
- { 0x00, 0, 0, 8, "entrustVersInfo" }, /* 86 */
- { 0xF7, 0, 1, 4, "" }, /* 87 */
- { 0x0D, 0, 1, 5, "RSADSI" }, /* 88 */
- { 0x01, 144, 1, 6, "PKCS" }, /* 89 */
- { 0x01, 102, 1, 7, "PKCS-1" }, /* 90 */
- { 0x01, 92, 0, 8, "rsaEncryption" }, /* 91 */
- { 0x02, 93, 0, 8, "md2WithRSAEncryption" }, /* 92 */
- { 0x04, 94, 0, 8, "md5WithRSAEncryption" }, /* 93 */
- { 0x05, 95, 0, 8, "sha-1WithRSAEncryption" }, /* 94 */
- { 0x07, 96, 0, 8, "id-RSAES-OAEP" }, /* 95 */
- { 0x08, 97, 0, 8, "id-mgf1" }, /* 96 */
- { 0x09, 98, 0, 8, "id-pSpecified" }, /* 97 */
- { 0x0B, 99, 0, 8, "sha256WithRSAEncryption" }, /* 98 */
- { 0x0C, 100, 0, 8, "sha384WithRSAEncryption" }, /* 99 */
- { 0x0D, 101, 0, 8, "sha512WithRSAEncryption" }, /* 100 */
- { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 101 */
- { 0x05, 107, 1, 7, "PKCS-5" }, /* 102 */
- { 0x03, 104, 0, 8, "pbeWithMD5AndDES-CBC" }, /* 103 */
- { 0x0A, 105, 0, 8, "pbeWithSHA1AndDES-CBC" }, /* 104 */
- { 0x0C, 106, 0, 8, "id-PBKDF2" }, /* 105 */
- { 0x0D, 0, 0, 8, "id-PBES2" }, /* 106 */
- { 0x07, 114, 1, 7, "PKCS-7" }, /* 107 */
- { 0x01, 109, 0, 8, "data" }, /* 108 */
- { 0x02, 110, 0, 8, "signedData" }, /* 109 */
- { 0x03, 111, 0, 8, "envelopedData" }, /* 110 */
- { 0x04, 112, 0, 8, "signedAndEnvelopedData" }, /* 111 */
- { 0x05, 113, 0, 8, "digestedData" }, /* 112 */
- { 0x06, 0, 0, 8, "encryptedData" }, /* 113 */
- { 0x09, 128, 1, 7, "PKCS-9" }, /* 114 */
- { 0x01, 116, 0, 8, "E" }, /* 115 */
- { 0x02, 117, 0, 8, "unstructuredName" }, /* 116 */
- { 0x03, 118, 0, 8, "contentType" }, /* 117 */
- { 0x04, 119, 0, 8, "messageDigest" }, /* 118 */
- { 0x05, 120, 0, 8, "signingTime" }, /* 119 */
- { 0x06, 121, 0, 8, "counterSignature" }, /* 120 */
- { 0x07, 122, 0, 8, "challengePassword" }, /* 121 */
- { 0x08, 123, 0, 8, "unstructuredAddress" }, /* 122 */
- { 0x0E, 124, 0, 8, "extensionRequest" }, /* 123 */
- { 0x0F, 125, 0, 8, "S/MIME Capabilities" }, /* 124 */
- { 0x16, 0, 1, 8, "certTypes" }, /* 125 */
- { 0x01, 127, 0, 9, "X.509" }, /* 126 */
- { 0x02, 0, 0, 9, "SDSI" }, /* 127 */
- { 0x0c, 0, 1, 7, "PKCS-12" }, /* 128 */
- { 0x01, 136, 1, 8, "pbeIds" }, /* 129 */
- { 0x01, 131, 0, 9, "pbeWithSHAAnd128BitRC4" }, /* 130 */
- { 0x02, 132, 0, 9, "pbeWithSHAAnd40BitRC4" }, /* 131 */
- { 0x03, 133, 0, 9, "pbeWithSHAAnd3-KeyTripleDES-CBC"}, /* 132 */
- { 0x04, 134, 0, 9, "pbeWithSHAAnd2-KeyTripleDES-CBC"}, /* 133 */
- { 0x05, 135, 0, 9, "pbeWithSHAAnd128BitRC2-CBC" }, /* 134 */
- { 0x06, 0, 0, 9, "pbeWithSHAAnd40BitRC2-CBC" }, /* 135 */
- { 0x0a, 0, 1, 8, "PKCS-12v1" }, /* 136 */
- { 0x01, 0, 1, 9, "bagIds" }, /* 137 */
- { 0x01, 139, 0, 10, "keyBag" }, /* 138 */
- { 0x02, 140, 0, 10, "pkcs8ShroudedKeyBag" }, /* 139 */
- { 0x03, 141, 0, 10, "certBag" }, /* 140 */
- { 0x04, 142, 0, 10, "crlBag" }, /* 141 */
- { 0x05, 143, 0, 10, "secretBag" }, /* 142 */
- { 0x06, 0, 0, 10, "safeContentsBag" }, /* 143 */
- { 0x02, 147, 1, 6, "digestAlgorithm" }, /* 144 */
- { 0x02, 146, 0, 7, "md2" }, /* 145 */
- { 0x05, 0, 0, 7, "md5" }, /* 146 */
- { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 147 */
- { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 148 */
- { 0xCE, 0, 1, 3, "" }, /* 149 */
- { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 150 */
- { 0x02, 153, 1, 5, "id-publicKeyType" }, /* 151 */
- { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 152 */
- { 0x03, 183, 1, 5, "ellipticCurve" }, /* 153 */
- { 0x00, 175, 1, 6, "c-TwoCurve" }, /* 154 */
- { 0x01, 156, 0, 7, "c2pnb163v1" }, /* 155 */
- { 0x02, 157, 0, 7, "c2pnb163v2" }, /* 156 */
- { 0x03, 158, 0, 7, "c2pnb163v3" }, /* 157 */
- { 0x04, 159, 0, 7, "c2pnb176w1" }, /* 158 */
- { 0x05, 160, 0, 7, "c2tnb191v1" }, /* 159 */
- { 0x06, 161, 0, 7, "c2tnb191v2" }, /* 160 */
- { 0x07, 162, 0, 7, "c2tnb191v3" }, /* 161 */
- { 0x08, 163, 0, 7, "c2onb191v4" }, /* 162 */
- { 0x09, 164, 0, 7, "c2onb191v5" }, /* 163 */
- { 0x0A, 165, 0, 7, "c2pnb208w1" }, /* 164 */
- { 0x0B, 166, 0, 7, "c2tnb239v1" }, /* 165 */
- { 0x0C, 167, 0, 7, "c2tnb239v2" }, /* 166 */
- { 0x0D, 168, 0, 7, "c2tnb239v3" }, /* 167 */
- { 0x0E, 169, 0, 7, "c2onb239v4" }, /* 168 */
- { 0x0F, 170, 0, 7, "c2onb239v5" }, /* 169 */
- { 0x10, 171, 0, 7, "c2pnb272w1" }, /* 170 */
- { 0x11, 172, 0, 7, "c2pnb304w1" }, /* 171 */
- { 0x12, 173, 0, 7, "c2tnb359v1" }, /* 172 */
- { 0x13, 174, 0, 7, "c2pnb368w1" }, /* 173 */
- { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 174 */
- { 0x01, 0, 1, 6, "primeCurve" }, /* 175 */
- { 0x01, 177, 0, 7, "prime192v1" }, /* 176 */
- { 0x02, 178, 0, 7, "prime192v2" }, /* 177 */
- { 0x03, 179, 0, 7, "prime192v3" }, /* 178 */
- { 0x04, 180, 0, 7, "prime239v1" }, /* 179 */
- { 0x05, 181, 0, 7, "prime239v2" }, /* 180 */
- { 0x06, 182, 0, 7, "prime239v3" }, /* 181 */
- { 0x07, 0, 0, 7, "prime256v1" }, /* 182 */
- { 0x04, 0, 1, 5, "id-ecSigType" }, /* 183 */
- { 0x01, 185, 0, 6, "ecdsa-with-SHA1" }, /* 184 */
- { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 185 */
- { 0x01, 187, 0, 7, "ecdsa-with-SHA224" }, /* 186 */
- { 0x02, 188, 0, 7, "ecdsa-with-SHA256" }, /* 187 */
- { 0x03, 189, 0, 7, "ecdsa-with-SHA384" }, /* 188 */
- { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 189 */
- {0x2B, 417, 1, 0, "" }, /* 190 */
- { 0x06, 331, 1, 1, "dod" }, /* 191 */
- { 0x01, 0, 1, 2, "internet" }, /* 192 */
- { 0x04, 282, 1, 3, "private" }, /* 193 */
- { 0x01, 0, 1, 4, "enterprise" }, /* 194 */
- { 0x82, 232, 1, 5, "" }, /* 195 */
- { 0x37, 208, 1, 6, "Microsoft" }, /* 196 */
- { 0x0A, 201, 1, 7, "" }, /* 197 */
- { 0x03, 0, 1, 8, "" }, /* 198 */
- { 0x03, 200, 0, 9, "msSGC" }, /* 199 */
- { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 200 */
- { 0x14, 205, 1, 7, "msEnrollmentInfrastructure" }, /* 201 */
- { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 202 */
- { 0x02, 204, 0, 9, "msSmartcardLogon" }, /* 203 */
- { 0x03, 0, 0, 9, "msUPN" }, /* 204 */
- { 0x15, 0, 1, 7, "msCertSrvInfrastructure" }, /* 205 */
- { 0x07, 207, 0, 8, "msCertTemplate" }, /* 206 */
- { 0x0A, 0, 0, 8, "msApplicationCertPolicies" }, /* 207 */
- { 0xA0, 0, 1, 6, "" }, /* 208 */
- { 0x2A, 0, 1, 7, "ITA" }, /* 209 */
- { 0x01, 211, 0, 8, "strongSwan" }, /* 210 */
- { 0x02, 212, 0, 8, "cps" }, /* 211 */
- { 0x03, 213, 0, 8, "e-voting" }, /* 212 */
- { 0x05, 0, 1, 8, "BLISS" }, /* 213 */
- { 0x01, 216, 1, 9, "keyType" }, /* 214 */
- { 0x01, 0, 0, 10, "blissPublicKey" }, /* 215 */
- { 0x02, 225, 1, 9, "parameters" }, /* 216 */
- { 0x01, 218, 0, 10, "BLISS-I" }, /* 217 */
- { 0x02, 219, 0, 10, "BLISS-II" }, /* 218 */
- { 0x03, 220, 0, 10, "BLISS-III" }, /* 219 */
- { 0x04, 221, 0, 10, "BLISS-IV" }, /* 220 */
- { 0x05, 222, 0, 10, "BLISS-B-I" }, /* 221 */
- { 0x06, 223, 0, 10, "BLISS-B-II" }, /* 222 */
- { 0x07, 224, 0, 10, "BLISS-B-III" }, /* 223 */
- { 0x08, 0, 0, 10, "BLISS-B-IV" }, /* 224 */
- { 0x03, 0, 1, 9, "blissSigType" }, /* 225 */
- { 0x01, 227, 0, 10, "BLISS-with-SHA2-512" }, /* 226 */
- { 0x02, 228, 0, 10, "BLISS-with-SHA2-384" }, /* 227 */
- { 0x03, 229, 0, 10, "BLISS-with-SHA2-256" }, /* 228 */
- { 0x04, 230, 0, 10, "BLISS-with-SHA3-512" }, /* 229 */
- { 0x05, 231, 0, 10, "BLISS-with-SHA3-384" }, /* 230 */
- { 0x06, 0, 0, 10, "BLISS-with-SHA3-256" }, /* 231 */
- { 0x89, 239, 1, 5, "" }, /* 232 */
- { 0x31, 0, 1, 6, "" }, /* 233 */
- { 0x01, 0, 1, 7, "" }, /* 234 */
- { 0x01, 0, 1, 8, "" }, /* 235 */
- { 0x02, 0, 1, 9, "" }, /* 236 */
- { 0x02, 0, 1, 10, "" }, /* 237 */
- { 0x4B, 0, 0, 11, "TCGID" }, /* 238 */
- { 0x97, 243, 1, 5, "" }, /* 239 */
- { 0x55, 0, 1, 6, "" }, /* 240 */
- { 0x01, 0, 1, 7, "" }, /* 241 */
- { 0x02, 0, 0, 8, "blowfish-cbc" }, /* 242 */
- { 0xC1, 0, 1, 5, "" }, /* 243 */
- { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 244 */
- { 0x01, 0, 1, 7, "eess" }, /* 245 */
- { 0x01, 0, 1, 8, "eess1" }, /* 246 */
- { 0x01, 251, 1, 9, "eess1-algs" }, /* 247 */
- { 0x01, 249, 0, 10, "ntru-EESS1v1-SVES" }, /* 248 */
- { 0x02, 250, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 249 */
- { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 250 */
- { 0x02, 281, 1, 9, "eess1-params" }, /* 251 */
- { 0x01, 253, 0, 10, "ees251ep1" }, /* 252 */
- { 0x02, 254, 0, 10, "ees347ep1" }, /* 253 */
- { 0x03, 255, 0, 10, "ees503ep1" }, /* 254 */
- { 0x07, 256, 0, 10, "ees251sp2" }, /* 255 */
- { 0x0C, 257, 0, 10, "ees251ep4" }, /* 256 */
- { 0x0D, 258, 0, 10, "ees251ep5" }, /* 257 */
- { 0x0E, 259, 0, 10, "ees251sp3" }, /* 258 */
- { 0x0F, 260, 0, 10, "ees251sp4" }, /* 259 */
- { 0x10, 261, 0, 10, "ees251sp5" }, /* 260 */
- { 0x11, 262, 0, 10, "ees251sp6" }, /* 261 */
- { 0x12, 263, 0, 10, "ees251sp7" }, /* 262 */
- { 0x13, 264, 0, 10, "ees251sp8" }, /* 263 */
- { 0x14, 265, 0, 10, "ees251sp9" }, /* 264 */
- { 0x22, 266, 0, 10, "ees401ep1" }, /* 265 */
- { 0x23, 267, 0, 10, "ees449ep1" }, /* 266 */
- { 0x24, 268, 0, 10, "ees677ep1" }, /* 267 */
- { 0x25, 269, 0, 10, "ees1087ep2" }, /* 268 */
- { 0x26, 270, 0, 10, "ees541ep1" }, /* 269 */
- { 0x27, 271, 0, 10, "ees613ep1" }, /* 270 */
- { 0x28, 272, 0, 10, "ees887ep1" }, /* 271 */
- { 0x29, 273, 0, 10, "ees1171ep1" }, /* 272 */
- { 0x2A, 274, 0, 10, "ees659ep1" }, /* 273 */
- { 0x2B, 275, 0, 10, "ees761ep1" }, /* 274 */
- { 0x2C, 276, 0, 10, "ees1087ep1" }, /* 275 */
- { 0x2D, 277, 0, 10, "ees1499ep1" }, /* 276 */
- { 0x2E, 278, 0, 10, "ees401ep2" }, /* 277 */
- { 0x2F, 279, 0, 10, "ees439ep1" }, /* 278 */
- { 0x30, 280, 0, 10, "ees593ep1" }, /* 279 */
- { 0x31, 0, 0, 10, "ees743ep1" }, /* 280 */
- { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 281 */
- { 0x05, 0, 1, 3, "security" }, /* 282 */
- { 0x05, 0, 1, 4, "mechanisms" }, /* 283 */
- { 0x07, 328, 1, 5, "id-pkix" }, /* 284 */
- { 0x01, 289, 1, 6, "id-pe" }, /* 285 */
- { 0x01, 287, 0, 7, "authorityInfoAccess" }, /* 286 */
- { 0x03, 288, 0, 7, "qcStatements" }, /* 287 */
- { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 288 */
- { 0x02, 292, 1, 6, "id-qt" }, /* 289 */
- { 0x01, 291, 0, 7, "cps" }, /* 290 */
- { 0x02, 0, 0, 7, "unotice" }, /* 291 */
- { 0x03, 302, 1, 6, "id-kp" }, /* 292 */
- { 0x01, 294, 0, 7, "serverAuth" }, /* 293 */
- { 0x02, 295, 0, 7, "clientAuth" }, /* 294 */
- { 0x03, 296, 0, 7, "codeSigning" }, /* 295 */
- { 0x04, 297, 0, 7, "emailProtection" }, /* 296 */
- { 0x05, 298, 0, 7, "ipsecEndSystem" }, /* 297 */
- { 0x06, 299, 0, 7, "ipsecTunnel" }, /* 298 */
- { 0x07, 300, 0, 7, "ipsecUser" }, /* 299 */
- { 0x08, 301, 0, 7, "timeStamping" }, /* 300 */
- { 0x09, 0, 0, 7, "ocspSigning" }, /* 301 */
- { 0x08, 310, 1, 6, "id-otherNames" }, /* 302 */
- { 0x01, 304, 0, 7, "personalData" }, /* 303 */
- { 0x02, 305, 0, 7, "userGroup" }, /* 304 */
- { 0x03, 306, 0, 7, "id-on-permanentIdentifier" }, /* 305 */
- { 0x04, 307, 0, 7, "id-on-hardwareModuleName" }, /* 306 */
- { 0x05, 308, 0, 7, "xmppAddr" }, /* 307 */
- { 0x06, 309, 0, 7, "id-on-SIM" }, /* 308 */
- { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 309 */
- { 0x0A, 315, 1, 6, "id-aca" }, /* 310 */
- { 0x01, 312, 0, 7, "authenticationInfo" }, /* 311 */
- { 0x02, 313, 0, 7, "accessIdentity" }, /* 312 */
- { 0x03, 314, 0, 7, "chargingIdentity" }, /* 313 */
- { 0x04, 0, 0, 7, "group" }, /* 314 */
- { 0x0B, 316, 0, 6, "subjectInfoAccess" }, /* 315 */
- { 0x30, 0, 1, 6, "id-ad" }, /* 316 */
- { 0x01, 325, 1, 7, "ocsp" }, /* 317 */
- { 0x01, 319, 0, 8, "basic" }, /* 318 */
- { 0x02, 320, 0, 8, "nonce" }, /* 319 */
- { 0x03, 321, 0, 8, "crl" }, /* 320 */
- { 0x04, 322, 0, 8, "response" }, /* 321 */
- { 0x05, 323, 0, 8, "noCheck" }, /* 322 */
- { 0x06, 324, 0, 8, "archiveCutoff" }, /* 323 */
- { 0x07, 0, 0, 8, "serviceLocator" }, /* 324 */
- { 0x02, 326, 0, 7, "caIssuers" }, /* 325 */
- { 0x03, 327, 0, 7, "timeStamping" }, /* 326 */
- { 0x05, 0, 0, 7, "caRepository" }, /* 327 */
- { 0x08, 0, 1, 5, "ipsec" }, /* 328 */
- { 0x02, 0, 1, 6, "certificate" }, /* 329 */
- { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 330 */
- { 0x0E, 337, 1, 1, "oiw" }, /* 331 */
- { 0x03, 0, 1, 2, "secsig" }, /* 332 */
- { 0x02, 0, 1, 3, "algorithms" }, /* 333 */
- { 0x07, 335, 0, 4, "des-cbc" }, /* 334 */
- { 0x1A, 336, 0, 4, "sha-1" }, /* 335 */
- { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 336 */
- { 0x24, 383, 1, 1, "TeleTrusT" }, /* 337 */
- { 0x03, 0, 1, 2, "algorithm" }, /* 338 */
- { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 339 */
- { 0x01, 344, 1, 4, "rsaSignature" }, /* 340 */
- { 0x02, 342, 0, 5, "rsaSigWithripemd160" }, /* 341 */
- { 0x03, 343, 0, 5, "rsaSigWithripemd128" }, /* 342 */
- { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 343 */
- { 0x02, 0, 1, 4, "ecSign" }, /* 344 */
- { 0x01, 346, 0, 5, "ecSignWithsha1" }, /* 345 */
- { 0x02, 347, 0, 5, "ecSignWithripemd160" }, /* 346 */
- { 0x03, 348, 0, 5, "ecSignWithmd2" }, /* 347 */
- { 0x04, 349, 0, 5, "ecSignWithmd5" }, /* 348 */
- { 0x05, 366, 1, 5, "ttt-ecg" }, /* 349 */
- { 0x01, 354, 1, 6, "fieldType" }, /* 350 */
- { 0x01, 0, 1, 7, "characteristictwoField" }, /* 351 */
- { 0x01, 0, 1, 8, "basisType" }, /* 352 */
- { 0x01, 0, 0, 9, "ipBasis" }, /* 353 */
- { 0x02, 356, 1, 6, "keyType" }, /* 354 */
- { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 355 */
- { 0x03, 357, 0, 6, "curve" }, /* 356 */
- { 0x04, 364, 1, 6, "signatures" }, /* 357 */
- { 0x01, 359, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 358 */
- { 0x02, 360, 0, 7, "ecgdsa-with-SHA1" }, /* 359 */
- { 0x03, 361, 0, 7, "ecgdsa-with-SHA224" }, /* 360 */
- { 0x04, 362, 0, 7, "ecgdsa-with-SHA256" }, /* 361 */
- { 0x05, 363, 0, 7, "ecgdsa-with-SHA384" }, /* 362 */
- { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 363 */
- { 0x05, 0, 1, 6, "module" }, /* 364 */
- { 0x01, 0, 0, 7, "1" }, /* 365 */
- { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 366 */
- { 0x01, 0, 1, 6, "ellipticCurve" }, /* 367 */
- { 0x01, 0, 1, 7, "versionOne" }, /* 368 */
- { 0x01, 370, 0, 8, "brainpoolP160r1" }, /* 369 */
- { 0x02, 371, 0, 8, "brainpoolP160t1" }, /* 370 */
- { 0x03, 372, 0, 8, "brainpoolP192r1" }, /* 371 */
- { 0x04, 373, 0, 8, "brainpoolP192t1" }, /* 372 */
- { 0x05, 374, 0, 8, "brainpoolP224r1" }, /* 373 */
- { 0x06, 375, 0, 8, "brainpoolP224t1" }, /* 374 */
- { 0x07, 376, 0, 8, "brainpoolP256r1" }, /* 375 */
- { 0x08, 377, 0, 8, "brainpoolP256t1" }, /* 376 */
- { 0x09, 378, 0, 8, "brainpoolP320r1" }, /* 377 */
- { 0x0A, 379, 0, 8, "brainpoolP320t1" }, /* 378 */
- { 0x0B, 380, 0, 8, "brainpoolP384r1" }, /* 379 */
- { 0x0C, 381, 0, 8, "brainpoolP384t1" }, /* 380 */
- { 0x0D, 382, 0, 8, "brainpoolP512r1" }, /* 381 */
- { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 382 */
- { 0x81, 0, 1, 1, "" }, /* 383 */
- { 0x04, 0, 1, 2, "Certicom" }, /* 384 */
- { 0x00, 0, 1, 3, "curve" }, /* 385 */
- { 0x01, 387, 0, 4, "sect163k1" }, /* 386 */
- { 0x02, 388, 0, 4, "sect163r1" }, /* 387 */
- { 0x03, 389, 0, 4, "sect239k1" }, /* 388 */
- { 0x04, 390, 0, 4, "sect113r1" }, /* 389 */
- { 0x05, 391, 0, 4, "sect113r2" }, /* 390 */
- { 0x06, 392, 0, 4, "secp112r1" }, /* 391 */
- { 0x07, 393, 0, 4, "secp112r2" }, /* 392 */
- { 0x08, 394, 0, 4, "secp160r1" }, /* 393 */
- { 0x09, 395, 0, 4, "secp160k1" }, /* 394 */
- { 0x0A, 396, 0, 4, "secp256k1" }, /* 395 */
- { 0x0F, 397, 0, 4, "sect163r2" }, /* 396 */
- { 0x10, 398, 0, 4, "sect283k1" }, /* 397 */
- { 0x11, 399, 0, 4, "sect283r1" }, /* 398 */
- { 0x16, 400, 0, 4, "sect131r1" }, /* 399 */
- { 0x17, 401, 0, 4, "sect131r2" }, /* 400 */
- { 0x18, 402, 0, 4, "sect193r1" }, /* 401 */
- { 0x19, 403, 0, 4, "sect193r2" }, /* 402 */
- { 0x1A, 404, 0, 4, "sect233k1" }, /* 403 */
- { 0x1B, 405, 0, 4, "sect233r1" }, /* 404 */
- { 0x1C, 406, 0, 4, "secp128r1" }, /* 405 */
- { 0x1D, 407, 0, 4, "secp128r2" }, /* 406 */
- { 0x1E, 408, 0, 4, "secp160r2" }, /* 407 */
- { 0x1F, 409, 0, 4, "secp192k1" }, /* 408 */
- { 0x20, 410, 0, 4, "secp224k1" }, /* 409 */
- { 0x21, 411, 0, 4, "secp224r1" }, /* 410 */
- { 0x22, 412, 0, 4, "secp384r1" }, /* 411 */
- { 0x23, 413, 0, 4, "secp521r1" }, /* 412 */
- { 0x24, 414, 0, 4, "sect409k1" }, /* 413 */
- { 0x25, 415, 0, 4, "sect409r1" }, /* 414 */
- { 0x26, 416, 0, 4, "sect571k1" }, /* 415 */
- { 0x27, 0, 0, 4, "sect571r1" }, /* 416 */
- {0x60, 471, 1, 0, "" }, /* 417 */
- { 0x86, 0, 1, 1, "" }, /* 418 */
- { 0x48, 0, 1, 2, "" }, /* 419 */
- { 0x01, 0, 1, 3, "organization" }, /* 420 */
- { 0x65, 447, 1, 4, "gov" }, /* 421 */
- { 0x03, 0, 1, 5, "csor" }, /* 422 */
- { 0x04, 0, 1, 6, "nistalgorithm" }, /* 423 */
- { 0x01, 434, 1, 7, "aes" }, /* 424 */
- { 0x02, 426, 0, 8, "id-aes128-CBC" }, /* 425 */
- { 0x06, 427, 0, 8, "id-aes128-GCM" }, /* 426 */
- { 0x07, 428, 0, 8, "id-aes128-CCM" }, /* 427 */
- { 0x16, 429, 0, 8, "id-aes192-CBC" }, /* 428 */
- { 0x1A, 430, 0, 8, "id-aes192-GCM" }, /* 429 */
- { 0x1B, 431, 0, 8, "id-aes192-CCM" }, /* 430 */
- { 0x2A, 432, 0, 8, "id-aes256-CBC" }, /* 431 */
- { 0x2E, 433, 0, 8, "id-aes256-GCM" }, /* 432 */
- { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 433 */
- { 0x02, 0, 1, 7, "hashalgs" }, /* 434 */
- { 0x01, 436, 0, 8, "id-sha256" }, /* 435 */
- { 0x02, 437, 0, 8, "id-sha384" }, /* 436 */
- { 0x03, 438, 0, 8, "id-sha512" }, /* 437 */
- { 0x04, 439, 0, 8, "id-sha224" }, /* 438 */
- { 0x05, 440, 0, 8, "id-sha512-224" }, /* 439 */
- { 0x06, 441, 0, 8, "id-sha512-256" }, /* 440 */
- { 0x07, 442, 0, 8, "id-sha3-224" }, /* 441 */
- { 0x08, 443, 0, 8, "id-sha3-256" }, /* 442 */
- { 0x09, 444, 0, 8, "id-sha3-384" }, /* 443 */
- { 0x0A, 445, 0, 8, "id-sha3-512" }, /* 444 */
- { 0x0B, 446, 0, 8, "id-shake128" }, /* 445 */
- { 0x0C, 0, 0, 8, "id-shake256" }, /* 446 */
- { 0x86, 0, 1, 4, "" }, /* 447 */
- { 0xf8, 0, 1, 5, "" }, /* 448 */
- { 0x42, 461, 1, 6, "netscape" }, /* 449 */
- { 0x01, 456, 1, 7, "" }, /* 450 */
- { 0x01, 452, 0, 8, "nsCertType" }, /* 451 */
- { 0x03, 453, 0, 8, "nsRevocationUrl" }, /* 452 */
- { 0x04, 454, 0, 8, "nsCaRevocationUrl" }, /* 453 */
- { 0x08, 455, 0, 8, "nsCaPolicyUrl" }, /* 454 */
- { 0x0d, 0, 0, 8, "nsComment" }, /* 455 */
- { 0x03, 459, 1, 7, "directory" }, /* 456 */
- { 0x01, 0, 1, 8, "" }, /* 457 */
- { 0x03, 0, 0, 9, "employeeNumber" }, /* 458 */
- { 0x04, 0, 1, 7, "policy" }, /* 459 */
- { 0x01, 0, 0, 8, "nsSGC" }, /* 460 */
- { 0x45, 0, 1, 6, "verisign" }, /* 461 */
- { 0x01, 0, 1, 7, "pki" }, /* 462 */
- { 0x09, 0, 1, 8, "attributes" }, /* 463 */
- { 0x02, 465, 0, 9, "messageType" }, /* 464 */
- { 0x03, 466, 0, 9, "pkiStatus" }, /* 465 */
- { 0x04, 467, 0, 9, "failInfo" }, /* 466 */
- { 0x05, 468, 0, 9, "senderNonce" }, /* 467 */
- { 0x06, 469, 0, 9, "recipientNonce" }, /* 468 */
- { 0x07, 470, 0, 9, "transID" }, /* 469 */
- { 0x08, 0, 0, 9, "extensionReq" }, /* 470 */
- {0x67, 0, 1, 0, "" }, /* 471 */
- { 0x81, 0, 1, 1, "" }, /* 472 */
- { 0x05, 0, 1, 2, "" }, /* 473 */
- { 0x02, 0, 1, 3, "tcg-attribute" }, /* 474 */
- { 0x01, 476, 0, 4, "tcg-at-tpmManufacturer" }, /* 475 */
- { 0x02, 477, 0, 4, "tcg-at-tpmModel" }, /* 476 */
- { 0x03, 478, 0, 4, "tcg-at-tpmVersion" }, /* 477 */
- { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 478 */
+ { 0x36, 37, 0, 2, "dmdName" }, /* 36 */
+ { 0x41, 38, 0, 2, "pseudonym" }, /* 37 */
+ { 0x48, 0, 0, 2, "role" }, /* 38 */
+ { 0x1D, 0, 1, 1, "id-ce" }, /* 39 */
+ { 0x09, 41, 0, 2, "subjectDirectoryAttrs" }, /* 40 */
+ { 0x0E, 42, 0, 2, "subjectKeyIdentifier" }, /* 41 */
+ { 0x0F, 43, 0, 2, "keyUsage" }, /* 42 */
+ { 0x10, 44, 0, 2, "privateKeyUsagePeriod" }, /* 43 */
+ { 0x11, 45, 0, 2, "subjectAltName" }, /* 44 */
+ { 0x12, 46, 0, 2, "issuerAltName" }, /* 45 */
+ { 0x13, 47, 0, 2, "basicConstraints" }, /* 46 */
+ { 0x14, 48, 0, 2, "crlNumber" }, /* 47 */
+ { 0x15, 49, 0, 2, "reasonCode" }, /* 48 */
+ { 0x17, 50, 0, 2, "holdInstructionCode" }, /* 49 */
+ { 0x18, 51, 0, 2, "invalidityDate" }, /* 50 */
+ { 0x1B, 52, 0, 2, "deltaCrlIndicator" }, /* 51 */
+ { 0x1C, 53, 0, 2, "issuingDistributionPoint" }, /* 52 */
+ { 0x1D, 54, 0, 2, "certificateIssuer" }, /* 53 */
+ { 0x1E, 55, 0, 2, "nameConstraints" }, /* 54 */
+ { 0x1F, 56, 0, 2, "crlDistributionPoints" }, /* 55 */
+ { 0x20, 58, 1, 2, "certificatePolicies" }, /* 56 */
+ { 0x00, 0, 0, 3, "anyPolicy" }, /* 57 */
+ { 0x21, 59, 0, 2, "policyMappings" }, /* 58 */
+ { 0x23, 60, 0, 2, "authorityKeyIdentifier" }, /* 59 */
+ { 0x24, 61, 0, 2, "policyConstraints" }, /* 60 */
+ { 0x25, 63, 1, 2, "extendedKeyUsage" }, /* 61 */
+ { 0x00, 0, 0, 3, "anyExtendedKeyUsage" }, /* 62 */
+ { 0x2E, 64, 0, 2, "freshestCRL" }, /* 63 */
+ { 0x36, 65, 0, 2, "inhibitAnyPolicy" }, /* 64 */
+ { 0x37, 66, 0, 2, "targetInformation" }, /* 65 */
+ { 0x38, 0, 0, 2, "noRevAvail" }, /* 66 */
+ {0x2A, 191, 1, 0, "" }, /* 67 */
+ { 0x83, 80, 1, 1, "" }, /* 68 */
+ { 0x08, 0, 1, 2, "jp" }, /* 69 */
+ { 0x8C, 0, 1, 3, "" }, /* 70 */
+ { 0x9A, 0, 1, 4, "" }, /* 71 */
+ { 0x4B, 0, 1, 5, "" }, /* 72 */
+ { 0x3D, 0, 1, 6, "" }, /* 73 */
+ { 0x01, 0, 1, 7, "security" }, /* 74 */
+ { 0x01, 0, 1, 8, "algorithm" }, /* 75 */
+ { 0x01, 0, 1, 9, "symm-encryption-alg" }, /* 76 */
+ { 0x02, 78, 0, 10, "camellia128-cbc" }, /* 77 */
+ { 0x03, 79, 0, 10, "camellia192-cbc" }, /* 78 */
+ { 0x04, 0, 0, 10, "camellia256-cbc" }, /* 79 */
+ { 0x86, 0, 1, 1, "" }, /* 80 */
+ { 0x48, 0, 1, 2, "us" }, /* 81 */
+ { 0x86, 150, 1, 3, "" }, /* 82 */
+ { 0xF6, 88, 1, 4, "" }, /* 83 */
+ { 0x7D, 0, 1, 5, "NortelNetworks" }, /* 84 */
+ { 0x07, 0, 1, 6, "Entrust" }, /* 85 */
+ { 0x41, 0, 1, 7, "nsn-ce" }, /* 86 */
+ { 0x00, 0, 0, 8, "entrustVersInfo" }, /* 87 */
+ { 0xF7, 0, 1, 4, "" }, /* 88 */
+ { 0x0D, 0, 1, 5, "RSADSI" }, /* 89 */
+ { 0x01, 145, 1, 6, "PKCS" }, /* 90 */
+ { 0x01, 103, 1, 7, "PKCS-1" }, /* 91 */
+ { 0x01, 93, 0, 8, "rsaEncryption" }, /* 92 */
+ { 0x02, 94, 0, 8, "md2WithRSAEncryption" }, /* 93 */
+ { 0x04, 95, 0, 8, "md5WithRSAEncryption" }, /* 94 */
+ { 0x05, 96, 0, 8, "sha-1WithRSAEncryption" }, /* 95 */
+ { 0x07, 97, 0, 8, "id-RSAES-OAEP" }, /* 96 */
+ { 0x08, 98, 0, 8, "id-mgf1" }, /* 97 */
+ { 0x09, 99, 0, 8, "id-pSpecified" }, /* 98 */
+ { 0x0B, 100, 0, 8, "sha256WithRSAEncryption" }, /* 99 */
+ { 0x0C, 101, 0, 8, "sha384WithRSAEncryption" }, /* 100 */
+ { 0x0D, 102, 0, 8, "sha512WithRSAEncryption" }, /* 101 */
+ { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 102 */
+ { 0x05, 108, 1, 7, "PKCS-5" }, /* 103 */
+ { 0x03, 105, 0, 8, "pbeWithMD5AndDES-CBC" }, /* 104 */
+ { 0x0A, 106, 0, 8, "pbeWithSHA1AndDES-CBC" }, /* 105 */
+ { 0x0C, 107, 0, 8, "id-PBKDF2" }, /* 106 */
+ { 0x0D, 0, 0, 8, "id-PBES2" }, /* 107 */
+ { 0x07, 115, 1, 7, "PKCS-7" }, /* 108 */
+ { 0x01, 110, 0, 8, "data" }, /* 109 */
+ { 0x02, 111, 0, 8, "signedData" }, /* 110 */
+ { 0x03, 112, 0, 8, "envelopedData" }, /* 111 */
+ { 0x04, 113, 0, 8, "signedAndEnvelopedData" }, /* 112 */
+ { 0x05, 114, 0, 8, "digestedData" }, /* 113 */
+ { 0x06, 0, 0, 8, "encryptedData" }, /* 114 */
+ { 0x09, 129, 1, 7, "PKCS-9" }, /* 115 */
+ { 0x01, 117, 0, 8, "E" }, /* 116 */
+ { 0x02, 118, 0, 8, "unstructuredName" }, /* 117 */
+ { 0x03, 119, 0, 8, "contentType" }, /* 118 */
+ { 0x04, 120, 0, 8, "messageDigest" }, /* 119 */
+ { 0x05, 121, 0, 8, "signingTime" }, /* 120 */
+ { 0x06, 122, 0, 8, "counterSignature" }, /* 121 */
+ { 0x07, 123, 0, 8, "challengePassword" }, /* 122 */
+ { 0x08, 124, 0, 8, "unstructuredAddress" }, /* 123 */
+ { 0x0E, 125, 0, 8, "extensionRequest" }, /* 124 */
+ { 0x0F, 126, 0, 8, "S/MIME Capabilities" }, /* 125 */
+ { 0x16, 0, 1, 8, "certTypes" }, /* 126 */
+ { 0x01, 128, 0, 9, "X.509" }, /* 127 */
+ { 0x02, 0, 0, 9, "SDSI" }, /* 128 */
+ { 0x0c, 0, 1, 7, "PKCS-12" }, /* 129 */
+ { 0x01, 137, 1, 8, "pbeIds" }, /* 130 */
+ { 0x01, 132, 0, 9, "pbeWithSHAAnd128BitRC4" }, /* 131 */
+ { 0x02, 133, 0, 9, "pbeWithSHAAnd40BitRC4" }, /* 132 */
+ { 0x03, 134, 0, 9, "pbeWithSHAAnd3-KeyTripleDES-CBC"}, /* 133 */
+ { 0x04, 135, 0, 9, "pbeWithSHAAnd2-KeyTripleDES-CBC"}, /* 134 */
+ { 0x05, 136, 0, 9, "pbeWithSHAAnd128BitRC2-CBC" }, /* 135 */
+ { 0x06, 0, 0, 9, "pbeWithSHAAnd40BitRC2-CBC" }, /* 136 */
+ { 0x0a, 0, 1, 8, "PKCS-12v1" }, /* 137 */
+ { 0x01, 0, 1, 9, "bagIds" }, /* 138 */
+ { 0x01, 140, 0, 10, "keyBag" }, /* 139 */
+ { 0x02, 141, 0, 10, "pkcs8ShroudedKeyBag" }, /* 140 */
+ { 0x03, 142, 0, 10, "certBag" }, /* 141 */
+ { 0x04, 143, 0, 10, "crlBag" }, /* 142 */
+ { 0x05, 144, 0, 10, "secretBag" }, /* 143 */
+ { 0x06, 0, 0, 10, "safeContentsBag" }, /* 144 */
+ { 0x02, 148, 1, 6, "digestAlgorithm" }, /* 145 */
+ { 0x02, 147, 0, 7, "md2" }, /* 146 */
+ { 0x05, 0, 0, 7, "md5" }, /* 147 */
+ { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 148 */
+ { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 149 */
+ { 0xCE, 0, 1, 3, "" }, /* 150 */
+ { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 151 */
+ { 0x02, 154, 1, 5, "id-publicKeyType" }, /* 152 */
+ { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 153 */
+ { 0x03, 184, 1, 5, "ellipticCurve" }, /* 154 */
+ { 0x00, 176, 1, 6, "c-TwoCurve" }, /* 155 */
+ { 0x01, 157, 0, 7, "c2pnb163v1" }, /* 156 */
+ { 0x02, 158, 0, 7, "c2pnb163v2" }, /* 157 */
+ { 0x03, 159, 0, 7, "c2pnb163v3" }, /* 158 */
+ { 0x04, 160, 0, 7, "c2pnb176w1" }, /* 159 */
+ { 0x05, 161, 0, 7, "c2tnb191v1" }, /* 160 */
+ { 0x06, 162, 0, 7, "c2tnb191v2" }, /* 161 */
+ { 0x07, 163, 0, 7, "c2tnb191v3" }, /* 162 */
+ { 0x08, 164, 0, 7, "c2onb191v4" }, /* 163 */
+ { 0x09, 165, 0, 7, "c2onb191v5" }, /* 164 */
+ { 0x0A, 166, 0, 7, "c2pnb208w1" }, /* 165 */
+ { 0x0B, 167, 0, 7, "c2tnb239v1" }, /* 166 */
+ { 0x0C, 168, 0, 7, "c2tnb239v2" }, /* 167 */
+ { 0x0D, 169, 0, 7, "c2tnb239v3" }, /* 168 */
+ { 0x0E, 170, 0, 7, "c2onb239v4" }, /* 169 */
+ { 0x0F, 171, 0, 7, "c2onb239v5" }, /* 170 */
+ { 0x10, 172, 0, 7, "c2pnb272w1" }, /* 171 */
+ { 0x11, 173, 0, 7, "c2pnb304w1" }, /* 172 */
+ { 0x12, 174, 0, 7, "c2tnb359v1" }, /* 173 */
+ { 0x13, 175, 0, 7, "c2pnb368w1" }, /* 174 */
+ { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 175 */
+ { 0x01, 0, 1, 6, "primeCurve" }, /* 176 */
+ { 0x01, 178, 0, 7, "prime192v1" }, /* 177 */
+ { 0x02, 179, 0, 7, "prime192v2" }, /* 178 */
+ { 0x03, 180, 0, 7, "prime192v3" }, /* 179 */
+ { 0x04, 181, 0, 7, "prime239v1" }, /* 180 */
+ { 0x05, 182, 0, 7, "prime239v2" }, /* 181 */
+ { 0x06, 183, 0, 7, "prime239v3" }, /* 182 */
+ { 0x07, 0, 0, 7, "prime256v1" }, /* 183 */
+ { 0x04, 0, 1, 5, "id-ecSigType" }, /* 184 */
+ { 0x01, 186, 0, 6, "ecdsa-with-SHA1" }, /* 185 */
+ { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 186 */
+ { 0x01, 188, 0, 7, "ecdsa-with-SHA224" }, /* 187 */
+ { 0x02, 189, 0, 7, "ecdsa-with-SHA256" }, /* 188 */
+ { 0x03, 190, 0, 7, "ecdsa-with-SHA384" }, /* 189 */
+ { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 190 */
+ {0x2B, 418, 1, 0, "" }, /* 191 */
+ { 0x06, 332, 1, 1, "dod" }, /* 192 */
+ { 0x01, 0, 1, 2, "internet" }, /* 193 */
+ { 0x04, 283, 1, 3, "private" }, /* 194 */
+ { 0x01, 0, 1, 4, "enterprise" }, /* 195 */
+ { 0x82, 233, 1, 5, "" }, /* 196 */
+ { 0x37, 209, 1, 6, "Microsoft" }, /* 197 */
+ { 0x0A, 202, 1, 7, "" }, /* 198 */
+ { 0x03, 0, 1, 8, "" }, /* 199 */
+ { 0x03, 201, 0, 9, "msSGC" }, /* 200 */
+ { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 201 */
+ { 0x14, 206, 1, 7, "msEnrollmentInfrastructure" }, /* 202 */
+ { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 203 */
+ { 0x02, 205, 0, 9, "msSmartcardLogon" }, /* 204 */
+ { 0x03, 0, 0, 9, "msUPN" }, /* 205 */
+ { 0x15, 0, 1, 7, "msCertSrvInfrastructure" }, /* 206 */
+ { 0x07, 208, 0, 8, "msCertTemplate" }, /* 207 */
+ { 0x0A, 0, 0, 8, "msApplicationCertPolicies" }, /* 208 */
+ { 0xA0, 0, 1, 6, "" }, /* 209 */
+ { 0x2A, 0, 1, 7, "ITA" }, /* 210 */
+ { 0x01, 212, 0, 8, "strongSwan" }, /* 211 */
+ { 0x02, 213, 0, 8, "cps" }, /* 212 */
+ { 0x03, 214, 0, 8, "e-voting" }, /* 213 */
+ { 0x05, 0, 1, 8, "BLISS" }, /* 214 */
+ { 0x01, 217, 1, 9, "keyType" }, /* 215 */
+ { 0x01, 0, 0, 10, "blissPublicKey" }, /* 216 */
+ { 0x02, 226, 1, 9, "parameters" }, /* 217 */
+ { 0x01, 219, 0, 10, "BLISS-I" }, /* 218 */
+ { 0x02, 220, 0, 10, "BLISS-II" }, /* 219 */
+ { 0x03, 221, 0, 10, "BLISS-III" }, /* 220 */
+ { 0x04, 222, 0, 10, "BLISS-IV" }, /* 221 */
+ { 0x05, 223, 0, 10, "BLISS-B-I" }, /* 222 */
+ { 0x06, 224, 0, 10, "BLISS-B-II" }, /* 223 */
+ { 0x07, 225, 0, 10, "BLISS-B-III" }, /* 224 */
+ { 0x08, 0, 0, 10, "BLISS-B-IV" }, /* 225 */
+ { 0x03, 0, 1, 9, "blissSigType" }, /* 226 */
+ { 0x01, 228, 0, 10, "BLISS-with-SHA2-512" }, /* 227 */
+ { 0x02, 229, 0, 10, "BLISS-with-SHA2-384" }, /* 228 */
+ { 0x03, 230, 0, 10, "BLISS-with-SHA2-256" }, /* 229 */
+ { 0x04, 231, 0, 10, "BLISS-with-SHA3-512" }, /* 230 */
+ { 0x05, 232, 0, 10, "BLISS-with-SHA3-384" }, /* 231 */
+ { 0x06, 0, 0, 10, "BLISS-with-SHA3-256" }, /* 232 */
+ { 0x89, 240, 1, 5, "" }, /* 233 */
+ { 0x31, 0, 1, 6, "" }, /* 234 */
+ { 0x01, 0, 1, 7, "" }, /* 235 */
+ { 0x01, 0, 1, 8, "" }, /* 236 */
+ { 0x02, 0, 1, 9, "" }, /* 237 */
+ { 0x02, 0, 1, 10, "" }, /* 238 */
+ { 0x4B, 0, 0, 11, "TCGID" }, /* 239 */
+ { 0x97, 244, 1, 5, "" }, /* 240 */
+ { 0x55, 0, 1, 6, "" }, /* 241 */
+ { 0x01, 0, 1, 7, "" }, /* 242 */
+ { 0x02, 0, 0, 8, "blowfish-cbc" }, /* 243 */
+ { 0xC1, 0, 1, 5, "" }, /* 244 */
+ { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 245 */
+ { 0x01, 0, 1, 7, "eess" }, /* 246 */
+ { 0x01, 0, 1, 8, "eess1" }, /* 247 */
+ { 0x01, 252, 1, 9, "eess1-algs" }, /* 248 */
+ { 0x01, 250, 0, 10, "ntru-EESS1v1-SVES" }, /* 249 */
+ { 0x02, 251, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 250 */
+ { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 251 */
+ { 0x02, 282, 1, 9, "eess1-params" }, /* 252 */
+ { 0x01, 254, 0, 10, "ees251ep1" }, /* 253 */
+ { 0x02, 255, 0, 10, "ees347ep1" }, /* 254 */
+ { 0x03, 256, 0, 10, "ees503ep1" }, /* 255 */
+ { 0x07, 257, 0, 10, "ees251sp2" }, /* 256 */
+ { 0x0C, 258, 0, 10, "ees251ep4" }, /* 257 */
+ { 0x0D, 259, 0, 10, "ees251ep5" }, /* 258 */
+ { 0x0E, 260, 0, 10, "ees251sp3" }, /* 259 */
+ { 0x0F, 261, 0, 10, "ees251sp4" }, /* 260 */
+ { 0x10, 262, 0, 10, "ees251sp5" }, /* 261 */
+ { 0x11, 263, 0, 10, "ees251sp6" }, /* 262 */
+ { 0x12, 264, 0, 10, "ees251sp7" }, /* 263 */
+ { 0x13, 265, 0, 10, "ees251sp8" }, /* 264 */
+ { 0x14, 266, 0, 10, "ees251sp9" }, /* 265 */
+ { 0x22, 267, 0, 10, "ees401ep1" }, /* 266 */
+ { 0x23, 268, 0, 10, "ees449ep1" }, /* 267 */
+ { 0x24, 269, 0, 10, "ees677ep1" }, /* 268 */
+ { 0x25, 270, 0, 10, "ees1087ep2" }, /* 269 */
+ { 0x26, 271, 0, 10, "ees541ep1" }, /* 270 */
+ { 0x27, 272, 0, 10, "ees613ep1" }, /* 271 */
+ { 0x28, 273, 0, 10, "ees887ep1" }, /* 272 */
+ { 0x29, 274, 0, 10, "ees1171ep1" }, /* 273 */
+ { 0x2A, 275, 0, 10, "ees659ep1" }, /* 274 */
+ { 0x2B, 276, 0, 10, "ees761ep1" }, /* 275 */
+ { 0x2C, 277, 0, 10, "ees1087ep1" }, /* 276 */
+ { 0x2D, 278, 0, 10, "ees1499ep1" }, /* 277 */
+ { 0x2E, 279, 0, 10, "ees401ep2" }, /* 278 */
+ { 0x2F, 280, 0, 10, "ees439ep1" }, /* 279 */
+ { 0x30, 281, 0, 10, "ees593ep1" }, /* 280 */
+ { 0x31, 0, 0, 10, "ees743ep1" }, /* 281 */
+ { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 282 */
+ { 0x05, 0, 1, 3, "security" }, /* 283 */
+ { 0x05, 0, 1, 4, "mechanisms" }, /* 284 */
+ { 0x07, 329, 1, 5, "id-pkix" }, /* 285 */
+ { 0x01, 290, 1, 6, "id-pe" }, /* 286 */
+ { 0x01, 288, 0, 7, "authorityInfoAccess" }, /* 287 */
+ { 0x03, 289, 0, 7, "qcStatements" }, /* 288 */
+ { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 289 */
+ { 0x02, 293, 1, 6, "id-qt" }, /* 290 */
+ { 0x01, 292, 0, 7, "cps" }, /* 291 */
+ { 0x02, 0, 0, 7, "unotice" }, /* 292 */
+ { 0x03, 303, 1, 6, "id-kp" }, /* 293 */
+ { 0x01, 295, 0, 7, "serverAuth" }, /* 294 */
+ { 0x02, 296, 0, 7, "clientAuth" }, /* 295 */
+ { 0x03, 297, 0, 7, "codeSigning" }, /* 296 */
+ { 0x04, 298, 0, 7, "emailProtection" }, /* 297 */
+ { 0x05, 299, 0, 7, "ipsecEndSystem" }, /* 298 */
+ { 0x06, 300, 0, 7, "ipsecTunnel" }, /* 299 */
+ { 0x07, 301, 0, 7, "ipsecUser" }, /* 300 */
+ { 0x08, 302, 0, 7, "timeStamping" }, /* 301 */
+ { 0x09, 0, 0, 7, "ocspSigning" }, /* 302 */
+ { 0x08, 311, 1, 6, "id-otherNames" }, /* 303 */
+ { 0x01, 305, 0, 7, "personalData" }, /* 304 */
+ { 0x02, 306, 0, 7, "userGroup" }, /* 305 */
+ { 0x03, 307, 0, 7, "id-on-permanentIdentifier" }, /* 306 */
+ { 0x04, 308, 0, 7, "id-on-hardwareModuleName" }, /* 307 */
+ { 0x05, 309, 0, 7, "xmppAddr" }, /* 308 */
+ { 0x06, 310, 0, 7, "id-on-SIM" }, /* 309 */
+ { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 310 */
+ { 0x0A, 316, 1, 6, "id-aca" }, /* 311 */
+ { 0x01, 313, 0, 7, "authenticationInfo" }, /* 312 */
+ { 0x02, 314, 0, 7, "accessIdentity" }, /* 313 */
+ { 0x03, 315, 0, 7, "chargingIdentity" }, /* 314 */
+ { 0x04, 0, 0, 7, "group" }, /* 315 */
+ { 0x0B, 317, 0, 6, "subjectInfoAccess" }, /* 316 */
+ { 0x30, 0, 1, 6, "id-ad" }, /* 317 */
+ { 0x01, 326, 1, 7, "ocsp" }, /* 318 */
+ { 0x01, 320, 0, 8, "basic" }, /* 319 */
+ { 0x02, 321, 0, 8, "nonce" }, /* 320 */
+ { 0x03, 322, 0, 8, "crl" }, /* 321 */
+ { 0x04, 323, 0, 8, "response" }, /* 322 */
+ { 0x05, 324, 0, 8, "noCheck" }, /* 323 */
+ { 0x06, 325, 0, 8, "archiveCutoff" }, /* 324 */
+ { 0x07, 0, 0, 8, "serviceLocator" }, /* 325 */
+ { 0x02, 327, 0, 7, "caIssuers" }, /* 326 */
+ { 0x03, 328, 0, 7, "timeStamping" }, /* 327 */
+ { 0x05, 0, 0, 7, "caRepository" }, /* 328 */
+ { 0x08, 0, 1, 5, "ipsec" }, /* 329 */
+ { 0x02, 0, 1, 6, "certificate" }, /* 330 */
+ { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 331 */
+ { 0x0E, 338, 1, 1, "oiw" }, /* 332 */
+ { 0x03, 0, 1, 2, "secsig" }, /* 333 */
+ { 0x02, 0, 1, 3, "algorithms" }, /* 334 */
+ { 0x07, 336, 0, 4, "des-cbc" }, /* 335 */
+ { 0x1A, 337, 0, 4, "sha-1" }, /* 336 */
+ { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 337 */
+ { 0x24, 384, 1, 1, "TeleTrusT" }, /* 338 */
+ { 0x03, 0, 1, 2, "algorithm" }, /* 339 */
+ { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 340 */
+ { 0x01, 345, 1, 4, "rsaSignature" }, /* 341 */
+ { 0x02, 343, 0, 5, "rsaSigWithripemd160" }, /* 342 */
+ { 0x03, 344, 0, 5, "rsaSigWithripemd128" }, /* 343 */
+ { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 344 */
+ { 0x02, 0, 1, 4, "ecSign" }, /* 345 */
+ { 0x01, 347, 0, 5, "ecSignWithsha1" }, /* 346 */
+ { 0x02, 348, 0, 5, "ecSignWithripemd160" }, /* 347 */
+ { 0x03, 349, 0, 5, "ecSignWithmd2" }, /* 348 */
+ { 0x04, 350, 0, 5, "ecSignWithmd5" }, /* 349 */
+ { 0x05, 367, 1, 5, "ttt-ecg" }, /* 350 */
+ { 0x01, 355, 1, 6, "fieldType" }, /* 351 */
+ { 0x01, 0, 1, 7, "characteristictwoField" }, /* 352 */
+ { 0x01, 0, 1, 8, "basisType" }, /* 353 */
+ { 0x01, 0, 0, 9, "ipBasis" }, /* 354 */
+ { 0x02, 357, 1, 6, "keyType" }, /* 355 */
+ { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 356 */
+ { 0x03, 358, 0, 6, "curve" }, /* 357 */
+ { 0x04, 365, 1, 6, "signatures" }, /* 358 */
+ { 0x01, 360, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 359 */
+ { 0x02, 361, 0, 7, "ecgdsa-with-SHA1" }, /* 360 */
+ { 0x03, 362, 0, 7, "ecgdsa-with-SHA224" }, /* 361 */
+ { 0x04, 363, 0, 7, "ecgdsa-with-SHA256" }, /* 362 */
+ { 0x05, 364, 0, 7, "ecgdsa-with-SHA384" }, /* 363 */
+ { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 364 */
+ { 0x05, 0, 1, 6, "module" }, /* 365 */
+ { 0x01, 0, 0, 7, "1" }, /* 366 */
+ { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 367 */
+ { 0x01, 0, 1, 6, "ellipticCurve" }, /* 368 */
+ { 0x01, 0, 1, 7, "versionOne" }, /* 369 */
+ { 0x01, 371, 0, 8, "brainpoolP160r1" }, /* 370 */
+ { 0x02, 372, 0, 8, "brainpoolP160t1" }, /* 371 */
+ { 0x03, 373, 0, 8, "brainpoolP192r1" }, /* 372 */
+ { 0x04, 374, 0, 8, "brainpoolP192t1" }, /* 373 */
+ { 0x05, 375, 0, 8, "brainpoolP224r1" }, /* 374 */
+ { 0x06, 376, 0, 8, "brainpoolP224t1" }, /* 375 */
+ { 0x07, 377, 0, 8, "brainpoolP256r1" }, /* 376 */
+ { 0x08, 378, 0, 8, "brainpoolP256t1" }, /* 377 */
+ { 0x09, 379, 0, 8, "brainpoolP320r1" }, /* 378 */
+ { 0x0A, 380, 0, 8, "brainpoolP320t1" }, /* 379 */
+ { 0x0B, 381, 0, 8, "brainpoolP384r1" }, /* 380 */
+ { 0x0C, 382, 0, 8, "brainpoolP384t1" }, /* 381 */
+ { 0x0D, 383, 0, 8, "brainpoolP512r1" }, /* 382 */
+ { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 383 */
+ { 0x81, 0, 1, 1, "" }, /* 384 */
+ { 0x04, 0, 1, 2, "Certicom" }, /* 385 */
+ { 0x00, 0, 1, 3, "curve" }, /* 386 */
+ { 0x01, 388, 0, 4, "sect163k1" }, /* 387 */
+ { 0x02, 389, 0, 4, "sect163r1" }, /* 388 */
+ { 0x03, 390, 0, 4, "sect239k1" }, /* 389 */
+ { 0x04, 391, 0, 4, "sect113r1" }, /* 390 */
+ { 0x05, 392, 0, 4, "sect113r2" }, /* 391 */
+ { 0x06, 393, 0, 4, "secp112r1" }, /* 392 */
+ { 0x07, 394, 0, 4, "secp112r2" }, /* 393 */
+ { 0x08, 395, 0, 4, "secp160r1" }, /* 394 */
+ { 0x09, 396, 0, 4, "secp160k1" }, /* 395 */
+ { 0x0A, 397, 0, 4, "secp256k1" }, /* 396 */
+ { 0x0F, 398, 0, 4, "sect163r2" }, /* 397 */
+ { 0x10, 399, 0, 4, "sect283k1" }, /* 398 */
+ { 0x11, 400, 0, 4, "sect283r1" }, /* 399 */
+ { 0x16, 401, 0, 4, "sect131r1" }, /* 400 */
+ { 0x17, 402, 0, 4, "sect131r2" }, /* 401 */
+ { 0x18, 403, 0, 4, "sect193r1" }, /* 402 */
+ { 0x19, 404, 0, 4, "sect193r2" }, /* 403 */
+ { 0x1A, 405, 0, 4, "sect233k1" }, /* 404 */
+ { 0x1B, 406, 0, 4, "sect233r1" }, /* 405 */
+ { 0x1C, 407, 0, 4, "secp128r1" }, /* 406 */
+ { 0x1D, 408, 0, 4, "secp128r2" }, /* 407 */
+ { 0x1E, 409, 0, 4, "secp160r2" }, /* 408 */
+ { 0x1F, 410, 0, 4, "secp192k1" }, /* 409 */
+ { 0x20, 411, 0, 4, "secp224k1" }, /* 410 */
+ { 0x21, 412, 0, 4, "secp224r1" }, /* 411 */
+ { 0x22, 413, 0, 4, "secp384r1" }, /* 412 */
+ { 0x23, 414, 0, 4, "secp521r1" }, /* 413 */
+ { 0x24, 415, 0, 4, "sect409k1" }, /* 414 */
+ { 0x25, 416, 0, 4, "sect409r1" }, /* 415 */
+ { 0x26, 417, 0, 4, "sect571k1" }, /* 416 */
+ { 0x27, 0, 0, 4, "sect571r1" }, /* 417 */
+ {0x60, 472, 1, 0, "" }, /* 418 */
+ { 0x86, 0, 1, 1, "" }, /* 419 */
+ { 0x48, 0, 1, 2, "" }, /* 420 */
+ { 0x01, 0, 1, 3, "organization" }, /* 421 */
+ { 0x65, 448, 1, 4, "gov" }, /* 422 */
+ { 0x03, 0, 1, 5, "csor" }, /* 423 */
+ { 0x04, 0, 1, 6, "nistalgorithm" }, /* 424 */
+ { 0x01, 435, 1, 7, "aes" }, /* 425 */
+ { 0x02, 427, 0, 8, "id-aes128-CBC" }, /* 426 */
+ { 0x06, 428, 0, 8, "id-aes128-GCM" }, /* 427 */
+ { 0x07, 429, 0, 8, "id-aes128-CCM" }, /* 428 */
+ { 0x16, 430, 0, 8, "id-aes192-CBC" }, /* 429 */
+ { 0x1A, 431, 0, 8, "id-aes192-GCM" }, /* 430 */
+ { 0x1B, 432, 0, 8, "id-aes192-CCM" }, /* 431 */
+ { 0x2A, 433, 0, 8, "id-aes256-CBC" }, /* 432 */
+ { 0x2E, 434, 0, 8, "id-aes256-GCM" }, /* 433 */
+ { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 434 */
+ { 0x02, 0, 1, 7, "hashalgs" }, /* 435 */
+ { 0x01, 437, 0, 8, "id-sha256" }, /* 436 */
+ { 0x02, 438, 0, 8, "id-sha384" }, /* 437 */
+ { 0x03, 439, 0, 8, "id-sha512" }, /* 438 */
+ { 0x04, 440, 0, 8, "id-sha224" }, /* 439 */
+ { 0x05, 441, 0, 8, "id-sha512-224" }, /* 440 */
+ { 0x06, 442, 0, 8, "id-sha512-256" }, /* 441 */
+ { 0x07, 443, 0, 8, "id-sha3-224" }, /* 442 */
+ { 0x08, 444, 0, 8, "id-sha3-256" }, /* 443 */
+ { 0x09, 445, 0, 8, "id-sha3-384" }, /* 444 */
+ { 0x0A, 446, 0, 8, "id-sha3-512" }, /* 445 */
+ { 0x0B, 447, 0, 8, "id-shake128" }, /* 446 */
+ { 0x0C, 0, 0, 8, "id-shake256" }, /* 447 */
+ { 0x86, 0, 1, 4, "" }, /* 448 */
+ { 0xf8, 0, 1, 5, "" }, /* 449 */
+ { 0x42, 462, 1, 6, "netscape" }, /* 450 */
+ { 0x01, 457, 1, 7, "" }, /* 451 */
+ { 0x01, 453, 0, 8, "nsCertType" }, /* 452 */
+ { 0x03, 454, 0, 8, "nsRevocationUrl" }, /* 453 */
+ { 0x04, 455, 0, 8, "nsCaRevocationUrl" }, /* 454 */
+ { 0x08, 456, 0, 8, "nsCaPolicyUrl" }, /* 455 */
+ { 0x0d, 0, 0, 8, "nsComment" }, /* 456 */
+ { 0x03, 460, 1, 7, "directory" }, /* 457 */
+ { 0x01, 0, 1, 8, "" }, /* 458 */
+ { 0x03, 0, 0, 9, "employeeNumber" }, /* 459 */
+ { 0x04, 0, 1, 7, "policy" }, /* 460 */
+ { 0x01, 0, 0, 8, "nsSGC" }, /* 461 */
+ { 0x45, 0, 1, 6, "verisign" }, /* 462 */
+ { 0x01, 0, 1, 7, "pki" }, /* 463 */
+ { 0x09, 0, 1, 8, "attributes" }, /* 464 */
+ { 0x02, 466, 0, 9, "messageType" }, /* 465 */
+ { 0x03, 467, 0, 9, "pkiStatus" }, /* 466 */
+ { 0x04, 468, 0, 9, "failInfo" }, /* 467 */
+ { 0x05, 469, 0, 9, "senderNonce" }, /* 468 */
+ { 0x06, 470, 0, 9, "recipientNonce" }, /* 469 */
+ { 0x07, 471, 0, 9, "transID" }, /* 470 */
+ { 0x08, 0, 0, 9, "extensionReq" }, /* 471 */
+ {0x67, 0, 1, 0, "" }, /* 472 */
+ { 0x81, 0, 1, 1, "" }, /* 473 */
+ { 0x05, 0, 1, 2, "" }, /* 474 */
+ { 0x02, 0, 1, 3, "tcg-attribute" }, /* 475 */
+ { 0x01, 477, 0, 4, "tcg-at-tpmManufacturer" }, /* 476 */
+ { 0x02, 478, 0, 4, "tcg-at-tpmModel" }, /* 477 */
+ { 0x03, 479, 0, 4, "tcg-at-tpmVersion" }, /* 478 */
+ { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 479 */
};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 1120156e5..042f108dd 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -40,221 +40,222 @@ extern const oid_t oid_names[];
#define OID_INITIALS 33
#define OID_UNIQUE_IDENTIFIER 34
#define OID_DN_QUALIFIER 35
-#define OID_PSEUDONYM 36
-#define OID_ROLE 37
-#define OID_SUBJECT_KEY_ID 40
-#define OID_KEY_USAGE 41
-#define OID_SUBJECT_ALT_NAME 43
-#define OID_BASIC_CONSTRAINTS 45
-#define OID_CRL_NUMBER 46
-#define OID_CRL_REASON_CODE 47
-#define OID_DELTA_CRL_INDICATOR 50
-#define OID_ISSUING_DIST_POINT 51
-#define OID_NAME_CONSTRAINTS 53
-#define OID_CRL_DISTRIBUTION_POINTS 54
-#define OID_CERTIFICATE_POLICIES 55
-#define OID_ANY_POLICY 56
-#define OID_POLICY_MAPPINGS 57
-#define OID_AUTHORITY_KEY_ID 58
-#define OID_POLICY_CONSTRAINTS 59
-#define OID_EXTENDED_KEY_USAGE 60
-#define OID_FRESHEST_CRL 62
-#define OID_INHIBIT_ANY_POLICY 63
-#define OID_TARGET_INFORMATION 64
-#define OID_NO_REV_AVAIL 65
-#define OID_CAMELLIA128_CBC 76
-#define OID_CAMELLIA192_CBC 77
-#define OID_CAMELLIA256_CBC 78
-#define OID_RSA_ENCRYPTION 91
-#define OID_MD2_WITH_RSA 92
-#define OID_MD5_WITH_RSA 93
-#define OID_SHA1_WITH_RSA 94
-#define OID_RSAES_OAEP 95
-#define OID_SHA256_WITH_RSA 98
-#define OID_SHA384_WITH_RSA 99
-#define OID_SHA512_WITH_RSA 100
-#define OID_SHA224_WITH_RSA 101
-#define OID_PBE_MD5_DES_CBC 103
-#define OID_PBE_SHA1_DES_CBC 104
-#define OID_PBKDF2 105
-#define OID_PBES2 106
-#define OID_PKCS7_DATA 108
-#define OID_PKCS7_SIGNED_DATA 109
-#define OID_PKCS7_ENVELOPED_DATA 110
-#define OID_PKCS7_SIGNED_ENVELOPED_DATA 111
-#define OID_PKCS7_DIGESTED_DATA 112
-#define OID_PKCS7_ENCRYPTED_DATA 113
-#define OID_EMAIL_ADDRESS 115
-#define OID_UNSTRUCTURED_NAME 116
-#define OID_PKCS9_CONTENT_TYPE 117
-#define OID_PKCS9_MESSAGE_DIGEST 118
-#define OID_PKCS9_SIGNING_TIME 119
-#define OID_CHALLENGE_PASSWORD 121
-#define OID_UNSTRUCTURED_ADDRESS 122
-#define OID_EXTENSION_REQUEST 123
-#define OID_X509_CERTIFICATE 126
-#define OID_PBE_SHA1_RC4_128 130
-#define OID_PBE_SHA1_RC4_40 131
-#define OID_PBE_SHA1_3DES_CBC 132
-#define OID_PBE_SHA1_3DES_2KEY_CBC 133
-#define OID_PBE_SHA1_RC2_CBC_128 134
-#define OID_PBE_SHA1_RC2_CBC_40 135
-#define OID_P12_KEY_BAG 138
-#define OID_P12_PKCS8_KEY_BAG 139
-#define OID_P12_CERT_BAG 140
-#define OID_P12_CRL_BAG 141
-#define OID_MD2 145
-#define OID_MD5 146
-#define OID_3DES_EDE_CBC 148
-#define OID_EC_PUBLICKEY 152
-#define OID_C2PNB163V1 155
-#define OID_C2PNB163V2 156
-#define OID_C2PNB163V3 157
-#define OID_C2PNB176W1 158
-#define OID_C2PNB191V1 159
-#define OID_C2PNB191V2 160
-#define OID_C2PNB191V3 161
-#define OID_C2PNB191V4 162
-#define OID_C2PNB191V5 163
-#define OID_C2PNB208W1 164
-#define OID_C2PNB239V1 165
-#define OID_C2PNB239V2 166
-#define OID_C2PNB239V3 167
-#define OID_C2PNB239V4 168
-#define OID_C2PNB239V5 169
-#define OID_C2PNB272W1 170
-#define OID_C2PNB304W1 171
-#define OID_C2PNB359V1 172
-#define OID_C2PNB368W1 173
-#define OID_C2PNB431R1 174
-#define OID_PRIME192V1 176
-#define OID_PRIME192V2 177
-#define OID_PRIME192V3 178
-#define OID_PRIME239V1 179
-#define OID_PRIME239V2 180
-#define OID_PRIME239V3 181
-#define OID_PRIME256V1 182
-#define OID_ECDSA_WITH_SHA1 184
-#define OID_ECDSA_WITH_SHA224 186
-#define OID_ECDSA_WITH_SHA256 187
-#define OID_ECDSA_WITH_SHA384 188
-#define OID_ECDSA_WITH_SHA512 189
-#define OID_MS_SMARTCARD_LOGON 203
-#define OID_USER_PRINCIPAL_NAME 204
-#define OID_STRONGSWAN 210
-#define OID_BLISS_PUBLICKEY 215
-#define OID_BLISS_I 217
-#define OID_BLISS_II 218
-#define OID_BLISS_III 219
-#define OID_BLISS_IV 220
-#define OID_BLISS_B_I 221
-#define OID_BLISS_B_II 222
-#define OID_BLISS_B_III 223
-#define OID_BLISS_B_IV 224
-#define OID_BLISS_WITH_SHA2_512 226
-#define OID_BLISS_WITH_SHA2_384 227
-#define OID_BLISS_WITH_SHA2_256 228
-#define OID_BLISS_WITH_SHA3_512 229
-#define OID_BLISS_WITH_SHA3_384 230
-#define OID_BLISS_WITH_SHA3_256 231
-#define OID_TCGID 238
-#define OID_BLOWFISH_CBC 242
-#define OID_AUTHORITY_INFO_ACCESS 286
-#define OID_IP_ADDR_BLOCKS 288
-#define OID_POLICY_QUALIFIER_CPS 290
-#define OID_POLICY_QUALIFIER_UNOTICE 291
-#define OID_SERVER_AUTH 293
-#define OID_CLIENT_AUTH 294
-#define OID_OCSP_SIGNING 301
-#define OID_XMPP_ADDR 307
-#define OID_AUTHENTICATION_INFO 311
-#define OID_ACCESS_IDENTITY 312
-#define OID_CHARGING_IDENTITY 313
-#define OID_GROUP 314
-#define OID_OCSP 317
-#define OID_BASIC 318
-#define OID_NONCE 319
-#define OID_CRL 320
-#define OID_RESPONSE 321
-#define OID_NO_CHECK 322
-#define OID_ARCHIVE_CUTOFF 323
-#define OID_SERVICE_LOCATOR 324
-#define OID_CA_ISSUERS 325
-#define OID_IKE_INTERMEDIATE 330
-#define OID_DES_CBC 334
-#define OID_SHA1 335
-#define OID_SHA1_WITH_RSA_OIW 336
-#define OID_ECGDSA_PUBKEY 355
-#define OID_ECGDSA_SIG_WITH_RIPEMD160 358
-#define OID_ECGDSA_SIG_WITH_SHA1 359
-#define OID_ECGDSA_SIG_WITH_SHA224 360
-#define OID_ECGDSA_SIG_WITH_SHA256 361
-#define OID_ECGDSA_SIG_WITH_SHA384 362
-#define OID_ECGDSA_SIG_WITH_SHA512 363
-#define OID_SECT163K1 386
-#define OID_SECT163R1 387
-#define OID_SECT239K1 388
-#define OID_SECT113R1 389
-#define OID_SECT113R2 390
-#define OID_SECT112R1 391
-#define OID_SECT112R2 392
-#define OID_SECT160R1 393
-#define OID_SECT160K1 394
-#define OID_SECT256K1 395
-#define OID_SECT163R2 396
-#define OID_SECT283K1 397
-#define OID_SECT283R1 398
-#define OID_SECT131R1 399
-#define OID_SECT131R2 400
-#define OID_SECT193R1 401
-#define OID_SECT193R2 402
-#define OID_SECT233K1 403
-#define OID_SECT233R1 404
-#define OID_SECT128R1 405
-#define OID_SECT128R2 406
-#define OID_SECT160R2 407
-#define OID_SECT192K1 408
-#define OID_SECT224K1 409
-#define OID_SECT224R1 410
-#define OID_SECT384R1 411
-#define OID_SECT521R1 412
-#define OID_SECT409K1 413
-#define OID_SECT409R1 414
-#define OID_SECT571K1 415
-#define OID_SECT571R1 416
-#define OID_AES128_CBC 425
-#define OID_AES128_GCM 426
-#define OID_AES128_CCM 427
-#define OID_AES192_CBC 428
-#define OID_AES192_GCM 429
-#define OID_AES192_CCM 430
-#define OID_AES256_CBC 431
-#define OID_AES256_GCM 432
-#define OID_AES256_CCM 433
-#define OID_SHA256 435
-#define OID_SHA384 436
-#define OID_SHA512 437
-#define OID_SHA224 438
-#define OID_SHA3_224 441
-#define OID_SHA3_256 442
-#define OID_SHA3_384 443
-#define OID_SHA3_512 444
-#define OID_NS_REVOCATION_URL 452
-#define OID_NS_CA_REVOCATION_URL 453
-#define OID_NS_CA_POLICY_URL 454
-#define OID_NS_COMMENT 455
-#define OID_EMPLOYEE_NUMBER 458
-#define OID_PKI_MESSAGE_TYPE 464
-#define OID_PKI_STATUS 465
-#define OID_PKI_FAIL_INFO 466
-#define OID_PKI_SENDER_NONCE 467
-#define OID_PKI_RECIPIENT_NONCE 468
-#define OID_PKI_TRANS_ID 469
-#define OID_TPM_MANUFACTURER 475
-#define OID_TPM_MODEL 476
-#define OID_TPM_VERSION 477
-#define OID_TPM_ID_LABEL 478
+#define OID_DMD_NAME 36
+#define OID_PSEUDONYM 37
+#define OID_ROLE 38
+#define OID_SUBJECT_KEY_ID 41
+#define OID_KEY_USAGE 42
+#define OID_SUBJECT_ALT_NAME 44
+#define OID_BASIC_CONSTRAINTS 46
+#define OID_CRL_NUMBER 47
+#define OID_CRL_REASON_CODE 48
+#define OID_DELTA_CRL_INDICATOR 51
+#define OID_ISSUING_DIST_POINT 52
+#define OID_NAME_CONSTRAINTS 54
+#define OID_CRL_DISTRIBUTION_POINTS 55
+#define OID_CERTIFICATE_POLICIES 56
+#define OID_ANY_POLICY 57
+#define OID_POLICY_MAPPINGS 58
+#define OID_AUTHORITY_KEY_ID 59
+#define OID_POLICY_CONSTRAINTS 60
+#define OID_EXTENDED_KEY_USAGE 61
+#define OID_FRESHEST_CRL 63
+#define OID_INHIBIT_ANY_POLICY 64
+#define OID_TARGET_INFORMATION 65
+#define OID_NO_REV_AVAIL 66
+#define OID_CAMELLIA128_CBC 77
+#define OID_CAMELLIA192_CBC 78
+#define OID_CAMELLIA256_CBC 79
+#define OID_RSA_ENCRYPTION 92
+#define OID_MD2_WITH_RSA 93
+#define OID_MD5_WITH_RSA 94
+#define OID_SHA1_WITH_RSA 95
+#define OID_RSAES_OAEP 96
+#define OID_SHA256_WITH_RSA 99
+#define OID_SHA384_WITH_RSA 100
+#define OID_SHA512_WITH_RSA 101
+#define OID_SHA224_WITH_RSA 102
+#define OID_PBE_MD5_DES_CBC 104
+#define OID_PBE_SHA1_DES_CBC 105
+#define OID_PBKDF2 106
+#define OID_PBES2 107
+#define OID_PKCS7_DATA 109
+#define OID_PKCS7_SIGNED_DATA 110
+#define OID_PKCS7_ENVELOPED_DATA 111
+#define OID_PKCS7_SIGNED_ENVELOPED_DATA 112
+#define OID_PKCS7_DIGESTED_DATA 113
+#define OID_PKCS7_ENCRYPTED_DATA 114
+#define OID_EMAIL_ADDRESS 116
+#define OID_UNSTRUCTURED_NAME 117
+#define OID_PKCS9_CONTENT_TYPE 118
+#define OID_PKCS9_MESSAGE_DIGEST 119
+#define OID_PKCS9_SIGNING_TIME 120
+#define OID_CHALLENGE_PASSWORD 122
+#define OID_UNSTRUCTURED_ADDRESS 123
+#define OID_EXTENSION_REQUEST 124
+#define OID_X509_CERTIFICATE 127
+#define OID_PBE_SHA1_RC4_128 131
+#define OID_PBE_SHA1_RC4_40 132
+#define OID_PBE_SHA1_3DES_CBC 133
+#define OID_PBE_SHA1_3DES_2KEY_CBC 134
+#define OID_PBE_SHA1_RC2_CBC_128 135
+#define OID_PBE_SHA1_RC2_CBC_40 136
+#define OID_P12_KEY_BAG 139
+#define OID_P12_PKCS8_KEY_BAG 140
+#define OID_P12_CERT_BAG 141
+#define OID_P12_CRL_BAG 142
+#define OID_MD2 146
+#define OID_MD5 147
+#define OID_3DES_EDE_CBC 149
+#define OID_EC_PUBLICKEY 153
+#define OID_C2PNB163V1 156
+#define OID_C2PNB163V2 157
+#define OID_C2PNB163V3 158
+#define OID_C2PNB176W1 159
+#define OID_C2PNB191V1 160
+#define OID_C2PNB191V2 161
+#define OID_C2PNB191V3 162
+#define OID_C2PNB191V4 163
+#define OID_C2PNB191V5 164
+#define OID_C2PNB208W1 165
+#define OID_C2PNB239V1 166
+#define OID_C2PNB239V2 167
+#define OID_C2PNB239V3 168
+#define OID_C2PNB239V4 169
+#define OID_C2PNB239V5 170
+#define OID_C2PNB272W1 171
+#define OID_C2PNB304W1 172
+#define OID_C2PNB359V1 173
+#define OID_C2PNB368W1 174
+#define OID_C2PNB431R1 175
+#define OID_PRIME192V1 177
+#define OID_PRIME192V2 178
+#define OID_PRIME192V3 179
+#define OID_PRIME239V1 180
+#define OID_PRIME239V2 181
+#define OID_PRIME239V3 182
+#define OID_PRIME256V1 183
+#define OID_ECDSA_WITH_SHA1 185
+#define OID_ECDSA_WITH_SHA224 187
+#define OID_ECDSA_WITH_SHA256 188
+#define OID_ECDSA_WITH_SHA384 189
+#define OID_ECDSA_WITH_SHA512 190
+#define OID_MS_SMARTCARD_LOGON 204
+#define OID_USER_PRINCIPAL_NAME 205
+#define OID_STRONGSWAN 211
+#define OID_BLISS_PUBLICKEY 216
+#define OID_BLISS_I 218
+#define OID_BLISS_II 219
+#define OID_BLISS_III 220
+#define OID_BLISS_IV 221
+#define OID_BLISS_B_I 222
+#define OID_BLISS_B_II 223
+#define OID_BLISS_B_III 224
+#define OID_BLISS_B_IV 225
+#define OID_BLISS_WITH_SHA2_512 227
+#define OID_BLISS_WITH_SHA2_384 228
+#define OID_BLISS_WITH_SHA2_256 229
+#define OID_BLISS_WITH_SHA3_512 230
+#define OID_BLISS_WITH_SHA3_384 231
+#define OID_BLISS_WITH_SHA3_256 232
+#define OID_TCGID 239
+#define OID_BLOWFISH_CBC 243
+#define OID_AUTHORITY_INFO_ACCESS 287
+#define OID_IP_ADDR_BLOCKS 289
+#define OID_POLICY_QUALIFIER_CPS 291
+#define OID_POLICY_QUALIFIER_UNOTICE 292
+#define OID_SERVER_AUTH 294
+#define OID_CLIENT_AUTH 295
+#define OID_OCSP_SIGNING 302
+#define OID_XMPP_ADDR 308
+#define OID_AUTHENTICATION_INFO 312
+#define OID_ACCESS_IDENTITY 313
+#define OID_CHARGING_IDENTITY 314
+#define OID_GROUP 315
+#define OID_OCSP 318
+#define OID_BASIC 319
+#define OID_NONCE 320
+#define OID_CRL 321
+#define OID_RESPONSE 322
+#define OID_NO_CHECK 323
+#define OID_ARCHIVE_CUTOFF 324
+#define OID_SERVICE_LOCATOR 325
+#define OID_CA_ISSUERS 326
+#define OID_IKE_INTERMEDIATE 331
+#define OID_DES_CBC 335
+#define OID_SHA1 336
+#define OID_SHA1_WITH_RSA_OIW 337
+#define OID_ECGDSA_PUBKEY 356
+#define OID_ECGDSA_SIG_WITH_RIPEMD160 359
+#define OID_ECGDSA_SIG_WITH_SHA1 360
+#define OID_ECGDSA_SIG_WITH_SHA224 361
+#define OID_ECGDSA_SIG_WITH_SHA256 362
+#define OID_ECGDSA_SIG_WITH_SHA384 363
+#define OID_ECGDSA_SIG_WITH_SHA512 364
+#define OID_SECT163K1 387
+#define OID_SECT163R1 388
+#define OID_SECT239K1 389
+#define OID_SECT113R1 390
+#define OID_SECT113R2 391
+#define OID_SECT112R1 392
+#define OID_SECT112R2 393
+#define OID_SECT160R1 394
+#define OID_SECT160K1 395
+#define OID_SECT256K1 396
+#define OID_SECT163R2 397
+#define OID_SECT283K1 398
+#define OID_SECT283R1 399
+#define OID_SECT131R1 400
+#define OID_SECT131R2 401
+#define OID_SECT193R1 402
+#define OID_SECT193R2 403
+#define OID_SECT233K1 404
+#define OID_SECT233R1 405
+#define OID_SECT128R1 406
+#define OID_SECT128R2 407
+#define OID_SECT160R2 408
+#define OID_SECT192K1 409
+#define OID_SECT224K1 410
+#define OID_SECT224R1 411
+#define OID_SECT384R1 412
+#define OID_SECT521R1 413
+#define OID_SECT409K1 414
+#define OID_SECT409R1 415
+#define OID_SECT571K1 416
+#define OID_SECT571R1 417
+#define OID_AES128_CBC 426
+#define OID_AES128_GCM 427
+#define OID_AES128_CCM 428
+#define OID_AES192_CBC 429
+#define OID_AES192_GCM 430
+#define OID_AES192_CCM 431
+#define OID_AES256_CBC 432
+#define OID_AES256_GCM 433
+#define OID_AES256_CCM 434
+#define OID_SHA256 436
+#define OID_SHA384 437
+#define OID_SHA512 438
+#define OID_SHA224 439
+#define OID_SHA3_224 442
+#define OID_SHA3_256 443
+#define OID_SHA3_384 444
+#define OID_SHA3_512 445
+#define OID_NS_REVOCATION_URL 453
+#define OID_NS_CA_REVOCATION_URL 454
+#define OID_NS_CA_POLICY_URL 455
+#define OID_NS_COMMENT 456
+#define OID_EMPLOYEE_NUMBER 459
+#define OID_PKI_MESSAGE_TYPE 465
+#define OID_PKI_STATUS 466
+#define OID_PKI_FAIL_INFO 467
+#define OID_PKI_SENDER_NONCE 468
+#define OID_PKI_RECIPIENT_NONCE 469
+#define OID_PKI_TRANS_ID 470
+#define OID_TPM_MANUFACTURER 476
+#define OID_TPM_MODEL 477
+#define OID_TPM_VERSION 478
+#define OID_TPM_ID_LABEL 479
-#define OID_MAX 479
+#define OID_MAX 480
#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index b5ec15f3c..eeeb234c7 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -34,6 +34,7 @@
0x2B "I" OID_INITIALS
0x2D "ID" OID_UNIQUE_IDENTIFIER
0x2E "dnQualifier" OID_DN_QUALIFIER
+ 0x36 "dmdName" OID_DMD_NAME
0x41 "pseudonym" OID_PSEUDONYM
0x48 "role" OID_ROLE
0x1D "id-ce"
diff --git a/src/libstrongswan/bio/bio_reader.c b/src/libstrongswan/bio/bio_reader.c
index 29b9e7279..6e35999ce 100644
--- a/src/libstrongswan/bio/bio_reader.c
+++ b/src/libstrongswan/bio/bio_reader.c
@@ -43,7 +43,7 @@ struct private_bio_reader_t {
chunk_t cleanup;
};
-METHOD(bio_reader_t, remaining, u_int32_t,
+METHOD(bio_reader_t, remaining, uint32_t,
private_bio_reader_t *this)
{
return this->buf.len;
@@ -76,16 +76,16 @@ static inline chunk_t chunk_skip_end(chunk_t chunk, size_t bytes, bool from_end)
/**
* Returns a pointer to the data to read, optionally from the end
*/
-static inline u_char *get_ptr_end(private_bio_reader_t *this, u_int32_t len,
+static inline u_char *get_ptr_end(private_bio_reader_t *this, uint32_t len,
bool from_end)
{
return from_end ? this->buf.ptr + (this->buf.len - len) : this->buf.ptr;
}
/**
- * Read an u_int8_t from the buffer, optionally from the end of the buffer
+ * Read an uint8_t from the buffer, optionally from the end of the buffer
*/
-static bool read_uint8_internal(private_bio_reader_t *this, u_int8_t *res,
+static bool read_uint8_internal(private_bio_reader_t *this, uint8_t *res,
bool from_end)
{
if (this->buf.len < 1)
@@ -100,9 +100,9 @@ static bool read_uint8_internal(private_bio_reader_t *this, u_int8_t *res,
}
/**
- * Read an u_int16_t from the buffer, optionally from the end
+ * Read an uint16_t from the buffer, optionally from the end
*/
-static bool read_uint16_internal(private_bio_reader_t *this, u_int16_t *res,
+static bool read_uint16_internal(private_bio_reader_t *this, uint16_t *res,
bool from_end)
{
if (this->buf.len < 2)
@@ -117,9 +117,9 @@ static bool read_uint16_internal(private_bio_reader_t *this, u_int16_t *res,
}
/**
- * Read an u_int32_t (only 24-bit) from the buffer, optionally from the end
+ * Read an uint32_t (only 24-bit) from the buffer, optionally from the end
*/
-static bool read_uint24_internal(private_bio_reader_t *this, u_int32_t *res,
+static bool read_uint24_internal(private_bio_reader_t *this, uint32_t *res,
bool from_end)
{
if (this->buf.len < 3)
@@ -134,9 +134,9 @@ static bool read_uint24_internal(private_bio_reader_t *this, u_int32_t *res,
}
/**
- * Read an u_int32_t from the buffer, optionally from the end
+ * Read an uint32_t from the buffer, optionally from the end
*/
-static bool read_uint32_internal(private_bio_reader_t *this, u_int32_t *res,
+static bool read_uint32_internal(private_bio_reader_t *this, uint32_t *res,
bool from_end)
{
if (this->buf.len < 4)
@@ -151,9 +151,9 @@ static bool read_uint32_internal(private_bio_reader_t *this, u_int32_t *res,
}
/**
- * Read an u_int64_t from the buffer, optionally from the end
+ * Read an uint64_t from the buffer, optionally from the end
*/
-static bool read_uint64_internal(private_bio_reader_t *this, u_int64_t *res,
+static bool read_uint64_internal(private_bio_reader_t *this, uint64_t *res,
bool from_end)
{
if (this->buf.len < 8)
@@ -170,7 +170,7 @@ static bool read_uint64_internal(private_bio_reader_t *this, u_int64_t *res,
/**
* Read a chunk of data from the buffer, optionally from the end
*/
-static bool read_data_internal(private_bio_reader_t *this, u_int32_t len,
+static bool read_data_internal(private_bio_reader_t *this, uint32_t len,
chunk_t *res, bool from_end)
{
if (this->buf.len < len)
@@ -185,73 +185,73 @@ static bool read_data_internal(private_bio_reader_t *this, u_int32_t len,
}
METHOD(bio_reader_t, read_uint8, bool,
- private_bio_reader_t *this, u_int8_t *res)
+ private_bio_reader_t *this, uint8_t *res)
{
return read_uint8_internal(this, res, FALSE);
}
METHOD(bio_reader_t, read_uint16, bool,
- private_bio_reader_t *this, u_int16_t *res)
+ private_bio_reader_t *this, uint16_t *res)
{
return read_uint16_internal(this, res, FALSE);
}
METHOD(bio_reader_t, read_uint24, bool,
- private_bio_reader_t *this, u_int32_t *res)
+ private_bio_reader_t *this, uint32_t *res)
{
return read_uint24_internal(this, res, FALSE);
}
METHOD(bio_reader_t, read_uint32, bool,
- private_bio_reader_t *this, u_int32_t *res)
+ private_bio_reader_t *this, uint32_t *res)
{
return read_uint32_internal(this, res, FALSE);
}
METHOD(bio_reader_t, read_uint64, bool,
- private_bio_reader_t *this, u_int64_t *res)
+ private_bio_reader_t *this, uint64_t *res)
{
return read_uint64_internal(this, res, FALSE);
}
METHOD(bio_reader_t, read_data, bool,
- private_bio_reader_t *this, u_int32_t len, chunk_t *res)
+ private_bio_reader_t *this, uint32_t len, chunk_t *res)
{
return read_data_internal(this, len, res, FALSE);
}
METHOD(bio_reader_t, read_uint8_end, bool,
- private_bio_reader_t *this, u_int8_t *res)
+ private_bio_reader_t *this, uint8_t *res)
{
return read_uint8_internal(this, res, TRUE);
}
METHOD(bio_reader_t, read_uint16_end, bool,
- private_bio_reader_t *this, u_int16_t *res)
+ private_bio_reader_t *this, uint16_t *res)
{
return read_uint16_internal(this, res, TRUE);
}
METHOD(bio_reader_t, read_uint24_end, bool,
- private_bio_reader_t *this, u_int32_t *res)
+ private_bio_reader_t *this, uint32_t *res)
{
return read_uint24_internal(this, res, TRUE);
}
METHOD(bio_reader_t, read_uint32_end, bool,
- private_bio_reader_t *this, u_int32_t *res)
+ private_bio_reader_t *this, uint32_t *res)
{
return read_uint32_internal(this, res, TRUE);
}
METHOD(bio_reader_t, read_uint64_end, bool,
- private_bio_reader_t *this, u_int64_t *res)
+ private_bio_reader_t *this, uint64_t *res)
{
return read_uint64_internal(this, res, TRUE);
}
METHOD(bio_reader_t, read_data_end, bool,
- private_bio_reader_t *this, u_int32_t len, chunk_t *res)
+ private_bio_reader_t *this, uint32_t len, chunk_t *res)
{
return read_data_internal(this, len, res, TRUE);
}
@@ -259,7 +259,7 @@ METHOD(bio_reader_t, read_data_end, bool,
METHOD(bio_reader_t, read_data8, bool,
private_bio_reader_t *this, chunk_t *res)
{
- u_int8_t len;
+ uint8_t len;
if (!read_uint8(this, &len))
{
@@ -271,7 +271,7 @@ METHOD(bio_reader_t, read_data8, bool,
METHOD(bio_reader_t, read_data16, bool,
private_bio_reader_t *this, chunk_t *res)
{
- u_int16_t len;
+ uint16_t len;
if (!read_uint16(this, &len))
{
@@ -283,7 +283,7 @@ METHOD(bio_reader_t, read_data16, bool,
METHOD(bio_reader_t, read_data24, bool,
private_bio_reader_t *this, chunk_t *res)
{
- u_int32_t len;
+ uint32_t len;
if (!read_uint24(this, &len))
{
@@ -295,7 +295,7 @@ METHOD(bio_reader_t, read_data24, bool,
METHOD(bio_reader_t, read_data32, bool,
private_bio_reader_t *this, chunk_t *res)
{
- u_int32_t len;
+ uint32_t len;
if (!read_uint32(this, &len))
{
diff --git a/src/libstrongswan/bio/bio_reader.h b/src/libstrongswan/bio/bio_reader.h
index 475422428..358993c4f 100644
--- a/src/libstrongswan/bio/bio_reader.h
+++ b/src/libstrongswan/bio/bio_reader.h
@@ -40,7 +40,7 @@ struct bio_reader_t {
*
* @return number of remaining bytes in buffer
*/
- u_int32_t (*remaining)(bio_reader_t *this);
+ uint32_t (*remaining)(bio_reader_t *this);
/**
* Peek the remaining data, not consuming any bytes.
@@ -55,7 +55,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint8)(bio_reader_t *this, u_int8_t *res);
+ bool (*read_uint8)(bio_reader_t *this, uint8_t *res);
/**
* Read a 16-bit integer from the buffer, advance.
@@ -63,7 +63,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint16)(bio_reader_t *this, u_int16_t *res);
+ bool (*read_uint16)(bio_reader_t *this, uint16_t *res);
/**
* Read a 24-bit integer from the buffer, advance.
@@ -71,7 +71,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint24)(bio_reader_t *this, u_int32_t *res);
+ bool (*read_uint24)(bio_reader_t *this, uint32_t *res);
/**
* Read a 32-bit integer from the buffer, advance.
@@ -79,7 +79,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint32)(bio_reader_t *this, u_int32_t *res);
+ bool (*read_uint32)(bio_reader_t *this, uint32_t *res);
/**
* Read a 64-bit integer from the buffer, advance.
@@ -87,7 +87,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint64)(bio_reader_t *this, u_int64_t *res);
+ bool (*read_uint64)(bio_reader_t *this, uint64_t *res);
/**
* Read a chunk of len bytes, advance.
@@ -96,7 +96,7 @@ struct bio_reader_t {
* @param res pointer to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data)(bio_reader_t *this, u_int32_t len, chunk_t *res);
+ bool (*read_data)(bio_reader_t *this, uint32_t len, chunk_t *res);
/**
* Read a 8-bit integer from the end of the buffer, reduce remaining.
@@ -104,7 +104,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint8_end)(bio_reader_t *this, u_int8_t *res);
+ bool (*read_uint8_end)(bio_reader_t *this, uint8_t *res);
/**
* Read a 16-bit integer from the end of the buffer, reduce remaining.
@@ -112,7 +112,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint16_end)(bio_reader_t *this, u_int16_t *res);
+ bool (*read_uint16_end)(bio_reader_t *this, uint16_t *res);
/**
* Read a 24-bit integer from the end of the buffer, reduce remaining.
@@ -120,7 +120,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint24_end)(bio_reader_t *this, u_int32_t *res);
+ bool (*read_uint24_end)(bio_reader_t *this, uint32_t *res);
/**
* Read a 32-bit integer from the end of the buffer, reduce remaining.
@@ -128,7 +128,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint32_end)(bio_reader_t *this, u_int32_t *res);
+ bool (*read_uint32_end)(bio_reader_t *this, uint32_t *res);
/**
* Read a 64-bit integer from the end of the buffer, reduce remaining.
@@ -136,7 +136,7 @@ struct bio_reader_t {
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint64_end)(bio_reader_t *this, u_int64_t *res);
+ bool (*read_uint64_end)(bio_reader_t *this, uint64_t *res);
/**
* Read a chunk of len bytes from the end of the buffer, reduce remaining.
@@ -145,7 +145,7 @@ struct bio_reader_t {
* @param res ponter to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data_end)(bio_reader_t *this, u_int32_t len, chunk_t *res);
+ bool (*read_data_end)(bio_reader_t *this, uint32_t len, chunk_t *res);
/**
* Read a chunk of bytes with a 8-bit length header, advance.
diff --git a/src/libstrongswan/bio/bio_writer.c b/src/libstrongswan/bio/bio_writer.c
index 152d9ce22..a21b376cf 100644
--- a/src/libstrongswan/bio/bio_writer.c
+++ b/src/libstrongswan/bio/bio_writer.c
@@ -65,7 +65,7 @@ static inline void increase(private_bio_writer_t *this, size_t required)
}
METHOD(bio_writer_t, write_uint8, void,
- private_bio_writer_t *this, u_int8_t value)
+ private_bio_writer_t *this, uint8_t value)
{
increase(this, 1);
this->buf.ptr[this->used] = value;
@@ -73,7 +73,7 @@ METHOD(bio_writer_t, write_uint8, void,
}
METHOD(bio_writer_t, write_uint16, void,
- private_bio_writer_t *this, u_int16_t value)
+ private_bio_writer_t *this, uint16_t value)
{
increase(this, 2);
htoun16(this->buf.ptr + this->used, value);
@@ -81,7 +81,7 @@ METHOD(bio_writer_t, write_uint16, void,
}
METHOD(bio_writer_t, write_uint24, void,
- private_bio_writer_t *this, u_int32_t value)
+ private_bio_writer_t *this, uint32_t value)
{
increase(this, 3);
value = htonl(value);
@@ -90,7 +90,7 @@ METHOD(bio_writer_t, write_uint24, void,
}
METHOD(bio_writer_t, write_uint32, void,
- private_bio_writer_t *this, u_int32_t value)
+ private_bio_writer_t *this, uint32_t value)
{
increase(this, 4);
htoun32(this->buf.ptr + this->used, value);
@@ -98,7 +98,7 @@ METHOD(bio_writer_t, write_uint32, void,
}
METHOD(bio_writer_t, write_uint64, void,
- private_bio_writer_t *this, u_int64_t value)
+ private_bio_writer_t *this, uint64_t value)
{
increase(this, 8);
htoun64(this->buf.ptr + this->used, value);
@@ -166,7 +166,7 @@ METHOD(bio_writer_t, wrap16, void,
METHOD(bio_writer_t, wrap24, void,
private_bio_writer_t *this)
{
- u_int32_t len;
+ uint32_t len;
increase(this, 3);
memmove(this->buf.ptr + 3, this->buf.ptr, this->used);
@@ -221,7 +221,7 @@ METHOD(bio_writer_t, destroy, void,
/**
* See header
*/
-bio_writer_t *bio_writer_create(u_int32_t bufsize)
+bio_writer_t *bio_writer_create(uint32_t bufsize)
{
private_bio_writer_t *this;
diff --git a/src/libstrongswan/bio/bio_writer.h b/src/libstrongswan/bio/bio_writer.h
index 2ac4f3556..b6e3db730 100644
--- a/src/libstrongswan/bio/bio_writer.h
+++ b/src/libstrongswan/bio/bio_writer.h
@@ -40,35 +40,35 @@ struct bio_writer_t {
*
* @param value value to append
*/
- void (*write_uint8)(bio_writer_t *this, u_int8_t value);
+ void (*write_uint8)(bio_writer_t *this, uint8_t value);
/**
* Append a 16-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint16)(bio_writer_t *this, u_int16_t value);
+ void (*write_uint16)(bio_writer_t *this, uint16_t value);
/**
* Append a 24-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint24)(bio_writer_t *this, u_int32_t value);
+ void (*write_uint24)(bio_writer_t *this, uint32_t value);
/**
* Append a 32-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint32)(bio_writer_t *this, u_int32_t value);
+ void (*write_uint32)(bio_writer_t *this, uint32_t value);
/**
* Append a 64-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint64)(bio_writer_t *this, u_int64_t value);
+ void (*write_uint64)(bio_writer_t *this, uint64_t value);
/**
* Append a chunk of data without a length header.
@@ -166,6 +166,6 @@ struct bio_writer_t {
*
* @param bufsize initially allocated buffer size
*/
-bio_writer_t *bio_writer_create(u_int32_t bufsize);
+bio_writer_t *bio_writer_create(uint32_t bufsize);
#endif /** BIO_WRITER_H_ @}*/
diff --git a/src/libstrongswan/collections/array.c b/src/libstrongswan/collections/array.c
index a45a68aaf..69e7df99e 100644
--- a/src/libstrongswan/collections/array.c
+++ b/src/libstrongswan/collections/array.c
@@ -42,13 +42,13 @@
*/
struct array_t {
/** number of elements currently in array (not counting head/tail) */
- u_int32_t count;
+ uint32_t count;
/** size of each element, 0 for a pointer based array */
- u_int16_t esize;
+ uint16_t esize;
/** allocated but unused elements at array front */
- u_int8_t head;
+ uint8_t head;
/** allocated but unused elements at array end */
- u_int8_t tail;
+ uint8_t tail;
/** array elements */
void *data;
};
@@ -64,7 +64,7 @@ struct array_t {
/**
* Get the actual size of a number of elements
*/
-static size_t get_size(array_t *array, u_int32_t num)
+static size_t get_size(array_t *array, uint32_t num)
{
if (array->esize)
{
@@ -76,7 +76,7 @@ static size_t get_size(array_t *array, u_int32_t num)
/**
* Increase allocated but unused tail room to at least "room"
*/
-static void make_tail_room(array_t *array, u_int8_t room)
+static void make_tail_room(array_t *array, uint8_t room)
{
if (array->tail < room)
{
@@ -89,11 +89,11 @@ static void make_tail_room(array_t *array, u_int8_t room)
/**
* Increase allocated but unused head room to at least "room"
*/
-static void make_head_room(array_t *array, u_int8_t room)
+static void make_head_room(array_t *array, uint8_t room)
{
if (array->head < room)
{
- u_int8_t increase = room - array->head;
+ uint8_t increase = room - array->head;
array->data = realloc(array->data,
get_size(array, array->count + array->tail + room));
@@ -158,7 +158,7 @@ static void remove_head(array_t *array, int idx)
array->head++;
}
-array_t *array_create(u_int esize, u_int8_t reserve)
+array_t *array_create(u_int esize, uint8_t reserve)
{
array_t *array;
@@ -186,7 +186,7 @@ void array_compress(array_t *array)
{
if (array)
{
- u_int32_t tail;
+ uint32_t tail;
tail = array->tail;
if (array->head)
diff --git a/src/libstrongswan/collections/array.h b/src/libstrongswan/collections/array.h
index c3be1a15d..d8a16b5df 100644
--- a/src/libstrongswan/collections/array.h
+++ b/src/libstrongswan/collections/array.h
@@ -68,7 +68,7 @@ typedef void (*array_callback_t)(void *data, int idx, void *user);
* @param reserve number of items to allocate space for
* @return array instance
*/
-array_t *array_create(u_int esize, u_int8_t reserve);
+array_t *array_create(u_int esize, uint8_t reserve);
/**
* Get the number of elements currently in the array.
diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h
index 6940069de..7191dc1bc 100644
--- a/src/libstrongswan/credentials/auth_cfg.h
+++ b/src/libstrongswan/credentials/auth_cfg.h
@@ -78,7 +78,7 @@ enum auth_rule_t {
AUTH_RULE_EAP_IDENTITY,
/** EAP type to propose for peer authentication, eap_type_t */
AUTH_RULE_EAP_TYPE,
- /** EAP vendor for vendor specific type, u_int32_t */
+ /** EAP vendor for vendor specific type, uint32_t */
AUTH_RULE_EAP_VENDOR,
/** XAUTH backend name to use, char* */
AUTH_RULE_XAUTH_BACKEND,
diff --git a/src/libstrongswan/credentials/containers/pkcs12.c b/src/libstrongswan/credentials/containers/pkcs12.c
index 7b812d27d..9e7815d04 100644
--- a/src/libstrongswan/credentials/containers/pkcs12.c
+++ b/src/libstrongswan/credentials/containers/pkcs12.c
@@ -42,8 +42,8 @@ static inline void copy_chunk(chunk_t dst, chunk_t src)
*/
static void add_chunks(chunk_t a, chunk_t b)
{
- u_int16_t sum;
- u_int8_t rem = 0;
+ uint16_t sum;
+ uint8_t rem = 0;
ssize_t i, j;
for (i = a.len - 1, j = b.len -1; i >= 0 && j >= 0; i--, j--)
@@ -64,12 +64,12 @@ static void add_chunks(chunk_t a, chunk_t b)
* Do the actual key derivation with the given hasher, password and id.
*/
static bool derive_key(hash_algorithm_t hash, chunk_t unicode, chunk_t salt,
- u_int64_t iterations, char id, chunk_t result)
+ uint64_t iterations, char id, chunk_t result)
{
chunk_t out = result, D, S, P = chunk_empty, I, Ai, B, Ij;
hasher_t *hasher;
size_t Slen, v, u;
- u_int64_t i;
+ uint64_t i;
bool success = FALSE;
hasher = lib->crypto->create_hasher(lib->crypto, hash);
@@ -149,7 +149,7 @@ end:
* Described in header
*/
bool pkcs12_derive_key(hash_algorithm_t hash, chunk_t password, chunk_t salt,
- u_int64_t iterations, pkcs12_key_type_t type, chunk_t key)
+ uint64_t iterations, pkcs12_key_type_t type, chunk_t key)
{
chunk_t unicode = chunk_empty;
bool success;
diff --git a/src/libstrongswan/credentials/containers/pkcs12.h b/src/libstrongswan/credentials/containers/pkcs12.h
index f22ef045a..fc4fb39ce 100644
--- a/src/libstrongswan/credentials/containers/pkcs12.h
+++ b/src/libstrongswan/credentials/containers/pkcs12.h
@@ -73,6 +73,6 @@ struct pkcs12_t {
* @return TRUE on success
*/
bool pkcs12_derive_key(hash_algorithm_t hash, chunk_t password, chunk_t salt,
- u_int64_t iterations, pkcs12_key_type_t type, chunk_t key);
+ uint64_t iterations, pkcs12_key_type_t type, chunk_t key);
#endif /** PKCS12_H_ @}*/
diff --git a/src/libstrongswan/credentials/sets/mem_cred.c b/src/libstrongswan/credentials/sets/mem_cred.c
index 4884c4bfa..988e709ad 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.c
+++ b/src/libstrongswan/credentials/sets/mem_cred.c
@@ -250,6 +250,7 @@ METHOD(mem_cred_t, add_crl, bool,
if (new)
{
this->untrusted->remove_at(this->untrusted, enumerator);
+ current->destroy(current);
}
else
{
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index b0b86372c..35dcf25ac 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -347,6 +347,10 @@ METHOD(crypto_factory_t, create_nonce_gen, nonce_gen_t*,
while (enumerator->enumerate(enumerator, &entry))
{
nonce_gen = entry->create_nonce_gen();
+ if (nonce_gen)
+ {
+ break;
+ }
}
enumerator->destroy(enumerator);
this->lock->unlock(this->lock);
diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h
index 272502cf0..2d28b207d 100644
--- a/src/libstrongswan/crypto/hashers/hasher.h
+++ b/src/libstrongswan/crypto/hashers/hasher.h
@@ -90,7 +90,7 @@ struct hasher_t {
* @return TRUE if hash created successfully
*/
bool (*get_hash)(hasher_t *this, chunk_t data,
- u_int8_t *hash) __attribute__((warn_unused_result));
+ uint8_t *hash) __attribute__((warn_unused_result));
/**
* Hash data and allocate space for the hash.
diff --git a/src/libstrongswan/crypto/iv/iv_gen.h b/src/libstrongswan/crypto/iv/iv_gen.h
index 81b0701ce..292fc329f 100644
--- a/src/libstrongswan/crypto/iv/iv_gen.h
+++ b/src/libstrongswan/crypto/iv/iv_gen.h
@@ -38,8 +38,8 @@ struct iv_gen_t {
* @param buffer pointer where the generated IV will be written
* @return TRUE if IV allocation was successful, FALSE otherwise
*/
- bool (*get_iv)(iv_gen_t *this, u_int64_t seq, size_t size,
- u_int8_t *buffer) __attribute__((warn_unused_result));
+ bool (*get_iv)(iv_gen_t *this, uint64_t seq, size_t size,
+ uint8_t *buffer) __attribute__((warn_unused_result));
/**
* Generates an IV and allocates space for it.
@@ -49,7 +49,7 @@ struct iv_gen_t {
* @param chunk chunk which will hold the generated IV
* @return TRUE if IV allocation was successful, FALSE otherwise
*/
- bool (*allocate_iv)(iv_gen_t *this, u_int64_t seq, size_t size,
+ bool (*allocate_iv)(iv_gen_t *this, uint64_t seq, size_t size,
chunk_t *chunk) __attribute__((warn_unused_result));
/**
diff --git a/src/libstrongswan/crypto/iv/iv_gen_null.c b/src/libstrongswan/crypto/iv/iv_gen_null.c
index b13de0674..3b8f93986 100644
--- a/src/libstrongswan/crypto/iv/iv_gen_null.c
+++ b/src/libstrongswan/crypto/iv/iv_gen_null.c
@@ -29,13 +29,13 @@ struct private_iv_gen_t {
};
METHOD(iv_gen_t, get_iv, bool,
- private_iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer)
+ private_iv_gen_t *this, uint64_t seq, size_t size, uint8_t *buffer)
{
return size == 0;
}
METHOD(iv_gen_t, allocate_iv, bool,
- private_iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk)
+ private_iv_gen_t *this, uint64_t seq, size_t size, chunk_t *chunk)
{
*chunk = chunk_empty;
return size == 0;
diff --git a/src/libstrongswan/crypto/iv/iv_gen_rand.c b/src/libstrongswan/crypto/iv/iv_gen_rand.c
index 2bed63fcc..1474b3a12 100644
--- a/src/libstrongswan/crypto/iv/iv_gen_rand.c
+++ b/src/libstrongswan/crypto/iv/iv_gen_rand.c
@@ -36,7 +36,7 @@ struct private_iv_gen_t {
};
METHOD(iv_gen_t, get_iv, bool,
- private_iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer)
+ private_iv_gen_t *this, uint64_t seq, size_t size, uint8_t *buffer)
{
if (!this->rng)
{
@@ -46,7 +46,7 @@ METHOD(iv_gen_t, get_iv, bool,
}
METHOD(iv_gen_t, allocate_iv, bool,
- private_iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk)
+ private_iv_gen_t *this, uint64_t seq, size_t size, chunk_t *chunk)
{
if (!this->rng)
{
diff --git a/src/libstrongswan/crypto/iv/iv_gen_seq.c b/src/libstrongswan/crypto/iv/iv_gen_seq.c
index 9f99c5192..56620291c 100644
--- a/src/libstrongswan/crypto/iv/iv_gen_seq.c
+++ b/src/libstrongswan/crypto/iv/iv_gen_seq.c
@@ -18,7 +18,7 @@
/**
* Magic value for the initial IV state
*/
-#define SEQ_IV_INIT_STATE (~(u_int64_t)0)
+#define SEQ_IV_INIT_STATE (~(uint64_t)0)
#define SEQ_IV_HIGH_MASK (1ULL << 63)
typedef struct private_iv_gen_t private_iv_gen_t;
@@ -36,30 +36,30 @@ struct private_iv_gen_t {
/**
* Previously passed sequence number in lower space to enforce uniqueness
*/
- u_int64_t prevl;
+ uint64_t prevl;
/**
* Previously passed sequence number in upper space to enforce uniqueness
*/
- u_int64_t prevh;
+ uint64_t prevh;
/**
* Salt to mask counter
*/
- u_int8_t *salt;
+ uint8_t *salt;
};
METHOD(iv_gen_t, get_iv, bool,
- private_iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer)
+ private_iv_gen_t *this, uint64_t seq, size_t size, uint8_t *buffer)
{
- u_int8_t iv[sizeof(u_int64_t)];
+ uint8_t iv[sizeof(uint64_t)];
size_t len = size;
if (!this->salt)
{
return FALSE;
}
- if (size < sizeof(u_int64_t))
+ if (size < sizeof(uint64_t))
{
return FALSE;
}
@@ -83,19 +83,19 @@ METHOD(iv_gen_t, get_iv, bool,
{
this->prevl = seq;
}
- if (len > sizeof(u_int64_t))
+ if (len > sizeof(uint64_t))
{
- len = sizeof(u_int64_t);
+ len = sizeof(uint64_t);
memset(buffer, 0, size - len);
}
htoun64(iv, seq);
- memxor(iv, this->salt, sizeof(u_int64_t));
- memcpy(buffer + size - len, iv + sizeof(u_int64_t) - len, len);
+ memxor(iv, this->salt, sizeof(uint64_t));
+ memcpy(buffer + size - len, iv + sizeof(uint64_t) - len, len);
return TRUE;
}
METHOD(iv_gen_t, allocate_iv, bool,
- private_iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk)
+ private_iv_gen_t *this, uint64_t seq, size_t size, chunk_t *chunk)
{
*chunk = chunk_alloc(size);
if (!get_iv(this, seq, chunk->len, chunk->ptr))
@@ -131,8 +131,8 @@ iv_gen_t *iv_gen_seq_create()
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
if (rng)
{
- this->salt = malloc(sizeof(u_int64_t));
- if (!rng->get_bytes(rng, sizeof(u_int64_t), this->salt))
+ this->salt = malloc(sizeof(uint64_t));
+ if (!rng->get_bytes(rng, sizeof(uint64_t), this->salt))
{
free(this->salt);
this->salt = NULL;
diff --git a/src/libstrongswan/crypto/mac.h b/src/libstrongswan/crypto/mac.h
index f7b43ba39..f23c6750f 100644
--- a/src/libstrongswan/crypto/mac.h
+++ b/src/libstrongswan/crypto/mac.h
@@ -47,7 +47,7 @@ struct mac_t {
* @return TRUE if mac generated successfully
*/
bool (*get_mac)(mac_t *this, chunk_t data,
- u_int8_t *out) __attribute__((warn_unused_result));
+ uint8_t *out) __attribute__((warn_unused_result));
/**
* Get the size of the resulting MAC.
diff --git a/src/libstrongswan/crypto/mgf1/mgf1.c b/src/libstrongswan/crypto/mgf1/mgf1.c
index 4bbcd6e99..5116dfefa 100644
--- a/src/libstrongswan/crypto/mgf1/mgf1.c
+++ b/src/libstrongswan/crypto/mgf1/mgf1.c
@@ -39,7 +39,7 @@ struct private_mgf1_t {
/**
* Counter
*/
- u_int32_t counter;
+ uint32_t counter;
/**
* Set if counter has reached 2^32
diff --git a/src/libstrongswan/crypto/nonce_gen.h b/src/libstrongswan/crypto/nonce_gen.h
index 7dae4f776..98d159e12 100644
--- a/src/libstrongswan/crypto/nonce_gen.h
+++ b/src/libstrongswan/crypto/nonce_gen.h
@@ -38,7 +38,7 @@ struct nonce_gen_t {
* @return TRUE if nonce allocation was successful, FALSE otherwise
*/
bool (*get_nonce)(nonce_gen_t *this, size_t size,
- u_int8_t *buffer) __attribute__((warn_unused_result));
+ uint8_t *buffer) __attribute__((warn_unused_result));
/**
* Generates a nonce and allocates space for it.
diff --git a/src/libstrongswan/crypto/pkcs5.c b/src/libstrongswan/crypto/pkcs5.c
index 478926f2f..8a1452425 100644
--- a/src/libstrongswan/crypto/pkcs5.c
+++ b/src/libstrongswan/crypto/pkcs5.c
@@ -41,7 +41,7 @@ struct private_pkcs5_t {
/**
* Iterations for key derivation
*/
- u_int64_t iterations;
+ uint64_t iterations;
/**
* Encryption algorithm
@@ -110,7 +110,7 @@ struct private_pkcs5_t {
*/
static bool verify_padding(crypter_t *crypter, chunk_t *blob)
{
- u_int8_t padding, count;
+ uint8_t padding, count;
padding = count = blob->ptr[blob->len - 1];
@@ -181,10 +181,10 @@ static bool pkcs12_kdf(private_pkcs5_t *this, chunk_t password, chunk_t keymat)
* Function F of PBKDF2
*/
static bool pbkdf2_f(chunk_t block, prf_t *prf, chunk_t seed,
- u_int64_t iterations)
+ uint64_t iterations)
{
chunk_t u;
- u_int64_t i;
+ uint64_t i;
u = chunk_alloca(prf->get_block_size(prf));
if (!prf->get_bytes(prf, seed, u.ptr))
@@ -212,7 +212,7 @@ static bool pbkdf2(private_pkcs5_t *this, chunk_t password, chunk_t key)
prf_t *prf;
chunk_t keymat, block, seed;
size_t blocks;
- u_int32_t i = 0;
+ uint32_t i = 0;
prf = this->data.pbes2.prf;
@@ -247,7 +247,7 @@ static bool pbkdf1(private_pkcs5_t *this, chunk_t password, chunk_t key)
{
hasher_t *hasher;
chunk_t hash;
- u_int64_t i;
+ uint64_t i;
hasher = this->data.pbes1.hasher;
diff --git a/src/libstrongswan/crypto/prf_plus.c b/src/libstrongswan/crypto/prf_plus.c
index 94be1d5bf..6b7f8f851 100644
--- a/src/libstrongswan/crypto/prf_plus.c
+++ b/src/libstrongswan/crypto/prf_plus.c
@@ -44,7 +44,7 @@ struct private_prf_plus_t {
/**
* Octet which will be appended to the seed, 0 if not used
*/
- u_int8_t counter;
+ uint8_t counter;
/**
* Already given out bytes in current buffer.
@@ -58,7 +58,7 @@ struct private_prf_plus_t {
};
METHOD(prf_plus_t, get_bytes, bool,
- private_prf_plus_t *this, size_t length, u_int8_t *buffer)
+ private_prf_plus_t *this, size_t length, uint8_t *buffer)
{
size_t round, written = 0;
diff --git a/src/libstrongswan/crypto/prf_plus.h b/src/libstrongswan/crypto/prf_plus.h
index f994dce16..2c4b8852d 100644
--- a/src/libstrongswan/crypto/prf_plus.h
+++ b/src/libstrongswan/crypto/prf_plus.h
@@ -39,7 +39,7 @@ struct prf_plus_t {
* @return TRUE if bytes generated successfully
*/
bool (*get_bytes)(prf_plus_t *this, size_t length,
- u_int8_t *buffer) __attribute__((warn_unused_result));
+ uint8_t *buffer) __attribute__((warn_unused_result));
/**
* Allocate pseudo random bytes.
diff --git a/src/libstrongswan/crypto/prfs/mac_prf.c b/src/libstrongswan/crypto/prfs/mac_prf.c
index b5f6be982..3f8eb7e5c 100644
--- a/src/libstrongswan/crypto/prfs/mac_prf.c
+++ b/src/libstrongswan/crypto/prfs/mac_prf.c
@@ -36,7 +36,7 @@ struct private_prf_t {
};
METHOD(prf_t, get_bytes, bool,
- private_prf_t *this, chunk_t seed, u_int8_t *buffer)
+ private_prf_t *this, chunk_t seed, uint8_t *buffer)
{
return this->mac->get_mac(this->mac, seed, buffer);
}
diff --git a/src/libstrongswan/crypto/prfs/prf.h b/src/libstrongswan/crypto/prfs/prf.h
index 46e23b244..bf443e5f4 100644
--- a/src/libstrongswan/crypto/prfs/prf.h
+++ b/src/libstrongswan/crypto/prfs/prf.h
@@ -80,7 +80,7 @@ struct prf_t {
* @return TRUE if bytes generated successfully
*/
bool (*get_bytes)(prf_t *this, chunk_t seed,
- u_int8_t *buffer) __attribute__((warn_unused_result));
+ uint8_t *buffer) __attribute__((warn_unused_result));
/**
* Generates pseudo random bytes and allocate space for them.
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c
index bbb97d088..282d40e7b 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c
@@ -134,7 +134,7 @@ METHOD(proposal_keywords_t, get_token, const proposal_token_t*,
METHOD(proposal_keywords_t, register_token, void,
private_proposal_keywords_t *this, const char *name, transform_type_t type,
- u_int16_t algorithm, u_int16_t keysize)
+ uint16_t algorithm, uint16_t keysize)
{
proposal_token_t *token;
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.h b/src/libstrongswan/crypto/proposal/proposal_keywords.h
index 5cdbafc51..856abdce6 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.h
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.h
@@ -69,12 +69,12 @@ struct proposal_token_t {
/**
* The IKE id of the algorithm.
*/
- u_int16_t algorithm;
+ uint16_t algorithm;
/**
* The key size associated with the specific algorithm.
*/
- u_int16_t keysize;
+ uint16_t keysize;
};
/**
@@ -100,8 +100,8 @@ struct proposal_keywords_t {
* @param keysize the key size associated with the specific algorithm
*/
void (*register_token)(proposal_keywords_t *this, const char *name,
- transform_type_t type, u_int16_t algorithm,
- u_int16_t keysize);
+ transform_type_t type, uint16_t algorithm,
+ uint16_t keysize);
/**
* Register an algorithm name parser.
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
index 51b9d782d..ba4c895d7 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
@@ -55,16 +55,16 @@ error "gperf generated tables don't work with this execution character set. Plea
struct proposal_token {
char *name;
transform_type_t type;
- u_int16_t algorithm;
- u_int16_t keysize;
+ uint16_t algorithm;
+ uint16_t keysize;
};
-#define TOTAL_KEYWORDS 139
+#define TOTAL_KEYWORDS 140
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 17
-#define MIN_HASH_VALUE 18
-#define MAX_HASH_VALUE 276
-/* maximum key range = 259, duplicates = 0 */
+#define MIN_HASH_VALUE 11
+#define MAX_HASH_VALUE 266
+/* maximum key range = 256, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -80,32 +80,32 @@ hash (str, len)
{
static const unsigned short asso_values[] =
{
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 66, 6,
- 18, 39, 81, 30, 9, 27, 3, 0, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 105, 277, 33, 0, 6,
- 57, 60, 15, 96, 3, 0, 277, 277, 0, 0,
- 0, 18, 126, 30, 111, 24, 36, 159, 277, 277,
- 9, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277, 277, 277, 277,
- 277, 277, 277, 277, 277, 277, 277
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 71, 4,
+ 20, 6, 48, 32, 10, 30, 5, 3, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 97, 267, 4, 8, 18,
+ 56, 107, 107, 78, 10, 4, 267, 267, 3, 5,
+ 7, 4, 30, 92, 104, 3, 32, 145, 267, 267,
+ 3, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267, 267, 267, 267,
+ 267, 267, 267, 267, 267, 267, 267
};
register int hval = len;
@@ -144,177 +144,177 @@ hash (str, len)
static const struct proposal_token wordlist[] =
{
- {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
{"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
- {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
- {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
{"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
+ {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
{"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
+ {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"ntru128", DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0},
{"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
{"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0},
- {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
+ {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
{"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
- {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
+ {"ntru192", DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0},
+ {"ntru112", DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0},
+ {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
+ {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
+ {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
+ {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
+ {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
{"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
- {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
+ {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
+ {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
{"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
- {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
- {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
+ {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
{"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
- {"ntru128", DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0},
- {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
+ {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"ntru256", DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0},
{"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
- {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"ntru192", DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0},
- {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
+ {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
{"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"ntru112", DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0},
- {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
- {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
{"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
- {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
- {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
{"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
- {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
- {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
- {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
+ {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
{"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
+ {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
{"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"ntru256", DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0},
- {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
- {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
- {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
- {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
+ {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
{"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
- {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
+ {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
{"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
- {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
+ {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
+ {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
{"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
+ {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
+ {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
{"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
+ {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
+ {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
{"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
- {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
{"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
{"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
+ {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
{"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
- {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
- {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
{"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
- {"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
- {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
+ {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
- {"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
+ {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
{"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
- {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0},
+ {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
{"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
- {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
- {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
{"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
- {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
- {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
+ {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"modpnone", DIFFIE_HELLMAN_GROUP, MODP_NONE, 0},
+ {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
+ {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
+ {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
{"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
- {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
{"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
- {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
- {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
+ {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
{"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
- {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
- {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
+ {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
+ {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
{"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
- {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
- {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
- {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
- {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0},
- {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
- {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
- {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
+ {"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
+ {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
{"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
+ {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
{"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
- {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
- {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
- {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0},
- {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
+ {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
+ {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
+ {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
+ {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
+ {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
{"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0},
+ {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
+ {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
+ {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0},
+ {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
{"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
- {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
+ {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
{"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
+ {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
{"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0},
+ {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
+ {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
+ {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0},
+ {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
{"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
- {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
- {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
- {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
{"ecp384bp", DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0},
- {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
+ {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
{"chacha20poly1305", ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 256},
+ {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
+ {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
+ {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
{"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0},
- {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
- {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}
+ {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
+ {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
+ {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
+ {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
+ {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
+ {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0}
};
static const short lookup[] =
{
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, 0, -1,
- -1, -1, 1, 2, -1, 3, -1, 4, -1, -1,
- 5, -1, -1, 6, -1, 7, -1, 8, -1, -1,
- 9, -1, 10, 11, 12, 13, 14, 15, 16, 17,
- 18, 19, 20, 21, 22, 23, 24, 25, -1, 26,
- -1, 27, 28, -1, -1, 29, 30, 31, -1, 32,
- -1, 33, 34, 35, 36, -1, -1, 37, 38, -1,
- 39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
- 49, 50, 51, -1, 52, 53, 54, 55, 56, -1,
- 57, 58, 59, -1, -1, -1, 60, 61, 62, 63,
- -1, -1, 64, 65, -1, 66, -1, -1, 67, -1,
- -1, -1, -1, 68, -1, 69, -1, 70, 71, -1,
- 72, -1, -1, 73, 74, 75, 76, 77, 78, 79,
- 80, -1, 81, 82, 83, 84, 85, 86, 87, 88,
- 89, 90, 91, 92, -1, 93, 94, 95, 96, -1,
- 97, 98, -1, 99, 100, 101, -1, 102, -1, -1,
- 103, -1, -1, 104, 105, 106, 107, -1, 108, 109,
- -1, 110, 111, -1, -1, 112, 113, -1, 114, -1,
- -1, -1, -1, 115, -1, 116, 117, -1, 118, -1,
- 119, 120, 121, 122, 123, -1, 124, 125, -1, 126,
- -1, -1, 127, -1, 128, 129, -1, -1, 130, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- 131, -1, 132, 133, -1, -1, 134, -1, -1, -1,
- -1, 135, -1, -1, -1, -1, -1, -1, 136, -1,
+ -1, 0, -1, -1, 1, -1, -1, -1, -1, -1,
+ -1, -1, -1, 2, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, 3,
+ 4, -1, 5, -1, 6, 7, -1, 8, 9, -1,
+ -1, -1, -1, -1, -1, 10, -1, 11, 12, 13,
+ 14, -1, -1, -1, 15, -1, 16, 17, -1, 18,
+ 19, 20, 21, 22, 23, 24, 25, 26, 27, -1,
+ -1, -1, 28, 29, 30, -1, 31, -1, 32, 33,
+ 34, -1, 35, 36, 37, 38, -1, 39, 40, 41,
+ 42, -1, 43, 44, -1, -1, -1, -1, -1, 45,
+ -1, 46, 47, 48, 49, 50, 51, 52, 53, 54,
+ 55, 56, -1, 57, 58, 59, 60, 61, 62, 63,
+ 64, 65, 66, 67, 68, 69, 70, 71, 72, 73,
+ 74, 75, 76, 77, 78, 79, 80, 81, 82, 83,
+ 84, -1, 85, 86, -1, 87, 88, 89, 90, 91,
+ 92, -1, 93, 94, 95, 96, 97, 98, 99, 100,
+ -1, -1, 101, 102, 103, -1, -1, 104, 105, 106,
+ 107, 108, 109, -1, -1, 110, -1, 111, 112, 113,
+ 114, -1, 115, 116, -1, 117, 118, 119, 120, 121,
+ -1, -1, -1, -1, 122, 123, 124, -1, 125, -1,
+ -1, -1, 126, 127, 128, -1, 129, 130, 131, -1,
+ -1, 132, 133, -1, -1, -1, 134, -1, 135, 136,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, 137, -1, -1, -1, 138
+ -1, 137, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, 138, -1, -1, 139
};
#ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
index da92409ca..87602430d 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
@@ -25,8 +25,8 @@
struct proposal_token {
char *name;
transform_type_t type;
- u_int16_t algorithm;
- u_int16_t keysize;
+ uint16_t algorithm;
+ uint16_t keysize;
};
%%
null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0
@@ -141,6 +141,7 @@ prfmd5, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0
prfaesxcbc, PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0
prfcamelliaxcbc, PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0
prfaescmac, PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0
+modpnone, DIFFIE_HELLMAN_GROUP, MODP_NONE, 0
modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0
modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0
modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0
diff --git a/src/libstrongswan/crypto/rngs/rng.c b/src/libstrongswan/crypto/rngs/rng.c
index f8fd50d3f..1f39dedb8 100644
--- a/src/libstrongswan/crypto/rngs/rng.c
+++ b/src/libstrongswan/crypto/rngs/rng.c
@@ -25,9 +25,9 @@ ENUM(rng_quality_names, RNG_WEAK, RNG_TRUE,
/*
* Described in header.
*/
-bool rng_get_bytes_not_zero(rng_t *rng, size_t len, u_int8_t *buffer, bool all)
+bool rng_get_bytes_not_zero(rng_t *rng, size_t len, uint8_t *buffer, bool all)
{
- u_int8_t *pos = buffer, *check = buffer + (all ? len : min(1, len));
+ uint8_t *pos = buffer, *check = buffer + (all ? len : min(1, len));
if (!rng->get_bytes(rng, len, pos))
{
diff --git a/src/libstrongswan/crypto/rngs/rng.h b/src/libstrongswan/crypto/rngs/rng.h
index aee829d71..0ca2cb114 100644
--- a/src/libstrongswan/crypto/rngs/rng.h
+++ b/src/libstrongswan/crypto/rngs/rng.h
@@ -57,7 +57,7 @@ struct rng_t {
* @return TRUE if bytes successfully written
*/
bool (*get_bytes)(rng_t *this, size_t len,
- u_int8_t *buffer) __attribute__((warn_unused_result));
+ uint8_t *buffer) __attribute__((warn_unused_result));
/**
* Generates random bytes and allocate space for them.
@@ -85,7 +85,7 @@ struct rng_t {
* @param all TRUE if all bytes have to be non-zero, FALSE for first
* @return TRUE if bytes successfully written
*/
-bool rng_get_bytes_not_zero(rng_t *rng, size_t len, u_int8_t *buffer,
+bool rng_get_bytes_not_zero(rng_t *rng, size_t len, uint8_t *buffer,
bool all) __attribute__((warn_unused_result));
/**
diff --git a/src/libstrongswan/crypto/signers/mac_signer.c b/src/libstrongswan/crypto/signers/mac_signer.c
index 1094c4473..4426782b4 100644
--- a/src/libstrongswan/crypto/signers/mac_signer.c
+++ b/src/libstrongswan/crypto/signers/mac_signer.c
@@ -41,11 +41,11 @@ struct private_signer_t {
};
METHOD(signer_t, get_signature, bool,
- private_signer_t *this, chunk_t data, u_int8_t *buffer)
+ private_signer_t *this, chunk_t data, uint8_t *buffer)
{
if (buffer)
{
- u_int8_t mac[this->mac->get_mac_size(this->mac)];
+ uint8_t mac[this->mac->get_mac_size(this->mac)];
if (!this->mac->get_mac(this->mac, data, mac))
{
@@ -62,7 +62,7 @@ METHOD(signer_t, allocate_signature, bool,
{
if (chunk)
{
- u_int8_t mac[this->mac->get_mac_size(this->mac)];
+ uint8_t mac[this->mac->get_mac_size(this->mac)];
if (!this->mac->get_mac(this->mac, data, mac))
{
@@ -78,7 +78,7 @@ METHOD(signer_t, allocate_signature, bool,
METHOD(signer_t, verify_signature, bool,
private_signer_t *this, chunk_t data, chunk_t signature)
{
- u_int8_t mac[this->mac->get_mac_size(this->mac)];
+ uint8_t mac[this->mac->get_mac_size(this->mac)];
if (signature.len != this->truncation)
{
diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h
index e0cf7eb5a..01b702da1 100644
--- a/src/libstrongswan/crypto/signers/signer.h
+++ b/src/libstrongswan/crypto/signers/signer.h
@@ -96,7 +96,7 @@ struct signer_t {
* @return TRUE if signature created successfully
*/
bool (*get_signature)(signer_t *this, chunk_t data,
- u_int8_t *buffer) __attribute__((warn_unused_result));
+ uint8_t *buffer) __attribute__((warn_unused_result));
/**
* Generate a signature and allocate space for it.
diff --git a/src/libstrongswan/eap/eap.h b/src/libstrongswan/eap/eap.h
index 08d88ba88..2d4a238cd 100644
--- a/src/libstrongswan/eap/eap.h
+++ b/src/libstrongswan/eap/eap.h
@@ -99,18 +99,18 @@ struct eap_vendor_type_t {
/**
* Vendor Id
*/
- u_int32_t vendor;
+ uint32_t vendor;
};
/**
* EAP packet format
*/
typedef struct __attribute__((packed)) {
- u_int8_t code;
- u_int8_t identifier;
- u_int16_t length;
- u_int8_t type;
- u_int8_t data;
+ uint8_t code;
+ uint8_t identifier;
+ uint16_t length;
+ uint8_t type;
+ uint8_t data;
} eap_packet_t;
/**
diff --git a/src/libstrongswan/ipsec/ipsec_types.c b/src/libstrongswan/ipsec/ipsec_types.c
index f2ee11ee8..a52a1eb51 100644
--- a/src/libstrongswan/ipsec/ipsec_types.c
+++ b/src/libstrongswan/ipsec/ipsec_types.c
@@ -40,6 +40,22 @@ ENUM(ipcomp_transform_names, IPCOMP_NONE, IPCOMP_LZJH,
/*
* See header
*/
+bool ipsec_sa_cfg_equals(ipsec_sa_cfg_t *a, ipsec_sa_cfg_t *b)
+{
+ return a->mode == b->mode &&
+ a->reqid == b->reqid &&
+ a->policy_count == b->policy_count &&
+ a->esp.use == b->esp.use &&
+ a->esp.spi == b->esp.spi &&
+ a->ah.use == b->ah.use &&
+ a->ah.spi == b->ah.spi &&
+ a->ipcomp.transform == b->ipcomp.transform &&
+ a->ipcomp.cpi == b->ipcomp.cpi;
+}
+
+/*
+ * See header
+ */
bool mark_from_string(const char *value, mark_t *mark)
{
char *endptr;
diff --git a/src/libstrongswan/ipsec/ipsec_types.h b/src/libstrongswan/ipsec/ipsec_types.h
index fa122af30..c93d95562 100644
--- a/src/libstrongswan/ipsec/ipsec_types.h
+++ b/src/libstrongswan/ipsec/ipsec_types.h
@@ -123,26 +123,35 @@ struct ipsec_sa_cfg_t {
/** mode of SA (tunnel, transport) */
ipsec_mode_t mode;
/** unique ID */
- u_int32_t reqid;
+ uint32_t reqid;
/** number of policies of the same kind (in/out/fwd) attached to SA */
- u_int32_t policy_count;
+ uint32_t policy_count;
/** details about ESP/AH */
struct {
/** TRUE if this protocol is used */
bool use;
/** SPI for ESP/AH */
- u_int32_t spi;
+ uint32_t spi;
} esp, ah;
/** details about IPComp */
struct {
/** the IPComp transform used */
- u_int16_t transform;
+ uint16_t transform;
/** CPI for IPComp */
- u_int16_t cpi;
+ uint16_t cpi;
} ipcomp;
};
/**
+ * Compare two ipsec_sa_cfg_t objects for equality.
+ *
+ * @param a first object
+ * @param b second object
+ * @return TRUE if both objects are equal
+ */
+bool ipsec_sa_cfg_equals(ipsec_sa_cfg_t *a, ipsec_sa_cfg_t *b);
+
+/**
* A lifetime_cfg_t defines the lifetime limits of an SA.
*
* Set any of these values to 0 to ignore.
@@ -150,11 +159,11 @@ struct ipsec_sa_cfg_t {
struct lifetime_cfg_t {
struct {
/** Limit before the SA gets invalid. */
- u_int64_t life;
+ uint64_t life;
/** Limit before the SA gets rekeyed. */
- u_int64_t rekey;
+ uint64_t rekey;
/** The range of a random value subtracted from rekey. */
- u_int64_t jitter;
+ uint64_t jitter;
} time, bytes, packets;
};
@@ -163,9 +172,9 @@ struct lifetime_cfg_t {
*/
struct mark_t {
/** Mark value */
- u_int32_t value;
+ uint32_t value;
/** Mark mask */
- u_int32_t mask;
+ uint32_t mask;
};
/**
diff --git a/src/libstrongswan/networking/host.c b/src/libstrongswan/networking/host.c
index 2e464b0ad..b71d2da16 100644
--- a/src/libstrongswan/networking/host.c
+++ b/src/libstrongswan/networking/host.c
@@ -79,7 +79,7 @@ METHOD(host_t, get_sockaddr_len, socklen_t*,
METHOD(host_t, is_anyaddr, bool,
private_host_t *this)
{
- static const u_int8_t zeroes[IPV6_LEN];
+ static const uint8_t zeroes[IPV6_LEN];
switch (this->address.sa_family)
{
@@ -119,7 +119,7 @@ int host_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec,
else
{
void *address;
- u_int16_t port;
+ uint16_t port;
int len;
address = &this->address6.sin6_addr;
@@ -191,7 +191,7 @@ METHOD(host_t, get_family, int,
return this->address.sa_family;
}
-METHOD(host_t, get_port, u_int16_t,
+METHOD(host_t, get_port, uint16_t,
private_host_t *this)
{
switch (this->address.sa_family)
@@ -212,7 +212,7 @@ METHOD(host_t, get_port, u_int16_t,
}
METHOD(host_t, set_port, void,
- private_host_t *this, u_int16_t port)
+ private_host_t *this, uint16_t port)
{
switch (this->address.sa_family)
{
@@ -334,7 +334,7 @@ static private_host_t *host_create_empty(void)
/*
* Create a %any host with port
*/
-static host_t *host_create_any_port(int family, u_int16_t port)
+static host_t *host_create_any_port(int family, uint16_t port)
{
host_t *this;
@@ -347,7 +347,7 @@ static host_t *host_create_any_port(int family, u_int16_t port)
* Described in header.
*/
host_t *host_create_from_string_and_family(char *string, int family,
- u_int16_t port)
+ uint16_t port)
{
union {
struct sockaddr_in v4;
@@ -415,7 +415,7 @@ host_t *host_create_from_string_and_family(char *string, int family,
/*
* Described in header.
*/
-host_t *host_create_from_string(char *string, u_int16_t port)
+host_t *host_create_from_string(char *string, uint16_t port)
{
return host_create_from_string_and_family(string, AF_UNSPEC, port);
}
@@ -455,7 +455,7 @@ host_t *host_create_from_sockaddr(sockaddr_t *sockaddr)
/*
* Described in header.
*/
-host_t *host_create_from_dns(char *string, int af, u_int16_t port)
+host_t *host_create_from_dns(char *string, int af, uint16_t port)
{
host_t *this;
@@ -474,7 +474,7 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port)
/*
* Described in header.
*/
-host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port)
+host_t *host_create_from_chunk(int family, chunk_t address, uint16_t port)
{
private_host_t *this;
@@ -646,7 +646,7 @@ host_t *host_create_netmask(int family, int netbits)
if (bytes < len)
{
memset(target + bytes, 0x00, len - bytes);
- target[bytes] = (u_int8_t)(0xff << bits);
+ target[bytes] = (uint8_t)(0xff << bits);
}
return &this->public;
}
diff --git a/src/libstrongswan/networking/host.h b/src/libstrongswan/networking/host.h
index db6f4dd49..a777f9f97 100644
--- a/src/libstrongswan/networking/host.h
+++ b/src/libstrongswan/networking/host.h
@@ -99,14 +99,14 @@ struct host_t {
*
* @return port number
*/
- u_int16_t (*get_port) (host_t *this);
+ uint16_t (*get_port) (host_t *this);
/**
* Set the port of this host
*
* @param port port number
*/
- void (*set_port) (host_t *this, u_int16_t port);
+ void (*set_port) (host_t *this, uint16_t port);
/**
* Compare the ips of two hosts hosts.
@@ -137,7 +137,7 @@ struct host_t {
* @param port port number
* @return host_t, NULL if string not an address.
*/
-host_t *host_create_from_string(char *string, u_int16_t port);
+host_t *host_create_from_string(char *string, uint16_t port);
/**
* Same as host_create_from_string(), but with the option to enforce a family.
@@ -148,7 +148,7 @@ host_t *host_create_from_string(char *string, u_int16_t port);
* @return host_t, NULL if string not an address.
*/
host_t *host_create_from_string_and_family(char *string, int family,
- u_int16_t port);
+ uint16_t port);
/**
* Constructor to create a host_t from a DNS name.
@@ -158,7 +158,7 @@ host_t *host_create_from_string_and_family(char *string, int family,
* @param port port number
* @return host_t, NULL lookup failed
*/
-host_t *host_create_from_dns(char *string, int family, u_int16_t port);
+host_t *host_create_from_dns(char *string, int family, uint16_t port);
/**
* Constructor to create a host_t object from an address chunk.
@@ -170,7 +170,7 @@ host_t *host_create_from_dns(char *string, int family, u_int16_t port);
* @param port port number
* @return host_t, NULL if family not supported/chunk invalid
*/
-host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port);
+host_t *host_create_from_chunk(int family, chunk_t address, uint16_t port);
/**
* Constructor to create a host_t object from a sockaddr struct
diff --git a/src/libstrongswan/networking/packet.c b/src/libstrongswan/networking/packet.c
index 4ff7fc48b..f76a85a4b 100644
--- a/src/libstrongswan/networking/packet.c
+++ b/src/libstrongswan/networking/packet.c
@@ -42,7 +42,7 @@ struct private_packet_t {
/**
* DSCP value on packet
*/
- u_int8_t dscp;
+ uint8_t dscp;
/**
* message data
@@ -94,13 +94,13 @@ METHOD(packet_t, set_data, void,
this->adjusted_data = this->data = data;
}
-METHOD(packet_t, get_dscp, u_int8_t,
+METHOD(packet_t, get_dscp, uint8_t,
private_packet_t *this)
{
return this->dscp;
}
METHOD(packet_t, set_dscp, void,
- private_packet_t *this, u_int8_t value)
+ private_packet_t *this, uint8_t value)
{
this->dscp = value;
}
diff --git a/src/libstrongswan/networking/packet.h b/src/libstrongswan/networking/packet.h
index 1492dd0b9..8699d4abe 100644
--- a/src/libstrongswan/networking/packet.h
+++ b/src/libstrongswan/networking/packet.h
@@ -85,14 +85,14 @@ struct packet_t {
*
* @return DSCP value
*/
- u_int8_t (*get_dscp)(packet_t *this);
+ uint8_t (*get_dscp)(packet_t *this);
/**
* Set the DiffServ Code Point to use on this packet.
*
* @param value DSCP value
*/
- void (*set_dscp)(packet_t *this, u_int8_t value);
+ void (*set_dscp)(packet_t *this, uint8_t value);
/**
* Increase the offset where the actual packet data starts.
diff --git a/src/libstrongswan/networking/tun_device.c b/src/libstrongswan/networking/tun_device.c
index 81d215677..de925553f 100644
--- a/src/libstrongswan/networking/tun_device.c
+++ b/src/libstrongswan/networking/tun_device.c
@@ -96,7 +96,7 @@ struct private_tun_device_t {
/**
* Netmask for address
*/
- u_int8_t netmask;
+ uint8_t netmask;
};
/**
@@ -105,7 +105,7 @@ struct private_tun_device_t {
#if __FreeBSD__ >= 10
static bool set_address_and_mask(struct in_aliasreq *ifra, host_t *addr,
- u_int8_t netmask)
+ uint8_t netmask)
{
host_t *mask;
@@ -132,7 +132,7 @@ static bool set_address_and_mask(struct in_aliasreq *ifra, host_t *addr,
* on FreeBSD 10 an newer.
*/
static bool set_address_impl(private_tun_device_t *this, host_t *addr,
- u_int8_t netmask)
+ uint8_t netmask)
{
struct in_aliasreq ifra;
@@ -171,7 +171,7 @@ static bool set_address_impl(private_tun_device_t *this, host_t *addr,
* Set the address using the classic SIOCSIFADDR etc. commands on other systems.
*/
static bool set_address_impl(private_tun_device_t *this, host_t *addr,
- u_int8_t netmask)
+ uint8_t netmask)
{
struct ifreq ifr;
host_t *mask;
@@ -218,7 +218,7 @@ static bool set_address_impl(private_tun_device_t *this, host_t *addr,
#endif /* __FreeBSD__ */
METHOD(tun_device_t, set_address, bool,
- private_tun_device_t *this, host_t *addr, u_int8_t netmask)
+ private_tun_device_t *this, host_t *addr, uint8_t netmask)
{
if (!set_address_impl(this, addr, netmask))
{
@@ -231,7 +231,7 @@ METHOD(tun_device_t, set_address, bool,
}
METHOD(tun_device_t, get_address, host_t*,
- private_tun_device_t *this, u_int8_t *netmask)
+ private_tun_device_t *this, uint8_t *netmask)
{
if (netmask && this->address)
{
@@ -326,7 +326,7 @@ METHOD(tun_device_t, write_packet, bool,
#ifdef __APPLE__
/* UTUN's expect the packets to be prepended by a 32-bit protocol number
* instead of parsing the packet again, we assume IPv4 for now */
- u_int32_t proto = htonl(AF_INET);
+ uint32_t proto = htonl(AF_INET);
packet = chunk_cata("cc", chunk_from_thing(proto), packet);
#endif
s = write(this->tunfd, packet.ptr, packet.len);
@@ -364,7 +364,7 @@ METHOD(tun_device_t, read_packet, bool,
data.len = len;
#ifdef __APPLE__
/* UTUN's prepend packets with a 32-bit protocol number */
- data = chunk_skip(data, sizeof(u_int32_t));
+ data = chunk_skip(data, sizeof(uint32_t));
#endif
*packet = chunk_clone(data);
return TRUE;
diff --git a/src/libstrongswan/networking/tun_device.h b/src/libstrongswan/networking/tun_device.h
index 880369ba7..4f9eacb07 100644
--- a/src/libstrongswan/networking/tun_device.h
+++ b/src/libstrongswan/networking/tun_device.h
@@ -60,7 +60,7 @@ struct tun_device_t {
* @param netmask the netmask to use
* @return TRUE if operation successful
*/
- bool (*set_address)(tun_device_t *this, host_t *addr, u_int8_t netmask);
+ bool (*set_address)(tun_device_t *this, host_t *addr, uint8_t netmask);
/**
* Get the IP address previously assigned to using set_address().
@@ -68,7 +68,7 @@ struct tun_device_t {
* @param netmask pointer receiving the configured netmask, or NULL
* @return address previously set, NULL if none
*/
- host_t* (*get_address)(tun_device_t *this, u_int8_t *netmask);
+ host_t* (*get_address)(tun_device_t *this, uint8_t *netmask);
/**
* Bring the TUN device up
diff --git a/src/libstrongswan/pen/pen.h b/src/libstrongswan/pen/pen.h
index 2c5592330..50e63f7be 100644
--- a/src/libstrongswan/pen/pen.h
+++ b/src/libstrongswan/pen/pen.h
@@ -59,7 +59,7 @@ enum pen_t {
*/
struct pen_type_t {
pen_t vendor_id;
- u_int32_t type;
+ uint32_t type;
};
/**
@@ -69,7 +69,7 @@ struct pen_type_t {
* @param type type to create a pen_type_t
* @return created pen_type_t
*/
-static inline pen_type_t pen_type_create(pen_t vendor_id, u_int32_t type)
+static inline pen_type_t pen_type_create(pen_t vendor_id, uint32_t type)
{
pen_type_t pen_type = { vendor_id, type };
return pen_type;
@@ -96,7 +96,7 @@ static inline bool pen_type_equals(pen_type_t a, pen_type_t b)
* @return TRUE if vendor_id and type matches pen_type
*/
static inline bool pen_type_is(pen_type_t pen_type,
- pen_t vendor_id, u_int32_t type)
+ pen_t vendor_id, uint32_t type)
{
return pen_type.vendor_id == vendor_id && pen_type.type == type;
}
diff --git a/src/libstrongswan/plugins/acert/Makefile.in b/src/libstrongswan/plugins/acert/Makefile.in
index 034ab48e0..a1ee0f83e 100644
--- a/src/libstrongswan/plugins/acert/Makefile.in
+++ b/src/libstrongswan/plugins/acert/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/acert
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/acert/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/acert/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 6ad68a55a..02cd0f832 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/aes
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/aes/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/aes/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c
index f9775c8b8..8829ba162 100644
--- a/src/libstrongswan/plugins/aes/aes_crypter.c
+++ b/src/libstrongswan/plugins/aes/aes_crypter.c
@@ -49,27 +49,27 @@ struct private_aes_crypter_t {
/**
* Number of words in the key input block.
*/
- u_int32_t aes_Nkey;
+ uint32_t aes_Nkey;
/**
* The number of cipher rounds.
*/
- u_int32_t aes_Nrnd;
+ uint32_t aes_Nrnd;
/**
* The encryption key schedule.
*/
- u_int32_t aes_e_key[AES_KS_LENGTH];
+ uint32_t aes_e_key[AES_KS_LENGTH];
/**
* The decryption key schedule.
*/
- u_int32_t aes_d_key[AES_KS_LENGTH];
+ uint32_t aes_d_key[AES_KS_LENGTH];
/**
* Key size of this AES cypher object.
*/
- u_int32_t key_size;
+ uint32_t key_size;
};
/**
@@ -88,7 +88,7 @@ struct private_aes_crypter_t {
*/
#define bval(x,n) ((unsigned char)((x) >> 8 * (n)))
#define bytes2word(b0, b1, b2, b3) \
- ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0))
+ ((uint32_t)(b3) << 24 | (uint32_t)(b2) << 16 | (uint32_t)(b1) << 8 | (b0))
/* little endian processor without data alignment restrictions: AES_LE_OK */
@@ -105,15 +105,15 @@ struct private_aes_crypter_t {
#ifdef AES_LE_OK
/* little endian processor without data alignment restrictions */
-#define word_in(x) *(u_int32_t*)(x)
-#define const_word_in(x) *(const u_int32_t*)(x)
-#define word_out(x,v) *(u_int32_t*)(x) = (v)
-#define const_word_out(x,v) *(const u_int32_t*)(x) = (v)
+#define word_in(x) *(uint32_t*)(x)
+#define const_word_in(x) *(const uint32_t*)(x)
+#define word_out(x,v) *(uint32_t*)(x) = (v)
+#define const_word_out(x,v) *(const uint32_t*)(x) = (v)
#else
/* slower but generic big endian or with data alignment restrictions */
/* some additional "const" touches to stop "gcc -Wcast-qual" complains --jjo */
-#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
-#define const_word_in(x) ((const u_int32_t)(((const unsigned char *)(x))[0])|((const u_int32_t)(((const unsigned char *)(x))[1])<<8)|((const u_int32_t)(((const unsigned char *)(x))[2])<<16)|((const u_int32_t)(((const unsigned char *)(x))[3])<<24))
+#define word_in(x) ((uint32_t)(((unsigned char *)(x))[0])|((uint32_t)(((unsigned char *)(x))[1])<<8)|((uint32_t)(((unsigned char *)(x))[2])<<16)|((uint32_t)(((unsigned char *)(x))[3])<<24))
+#define const_word_in(x) ((const uint32_t)(((const unsigned char *)(x))[0])|((const uint32_t)(((const unsigned char *)(x))[1])<<8)|((const uint32_t)(((const unsigned char *)(x))[2])<<16)|((const uint32_t)(((const unsigned char *)(x))[3])<<24))
#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
#define const_word_out(x,v) ((const unsigned char *)(x))[0]=(v),((const unsigned char *)(x))[1]=((v)>>8),((const unsigned char *)(x))[2]=((v)>>16),((const unsigned char *)(x))[3]=((v)>>24)
#endif
@@ -156,7 +156,7 @@ struct private_aes_crypter_t {
// this table can be a table of bytes if the key schedule
// code is adjusted accordingly
-static const u_int32_t rcon_tab[29] =
+static const uint32_t rcon_tab[29] =
{
w0(01), w0(02), w0(04), w0(08),
w0(10), w0(20), w0(40), w0(80),
@@ -320,7 +320,7 @@ static const u_int32_t rcon_tab[29] =
#undef r
#define r r0
-static const u_int32_t ft_tab[4][256] =
+static const uint32_t ft_tab[4][256] =
{ { f_table },
#undef r
#define r r1
@@ -335,7 +335,7 @@ static const u_int32_t ft_tab[4][256] =
#undef r
#define r r0
-static const u_int32_t it_tab[4][256] =
+static const uint32_t it_tab[4][256] =
{ { i_table },
#undef r
#define r r1
@@ -386,7 +386,7 @@ static const u_int32_t it_tab[4][256] =
#undef r
#define r(p,q,r,s) w0(q)
-static const u_int32_t fl_tab[4][256] =
+static const uint32_t fl_tab[4][256] =
{ { f_table },
#undef r
#define r(p,q,r,s) w1(q)
@@ -401,7 +401,7 @@ static const u_int32_t fl_tab[4][256] =
#undef w
#define w w0
-static const u_int32_t il_tab[4][256] =
+static const uint32_t il_tab[4][256] =
{ { li_table },
#undef w
#define w w1
@@ -483,7 +483,7 @@ static const u_int32_t il_tab[4][256] =
#undef r
#define r r0
-static const u_int32_t im_tab[4][256] =
+static const uint32_t im_tab[4][256] =
{ { m_table },
#undef r
#define r r1
@@ -717,8 +717,8 @@ static const u_int32_t im_tab[4][256] =
static void encrypt_block(const private_aes_crypter_t *this,
const unsigned char in_blk[], unsigned char out_blk[])
{
- u_int32_t locals(b0, b1);
- const u_int32_t *kp = this->aes_e_key;
+ uint32_t locals(b0, b1);
+ const uint32_t *kp = this->aes_e_key;
state_in(b0, in_blk, kp); kp += nc;
@@ -754,8 +754,8 @@ static void encrypt_block(const private_aes_crypter_t *this,
static void decrypt_block(const private_aes_crypter_t *this,
const unsigned char in_blk[], unsigned char out_blk[])
{
- u_int32_t locals(b0, b1);
- const u_int32_t *kp = this->aes_d_key;
+ uint32_t locals(b0, b1);
+ const uint32_t *kp = this->aes_d_key;
state_in(b0, in_blk, kp); kp += nc;
@@ -789,8 +789,8 @@ METHOD(crypter_t, decrypt, bool,
private_aes_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
{
int pos;
- const u_int32_t *iv_i;
- u_int8_t *in, *out;
+ const uint32_t *iv_i;
+ uint8_t *in, *out;
if (decrypted)
{
@@ -811,16 +811,16 @@ METHOD(crypter_t, decrypt, bool,
decrypt_block(this, in, out);
if (pos==0)
{
- iv_i=(const u_int32_t*) (iv.ptr);
+ iv_i=(const uint32_t*) (iv.ptr);
}
else
{
- iv_i=(const u_int32_t*) (in-16);
+ iv_i=(const uint32_t*) (in-16);
}
- *((u_int32_t *)(&out[ 0])) ^= iv_i[0];
- *((u_int32_t *)(&out[ 4])) ^= iv_i[1];
- *((u_int32_t *)(&out[ 8])) ^= iv_i[2];
- *((u_int32_t *)(&out[12])) ^= iv_i[3];
+ *((uint32_t *)(&out[ 0])) ^= iv_i[0];
+ *((uint32_t *)(&out[ 4])) ^= iv_i[1];
+ *((uint32_t *)(&out[ 8])) ^= iv_i[2];
+ *((uint32_t *)(&out[12])) ^= iv_i[3];
in-=16;
out-=16;
pos-=16;
@@ -832,8 +832,8 @@ METHOD(crypter_t, encrypt, bool,
private_aes_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
{
int pos;
- const u_int32_t *iv_i;
- u_int8_t *in, *out;
+ const uint32_t *iv_i;
+ uint8_t *in, *out;
in = data.ptr;
out = data.ptr;
@@ -848,16 +848,16 @@ METHOD(crypter_t, encrypt, bool,
{
if (pos==0)
{
- iv_i=(const u_int32_t*) iv.ptr;
+ iv_i=(const uint32_t*) iv.ptr;
}
else
{
- iv_i=(const u_int32_t*) (out-16);
+ iv_i=(const uint32_t*) (out-16);
}
- *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0]));
- *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4]));
- *((u_int32_t *)(&out[ 8])) = iv_i[2]^*((const u_int32_t *)(&in[ 8]));
- *((u_int32_t *)(&out[12])) = iv_i[3]^*((const u_int32_t *)(&in[12]));
+ *((uint32_t *)(&out[ 0])) = iv_i[0]^*((const uint32_t *)(&in[ 0]));
+ *((uint32_t *)(&out[ 4])) = iv_i[1]^*((const uint32_t *)(&in[ 4]));
+ *((uint32_t *)(&out[ 8])) = iv_i[2]^*((const uint32_t *)(&in[ 8]));
+ *((uint32_t *)(&out[12])) = iv_i[3]^*((const uint32_t *)(&in[12]));
encrypt_block(this, out, out);
in+=16;
out+=16;
@@ -887,8 +887,8 @@ METHOD(crypter_t, get_key_size, size_t,
METHOD(crypter_t, set_key, bool,
private_aes_crypter_t *this, chunk_t key)
{
- u_int32_t *kf, *kt, rci, f = 0;
- u_int8_t *in_key = key.ptr;
+ uint32_t *kf, *kt, rci, f = 0;
+ uint8_t *in_key = key.ptr;
this->aes_Nrnd = (this->aes_Nkey > (nc) ? this->aes_Nkey : (nc)) + 6;
@@ -948,7 +948,7 @@ METHOD(crypter_t, set_key, bool,
if(!f)
{
- u_int32_t i;
+ uint32_t i;
kt = this->aes_d_key + nc * this->aes_Nrnd;
kf = this->aes_e_key;
diff --git a/src/libstrongswan/plugins/aesni/Makefile.in b/src/libstrongswan/plugins/aesni/Makefile.in
index 7f91e439c..576b6dafc 100644
--- a/src/libstrongswan/plugins/aesni/Makefile.in
+++ b/src/libstrongswan/plugins/aesni/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/aesni
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/aesni/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/aesni/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -789,6 +802,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/aesni/aesni_ccm.c b/src/libstrongswan/plugins/aesni/aesni_ccm.c
index d523bc17a..12074860e 100644
--- a/src/libstrongswan/plugins/aesni/aesni_ccm.c
+++ b/src/libstrongswan/plugins/aesni/aesni_ccm.c
@@ -83,7 +83,7 @@ struct private_aesni_ccm_t {
* First block with control information
*/
typedef struct __attribute__((packed)) {
- BITFIELD4(u_int8_t,
+ BITFIELD4(uint8_t,
/* size of p length field q, as q-1 */
q_len: 3,
/* size of our ICV t, as (t-2)/2 */
@@ -105,7 +105,7 @@ typedef struct __attribute__((packed)) {
* Counter block
*/
typedef struct __attribute__((packed)) {
- BITFIELD3(u_int8_t,
+ BITFIELD3(uint8_t,
/* size of p length field q, as q-1 */
q_len: 3,
zero: 3,
@@ -140,7 +140,7 @@ static void build_b0(private_aesni_ccm_t *this, size_t len, size_t alen,
/**
* Build a counter block for counter i
*/
-static void build_ctr(private_aesni_ccm_t *this, u_int32_t i, u_char *iv,
+static void build_ctr(private_aesni_ccm_t *this, uint32_t i, u_char *iv,
void *out)
{
ctr_t *ctr = out;
@@ -157,7 +157,7 @@ static void build_ctr(private_aesni_ccm_t *this, u_int32_t i, u_char *iv,
* Calculate the ICV for the b0 and associated data
*/
static __m128i icv_header(private_aesni_ccm_t *this, size_t len, u_char *iv,
- u_int16_t alen, u_char *assoc)
+ uint16_t alen, u_char *assoc)
{
__m128i *ks, b, t, c;
u_int i, round, blocks, rem;
diff --git a/src/libstrongswan/plugins/aesni/aesni_cmac.c b/src/libstrongswan/plugins/aesni/aesni_cmac.c
index d6a87e6d7..07580c822 100644
--- a/src/libstrongswan/plugins/aesni/aesni_cmac.c
+++ b/src/libstrongswan/plugins/aesni/aesni_cmac.c
@@ -65,7 +65,7 @@ struct private_mac_t {
};
METHOD(mac_t, get_mac, bool,
- private_mac_t *this, chunk_t data, u_int8_t *out)
+ private_mac_t *this, chunk_t data, uint8_t *out)
{
__m128i *ks, t, l, *bi;
u_int blocks, rem, i;
diff --git a/src/libstrongswan/plugins/aesni/aesni_ctr.c b/src/libstrongswan/plugins/aesni/aesni_ctr.c
index 989813814..d9a555a85 100644
--- a/src/libstrongswan/plugins/aesni/aesni_ctr.c
+++ b/src/libstrongswan/plugins/aesni/aesni_ctr.c
@@ -61,7 +61,7 @@ struct private_aesni_ctr_t {
struct {
char nonce[4];
char iv[8];
- u_int32_t counter;
+ uint32_t counter;
} __attribute__((packed, aligned(sizeof(__m128i)))) state;
};
diff --git a/src/libstrongswan/plugins/aesni/aesni_gcm.c b/src/libstrongswan/plugins/aesni/aesni_gcm.c
index 53c0b144e..330dc6cd3 100644
--- a/src/libstrongswan/plugins/aesni/aesni_gcm.c
+++ b/src/libstrongswan/plugins/aesni/aesni_gcm.c
@@ -316,7 +316,7 @@ static __m128i icv_tailer(private_aesni_gcm_t *this, __m128i y,
__m128i b;
htoun64(&b, alen * 8);
- htoun64((u_char*)&b + sizeof(u_int64_t), dlen * 8);
+ htoun64((u_char*)&b + sizeof(uint64_t), dlen * 8);
return ghash(this->h, y, b);
}
diff --git a/src/libstrongswan/plugins/aesni/aesni_xcbc.c b/src/libstrongswan/plugins/aesni/aesni_xcbc.c
index 24a75cec0..974c5fedc 100644
--- a/src/libstrongswan/plugins/aesni/aesni_xcbc.c
+++ b/src/libstrongswan/plugins/aesni/aesni_xcbc.c
@@ -70,7 +70,7 @@ struct private_aesni_mac_t {
};
METHOD(mac_t, get_mac, bool,
- private_aesni_mac_t *this, chunk_t data, u_int8_t *out)
+ private_aesni_mac_t *this, chunk_t data, uint8_t *out)
{
__m128i *ks, e, *bi;
u_int blocks, rem, i;
diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in
index 7aaea450c..1f092287b 100644
--- a/src/libstrongswan/plugins/af_alg/Makefile.in
+++ b/src/libstrongswan/plugins/af_alg/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/af_alg
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -466,7 +480,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/af_alg/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/af_alg/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -784,6 +797,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c
index 611975533..62fea51cc 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c
@@ -107,7 +107,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_af_alg_hasher_t *this, chunk_t chunk, u_int8_t *hash)
+ private_af_alg_hasher_t *this, chunk_t chunk, uint8_t *hash)
{
return this->ops->hash(this->ops, chunk, hash, this->size);
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
index 331d1e801..7e129300f 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
@@ -108,7 +108,7 @@ METHOD(af_alg_ops_t, hash, bool,
}
METHOD(af_alg_ops_t, crypt, bool,
- private_af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data,
+ private_af_alg_ops_t *this, uint32_t type, chunk_t iv, chunk_t data,
char *out)
{
struct msghdr msg = {};
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.h b/src/libstrongswan/plugins/af_alg/af_alg_ops.h
index e34f22977..51342d71c 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_ops.h
+++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.h
@@ -64,7 +64,7 @@ struct af_alg_ops_t {
* @param out buffer write processed data to
* @return TRUE if successful
*/
- bool (*crypt)(af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data,
+ bool (*crypt)(af_alg_ops_t *this, uint32_t type, chunk_t iv, chunk_t data,
char *out);
/**
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c
index 445667507..571882cec 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c
@@ -22,6 +22,8 @@
#include "af_alg_prf.h"
#include "af_alg_crypter.h"
+#include <unistd.h>
+
typedef struct private_af_alg_plugin_t private_af_alg_plugin_t;
/**
@@ -41,6 +43,19 @@ METHOD(plugin_t, get_name, char*,
return "af-alg";
}
+static bool af_alg_supported()
+{
+ int fd;
+
+ fd = socket(AF_ALG, SOCK_SEQPACKET, 0);
+ if (fd != -1)
+ {
+ close(fd);
+ return true;
+ }
+ return false;
+}
+
METHOD(plugin_t, get_features, int,
private_af_alg_plugin_t *this, plugin_feature_t *features[])
{
@@ -50,6 +65,10 @@ METHOD(plugin_t, get_features, int,
if (!count)
{ /* initialize only once */
+ if (!af_alg_supported())
+ {
+ return 0;
+ }
f[count++] = PLUGIN_REGISTER(HASHER, af_alg_hasher_create);
af_alg_hasher_probe(f, &count);
f[count++] = PLUGIN_REGISTER(SIGNER, af_alg_signer_create);
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.c b/src/libstrongswan/plugins/af_alg/af_alg_prf.c
index 2b7d51376..8c3627a22 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_prf.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.c
@@ -106,7 +106,7 @@ static size_t lookup_alg(pseudo_random_function_t algo, char **name, bool *xcbc)
}
METHOD(prf_t, get_bytes, bool,
- private_af_alg_prf_t *this, chunk_t seed, u_int8_t *buffer)
+ private_af_alg_prf_t *this, chunk_t seed, uint8_t *buffer)
{
return this->ops->hash(this->ops, seed, buffer, this->block_size);
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
index 1403144ab..e54b457e7 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
@@ -109,7 +109,7 @@ static size_t lookup_alg(integrity_algorithm_t algo, char **name,
}
METHOD(signer_t, get_signature, bool,
- private_af_alg_signer_t *this, chunk_t data, u_int8_t *buffer)
+ private_af_alg_signer_t *this, chunk_t data, uint8_t *buffer)
{
return this->ops->hash(this->ops, data, buffer, this->block_size);
}
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index cbdc8e84e..5e1b1f38a 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/agent
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/agent/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/agent/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index c2e82a9f1..bb55c45c0 100644
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -98,18 +98,18 @@ static u_char read_byte(chunk_t *blob)
}
/**
- * read a u_int32_t from a blob
+ * read a uint32_t from a blob
*/
-static u_int32_t read_uint32(chunk_t *blob)
+static uint32_t read_uint32(chunk_t *blob)
{
- u_int32_t val;
+ uint32_t val;
- if (blob->len < sizeof(u_int32_t))
+ if (blob->len < sizeof(uint32_t))
{
return 0;
}
- val = ntohl(*(u_int32_t*)blob->ptr);
- *blob = chunk_skip(*blob, sizeof(u_int32_t));
+ val = ntohl(*(uint32_t*)blob->ptr);
+ *blob = chunk_skip(*blob, sizeof(uint32_t));
return val;
}
@@ -182,7 +182,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey)
blob = chunk_create(buf, sizeof(buf));
blob.len = read(this->socket, blob.ptr, blob.len);
- if (blob.len < sizeof(u_int32_t) + sizeof(u_char) ||
+ if (blob.len < sizeof(uint32_t) + sizeof(u_char) ||
read_uint32(&blob) != blob.len ||
read_byte(&blob) != SSH_AGENT_ID_RESPONSE)
{
@@ -236,7 +236,7 @@ METHOD(private_key_t, sign, bool,
private_agent_private_key_t *this, signature_scheme_t scheme,
chunk_t data, chunk_t *signature)
{
- u_int32_t len, flags;
+ uint32_t len, flags;
char buf[2048];
chunk_t blob;
@@ -247,7 +247,7 @@ METHOD(private_key_t, sign, bool,
return FALSE;
}
- len = htonl(1 + sizeof(u_int32_t) * 3 + this->key.len + data.len);
+ len = htonl(1 + sizeof(uint32_t) * 3 + this->key.len + data.len);
buf[0] = SSH_AGENT_SIGN_REQUEST;
if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
write(this->socket, &buf, 1) != 1)
@@ -281,7 +281,7 @@ METHOD(private_key_t, sign, bool,
blob = chunk_create(buf, sizeof(buf));
blob.len = read(this->socket, blob.ptr, blob.len);
- if (blob.len < sizeof(u_int32_t) + sizeof(u_char) ||
+ if (blob.len < sizeof(uint32_t) + sizeof(u_char) ||
read_uint32(&blob) != blob.len ||
read_byte(&blob) != SSH_AGENT_SIGN_RESPONSE)
{
diff --git a/src/libstrongswan/plugins/bliss/Makefile.in b/src/libstrongswan/plugins/bliss/Makefile.in
index 8f91cdcbe..389e20ed4 100644
--- a/src/libstrongswan/plugins/bliss/Makefile.in
+++ b/src/libstrongswan/plugins/bliss/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -82,8 +92,6 @@ host_triplet = @host@
@MONOLITHIC_TRUE@am__append_1 = libstrongswan-bliss.la
noinst_PROGRAMS = bliss_huffman$(EXEEXT)
subdir = src/libstrongswan/plugins/bliss
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -97,6 +105,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -220,12 +229,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -275,6 +286,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -309,6 +321,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -420,6 +433,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -502,7 +516,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/bliss/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/bliss/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -850,6 +863,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
tags tags-am uninstall uninstall-am \
uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
recreate-bliss-huffman : bliss_huffman bliss_huffman_code.h
$(AM_V_GEN) \
diff --git a/src/libstrongswan/plugins/bliss/tests/Makefile.in b/src/libstrongswan/plugins/bliss/tests/Makefile.in
index 43e508ba0..85619c551 100644
--- a/src/libstrongswan/plugins/bliss/tests/Makefile.in
+++ b/src/libstrongswan/plugins/bliss/tests/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ host_triplet = @host@
TESTS = bliss_tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libstrongswan/plugins/bliss/tests
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -471,7 +485,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/bliss/tests/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/bliss/tests/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -981,6 +994,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index a6c3287f4..d54331163 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/blowfish
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/blowfish/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/blowfish/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
index 253f9b4a4..1708e078d 100644
--- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
@@ -84,14 +84,14 @@ struct private_blowfish_crypter_t {
/**
* Key size of this Blowfish cipher object.
*/
- u_int32_t key_size;
+ uint32_t key_size;
};
METHOD(crypter_t, decrypt, bool,
private_blowfish_crypter_t *this, chunk_t data, chunk_t iv,
chunk_t *decrypted)
{
- u_int8_t *in, *out;
+ uint8_t *in, *out;
if (decrypted)
{
@@ -116,7 +116,7 @@ METHOD(crypter_t, encrypt, bool,
private_blowfish_crypter_t *this, chunk_t data, chunk_t iv,
chunk_t *encrypted)
{
- u_int8_t *in, *out;
+ uint8_t *in, *out;
if (encrypted)
{
diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in
index 3d56b9802..d93b0479c 100644
--- a/src/libstrongswan/plugins/ccm/Makefile.in
+++ b/src/libstrongswan/plugins/ccm/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/ccm
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/ccm/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/ccm/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.c b/src/libstrongswan/plugins/ccm/ccm_aead.c
index 676d67681..9cf9bedf5 100644
--- a/src/libstrongswan/plugins/ccm/ccm_aead.c
+++ b/src/libstrongswan/plugins/ccm/ccm_aead.c
@@ -60,7 +60,7 @@ struct private_ccm_aead_t {
* First block with control information
*/
typedef struct __attribute__((packed)) {
- BITFIELD4(u_int8_t,
+ BITFIELD4(uint8_t,
/* size of p length field q, as q-1 */
q_len: 3,
/* size of our ICV t, as (t-2)/2 */
@@ -82,7 +82,7 @@ typedef struct __attribute__((packed)) {
* Counter block
*/
typedef struct __attribute__((packed)) {
- BITFIELD3(u_int8_t,
+ BITFIELD3(uint8_t,
/* size of p length field q, as q-1 */
q_len: 3,
zero: 3,
@@ -117,7 +117,7 @@ static void build_b0(private_ccm_aead_t *this, chunk_t plain, chunk_t assoc,
/**
* Build a counter block for counter i
*/
-static void build_ctr(private_ccm_aead_t *this, u_int32_t i, chunk_t iv,
+static void build_ctr(private_ccm_aead_t *this, uint32_t i, chunk_t iv,
char *out)
{
ctr_t *ctr = (ctr_t*)out;
diff --git a/src/libstrongswan/plugins/chapoly/Makefile.in b/src/libstrongswan/plugins/chapoly/Makefile.in
index b3506587d..d5b77a990 100644
--- a/src/libstrongswan/plugins/chapoly/Makefile.in
+++ b/src/libstrongswan/plugins/chapoly/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
@MONOLITHIC_TRUE@am__append_1 = libstrongswan-chapoly.la
subdir = src/libstrongswan/plugins/chapoly
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -215,12 +224,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -270,6 +281,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -304,6 +316,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -415,6 +428,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -479,7 +493,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/chapoly/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/chapoly/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -806,6 +819,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/chapoly/chapoly_aead.c b/src/libstrongswan/plugins/chapoly/chapoly_aead.c
index 50ad84b21..39d51e9f8 100644
--- a/src/libstrongswan/plugins/chapoly/chapoly_aead.c
+++ b/src/libstrongswan/plugins/chapoly/chapoly_aead.c
@@ -84,8 +84,8 @@ static bool poly_head(private_chapoly_aead_t *this, u_char *assoc, size_t len)
static bool poly_tail(private_chapoly_aead_t *this, size_t alen, size_t clen)
{
struct {
- u_int64_t alen;
- u_int64_t clen;
+ uint64_t alen;
+ uint64_t clen;
} b;
b.alen = htole64(alen);
@@ -190,7 +190,7 @@ METHOD(aead_t, encrypt, bool,
{
u_char *out;
- if (sizeof(plain.len) > sizeof(u_int32_t) && plain.len > P_MAX)
+ if (sizeof(plain.len) > sizeof(uint32_t) && plain.len > P_MAX)
{
return FALSE;
}
@@ -220,7 +220,7 @@ METHOD(aead_t, decrypt, bool,
return FALSE;
}
encr.len -= POLY_ICV_SIZE;
- if (sizeof(encr.len) > sizeof(u_int32_t) && encr.len > P_MAX)
+ if (sizeof(encr.len) > sizeof(uint32_t) && encr.len > P_MAX)
{
return FALSE;
}
diff --git a/src/libstrongswan/plugins/chapoly/chapoly_drv_portable.c b/src/libstrongswan/plugins/chapoly/chapoly_drv_portable.c
index dfed4d53d..59962b819 100644
--- a/src/libstrongswan/plugins/chapoly/chapoly_drv_portable.c
+++ b/src/libstrongswan/plugins/chapoly/chapoly_drv_portable.c
@@ -39,30 +39,30 @@ struct private_chapoly_drv_portable_t {
/**
* ChaCha20 state matrix
*/
- u_int32_t m[16];
+ uint32_t m[16];
/**
* Poly1305 update key
*/
- u_int32_t r[5];
+ uint32_t r[5];
/**
* Poly1305 state
*/
- u_int32_t h[5];
+ uint32_t h[5];
/**
* Poly1305 finalize key
*/
- u_int32_t s[4];
+ uint32_t s[4];
};
/**
* XOR a 32-bit integer into an unaligned destination
*/
-static inline void xor32u(void *p, u_int32_t x)
+static inline void xor32u(void *p, uint32_t x)
{
- u_int32_t y;
+ uint32_t y;
memcpy(&y, p, sizeof(y));
y ^= x;
@@ -72,7 +72,7 @@ static inline void xor32u(void *p, u_int32_t x)
/**
* Multiply two 64-bit words
*/
-static inline u_int64_t mlt(u_int64_t a, u_int64_t b)
+static inline uint64_t mlt(uint64_t a, uint64_t b)
{
return a * b;
}
@@ -80,7 +80,7 @@ static inline u_int64_t mlt(u_int64_t a, u_int64_t b)
/**
* Shift a 64-bit unsigned integer v right by n bits, clamp to 32 bit
*/
-static inline u_int32_t sr(u_int64_t v, u_char n)
+static inline uint32_t sr(uint64_t v, u_char n)
{
return v >> n;
}
@@ -88,13 +88,13 @@ static inline u_int32_t sr(u_int64_t v, u_char n)
/**
* Circular left shift by n bits
*/
-static inline u_int32_t rotl32(u_int32_t v, u_char n)
+static inline uint32_t rotl32(uint32_t v, u_char n)
{
return (v << n) | (v >> (sizeof(v) * 8 - n));
}
/**
- * AND two values, using a native integer size >= sizeof(u_int32_t)
+ * AND two values, using a native integer size >= sizeof(uint32_t)
*/
static inline u_long and(u_long v, u_long mask)
{
@@ -106,8 +106,8 @@ static inline u_long and(u_long v, u_long mask)
*/
static void chacha_block_xor(private_chapoly_drv_portable_t *this, void *data)
{
- u_int32_t x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, xa, xb, xc, xd, xe, xf;
- u_int32_t *out = data;
+ uint32_t x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, xa, xb, xc, xd, xe, xf;
+ uint32_t *out = data;
u_int i;
x0 = this->m[ 0];
@@ -246,10 +246,10 @@ METHOD(chapoly_drv_t, init, bool,
METHOD(chapoly_drv_t, poly, bool,
private_chapoly_drv_portable_t *this, u_char *data, u_int blocks)
{
- u_int32_t r0, r1, r2, r3, r4;
- u_int32_t s1, s2, s3, s4;
- u_int32_t h0, h1, h2, h3, h4;
- u_int64_t d0, d1, d2, d3, d4;
+ uint32_t r0, r1, r2, r3, r4;
+ uint32_t s1, s2, s3, s4;
+ uint32_t h0, h1, h2, h3, h4;
+ uint64_t d0, d1, d2, d3, d4;
u_int i;
r0 = this->r[0];
@@ -345,10 +345,10 @@ METHOD(chapoly_drv_t, decrypt, bool,
METHOD(chapoly_drv_t, finish, bool,
private_chapoly_drv_portable_t *this, u_char *mac)
{
- u_int32_t h0, h1, h2, h3, h4;
- u_int32_t g0, g1, g2, g3, g4;
- u_int32_t mask;
- u_int64_t f = 0;
+ uint32_t h0, h1, h2, h3, h4;
+ uint32_t g0, g1, g2, g3, g4;
+ uint32_t mask;
+ uint64_t f = 0;
/* fully carry h */
h0 = this->h[0];
@@ -371,7 +371,7 @@ METHOD(chapoly_drv_t, finish, bool,
g4 = h4 + (g3 >> 26) - (1 << 26); g3 &= 0x3ffffff;
/* select h if h < p, or h + -p if h >= p */
- mask = (g4 >> ((sizeof(u_int32_t) * 8) - 1)) - 1;
+ mask = (g4 >> ((sizeof(uint32_t) * 8) - 1)) - 1;
g0 &= mask;
g1 &= mask;
g2 &= mask;
diff --git a/src/libstrongswan/plugins/chapoly/chapoly_drv_ssse3.c b/src/libstrongswan/plugins/chapoly/chapoly_drv_ssse3.c
index df88e7d77..3981ed522 100644
--- a/src/libstrongswan/plugins/chapoly/chapoly_drv_ssse3.c
+++ b/src/libstrongswan/plugins/chapoly/chapoly_drv_ssse3.c
@@ -45,30 +45,30 @@ struct private_chapoly_drv_ssse3_t {
/**
* Poly1305 update key
*/
- u_int32_t r[5];
+ uint32_t r[5];
/**
* Poly1305 update key r^2
*/
- u_int32_t u[5];
+ uint32_t u[5];
/**
* Poly1305 state
*/
- u_int32_t h[5];
+ uint32_t h[5];
/**
* Poly1305 finalize key
*/
- u_int32_t s[4];
+ uint32_t s[4];
};
/**
* Read a 32-bit integer from an unaligned address
*/
-static inline u_int32_t ru32(void *p)
+static inline uint32_t ru32(void *p)
{
- u_int32_t ret;
+ uint32_t ret;
memcpy(&ret, p, sizeof(ret));
return ret;
@@ -77,7 +77,7 @@ static inline u_int32_t ru32(void *p)
/**
* Write a 32-bit word to an unaligned address
*/
-static inline void wu32(void *p, u_int32_t v)
+static inline void wu32(void *p, uint32_t v)
{
memcpy(p, &v, sizeof(v));
}
@@ -85,13 +85,13 @@ static inline void wu32(void *p, u_int32_t v)
/**
* Shift a 64-bit unsigned integer v right by n bits, clamp to 32 bit
*/
-static inline u_int32_t sr(u_int64_t v, u_char n)
+static inline uint32_t sr(uint64_t v, u_char n)
{
return v >> n;
}
/**
- * AND two values, using a native integer size >= sizeof(u_int32_t)
+ * AND two values, using a native integer size >= sizeof(uint32_t)
*/
static inline u_long and(u_long v, u_long mask)
{
@@ -189,7 +189,7 @@ static void chacha_4block_xor(private_chapoly_drv_ssse3_t *this, void *data)
{
__m128i x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, xa, xb, xc, xd, xe, xf;
__m128i r8, r16, ctrinc, t, *out = data;
- u_int32_t *m = (u_int32_t*)this->m;
+ uint32_t *m = (uint32_t*)this->m;
u_int i;
r8 = _mm_set_epi8(14, 13, 12, 15, 10, 9, 8, 11, 6, 5, 4, 7, 2, 1, 0, 3);
@@ -364,7 +364,7 @@ METHOD(chapoly_drv_t, set_key, bool,
/**
* r[127:64] = h[95:64] * a, r[63:0] = h[31:0] * b
*/
-static inline __m128i mul2(__m128i h, u_int32_t a, u_int32_t b)
+static inline __m128i mul2(__m128i h, uint32_t a, uint32_t b)
{
return _mm_mul_epu32(h, _mm_set_epi32(0, a, 0, b));
}
@@ -374,7 +374,7 @@ static inline __m128i mul2(__m128i h, u_int32_t a, u_int32_t b)
* z = x[127:64] + x[63:0] + y[127:64] + y[63:0]
*/
static inline void sum2(__m128i a, __m128i b, __m128i x, __m128i y,
- u_int64_t *c, u_int64_t *z)
+ uint64_t *c, uint64_t *z)
{
__m128i r, s;
@@ -392,10 +392,10 @@ static inline void sum2(__m128i a, __m128i b, __m128i x, __m128i y,
* r = a[127:64] + b[127:64] + c[127:64] + d[127:64] + e[127:64]
* + a[63:0] + b[63:0] + c[63:0] + d[63:0] + e[63:0]
*/
-static inline u_int64_t sum5(__m128i a, __m128i b, __m128i c,
+static inline uint64_t sum5(__m128i a, __m128i b, __m128i c,
__m128i d, __m128i e)
{
- u_int64_t r;
+ uint64_t r;
a = _mm_add_epi64(a, b);
c = _mm_add_epi64(c, d);
@@ -414,10 +414,10 @@ static inline u_int64_t sum5(__m128i a, __m128i b, __m128i c,
static void make_u(private_chapoly_drv_ssse3_t *this)
{
__m128i r01, r23, r44, x0, x1, y0, y1, z0;
- u_int32_t r0, r1, r2, r3, r4;
- u_int32_t u0, u1, u2, u3, u4;
- u_int32_t s1, s2, s3, s4;
- u_int64_t d0, d1, d2, d3, d4;
+ uint32_t r0, r1, r2, r3, r4;
+ uint32_t u0, u1, u2, u3, u4;
+ uint32_t s1, s2, s3, s4;
+ uint64_t d0, d1, d2, d3, d4;
r0 = this->r[0];
r1 = this->r[1];
@@ -513,12 +513,12 @@ METHOD(chapoly_drv_t, init, bool,
*/
static void poly2(private_chapoly_drv_ssse3_t *this, u_char *data, u_int dblks)
{
- u_int32_t r0, r1, r2, r3, r4, u0, u1, u2, u3, u4;
- u_int32_t s1, s2, s3, s4, v1, v2, v3, v4;
+ uint32_t r0, r1, r2, r3, r4, u0, u1, u2, u3, u4;
+ uint32_t s1, s2, s3, s4, v1, v2, v3, v4;
__m128i hc0, hc1, hc2, hc3, hc4;
- u_int32_t h0, h1, h2, h3, h4;
- u_int32_t c0, c1, c2, c3, c4;
- u_int64_t d0, d1, d2, d3, d4;
+ uint32_t h0, h1, h2, h3, h4;
+ uint32_t c0, c1, c2, c3, c4;
+ uint64_t d0, d1, d2, d3, d4;
u_int i;
r0 = this->r[0];
@@ -622,13 +622,13 @@ static void poly2(private_chapoly_drv_ssse3_t *this, u_char *data, u_int dblks)
*/
static void poly1(private_chapoly_drv_ssse3_t *this, u_char *data)
{
- u_int32_t r0, r1, r2, r3, r4;
- u_int32_t s1, s2, s3, s4;
- u_int32_t h0, h1, h2, h3, h4;
- u_int64_t d0, d1, d2, d3, d4;
+ uint32_t r0, r1, r2, r3, r4;
+ uint32_t s1, s2, s3, s4;
+ uint32_t h0, h1, h2, h3, h4;
+ uint64_t d0, d1, d2, d3, d4;
__m128i h01, h23, h44;
__m128i x0, x1, y0, y1, z0;
- u_int32_t t0, t1;
+ uint32_t t0, t1;
r0 = this->r[0];
r1 = this->r[1];
@@ -764,10 +764,10 @@ METHOD(chapoly_drv_t, decrypt, bool,
METHOD(chapoly_drv_t, finish, bool,
private_chapoly_drv_ssse3_t *this, u_char *mac)
{
- u_int32_t h0, h1, h2, h3, h4;
- u_int32_t g0, g1, g2, g3, g4;
- u_int32_t mask;
- u_int64_t f = 0;
+ uint32_t h0, h1, h2, h3, h4;
+ uint32_t g0, g1, g2, g3, g4;
+ uint32_t mask;
+ uint64_t f = 0;
/* fully carry h */
h0 = this->h[0];
@@ -790,7 +790,7 @@ METHOD(chapoly_drv_t, finish, bool,
g4 = h4 + (g3 >> 26) - (1 << 26); g3 &= 0x3ffffff;
/* select h if h < p, or h + -p if h >= p */
- mask = (g4 >> ((sizeof(u_int32_t) * 8) - 1)) - 1;
+ mask = (g4 >> ((sizeof(uint32_t) * 8) - 1)) - 1;
g0 &= mask;
g1 &= mask;
g2 &= mask;
diff --git a/src/libstrongswan/plugins/cmac/Makefile.in b/src/libstrongswan/plugins/cmac/Makefile.in
index 2ffaa0662..2703dc4cc 100644
--- a/src/libstrongswan/plugins/cmac/Makefile.in
+++ b/src/libstrongswan/plugins/cmac/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/cmac
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/cmac/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/cmac/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/cmac/cmac.c b/src/libstrongswan/plugins/cmac/cmac.c
index 4f222ff4e..22f077f58 100644
--- a/src/libstrongswan/plugins/cmac/cmac.c
+++ b/src/libstrongswan/plugins/cmac/cmac.c
@@ -39,7 +39,7 @@ struct private_mac_t {
/**
* Block size, in bytes
*/
- u_int8_t b;
+ uint8_t b;
/**
* Crypter with key K
@@ -49,22 +49,22 @@ struct private_mac_t {
/**
* K1
*/
- u_int8_t *k1;
+ uint8_t *k1;
/**
* K2
*/
- u_int8_t *k2;
+ uint8_t *k2;
/**
* T
*/
- u_int8_t *t;
+ uint8_t *t;
/**
* remaining, unprocessed bytes in append mode
*/
- u_int8_t *remaining;
+ uint8_t *remaining;
/**
* number of bytes in remaining
@@ -127,7 +127,7 @@ static bool update(private_mac_t *this, chunk_t data)
/**
* process last block M_last
*/
-static bool final(private_mac_t *this, u_int8_t *out)
+static bool final(private_mac_t *this, uint8_t *out)
{
chunk_t iv;
@@ -179,7 +179,7 @@ static bool final(private_mac_t *this, u_int8_t *out)
}
METHOD(mac_t, get_mac, bool,
- private_mac_t *this, chunk_t data, u_int8_t *out)
+ private_mac_t *this, chunk_t data, uint8_t *out)
{
/* update T, do not process last block */
if (!update(this, data))
@@ -316,7 +316,7 @@ mac_t *cmac_create(encryption_algorithm_t algo, size_t key_size)
{
private_mac_t *this;
crypter_t *crypter;
- u_int8_t b;
+ uint8_t b;
crypter = lib->crypto->create_crypter(lib->crypto, algo, key_size);
if (!crypter)
diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in
index f263f7764..90fd6bd6b 100644
--- a/src/libstrongswan/plugins/constraints/Makefile.in
+++ b/src/libstrongswan/plugins/constraints/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/constraints
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/constraints/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/constraints/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in
index 9558f878e..94a7f112c 100644
--- a/src/libstrongswan/plugins/ctr/Makefile.in
+++ b/src/libstrongswan/plugins/ctr/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/ctr
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/ctr/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/ctr/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/ctr/ctr_ipsec_crypter.c b/src/libstrongswan/plugins/ctr/ctr_ipsec_crypter.c
index 59d201a6f..854030b8c 100644
--- a/src/libstrongswan/plugins/ctr/ctr_ipsec_crypter.c
+++ b/src/libstrongswan/plugins/ctr/ctr_ipsec_crypter.c
@@ -38,7 +38,7 @@ struct private_ctr_ipsec_crypter_t {
struct {
char nonce[4];
char iv[8];
- u_int32_t counter;
+ uint32_t counter;
} __attribute__((packed)) state;
};
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index 8fc366cca..5092c542c 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/curl
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/curl/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/curl/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c
index 89296677e..42ae9cdd2 100644
--- a/src/libstrongswan/plugins/curl/curl_plugin.c
+++ b/src/libstrongswan/plugins/curl/curl_plugin.c
@@ -60,7 +60,7 @@ static void add_feature_with_ssl(private_curl_plugin_t *this, const char *ssl,
char *proto, plugin_feature_t f)
{
/* http://curl.haxx.se/libcurl/c/libcurl-tutorial.html#Multi-threading */
- if (strpfx(ssl, "OpenSSL"))
+ if (strpfx(ssl, "OpenSSL") || strpfx(ssl, "LibreSSL"))
{
add_feature(this, f);
add_feature(this, PLUGIN_DEPENDS(CUSTOM, "openssl-threading"));
@@ -70,7 +70,8 @@ static void add_feature_with_ssl(private_curl_plugin_t *this, const char *ssl,
add_feature(this, f);
add_feature(this, PLUGIN_DEPENDS(CUSTOM, "gcrypt-threading"));
}
- else if (strpfx(ssl, "NSS"))
+ else if (strpfx(ssl, "NSS") ||
+ strpfx(ssl, "BoringSSL"))
{
add_feature(this, f);
}
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index 6a09d63c9..c2e49b66f 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/des
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/des/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/des/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c
index 6010f9d8b..d236bd429 100644
--- a/src/libstrongswan/plugins/des/des_crypter.c
+++ b/src/libstrongswan/plugins/des/des_crypter.c
@@ -96,7 +96,7 @@ struct private_des_crypter_t {
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
-#define DES_LONG u_int32_t
+#define DES_LONG uint32_t
#if defined(WIN32) || defined(WIN16)
#ifndef MSDOS
@@ -1420,7 +1420,7 @@ METHOD(crypter_t, decrypt, bool,
private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
{
des_cblock ivb;
- u_int8_t *out;
+ uint8_t *out;
out = data.ptr;
if (decrypted)
@@ -1439,7 +1439,7 @@ METHOD(crypter_t, encrypt, bool,
private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
{
des_cblock ivb;
- u_int8_t *out;
+ uint8_t *out;
out = data.ptr;
if (encrypted)
@@ -1456,7 +1456,7 @@ METHOD(crypter_t, encrypt, bool,
METHOD(crypter_t, decrypt_ecb, bool,
private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
{
- u_int8_t *out;
+ uint8_t *out;
out = data.ptr;
if (decrypted)
@@ -1472,7 +1472,7 @@ METHOD(crypter_t, decrypt_ecb, bool,
METHOD(crypter_t, encrypt_ecb, bool,
private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
{
- u_int8_t *out;
+ uint8_t *out;
out = data.ptr;
if (encrypted)
@@ -1489,7 +1489,7 @@ METHOD(crypter_t, decrypt3, bool,
private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
{
des_cblock ivb;
- u_int8_t *out;
+ uint8_t *out;
out = data.ptr;
if (decrypted)
@@ -1508,7 +1508,7 @@ METHOD(crypter_t, encrypt3, bool,
private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
{
des_cblock ivb;
- u_int8_t *out;
+ uint8_t *out;
out = data.ptr;
if (encrypted)
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index 55ebb3419..1481f8dd8 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/dnskey
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/dnskey/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/dnskey/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
index 71040437d..fd2471a48 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
@@ -26,10 +26,10 @@ typedef enum dnskey_algorithm_t dnskey_algorithm_t;
* Header of a DNSKEY resource record
*/
struct dnskey_rr_t {
- u_int16_t flags;
- u_int8_t protocol;
- u_int8_t algorithm;
- u_int8_t data[];
+ uint16_t flags;
+ uint8_t protocol;
+ uint8_t algorithm;
+ uint8_t data[];
} __attribute__((__packed__));
/**
diff --git a/src/libstrongswan/plugins/files/Makefile.in b/src/libstrongswan/plugins/files/Makefile.in
index 6c2e792f5..7623a9507 100644
--- a/src/libstrongswan/plugins/files/Makefile.in
+++ b/src/libstrongswan/plugins/files/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/files
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/files/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/files/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 252035ca8..7c2ae7ce5 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/fips_prf
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/fips_prf/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/fips_prf/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c
index 92977909e..47676b32f 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c
@@ -31,7 +31,7 @@ struct private_fips_prf_t {
/**
* key of prf function, "b" long
*/
- u_int8_t *key;
+ uint8_t *key;
/**
* size of "b" in bytes
@@ -46,19 +46,19 @@ struct private_fips_prf_t {
/**
* G function, either SHA1 or DES
*/
- bool (*g)(private_fips_prf_t *this, chunk_t c, u_int8_t res[]);
+ bool (*g)(private_fips_prf_t *this, chunk_t c, uint8_t res[]);
};
/**
* sum = (a + b) mod 2 ^ (length * 8)
*/
-static void add_mod(size_t length, u_int8_t a[], u_int8_t b[], u_int8_t sum[])
+static void add_mod(size_t length, uint8_t a[], uint8_t b[], uint8_t sum[])
{
int i, c = 0;
for(i = length - 1; i >= 0; i--)
{
- u_int32_t tmp;
+ uint32_t tmp;
tmp = a[i] + b[i] + c;
sum[i] = 0xff & tmp;
@@ -69,7 +69,7 @@ static void add_mod(size_t length, u_int8_t a[], u_int8_t b[], u_int8_t sum[])
/**
* calculate "chunk mod 2^(length*8)" and save it into buffer
*/
-static void chunk_mod(size_t length, chunk_t chunk, u_int8_t buffer[])
+static void chunk_mod(size_t length, chunk_t chunk, uint8_t buffer[])
{
if (chunk.len < length)
{
@@ -105,14 +105,14 @@ static void chunk_mod(size_t length, chunk_t chunk, u_int8_t buffer[])
* 0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16
*/
METHOD(prf_t, get_bytes, bool,
- private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
+ private_fips_prf_t *this, chunk_t seed, uint8_t w[])
{
int i;
- u_int8_t xval[this->b];
- u_int8_t xseed[this->b];
- u_int8_t sum[this->b];
- u_int8_t *xkey = this->key;
- u_int8_t one[this->b];
+ uint8_t xval[this->b];
+ uint8_t xseed[this->b];
+ uint8_t sum[this->b];
+ uint8_t *xkey = this->key;
+ uint8_t one[this->b];
if (!w)
{
@@ -175,9 +175,9 @@ METHOD(prf_t, set_key, bool,
/**
* Implementation of the G() function based on SHA1
*/
-static bool g_sha1(private_fips_prf_t *this, chunk_t c, u_int8_t res[])
+static bool g_sha1(private_fips_prf_t *this, chunk_t c, uint8_t res[])
{
- u_int8_t buf[64];
+ uint8_t buf[64];
if (c.len < sizeof(buf))
{
diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in
index f9c4a6950..eb4a0aef0 100644
--- a/src/libstrongswan/plugins/gcm/Makefile.in
+++ b/src/libstrongswan/plugins/gcm/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/gcm
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/gcm/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/gcm/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.c b/src/libstrongswan/plugins/gcm/gcm_aead.c
index 6e1694a34..e9a072461 100644
--- a/src/libstrongswan/plugins/gcm/gcm_aead.c
+++ b/src/libstrongswan/plugins/gcm/gcm_aead.c
@@ -67,11 +67,11 @@ struct private_gcm_aead_t {
#if ULONG_MAX == 18446744073709551615UL && defined(htobe64)
# define htobeword htobe64
# define bewordtoh be64toh
-# define SHIFT_WORD_TYPE u_int64_t
+# define SHIFT_WORD_TYPE uint64_t
#else
# define htobeword htonl
# define bewordtoh ntohl
-# define SHIFT_WORD_TYPE u_int32_t
+# define SHIFT_WORD_TYPE uint32_t
#endif
/**
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index 774c447f6..727cc2497 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/gcrypt
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -467,7 +481,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/gcrypt/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/gcrypt/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -786,6 +799,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
index a737cb13d..80a8dc90d 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c
@@ -52,7 +52,7 @@ struct private_gcrypt_crypter_t {
struct {
char nonce[4];
char iv[8];
- u_int32_t counter;
+ uint32_t counter;
} __attribute__((packed)) ctr;
};
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
index af7993101..199c1d6c9 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c
@@ -51,7 +51,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_gcrypt_hasher_t *this, chunk_t chunk, u_int8_t *hash)
+ private_gcrypt_hasher_t *this, chunk_t chunk, uint8_t *hash)
{
gcry_md_write(this->hd, chunk.ptr, chunk.len);
if (hash)
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c
index dc34a8d66..bf11758b1 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c
@@ -36,7 +36,7 @@ struct private_gcrypt_rng_t {
};
METHOD(rng_t, get_bytes, bool,
- private_gcrypt_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_gcrypt_rng_t *this, size_t bytes, uint8_t *buffer)
{
switch (this->quality)
{
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index 9a2d30192..32d5bebf0 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/gmp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/gmp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/gmp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -777,6 +790,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 052b10741..e5d418ea4 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -142,7 +142,7 @@ chunk_t gmp_mpz_to_chunk(const mpz_t value)
static void mpz_clear_sensitive(mpz_t z)
{
size_t len = mpz_size(z) * GMP_LIMB_BITS / BITS_PER_BYTE;
- u_int8_t *zeros = alloca(len);
+ uint8_t *zeros = alloca(len);
memset(zeros, 0, len);
/* overwrite mpz_t with zero bytes before clearing it */
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index 46fac4a8c..6d8a845c0 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/hmac
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/hmac/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/hmac/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c
index 96a14aed9..c777b47cd 100644
--- a/src/libstrongswan/plugins/hmac/hmac.c
+++ b/src/libstrongswan/plugins/hmac/hmac.c
@@ -38,7 +38,7 @@ struct private_mac_t {
/**
* Block size, as in RFC.
*/
- u_int8_t b;
+ uint8_t b;
/**
* Hash function.
@@ -57,7 +57,7 @@ struct private_mac_t {
};
METHOD(mac_t, get_mac, bool,
- private_mac_t *this, chunk_t data, u_int8_t *out)
+ private_mac_t *this, chunk_t data, uint8_t *out)
{
/* H(K XOR opad, H(K XOR ipad, text))
*
@@ -66,7 +66,7 @@ METHOD(mac_t, get_mac, bool,
*
*/
- u_int8_t buffer[this->h->get_hash_size(this->h)];
+ uint8_t buffer[this->h->get_hash_size(this->h)];
chunk_t inner;
if (out == NULL)
@@ -96,7 +96,7 @@ METHOD(mac_t, set_key, bool,
private_mac_t *this, chunk_t key)
{
int i;
- u_int8_t buffer[this->b];
+ uint8_t buffer[this->b];
memset(buffer, 0, this->b);
diff --git a/src/libstrongswan/plugins/keychain/Makefile.in b/src/libstrongswan/plugins/keychain/Makefile.in
index eb0bdf387..e290c807d 100644
--- a/src/libstrongswan/plugins/keychain/Makefile.in
+++ b/src/libstrongswan/plugins/keychain/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/keychain
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/keychain/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/keychain/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index 0a03fd819..429cd9e8e 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/ldap
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/ldap/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/ldap/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -771,6 +784,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index 4dbdbe020..669856c59 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/md4
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/md4/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/md4/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/md4/md4_hasher.c b/src/libstrongswan/plugins/md4/md4_hasher.c
index 06c9ec2f8..ada6c05da 100644
--- a/src/libstrongswan/plugins/md4/md4_hasher.c
+++ b/src/libstrongswan/plugins/md4/md4_hasher.c
@@ -39,7 +39,7 @@
#define S33 11
#define S34 15
-static u_int8_t PADDING[64] = {
+static uint8_t PADDING[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
@@ -65,11 +65,11 @@ static u_int8_t PADDING[64] = {
(a) = ROTATE_LEFT ((a), (s)); \
}
#define GG(a, b, c, d, x, s) { \
- (a) += G ((b), (c), (d)) + (x) + (u_int32_t)0x5a827999; \
+ (a) += G ((b), (c), (d)) + (x) + (uint32_t)0x5a827999; \
(a) = ROTATE_LEFT ((a), (s)); \
}
#define HH(a, b, c, d, x, s) { \
- (a) += H ((b), (c), (d)) + (x) + (u_int32_t)0x6ed9eba1; \
+ (a) += H ((b), (c), (d)) + (x) + (uint32_t)0x6ed9eba1; \
(a) = ROTATE_LEFT ((a), (s)); \
}
@@ -87,40 +87,40 @@ struct private_md4_hasher_t {
/*
* State of the hasher.
*/
- u_int32_t state[4];
- u_int32_t count[2];
- u_int8_t buffer[64];
+ uint32_t state[4];
+ uint32_t count[2];
+ uint8_t buffer[64];
};
#if BYTE_ORDER != LITTLE_ENDIAN
-/* Encodes input (u_int32_t) into output (u_int8_t). Assumes len is
+/* Encodes input (uint32_t) into output (uint8_t). Assumes len is
* a multiple of 4.
*/
-static void Encode (u_int8_t *output, u_int32_t *input, size_t len)
+static void Encode (uint8_t *output, uint32_t *input, size_t len)
{
size_t i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
{
- output[j] = (u_int8_t)(input[i] & 0xff);
- output[j+1] = (u_int8_t)((input[i] >> 8) & 0xff);
- output[j+2] = (u_int8_t)((input[i] >> 16) & 0xff);
- output[j+3] = (u_int8_t)((input[i] >> 24) & 0xff);
+ output[j] = (uint8_t)(input[i] & 0xff);
+ output[j+1] = (uint8_t)((input[i] >> 8) & 0xff);
+ output[j+2] = (uint8_t)((input[i] >> 16) & 0xff);
+ output[j+3] = (uint8_t)((input[i] >> 24) & 0xff);
}
}
-/* Decodes input (u_int8_t) into output (u_int32_t). Assumes len is
+/* Decodes input (uint8_t) into output (uint32_t). Assumes len is
* a multiple of 4.
*/
-static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
+static void Decode(uint32_t *output, uint8_t *input, size_t len)
{
size_t i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
{
- output[i] = ((u_int32_t)input[j]) | (((u_int32_t)input[j+1]) << 8) |
- (((u_int32_t)input[j+2]) << 16) | (((u_int32_t)input[j+3]) << 24);
+ output[i] = ((uint32_t)input[j]) | (((uint32_t)input[j+1]) << 8) |
+ (((uint32_t)input[j+2]) << 16) | (((uint32_t)input[j+3]) << 24);
}
}
@@ -132,9 +132,9 @@ static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
/*
* MD4 basic transformation. Transforms state based on block.
*/
-static void MD4Transform(u_int32_t state[4], u_int8_t block[64])
+static void MD4Transform(uint32_t state[4], uint8_t block[64])
{
- u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+ uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
Decode(x, block, 64);
@@ -202,13 +202,13 @@ static void MD4Transform(u_int32_t state[4], u_int8_t block[64])
* operation, processing another message block, and updating the
* context.
*/
-static void MD4Update(private_md4_hasher_t *this, u_int8_t *input, size_t inputLen)
+static void MD4Update(private_md4_hasher_t *this, uint8_t *input, size_t inputLen)
{
- u_int32_t i;
+ uint32_t i;
size_t index, partLen;
/* Compute number of bytes mod 64 */
- index = (u_int8_t)((this->count[0] >> 3) & 0x3F);
+ index = (uint8_t)((this->count[0] >> 3) & 0x3F);
/* Update number of bits */
if ((this->count[0] += (inputLen << 3)) < (inputLen << 3))
@@ -243,9 +243,9 @@ static void MD4Update(private_md4_hasher_t *this, u_int8_t *input, size_t inputL
/* MD4 finalization. Ends an MD4 message-digest operation, writing the
* the message digest and zeroizing the context.
*/
-static void MD4Final (private_md4_hasher_t *this, u_int8_t digest[16])
+static void MD4Final (private_md4_hasher_t *this, uint8_t digest[16])
{
- u_int8_t bits[8];
+ uint8_t bits[8];
size_t index, padLen;
/* Save number of bits */
@@ -280,7 +280,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_md4_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_md4_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
MD4Update(this, chunk.ptr, chunk.len);
if (buffer != NULL)
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index 6fc25b023..d937ca348 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/md5
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/md5/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/md5/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/md5/md5_hasher.c b/src/libstrongswan/plugins/md5/md5_hasher.c
index 99b505e58..d14c10ae5 100644
--- a/src/libstrongswan/plugins/md5/md5_hasher.c
+++ b/src/libstrongswan/plugins/md5/md5_hasher.c
@@ -42,7 +42,7 @@
#define S43 15
#define S44 21
-static u_int8_t PADDING[64] = {
+static uint8_t PADDING[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
@@ -66,22 +66,22 @@ static u_int8_t PADDING[64] = {
Rotation is separate from addition to prevent recomputation.
*/
#define FF(a, b, c, d, x, s, ac) { \
- (a) += F ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) += F ((b), (c), (d)) + (x) + (uint32_t)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
#define GG(a, b, c, d, x, s, ac) { \
- (a) += G ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) += G ((b), (c), (d)) + (x) + (uint32_t)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
#define HH(a, b, c, d, x, s, ac) { \
- (a) += H ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) += H ((b), (c), (d)) + (x) + (uint32_t)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
#define II(a, b, c, d, x, s, ac) { \
- (a) += I ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) += I ((b), (c), (d)) + (x) + (uint32_t)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
@@ -102,41 +102,41 @@ struct private_md5_hasher_t {
/*
* State of the hasher.
*/
- u_int32_t state[5];
- u_int32_t count[2];
- u_int8_t buffer[64];
+ uint32_t state[5];
+ uint32_t count[2];
+ uint8_t buffer[64];
};
#if BYTE_ORDER != LITTLE_ENDIAN
-/* Encodes input (u_int32_t) into output (u_int8_t). Assumes len is
+/* Encodes input (uint32_t) into output (uint8_t). Assumes len is
* a multiple of 4.
*/
-static void Encode (u_int8_t *output, u_int32_t *input, size_t len)
+static void Encode (uint8_t *output, uint32_t *input, size_t len)
{
size_t i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
{
- output[j] = (u_int8_t)(input[i] & 0xff);
- output[j+1] = (u_int8_t)((input[i] >> 8) & 0xff);
- output[j+2] = (u_int8_t)((input[i] >> 16) & 0xff);
- output[j+3] = (u_int8_t)((input[i] >> 24) & 0xff);
+ output[j] = (uint8_t)(input[i] & 0xff);
+ output[j+1] = (uint8_t)((input[i] >> 8) & 0xff);
+ output[j+2] = (uint8_t)((input[i] >> 16) & 0xff);
+ output[j+3] = (uint8_t)((input[i] >> 24) & 0xff);
}
}
-/* Decodes input (u_int8_t) into output (u_int32_t). Assumes len is
+/* Decodes input (uint8_t) into output (uint32_t). Assumes len is
* a multiple of 4.
*/
-static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
+static void Decode(uint32_t *output, uint8_t *input, size_t len)
{
size_t i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
{
- output[i] = ((u_int32_t)input[j]) | (((u_int32_t)input[j+1]) << 8) |
- (((u_int32_t)input[j+2]) << 16) | (((u_int32_t)input[j+3]) << 24);
+ output[i] = ((uint32_t)input[j]) | (((uint32_t)input[j+1]) << 8) |
+ (((uint32_t)input[j+2]) << 16) | (((uint32_t)input[j+3]) << 24);
}
}
@@ -147,9 +147,9 @@ static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
/* MD5 basic transformation. Transforms state based on block.
*/
-static void MD5Transform(u_int32_t state[4], u_int8_t block[64])
+static void MD5Transform(uint32_t state[4], uint8_t block[64])
{
- u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+ uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
Decode(x, block, 64);
@@ -235,13 +235,13 @@ static void MD5Transform(u_int32_t state[4], u_int8_t block[64])
* operation, processing another message block, and updating the
* context.
*/
-static void MD5Update(private_md5_hasher_t *this, u_int8_t *input, size_t inputLen)
+static void MD5Update(private_md5_hasher_t *this, uint8_t *input, size_t inputLen)
{
- u_int32_t i;
+ uint32_t i;
size_t index, partLen;
/* Compute number of bytes mod 64 */
- index = (u_int8_t)((this->count[0] >> 3) & 0x3F);
+ index = (uint8_t)((this->count[0] >> 3) & 0x3F);
/* Update number of bits */
if ((this->count[0] += (inputLen << 3)) < (inputLen << 3))
@@ -276,9 +276,9 @@ static void MD5Update(private_md5_hasher_t *this, u_int8_t *input, size_t inputL
/* MD5 finalization. Ends an MD5 message-digest operation, writing the
* the message digest and zeroizing the context.
*/
-static void MD5Final (private_md5_hasher_t *this, u_int8_t digest[16])
+static void MD5Final (private_md5_hasher_t *this, uint8_t digest[16])
{
- u_int8_t bits[8];
+ uint8_t bits[8];
size_t index, padLen;
/* Save number of bits */
@@ -313,7 +313,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_md5_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_md5_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
MD5Update(this, chunk.ptr, chunk.len);
if (buffer != NULL)
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index 17409dbc3..821dbc138 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/mysql
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/mysql/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/mysql/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/nonce/Makefile.in b/src/libstrongswan/plugins/nonce/Makefile.in
index 68be3f44a..58a27509b 100644
--- a/src/libstrongswan/plugins/nonce/Makefile.in
+++ b/src/libstrongswan/plugins/nonce/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/nonce
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/nonce/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/nonce/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/nonce/nonce_nonceg.c b/src/libstrongswan/plugins/nonce/nonce_nonceg.c
index 64ed2e08d..22c161df6 100644
--- a/src/libstrongswan/plugins/nonce/nonce_nonceg.c
+++ b/src/libstrongswan/plugins/nonce/nonce_nonceg.c
@@ -36,7 +36,7 @@ struct private_nonce_nonceg_t {
};
METHOD(nonce_gen_t, get_nonce, bool,
- private_nonce_nonceg_t *this, size_t size, u_int8_t *buffer)
+ private_nonce_nonceg_t *this, size_t size, uint8_t *buffer)
{
return this->rng->get_bytes(this->rng, size, buffer);
}
diff --git a/src/libstrongswan/plugins/ntru/Makefile.in b/src/libstrongswan/plugins/ntru/Makefile.in
index 97a70679d..fd123a118 100644
--- a/src/libstrongswan/plugins/ntru/Makefile.in
+++ b/src/libstrongswan/plugins/ntru/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/ntru
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -467,7 +481,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/ntru/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/ntru/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -788,6 +801,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.c b/src/libstrongswan/plugins/ntru/ntru_drbg.c
index ef0d3d9c8..b7a951d00 100644
--- a/src/libstrongswan/plugins/ntru/ntru_drbg.c
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.c
@@ -35,17 +35,17 @@ struct private_ntru_drbg_t {
/**
* Security strength in bits of the DRBG
*/
- u_int32_t strength;
+ uint32_t strength;
/**
* Number of requests for pseudorandom bits
*/
- u_int32_t reseed_counter;
+ uint32_t reseed_counter;
/**
* Maximum number of requests for pseudorandom bits
*/
- u_int32_t max_requests;
+ uint32_t max_requests;
/**
* True entropy source
@@ -111,7 +111,7 @@ static bool update(private_ntru_drbg_t *this, chunk_t data)
return TRUE;
}
-METHOD(ntru_drbg_t, get_strength, u_int32_t,
+METHOD(ntru_drbg_t, get_strength, uint32_t,
private_ntru_drbg_t *this)
{
return this->strength;
@@ -142,7 +142,7 @@ METHOD(ntru_drbg_t, reseed, bool,
}
METHOD(ntru_drbg_t, generate, bool,
- private_ntru_drbg_t *this, u_int32_t strength, u_int32_t len, u_int8_t *out)
+ private_ntru_drbg_t *this, uint32_t strength, uint32_t len, uint8_t *out)
{
size_t delta;
chunk_t output;
@@ -206,14 +206,14 @@ METHOD(ntru_drbg_t, destroy, void,
/*
* Described in header.
*/
-ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
+ntru_drbg_t *ntru_drbg_create(uint32_t strength, chunk_t pers_str,
rng_t *entropy)
{
private_ntru_drbg_t *this;
chunk_t seed;
signer_t *hmac;
size_t entropy_len;
- u_int32_t max_requests;
+ uint32_t max_requests;
if (strength > MAX_STRENGTH_BITS)
{
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.h b/src/libstrongswan/plugins/ntru/ntru_drbg.h
index 83cef11be..3fee1800b 100644
--- a/src/libstrongswan/plugins/ntru/ntru_drbg.h
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.h
@@ -36,7 +36,7 @@ struct ntru_drbg_t {
*
* @return configured security strength in bits
*/
- u_int32_t (*get_strength)(ntru_drbg_t *this);
+ uint32_t (*get_strength)(ntru_drbg_t *this);
/**
* Reseed the instantiated DRBG
@@ -54,8 +54,8 @@ struct ntru_drbg_t {
* @param out address of output buffer
* @return TRUE if successful
*/
- bool (*generate)(ntru_drbg_t *this, u_int32_t strength, u_int32_t len,
- u_int8_t *out);
+ bool (*generate)(ntru_drbg_t *this, uint32_t strength, uint32_t len,
+ uint8_t *out);
/**
* Get a reference on an ntru_drbg_t object increasing the count by one
@@ -77,7 +77,7 @@ struct ntru_drbg_t {
* @param pers_str personalization string
* @param entropy entropy source to use
*/
-ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
+ntru_drbg_t *ntru_drbg_create(uint32_t strength, chunk_t pers_str,
rng_t *entropy);
#endif /** NTRU_DRBG_H_ @}*/
diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c
index 3b5df81d9..efc660bed 100644
--- a/src/libstrongswan/plugins/ntru/ntru_ke.c
+++ b/src/libstrongswan/plugins/ntru/ntru_ke.c
@@ -66,7 +66,7 @@ struct private_ntru_ke_t {
/**
* Cryptographical strength in bits of the NTRU Parameter Set
*/
- u_int32_t strength;
+ uint32_t strength;
/**
* NTRU Public Key
@@ -247,7 +247,7 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p)
rng_t *entropy;
ntru_drbg_t *drbg;
char *parameter_set;
- u_int32_t strength;
+ uint32_t strength;
parameter_set = lib->settings->get_str(lib->settings,
"%s.plugins.ntru.parameter_set", "optimum", lib->ns);
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index 302016937..f453f43b5 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/openssl
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -210,12 +219,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -265,6 +276,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -299,6 +311,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -410,6 +423,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -485,7 +499,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/openssl/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/openssl/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -815,6 +828,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c
index cb02c663c..20bac6be5 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crl.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crl.c
@@ -46,6 +46,17 @@
#include <collections/enumerator.h>
#include <credentials/certificates/x509.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+static inline void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509_CRL *crl) {
+ if (psig) { *psig = crl->signature; }
+ if (palg) { *palg = crl->sig_alg; }
+}
+#define X509_REVOKED_get0_serialNumber(r) ({ (r)->serialNumber; })
+#define X509_REVOKED_get0_revocationDate(r) ({ (r)->revocationDate; })
+#define X509_CRL_get0_extensions(c) ({ (c)->crl->extensions; })
+#define X509_ALGOR_get0(oid, ppt, ppv, alg) ({ *(oid) = (alg)->algorithm; })
+#endif
+
typedef struct private_openssl_crl_t private_openssl_crl_t;
/**
@@ -141,11 +152,13 @@ METHOD(enumerator_t, crl_enumerate, bool,
revoked = sk_X509_REVOKED_value(this->stack, this->i);
if (serial)
{
- *serial = openssl_asn1_str2chunk(revoked->serialNumber);
+ *serial = openssl_asn1_str2chunk(
+ X509_REVOKED_get0_serialNumber(revoked));
}
if (date)
{
- *date = openssl_asn1_to_time(revoked->revocationDate);
+ *date = openssl_asn1_to_time(
+ X509_REVOKED_get0_revocationDate(revoked));
}
if (reason)
{
@@ -231,6 +244,7 @@ METHOD(certificate_t, issued_by, bool,
chunk_t fingerprint, tbs;
public_key_t *key;
x509_t *x509;
+ ASN1_BIT_STRING *sig;
bool valid;
if (issuer->get_type(issuer) != CERT_X509)
@@ -266,9 +280,14 @@ METHOD(certificate_t, issued_by, bool,
{
return FALSE;
}
+ /* i2d_re_X509_CRL_tbs() was added with 1.1.0 when X509_CRL became opaque */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ tbs = openssl_i2chunk(re_X509_CRL_tbs, this->crl);
+#else
tbs = openssl_i2chunk(X509_CRL_INFO, this->crl->crl);
- valid = key->verify(key, this->scheme, tbs,
- openssl_asn1_str2chunk(this->crl->signature));
+#endif
+ X509_CRL_get0_signature(&sig, NULL, this->crl);
+ valid = key->verify(key, this->scheme, tbs, openssl_asn1_str2chunk(sig));
free(tbs.ptr);
key->destroy(key);
if (valid && scheme)
@@ -448,7 +467,7 @@ static bool parse_extensions(private_openssl_crl_t *this)
X509_EXTENSION *ext;
STACK_OF(X509_EXTENSION) *extensions;
- extensions = this->crl->crl->extensions;
+ extensions = X509_CRL_get0_extensions(this->crl);
if (extensions)
{
num = sk_X509_EXTENSION_num(extensions);
@@ -494,6 +513,8 @@ static bool parse_extensions(private_openssl_crl_t *this)
static bool parse_crl(private_openssl_crl_t *this)
{
const unsigned char *ptr = this->encoding.ptr;
+ ASN1_OBJECT *oid;
+ X509_ALGOR *alg;
this->crl = d2i_X509_CRL(NULL, &ptr, this->encoding.len);
if (!this->crl)
@@ -501,14 +522,28 @@ static bool parse_crl(private_openssl_crl_t *this)
return FALSE;
}
+ X509_CRL_get0_signature(NULL, &alg, this->crl);
+ X509_ALGOR_get0(&oid, NULL, NULL, alg);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (!chunk_equals(
openssl_asn1_obj2chunk(this->crl->crl->sig_alg->algorithm),
openssl_asn1_obj2chunk(this->crl->sig_alg->algorithm)))
{
return FALSE;
}
- this->scheme = signature_scheme_from_oid(openssl_asn1_known_oid(
- this->crl->sig_alg->algorithm));
+#elif 0
+ /* FIXME: we currently can't do this if X509_CRL is opaque (>= 1.1.0) as
+ * X509_CRL_get0_tbs_sigalg() does not exist and there does not seem to be
+ * another easy way to get the algorithm from the tbsCertList of the CRL */
+ alg = X509_CRL_get0_tbs_sigalg(this->crl);
+ X509_ALGOR_get0(&oid_tbs, NULL, NULL, alg);
+ if (!chunk_equals(openssl_asn1_obj2chunk(oid),
+ openssl_asn1_obj2chunk(oid_tbs)))
+ {
+ return FALSE;
+ }
+#endif
+ this->scheme = signature_scheme_from_oid(openssl_asn1_known_oid(oid));
this->issuer = openssl_x509_name2id(X509_CRL_get_issuer(this->crl));
if (!this->issuer)
diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c
index 26f4700b8..b9085f9aa 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crypter.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c
@@ -43,7 +43,7 @@ struct private_openssl_crypter_t {
/**
* Look up an OpenSSL algorithm name and validate its key size
*/
-static char* lookup_algorithm(u_int16_t ikev2_algo, size_t *key_size)
+static char* lookup_algorithm(uint16_t ikev2_algo, size_t *key_size)
{
struct {
/* identifier specified in IKEv2 */
@@ -57,12 +57,12 @@ static char* lookup_algorithm(u_int16_t ikev2_algo, size_t *key_size)
/* maximum key size */
size_t key_max;
} mappings[] = {
- {ENCR_DES, "des", 8, 8, 8},
- {ENCR_3DES, "des3", 24, 24, 24},
- {ENCR_RC5, "rc5", 16, 5, 255},
- {ENCR_IDEA, "idea", 16, 16, 16},
- {ENCR_CAST, "cast", 16, 5, 16},
- {ENCR_BLOWFISH, "blowfish", 16, 5, 56},
+ {ENCR_DES, "des-cbc", 8, 8, 8},
+ {ENCR_3DES, "des-ede3-cbc", 24, 24, 24},
+ {ENCR_RC5, "rc5-cbc", 16, 5, 255},
+ {ENCR_IDEA, "idea-cbc", 16, 16, 16},
+ {ENCR_CAST, "cast5-cbc", 16, 5, 16},
+ {ENCR_BLOWFISH, "bf-cbc", 16, 5, 56},
};
int i;
@@ -93,8 +93,10 @@ static char* lookup_algorithm(u_int16_t ikev2_algo, size_t *key_size)
static bool crypt(private_openssl_crypter_t *this, chunk_t data, chunk_t iv,
chunk_t *dst, int enc)
{
+ EVP_CIPHER_CTX *ctx;
int len;
u_char *out;
+ bool success = FALSE;
out = data.ptr;
if (dst)
@@ -102,16 +104,19 @@ static bool crypt(private_openssl_crypter_t *this, chunk_t data, chunk_t iv,
*dst = chunk_alloc(data.len);
out = dst->ptr;
}
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- return EVP_CipherInit_ex(&ctx, this->cipher, NULL, NULL, NULL, enc) &&
- EVP_CIPHER_CTX_set_padding(&ctx, 0) /* disable padding */ &&
- EVP_CIPHER_CTX_set_key_length(&ctx, this->key.len) &&
- EVP_CipherInit_ex(&ctx, NULL, NULL, this->key.ptr, iv.ptr, enc) &&
- EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len) &&
- /* since padding is disabled this does nothing */
- EVP_CipherFinal_ex(&ctx, out + len, &len) &&
- EVP_CIPHER_CTX_cleanup(&ctx);
+ ctx = EVP_CIPHER_CTX_new();
+ if (EVP_CipherInit_ex(ctx, this->cipher, NULL, NULL, NULL, enc) &&
+ EVP_CIPHER_CTX_set_padding(ctx, 0) /* disable padding */ &&
+ EVP_CIPHER_CTX_set_key_length(ctx, this->key.len) &&
+ EVP_CipherInit_ex(ctx, NULL, NULL, this->key.ptr, iv.ptr, enc) &&
+ EVP_CipherUpdate(ctx, out, &len, data.ptr, data.len) &&
+ /* since padding is disabled this does nothing */
+ EVP_CipherFinal_ex(ctx, out + len, &len))
+ {
+ success = TRUE;
+ }
+ EVP_CIPHER_CTX_free(ctx);
+ return success;
}
METHOD(crypter_t, decrypt, bool,
@@ -129,13 +134,13 @@ METHOD(crypter_t, encrypt, bool,
METHOD(crypter_t, get_block_size, size_t,
private_openssl_crypter_t *this)
{
- return this->cipher->block_size;
+ return EVP_CIPHER_block_size(this->cipher);
}
METHOD(crypter_t, get_iv_size, size_t,
private_openssl_crypter_t *this)
{
- return this->cipher->iv_len;
+ return EVP_CIPHER_iv_length(this->cipher);
}
METHOD(crypter_t, get_key_size, size_t,
@@ -193,13 +198,13 @@ openssl_crypter_t *openssl_crypter_create(encryption_algorithm_t algo,
key_size = 16;
/* FALL */
case 16: /* AES 128 */
- this->cipher = EVP_get_cipherbyname("aes128");
+ this->cipher = EVP_get_cipherbyname("aes-128-cbc");
break;
case 24: /* AES-192 */
- this->cipher = EVP_get_cipherbyname("aes192");
+ this->cipher = EVP_get_cipherbyname("aes-192-cbc");
break;
case 32: /* AES-256 */
- this->cipher = EVP_get_cipherbyname("aes256");
+ this->cipher = EVP_get_cipherbyname("aes-256-cbc");
break;
default:
free(this);
@@ -213,13 +218,13 @@ openssl_crypter_t *openssl_crypter_create(encryption_algorithm_t algo,
key_size = 16;
/* FALL */
case 16: /* CAMELLIA 128 */
- this->cipher = EVP_get_cipherbyname("camellia128");
+ this->cipher = EVP_get_cipherbyname("camellia-128-cbc");
break;
case 24: /* CAMELLIA 192 */
- this->cipher = EVP_get_cipherbyname("camellia192");
+ this->cipher = EVP_get_cipherbyname("camellia-192-cbc");
break;
case 32: /* CAMELLIA 256 */
- this->cipher = EVP_get_cipherbyname("camellia256");
+ this->cipher = EVP_get_cipherbyname("camellia-256-cbc");
break;
default:
free(this);
diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
index 49ec48804..f08dfff7e 100644
--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
@@ -22,9 +22,17 @@
#include <openssl/dh.h>
#include "openssl_diffie_hellman.h"
+#include "openssl_util.h"
#include <utils/debug.h>
+/* these were added with 1.1.0 when DH was made opaque */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+OPENSSL_KEY_FALLBACK(DH, key, pub_key, priv_key)
+OPENSSL_KEY_FALLBACK(DH, pqg, p, q, g)
+#define DH_set_length(dh, len) ({ (dh)->length = len; 1; })
+#endif
+
typedef struct private_openssl_diffie_hellman_t private_openssl_diffie_hellman_t;
/**
@@ -65,10 +73,12 @@ struct private_openssl_diffie_hellman_t {
METHOD(diffie_hellman_t, get_my_public_value, bool,
private_openssl_diffie_hellman_t *this, chunk_t *value)
{
+ const BIGNUM *pubkey;
+
*value = chunk_alloc(DH_size(this->dh));
memset(value->ptr, 0, value->len);
- BN_bn2bin(this->dh->pub_key,
- value->ptr + value->len - BN_num_bytes(this->dh->pub_key));
+ DH_get0_key(this->dh, &pubkey, NULL);
+ BN_bn2bin(pubkey, value->ptr + value->len - BN_num_bytes(pubkey));
return TRUE;
}
@@ -116,8 +126,15 @@ METHOD(diffie_hellman_t, set_other_public_value, bool,
METHOD(diffie_hellman_t, set_private_value, bool,
private_openssl_diffie_hellman_t *this, chunk_t value)
{
- if (BN_bin2bn(value.ptr, value.len, this->dh->priv_key))
+ BIGNUM *privkey;
+
+ privkey = BN_bin2bn(value.ptr, value.len, NULL);
+ if (privkey)
{
+ if (!DH_set0_key(this->dh, NULL, privkey))
+ {
+ return FALSE;
+ }
chunk_clear(&this->shared_secret);
this->computed = FALSE;
return DH_generate_key(this->dh);
@@ -136,16 +153,29 @@ METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
*/
static status_t set_modulus(private_openssl_diffie_hellman_t *this)
{
+ BIGNUM *p, *g;
+
diffie_hellman_params_t *params = diffie_hellman_get_params(this->group);
if (!params)
{
return NOT_FOUND;
}
- this->dh->p = BN_bin2bn(params->prime.ptr, params->prime.len, NULL);
- this->dh->g = BN_bin2bn(params->generator.ptr, params->generator.len, NULL);
+ p = BN_bin2bn(params->prime.ptr, params->prime.len, NULL);
+ g = BN_bin2bn(params->generator.ptr, params->generator.len, NULL);
+ if (!DH_set0_pqg(this->dh, p, NULL, g))
+ {
+ return FAILED;
+ }
if (params->exp_len != params->prime.len)
{
- this->dh->length = params->exp_len * 8;
+#ifdef OPENSSL_IS_BORINGSSL
+ this->dh->priv_length = params->exp_len * 8;
+#else
+ if (!DH_set_length(this->dh, params->exp_len * 8))
+ {
+ return FAILED;
+ }
+#endif
}
return SUCCESS;
}
@@ -166,6 +196,7 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(
diffie_hellman_group_t group, chunk_t g, chunk_t p)
{
private_openssl_diffie_hellman_t *this;
+ const BIGNUM *privkey;
INIT(this,
.public = {
@@ -194,8 +225,12 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(
if (group == MODP_CUSTOM)
{
- this->dh->p = BN_bin2bn(p.ptr, p.len, NULL);
- this->dh->g = BN_bin2bn(g.ptr, g.len, NULL);
+ if (!DH_set0_pqg(this->dh, BN_bin2bn(p.ptr, p.len, NULL), NULL,
+ BN_bin2bn(g.ptr, g.len, NULL)))
+ {
+ destroy(this);
+ return NULL;
+ }
}
else
{
@@ -213,9 +248,8 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(
destroy(this);
return NULL;
}
- DBG2(DBG_LIB, "size of DH secret exponent: %d bits",
- BN_num_bits(this->dh->priv_key));
-
+ DH_get0_key(this->dh, NULL, &privkey);
+ DBG2(DBG_LIB, "size of DH secret exponent: %d bits", BN_num_bits(privkey));
return &this->public;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
index bc7884c99..24fe623eb 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
@@ -28,6 +28,10 @@
#include <openssl/ecdsa.h>
#include <openssl/x509.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
+#endif
+
typedef struct private_openssl_ec_private_key_t private_openssl_ec_private_key_t;
/**
@@ -59,15 +63,17 @@ bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp);
static bool build_signature(private_openssl_ec_private_key_t *this,
chunk_t hash, chunk_t *signature)
{
- bool built = FALSE;
+ const BIGNUM *r, *s;
ECDSA_SIG *sig;
+ bool built = FALSE;
sig = ECDSA_do_sign(hash.ptr, hash.len, this->ec);
if (sig)
{
+ ECDSA_SIG_get0(sig, &r, &s);
/* concatenate BNs r/s to a signature chunk */
built = openssl_bn_cat(EC_FIELD_ELEMENT_LEN(EC_KEY_get0_group(this->ec)),
- sig->r, sig->s, signature);
+ r, s, signature);
ECDSA_SIG_free(sig);
}
return built;
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
index 21dcb0120..a1e56fc5e 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
@@ -27,6 +27,10 @@
#include <openssl/ecdsa.h>
#include <openssl/x509.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+OPENSSL_KEY_FALLBACK(ECDSA_SIG, r, s)
+#endif
+
typedef struct private_openssl_ec_public_key_t private_openssl_ec_public_key_t;
/**
@@ -55,14 +59,23 @@ struct private_openssl_ec_public_key_t {
static bool verify_signature(private_openssl_ec_public_key_t *this,
chunk_t hash, chunk_t signature)
{
- bool valid = FALSE;
+ BIGNUM *r, *s;
ECDSA_SIG *sig;
+ bool valid = FALSE;
sig = ECDSA_SIG_new();
if (sig)
{
- /* split the signature chunk in r and s */
- if (openssl_bn_split(signature, sig->r, sig->s))
+ r = BN_new();
+ s = BN_new();
+ if (!openssl_bn_split(signature, r, s))
+ {
+ BN_free(r);
+ BN_free(s);
+ ECDSA_SIG_free(sig);
+ return FALSE;
+ }
+ if (ECDSA_SIG_set0(sig, r, s))
{
valid = (ECDSA_do_verify(hash.ptr, hash.len, sig, this->ec) == 1);
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c
index 147e4afb4..6bbe4af95 100644
--- a/src/libstrongswan/plugins/openssl/openssl_gcm.c
+++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c
@@ -71,7 +71,7 @@ struct private_aead_t {
static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv,
u_char *out, int enc)
{
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
u_char nonce[NONCE_LEN];
bool success = FALSE;
int len;
@@ -79,29 +79,29 @@ static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv,
memcpy(nonce, this->salt, SALT_LEN);
memcpy(nonce + SALT_LEN, iv.ptr, IV_LEN);
- EVP_CIPHER_CTX_init(&ctx);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
- if (!EVP_CipherInit_ex(&ctx, this->cipher, NULL, NULL, NULL, enc) ||
- !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, NONCE_LEN, NULL) ||
- !EVP_CipherInit_ex(&ctx, NULL, NULL, this->key.ptr, nonce, enc))
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
+ if (!EVP_CipherInit_ex(ctx, this->cipher, NULL, NULL, NULL, enc) ||
+ !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, NONCE_LEN, NULL) ||
+ !EVP_CipherInit_ex(ctx, NULL, NULL, this->key.ptr, nonce, enc))
{
goto done;
}
- if (!enc && !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, this->icv_size,
+ if (!enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, this->icv_size,
data.ptr + data.len))
{ /* set ICV for verification on decryption */
goto done;
}
- if (assoc.len && !EVP_CipherUpdate(&ctx, NULL, &len, assoc.ptr, assoc.len))
+ if (assoc.len && !EVP_CipherUpdate(ctx, NULL, &len, assoc.ptr, assoc.len))
{ /* set AAD if specified */
goto done;
}
- if (!EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len) ||
- !EVP_CipherFinal_ex(&ctx, out + len, &len))
+ if (!EVP_CipherUpdate(ctx, out, &len, data.ptr, data.len) ||
+ !EVP_CipherFinal_ex(ctx, out + len, &len))
{ /* EVP_CipherFinal_ex fails if ICV is incorrect on decryption */
goto done;
}
- if (enc && !EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, this->icv_size,
+ if (enc && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, this->icv_size,
out + data.len))
{ /* copy back the ICV when encrypting */
goto done;
@@ -109,7 +109,7 @@ static bool crypt(private_aead_t *this, chunk_t data, chunk_t assoc, chunk_t iv,
success = TRUE;
done:
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return success;
}
@@ -152,7 +152,7 @@ METHOD(aead_t, decrypt, bool,
METHOD(aead_t, get_block_size, size_t,
private_aead_t *this)
{
- return this->cipher->block_size;
+ return EVP_CIPHER_block_size(this->cipher);
}
METHOD(aead_t, get_icv_size, size_t,
diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c
index 50b14698b..96ee230c9 100644
--- a/src/libstrongswan/plugins/openssl/openssl_hasher.c
+++ b/src/libstrongswan/plugins/openssl/openssl_hasher.c
@@ -43,7 +43,7 @@ struct private_openssl_hasher_t {
METHOD(hasher_t, get_hash_size, size_t,
private_openssl_hasher_t *this)
{
- return this->hasher->md_size;
+ return EVP_MD_size(this->hasher);
}
METHOD(hasher_t, reset, bool,
@@ -53,7 +53,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_openssl_hasher_t *this, chunk_t chunk, u_int8_t *hash)
+ private_openssl_hasher_t *this, chunk_t chunk, uint8_t *hash)
{
if (EVP_DigestUpdate(this->ctx, chunk.ptr, chunk.len) != 1)
{
diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac.c b/src/libstrongswan/plugins/openssl/openssl_hmac.c
index 065187a8c..16e707116 100644
--- a/src/libstrongswan/plugins/openssl/openssl_hmac.c
+++ b/src/libstrongswan/plugins/openssl/openssl_hmac.c
@@ -68,7 +68,14 @@ struct private_mac_t {
/**
* Current HMAC context
*/
- HMAC_CTX hmac;
+ HMAC_CTX *hmac;
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ /**
+ * Static context for OpenSSL < 1.1.0
+ */
+ HMAC_CTX hmac_ctx;
+#endif
/**
* Key set on HMAC_CTX?
@@ -80,28 +87,28 @@ METHOD(mac_t, set_key, bool,
private_mac_t *this, chunk_t key)
{
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- if (HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL))
+ if (HMAC_Init_ex(this->hmac, key.ptr, key.len, this->hasher, NULL))
{
this->key_set = TRUE;
return TRUE;
}
return FALSE;
#else /* OPENSSL_VERSION_NUMBER < 1.0 */
- HMAC_Init_ex(&this->hmac, key.ptr, key.len, this->hasher, NULL);
+ HMAC_Init_ex(this->hmac, key.ptr, key.len, this->hasher, NULL);
this->key_set = TRUE;
return TRUE;
#endif
}
METHOD(mac_t, get_mac, bool,
- private_mac_t *this, chunk_t data, u_int8_t *out)
+ private_mac_t *this, chunk_t data, uint8_t *out)
{
if (!this->key_set)
{
return FALSE;
}
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- if (!HMAC_Update(&this->hmac, data.ptr, data.len))
+ if (!HMAC_Update(this->hmac, data.ptr, data.len))
{
return FALSE;
}
@@ -109,17 +116,17 @@ METHOD(mac_t, get_mac, bool,
{
return TRUE;
}
- if (!HMAC_Final(&this->hmac, out, NULL))
+ if (!HMAC_Final(this->hmac, out, NULL))
{
return FALSE;
}
#else /* OPENSSL_VERSION_NUMBER < 1.0 */
- HMAC_Update(&this->hmac, data.ptr, data.len);
+ HMAC_Update(this->hmac, data.ptr, data.len);
if (out == NULL)
{
return TRUE;
}
- HMAC_Final(&this->hmac, out, NULL);
+ HMAC_Final(this->hmac, out, NULL);
#endif
return set_key(this, chunk_empty);
}
@@ -133,7 +140,11 @@ METHOD(mac_t, get_mac_size, size_t,
METHOD(mac_t, destroy, void,
private_mac_t *this)
{
- HMAC_CTX_cleanup(&this->hmac);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ HMAC_CTX_free(this->hmac);
+#else
+ HMAC_CTX_cleanup(&this->hmac_ctx);
+#endif
free(this);
}
@@ -167,7 +178,12 @@ static mac_t *hmac_create(hash_algorithm_t algo)
return NULL;
}
- HMAC_CTX_init(&this->hmac);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ this->hmac = HMAC_CTX_new();
+#else
+ HMAC_CTX_init(&this->hmac_ctx);
+ this->hmac = &this->hmac_ctx;
+#endif
return &this->public;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs12.c b/src/libstrongswan/plugins/openssl/openssl_pkcs12.c
index d16b2cc05..705e96c69 100644
--- a/src/libstrongswan/plugins/openssl/openssl_pkcs12.c
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs12.c
@@ -23,6 +23,10 @@
#include <library.h>
#include <credentials/sets/mem_cred.h>
+#ifdef OPENSSL_IS_BORINGSSL
+#define EVP_PKEY_base_id(p) EVP_PKEY_type(p->type)
+#endif
+
typedef struct private_pkcs12_t private_pkcs12_t;
/**
@@ -110,7 +114,7 @@ static bool add_key(private_pkcs12_t *this, EVP_PKEY *private)
{ /* no private key is ok */
return TRUE;
}
- switch (EVP_PKEY_type(private->type))
+ switch (EVP_PKEY_base_id(private))
{
case EVP_PKEY_RSA:
type = KEY_RSA;
diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
index 891e829ae..5752d96de 100644
--- a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
@@ -29,6 +29,10 @@
#include <openssl/cms.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define X509_ATTRIBUTE_get0_object(attr) ({ (attr)->object; })
+#endif
+
typedef struct private_openssl_pkcs7_t private_openssl_pkcs7_t;
/**
@@ -432,11 +436,11 @@ METHOD(pkcs7_t, get_attribute, bool,
for (i = 0; i < CMS_signed_get_attr_count(si); i++)
{
attr = CMS_signed_get_attr(si, i);
- if (!attr->single && sk_ASN1_TYPE_num(attr->value.set) == 1 &&
- openssl_asn1_known_oid(attr->object) == oid)
+ if (X509_ATTRIBUTE_count(attr) == 1 &&
+ openssl_asn1_known_oid(X509_ATTRIBUTE_get0_object(attr)) == oid)
{
/* get first value in SET */
- type = sk_ASN1_TYPE_value(attr->value.set, 0);
+ type = X509_ATTRIBUTE_get0_type(attr, 0);
chunk = wrapped = openssl_i2chunk(ASN1_TYPE, type);
if (asn1_unwrap(&chunk, &chunk) != 0x100 /* ASN1_INVALID */)
{
@@ -503,7 +507,7 @@ static bool decrypt_symmetric(private_openssl_pkcs7_t *this, chunk_t key,
chunk_t iv;
size_t key_size;
- /* read encryption algorithm from interal structures; TODO fixup */
+ /* read encryption algorithm from internal structures; TODO fixup */
alg = this->cms->envelopedData->encryptedContentInfo->
contentEncryptionAlgorithm;
encr = encryption_algorithm_from_oid(openssl_asn1_known_oid(alg->algorithm),
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index aeb9be409..3e3b986df 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -66,6 +66,11 @@ struct private_openssl_plugin_t {
};
/**
+ * OpenSSL is thread-safe since 1.1.0
+ */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+/**
* Array of static mutexs, with CRYPTO_num_locks() mutex
*/
static mutex_t **mutex = NULL;
@@ -227,6 +232,14 @@ static void threading_cleanup()
cleanup->destroy(cleanup);
}
+#else /* OPENSSL_VERSION_NUMBER */
+
+#define threading_init()
+
+#define threading_cleanup()
+
+#endif
+
/**
* Seed the OpenSSL RNG, if required
*/
@@ -502,8 +515,14 @@ METHOD(plugin_t, get_features, int,
METHOD(plugin_t, destroy, void,
private_openssl_plugin_t *this)
{
+/* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we
+ * can't call it as we couldn't re-initialize the library (as required by the
+ * unit tests and the Android app) */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef OPENSSL_IS_BORINGSSL
CONF_modules_free();
OBJ_cleanup();
+#endif
EVP_cleanup();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
@@ -511,6 +530,7 @@ METHOD(plugin_t, destroy, void,
CRYPTO_cleanup_all_ex_data();
threading_cleanup();
ERR_free_strings();
+#endif /* OPENSSL_VERSION_NUMBER */
free(this);
}
@@ -553,10 +573,23 @@ plugin_t *openssl_plugin_create()
},
);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ /* note that we can't call OPENSSL_cleanup() when the plugin is destroyed
+ * as we couldn't initialize the library again afterwards */
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG |
+ OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
+#else /* OPENSSL_VERSION_NUMBER */
threading_init();
-
+#ifndef OPENSSL_IS_BORINGSSL
OPENSSL_config(NULL);
+#endif
OpenSSL_add_all_algorithms();
+#ifndef OPENSSL_NO_ENGINE
+ /* activate support for hardware accelerators */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+#endif /* OPENSSL_NO_ENGINE */
+#endif /* OPENSSL_VERSION_NUMBER */
#ifdef OPENSSL_FIPS
/* we do this here as it may have been enabled via openssl.conf */
@@ -565,12 +598,6 @@ plugin_t *openssl_plugin_create()
"openssl FIPS mode(%d) - %sabled ", fips_mode, fips_mode ? "en" : "dis");
#endif /* OPENSSL_FIPS */
-#ifndef OPENSSL_NO_ENGINE
- /* activate support for hardware accelerators */
- ENGINE_load_builtin_engines();
- ENGINE_register_all_complete();
-#endif /* OPENSSL_NO_ENGINE */
-
if (!seed_rng())
{
DBG1(DBG_CFG, "no RNG found to seed OpenSSL");
diff --git a/src/libstrongswan/plugins/openssl/openssl_rng.c b/src/libstrongswan/plugins/openssl/openssl_rng.c
index c807bb607..a25b6b4b6 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rng.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rng.c
@@ -47,15 +47,8 @@ struct private_openssl_rng_t {
};
METHOD(rng_t, get_bytes, bool,
- private_openssl_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_openssl_rng_t *this, size_t bytes, uint8_t *buffer)
{
- if (this->quality == RNG_WEAK)
- {
- /* RAND_pseudo_bytes() returns 1 if returned bytes are strong,
- * 0 if of not. Both is acceptable for RNG_WEAK. */
- return RAND_pseudo_bytes((char*)buffer, bytes) != -1;
- }
- /* A 0 return value is a failure for RAND_bytes() */
return RAND_bytes((char*)buffer, bytes) == 1;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index de02f302d..485e0bbc7 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -20,6 +20,7 @@
#include "openssl_rsa_private_key.h"
#include "openssl_rsa_public_key.h"
+#include "openssl_util.h"
#include <utils/debug.h>
@@ -35,6 +36,12 @@
*/
#define PUBLIC_EXPONENT 0x10001
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+OPENSSL_KEY_FALLBACK(RSA, key, n, e, d)
+OPENSSL_KEY_FALLBACK(RSA, factors, p, q)
+OPENSSL_KEY_FALLBACK(RSA, crt_params, dmp1, dmq1, iqmp)
+#endif
+
typedef struct private_openssl_rsa_private_key_t private_openssl_rsa_private_key_t;
/**
@@ -436,22 +443,38 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type,
}
else if (n.ptr && e.ptr && d.ptr && p.ptr && q.ptr && coeff.ptr)
{
+ BIGNUM *bn_n, *bn_e, *bn_d, *bn_p, *bn_q;
+ BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
+
this->rsa = RSA_new();
- this->rsa->n = BN_bin2bn((const u_char*)n.ptr, n.len, NULL);
- this->rsa->e = BN_bin2bn((const u_char*)e.ptr, e.len, NULL);
- this->rsa->d = BN_bin2bn((const u_char*)d.ptr, d.len, NULL);
- this->rsa->p = BN_bin2bn((const u_char*)p.ptr, p.len, NULL);
- this->rsa->q = BN_bin2bn((const u_char*)q.ptr, q.len, NULL);
+
+ bn_n = BN_bin2bn((const u_char*)n.ptr, n.len, NULL);
+ bn_e = BN_bin2bn((const u_char*)e.ptr, e.len, NULL);
+ bn_d = BN_bin2bn((const u_char*)d.ptr, d.len, NULL);
+ if (!RSA_set0_key(this->rsa, bn_n, bn_e, bn_d))
+ {
+ destroy(this);
+ return NULL;
+
+ }
+ bn_p = BN_bin2bn((const u_char*)p.ptr, p.len, NULL);
+ bn_q = BN_bin2bn((const u_char*)q.ptr, q.len, NULL);
+ if (!RSA_set0_factors(this->rsa, bn_p, bn_q))
+ {
+ destroy(this);
+ return NULL;
+ }
if (exp1.ptr)
{
- this->rsa->dmp1 = BN_bin2bn((const u_char*)exp1.ptr, exp1.len, NULL);
+ dmp1 = BN_bin2bn((const u_char*)exp1.ptr, exp1.len, NULL);
}
if (exp2.ptr)
{
- this->rsa->dmq1 = BN_bin2bn((const u_char*)exp2.ptr, exp2.len, NULL);
+ dmq1 = BN_bin2bn((const u_char*)exp2.ptr, exp2.len, NULL);
}
- this->rsa->iqmp = BN_bin2bn((const u_char*)coeff.ptr, coeff.len, NULL);
- if (RSA_check_key(this->rsa) == 1)
+ iqmp = BN_bin2bn((const u_char*)coeff.ptr, coeff.len, NULL);
+ if (RSA_set0_crt_params(this->rsa, dmp1, dmq1, iqmp) &&
+ RSA_check_key(this->rsa) == 1)
{
return &this->public;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index db928569f..d66d5016e 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -28,6 +28,10 @@
#include <openssl/rsa.h>
#include <openssl/x509.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+OPENSSL_KEY_FALLBACK(RSA, key, n, e, d)
+#endif
+
typedef struct private_openssl_rsa_public_key_t private_openssl_rsa_public_key_t;
/**
@@ -224,11 +228,13 @@ bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp)
break;
default:
{
+ const BIGNUM *bn_n, *bn_e;
chunk_t n = chunk_empty, e = chunk_empty;
bool success = FALSE;
- if (openssl_bn2chunk(rsa->n, &n) &&
- openssl_bn2chunk(rsa->e, &e))
+ RSA_get0_key(rsa, &bn_n, &bn_e, NULL);
+ if (openssl_bn2chunk(bn_n, &n) &&
+ openssl_bn2chunk(bn_e, &e))
{
success = lib->encoding->encode(lib->encoding, type, rsa, fp,
CRED_PART_RSA_MODULUS, n,
@@ -297,10 +303,12 @@ METHOD(public_key_t, get_encoding, bool,
}
default:
{
+ const BIGNUM *bn_n, *bn_e;
chunk_t n = chunk_empty, e = chunk_empty;
- if (openssl_bn2chunk(this->rsa->n, &n) &&
- openssl_bn2chunk(this->rsa->e, &e))
+ RSA_get0_key(this->rsa, &bn_n, &bn_e, NULL);
+ if (openssl_bn2chunk(bn_n, &n) &&
+ openssl_bn2chunk(bn_e, &e))
{
success = lib->encoding->encode(lib->encoding, type, NULL,
encoding, CRED_PART_RSA_MODULUS, n,
@@ -416,10 +424,15 @@ openssl_rsa_public_key_t *openssl_rsa_public_key_load(key_type_t type,
}
else if (n.ptr && e.ptr && type == KEY_RSA)
{
+ BIGNUM *bn_n, *bn_e;
+
this->rsa = RSA_new();
- this->rsa->n = BN_bin2bn((const u_char*)n.ptr, n.len, NULL);
- this->rsa->e = BN_bin2bn((const u_char*)e.ptr, e.len, NULL);
- return &this->public;
+ bn_n = BN_bin2bn((const u_char*)n.ptr, n.len, NULL);
+ bn_e = BN_bin2bn((const u_char*)e.ptr, e.len, NULL);
+ if (RSA_set0_key(this->rsa, bn_n, bn_e, NULL))
+ {
+ return &this->public;
+ }
}
destroy(this);
return NULL;
diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
index 446c93e2b..f6df03f12 100644
--- a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
+++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
@@ -40,7 +40,7 @@ struct private_openssl_sha1_prf_t {
};
METHOD(prf_t, get_bytes, bool,
- private_openssl_sha1_prf_t *this, chunk_t seed, u_int8_t *bytes)
+ private_openssl_sha1_prf_t *this, chunk_t seed, uint8_t *bytes)
{
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
if (!SHA1_Update(&this->ctx, seed.ptr, seed.len))
@@ -53,7 +53,7 @@ METHOD(prf_t, get_bytes, bool,
if (bytes)
{
- u_int32_t *hash = (u_int32_t*)bytes;
+ uint32_t *hash = (uint32_t*)bytes;
hash[0] = htonl(this->ctx.h0);
hash[1] = htonl(this->ctx.h1);
diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c
index 2f9813701..6580e1c7d 100644
--- a/src/libstrongswan/plugins/openssl/openssl_util.c
+++ b/src/libstrongswan/plugins/openssl/openssl_util.c
@@ -22,6 +22,12 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
+/* these were added with 1.1.0 when ASN1_OBJECT was made opaque */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define OBJ_get0_data(o) ((o)->data)
+#define OBJ_length(o) ((o)->length)
+#endif
+
/**
* Described in header.
*/
@@ -51,7 +57,7 @@ bool openssl_hash_chunk(int hash_type, chunk_t data, chunk_t *hash)
goto error;
}
- *hash = chunk_alloc(hasher->md_size);
+ *hash = chunk_alloc(EVP_MD_size(hasher));
if (!EVP_DigestFinal_ex(ctx, hash->ptr, NULL))
{
chunk_free(hash);
@@ -70,7 +76,8 @@ error:
/**
* Described in header.
*/
-bool openssl_bn_cat(int len, BIGNUM *a, BIGNUM *b, chunk_t *chunk)
+bool openssl_bn_cat(const int len, const BIGNUM *a, const BIGNUM *b,
+ chunk_t *chunk)
{
int offset;
@@ -127,7 +134,7 @@ bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b)
/**
* Described in header.
*/
-bool openssl_bn2chunk(BIGNUM *bn, chunk_t *chunk)
+bool openssl_bn2chunk(const BIGNUM *bn, chunk_t *chunk)
{
*chunk = chunk_alloc(BN_num_bytes(bn));
if (BN_bn2bin(bn, chunk->ptr) == chunk->len)
@@ -149,7 +156,7 @@ chunk_t openssl_asn1_obj2chunk(ASN1_OBJECT *asn1)
{
if (asn1)
{
- return chunk_create((u_char*)asn1->data, asn1->length);
+ return chunk_create((u_char*)OBJ_get0_data(asn1), OBJ_length(asn1));
}
return chunk_empty;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_util.h b/src/libstrongswan/plugins/openssl/openssl_util.h
index 2db073139..f4186e8c4 100644
--- a/src/libstrongswan/plugins/openssl/openssl_util.h
+++ b/src/libstrongswan/plugins/openssl/openssl_util.h
@@ -60,7 +60,8 @@ bool openssl_hash_chunk(int hash_type, chunk_t data, chunk_t *hash);
* @param chunk resulting chunk
* @return TRUE on success, FALSE otherwise
*/
-bool openssl_bn_cat(int len, BIGNUM *a, BIGNUM *b, chunk_t *chunk);
+bool openssl_bn_cat(const int len, const BIGNUM *a, const BIGNUM *b,
+ chunk_t *chunk);
/**
* Splits a chunk into two bignums of equal binary length.
@@ -80,7 +81,7 @@ bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b);
* @param chunk the chunk (data gets allocated)
* @return TRUE on success, FALSE otherwise
*/
-bool openssl_bn2chunk(BIGNUM *bn, chunk_t *chunk);
+bool openssl_bn2chunk(const BIGNUM *bn, chunk_t *chunk);
/**
* Allocate a chunk using the i2d function of a given object
@@ -134,4 +135,42 @@ int openssl_asn1_known_oid(ASN1_OBJECT *obj);
*/
time_t openssl_asn1_to_time(ASN1_TIME *time);
+/**
+ * Macros to define fallback getters/setters to access keys (BIGNUM*) for types
+ * that were made opaque with OpenSSL 1.1.0.
+ */
+#define OPENSSL_KEY_FALLBACK(...) VA_ARGS_DISPATCH(OPENSSL_KEY_FALLBACK, __VA_ARGS__)(__VA_ARGS__)
+#define OPENSSL_KEY_FALLBACK3(type, k1, k2) \
+__attribute__((unused)) \
+static inline void type##_get0(const type *o, const BIGNUM **k1, const BIGNUM **k2) { \
+ if (k1) *k1 = o->k1; \
+ if (k2) *k2 = o->k2; } \
+__attribute__((unused)) \
+static inline int type##_set0(type *o, BIGNUM *k1, BIGNUM *k2) { \
+ if (k1) { BN_clear_free(o->k1); o->k1 = k1; } \
+ if (k2) { BN_clear_free(o->k2); o->k2 = k2; } \
+ return 1; }
+#define OPENSSL_KEY_FALLBACK4(type, name, k1, k2) \
+__attribute__((unused)) \
+static inline void type##_get0_##name(const type *o, const BIGNUM **k1, const BIGNUM **k2) { \
+ if (k1) *k1 = o->k1; \
+ if (k2) *k2 = o->k2; } \
+__attribute__((unused)) \
+static inline int type##_set0_##name(type *o, BIGNUM *k1, BIGNUM *k2) { \
+ if (k1) { BN_clear_free(o->k1); o->k1 = k1; } \
+ if (k2) { BN_clear_free(o->k2); o->k2 = k2; } \
+ return 1; }
+#define OPENSSL_KEY_FALLBACK5(type, name, k1, k2, k3) \
+__attribute__((unused)) \
+static inline void type##_get0_##name(const type *o, const BIGNUM **k1, const BIGNUM **k2, const BIGNUM **k3) { \
+ if (k1) *k1 = o->k1; \
+ if (k2) *k2 = o->k2; \
+ if (k3) *k3 = o->k3; } \
+__attribute__((unused)) \
+static inline int type##_set0_##name(type *o, BIGNUM *k1, BIGNUM *k2, BIGNUM *k3) { \
+ if (k1) { BN_clear_free(o->k1); o->k1 = k1; } \
+ if (k2) { BN_clear_free(o->k2); o->k2 = k2; } \
+ if (k3) { BN_clear_free(o->k3); o->k3 = k3; } \
+ return 1; }
+
#endif /** OPENSSL_UTIL_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index 7a5b206dd..e95eb729b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -60,6 +60,25 @@
#define OPENSSL_NO_RFC3779
#endif
+/* added with 1.0.2 */
+#if OPENSSL_VERSION_NUMBER < 0x10002000L
+static inline void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, const X509 *x) {
+ if (psig) { *psig = x->signature; }
+ if (palg) { *palg = x->sig_alg; }
+}
+#endif
+
+/* added with 1.1.0 when X509 etc. was made opaque */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define X509_get0_extensions(x509) ({ (x509)->cert_info->extensions; })
+#define X509_get0_tbs_sigalg(x509) ({ (x509)->cert_info->signature; })
+#define X509_ALGOR_get0(oid, ppt, ppv, alg) ({ *(oid) = (alg)->algorithm; })
+#define X509_PUBKEY_get0_param(oid, pk, len, pa, pub) X509_ALGOR_get0(oid, NULL, NULL, (pub)->algor)
+#define X509v3_addr_get_afi v3_addr_get_afi
+#define X509v3_addr_get_range v3_addr_get_range
+#define X509v3_addr_is_canonical v3_addr_is_canonical
+#endif
+
typedef struct private_openssl_x509_t private_openssl_x509_t;
/**
@@ -380,6 +399,7 @@ METHOD(certificate_t, issued_by, bool,
public_key_t *key;
bool valid;
x509_t *x509 = (x509_t*)issuer;
+ ASN1_BIT_STRING *sig;
chunk_t tbs;
if (&this->public.x509.interface == issuer)
@@ -413,9 +433,14 @@ METHOD(certificate_t, issued_by, bool,
{
return FALSE;
}
+ /* i2d_re_X509_tbs() was added with 1.1.0 when X509 was made opaque */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ tbs = openssl_i2chunk(re_X509_tbs, this->x509);
+#else
tbs = openssl_i2chunk(X509_CINF, this->x509->cert_info);
- valid = key->verify(key, this->scheme, tbs,
- openssl_asn1_str2chunk(this->x509->signature));
+#endif
+ X509_get0_signature(&sig, NULL, this->x509);
+ valid = key->verify(key, this->scheme, tbs, openssl_asn1_str2chunk(sig));
free(tbs.ptr);
key->destroy(key);
if (valid && scheme)
@@ -850,7 +875,7 @@ static void parse_ipAddrBlock_ext_fam(private_openssl_x509_t *this,
return;
}
- afi = v3_addr_get_afi(fam);
+ afi = X509v3_addr_get_afi(fam);
switch (afi)
{
case IANA_AFI_IPV4:
@@ -871,7 +896,7 @@ static void parse_ipAddrBlock_ext_fam(private_openssl_x509_t *this,
for (i = 0; i < sk_IPAddressOrRange_num(list); i++)
{
aor = sk_IPAddressOrRange_value(list, i);
- if (v3_addr_get_range(aor, afi, from.ptr, to.ptr, from.len) > 0)
+ if (X509v3_addr_get_range(aor, afi, from.ptr, to.ptr, from.len) > 0)
{
ts = traffic_selector_create_from_bytes(0, type, from, 0, to, 65535);
if (ts)
@@ -897,7 +922,7 @@ static bool parse_ipAddrBlock_ext(private_openssl_x509_t *this,
return FALSE;
}
- if (!v3_addr_is_canonical(blocks))
+ if (!X509v3_addr_is_canonical(blocks))
{
sk_IPAddressFamily_free(blocks);
return FALSE;
@@ -964,7 +989,7 @@ static bool parse_extensions(private_openssl_x509_t *this)
STACK_OF(X509_EXTENSION) *extensions;
int i, num;
- extensions = this->x509->cert_info->extensions;
+ extensions = X509_get0_extensions(this->x509);
if (extensions)
{
num = sk_X509_EXTENSION_num(extensions);
@@ -1041,6 +1066,8 @@ static bool parse_certificate(private_openssl_x509_t *this)
const unsigned char *ptr = this->encoding.ptr;
hasher_t *hasher;
chunk_t chunk;
+ ASN1_OBJECT *oid, *oid_tbs;
+ X509_ALGOR *alg;
this->x509 = d2i_X509(NULL, &ptr, this->encoding.len);
if (!this->x509)
@@ -1057,7 +1084,12 @@ static bool parse_certificate(private_openssl_x509_t *this)
this->subject = openssl_x509_name2id(X509_get_subject_name(this->x509));
this->issuer = openssl_x509_name2id(X509_get_issuer_name(this->x509));
- switch (openssl_asn1_known_oid(this->x509->cert_info->key->algor->algorithm))
+ if (!X509_PUBKEY_get0_param(&oid, NULL, NULL, NULL,
+ X509_get_X509_PUBKEY(this->x509)))
+ {
+ return FALSE;
+ }
+ switch (openssl_asn1_known_oid(oid))
{
case OID_RSA_ENCRYPTION:
this->pubkey = lib->creds->create(lib->creds,
@@ -1086,14 +1118,18 @@ static bool parse_certificate(private_openssl_x509_t *this)
this->notBefore = openssl_asn1_to_time(X509_get_notBefore(this->x509));
this->notAfter = openssl_asn1_to_time(X509_get_notAfter(this->x509));
- if (!chunk_equals(
- openssl_asn1_obj2chunk(this->x509->cert_info->signature->algorithm),
- openssl_asn1_obj2chunk(this->x509->sig_alg->algorithm)))
+ /* while X509_ALGOR_cmp() is declared in the headers of older OpenSSL
+ * versions, at least on Ubuntu 14.04 it is not actually defined */
+ X509_get0_signature(NULL, &alg, this->x509);
+ X509_ALGOR_get0(&oid, NULL, NULL, alg);
+ alg = X509_get0_tbs_sigalg(this->x509);
+ X509_ALGOR_get0(&oid_tbs, NULL, NULL, alg);
+ if (!chunk_equals(openssl_asn1_obj2chunk(oid),
+ openssl_asn1_obj2chunk(oid_tbs)))
{
return FALSE;
}
- this->scheme = signature_scheme_from_oid(openssl_asn1_known_oid(
- this->x509->sig_alg->algorithm));
+ this->scheme = signature_scheme_from_oid(openssl_asn1_known_oid(oid));
if (!parse_extensions(this))
{
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 2d6006bca..e1cf497c8 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/padlock
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -462,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/padlock/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/padlock/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -778,6 +791,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.c b/src/libstrongswan/plugins/padlock/padlock_rng.c
index 517914ab5..6b337d82c 100644
--- a/src/libstrongswan/plugins/padlock/padlock_rng.c
+++ b/src/libstrongswan/plugins/padlock/padlock_rng.c
@@ -81,7 +81,7 @@ METHOD(rng_t, allocate_bytes, bool,
}
METHOD(rng_t, get_bytes, bool,
- private_padlock_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_padlock_rng_t *this, size_t bytes, uint8_t *buffer)
{
chunk_t chunk;
diff --git a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c
index 4489b902a..107ade09b 100644
--- a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c
+++ b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c
@@ -54,9 +54,9 @@ static void padlock_sha1(int len, u_char *in, u_char *out)
/**
* sha1() a buffer of data into digest
*/
-static void sha1(chunk_t data, u_int32_t *digest)
+static void sha1(chunk_t data, uint32_t *digest)
{
- u_int32_t hash[128] PADLOCK_ALIGN;
+ uint32_t hash[128] PADLOCK_ALIGN;
hash[0] = 0x67452301;
hash[1] = 0xefcdab89;
@@ -91,18 +91,18 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_padlock_sha1_hasher_t *this, chunk_t chunk, u_int8_t *hash)
+ private_padlock_sha1_hasher_t *this, chunk_t chunk, uint8_t *hash)
{
if (hash)
{
if (this->data.len)
{
append_data(this, chunk);
- sha1(this->data, (u_int32_t*)hash);
+ sha1(this->data, (uint32_t*)hash);
}
else
{ /* hash directly if no previous data found */
- sha1(chunk, (u_int32_t*)hash);
+ sha1(chunk, (uint32_t*)hash);
}
reset(this);
}
diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in
index 16dfbed3a..3e6b8d0bb 100644
--- a/src/libstrongswan/plugins/pem/Makefile.in
+++ b/src/libstrongswan/plugins/pem/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pem
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pem/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pem/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c
index f0e508abf..719a2a69e 100644
--- a/src/libstrongswan/plugins/pem/pem_builder.c
+++ b/src/libstrongswan/plugins/pem/pem_builder.c
@@ -93,7 +93,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
chunk_t hash;
chunk_t decrypted;
chunk_t key = {alloca(key_size), key_size};
- u_int8_t padding, *last_padding_pos, *first_padding_pos;
+ uint8_t padding, *last_padding_pos, *first_padding_pos;
/* build key from passphrase and IV */
hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index a55877952..e9c85e57f 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pgp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pgp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pgp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -778,6 +791,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c
index 152e83aaa..fe0be45d9 100644
--- a/src/libstrongswan/plugins/pgp/pgp_builder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_builder.c
@@ -26,7 +26,7 @@
*/
static public_key_t *parse_public_key(chunk_t blob)
{
- u_int32_t alg;
+ uint32_t alg;
public_key_t *key;
if (!pgp_read_scalar(&blob, 1, &alg))
@@ -74,7 +74,7 @@ static public_key_t *parse_rsa_public_key(chunk_t blob)
static private_key_t *parse_rsa_private_key(chunk_t blob)
{
chunk_t mpi[6];
- u_int32_t s2k;
+ uint32_t s2k;
int i;
for (i = 0; i < 2; i++)
@@ -143,7 +143,7 @@ static private_key_t *parse_private_key(chunk_t blob)
{
chunk_t packet;
pgp_packet_tag_t tag;
- u_int32_t version, created, days, alg;
+ uint32_t version, created, days, alg;
private_key_t *key;
if (!pgp_read_packet(&blob, &packet, &tag))
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c
index 89d7094ad..0ffce4cfc 100644
--- a/src/libstrongswan/plugins/pgp/pgp_cert.c
+++ b/src/libstrongswan/plugins/pgp/pgp_cert.c
@@ -40,17 +40,17 @@ struct private_pgp_cert_t {
/**
* version of the public key
*/
- u_int32_t version;
+ uint32_t version;
/**
* creation time
*/
- u_int32_t created;
+ uint32_t created;
/**
* days the certificate is valid
*/
- u_int32_t valid;
+ uint32_t valid;
/**
* userid of the certificate
@@ -349,7 +349,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
*/
static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
{
- u_int32_t version, len, type, created;
+ uint32_t version, len, type, created;
if (!pgp_read_scalar(&packet, 1, &version))
{
diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c
index bb15627fd..283bf8c36 100644
--- a/src/libstrongswan/plugins/pgp/pgp_utils.c
+++ b/src/libstrongswan/plugins/pgp/pgp_utils.c
@@ -73,9 +73,9 @@ ENUM_END(pgp_packet_tag_names, PGP_PKT_MOD_DETECT_CODE);
/**
* Read a PGP scalar of bytes length, advance blob
*/
-bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar)
+bool pgp_read_scalar(chunk_t *blob, size_t bytes, uint32_t *scalar)
{
- u_int32_t res = 0;
+ uint32_t res = 0;
if (bytes > blob->len)
{
@@ -96,7 +96,7 @@ bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar)
*/
bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi)
{
- u_int32_t bits, bytes;
+ uint32_t bits, bytes;
if (!pgp_read_scalar(blob, 2, &bits))
{
@@ -117,7 +117,7 @@ bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi)
/**
* Read length of an PGP old packet length encoding
*/
-static bool pgp_old_packet_length(chunk_t *blob, u_int32_t *length)
+static bool pgp_old_packet_length(chunk_t *blob, uint32_t *length)
{
/* bits 0 and 1 define the packet length type */
u_char type;
@@ -141,7 +141,7 @@ static bool pgp_old_packet_length(chunk_t *blob, u_int32_t *length)
*/
bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag)
{
- u_int32_t len;
+ uint32_t len;
u_char t;
if (!blob->len)
diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.h b/src/libstrongswan/plugins/pgp/pgp_utils.h
index 203a0a85d..180292a7a 100644
--- a/src/libstrongswan/plugins/pgp/pgp_utils.h
+++ b/src/libstrongswan/plugins/pgp/pgp_utils.h
@@ -115,7 +115,7 @@ bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi);
* @param scalar resultin scalar
* @return TRUE if scalar parsed successfully
*/
-bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar);
+bool pgp_read_scalar(chunk_t *blob, size_t bytes, uint32_t *scalar);
/**
* Parse a PGP packet.
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in
index a265818b0..a61eb1ab2 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pkcs1
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs1/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs1/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in
index f4bded41a..61919e3dd 100644
--- a/src/libstrongswan/plugins/pkcs11/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs11/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pkcs11
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs11/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs11/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -790,6 +803,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c b/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c
index 80079b9a9..847f03115 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c
@@ -146,7 +146,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_pkcs11_hasher_t *this, chunk_t chunk, u_int8_t *hash)
+ private_pkcs11_hasher_t *this, chunk_t chunk, uint8_t *hash)
{
CK_RV rv;
CK_ULONG len;
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
index bfc545972..aec4550ce 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
@@ -295,13 +295,19 @@ METHOD(private_key_t, sign, bool,
case SIGN_ECDSA_WITH_SHA256_DER:
case SIGN_ECDSA_WITH_SHA384_DER:
case SIGN_ECDSA_WITH_SHA512_DER:
- /* return an ASN.1 encoded sequence of integers r and s */
+ {
+ chunk_t r, s;
+
+ /* return an ASN.1 encoded sequence of integers r and s, removing
+ * any zero-padding */
len /= 2;
+ r = chunk_skip_zero(chunk_create(buf, len));
+ s = chunk_skip_zero(chunk_create(buf+len, len));
*signature = asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_integer("c", chunk_create(buf, len)),
- asn1_integer("c", chunk_create(buf+len, len)));
+ asn1_integer("c", r), asn1_integer("c", s));
free(buf);
break;
+ }
default:
*signature = chunk_create(buf, len);
break;
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c
index d18028b45..753835187 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c
@@ -44,7 +44,7 @@ struct private_pkcs11_rng_t {
};
METHOD(rng_t, get_bytes, bool,
- private_pkcs11_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_pkcs11_rng_t *this, size_t bytes, uint8_t *buffer)
{
CK_RV rv;
rv = this->lib->f->C_GenerateRandom(this->session, buffer, bytes);
diff --git a/src/libstrongswan/plugins/pkcs12/Makefile.in b/src/libstrongswan/plugins/pkcs12/Makefile.in
index 7fd31583b..02b7d2902 100644
--- a/src/libstrongswan/plugins/pkcs12/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs12/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pkcs12
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs12/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs12/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c b/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c
index 4441b278f..82fc0c0b9 100644
--- a/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c
+++ b/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c
@@ -324,7 +324,7 @@ end:
* Verify the given MAC with available passwords.
*/
static bool verify_mac(hash_algorithm_t hash, chunk_t salt,
- u_int64_t iterations, chunk_t data, chunk_t mac)
+ uint64_t iterations, chunk_t data, chunk_t mac)
{
integrity_algorithm_t integ;
enumerator_t *enumerator;
@@ -450,7 +450,7 @@ static bool parse_PFX(private_pkcs12_t *this, chunk_t blob)
data = chunk_empty;
hash_algorithm_t hash = HASH_UNKNOWN;
container_t *container = NULL;
- u_int64_t iterations = 0;
+ uint64_t iterations = 0;
bool success = FALSE;
parser = asn1_parser_create(PFXObjects, blob);
diff --git a/src/libstrongswan/plugins/pkcs7/Makefile.in b/src/libstrongswan/plugins/pkcs7/Makefile.in
index 5fc439b99..5a758aa14 100644
--- a/src/libstrongswan/plugins/pkcs7/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs7/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pkcs7
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -204,12 +213,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -259,6 +270,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -293,6 +305,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -404,6 +417,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -466,7 +480,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs7/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs7/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -785,6 +798,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/pkcs8/Makefile.in b/src/libstrongswan/plugins/pkcs8/Makefile.in
index 162868af5..92f751a61 100644
--- a/src/libstrongswan/plugins/pkcs8/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs8/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pkcs8
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs8/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pkcs8/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -772,6 +785,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c
index 0ea5eeaf8..4c92c412c 100644
--- a/src/libstrongswan/plugins/plugin_feature.c
+++ b/src/libstrongswan/plugins/plugin_feature.c
@@ -57,7 +57,7 @@ ENUM(plugin_feature_names, FEATURE_NONE, FEATURE_CUSTOM,
/**
* See header.
*/
-u_int32_t plugin_feature_hash(plugin_feature_t *feature)
+uint32_t plugin_feature_hash(plugin_feature_t *feature)
{
chunk_t data = chunk_empty;
diff --git a/src/libstrongswan/plugins/plugin_feature.h b/src/libstrongswan/plugins/plugin_feature.h
index 03f1ba8cc..ee7808a94 100644
--- a/src/libstrongswan/plugins/plugin_feature.h
+++ b/src/libstrongswan/plugins/plugin_feature.h
@@ -362,7 +362,7 @@ static inline void plugin_features_add(plugin_feature_t *features,
* @param feature feature to hash
* @return hash value of the feature
*/
-u_int32_t plugin_feature_hash(plugin_feature_t *feature);
+uint32_t plugin_feature_hash(plugin_feature_t *feature);
/**
* Check if feature a matches to feature b.
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index 01d0495be..5787eac00 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -1024,6 +1024,15 @@ static int plugin_priority_cmp(const plugin_priority_t *a,
return diff;
}
+/**
+ * Convert enumerated plugin_priority_t to a plugin name
+ */
+static bool plugin_priority_filter(void *null, plugin_priority_t **prio,
+ char **name)
+{
+ *name = (*prio)->name;
+ return TRUE;
+}
/**
* Determine the list of plugins to load via load option in each plugin's
@@ -1036,12 +1045,7 @@ static char *modular_pluginlist(char *list)
plugin_priority_t item, *current, found;
char *plugin, *plugins = NULL;
int i = 0, max_prio;
-
- if (!lib->settings->get_bool(lib->settings, "%s.load_modular", FALSE,
- lib->ns))
- {
- return list;
- }
+ bool load_def = FALSE;
given = array_create(sizeof(plugin_priority_t), 0);
final = array_create(sizeof(plugin_priority_t), 0);
@@ -1058,16 +1062,26 @@ static char *modular_pluginlist(char *list)
/* the maximum priority used for plugins not found in this list */
max_prio = i + 1;
- enumerator = lib->settings->create_section_enumerator(lib->settings,
+ if (lib->settings->get_bool(lib->settings, "%s.load_modular", FALSE,
+ lib->ns))
+ {
+ enumerator = lib->settings->create_section_enumerator(lib->settings,
"%s.plugins", lib->ns);
+ }
+ else
+ {
+ enumerator = enumerator_create_filter(array_create_enumerator(given),
+ (void*)plugin_priority_filter, NULL, NULL);
+ load_def = TRUE;
+ }
while (enumerator->enumerate(enumerator, &plugin))
{
item.prio = lib->settings->get_int(lib->settings,
- "%s.plugins.%s.load", 0, lib->ns, plugin);
+ "%s.plugins.%s.load", 0, lib->ns, plugin);
if (!item.prio)
{
if (!lib->settings->get_bool(lib->settings,
- "%s.plugins.%s.load", FALSE, lib->ns, plugin))
+ "%s.plugins.%s.load", load_def, lib->ns, plugin))
{
continue;
}
@@ -1083,7 +1097,6 @@ static char *modular_pluginlist(char *list)
array_insert(final, ARRAY_TAIL, &item);
}
enumerator->destroy(enumerator);
- array_destroy_function(given, (void*)plugin_priority_free, NULL);
array_sort(final, (void*)plugin_priority_cmp, NULL);
@@ -1100,6 +1113,7 @@ static char *modular_pluginlist(char *list)
free(prev);
}
enumerator->destroy(enumerator);
+ array_destroy_function(given, (void*)plugin_priority_free, NULL);
array_destroy(final);
return plugins;
}
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index 007bdbd00..c5decc3a4 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/pubkey
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pubkey/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/pubkey/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index f6dc73e09..b78e62732 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/random
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/random/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/random/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c
index 177b3c2e5..3760630ab 100644
--- a/src/libstrongswan/plugins/random/random_rng.c
+++ b/src/libstrongswan/plugins/random/random_rng.c
@@ -41,7 +41,7 @@ struct private_random_rng_t {
};
METHOD(rng_t, get_bytes, bool,
- private_random_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_random_rng_t *this, size_t bytes, uint8_t *buffer)
{
size_t done;
ssize_t got;
diff --git a/src/libstrongswan/plugins/rc2/Makefile.in b/src/libstrongswan/plugins/rc2/Makefile.in
index b9fc8bdf6..51f6a17a7 100644
--- a/src/libstrongswan/plugins/rc2/Makefile.in
+++ b/src/libstrongswan/plugins/rc2/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/rc2
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/rc2/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/rc2/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/rc2/rc2_crypter.c b/src/libstrongswan/plugins/rc2/rc2_crypter.c
index 256acf817..d9681e834 100644
--- a/src/libstrongswan/plugins/rc2/rc2_crypter.c
+++ b/src/libstrongswan/plugins/rc2/rc2_crypter.c
@@ -19,11 +19,11 @@ typedef struct private_rc2_crypter_t private_rc2_crypter_t;
#define RC2_BLOCK_SIZE 8
-#define ROL16(x, k) ({ u_int16_t _x = (x); (_x << (k)) | (_x >> (16 - (k))); })
-#define ROR16(x, k) ({ u_int16_t _x = (x); (_x >> (k)) | (_x << (16 - (k))); })
+#define ROL16(x, k) ({ uint16_t _x = (x); (_x << (k)) | (_x >> (16 - (k))); })
+#define ROR16(x, k) ({ uint16_t _x = (x); (_x >> (k)) | (_x << (16 - (k))); })
-#define GET16(x) ({ u_char *_x = (x); (u_int16_t)_x[0] | ((u_int16_t)_x[1] << 8); })
-#define PUT16(x, v) ({ u_char *_x = (x); u_int16_t _v = (v); _x[0] = _v, _x[1] = _v >> 8; })
+#define GET16(x) ({ u_char *_x = (x); (uint16_t)_x[0] | ((uint16_t)_x[1] << 8); })
+#define PUT16(x, v) ({ u_char *_x = (x); uint16_t _v = (v); _x[0] = _v, _x[1] = _v >> 8; })
/**
* Private data of rc2_crypter_t
@@ -38,7 +38,7 @@ struct private_rc2_crypter_t {
/**
* The expanded key in 16-bit words
*/
- u_int16_t K[64];
+ uint16_t K[64];
/**
* Key size in bytes
@@ -95,7 +95,7 @@ static const u_char PITABLE[256] =
*/
static void encrypt_block(private_rc2_crypter_t *this, u_char R[])
{
- register u_int16_t R0, R1, R2, R3, *Kj;
+ register uint16_t R0, R1, R2, R3, *Kj;
int rounds = 3, mix = 5;
R0 = GET16(R);
@@ -139,7 +139,7 @@ static void encrypt_block(private_rc2_crypter_t *this, u_char R[])
*/
static void decrypt_block(private_rc2_crypter_t *this, u_char R[])
{
- register u_int16_t R0, R1, R2, R3, *Kj;
+ register uint16_t R0, R1, R2, R3, *Kj;
int rounds = 3, mix = 5;
R0 = GET16(R);
@@ -185,7 +185,7 @@ static void decrypt_block(private_rc2_crypter_t *this, u_char R[])
METHOD(crypter_t, decrypt, bool,
private_rc2_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
{
- u_int8_t *in, *out, *prev;
+ uint8_t *in, *out, *prev;
if (data.len % RC2_BLOCK_SIZE || iv.len != RC2_BLOCK_SIZE)
{
@@ -222,7 +222,7 @@ METHOD(crypter_t, decrypt, bool,
METHOD(crypter_t, encrypt, bool,
private_rc2_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
{
- u_int8_t *in, *out, *end, *prev;
+ uint8_t *in, *out, *end, *prev;
if (data.len % RC2_BLOCK_SIZE || iv.len != RC2_BLOCK_SIZE)
{
@@ -273,7 +273,7 @@ METHOD(crypter_t, get_key_size, size_t,
METHOD(crypter_t, set_key, bool,
private_rc2_crypter_t *this, chunk_t key)
{
- u_int8_t L[128], T8, TM, idx;
+ uint8_t L[128], T8, TM, idx;
int i;
if (key.len != this->T)
diff --git a/src/libstrongswan/plugins/rdrand/Makefile.in b/src/libstrongswan/plugins/rdrand/Makefile.in
index f6bdf9c59..ff853b691 100644
--- a/src/libstrongswan/plugins/rdrand/Makefile.in
+++ b/src/libstrongswan/plugins/rdrand/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/rdrand
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/rdrand/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/rdrand/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/rdrand/rdrand_rng.c b/src/libstrongswan/plugins/rdrand/rdrand_rng.c
index fa66f3ad7..b7225b6a2 100644
--- a/src/libstrongswan/plugins/rdrand/rdrand_rng.c
+++ b/src/libstrongswan/plugins/rdrand/rdrand_rng.c
@@ -54,7 +54,7 @@ struct private_rdrand_rng_t {
/**
* Get a two byte word using RDRAND
*/
-static bool rdrand16(u_int16_t *out)
+static bool rdrand16(uint16_t *out)
{
u_char res;
int i;
@@ -76,7 +76,7 @@ static bool rdrand16(u_int16_t *out)
/**
* Get a four byte word using RDRAND
*/
-static bool rdrand32(u_int32_t *out)
+static bool rdrand32(uint32_t *out)
{
u_char res;
int i;
@@ -99,7 +99,7 @@ static bool rdrand32(u_int32_t *out)
/**
* Get a eight byte word using RDRAND
*/
-static bool rdrand64(u_int64_t *out)
+static bool rdrand64(uint64_t *out)
{
u_char res;
int i;
@@ -122,9 +122,9 @@ static bool rdrand64(u_int64_t *out)
/**
* Get a one byte word using RDRAND
*/
-static bool rdrand8(u_int8_t *out)
+static bool rdrand8(uint8_t *out)
{
- u_int16_t u16;
+ uint16_t u16;
if (!rdrand16(&u16))
{
@@ -141,15 +141,15 @@ static bool rdrand128(void *out)
{
#ifdef __x86_64__
if (!rdrand64(out) ||
- !rdrand64(out + sizeof(u_int64_t)))
+ !rdrand64(out + sizeof(uint64_t)))
{
return FALSE;
}
#else /* __i386__ */
if (!rdrand32(out) ||
- !rdrand32(out + 1 * sizeof(u_int32_t)) ||
- !rdrand32(out + 2 * sizeof(u_int32_t)) ||
- !rdrand32(out + 3 * sizeof(u_int32_t)))
+ !rdrand32(out + 1 * sizeof(uint32_t)) ||
+ !rdrand32(out + 2 * sizeof(uint32_t)) ||
+ !rdrand32(out + 3 * sizeof(uint32_t)))
{
return FALSE;
}
@@ -165,9 +165,9 @@ static bool reseed()
int i;
#ifdef __x86_64__
- u_int64_t tmp;
+ uint64_t tmp;
- for (i = 0; i < 511 * 16 / sizeof(u_int64_t); i++)
+ for (i = 0; i < 511 * 16 / sizeof(uint64_t); i++)
{
if (!rdrand64(&tmp))
{
@@ -175,9 +175,9 @@ static bool reseed()
}
}
#else /* __i386__ */
- u_int32_t tmp;
+ uint32_t tmp;
- for (i = 0; i < 511 * 16 / sizeof(u_int32_t); i++)
+ for (i = 0; i < 511 * 16 / sizeof(uint32_t); i++)
{
if (!rdrand32(&tmp))
{
@@ -202,48 +202,48 @@ static bool rdrand_chunk(private_rdrand_rng_t *this, chunk_t chunk)
}
/* align to 2 byte */
- if (chunk.len >= sizeof(u_int8_t))
+ if (chunk.len >= sizeof(uint8_t))
{
if ((uintptr_t)chunk.ptr % 2)
{
- if (!rdrand8((u_int8_t*)chunk.ptr))
+ if (!rdrand8((uint8_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int8_t));
+ chunk = chunk_skip(chunk, sizeof(uint8_t));
}
}
/* align to 4 byte */
- if (chunk.len >= sizeof(u_int16_t))
+ if (chunk.len >= sizeof(uint16_t))
{
if ((uintptr_t)chunk.ptr % 4)
{
- if (!rdrand16((u_int16_t*)chunk.ptr))
+ if (!rdrand16((uint16_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int16_t));
+ chunk = chunk_skip(chunk, sizeof(uint16_t));
}
}
#ifdef __x86_64__
/* align to 8 byte */
- if (chunk.len >= sizeof(u_int32_t))
+ if (chunk.len >= sizeof(uint32_t))
{
if ((uintptr_t)chunk.ptr % 8)
{
- if (!rdrand32((u_int32_t*)chunk.ptr))
+ if (!rdrand32((uint32_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int32_t));
+ chunk = chunk_skip(chunk, sizeof(uint32_t));
}
}
/* fill with 8 byte words */
- while (chunk.len >= sizeof(u_int64_t))
+ while (chunk.len >= sizeof(uint64_t))
{
if (this->quality == RNG_STRONG && chunk.len % FORCE_RESEED == 0)
{
@@ -252,27 +252,27 @@ static bool rdrand_chunk(private_rdrand_rng_t *this, chunk_t chunk)
return FALSE;
}
}
- if (!rdrand64((u_int64_t*)chunk.ptr))
+ if (!rdrand64((uint64_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int64_t));
+ chunk = chunk_skip(chunk, sizeof(uint64_t));
}
/* append 4 byte word */
- if (chunk.len >= sizeof(u_int32_t))
+ if (chunk.len >= sizeof(uint32_t))
{
- if (!rdrand32((u_int32_t*)chunk.ptr))
+ if (!rdrand32((uint32_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int32_t));
+ chunk = chunk_skip(chunk, sizeof(uint32_t));
}
#else /* __i386__ */
/* fill with 4 byte words */
- while (chunk.len >= sizeof(u_int32_t))
+ while (chunk.len >= sizeof(uint32_t))
{
if (this->quality == RNG_STRONG && chunk.len % FORCE_RESEED == 0)
{
@@ -281,11 +281,11 @@ static bool rdrand_chunk(private_rdrand_rng_t *this, chunk_t chunk)
return FALSE;
}
}
- if (!rdrand32((u_int32_t*)chunk.ptr))
+ if (!rdrand32((uint32_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int32_t));
+ chunk = chunk_skip(chunk, sizeof(uint32_t));
}
#endif /* __x86_64__ / __i386__ */
@@ -299,23 +299,23 @@ static bool rdrand_chunk(private_rdrand_rng_t *this, chunk_t chunk)
}
/* append 2 byte word */
- if (chunk.len >= sizeof(u_int16_t))
+ if (chunk.len >= sizeof(uint16_t))
{
- if (!rdrand16((u_int16_t*)chunk.ptr))
+ if (!rdrand16((uint16_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int16_t));
+ chunk = chunk_skip(chunk, sizeof(uint16_t));
}
/* append 1 byte word */
- if (chunk.len >= sizeof(u_int8_t))
+ if (chunk.len >= sizeof(uint8_t))
{
- if (!rdrand8((u_int8_t*)chunk.ptr))
+ if (!rdrand8((uint8_t*)chunk.ptr))
{
return FALSE;
}
- chunk = chunk_skip(chunk, sizeof(u_int8_t));
+ chunk = chunk_skip(chunk, sizeof(uint8_t));
}
return TRUE;
@@ -378,7 +378,7 @@ static bool rdrand_mixed(private_rdrand_rng_t *this, chunk_t chunk)
}
METHOD(rng_t, get_bytes, bool,
- private_rdrand_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_rdrand_rng_t *this, size_t bytes, uint8_t *buffer)
{
switch (this->quality)
{
diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in
index 4c7f2723b..e6ce51936 100644
--- a/src/libstrongswan/plugins/revocation/Makefile.in
+++ b/src/libstrongswan/plugins/revocation/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/revocation
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/revocation/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/revocation/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -774,6 +787,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index 1de07d754..14d3430a6 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/sha1
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -458,7 +472,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/sha1/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/sha1/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/sha1/sha1_hasher.c b/src/libstrongswan/plugins/sha1/sha1_hasher.c
index b51a26152..fca65dfa2 100644
--- a/src/libstrongswan/plugins/sha1/sha1_hasher.c
+++ b/src/libstrongswan/plugins/sha1/sha1_hasher.c
@@ -59,20 +59,20 @@ struct private_sha1_hasher_t {
/*
* State of the hasher. Shared with sha1_prf.c, do not change it!!!
*/
- u_int32_t state[5];
- u_int32_t count[2];
- u_int8_t buffer[64];
+ uint32_t state[5];
+ uint32_t count[2];
+ uint8_t buffer[64];
};
/*
* Hash a single 512-bit block. This is the core of the algorithm. *
*/
-static void SHA1Transform(u_int32_t state[5], const unsigned char buffer[64])
+static void SHA1Transform(uint32_t state[5], const unsigned char buffer[64])
{
- u_int32_t a, b, c, d, e;
+ uint32_t a, b, c, d, e;
typedef union {
- u_int8_t c[64];
- u_int32_t l[16];
+ uint8_t c[64];
+ uint32_t l[16];
} CHAR64LONG16;
CHAR64LONG16 block[1]; /* use array to appear as a pointer */
memcpy(block, buffer, 64);
@@ -118,10 +118,10 @@ static void SHA1Transform(u_int32_t state[5], const unsigned char buffer[64])
/**
* Run your data through this. Also used in sha1_prf.
*/
-void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len)
+void SHA1Update(private_sha1_hasher_t* this, uint8_t *data, uint32_t len)
{
- u_int32_t i;
- u_int32_t j;
+ uint32_t i;
+ uint32_t j;
j = this->count[0];
if ((this->count[0] += len << 3) < j)
@@ -151,15 +151,15 @@ void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len)
/*
* Add padding and return the message digest.
*/
-static void SHA1Final(private_sha1_hasher_t *this, u_int8_t *digest)
+static void SHA1Final(private_sha1_hasher_t *this, uint8_t *digest)
{
- u_int32_t i;
- u_int8_t finalcount[8];
- u_int8_t c;
+ uint32_t i;
+ uint8_t finalcount[8];
+ uint8_t c;
for (i = 0; i < 8; i++)
{
- finalcount[i] = (u_int8_t)((this->count[(i >= 4 ? 0 : 1)]
+ finalcount[i] = (uint8_t)((this->count[(i >= 4 ? 0 : 1)]
>> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
}
c = 0200;
@@ -172,7 +172,7 @@ static void SHA1Final(private_sha1_hasher_t *this, u_int8_t *digest)
SHA1Update(this, finalcount, 8); /* Should cause a SHA1Transform() */
for (i = 0; i < 20; i++)
{
- digest[i] = (u_int8_t)((this->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+ digest[i] = (uint8_t)((this->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
}
}
@@ -191,7 +191,7 @@ METHOD(hasher_t, reset, bool,
}
METHOD(hasher_t, get_hash, bool,
- private_sha1_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_sha1_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
SHA1Update(this, chunk.ptr, chunk.len);
if (buffer != NULL)
diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.c b/src/libstrongswan/plugins/sha1/sha1_prf.c
index cc4924a80..464f4c9ec 100644
--- a/src/libstrongswan/plugins/sha1/sha1_prf.c
+++ b/src/libstrongswan/plugins/sha1/sha1_prf.c
@@ -33,9 +33,9 @@ struct private_sha1_hasher_t {
/*
* State of the hasher. From sha1_hasher.c, do not change it!
*/
- u_int32_t state[5];
- u_int32_t count[2];
- u_int8_t buffer[64];
+ uint32_t state[5];
+ uint32_t count[2];
+ uint8_t buffer[64];
};
/**
@@ -57,12 +57,12 @@ struct private_sha1_prf_t {
/**
* From sha1_hasher.c
*/
-extern void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len);
+extern void SHA1Update(private_sha1_hasher_t* this, uint8_t *data, uint32_t len);
METHOD(prf_t, get_bytes, bool,
- private_sha1_prf_t *this, chunk_t seed, u_int8_t *bytes)
+ private_sha1_prf_t *this, chunk_t seed, uint8_t *bytes)
{
- u_int32_t *hash = (u_int32_t*)bytes;
+ uint32_t *hash = (uint32_t*)bytes;
SHA1Update(this->hasher, seed.ptr, seed.len);
@@ -98,14 +98,14 @@ METHOD(prf_t, set_key, bool,
private_sha1_prf_t *this, chunk_t key)
{
int i, rounds;
- u_int32_t *iv = (u_int32_t*)key.ptr;
+ uint32_t *iv = (uint32_t*)key.ptr;
if (!this->hasher->public.hasher_interface.reset(
&this->hasher->public.hasher_interface))
{
return FALSE;
}
- rounds = min(key.len/sizeof(u_int32_t), sizeof(this->hasher->state));
+ rounds = min(key.len/sizeof(uint32_t), sizeof(this->hasher->state));
for (i = 0; i < rounds; i++)
{
this->hasher->state[i] ^= htonl(iv[i]);
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index d4af8fbcf..de341503b 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/sha2
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/sha2/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/sha2/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/sha2/sha2_hasher.c b/src/libstrongswan/plugins/sha2/sha2_hasher.c
index 1c6dd2533..89e7675e3 100644
--- a/src/libstrongswan/plugins/sha2/sha2_hasher.c
+++ b/src/libstrongswan/plugins/sha2/sha2_hasher.c
@@ -33,9 +33,9 @@ struct private_sha512_hasher_t {
sha2_hasher_t public;
unsigned char sha_out[128]; /* results are here, bytes 0..47/0..63 */
- u_int64_t sha_H[8];
- u_int64_t sha_blocks;
- u_int64_t sha_blocksMSB;
+ uint64_t sha_H[8];
+ uint64_t sha_blocks;
+ uint64_t sha_blocksMSB;
int sha_bufCnt;
};
@@ -52,23 +52,23 @@ struct private_sha256_hasher_t {
sha2_hasher_t public;
unsigned char sha_out[64]; /* results are here, bytes 0...31 */
- u_int32_t sha_H[8];
- u_int64_t sha_blocks;
+ uint32_t sha_H[8];
+ uint64_t sha_blocks;
int sha_bufCnt;
};
-static const u_int32_t sha224_hashInit[8] = {
+static const uint32_t sha224_hashInit[8] = {
0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511,
0x64f98fa7, 0xbefa4fa4
};
-static const u_int32_t sha256_hashInit[8] = {
+static const uint32_t sha256_hashInit[8] = {
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c,
0x1f83d9ab, 0x5be0cd19
};
-static const u_int32_t sha256_K[64] = {
+static const uint32_t sha256_K[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
@@ -82,19 +82,19 @@ static const u_int32_t sha256_K[64] = {
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};
-static const u_int64_t sha512_hashInit[8] = {
+static const uint64_t sha512_hashInit[8] = {
0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL,
0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
};
-static const u_int64_t sha384_hashInit[8] = {
+static const uint64_t sha384_hashInit[8] = {
0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL,
0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL,
0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL
};
-static const u_int64_t sha512_K[80] = {
+static const uint64_t sha512_K[80] = {
0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL,
@@ -143,14 +143,14 @@ static void sha256_transform(private_sha256_hasher_t *ctx,
const unsigned char *datap)
{
register int j;
- u_int32_t a, b, c, d, e, f, g, h;
- u_int32_t T1, T2, W[64], Wm2, Wm15;
+ uint32_t a, b, c, d, e, f, g, h;
+ uint32_t T1, T2, W[64], Wm2, Wm15;
/* read the data, big endian byte order */
j = 0;
do {
- W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) |
- (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3]));
+ W[j] = (((uint32_t)(datap[0]))<<24) | (((uint32_t)(datap[1]))<<16) |
+ (((uint32_t)(datap[2]))<<8 ) | ((uint32_t)(datap[3]));
datap += 4;
} while(++j < 16);
@@ -229,8 +229,8 @@ static void sha256_write(private_sha256_hasher_t *ctx,
static void sha256_final(private_sha256_hasher_t *ctx)
{
register int j;
- u_int64_t bitLength;
- u_int32_t i;
+ uint64_t bitLength;
+ uint32_t i;
unsigned char padByte, *datap;
bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3);
@@ -287,16 +287,16 @@ static void sha512_transform(private_sha512_hasher_t *ctx,
const unsigned char *datap)
{
register int j;
- u_int64_t a, b, c, d, e, f, g, h;
- u_int64_t T1, T2, W[80], Wm2, Wm15;
+ uint64_t a, b, c, d, e, f, g, h;
+ uint64_t T1, T2, W[80], Wm2, Wm15;
/* read the data, big endian byte order */
j = 0;
do {
- W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) |
- (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) |
- (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) |
- (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7]));
+ W[j] = (((uint64_t)(datap[0]))<<56) | (((uint64_t)(datap[1]))<<48) |
+ (((uint64_t)(datap[2]))<<40) | (((uint64_t)(datap[3]))<<32) |
+ (((uint64_t)(datap[4]))<<24) | (((uint64_t)(datap[5]))<<16) |
+ (((uint64_t)(datap[6]))<<8 ) | ((uint64_t)(datap[7]));
datap += 8;
} while(++j < 16);
@@ -374,8 +374,8 @@ static void sha512_write(private_sha512_hasher_t *ctx,
static void sha512_final(private_sha512_hasher_t *ctx)
{
register int j;
- u_int64_t bitLength, bitLengthMSB;
- u_int64_t i;
+ uint64_t bitLength, bitLengthMSB;
+ uint64_t i;
unsigned char padByte, *datap;
bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3);
@@ -469,7 +469,7 @@ METHOD(hasher_t, reset512, bool,
}
METHOD(hasher_t, get_hash224, bool,
- private_sha256_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_sha256_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
sha256_write(this, chunk.ptr, chunk.len);
if (buffer != NULL)
@@ -482,7 +482,7 @@ METHOD(hasher_t, get_hash224, bool,
}
METHOD(hasher_t, get_hash256, bool,
- private_sha256_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_sha256_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
sha256_write(this, chunk.ptr, chunk.len);
if (buffer != NULL)
@@ -495,7 +495,7 @@ METHOD(hasher_t, get_hash256, bool,
}
METHOD(hasher_t, get_hash384, bool,
- private_sha512_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_sha512_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
sha512_write(this, chunk.ptr, chunk.len);
if (buffer != NULL)
@@ -508,7 +508,7 @@ METHOD(hasher_t, get_hash384, bool,
}
METHOD(hasher_t, get_hash512, bool,
- private_sha512_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+ private_sha512_hasher_t *this, chunk_t chunk, uint8_t *buffer)
{
sha512_write(this, chunk.ptr, chunk.len);
if (buffer != NULL)
diff --git a/src/libstrongswan/plugins/sha3/Makefile.in b/src/libstrongswan/plugins/sha3/Makefile.in
index 9aa58e236..0d29fcb4b 100644
--- a/src/libstrongswan/plugins/sha3/Makefile.in
+++ b/src/libstrongswan/plugins/sha3/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/sha3
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/sha3/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/sha3/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in
index acb05d570..6563f8335 100644
--- a/src/libstrongswan/plugins/soup/Makefile.in
+++ b/src/libstrongswan/plugins/soup/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/soup
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -201,12 +210,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -256,6 +267,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -290,6 +302,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -401,6 +414,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -459,7 +473,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/soup/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/soup/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -773,6 +786,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index ca59bb7df..268730e14 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/sqlite
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/sqlite/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/sqlite/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/sshkey/Makefile.in b/src/libstrongswan/plugins/sshkey/Makefile.in
index feb9313ff..d50b29565 100644
--- a/src/libstrongswan/plugins/sshkey/Makefile.in
+++ b/src/libstrongswan/plugins/sshkey/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/sshkey
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/sshkey/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/sshkey/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -776,6 +789,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index 431b60724..6721909f0 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/test_vectors
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -219,12 +228,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -274,6 +285,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -308,6 +320,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -419,6 +432,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -510,7 +524,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/test_vectors/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/test_vectors/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -939,6 +952,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/unbound/Makefile.in b/src/libstrongswan/plugins/unbound/Makefile.in
index 59590d1a9..ea27fd384 100644
--- a/src/libstrongswan/plugins/unbound/Makefile.in
+++ b/src/libstrongswan/plugins/unbound/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/unbound
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -464,7 +478,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/unbound/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/unbound/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -780,6 +793,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/winhttp/Makefile.in b/src/libstrongswan/plugins/winhttp/Makefile.in
index acfc57bb6..0bf311c38 100644
--- a/src/libstrongswan/plugins/winhttp/Makefile.in
+++ b/src/libstrongswan/plugins/winhttp/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/winhttp
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -203,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -258,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -292,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -403,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +475,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/winhttp/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/winhttp/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -775,6 +788,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/winhttp/winhttp_fetcher.c b/src/libstrongswan/plugins/winhttp/winhttp_fetcher.c
index 5f0b58479..da56954ab 100644
--- a/src/libstrongswan/plugins/winhttp/winhttp_fetcher.c
+++ b/src/libstrongswan/plugins/winhttp/winhttp_fetcher.c
@@ -120,7 +120,7 @@ static bool read_result(private_winhttp_fetcher_t *this, HINTERNET request,
{
DWORD received;
char buf[1024];
- u_int32_t code;
+ uint32_t code;
DWORD codelen = sizeof(code);
if (!WinHttpReceiveResponse(request, NULL))
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index c58dfe210..6288e0f40 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/x509
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +211,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +268,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +303,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +415,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -464,7 +478,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/x509/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/x509/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -783,6 +796,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index bfc200421..aea8eb53d 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -706,6 +706,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this)
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyIdentifier))
{
this->authKeyIdentifier = chunk_clone(keyIdentifier);
+ keyIdentifier = asn1_simple_object(ASN1_CONTEXT_S_0, keyIdentifier);
}
public->destroy(public);
}
@@ -716,7 +717,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this)
return asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
asn1_wrap(ASN1_OCTET_STRING, "m",
- asn1_wrap(ASN1_SEQUENCE, "cmm",
+ asn1_wrap(ASN1_SEQUENCE, "mmm",
keyIdentifier,
authorityCertIssuer,
authorityCertSerialNumber
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index 6f69fb100..98fad6f8f 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libstrongswan/plugins/xcbc
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -200,12 +209,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -289,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -400,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +470,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/xcbc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/plugins/xcbc/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -770,6 +783,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c
index d852a2932..820298e27 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc.c
@@ -40,7 +40,7 @@ struct private_mac_t {
/**
* Block size, in bytes
*/
- u_int8_t b;
+ uint8_t b;
/**
* crypter using k1
@@ -50,22 +50,22 @@ struct private_mac_t {
/**
* k2
*/
- u_int8_t *k2;
+ uint8_t *k2;
/**
* k3
*/
- u_int8_t *k3;
+ uint8_t *k3;
/**
* E
*/
- u_int8_t *e;
+ uint8_t *e;
/**
* remaining, unprocessed bytes in append mode
*/
- u_int8_t *remaining;
+ uint8_t *remaining;
/**
* number of bytes in remaining
@@ -138,7 +138,7 @@ static bool update(private_mac_t *this, chunk_t data)
/**
* run last round, data is in this->e
*/
-static bool final(private_mac_t *this, u_int8_t *out)
+static bool final(private_mac_t *this, uint8_t *out)
{
chunk_t iv;
@@ -193,7 +193,7 @@ static bool final(private_mac_t *this, u_int8_t *out)
}
METHOD(mac_t, get_mac, bool,
- private_mac_t *this, chunk_t data, u_int8_t *out)
+ private_mac_t *this, chunk_t data, uint8_t *out)
{
/* update E, do not process last block */
if (!update(this, data))
@@ -294,7 +294,7 @@ static mac_t *xcbc_create(encryption_algorithm_t algo, size_t key_size)
{
private_mac_t *this;
crypter_t *crypter;
- u_int8_t b;
+ uint8_t b;
crypter = lib->crypto->create_crypter(lib->crypto, algo, key_size);
if (!crypter)
diff --git a/src/libstrongswan/processing/jobs/job.h b/src/libstrongswan/processing/jobs/job.h
index 64454718a..5b3a8a30b 100644
--- a/src/libstrongswan/processing/jobs/job.h
+++ b/src/libstrongswan/processing/jobs/job.h
@@ -96,7 +96,7 @@ struct job_requeue_t {
} schedule;
/** Time to reschedule the job */
union {
- u_int32_t rel;
+ uint32_t rel;
timeval_t abs;
} time;
};
diff --git a/src/libstrongswan/processing/scheduler.c b/src/libstrongswan/processing/scheduler.c
index d90852561..374742939 100644
--- a/src/libstrongswan/processing/scheduler.c
+++ b/src/libstrongswan/processing/scheduler.c
@@ -276,7 +276,7 @@ METHOD(scheduler_t, schedule_job_tv, void,
}
METHOD(scheduler_t, schedule_job, void,
- private_scheduler_t *this, job_t *job, u_int32_t s)
+ private_scheduler_t *this, job_t *job, uint32_t s)
{
timeval_t tv;
@@ -287,7 +287,7 @@ METHOD(scheduler_t, schedule_job, void,
}
METHOD(scheduler_t, schedule_job_ms, void,
- private_scheduler_t *this, job_t *job, u_int32_t ms)
+ private_scheduler_t *this, job_t *job, uint32_t ms)
{
timeval_t tv, add;
diff --git a/src/libstrongswan/processing/scheduler.h b/src/libstrongswan/processing/scheduler.h
index 7f91fcc59..1cd96d976 100644
--- a/src/libstrongswan/processing/scheduler.h
+++ b/src/libstrongswan/processing/scheduler.h
@@ -86,7 +86,7 @@ struct scheduler_t {
* @param job job to schedule
* @param time relative time to schedule job, in s
*/
- void (*schedule_job) (scheduler_t *this, job_t *job, u_int32_t s);
+ void (*schedule_job) (scheduler_t *this, job_t *job, uint32_t s);
/**
* Adds a event to the queue, using a relative time offset in ms.
@@ -94,7 +94,7 @@ struct scheduler_t {
* @param job job to schedule
* @param time relative time to schedule job, in ms
*/
- void (*schedule_job_ms) (scheduler_t *this, job_t *job, u_int32_t ms);
+ void (*schedule_job_ms) (scheduler_t *this, job_t *job, uint32_t ms);
/**
* Adds a event to the queue, using an absolut time.
diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index a6298b394..da3ba97cf 100644
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -52,7 +52,7 @@ struct private_traffic_selector_t {
/**
* IP protocol (UDP, TCP, ICMP, ...)
*/
- u_int8_t protocol;
+ uint8_t protocol;
/**
* narrow this traffic selector to hosts external ip
@@ -63,7 +63,7 @@ struct private_traffic_selector_t {
/**
* subnet size in CIDR notation, 255 means a non-subnet address range
*/
- u_int8_t netbits;
+ uint8_t netbits;
/**
* begin of address range, network order
@@ -72,9 +72,9 @@ struct private_traffic_selector_t {
/** dummy char for common address manipulation */
char from[0];
/** IPv4 address */
- u_int32_t from4[1];
+ uint32_t from4[1];
/** IPv6 address */
- u_int32_t from6[4];
+ uint32_t from6[4];
};
/**
@@ -84,30 +84,30 @@ struct private_traffic_selector_t {
/** dummy char for common address manipulation */
char to[0];
/** IPv4 address */
- u_int32_t to4[1];
+ uint32_t to4[1];
/** IPv6 address */
- u_int32_t to6[4];
+ uint32_t to6[4];
};
/**
* begin of port range
*/
- u_int16_t from_port;
+ uint16_t from_port;
/**
* end of port range
*/
- u_int16_t to_port;
+ uint16_t to_port;
};
/**
* calculate the "to"-address for the "from" address and a subnet size
*/
-static void calc_range(private_traffic_selector_t *this, u_int8_t netbits)
+static void calc_range(private_traffic_selector_t *this, uint8_t netbits)
{
size_t len;
int bytes, bits;
- u_int8_t mask;
+ uint8_t mask;
this->netbits = netbits;
@@ -126,10 +126,10 @@ static void calc_range(private_traffic_selector_t *this, u_int8_t netbits)
/**
* calculate the subnet size from the "to" and "from" addresses
*/
-static u_int8_t calc_netbits(private_traffic_selector_t *this)
+static uint8_t calc_netbits(private_traffic_selector_t *this)
{
int byte, bit;
- u_int8_t netbits;
+ uint8_t netbits;
size_t size = (this->type == TS_IPV4_ADDR_RANGE) ? 4 : 16;
bool prefix = TRUE;
@@ -144,7 +144,7 @@ static u_int8_t calc_netbits(private_traffic_selector_t *this)
{
for (bit = 7; bit >= 0; bit--)
{
- u_int8_t bitmask = 1 << bit;
+ uint8_t bitmask = 1 << bit;
if (prefix)
{
@@ -173,8 +173,8 @@ static u_int8_t calc_netbits(private_traffic_selector_t *this)
/**
* internal generic constructor
*/
-static private_traffic_selector_t *traffic_selector_create(u_int8_t protocol,
- ts_type_t type, u_int16_t from_port, u_int16_t to_port);
+static private_traffic_selector_t *traffic_selector_create(uint8_t protocol,
+ ts_type_t type, uint16_t from_port, uint16_t to_port);
/**
* Check if TS contains "opaque" ports
@@ -195,9 +195,9 @@ static bool is_any(private_traffic_selector_t *this)
/**
* Print ICMP/ICMPv6 type and code
*/
-static int print_icmp(printf_hook_data_t *data, u_int16_t port)
+static int print_icmp(printf_hook_data_t *data, uint16_t port)
{
- u_int8_t type, code;
+ uint8_t type, code;
type = traffic_selector_icmp_type(port);
code = traffic_selector_icmp_code(port);
@@ -222,7 +222,7 @@ int traffic_selector_printf_hook(printf_hook_data_t *data,
char *serv_proto = NULL, *sep = "";
bool has_proto, has_ports;
size_t written = 0;
- u_int32_t from[4], to[4];
+ uint32_t from[4], to[4];
if (this == NULL)
{
@@ -361,9 +361,9 @@ METHOD(traffic_selector_t, get_subset, traffic_selector_t*,
private_traffic_selector_t *this, traffic_selector_t *other_public)
{
private_traffic_selector_t *other, *subset;
- u_int16_t from_port, to_port;
+ uint16_t from_port, to_port;
u_char *from, *to;
- u_int8_t protocol;
+ uint8_t protocol;
size_t size;
other = (private_traffic_selector_t*)other_public;
@@ -481,13 +481,13 @@ METHOD(traffic_selector_t, get_to_address, chunk_t,
}
}
-METHOD(traffic_selector_t, get_from_port, u_int16_t,
+METHOD(traffic_selector_t, get_from_port, uint16_t,
private_traffic_selector_t *this)
{
return this->from_port;
}
-METHOD(traffic_selector_t, get_to_port, u_int16_t,
+METHOD(traffic_selector_t, get_to_port, uint16_t,
private_traffic_selector_t *this)
{
return this->to_port;
@@ -499,7 +499,7 @@ METHOD(traffic_selector_t, get_type, ts_type_t,
return this->type;
}
-METHOD(traffic_selector_t, get_protocol, u_int8_t,
+METHOD(traffic_selector_t, get_protocol, uint8_t,
private_traffic_selector_t *this)
{
return this->protocol;
@@ -610,14 +610,14 @@ METHOD(traffic_selector_t, includes, bool,
}
METHOD(traffic_selector_t, to_subnet, bool,
- private_traffic_selector_t *this, host_t **net, u_int8_t *mask)
+ private_traffic_selector_t *this, host_t **net, uint8_t *mask)
{
/* there is no way to do this cleanly, as the address range may
* be anything else but a subnet. We use from_addr as subnet
* and try to calculate a usable subnet mask.
*/
int family, non_zero_bytes;
- u_int16_t port = 0;
+ uint16_t port = 0;
chunk_t net_chunk;
*mask = (this->netbits == NON_SUBNET_ADDRESS_RANGE) ? calc_netbits(this)
@@ -777,10 +777,10 @@ int traffic_selector_cmp(traffic_selector_t *a_pub, traffic_selector_t *b_pub,
/*
* see header
*/
-traffic_selector_t *traffic_selector_create_from_bytes(u_int8_t protocol,
+traffic_selector_t *traffic_selector_create_from_bytes(uint8_t protocol,
ts_type_t type,
- chunk_t from, u_int16_t from_port,
- chunk_t to, u_int16_t to_port)
+ chunk_t from, uint16_t from_port,
+ chunk_t to, uint16_t to_port)
{
private_traffic_selector_t *this = traffic_selector_create(protocol, type,
from_port, to_port);
@@ -843,7 +843,7 @@ traffic_selector_t *traffic_selector_create_from_rfc3779_format(ts_type_t type,
}
if (to.len > 1)
{
- u_int8_t mask = to.ptr[0] ? (1 << to.ptr[0]) - 1 : 0;
+ uint8_t mask = to.ptr[0] ? (1 << to.ptr[0]) - 1 : 0;
memcpy(this->to, to.ptr+1, to.len-1);
this->to[to.len-2] |= mask;
@@ -856,8 +856,8 @@ traffic_selector_t *traffic_selector_create_from_rfc3779_format(ts_type_t type,
* see header
*/
traffic_selector_t *traffic_selector_create_from_subnet(host_t *net,
- u_int8_t netbits, u_int8_t protocol,
- u_int16_t from_port, u_int16_t to_port)
+ uint8_t netbits, uint8_t protocol,
+ uint16_t from_port, uint16_t to_port)
{
private_traffic_selector_t *this;
chunk_t from;
@@ -890,9 +890,9 @@ traffic_selector_t *traffic_selector_create_from_subnet(host_t *net,
* see header
*/
traffic_selector_t *traffic_selector_create_from_string(
- u_int8_t protocol, ts_type_t type,
- char *from_addr, u_int16_t from_port,
- char *to_addr, u_int16_t to_port)
+ uint8_t protocol, ts_type_t type,
+ char *from_addr, uint16_t from_port,
+ char *to_addr, uint16_t to_port)
{
private_traffic_selector_t *this;
int family;
@@ -926,8 +926,8 @@ traffic_selector_t *traffic_selector_create_from_string(
* see header
*/
traffic_selector_t *traffic_selector_create_from_cidr(
- char *string, u_int8_t protocol,
- u_int16_t from_port, u_int16_t to_port)
+ char *string, uint8_t protocol,
+ uint16_t from_port, uint16_t to_port)
{
host_t *net;
int bits;
@@ -944,8 +944,8 @@ traffic_selector_t *traffic_selector_create_from_cidr(
/*
* see header
*/
-traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
- u_int16_t from_port, u_int16_t to_port)
+traffic_selector_t *traffic_selector_create_dynamic(uint8_t protocol,
+ uint16_t from_port, uint16_t to_port)
{
private_traffic_selector_t *this = traffic_selector_create(
protocol, TS_IPV4_ADDR_RANGE, from_port, to_port);
@@ -961,8 +961,8 @@ traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
/*
* see declaration
*/
-static private_traffic_selector_t *traffic_selector_create(u_int8_t protocol,
- ts_type_t type, u_int16_t from_port, u_int16_t to_port)
+static private_traffic_selector_t *traffic_selector_create(uint8_t protocol,
+ ts_type_t type, uint16_t from_port, uint16_t to_port)
{
private_traffic_selector_t *this;
diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h
index cf9a2861b..cc66c3453 100644
--- a/src/libstrongswan/selectors/traffic_selector.h
+++ b/src/libstrongswan/selectors/traffic_selector.h
@@ -122,7 +122,7 @@ struct traffic_selector_t {
*
* @return port
*/
- u_int16_t (*get_from_port) (traffic_selector_t *this);
+ uint16_t (*get_from_port) (traffic_selector_t *this);
/**
* Get ending port of this ts.
@@ -136,7 +136,7 @@ struct traffic_selector_t {
*
* @return port
*/
- u_int16_t (*get_to_port) (traffic_selector_t *this);
+ uint16_t (*get_to_port) (traffic_selector_t *this);
/**
* Get the type of the traffic selector.
@@ -150,7 +150,7 @@ struct traffic_selector_t {
*
* @return protocol id
*/
- u_int8_t (*get_protocol) (traffic_selector_t *this);
+ uint8_t (*get_protocol) (traffic_selector_t *this);
/**
* Check if the traffic selector is for a single host.
@@ -218,7 +218,7 @@ struct traffic_selector_t {
* @param mask converted net mask
* @return TRUE if traffic selector matches exactly to the subnet
*/
- bool (*to_subnet) (traffic_selector_t *this, host_t **net, u_int8_t *mask);
+ bool (*to_subnet) (traffic_selector_t *this, host_t **net, uint8_t *mask);
/**
* Create a hash value for the traffic selector.
@@ -240,7 +240,7 @@ struct traffic_selector_t {
* @param port port number in host order
* @return ICMP/ICMPv6 message type
*/
-static inline u_int8_t traffic_selector_icmp_type(u_int16_t port)
+static inline uint8_t traffic_selector_icmp_type(uint16_t port)
{
return port >> 8;
}
@@ -251,7 +251,7 @@ static inline u_int8_t traffic_selector_icmp_type(u_int16_t port)
* @param port port number in host order
* @return ICMP/ICMPv6 message code
*/
-static inline u_int8_t traffic_selector_icmp_code(u_int16_t port)
+static inline uint8_t traffic_selector_icmp_code(uint16_t port)
{
return port & 0xff;
}
@@ -286,9 +286,9 @@ int traffic_selector_cmp(traffic_selector_t *a, traffic_selector_t *b,
* - NULL if invalid address strings/protocol
*/
traffic_selector_t *traffic_selector_create_from_string(
- u_int8_t protocol, ts_type_t type,
- char *from_addr, u_int16_t from_port,
- char *to_addr, u_int16_t to_port);
+ uint8_t protocol, ts_type_t type,
+ char *from_addr, uint16_t from_port,
+ char *to_addr, uint16_t to_port);
@@ -307,8 +307,8 @@ traffic_selector_t *traffic_selector_create_from_string(
* @return traffic selector, NULL if string invalid
*/
traffic_selector_t *traffic_selector_create_from_cidr(
- char *string, u_int8_t protocol,
- u_int16_t from_port, u_int16_t to_port);
+ char *string, uint8_t protocol,
+ uint16_t from_port, uint16_t to_port);
/**
* Create a new traffic selector using data read from the net.
@@ -331,9 +331,9 @@ traffic_selector_t *traffic_selector_create_from_cidr(
* @return traffic_selector_t object
*/
traffic_selector_t *traffic_selector_create_from_bytes(
- u_int8_t protocol, ts_type_t type,
- chunk_t from_address, u_int16_t from_port,
- chunk_t to_address, u_int16_t to_port);
+ uint8_t protocol, ts_type_t type,
+ chunk_t from_address, uint16_t from_port,
+ chunk_t to_address, uint16_t to_port);
/**
* Create a new traffic selector using the RFC 3779 ASN.1 min/max address format
@@ -370,8 +370,8 @@ traffic_selector_t *traffic_selector_create_from_rfc3779_format(ts_type_t type,
* - NULL if address family of net not supported
*/
traffic_selector_t *traffic_selector_create_from_subnet(
- host_t *net, u_int8_t netbits, u_int8_t protocol,
- u_int16_t from_port, u_int16_t to_port);
+ host_t *net, uint8_t netbits, uint8_t protocol,
+ uint16_t from_port, uint16_t to_port);
/**
* Create a traffic selector for host-to-host cases.
@@ -392,8 +392,8 @@ traffic_selector_t *traffic_selector_create_from_subnet(
* - traffic_selector_t object
* - NULL if type not supported
*/
-traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
- u_int16_t from_port, u_int16_t to_port);
+traffic_selector_t *traffic_selector_create_dynamic(uint8_t protocol,
+ uint16_t from_port, uint16_t to_port);
/**
* printf hook function for traffic_selector_t.
diff --git a/src/libstrongswan/settings/settings.c b/src/libstrongswan/settings/settings.c
index 56cc2f19b..829e78482 100644
--- a/src/libstrongswan/settings/settings.c
+++ b/src/libstrongswan/settings/settings.c
@@ -540,9 +540,9 @@ METHOD(settings_t, get_int, int,
/**
* Described in header
*/
-inline u_int64_t settings_value_as_uint64(char *value, u_int64_t def)
+inline uint64_t settings_value_as_uint64(char *value, uint64_t def)
{
- u_int64_t intval;
+ uint64_t intval;
char *end;
int base = 10;
@@ -597,10 +597,10 @@ METHOD(settings_t, get_double, double,
/**
* Described in header
*/
-inline u_int32_t settings_value_as_time(char *value, u_int32_t def)
+inline uint32_t settings_value_as_time(char *value, uint32_t def)
{
char *endptr;
- u_int32_t timeval;
+ uint32_t timeval;
if (value)
{
errno = 0;
@@ -638,8 +638,8 @@ inline u_int32_t settings_value_as_time(char *value, u_int32_t def)
return def;
}
-METHOD(settings_t, get_time, u_int32_t,
- private_settings_t *this, char *key, u_int32_t def, ...)
+METHOD(settings_t, get_time, uint32_t,
+ private_settings_t *this, char *key, uint32_t def, ...)
{
char *value;
va_list args;
@@ -695,7 +695,7 @@ METHOD(settings_t, set_double, void,
}
METHOD(settings_t, set_time, void,
- private_settings_t *this, char *key, u_int32_t value, ...)
+ private_settings_t *this, char *key, uint32_t value, ...)
{
char val[16];
va_list args;
diff --git a/src/libstrongswan/settings/settings.h b/src/libstrongswan/settings/settings.h
index a133a3681..eec5ece6c 100644
--- a/src/libstrongswan/settings/settings.h
+++ b/src/libstrongswan/settings/settings.h
@@ -51,13 +51,13 @@ bool settings_value_as_bool(char *value, bool def);
int settings_value_as_int(char *value, int def);
/**
- * Convert a string value returned by a key/value enumerator to an u_int64_t.
+ * Convert a string value returned by a key/value enumerator to an uint64_t.
*
* @see settings_t.create_key_value_enumerator()
* @param value the string value
* @param def the default value, if value is NULL or invalid
*/
-u_int64_t settings_value_as_uint64(char *value, u_int64_t def);
+uint64_t settings_value_as_uint64(char *value, uint64_t def);
/**
* Convert a string value returned by a key/value enumerator to a double.
@@ -77,7 +77,7 @@ double settings_value_as_double(char *value, double def);
* @param value the string value
* @param def the default value, if value is NULL or invalid
*/
-u_int32_t settings_value_as_time(char *value, u_int32_t def);
+uint32_t settings_value_as_time(char *value, uint32_t def);
/**
* Generic configuration options read from a config file.
@@ -203,7 +203,7 @@ struct settings_t {
* @param ... argument list for key
* @return value of the key (in seconds)
*/
- u_int32_t (*get_time)(settings_t *this, char *key, u_int32_t def, ...);
+ uint32_t (*get_time)(settings_t *this, char *key, uint32_t def, ...);
/**
* Set a string value.
@@ -248,7 +248,7 @@ struct settings_t {
* @param def value to set
* @param ... argument list for key
*/
- void (*set_time)(settings_t *this, char *key, u_int32_t value, ...);
+ void (*set_time)(settings_t *this, char *key, uint32_t value, ...);
/**
* Set a default for string value.
diff --git a/src/libstrongswan/settings/settings_lexer.c b/src/libstrongswan/settings/settings_lexer.c
index 6e64e15a6..2151e930b 100644
--- a/src/libstrongswan/settings/settings_lexer.c
+++ b/src/libstrongswan/settings/settings_lexer.c
@@ -16,8 +16,8 @@
#define FLEX_SCANNER
#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-#define YY_FLEX_SUBMINOR_VERSION 35
+#define YY_FLEX_MINOR_VERSION 6
+#define YY_FLEX_SUBMINOR_VERSION 0
#if YY_FLEX_SUBMINOR_VERSION > 0
#define FLEX_BETA
#endif
@@ -221,6 +221,11 @@ typedef void* yyscan_t;
typedef struct yy_buffer_state *YY_BUFFER_STATE;
#endif
+#ifndef YY_TYPEDEF_YY_SIZE_T
+#define YY_TYPEDEF_YY_SIZE_T
+typedef size_t yy_size_t;
+#endif
+
/* %if-not-reentrant */
/* %endif */
@@ -247,6 +252,13 @@ typedef struct yy_buffer_state *YY_BUFFER_STATE;
if ( yytext[yyl] == '\n' )\
--yylineno;\
}while(0)
+ #define YY_LINENO_REWIND_TO(dst) \
+ do {\
+ const char *p;\
+ for ( p = yy_cp-1; p >= (dst); --p)\
+ if ( *p == '\n' )\
+ --yylineno;\
+ }while(0)
/* Return all but the first "n" matched characters back to the input stream. */
#define yyless(n) \
@@ -264,11 +276,6 @@ typedef struct yy_buffer_state *YY_BUFFER_STATE;
#define unput(c) yyunput( c, yyg->yytext_ptr , yyscanner )
-#ifndef YY_TYPEDEF_YY_SIZE_T
-#define YY_TYPEDEF_YY_SIZE_T
-typedef size_t yy_size_t;
-#endif
-
#ifndef YY_STRUCT_YY_BUFFER_STATE
#define YY_STRUCT_YY_BUFFER_STATE
struct yy_buffer_state
@@ -388,7 +395,7 @@ static void settings_parser__init_buffer (YY_BUFFER_STATE b,FILE *file ,yyscan_t
YY_BUFFER_STATE settings_parser__scan_buffer (char *base,yy_size_t size ,yyscan_t yyscanner );
YY_BUFFER_STATE settings_parser__scan_string (yyconst char *yy_str ,yyscan_t yyscanner );
-YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char *bytes,int len ,yyscan_t yyscanner );
+YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char *bytes,yy_size_t len ,yyscan_t yyscanner );
/* %endif */
@@ -423,7 +430,7 @@ void settings_parser_free (void * ,yyscan_t yyscanner );
/* %% [1.0] yytext/yyin/yyout/yy_state_type/yylineno etc. def's & init go here */
/* Begin user sect3 */
-#define settings_parser_wrap(n) 1
+#define settings_parser_wrap(yyscanner) (/*CONSTCOND*/1)
#define YY_SKIP_YYWRAP
#define FLEX_DEBUG
@@ -434,11 +441,16 @@ typedef int yy_state_type;
#define yytext_ptr yytext_r
+/* %% [1.5] DFA */
+
/* %if-c-only Standard (non-C++) definition */
static yy_state_type yy_get_previous_state (yyscan_t yyscanner );
static yy_state_type yy_try_NUL_trans (yy_state_type current_state ,yyscan_t yyscanner);
static int yy_get_next_buffer (yyscan_t yyscanner );
+#if defined(__GNUC__) && __GNUC__ >= 3
+__attribute__((__noreturn__))
+#endif
static void yy_fatal_error (yyconst char msg[] ,yyscan_t yyscanner );
/* %endif */
@@ -474,7 +486,7 @@ static yyconst flex_int16_t yy_accept[49] =
9, 9, 9, 9, 0, 7, 7, 0
} ;
-static yyconst flex_int32_t yy_ec[256] =
+static yyconst YY_CHAR yy_ec[256] =
{ 0,
1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
1, 1, 4, 1, 1, 1, 1, 1, 1, 1,
@@ -506,13 +518,13 @@ static yyconst flex_int32_t yy_ec[256] =
1, 1, 1, 1, 1
} ;
-static yyconst flex_int32_t yy_meta[21] =
+static yyconst YY_CHAR yy_meta[21] =
{ 0,
1, 2, 3, 1, 4, 5, 4, 6, 7, 1,
1, 1, 1, 1, 1, 1, 1, 1, 8, 9
} ;
-static yyconst flex_int16_t yy_base[60] =
+static yyconst flex_uint16_t yy_base[60] =
{ 0,
0, 0, 19, 38, 21, 23, 55, 0, 47, 161,
161, 50, 161, 37, 161, 161, 0, 161, 161, 0,
@@ -532,7 +544,7 @@ static yyconst flex_int16_t yy_def[60] =
48, 48, 48, 48, 48, 48, 48, 48, 48
} ;
-static yyconst flex_int16_t yy_nxt[182] =
+static yyconst flex_uint16_t yy_nxt[182] =
{ 0,
8, 9, 10, 8, 9, 11, 12, 13, 8, 8,
8, 8, 14, 8, 8, 8, 8, 8, 15, 16,
@@ -638,7 +650,7 @@ static void include_files(parser_helper_t *ctx);
/* state used to scan quoted strings */
-#line 642 "settings/settings_lexer.c"
+#line 654 "settings/settings_lexer.c"
#define INITIAL 0
#define inc 1
@@ -675,7 +687,7 @@ struct yyguts_t
YY_BUFFER_STATE * yy_buffer_stack; /**< Stack as an array. */
char yy_hold_char;
int yy_n_chars;
- int yyleng_r;
+ yy_size_t yyleng_r;
char *yy_c_buf_p;
int yy_init;
int yy_start;
@@ -732,19 +744,23 @@ void settings_parser_set_extra (YY_EXTRA_TYPE user_defined ,yyscan_t yyscanner )
FILE *settings_parser_get_in (yyscan_t yyscanner );
-void settings_parser_set_in (FILE * in_str ,yyscan_t yyscanner );
+void settings_parser_set_in (FILE * _in_str ,yyscan_t yyscanner );
FILE *settings_parser_get_out (yyscan_t yyscanner );
-void settings_parser_set_out (FILE * out_str ,yyscan_t yyscanner );
+void settings_parser_set_out (FILE * _out_str ,yyscan_t yyscanner );
-int settings_parser_get_leng (yyscan_t yyscanner );
+yy_size_t settings_parser_get_leng (yyscan_t yyscanner );
char *settings_parser_get_text (yyscan_t yyscanner );
int settings_parser_get_lineno (yyscan_t yyscanner );
-void settings_parser_set_lineno (int line_number ,yyscan_t yyscanner );
+void settings_parser_set_lineno (int _line_number ,yyscan_t yyscanner );
+
+int settings_parser_get_column (yyscan_t yyscanner );
+
+void settings_parser_set_column (int _column_no ,yyscan_t yyscanner );
/* %if-bison-bridge */
@@ -768,8 +784,11 @@ extern int settings_parser_wrap (yyscan_t yyscanner );
/* %not-for-header */
+#ifndef YY_NO_UNPUT
+
static void yyunput (int c,char *buf_ptr ,yyscan_t yyscanner);
+#endif
/* %ok-for-header */
/* %endif */
@@ -798,7 +817,7 @@ static int input (yyscan_t yyscanner );
/* %if-c-only */
- static void yy_push_state (int new_state ,yyscan_t yyscanner);
+ static void yy_push_state (int _new_state ,yyscan_t yyscanner);
static void yy_pop_state (yyscan_t yyscanner );
@@ -928,7 +947,7 @@ extern int settings_parser_lex \
/* Code executed at the end of each rule. */
#ifndef YY_BREAK
-#define YY_BREAK break;
+#define YY_BREAK /*LINTED*/break;
#endif
/* %% [6.0] YY_RULE_SETUP definition goes here */
@@ -941,17 +960,11 @@ extern int settings_parser_lex \
*/
YY_DECL
{
- register yy_state_type yy_current_state;
- register char *yy_cp, *yy_bp;
- register int yy_act;
+ yy_state_type yy_current_state;
+ char *yy_cp, *yy_bp;
+ int yy_act;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
-/* %% [7.0] user's declarations go here */
-#line 57 "settings/settings_lexer.l"
-
-
-#line 954 "settings/settings_lexer.c"
-
yylval = yylval_param;
if ( !yyg->yy_init )
@@ -988,7 +1001,14 @@ YY_DECL
settings_parser__load_buffer_state(yyscanner );
}
- while ( 1 ) /* loops until end-of-file is reached */
+ {
+/* %% [7.0] user's declarations go here */
+#line 57 "settings/settings_lexer.l"
+
+
+#line 1010 "settings/settings_lexer.c"
+
+ while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */
{
/* %% [8.0] yymore()-related code goes here */
yy_cp = yyg->yy_c_buf_p;
@@ -1006,7 +1026,7 @@ YY_DECL
yy_match:
do
{
- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ;
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1039,7 +1059,7 @@ yy_find_action:
if ( yy_act != YY_END_OF_BUFFER && yy_rule_can_match_eol[yy_act] )
{
- int yyl;
+ yy_size_t yyl;
for ( yyl = 0; yyl < yyleng; ++yyl )
if ( yytext[yyl] == '\n' )
@@ -1106,6 +1126,7 @@ return yytext[0];
case 7:
/* rule 7 can match eol */
*yy_cp = yyg->yy_hold_char; /* undo effects of setting up yytext */
+YY_LINENO_REWIND_TO(yy_cp - 1);
yyg->yy_c_buf_p = yy_cp -= 1;
YY_DO_BEFORE_ACTION; /* set up yytext again */
YY_RULE_SETUP
@@ -1192,6 +1213,7 @@ YY_RULE_SETUP
case 15:
#line 121 "settings/settings_lexer.l"
+YY_RULE_SETUP
case YY_STATE_EOF(str):
#line 121 "settings/settings_lexer.l"
case 16:
@@ -1267,7 +1289,7 @@ YY_RULE_SETUP
#line 159 "settings/settings_lexer.l"
YY_FATAL_ERROR( "flex scanner jammed" );
YY_BREAK
-#line 1271 "settings/settings_lexer.c"
+#line 1293 "settings/settings_lexer.c"
case YY_END_OF_BUFFER:
{
@@ -1290,7 +1312,11 @@ YY_FATAL_ERROR( "flex scanner jammed" );
* back-up) that will match for the new input source.
*/
yyg->yy_n_chars = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+/* %if-c-only */
YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin;
+/* %endif */
+/* %if-c++-only */
+/* %endif */
YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL;
}
@@ -1397,6 +1423,7 @@ YY_FATAL_ERROR( "flex scanner jammed" );
"fatal flex scanner internal error--no action found" );
} /* end of action switch */
} /* end of scanning one token */
+ } /* end of user's declarations */
} /* end of settings_parser_lex */
/* %ok-for-header */
@@ -1421,9 +1448,9 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %endif */
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
- register char *source = yyg->yytext_ptr;
- register int number_to_move, i;
+ char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+ char *source = yyg->yytext_ptr;
+ yy_size_t number_to_move, i;
int ret_val;
if ( yyg->yy_c_buf_p > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[yyg->yy_n_chars + 1] )
@@ -1452,7 +1479,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* Try to read more data. */
/* First move last chars to start of buffer. */
- number_to_move = (int) (yyg->yy_c_buf_p - yyg->yytext_ptr) - 1;
+ number_to_move = (yy_size_t) (yyg->yy_c_buf_p - yyg->yytext_ptr) - 1;
for ( i = 0; i < number_to_move; ++i )
*(dest++) = *(source++);
@@ -1465,21 +1492,21 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
else
{
- int num_to_read =
+ yy_size_t num_to_read =
YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
while ( num_to_read <= 0 )
{ /* Not enough room in the buffer - grow it. */
/* just a shorter name for the current buffer */
- YY_BUFFER_STATE b = YY_CURRENT_BUFFER;
+ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE;
int yy_c_buf_p_offset =
(int) (yyg->yy_c_buf_p - b->yy_ch_buf);
if ( b->yy_is_our_buffer )
{
- int new_size = b->yy_buf_size * 2;
+ yy_size_t new_size = b->yy_buf_size * 2;
if ( new_size <= 0 )
b->yy_buf_size += b->yy_buf_size / 8;
@@ -1510,7 +1537,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* Read in more data. */
YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]),
- yyg->yy_n_chars, (size_t) num_to_read );
+ yyg->yy_n_chars, num_to_read );
YY_CURRENT_BUFFER_LVALUE->yy_n_chars = yyg->yy_n_chars;
}
@@ -1534,9 +1561,9 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
else
ret_val = EOB_ACT_CONTINUE_SCAN;
- if ((yy_size_t) (yyg->yy_n_chars + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
+ if ((int) (yyg->yy_n_chars + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
/* Extend the array by 50%, plus the number we really need. */
- yy_size_t new_size = yyg->yy_n_chars + number_to_move + (yyg->yy_n_chars >> 1);
+ int new_size = yyg->yy_n_chars + number_to_move + (yyg->yy_n_chars >> 1);
YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) settings_parser_realloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ,yyscanner );
if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" );
@@ -1561,8 +1588,8 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %if-c++-only */
/* %endif */
{
- register yy_state_type yy_current_state;
- register char *yy_cp;
+ yy_state_type yy_current_state;
+ char *yy_cp;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* %% [15.0] code to get the start state into yy_current_state goes here */
@@ -1571,7 +1598,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
for ( yy_cp = yyg->yytext_ptr + YY_MORE_ADJ; yy_cp < yyg->yy_c_buf_p; ++yy_cp )
{
/* %% [16.0] code to find the next state goes here */
- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1600,12 +1627,12 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %if-c++-only */
/* %endif */
{
- register int yy_is_jam;
+ int yy_is_jam;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner; /* This var may be unused depending upon options. */
/* %% [17.0] code to find the next state, and perhaps do backing up, goes here */
- register char *yy_cp = yyg->yy_c_buf_p;
+ char *yy_cp = yyg->yy_c_buf_p;
- register YY_CHAR yy_c = 1;
+ YY_CHAR yy_c = 1;
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1620,17 +1647,19 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
yy_is_jam = (yy_current_state == 48);
+ (void)yyg;
return yy_is_jam ? 0 : yy_current_state;
}
+#ifndef YY_NO_UNPUT
/* %if-c-only */
- static void yyunput (int c, register char * yy_bp , yyscan_t yyscanner)
+ static void yyunput (int c, char * yy_bp , yyscan_t yyscanner)
/* %endif */
/* %if-c++-only */
/* %endif */
{
- register char *yy_cp;
+ char *yy_cp;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
yy_cp = yyg->yy_c_buf_p;
@@ -1641,10 +1670,10 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
{ /* need to shift things up to make room */
/* +2 for EOB chars. */
- register int number_to_move = yyg->yy_n_chars + 2;
- register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
+ yy_size_t number_to_move = yyg->yy_n_chars + 2;
+ char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2];
- register char *source =
+ char *source =
&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move];
while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
@@ -1674,6 +1703,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %if-c-only */
/* %endif */
+#endif
/* %if-c-only */
#ifndef YY_NO_INPUT
@@ -1704,7 +1734,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
else
{ /* need more input */
- int offset = yyg->yy_c_buf_p - yyg->yytext_ptr;
+ yy_size_t offset = yyg->yy_c_buf_p - yyg->yytext_ptr;
++yyg->yy_c_buf_p;
switch ( yy_get_next_buffer( yyscanner ) )
@@ -1787,6 +1817,9 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
settings_parser__load_buffer_state(yyscanner );
}
+/* %if-c++-only */
+/* %endif */
+
/** Switch to a different input buffer.
* @param new_buffer The new input buffer.
* @param yyscanner The scanner object.
@@ -1836,7 +1869,11 @@ static void settings_parser__load_buffer_state (yyscan_t yyscanner)
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
yyg->yy_n_chars = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
yyg->yytext_ptr = yyg->yy_c_buf_p = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos;
+/* %if-c-only */
yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file;
+/* %endif */
+/* %if-c++-only */
+/* %endif */
yyg->yy_hold_char = *yyg->yy_c_buf_p;
}
@@ -1858,7 +1895,7 @@ static void settings_parser__load_buffer_state (yyscan_t yyscanner)
if ( ! b )
YY_FATAL_ERROR( "out of dynamic memory in settings_parser__create_buffer()" );
- b->yy_buf_size = size;
+ b->yy_buf_size = (yy_size_t)size;
/* yy_ch_buf has to be 2 characters longer than the size given because
* we need to put in 2 end-of-buffer characters.
@@ -1874,6 +1911,9 @@ static void settings_parser__load_buffer_state (yyscan_t yyscanner)
return b;
}
+/* %if-c++-only */
+/* %endif */
+
/** Destroy the buffer.
* @param b a buffer created with settings_parser__create_buffer()
* @param yyscanner The scanner object.
@@ -1898,17 +1938,6 @@ static void settings_parser__load_buffer_state (yyscan_t yyscanner)
settings_parser_free((void *) b ,yyscanner );
}
-/* %if-c-only */
-
-#ifndef __cplusplus
-extern int isatty (int );
-#endif /* __cplusplus */
-
-/* %endif */
-
-/* %if-c++-only */
-/* %endif */
-
/* Initializes or reinitializes a buffer.
* This function is sometimes called more than once on the same buffer,
* such as during a settings_parser_restart() or at EOF.
@@ -1925,7 +1954,11 @@ extern int isatty (int );
settings_parser__flush_buffer(b ,yyscanner);
+/* %if-c-only */
b->yy_input_file = file;
+/* %endif */
+/* %if-c++-only */
+/* %endif */
b->yy_fill_buffer = 1;
/* If b is the current buffer, then settings_parser__init_buffer was _probably_
@@ -2055,7 +2088,7 @@ static void settings_parser_ensure_buffer_stack (yyscan_t yyscanner)
/* %if-c++-only */
/* %endif */
{
- int num_to_alloc;
+ yy_size_t num_to_alloc;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
if (!yyg->yy_buffer_stack) {
@@ -2064,7 +2097,7 @@ static void settings_parser_ensure_buffer_stack (yyscan_t yyscanner)
* scanner will even need a stack. We use 2 instead of 1 to avoid an
* immediate realloc on the next call.
*/
- num_to_alloc = 1;
+ num_to_alloc = 1; /* After all that talk, this was set to 1 anyways... */
yyg->yy_buffer_stack = (struct yy_buffer_state**)settings_parser_alloc
(num_to_alloc * sizeof(struct yy_buffer_state*)
, yyscanner);
@@ -2081,7 +2114,7 @@ static void settings_parser_ensure_buffer_stack (yyscan_t yyscanner)
if (yyg->yy_buffer_stack_top >= (yyg->yy_buffer_stack_max) - 1){
/* Increase the buffer to prepare for a possible push. */
- int grow_size = 8 /* arbitrary grow size */;
+ yy_size_t grow_size = 8 /* arbitrary grow size */;
num_to_alloc = yyg->yy_buffer_stack_max + grow_size;
yyg->yy_buffer_stack = (struct yy_buffer_state**)settings_parser_realloc
@@ -2159,12 +2192,12 @@ YY_BUFFER_STATE settings_parser__scan_string (yyconst char * yystr , yyscan_t yy
* @param yyscanner The scanner object.
* @return the newly allocated buffer state object.
*/
-YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char * yybytes, int _yybytes_len , yyscan_t yyscanner)
+YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len , yyscan_t yyscanner)
{
YY_BUFFER_STATE b;
char *buf;
yy_size_t n;
- int i;
+ yy_size_t i;
/* Get memory for full buffer, including space for trailing EOB's. */
n = _yybytes_len + 2;
@@ -2191,7 +2224,7 @@ YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char * yybytes, int _yyby
/* %endif */
/* %if-c-only */
- static void yy_push_state (int new_state , yyscan_t yyscanner)
+ static void yy_push_state (int _new_state , yyscan_t yyscanner)
/* %endif */
/* %if-c++-only */
/* %endif */
@@ -2216,7 +2249,7 @@ YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char * yybytes, int _yyby
yyg->yy_start_stack[yyg->yy_start_stack_ptr++] = YY_START;
- BEGIN(new_state);
+ BEGIN(_new_state);
}
/* %if-c-only */
@@ -2249,7 +2282,9 @@ YY_BUFFER_STATE settings_parser__scan_bytes (yyconst char * yybytes, int _yyby
/* %if-c-only */
static void yy_fatal_error (yyconst char* msg , yyscan_t yyscanner)
{
- (void) fprintf( stderr, "%s\n", msg );
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+ (void) fprintf( stderr, "%s\n", msg );
exit( YY_EXIT_FAILURE );
}
/* %endif */
@@ -2336,7 +2371,7 @@ FILE *settings_parser_get_out (yyscan_t yyscanner)
/** Get the length of the current token.
* @param yyscanner The scanner object.
*/
-int settings_parser_get_leng (yyscan_t yyscanner)
+yy_size_t settings_parser_get_leng (yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
return yyleng;
@@ -2367,51 +2402,51 @@ void settings_parser_set_extra (YY_EXTRA_TYPE user_defined , yyscan_t yyscanner
/* %endif */
/** Set the current line number.
- * @param line_number
+ * @param _line_number line number
* @param yyscanner The scanner object.
*/
-void settings_parser_set_lineno (int line_number , yyscan_t yyscanner)
+void settings_parser_set_lineno (int _line_number , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* lineno is only valid if an input buffer exists. */
if (! YY_CURRENT_BUFFER )
- yy_fatal_error( "settings_parser_set_lineno called with no buffer" , yyscanner);
+ YY_FATAL_ERROR( "settings_parser_set_lineno called with no buffer" );
- yylineno = line_number;
+ yylineno = _line_number;
}
/** Set the current column.
- * @param line_number
+ * @param _column_no column number
* @param yyscanner The scanner object.
*/
-void settings_parser_set_column (int column_no , yyscan_t yyscanner)
+void settings_parser_set_column (int _column_no , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* column is only valid if an input buffer exists. */
if (! YY_CURRENT_BUFFER )
- yy_fatal_error( "settings_parser_set_column called with no buffer" , yyscanner);
+ YY_FATAL_ERROR( "settings_parser_set_column called with no buffer" );
- yycolumn = column_no;
+ yycolumn = _column_no;
}
/** Set the input stream. This does not discard the current
* input buffer.
- * @param in_str A readable stream.
+ * @param _in_str A readable stream.
* @param yyscanner The scanner object.
* @see settings_parser__switch_to_buffer
*/
-void settings_parser_set_in (FILE * in_str , yyscan_t yyscanner)
+void settings_parser_set_in (FILE * _in_str , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yyin = in_str ;
+ yyin = _in_str ;
}
-void settings_parser_set_out (FILE * out_str , yyscan_t yyscanner)
+void settings_parser_set_out (FILE * _out_str , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yyout = out_str ;
+ yyout = _out_str ;
}
int settings_parser_get_debug (yyscan_t yyscanner)
@@ -2420,10 +2455,10 @@ int settings_parser_get_debug (yyscan_t yyscanner)
return yy_flex_debug;
}
-void settings_parser_set_debug (int bdebug , yyscan_t yyscanner)
+void settings_parser_set_debug (int _bdebug , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yy_flex_debug = bdebug ;
+ yy_flex_debug = _bdebug ;
}
/* %endif */
@@ -2589,7 +2624,10 @@ int settings_parser_lex_destroy (yyscan_t yyscanner)
#ifndef yytext_ptr
static void yy_flex_strncpy (char* s1, yyconst char * s2, int n , yyscan_t yyscanner)
{
- register int i;
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+
+ int i;
for ( i = 0; i < n; ++i )
s1[i] = s2[i];
}
@@ -2598,7 +2636,7 @@ static void yy_flex_strncpy (char* s1, yyconst char * s2, int n , yyscan_t yysca
#ifdef YY_NEED_STRLEN
static int yy_flex_strlen (yyconst char * s , yyscan_t yyscanner)
{
- register int n;
+ int n;
for ( n = 0; s[n]; ++n )
;
@@ -2608,11 +2646,16 @@ static int yy_flex_strlen (yyconst char * s , yyscan_t yyscanner)
void *settings_parser_alloc (yy_size_t size , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
return (void *) malloc( size );
}
void *settings_parser_realloc (void * ptr, yy_size_t size , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+
/* The cast to (char *) in the following accommodates both
* implementations that use char* generic pointers, and those
* that use void* generic pointers. It works with the latter
@@ -2625,6 +2668,8 @@ void *settings_parser_realloc (void * ptr, yy_size_t size , yyscan_t yyscanner
void settings_parser_free (void * ptr , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
free( (char *) ptr ); /* see settings_parser_realloc() for (char *) cast */
}
diff --git a/src/libstrongswan/settings/settings_parser.c b/src/libstrongswan/settings/settings_parser.c
index 6cd3b177a..47cf8ebd4 100644
--- a/src/libstrongswan/settings/settings_parser.c
+++ b/src/libstrongswan/settings/settings_parser.c
@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.0.2. */
+/* A Bison parser, made by GNU Bison 3.0.4. */
/* Bison implementation for Yacc-like parsers in C
- Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
+ Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -44,7 +44,7 @@
#define YYBISON 1
/* Bison version. */
-#define YYBISON_VERSION "3.0.2"
+#define YYBISON_VERSION "3.0.4"
/* Skeleton name. */
#define YYSKELETON_NAME "yacc.c"
@@ -180,7 +180,7 @@ extern int settings_parser_debug;
/* Value type. */
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
-typedef union YYSTYPE YYSTYPE;
+
union YYSTYPE
{
#line 77 "settings/settings_parser.y" /* yacc.c:355 */
@@ -191,6 +191,8 @@ union YYSTYPE
#line 193 "settings/settings_parser.c" /* yacc.c:355 */
};
+
+typedef union YYSTYPE YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define YYSTYPE_IS_DECLARED 1
#endif
@@ -203,7 +205,7 @@ int settings_parser_parse (parser_helper_t *ctx);
/* Copy the second part of user declarations. */
-#line 207 "settings/settings_parser.c" /* yacc.c:358 */
+#line 209 "settings/settings_parser.c" /* yacc.c:358 */
#ifdef short
# undef short
@@ -1027,43 +1029,43 @@ yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep, parser_helper_t *c
case 3: /* NAME */
#line 91 "settings/settings_parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1031 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1033 "settings/settings_parser.c" /* yacc.c:1257 */
break;
case 4: /* STRING */
#line 91 "settings/settings_parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1037 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1039 "settings/settings_parser.c" /* yacc.c:1257 */
break;
case 13: /* section */
#line 93 "settings/settings_parser.y" /* yacc.c:1257 */
{ pop_section(ctx); settings_section_destroy(((*yyvaluep).sec), NULL); }
-#line 1043 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1045 "settings/settings_parser.c" /* yacc.c:1257 */
break;
case 14: /* section_start */
#line 93 "settings/settings_parser.y" /* yacc.c:1257 */
{ pop_section(ctx); settings_section_destroy(((*yyvaluep).sec), NULL); }
-#line 1049 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1051 "settings/settings_parser.c" /* yacc.c:1257 */
break;
case 15: /* setting */
#line 94 "settings/settings_parser.y" /* yacc.c:1257 */
{ settings_kv_destroy(((*yyvaluep).kv), NULL); }
-#line 1055 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1057 "settings/settings_parser.c" /* yacc.c:1257 */
break;
case 16: /* value */
#line 91 "settings/settings_parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1061 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1063 "settings/settings_parser.c" /* yacc.c:1257 */
break;
case 17: /* valuepart */
#line 91 "settings/settings_parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1067 "settings/settings_parser.c" /* yacc.c:1257 */
+#line 1069 "settings/settings_parser.c" /* yacc.c:1257 */
break;
@@ -1333,7 +1335,7 @@ yyreduce:
{
add_section(ctx, (yyvsp[0].sec));
}
-#line 1337 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1339 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 6:
@@ -1341,7 +1343,7 @@ yyreduce:
{
add_setting(ctx, (yyvsp[0].kv));
}
-#line 1345 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1347 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 7:
@@ -1350,7 +1352,7 @@ yyreduce:
pop_section(ctx);
(yyval.sec) = (yyvsp[-2].sec);
}
-#line 1354 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1356 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 8:
@@ -1358,7 +1360,7 @@ yyreduce:
{
(yyval.sec) = push_section(ctx, (yyvsp[-1].s));
}
-#line 1362 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1364 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 9:
@@ -1366,7 +1368,7 @@ yyreduce:
{
(yyval.sec) = push_section(ctx, (yyvsp[-2].s));
}
-#line 1370 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1372 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 10:
@@ -1374,7 +1376,7 @@ yyreduce:
{
(yyval.kv) = settings_kv_create((yyvsp[-2].s), (yyvsp[0].s));
}
-#line 1378 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1380 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 11:
@@ -1382,7 +1384,7 @@ yyreduce:
{
(yyval.kv) = settings_kv_create((yyvsp[-1].s), NULL);
}
-#line 1386 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1388 "settings/settings_parser.c" /* yacc.c:1646 */
break;
case 13:
@@ -1397,11 +1399,11 @@ yyreduce:
free((yyvsp[-1].s));
free((yyvsp[0].s));
}
-#line 1401 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1403 "settings/settings_parser.c" /* yacc.c:1646 */
break;
-#line 1405 "settings/settings_parser.c" /* yacc.c:1646 */
+#line 1407 "settings/settings_parser.c" /* yacc.c:1646 */
default: break;
}
/* User semantic actions sometimes alter yychar, and that requires
diff --git a/src/libstrongswan/settings/settings_parser.h b/src/libstrongswan/settings/settings_parser.h
index d887777a2..b41e0d56f 100644
--- a/src/libstrongswan/settings/settings_parser.h
+++ b/src/libstrongswan/settings/settings_parser.h
@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.0.2. */
+/* A Bison parser, made by GNU Bison 3.0.4. */
/* Bison interface for Yacc-like parsers in C
- Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
+ Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -59,7 +59,7 @@ extern int settings_parser_debug;
/* Value type. */
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
-typedef union YYSTYPE YYSTYPE;
+
union YYSTYPE
{
#line 77 "settings/settings_parser.y" /* yacc.c:1909 */
@@ -70,6 +70,8 @@ union YYSTYPE
#line 72 "settings/settings_parser.h" /* yacc.c:1909 */
};
+
+typedef union YYSTYPE YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define YYSTYPE_IS_DECLARED 1
#endif
diff --git a/src/libstrongswan/tests/Makefile.am b/src/libstrongswan/tests/Makefile.am
index b2d456035..caa9d3a6a 100644
--- a/src/libstrongswan/tests/Makefile.am
+++ b/src/libstrongswan/tests/Makefile.am
@@ -12,7 +12,7 @@ libtest_la_CFLAGS = \
libtest_la_LDFLAGS = @COVERAGE_LDFLAGS@
libtest_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB)
+ $(PTHREADLIB) $(ATOMICLIB)
TESTS = tests
diff --git a/src/libstrongswan/tests/Makefile.in b/src/libstrongswan/tests/Makefile.in
index 0a0f5893d..4e5321755 100644
--- a/src/libstrongswan/tests/Makefile.in
+++ b/src/libstrongswan/tests/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ host_triplet = @host@
TESTS = tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libstrongswan/tests
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -102,7 +111,7 @@ CONFIG_CLEAN_VPATH_FILES =
am__DEPENDENCIES_1 =
libtest_la_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
am__dirstamp = $(am__leading_dot)dirstamp
am_libtest_la_OBJECTS = libtest_la-test_suite.lo \
libtest_la-test_runner.lo utils/libtest_la-test_rng.lo
@@ -240,12 +249,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -295,6 +306,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -329,6 +341,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -440,6 +453,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -481,7 +495,7 @@ libtest_la_CFLAGS = \
libtest_la_LDFLAGS = @COVERAGE_LDFLAGS@
libtest_la_LIBADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB)
+ $(PTHREADLIB) $(ATOMICLIB)
tests_SOURCES = tests.h tests.c \
suites/test_linked_list.c \
@@ -549,7 +563,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/tests/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libstrongswan/tests/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -1603,6 +1616,8 @@ uninstall-am:
mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/tests/suites/test_array.c b/src/libstrongswan/tests/suites/test_array.c
index eda72e10a..eed8fba56 100644
--- a/src/libstrongswan/tests/suites/test_array.c
+++ b/src/libstrongswan/tests/suites/test_array.c
@@ -512,7 +512,7 @@ END_TEST
START_TEST(test_insert_create_value)
{
array_t *array = NULL;
- u_int16_t v;
+ uint16_t v;
v = 1;
array_insert_create_value(&array, sizeof(v), ARRAY_TAIL, &v);
diff --git a/src/libstrongswan/tests/suites/test_asn1.c b/src/libstrongswan/tests/suites/test_asn1.c
index ac7c5519e..fa02df9ca 100644
--- a/src/libstrongswan/tests/suites/test_asn1.c
+++ b/src/libstrongswan/tests/suites/test_asn1.c
@@ -462,7 +462,7 @@ START_TEST(test_asn1_to_time)
{
typedef struct {
time_t time;
- u_int8_t type;
+ uint8_t type;
char *string;
} testdata_t;
@@ -525,7 +525,7 @@ START_TEST(test_asn1_from_time)
{
typedef struct {
time_t time;
- u_int8_t type;
+ uint8_t type;
chunk_t chunk;
} testdata_t;
@@ -759,7 +759,7 @@ END_TEST
START_TEST(test_asn1_parse_integer_uint64)
{
typedef struct {
- u_int64_t n;
+ uint64_t n;
chunk_t chunk;
} testdata_t;
diff --git a/src/libstrongswan/tests/suites/test_bio_reader.c b/src/libstrongswan/tests/suites/test_bio_reader.c
index 6a9743d62..d3b4b4358 100644
--- a/src/libstrongswan/tests/suites/test_bio_reader.c
+++ b/src/libstrongswan/tests/suites/test_bio_reader.c
@@ -65,7 +65,7 @@
START_TEST(test_read_uint8)
{
chunk_t data = chunk_from_chars(0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07);
- u_int8_t val;
+ uint8_t val;
assert_integer_read(data, 8, val);
assert_basic_read(8, val);
@@ -76,7 +76,7 @@ END_TEST
START_TEST(test_read_uint16)
{
chunk_t data = chunk_from_chars(0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03);
- u_int16_t val;
+ uint16_t val;
assert_integer_read(data, 16, val);
assert_basic_read(16, val);
@@ -87,7 +87,7 @@ END_TEST
START_TEST(test_read_uint24)
{
chunk_t data = chunk_from_chars(0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x02, 0x00, 0x00, 0x03);
- u_int32_t val;
+ uint32_t val;
assert_integer_read(data, 24, val);
assert_basic_read(24, val);
@@ -99,7 +99,7 @@ START_TEST(test_read_uint32)
{
chunk_t data = chunk_from_chars(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x03);
- u_int32_t val;
+ uint32_t val;
assert_integer_read(data, 32, val);
assert_basic_read(32, val);
@@ -113,7 +113,7 @@ START_TEST(test_read_uint64)
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03);
- u_int64_t val;
+ uint64_t val;
assert_integer_read(data, 64, val);
assert_basic_read(64, val);
@@ -170,7 +170,7 @@ END_TEST
START_TEST(test_read_uint8_end)
{
chunk_t data = chunk_from_chars(0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00);
- u_int8_t val;
+ uint8_t val;
assert_integer_read_end(data, 8, val);
assert_basic_read_end(8, val);
@@ -181,7 +181,7 @@ END_TEST
START_TEST(test_read_uint16_end)
{
chunk_t data = chunk_from_chars(0x00, 0x03, 0x00, 0x02, 0x00, 0x01, 0x00, 0x00);
- u_int16_t val;
+ uint16_t val;
assert_integer_read_end(data, 16, val);
assert_basic_read_end(16, val);
@@ -192,7 +192,7 @@ END_TEST
START_TEST(test_read_uint24_end)
{
chunk_t data = chunk_from_chars(0x00, 0x00, 0x03, 0x00, 0x00, 0x02, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00);
- u_int32_t val;
+ uint32_t val;
assert_integer_read_end(data, 24, val);
assert_basic_read_end(24, val);
@@ -204,7 +204,7 @@ START_TEST(test_read_uint32_end)
{
chunk_t data = chunk_from_chars(0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x02,
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00);
- u_int32_t val;
+ uint32_t val;
assert_integer_read_end(data, 32, val);
assert_basic_read_end(32, val);
@@ -218,7 +218,7 @@ START_TEST(test_read_uint64_end)
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00);
- u_int64_t val;
+ uint64_t val;
assert_integer_read_end(data, 64, val);
assert_basic_read_end(64, val);
diff --git a/src/libstrongswan/tests/suites/test_chunk.c b/src/libstrongswan/tests/suites/test_chunk.c
index 6272ca795..b82b1436f 100644
--- a/src/libstrongswan/tests/suites/test_chunk.c
+++ b/src/libstrongswan/tests/suites/test_chunk.c
@@ -316,11 +316,11 @@ START_TEST(test_chunk_skip)
foobar = chunk_from_str("foobar");
a = foobar;
a = chunk_skip(a, 0);
- ck_assert(chunk_equals(a, foobar));
+ ck_assert_chunk_eq(a, foobar);
a = chunk_skip(a, 1);
- ck_assert(chunk_equals(a, chunk_from_str("oobar")));
+ ck_assert_chunk_eq(a, chunk_from_str("oobar"));
a = chunk_skip(a, 2);
- ck_assert(chunk_equals(a, chunk_from_str("bar")));
+ ck_assert_chunk_eq(a, chunk_from_str("bar"));
a = chunk_skip(a, 3);
assert_chunk_empty(a);
@@ -338,20 +338,24 @@ START_TEST(test_chunk_skip_zero)
{
chunk_t foobar, a;
- a = chunk_empty;
- a = chunk_skip_zero(a);
+ a = chunk_skip_zero(chunk_empty);
assert_chunk_empty(a);
foobar = chunk_from_str("foobar");
- a = foobar;
- a = chunk_skip_zero(a);
- ck_assert(chunk_equals(a, foobar));
+ a = chunk_skip_zero(foobar);
+ ck_assert_chunk_eq(a, foobar);
- a = chunk_from_chars(0x00, 0xaa, 0xbb, 0xcc);
- a = chunk_skip_zero(a);
- ck_assert(chunk_equals(a, chunk_from_chars(0xaa, 0xbb, 0xcc)));
+ foobar = chunk_from_chars(0x00);
+ a = chunk_skip_zero(foobar);
+ ck_assert_chunk_eq(a, foobar);
+
+ a = chunk_skip_zero(chunk_from_chars(0x00, 0xaa, 0xbb, 0xcc));
+ ck_assert_chunk_eq(a, chunk_from_chars(0xaa, 0xbb, 0xcc));
a = chunk_skip_zero(a);
- ck_assert(chunk_equals(a, chunk_from_chars(0xaa, 0xbb, 0xcc)));
+ ck_assert_chunk_eq(a, chunk_from_chars(0xaa, 0xbb, 0xcc));
+
+ a = chunk_skip_zero(chunk_from_chars(0x00, 0x00, 0xaa, 0xbb, 0xcc));
+ ck_assert_chunk_eq(a, chunk_from_chars(0xaa, 0xbb, 0xcc));
}
END_TEST
@@ -736,7 +740,7 @@ START_TEST(test_chunk_mac)
{
chunk_t in;
u_char key[16];
- u_int64_t out;
+ uint64_t out;
int i, count;
count = countof(sip_vectors);
@@ -765,7 +769,7 @@ END_TEST
START_TEST(test_chunk_hash)
{
chunk_t chunk;
- u_int32_t hash_a, hash_b, hash_c;
+ uint32_t hash_a, hash_b, hash_c;
chunk = chunk_from_str("asdf");
@@ -787,7 +791,7 @@ END_TEST
START_TEST(test_chunk_hash_static)
{
chunk_t in;
- u_int32_t out, hash_a, hash_b, hash_inc = 0x7b891a95;
+ uint32_t out, hash_a, hash_b, hash_inc = 0x7b891a95;
int i, count;
count = countof(sip_vectors);
@@ -813,7 +817,7 @@ END_TEST
* test for chunk_internet_checksum[_inc]()
*/
-static inline u_int16_t compensate_alignment(u_int16_t val)
+static inline uint16_t compensate_alignment(uint16_t val)
{
return ((val & 0xff) << 8) | (val >> 8);
}
@@ -821,7 +825,7 @@ static inline u_int16_t compensate_alignment(u_int16_t val)
START_TEST(test_chunk_internet_checksum)
{
chunk_t chunk;
- u_int16_t sum;
+ uint16_t sum;
chunk = chunk_from_chars(0x45,0x00,0x00,0x30,0x44,0x22,0x40,0x00,0x80,0x06,
0x00,0x00,0x8c,0x7c,0x19,0xac,0xae,0x24,0x1e,0x2b);
diff --git a/src/libstrongswan/tests/suites/test_host.c b/src/libstrongswan/tests/suites/test_host.c
index 5cb8013ff..5d054577a 100644
--- a/src/libstrongswan/tests/suites/test_host.c
+++ b/src/libstrongswan/tests/suites/test_host.c
@@ -46,7 +46,7 @@ static void verify_netmask(chunk_t addr, int mask)
* host_create_any
*/
-static void verify_any(host_t *host, int family, u_int16_t port)
+static void verify_any(host_t *host, int family, uint16_t port)
{
verify_netmask(host->get_address(host), 0);
ck_assert(host->is_anyaddr(host));
@@ -88,7 +88,7 @@ END_TEST
* host_create_from_string
*/
-static void verify_address(host_t *host, chunk_t addr, int family, u_int16_t port)
+static void verify_address(host_t *host, chunk_t addr, int family, uint16_t port)
{
ck_assert(chunk_equals(host->get_address(host), addr));
ck_assert(!host->is_anyaddr(host));
@@ -656,7 +656,7 @@ END_TEST
static struct {
char *addr;
- u_int16_t port;
+ uint16_t port;
/* results for %H, %+H, %#H (falls back to [0]) */
char *result[3];
} printf_data[] = {
diff --git a/src/libstrongswan/tests/suites/test_iv_gen.c b/src/libstrongswan/tests/suites/test_iv_gen.c
index 4e45c8538..8b0a14b79 100644
--- a/src/libstrongswan/tests/suites/test_iv_gen.c
+++ b/src/libstrongswan/tests/suites/test_iv_gen.c
@@ -21,17 +21,17 @@
START_TEST(test_iv_gen_seq)
{
iv_gen_t *iv_gen;
- u_int64_t iv0, iv1_1, iv1_2;
+ uint64_t iv0, iv1_1, iv1_2;
iv_gen = iv_gen_seq_create();
- ck_assert(iv_gen->get_iv(iv_gen, 0, 8, (u_int8_t*)&iv0));
- ck_assert(iv_gen->get_iv(iv_gen, 1, 8, (u_int8_t*)&iv1_1));
+ ck_assert(iv_gen->get_iv(iv_gen, 0, 8, (uint8_t*)&iv0));
+ ck_assert(iv_gen->get_iv(iv_gen, 1, 8, (uint8_t*)&iv1_1));
ck_assert(iv0 != iv1_1);
/* every sequence number may be used twice, but results in a different IV */
- ck_assert(iv_gen->get_iv(iv_gen, 1, 8, (u_int8_t*)&iv1_2));
+ ck_assert(iv_gen->get_iv(iv_gen, 1, 8, (uint8_t*)&iv1_2));
ck_assert(iv0 != iv1_2);
ck_assert(iv1_1 != iv1_2);
- ck_assert(!iv_gen->get_iv(iv_gen, 1, 8, (u_int8_t*)&iv1_2));
+ ck_assert(!iv_gen->get_iv(iv_gen, 1, 8, (uint8_t*)&iv1_2));
iv_gen->destroy(iv_gen);
}
END_TEST
@@ -39,19 +39,19 @@ END_TEST
START_TEST(test_iv_gen_seq_len)
{
iv_gen_t *iv_gen;
- u_int64_t iv;
- u_int8_t buf[9];
+ uint64_t iv;
+ uint8_t buf[9];
iv_gen = iv_gen_seq_create();
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 0, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 1, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 2, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 3, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 4, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 5, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 6, (u_int8_t*)&iv));
- ck_assert(!iv_gen->get_iv(iv_gen, 0, 7, (u_int8_t*)&iv));
- ck_assert(iv_gen->get_iv(iv_gen, 0, 8, (u_int8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 0, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 1, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 2, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 3, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 4, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 5, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 6, (uint8_t*)&iv));
+ ck_assert(!iv_gen->get_iv(iv_gen, 0, 7, (uint8_t*)&iv));
+ ck_assert(iv_gen->get_iv(iv_gen, 0, 8, (uint8_t*)&iv));
ck_assert(iv_gen->get_iv(iv_gen, 0, 9, buf));
iv_gen->destroy(iv_gen);
}
diff --git a/src/libstrongswan/tests/suites/test_ntru.c b/src/libstrongswan/tests/suites/test_ntru.c
index d209fa2bc..0a6d24d04 100644
--- a/src/libstrongswan/tests/suites/test_ntru.c
+++ b/src/libstrongswan/tests/suites/test_ntru.c
@@ -25,7 +25,7 @@
#include <plugins/ntru/ntru_private_key.h>
IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_drbg_create, ntru_drbg_t*,
- u_int32_t strength, chunk_t pers_str, rng_t *entropy)
+ uint32_t strength, chunk_t pers_str, rng_t *entropy)
IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_trits_create, ntru_trits_t*,
size_t len, hash_algorithm_t alg, chunk_t seed)
@@ -36,7 +36,7 @@ IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_seed, ntru_poly_t*,
uint32_t indices_len_m, bool is_product_form)
IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_data, ntru_poly_t*,
- u_int16_t *data, uint16_t N, uint16_t q,
+ uint16_t *data, uint16_t N, uint16_t q,
uint32_t indices_len_p, uint32_t indices_len_m,
bool is_product_form)
@@ -73,8 +73,8 @@ char *parameter_sets[] = {
};
typedef struct {
- u_int32_t requested;
- u_int32_t standard;
+ uint32_t requested;
+ uint32_t standard;
}strength_t;
strength_t strengths[] = {
diff --git a/src/libstrongswan/tests/suites/test_printf.c b/src/libstrongswan/tests/suites/test_printf.c
index 9e40d1fc0..377f2a767 100644
--- a/src/libstrongswan/tests/suites/test_printf.c
+++ b/src/libstrongswan/tests/suites/test_printf.c
@@ -75,7 +75,7 @@ END_TEST
START_TEST(test_printf_unsigned)
{
- verify("1 23 456", "%u %lu %llu", 1, (u_long)23, (u_int64_t)456);
+ verify("1 23 456", "%u %lu %llu", 1, (u_long)23, (uint64_t)456);
verify("65535 255", "%hu %hhu", 0x1ffff, 0x1ff);
verify("123456789", "%zu", (size_t)123456789);
verify(" 12", "%5u", 12);
@@ -99,7 +99,7 @@ END_TEST
START_TEST(test_printf_hex)
{
- verify("1 23 456", "%x %lx %llx", 1, (u_long)0x23, (u_int64_t)0x456);
+ verify("1 23 456", "%x %lx %llx", 1, (u_long)0x23, (uint64_t)0x456);
verify("12abcdef 12ABCDEF", "%x %X", 0x12ABCDEF, 0x12ABCDEF);
verify("ffff ff", "%hx %hhx", 0x1ffff, 0x1ff);
verify("23456789", "%zx", (size_t)0x23456789);
@@ -170,10 +170,10 @@ END_TEST
START_TEST(test_printf_pri)
{
- verify("255", "%" PRIu8, (u_int8_t)0xFF);
- verify("65535", "%" PRIu16, (u_int16_t)0xFFFF);
- verify("4294967295", "%" PRIu32, (u_int32_t)0x1FFFFFFFFll);
- verify("18446744073709551615", "%" PRIu64, (u_int64_t)0xFFFFFFFFFFFFFFFFll);
+ verify("255", "%" PRIu8, (uint8_t)0xFF);
+ verify("65535", "%" PRIu16, (uint16_t)0xFFFF);
+ verify("4294967295", "%" PRIu32, (uint32_t)0x1FFFFFFFFll);
+ verify("18446744073709551615", "%" PRIu64, (uint64_t)0xFFFFFFFFFFFFFFFFll);
verify("-1", "%" PRId8, (int8_t)-1);
verify("-1", "%" PRId16, (int16_t)-1);
diff --git a/src/libstrongswan/tests/suites/test_traffic_selector.c b/src/libstrongswan/tests/suites/test_traffic_selector.c
index 5c0fb754d..0d5d877ac 100644
--- a/src/libstrongswan/tests/suites/test_traffic_selector.c
+++ b/src/libstrongswan/tests/suites/test_traffic_selector.c
@@ -198,7 +198,7 @@ struct {
char *from;
char *to;
char *net;
- u_int8_t mask;
+ uint8_t mask;
bool exact;
} to_subnet_tests[] = {
{ TS_IPV4_ADDR_RANGE, "10.0.0.1", "10.0.0.1", "10.0.0.1", 32, TRUE },
@@ -218,7 +218,7 @@ START_TEST(test_to_subnet)
{
traffic_selector_t *ts;
host_t *net, *exp_net;
- u_int8_t mask;
+ uint8_t mask;
ts = traffic_selector_create_from_string(0, to_subnet_tests[_i].type,
to_subnet_tests[_i].from, 0, to_subnet_tests[_i].to, 0);
@@ -234,9 +234,9 @@ END_TEST
struct {
char *cidr;
- u_int16_t from_port;
- u_int16_t to_port;
- u_int16_t port;
+ uint16_t from_port;
+ uint16_t to_port;
+ uint16_t port;
} to_subnet_port_tests[] = {
{ "10.0.0.0/8", 0, 0, 0 },
{ "10.0.0.1/32", 80, 80, 80 },
@@ -252,7 +252,7 @@ START_TEST(test_to_subnet_port)
{
traffic_selector_t *ts;
host_t *net, *exp_net;
- u_int8_t mask;
+ uint8_t mask;
int exp_mask;
ts = traffic_selector_create_from_cidr(to_subnet_port_tests[_i].cidr, 0,
@@ -431,9 +431,9 @@ struct {
bool contained;
struct {
char *net;
- u_int8_t proto;
- u_int16_t from_port;
- u_int16_t to_port;
+ uint8_t proto;
+ uint16_t from_port;
+ uint16_t to_port;
} a, b;
} is_contained_in_tests[] = {
{ TRUE, { "10.0.0.0/16", 0, 0, 65535 }, { "10.0.0.0/16", 0, 0, 65535 }, },
@@ -555,9 +555,9 @@ struct {
int res;
struct {
char *net;
- u_int8_t proto;
- u_int16_t from_port;
- u_int16_t to_port;
+ uint8_t proto;
+ uint16_t from_port;
+ uint16_t to_port;
} a, b;
} cmp_tests[] = {
{ 0, { "10.0.0.0/8", 0, 0, 65535 }, { "10.0.0.0/8", 0, 0, 65535 }, },
@@ -706,13 +706,13 @@ START_TEST(test_hash)
END_TEST
struct {
- u_int8_t proto;
- u_int16_t from_port;
- u_int16_t to_port;
- u_int8_t from_type;
- u_int8_t from_code;
- u_int8_t to_type;
- u_int8_t to_code;
+ uint8_t proto;
+ uint16_t from_port;
+ uint16_t to_port;
+ uint8_t from_type;
+ uint8_t from_code;
+ uint8_t to_type;
+ uint8_t to_code;
char *str;
char *str_alt;
} icmp_tests[] = {
@@ -731,7 +731,7 @@ struct {
START_TEST(test_icmp)
{
traffic_selector_t *ts;
- u_int16_t from, to;
+ uint16_t from, to;
ts = traffic_selector_create_dynamic(icmp_tests[_i].proto,
icmp_tests[_i].from_port, icmp_tests[_i].to_port);
diff --git a/src/libstrongswan/tests/suites/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c
index 104b0b2c0..1eb3c8bc3 100644
--- a/src/libstrongswan/tests/suites/test_utils.c
+++ b/src/libstrongswan/tests/suites/test_utils.c
@@ -121,9 +121,9 @@ END_TEST
START_TEST(test_htoun)
{
chunk_t net64, expected;
- u_int16_t host16 = 513;
- u_int32_t net16 = 0, host32 = 67305985;
- u_int64_t net32 = 0, host64 = 578437695752307201ULL;
+ uint16_t host16 = 513;
+ uint32_t net16 = 0, host32 = 67305985;
+ uint64_t net32 = 0, host64 = 578437695752307201ULL;
net64 = chunk_alloca(16);
memset(net64.ptr, 0, net64.len);
@@ -133,14 +133,14 @@ START_TEST(test_htoun)
ck_assert(chunk_equals(expected, chunk_from_thing(net16)));
expected = chunk_from_chars(0x00, 0x00, 0x04, 0x03, 0x02, 0x01, 0x00, 0x00);
- htoun32((u_int16_t*)&net32 + 1, host32);
+ htoun32((uint16_t*)&net32 + 1, host32);
ck_assert(chunk_equals(expected, chunk_from_thing(net32)));
expected = chunk_from_chars(0x00, 0x00, 0x00, 0x00,
0x08, 0x07, 0x06, 0x05,
0x04, 0x03, 0x02, 0x01,
0x00, 0x00, 0x00, 0x00);
- htoun64((u_int32_t*)net64.ptr + 1, host64);
+ htoun64((uint32_t*)net64.ptr + 1, host64);
ck_assert(chunk_equals(expected, net64));
}
END_TEST
@@ -148,9 +148,9 @@ END_TEST
START_TEST(test_untoh)
{
chunk_t net;
- u_int16_t host16;
- u_int32_t host32;
- u_int64_t host64;
+ uint16_t host16;
+ uint32_t host32;
+ uint64_t host64;
net = chunk_from_chars(0x00, 0x02, 0x01, 0x00);
host16 = untoh16(net.ptr + 1);
@@ -197,6 +197,82 @@ START_TEST(test_round)
END_TEST
/*******************************************************************************
+ * streq
+ */
+
+static struct {
+ char *a;
+ char *b;
+ bool eq;
+ bool case_eq;
+} streq_data[] = {
+ {NULL, NULL, TRUE, TRUE},
+ {NULL, "", FALSE, FALSE},
+ {"", NULL, FALSE, FALSE},
+ {"abc", "", FALSE, FALSE},
+ {"abc", "abc", TRUE, TRUE},
+ {"abc", "ABC", FALSE, TRUE},
+};
+
+START_TEST(test_streq)
+{
+ bool eq;
+
+ ck_assert(streq(streq_data[_i].a, streq_data[_i].a));
+ ck_assert(streq(streq_data[_i].b, streq_data[_i].b));
+ eq = streq(streq_data[_i].a, streq_data[_i].b);
+ ck_assert(eq == streq_data[_i].eq);
+
+ ck_assert(strcaseeq(streq_data[_i].a, streq_data[_i].a));
+ ck_assert(strcaseeq(streq_data[_i].b, streq_data[_i].b));
+ eq = strcaseeq(streq_data[_i].a, streq_data[_i].b);
+ ck_assert(eq == streq_data[_i].case_eq);
+}
+END_TEST
+
+/*******************************************************************************
+ * strneq
+ */
+
+static struct {
+ char *a;
+ char *b;
+ size_t n;
+ bool eq;
+ bool case_eq;
+} strneq_data[] = {
+ {NULL, NULL, 0, TRUE, TRUE},
+ {NULL, NULL, 10, TRUE, TRUE},
+ {NULL, "", 0, FALSE, FALSE},
+ {"", NULL, 0, FALSE, FALSE},
+ {"abc", "", 0, TRUE, TRUE},
+ {"abc", "", 1, FALSE, FALSE},
+ {"abc", "ab", 1, TRUE, TRUE},
+ {"abc", "ab", 2, TRUE, TRUE},
+ {"abc", "ab", 3, FALSE, FALSE},
+ {"abc", "abc", 3, TRUE, TRUE},
+ {"abc", "abc", 4, TRUE, TRUE},
+ {"abc", "abC", 2, TRUE, TRUE},
+ {"abc", "abC", 3, FALSE, TRUE},
+};
+
+START_TEST(test_strneq)
+{
+ bool eq;
+
+ ck_assert(strneq(strneq_data[_i].a, strneq_data[_i].a, strneq_data[_i].n));
+ ck_assert(strneq(strneq_data[_i].b, strneq_data[_i].b, strneq_data[_i].n));
+ eq = strneq(strneq_data[_i].a, strneq_data[_i].b, strneq_data[_i].n);
+ ck_assert(eq == strneq_data[_i].eq);
+
+ ck_assert(strncaseeq(strneq_data[_i].a, strneq_data[_i].a, strneq_data[_i].n));
+ ck_assert(strncaseeq(strneq_data[_i].b, strneq_data[_i].b, strneq_data[_i].n));
+ eq = strncaseeq(strneq_data[_i].a, strneq_data[_i].b, strneq_data[_i].n);
+ ck_assert(eq == strneq_data[_i].case_eq);
+}
+END_TEST
+
+/*******************************************************************************
* strpfx
*/
@@ -308,7 +384,7 @@ END_TEST
START_TEST(test_memxor_aligned)
{
- u_int64_t a = 0, b = 0;
+ uint64_t a = 0, b = 0;
chunk_t ca, cb;
int i;
@@ -848,6 +924,8 @@ Suite *utils_suite_create()
suite_add_tcase(s, tc);
tc = tcase_create("string helper");
+ tcase_add_loop_test(tc, test_streq, 0, countof(streq_data));
+ tcase_add_loop_test(tc, test_strneq, 0, countof(strneq_data));
tcase_add_loop_test(tc, test_strpfx, 0, countof(strpfx_data));
suite_add_tcase(s, tc);
diff --git a/src/libstrongswan/tests/test_runner.c b/src/libstrongswan/tests/test_runner.c
index 66d0e612d..ed77b3c86 100644
--- a/src/libstrongswan/tests/test_runner.c
+++ b/src/libstrongswan/tests/test_runner.c
@@ -90,6 +90,28 @@ static void apply_filter(array_t *loaded, char *filter, bool exclude)
}
/**
+ * Check if the given string is contained in the filter string.
+ */
+static bool is_in_filter(const char *find, char *filter)
+{
+ enumerator_t *names;
+ bool found = FALSE;
+ char *name;
+
+ names = enumerator_create_token(filter, ",", " ");
+ while (names->enumerate(names, &name))
+ {
+ if (streq(name, find))
+ {
+ found = TRUE;
+ break;
+ }
+ }
+ names->destroy(names);
+ return found;
+}
+
+/**
* Removes and destroys test suites that are not selected or
* explicitly excluded.
*/
@@ -524,11 +546,17 @@ int test_runner_run(const char *name, test_configuration_t configs[],
enumerator_t *enumerator;
int passed = 0, result;
level_t level = LEVEL_SILENT;
- char *cfg, *verbosity;
+ char *cfg, *runners, *verbosity;
/* redirect all output to stderr (to redirect make's stdout to /dev/null) */
dup2(2, 1);
+ runners = getenv("TESTS_RUNNERS");
+ if (runners && !is_in_filter(name, runners))
+ {
+ return EXIT_SUCCESS;
+ }
+
cfg = getenv("TESTS_STRONGSWAN_CONF");
suites = load_suites(configs, init, cfg);
diff --git a/src/libstrongswan/tests/test_runner.h b/src/libstrongswan/tests/test_runner.h
index 5c3057096..e0fe767c5 100644
--- a/src/libstrongswan/tests/test_runner.h
+++ b/src/libstrongswan/tests/test_runner.h
@@ -70,6 +70,7 @@ struct test_configuration_t {
* - TESTS_VERBOSITY: Numerical loglevel for debug log
* - TESTS_STRONGSWAN_CONF: Specify a path to a custom strongswan.conf
* - TESTS_PLUGINS: Specify an explicit list of plugins to load
+ * - TESTS_RUNNERS: Run specific test runners only
* - TESTS_SUITES: Run specific test suites only
* - TESTS_SUITES_EXCLUDE: Don't run specific test suites
* - TESTS_REDUCED_KEYLENGTHS: Test minimal keylengths for public key tests only
@@ -77,6 +78,9 @@ struct test_configuration_t {
* Please note that TESTS_PLUGINS actually must be implemented by the init
* callback function, as plugin loading is delegated.
*
+ * EXIT_SUCCESS is returned right away if TESTS_RUNNERS is defined but the name
+ * passed to this function is not contained in it.
+ *
* @param name name of test runner
* @param config test suite constructors with dependencies
* @param init_cb init/deinit callback
diff --git a/src/libstrongswan/tests/utils/test_rng.c b/src/libstrongswan/tests/utils/test_rng.c
index 01569509b..2985a56e3 100644
--- a/src/libstrongswan/tests/utils/test_rng.c
+++ b/src/libstrongswan/tests/utils/test_rng.c
@@ -34,7 +34,7 @@ struct private_rng_t {
};
METHOD(rng_t, get_bytes, bool,
- private_rng_t *this, size_t bytes, u_int8_t *buffer)
+ private_rng_t *this, size_t bytes, uint8_t *buffer)
{
if (bytes > this->entropy.len)
{
diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c
index 3d87e7fca..de5cbaa21 100644
--- a/src/libstrongswan/threading/thread.c
+++ b/src/libstrongswan/threading/thread.c
@@ -278,18 +278,27 @@ static private_thread_t *thread_create_internal()
}
/**
- * Main cleanup function for threads.
+ * Remove and run all cleanup handlers in reverse order.
*/
-static void thread_cleanup(private_thread_t *this)
+static void thread_cleanup_popall_internal(private_thread_t *this)
{
cleanup_handler_t *handler;
- this->mutex->lock(this->mutex);
+
while (this->cleanup_handlers->remove_last(this->cleanup_handlers,
- (void**)&handler) == SUCCESS)
+ (void**)&handler) == SUCCESS)
{
handler->cleanup(handler->arg);
free(handler);
}
+}
+
+/**
+ * Main cleanup function for threads.
+ */
+static void thread_cleanup(private_thread_t *this)
+{
+ thread_cleanup_popall_internal(this);
+ this->mutex->lock(this->mutex);
this->terminated = TRUE;
thread_destroy(this);
}
@@ -417,15 +426,8 @@ void thread_cleanup_pop(bool execute)
void thread_cleanup_popall()
{
private_thread_t *this = (private_thread_t*)thread_current();
- cleanup_handler_t *handler;
- while (this->cleanup_handlers->get_count(this->cleanup_handlers))
- {
- this->cleanup_handlers->remove_last(this->cleanup_handlers,
- (void**)&handler);
- handler->cleanup(handler->arg);
- free(handler);
- }
+ thread_cleanup_popall_internal(this);
}
/**
diff --git a/src/libstrongswan/utils/chunk.c b/src/libstrongswan/utils/chunk.c
index c4471be70..2f824a259 100644
--- a/src/libstrongswan/utils/chunk.c
+++ b/src/libstrongswan/utils/chunk.c
@@ -775,25 +775,25 @@ bool chunk_printable(chunk_t chunk, chunk_t *sane, char replace)
/**
* Helper functions for chunk_mac()
*/
-static inline u_int64_t sipget(u_char *in)
+static inline uint64_t sipget(u_char *in)
{
- u_int64_t v = 0;
+ uint64_t v = 0;
int i;
for (i = 0; i < 64; i += 8, ++in)
{
- v |= ((u_int64_t)*in) << i;
+ v |= ((uint64_t)*in) << i;
}
return v;
}
-static inline u_int64_t siprotate(u_int64_t v, int shift)
+static inline uint64_t siprotate(uint64_t v, int shift)
{
return (v << shift) | (v >> (64 - shift));
}
-static inline void sipround(u_int64_t *v0, u_int64_t *v1, u_int64_t *v2,
- u_int64_t *v3)
+static inline void sipround(uint64_t *v0, uint64_t *v1, uint64_t *v2,
+ uint64_t *v3)
{
*v0 += *v1;
*v1 = siprotate(*v1, 13);
@@ -814,8 +814,8 @@ static inline void sipround(u_int64_t *v0, u_int64_t *v1, u_int64_t *v2,
*v3 ^= *v0;
}
-static inline void sipcompress(u_int64_t *v0, u_int64_t *v1, u_int64_t *v2,
- u_int64_t *v3, u_int64_t m)
+static inline void sipcompress(uint64_t *v0, uint64_t *v1, uint64_t *v2,
+ uint64_t *v3, uint64_t m)
{
*v3 ^= m;
sipround(v0, v1, v2, v3);
@@ -823,28 +823,28 @@ static inline void sipcompress(u_int64_t *v0, u_int64_t *v1, u_int64_t *v2,
*v0 ^= m;
}
-static inline u_int64_t siplast(size_t len, u_char *pos)
+static inline uint64_t siplast(size_t len, u_char *pos)
{
- u_int64_t b;
+ uint64_t b;
int rem = len & 7;
- b = ((u_int64_t)len) << 56;
+ b = ((uint64_t)len) << 56;
switch (rem)
{
case 7:
- b |= ((u_int64_t)pos[6]) << 48;
+ b |= ((uint64_t)pos[6]) << 48;
case 6:
- b |= ((u_int64_t)pos[5]) << 40;
+ b |= ((uint64_t)pos[5]) << 40;
case 5:
- b |= ((u_int64_t)pos[4]) << 32;
+ b |= ((uint64_t)pos[4]) << 32;
case 4:
- b |= ((u_int64_t)pos[3]) << 24;
+ b |= ((uint64_t)pos[3]) << 24;
case 3:
- b |= ((u_int64_t)pos[2]) << 16;
+ b |= ((uint64_t)pos[2]) << 16;
case 2:
- b |= ((u_int64_t)pos[1]) << 8;
+ b |= ((uint64_t)pos[1]) << 8;
case 1:
- b |= ((u_int64_t)pos[0]);
+ b |= ((uint64_t)pos[0]);
break;
case 0:
break;
@@ -855,9 +855,9 @@ static inline u_int64_t siplast(size_t len, u_char *pos)
/**
* Caculate SipHash-2-4 with an optional first block given as argument.
*/
-static u_int64_t chunk_mac_inc(chunk_t chunk, u_char *key, u_int64_t m)
+static uint64_t chunk_mac_inc(chunk_t chunk, u_char *key, uint64_t m)
{
- u_int64_t v0, v1, v2, v3, k0, k1;
+ uint64_t v0, v1, v2, v3, k0, k1;
size_t len = chunk.len;
u_char *pos = chunk.ptr, *end;
@@ -896,7 +896,7 @@ static u_int64_t chunk_mac_inc(chunk_t chunk, u_char *key, u_int64_t m)
/**
* Described in header.
*/
-u_int64_t chunk_mac(chunk_t chunk, u_char *key)
+uint64_t chunk_mac(chunk_t chunk, u_char *key)
{
return chunk_mac_inc(chunk, key, 0);
}
@@ -957,16 +957,16 @@ void chunk_hash_seed()
/**
* Described in header.
*/
-u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash)
+uint32_t chunk_hash_inc(chunk_t chunk, uint32_t hash)
{
/* we could use a mac of the previous hash, but this is faster */
- return chunk_mac_inc(chunk, key, ((u_int64_t)hash) << 32 | hash);
+ return chunk_mac_inc(chunk, key, ((uint64_t)hash) << 32 | hash);
}
/**
* Described in header.
*/
-u_int32_t chunk_hash(chunk_t chunk)
+uint32_t chunk_hash(chunk_t chunk)
{
return chunk_mac(chunk, key);
}
@@ -974,15 +974,15 @@ u_int32_t chunk_hash(chunk_t chunk)
/**
* Described in header.
*/
-u_int32_t chunk_hash_static_inc(chunk_t chunk, u_int32_t hash)
+uint32_t chunk_hash_static_inc(chunk_t chunk, uint32_t hash)
{ /* we could use a mac of the previous hash, but this is faster */
- return chunk_mac_inc(chunk, static_key, ((u_int64_t)hash) << 32 | hash);
+ return chunk_mac_inc(chunk, static_key, ((uint64_t)hash) << 32 | hash);
}
/**
* Described in header.
*/
-u_int32_t chunk_hash_static(chunk_t chunk)
+uint32_t chunk_hash_static(chunk_t chunk)
{
return chunk_mac(chunk, static_key);
}
@@ -990,9 +990,9 @@ u_int32_t chunk_hash_static(chunk_t chunk)
/**
* Described in header.
*/
-u_int16_t chunk_internet_checksum_inc(chunk_t data, u_int16_t checksum)
+uint16_t chunk_internet_checksum_inc(chunk_t data, uint16_t checksum)
{
- u_int32_t sum = ntohs((u_int16_t)~checksum);
+ uint32_t sum = ntohs((uint16_t)~checksum);
while (data.len > 1)
{
@@ -1001,7 +1001,7 @@ u_int16_t chunk_internet_checksum_inc(chunk_t data, u_int16_t checksum)
}
if (data.len)
{
- sum += (u_int16_t)*data.ptr << 8;
+ sum += (uint16_t)*data.ptr << 8;
}
while (sum >> 16)
{
@@ -1013,7 +1013,7 @@ u_int16_t chunk_internet_checksum_inc(chunk_t data, u_int16_t checksum)
/**
* Described in header.
*/
-u_int16_t chunk_internet_checksum(chunk_t data)
+uint16_t chunk_internet_checksum(chunk_t data)
{
return chunk_internet_checksum_inc(data, 0xffff);
}
diff --git a/src/libstrongswan/utils/chunk.h b/src/libstrongswan/utils/chunk.h
index 2ec7f7543..160d09944 100644
--- a/src/libstrongswan/utils/chunk.h
+++ b/src/libstrongswan/utils/chunk.h
@@ -280,11 +280,11 @@ static inline chunk_t chunk_skip(chunk_t chunk, size_t bytes)
}
/**
- * Skip a leading zero-valued byte
+ * Skip any leading zero-valued bytes
*/
static inline chunk_t chunk_skip_zero(chunk_t chunk)
{
- if (chunk.len > 1 && *chunk.ptr == 0x00)
+ while (chunk.len > 1 && *chunk.ptr == 0x00)
{
chunk.ptr++;
chunk.len--;
@@ -375,7 +375,7 @@ void chunk_hash_seed();
* @param chunk data to hash
* @return hash value
*/
-u_int32_t chunk_hash(chunk_t chunk);
+uint32_t chunk_hash(chunk_t chunk);
/**
* Incremental version of chunk_hash. Use this to hash two or more chunks.
@@ -384,7 +384,7 @@ u_int32_t chunk_hash(chunk_t chunk);
* @param hash previous hash value
* @return hash value
*/
-u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash);
+uint32_t chunk_hash_inc(chunk_t chunk, uint32_t hash);
/**
* Computes a 32 bit hash of the given chunk.
@@ -398,7 +398,7 @@ u_int32_t chunk_hash_inc(chunk_t chunk, u_int32_t hash);
* @param chunk data to hash
* @return hash value
*/
-u_int32_t chunk_hash_static(chunk_t chunk);
+uint32_t chunk_hash_static(chunk_t chunk);
/**
* Incremental version of chunk_hash_static(). Use this to hash two or more
@@ -408,7 +408,7 @@ u_int32_t chunk_hash_static(chunk_t chunk);
* @param hash previous hash value
* @return hash value
*/
-u_int32_t chunk_hash_static_inc(chunk_t chunk, u_int32_t hash);
+uint32_t chunk_hash_static_inc(chunk_t chunk, uint32_t hash);
/**
* Computes a quick MAC from the given chunk and key using SipHash.
@@ -422,7 +422,7 @@ u_int32_t chunk_hash_static_inc(chunk_t chunk, u_int32_t hash);
* @param key key to use
* @return MAC for given input and key
*/
-u_int64_t chunk_mac(chunk_t chunk, u_char *key);
+uint64_t chunk_mac(chunk_t chunk, u_char *key);
/**
* Calculate the Internet Checksum according to RFC 1071 for the given chunk.
@@ -434,7 +434,7 @@ u_int64_t chunk_mac(chunk_t chunk, u_char *key);
* @param data data to process
* @return checksum (one's complement, network order)
*/
-u_int16_t chunk_internet_checksum(chunk_t data);
+uint16_t chunk_internet_checksum(chunk_t data);
/**
* Extend the given Internet Checksum (one's complement, in network byte order)
@@ -447,7 +447,7 @@ u_int16_t chunk_internet_checksum(chunk_t data);
* @param checksum previous checksum (one's complement, network order)
* @return checksum (one's complement, network order)
*/
-u_int16_t chunk_internet_checksum_inc(chunk_t data, u_int16_t checksum);
+uint16_t chunk_internet_checksum_inc(chunk_t data, uint16_t checksum);
/**
* printf hook function for chunk_t.
diff --git a/src/libstrongswan/utils/compat/android.h b/src/libstrongswan/utils/compat/android.h
index b3ea9c475..6edd3effb 100644
--- a/src/libstrongswan/utils/compat/android.h
+++ b/src/libstrongswan/utils/compat/android.h
@@ -21,6 +21,8 @@
#ifndef ANDROID_H_
#define ANDROID_H_
+#include <android/api-level.h>
+
/* stuff defined in AndroidConfig.h, which is included using the -include
* command-line option, thus cannot be undefined using -U CFLAGS options.
* the reason we have to undefine these flags in the first place, is that
@@ -28,4 +30,19 @@
* actually defined. */
#undef HAVE_BACKTRACE
+/* API level 21 changed quite a few things, we define some stuff here and not
+ * via CFLAGS in Android.mk files as it is easier to compare versions */
+#if __ANDROID_API__ >= 21
+
+#define HAVE_PTHREAD_CONDATTR_INIT 1
+#define HAVE_CONDATTR_CLOCK_MONOTONIC 1
+
+#define HAVE_SYS_CAPABILITY_H 1
+
+#else /* __ANDROID_API__ */
+
+#define HAVE_PTHREAD_COND_TIMEDWAIT_MONOTONIC 1
+
+#endif /* __ANDROID_API__ */
+
#endif /** ANDROID_H_ @}*/
diff --git a/src/libstrongswan/utils/cpu_feature.c b/src/libstrongswan/utils/cpu_feature.c
index d86ca6bd8..0529701ea 100644
--- a/src/libstrongswan/utils/cpu_feature.c
+++ b/src/libstrongswan/utils/cpu_feature.c
@@ -102,7 +102,7 @@ static cpu_feature_t get_via_features()
*/
cpu_feature_t cpu_feature_get_all()
{
- char vendor[3 * sizeof(u_int32_t) + 1];
+ char vendor[3 * sizeof(uint32_t) + 1];
cpu_feature_t f = 0;
u_int a, b, c, d;
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index 2b2e907f0..384bd6c92 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -80,6 +80,7 @@ static const x501rdn_t x501rdns[] = {
{"G", OID_GIVEN_NAME, ASN1_PRINTABLESTRING},
{"I", OID_INITIALS, ASN1_PRINTABLESTRING},
{"dnQualifier", OID_DN_QUALIFIER, ASN1_PRINTABLESTRING},
+ {"dmdName", OID_DMD_NAME, ASN1_PRINTABLESTRING},
{"pseudonym", OID_PSEUDONYM, ASN1_PRINTABLESTRING},
{"ID", OID_UNIQUE_IDENTIFIER, ASN1_PRINTABLESTRING},
{"EN", OID_EMPLOYEE_NUMBER, ASN1_PRINTABLESTRING},
@@ -220,6 +221,7 @@ METHOD(enumerator_t, rdn_part_enumerate, bool,
{OID_GIVEN_NAME, ID_PART_RDN_G},
{OID_INITIALS, ID_PART_RDN_I},
{OID_DN_QUALIFIER, ID_PART_RDN_DNQ},
+ {OID_DMD_NAME, ID_PART_RDN_DMDN},
{OID_PSEUDONYM, ID_PART_RDN_PN},
{OID_UNIQUE_IDENTIFIER, ID_PART_RDN_ID},
{OID_EMAIL_ADDRESS, ID_PART_RDN_E},
@@ -727,7 +729,8 @@ METHOD(identification_t, equals_strcasecmp, bool,
/* we do some extra sanity checks to check for invalid IDs with a
* terminating null in it. */
- if (this->encoded.len == encoded.len &&
+ if (this->type == other->get_type(other) &&
+ this->encoded.len == encoded.len &&
memchr(this->encoded.ptr, 0, this->encoded.len) == NULL &&
memchr(encoded.ptr, 0, encoded.len) == NULL &&
strncasecmp(this->encoded.ptr, encoded.ptr, this->encoded.len) == 0)
@@ -1152,15 +1155,15 @@ static private_identification_t *identification_create(id_type_t type)
{
case ID_ANY:
this->public.hash = _hash_binary;
- this->public.matches = _matches_any;
this->public.equals = _equals_binary;
+ this->public.matches = _matches_any;
this->public.contains_wildcards = return_true;
break;
case ID_FQDN:
case ID_RFC822_ADDR:
this->public.hash = _hash_binary;
- this->public.matches = _matches_string;
this->public.equals = _equals_strcasecmp;
+ this->public.matches = _matches_string;
this->public.contains_wildcards = _contains_wildcards_memchr;
break;
case ID_DER_ASN1_DN:
diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h
index 51d132491..206f7c3e0 100644
--- a/src/libstrongswan/utils/identification.h
+++ b/src/libstrongswan/utils/identification.h
@@ -168,6 +168,8 @@ enum id_part_t {
ID_PART_RDN_I,
/** DN Qualifier RDN of a DN */
ID_PART_RDN_DNQ,
+ /** dmdName RDN of a DN */
+ ID_PART_RDN_DMDN,
/** Pseudonym RDN of a DN */
ID_PART_RDN_PN,
/** UniqueIdentifier RDN of a DN */
diff --git a/src/libstrongswan/utils/integrity_checker.c b/src/libstrongswan/utils/integrity_checker.c
index b66df02e7..6f9510b3e 100644
--- a/src/libstrongswan/utils/integrity_checker.c
+++ b/src/libstrongswan/utils/integrity_checker.c
@@ -56,10 +56,10 @@ struct private_integrity_checker_t {
int checksum_count;
};
-METHOD(integrity_checker_t, build_file, u_int32_t,
+METHOD(integrity_checker_t, build_file, uint32_t,
private_integrity_checker_t *this, char *file, size_t *len)
{
- u_int32_t checksum;
+ uint32_t checksum;
chunk_t *contents;
contents = chunk_map(file, FALSE);
@@ -109,7 +109,7 @@ static int callback(struct dl_phdr_info *dlpi, size_t size, Dl_info *dli)
return 0;
}
-METHOD(integrity_checker_t, build_segment, u_int32_t,
+METHOD(integrity_checker_t, build_segment, uint32_t,
private_integrity_checker_t *this, void *sym, size_t *len)
{
chunk_t segment;
@@ -154,7 +154,7 @@ METHOD(integrity_checker_t, check_file, bool,
private_integrity_checker_t *this, char *name, char *file)
{
integrity_checksum_t *cs;
- u_int32_t sum;
+ uint32_t sum;
size_t len = 0;
cs = find_checksum(this, name);
@@ -188,7 +188,7 @@ METHOD(integrity_checker_t, check_segment, bool,
private_integrity_checker_t *this, char *name, void *sym)
{
integrity_checksum_t *cs;
- u_int32_t sum;
+ uint32_t sum;
size_t len = 0;
cs = find_checksum(this, name);
diff --git a/src/libstrongswan/utils/integrity_checker.h b/src/libstrongswan/utils/integrity_checker.h
index afaa114b3..2ac21c608 100644
--- a/src/libstrongswan/utils/integrity_checker.h
+++ b/src/libstrongswan/utils/integrity_checker.h
@@ -35,11 +35,11 @@ struct integrity_checksum_t {
/* size in bytes of the file on disk */
size_t file_len;
/* checksum of the file on disk */
- u_int32_t file;
+ uint32_t file;
/* size in bytes of executable segment in memory */
size_t segment_len;
/* checksum of the executable segment in memory */
- u_int32_t segment;
+ uint32_t segment;
};
/**
@@ -66,7 +66,7 @@ struct integrity_checker_t {
* @param len return length in bytes of file
* @return checksum, 0 on error
*/
- u_int32_t (*build_file)(integrity_checker_t *this, char *file, size_t *len);
+ uint32_t (*build_file)(integrity_checker_t *this, char *file, size_t *len);
/**
* Check the integrity of the code segment in memory.
@@ -83,7 +83,7 @@ struct integrity_checker_t {
* @param len return length in bytes of code segment in memory
* @return checksum, 0 on error
*/
- u_int32_t (*build_segment)(integrity_checker_t *this, void *sym, size_t *len);
+ uint32_t (*build_segment)(integrity_checker_t *this, void *sym, size_t *len);
/**
* Check both, on disk file integrity and loaded segment.
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 99f4843ad..d0f646c31 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -120,17 +120,17 @@ struct memory_header_t {
/**
* Padding to make sizeof(memory_header_t) == 32
*/
- u_int32_t padding[sizeof(void*) == sizeof(u_int32_t) ? 3 : 0];
+ uint32_t padding[sizeof(void*) == sizeof(uint32_t) ? 3 : 0];
/**
* Number of bytes following after the header
*/
- u_int32_t bytes;
+ uint32_t bytes;
/**
* magic bytes to detect bad free or heap underflow, MEMORY_HEADER_MAGIC
*/
- u_int32_t magic;
+ uint32_t magic;
}__attribute__((__packed__));
@@ -142,7 +142,7 @@ struct memory_tail_t {
/**
* Magic bytes to detect heap overflow, MEMORY_TAIL_MAGIC
*/
- u_int32_t magic;
+ uint32_t magic;
}__attribute__((__packed__));
@@ -522,6 +522,7 @@ char *whitelist[] = {
"vsyslog",
"__syslog_chk",
"__vsyslog_chk",
+ "__fprintf_chk",
"getaddrinfo",
"setlocale",
"getpass",
@@ -532,6 +533,7 @@ char *whitelist[] = {
"getpwuid_r",
"initgroups",
"tzset",
+ "_IO_file_doallocate",
/* ignore dlopen, as we do not dlclose to get proper leak reports */
"dlopen",
"dlerror",
@@ -562,6 +564,10 @@ char *whitelist[] = {
"ECDSA_do_sign_ex",
"ECDSA_verify",
"RSA_new_method",
+ /* OpenSSL 1.1.0 does not cleanup anymore until the library is unloaded */
+ "OPENSSL_init_crypto",
+ "CRYPTO_THREAD_lock_new",
+ "ERR_add_error_data",
/* OpenSSL libssl */
"SSL_COMP_get_compression_methods",
/* NSPR */
@@ -808,10 +814,11 @@ HOOK(void*, malloc, size_t bytes)
HOOK(void*, calloc, size_t nmemb, size_t size)
{
void *ptr;
+ volatile size_t total;
- size *= nmemb;
- ptr = malloc(size);
- memset(ptr, 0, size);
+ total = nmemb * size;
+ ptr = malloc(total);
+ memset(ptr, 0, total);
return ptr;
}
@@ -837,6 +844,18 @@ HOOK(void, free, void *ptr)
if (!enabled || thread_disabled->get(thread_disabled))
{
+ /* after deinitialization we might have to free stuff we allocated
+ * while we were enabled */
+ if (!first_header.magic && ptr)
+ {
+ hdr = ptr - sizeof(memory_header_t);
+ tail = ptr + hdr->bytes;
+ if (hdr->magic == MEMORY_HEADER_MAGIC &&
+ tail->magic == MEMORY_TAIL_MAGIC)
+ {
+ ptr = hdr;
+ }
+ }
real_free(ptr);
return;
}
@@ -953,6 +972,7 @@ METHOD(leak_detective_t, destroy, void,
lock->destroy(lock);
thread_disabled->destroy(thread_disabled);
free(this);
+ first_header.magic = 0;
first_header.next = NULL;
}
diff --git a/src/libstrongswan/utils/utils.c b/src/libstrongswan/utils/utils.c
index 40cb43d90..4deba0fe7 100644
--- a/src/libstrongswan/utils/utils.c
+++ b/src/libstrongswan/utils/utils.c
@@ -33,7 +33,7 @@
/* This is from the kernel sources. We limit the length of directory names to
* 256 as we only use it to enumerate FDs. */
struct linux_dirent64 {
- u_int64_t d_ino;
+ uint64_t d_ino;
int64_t d_off;
unsigned short d_reclen;
unsigned char d_type;
diff --git a/src/libstrongswan/utils/utils/align.c b/src/libstrongswan/utils/utils/align.c
index 29f110ff1..ffdb1b5ce 100644
--- a/src/libstrongswan/utils/utils/align.c
+++ b/src/libstrongswan/utils/utils/align.c
@@ -20,9 +20,9 @@
/**
* Described in header.
*/
-void* malloc_align(size_t size, u_int8_t align)
+void* malloc_align(size_t size, uint8_t align)
{
- u_int8_t pad;
+ uint8_t pad;
void *ptr;
if (align == 0)
@@ -46,7 +46,7 @@ void* malloc_align(size_t size, u_int8_t align)
*/
void free_align(void *ptr)
{
- u_int8_t pad, *pos;
+ uint8_t pad, *pos;
pos = ptr - 1;
/* verify padding to check any corruption */
diff --git a/src/libstrongswan/utils/utils/align.h b/src/libstrongswan/utils/utils/align.h
index 39cde10c8..a28dc3668 100644
--- a/src/libstrongswan/utils/utils/align.h
+++ b/src/libstrongswan/utils/utils/align.h
@@ -74,7 +74,7 @@ static inline size_t round_down(size_t size, size_t alignment)
* @param align alignment, up to 255 bytes, usually a power of 2
* @return allocated hunk, aligned to align bytes
*/
-void* malloc_align(size_t size, u_int8_t align);
+void* malloc_align(size_t size, uint8_t align);
/**
* Free a hunk allocated by malloc_align().
diff --git a/src/libstrongswan/utils/utils/byteorder.h b/src/libstrongswan/utils/utils/byteorder.h
index 3ccbad5f1..7c7e53420 100644
--- a/src/libstrongswan/utils/utils/byteorder.h
+++ b/src/libstrongswan/utils/utils/byteorder.h
@@ -26,7 +26,7 @@
* Architecture independent bitfield definition helpers (at least with GCC).
*
* Defines a bitfield with a type t and a fixed size of bitfield members, e.g.:
- * BITFIELD2(u_int8_t,
+ * BITFIELD2(uint8_t,
* low: 4,
* high: 4,
* ) flags;
@@ -47,9 +47,14 @@
#ifndef le32toh
# if BYTE_ORDER == BIG_ENDIAN
# define le32toh(x) __builtin_bswap32(x)
-# define htole32(x) __builtin_bswap32(x)
# else
# define le32toh(x) (x)
+# endif
+#endif
+#ifndef htole32
+# if BYTE_ORDER == BIG_ENDIAN
+# define htole32(x) __builtin_bswap32(x)
+# else
# define htole32(x) (x)
# endif
#endif
@@ -57,9 +62,14 @@
#ifndef le64toh
# if BYTE_ORDER == BIG_ENDIAN
# define le64toh(x) __builtin_bswap64(x)
-# define htole64(x) __builtin_bswap64(x)
# else
# define le64toh(x) (x)
+# endif
+#endif
+#ifndef htole64
+# if BYTE_ORDER == BIG_ENDIAN
+# define htole64(x) __builtin_bswap64(x)
+# else
# define htole64(x) (x)
# endif
#endif
@@ -67,9 +77,14 @@
#ifndef be64toh
# if BYTE_ORDER == BIG_ENDIAN
# define be64toh(x) (x)
-# define htobe64(x) (x)
# else
# define be64toh(x) __builtin_bswap64(x)
+# endif
+#endif
+#ifndef htobe64
+# if BYTE_ORDER == BIG_ENDIAN
+# define htobe64(x) (x)
+# else
# define htobe64(x) __builtin_bswap64(x)
# endif
#endif
@@ -80,7 +95,7 @@
* @param host host order 16-bit value
* @param network unaligned address to write network order value to
*/
-static inline void htoun16(void *network, u_int16_t host)
+static inline void htoun16(void *network, uint16_t host)
{
char *unaligned = (char*)network;
@@ -94,7 +109,7 @@ static inline void htoun16(void *network, u_int16_t host)
* @param host host order 32-bit value
* @param network unaligned address to write network order value to
*/
-static inline void htoun32(void *network, u_int32_t host)
+static inline void htoun32(void *network, uint32_t host)
{
char *unaligned = (char*)network;
@@ -108,7 +123,7 @@ static inline void htoun32(void *network, u_int32_t host)
* @param host host order 64-bit value
* @param network unaligned address to write network order value to
*/
-static inline void htoun64(void *network, u_int64_t host)
+static inline void htoun64(void *network, uint64_t host)
{
char *unaligned = (char*)network;
@@ -122,10 +137,10 @@ static inline void htoun64(void *network, u_int64_t host)
* @param network unaligned address to read network order value from
* @return host order value
*/
-static inline u_int16_t untoh16(void *network)
+static inline uint16_t untoh16(void *network)
{
char *unaligned = (char*)network;
- u_int16_t tmp;
+ uint16_t tmp;
memcpy(&tmp, unaligned, sizeof(tmp));
return ntohs(tmp);
@@ -137,10 +152,10 @@ static inline u_int16_t untoh16(void *network)
* @param network unaligned address to read network order value from
* @return host order value
*/
-static inline u_int32_t untoh32(void *network)
+static inline uint32_t untoh32(void *network)
{
char *unaligned = (char*)network;
- u_int32_t tmp;
+ uint32_t tmp;
memcpy(&tmp, unaligned, sizeof(tmp));
return ntohl(tmp);
@@ -152,10 +167,10 @@ static inline u_int32_t untoh32(void *network)
* @param network unaligned address to read network order value from
* @return host order value
*/
-static inline u_int64_t untoh64(void *network)
+static inline uint64_t untoh64(void *network)
{
char *unaligned = (char*)network;
- u_int64_t tmp;
+ uint64_t tmp;
memcpy(&tmp, unaligned, sizeof(tmp));
return be64toh(tmp);
@@ -167,9 +182,9 @@ static inline u_int64_t untoh64(void *network)
* @param p unaligned address to read little endian value from
* @return host order value
*/
-static inline u_int32_t uletoh32(void *p)
+static inline uint32_t uletoh32(void *p)
{
- u_int32_t ret;
+ uint32_t ret;
memcpy(&ret, p, sizeof(ret));
ret = le32toh(ret);
@@ -182,7 +197,7 @@ static inline u_int32_t uletoh32(void *p)
* @param p host order 32-bit value
* @param v unaligned address to write little endian value to
*/
-static inline void htoule32(void *p, u_int32_t v)
+static inline void htoule32(void *p, uint32_t v)
{
v = htole32(v);
memcpy(p, &v, sizeof(v));
diff --git a/src/libstrongswan/utils/utils/memory.c b/src/libstrongswan/utils/utils/memory.c
index a15371518..30c6f546c 100644
--- a/src/libstrongswan/utils/utils/memory.c
+++ b/src/libstrongswan/utils/utils/memory.c
@@ -20,7 +20,7 @@
/**
* Described in header.
*/
-void memxor(u_int8_t dst[], u_int8_t src[], size_t n)
+void memxor(uint8_t dst[], uint8_t src[], size_t n)
{
int m, i;
diff --git a/src/libstrongswan/utils/utils/memory.h b/src/libstrongswan/utils/utils/memory.h
index aef318f6c..b978e7c48 100644
--- a/src/libstrongswan/utils/utils/memory.h
+++ b/src/libstrongswan/utils/utils/memory.h
@@ -80,7 +80,7 @@ static inline void *memset_noop(void *s, int c, size_t n)
/**
* Same as memcpy, but XORs src into dst instead of copy
*/
-void memxor(u_int8_t dest[], u_int8_t src[], size_t n);
+void memxor(uint8_t dest[], uint8_t src[], size_t n);
/**
* Safely overwrite n bytes of memory at ptr with zero, non-inlining variant.
diff --git a/src/libstrongswan/utils/utils/string.h b/src/libstrongswan/utils/utils/string.h
index 60eaaae22..562516b91 100644
--- a/src/libstrongswan/utils/utils/string.h
+++ b/src/libstrongswan/utils/utils/string.h
@@ -27,7 +27,7 @@
*/
static inline bool streq(const char *x, const char *y)
{
- return strcmp(x, y) == 0;
+ return (x == y) || (x && y && strcmp(x, y) == 0);
}
/**
@@ -35,7 +35,7 @@ static inline bool streq(const char *x, const char *y)
*/
static inline bool strneq(const char *x, const char *y, size_t len)
{
- return strncmp(x, y, len) == 0;
+ return (x == y) || (x && y && strncmp(x, y, len) == 0);
}
/**
@@ -51,7 +51,7 @@ static inline bool strpfx(const char *x, const char *prefix)
*/
static inline bool strcaseeq(const char *x, const char *y)
{
- return strcasecmp(x, y) == 0;
+ return (x == y) || (x && y && strcasecmp(x, y) == 0);
}
/**
@@ -59,7 +59,7 @@ static inline bool strcaseeq(const char *x, const char *y)
*/
static inline bool strncaseeq(const char *x, const char *y, size_t len)
{
- return strncasecmp(x, y, len) == 0;
+ return (x == y) || (x && y && strncasecmp(x, y, len) == 0);
}
/**
diff --git a/src/libstrongswan/utils/utils/time.c b/src/libstrongswan/utils/utils/time.c
index c67ae93f2..48e5151c0 100644
--- a/src/libstrongswan/utils/utils/time.c
+++ b/src/libstrongswan/utils/utils/time.c
@@ -121,7 +121,7 @@ int time_delta_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec,
char* unit = "second";
time_t *arg1 = *((time_t**)(args[0]));
time_t *arg2 = *((time_t**)(args[1]));
- u_int64_t delta = llabs(*arg1 - *arg2);
+ uint64_t delta = llabs(*arg1 - *arg2);
if (delta > 2 * 60 * 60 * 24)
{
diff --git a/src/libstrongswan/utils/utils/types.h b/src/libstrongswan/utils/utils/types.h
index 056c2e0c2..45b5043bf 100644
--- a/src/libstrongswan/utils/utils/types.h
+++ b/src/libstrongswan/utils/utils/types.h
@@ -43,19 +43,6 @@
# define TRUE true
#endif /* TRUE */
-/**
- * define some missing fixed width int types on OpenSolaris.
- * TODO: since the uintXX_t types are defined by the C99 standard we should
- * probably use those anyway
- */
-#if defined __sun || defined WIN32
-#include <stdint.h>
-typedef uint8_t u_int8_t;
-typedef uint16_t u_int16_t;
-typedef uint32_t u_int32_t;
-typedef uint64_t u_int64_t;
-#endif
-
#ifdef HAVE_INT128
/**
* 128 bit wide signed integer, if supported
@@ -70,7 +57,7 @@ typedef unsigned __int128 u_int128_t;
# define MAX_UINT_TYPE u_int128_t
#else
# define MAX_INT_TYPE int64_t
-# define MAX_UINT_TYPE u_int64_t
+# define MAX_UINT_TYPE uint64_t
#endif
/**
diff --git a/src/libtls/Makefile.in b/src/libtls/Makefile.in
index 8d16059f3..0bd5f741e 100644
--- a/src/libtls/Makefile.in
+++ b/src/libtls/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
@USE_WINDOWS_TRUE@am__append_1 = -lws2_32
subdir = src/libtls
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(am__nobase_tls_include_HEADERS_DIST)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am \
+ $(am__nobase_tls_include_HEADERS_DIST) $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -227,6 +237,7 @@ am__define_uniq_tagged_files = \
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -258,6 +269,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -307,6 +319,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -341,6 +354,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -452,6 +466,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -518,7 +533,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtls/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtls/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -937,6 +951,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES \
uninstall-ipseclibLTLIBRARIES \
uninstall-nobase_tls_includeHEADERS
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtls/tests/Makefile.in b/src/libtls/tests/Makefile.in
index e57a95f4f..e00de3f47 100644
--- a/src/libtls/tests/Makefile.in
+++ b/src/libtls/tests/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ host_triplet = @host@
TESTS = tls_tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libtls/tests
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -197,12 +206,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -252,6 +263,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -286,6 +298,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -397,6 +410,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -460,7 +474,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtls/tests/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtls/tests/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -885,6 +898,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtls/tests/suites/test_socket.c b/src/libtls/tests/suites/test_socket.c
index 42a4607b7..d105dd372 100644
--- a/src/libtls/tests/suites/test_socket.c
+++ b/src/libtls/tests/suites/test_socket.c
@@ -267,7 +267,7 @@ END_TEARDOWN
*/
typedef struct {
tls_version_t version;
- u_int16_t port;
+ uint16_t port;
char *addr;
chunk_t data;
int fd;
@@ -411,7 +411,7 @@ static void run_echo_client(echo_server_config_t *config)
/**
* Common test wrapper function for different test variants
*/
-static void test_tls(tls_version_t version, u_int16_t port, bool cauth, u_int i)
+static void test_tls(tls_version_t version, uint16_t port, bool cauth, u_int i)
{
echo_server_config_t *config;
tls_cipher_suite_t *suites;
diff --git a/src/libtls/tls.c b/src/libtls/tls.c
index 08a06f5ef..ea39f7fd1 100644
--- a/src/libtls/tls.c
+++ b/src/libtls/tls.c
@@ -83,9 +83,9 @@ ENUM_END(tls_extension_names, TLS_EXT_RENEGOTIATION_INFO);
* TLS record
*/
typedef struct __attribute__((packed)) {
- u_int8_t type;
- u_int16_t version;
- u_int16_t length;
+ uint8_t type;
+ uint16_t version;
+ uint16_t length;
char data[];
} tls_record_t;
diff --git a/src/libtls/tls_aead.c b/src/libtls/tls_aead.c
index 67cfd3a75..f1daa6f45 100644
--- a/src/libtls/tls_aead.c
+++ b/src/libtls/tls_aead.c
@@ -44,18 +44,18 @@ struct private_tls_aead_t {
* Associated header data to create signature over
*/
typedef struct __attribute__((__packed__)) {
- u_int64_t seq;
- u_int8_t type;
- u_int16_t version;
- u_int16_t length;
+ uint64_t seq;
+ uint8_t type;
+ uint16_t version;
+ uint16_t length;
} sigheader_t;
METHOD(tls_aead_t, encrypt, bool,
private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
- u_int64_t seq, chunk_t *data)
+ uint64_t seq, chunk_t *data)
{
chunk_t assoc, encrypted, iv, plain;
- u_int8_t icvlen;
+ uint8_t icvlen;
sigheader_t hdr;
iv_gen_t *gen;
@@ -92,10 +92,10 @@ METHOD(tls_aead_t, encrypt, bool,
METHOD(tls_aead_t, decrypt, bool,
private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
- u_int64_t seq, chunk_t *data)
+ uint64_t seq, chunk_t *data)
{
chunk_t assoc, iv;
- u_int8_t icvlen;
+ uint8_t icvlen;
sigheader_t hdr;
iv.len = this->aead->get_iv_size(this->aead);
diff --git a/src/libtls/tls_aead.h b/src/libtls/tls_aead.h
index 1d5ba92b5..8b5cda5a7 100644
--- a/src/libtls/tls_aead.h
+++ b/src/libtls/tls_aead.h
@@ -50,7 +50,7 @@ struct tls_aead_t {
* @return TRUE if successfully encrypted
*/
bool (*encrypt)(tls_aead_t *this, tls_version_t version,
- tls_content_type_t type, u_int64_t seq, chunk_t *data);
+ tls_content_type_t type, uint64_t seq, chunk_t *data);
/**
* Decrypt and verify a TLS record.
@@ -65,7 +65,7 @@ struct tls_aead_t {
* @return TRUE if successfully decrypted
*/
bool (*decrypt)(tls_aead_t *this, tls_version_t version,
- tls_content_type_t type, u_int64_t seq, chunk_t *data);
+ tls_content_type_t type, uint64_t seq, chunk_t *data);
/**
* Get the authentication key size.
diff --git a/src/libtls/tls_aead_expl.c b/src/libtls/tls_aead_expl.c
index 80b0db38c..201c9bcf8 100644
--- a/src/libtls/tls_aead_expl.c
+++ b/src/libtls/tls_aead_expl.c
@@ -49,18 +49,18 @@ struct private_tls_aead_t {
* Associated header data to create signature over
*/
typedef struct __attribute__((__packed__)) {
- u_int64_t seq;
- u_int8_t type;
- u_int16_t version;
- u_int16_t length;
+ uint64_t seq;
+ uint8_t type;
+ uint16_t version;
+ uint16_t length;
} sigheader_t;
METHOD(tls_aead_t, encrypt, bool,
private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
- u_int64_t seq, chunk_t *data)
+ uint64_t seq, chunk_t *data)
{
chunk_t assoc, mac, padding, iv;
- u_int8_t bs, padlen;
+ uint8_t bs, padlen;
sigheader_t hdr;
hdr.type = type;
@@ -100,10 +100,10 @@ METHOD(tls_aead_t, encrypt, bool,
METHOD(tls_aead_t, decrypt, bool,
private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
- u_int64_t seq, chunk_t *data)
+ uint64_t seq, chunk_t *data)
{
chunk_t assoc, mac, iv;
- u_int8_t bs, padlen;
+ uint8_t bs, padlen;
sigheader_t hdr;
size_t i;
diff --git a/src/libtls/tls_aead_impl.c b/src/libtls/tls_aead_impl.c
index d529ceba7..8f83cb456 100644
--- a/src/libtls/tls_aead_impl.c
+++ b/src/libtls/tls_aead_impl.c
@@ -47,18 +47,18 @@ struct private_tls_aead_t {
* Associated header data to create signature over
*/
typedef struct __attribute__((__packed__)) {
- u_int64_t seq;
- u_int8_t type;
- u_int16_t version;
- u_int16_t length;
+ uint64_t seq;
+ uint8_t type;
+ uint16_t version;
+ uint16_t length;
} sigheader_t;
METHOD(tls_aead_t, encrypt, bool,
private_tls_aead_t *this, tls_version_t version,
- tls_content_type_t type, u_int64_t seq, chunk_t *data)
+ tls_content_type_t type, uint64_t seq, chunk_t *data)
{
chunk_t assoc, mac, padding;
- u_int8_t bs, padlen;
+ uint8_t bs, padlen;
sigheader_t hdr;
hdr.type = type;
@@ -95,10 +95,10 @@ METHOD(tls_aead_t, encrypt, bool,
METHOD(tls_aead_t, decrypt, bool,
private_tls_aead_t *this, tls_version_t version,
- tls_content_type_t type, u_int64_t seq, chunk_t *data)
+ tls_content_type_t type, uint64_t seq, chunk_t *data)
{
chunk_t assoc, mac, iv;
- u_int8_t bs, padlen;
+ uint8_t bs, padlen;
sigheader_t hdr;
size_t i;
diff --git a/src/libtls/tls_aead_null.c b/src/libtls/tls_aead_null.c
index 595b64000..cb4c10633 100644
--- a/src/libtls/tls_aead_null.c
+++ b/src/libtls/tls_aead_null.c
@@ -37,15 +37,15 @@ struct private_tls_aead_t {
* Associated header data to create signature over
*/
typedef struct __attribute__((__packed__)) {
- u_int64_t seq;
- u_int8_t type;
- u_int16_t version;
- u_int16_t length;
+ uint64_t seq;
+ uint8_t type;
+ uint16_t version;
+ uint16_t length;
} sigheader_t;
METHOD(tls_aead_t, encrypt, bool,
private_tls_aead_t *this, tls_version_t version,
- tls_content_type_t type, u_int64_t seq, chunk_t *data)
+ tls_content_type_t type, uint64_t seq, chunk_t *data)
{
chunk_t assoc, mac;
sigheader_t hdr;
@@ -67,7 +67,7 @@ METHOD(tls_aead_t, encrypt, bool,
METHOD(tls_aead_t, decrypt, bool,
private_tls_aead_t *this, tls_version_t version,
- tls_content_type_t type, u_int64_t seq, chunk_t *data)
+ tls_content_type_t type, uint64_t seq, chunk_t *data)
{
chunk_t assoc, mac;
sigheader_t hdr;
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 2cffeb820..6bbd95873 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1340,7 +1340,7 @@ METHOD(tls_crypto_t, set_protection, void,
METHOD(tls_crypto_t, append_handshake, void,
private_tls_crypto_t *this, tls_handshake_type_t type, chunk_t data)
{
- u_int32_t header;
+ uint32_t header;
/* reconstruct handshake header */
header = htonl(data.len | (type << 24));
@@ -1407,7 +1407,7 @@ METHOD(tls_crypto_t, sign, bool,
{
signature_scheme_t scheme;
bio_reader_t *reader;
- u_int8_t hash, alg;
+ uint8_t hash, alg;
chunk_t sig;
bool done = FALSE;
@@ -1487,7 +1487,7 @@ METHOD(tls_crypto_t, verify, bool,
if (this->tls->get_version(this->tls) >= TLS_1_2)
{
signature_scheme_t scheme = SIGN_UNKNOWN;
- u_int8_t hash, alg;
+ uint8_t hash, alg;
chunk_t sig;
if (!reader->read_uint8(reader, &hash) ||
diff --git a/src/libtls/tls_fragmentation.c b/src/libtls/tls_fragmentation.c
index a97ca1eaa..3607aa3cb 100644
--- a/src/libtls/tls_fragmentation.c
+++ b/src/libtls/tls_fragmentation.c
@@ -127,7 +127,7 @@ static bool send_close_notify(private_tls_fragmentation_t *this)
static status_t process_alert(private_tls_fragmentation_t *this,
bio_reader_t *reader)
{
- u_int8_t level, description;
+ uint8_t level, description;
if (!reader->read_uint8(reader, &level) ||
!reader->read_uint8(reader, &description))
@@ -147,8 +147,8 @@ static status_t process_handshake(private_tls_fragmentation_t *this,
while (reader->remaining(reader))
{
bio_reader_t *msg;
- u_int8_t type;
- u_int32_t len;
+ uint8_t type;
+ uint32_t len;
status_t status;
chunk_t data;
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 8087e2e2d..2ba6dd2a6 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -141,8 +141,8 @@ struct private_tls_peer_t {
static status_t process_server_hello(private_tls_peer_t *this,
bio_reader_t *reader)
{
- u_int8_t compression;
- u_int16_t version, cipher;
+ uint8_t compression;
+ uint16_t version, cipher;
chunk_t random, session, ext = chunk_empty;
tls_cipher_suite_t suite = 0;
@@ -434,8 +434,8 @@ static status_t process_ec_key_exchange(private_tls_peer_t *this,
{
diffie_hellman_group_t group;
public_key_t *public;
- u_int8_t type;
- u_int16_t curve;
+ uint8_t type;
+ uint16_t curve;
chunk_t pub, chunk;
chunk = reader->peek(reader);
@@ -833,7 +833,7 @@ static private_key_t *find_private_key(private_tls_peer_t *this)
private_key_t *key = NULL;
bio_reader_t *reader;
key_type_t type;
- u_int8_t cert;
+ uint8_t cert;
if (!this->peer)
{
diff --git a/src/libtls/tls_protection.c b/src/libtls/tls_protection.c
index e73fedc5d..cea3eca14 100644
--- a/src/libtls/tls_protection.c
+++ b/src/libtls/tls_protection.c
@@ -47,12 +47,12 @@ struct private_tls_protection_t {
/**
* Sequence number of incoming records
*/
- u_int64_t seq_in;
+ uint64_t seq_in;
/**
* Sequence number for outgoing records
*/
- u_int64_t seq_out;
+ uint64_t seq_out;
/**
* AEAD transform for inbound traffic
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index cfbe02037..422211afa 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -213,7 +213,7 @@ static bool select_suite_and_key(private_tls_server_t *this,
static status_t process_client_hello(private_tls_server_t *this,
bio_reader_t *reader)
{
- u_int16_t version, extension;
+ uint16_t version, extension;
chunk_t random, session, ciphers, compression, ext = chunk_empty;
bio_reader_t *extensions;
tls_cipher_suite_t *suites;
@@ -304,12 +304,12 @@ static status_t process_client_hello(private_tls_server_t *this,
}
else
{
- count = ciphers.len / sizeof(u_int16_t);
+ count = ciphers.len / sizeof(uint16_t);
suites = alloca(count * sizeof(tls_cipher_suite_t));
DBG2(DBG_TLS, "received %d TLS cipher suites:", count);
for (i = 0; i < count; i++)
{
- suites[i] = untoh16(&ciphers.ptr[i * sizeof(u_int16_t)]);
+ suites[i] = untoh16(&ciphers.ptr[i * sizeof(uint16_t)]);
DBG2(DBG_TLS, " %N", tls_cipher_suite_names, suites[i]);
}
if (!select_suite_and_key(this, suites, count))
@@ -831,7 +831,7 @@ static tls_named_curve_t ec_group_to_curve(private_tls_server_t *this,
bool peer_supports_curve(private_tls_server_t *this, tls_named_curve_t curve)
{
bio_reader_t *reader;
- u_int16_t current;
+ uint16_t current;
if (!this->curves_received)
{ /* none received, assume yes */
diff --git a/src/libtnccs/Makefile.in b/src/libtnccs/Makefile.in
index 85d2581a2..af02b7549 100644
--- a/src/libtnccs/Makefile.in
+++ b/src/libtnccs/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -92,8 +102,6 @@ host_triplet = @host@
@USE_TNCCS_DYNAMIC_TRUE@am__append_12 = plugins/tnccs_dynamic
@MONOLITHIC_TRUE@@USE_TNCCS_DYNAMIC_TRUE@am__append_13 = plugins/tnccs_dynamic/libstrongswan-tnccs-dynamic.la
subdir = src/libtnccs
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -107,6 +115,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -232,6 +241,7 @@ ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = . plugins/tnc_tnccs plugins/tnc_imc plugins/tnc_imv \
plugins/tnccs_11 plugins/tnccs_20 plugins/tnccs_dynamic
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -263,6 +273,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -312,6 +323,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -346,6 +358,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -457,6 +470,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -533,7 +547,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -952,6 +965,8 @@ uninstall-am: uninstall-ipseclibLTLIBRARIES
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipseclibLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnc_imc/Makefile.in b/src/libtnccs/plugins/tnc_imc/Makefile.in
index 963e1f0eb..d93bded57 100644
--- a/src/libtnccs/plugins/tnc_imc/Makefile.in
+++ b/src/libtnccs/plugins/tnc_imc/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libtnccs/plugins/tnc_imc
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/plugins/tnc_imc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/plugins/tnc_imc/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -785,6 +798,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnc_imv/Makefile.in b/src/libtnccs/plugins/tnc_imv/Makefile.in
index f77db91c4..3987e79cf 100644
--- a/src/libtnccs/plugins/tnc_imv/Makefile.in
+++ b/src/libtnccs/plugins/tnc_imv/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libtnccs/plugins/tnc_imv
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -206,12 +215,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -261,6 +272,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -295,6 +307,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -406,6 +419,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -471,7 +485,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/plugins/tnc_imv/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/plugins/tnc_imv/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -788,6 +801,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnc_tnccs/Makefile.in b/src/libtnccs/plugins/tnc_tnccs/Makefile.in
index 577f53776..b4357b911 100644
--- a/src/libtnccs/plugins/tnc_tnccs/Makefile.in
+++ b/src/libtnccs/plugins/tnc_tnccs/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libtnccs/plugins/tnc_tnccs
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -469,7 +483,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/plugins/tnc_tnccs/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/plugins/tnc_tnccs/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -783,6 +796,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnc_tnccs/tnc_tnccs_manager.c b/src/libtnccs/plugins/tnc_tnccs/tnc_tnccs_manager.c
index 67c33ee63..5ac2c85a5 100644
--- a/src/libtnccs/plugins/tnc_tnccs/tnc_tnccs_manager.c
+++ b/src/libtnccs/plugins/tnc_tnccs/tnc_tnccs_manager.c
@@ -87,7 +87,7 @@ struct tnccs_connection_entry_t {
/**
* Maximum size of a PA-TNC message
*/
- u_int32_t max_msg_len;
+ uint32_t max_msg_len;
/**
* collection of IMV recommendations
@@ -199,7 +199,7 @@ METHOD(tnccs_manager_t, create_instance, tnccs_t*,
METHOD(tnccs_manager_t, create_connection, TNC_ConnectionID,
private_tnc_tnccs_manager_t *this, tnccs_type_t type, tnccs_t *tnccs,
tnccs_send_message_t send_message, bool* request_handshake_retry,
- u_int32_t max_msg_len, recommendations_t **recs)
+ uint32_t max_msg_len, recommendations_t **recs)
{
tnccs_connection_entry_t *entry;
@@ -414,14 +414,14 @@ static TNC_Result bool_attribute(TNC_UInt32 buffer_len,
}
/**
- * Write the value of an u_int32_t attribute into the buffer
+ * Write the value of an uint32_t attribute into the buffer
*/
static TNC_Result uint_attribute(TNC_UInt32 buffer_len,
TNC_BufferReference buffer,
TNC_UInt32 *value_len,
- u_int32_t value)
+ uint32_t value)
{
- *value_len = sizeof(u_int32_t);
+ *value_len = sizeof(uint32_t);
if (buffer && buffer_len >= *value_len)
{
@@ -465,7 +465,7 @@ static TNC_Result identity_attribute(TNC_UInt32 buffer_len,
{
bio_writer_t *writer;
enumerator_t *enumerator;
- u_int32_t count;
+ uint32_t count;
chunk_t value;
tncif_identity_t *tnc_id;
TNC_Result result = TNC_RESULT_INVALID_PARAMETER;
@@ -721,7 +721,7 @@ METHOD(tnccs_manager_t, get_attribute, TNC_Result,
host_t *peer_ip;
tnccs_t *tnccs;
tncif_identity_t *tnc_id;
- u_int32_t id_type, subject_type;
+ uint32_t id_type, subject_type;
chunk_t id_value;
char *id_str;
TNC_Result result;
diff --git a/src/libtnccs/plugins/tnccs_11/Makefile.in b/src/libtnccs/plugins/tnccs_11/Makefile.in
index ec5de0f11..653e1f4d4 100644
--- a/src/libtnccs/plugins/tnccs_11/Makefile.in
+++ b/src/libtnccs/plugins/tnccs_11/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -83,8 +93,6 @@ host_triplet = @host@
@MONOLITHIC_FALSE@ $(top_builddir)/src/libtnccs/libtnccs.la
subdir = src/libtnccs/plugins/tnccs_11
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -98,6 +106,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -215,12 +224,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -270,6 +281,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -304,6 +316,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -415,6 +428,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -484,7 +498,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/plugins/tnccs_11/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/plugins/tnccs_11/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -844,6 +857,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnccs_11/tnccs_11.c b/src/libtnccs/plugins/tnccs_11/tnccs_11.c
index 0918a2bad..5c34d5748 100644
--- a/src/libtnccs/plugins/tnccs_11/tnccs_11.c
+++ b/src/libtnccs/plugins/tnccs_11/tnccs_11.c
@@ -79,7 +79,7 @@ struct private_tnccs_11_t {
/**
* Type of TNC client authentication
*/
- u_int32_t auth_type;
+ uint32_t auth_type;
/**
* Connection ID assigned to this TNCCS connection
@@ -205,7 +205,7 @@ static void handle_message(private_tnccs_11_t *this, tnccs_msg_t *msg)
imc_imv_msg_t *imc_imv_msg;
TNC_MessageType msg_type;
chunk_t msg_body;
- u_int32_t msg_vid, msg_subtype;
+ uint32_t msg_vid, msg_subtype;
enum_name_t *pa_subtype_names;
imc_imv_msg = (imc_imv_msg_t*)msg;
@@ -622,20 +622,20 @@ METHOD(tnccs_t, set_transport, void,
this->transport = transport;
}
-METHOD(tnccs_t, get_auth_type, u_int32_t,
+METHOD(tnccs_t, get_auth_type, uint32_t,
private_tnccs_11_t *this)
{
return this->auth_type;
}
METHOD(tnccs_t, set_auth_type, void,
- private_tnccs_11_t *this, u_int32_t auth_type)
+ private_tnccs_11_t *this, uint32_t auth_type)
{
this->auth_type = auth_type;
}
METHOD(tnccs_t, get_pdp_server, chunk_t,
- private_tnccs_11_t *this, u_int16_t *port)
+ private_tnccs_11_t *this, uint16_t *port)
{
*port = 0;
diff --git a/src/libtnccs/plugins/tnccs_20/Makefile.in b/src/libtnccs/plugins/tnccs_20/Makefile.in
index 5037a9517..1a50c7b23 100644
--- a/src/libtnccs/plugins/tnccs_20/Makefile.in
+++ b/src/libtnccs/plugins/tnccs_20/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libtnccs/plugins/tnccs_20
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -218,12 +227,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -273,6 +284,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -307,6 +319,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -418,6 +431,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -497,7 +511,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/plugins/tnccs_20/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/plugins/tnccs_20/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -926,6 +939,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnccs_20/batch/pb_tnc_batch.c b/src/libtnccs/plugins/tnccs_20/batch/pb_tnc_batch.c
index b239c20dc..2663e3985 100644
--- a/src/libtnccs/plugins/tnccs_20/batch/pb_tnc_batch.c
+++ b/src/libtnccs/plugins/tnccs_20/batch/pb_tnc_batch.c
@@ -122,7 +122,7 @@ struct private_pb_tnc_batch_t {
/**
* Offset into encoding (used for error reporting)
*/
- u_int32_t offset;
+ uint32_t offset;
};
METHOD(pb_tnc_batch_t, get_type, pb_tnc_batch_type_t,
@@ -179,8 +179,8 @@ METHOD(pb_tnc_batch_t, add_msg, bool,
METHOD(pb_tnc_batch_t, build, void,
private_pb_tnc_batch_t *this)
{
- u_int8_t version;
- u_int32_t msg_len;
+ uint8_t version;
+ uint32_t msg_len;
chunk_t msg_value;
enumerator_t *enumerator;
pen_type_t msg_type;
@@ -205,7 +205,7 @@ METHOD(pb_tnc_batch_t, build, void,
enumerator = this->messages->create_enumerator(this->messages);
while (enumerator->enumerate(enumerator, &msg))
{
- u_int8_t flags = PB_TNC_FLAG_NONE;
+ uint8_t flags = PB_TNC_FLAG_NONE;
/* build PB-TNC message */
msg_value = msg->get_encoding(msg);
@@ -247,8 +247,8 @@ METHOD(pb_tnc_batch_t, process_header, status_t,
bio_reader_t *reader;
pb_tnc_msg_t *msg;
pb_error_msg_t *err_msg;
- u_int8_t version, flags, reserved, type;
- u_int32_t batch_len;
+ uint8_t version, flags, reserved, type;
+ uint32_t batch_len;
if (this->encoding.len < PB_TNC_BATCH_HEADER_SIZE)
{
@@ -324,8 +324,8 @@ static status_t process_tnc_msg(private_pb_tnc_batch_t *this)
bio_reader_t *reader;
pb_tnc_msg_t *pb_tnc_msg, *msg;
pb_tnc_msg_info_t *msg_infos;
- u_int8_t flags;
- u_int32_t vendor_id, msg_type, msg_len, offset;
+ uint8_t flags;
+ uint32_t vendor_id, msg_type, msg_len, offset;
chunk_t data, msg_value;
bool noskip_flag;
enum_name_t *msg_type_names;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.c
index 5c4b5ae00..f306540e3 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.c
@@ -57,7 +57,7 @@ struct private_pb_access_recommendation_msg_t {
/**
* Access recommendation code
*/
- u_int16_t recommendation;
+ uint16_t recommendation;
/**
* Encoded message
@@ -95,10 +95,10 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_access_recommendation_msg_t *this, u_int32_t *offset)
+ private_pb_access_recommendation_msg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int16_t reserved;
+ uint16_t reserved;
reader = bio_reader_create(this->encoding);
reader->read_uint16(reader, &reserved);
@@ -124,7 +124,7 @@ METHOD(pb_tnc_msg_t, destroy, void,
free(this);
}
-METHOD(pb_access_recommendation_msg_t, get_access_recommendation, u_int16_t,
+METHOD(pb_access_recommendation_msg_t, get_access_recommendation, uint16_t,
private_pb_access_recommendation_msg_t *this)
{
return this->recommendation;
@@ -158,7 +158,7 @@ pb_tnc_msg_t *pb_access_recommendation_msg_create_from_data(chunk_t data)
/**
* See header
*/
-pb_tnc_msg_t *pb_access_recommendation_msg_create(u_int16_t recommendation)
+pb_tnc_msg_t *pb_access_recommendation_msg_create(uint16_t recommendation)
{
private_pb_access_recommendation_msg_t *this;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.h b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.h
index d0dc6358b..84b8d1a94 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.h
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_access_recommendation_msg.h
@@ -56,7 +56,7 @@ struct pb_access_recommendation_msg_t {
*
* @return PB Access Recommendation
*/
- u_int16_t (*get_access_recommendation)(pb_access_recommendation_msg_t *this);
+ uint16_t (*get_access_recommendation)(pb_access_recommendation_msg_t *this);
};
/**
@@ -64,7 +64,7 @@ struct pb_access_recommendation_msg_t {
*
* @param recommendation Access Recommendation code
*/
-pb_tnc_msg_t* pb_access_recommendation_msg_create(u_int16_t recommendation);
+pb_tnc_msg_t* pb_access_recommendation_msg_create(uint16_t recommendation);
/**
* Create an unprocessed PB-Access-Recommendation message from raw data
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.c
index e23493569..a4cdb7e6a 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.c
@@ -53,7 +53,7 @@ struct private_pb_assessment_result_msg_t {
/**
* Assessment result code
*/
- u_int32_t assessment_result;
+ uint32_t assessment_result;
/**
* Encoded message
@@ -90,7 +90,7 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_assessment_result_msg_t *this, u_int32_t *offset)
+ private_pb_assessment_result_msg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
@@ -117,7 +117,7 @@ METHOD(pb_tnc_msg_t, destroy, void,
free(this);
}
-METHOD(pb_assessment_result_msg_t, get_assessment_result, u_int32_t,
+METHOD(pb_assessment_result_msg_t, get_assessment_result, uint32_t,
private_pb_assessment_result_msg_t *this)
{
return this->assessment_result;
@@ -151,7 +151,7 @@ pb_tnc_msg_t *pb_assessment_result_msg_create_from_data(chunk_t data)
/**
* See header
*/
-pb_tnc_msg_t *pb_assessment_result_msg_create(u_int32_t assessment_result)
+pb_tnc_msg_t *pb_assessment_result_msg_create(uint32_t assessment_result)
{
private_pb_assessment_result_msg_t *this;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.h b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.h
index 11cfdbef2..25f9f9fab 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.h
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_assessment_result_msg.h
@@ -40,7 +40,7 @@ struct pb_assessment_result_msg_t {
*
* @return PB Assessment result
*/
- u_int32_t (*get_assessment_result)(pb_assessment_result_msg_t *this);
+ uint32_t (*get_assessment_result)(pb_assessment_result_msg_t *this);
};
/**
@@ -48,7 +48,7 @@ struct pb_assessment_result_msg_t {
*
* @param assessment_result Assessment result code
*/
-pb_tnc_msg_t* pb_assessment_result_msg_create(u_int32_t assessment_result);
+pb_tnc_msg_t* pb_assessment_result_msg_create(uint32_t assessment_result);
/**
* Create an unprocessed PB-Assessment-Result message from raw data
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.c
index d9910f660..05621b7cb 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.c
@@ -75,22 +75,22 @@ struct private_pb_error_msg_t {
/**
* PB Error Code Vendor ID
*/
- u_int32_t vendor_id;
+ uint32_t vendor_id;
/**
* PB Error Code
*/
- u_int16_t error_code;
+ uint16_t error_code;
/**
* PB Error Offset
*/
- u_int32_t error_offset;
+ uint32_t error_offset;
/**
* Bad PB-TNC version received
*/
- u_int8_t bad_version;
+ uint8_t bad_version;
/**
* Encoded message
@@ -153,10 +153,10 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_error_msg_t *this, u_int32_t *offset)
+ private_pb_error_msg_t *this, uint32_t *offset)
{
- u_int8_t flags, max_version, min_version;
- u_int16_t reserved;
+ uint8_t flags, max_version, min_version;
+ uint16_t reserved;
bio_reader_t *reader;
if (this->encoding.len < ERROR_HEADER_SIZE)
@@ -216,32 +216,32 @@ METHOD(pb_error_msg_t, get_fatal_flag, bool,
return this->fatal;
}
-METHOD(pb_error_msg_t, get_vendor_id, u_int32_t,
+METHOD(pb_error_msg_t, get_vendor_id, uint32_t,
private_pb_error_msg_t *this)
{
return this->vendor_id;
}
-METHOD(pb_error_msg_t, get_error_code, u_int16_t,
+METHOD(pb_error_msg_t, get_error_code, uint16_t,
private_pb_error_msg_t *this)
{
return this->error_code;
}
-METHOD(pb_error_msg_t, get_offset, u_int32_t,
+METHOD(pb_error_msg_t, get_offset, uint32_t,
private_pb_error_msg_t *this)
{
return this->error_offset;
}
-METHOD(pb_error_msg_t, get_bad_version, u_int8_t,
+METHOD(pb_error_msg_t, get_bad_version, uint8_t,
private_pb_error_msg_t *this)
{
return this->bad_version;
}
METHOD(pb_error_msg_t, set_bad_version, void,
- private_pb_error_msg_t *this, u_int8_t version)
+ private_pb_error_msg_t *this, uint8_t version)
{
this->bad_version = version;
}
@@ -249,7 +249,7 @@ METHOD(pb_error_msg_t, set_bad_version, void,
/**
* See header
*/
-pb_tnc_msg_t* pb_error_msg_create(bool fatal, u_int32_t vendor_id,
+pb_tnc_msg_t* pb_error_msg_create(bool fatal, uint32_t vendor_id,
pb_tnc_error_code_t error_code)
{
private_pb_error_msg_t *this;
@@ -284,9 +284,9 @@ pb_tnc_msg_t* pb_error_msg_create(bool fatal, u_int32_t vendor_id,
/**
* See header
*/
-pb_tnc_msg_t* pb_error_msg_create_with_offset(bool fatal, u_int32_t vendor_id,
+pb_tnc_msg_t* pb_error_msg_create_with_offset(bool fatal, uint32_t vendor_id,
pb_tnc_error_code_t error_code,
- u_int32_t error_offset)
+ uint32_t error_offset)
{
private_pb_error_msg_t *this;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.h b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.h
index 9c0ad82a6..34fc20886 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.h
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_error_msg.h
@@ -64,35 +64,35 @@ struct pb_error_msg_t {
*
* @return PB Error Code Vendor ID
*/
- u_int32_t (*get_vendor_id)(pb_error_msg_t *this);
+ uint32_t (*get_vendor_id)(pb_error_msg_t *this);
/**
* Get PB Error Code
*
* @return PB Error Code
*/
- u_int16_t (*get_error_code)(pb_error_msg_t *this);
+ uint16_t (*get_error_code)(pb_error_msg_t *this);
/**
* Get the PB Error Offset
*
* @return PB Error Offset
*/
- u_int32_t (*get_offset)(pb_error_msg_t *this);
+ uint32_t (*get_offset)(pb_error_msg_t *this);
/**
* Get the PB Bad Version
*
* @return PB Bad Version
*/
- u_int8_t (*get_bad_version)(pb_error_msg_t *this);
+ uint8_t (*get_bad_version)(pb_error_msg_t *this);
/**
* Set the PB Bad Version
*
* @param version PB Bad Version
*/
- void (*set_bad_version)(pb_error_msg_t *this, u_int8_t version);
+ void (*set_bad_version)(pb_error_msg_t *this, uint8_t version);
};
/**
@@ -102,7 +102,7 @@ struct pb_error_msg_t {
* @param vendor_id Error Code Vendor ID
* @param error_code Error Code
*/
-pb_tnc_msg_t* pb_error_msg_create(bool fatal, u_int32_t vendor_id,
+pb_tnc_msg_t* pb_error_msg_create(bool fatal, uint32_t vendor_id,
pb_tnc_error_code_t error_code);
/**
@@ -113,9 +113,9 @@ pb_tnc_msg_t* pb_error_msg_create(bool fatal, u_int32_t vendor_id,
* @param error_code Error Code
* @param error_offset Error Offset
*/
-pb_tnc_msg_t* pb_error_msg_create_with_offset(bool fatal, u_int32_t vendor_id,
+pb_tnc_msg_t* pb_error_msg_create_with_offset(bool fatal, uint32_t vendor_id,
pb_tnc_error_code_t error_code,
- u_int32_t error_offset);
+ uint32_t error_offset);
/**
* Create an unprocessed PB-Error message from raw data
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_experimental_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_experimental_msg.c
index c6290887c..da834ab67 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_experimental_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_experimental_msg.c
@@ -57,7 +57,7 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_experimental_msg_t *this, u_int32_t *offset)
+ private_pb_experimental_msg_t *this, uint32_t *offset)
{
return SUCCESS;
}
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_language_preference_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_language_preference_msg.c
index f14f28980..1a288abb5 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_language_preference_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_language_preference_msg.c
@@ -85,7 +85,7 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_language_preference_msg_t *this, u_int32_t *offset)
+ private_pb_language_preference_msg_t *this, uint32_t *offset)
{
chunk_t lang;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.c
index 263af3224..2c7aa8965 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.c
@@ -75,12 +75,12 @@ struct private_pb_pa_msg_t {
/**
* Posture Validator Identifier
*/
- u_int16_t collector_id;
+ uint16_t collector_id;
/**
* Posture Validator Identifier
*/
- u_int16_t validator_id;
+ uint16_t validator_id;
/**
* PA Message Body
@@ -131,9 +131,9 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_pa_msg_t *this, u_int32_t *offset)
+ private_pb_pa_msg_t *this, uint32_t *offset)
{
- u_int8_t flags;
+ uint8_t flags;
size_t msg_body_len;
bio_reader_t *reader;
@@ -186,13 +186,13 @@ METHOD(pb_pa_msg_t, get_subtype, pen_type_t,
return this->subtype;
}
-METHOD(pb_pa_msg_t, get_collector_id, u_int16_t,
+METHOD(pb_pa_msg_t, get_collector_id, uint16_t,
private_pb_pa_msg_t *this)
{
return this->collector_id;
}
-METHOD(pb_pa_msg_t, get_validator_id, u_int16_t,
+METHOD(pb_pa_msg_t, get_validator_id, uint16_t,
private_pb_pa_msg_t *this)
{
return this->validator_id;
@@ -241,8 +241,8 @@ pb_tnc_msg_t *pb_pa_msg_create_from_data(chunk_t data)
/**
* See header
*/
-pb_tnc_msg_t *pb_pa_msg_create(u_int32_t vendor_id, u_int32_t subtype,
- u_int16_t collector_id, u_int16_t validator_id,
+pb_tnc_msg_t *pb_pa_msg_create(uint32_t vendor_id, uint32_t subtype,
+ uint16_t collector_id, uint16_t validator_id,
bool excl, chunk_t msg_body)
{
private_pb_pa_msg_t *this;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.h b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.h
index f3b6b1518..f73f11627 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.h
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_pa_msg.h
@@ -51,14 +51,14 @@ struct pb_pa_msg_t {
*
* @return Posture Collector ID
*/
- u_int16_t (*get_collector_id)(pb_pa_msg_t *this);
+ uint16_t (*get_collector_id)(pb_pa_msg_t *this);
/**
* Get Posture Validator ID
*
* @return Posture Validator ID
*/
- u_int16_t (*get_validator_id)(pb_pa_msg_t *this);
+ uint16_t (*get_validator_id)(pb_pa_msg_t *this);
/**
* Get the PA Message Body
@@ -86,8 +86,8 @@ struct pb_pa_msg_t {
* @param excl Exclusive Flag
* @param msg_body PA Message Body
*/
-pb_tnc_msg_t *pb_pa_msg_create(u_int32_t vendor_id, u_int32_t subtype,
- u_int16_t collector_id, u_int16_t validator_id,
+pb_tnc_msg_t *pb_pa_msg_create(uint32_t vendor_id, uint32_t subtype,
+ uint16_t collector_id, uint16_t validator_id,
bool excl, chunk_t msg_body);
/**
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_reason_string_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_reason_string_msg.c
index cafc4ec54..25291d581 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_reason_string_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_reason_string_msg.c
@@ -97,7 +97,7 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_reason_string_msg_t *this, u_int32_t *offset)
+ private_pb_reason_string_msg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_remediation_parameters_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_remediation_parameters_msg.c
index 8dc590657..9eae707a5 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_remediation_parameters_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ietf/pb_remediation_parameters_msg.c
@@ -123,10 +123,10 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_remediation_parameters_msg_t *this, u_int32_t *offset)
+ private_pb_remediation_parameters_msg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t reserved;
+ uint8_t reserved;
status_t status = SUCCESS;
u_char *pos;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ita/pb_mutual_capability_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ita/pb_mutual_capability_msg.c
index 1f35cae6b..c31752019 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ita/pb_mutual_capability_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ita/pb_mutual_capability_msg.c
@@ -95,7 +95,7 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_mutual_capability_msg_t *this, u_int32_t *offset)
+ private_pb_mutual_capability_msg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/ita/pb_noskip_test_msg.c b/src/libtnccs/plugins/tnccs_20/messages/ita/pb_noskip_test_msg.c
index c95222e3a..4e8be79f2 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/ita/pb_noskip_test_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/ita/pb_noskip_test_msg.c
@@ -57,7 +57,7 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_noskip_test_msg_t *this, u_int32_t *offset)
+ private_pb_noskip_test_msg_t *this, uint32_t *offset)
{
return SUCCESS;
}
diff --git a/src/libtnccs/plugins/tnccs_20/messages/pb_tnc_msg.h b/src/libtnccs/plugins/tnccs_20/messages/pb_tnc_msg.h
index 395284366..cfa92aa74 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/pb_tnc_msg.h
+++ b/src/libtnccs/plugins/tnccs_20/messages/pb_tnc_msg.h
@@ -82,7 +82,7 @@ extern enum_name_t *pb_tnc_ita_msg_type_names;
* Information entry describing a PB-TNC Message Type
*/
struct pb_tnc_msg_info_t {
- u_int32_t min_size;
+ uint32_t min_size;
bool exact_size;
bool in_result_batch;
signed char has_noskip_flag;
@@ -138,7 +138,7 @@ struct pb_tnc_msg_t {
* @param relative offset where an error occurred
* @return return processing status
*/
- status_t (*process)(pb_tnc_msg_t *this, u_int32_t *offset);
+ status_t (*process)(pb_tnc_msg_t *this, uint32_t *offset);
/**
* Get a new reference to the message.
diff --git a/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.c b/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.c
index 1c8538e6b..7c518e8d5 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.c
+++ b/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.c
@@ -117,12 +117,12 @@ struct private_pb_pdp_referral_msg_t {
/**
* PT protocol the PDP is using
*/
- u_int8_t protocol;
+ uint8_t protocol;
/**
* PT port the PDP is using
*/
- u_int16_t port;
+ uint16_t port;
/**
* Encoded message
@@ -163,10 +163,10 @@ METHOD(pb_tnc_msg_t, build, void,
}
METHOD(pb_tnc_msg_t, process, status_t,
- private_pb_pdp_referral_msg_t *this, u_int32_t *offset)
+ private_pb_pdp_referral_msg_t *this, uint32_t *offset)
{
bio_reader_t *reader;
- u_int8_t reserved;
+ uint8_t reserved;
*offset = 0;
@@ -223,7 +223,7 @@ METHOD(pb_pdp_referral_msg_t, get_identifier, chunk_t,
}
METHOD(pb_pdp_referral_msg_t, get_fqdn, chunk_t,
- private_pb_pdp_referral_msg_t *this, u_int8_t *protocol, u_int16_t *port)
+ private_pb_pdp_referral_msg_t *this, uint8_t *protocol, uint16_t *port)
{
if (protocol)
{
@@ -267,7 +267,7 @@ pb_tnc_msg_t* pb_pdp_referral_msg_create(pen_type_t identifier_type,
/**
* See header
*/
-pb_tnc_msg_t* pb_pdp_referral_msg_create_from_fqdn(chunk_t fqdn, u_int16_t port)
+pb_tnc_msg_t* pb_pdp_referral_msg_create_from_fqdn(chunk_t fqdn, uint16_t port)
{
pb_tnc_msg_t *msg;
bio_writer_t *writer;
diff --git a/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.h b/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.h
index b225f3381..0923c8ba4 100644
--- a/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.h
+++ b/src/libtnccs/plugins/tnccs_20/messages/tcg/pb_pdp_referral_msg.h
@@ -74,8 +74,8 @@ struct pb_pdp_referral_msg_t {
* @param port PT port the PDP is listening on
* @return Fully Qualified Domain Name of PDP
*/
- chunk_t (*get_fqdn)(pb_pdp_referral_msg_t *this, u_int8_t *protocol,
- u_int16_t *port);
+ chunk_t (*get_fqdn)(pb_pdp_referral_msg_t *this, uint8_t *protocol,
+ uint16_t *port);
};
@@ -94,7 +94,7 @@ pb_tnc_msg_t* pb_pdp_referral_msg_create(pen_type_t identifier_type,
* @param fqdn Fully Qualified Domain Name of PDP
* @param port PT-TLS port the PDP is listening on
*/
-pb_tnc_msg_t* pb_pdp_referral_msg_create_from_fqdn(chunk_t fqdn, u_int16_t port);
+pb_tnc_msg_t* pb_pdp_referral_msg_create_from_fqdn(chunk_t fqdn, uint16_t port);
/**
* Create an unprocessed PB-PDP-Referral message from raw data
diff --git a/src/libtnccs/plugins/tnccs_20/tnccs_20.c b/src/libtnccs/plugins/tnccs_20/tnccs_20.c
index 35d297842..041faa389 100644
--- a/src/libtnccs/plugins/tnccs_20/tnccs_20.c
+++ b/src/libtnccs/plugins/tnccs_20/tnccs_20.c
@@ -77,7 +77,7 @@ struct private_tnccs_20_t {
/**
* Type of TNC client authentication
*/
- u_int32_t auth_type;
+ uint32_t auth_type;
/**
* Mutual PB-TNC protocol enabled
@@ -423,20 +423,20 @@ METHOD(tnccs_t, set_transport, void,
this->transport = transport;
}
-METHOD(tnccs_t, get_auth_type, u_int32_t,
+METHOD(tnccs_t, get_auth_type, uint32_t,
private_tnccs_20_t *this)
{
return this->auth_type;
}
METHOD(tnccs_t, set_auth_type, void,
- private_tnccs_20_t *this, u_int32_t auth_type)
+ private_tnccs_20_t *this, uint32_t auth_type)
{
this->auth_type = auth_type;
}
METHOD(tnccs_t, get_pdp_server, chunk_t,
- private_tnccs_20_t *this, u_int16_t *port)
+ private_tnccs_20_t *this, uint16_t *port)
{
if (this->tnc_client)
{
diff --git a/src/libtnccs/plugins/tnccs_20/tnccs_20_client.c b/src/libtnccs/plugins/tnccs_20/tnccs_20_client.c
index 4ba8221d0..04e404225 100644
--- a/src/libtnccs/plugins/tnccs_20/tnccs_20_client.c
+++ b/src/libtnccs/plugins/tnccs_20/tnccs_20_client.c
@@ -104,7 +104,7 @@ struct private_tnccs_20_client_t {
/**
* PDP server port
*/
- u_int16_t pdp_port;
+ uint16_t pdp_port;
/**
* Mutual PB-TNC protocol enabled
@@ -124,8 +124,8 @@ struct private_tnccs_20_client_t {
void tnccs_20_handle_ietf_error_msg(pb_tnc_msg_t *msg, bool *fatal_error)
{
pb_error_msg_t *err_msg;
- u_int32_t vendor_id;
- u_int16_t error_code;
+ uint32_t vendor_id;
+ uint16_t error_code;
bool fatal;
err_msg = (pb_error_msg_t*)msg;
@@ -238,7 +238,7 @@ static void handle_ietf_message(private_tnccs_20_client_t *this, pb_tnc_msg_t *m
{
pb_pa_msg_t *pa_msg;
pen_type_t msg_subtype;
- u_int16_t imc_id, imv_id;
+ uint16_t imc_id, imv_id;
chunk_t msg_body;
bool excl;
enum_name_t *pa_subtype_names;
@@ -274,7 +274,7 @@ static void handle_ietf_message(private_tnccs_20_client_t *this, pb_tnc_msg_t *m
case PB_MSG_ASSESSMENT_RESULT:
{
pb_assessment_result_msg_t *assess_msg;
- u_int32_t result;
+ uint32_t result;
assess_msg = (pb_assessment_result_msg_t*)msg;
result = assess_msg->get_assessment_result(assess_msg);
@@ -375,7 +375,7 @@ static void handle_tcg_message(private_tnccs_20_client_t *this, pb_tnc_msg_t *ms
{
pb_pdp_referral_msg_t *pdp_msg;
pen_type_t pdp_id_type;
- u_int8_t pdp_protocol;
+ uint8_t pdp_protocol;
pdp_msg = (pb_pdp_referral_msg_t*)msg;
pdp_id_type = pdp_msg->get_identifier_type(pdp_msg);
@@ -765,7 +765,7 @@ METHOD(tnccs_20_handler_t, destroy, void,
}
METHOD(tnccs_20_client_t, get_pdp_server, chunk_t,
- private_tnccs_20_client_t *this, u_int16_t *port)
+ private_tnccs_20_client_t *this, uint16_t *port)
{
*port = this->pdp_port;
diff --git a/src/libtnccs/plugins/tnccs_20/tnccs_20_client.h b/src/libtnccs/plugins/tnccs_20/tnccs_20_client.h
index 7a5f33ebc..3b34638a8 100644
--- a/src/libtnccs/plugins/tnccs_20/tnccs_20_client.h
+++ b/src/libtnccs/plugins/tnccs_20/tnccs_20_client.h
@@ -45,7 +45,7 @@ struct tnccs_20_client_t {
* @param port PT-TLS port of the PDP server
* @return FQDN of PDP server
*/
- chunk_t (*get_pdp_server)(tnccs_20_client_t *this, u_int16_t *port);
+ chunk_t (*get_pdp_server)(tnccs_20_client_t *this, uint16_t *port);
};
diff --git a/src/libtnccs/plugins/tnccs_20/tnccs_20_server.c b/src/libtnccs/plugins/tnccs_20/tnccs_20_server.c
index 038fc178b..86ae1c099 100644
--- a/src/libtnccs/plugins/tnccs_20/tnccs_20_server.c
+++ b/src/libtnccs/plugins/tnccs_20/tnccs_20_server.c
@@ -166,7 +166,7 @@ static void handle_ietf_message(private_tnccs_20_server_t *this, pb_tnc_msg_t *m
{
pb_pa_msg_t *pa_msg;
pen_type_t msg_subtype;
- u_int16_t imc_id, imv_id;
+ uint16_t imc_id, imv_id;
chunk_t msg_body;
bool excl;
enum_name_t *pa_subtype_names;
@@ -531,14 +531,14 @@ METHOD(tnccs_20_handler_t, begin_handshake, void,
{
pb_tnc_msg_t *msg;
identification_t *pdp_server;
- u_int16_t *pdp_port;
+ uint16_t *pdp_port;
tnc->imvs->notify_connection_change(tnc->imvs, this->connection_id,
TNC_CONNECTION_STATE_HANDSHAKE);
/* Send a PB-TNC TCG PDP Referral message if PDP is known */
pdp_server = (identification_t*)lib->get(lib, "pt-tls-server");
- pdp_port = (u_int16_t*)lib->get(lib, "pt-tls-port");
+ pdp_port = (uint16_t*)lib->get(lib, "pt-tls-port");
if (this->eap_transport && pdp_server && pdp_port)
{
diff --git a/src/libtnccs/plugins/tnccs_dynamic/Makefile.in b/src/libtnccs/plugins/tnccs_dynamic/Makefile.in
index 949532a09..59efdbb9b 100644
--- a/src/libtnccs/plugins/tnccs_dynamic/Makefile.in
+++ b/src/libtnccs/plugins/tnccs_dynamic/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libtnccs/plugins/tnccs_dynamic
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -205,12 +214,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -260,6 +271,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -294,6 +306,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -405,6 +418,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -468,7 +482,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtnccs/plugins/tnccs_dynamic/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtnccs/plugins/tnccs_dynamic/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -782,6 +795,8 @@ uninstall-am: uninstall-pluginLTLIBRARIES
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-pluginLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c b/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c
index 44b804fb2..c366e77ab 100644
--- a/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c
+++ b/src/libtnccs/plugins/tnccs_dynamic/tnccs_dynamic.c
@@ -64,7 +64,7 @@ struct private_tnccs_dynamic_t {
/**
* Type of TNC client authentication
*/
- u_int32_t auth_type;
+ uint32_t auth_type;
/**
* Callback function to communicate recommendation (TNC Server only)
@@ -223,20 +223,20 @@ METHOD(tnccs_t, set_transport, void,
this->transport = transport;
}
-METHOD(tnccs_t, get_auth_type, u_int32_t,
+METHOD(tnccs_t, get_auth_type, uint32_t,
private_tnccs_dynamic_t *this)
{
return this->auth_type;
}
METHOD(tnccs_t, set_auth_type, void,
- private_tnccs_dynamic_t *this, u_int32_t auth_type)
+ private_tnccs_dynamic_t *this, uint32_t auth_type)
{
this->auth_type = auth_type;
}
METHOD(tnccs_t, get_pdp_server, chunk_t,
- private_tnccs_dynamic_t *this, u_int16_t *port)
+ private_tnccs_dynamic_t *this, uint16_t *port)
{
tnccs_t *tnccs = (tnccs_t*)this->tls;
diff --git a/src/libtnccs/tnc/tnccs/tnccs.h b/src/libtnccs/tnc/tnccs/tnccs.h
index 8ff295bcc..d367a15a7 100644
--- a/src/libtnccs/tnc/tnccs/tnccs.h
+++ b/src/libtnccs/tnc/tnccs/tnccs.h
@@ -119,14 +119,14 @@ struct tnccs_t {
*
* @return TNC Client authentication type
*/
- u_int32_t (*get_auth_type)(tnccs_t *this);
+ uint32_t (*get_auth_type)(tnccs_t *this);
/**
* Set type of TNC Client authentication
*
* @param auth_type TNC Client authentication type
*/
- void (*set_auth_type)(tnccs_t *this, u_int32_t auth_type);
+ void (*set_auth_type)(tnccs_t *this, uint32_t auth_type);
/**
* Get PDP server name and port number
@@ -134,7 +134,7 @@ struct tnccs_t {
* @param port PDP port number
* @return PDP server name
*/
- chunk_t (*get_pdp_server)(tnccs_t *this, u_int16_t *port);
+ chunk_t (*get_pdp_server)(tnccs_t *this, uint16_t *port);
/**
* Get a new reference to the TNCCS object.
diff --git a/src/libtnccs/tnc/tnccs/tnccs_manager.h b/src/libtnccs/tnc/tnccs/tnccs_manager.h
index b5c85f3c0..bd1573f7b 100644
--- a/src/libtnccs/tnc/tnccs/tnccs_manager.h
+++ b/src/libtnccs/tnc/tnccs/tnccs_manager.h
@@ -87,7 +87,7 @@ struct tnccs_manager_t {
tnccs_type_t type, tnccs_t *tnccs,
tnccs_send_message_t send_message,
bool *request_handshake_retry,
- u_int32_t max_msg_len,
+ uint32_t max_msg_len,
recommendations_t **recs);
/**
diff --git a/src/libtncif/Makefile.in b/src/libtncif/Makefile.in
index 4be7ae1a8..9d7ba9a1a 100644
--- a/src/libtncif/Makefile.in
+++ b/src/libtncif/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -79,8 +89,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/libtncif
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -94,6 +102,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -167,12 +176,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -222,6 +233,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -256,6 +268,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -367,6 +380,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -422,7 +436,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtncif/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/libtncif/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -699,6 +712,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libtncif/tncif_identity.c b/src/libtncif/tncif_identity.c
index 7ee215c77..5eecb9cca 100644
--- a/src/libtncif/tncif_identity.c
+++ b/src/libtncif/tncif_identity.c
@@ -121,8 +121,8 @@ METHOD(tncif_identity_t, build, void,
METHOD(tncif_identity_t, process, bool,
private_tncif_identity_t *this, bio_reader_t *reader)
{
- u_int8_t reserved;
- u_int32_t vendor_id, type;
+ uint8_t reserved;
+ uint32_t vendor_id, type;
chunk_t identity_value;
if (reader->remaining(reader) < TNCIF_IDENTITY_MIN_SIZE)
diff --git a/src/libtpmtss/Makefile.am b/src/libtpmtss/Makefile.am
new file mode 100644
index 000000000..8fcb44f6a
--- /dev/null
+++ b/src/libtpmtss/Makefile.am
@@ -0,0 +1,25 @@
+AM_CPPFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan
+
+AM_LDFLAGS = \
+ -no-undefined
+
+ipseclib_LTLIBRARIES = libtpmtss.la
+libtpmtss_la_SOURCES = \
+ tpm_tss.h tpm_tss.c \
+ tpm_tss_quote_info.h tpm_tss_quote_info.c \
+ tpm_tss_trousers.h tpm_tss_trousers.c \
+ tpm_tss_tss2.h tpm_tss_tss2.c \
+ tpm_tss_tss2_names.h tpm_tss_tss2_names.c
+
+libtpmtss_la_LIBADD = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la
+
+if USE_TSS2
+libtpmtss_la_LIBADD += -ltctisocket -ltss2
+endif
+
+if USE_TROUSERS
+libtpmtss_la_LIBADD += -ltspi
+endif
+
diff --git a/src/libtpmtss/Makefile.in b/src/libtpmtss/Makefile.in
new file mode 100644
index 000000000..fcee04fc3
--- /dev/null
+++ b/src/libtpmtss/Makefile.in
@@ -0,0 +1,788 @@
+# Makefile.in generated by automake 1.15 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@USE_TSS2_TRUE@am__append_1 = -ltctisocket -ltss2
+@USE_TROUSERS_TRUE@am__append_2 = -ltspi
+subdir = src/libtpmtss
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
+ $(top_srcdir)/m4/config/ltoptions.m4 \
+ $(top_srcdir)/m4/config/ltsugar.m4 \
+ $(top_srcdir)/m4/config/ltversion.m4 \
+ $(top_srcdir)/m4/config/lt~obsolete.m4 \
+ $(top_srcdir)/m4/macros/split-package-version.m4 \
+ $(top_srcdir)/m4/macros/with.m4 \
+ $(top_srcdir)/m4/macros/enable-disable.m4 \
+ $(top_srcdir)/m4/macros/add-plugin.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(ipseclibdir)"
+LTLIBRARIES = $(ipseclib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+libtpmtss_la_DEPENDENCIES = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+am_libtpmtss_la_OBJECTS = tpm_tss.lo tpm_tss_quote_info.lo \
+ tpm_tss_trousers.lo tpm_tss_tss2.lo tpm_tss_tss2_names.lo
+libtpmtss_la_OBJECTS = $(am_libtpmtss_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libtpmtss_la_SOURCES)
+DIST_SOURCES = $(libtpmtss_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+ETAGS = etags
+CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+ATOMICLIB = @ATOMICLIB@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BFDLIB = @BFDLIB@
+BTLIB = @BTLIB@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
+COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+EASY_INSTALL = @EASY_INSTALL@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GEM = @GEM@
+GENHTML = @GENHTML@
+GPERF = @GPERF@
+GPRBUILD = @GPRBUILD@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LCOV = @LCOV@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MYSQLCFLAG = @MYSQLCFLAG@
+MYSQLCONFIG = @MYSQLCONFIG@
+MYSQLLIB = @MYSQLLIB@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_LIB = @OPENSSL_LIB@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@
+PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@
+PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@
+PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PLUGIN_CFLAGS = @PLUGIN_CFLAGS@
+PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+PY_TEST = @PY_TEST@
+RANLIB = @RANLIB@
+RTLIB = @RTLIB@
+RUBY = @RUBY@
+RUBYGEMDIR = @RUBYGEMDIR@
+RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
+STRIP = @STRIP@
+UNWINDLIB = @UNWINDLIB@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+aikgen_plugins = @aikgen_plugins@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
+clearsilver_LIBS = @clearsilver_LIBS@
+cmd_plugins = @cmd_plugins@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbusservicedir = @dbusservicedir@
+dev_headers = @dev_headers@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+fips_mode = @fips_mode@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+h_plugins = @h_plugins@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+imcvdir = @imcvdir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
+ipsecuser = @ipsecuser@
+json_CFLAGS = @json_CFLAGS@
+json_LIBS = @json_LIBS@
+libdir = @libdir@
+libexecdir = @libexecdir@
+libiptc_CFLAGS = @libiptc_CFLAGS@
+libiptc_LIBS = @libiptc_LIBS@
+linux_headers = @linux_headers@
+localedir = @localedir@
+localstatedir = @localstatedir@
+maemo_CFLAGS = @maemo_CFLAGS@
+maemo_LIBS = @maemo_LIBS@
+manager_plugins = @manager_plugins@
+mandir = @mandir@
+medsrv_plugins = @medsrv_plugins@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
+oldincludedir = @oldincludedir@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
+pdfdir = @pdfdir@
+piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+pki_plugins = @pki_plugins@
+plugindir = @plugindir@
+pool_plugins = @pool_plugins@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+random_device = @random_device@
+resolv_conf = @resolv_conf@
+routing_table = @routing_table@
+routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
+s_plugins = @s_plugins@
+sbindir = @sbindir@
+scepclient_plugins = @scepclient_plugins@
+scripts_plugins = @scripts_plugins@
+sharedstatedir = @sharedstatedir@
+soup_CFLAGS = @soup_CFLAGS@
+soup_LIBS = @soup_LIBS@
+srcdir = @srcdir@
+starter_plugins = @starter_plugins@
+strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
+swanctldir = @swanctldir@
+sysconfdir = @sysconfdir@
+systemd_CFLAGS = @systemd_CFLAGS@
+systemd_LIBS = @systemd_LIBS@
+systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@
+systemd_daemon_LIBS = @systemd_daemon_LIBS@
+systemd_journal_CFLAGS = @systemd_journal_CFLAGS@
+systemd_journal_LIBS = @systemd_journal_LIBS@
+systemdsystemunitdir = @systemdsystemunitdir@
+t_plugins = @t_plugins@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+urandom_device = @urandom_device@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+AM_CPPFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan
+
+AM_LDFLAGS = \
+ -no-undefined
+
+ipseclib_LTLIBRARIES = libtpmtss.la
+libtpmtss_la_SOURCES = \
+ tpm_tss.h tpm_tss.c \
+ tpm_tss_quote_info.h tpm_tss_quote_info.c \
+ tpm_tss_trousers.h tpm_tss_trousers.c \
+ tpm_tss_tss2.h tpm_tss_tss2.c \
+ tpm_tss_tss2_names.h tpm_tss_tss2_names.c
+
+libtpmtss_la_LIBADD = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(am__append_1) $(am__append_2)
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtpmtss/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/libtpmtss/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+install-ipseclibLTLIBRARIES: $(ipseclib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(ipseclib_LTLIBRARIES)'; test -n "$(ipseclibdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(ipseclibdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(ipseclibdir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(ipseclibdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(ipseclibdir)"; \
+ }
+
+uninstall-ipseclibLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(ipseclib_LTLIBRARIES)'; test -n "$(ipseclibdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(ipseclibdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(ipseclibdir)/$$f"; \
+ done
+
+clean-ipseclibLTLIBRARIES:
+ -test -z "$(ipseclib_LTLIBRARIES)" || rm -f $(ipseclib_LTLIBRARIES)
+ @list='$(ipseclib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+libtpmtss.la: $(libtpmtss_la_OBJECTS) $(libtpmtss_la_DEPENDENCIES) $(EXTRA_libtpmtss_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(LINK) -rpath $(ipseclibdir) $(libtpmtss_la_OBJECTS) $(libtpmtss_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm_tss.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm_tss_quote_info.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm_tss_trousers.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm_tss_tss2.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm_tss_tss2_names.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(ipseclibdir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-ipseclibLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-ipseclibLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-ipseclibLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-ipseclibLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-ipseclibLTLIBRARIES install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
+ uninstall-ipseclibLTLIBRARIES
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libtpmtss/tpm_tss.c b/src/libtpmtss/tpm_tss.c
new file mode 100644
index 000000000..b7b970c8d
--- /dev/null
+++ b/src/libtpmtss/tpm_tss.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "tpm_tss.h"
+#include "tpm_tss_tss2.h"
+#include "tpm_tss_trousers.h"
+
+/**
+ * Described in header.
+ */
+void libtpmtss_init(void)
+{
+ /* empty */
+}
+
+typedef tpm_tss_t*(*tpm_tss_create)();
+
+/**
+ * See header.
+ */
+tpm_tss_t *tpm_tss_probe(tpm_version_t version)
+{
+ tpm_tss_create stacks[] = {
+ tpm_tss_tss2_create,
+ tpm_tss_trousers_create,
+ };
+ tpm_tss_t *tpm;
+ int i;
+
+ for (i = 0; i < countof(stacks); i++)
+ {
+ tpm = stacks[i]();
+ if (tpm)
+ {
+ if (version == TPM_VERSION_ANY || version == tpm->get_version(tpm))
+ {
+ return tpm;
+ }
+ }
+ }
+ return NULL;
+}
diff --git a/src/libtpmtss/tpm_tss.h b/src/libtpmtss/tpm_tss.h
new file mode 100644
index 000000000..4f4b9e2cf
--- /dev/null
+++ b/src/libtpmtss/tpm_tss.h
@@ -0,0 +1,140 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup libtpmtss libtpmtss
+ *
+ * @addtogroup libtpmtss
+ * @{
+ */
+
+#ifndef TPM_TSS_H_
+#define TPM_TSS_H_
+
+#include "tpm_tss_quote_info.h"
+
+#include <library.h>
+#include <crypto/hashers/hasher.h>
+
+typedef enum tpm_version_t tpm_version_t;
+typedef struct tpm_tss_t tpm_tss_t;
+
+/**
+ * TPM Versions
+ */
+enum tpm_version_t {
+ TPM_VERSION_ANY,
+ TPM_VERSION_1_2,
+ TPM_VERSION_2_0,
+};
+
+/**
+ * TPM access via TSS public interface
+ */
+struct tpm_tss_t {
+
+ /**
+ * Get TPM version supported by TSS
+ *
+ * @return TPM version
+ */
+ tpm_version_t (*get_version)(tpm_tss_t *this);
+
+ /**
+ * Get TPM version info (TPM 1.2 only)
+ *
+ * @return TPM version info struct
+ */
+ chunk_t (*get_version_info)(tpm_tss_t *this);
+
+ /**
+ * Generate AIK key pair bound to TPM (TPM 1.2 only)
+ *
+ * @param ca_modulus RSA modulus of CA public key
+ * @param aik_blob AIK private key blob
+ * @param aik_pubkey AIK public key
+ * @return TRUE if AIK key generation succeeded
+ */
+ bool (*generate_aik)(tpm_tss_t *this, chunk_t ca_modulus,
+ chunk_t *aik_blob, chunk_t *aik_pubkey,
+ chunk_t *identity_req);
+
+ /**
+ * Get public key from TPM using its object handle (TPM 2.0 only)
+ *
+ * @param handle key object handle
+ * @return public key in PKCS#1 format
+ */
+ chunk_t (*get_public)(tpm_tss_t *this, uint32_t handle);
+
+ /**
+ * Retrieve the current value of a PCR register in a given PCR bank
+ *
+ * @param pcr_num PCR number
+ * @param pcr_value PCR value returned
+ * @param alg hash algorithm, selects PCR bank (TPM 2.0 only)
+ * @return TRUE if PCR value retrieval succeeded
+ */
+ bool (*read_pcr)(tpm_tss_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ hash_algorithm_t alg);
+
+ /**
+ * Extend a PCR register in a given PCR bank with a hash value
+ *
+ * @param pcr_num PCR number
+ * @param pcr_value extended PCR value returned
+ * @param hash data to be extended into the PCR
+ * @param alg hash algorithm, selects PCR bank (TPM 2.0 only)
+ * @return TRUE if PCR extension succeeded
+ */
+ bool (*extend_pcr)(tpm_tss_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ chunk_t data, hash_algorithm_t alg);
+
+ /**
+ * Do a quote signature over a selection of PCR registers
+ *
+ * @param aik_handle object handle of AIK to be used for quote signature
+ * @param pcr_sel selection of PCR registers
+ * @param alg hash algorithm to be used for quote signature
+ * @param data additional data to be hashed into the quote
+ * @param quote_mode define current and legacy TPM quote modes
+ * @param quote_info returns various info covered by quote signature
+ * @param quote_sig returns quote signature
+ * @return TRUE if quote signature succeeded
+ */
+ bool (*quote)(tpm_tss_t *this, uint32_t aik_handle, uint32_t pcr_sel,
+ hash_algorithm_t alg, chunk_t data,
+ tpm_quote_mode_t *quote_mode,
+ tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig);
+
+ /**
+ * Destroy a tpm_tss_t.
+ */
+ void (*destroy)(tpm_tss_t *this);
+};
+
+/**
+ * Create a tpm_tss instance.
+ *
+ * @param version TPM version that must be supported by TSS
+ */
+tpm_tss_t *tpm_tss_probe(tpm_version_t version);
+
+/**
+ * Dummy libtpmtss initialization function needed for integrity test
+ */
+void libtpmtss_init(void);
+
+#endif /** TPM_TSS_H_ @}*/
diff --git a/src/libtpmtss/tpm_tss_quote_info.c b/src/libtpmtss/tpm_tss_quote_info.c
new file mode 100644
index 000000000..0341738e0
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_quote_info.c
@@ -0,0 +1,330 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <tpm_tss_quote_info.h>
+
+#include <bio/bio_writer.h>
+
+#ifndef TPM_TAG_QUOTE_INFO2
+#define TPM_TAG_QUOTE_INFO2 0x0036
+#endif
+#ifndef TPM_LOC_ZERO
+#define TPM_LOC_ZERO 0x01
+#endif
+
+typedef struct private_tpm_tss_quote_info_t private_tpm_tss_quote_info_t;
+
+/**
+ * Private data of an tpm_tss_quote_info_t object.
+ */
+struct private_tpm_tss_quote_info_t {
+
+ /**
+ * Public tpm_tss_quote_info_t interface.
+ */
+ tpm_tss_quote_info_t public;
+
+ /**
+ * TPM Quote Mode
+ */
+ tpm_quote_mode_t quote_mode;
+
+ /**
+ * TPM Qualified Signer
+ */
+ chunk_t qualified_signer;
+
+ /**
+ * TPM Clock Info
+ */
+ chunk_t clock_info;
+
+ /**
+ * TPM Version Info
+ */
+ chunk_t version_info;
+
+ /**
+ * TPM PCR Selection
+ */
+ chunk_t pcr_select;
+
+ /**
+ * TPM PCR Composite Hash
+ */
+ chunk_t pcr_digest;
+
+ /**
+ * TPM PCR Composite Hash algorithm
+ */
+ hash_algorithm_t pcr_digest_alg;
+
+ /**
+ * Reference count
+ */
+ refcount_t ref;
+
+};
+
+METHOD(tpm_tss_quote_info_t, get_quote_mode, tpm_quote_mode_t,
+ private_tpm_tss_quote_info_t *this)
+{
+ return this->quote_mode;
+}
+
+METHOD(tpm_tss_quote_info_t, get_pcr_digest_alg, hash_algorithm_t,
+ private_tpm_tss_quote_info_t *this)
+{
+ return this->pcr_digest_alg;
+}
+
+METHOD(tpm_tss_quote_info_t, get_pcr_digest, chunk_t,
+ private_tpm_tss_quote_info_t *this)
+{
+ return this->pcr_digest;
+}
+
+METHOD(tpm_tss_quote_info_t, get_quote, bool,
+ private_tpm_tss_quote_info_t *this, chunk_t nonce,
+ tpm_tss_pcr_composite_t *composite, chunk_t *quoted)
+{
+ chunk_t pcr_composite, pcr_digest;
+ bio_writer_t *writer;
+ hasher_t *hasher;
+ bool equal_digests;
+
+ /* Construct PCR Composite */
+ writer = bio_writer_create(32);
+
+ switch (this->quote_mode)
+ {
+ case TPM_QUOTE:
+ case TPM_QUOTE2:
+ case TPM_QUOTE2_VERSION_INFO:
+ writer->write_data16(writer, composite->pcr_select);
+ writer->write_data32(writer, composite->pcr_composite);
+
+ break;
+ case TPM_QUOTE_TPM2:
+ writer->write_data(writer, composite->pcr_composite);
+ break;
+ case TPM_QUOTE_NONE:
+ break;
+ }
+
+ pcr_composite = writer->extract_buf(writer);
+ writer->destroy(writer);
+
+ DBG2(DBG_PTS, "constructed PCR Composite: %B", &pcr_composite);
+
+ /* Compute PCR Composite Hash */
+ hasher = lib->crypto->create_hasher(lib->crypto, this->pcr_digest_alg);
+ if (!hasher || !hasher->allocate_hash(hasher, pcr_composite, &pcr_digest))
+ {
+ DESTROY_IF(hasher);
+ chunk_free(&pcr_composite);
+ return FALSE;
+ }
+ hasher->destroy(hasher);
+ chunk_free(&pcr_composite);
+
+ DBG2(DBG_PTS, "constructed PCR Composite digest: %B", &pcr_digest);
+
+ equal_digests = chunk_equals(pcr_digest, this->pcr_digest);
+
+ /* Construct Quote Info */
+ writer = bio_writer_create(32);
+
+ switch (this->quote_mode)
+ {
+ case TPM_QUOTE:
+ /* Version number */
+ writer->write_data(writer, chunk_from_chars(1, 1, 0, 0));
+
+ /* Magic QUOT value */
+ writer->write_data(writer, chunk_from_str("QUOT"));
+
+ /* PCR Composite Hash */
+ writer->write_data(writer, pcr_digest);
+
+ /* Secret assessment value 20 bytes (nonce) */
+ writer->write_data(writer, nonce);
+ break;
+ case TPM_QUOTE2:
+ case TPM_QUOTE2_VERSION_INFO:
+ /* TPM Structure Tag */
+ writer->write_uint16(writer, TPM_TAG_QUOTE_INFO2);
+
+ /* Magic QUT2 value */
+ writer->write_data(writer, chunk_from_str("QUT2"));
+
+ /* Secret assessment value 20 bytes (nonce) */
+ writer->write_data(writer, nonce);
+
+ /* PCR selection */
+ writer->write_data16(writer, composite->pcr_select);
+
+ /* TPM Locality Selection */
+ writer->write_uint8(writer, TPM_LOC_ZERO);
+
+ /* PCR Composite Hash */
+ writer->write_data(writer, pcr_digest);
+
+ if (this->quote_mode == TPM_QUOTE2_VERSION_INFO)
+ {
+ /* TPM version Info */
+ writer->write_data(writer, this->version_info);
+ }
+ break;
+ case TPM_QUOTE_TPM2:
+ /* Magic */
+ writer->write_data(writer, chunk_from_chars(0xff,0x54,0x43,0x47));
+
+ /* Type */
+ writer->write_uint16(writer, 0x8018);
+
+ /* Qualified Signer */
+ writer->write_data16(writer, this->qualified_signer);
+
+ /* Extra Data */
+ writer->write_data16(writer, nonce);
+
+ /* Clock Info */
+ writer->write_data(writer, this->clock_info);
+
+ /* Firmware Version */
+ writer->write_data(writer, this->version_info);
+
+ /* PCR Selection */
+ writer->write_data(writer, this->pcr_select);
+
+ /* PCR Composite Hash */
+ writer->write_data16(writer, pcr_digest);
+ break;
+ case TPM_QUOTE_NONE:
+ break;
+ }
+ chunk_free(&pcr_digest);
+ *quoted = writer->extract_buf(writer);
+ writer->destroy(writer);
+
+ DBG2(DBG_PTS, "constructed TPM Quote Info: %B", quoted);
+
+ if (!equal_digests)
+ {
+ DBG1(DBG_IMV, "received PCR Composite digest does not match "
+ "constructed one");
+ chunk_free(quoted);
+ }
+ return equal_digests;
+}
+
+METHOD(tpm_tss_quote_info_t, set_version_info, void,
+ private_tpm_tss_quote_info_t *this, chunk_t version_info)
+{
+ chunk_free(&this->version_info);
+ this->version_info = chunk_clone(version_info);
+}
+
+METHOD(tpm_tss_quote_info_t, get_version_info, chunk_t,
+ private_tpm_tss_quote_info_t *this)
+{
+ return this->version_info;
+}
+
+METHOD(tpm_tss_quote_info_t, set_tpm2_info, void,
+ private_tpm_tss_quote_info_t *this, chunk_t qualified_signer,
+ chunk_t clock_info, chunk_t pcr_select)
+{
+ chunk_free(&this->qualified_signer);
+ this->qualified_signer = chunk_clone(qualified_signer);
+
+ chunk_free(&this->clock_info);
+ this->clock_info = chunk_clone(clock_info);
+
+ chunk_free(&this->pcr_select);
+ this->pcr_select = chunk_clone(pcr_select);
+}
+
+METHOD(tpm_tss_quote_info_t, get_tpm2_info, void,
+ private_tpm_tss_quote_info_t *this, chunk_t *qualified_signer,
+ chunk_t *clock_info, chunk_t *pcr_select)
+{
+ if (qualified_signer)
+ {
+ *qualified_signer = this->qualified_signer;
+ }
+ if (clock_info)
+ {
+ *clock_info = this->clock_info;
+ }
+ if (pcr_select)
+ {
+ *pcr_select = this->pcr_select;
+ }
+}
+
+METHOD(tpm_tss_quote_info_t, get_ref, tpm_tss_quote_info_t*,
+ private_tpm_tss_quote_info_t *this)
+{
+ ref_get(&this->ref);
+
+ return &this->public;
+}
+
+METHOD(tpm_tss_quote_info_t, destroy, void,
+ private_tpm_tss_quote_info_t *this)
+{
+ if (ref_put(&this->ref))
+ {
+ chunk_free(&this->qualified_signer);
+ chunk_free(&this->clock_info);
+ chunk_free(&this->version_info);
+ chunk_free(&this->pcr_select);
+ chunk_free(&this->pcr_digest);
+ free(this);
+ }
+}
+
+/**
+ * See header
+ */
+tpm_tss_quote_info_t *tpm_tss_quote_info_create(tpm_quote_mode_t quote_mode,
+ hash_algorithm_t pcr_digest_alg, chunk_t pcr_digest)
+
+{
+ private_tpm_tss_quote_info_t *this;
+
+ INIT(this,
+ .public = {
+ .get_quote_mode = _get_quote_mode,
+ .get_pcr_digest_alg = _get_pcr_digest_alg,
+ .get_pcr_digest = _get_pcr_digest,
+ .get_quote = _get_quote,
+ .set_version_info = _set_version_info,
+ .get_version_info = _get_version_info,
+ .set_tpm2_info = _set_tpm2_info,
+ .get_tpm2_info = _get_tpm2_info,
+ .get_ref = _get_ref,
+ .destroy = _destroy,
+ },
+ .quote_mode = quote_mode,
+ .pcr_digest_alg = pcr_digest_alg,
+ .pcr_digest = chunk_clone(pcr_digest),
+ .ref = 1,
+ );
+
+ return &this->public;
+}
diff --git a/src/libtpmtss/tpm_tss_quote_info.h b/src/libtpmtss/tpm_tss_quote_info.h
new file mode 100644
index 000000000..5b1c45794
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_quote_info.h
@@ -0,0 +1,151 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tpm_tss_quote_info tpm_tss_quote_info
+ * @{ @ingroup libtpmtss
+ */
+
+#ifndef TPM_TSS_QUOTE_INFO_H_
+#define TPM_TSS_QUOTE_INFO_H_
+
+#include <library.h>
+
+#include <crypto/hashers/hasher.h>
+
+typedef enum tpm_quote_mode_t tpm_quote_mode_t;
+typedef struct tpm_tss_quote_info_t tpm_tss_quote_info_t;
+typedef struct tpm_tss_pcr_composite_t tpm_tss_pcr_composite_t;
+
+/**
+ * TPM Quote Modes
+ */
+enum tpm_quote_mode_t {
+ TPM_QUOTE_NONE,
+ TPM_QUOTE,
+ TPM_QUOTE2,
+ TPM_QUOTE2_VERSION_INFO,
+ TPM_QUOTE_TPM2
+};
+
+struct tpm_tss_pcr_composite_t {
+
+ /**
+ * Bit map of selected PCRs
+ */
+ chunk_t pcr_select;
+
+ /**
+ * Array of selected PCRs
+ */
+ chunk_t pcr_composite;
+
+};
+
+/**
+ * TPM Quote Information needed to verify the Quote Signature
+ */
+struct tpm_tss_quote_info_t {
+
+ /**
+ * Get TPM Quote Mode
+ *
+ * @return TPM Quote Mode
+ */
+ tpm_quote_mode_t (*get_quote_mode)(tpm_tss_quote_info_t *this);
+
+ /**
+ * Get PCR Composite digest algorithm
+ *
+ * @return PCR Composite digest algorithm
+ */
+ hash_algorithm_t (*get_pcr_digest_alg)(tpm_tss_quote_info_t *this);
+
+ /**
+ * Get PCR Composite digest
+ *
+ * @return PCR Composite digest
+ */
+ chunk_t (*get_pcr_digest)(tpm_tss_quote_info_t *this);
+
+ /**
+ * Get TPM Quote Info digest, the basis of the TPM Quote Singature
+ *
+ * @param nonce Derived from the Diffie-Hellman exchange
+ * @param composite PCR Composite as computed by IMV
+ * @param quoted Encoded TPM Quote
+ * @return TRUE if TPM Quote was successfully constructed
+ */
+ bool (*get_quote)(tpm_tss_quote_info_t *this, chunk_t nonce,
+ tpm_tss_pcr_composite_t *composite,
+ chunk_t *quoted);
+
+ /**
+ * Set TPM version info (needed for TPM 1.2)
+ *
+ * @param version_info TPM 1.2 version info
+ */
+ void (*set_version_info)(tpm_tss_quote_info_t *this, chunk_t version_info);
+
+ /**
+ * Get TPM 2.0 version info (needed for TPM 2.0)
+ *
+ * @return TPM 2.0 firmwareVersioin
+ */
+ chunk_t (*get_version_info)(tpm_tss_quote_info_t *this);
+
+ /**
+ * Set TPM 2.0 info parameters (needed for TPM 2.0)
+ *
+ * @param qualified_signer TPM 2.0 qualifiedSigner
+ * @param clock_info TPM 2.0 clockInfo
+ * @param pcr_select TPM 2.0 pcrSelect
+ */
+ void (*set_tpm2_info)(tpm_tss_quote_info_t *this, chunk_t qualified_signer,
+ chunk_t clock_info, chunk_t pcr_select);
+
+
+ /**
+ * Get TPM 2.0 info parameters (needed for TPM 2.0)
+ *
+ * @param qualified_signer TPM 2.0 qualifiedSigner
+ * @param clock_info TPM 2.0 clockInfo
+ * @param pcr_select TPM 2.0 pcrSelect
+ */
+ void (*get_tpm2_info)(tpm_tss_quote_info_t *this, chunk_t *qualified_signer,
+ chunk_t *clock_info, chunk_t *pcr_select);
+
+ /**
+ * Get reference to Quote Info object.
+ */
+ tpm_tss_quote_info_t* (*get_ref)(tpm_tss_quote_info_t *this);
+
+ /**
+ * Destroy a tpm_tss_quote_info_t.
+ */
+ void (*destroy)(tpm_tss_quote_info_t *this);
+};
+
+/**
+ * Create a tpm_tss_quote_info instance.
+ *
+ * @param quote_mode TPM Quote mode
+ * @param pcr_digest_alg PCR Composite digest algorithm
+ * @param pcr_digest PCR Composite digest
+ */
+tpm_tss_quote_info_t *tpm_tss_quote_info_create(tpm_quote_mode_t quote_mode,
+ hash_algorithm_t pcr_digest_alg, chunk_t pcr_digest);
+
+#endif /** TPM_TSS_QUOTE_INFO_H_ @}*/
diff --git a/src/libtpmtss/tpm_tss_trousers.c b/src/libtpmtss/tpm_tss_trousers.c
new file mode 100644
index 000000000..8be3ad877
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_trousers.c
@@ -0,0 +1,655 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (c) 2008 Hal Finney
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "tpm_tss_trousers.h"
+
+#ifdef TSS_TROUSERS
+
+#ifdef _BASETSD_H_
+/* MinGW defines _BASETSD_H_, but TSS checks for _BASETSD_H */
+# define _BASETSD_H
+#endif
+
+#include <trousers/tss.h>
+#include <trousers/trousers.h>
+
+#define LABEL "TPM 1.2 -"
+
+/* size in bytes of a TSS AIK public key blob */
+#define AIK_PUBKEY_BLOB_SIZE 284
+
+/* maximum number of PCR registers */
+#define PCR_NUM_MAX 24
+
+typedef struct private_tpm_tss_trousers_t private_tpm_tss_trousers_t;
+typedef struct aik_t aik_t;
+
+/**
+ * Private data of an tpm_tss_trousers_t object.
+ */
+struct private_tpm_tss_trousers_t {
+
+ /**
+ * Public tpm_tss_trousers_t interface.
+ */
+ tpm_tss_trousers_t interface;
+
+ /**
+ * TSS context
+ */
+ TSS_HCONTEXT hContext;
+
+ /**
+ * TPM handle
+ */
+ TSS_HTPM hTPM;
+
+ /**
+ * TPM version info
+ */
+ chunk_t version_info;
+
+ /**
+ * List of AIKs retrievable by an object handle
+ */
+ linked_list_t *aik_list;
+
+};
+
+struct aik_t {
+ /** AIK object handle */
+ uint32_t handle;
+
+ /** AIK private key blob */
+ chunk_t blob;
+
+ /** AIK public key */
+ chunk_t pubkey;
+};
+
+static void free_aik(aik_t *this)
+{
+ free(this->blob.ptr);
+ free(this->pubkey.ptr);
+ free(this);
+}
+
+/**
+ * Initialize TSS context
+ *
+ * TPM 1.2 Specification, Part 2 TPM Structures, 21.6 TPM_CAP_VERSION_INFO
+ *
+ * typedef struct tdTPM_VERSION {
+ * TPM_VERSION_BYTE major;
+ * TPM_VERSION_BYTE minor;
+ * BYTE revMajor;
+ * BYTE revMinor;
+ * } TPM_VERSION;
+ *
+ * typedef struct tdTPM_CAP_VERSION_INFO {
+ * TPM_STRUCTURE_TAG tag;
+ * TPM_VERSION version;
+ * UINT16 specLevel;
+ * BYTE errataRev;
+ * BYTE tpmVendorID[4];
+ * UINT16 vendorSpecificSize;
+ * [size_is(vendorSpecificSize)] BYTE* vendorSpecific;
+ * } TPM_CAP_VERSION_INFO;
+ */
+static bool initialize_context(private_tpm_tss_trousers_t *this)
+{
+ uint8_t *version_ptr;
+ uint32_t version_len;
+
+ TSS_RESULT result;
+ TPM_CAP_VERSION_INFO *info;
+
+ result = Tspi_Context_Create(&this->hContext);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not created context: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ result = Tspi_Context_Connect(this->hContext, NULL);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not connect with context: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ result = Tspi_Context_GetTpmObject (this->hContext, &this->hTPM);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not get TPM object: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ result = Tspi_TPM_GetCapability(this->hTPM, TSS_TPMCAP_VERSION_VAL, 0,
+ NULL, &version_len, &version_ptr);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_TPM_GetCapability failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ info = (TPM_CAP_VERSION_INFO *)version_ptr;
+ DBG2(DBG_PTS, "TPM Version Info: Chip Version: %u.%u.%u.%u, "
+ "Spec Level: %u, Errata Rev: %u, Vendor ID: %.4s",
+ info->version.major, info->version.minor,
+ info->version.revMajor, info->version.revMinor,
+ untoh16(&info->specLevel), info->errataRev, info->tpmVendorID);
+
+ this->version_info = chunk_clone(chunk_create(version_ptr, version_len));
+
+ return TRUE;
+}
+
+/**
+ * Finalize TSS context
+ */
+static void finalize_context(private_tpm_tss_trousers_t *this)
+{
+ if (this->hContext)
+ {
+ Tspi_Context_FreeMemory(this->hContext, NULL);
+ Tspi_Context_Close(this->hContext);
+ }
+}
+
+METHOD(tpm_tss_t, get_version, tpm_version_t,
+ private_tpm_tss_trousers_t *this)
+{
+ return TPM_VERSION_1_2;
+}
+
+METHOD(tpm_tss_t, get_version_info, chunk_t,
+ private_tpm_tss_trousers_t *this)
+{
+ return this->version_info;
+}
+
+METHOD(tpm_tss_t, generate_aik, bool,
+ private_tpm_tss_trousers_t *this, chunk_t ca_modulus, chunk_t *aik_blob,
+ chunk_t *aik_pubkey, chunk_t *identity_req)
+{
+ chunk_t aik_pubkey_blob;
+ chunk_t aik_modulus;
+ chunk_t aik_exponent;
+
+ TSS_RESULT result;
+ TSS_HKEY hSRK;
+ TSS_HKEY hPCAKey;
+ TSS_HPOLICY hSrkPolicy;
+ TSS_HPOLICY hTPMPolicy;
+ TSS_HKEY hIdentKey;
+ TSS_UUID SRK_UUID = TSS_UUID_SRK;
+ BYTE secret[] = TSS_WELL_KNOWN_SECRET;
+ BYTE *IdentityReq;
+ UINT32 IdentityReqLen;
+ BYTE *blob;
+ UINT32 blobLen;
+
+ /* get SRK plus SRK policy and set SRK secret */
+ result = Tspi_Context_LoadKeyByUUID(this->hContext, TSS_PS_TYPE_SYSTEM,
+ SRK_UUID, &hSRK);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_LoadKeyByUUID for SRK failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSrkPolicy);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_GetPolicyObject or SRK failed: 0x%x ",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_Policy_SetSecret(hSrkPolicy, TSS_SECRET_MODE_SHA1, 20, secret);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Policy_SetSecret for SRK failed: 0x%x ",
+ LABEL, result);
+ return FALSE;
+ }
+
+ /* get TPM plus TPM policy and set TPM secret */
+ result = Tspi_Context_GetTpmObject (this->hContext, &this->hTPM);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_GetTpmObject failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_GetPolicyObject(this->hTPM, TSS_POLICY_USAGE, &hTPMPolicy);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_GetPolicyObject for TPM failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_SHA1, 20, secret);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS,"%s Tspi_Policy_SetSecret for TPM failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ /* create context for a 2048 bit AIK */
+ result = Tspi_Context_CreateObject(this->hContext, TSS_OBJECT_TYPE_RSAKEY,
+ TSS_KEY_TYPE_IDENTITY | TSS_KEY_SIZE_2048 |
+ TSS_KEY_VOLATILE | TSS_KEY_NOT_MIGRATABLE, &hIdentKey);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_CreateObject for key failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ /* create context for the Privacy CA public key and assign modulus */
+ result = Tspi_Context_CreateObject(this->hContext, TSS_OBJECT_TYPE_RSAKEY,
+ TSS_KEY_TYPE_LEGACY|TSS_KEY_SIZE_2048, &hPCAKey);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_CreateObject for PCA failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_SetAttribData (hPCAKey, TSS_TSPATTRIB_RSAKEY_INFO,
+ TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, ca_modulus.len,
+ ca_modulus.ptr);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_SetAttribData for PCA modulus failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_SetAttribUint32(hPCAKey, TSS_TSPATTRIB_KEY_INFO,
+ TSS_TSPATTRIB_KEYINFO_ENCSCHEME, TSS_ES_RSAESPKCSV15);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS,"%s Tspi_SetAttribUint32 for PCA encryption scheme "
+ "failed: 0x%x", LABEL, result);
+ return FALSE;
+ }
+
+ /* generate AIK */
+ DBG1(DBG_LIB, "Generating identity key...");
+ result = Tspi_TPM_CollateIdentityRequest(this->hTPM, hSRK, hPCAKey, 0, NULL,
+ hIdentKey, TSS_ALG_AES, &IdentityReqLen, &IdentityReq);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_TPM_CollateIdentityRequest failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ *identity_req = chunk_create(IdentityReq, IdentityReqLen);
+ DBG3(DBG_LIB, "%s Identity Request: %B", LABEL, identity_req);
+
+ /* load identity key */
+ result = Tspi_Key_LoadKey (hIdentKey, hSRK);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Key_LoadKey for AIK failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ /* output AIK private key in TSS blob format */
+ result = Tspi_GetAttribData (hIdentKey, TSS_TSPATTRIB_KEY_BLOB,
+ TSS_TSPATTRIB_KEYBLOB_BLOB, &blobLen, &blob);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_GetAttribData for private key blob failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ *aik_blob = chunk_create(blob, blobLen);
+ DBG3(DBG_LIB, "%s AIK private key blob: %B", LABEL, aik_blob);
+
+ /* output AIK Public Key in TSS blob format */
+ result = Tspi_GetAttribData (hIdentKey, TSS_TSPATTRIB_KEY_BLOB,
+ TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobLen, &blob);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_GetAttribData for public key blob failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ aik_pubkey_blob = chunk_create(blob, blobLen);
+ DBG3(DBG_LIB, "%s AIK public key blob: %B", LABEL, &aik_pubkey_blob);
+
+ /* create a trusted AIK public key */
+ if (aik_pubkey_blob.len != AIK_PUBKEY_BLOB_SIZE)
+ {
+ DBG1(DBG_PTS, "%s AIK public key is not in TSS blob format",
+ LABEL);
+ return FALSE;
+ }
+ aik_modulus = chunk_skip(aik_pubkey_blob, AIK_PUBKEY_BLOB_SIZE - 256);
+ aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+
+ /* output subjectPublicKeyInfo encoding of AIK public key */
+ if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER, NULL,
+ aik_pubkey, CRED_PART_RSA_MODULUS, aik_modulus,
+ CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
+ {
+ DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of AIK key failed",
+ LABEL);
+ return FALSE;
+ }
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, get_public, chunk_t,
+ private_tpm_tss_trousers_t *this, uint32_t handle)
+{
+ enumerator_t *enumerator;
+ chunk_t aik_pubkey = chunk_empty;
+ aik_t *aik;
+
+ enumerator = this->aik_list->create_enumerator(this->aik_list);
+ while (enumerator->enumerate(enumerator, &aik))
+ {
+ if (aik->handle == handle)
+ {
+ aik_pubkey = chunk_clone(aik->pubkey);
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ return aik_pubkey;
+}
+
+METHOD(tpm_tss_t, read_pcr, bool,
+ private_tpm_tss_trousers_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ hash_algorithm_t alg)
+{
+ TSS_RESULT result;
+ uint8_t *value;
+ uint32_t len;
+
+ result = Tspi_TPM_PcrRead(this->hTPM, pcr_num, &len, &value);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_TPM_PcrRead failed: 0x%x", LABEL, result);
+ return FALSE;
+ }
+ *pcr_value = chunk_clone(chunk_create(value, len));
+
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, extend_pcr, bool,
+ private_tpm_tss_trousers_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ chunk_t data, hash_algorithm_t alg)
+{
+ TSS_RESULT result;
+ uint32_t pcr_len;
+ uint8_t *pcr_ptr;
+
+ result = Tspi_TPM_PcrExtend(this->hTPM, pcr_num, data.len, data.ptr,
+ NULL, &pcr_len, &pcr_ptr);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_TPM_PcrExtend failed: 0x%x", LABEL, result);
+ return FALSE;
+ }
+ *pcr_value = chunk_clone(chunk_create(pcr_ptr, pcr_len));
+
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, quote, bool,
+ private_tpm_tss_trousers_t *this, uint32_t aik_handle, uint32_t pcr_sel,
+ hash_algorithm_t alg, chunk_t data, tpm_quote_mode_t *quote_mode,
+ tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig)
+{
+ TSS_HKEY hAIK;
+ TSS_HKEY hSRK;
+ TSS_HPOLICY srkUsagePolicy;
+ TSS_UUID SRK_UUID = TSS_UUID_SRK;
+ TSS_HPCRS hPcrComposite;
+ TSS_VALIDATION valData;
+ TSS_RESULT result;
+ uint8_t secret[] = TSS_WELL_KNOWN_SECRET;
+ uint8_t *version_info, *comp_hash;
+ uint32_t version_info_size, pcr;
+ aik_t *aik;
+ chunk_t aik_blob = chunk_empty;
+ chunk_t quote_chunk, pcr_digest;
+ enumerator_t *enumerator;
+ bool success = FALSE;
+
+ /* Retrieve SRK from TPM and set the authentication to well known secret*/
+ result = Tspi_Context_LoadKeyByUUID(this->hContext, TSS_PS_TYPE_SYSTEM,
+ SRK_UUID, &hSRK);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_LoadKeyByUUID for SRK failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_GetPolicyObject for SRK failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+ result = Tspi_Policy_SetSecret(srkUsagePolicy, TSS_SECRET_MODE_SHA1,
+ 20, secret);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Policy_SetSecret for SRK failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ /* Retrieve AIK using its handle and load private key into TPM 1.2 */
+ enumerator = this->aik_list->create_enumerator(this->aik_list);
+ while (enumerator->enumerate(enumerator, &aik))
+ {
+ if (aik->handle == aik_handle)
+ {
+ aik_blob = aik->blob;
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (aik_blob.len == 0)
+ {
+ DBG1(DBG_PTS, "%s AIK private key for handle 0x%80x not found", LABEL);
+ return FALSE;
+ }
+ result = Tspi_Context_LoadKeyByBlob(this->hContext, hSRK, aik_blob.len,
+ aik_blob.ptr, &hAIK);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_LoadKeyByBlob for AIK failed: 0x%x",
+ LABEL, result);
+ return FALSE;
+ }
+
+ /* Create PCR composite object */
+ result = Tspi_Context_CreateObject(this->hContext, TSS_OBJECT_TYPE_PCRS,
+ (*quote_mode == TPM_QUOTE) ? TSS_PCRS_STRUCT_INFO :
+ TSS_PCRS_STRUCT_INFO_SHORT,
+ &hPcrComposite);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_Context_CreateObject for pcrComposite failed: "
+ "0x%x", LABEL, result);
+ goto err1;
+ }
+
+ /* Select PCRs */
+ for (pcr = 0; pcr < PCR_NUM_MAX; pcr++)
+ {
+ if (pcr_sel & (1 << pcr))
+ {
+ result = (*quote_mode == TPM_QUOTE) ?
+ Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcr) :
+ Tspi_PcrComposite_SelectPcrIndexEx(hPcrComposite, pcr,
+ TSS_PCRS_DIRECTION_RELEASE);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_PcrComposite_SelectPcrIndex failed: "
+ "0x%x", LABEL, result);
+ goto err2;
+ }
+ }
+ }
+
+ /* Set the Validation Data */
+ valData.ulExternalDataLength = data.len;
+ valData.rgbExternalData = data.ptr;
+
+ /* TPM Quote */
+ result = (*quote_mode == TPM_QUOTE) ?
+ Tspi_TPM_Quote (this->hTPM, hAIK, hPcrComposite, &valData) :
+ Tspi_TPM_Quote2(this->hTPM, hAIK,
+ *quote_mode == TPM_QUOTE2_VERSION_INFO,
+ hPcrComposite, &valData, &version_info_size,
+ &version_info);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s Tspi_TPM_Quote%s failed: 0x%x", LABEL,
+ (*quote_mode == TPM_QUOTE) ? "" : "2", result);
+ goto err2;
+ }
+
+ if (*quote_mode == TPM_QUOTE)
+ {
+ /* TPM_Composite_Hash starts at byte 8 of TPM_Quote_Info structure */
+ comp_hash = valData.rgbData + 8;
+ }
+ else
+ {
+ /* TPM_Composite_Hash is last 20 bytes of TPM_Quote_Info2 structure */
+ comp_hash = valData.rgbData + valData.ulDataLength - version_info_size -
+ HASH_SIZE_SHA1;
+ }
+ pcr_digest = chunk_create(comp_hash, HASH_SIZE_SHA1);
+ DBG2(DBG_PTS, "PCR composite digest: %B", &pcr_digest);
+
+ quote_chunk = chunk_create(valData.rgbData, valData.ulDataLength);
+ DBG2(DBG_PTS, "TPM Quote Info: %B", &quote_chunk);
+
+ *quote_info = tpm_tss_quote_info_create(*quote_mode, HASH_SHA1, pcr_digest);
+
+ *quote_sig = chunk_clone(chunk_create(valData.rgbValidationData,
+ valData.ulValidationDataLength));
+ DBG2(DBG_PTS, "TPM Quote Signature: %B", quote_sig);
+
+ success = TRUE;
+
+err2:
+ Tspi_Context_CloseObject(this->hContext, hPcrComposite);
+err1:
+ Tspi_Context_CloseObject(this->hContext, hAIK);
+
+ return success;
+}
+
+METHOD(tpm_tss_t, destroy, void,
+ private_tpm_tss_trousers_t *this)
+{
+ finalize_context(this);
+ this->aik_list->destroy_function(this->aik_list, (void*)free_aik);
+ free(this->version_info.ptr);
+ free(this);
+}
+
+METHOD(tpm_tss_trousers_t, load_aik, void,
+ private_tpm_tss_trousers_t *this, chunk_t blob, chunk_t pubkey,
+ uint32_t handle)
+{
+ aik_t *item;
+
+ INIT(item,
+ .handle = handle,
+ .blob = blob,
+ .pubkey = pubkey,
+ );
+
+ this->aik_list->insert_last(this->aik_list, item);
+}
+
+/**
+ * See header
+ */
+tpm_tss_t *tpm_tss_trousers_create()
+{
+ private_tpm_tss_trousers_t *this;
+ bool available;
+
+ INIT(this,
+ .interface = {
+ .public = {
+ .get_version = _get_version,
+ .get_version_info = _get_version_info,
+ .generate_aik = _generate_aik,
+ .get_public = _get_public,
+ .read_pcr = _read_pcr,
+ .quote = _quote,
+ .extend_pcr = _extend_pcr,
+ .destroy = _destroy,
+ },
+ .load_aik = _load_aik,
+ },
+ .aik_list = linked_list_create(),
+ );
+
+ available = initialize_context(this);
+ DBG1(DBG_PTS, "TPM 1.2 via TrouSerS %savailable", available ? "" : "not ");
+
+ if (!available)
+ {
+ destroy(this);
+ return NULL;
+ }
+ return &this->interface.public;
+}
+
+#else /* TSS_TROUSERS */
+
+tpm_tss_t *tpm_tss_trousers_create()
+{
+ return NULL;
+}
+
+#endif /* TSS_TROUSERS */
+
+
+
diff --git a/src/libtpmtss/tpm_tss_trousers.h b/src/libtpmtss/tpm_tss_trousers.h
new file mode 100644
index 000000000..3afba0db2
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_trousers.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tpm_tss_trousers tpm_tss_trousers
+ * @{ @ingroup libtpmtss
+ */
+
+#ifndef TPM_TSS_TROUSERS_H_
+#define TPM_TSS_TROUSERS_H_
+
+#include "tpm_tss.h"
+
+typedef struct tpm_tss_trousers_t tpm_tss_trousers_t;
+
+/**
+ * TPM 1.2 access via TrouSerS public interface
+ */
+struct tpm_tss_trousers_t {
+
+ tpm_tss_t public;
+
+ /**
+ * Load AIK public and private key pair and save it under an object handle
+ *
+ * @param blob encrypted AIK private key
+ * @param pubkey AIK public key
+ * @param handle object handle under which the AIK key is stored
+ */
+ void (*load_aik)(tpm_tss_trousers_t *this, chunk_t blob, chunk_t pubkey,
+ uint32_t handle);
+
+};
+
+/**
+ * Create a tpm_tss_trousers instance.
+ */
+tpm_tss_t *tpm_tss_trousers_create();
+
+#endif /** TPM_TSS_TROUSERS_H_ @}*/
diff --git a/src/libtpmtss/tpm_tss_tss2.c b/src/libtpmtss/tpm_tss_tss2.c
new file mode 100644
index 000000000..39d9f2e4d
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_tss2.c
@@ -0,0 +1,696 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "tpm_tss_tss2.h"
+#include "tpm_tss_tss2_names.h"
+
+#ifdef TSS_TSS2
+
+#include <asn1/asn1.h>
+#include <asn1/oid.h>
+#include <bio/bio_reader.h>
+
+#include <tss2/tpm20.h>
+#include <tcti/tcti_socket.h>
+
+#define LABEL "TPM 2.0 -"
+
+typedef struct private_tpm_tss_tss2_t private_tpm_tss_tss2_t;
+
+/**
+ * Private data of an tpm_tss_tss2_t object.
+ */
+struct private_tpm_tss_tss2_t {
+
+ /**
+ * Public tpm_tss_tss2_t interface.
+ */
+ tpm_tss_t public;
+
+ /**
+ * TCTI context
+ */
+ TSS2_TCTI_CONTEXT *tcti_context;
+
+ /**
+ * SYS context
+ */
+ TSS2_SYS_CONTEXT *sys_context;
+
+ /**
+ * Number of supported algorithms
+ */
+ size_t supported_algs_count;
+
+ /**
+ * List of supported algorithms
+ */
+ TPM_ALG_ID supported_algs[TPM_PT_ALGORITHM_SET];
+};
+
+/**
+ * Some symbols required by libtctisocket
+ */
+FILE *outFp;
+uint8_t simulator = 1;
+
+int TpmClientPrintf (uint8_t type, const char *format, ...)
+{
+ return 0;
+}
+
+/**
+ * Convert hash algorithm to TPM_ALG_ID
+ */
+static TPM_ALG_ID hash_alg_to_tpm_alg_id(hash_algorithm_t alg)
+{
+ switch (alg)
+ {
+ case HASH_SHA1:
+ return TPM_ALG_SHA1;
+ case HASH_SHA256:
+ return TPM_ALG_SHA256;
+ case HASH_SHA384:
+ return TPM_ALG_SHA384;
+ case HASH_SHA512:
+ return TPM_ALG_SHA512;
+ default:
+ return TPM_ALG_ERROR;
+ }
+}
+
+/**
+ * Convert TPM_ALG_ID to hash algorithm
+ */
+static hash_algorithm_t hash_alg_from_tpm_alg_id(TPM_ALG_ID alg)
+{
+ switch (alg)
+ {
+ case TPM_ALG_SHA1:
+ return HASH_SHA1;
+ case TPM_ALG_SHA256:
+ return HASH_SHA256;
+ case TPM_ALG_SHA384:
+ return HASH_SHA384;
+ case TPM_ALG_SHA512:
+ return HASH_SHA512;
+ default:
+ return HASH_UNKNOWN;
+ }
+}
+
+/**
+ * Check if an algorithm given by its TPM_ALG_ID is supported by the TPM
+ */
+static bool is_supported_alg(private_tpm_tss_tss2_t *this, TPM_ALG_ID alg_id)
+{
+ int i;
+
+ if (alg_id == TPM_ALG_ERROR)
+ {
+ return FALSE;
+ }
+
+ for (i = 0; i < this->supported_algs_count; i++)
+ {
+ if (this->supported_algs[i] == alg_id)
+ {
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
+/**
+ * Get a list of supported algorithms
+ */
+static bool get_algs_capability(private_tpm_tss_tss2_t *this)
+{
+ TPMS_CAPABILITY_DATA cap_data;
+ TPMI_YES_NO more_data;
+ TPM_ALG_ID alg;
+ uint32_t rval, i;
+ size_t len = BUF_LEN;
+ char buf[BUF_LEN];
+ char *pos = buf;
+ int written;
+
+ /* get supported algorithms */
+ rval = Tss2_Sys_GetCapability(this->sys_context, 0, TPM_CAP_ALGS,
+ 0, TPM_PT_ALGORITHM_SET, &more_data, &cap_data, 0);
+ if (rval != TPM_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s GetCapability failed for TPM_CAP_ALGS: 0x%06x",
+ LABEL, rval);
+ return FALSE;
+ }
+
+ /* Number of supported algorithms */
+ this->supported_algs_count = cap_data.data.algorithms.count;
+
+ /* store and print supported algorithms */
+ for (i = 0; i < this->supported_algs_count; i++)
+ {
+ alg = cap_data.data.algorithms.algProperties[i].alg;
+ this->supported_algs[i] = alg;
+
+ written = snprintf(pos, len, " %N", tpm_alg_id_names, alg);
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
+ pos += written;
+ len -= written;
+ }
+ DBG2(DBG_PTS, "%s algorithms:%s", LABEL, buf);
+
+ /* get supported ECC curves */
+ rval = Tss2_Sys_GetCapability(this->sys_context, 0, TPM_CAP_ECC_CURVES,
+ 0, TPM_PT_LOADED_CURVES, &more_data, &cap_data, 0);
+ if (rval != TPM_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s GetCapability failed for TPM_ECC_CURVES: 0x%06x",
+ LABEL, rval);
+ return FALSE;
+ }
+
+ /* reset print buffer */
+ pos = buf;
+ len = BUF_LEN;
+
+ /* print supported ECC curves */
+ for (i = 0; i < cap_data.data.eccCurves.count; i++)
+ {
+ written = snprintf(pos, len, " %N", tpm_ecc_curve_names,
+ cap_data.data.eccCurves.eccCurves[i]);
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
+ pos += written;
+ len -= written;
+ }
+ DBG2(DBG_PTS, "%s ECC curves:%s", LABEL, buf);
+
+ return TRUE;
+}
+
+/**
+ * Initialize TSS context
+ */
+static bool initialize_context(private_tpm_tss_tss2_t *this)
+{
+ size_t tcti_context_size;
+ uint32_t sys_context_size;
+ uint32_t rval;
+
+ TCTI_SOCKET_CONF rm_if_config = { DEFAULT_HOSTNAME,
+ DEFAULT_RESMGR_TPM_PORT
+ };
+
+ TSS2_ABI_VERSION abi_version = { TSSWG_INTEROP,
+ TSS_SAPI_FIRST_FAMILY,
+ TSS_SAPI_FIRST_LEVEL,
+ TSS_SAPI_FIRST_VERSION
+ };
+
+ /* determine size of tcti context */
+ rval = InitSocketTcti(NULL, &tcti_context_size, &rm_if_config, 0);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not get tcti_context size: 0x%06x",
+ LABEL, rval);
+ return FALSE;
+ }
+
+ /* allocate memory for tcti context */
+ this->tcti_context = (TSS2_TCTI_CONTEXT*)malloc(tcti_context_size);
+
+ /* initialize tcti context */
+ rval = InitSocketTcti(this->tcti_context, &tcti_context_size,
+ &rm_if_config, 0);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not get tcti_context: 0x%06x",
+ LABEL, rval);
+ return FALSE;
+ }
+
+ /* determine size of sys context */
+ sys_context_size = Tss2_Sys_GetContextSize(0);
+
+ /* allocate memory for sys context */
+ this->sys_context = malloc(sys_context_size);
+
+ /* initialize sys context */
+ rval = Tss2_Sys_Initialize(this->sys_context, sys_context_size,
+ this->tcti_context, &abi_version);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not get sys_context: 0x%06x",
+ LABEL, rval);
+ return FALSE;
+ }
+
+ /* get a list of supported algorithms and ECC curves */
+ return get_algs_capability(this);
+}
+
+/**
+ * Finalize TSS context
+ */
+static void finalize_context(private_tpm_tss_tss2_t *this)
+{
+ if (this->tcti_context)
+ {
+ TeardownSocketTcti(this->tcti_context);
+ }
+ if (this->sys_context)
+ {
+ Tss2_Sys_Finalize(this->sys_context);
+ free(this->sys_context);
+ }
+}
+
+METHOD(tpm_tss_t, get_version, tpm_version_t,
+ private_tpm_tss_tss2_t *this)
+{
+ return TPM_VERSION_2_0;
+}
+
+METHOD(tpm_tss_t, get_version_info, chunk_t,
+ private_tpm_tss_tss2_t *this)
+{
+ return chunk_empty;
+}
+
+/**
+ * read the public key portion of a TSS 2.0 AIK key from NVRAM
+ */
+bool read_public(private_tpm_tss_tss2_t *this, TPMI_DH_OBJECT handle,
+ TPM2B_PUBLIC *public)
+{
+ uint32_t rval;
+
+ TPM2B_NAME name = { { sizeof(TPM2B_NAME)-2, } };
+ TPM2B_NAME qualified_name = { { sizeof(TPM2B_NAME)-2, } };
+
+ TPMS_AUTH_RESPONSE session_data;
+ TSS2_SYS_RSP_AUTHS sessions_data;
+ TPMS_AUTH_RESPONSE *session_data_array[1];
+
+ session_data_array[0] = &session_data;
+ sessions_data.rspAuths = &session_data_array[0];
+ sessions_data.rspAuthsCount = 1;
+
+ /* always send simulator platform command, ignored by true RM */
+ PlatformCommand(this->tcti_context ,MS_SIM_POWER_ON );
+ PlatformCommand(this->tcti_context, MS_SIM_NV_ON );
+
+ /* read public key for a given object handle from TPM 2.0 NVRAM */
+ rval = Tss2_Sys_ReadPublic(this->sys_context, handle, 0, public, &name,
+ &qualified_name, &sessions_data);
+
+ PlatformCommand(this->tcti_context, MS_SIM_POWER_OFF);
+
+ if (rval != TPM_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s could not read public key from handle 0x%08x: 0x%06x",
+ LABEL, handle, rval);
+ return FALSE;
+ }
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, generate_aik, bool,
+ private_tpm_tss_tss2_t *this, chunk_t ca_modulus, chunk_t *aik_blob,
+ chunk_t *aik_pubkey, chunk_t *identity_req)
+{
+ return FALSE;
+}
+
+METHOD(tpm_tss_t, get_public, chunk_t,
+ private_tpm_tss_tss2_t *this, uint32_t handle)
+{
+ TPM2B_PUBLIC public = { { 0, } };
+ TPM_ALG_ID sig_alg, digest_alg;
+ chunk_t aik_blob, aik_pubkey = chunk_empty;
+
+ if (!read_public(this, handle, &public))
+ {
+ return chunk_empty;
+ }
+
+ aik_blob = chunk_create((u_char*)&public, sizeof(public));
+ DBG3(DBG_LIB, "%s AIK public key blob: %B", LABEL, &aik_blob);
+
+ /* convert TSS 2.0 AIK public key blot into PKCS#1 format */
+ switch (public.t.publicArea.type)
+ {
+ case TPM_ALG_RSA:
+ {
+ TPM2B_PUBLIC_KEY_RSA *rsa;
+ TPMT_RSA_SCHEME *scheme;
+ chunk_t aik_exponent, aik_modulus;
+
+ scheme = &public.t.publicArea.parameters.rsaDetail.scheme;
+ sig_alg = scheme->scheme;
+ digest_alg = scheme->details.anySig.hashAlg;
+
+ rsa = &public.t.publicArea.unique.rsa;
+ aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
+ aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+
+ /* subjectPublicKeyInfo encoding of AIK RSA key */
+ if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
+ NULL, &aik_pubkey, CRED_PART_RSA_MODULUS, aik_modulus,
+ CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
+ {
+ DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of AIK key "
+ "failed", LABEL);
+ }
+ break;
+ }
+ case TPM_ALG_ECC:
+ {
+ TPMS_ECC_POINT *ecc;
+ TPMT_ECC_SCHEME *scheme;
+ chunk_t ecc_point;
+ uint8_t *pos;
+
+ scheme = &public.t.publicArea.parameters.eccDetail.scheme;
+ sig_alg = scheme->scheme;
+ digest_alg = scheme->details.anySig.hashAlg;
+
+ ecc = &public.t.publicArea.unique.ecc;
+
+ /* allocate space for bit string */
+ pos = asn1_build_object(&ecc_point, ASN1_BIT_STRING,
+ 2 + ecc->x.t.size + ecc->y.t.size);
+ /* bit string length is a multiple of octets */
+ *pos++ = 0x00;
+ /* uncompressed ECC point format */
+ *pos++ = 0x04;
+ /* copy x coordinate of ECC point */
+ memcpy(pos, ecc->x.t.buffer, ecc->x.t.size);
+ pos += ecc->x.t.size;
+ /* copy y coordinate of ECC point */
+ memcpy(pos, ecc->y.t.buffer, ecc->y.t.size);
+ /* subjectPublicKeyInfo encoding of AIK ECC key */
+ aik_pubkey = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_build_known_oid(OID_EC_PUBLICKEY),
+ asn1_build_known_oid(ecc->x.t.size == 32 ?
+ OID_PRIME256V1 : OID_SECT384R1)),
+ ecc_point);
+ break;
+ }
+ default:
+ DBG1(DBG_PTS, "%s unsupported AIK key type", LABEL);
+ return chunk_empty;
+ }
+ DBG1(DBG_PTS, "AIK signature algorithm is %N with %N hash",
+ tpm_alg_id_names, sig_alg, tpm_alg_id_names, digest_alg);
+ return aik_pubkey;
+}
+
+/**
+ * Configure a PCR Selection assuming a maximum of 24 registers
+ */
+static bool init_pcr_selection(private_tpm_tss_tss2_t *this, uint32_t pcrs,
+ hash_algorithm_t alg, TPML_PCR_SELECTION *pcr_sel)
+{
+ TPM_ALG_ID alg_id;
+ uint32_t pcr;
+
+ /* check if hash algorithm is supported by TPM */
+ alg_id = hash_alg_to_tpm_alg_id(alg);
+ if (!is_supported_alg(this, alg_id))
+ {
+ DBG1(DBG_PTS, "%s %N hash algorithm not supported by TPM",
+ LABEL, hash_algorithm_short_names, alg);
+ return FALSE;
+ }
+
+ /* initialize the PCR Selection structure,*/
+ pcr_sel->count = 1;
+ pcr_sel->pcrSelections[0].hash = alg_id;
+ pcr_sel->pcrSelections[0].sizeofSelect = 3;
+ pcr_sel->pcrSelections[0].pcrSelect[0] = 0;
+ pcr_sel->pcrSelections[0].pcrSelect[1] = 0;
+ pcr_sel->pcrSelections[0].pcrSelect[2] = 0;
+
+ /* set the selected PCRs */
+ for (pcr = 0; pcr < PLATFORM_PCR; pcr++)
+ {
+ if (pcrs & (1 << pcr))
+ {
+ pcr_sel->pcrSelections[0].pcrSelect[pcr / 8] |= ( 1 << (pcr % 8) );
+ }
+ }
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, read_pcr, bool,
+ private_tpm_tss_tss2_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ hash_algorithm_t alg)
+{
+ TPML_PCR_SELECTION pcr_selection;
+ TPML_DIGEST pcr_values;
+
+ uint32_t pcr_update_counter, rval;
+ uint8_t *pcr_value_ptr;
+ size_t pcr_value_len;
+
+ if (pcr_num >= PLATFORM_PCR)
+ {
+ DBG1(DBG_PTS, "%s maximum number of supported PCR is %d",
+ LABEL, PLATFORM_PCR);
+ return FALSE;
+ }
+
+ if (!init_pcr_selection(this, (1 << pcr_num), alg, &pcr_selection))
+ {
+ return FALSE;
+ }
+
+ /* initialize the PCR Digest structure */
+ memset(&pcr_values, 0, sizeof(TPML_DIGEST));
+
+ /* read the PCR value */
+ rval = Tss2_Sys_PCR_Read(this->sys_context, 0, &pcr_selection,
+ &pcr_update_counter, &pcr_selection, &pcr_values, 0);
+ if (rval != TPM_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, "%s PCR bank could not be read: 0x%60x",
+ LABEL, rval);
+ return FALSE;
+ }
+ pcr_value_ptr = (uint8_t *)pcr_values.digests[0].t.buffer;
+ pcr_value_len = (size_t) pcr_values.digests[0].t.size;
+
+ *pcr_value = chunk_clone(chunk_create(pcr_value_ptr, pcr_value_len));
+
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, extend_pcr, bool,
+ private_tpm_tss_tss2_t *this, uint32_t pcr_num, chunk_t *pcr_value,
+ chunk_t data, hash_algorithm_t alg)
+{
+ /* TODO */
+ return FALSE;
+}
+
+METHOD(tpm_tss_t, quote, bool,
+ private_tpm_tss_tss2_t *this, uint32_t aik_handle, uint32_t pcr_sel,
+ hash_algorithm_t alg, chunk_t data, tpm_quote_mode_t *quote_mode,
+ tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig)
+{
+ chunk_t quoted_chunk, qualified_signer, extra_data, clock_info,
+ firmware_version, pcr_select, pcr_digest;
+ hash_algorithm_t pcr_digest_alg;
+ bio_reader_t *reader;
+ uint32_t rval;
+
+ TPM2B_DATA qualifying_data;
+ TPML_PCR_SELECTION pcr_selection;
+ TPM2B_ATTEST quoted = { { sizeof(TPM2B_ATTEST)-2, } };
+ TPMT_SIG_SCHEME scheme;
+ TPMT_SIGNATURE sig;
+ TPMI_ALG_HASH hash_alg;
+ TPMS_AUTH_COMMAND session_data_cmd;
+ TPMS_AUTH_RESPONSE session_data_rsp;
+ TSS2_SYS_CMD_AUTHS sessions_data_cmd;
+ TSS2_SYS_RSP_AUTHS sessions_data_rsp;
+ TPMS_AUTH_COMMAND *session_data_cmd_array[1];
+ TPMS_AUTH_RESPONSE *session_data_rsp_array[1];
+
+ session_data_cmd_array[0] = &session_data_cmd;
+ session_data_rsp_array[0] = &session_data_rsp;
+
+ sessions_data_cmd.cmdAuths = &session_data_cmd_array[0];
+ sessions_data_rsp.rspAuths = &session_data_rsp_array[0];
+
+ sessions_data_cmd.cmdAuthsCount = 1;
+ sessions_data_rsp.rspAuthsCount = 1;
+
+ session_data_cmd.sessionHandle = TPM_RS_PW;
+ session_data_cmd.hmac.t.size = 0;
+ session_data_cmd.nonce.t.size = 0;
+
+ *( (uint8_t *)((void *)&session_data_cmd.sessionAttributes ) ) = 0;
+
+ qualifying_data.t.size = data.len;
+ memcpy(qualifying_data.t.buffer, data.ptr, data.len);
+
+ scheme.scheme = TPM_ALG_NULL;
+ memset(&sig, 0x00, sizeof(sig));
+
+ /* set Quote mode */
+ *quote_mode = TPM_QUOTE_TPM2;
+
+ if (!init_pcr_selection(this, pcr_sel, alg, &pcr_selection))
+ {
+ return FALSE;
+ }
+
+ rval = Tss2_Sys_Quote(this->sys_context, aik_handle, &sessions_data_cmd,
+ &qualifying_data, &scheme, &pcr_selection, &quoted,
+ &sig, &sessions_data_rsp);
+ if (rval != TPM_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS,"%s Tss2_Sys_Quote failed: 0x%06x", LABEL, rval);
+ return FALSE;
+ }
+ quoted_chunk = chunk_create(quoted.t.attestationData, quoted.t.size);
+
+ reader = bio_reader_create(chunk_skip(quoted_chunk, 6));
+ if (!reader->read_data16(reader, &qualified_signer) ||
+ !reader->read_data16(reader, &extra_data) ||
+ !reader->read_data (reader, 17, &clock_info) ||
+ !reader->read_data (reader, 8, &firmware_version) ||
+ !reader->read_data (reader, 10, &pcr_select) ||
+ !reader->read_data16(reader, &pcr_digest))
+ {
+ DBG1(DBG_PTS, "%s parsing of quoted struct failed", LABEL);
+ reader->destroy(reader);
+ return FALSE;
+ }
+ reader->destroy(reader);
+
+ DBG2(DBG_PTS, "PCR Composite digest: %B", &pcr_digest);
+ DBG2(DBG_PTS, "TPM Quote Info: %B", &quoted_chunk);
+ DBG2(DBG_PTS, "qualifiedSigner: %B", &qualified_signer);
+ DBG2(DBG_PTS, "extraData: %B", &extra_data);
+ DBG2(DBG_PTS, "clockInfo: %B", &clock_info);
+ DBG2(DBG_PTS, "firmwareVersion: %B", &firmware_version);
+ DBG2(DBG_PTS, "pcrSelect: %B", &pcr_select);
+
+ /* extract signature */
+ switch (sig.sigAlg)
+ {
+ case TPM_ALG_RSASSA:
+ case TPM_ALG_RSAPSS:
+ *quote_sig = chunk_clone(
+ chunk_create(
+ sig.signature.rsassa.sig.t.buffer,
+ sig.signature.rsassa.sig.t.size));
+ hash_alg = sig.signature.rsassa.hash;
+ break;
+ case TPM_ALG_ECDSA:
+ case TPM_ALG_ECDAA:
+ case TPM_ALG_SM2:
+ case TPM_ALG_ECSCHNORR:
+ *quote_sig = chunk_cat("cc",
+ chunk_create(
+ sig.signature.ecdsa.signatureR.t.buffer,
+ sig.signature.ecdsa.signatureR.t.size),
+ chunk_create(
+ sig.signature.ecdsa.signatureS.t.buffer,
+ sig.signature.ecdsa.signatureS.t.size));
+ hash_alg = sig.signature.ecdsa.hash;
+ break;
+ default:
+ DBG1(DBG_PTS, "%s unsupported %N signature algorithm",
+ LABEL, tpm_alg_id_names, sig.sigAlg);
+ return FALSE;
+ };
+
+ DBG2(DBG_PTS, "PCR digest algorithm is %N", tpm_alg_id_names, hash_alg);
+ pcr_digest_alg = hash_alg_from_tpm_alg_id(hash_alg);
+
+ DBG2(DBG_PTS, "TPM Quote Signature: %B", quote_sig);
+
+ /* Create and initialize Quote Info object */
+ *quote_info = tpm_tss_quote_info_create(*quote_mode, pcr_digest_alg,
+ pcr_digest);
+ (*quote_info)->set_tpm2_info(*quote_info, qualified_signer, clock_info,
+ pcr_select);
+ (*quote_info)->set_version_info(*quote_info, firmware_version);
+
+ return TRUE;
+}
+
+METHOD(tpm_tss_t, destroy, void,
+ private_tpm_tss_tss2_t *this)
+{
+ finalize_context(this);
+ free(this);
+}
+
+/**
+ * See header
+ */
+tpm_tss_t *tpm_tss_tss2_create()
+{
+ private_tpm_tss_tss2_t *this;
+ bool available;
+
+ INIT(this,
+ .public = {
+ .get_version = _get_version,
+ .get_version_info = _get_version_info,
+ .generate_aik = _generate_aik,
+ .get_public = _get_public,
+ .read_pcr = _read_pcr,
+ .extend_pcr = _extend_pcr,
+ .quote = _quote,
+ .destroy = _destroy,
+ },
+ );
+
+ available = initialize_context(this);
+ DBG1(DBG_PTS, "TPM 2.0 via TSS2 %savailable", available ? "" : "not ");
+
+ if (!available)
+ {
+ destroy(this);
+ return NULL;
+ }
+ return &this->public;
+}
+
+#else /* TSS_TSS2 */
+
+tpm_tss_t *tpm_tss_tss2_create()
+{
+ return NULL;
+}
+
+#endif /* TSS_TSS2 */
+
+
diff --git a/src/libtpmtss/tpm_tss_tss2.h b/src/libtpmtss/tpm_tss_tss2.h
new file mode 100644
index 000000000..f3a11e5fd
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_tss2.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tpm_tss_tss2 tpm_tss_tss2
+ * @{ @ingroup libtpmtss
+ */
+
+#ifndef TPM_TSS_TSS2_H_
+#define TPM_TSS_TSS2_H_
+
+#include "tpm_tss.h"
+
+/**
+ * Create a tpm_tss_tss2 instance.
+ */
+tpm_tss_t *tpm_tss_tss2_create();
+
+#endif /** TPM_TSS_TSS2_H_ @}*/
diff --git a/src/libtpmtss/tpm_tss_tss2_names.c b/src/libtpmtss/tpm_tss_tss2_names.c
new file mode 100644
index 000000000..9185aa374
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_tss2_names.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "tpm_tss_tss2_names.h"
+
+#ifdef TSS_TSS2
+
+#include <tss2/tpm20.h>
+
+#ifndef TPM_ALG_ECMQV
+#define TPM_ALG_ECMQV (TPM_ALG_ID)0x001D
+#endif
+
+#ifndef TPM_ALG_CAMELLIA
+#define TPM_ALG_CAMELLIA (TPM_ALG_ID)0x0026
+#endif
+
+/**
+ * TPM 2.0 algorithm ID names
+ */
+ENUM_BEGIN(tpm_alg_id_names, TPM_ALG_ERROR, TPM_ALG_RSA,
+ "ERROR",
+ "RSA"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_SHA1, TPM_ALG_KEYEDHASH, TPM_ALG_RSA,
+ "SHA1",
+ "HMAC",
+ "AES",
+ "MGF1",
+ "KEYEDHASH"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_XOR, TPM_ALG_SHA512, TPM_ALG_KEYEDHASH,
+ "XOR",
+ "SHA256",
+ "SHA384",
+ "SHA512"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_NULL, TPM_ALG_NULL, TPM_ALG_SHA512,
+ "NULL"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_SM3_256, TPM_ALG_ECMQV, TPM_ALG_NULL,
+ "SM3_256",
+ "SM4",
+ "RSASSA",
+ "RSAES",
+ "RSAPSS",
+ "OAEP",
+ "ECDSA",
+ "ECDH",
+ "SM2",
+ "ECSCHNORR",
+ "ECMQV"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_KDF1_SP800_56A, TPM_ALG_ECC, TPM_ALG_ECMQV,
+ "KDF1_SP800_56A",
+ "KDF2",
+ "KDF1_SP800_108",
+ "ECC"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_SYMCIPHER, TPM_ALG_CAMELLIA, TPM_ALG_ECC,
+ "SYMCIPHER",
+ "CAMELLIA"
+);
+ENUM_NEXT(tpm_alg_id_names, TPM_ALG_CTR, TPM_ALG_ECB, TPM_ALG_CAMELLIA,
+ "CTR",
+ "OFB",
+ "CBC",
+ "CFB",
+ "ECB"
+);
+ENUM_END(tpm_alg_id_names, TPM_ALG_ECB);
+
+/**
+ * TPM 2.0 ECC curve names
+ */
+ENUM_BEGIN(tpm_ecc_curve_names, TPM_ECC_NONE, TPM_ECC_NIST_P521,
+ "NONE",
+ "NIST_P192",
+ "NIST_P224",
+ "NIST_P256",
+ "NIST_P384",
+ "NIST_P521"
+);
+ENUM_NEXT(tpm_ecc_curve_names, TPM_ECC_BN_P256, TPM_ECC_BN_P638, TPM_ECC_NIST_P521,
+ "BN_P256",
+ "BN_P638"
+);
+ENUM_NEXT(tpm_ecc_curve_names, TPM_ECC_SM2_P256, TPM_ECC_SM2_P256, TPM_ECC_BN_P638,
+ "SM2_P256"
+);
+ENUM_END(tpm_ecc_curve_names, TPM_ECC_SM2_P256);
+
+#else /* TSS_TSS2 */
+
+/**
+ * TPM 2.0 algorithm ID names
+ */
+ENUM(tpm_alg_id_names, 0, 0,
+ "ERROR"
+);
+
+/**
+ * TPM 2.0 ECC curve names
+ */
+ENUM(tpm_ecc_curve_names, 0, 0,
+ "NONE"
+);
+
+#endif /* TSS_TSS2 */
+
+
diff --git a/src/libtpmtss/tpm_tss_tss2_names.h b/src/libtpmtss/tpm_tss_tss2_names.h
new file mode 100644
index 000000000..c2a834493
--- /dev/null
+++ b/src/libtpmtss/tpm_tss_tss2_names.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tpm_tss_tss2_names tpm_tss_tss2_names
+ * @{ @ingroup libtpmtss
+ */
+
+#ifndef TPM_TSS_TSS2_NAMES_H_
+#define TPM_TSS_TSS2_NAMES_H_
+
+#include <library.h>
+
+extern enum_name_t *tpm_alg_id_names;
+
+extern enum_name_t *tpm_ecc_curve_names;
+
+#endif /** TPM_TSS_TSS2_NAMES_H_ @}*/
diff --git a/src/manager/Makefile.in b/src/manager/Makefile.in
index 9beaab0a3..a1ad709f4 100644
--- a/src/manager/Makefile.in
+++ b/src/manager/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
manager_PROGRAMS = manager.fcgi$(EXEEXT)
subdir = src/manager
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -219,12 +228,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -274,6 +285,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -308,6 +320,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -419,6 +432,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -518,7 +532,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/manager/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/manager/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -1036,6 +1049,8 @@ uninstall-am: uninstall-managerPROGRAMS \
uninstall-manager_templates_ikesaDATA \
uninstall-manager_templates_staticDATA
+.PRECIOUS: Makefile
+
main.o : $(top_builddir)/config.status
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/manager/controller/control_controller.c b/src/manager/controller/control_controller.c
index f275986d2..a8db2f272 100644
--- a/src/manager/controller/control_controller.c
+++ b/src/manager/controller/control_controller.c
@@ -109,7 +109,7 @@ static void initiate(private_control_controller_t *this, fast_request_t *r,
* terminate an IKE or CHILD SA
*/
static void terminate(private_control_controller_t *this, fast_request_t *r,
- bool ike, u_int32_t id)
+ bool ike, uint32_t id)
{
gateway_t *gateway;
enumerator_t *e;
@@ -140,7 +140,7 @@ METHOD(fast_controller_t, handle, void,
}
if (action)
{
- u_int32_t id;
+ uint32_t id;
if (streq(action, "terminateike"))
{
diff --git a/src/manager/gateway.c b/src/manager/gateway.c
index 8a8fbe895..58ee6ab54 100644
--- a/src/manager/gateway.c
+++ b/src/manager/gateway.c
@@ -317,7 +317,7 @@ METHOD(gateway_t, initiate, enumerator_t*,
}
METHOD(gateway_t, terminate, enumerator_t*,
- private_gateway_t *this, bool ike, u_int32_t id)
+ private_gateway_t *this, bool ike, uint32_t id)
{
char *str, *kind;
diff --git a/src/manager/gateway.h b/src/manager/gateway.h
index 5792ebf02..1f62d2365 100644
--- a/src/manager/gateway.h
+++ b/src/manager/gateway.h
@@ -61,7 +61,7 @@ struct gateway_t {
* @param id ID of the SA to terminate
* @return enumerator over control response XML children
*/
- enumerator_t* (*terminate)(gateway_t *this, bool ike, u_int32_t id);
+ enumerator_t* (*terminate)(gateway_t *this, bool ike, uint32_t id);
/**
* Initiate an IKE or a CHILD SA.
diff --git a/src/medsrv/Makefile.in b/src/medsrv/Makefile.in
index c367841df..44ed9f82f 100644
--- a/src/medsrv/Makefile.in
+++ b/src/medsrv/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
medsrv_PROGRAMS = medsrv.fcgi$(EXEEXT)
subdir = src/medsrv
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -208,12 +217,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -263,6 +274,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -297,6 +309,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -408,6 +421,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -493,7 +507,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/medsrv/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/medsrv/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -934,6 +947,8 @@ uninstall-am: uninstall-medsrvPROGRAMS uninstall-medsrv_templatesDATA \
uninstall-medsrv_templates_staticDATA \
uninstall-medsrv_templates_userDATA
+.PRECIOUS: Makefile
+
main.o : $(top_builddir)/config.status
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/pki/Makefile.am b/src/pki/Makefile.am
index 261e41c16..1153794cd 100644
--- a/src/pki/Makefile.am
+++ b/src/pki/Makefile.am
@@ -19,7 +19,7 @@ pki_SOURCES = pki.c pki.h command.c command.h \
pki_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB) $(DLLIB)
+ $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
pki.o : $(top_builddir)/config.status
diff --git a/src/pki/Makefile.in b/src/pki/Makefile.in
index 4b206c9c9..7b900f238 100644
--- a/src/pki/Makefile.in
+++ b/src/pki/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
bin_PROGRAMS = pki$(EXEEXT)
subdir = src/pki
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -113,7 +122,8 @@ am_pki_OBJECTS = pki.$(OBJEXT) command.$(OBJEXT) \
pki_OBJECTS = $(am_pki_OBJECTS)
am__DEPENDENCIES_1 =
pki_DEPENDENCIES = $(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -195,6 +205,7 @@ am__define_uniq_tagged_files = \
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -226,6 +237,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -275,6 +287,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -309,6 +322,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -420,6 +434,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -466,7 +481,7 @@ pki_SOURCES = pki.c pki.h command.c command.h \
pki_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB) $(DLLIB)
+ $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
@@ -488,7 +503,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/pki/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/pki/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -926,6 +940,8 @@ uninstall-am: uninstall-binPROGRAMS
mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-binPROGRAMS
+.PRECIOUS: Makefile
+
pki.o : $(top_builddir)/config.status
diff --git a/src/pki/man/Makefile.in b/src/pki/man/Makefile.in
index e61230929..982a1175f 100644
--- a/src/pki/man/Makefile.in
+++ b/src/pki/man/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -78,14 +88,6 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/pki/man
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(srcdir)/pki.1.in $(srcdir)/pki---acert.1.in \
- $(srcdir)/pki---dn.1.in $(srcdir)/pki---gen.1.in \
- $(srcdir)/pki---issue.1.in $(srcdir)/pki---keyid.1.in \
- $(srcdir)/pki---pkcs12.1.in $(srcdir)/pki---pkcs7.1.in \
- $(srcdir)/pki---print.1.in $(srcdir)/pki---pub.1.in \
- $(srcdir)/pki---req.1.in $(srcdir)/pki---self.1.in \
- $(srcdir)/pki---signcrl.1.in $(srcdir)/pki---verify.1.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -99,6 +101,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = pki.1 pki---acert.1 pki---dn.1 pki---gen.1 \
@@ -157,12 +160,21 @@ am__installdirs = "$(DESTDIR)$(man1dir)"
NROFF = nroff
MANS = $(man1_MANS)
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/pki---acert.1.in \
+ $(srcdir)/pki---dn.1.in $(srcdir)/pki---gen.1.in \
+ $(srcdir)/pki---issue.1.in $(srcdir)/pki---keyid.1.in \
+ $(srcdir)/pki---pkcs12.1.in $(srcdir)/pki---pkcs7.1.in \
+ $(srcdir)/pki---print.1.in $(srcdir)/pki---pub.1.in \
+ $(srcdir)/pki---req.1.in $(srcdir)/pki---self.1.in \
+ $(srcdir)/pki---signcrl.1.in $(srcdir)/pki---verify.1.in \
+ $(srcdir)/pki.1.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -212,6 +224,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -246,6 +259,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -357,6 +371,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -416,7 +431,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/pki/man/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/pki/man/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -667,6 +681,8 @@ uninstall-man: uninstall-man1
ps ps-am tags-am uninstall uninstall-am uninstall-man \
uninstall-man1
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/pool/Makefile.in b/src/pool/Makefile.in
index 3d9adb14d..8b73403e7 100644
--- a/src/pool/Makefile.in
+++ b/src/pool/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -81,8 +91,6 @@ build_triplet = @build@
host_triplet = @host@
@USE_ATTR_SQL_TRUE@ipsec_PROGRAMS = pool$(EXEEXT)
subdir = src/pool
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(dist_templates_DATA)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +104,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(dist_templates_DATA) \
+ $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -202,12 +212,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -257,6 +269,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -291,6 +304,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -402,6 +416,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -461,7 +476,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/pool/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/pool/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -802,6 +816,8 @@ uninstall-am: uninstall-dist_templatesDATA uninstall-ipsecPROGRAMS
tags tags-am uninstall uninstall-am \
uninstall-dist_templatesDATA uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
@USE_ATTR_SQL_TRUE@pool.o : $(top_builddir)/config.status
diff --git a/src/pool/sqlite.sql b/src/pool/sqlite.sql
index 78012630b..a35094073 100644
--- a/src/pool/sqlite.sql
+++ b/src/pool/sqlite.sql
@@ -37,7 +37,7 @@ CREATE TABLE child_config_traffic_selector (
traffic_selector INTEGER NOT NULL,
kind INTEGER NOT NULL
);
-DROP INDEX IF EXISTS child_config_traffic_selector;
+DROP INDEX IF EXISTS child_config_traffic_selector_all;
CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector (
child_cfg, traffic_selector
);
diff --git a/src/pt-tls-client/Makefile.in b/src/pt-tls-client/Makefile.in
index 2ab3cbf3d..b2c9c9598 100644
--- a/src/pt-tls-client/Makefile.in
+++ b/src/pt-tls-client/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = pt-tls-client$(EXEEXT)
subdir = src/pt-tls-client
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -172,12 +181,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -227,6 +238,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -261,6 +273,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -372,6 +385,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -432,7 +446,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/pt-tls-client/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/pt-tls-client/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -748,6 +761,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
pt-tls-client.o : $(top_builddir)/config.status
diff --git a/src/pt-tls-client/pt-tls-client.c b/src/pt-tls-client/pt-tls-client.c
index 3a179af17..b91997ddd 100644
--- a/src/pt-tls-client/pt-tls-client.c
+++ b/src/pt-tls-client/pt-tls-client.c
@@ -50,7 +50,7 @@ static void usage(FILE *out)
/**
* Client routine
*/
-static int client(char *address, u_int16_t port, char *identity)
+static int client(char *address, uint16_t port, char *identity)
{
pt_tls_client_t *assessment;
tls_t *tnccs;
diff --git a/src/scepclient/Makefile.in b/src/scepclient/Makefile.in
index 141db6993..1fdea8a7b 100644
--- a/src/scepclient/Makefile.in
+++ b/src/scepclient/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = scepclient$(EXEEXT)
subdir = src/scepclient
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(dist_man_MANS)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -199,12 +208,15 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.in \
+ $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -254,6 +266,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -288,6 +301,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -399,6 +413,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -456,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/scepclient/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/scepclient/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -819,6 +833,8 @@ uninstall-man: uninstall-man8
pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
uninstall-ipsecPROGRAMS uninstall-man uninstall-man8
+.PRECIOUS: Makefile
+
scepclient.o : $(top_builddir)/config.status
diff --git a/src/starter/Makefile.am b/src/starter/Makefile.am
index 8341ca3ee..873c20ace 100644
--- a/src/starter/Makefile.am
+++ b/src/starter/Makefile.am
@@ -28,13 +28,16 @@ AM_CPPFLAGS = \
-DPLUGINS=\""${starter_plugins}\"" \
-DDEBUG
+AM_CFLAGS = \
+ @COVERAGE_CFLAGS@
+
AM_YFLAGS = -v -d
starter_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
libstarter.la \
- $(SOCKLIB) $(PTHREADLIB)
+ $(SOCKLIB) $(PTHREADLIB) $(ATOMICLIB)
EXTRA_DIST = keywords.txt ipsec.conf Android.mk
MAINTAINERCLEANFILES = keywords.c
diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in
index 31e0e9d42..19753de4f 100644
--- a/src/starter/Makefile.in
+++ b/src/starter/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -16,7 +16,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -83,9 +93,6 @@ ipsec_PROGRAMS = starter$(EXEEXT)
@USE_LOAD_WARNING_TRUE@am__append_1 = -DLOAD_WARNING
@USE_SCEPCLIENT_TRUE@am__append_2 = -DGENERATE_SELFCERT
subdir = src/starter
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- parser/parser.h parser/parser.c parser/lexer.c \
- $(top_srcdir)/depcomp $(top_srcdir)/ylwrap
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -99,6 +106,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -124,7 +132,8 @@ am__DEPENDENCIES_1 =
starter_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la libstarter.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
@@ -219,6 +228,9 @@ am__define_uniq_tagged_files = \
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \
+ $(top_srcdir)/ylwrap parser/lexer.c parser/parser.c \
+ parser/parser.h
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -250,6 +262,7 @@ ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -299,6 +312,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -333,6 +347,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -444,6 +459,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -495,12 +511,15 @@ AM_CPPFLAGS = -I${linux_headers} -I$(top_srcdir)/src/libstrongswan \
-DDEV_URANDOM=\"${urandom_device}\" \
-DPLUGINS=\""${starter_plugins}\"" -DDEBUG $(am__append_1) \
$(am__append_2)
+AM_CFLAGS = \
+ @COVERAGE_CFLAGS@
+
AM_YFLAGS = -v -d
starter_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(top_builddir)/src/libcharon/libcharon.la \
libstarter.la \
- $(SOCKLIB) $(PTHREADLIB)
+ $(SOCKLIB) $(PTHREADLIB) $(ATOMICLIB)
EXTRA_DIST = keywords.txt ipsec.conf Android.mk
MAINTAINERCLEANFILES = keywords.c
@@ -522,7 +541,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/starter/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/starter/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -971,6 +989,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
keywords.c: $(srcdir)/keywords.txt $(srcdir)/keywords.h
$(AM_V_GEN) \
diff --git a/src/starter/confread.c b/src/starter/confread.c
index 897aa423e..33924b065 100644
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@@ -331,7 +331,7 @@ static void kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token,
DBG1(DBG_APP, "# bad protocol: %s=%s", key, value);
goto err;
}
- end->protocol = (u_int8_t)p;
+ end->protocol = (uint8_t)p;
}
}
if (streq(port, "%any"))
diff --git a/src/starter/confread.h b/src/starter/confread.h
index 457327f18..45f34ce23 100644
--- a/src/starter/confread.h
+++ b/src/starter/confread.h
@@ -106,9 +106,9 @@ struct starter_end {
bool hostaccess;
bool allow_any;
char *updown;
- u_int16_t from_port;
- u_int16_t to_port;
- u_int8_t protocol;
+ uint16_t from_port;
+ uint16_t to_port;
+ uint8_t protocol;
char *sourceip;
char *dns;
};
@@ -133,17 +133,17 @@ struct starter_conn {
time_t sa_ike_life_seconds;
time_t sa_ipsec_life_seconds;
time_t sa_rekey_margin;
- u_int64_t sa_ipsec_life_bytes;
- u_int64_t sa_ipsec_margin_bytes;
- u_int64_t sa_ipsec_life_packets;
- u_int64_t sa_ipsec_margin_packets;
+ uint64_t sa_ipsec_life_bytes;
+ uint64_t sa_ipsec_margin_bytes;
+ uint64_t sa_ipsec_life_packets;
+ uint64_t sa_ipsec_margin_packets;
unsigned long sa_keying_tries;
unsigned long sa_rekey_fuzz;
- u_int32_t reqid;
+ uint32_t reqid;
mark_t mark_in;
mark_t mark_out;
- u_int32_t replay_window;
- u_int32_t tfc;
+ uint32_t replay_window;
+ uint32_t tfc;
bool install_policy;
bool aggressive;
starter_end_t left, right;
diff --git a/src/starter/parser/lexer.c b/src/starter/parser/lexer.c
index a0937710e..afca86341 100644
--- a/src/starter/parser/lexer.c
+++ b/src/starter/parser/lexer.c
@@ -16,8 +16,8 @@
#define FLEX_SCANNER
#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-#define YY_FLEX_SUBMINOR_VERSION 35
+#define YY_FLEX_MINOR_VERSION 6
+#define YY_FLEX_SUBMINOR_VERSION 0
#if YY_FLEX_SUBMINOR_VERSION > 0
#define FLEX_BETA
#endif
@@ -221,6 +221,11 @@ typedef void* yyscan_t;
typedef struct yy_buffer_state *YY_BUFFER_STATE;
#endif
+#ifndef YY_TYPEDEF_YY_SIZE_T
+#define YY_TYPEDEF_YY_SIZE_T
+typedef size_t yy_size_t;
+#endif
+
/* %if-not-reentrant */
/* %endif */
@@ -247,6 +252,13 @@ typedef struct yy_buffer_state *YY_BUFFER_STATE;
if ( yytext[yyl] == '\n' )\
--yylineno;\
}while(0)
+ #define YY_LINENO_REWIND_TO(dst) \
+ do {\
+ const char *p;\
+ for ( p = yy_cp-1; p >= (dst); --p)\
+ if ( *p == '\n' )\
+ --yylineno;\
+ }while(0)
/* Return all but the first "n" matched characters back to the input stream. */
#define yyless(n) \
@@ -264,11 +276,6 @@ typedef struct yy_buffer_state *YY_BUFFER_STATE;
#define unput(c) yyunput( c, yyg->yytext_ptr , yyscanner )
-#ifndef YY_TYPEDEF_YY_SIZE_T
-#define YY_TYPEDEF_YY_SIZE_T
-typedef size_t yy_size_t;
-#endif
-
#ifndef YY_STRUCT_YY_BUFFER_STATE
#define YY_STRUCT_YY_BUFFER_STATE
struct yy_buffer_state
@@ -388,7 +395,7 @@ static void conf_parser__init_buffer (YY_BUFFER_STATE b,FILE *file ,yyscan_t yys
YY_BUFFER_STATE conf_parser__scan_buffer (char *base,yy_size_t size ,yyscan_t yyscanner );
YY_BUFFER_STATE conf_parser__scan_string (yyconst char *yy_str ,yyscan_t yyscanner );
-YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char *bytes,int len ,yyscan_t yyscanner );
+YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char *bytes,yy_size_t len ,yyscan_t yyscanner );
/* %endif */
@@ -423,7 +430,7 @@ void conf_parser_free (void * ,yyscan_t yyscanner );
/* %% [1.0] yytext/yyin/yyout/yy_state_type/yylineno etc. def's & init go here */
/* Begin user sect3 */
-#define conf_parser_wrap(n) 1
+#define conf_parser_wrap(yyscanner) (/*CONSTCOND*/1)
#define YY_SKIP_YYWRAP
#define FLEX_DEBUG
@@ -434,11 +441,16 @@ typedef int yy_state_type;
#define yytext_ptr yytext_r
+/* %% [1.5] DFA */
+
/* %if-c-only Standard (non-C++) definition */
static yy_state_type yy_get_previous_state (yyscan_t yyscanner );
static yy_state_type yy_try_NUL_trans (yy_state_type current_state ,yyscan_t yyscanner);
static int yy_get_next_buffer (yyscan_t yyscanner );
+#if defined(__GNUC__) && __GNUC__ >= 3
+__attribute__((__noreturn__))
+#endif
static void yy_fatal_error (yyconst char msg[] ,yyscan_t yyscanner );
/* %endif */
@@ -477,7 +489,7 @@ static yyconst flex_int16_t yy_accept[80] =
0, 1, 10, 10, 0, 0, 0, 7, 0
} ;
-static yyconst flex_int32_t yy_ec[256] =
+static yyconst YY_CHAR yy_ec[256] =
{ 0,
1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
1, 1, 4, 1, 1, 1, 1, 1, 1, 1,
@@ -509,14 +521,14 @@ static yyconst flex_int32_t yy_ec[256] =
1, 1, 1, 1, 1
} ;
-static yyconst flex_int32_t yy_meta[28] =
+static yyconst YY_CHAR yy_meta[28] =
{ 0,
1, 2, 3, 1, 2, 4, 2, 5, 1, 6,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1
} ;
-static yyconst flex_int16_t yy_base[91] =
+static yyconst flex_uint16_t yy_base[91] =
{ 0,
0, 16, 41, 50, 4, 5, 101, 0, 24, 184,
184, 0, 184, 92, 79, 32, 16, 83, 0, 184,
@@ -542,7 +554,7 @@ static yyconst flex_int16_t yy_def[91] =
79, 79, 79, 79, 79, 79, 79, 79, 79, 79
} ;
-static yyconst flex_int16_t yy_nxt[212] =
+static yyconst flex_uint16_t yy_nxt[212] =
{ 0,
79, 9, 10, 79, 9, 11, 12, 13, 14, 24,
24, 79, 79, 25, 25, 52, 15, 16, 10, 53,
@@ -657,7 +669,7 @@ static void include_files(parser_helper_t *ctx);
/* state used to scan quoted strings */
-#line 661 "parser/lexer.c"
+#line 673 "parser/lexer.c"
#define INITIAL 0
#define inc 1
@@ -694,7 +706,7 @@ struct yyguts_t
YY_BUFFER_STATE * yy_buffer_stack; /**< Stack as an array. */
char yy_hold_char;
int yy_n_chars;
- int yyleng_r;
+ yy_size_t yyleng_r;
char *yy_c_buf_p;
int yy_init;
int yy_start;
@@ -751,19 +763,23 @@ void conf_parser_set_extra (YY_EXTRA_TYPE user_defined ,yyscan_t yyscanner );
FILE *conf_parser_get_in (yyscan_t yyscanner );
-void conf_parser_set_in (FILE * in_str ,yyscan_t yyscanner );
+void conf_parser_set_in (FILE * _in_str ,yyscan_t yyscanner );
FILE *conf_parser_get_out (yyscan_t yyscanner );
-void conf_parser_set_out (FILE * out_str ,yyscan_t yyscanner );
+void conf_parser_set_out (FILE * _out_str ,yyscan_t yyscanner );
-int conf_parser_get_leng (yyscan_t yyscanner );
+yy_size_t conf_parser_get_leng (yyscan_t yyscanner );
char *conf_parser_get_text (yyscan_t yyscanner );
int conf_parser_get_lineno (yyscan_t yyscanner );
-void conf_parser_set_lineno (int line_number ,yyscan_t yyscanner );
+void conf_parser_set_lineno (int _line_number ,yyscan_t yyscanner );
+
+int conf_parser_get_column (yyscan_t yyscanner );
+
+void conf_parser_set_column (int _column_no ,yyscan_t yyscanner );
/* %if-bison-bridge */
@@ -787,8 +803,11 @@ extern int conf_parser_wrap (yyscan_t yyscanner );
/* %not-for-header */
+#ifndef YY_NO_UNPUT
+
static void yyunput (int c,char *buf_ptr ,yyscan_t yyscanner);
+#endif
/* %ok-for-header */
/* %endif */
@@ -817,7 +836,7 @@ static int input (yyscan_t yyscanner );
/* %if-c-only */
- static void yy_push_state (int new_state ,yyscan_t yyscanner);
+ static void yy_push_state (int _new_state ,yyscan_t yyscanner);
static void yy_pop_state (yyscan_t yyscanner );
@@ -947,7 +966,7 @@ extern int conf_parser_lex \
/* Code executed at the end of each rule. */
#ifndef YY_BREAK
-#define YY_BREAK break;
+#define YY_BREAK /*LINTED*/break;
#endif
/* %% [6.0] YY_RULE_SETUP definition goes here */
@@ -963,17 +982,11 @@ extern int conf_parser_lex \
*/
YY_DECL
{
- register yy_state_type yy_current_state;
- register char *yy_cp, *yy_bp;
- register int yy_act;
+ yy_state_type yy_current_state;
+ char *yy_cp, *yy_bp;
+ int yy_act;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
-/* %% [7.0] user's declarations go here */
-#line 58 "parser/lexer.l"
-
-
-#line 976 "parser/lexer.c"
-
yylval = yylval_param;
if ( !yyg->yy_init )
@@ -1010,7 +1023,14 @@ YY_DECL
conf_parser__load_buffer_state(yyscanner );
}
- while ( 1 ) /* loops until end-of-file is reached */
+ {
+/* %% [7.0] user's declarations go here */
+#line 58 "parser/lexer.l"
+
+
+#line 1032 "parser/lexer.c"
+
+ while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */
{
/* %% [8.0] yymore()-related code goes here */
yy_cp = yyg->yy_c_buf_p;
@@ -1029,7 +1049,7 @@ YY_DECL
yy_match:
do
{
- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ;
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1062,7 +1082,7 @@ yy_find_action:
if ( yy_act != YY_END_OF_BUFFER && yy_rule_can_match_eol[yy_act] )
{
- int yyl;
+ yy_size_t yyl;
for ( yyl = 0; yyl < yyleng; ++yyl )
if ( yytext[yyl] == '\n' )
@@ -1153,6 +1173,7 @@ return CA;
case 10:
/* rule 10 can match eol */
*yy_cp = yyg->yy_hold_char; /* undo effects of setting up yytext */
+YY_LINENO_REWIND_TO(yy_cp - 1);
yyg->yy_c_buf_p = yy_cp -= 1;
YY_DO_BEFORE_ACTION; /* set up yytext again */
YY_RULE_SETUP
@@ -1238,6 +1259,7 @@ YY_RULE_SETUP
case 18:
#line 125 "parser/lexer.l"
+YY_RULE_SETUP
case YY_STATE_EOF(str):
#line 125 "parser/lexer.l"
case 19:
@@ -1313,7 +1335,7 @@ YY_RULE_SETUP
#line 163 "parser/lexer.l"
YY_FATAL_ERROR( "flex scanner jammed" );
YY_BREAK
-#line 1317 "parser/lexer.c"
+#line 1339 "parser/lexer.c"
case YY_END_OF_BUFFER:
{
@@ -1336,7 +1358,11 @@ YY_FATAL_ERROR( "flex scanner jammed" );
* back-up) that will match for the new input source.
*/
yyg->yy_n_chars = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+/* %if-c-only */
YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin;
+/* %endif */
+/* %if-c++-only */
+/* %endif */
YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL;
}
@@ -1443,6 +1469,7 @@ YY_FATAL_ERROR( "flex scanner jammed" );
"fatal flex scanner internal error--no action found" );
} /* end of action switch */
} /* end of scanning one token */
+ } /* end of user's declarations */
} /* end of conf_parser_lex */
/* %ok-for-header */
@@ -1467,9 +1494,9 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %endif */
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
- register char *source = yyg->yytext_ptr;
- register int number_to_move, i;
+ char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+ char *source = yyg->yytext_ptr;
+ yy_size_t number_to_move, i;
int ret_val;
if ( yyg->yy_c_buf_p > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[yyg->yy_n_chars + 1] )
@@ -1498,7 +1525,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* Try to read more data. */
/* First move last chars to start of buffer. */
- number_to_move = (int) (yyg->yy_c_buf_p - yyg->yytext_ptr) - 1;
+ number_to_move = (yy_size_t) (yyg->yy_c_buf_p - yyg->yytext_ptr) - 1;
for ( i = 0; i < number_to_move; ++i )
*(dest++) = *(source++);
@@ -1511,21 +1538,21 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
else
{
- int num_to_read =
+ yy_size_t num_to_read =
YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
while ( num_to_read <= 0 )
{ /* Not enough room in the buffer - grow it. */
/* just a shorter name for the current buffer */
- YY_BUFFER_STATE b = YY_CURRENT_BUFFER;
+ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE;
int yy_c_buf_p_offset =
(int) (yyg->yy_c_buf_p - b->yy_ch_buf);
if ( b->yy_is_our_buffer )
{
- int new_size = b->yy_buf_size * 2;
+ yy_size_t new_size = b->yy_buf_size * 2;
if ( new_size <= 0 )
b->yy_buf_size += b->yy_buf_size / 8;
@@ -1556,7 +1583,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* Read in more data. */
YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]),
- yyg->yy_n_chars, (size_t) num_to_read );
+ yyg->yy_n_chars, num_to_read );
YY_CURRENT_BUFFER_LVALUE->yy_n_chars = yyg->yy_n_chars;
}
@@ -1580,9 +1607,9 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
else
ret_val = EOB_ACT_CONTINUE_SCAN;
- if ((yy_size_t) (yyg->yy_n_chars + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
+ if ((int) (yyg->yy_n_chars + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
/* Extend the array by 50%, plus the number we really need. */
- yy_size_t new_size = yyg->yy_n_chars + number_to_move + (yyg->yy_n_chars >> 1);
+ int new_size = yyg->yy_n_chars + number_to_move + (yyg->yy_n_chars >> 1);
YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) conf_parser_realloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ,yyscanner );
if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" );
@@ -1607,8 +1634,8 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %if-c++-only */
/* %endif */
{
- register yy_state_type yy_current_state;
- register char *yy_cp;
+ yy_state_type yy_current_state;
+ char *yy_cp;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* %% [15.0] code to get the start state into yy_current_state goes here */
@@ -1618,7 +1645,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
for ( yy_cp = yyg->yytext_ptr + YY_MORE_ADJ; yy_cp < yyg->yy_c_buf_p; ++yy_cp )
{
/* %% [16.0] code to find the next state goes here */
- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1647,12 +1674,12 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %if-c++-only */
/* %endif */
{
- register int yy_is_jam;
+ int yy_is_jam;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner; /* This var may be unused depending upon options. */
/* %% [17.0] code to find the next state, and perhaps do backing up, goes here */
- register char *yy_cp = yyg->yy_c_buf_p;
+ char *yy_cp = yyg->yy_c_buf_p;
- register YY_CHAR yy_c = 1;
+ YY_CHAR yy_c = 1;
if ( yy_accept[yy_current_state] )
{
yyg->yy_last_accepting_state = yy_current_state;
@@ -1667,17 +1694,19 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
yy_is_jam = (yy_current_state == 79);
+ (void)yyg;
return yy_is_jam ? 0 : yy_current_state;
}
+#ifndef YY_NO_UNPUT
/* %if-c-only */
- static void yyunput (int c, register char * yy_bp , yyscan_t yyscanner)
+ static void yyunput (int c, char * yy_bp , yyscan_t yyscanner)
/* %endif */
/* %if-c++-only */
/* %endif */
{
- register char *yy_cp;
+ char *yy_cp;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
yy_cp = yyg->yy_c_buf_p;
@@ -1688,10 +1717,10 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
{ /* need to shift things up to make room */
/* +2 for EOB chars. */
- register int number_to_move = yyg->yy_n_chars + 2;
- register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
+ yy_size_t number_to_move = yyg->yy_n_chars + 2;
+ char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2];
- register char *source =
+ char *source =
&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move];
while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
@@ -1721,6 +1750,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
/* %if-c-only */
/* %endif */
+#endif
/* %if-c-only */
#ifndef YY_NO_INPUT
@@ -1751,7 +1781,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
else
{ /* need more input */
- int offset = yyg->yy_c_buf_p - yyg->yytext_ptr;
+ yy_size_t offset = yyg->yy_c_buf_p - yyg->yytext_ptr;
++yyg->yy_c_buf_p;
switch ( yy_get_next_buffer( yyscanner ) )
@@ -1835,6 +1865,9 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
conf_parser__load_buffer_state(yyscanner );
}
+/* %if-c++-only */
+/* %endif */
+
/** Switch to a different input buffer.
* @param new_buffer The new input buffer.
* @param yyscanner The scanner object.
@@ -1884,7 +1917,11 @@ static void conf_parser__load_buffer_state (yyscan_t yyscanner)
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
yyg->yy_n_chars = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
yyg->yytext_ptr = yyg->yy_c_buf_p = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos;
+/* %if-c-only */
yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file;
+/* %endif */
+/* %if-c++-only */
+/* %endif */
yyg->yy_hold_char = *yyg->yy_c_buf_p;
}
@@ -1906,7 +1943,7 @@ static void conf_parser__load_buffer_state (yyscan_t yyscanner)
if ( ! b )
YY_FATAL_ERROR( "out of dynamic memory in conf_parser__create_buffer()" );
- b->yy_buf_size = size;
+ b->yy_buf_size = (yy_size_t)size;
/* yy_ch_buf has to be 2 characters longer than the size given because
* we need to put in 2 end-of-buffer characters.
@@ -1922,6 +1959,9 @@ static void conf_parser__load_buffer_state (yyscan_t yyscanner)
return b;
}
+/* %if-c++-only */
+/* %endif */
+
/** Destroy the buffer.
* @param b a buffer created with conf_parser__create_buffer()
* @param yyscanner The scanner object.
@@ -1946,17 +1986,6 @@ static void conf_parser__load_buffer_state (yyscan_t yyscanner)
conf_parser_free((void *) b ,yyscanner );
}
-/* %if-c-only */
-
-#ifndef __cplusplus
-extern int isatty (int );
-#endif /* __cplusplus */
-
-/* %endif */
-
-/* %if-c++-only */
-/* %endif */
-
/* Initializes or reinitializes a buffer.
* This function is sometimes called more than once on the same buffer,
* such as during a conf_parser_restart() or at EOF.
@@ -1973,7 +2002,11 @@ extern int isatty (int );
conf_parser__flush_buffer(b ,yyscanner);
+/* %if-c-only */
b->yy_input_file = file;
+/* %endif */
+/* %if-c++-only */
+/* %endif */
b->yy_fill_buffer = 1;
/* If b is the current buffer, then conf_parser__init_buffer was _probably_
@@ -2103,7 +2136,7 @@ static void conf_parser_ensure_buffer_stack (yyscan_t yyscanner)
/* %if-c++-only */
/* %endif */
{
- int num_to_alloc;
+ yy_size_t num_to_alloc;
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
if (!yyg->yy_buffer_stack) {
@@ -2112,7 +2145,7 @@ static void conf_parser_ensure_buffer_stack (yyscan_t yyscanner)
* scanner will even need a stack. We use 2 instead of 1 to avoid an
* immediate realloc on the next call.
*/
- num_to_alloc = 1;
+ num_to_alloc = 1; /* After all that talk, this was set to 1 anyways... */
yyg->yy_buffer_stack = (struct yy_buffer_state**)conf_parser_alloc
(num_to_alloc * sizeof(struct yy_buffer_state*)
, yyscanner);
@@ -2129,7 +2162,7 @@ static void conf_parser_ensure_buffer_stack (yyscan_t yyscanner)
if (yyg->yy_buffer_stack_top >= (yyg->yy_buffer_stack_max) - 1){
/* Increase the buffer to prepare for a possible push. */
- int grow_size = 8 /* arbitrary grow size */;
+ yy_size_t grow_size = 8 /* arbitrary grow size */;
num_to_alloc = yyg->yy_buffer_stack_max + grow_size;
yyg->yy_buffer_stack = (struct yy_buffer_state**)conf_parser_realloc
@@ -2207,12 +2240,12 @@ YY_BUFFER_STATE conf_parser__scan_string (yyconst char * yystr , yyscan_t yyscan
* @param yyscanner The scanner object.
* @return the newly allocated buffer state object.
*/
-YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char * yybytes, int _yybytes_len , yyscan_t yyscanner)
+YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len , yyscan_t yyscanner)
{
YY_BUFFER_STATE b;
char *buf;
yy_size_t n;
- int i;
+ yy_size_t i;
/* Get memory for full buffer, including space for trailing EOB's. */
n = _yybytes_len + 2;
@@ -2239,7 +2272,7 @@ YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char * yybytes, int _yybytes_
/* %endif */
/* %if-c-only */
- static void yy_push_state (int new_state , yyscan_t yyscanner)
+ static void yy_push_state (int _new_state , yyscan_t yyscanner)
/* %endif */
/* %if-c++-only */
/* %endif */
@@ -2264,7 +2297,7 @@ YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char * yybytes, int _yybytes_
yyg->yy_start_stack[yyg->yy_start_stack_ptr++] = YY_START;
- BEGIN(new_state);
+ BEGIN(_new_state);
}
/* %if-c-only */
@@ -2297,7 +2330,9 @@ YY_BUFFER_STATE conf_parser__scan_bytes (yyconst char * yybytes, int _yybytes_
/* %if-c-only */
static void yy_fatal_error (yyconst char* msg , yyscan_t yyscanner)
{
- (void) fprintf( stderr, "%s\n", msg );
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+ (void) fprintf( stderr, "%s\n", msg );
exit( YY_EXIT_FAILURE );
}
/* %endif */
@@ -2384,7 +2419,7 @@ FILE *conf_parser_get_out (yyscan_t yyscanner)
/** Get the length of the current token.
* @param yyscanner The scanner object.
*/
-int conf_parser_get_leng (yyscan_t yyscanner)
+yy_size_t conf_parser_get_leng (yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
return yyleng;
@@ -2415,51 +2450,51 @@ void conf_parser_set_extra (YY_EXTRA_TYPE user_defined , yyscan_t yyscanner)
/* %endif */
/** Set the current line number.
- * @param line_number
+ * @param _line_number line number
* @param yyscanner The scanner object.
*/
-void conf_parser_set_lineno (int line_number , yyscan_t yyscanner)
+void conf_parser_set_lineno (int _line_number , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* lineno is only valid if an input buffer exists. */
if (! YY_CURRENT_BUFFER )
- yy_fatal_error( "conf_parser_set_lineno called with no buffer" , yyscanner);
+ YY_FATAL_ERROR( "conf_parser_set_lineno called with no buffer" );
- yylineno = line_number;
+ yylineno = _line_number;
}
/** Set the current column.
- * @param line_number
+ * @param _column_no column number
* @param yyscanner The scanner object.
*/
-void conf_parser_set_column (int column_no , yyscan_t yyscanner)
+void conf_parser_set_column (int _column_no , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
/* column is only valid if an input buffer exists. */
if (! YY_CURRENT_BUFFER )
- yy_fatal_error( "conf_parser_set_column called with no buffer" , yyscanner);
+ YY_FATAL_ERROR( "conf_parser_set_column called with no buffer" );
- yycolumn = column_no;
+ yycolumn = _column_no;
}
/** Set the input stream. This does not discard the current
* input buffer.
- * @param in_str A readable stream.
+ * @param _in_str A readable stream.
* @param yyscanner The scanner object.
* @see conf_parser__switch_to_buffer
*/
-void conf_parser_set_in (FILE * in_str , yyscan_t yyscanner)
+void conf_parser_set_in (FILE * _in_str , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yyin = in_str ;
+ yyin = _in_str ;
}
-void conf_parser_set_out (FILE * out_str , yyscan_t yyscanner)
+void conf_parser_set_out (FILE * _out_str , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yyout = out_str ;
+ yyout = _out_str ;
}
int conf_parser_get_debug (yyscan_t yyscanner)
@@ -2468,10 +2503,10 @@ int conf_parser_get_debug (yyscan_t yyscanner)
return yy_flex_debug;
}
-void conf_parser_set_debug (int bdebug , yyscan_t yyscanner)
+void conf_parser_set_debug (int _bdebug , yyscan_t yyscanner)
{
struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
- yy_flex_debug = bdebug ;
+ yy_flex_debug = _bdebug ;
}
/* %endif */
@@ -2637,7 +2672,10 @@ int conf_parser_lex_destroy (yyscan_t yyscanner)
#ifndef yytext_ptr
static void yy_flex_strncpy (char* s1, yyconst char * s2, int n , yyscan_t yyscanner)
{
- register int i;
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+
+ int i;
for ( i = 0; i < n; ++i )
s1[i] = s2[i];
}
@@ -2646,7 +2684,7 @@ static void yy_flex_strncpy (char* s1, yyconst char * s2, int n , yyscan_t yysca
#ifdef YY_NEED_STRLEN
static int yy_flex_strlen (yyconst char * s , yyscan_t yyscanner)
{
- register int n;
+ int n;
for ( n = 0; s[n]; ++n )
;
@@ -2656,11 +2694,16 @@ static int yy_flex_strlen (yyconst char * s , yyscan_t yyscanner)
void *conf_parser_alloc (yy_size_t size , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
return (void *) malloc( size );
}
void *conf_parser_realloc (void * ptr, yy_size_t size , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
+
/* The cast to (char *) in the following accommodates both
* implementations that use char* generic pointers, and those
* that use void* generic pointers. It works with the latter
@@ -2673,6 +2716,8 @@ void *conf_parser_realloc (void * ptr, yy_size_t size , yyscan_t yyscanner)
void conf_parser_free (void * ptr , yyscan_t yyscanner)
{
+ struct yyguts_t * yyg = (struct yyguts_t*)yyscanner;
+ (void)yyg;
free( (char *) ptr ); /* see conf_parser_realloc() for (char *) cast */
}
diff --git a/src/starter/parser/parser.c b/src/starter/parser/parser.c
index 41ab515cb..7204cc61d 100644
--- a/src/starter/parser/parser.c
+++ b/src/starter/parser/parser.c
@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.0.2. */
+/* A Bison parser, made by GNU Bison 3.0.4. */
/* Bison implementation for Yacc-like parsers in C
- Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
+ Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -44,7 +44,7 @@
#define YYBISON 1
/* Bison version. */
-#define YYBISON_VERSION "3.0.2"
+#define YYBISON_VERSION "3.0.4"
/* Skeleton name. */
#define YYSKELETON_NAME "yacc.c"
@@ -182,7 +182,7 @@ extern int conf_parser_debug;
/* Value type. */
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
-typedef union YYSTYPE YYSTYPE;
+
union YYSTYPE
{
#line 71 "parser/parser.y" /* yacc.c:355 */
@@ -192,6 +192,8 @@ union YYSTYPE
#line 194 "parser/parser.c" /* yacc.c:355 */
};
+
+typedef union YYSTYPE YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define YYSTYPE_IS_DECLARED 1
#endif
@@ -204,7 +206,7 @@ int conf_parser_parse (parser_helper_t *ctx);
/* Copy the second part of user declarations. */
-#line 208 "parser/parser.c" /* yacc.c:358 */
+#line 210 "parser/parser.c" /* yacc.c:358 */
#ifdef short
# undef short
@@ -1030,19 +1032,19 @@ yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep, parser_helper_t *c
case 3: /* STRING */
#line 86 "parser/parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1034 "parser/parser.c" /* yacc.c:1257 */
+#line 1036 "parser/parser.c" /* yacc.c:1257 */
break;
case 16: /* section_name */
#line 86 "parser/parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1040 "parser/parser.c" /* yacc.c:1257 */
+#line 1042 "parser/parser.c" /* yacc.c:1257 */
break;
case 18: /* value */
#line 86 "parser/parser.y" /* yacc.c:1257 */
{ free(((*yyvaluep).s)); }
-#line 1046 "parser/parser.c" /* yacc.c:1257 */
+#line 1048 "parser/parser.c" /* yacc.c:1257 */
break;
@@ -1319,7 +1321,7 @@ yyreduce:
conf_parser_t *parser = (conf_parser_t*)ctx->context;
parser->add_section(parser, (yyvsp[-1].t), (yyvsp[0].s));
}
-#line 1323 "parser/parser.c" /* yacc.c:1646 */
+#line 1325 "parser/parser.c" /* yacc.c:1646 */
break;
case 8:
@@ -1327,7 +1329,7 @@ yyreduce:
{
(yyval.t) = CONF_PARSER_CONFIG_SETUP;
}
-#line 1331 "parser/parser.c" /* yacc.c:1646 */
+#line 1333 "parser/parser.c" /* yacc.c:1646 */
break;
case 9:
@@ -1335,7 +1337,7 @@ yyreduce:
{
(yyval.t) = CONF_PARSER_CONN;
}
-#line 1339 "parser/parser.c" /* yacc.c:1646 */
+#line 1341 "parser/parser.c" /* yacc.c:1646 */
break;
case 10:
@@ -1343,7 +1345,7 @@ yyreduce:
{
(yyval.t) = CONF_PARSER_CA;
}
-#line 1347 "parser/parser.c" /* yacc.c:1646 */
+#line 1349 "parser/parser.c" /* yacc.c:1646 */
break;
case 11:
@@ -1351,7 +1353,7 @@ yyreduce:
{
(yyval.s) = NULL;
}
-#line 1355 "parser/parser.c" /* yacc.c:1646 */
+#line 1357 "parser/parser.c" /* yacc.c:1646 */
break;
case 12:
@@ -1359,7 +1361,7 @@ yyreduce:
{
(yyval.s) = (yyvsp[0].s);
}
-#line 1363 "parser/parser.c" /* yacc.c:1646 */
+#line 1365 "parser/parser.c" /* yacc.c:1646 */
break;
case 14:
@@ -1375,7 +1377,7 @@ yyreduce:
conf_parser_t *parser = (conf_parser_t*)ctx->context;
parser->add_setting(parser, (yyvsp[-2].s), (yyvsp[0].s));
}
-#line 1379 "parser/parser.c" /* yacc.c:1646 */
+#line 1381 "parser/parser.c" /* yacc.c:1646 */
break;
case 15:
@@ -1390,7 +1392,7 @@ yyreduce:
conf_parser_t *parser = (conf_parser_t*)ctx->context;
parser->add_setting(parser, (yyvsp[-1].s), NULL);
}
-#line 1394 "parser/parser.c" /* yacc.c:1646 */
+#line 1396 "parser/parser.c" /* yacc.c:1646 */
break;
case 16:
@@ -1400,7 +1402,7 @@ yyreduce:
free((yyvsp[0].s));
YYERROR;
}
-#line 1404 "parser/parser.c" /* yacc.c:1646 */
+#line 1406 "parser/parser.c" /* yacc.c:1646 */
break;
case 18:
@@ -1415,11 +1417,11 @@ yyreduce:
free((yyvsp[-1].s));
free((yyvsp[0].s));
}
-#line 1419 "parser/parser.c" /* yacc.c:1646 */
+#line 1421 "parser/parser.c" /* yacc.c:1646 */
break;
-#line 1423 "parser/parser.c" /* yacc.c:1646 */
+#line 1425 "parser/parser.c" /* yacc.c:1646 */
default: break;
}
/* User semantic actions sometimes alter yychar, and that requires
diff --git a/src/starter/parser/parser.h b/src/starter/parser/parser.h
index ed6ed2bf5..05c965daf 100644
--- a/src/starter/parser/parser.h
+++ b/src/starter/parser/parser.h
@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.0.2. */
+/* A Bison parser, made by GNU Bison 3.0.4. */
/* Bison interface for Yacc-like parsers in C
- Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
+ Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -67,7 +67,7 @@ extern int conf_parser_debug;
/* Value type. */
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
-typedef union YYSTYPE YYSTYPE;
+
union YYSTYPE
{
#line 71 "parser/parser.y" /* yacc.c:1909 */
@@ -77,6 +77,8 @@ union YYSTYPE
#line 79 "parser/parser.h" /* yacc.c:1909 */
};
+
+typedef union YYSTYPE YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define YYSTYPE_IS_DECLARED 1
#endif
diff --git a/src/starter/tests/Makefile.in b/src/starter/tests/Makefile.in
index 58daacfb3..25e3e7488 100644
--- a/src/starter/tests/Makefile.in
+++ b/src/starter/tests/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ host_triplet = @host@
TESTS = starter_tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/starter/tests
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -197,12 +206,14 @@ am__tty_colors = { \
std=''; \
fi; \
}
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -252,6 +263,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -286,6 +298,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -397,6 +410,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -457,7 +471,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/starter/tests/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/starter/tests/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -865,6 +878,8 @@ uninstall-am:
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/stroke/Makefile.in b/src/stroke/Makefile.in
index e7bfd9d57..4673f5961 100644
--- a/src/stroke/Makefile.in
+++ b/src/stroke/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,8 +90,6 @@ build_triplet = @build@
host_triplet = @host@
ipsec_PROGRAMS = stroke$(EXEEXT)
subdir = src/stroke
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -95,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -171,12 +180,14 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -226,6 +237,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -260,6 +272,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -371,6 +384,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -427,7 +441,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/stroke/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/stroke/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -748,6 +761,8 @@ uninstall-am: uninstall-ipsecPROGRAMS
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS
+.PRECIOUS: Makefile
+
stroke_keywords.c: $(srcdir)/stroke_keywords.txt $(srcdir)/stroke_keywords.h
$(AM_V_GEN) \
diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h
index 17f8a4326..a3b911d0f 100644
--- a/src/stroke/stroke_msg.h
+++ b/src/stroke/stroke_msg.h
@@ -157,7 +157,7 @@ struct stroke_end_t {
char *cert_policy;
char *updown;
char *address;
- u_int16_t ikeport;
+ uint16_t ikeport;
char *sourceip;
char *dns;
char *subnets;
@@ -165,9 +165,9 @@ struct stroke_end_t {
int hostaccess;
int tohost;
int allow_any;
- u_int8_t protocol;
- u_int16_t from_port;
- u_int16_t to_port;
+ uint8_t protocol;
+ uint16_t from_port;
+ uint16_t to_port;
};
typedef struct stroke_msg_t stroke_msg_t;
@@ -177,7 +177,7 @@ typedef struct stroke_msg_t stroke_msg_t;
*/
struct stroke_msg_t {
/* length of this message with all strings */
- u_int16_t length;
+ uint16_t length;
/* type of the message */
enum {
@@ -263,9 +263,9 @@ struct stroke_msg_t {
int proxy_mode;
int install_policy;
int close_action;
- u_int32_t reqid;
- u_int32_t tfc;
- u_int8_t ikedscp;
+ uint32_t reqid;
+ uint32_t tfc;
+ uint8_t ikedscp;
crl_policy_t crl_policy;
int unique;
@@ -279,10 +279,10 @@ struct stroke_msg_t {
time_t ipsec_lifetime;
time_t ike_lifetime;
time_t margin;
- u_int64_t life_bytes;
- u_int64_t margin_bytes;
- u_int64_t life_packets;
- u_int64_t margin_packets;
+ uint64_t life_bytes;
+ uint64_t margin_bytes;
+ uint64_t life_packets;
+ uint64_t margin_packets;
unsigned long tries;
unsigned long fuzz;
} rekey;
@@ -297,11 +297,11 @@ struct stroke_msg_t {
char *peerid;
} ikeme;
struct {
- u_int32_t value;
- u_int32_t mask;
+ uint32_t value;
+ uint32_t mask;
} mark_in, mark_out;
stroke_end_t me, other;
- u_int32_t replay_window;
+ uint32_t replay_window;
} add_conn;
/* data for STR_ADD_CA */
@@ -369,7 +369,7 @@ struct stroke_msg_t {
} counters;
};
/* length of the string buffer */
- u_int16_t buflen;
+ uint16_t buflen;
/* string buffer */
char buffer[];
};
diff --git a/src/swanctl/Makefile.am b/src/swanctl/Makefile.am
index fb027149a..37a0224c3 100644
--- a/src/swanctl/Makefile.am
+++ b/src/swanctl/Makefile.am
@@ -27,7 +27,7 @@ swanctl_SOURCES = \
swanctl_LDADD = \
$(top_builddir)/src/libcharon/plugins/vici/libvici.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB) $(DLLIB)
+ $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
swanctl.o : $(top_builddir)/config.status
diff --git a/src/swanctl/Makefile.in b/src/swanctl/Makefile.in
index 94921af6d..ebe1aba0d 100644
--- a/src/swanctl/Makefile.in
+++ b/src/swanctl/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -80,9 +90,6 @@ build_triplet = @build@
host_triplet = @host@
sbin_PROGRAMS = swanctl$(EXEEXT)
subdir = src/swanctl
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(srcdir)/swanctl.8.in $(srcdir)/swanctl.conf.5.head.in \
- $(srcdir)/swanctl.conf.5.tail.in $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -96,6 +103,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = swanctl.8 swanctl.conf.5.head swanctl.conf.5.tail
@@ -122,7 +130,8 @@ am__DEPENDENCIES_1 =
swanctl_DEPENDENCIES = \
$(top_builddir)/src/libcharon/plugins/vici/libvici.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
@@ -218,12 +227,16 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/swanctl.8.in \
+ $(srcdir)/swanctl.conf.5.head.in \
+ $(srcdir)/swanctl.conf.5.tail.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AR = @AR@
+ATOMICLIB = @ATOMICLIB@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -273,6 +286,7 @@ LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -307,6 +321,7 @@ PTHREADLIB = @PTHREADLIB@
PYTHON = @PYTHON@
PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@
PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@
PYTHON_PLATFORM = @PYTHON_PLATFORM@
PYTHON_PREFIX = @PYTHON_PREFIX@
PYTHON_VERSION = @PYTHON_VERSION@
@@ -418,6 +433,7 @@ random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
routing_table_prio = @routing_table_prio@
+runstatedir = @runstatedir@
s_plugins = @s_plugins@
sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
@@ -473,7 +489,7 @@ swanctl_SOURCES = \
swanctl_LDADD = \
$(top_builddir)/src/libcharon/plugins/vici/libvici.la \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB) $(DLLIB)
+ $(PTHREADLIB) $(ATOMICLIB) $(DLLIB)
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
@@ -505,7 +521,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/swanctl/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/swanctl/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -993,6 +1008,8 @@ uninstall-man: uninstall-man5 uninstall-man8
uninstall-man uninstall-man5 uninstall-man8 \
uninstall-sbinPROGRAMS
+.PRECIOUS: Makefile
+
swanctl.o : $(top_builddir)/config.status
diff --git a/src/swanctl/commands/list_conns.c b/src/swanctl/commands/list_conns.c
index 019c88888..19e7050da 100644
--- a/src/swanctl/commands/list_conns.c
+++ b/src/swanctl/commands/list_conns.c
@@ -2,6 +2,9 @@
* Copyright (C) 2014 Martin Willi
* Copyright (C) 2014 revosec AG
*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
@@ -80,15 +83,64 @@ CALLBACK(children_sn, int,
hashtable_t *ike, vici_res_t *res, char *name)
{
hashtable_t *child;
+ char *mode, *interface, *priority;
+ char *rekey_time, *rekey_bytes, *rekey_packets;
+ bool no_time, no_bytes, no_packets, or = FALSE;
int ret;
child = hashtable_create(hashtable_hash_str, hashtable_equals_str, 1);
ret = vici_parse_cb(res, NULL, values, list, child);
if (ret == 0)
{
- printf(" %s: %s\n", name, child->get(child, "mode"));
+ mode = child->get(child, "mode");
+ printf(" %s: %s, ", name, mode);
+
+ rekey_time = child->get(child, "rekey_time");
+ rekey_bytes = child->get(child, "rekey_bytes");
+ rekey_packets = child->get(child, "rekey_packets");
+ no_time = streq(rekey_time, "0");
+ no_bytes = streq(rekey_bytes, "0");
+ no_packets = streq(rekey_packets, "0");
+
+ if (strcaseeq(mode, "PASS") || strcaseeq(mode, "DROP") ||
+ (no_time && no_bytes && no_packets))
+ {
+ printf("no rekeying\n");
+ }
+ else
+ {
+ printf("rekeying every");
+ if (!no_time)
+ {
+ printf(" %ss", rekey_time);
+ or = TRUE;
+ }
+ if (!no_bytes)
+ {
+ printf("%s %s bytes", or ? " or" : "", rekey_bytes);
+ or = TRUE;
+ }
+ if (!no_packets)
+ {
+ printf("%s %s packets", or ? " or" : "", rekey_packets);
+ }
+ printf("\n");
+ }
+
printf(" local: %s\n", child->get(child, "local-ts"));
printf(" remote: %s\n", child->get(child, "remote-ts"));
+
+ interface = child->get(child, "interface");
+ if (interface)
+ {
+ printf(" interface: %s\n", interface);
+ }
+
+ priority = child->get(child, "priority");
+ if (priority)
+ {
+ printf(" priority: %s\n", priority);
+ }
}
free_hashtable(child);
return ret;
@@ -106,18 +158,35 @@ CALLBACK(conn_sn, int,
if (strpfx(name, "local") || strpfx(name, "remote"))
{
hashtable_t *auth;
+ char *class;
auth = hashtable_create(hashtable_hash_str, hashtable_equals_str, 1);
ret = vici_parse_cb(res, NULL, values, list, auth);
if (ret == 0)
{
+ class = auth->get(auth, "class") ?: "unspecified";
+ if (strcaseeq(class, "EAP"))
+ {
+ class = auth->get(auth, "eap-type") ?: class;
+ }
printf(" %s %s authentication:\n",
- strpfx(name, "local") ? "local" : "remote",
- auth->get(auth, "class") ?: "unspecified");
+ strpfx(name, "local") ? "local" : "remote", class);
if (auth->get(auth, "id"))
{
printf(" id: %s\n", auth->get(auth, "id"));
}
+ if (auth->get(auth, "eap_id"))
+ {
+ printf(" eap_id: %s\n", auth->get(auth, "eap_id"));
+ }
+ if (auth->get(auth, "xauth_id"))
+ {
+ printf(" xauth_id: %s\n", auth->get(auth, "xauth_id"));
+ }
+ if (auth->get(auth, "aaa_id"))
+ {
+ printf(" aaa_id: %s\n", auth->get(auth, "aaa_id"));
+ }
if (auth->get(auth, "groups"))
{
printf(" groups: %s\n", auth->get(auth, "groups"));
@@ -156,8 +225,43 @@ CALLBACK(conn_list, int,
CALLBACK(conns, int,
void *null, vici_res_t *res, char *name)
{
- printf("%s: %s\n", name, vici_find_str(res, "", "%s.version", name));
+ char *version, *reauth_time, *rekey_time;
+
+ version = vici_find_str(res, "", "%s.version", name);
+ reauth_time = vici_find_str(res, "", "%s.reauth_time", name);
+ rekey_time = vici_find_str(res, "", "%s.rekey_time", name);
+ printf("%s: %s, ", name, version);
+ if (streq(version, "IKEv1"))
+ {
+ if (streq(reauth_time, "0"))
+ {
+ reauth_time = rekey_time;
+ }
+ }
+ if (streq(reauth_time, "0"))
+ {
+ printf("no reauthentication");
+ }
+ else
+ {
+ printf("reauthentication every %ss", reauth_time);
+ }
+ if (streq(version, "IKEv1"))
+ {
+ printf("\n");
+ }
+ else
+ {
+ if (streq(rekey_time, "0"))
+ {
+ printf(", no rekeying\n");
+ }
+ else
+ {
+ printf(", rekeying every %ss\n", rekey_time);
+ }
+ }
return vici_parse_cb(res, conn_sn, NULL, conn_list, NULL);
}
diff --git a/src/swanctl/commands/list_sas.c b/src/swanctl/commands/list_sas.c
index fd080227d..e5f251d17 100644
--- a/src/swanctl/commands/list_sas.c
+++ b/src/swanctl/commands/list_sas.c
@@ -196,10 +196,13 @@ CALLBACK(ike_sa, int,
{
if (streq(name, "child-sas"))
{
- printf("%s: #%s, %s, IKEv%s, %s:%s\n",
+ bool is_initiator = streq(ike->get(ike, "initiator"), "yes");
+
+ printf("%s: #%s, %s, IKEv%s, %s_i%s %s_r%s\n",
ike->get(ike, "name"), ike->get(ike, "uniqueid"),
ike->get(ike, "state"), ike->get(ike, "version"),
- ike->get(ike, "initiator-spi"), ike->get(ike, "responder-spi"));
+ ike->get(ike, "initiator-spi"), is_initiator ? "*" : "",
+ ike->get(ike, "responder-spi"), is_initiator ? "" : "*");
printf(" local '%s' @ %s[%s]",
ike->get(ike, "local-id"), ike->get(ike, "local-host"),
diff --git a/src/swanctl/commands/load_authorities.c b/src/swanctl/commands/load_authorities.c
index 88dde6aaf..352a185e8 100644
--- a/src/swanctl/commands/load_authorities.c
+++ b/src/swanctl/commands/load_authorities.c
@@ -292,7 +292,7 @@ int load_authorities_cfg(vici_conn_t *conn, command_format_options_t format,
}
if (found == 0)
{
- printf("no authorities found, %u unloaded\n", unloaded);
+ fprintf(stderr, "no authorities found, %u unloaded\n", unloaded);
return 0;
}
if (loaded == found)
diff --git a/src/swanctl/commands/load_conns.c b/src/swanctl/commands/load_conns.c
index bbc700d5c..87526bc79 100644
--- a/src/swanctl/commands/load_conns.c
+++ b/src/swanctl/commands/load_conns.c
@@ -396,7 +396,7 @@ int load_conns_cfg(vici_conn_t *conn, command_format_options_t format,
}
if (found == 0)
{
- printf("no connections found, %u unloaded\n", unloaded);
+ fprintf(stderr, "no connections found, %u unloaded\n", unloaded);
return 0;
}
if (loaded == found)
diff --git a/src/swanctl/commands/load_pools.c b/src/swanctl/commands/load_pools.c
index d7fbd1341..2b9fa2d42 100644
--- a/src/swanctl/commands/load_pools.c
+++ b/src/swanctl/commands/load_pools.c
@@ -235,7 +235,7 @@ int load_pools_cfg(vici_conn_t *conn, command_format_options_t format,
}
if (found == 0)
{
- printf("no pools found, %u unloaded\n", unloaded);
+ fprintf(stderr, "no pools found, %u unloaded\n", unloaded);
return 0;
}
if (loaded == found)
diff --git a/src/swanctl/swanctl.conf b/src/swanctl/swanctl.conf
index 428be91e7..6bc81becf 100644
--- a/src/swanctl/swanctl.conf
+++ b/src/swanctl/swanctl.conf
@@ -213,6 +213,12 @@
# Fixed reqid to use for this CHILD_SA.
# reqid = 0
+ # Optional fixed priority for IPsec policies.
+ # priority = 0
+
+ # Optional interface name to restrict IPsec policies.
+ # interface =
+
# Netfilter mark and mask for input traffic.
# mark_in = 0/0x00000000
diff --git a/src/swanctl/swanctl.conf.5.main b/src/swanctl/swanctl.conf.5.main
index a5b2a731f..013e35fb7 100644
--- a/src/swanctl/swanctl.conf.5.main
+++ b/src/swanctl/swanctl.conf.5.main
@@ -519,7 +519,7 @@ an absolute path.
Comma separated list of raw public keys to accept for authentication. The public
keys may use a relative path from the
.RB "" "swanctl" ""
-.RI "" "x509" ""
+.RI "" "pubkey" ""
directory or an
absolute path.
@@ -856,6 +856,18 @@ once. The default of
uses dynamic reqids, allocated incrementally.
.TP
+.BR connections.<conn>.children.<child>.priority " [0]"
+Optional fixed priority for IPsec policies. This could be useful to install
+high\-priority drop policies. The default of
+.RI "" "0" ""
+uses dynamically calculated
+priorities based on the size of the traffic selectors.
+
+.TP
+.BR connections.<conn>.children.<child>.interface " []"
+Optional interface name to restrict IPsec policies.
+
+.TP
.BR connections.<conn>.children.<child>.mark_in " [0/0x00000000]"
Netfilter mark and mask for input traffic. On Linux Netfilter may require marks
on each packet to match an SA having that option set. This allows Netfilter
diff --git a/src/swanctl/swanctl.opt b/src/swanctl/swanctl.opt
index 145fab28d..fe5b293fb 100644
--- a/src/swanctl/swanctl.opt
+++ b/src/swanctl/swanctl.opt
@@ -416,7 +416,7 @@ connections.<conn>.remote<suffix>.pubkeys =
Comma separated list of raw public keys to accept for authentication.
Comma separated list of raw public keys to accept for authentication.
- The public keys may use a relative path from the **swanctl** _x509_
+ The public keys may use a relative path from the **swanctl** _pubkey_
directory or an absolute path.
connections.<conn>.remote<suffix>.revocation = relaxed
@@ -684,6 +684,16 @@ connections.<conn>.children.<child>.reqid = 0
not more than once. The default of _0_ uses dynamic reqids, allocated
incrementally.
+connections.<conn>.children.<child>.priority = 0
+ Optional fixed priority for IPsec policies.
+
+ Optional fixed priority for IPsec policies. This could be useful to install
+ high-priority drop policies. The default of _0_ uses dynamically calculated
+ priorities based on the size of the traffic selectors.
+
+connections.<conn>.children.<child>.interface =
+ Optional interface name to restrict IPsec policies.
+
connections.<conn>.children.<child>.mark_in = 0/0x00000000
Netfilter mark and mask for input traffic.