diff options
Diffstat (limited to 'src/pluto')
106 files changed, 441 insertions, 948 deletions
diff --git a/src/pluto/Makefile.am b/src/pluto/Makefile.am index 9aeac029d..4519ef7bb 100644 --- a/src/pluto/Makefile.am +++ b/src/pluto/Makefile.am @@ -42,7 +42,6 @@ modecfg.c modecfg.h \ mp_defs.c mp_defs.h \ nat_traversal.c nat_traversal.h \ ocsp.c ocsp.h \ -oid.c oid.h \ packet.c packet.h \ pem.c pem.h \ pgp.c pgp.h \ @@ -68,8 +67,14 @@ rsaref/pkcs11t.h rsaref/pkcs11.h rsaref/unix.h rsaref/pkcs11f.h _pluto_adns_SOURCES = adns.c adns.h +LIBSTRONGSWANDIR=$(top_srcdir)/src/libstrongswan +LIBFREESWANDIR=$(top_srcdir)/src/libfreeswan +LIBCRYPTODIR=$(top_srcdir)/src/libcrypto + + INCLUDES = \ -I${linuxdir} \ +-I$(LIBSTRONGSWANDIR)\ -I$(top_srcdir)/src/libfreeswan \ -I$(top_srcdir)/src/libcrypto \ -I$(top_srcdir)/src/whack @@ -83,30 +88,30 @@ AM_CFLAGS = \ -DPLUTO -DKLIPS -DDEBUG -DTHREADS pluto_LDADD = \ -$(top_srcdir)/src/libfreeswan/libfreeswan.a \ -$(top_srcdir)/src/libcrypto/libcrypto.a \ +oid.o \ +$(LIBFREESWANDIR)/libfreeswan.a \ +$(LIBCRYPTODIR)/libcrypto.a \ -lgmp -lresolv -lpthread -ldl _pluto_adns_LDADD = \ -$(top_srcdir)/src/libfreeswan/libfreeswan.a \ +$(LIBFREESWANDIR)/libfreeswan.a \ -lresolv -ldl dist_man_MANS = pluto.8 ipsec.secrets.5 -EXTRA_DIST = oid.pl oid.txt -BUILT_SOURCES = oid.c oid.h -MAINTAINERCLEANFILES = oid.c oid.h - -oid.c: oid.txt oid.pl - $(PERL) oid.pl -oid.h: oid.txt oid.pl - $(PERL) oid.pl +oid.o : $(LIBSTRONGSWANDIR)/asn1/oid.c $(LIBSTRONGSWANDIR)/asn1/oid.h + $(COMPILE) -c -o $@ $< # This compile option activates the sending of a strongSwan VID if USE_VENDORID AM_CFLAGS += -DVENDORID endif +# This compile option activates the sending of the XAUTH VID +if USE_XAUTH_VID + AM_CFLAGS += -DXAUTH_VID +endif + # This compile option activates the support of the Cisco VPN client if USE_CISCO_QUIRKS AM_CFLAGS += -DCISCO_QUIRKS diff --git a/src/pluto/Makefile.in b/src/pluto/Makefile.in index 4cefa58ca..8f7a7f31b 100644 --- a/src/pluto/Makefile.in +++ b/src/pluto/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.9.6 from Makefile.am. +# Makefile.in generated by automake 1.10 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -18,15 +18,11 @@ # painless way. Only the most important options are included, # further work may be necessary here... -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ -top_builddir = ../.. am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -INSTALL = @INSTALL@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c @@ -45,17 +41,20 @@ ipsec_PROGRAMS = pluto$(EXEEXT) _pluto_adns$(EXEEXT) # This compile option activates the sending of a strongSwan VID @USE_VENDORID_TRUE@am__append_1 = -DVENDORID +# This compile option activates the sending of the XAUTH VID +@USE_XAUTH_VID_TRUE@am__append_2 = -DXAUTH_VID + # This compile option activates the support of the Cisco VPN client -@USE_CISCO_QUIRKS_TRUE@am__append_2 = -DCISCO_QUIRKS +@USE_CISCO_QUIRKS_TRUE@am__append_3 = -DCISCO_QUIRKS # This compile option activates NAT traversal with IPSec transport mode -@USE_NAT_TRANSPORT_TRUE@am__append_3 = -DI_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT +@USE_NAT_TRANSPORT_TRUE@am__append_4 = -DI_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT # This compile option activates dynamic URL fetching using libcurl -@USE_LIBCURL_TRUE@am__append_4 = -lcurl +@USE_LIBCURL_TRUE@am__append_5 = -lcurl # This compile option activates dynamic LDAP CRL fetching -@USE_LIBLDAP_TRUE@am__append_5 = -lldap -llber +@USE_LIBLDAP_TRUE@am__append_6 = -lldap -llber subdir = src/pluto DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in TODO @@ -71,8 +70,7 @@ ipsecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(ipsec_PROGRAMS) am__pluto_adns_OBJECTS = adns.$(OBJEXT) _pluto_adns_OBJECTS = $(am__pluto_adns_OBJECTS) -_pluto_adns_DEPENDENCIES = \ - $(top_srcdir)/src/libfreeswan/libfreeswan.a +_pluto_adns_DEPENDENCIES = $(LIBFREESWANDIR)/libfreeswan.a am_pluto_OBJECTS = ac.$(OBJEXT) alg_info.$(OBJEXT) asn1.$(OBJEXT) \ ca.$(OBJEXT) certs.$(OBJEXT) connections.$(OBJEXT) \ constants.$(OBJEXT) cookie.$(OBJEXT) crl.$(OBJEXT) \ @@ -85,32 +83,33 @@ am_pluto_OBJECTS = ac.$(OBJEXT) alg_info.$(OBJEXT) asn1.$(OBJEXT) \ kernel_pfkey.$(OBJEXT) keys.$(OBJEXT) lex.$(OBJEXT) \ log.$(OBJEXT) md2.$(OBJEXT) md5.$(OBJEXT) modecfg.$(OBJEXT) \ mp_defs.$(OBJEXT) nat_traversal.$(OBJEXT) ocsp.$(OBJEXT) \ - oid.$(OBJEXT) packet.$(OBJEXT) pem.$(OBJEXT) pgp.$(OBJEXT) \ - pkcs1.$(OBJEXT) pkcs7.$(OBJEXT) plutomain.$(OBJEXT) \ - primegen.$(OBJEXT) smallprime.$(OBJEXT) rcv_whack.$(OBJEXT) \ - rnd.$(OBJEXT) server.$(OBJEXT) sha1.$(OBJEXT) \ - smartcard.$(OBJEXT) spdb.$(OBJEXT) state.$(OBJEXT) \ - timer.$(OBJEXT) vendor.$(OBJEXT) virtual.$(OBJEXT) \ - xauth.$(OBJEXT) x509.$(OBJEXT) ike_alg_aes.$(OBJEXT) \ + packet.$(OBJEXT) pem.$(OBJEXT) pgp.$(OBJEXT) pkcs1.$(OBJEXT) \ + pkcs7.$(OBJEXT) plutomain.$(OBJEXT) primegen.$(OBJEXT) \ + smallprime.$(OBJEXT) rcv_whack.$(OBJEXT) rnd.$(OBJEXT) \ + server.$(OBJEXT) sha1.$(OBJEXT) smartcard.$(OBJEXT) \ + spdb.$(OBJEXT) state.$(OBJEXT) timer.$(OBJEXT) \ + vendor.$(OBJEXT) virtual.$(OBJEXT) xauth.$(OBJEXT) \ + x509.$(OBJEXT) ike_alg_aes.$(OBJEXT) \ ike_alg_blowfish.$(OBJEXT) ike_alg_twofish.$(OBJEXT) \ ike_alg_serpent.$(OBJEXT) ike_alg_sha2.$(OBJEXT) \ ike_alginit.$(OBJEXT) pluto_OBJECTS = $(am_pluto_OBJECTS) am__DEPENDENCIES_1 = -pluto_DEPENDENCIES = $(top_srcdir)/src/libfreeswan/libfreeswan.a \ - $(top_srcdir)/src/libcrypto/libcrypto.a $(am__DEPENDENCIES_1) \ +pluto_DEPENDENCIES = oid.o $(LIBFREESWANDIR)/libfreeswan.a \ + $(LIBCRYPTODIR)/libcrypto.a $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(srcdir) +DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ SOURCES = $(_pluto_adns_SOURCES) $(pluto_SOURCES) DIST_SOURCES = $(_pluto_adns_SOURCES) $(pluto_SOURCES) man5dir = $(mandir)/man5 @@ -121,16 +120,12 @@ ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ -AMDEP_FALSE = @AMDEP_FALSE@ -AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ -BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@ -BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ @@ -153,10 +148,13 @@ F77 = @F77@ FFLAGS = @FFLAGS@ GPERF = @GPERF@ GREP = @GREP@ +INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -168,6 +166,7 @@ LINUX_HEADERS = @LINUX_HEADERS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -183,34 +182,16 @@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ -USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@ -USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@ -USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@ -USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@ -USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@ -USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@ -USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@ -USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@ -USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@ -USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@ -USE_LIBXML_FALSE = @USE_LIBXML_FALSE@ -USE_LIBXML_TRUE = @USE_LIBXML_TRUE@ -USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@ -USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@ -USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@ -USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@ -USE_VENDORID_FALSE = @USE_VENDORID_FALSE@ -USE_VENDORID_TRUE = @USE_VENDORID_TRUE@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_F77 = @ac_ct_F77@ -am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ -am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ -am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -223,6 +204,7 @@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ +builddir = @builddir@ confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ @@ -260,8 +242,11 @@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ pluto_SOURCES = \ @@ -302,7 +287,6 @@ modecfg.c modecfg.h \ mp_defs.c mp_defs.h \ nat_traversal.c nat_traversal.h \ ocsp.c ocsp.h \ -oid.c oid.h \ packet.c packet.h \ pem.c pem.h \ pgp.c pgp.h \ @@ -327,8 +311,12 @@ alg/ike_alg_serpent.c alg/ike_alg_sha2.c alg/ike_alginit.c \ rsaref/pkcs11t.h rsaref/pkcs11.h rsaref/unix.h rsaref/pkcs11f.h _pluto_adns_SOURCES = adns.c adns.h +LIBSTRONGSWANDIR = $(top_srcdir)/src/libstrongswan +LIBFREESWANDIR = $(top_srcdir)/src/libfreeswan +LIBCRYPTODIR = $(top_srcdir)/src/libcrypto INCLUDES = \ -I${linuxdir} \ +-I$(LIBSTRONGSWANDIR)\ -I$(top_srcdir)/src/libfreeswan \ -I$(top_srcdir)/src/libcrypto \ -I$(top_srcdir)/src/whack @@ -338,20 +326,16 @@ AM_CFLAGS = -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_CONFDIR=\"${confdir}\" \ -DSHARED_SECRETS_FILE=\"${confdir}/ipsec.secrets\" \ -DKERNEL26_SUPPORT -DKERNEL26_HAS_KAME_DUPLICATES -DPLUTO \ -DKLIPS -DDEBUG -DTHREADS $(am__append_1) $(am__append_2) \ - $(am__append_3) -pluto_LDADD = $(top_srcdir)/src/libfreeswan/libfreeswan.a \ - $(top_srcdir)/src/libcrypto/libcrypto.a -lgmp -lresolv \ - -lpthread -ldl $(am__append_4) $(am__append_5) + $(am__append_3) $(am__append_4) +pluto_LDADD = oid.o $(LIBFREESWANDIR)/libfreeswan.a \ + $(LIBCRYPTODIR)/libcrypto.a -lgmp -lresolv -lpthread -ldl \ + $(am__append_5) $(am__append_6) _pluto_adns_LDADD = \ -$(top_srcdir)/src/libfreeswan/libfreeswan.a \ +$(LIBFREESWANDIR)/libfreeswan.a \ -lresolv -ldl dist_man_MANS = pluto.8 ipsec.secrets.5 -EXTRA_DIST = oid.pl oid.txt -BUILT_SOURCES = oid.c oid.h -MAINTAINERCLEANFILES = oid.c oid.h -all: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) all-am +all: all-am .SUFFIXES: .SUFFIXES: .c .lo .o .obj @@ -386,7 +370,7 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-ipsecPROGRAMS: $(ipsec_PROGRAMS) @$(NORMAL_INSTALL) - test -z "$(ipsecdir)" || $(mkdir_p) "$(DESTDIR)$(ipsecdir)" + test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" @list='$(ipsec_PROGRAMS)'; for p in $$list; do \ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ if test -f $$p \ @@ -414,10 +398,10 @@ clean-ipsecPROGRAMS: done _pluto_adns$(EXEEXT): $(_pluto_adns_OBJECTS) $(_pluto_adns_DEPENDENCIES) @rm -f _pluto_adns$(EXEEXT) - $(LINK) $(_pluto_adns_LDFLAGS) $(_pluto_adns_OBJECTS) $(_pluto_adns_LDADD) $(LIBS) + $(LINK) $(_pluto_adns_OBJECTS) $(_pluto_adns_LDADD) $(LIBS) pluto$(EXEEXT): $(pluto_OBJECTS) $(pluto_DEPENDENCIES) @rm -f pluto$(EXEEXT) - $(LINK) $(pluto_LDFLAGS) $(pluto_OBJECTS) $(pluto_LDADD) $(LIBS) + $(LINK) $(pluto_OBJECTS) $(pluto_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -468,7 +452,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mp_defs.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nat_traversal.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oid.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pgp.Po@am__quote@ @@ -491,106 +474,106 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xauth.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< ike_alg_aes.o: alg/ike_alg_aes.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_aes.o -MD -MP -MF "$(DEPDIR)/ike_alg_aes.Tpo" -c -o ike_alg_aes.o `test -f 'alg/ike_alg_aes.c' || echo '$(srcdir)/'`alg/ike_alg_aes.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_aes.Tpo" "$(DEPDIR)/ike_alg_aes.Po"; else rm -f "$(DEPDIR)/ike_alg_aes.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_aes.o -MD -MP -MF $(DEPDIR)/ike_alg_aes.Tpo -c -o ike_alg_aes.o `test -f 'alg/ike_alg_aes.c' || echo '$(srcdir)/'`alg/ike_alg_aes.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_aes.Tpo $(DEPDIR)/ike_alg_aes.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_aes.c' object='ike_alg_aes.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_aes.o `test -f 'alg/ike_alg_aes.c' || echo '$(srcdir)/'`alg/ike_alg_aes.c ike_alg_aes.obj: alg/ike_alg_aes.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_aes.obj -MD -MP -MF "$(DEPDIR)/ike_alg_aes.Tpo" -c -o ike_alg_aes.obj `if test -f 'alg/ike_alg_aes.c'; then $(CYGPATH_W) 'alg/ike_alg_aes.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_aes.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_aes.Tpo" "$(DEPDIR)/ike_alg_aes.Po"; else rm -f "$(DEPDIR)/ike_alg_aes.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_aes.obj -MD -MP -MF $(DEPDIR)/ike_alg_aes.Tpo -c -o ike_alg_aes.obj `if test -f 'alg/ike_alg_aes.c'; then $(CYGPATH_W) 'alg/ike_alg_aes.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_aes.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_aes.Tpo $(DEPDIR)/ike_alg_aes.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_aes.c' object='ike_alg_aes.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_aes.obj `if test -f 'alg/ike_alg_aes.c'; then $(CYGPATH_W) 'alg/ike_alg_aes.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_aes.c'; fi` ike_alg_blowfish.o: alg/ike_alg_blowfish.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_blowfish.o -MD -MP -MF "$(DEPDIR)/ike_alg_blowfish.Tpo" -c -o ike_alg_blowfish.o `test -f 'alg/ike_alg_blowfish.c' || echo '$(srcdir)/'`alg/ike_alg_blowfish.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_blowfish.Tpo" "$(DEPDIR)/ike_alg_blowfish.Po"; else rm -f "$(DEPDIR)/ike_alg_blowfish.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_blowfish.o -MD -MP -MF $(DEPDIR)/ike_alg_blowfish.Tpo -c -o ike_alg_blowfish.o `test -f 'alg/ike_alg_blowfish.c' || echo '$(srcdir)/'`alg/ike_alg_blowfish.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_blowfish.Tpo $(DEPDIR)/ike_alg_blowfish.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_blowfish.c' object='ike_alg_blowfish.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_blowfish.o `test -f 'alg/ike_alg_blowfish.c' || echo '$(srcdir)/'`alg/ike_alg_blowfish.c ike_alg_blowfish.obj: alg/ike_alg_blowfish.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_blowfish.obj -MD -MP -MF "$(DEPDIR)/ike_alg_blowfish.Tpo" -c -o ike_alg_blowfish.obj `if test -f 'alg/ike_alg_blowfish.c'; then $(CYGPATH_W) 'alg/ike_alg_blowfish.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_blowfish.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_blowfish.Tpo" "$(DEPDIR)/ike_alg_blowfish.Po"; else rm -f "$(DEPDIR)/ike_alg_blowfish.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_blowfish.obj -MD -MP -MF $(DEPDIR)/ike_alg_blowfish.Tpo -c -o ike_alg_blowfish.obj `if test -f 'alg/ike_alg_blowfish.c'; then $(CYGPATH_W) 'alg/ike_alg_blowfish.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_blowfish.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_blowfish.Tpo $(DEPDIR)/ike_alg_blowfish.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_blowfish.c' object='ike_alg_blowfish.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_blowfish.obj `if test -f 'alg/ike_alg_blowfish.c'; then $(CYGPATH_W) 'alg/ike_alg_blowfish.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_blowfish.c'; fi` ike_alg_twofish.o: alg/ike_alg_twofish.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_twofish.o -MD -MP -MF "$(DEPDIR)/ike_alg_twofish.Tpo" -c -o ike_alg_twofish.o `test -f 'alg/ike_alg_twofish.c' || echo '$(srcdir)/'`alg/ike_alg_twofish.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_twofish.Tpo" "$(DEPDIR)/ike_alg_twofish.Po"; else rm -f "$(DEPDIR)/ike_alg_twofish.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_twofish.o -MD -MP -MF $(DEPDIR)/ike_alg_twofish.Tpo -c -o ike_alg_twofish.o `test -f 'alg/ike_alg_twofish.c' || echo '$(srcdir)/'`alg/ike_alg_twofish.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_twofish.Tpo $(DEPDIR)/ike_alg_twofish.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_twofish.c' object='ike_alg_twofish.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_twofish.o `test -f 'alg/ike_alg_twofish.c' || echo '$(srcdir)/'`alg/ike_alg_twofish.c ike_alg_twofish.obj: alg/ike_alg_twofish.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_twofish.obj -MD -MP -MF "$(DEPDIR)/ike_alg_twofish.Tpo" -c -o ike_alg_twofish.obj `if test -f 'alg/ike_alg_twofish.c'; then $(CYGPATH_W) 'alg/ike_alg_twofish.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_twofish.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_twofish.Tpo" "$(DEPDIR)/ike_alg_twofish.Po"; else rm -f "$(DEPDIR)/ike_alg_twofish.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_twofish.obj -MD -MP -MF $(DEPDIR)/ike_alg_twofish.Tpo -c -o ike_alg_twofish.obj `if test -f 'alg/ike_alg_twofish.c'; then $(CYGPATH_W) 'alg/ike_alg_twofish.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_twofish.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_twofish.Tpo $(DEPDIR)/ike_alg_twofish.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_twofish.c' object='ike_alg_twofish.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_twofish.obj `if test -f 'alg/ike_alg_twofish.c'; then $(CYGPATH_W) 'alg/ike_alg_twofish.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_twofish.c'; fi` ike_alg_serpent.o: alg/ike_alg_serpent.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_serpent.o -MD -MP -MF "$(DEPDIR)/ike_alg_serpent.Tpo" -c -o ike_alg_serpent.o `test -f 'alg/ike_alg_serpent.c' || echo '$(srcdir)/'`alg/ike_alg_serpent.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_serpent.Tpo" "$(DEPDIR)/ike_alg_serpent.Po"; else rm -f "$(DEPDIR)/ike_alg_serpent.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_serpent.o -MD -MP -MF $(DEPDIR)/ike_alg_serpent.Tpo -c -o ike_alg_serpent.o `test -f 'alg/ike_alg_serpent.c' || echo '$(srcdir)/'`alg/ike_alg_serpent.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_serpent.Tpo $(DEPDIR)/ike_alg_serpent.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_serpent.c' object='ike_alg_serpent.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_serpent.o `test -f 'alg/ike_alg_serpent.c' || echo '$(srcdir)/'`alg/ike_alg_serpent.c ike_alg_serpent.obj: alg/ike_alg_serpent.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_serpent.obj -MD -MP -MF "$(DEPDIR)/ike_alg_serpent.Tpo" -c -o ike_alg_serpent.obj `if test -f 'alg/ike_alg_serpent.c'; then $(CYGPATH_W) 'alg/ike_alg_serpent.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_serpent.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_serpent.Tpo" "$(DEPDIR)/ike_alg_serpent.Po"; else rm -f "$(DEPDIR)/ike_alg_serpent.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_serpent.obj -MD -MP -MF $(DEPDIR)/ike_alg_serpent.Tpo -c -o ike_alg_serpent.obj `if test -f 'alg/ike_alg_serpent.c'; then $(CYGPATH_W) 'alg/ike_alg_serpent.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_serpent.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_serpent.Tpo $(DEPDIR)/ike_alg_serpent.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_serpent.c' object='ike_alg_serpent.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_serpent.obj `if test -f 'alg/ike_alg_serpent.c'; then $(CYGPATH_W) 'alg/ike_alg_serpent.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_serpent.c'; fi` ike_alg_sha2.o: alg/ike_alg_sha2.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_sha2.o -MD -MP -MF "$(DEPDIR)/ike_alg_sha2.Tpo" -c -o ike_alg_sha2.o `test -f 'alg/ike_alg_sha2.c' || echo '$(srcdir)/'`alg/ike_alg_sha2.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_sha2.Tpo" "$(DEPDIR)/ike_alg_sha2.Po"; else rm -f "$(DEPDIR)/ike_alg_sha2.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_sha2.o -MD -MP -MF $(DEPDIR)/ike_alg_sha2.Tpo -c -o ike_alg_sha2.o `test -f 'alg/ike_alg_sha2.c' || echo '$(srcdir)/'`alg/ike_alg_sha2.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_sha2.Tpo $(DEPDIR)/ike_alg_sha2.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_sha2.c' object='ike_alg_sha2.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_sha2.o `test -f 'alg/ike_alg_sha2.c' || echo '$(srcdir)/'`alg/ike_alg_sha2.c ike_alg_sha2.obj: alg/ike_alg_sha2.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_sha2.obj -MD -MP -MF "$(DEPDIR)/ike_alg_sha2.Tpo" -c -o ike_alg_sha2.obj `if test -f 'alg/ike_alg_sha2.c'; then $(CYGPATH_W) 'alg/ike_alg_sha2.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_sha2.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alg_sha2.Tpo" "$(DEPDIR)/ike_alg_sha2.Po"; else rm -f "$(DEPDIR)/ike_alg_sha2.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alg_sha2.obj -MD -MP -MF $(DEPDIR)/ike_alg_sha2.Tpo -c -o ike_alg_sha2.obj `if test -f 'alg/ike_alg_sha2.c'; then $(CYGPATH_W) 'alg/ike_alg_sha2.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_sha2.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alg_sha2.Tpo $(DEPDIR)/ike_alg_sha2.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alg_sha2.c' object='ike_alg_sha2.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alg_sha2.obj `if test -f 'alg/ike_alg_sha2.c'; then $(CYGPATH_W) 'alg/ike_alg_sha2.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alg_sha2.c'; fi` ike_alginit.o: alg/ike_alginit.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alginit.o -MD -MP -MF "$(DEPDIR)/ike_alginit.Tpo" -c -o ike_alginit.o `test -f 'alg/ike_alginit.c' || echo '$(srcdir)/'`alg/ike_alginit.c; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alginit.Tpo" "$(DEPDIR)/ike_alginit.Po"; else rm -f "$(DEPDIR)/ike_alginit.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alginit.o -MD -MP -MF $(DEPDIR)/ike_alginit.Tpo -c -o ike_alginit.o `test -f 'alg/ike_alginit.c' || echo '$(srcdir)/'`alg/ike_alginit.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alginit.Tpo $(DEPDIR)/ike_alginit.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alginit.c' object='ike_alginit.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alginit.o `test -f 'alg/ike_alginit.c' || echo '$(srcdir)/'`alg/ike_alginit.c ike_alginit.obj: alg/ike_alginit.c -@am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alginit.obj -MD -MP -MF "$(DEPDIR)/ike_alginit.Tpo" -c -o ike_alginit.obj `if test -f 'alg/ike_alginit.c'; then $(CYGPATH_W) 'alg/ike_alginit.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alginit.c'; fi`; \ -@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ike_alginit.Tpo" "$(DEPDIR)/ike_alginit.Po"; else rm -f "$(DEPDIR)/ike_alginit.Tpo"; exit 1; fi +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ike_alginit.obj -MD -MP -MF $(DEPDIR)/ike_alginit.Tpo -c -o ike_alginit.obj `if test -f 'alg/ike_alginit.c'; then $(CYGPATH_W) 'alg/ike_alginit.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alginit.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/ike_alginit.Tpo $(DEPDIR)/ike_alginit.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='alg/ike_alginit.c' object='ike_alginit.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ike_alginit.obj `if test -f 'alg/ike_alginit.c'; then $(CYGPATH_W) 'alg/ike_alginit.c'; else $(CYGPATH_W) '$(srcdir)/alg/ike_alginit.c'; fi` @@ -600,13 +583,9 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool -uninstall-info-am: install-man5: $(man5_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man5dir)" || $(mkdir_p) "$(DESTDIR)$(man5dir)" + test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -651,7 +630,7 @@ uninstall-man5: done install-man8: $(man8_MANS) $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)" + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -744,22 +723,21 @@ distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ - list='$(DISTFILES)'; for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ - esac; \ + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test "$$dir" != "$$file" && test "$$dir" != "."; then \ - dir="/$$dir"; \ - $(mkdir_p) "$(distdir)$$dir"; \ - else \ - dir=''; \ - fi; \ if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ fi; \ @@ -771,15 +749,13 @@ distdir: $(DISTFILES) fi; \ done check-am: all-am -check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-am +check: check-am all-am: Makefile $(PROGRAMS) $(MANS) installdirs: for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(mkdir_p) "$$dir"; \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done -install: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) install-am +install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am @@ -803,8 +779,6 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) - -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am clean-am: clean-generic clean-ipsecPROGRAMS clean-libtool \ @@ -814,7 +788,7 @@ distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-libtool distclean-tags + distclean-tags dvi: dvi-am @@ -828,12 +802,20 @@ info-am: install-data-am: install-ipsecPROGRAMS install-man +install-dvi: install-dvi-am + install-exec-am: install-exec-local +install-html: install-html-am + install-info: install-info-am install-man: install-man5 install-man8 +install-pdf: install-pdf-am + +install-ps: install-ps-am + installcheck-am: maintainer-clean: maintainer-clean-am @@ -854,30 +836,31 @@ ps: ps-am ps-am: -uninstall-am: uninstall-info-am uninstall-ipsecPROGRAMS uninstall-man +uninstall-am: uninstall-ipsecPROGRAMS uninstall-man uninstall-man: uninstall-man5 uninstall-man8 +.MAKE: install-am install-strip + .PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ clean-ipsecPROGRAMS clean-libtool ctags distclean \ distclean-compile distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-exec \ - install-exec-am install-exec-local install-info \ - install-info-am install-ipsecPROGRAMS install-man install-man5 \ - install-man8 install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-info-am uninstall-ipsecPROGRAMS \ - uninstall-man uninstall-man5 uninstall-man8 - - -oid.c: oid.txt oid.pl - $(PERL) oid.pl - -oid.h: oid.txt oid.pl - $(PERL) oid.pl + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-local \ + install-html install-html-am install-info install-info-am \ + install-ipsecPROGRAMS install-man install-man5 install-man8 \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-ipsecPROGRAMS uninstall-man uninstall-man5 \ + uninstall-man8 + + +oid.o : $(LIBSTRONGSWANDIR)/asn1/oid.c $(LIBSTRONGSWANDIR)/asn1/oid.h + $(COMPILE) -c -o $@ $< install-exec-local : mkdir -p -m 755 $(DESTDIR)$(confdir)/ipsec.d diff --git a/src/pluto/TODO b/src/pluto/TODO index 7db4a9ebc..1c22b2f5c 100644 --- a/src/pluto/TODO +++ b/src/pluto/TODO @@ -1,6 +1,6 @@ Pluto TODO list =============== -RCSID $Id: TODO,v 1.1 2004/03/15 20:35:28 as Exp $ +RCSID $Id: TODO 3269 2007-10-08 20:03:02Z andreas $ - should all log entries that are for errors say ERROR? diff --git a/src/pluto/ac.c b/src/pluto/ac.c index bcf5f80d1..43ebf91d9 100644 --- a/src/pluto/ac.c +++ b/src/pluto/ac.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ac.c,v 1.12 2005/12/06 22:49:32 as Exp $ + * RCSID $Id: ac.c 3253 2007-10-06 21:39:00Z andreas $ */ #include <stdlib.h> @@ -28,7 +28,7 @@ #include "constants.h" #include "defs.h" #include "asn1.h" -#include "oid.h" +#include <asn1/oid.h> #include "ac.h" #include "x509.h" #include "crl.h" @@ -460,9 +460,9 @@ parse_ac(chunk_t blob, x509acert_t *ac) bool critical; chunk_t object; u_int level; - u_int type = OID_UNKNOWN; - u_int extn_oid = OID_UNKNOWN; int objectID = 0; + int type = OID_UNKNOWN; + int extn_oid = OID_UNKNOWN; asn1_init(&ctx, blob, 0, FALSE, DBG_RAW); diff --git a/src/pluto/ac.h b/src/pluto/ac.h index 3913d745d..d60ad25af 100644 --- a/src/pluto/ac.h +++ b/src/pluto/ac.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ac.h,v 1.8 2005/02/17 20:56:04 as Exp $ + * RCSID $Id: ac.h 3253 2007-10-06 21:39:00Z andreas $ */ #ifndef _AC_H diff --git a/src/pluto/adns.c b/src/pluto/adns.c index c5977d23c..a721d8837 100644 --- a/src/pluto/adns.c +++ b/src/pluto/adns.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: adns.c,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: adns.c 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef USE_LWRES /* whole file! */ diff --git a/src/pluto/adns.h b/src/pluto/adns.h index 00fc4ad07..f2d0b28bd 100644 --- a/src/pluto/adns.h +++ b/src/pluto/adns.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: adns.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: adns.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef USE_LWRES /* whole file! */ diff --git a/src/pluto/alg_info.c b/src/pluto/alg_info.c index ac5d1672f..145e492d4 100644 --- a/src/pluto/alg_info.c +++ b/src/pluto/alg_info.c @@ -2,8 +2,6 @@ * Algorithm info parsing and creation functions * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> * - * $Id: alg_info.c,v 1.5 2004/09/29 22:42:49 as Exp $ - * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -13,7 +11,10 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. + * + * RCSID $Id: alg_info.c 3253 2007-10-06 21:39:00Z andreas $ */ + #include <stddef.h> #include <stdlib.h> #include <unistd.h> diff --git a/src/pluto/alg_info.h b/src/pluto/alg_info.h index cd2011dcc..cacc2a354 100644 --- a/src/pluto/alg_info.h +++ b/src/pluto/alg_info.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: alg_info.h,v 1.4 2004/09/29 22:39:44 as Exp $ + * RCSID $Id: alg_info.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef ALG_INFO_H diff --git a/src/pluto/asn1.c b/src/pluto/asn1.c index 0663bc490..0e50b8211 100644 --- a/src/pluto/asn1.c +++ b/src/pluto/asn1.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: asn1.c,v 1.16 2006/01/04 21:00:43 as Exp $ + * RCSID $Id: asn1.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> @@ -24,7 +24,7 @@ #include "defs.h" #include "mp_defs.h" #include "asn1.h" -#include "oid.h" +#include <asn1/oid.h> #include "log.h" /* some common prefabricated ASN.1 constants */ diff --git a/src/pluto/asn1.h b/src/pluto/asn1.h index 2a3fb3e9e..730245e4a 100644 --- a/src/pluto/asn1.h +++ b/src/pluto/asn1.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: asn1.h,v 1.14 2005/12/06 22:50:10 as Exp $ + * RCSID $Id: asn1.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _ASN1_H diff --git a/src/pluto/ca.c b/src/pluto/ca.c index d1be22e2f..099699056 100644 --- a/src/pluto/ca.c +++ b/src/pluto/ca.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ca.c,v 1.10 2005/12/25 12:29:55 as Exp $ + * RCSID $Id: ca.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> @@ -131,11 +131,21 @@ match_requested_ca(generalName_t *requested_ca, chunk_t our_ca, int *our_pathlen if (trusted_ca(our_ca, requested_ca->name, &pathlen) && pathlen < *our_pathlen) + { *our_pathlen = pathlen; + } requested_ca = requested_ca->next; } - return *our_pathlen <= MAX_CA_PATH_LEN; + if (*our_pathlen > MAX_CA_PATH_LEN) + { + *our_pathlen = MAX_CA_PATH_LEN; + return FALSE; + } + else + { + return TRUE; + } } /* @@ -197,7 +207,7 @@ get_authcert(chunk_t subject, chunk_t serial, chunk_t keyid, u_char auth_flags) /* * add an authority certificate to the chained list */ -bool +x509cert_t* add_authcert(x509cert_t *cert, u_char auth_flags) { x509cert_t *old_cert; @@ -222,7 +232,7 @@ add_authcert(x509cert_t *cert, u_char auth_flags) unlock_authcert_list("add_authcert"); free_x509cert(cert); - return FALSE; + return old_cert; } else { @@ -242,7 +252,7 @@ add_authcert(x509cert_t *cert, u_char auth_flags) DBG_log(" authcert inserted") ) unlock_authcert_list("add_authcert"); - return TRUE; + return cert; } /* @@ -623,15 +633,12 @@ add_ca_info(const whack_message_t *msg) unlock_ca_info_list("add_ca_info"); /* add cacert to list of authcerts */ - if (!cached_cert) + if (!cached_cert && sc != NULL) { - if (add_authcert(cacert, AUTH_CA) && sc != NULL) - { - if (sc->last_cert.type == CERT_X509_SIGNATURE) - sc->last_cert.u.x509->count--; - sc->last_cert = cert; - share_cert(sc->last_cert); - } + if (sc->last_cert.type == CERT_X509_SIGNATURE) + sc->last_cert.u.x509->count--; + sc->last_cert.u.x509 = add_authcert(cacert, AUTH_CA); + share_cert(sc->last_cert); } if (sc != NULL) time(&sc->last_load); diff --git a/src/pluto/ca.h b/src/pluto/ca.h index 8d4602dc6..13f874284 100644 --- a/src/pluto/ca.h +++ b/src/pluto/ca.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ca.h,v 1.5 2005/12/25 12:28:40 as Exp $ + * RCSID $Id: ca.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _CA_H @@ -54,7 +54,7 @@ extern x509cert_t* get_authcert(chunk_t subject, chunk_t serial, chunk_t keyid , u_char auth_flags); extern void load_authcerts(const char *type, const char *path , u_char auth_flags); -extern bool add_authcert(x509cert_t *cert, u_char auth_flags); +extern x509cert_t* add_authcert(x509cert_t *cert, u_char auth_flags); extern void free_authcerts(void); extern void list_authcerts(const char *caption, u_char auth_flags, bool utc); extern bool trust_authcert_candidate(const x509cert_t *cert diff --git a/src/pluto/certs.c b/src/pluto/certs.c index 779646a98..43976a913 100644 --- a/src/pluto/certs.c +++ b/src/pluto/certs.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: certs.c,v 1.8 2005/11/06 22:55:41 as Exp $ + * RCSID $Id: certs.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/certs.h b/src/pluto/certs.h index ca5acd35a..b71c53e15 100644 --- a/src/pluto/certs.h +++ b/src/pluto/certs.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: certs.h,v 1.7 2005/11/06 22:55:41 as Exp $ + * RCSID $Id: certs.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _CERTS_H diff --git a/src/pluto/connections.c b/src/pluto/connections.c index c4d5dae4d..952e722d2 100644 --- a/src/pluto/connections.c +++ b/src/pluto/connections.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: connections.c,v 1.43 2006/04/29 18:16:02 as Exp $ + * RCSID $Id: connections.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <string.h> @@ -58,6 +58,7 @@ #include "whack.h" #include "alg_info.h" #include "ike_alg.h" +#include "kernel_alg.h" #include "nat_traversal.h" #include "virtual.h" @@ -638,13 +639,24 @@ format_end(char *buf strcpy(&host_id[len < 0? (ptrdiff_t)sizeof(host_id)-2 : 1 + len], "]"); } + /* [---hop] */ + hop[0] = '\0'; + hop_sep = ""; + if (that != NULL && !sameaddr(&this->host_nexthop, &that->host_addr)) + { + addrtot(&this->host_nexthop, 0, hop, sizeof(hop)); + hop_sep = "---"; + } + if (is_left) - snprintf(buf, buf_len, "%s%s%s%s%s%s%s%s%s" + snprintf(buf, buf_len, "%s%s%s%s%s%s%s%s%s%s%s" , open_brackets, client, close_brackets, client_sep , this->allow_any? "%":"" - , host, host_port, host_id, protoport); + , host, host_port, host_id, protoport + , hop_sep, hop); else - snprintf(buf, buf_len, "%s%s%s%s%s%s%s%s%s" + snprintf(buf, buf_len, "%s%s%s%s%s%s%s%s%s%s%s" + , hop, hop_sep , this->allow_any? "%":"" , host, host_port, host_id, protoport, client_sep , open_brackets, client, close_brackets); @@ -3016,11 +3028,10 @@ ISAKMP_SA_established(struct connection *c, so_serial_t serial) { struct connection *next = d->ac_next; /* might move underneath us */ - if (d->kind >= CK_PERMANENT + if (d->kind >= CK_PERMANENT && same_id(&c->spd.this.id, &d->spd.this.id) && same_id(&c->spd.that.id, &d->spd.that.id) - && (!sameaddr(&c->spd.that.host_addr, &d->spd.that.host_addr) || - (c->spd.that.host_port != d->spd.that.host_port))) + && !sameaddr(&c->spd.that.host_addr, &d->spd.that.host_addr)) { release_connection(d, FALSE); } @@ -3257,22 +3268,21 @@ find_host_connection(const ip_address *me, u_int16_t my_port * less important than the disadvantages, so after FreeS/WAN 1.9, we * don't do this. */ +#define PRIO_NO_MATCH_FOUND 2048 + struct connection * refine_host_connection(const struct state *st, const struct id *peer_id , chunk_t peer_ca) { struct connection *c = st->st_connection; - u_int16_t auth = st->st_oakley.auth; struct connection *d; struct connection *best_found = NULL; + u_int16_t auth = st->st_oakley.auth; lset_t auth_policy; const chunk_t *psk = NULL; bool wcpip; /* wildcard Peer IP? */ - + int best_prio = PRIO_NO_MATCH_FOUND; int wildcards, our_pathlen, peer_pathlen; - int best_wildcards = MAX_WILDCARDS; - int best_our_pathlen = MAX_CA_PATH_LEN; - int best_peer_pathlen = MAX_CA_PATH_LEN; if (same_id(&c->spd.that.id, peer_id) && trusted_ca(peer_ca, c->spd.that.ca, &peer_pathlen) @@ -3340,17 +3350,22 @@ refine_host_connection(const struct state *st, const struct id *peer_id , d->spd.that.ca, &peer_pathlen); bool matching_request = match_requested_ca(c->requested_ca , d->spd.this.ca, &our_pathlen); - bool match = matching_id && matching_auth && - matching_trust && matching_request; + bool match = matching_id && matching_auth && matching_trust; + + int prio = (MAX_WILDCARDS + 1) * !matching_request + wildcards; + + prio = (MAX_CA_PATH_LEN + 1) * prio + peer_pathlen; + prio = (MAX_CA_PATH_LEN + 1) * prio + our_pathlen; DBG(DBG_CONTROLMORE, - DBG_log("%s: %s match (id: %s, auth: %s, trust: %s, request: %s)" + DBG_log("%s: %s match (id: %s, auth: %s, trust: %s, request: %s, prio: %4d)" , d->name , match ? "full":" no" , match_name[matching_id] , match_name[matching_auth] , match_name[matching_trust] - , match_name[matching_request]) + , match_name[matching_request] + , match ? prio:PRIO_NO_MATCH_FOUND) ) /* do we have a match? */ @@ -3404,20 +3419,18 @@ refine_host_connection(const struct state *st, const struct id *peer_id /* d has passed all the tests. * We'll go with it if the Peer ID was an exact match. */ - if (match && wildcards == 0 && peer_pathlen == 0 && our_pathlen == 0) + if (prio == 0) + { return d; + } /* We'll remember it as best_found in case an exact * match doesn't come along. */ - if (best_found == NULL || wildcards < best_wildcards - || ((wildcards == best_wildcards && peer_pathlen < best_peer_pathlen) - || (peer_pathlen == best_peer_pathlen && our_pathlen < best_our_pathlen))) + if (prio < best_prio) { best_found = d; - best_wildcards = wildcards; - best_peer_pathlen = peer_pathlen; - best_our_pathlen = our_pathlen; + best_prio = prio; } } if (wcpip) diff --git a/src/pluto/connections.h b/src/pluto/connections.h index 40cbfc497..3000f888a 100644 --- a/src/pluto/connections.h +++ b/src/pluto/connections.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: connections.h,v 1.18 2006/04/22 21:59:20 as Exp $ + * RCSID $Id: connections.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _CONNECTIONS_H diff --git a/src/pluto/constants.c b/src/pluto/constants.c index e7d7216ee..93e430957 100644 --- a/src/pluto/constants.c +++ b/src/pluto/constants.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: constants.c,v 1.21 2006/03/27 07:38:59 as Exp $ + * RCSID $Id: constants.c 3252 2007-10-06 21:24:50Z andreas $ */ /* @@ -507,6 +507,8 @@ const char *const sa_policy_bit_names[] = { "XAUTHRSASIG", "XAUTHSERVER", "DONTREAUTH", + "BEET", + "MOBIKE", NULL }; diff --git a/src/pluto/constants.h b/src/pluto/constants.h index 3ab10be61..ddfe76293 100644 --- a/src/pluto/constants.h +++ b/src/pluto/constants.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: constants.h,v 1.20 2006/02/28 19:13:33 as Exp $ + * RCSID $Id: constants.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _CONSTANTS_H @@ -875,6 +875,8 @@ extern const char *prettypolicy(lset_t policy); #define POLICY_XAUTH_SERVER LELEM(20) /* are we an XAUTH server? */ #define POLICY_DONT_REAUTH LELEM(21) /* don't reauthenticate on rekeying, IKEv2 only */ #define POLICY_BEET LELEM(22) /* bound end2end tunnel, IKEv2 */ +#define POLICY_MOBIKE LELEM(23) /* enable MOBIKE for IKEv2 */ +#define POLICY_FORCE_ENCAP LELEM(24) /* force UDP encapsulation (IKEv2) */ /* Any IPsec policy? If not, a connection description * is only for ISAKMP SA, not IPSEC SA. (A pun, I admit.) diff --git a/src/pluto/cookie.c b/src/pluto/cookie.c index 458120e46..00197321c 100644 --- a/src/pluto/cookie.c +++ b/src/pluto/cookie.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: cookie.c,v 1.2 2005/08/17 16:38:20 as Exp $ + * RCSID $Id: cookie.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/cookie.h b/src/pluto/cookie.h index f5b0e64d1..b52bb2299 100644 --- a/src/pluto/cookie.h +++ b/src/pluto/cookie.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: cookie.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: cookie.h 3252 2007-10-06 21:24:50Z andreas $ */ #include <freeswan.h> diff --git a/src/pluto/crl.c b/src/pluto/crl.c index dc8932769..8998207c2 100644 --- a/src/pluto/crl.c +++ b/src/pluto/crl.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: crl.c,v 1.12 2005/12/06 22:49:57 as Exp $ + * RCSID $Id: crl.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> @@ -29,7 +29,7 @@ #include "defs.h" #include "log.h" #include "asn1.h" -#include "oid.h" +#include <asn1/oid.h> #include "x509.h" #include "crl.h" #include "ca.h" diff --git a/src/pluto/crl.h b/src/pluto/crl.h index 328539770..b5051dcac 100644 --- a/src/pluto/crl.h +++ b/src/pluto/crl.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: crl.h,v 1.4 2005/07/18 19:36:22 as Exp $ + * RCSID $Id: crl.h 3252 2007-10-06 21:24:50Z andreas $ */ #include "constants.h" diff --git a/src/pluto/crypto.c b/src/pluto/crypto.c index f1b7c3f5f..207192e14 100644 --- a/src/pluto/crypto.c +++ b/src/pluto/crypto.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: crypto.c,v 1.5 2005/12/06 22:51:34 as Exp $ + * RCSID $Id: crypto.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/crypto.h b/src/pluto/crypto.h index 48c983349..e773d86df 100644 --- a/src/pluto/crypto.h +++ b/src/pluto/crypto.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: crypto.h,v 1.6 2005/04/07 20:13:30 as Exp $ + * RCSID $Id: crypto.h 3252 2007-10-06 21:24:50Z andreas $ */ #include <gmp.h> /* GNU MP library */ diff --git a/src/pluto/db_ops.c b/src/pluto/db_ops.c index bbcd7918f..993baf53e 100644 --- a/src/pluto/db_ops.c +++ b/src/pluto/db_ops.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: db_ops.c,v 1.4 2005/04/07 20:13:44 as Exp $ + * RCSID $Id: db_ops.c 3252 2007-10-06 21:24:50Z andreas $ */ /* diff --git a/src/pluto/db_ops.h b/src/pluto/db_ops.h index 433e75280..4004e710a 100644 --- a/src/pluto/db_ops.h +++ b/src/pluto/db_ops.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: db_ops.h,v 1.3 2004/09/17 12:37:37 as Exp $ + * RCSID $Id: db_ops.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _DB_OPS_H diff --git a/src/pluto/defs.c b/src/pluto/defs.c index 9ae32a480..5b9defb60 100644 --- a/src/pluto/defs.c +++ b/src/pluto/defs.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: defs.c,v 1.9 2006/01/04 21:00:43 as Exp $ + * RCSID $Id: defs.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/defs.h b/src/pluto/defs.h index 3bfb29a22..574ce4a1a 100644 --- a/src/pluto/defs.h +++ b/src/pluto/defs.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: defs.h,v 1.10 2006/01/04 21:00:43 as Exp $ + * RCSID $Id: defs.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _DEFS_H diff --git a/src/pluto/demux.c b/src/pluto/demux.c index 7e59b184d..9bc889b4b 100644 --- a/src/pluto/demux.c +++ b/src/pluto/demux.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: demux.c,v 1.14 2006/06/22 11:58:25 as Exp $ + * RCSID $Id: demux.c 3252 2007-10-06 21:24:50Z andreas $ */ /* Ordering Constraints on Payloads @@ -1197,12 +1197,12 @@ read_packet(struct msg_digest *md) if ((pbs_room(&md->packet_pbs)==1) && (md->packet_pbs.start[0]==0xff)) { /** - * NAT-T Keep-alive packets should be discared by kernel ESPinUDP - * layer. But boggus keep-alive packets (sent with a non-esp marker) + * NAT-T Keep-alive packets should be discarded by kernel ESPinUDP + * layer. But bogus keep-alive packets (sent with a non-esp marker) * can reach this point. Complain and discard them. */ DBG(DBG_NATT, - DBG_log("NAT-T keep-alive (boggus ?) should not reach this point. " + DBG_log("NAT-T keep-alive (bogus ?) should not reach this point. " "Ignored. Sender: %s:%u", ip_str(cur_from), (unsigned) cur_from_port); ) diff --git a/src/pluto/demux.h b/src/pluto/demux.h index 373dd6315..0348b3579 100644 --- a/src/pluto/demux.h +++ b/src/pluto/demux.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: demux.h,v 1.4 2004/07/22 22:57:25 as Exp $ + * RCSID $Id: demux.h 3252 2007-10-06 21:24:50Z andreas $ */ #include "packet.h" diff --git a/src/pluto/dnskey.c b/src/pluto/dnskey.c index 23863b0a2..8ba0f7b73 100644 --- a/src/pluto/dnskey.c +++ b/src/pluto/dnskey.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: dnskey.c,v 1.5 2005/09/08 16:26:30 as Exp $ + * RCSID $Id: dnskey.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/dnskey.h b/src/pluto/dnskey.h index 0b9f0ee33..f69c226c8 100644 --- a/src/pluto/dnskey.h +++ b/src/pluto/dnskey.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: dnskey.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: dnskey.h 3252 2007-10-06 21:24:50Z andreas $ */ extern int diff --git a/src/pluto/fetch.c b/src/pluto/fetch.c index 8f48152f6..c0bf3fed6 100644 --- a/src/pluto/fetch.c +++ b/src/pluto/fetch.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: fetch.c,v 1.12 2006/05/16 14:19:27 as Exp $ + * RCSID $Id: fetch.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/fetch.h b/src/pluto/fetch.h index 6303f37e4..67be12d47 100644 --- a/src/pluto/fetch.h +++ b/src/pluto/fetch.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: fetch.h,v 1.6 2005/11/25 10:08:00 as Exp $ + * RCSID $Id: fetch.h 3252 2007-10-06 21:24:50Z andreas $ */ #include "x509.h" diff --git a/src/pluto/foodgroups.c b/src/pluto/foodgroups.c index c92bdb3d4..5b2836bce 100644 --- a/src/pluto/foodgroups.c +++ b/src/pluto/foodgroups.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: foodgroups.c,v 1.2 2004/04/01 18:28:32 as Exp $ + * RCSID $Id: foodgroups.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <string.h> diff --git a/src/pluto/foodgroups.h b/src/pluto/foodgroups.h index 7cbbccc44..d66f85423 100644 --- a/src/pluto/foodgroups.h +++ b/src/pluto/foodgroups.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: foodgroups.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: foodgroups.h 3252 2007-10-06 21:24:50Z andreas $ */ struct connection; /* forward declaration */ diff --git a/src/pluto/gcryptfix.c b/src/pluto/gcryptfix.c index 1ebacdcf6..b8007046d 100644 --- a/src/pluto/gcryptfix.c +++ b/src/pluto/gcryptfix.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: gcryptfix.c,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: gcryptfix.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/gcryptfix.h b/src/pluto/gcryptfix.h index 637ecbc8d..db2587c59 100644 --- a/src/pluto/gcryptfix.h +++ b/src/pluto/gcryptfix.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: gcryptfix.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: gcryptfix.h 3252 2007-10-06 21:24:50Z andreas $ */ #define DBG_CIPHER 1 /* some day we'll do this right */ diff --git a/src/pluto/id.c b/src/pluto/id.c index 4e75ec2e9..8db322a5e 100644 --- a/src/pluto/id.c +++ b/src/pluto/id.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: id.c,v 1.4 2005/08/15 20:07:08 as Exp $ + * RCSID $Id: id.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/id.h b/src/pluto/id.h index 4fe9ef227..185c17f20 100644 --- a/src/pluto/id.h +++ b/src/pluto/id.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: id.h,v 1.5 2005/08/15 20:07:08 as Exp $ + * RCSID $Id: id.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _ID_H diff --git a/src/pluto/ike_alg.c b/src/pluto/ike_alg.c index 1c6514b4b..52f2c5c80 100644 --- a/src/pluto/ike_alg.c +++ b/src/pluto/ike_alg.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ike_alg.c,v 1.6 2004/09/17 21:29:50 as Exp $ + * RCSID $Id: ike_alg.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/ike_alg.h b/src/pluto/ike_alg.h index 19e2e591c..dbf4076c5 100644 --- a/src/pluto/ike_alg.h +++ b/src/pluto/ike_alg.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ike_alg.h,v 1.3 2004/09/16 23:22:22 as Exp $ + * RCSID $Id: ike_alg.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _IKE_ALG_H diff --git a/src/pluto/ipsec_doi.c b/src/pluto/ipsec_doi.c index 1c22b299b..852b2e73e 100644 --- a/src/pluto/ipsec_doi.c +++ b/src/pluto/ipsec_doi.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_doi.c,v 1.39 2006/04/22 21:59:20 as Exp $ + * RCSID $Id: ipsec_doi.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> @@ -80,6 +80,15 @@ #endif /* !VENDORID */ /* + * are we sending an XAUTH VID? + */ +#ifdef XAUTH_VID +#define SEND_XAUTH_VID 1 +#else /* !XAUTH_VID */ +#define SEND_XAUTH_VID 0 +#endif /* !XAUTH_VID */ + +/* * are we sending a Cisco Unity VID? */ #ifdef CISCO_QUIRKS @@ -899,7 +908,7 @@ main_outI1(int whack_sock, struct connection *c, struct state *predecessor vids_to_send++; if (c->spd.this.cert.type == CERT_PGP) vids_to_send++; - /* always send XAUTH Vendor ID */ + if (SEND_XAUTH_VID) vids_to_send++; /* always send DPD Vendor ID */ vids_to_send++; @@ -993,11 +1002,14 @@ main_outI1(int whack_sock, struct connection *c, struct state *predecessor } /* Announce our ability to do eXtended AUTHentication to the peer */ - if (!out_vendorid(vids_to_send-- ? ISAKMP_NEXT_VID : ISAKMP_NEXT_NONE - , &rbody, VID_MISC_XAUTH)) + if (SEND_XAUTH_VID) { - reset_cur_state(); - return STF_INTERNAL_ERROR; + if (!out_vendorid(vids_to_send-- ? ISAKMP_NEXT_VID : ISAKMP_NEXT_NONE + , &rbody, VID_MISC_XAUTH)) + { + reset_cur_state(); + return STF_INTERNAL_ERROR; + } } /* Announce our ability to do Dead Peer Detection to the peer */ @@ -2479,7 +2491,7 @@ switch_connection(struct msg_digest *md, struct id *peer, bool initiator) DBG(DBG_CONTROL, char buf[BUF_LEN]; - dntoa_or_null(buf, BUF_LEN, c->spd.this.ca, "%none"); + dntoa_or_null(buf, BUF_LEN, c->spd.that.ca, "%none"); DBG_log("required CA: '%s'", buf); ) @@ -3114,7 +3126,7 @@ main_inI1_outR1(struct msg_digest *md) vids_to_send++; if (md->openpgp) vids_to_send++; - /* always send XAUTH Vendor ID */ + if (SEND_XAUTH_VID) vids_to_send++; /* always send DPD Vendor ID */ vids_to_send++; @@ -3182,10 +3194,13 @@ main_inI1_outR1(struct msg_digest *md) } /* Announce our ability to do eXtended AUTHentication to the peer */ - if (!out_vendorid(vids_to_send-- ? ISAKMP_NEXT_VID : ISAKMP_NEXT_NONE - , &md->rbody, VID_MISC_XAUTH)) + if (SEND_XAUTH_VID) { - return STF_INTERNAL_ERROR; + if (!out_vendorid(vids_to_send-- ? ISAKMP_NEXT_VID : ISAKMP_NEXT_NONE + , &md->rbody, VID_MISC_XAUTH)) + { + return STF_INTERNAL_ERROR; + } } /* Announce our ability to do Dead Peer Detection to the peer */ diff --git a/src/pluto/ipsec_doi.h b/src/pluto/ipsec_doi.h index 80b12c31d..60b5e4e31 100644 --- a/src/pluto/ipsec_doi.h +++ b/src/pluto/ipsec_doi.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_doi.h,v 1.3 2005/01/06 22:10:44 as Exp $ + * RCSID $Id: ipsec_doi.h 3252 2007-10-06 21:24:50Z andreas $ */ extern void echo_hdr(struct msg_digest *md, bool enc, u_int8_t np); diff --git a/src/pluto/kernel.c b/src/pluto/kernel.c index 663fa7230..5f31d5ca3 100644 --- a/src/pluto/kernel.c +++ b/src/pluto/kernel.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel.c,v 1.26 2006/04/29 18:16:02 as Exp $ + * RCSID $Id: kernel.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stddef.h> diff --git a/src/pluto/kernel.h b/src/pluto/kernel.h index e7ff08c7b..fdc2bf0a8 100644 --- a/src/pluto/kernel.h +++ b/src/pluto/kernel.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel.h,v 1.10 2006/03/08 22:12:37 as Exp $ + * RCSID $Id: kernel.h 3252 2007-10-06 21:24:50Z andreas $ */ #include "connections.h" diff --git a/src/pluto/kernel_alg.c b/src/pluto/kernel_alg.c index 91dfaff59..571d9cc9b 100644 --- a/src/pluto/kernel_alg.c +++ b/src/pluto/kernel_alg.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_alg.c,v 1.9 2005/08/17 16:31:24 as Exp $ + * RCSID $Id: kernel_alg.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/kernel_alg.h b/src/pluto/kernel_alg.h index 483e97da1..14c2664aa 100644 --- a/src/pluto/kernel_alg.h +++ b/src/pluto/kernel_alg.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_alg.h,v 1.5 2005/08/17 16:31:24 as Exp $ + * RCSID $Id: kernel_alg.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _KERNEL_ALG_H diff --git a/src/pluto/kernel_netlink.c b/src/pluto/kernel_netlink.c index 9b9d7b9ed..abdb603de 100644 --- a/src/pluto/kernel_netlink.c +++ b/src/pluto/kernel_netlink.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_netlink.c,v 1.24 2006/03/10 14:49:43 as Exp $ + * RCSID $Id: kernel_netlink.c 3252 2007-10-06 21:24:50Z andreas $ */ #if defined(linux) && defined(KERNEL26_SUPPORT) diff --git a/src/pluto/kernel_netlink.h b/src/pluto/kernel_netlink.h index 1b5f42e48..91ba71c5c 100644 --- a/src/pluto/kernel_netlink.h +++ b/src/pluto/kernel_netlink.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_netlink.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: kernel_netlink.h 3252 2007-10-06 21:24:50Z andreas $ */ #if defined(KLIPS) && defined(linux) diff --git a/src/pluto/kernel_noklips.c b/src/pluto/kernel_noklips.c index 570bb0470..4ac3eb153 100644 --- a/src/pluto/kernel_noklips.c +++ b/src/pluto/kernel_noklips.c @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_noklips.c,v 1.5 2006/02/04 00:01:22 as Exp $ + * RCSID $Id: kernel_noklips.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <errno.h> diff --git a/src/pluto/kernel_noklips.h b/src/pluto/kernel_noklips.h index fe4e77ec4..db819eed7 100644 --- a/src/pluto/kernel_noklips.h +++ b/src/pluto/kernel_noklips.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_noklips.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: kernel_noklips.h 3252 2007-10-06 21:24:50Z andreas $ */ extern void init_noklips(void); diff --git a/src/pluto/kernel_pfkey.c b/src/pluto/kernel_pfkey.c index ced7a1453..742afaf52 100644 --- a/src/pluto/kernel_pfkey.c +++ b/src/pluto/kernel_pfkey.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_pfkey.c,v 1.8 2006/02/04 00:01:22 as Exp $ + * RCSID $Id: kernel_pfkey.c 3252 2007-10-06 21:24:50Z andreas $ */ #ifdef KLIPS diff --git a/src/pluto/kernel_pfkey.h b/src/pluto/kernel_pfkey.h index 9dbcdd341..23ac982e8 100644 --- a/src/pluto/kernel_pfkey.h +++ b/src/pluto/kernel_pfkey.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: kernel_pfkey.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: kernel_pfkey.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifdef KLIPS diff --git a/src/pluto/keys.c b/src/pluto/keys.c index 1efe85228..eab9dfc4a 100644 --- a/src/pluto/keys.c +++ b/src/pluto/keys.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: keys.c,v 1.24 2006/01/27 08:59:40 as Exp $ + * RCSID $Id: keys.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stddef.h> @@ -772,6 +772,38 @@ process_pin(secret_t *s, int whackfd) } static void +log_psk(secret_t *s) +{ + int n = 0; + char buf[BUF_LEN]; + id_list_t *id_list = s->ids; + + if (id_list == NULL) + { + n = snprintf(buf, BUF_LEN, "%%any"); + } + else + { + do + { + n += idtoa(&id_list->id, buf + n, BUF_LEN - n); + if (n >= BUF_LEN) + { + n = BUF_LEN - 1; + break; + } + else if (n < BUF_LEN - 1) + { + n += snprintf(buf + n, BUF_LEN - n, " "); + } + id_list = id_list->next; + } + while (id_list); + } + plog(" loaded shared key for %.*s", n, buf); +} + +static void process_secret(secret_t *s, int whackfd) { err_t ugh = NULL; @@ -780,11 +812,13 @@ process_secret(secret_t *s, int whackfd) if (*tok == '"' || *tok == '\'') { /* old PSK format: just a string */ + log_psk(s); ugh = process_psk_secret(&s->u.preshared_secret); } else if (tokeqword("psk")) { /* preshared key: quoted string or ttodata format */ + log_psk(s); ugh = !shift()? "unexpected end of record in PSK" : process_psk_secret(&s->u.preshared_secret); } diff --git a/src/pluto/keys.h b/src/pluto/keys.h index 415bdc3c1..b06e536a5 100644 --- a/src/pluto/keys.h +++ b/src/pluto/keys.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: keys.h,v 1.7 2006/01/26 20:10:34 as Exp $ + * RCSID $Id: keys.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _KEYS_H diff --git a/src/pluto/lex.c b/src/pluto/lex.c index 5c811725a..08ab43876 100644 --- a/src/pluto/lex.c +++ b/src/pluto/lex.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: lex.c,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: lex.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/lex.h b/src/pluto/lex.h index fb6c15236..450149c64 100644 --- a/src/pluto/lex.h +++ b/src/pluto/lex.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: lex.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: lex.h 3252 2007-10-06 21:24:50Z andreas $ */ #define MAX_TOK_LEN 2048 /* includes terminal '\0' */ diff --git a/src/pluto/log.c b/src/pluto/log.c index 36997122c..ca0576b69 100644 --- a/src/pluto/log.c +++ b/src/pluto/log.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: log.c,v 1.8 2006/04/29 18:16:02 as Exp $ + * RCSID $Id: log.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/log.h b/src/pluto/log.h index a4eae9d1c..db0fb0202 100644 --- a/src/pluto/log.h +++ b/src/pluto/log.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: log.h,v 1.4 2005/07/11 18:33:45 as Exp $ + * RCSID $Id: log.h 3252 2007-10-06 21:24:50Z andreas $ */ #include <freeswan.h> diff --git a/src/pluto/modecfg.c b/src/pluto/modecfg.c index cda6007c7..b7f8aef93 100644 --- a/src/pluto/modecfg.c +++ b/src/pluto/modecfg.c @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: modecfg.c,v 1.6 2006/04/24 20:44:57 as Exp $ + * RCSID $Id: modecfg.c 3252 2007-10-06 21:24:50Z andreas $ * * This code originally written by Colubris Networks, Inc. * Extraction of patch and porting to 1.99 codebases by Xelerance Corporation diff --git a/src/pluto/modecfg.h b/src/pluto/modecfg.h index 68b7ef446..95481de89 100644 --- a/src/pluto/modecfg.h +++ b/src/pluto/modecfg.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: modecfg.h,v 1.1 2005/01/06 22:10:15 as Exp $ + * RCSID $Id: modecfg.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _MODECFG_H diff --git a/src/pluto/mp_defs.c b/src/pluto/mp_defs.c index 7ad896751..cdae8ee79 100644 --- a/src/pluto/mp_defs.c +++ b/src/pluto/mp_defs.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: mp_defs.c,v 1.1 2006/01/05 12:37:11 as Exp $ + * RCSID $Id: mp_defs.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <freeswan.h> diff --git a/src/pluto/mp_defs.h b/src/pluto/mp_defs.h index 744a028d1..e0ec74df8 100644 --- a/src/pluto/mp_defs.h +++ b/src/pluto/mp_defs.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: mp_defs.h,v 1.2 2006/01/06 11:40:45 as Exp $ + * RCSID $Id: mp_defs.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _MP_DEFS_H diff --git a/src/pluto/nat_traversal.c b/src/pluto/nat_traversal.c index 4a52cc107..95ce9e32e 100644 --- a/src/pluto/nat_traversal.c +++ b/src/pluto/nat_traversal.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: nat_traversal.c,v 1.8 2005/01/06 22:36:58 as Exp $ + * RCSID $Id: nat_traversal.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/nat_traversal.h b/src/pluto/nat_traversal.h index 71222c54c..9041d84de 100644 --- a/src/pluto/nat_traversal.h +++ b/src/pluto/nat_traversal.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: nat_traversal.h,v 1.4 2004/07/27 21:11:30 as Exp $ + * RCSID $Id: nat_traversal.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _NAT_TRAVERSAL_H diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c index a338be446..7dedbf1f7 100644 --- a/src/pluto/ocsp.c +++ b/src/pluto/ocsp.c @@ -12,6 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * + * RCSID $Id: ocsp.c 3253 2007-10-06 21:39:00Z andreas $ */ #include <unistd.h> @@ -35,7 +36,7 @@ #include "asn1.h" #include "certs.h" #include "smartcard.h" -#include "oid.h" +#include <asn1/oid.h> #include "whack.h" #include "pkcs1.h" #include "keys.h" @@ -1087,13 +1088,13 @@ valid_ocsp_response(response_t *res) static bool parse_basic_ocsp_response(chunk_t blob, int level0, response_t *res) { - u_int level, version; - u_int extn_oid = OID_UNKNOWN; - u_char buf[BUF_LEN]; asn1_ctx_t ctx; bool critical; chunk_t object; + u_int level, version; + u_char buf[BUF_LEN]; int objectID = 0; + int extn_oid = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, DBG_RAW); @@ -1190,9 +1191,8 @@ parse_ocsp_response(chunk_t blob, response_t * res) chunk_t object; u_int level; int objectID = 0; - + int ocspResponseType = OID_UNKNOWN; response_status rStatus = STATUS_INTERNALERROR; - u_int ocspResponseType = OID_UNKNOWN; asn1_init(&ctx, blob, 0, FALSE, DBG_RAW); diff --git a/src/pluto/ocsp.h b/src/pluto/ocsp.h index 49e1026ec..6bf42831b 100644 --- a/src/pluto/ocsp.h +++ b/src/pluto/ocsp.h @@ -12,6 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * + * RCSID $Id: ocsp.h 3253 2007-10-06 21:39:00Z andreas $ */ #include "constants.h" diff --git a/src/pluto/oid.c b/src/pluto/oid.c deleted file mode 100644 index 48df1b7c4..000000000 --- a/src/pluto/oid.c +++ /dev/null @@ -1,198 +0,0 @@ -/* List of some useful object identifiers (OIDs) - * Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur - * - * This file has been automatically generated by the script oid.pl - * Do not edit manually! - */ - -#include <stdlib.h> - -#include "oid.h" - -const oid_t oid_names[] = { - {0x02, 7, 1, "ITU-T Administration" }, /* 0 */ - { 0x82, 0, 1, "" }, /* 1 */ - { 0x06, 0, 1, "Germany ITU-T member" }, /* 2 */ - { 0x01, 0, 1, "Deutsche Telekom AG" }, /* 3 */ - { 0x0A, 0, 1, "" }, /* 4 */ - { 0x07, 0, 1, "" }, /* 5 */ - { 0x14, 0, 0, "ND" }, /* 6 */ - {0x09, 18, 1, "data" }, /* 7 */ - { 0x92, 0, 1, "" }, /* 8 */ - { 0x26, 0, 1, "" }, /* 9 */ - { 0x89, 0, 1, "" }, /* 10 */ - { 0x93, 0, 1, "" }, /* 11 */ - { 0xF2, 0, 1, "" }, /* 12 */ - { 0x2C, 0, 1, "" }, /* 13 */ - { 0x64, 0, 1, "pilot" }, /* 14 */ - { 0x01, 0, 1, "pilotAttributeType" }, /* 15 */ - { 0x01, 17, 0, "UID" }, /* 16 */ - { 0x19, 0, 0, "DC" }, /* 17 */ - {0x55, 52, 1, "X.500" }, /* 18 */ - { 0x04, 36, 1, "X.509" }, /* 19 */ - { 0x03, 21, 0, "CN" }, /* 20 */ - { 0x04, 22, 0, "S" }, /* 21 */ - { 0x05, 23, 0, "SN" }, /* 22 */ - { 0x06, 24, 0, "C" }, /* 23 */ - { 0x07, 25, 0, "L" }, /* 24 */ - { 0x08, 26, 0, "ST" }, /* 25 */ - { 0x0A, 27, 0, "O" }, /* 26 */ - { 0x0B, 28, 0, "OU" }, /* 27 */ - { 0x0C, 29, 0, "T" }, /* 28 */ - { 0x0D, 30, 0, "D" }, /* 29 */ - { 0x24, 31, 0, "userCertificate" }, /* 30 */ - { 0x29, 32, 0, "N" }, /* 31 */ - { 0x2A, 33, 0, "G" }, /* 32 */ - { 0x2B, 34, 0, "I" }, /* 33 */ - { 0x2D, 35, 0, "ID" }, /* 34 */ - { 0x48, 0, 0, "role" }, /* 35 */ - { 0x1D, 0, 1, "id-ce" }, /* 36 */ - { 0x09, 38, 0, "subjectDirectoryAttrs" }, /* 37 */ - { 0x0E, 39, 0, "subjectKeyIdentifier" }, /* 38 */ - { 0x0F, 40, 0, "keyUsage" }, /* 39 */ - { 0x10, 41, 0, "privateKeyUsagePeriod" }, /* 40 */ - { 0x11, 42, 0, "subjectAltName" }, /* 41 */ - { 0x12, 43, 0, "issuerAltName" }, /* 42 */ - { 0x13, 44, 0, "basicConstraints" }, /* 43 */ - { 0x14, 45, 0, "crlNumber" }, /* 44 */ - { 0x15, 46, 0, "reasonCode" }, /* 45 */ - { 0x1F, 47, 0, "crlDistributionPoints" }, /* 46 */ - { 0x20, 48, 0, "certificatePolicies" }, /* 47 */ - { 0x23, 49, 0, "authorityKeyIdentifier" }, /* 48 */ - { 0x25, 50, 0, "extendedKeyUsage" }, /* 49 */ - { 0x37, 51, 0, "targetInformation" }, /* 50 */ - { 0x38, 0, 0, "noRevAvail" }, /* 51 */ - {0x2A, 89, 1, "" }, /* 52 */ - { 0x86, 0, 1, "" }, /* 53 */ - { 0x48, 0, 1, "" }, /* 54 */ - { 0x86, 0, 1, "" }, /* 55 */ - { 0xF7, 0, 1, "" }, /* 56 */ - { 0x0D, 0, 1, "RSADSI" }, /* 57 */ - { 0x01, 84, 1, "PKCS" }, /* 58 */ - { 0x01, 67, 1, "PKCS-1" }, /* 59 */ - { 0x01, 61, 0, "rsaEncryption" }, /* 60 */ - { 0x02, 62, 0, "md2WithRSAEncryption" }, /* 61 */ - { 0x04, 63, 0, "md5WithRSAEncryption" }, /* 62 */ - { 0x05, 64, 0, "sha-1WithRSAEncryption" }, /* 63 */ - { 0x0B, 65, 0, "sha256WithRSAEncryption"}, /* 64 */ - { 0x0C, 66, 0, "sha384WithRSAEncryption"}, /* 65 */ - { 0x0D, 0, 0, "sha512WithRSAEncryption"}, /* 66 */ - { 0x07, 74, 1, "PKCS-7" }, /* 67 */ - { 0x01, 69, 0, "data" }, /* 68 */ - { 0x02, 70, 0, "signedData" }, /* 69 */ - { 0x03, 71, 0, "envelopedData" }, /* 70 */ - { 0x04, 72, 0, "signedAndEnvelopedData" }, /* 71 */ - { 0x05, 73, 0, "digestedData" }, /* 72 */ - { 0x06, 0, 0, "encryptedData" }, /* 73 */ - { 0x09, 0, 1, "PKCS-9" }, /* 74 */ - { 0x01, 76, 0, "E" }, /* 75 */ - { 0x02, 77, 0, "unstructuredName" }, /* 76 */ - { 0x03, 78, 0, "contentType" }, /* 77 */ - { 0x04, 79, 0, "messageDigest" }, /* 78 */ - { 0x05, 80, 0, "signingTime" }, /* 79 */ - { 0x06, 81, 0, "counterSignature" }, /* 80 */ - { 0x07, 82, 0, "challengePassword" }, /* 81 */ - { 0x08, 83, 0, "unstructuredAddress" }, /* 82 */ - { 0x0E, 0, 0, "extensionRequest" }, /* 83 */ - { 0x02, 87, 1, "digestAlgorithm" }, /* 84 */ - { 0x02, 86, 0, "md2" }, /* 85 */ - { 0x05, 0, 0, "md5" }, /* 86 */ - { 0x03, 0, 1, "encryptionAlgorithm" }, /* 87 */ - { 0x07, 0, 0, "3des-ede-cbc" }, /* 88 */ - {0x2B, 150, 1, "" }, /* 89 */ - { 0x06, 137, 1, "dod" }, /* 90 */ - { 0x01, 0, 1, "internet" }, /* 91 */ - { 0x04, 106, 1, "private" }, /* 92 */ - { 0x01, 0, 1, "enterprise" }, /* 93 */ - { 0x82, 99, 1, "" }, /* 94 */ - { 0x37, 0, 1, "Microsoft" }, /* 95 */ - { 0x0A, 0, 1, "" }, /* 96 */ - { 0x03, 0, 1, "" }, /* 97 */ - { 0x03, 0, 0, "msSGC" }, /* 98 */ - { 0x89, 0, 1, "" }, /* 99 */ - { 0x31, 0, 1, "" }, /* 100 */ - { 0x01, 0, 1, "" }, /* 101 */ - { 0x01, 0, 1, "" }, /* 102 */ - { 0x02, 0, 1, "" }, /* 103 */ - { 0x02, 105, 0, "" }, /* 104 */ - { 0x4B, 0, 0, "TCGID" }, /* 105 */ - { 0x05, 0, 1, "security" }, /* 106 */ - { 0x05, 0, 1, "mechanisms" }, /* 107 */ - { 0x07, 0, 1, "id-pkix" }, /* 108 */ - { 0x01, 111, 1, "id-pe" }, /* 109 */ - { 0x01, 0, 0, "authorityInfoAccess" }, /* 110 */ - { 0x03, 121, 1, "id-kp" }, /* 111 */ - { 0x01, 113, 0, "serverAuth" }, /* 112 */ - { 0x02, 114, 0, "clientAuth" }, /* 113 */ - { 0x03, 115, 0, "codeSigning" }, /* 114 */ - { 0x04, 116, 0, "emailProtection" }, /* 115 */ - { 0x05, 117, 0, "ipsecEndSystem" }, /* 116 */ - { 0x06, 118, 0, "ipsecTunnel" }, /* 117 */ - { 0x07, 119, 0, "ipsecUser" }, /* 118 */ - { 0x08, 120, 0, "timeStamping" }, /* 119 */ - { 0x09, 0, 0, "ocspSigning" }, /* 120 */ - { 0x08, 123, 1, "id-otherNames" }, /* 121 */ - { 0x05, 0, 0, "xmppAddr" }, /* 122 */ - { 0x0A, 128, 1, "id-aca" }, /* 123 */ - { 0x01, 125, 0, "authenticationInfo" }, /* 124 */ - { 0x02, 126, 0, "accessIdentity" }, /* 125 */ - { 0x03, 127, 0, "chargingIdentity" }, /* 126 */ - { 0x04, 0, 0, "group" }, /* 127 */ - { 0x30, 0, 1, "id-ad" }, /* 128 */ - { 0x01, 0, 1, "ocsp" }, /* 129 */ - { 0x01, 131, 0, "basic" }, /* 130 */ - { 0x02, 132, 0, "nonce" }, /* 131 */ - { 0x03, 133, 0, "crl" }, /* 132 */ - { 0x04, 134, 0, "response" }, /* 133 */ - { 0x05, 135, 0, "noCheck" }, /* 134 */ - { 0x06, 136, 0, "archiveCutoff" }, /* 135 */ - { 0x07, 0, 0, "serviceLocator" }, /* 136 */ - { 0x0E, 143, 1, "oiw" }, /* 137 */ - { 0x03, 0, 1, "secsig" }, /* 138 */ - { 0x02, 0, 1, "algorithms" }, /* 139 */ - { 0x07, 141, 0, "des-cbc" }, /* 140 */ - { 0x1A, 142, 0, "sha-1" }, /* 141 */ - { 0x1D, 0, 0, "sha-1WithRSASignature" }, /* 142 */ - { 0x24, 0, 1, "TeleTrusT" }, /* 143 */ - { 0x03, 0, 1, "algorithm" }, /* 144 */ - { 0x03, 0, 1, "signatureAlgorithm" }, /* 145 */ - { 0x01, 0, 1, "rsaSignature" }, /* 146 */ - { 0x02, 148, 0, "rsaSigWithripemd160" }, /* 147 */ - { 0x03, 149, 0, "rsaSigWithripemd128" }, /* 148 */ - { 0x04, 0, 0, "rsaSigWithripemd256" }, /* 149 */ - {0x60, 0, 1, "" }, /* 150 */ - { 0x86, 0, 1, "" }, /* 151 */ - { 0x48, 0, 1, "" }, /* 152 */ - { 0x01, 0, 1, "organization" }, /* 153 */ - { 0x65, 161, 1, "gov" }, /* 154 */ - { 0x03, 0, 1, "csor" }, /* 155 */ - { 0x04, 0, 1, "nistalgorithm" }, /* 156 */ - { 0x02, 0, 1, "hashalgs" }, /* 157 */ - { 0x01, 159, 0, "id-SHA-256" }, /* 158 */ - { 0x02, 160, 0, "id-SHA-384" }, /* 159 */ - { 0x03, 0, 0, "id-SHA-512" }, /* 160 */ - { 0x86, 0, 1, "" }, /* 161 */ - { 0xf8, 0, 1, "" }, /* 162 */ - { 0x42, 175, 1, "netscape" }, /* 163 */ - { 0x01, 170, 1, "" }, /* 164 */ - { 0x01, 166, 0, "nsCertType" }, /* 165 */ - { 0x03, 167, 0, "nsRevocationUrl" }, /* 166 */ - { 0x04, 168, 0, "nsCaRevocationUrl" }, /* 167 */ - { 0x08, 169, 0, "nsCaPolicyUrl" }, /* 168 */ - { 0x0d, 0, 0, "nsComment" }, /* 169 */ - { 0x03, 173, 1, "directory" }, /* 170 */ - { 0x01, 0, 1, "" }, /* 171 */ - { 0x03, 0, 0, "employeeNumber" }, /* 172 */ - { 0x04, 0, 1, "policy" }, /* 173 */ - { 0x01, 0, 0, "nsSGC" }, /* 174 */ - { 0x45, 0, 1, "verisign" }, /* 175 */ - { 0x01, 0, 1, "pki" }, /* 176 */ - { 0x09, 0, 1, "attributes" }, /* 177 */ - { 0x02, 179, 0, "messageType" }, /* 178 */ - { 0x03, 180, 0, "pkiStatus" }, /* 179 */ - { 0x04, 181, 0, "failInfo" }, /* 180 */ - { 0x05, 182, 0, "senderNonce" }, /* 181 */ - { 0x06, 183, 0, "recipientNonce" }, /* 182 */ - { 0x07, 184, 0, "transID" }, /* 183 */ - { 0x08, 0, 0, "extensionReq" } /* 184 */ -}; diff --git a/src/pluto/oid.h b/src/pluto/oid.h deleted file mode 100644 index 869a87eb0..000000000 --- a/src/pluto/oid.h +++ /dev/null @@ -1,79 +0,0 @@ -/* Object identifiers (OIDs) used by FreeS/WAN - * Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur - * - * This file has been automatically generated by the script oid.pl - * Do not edit manually! - */ - -typedef struct { - u_char octet; - u_int next; - u_int down; - const u_char *name; -} oid_t; - -extern const oid_t oid_names[]; - -#define OID_UNKNOWN -1 -#define OID_ROLE 35 -#define OID_SUBJECT_KEY_ID 38 -#define OID_SUBJECT_ALT_NAME 41 -#define OID_BASIC_CONSTRAINTS 43 -#define OID_CRL_NUMBER 44 -#define OID_CRL_REASON_CODE 45 -#define OID_CRL_DISTRIBUTION_POINTS 46 -#define OID_AUTHORITY_KEY_ID 48 -#define OID_EXTENDED_KEY_USAGE 49 -#define OID_TARGET_INFORMATION 50 -#define OID_NO_REV_AVAIL 51 -#define OID_RSA_ENCRYPTION 60 -#define OID_MD2_WITH_RSA 61 -#define OID_MD5_WITH_RSA 62 -#define OID_SHA1_WITH_RSA 63 -#define OID_SHA256_WITH_RSA 64 -#define OID_SHA384_WITH_RSA 65 -#define OID_SHA512_WITH_RSA 66 -#define OID_PKCS7_DATA 68 -#define OID_PKCS7_SIGNED_DATA 69 -#define OID_PKCS7_ENVELOPED_DATA 70 -#define OID_PKCS7_SIGNED_ENVELOPED_DATA 71 -#define OID_PKCS7_DIGESTED_DATA 72 -#define OID_PKCS7_ENCRYPTED_DATA 73 -#define OID_PKCS9_EMAIL 75 -#define OID_PKCS9_CONTENT_TYPE 77 -#define OID_PKCS9_MESSAGE_DIGEST 78 -#define OID_PKCS9_SIGNING_TIME 79 -#define OID_MD2 85 -#define OID_MD5 86 -#define OID_3DES_EDE_CBC 88 -#define OID_AUTHORITY_INFO_ACCESS 110 -#define OID_OCSP_SIGNING 120 -#define OID_XMPP_ADDR 122 -#define OID_AUTHENTICATION_INFO 124 -#define OID_ACCESS_IDENTITY 125 -#define OID_CHARGING_IDENTITY 126 -#define OID_GROUP 127 -#define OID_OCSP 129 -#define OID_BASIC 130 -#define OID_NONCE 131 -#define OID_CRL 132 -#define OID_RESPONSE 133 -#define OID_NO_CHECK 134 -#define OID_ARCHIVE_CUTOFF 135 -#define OID_SERVICE_LOCATOR 136 -#define OID_DES_CBC 140 -#define OID_SHA1 141 -#define OID_SHA1_WITH_RSA_OIW 142 -#define OID_SHA256 158 -#define OID_SHA384 159 -#define OID_SHA512 160 -#define OID_NS_REVOCATION_URL 166 -#define OID_NS_CA_REVOCATION_URL 167 -#define OID_NS_CA_POLICY_URL 168 -#define OID_NS_COMMENT 169 -#define OID_PKI_MESSAGE_TYPE 178 -#define OID_PKI_STATUS 179 -#define OID_PKI_FAIL_INFO 180 -#define OID_PKI_SENDER_NONCE 181 -#define OID_PKI_RECIPIENT_NONCE 182 -#define OID_PKI_TRANS_ID 183 diff --git a/src/pluto/oid.pl b/src/pluto/oid.pl deleted file mode 100644 index 52ac8eae0..000000000 --- a/src/pluto/oid.pl +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/perl -# Generates oid.h and oid.c out of oid.txt -# Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation; either version 2 of the License, or (at your -# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# for more details. -# - -$copyright="Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur"; -$automatic="This file has been automatically generated by the script oid.pl"; -$warning="Do not edit manually!"; - -print "oid.pl generating oid.h and oid.c\n"; - -# Generate oid.h - -open(OID_H, ">oid.h") - or die "could not open 'oid.h': $!"; - -print OID_H "/* Object identifiers (OIDs) used by FreeS/WAN\n", - " * ", $copyright, "\n", - " * \n", - " * ", $automatic, "\n", - " * ", $warning, "\n", - " */\n\n", - "typedef struct {\n", - " u_char octet;\n", - " u_int next;\n", - " u_int down;\n", - " const u_char *name;\n", - "} oid_t;\n", - "\n", - "extern const oid_t oid_names[];\n", - "\n", - "#define OID_UNKNOWN -1\n"; - -# parse oid.txt - -open(SRC, "<oid.txt") - or die "could not open 'oid.txt': $!"; - -$counter = 0; -$max_name = 0; -$max_order = 0; - -while ($line = <SRC>) -{ - $line =~ m/( *?)(0x\w{2})\s+(".*?")[ \t]*?([\w_]*?)\Z/; - - @order[$counter] = length($1); - @octet[$counter] = $2; - @name[$counter] = $3; - - if (length($1) > $max_order) - { - $max_order = length($1); - } - if (length($3) > $max_name) - { - $max_name = length($3); - } - if (length($4) > 0) - { - printf OID_H "#define %s%s%d\n", $4, "\t" x ((39-length($4))/8), $counter; - } - $counter++; -} - -close SRC; -close OID_H; - -# Generate oid.c - -open(OID_C, ">oid.c") - or die "could not open 'oid.c': $!"; - -print OID_C "/* List of some useful object identifiers (OIDs)\n", - " * ", $copyright, "\n", - " * \n", - " * ", $automatic, "\n", - " * ", $warning, "\n", - " */\n", - "\n", - "#include <stdlib.h>\n", - "\n", - "#include \"oid.h\"\n", - "\n", - "const oid_t oid_names[] = {\n"; - -for ($c = 0; $c < $counter; $c++) -{ - $next = 0; - - for ($d = $c+1; $d < $counter && @order[$d] >= @order[$c]; $d++) - { - if (@order[$d] == @order[$c]) - { - @next[$c] = $d; - last; - } - } - - printf OID_C " {%s%s,%s%3d, %d, %s%s}%s /* %3d */\n" - ,' ' x @order[$c] - , @octet[$c] - , ' ' x (1 + $max_order - @order[$c]) - , @next[$c] - , @order[$c+1] > @order[$c] - , @name[$c] - , ' ' x ($max_name - length(@name[$c])) - , $c != $counter-1 ? "," : " " - , $c; -} - -print OID_C "};\n" ; -close OID_C; diff --git a/src/pluto/oid.txt b/src/pluto/oid.txt deleted file mode 100644 index 2b3c96ae3..000000000 --- a/src/pluto/oid.txt +++ /dev/null @@ -1,185 +0,0 @@ -0x02 "ITU-T Administration" - 0x82 "" - 0x06 "Germany ITU-T member" - 0x01 "Deutsche Telekom AG" - 0x0A "" - 0x07 "" - 0x14 "ND" -0x09 "data" - 0x92 "" - 0x26 "" - 0x89 "" - 0x93 "" - 0xF2 "" - 0x2C "" - 0x64 "pilot" - 0x01 "pilotAttributeType" - 0x01 "UID" - 0x19 "DC" -0x55 "X.500" - 0x04 "X.509" - 0x03 "CN" - 0x04 "S" - 0x05 "SN" - 0x06 "C" - 0x07 "L" - 0x08 "ST" - 0x0A "O" - 0x0B "OU" - 0x0C "T" - 0x0D "D" - 0x24 "userCertificate" - 0x29 "N" - 0x2A "G" - 0x2B "I" - 0x2D "ID" - 0x48 "role" OID_ROLE - 0x1D "id-ce" - 0x09 "subjectDirectoryAttrs" - 0x0E "subjectKeyIdentifier" OID_SUBJECT_KEY_ID - 0x0F "keyUsage" - 0x10 "privateKeyUsagePeriod" - 0x11 "subjectAltName" OID_SUBJECT_ALT_NAME - 0x12 "issuerAltName" - 0x13 "basicConstraints" OID_BASIC_CONSTRAINTS - 0x14 "crlNumber" OID_CRL_NUMBER - 0x15 "reasonCode" OID_CRL_REASON_CODE - 0x1F "crlDistributionPoints" OID_CRL_DISTRIBUTION_POINTS - 0x20 "certificatePolicies" - 0x23 "authorityKeyIdentifier" OID_AUTHORITY_KEY_ID - 0x25 "extendedKeyUsage" OID_EXTENDED_KEY_USAGE - 0x37 "targetInformation" OID_TARGET_INFORMATION - 0x38 "noRevAvail" OID_NO_REV_AVAIL -0x2A "" - 0x86 "" - 0x48 "" - 0x86 "" - 0xF7 "" - 0x0D "RSADSI" - 0x01 "PKCS" - 0x01 "PKCS-1" - 0x01 "rsaEncryption" OID_RSA_ENCRYPTION - 0x02 "md2WithRSAEncryption" OID_MD2_WITH_RSA - 0x04 "md5WithRSAEncryption" OID_MD5_WITH_RSA - 0x05 "sha-1WithRSAEncryption" OID_SHA1_WITH_RSA - 0x0B "sha256WithRSAEncryption" OID_SHA256_WITH_RSA - 0x0C "sha384WithRSAEncryption" OID_SHA384_WITH_RSA - 0x0D "sha512WithRSAEncryption" OID_SHA512_WITH_RSA - 0x07 "PKCS-7" - 0x01 "data" OID_PKCS7_DATA - 0x02 "signedData" OID_PKCS7_SIGNED_DATA - 0x03 "envelopedData" OID_PKCS7_ENVELOPED_DATA - 0x04 "signedAndEnvelopedData" OID_PKCS7_SIGNED_ENVELOPED_DATA - 0x05 "digestedData" OID_PKCS7_DIGESTED_DATA - 0x06 "encryptedData" OID_PKCS7_ENCRYPTED_DATA - 0x09 "PKCS-9" - 0x01 "E" OID_PKCS9_EMAIL - 0x02 "unstructuredName" - 0x03 "contentType" OID_PKCS9_CONTENT_TYPE - 0x04 "messageDigest" OID_PKCS9_MESSAGE_DIGEST - 0x05 "signingTime" OID_PKCS9_SIGNING_TIME - 0x06 "counterSignature" - 0x07 "challengePassword" - 0x08 "unstructuredAddress" - 0x0E "extensionRequest" - 0x02 "digestAlgorithm" - 0x02 "md2" OID_MD2 - 0x05 "md5" OID_MD5 - 0x03 "encryptionAlgorithm" - 0x07 "3des-ede-cbc" OID_3DES_EDE_CBC -0x2B "" - 0x06 "dod" - 0x01 "internet" - 0x04 "private" - 0x01 "enterprise" - 0x82 "" - 0x37 "Microsoft" - 0x0A "" - 0x03 "" - 0x03 "msSGC" - 0x89 "" - 0x31 "" - 0x01 "" - 0x01 "" - 0x02 "" - 0x02 "" - 0x4B "TCGID" - 0x05 "security" - 0x05 "mechanisms" - 0x07 "id-pkix" - 0x01 "id-pe" - 0x01 "authorityInfoAccess" OID_AUTHORITY_INFO_ACCESS - 0x03 "id-kp" - 0x01 "serverAuth" - 0x02 "clientAuth" - 0x03 "codeSigning" - 0x04 "emailProtection" - 0x05 "ipsecEndSystem" - 0x06 "ipsecTunnel" - 0x07 "ipsecUser" - 0x08 "timeStamping" - 0x09 "ocspSigning" OID_OCSP_SIGNING - 0x08 "id-otherNames" - 0x05 "xmppAddr" OID_XMPP_ADDR - 0x0A "id-aca" - 0x01 "authenticationInfo" OID_AUTHENTICATION_INFO - 0x02 "accessIdentity" OID_ACCESS_IDENTITY - 0x03 "chargingIdentity" OID_CHARGING_IDENTITY - 0x04 "group" OID_GROUP - 0x30 "id-ad" - 0x01 "ocsp" OID_OCSP - 0x01 "basic" OID_BASIC - 0x02 "nonce" OID_NONCE - 0x03 "crl" OID_CRL - 0x04 "response" OID_RESPONSE - 0x05 "noCheck" OID_NO_CHECK - 0x06 "archiveCutoff" OID_ARCHIVE_CUTOFF - 0x07 "serviceLocator" OID_SERVICE_LOCATOR - 0x0E "oiw" - 0x03 "secsig" - 0x02 "algorithms" - 0x07 "des-cbc" OID_DES_CBC - 0x1A "sha-1" OID_SHA1 - 0x1D "sha-1WithRSASignature" OID_SHA1_WITH_RSA_OIW - 0x24 "TeleTrusT" - 0x03 "algorithm" - 0x03 "signatureAlgorithm" - 0x01 "rsaSignature" - 0x02 "rsaSigWithripemd160" - 0x03 "rsaSigWithripemd128" - 0x04 "rsaSigWithripemd256" -0x60 "" - 0x86 "" - 0x48 "" - 0x01 "organization" - 0x65 "gov" - 0x03 "csor" - 0x04 "nistalgorithm" - 0x02 "hashalgs" - 0x01 "id-SHA-256" OID_SHA256 - 0x02 "id-SHA-384" OID_SHA384 - 0x03 "id-SHA-512" OID_SHA512 - 0x86 "" - 0xf8 "" - 0x42 "netscape" - 0x01 "" - 0x01 "nsCertType" - 0x03 "nsRevocationUrl" OID_NS_REVOCATION_URL - 0x04 "nsCaRevocationUrl" OID_NS_CA_REVOCATION_URL - 0x08 "nsCaPolicyUrl" OID_NS_CA_POLICY_URL - 0x0d "nsComment" OID_NS_COMMENT - 0x03 "directory" - 0x01 "" - 0x03 "employeeNumber" - 0x04 "policy" - 0x01 "nsSGC" - 0x45 "verisign" - 0x01 "pki" - 0x09 "attributes" - 0x02 "messageType" OID_PKI_MESSAGE_TYPE - 0x03 "pkiStatus" OID_PKI_STATUS - 0x04 "failInfo" OID_PKI_FAIL_INFO - 0x05 "senderNonce" OID_PKI_SENDER_NONCE - 0x06 "recipientNonce" OID_PKI_RECIPIENT_NONCE - 0x07 "transID" OID_PKI_TRANS_ID - 0x08 "extensionReq" diff --git a/src/pluto/packet.c b/src/pluto/packet.c index 9f04c8bb2..e8a3a1e11 100644 --- a/src/pluto/packet.c +++ b/src/pluto/packet.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: packet.c,v 1.7 2005/01/06 22:39:04 as Exp $ + * RCSID $Id: packet.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/packet.h b/src/pluto/packet.h index 676a5e6cd..1eadf0e02 100644 --- a/src/pluto/packet.h +++ b/src/pluto/packet.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: packet.h,v 1.5 2005/01/06 22:10:15 as Exp $ + * RCSID $Id: packet.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _PACKET_H diff --git a/src/pluto/pem.c b/src/pluto/pem.c index db6d0d7e3..5ebe4b576 100644 --- a/src/pluto/pem.c +++ b/src/pluto/pem.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pem.c,v 1.4 2005/08/17 16:31:24 as Exp $ + * RCSID $Id: pem.c 3252 2007-10-06 21:24:50Z andreas $ */ /* decrypt a PEM encoded data block using DES-EDE3-CBC diff --git a/src/pluto/pem.h b/src/pluto/pem.h index 815b5d85b..e74915cb2 100644 --- a/src/pluto/pem.h +++ b/src/pluto/pem.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pem.h,v 1.1 2004/03/15 20:35:28 as Exp $ + * RCSID $Id: pem.h 3252 2007-10-06 21:24:50Z andreas $ */ extern err_t pemtobin(chunk_t *blob, prompt_pass_t *pass, const char* label diff --git a/src/pluto/pgp.c b/src/pluto/pgp.c index 307303f6b..b956ce4d7 100644 --- a/src/pluto/pgp.c +++ b/src/pluto/pgp.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pgp.c,v 1.7 2006/01/04 21:00:43 as Exp $ + * RCSID $Id: pgp.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> diff --git a/src/pluto/pgp.h b/src/pluto/pgp.h index 4f34debc9..514265086 100644 --- a/src/pluto/pgp.h +++ b/src/pluto/pgp.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pgp.h,v 1.3 2005/08/07 07:50:09 as Exp $ + * RCSID $Id: pgp.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _PGP_H diff --git a/src/pluto/pkcs1.c b/src/pluto/pkcs1.c index ade5fdd94..bb8afde0a 100644 --- a/src/pluto/pkcs1.c +++ b/src/pluto/pkcs1.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pkcs1.c,v 1.17 2006/01/04 21:00:43 as Exp $ + * RCSID $Id: pkcs1.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stddef.h> @@ -27,7 +27,7 @@ #include "defs.h" #include "mp_defs.h" #include "asn1.h" -#include "oid.h" +#include <asn1/oid.h> #include "log.h" #include "pkcs1.h" #include "md2.h" diff --git a/src/pluto/pkcs1.h b/src/pluto/pkcs1.h index c927db0f8..16a6f02b9 100644 --- a/src/pluto/pkcs1.h +++ b/src/pluto/pkcs1.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pkcs1.h,v 1.14 2005/12/06 22:52:12 as Exp $ + * RCSID $Id: pkcs1.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _PKCS1_H diff --git a/src/pluto/pkcs7.c b/src/pluto/pkcs7.c index 3068c0c94..60636f385 100644 --- a/src/pluto/pkcs7.c +++ b/src/pluto/pkcs7.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pkcs7.c,v 1.13 2005/12/22 22:11:24 as Exp $ + * RCSID $Id: pkcs7.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> @@ -25,7 +25,7 @@ #include "constants.h" #include "defs.h" #include "asn1.h" -#include "oid.h" +#include <asn1/oid.h> #include "log.h" #include "x509.h" #include "certs.h" diff --git a/src/pluto/pkcs7.h b/src/pluto/pkcs7.h index 38c633f4e..a577f8022 100644 --- a/src/pluto/pkcs7.h +++ b/src/pluto/pkcs7.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pkcs7.h,v 1.10 2005/12/22 22:11:24 as Exp $ + * RCSID $Id: pkcs7.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _PKCS7_H diff --git a/src/pluto/plutomain.c b/src/pluto/plutomain.c index a5bf82768..fccd2e461 100644 --- a/src/pluto/plutomain.c +++ b/src/pluto/plutomain.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: plutomain.c,v 1.16 2005/09/25 21:30:52 as Exp $ + * RCSID $Id: plutomain.c 3253 2007-10-06 21:39:00Z andreas $ */ #include <stdio.h> @@ -619,8 +619,8 @@ main(int argc, char **argv) /* drop unneeded capabilities and change UID/GID */ hdr.version = _LINUX_CAPABILITY_VERSION; hdr.pid = 0; - data.effective = data.permitted = 1<<CAP_NET_ADMIN | 1<<CAP_NET_BIND_SERVICE; - data.inheritable = 0; + data.inheritable = data.effective = data.permitted = + 1<<CAP_NET_ADMIN | 1<<CAP_NET_BIND_SERVICE; prctl(PR_SET_KEEPCAPS, 1); diff --git a/src/pluto/rcv_whack.c b/src/pluto/rcv_whack.c index 6a39e7c1f..00fed63ea 100644 --- a/src/pluto/rcv_whack.c +++ b/src/pluto/rcv_whack.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: rcv_whack.c,v 1.18 2006/05/25 11:33:57 as Exp $ + * RCSID $Id: rcv_whack.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/rcv_whack.h b/src/pluto/rcv_whack.h index f42761c51..e0582202f 100644 --- a/src/pluto/rcv_whack.h +++ b/src/pluto/rcv_whack.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: rcv_whack.h,v 1.1 2004/03/15 20:35:29 as Exp $ + * RCSID $Id: rcv_whack.h 3252 2007-10-06 21:24:50Z andreas $ */ extern void whack_handle(int kernelfd); diff --git a/src/pluto/rnd.c b/src/pluto/rnd.c index 812882c6b..7941034d8 100644 --- a/src/pluto/rnd.c +++ b/src/pluto/rnd.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: rnd.c,v 1.3 2005/09/08 16:26:30 as Exp $ + * RCSID $Id: rnd.c 3252 2007-10-06 21:24:50Z andreas $ */ /* A true random number generator (we hope) diff --git a/src/pluto/rnd.h b/src/pluto/rnd.h index 0bd168039..e32b68b47 100644 --- a/src/pluto/rnd.h +++ b/src/pluto/rnd.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: rnd.h,v 1.1 2004/03/15 20:35:29 as Exp $ + * RCSID $Id: rnd.h 3252 2007-10-06 21:24:50Z andreas $ */ extern u_char secret_of_the_day[SHA1_DIGEST_SIZE]; diff --git a/src/pluto/server.c b/src/pluto/server.c index 1cc221515..b0e158503 100644 --- a/src/pluto/server.c +++ b/src/pluto/server.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: server.c,v 1.9 2005/09/09 14:15:35 as Exp $ + * RCSID $Id: server.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/server.h b/src/pluto/server.h index d90e47c8f..d0d46a5f4 100644 --- a/src/pluto/server.h +++ b/src/pluto/server.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: server.h,v 1.2 2004/03/22 21:53:20 as Exp $ + * RCSID $Id: server.h 3252 2007-10-06 21:24:50Z andreas $ */ extern int ctl_fd; /* file descriptor of control (whack) socket */ diff --git a/src/pluto/smartcard.c b/src/pluto/smartcard.c index 067d0f046..c46e3cf9a 100644 --- a/src/pluto/smartcard.c +++ b/src/pluto/smartcard.c @@ -18,7 +18,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: smartcard.c,v 1.41 2006/01/04 21:03:52 as Exp $ + * RCSID $Id: smartcard.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> @@ -593,11 +593,13 @@ scx_find_cert_objects(CK_SLOT_ID slot, CK_SESSION_HANDLE session) /* put end entity and ca certificates into different chains */ if (cert->isCA) - add_authcert(cert, AUTH_CA); + { + sc->last_cert.u.x509 = add_authcert(cert, AUTH_CA); + } else { add_x509_public_key(cert, valid_until, DAL_LOCAL); - sc->last_cert.u.x509 = add_x509cert(cert); + sc->last_cert.u.x509 = add_x509cert(cert); } share_cert(sc->last_cert); diff --git a/src/pluto/smartcard.h b/src/pluto/smartcard.h index 864f630a1..a2978a929 100644 --- a/src/pluto/smartcard.h +++ b/src/pluto/smartcard.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: smartcard.h,v 1.14 2005/11/06 22:55:41 as Exp $ + * RCSID $Id: smartcard.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _SMARTCARD_H diff --git a/src/pluto/spdb.c b/src/pluto/spdb.c index 996585135..7003b127a 100644 --- a/src/pluto/spdb.c +++ b/src/pluto/spdb.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: spdb.c,v 1.9 2006/04/22 21:59:20 as Exp $ + * RCSID $Id: spdb.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> @@ -975,8 +975,8 @@ parse_isakmp_sa_body(u_int32_t ipsecdoisit lset_t iap = st->st_policy & POLICY_ID_AUTH_MASK; /* is the initiator the XAUTH client? */ - bool xauth_init = initiator && (st->st_policy & POLICY_XAUTH_SERVER) == LEMPTY - || !initiator && (st->st_policy & POLICY_XAUTH_SERVER) != LEMPTY; + bool xauth_init = ( initiator && (st->st_policy & POLICY_XAUTH_SERVER) == LEMPTY) + || (!initiator && (st->st_policy & POLICY_XAUTH_SERVER) != LEMPTY); switch (val) { diff --git a/src/pluto/spdb.h b/src/pluto/spdb.h index 0df488841..b098e247a 100644 --- a/src/pluto/spdb.h +++ b/src/pluto/spdb.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: spdb.h,v 1.4 2006/04/22 21:59:20 as Exp $ + * RCSID $Id: spdb.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _SPDB_H diff --git a/src/pluto/state.c b/src/pluto/state.c index 80c3156b1..c62e28e99 100644 --- a/src/pluto/state.c +++ b/src/pluto/state.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: state.c,v 1.13 2006/04/29 18:16:02 as Exp $ + * RCSID $Id: state.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/state.h b/src/pluto/state.h index d3a980564..220dce341 100644 --- a/src/pluto/state.h +++ b/src/pluto/state.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: state.h,v 1.11 2006/03/08 22:12:37 as Exp $ + * RCSID $Id: state.h 3252 2007-10-06 21:24:50Z andreas $ */ #include <sys/types.h> diff --git a/src/pluto/timer.c b/src/pluto/timer.c index 9d3f90ce3..aea293098 100644 --- a/src/pluto/timer.c +++ b/src/pluto/timer.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: timer.c,v 1.5 2004/09/17 21:36:57 as Exp $ + * RCSID $Id: timer.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdio.h> diff --git a/src/pluto/timer.h b/src/pluto/timer.h index 92464192c..c772d37f9 100644 --- a/src/pluto/timer.h +++ b/src/pluto/timer.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: timer.h,v 1.2 2004/07/29 18:33:45 as Exp $ + * RCSID $Id: timer.h 3252 2007-10-06 21:24:50Z andreas $ */ extern time_t now(void); /* careful version of time(2) */ diff --git a/src/pluto/vendor.c b/src/pluto/vendor.c index 086cb4dd7..b54f574f2 100644 --- a/src/pluto/vendor.c +++ b/src/pluto/vendor.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: vendor.c,v 1.35 2006/04/12 16:44:28 as Exp $ + * RCSID $Id: vendor.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> @@ -197,15 +197,20 @@ static struct vid_struct _vid_tab[] = { "\xeb\x4c\x1b\x78\x8a\xfd\x4a\x9c\xb7\x73\x0a\x68", 12}, /* - * Windows Vista (and Longhorn?) + * Windows Vista (and Windows Server 2008?) */ DEC_MD5_VID(VISTA_AUTHIP, "MS-Negotiation Discovery Capable") DEC_MD5_VID(VISTA_AUTHIP2, "IKE CGA version 1") + DEC_MD5_VID(VISTA_AUTHIP3, "MS-MamieExists") /* * strongSwan */ - DEC_MD5_VID(STRONGSWAN, "strongSwan 4.1.4") + DEC_MD5_VID(STRONGSWAN, "strongSwan 4.1.8") + DEC_MD5_VID(STRONGSWAN_4_1_7, "strongSwan 4.1.7") + DEC_MD5_VID(STRONGSWAN_4_1_6, "strongSwan 4.1.6") + DEC_MD5_VID(STRONGSWAN_4_1_5, "strongSwan 4.1.5") + DEC_MD5_VID(STRONGSWAN_4_1_4, "strongSwan 4.1.4") DEC_MD5_VID(STRONGSWAN_4_1_3, "strongSwan 4.1.3") DEC_MD5_VID(STRONGSWAN_4_1_2, "strongSwan 4.1.2") DEC_MD5_VID(STRONGSWAN_4_1_1, "strongSwan 4.1.1") @@ -219,6 +224,8 @@ static struct vid_struct _vid_tab[] = { DEC_MD5_VID(STRONGSWAN_4_0_1, "strongSwan 4.0.1") DEC_MD5_VID(STRONGSWAN_4_0_0, "strongSwan 4.0.0") + DEC_MD5_VID(STRONGSWAN_2_8_8, "strongSwan 2.8.8") + DEC_MD5_VID(STRONGSWAN_2_8_7, "strongSwan 2.8.7") DEC_MD5_VID(STRONGSWAN_2_8_6, "strongSwan 2.8.6") DEC_MD5_VID(STRONGSWAN_2_8_5, "strongSwan 2.8.5") DEC_MD5_VID(STRONGSWAN_2_8_4, "strongSwan 2.8.4") diff --git a/src/pluto/vendor.h b/src/pluto/vendor.h index 6c7eeafb3..4f480df30 100644 --- a/src/pluto/vendor.h +++ b/src/pluto/vendor.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: vendor.h,v 1.30 2006/04/12 16:44:28 as Exp $ + * RCSID $Id: vendor.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _VENDOR_H_ @@ -54,43 +54,46 @@ enum known_vendorid { VID_NCP_CLIENT = 33, VID_VISTA_AUTHIP = 34, VID_VISTA_AUTHIP2 = 35, + VID_VISTA_AUTHIP3 = 36, - VID_STRONGSWAN = 36, - VID_STRONGSWAN_2_2_0 = 37, - VID_STRONGSWAN_2_2_1 = 38, - VID_STRONGSWAN_2_2_2 = 39, - VID_STRONGSWAN_2_3_0 = 40, - VID_STRONGSWAN_2_3_1 = 41, - VID_STRONGSWAN_2_3_2 = 42, - VID_STRONGSWAN_2_4_0 = 43, - VID_STRONGSWAN_2_4_1 = 44, - VID_STRONGSWAN_2_4_2 = 45, - VID_STRONGSWAN_2_4_3 = 46, - VID_STRONGSWAN_2_4_4 = 47, - VID_STRONGSWAN_2_5_0 = 48, - VID_STRONGSWAN_2_5_1 = 49, - VID_STRONGSWAN_2_5_2 = 50, - VID_STRONGSWAN_2_5_3 = 51, - VID_STRONGSWAN_2_5_4 = 52, - VID_STRONGSWAN_2_5_5 = 53, - VID_STRONGSWAN_2_5_6 = 54, - VID_STRONGSWAN_2_5_7 = 55, - VID_STRONGSWAN_2_6_0 = 56, - VID_STRONGSWAN_2_6_1 = 57, - VID_STRONGSWAN_2_6_2 = 58, - VID_STRONGSWAN_2_6_3 = 59, - VID_STRONGSWAN_2_6_4 = 60, - VID_STRONGSWAN_2_7_0 = 61, - VID_STRONGSWAN_2_7_1 = 62, - VID_STRONGSWAN_2_7_2 = 63, - VID_STRONGSWAN_2_7_3 = 64, - VID_STRONGSWAN_2_8_0 = 65, - VID_STRONGSWAN_2_8_1 = 66, - VID_STRONGSWAN_2_8_2 = 67, - VID_STRONGSWAN_2_8_3 = 68, - VID_STRONGSWAN_2_8_4 = 69, - VID_STRONGSWAN_2_8_5 = 70, - VID_STRONGSWAN_2_8_6 = 71, + VID_STRONGSWAN = 37, + VID_STRONGSWAN_2_2_0 = 38, + VID_STRONGSWAN_2_2_1 = 39, + VID_STRONGSWAN_2_2_2 = 40, + VID_STRONGSWAN_2_3_0 = 41, + VID_STRONGSWAN_2_3_1 = 42, + VID_STRONGSWAN_2_3_2 = 43, + VID_STRONGSWAN_2_4_0 = 44, + VID_STRONGSWAN_2_4_1 = 45, + VID_STRONGSWAN_2_4_2 = 46, + VID_STRONGSWAN_2_4_3 = 47, + VID_STRONGSWAN_2_4_4 = 48, + VID_STRONGSWAN_2_5_0 = 49, + VID_STRONGSWAN_2_5_1 = 50, + VID_STRONGSWAN_2_5_2 = 51, + VID_STRONGSWAN_2_5_3 = 52, + VID_STRONGSWAN_2_5_4 = 53, + VID_STRONGSWAN_2_5_5 = 54, + VID_STRONGSWAN_2_5_6 = 55, + VID_STRONGSWAN_2_5_7 = 56, + VID_STRONGSWAN_2_6_0 = 57, + VID_STRONGSWAN_2_6_1 = 58, + VID_STRONGSWAN_2_6_2 = 59, + VID_STRONGSWAN_2_6_3 = 60, + VID_STRONGSWAN_2_6_4 = 61, + VID_STRONGSWAN_2_7_0 = 62, + VID_STRONGSWAN_2_7_1 = 63, + VID_STRONGSWAN_2_7_2 = 64, + VID_STRONGSWAN_2_7_3 = 65, + VID_STRONGSWAN_2_8_0 = 66, + VID_STRONGSWAN_2_8_1 = 67, + VID_STRONGSWAN_2_8_2 = 68, + VID_STRONGSWAN_2_8_3 = 69, + VID_STRONGSWAN_2_8_4 = 70, + VID_STRONGSWAN_2_8_5 = 71, + VID_STRONGSWAN_2_8_6 = 72, + VID_STRONGSWAN_2_8_7 = 73, + VID_STRONGSWAN_2_8_8 = 74, VID_STRONGSWAN_4_0_0 = 80, VID_STRONGSWAN_4_0_1 = 81, @@ -104,6 +107,10 @@ enum known_vendorid { VID_STRONGSWAN_4_1_1 = 89, VID_STRONGSWAN_4_1_2 = 90, VID_STRONGSWAN_4_1_3 = 91, + VID_STRONGSWAN_4_1_4 = 92, + VID_STRONGSWAN_4_1_5 = 93, + VID_STRONGSWAN_4_1_6 = 94, + VID_STRONGSWAN_4_1_7 = 95, /* 101 - 200 : NAT-Traversal */ VID_NATT_STENBERG_01 =101, diff --git a/src/pluto/virtual.c b/src/pluto/virtual.c index d1553364e..4a81ee283 100644 --- a/src/pluto/virtual.c +++ b/src/pluto/virtual.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: virtual.c,v 1.4 2004/04/02 10:38:52 as Exp $ + * RCSID $Id: virtual.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <freeswan.h> diff --git a/src/pluto/virtual.h b/src/pluto/virtual.h index 2d5bf27ae..9fe9bdd8d 100644 --- a/src/pluto/virtual.h +++ b/src/pluto/virtual.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: virtual.h,v 1.2 2004/03/22 21:53:20 as Exp $ + * RCSID $Id: virtual.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _VIRTUAL_IP_H diff --git a/src/pluto/x509.c b/src/pluto/x509.c index 2521244f7..c61de6edc 100644 --- a/src/pluto/x509.c +++ b/src/pluto/x509.c @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: x509.c,v 1.36 2006/04/10 16:08:33 as Exp $ + * RCSID $Id: x509.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <stdlib.h> @@ -34,7 +34,7 @@ #include "log.h" #include "id.h" #include "asn1.h" -#include "oid.h" +#include <asn1/oid.h> #include "pkcs1.h" #include "x509.h" #include "crl.h" @@ -1701,8 +1701,7 @@ parse_authorityInfoAccess(chunk_t blob, int level0, chunk_t *accessLocation) chunk_t object; u_int level; int objectID = 0; - - u_int accessMethod = OID_UNKNOWN; + int accessMethod = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, DBG_RAW); @@ -1829,8 +1828,8 @@ parse_x509cert(chunk_t blob, u_int level0, x509cert_t *cert) bool critical; chunk_t object; u_int level; - u_int extn_oid = OID_UNKNOWN; int objectID = 0; + int extn_oid = OID_UNKNOWN; asn1_init(&ctx, blob, level0, FALSE, DBG_RAW); diff --git a/src/pluto/x509.h b/src/pluto/x509.h index d15b3da53..67730bbd0 100644 --- a/src/pluto/x509.h +++ b/src/pluto/x509.h @@ -14,7 +14,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: x509.h,v 1.10 2005/12/06 22:52:44 as Exp $ + * RCSID $Id: x509.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _X509_H diff --git a/src/pluto/xauth.c b/src/pluto/xauth.c index 77ac8dee7..0188b1950 100644 --- a/src/pluto/xauth.c +++ b/src/pluto/xauth.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: xauth.c,v 1.1 2005/01/06 22:10:15 as Exp $ + * RCSID $Id: xauth.c 3252 2007-10-06 21:24:50Z andreas $ */ #include <dlfcn.h> diff --git a/src/pluto/xauth.h b/src/pluto/xauth.h index 740618750..277340ab0 100644 --- a/src/pluto/xauth.h +++ b/src/pluto/xauth.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: xauth.h,v 1.1 2005/01/06 22:10:15 as Exp $ + * RCSID $Id: xauth.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _XAUTH_H |