From 7793611ee71b576dd9c66dee327349fa64e38740 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Mon, 19 Feb 2018 18:17:21 +0100 Subject: New upstream version 5.6.2 --- src/libcharon/Android.mk | 1 - src/libcharon/Makefile.am | 8 +- src/libcharon/Makefile.in | 388 +++---- src/libcharon/config/child_cfg.c | 8 +- src/libcharon/config/child_cfg.h | 2 +- src/libcharon/config/ike_cfg.h | 4 +- src/libcharon/config/peer_cfg.h | 2 +- src/libcharon/config/proposal.c | 1103 -------------------- src/libcharon/config/proposal.h | 237 ----- src/libcharon/daemon.c | 6 - src/libcharon/encoding/generator.h | 4 +- src/libcharon/encoding/message.c | 4 + .../encoding/payloads/proposal_substructure.h | 2 +- .../encoding/payloads/transform_substructure.h | 2 +- src/libcharon/kernel/kernel_interface.c | 2 +- src/libcharon/plugins/certexpire/certexpire_cron.h | 2 +- .../plugins/eap_radius/eap_radius_provider.c | 2 +- .../plugins/eap_radius/eap_radius_xauth.c | 2 +- src/libcharon/plugins/ha/ha_ike.c | 2 +- src/libcharon/plugins/ha/ha_socket.c | 27 +- .../plugins/kernel_netlink/kernel_netlink_net.c | 75 +- .../plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 12 +- .../plugins/kernel_wfp/kernel_wfp_ipsec.c | 2 +- src/libcharon/plugins/lookip/lookip_plugin.c | 2 +- src/libcharon/plugins/osx_attr/osx_attr_handler.c | 2 +- src/libcharon/plugins/save_keys/Makefile.am | 18 + src/libcharon/plugins/save_keys/Makefile.in | 803 ++++++++++++++ .../plugins/save_keys/save_keys_listener.c | 435 ++++++++ .../plugins/save_keys/save_keys_listener.h | 57 + src/libcharon/plugins/save_keys/save_keys_plugin.c | 107 ++ src/libcharon/plugins/save_keys/save_keys_plugin.h | 50 + src/libcharon/plugins/stroke/stroke_config.c | 2 +- src/libcharon/plugins/stroke/stroke_cred.c | 18 +- src/libcharon/plugins/stroke/stroke_list.c | 2 +- src/libcharon/plugins/uci/uci_parser.c | 2 +- src/libcharon/plugins/vici/README.md | 8 +- src/libcharon/plugins/vici/libvici.h | 2 +- src/libcharon/plugins/vici/ruby/Makefile.in | 2 +- src/libcharon/plugins/vici/vici_cred.c | 2 +- src/libcharon/plugins/vici/vici_query.c | 19 +- .../processing/jobs/delete_child_sa_job.h | 2 +- src/libcharon/processing/jobs/rekey_child_sa_job.h | 3 +- src/libcharon/processing/jobs/update_sa_job.h | 2 +- src/libcharon/sa/child_sa.c | 241 +++-- src/libcharon/sa/child_sa.h | 6 +- src/libcharon/sa/eap/eap_manager.h | 2 +- src/libcharon/sa/eap/eap_method.h | 2 +- src/libcharon/sa/ike_sa.c | 30 +- src/libcharon/sa/ike_sa.h | 18 +- src/libcharon/sa/ikev1/phase1.c | 44 +- src/libcharon/sa/ikev1/tasks/mode_config.c | 2 +- src/libcharon/sa/ikev1/tasks/quick_mode.c | 2 +- src/libcharon/sa/ikev2/task_manager_v2.c | 102 +- src/libcharon/sa/ikev2/tasks/child_create.c | 35 +- src/libcharon/sa/ikev2/tasks/child_create.h | 12 +- src/libcharon/sa/ikev2/tasks/child_rekey.c | 12 +- src/libcharon/sa/ikev2/tasks/ike_init.c | 71 +- src/libcharon/sa/ikev2/tasks/ike_mobike.c | 71 +- src/libcharon/sa/keymat.h | 2 +- src/libcharon/sa/task_manager.h | 2 +- src/libcharon/sa/xauth/xauth_manager.h | 2 +- src/libcharon/sa/xauth/xauth_method.h | 2 +- src/libcharon/tests/Makefile.am | 1 - src/libcharon/tests/Makefile.in | 19 - src/libcharon/tests/libcharon_tests.h | 1 - src/libcharon/tests/suites/test_child_rekey.c | 55 + src/libcharon/tests/suites/test_ike_rekey.c | 6 + src/libcharon/tests/suites/test_proposal.c | 171 --- 68 files changed, 2267 insertions(+), 2079 deletions(-) delete mode 100644 src/libcharon/config/proposal.c delete mode 100644 src/libcharon/config/proposal.h create mode 100644 src/libcharon/plugins/save_keys/Makefile.am create mode 100644 src/libcharon/plugins/save_keys/Makefile.in create mode 100644 src/libcharon/plugins/save_keys/save_keys_listener.c create mode 100644 src/libcharon/plugins/save_keys/save_keys_listener.h create mode 100644 src/libcharon/plugins/save_keys/save_keys_plugin.c create mode 100644 src/libcharon/plugins/save_keys/save_keys_plugin.h delete mode 100644 src/libcharon/tests/suites/test_proposal.c (limited to 'src/libcharon') diff --git a/src/libcharon/Android.mk b/src/libcharon/Android.mk index f381860b9..d1fb33702 100644 --- a/src/libcharon/Android.mk +++ b/src/libcharon/Android.mk @@ -16,7 +16,6 @@ config/backend_manager.c config/backend_manager.h config/backend.h \ config/child_cfg.c config/child_cfg.h \ config/ike_cfg.c config/ike_cfg.h \ config/peer_cfg.c config/peer_cfg.h \ -config/proposal.c config/proposal.h \ control/controller.c control/controller.h \ daemon.c daemon.h \ encoding/generator.c encoding/generator.h \ diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am index 964a19ec8..25ac7972c 100644 --- a/src/libcharon/Makefile.am +++ b/src/libcharon/Makefile.am @@ -14,7 +14,6 @@ config/backend_manager.c config/backend_manager.h config/backend.h \ config/child_cfg.c config/child_cfg.h \ config/ike_cfg.c config/ike_cfg.h \ config/peer_cfg.c config/peer_cfg.h \ -config/proposal.c config/proposal.h \ control/controller.c control/controller.h \ daemon.c daemon.h \ encoding/generator.c encoding/generator.h \ @@ -209,6 +208,13 @@ if MONOLITHIC endif endif +if USE_SAVE_KEYS + SUBDIRS += plugins/save_keys +if MONOLITHIC + libcharon_la_LIBADD += plugins/save_keys/libstrongswan-save-keys.la +endif +endif + if USE_SOCKET_DEFAULT SUBDIRS += plugins/socket_default if MONOLITHIC diff --git a/src/libcharon/Makefile.in b/src/libcharon/Makefile.in index d3cbb0fb6..6c39317fa 100644 --- a/src/libcharon/Makefile.in +++ b/src/libcharon/Makefile.in @@ -155,150 +155,152 @@ host_triplet = @host@ @USE_LOAD_TESTER_TRUE@am__append_6 = plugins/load_tester @MONOLITHIC_TRUE@@USE_LOAD_TESTER_TRUE@am__append_7 = plugins/load_tester/libstrongswan-load-tester.la -@USE_SOCKET_DEFAULT_TRUE@am__append_8 = plugins/socket_default -@MONOLITHIC_TRUE@@USE_SOCKET_DEFAULT_TRUE@am__append_9 = plugins/socket_default/libstrongswan-socket-default.la -@USE_SOCKET_DYNAMIC_TRUE@am__append_10 = plugins/socket_dynamic -@MONOLITHIC_TRUE@@USE_SOCKET_DYNAMIC_TRUE@am__append_11 = plugins/socket_dynamic/libstrongswan-socket-dynamic.la -@USE_SOCKET_WIN_TRUE@am__append_12 = plugins/socket_win -@MONOLITHIC_TRUE@@USE_SOCKET_WIN_TRUE@am__append_13 = plugins/socket_win/libstrongswan-socket-win.la -@USE_CONNMARK_TRUE@am__append_14 = plugins/connmark -@MONOLITHIC_TRUE@@USE_CONNMARK_TRUE@am__append_15 = plugins/connmark/libstrongswan-connmark.la -@USE_BYPASS_LAN_TRUE@am__append_16 = plugins/bypass_lan -@MONOLITHIC_TRUE@@USE_BYPASS_LAN_TRUE@am__append_17 = plugins/bypass_lan/libstrongswan-bypass-lan.la -@USE_FORECAST_TRUE@am__append_18 = plugins/forecast -@MONOLITHIC_TRUE@@USE_FORECAST_TRUE@am__append_19 = plugins/forecast/libstrongswan-forecast.la -@USE_FARP_TRUE@am__append_20 = plugins/farp -@MONOLITHIC_TRUE@@USE_FARP_TRUE@am__append_21 = plugins/farp/libstrongswan-farp.la -@USE_COUNTERS_TRUE@am__append_22 = plugins/counters -@MONOLITHIC_TRUE@@USE_COUNTERS_TRUE@am__append_23 = plugins/counters/libstrongswan-counters.la -@USE_STROKE_TRUE@am__append_24 = plugins/stroke -@MONOLITHIC_TRUE@@USE_STROKE_TRUE@am__append_25 = plugins/stroke/libstrongswan-stroke.la -@USE_VICI_TRUE@am__append_26 = plugins/vici -@MONOLITHIC_TRUE@@USE_VICI_TRUE@am__append_27 = plugins/vici/libstrongswan-vici.la -@USE_SMP_TRUE@am__append_28 = plugins/smp -@MONOLITHIC_TRUE@@USE_SMP_TRUE@am__append_29 = plugins/smp/libstrongswan-smp.la -@USE_SQL_TRUE@am__append_30 = plugins/sql -@MONOLITHIC_TRUE@@USE_SQL_TRUE@am__append_31 = plugins/sql/libstrongswan-sql.la -@USE_DNSCERT_TRUE@am__append_32 = plugins/dnscert -@MONOLITHIC_TRUE@@USE_DNSCERT_TRUE@am__append_33 = plugins/dnscert/libstrongswan-dnscert.la -@USE_IPSECKEY_TRUE@am__append_34 = plugins/ipseckey -@MONOLITHIC_TRUE@@USE_IPSECKEY_TRUE@am__append_35 = plugins/ipseckey/libstrongswan-ipseckey.la -@USE_UPDOWN_TRUE@am__append_36 = plugins/updown -@MONOLITHIC_TRUE@@USE_UPDOWN_TRUE@am__append_37 = plugins/updown/libstrongswan-updown.la -@USE_EXT_AUTH_TRUE@am__append_38 = plugins/ext_auth -@MONOLITHIC_TRUE@@USE_EXT_AUTH_TRUE@am__append_39 = plugins/ext_auth/libstrongswan-ext-auth.la -@USE_EAP_IDENTITY_TRUE@am__append_40 = plugins/eap_identity -@MONOLITHIC_TRUE@@USE_EAP_IDENTITY_TRUE@am__append_41 = plugins/eap_identity/libstrongswan-eap-identity.la -@USE_EAP_SIM_TRUE@am__append_42 = plugins/eap_sim -@MONOLITHIC_TRUE@@USE_EAP_SIM_TRUE@am__append_43 = plugins/eap_sim/libstrongswan-eap-sim.la -@USE_EAP_SIM_FILE_TRUE@am__append_44 = plugins/eap_sim_file -@MONOLITHIC_TRUE@@USE_EAP_SIM_FILE_TRUE@am__append_45 = plugins/eap_sim_file/libstrongswan-eap-sim-file.la -@USE_EAP_SIM_PCSC_TRUE@am__append_46 = plugins/eap_sim_pcsc -@MONOLITHIC_TRUE@@USE_EAP_SIM_PCSC_TRUE@am__append_47 = plugins/eap_sim_pcsc/libstrongswan-eap-sim-pcsc.la -@USE_EAP_SIMAKA_SQL_TRUE@am__append_48 = plugins/eap_simaka_sql -@MONOLITHIC_TRUE@@USE_EAP_SIMAKA_SQL_TRUE@am__append_49 = plugins/eap_simaka_sql/libstrongswan-eap-simaka-sql.la -@USE_EAP_SIMAKA_PSEUDONYM_TRUE@am__append_50 = plugins/eap_simaka_pseudonym -@MONOLITHIC_TRUE@@USE_EAP_SIMAKA_PSEUDONYM_TRUE@am__append_51 = plugins/eap_simaka_pseudonym/libstrongswan-eap-simaka-pseudonym.la -@USE_EAP_SIMAKA_REAUTH_TRUE@am__append_52 = plugins/eap_simaka_reauth -@MONOLITHIC_TRUE@@USE_EAP_SIMAKA_REAUTH_TRUE@am__append_53 = plugins/eap_simaka_reauth/libstrongswan-eap-simaka-reauth.la -@USE_EAP_AKA_TRUE@am__append_54 = plugins/eap_aka -@MONOLITHIC_TRUE@@USE_EAP_AKA_TRUE@am__append_55 = plugins/eap_aka/libstrongswan-eap-aka.la -@USE_EAP_AKA_3GPP_TRUE@am__append_56 = plugins/eap_aka_3gpp -@MONOLITHIC_TRUE@@USE_EAP_AKA_3GPP_TRUE@am__append_57 = plugins/eap_aka_3gpp/libstrongswan-eap-aka-3gpp.la -@USE_EAP_AKA_3GPP2_TRUE@am__append_58 = plugins/eap_aka_3gpp2 -@MONOLITHIC_TRUE@@USE_EAP_AKA_3GPP2_TRUE@am__append_59 = plugins/eap_aka_3gpp2/libstrongswan-eap-aka-3gpp2.la -@MONOLITHIC_TRUE@@USE_SIMAKA_TRUE@am__append_60 = $(top_builddir)/src/libsimaka/libsimaka.la -@USE_EAP_MD5_TRUE@am__append_61 = plugins/eap_md5 -@MONOLITHIC_TRUE@@USE_EAP_MD5_TRUE@am__append_62 = plugins/eap_md5/libstrongswan-eap-md5.la -@USE_EAP_GTC_TRUE@am__append_63 = plugins/eap_gtc -@MONOLITHIC_TRUE@@USE_EAP_GTC_TRUE@am__append_64 = plugins/eap_gtc/libstrongswan-eap-gtc.la -@USE_EAP_MSCHAPV2_TRUE@am__append_65 = plugins/eap_mschapv2 -@MONOLITHIC_TRUE@@USE_EAP_MSCHAPV2_TRUE@am__append_66 = plugins/eap_mschapv2/libstrongswan-eap-mschapv2.la -@USE_EAP_DYNAMIC_TRUE@am__append_67 = plugins/eap_dynamic -@MONOLITHIC_TRUE@@USE_EAP_DYNAMIC_TRUE@am__append_68 = plugins/eap_dynamic/libstrongswan-eap-dynamic.la -@USE_EAP_RADIUS_TRUE@am__append_69 = plugins/eap_radius -@MONOLITHIC_TRUE@@USE_EAP_RADIUS_TRUE@am__append_70 = plugins/eap_radius/libstrongswan-eap-radius.la -@USE_EAP_TLS_TRUE@am__append_71 = plugins/eap_tls -@MONOLITHIC_TRUE@@USE_EAP_TLS_TRUE@am__append_72 = plugins/eap_tls/libstrongswan-eap-tls.la -@USE_EAP_TTLS_TRUE@am__append_73 = plugins/eap_ttls -@MONOLITHIC_TRUE@@USE_EAP_TTLS_TRUE@am__append_74 = plugins/eap_ttls/libstrongswan-eap-ttls.la -@USE_EAP_PEAP_TRUE@am__append_75 = plugins/eap_peap -@MONOLITHIC_TRUE@@USE_EAP_PEAP_TRUE@am__append_76 = plugins/eap_peap/libstrongswan-eap-peap.la -@USE_EAP_TNC_TRUE@am__append_77 = plugins/eap_tnc -@MONOLITHIC_TRUE@@USE_EAP_TNC_TRUE@am__append_78 = plugins/eap_tnc/libstrongswan-eap-tnc.la -@MONOLITHIC_TRUE@@USE_TLS_TRUE@am__append_79 = $(top_builddir)/src/libtls/libtls.la -@MONOLITHIC_TRUE@@USE_RADIUS_TRUE@am__append_80 = $(top_builddir)/src/libradius/libradius.la -@USE_TNC_IFMAP_TRUE@am__append_81 = plugins/tnc_ifmap -@MONOLITHIC_TRUE@@USE_TNC_IFMAP_TRUE@am__append_82 = plugins/tnc_ifmap/libstrongswan-tnc-ifmap.la -@USE_TNC_PDP_TRUE@am__append_83 = plugins/tnc_pdp -@MONOLITHIC_TRUE@@USE_TNC_PDP_TRUE@am__append_84 = plugins/tnc_pdp/libstrongswan-tnc-pdp.la -@MONOLITHIC_TRUE@@USE_LIBTNCCS_TRUE@am__append_85 = $(top_builddir)/src/libtnccs/libtnccs.la -@USE_MEDSRV_TRUE@am__append_86 = plugins/medsrv -@MONOLITHIC_TRUE@@USE_MEDSRV_TRUE@am__append_87 = plugins/medsrv/libstrongswan-medsrv.la -@USE_MEDCLI_TRUE@am__append_88 = plugins/medcli -@MONOLITHIC_TRUE@@USE_MEDCLI_TRUE@am__append_89 = plugins/medcli/libstrongswan-medcli.la -@USE_DHCP_TRUE@am__append_90 = plugins/dhcp -@MONOLITHIC_TRUE@@USE_DHCP_TRUE@am__append_91 = plugins/dhcp/libstrongswan-dhcp.la -@USE_OSX_ATTR_TRUE@am__append_92 = plugins/osx_attr -@MONOLITHIC_TRUE@@USE_OSX_ATTR_TRUE@am__append_93 = plugins/osx_attr/libstrongswan-osx-attr.la -@USE_P_CSCF_TRUE@am__append_94 = plugins/p_cscf -@MONOLITHIC_TRUE@@USE_P_CSCF_TRUE@am__append_95 = plugins/p_cscf/libstrongswan-p-cscf.la -@USE_ANDROID_DNS_TRUE@am__append_96 = plugins/android_dns -@MONOLITHIC_TRUE@@USE_ANDROID_DNS_TRUE@am__append_97 = plugins/android_dns/libstrongswan-android-dns.la -@USE_ANDROID_LOG_TRUE@am__append_98 = plugins/android_log -@MONOLITHIC_TRUE@@USE_ANDROID_LOG_TRUE@am__append_99 = plugins/android_log/libstrongswan-android-log.la -@USE_HA_TRUE@am__append_100 = plugins/ha -@MONOLITHIC_TRUE@@USE_HA_TRUE@am__append_101 = plugins/ha/libstrongswan-ha.la -@USE_KERNEL_PFKEY_TRUE@am__append_102 = plugins/kernel_pfkey -@MONOLITHIC_TRUE@@USE_KERNEL_PFKEY_TRUE@am__append_103 = plugins/kernel_pfkey/libstrongswan-kernel-pfkey.la -@USE_KERNEL_PFROUTE_TRUE@am__append_104 = plugins/kernel_pfroute -@MONOLITHIC_TRUE@@USE_KERNEL_PFROUTE_TRUE@am__append_105 = plugins/kernel_pfroute/libstrongswan-kernel-pfroute.la -@USE_KERNEL_NETLINK_TRUE@am__append_106 = plugins/kernel_netlink -@MONOLITHIC_TRUE@@USE_KERNEL_NETLINK_TRUE@am__append_107 = plugins/kernel_netlink/libstrongswan-kernel-netlink.la -@USE_KERNEL_LIBIPSEC_TRUE@am__append_108 = plugins/kernel_libipsec -@MONOLITHIC_TRUE@@USE_KERNEL_LIBIPSEC_TRUE@am__append_109 = plugins/kernel_libipsec/libstrongswan-kernel-libipsec.la -@USE_KERNEL_WFP_TRUE@am__append_110 = plugins/kernel_wfp -@MONOLITHIC_TRUE@@USE_KERNEL_WFP_TRUE@am__append_111 = plugins/kernel_wfp/libstrongswan-kernel-wfp.la -@USE_KERNEL_IPH_TRUE@am__append_112 = plugins/kernel_iph -@MONOLITHIC_TRUE@@USE_KERNEL_IPH_TRUE@am__append_113 = plugins/kernel_iph/libstrongswan-kernel-iph.la -@USE_WHITELIST_TRUE@am__append_114 = plugins/whitelist -@MONOLITHIC_TRUE@@USE_WHITELIST_TRUE@am__append_115 = plugins/whitelist/libstrongswan-whitelist.la -@USE_LOOKIP_TRUE@am__append_116 = plugins/lookip -@MONOLITHIC_TRUE@@USE_LOOKIP_TRUE@am__append_117 = plugins/lookip/libstrongswan-lookip.la -@USE_ERROR_NOTIFY_TRUE@am__append_118 = plugins/error_notify -@MONOLITHIC_TRUE@@USE_ERROR_NOTIFY_TRUE@am__append_119 = plugins/error_notify/libstrongswan-error-notify.la -@USE_CERTEXPIRE_TRUE@am__append_120 = plugins/certexpire -@MONOLITHIC_TRUE@@USE_CERTEXPIRE_TRUE@am__append_121 = plugins/certexpire/libstrongswan-certexpire.la -@USE_SYSTIME_FIX_TRUE@am__append_122 = plugins/systime_fix -@MONOLITHIC_TRUE@@USE_SYSTIME_FIX_TRUE@am__append_123 = plugins/systime_fix/libstrongswan-systime-fix.la -@USE_LED_TRUE@am__append_124 = plugins/led -@MONOLITHIC_TRUE@@USE_LED_TRUE@am__append_125 = plugins/led/libstrongswan-led.la -@USE_DUPLICHECK_TRUE@am__append_126 = plugins/duplicheck -@MONOLITHIC_TRUE@@USE_DUPLICHECK_TRUE@am__append_127 = plugins/duplicheck/libstrongswan-duplicheck.la -@USE_COUPLING_TRUE@am__append_128 = plugins/coupling -@MONOLITHIC_TRUE@@USE_COUPLING_TRUE@am__append_129 = plugins/coupling/libstrongswan-coupling.la -@USE_RADATTR_TRUE@am__append_130 = plugins/radattr -@MONOLITHIC_TRUE@@USE_RADATTR_TRUE@am__append_131 = plugins/radattr/libstrongswan-radattr.la -@USE_UCI_TRUE@am__append_132 = plugins/uci -@MONOLITHIC_TRUE@@USE_UCI_TRUE@am__append_133 = plugins/uci/libstrongswan-uci.la -@USE_ADDRBLOCK_TRUE@am__append_134 = plugins/addrblock -@MONOLITHIC_TRUE@@USE_ADDRBLOCK_TRUE@am__append_135 = plugins/addrblock/libstrongswan-addrblock.la -@USE_UNITY_TRUE@am__append_136 = plugins/unity -@MONOLITHIC_TRUE@@USE_UNITY_TRUE@am__append_137 = plugins/unity/libstrongswan-unity.la -@USE_XAUTH_GENERIC_TRUE@am__append_138 = plugins/xauth_generic -@MONOLITHIC_TRUE@@USE_XAUTH_GENERIC_TRUE@am__append_139 = plugins/xauth_generic/libstrongswan-xauth-generic.la -@USE_XAUTH_EAP_TRUE@am__append_140 = plugins/xauth_eap -@MONOLITHIC_TRUE@@USE_XAUTH_EAP_TRUE@am__append_141 = plugins/xauth_eap/libstrongswan-xauth-eap.la -@USE_XAUTH_PAM_TRUE@am__append_142 = plugins/xauth_pam -@MONOLITHIC_TRUE@@USE_XAUTH_PAM_TRUE@am__append_143 = plugins/xauth_pam/libstrongswan-xauth-pam.la -@USE_XAUTH_NOAUTH_TRUE@am__append_144 = plugins/xauth_noauth -@MONOLITHIC_TRUE@@USE_XAUTH_NOAUTH_TRUE@am__append_145 = plugins/xauth_noauth/libstrongswan-xauth-noauth.la -@USE_RESOLVE_TRUE@am__append_146 = plugins/resolve -@MONOLITHIC_TRUE@@USE_RESOLVE_TRUE@am__append_147 = plugins/resolve/libstrongswan-resolve.la -@USE_ATTR_TRUE@am__append_148 = plugins/attr -@MONOLITHIC_TRUE@@USE_ATTR_TRUE@am__append_149 = plugins/attr/libstrongswan-attr.la -@USE_ATTR_SQL_TRUE@am__append_150 = plugins/attr_sql -@MONOLITHIC_TRUE@@USE_ATTR_SQL_TRUE@am__append_151 = plugins/attr_sql/libstrongswan-attr-sql.la +@USE_SAVE_KEYS_TRUE@am__append_8 = plugins/save_keys +@MONOLITHIC_TRUE@@USE_SAVE_KEYS_TRUE@am__append_9 = plugins/save_keys/libstrongswan-save-keys.la +@USE_SOCKET_DEFAULT_TRUE@am__append_10 = plugins/socket_default +@MONOLITHIC_TRUE@@USE_SOCKET_DEFAULT_TRUE@am__append_11 = plugins/socket_default/libstrongswan-socket-default.la +@USE_SOCKET_DYNAMIC_TRUE@am__append_12 = plugins/socket_dynamic +@MONOLITHIC_TRUE@@USE_SOCKET_DYNAMIC_TRUE@am__append_13 = plugins/socket_dynamic/libstrongswan-socket-dynamic.la +@USE_SOCKET_WIN_TRUE@am__append_14 = plugins/socket_win +@MONOLITHIC_TRUE@@USE_SOCKET_WIN_TRUE@am__append_15 = plugins/socket_win/libstrongswan-socket-win.la +@USE_CONNMARK_TRUE@am__append_16 = plugins/connmark +@MONOLITHIC_TRUE@@USE_CONNMARK_TRUE@am__append_17 = plugins/connmark/libstrongswan-connmark.la +@USE_BYPASS_LAN_TRUE@am__append_18 = plugins/bypass_lan +@MONOLITHIC_TRUE@@USE_BYPASS_LAN_TRUE@am__append_19 = plugins/bypass_lan/libstrongswan-bypass-lan.la +@USE_FORECAST_TRUE@am__append_20 = plugins/forecast +@MONOLITHIC_TRUE@@USE_FORECAST_TRUE@am__append_21 = plugins/forecast/libstrongswan-forecast.la +@USE_FARP_TRUE@am__append_22 = plugins/farp +@MONOLITHIC_TRUE@@USE_FARP_TRUE@am__append_23 = plugins/farp/libstrongswan-farp.la +@USE_COUNTERS_TRUE@am__append_24 = plugins/counters +@MONOLITHIC_TRUE@@USE_COUNTERS_TRUE@am__append_25 = plugins/counters/libstrongswan-counters.la +@USE_STROKE_TRUE@am__append_26 = plugins/stroke +@MONOLITHIC_TRUE@@USE_STROKE_TRUE@am__append_27 = plugins/stroke/libstrongswan-stroke.la +@USE_VICI_TRUE@am__append_28 = plugins/vici +@MONOLITHIC_TRUE@@USE_VICI_TRUE@am__append_29 = plugins/vici/libstrongswan-vici.la +@USE_SMP_TRUE@am__append_30 = plugins/smp +@MONOLITHIC_TRUE@@USE_SMP_TRUE@am__append_31 = plugins/smp/libstrongswan-smp.la +@USE_SQL_TRUE@am__append_32 = plugins/sql +@MONOLITHIC_TRUE@@USE_SQL_TRUE@am__append_33 = plugins/sql/libstrongswan-sql.la +@USE_DNSCERT_TRUE@am__append_34 = plugins/dnscert +@MONOLITHIC_TRUE@@USE_DNSCERT_TRUE@am__append_35 = plugins/dnscert/libstrongswan-dnscert.la +@USE_IPSECKEY_TRUE@am__append_36 = plugins/ipseckey +@MONOLITHIC_TRUE@@USE_IPSECKEY_TRUE@am__append_37 = plugins/ipseckey/libstrongswan-ipseckey.la +@USE_UPDOWN_TRUE@am__append_38 = plugins/updown +@MONOLITHIC_TRUE@@USE_UPDOWN_TRUE@am__append_39 = plugins/updown/libstrongswan-updown.la +@USE_EXT_AUTH_TRUE@am__append_40 = plugins/ext_auth +@MONOLITHIC_TRUE@@USE_EXT_AUTH_TRUE@am__append_41 = plugins/ext_auth/libstrongswan-ext-auth.la +@USE_EAP_IDENTITY_TRUE@am__append_42 = plugins/eap_identity +@MONOLITHIC_TRUE@@USE_EAP_IDENTITY_TRUE@am__append_43 = plugins/eap_identity/libstrongswan-eap-identity.la +@USE_EAP_SIM_TRUE@am__append_44 = plugins/eap_sim +@MONOLITHIC_TRUE@@USE_EAP_SIM_TRUE@am__append_45 = plugins/eap_sim/libstrongswan-eap-sim.la +@USE_EAP_SIM_FILE_TRUE@am__append_46 = plugins/eap_sim_file +@MONOLITHIC_TRUE@@USE_EAP_SIM_FILE_TRUE@am__append_47 = plugins/eap_sim_file/libstrongswan-eap-sim-file.la +@USE_EAP_SIM_PCSC_TRUE@am__append_48 = plugins/eap_sim_pcsc +@MONOLITHIC_TRUE@@USE_EAP_SIM_PCSC_TRUE@am__append_49 = plugins/eap_sim_pcsc/libstrongswan-eap-sim-pcsc.la +@USE_EAP_SIMAKA_SQL_TRUE@am__append_50 = plugins/eap_simaka_sql +@MONOLITHIC_TRUE@@USE_EAP_SIMAKA_SQL_TRUE@am__append_51 = plugins/eap_simaka_sql/libstrongswan-eap-simaka-sql.la +@USE_EAP_SIMAKA_PSEUDONYM_TRUE@am__append_52 = plugins/eap_simaka_pseudonym +@MONOLITHIC_TRUE@@USE_EAP_SIMAKA_PSEUDONYM_TRUE@am__append_53 = plugins/eap_simaka_pseudonym/libstrongswan-eap-simaka-pseudonym.la +@USE_EAP_SIMAKA_REAUTH_TRUE@am__append_54 = plugins/eap_simaka_reauth +@MONOLITHIC_TRUE@@USE_EAP_SIMAKA_REAUTH_TRUE@am__append_55 = plugins/eap_simaka_reauth/libstrongswan-eap-simaka-reauth.la +@USE_EAP_AKA_TRUE@am__append_56 = plugins/eap_aka +@MONOLITHIC_TRUE@@USE_EAP_AKA_TRUE@am__append_57 = plugins/eap_aka/libstrongswan-eap-aka.la +@USE_EAP_AKA_3GPP_TRUE@am__append_58 = plugins/eap_aka_3gpp +@MONOLITHIC_TRUE@@USE_EAP_AKA_3GPP_TRUE@am__append_59 = plugins/eap_aka_3gpp/libstrongswan-eap-aka-3gpp.la +@USE_EAP_AKA_3GPP2_TRUE@am__append_60 = plugins/eap_aka_3gpp2 +@MONOLITHIC_TRUE@@USE_EAP_AKA_3GPP2_TRUE@am__append_61 = plugins/eap_aka_3gpp2/libstrongswan-eap-aka-3gpp2.la +@MONOLITHIC_TRUE@@USE_SIMAKA_TRUE@am__append_62 = $(top_builddir)/src/libsimaka/libsimaka.la +@USE_EAP_MD5_TRUE@am__append_63 = plugins/eap_md5 +@MONOLITHIC_TRUE@@USE_EAP_MD5_TRUE@am__append_64 = plugins/eap_md5/libstrongswan-eap-md5.la +@USE_EAP_GTC_TRUE@am__append_65 = plugins/eap_gtc +@MONOLITHIC_TRUE@@USE_EAP_GTC_TRUE@am__append_66 = plugins/eap_gtc/libstrongswan-eap-gtc.la +@USE_EAP_MSCHAPV2_TRUE@am__append_67 = plugins/eap_mschapv2 +@MONOLITHIC_TRUE@@USE_EAP_MSCHAPV2_TRUE@am__append_68 = plugins/eap_mschapv2/libstrongswan-eap-mschapv2.la +@USE_EAP_DYNAMIC_TRUE@am__append_69 = plugins/eap_dynamic +@MONOLITHIC_TRUE@@USE_EAP_DYNAMIC_TRUE@am__append_70 = plugins/eap_dynamic/libstrongswan-eap-dynamic.la +@USE_EAP_RADIUS_TRUE@am__append_71 = plugins/eap_radius +@MONOLITHIC_TRUE@@USE_EAP_RADIUS_TRUE@am__append_72 = plugins/eap_radius/libstrongswan-eap-radius.la +@USE_EAP_TLS_TRUE@am__append_73 = plugins/eap_tls +@MONOLITHIC_TRUE@@USE_EAP_TLS_TRUE@am__append_74 = plugins/eap_tls/libstrongswan-eap-tls.la +@USE_EAP_TTLS_TRUE@am__append_75 = plugins/eap_ttls +@MONOLITHIC_TRUE@@USE_EAP_TTLS_TRUE@am__append_76 = plugins/eap_ttls/libstrongswan-eap-ttls.la +@USE_EAP_PEAP_TRUE@am__append_77 = plugins/eap_peap +@MONOLITHIC_TRUE@@USE_EAP_PEAP_TRUE@am__append_78 = plugins/eap_peap/libstrongswan-eap-peap.la +@USE_EAP_TNC_TRUE@am__append_79 = plugins/eap_tnc +@MONOLITHIC_TRUE@@USE_EAP_TNC_TRUE@am__append_80 = plugins/eap_tnc/libstrongswan-eap-tnc.la +@MONOLITHIC_TRUE@@USE_TLS_TRUE@am__append_81 = $(top_builddir)/src/libtls/libtls.la +@MONOLITHIC_TRUE@@USE_RADIUS_TRUE@am__append_82 = $(top_builddir)/src/libradius/libradius.la +@USE_TNC_IFMAP_TRUE@am__append_83 = plugins/tnc_ifmap +@MONOLITHIC_TRUE@@USE_TNC_IFMAP_TRUE@am__append_84 = plugins/tnc_ifmap/libstrongswan-tnc-ifmap.la +@USE_TNC_PDP_TRUE@am__append_85 = plugins/tnc_pdp +@MONOLITHIC_TRUE@@USE_TNC_PDP_TRUE@am__append_86 = plugins/tnc_pdp/libstrongswan-tnc-pdp.la +@MONOLITHIC_TRUE@@USE_LIBTNCCS_TRUE@am__append_87 = $(top_builddir)/src/libtnccs/libtnccs.la +@USE_MEDSRV_TRUE@am__append_88 = plugins/medsrv +@MONOLITHIC_TRUE@@USE_MEDSRV_TRUE@am__append_89 = plugins/medsrv/libstrongswan-medsrv.la +@USE_MEDCLI_TRUE@am__append_90 = plugins/medcli +@MONOLITHIC_TRUE@@USE_MEDCLI_TRUE@am__append_91 = plugins/medcli/libstrongswan-medcli.la +@USE_DHCP_TRUE@am__append_92 = plugins/dhcp +@MONOLITHIC_TRUE@@USE_DHCP_TRUE@am__append_93 = plugins/dhcp/libstrongswan-dhcp.la +@USE_OSX_ATTR_TRUE@am__append_94 = plugins/osx_attr +@MONOLITHIC_TRUE@@USE_OSX_ATTR_TRUE@am__append_95 = plugins/osx_attr/libstrongswan-osx-attr.la +@USE_P_CSCF_TRUE@am__append_96 = plugins/p_cscf +@MONOLITHIC_TRUE@@USE_P_CSCF_TRUE@am__append_97 = plugins/p_cscf/libstrongswan-p-cscf.la +@USE_ANDROID_DNS_TRUE@am__append_98 = plugins/android_dns +@MONOLITHIC_TRUE@@USE_ANDROID_DNS_TRUE@am__append_99 = plugins/android_dns/libstrongswan-android-dns.la +@USE_ANDROID_LOG_TRUE@am__append_100 = plugins/android_log +@MONOLITHIC_TRUE@@USE_ANDROID_LOG_TRUE@am__append_101 = plugins/android_log/libstrongswan-android-log.la +@USE_HA_TRUE@am__append_102 = plugins/ha +@MONOLITHIC_TRUE@@USE_HA_TRUE@am__append_103 = plugins/ha/libstrongswan-ha.la +@USE_KERNEL_PFKEY_TRUE@am__append_104 = plugins/kernel_pfkey +@MONOLITHIC_TRUE@@USE_KERNEL_PFKEY_TRUE@am__append_105 = plugins/kernel_pfkey/libstrongswan-kernel-pfkey.la +@USE_KERNEL_PFROUTE_TRUE@am__append_106 = plugins/kernel_pfroute +@MONOLITHIC_TRUE@@USE_KERNEL_PFROUTE_TRUE@am__append_107 = plugins/kernel_pfroute/libstrongswan-kernel-pfroute.la +@USE_KERNEL_NETLINK_TRUE@am__append_108 = plugins/kernel_netlink +@MONOLITHIC_TRUE@@USE_KERNEL_NETLINK_TRUE@am__append_109 = plugins/kernel_netlink/libstrongswan-kernel-netlink.la +@USE_KERNEL_LIBIPSEC_TRUE@am__append_110 = plugins/kernel_libipsec +@MONOLITHIC_TRUE@@USE_KERNEL_LIBIPSEC_TRUE@am__append_111 = plugins/kernel_libipsec/libstrongswan-kernel-libipsec.la +@USE_KERNEL_WFP_TRUE@am__append_112 = plugins/kernel_wfp +@MONOLITHIC_TRUE@@USE_KERNEL_WFP_TRUE@am__append_113 = plugins/kernel_wfp/libstrongswan-kernel-wfp.la +@USE_KERNEL_IPH_TRUE@am__append_114 = plugins/kernel_iph +@MONOLITHIC_TRUE@@USE_KERNEL_IPH_TRUE@am__append_115 = plugins/kernel_iph/libstrongswan-kernel-iph.la +@USE_WHITELIST_TRUE@am__append_116 = plugins/whitelist +@MONOLITHIC_TRUE@@USE_WHITELIST_TRUE@am__append_117 = plugins/whitelist/libstrongswan-whitelist.la +@USE_LOOKIP_TRUE@am__append_118 = plugins/lookip +@MONOLITHIC_TRUE@@USE_LOOKIP_TRUE@am__append_119 = plugins/lookip/libstrongswan-lookip.la +@USE_ERROR_NOTIFY_TRUE@am__append_120 = plugins/error_notify +@MONOLITHIC_TRUE@@USE_ERROR_NOTIFY_TRUE@am__append_121 = plugins/error_notify/libstrongswan-error-notify.la +@USE_CERTEXPIRE_TRUE@am__append_122 = plugins/certexpire +@MONOLITHIC_TRUE@@USE_CERTEXPIRE_TRUE@am__append_123 = plugins/certexpire/libstrongswan-certexpire.la +@USE_SYSTIME_FIX_TRUE@am__append_124 = plugins/systime_fix +@MONOLITHIC_TRUE@@USE_SYSTIME_FIX_TRUE@am__append_125 = plugins/systime_fix/libstrongswan-systime-fix.la +@USE_LED_TRUE@am__append_126 = plugins/led +@MONOLITHIC_TRUE@@USE_LED_TRUE@am__append_127 = plugins/led/libstrongswan-led.la +@USE_DUPLICHECK_TRUE@am__append_128 = plugins/duplicheck +@MONOLITHIC_TRUE@@USE_DUPLICHECK_TRUE@am__append_129 = plugins/duplicheck/libstrongswan-duplicheck.la +@USE_COUPLING_TRUE@am__append_130 = plugins/coupling +@MONOLITHIC_TRUE@@USE_COUPLING_TRUE@am__append_131 = plugins/coupling/libstrongswan-coupling.la +@USE_RADATTR_TRUE@am__append_132 = plugins/radattr +@MONOLITHIC_TRUE@@USE_RADATTR_TRUE@am__append_133 = plugins/radattr/libstrongswan-radattr.la +@USE_UCI_TRUE@am__append_134 = plugins/uci +@MONOLITHIC_TRUE@@USE_UCI_TRUE@am__append_135 = plugins/uci/libstrongswan-uci.la +@USE_ADDRBLOCK_TRUE@am__append_136 = plugins/addrblock +@MONOLITHIC_TRUE@@USE_ADDRBLOCK_TRUE@am__append_137 = plugins/addrblock/libstrongswan-addrblock.la +@USE_UNITY_TRUE@am__append_138 = plugins/unity +@MONOLITHIC_TRUE@@USE_UNITY_TRUE@am__append_139 = plugins/unity/libstrongswan-unity.la +@USE_XAUTH_GENERIC_TRUE@am__append_140 = plugins/xauth_generic +@MONOLITHIC_TRUE@@USE_XAUTH_GENERIC_TRUE@am__append_141 = plugins/xauth_generic/libstrongswan-xauth-generic.la +@USE_XAUTH_EAP_TRUE@am__append_142 = plugins/xauth_eap +@MONOLITHIC_TRUE@@USE_XAUTH_EAP_TRUE@am__append_143 = plugins/xauth_eap/libstrongswan-xauth-eap.la +@USE_XAUTH_PAM_TRUE@am__append_144 = plugins/xauth_pam +@MONOLITHIC_TRUE@@USE_XAUTH_PAM_TRUE@am__append_145 = plugins/xauth_pam/libstrongswan-xauth-pam.la +@USE_XAUTH_NOAUTH_TRUE@am__append_146 = plugins/xauth_noauth +@MONOLITHIC_TRUE@@USE_XAUTH_NOAUTH_TRUE@am__append_147 = plugins/xauth_noauth/libstrongswan-xauth-noauth.la +@USE_RESOLVE_TRUE@am__append_148 = plugins/resolve +@MONOLITHIC_TRUE@@USE_RESOLVE_TRUE@am__append_149 = plugins/resolve/libstrongswan-resolve.la +@USE_ATTR_TRUE@am__append_150 = plugins/attr +@MONOLITHIC_TRUE@@USE_ATTR_TRUE@am__append_151 = plugins/attr/libstrongswan-attr.la +@USE_ATTR_SQL_TRUE@am__append_152 = plugins/attr_sql +@MONOLITHIC_TRUE@@USE_ATTR_SQL_TRUE@am__append_153 = plugins/attr_sql/libstrongswan-attr-sql.la subdir = src/libcharon ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ @@ -361,12 +363,12 @@ libcharon_la_DEPENDENCIES = \ $(am__append_41) $(am__append_43) $(am__append_45) \ $(am__append_47) $(am__append_49) $(am__append_51) \ $(am__append_53) $(am__append_55) $(am__append_57) \ - $(am__append_59) $(am__append_60) $(am__append_62) \ + $(am__append_59) $(am__append_61) $(am__append_62) \ $(am__append_64) $(am__append_66) $(am__append_68) \ $(am__append_70) $(am__append_72) $(am__append_74) \ - $(am__append_76) $(am__append_78) $(am__append_79) \ - $(am__append_80) $(am__append_82) $(am__append_84) \ - $(am__append_85) $(am__append_87) $(am__append_89) \ + $(am__append_76) $(am__append_78) $(am__append_80) \ + $(am__append_81) $(am__append_82) $(am__append_84) \ + $(am__append_86) $(am__append_87) $(am__append_89) \ $(am__append_91) $(am__append_93) $(am__append_95) \ $(am__append_97) $(am__append_99) $(am__append_101) \ $(am__append_103) $(am__append_105) $(am__append_107) \ @@ -377,7 +379,7 @@ libcharon_la_DEPENDENCIES = \ $(am__append_133) $(am__append_135) $(am__append_137) \ $(am__append_139) $(am__append_141) $(am__append_143) \ $(am__append_145) $(am__append_147) $(am__append_149) \ - $(am__append_151) + $(am__append_151) $(am__append_153) am__libcharon_la_SOURCES_DIST = attributes/attributes.c \ attributes/attributes.h attributes/attribute_provider.h \ attributes/attribute_handler.h attributes/attribute_manager.c \ @@ -388,11 +390,11 @@ am__libcharon_la_SOURCES_DIST = attributes/attributes.c \ bus/listeners/file_logger.h config/backend_manager.c \ config/backend_manager.h config/backend.h config/child_cfg.c \ config/child_cfg.h config/ike_cfg.c config/ike_cfg.h \ - config/peer_cfg.c config/peer_cfg.h config/proposal.c \ - config/proposal.h control/controller.c control/controller.h \ - daemon.c daemon.h encoding/generator.c encoding/generator.h \ - encoding/message.c encoding/message.h encoding/parser.c \ - encoding/parser.h encoding/payloads/auth_payload.c \ + config/peer_cfg.c config/peer_cfg.h control/controller.c \ + control/controller.h daemon.c daemon.h encoding/generator.c \ + encoding/generator.h encoding/message.c encoding/message.h \ + encoding/parser.c encoding/parser.h \ + encoding/payloads/auth_payload.c \ encoding/payloads/auth_payload.h \ encoding/payloads/cert_payload.c \ encoding/payloads/cert_payload.h \ @@ -609,10 +611,9 @@ am_libcharon_la_OBJECTS = attributes/attributes.lo \ attributes/attribute_manager.lo attributes/mem_pool.lo \ bus/bus.lo bus/listeners/file_logger.lo \ config/backend_manager.lo config/child_cfg.lo \ - config/ike_cfg.lo config/peer_cfg.lo config/proposal.lo \ - control/controller.lo daemon.lo encoding/generator.lo \ - encoding/message.lo encoding/parser.lo \ - encoding/payloads/auth_payload.lo \ + config/ike_cfg.lo config/peer_cfg.lo control/controller.lo \ + daemon.lo encoding/generator.lo encoding/message.lo \ + encoding/parser.lo encoding/payloads/auth_payload.lo \ encoding/payloads/cert_payload.lo \ encoding/payloads/certreq_payload.lo \ encoding/payloads/configuration_attribute.lo \ @@ -744,22 +745,23 @@ am__define_uniq_tagged_files = \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = . plugins/load_tester plugins/socket_default \ - plugins/socket_dynamic plugins/socket_win plugins/connmark \ - plugins/bypass_lan plugins/forecast plugins/farp \ - plugins/counters plugins/stroke plugins/vici plugins/smp \ - plugins/sql plugins/dnscert plugins/ipseckey plugins/updown \ - plugins/ext_auth plugins/eap_identity plugins/eap_sim \ - plugins/eap_sim_file plugins/eap_sim_pcsc \ - plugins/eap_simaka_sql plugins/eap_simaka_pseudonym \ - plugins/eap_simaka_reauth plugins/eap_aka plugins/eap_aka_3gpp \ - plugins/eap_aka_3gpp2 plugins/eap_md5 plugins/eap_gtc \ - plugins/eap_mschapv2 plugins/eap_dynamic plugins/eap_radius \ - plugins/eap_tls plugins/eap_ttls plugins/eap_peap \ - plugins/eap_tnc plugins/tnc_ifmap plugins/tnc_pdp \ - plugins/medsrv plugins/medcli plugins/dhcp plugins/osx_attr \ - plugins/p_cscf plugins/android_dns plugins/android_log \ - plugins/ha plugins/kernel_pfkey plugins/kernel_pfroute \ +DIST_SUBDIRS = . plugins/load_tester plugins/save_keys \ + plugins/socket_default plugins/socket_dynamic \ + plugins/socket_win plugins/connmark plugins/bypass_lan \ + plugins/forecast plugins/farp plugins/counters plugins/stroke \ + plugins/vici plugins/smp plugins/sql plugins/dnscert \ + plugins/ipseckey plugins/updown plugins/ext_auth \ + plugins/eap_identity plugins/eap_sim plugins/eap_sim_file \ + plugins/eap_sim_pcsc plugins/eap_simaka_sql \ + plugins/eap_simaka_pseudonym plugins/eap_simaka_reauth \ + plugins/eap_aka plugins/eap_aka_3gpp plugins/eap_aka_3gpp2 \ + plugins/eap_md5 plugins/eap_gtc plugins/eap_mschapv2 \ + plugins/eap_dynamic plugins/eap_radius plugins/eap_tls \ + plugins/eap_ttls plugins/eap_peap plugins/eap_tnc \ + plugins/tnc_ifmap plugins/tnc_pdp plugins/medsrv \ + plugins/medcli plugins/dhcp plugins/osx_attr plugins/p_cscf \ + plugins/android_dns plugins/android_log plugins/ha \ + plugins/kernel_pfkey plugins/kernel_pfroute \ plugins/kernel_netlink plugins/kernel_libipsec \ plugins/kernel_wfp plugins/kernel_iph plugins/whitelist \ plugins/lookip plugins/error_notify plugins/certexpire \ @@ -1043,11 +1045,11 @@ libcharon_la_SOURCES = attributes/attributes.c attributes/attributes.h \ bus/listeners/file_logger.h config/backend_manager.c \ config/backend_manager.h config/backend.h config/child_cfg.c \ config/child_cfg.h config/ike_cfg.c config/ike_cfg.h \ - config/peer_cfg.c config/peer_cfg.h config/proposal.c \ - config/proposal.h control/controller.c control/controller.h \ - daemon.c daemon.h encoding/generator.c encoding/generator.h \ - encoding/message.c encoding/message.h encoding/parser.c \ - encoding/parser.h encoding/payloads/auth_payload.c \ + config/peer_cfg.c config/peer_cfg.h control/controller.c \ + control/controller.h daemon.c daemon.h encoding/generator.c \ + encoding/generator.h encoding/message.c encoding/message.h \ + encoding/parser.c encoding/parser.h \ + encoding/payloads/auth_payload.c \ encoding/payloads/auth_payload.h \ encoding/payloads/cert_payload.c \ encoding/payloads/cert_payload.h \ @@ -1163,11 +1165,11 @@ libcharon_la_LIBADD = \ $(am__append_43) $(am__append_45) $(am__append_47) \ $(am__append_49) $(am__append_51) $(am__append_53) \ $(am__append_55) $(am__append_57) $(am__append_59) \ - $(am__append_60) $(am__append_62) $(am__append_64) \ + $(am__append_61) $(am__append_62) $(am__append_64) \ $(am__append_66) $(am__append_68) $(am__append_70) \ $(am__append_72) $(am__append_74) $(am__append_76) \ - $(am__append_78) $(am__append_79) $(am__append_80) \ - $(am__append_82) $(am__append_84) $(am__append_85) \ + $(am__append_78) $(am__append_80) $(am__append_81) \ + $(am__append_82) $(am__append_84) $(am__append_86) \ $(am__append_87) $(am__append_89) $(am__append_91) \ $(am__append_93) $(am__append_95) $(am__append_97) \ $(am__append_99) $(am__append_101) $(am__append_103) \ @@ -1178,7 +1180,8 @@ libcharon_la_LIBADD = \ $(am__append_129) $(am__append_131) $(am__append_133) \ $(am__append_135) $(am__append_137) $(am__append_139) \ $(am__append_141) $(am__append_143) $(am__append_145) \ - $(am__append_147) $(am__append_149) $(am__append_151) + $(am__append_147) $(am__append_149) $(am__append_151) \ + $(am__append_153) EXTRA_DIST = Android.mk @STATIC_PLUGIN_CONSTRUCTORS_TRUE@BUILT_SOURCES = $(srcdir)/plugin_constructors.c @STATIC_PLUGIN_CONSTRUCTORS_TRUE@CLEANFILES = $(srcdir)/plugin_constructors.c @@ -1195,13 +1198,13 @@ EXTRA_DIST = Android.mk @MONOLITHIC_FALSE@ $(am__append_46) $(am__append_48) \ @MONOLITHIC_FALSE@ $(am__append_50) $(am__append_52) \ @MONOLITHIC_FALSE@ $(am__append_54) $(am__append_56) \ -@MONOLITHIC_FALSE@ $(am__append_58) $(am__append_61) \ +@MONOLITHIC_FALSE@ $(am__append_58) $(am__append_60) \ @MONOLITHIC_FALSE@ $(am__append_63) $(am__append_65) \ @MONOLITHIC_FALSE@ $(am__append_67) $(am__append_69) \ @MONOLITHIC_FALSE@ $(am__append_71) $(am__append_73) \ @MONOLITHIC_FALSE@ $(am__append_75) $(am__append_77) \ -@MONOLITHIC_FALSE@ $(am__append_81) $(am__append_83) \ -@MONOLITHIC_FALSE@ $(am__append_86) $(am__append_88) \ +@MONOLITHIC_FALSE@ $(am__append_79) $(am__append_83) \ +@MONOLITHIC_FALSE@ $(am__append_85) $(am__append_88) \ @MONOLITHIC_FALSE@ $(am__append_90) $(am__append_92) \ @MONOLITHIC_FALSE@ $(am__append_94) $(am__append_96) \ @MONOLITHIC_FALSE@ $(am__append_98) $(am__append_100) \ @@ -1217,7 +1220,7 @@ EXTRA_DIST = Android.mk @MONOLITHIC_FALSE@ $(am__append_138) $(am__append_140) \ @MONOLITHIC_FALSE@ $(am__append_142) $(am__append_144) \ @MONOLITHIC_FALSE@ $(am__append_146) $(am__append_148) \ -@MONOLITHIC_FALSE@ $(am__append_150) tests +@MONOLITHIC_FALSE@ $(am__append_150) $(am__append_152) tests # build optional plugins ######################## @@ -1234,13 +1237,13 @@ EXTRA_DIST = Android.mk @MONOLITHIC_TRUE@ $(am__append_46) $(am__append_48) \ @MONOLITHIC_TRUE@ $(am__append_50) $(am__append_52) \ @MONOLITHIC_TRUE@ $(am__append_54) $(am__append_56) \ -@MONOLITHIC_TRUE@ $(am__append_58) $(am__append_61) \ +@MONOLITHIC_TRUE@ $(am__append_58) $(am__append_60) \ @MONOLITHIC_TRUE@ $(am__append_63) $(am__append_65) \ @MONOLITHIC_TRUE@ $(am__append_67) $(am__append_69) \ @MONOLITHIC_TRUE@ $(am__append_71) $(am__append_73) \ @MONOLITHIC_TRUE@ $(am__append_75) $(am__append_77) \ -@MONOLITHIC_TRUE@ $(am__append_81) $(am__append_83) \ -@MONOLITHIC_TRUE@ $(am__append_86) $(am__append_88) \ +@MONOLITHIC_TRUE@ $(am__append_79) $(am__append_83) \ +@MONOLITHIC_TRUE@ $(am__append_85) $(am__append_88) \ @MONOLITHIC_TRUE@ $(am__append_90) $(am__append_92) \ @MONOLITHIC_TRUE@ $(am__append_94) $(am__append_96) \ @MONOLITHIC_TRUE@ $(am__append_98) $(am__append_100) \ @@ -1256,7 +1259,7 @@ EXTRA_DIST = Android.mk @MONOLITHIC_TRUE@ $(am__append_138) $(am__append_140) \ @MONOLITHIC_TRUE@ $(am__append_142) $(am__append_144) \ @MONOLITHIC_TRUE@ $(am__append_146) $(am__append_148) \ -@MONOLITHIC_TRUE@ $(am__append_150) . tests +@MONOLITHIC_TRUE@ $(am__append_150) $(am__append_152) . tests all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -1367,8 +1370,6 @@ config/ike_cfg.lo: config/$(am__dirstamp) \ config/$(DEPDIR)/$(am__dirstamp) config/peer_cfg.lo: config/$(am__dirstamp) \ config/$(DEPDIR)/$(am__dirstamp) -config/proposal.lo: config/$(am__dirstamp) \ - config/$(DEPDIR)/$(am__dirstamp) control/$(am__dirstamp): @$(MKDIR_P) control @: > control/$(am__dirstamp) @@ -1784,7 +1785,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@config/$(DEPDIR)/child_cfg.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@config/$(DEPDIR)/ike_cfg.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@config/$(DEPDIR)/peer_cfg.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@config/$(DEPDIR)/proposal.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@control/$(DEPDIR)/controller.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@encoding/$(DEPDIR)/generator.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@encoding/$(DEPDIR)/message.Plo@am__quote@ diff --git a/src/libcharon/config/child_cfg.c b/src/libcharon/config/child_cfg.c index ec2a12431..3d110e9a2 100644 --- a/src/libcharon/config/child_cfg.c +++ b/src/libcharon/config/child_cfg.c @@ -224,6 +224,10 @@ METHOD(child_cfg_t, select_proposal, proposal_t*, while (prefer_enum->enumerate(prefer_enum, &proposal)) { proposal = proposal->clone(proposal); + if (strip_dh) + { + proposal->strip_dh(proposal, MODP_NONE); + } if (prefer_self) { proposals->reset_enumerator(proposals, match_enum); @@ -234,11 +238,13 @@ METHOD(child_cfg_t, select_proposal, proposal_t*, } while (match_enum->enumerate(match_enum, &match)) { + match = match->clone(match); if (strip_dh) { - proposal->strip_dh(proposal, MODP_NONE); + match->strip_dh(match, MODP_NONE); } selected = proposal->select(proposal, match, prefer_self, private); + match->destroy(match); if (selected) { DBG2(DBG_CFG, "received proposals: %#P", proposals); diff --git a/src/libcharon/config/child_cfg.h b/src/libcharon/config/child_cfg.h index 93904ec71..e2834fa8f 100644 --- a/src/libcharon/config/child_cfg.h +++ b/src/libcharon/config/child_cfg.h @@ -31,7 +31,7 @@ typedef struct child_cfg_create_t child_cfg_create_t; #include #include -#include +#include #include /** diff --git a/src/libcharon/config/ike_cfg.h b/src/libcharon/config/ike_cfg.h index 034996f60..81f2b6906 100644 --- a/src/libcharon/config/ike_cfg.h +++ b/src/libcharon/config/ike_cfg.h @@ -31,7 +31,7 @@ typedef struct ike_cfg_t ike_cfg_t; #include #include #include -#include +#include #include /** @@ -61,7 +61,7 @@ enum fragmentation_t { }; /** - * enum strings fro ike_version_t + * enum strings for ike_version_t */ extern enum_name_t *ike_version_names; diff --git a/src/libcharon/config/peer_cfg.h b/src/libcharon/config/peer_cfg.h index b294ae72f..6074a7cd4 100644 --- a/src/libcharon/config/peer_cfg.h +++ b/src/libcharon/config/peer_cfg.h @@ -32,7 +32,7 @@ typedef struct peer_cfg_create_t peer_cfg_create_t; #include #include #include -#include +#include #include #include #include diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c deleted file mode 100644 index 46c3c9400..000000000 --- a/src/libcharon/config/proposal.c +++ /dev/null @@ -1,1103 +0,0 @@ -/* - * Copyright (C) 2008-2016 Tobias Brunner - * Copyright (C) 2006-2010 Martin Willi - * Copyright (C) 2013-2015 Andreas Steffen - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include - -#include "proposal.h" - -#include -#include -#include - -#include -#include -#include -#include - -ENUM(protocol_id_names, PROTO_NONE, PROTO_IPCOMP, - "PROTO_NONE", - "IKE", - "AH", - "ESP", - "IPCOMP", -); - -typedef struct private_proposal_t private_proposal_t; - -/** - * Private data of an proposal_t object - */ -struct private_proposal_t { - - /** - * Public part - */ - proposal_t public; - - /** - * protocol (ESP or AH) - */ - protocol_id_t protocol; - - /** - * Priority ordered list of transforms, as entry_t - */ - array_t *transforms; - - /** - * senders SPI - */ - uint64_t spi; - - /** - * Proposal number - */ - u_int number; -}; - -/** - * Struct used to store different kinds of algorithms. - */ -typedef struct { - /** Type of the transform */ - transform_type_t type; - /** algorithm identifier */ - uint16_t alg; - /** key size in bits, or zero if not needed */ - uint16_t key_size; -} entry_t; - -METHOD(proposal_t, add_algorithm, void, - private_proposal_t *this, transform_type_t type, - uint16_t alg, uint16_t key_size) -{ - entry_t entry = { - .type = type, - .alg = alg, - .key_size = key_size, - }; - - array_insert(this->transforms, ARRAY_TAIL, &entry); -} - -CALLBACK(alg_filter, bool, - uintptr_t type, enumerator_t *orig, va_list args) -{ - entry_t *entry; - uint16_t *alg, *key_size; - - VA_ARGS_VGET(args, alg, key_size); - - while (orig->enumerate(orig, &entry)) - { - if (entry->type != type) - { - continue; - } - if (alg) - { - *alg = entry->alg; - } - if (key_size) - { - *key_size = entry->key_size; - } - return TRUE; - } - return FALSE; -} - -METHOD(proposal_t, create_enumerator, enumerator_t*, - private_proposal_t *this, transform_type_t type) -{ - return enumerator_create_filter( - array_create_enumerator(this->transforms), - alg_filter, (void*)(uintptr_t)type, NULL); -} - -METHOD(proposal_t, get_algorithm, bool, - private_proposal_t *this, transform_type_t type, - uint16_t *alg, uint16_t *key_size) -{ - enumerator_t *enumerator; - bool found = FALSE; - - enumerator = create_enumerator(this, type); - if (enumerator->enumerate(enumerator, alg, key_size)) - { - found = TRUE; - } - enumerator->destroy(enumerator); - - return found; -} - -METHOD(proposal_t, has_dh_group, bool, - private_proposal_t *this, diffie_hellman_group_t group) -{ - bool found = FALSE, any = FALSE; - enumerator_t *enumerator; - uint16_t current; - - enumerator = create_enumerator(this, DIFFIE_HELLMAN_GROUP); - while (enumerator->enumerate(enumerator, ¤t, NULL)) - { - any = TRUE; - if (current == group) - { - found = TRUE; - break; - } - } - enumerator->destroy(enumerator); - - if (!any && group == MODP_NONE) - { - found = TRUE; - } - return found; -} - -METHOD(proposal_t, strip_dh, void, - private_proposal_t *this, diffie_hellman_group_t keep) -{ - enumerator_t *enumerator; - entry_t *entry; - - enumerator = array_create_enumerator(this->transforms); - while (enumerator->enumerate(enumerator, &entry)) - { - if (entry->type == DIFFIE_HELLMAN_GROUP && - entry->alg != keep) - { - array_remove_at(this->transforms, enumerator); - } - } - enumerator->destroy(enumerator); -} - -/** - * Select a matching proposal from this and other, insert into selected. - */ -static bool select_algo(private_proposal_t *this, proposal_t *other, - proposal_t *selected, transform_type_t type, bool priv) -{ - enumerator_t *e1, *e2; - uint16_t alg1, alg2, ks1, ks2; - bool found = FALSE, optional = FALSE; - - if (type == INTEGRITY_ALGORITHM && - selected->get_algorithm(selected, ENCRYPTION_ALGORITHM, &alg1, NULL) && - encryption_algorithm_is_aead(alg1)) - { - /* no integrity algorithm required, we have an AEAD */ - return TRUE; - } - if (type == DIFFIE_HELLMAN_GROUP) - { - optional = this->protocol == PROTO_ESP || this->protocol == PROTO_AH; - } - - e1 = create_enumerator(this, type); - e2 = other->create_enumerator(other, type); - if (!e1->enumerate(e1, &alg1, NULL)) - { - if (!e2->enumerate(e2, &alg2, NULL)) - { - found = TRUE; - } - else if (optional) - { - do - { /* if NONE is proposed, we accept the proposal */ - found = !alg2; - } - while (!found && e2->enumerate(e2, &alg2, NULL)); - } - } - else if (!e2->enumerate(e2, NULL, NULL)) - { - if (optional) - { - do - { /* if NONE is proposed, we accept the proposal */ - found = !alg1; - } - while (!found && e1->enumerate(e1, &alg1, NULL)); - } - } - - e1->destroy(e1); - e1 = create_enumerator(this, type); - /* compare algs, order of algs in "first" is preferred */ - while (!found && e1->enumerate(e1, &alg1, &ks1)) - { - e2->destroy(e2); - e2 = other->create_enumerator(other, type); - while (e2->enumerate(e2, &alg2, &ks2)) - { - if (alg1 == alg2 && ks1 == ks2) - { - if (!priv && alg1 >= 1024) - { - /* accept private use algorithms only if requested */ - DBG1(DBG_CFG, "an algorithm from private space would match, " - "but peer implementation is unknown, skipped"); - continue; - } - selected->add_algorithm(selected, type, alg1, ks1); - found = TRUE; - break; - } - } - } - /* no match in all comparisons */ - e1->destroy(e1); - e2->destroy(e2); - - if (!found) - { - DBG2(DBG_CFG, " no acceptable %N found", transform_type_names, type); - } - return found; -} - -METHOD(proposal_t, select_proposal, proposal_t*, - private_proposal_t *this, proposal_t *other, bool other_remote, - bool private) -{ - proposal_t *selected; - - DBG2(DBG_CFG, "selecting proposal:"); - - if (this->protocol != other->get_protocol(other)) - { - DBG2(DBG_CFG, " protocol mismatch, skipping"); - return NULL; - } - - if (other_remote) - { - selected = proposal_create(this->protocol, other->get_number(other)); - selected->set_spi(selected, other->get_spi(other)); - } - else - { - selected = proposal_create(this->protocol, this->number); - selected->set_spi(selected, this->spi); - - } - - if (!select_algo(this, other, selected, ENCRYPTION_ALGORITHM, private) || - !select_algo(this, other, selected, PSEUDO_RANDOM_FUNCTION, private) || - !select_algo(this, other, selected, INTEGRITY_ALGORITHM, private) || - !select_algo(this, other, selected, DIFFIE_HELLMAN_GROUP, private) || - !select_algo(this, other, selected, EXTENDED_SEQUENCE_NUMBERS, private)) - { - selected->destroy(selected); - return NULL; - } - - DBG2(DBG_CFG, " proposal matches"); - return selected; -} - -METHOD(proposal_t, get_protocol, protocol_id_t, - private_proposal_t *this) -{ - return this->protocol; -} - -METHOD(proposal_t, set_spi, void, - private_proposal_t *this, uint64_t spi) -{ - this->spi = spi; -} - -METHOD(proposal_t, get_spi, uint64_t, - private_proposal_t *this) -{ - return this->spi; -} - -/** - * Check if two proposals have the same algorithms for a given transform type - */ -static bool algo_list_equals(private_proposal_t *this, proposal_t *other, - transform_type_t type) -{ - enumerator_t *e1, *e2; - uint16_t alg1, alg2, ks1, ks2; - bool equals = TRUE; - - e1 = create_enumerator(this, type); - e2 = other->create_enumerator(other, type); - while (e1->enumerate(e1, &alg1, &ks1)) - { - if (!e2->enumerate(e2, &alg2, &ks2)) - { - /* this has more algs */ - equals = FALSE; - break; - } - if (alg1 != alg2 || ks1 != ks2) - { - equals = FALSE; - break; - } - } - if (e2->enumerate(e2, &alg2, &ks2)) - { - /* other has more algs */ - equals = FALSE; - } - e1->destroy(e1); - e2->destroy(e2); - - return equals; -} - -METHOD(proposal_t, get_number, u_int, - private_proposal_t *this) -{ - return this->number; -} - -METHOD(proposal_t, equals, bool, - private_proposal_t *this, proposal_t *other) -{ - if (&this->public == other) - { - return TRUE; - } - return ( - algo_list_equals(this, other, ENCRYPTION_ALGORITHM) && - algo_list_equals(this, other, INTEGRITY_ALGORITHM) && - algo_list_equals(this, other, PSEUDO_RANDOM_FUNCTION) && - algo_list_equals(this, other, DIFFIE_HELLMAN_GROUP) && - algo_list_equals(this, other, EXTENDED_SEQUENCE_NUMBERS)); -} - -METHOD(proposal_t, clone_, proposal_t*, - private_proposal_t *this) -{ - private_proposal_t *clone; - enumerator_t *enumerator; - entry_t *entry; - - clone = (private_proposal_t*)proposal_create(this->protocol, 0); - - enumerator = array_create_enumerator(this->transforms); - while (enumerator->enumerate(enumerator, &entry)) - { - array_insert(clone->transforms, ARRAY_TAIL, entry); - } - enumerator->destroy(enumerator); - - clone->spi = this->spi; - clone->number = this->number; - - return &clone->public; -} - -/** - * Map integrity algorithms to the PRF functions using the same algorithm. - */ -static const struct { - integrity_algorithm_t integ; - pseudo_random_function_t prf; -} integ_prf_map[] = { - {AUTH_HMAC_SHA1_96, PRF_HMAC_SHA1 }, - {AUTH_HMAC_SHA1_160, PRF_HMAC_SHA1 }, - {AUTH_HMAC_SHA2_256_128, PRF_HMAC_SHA2_256 }, - {AUTH_HMAC_SHA2_384_192, PRF_HMAC_SHA2_384 }, - {AUTH_HMAC_SHA2_512_256, PRF_HMAC_SHA2_512 }, - {AUTH_HMAC_MD5_96, PRF_HMAC_MD5 }, - {AUTH_HMAC_MD5_128, PRF_HMAC_MD5 }, - {AUTH_AES_XCBC_96, PRF_AES128_XCBC }, - {AUTH_CAMELLIA_XCBC_96, PRF_CAMELLIA128_XCBC }, - {AUTH_AES_CMAC_96, PRF_AES128_CMAC }, -}; - -/** - * Remove all entries of the given transform type - */ -static void remove_transform(private_proposal_t *this, transform_type_t type) -{ - enumerator_t *e; - entry_t *entry; - - e = array_create_enumerator(this->transforms); - while (e->enumerate(e, &entry)) - { - if (entry->type == type) - { - array_remove_at(this->transforms, e); - } - } - e->destroy(e); -} - -/** - * Checks the proposal read from a string. - */ -static bool check_proposal(private_proposal_t *this) -{ - enumerator_t *e; - entry_t *entry; - uint16_t alg, ks; - bool all_aead = TRUE, any_aead = FALSE, any_enc = FALSE; - int i; - - if (this->protocol == PROTO_IKE) - { - if (!get_algorithm(this, PSEUDO_RANDOM_FUNCTION, NULL, NULL)) - { /* No explicit PRF found. We assume the same algorithm as used - * for integrity checking. */ - e = create_enumerator(this, INTEGRITY_ALGORITHM); - while (e->enumerate(e, &alg, &ks)) - { - for (i = 0; i < countof(integ_prf_map); i++) - { - if (alg == integ_prf_map[i].integ) - { - add_algorithm(this, PSEUDO_RANDOM_FUNCTION, - integ_prf_map[i].prf, 0); - break; - } - } - } - e->destroy(e); - } - if (!get_algorithm(this, PSEUDO_RANDOM_FUNCTION, NULL, NULL)) - { - DBG1(DBG_CFG, "a PRF algorithm is mandatory in IKE proposals"); - return FALSE; - } - /* remove MODP_NONE from IKE proposal */ - e = array_create_enumerator(this->transforms); - while (e->enumerate(e, &entry)) - { - if (entry->type == DIFFIE_HELLMAN_GROUP && !entry->alg) - { - array_remove_at(this->transforms, e); - } - } - e->destroy(e); - if (!get_algorithm(this, DIFFIE_HELLMAN_GROUP, NULL, NULL)) - { - DBG1(DBG_CFG, "a DH group is mandatory in IKE proposals"); - return FALSE; - } - } - else - { /* remove PRFs from ESP/AH proposals */ - remove_transform(this, PSEUDO_RANDOM_FUNCTION); - } - - if (this->protocol == PROTO_IKE || this->protocol == PROTO_ESP) - { - e = create_enumerator(this, ENCRYPTION_ALGORITHM); - while (e->enumerate(e, &alg, &ks)) - { - any_enc = TRUE; - if (encryption_algorithm_is_aead(alg)) - { - any_aead = TRUE; - continue; - } - all_aead = FALSE; - } - e->destroy(e); - - if (!any_enc) - { - DBG1(DBG_CFG, "an encryption algorithm is mandatory in %N proposals", - protocol_id_names, this->protocol); - return FALSE; - } - else if (any_aead && !all_aead) - { - DBG1(DBG_CFG, "classic and combined-mode (AEAD) encryption " - "algorithms can't be contained in the same %N proposal", - protocol_id_names, this->protocol); - return FALSE; - } - else if (all_aead) - { /* if all encryption algorithms in the proposal are AEADs, - * we MUST NOT propose any integrity algorithms */ - remove_transform(this, INTEGRITY_ALGORITHM); - } - } - else - { /* AES-GMAC is parsed as encryption algorithm, so we map that to the - * proper integrity algorithm */ - e = array_create_enumerator(this->transforms); - while (e->enumerate(e, &entry)) - { - if (entry->type == ENCRYPTION_ALGORITHM) - { - if (entry->alg == ENCR_NULL_AUTH_AES_GMAC) - { - entry->type = INTEGRITY_ALGORITHM; - ks = entry->key_size; - entry->key_size = 0; - switch (ks) - { - case 128: - entry->alg = AUTH_AES_128_GMAC; - continue; - case 192: - entry->alg = AUTH_AES_192_GMAC; - continue; - case 256: - entry->alg = AUTH_AES_256_GMAC; - continue; - default: - break; - } - } - /* remove all other encryption algorithms */ - array_remove_at(this->transforms, e); - } - } - e->destroy(e); - - if (!get_algorithm(this, INTEGRITY_ALGORITHM, NULL, NULL)) - { - DBG1(DBG_CFG, "an integrity algorithm is mandatory in AH " - "proposals"); - return FALSE; - } - } - - if (this->protocol == PROTO_AH || this->protocol == PROTO_ESP) - { - if (!get_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NULL, NULL)) - { /* ESN not specified, assume not supported */ - add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0); - } - } - - array_compress(this->transforms); - return TRUE; -} - -/** - * add a algorithm identified by a string to the proposal. - */ -static bool add_string_algo(private_proposal_t *this, const char *alg) -{ - const proposal_token_t *token; - - token = lib->proposal->get_token(lib->proposal, alg); - if (token == NULL) - { - DBG1(DBG_CFG, "algorithm '%s' not recognized", alg); - return FALSE; - } - - add_algorithm(this, token->type, token->algorithm, token->keysize); - - return TRUE; -} - -/** - * print all algorithms of a kind to buffer - */ -static int print_alg(private_proposal_t *this, printf_hook_data_t *data, - u_int kind, void *names, bool *first) -{ - enumerator_t *enumerator; - size_t written = 0; - uint16_t alg, size; - - enumerator = create_enumerator(this, kind); - while (enumerator->enumerate(enumerator, &alg, &size)) - { - if (*first) - { - written += print_in_hook(data, "%N", names, alg); - *first = FALSE; - } - else - { - written += print_in_hook(data, "/%N", names, alg); - } - if (size) - { - written += print_in_hook(data, "_%u", size); - } - } - enumerator->destroy(enumerator); - return written; -} - -/** - * Described in header. - */ -int proposal_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec, - const void *const *args) -{ - private_proposal_t *this = *((private_proposal_t**)(args[0])); - linked_list_t *list = *((linked_list_t**)(args[0])); - enumerator_t *enumerator; - size_t written = 0; - bool first = TRUE; - - if (this == NULL) - { - return print_in_hook(data, "(null)"); - } - - if (spec->hash) - { - enumerator = list->create_enumerator(list); - while (enumerator->enumerate(enumerator, &this)) - { /* call recursivly */ - if (first) - { - written += print_in_hook(data, "%P", this); - first = FALSE; - } - else - { - written += print_in_hook(data, ", %P", this); - } - } - enumerator->destroy(enumerator); - return written; - } - - written = print_in_hook(data, "%N:", protocol_id_names, this->protocol); - written += print_alg(this, data, ENCRYPTION_ALGORITHM, - encryption_algorithm_names, &first); - written += print_alg(this, data, INTEGRITY_ALGORITHM, - integrity_algorithm_names, &first); - written += print_alg(this, data, PSEUDO_RANDOM_FUNCTION, - pseudo_random_function_names, &first); - written += print_alg(this, data, DIFFIE_HELLMAN_GROUP, - diffie_hellman_group_names, &first); - written += print_alg(this, data, EXTENDED_SEQUENCE_NUMBERS, - extended_sequence_numbers_names, &first); - return written; -} - -METHOD(proposal_t, destroy, void, - private_proposal_t *this) -{ - array_destroy(this->transforms); - free(this); -} - -/* - * Described in header - */ -proposal_t *proposal_create(protocol_id_t protocol, u_int number) -{ - private_proposal_t *this; - - INIT(this, - .public = { - .add_algorithm = _add_algorithm, - .create_enumerator = _create_enumerator, - .get_algorithm = _get_algorithm, - .has_dh_group = _has_dh_group, - .strip_dh = _strip_dh, - .select = _select_proposal, - .get_protocol = _get_protocol, - .set_spi = _set_spi, - .get_spi = _get_spi, - .get_number = _get_number, - .equals = _equals, - .clone = _clone_, - .destroy = _destroy, - }, - .protocol = protocol, - .number = number, - .transforms = array_create(sizeof(entry_t), 0), - ); - - return &this->public; -} - -/** - * Add supported IKE algorithms to proposal - */ -static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) -{ - enumerator_t *enumerator; - encryption_algorithm_t encryption; - integrity_algorithm_t integrity; - pseudo_random_function_t prf; - diffie_hellman_group_t group; - const char *plugin_name; - - if (aead) - { - /* Round 1 adds algorithms with at least 128 bit security strength */ - enumerator = lib->crypto->create_aead_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) - { - switch (encryption) - { - case ENCR_AES_GCM_ICV16: - case ENCR_AES_CCM_ICV16: - case ENCR_CAMELLIA_CCM_ICV16: - /* we assume that we support all AES/Camellia sizes */ - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 128); - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 192); - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256); - break; - case ENCR_CHACHA20_POLY1305: - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 2 adds algorithms with less than 128 bit security strength */ - enumerator = lib->crypto->create_aead_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) - { - switch (encryption) - { - case ENCR_AES_GCM_ICV12: - case ENCR_AES_GCM_ICV8: - case ENCR_AES_CCM_ICV12: - case ENCR_AES_CCM_ICV8: - case ENCR_CAMELLIA_CCM_ICV12: - case ENCR_CAMELLIA_CCM_ICV8: - /* we assume that we support all AES/Camellia sizes */ - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 128); - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 192); - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - if (!array_count(this->transforms)) - { - return FALSE; - } - } - else - { - /* Round 1 adds algorithms with at least 128 bit security strength */ - enumerator = lib->crypto->create_crypter_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) - { - switch (encryption) - { - case ENCR_AES_CBC: - case ENCR_AES_CTR: - case ENCR_CAMELLIA_CBC: - case ENCR_CAMELLIA_CTR: - /* we assume that we support all AES/Camellia sizes */ - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 128); - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 192); - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 2 adds algorithms with less than 128 bit security strength */ - enumerator = lib->crypto->create_crypter_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) - { - switch (encryption) - { - case ENCR_3DES: - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 0); - break; - case ENCR_DES: - /* no, thanks */ - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - if (!array_count(this->transforms)) - { - return FALSE; - } - - /* Round 1 adds algorithms with at least 128 bit security strength */ - enumerator = lib->crypto->create_signer_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &integrity, &plugin_name)) - { - switch (integrity) - { - case AUTH_HMAC_SHA2_256_128: - case AUTH_HMAC_SHA2_384_192: - case AUTH_HMAC_SHA2_512_256: - add_algorithm(this, INTEGRITY_ALGORITHM, integrity, 0); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 2 adds algorithms with less than 128 bit security strength */ - enumerator = lib->crypto->create_signer_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &integrity, &plugin_name)) - { - switch (integrity) - { - case AUTH_AES_XCBC_96: - case AUTH_AES_CMAC_96: - case AUTH_HMAC_SHA1_96: - add_algorithm(this, INTEGRITY_ALGORITHM, integrity, 0); - break; - case AUTH_HMAC_MD5_96: - /* no, thanks */ - default: - break; - } - } - enumerator->destroy(enumerator); - } - - /* Round 1 adds algorithms with at least 128 bit security strength */ - enumerator = lib->crypto->create_prf_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &prf, &plugin_name)) - { - switch (prf) - { - case PRF_HMAC_SHA2_256: - case PRF_HMAC_SHA2_384: - case PRF_HMAC_SHA2_512: - case PRF_AES128_XCBC: - case PRF_AES128_CMAC: - add_algorithm(this, PSEUDO_RANDOM_FUNCTION, prf, 0); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 2 adds algorithms with less than 128 bit security strength */ - enumerator = lib->crypto->create_prf_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &prf, &plugin_name)) - { - switch (prf) - { - case PRF_HMAC_SHA1: - add_algorithm(this, PSEUDO_RANDOM_FUNCTION, prf, 0); - break; - case PRF_HMAC_MD5: - /* no, thanks */ - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 1 adds ECC and NTRU algorithms with at least 128 bit security strength */ - enumerator = lib->crypto->create_dh_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &group, &plugin_name)) - { - switch (group) - { - case ECP_256_BIT: - case ECP_384_BIT: - case ECP_521_BIT: - case ECP_256_BP: - case ECP_384_BP: - case ECP_512_BP: - case CURVE_25519: - case CURVE_448: - case NTRU_128_BIT: - case NTRU_192_BIT: - case NTRU_256_BIT: - case NH_128_BIT: - add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 2 adds other algorithms with at least 128 bit security strength */ - enumerator = lib->crypto->create_dh_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &group, &plugin_name)) - { - switch (group) - { - case MODP_3072_BIT: - case MODP_4096_BIT: - case MODP_8192_BIT: - add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - /* Round 3 adds algorithms with less than 128 bit security strength */ - enumerator = lib->crypto->create_dh_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &group, &plugin_name)) - { - switch (group) - { - case MODP_NULL: - /* only for testing purposes */ - break; - case MODP_768_BIT: - case MODP_1024_BIT: - case MODP_1536_BIT: - /* weak */ - break; - case MODP_1024_160: - case MODP_2048_224: - case MODP_2048_256: - /* RFC 5114 primes are of questionable source */ - break; - case ECP_224_BIT: - case ECP_224_BP: - case ECP_192_BIT: - case NTRU_112_BIT: - /* rarely used */ - break; - case MODP_2048_BIT: - add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0); - break; - default: - break; - } - } - enumerator->destroy(enumerator); - - return TRUE; -} - -/* - * Described in header - */ -proposal_t *proposal_create_default(protocol_id_t protocol) -{ - private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0); - - switch (protocol) - { - case PROTO_IKE: - if (!proposal_add_supported_ike(this, FALSE)) - { - destroy(this); - return NULL; - } - break; - case PROTO_ESP: - add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128); - add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192); - add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0); - add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0); - break; - case PROTO_AH: - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); - add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0); - add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0); - break; - default: - break; - } - return &this->public; -} - -/* - * Described in header - */ -proposal_t *proposal_create_default_aead(protocol_id_t protocol) -{ - private_proposal_t *this; - - switch (protocol) - { - case PROTO_IKE: - this = (private_proposal_t*)proposal_create(protocol, 0); - if (!proposal_add_supported_ike(this, TRUE)) - { - destroy(this); - return NULL; - } - return &this->public; - case PROTO_ESP: - /* we currently don't include any AEAD proposal for ESP, as we - * don't know if our kernel backend actually supports it. */ - return NULL; - case PROTO_AH: - default: - return NULL; - } -} - -/* - * Described in header - */ -proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs) -{ - private_proposal_t *this; - enumerator_t *enumerator; - bool failed = TRUE; - char *alg; - - this = (private_proposal_t*)proposal_create(protocol, 0); - - /* get all tokens, separated by '-' */ - enumerator = enumerator_create_token(algs, "-", " "); - while (enumerator->enumerate(enumerator, &alg)) - { - if (!add_string_algo(this, alg)) - { - failed = TRUE; - break; - } - failed = FALSE; - } - enumerator->destroy(enumerator); - - if (failed || !check_proposal(this)) - { - destroy(this); - return NULL; - } - - return &this->public; -} diff --git a/src/libcharon/config/proposal.h b/src/libcharon/config/proposal.h deleted file mode 100644 index 0dc70f4c5..000000000 --- a/src/libcharon/config/proposal.h +++ /dev/null @@ -1,237 +0,0 @@ -/* - * Copyright (C) 2009-2016 Tobias Brunner - * Copyright (C) 2006 Martin Willi - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup proposal proposal - * @{ @ingroup config - */ - -#ifndef PROPOSAL_H_ -#define PROPOSAL_H_ - -typedef enum protocol_id_t protocol_id_t; -typedef enum extended_sequence_numbers_t extended_sequence_numbers_t; -typedef struct proposal_t proposal_t; - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/** - * Protocol ID of a proposal. - */ -enum protocol_id_t { - PROTO_NONE = 0, - PROTO_IKE = 1, - PROTO_AH = 2, - PROTO_ESP = 3, - PROTO_IPCOMP = 4, /* IKEv1 only */ -}; - -/** - * enum names for protocol_id_t - */ -extern enum_name_t *protocol_id_names; - -/** - * Stores a set of algorithms used for an SA. - * - * A proposal stores algorithms for a specific - * protocol. It can store algorithms for one protocol. - * Proposals with multiple protocols are not supported, - * as it's not specified in RFC4301 anymore. - */ -struct proposal_t { - - /** - * Add an algorithm to the proposal. - * - * The algorithms are stored by priority, first added - * is the most preferred. - * Key size is only needed for encryption algorithms - * with variable key size (such as AES). Must be set - * to zero if key size is not specified. - * The alg parameter accepts encryption_algorithm_t, - * integrity_algorithm_t, dh_group_number_t and - * extended_sequence_numbers_t. - * - * @param type kind of algorithm - * @param alg identifier for algorithm - * @param key_size key size to use - */ - void (*add_algorithm) (proposal_t *this, transform_type_t type, - uint16_t alg, uint16_t key_size); - - /** - * Get an enumerator over algorithms for a specific algo type. - * - * @param type kind of algorithm - * @return enumerator over uint16_t alg, uint16_t key_size - */ - enumerator_t *(*create_enumerator) (proposal_t *this, transform_type_t type); - - /** - * Get the algorithm for a type to use. - * - * If there are multiple algorithms, only the first is returned. - * - * @param type kind of algorithm - * @param alg pointer which receives algorithm - * @param key_size pointer which receives the key size - * @return TRUE if algorithm of this kind available - */ - bool (*get_algorithm) (proposal_t *this, transform_type_t type, - uint16_t *alg, uint16_t *key_size); - - /** - * Check if the proposal has a specific DH group. - * - * @param group group to check for - * @return TRUE if algorithm included - */ - bool (*has_dh_group) (proposal_t *this, diffie_hellman_group_t group); - - /** - * Strip DH groups from proposal to use it without PFS. - * - * @param keep group to keep (MODP_NONE to remove all) - */ - void (*strip_dh)(proposal_t *this, diffie_hellman_group_t keep); - - /** - * Compare two proposal, and select a matching subset. - * - * If the proposals are for the same protocols (AH/ESP), they are - * compared. If they have at least one algorithm of each type - * in common, a resulting proposal of this kind is created. - * - * @param other proposal to compare against - * @param other_remote whether other is the remote proposal from which to - * copy SPI and proposal number to the result, - * otherwise copy from this proposal - * @param private accepts algorithms allocated in a private range - * @return selected proposal, NULL if proposals don't match - */ - proposal_t *(*select)(proposal_t *this, proposal_t *other, - bool other_remote, bool private); - - /** - * Get the protocol ID of the proposal. - * - * @return protocol of the proposal - */ - protocol_id_t (*get_protocol) (proposal_t *this); - - /** - * Get the SPI of the proposal. - * - * @return spi for proto - */ - uint64_t (*get_spi) (proposal_t *this); - - /** - * Set the SPI of the proposal. - * - * @param spi spi to set for proto - */ - void (*set_spi) (proposal_t *this, uint64_t spi); - - /** - * Get the proposal number, as encoded in SA payload - * - * @return proposal number - */ - u_int (*get_number)(proposal_t *this); - - /** - * Check for the eqality of two proposals. - * - * @param other other proposal to check for equality - * @return TRUE if other equal to this - */ - bool (*equals)(proposal_t *this, proposal_t *other); - - /** - * Clone a proposal. - * - * @return clone of proposal - */ - proposal_t *(*clone) (proposal_t *this); - - /** - * Destroys the proposal object. - */ - void (*destroy) (proposal_t *this); -}; - -/** - * Create a child proposal for AH, ESP or IKE. - * - * @param protocol protocol, such as PROTO_ESP - * @param number proposal number, as encoded in SA payload - * @return proposal_t object - */ -proposal_t *proposal_create(protocol_id_t protocol, u_int number); - -/** - * Create a default proposal if nothing further specified. - * - * @param protocol protocol, such as PROTO_ESP - * @return proposal_t object - */ -proposal_t *proposal_create_default(protocol_id_t protocol); - -/** - * Create a default proposal for supported AEAD algorithms - * - * @param protocol protocol, such as PROTO_ESP - * @return proposal_t object, NULL if none supported - */ -proposal_t *proposal_create_default_aead(protocol_id_t protocol); - -/** - * Create a proposal from a string identifying the algorithms. - * - * The string is in the same form as a in the ipsec.conf file. - * E.g.: aes128-sha2_256-modp2048 - * 3des-md5 - * An additional '!' at the end of the string forces this proposal, - * without it the peer may choose another algorithm we support. - * - * @param protocol protocol, such as PROTO_ESP - * @param algs algorithms as string - * @return proposal_t object - */ -proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs); - -/** - * printf hook function for proposal_t. - * - * Arguments are: - * proposal_t *proposal - * With the #-specifier, arguments are: - * linked_list_t *list containing proposal_t* - */ -int proposal_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec, - const void *const *args); - -#endif /** PROPOSAL_H_ @}*/ diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c index 7c9f83d12..e4b819710 100644 --- a/src/libcharon/daemon.c +++ b/src/libcharon/daemon.c @@ -55,7 +55,6 @@ #include #include #include -#include #include #include #include @@ -989,11 +988,6 @@ bool libcharon_init() dbg_old = dbg; dbg = dbg_bus; - lib->printf_hook->add_handler(lib->printf_hook, 'P', - proposal_printf_hook, - PRINTF_HOOK_ARGTYPE_POINTER, - PRINTF_HOOK_ARGTYPE_END); - if (lib->integrity && !lib->integrity->check(lib->integrity, "libcharon", libcharon_init)) { diff --git a/src/libcharon/encoding/generator.h b/src/libcharon/encoding/generator.h index 375530776..9c7fe8979 100644 --- a/src/libcharon/encoding/generator.h +++ b/src/libcharon/encoding/generator.h @@ -35,8 +35,8 @@ typedef struct generator_t generator_t; * method. The generated bytes are appended. After all payloads are added, * the write_to_chunk method writes out all generated data since * the creation of the generator. - * The generater uses a set of encoding rules, which it can get from - * the supplied payload. With this rules, the generater can generate + * The generator uses a set of encoding rules, which it can get from + * the supplied payload. With this rules, the generator can generate * the payload and all substructures automatically. */ struct generator_t { diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 6d850aac0..735526e3c 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -657,6 +657,7 @@ static payload_rule_t quick_mode_i_rules[] = { {PLV1_ID, 0, 2, TRUE, FALSE}, {PLV1_NAT_OA, 0, 2, TRUE, FALSE}, {PLV1_NAT_OA_DRAFT_00_03, 0, 2, TRUE, FALSE}, + {PLV1_FRAGMENT, 0, 1, FALSE, TRUE}, }; /** @@ -673,6 +674,7 @@ static payload_order_t quick_mode_i_order[] = { {PLV1_ID, 0}, {PLV1_NAT_OA, 0}, {PLV1_NAT_OA_DRAFT_00_03, 0}, + {PLV1_FRAGMENT, 0}, }; /** @@ -689,6 +691,7 @@ static payload_rule_t quick_mode_r_rules[] = { {PLV1_ID, 0, 2, TRUE, FALSE}, {PLV1_NAT_OA, 0, 2, TRUE, FALSE}, {PLV1_NAT_OA_DRAFT_00_03, 0, 2, TRUE, FALSE}, + {PLV1_FRAGMENT, 0, 1, FALSE, TRUE}, }; /** @@ -705,6 +708,7 @@ static payload_order_t quick_mode_r_order[] = { {PLV1_ID, 0}, {PLV1_NAT_OA, 0}, {PLV1_NAT_OA_DRAFT_00_03, 0}, + {PLV1_FRAGMENT, 0}, }; /** diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index 796c10890..cad597e58 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -29,7 +29,7 @@ typedef struct proposal_substructure_t proposal_substructure_t; #include #include #include -#include +#include #include #include #include diff --git a/src/libcharon/encoding/payloads/transform_substructure.h b/src/libcharon/encoding/payloads/transform_substructure.h index cb75f1ea7..a9d4f9f7d 100644 --- a/src/libcharon/encoding/payloads/transform_substructure.h +++ b/src/libcharon/encoding/payloads/transform_substructure.h @@ -32,7 +32,7 @@ typedef struct transform_substructure_t transform_substructure_t; #include #include #include -#include +#include /** * IKEv1 Value for a transform payload. diff --git a/src/libcharon/kernel/kernel_interface.c b/src/libcharon/kernel/kernel_interface.c index 3d736b25b..91ca259ef 100644 --- a/src/libcharon/kernel/kernel_interface.c +++ b/src/libcharon/kernel/kernel_interface.c @@ -351,7 +351,7 @@ METHOD(kernel_interface_t, alloc_reqid, status_t, if (entry) { /* we don't require a traffic selector match for explicit reqids, - * as we wan't to reuse a reqid for trap-triggered policies that + * as we want to reuse a reqid for trap-triggered policies that * got narrowed during negotiation. */ reqid_entry_destroy(tmpl); } diff --git a/src/libcharon/plugins/certexpire/certexpire_cron.h b/src/libcharon/plugins/certexpire/certexpire_cron.h index 0d6623d7f..3e1005b23 100644 --- a/src/libcharon/plugins/certexpire/certexpire_cron.h +++ b/src/libcharon/plugins/certexpire/certexpire_cron.h @@ -38,7 +38,7 @@ struct certexpire_cron_t { /** * Destroy a certexpire_cron_t. * - * It currently is not possible to savely cancel a cron job. Make sure + * It currently is not possible to safely cancel a cron job. Make sure * any scheduled jobs have been canceled before cleaning up. */ void (*destroy)(certexpire_cron_t *this); diff --git a/src/libcharon/plugins/eap_radius/eap_radius_provider.c b/src/libcharon/plugins/eap_radius/eap_radius_provider.c index 58bbc2edd..8188bb764 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_provider.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_provider.c @@ -92,7 +92,7 @@ static void destroy_attr(attr_t *this) * Hashtable entry with leases and attributes */ typedef struct { - /** IKE_SA uniqe id we assign the IP lease */ + /** IKE_SA unique id we assign the IP lease */ uintptr_t id; /** list of IP leases received from AAA, as host_t */ linked_list_t *addrs; diff --git a/src/libcharon/plugins/eap_radius/eap_radius_xauth.c b/src/libcharon/plugins/eap_radius/eap_radius_xauth.c index 0fea50919..705fb188d 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_xauth.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_xauth.c @@ -72,7 +72,7 @@ struct private_eap_radius_xauth_t { xauth_round_t round; /** - * Concatentated password of all rounds + * Concatenated password of all rounds */ chunk_t pass; }; diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c index 0e83b1642..fb8d22915 100644 --- a/src/libcharon/plugins/ha/ha_ike.c +++ b/src/libcharon/plugins/ha/ha_ike.c @@ -335,7 +335,7 @@ METHOD(listener_t, message_hook, bool, chunk_t iv; /* we need the last block (or expected next IV) of Phase 1, which gets - * upated after successful en-/decryption depending on direction */ + * updated after successful en-/decryption depending on direction */ if (incoming == plain) { if (message->get_message_id(message) == 0) diff --git a/src/libcharon/plugins/ha/ha_socket.c b/src/libcharon/plugins/ha/ha_socket.c index e41e78bbf..d23e45e0b 100644 --- a/src/libcharon/plugins/ha/ha_socket.c +++ b/src/libcharon/plugins/ha/ha_socket.c @@ -1,6 +1,7 @@ /* + * Copyright (C) 2018 Tobias Brunner * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -52,6 +53,11 @@ struct private_ha_socket_t { * remote host to receive/send to */ host_t *remote; + + /** + * Receive buffer size + */ + u_int buflen; }; /** @@ -120,13 +126,26 @@ METHOD(ha_socket_t, pull, ha_message_t*, while (TRUE) { ha_message_t *message; - char buf[1024]; + char buf[this->buflen]; + struct iovec iov = { + .iov_base = buf, + .iov_len = this->buflen, + }; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + }; bool oldstate; ssize_t len; oldstate = thread_cancelability(TRUE); - len = recv(this->fd, buf, sizeof(buf), 0); + len = recvmsg(this->fd, &msg, 0); thread_cancelability(oldstate); + if (msg.msg_flags & MSG_TRUNC) + { + DBG1(DBG_CFG, "HA message exceeds receive buffer"); + continue; + } if (len <= 0) { switch (errno) @@ -208,6 +227,8 @@ ha_socket_t *ha_socket_create(char *local, char *remote) }, .local = host_create_from_dns(local, 0, HA_PORT), .remote = host_create_from_dns(remote, 0, HA_PORT), + .buflen = lib->settings->get_int(lib->settings, + "%s.plugins.ha.buflen", 2048, lib->ns), .fd = -1, ); diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c index a21d0ae7f..c3f92f500 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2016 Tobias Brunner + * Copyright (C) 2008-2018 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * HSR Hochschule fuer Technik Rapperswil * @@ -78,6 +78,9 @@ #define ROUTING_TABLE_PRIO 0 #endif +/** multicast groups (for groups > 31 setsockopt has to be used) */ +#define nl_group(group) (1 << (group - 1)) + ENUM(rt_msg_names, RTM_NEWLINK, RTM_GETRULE, "RTM_NEWLINK", "RTM_DELLINK", @@ -472,6 +475,11 @@ struct private_kernel_netlink_net_t { */ bool process_route; + /** + * whether to react to RTM_NEWRULE or RTM_DELRULE events + */ + bool process_rules; + /** * whether to trigger roam events */ @@ -1451,6 +1459,45 @@ static void process_route(private_kernel_netlink_net_t *this, struct nlmsghdr *h host->destroy(host); } +/** + * process RTM_NEW|DELRULE from kernel + */ +static void process_rule(private_kernel_netlink_net_t *this, struct nlmsghdr *hdr) +{ +#ifdef HAVE_LINUX_FIB_RULES_H + struct rtmsg* msg = NLMSG_DATA(hdr); + struct rtattr *rta = RTM_RTA(msg); + size_t rtasize = RTM_PAYLOAD(hdr); + uint32_t table = 0; + + /* ignore rules added by us or in the local routing table (local addrs) */ + if (msg->rtm_table && (msg->rtm_table == this->routing_table || + msg->rtm_table == RT_TABLE_LOCAL)) + { + return; + } + + while (RTA_OK(rta, rtasize)) + { + switch (rta->rta_type) + { + case FRA_TABLE: + if (RTA_PAYLOAD(rta) == sizeof(table)) + { + table = *(uint32_t*)RTA_DATA(rta); + } + break; + } + rta = RTA_NEXT(rta, rtasize); + } + if (table && table == this->routing_table) + { /* also check against extended table ID */ + return; + } + fire_roam_event(this, FALSE); +#endif +} + /** * Receives events from kernel */ @@ -1508,6 +1555,13 @@ static bool receive_events(private_kernel_netlink_net_t *this, int fd, process_route(this, hdr); } break; + case RTM_NEWRULE: + case RTM_DELRULE: + if (this->process_rules) + { + process_rule(this, hdr); + } + break; default: break; } @@ -2333,7 +2387,9 @@ static status_t manage_ipaddr(private_kernel_netlink_net_t *this, int nlmsg_type if (ip->get_family(ip) == AF_INET6) { +#ifdef IFA_F_NODAD msg->ifa_flags |= IFA_F_NODAD; +#endif if (this->rta_prefsrc_for_ipv6) { /* if source routes are possible we let the virtual IP get @@ -2983,6 +3039,8 @@ kernel_netlink_net_t *kernel_netlink_net_create() "%s.prefer_temporary_addrs", FALSE, lib->ns), .roam_events = lib->settings->get_bool(lib->settings, "%s.plugins.kernel-netlink.roam_events", TRUE, lib->ns), + .process_rules = lib->settings->get_bool(lib->settings, + "%s.plugins.kernel-netlink.process_rules", FALSE, lib->ns), .mtu = lib->settings->get_int(lib->settings, "%s.plugins.kernel-netlink.mtu", 0, lib->ns), .mss = lib->settings->get_int(lib->settings, @@ -3035,8 +3093,19 @@ kernel_netlink_net_t *kernel_netlink_net_create() destroy(this); return NULL; } - addr.nl_groups = RTMGRP_IPV4_IFADDR | RTMGRP_IPV6_IFADDR | - RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE | RTMGRP_LINK; + addr.nl_groups = nl_group(RTNLGRP_IPV4_IFADDR) | + nl_group(RTNLGRP_IPV6_IFADDR) | + nl_group(RTNLGRP_LINK); + if (this->process_route) + { + addr.nl_groups |= nl_group(RTNLGRP_IPV4_ROUTE) | + nl_group(RTNLGRP_IPV6_ROUTE); + } + if (this->process_rules) + { + addr.nl_groups |= nl_group(RTNLGRP_IPV4_RULE) | + nl_group(RTNLGRP_IPV6_RULE); + } if (bind(this->socket_events, (struct sockaddr*)&addr, sizeof(addr))) { DBG1(DBG_KNL, "unable to bind RT event socket: %s (%d)", diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 710107889..79abe587a 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -1752,13 +1752,13 @@ METHOD(kernel_ipsec_t, add_sa, status_t, #ifdef SADB_X_EXT_SA_REPLAY if (data->inbound) { - struct sadb_x_sa_replay *replay; + struct sadb_x_sa_replay *repl; - replay = (struct sadb_x_sa_replay*)PFKEY_EXT_ADD_NEXT(msg); - replay->sadb_x_replay_exttype = SADB_X_EXT_SA_REPLAY; - replay->sadb_x_replay_len = PFKEY_LEN(sizeof(struct sadb_x_sa_replay)); - replay->sadb_x_replay_replay = min(data->replay_window, UINT32_MAX-32); - PFKEY_EXT_ADD(msg, replay); + repl = (struct sadb_x_sa_replay*)PFKEY_EXT_ADD_NEXT(msg); + repl->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY; + repl->sadb_x_sa_replay_len = PFKEY_LEN(sizeof(struct sadb_x_sa_replay)); + repl->sadb_x_sa_replay_replay = min(data->replay_window, UINT32_MAX-32); + PFKEY_EXT_ADD(msg, repl); } #endif diff --git a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c index 774fcf5c8..0f36e7be3 100644 --- a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c +++ b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c @@ -1982,7 +1982,7 @@ METHOD(kernel_ipsec_t, get_spi, status_t, private_kernel_wfp_ipsec_t *this, host_t *src, host_t *dst, uint8_t protocol, uint32_t *spi) { - /* To avoid sequencial SPIs, we use a one-to-one permuation function on + /* To avoid sequential SPIs, we use a one-to-one permutation function on * an incrementing counter, that is a full period PRNG for the range we * allocate SPIs in. We add some randomness using a fixed XOR and start * the counter at random position. This is not cryptographically safe, diff --git a/src/libcharon/plugins/lookip/lookip_plugin.c b/src/libcharon/plugins/lookip/lookip_plugin.c index a6c32d65d..8324dd14f 100644 --- a/src/libcharon/plugins/lookip/lookip_plugin.c +++ b/src/libcharon/plugins/lookip/lookip_plugin.c @@ -33,7 +33,7 @@ struct private_lookip_plugin_t { lookip_plugin_t public; /** - * Listener collecting virtual IP assignements + * Listener collecting virtual IP assignments */ lookip_listener_t *listener; diff --git a/src/libcharon/plugins/osx_attr/osx_attr_handler.c b/src/libcharon/plugins/osx_attr/osx_attr_handler.c index e7a627b93..6f19a03d5 100644 --- a/src/libcharon/plugins/osx_attr/osx_attr_handler.c +++ b/src/libcharon/plugins/osx_attr/osx_attr_handler.c @@ -150,7 +150,7 @@ static bool manage_dns(private_osx_attr_handler_t *this, if (add) { if (!this->append && !this->original) - { /* backup orignal config, start with empty set */ + { /* backup original config, start with empty set */ this->original = arr; arr = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks); } diff --git a/src/libcharon/plugins/save_keys/Makefile.am b/src/libcharon/plugins/save_keys/Makefile.am new file mode 100644 index 000000000..a41668bb5 --- /dev/null +++ b/src/libcharon/plugins/save_keys/Makefile.am @@ -0,0 +1,18 @@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libcharon + +AM_CFLAGS = \ + $(PLUGIN_CFLAGS) + +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-save-keys.la +else +plugin_LTLIBRARIES = libstrongswan-save-keys.la +endif + +libstrongswan_save_keys_la_SOURCES = \ + save_keys_plugin.h save_keys_plugin.c \ + save_keys_listener.c save_keys_listener.h + +libstrongswan_save_keys_la_LDFLAGS = -module -avoid-version diff --git a/src/libcharon/plugins/save_keys/Makefile.in b/src/libcharon/plugins/save_keys/Makefile.in new file mode 100644 index 000000000..a56d8eacd --- /dev/null +++ b/src/libcharon/plugins/save_keys/Makefile.in @@ -0,0 +1,803 @@ +# Makefile.in generated by automake 1.15 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2014 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libcharon/plugins/save_keys +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__installdirs = "$(DESTDIR)$(plugindir)" +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) +libstrongswan_save_keys_la_LIBADD = +am_libstrongswan_save_keys_la_OBJECTS = save_keys_plugin.lo \ + save_keys_listener.lo +libstrongswan_save_keys_la_OBJECTS = \ + $(am_libstrongswan_save_keys_la_OBJECTS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +libstrongswan_save_keys_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_save_keys_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_save_keys_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_save_keys_la_rpath = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libstrongswan_save_keys_la_SOURCES) +DIST_SOURCES = $(libstrongswan_save_keys_la_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +ATOMICLIB = @ATOMICLIB@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BFDLIB = @BFDLIB@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +FUZZING_LDFLAGS = @FUZZING_LDFLAGS@ +GEM = @GEM@ +GENHTML = @GENHTML@ +GPERF = @GPERF@ +GPERF_LEN_TYPE = @GPERF_LEN_TYPE@ +GPRBUILD = @GPRBUILD@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_LIB = @OPENSSL_LIB@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ +PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYGEMDIR = @RUBYGEMDIR@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +aikgen_plugins = @aikgen_plugins@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +attest_plugins = @attest_plugins@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ +clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dev_headers = @dev_headers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +fips_mode = @fips_mode@ +fuzz_plugins = @fuzz_plugins@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +imcvdir = @imcvdir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipseclibdir = @ipseclibdir@ +ipsecuser = @ipsecuser@ +json_CFLAGS = @json_CFLAGS@ +json_LIBS = @json_LIBS@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libfuzzer = @libfuzzer@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +manager_plugins = @manager_plugins@ +mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ +oldincludedir = @oldincludedir@ +p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ +pdfdir = @pdfdir@ +piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +pki_plugins = @pki_plugins@ +plugindir = @plugindir@ +pool_plugins = @pool_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +ruby_CFLAGS = @ruby_CFLAGS@ +ruby_LIBS = @ruby_LIBS@ +runstatedir = @runstatedir@ +s_plugins = @s_plugins@ +sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ +sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ +srcdir = @srcdir@ +starter_plugins = @starter_plugins@ +strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ +swanctldir = @swanctldir@ +sysconfdir = @sysconfdir@ +systemd_CFLAGS = @systemd_CFLAGS@ +systemd_LIBS = @systemd_LIBS@ +systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ +systemd_daemon_LIBS = @systemd_daemon_LIBS@ +systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ +systemd_journal_LIBS = @systemd_journal_LIBS@ +systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +tss2_CFLAGS = @tss2_CFLAGS@ +tss2_LIBS = @tss2_LIBS@ +tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ +tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ +tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libcharon + +AM_CFLAGS = \ + $(PLUGIN_CFLAGS) + +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-save-keys.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-save-keys.la +libstrongswan_save_keys_la_SOURCES = \ + save_keys_plugin.h save_keys_plugin.c \ + save_keys_listener.c save_keys_listener.h + +libstrongswan_save_keys_la_LDFLAGS = -module -avoid-version +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/save_keys/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libcharon/plugins/save_keys/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ + } + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libstrongswan-save-keys.la: $(libstrongswan_save_keys_la_OBJECTS) $(libstrongswan_save_keys_la_DEPENDENCIES) $(EXTRA_libstrongswan_save_keys_la_DEPENDENCIES) + $(AM_V_CCLD)$(libstrongswan_save_keys_la_LINK) $(am_libstrongswan_save_keys_la_rpath) $(libstrongswan_save_keys_la_OBJECTS) $(libstrongswan_save_keys_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/save_keys_listener.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/save_keys_plugin.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-pluginLTLIBRARIES install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-pluginLTLIBRARIES + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libcharon/plugins/save_keys/save_keys_listener.c b/src/libcharon/plugins/save_keys/save_keys_listener.c new file mode 100644 index 000000000..fc16f20e6 --- /dev/null +++ b/src/libcharon/plugins/save_keys/save_keys_listener.c @@ -0,0 +1,435 @@ +/* + * Copyright (C) 2018 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ +/* + * Copyright (C) 2016 Codrut Cristian Grosu (codrut.cristian.grosu@gmail.com) + * Copyright (C) 2016 IXIA (http://www.ixiacom.com) + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#define _GNU_SOURCE + +#include "save_keys_listener.h" + +#include +#include +#include + +#include + +typedef struct private_save_keys_listener_t private_save_keys_listener_t; +typedef struct algo_map_t algo_map_t; + +/** + * Name for IKEv1 decryption table file + */ +static char *ikev1_name = "ikev1_decryption_table"; + +/** + * Name for IKEv2 decryption table file + */ +static char *ikev2_name = "ikev2_decryption_table"; + +/** + * Name for esp decryption table file + */ +static char *esp_name = "esp_sa"; + +/** + * Private data. + */ +struct private_save_keys_listener_t { + + /** + * Public interface. + */ + save_keys_listener_t public; + + /** + * Path to the directory where the decryption tables will be stored. + */ + char *path; + + /** + * Whether to save IKE keys + */ + bool ike; + + /** + * Whether to save ESP keys + */ + bool esp; +}; + +METHOD(save_keys_listener_t, destroy, void, + private_save_keys_listener_t *this) +{ + free(this); +} + +/** + * Mapping strongSwan identifiers to Wireshark names + */ +struct algo_map_t { + + /** + * IKE identifier + */ + const uint16_t ike; + + /** + * Optional key length + */ + const int key_len; + + /** + * Name of the algorithm in wireshark + */ + const char *name; +}; + +/** + * Map an algorithm identifier to a name + */ +static inline const char *algo_name(algo_map_t *map, int count, + uint16_t alg, int key_len) +{ + int i; + + for (i = 0; i < count; i++) + { + if (map[i].ike == alg) + { + if (map[i].key_len == -1 || map[i].key_len == key_len) + { + return map[i].name; + } + } + } + return NULL; +} + +/** + * Wireshark IKE algorithm identifiers for encryption + */ +static algo_map_t ike_encr[] = { + { ENCR_3DES, -1, "3DES [RFC2451]" }, + { ENCR_NULL, -1, "NULL [RFC2410]" }, + { ENCR_AES_CBC, 128, "AES-CBC-128 [RFC3602]" }, + { ENCR_AES_CBC, 192, "AES-CBC-192 [RFC3602]" }, + { ENCR_AES_CBC, 256, "AES-CBC-256 [RFC3602]" }, + { ENCR_AES_CTR, 128, "AES-CTR-128 [RFC5930]" }, + { ENCR_AES_CTR, 192, "AES-CTR-192 [RFC5930]" }, + { ENCR_AES_CTR, 256, "AES-CTR-256 [RFC5930]" }, + { ENCR_AES_GCM_ICV8, 128, "AES-GCM-128 with 8 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV8, 192, "AES-GCM-192 with 8 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV8, 256, "AES-GCM-256 with 8 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV12, 128, "AES-GCM-128 with 12 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV12, 192, "AES-GCM-192 with 12 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV12, 256, "AES-GCM-256 with 12 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV16, 128, "AES-GCM-128 with 16 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV16, 192, "AES-GCM-192 with 16 octet ICV [RFC5282]" }, + { ENCR_AES_GCM_ICV16, 256, "AES-GCM-256 with 16 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV8, 128, "AES-CCM-128 with 8 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV8, 192, "AES-CCM-192 with 8 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV8, 256, "AES-CCM-256 with 8 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV12, 128, "AES-CCM-128 with 12 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV12, 192, "AES-CCM-192 with 12 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV12, 256, "AES-CCM-256 with 12 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV16, 128, "AES-CCM-128 with 16 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV16, 192, "AES-CCM-192 with 16 octet ICV [RFC5282]" }, + { ENCR_AES_CCM_ICV16, 256, "AES-CCM-256 with 16 octet ICV [RFC5282]" }, +}; + +/** + * Wireshark IKE algorithms for integrity + */ +static algo_map_t ike_integ[] = { + { AUTH_HMAC_MD5_96, -1, "HMAC_MD5_96 [RFC2403]" }, + { AUTH_HMAC_SHA1_96, -1, "HMAC_SHA1_96 [RFC2404]" }, + { AUTH_HMAC_MD5_128, -1, "HMAC_MD5_128 [RFC4595]" }, + { AUTH_HMAC_SHA1_160, -1, "HMAC_SHA1_160 [RFC4595]" }, + { AUTH_HMAC_SHA2_256_128, -1, "HMAC_SHA2_256_128 [RFC4868]" }, + { AUTH_HMAC_SHA2_384_192, -1, "HMAC_SHA2_384_192 [RFC4868]" }, + { AUTH_HMAC_SHA2_512_256, -1, "HMAC_SHA2_512_256 [RFC4868]" }, + { AUTH_HMAC_SHA2_256_96, -1, "HMAC_SHA2_256_96 [draft-ietf-ipsec-ciph-sha-256-00]" }, + { AUTH_UNDEFINED, -1, "NONE [RFC4306]" }, +}; + +/** + * Map an IKE proposal + */ +static inline void ike_names(proposal_t *proposal, const char **enc, + const char **integ) +{ + uint16_t alg, len; + + if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &len)) + { + *enc = algo_name(ike_encr, countof(ike_encr), alg, len); + } + if (encryption_algorithm_is_aead(alg)) + { + alg = AUTH_UNDEFINED; + } + else if (!proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &alg, NULL)) + { + return; + } + *integ = algo_name(ike_integ, countof(ike_integ), alg, -1); +} + +/** + * Wireshark ESP algorithm identifiers for encryption + */ +static algo_map_t esp_encr[] = { + { ENCR_NULL, -1, "NULL" }, + { ENCR_3DES, -1, "TripleDes-CBC [RFC2451]" }, + { ENCR_AES_CBC, -1, "AES-CBC [RFC3602]" }, + { ENCR_AES_CTR, -1, "AES-CTR [RFC3686]" }, + { ENCR_DES, -1, "DES-CBC [RFC2405]" }, + { ENCR_CAST, -1, "CAST5-CBC [RFC2144]" }, + { ENCR_BLOWFISH, -1, "BLOWFISH-CBC [RFC2451]" }, + { ENCR_TWOFISH_CBC, -1, "TWOFISH-CBC" }, + { ENCR_AES_GCM_ICV8, -1, "AES-GCM [RFC4106]" }, + { ENCR_AES_GCM_ICV12, -1, "AES-GCM [RFC4106]" }, + { ENCR_AES_GCM_ICV16, -1, "AES-GCM [RFC4106]" }, +}; + +/** + * Wireshark ESP algorithms for integrity + */ +static algo_map_t esp_integ[] = { + { AUTH_HMAC_SHA1_96, -1, "HMAC-SHA-1-96 [RFC2404]" }, + { AUTH_HMAC_MD5_96, -1, "HMAC-MD5-96 [RFC2403]" }, + { AUTH_HMAC_SHA2_256_128, -1, "HMAC-SHA-256-128 [RFC4868]" }, + { AUTH_HMAC_SHA2_384_192, -1, "HMAC-SHA-384-192 [RFC4868]" }, + { AUTH_HMAC_SHA2_512_256, -1, "HMAC-SHA-512-256 [RFC4868]" }, + { AUTH_HMAC_SHA2_256_96, -1, "HMAC-SHA-256-96 [draft-ietf-ipsec-ciph-sha-256-00]" }, + { AUTH_UNDEFINED, 64, "ANY 64 bit authentication [no checking]" }, + { AUTH_UNDEFINED, 96, "ANY 96 bit authentication [no checking]" }, + { AUTH_UNDEFINED, 128, "ANY 128 bit authentication [no checking]" }, + { AUTH_UNDEFINED, 192, "ANY 192 bit authentication [no checking]" }, + { AUTH_UNDEFINED, 256, "ANY 256 bit authentication [no checking]" }, + { AUTH_UNDEFINED, -1, "NULL" }, +}; + +/** + * Map an ESP proposal + */ +static inline void esp_names(proposal_t *proposal, const char **enc, + const char **integ) +{ + uint16_t alg, len; + + if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &len)) + { + *enc = algo_name(esp_encr, countof(esp_encr), alg, len); + } + len = -1; + if (!proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &alg, NULL)) + { + switch (alg) + { + case ENCR_AES_GCM_ICV8: + len = 64; + break; + case ENCR_AES_GCM_ICV12: + len = 64; + break; + case ENCR_AES_GCM_ICV16: + len = 128; + break; + } + alg = AUTH_UNDEFINED; + } + *integ = algo_name(esp_integ, countof(esp_integ), alg, len); +} + +METHOD(listener_t, ike_derived_keys, bool, + private_save_keys_listener_t *this, ike_sa_t *ike_sa, chunk_t sk_ei, + chunk_t sk_er, chunk_t sk_ai, chunk_t sk_ar) +{ + ike_version_t version; + ike_sa_id_t *id; + const char *enc = NULL, *integ = NULL; + char *path, *name; + FILE *file; + + if (!this->path || !this->ike) + { + return TRUE; + } + + version = ike_sa->get_version(ike_sa); + name = version == IKEV2 ? ikev2_name : ikev1_name; + if (asprintf(&path, "%s/%s", this->path, name) < 0) + { + DBG1(DBG_IKE, "failed to build path to IKE key table"); + return TRUE; + } + + file = fopen(path, "a"); + if (file) + { + id = ike_sa->get_id(ike_sa); + if (version == IKEV2) + { + ike_names(ike_sa->get_proposal(ike_sa), &enc, &integ); + if (enc && integ) + { + fprintf(file, "%.16"PRIx64",%.16"PRIx64",%+B,%+B,\"%s\"," + "%+B,%+B,\"%s\"\n", be64toh(id->get_initiator_spi(id)), + be64toh(id->get_responder_spi(id)), &sk_ei, &sk_er, + enc, &sk_ai, &sk_ar, integ); + } + } + else + { + fprintf(file, "%.16"PRIx64",%+B\n", + be64toh(id->get_initiator_spi(id)), &sk_ei); + } + fclose(file); + } + else + { + DBG1(DBG_IKE, "failed to open IKE key table '%s': %s", path, + strerror(errno)); + } + free(path); + return TRUE; +} + +METHOD(listener_t, child_derived_keys, bool, + private_save_keys_listener_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, + bool initiator, chunk_t encr_i, chunk_t encr_r, chunk_t integ_i, + chunk_t integ_r) +{ + host_t *init, *resp; + uint32_t spi_i, spi_r; + const char *enc = NULL, *integ = NULL; + char *path, *family; + FILE *file; + + if (!this->path || !this->esp || + child_sa->get_protocol(child_sa) != PROTO_ESP) + { + return TRUE; + } + + if (asprintf(&path, "%s/%s", this->path, esp_name) < 0) + { + DBG1(DBG_CHD, "failed to build path to ESP key table"); + return TRUE; + } + + file = fopen(path, "a"); + if (file) + { + esp_names(child_sa->get_proposal(child_sa), &enc, &integ); + if (enc && integ) + { + /* Since the IPs are printed this is not compatible with MOBIKE */ + if (initiator) + { + init = ike_sa->get_my_host(ike_sa); + resp = ike_sa->get_other_host(ike_sa); + } + else + { + init = ike_sa->get_other_host(ike_sa); + resp = ike_sa->get_my_host(ike_sa); + } + spi_i = child_sa->get_spi(child_sa, initiator); + spi_r = child_sa->get_spi(child_sa, !initiator); + family = init->get_family(init) == AF_INET ? "IPv4" : "IPv6"; + fprintf(file, "\"%s\",\"%H\",\"%H\",\"0x%.8x\",\"%s\",\"0x%+B\"," + "\"%s\",\"0x%+B\"\n", family, init, resp, ntohl(spi_r), enc, + &encr_i, integ, &integ_i); + fprintf(file, "\"%s\",\"%H\",\"%H\",\"0x%.8x\",\"%s\",\"0x%+B\"," + "\"%s\",\"0x%+B\"\n", family, resp, init, ntohl(spi_i), enc, + &encr_r, integ, &integ_r); + } + fclose(file); + } + else + { + DBG1(DBG_CHD, "failed to open ESP key table '%s': %s", path, + strerror(errno)); + } + free(path); + return TRUE; +} + +/** + * See header. + */ +save_keys_listener_t *save_keys_listener_create() +{ + private_save_keys_listener_t *this; + + INIT(this, + .public = { + .listener = { + .ike_derived_keys = _ike_derived_keys, + .child_derived_keys = _child_derived_keys, + }, + .destroy = _destroy, + }, + .path = lib->settings->get_str(lib->settings, + "%s.plugins.save-keys.wireshark_keys", + NULL, lib->ns), + .esp = lib->settings->get_bool(lib->settings, + "%s.plugins.save-keys.esp", + FALSE, lib->ns), + .ike = lib->settings->get_bool(lib->settings, + "%s.plugins.save-keys.ike", + FALSE, lib->ns), + ); + + if (this->path && (this->ike || this->esp)) + { + char *keys = "IKE"; + + if (this->ike && this->esp) + { + keys = "IKE AND ESP"; + } + else if (this->esp) + { + keys = "ESP"; + } + DBG0(DBG_DMN, "!!", keys, this->path); + DBG0(DBG_DMN, "!! WARNING: SAVING %s KEYS TO '%s'", keys, this->path); + DBG0(DBG_DMN, "!!", keys, this->path); + } + return &this->public; +} diff --git a/src/libcharon/plugins/save_keys/save_keys_listener.h b/src/libcharon/plugins/save_keys/save_keys_listener.h new file mode 100644 index 000000000..c4dc2cf45 --- /dev/null +++ b/src/libcharon/plugins/save_keys/save_keys_listener.h @@ -0,0 +1,57 @@ +/* + * Copyright (C) 2016 Codrut Cristian Grosu (codrut.cristian.grosu@gmail.com) + * Copyright (C) 2016 IXIA (http://www.ixiacom.com) + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +/** + * @defgroup save_keys_listener save_keys_listener + * @{ @ingroup save_keys + */ + +#ifndef SAVE_KEYS_LISTENER_H_ +#define SAVE_KEYS_LISTENER_H_ + +#include + +typedef struct save_keys_listener_t save_keys_listener_t; + +/** + * Listener saving derived IKE and ESP keys. + */ +struct save_keys_listener_t { + + /** + * Implements listener_t interface. + */ + listener_t listener; + + /** + * Destroy this instance. + */ + void (*destroy)(save_keys_listener_t *this); +}; + +/** + * Create a save_keys_listener_t instance. + */ +save_keys_listener_t *save_keys_listener_create(); + +#endif /** SAVE_KEYS_LISTENER_H_ @}*/ diff --git a/src/libcharon/plugins/save_keys/save_keys_plugin.c b/src/libcharon/plugins/save_keys/save_keys_plugin.c new file mode 100644 index 000000000..93db5bcac --- /dev/null +++ b/src/libcharon/plugins/save_keys/save_keys_plugin.c @@ -0,0 +1,107 @@ +/* + * Copyright (C) 2016 Codrut Cristian Grosu (codrut.cristian.grosu@gmail.com) + * Copyright (C) 2016 IXIA (http://www.ixiacom.com) + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "save_keys_plugin.h" +#include "save_keys_listener.h" + +#include + +typedef struct private_save_keys_plugin_t private_save_keys_plugin_t; + +/** + * Private data. + */ +struct private_save_keys_plugin_t { + + /** + * Implements plugin interface. + */ + save_keys_plugin_t public; + + /** + * Listener saving keys to file. + */ + save_keys_listener_t *listener; +}; + +METHOD(plugin_t, get_name, char*, + private_save_keys_plugin_t *this) +{ + return "save-keys"; +} + +/** + * Register listener. + */ +static bool plugin_cb(private_save_keys_plugin_t *this, + plugin_feature_t *feature, bool reg, void *cb_data) +{ + if (reg) + { + charon->bus->add_listener(charon->bus, &this->listener->listener); + } + else + { + charon->bus->remove_listener(charon->bus, &this->listener->listener); + } + return TRUE; +} + +METHOD(plugin_t, get_features, int, + private_save_keys_plugin_t *this, plugin_feature_t *features[]) +{ + static plugin_feature_t f[] = { + PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL), + PLUGIN_PROVIDE(CUSTOM, "save-keys"), + }; + *features = f; + return countof(f); +} + +METHOD(plugin_t, destroy, void, + private_save_keys_plugin_t *this) +{ + this->listener->destroy(this->listener); + free(this); +} + +/** + * Plugin constructor. + */ +plugin_t *save_keys_plugin_create() +{ + private_save_keys_plugin_t *this; + + INIT(this, + .public = { + .plugin = { + .get_name = _get_name, + .get_features = _get_features, + .destroy = _destroy, + }, + }, + .listener = save_keys_listener_create(), + ); + + return &this->public.plugin; +} diff --git a/src/libcharon/plugins/save_keys/save_keys_plugin.h b/src/libcharon/plugins/save_keys/save_keys_plugin.h new file mode 100644 index 000000000..9501b5479 --- /dev/null +++ b/src/libcharon/plugins/save_keys/save_keys_plugin.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 2016 Codrut Cristian Grosu (codrut.cristian.grosu@gmail.com) + * Copyright (C) 2016 IXIA (http://www.ixiacom.com) + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +/** + * @defgroup save_keys save_keys + * @ingroup cplugins + * + * @defgroup save_keys_plugin save_keys_plugin + * @{ @ingroup save_keys + */ + +#ifndef SAVE_KEYS_PLUGIN_H_ +#define SAVE_KEYS_PLUGIN_H_ + +#include + +typedef struct save_keys_plugin_t save_keys_plugin_t; + +/** + * Plugin that saves derived IKE and ESP keys. + */ +struct save_keys_plugin_t { + + /** + * Implements plugin interface. + */ + plugin_t plugin; +}; + +#endif /** SAVE_KEYS_PLUGIN_H_ @}*/ diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index ac0129210..ca22c7f82 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -519,7 +519,7 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this, enumerator->destroy(enumerator); } - /* authentication metod (class, actually) */ + /* authentication method (class, actually) */ if (strpfx(auth, "ike:") || strpfx(auth, "pubkey") || strpfx(auth, "rsa") || diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c index 9b61afb5c..7fc95657e 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.c +++ b/src/libcharon/plugins/stroke/stroke_cred.c @@ -1,7 +1,7 @@ /* - * Copyright (C) 2008-2015 Tobias Brunner + * Copyright (C) 2008-2017 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -1131,7 +1131,6 @@ static bool load_shared(mem_cred_t *secrets, chunk_t line, int line_nr, shared_key_t *shared_key; linked_list_t *owners; chunk_t secret = chunk_empty; - bool any = TRUE; err_t ugh = extract_secret(&secret, &line); if (ugh != NULL) @@ -1148,7 +1147,6 @@ static bool load_shared(mem_cred_t *secrets, chunk_t line, int line_nr, while (ids.len > 0) { chunk_t id; - identification_t *peer_id; ugh = extract_value(&id, &ids); if (ugh != NULL) @@ -1165,17 +1163,9 @@ static bool load_shared(mem_cred_t *secrets, chunk_t line, int line_nr, /* NULL terminate the ID string */ *(id.ptr + id.len) = '\0'; - peer_id = identification_create_from_string(id.ptr); - if (peer_id->get_type(peer_id) == ID_ANY) - { - peer_id->destroy(peer_id); - continue; - } - - owners->insert_last(owners, peer_id); - any = FALSE; + owners->insert_last(owners, identification_create_from_string(id.ptr)); } - if (any) + if (!owners->get_count(owners)) { owners->insert_last(owners, identification_create_from_encoding(ID_ANY, chunk_empty)); diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c index 22992599d..2bed420be 100644 --- a/src/libcharon/plugins/stroke/stroke_list.c +++ b/src/libcharon/plugins/stroke/stroke_list.c @@ -693,7 +693,7 @@ METHOD(stroke_list_t, status, void, /** * create a unique certificate list without duplicates - * certicates having the same issuer are grouped together. + * certificates having the same issuer are grouped together. */ static linked_list_t* create_unique_cert_list(certificate_type_t type) { diff --git a/src/libcharon/plugins/uci/uci_parser.c b/src/libcharon/plugins/uci/uci_parser.c index e847dd393..283d93928 100644 --- a/src/libcharon/plugins/uci/uci_parser.c +++ b/src/libcharon/plugins/uci/uci_parser.c @@ -112,7 +112,7 @@ METHOD(uci_parser_t, create_section_enumerator, enumerator_t*, va_list args; int i; - /* allocate enumerator large enought to hold keyword pointers */ + /* allocate enumerator large enough to hold keyword pointers */ i = 1; va_start(args, this); while (va_arg(args, char*)) diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md index 83521250d..49cce379d 100644 --- a/src/libcharon/plugins/vici/README.md +++ b/src/libcharon/plugins/vici/README.md @@ -530,11 +530,11 @@ on the key identifier derived from the public key). ### load-shared() ### -Load a shared IKE PSK, EAP or XAuth secret into the daemon. +Load a shared IKE PSK, EAP, XAuth or NTLM secret into the daemon. { id = - type = + type = data = owners = [ @@ -546,8 +546,8 @@ Load a shared IKE PSK, EAP or XAuth secret into the daemon. ### unload-shared() ### -Unload a previously loaded shared IKE PSK, EAP or XAuth secret by its unique -identifier. +Unload a previously loaded shared IKE PSK, EAP, XAuth or NTLM secret by its +unique identifier. { id = diff --git a/src/libcharon/plugins/vici/libvici.h b/src/libcharon/plugins/vici/libvici.h index 3ca9de424..d69597881 100644 --- a/src/libcharon/plugins/vici/libvici.h +++ b/src/libcharon/plugins/vici/libvici.h @@ -43,7 +43,7 @@ * thread pool. * * Connecting requires an uri, which is currently either a UNIX socket path - * prefixed with unix://, or a hostname:port touple prefixed with tcp://. + * prefixed with unix://, or a hostname:port tuple prefixed with tcp://. * Passing NULL takes the system default socket path. * * After the connection has been established, request messages can be sent. diff --git a/src/libcharon/plugins/vici/ruby/Makefile.in b/src/libcharon/plugins/vici/ruby/Makefile.in index ff4e07d2d..6d29988db 100644 --- a/src/libcharon/plugins/vici/ruby/Makefile.in +++ b/src/libcharon/plugins/vici/ruby/Makefile.in @@ -476,8 +476,8 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -@RUBY_GEMS_INSTALL_FALSE@uninstall-local: @RUBY_GEMS_INSTALL_FALSE@install-data-local: +@RUBY_GEMS_INSTALL_FALSE@uninstall-local: clean: clean-am clean-am: clean-generic clean-libtool clean-local mostlyclean-am diff --git a/src/libcharon/plugins/vici/vici_cred.c b/src/libcharon/plugins/vici/vici_cred.c index 5d8bf2f05..ec6c80a5b 100644 --- a/src/libcharon/plugins/vici/vici_cred.c +++ b/src/libcharon/plugins/vici/vici_cred.c @@ -434,7 +434,7 @@ CALLBACK(load_shared, vici_message_t*, { type = SHARED_IKE; } - else if (strcaseeq(str, "eap") || streq(str, "xauth")) + else if (strcaseeq(str, "eap") || strcaseeq(str, "xauth")) { type = SHARED_EAP; } diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c index 134ea375d..82c3d7855 100644 --- a/src/libcharon/plugins/vici/vici_query.c +++ b/src/libcharon/plugins/vici/vici_query.c @@ -774,7 +774,7 @@ CALLBACK(list_conns, vici_message_t*, ike_cfg_t *ike_cfg; child_cfg_t *child_cfg; char *ike, *str, *interface; - uint32_t manual_prio; + uint32_t manual_prio, dpd_delay, dpd_timeout; linked_list_t *list; traffic_selector_t *ts; lifetime_cfg_t *lft; @@ -825,6 +825,18 @@ CALLBACK(list_conns, vici_message_t*, b->add_kv(b, "unique", "%N", unique_policy_names, peer_cfg->get_unique_policy(peer_cfg)); + dpd_delay = peer_cfg->get_dpd(peer_cfg); + if (dpd_delay) + { + b->add_kv(b, "dpd_delay", "%u", dpd_delay); + } + + dpd_timeout = peer_cfg->get_dpd_timeout(peer_cfg); + if (dpd_timeout) + { + b->add_kv(b, "dpd_timeout", "%u", dpd_timeout); + } + build_auth_cfgs(peer_cfg, TRUE, b); build_auth_cfgs(peer_cfg, FALSE, b); @@ -843,6 +855,11 @@ CALLBACK(list_conns, vici_message_t*, b->add_kv(b, "rekey_packets", "%"PRIu64, lft->packets.rekey); free(lft); + b->add_kv(b, "dpd_action", "%N", action_names, + child_cfg->get_dpd_action(child_cfg)); + b->add_kv(b, "close_action", "%N", action_names, + child_cfg->get_close_action(child_cfg)); + b->begin_list(b, "local-ts"); list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL); selectors = list->create_enumerator(list); diff --git a/src/libcharon/processing/jobs/delete_child_sa_job.h b/src/libcharon/processing/jobs/delete_child_sa_job.h index b2d5a11f6..b33ea617b 100644 --- a/src/libcharon/processing/jobs/delete_child_sa_job.h +++ b/src/libcharon/processing/jobs/delete_child_sa_job.h @@ -27,7 +27,7 @@ typedef struct delete_child_sa_job_t delete_child_sa_job_t; #include #include #include -#include +#include /** diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.h b/src/libcharon/processing/jobs/rekey_child_sa_job.h index 1de06fd07..1c9d9b400 100644 --- a/src/libcharon/processing/jobs/rekey_child_sa_job.h +++ b/src/libcharon/processing/jobs/rekey_child_sa_job.h @@ -26,7 +26,7 @@ typedef struct rekey_child_sa_job_t rekey_child_sa_job_t; #include #include #include -#include +#include /** * Class representing an REKEY_CHILD_SA Job. @@ -50,4 +50,5 @@ struct rekey_child_sa_job_t { */ rekey_child_sa_job_t *rekey_child_sa_job_create(protocol_id_t protocol, uint32_t spi, host_t *dst); + #endif /** REKEY_CHILD_SA_JOB_H_ @}*/ diff --git a/src/libcharon/processing/jobs/update_sa_job.h b/src/libcharon/processing/jobs/update_sa_job.h index ed978dc8b..17beb68b6 100644 --- a/src/libcharon/processing/jobs/update_sa_job.h +++ b/src/libcharon/processing/jobs/update_sa_job.h @@ -26,7 +26,7 @@ typedef struct update_sa_job_t update_sa_job_t; #include #include #include -#include +#include /** * Update the addresses of an IKE and its CHILD_SAs. diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index 91da4d3e6..a01ee9e4d 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2017 Tobias Brunner + * Copyright (C) 2006-2018 Tobias Brunner * Copyright (C) 2016 Andreas Steffen * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger @@ -1249,17 +1249,6 @@ METHOD(child_sa_t, install_policies, status_t, enumerator = create_policy_enumerator(this); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - /* install outbound drop policy to avoid packets leaving unencrypted - * when updating policies */ - if (priority == POLICY_PRIORITY_DEFAULT && manual_prio == 0 && - require_policy_update() && install_outbound) - { - status |= install_policies_outbound(this, this->my_addr, - this->other_addr, my_ts, other_ts, - &my_sa, &other_sa, POLICY_DROP, - POLICY_PRIORITY_FALLBACK, 0); - } - status |= install_policies_inbound(this, this->my_addr, this->other_addr, my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, @@ -1350,15 +1339,6 @@ METHOD(child_sa_t, install_outbound, status_t, enumerator = create_policy_enumerator(this); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - /* install outbound drop policy to avoid packets leaving unencrypted - * when updating policies */ - if (manual_prio == 0 && require_policy_update()) - { - status |= install_policies_outbound(this, this->my_addr, - this->other_addr, my_ts, other_ts, - &my_sa, &other_sa, POLICY_DROP, - POLICY_PRIORITY_FALLBACK, 0); - } status |= install_policies_outbound(this, this->my_addr, this->other_addr, my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, @@ -1407,12 +1387,6 @@ METHOD(child_sa_t, remove_outbound, void, my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, POLICY_PRIORITY_DEFAULT, manual_prio); - if (manual_prio == 0 && require_policy_update()) - { - del_policies_outbound(this, this->my_addr, this->other_addr, - my_ts, other_ts, &my_sa, &other_sa, - POLICY_DROP, POLICY_PRIORITY_FALLBACK, 0); - } } enumerator->destroy(enumerator); } @@ -1458,8 +1432,65 @@ CALLBACK(reinstall_vip, void, } } +/** + * Update addresses and encap state of IPsec SAs in the kernel + */ +static status_t update_sas(private_child_sa_t *this, host_t *me, host_t *other, + bool encap) +{ + /* update our (initiator) SA */ + if (this->my_spi) + { + kernel_ipsec_sa_id_t id = { + .src = this->other_addr, + .dst = this->my_addr, + .spi = this->my_spi, + .proto = proto_ike2ip(this->protocol), + .mark = mark_in_sa(this), + }; + kernel_ipsec_update_sa_t sa = { + .cpi = this->ipcomp != IPCOMP_NONE ? this->my_cpi : 0, + .new_src = other, + .new_dst = me, + .encap = this->encap, + .new_encap = encap, + }; + if (charon->kernel->update_sa(charon->kernel, &id, + &sa) == NOT_SUPPORTED) + { + return NOT_SUPPORTED; + } + } + + /* update his (responder) SA */ + if (this->other_spi) + { + kernel_ipsec_sa_id_t id = { + .src = this->my_addr, + .dst = this->other_addr, + .spi = this->other_spi, + .proto = proto_ike2ip(this->protocol), + .mark = this->mark_out, + }; + kernel_ipsec_update_sa_t sa = { + .cpi = this->ipcomp != IPCOMP_NONE ? this->other_cpi : 0, + .new_src = me, + .new_dst = other, + .encap = this->encap, + .new_encap = encap, + }; + if (charon->kernel->update_sa(charon->kernel, &id, + &sa) == NOT_SUPPORTED) + { + return NOT_SUPPORTED; + } + } + /* we currently ignore the actual return values above */ + return SUCCESS; +} + METHOD(child_sa_t, update, status_t, - private_child_sa_t *this, host_t *me, host_t *other, linked_list_t *vips, + private_child_sa_t *this, host_t *me, host_t *other, linked_list_t *vips, bool encap) { child_sa_state_t old; @@ -1478,84 +1509,50 @@ METHOD(child_sa_t, update, status_t, this->config->has_option(this->config, OPT_PROXY_MODE); - if (!transport_proxy_mode) + if (!this->config->has_option(this->config, OPT_NO_POLICIES) && + require_policy_update()) { - /* update our (initiator) SA */ - if (this->my_spi) - { - kernel_ipsec_sa_id_t id = { - .src = this->other_addr, - .dst = this->my_addr, - .spi = this->my_spi, - .proto = proto_ike2ip(this->protocol), - .mark = mark_in_sa(this), - }; - kernel_ipsec_update_sa_t sa = { - .cpi = this->ipcomp != IPCOMP_NONE ? this->my_cpi : 0, - .new_src = other, - .new_dst = me, - .encap = this->encap, - .new_encap = encap, - }; - if (charon->kernel->update_sa(charon->kernel, &id, - &sa) == NOT_SUPPORTED) - { - set_state(this, old); - return NOT_SUPPORTED; - } - } + ipsec_sa_cfg_t my_sa, other_sa; + enumerator_t *enumerator; + traffic_selector_t *my_ts, *other_ts; + uint32_t manual_prio; + status_t state; + + prepare_sa_cfg(this, &my_sa, &other_sa); + manual_prio = this->config->get_manual_prio(this->config); - /* update his (responder) SA */ - if (this->other_spi) + enumerator = create_policy_enumerator(this); + while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - kernel_ipsec_sa_id_t id = { - .src = this->my_addr, - .dst = this->other_addr, - .spi = this->other_spi, - .proto = proto_ike2ip(this->protocol), - .mark = this->mark_out, - }; - kernel_ipsec_update_sa_t sa = { - .cpi = this->ipcomp != IPCOMP_NONE ? this->other_cpi : 0, - .new_src = me, - .new_dst = other, - .encap = this->encap, - .new_encap = encap, - }; - if (charon->kernel->update_sa(charon->kernel, &id, - &sa) == NOT_SUPPORTED) - { - set_state(this, old); - return NOT_SUPPORTED; - } + /* install drop policy to avoid traffic leaks, acquires etc. */ + install_policies_outbound(this, this->my_addr, this->other_addr, + my_ts, other_ts, &my_sa, &other_sa, POLICY_DROP, + POLICY_PRIORITY_DEFAULT, manual_prio); + + /* remove old policies */ + del_policies_internal(this, this->my_addr, this->other_addr, + my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, + POLICY_PRIORITY_DEFAULT, manual_prio); } - } + enumerator->destroy(enumerator); - if (!this->config->has_option(this->config, OPT_NO_POLICIES) && - require_policy_update()) - { - if (!me->ip_equals(me, this->my_addr) || - !other->ip_equals(other, this->other_addr)) - { - ipsec_sa_cfg_t my_sa, other_sa; - enumerator_t *enumerator; - traffic_selector_t *my_ts, *other_ts; - uint32_t manual_prio; + /* update the IPsec SAs */ + state = update_sas(this, me, other, encap); - prepare_sa_cfg(this, &my_sa, &other_sa); - manual_prio = this->config->get_manual_prio(this->config); + enumerator = create_policy_enumerator(this); + while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) + { + traffic_selector_t *old_my_ts = NULL, *old_other_ts = NULL; - /* always use high priorities, as hosts getting updated are INSTALLED */ - enumerator = create_policy_enumerator(this); - while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) + /* reinstall the previous policies if we can't update the SAs */ + if (state == NOT_SUPPORTED) + { + install_policies_internal(this, this->my_addr, this->other_addr, + my_ts, other_ts, &my_sa, &other_sa, + POLICY_IPSEC, POLICY_PRIORITY_DEFAULT, manual_prio); + } + else { - traffic_selector_t *old_my_ts = NULL, *old_other_ts = NULL; - - /* remove old policies first */ - del_policies_internal(this, this->my_addr, this->other_addr, - my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, - POLICY_PRIORITY_DEFAULT, manual_prio); - /* check if we have to update a "dynamic" traffic selector */ if (!me->ip_equals(me, this->my_addr) && my_ts->is_host(my_ts, this->my_addr)) @@ -1578,23 +1575,32 @@ METHOD(child_sa_t, update, status_t, install_policies_internal(this, me, other, my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, POLICY_PRIORITY_DEFAULT, manual_prio); - - /* update fallback policies after the new policy is in place */ - if (manual_prio == 0) - { - del_policies_outbound(this, this->my_addr, this->other_addr, - old_my_ts ?: my_ts, - old_other_ts ?: other_ts, - &my_sa, &other_sa, POLICY_DROP, - POLICY_PRIORITY_FALLBACK, 0); - install_policies_outbound(this, me, other, my_ts, other_ts, - &my_sa, &other_sa, POLICY_DROP, - POLICY_PRIORITY_FALLBACK, 0); - } - DESTROY_IF(old_my_ts); - DESTROY_IF(old_other_ts); } - enumerator->destroy(enumerator); + /* remove the drop policy */ + del_policies_outbound(this, this->my_addr, this->other_addr, + old_my_ts ?: my_ts, + old_other_ts ?: other_ts, + &my_sa, &other_sa, POLICY_DROP, + POLICY_PRIORITY_DEFAULT, 0); + + DESTROY_IF(old_my_ts); + DESTROY_IF(old_other_ts); + } + enumerator->destroy(enumerator); + + if (state == NOT_SUPPORTED) + { + set_state(this, old); + return NOT_SUPPORTED; + } + + } + else if (!transport_proxy_mode) + { + if (update_sas(this, me, other, encap) == NOT_SUPPORTED) + { + set_state(this, old); + return NOT_SUPPORTED; } } @@ -1655,13 +1661,6 @@ METHOD(child_sa_t, destroy, void, del_policies_inbound(this, this->my_addr, this->other_addr, my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, priority, manual_prio); - if (!this->trap && manual_prio == 0 && require_policy_update() && - del_outbound) - { - del_policies_outbound(this, this->my_addr, this->other_addr, - my_ts, other_ts, &my_sa, &other_sa, - POLICY_DROP, POLICY_PRIORITY_FALLBACK, 0); - } } enumerator->destroy(enumerator); } diff --git a/src/libcharon/sa/child_sa.h b/src/libcharon/sa/child_sa.h index 082404d93..49175ca01 100644 --- a/src/libcharon/sa/child_sa.h +++ b/src/libcharon/sa/child_sa.h @@ -30,7 +30,7 @@ typedef struct child_sa_t child_sa_t; #include #include #include -#include +#include #include /** @@ -145,7 +145,7 @@ extern enum_name_t *child_sa_outbound_state_names; * - B allocates an SPI for the selected protocol * - B calls child_sa_t.install for both, the allocated and received SPI * - B sends the proposal with the allocated SPI to A - * - A calls child_sa_t.install for both, the allocated and recevied SPI + * - A calls child_sa_t.install for both, the allocated and received SPI * * Once SAs are set up, policies can be added using add_policies. */ @@ -254,7 +254,7 @@ struct child_sa_t { /** * Set the negotiated IPsec mode to use. * - * @param mode TUNNEL | TRANPORT | BEET + * @param mode TUNNEL | TRANSPORT | BEET */ void (*set_mode)(child_sa_t *this, ipsec_mode_t mode); diff --git a/src/libcharon/sa/eap/eap_manager.h b/src/libcharon/sa/eap/eap_manager.h index 4ed1cae20..391c906e9 100644 --- a/src/libcharon/sa/eap/eap_manager.h +++ b/src/libcharon/sa/eap/eap_manager.h @@ -30,7 +30,7 @@ typedef struct eap_manager_t eap_manager_t; * The EAP manager manages all EAP implementations and creates instances. * * A plugin registers it's implemented EAP method at the manager by - * providing type and a contructor function. The manager then instanciates + * providing type and a constructor function. The manager then instantiates * eap_method_t instances through the provided constructor to handle * EAP authentication. */ diff --git a/src/libcharon/sa/eap/eap_method.h b/src/libcharon/sa/eap/eap_method.h index 8e25f7df8..840779727 100644 --- a/src/libcharon/sa/eap/eap_method.h +++ b/src/libcharon/sa/eap/eap_method.h @@ -64,7 +64,7 @@ struct eap_method_t { /** * Initiate the EAP exchange. * - * initiate() is only useable for server implementations, as clients only + * initiate() is only usable for server implementations, as clients only * reply to server requests. * A eap_payload is created in "out" if result is NEED_MORE. * diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index 823cf2579..e1f4ec95a 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -231,11 +231,6 @@ struct private_ike_sa_t { */ chunk_t nat_detection_dest; - /** - * number pending UPDATE_SA_ADDRESS (MOBIKE) - */ - uint32_t pending_updates; - /** * NAT keep alive interval */ @@ -734,8 +729,11 @@ METHOD(ike_sa_t, set_condition, void, switch (condition) { case COND_NAT_HERE: - case COND_NAT_FAKE: case COND_NAT_THERE: + DBG1(DBG_IKE, "%s host is not behind NAT anymore", + condition == COND_NAT_HERE ? "local" : "remote"); + /* fall-through */ + case COND_NAT_FAKE: set_condition(this, COND_NAT_ANY, has_condition(this, COND_NAT_HERE) || has_condition(this, COND_NAT_THERE) || @@ -1052,18 +1050,6 @@ METHOD(ike_sa_t, has_mapping_changed, bool, return TRUE; } -METHOD(ike_sa_t, set_pending_updates, void, - private_ike_sa_t *this, uint32_t updates) -{ - this->pending_updates = updates; -} - -METHOD(ike_sa_t, get_pending_updates, uint32_t, - private_ike_sa_t *this) -{ - return this->pending_updates; -} - METHOD(ike_sa_t, float_ports, void, private_ike_sa_t *this) { @@ -2561,6 +2547,12 @@ METHOD(ike_sa_t, roam, status_t, break; } + if (!this->ike_cfg) + { /* this is the case for new HA SAs not yet in state IKE_PASSIVE and + * without config assigned */ + return SUCCESS; + } + /* ignore roam events if MOBIKE is not supported/enabled and the local * address is statically configured */ if (this->version == IKEV2 && !supports_extension(this, EXT_MOBIKE) && @@ -2964,8 +2956,6 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, bool initiator, .supports_extension = _supports_extension, .set_condition = _set_condition, .has_condition = _has_condition, - .set_pending_updates = _set_pending_updates, - .get_pending_updates = _get_pending_updates, .create_peer_address_enumerator = _create_peer_address_enumerator, .add_peer_address = _add_peer_address, .clear_peer_addresses = _clear_peer_addresses, diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h index fbc367292..b4fbc56d7 100644 --- a/src/libcharon/sa/ike_sa.h +++ b/src/libcharon/sa/ike_sa.h @@ -646,20 +646,6 @@ struct ike_sa_t { */ bool (*has_condition) (ike_sa_t *this, ike_condition_t condition); - /** - * Get the number of queued MOBIKE address updates. - * - * @return number of pending updates - */ - uint32_t (*get_pending_updates)(ike_sa_t *this); - - /** - * Set the number of queued MOBIKE address updates. - * - * @param updates number of pending updates - */ - void (*set_pending_updates)(ike_sa_t *this, uint32_t updates); - #ifdef ME /** * Activate mediation server functionality for this IKE_SA. @@ -869,7 +855,7 @@ struct ike_sa_t { * @param message_id ID of the request to retransmit * @return * - SUCCESS - * - NOT_FOUND if request doesn't have to be retransmited + * - NOT_FOUND if request doesn't have to be retransmitted */ status_t (*retransmit) (ike_sa_t *this, uint32_t message_id); @@ -1169,7 +1155,7 @@ struct ike_sa_t { void (*inherit_post) (ike_sa_t *this, ike_sa_t *other); /** - * Reset the IKE_SA, useable when initiating fails. + * Reset the IKE_SA, usable when initiating fails. * * @param new_spi TRUE to allocate a new initiator SPI */ diff --git a/src/libcharon/sa/ikev1/phase1.c b/src/libcharon/sa/ikev1/phase1.c index adce59f7e..5856f829e 100644 --- a/src/libcharon/sa/ikev1/phase1.c +++ b/src/libcharon/sa/ikev1/phase1.c @@ -1,6 +1,6 @@ /* - * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * Copyright (C) 2012-2017 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG @@ -101,6 +101,31 @@ static auth_cfg_t *get_auth_cfg(peer_cfg_t *peer_cfg, bool local) return cfg; } +/** + * Find a shared key for the given identities + */ +static shared_key_t *find_shared_key(identification_t *my_id, host_t *me, + identification_t *other_id, host_t *other) +{ + identification_t *any_id = NULL; + shared_key_t *shared_key; + + if (!other_id) + { + any_id = identification_create_from_encoding(ID_ANY, chunk_empty); + other_id = any_id; + } + shared_key = lib->credmgr->get_shared(lib->credmgr, SHARED_IKE, + my_id, other_id); + if (!shared_key) + { + DBG1(DBG_IKE, "no shared key found for '%Y'[%H] - '%Y'[%H]", + my_id, me, other_id, other); + } + DESTROY_IF(any_id); + return shared_key; +} + /** * Lookup a shared secret for this IKE_SA */ @@ -131,15 +156,9 @@ static shared_key_t *lookup_shared_key(private_phase1_t *this, { other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY); } - if (my_id && other_id) + if (my_id) { - shared_key = lib->credmgr->get_shared(lib->credmgr, SHARED_IKE, - my_id, other_id); - if (!shared_key) - { - DBG1(DBG_IKE, "no shared key found for '%Y'[%H] - '%Y'[%H]", - my_id, me, other_id, other); - } + shared_key = find_shared_key(my_id, me, other_id, other); } } } @@ -158,14 +177,11 @@ static shared_key_t *lookup_shared_key(private_phase1_t *this, other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY); if (my_id) { - shared_key = lib->credmgr->get_shared(lib->credmgr, - SHARED_IKE, my_id, other_id); + shared_key = find_shared_key(my_id, me, other_id, other); if (shared_key) { break; } - DBG1(DBG_IKE, "no shared key found for '%Y'[%H] - '%Y'[%H]", - my_id, me, other_id, other); } } } diff --git a/src/libcharon/sa/ikev1/tasks/mode_config.c b/src/libcharon/sa/ikev1/tasks/mode_config.c index 7098d24a2..43897c304 100644 --- a/src/libcharon/sa/ikev1/tasks/mode_config.c +++ b/src/libcharon/sa/ikev1/tasks/mode_config.c @@ -547,7 +547,7 @@ static status_t build_reply(private_mode_config_t *this, message_t *message) type, value)); } enumerator->destroy(enumerator); - /* if a client did not re-request all adresses, release them */ + /* if a client did not re-request all addresses, release them */ enumerator = migrated->create_enumerator(migrated); while (enumerator->enumerate(enumerator, &found)) { diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 49b476ad8..77592e59a 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -1330,7 +1330,7 @@ METHOD(task_t, process_i, status_t, &this->cpi_r); if (!list->get_count(list)) { - DBG1(DBG_IKE, "peer did not acccept our IPComp proposal, " + DBG1(DBG_IKE, "peer did not accept our IPComp proposal, " "IPComp disabled"); this->cpi_i = 0; } diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c index 361eb0fe1..5c0ec49f0 100644 --- a/src/libcharon/sa/ikev2/task_manager_v2.c +++ b/src/libcharon/sa/ikev2/task_manager_v2.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2007-2016 Tobias Brunner + * Copyright (C) 2007-2018 Tobias Brunner * Copyright (C) 2007-2010 Martin Willi * HSR Hochschule fuer Technik Rapperswil * @@ -737,7 +737,7 @@ static status_t process_response(private_task_manager_t *this, charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_CLEARED, packet); } - /* catch if we get resetted while processing */ + /* catch if we get reset while processing */ this->reset = FALSE; enumerator = array_create_enumerator(this->active_tasks); while (enumerator->enumerate(enumerator, &task)) @@ -1642,24 +1642,9 @@ METHOD(task_manager_t, process_message, status_t, METHOD(task_manager_t, queue_task_delayed, void, private_task_manager_t *this, task_t *task, uint32_t delay) { - enumerator_t *enumerator; queued_task_t *queued; timeval_t time; - if (task->get_type(task) == TASK_IKE_MOBIKE) - { /* there is no need to queue more than one mobike task */ - enumerator = array_create_enumerator(this->queued_tasks); - while (enumerator->enumerate(enumerator, &queued)) - { - if (queued->task->get_type(queued->task) == TASK_IKE_MOBIKE) - { - enumerator->destroy(enumerator); - task->destroy(task); - return; - } - } - enumerator->destroy(enumerator); - } time_monotonic(&time); if (delay) { @@ -1877,12 +1862,41 @@ METHOD(task_manager_t, queue_ike_delete, void, queue_task(this, (task_t*)ike_delete_create(this->ike_sa, TRUE)); } +/** + * There is no need to queue more than one mobike task, so this either returns + * an already queued task or queues one if there is none yet. + */ +static ike_mobike_t *queue_mobike_task(private_task_manager_t *this) +{ + enumerator_t *enumerator; + queued_task_t *queued; + ike_mobike_t *mobike = NULL; + + enumerator = array_create_enumerator(this->queued_tasks); + while (enumerator->enumerate(enumerator, &queued)) + { + if (queued->task->get_type(queued->task) == TASK_IKE_MOBIKE) + { + mobike = (ike_mobike_t*)queued->task; + break; + } + } + enumerator->destroy(enumerator); + + if (!mobike) + { + mobike = ike_mobike_create(this->ike_sa, TRUE); + queue_task(this, &mobike->task); + } + return mobike; +} + METHOD(task_manager_t, queue_mobike, void, private_task_manager_t *this, bool roam, bool address) { ike_mobike_t *mobike; - mobike = ike_mobike_create(this->ike_sa, TRUE); + mobike = queue_mobike_task(this); if (roam) { enumerator_t *enumerator; @@ -1909,7 +1923,31 @@ METHOD(task_manager_t, queue_mobike, void, { mobike->addresses(mobike); } - queue_task(this, &mobike->task); +} + +METHOD(task_manager_t, queue_dpd, void, + private_task_manager_t *this) +{ + ike_mobike_t *mobike; + + if (this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE) && + this->ike_sa->has_condition(this->ike_sa, COND_NAT_HERE)) + { +#ifdef ME + peer_cfg_t *cfg = this->ike_sa->get_peer_cfg(this->ike_sa); + if (cfg->get_peer_id(cfg) || + this->ike_sa->has_condition(this->ike_sa, COND_ORIGINAL_INITIATOR)) +#else + if (this->ike_sa->has_condition(this->ike_sa, COND_ORIGINAL_INITIATOR)) +#endif + { + /* use mobike enabled DPD to detect NAT mapping changes */ + mobike = queue_mobike_task(this); + mobike->dpd(mobike); + return; + } + } + queue_task(this, (task_t*)ike_dpd_create(TRUE)); } METHOD(task_manager_t, queue_child, void, @@ -1940,32 +1978,6 @@ METHOD(task_manager_t, queue_child_delete, void, protocol, spi, expired)); } -METHOD(task_manager_t, queue_dpd, void, - private_task_manager_t *this) -{ - ike_mobike_t *mobike; - - if (this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE) && - this->ike_sa->has_condition(this->ike_sa, COND_NAT_HERE)) - { -#ifdef ME - peer_cfg_t *cfg = this->ike_sa->get_peer_cfg(this->ike_sa); - if (cfg->get_peer_id(cfg) || - this->ike_sa->has_condition(this->ike_sa, COND_ORIGINAL_INITIATOR)) -#else - if (this->ike_sa->has_condition(this->ike_sa, COND_ORIGINAL_INITIATOR)) -#endif - { - /* use mobike enabled DPD to detect NAT mapping changes */ - mobike = ike_mobike_create(this->ike_sa, TRUE); - mobike->dpd(mobike); - queue_task(this, &mobike->task); - return; - } - } - queue_task(this, (task_t*)ike_dpd_create(TRUE)); -} - METHOD(task_manager_t, adopt_tasks, void, private_task_manager_t *this, task_manager_t *other_public) { diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c index 4d4d72e0b..85dac6d59 100644 --- a/src/libcharon/sa/ikev2/tasks/child_create.c +++ b/src/libcharon/sa/ikev2/tasks/child_create.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2017 Tobias Brunner + * Copyright (C) 2008-2018 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter * HSR Hochschule fuer Technik Rapperswil @@ -277,12 +277,13 @@ static bool ts_list_is_host(linked_list_t *list, host_t *host) } /** - * Allocate SPIs and update proposals + * Allocate SPIs and update proposals, we also promote the selected DH group */ static bool allocate_spi(private_child_create_t *this) { enumerator_t *enumerator; proposal_t *proposal; + linked_list_t *other_dh_groups; if (this->initiator) { @@ -304,12 +305,29 @@ static bool allocate_spi(private_child_create_t *this) { if (this->initiator) { + other_dh_groups = linked_list_create(); enumerator = this->proposals->create_enumerator(this->proposals); while (enumerator->enumerate(enumerator, &proposal)) { proposal->set_spi(proposal, this->my_spi); + + /* move the selected DH group to the front, if any */ + if (this->dh_group != MODP_NONE && + !proposal->promote_dh_group(proposal, this->dh_group)) + { /* proposals that don't contain the selected group are + * moved to the back */ + this->proposals->remove_at(this->proposals, enumerator); + other_dh_groups->insert_last(other_dh_groups, proposal); + } + } + enumerator->destroy(enumerator); + enumerator = other_dh_groups->create_enumerator(other_dh_groups); + while (enumerator->enumerate(enumerator, (void**)&proposal)) + { /* no need to remove from the list as we destroy it anyway*/ + this->proposals->insert_last(this->proposals, proposal); } enumerator->destroy(enumerator); + other_dh_groups->destroy(other_dh_groups); } else { @@ -396,7 +414,7 @@ static linked_list_t *get_dynamic_hosts(ike_sa_t *ike_sa, bool local) } /** - * Substitude any host address with NATed address in traffic selector + * Substitute any host address with NATed address in traffic selector */ static linked_list_t* get_transport_nat_ts(private_child_create_t *this, bool local, linked_list_t *in) @@ -1006,8 +1024,8 @@ METHOD(task_t, build_i, status_t, chunk_empty); return SUCCESS; } - if (!this->retry) - { + if (!this->retry && this->dh_group == MODP_NONE) + { /* during a rekeying the group might already be set */ this->dh_group = this->config->get_dh_group(this->config); } break; @@ -1615,6 +1633,12 @@ METHOD(child_create_t, use_marks, void, this->mark_out = out; } +METHOD(child_create_t, use_dh_group, void, + private_child_create_t *this, diffie_hellman_group_t dh_group) +{ + this->dh_group = dh_group; +} + METHOD(child_create_t, get_child, child_sa_t*, private_child_create_t *this) { @@ -1736,6 +1760,7 @@ child_create_t *child_create_create(ike_sa_t *ike_sa, .get_lower_nonce = _get_lower_nonce, .use_reqid = _use_reqid, .use_marks = _use_marks, + .use_dh_group = _use_dh_group, .task = { .get_type = _get_type, .migrate = _migrate, diff --git a/src/libcharon/sa/ikev2/tasks/child_create.h b/src/libcharon/sa/ikev2/tasks/child_create.h index f48d7b0a9..59fc6d2d9 100644 --- a/src/libcharon/sa/ikev2/tasks/child_create.h +++ b/src/libcharon/sa/ikev2/tasks/child_create.h @@ -1,6 +1,7 @@ /* + * Copyright (C) 2018 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -59,6 +60,15 @@ struct child_create_t { */ void (*use_marks)(child_create_t *this, u_int in, u_int out); + /** + * Initially propose a specific DH group to override configuration. + * + * This is used during rekeying to prefer the previously negotiated group. + * + * @param dh_group DH group to use + */ + void (*use_dh_group)(child_create_t *this, diffie_hellman_group_t dh_group); + /** * Get the lower of the two nonces, used for rekey collisions. * diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c index b67e9b80f..f90056658 100644 --- a/src/libcharon/sa/ikev2/tasks/child_rekey.c +++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009-2017 Tobias Brunner + * Copyright (C) 2009-2018 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * HSR Hochschule fuer Technik Rapperswil @@ -190,8 +190,18 @@ METHOD(task_t, build_i, status_t, /* our CHILD_CREATE task does the hard work for us */ if (!this->child_create) { + proposal_t *proposal; + uint16_t dh_group; + this->child_create = child_create_create(this->ike_sa, config->get_ref(config), TRUE, NULL, NULL); + + proposal = this->child_sa->get_proposal(this->child_sa); + if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, + &dh_group, NULL)) + { /* reuse the DH group negotiated previously */ + this->child_create->use_dh_group(this->child_create, dh_group); + } } reqid = this->child_sa->get_reqid(this->child_sa); this->child_create->use_reqid(this->child_create, reqid); diff --git a/src/libcharon/sa/ikev2/tasks/ike_init.c b/src/libcharon/sa/ikev2/tasks/ike_init.c index d75d21715..3d73d728b 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_init.c +++ b/src/libcharon/sa/ikev2/tasks/ike_init.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2008-2015 Tobias Brunner + * Copyright (C) 2008-2018 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -282,7 +282,7 @@ static bool build_payloads(private_ike_init_t *this, message_t *message) sa_payload_t *sa_payload; ke_payload_t *ke_payload; nonce_payload_t *nonce_payload; - linked_list_t *proposal_list; + linked_list_t *proposal_list, *other_dh_groups; ike_sa_id_t *id; proposal_t *proposal; enumerator_t *enumerator; @@ -294,16 +294,31 @@ static bool build_payloads(private_ike_init_t *this, message_t *message) if (this->initiator) { proposal_list = this->config->get_proposals(this->config); - if (this->old_sa) + other_dh_groups = linked_list_create(); + enumerator = proposal_list->create_enumerator(proposal_list); + while (enumerator->enumerate(enumerator, (void**)&proposal)) { /* include SPI of new IKE_SA when we are rekeying */ - enumerator = proposal_list->create_enumerator(proposal_list); - while (enumerator->enumerate(enumerator, (void**)&proposal)) + if (this->old_sa) { proposal->set_spi(proposal, id->get_initiator_spi(id)); } - enumerator->destroy(enumerator); + /* move the selected DH group to the front of the proposal */ + if (!proposal->promote_dh_group(proposal, this->dh_group)) + { /* the proposal does not include the group, move to the back */ + proposal_list->remove_at(proposal_list, enumerator); + other_dh_groups->insert_last(other_dh_groups, proposal); + } } + enumerator->destroy(enumerator); + /* add proposals that don't contain the selected group */ + enumerator = other_dh_groups->create_enumerator(other_dh_groups); + while (enumerator->enumerate(enumerator, (void**)&proposal)) + { /* no need to remove from the list as we destroy it anyway*/ + proposal_list->insert_last(proposal_list, proposal); + } + enumerator->destroy(enumerator); + other_dh_groups->destroy(other_dh_groups); sa_payload = sa_payload_create_from_proposals_v2(proposal_list); proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy)); @@ -531,10 +546,30 @@ METHOD(task_t, build_i, status_t, return FAILED; } - /* if the DH group is set via use_dh_group(), we already have a DH object */ + /* if we are retrying after an INVALID_KE_PAYLOAD we already have one */ if (!this->dh) { - this->dh_group = this->config->get_dh_group(this->config); + if (this->old_sa && lib->settings->get_bool(lib->settings, + "%s.prefer_previous_dh_group", TRUE, lib->ns)) + { /* reuse the DH group we used for the old IKE_SA when rekeying */ + proposal_t *proposal; + uint16_t dh_group; + + proposal = this->old_sa->get_proposal(this->old_sa); + if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, + &dh_group, NULL)) + { + this->dh_group = dh_group; + } + else + { /* this shouldn't happen, but let's be safe */ + this->dh_group = this->config->get_dh_group(this->config); + } + } + else + { + this->dh_group = this->config->get_dh_group(this->config); + } this->dh = this->keymat->keymat.create_dh(&this->keymat->keymat, this->dh_group); if (!this->dh) @@ -544,6 +579,18 @@ METHOD(task_t, build_i, status_t, return FAILED; } } + else if (this->dh->get_dh_group(this->dh) != this->dh_group) + { /* reset DH instance if group changed (INVALID_KE_PAYLOAD) */ + this->dh->destroy(this->dh); + this->dh = this->keymat->keymat.create_dh(&this->keymat->keymat, + this->dh_group); + if (!this->dh) + { + DBG1(DBG_IKE, "requested DH group %N not supported", + diffie_hellman_group_names, this->dh_group); + return FAILED; + } + } /* generate nonce only when we are trying the first time */ if (this->my_nonce.ptr == NULL) @@ -929,12 +976,6 @@ METHOD(task_t, migrate, void, this->keymat = (keymat_v2_t*)ike_sa->get_keymat(ike_sa); this->proposal = NULL; this->dh_failed = FALSE; - if (this->dh && this->dh->get_dh_group(this->dh) != this->dh_group) - { /* reset DH value only if group changed (INVALID_KE_PAYLOAD) */ - this->dh->destroy(this->dh); - this->dh = this->keymat->keymat.create_dh(&this->keymat->keymat, - this->dh_group); - } } METHOD(task_t, destroy, void, diff --git a/src/libcharon/sa/ikev2/tasks/ike_mobike.c b/src/libcharon/sa/ikev2/tasks/ike_mobike.c index dc0f24fb8..fe41a1cac 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_mobike.c +++ b/src/libcharon/sa/ikev2/tasks/ike_mobike.c @@ -1,7 +1,7 @@ /* - * Copyright (C) 2010-2014 Tobias Brunner + * Copyright (C) 2010-2018 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -76,13 +76,35 @@ struct private_ike_mobike_t { * additional addresses got updated */ bool addresses_updated; - - /** - * whether the pending updates counter was increased - */ - bool pending_update; }; +/** + * Check if a newer MOBIKE update task is queued + */ +static bool is_newer_update_queued(private_ike_mobike_t *this) +{ + enumerator_t *enumerator; + private_ike_mobike_t *mobike; + task_t *task; + bool found = FALSE; + + enumerator = this->ike_sa->create_task_enumerator(this->ike_sa, + TASK_QUEUE_QUEUED); + while (enumerator->enumerate(enumerator, &task)) + { + if (task->get_type(task) == TASK_IKE_MOBIKE) + { + mobike = (private_ike_mobike_t*)task; + /* a queued check or update might invalidate the results of the + * current task */ + found = mobike->check || mobike->update; + break; + } + } + enumerator->destroy(enumerator); + return found; +} + /** * read notifys from message and evaluate them */ @@ -526,9 +548,8 @@ METHOD(task_t, process_i, status_t, } else if (message->get_exchange_type(message) == INFORMATIONAL) { - if (this->ike_sa->get_pending_updates(this->ike_sa) > 1) + if (is_newer_update_queued(this)) { - /* newer update queued, ignore this one */ return SUCCESS; } if (this->cookie2.ptr) @@ -553,7 +574,7 @@ METHOD(task_t, process_i, status_t, if (this->natd) { this->natd->task.process(&this->natd->task, message); - if (this->natd->has_mapping_changed(this->natd)) + if (!this->update && this->natd->has_mapping_changed(this->natd)) { /* force an update if mappings have changed */ this->update = this->check = TRUE; @@ -615,25 +636,13 @@ METHOD(ike_mobike_t, addresses, void, private_ike_mobike_t *this) { this->address = TRUE; - if (!this->pending_update) - { - this->pending_update = TRUE; - this->ike_sa->set_pending_updates(this->ike_sa, - this->ike_sa->get_pending_updates(this->ike_sa) + 1); - } } METHOD(ike_mobike_t, roam, void, private_ike_mobike_t *this, bool address) { this->check = TRUE; - this->address = address; - if (!this->pending_update) - { - this->pending_update = TRUE; - this->ike_sa->set_pending_updates(this->ike_sa, - this->ike_sa->get_pending_updates(this->ike_sa) + 1); - } + this->address |= address; } METHOD(ike_mobike_t, dpd, void, @@ -643,12 +652,6 @@ METHOD(ike_mobike_t, dpd, void, { this->natd = ike_natd_create(this->ike_sa, this->initiator); } - if (!this->pending_update) - { - this->pending_update = TRUE; - this->ike_sa->set_pending_updates(this->ike_sa, - this->ike_sa->get_pending_updates(this->ike_sa) + 1); - } } METHOD(ike_mobike_t, is_probing, bool, @@ -678,21 +681,11 @@ METHOD(task_t, migrate, void, { this->natd->task.migrate(&this->natd->task, ike_sa); } - if (this->pending_update) - { - this->ike_sa->set_pending_updates(this->ike_sa, - this->ike_sa->get_pending_updates(this->ike_sa) + 1); - } } METHOD(task_t, destroy, void, private_ike_mobike_t *this) { - if (this->pending_update) - { - this->ike_sa->set_pending_updates(this->ike_sa, - this->ike_sa->get_pending_updates(this->ike_sa) - 1); - } chunk_free(&this->cookie2); if (this->natd) { diff --git a/src/libcharon/sa/keymat.h b/src/libcharon/sa/keymat.h index bc40b3d92..17d2efe37 100644 --- a/src/libcharon/sa/keymat.h +++ b/src/libcharon/sa/keymat.h @@ -27,7 +27,7 @@ typedef struct keymat_t keymat_t; #include #include #include -#include +#include #include #include diff --git a/src/libcharon/sa/task_manager.h b/src/libcharon/sa/task_manager.h index e3fddf39b..9545da4f3 100644 --- a/src/libcharon/sa/task_manager.h +++ b/src/libcharon/sa/task_manager.h @@ -86,7 +86,7 @@ enum task_queue_t { * completed. * For the initial IKE_SA setup, several tasks are queued: One for the * unauthenticated IKE_SA setup, one for authentication, one for CHILD_SA setup - * and maybe one for virtual IP assignement. + * and maybe one for virtual IP assignment. * The task manager is also responsible for retransmission. It uses a backoff * algorithm. The timeout is calculated using * RETRANSMIT_TIMEOUT * (RETRANSMIT_BASE ** try). diff --git a/src/libcharon/sa/xauth/xauth_manager.h b/src/libcharon/sa/xauth/xauth_manager.h index 65b3c58a3..513bf32f5 100644 --- a/src/libcharon/sa/xauth/xauth_manager.h +++ b/src/libcharon/sa/xauth/xauth_manager.h @@ -29,7 +29,7 @@ typedef struct xauth_manager_t xauth_manager_t; * The XAuth manager manages all XAuth implementations and creates instances. * * A plugin registers it's implemented XAuth method at the manager by - * providing type and a contructor function. The manager then instanciates + * providing type and a constructor function. The manager then instantiates * xauth_method_t instances through the provided constructor to handle * XAuth authentication. */ diff --git a/src/libcharon/sa/xauth/xauth_method.h b/src/libcharon/sa/xauth/xauth_method.h index 701b4dc77..c0c2024e0 100644 --- a/src/libcharon/sa/xauth/xauth_method.h +++ b/src/libcharon/sa/xauth/xauth_method.h @@ -54,7 +54,7 @@ struct xauth_method_t { /** * Initiate the XAuth exchange. * - * initiate() is only useable for server implementations, as clients only + * initiate() is only usable for server implementations, as clients only * reply to server requests. * A cp_payload is created in "out" if result is NEED_MORE. * diff --git a/src/libcharon/tests/Makefile.am b/src/libcharon/tests/Makefile.am index 8f762a2e6..5ebd0456c 100644 --- a/src/libcharon/tests/Makefile.am +++ b/src/libcharon/tests/Makefile.am @@ -3,7 +3,6 @@ TESTS = libcharon_tests exchange_tests check_PROGRAMS = $(TESTS) libcharon_tests_SOURCES = \ - suites/test_proposal.c \ suites/test_ike_cfg.c \ suites/test_mem_pool.c \ suites/test_message_chapoly.c \ diff --git a/src/libcharon/tests/Makefile.in b/src/libcharon/tests/Makefile.in index 66d2431c9..24552d201 100644 --- a/src/libcharon/tests/Makefile.in +++ b/src/libcharon/tests/Makefile.in @@ -138,7 +138,6 @@ exchange_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ $(exchange_tests_CFLAGS) $(CFLAGS) $(exchange_tests_LDFLAGS) \ $(LDFLAGS) -o $@ am_libcharon_tests_OBJECTS = \ - suites/libcharon_tests-test_proposal.$(OBJEXT) \ suites/libcharon_tests-test_ike_cfg.$(OBJEXT) \ suites/libcharon_tests-test_mem_pool.$(OBJEXT) \ suites/libcharon_tests-test_message_chapoly.$(OBJEXT) \ @@ -475,7 +474,6 @@ urandom_device = @urandom_device@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ libcharon_tests_SOURCES = \ - suites/test_proposal.c \ suites/test_ike_cfg.c \ suites/test_mem_pool.c \ suites/test_message_chapoly.c \ @@ -608,8 +606,6 @@ utils/exchange_tests-mock_sender.$(OBJEXT): utils/$(am__dirstamp) \ exchange_tests$(EXEEXT): $(exchange_tests_OBJECTS) $(exchange_tests_DEPENDENCIES) $(EXTRA_exchange_tests_DEPENDENCIES) @rm -f exchange_tests$(EXEEXT) $(AM_V_CCLD)$(exchange_tests_LINK) $(exchange_tests_OBJECTS) $(exchange_tests_LDADD) $(LIBS) -suites/libcharon_tests-test_proposal.$(OBJEXT): \ - suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp) suites/libcharon_tests-test_ike_cfg.$(OBJEXT): suites/$(am__dirstamp) \ suites/$(DEPDIR)/$(am__dirstamp) suites/libcharon_tests-test_mem_pool.$(OBJEXT): \ @@ -640,7 +636,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_mem_pool.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_proposal.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-exchange_test_asserts.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-exchange_test_helper.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/exchange_tests-mock_dh.Po@am__quote@ @@ -854,20 +849,6 @@ exchange_tests-exchange_tests.obj: exchange_tests.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(exchange_tests_CFLAGS) $(CFLAGS) -c -o exchange_tests-exchange_tests.obj `if test -f 'exchange_tests.c'; then $(CYGPATH_W) 'exchange_tests.c'; else $(CYGPATH_W) '$(srcdir)/exchange_tests.c'; fi` -suites/libcharon_tests-test_proposal.o: suites/test_proposal.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_proposal.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo -c -o suites/libcharon_tests-test_proposal.o `test -f 'suites/test_proposal.c' || echo '$(srcdir)/'`suites/test_proposal.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo suites/$(DEPDIR)/libcharon_tests-test_proposal.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_proposal.c' object='suites/libcharon_tests-test_proposal.o' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_proposal.o `test -f 'suites/test_proposal.c' || echo '$(srcdir)/'`suites/test_proposal.c - -suites/libcharon_tests-test_proposal.obj: suites/test_proposal.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_proposal.obj -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo -c -o suites/libcharon_tests-test_proposal.obj `if test -f 'suites/test_proposal.c'; then $(CYGPATH_W) 'suites/test_proposal.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_proposal.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_proposal.Tpo suites/$(DEPDIR)/libcharon_tests-test_proposal.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_proposal.c' object='suites/libcharon_tests-test_proposal.obj' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_proposal.obj `if test -f 'suites/test_proposal.c'; then $(CYGPATH_W) 'suites/test_proposal.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_proposal.c'; fi` - suites/libcharon_tests-test_ike_cfg.o: suites/test_ike_cfg.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_ike_cfg.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo -c -o suites/libcharon_tests-test_ike_cfg.o `test -f 'suites/test_ike_cfg.c' || echo '$(srcdir)/'`suites/test_ike_cfg.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po diff --git a/src/libcharon/tests/libcharon_tests.h b/src/libcharon/tests/libcharon_tests.h index f770f464d..d17ea041d 100644 --- a/src/libcharon/tests/libcharon_tests.h +++ b/src/libcharon/tests/libcharon_tests.h @@ -24,7 +24,6 @@ * @ingroup libcharon-tests */ -TEST_SUITE(proposal_suite_create) TEST_SUITE(ike_cfg_suite_create) TEST_SUITE(mem_pool_suite_create) TEST_SUITE_DEPEND(message_chapoly_suite_create, AEAD, ENCR_CHACHA20_POLY1305, 32) diff --git a/src/libcharon/tests/suites/test_child_rekey.c b/src/libcharon/tests/suites/test_child_rekey.c index ac169723f..44d004ab7 100644 --- a/src/libcharon/tests/suites/test_child_rekey.c +++ b/src/libcharon/tests/suites/test_child_rekey.c @@ -231,6 +231,61 @@ START_TEST(test_regular_ke_invalid) /* child_updown */ assert_hook(); + /* because the DH group should get reused another rekeying should complete + * without additional exchange */ + initiate_rekey(a, 5); + /* this should never get called as this results in a successful rekeying */ + assert_hook_not_called(child_updown); + + /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */ + assert_hook_called(child_rekey); + assert_notify(IN, REKEY_SA); + exchange_test_helper->process_message(exchange_test_helper, b, NULL); + assert_child_sa_state(b, 6, CHILD_REKEYED, CHILD_OUTBOUND_INSTALLED); + assert_child_sa_state(b, 8, CHILD_INSTALLED, CHILD_OUTBOUND_REGISTERED); + assert_ipsec_sas_installed(b, 5, 6, 8); + assert_hook(); + + /* <-- CREATE_CHILD_SA { SA, Nr, [KEr,] TSi, TSr } */ + assert_hook_called(child_rekey); + assert_no_notify(IN, REKEY_SA); + exchange_test_helper->process_message(exchange_test_helper, a, NULL); + assert_child_sa_state(a, 5, CHILD_DELETING, CHILD_OUTBOUND_INSTALLED); + assert_child_sa_state(a, 7, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); + assert_ipsec_sas_installed(a, 5, 6, 7, 8); + assert_hook(); + + /* INFORMATIONAL { D } --> */ + assert_hook_not_called(child_rekey); + assert_single_payload(IN, PLV2_DELETE); + exchange_test_helper->process_message(exchange_test_helper, b, NULL); + assert_child_sa_state(b, 6, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 8, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); + assert_child_sa_count(b, 2); + assert_ipsec_sas_installed(b, 6, 7, 8); + assert_hook(); + + /* <-- INFORMATIONAL { D } */ + assert_hook_not_called(child_rekey); + assert_single_payload(IN, PLV2_DELETE); + exchange_test_helper->process_message(exchange_test_helper, a, NULL); + assert_child_sa_state(a, 5, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 7, CHILD_INSTALLED); + assert_child_sa_count(a, 2); + assert_ipsec_sas_installed(a, 5, 7, 8); + assert_hook(); + + /* simulate the execution of the scheduled jobs */ + destroy_rekeyed(a, 5); + assert_child_sa_count(a, 1); + assert_ipsec_sas_installed(a, 7, 8); + destroy_rekeyed(b, 6); + assert_child_sa_count(b, 1); + assert_ipsec_sas_installed(b, 7, 8); + + /* child_updown */ + assert_hook(); + call_ikesa(a, destroy); call_ikesa(b, destroy); } diff --git a/src/libcharon/tests/suites/test_ike_rekey.c b/src/libcharon/tests/suites/test_ike_rekey.c index ba39657a4..e22a0c288 100644 --- a/src/libcharon/tests/suites/test_ike_rekey.c +++ b/src/libcharon/tests/suites/test_ike_rekey.c @@ -138,6 +138,8 @@ START_TEST(test_regular_ke_invalid) lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals", TRUE, lib->ns); + lib->settings->set_bool(lib->settings, "%s.prefer_previous_dh_group", + FALSE, lib->ns); initiate_rekey(a); @@ -382,6 +384,8 @@ START_TEST(test_collision_ke_invalid) lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals", TRUE, lib->ns); + lib->settings->set_bool(lib->settings, "%s.prefer_previous_dh_group", + FALSE, lib->ns); /* Six nonces and SPIs are needed (SPI 1 and 2 are used for the initial * IKE_SA): @@ -591,6 +595,8 @@ START_TEST(test_collision_ke_invalid_delayed_retry) lib->settings->set_bool(lib->settings, "%s.prefer_configured_proposals", TRUE, lib->ns); + lib->settings->set_bool(lib->settings, "%s.prefer_previous_dh_group", + FALSE, lib->ns); /* Five nonces and SPIs are needed (SPI 1 and 2 are used for the initial * IKE_SA): diff --git a/src/libcharon/tests/suites/test_proposal.c b/src/libcharon/tests/suites/test_proposal.c deleted file mode 100644 index f1591794a..000000000 --- a/src/libcharon/tests/suites/test_proposal.c +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright (C) 2016 Tobias Brunner - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -static struct { - protocol_id_t proto; - char *proposal; - char *expected; -} create_data[] = { - { PROTO_IKE, "", NULL }, - { PROTO_IKE, "sha256", NULL }, - { PROTO_IKE, "sha256-modp3072", NULL }, - { PROTO_IKE, "null-sha256-modp3072", "IKE:NULL/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" }, - { PROTO_IKE, "aes128", NULL }, - { PROTO_IKE, "aes128-sha256", NULL }, - { PROTO_IKE, "aes128-sha256-modpnone", NULL }, - { PROTO_IKE, "aes128-sha256-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" }, - { PROTO_IKE, "aes128-sha256-prfsha384-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/MODP_3072" }, - { PROTO_IKE, "aes128gcm16-modp3072", NULL }, - { PROTO_IKE, "aes128gcm16-prfsha256-modp3072", "IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_3072" }, - { PROTO_IKE, "aes128gcm16-sha256-modp3072", "IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_3072" }, - { PROTO_IKE, "aes128gcm16-aes128-modp3072", NULL }, - { PROTO_IKE, "aes128gcm16-aes128-sha256-modp3072", NULL }, - { PROTO_ESP, "", NULL }, - { PROTO_ESP, "sha256", NULL }, - { PROTO_ESP, "aes128-sha256", "ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_ESP, "aes128-sha256-esn", "ESP:AES_CBC_128/HMAC_SHA2_256_128/EXT_SEQ" }, - { PROTO_ESP, "aes128-sha256-noesn", "ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_ESP, "aes128-sha256-esn-noesn", "ESP:AES_CBC_128/HMAC_SHA2_256_128/EXT_SEQ/NO_EXT_SEQ" }, - { PROTO_ESP, "aes128-sha256-prfsha256-modp3072", "ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_3072/NO_EXT_SEQ" }, - { PROTO_ESP, "aes128gcm16-aes128-sha256-modp3072", NULL }, - { PROTO_ESP, "aes128gmac", "ESP:NULL_AES_GMAC_128/NO_EXT_SEQ" }, - { PROTO_AH, "", NULL }, - { PROTO_AH, "aes128", NULL }, - { PROTO_AH, "aes128-sha256", "AH:HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_AH, "sha256-sha1", "AH:HMAC_SHA2_256_128/HMAC_SHA1_96/NO_EXT_SEQ" }, - { PROTO_AH, "aes128gmac-sha256", "AH:AES_128_GMAC/HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_AH, "aes128gmac-sha256-prfsha256", "AH:AES_128_GMAC/HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_AH, "aes128gmac-aes256gmac-aes128-sha256", "AH:AES_128_GMAC/AES_256_GMAC/HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_AH, "sha256-esn", "AH:HMAC_SHA2_256_128/EXT_SEQ" }, - { PROTO_AH, "sha256-noesn", "AH:HMAC_SHA2_256_128/NO_EXT_SEQ" }, - { PROTO_AH, "sha256-esn-noesn", "AH:HMAC_SHA2_256_128/EXT_SEQ/NO_EXT_SEQ" }, -}; - -START_TEST(test_create_from_string) -{ - proposal_t *proposal; - char str[BUF_LEN]; - - proposal = proposal_create_from_string(create_data[_i].proto, - create_data[_i].proposal); - if (!create_data[_i].expected) - { - ck_assert(!proposal); - return; - } - snprintf(str, sizeof(str), "%P", proposal); - ck_assert_str_eq(create_data[_i].expected, str); - proposal->destroy(proposal); -} -END_TEST - -static struct { - protocol_id_t proto; - char *self; - char *other; - char *expected; -} select_data[] = { - { PROTO_ESP, "aes128", "aes128", "aes128" }, - { PROTO_ESP, "aes128", "aes256", NULL }, - { PROTO_ESP, "aes128-aes256", "aes256-aes128", "aes128" }, - { PROTO_ESP, "aes256-aes128", "aes128-aes256", "aes256" }, - { PROTO_ESP, "aes128-aes256-sha1-sha256", "aes256-aes128-sha256-sha1", "aes128-sha1" }, - { PROTO_ESP, "aes256-aes128-sha256-sha1", "aes128-aes256-sha1-sha256", "aes256-sha256" }, - { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256", NULL }, - { PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072", NULL }, - { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-modpnone", NULL }, - { PROTO_ESP, "aes128-sha256-modpnone", "aes128-sha256-modp3072", NULL }, - { PROTO_ESP, "aes128-sha256-modp3072-modpnone", "aes128-sha256", "aes128-sha256" }, - { PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072-modpnone", "aes128-sha256" }, - { PROTO_ESP, "aes128-sha256-modp3072-modpnone", "aes128-sha256-modpnone-modp3072", "aes128-sha256-modp3072" }, - { PROTO_ESP, "aes128-sha256-modpnone-modp3072", "aes128-sha256-modp3072-modpnone", "aes128-sha256-modpnone" }, - { PROTO_IKE, "aes128-sha256-modp3072", "aes128-sha256-modp3072", "aes128-sha256-modp3072" }, - { PROTO_IKE, "aes128-sha256-modp3072", "aes128-sha256-modp3072-modpnone", "aes128-sha256-modp3072" }, - { PROTO_IKE, "aes128-sha256-modp3072-modpnone", "aes128-sha256-modp3072", "aes128-sha256-modp3072" }, -}; - -START_TEST(test_select) -{ - proposal_t *self, *other, *selected, *expected; - - self = proposal_create_from_string(select_data[_i].proto, - select_data[_i].self); - other = proposal_create_from_string(select_data[_i].proto, - select_data[_i].other); - selected = self->select(self, other, TRUE, FALSE); - if (select_data[_i].expected) - { - expected = proposal_create_from_string(select_data[_i].proto, - select_data[_i].expected); - ck_assert(selected); - ck_assert_msg(expected->equals(expected, selected), "proposal %P does " - "not match expected %P", selected, expected); - expected->destroy(expected); - } - else - { - ck_assert(!selected); - } - DESTROY_IF(selected); - other->destroy(other); - self->destroy(self); -} -END_TEST - -START_TEST(test_select_spi) -{ - proposal_t *self, *other, *selected; - - self = proposal_create_from_string(PROTO_ESP, "aes128-sha256-modp3072"); - other = proposal_create_from_string(PROTO_ESP, "aes128-sha256-modp3072"); - other->set_spi(other, 0x12345678); - - selected = self->select(self, other, TRUE, FALSE); - ck_assert(selected); - ck_assert_int_eq(selected->get_spi(selected), other->get_spi(other)); - selected->destroy(selected); - - selected = self->select(self, other, FALSE, FALSE); - ck_assert(selected); - ck_assert_int_eq(selected->get_spi(selected), self->get_spi(self)); - selected->destroy(selected); - - other->destroy(other); - self->destroy(self); -} -END_TEST - -Suite *proposal_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("proposal"); - - tc = tcase_create("create_from_string"); - tcase_add_loop_test(tc, test_create_from_string, 0, countof(create_data)); - suite_add_tcase(s, tc); - - tc = tcase_create("select"); - tcase_add_loop_test(tc, test_select, 0, countof(select_data)); - tcase_add_test(tc, test_select_spi); - suite_add_tcase(s, tc); - - return s; -} -- cgit v1.2.3 From 51a71ee15c1bcf0e82f363a16898f571e211f9c3 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Mon, 4 Jun 2018 09:59:21 +0200 Subject: New upstream version 5.6.3 --- Android.common.mk | 2 +- NEWS | 64 +- conf/plugins/dhcp.conf | 3 +- conf/plugins/dhcp.opt | 3 +- conf/plugins/kernel-pfkey.conf | 3 + conf/plugins/kernel-pfkey.opt | 10 + conf/strongswan.conf.5.main | 12 +- conf/strongswan.conf.5.tail.in | 2 +- configure | 23 +- configure.ac | 3 +- fuzz/Makefile.am | 5 +- fuzz/Makefile.in | 5 +- man/ipsec.conf.5.in | 8 - scripts/aes-test.c | 2 +- scripts/bin2array.c | 2 +- scripts/bin2sql.c | 2 +- scripts/dh_speed.c | 2 +- scripts/dnssec.c | 2 +- scripts/id2sql.c | 2 +- scripts/key2keyid.c | 2 +- scripts/keyid2sql.c | 2 +- scripts/pubkey_speed.c | 2 +- scripts/settings-test.c | 2 +- scripts/thread_analysis.c | 2 +- src/_updown/_updown.in | 4 - src/charon-cmd/charon-cmd.c | 2 +- src/charon-cmd/cmd/cmd_connection.c | 2 +- src/charon-cmd/cmd/cmd_creds.c | 2 +- src/charon-cmd/cmd/cmd_options.c | 2 +- src/charon-cmd/cmd/cmd_options.h | 2 +- src/charon-nm/charon-nm.c | 2 +- src/charon-nm/nm/nm_backend.c | 2 +- src/charon-nm/nm/nm_backend.h | 2 +- src/charon-nm/nm/nm_creds.c | 2 +- src/charon-nm/nm/nm_creds.h | 2 +- src/charon-nm/nm/nm_handler.c | 2 +- src/charon-nm/nm/nm_handler.h | 2 +- src/charon-nm/nm/nm_service.c | 9 +- src/charon-nm/nm/nm_service.h | 2 +- src/charon-systemd/charon-systemd.c | 2 +- src/charon-tkm/src/charon-tkm.c | 2 +- src/charon-tkm/src/ees/ees_callbacks.c | 2 +- src/charon-tkm/src/ees/ees_callbacks.h | 2 +- src/charon-tkm/src/ees/esa_event_service.adb | 2 +- src/charon-tkm/src/ees/esa_event_service.ads | 2 +- src/charon-tkm/src/ehandler/eh_callbacks.c | 2 +- src/charon-tkm/src/ehandler/eh_callbacks.h | 2 +- src/charon-tkm/src/ehandler/exception_handler.adb | 2 +- src/charon-tkm/src/ehandler/exception_handler.ads | 2 +- src/charon-tkm/src/tkm/tkm.c | 2 +- src/charon-tkm/src/tkm/tkm.h | 2 +- src/charon-tkm/src/tkm/tkm_chunk_map.c | 2 +- src/charon-tkm/src/tkm/tkm_chunk_map.h | 2 +- src/charon-tkm/src/tkm/tkm_cred.c | 2 +- src/charon-tkm/src/tkm/tkm_cred.h | 2 +- src/charon-tkm/src/tkm/tkm_diffie_hellman.c | 2 +- src/charon-tkm/src/tkm/tkm_diffie_hellman.h | 2 +- src/charon-tkm/src/tkm/tkm_encoder.c | 2 +- src/charon-tkm/src/tkm/tkm_encoder.h | 2 +- src/charon-tkm/src/tkm/tkm_id_manager.c | 2 +- src/charon-tkm/src/tkm/tkm_id_manager.h | 2 +- src/charon-tkm/src/tkm/tkm_kernel_ipsec.h | 2 +- src/charon-tkm/src/tkm/tkm_kernel_sad.c | 2 +- src/charon-tkm/src/tkm/tkm_kernel_sad.h | 2 +- src/charon-tkm/src/tkm/tkm_keymat.c | 2 +- src/charon-tkm/src/tkm/tkm_keymat.h | 2 +- src/charon-tkm/src/tkm/tkm_listener.c | 2 +- src/charon-tkm/src/tkm/tkm_listener.h | 2 +- src/charon-tkm/src/tkm/tkm_nonceg.c | 2 +- src/charon-tkm/src/tkm/tkm_nonceg.h | 2 +- src/charon-tkm/src/tkm/tkm_private_key.c | 2 +- src/charon-tkm/src/tkm/tkm_private_key.h | 2 +- src/charon-tkm/src/tkm/tkm_public_key.c | 2 +- src/charon-tkm/src/tkm/tkm_public_key.h | 2 +- src/charon-tkm/src/tkm/tkm_spi_generator.c | 2 +- src/charon-tkm/src/tkm/tkm_spi_generator.h | 2 +- src/charon-tkm/src/tkm/tkm_types.h | 2 +- src/charon-tkm/src/tkm/tkm_utils.c | 2 +- src/charon-tkm/src/tkm/tkm_utils.h | 2 +- src/charon-tkm/tests/chunk_map_tests.c | 2 +- src/charon-tkm/tests/diffie_hellman_tests.c | 2 +- src/charon-tkm/tests/id_manager_tests.c | 2 +- src/charon-tkm/tests/kernel_sad_tests.c | 2 +- src/charon-tkm/tests/keymat_tests.c | 2 +- src/charon-tkm/tests/nonceg_tests.c | 2 +- src/charon-tkm/tests/tests.c | 2 +- src/charon-tkm/tests/tests.h | 2 +- src/charon-tkm/tests/utils_tests.c | 2 +- src/charon/charon.c | 14 +- src/checksum/checksum_builder.c | 2 +- src/conftest/actions.c | 3 +- src/dumm/bridge.c | 2 +- src/dumm/bridge.h | 2 +- src/dumm/cowfs.c | 2 +- src/dumm/cowfs.h | 2 +- src/dumm/dumm.c | 2 +- src/dumm/dumm.h | 2 +- src/dumm/ext/dumm.c | 2 +- src/dumm/ext/lib/dumm.rb | 2 +- src/dumm/ext/lib/dumm/guest.rb | 2 +- src/dumm/guest.c | 2 +- src/dumm/guest.h | 2 +- src/dumm/iface.c | 2 +- src/dumm/iface.h | 2 +- src/dumm/irdumm.c | 2 +- src/dumm/main.c | 2 +- src/dumm/mconsole.c | 2 +- src/dumm/mconsole.h | 2 +- src/ipsec/_ipsec.8 | 2 +- src/libcharon/Makefile.am | 8 + src/libcharon/Makefile.in | 15 +- src/libcharon/attributes/attribute_handler.h | 2 +- src/libcharon/attributes/attribute_manager.c | 2 +- src/libcharon/attributes/attribute_manager.h | 2 +- src/libcharon/attributes/attribute_provider.h | 2 +- src/libcharon/attributes/attributes.c | 2 +- src/libcharon/attributes/attributes.h | 2 +- src/libcharon/attributes/mem_pool.c | 2 +- src/libcharon/attributes/mem_pool.h | 2 +- src/libcharon/bus/bus.c | 5 +- src/libcharon/bus/bus.h | 2 +- src/libcharon/bus/listeners/file_logger.c | 2 +- src/libcharon/bus/listeners/file_logger.h | 2 +- src/libcharon/bus/listeners/listener.h | 2 +- src/libcharon/bus/listeners/logger.h | 2 +- src/libcharon/bus/listeners/sys_logger.c | 2 +- src/libcharon/bus/listeners/sys_logger.h | 2 +- src/libcharon/config/backend.h | 2 +- src/libcharon/config/backend_manager.c | 2 +- src/libcharon/config/backend_manager.h | 2 +- src/libcharon/config/child_cfg.c | 13 + src/libcharon/config/child_cfg.h | 16 +- src/libcharon/config/ike_cfg.c | 2 +- src/libcharon/config/ike_cfg.h | 2 +- src/libcharon/control/controller.c | 51 +- src/libcharon/control/controller.h | 9 +- src/libcharon/daemon.h | 2 +- src/libcharon/encoding/generator.c | 2 +- src/libcharon/encoding/generator.h | 2 +- src/libcharon/encoding/message.c | 2 +- src/libcharon/encoding/message.h | 2 +- src/libcharon/encoding/parser.c | 2 +- src/libcharon/encoding/parser.h | 2 +- src/libcharon/encoding/payloads/auth_payload.c | 2 +- src/libcharon/encoding/payloads/auth_payload.h | 2 +- src/libcharon/encoding/payloads/cert_payload.c | 2 +- src/libcharon/encoding/payloads/cert_payload.h | 2 +- src/libcharon/encoding/payloads/certreq_payload.c | 2 +- src/libcharon/encoding/payloads/certreq_payload.h | 2 +- .../encoding/payloads/configuration_attribute.c | 2 +- .../encoding/payloads/configuration_attribute.h | 2 +- src/libcharon/encoding/payloads/cp_payload.c | 2 +- src/libcharon/encoding/payloads/cp_payload.h | 2 +- src/libcharon/encoding/payloads/delete_payload.c | 2 +- src/libcharon/encoding/payloads/delete_payload.h | 2 +- src/libcharon/encoding/payloads/eap_payload.c | 2 +- src/libcharon/encoding/payloads/eap_payload.h | 2 +- src/libcharon/encoding/payloads/encodings.c | 2 +- src/libcharon/encoding/payloads/encodings.h | 2 +- .../encoding/payloads/encrypted_fragment_payload.h | 2 +- .../encoding/payloads/encrypted_payload.c | 2 +- .../encoding/payloads/encrypted_payload.h | 2 +- src/libcharon/encoding/payloads/endpoint_notify.c | 2 +- src/libcharon/encoding/payloads/endpoint_notify.h | 2 +- src/libcharon/encoding/payloads/fragment_payload.c | 2 +- src/libcharon/encoding/payloads/fragment_payload.h | 2 +- src/libcharon/encoding/payloads/id_payload.c | 2 +- src/libcharon/encoding/payloads/id_payload.h | 2 +- src/libcharon/encoding/payloads/ike_header.c | 2 +- src/libcharon/encoding/payloads/ike_header.h | 2 +- src/libcharon/encoding/payloads/ke_payload.c | 2 +- src/libcharon/encoding/payloads/ke_payload.h | 2 +- src/libcharon/encoding/payloads/nonce_payload.c | 2 +- src/libcharon/encoding/payloads/nonce_payload.h | 2 +- src/libcharon/encoding/payloads/notify_payload.c | 2 +- src/libcharon/encoding/payloads/notify_payload.h | 2 +- src/libcharon/encoding/payloads/payload.c | 2 +- src/libcharon/encoding/payloads/payload.h | 2 +- .../encoding/payloads/proposal_substructure.c | 2 +- .../encoding/payloads/proposal_substructure.h | 2 +- src/libcharon/encoding/payloads/sa_payload.c | 2 +- src/libcharon/encoding/payloads/sa_payload.h | 2 +- .../payloads/traffic_selector_substructure.c | 2 +- .../payloads/traffic_selector_substructure.h | 2 +- .../encoding/payloads/transform_attribute.c | 2 +- .../encoding/payloads/transform_attribute.h | 2 +- .../encoding/payloads/transform_substructure.c | 2 +- .../encoding/payloads/transform_substructure.h | 2 +- src/libcharon/encoding/payloads/ts_payload.c | 2 +- src/libcharon/encoding/payloads/ts_payload.h | 2 +- src/libcharon/encoding/payloads/unknown_payload.c | 2 +- src/libcharon/encoding/payloads/unknown_payload.h | 2 +- .../encoding/payloads/vendor_id_payload.c | 2 +- .../encoding/payloads/vendor_id_payload.h | 2 +- src/libcharon/kernel/kernel_handler.c | 2 +- src/libcharon/kernel/kernel_handler.h | 2 +- src/libcharon/kernel/kernel_ipsec.c | 2 +- src/libcharon/kernel/kernel_ipsec.h | 4 +- src/libcharon/kernel/kernel_listener.h | 2 +- src/libcharon/network/receiver.c | 2 +- src/libcharon/network/receiver.h | 2 +- src/libcharon/network/sender.c | 2 +- src/libcharon/network/sender.h | 2 +- src/libcharon/network/socket.h | 2 +- src/libcharon/network/socket_manager.c | 2 +- src/libcharon/network/socket_manager.h | 2 +- src/libcharon/plugins/addrblock/addrblock_narrow.c | 2 +- .../plugins/addrblock/addrblock_validator.c | 7 +- .../plugins/android_dns/android_dns_handler.c | 2 +- .../plugins/android_dns/android_dns_handler.h | 2 +- .../plugins/android_dns/android_dns_plugin.c | 2 +- .../plugins/android_dns/android_dns_plugin.h | 2 +- .../plugins/android_log/android_log_logger.c | 2 +- .../plugins/android_log/android_log_logger.h | 2 +- .../plugins/android_log/android_log_plugin.c | 2 +- .../plugins/android_log/android_log_plugin.h | 2 +- src/libcharon/plugins/attr/attr_plugin.c | 2 +- src/libcharon/plugins/attr/attr_plugin.h | 2 +- src/libcharon/plugins/attr/attr_provider.c | 2 +- src/libcharon/plugins/attr/attr_provider.h | 2 +- src/libcharon/plugins/attr_sql/attr_sql_plugin.c | 2 +- src/libcharon/plugins/attr_sql/attr_sql_plugin.h | 2 +- src/libcharon/plugins/attr_sql/attr_sql_provider.c | 2 +- src/libcharon/plugins/attr_sql/attr_sql_provider.h | 2 +- src/libcharon/plugins/connmark/connmark_listener.c | 2 +- src/libcharon/plugins/dhcp/dhcp_plugin.c | 2 +- src/libcharon/plugins/dhcp/dhcp_socket.c | 79 +- src/libcharon/plugins/dhcp/dhcp_transaction.h | 6 +- src/libcharon/plugins/dnscert/dnscert_cred.c | 2 +- src/libcharon/plugins/dnscert/dnscert_plugin.c | 2 +- src/libcharon/plugins/eap_aka/eap_aka_peer.c | 2 +- src/libcharon/plugins/eap_aka/eap_aka_peer.h | 2 +- src/libcharon/plugins/eap_aka/eap_aka_plugin.c | 2 +- src/libcharon/plugins/eap_aka/eap_aka_plugin.h | 2 +- src/libcharon/plugins/eap_aka/eap_aka_server.c | 2 +- src/libcharon/plugins/eap_aka/eap_aka_server.h | 2 +- src/libcharon/plugins/eap_aka_3gpp/Makefile.am | 17 +- src/libcharon/plugins/eap_aka_3gpp/Makefile.in | 43 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_card.c | 2 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_card.h | 2 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_functions.h | 2 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.c | 2 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.h | 2 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_provider.c | 2 +- .../plugins/eap_aka_3gpp/eap_aka_3gpp_provider.h | 2 +- .../plugins/eap_aka_3gpp/tests/Makefile.am | 24 + .../plugins/eap_aka_3gpp/tests/Makefile.in | 899 +++++++++++++++++++++ .../eap_aka_3gpp/tests/suites/test_vectors.c | 210 +++++ src/libcharon/plugins/eap_aka_3gpp/tests/tests.c | 63 ++ src/libcharon/plugins/eap_aka_3gpp/tests/tests.h | 16 + .../plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c | 2 +- .../plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h | 2 +- .../eap_aka_3gpp2/eap_aka_3gpp2_functions.c | 2 +- .../eap_aka_3gpp2/eap_aka_3gpp2_functions.h | 2 +- .../plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c | 2 +- .../plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h | 2 +- .../plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c | 2 +- .../plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h | 2 +- src/libcharon/plugins/eap_dynamic/eap_dynamic.c | 2 +- src/libcharon/plugins/eap_dynamic/eap_dynamic.h | 2 +- .../plugins/eap_dynamic/eap_dynamic_plugin.c | 2 +- .../plugins/eap_dynamic/eap_dynamic_plugin.h | 2 +- src/libcharon/plugins/eap_gtc/eap_gtc.c | 2 +- src/libcharon/plugins/eap_gtc/eap_gtc.h | 2 +- src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c | 2 +- src/libcharon/plugins/eap_gtc/eap_gtc_plugin.h | 2 +- src/libcharon/plugins/eap_identity/eap_identity.c | 2 +- src/libcharon/plugins/eap_identity/eap_identity.h | 2 +- .../plugins/eap_identity/eap_identity_plugin.c | 2 +- .../plugins/eap_identity/eap_identity_plugin.h | 2 +- src/libcharon/plugins/eap_md5/eap_md5.c | 2 +- src/libcharon/plugins/eap_md5/eap_md5.h | 2 +- src/libcharon/plugins/eap_md5/eap_md5_plugin.c | 2 +- src/libcharon/plugins/eap_md5/eap_md5_plugin.h | 2 +- src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c | 2 +- src/libcharon/plugins/eap_mschapv2/eap_mschapv2.h | 2 +- .../plugins/eap_mschapv2/eap_mschapv2_plugin.c | 2 +- .../plugins/eap_mschapv2/eap_mschapv2_plugin.h | 2 +- src/libcharon/plugins/eap_peap/eap_peap.c | 7 +- src/libcharon/plugins/eap_peap/eap_peap.h | 2 +- src/libcharon/plugins/eap_peap/eap_peap_avp.c | 2 +- src/libcharon/plugins/eap_peap/eap_peap_avp.h | 2 +- src/libcharon/plugins/eap_peap/eap_peap_peer.c | 2 +- src/libcharon/plugins/eap_peap/eap_peap_peer.h | 2 +- src/libcharon/plugins/eap_peap/eap_peap_plugin.c | 2 +- src/libcharon/plugins/eap_peap/eap_peap_plugin.h | 2 +- src/libcharon/plugins/eap_peap/eap_peap_server.c | 2 +- src/libcharon/plugins/eap_peap/eap_peap_server.h | 2 +- src/libcharon/plugins/eap_radius/eap_radius.h | 2 +- .../plugins/eap_radius/eap_radius_forward.h | 2 +- .../plugins/eap_radius/eap_radius_plugin.c | 2 +- .../plugins/eap_radius/eap_radius_plugin.h | 4 +- src/libcharon/plugins/eap_sim/eap_sim_peer.c | 2 +- src/libcharon/plugins/eap_sim/eap_sim_peer.h | 2 +- src/libcharon/plugins/eap_sim/eap_sim_plugin.c | 2 +- src/libcharon/plugins/eap_sim/eap_sim_plugin.h | 2 +- src/libcharon/plugins/eap_sim/eap_sim_server.c | 2 +- src/libcharon/plugins/eap_sim/eap_sim_server.h | 2 +- .../plugins/eap_sim_file/eap_sim_file_card.c | 2 +- .../plugins/eap_sim_file/eap_sim_file_card.h | 2 +- .../plugins/eap_sim_file/eap_sim_file_plugin.c | 2 +- .../plugins/eap_sim_file/eap_sim_file_plugin.h | 2 +- .../plugins/eap_sim_file/eap_sim_file_provider.c | 2 +- .../plugins/eap_sim_file/eap_sim_file_provider.h | 2 +- .../plugins/eap_sim_file/eap_sim_file_triplets.c | 2 +- .../plugins/eap_sim_file/eap_sim_file_triplets.h | 2 +- .../eap_simaka_pseudonym_card.h | 2 +- .../eap_simaka_pseudonym_plugin.c | 2 +- .../eap_simaka_pseudonym_plugin.h | 2 +- .../eap_simaka_pseudonym_provider.c | 2 +- .../eap_simaka_pseudonym_provider.h | 2 +- .../eap_simaka_reauth/eap_simaka_reauth_card.c | 2 +- .../eap_simaka_reauth/eap_simaka_reauth_card.h | 2 +- .../eap_simaka_reauth/eap_simaka_reauth_plugin.c | 2 +- .../eap_simaka_reauth/eap_simaka_reauth_plugin.h | 2 +- .../eap_simaka_reauth/eap_simaka_reauth_provider.c | 2 +- .../eap_simaka_reauth/eap_simaka_reauth_provider.h | 2 +- src/libcharon/plugins/eap_tnc/eap_tnc.h | 2 +- src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c | 2 +- src/libcharon/plugins/eap_tnc/eap_tnc_plugin.h | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls.c | 7 +- src/libcharon/plugins/eap_ttls/eap_ttls.h | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_avp.c | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_avp.h | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_peer.c | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_peer.h | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_plugin.c | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_plugin.h | 2 +- src/libcharon/plugins/eap_ttls/eap_ttls_server.h | 2 +- src/libcharon/plugins/forecast/forecast_listener.c | 2 +- src/libcharon/plugins/ha/ha_child.c | 2 +- src/libcharon/plugins/ha/ha_child.h | 2 +- src/libcharon/plugins/ha/ha_ctl.c | 2 +- src/libcharon/plugins/ha/ha_ctl.h | 2 +- src/libcharon/plugins/ha/ha_dispatcher.c | 2 +- src/libcharon/plugins/ha/ha_dispatcher.h | 2 +- src/libcharon/plugins/ha/ha_ike.c | 2 +- src/libcharon/plugins/ha/ha_ike.h | 2 +- src/libcharon/plugins/ha/ha_kernel.c | 2 +- src/libcharon/plugins/ha/ha_kernel.h | 2 +- src/libcharon/plugins/ha/ha_message.c | 4 +- src/libcharon/plugins/ha/ha_message.h | 2 +- src/libcharon/plugins/ha/ha_plugin.c | 2 +- src/libcharon/plugins/ha/ha_plugin.h | 2 +- src/libcharon/plugins/ha/ha_segments.c | 2 +- src/libcharon/plugins/ha/ha_segments.h | 2 +- src/libcharon/plugins/ha/ha_socket.h | 2 +- src/libcharon/plugins/ha/ha_tunnel.c | 15 +- src/libcharon/plugins/ha/ha_tunnel.h | 2 +- src/libcharon/plugins/ipseckey/ipseckey.c | 2 +- src/libcharon/plugins/ipseckey/ipseckey.h | 2 +- src/libcharon/plugins/ipseckey/ipseckey_cred.c | 2 +- src/libcharon/plugins/ipseckey/ipseckey_cred.h | 2 +- src/libcharon/plugins/ipseckey/ipseckey_plugin.c | 2 +- src/libcharon/plugins/ipseckey/ipseckey_plugin.h | 2 +- .../kernel_libipsec/kernel_libipsec_ipsec.c | 2 +- .../kernel_libipsec/kernel_libipsec_ipsec.h | 2 +- .../kernel_libipsec/kernel_libipsec_plugin.c | 2 +- .../kernel_libipsec/kernel_libipsec_plugin.h | 2 +- .../kernel_libipsec/kernel_libipsec_router.c | 2 +- .../kernel_libipsec/kernel_libipsec_router.h | 2 +- .../plugins/kernel_netlink/kernel_netlink_ipsec.c | 262 +++++- .../plugins/kernel_netlink/kernel_netlink_ipsec.h | 2 +- .../plugins/kernel_netlink/kernel_netlink_net.c | 188 +++-- .../plugins/kernel_netlink/kernel_netlink_net.h | 2 +- .../plugins/kernel_netlink/kernel_netlink_plugin.c | 2 +- .../plugins/kernel_netlink/kernel_netlink_plugin.h | 2 +- .../plugins/kernel_netlink/kernel_netlink_shared.c | 2 +- .../plugins/kernel_netlink/kernel_netlink_shared.h | 4 +- .../plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 10 +- .../plugins/kernel_pfkey/kernel_pfkey_ipsec.h | 2 +- .../plugins/kernel_pfkey/kernel_pfkey_plugin.c | 2 +- .../plugins/kernel_pfkey/kernel_pfkey_plugin.h | 2 +- .../plugins/kernel_pfroute/kernel_pfroute_net.c | 2 +- .../plugins/kernel_pfroute/kernel_pfroute_net.h | 2 +- .../plugins/kernel_pfroute/kernel_pfroute_plugin.c | 2 +- .../plugins/kernel_pfroute/kernel_pfroute_plugin.h | 2 +- .../plugins/load_tester/load_tester_config.c | 3 +- .../plugins/load_tester/load_tester_config.h | 2 +- .../plugins/load_tester/load_tester_creds.c | 2 +- .../plugins/load_tester/load_tester_creds.h | 2 +- .../load_tester/load_tester_diffie_hellman.c | 2 +- .../load_tester/load_tester_diffie_hellman.h | 2 +- .../plugins/load_tester/load_tester_ipsec.c | 2 +- .../plugins/load_tester/load_tester_ipsec.h | 2 +- .../plugins/load_tester/load_tester_listener.c | 2 +- .../plugins/load_tester/load_tester_listener.h | 2 +- .../plugins/load_tester/load_tester_plugin.c | 2 +- .../plugins/load_tester/load_tester_plugin.h | 2 +- src/libcharon/plugins/medcli/medcli_config.c | 2 +- src/libcharon/plugins/medcli/medcli_config.h | 2 +- src/libcharon/plugins/medcli/medcli_creds.c | 2 +- src/libcharon/plugins/medcli/medcli_creds.h | 2 +- src/libcharon/plugins/medcli/medcli_listener.c | 2 +- src/libcharon/plugins/medcli/medcli_listener.h | 2 +- src/libcharon/plugins/medcli/medcli_plugin.c | 2 +- src/libcharon/plugins/medcli/medcli_plugin.h | 2 +- src/libcharon/plugins/medsrv/medsrv_config.c | 2 +- src/libcharon/plugins/medsrv/medsrv_config.h | 2 +- src/libcharon/plugins/medsrv/medsrv_creds.c | 2 +- src/libcharon/plugins/medsrv/medsrv_creds.h | 2 +- src/libcharon/plugins/medsrv/medsrv_plugin.c | 2 +- src/libcharon/plugins/medsrv/medsrv_plugin.h | 2 +- src/libcharon/plugins/p_cscf/p_cscf_handler.c | 2 +- src/libcharon/plugins/p_cscf/p_cscf_handler.h | 2 +- src/libcharon/plugins/p_cscf/p_cscf_plugin.c | 2 +- src/libcharon/plugins/p_cscf/p_cscf_plugin.h | 2 +- src/libcharon/plugins/resolve/resolve_handler.h | 2 +- src/libcharon/plugins/resolve/resolve_plugin.c | 2 +- src/libcharon/plugins/resolve/resolve_plugin.h | 2 +- src/libcharon/plugins/smp/smp.c | 4 +- src/libcharon/plugins/smp/smp.h | 2 +- .../plugins/socket_default/socket_default_plugin.c | 2 +- .../plugins/socket_default/socket_default_socket.c | 2 +- .../plugins/socket_dynamic/socket_dynamic_plugin.c | 2 +- .../plugins/socket_dynamic/socket_dynamic_socket.c | 2 +- src/libcharon/plugins/sql/sql_config.c | 2 +- src/libcharon/plugins/sql/sql_config.h | 2 +- src/libcharon/plugins/sql/sql_cred.c | 2 +- src/libcharon/plugins/sql/sql_cred.h | 2 +- src/libcharon/plugins/sql/sql_logger.c | 2 +- src/libcharon/plugins/sql/sql_logger.h | 2 +- src/libcharon/plugins/sql/sql_plugin.c | 2 +- src/libcharon/plugins/sql/sql_plugin.h | 2 +- src/libcharon/plugins/stroke/stroke_attribute.c | 2 +- src/libcharon/plugins/stroke/stroke_attribute.h | 2 +- src/libcharon/plugins/stroke/stroke_ca.c | 2 +- src/libcharon/plugins/stroke/stroke_ca.h | 2 +- src/libcharon/plugins/stroke/stroke_config.c | 2 +- src/libcharon/plugins/stroke/stroke_config.h | 2 +- src/libcharon/plugins/stroke/stroke_control.c | 91 +-- src/libcharon/plugins/stroke/stroke_control.h | 2 +- src/libcharon/plugins/stroke/stroke_cred.h | 2 +- src/libcharon/plugins/stroke/stroke_list.c | 2 +- src/libcharon/plugins/stroke/stroke_list.h | 2 +- src/libcharon/plugins/stroke/stroke_plugin.c | 2 +- src/libcharon/plugins/stroke/stroke_plugin.h | 2 +- src/libcharon/plugins/stroke/stroke_socket.c | 5 + src/libcharon/plugins/stroke/stroke_socket.h | 2 +- src/libcharon/plugins/uci/uci_config.c | 2 +- src/libcharon/plugins/uci/uci_config.h | 2 +- src/libcharon/plugins/uci/uci_control.c | 4 +- src/libcharon/plugins/uci/uci_control.h | 2 +- src/libcharon/plugins/uci/uci_creds.c | 2 +- src/libcharon/plugins/uci/uci_creds.h | 2 +- src/libcharon/plugins/uci/uci_parser.c | 2 +- src/libcharon/plugins/uci/uci_parser.h | 2 +- src/libcharon/plugins/uci/uci_plugin.c | 2 +- src/libcharon/plugins/uci/uci_plugin.h | 2 +- src/libcharon/plugins/unity/unity_handler.c | 2 +- src/libcharon/plugins/unity/unity_narrow.c | 2 +- src/libcharon/plugins/unity/unity_provider.c | 2 +- src/libcharon/plugins/updown/updown_listener.h | 2 +- src/libcharon/plugins/updown/updown_plugin.c | 2 +- src/libcharon/plugins/updown/updown_plugin.h | 2 +- src/libcharon/plugins/vici/README.md | 4 +- .../vici/perl/Vici-Session/lib/Vici/Transport.pm | 23 +- src/libcharon/plugins/vici/ruby/Makefile.in | 2 +- src/libcharon/plugins/vici/suites/test_message.c | 2 +- src/libcharon/plugins/vici/vici_attribute.c | 2 +- src/libcharon/plugins/vici/vici_config.c | 96 +-- src/libcharon/plugins/vici/vici_control.c | 95 +-- src/libcharon/plugins/vici/vici_message.c | 2 +- src/libcharon/plugins/vici/vici_message.h | 2 +- .../plugins/xauth_generic/xauth_generic.c | 2 +- .../plugins/xauth_generic/xauth_generic.h | 2 +- .../plugins/xauth_generic/xauth_generic_plugin.c | 2 +- .../plugins/xauth_generic/xauth_generic_plugin.h | 2 +- src/libcharon/plugins/xauth_noauth/xauth_noauth.c | 2 +- src/libcharon/plugins/xauth_noauth/xauth_noauth.h | 2 +- .../plugins/xauth_noauth/xauth_noauth_plugin.c | 2 +- .../plugins/xauth_noauth/xauth_noauth_plugin.h | 2 +- src/libcharon/processing/jobs/acquire_job.c | 2 +- src/libcharon/processing/jobs/acquire_job.h | 2 +- src/libcharon/processing/jobs/adopt_children_job.c | 2 +- src/libcharon/processing/jobs/delete_ike_sa_job.c | 4 +- src/libcharon/processing/jobs/delete_ike_sa_job.h | 2 +- src/libcharon/processing/jobs/inactivity_job.c | 4 +- src/libcharon/processing/jobs/inactivity_job.h | 2 +- .../processing/jobs/initiate_mediation_job.c | 2 +- .../processing/jobs/initiate_mediation_job.h | 2 +- src/libcharon/processing/jobs/mediation_job.c | 2 +- src/libcharon/processing/jobs/mediation_job.h | 2 +- src/libcharon/processing/jobs/migrate_job.c | 2 +- src/libcharon/processing/jobs/migrate_job.h | 2 +- .../processing/jobs/process_message_job.c | 2 +- .../processing/jobs/process_message_job.h | 2 +- src/libcharon/processing/jobs/redirect_job.c | 2 +- src/libcharon/processing/jobs/redirect_job.h | 2 +- src/libcharon/processing/jobs/rekey_child_sa_job.c | 2 +- src/libcharon/processing/jobs/rekey_child_sa_job.h | 2 +- src/libcharon/processing/jobs/rekey_ike_sa_job.c | 2 +- src/libcharon/processing/jobs/rekey_ike_sa_job.h | 2 +- src/libcharon/processing/jobs/retransmit_job.c | 2 +- src/libcharon/processing/jobs/retransmit_job.h | 2 +- src/libcharon/processing/jobs/retry_initiate_job.c | 2 +- src/libcharon/processing/jobs/retry_initiate_job.h | 2 +- src/libcharon/processing/jobs/roam_job.c | 2 +- src/libcharon/processing/jobs/roam_job.h | 2 +- src/libcharon/processing/jobs/send_dpd_job.c | 2 +- src/libcharon/processing/jobs/send_dpd_job.h | 2 +- src/libcharon/processing/jobs/send_keepalive_job.c | 2 +- src/libcharon/processing/jobs/send_keepalive_job.h | 2 +- src/libcharon/processing/jobs/start_action_job.c | 2 +- src/libcharon/processing/jobs/update_sa_job.c | 2 +- src/libcharon/processing/jobs/update_sa_job.h | 2 +- src/libcharon/sa/authenticator.c | 2 +- src/libcharon/sa/authenticator.h | 2 +- src/libcharon/sa/child_sa.c | 116 ++- src/libcharon/sa/child_sa.h | 5 + src/libcharon/sa/eap/eap_manager.c | 2 +- src/libcharon/sa/eap/eap_manager.h | 2 +- src/libcharon/sa/eap/eap_method.c | 2 +- src/libcharon/sa/eap/eap_method.h | 2 +- src/libcharon/sa/ike_sa.c | 116 ++- src/libcharon/sa/ike_sa.h | 15 +- src/libcharon/sa/ike_sa_id.c | 2 +- src/libcharon/sa/ike_sa_id.h | 2 +- src/libcharon/sa/ike_sa_manager.c | 17 +- .../ikev1/authenticators/pubkey_v1_authenticator.c | 27 +- src/libcharon/sa/ikev1/iv_manager.c | 2 +- src/libcharon/sa/ikev1/iv_manager.h | 2 +- src/libcharon/sa/ikev1/keymat_v1.c | 2 +- src/libcharon/sa/ikev1/keymat_v1.h | 2 +- src/libcharon/sa/ikev1/tasks/aggressive_mode.c | 2 +- src/libcharon/sa/ikev1/tasks/isakmp_delete.c | 2 +- src/libcharon/sa/ikev1/tasks/isakmp_natd.c | 2 +- src/libcharon/sa/ikev1/tasks/isakmp_natd.h | 2 +- src/libcharon/sa/ikev1/tasks/isakmp_vendor.c | 2 +- src/libcharon/sa/ikev1/tasks/main_mode.c | 2 +- src/libcharon/sa/ikev1/tasks/quick_delete.c | 3 +- src/libcharon/sa/ikev1/tasks/quick_mode.c | 24 +- src/libcharon/sa/ikev1/tasks/quick_mode.h | 2 +- .../sa/ikev2/authenticators/eap_authenticator.c | 2 +- .../sa/ikev2/authenticators/eap_authenticator.h | 2 +- .../sa/ikev2/authenticators/psk_authenticator.c | 2 +- .../sa/ikev2/authenticators/psk_authenticator.h | 2 +- .../sa/ikev2/authenticators/pubkey_authenticator.c | 35 +- .../sa/ikev2/authenticators/pubkey_authenticator.h | 2 +- src/libcharon/sa/ikev2/connect_manager.c | 2 +- src/libcharon/sa/ikev2/connect_manager.h | 2 +- src/libcharon/sa/ikev2/keymat_v2.c | 6 +- src/libcharon/sa/ikev2/keymat_v2.h | 2 +- src/libcharon/sa/ikev2/mediation_manager.c | 2 +- src/libcharon/sa/ikev2/mediation_manager.h | 2 +- src/libcharon/sa/ikev2/task_manager_v2.c | 20 +- src/libcharon/sa/ikev2/tasks/child_create.c | 109 ++- src/libcharon/sa/ikev2/tasks/child_delete.c | 9 +- src/libcharon/sa/ikev2/tasks/child_delete.h | 2 +- src/libcharon/sa/ikev2/tasks/child_rekey.c | 6 +- src/libcharon/sa/ikev2/tasks/ike_auth.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_auth.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_cert_post.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_cert_post.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_cert_pre.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_cert_pre.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_config.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_config.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_delete.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_dpd.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_dpd.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_init.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_me.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_me.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_mobike.h | 4 +- src/libcharon/sa/ikev2/tasks/ike_natd.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_natd.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_reauth.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_reauth.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_redirect.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_redirect.h | 2 +- src/libcharon/sa/ikev2/tasks/ike_rekey.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_vendor.c | 2 +- src/libcharon/sa/ikev2/tasks/ike_vendor.h | 2 +- .../sa/ikev2/tasks/ike_verify_peer_cert.c | 2 +- .../sa/ikev2/tasks/ike_verify_peer_cert.h | 2 +- src/libcharon/sa/keymat.c | 3 +- src/libcharon/sa/keymat.h | 2 +- src/libcharon/sa/redirect_manager.c | 2 +- src/libcharon/sa/redirect_manager.h | 2 +- src/libcharon/sa/redirect_provider.h | 2 +- src/libcharon/sa/shunt_manager.c | 13 +- src/libcharon/sa/shunt_manager.h | 10 +- src/libcharon/sa/task.c | 2 +- src/libcharon/sa/task.h | 2 +- src/libcharon/sa/task_manager.c | 2 +- src/libcharon/sa/trap_manager.c | 64 +- src/libcharon/sa/trap_manager.h | 25 +- src/libcharon/sa/xauth/xauth_method.c | 2 +- src/libcharon/sa/xauth/xauth_method.h | 2 +- src/libcharon/tests/suites/test_child_delete.c | 2 +- src/libcharon/tests/suites/test_child_rekey.c | 84 +- src/libcharon/tests/suites/test_ike_cfg.c | 2 +- src/libcharon/tests/suites/test_ike_delete.c | 6 +- src/libcharon/tests/suites/test_ike_rekey.c | 4 +- src/libcharon/tests/suites/test_mem_pool.c | 2 +- src/libfast/fast_context.h | 2 +- src/libfast/fast_controller.h | 2 +- src/libfast/fast_dispatcher.c | 2 +- src/libfast/fast_dispatcher.h | 4 +- src/libfast/fast_filter.h | 2 +- src/libfast/fast_request.c | 4 +- src/libfast/fast_request.h | 2 +- src/libfast/fast_session.c | 2 +- src/libfast/fast_session.h | 2 +- src/libimcv/imcv.h | 3 +- src/libimcv/imv/data.sql | 24 + src/libimcv/imv/imv_database.c | 5 +- src/libimcv/imv/imv_policy_manager.c | 2 +- src/libimcv/imv/tables-mysql.sql | 4 +- src/libimcv/imv/tables.sql | 3 +- src/libimcv/ita/ita_attr_settings.c | 2 +- .../plugins/imc_scanner/imc_scanner_state.h | 3 +- src/libimcv/plugins/imc_swid/imc_swid_state.h | 3 +- .../strongswan.org__strongSwan-5-6-2.swidtag | 11 - .../strongswan.org__strongSwan-5-6-3.swidtag | 11 + .../strongswan.org__strongSwan-5-6-2.swidtag | 11 - .../strongswan.org__strongSwan-5-6-3.swidtag | 11 + src/libimcv/plugins/imc_test/imc_test_state.h | 3 +- src/libimcv/plugins/imv_test/imv_test_state.h | 3 +- src/libimcv/pts/pts.c | 2 +- src/libipsec/esp_context.c | 2 +- src/libipsec/esp_context.h | 2 +- src/libipsec/esp_packet.c | 2 +- src/libipsec/esp_packet.h | 2 +- src/libipsec/ip_packet.c | 4 +- src/libipsec/ip_packet.h | 2 +- src/libipsec/ipsec.c | 2 +- src/libipsec/ipsec.h | 2 +- src/libipsec/ipsec_event_listener.h | 2 +- src/libipsec/ipsec_event_relay.c | 2 +- src/libipsec/ipsec_event_relay.h | 2 +- src/libipsec/ipsec_policy.c | 2 +- src/libipsec/ipsec_policy.h | 2 +- src/libipsec/ipsec_policy_mgr.c | 2 +- src/libipsec/ipsec_policy_mgr.h | 2 +- src/libipsec/ipsec_processor.c | 2 +- src/libipsec/ipsec_processor.h | 2 +- src/libipsec/ipsec_sa.c | 2 +- src/libipsec/ipsec_sa.h | 2 +- src/libipsec/ipsec_sa_mgr.c | 2 +- src/libipsec/ipsec_sa_mgr.h | 2 +- src/libradius/radius_client.c | 2 +- src/libradius/radius_client.h | 2 +- src/libradius/radius_message.c | 2 +- src/libradius/radius_message.h | 2 +- src/libsimaka/simaka_card.h | 2 +- src/libsimaka/simaka_crypto.c | 2 +- src/libsimaka/simaka_crypto.h | 2 +- src/libsimaka/simaka_hooks.h | 2 +- src/libsimaka/simaka_manager.c | 2 +- src/libsimaka/simaka_manager.h | 2 +- src/libsimaka/simaka_message.c | 2 +- src/libsimaka/simaka_message.h | 2 +- src/libsimaka/simaka_provider.h | 2 +- src/libstrongswan/asn1/asn1.c | 2 +- src/libstrongswan/asn1/asn1.h | 2 +- src/libstrongswan/asn1/oid.c | 703 ++++++++-------- src/libstrongswan/asn1/oid.h | 327 ++++---- src/libstrongswan/asn1/oid.pl | 2 +- src/libstrongswan/asn1/oid.txt | 7 + src/libstrongswan/bio/bio_reader.c | 2 +- src/libstrongswan/bio/bio_reader.h | 2 +- src/libstrongswan/bio/bio_writer.c | 2 +- src/libstrongswan/bio/bio_writer.h | 2 +- src/libstrongswan/collections/array.c | 2 +- src/libstrongswan/collections/array.h | 2 +- src/libstrongswan/collections/blocking_queue.c | 2 +- src/libstrongswan/collections/blocking_queue.h | 2 +- src/libstrongswan/collections/dictionary.h | 2 +- src/libstrongswan/collections/enumerator.c | 2 +- src/libstrongswan/collections/hashtable.c | 2 +- src/libstrongswan/collections/hashtable.h | 2 +- src/libstrongswan/collections/linked_list.c | 2 +- src/libstrongswan/collections/linked_list.h | 2 +- src/libstrongswan/credentials/auth_cfg.h | 2 +- .../credentials/certificates/certificate.h | 2 +- src/libstrongswan/credentials/certificates/crl.c | 2 +- src/libstrongswan/credentials/certificates/crl.h | 2 +- .../credentials/certificates/ocsp_request.h | 2 +- .../credentials/certificates/ocsp_response.c | 2 +- .../credentials/certificates/ocsp_response.h | 2 +- .../credentials/certificates/pgp_certificate.h | 2 +- src/libstrongswan/credentials/certificates/x509.h | 5 +- .../credentials/containers/container.h | 2 +- src/libstrongswan/credentials/containers/pkcs12.c | 2 +- src/libstrongswan/credentials/containers/pkcs12.h | 2 +- src/libstrongswan/credentials/cred_encoding.c | 2 +- src/libstrongswan/credentials/cred_encoding.h | 2 +- src/libstrongswan/credentials/credential_factory.c | 2 +- src/libstrongswan/credentials/credential_factory.h | 2 +- src/libstrongswan/credentials/credential_manager.c | 2 +- src/libstrongswan/credentials/credential_manager.h | 2 +- src/libstrongswan/credentials/credential_set.h | 2 +- src/libstrongswan/credentials/keys/private_key.c | 2 +- src/libstrongswan/credentials/keys/shared_key.c | 2 +- src/libstrongswan/credentials/keys/shared_key.h | 2 +- .../credentials/sets/auth_cfg_wrapper.c | 2 +- .../credentials/sets/auth_cfg_wrapper.h | 2 +- src/libstrongswan/credentials/sets/cert_cache.h | 2 +- src/libstrongswan/credentials/sets/mem_cred.c | 2 +- .../credentials/sets/ocsp_response_wrapper.c | 2 +- .../credentials/sets/ocsp_response_wrapper.h | 2 +- src/libstrongswan/crypto/aead.c | 2 +- src/libstrongswan/crypto/aead.h | 2 +- src/libstrongswan/crypto/crypters/crypter.c | 2 +- src/libstrongswan/crypto/crypters/crypter.h | 2 +- src/libstrongswan/crypto/crypto_tester.c | 2 +- src/libstrongswan/crypto/crypto_tester.h | 2 +- src/libstrongswan/crypto/diffie_hellman.c | 47 +- src/libstrongswan/crypto/diffie_hellman.h | 2 +- .../crypto/hashers/hash_algorithm_set.c | 2 +- .../crypto/hashers/hash_algorithm_set.h | 2 +- src/libstrongswan/crypto/iv/iv_gen.c | 2 +- src/libstrongswan/crypto/iv/iv_gen.h | 2 +- src/libstrongswan/crypto/iv/iv_gen_null.c | 2 +- src/libstrongswan/crypto/iv/iv_gen_null.h | 2 +- src/libstrongswan/crypto/iv/iv_gen_rand.c | 2 +- src/libstrongswan/crypto/iv/iv_gen_rand.h | 2 +- src/libstrongswan/crypto/iv/iv_gen_seq.c | 2 +- src/libstrongswan/crypto/iv/iv_gen_seq.h | 2 +- src/libstrongswan/crypto/mac.h | 2 +- src/libstrongswan/crypto/nonce_gen.h | 2 +- src/libstrongswan/crypto/pkcs5.c | 26 +- src/libstrongswan/crypto/pkcs5.h | 2 +- src/libstrongswan/crypto/prf_plus.c | 2 +- src/libstrongswan/crypto/prf_plus.h | 2 +- src/libstrongswan/crypto/prfs/mac_prf.c | 2 +- src/libstrongswan/crypto/prfs/mac_prf.h | 2 +- src/libstrongswan/crypto/prfs/prf.c | 27 +- src/libstrongswan/crypto/prfs/prf.h | 11 +- src/libstrongswan/crypto/proposal/proposal.c | 236 +++++- .../crypto/proposal/proposal_keywords.c | 2 +- .../crypto/proposal/proposal_keywords.h | 2 +- .../crypto/proposal/proposal_keywords_static.c | 153 ++-- .../crypto/proposal/proposal_keywords_static.h | 2 +- .../crypto/proposal/proposal_keywords_static.h.in | 2 +- .../crypto/proposal/proposal_keywords_static.txt | 5 +- src/libstrongswan/crypto/rngs/rng.c | 2 +- src/libstrongswan/crypto/rngs/rng.h | 2 +- src/libstrongswan/crypto/signers/mac_signer.c | 2 +- src/libstrongswan/crypto/signers/mac_signer.h | 2 +- src/libstrongswan/crypto/signers/signer.c | 2 +- src/libstrongswan/crypto/signers/signer.h | 2 +- src/libstrongswan/crypto/transform.c | 22 +- src/libstrongswan/crypto/transform.h | 15 +- src/libstrongswan/database/database.h | 2 +- src/libstrongswan/database/database_factory.c | 2 +- src/libstrongswan/database/database_factory.h | 2 +- src/libstrongswan/eap/eap.c | 2 +- src/libstrongswan/eap/eap.h | 2 +- src/libstrongswan/fetcher/fetcher.h | 2 +- src/libstrongswan/fetcher/fetcher_manager.c | 2 +- src/libstrongswan/fetcher/fetcher_manager.h | 2 +- src/libstrongswan/ipsec/ipsec_types.c | 8 +- src/libstrongswan/ipsec/ipsec_types.h | 17 +- src/libstrongswan/library.c | 2 +- src/libstrongswan/library.h | 2 +- src/libstrongswan/networking/host.c | 2 +- src/libstrongswan/networking/host.h | 2 +- src/libstrongswan/networking/host_resolver.c | 2 +- src/libstrongswan/networking/host_resolver.h | 2 +- src/libstrongswan/networking/packet.c | 2 +- src/libstrongswan/networking/packet.h | 2 +- .../networking/streams/stream_service_unix.c | 9 +- src/libstrongswan/networking/tun_device.c | 2 +- src/libstrongswan/networking/tun_device.h | 2 +- src/libstrongswan/plugins/aes/aes_crypter.c | 2 +- src/libstrongswan/plugins/aes/aes_crypter.h | 2 +- src/libstrongswan/plugins/aes/aes_plugin.c | 2 +- src/libstrongswan/plugins/aes/aes_plugin.h | 2 +- src/libstrongswan/plugins/aesni/aesni_cmac.c | 2 +- src/libstrongswan/plugins/aesni/aesni_xcbc.c | 2 +- src/libstrongswan/plugins/agent/agent_plugin.c | 2 +- src/libstrongswan/plugins/agent/agent_plugin.h | 2 +- .../plugins/agent/agent_private_key.c | 2 +- .../plugins/agent/agent_private_key.h | 2 +- .../plugins/bliss/bliss_private_key.c | 4 +- src/libstrongswan/plugins/blowfish/bf_enc.c | 2 +- src/libstrongswan/plugins/blowfish/bf_locl.h | 2 +- src/libstrongswan/plugins/blowfish/bf_pi.h | 2 +- src/libstrongswan/plugins/blowfish/bf_skey.c | 2 +- src/libstrongswan/plugins/blowfish/blowfish.h | 2 +- .../plugins/blowfish/blowfish_crypter.c | 2 +- .../plugins/blowfish/blowfish_crypter.h | 2 +- .../plugins/blowfish/blowfish_plugin.c | 2 +- .../plugins/blowfish/blowfish_plugin.h | 2 +- src/libstrongswan/plugins/cmac/cmac.c | 2 +- src/libstrongswan/plugins/cmac/cmac.h | 2 +- src/libstrongswan/plugins/cmac/cmac_plugin.c | 2 +- src/libstrongswan/plugins/cmac/cmac_plugin.h | 2 +- src/libstrongswan/plugins/curl/curl_fetcher.c | 2 +- src/libstrongswan/plugins/curl/curl_fetcher.h | 2 +- src/libstrongswan/plugins/curl/curl_plugin.c | 2 +- src/libstrongswan/plugins/curl/curl_plugin.h | 2 +- src/libstrongswan/plugins/des/des_crypter.c | 4 +- src/libstrongswan/plugins/des/des_crypter.h | 2 +- src/libstrongswan/plugins/des/des_plugin.c | 2 +- src/libstrongswan/plugins/des/des_plugin.h | 2 +- src/libstrongswan/plugins/dnskey/dnskey_builder.c | 2 +- src/libstrongswan/plugins/dnskey/dnskey_builder.h | 2 +- src/libstrongswan/plugins/dnskey/dnskey_plugin.c | 2 +- src/libstrongswan/plugins/dnskey/dnskey_plugin.h | 2 +- src/libstrongswan/plugins/files/files_fetcher.c | 2 +- src/libstrongswan/plugins/files/files_fetcher.h | 2 +- src/libstrongswan/plugins/files/files_plugin.c | 2 +- src/libstrongswan/plugins/files/files_plugin.h | 2 +- src/libstrongswan/plugins/fips_prf/fips_prf.c | 2 +- src/libstrongswan/plugins/fips_prf/fips_prf.h | 2 +- .../plugins/fips_prf/fips_prf_plugin.c | 2 +- .../plugins/fips_prf/fips_prf_plugin.h | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_dh.c | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_dh.h | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_rng.c | 2 +- src/libstrongswan/plugins/gcrypt/gcrypt_rng.h | 2 +- .../plugins/gcrypt/gcrypt_rsa_private_key.h | 2 +- .../plugins/gcrypt/gcrypt_rsa_public_key.h | 2 +- src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c | 2 +- src/libstrongswan/plugins/gmp/gmp_diffie_hellman.h | 2 +- src/libstrongswan/plugins/gmp/gmp_plugin.c | 2 +- src/libstrongswan/plugins/gmp/gmp_plugin.h | 2 +- .../plugins/gmp/gmp_rsa_private_key.h | 2 +- src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h | 2 +- src/libstrongswan/plugins/hmac/hmac.c | 2 +- src/libstrongswan/plugins/hmac/hmac.h | 2 +- src/libstrongswan/plugins/hmac/hmac_plugin.c | 2 +- src/libstrongswan/plugins/hmac/hmac_plugin.h | 2 +- src/libstrongswan/plugins/ldap/ldap_fetcher.c | 2 +- src/libstrongswan/plugins/ldap/ldap_fetcher.h | 2 +- src/libstrongswan/plugins/ldap/ldap_plugin.c | 2 +- src/libstrongswan/plugins/ldap/ldap_plugin.h | 2 +- src/libstrongswan/plugins/md4/md4_hasher.c | 2 +- src/libstrongswan/plugins/md4/md4_hasher.h | 2 +- src/libstrongswan/plugins/md4/md4_plugin.c | 2 +- src/libstrongswan/plugins/md4/md4_plugin.h | 2 +- src/libstrongswan/plugins/md5/md5_hasher.c | 2 +- src/libstrongswan/plugins/md5/md5_hasher.h | 2 +- src/libstrongswan/plugins/md5/md5_plugin.c | 2 +- src/libstrongswan/plugins/md5/md5_plugin.h | 2 +- src/libstrongswan/plugins/mysql/mysql_database.c | 2 +- src/libstrongswan/plugins/mysql/mysql_database.h | 2 +- src/libstrongswan/plugins/mysql/mysql_plugin.c | 2 +- src/libstrongswan/plugins/mysql/mysql_plugin.h | 2 +- src/libstrongswan/plugins/nonce/nonce_nonceg.c | 2 +- src/libstrongswan/plugins/nonce/nonce_nonceg.h | 2 +- src/libstrongswan/plugins/nonce/nonce_plugin.c | 2 +- src/libstrongswan/plugins/nonce/nonce_plugin.h | 2 +- src/libstrongswan/plugins/ntru/ntru_private_key.c | 2 +- src/libstrongswan/plugins/openssl/openssl_crl.c | 2 +- .../plugins/openssl/openssl_crypter.c | 2 +- .../plugins/openssl/openssl_crypter.h | 2 +- .../plugins/openssl/openssl_diffie_hellman.c | 2 +- .../plugins/openssl/openssl_diffie_hellman.h | 2 +- .../plugins/openssl/openssl_ec_diffie_hellman.c | 2 +- .../plugins/openssl/openssl_ec_diffie_hellman.h | 2 +- .../plugins/openssl/openssl_ec_public_key.c | 2 +- .../plugins/openssl/openssl_ec_public_key.h | 2 +- src/libstrongswan/plugins/openssl/openssl_gcm.c | 2 +- src/libstrongswan/plugins/openssl/openssl_gcm.h | 2 +- src/libstrongswan/plugins/openssl/openssl_hmac.c | 2 +- src/libstrongswan/plugins/openssl/openssl_hmac.h | 2 +- src/libstrongswan/plugins/openssl/openssl_pkcs12.c | 2 +- src/libstrongswan/plugins/openssl/openssl_pkcs12.h | 2 +- src/libstrongswan/plugins/openssl/openssl_plugin.h | 2 +- .../plugins/openssl/openssl_rsa_public_key.h | 2 +- .../plugins/openssl/openssl_sha1_prf.c | 2 +- .../plugins/openssl/openssl_sha1_prf.h | 2 +- src/libstrongswan/plugins/openssl/openssl_util.c | 2 +- src/libstrongswan/plugins/openssl/openssl_util.h | 2 +- src/libstrongswan/plugins/openssl/openssl_x509.c | 11 + .../plugins/padlock/padlock_aes_crypter.c | 2 +- .../plugins/padlock/padlock_aes_crypter.h | 2 +- src/libstrongswan/plugins/padlock/padlock_plugin.c | 2 +- src/libstrongswan/plugins/padlock/padlock_plugin.h | 2 +- src/libstrongswan/plugins/padlock/padlock_rng.c | 2 +- src/libstrongswan/plugins/padlock/padlock_rng.h | 2 +- .../plugins/padlock/padlock_sha1_hasher.c | 2 +- .../plugins/padlock/padlock_sha1_hasher.h | 2 +- src/libstrongswan/plugins/pem/pem_builder.c | 2 +- src/libstrongswan/plugins/pem/pem_builder.h | 2 +- src/libstrongswan/plugins/pem/pem_encoder.h | 2 +- src/libstrongswan/plugins/pem/pem_plugin.c | 2 +- src/libstrongswan/plugins/pem/pem_plugin.h | 2 +- src/libstrongswan/plugins/pgp/pgp_builder.c | 2 +- src/libstrongswan/plugins/pgp/pgp_builder.h | 2 +- src/libstrongswan/plugins/pgp/pgp_cert.c | 2 +- src/libstrongswan/plugins/pgp/pgp_cert.h | 2 +- src/libstrongswan/plugins/pgp/pgp_encoder.c | 2 +- src/libstrongswan/plugins/pgp/pgp_encoder.h | 2 +- src/libstrongswan/plugins/pgp/pgp_plugin.c | 2 +- src/libstrongswan/plugins/pgp/pgp_plugin.h | 2 +- src/libstrongswan/plugins/pgp/pgp_utils.c | 2 +- src/libstrongswan/plugins/pgp/pgp_utils.h | 2 +- src/libstrongswan/plugins/pkcs1/pkcs1_builder.h | 2 +- src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c | 2 +- src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h | 2 +- src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h | 2 +- src/libstrongswan/plugins/pkcs11/pkcs11_dh.c | 2 +- src/libstrongswan/plugins/pkcs11/pkcs11_dh.h | 2 +- src/libstrongswan/plugins/pkcs11/pkcs11_library.c | 6 +- src/libstrongswan/plugins/pkcs11/pkcs11_library.h | 2 +- src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c | 2 +- .../plugins/pkcs11/pkcs11_private_key.c | 2 +- .../plugins/pkcs11/pkcs11_private_key.h | 2 +- .../plugins/pkcs11/pkcs11_public_key.c | 2 +- src/libstrongswan/plugins/pkcs11/pkcs11_rng.c | 2 +- src/libstrongswan/plugins/pkcs11/pkcs11_rng.h | 2 +- src/libstrongswan/plugins/pkcs12/pkcs12_decode.c | 2 +- src/libstrongswan/plugins/pkcs12/pkcs12_decode.h | 2 +- src/libstrongswan/plugins/pkcs12/pkcs12_plugin.c | 2 +- src/libstrongswan/plugins/pkcs12/pkcs12_plugin.h | 4 +- src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c | 2 +- src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h | 2 +- .../plugins/pkcs7/pkcs7_encrypted_data.c | 2 +- .../plugins/pkcs7/pkcs7_encrypted_data.h | 2 +- .../plugins/pkcs7/pkcs7_enveloped_data.c | 2 +- src/libstrongswan/plugins/pkcs7/pkcs7_generic.c | 2 +- src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h | 2 +- src/libstrongswan/plugins/pkcs8/pkcs8_builder.c | 2 +- src/libstrongswan/plugins/pkcs8/pkcs8_builder.h | 2 +- src/libstrongswan/plugins/pkcs8/pkcs8_plugin.c | 2 +- src/libstrongswan/plugins/pkcs8/pkcs8_plugin.h | 4 +- src/libstrongswan/plugins/plugin.h | 2 +- src/libstrongswan/plugins/plugin_feature.c | 2 +- src/libstrongswan/plugins/plugin_feature.h | 2 +- src/libstrongswan/plugins/plugin_loader.c | 2 +- src/libstrongswan/plugins/plugin_loader.h | 2 +- src/libstrongswan/plugins/pubkey/pubkey_cert.c | 2 +- src/libstrongswan/plugins/pubkey/pubkey_cert.h | 2 +- src/libstrongswan/plugins/pubkey/pubkey_plugin.c | 2 +- src/libstrongswan/plugins/pubkey/pubkey_plugin.h | 2 +- src/libstrongswan/plugins/random/random_plugin.c | 2 +- src/libstrongswan/plugins/random/random_plugin.h | 2 +- src/libstrongswan/plugins/random/random_rng.c | 2 +- src/libstrongswan/plugins/random/random_rng.h | 2 +- src/libstrongswan/plugins/rc2/rc2_crypter.c | 2 +- src/libstrongswan/plugins/rc2/rc2_crypter.h | 2 +- src/libstrongswan/plugins/rc2/rc2_plugin.c | 2 +- src/libstrongswan/plugins/rc2/rc2_plugin.h | 2 +- .../plugins/revocation/revocation_validator.c | 134 ++- src/libstrongswan/plugins/sha1/sha1_hasher.c | 2 +- src/libstrongswan/plugins/sha1/sha1_hasher.h | 2 +- src/libstrongswan/plugins/sha1/sha1_plugin.c | 2 +- src/libstrongswan/plugins/sha1/sha1_plugin.h | 2 +- src/libstrongswan/plugins/sha1/sha1_prf.c | 2 +- src/libstrongswan/plugins/sha1/sha1_prf.h | 2 +- src/libstrongswan/plugins/sha2/sha2_hasher.c | 2 +- src/libstrongswan/plugins/sha2/sha2_hasher.h | 2 +- src/libstrongswan/plugins/sha2/sha2_plugin.c | 2 +- src/libstrongswan/plugins/sha2/sha2_plugin.h | 2 +- src/libstrongswan/plugins/sqlite/sqlite_database.c | 2 +- src/libstrongswan/plugins/sqlite/sqlite_database.h | 2 +- src/libstrongswan/plugins/sqlite/sqlite_plugin.c | 8 +- src/libstrongswan/plugins/sqlite/sqlite_plugin.h | 2 +- src/libstrongswan/plugins/sshkey/sshkey_builder.c | 2 +- src/libstrongswan/plugins/sshkey/sshkey_builder.h | 2 +- src/libstrongswan/plugins/sshkey/sshkey_encoder.c | 2 +- src/libstrongswan/plugins/sshkey/sshkey_encoder.h | 2 +- src/libstrongswan/plugins/sshkey/sshkey_plugin.c | 2 +- src/libstrongswan/plugins/sshkey/sshkey_plugin.h | 2 +- .../plugins/test_vectors/test_vectors.h | 2 +- .../plugins/test_vectors/test_vectors/3des_cbc.c | 2 +- .../plugins/test_vectors/test_vectors/aes_cbc.c | 2 +- .../plugins/test_vectors/test_vectors/aes_cmac.c | 2 +- .../plugins/test_vectors/test_vectors/aes_xcbc.c | 2 +- .../plugins/test_vectors/test_vectors/blowfish.c | 2 +- .../test_vectors/test_vectors/camellia_cbc.c | 2 +- .../plugins/test_vectors/test_vectors/cast.c | 2 +- .../plugins/test_vectors/test_vectors/des.c | 2 +- .../plugins/test_vectors/test_vectors/fips_prf.c | 2 +- .../plugins/test_vectors/test_vectors/idea.c | 2 +- .../plugins/test_vectors/test_vectors/md2.c | 2 +- .../plugins/test_vectors/test_vectors/md4.c | 2 +- .../plugins/test_vectors/test_vectors/md5.c | 2 +- .../plugins/test_vectors/test_vectors/md5_hmac.c | 2 +- .../plugins/test_vectors/test_vectors/null.c | 2 +- .../plugins/test_vectors/test_vectors/rc2.c | 2 +- .../plugins/test_vectors/test_vectors/rc5.c | 2 +- .../plugins/test_vectors/test_vectors/rng.c | 2 +- .../test_vectors/test_vectors/serpent_cbc.c | 2 +- .../plugins/test_vectors/test_vectors/sha1.c | 2 +- .../plugins/test_vectors/test_vectors/sha1_hmac.c | 2 +- .../plugins/test_vectors/test_vectors/sha2.c | 2 +- .../plugins/test_vectors/test_vectors/sha2_hmac.c | 2 +- .../test_vectors/test_vectors/twofish_cbc.c | 2 +- .../plugins/test_vectors/test_vectors_plugin.c | 2 +- .../plugins/test_vectors/test_vectors_plugin.h | 2 +- src/libstrongswan/plugins/unbound/unbound_plugin.c | 2 +- src/libstrongswan/plugins/unbound/unbound_plugin.h | 2 +- .../plugins/unbound/unbound_resolver.c | 2 +- .../plugins/unbound/unbound_resolver.h | 2 +- .../plugins/unbound/unbound_response.c | 2 +- .../plugins/unbound/unbound_response.h | 2 +- src/libstrongswan/plugins/unbound/unbound_rr.c | 2 +- src/libstrongswan/plugins/unbound/unbound_rr.h | 2 +- src/libstrongswan/plugins/x509/x509_ac.h | 2 +- src/libstrongswan/plugins/x509/x509_cert.c | 12 +- src/libstrongswan/plugins/x509/x509_cert.h | 2 +- src/libstrongswan/plugins/x509/x509_crl.c | 3 +- src/libstrongswan/plugins/x509/x509_crl.h | 2 +- src/libstrongswan/plugins/x509/x509_ocsp_request.c | 2 +- src/libstrongswan/plugins/x509/x509_ocsp_request.h | 2 +- .../plugins/x509/x509_ocsp_response.h | 2 +- src/libstrongswan/plugins/x509/x509_plugin.c | 2 +- src/libstrongswan/plugins/x509/x509_plugin.h | 2 +- src/libstrongswan/plugins/xcbc/xcbc.c | 2 +- src/libstrongswan/plugins/xcbc/xcbc.h | 2 +- src/libstrongswan/plugins/xcbc/xcbc_plugin.c | 2 +- src/libstrongswan/plugins/xcbc/xcbc_plugin.h | 2 +- src/libstrongswan/processing/jobs/callback_job.c | 2 +- src/libstrongswan/processing/jobs/callback_job.h | 2 +- src/libstrongswan/processing/jobs/job.h | 2 +- src/libstrongswan/processing/processor.c | 2 +- src/libstrongswan/processing/processor.h | 2 +- src/libstrongswan/processing/scheduler.c | 2 +- src/libstrongswan/processing/scheduler.h | 2 +- src/libstrongswan/resolver/resolver.h | 2 +- src/libstrongswan/resolver/resolver_manager.c | 2 +- src/libstrongswan/resolver/resolver_manager.h | 2 +- src/libstrongswan/resolver/resolver_response.h | 2 +- src/libstrongswan/resolver/rr.h | 2 +- src/libstrongswan/resolver/rr_set.c | 2 +- src/libstrongswan/resolver/rr_set.h | 2 +- src/libstrongswan/selectors/traffic_selector.c | 9 +- src/libstrongswan/selectors/traffic_selector.h | 2 +- src/libstrongswan/settings/settings.c | 2 +- src/libstrongswan/settings/settings.h | 2 +- src/libstrongswan/settings/settings_lexer.c | 366 ++++++--- src/libstrongswan/settings/settings_lexer.l | 67 +- src/libstrongswan/settings/settings_parser.c | 2 +- src/libstrongswan/settings/settings_parser.y | 2 +- src/libstrongswan/settings/settings_types.c | 2 +- src/libstrongswan/settings/settings_types.h | 2 +- src/libstrongswan/tests/suites/test_array.c | 2 +- src/libstrongswan/tests/suites/test_auth_cfg.c | 2 +- src/libstrongswan/tests/suites/test_bio_reader.c | 2 +- src/libstrongswan/tests/suites/test_bio_writer.c | 2 +- src/libstrongswan/tests/suites/test_chunk.c | 2 +- .../tests/suites/test_crypto_factory.c | 2 +- src/libstrongswan/tests/suites/test_enum.c | 2 +- src/libstrongswan/tests/suites/test_enumerator.c | 2 +- src/libstrongswan/tests/suites/test_hashtable.c | 2 +- src/libstrongswan/tests/suites/test_host.c | 2 +- src/libstrongswan/tests/suites/test_iv_gen.c | 2 +- src/libstrongswan/tests/suites/test_linked_list.c | 2 +- .../tests/suites/test_linked_list_enumerator.c | 2 +- src/libstrongswan/tests/suites/test_proposal.c | 114 +++ src/libstrongswan/tests/suites/test_settings.c | 115 ++- src/libstrongswan/tests/suites/test_threading.c | 52 +- .../tests/suites/test_traffic_selector.c | 7 +- src/libstrongswan/tests/suites/test_utils.c | 2 +- src/libstrongswan/tests/suites/test_vectors.c | 2 +- src/libstrongswan/tests/test_runner.c | 2 +- src/libstrongswan/tests/test_suite.h | 2 +- src/libstrongswan/tests/tests.h | 2 +- src/libstrongswan/threading/condvar.h | 2 +- src/libstrongswan/threading/lock_profiler.h | 2 +- src/libstrongswan/threading/mutex.c | 2 +- src/libstrongswan/threading/mutex.h | 2 +- src/libstrongswan/threading/rwlock.c | 2 +- src/libstrongswan/threading/rwlock.h | 2 +- src/libstrongswan/threading/rwlock_condvar.h | 2 +- src/libstrongswan/threading/semaphore.c | 2 +- src/libstrongswan/threading/semaphore.h | 2 +- src/libstrongswan/threading/spinlock.c | 2 +- src/libstrongswan/threading/spinlock.h | 2 +- src/libstrongswan/threading/thread.c | 4 +- src/libstrongswan/threading/thread.h | 2 +- src/libstrongswan/threading/thread_value.c | 2 +- src/libstrongswan/threading/thread_value.h | 2 +- src/libstrongswan/utils/backtrace.c | 2 +- src/libstrongswan/utils/backtrace.h | 2 +- src/libstrongswan/utils/capabilities.c | 7 +- src/libstrongswan/utils/capabilities.h | 5 +- src/libstrongswan/utils/chunk.c | 2 +- src/libstrongswan/utils/chunk.h | 2 +- src/libstrongswan/utils/compat/android.h | 2 +- src/libstrongswan/utils/debug.c | 2 +- src/libstrongswan/utils/debug.h | 2 +- src/libstrongswan/utils/enum.c | 2 +- src/libstrongswan/utils/enum.h | 4 +- src/libstrongswan/utils/identification.h | 2 +- src/libstrongswan/utils/integrity_checker.c | 2 +- src/libstrongswan/utils/integrity_checker.h | 2 +- src/libstrongswan/utils/leak_detective.c | 2 +- src/libstrongswan/utils/leak_detective.h | 2 +- src/libstrongswan/utils/lexparser.h | 2 +- src/libstrongswan/utils/optionsfrom.c | 2 +- src/libstrongswan/utils/optionsfrom.h | 2 +- src/libstrongswan/utils/parser_helper.c | 2 +- src/libstrongswan/utils/parser_helper.h | 2 +- src/libstrongswan/utils/printf_hook/printf_hook.h | 2 +- .../utils/printf_hook/printf_hook_glibc.c | 2 +- .../utils/printf_hook/printf_hook_vstr.c | 2 +- .../utils/printf_hook/printf_hook_vstr.h | 2 +- src/libstrongswan/utils/test.c | 2 +- src/libstrongswan/utils/test.h | 2 +- src/libstrongswan/utils/utils.c | 2 +- src/libstrongswan/utils/utils.h | 2 +- src/libstrongswan/utils/utils/align.c | 2 +- src/libstrongswan/utils/utils/align.h | 2 +- src/libstrongswan/utils/utils/atomics.c | 2 +- src/libstrongswan/utils/utils/atomics.h | 2 +- src/libstrongswan/utils/utils/byteorder.h | 2 +- src/libstrongswan/utils/utils/memory.c | 4 +- src/libstrongswan/utils/utils/memory.h | 2 +- src/libstrongswan/utils/utils/object.h | 2 +- src/libstrongswan/utils/utils/path.c | 2 +- src/libstrongswan/utils/utils/path.h | 2 +- src/libstrongswan/utils/utils/status.c | 2 +- src/libstrongswan/utils/utils/status.h | 2 +- src/libstrongswan/utils/utils/strerror.c | 2 +- src/libstrongswan/utils/utils/strerror.h | 2 +- src/libstrongswan/utils/utils/string.c | 2 +- src/libstrongswan/utils/utils/string.h | 2 +- src/libstrongswan/utils/utils/tty.c | 2 +- src/libstrongswan/utils/utils/tty.h | 2 +- src/libstrongswan/utils/utils/types.h | 2 +- src/libtls/tls_application.h | 2 +- .../plugins/tnc_imc/tnc_imc_bind_function.c | 4 +- src/libtnccs/plugins/tnccs_11/batch/tnccs_batch.c | 4 +- .../plugins/tnccs_11/messages/imc_imv_msg.c | 4 +- .../plugins/tnccs_11/messages/tnccs_error_msg.c | 4 +- src/libtnccs/plugins/tnccs_11/messages/tnccs_msg.c | 4 +- .../messages/tnccs_preferred_language_msg.c | 4 +- .../tnccs_11/messages/tnccs_reason_strings_msg.c | 4 +- .../tnccs_11/messages/tnccs_recommendation_msg.c | 4 +- .../messages/tnccs_tncs_contact_info_msg.c | 3 +- src/libtpmtss/plugins/tpm/tpm_cert.c | 2 +- src/libtpmtss/tpm_tss_tss2.c | 3 +- src/manager/controller/auth_controller.c | 2 +- src/manager/controller/auth_controller.h | 2 +- src/manager/controller/config_controller.c | 2 +- src/manager/controller/config_controller.h | 2 +- src/manager/controller/control_controller.c | 2 +- src/manager/controller/control_controller.h | 2 +- src/manager/controller/gateway_controller.c | 2 +- src/manager/controller/gateway_controller.h | 2 +- src/manager/controller/ikesa_controller.c | 2 +- src/manager/controller/ikesa_controller.h | 2 +- src/manager/gateway.c | 2 +- src/manager/gateway.h | 2 +- src/manager/main.c | 2 +- src/manager/manager.c | 2 +- src/manager/manager.h | 2 +- src/manager/storage.c | 2 +- src/manager/storage.h | 2 +- src/manager/xml.c | 2 +- src/manager/xml.h | 2 +- src/medsrv/controller/peer_controller.c | 2 +- src/medsrv/controller/peer_controller.h | 2 +- src/medsrv/controller/user_controller.c | 2 +- src/medsrv/controller/user_controller.h | 2 +- src/medsrv/filter/auth_filter.c | 2 +- src/medsrv/filter/auth_filter.h | 2 +- src/medsrv/main.c | 2 +- src/medsrv/user.c | 2 +- src/medsrv/user.h | 2 +- src/pki/command.c | 2 +- src/pki/command.h | 2 +- src/pki/commands/dn.c | 2 +- src/pki/commands/pkcs12.c | 2 +- src/pki/commands/verify.c | 106 ++- src/pki/man/pki---verify.1.in | 7 +- src/pool/pool_attributes.c | 2 +- src/pool/pool_attributes.h | 2 +- src/pool/pool_usage.c | 2 +- src/pool/pool_usage.h | 2 +- src/pt-tls-client/pt-tls-client.c | 6 +- src/scepclient/scep.c | 2 +- src/scepclient/scep.h | 2 +- src/scepclient/scepclient.c | 2 +- src/starter/args.c | 2 +- src/starter/args.h | 2 +- src/starter/confread.c | 2 +- src/starter/invokecharon.c | 9 +- src/starter/invokecharon.h | 9 +- src/starter/keywords.c | 2 +- src/starter/keywords.h | 2 +- src/starter/keywords.h.in | 2 +- src/starter/keywords.txt | 2 +- src/starter/parser/conf_parser.c | 2 +- src/starter/parser/conf_parser.h | 2 +- src/starter/parser/lexer.c | 2 +- src/starter/parser/lexer.l | 2 +- src/starter/parser/parser.c | 2 +- src/starter/parser/parser.y | 2 +- src/starter/starter.c | 6 +- src/starter/starterstroke.c | 2 +- src/starter/starterstroke.h | 2 +- src/starter/tests/starter_tests.c | 2 +- src/starter/tests/starter_tests.h | 2 +- src/starter/tests/suites/test_parser.c | 2 +- src/stroke/stroke.c | 2 +- src/stroke/stroke_keywords.c | 4 +- src/stroke/stroke_keywords.h | 4 +- src/stroke/stroke_keywords.h.in | 4 +- src/stroke/stroke_keywords.txt | 4 +- src/stroke/stroke_msg.h | 2 +- src/sw-collector/sw-collector.8.in | 12 +- src/sw-collector/sw-collector.c | 98 ++- src/swanctl/command.c | 2 +- src/swanctl/command.h | 2 +- src/swanctl/commands/list_algs.c | 2 +- src/swanctl/commands/redirect.c | 2 +- src/swanctl/commands/terminate.c | 9 + src/swanctl/swanctl.conf.5.main | 8 +- src/swanctl/swanctl.opt | 6 + testing/hosts/default/etc/sysctl.conf | 2 +- testing/scripts/recipes/patches/freeradius-tnc-fhh | 2 +- testing/testing.conf | 6 +- .../ikev2/alg-chacha20poly1305/description.txt | 2 +- .../tests/ikev2/alg-chacha20poly1305/evaltest.dat | 8 +- .../dhcp-dynamic/hosts/moon/etc/iptables.rules | 4 +- testing/tests/ikev2/dhcp-dynamic/posttest.dat | 3 +- .../hosts/moon/etc/iptables.rules | 4 +- .../hosts/moon/etc/strongswan.conf | 1 + .../dhcp-static-mac/hosts/moon/etc/iptables.rules | 4 +- .../ikev2/multi-level-ca-skipped/description.txt | 4 + .../ikev2/multi-level-ca-skipped/evaltest.dat | 4 + .../hosts/carol/etc/ipsec.conf | 21 + .../hosts/carol/etc/ipsec.d/certs/carolCert.pem | 25 + .../hosts/carol/etc/ipsec.d/private/carolKey.pem | 27 + .../hosts/carol/etc/ipsec.secrets | 3 + .../hosts/carol/etc/strongswan.conf | 5 + .../hosts/moon/etc/ipsec.conf | 25 + .../moon/etc/ipsec.d/cacerts/researchCert.pem | 23 + .../hosts/moon/etc/strongswan.conf | 5 + .../ikev2/multi-level-ca-skipped/posttest.dat | 3 + .../tests/ikev2/multi-level-ca-skipped/pretest.dat | 5 + .../tests/ikev2/multi-level-ca-skipped/test.conf | 21 + testing/tests/ipv6/rw-psk-ikev2/description.txt | 2 +- .../dhcp-dynamic/hosts/moon/etc/iptables.rules | 4 +- testing/tests/swanctl/dhcp-dynamic/posttest.dat | 5 +- 1242 files changed, 5691 insertions(+), 2857 deletions(-) create mode 100644 src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.am create mode 100644 src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.in create mode 100644 src/libcharon/plugins/eap_aka_3gpp/tests/suites/test_vectors.c create mode 100644 src/libcharon/plugins/eap_aka_3gpp/tests/tests.c create mode 100644 src/libcharon/plugins/eap_aka_3gpp/tests/tests.h delete mode 100644 src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-2.swidtag create mode 100644 src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-3.swidtag delete mode 100644 src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-2.swidtag create mode 100644 src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/description.txt create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/evaltest.dat create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.conf create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/certs/carolCert.pem create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/private/carolKey.pem create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.secrets create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/strongswan.conf create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.conf create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/strongswan.conf create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/posttest.dat create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/pretest.dat create mode 100644 testing/tests/ikev2/multi-level-ca-skipped/test.conf (limited to 'src/libcharon') diff --git a/Android.common.mk b/Android.common.mk index 1d3068c14..8999237d9 100644 --- a/Android.common.mk +++ b/Android.common.mk @@ -26,5 +26,5 @@ add_plugin_subdirs = $(if $(call plugin_enabled,$(1)), \ ) # strongSwan version, replaced by top Makefile -strongswan_VERSION := "5.6.2" +strongswan_VERSION := "5.6.3" diff --git a/NEWS b/NEWS index 6a0ae7c4a..c136008b0 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,65 @@ +strongswan-5.6.3 +---------------- + +- Fixed a DoS vulnerability in the IKEv2 key derivation if the openssl plugin is + used in FIPS mode and HMAC-MD5 is negotiated as PRF. + This vulnerability has been registered as CVE-2018-10811. + +- Fixed a vulnerability in the stroke plugin, which did not check the received + length before reading a message from the socket. Unless a group is configured, + root privileges are required to access that socket, so in the default + configuration this shouldn't be an issue. + This vulnerability has been registered as CVE-2018-5388. + +⁻ CRLs that are not yet valid are now ignored to avoid problems in scenarios + where expired certificates are removed from CRLs and the clock on the host + doing the revocation check is trailing behind that of the host issuing CRLs. + +- The issuer of fetched CRLs is now compared to the issuer of the checked + certificate. + +- CRL validation results other than revocation (e.g. a skipped check because + the CRL couldn't be fetched) are now stored also for intermediate CA + certificates and not only for end-entity certificates, so a strict CRL policy + can be enforced in such cases. + +- In compliance with RFC 4945, section 5.1.3.2, certificates used for IKE must + now either not contain a keyUsage extension (like the ones generated by pki) + or have at least one of the digitalSignature or nonRepudiation bits set. + +- New options for vici/swanctl allow forcing the local termination of an IKE_SA. + This might be useful in situations where it's known the other end is not + reachable anymore, or that it already removed the IKE_SA, so retransmitting a + DELETE and waiting for a response would be pointless. Waiting only a certain + amount of time for a response before destroying the IKE_SA is also possible + by additionally specifying a timeout. + +- When removing routes, the kernel-netlink plugin now checks if it tracks other + routes for the same destination and replaces the installed route instead of + just removing it. Same during installation, where existing routes previously + weren't replaced. This should allow using traps with virtual IPs on Linux. + +- The dhcp plugin only sends the client identifier option if identity_lease is + enabled. It can also send identities of up to 255 bytes length, instead of + the previous 64 bytes. If a server address is configured, DHCP requests are + now sent from port 67 instead of 68 to avoid ICMP port unreachables. + +- Roam events are now completely ignored for IKEv1 SAs. + +- ChaCha20/Poly1305 is now correctly proposed without key length. For + compatibility with older releases the chacha20poly1305compat keyword may be + included in proposals to also propose the algorithm with a key length. + +- Configuration of hardware offload of IPsec SAs is now more flexible and allows + a new mode, which automatically uses it if the kernel and device support it. + +- SHA-2 based PRFs are supported in PKCS#8 files as generated by OpenSSL 1.1. + +- The pki --verify tool may load CA certificates and CRLs from directories. + +- Fixed an issue with DNS servers passed to NetworkManager in charon-nm. + + strongswan-5.6.2 ---------------- @@ -2089,7 +2151,7 @@ strongswan-4.2.0 refactored to support modular credential providers, proper CERTREQ/CERT payload exchanges and extensible authorization rules. -- The framework of strongSwan Manager has envolved to the web application +- The framework of strongSwan Manager has evolved to the web application framework libfast (FastCGI Application Server w/ Templates) and is usable by other applications. diff --git a/conf/plugins/dhcp.conf b/conf/plugins/dhcp.conf index b0e8c84c8..88bbe36e3 100644 --- a/conf/plugins/dhcp.conf +++ b/conf/plugins/dhcp.conf @@ -3,7 +3,8 @@ dhcp { # Always use the configured server address. # force_server_address = no - # Derive user-defined MAC address from hash of IKE identity. + # Derive user-defined MAC address from hash of IKE identity and send client + # identity DHCP option. # identity_lease = no # Interface name the plugin uses for address allocation. diff --git a/conf/plugins/dhcp.opt b/conf/plugins/dhcp.opt index 9c7b86091..6b337bc34 100644 --- a/conf/plugins/dhcp.opt +++ b/conf/plugins/dhcp.opt @@ -9,7 +9,8 @@ charon.plugins.dhcp.force_server_address = no 192.168.0.255) as server address might work. charon.plugins.dhcp.identity_lease = no - Derive user-defined MAC address from hash of IKE identity. + Derive user-defined MAC address from hash of IKE identity and send client + identity DHCP option. charon.plugins.dhcp.server = 255.255.255.255 DHCP server unicast or broadcast IP address. diff --git a/conf/plugins/kernel-pfkey.conf b/conf/plugins/kernel-pfkey.conf index 2d4733e74..f4340e7fe 100644 --- a/conf/plugins/kernel-pfkey.conf +++ b/conf/plugins/kernel-pfkey.conf @@ -7,5 +7,8 @@ kernel-pfkey { # priority of this plugin. load = yes + # Whether to use the internal or external interface in installed routes. + # route_via_internal = no + } diff --git a/conf/plugins/kernel-pfkey.opt b/conf/plugins/kernel-pfkey.opt index ec05215d3..0e347bebb 100644 --- a/conf/plugins/kernel-pfkey.opt +++ b/conf/plugins/kernel-pfkey.opt @@ -5,3 +5,13 @@ charon.plugins.kernel-pfkey.events_buffer_size = 0 Because events are received asynchronously installing e.g. lots of policies may require a larger buffer than the default on certain platforms in order to receive all messages. + +charon.plugins.kernel-pfkey.route_via_internal = no + Whether to use the internal or external interface in installed routes. + + Whether to use the internal or external interface in installed routes. + The internal interface is the one where the IP address contained in the + local traffic selector is located, the external interface is the one over + which the destination address of the IPsec tunnel can be reached. + This is not relevant if virtual IPs are used, for which a TUN device is + created that's used in the routes. diff --git a/conf/strongswan.conf.5.main b/conf/strongswan.conf.5.main index 977403e91..f83211805 100644 --- a/conf/strongswan.conf.5.main +++ b/conf/strongswan.conf.5.main @@ -542,7 +542,8 @@ this option to yes and configuring the local broadcast address (e.g. .TP .BR charon.plugins.dhcp.identity_lease " [no]" -Derive user\-defined MAC address from hash of IKE identity. +Derive user\-defined MAC address from hash of IKE identity and send client +identity DHCP option. .TP .BR charon.plugins.dhcp.interface " []" @@ -1106,6 +1107,15 @@ events are received asynchronously installing e.g. lots of policies may require a larger buffer than the default on certain platforms in order to receive all messages. +.TP +.BR charon.plugins.kernel-pfkey.route_via_internal " [no]" +Whether to use the internal or external interface in installed routes. The +internal interface is the one where the IP address contained in the local +traffic selector is located, the external interface is the one over which the +destination address of the IPsec tunnel can be reached. This is not relevant if +virtual IPs are used, for which a TUN device is created that's used in the +routes. + .TP .BR charon.plugins.kernel-pfroute.vip_wait " [1000]" Time in ms to wait until virtual IP addresses appear/disappear before failing. diff --git a/conf/strongswan.conf.5.tail.in b/conf/strongswan.conf.5.tail.in index f428fc323..a93fe020a 100644 --- a/conf/strongswan.conf.5.tail.in +++ b/conf/strongswan.conf.5.tail.in @@ -93,7 +93,7 @@ Absolutely silent Very basic auditing logs, (e.g. SA up/SA down) .TP .B 1 -Generic control flow with errors, a good default to see whats going on +Generic control flow with errors, a good default to see what's going on .TP .B 2 More detailed debugging control flow diff --git a/configure b/configure index 5bee7cea9..581039dbd 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for strongSwan 5.6.2. +# Generated by GNU Autoconf 2.69 for strongSwan 5.6.3. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='strongSwan' PACKAGE_TARNAME='strongswan' -PACKAGE_VERSION='5.6.2' -PACKAGE_STRING='strongSwan 5.6.2' +PACKAGE_VERSION='5.6.3' +PACKAGE_STRING='strongSwan 5.6.3' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -2111,7 +2111,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures strongSwan 5.6.2 to adapt to many kinds of systems. +\`configure' configures strongSwan 5.6.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -2182,7 +2182,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of strongSwan 5.6.2:";; + short | recursive ) echo "Configuration of strongSwan 5.6.3:";; esac cat <<\_ACEOF @@ -2664,7 +2664,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -strongSwan configure 5.6.2 +strongSwan configure 5.6.3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -3186,7 +3186,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by strongSwan $as_me 5.6.2, which was +It was created by strongSwan $as_me 5.6.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -4049,7 +4049,7 @@ fi # Define the identity of the package. PACKAGE='strongswan' - VERSION='5.6.2' + VERSION='5.6.3' cat >>confdefs.h <<_ACEOF @@ -26201,7 +26201,7 @@ fi # build Makefiles # ================= -ac_config_files="$ac_config_files Makefile conf/Makefile fuzz/Makefile man/Makefile init/Makefile init/systemd/Makefile init/systemd-swanctl/Makefile src/Makefile src/include/Makefile src/libstrongswan/Makefile src/libstrongswan/math/libnttfft/Makefile src/libstrongswan/math/libnttfft/tests/Makefile src/libstrongswan/plugins/aes/Makefile src/libstrongswan/plugins/cmac/Makefile src/libstrongswan/plugins/des/Makefile src/libstrongswan/plugins/blowfish/Makefile src/libstrongswan/plugins/rc2/Makefile src/libstrongswan/plugins/md4/Makefile src/libstrongswan/plugins/md5/Makefile src/libstrongswan/plugins/sha1/Makefile src/libstrongswan/plugins/sha2/Makefile src/libstrongswan/plugins/sha3/Makefile src/libstrongswan/plugins/mgf1/Makefile src/libstrongswan/plugins/fips_prf/Makefile src/libstrongswan/plugins/gmp/Makefile src/libstrongswan/plugins/curve25519/Makefile src/libstrongswan/plugins/rdrand/Makefile src/libstrongswan/plugins/aesni/Makefile src/libstrongswan/plugins/random/Makefile src/libstrongswan/plugins/nonce/Makefile src/libstrongswan/plugins/hmac/Makefile src/libstrongswan/plugins/xcbc/Makefile src/libstrongswan/plugins/x509/Makefile src/libstrongswan/plugins/revocation/Makefile src/libstrongswan/plugins/constraints/Makefile src/libstrongswan/plugins/acert/Makefile src/libstrongswan/plugins/pubkey/Makefile src/libstrongswan/plugins/pkcs1/Makefile src/libstrongswan/plugins/pkcs7/Makefile src/libstrongswan/plugins/pkcs8/Makefile src/libstrongswan/plugins/pkcs12/Makefile src/libstrongswan/plugins/pgp/Makefile src/libstrongswan/plugins/dnskey/Makefile src/libstrongswan/plugins/sshkey/Makefile src/libstrongswan/plugins/pem/Makefile src/libstrongswan/plugins/curl/Makefile src/libstrongswan/plugins/files/Makefile src/libstrongswan/plugins/winhttp/Makefile src/libstrongswan/plugins/unbound/Makefile src/libstrongswan/plugins/soup/Makefile src/libstrongswan/plugins/ldap/Makefile src/libstrongswan/plugins/mysql/Makefile src/libstrongswan/plugins/sqlite/Makefile src/libstrongswan/plugins/padlock/Makefile src/libstrongswan/plugins/openssl/Makefile src/libstrongswan/plugins/gcrypt/Makefile src/libstrongswan/plugins/agent/Makefile src/libstrongswan/plugins/keychain/Makefile src/libstrongswan/plugins/pkcs11/Makefile src/libstrongswan/plugins/chapoly/Makefile src/libstrongswan/plugins/ctr/Makefile src/libstrongswan/plugins/ccm/Makefile src/libstrongswan/plugins/gcm/Makefile src/libstrongswan/plugins/af_alg/Makefile src/libstrongswan/plugins/ntru/Makefile src/libstrongswan/plugins/bliss/Makefile src/libstrongswan/plugins/bliss/tests/Makefile src/libstrongswan/plugins/newhope/Makefile src/libstrongswan/plugins/newhope/tests/Makefile src/libstrongswan/plugins/test_vectors/Makefile src/libstrongswan/tests/Makefile src/libipsec/Makefile src/libipsec/tests/Makefile src/libsimaka/Makefile src/libtls/Makefile src/libtls/tests/Makefile src/libradius/Makefile src/libtncif/Makefile src/libtnccs/Makefile src/libtnccs/plugins/tnc_tnccs/Makefile src/libtnccs/plugins/tnc_imc/Makefile src/libtnccs/plugins/tnc_imv/Makefile src/libtnccs/plugins/tnccs_11/Makefile src/libtnccs/plugins/tnccs_20/Makefile src/libtnccs/plugins/tnccs_dynamic/Makefile src/libpttls/Makefile src/libimcv/Makefile src/libimcv/plugins/imc_test/Makefile src/libimcv/plugins/imv_test/Makefile src/libimcv/plugins/imc_scanner/Makefile src/libimcv/plugins/imv_scanner/Makefile src/libimcv/plugins/imc_os/Makefile src/libimcv/plugins/imv_os/Makefile src/libimcv/plugins/imc_attestation/Makefile src/libimcv/plugins/imv_attestation/Makefile src/libimcv/plugins/imc_swid/Makefile src/libimcv/plugins/imv_swid/Makefile src/libimcv/plugins/imc_swima/Makefile src/libimcv/plugins/imv_swima/Makefile src/libimcv/plugins/imc_hcd/Makefile src/libimcv/plugins/imv_hcd/Makefile src/charon/Makefile src/charon-nm/Makefile src/charon-tkm/Makefile src/charon-cmd/Makefile src/charon-svc/Makefile src/charon-systemd/Makefile src/libcharon/Makefile src/libcharon/plugins/eap_aka/Makefile src/libcharon/plugins/eap_aka_3gpp/Makefile src/libcharon/plugins/eap_aka_3gpp2/Makefile src/libcharon/plugins/eap_dynamic/Makefile src/libcharon/plugins/eap_identity/Makefile src/libcharon/plugins/eap_md5/Makefile src/libcharon/plugins/eap_gtc/Makefile src/libcharon/plugins/eap_sim/Makefile src/libcharon/plugins/eap_sim_file/Makefile src/libcharon/plugins/eap_sim_pcsc/Makefile src/libcharon/plugins/eap_simaka_sql/Makefile src/libcharon/plugins/eap_simaka_pseudonym/Makefile src/libcharon/plugins/eap_simaka_reauth/Makefile src/libcharon/plugins/eap_mschapv2/Makefile src/libcharon/plugins/eap_tls/Makefile src/libcharon/plugins/eap_ttls/Makefile src/libcharon/plugins/eap_peap/Makefile src/libcharon/plugins/eap_tnc/Makefile src/libcharon/plugins/eap_radius/Makefile src/libcharon/plugins/xauth_generic/Makefile src/libcharon/plugins/xauth_eap/Makefile src/libcharon/plugins/xauth_pam/Makefile src/libcharon/plugins/xauth_noauth/Makefile src/libcharon/plugins/tnc_ifmap/Makefile src/libcharon/plugins/tnc_pdp/Makefile src/libcharon/plugins/save_keys/Makefile src/libcharon/plugins/socket_default/Makefile src/libcharon/plugins/socket_dynamic/Makefile src/libcharon/plugins/socket_win/Makefile src/libcharon/plugins/bypass_lan/Makefile src/libcharon/plugins/connmark/Makefile src/libcharon/plugins/counters/Makefile src/libcharon/plugins/forecast/Makefile src/libcharon/plugins/farp/Makefile src/libcharon/plugins/smp/Makefile src/libcharon/plugins/sql/Makefile src/libcharon/plugins/dnscert/Makefile src/libcharon/plugins/ipseckey/Makefile src/libcharon/plugins/medsrv/Makefile src/libcharon/plugins/medcli/Makefile src/libcharon/plugins/addrblock/Makefile src/libcharon/plugins/unity/Makefile src/libcharon/plugins/uci/Makefile src/libcharon/plugins/ha/Makefile src/libcharon/plugins/kernel_netlink/Makefile src/libcharon/plugins/kernel_pfkey/Makefile src/libcharon/plugins/kernel_pfroute/Makefile src/libcharon/plugins/kernel_libipsec/Makefile src/libcharon/plugins/kernel_wfp/Makefile src/libcharon/plugins/kernel_iph/Makefile src/libcharon/plugins/whitelist/Makefile src/libcharon/plugins/ext_auth/Makefile src/libcharon/plugins/lookip/Makefile src/libcharon/plugins/error_notify/Makefile src/libcharon/plugins/certexpire/Makefile src/libcharon/plugins/systime_fix/Makefile src/libcharon/plugins/led/Makefile src/libcharon/plugins/duplicheck/Makefile src/libcharon/plugins/coupling/Makefile src/libcharon/plugins/radattr/Makefile src/libcharon/plugins/osx_attr/Makefile src/libcharon/plugins/p_cscf/Makefile src/libcharon/plugins/android_dns/Makefile src/libcharon/plugins/android_log/Makefile src/libcharon/plugins/stroke/Makefile src/libcharon/plugins/vici/Makefile src/libcharon/plugins/vici/ruby/Makefile src/libcharon/plugins/vici/perl/Makefile src/libcharon/plugins/vici/python/Makefile src/libcharon/plugins/updown/Makefile src/libcharon/plugins/dhcp/Makefile src/libcharon/plugins/load_tester/Makefile src/libcharon/plugins/resolve/Makefile src/libcharon/plugins/attr/Makefile src/libcharon/plugins/attr_sql/Makefile src/libcharon/tests/Makefile src/libtpmtss/Makefile src/libtpmtss/plugins/tpm/Makefile src/stroke/Makefile src/ipsec/Makefile src/starter/Makefile src/starter/tests/Makefile src/_updown/Makefile src/_copyright/Makefile src/scepclient/Makefile src/aikgen/Makefile src/tpm_extendpcr/Makefile src/pki/Makefile src/pki/man/Makefile src/pool/Makefile src/dumm/Makefile src/dumm/ext/extconf.rb src/libfast/Makefile src/manager/Makefile src/medsrv/Makefile src/checksum/Makefile src/conftest/Makefile src/pt-tls-client/Makefile src/sw-collector/Makefile src/sec-updater/Makefile src/swanctl/Makefile scripts/Makefile testing/Makefile" +ac_config_files="$ac_config_files Makefile conf/Makefile fuzz/Makefile man/Makefile init/Makefile init/systemd/Makefile init/systemd-swanctl/Makefile src/Makefile src/include/Makefile src/libstrongswan/Makefile src/libstrongswan/math/libnttfft/Makefile src/libstrongswan/math/libnttfft/tests/Makefile src/libstrongswan/plugins/aes/Makefile src/libstrongswan/plugins/cmac/Makefile src/libstrongswan/plugins/des/Makefile src/libstrongswan/plugins/blowfish/Makefile src/libstrongswan/plugins/rc2/Makefile src/libstrongswan/plugins/md4/Makefile src/libstrongswan/plugins/md5/Makefile src/libstrongswan/plugins/sha1/Makefile src/libstrongswan/plugins/sha2/Makefile src/libstrongswan/plugins/sha3/Makefile src/libstrongswan/plugins/mgf1/Makefile src/libstrongswan/plugins/fips_prf/Makefile src/libstrongswan/plugins/gmp/Makefile src/libstrongswan/plugins/curve25519/Makefile src/libstrongswan/plugins/rdrand/Makefile src/libstrongswan/plugins/aesni/Makefile src/libstrongswan/plugins/random/Makefile src/libstrongswan/plugins/nonce/Makefile src/libstrongswan/plugins/hmac/Makefile src/libstrongswan/plugins/xcbc/Makefile src/libstrongswan/plugins/x509/Makefile src/libstrongswan/plugins/revocation/Makefile src/libstrongswan/plugins/constraints/Makefile src/libstrongswan/plugins/acert/Makefile src/libstrongswan/plugins/pubkey/Makefile src/libstrongswan/plugins/pkcs1/Makefile src/libstrongswan/plugins/pkcs7/Makefile src/libstrongswan/plugins/pkcs8/Makefile src/libstrongswan/plugins/pkcs12/Makefile src/libstrongswan/plugins/pgp/Makefile src/libstrongswan/plugins/dnskey/Makefile src/libstrongswan/plugins/sshkey/Makefile src/libstrongswan/plugins/pem/Makefile src/libstrongswan/plugins/curl/Makefile src/libstrongswan/plugins/files/Makefile src/libstrongswan/plugins/winhttp/Makefile src/libstrongswan/plugins/unbound/Makefile src/libstrongswan/plugins/soup/Makefile src/libstrongswan/plugins/ldap/Makefile src/libstrongswan/plugins/mysql/Makefile src/libstrongswan/plugins/sqlite/Makefile src/libstrongswan/plugins/padlock/Makefile src/libstrongswan/plugins/openssl/Makefile src/libstrongswan/plugins/gcrypt/Makefile src/libstrongswan/plugins/agent/Makefile src/libstrongswan/plugins/keychain/Makefile src/libstrongswan/plugins/pkcs11/Makefile src/libstrongswan/plugins/chapoly/Makefile src/libstrongswan/plugins/ctr/Makefile src/libstrongswan/plugins/ccm/Makefile src/libstrongswan/plugins/gcm/Makefile src/libstrongswan/plugins/af_alg/Makefile src/libstrongswan/plugins/ntru/Makefile src/libstrongswan/plugins/bliss/Makefile src/libstrongswan/plugins/bliss/tests/Makefile src/libstrongswan/plugins/newhope/Makefile src/libstrongswan/plugins/newhope/tests/Makefile src/libstrongswan/plugins/test_vectors/Makefile src/libstrongswan/tests/Makefile src/libipsec/Makefile src/libipsec/tests/Makefile src/libsimaka/Makefile src/libtls/Makefile src/libtls/tests/Makefile src/libradius/Makefile src/libtncif/Makefile src/libtnccs/Makefile src/libtnccs/plugins/tnc_tnccs/Makefile src/libtnccs/plugins/tnc_imc/Makefile src/libtnccs/plugins/tnc_imv/Makefile src/libtnccs/plugins/tnccs_11/Makefile src/libtnccs/plugins/tnccs_20/Makefile src/libtnccs/plugins/tnccs_dynamic/Makefile src/libpttls/Makefile src/libimcv/Makefile src/libimcv/plugins/imc_test/Makefile src/libimcv/plugins/imv_test/Makefile src/libimcv/plugins/imc_scanner/Makefile src/libimcv/plugins/imv_scanner/Makefile src/libimcv/plugins/imc_os/Makefile src/libimcv/plugins/imv_os/Makefile src/libimcv/plugins/imc_attestation/Makefile src/libimcv/plugins/imv_attestation/Makefile src/libimcv/plugins/imc_swid/Makefile src/libimcv/plugins/imv_swid/Makefile src/libimcv/plugins/imc_swima/Makefile src/libimcv/plugins/imv_swima/Makefile src/libimcv/plugins/imc_hcd/Makefile src/libimcv/plugins/imv_hcd/Makefile src/charon/Makefile src/charon-nm/Makefile src/charon-tkm/Makefile src/charon-cmd/Makefile src/charon-svc/Makefile src/charon-systemd/Makefile src/libcharon/Makefile src/libcharon/plugins/eap_aka/Makefile src/libcharon/plugins/eap_aka_3gpp/Makefile src/libcharon/plugins/eap_aka_3gpp/tests/Makefile src/libcharon/plugins/eap_aka_3gpp2/Makefile src/libcharon/plugins/eap_dynamic/Makefile src/libcharon/plugins/eap_identity/Makefile src/libcharon/plugins/eap_md5/Makefile src/libcharon/plugins/eap_gtc/Makefile src/libcharon/plugins/eap_sim/Makefile src/libcharon/plugins/eap_sim_file/Makefile src/libcharon/plugins/eap_sim_pcsc/Makefile src/libcharon/plugins/eap_simaka_sql/Makefile src/libcharon/plugins/eap_simaka_pseudonym/Makefile src/libcharon/plugins/eap_simaka_reauth/Makefile src/libcharon/plugins/eap_mschapv2/Makefile src/libcharon/plugins/eap_tls/Makefile src/libcharon/plugins/eap_ttls/Makefile src/libcharon/plugins/eap_peap/Makefile src/libcharon/plugins/eap_tnc/Makefile src/libcharon/plugins/eap_radius/Makefile src/libcharon/plugins/xauth_generic/Makefile src/libcharon/plugins/xauth_eap/Makefile src/libcharon/plugins/xauth_pam/Makefile src/libcharon/plugins/xauth_noauth/Makefile src/libcharon/plugins/tnc_ifmap/Makefile src/libcharon/plugins/tnc_pdp/Makefile src/libcharon/plugins/save_keys/Makefile src/libcharon/plugins/socket_default/Makefile src/libcharon/plugins/socket_dynamic/Makefile src/libcharon/plugins/socket_win/Makefile src/libcharon/plugins/bypass_lan/Makefile src/libcharon/plugins/connmark/Makefile src/libcharon/plugins/counters/Makefile src/libcharon/plugins/forecast/Makefile src/libcharon/plugins/farp/Makefile src/libcharon/plugins/smp/Makefile src/libcharon/plugins/sql/Makefile src/libcharon/plugins/dnscert/Makefile src/libcharon/plugins/ipseckey/Makefile src/libcharon/plugins/medsrv/Makefile src/libcharon/plugins/medcli/Makefile src/libcharon/plugins/addrblock/Makefile src/libcharon/plugins/unity/Makefile src/libcharon/plugins/uci/Makefile src/libcharon/plugins/ha/Makefile src/libcharon/plugins/kernel_netlink/Makefile src/libcharon/plugins/kernel_pfkey/Makefile src/libcharon/plugins/kernel_pfroute/Makefile src/libcharon/plugins/kernel_libipsec/Makefile src/libcharon/plugins/kernel_wfp/Makefile src/libcharon/plugins/kernel_iph/Makefile src/libcharon/plugins/whitelist/Makefile src/libcharon/plugins/ext_auth/Makefile src/libcharon/plugins/lookip/Makefile src/libcharon/plugins/error_notify/Makefile src/libcharon/plugins/certexpire/Makefile src/libcharon/plugins/systime_fix/Makefile src/libcharon/plugins/led/Makefile src/libcharon/plugins/duplicheck/Makefile src/libcharon/plugins/coupling/Makefile src/libcharon/plugins/radattr/Makefile src/libcharon/plugins/osx_attr/Makefile src/libcharon/plugins/p_cscf/Makefile src/libcharon/plugins/android_dns/Makefile src/libcharon/plugins/android_log/Makefile src/libcharon/plugins/stroke/Makefile src/libcharon/plugins/vici/Makefile src/libcharon/plugins/vici/ruby/Makefile src/libcharon/plugins/vici/perl/Makefile src/libcharon/plugins/vici/python/Makefile src/libcharon/plugins/updown/Makefile src/libcharon/plugins/dhcp/Makefile src/libcharon/plugins/load_tester/Makefile src/libcharon/plugins/resolve/Makefile src/libcharon/plugins/attr/Makefile src/libcharon/plugins/attr_sql/Makefile src/libcharon/tests/Makefile src/libtpmtss/Makefile src/libtpmtss/plugins/tpm/Makefile src/stroke/Makefile src/ipsec/Makefile src/starter/Makefile src/starter/tests/Makefile src/_updown/Makefile src/_copyright/Makefile src/scepclient/Makefile src/aikgen/Makefile src/tpm_extendpcr/Makefile src/pki/Makefile src/pki/man/Makefile src/pool/Makefile src/dumm/Makefile src/dumm/ext/extconf.rb src/libfast/Makefile src/manager/Makefile src/medsrv/Makefile src/checksum/Makefile src/conftest/Makefile src/pt-tls-client/Makefile src/sw-collector/Makefile src/sec-updater/Makefile src/swanctl/Makefile scripts/Makefile testing/Makefile" # ================= @@ -27582,7 +27582,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by strongSwan $as_me 5.6.2, which was +This file was extended by strongSwan $as_me 5.6.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -27648,7 +27648,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -strongSwan config.status 5.6.2 +strongSwan config.status 5.6.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -28173,6 +28173,7 @@ do "src/libcharon/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/Makefile" ;; "src/libcharon/plugins/eap_aka/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/plugins/eap_aka/Makefile" ;; "src/libcharon/plugins/eap_aka_3gpp/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/plugins/eap_aka_3gpp/Makefile" ;; + "src/libcharon/plugins/eap_aka_3gpp/tests/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/plugins/eap_aka_3gpp/tests/Makefile" ;; "src/libcharon/plugins/eap_aka_3gpp2/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/plugins/eap_aka_3gpp2/Makefile" ;; "src/libcharon/plugins/eap_dynamic/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/plugins/eap_dynamic/Makefile" ;; "src/libcharon/plugins/eap_identity/Makefile") CONFIG_FILES="$CONFIG_FILES src/libcharon/plugins/eap_identity/Makefile" ;; diff --git a/configure.ac b/configure.ac index ae04fc87c..807f06440 100644 --- a/configure.ac +++ b/configure.ac @@ -19,7 +19,7 @@ # initialize & set some vars # ============================ -AC_INIT([strongSwan],[5.6.2]) +AC_INIT([strongSwan],[5.6.3]) AM_INIT_AUTOMAKE(m4_esyscmd([ echo tar-ustar echo subdir-objects @@ -1908,6 +1908,7 @@ AC_CONFIG_FILES([ src/libcharon/Makefile src/libcharon/plugins/eap_aka/Makefile src/libcharon/plugins/eap_aka_3gpp/Makefile + src/libcharon/plugins/eap_aka_3gpp/tests/Makefile src/libcharon/plugins/eap_aka_3gpp2/Makefile src/libcharon/plugins/eap_dynamic/Makefile src/libcharon/plugins/eap_identity/Makefile diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index bdc3e2ebc..3962896f6 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -8,7 +8,7 @@ fuzz_ldflags = ${libfuzzer} \ -Wl,-Bstatic -lgmp -Wl,-Bdynamic \ @FUZZING_LDFLAGS@ -FUZZ_TARGETS=fuzz_certs +FUZZ_TARGETS=fuzz_certs fuzz_crls all-local: $(FUZZ_TARGETS) @@ -17,6 +17,9 @@ CLEANFILES=$(FUZZ_TARGETS) fuzz_certs: fuzz_certs.c ${libfuzzer} $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) +fuzz_crls: fuzz_crls.c ${libfuzzer} + $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) + noinst_LIBRARIES = libFuzzerLocal.a libFuzzerLocal_a_SOURCES = libFuzzerLocal.c libFuzzerLocal_a_LIBADD = $(top_builddir)/src/libstrongswan/libstrongswan.la diff --git a/fuzz/Makefile.in b/fuzz/Makefile.in index 31b590273..2a69eef19 100644 --- a/fuzz/Makefile.in +++ b/fuzz/Makefile.in @@ -432,7 +432,7 @@ fuzz_ldflags = ${libfuzzer} \ -Wl,-Bstatic -lgmp -Wl,-Bdynamic \ @FUZZING_LDFLAGS@ -FUZZ_TARGETS = fuzz_certs +FUZZ_TARGETS = fuzz_certs fuzz_crls CLEANFILES = $(FUZZ_TARGETS) noinst_LIBRARIES = libFuzzerLocal.a libFuzzerLocal_a_SOURCES = libFuzzerLocal.c @@ -729,6 +729,9 @@ all-local: $(FUZZ_TARGETS) fuzz_certs: fuzz_certs.c ${libfuzzer} $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) +fuzz_crls: fuzz_crls.c ${libfuzzer} + $(CC) $(AM_CPPFLAGS) $(CFLAGS) -o $@ $< $(fuzz_ldflags) + check: all for f in $(FUZZ_TARGETS); do \ corpus=$${f#fuzz_}; \ diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in index eef6efaa0..232408912 100644 --- a/man/ipsec.conf.5.in +++ b/man/ipsec.conf.5.in @@ -538,10 +538,6 @@ The value \fB%forever\fP means 'never give up'. Relevant only locally, other end need not agree on it. .TP -.B keylife -synonym for -.BR lifetime . -.TP .BR left " = | | " %any " | | " The IP address of the left participant's public-network interface or one of several magic values. @@ -1135,10 +1131,6 @@ will suppress randomization. Relevant only locally, other end need not agree on it. Also see EXPIRY/REKEY below. .TP -.B rekeymargin -synonym for -.BR margintime . -.TP .BR replay_window " = " \-1 " | " The IPsec replay window size for this connection. With the default of \-1 the value configured with diff --git a/scripts/aes-test.c b/scripts/aes-test.c index 425a4dc4f..509abe46f 100644 --- a/scripts/aes-test.c +++ b/scripts/aes-test.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/bin2array.c b/scripts/bin2array.c index b82391a12..64f752eaf 100644 --- a/scripts/bin2array.c +++ b/scripts/bin2array.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/bin2sql.c b/scripts/bin2sql.c index 88edb7f7a..17556ca7c 100644 --- a/scripts/bin2sql.c +++ b/scripts/bin2sql.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/dh_speed.c b/scripts/dh_speed.c index c2cac0260..f2f98d7af 100644 --- a/scripts/dh_speed.c +++ b/scripts/dh_speed.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/dnssec.c b/scripts/dnssec.c index 9d35c7cda..9efc79dbf 100644 --- a/scripts/dnssec.c +++ b/scripts/dnssec.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/id2sql.c b/scripts/id2sql.c index 0742c1c71..a4035cf25 100644 --- a/scripts/id2sql.c +++ b/scripts/id2sql.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/key2keyid.c b/scripts/key2keyid.c index e9a4ee692..d0cfb8e2d 100644 --- a/scripts/key2keyid.c +++ b/scripts/key2keyid.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/keyid2sql.c b/scripts/keyid2sql.c index 46257891c..a0ae28d0b 100644 --- a/scripts/keyid2sql.c +++ b/scripts/keyid2sql.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/pubkey_speed.c b/scripts/pubkey_speed.c index 2928772b8..83ab4e41b 100644 --- a/scripts/pubkey_speed.c +++ b/scripts/pubkey_speed.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/settings-test.c b/scripts/settings-test.c index 452798aee..2169552ac 100644 --- a/scripts/settings-test.c +++ b/scripts/settings-test.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/scripts/thread_analysis.c b/scripts/thread_analysis.c index 7670ce1f8..2861431ef 100644 --- a/scripts/thread_analysis.c +++ b/scripts/thread_analysis.c @@ -1,7 +1,7 @@ /* Analyzes the concurrent use of charon's threads * * Copyright (C) 2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/_updown/_updown.in b/src/_updown/_updown.in index e549e9597..5f709637e 100644 --- a/src/_updown/_updown.in +++ b/src/_updown/_updown.in @@ -215,10 +215,6 @@ then fi fi -# resolve octal escape sequences -PLUTO_MY_ID=`printf "$PLUTO_MY_ID"` -PLUTO_PEER_ID=`printf "$PLUTO_PEER_ID"` - case "$PLUTO_VERB:$1" in up-host:) # connection to me coming up diff --git a/src/charon-cmd/charon-cmd.c b/src/charon-cmd/charon-cmd.c index 793496451..1293ec4c0 100644 --- a/src/charon-cmd/charon-cmd.c +++ b/src/charon-cmd/charon-cmd.c @@ -3,7 +3,7 @@ * Copyright (C) 2005-2013 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c index 71df92f7e..1cf431ff2 100644 --- a/src/charon-cmd/cmd/cmd_connection.c +++ b/src/charon-cmd/cmd/cmd_connection.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/charon-cmd/cmd/cmd_creds.c b/src/charon-cmd/cmd/cmd_creds.c index 45d008e7b..b440cf877 100644 --- a/src/charon-cmd/cmd/cmd_creds.c +++ b/src/charon-cmd/cmd/cmd_creds.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/charon-cmd/cmd/cmd_options.c b/src/charon-cmd/cmd/cmd_options.c index 5428941ff..3d734679b 100644 --- a/src/charon-cmd/cmd/cmd_options.c +++ b/src/charon-cmd/cmd/cmd_options.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/charon-cmd/cmd/cmd_options.h b/src/charon-cmd/cmd/cmd_options.h index aa13b0951..794136dfb 100644 --- a/src/charon-cmd/cmd/cmd_options.h +++ b/src/charon-cmd/cmd/cmd_options.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/charon-nm/charon-nm.c b/src/charon-nm/charon-nm.c index 89aa34d98..52012e24e 100644 --- a/src/charon-nm/charon-nm.c +++ b/src/charon-nm/charon-nm.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_backend.c b/src/charon-nm/nm/nm_backend.c index e4845e745..75db8c6b3 100644 --- a/src/charon-nm/nm/nm_backend.c +++ b/src/charon-nm/nm/nm_backend.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_backend.h b/src/charon-nm/nm/nm_backend.h index 89dc536f6..cbc14a091 100644 --- a/src/charon-nm/nm/nm_backend.h +++ b/src/charon-nm/nm/nm_backend.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_creds.c b/src/charon-nm/nm/nm_creds.c index e70fd9e89..2c05ab881 100644 --- a/src/charon-nm/nm/nm_creds.c +++ b/src/charon-nm/nm/nm_creds.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_creds.h b/src/charon-nm/nm/nm_creds.h index 91f645c7e..71729fef6 100644 --- a/src/charon-nm/nm/nm_creds.h +++ b/src/charon-nm/nm/nm_creds.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_handler.c b/src/charon-nm/nm/nm_handler.c index 3eb2eb13c..aa7bb5b8c 100644 --- a/src/charon-nm/nm/nm_handler.c +++ b/src/charon-nm/nm/nm_handler.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_handler.h b/src/charon-nm/nm/nm_handler.h index bb35ce767..f4103e67e 100644 --- a/src/charon-nm/nm/nm_handler.h +++ b/src/charon-nm/nm/nm_handler.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-nm/nm/nm_service.c b/src/charon-nm/nm/nm_service.c index 9beac392a..a12f008a7 100644 --- a/src/charon-nm/nm/nm_service.c +++ b/src/charon-nm/nm/nm_service.c @@ -3,7 +3,7 @@ * * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -65,8 +65,7 @@ static GVariant* handler_to_variant(nm_handler_t *handler, enumerator = handler->create_enumerator(handler, type); while (enumerator->enumerate(enumerator, &chunk)) { - g_variant_builder_add (&builder, "u", - g_variant_new_uint32 (*(uint32_t*)chunk.ptr)); + g_variant_builder_add (&builder, "u", *(uint32_t*)chunk.ptr); } enumerator->destroy(enumerator); @@ -493,7 +492,7 @@ static gboolean connect_(NMVpnServicePlugin *plugin, NMConnection *connection, priv->creds->set_key_password(priv->creds, secret); } private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, - KEY_RSA, BUILD_FROM_FILE, str, BUILD_END); + KEY_ANY, BUILD_FROM_FILE, str, BUILD_END); if (!private) { g_set_error(err, NM_VPN_PLUGIN_ERROR, @@ -742,7 +741,7 @@ static gboolean do_disconnect(gpointer plugin) { id = ike_sa->get_unique_id(ike_sa); enumerator->destroy(enumerator); - charon->controller->terminate_ike(charon->controller, id, + charon->controller->terminate_ike(charon->controller, id, FALSE, controller_cb_empty, NULL, 0); return FALSE; } diff --git a/src/charon-nm/nm/nm_service.h b/src/charon-nm/nm/nm_service.h index 74ab38b03..669209935 100644 --- a/src/charon-nm/nm/nm_service.h +++ b/src/charon-nm/nm/nm_service.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-systemd/charon-systemd.c b/src/charon-systemd/charon-systemd.c index 60e509ffb..5a1970b92 100644 --- a/src/charon-systemd/charon-systemd.c +++ b/src/charon-systemd/charon-systemd.c @@ -3,7 +3,7 @@ * Copyright (C) 2005-2014 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2014 revosec AG * * This program is free software; you can redistribute it and/or modify it diff --git a/src/charon-tkm/src/charon-tkm.c b/src/charon-tkm/src/charon-tkm.c index 7f014237a..181c6fb8a 100644 --- a/src/charon-tkm/src/charon-tkm.c +++ b/src/charon-tkm/src/charon-tkm.c @@ -193,7 +193,7 @@ static bool check_pidfile() } fclose(pidfile); pidfile = NULL; - if (pid && kill(pid, 0) == 0) + if (pid && pid != getpid() && kill(pid, 0) == 0) { DBG1(DBG_DMN, "%s already running ('%s' exists)", dmn_name, pidfile_name); diff --git a/src/charon-tkm/src/ees/ees_callbacks.c b/src/charon-tkm/src/ees/ees_callbacks.c index a36629b13..863f618bc 100644 --- a/src/charon-tkm/src/ees/ees_callbacks.c +++ b/src/charon-tkm/src/ees/ees_callbacks.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ees/ees_callbacks.h b/src/charon-tkm/src/ees/ees_callbacks.h index b73dc6cb5..6488c57ae 100644 --- a/src/charon-tkm/src/ees/ees_callbacks.h +++ b/src/charon-tkm/src/ees/ees_callbacks.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ees/esa_event_service.adb b/src/charon-tkm/src/ees/esa_event_service.adb index 6b6b3f743..323a64cb1 100644 --- a/src/charon-tkm/src/ees/esa_event_service.adb +++ b/src/charon-tkm/src/ees/esa_event_service.adb @@ -1,7 +1,7 @@ -- -- Copyright (C) 2012 Reto Buerki -- Copyright (C) 2012 Adrian-Ken Rueegsegger --- Hochschule fuer Technik Rapperswil +-- HSR Hochschule fuer Technik Rapperswil -- -- This program is free software; you can redistribute it and/or modify it -- under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ees/esa_event_service.ads b/src/charon-tkm/src/ees/esa_event_service.ads index f3630b7ac..cfcf6e2b6 100644 --- a/src/charon-tkm/src/ees/esa_event_service.ads +++ b/src/charon-tkm/src/ees/esa_event_service.ads @@ -1,7 +1,7 @@ -- -- Copyright (C) 2012 Reto Buerki -- Copyright (C) 2012 Adrian-Ken Rueegsegger --- Hochschule fuer Technik Rapperswil +-- HSR Hochschule fuer Technik Rapperswil -- -- This program is free software; you can redistribute it and/or modify it -- under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ehandler/eh_callbacks.c b/src/charon-tkm/src/ehandler/eh_callbacks.c index 7dca97c3e..f1ae15660 100644 --- a/src/charon-tkm/src/ehandler/eh_callbacks.c +++ b/src/charon-tkm/src/ehandler/eh_callbacks.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ehandler/eh_callbacks.h b/src/charon-tkm/src/ehandler/eh_callbacks.h index db325dcd2..9bc849889 100644 --- a/src/charon-tkm/src/ehandler/eh_callbacks.h +++ b/src/charon-tkm/src/ehandler/eh_callbacks.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ehandler/exception_handler.adb b/src/charon-tkm/src/ehandler/exception_handler.adb index 3f165e1cd..ff568a700 100644 --- a/src/charon-tkm/src/ehandler/exception_handler.adb +++ b/src/charon-tkm/src/ehandler/exception_handler.adb @@ -1,7 +1,7 @@ -- -- Copyright (C) 2012 Reto Buerki -- Copyright (C) 2012 Adrian-Ken Rueegsegger --- Hochschule fuer Technik Rapperswil +-- HSR Hochschule fuer Technik Rapperswil -- -- This program is free software; you can redistribute it and/or modify it -- under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/ehandler/exception_handler.ads b/src/charon-tkm/src/ehandler/exception_handler.ads index 29dd3d8f4..ec47aa72c 100644 --- a/src/charon-tkm/src/ehandler/exception_handler.ads +++ b/src/charon-tkm/src/ehandler/exception_handler.ads @@ -1,7 +1,7 @@ -- -- Copyright (C) 2012 Reto Buerki -- Copyright (C) 2012 Adrian-Ken Rueegsegger --- Hochschule fuer Technik Rapperswil +-- HSR Hochschule fuer Technik Rapperswil -- -- This program is free software; you can redistribute it and/or modify it -- under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm.c b/src/charon-tkm/src/tkm/tkm.c index 333b699a0..7ffe614cf 100644 --- a/src/charon-tkm/src/tkm/tkm.c +++ b/src/charon-tkm/src/tkm/tkm.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm.h b/src/charon-tkm/src/tkm/tkm.h index 4aed08602..70a6b806a 100644 --- a/src/charon-tkm/src/tkm/tkm.h +++ b/src/charon-tkm/src/tkm/tkm.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_chunk_map.c b/src/charon-tkm/src/tkm/tkm_chunk_map.c index 03ff22836..1d073ae45 100644 --- a/src/charon-tkm/src/tkm/tkm_chunk_map.c +++ b/src/charon-tkm/src/tkm/tkm_chunk_map.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_chunk_map.h b/src/charon-tkm/src/tkm/tkm_chunk_map.h index c183937c1..a2864f07a 100644 --- a/src/charon-tkm/src/tkm/tkm_chunk_map.h +++ b/src/charon-tkm/src/tkm/tkm_chunk_map.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_cred.c b/src/charon-tkm/src/tkm/tkm_cred.c index d9517f908..e358042fd 100644 --- a/src/charon-tkm/src/tkm/tkm_cred.c +++ b/src/charon-tkm/src/tkm/tkm_cred.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_cred.h b/src/charon-tkm/src/tkm/tkm_cred.h index 1cfb5b9c7..52cb42247 100644 --- a/src/charon-tkm/src/tkm/tkm_cred.h +++ b/src/charon-tkm/src/tkm/tkm_cred.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c index 48d0001ce..41b557edc 100644 --- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c +++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.h b/src/charon-tkm/src/tkm/tkm_diffie_hellman.h index d38a414d8..19de7c874 100644 --- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.h +++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_encoder.c b/src/charon-tkm/src/tkm/tkm_encoder.c index d5367ea78..e5ec84e44 100644 --- a/src/charon-tkm/src/tkm/tkm_encoder.c +++ b/src/charon-tkm/src/tkm/tkm_encoder.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Reto Buerki * Copyright (C) 2013 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_encoder.h b/src/charon-tkm/src/tkm/tkm_encoder.h index 7c6a4989d..c41bea1f7 100644 --- a/src/charon-tkm/src/tkm/tkm_encoder.h +++ b/src/charon-tkm/src/tkm/tkm_encoder.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Reto Buerki * Copyright (C) 2013 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_id_manager.c b/src/charon-tkm/src/tkm/tkm_id_manager.c index 9a2ede03e..76677c38c 100644 --- a/src/charon-tkm/src/tkm/tkm_id_manager.c +++ b/src/charon-tkm/src/tkm/tkm_id_manager.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_id_manager.h b/src/charon-tkm/src/tkm/tkm_id_manager.h index 1c48b57f1..2c1abb9ee 100644 --- a/src/charon-tkm/src/tkm/tkm_id_manager.h +++ b/src/charon-tkm/src/tkm/tkm_id_manager.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.h b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.h index 14db21266..702d8f8ab 100644 --- a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.h +++ b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_kernel_sad.c b/src/charon-tkm/src/tkm/tkm_kernel_sad.c index acc3ff10a..9f1e96d29 100644 --- a/src/charon-tkm/src/tkm/tkm_kernel_sad.c +++ b/src/charon-tkm/src/tkm/tkm_kernel_sad.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_kernel_sad.h b/src/charon-tkm/src/tkm/tkm_kernel_sad.h index 3d9f5f3f8..bf4a2f2be 100644 --- a/src/charon-tkm/src/tkm/tkm_kernel_sad.h +++ b/src/charon-tkm/src/tkm/tkm_kernel_sad.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c index ac38078d7..71ad821dd 100644 --- a/src/charon-tkm/src/tkm/tkm_keymat.c +++ b/src/charon-tkm/src/tkm/tkm_keymat.c @@ -2,7 +2,7 @@ * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_keymat.h b/src/charon-tkm/src/tkm/tkm_keymat.h index ee90bead5..1aaaf0426 100644 --- a/src/charon-tkm/src/tkm/tkm_keymat.h +++ b/src/charon-tkm/src/tkm/tkm_keymat.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_listener.c b/src/charon-tkm/src/tkm/tkm_listener.c index 290b00e37..bb4fd2798 100644 --- a/src/charon-tkm/src/tkm/tkm_listener.c +++ b/src/charon-tkm/src/tkm/tkm_listener.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_listener.h b/src/charon-tkm/src/tkm/tkm_listener.h index 1162a77be..ea8770baa 100644 --- a/src/charon-tkm/src/tkm/tkm_listener.h +++ b/src/charon-tkm/src/tkm/tkm_listener.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_nonceg.c b/src/charon-tkm/src/tkm/tkm_nonceg.c index 2b3e66d2d..ed525ee29 100644 --- a/src/charon-tkm/src/tkm/tkm_nonceg.c +++ b/src/charon-tkm/src/tkm/tkm_nonceg.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_nonceg.h b/src/charon-tkm/src/tkm/tkm_nonceg.h index d158551fe..0fb165ff7 100644 --- a/src/charon-tkm/src/tkm/tkm_nonceg.h +++ b/src/charon-tkm/src/tkm/tkm_nonceg.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_private_key.c b/src/charon-tkm/src/tkm/tkm_private_key.c index 891b579ee..0ef3a103c 100644 --- a/src/charon-tkm/src/tkm/tkm_private_key.c +++ b/src/charon-tkm/src/tkm/tkm_private_key.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2013 Reto Buerki * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_private_key.h b/src/charon-tkm/src/tkm/tkm_private_key.h index ded8300ca..db4b3fe46 100644 --- a/src/charon-tkm/src/tkm/tkm_private_key.h +++ b/src/charon-tkm/src/tkm/tkm_private_key.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_public_key.c b/src/charon-tkm/src/tkm/tkm_public_key.c index 2a14a9bdd..5a49b4511 100644 --- a/src/charon-tkm/src/tkm/tkm_public_key.c +++ b/src/charon-tkm/src/tkm/tkm_public_key.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2013 Reto Buerki * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_public_key.h b/src/charon-tkm/src/tkm/tkm_public_key.h index 5b21287b7..c13d9e509 100644 --- a/src/charon-tkm/src/tkm/tkm_public_key.h +++ b/src/charon-tkm/src/tkm/tkm_public_key.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2013 Reto Buerki * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_spi_generator.c b/src/charon-tkm/src/tkm/tkm_spi_generator.c index b9ce83727..ff4d86c2e 100644 --- a/src/charon-tkm/src/tkm/tkm_spi_generator.c +++ b/src/charon-tkm/src/tkm/tkm_spi_generator.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Reto Buerki * Copyright (C) 2015 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_spi_generator.h b/src/charon-tkm/src/tkm/tkm_spi_generator.h index 5f9ff03c6..08eff4aef 100644 --- a/src/charon-tkm/src/tkm/tkm_spi_generator.h +++ b/src/charon-tkm/src/tkm/tkm_spi_generator.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Reto Buerki * Copyright (C) 2015 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_types.h b/src/charon-tkm/src/tkm/tkm_types.h index cef53deb3..46551b14e 100644 --- a/src/charon-tkm/src/tkm/tkm_types.h +++ b/src/charon-tkm/src/tkm/tkm_types.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_utils.c b/src/charon-tkm/src/tkm/tkm_utils.c index e0692b893..196e1c4fa 100644 --- a/src/charon-tkm/src/tkm/tkm_utils.c +++ b/src/charon-tkm/src/tkm/tkm_utils.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/src/tkm/tkm_utils.h b/src/charon-tkm/src/tkm/tkm_utils.h index 308c58fbb..b499dcf5b 100644 --- a/src/charon-tkm/src/tkm/tkm_utils.h +++ b/src/charon-tkm/src/tkm/tkm_utils.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/chunk_map_tests.c b/src/charon-tkm/tests/chunk_map_tests.c index 1283a787c..2a129ff08 100644 --- a/src/charon-tkm/tests/chunk_map_tests.c +++ b/src/charon-tkm/tests/chunk_map_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/diffie_hellman_tests.c b/src/charon-tkm/tests/diffie_hellman_tests.c index 5ef6f41ab..67313e63a 100644 --- a/src/charon-tkm/tests/diffie_hellman_tests.c +++ b/src/charon-tkm/tests/diffie_hellman_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/id_manager_tests.c b/src/charon-tkm/tests/id_manager_tests.c index fb5e56a05..2200c9898 100644 --- a/src/charon-tkm/tests/id_manager_tests.c +++ b/src/charon-tkm/tests/id_manager_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/kernel_sad_tests.c b/src/charon-tkm/tests/kernel_sad_tests.c index 59ff77b68..04eeb037f 100644 --- a/src/charon-tkm/tests/kernel_sad_tests.c +++ b/src/charon-tkm/tests/kernel_sad_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/keymat_tests.c b/src/charon-tkm/tests/keymat_tests.c index d4751f7d0..eea589c09 100644 --- a/src/charon-tkm/tests/keymat_tests.c +++ b/src/charon-tkm/tests/keymat_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/nonceg_tests.c b/src/charon-tkm/tests/nonceg_tests.c index 67c1635ef..bea11cc19 100644 --- a/src/charon-tkm/tests/nonceg_tests.c +++ b/src/charon-tkm/tests/nonceg_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/tests.c b/src/charon-tkm/tests/tests.c index 3d57599d9..150a6d437 100644 --- a/src/charon-tkm/tests/tests.c +++ b/src/charon-tkm/tests/tests.c @@ -2,7 +2,7 @@ * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2012-2014 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/tests.h b/src/charon-tkm/tests/tests.h index fb5e96a9c..0214a413e 100644 --- a/src/charon-tkm/tests/tests.h +++ b/src/charon-tkm/tests/tests.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon-tkm/tests/utils_tests.c b/src/charon-tkm/tests/utils_tests.c index 0a4d6fbd2..a8a905272 100644 --- a/src/charon-tkm/tests/utils_tests.c +++ b/src/charon-tkm/tests/utils_tests.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/charon/charon.c b/src/charon/charon.c index f23717034..180486746 100644 --- a/src/charon/charon.c +++ b/src/charon/charon.c @@ -204,7 +204,7 @@ static bool check_pidfile() } fclose(pidfile); pidfile = NULL; - if (pid && kill(pid, 0) == 0) + if (pid && pid != getpid() && kill(pid, 0) == 0) { DBG1(DBG_DMN, "charon already running ('"PID_FILE"' exists)"); return TRUE; @@ -231,9 +231,15 @@ static bool check_pidfile() DBG1(DBG_LIB, "setting FD_CLOEXEC for '"PID_FILE"' failed: %s", strerror(errno)); } - ignore_result(fchown(fd, - lib->caps->get_uid(lib->caps), - lib->caps->get_gid(lib->caps))); + /* Only fchown() the pidfile if we have CAP_CHOWN. Otherwise, + * directory permissions should allow pidfile to be accessed + * by the UID/GID under which the charon daemon will run. */ + if (lib->caps->check(lib->caps, CAP_CHOWN)) + { + ignore_result(fchown(fd, + lib->caps->get_uid(lib->caps), + lib->caps->get_gid(lib->caps))); + } fprintf(pidfile, "%d\n", getpid()); fflush(pidfile); return FALSE; diff --git a/src/checksum/checksum_builder.c b/src/checksum/checksum_builder.c index a36014634..167b0c1c0 100644 --- a/src/checksum/checksum_builder.c +++ b/src/checksum/checksum_builder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/conftest/actions.c b/src/conftest/actions.c index 36c3c8e74..66e41f743 100644 --- a/src/conftest/actions.c +++ b/src/conftest/actions.c @@ -209,7 +209,8 @@ static job_requeue_t close_ike(char *config) if (id) { DBG1(DBG_CFG, "closing IKE_SA '%s'", config); - charon->controller->terminate_ike(charon->controller, id, NULL, NULL, 0); + charon->controller->terminate_ike(charon->controller, id, FALSE, NULL, + NULL, 0); } else { diff --git a/src/dumm/bridge.c b/src/dumm/bridge.c index c76b3acda..536e27515 100644 --- a/src/dumm/bridge.c +++ b/src/dumm/bridge.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/bridge.h b/src/dumm/bridge.h index 9d48092df..5069cfd1b 100644 --- a/src/dumm/bridge.h +++ b/src/dumm/bridge.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/cowfs.c b/src/dumm/cowfs.c index 5332ba551..ac581fed1 100644 --- a/src/dumm/cowfs.c +++ b/src/dumm/cowfs.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2001-2007 Miklos Szeredi * * Based on example shipped with FUSE. diff --git a/src/dumm/cowfs.h b/src/dumm/cowfs.h index 6869e3563..9a596de2e 100644 --- a/src/dumm/cowfs.h +++ b/src/dumm/cowfs.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/dumm.c b/src/dumm/dumm.c index d147b2df0..e24671330 100644 --- a/src/dumm/dumm.c +++ b/src/dumm/dumm.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/dumm.h b/src/dumm/dumm.h index 7c7923c46..921d2157f 100644 --- a/src/dumm/dumm.h +++ b/src/dumm/dumm.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/ext/dumm.c b/src/dumm/ext/dumm.c index b898a2564..7df72eb30 100644 --- a/src/dumm/ext/dumm.c +++ b/src/dumm/ext/dumm.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2010 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/ext/lib/dumm.rb b/src/dumm/ext/lib/dumm.rb index 959ec87df..0dd7ada10 100644 --- a/src/dumm/ext/lib/dumm.rb +++ b/src/dumm/ext/lib/dumm.rb @@ -1,6 +1,6 @@ =begin Copyright (C) 2008-2009 Tobias Brunner - Hochschule fuer Technik Rapperswil + HSR Hochschule fuer Technik Rapperswil This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the diff --git a/src/dumm/ext/lib/dumm/guest.rb b/src/dumm/ext/lib/dumm/guest.rb index 7488f1358..6978edcb3 100644 --- a/src/dumm/ext/lib/dumm/guest.rb +++ b/src/dumm/ext/lib/dumm/guest.rb @@ -1,6 +1,6 @@ =begin Copyright (C) 2008-2010 Tobias Brunner - Hochschule fuer Technik Rapperswil + HSR Hochschule fuer Technik Rapperswil This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the diff --git a/src/dumm/guest.c b/src/dumm/guest.c index 8e74ca629..327b86c63 100644 --- a/src/dumm/guest.c +++ b/src/dumm/guest.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/guest.h b/src/dumm/guest.h index 36a69681d..14c7272d0 100644 --- a/src/dumm/guest.h +++ b/src/dumm/guest.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/iface.c b/src/dumm/iface.c index 3e7b010b3..3642ed8a2 100644 --- a/src/dumm/iface.c +++ b/src/dumm/iface.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2002 Jeff Dike * * Based on the "tunctl" utility from Jeff Dike. diff --git a/src/dumm/iface.h b/src/dumm/iface.h index ae886acc3..e6e8775a0 100644 --- a/src/dumm/iface.h +++ b/src/dumm/iface.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/irdumm.c b/src/dumm/irdumm.c index 1a4235c9d..eb61da2c2 100644 --- a/src/dumm/irdumm.c +++ b/src/dumm/irdumm.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/main.c b/src/dumm/main.c index a53e1f67c..1b5bef736 100644 --- a/src/dumm/main.c +++ b/src/dumm/main.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/dumm/mconsole.c b/src/dumm/mconsole.c index 4563d6f9e..3e31bc694 100644 --- a/src/dumm/mconsole.c +++ b/src/dumm/mconsole.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2001-2004 Jeff Dike * * Based on the "uml_mconsole" utility from Jeff Dike. diff --git a/src/dumm/mconsole.h b/src/dumm/mconsole.h index 9fa2755ef..2b8a1cdff 100644 --- a/src/dumm/mconsole.h +++ b/src/dumm/mconsole.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/ipsec/_ipsec.8 b/src/ipsec/_ipsec.8 index 4028096f0..3f72d52ee 100644 --- a/src/ipsec/_ipsec.8 +++ b/src/ipsec/_ipsec.8 @@ -1,4 +1,4 @@ -.TH IPSEC 8 "2013-10-29" "5.6.2dr3" "strongSwan" +.TH IPSEC 8 "2013-10-29" "5.6.3dr1" "strongSwan" . .SH NAME . diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am index 25ac7972c..15ac7a6d1 100644 --- a/src/libcharon/Makefile.am +++ b/src/libcharon/Makefile.am @@ -736,4 +736,12 @@ endif if MONOLITHIC SUBDIRS += . endif + +# build unit tests +################## + SUBDIRS += tests + +if USE_EAP_AKA_3GPP + SUBDIRS += plugins/eap_aka_3gpp/tests +endif diff --git a/src/libcharon/Makefile.in b/src/libcharon/Makefile.in index 6c39317fa..6cd1130f1 100644 --- a/src/libcharon/Makefile.in +++ b/src/libcharon/Makefile.in @@ -301,6 +301,7 @@ host_triplet = @host@ @MONOLITHIC_TRUE@@USE_ATTR_TRUE@am__append_151 = plugins/attr/libstrongswan-attr.la @USE_ATTR_SQL_TRUE@am__append_152 = plugins/attr_sql @MONOLITHIC_TRUE@@USE_ATTR_SQL_TRUE@am__append_153 = plugins/attr_sql/libstrongswan-attr-sql.la +@USE_EAP_AKA_3GPP_TRUE@am__append_154 = plugins/eap_aka_3gpp/tests subdir = src/libcharon ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ @@ -769,7 +770,7 @@ DIST_SUBDIRS = . plugins/load_tester plugins/save_keys \ plugins/coupling plugins/radattr plugins/uci plugins/addrblock \ plugins/unity plugins/xauth_generic plugins/xauth_eap \ plugins/xauth_pam plugins/xauth_noauth plugins/resolve \ - plugins/attr plugins/attr_sql tests + plugins/attr plugins/attr_sql tests plugins/eap_aka_3gpp/tests am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) am__relativize = \ @@ -1185,6 +1186,9 @@ libcharon_la_LIBADD = \ EXTRA_DIST = Android.mk @STATIC_PLUGIN_CONSTRUCTORS_TRUE@BUILT_SOURCES = $(srcdir)/plugin_constructors.c @STATIC_PLUGIN_CONSTRUCTORS_TRUE@CLEANFILES = $(srcdir)/plugin_constructors.c + +# build unit tests +################## @MONOLITHIC_FALSE@SUBDIRS = . $(am__append_6) $(am__append_8) \ @MONOLITHIC_FALSE@ $(am__append_10) $(am__append_12) \ @MONOLITHIC_FALSE@ $(am__append_14) $(am__append_16) \ @@ -1220,10 +1224,14 @@ EXTRA_DIST = Android.mk @MONOLITHIC_FALSE@ $(am__append_138) $(am__append_140) \ @MONOLITHIC_FALSE@ $(am__append_142) $(am__append_144) \ @MONOLITHIC_FALSE@ $(am__append_146) $(am__append_148) \ -@MONOLITHIC_FALSE@ $(am__append_150) $(am__append_152) tests +@MONOLITHIC_FALSE@ $(am__append_150) $(am__append_152) tests \ +@MONOLITHIC_FALSE@ $(am__append_154) # build optional plugins ######################## + +# build unit tests +################## @MONOLITHIC_TRUE@SUBDIRS = $(am__append_6) $(am__append_8) \ @MONOLITHIC_TRUE@ $(am__append_10) $(am__append_12) \ @MONOLITHIC_TRUE@ $(am__append_14) $(am__append_16) \ @@ -1259,7 +1267,8 @@ EXTRA_DIST = Android.mk @MONOLITHIC_TRUE@ $(am__append_138) $(am__append_140) \ @MONOLITHIC_TRUE@ $(am__append_142) $(am__append_144) \ @MONOLITHIC_TRUE@ $(am__append_146) $(am__append_148) \ -@MONOLITHIC_TRUE@ $(am__append_150) $(am__append_152) . tests +@MONOLITHIC_TRUE@ $(am__append_150) $(am__append_152) . tests \ +@MONOLITHIC_TRUE@ $(am__append_154) all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-recursive diff --git a/src/libcharon/attributes/attribute_handler.h b/src/libcharon/attributes/attribute_handler.h index 3c14323a3..cc09befe8 100644 --- a/src/libcharon/attributes/attribute_handler.h +++ b/src/libcharon/attributes/attribute_handler.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/attribute_manager.c b/src/libcharon/attributes/attribute_manager.c index 3a4a21a02..7e82c0c95 100644 --- a/src/libcharon/attributes/attribute_manager.c +++ b/src/libcharon/attributes/attribute_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/attribute_manager.h b/src/libcharon/attributes/attribute_manager.h index 6db664968..5368a8b83 100644 --- a/src/libcharon/attributes/attribute_manager.h +++ b/src/libcharon/attributes/attribute_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/attribute_provider.h b/src/libcharon/attributes/attribute_provider.h index 57453c2a0..a107a2bd0 100644 --- a/src/libcharon/attributes/attribute_provider.h +++ b/src/libcharon/attributes/attribute_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/attributes.c b/src/libcharon/attributes/attributes.c index 0f28d55fa..d31b62c26 100644 --- a/src/libcharon/attributes/attributes.c +++ b/src/libcharon/attributes/attributes.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/attributes.h b/src/libcharon/attributes/attributes.h index dd1db4fc3..119143a55 100644 --- a/src/libcharon/attributes/attributes.h +++ b/src/libcharon/attributes/attributes.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/mem_pool.c b/src/libcharon/attributes/mem_pool.c index e1a9a6dce..6acf490be 100644 --- a/src/libcharon/attributes/mem_pool.c +++ b/src/libcharon/attributes/mem_pool.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2008-2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/attributes/mem_pool.h b/src/libcharon/attributes/mem_pool.h index 3ee1dd37d..06acbf8f8 100644 --- a/src/libcharon/attributes/mem_pool.h +++ b/src/libcharon/attributes/mem_pool.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/bus.c b/src/libcharon/bus/bus.c index 19943d060..f4c01c22e 100644 --- a/src/libcharon/bus/bus.c +++ b/src/libcharon/bus/bus.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2011-2016 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -827,7 +827,8 @@ METHOD(bus_t, ike_updown, void, enumerator = ike_sa->create_child_sa_enumerator(ike_sa); while (enumerator->enumerate(enumerator, (void**)&child_sa)) { - if (child_sa->get_state(child_sa) != CHILD_REKEYED) + if (child_sa->get_state(child_sa) != CHILD_REKEYED && + child_sa->get_state(child_sa) != CHILD_DELETED) { child_updown(this, child_sa, FALSE); } diff --git a/src/libcharon/bus/bus.h b/src/libcharon/bus/bus.h index 1e810a499..df75683be 100644 --- a/src/libcharon/bus/bus.h +++ b/src/libcharon/bus/bus.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2016 Tobias Brunner * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/listeners/file_logger.c b/src/libcharon/bus/listeners/file_logger.c index 7a53e9338..d1f180227 100644 --- a/src/libcharon/bus/listeners/file_logger.c +++ b/src/libcharon/bus/listeners/file_logger.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2015 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/listeners/file_logger.h b/src/libcharon/bus/listeners/file_logger.h index 1bcfec150..85260b132 100644 --- a/src/libcharon/bus/listeners/file_logger.h +++ b/src/libcharon/bus/listeners/file_logger.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2015 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/listeners/listener.h b/src/libcharon/bus/listeners/listener.h index be0dfbe21..06057eb73 100644 --- a/src/libcharon/bus/listeners/listener.h +++ b/src/libcharon/bus/listeners/listener.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2011-2016 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/listeners/logger.h b/src/libcharon/bus/listeners/logger.h index d5432d3a8..7b5c1d21c 100644 --- a/src/libcharon/bus/listeners/logger.h +++ b/src/libcharon/bus/listeners/logger.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/listeners/sys_logger.c b/src/libcharon/bus/listeners/sys_logger.c index 4aeb1c048..a3968a7f9 100644 --- a/src/libcharon/bus/listeners/sys_logger.c +++ b/src/libcharon/bus/listeners/sys_logger.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/bus/listeners/sys_logger.h b/src/libcharon/bus/listeners/sys_logger.h index 9a0fee018..28afe05ee 100644 --- a/src/libcharon/bus/listeners/sys_logger.h +++ b/src/libcharon/bus/listeners/sys_logger.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/config/backend.h b/src/libcharon/config/backend.h index aca3352ba..eab7583fa 100644 --- a/src/libcharon/config/backend.h +++ b/src/libcharon/config/backend.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/config/backend_manager.c b/src/libcharon/config/backend_manager.c index 4f154df9b..02a41a5b3 100644 --- a/src/libcharon/config/backend_manager.c +++ b/src/libcharon/config/backend_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/config/backend_manager.h b/src/libcharon/config/backend_manager.h index cc8ef8785..8ec79ce28 100644 --- a/src/libcharon/config/backend_manager.h +++ b/src/libcharon/config/backend_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/config/child_cfg.c b/src/libcharon/config/child_cfg.c index 3d110e9a2..bc417f936 100644 --- a/src/libcharon/config/child_cfg.c +++ b/src/libcharon/config/child_cfg.c @@ -142,6 +142,11 @@ struct private_child_cfg_t { * anti-replay window size */ uint32_t replay_window; + + /** + * HW offload mode + */ + hw_offload_t hw_offload; }; METHOD(child_cfg_t, get_name, char*, @@ -467,6 +472,12 @@ METHOD(child_cfg_t, get_start_action, action_t, return this->start_action; } +METHOD(child_cfg_t, get_hw_offload, hw_offload_t, + private_child_cfg_t *this) +{ + return this->hw_offload; +} + METHOD(child_cfg_t, get_dpd_action, action_t, private_child_cfg_t *this) { @@ -652,6 +663,7 @@ child_cfg_t *child_cfg_create(char *name, child_cfg_create_t *data) .equals = _equals, .get_ref = _get_ref, .destroy = _destroy, + .get_hw_offload = _get_hw_offload, }, .name = strdup(name), .options = data->options, @@ -674,6 +686,7 @@ child_cfg_t *child_cfg_create(char *name, child_cfg_create_t *data) .other_ts = linked_list_create(), .replay_window = lib->settings->get_int(lib->settings, "%s.replay_window", DEFAULT_REPLAY_WINDOW, lib->ns), + .hw_offload = data->hw_offload, ); return &this->public; diff --git a/src/libcharon/config/child_cfg.h b/src/libcharon/config/child_cfg.h index e2834fa8f..d566da3ec 100644 --- a/src/libcharon/config/child_cfg.h +++ b/src/libcharon/config/child_cfg.h @@ -182,6 +182,13 @@ struct child_cfg_t { */ action_t (*get_dpd_action) (child_cfg_t *this); + /** + * Get the HW offload mode to use for the CHILD_SA. + * + * @return hw offload mode + */ + hw_offload_t (*get_hw_offload) (child_cfg_t *this); + /** * Action to take if CHILD_SA gets closed. * @@ -305,14 +312,11 @@ enum child_cfg_option_t { /** Install outbound FWD IPsec policies to bypass drop policies */ OPT_FWD_OUT_POLICIES = (1<<4), - /** Enable hardware offload, if supported by the IPsec backend */ - OPT_HW_OFFLOAD = (1<<5), - /** Force 96-bit truncation for SHA-256 */ - OPT_SHA256_96 = (1<<6), + OPT_SHA256_96 = (1<<5), /** Set mark on inbound SAs */ - OPT_MARK_IN_SA = (1<<7), + OPT_MARK_IN_SA = (1<<6), }; /** @@ -347,6 +351,8 @@ struct child_cfg_create_t { action_t close_action; /** updown script to execute on up/down event (cloned) */ char *updown; + /** HW offload mode */ + hw_offload_t hw_offload; }; /** diff --git a/src/libcharon/config/ike_cfg.c b/src/libcharon/config/ike_cfg.c index 64413204b..a73a5b5e2 100644 --- a/src/libcharon/config/ike_cfg.c +++ b/src/libcharon/config/ike_cfg.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2017 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/config/ike_cfg.h b/src/libcharon/config/ike_cfg.h index 81f2b6906..ac2deef70 100644 --- a/src/libcharon/config/ike_cfg.h +++ b/src/libcharon/config/ike_cfg.h @@ -2,7 +2,7 @@ * Copyright (C) 2012-2017 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c index 44a4d0aa8..589c536d2 100644 --- a/src/libcharon/control/controller.c +++ b/src/libcharon/control/controller.c @@ -2,7 +2,7 @@ * Copyright (C) 2011-2015 Tobias Brunner * Copyright (C) 2007-2011 Martin Willi * Copyright (C) 2011 revosec AG - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -117,10 +117,17 @@ struct interface_listener_t { */ spinlock_t *lock; - /** - * whether to check limits - */ - bool limits; + union { + /** + * whether to check limits during initiation + */ + bool limits; + + /** + * whether to force termination + */ + bool force; + } options; }; @@ -363,7 +370,7 @@ METHOD(listener_t, child_state_change_terminate, bool, case CHILD_DESTROYING: switch (child_sa->get_state(child_sa)) { - case CHILD_DELETING: + case CHILD_DELETED: /* proper delete */ this->status = SUCCESS; break; @@ -423,7 +430,7 @@ METHOD(job_t, initiate_execute, job_requeue_t, } peer_cfg->destroy(peer_cfg); - if (listener->limits && ike_sa->get_state(ike_sa) == IKE_CREATED) + if (listener->options.limits && ike_sa->get_state(ike_sa) == IKE_CREATED) { /* only check if we are not reusing an IKE_SA */ u_int half_open, limit_half_open, limit_job_load; @@ -508,7 +515,7 @@ METHOD(controller_t, initiate, status_t, .child_cfg = child_cfg, .peer_cfg = peer_cfg, .lock = spinlock_create(), - .limits = limits, + .options.limits = limits, }, .public = { .execute = _initiate_execute, @@ -557,8 +564,8 @@ METHOD(job_t, terminate_ike_execute, job_requeue_t, listener->ike_sa = ike_sa; listener->lock->unlock(listener->lock); - if (ike_sa->delete(ike_sa) != DESTROY_ME) - { /* delete failed */ + if (ike_sa->delete(ike_sa, listener->options.force) != DESTROY_ME) + { /* delete queued */ listener->status = FAILED; charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); } @@ -575,7 +582,7 @@ METHOD(job_t, terminate_ike_execute, job_requeue_t, } METHOD(controller_t, terminate_ike, status_t, - controller_t *this, uint32_t unique_id, + controller_t *this, uint32_t unique_id, bool force, controller_cb_t callback, void *param, u_int timeout) { interface_job_t *job; @@ -610,13 +617,24 @@ METHOD(controller_t, terminate_ike, status_t, if (callback == NULL) { + job->listener.options.force = force; terminate_ike_execute(job); } else { + if (!timeout) + { + job->listener.options.force = force; + } if (wait_for_listener(job, timeout)) { job->listener.status = OUT_OF_RES; + + if (force) + { /* force termination once timeout is reached */ + job->listener.options.force = TRUE; + terminate_ike_execute(job); + } } } status = job->listener.status; @@ -646,17 +664,6 @@ METHOD(job_t, terminate_child_execute, job_requeue_t, listener->ike_sa = ike_sa; listener->lock->unlock(listener->lock); - if (child_sa->get_state(child_sa) == CHILD_ROUTED) - { - DBG1(DBG_IKE, "unable to terminate, established " - "CHILD_SA with ID %d not found", id); - charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); - listener->status = NOT_FOUND; - /* release listener */ - listener_done(listener); - return JOB_REQUEUE_NONE; - } - if (ike_sa->delete_child_sa(ike_sa, child_sa->get_protocol(child_sa), child_sa->get_spi(child_sa, TRUE), FALSE) != DESTROY_ME) { diff --git a/src/libcharon/control/controller.h b/src/libcharon/control/controller.h index 9524f53b9..af9baca01 100644 --- a/src/libcharon/control/controller.h +++ b/src/libcharon/control/controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -102,6 +102,11 @@ struct controller_t { * until the IKE_SA is properly deleted, or the call timed out. * * @param unique_id unique id of the IKE_SA to terminate. + * @param force whether to immediately destroy the IKE_SA without + * waiting for a response or retransmitting the delete, + * if a callback is provided and timeout is > 0 the + * IKE_SA is destroyed once the timeout is reached but + * retransmits are sent until then * @param cb logging callback * @param param parameter to include in each call of cb * @param timeout timeout in ms to wait for callbacks, 0 to disable @@ -112,7 +117,7 @@ struct controller_t { * - OUT_OF_RES if timed out */ status_t (*terminate_ike)(controller_t *this, uint32_t unique_id, - controller_cb_t callback, void *param, + bool force, controller_cb_t callback, void *param, u_int timeout); /** diff --git a/src/libcharon/daemon.h b/src/libcharon/daemon.h index a37a3148a..db87c7093 100644 --- a/src/libcharon/daemon.h +++ b/src/libcharon/daemon.h @@ -3,7 +3,7 @@ * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/generator.c b/src/libcharon/encoding/generator.c index dee1a3f73..369519b67 100644 --- a/src/libcharon/encoding/generator.c +++ b/src/libcharon/encoding/generator.c @@ -2,7 +2,7 @@ * Copyright (C) 2011 Tobias Brunner * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/generator.h b/src/libcharon/encoding/generator.h index 9c7fe8979..63d55f4ee 100644 --- a/src/libcharon/encoding/generator.h +++ b/src/libcharon/encoding/generator.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 735526e3c..1b8cd76f4 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -4,7 +4,7 @@ * Copyright (C) 2010 revosec AG * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/message.h b/src/libcharon/encoding/message.h index 732fd9b54..10ffbed56 100644 --- a/src/libcharon/encoding/message.h +++ b/src/libcharon/encoding/message.h @@ -3,7 +3,7 @@ * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/parser.c b/src/libcharon/encoding/parser.c index c9d6b0d8f..9169ba202 100644 --- a/src/libcharon/encoding/parser.c +++ b/src/libcharon/encoding/parser.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/parser.h b/src/libcharon/encoding/parser.h index 8f073556e..140a3c4aa 100644 --- a/src/libcharon/encoding/parser.h +++ b/src/libcharon/encoding/parser.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/auth_payload.c b/src/libcharon/encoding/payloads/auth_payload.c index 9d03bb694..c7c1576bc 100644 --- a/src/libcharon/encoding/payloads/auth_payload.c +++ b/src/libcharon/encoding/payloads/auth_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/auth_payload.h b/src/libcharon/encoding/payloads/auth_payload.h index b922d12c8..a90717df2 100644 --- a/src/libcharon/encoding/payloads/auth_payload.h +++ b/src/libcharon/encoding/payloads/auth_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/cert_payload.c b/src/libcharon/encoding/payloads/cert_payload.c index ea25ca73c..ca8c98592 100644 --- a/src/libcharon/encoding/payloads/cert_payload.c +++ b/src/libcharon/encoding/payloads/cert_payload.c @@ -3,7 +3,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/cert_payload.h b/src/libcharon/encoding/payloads/cert_payload.h index e134aac8d..72ce4c1c6 100644 --- a/src/libcharon/encoding/payloads/cert_payload.h +++ b/src/libcharon/encoding/payloads/cert_payload.h @@ -2,7 +2,7 @@ * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/certreq_payload.c b/src/libcharon/encoding/payloads/certreq_payload.c index 643fbc42f..79a830881 100644 --- a/src/libcharon/encoding/payloads/certreq_payload.c +++ b/src/libcharon/encoding/payloads/certreq_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/certreq_payload.h b/src/libcharon/encoding/payloads/certreq_payload.h index 2915decf3..fce1470ba 100644 --- a/src/libcharon/encoding/payloads/certreq_payload.h +++ b/src/libcharon/encoding/payloads/certreq_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index 32e4828ba..a23ad148e 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/configuration_attribute.h b/src/libcharon/encoding/payloads/configuration_attribute.h index 417ba731b..78dc65893 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.h +++ b/src/libcharon/encoding/payloads/configuration_attribute.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/cp_payload.c b/src/libcharon/encoding/payloads/cp_payload.c index d86693ee2..16d72f096 100644 --- a/src/libcharon/encoding/payloads/cp_payload.c +++ b/src/libcharon/encoding/payloads/cp_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/cp_payload.h b/src/libcharon/encoding/payloads/cp_payload.h index 3e4763fb6..122dc4f83 100644 --- a/src/libcharon/encoding/payloads/cp_payload.h +++ b/src/libcharon/encoding/payloads/cp_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 3634cd36c..30faceaba 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -3,7 +3,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/delete_payload.h b/src/libcharon/encoding/payloads/delete_payload.h index 06ed76c2e..c96d63740 100644 --- a/src/libcharon/encoding/payloads/delete_payload.h +++ b/src/libcharon/encoding/payloads/delete_payload.h @@ -2,7 +2,7 @@ * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/eap_payload.c b/src/libcharon/encoding/payloads/eap_payload.c index cbf74eb73..c2900aa4e 100644 --- a/src/libcharon/encoding/payloads/eap_payload.c +++ b/src/libcharon/encoding/payloads/eap_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/eap_payload.h b/src/libcharon/encoding/payloads/eap_payload.h index abaefde28..da8a9466a 100644 --- a/src/libcharon/encoding/payloads/eap_payload.h +++ b/src/libcharon/encoding/payloads/eap_payload.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/encodings.c b/src/libcharon/encoding/payloads/encodings.c index 62de81120..e81122e87 100644 --- a/src/libcharon/encoding/payloads/encodings.c +++ b/src/libcharon/encoding/payloads/encodings.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/encodings.h b/src/libcharon/encoding/payloads/encodings.h index 9ff23753a..daa179530 100644 --- a/src/libcharon/encoding/payloads/encodings.h +++ b/src/libcharon/encoding/payloads/encodings.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/encrypted_fragment_payload.h b/src/libcharon/encoding/payloads/encrypted_fragment_payload.h index 6ff61dd65..7988000e8 100644 --- a/src/libcharon/encoding/payloads/encrypted_fragment_payload.h +++ b/src/libcharon/encoding/payloads/encrypted_fragment_payload.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/encrypted_payload.c b/src/libcharon/encoding/payloads/encrypted_payload.c index a033f6081..4f4b1d1d6 100644 --- a/src/libcharon/encoding/payloads/encrypted_payload.c +++ b/src/libcharon/encoding/payloads/encrypted_payload.c @@ -3,7 +3,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/encrypted_payload.h b/src/libcharon/encoding/payloads/encrypted_payload.h index 19c60c5be..72a256553 100644 --- a/src/libcharon/encoding/payloads/encrypted_payload.h +++ b/src/libcharon/encoding/payloads/encrypted_payload.h @@ -3,7 +3,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/endpoint_notify.c b/src/libcharon/encoding/payloads/endpoint_notify.c index afeee72e4..63d7a6dbc 100644 --- a/src/libcharon/encoding/payloads/endpoint_notify.c +++ b/src/libcharon/encoding/payloads/endpoint_notify.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/endpoint_notify.h b/src/libcharon/encoding/payloads/endpoint_notify.h index f4cf89fd7..fbc97724f 100644 --- a/src/libcharon/encoding/payloads/endpoint_notify.h +++ b/src/libcharon/encoding/payloads/endpoint_notify.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/fragment_payload.c b/src/libcharon/encoding/payloads/fragment_payload.c index fecd05f05..567cd4749 100644 --- a/src/libcharon/encoding/payloads/fragment_payload.c +++ b/src/libcharon/encoding/payloads/fragment_payload.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/fragment_payload.h b/src/libcharon/encoding/payloads/fragment_payload.h index a756601a0..fa53e04ac 100644 --- a/src/libcharon/encoding/payloads/fragment_payload.h +++ b/src/libcharon/encoding/payloads/fragment_payload.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/id_payload.c b/src/libcharon/encoding/payloads/id_payload.c index ae0b19a9d..b2f1adbbc 100644 --- a/src/libcharon/encoding/payloads/id_payload.c +++ b/src/libcharon/encoding/payloads/id_payload.c @@ -3,7 +3,7 @@ * Copyright (C) 2010 revosec AG * Copyright (C) 2007-2011 Tobias Brunner * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/id_payload.h b/src/libcharon/encoding/payloads/id_payload.h index df1d07553..283780624 100644 --- a/src/libcharon/encoding/payloads/id_payload.h +++ b/src/libcharon/encoding/payloads/id_payload.h @@ -2,7 +2,7 @@ * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/ike_header.c b/src/libcharon/encoding/payloads/ike_header.c index 61a0424e3..6a39dc892 100644 --- a/src/libcharon/encoding/payloads/ike_header.c +++ b/src/libcharon/encoding/payloads/ike_header.c @@ -2,7 +2,7 @@ * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/ike_header.h b/src/libcharon/encoding/payloads/ike_header.h index fa89c3939..b7694b5cb 100644 --- a/src/libcharon/encoding/payloads/ike_header.h +++ b/src/libcharon/encoding/payloads/ike_header.h @@ -2,7 +2,7 @@ * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2011 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/ke_payload.c b/src/libcharon/encoding/payloads/ke_payload.c index 37f3adf88..59e8930c1 100644 --- a/src/libcharon/encoding/payloads/ke_payload.c +++ b/src/libcharon/encoding/payloads/ke_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/ke_payload.h b/src/libcharon/encoding/payloads/ke_payload.h index 96c5096a5..71fffc744 100644 --- a/src/libcharon/encoding/payloads/ke_payload.h +++ b/src/libcharon/encoding/payloads/ke_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/nonce_payload.c b/src/libcharon/encoding/payloads/nonce_payload.c index 52b09b663..c3816603a 100644 --- a/src/libcharon/encoding/payloads/nonce_payload.c +++ b/src/libcharon/encoding/payloads/nonce_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/nonce_payload.h b/src/libcharon/encoding/payloads/nonce_payload.h index ee8ad17f7..89fa62f15 100644 --- a/src/libcharon/encoding/payloads/nonce_payload.h +++ b/src/libcharon/encoding/payloads/nonce_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/notify_payload.c b/src/libcharon/encoding/payloads/notify_payload.c index ca7ef3a45..0c6f010b5 100644 --- a/src/libcharon/encoding/payloads/notify_payload.c +++ b/src/libcharon/encoding/payloads/notify_payload.c @@ -4,7 +4,7 @@ * Copyright (C) 2006-2008 Tobias Brunner * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/notify_payload.h b/src/libcharon/encoding/payloads/notify_payload.h index 04160bbfc..39e4c915b 100644 --- a/src/libcharon/encoding/payloads/notify_payload.h +++ b/src/libcharon/encoding/payloads/notify_payload.h @@ -3,7 +3,7 @@ * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/payload.c b/src/libcharon/encoding/payloads/payload.c index 6d1894edb..e2a56f9ff 100644 --- a/src/libcharon/encoding/payloads/payload.c +++ b/src/libcharon/encoding/payloads/payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/payload.h b/src/libcharon/encoding/payloads/payload.h index 8ba1ef9f5..261fcf600 100644 --- a/src/libcharon/encoding/payloads/payload.h +++ b/src/libcharon/encoding/payloads/payload.h @@ -2,7 +2,7 @@ * Copyright (C) 2007-2015 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/proposal_substructure.c b/src/libcharon/encoding/payloads/proposal_substructure.c index c3f06391a..415417566 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.c +++ b/src/libcharon/encoding/payloads/proposal_substructure.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2014 Tobias Brunner * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index cad597e58..be7da840a 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/sa_payload.c b/src/libcharon/encoding/payloads/sa_payload.c index 9c0b071da..5f0ffd326 100644 --- a/src/libcharon/encoding/payloads/sa_payload.c +++ b/src/libcharon/encoding/payloads/sa_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2014 Tobias Brunner * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/sa_payload.h b/src/libcharon/encoding/payloads/sa_payload.h index f01c45130..d6c73009e 100644 --- a/src/libcharon/encoding/payloads/sa_payload.h +++ b/src/libcharon/encoding/payloads/sa_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/traffic_selector_substructure.c b/src/libcharon/encoding/payloads/traffic_selector_substructure.c index f69fee3ae..febf0c410 100644 --- a/src/libcharon/encoding/payloads/traffic_selector_substructure.c +++ b/src/libcharon/encoding/payloads/traffic_selector_substructure.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/traffic_selector_substructure.h b/src/libcharon/encoding/payloads/traffic_selector_substructure.h index c7a54435b..5901103ff 100644 --- a/src/libcharon/encoding/payloads/traffic_selector_substructure.h +++ b/src/libcharon/encoding/payloads/traffic_selector_substructure.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/transform_attribute.c b/src/libcharon/encoding/payloads/transform_attribute.c index 860607faf..c74bacff1 100644 --- a/src/libcharon/encoding/payloads/transform_attribute.c +++ b/src/libcharon/encoding/payloads/transform_attribute.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h index 2e86a409c..c2d7c5b3f 100644 --- a/src/libcharon/encoding/payloads/transform_attribute.h +++ b/src/libcharon/encoding/payloads/transform_attribute.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/transform_substructure.c b/src/libcharon/encoding/payloads/transform_substructure.c index 11e4b462d..96aebe601 100644 --- a/src/libcharon/encoding/payloads/transform_substructure.c +++ b/src/libcharon/encoding/payloads/transform_substructure.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/transform_substructure.h b/src/libcharon/encoding/payloads/transform_substructure.h index a9d4f9f7d..5bbc80a81 100644 --- a/src/libcharon/encoding/payloads/transform_substructure.h +++ b/src/libcharon/encoding/payloads/transform_substructure.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/ts_payload.c b/src/libcharon/encoding/payloads/ts_payload.c index 0b2d4de57..2862b6acf 100644 --- a/src/libcharon/encoding/payloads/ts_payload.c +++ b/src/libcharon/encoding/payloads/ts_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/ts_payload.h b/src/libcharon/encoding/payloads/ts_payload.h index 933245c62..8b7824849 100644 --- a/src/libcharon/encoding/payloads/ts_payload.h +++ b/src/libcharon/encoding/payloads/ts_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/unknown_payload.c b/src/libcharon/encoding/payloads/unknown_payload.c index adbf2c8f2..b3f82d079 100644 --- a/src/libcharon/encoding/payloads/unknown_payload.c +++ b/src/libcharon/encoding/payloads/unknown_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/unknown_payload.h b/src/libcharon/encoding/payloads/unknown_payload.h index 09341bcc7..74c17cd87 100644 --- a/src/libcharon/encoding/payloads/unknown_payload.h +++ b/src/libcharon/encoding/payloads/unknown_payload.h @@ -2,7 +2,7 @@ * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/vendor_id_payload.c b/src/libcharon/encoding/payloads/vendor_id_payload.c index 7db9a69d3..c96b62ece 100644 --- a/src/libcharon/encoding/payloads/vendor_id_payload.c +++ b/src/libcharon/encoding/payloads/vendor_id_payload.c @@ -2,7 +2,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/encoding/payloads/vendor_id_payload.h b/src/libcharon/encoding/payloads/vendor_id_payload.h index 42c31f921..92097b0e8 100644 --- a/src/libcharon/encoding/payloads/vendor_id_payload.h +++ b/src/libcharon/encoding/payloads/vendor_id_payload.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/kernel/kernel_handler.c b/src/libcharon/kernel/kernel_handler.c index 71121908b..006304d5e 100644 --- a/src/libcharon/kernel/kernel_handler.c +++ b/src/libcharon/kernel/kernel_handler.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/kernel/kernel_handler.h b/src/libcharon/kernel/kernel_handler.h index f1fa0bdfc..7e54f1111 100644 --- a/src/libcharon/kernel/kernel_handler.h +++ b/src/libcharon/kernel/kernel_handler.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/kernel/kernel_ipsec.c b/src/libcharon/kernel/kernel_ipsec.c index 0440f11bb..0d79d228e 100644 --- a/src/libcharon/kernel/kernel_ipsec.c +++ b/src/libcharon/kernel/kernel_ipsec.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/kernel/kernel_ipsec.h b/src/libcharon/kernel/kernel_ipsec.h index b75304031..94b9c284b 100644 --- a/src/libcharon/kernel/kernel_ipsec.h +++ b/src/libcharon/kernel/kernel_ipsec.h @@ -91,8 +91,8 @@ struct kernel_ipsec_add_sa_t { uint16_t cpi; /** TRUE to enable UDP encapsulation for NAT traversal */ bool encap; - /** TRUE to enable hardware offloading if available */ - bool hw_offload; + /** no (disabled), yes (enabled), auto (enabled if supported) */ + hw_offload_t hw_offload; /** TRUE to use Extended Sequence Numbers */ bool esn; /** TRUE if initiator of the exchange creating the SA */ diff --git a/src/libcharon/kernel/kernel_listener.h b/src/libcharon/kernel/kernel_listener.h index aaeb4f5b7..b790ed1ee 100644 --- a/src/libcharon/kernel/kernel_listener.h +++ b/src/libcharon/kernel/kernel_listener.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/network/receiver.c b/src/libcharon/network/receiver.c index 8fb48281f..4c72b5609 100644 --- a/src/libcharon/network/receiver.c +++ b/src/libcharon/network/receiver.c @@ -2,7 +2,7 @@ * Copyright (C) 2008-2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/network/receiver.h b/src/libcharon/network/receiver.h index 58bfe4a96..25d6e1f7b 100644 --- a/src/libcharon/network/receiver.h +++ b/src/libcharon/network/receiver.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/network/sender.c b/src/libcharon/network/sender.c index bed4f35ce..04cd4dc01 100644 --- a/src/libcharon/network/sender.c +++ b/src/libcharon/network/sender.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/network/sender.h b/src/libcharon/network/sender.h index 080559b89..bd90a4426 100644 --- a/src/libcharon/network/sender.h +++ b/src/libcharon/network/sender.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/network/socket.h b/src/libcharon/network/socket.h index b084d96a2..e8ee5e347 100644 --- a/src/libcharon/network/socket.h +++ b/src/libcharon/network/socket.h @@ -3,7 +3,7 @@ * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/network/socket_manager.c b/src/libcharon/network/socket_manager.c index 564608d77..0a7ac9d11 100644 --- a/src/libcharon/network/socket_manager.c +++ b/src/libcharon/network/socket_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * diff --git a/src/libcharon/network/socket_manager.h b/src/libcharon/network/socket_manager.h index cde7859c2..38baaea91 100644 --- a/src/libcharon/network/socket_manager.h +++ b/src/libcharon/network/socket_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * diff --git a/src/libcharon/plugins/addrblock/addrblock_narrow.c b/src/libcharon/plugins/addrblock/addrblock_narrow.c index 3b3b72ff8..8dfad7da7 100644 --- a/src/libcharon/plugins/addrblock/addrblock_narrow.c +++ b/src/libcharon/plugins/addrblock/addrblock_narrow.c @@ -2,7 +2,7 @@ * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/addrblock/addrblock_validator.c b/src/libcharon/plugins/addrblock/addrblock_validator.c index 78e377c2a..c5b634b02 100644 --- a/src/libcharon/plugins/addrblock/addrblock_validator.c +++ b/src/libcharon/plugins/addrblock/addrblock_validator.c @@ -1,6 +1,9 @@ /* - * Copyright (C) 2010 Martin Willi, revosec AG - * Copyright (C) 2009 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2010 Martin Willi + * Copyright (C) 2010 revosec AG + * + * Copyright (C) 2009 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_dns/android_dns_handler.c b/src/libcharon/plugins/android_dns/android_dns_handler.c index 68bbaecb2..500a44667 100644 --- a/src/libcharon/plugins/android_dns/android_dns_handler.c +++ b/src/libcharon/plugins/android_dns/android_dns_handler.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010-2013 Tobias Brunner * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_dns/android_dns_handler.h b/src/libcharon/plugins/android_dns/android_dns_handler.h index d7b089dca..7344576af 100644 --- a/src/libcharon/plugins/android_dns/android_dns_handler.h +++ b/src/libcharon/plugins/android_dns/android_dns_handler.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2010-2011 Tobias Brunner * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_dns/android_dns_plugin.c b/src/libcharon/plugins/android_dns/android_dns_plugin.c index 9b6ec0dba..083060556 100644 --- a/src/libcharon/plugins/android_dns/android_dns_plugin.c +++ b/src/libcharon/plugins/android_dns/android_dns_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_dns/android_dns_plugin.h b/src/libcharon/plugins/android_dns/android_dns_plugin.h index e9e57dc24..6716ac718 100644 --- a/src/libcharon/plugins/android_dns/android_dns_plugin.h +++ b/src/libcharon/plugins/android_dns/android_dns_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_log/android_log_logger.c b/src/libcharon/plugins/android_log/android_log_logger.c index 99eb66bb1..a771ef504 100644 --- a/src/libcharon/plugins/android_log/android_log_logger.c +++ b/src/libcharon/plugins/android_log/android_log_logger.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_log/android_log_logger.h b/src/libcharon/plugins/android_log/android_log_logger.h index ed271bf6c..8ae032d9e 100644 --- a/src/libcharon/plugins/android_log/android_log_logger.h +++ b/src/libcharon/plugins/android_log/android_log_logger.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_log/android_log_plugin.c b/src/libcharon/plugins/android_log/android_log_plugin.c index 515917a22..faab918e2 100644 --- a/src/libcharon/plugins/android_log/android_log_plugin.c +++ b/src/libcharon/plugins/android_log/android_log_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/android_log/android_log_plugin.h b/src/libcharon/plugins/android_log/android_log_plugin.h index 32c4dc10b..c5d98517e 100644 --- a/src/libcharon/plugins/android_log/android_log_plugin.h +++ b/src/libcharon/plugins/android_log/android_log_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr/attr_plugin.c b/src/libcharon/plugins/attr/attr_plugin.c index 9b15c3cc9..407a39ac7 100644 --- a/src/libcharon/plugins/attr/attr_plugin.c +++ b/src/libcharon/plugins/attr/attr_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr/attr_plugin.h b/src/libcharon/plugins/attr/attr_plugin.h index 0c6eebfa7..c9ba73893 100644 --- a/src/libcharon/plugins/attr/attr_plugin.h +++ b/src/libcharon/plugins/attr/attr_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr/attr_provider.c b/src/libcharon/plugins/attr/attr_provider.c index 3310f79fd..7e0f1b787 100644 --- a/src/libcharon/plugins/attr/attr_provider.c +++ b/src/libcharon/plugins/attr/attr_provider.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr/attr_provider.h b/src/libcharon/plugins/attr/attr_provider.h index 17db30408..d2ee6b952 100644 --- a/src/libcharon/plugins/attr/attr_provider.h +++ b/src/libcharon/plugins/attr/attr_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr_sql/attr_sql_plugin.c b/src/libcharon/plugins/attr_sql/attr_sql_plugin.c index 908877514..eb5f018fd 100644 --- a/src/libcharon/plugins/attr_sql/attr_sql_plugin.c +++ b/src/libcharon/plugins/attr_sql/attr_sql_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr_sql/attr_sql_plugin.h b/src/libcharon/plugins/attr_sql/attr_sql_plugin.h index b6b04ccc0..3444d33e5 100644 --- a/src/libcharon/plugins/attr_sql/attr_sql_plugin.h +++ b/src/libcharon/plugins/attr_sql/attr_sql_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr_sql/attr_sql_provider.c b/src/libcharon/plugins/attr_sql/attr_sql_provider.c index 33d9f99fc..f6e1c75e4 100644 --- a/src/libcharon/plugins/attr_sql/attr_sql_provider.c +++ b/src/libcharon/plugins/attr_sql/attr_sql_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/attr_sql/attr_sql_provider.h b/src/libcharon/plugins/attr_sql/attr_sql_provider.h index a9b037bf5..43eb70951 100644 --- a/src/libcharon/plugins/attr_sql/attr_sql_provider.h +++ b/src/libcharon/plugins/attr_sql/attr_sql_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/connmark/connmark_listener.c b/src/libcharon/plugins/connmark/connmark_listener.c index 29f7cac42..7d23f1a23 100644 --- a/src/libcharon/plugins/connmark/connmark_listener.c +++ b/src/libcharon/plugins/connmark/connmark_listener.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG diff --git a/src/libcharon/plugins/dhcp/dhcp_plugin.c b/src/libcharon/plugins/dhcp/dhcp_plugin.c index 642e28afc..976de6b54 100644 --- a/src/libcharon/plugins/dhcp/dhcp_plugin.c +++ b/src/libcharon/plugins/dhcp/dhcp_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libcharon/plugins/dhcp/dhcp_socket.c b/src/libcharon/plugins/dhcp/dhcp_socket.c index 7541c3b49..c26fcc920 100644 --- a/src/libcharon/plugins/dhcp/dhcp_socket.c +++ b/src/libcharon/plugins/dhcp/dhcp_socket.c @@ -1,4 +1,7 @@ /* + * Copyright (C) 2012-2018 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * @@ -157,7 +160,7 @@ typedef struct __attribute__((packed)) { } dhcp_option_t; /** - * DHCP message format, with a maximum size options buffer + * DHCP message format, with a minimum size options buffer */ typedef struct __attribute__((packed)) { uint8_t opcode; @@ -176,9 +179,19 @@ typedef struct __attribute__((packed)) { char server_hostname[64]; char boot_filename[128]; uint32_t magic_cookie; - u_char options[252]; + u_char options[308]; } dhcp_t; +/** + * Check if the given address equals the broadcast address + */ +static inline bool is_broadcast(host_t *host) +{ + chunk_t broadcast = chunk_from_chars(0xFF,0xFF,0xFF,0xFF); + + return chunk_equals(broadcast, host->get_address(host)); +} + /** * Prepare a DHCP message for a given transaction */ @@ -186,10 +199,10 @@ static int prepare_dhcp(private_dhcp_socket_t *this, dhcp_transaction_t *transaction, dhcp_message_type_t type, dhcp_t *dhcp) { - chunk_t chunk, broadcast = chunk_from_chars(0xFF,0xFF,0xFF,0xFF); + chunk_t chunk; identification_t *identity; dhcp_option_t *option; - int optlen = 0; + int optlen = 0, remaining; host_t *src; uint32_t id; @@ -198,7 +211,7 @@ static int prepare_dhcp(private_dhcp_socket_t *this, dhcp->hw_type = ARPHRD_ETHER; dhcp->hw_addr_len = 6; dhcp->transaction_id = transaction->get_id(transaction); - if (chunk_equals(broadcast, this->dst->get_address(this->dst))) + if (is_broadcast(this->dst)) { /* Set broadcast flag to get broadcasted replies, as we actually * do not own the MAC we request an address for. */ @@ -241,21 +254,29 @@ static int prepare_dhcp(private_dhcp_socket_t *this, option->data[0] = type; optlen += sizeof(dhcp_option_t) + option->len; + /* the REQUEST message has the most static overhead in the 'options' field + * with 17 bytes */ + remaining = sizeof(dhcp->options) - optlen - 17; + if (identity->get_type(identity) == ID_FQDN) { option = (dhcp_option_t*)&dhcp->options[optlen]; option->type = DHCP_HOST_NAME; - option->len = min(chunk.len, 64); + option->len = min(min(chunk.len, remaining-sizeof(dhcp_option_t)), 255); memcpy(option->data, chunk.ptr, option->len); optlen += sizeof(dhcp_option_t) + option->len; + remaining -= sizeof(dhcp_option_t) + option->len; } - option = (dhcp_option_t*)&dhcp->options[optlen]; - option->type = DHCP_CLIENT_ID; - option->len = min(chunk.len, 64); - memcpy(option->data, chunk.ptr, option->len); - optlen += sizeof(dhcp_option_t) + option->len; - + if (this->identity_lease && + remaining >= sizeof(dhcp_option_t) + 2) + { + option = (dhcp_option_t*)&dhcp->options[optlen]; + option->type = DHCP_CLIENT_ID; + option->len = min(min(chunk.len, remaining-sizeof(dhcp_option_t)), 255); + memcpy(option->data, chunk.ptr, option->len); + optlen += sizeof(dhcp_option_t) + option->len; + } return optlen; } @@ -273,7 +294,7 @@ static bool send_dhcp(private_dhcp_socket_t *this, { dst = this->dst; } - len = offsetof(dhcp_t, magic_cookie) + ((optlen + 4) / 64 * 64 + 64); + len = offsetof(dhcp_t, magic_cookie) + optlen + 4; return sendto(this->send, dhcp, len, 0, dst->get_sockaddr(dst), *dst->get_sockaddr_len(dst)) == len; } @@ -675,7 +696,7 @@ dhcp_socket_t *dhcp_socket_create() }, }; char *iface; - int on = 1; + int on = 1, rcvbuf = 0; struct sock_filter dhcp_filter_code[] = { BPF_STMT(BPF_LD+BPF_B+BPF_ABS, offsetof(struct iphdr, protocol)), @@ -685,9 +706,9 @@ dhcp_socket_t *dhcp_socket_create() BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_SERVER_PORT, 0, 14), BPF_STMT(BPF_LD+BPF_H+BPF_ABS, sizeof(struct iphdr) + offsetof(struct udphdr, dest)), - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_CLIENT_PORT, 0, 2), - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_SERVER_PORT, 0, 1), - BPF_JUMP(BPF_JMP+BPF_JA, 0, 0, 10), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_CLIENT_PORT, 2, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_SERVER_PORT, 1, 0), + BPF_JUMP(BPF_JMP+BPF_JA, 10, 0, 0), BPF_STMT(BPF_LD+BPF_B+BPF_ABS, sizeof(struct iphdr) + sizeof(struct udphdr) + offsetof(dhcp_t, opcode)), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, BOOTREPLY, 0, 8), @@ -766,6 +787,30 @@ dhcp_socket_t *dhcp_socket_create() destroy(this); return NULL; } + /* we won't read any data from this socket, so reduce the buffer to save + * some memory (there is some minimum, still try 0, though). + * note that we might steal some packets from other processes if e.g. a DHCP + * client (or server) is running on the same host, but by reducing the + * buffer size the impact should be minimized */ + if (setsockopt(this->send, SOL_SOCKET, SO_RCVBUF, &rcvbuf, + sizeof(rcvbuf)) == -1) + { + DBG1(DBG_CFG, "unable to reduce receive buffer on DHCP send socket: %s", + strerror(errno)); + destroy(this); + return NULL; + } + if (!is_broadcast(this->dst)) + { + /* when setting giaddr (which we do when we don't broadcast), the server + * should respond to the server port on that IP, according to RFC 2131, + * section 4.1. while we do receive such messages via raw socket, the + * kernel will respond with an ICMP port unreachable if there is no + * socket bound to that port, which might be problematic with certain + * DHCP servers. instead of opening an additional socket, that we don't + * actually use, we can also just send our requests from port 67 */ + src.sin_port = htons(DHCP_SERVER_PORT); + } if (bind(this->send, (struct sockaddr*)&src, sizeof(src)) == -1) { DBG1(DBG_CFG, "unable to bind DHCP send socket: %s", strerror(errno)); diff --git a/src/libcharon/plugins/dhcp/dhcp_transaction.h b/src/libcharon/plugins/dhcp/dhcp_transaction.h index 0c614f7b1..61fee2a8e 100644 --- a/src/libcharon/plugins/dhcp/dhcp_transaction.h +++ b/src/libcharon/plugins/dhcp/dhcp_transaction.h @@ -33,7 +33,7 @@ typedef struct dhcp_transaction_t dhcp_transaction_t; struct dhcp_transaction_t { /** - * Get the DCHP transaction ID. + * Get the DHCP transaction ID. * * @return DHCP transaction identifier */ @@ -61,7 +61,7 @@ struct dhcp_transaction_t { host_t* (*get_address)(dhcp_transaction_t *this); /** - * Set the DCHP server address discovered. + * Set the DHCP server address discovered. * * @param server DHCP server address */ @@ -75,7 +75,7 @@ struct dhcp_transaction_t { host_t* (*get_server)(dhcp_transaction_t *this); /** - * An an additional attribute to serve to peer. + * Add an additional attribute to serve to peer. * * @param type type of attribute * @param data attribute data diff --git a/src/libcharon/plugins/dnscert/dnscert_cred.c b/src/libcharon/plugins/dnscert/dnscert_cred.c index 533bd5be4..54d25e11b 100644 --- a/src/libcharon/plugins/dnscert/dnscert_cred.c +++ b/src/libcharon/plugins/dnscert/dnscert_cred.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/dnscert/dnscert_plugin.c b/src/libcharon/plugins/dnscert/dnscert_plugin.c index 1b93480cf..6eed698b9 100644 --- a/src/libcharon/plugins/dnscert/dnscert_plugin.c +++ b/src/libcharon/plugins/dnscert/dnscert_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka/eap_aka_peer.c b/src/libcharon/plugins/eap_aka/eap_aka_peer.c index 3ab053ba6..fa4dd37af 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_peer.c +++ b/src/libcharon/plugins/eap_aka/eap_aka_peer.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka/eap_aka_peer.h b/src/libcharon/plugins/eap_aka/eap_aka_peer.h index b6ab5cdc5..35d15187a 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_peer.h +++ b/src/libcharon/plugins/eap_aka/eap_aka_peer.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka/eap_aka_plugin.c b/src/libcharon/plugins/eap_aka/eap_aka_plugin.c index 83805d727..126667d50 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_plugin.c +++ b/src/libcharon/plugins/eap_aka/eap_aka_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka/eap_aka_plugin.h b/src/libcharon/plugins/eap_aka/eap_aka_plugin.h index 8d4fbadfa..b1603e3f4 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_plugin.h +++ b/src/libcharon/plugins/eap_aka/eap_aka_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka/eap_aka_server.c b/src/libcharon/plugins/eap_aka/eap_aka_server.c index 1ede56757..e6175267c 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_server.c +++ b/src/libcharon/plugins/eap_aka/eap_aka_server.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka/eap_aka_server.h b/src/libcharon/plugins/eap_aka/eap_aka_server.h index 5c95180ac..d4c4053e9 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_server.h +++ b/src/libcharon/plugins/eap_aka/eap_aka_server.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/Makefile.am b/src/libcharon/plugins/eap_aka_3gpp/Makefile.am index 5e230ea3b..97de388c3 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/Makefile.am +++ b/src/libcharon/plugins/eap_aka_3gpp/Makefile.am @@ -6,17 +6,24 @@ AM_CPPFLAGS = \ AM_CFLAGS = \ $(PLUGIN_CFLAGS) -libstrongswan_eap_aka_3gpp_la_LDFLAGS = -module -avoid-version +# these files are also used by the tests, we can't directly refer to them +# because of the subdirectory, which would cause distclean to fail +noinst_LTLIBRARIES = libeap_aka_3gpp.la +libeap_aka_3gpp_la_SOURCES = \ + eap_aka_3gpp_functions.h eap_aka_3gpp_functions.c + +libstrongswan_eap_aka_3gpp_la_LIBADD = libeap_aka_3gpp.la if MONOLITHIC -noinst_LTLIBRARIES = libstrongswan-eap-aka-3gpp.la +noinst_LTLIBRARIES += libstrongswan-eap-aka-3gpp.la else plugin_LTLIBRARIES = libstrongswan-eap-aka-3gpp.la -libstrongswan_eap_aka_3gpp_la_LIBADD = $(top_builddir)/src/libsimaka/libsimaka.la +libstrongswan_eap_aka_3gpp_la_LIBADD += $(top_builddir)/src/libsimaka/libsimaka.la endif libstrongswan_eap_aka_3gpp_la_SOURCES = \ eap_aka_3gpp_plugin.h eap_aka_3gpp_plugin.c \ eap_aka_3gpp_card.h eap_aka_3gpp_card.c \ - eap_aka_3gpp_provider.h eap_aka_3gpp_provider.c \ - eap_aka_3gpp_functions.h eap_aka_3gpp_functions.c + eap_aka_3gpp_provider.h eap_aka_3gpp_provider.c + +libstrongswan_eap_aka_3gpp_la_LDFLAGS = -module -avoid-version diff --git a/src/libcharon/plugins/eap_aka_3gpp/Makefile.in b/src/libcharon/plugins/eap_aka_3gpp/Makefile.in index 2f3d0b83e..d8515c05b 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/Makefile.in +++ b/src/libcharon/plugins/eap_aka_3gpp/Makefile.in @@ -88,6 +88,8 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ +@MONOLITHIC_TRUE@am__append_1 = libstrongswan-eap-aka-3gpp.la +@MONOLITHIC_FALSE@am__append_2 = $(top_builddir)/src/libsimaka/libsimaka.la subdir = src/libcharon/plugins/eap_aka_3gpp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ @@ -136,17 +138,19 @@ am__uninstall_files_from_dir = { \ } am__installdirs = "$(DESTDIR)$(plugindir)" LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) -@MONOLITHIC_FALSE@libstrongswan_eap_aka_3gpp_la_DEPENDENCIES = \ -@MONOLITHIC_FALSE@ $(top_builddir)/src/libsimaka/libsimaka.la -am_libstrongswan_eap_aka_3gpp_la_OBJECTS = eap_aka_3gpp_plugin.lo \ - eap_aka_3gpp_card.lo eap_aka_3gpp_provider.lo \ - eap_aka_3gpp_functions.lo -libstrongswan_eap_aka_3gpp_la_OBJECTS = \ - $(am_libstrongswan_eap_aka_3gpp_la_OBJECTS) +libeap_aka_3gpp_la_LIBADD = +am_libeap_aka_3gpp_la_OBJECTS = eap_aka_3gpp_functions.lo +libeap_aka_3gpp_la_OBJECTS = $(am_libeap_aka_3gpp_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = +libstrongswan_eap_aka_3gpp_la_DEPENDENCIES = libeap_aka_3gpp.la \ + $(am__append_2) +am_libstrongswan_eap_aka_3gpp_la_OBJECTS = eap_aka_3gpp_plugin.lo \ + eap_aka_3gpp_card.lo eap_aka_3gpp_provider.lo +libstrongswan_eap_aka_3gpp_la_OBJECTS = \ + $(am_libstrongswan_eap_aka_3gpp_la_OBJECTS) libstrongswan_eap_aka_3gpp_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) \ @@ -188,8 +192,10 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = -SOURCES = $(libstrongswan_eap_aka_3gpp_la_SOURCES) -DIST_SOURCES = $(libstrongswan_eap_aka_3gpp_la_SOURCES) +SOURCES = $(libeap_aka_3gpp_la_SOURCES) \ + $(libstrongswan_eap_aka_3gpp_la_SOURCES) +DIST_SOURCES = $(libeap_aka_3gpp_la_SOURCES) \ + $(libstrongswan_eap_aka_3gpp_la_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ @@ -462,16 +468,22 @@ AM_CPPFLAGS = \ AM_CFLAGS = \ $(PLUGIN_CFLAGS) -libstrongswan_eap_aka_3gpp_la_LDFLAGS = -module -avoid-version -@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-eap-aka-3gpp.la + +# these files are also used by the tests, we can't directly refer to them +# because of the subdirectory, which would cause distclean to fail +noinst_LTLIBRARIES = libeap_aka_3gpp.la $(am__append_1) +libeap_aka_3gpp_la_SOURCES = \ + eap_aka_3gpp_functions.h eap_aka_3gpp_functions.c + +libstrongswan_eap_aka_3gpp_la_LIBADD = libeap_aka_3gpp.la \ + $(am__append_2) @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-eap-aka-3gpp.la -@MONOLITHIC_FALSE@libstrongswan_eap_aka_3gpp_la_LIBADD = $(top_builddir)/src/libsimaka/libsimaka.la libstrongswan_eap_aka_3gpp_la_SOURCES = \ eap_aka_3gpp_plugin.h eap_aka_3gpp_plugin.c \ eap_aka_3gpp_card.h eap_aka_3gpp_card.c \ - eap_aka_3gpp_provider.h eap_aka_3gpp_provider.c \ - eap_aka_3gpp_functions.h eap_aka_3gpp_functions.c + eap_aka_3gpp_provider.h eap_aka_3gpp_provider.c +libstrongswan_eap_aka_3gpp_la_LDFLAGS = -module -avoid-version all: all-am .SUFFIXES: @@ -552,6 +564,9 @@ clean-pluginLTLIBRARIES: rm -f $${locs}; \ } +libeap_aka_3gpp.la: $(libeap_aka_3gpp_la_OBJECTS) $(libeap_aka_3gpp_la_DEPENDENCIES) $(EXTRA_libeap_aka_3gpp_la_DEPENDENCIES) + $(AM_V_CCLD)$(LINK) $(libeap_aka_3gpp_la_OBJECTS) $(libeap_aka_3gpp_la_LIBADD) $(LIBS) + libstrongswan-eap-aka-3gpp.la: $(libstrongswan_eap_aka_3gpp_la_OBJECTS) $(libstrongswan_eap_aka_3gpp_la_DEPENDENCIES) $(EXTRA_libstrongswan_eap_aka_3gpp_la_DEPENDENCIES) $(AM_V_CCLD)$(libstrongswan_eap_aka_3gpp_la_LINK) $(am_libstrongswan_eap_aka_3gpp_la_rpath) $(libstrongswan_eap_aka_3gpp_la_OBJECTS) $(libstrongswan_eap_aka_3gpp_la_LIBADD) $(LIBS) diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.c b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.c index 22c1181ad..e77c75149 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.c +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.h b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.h index 0ef90681f..48a3f5055 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.h +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_card.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_functions.h b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_functions.h index c089cd385..c9fb1a983 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_functions.h +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_functions.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.c b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.c index 650af86d9..061961fcf 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.c +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.h b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.h index e101f4be6..ea2461fcc 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.h +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.c b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.c index d5112d390..1486b6279 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.c +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.h b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.h index 6af8b4b4f..e75763027 100644 --- a/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.h +++ b/src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.am b/src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.am new file mode 100644 index 000000000..5887898b6 --- /dev/null +++ b/src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.am @@ -0,0 +1,24 @@ +TESTS = eap_aka_3gpp_tests + +check_PROGRAMS = $(TESTS) + +eap_aka_3gpp_tests_SOURCES = \ + tests.h tests.c \ + suites/test_vectors.c + +eap_aka_3gpp_tests_CFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libstrongswan/tests \ + -I$(top_srcdir)/src/libcharon \ + -I$(top_srcdir)/src/libsimaka \ + -I$(top_srcdir)/src/libcharon/plugins/eap_aka_3gpp \ + -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ + -DPLUGINS=\""${s_plugins}\"" \ + @COVERAGE_CFLAGS@ + +eap_aka_3gpp_tests_LDFLAGS = @COVERAGE_LDFLAGS@ +eap_aka_3gpp_tests_LDADD = \ + ../libeap_aka_3gpp.la \ + $(top_builddir)/src/libcharon/libcharon.la \ + $(top_builddir)/src/libstrongswan/tests/libtest.la \ + $(top_builddir)/src/libstrongswan/libstrongswan.la diff --git a/src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.in b/src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.in new file mode 100644 index 000000000..65b86199c --- /dev/null +++ b/src/libcharon/plugins/eap_aka_3gpp/tests/Makefile.in @@ -0,0 +1,899 @@ +# Makefile.in generated by automake 1.15 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2014 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +TESTS = eap_aka_3gpp_tests$(EXEEXT) +check_PROGRAMS = $(am__EXEEXT_1) +subdir = src/libcharon/plugins/eap_aka_3gpp/tests +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__EXEEXT_1 = eap_aka_3gpp_tests$(EXEEXT) +am__dirstamp = $(am__leading_dot)dirstamp +am_eap_aka_3gpp_tests_OBJECTS = eap_aka_3gpp_tests-tests.$(OBJEXT) \ + suites/eap_aka_3gpp_tests-test_vectors.$(OBJEXT) +eap_aka_3gpp_tests_OBJECTS = $(am_eap_aka_3gpp_tests_OBJECTS) +eap_aka_3gpp_tests_DEPENDENCIES = ../libeap_aka_3gpp.la \ + $(top_builddir)/src/libcharon/libcharon.la \ + $(top_builddir)/src/libstrongswan/tests/libtest.la \ + $(top_builddir)/src/libstrongswan/libstrongswan.la +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +eap_aka_3gpp_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) \ + $(eap_aka_3gpp_tests_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(eap_aka_3gpp_tests_SOURCES) +DIST_SOURCES = $(eap_aka_3gpp_tests_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__tty_colors_dummy = \ + mgn= red= grn= lgn= blu= brg= std=; \ + am__color_tests=no +am__tty_colors = { \ + $(am__tty_colors_dummy); \ + if test "X$(AM_COLOR_TESTS)" = Xno; then \ + am__color_tests=no; \ + elif test "X$(AM_COLOR_TESTS)" = Xalways; then \ + am__color_tests=yes; \ + elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \ + am__color_tests=yes; \ + fi; \ + if test $$am__color_tests = yes; then \ + red=''; \ + grn=''; \ + lgn=''; \ + blu=''; \ + mgn=''; \ + brg=''; \ + std=''; \ + fi; \ +} +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +ATOMICLIB = @ATOMICLIB@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BFDLIB = @BFDLIB@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +FUZZING_LDFLAGS = @FUZZING_LDFLAGS@ +GEM = @GEM@ +GENHTML = @GENHTML@ +GPERF = @GPERF@ +GPERF_LEN_TYPE = @GPERF_LEN_TYPE@ +GPRBUILD = @GPRBUILD@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_LIB = @OPENSSL_LIB@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ +PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYGEMDIR = @RUBYGEMDIR@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +aikgen_plugins = @aikgen_plugins@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +attest_plugins = @attest_plugins@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ +clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dev_headers = @dev_headers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +fips_mode = @fips_mode@ +fuzz_plugins = @fuzz_plugins@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +imcvdir = @imcvdir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipseclibdir = @ipseclibdir@ +ipsecuser = @ipsecuser@ +json_CFLAGS = @json_CFLAGS@ +json_LIBS = @json_LIBS@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libfuzzer = @libfuzzer@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +manager_plugins = @manager_plugins@ +mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ +oldincludedir = @oldincludedir@ +p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ +pdfdir = @pdfdir@ +piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +pki_plugins = @pki_plugins@ +plugindir = @plugindir@ +pool_plugins = @pool_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +ruby_CFLAGS = @ruby_CFLAGS@ +ruby_LIBS = @ruby_LIBS@ +runstatedir = @runstatedir@ +s_plugins = @s_plugins@ +sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ +sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ +srcdir = @srcdir@ +starter_plugins = @starter_plugins@ +strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ +swanctldir = @swanctldir@ +sysconfdir = @sysconfdir@ +systemd_CFLAGS = @systemd_CFLAGS@ +systemd_LIBS = @systemd_LIBS@ +systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ +systemd_daemon_LIBS = @systemd_daemon_LIBS@ +systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ +systemd_journal_LIBS = @systemd_journal_LIBS@ +systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +tss2_CFLAGS = @tss2_CFLAGS@ +tss2_LIBS = @tss2_LIBS@ +tss2_socket_CFLAGS = @tss2_socket_CFLAGS@ +tss2_socket_LIBS = @tss2_socket_LIBS@ +tss2_tabrmd_CFLAGS = @tss2_tabrmd_CFLAGS@ +tss2_tabrmd_LIBS = @tss2_tabrmd_LIBS@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +eap_aka_3gpp_tests_SOURCES = \ + tests.h tests.c \ + suites/test_vectors.c + +eap_aka_3gpp_tests_CFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libstrongswan/tests \ + -I$(top_srcdir)/src/libcharon \ + -I$(top_srcdir)/src/libsimaka \ + -I$(top_srcdir)/src/libcharon/plugins/eap_aka_3gpp \ + -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ + -DPLUGINS=\""${s_plugins}\"" \ + @COVERAGE_CFLAGS@ + +eap_aka_3gpp_tests_LDFLAGS = @COVERAGE_LDFLAGS@ +eap_aka_3gpp_tests_LDADD = \ + ../libeap_aka_3gpp.la \ + $(top_builddir)/src/libcharon/libcharon.la \ + $(top_builddir)/src/libstrongswan/tests/libtest.la \ + $(top_builddir)/src/libstrongswan/libstrongswan.la + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libcharon/plugins/eap_aka_3gpp/tests/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libcharon/plugins/eap_aka_3gpp/tests/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-checkPROGRAMS: + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +suites/$(am__dirstamp): + @$(MKDIR_P) suites + @: > suites/$(am__dirstamp) +suites/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) suites/$(DEPDIR) + @: > suites/$(DEPDIR)/$(am__dirstamp) +suites/eap_aka_3gpp_tests-test_vectors.$(OBJEXT): \ + suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp) + +eap_aka_3gpp_tests$(EXEEXT): $(eap_aka_3gpp_tests_OBJECTS) $(eap_aka_3gpp_tests_DEPENDENCIES) $(EXTRA_eap_aka_3gpp_tests_DEPENDENCIES) + @rm -f eap_aka_3gpp_tests$(EXEEXT) + $(AM_V_CCLD)$(eap_aka_3gpp_tests_LINK) $(eap_aka_3gpp_tests_OBJECTS) $(eap_aka_3gpp_tests_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + -rm -f suites/*.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eap_aka_3gpp_tests-tests.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +eap_aka_3gpp_tests-tests.o: tests.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -MT eap_aka_3gpp_tests-tests.o -MD -MP -MF $(DEPDIR)/eap_aka_3gpp_tests-tests.Tpo -c -o eap_aka_3gpp_tests-tests.o `test -f 'tests.c' || echo '$(srcdir)/'`tests.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/eap_aka_3gpp_tests-tests.Tpo $(DEPDIR)/eap_aka_3gpp_tests-tests.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests.c' object='eap_aka_3gpp_tests-tests.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -c -o eap_aka_3gpp_tests-tests.o `test -f 'tests.c' || echo '$(srcdir)/'`tests.c + +eap_aka_3gpp_tests-tests.obj: tests.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -MT eap_aka_3gpp_tests-tests.obj -MD -MP -MF $(DEPDIR)/eap_aka_3gpp_tests-tests.Tpo -c -o eap_aka_3gpp_tests-tests.obj `if test -f 'tests.c'; then $(CYGPATH_W) 'tests.c'; else $(CYGPATH_W) '$(srcdir)/tests.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/eap_aka_3gpp_tests-tests.Tpo $(DEPDIR)/eap_aka_3gpp_tests-tests.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests.c' object='eap_aka_3gpp_tests-tests.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -c -o eap_aka_3gpp_tests-tests.obj `if test -f 'tests.c'; then $(CYGPATH_W) 'tests.c'; else $(CYGPATH_W) '$(srcdir)/tests.c'; fi` + +suites/eap_aka_3gpp_tests-test_vectors.o: suites/test_vectors.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -MT suites/eap_aka_3gpp_tests-test_vectors.o -MD -MP -MF suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Tpo -c -o suites/eap_aka_3gpp_tests-test_vectors.o `test -f 'suites/test_vectors.c' || echo '$(srcdir)/'`suites/test_vectors.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Tpo suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_vectors.c' object='suites/eap_aka_3gpp_tests-test_vectors.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -c -o suites/eap_aka_3gpp_tests-test_vectors.o `test -f 'suites/test_vectors.c' || echo '$(srcdir)/'`suites/test_vectors.c + +suites/eap_aka_3gpp_tests-test_vectors.obj: suites/test_vectors.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -MT suites/eap_aka_3gpp_tests-test_vectors.obj -MD -MP -MF suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Tpo -c -o suites/eap_aka_3gpp_tests-test_vectors.obj `if test -f 'suites/test_vectors.c'; then $(CYGPATH_W) 'suites/test_vectors.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_vectors.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Tpo suites/$(DEPDIR)/eap_aka_3gpp_tests-test_vectors.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_vectors.c' object='suites/eap_aka_3gpp_tests-test_vectors.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(eap_aka_3gpp_tests_CFLAGS) $(CFLAGS) -c -o suites/eap_aka_3gpp_tests-test_vectors.obj `if test -f 'suites/test_vectors.c'; then $(CYGPATH_W) 'suites/test_vectors.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_vectors.c'; fi` + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ + srcdir=$(srcdir); export srcdir; \ + list=' $(TESTS) '; \ + $(am__tty_colors); \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst $(AM_TESTS_FD_REDIRECT); then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + col=$$red; res=XPASS; \ + ;; \ + *) \ + col=$$grn; res=PASS; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xfail=`expr $$xfail + 1`; \ + col=$$lgn; res=XFAIL; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + col=$$red; res=FAIL; \ + ;; \ + esac; \ + else \ + skip=`expr $$skip + 1`; \ + col=$$blu; res=SKIP; \ + fi; \ + echo "$${col}$$res$${std}: $$tst"; \ + done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="$$All$$all $$tests passed"; \ + else \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all $$tests failed"; \ + else \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ + fi; \ + fi; \ + dashes="$$banner"; \ + skipped=""; \ + if test "$$skip" -ne 0; then \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ + test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$skipped"; \ + fi; \ + report=""; \ + if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ + report="Please report to $(PACKAGE_BUGREPORT)"; \ + test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$report"; \ + fi; \ + dashes=`echo "$$dashes" | sed s/./=/g`; \ + if test "$$failed" -eq 0; then \ + col="$$grn"; \ + else \ + col="$$red"; \ + fi; \ + echo "$${col}$$dashes$${std}"; \ + echo "$${col}$$banner$${std}"; \ + test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \ + test -z "$$report" || echo "$${col}$$report$${std}"; \ + echo "$${col}$$dashes$${std}"; \ + test "$$failed" -eq 0; \ + else :; fi + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS +check: check-am +all-am: Makefile +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -rm -f suites/$(DEPDIR)/$(am__dirstamp) + -rm -f suites/$(am__dirstamp) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) suites/$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) suites/$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: + +.MAKE: check-am install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \ + clean-checkPROGRAMS clean-generic clean-libtool cscopelist-am \ + ctags ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libcharon/plugins/eap_aka_3gpp/tests/suites/test_vectors.c b/src/libcharon/plugins/eap_aka_3gpp/tests/suites/test_vectors.c new file mode 100644 index 000000000..681e99a6b --- /dev/null +++ b/src/libcharon/plugins/eap_aka_3gpp/tests/suites/test_vectors.c @@ -0,0 +1,210 @@ +/* + * Copyright (C) 2018 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +#include "../eap_aka_3gpp_functions.h" + +static eap_aka_3gpp_functions_t *functions; + +START_SETUP(functions_setup) +{ + functions = eap_aka_3gpp_functions_create(); + ck_assert(functions); +} +END_SETUP + +START_TEARDOWN(functions_teardown) +{ + functions->destroy(functions); +} +END_TEARDOWN + +/** + * Test vectors from 3GPP TS 35.207 + */ +static struct { + uint8_t k[AKA_K_LEN]; + uint8_t rand[AKA_RAND_LEN]; + uint8_t sqn[AKA_SQN_LEN]; + uint8_t amf[AKA_AMF_LEN]; + uint8_t opc[AKA_OPC_LEN]; + uint8_t f1[AKA_MAC_LEN]; + uint8_t f1star[AKA_MAC_LEN]; + uint8_t f2[AKA_RES_LEN]; + uint8_t f3[AKA_CK_LEN]; + uint8_t f4[AKA_IK_LEN]; + uint8_t f5[AKA_AK_LEN]; + uint8_t f5star[AKA_AK_LEN]; +} test_data[] = { + { + .k = {0x46,0x5b,0x5c,0xe8,0xb1,0x99,0xb4,0x9f,0xaa,0x5f,0x0a,0x2e,0xe2,0x38,0xa6,0xbc}, + .rand = {0x23,0x55,0x3c,0xbe,0x96,0x37,0xa8,0x9d,0x21,0x8a,0xe6,0x4d,0xae,0x47,0xbf,0x35}, + .sqn = {0xff,0x9b,0xb4,0xd0,0xb6,0x07}, + .amf = {0xb9,0xb9}, + .opc = {0xcd,0x63,0xcb,0x71,0x95,0x4a,0x9f,0x4e,0x48,0xa5,0x99,0x4e,0x37,0xa0,0x2b,0xaf}, + .f1 = {0x4a,0x9f,0xfa,0xc3,0x54,0xdf,0xaf,0xb3}, + .f1star = {0x01,0xcf,0xaf,0x9e,0xc4,0xe8,0x71,0xe9}, + .f2 = {0xa5,0x42,0x11,0xd5,0xe3,0xba,0x50,0xbf}, + .f3 = {0xb4,0x0b,0xa9,0xa3,0xc5,0x8b,0x2a,0x05,0xbb,0xf0,0xd9,0x87,0xb2,0x1b,0xf8,0xcb}, + .f4 = {0xf7,0x69,0xbc,0xd7,0x51,0x04,0x46,0x04,0x12,0x76,0x72,0x71,0x1c,0x6d,0x34,0x41}, + .f5 = {0xaa,0x68,0x9c,0x64,0x83,0x70}, + .f5star = {0x45,0x1e,0x8b,0xec,0xa4,0x3b}, + }, + { + .k = {0x03,0x96,0xeb,0x31,0x7b,0x6d,0x1c,0x36,0xf1,0x9c,0x1c,0x84,0xcd,0x6f,0xfd,0x16}, + .rand = {0xc0,0x0d,0x60,0x31,0x03,0xdc,0xee,0x52,0xc4,0x47,0x81,0x19,0x49,0x42,0x02,0xe8}, + .sqn = {0xfd,0x8e,0xef,0x40,0xdf,0x7d}, + .amf = {0xaf,0x17}, + .opc = {0x53,0xc1,0x56,0x71,0xc6,0x0a,0x4b,0x73,0x1c,0x55,0xb4,0xa4,0x41,0xc0,0xbd,0xe2}, + .f1 = {0x5d,0xf5,0xb3,0x18,0x07,0xe2,0x58,0xb0}, + .f1star = {0xa8,0xc0,0x16,0xe5,0x1e,0xf4,0xa3,0x43}, + .f2 = {0xd3,0xa6,0x28,0xed,0x98,0x86,0x20,0xf0}, + .f3 = {0x58,0xc4,0x33,0xff,0x7a,0x70,0x82,0xac,0xd4,0x24,0x22,0x0f,0x2b,0x67,0xc5,0x56}, + .f4 = {0x21,0xa8,0xc1,0xf9,0x29,0x70,0x2a,0xdb,0x3e,0x73,0x84,0x88,0xb9,0xf5,0xc5,0xda}, + .f5 = {0xc4,0x77,0x83,0x99,0x5f,0x72}, + .f5star = {0x30,0xf1,0x19,0x70,0x61,0xc1}, + }, + { + .k = {0xfe,0xc8,0x6b,0xa6,0xeb,0x70,0x7e,0xd0,0x89,0x05,0x75,0x7b,0x1b,0xb4,0x4b,0x8f}, + .rand = {0x9f,0x7c,0x8d,0x02,0x1a,0xcc,0xf4,0xdb,0x21,0x3c,0xcf,0xf0,0xc7,0xf7,0x1a,0x6a}, + .sqn = {0x9d,0x02,0x77,0x59,0x5f,0xfc}, + .amf = {0x72,0x5c}, + .opc = {0x10,0x06,0x02,0x0f,0x0a,0x47,0x8b,0xf6,0xb6,0x99,0xf1,0x5c,0x06,0x2e,0x42,0xb3}, + .f1 = {0x9c,0xab,0xc3,0xe9,0x9b,0xaf,0x72,0x81}, + .f1star = {0x95,0x81,0x4b,0xa2,0xb3,0x04,0x43,0x24}, + .f2 = {0x80,0x11,0xc4,0x8c,0x0c,0x21,0x4e,0xd2}, + .f3 = {0x5d,0xbd,0xbb,0x29,0x54,0xe8,0xf3,0xcd,0xe6,0x65,0xb0,0x46,0x17,0x9a,0x50,0x98}, + .f4 = {0x59,0xa9,0x2d,0x3b,0x47,0x6a,0x04,0x43,0x48,0x70,0x55,0xcf,0x88,0xb2,0x30,0x7b}, + .f5 = {0x33,0x48,0x4d,0xc2,0x13,0x6b}, + .f5star = {0xde,0xac,0xdd,0x84,0x8c,0xc6}, + }, + { + .k = {0x9e,0x59,0x44,0xae,0xa9,0x4b,0x81,0x16,0x5c,0x82,0xfb,0xf9,0xf3,0x2d,0xb7,0x51}, + .rand = {0xce,0x83,0xdb,0xc5,0x4a,0xc0,0x27,0x4a,0x15,0x7c,0x17,0xf8,0x0d,0x01,0x7b,0xd6}, + .sqn = {0x0b,0x60,0x4a,0x81,0xec,0xa8}, + .amf = {0x9e,0x09}, + .opc = {0xa6,0x4a,0x50,0x7a,0xe1,0xa2,0xa9,0x8b,0xb8,0x8e,0xb4,0x21,0x01,0x35,0xdc,0x87}, + .f1 = {0x74,0xa5,0x82,0x20,0xcb,0xa8,0x4c,0x49}, + .f1star = {0xac,0x2c,0xc7,0x4a,0x96,0x87,0x18,0x37}, + .f2 = {0xf3,0x65,0xcd,0x68,0x3c,0xd9,0x2e,0x96}, + .f3 = {0xe2,0x03,0xed,0xb3,0x97,0x15,0x74,0xf5,0xa9,0x4b,0x0d,0x61,0xb8,0x16,0x34,0x5d}, + .f4 = {0x0c,0x45,0x24,0xad,0xea,0xc0,0x41,0xc4,0xdd,0x83,0x0d,0x20,0x85,0x4f,0xc4,0x6b}, + .f5 = {0xf0,0xb9,0xc0,0x8a,0xd0,0x2e}, + .f5star = {0x60,0x85,0xa8,0x6c,0x6f,0x63}, + }, + { + .k = {0x4a,0xb1,0xde,0xb0,0x5c,0xa6,0xce,0xb0,0x51,0xfc,0x98,0xe7,0x7d,0x02,0x6a,0x84}, + .rand = {0x74,0xb0,0xcd,0x60,0x31,0xa1,0xc8,0x33,0x9b,0x2b,0x6c,0xe2,0xb8,0xc4,0xa1,0x86}, + .sqn = {0xe8,0x80,0xa1,0xb5,0x80,0xb6}, + .amf = {0x9f,0x07}, + .opc = {0xdc,0xf0,0x7c,0xbd,0x51,0x85,0x52,0x90,0xb9,0x2a,0x07,0xa9,0x89,0x1e,0x52,0x3e}, + .f1 = {0x49,0xe7,0x85,0xdd,0x12,0x62,0x6e,0xf2}, + .f1star = {0x9e,0x85,0x79,0x03,0x36,0xbb,0x3f,0xa2}, + .f2 = {0x58,0x60,0xfc,0x1b,0xce,0x35,0x1e,0x7e}, + .f3 = {0x76,0x57,0x76,0x6b,0x37,0x3d,0x1c,0x21,0x38,0xf3,0x07,0xe3,0xde,0x92,0x42,0xf9}, + .f4 = {0x1c,0x42,0xe9,0x60,0xd8,0x9b,0x8f,0xa9,0x9f,0x27,0x44,0xe0,0x70,0x8c,0xcb,0x53}, + .f5 = {0x31,0xe1,0x1a,0x60,0x91,0x18}, + .f5star = {0xfe,0x25,0x55,0xe5,0x4a,0xa9}, + }, + { + .k = {0x6c,0x38,0xa1,0x16,0xac,0x28,0x0c,0x45,0x4f,0x59,0x33,0x2e,0xe3,0x5c,0x8c,0x4f}, + .rand = {0xee,0x64,0x66,0xbc,0x96,0x20,0x2c,0x5a,0x55,0x7a,0xbb,0xef,0xf8,0xba,0xbf,0x63}, + .sqn = {0x41,0x4b,0x98,0x22,0x21,0x81}, + .amf = {0x44,0x64}, + .opc = {0x38,0x03,0xef,0x53,0x63,0xb9,0x47,0xc6,0xaa,0xa2,0x25,0xe5,0x8f,0xae,0x39,0x34}, + .f1 = {0x07,0x8a,0xdf,0xb4,0x88,0x24,0x1a,0x57}, + .f1star = {0x80,0x24,0x6b,0x8d,0x01,0x86,0xbc,0xf1}, + .f2 = {0x16,0xc8,0x23,0x3f,0x05,0xa0,0xac,0x28}, + .f3 = {0x3f,0x8c,0x75,0x87,0xfe,0x8e,0x4b,0x23,0x3a,0xf6,0x76,0xae,0xde,0x30,0xba,0x3b}, + .f4 = {0xa7,0x46,0x6c,0xc1,0xe6,0xb2,0xa1,0x33,0x7d,0x49,0xd3,0xb6,0x6e,0x95,0xd7,0xb4}, + .f5 = {0x45,0xb0,0xf6,0x9a,0xb0,0x6c}, + .f5star = {0x1f,0x53,0xcd,0x2b,0x11,0x13}, + }, +}; + +START_TEST(test_f1) +{ + uint8_t mac[AKA_MAC_LEN]; + + ck_assert(functions->f1(functions, test_data[_i].k, test_data[_i].opc, + test_data[_i].rand, test_data[_i].sqn, + test_data[_i].amf, mac)); + ck_assert(memeq(test_data[_i].f1, mac, sizeof(mac))); +} +END_TEST + +START_TEST(test_f1star) +{ + uint8_t mac[AKA_MAC_LEN]; + + ck_assert(functions->f1star(functions, test_data[_i].k, + test_data[_i].opc, test_data[_i].rand, + test_data[_i].sqn, test_data[_i].amf, mac)); + ck_assert(memeq(test_data[_i].f1star, mac, sizeof(mac))); +} +END_TEST + +START_TEST(test_f2345) +{ + uint8_t res[AKA_RES_LEN], ck[AKA_CK_LEN], ik[AKA_IK_LEN], ak[AKA_AK_LEN]; + + ck_assert(functions->f2345(functions, test_data[_i].k, + test_data[_i].opc, test_data[_i].rand, + res, ck, ik, ak)); + + ck_assert(memeq(test_data[_i].f2, res, sizeof(res))); + ck_assert(memeq(test_data[_i].f3, ck, sizeof(ck))); + ck_assert(memeq(test_data[_i].f4, ik, sizeof(ik))); + ck_assert(memeq(test_data[_i].f5, ak, sizeof(ak))); +} +END_TEST + +START_TEST(test_f5star) +{ + uint8_t ak[AKA_AK_LEN]; + + ck_assert(functions->f5star(functions, test_data[_i].k, + test_data[_i].opc, test_data[_i].rand, ak)); + + ck_assert(memeq(test_data[_i].f5star, ak, sizeof(ak))); +} +END_TEST + +Suite *test_vectors_suite_create() +{ + Suite *s; + TCase *tc; + + s = suite_create("eap-aka-3gpp"); + + tc = tcase_create("f1, f1*"); + tcase_add_checked_fixture(tc, functions_setup, functions_teardown); + tcase_add_loop_test(tc, test_f1, 0, countof(test_data)); + tcase_add_loop_test(tc, test_f1star, 0, countof(test_data)); + suite_add_tcase(s, tc); + + tc = tcase_create("f2, f3, f4 and f5"); + tcase_add_checked_fixture(tc, functions_setup, functions_teardown); + tcase_add_loop_test(tc, test_f2345, 0, countof(test_data)); + suite_add_tcase(s, tc); + + tc = tcase_create("f5*"); + tcase_add_checked_fixture(tc, functions_setup, functions_teardown); + tcase_add_loop_test(tc, test_f5star, 0, countof(test_data)); + suite_add_tcase(s, tc); + + return s; +} diff --git a/src/libcharon/plugins/eap_aka_3gpp/tests/tests.c b/src/libcharon/plugins/eap_aka_3gpp/tests/tests.c new file mode 100644 index 000000000..17a2c0771 --- /dev/null +++ b/src/libcharon/plugins/eap_aka_3gpp/tests/tests.c @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2018 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +/* declare test suite constructors */ +#define TEST_SUITE(x) test_suite_t* x(); +#define TEST_SUITE_DEPEND(x, ...) TEST_SUITE(x) +#include "tests.h" +#undef TEST_SUITE +#undef TEST_SUITE_DEPEND + +static test_configuration_t tests[] = { +#define TEST_SUITE(x) \ + { .suite = x, }, +#define TEST_SUITE_DEPEND(x, type, ...) \ + { .suite = x, .feature = PLUGIN_DEPENDS(type, __VA_ARGS__) }, +#include "tests.h" + { .suite = NULL, } +}; + +static bool test_runner_init(bool init) +{ + if (init) + { + char *plugins, *plugindir; + + plugins = getenv("TESTS_PLUGINS") ?: + lib->settings->get_str(lib->settings, + "tests.load", PLUGINS); + plugindir = lib->settings->get_str(lib->settings, + "tests.plugindir", PLUGINDIR); + plugin_loader_add_plugindirs(plugindir, plugins); + if (!lib->plugins->load(lib->plugins, plugins)) + { + return FALSE; + } + } + else + { + lib->processor->set_threads(lib->processor, 0); + lib->processor->cancel(lib->processor); + lib->plugins->unload(lib->plugins); + } + return TRUE; +} + +int main(int argc, char *argv[]) +{ + return test_runner_run("eap-aka-3gpp", tests, test_runner_init); +} diff --git a/src/libcharon/plugins/eap_aka_3gpp/tests/tests.h b/src/libcharon/plugins/eap_aka_3gpp/tests/tests.h new file mode 100644 index 000000000..858571121 --- /dev/null +++ b/src/libcharon/plugins/eap_aka_3gpp/tests/tests.h @@ -0,0 +1,16 @@ +/* + * Copyright (C) 2018 Tobias Brunner + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +TEST_SUITE_DEPEND(test_vectors_suite_create, CRYPTER, ENCR_AES_CBC, 16) diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c index e38ee5b70..08f1e35cf 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h index eb6b1f75f..b0ef5a6e9 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c index cfe6407b0..a9371a095 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h index 2706da349..ce7ec3b4c 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_functions.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c index 3f9db71c6..d12a61d58 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h index 2ac450a7d..3a845ab2c 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c index f272e1ec8..478ae48f5 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h index 0e1af8554..6b7d5a9f0 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_dynamic/eap_dynamic.c b/src/libcharon/plugins/eap_dynamic/eap_dynamic.c index 204fb317d..32d21982b 100644 --- a/src/libcharon/plugins/eap_dynamic/eap_dynamic.c +++ b/src/libcharon/plugins/eap_dynamic/eap_dynamic.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_dynamic/eap_dynamic.h b/src/libcharon/plugins/eap_dynamic/eap_dynamic.h index 35db4fa26..c8be21288 100644 --- a/src/libcharon/plugins/eap_dynamic/eap_dynamic.h +++ b/src/libcharon/plugins/eap_dynamic/eap_dynamic.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.c b/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.c index d6f38b666..5812929fd 100644 --- a/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.c +++ b/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.h b/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.h index 9b124d8d2..30330c869 100644 --- a/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.h +++ b/src/libcharon/plugins/eap_dynamic/eap_dynamic_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc.c b/src/libcharon/plugins/eap_gtc/eap_gtc.c index 6f5c38edd..3434ef17b 100644 --- a/src/libcharon/plugins/eap_gtc/eap_gtc.c +++ b/src/libcharon/plugins/eap_gtc/eap_gtc.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2007-2012 Martin Willi * Copyright (C) 2012 revosec AG - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc.h b/src/libcharon/plugins/eap_gtc/eap_gtc.h index 4dac53cfb..19d2ed917 100644 --- a/src/libcharon/plugins/eap_gtc/eap_gtc.h +++ b/src/libcharon/plugins/eap_gtc/eap_gtc.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c index d579eaa5a..c3122148e 100644 --- a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c +++ b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.h b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.h index 9c4052a6d..5c25bba9b 100644 --- a/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.h +++ b/src/libcharon/plugins/eap_gtc/eap_gtc_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_identity/eap_identity.c b/src/libcharon/plugins/eap_identity/eap_identity.c index 7d6dc4add..598956130 100644 --- a/src/libcharon/plugins/eap_identity/eap_identity.c +++ b/src/libcharon/plugins/eap_identity/eap_identity.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_identity/eap_identity.h b/src/libcharon/plugins/eap_identity/eap_identity.h index 4e7f6fd9d..82d70b511 100644 --- a/src/libcharon/plugins/eap_identity/eap_identity.h +++ b/src/libcharon/plugins/eap_identity/eap_identity.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_identity/eap_identity_plugin.c b/src/libcharon/plugins/eap_identity/eap_identity_plugin.c index b09e51568..828a06b65 100644 --- a/src/libcharon/plugins/eap_identity/eap_identity_plugin.c +++ b/src/libcharon/plugins/eap_identity/eap_identity_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_identity/eap_identity_plugin.h b/src/libcharon/plugins/eap_identity/eap_identity_plugin.h index 274156a1b..bbf743518 100644 --- a/src/libcharon/plugins/eap_identity/eap_identity_plugin.h +++ b/src/libcharon/plugins/eap_identity/eap_identity_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_md5/eap_md5.c b/src/libcharon/plugins/eap_md5/eap_md5.c index 2cb0db466..ab5f7ff6a 100644 --- a/src/libcharon/plugins/eap_md5/eap_md5.c +++ b/src/libcharon/plugins/eap_md5/eap_md5.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_md5/eap_md5.h b/src/libcharon/plugins/eap_md5/eap_md5.h index 5396535e1..a5e3544d8 100644 --- a/src/libcharon/plugins/eap_md5/eap_md5.h +++ b/src/libcharon/plugins/eap_md5/eap_md5.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_md5/eap_md5_plugin.c b/src/libcharon/plugins/eap_md5/eap_md5_plugin.c index d045e02bf..9239d9c1d 100644 --- a/src/libcharon/plugins/eap_md5/eap_md5_plugin.c +++ b/src/libcharon/plugins/eap_md5/eap_md5_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_md5/eap_md5_plugin.h b/src/libcharon/plugins/eap_md5/eap_md5_plugin.h index e5e1a6e94..166cca31b 100644 --- a/src/libcharon/plugins/eap_md5/eap_md5_plugin.h +++ b/src/libcharon/plugins/eap_md5/eap_md5_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c index 12f61f7f8..f864037a1 100644 --- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c +++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009-2015 Tobias Brunner * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.h b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.h index 0e7abc397..715fd5e84 100644 --- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.h +++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.c index 6fd96708a..627c20e46 100644 --- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.c +++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.h b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.h index f250a9d47..6e7a610ab 100644 --- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.h +++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap.c b/src/libcharon/plugins/eap_peap/eap_peap.c index 4778a0977..073af8dc0 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap.c +++ b/src/libcharon/plugins/eap_peap/eap_peap.c @@ -1,6 +1,9 @@ /* - * Copyright (C) 2010 Martin Willi, revosec AG - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2010 Martin Willi + * Copyright (C) 2010 revosec AG + * + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap.h b/src/libcharon/plugins/eap_peap/eap_peap.h index 2756ad3e6..f8131b4bd 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap.h +++ b/src/libcharon/plugins/eap_peap/eap_peap.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_avp.c b/src/libcharon/plugins/eap_peap/eap_peap_avp.c index d5ce5fbc1..4318c166e 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_avp.c +++ b/src/libcharon/plugins/eap_peap/eap_peap_avp.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_avp.h b/src/libcharon/plugins/eap_peap/eap_peap_avp.h index cc5930b62..622a35adc 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_avp.h +++ b/src/libcharon/plugins/eap_peap/eap_peap_avp.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_peer.c b/src/libcharon/plugins/eap_peap/eap_peap_peer.c index 2668ac432..41d13b646 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_peer.c +++ b/src/libcharon/plugins/eap_peap/eap_peap_peer.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_peer.h b/src/libcharon/plugins/eap_peap/eap_peap_peer.h index 196d4e2c4..4eda660b1 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_peer.h +++ b/src/libcharon/plugins/eap_peap/eap_peap_peer.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_plugin.c b/src/libcharon/plugins/eap_peap/eap_peap_plugin.c index e8deee9e1..523eeeeee 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_plugin.c +++ b/src/libcharon/plugins/eap_peap/eap_peap_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_plugin.h b/src/libcharon/plugins/eap_peap/eap_peap_plugin.h index 0c3c571ef..bbfafaffd 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_plugin.h +++ b/src/libcharon/plugins/eap_peap/eap_peap_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_server.c b/src/libcharon/plugins/eap_peap/eap_peap_server.c index d51d0d090..e5c7becf9 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_server.c +++ b/src/libcharon/plugins/eap_peap/eap_peap_server.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_peap/eap_peap_server.h b/src/libcharon/plugins/eap_peap/eap_peap_server.h index 4585a622a..12c5b78f4 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_server.h +++ b/src/libcharon/plugins/eap_peap/eap_peap_server.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Andreas Steffen - * Copyright (C) 2011 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_radius/eap_radius.h b/src/libcharon/plugins/eap_radius/eap_radius.h index ce583ac44..0f0078e71 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius.h +++ b/src/libcharon/plugins/eap_radius/eap_radius.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_radius/eap_radius_forward.h b/src/libcharon/plugins/eap_radius/eap_radius_forward.h index 2c1dbf7a8..fc50d0d1a 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_forward.h +++ b/src/libcharon/plugins/eap_radius/eap_radius_forward.h @@ -58,7 +58,7 @@ void eap_radius_forward_from_ike(radius_message_t *request); /** * Forward RADIUS attributes from a RADIUS response to IKE notifies. * - * @param response RADIUS respose to read notifies from + * @param response RADIUS response to read notifies from */ void eap_radius_forward_to_ike(radius_message_t *response); diff --git a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c index 4fe982849..947681768 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_radius/eap_radius_plugin.h b/src/libcharon/plugins/eap_radius/eap_radius_plugin.h index 80fa209d6..86c23992f 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_plugin.h +++ b/src/libcharon/plugins/eap_radius/eap_radius_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -34,7 +34,7 @@ typedef struct eap_radius_plugin_t eap_radius_plugin_t; /** * EAP RADIUS proxy plugin. * - * This plugin provides not a single EAP method, but a proxy to forwared + * This plugin provides not a single EAP method, but a proxy to forward * EAP packets to a RADIUS server. It only provides server implementations. */ struct eap_radius_plugin_t { diff --git a/src/libcharon/plugins/eap_sim/eap_sim_peer.c b/src/libcharon/plugins/eap_sim/eap_sim_peer.c index 37f8a879e..cff8de217 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_peer.c +++ b/src/libcharon/plugins/eap_sim/eap_sim_peer.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim/eap_sim_peer.h b/src/libcharon/plugins/eap_sim/eap_sim_peer.h index 38315b75a..e6c9f72cb 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_peer.h +++ b/src/libcharon/plugins/eap_sim/eap_sim_peer.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim/eap_sim_plugin.c b/src/libcharon/plugins/eap_sim/eap_sim_plugin.c index 5bc0af6bd..ceddc6fe2 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_plugin.c +++ b/src/libcharon/plugins/eap_sim/eap_sim_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim/eap_sim_plugin.h b/src/libcharon/plugins/eap_sim/eap_sim_plugin.h index 0c71ca548..1a67290f0 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_plugin.h +++ b/src/libcharon/plugins/eap_sim/eap_sim_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim/eap_sim_server.c b/src/libcharon/plugins/eap_sim/eap_sim_server.c index 3b413cfc6..e463512ff 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_server.c +++ b/src/libcharon/plugins/eap_sim/eap_sim_server.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim/eap_sim_server.h b/src/libcharon/plugins/eap_sim/eap_sim_server.h index 84408c43c..457ea526f 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_server.h +++ b/src/libcharon/plugins/eap_sim/eap_sim_server.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c index 0a6aec083..70a4275ce 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h index 45b0e51db..9004e328e 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_card.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c index eae76729c..684b49bf2 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h index f5083c72f..df93d1e68 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c index 4ca1eb93f..3fb722633 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h index 577345dbf..91331cbc4 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c index 03a60cfb1..1901f3a40 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h index 3fa0ea381..c5b649ac6 100644 --- a/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h +++ b/src/libcharon/plugins/eap_sim_file/eap_sim_file_triplets.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.h b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.h index 6c73a8cb9..d9adb9c25 100644 --- a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.h +++ b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_card.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.c b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.c index e2cc0e84f..069645f79 100644 --- a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.c +++ b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.h b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.h index 1992b2482..016fbe5b4 100644 --- a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.h +++ b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.c b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.c index 3c63e82a9..17cb43d0c 100644 --- a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.c +++ b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.h b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.h index 2dea516c3..4bd00b297 100644 --- a/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.h +++ b/src/libcharon/plugins/eap_simaka_pseudonym/eap_simaka_pseudonym_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c index 153ec0f0d..0e3713336 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c +++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h index 683de7559..8c6413bc3 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h +++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c index ab3ab2f4d..409f0c9ee 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c +++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.h b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.h index 80c8a1037..a0392831f 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.h +++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c index 543b5579b..dd33de96f 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c +++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h index bc6376d53..c95474e71 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h +++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc.h b/src/libcharon/plugins/eap_tnc/eap_tnc.h index d7ea9f4bb..b4c5dccff 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc.h +++ b/src/libcharon/plugins/eap_tnc/eap_tnc.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2012 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c b/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c index d0f79fa43..8d2f24be9 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c +++ b/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.h b/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.h index 97298eb5c..231188ff1 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.h +++ b/src/libcharon/plugins/eap_tnc/eap_tnc_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c index 9987c43d4..97dbe1890 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c @@ -1,6 +1,9 @@ /* - * Copyright (C) 2010 Martin Willi, revosec AG - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2010 Martin Willi + * Copyright (C) 2010 revosec AG + * + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.h b/src/libcharon/plugins/eap_ttls/eap_ttls.h index 84b1a2d19..3d1de3639 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls.h +++ b/src/libcharon/plugins/eap_ttls/eap_ttls.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c index f75e3e0a6..d228012b9 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.h b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.h index e56d92fc2..3a7f8597e 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.h +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c index be6a0812e..e06f5577f 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h index 31fc0d9db..88819d960 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.c b/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.c index 7ccbc9381..cfcb76fa7 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.h b/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.h index ca84ad7bb..379d08ef1 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.h +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_server.h b/src/libcharon/plugins/eap_ttls/eap_ttls_server.h index a66a813ec..aa35ed8ed 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_server.h +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_server.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/forecast/forecast_listener.c b/src/libcharon/plugins/forecast/forecast_listener.c index 4585731de..b928cad35 100644 --- a/src/libcharon/plugins/forecast/forecast_listener.c +++ b/src/libcharon/plugins/forecast/forecast_listener.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010-2014 Martin Willi * Copyright (C) 2010-2014 revosec AG diff --git a/src/libcharon/plugins/ha/ha_child.c b/src/libcharon/plugins/ha/ha_child.c index 8c9f66aa7..47a26592a 100644 --- a/src/libcharon/plugins/ha/ha_child.c +++ b/src/libcharon/plugins/ha/ha_child.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_child.h b/src/libcharon/plugins/ha/ha_child.h index 56cd769ba..9ee1af38f 100644 --- a/src/libcharon/plugins/ha/ha_child.h +++ b/src/libcharon/plugins/ha/ha_child.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_ctl.c b/src/libcharon/plugins/ha/ha_ctl.c index 54302e852..2bb6073bc 100644 --- a/src/libcharon/plugins/ha/ha_ctl.c +++ b/src/libcharon/plugins/ha/ha_ctl.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_ctl.h b/src/libcharon/plugins/ha/ha_ctl.h index 1e717832a..af69865d1 100644 --- a/src/libcharon/plugins/ha/ha_ctl.h +++ b/src/libcharon/plugins/ha/ha_ctl.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index 7d22257c6..4e3803892 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_dispatcher.h b/src/libcharon/plugins/ha/ha_dispatcher.h index 105a40473..60d71a825 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.h +++ b/src/libcharon/plugins/ha/ha_dispatcher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c index fb8d22915..2854ab76d 100644 --- a/src/libcharon/plugins/ha/ha_ike.c +++ b/src/libcharon/plugins/ha/ha_ike.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_ike.h b/src/libcharon/plugins/ha/ha_ike.h index b22cd6250..7f500414f 100644 --- a/src/libcharon/plugins/ha/ha_ike.h +++ b/src/libcharon/plugins/ha/ha_ike.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_kernel.c b/src/libcharon/plugins/ha/ha_kernel.c index 061741eb7..7fdcfef28 100644 --- a/src/libcharon/plugins/ha/ha_kernel.c +++ b/src/libcharon/plugins/ha/ha_kernel.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_kernel.h b/src/libcharon/plugins/ha/ha_kernel.h index bd0a3825b..269a871db 100644 --- a/src/libcharon/plugins/ha/ha_kernel.h +++ b/src/libcharon/plugins/ha/ha_kernel.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_message.c b/src/libcharon/plugins/ha/ha_message.c index 5f73b7156..7891b1654 100644 --- a/src/libcharon/plugins/ha/ha_message.c +++ b/src/libcharon/plugins/ha/ha_message.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -320,7 +320,7 @@ METHOD(ha_message_t, add_attribute, void, * Attribute enumerator implementation */ typedef struct { - /** implementes enumerator_t */ + /** implements enumerator_t */ enumerator_t public; /** position in message */ chunk_t buf; diff --git a/src/libcharon/plugins/ha/ha_message.h b/src/libcharon/plugins/ha/ha_message.h index 630c8af8f..3e43dc8dc 100644 --- a/src/libcharon/plugins/ha/ha_message.h +++ b/src/libcharon/plugins/ha/ha_message.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_plugin.c b/src/libcharon/plugins/ha/ha_plugin.c index 037b69bac..986e611ab 100644 --- a/src/libcharon/plugins/ha/ha_plugin.c +++ b/src/libcharon/plugins/ha/ha_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_plugin.h b/src/libcharon/plugins/ha/ha_plugin.h index d4d746f91..98a1440f4 100644 --- a/src/libcharon/plugins/ha/ha_plugin.h +++ b/src/libcharon/plugins/ha/ha_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_segments.c b/src/libcharon/plugins/ha/ha_segments.c index fc7d7a8b4..0a407f9ef 100644 --- a/src/libcharon/plugins/ha/ha_segments.c +++ b/src/libcharon/plugins/ha/ha_segments.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_segments.h b/src/libcharon/plugins/ha/ha_segments.h index 31d47e371..10d5812c6 100644 --- a/src/libcharon/plugins/ha/ha_segments.h +++ b/src/libcharon/plugins/ha/ha_segments.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_socket.h b/src/libcharon/plugins/ha/ha_socket.h index a4789a51d..96547a563 100644 --- a/src/libcharon/plugins/ha/ha_socket.h +++ b/src/libcharon/plugins/ha/ha_socket.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c index 1a6108ed9..cfa896e93 100644 --- a/src/libcharon/plugins/ha/ha_tunnel.c +++ b/src/libcharon/plugins/ha/ha_tunnel.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -20,6 +20,8 @@ #include #include +#define HA_CFG_NAME "ha" + typedef struct private_ha_tunnel_t private_ha_tunnel_t; typedef struct ha_backend_t ha_backend_t; typedef struct ha_creds_t ha_creds_t; @@ -225,7 +227,7 @@ static void setup_tunnel(private_ha_tunnel_t *this, remote, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE)); - peer_cfg = peer_cfg_create("ha", ike_cfg, &peer); + peer_cfg = peer_cfg_create(HA_CFG_NAME, ike_cfg, &peer); auth_cfg = auth_cfg_create(); auth_cfg->add(auth_cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK); @@ -239,7 +241,7 @@ static void setup_tunnel(private_ha_tunnel_t *this, identification_create_from_string(remote)); peer_cfg->add_auth_cfg(peer_cfg, auth_cfg, FALSE); - child_cfg = child_cfg_create("ha", &child); + child_cfg = child_cfg_create(HA_CFG_NAME, &child); ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_PORT, HA_PORT); child_cfg->add_traffic_selector(child_cfg, TRUE, ts); ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535); @@ -260,7 +262,7 @@ static void setup_tunnel(private_ha_tunnel_t *this, charon->backends->add_backend(charon->backends, &this->backend.public); /* install an acquiring trap */ - this->trap = charon->traps->install(charon->traps, peer_cfg, child_cfg, 0); + charon->traps->install(charon->traps, peer_cfg, child_cfg); } METHOD(ha_tunnel_t, destroy, void, @@ -278,10 +280,7 @@ METHOD(ha_tunnel_t, destroy, void, } this->creds.local->destroy(this->creds.local); this->creds.remote->destroy(this->creds.remote); - if (this->trap) - { - charon->traps->uninstall(charon->traps, this->trap); - } + charon->traps->uninstall(charon->traps, HA_CFG_NAME, HA_CFG_NAME); free(this); } diff --git a/src/libcharon/plugins/ha/ha_tunnel.h b/src/libcharon/plugins/ha/ha_tunnel.h index 549e33055..ded15f107 100644 --- a/src/libcharon/plugins/ha/ha_tunnel.h +++ b/src/libcharon/plugins/ha/ha_tunnel.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ipseckey/ipseckey.c b/src/libcharon/plugins/ipseckey/ipseckey.c index 5ca1e27bc..9f85e036d 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey.c +++ b/src/libcharon/plugins/ipseckey/ipseckey.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ipseckey/ipseckey.h b/src/libcharon/plugins/ipseckey/ipseckey.h index b19ec8920..c47921dd4 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey.h +++ b/src/libcharon/plugins/ipseckey/ipseckey.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ipseckey/ipseckey_cred.c b/src/libcharon/plugins/ipseckey/ipseckey_cred.c index b3ac2b328..d9f84e93a 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey_cred.c +++ b/src/libcharon/plugins/ipseckey/ipseckey_cred.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ipseckey/ipseckey_cred.h b/src/libcharon/plugins/ipseckey/ipseckey_cred.h index f0f52fd6a..05a2d2d66 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey_cred.h +++ b/src/libcharon/plugins/ipseckey/ipseckey_cred.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ipseckey/ipseckey_plugin.c b/src/libcharon/plugins/ipseckey/ipseckey_plugin.c index 9f00abe8b..ce973daae 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey_plugin.c +++ b/src/libcharon/plugins/ipseckey/ipseckey_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/ipseckey/ipseckey_plugin.h b/src/libcharon/plugins/ipseckey/ipseckey_plugin.h index 95acc79dd..f53b3459c 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey_plugin.h +++ b/src/libcharon/plugins/ipseckey/ipseckey_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c index d4832e233..6c2d22304 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.h b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.h index 0a4936706..2f726f8dd 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.h +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c index e3b688dd6..ba6be052f 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.h b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.h index a14426b4e..f5bf0c254 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.h +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.c index 66141ad56..684d282ac 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.c +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.h b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.h index 7b2f3c6c5..9a82a8ff6 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.h +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_router.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c index 4e79dfced..4926c3de8 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2017 Tobias Brunner + * Copyright (C) 2006-2018 Tobias Brunner * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2008-2016 Andreas Steffen * Copyright (C) 2006-2007 Fabian Hartmann, Noah Heusser @@ -17,16 +17,40 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. */ +/* + * Copyright (C) 2018 Mellanox Technologies. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ #define _GNU_SOURCE #include #include +#include #include #include #include #include #include #include +#include +#include #include #include #include @@ -236,6 +260,27 @@ static kernel_algorithm_t compression_algs[] = { {IPCOMP_LZJH, "lzjh" }, }; +/** + * IPsec HW offload state in kernel + */ +typedef enum { + NL_OFFLOAD_UNKNOWN, + NL_OFFLOAD_UNSUPPORTED, + NL_OFFLOAD_SUPPORTED +} nl_offload_state_t; + +/** + * Global metadata used for IPsec HW offload + */ +static struct { + /** bit in feature set */ + u_int bit; + /** total number of device feature blocks */ + u_int total_blocks; + /** determined HW offload state */ + nl_offload_state_t state; +} netlink_hw_offload; + /** * Look up a kernel algorithm name and its key size */ @@ -1290,6 +1335,193 @@ static bool add_mark(struct nlmsghdr *hdr, int buflen, mark_t mark) return TRUE; } +/** + * Check if kernel supports HW offload + */ +static void netlink_find_offload_feature(const char *ifname, int query_socket) +{ + struct ethtool_sset_info *sset_info; + struct ethtool_gstrings *cmd = NULL; + struct ifreq ifr; + uint32_t sset_len, i; + char *str; + int err; + + netlink_hw_offload.state = NL_OFFLOAD_UNSUPPORTED; + + /* determine number of device features */ + INIT_EXTRA(sset_info, sizeof(uint32_t), + .cmd = ETHTOOL_GSSET_INFO, + .sset_mask = 1ULL << ETH_SS_FEATURES, + ); + strncpy(ifr.ifr_name, ifname, IFNAMSIZ); + ifr.ifr_name[IFNAMSIZ-1] = '\0'; + ifr.ifr_data = (void*)sset_info; + + err = ioctl(query_socket, SIOCETHTOOL, &ifr); + if (err || sset_info->sset_mask != 1ULL << ETH_SS_FEATURES) + { + goto out; + } + sset_len = sset_info->data[0]; + + /* retrieve names of device features */ + INIT_EXTRA(cmd, ETH_GSTRING_LEN * sset_len, + .cmd = ETHTOOL_GSTRINGS, + .string_set = ETH_SS_FEATURES, + ); + strncpy(ifr.ifr_name, ifname, IFNAMSIZ); + ifr.ifr_name[IFNAMSIZ-1] = '\0'; + ifr.ifr_data = (void*)cmd; + + err = ioctl(query_socket, SIOCETHTOOL, &ifr); + if (err) + { + goto out; + } + + /* look for the ESP_HW feature bit */ + str = (char*)cmd->data; + for (i = 0; i < cmd->len; i++) + { + if (strneq(str, "esp-hw-offload", ETH_GSTRING_LEN)) + { + netlink_hw_offload.bit = i; + netlink_hw_offload.total_blocks = (sset_len + 31) / 32; + netlink_hw_offload.state = NL_OFFLOAD_SUPPORTED; + break; + } + str += ETH_GSTRING_LEN; + } + +out: + free(sset_info); + free(cmd); +} + +/** + * Check if interface supported HW offload + */ +static bool netlink_detect_offload(const char *ifname) +{ + struct ethtool_gfeatures *cmd; + uint32_t feature_bit; + struct ifreq ifr; + int query_socket; + int block; + bool ret = FALSE; + + query_socket = socket(AF_NETLINK, SOCK_DGRAM, NETLINK_XFRM); + if (query_socket < 0) + { + return FALSE; + } + + /* kernel requires a real interface in order to query the kernel-wide + * capability, so we do it here on first invocation. + */ + if (netlink_hw_offload.state == NL_OFFLOAD_UNKNOWN) + { + netlink_find_offload_feature(ifname, query_socket); + } + if (netlink_hw_offload.state == NL_OFFLOAD_UNSUPPORTED) + { + DBG1(DBG_KNL, "HW offload is not supported by kernel"); + goto out; + } + + /* feature is supported by kernel, query device features */ + INIT_EXTRA(cmd, sizeof(cmd->features[0]) * netlink_hw_offload.total_blocks, + .cmd = ETHTOOL_GFEATURES, + .size = netlink_hw_offload.total_blocks, + ); + strncpy(ifr.ifr_name, ifname, IFNAMSIZ); + ifr.ifr_name[IFNAMSIZ-1] = '\0'; + ifr.ifr_data = (void*)cmd; + + if (ioctl(query_socket, SIOCETHTOOL, &ifr)) + { + goto out_free; + } + + block = netlink_hw_offload.bit / 32; + feature_bit = 1U << (netlink_hw_offload.bit % 32); + if (cmd->features[block].active & feature_bit) + { + ret = TRUE; + } + +out_free: + free(cmd); + if (!ret) + { + DBG1(DBG_KNL, "HW offload is not supported by device"); + } +out: + close(query_socket); + return ret; +} + +/** + * There are 3 HW offload configuration values: + * 1. HW_OFFLOAD_NO : Do not configure HW offload. + * 2. HW_OFFLOAD_YES : Configure HW offload. + * Fail SA addition if offload is not supported. + * 3. HW_OFFLOAD_AUTO : Configure HW offload if supported by the kernel + * and device. + * Do not fail SA addition otherwise. + */ +static bool config_hw_offload(kernel_ipsec_sa_id_t *id, + kernel_ipsec_add_sa_t *data, struct nlmsghdr *hdr, + int buflen) +{ + host_t *local = data->inbound ? id->dst : id->src; + struct xfrm_user_offload *offload; + bool hw_offload_yes, ret = FALSE; + char *ifname; + + /* do Ipsec configuration without offload */ + if (data->hw_offload == HW_OFFLOAD_NO) + { + return TRUE; + } + + hw_offload_yes = (data->hw_offload == HW_OFFLOAD_YES); + + if (!charon->kernel->get_interface(charon->kernel, local, &ifname)) + { + return !hw_offload_yes; + } + + /* check if interface supports hw_offload */ + if (!netlink_detect_offload(ifname)) + { + ret = !hw_offload_yes; + goto out; + } + + /* activate HW offload */ + offload = netlink_reserve(hdr, buflen, + XFRMA_OFFLOAD_DEV, sizeof(*offload)); + if (!offload) + { + ret = !hw_offload_yes; + goto out; + } + offload->ifindex = if_nametoindex(ifname); + if (local->get_family(local) == AF_INET6) + { + offload->flags |= XFRM_OFFLOAD_IPV6; + } + offload->flags |= data->inbound ? XFRM_OFFLOAD_INBOUND : 0; + + ret = TRUE; + +out: + free(ifname); + return ret; +} + METHOD(kernel_ipsec_t, add_sa, status_t, private_kernel_netlink_ipsec_t *this, kernel_ipsec_sa_id_t *id, kernel_ipsec_add_sa_t *data) @@ -1650,30 +1882,12 @@ METHOD(kernel_ipsec_t, add_sa, status_t, data->replay_window); sa->replay_window = data->replay_window; } - if (data->hw_offload) - { - host_t *local = data->inbound ? id->dst : id->src; - char *ifname; - if (charon->kernel->get_interface(charon->kernel, local, &ifname)) - { - struct xfrm_user_offload *offload; - - offload = netlink_reserve(hdr, sizeof(request), - XFRMA_OFFLOAD_DEV, sizeof(*offload)); - if (!offload) - { - free(ifname); - goto failed; - } - offload->ifindex = if_nametoindex(ifname); - if (local->get_family(local) == AF_INET6) - { - offload->flags |= XFRM_OFFLOAD_IPV6; - } - offload->flags |= data->inbound ? XFRM_OFFLOAD_INBOUND : 0; - free(ifname); - } + DBG2(DBG_KNL, " HW offload: %N", hw_offload_names, data->hw_offload); + if (!config_hw_offload(id, data, hdr, sizeof(request))) + { + DBG1(DBG_KNL, "failed to configure HW offload"); + goto failed; } } diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h index 3a45cce06..bafdea0b9 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c index c3f92f500..b6eb54370 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c @@ -1797,7 +1797,7 @@ static void rt_entry_destroy(rt_entry_t *this) /** * Check if the route received with RTM_NEWROUTE is usable based on its type. */ -static bool route_usable(struct nlmsghdr *hdr) +static bool route_usable(struct nlmsghdr *hdr, bool allow_local) { struct rtmsg *msg; @@ -1809,6 +1809,8 @@ static bool route_usable(struct nlmsghdr *hdr) case RTN_PROHIBIT: case RTN_THROW: return FALSE; + case RTN_LOCAL: + return allow_local; default: return TRUE; } @@ -1832,15 +1834,11 @@ static rt_entry_t *parse_route(struct nlmsghdr *hdr, rt_entry_t *route) if (route) { - route->gtw = chunk_empty; - route->pref_src = chunk_empty; - route->dst = chunk_empty; - route->dst_len = msg->rtm_dst_len; - route->src = chunk_empty; - route->src_len = msg->rtm_src_len; - route->table = msg->rtm_table; - route->oif = 0; - route->priority = 0; + *route = (rt_entry_t){ + .dst_len = msg->rtm_dst_len, + .src_len = msg->rtm_src_len, + .table = msg->rtm_table, + }; } else { @@ -1988,7 +1986,7 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, rt_entry_t *other; uintptr_t table; - if (!route_usable(current)) + if (!route_usable(current, TRUE)) { continue; } @@ -2260,49 +2258,31 @@ METHOD(enumerator_t, enumerate_subnets, bool, break; case RTM_NEWROUTE: { - struct rtmsg *msg; - struct rtattr *rta; - size_t rtasize; - chunk_t dst = chunk_empty; - uint32_t oif = 0; + rt_entry_t route; - msg = NLMSG_DATA(this->current); - - if (!route_usable(this->current)) + if (!route_usable(this->current, FALSE)) { break; } - else if (msg->rtm_table && ( - msg->rtm_table == RT_TABLE_LOCAL || - msg->rtm_table == this->private->routing_table)) + parse_route(this->current, &route); + + if (route.table && ( + route.table == RT_TABLE_LOCAL || + route.table == this->private->routing_table)) { /* ignore our own and the local routing tables */ break; } - - rta = RTM_RTA(msg); - rtasize = RTM_PAYLOAD(this->current); - while (RTA_OK(rta, rtasize)) - { - switch (rta->rta_type) - { - case RTA_DST: - dst = chunk_create(RTA_DATA(rta), RTA_PAYLOAD(rta)); - break; - case RTA_OIF: - if (RTA_PAYLOAD(rta) == sizeof(oif)) - { - oif = *(uint32_t*)RTA_DATA(rta); - } - break; - } - rta = RTA_NEXT(rta, rtasize); + else if (route.gtw.ptr) + { /* ignore routes via gateway/next hop */ + break; } - if (dst.ptr && oif && if_indextoname(oif, this->ifname)) + if (route.dst.ptr && route.oif && + if_indextoname(route.oif, this->ifname)) { - this->net = host_create_from_chunk(msg->rtm_family, dst, 0); + this->net = host_create_from_chunk(AF_UNSPEC, route.dst, 0); *net = this->net; - *mask = msg->rtm_dst_len; + *mask = route.dst_len; *ifname = this->ifname; return TRUE; } @@ -2669,31 +2649,89 @@ static status_t manage_srcroute(private_kernel_netlink_net_t *this, return this->socket->send_ack(this->socket, hdr); } +/** + * Helper struct used to check routes + */ +typedef struct { + /** the entry we look for */ + route_entry_t route; + /** kernel interface */ + private_kernel_netlink_net_t *this; +} route_entry_lookup_t; + +/** + * Check if a matching route entry has a VIP associated + */ +static bool route_with_vip(route_entry_lookup_t *a, route_entry_t *b) +{ + if (chunk_equals(a->route.dst_net, b->dst_net) && + a->route.prefixlen == b->prefixlen && + is_known_vip(a->this, b->src_ip)) + { + return TRUE; + } + return FALSE; +} + +/** + * Check if there is any route entry with a matching destination + */ +static bool route_with_dst(route_entry_lookup_t *a, route_entry_t *b) +{ + if (chunk_equals(a->route.dst_net, b->dst_net) && + a->route.prefixlen == b->prefixlen) + { + return TRUE; + } + return FALSE; +} + METHOD(kernel_net_t, add_route, status_t, private_kernel_netlink_net_t *this, chunk_t dst_net, uint8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name) { status_t status; - route_entry_t *found, route = { - .dst_net = dst_net, - .prefixlen = prefixlen, - .gateway = gateway, - .src_ip = src_ip, - .if_name = if_name, + route_entry_t *found; + route_entry_lookup_t lookup = { + .route = { + .dst_net = dst_net, + .prefixlen = prefixlen, + .gateway = gateway, + .src_ip = src_ip, + .if_name = if_name, + }, + .this = this, }; this->routes_lock->lock(this->routes_lock); - found = this->routes->get(this->routes, &route); + found = this->routes->get(this->routes, &lookup.route); if (found) { this->routes_lock->unlock(this->routes_lock); return ALREADY_DONE; } - status = manage_srcroute(this, RTM_NEWROUTE, NLM_F_CREATE | NLM_F_EXCL, - dst_net, prefixlen, gateway, src_ip, if_name); + + /* don't replace the route if we already have one with a VIP installed, + * but keep track of it in case that other route is uninstalled */ + this->lock->read_lock(this->lock); + if (!is_known_vip(this, src_ip)) + { + found = this->routes->get_match(this->routes, &lookup, + (void*)route_with_vip); + } + this->lock->unlock(this->lock); + if (found) + { + status = SUCCESS; + } + else + { + status = manage_srcroute(this, RTM_NEWROUTE, NLM_F_CREATE|NLM_F_REPLACE, + dst_net, prefixlen, gateway, src_ip, if_name); + } if (status == SUCCESS) { - found = route_entry_clone(&route); + found = route_entry_clone(&lookup.route); this->routes->put(this->routes, found, found); } this->routes_lock->unlock(this->routes_lock); @@ -2705,25 +2743,49 @@ METHOD(kernel_net_t, del_route, status_t, host_t *gateway, host_t *src_ip, char *if_name) { status_t status; - route_entry_t *found, route = { - .dst_net = dst_net, - .prefixlen = prefixlen, - .gateway = gateway, - .src_ip = src_ip, - .if_name = if_name, + route_entry_t *found; + route_entry_lookup_t lookup = { + .route = { + .dst_net = dst_net, + .prefixlen = prefixlen, + .gateway = gateway, + .src_ip = src_ip, + .if_name = if_name, + }, + .this = this, }; this->routes_lock->lock(this->routes_lock); - found = this->routes->get(this->routes, &route); + found = this->routes->remove(this->routes, &lookup.route); if (!found) { this->routes_lock->unlock(this->routes_lock); return NOT_FOUND; } - this->routes->remove(this->routes, found); route_entry_destroy(found); - status = manage_srcroute(this, RTM_DELROUTE, 0, dst_net, prefixlen, - gateway, src_ip, if_name); + + /* check if there are any other routes for the same destination and if + * so update the route, otherwise uninstall it */ + this->lock->read_lock(this->lock); + found = this->routes->get_match(this->routes, &lookup, + (void*)route_with_vip); + this->lock->unlock(this->lock); + if (!found) + { + found = this->routes->get_match(this->routes, &lookup, + (void*)route_with_dst); + } + if (found) + { + status = manage_srcroute(this, RTM_NEWROUTE, NLM_F_CREATE|NLM_F_REPLACE, + found->dst_net, found->prefixlen, found->gateway, + found->src_ip, found->if_name); + } + else + { + status = manage_srcroute(this, RTM_DELROUTE, 0, dst_net, prefixlen, + gateway, src_ip, if_name); + } this->routes_lock->unlock(this->routes_lock); return status; } diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.h b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.h index ff9831d3c..862059c2b 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.h +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.c index 58350028f..5ab8924f4 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.h b/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.h index 74c9ae24f..f3b4ad785 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.h +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c index f3b5b1d4a..441c0c482 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c @@ -2,7 +2,7 @@ * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.h b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.h index b034326d7..7056e6ccc 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.h +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -32,7 +32,7 @@ /** * General purpose netlink buffer. * - * Some platforms require an enforced aligment to four bytes (e.g. ARM). + * Some platforms require an enforced alignment to four bytes (e.g. ARM). */ typedef union { struct nlmsghdr hdr; diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 79abe587a..80c484b47 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -219,6 +219,11 @@ struct private_kernel_pfkey_ipsec_t */ bool install_routes; + /** + * whether to install the route via internal interface + */ + bool route_via_internal; + /** * mutex to lock access to the PF_KEY socket */ @@ -2361,7 +2366,7 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this, /* if the IP is virtual, we install the route over the interface it has * been installed on. Otherwise we use the interface we use for IKE, as * this is required for example on Linux. */ - if (is_virtual) + if (is_virtual || this->route_via_internal) { free(route->if_name); route->if_name = NULL; @@ -3164,6 +3169,9 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create() .install_routes = lib->settings->get_bool(lib->settings, "%s.install_routes", TRUE, lib->ns), + .route_via_internal = lib->settings->get_bool(lib->settings, + "%s.plugins.kernel-pfkey.route_via_internal", + FALSE, lib->ns), ); if (streq(lib->ns, "starter")) diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.h b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.h index 649f93733..f52337eb7 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.h +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.c index d49fe2422..d860a7d12 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.c +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.h b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.h index ecccc6303..dd43f78f3 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.h +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c index e1f10e93f..0bbdb1bc3 100644 --- a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c +++ b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.h b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.h index 10c3c9eb7..16638ddd4 100644 --- a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.h +++ b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.c b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.c index acd834ba3..b3852e57f 100644 --- a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.c +++ b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.h b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.h index 50642a572..6202a114f 100644 --- a/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.h +++ b/src/libcharon/plugins/kernel_pfroute/kernel_pfroute_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c index 28421c212..78be45f68 100644 --- a/src/libcharon/plugins/load_tester/load_tester_config.c +++ b/src/libcharon/plugins/load_tester/load_tester_config.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -937,7 +937,6 @@ load_tester_config_t *load_tester_config_create() .leases = hashtable_create((hashtable_hash_t)hash, (hashtable_equals_t)equals, 256), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), - .num = 1, .unique_port = UNIQUE_PORT_START, ); diff --git a/src/libcharon/plugins/load_tester/load_tester_config.h b/src/libcharon/plugins/load_tester/load_tester_config.h index cfa4b1edc..f1cff7801 100644 --- a/src/libcharon/plugins/load_tester/load_tester_config.h +++ b/src/libcharon/plugins/load_tester/load_tester_config.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_creds.c b/src/libcharon/plugins/load_tester/load_tester_creds.c index 2cedd130e..29a2b83c8 100644 --- a/src/libcharon/plugins/load_tester/load_tester_creds.c +++ b/src/libcharon/plugins/load_tester/load_tester_creds.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_creds.h b/src/libcharon/plugins/load_tester/load_tester_creds.h index fb3541164..4007fcd6f 100644 --- a/src/libcharon/plugins/load_tester/load_tester_creds.h +++ b/src/libcharon/plugins/load_tester/load_tester_creds.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.c b/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.c index e1c7c0e0b..65378993c 100644 --- a/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.c +++ b/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.h b/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.h index 672157fb8..3be436944 100644 --- a/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.h +++ b/src/libcharon/plugins/load_tester/load_tester_diffie_hellman.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_ipsec.c b/src/libcharon/plugins/load_tester/load_tester_ipsec.c index 4e20c8f3a..63ff92b10 100644 --- a/src/libcharon/plugins/load_tester/load_tester_ipsec.c +++ b/src/libcharon/plugins/load_tester/load_tester_ipsec.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_ipsec.h b/src/libcharon/plugins/load_tester/load_tester_ipsec.h index 1e1bff84a..ceb373757 100644 --- a/src/libcharon/plugins/load_tester/load_tester_ipsec.h +++ b/src/libcharon/plugins/load_tester/load_tester_ipsec.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_listener.c b/src/libcharon/plugins/load_tester/load_tester_listener.c index 068020ef7..e8763b90c 100644 --- a/src/libcharon/plugins/load_tester/load_tester_listener.c +++ b/src/libcharon/plugins/load_tester/load_tester_listener.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_listener.h b/src/libcharon/plugins/load_tester/load_tester_listener.h index eba4afcf1..8c8562894 100644 --- a/src/libcharon/plugins/load_tester/load_tester_listener.h +++ b/src/libcharon/plugins/load_tester/load_tester_listener.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_plugin.c b/src/libcharon/plugins/load_tester/load_tester_plugin.c index 6cf3a909c..961c10406 100644 --- a/src/libcharon/plugins/load_tester/load_tester_plugin.c +++ b/src/libcharon/plugins/load_tester/load_tester_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/load_tester/load_tester_plugin.h b/src/libcharon/plugins/load_tester/load_tester_plugin.h index 15f2d1127..69e9764e7 100644 --- a/src/libcharon/plugins/load_tester/load_tester_plugin.h +++ b/src/libcharon/plugins/load_tester/load_tester_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c index f34990176..789c01bae 100644 --- a/src/libcharon/plugins/medcli/medcli_config.c +++ b/src/libcharon/plugins/medcli/medcli_config.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_config.h b/src/libcharon/plugins/medcli/medcli_config.h index 36c20adf7..e946737de 100644 --- a/src/libcharon/plugins/medcli/medcli_config.h +++ b/src/libcharon/plugins/medcli/medcli_config.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_creds.c b/src/libcharon/plugins/medcli/medcli_creds.c index 528fc004d..cde148e4f 100644 --- a/src/libcharon/plugins/medcli/medcli_creds.c +++ b/src/libcharon/plugins/medcli/medcli_creds.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_creds.h b/src/libcharon/plugins/medcli/medcli_creds.h index ec17955a2..b4dec76d1 100644 --- a/src/libcharon/plugins/medcli/medcli_creds.h +++ b/src/libcharon/plugins/medcli/medcli_creds.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_listener.c b/src/libcharon/plugins/medcli/medcli_listener.c index ba6b3d9d6..789e1ab2d 100644 --- a/src/libcharon/plugins/medcli/medcli_listener.c +++ b/src/libcharon/plugins/medcli/medcli_listener.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_listener.h b/src/libcharon/plugins/medcli/medcli_listener.h index 860dcdc60..96f9e61e5 100644 --- a/src/libcharon/plugins/medcli/medcli_listener.h +++ b/src/libcharon/plugins/medcli/medcli_listener.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_plugin.c b/src/libcharon/plugins/medcli/medcli_plugin.c index e6a8a8981..87cacedb6 100644 --- a/src/libcharon/plugins/medcli/medcli_plugin.c +++ b/src/libcharon/plugins/medcli/medcli_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medcli/medcli_plugin.h b/src/libcharon/plugins/medcli/medcli_plugin.h index 44e7bb525..dd5a2ba0f 100644 --- a/src/libcharon/plugins/medcli/medcli_plugin.h +++ b/src/libcharon/plugins/medcli/medcli_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medsrv/medsrv_config.c b/src/libcharon/plugins/medsrv/medsrv_config.c index be7f481b6..6068022b1 100644 --- a/src/libcharon/plugins/medsrv/medsrv_config.c +++ b/src/libcharon/plugins/medsrv/medsrv_config.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medsrv/medsrv_config.h b/src/libcharon/plugins/medsrv/medsrv_config.h index 03a41a7ce..45b298050 100644 --- a/src/libcharon/plugins/medsrv/medsrv_config.h +++ b/src/libcharon/plugins/medsrv/medsrv_config.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medsrv/medsrv_creds.c b/src/libcharon/plugins/medsrv/medsrv_creds.c index 16d4bd7f3..5a0ae5928 100644 --- a/src/libcharon/plugins/medsrv/medsrv_creds.c +++ b/src/libcharon/plugins/medsrv/medsrv_creds.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medsrv/medsrv_creds.h b/src/libcharon/plugins/medsrv/medsrv_creds.h index 08ecaa3f2..f09e704f3 100644 --- a/src/libcharon/plugins/medsrv/medsrv_creds.h +++ b/src/libcharon/plugins/medsrv/medsrv_creds.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medsrv/medsrv_plugin.c b/src/libcharon/plugins/medsrv/medsrv_plugin.c index fcc8502f8..7e08d3b9c 100644 --- a/src/libcharon/plugins/medsrv/medsrv_plugin.c +++ b/src/libcharon/plugins/medsrv/medsrv_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/medsrv/medsrv_plugin.h b/src/libcharon/plugins/medsrv/medsrv_plugin.h index 179fa3b3a..eebda2768 100644 --- a/src/libcharon/plugins/medsrv/medsrv_plugin.h +++ b/src/libcharon/plugins/medsrv/medsrv_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/p_cscf/p_cscf_handler.c b/src/libcharon/plugins/p_cscf/p_cscf_handler.c index cdf266054..2cfa95441 100644 --- a/src/libcharon/plugins/p_cscf/p_cscf_handler.c +++ b/src/libcharon/plugins/p_cscf/p_cscf_handler.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/p_cscf/p_cscf_handler.h b/src/libcharon/plugins/p_cscf/p_cscf_handler.h index ad4f1acce..ce03ba90f 100644 --- a/src/libcharon/plugins/p_cscf/p_cscf_handler.h +++ b/src/libcharon/plugins/p_cscf/p_cscf_handler.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/p_cscf/p_cscf_plugin.c b/src/libcharon/plugins/p_cscf/p_cscf_plugin.c index 8e2bc727e..a541d12a8 100644 --- a/src/libcharon/plugins/p_cscf/p_cscf_plugin.c +++ b/src/libcharon/plugins/p_cscf/p_cscf_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/p_cscf/p_cscf_plugin.h b/src/libcharon/plugins/p_cscf/p_cscf_plugin.h index 51b17674d..6ed076b61 100644 --- a/src/libcharon/plugins/p_cscf/p_cscf_plugin.h +++ b/src/libcharon/plugins/p_cscf/p_cscf_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/resolve/resolve_handler.h b/src/libcharon/plugins/resolve/resolve_handler.h index 77bf9781c..c2db84ff1 100644 --- a/src/libcharon/plugins/resolve/resolve_handler.h +++ b/src/libcharon/plugins/resolve/resolve_handler.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/resolve/resolve_plugin.c b/src/libcharon/plugins/resolve/resolve_plugin.c index 193c5b602..f10ae7540 100644 --- a/src/libcharon/plugins/resolve/resolve_plugin.c +++ b/src/libcharon/plugins/resolve/resolve_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/resolve/resolve_plugin.h b/src/libcharon/plugins/resolve/resolve_plugin.h index 0148b10d7..e23bb3c2e 100644 --- a/src/libcharon/plugins/resolve/resolve_plugin.h +++ b/src/libcharon/plugins/resolve/resolve_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/smp/smp.c b/src/libcharon/plugins/smp/smp.c index 56891b263..86296443d 100644 --- a/src/libcharon/plugins/smp/smp.c +++ b/src/libcharon/plugins/smp/smp.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -415,7 +415,7 @@ static void request_control_terminate(xmlTextReaderPtr reader, if (ike) { status = charon->controller->terminate_ike( - charon->controller, id, + charon->controller, id, FALSE, (controller_cb_t)xml_callback, writer, 0); } else diff --git a/src/libcharon/plugins/smp/smp.h b/src/libcharon/plugins/smp/smp.h index 74c85fb5f..f3916c8b9 100644 --- a/src/libcharon/plugins/smp/smp.h +++ b/src/libcharon/plugins/smp/smp.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/socket_default/socket_default_plugin.c b/src/libcharon/plugins/socket_default/socket_default_plugin.c index e89b74279..09b8faa0a 100644 --- a/src/libcharon/plugins/socket_default/socket_default_plugin.c +++ b/src/libcharon/plugins/socket_default/socket_default_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c index 109b3fe9b..57e092968 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.c +++ b/src/libcharon/plugins/socket_default/socket_default_socket.c @@ -3,7 +3,7 @@ * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/socket_dynamic/socket_dynamic_plugin.c b/src/libcharon/plugins/socket_dynamic/socket_dynamic_plugin.c index fdc9a7cf9..c5825dcf1 100644 --- a/src/libcharon/plugins/socket_dynamic/socket_dynamic_plugin.c +++ b/src/libcharon/plugins/socket_dynamic/socket_dynamic_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * diff --git a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c index ba92e10f2..f6ed615a7 100644 --- a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c +++ b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c @@ -3,7 +3,7 @@ * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2010 revosec AG * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libcharon/plugins/sql/sql_config.c b/src/libcharon/plugins/sql/sql_config.c index 86728515f..bb1ba71db 100644 --- a/src/libcharon/plugins/sql/sql_config.c +++ b/src/libcharon/plugins/sql/sql_config.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2006-2008 Martin Willi * Copyright (C) 2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_config.h b/src/libcharon/plugins/sql/sql_config.h index 700d00a97..e385ed88f 100644 --- a/src/libcharon/plugins/sql/sql_config.h +++ b/src/libcharon/plugins/sql/sql_config.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_cred.c b/src/libcharon/plugins/sql/sql_cred.c index 9ba0bf1c9..02608d1dc 100644 --- a/src/libcharon/plugins/sql/sql_cred.c +++ b/src/libcharon/plugins/sql/sql_cred.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_cred.h b/src/libcharon/plugins/sql/sql_cred.h index 7f387398e..697c981b2 100644 --- a/src/libcharon/plugins/sql/sql_cred.h +++ b/src/libcharon/plugins/sql/sql_cred.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_logger.c b/src/libcharon/plugins/sql/sql_logger.c index 46a894028..3b8d84987 100644 --- a/src/libcharon/plugins/sql/sql_logger.c +++ b/src/libcharon/plugins/sql/sql_logger.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_logger.h b/src/libcharon/plugins/sql/sql_logger.h index 62dc3f361..a43d726a8 100644 --- a/src/libcharon/plugins/sql/sql_logger.h +++ b/src/libcharon/plugins/sql/sql_logger.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_plugin.c b/src/libcharon/plugins/sql/sql_plugin.c index c5dd6e8b3..ba6091c5e 100644 --- a/src/libcharon/plugins/sql/sql_plugin.c +++ b/src/libcharon/plugins/sql/sql_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/sql/sql_plugin.h b/src/libcharon/plugins/sql/sql_plugin.h index c6f9ba905..175a0a16b 100644 --- a/src/libcharon/plugins/sql/sql_plugin.h +++ b/src/libcharon/plugins/sql/sql_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_attribute.c b/src/libcharon/plugins/stroke/stroke_attribute.c index 7835031c2..fff6a438f 100644 --- a/src/libcharon/plugins/stroke/stroke_attribute.c +++ b/src/libcharon/plugins/stroke/stroke_attribute.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_attribute.h b/src/libcharon/plugins/stroke/stroke_attribute.h index f1b9d135b..8c0ca2f32 100644 --- a/src/libcharon/plugins/stroke/stroke_attribute.h +++ b/src/libcharon/plugins/stroke/stroke_attribute.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_ca.c b/src/libcharon/plugins/stroke/stroke_ca.c index 4593e9bdc..0432ee573 100644 --- a/src/libcharon/plugins/stroke/stroke_ca.c +++ b/src/libcharon/plugins/stroke/stroke_ca.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2015 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_ca.h b/src/libcharon/plugins/stroke/stroke_ca.h index 2740006e2..064a7edec 100644 --- a/src/libcharon/plugins/stroke/stroke_ca.h +++ b/src/libcharon/plugins/stroke/stroke_ca.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2015 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index ca22c7f82..8cdb5ef48 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_config.h b/src/libcharon/plugins/stroke/stroke_config.h index 894e03ce4..fe02c9ac4 100644 --- a/src/libcharon/plugins/stroke/stroke_config.h +++ b/src/libcharon/plugins/stroke/stroke_config.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c index ee8306772..8d84b934e 100644 --- a/src/libcharon/plugins/stroke/stroke_control.c +++ b/src/libcharon/plugins/stroke/stroke_control.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013-2015 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -316,7 +316,8 @@ static void charon_terminate(private_stroke_control_t *this, uint32_t id, else { status = charon->controller->terminate_ike(charon->controller, id, - (controller_cb_t)stroke_log, &info, this->timeout); + FALSE, (controller_cb_t)stroke_log, &info, + this->timeout); } report_terminate_status(this, status, out, id, child); } @@ -327,7 +328,7 @@ static void charon_terminate(private_stroke_control_t *this, uint32_t id, } else { - charon->controller->terminate_ike(charon->controller, id, + charon->controller->terminate_ike(charon->controller, id, FALSE, NULL, NULL, 0); } } @@ -588,47 +589,6 @@ METHOD(stroke_control_t, purge_ike, void, list->destroy(list); } -/** - * Find an existing CHILD_SA/reqid - */ -static uint32_t find_reqid(child_cfg_t *child_cfg) -{ - enumerator_t *enumerator, *children; - child_sa_t *child_sa; - ike_sa_t *ike_sa; - char *name; - uint32_t reqid; - - reqid = charon->traps->find_reqid(charon->traps, child_cfg); - if (reqid) - { /* already trapped */ - return reqid; - } - - name = child_cfg->get_name(child_cfg); - enumerator = charon->controller->create_ike_sa_enumerator( - charon->controller, TRUE); - while (enumerator->enumerate(enumerator, &ike_sa)) - { - children = ike_sa->create_child_sa_enumerator(ike_sa); - while (children->enumerate(children, (void**)&child_sa)) - { - if (streq(name, child_sa->get_name(child_sa))) - { - reqid = child_sa->get_reqid(child_sa); - break; - } - } - children->destroy(children); - if (reqid) - { - break; - } - } - enumerator->destroy(enumerator); - return reqid; -} - /** * call charon to install a shunt or trap */ @@ -636,7 +596,6 @@ static void charon_route(peer_cfg_t *peer_cfg, child_cfg_t *child_cfg, char *name, FILE *out) { ipsec_mode_t mode; - uint32_t reqid; mode = child_cfg->get_mode(child_cfg); if (mode == MODE_PASS || mode == MODE_DROP) @@ -655,8 +614,7 @@ static void charon_route(peer_cfg_t *peer_cfg, child_cfg_t *child_cfg, } else { - reqid = find_reqid(child_cfg); - if (charon->traps->install(charon->traps, peer_cfg, child_cfg, reqid)) + if (charon->traps->install(charon->traps, peer_cfg, child_cfg)) { fprintf(out, "'%s' routed\n", name); } @@ -730,46 +688,13 @@ METHOD(stroke_control_t, route, void, METHOD(stroke_control_t, unroute, void, private_stroke_control_t *this, stroke_msg_t *msg, FILE *out) { - child_cfg_t *child_cfg; - child_sa_t *child_sa; - enumerator_t *enumerator; - char *ns, *found = NULL; - uint32_t id = 0; - - enumerator = charon->shunts->create_enumerator(charon->shunts); - while (enumerator->enumerate(enumerator, &ns, &child_cfg)) - { - if (ns && streq(msg->unroute.name, child_cfg->get_name(child_cfg))) - { - found = strdup(ns); - break; - } - } - enumerator->destroy(enumerator); - if (found && charon->shunts->uninstall(charon->shunts, found, - msg->unroute.name)) + if (charon->shunts->uninstall(charon->shunts, NULL, msg->unroute.name)) { - free(found); fprintf(out, "shunt policy '%s' uninstalled\n", msg->unroute.name); - return; - } - free(found); - - enumerator = charon->traps->create_enumerator(charon->traps); - while (enumerator->enumerate(enumerator, NULL, &child_sa)) - { - if (streq(msg->unroute.name, child_sa->get_name(child_sa))) - { - id = child_sa->get_reqid(child_sa); - break; - } } - enumerator->destroy(enumerator); - - if (id) + else if (charon->traps->uninstall(charon->traps, NULL, msg->unroute.name)) { - charon->traps->uninstall(charon->traps, id); - fprintf(out, "configuration '%s' unrouted\n", msg->unroute.name); + fprintf(out, "trap policy '%s' unrouted\n", msg->unroute.name); } else { diff --git a/src/libcharon/plugins/stroke/stroke_control.h b/src/libcharon/plugins/stroke/stroke_control.h index 869aab3d3..78f1f7594 100644 --- a/src/libcharon/plugins/stroke/stroke_control.h +++ b/src/libcharon/plugins/stroke/stroke_control.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_cred.h b/src/libcharon/plugins/stroke/stroke_cred.h index 33a0e3531..43801b206 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.h +++ b/src/libcharon/plugins/stroke/stroke_cred.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c index 2bed420be..d1bf139c2 100644 --- a/src/libcharon/plugins/stroke/stroke_list.c +++ b/src/libcharon/plugins/stroke/stroke_list.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil diff --git a/src/libcharon/plugins/stroke/stroke_list.h b/src/libcharon/plugins/stroke/stroke_list.h index a0d2d18cc..bf96e9969 100644 --- a/src/libcharon/plugins/stroke/stroke_list.h +++ b/src/libcharon/plugins/stroke/stroke_list.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_plugin.c b/src/libcharon/plugins/stroke/stroke_plugin.c index 0a34fb458..6249c73f2 100644 --- a/src/libcharon/plugins/stroke/stroke_plugin.c +++ b/src/libcharon/plugins/stroke/stroke_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_plugin.h b/src/libcharon/plugins/stroke/stroke_plugin.h index 464979910..9068b691c 100644 --- a/src/libcharon/plugins/stroke/stroke_plugin.h +++ b/src/libcharon/plugins/stroke/stroke_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c index c568440b7..1e7f210e9 100644 --- a/src/libcharon/plugins/stroke/stroke_socket.c +++ b/src/libcharon/plugins/stroke/stroke_socket.c @@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream) } return FALSE; } + if (len < offsetof(stroke_msg_t, buffer)) + { + DBG1(DBG_CFG, "invalid stroke message length %d", len); + return FALSE; + } /* read message (we need an additional byte to terminate the buffer) */ msg = malloc(len + 1); diff --git a/src/libcharon/plugins/stroke/stroke_socket.h b/src/libcharon/plugins/stroke/stroke_socket.h index 2aac8be9b..881d4f4e5 100644 --- a/src/libcharon/plugins/stroke/stroke_socket.h +++ b/src/libcharon/plugins/stroke/stroke_socket.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_config.c b/src/libcharon/plugins/uci/uci_config.c index dcd4ae348..5654fc51e 100644 --- a/src/libcharon/plugins/uci/uci_config.c +++ b/src/libcharon/plugins/uci/uci_config.c @@ -2,7 +2,7 @@ * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_config.h b/src/libcharon/plugins/uci/uci_config.h index 130f15d85..497c45357 100644 --- a/src/libcharon/plugins/uci/uci_config.h +++ b/src/libcharon/plugins/uci/uci_config.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Thomas Kallenberg - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_control.c b/src/libcharon/plugins/uci/uci_control.c index a7d26e67d..b6cfda082 100644 --- a/src/libcharon/plugins/uci/uci_control.c +++ b/src/libcharon/plugins/uci/uci_control.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -180,7 +180,7 @@ static void terminate(private_uci_control_t *this, char *name) { id = ike_sa->get_unique_id(ike_sa); enumerator->destroy(enumerator); - charon->controller->terminate_ike(charon->controller, id, + charon->controller->terminate_ike(charon->controller, id, FALSE, controller_cb_empty, NULL, 0); write_fifo(this, "connection '%s' terminated\n", name); return; diff --git a/src/libcharon/plugins/uci/uci_control.h b/src/libcharon/plugins/uci/uci_control.h index 794220aa1..8e98b57f8 100644 --- a/src/libcharon/plugins/uci/uci_control.h +++ b/src/libcharon/plugins/uci/uci_control.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Thomas Kallenberg - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_creds.c b/src/libcharon/plugins/uci/uci_creds.c index 404a3e39f..d73c94e0d 100644 --- a/src/libcharon/plugins/uci/uci_creds.c +++ b/src/libcharon/plugins/uci/uci_creds.c @@ -2,7 +2,7 @@ * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_creds.h b/src/libcharon/plugins/uci/uci_creds.h index a283ed9f5..597def002 100644 --- a/src/libcharon/plugins/uci/uci_creds.h +++ b/src/libcharon/plugins/uci/uci_creds.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Thomas Kallenberg - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_parser.c b/src/libcharon/plugins/uci/uci_parser.c index 283d93928..9fef34dad 100644 --- a/src/libcharon/plugins/uci/uci_parser.c +++ b/src/libcharon/plugins/uci/uci_parser.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Thomas Kallenberg - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_parser.h b/src/libcharon/plugins/uci/uci_parser.h index 230c35e86..810690d72 100644 --- a/src/libcharon/plugins/uci/uci_parser.h +++ b/src/libcharon/plugins/uci/uci_parser.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Thomas Kallenberg - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_plugin.c b/src/libcharon/plugins/uci/uci_plugin.c index cc0836b7a..daac4304c 100644 --- a/src/libcharon/plugins/uci/uci_plugin.c +++ b/src/libcharon/plugins/uci/uci_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Thomas Kallenberg - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/uci/uci_plugin.h b/src/libcharon/plugins/uci/uci_plugin.h index 980ab26fd..9c6e4397f 100644 --- a/src/libcharon/plugins/uci/uci_plugin.h +++ b/src/libcharon/plugins/uci/uci_plugin.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/unity/unity_handler.c b/src/libcharon/plugins/unity/unity_handler.c index 4a1478c6d..dcafb483b 100644 --- a/src/libcharon/plugins/unity/unity_handler.c +++ b/src/libcharon/plugins/unity/unity_handler.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG diff --git a/src/libcharon/plugins/unity/unity_narrow.c b/src/libcharon/plugins/unity/unity_narrow.c index 227d24be8..05ae8d504 100644 --- a/src/libcharon/plugins/unity/unity_narrow.c +++ b/src/libcharon/plugins/unity/unity_narrow.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG diff --git a/src/libcharon/plugins/unity/unity_provider.c b/src/libcharon/plugins/unity/unity_provider.c index b6a55648e..b52ffeeb1 100644 --- a/src/libcharon/plugins/unity/unity_provider.c +++ b/src/libcharon/plugins/unity/unity_provider.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG diff --git a/src/libcharon/plugins/updown/updown_listener.h b/src/libcharon/plugins/updown/updown_listener.h index 2d9b56ade..a25b77283 100644 --- a/src/libcharon/plugins/updown/updown_listener.h +++ b/src/libcharon/plugins/updown/updown_listener.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/updown/updown_plugin.c b/src/libcharon/plugins/updown/updown_plugin.c index 60ecfcce6..672b99c0f 100644 --- a/src/libcharon/plugins/updown/updown_plugin.c +++ b/src/libcharon/plugins/updown/updown_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/updown/updown_plugin.h b/src/libcharon/plugins/updown/updown_plugin.h index abcb953a0..27fe0e77b 100644 --- a/src/libcharon/plugins/updown/updown_plugin.h +++ b/src/libcharon/plugins/updown/updown_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md index 49cce379d..0038f0844 100644 --- a/src/libcharon/plugins/vici/README.md +++ b/src/libcharon/plugins/vici/README.md @@ -279,7 +279,9 @@ Terminates an SA while streaming _control-log_ events. ike = child-id = ike-id = - timeout = + force = + timeout = loglevel = } => { success = diff --git a/src/libcharon/plugins/vici/perl/Vici-Session/lib/Vici/Transport.pm b/src/libcharon/plugins/vici/perl/Vici-Session/lib/Vici/Transport.pm index 6524bf76d..b0a7b6285 100644 --- a/src/libcharon/plugins/vici/perl/Vici-Session/lib/Vici/Transport.pm +++ b/src/libcharon/plugins/vici/perl/Vici-Session/lib/Vici/Transport.pm @@ -22,12 +22,27 @@ sub send { sub receive { my $self = shift; my $packet_header; - my $data; - $self->{'Socket'}->recv($packet_header, 4); + $packet_header = $self->_recv_all(4); my $packet_len = unpack('N', $packet_header); - $self->{'Socket'}->recv($data, $packet_len); - return $data; + return $self->_recv_all($packet_len); +} + +sub _recv_all { + my ($self, $len) = @_; + my $data; + + while ($len) + { + my $buf; + unless (defined $self->{'Socket'}->recv($buf, $len)) + { + die "error reading from socket\n"; + } + $len -= length($buf); + $data .= $buf; + } + return $data; } 1; diff --git a/src/libcharon/plugins/vici/ruby/Makefile.in b/src/libcharon/plugins/vici/ruby/Makefile.in index 6d29988db..ff4e07d2d 100644 --- a/src/libcharon/plugins/vici/ruby/Makefile.in +++ b/src/libcharon/plugins/vici/ruby/Makefile.in @@ -476,8 +476,8 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -@RUBY_GEMS_INSTALL_FALSE@install-data-local: @RUBY_GEMS_INSTALL_FALSE@uninstall-local: +@RUBY_GEMS_INSTALL_FALSE@install-data-local: clean: clean-am clean-am: clean-generic clean-libtool clean-local mostlyclean-am diff --git a/src/libcharon/plugins/vici/suites/test_message.c b/src/libcharon/plugins/vici/suites/test_message.c index 73bba239b..1a4af9005 100644 --- a/src/libcharon/plugins/vici/suites/test_message.c +++ b/src/libcharon/plugins/vici/suites/test_message.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG diff --git a/src/libcharon/plugins/vici/vici_attribute.c b/src/libcharon/plugins/vici/vici_attribute.c index ab765fa14..4d174253d 100644 --- a/src/libcharon/plugins/vici/vici_attribute.c +++ b/src/libcharon/plugins/vici/vici_attribute.c @@ -249,7 +249,7 @@ static bool have_vips_from_pool(mem_pool_t *pool, linked_list_t *vips) { end = chunk_clone(start); - /* mem_pool is currenty limited to 2^31 addresses, so 32-bit + /* mem_pool is currently limited to 2^31 addresses, so 32-bit * calculations should be sufficient. */ size = untoh32(start.ptr + start.len - sizeof(size)); htoun32(end.ptr + end.len - sizeof(size), size + pool->get_size(pool)); diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c index e0e2955e2..f4e9e33ee 100644 --- a/src/libcharon/plugins/vici/vici_config.c +++ b/src/libcharon/plugins/vici/vici_config.c @@ -112,7 +112,7 @@ struct private_vici_config_t { rwlock_t *lock; /** - * Condvar used to snyc running actions + * Condvar used to sync running actions */ rwlock_condvar_t *condvar; @@ -533,7 +533,7 @@ static void log_child_data(child_data_t *data, char *name) DBG2(DBG_CFG, " proposals = %#P", data->proposals); DBG2(DBG_CFG, " local_ts = %#R", data->local_ts); DBG2(DBG_CFG, " remote_ts = %#R", data->remote_ts); - DBG2(DBG_CFG, " hw_offload = %u", has_opt(OPT_HW_OFFLOAD)); + DBG2(DBG_CFG, " hw_offload = %N", hw_offload_names, cfg->hw_offload); DBG2(DBG_CFG, " sha256_96 = %u", has_opt(OPT_SHA256_96)); } @@ -892,14 +892,6 @@ CALLBACK(parse_opt_ipcomp, bool, return parse_option(out, OPT_IPCOMP, v); } -/** - * Parse OPT_HW_OFFLOAD option - */ -CALLBACK(parse_opt_hw_offl, bool, - child_cfg_option_t *out, chunk_t v) -{ - return parse_option(out, OPT_HW_OFFLOAD, v); -} /** * Parse OPT_SHA256_96 option @@ -943,6 +935,27 @@ CALLBACK(parse_action, bool, return FALSE; } +/** + * Parse an hw_offload_t + */ +CALLBACK(parse_hw_offload, bool, + action_t *out, chunk_t v) +{ + enum_map_t map[] = { + { "no", HW_OFFLOAD_NO }, + { "yes", HW_OFFLOAD_YES }, + { "auto", HW_OFFLOAD_AUTO }, + }; + int d; + + if (parse_map(map, countof(map), &d, v)) + { + *out = d; + return TRUE; + } + return FALSE; +} + /** * Parse a uint32_t with the given base */ @@ -1578,7 +1591,7 @@ CALLBACK(child_kv, bool, { "tfc_padding", parse_tfc, &child->cfg.tfc }, { "priority", parse_uint32, &child->cfg.priority }, { "interface", parse_string, &child->cfg.interface }, - { "hw_offload", parse_opt_hw_offl, &child->cfg.options }, + { "hw_offload", parse_hw_offload, &child->cfg.hw_offload }, { "sha256_96", parse_opt_sha256_96,&child->cfg.options }, }; @@ -1953,41 +1966,6 @@ CALLBACK(peer_sn, bool, return FALSE; } -/** - * Find reqid of an existing CHILD_SA - */ -static uint32_t find_reqid(child_cfg_t *cfg) -{ - enumerator_t *enumerator, *children; - child_sa_t *child_sa; - ike_sa_t *ike_sa; - uint32_t reqid; - - reqid = charon->traps->find_reqid(charon->traps, cfg); - if (reqid) - { /* already trapped */ - return reqid; - } - - enumerator = charon->controller->create_ike_sa_enumerator( - charon->controller, TRUE); - while (!reqid && enumerator->enumerate(enumerator, &ike_sa)) - { - children = ike_sa->create_child_sa_enumerator(ike_sa); - while (children->enumerate(children, &child_sa)) - { - if (streq(cfg->get_name(cfg), child_sa->get_name(child_sa))) - { - reqid = child_sa->get_reqid(child_sa); - break; - } - } - children->destroy(children); - } - enumerator->destroy(enumerator); - return reqid; -} - /** * Perform start actions associated with a child config */ @@ -2012,8 +1990,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg, peer_cfg->get_name(peer_cfg), child_cfg); break; default: - charon->traps->install(charon->traps, peer_cfg, child_cfg, - find_reqid(child_cfg)); + charon->traps->install(charon->traps, peer_cfg, child_cfg); break; } break; @@ -2030,7 +2007,6 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name, { enumerator_t *enumerator, *children; child_sa_t *child_sa; - peer_cfg_t *peer_cfg; ike_sa_t *ike_sa; uint32_t id = 0, others; array_t *ids = NULL, *ikeids = NULL; @@ -2053,7 +2029,8 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name, children = ike_sa->create_child_sa_enumerator(ike_sa); while (children->enumerate(children, &child_sa)) { - if (child_sa->get_state(child_sa) != CHILD_DELETING) + if (child_sa->get_state(child_sa) != CHILD_DELETING && + child_sa->get_state(child_sa) != CHILD_DELETED) { if (streq(name, child_sa->get_name(child_sa))) { @@ -2106,7 +2083,7 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name, while (array_remove(ikeids, ARRAY_HEAD, &id)) { DBG1(DBG_CFG, "closing IKE_SA #%u", id); - charon->controller->terminate_ike(charon->controller, + charon->controller->terminate_ike(charon->controller, FALSE, id, NULL, NULL, 0); } array_destroy(ikeids); @@ -2121,22 +2098,7 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name, charon->shunts->uninstall(charon->shunts, peer_name, name); break; default: - enumerator = charon->traps->create_enumerator(charon->traps); - while (enumerator->enumerate(enumerator, &peer_cfg, - &child_sa)) - { - if (streq(peer_name, peer_cfg->get_name(peer_cfg)) && - streq(name, child_sa->get_name(child_sa))) - { - id = child_sa->get_reqid(child_sa); - break; - } - } - enumerator->destroy(enumerator); - if (id) - { - charon->traps->uninstall(charon->traps, id); - } + charon->traps->uninstall(charon->traps, peer_name, name); break; } break; diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c index afee649f7..ce19608dc 100644 --- a/src/libcharon/plugins/vici/vici_control.c +++ b/src/libcharon/plugins/vici/vici_control.c @@ -225,6 +225,7 @@ CALLBACK(terminate, vici_message_t*, enumerator_t *enumerator, *isas, *csas; char *child, *ike, *errmsg = NULL; u_int child_id, ike_id, current, *del, done = 0; + bool force; int timeout; ike_sa_t *ike_sa; child_sa_t *child_sa; @@ -240,6 +241,7 @@ CALLBACK(terminate, vici_message_t*, ike = request->get_str(request, NULL, "ike"); child_id = request->get_int(request, 0, "child-id"); ike_id = request->get_int(request, 0, "ike-id"); + force = request->get_bool(request, FALSE, "force"); timeout = request->get_int(request, 0, "timeout"); log.level = request->get_int(request, 1, "loglevel"); @@ -326,7 +328,7 @@ CALLBACK(terminate, vici_message_t*, } else { - if (charon->controller->terminate_ike(charon->controller, *del, + if (charon->controller->terminate_ike(charon->controller, *del, force, log_cb, &log, timeout) == SUCCESS) { done++; @@ -601,41 +603,6 @@ CALLBACK(redirect, vici_message_t*, return builder->finalize(builder); } -/** - * Find reqid of an existing CHILD_SA - */ -static uint32_t find_reqid(child_cfg_t *cfg) -{ - enumerator_t *enumerator, *children; - child_sa_t *child_sa; - ike_sa_t *ike_sa; - uint32_t reqid; - - reqid = charon->traps->find_reqid(charon->traps, cfg); - if (reqid) - { /* already trapped */ - return reqid; - } - - enumerator = charon->controller->create_ike_sa_enumerator( - charon->controller, TRUE); - while (!reqid && enumerator->enumerate(enumerator, &ike_sa)) - { - children = ike_sa->create_child_sa_enumerator(ike_sa); - while (children->enumerate(children, &child_sa)) - { - if (streq(cfg->get_name(cfg), child_sa->get_name(child_sa))) - { - reqid = child_sa->get_reqid(child_sa); - break; - } - } - children->destroy(children); - } - enumerator->destroy(enumerator); - return reqid; -} - CALLBACK(install, vici_message_t*, private_vici_control_t *this, char *name, u_int id, vici_message_t *request) { @@ -666,8 +633,7 @@ CALLBACK(install, vici_message_t*, peer_cfg->get_name(peer_cfg), child_cfg); break; default: - ok = charon->traps->install(charon->traps, peer_cfg, child_cfg, - find_reqid(child_cfg)); + ok = charon->traps->install(charon->traps, peer_cfg, child_cfg); break; } peer_cfg->destroy(peer_cfg); @@ -679,12 +645,7 @@ CALLBACK(install, vici_message_t*, CALLBACK(uninstall, vici_message_t*, private_vici_control_t *this, char *name, u_int id, vici_message_t *request) { - peer_cfg_t *peer_cfg; - child_cfg_t *child_cfg; - child_sa_t *child_sa; - enumerator_t *enumerator; - uint32_t reqid = 0; - char *child, *ike, *ns; + char *child, *ike; child = request->get_str(request, NULL, "child"); ike = request->get_str(request, NULL, "ike"); @@ -695,53 +656,13 @@ CALLBACK(uninstall, vici_message_t*, DBG1(DBG_CFG, "vici uninstall '%s'", child); - if (!ike) - { - enumerator = charon->shunts->create_enumerator(charon->shunts); - while (enumerator->enumerate(enumerator, &ns, &child_cfg)) - { - if (ns && streq(child, child_cfg->get_name(child_cfg))) - { - ike = strdup(ns); - break; - } - } - enumerator->destroy(enumerator); - if (ike) - { - if (charon->shunts->uninstall(charon->shunts, ike, child)) - { - free(ike); - return send_reply(this, NULL); - } - free(ike); - return send_reply(this, "uninstalling policy '%s' failed", child); - } - } - else if (charon->shunts->uninstall(charon->shunts, ike, child)) + if (charon->shunts->uninstall(charon->shunts, ike, child)) { return send_reply(this, NULL); } - - enumerator = charon->traps->create_enumerator(charon->traps); - while (enumerator->enumerate(enumerator, &peer_cfg, &child_sa)) + else if (charon->traps->uninstall(charon->traps, ike, child)) { - if ((!ike || streq(ike, peer_cfg->get_name(peer_cfg))) && - streq(child, child_sa->get_name(child_sa))) - { - reqid = child_sa->get_reqid(child_sa); - break; - } - } - enumerator->destroy(enumerator); - - if (reqid) - { - if (charon->traps->uninstall(charon->traps, reqid)) - { - return send_reply(this, NULL); - } - return send_reply(this, "uninstalling policy '%s' failed", child); + return send_reply(this, NULL); } return send_reply(this, "policy '%s' not found", child); } diff --git a/src/libcharon/plugins/vici/vici_message.c b/src/libcharon/plugins/vici/vici_message.c index 91d344994..13761f59d 100644 --- a/src/libcharon/plugins/vici/vici_message.c +++ b/src/libcharon/plugins/vici/vici_message.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG diff --git a/src/libcharon/plugins/vici/vici_message.h b/src/libcharon/plugins/vici/vici_message.h index d47e7a0f9..1e1a2a463 100644 --- a/src/libcharon/plugins/vici/vici_message.h +++ b/src/libcharon/plugins/vici/vici_message.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG diff --git a/src/libcharon/plugins/xauth_generic/xauth_generic.c b/src/libcharon/plugins/xauth_generic/xauth_generic.c index e65d1a1fe..66422bab6 100644 --- a/src/libcharon/plugins/xauth_generic/xauth_generic.c +++ b/src/libcharon/plugins/xauth_generic/xauth_generic.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_generic/xauth_generic.h b/src/libcharon/plugins/xauth_generic/xauth_generic.h index 52744d0a6..94aedf108 100644 --- a/src/libcharon/plugins/xauth_generic/xauth_generic.h +++ b/src/libcharon/plugins/xauth_generic/xauth_generic.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.c b/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.c index a87084e20..e8303754b 100644 --- a/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.c +++ b/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.h b/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.h index 426f806a7..ac1eac3e5 100644 --- a/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.h +++ b/src/libcharon/plugins/xauth_generic/xauth_generic_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_noauth/xauth_noauth.c b/src/libcharon/plugins/xauth_noauth/xauth_noauth.c index 4b8ad8ecd..8d8f2fd5b 100644 --- a/src/libcharon/plugins/xauth_noauth/xauth_noauth.c +++ b/src/libcharon/plugins/xauth_noauth/xauth_noauth.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_noauth/xauth_noauth.h b/src/libcharon/plugins/xauth_noauth/xauth_noauth.h index 2ac358ee0..8719dcfeb 100644 --- a/src/libcharon/plugins/xauth_noauth/xauth_noauth.h +++ b/src/libcharon/plugins/xauth_noauth/xauth_noauth.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.c b/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.c index e7ee4dfe3..63c8b6853 100644 --- a/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.c +++ b/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.h b/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.h index d174ac29c..123d5a3f8 100644 --- a/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.h +++ b/src/libcharon/plugins/xauth_noauth/xauth_noauth_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/acquire_job.c b/src/libcharon/processing/jobs/acquire_job.c index cd4a4ca89..c92c03f8f 100644 --- a/src/libcharon/processing/jobs/acquire_job.c +++ b/src/libcharon/processing/jobs/acquire_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/acquire_job.h b/src/libcharon/processing/jobs/acquire_job.h index 4d31f0569..d45f72b46 100644 --- a/src/libcharon/processing/jobs/acquire_job.h +++ b/src/libcharon/processing/jobs/acquire_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/adopt_children_job.c b/src/libcharon/processing/jobs/adopt_children_job.c index ff8e78b6b..998af0d3f 100644 --- a/src/libcharon/processing/jobs/adopt_children_job.c +++ b/src/libcharon/processing/jobs/adopt_children_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG diff --git a/src/libcharon/processing/jobs/delete_ike_sa_job.c b/src/libcharon/processing/jobs/delete_ike_sa_job.c index 53a170510..acc439ccd 100644 --- a/src/libcharon/processing/jobs/delete_ike_sa_job.c +++ b/src/libcharon/processing/jobs/delete_ike_sa_job.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -64,7 +64,7 @@ METHOD(job_t, execute, job_requeue_t, } if (this->delete_if_established) { - if (ike_sa->delete(ike_sa) == DESTROY_ME) + if (ike_sa->delete(ike_sa, FALSE) == DESTROY_ME) { charon->ike_sa_manager->checkin_and_destroy( charon->ike_sa_manager, ike_sa); diff --git a/src/libcharon/processing/jobs/delete_ike_sa_job.h b/src/libcharon/processing/jobs/delete_ike_sa_job.h index ae06b9cfc..d3241f9ff 100644 --- a/src/libcharon/processing/jobs/delete_ike_sa_job.h +++ b/src/libcharon/processing/jobs/delete_ike_sa_job.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/inactivity_job.c b/src/libcharon/processing/jobs/inactivity_job.c index bf16e51b5..7f0b29b6d 100644 --- a/src/libcharon/processing/jobs/inactivity_job.c +++ b/src/libcharon/processing/jobs/inactivity_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -101,7 +101,7 @@ METHOD(job_t, execute, job_requeue_t, { DBG1(DBG_JOB, "deleting IKE_SA after %d seconds " "of CHILD_SA inactivity", this->timeout); - status = ike_sa->delete(ike_sa); + status = ike_sa->delete(ike_sa, FALSE); } else { diff --git a/src/libcharon/processing/jobs/inactivity_job.h b/src/libcharon/processing/jobs/inactivity_job.h index 240782fa8..814d606f7 100644 --- a/src/libcharon/processing/jobs/inactivity_job.h +++ b/src/libcharon/processing/jobs/inactivity_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/initiate_mediation_job.c b/src/libcharon/processing/jobs/initiate_mediation_job.c index 1082eae0b..6a72499d3 100644 --- a/src/libcharon/processing/jobs/initiate_mediation_job.c +++ b/src/libcharon/processing/jobs/initiate_mediation_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/initiate_mediation_job.h b/src/libcharon/processing/jobs/initiate_mediation_job.h index d105de2b9..577bb62e0 100644 --- a/src/libcharon/processing/jobs/initiate_mediation_job.h +++ b/src/libcharon/processing/jobs/initiate_mediation_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/mediation_job.c b/src/libcharon/processing/jobs/mediation_job.c index 759aad003..d210da5d7 100644 --- a/src/libcharon/processing/jobs/mediation_job.c +++ b/src/libcharon/processing/jobs/mediation_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/mediation_job.h b/src/libcharon/processing/jobs/mediation_job.h index 6a1475102..c1e72cb08 100644 --- a/src/libcharon/processing/jobs/mediation_job.h +++ b/src/libcharon/processing/jobs/mediation_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/migrate_job.c b/src/libcharon/processing/jobs/migrate_job.c index 461ba11d1..574d715a7 100644 --- a/src/libcharon/processing/jobs/migrate_job.c +++ b/src/libcharon/processing/jobs/migrate_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/migrate_job.h b/src/libcharon/processing/jobs/migrate_job.h index 140635bed..bf9146b55 100644 --- a/src/libcharon/processing/jobs/migrate_job.h +++ b/src/libcharon/processing/jobs/migrate_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/process_message_job.c b/src/libcharon/processing/jobs/process_message_job.c index 31f048db6..c1ff9cb24 100644 --- a/src/libcharon/processing/jobs/process_message_job.c +++ b/src/libcharon/processing/jobs/process_message_job.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/process_message_job.h b/src/libcharon/processing/jobs/process_message_job.h index 2c42aa577..6b6bdeb60 100644 --- a/src/libcharon/processing/jobs/process_message_job.h +++ b/src/libcharon/processing/jobs/process_message_job.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/redirect_job.c b/src/libcharon/processing/jobs/redirect_job.c index e1af662c9..5bc66b560 100644 --- a/src/libcharon/processing/jobs/redirect_job.c +++ b/src/libcharon/processing/jobs/redirect_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/redirect_job.h b/src/libcharon/processing/jobs/redirect_job.h index fe4b34ee9..ed44da65e 100644 --- a/src/libcharon/processing/jobs/redirect_job.h +++ b/src/libcharon/processing/jobs/redirect_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.c b/src/libcharon/processing/jobs/rekey_child_sa_job.c index d76f4f65b..aa21717fa 100644 --- a/src/libcharon/processing/jobs/rekey_child_sa_job.c +++ b/src/libcharon/processing/jobs/rekey_child_sa_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.h b/src/libcharon/processing/jobs/rekey_child_sa_job.h index 1c9d9b400..0d64260eb 100644 --- a/src/libcharon/processing/jobs/rekey_child_sa_job.h +++ b/src/libcharon/processing/jobs/rekey_child_sa_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/rekey_ike_sa_job.c b/src/libcharon/processing/jobs/rekey_ike_sa_job.c index 148db2f92..c9ea0be3f 100644 --- a/src/libcharon/processing/jobs/rekey_ike_sa_job.c +++ b/src/libcharon/processing/jobs/rekey_ike_sa_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/rekey_ike_sa_job.h b/src/libcharon/processing/jobs/rekey_ike_sa_job.h index 3e3e13d00..c96aa5781 100644 --- a/src/libcharon/processing/jobs/rekey_ike_sa_job.h +++ b/src/libcharon/processing/jobs/rekey_ike_sa_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/retransmit_job.c b/src/libcharon/processing/jobs/retransmit_job.c index 4daa41868..c87442e5e 100644 --- a/src/libcharon/processing/jobs/retransmit_job.c +++ b/src/libcharon/processing/jobs/retransmit_job.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/retransmit_job.h b/src/libcharon/processing/jobs/retransmit_job.h index 595513cef..018e86805 100644 --- a/src/libcharon/processing/jobs/retransmit_job.h +++ b/src/libcharon/processing/jobs/retransmit_job.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/retry_initiate_job.c b/src/libcharon/processing/jobs/retry_initiate_job.c index 1cdc3058a..4715cf0a1 100644 --- a/src/libcharon/processing/jobs/retry_initiate_job.c +++ b/src/libcharon/processing/jobs/retry_initiate_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/retry_initiate_job.h b/src/libcharon/processing/jobs/retry_initiate_job.h index 29f79f23b..711746096 100644 --- a/src/libcharon/processing/jobs/retry_initiate_job.h +++ b/src/libcharon/processing/jobs/retry_initiate_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/roam_job.c b/src/libcharon/processing/jobs/roam_job.c index 0af4c6c39..27fb618df 100644 --- a/src/libcharon/processing/jobs/roam_job.c +++ b/src/libcharon/processing/jobs/roam_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/roam_job.h b/src/libcharon/processing/jobs/roam_job.h index acfb8bed8..6468557dc 100644 --- a/src/libcharon/processing/jobs/roam_job.h +++ b/src/libcharon/processing/jobs/roam_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/send_dpd_job.c b/src/libcharon/processing/jobs/send_dpd_job.c index d2f38b803..be9569f25 100644 --- a/src/libcharon/processing/jobs/send_dpd_job.c +++ b/src/libcharon/processing/jobs/send_dpd_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/send_dpd_job.h b/src/libcharon/processing/jobs/send_dpd_job.h index bd2728b9a..14c5380da 100644 --- a/src/libcharon/processing/jobs/send_dpd_job.h +++ b/src/libcharon/processing/jobs/send_dpd_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/send_keepalive_job.c b/src/libcharon/processing/jobs/send_keepalive_job.c index e06eae3d3..8a2e917b6 100644 --- a/src/libcharon/processing/jobs/send_keepalive_job.c +++ b/src/libcharon/processing/jobs/send_keepalive_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/send_keepalive_job.h b/src/libcharon/processing/jobs/send_keepalive_job.h index acf6d11aa..c88d981ba 100644 --- a/src/libcharon/processing/jobs/send_keepalive_job.h +++ b/src/libcharon/processing/jobs/send_keepalive_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/start_action_job.c b/src/libcharon/processing/jobs/start_action_job.c index 654ec6abe..3a0ed879f 100644 --- a/src/libcharon/processing/jobs/start_action_job.c +++ b/src/libcharon/processing/jobs/start_action_job.c @@ -75,7 +75,7 @@ METHOD(job_t, execute, job_requeue_t, else { charon->traps->install(charon->traps, peer_cfg, - child_cfg, 0); + child_cfg); } break; case ACTION_NONE: diff --git a/src/libcharon/processing/jobs/update_sa_job.c b/src/libcharon/processing/jobs/update_sa_job.c index 3360b7dc5..dfb85f690 100644 --- a/src/libcharon/processing/jobs/update_sa_job.c +++ b/src/libcharon/processing/jobs/update_sa_job.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/processing/jobs/update_sa_job.h b/src/libcharon/processing/jobs/update_sa_job.h index 17beb68b6..fbb36f13c 100644 --- a/src/libcharon/processing/jobs/update_sa_job.h +++ b/src/libcharon/processing/jobs/update_sa_job.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/authenticator.c b/src/libcharon/sa/authenticator.c index 6c3681a2d..b77c19d00 100644 --- a/src/libcharon/sa/authenticator.c +++ b/src/libcharon/sa/authenticator.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2006-2009 Martin Willi * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/authenticator.h b/src/libcharon/sa/authenticator.h index 97c042e71..42d9ce32e 100644 --- a/src/libcharon/sa/authenticator.h +++ b/src/libcharon/sa/authenticator.h @@ -2,7 +2,7 @@ * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index a01ee9e4d..7eeb578f3 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -37,6 +37,7 @@ ENUM(child_sa_state_names, CHILD_CREATED, CHILD_DESTROYING, "REKEYED", "RETRYING", "DELETING", + "DELETED", "DESTROYING", ); @@ -888,7 +889,7 @@ static status_t install_internal(private_child_sa_t *this, chunk_t encr, .ipcomp = this->ipcomp, .cpi = cpi, .encap = this->encap, - .hw_offload = this->config->has_option(this->config, OPT_HW_OFFLOAD), + .hw_offload = this->config->get_hw_offload(this->config), .esn = esn, .initiator = initiator, .inbound = inbound, @@ -1060,16 +1061,17 @@ static status_t install_policies_internal(private_child_sa_t *this, host_t *my_addr, host_t *other_addr, traffic_selector_t *my_ts, traffic_selector_t *other_ts, ipsec_sa_cfg_t *my_sa, ipsec_sa_cfg_t *other_sa, policy_type_t type, - policy_priority_t priority, uint32_t manual_prio) + policy_priority_t priority, uint32_t manual_prio, bool outbound) { status_t status = SUCCESS; status |= install_policies_inbound(this, my_addr, other_addr, my_ts, - other_ts, my_sa, other_sa, type, - priority, manual_prio); - status |= install_policies_outbound(this, my_addr, other_addr, my_ts, - other_ts, my_sa, other_sa, type, - priority, manual_prio); + other_ts, my_sa, other_sa, type, priority, manual_prio); + if (outbound) + { + status |= install_policies_outbound(this, my_addr, other_addr, my_ts, + other_ts, my_sa, other_sa, type, priority, manual_prio); + } return status; } @@ -1153,12 +1155,15 @@ static void del_policies_internal(private_child_sa_t *this, host_t *my_addr, host_t *other_addr, traffic_selector_t *my_ts, traffic_selector_t *other_ts, ipsec_sa_cfg_t *my_sa, ipsec_sa_cfg_t *other_sa, policy_type_t type, - policy_priority_t priority, uint32_t manual_prio) + policy_priority_t priority, uint32_t manual_prio, bool outbound) { - del_policies_outbound(this, my_addr, other_addr, my_ts, other_ts, my_sa, - other_sa, type, priority, manual_prio); + if (outbound) + { + del_policies_outbound(this, my_addr, other_addr, my_ts, other_ts, my_sa, + other_sa, type, priority, manual_prio); + } del_policies_inbound(this, my_addr, other_addr, my_ts, other_ts, my_sa, - other_sa, type, priority, manual_prio); + other_sa, type, priority, manual_prio); } METHOD(child_sa_t, set_policies, void, @@ -1249,18 +1254,10 @@ METHOD(child_sa_t, install_policies, status_t, enumerator = create_policy_enumerator(this); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - status |= install_policies_inbound(this, this->my_addr, - this->other_addr, my_ts, other_ts, - &my_sa, &other_sa, POLICY_IPSEC, - priority, manual_prio); - - if (install_outbound) - { - status |= install_policies_outbound(this, this->my_addr, + status |= install_policies_internal(this, this->my_addr, this->other_addr, my_ts, other_ts, - &my_sa, &other_sa, POLICY_IPSEC, - priority, manual_prio); - } + &my_sa, &other_sa, POLICY_IPSEC, priority, + manual_prio, install_outbound); if (status != SUCCESS) { break; @@ -1463,7 +1460,7 @@ static status_t update_sas(private_child_sa_t *this, host_t *me, host_t *other, } /* update his (responder) SA */ - if (this->other_spi) + if (this->other_spi && (this->outbound_state & CHILD_OUTBOUND_SA)) { kernel_ipsec_sa_id_t id = { .src = this->my_addr, @@ -1517,22 +1514,26 @@ METHOD(child_sa_t, update, status_t, traffic_selector_t *my_ts, *other_ts; uint32_t manual_prio; status_t state; + bool outbound; prepare_sa_cfg(this, &my_sa, &other_sa); manual_prio = this->config->get_manual_prio(this->config); + outbound = (this->outbound_state & CHILD_OUTBOUND_POLICIES); enumerator = create_policy_enumerator(this); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { /* install drop policy to avoid traffic leaks, acquires etc. */ - install_policies_outbound(this, this->my_addr, this->other_addr, - my_ts, other_ts, &my_sa, &other_sa, POLICY_DROP, - POLICY_PRIORITY_DEFAULT, manual_prio); - + if (outbound) + { + install_policies_outbound(this, this->my_addr, this->other_addr, + my_ts, other_ts, &my_sa, &other_sa, POLICY_DROP, + POLICY_PRIORITY_DEFAULT, manual_prio); + } /* remove old policies */ del_policies_internal(this, this->my_addr, this->other_addr, my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, - POLICY_PRIORITY_DEFAULT, manual_prio); + POLICY_PRIORITY_DEFAULT, manual_prio, outbound); } enumerator->destroy(enumerator); @@ -1548,8 +1549,8 @@ METHOD(child_sa_t, update, status_t, if (state == NOT_SUPPORTED) { install_policies_internal(this, this->my_addr, this->other_addr, - my_ts, other_ts, &my_sa, &other_sa, - POLICY_IPSEC, POLICY_PRIORITY_DEFAULT, manual_prio); + my_ts, other_ts, &my_sa, &other_sa, POLICY_IPSEC, + POLICY_PRIORITY_DEFAULT, manual_prio, outbound); } else { @@ -1573,15 +1574,17 @@ METHOD(child_sa_t, update, status_t, /* reinstall updated policies */ install_policies_internal(this, me, other, my_ts, other_ts, - &my_sa, &other_sa, POLICY_IPSEC, - POLICY_PRIORITY_DEFAULT, manual_prio); + &my_sa, &other_sa, POLICY_IPSEC, + POLICY_PRIORITY_DEFAULT, manual_prio, outbound); } /* remove the drop policy */ - del_policies_outbound(this, this->my_addr, this->other_addr, - old_my_ts ?: my_ts, - old_other_ts ?: other_ts, - &my_sa, &other_sa, POLICY_DROP, - POLICY_PRIORITY_DEFAULT, 0); + if (outbound) + { + del_policies_outbound(this, this->my_addr, this->other_addr, + old_my_ts ?: my_ts, old_other_ts ?: other_ts, + &my_sa, &other_sa, POLICY_DROP, + POLICY_PRIORITY_DEFAULT, 0); + } DESTROY_IF(old_my_ts); DESTROY_IF(old_other_ts); @@ -1651,16 +1654,9 @@ METHOD(child_sa_t, destroy, void, enumerator = create_policy_enumerator(this); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - if (del_outbound) - { - del_policies_outbound(this, this->my_addr, - this->other_addr, my_ts, other_ts, - &my_sa, &other_sa, POLICY_IPSEC, - priority, manual_prio); - } - del_policies_inbound(this, this->my_addr, this->other_addr, - my_ts, other_ts, &my_sa, &other_sa, - POLICY_IPSEC, priority, manual_prio); + del_policies_internal(this, this->my_addr, + this->other_addr, my_ts, other_ts, &my_sa, &other_sa, + POLICY_IPSEC, priority, manual_prio, del_outbound); } enumerator->destroy(enumerator); } @@ -1754,7 +1750,7 @@ static host_t* get_proxy_addr(child_cfg_t *config, host_t *ike, bool local) * Described in header. */ child_sa_t * child_sa_create(host_t *me, host_t* other, - child_cfg_t *config, uint32_t rekey, bool encap, + child_cfg_t *config, uint32_t reqid, bool encap, u_int mark_in, u_int mark_out) { private_child_sa_t *this; @@ -1865,21 +1861,15 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, if (!this->reqid) { - /* reuse old reqid if we are rekeying an existing CHILD_SA. While the - * reqid cache would find the same reqid for our selectors, this does - * not work in a special case: If an SA is triggered by a trap policy, - * but the negotiated SA gets narrowed, we still must reuse the same - * reqid to successfully "trigger" the SA on the kernel level. Rekeying - * such an SA requires an explicit reqid, as the cache currently knows - * the original selectors only for that reqid. */ - if (rekey) - { - this->reqid = rekey; - } - else - { - this->reqid = charon->traps->find_reqid(charon->traps, config); - } + /* reuse old reqid if we are rekeying an existing CHILD_SA and when + * initiating a trap policy. While the reqid cache would find the same + * reqid for our selectors, this does not work in a special case: If an + * SA is triggered by a trap policy, but the negotiated TS get + * narrowed, we still must reuse the same reqid to successfully + * replace the temporary SA on the kernel level. Rekeying such an SA + * requires an explicit reqid, as the cache currently knows the original + * selectors only for that reqid. */ + this->reqid = reqid; } else { diff --git a/src/libcharon/sa/child_sa.h b/src/libcharon/sa/child_sa.h index 49175ca01..183033f46 100644 --- a/src/libcharon/sa/child_sa.h +++ b/src/libcharon/sa/child_sa.h @@ -83,6 +83,11 @@ enum child_sa_state_t { */ CHILD_DELETING, + /** + * CHILD_SA has been deleted, but not yet destroyed + */ + CHILD_DELETED, + /** * CHILD_SA object gets destroyed */ diff --git a/src/libcharon/sa/eap/eap_manager.c b/src/libcharon/sa/eap/eap_manager.c index b2a57ccfb..2a9e0d06d 100644 --- a/src/libcharon/sa/eap/eap_manager.c +++ b/src/libcharon/sa/eap/eap_manager.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/eap/eap_manager.h b/src/libcharon/sa/eap/eap_manager.h index 391c906e9..73aa76329 100644 --- a/src/libcharon/sa/eap/eap_manager.h +++ b/src/libcharon/sa/eap/eap_manager.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/eap/eap_method.c b/src/libcharon/sa/eap/eap_method.c index 9ce6ecf00..0a3c454e1 100644 --- a/src/libcharon/sa/eap/eap_method.c +++ b/src/libcharon/sa/eap/eap_method.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/eap/eap_method.h b/src/libcharon/sa/eap/eap_method.h index 840779727..34041e347 100644 --- a/src/libcharon/sa/eap/eap_method.h +++ b/src/libcharon/sa/eap/eap_method.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index e1f4ec95a..f39fed6f0 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2017 Tobias Brunner + * Copyright (C) 2006-2018 Tobias Brunner * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter @@ -1053,17 +1053,19 @@ METHOD(ike_sa_t, has_mapping_changed, bool, METHOD(ike_sa_t, float_ports, void, private_ike_sa_t *this) { - /* do not switch if we have a custom port from MOBIKE/NAT */ + /* even if the remote port is not 500 (e.g. because the response was natted) + * we switch the remote port if we used port 500 */ + if (this->other_host->get_port(this->other_host) == IKEV2_UDP_PORT || + this->my_host->get_port(this->my_host) == IKEV2_UDP_PORT) + { + this->other_host->set_port(this->other_host, IKEV2_NATT_PORT); + } if (this->my_host->get_port(this->my_host) == charon->socket->get_port(charon->socket, FALSE)) { this->my_host->set_port(this->my_host, charon->socket->get_port(charon->socket, TRUE)); } - if (this->other_host->get_port(this->other_host) == IKEV2_UDP_PORT) - { - this->other_host->set_port(this->other_host, IKEV2_NATT_PORT); - } } METHOD(ike_sa_t, update_hosts, void, @@ -1791,8 +1793,10 @@ METHOD(ike_sa_t, destroy_child_sa, status_t, } METHOD(ike_sa_t, delete_, status_t, - private_ike_sa_t *this) + private_ike_sa_t *this, bool force) { + status_t status = DESTROY_ME; + switch (this->state) { case IKE_ESTABLISHED: @@ -1804,19 +1808,38 @@ METHOD(ike_sa_t, delete_, status_t, charon->bus->alert(charon->bus, ALERT_IKE_SA_EXPIRED); } this->task_manager->queue_ike_delete(this->task_manager); - return this->task_manager->initiate(this->task_manager); + status = this->task_manager->initiate(this->task_manager); + break; case IKE_CREATED: DBG1(DBG_IKE, "deleting unestablished IKE_SA"); break; case IKE_PASSIVE: break; default: - DBG1(DBG_IKE, "destroying IKE_SA in state %N " - "without notification", ike_sa_state_names, this->state); - charon->bus->ike_updown(charon->bus, &this->public, FALSE); + DBG1(DBG_IKE, "destroying IKE_SA in state %N without notification", + ike_sa_state_names, this->state); + force = TRUE; break; } - return DESTROY_ME; + + if (force) + { + status = DESTROY_ME; + + if (this->version == IKEV2) + { /* for IKEv1 we trigger this in the ISAKMP delete task */ + switch (this->state) + { + case IKE_ESTABLISHED: + case IKE_REKEYING: + case IKE_DELETING: + charon->bus->ike_updown(charon->bus, &this->public, FALSE); + default: + break; + } + } + } + return status; } METHOD(ike_sa_t, rekey, status_t, @@ -1926,23 +1949,18 @@ static status_t reestablish_children(private_ike_sa_t *this, ike_sa_t *new, enumerator = create_child_sa_enumerator(this); while (enumerator->enumerate(enumerator, (void**)&child_sa)) { + switch (child_sa->get_state(child_sa)) + { + case CHILD_REKEYED: + case CHILD_DELETED: + /* ignore CHILD_SAs in these states */ + continue; + default: + break; + } if (force) { - switch (child_sa->get_state(child_sa)) - { - case CHILD_ROUTED: - { /* move routed child directly */ - remove_child_sa(this, enumerator); - new->add_child_sa(new, child_sa); - action = ACTION_NONE; - break; - } - default: - { /* initiate/queue all other CHILD_SAs */ - action = ACTION_RESTART; - break; - } - } + action = ACTION_RESTART; } else { /* only restart CHILD_SAs that are configured accordingly */ @@ -2020,6 +2038,15 @@ METHOD(ike_sa_t, reestablish, status_t, enumerator = array_create_enumerator(this->child_sas); while (enumerator->enumerate(enumerator, (void**)&child_sa)) { + switch (child_sa->get_state(child_sa)) + { + case CHILD_REKEYED: + case CHILD_DELETED: + /* ignore CHILD_SAs in these states */ + continue; + default: + break; + } if (this->state == IKE_DELETING) { action = child_sa->get_close_action(child_sa); @@ -2035,8 +2062,7 @@ METHOD(ike_sa_t, reestablish, status_t, break; case ACTION_ROUTE: charon->traps->install(charon->traps, this->peer_cfg, - child_sa->get_config(child_sa), - child_sa->get_reqid(child_sa)); + child_sa->get_config(child_sa)); break; default: break; @@ -2348,6 +2374,31 @@ METHOD(ike_sa_t, retransmit, status_t, return this->task_manager->initiate(this->task_manager); } DBG1(DBG_IKE, "establishing IKE_SA failed, peer not responding"); + + if (this->version == IKEV1 && array_count(this->child_sas)) + { + enumerator_t *enumerator; + child_sa_t *child_sa; + + /* if reauthenticating an IKEv1 SA failed (assumed for an SA + * in this state with CHILD_SAs), try again from scratch */ + DBG1(DBG_IKE, "reauthentication failed, trying to " + "reestablish IKE_SA"); + reestablish(this); + /* trigger down events for the CHILD_SAs, as no down event + * is triggered below for IKE SAs in this state */ + enumerator = array_create_enumerator(this->child_sas); + while (enumerator->enumerate(enumerator, &child_sa)) + { + if (child_sa->get_state(child_sa) != CHILD_REKEYED && + child_sa->get_state(child_sa) != CHILD_DELETED) + { + charon->bus->child_updown(charon->bus, child_sa, + FALSE); + } + } + enumerator->destroy(enumerator); + } break; } case IKE_DELETING: @@ -2552,10 +2603,15 @@ METHOD(ike_sa_t, roam, status_t, * without config assigned */ return SUCCESS; } + if (this->version == IKEV1) + { /* ignore roam events for IKEv1 where we don't have MOBIKE and would + * have to reestablish from scratch (reauth is not enough) */ + return SUCCESS; + } /* ignore roam events if MOBIKE is not supported/enabled and the local * address is statically configured */ - if (this->version == IKEV2 && !supports_extension(this, EXT_MOBIKE) && + if (!supports_extension(this, EXT_MOBIKE) && ike_cfg_has_address(this->ike_cfg, this->my_host, TRUE)) { DBG2(DBG_IKE, "keeping statically configured path %H - %H", diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h index b4fbc56d7..316b713ee 100644 --- a/src/libcharon/sa/ike_sa.h +++ b/src/libcharon/sa/ike_sa.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2017 Tobias Brunner + * Copyright (C) 2006-2018 Tobias Brunner * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter @@ -776,15 +776,18 @@ struct ike_sa_t { * * Sends a delete message to the remote peer and waits for * its response. If the response comes in, or a timeout occurs, - * the IKE SA gets deleted. + * the IKE SA gets destroyed, unless force is TRUE then the IKE_SA is + * destroyed immediately without waiting for a response. * + * @param force whether to immediately destroy the IKE_SA afterwards + * without waiting for a response * @return * - SUCCESS if deletion is initialized - * - DESTROY_ME, if the IKE_SA is not in - * an established state and can not be - * deleted (but destroyed). + * - DESTROY_ME, if destroying is forced, or the IKE_SA + * is not in an established state and can not be + * deleted (but destroyed) */ - status_t (*delete) (ike_sa_t *this); + status_t (*delete) (ike_sa_t *this, bool force); /** * Update IKE_SAs after network interfaces have changed. diff --git a/src/libcharon/sa/ike_sa_id.c b/src/libcharon/sa/ike_sa_id.c index b4e66ed73..515b3cfd3 100644 --- a/src/libcharon/sa/ike_sa_id.c +++ b/src/libcharon/sa/ike_sa_id.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ike_sa_id.h b/src/libcharon/sa/ike_sa_id.h index b3a9ef61f..266b62380 100644 --- a/src/libcharon/sa/ike_sa_id.h +++ b/src/libcharon/sa/ike_sa_id.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c index 101d98678..2a499db40 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c @@ -2021,7 +2021,7 @@ static status_t enforce_replace(private_ike_sa_manager_t *this, } DBG1(DBG_IKE, "deleting duplicate IKE_SA for peer '%Y' due to " "uniqueness policy", other); - return duplicate->delete(duplicate); + return duplicate->delete(duplicate, FALSE); } METHOD(ike_sa_manager_t, check_uniqueness, bool, @@ -2266,20 +2266,7 @@ METHOD(ike_sa_manager_t, flush, void, while (enumerator->enumerate(enumerator, &entry, &segment)) { charon->bus->set_sa(charon->bus, entry->ike_sa); - if (entry->ike_sa->get_version(entry->ike_sa) == IKEV2) - { /* as the delete never gets processed, fire down events */ - switch (entry->ike_sa->get_state(entry->ike_sa)) - { - case IKE_ESTABLISHED: - case IKE_REKEYING: - case IKE_DELETING: - charon->bus->ike_updown(charon->bus, entry->ike_sa, FALSE); - break; - default: - break; - } - } - entry->ike_sa->delete(entry->ike_sa); + entry->ike_sa->delete(entry->ike_sa, TRUE); } enumerator->destroy(enumerator); diff --git a/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c b/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c index 41be15a08..9e5833efc 100644 --- a/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c +++ b/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c @@ -18,6 +18,7 @@ #include #include #include +#include typedef struct private_pubkey_v1_authenticator_t private_pubkey_v1_authenticator_t; @@ -130,6 +131,29 @@ METHOD(authenticator_t, build, status_t, return status; } +/** + * Check if the end-entity certificate, if any, is compliant with RFC 4945 + */ +static bool is_compliant_cert(auth_cfg_t *auth) +{ + certificate_t *cert; + x509_t *x509; + + cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT); + if (!cert || cert->get_type(cert) != CERT_X509) + { + return TRUE; + } + x509 = (x509_t*)cert; + if (x509->get_flags(x509) & X509_IKE_COMPLIANT) + { + return TRUE; + } + DBG1(DBG_IKE, "rejecting certificate without digitalSignature or " + "nonRepudiation keyUsage flags"); + return FALSE; +} + METHOD(authenticator_t, process, status_t, private_pubkey_v1_authenticator_t *this, message_t *message) { @@ -176,7 +200,8 @@ METHOD(authenticator_t, process, status_t, id, auth, TRUE); while (enumerator->enumerate(enumerator, &public, ¤t_auth)) { - if (public->verify(public, scheme, NULL, hash, sig)) + if (public->verify(public, scheme, NULL, hash, sig) && + is_compliant_cert(current_auth)) { DBG1(DBG_IKE, "authentication of '%Y' with %N successful", id, signature_scheme_names, scheme); diff --git a/src/libcharon/sa/ikev1/iv_manager.c b/src/libcharon/sa/ikev1/iv_manager.c index 2a6e5c04f..c48a0deb1 100644 --- a/src/libcharon/sa/ikev1/iv_manager.c +++ b/src/libcharon/sa/ikev1/iv_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/iv_manager.h b/src/libcharon/sa/ikev1/iv_manager.h index c5273fed9..cae4f3508 100644 --- a/src/libcharon/sa/ikev1/iv_manager.h +++ b/src/libcharon/sa/ikev1/iv_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c index 673a7a131..1de05b4ec 100644 --- a/src/libcharon/sa/ikev1/keymat_v1.c +++ b/src/libcharon/sa/ikev1/keymat_v1.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/keymat_v1.h b/src/libcharon/sa/ikev1/keymat_v1.h index ada5bdb04..269816a59 100644 --- a/src/libcharon/sa/ikev1/keymat_v1.h +++ b/src/libcharon/sa/ikev1/keymat_v1.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c index 9b5f676a3..82d647a6c 100644 --- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c +++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_delete.c b/src/libcharon/sa/ikev1/tasks/isakmp_delete.c index df0293d4f..e4379cabf 100644 --- a/src/libcharon/sa/ikev1/tasks/isakmp_delete.c +++ b/src/libcharon/sa/ikev1/tasks/isakmp_delete.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2011 Martin Willi * Copyright (C) 2011 revosec AG diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_natd.c b/src/libcharon/sa/ikev1/tasks/isakmp_natd.c index d17948cd0..81e63740e 100644 --- a/src/libcharon/sa/ikev1/tasks/isakmp_natd.c +++ b/src/libcharon/sa/ikev1/tasks/isakmp_natd.c @@ -2,7 +2,7 @@ * Copyright (C) 2006-2011 Tobias Brunner, * Copyright (C) 2006-2007 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_natd.h b/src/libcharon/sa/ikev1/tasks/isakmp_natd.h index 63947fc73..aec8f85bf 100644 --- a/src/libcharon/sa/ikev1/tasks/isakmp_natd.h +++ b/src/libcharon/sa/ikev1/tasks/isakmp_natd.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c index dc86fc504..6a296f221 100644 --- a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c +++ b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2013 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c index 4c16adba3..1f764e547 100644 --- a/src/libcharon/sa/ikev1/tasks/main_mode.c +++ b/src/libcharon/sa/ikev1/tasks/main_mode.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2011 Martin Willi * Copyright (C) 2011 revosec AG diff --git a/src/libcharon/sa/ikev1/tasks/quick_delete.c b/src/libcharon/sa/ikev1/tasks/quick_delete.c index 66ef50811..0191a45a8 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_delete.c +++ b/src/libcharon/sa/ikev1/tasks/quick_delete.c @@ -135,6 +135,7 @@ static bool delete_child(private_quick_delete_t *this, protocol_id_t protocol, my_ts->destroy(my_ts); other_ts->destroy(other_ts); + child_sa->set_state(child_sa, CHILD_DELETED); if (!rekeyed) { charon->bus->child_updown(charon->bus, child_sa, FALSE); @@ -154,7 +155,7 @@ static bool delete_child(private_quick_delete_t *this, protocol_id_t protocol, case ACTION_ROUTE: charon->traps->install(charon->traps, this->ike_sa->get_peer_cfg(this->ike_sa), - child_cfg, child_sa->get_reqid(child_sa)); + child_cfg); break; default: break; diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 77592e59a..5e5b61e7f 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2011 Martin Willi * Copyright (C) 2011 revosec AG @@ -1005,14 +1005,25 @@ static bool has_notify_errors(private_quick_mode_t *this, message_t *message) /** * Check if this is a rekey for an existing CHILD_SA, reuse reqid if so */ -static void check_for_rekeyed_child(private_quick_mode_t *this) +static void check_for_rekeyed_child(private_quick_mode_t *this, bool responder) { enumerator_t *enumerator, *policies; - traffic_selector_t *local, *remote; + traffic_selector_t *local, *remote, *my_ts, *other_ts; child_sa_t *child_sa; proposal_t *proposal; char *name; + if (responder) + { + my_ts = this->tsr; + other_ts = this->tsi; + } + else + { + my_ts = this->tsi; + other_ts = this->tsr; + } + name = this->config->get_name(this->config); enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa); while (this->reqid == 0 && enumerator->enumerate(enumerator, &child_sa)) @@ -1026,8 +1037,8 @@ static void check_for_rekeyed_child(private_quick_mode_t *this) case CHILD_REKEYING: policies = child_sa->create_policy_enumerator(child_sa); if (policies->enumerate(policies, &local, &remote) && - local->equals(local, this->tsr) && - remote->equals(remote, this->tsi) && + local->equals(local, my_ts) && + remote->equals(remote, other_ts) && this->proposal->equals(this->proposal, proposal)) { this->reqid = child_sa->get_reqid(child_sa); @@ -1165,7 +1176,7 @@ METHOD(task_t, process_r, status_t, } } - check_for_rekeyed_child(this); + check_for_rekeyed_child(this, TRUE); this->child_sa = child_sa_create( this->ike_sa->get_my_host(this->ike_sa), @@ -1366,6 +1377,7 @@ METHOD(task_t, process_i, status_t, { return send_notify(this, INVALID_PAYLOAD_TYPE); } + check_for_rekeyed_child(this, FALSE); if (!install(this)) { return send_notify(this, NO_PROPOSAL_CHOSEN); diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.h b/src/libcharon/sa/ikev1/tasks/quick_mode.h index fe684568a..0d4c5b47c 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.h +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2011 Martin Willi * Copyright (C) 2011 revosec AG diff --git a/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c b/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c index 3ab59fada..bcf262725 100644 --- a/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c +++ b/src/libcharon/sa/ikev2/authenticators/eap_authenticator.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/authenticators/eap_authenticator.h b/src/libcharon/sa/ikev2/authenticators/eap_authenticator.h index d81ebd562..859a21431 100644 --- a/src/libcharon/sa/ikev2/authenticators/eap_authenticator.h +++ b/src/libcharon/sa/ikev2/authenticators/eap_authenticator.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/authenticators/psk_authenticator.c b/src/libcharon/sa/ikev2/authenticators/psk_authenticator.c index 535581068..c1decb130 100644 --- a/src/libcharon/sa/ikev2/authenticators/psk_authenticator.c +++ b/src/libcharon/sa/ikev2/authenticators/psk_authenticator.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/authenticators/psk_authenticator.h b/src/libcharon/sa/ikev2/authenticators/psk_authenticator.h index 91c534145..7ae86b664 100644 --- a/src/libcharon/sa/ikev2/authenticators/psk_authenticator.h +++ b/src/libcharon/sa/ikev2/authenticators/psk_authenticator.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c index 65baf8771..652b837fe 100644 --- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c +++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2017 Tobias Brunner + * Copyright (C) 2008-2018 Tobias Brunner * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * HSR Hochschule fuer Technik Rapperswil @@ -23,6 +23,7 @@ #include #include #include +#include typedef struct private_pubkey_authenticator_t private_pubkey_authenticator_t; @@ -164,7 +165,7 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat, signature_scheme_t schemes[] = { SIGN_RSA_EMSA_PKCS1_SHA2_384, SIGN_RSA_EMSA_PKCS1_SHA2_256, - }, contained; + }; bool found; int i, j; @@ -174,8 +175,8 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat, found = FALSE; for (j = 0; j < array_count(selected); j++) { - array_get(selected, j, &contained); - if (scheme == contained) + array_get(selected, j, &config); + if (scheme == config->scheme) { found = TRUE; break; @@ -414,6 +415,29 @@ METHOD(authenticator_t, build, status_t, return status; } +/** + * Check if the end-entity certificate, if any, is compliant with RFC 4945 + */ +static bool is_compliant_cert(auth_cfg_t *auth) +{ + certificate_t *cert; + x509_t *x509; + + cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT); + if (!cert || cert->get_type(cert) != CERT_X509) + { + return TRUE; + } + x509 = (x509_t*)cert; + if (x509->get_flags(x509) & X509_IKE_COMPLIANT) + { + return TRUE; + } + DBG1(DBG_IKE, "rejecting certificate without digitalSignature or " + "nonRepudiation keyUsage flags"); + return FALSE; +} + METHOD(authenticator_t, process, status_t, private_pubkey_authenticator_t *this, message_t *message) { @@ -479,7 +503,8 @@ METHOD(authenticator_t, process, status_t, while (enumerator->enumerate(enumerator, &public, ¤t_auth)) { if (public->verify(public, params->scheme, params->params, octets, - auth_data)) + auth_data) && + is_compliant_cert(current_auth)) { if (auth_method != AUTH_DS) { diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.h b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.h index 82bfea23b..c98e97eb9 100644 --- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.h +++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/connect_manager.c b/src/libcharon/sa/ikev2/connect_manager.c index 35856788c..ba602fc4a 100644 --- a/src/libcharon/sa/ikev2/connect_manager.c +++ b/src/libcharon/sa/ikev2/connect_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/connect_manager.h b/src/libcharon/sa/ikev2/connect_manager.h index e667e1f70..bac261b35 100644 --- a/src/libcharon/sa/ikev2/connect_manager.h +++ b/src/libcharon/sa/ikev2/connect_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c index 0c41c68d0..f8b23b66e 100644 --- a/src/libcharon/sa/ikev2/keymat_v2.c +++ b/src/libcharon/sa/ikev2/keymat_v2.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -303,8 +303,8 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, chunk_t nonce_i, chunk_t nonce_r, ike_sa_id_t *id, pseudo_random_function_t rekey_function, chunk_t rekey_skd) { - chunk_t skeyseed, key, secret, full_nonce, fixed_nonce, prf_plus_seed; - chunk_t spi_i, spi_r; + chunk_t skeyseed = chunk_empty, key, secret, full_nonce, fixed_nonce; + chunk_t prf_plus_seed, spi_i, spi_r; prf_plus_t *prf_plus = NULL; uint16_t alg, key_size, int_alg; prf_t *rekey_prf = NULL; diff --git a/src/libcharon/sa/ikev2/keymat_v2.h b/src/libcharon/sa/ikev2/keymat_v2.h index 084ed40f0..5dc9cda38 100644 --- a/src/libcharon/sa/ikev2/keymat_v2.h +++ b/src/libcharon/sa/ikev2/keymat_v2.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/mediation_manager.c b/src/libcharon/sa/ikev2/mediation_manager.c index bf5b2f4b3..ffb566591 100644 --- a/src/libcharon/sa/ikev2/mediation_manager.c +++ b/src/libcharon/sa/ikev2/mediation_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/mediation_manager.h b/src/libcharon/sa/ikev2/mediation_manager.h index 5212bdb86..640b55eee 100644 --- a/src/libcharon/sa/ikev2/mediation_manager.h +++ b/src/libcharon/sa/ikev2/mediation_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c index 5c0ec49f0..fff567233 100644 --- a/src/libcharon/sa/ikev2/task_manager_v2.c +++ b/src/libcharon/sa/ikev2/task_manager_v2.c @@ -1794,9 +1794,25 @@ static void trigger_mbb_reauth(private_task_manager_t *this) enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa); while (enumerator->enumerate(enumerator, &child_sa)) { + child_create_t *child_create; + + switch (child_sa->get_state(child_sa)) + { + case CHILD_REKEYED: + case CHILD_DELETED: + /* ignore CHILD_SAs in these states */ + continue; + default: + break; + } cfg = child_sa->get_config(child_sa); - new->queue_task(new, &child_create_create(new, cfg->get_ref(cfg), - FALSE, NULL, NULL)->task); + child_create = child_create_create(new, cfg->get_ref(cfg), + FALSE, NULL, NULL); + child_create->use_reqid(child_create, child_sa->get_reqid(child_sa)); + child_create->use_marks(child_create, + child_sa->get_mark(child_sa, TRUE).value, + child_sa->get_mark(child_sa, FALSE).value); + new->queue_task(new, &child_create->task); children = TRUE; } enumerator->destroy(enumerator); diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c index 85dac6d59..c90af23b9 100644 --- a/src/libcharon/sa/ikev2/tasks/child_create.c +++ b/src/libcharon/sa/ikev2/tasks/child_create.c @@ -277,13 +277,11 @@ static bool ts_list_is_host(linked_list_t *list, host_t *host) } /** - * Allocate SPIs and update proposals, we also promote the selected DH group + * Allocate local SPI */ static bool allocate_spi(private_child_create_t *this) { - enumerator_t *enumerator; proposal_t *proposal; - linked_list_t *other_dh_groups; if (this->initiator) { @@ -301,41 +299,51 @@ static bool allocate_spi(private_child_create_t *this) this->proto = this->proposal->get_protocol(this->proposal); } this->my_spi = this->child_sa->alloc_spi(this->child_sa, this->proto); - if (this->my_spi) + return this->my_spi != 0; +} + +/** + * Update the proposals with the allocated SPIs as initiator and check the DH + * group and promote it if necessary + */ +static bool update_and_check_proposals(private_child_create_t *this) +{ + enumerator_t *enumerator; + proposal_t *proposal; + linked_list_t *other_dh_groups; + bool found = FALSE; + + other_dh_groups = linked_list_create(); + enumerator = this->proposals->create_enumerator(this->proposals); + while (enumerator->enumerate(enumerator, &proposal)) { - if (this->initiator) - { - other_dh_groups = linked_list_create(); - enumerator = this->proposals->create_enumerator(this->proposals); - while (enumerator->enumerate(enumerator, &proposal)) + proposal->set_spi(proposal, this->my_spi); + + /* move the selected DH group to the front, if any */ + if (this->dh_group != MODP_NONE) + { /* proposals that don't contain the selected group are + * moved to the back */ + if (!proposal->promote_dh_group(proposal, this->dh_group)) { - proposal->set_spi(proposal, this->my_spi); - - /* move the selected DH group to the front, if any */ - if (this->dh_group != MODP_NONE && - !proposal->promote_dh_group(proposal, this->dh_group)) - { /* proposals that don't contain the selected group are - * moved to the back */ - this->proposals->remove_at(this->proposals, enumerator); - other_dh_groups->insert_last(other_dh_groups, proposal); - } + this->proposals->remove_at(this->proposals, enumerator); + other_dh_groups->insert_last(other_dh_groups, proposal); } - enumerator->destroy(enumerator); - enumerator = other_dh_groups->create_enumerator(other_dh_groups); - while (enumerator->enumerate(enumerator, (void**)&proposal)) - { /* no need to remove from the list as we destroy it anyway*/ - this->proposals->insert_last(this->proposals, proposal); + else + { + found = TRUE; } - enumerator->destroy(enumerator); - other_dh_groups->destroy(other_dh_groups); - } - else - { - this->proposal->set_spi(this->proposal, this->my_spi); } - return TRUE; } - return FALSE; + enumerator->destroy(enumerator); + enumerator = other_dh_groups->create_enumerator(other_dh_groups); + while (enumerator->enumerate(enumerator, (void**)&proposal)) + { /* no need to remove from the list as we destroy it anyway*/ + this->proposals->insert_last(this->proposals, proposal); + } + enumerator->destroy(enumerator); + other_dh_groups->destroy(other_dh_groups); + + return this->dh_group == MODP_NONE || found; } /** @@ -532,10 +540,15 @@ static status_t select_and_install(private_child_create_t *this, } this->other_spi = this->proposal->get_spi(this->proposal); - if (!this->initiator && !allocate_spi(this)) - { /* responder has no SPI allocated yet */ - DBG1(DBG_IKE, "allocating SPI failed"); - return FAILED; + if (!this->initiator) + { + if (!allocate_spi(this)) + { + /* responder has no SPI allocated yet */ + DBG1(DBG_IKE, "allocating SPI failed"); + return FAILED; + } + this->proposal->set_spi(this->proposal, this->my_spi); } this->child_sa->set_proposal(this->child_sa, this->proposal); @@ -981,7 +994,12 @@ static void process_payloads(private_child_create_t *this, message_t *message) this->dh = this->keymat->keymat.create_dh( &this->keymat->keymat, this->dh_group); } - if (this->dh) + else if (this->dh) + { + this->dh_failed = this->dh->get_dh_group(this->dh) != + ke_payload->get_dh_group_number(ke_payload); + } + if (this->dh && !this->dh_failed) { this->dh_failed = !this->dh->set_other_public_value(this->dh, ke_payload->get_key_exchange_data(ke_payload)); @@ -1111,6 +1129,14 @@ METHOD(task_t, build_i, status_t, return FAILED; } + if (!update_and_check_proposals(this)) + { + DBG1(DBG_IKE, "requested DH group %N not contained in any of our " + "proposals", + diffie_hellman_group_names, this->dh_group); + return FAILED; + } + if (this->dh_group != MODP_NONE) { this->dh = this->keymat->keymat.create_dh(&this->keymat->keymat, @@ -1544,6 +1570,15 @@ METHOD(task_t, process_i, status_t, memcpy(&group, data.ptr, data.len); group = ntohs(group); } + if (this->retry) + { + DBG1(DBG_IKE, "already retried with DH group %N, ignore" + "requested %N", diffie_hellman_group_names, + this->dh_group, diffie_hellman_group_names, group); + handle_child_sa_failure(this, message); + /* an error in CHILD_SA creation is not critical */ + return SUCCESS; + } DBG1(DBG_IKE, "peer didn't accept DH group %N, " "it requested %N", diffie_hellman_group_names, this->dh_group, diffie_hellman_group_names, group); diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.c b/src/libcharon/sa/ikev2/tasks/child_delete.c index 164f8fc03..6c8b29018 100644 --- a/src/libcharon/sa/ikev2/tasks/child_delete.c +++ b/src/libcharon/sa/ikev2/tasks/child_delete.c @@ -265,6 +265,8 @@ static void process_payloads(private_child_delete_t *this, message_t *message) case CHILD_REKEYED: entry->rekeyed = TRUE; break; + case CHILD_DELETED: + /* already deleted but not yet destroyed, ignore */ case CHILD_DELETING: /* we don't send back a delete if we already initiated * a delete ourself */ @@ -324,6 +326,7 @@ static status_t destroy_and_reestablish(private_child_delete_t *this) while (enumerator->enumerate(enumerator, (void**)&entry)) { child_sa = entry->child_sa; + child_sa->set_state(child_sa, CHILD_DELETED); /* signal child down event if we weren't rekeying */ protocol = child_sa->get_protocol(child_sa); if (!entry->rekeyed) @@ -374,8 +377,8 @@ static status_t destroy_and_reestablish(private_child_delete_t *this) break; case ACTION_ROUTE: charon->traps->install(charon->traps, - this->ike_sa->get_peer_cfg(this->ike_sa), child_cfg, - reqid); + this->ike_sa->get_peer_cfg(this->ike_sa), + child_cfg); break; default: break; @@ -456,7 +459,7 @@ METHOD(task_t, build_i, status_t, this->spi = child_sa->get_spi(child_sa, TRUE); } - if (child_sa->get_state(child_sa) == CHILD_DELETING) + if (child_sa->get_state(child_sa) == CHILD_DELETED) { /* DELETEs for this CHILD_SA were already exchanged, but it was not yet * destroyed to allow delayed packets to get processed */ this->ike_sa->destroy_child_sa(this->ike_sa, this->protocol, this->spi); diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.h b/src/libcharon/sa/ikev2/tasks/child_delete.h index 1e9b2d2f7..6b0006e6e 100644 --- a/src/libcharon/sa/ikev2/tasks/child_delete.h +++ b/src/libcharon/sa/ikev2/tasks/child_delete.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c index f90056658..d5188c0bc 100644 --- a/src/libcharon/sa/ikev2/tasks/child_rekey.c +++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c @@ -145,8 +145,7 @@ static void find_child(private_child_rekey_t *this, message_t *message) child_sa = this->ike_sa->get_child_sa(this->ike_sa, protocol, spi, FALSE); if (child_sa && - child_sa->get_state(child_sa) == CHILD_DELETING && - child_sa->get_outbound_state(child_sa) == CHILD_OUTBOUND_NONE) + child_sa->get_state(child_sa) == CHILD_DELETED) { /* ignore rekeyed CHILD_SAs we keep around */ return; } @@ -213,7 +212,8 @@ METHOD(task_t, build_i, status_t, message) != NEED_MORE) { schedule_delayed_rekey(this); - return FAILED; + message->set_exchange_type(message, EXCHANGE_TYPE_UNDEFINED); + return SUCCESS; } if (message->get_exchange_type(message) == CREATE_CHILD_SA) { diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c b/src/libcharon/sa/ikev2/tasks/ike_auth.c index aeaa701c9..6b63197d5 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth.c +++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2015 Tobias Brunner * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.h b/src/libcharon/sa/ikev2/tasks/ike_auth.h index ca864a710..c9e42ff54 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth.h +++ b/src/libcharon/sa/ikev2/tasks/ike_auth.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c b/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c index 47b0a3ed1..495a353c5 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c +++ b/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.h b/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.h index 4d5087ff5..f6862ca27 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.h +++ b/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c index 5a9e08de2..68af6e35b 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c +++ b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_post.h b/src/libcharon/sa/ikev2/tasks/ike_cert_post.h index 34606b1e8..fb1614b43 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_cert_post.h +++ b/src/libcharon/sa/ikev2/tasks/ike_cert_post.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c index ca17494de..284e59bb1 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c +++ b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.h b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.h index c1f8635ce..8542497bc 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.h +++ b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_config.c b/src/libcharon/sa/ikev2/tasks/ike_config.c index 6c42b81a6..4a8acb97e 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_config.c +++ b/src/libcharon/sa/ikev2/tasks/ike_config.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2007 Martin Willi * Copyright (C) 2006-2007 Fabian Hartmann, Noah Heusser - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_config.h b/src/libcharon/sa/ikev2/tasks/ike_config.h index e35457645..9bf666c81 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_config.h +++ b/src/libcharon/sa/ikev2/tasks/ike_config.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_delete.h b/src/libcharon/sa/ikev2/tasks/ike_delete.h index 2d5d7cb3a..5d571f769 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_delete.h +++ b/src/libcharon/sa/ikev2/tasks/ike_delete.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_dpd.c b/src/libcharon/sa/ikev2/tasks/ike_dpd.c index 7a33f7938..d025a046d 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_dpd.c +++ b/src/libcharon/sa/ikev2/tasks/ike_dpd.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_dpd.h b/src/libcharon/sa/ikev2/tasks/ike_dpd.h index 026871610..7b30bdc9c 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_dpd.h +++ b/src/libcharon/sa/ikev2/tasks/ike_dpd.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_init.h b/src/libcharon/sa/ikev2/tasks/ike_init.h index ab169954d..d40d447c1 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_init.h +++ b/src/libcharon/sa/ikev2/tasks/ike_init.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_me.c b/src/libcharon/sa/ikev2/tasks/ike_me.c index f077ccfb5..8023da1fc 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_me.c +++ b/src/libcharon/sa/ikev2/tasks/ike_me.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_me.h b/src/libcharon/sa/ikev2/tasks/ike_me.h index 44a4ce69c..9e5405b61 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_me.h +++ b/src/libcharon/sa/ikev2/tasks/ike_me.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_mobike.h b/src/libcharon/sa/ikev2/tasks/ike_mobike.h index bb2318c9c..288b87178 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_mobike.h +++ b/src/libcharon/sa/ikev2/tasks/ike_mobike.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -63,7 +63,7 @@ struct ike_mobike_t { void (*dpd)(ike_mobike_t *this); /** - * Transmision hook, called by task manager. + * Transmission hook, called by task manager. * * The task manager calls this hook whenever it transmits a packet. It * allows the mobike task to send the packet on multiple paths to do path diff --git a/src/libcharon/sa/ikev2/tasks/ike_natd.c b/src/libcharon/sa/ikev2/tasks/ike_natd.c index f3f32d7af..8ea903ec8 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_natd.c +++ b/src/libcharon/sa/ikev2/tasks/ike_natd.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2006-2007 Martin Willi * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_natd.h b/src/libcharon/sa/ikev2/tasks/ike_natd.h index 9c571b8e6..3e5af5bcf 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_natd.h +++ b/src/libcharon/sa/ikev2/tasks/ike_natd.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_reauth.c b/src/libcharon/sa/ikev2/tasks/ike_reauth.c index 6f90339ea..b9f6c02a8 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_reauth.c +++ b/src/libcharon/sa/ikev2/tasks/ike_reauth.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_reauth.h b/src/libcharon/sa/ikev2/tasks/ike_reauth.h index e2e48f0d4..3733f21c8 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_reauth.h +++ b/src/libcharon/sa/ikev2/tasks/ike_reauth.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_redirect.c b/src/libcharon/sa/ikev2/tasks/ike_redirect.c index f82c80f71..2c565c43a 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_redirect.c +++ b/src/libcharon/sa/ikev2/tasks/ike_redirect.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_redirect.h b/src/libcharon/sa/ikev2/tasks/ike_redirect.h index afa00ce5d..5abc9acde 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_redirect.h +++ b/src/libcharon/sa/ikev2/tasks/ike_redirect.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_rekey.c b/src/libcharon/sa/ikev2/tasks/ike_rekey.c index 2f0552a33..11123b415 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_rekey.c +++ b/src/libcharon/sa/ikev2/tasks/ike_rekey.c @@ -363,7 +363,7 @@ METHOD(task_t, process_i, status_t, /* IKE_SAs in state IKE_REKEYED are silently deleted, so we use * IKE_REKEYING */ this->new_sa->set_state(this->new_sa, IKE_REKEYING); - if (this->new_sa->delete(this->new_sa) == DESTROY_ME) + if (this->new_sa->delete(this->new_sa, FALSE) == DESTROY_ME) { this->new_sa->destroy(this->new_sa); } diff --git a/src/libcharon/sa/ikev2/tasks/ike_vendor.c b/src/libcharon/sa/ikev2/tasks/ike_vendor.c index f72fbc437..8d8969ea0 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_vendor.c +++ b/src/libcharon/sa/ikev2/tasks/ike_vendor.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_vendor.h b/src/libcharon/sa/ikev2/tasks/ike_vendor.h index 86c711636..29832cbe9 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_vendor.h +++ b/src/libcharon/sa/ikev2/tasks/ike_vendor.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.c b/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.c index 069d51d00..941b43023 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.c +++ b/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.h b/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.h index 3d9aae0b3..0e48562eb 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.h +++ b/src/libcharon/sa/ikev2/tasks/ike_verify_peer_cert.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/keymat.c b/src/libcharon/sa/keymat.c index d1f6a1bdc..70521b5dc 100644 --- a/src/libcharon/sa/keymat.c +++ b/src/libcharon/sa/keymat.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -65,6 +65,7 @@ int keymat_get_keylen_encr(encryption_algorithm_t alg) keylen_entry_t map[] = { {ENCR_DES, 64}, {ENCR_3DES, 192}, + {ENCR_CHACHA20_POLY1305, 256}, }; int i; diff --git a/src/libcharon/sa/keymat.h b/src/libcharon/sa/keymat.h index 17d2efe37..3fbb75880 100644 --- a/src/libcharon/sa/keymat.h +++ b/src/libcharon/sa/keymat.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/redirect_manager.c b/src/libcharon/sa/redirect_manager.c index 45b7e79df..75bba3639 100644 --- a/src/libcharon/sa/redirect_manager.c +++ b/src/libcharon/sa/redirect_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/redirect_manager.h b/src/libcharon/sa/redirect_manager.h index e8753265c..2bd134c7d 100644 --- a/src/libcharon/sa/redirect_manager.h +++ b/src/libcharon/sa/redirect_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/redirect_provider.h b/src/libcharon/sa/redirect_provider.h index ef2288ffc..75d421227 100644 --- a/src/libcharon/sa/redirect_provider.h +++ b/src/libcharon/sa/redirect_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/shunt_manager.c b/src/libcharon/sa/shunt_manager.c index 3a254cea5..a83da0480 100644 --- a/src/libcharon/sa/shunt_manager.c +++ b/src/libcharon/sa/shunt_manager.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2016 Tobias Brunner + * Copyright (C) 2015-2017 Tobias Brunner * Copyright (C) 2011-2016 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * @@ -198,6 +198,13 @@ METHOD(shunt_manager_t, install, bool, entry_t *entry; bool found = FALSE, success; + if (!ns) + { + DBG1(DBG_CFG, "missing namespace for shunt policy '%s'", + cfg->get_name(cfg)); + return FALSE; + } + /* check if not already installed */ this->lock->write_lock(this->lock); if (this->installing == INSTALL_DISABLED) @@ -224,7 +231,7 @@ METHOD(shunt_manager_t, install, bool, return TRUE; } INIT(entry, - .ns = strdupnull(ns), + .ns = strdup(ns), .cfg = cfg->get_ref(cfg), ); this->shunts->insert_last(this->shunts, entry); @@ -369,7 +376,7 @@ METHOD(shunt_manager_t, uninstall, bool, enumerator = this->shunts->create_enumerator(this->shunts); while (enumerator->enumerate(enumerator, &entry)) { - if (streq(ns, entry->ns) && + if ((!ns || streq(ns, entry->ns)) && streq(name, entry->cfg->get_name(entry->cfg))) { this->shunts->remove_at(this->shunts, enumerator); diff --git a/src/libcharon/sa/shunt_manager.h b/src/libcharon/sa/shunt_manager.h index f2b721032..3d9848c93 100644 --- a/src/libcharon/sa/shunt_manager.h +++ b/src/libcharon/sa/shunt_manager.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2016 Tobias Brunner + * Copyright (C) 2015-2017 Tobias Brunner * Copyright (C) 2011 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * @@ -36,8 +36,7 @@ struct shunt_manager_t { /** * Install a policy as a shunt. * - * @param ns optional namespace (e.g. name of a connection or - * plugin), cloned + * @param ns namespace (e.g. name of a connection or plugin), cloned * @param child child configuration to install as a shunt * @return TRUE if installed successfully */ @@ -46,7 +45,10 @@ struct shunt_manager_t { /** * Uninstall a shunt policy. * - * @param ns namespace (same as given during installation) + * If no namespace is given the first matching child configuration is + * removed. + * + * @param ns namespace (same as given during installation) or NULL * @param name name of child configuration to uninstall as a shunt * @return TRUE if uninstalled successfully */ diff --git a/src/libcharon/sa/task.c b/src/libcharon/sa/task.c index 30de08c9b..660d0eb92 100644 --- a/src/libcharon/sa/task.c +++ b/src/libcharon/sa/task.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2007 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/task.h b/src/libcharon/sa/task.h index 5f77149ba..1a0a1acfa 100644 --- a/src/libcharon/sa/task.h +++ b/src/libcharon/sa/task.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2007-2015 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/task_manager.c b/src/libcharon/sa/task_manager.c index bd1191406..e1c8d23b4 100644 --- a/src/libcharon/sa/task_manager.c +++ b/src/libcharon/sa/task_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c index 6436a2549..979f9290a 100644 --- a/src/libcharon/sa/trap_manager.c +++ b/src/libcharon/sa/trap_manager.c @@ -1,7 +1,7 @@ /* - * Copyright (C) 2011-2015 Tobias Brunner + * Copyright (C) 2011-2017 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -183,9 +183,8 @@ static bool dynamic_remote_ts(child_cfg_t *child) return found; } -METHOD(trap_manager_t, install, uint32_t, - private_trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child, - uint32_t reqid) +METHOD(trap_manager_t, install, bool, + private_trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child) { entry_t *entry, *found = NULL; ike_cfg_t *ike_cfg; @@ -197,7 +196,7 @@ METHOD(trap_manager_t, install, uint32_t, linked_list_t *proposals; proposal_t *proposal; protocol_id_t proto = PROTO_ESP; - bool wildcard = FALSE; + bool result = FALSE, wildcard = FALSE; /* try to resolve addresses */ ike_cfg = peer->get_ike_cfg(peer); @@ -213,7 +212,7 @@ METHOD(trap_manager_t, install, uint32_t, { other->destroy(other); DBG1(DBG_CFG, "installing trap failed, remote address unknown"); - return 0; + return FALSE; } else { /* depending on the traffic selectors we don't really need a remote @@ -223,7 +222,7 @@ METHOD(trap_manager_t, install, uint32_t, * which is probably not what users expect*/ DBG1(DBG_CFG, "installing trap failed, remote address unknown with " "dynamic traffic selector"); - return 0; + return FALSE; } me = ike_cfg->resolve_me(ike_cfg, other ? other->get_family(other) : AF_UNSPEC); @@ -250,12 +249,14 @@ METHOD(trap_manager_t, install, uint32_t, this->lock->unlock(this->lock); other->destroy(other); me->destroy(me); - return 0; + return FALSE; } enumerator = this->traps->create_enumerator(this->traps); while (enumerator->enumerate(enumerator, &entry)) { - if (streq(entry->name, child->get_name(child))) + if (streq(entry->name, child->get_name(child)) && + streq(entry->peer_cfg->get_name(entry->peer_cfg), + peer->get_name(peer))) { found = entry; if (entry->child_sa) @@ -275,11 +276,10 @@ METHOD(trap_manager_t, install, uint32_t, this->lock->unlock(this->lock); other->destroy(other); me->destroy(me); - return 0; + return FALSE; } /* config might have changed so update everything */ DBG1(DBG_CFG, "updating already routed CHILD_SA '%s'", found->name); - reqid = found->child_sa->get_reqid(found->child_sa); } INIT(entry, @@ -293,7 +293,7 @@ METHOD(trap_manager_t, install, uint32_t, this->lock->unlock(this->lock); /* create and route CHILD_SA */ - child_sa = child_sa_create(me, other, child, reqid, FALSE, 0, 0); + child_sa = child_sa_create(me, other, child, 0, FALSE, 0, 0); list = linked_list_create_with_items(me, NULL); my_ts = child->get_traffic_selectors(child, TRUE, NULL, list); @@ -325,14 +325,13 @@ METHOD(trap_manager_t, install, uint32_t, this->lock->unlock(this->lock); entry->child_sa = child_sa; destroy_entry(entry); - reqid = 0; } else { - reqid = child_sa->get_reqid(child_sa); this->lock->write_lock(this->lock); entry->child_sa = child_sa; this->lock->unlock(this->lock); + result = TRUE; } if (found) { @@ -343,11 +342,11 @@ METHOD(trap_manager_t, install, uint32_t, this->installing--; this->condvar->signal(this->condvar); this->lock->unlock(this->lock); - return reqid; + return result; } METHOD(trap_manager_t, uninstall, bool, - private_trap_manager_t *this, uint32_t reqid) + private_trap_manager_t *this, char *peer, char *child) { enumerator_t *enumerator; entry_t *entry, *found = NULL; @@ -356,8 +355,8 @@ METHOD(trap_manager_t, uninstall, bool, enumerator = this->traps->create_enumerator(this->traps); while (enumerator->enumerate(enumerator, &entry)) { - if (entry->child_sa && - entry->child_sa->get_reqid(entry->child_sa) == reqid) + if (streq(entry->name, child) && + (!peer || streq(peer, entry->peer_cfg->get_name(entry->peer_cfg)))) { this->traps->remove_at(this->traps, enumerator); found = entry; @@ -369,7 +368,6 @@ METHOD(trap_manager_t, uninstall, bool, if (!found) { - DBG1(DBG_CFG, "trap %d not found to uninstall", reqid); return FALSE; } destroy_entry(found); @@ -413,31 +411,6 @@ METHOD(trap_manager_t, create_enumerator, enumerator_t*, (void*)this->lock->unlock); } -METHOD(trap_manager_t, find_reqid, uint32_t, - private_trap_manager_t *this, child_cfg_t *child) -{ - enumerator_t *enumerator; - entry_t *entry; - uint32_t reqid = 0; - - this->lock->read_lock(this->lock); - enumerator = this->traps->create_enumerator(this->traps); - while (enumerator->enumerate(enumerator, &entry)) - { - if (streq(entry->name, child->get_name(child))) - { - if (entry->child_sa) - { - reqid = entry->child_sa->get_reqid(entry->child_sa); - } - break; - } - } - enumerator->destroy(enumerator); - this->lock->unlock(this->lock); - return reqid; -} - METHOD(trap_manager_t, acquire, void, private_trap_manager_t *this, uint32_t reqid, traffic_selector_t *src, traffic_selector_t *dst) @@ -693,7 +666,6 @@ trap_manager_t *trap_manager_create(void) .install = _install, .uninstall = _uninstall, .create_enumerator = _create_enumerator, - .find_reqid = _find_reqid, .acquire = _acquire, .flush = _flush, .destroy = _destroy, diff --git a/src/libcharon/sa/trap_manager.h b/src/libcharon/sa/trap_manager.h index 083ea3dbf..1b67ff82f 100644 --- a/src/libcharon/sa/trap_manager.h +++ b/src/libcharon/sa/trap_manager.h @@ -1,6 +1,7 @@ /* + * Copyright (C) 2013-2017 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -37,19 +38,21 @@ struct trap_manager_t { * * @param peer peer configuration to initiate on trap * @param child child configuration to install as a trap - * @param reqid optional reqid to use - * @return reqid of installed CHILD_SA, 0 if failed + * @return TRUE if successfully installed */ - uint32_t (*install)(trap_manager_t *this, peer_cfg_t *peer, - child_cfg_t *child, uint32_t reqid); + bool (*install)(trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child); /** * Uninstall a trap policy. * - * @param id reqid of CHILD_SA to uninstall, returned by install() + * If no peer configuration name is given the first matching child + * configuration is uninstalled. + * + * @param peer peer configuration name or NULL + * @param child child configuration name * @return TRUE if uninstalled successfully */ - bool (*uninstall)(trap_manager_t *this, uint32_t reqid); + bool (*uninstall)(trap_manager_t *this, char *peer, char *child); /** * Create an enumerator over all installed traps. @@ -58,14 +61,6 @@ struct trap_manager_t { */ enumerator_t* (*create_enumerator)(trap_manager_t *this); - /** - * Find the reqid of a child config installed as a trap. - * - * @param child CHILD_SA config to get the reqid for - * @return reqid of trap, 0 if not found - */ - uint32_t (*find_reqid)(trap_manager_t *this, child_cfg_t *child); - /** * Acquire an SA triggered by an installed trap. * diff --git a/src/libcharon/sa/xauth/xauth_method.c b/src/libcharon/sa/xauth/xauth_method.c index 838822d1e..8f34a275d 100644 --- a/src/libcharon/sa/xauth/xauth_method.c +++ b/src/libcharon/sa/xauth/xauth_method.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/sa/xauth/xauth_method.h b/src/libcharon/sa/xauth/xauth_method.h index c0c2024e0..134e72b06 100644 --- a/src/libcharon/sa/xauth/xauth_method.h +++ b/src/libcharon/sa/xauth/xauth_method.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/tests/suites/test_child_delete.c b/src/libcharon/tests/suites/test_child_delete.c index 437e919c7..8660d7291 100644 --- a/src/libcharon/tests/suites/test_child_delete.c +++ b/src/libcharon/tests/suites/test_child_delete.c @@ -290,7 +290,7 @@ START_TEST(test_collision_ike_delete) } call_ikesa(a, delete_child_sa, PROTO_ESP, spi_a, FALSE); assert_child_sa_state(a, spi_a, CHILD_DELETING); - call_ikesa(b, delete); + call_ikesa(b, delete, FALSE); assert_ike_sa_state(b, IKE_DELETING); /* RFC 7296, 2.25.2 does not explicitly state what the behavior SHOULD be if diff --git a/src/libcharon/tests/suites/test_child_rekey.c b/src/libcharon/tests/suites/test_child_rekey.c index 44d004ab7..51d577cd8 100644 --- a/src/libcharon/tests/suites/test_child_rekey.c +++ b/src/libcharon/tests/suites/test_child_rekey.c @@ -41,7 +41,7 @@ assert_hook_not_called(child_updown); \ assert_hook_not_called(child_rekey); \ assert_no_jobs_scheduled(); \ - assert_child_sa_state(sa, spi, CHILD_DELETING, CHILD_OUTBOUND_NONE); \ + assert_child_sa_state(sa, spi, CHILD_DELETED, CHILD_OUTBOUND_NONE); \ call_ikesa(sa, delete_child_sa, PROTO_ESP, spi, FALSE); \ assert_child_sa_not_exists(sa, spi); \ assert_scheduler(); \ @@ -97,7 +97,7 @@ START_TEST(test_regular) assert_jobs_scheduled(1); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, spi_b, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, spi_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 4, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, spi_b, 3, 4); @@ -108,7 +108,7 @@ START_TEST(test_regular) assert_jobs_scheduled(1); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, spi_a, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, spi_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 3, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, spi_a, 3, 4); @@ -205,7 +205,7 @@ START_TEST(test_regular_ke_invalid) assert_hook_not_called(child_rekey); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, spi_b, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, spi_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 6, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, spi_b, 5, 6); @@ -214,7 +214,7 @@ START_TEST(test_regular_ke_invalid) assert_hook_not_called(child_rekey); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, spi_a, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, spi_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 5, CHILD_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, spi_a, 5, 6); @@ -259,7 +259,7 @@ START_TEST(test_regular_ke_invalid) assert_hook_not_called(child_rekey); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, 6, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 6, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 8, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, 6, 7, 8); @@ -269,7 +269,7 @@ START_TEST(test_regular_ke_invalid) assert_hook_not_called(child_rekey); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 5, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 5, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 7, CHILD_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 5, 7, 8); @@ -336,7 +336,7 @@ START_TEST(test_regular_responder_ignore_soft_expire) assert_jobs_scheduled(1); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, 2, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 2, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 4, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, 2, 3, 4); @@ -345,7 +345,7 @@ START_TEST(test_regular_responder_ignore_soft_expire) assert_jobs_scheduled(1); assert_single_payload(IN, PLV2_DELETE); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 3, CHILD_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 1, 3, 4); @@ -431,7 +431,7 @@ START_TEST(test_regular_responder_handle_hard_expire) assert_jobs_scheduled(1); assert_message_empty(IN); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 3, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 1, 3, 4); @@ -440,7 +440,7 @@ START_TEST(test_regular_responder_handle_hard_expire) assert_jobs_scheduled(1); assert_message_empty(IN); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, 2, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 2, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 4, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, 2, 3, 4); @@ -591,7 +591,7 @@ START_TEST(test_collision) assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING, data[_i].spi_del_b == 2 ? CHILD_OUTBOUND_INSTALLED : CHILD_OUTBOUND_REGISTERED); - assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -611,7 +611,7 @@ START_TEST(test_collision) assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING, data[_i].spi_del_a == 1 ? CHILD_OUTBOUND_INSTALLED : CHILD_OUTBOUND_REGISTERED); - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -628,9 +628,9 @@ START_TEST(test_collision) /* <-- INFORMATIONAL { D } */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -641,9 +641,9 @@ START_TEST(test_collision) /* INFORMATIONAL { D } --> */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); - assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -781,7 +781,7 @@ START_TEST(test_collision_delayed_response) exchange_test_helper->process_message(exchange_test_helper, a, NULL); if (data[_i].spi_del_b == 2) { - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_ipsec_sas_installed(a, 1, 4, 6); @@ -789,7 +789,7 @@ START_TEST(test_collision_delayed_response) else { assert_child_sa_state(a, 1, CHILD_REKEYED, CHILD_OUTBOUND_INSTALLED); - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_ipsec_sas_installed(a, 1, 2, 6); } @@ -814,7 +814,7 @@ START_TEST(test_collision_delayed_response) CHILD_OUTBOUND_REGISTERED); assert_ipsec_sas_installed(b, 1, 2, 4, 5); } - assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_count(b, 3); assert_scheduler(); @@ -839,7 +839,7 @@ START_TEST(test_collision_delayed_response) CHILD_OUTBOUND_REGISTERED); assert_ipsec_sas_installed(a, 1, 3, 4, 6); } - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -850,9 +850,9 @@ START_TEST(test_collision_delayed_response) /* INFORMATIONAL { D } --> */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); - assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -863,9 +863,9 @@ START_TEST(test_collision_delayed_response) /* <-- INFORMATIONAL { D } */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -972,7 +972,7 @@ START_TEST(test_collision_delayed_request) /* <-- INFORMATIONAL { D } */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 5, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 1, 4, 5); @@ -981,7 +981,7 @@ START_TEST(test_collision_delayed_request) /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */ assert_no_jobs_scheduled(); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 5, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 1, 4, 5); @@ -990,7 +990,7 @@ START_TEST(test_collision_delayed_request) /* INFORMATIONAL { D } --> */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, 2, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 2, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 4, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, 2, 4, 5); @@ -1089,7 +1089,7 @@ START_TEST(test_collision_delayed_request_more) /* <-- INFORMATIONAL { D } */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 5, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 1, 4, 5); @@ -1097,7 +1097,7 @@ START_TEST(test_collision_delayed_request_more) /* INFORMATIONAL { D } --> */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, 2, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 2, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 4, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, 2, 4, 5); @@ -1106,14 +1106,14 @@ START_TEST(test_collision_delayed_request_more) /* CREATE_CHILD_SA { N(REKEY_SA), SA, Ni, [KEi,] TSi, TSr } --> */ assert_single_notify(OUT, CHILD_SA_NOT_FOUND); exchange_test_helper->process_message(exchange_test_helper, b, msg); - assert_child_sa_state(b, 2, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 2, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 4, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_ipsec_sas_installed(b, 2, 4, 5); /* <-- CREATE_CHILD_SA { N(NO_CHILD_SA) } */ assert_no_jobs_scheduled(); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 5, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_ipsec_sas_installed(a, 1, 4, 5); @@ -1299,7 +1299,7 @@ START_TEST(test_collision_ke_invalid) assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING, data[_i].spi_del_b == 2 ? CHILD_OUTBOUND_INSTALLED : CHILD_OUTBOUND_REGISTERED); - assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -1311,7 +1311,7 @@ START_TEST(test_collision_ke_invalid) assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING, data[_i].spi_del_a == 1 ? CHILD_OUTBOUND_INSTALLED : CHILD_OUTBOUND_REGISTERED); - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -1320,9 +1320,9 @@ START_TEST(test_collision_ke_invalid) /* <-- INFORMATIONAL { D } */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); - assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(a, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, data[_i].spi_a, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -1331,9 +1331,9 @@ START_TEST(test_collision_ke_invalid) /* INFORMATIONAL { D } --> */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_b, CHILD_DELETED, CHILD_OUTBOUND_NONE); - assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETING, + assert_child_sa_state(b, data[_i].spi_del_a, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, data[_i].spi_b, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); @@ -1475,7 +1475,7 @@ START_TEST(test_collision_ke_invalid_delayed_retry) /* <-- INFORMATIONAL { D } */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 9, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_scheduler(); @@ -1483,7 +1483,7 @@ START_TEST(test_collision_ke_invalid_delayed_retry) /* <-- CREATE_CHILD_SA { N(TEMP_FAIL) } */ assert_no_jobs_scheduled(); exchange_test_helper->process_message(exchange_test_helper, a, NULL); - assert_child_sa_state(a, 1, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(a, 1, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(a, 9, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(a, 2); assert_scheduler(); @@ -1491,7 +1491,7 @@ START_TEST(test_collision_ke_invalid_delayed_retry) /* INFORMATIONAL { D } --> */ assert_jobs_scheduled(1); exchange_test_helper->process_message(exchange_test_helper, b, NULL); - assert_child_sa_state(b, 2, CHILD_DELETING, CHILD_OUTBOUND_NONE); + assert_child_sa_state(b, 2, CHILD_DELETED, CHILD_OUTBOUND_NONE); assert_child_sa_state(b, 8, CHILD_INSTALLED, CHILD_OUTBOUND_INSTALLED); assert_child_sa_count(b, 2); assert_scheduler(); @@ -1906,7 +1906,7 @@ START_TEST(test_collision_ike_delete) &a, &b, NULL); } initiate_rekey(a, spi_a); - call_ikesa(b, delete); + call_ikesa(b, delete, FALSE); assert_ike_sa_state(b, IKE_DELETING); /* this should never get called as there is no successful rekeying on diff --git a/src/libcharon/tests/suites/test_ike_cfg.c b/src/libcharon/tests/suites/test_ike_cfg.c index 8062179b9..9bbc064f7 100644 --- a/src/libcharon/tests/suites/test_ike_cfg.c +++ b/src/libcharon/tests/suites/test_ike_cfg.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libcharon/tests/suites/test_ike_delete.c b/src/libcharon/tests/suites/test_ike_delete.c index d79f9bc50..7633718d4 100644 --- a/src/libcharon/tests/suites/test_ike_delete.c +++ b/src/libcharon/tests/suites/test_ike_delete.c @@ -40,7 +40,7 @@ START_TEST(test_regular) } assert_hook_not_called(ike_updown); assert_hook_not_called(child_updown); - call_ikesa(a, delete); + call_ikesa(a, delete, FALSE); assert_ike_sa_state(a, IKE_DELETING); assert_hook(); assert_hook(); @@ -81,9 +81,9 @@ START_TEST(test_collision) assert_hook_not_called(ike_updown); assert_hook_not_called(child_updown); - call_ikesa(a, delete); + call_ikesa(a, delete, FALSE); assert_ike_sa_state(a, IKE_DELETING); - call_ikesa(b, delete); + call_ikesa(b, delete, FALSE); assert_ike_sa_state(b, IKE_DELETING); assert_hook(); assert_hook(); diff --git a/src/libcharon/tests/suites/test_ike_rekey.c b/src/libcharon/tests/suites/test_ike_rekey.c index e22a0c288..b6a015445 100644 --- a/src/libcharon/tests/suites/test_ike_rekey.c +++ b/src/libcharon/tests/suites/test_ike_rekey.c @@ -1319,7 +1319,7 @@ START_TEST(test_collision_delete) assert_hook_not_called(ike_rekey); initiate_rekey(a); - call_ikesa(b, delete); + call_ikesa(b, delete, FALSE); assert_ike_sa_state(b, IKE_DELETING); /* RFC 7296, 2.25.2: If a peer receives a request to rekey an IKE SA that @@ -1401,7 +1401,7 @@ START_TEST(test_collision_delete_drop_delete) assert_hook_not_called(ike_rekey); initiate_rekey(a); - call_ikesa(b, delete); + call_ikesa(b, delete, FALSE); assert_ike_sa_state(b, IKE_DELETING); /* RFC 7296, 2.25.2: If a peer receives a request to rekey an IKE SA that diff --git a/src/libcharon/tests/suites/test_mem_pool.c b/src/libcharon/tests/suites/test_mem_pool.c index 4204d4bab..e509228d9 100644 --- a/src/libcharon/tests/suites/test_mem_pool.c +++ b/src/libcharon/tests/suites/test_mem_pool.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_context.h b/src/libfast/fast_context.h index 4922703ca..7113b1bac 100644 --- a/src/libfast/fast_context.h +++ b/src/libfast/fast_context.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_controller.h b/src/libfast/fast_controller.h index bbd0214fc..a8a56b872 100644 --- a/src/libfast/fast_controller.h +++ b/src/libfast/fast_controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_dispatcher.c b/src/libfast/fast_dispatcher.c index 4b422f077..70ff40466 100644 --- a/src/libfast/fast_dispatcher.c +++ b/src/libfast/fast_dispatcher.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_dispatcher.h b/src/libfast/fast_dispatcher.h index 21708a744..ffa49d9db 100644 --- a/src/libfast/fast_dispatcher.h +++ b/src/libfast/fast_dispatcher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -24,7 +24,7 @@ * * The application has a global context and a session context. The global * context is accessed from all sessions simultaneously and therefore - * needs to be threadsave. Often a database wrapper is the global context. + * needs to be threadsafe. Often a database wrapper is the global context. * The session context is instantiated per session. Sessions are managed * automatically through session cookies. The session context is kept alive * until the session times out. It must implement the context_t interface and diff --git a/src/libfast/fast_filter.h b/src/libfast/fast_filter.h index 57367bd5a..53aa0e827 100644 --- a/src/libfast/fast_filter.h +++ b/src/libfast/fast_filter.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_request.c b/src/libfast/fast_request.c index a56a59167..0543215cb 100644 --- a/src/libfast/fast_request.c +++ b/src/libfast/fast_request.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -75,7 +75,7 @@ struct private_fast_request_t { }; /** - * ClearSilver cgiwrap is not threadsave, so we use a private + * ClearSilver cgiwrap is not threadsafe, so we use a private * context for each thread. */ static thread_value_t *thread_this; diff --git a/src/libfast/fast_request.h b/src/libfast/fast_request.h index 678cf54d5..85cbc2062 100644 --- a/src/libfast/fast_request.h +++ b/src/libfast/fast_request.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_session.c b/src/libfast/fast_session.c index 56d4a0443..eb6fc638b 100644 --- a/src/libfast/fast_session.c +++ b/src/libfast/fast_session.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libfast/fast_session.h b/src/libfast/fast_session.h index 3fca3673e..4c7127c8d 100644 --- a/src/libfast/fast_session.h +++ b/src/libfast/fast_session.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libimcv/imcv.h b/src/libimcv/imcv.h index 0f44d8f6f..a5eebd536 100644 --- a/src/libimcv/imcv.h +++ b/src/libimcv/imcv.h @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2011 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql index 40a0f5eeb..860573c31 100644 --- a/src/libimcv/imv/data.sql +++ b/src/libimcv/imv/data.sql @@ -544,6 +544,18 @@ INSERT INTO products ( /* 91 */ 'Debian 8.9 x86_64' ); +INSERT INTO products ( /* 92 */ + name +) VALUES ( + 'Debian 8.10 i686' +); + +INSERT INTO products ( /* 93 */ + name +) VALUES ( + 'Debian 8.10 x86_64' +); + /* Directories */ INSERT INTO directories ( /* 1 */ @@ -1102,6 +1114,12 @@ INSERT INTO groups_product_defaults ( 4, 90 ); +INSERT INTO groups_product_defaults ( + group_id, product_id +) VALUES ( + 4, 92 +); + INSERT INTO groups_product_defaults ( group_id, product_id ) VALUES ( @@ -1210,6 +1228,12 @@ INSERT INTO groups_product_defaults ( 5, 91 ); +INSERT INTO groups_product_defaults ( + group_id, product_id +) VALUES ( + 5, 93 +); + INSERT INTO groups_product_defaults ( group_id, product_id ) VALUES ( diff --git a/src/libimcv/imv/imv_database.c b/src/libimcv/imv/imv_database.c index 0a18cd71b..b444abdbb 100644 --- a/src/libimcv/imv/imv_database.c +++ b/src/libimcv/imv/imv_database.c @@ -130,8 +130,9 @@ static bool create_session(private_imv_database_t *this, imv_session_t *session) if (!did) { this->db->execute(this->db, &did, - "INSERT INTO devices (value, product) VALUES (?, ?)", - DB_TEXT, device, DB_INT, pid); + "INSERT INTO devices " + "(value, description, product, trusted, inactive) " + "VALUES (?, '', ?, 0, 0)", DB_TEXT, device, DB_INT, pid); } free(device); diff --git a/src/libimcv/imv/imv_policy_manager.c b/src/libimcv/imv/imv_policy_manager.c index 1988873e9..a0e8595ed 100644 --- a/src/libimcv/imv/imv_policy_manager.c +++ b/src/libimcv/imv/imv_policy_manager.c @@ -113,7 +113,7 @@ static bool iterate_enforcements(database_t *db, int device_id, int session_id, if (latest_success) { /*skipping enforcement */ - printf("skipping enforcment %d\n", id); + printf("skipping enforcement %d\n", id); continue; } diff --git a/src/libimcv/imv/tables-mysql.sql b/src/libimcv/imv/tables-mysql.sql index cf50742c3..3e23950a3 100644 --- a/src/libimcv/imv/tables-mysql.sql +++ b/src/libimcv/imv/tables-mysql.sql @@ -182,7 +182,9 @@ CREATE TABLE `devices` ( `description` VARCHAR(100) DEFAULT "", `value` VARCHAR(256) NOT NULL, `product` INTEGER REFERENCES `products`(`id`), - `created` INTEGER + `trusted` INTEGER DEFAULT 0, + `created` INTEGER, + `inactive` INTEGER DEFAULT 0 ); DROP TABLE IF EXISTS `identities`; diff --git a/src/libimcv/imv/tables.sql b/src/libimcv/imv/tables.sql index b50c6ed12..631969ce7 100644 --- a/src/libimcv/imv/tables.sql +++ b/src/libimcv/imv/tables.sql @@ -204,7 +204,8 @@ CREATE TABLE devices ( value TEXT NOT NULL, product INTEGER REFERENCES products(id), trusted INTEGER DEFAULT 0, - created INTEGER + created INTEGER, + inactive INTEGER DEFAULT 0 ); DROP INDEX IF EXISTS devices_id; CREATE INDEX devices_value ON devices ( diff --git a/src/libimcv/ita/ita_attr_settings.c b/src/libimcv/ita/ita_attr_settings.c index b0907789e..8c364d26c 100644 --- a/src/libimcv/ita/ita_attr_settings.c +++ b/src/libimcv/ita/ita_attr_settings.c @@ -29,7 +29,7 @@ typedef struct private_ita_attr_settings_t private_ita_attr_settings_t; typedef struct entry_t entry_t; /** - * Contains a settins name/value pair + * Contains a settings name/value pair */ struct entry_t { char *name; diff --git a/src/libimcv/plugins/imc_scanner/imc_scanner_state.h b/src/libimcv/plugins/imc_scanner/imc_scanner_state.h index 3b40575e3..5fa685024 100644 --- a/src/libimcv/plugins/imc_scanner/imc_scanner_state.h +++ b/src/libimcv/plugins/imc_scanner/imc_scanner_state.h @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2011 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libimcv/plugins/imc_swid/imc_swid_state.h b/src/libimcv/plugins/imc_swid/imc_swid_state.h index c2719d21b..c658549c8 100644 --- a/src/libimcv/plugins/imc_swid/imc_swid_state.h +++ b/src/libimcv/plugins/imc_swid/imc_swid_state.h @@ -1,5 +1,6 @@ /* - * Copyright (C) 2013 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2013 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-2.swidtag b/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-2.swidtag deleted file mode 100644 index bb4d300a9..000000000 --- a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-2.swidtag +++ /dev/null @@ -1,11 +0,0 @@ - - - - diff --git a/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-3.swidtag b/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-3.swidtag new file mode 100644 index 000000000..4ce168623 --- /dev/null +++ b/src/libimcv/plugins/imc_swid/strongswan.org__strongSwan-5-6-3.swidtag @@ -0,0 +1,11 @@ + + + + diff --git a/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-2.swidtag b/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-2.swidtag deleted file mode 100644 index bb4d300a9..000000000 --- a/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-2.swidtag +++ /dev/null @@ -1,11 +0,0 @@ - - - - diff --git a/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag b/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag new file mode 100644 index 000000000..4ce168623 --- /dev/null +++ b/src/libimcv/plugins/imc_swima/strongswan.org__strongSwan-5-6-3.swidtag @@ -0,0 +1,11 @@ + + + + diff --git a/src/libimcv/plugins/imc_test/imc_test_state.h b/src/libimcv/plugins/imc_test/imc_test_state.h index 365caff7c..330881932 100644 --- a/src/libimcv/plugins/imc_test/imc_test_state.h +++ b/src/libimcv/plugins/imc_test/imc_test_state.h @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2011 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libimcv/plugins/imv_test/imv_test_state.h b/src/libimcv/plugins/imv_test/imv_test_state.h index 2de5b6ffc..3e9b69521 100644 --- a/src/libimcv/plugins/imv_test/imv_test_state.h +++ b/src/libimcv/plugins/imv_test/imv_test_state.h @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2011 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libimcv/pts/pts.c b/src/libimcv/pts/pts.c index 09ffd7160..3cf439f35 100644 --- a/src/libimcv/pts/pts.c +++ b/src/libimcv/pts/pts.c @@ -734,7 +734,7 @@ METHOD(pts_t, verify_quote_signature, bool, scheme = SIGN_RSA_EMSA_PKCS1_SHA3_384; break; case HASH_SHA3_512: - scheme = SIGN_RSA_EMSA_PKCS1_SHA2_512; + scheme = SIGN_RSA_EMSA_PKCS1_SHA3_512; break; default: scheme = SIGN_UNKNOWN; diff --git a/src/libipsec/esp_context.c b/src/libipsec/esp_context.c index c014e683a..394133d04 100644 --- a/src/libipsec/esp_context.c +++ b/src/libipsec/esp_context.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2013 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/esp_context.h b/src/libipsec/esp_context.h index 322dab97f..a830202f2 100644 --- a/src/libipsec/esp_context.h +++ b/src/libipsec/esp_context.h @@ -2,7 +2,7 @@ * Copyright (C) 2012-2013 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/esp_packet.c b/src/libipsec/esp_packet.c index 2c521775c..d1140e252 100644 --- a/src/libipsec/esp_packet.c +++ b/src/libipsec/esp_packet.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2013 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/esp_packet.h b/src/libipsec/esp_packet.h index c42acba43..7b179f46c 100644 --- a/src/libipsec/esp_packet.h +++ b/src/libipsec/esp_packet.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ip_packet.c b/src/libipsec/ip_packet.c index 904f118fd..fee70c195 100644 --- a/src/libipsec/ip_packet.c +++ b/src/libipsec/ip_packet.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -527,7 +527,7 @@ ip_packet_t *ip_packet_create_from_data(host_t *src, host_t *dst, case AF_INET6: { struct ip6_hdr ip = { - .ip6_flow = htonl(6), + .ip6_flow = htonl(6 << 28), .ip6_plen = htons(data.len), .ip6_nxt = next_header, .ip6_hlim = 0x80, diff --git a/src/libipsec/ip_packet.h b/src/libipsec/ip_packet.h index 1e1d619a2..25a8aa144 100644 --- a/src/libipsec/ip_packet.h +++ b/src/libipsec/ip_packet.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec.c b/src/libipsec/ipsec.c index 6c9a26acf..21cd8f094 100644 --- a/src/libipsec/ipsec.c +++ b/src/libipsec/ipsec.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec.h b/src/libipsec/ipsec.h index 7ee49432a..73b56583b 100644 --- a/src/libipsec/ipsec.h +++ b/src/libipsec/ipsec.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_event_listener.h b/src/libipsec/ipsec_event_listener.h index e784cedb3..0195ee27a 100644 --- a/src/libipsec/ipsec_event_listener.h +++ b/src/libipsec/ipsec_event_listener.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_event_relay.c b/src/libipsec/ipsec_event_relay.c index 94cc6527f..4d33fb7b8 100644 --- a/src/libipsec/ipsec_event_relay.c +++ b/src/libipsec/ipsec_event_relay.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_event_relay.h b/src/libipsec/ipsec_event_relay.h index 056352e84..43ca075dc 100644 --- a/src/libipsec/ipsec_event_relay.h +++ b/src/libipsec/ipsec_event_relay.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_policy.c b/src/libipsec/ipsec_policy.c index 98201b843..521610eab 100644 --- a/src/libipsec/ipsec_policy.c +++ b/src/libipsec/ipsec_policy.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_policy.h b/src/libipsec/ipsec_policy.h index 6d67a602e..9a4ffbfa8 100644 --- a/src/libipsec/ipsec_policy.h +++ b/src/libipsec/ipsec_policy.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_policy_mgr.c b/src/libipsec/ipsec_policy_mgr.c index 8570e07a8..9062ff7e6 100644 --- a/src/libipsec/ipsec_policy_mgr.c +++ b/src/libipsec/ipsec_policy_mgr.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_policy_mgr.h b/src/libipsec/ipsec_policy_mgr.h index 97e147e40..59f97e9ee 100644 --- a/src/libipsec/ipsec_policy_mgr.h +++ b/src/libipsec/ipsec_policy_mgr.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_processor.c b/src/libipsec/ipsec_processor.c index 23b8ad21e..c96b61364 100644 --- a/src/libipsec/ipsec_processor.c +++ b/src/libipsec/ipsec_processor.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_processor.h b/src/libipsec/ipsec_processor.h index 0a409828b..7aa88ffa6 100644 --- a/src/libipsec/ipsec_processor.h +++ b/src/libipsec/ipsec_processor.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_sa.c b/src/libipsec/ipsec_sa.c index ba020658b..a21245edf 100644 --- a/src/libipsec/ipsec_sa.c +++ b/src/libipsec/ipsec_sa.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_sa.h b/src/libipsec/ipsec_sa.h index 36fe48379..80dbd9353 100644 --- a/src/libipsec/ipsec_sa.h +++ b/src/libipsec/ipsec_sa.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_sa_mgr.c b/src/libipsec/ipsec_sa_mgr.c index 44d35244a..66c3e67b1 100644 --- a/src/libipsec/ipsec_sa_mgr.c +++ b/src/libipsec/ipsec_sa_mgr.c @@ -2,7 +2,7 @@ * Copyright (C) 2012-2017 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libipsec/ipsec_sa_mgr.h b/src/libipsec/ipsec_sa_mgr.h index 708af1fda..6ab6285ad 100644 --- a/src/libipsec/ipsec_sa_mgr.h +++ b/src/libipsec/ipsec_sa_mgr.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libradius/radius_client.c b/src/libradius/radius_client.c index d44c5a2e3..f7d600421 100644 --- a/src/libradius/radius_client.c +++ b/src/libradius/radius_client.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libradius/radius_client.h b/src/libradius/radius_client.h index 2f6c8a43a..691cdaabc 100644 --- a/src/libradius/radius_client.h +++ b/src/libradius/radius_client.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libradius/radius_message.c b/src/libradius/radius_message.c index 51135fbea..b5a03b361 100644 --- a/src/libradius/radius_message.c +++ b/src/libradius/radius_message.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libradius/radius_message.h b/src/libradius/radius_message.h index eb14bf08e..e7ffe9357 100644 --- a/src/libradius/radius_message.h +++ b/src/libradius/radius_message.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_card.h b/src/libsimaka/simaka_card.h index b705923f6..e32e70d4d 100644 --- a/src/libsimaka/simaka_card.h +++ b/src/libsimaka/simaka_card.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_crypto.c b/src/libsimaka/simaka_crypto.c index e60c02a1a..e5662ac20 100644 --- a/src/libsimaka/simaka_crypto.c +++ b/src/libsimaka/simaka_crypto.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_crypto.h b/src/libsimaka/simaka_crypto.h index c07755865..9881c53ee 100644 --- a/src/libsimaka/simaka_crypto.h +++ b/src/libsimaka/simaka_crypto.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_hooks.h b/src/libsimaka/simaka_hooks.h index ffe1c25b6..f4abef222 100644 --- a/src/libsimaka/simaka_hooks.h +++ b/src/libsimaka/simaka_hooks.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_manager.c b/src/libsimaka/simaka_manager.c index 47f1f6f8a..a78121f7d 100644 --- a/src/libsimaka/simaka_manager.c +++ b/src/libsimaka/simaka_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_manager.h b/src/libsimaka/simaka_manager.h index 9f6810f8f..ff3bf14d1 100644 --- a/src/libsimaka/simaka_manager.h +++ b/src/libsimaka/simaka_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_message.c b/src/libsimaka/simaka_message.c index 8f5812a76..80391756c 100644 --- a/src/libsimaka/simaka_message.c +++ b/src/libsimaka/simaka_message.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_message.h b/src/libsimaka/simaka_message.h index 2393d3450..3555612f5 100644 --- a/src/libsimaka/simaka_message.h +++ b/src/libsimaka/simaka_message.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libsimaka/simaka_provider.h b/src/libsimaka/simaka_provider.h index ef1c73908..59a8c21df 100644 --- a/src/libsimaka/simaka_provider.h +++ b/src/libsimaka/simaka_provider.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c index 3f3a5c587..79cb17ed1 100644 --- a/src/libstrongswan/asn1/asn1.c +++ b/src/libstrongswan/asn1/asn1.c @@ -2,7 +2,7 @@ * Copyright (C) 2006 Martin Will * Copyright (C) 2000-2016 Andreas Steffen * - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h index 3c7389e5c..767dfaeee 100644 --- a/src/libstrongswan/asn1/asn1.h +++ b/src/libstrongswan/asn1/asn1.h @@ -100,7 +100,7 @@ extern const chunk_t ASN1_INTEGER_2; chunk_t asn1_algorithmIdentifier(int oid); /** - * Build an algorithmIdentifier from a known OID and the given prameters. + * Build an algorithmIdentifier from a known OID and the given parameters. * * @param oid known OID index * @param params parameters to encode in the algorithmIdentifier (adopted) diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c index a70aafdd9..3ea373521 100644 --- a/src/libstrongswan/asn1/oid.c +++ b/src/libstrongswan/asn1/oid.c @@ -80,7 +80,7 @@ const oid_t oid_names[] = { { 0x36, 68, 0, 2, "inhibitAnyPolicy" }, /* 67 */ { 0x37, 69, 0, 2, "targetInformation" }, /* 68 */ { 0x38, 0, 0, 2, "noRevAvail" }, /* 69 */ - {0x2A, 195, 1, 0, "" }, /* 70 */ + {0x2A, 202, 1, 0, "" }, /* 70 */ { 0x83, 83, 1, 1, "" }, /* 71 */ { 0x08, 0, 1, 2, "jp" }, /* 72 */ { 0x8C, 0, 1, 3, "" }, /* 73 */ @@ -95,7 +95,7 @@ const oid_t oid_names[] = { { 0x04, 0, 0, 10, "camellia256-cbc" }, /* 82 */ { 0x86, 0, 1, 1, "" }, /* 83 */ { 0x48, 0, 1, 2, "us" }, /* 84 */ - { 0x86, 154, 1, 3, "" }, /* 85 */ + { 0x86, 161, 1, 3, "" }, /* 85 */ { 0xF6, 91, 1, 4, "" }, /* 86 */ { 0x7D, 0, 1, 5, "NortelNetworks" }, /* 87 */ { 0x07, 0, 1, 6, "Entrust" }, /* 88 */ @@ -159,352 +159,359 @@ const oid_t oid_names[] = { { 0x04, 147, 0, 10, "crlBag" }, /* 146 */ { 0x05, 148, 0, 10, "secretBag" }, /* 147 */ { 0x06, 0, 0, 10, "safeContentsBag" }, /* 148 */ - { 0x02, 152, 1, 6, "digestAlgorithm" }, /* 149 */ + { 0x02, 159, 1, 6, "digestAlgorithm" }, /* 149 */ { 0x02, 151, 0, 7, "md2" }, /* 150 */ - { 0x05, 0, 0, 7, "md5" }, /* 151 */ - { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 152 */ - { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 153 */ - { 0xCE, 0, 1, 3, "" }, /* 154 */ - { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 155 */ - { 0x02, 158, 1, 5, "id-publicKeyType" }, /* 156 */ - { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 157 */ - { 0x03, 188, 1, 5, "ellipticCurve" }, /* 158 */ - { 0x00, 180, 1, 6, "c-TwoCurve" }, /* 159 */ - { 0x01, 161, 0, 7, "c2pnb163v1" }, /* 160 */ - { 0x02, 162, 0, 7, "c2pnb163v2" }, /* 161 */ - { 0x03, 163, 0, 7, "c2pnb163v3" }, /* 162 */ - { 0x04, 164, 0, 7, "c2pnb176w1" }, /* 163 */ - { 0x05, 165, 0, 7, "c2tnb191v1" }, /* 164 */ - { 0x06, 166, 0, 7, "c2tnb191v2" }, /* 165 */ - { 0x07, 167, 0, 7, "c2tnb191v3" }, /* 166 */ - { 0x08, 168, 0, 7, "c2onb191v4" }, /* 167 */ - { 0x09, 169, 0, 7, "c2onb191v5" }, /* 168 */ - { 0x0A, 170, 0, 7, "c2pnb208w1" }, /* 169 */ - { 0x0B, 171, 0, 7, "c2tnb239v1" }, /* 170 */ - { 0x0C, 172, 0, 7, "c2tnb239v2" }, /* 171 */ - { 0x0D, 173, 0, 7, "c2tnb239v3" }, /* 172 */ - { 0x0E, 174, 0, 7, "c2onb239v4" }, /* 173 */ - { 0x0F, 175, 0, 7, "c2onb239v5" }, /* 174 */ - { 0x10, 176, 0, 7, "c2pnb272w1" }, /* 175 */ - { 0x11, 177, 0, 7, "c2pnb304w1" }, /* 176 */ - { 0x12, 178, 0, 7, "c2tnb359v1" }, /* 177 */ - { 0x13, 179, 0, 7, "c2pnb368w1" }, /* 178 */ - { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 179 */ - { 0x01, 0, 1, 6, "primeCurve" }, /* 180 */ - { 0x01, 182, 0, 7, "prime192v1" }, /* 181 */ - { 0x02, 183, 0, 7, "prime192v2" }, /* 182 */ - { 0x03, 184, 0, 7, "prime192v3" }, /* 183 */ - { 0x04, 185, 0, 7, "prime239v1" }, /* 184 */ - { 0x05, 186, 0, 7, "prime239v2" }, /* 185 */ - { 0x06, 187, 0, 7, "prime239v3" }, /* 186 */ - { 0x07, 0, 0, 7, "prime256v1" }, /* 187 */ - { 0x04, 0, 1, 5, "id-ecSigType" }, /* 188 */ - { 0x01, 190, 0, 6, "ecdsa-with-SHA1" }, /* 189 */ - { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 190 */ - { 0x01, 192, 0, 7, "ecdsa-with-SHA224" }, /* 191 */ - { 0x02, 193, 0, 7, "ecdsa-with-SHA256" }, /* 192 */ - { 0x03, 194, 0, 7, "ecdsa-with-SHA384" }, /* 193 */ - { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 194 */ - {0x2B, 426, 1, 0, "" }, /* 195 */ - { 0x06, 337, 1, 1, "dod" }, /* 196 */ - { 0x01, 0, 1, 2, "internet" }, /* 197 */ - { 0x04, 287, 1, 3, "private" }, /* 198 */ - { 0x01, 0, 1, 4, "enterprise" }, /* 199 */ - { 0x82, 237, 1, 5, "" }, /* 200 */ - { 0x37, 213, 1, 6, "Microsoft" }, /* 201 */ - { 0x0A, 206, 1, 7, "" }, /* 202 */ - { 0x03, 0, 1, 8, "" }, /* 203 */ - { 0x03, 205, 0, 9, "msSGC" }, /* 204 */ - { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 205 */ - { 0x14, 210, 1, 7, "msEnrollmentInfrastructure" }, /* 206 */ - { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 207 */ - { 0x02, 209, 0, 9, "msSmartcardLogon" }, /* 208 */ - { 0x03, 0, 0, 9, "msUPN" }, /* 209 */ - { 0x15, 0, 1, 7, "msCertSrvInfrastructure" }, /* 210 */ - { 0x07, 212, 0, 8, "msCertTemplate" }, /* 211 */ - { 0x0A, 0, 0, 8, "msApplicationCertPolicies" }, /* 212 */ - { 0xA0, 0, 1, 6, "" }, /* 213 */ - { 0x2A, 0, 1, 7, "ITA" }, /* 214 */ - { 0x01, 216, 0, 8, "strongSwan" }, /* 215 */ - { 0x02, 217, 0, 8, "cps" }, /* 216 */ - { 0x03, 218, 0, 8, "e-voting" }, /* 217 */ - { 0x05, 0, 1, 8, "BLISS" }, /* 218 */ - { 0x01, 221, 1, 9, "keyType" }, /* 219 */ - { 0x01, 0, 0, 10, "blissPublicKey" }, /* 220 */ - { 0x02, 230, 1, 9, "parameters" }, /* 221 */ - { 0x01, 223, 0, 10, "BLISS-I" }, /* 222 */ - { 0x02, 224, 0, 10, "BLISS-II" }, /* 223 */ - { 0x03, 225, 0, 10, "BLISS-III" }, /* 224 */ - { 0x04, 226, 0, 10, "BLISS-IV" }, /* 225 */ - { 0x05, 227, 0, 10, "BLISS-B-I" }, /* 226 */ - { 0x06, 228, 0, 10, "BLISS-B-II" }, /* 227 */ - { 0x07, 229, 0, 10, "BLISS-B-III" }, /* 228 */ - { 0x08, 0, 0, 10, "BLISS-B-IV" }, /* 229 */ - { 0x03, 0, 1, 9, "blissSigType" }, /* 230 */ - { 0x01, 232, 0, 10, "BLISS-with-SHA2-512" }, /* 231 */ - { 0x02, 233, 0, 10, "BLISS-with-SHA2-384" }, /* 232 */ - { 0x03, 234, 0, 10, "BLISS-with-SHA2-256" }, /* 233 */ - { 0x04, 235, 0, 10, "BLISS-with-SHA3-512" }, /* 234 */ - { 0x05, 236, 0, 10, "BLISS-with-SHA3-384" }, /* 235 */ - { 0x06, 0, 0, 10, "BLISS-with-SHA3-256" }, /* 236 */ - { 0x89, 244, 1, 5, "" }, /* 237 */ - { 0x31, 0, 1, 6, "" }, /* 238 */ - { 0x01, 0, 1, 7, "" }, /* 239 */ - { 0x01, 0, 1, 8, "" }, /* 240 */ - { 0x02, 0, 1, 9, "" }, /* 241 */ - { 0x02, 0, 1, 10, "" }, /* 242 */ - { 0x4B, 0, 0, 11, "TCGID" }, /* 243 */ - { 0x97, 248, 1, 5, "" }, /* 244 */ - { 0x55, 0, 1, 6, "" }, /* 245 */ + { 0x05, 152, 0, 7, "md5" }, /* 151 */ + { 0x07, 153, 0, 7, "hmacWithSHA1" }, /* 152 */ + { 0x08, 154, 0, 7, "hmacWithSHA224" }, /* 153 */ + { 0x09, 155, 0, 7, "hmacWithSHA256" }, /* 154 */ + { 0x0A, 156, 0, 7, "hmacWithSHA384" }, /* 155 */ + { 0x0B, 157, 0, 7, "hmacWithSHA512" }, /* 156 */ + { 0x0C, 158, 0, 7, "hmacWithSHA512-224" }, /* 157 */ + { 0x0D, 0, 0, 7, "hmacWithSHA512-256" }, /* 158 */ + { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 159 */ + { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 160 */ + { 0xCE, 0, 1, 3, "" }, /* 161 */ + { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 162 */ + { 0x02, 165, 1, 5, "id-publicKeyType" }, /* 163 */ + { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 164 */ + { 0x03, 195, 1, 5, "ellipticCurve" }, /* 165 */ + { 0x00, 187, 1, 6, "c-TwoCurve" }, /* 166 */ + { 0x01, 168, 0, 7, "c2pnb163v1" }, /* 167 */ + { 0x02, 169, 0, 7, "c2pnb163v2" }, /* 168 */ + { 0x03, 170, 0, 7, "c2pnb163v3" }, /* 169 */ + { 0x04, 171, 0, 7, "c2pnb176w1" }, /* 170 */ + { 0x05, 172, 0, 7, "c2tnb191v1" }, /* 171 */ + { 0x06, 173, 0, 7, "c2tnb191v2" }, /* 172 */ + { 0x07, 174, 0, 7, "c2tnb191v3" }, /* 173 */ + { 0x08, 175, 0, 7, "c2onb191v4" }, /* 174 */ + { 0x09, 176, 0, 7, "c2onb191v5" }, /* 175 */ + { 0x0A, 177, 0, 7, "c2pnb208w1" }, /* 176 */ + { 0x0B, 178, 0, 7, "c2tnb239v1" }, /* 177 */ + { 0x0C, 179, 0, 7, "c2tnb239v2" }, /* 178 */ + { 0x0D, 180, 0, 7, "c2tnb239v3" }, /* 179 */ + { 0x0E, 181, 0, 7, "c2onb239v4" }, /* 180 */ + { 0x0F, 182, 0, 7, "c2onb239v5" }, /* 181 */ + { 0x10, 183, 0, 7, "c2pnb272w1" }, /* 182 */ + { 0x11, 184, 0, 7, "c2pnb304w1" }, /* 183 */ + { 0x12, 185, 0, 7, "c2tnb359v1" }, /* 184 */ + { 0x13, 186, 0, 7, "c2pnb368w1" }, /* 185 */ + { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 186 */ + { 0x01, 0, 1, 6, "primeCurve" }, /* 187 */ + { 0x01, 189, 0, 7, "prime192v1" }, /* 188 */ + { 0x02, 190, 0, 7, "prime192v2" }, /* 189 */ + { 0x03, 191, 0, 7, "prime192v3" }, /* 190 */ + { 0x04, 192, 0, 7, "prime239v1" }, /* 191 */ + { 0x05, 193, 0, 7, "prime239v2" }, /* 192 */ + { 0x06, 194, 0, 7, "prime239v3" }, /* 193 */ + { 0x07, 0, 0, 7, "prime256v1" }, /* 194 */ + { 0x04, 0, 1, 5, "id-ecSigType" }, /* 195 */ + { 0x01, 197, 0, 6, "ecdsa-with-SHA1" }, /* 196 */ + { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 197 */ + { 0x01, 199, 0, 7, "ecdsa-with-SHA224" }, /* 198 */ + { 0x02, 200, 0, 7, "ecdsa-with-SHA256" }, /* 199 */ + { 0x03, 201, 0, 7, "ecdsa-with-SHA384" }, /* 200 */ + { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 201 */ + {0x2B, 433, 1, 0, "" }, /* 202 */ + { 0x06, 344, 1, 1, "dod" }, /* 203 */ + { 0x01, 0, 1, 2, "internet" }, /* 204 */ + { 0x04, 294, 1, 3, "private" }, /* 205 */ + { 0x01, 0, 1, 4, "enterprise" }, /* 206 */ + { 0x82, 244, 1, 5, "" }, /* 207 */ + { 0x37, 220, 1, 6, "Microsoft" }, /* 208 */ + { 0x0A, 213, 1, 7, "" }, /* 209 */ + { 0x03, 0, 1, 8, "" }, /* 210 */ + { 0x03, 212, 0, 9, "msSGC" }, /* 211 */ + { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 212 */ + { 0x14, 217, 1, 7, "msEnrollmentInfrastructure" }, /* 213 */ + { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 214 */ + { 0x02, 216, 0, 9, "msSmartcardLogon" }, /* 215 */ + { 0x03, 0, 0, 9, "msUPN" }, /* 216 */ + { 0x15, 0, 1, 7, "msCertSrvInfrastructure" }, /* 217 */ + { 0x07, 219, 0, 8, "msCertTemplate" }, /* 218 */ + { 0x0A, 0, 0, 8, "msApplicationCertPolicies" }, /* 219 */ + { 0xA0, 0, 1, 6, "" }, /* 220 */ + { 0x2A, 0, 1, 7, "ITA" }, /* 221 */ + { 0x01, 223, 0, 8, "strongSwan" }, /* 222 */ + { 0x02, 224, 0, 8, "cps" }, /* 223 */ + { 0x03, 225, 0, 8, "e-voting" }, /* 224 */ + { 0x05, 0, 1, 8, "BLISS" }, /* 225 */ + { 0x01, 228, 1, 9, "keyType" }, /* 226 */ + { 0x01, 0, 0, 10, "blissPublicKey" }, /* 227 */ + { 0x02, 237, 1, 9, "parameters" }, /* 228 */ + { 0x01, 230, 0, 10, "BLISS-I" }, /* 229 */ + { 0x02, 231, 0, 10, "BLISS-II" }, /* 230 */ + { 0x03, 232, 0, 10, "BLISS-III" }, /* 231 */ + { 0x04, 233, 0, 10, "BLISS-IV" }, /* 232 */ + { 0x05, 234, 0, 10, "BLISS-B-I" }, /* 233 */ + { 0x06, 235, 0, 10, "BLISS-B-II" }, /* 234 */ + { 0x07, 236, 0, 10, "BLISS-B-III" }, /* 235 */ + { 0x08, 0, 0, 10, "BLISS-B-IV" }, /* 236 */ + { 0x03, 0, 1, 9, "blissSigType" }, /* 237 */ + { 0x01, 239, 0, 10, "BLISS-with-SHA2-512" }, /* 238 */ + { 0x02, 240, 0, 10, "BLISS-with-SHA2-384" }, /* 239 */ + { 0x03, 241, 0, 10, "BLISS-with-SHA2-256" }, /* 240 */ + { 0x04, 242, 0, 10, "BLISS-with-SHA3-512" }, /* 241 */ + { 0x05, 243, 0, 10, "BLISS-with-SHA3-384" }, /* 242 */ + { 0x06, 0, 0, 10, "BLISS-with-SHA3-256" }, /* 243 */ + { 0x89, 251, 1, 5, "" }, /* 244 */ + { 0x31, 0, 1, 6, "" }, /* 245 */ { 0x01, 0, 1, 7, "" }, /* 246 */ - { 0x02, 0, 0, 8, "blowfish-cbc" }, /* 247 */ - { 0xC1, 0, 1, 5, "" }, /* 248 */ - { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 249 */ - { 0x01, 0, 1, 7, "eess" }, /* 250 */ - { 0x01, 0, 1, 8, "eess1" }, /* 251 */ - { 0x01, 256, 1, 9, "eess1-algs" }, /* 252 */ - { 0x01, 254, 0, 10, "ntru-EESS1v1-SVES" }, /* 253 */ - { 0x02, 255, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 254 */ - { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 255 */ - { 0x02, 286, 1, 9, "eess1-params" }, /* 256 */ - { 0x01, 258, 0, 10, "ees251ep1" }, /* 257 */ - { 0x02, 259, 0, 10, "ees347ep1" }, /* 258 */ - { 0x03, 260, 0, 10, "ees503ep1" }, /* 259 */ - { 0x07, 261, 0, 10, "ees251sp2" }, /* 260 */ - { 0x0C, 262, 0, 10, "ees251ep4" }, /* 261 */ - { 0x0D, 263, 0, 10, "ees251ep5" }, /* 262 */ - { 0x0E, 264, 0, 10, "ees251sp3" }, /* 263 */ - { 0x0F, 265, 0, 10, "ees251sp4" }, /* 264 */ - { 0x10, 266, 0, 10, "ees251sp5" }, /* 265 */ - { 0x11, 267, 0, 10, "ees251sp6" }, /* 266 */ - { 0x12, 268, 0, 10, "ees251sp7" }, /* 267 */ - { 0x13, 269, 0, 10, "ees251sp8" }, /* 268 */ - { 0x14, 270, 0, 10, "ees251sp9" }, /* 269 */ - { 0x22, 271, 0, 10, "ees401ep1" }, /* 270 */ - { 0x23, 272, 0, 10, "ees449ep1" }, /* 271 */ - { 0x24, 273, 0, 10, "ees677ep1" }, /* 272 */ - { 0x25, 274, 0, 10, "ees1087ep2" }, /* 273 */ - { 0x26, 275, 0, 10, "ees541ep1" }, /* 274 */ - { 0x27, 276, 0, 10, "ees613ep1" }, /* 275 */ - { 0x28, 277, 0, 10, "ees887ep1" }, /* 276 */ - { 0x29, 278, 0, 10, "ees1171ep1" }, /* 277 */ - { 0x2A, 279, 0, 10, "ees659ep1" }, /* 278 */ - { 0x2B, 280, 0, 10, "ees761ep1" }, /* 279 */ - { 0x2C, 281, 0, 10, "ees1087ep1" }, /* 280 */ - { 0x2D, 282, 0, 10, "ees1499ep1" }, /* 281 */ - { 0x2E, 283, 0, 10, "ees401ep2" }, /* 282 */ - { 0x2F, 284, 0, 10, "ees439ep1" }, /* 283 */ - { 0x30, 285, 0, 10, "ees593ep1" }, /* 284 */ - { 0x31, 0, 0, 10, "ees743ep1" }, /* 285 */ - { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 286 */ - { 0x05, 0, 1, 3, "security" }, /* 287 */ - { 0x05, 0, 1, 4, "mechanisms" }, /* 288 */ - { 0x07, 334, 1, 5, "id-pkix" }, /* 289 */ - { 0x01, 295, 1, 6, "id-pe" }, /* 290 */ - { 0x01, 292, 0, 7, "authorityInfoAccess" }, /* 291 */ - { 0x03, 293, 0, 7, "qcStatements" }, /* 292 */ - { 0x07, 294, 0, 7, "ipAddrBlocks" }, /* 293 */ - { 0x18, 0, 0, 7, "tlsfeature" }, /* 294 */ - { 0x02, 298, 1, 6, "id-qt" }, /* 295 */ - { 0x01, 297, 0, 7, "cps" }, /* 296 */ - { 0x02, 0, 0, 7, "unotice" }, /* 297 */ - { 0x03, 308, 1, 6, "id-kp" }, /* 298 */ - { 0x01, 300, 0, 7, "serverAuth" }, /* 299 */ - { 0x02, 301, 0, 7, "clientAuth" }, /* 300 */ - { 0x03, 302, 0, 7, "codeSigning" }, /* 301 */ - { 0x04, 303, 0, 7, "emailProtection" }, /* 302 */ - { 0x05, 304, 0, 7, "ipsecEndSystem" }, /* 303 */ - { 0x06, 305, 0, 7, "ipsecTunnel" }, /* 304 */ - { 0x07, 306, 0, 7, "ipsecUser" }, /* 305 */ - { 0x08, 307, 0, 7, "timeStamping" }, /* 306 */ - { 0x09, 0, 0, 7, "ocspSigning" }, /* 307 */ - { 0x08, 316, 1, 6, "id-otherNames" }, /* 308 */ - { 0x01, 310, 0, 7, "personalData" }, /* 309 */ - { 0x02, 311, 0, 7, "userGroup" }, /* 310 */ - { 0x03, 312, 0, 7, "id-on-permanentIdentifier" }, /* 311 */ - { 0x04, 313, 0, 7, "id-on-hardwareModuleName" }, /* 312 */ - { 0x05, 314, 0, 7, "xmppAddr" }, /* 313 */ - { 0x06, 315, 0, 7, "id-on-SIM" }, /* 314 */ - { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 315 */ - { 0x0A, 321, 1, 6, "id-aca" }, /* 316 */ - { 0x01, 318, 0, 7, "authenticationInfo" }, /* 317 */ - { 0x02, 319, 0, 7, "accessIdentity" }, /* 318 */ - { 0x03, 320, 0, 7, "chargingIdentity" }, /* 319 */ - { 0x04, 0, 0, 7, "group" }, /* 320 */ - { 0x0B, 322, 0, 6, "subjectInfoAccess" }, /* 321 */ - { 0x30, 0, 1, 6, "id-ad" }, /* 322 */ - { 0x01, 331, 1, 7, "ocsp" }, /* 323 */ - { 0x01, 325, 0, 8, "basic" }, /* 324 */ - { 0x02, 326, 0, 8, "nonce" }, /* 325 */ - { 0x03, 327, 0, 8, "crl" }, /* 326 */ - { 0x04, 328, 0, 8, "response" }, /* 327 */ - { 0x05, 329, 0, 8, "noCheck" }, /* 328 */ - { 0x06, 330, 0, 8, "archiveCutoff" }, /* 329 */ - { 0x07, 0, 0, 8, "serviceLocator" }, /* 330 */ - { 0x02, 332, 0, 7, "caIssuers" }, /* 331 */ - { 0x03, 333, 0, 7, "timeStamping" }, /* 332 */ - { 0x05, 0, 0, 7, "caRepository" }, /* 333 */ - { 0x08, 0, 1, 5, "ipsec" }, /* 334 */ - { 0x02, 0, 1, 6, "certificate" }, /* 335 */ - { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 336 */ - { 0x0E, 343, 1, 1, "oiw" }, /* 337 */ - { 0x03, 0, 1, 2, "secsig" }, /* 338 */ - { 0x02, 0, 1, 3, "algorithms" }, /* 339 */ - { 0x07, 341, 0, 4, "des-cbc" }, /* 340 */ - { 0x1A, 342, 0, 4, "sha-1" }, /* 341 */ - { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 342 */ - { 0x24, 389, 1, 1, "TeleTrusT" }, /* 343 */ - { 0x03, 0, 1, 2, "algorithm" }, /* 344 */ - { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 345 */ - { 0x01, 350, 1, 4, "rsaSignature" }, /* 346 */ - { 0x02, 348, 0, 5, "rsaSigWithripemd160" }, /* 347 */ - { 0x03, 349, 0, 5, "rsaSigWithripemd128" }, /* 348 */ - { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 349 */ - { 0x02, 0, 1, 4, "ecSign" }, /* 350 */ - { 0x01, 352, 0, 5, "ecSignWithsha1" }, /* 351 */ - { 0x02, 353, 0, 5, "ecSignWithripemd160" }, /* 352 */ - { 0x03, 354, 0, 5, "ecSignWithmd2" }, /* 353 */ - { 0x04, 355, 0, 5, "ecSignWithmd5" }, /* 354 */ - { 0x05, 372, 1, 5, "ttt-ecg" }, /* 355 */ - { 0x01, 360, 1, 6, "fieldType" }, /* 356 */ - { 0x01, 0, 1, 7, "characteristictwoField" }, /* 357 */ - { 0x01, 0, 1, 8, "basisType" }, /* 358 */ - { 0x01, 0, 0, 9, "ipBasis" }, /* 359 */ - { 0x02, 362, 1, 6, "keyType" }, /* 360 */ - { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 361 */ - { 0x03, 363, 0, 6, "curve" }, /* 362 */ - { 0x04, 370, 1, 6, "signatures" }, /* 363 */ - { 0x01, 365, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 364 */ - { 0x02, 366, 0, 7, "ecgdsa-with-SHA1" }, /* 365 */ - { 0x03, 367, 0, 7, "ecgdsa-with-SHA224" }, /* 366 */ - { 0x04, 368, 0, 7, "ecgdsa-with-SHA256" }, /* 367 */ - { 0x05, 369, 0, 7, "ecgdsa-with-SHA384" }, /* 368 */ - { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 369 */ - { 0x05, 0, 1, 6, "module" }, /* 370 */ - { 0x01, 0, 0, 7, "1" }, /* 371 */ - { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 372 */ - { 0x01, 0, 1, 6, "ellipticCurve" }, /* 373 */ - { 0x01, 0, 1, 7, "versionOne" }, /* 374 */ - { 0x01, 376, 0, 8, "brainpoolP160r1" }, /* 375 */ - { 0x02, 377, 0, 8, "brainpoolP160t1" }, /* 376 */ - { 0x03, 378, 0, 8, "brainpoolP192r1" }, /* 377 */ - { 0x04, 379, 0, 8, "brainpoolP192t1" }, /* 378 */ - { 0x05, 380, 0, 8, "brainpoolP224r1" }, /* 379 */ - { 0x06, 381, 0, 8, "brainpoolP224t1" }, /* 380 */ - { 0x07, 382, 0, 8, "brainpoolP256r1" }, /* 381 */ - { 0x08, 383, 0, 8, "brainpoolP256t1" }, /* 382 */ - { 0x09, 384, 0, 8, "brainpoolP320r1" }, /* 383 */ - { 0x0A, 385, 0, 8, "brainpoolP320t1" }, /* 384 */ - { 0x0B, 386, 0, 8, "brainpoolP384r1" }, /* 385 */ - { 0x0C, 387, 0, 8, "brainpoolP384t1" }, /* 386 */ - { 0x0D, 388, 0, 8, "brainpoolP512r1" }, /* 387 */ - { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 388 */ - { 0x65, 392, 1, 1, "Thawte" }, /* 389 */ - { 0x70, 391, 0, 2, "id-Ed25519" }, /* 390 */ - { 0x71, 0, 0, 2, "id-Ed448" }, /* 391 */ - { 0x81, 0, 1, 1, "" }, /* 392 */ - { 0x04, 0, 1, 2, "Certicom" }, /* 393 */ - { 0x00, 0, 1, 3, "curve" }, /* 394 */ - { 0x01, 396, 0, 4, "sect163k1" }, /* 395 */ - { 0x02, 397, 0, 4, "sect163r1" }, /* 396 */ - { 0x03, 398, 0, 4, "sect239k1" }, /* 397 */ - { 0x04, 399, 0, 4, "sect113r1" }, /* 398 */ - { 0x05, 400, 0, 4, "sect113r2" }, /* 399 */ - { 0x06, 401, 0, 4, "secp112r1" }, /* 400 */ - { 0x07, 402, 0, 4, "secp112r2" }, /* 401 */ - { 0x08, 403, 0, 4, "secp160r1" }, /* 402 */ - { 0x09, 404, 0, 4, "secp160k1" }, /* 403 */ - { 0x0A, 405, 0, 4, "secp256k1" }, /* 404 */ - { 0x0F, 406, 0, 4, "sect163r2" }, /* 405 */ - { 0x10, 407, 0, 4, "sect283k1" }, /* 406 */ - { 0x11, 408, 0, 4, "sect283r1" }, /* 407 */ - { 0x16, 409, 0, 4, "sect131r1" }, /* 408 */ - { 0x17, 410, 0, 4, "sect131r2" }, /* 409 */ - { 0x18, 411, 0, 4, "sect193r1" }, /* 410 */ - { 0x19, 412, 0, 4, "sect193r2" }, /* 411 */ - { 0x1A, 413, 0, 4, "sect233k1" }, /* 412 */ - { 0x1B, 414, 0, 4, "sect233r1" }, /* 413 */ - { 0x1C, 415, 0, 4, "secp128r1" }, /* 414 */ - { 0x1D, 416, 0, 4, "secp128r2" }, /* 415 */ - { 0x1E, 417, 0, 4, "secp160r2" }, /* 416 */ - { 0x1F, 418, 0, 4, "secp192k1" }, /* 417 */ - { 0x20, 419, 0, 4, "secp224k1" }, /* 418 */ - { 0x21, 420, 0, 4, "secp224r1" }, /* 419 */ - { 0x22, 421, 0, 4, "secp384r1" }, /* 420 */ - { 0x23, 422, 0, 4, "secp521r1" }, /* 421 */ - { 0x24, 423, 0, 4, "sect409k1" }, /* 422 */ - { 0x25, 424, 0, 4, "sect409r1" }, /* 423 */ - { 0x26, 425, 0, 4, "sect571k1" }, /* 424 */ - { 0x27, 0, 0, 4, "sect571r1" }, /* 425 */ - {0x60, 489, 1, 0, "" }, /* 426 */ - { 0x86, 0, 1, 1, "" }, /* 427 */ - { 0x48, 0, 1, 2, "" }, /* 428 */ - { 0x01, 0, 1, 3, "organization" }, /* 429 */ - { 0x65, 465, 1, 4, "gov" }, /* 430 */ - { 0x03, 0, 1, 5, "csor" }, /* 431 */ - { 0x04, 0, 1, 6, "nistalgorithm" }, /* 432 */ - { 0x01, 443, 1, 7, "aes" }, /* 433 */ - { 0x02, 435, 0, 8, "id-aes128-CBC" }, /* 434 */ - { 0x06, 436, 0, 8, "id-aes128-GCM" }, /* 435 */ - { 0x07, 437, 0, 8, "id-aes128-CCM" }, /* 436 */ - { 0x16, 438, 0, 8, "id-aes192-CBC" }, /* 437 */ - { 0x1A, 439, 0, 8, "id-aes192-GCM" }, /* 438 */ - { 0x1B, 440, 0, 8, "id-aes192-CCM" }, /* 439 */ - { 0x2A, 441, 0, 8, "id-aes256-CBC" }, /* 440 */ - { 0x2E, 442, 0, 8, "id-aes256-GCM" }, /* 441 */ - { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 442 */ - { 0x02, 456, 1, 7, "hashAlgs" }, /* 443 */ - { 0x01, 445, 0, 8, "id-sha256" }, /* 444 */ - { 0x02, 446, 0, 8, "id-sha384" }, /* 445 */ - { 0x03, 447, 0, 8, "id-sha512" }, /* 446 */ - { 0x04, 448, 0, 8, "id-sha224" }, /* 447 */ - { 0x05, 449, 0, 8, "id-sha512-224" }, /* 448 */ - { 0x06, 450, 0, 8, "id-sha512-256" }, /* 449 */ - { 0x07, 451, 0, 8, "id-sha3-224" }, /* 450 */ - { 0x08, 452, 0, 8, "id-sha3-256" }, /* 451 */ - { 0x09, 453, 0, 8, "id-sha3-384" }, /* 452 */ - { 0x0A, 454, 0, 8, "id-sha3-512" }, /* 453 */ - { 0x0B, 455, 0, 8, "id-shake128" }, /* 454 */ - { 0x0C, 0, 0, 8, "id-shake256" }, /* 455 */ - { 0x03, 0, 1, 7, "sigAlgs" }, /* 456 */ - { 0x09, 458, 0, 8, "id-ecdsa-with-sha3-224" }, /* 457 */ - { 0x0A, 459, 0, 8, "id-ecdsa-with-sha3-256" }, /* 458 */ - { 0x0B, 460, 0, 8, "id-ecdsa-with-sha3-384" }, /* 459 */ - { 0x0C, 461, 0, 8, "id-ecdsa-with-sha3-512" }, /* 460 */ - { 0x0D, 462, 0, 8, "id-rsassa-pkcs1v15-with-sha3-224"}, /* 461 */ - { 0x0E, 463, 0, 8, "id-rsassa-pkcs1v15-with-sha3-256"}, /* 462 */ - { 0x0F, 464, 0, 8, "id-rsassa-pkcs1v15-with-sha3-384"}, /* 463 */ - { 0x10, 0, 0, 8, "id-rsassa-pkcs1v15-with-sha3-512"}, /* 464 */ - { 0x86, 0, 1, 4, "" }, /* 465 */ - { 0xf8, 0, 1, 5, "" }, /* 466 */ - { 0x42, 479, 1, 6, "netscape" }, /* 467 */ - { 0x01, 474, 1, 7, "" }, /* 468 */ - { 0x01, 470, 0, 8, "nsCertType" }, /* 469 */ - { 0x03, 471, 0, 8, "nsRevocationUrl" }, /* 470 */ - { 0x04, 472, 0, 8, "nsCaRevocationUrl" }, /* 471 */ - { 0x08, 473, 0, 8, "nsCaPolicyUrl" }, /* 472 */ - { 0x0d, 0, 0, 8, "nsComment" }, /* 473 */ - { 0x03, 477, 1, 7, "directory" }, /* 474 */ - { 0x01, 0, 1, 8, "" }, /* 475 */ - { 0x03, 0, 0, 9, "employeeNumber" }, /* 476 */ - { 0x04, 0, 1, 7, "policy" }, /* 477 */ - { 0x01, 0, 0, 8, "nsSGC" }, /* 478 */ - { 0x45, 0, 1, 6, "verisign" }, /* 479 */ - { 0x01, 0, 1, 7, "pki" }, /* 480 */ - { 0x09, 0, 1, 8, "attributes" }, /* 481 */ - { 0x02, 483, 0, 9, "messageType" }, /* 482 */ - { 0x03, 484, 0, 9, "pkiStatus" }, /* 483 */ - { 0x04, 485, 0, 9, "failInfo" }, /* 484 */ - { 0x05, 486, 0, 9, "senderNonce" }, /* 485 */ - { 0x06, 487, 0, 9, "recipientNonce" }, /* 486 */ - { 0x07, 488, 0, 9, "transID" }, /* 487 */ - { 0x08, 0, 0, 9, "extensionReq" }, /* 488 */ - {0x67, 0, 1, 0, "" }, /* 489 */ - { 0x81, 0, 1, 1, "" }, /* 490 */ - { 0x05, 0, 1, 2, "" }, /* 491 */ - { 0x02, 0, 1, 3, "tcg-attribute" }, /* 492 */ - { 0x01, 494, 0, 4, "tcg-at-tpmManufacturer" }, /* 493 */ - { 0x02, 495, 0, 4, "tcg-at-tpmModel" }, /* 494 */ - { 0x03, 496, 0, 4, "tcg-at-tpmVersion" }, /* 495 */ - { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 496 */ + { 0x01, 0, 1, 8, "" }, /* 247 */ + { 0x02, 0, 1, 9, "" }, /* 248 */ + { 0x02, 0, 1, 10, "" }, /* 249 */ + { 0x4B, 0, 0, 11, "TCGID" }, /* 250 */ + { 0x97, 255, 1, 5, "" }, /* 251 */ + { 0x55, 0, 1, 6, "" }, /* 252 */ + { 0x01, 0, 1, 7, "" }, /* 253 */ + { 0x02, 0, 0, 8, "blowfish-cbc" }, /* 254 */ + { 0xC1, 0, 1, 5, "" }, /* 255 */ + { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 256 */ + { 0x01, 0, 1, 7, "eess" }, /* 257 */ + { 0x01, 0, 1, 8, "eess1" }, /* 258 */ + { 0x01, 263, 1, 9, "eess1-algs" }, /* 259 */ + { 0x01, 261, 0, 10, "ntru-EESS1v1-SVES" }, /* 260 */ + { 0x02, 262, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 261 */ + { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 262 */ + { 0x02, 293, 1, 9, "eess1-params" }, /* 263 */ + { 0x01, 265, 0, 10, "ees251ep1" }, /* 264 */ + { 0x02, 266, 0, 10, "ees347ep1" }, /* 265 */ + { 0x03, 267, 0, 10, "ees503ep1" }, /* 266 */ + { 0x07, 268, 0, 10, "ees251sp2" }, /* 267 */ + { 0x0C, 269, 0, 10, "ees251ep4" }, /* 268 */ + { 0x0D, 270, 0, 10, "ees251ep5" }, /* 269 */ + { 0x0E, 271, 0, 10, "ees251sp3" }, /* 270 */ + { 0x0F, 272, 0, 10, "ees251sp4" }, /* 271 */ + { 0x10, 273, 0, 10, "ees251sp5" }, /* 272 */ + { 0x11, 274, 0, 10, "ees251sp6" }, /* 273 */ + { 0x12, 275, 0, 10, "ees251sp7" }, /* 274 */ + { 0x13, 276, 0, 10, "ees251sp8" }, /* 275 */ + { 0x14, 277, 0, 10, "ees251sp9" }, /* 276 */ + { 0x22, 278, 0, 10, "ees401ep1" }, /* 277 */ + { 0x23, 279, 0, 10, "ees449ep1" }, /* 278 */ + { 0x24, 280, 0, 10, "ees677ep1" }, /* 279 */ + { 0x25, 281, 0, 10, "ees1087ep2" }, /* 280 */ + { 0x26, 282, 0, 10, "ees541ep1" }, /* 281 */ + { 0x27, 283, 0, 10, "ees613ep1" }, /* 282 */ + { 0x28, 284, 0, 10, "ees887ep1" }, /* 283 */ + { 0x29, 285, 0, 10, "ees1171ep1" }, /* 284 */ + { 0x2A, 286, 0, 10, "ees659ep1" }, /* 285 */ + { 0x2B, 287, 0, 10, "ees761ep1" }, /* 286 */ + { 0x2C, 288, 0, 10, "ees1087ep1" }, /* 287 */ + { 0x2D, 289, 0, 10, "ees1499ep1" }, /* 288 */ + { 0x2E, 290, 0, 10, "ees401ep2" }, /* 289 */ + { 0x2F, 291, 0, 10, "ees439ep1" }, /* 290 */ + { 0x30, 292, 0, 10, "ees593ep1" }, /* 291 */ + { 0x31, 0, 0, 10, "ees743ep1" }, /* 292 */ + { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 293 */ + { 0x05, 0, 1, 3, "security" }, /* 294 */ + { 0x05, 0, 1, 4, "mechanisms" }, /* 295 */ + { 0x07, 341, 1, 5, "id-pkix" }, /* 296 */ + { 0x01, 302, 1, 6, "id-pe" }, /* 297 */ + { 0x01, 299, 0, 7, "authorityInfoAccess" }, /* 298 */ + { 0x03, 300, 0, 7, "qcStatements" }, /* 299 */ + { 0x07, 301, 0, 7, "ipAddrBlocks" }, /* 300 */ + { 0x18, 0, 0, 7, "tlsfeature" }, /* 301 */ + { 0x02, 305, 1, 6, "id-qt" }, /* 302 */ + { 0x01, 304, 0, 7, "cps" }, /* 303 */ + { 0x02, 0, 0, 7, "unotice" }, /* 304 */ + { 0x03, 315, 1, 6, "id-kp" }, /* 305 */ + { 0x01, 307, 0, 7, "serverAuth" }, /* 306 */ + { 0x02, 308, 0, 7, "clientAuth" }, /* 307 */ + { 0x03, 309, 0, 7, "codeSigning" }, /* 308 */ + { 0x04, 310, 0, 7, "emailProtection" }, /* 309 */ + { 0x05, 311, 0, 7, "ipsecEndSystem" }, /* 310 */ + { 0x06, 312, 0, 7, "ipsecTunnel" }, /* 311 */ + { 0x07, 313, 0, 7, "ipsecUser" }, /* 312 */ + { 0x08, 314, 0, 7, "timeStamping" }, /* 313 */ + { 0x09, 0, 0, 7, "ocspSigning" }, /* 314 */ + { 0x08, 323, 1, 6, "id-otherNames" }, /* 315 */ + { 0x01, 317, 0, 7, "personalData" }, /* 316 */ + { 0x02, 318, 0, 7, "userGroup" }, /* 317 */ + { 0x03, 319, 0, 7, "id-on-permanentIdentifier" }, /* 318 */ + { 0x04, 320, 0, 7, "id-on-hardwareModuleName" }, /* 319 */ + { 0x05, 321, 0, 7, "xmppAddr" }, /* 320 */ + { 0x06, 322, 0, 7, "id-on-SIM" }, /* 321 */ + { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 322 */ + { 0x0A, 328, 1, 6, "id-aca" }, /* 323 */ + { 0x01, 325, 0, 7, "authenticationInfo" }, /* 324 */ + { 0x02, 326, 0, 7, "accessIdentity" }, /* 325 */ + { 0x03, 327, 0, 7, "chargingIdentity" }, /* 326 */ + { 0x04, 0, 0, 7, "group" }, /* 327 */ + { 0x0B, 329, 0, 6, "subjectInfoAccess" }, /* 328 */ + { 0x30, 0, 1, 6, "id-ad" }, /* 329 */ + { 0x01, 338, 1, 7, "ocsp" }, /* 330 */ + { 0x01, 332, 0, 8, "basic" }, /* 331 */ + { 0x02, 333, 0, 8, "nonce" }, /* 332 */ + { 0x03, 334, 0, 8, "crl" }, /* 333 */ + { 0x04, 335, 0, 8, "response" }, /* 334 */ + { 0x05, 336, 0, 8, "noCheck" }, /* 335 */ + { 0x06, 337, 0, 8, "archiveCutoff" }, /* 336 */ + { 0x07, 0, 0, 8, "serviceLocator" }, /* 337 */ + { 0x02, 339, 0, 7, "caIssuers" }, /* 338 */ + { 0x03, 340, 0, 7, "timeStamping" }, /* 339 */ + { 0x05, 0, 0, 7, "caRepository" }, /* 340 */ + { 0x08, 0, 1, 5, "ipsec" }, /* 341 */ + { 0x02, 0, 1, 6, "certificate" }, /* 342 */ + { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 343 */ + { 0x0E, 350, 1, 1, "oiw" }, /* 344 */ + { 0x03, 0, 1, 2, "secsig" }, /* 345 */ + { 0x02, 0, 1, 3, "algorithms" }, /* 346 */ + { 0x07, 348, 0, 4, "des-cbc" }, /* 347 */ + { 0x1A, 349, 0, 4, "sha-1" }, /* 348 */ + { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 349 */ + { 0x24, 396, 1, 1, "TeleTrusT" }, /* 350 */ + { 0x03, 0, 1, 2, "algorithm" }, /* 351 */ + { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 352 */ + { 0x01, 357, 1, 4, "rsaSignature" }, /* 353 */ + { 0x02, 355, 0, 5, "rsaSigWithripemd160" }, /* 354 */ + { 0x03, 356, 0, 5, "rsaSigWithripemd128" }, /* 355 */ + { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 356 */ + { 0x02, 0, 1, 4, "ecSign" }, /* 357 */ + { 0x01, 359, 0, 5, "ecSignWithsha1" }, /* 358 */ + { 0x02, 360, 0, 5, "ecSignWithripemd160" }, /* 359 */ + { 0x03, 361, 0, 5, "ecSignWithmd2" }, /* 360 */ + { 0x04, 362, 0, 5, "ecSignWithmd5" }, /* 361 */ + { 0x05, 379, 1, 5, "ttt-ecg" }, /* 362 */ + { 0x01, 367, 1, 6, "fieldType" }, /* 363 */ + { 0x01, 0, 1, 7, "characteristictwoField" }, /* 364 */ + { 0x01, 0, 1, 8, "basisType" }, /* 365 */ + { 0x01, 0, 0, 9, "ipBasis" }, /* 366 */ + { 0x02, 369, 1, 6, "keyType" }, /* 367 */ + { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 368 */ + { 0x03, 370, 0, 6, "curve" }, /* 369 */ + { 0x04, 377, 1, 6, "signatures" }, /* 370 */ + { 0x01, 372, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 371 */ + { 0x02, 373, 0, 7, "ecgdsa-with-SHA1" }, /* 372 */ + { 0x03, 374, 0, 7, "ecgdsa-with-SHA224" }, /* 373 */ + { 0x04, 375, 0, 7, "ecgdsa-with-SHA256" }, /* 374 */ + { 0x05, 376, 0, 7, "ecgdsa-with-SHA384" }, /* 375 */ + { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 376 */ + { 0x05, 0, 1, 6, "module" }, /* 377 */ + { 0x01, 0, 0, 7, "1" }, /* 378 */ + { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 379 */ + { 0x01, 0, 1, 6, "ellipticCurve" }, /* 380 */ + { 0x01, 0, 1, 7, "versionOne" }, /* 381 */ + { 0x01, 383, 0, 8, "brainpoolP160r1" }, /* 382 */ + { 0x02, 384, 0, 8, "brainpoolP160t1" }, /* 383 */ + { 0x03, 385, 0, 8, "brainpoolP192r1" }, /* 384 */ + { 0x04, 386, 0, 8, "brainpoolP192t1" }, /* 385 */ + { 0x05, 387, 0, 8, "brainpoolP224r1" }, /* 386 */ + { 0x06, 388, 0, 8, "brainpoolP224t1" }, /* 387 */ + { 0x07, 389, 0, 8, "brainpoolP256r1" }, /* 388 */ + { 0x08, 390, 0, 8, "brainpoolP256t1" }, /* 389 */ + { 0x09, 391, 0, 8, "brainpoolP320r1" }, /* 390 */ + { 0x0A, 392, 0, 8, "brainpoolP320t1" }, /* 391 */ + { 0x0B, 393, 0, 8, "brainpoolP384r1" }, /* 392 */ + { 0x0C, 394, 0, 8, "brainpoolP384t1" }, /* 393 */ + { 0x0D, 395, 0, 8, "brainpoolP512r1" }, /* 394 */ + { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 395 */ + { 0x65, 399, 1, 1, "Thawte" }, /* 396 */ + { 0x70, 398, 0, 2, "id-Ed25519" }, /* 397 */ + { 0x71, 0, 0, 2, "id-Ed448" }, /* 398 */ + { 0x81, 0, 1, 1, "" }, /* 399 */ + { 0x04, 0, 1, 2, "Certicom" }, /* 400 */ + { 0x00, 0, 1, 3, "curve" }, /* 401 */ + { 0x01, 403, 0, 4, "sect163k1" }, /* 402 */ + { 0x02, 404, 0, 4, "sect163r1" }, /* 403 */ + { 0x03, 405, 0, 4, "sect239k1" }, /* 404 */ + { 0x04, 406, 0, 4, "sect113r1" }, /* 405 */ + { 0x05, 407, 0, 4, "sect113r2" }, /* 406 */ + { 0x06, 408, 0, 4, "secp112r1" }, /* 407 */ + { 0x07, 409, 0, 4, "secp112r2" }, /* 408 */ + { 0x08, 410, 0, 4, "secp160r1" }, /* 409 */ + { 0x09, 411, 0, 4, "secp160k1" }, /* 410 */ + { 0x0A, 412, 0, 4, "secp256k1" }, /* 411 */ + { 0x0F, 413, 0, 4, "sect163r2" }, /* 412 */ + { 0x10, 414, 0, 4, "sect283k1" }, /* 413 */ + { 0x11, 415, 0, 4, "sect283r1" }, /* 414 */ + { 0x16, 416, 0, 4, "sect131r1" }, /* 415 */ + { 0x17, 417, 0, 4, "sect131r2" }, /* 416 */ + { 0x18, 418, 0, 4, "sect193r1" }, /* 417 */ + { 0x19, 419, 0, 4, "sect193r2" }, /* 418 */ + { 0x1A, 420, 0, 4, "sect233k1" }, /* 419 */ + { 0x1B, 421, 0, 4, "sect233r1" }, /* 420 */ + { 0x1C, 422, 0, 4, "secp128r1" }, /* 421 */ + { 0x1D, 423, 0, 4, "secp128r2" }, /* 422 */ + { 0x1E, 424, 0, 4, "secp160r2" }, /* 423 */ + { 0x1F, 425, 0, 4, "secp192k1" }, /* 424 */ + { 0x20, 426, 0, 4, "secp224k1" }, /* 425 */ + { 0x21, 427, 0, 4, "secp224r1" }, /* 426 */ + { 0x22, 428, 0, 4, "secp384r1" }, /* 427 */ + { 0x23, 429, 0, 4, "secp521r1" }, /* 428 */ + { 0x24, 430, 0, 4, "sect409k1" }, /* 429 */ + { 0x25, 431, 0, 4, "sect409r1" }, /* 430 */ + { 0x26, 432, 0, 4, "sect571k1" }, /* 431 */ + { 0x27, 0, 0, 4, "sect571r1" }, /* 432 */ + {0x60, 496, 1, 0, "" }, /* 433 */ + { 0x86, 0, 1, 1, "" }, /* 434 */ + { 0x48, 0, 1, 2, "" }, /* 435 */ + { 0x01, 0, 1, 3, "organization" }, /* 436 */ + { 0x65, 472, 1, 4, "gov" }, /* 437 */ + { 0x03, 0, 1, 5, "csor" }, /* 438 */ + { 0x04, 0, 1, 6, "nistalgorithm" }, /* 439 */ + { 0x01, 450, 1, 7, "aes" }, /* 440 */ + { 0x02, 442, 0, 8, "id-aes128-CBC" }, /* 441 */ + { 0x06, 443, 0, 8, "id-aes128-GCM" }, /* 442 */ + { 0x07, 444, 0, 8, "id-aes128-CCM" }, /* 443 */ + { 0x16, 445, 0, 8, "id-aes192-CBC" }, /* 444 */ + { 0x1A, 446, 0, 8, "id-aes192-GCM" }, /* 445 */ + { 0x1B, 447, 0, 8, "id-aes192-CCM" }, /* 446 */ + { 0x2A, 448, 0, 8, "id-aes256-CBC" }, /* 447 */ + { 0x2E, 449, 0, 8, "id-aes256-GCM" }, /* 448 */ + { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 449 */ + { 0x02, 463, 1, 7, "hashAlgs" }, /* 450 */ + { 0x01, 452, 0, 8, "id-sha256" }, /* 451 */ + { 0x02, 453, 0, 8, "id-sha384" }, /* 452 */ + { 0x03, 454, 0, 8, "id-sha512" }, /* 453 */ + { 0x04, 455, 0, 8, "id-sha224" }, /* 454 */ + { 0x05, 456, 0, 8, "id-sha512-224" }, /* 455 */ + { 0x06, 457, 0, 8, "id-sha512-256" }, /* 456 */ + { 0x07, 458, 0, 8, "id-sha3-224" }, /* 457 */ + { 0x08, 459, 0, 8, "id-sha3-256" }, /* 458 */ + { 0x09, 460, 0, 8, "id-sha3-384" }, /* 459 */ + { 0x0A, 461, 0, 8, "id-sha3-512" }, /* 460 */ + { 0x0B, 462, 0, 8, "id-shake128" }, /* 461 */ + { 0x0C, 0, 0, 8, "id-shake256" }, /* 462 */ + { 0x03, 0, 1, 7, "sigAlgs" }, /* 463 */ + { 0x09, 465, 0, 8, "id-ecdsa-with-sha3-224" }, /* 464 */ + { 0x0A, 466, 0, 8, "id-ecdsa-with-sha3-256" }, /* 465 */ + { 0x0B, 467, 0, 8, "id-ecdsa-with-sha3-384" }, /* 466 */ + { 0x0C, 468, 0, 8, "id-ecdsa-with-sha3-512" }, /* 467 */ + { 0x0D, 469, 0, 8, "id-rsassa-pkcs1v15-with-sha3-224"}, /* 468 */ + { 0x0E, 470, 0, 8, "id-rsassa-pkcs1v15-with-sha3-256"}, /* 469 */ + { 0x0F, 471, 0, 8, "id-rsassa-pkcs1v15-with-sha3-384"}, /* 470 */ + { 0x10, 0, 0, 8, "id-rsassa-pkcs1v15-with-sha3-512"}, /* 471 */ + { 0x86, 0, 1, 4, "" }, /* 472 */ + { 0xf8, 0, 1, 5, "" }, /* 473 */ + { 0x42, 486, 1, 6, "netscape" }, /* 474 */ + { 0x01, 481, 1, 7, "" }, /* 475 */ + { 0x01, 477, 0, 8, "nsCertType" }, /* 476 */ + { 0x03, 478, 0, 8, "nsRevocationUrl" }, /* 477 */ + { 0x04, 479, 0, 8, "nsCaRevocationUrl" }, /* 478 */ + { 0x08, 480, 0, 8, "nsCaPolicyUrl" }, /* 479 */ + { 0x0d, 0, 0, 8, "nsComment" }, /* 480 */ + { 0x03, 484, 1, 7, "directory" }, /* 481 */ + { 0x01, 0, 1, 8, "" }, /* 482 */ + { 0x03, 0, 0, 9, "employeeNumber" }, /* 483 */ + { 0x04, 0, 1, 7, "policy" }, /* 484 */ + { 0x01, 0, 0, 8, "nsSGC" }, /* 485 */ + { 0x45, 0, 1, 6, "verisign" }, /* 486 */ + { 0x01, 0, 1, 7, "pki" }, /* 487 */ + { 0x09, 0, 1, 8, "attributes" }, /* 488 */ + { 0x02, 490, 0, 9, "messageType" }, /* 489 */ + { 0x03, 491, 0, 9, "pkiStatus" }, /* 490 */ + { 0x04, 492, 0, 9, "failInfo" }, /* 491 */ + { 0x05, 493, 0, 9, "senderNonce" }, /* 492 */ + { 0x06, 494, 0, 9, "recipientNonce" }, /* 493 */ + { 0x07, 495, 0, 9, "transID" }, /* 494 */ + { 0x08, 0, 0, 9, "extensionReq" }, /* 495 */ + {0x67, 0, 1, 0, "" }, /* 496 */ + { 0x81, 0, 1, 1, "" }, /* 497 */ + { 0x05, 0, 1, 2, "" }, /* 498 */ + { 0x02, 0, 1, 3, "tcg-attribute" }, /* 499 */ + { 0x01, 501, 0, 4, "tcg-at-tpmManufacturer" }, /* 500 */ + { 0x02, 502, 0, 4, "tcg-at-tpmModel" }, /* 501 */ + { 0x03, 503, 0, 4, "tcg-at-tpmVersion" }, /* 502 */ + { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 503 */ }; diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h index 230fe2f87..99cf77854 100644 --- a/src/libstrongswan/asn1/oid.h +++ b/src/libstrongswan/asn1/oid.h @@ -111,166 +111,173 @@ extern const oid_t oid_names[]; #define OID_P12_CRL_BAG 146 #define OID_MD2 150 #define OID_MD5 151 -#define OID_3DES_EDE_CBC 153 -#define OID_EC_PUBLICKEY 157 -#define OID_C2PNB163V1 160 -#define OID_C2PNB163V2 161 -#define OID_C2PNB163V3 162 -#define OID_C2PNB176W1 163 -#define OID_C2PNB191V1 164 -#define OID_C2PNB191V2 165 -#define OID_C2PNB191V3 166 -#define OID_C2PNB191V4 167 -#define OID_C2PNB191V5 168 -#define OID_C2PNB208W1 169 -#define OID_C2PNB239V1 170 -#define OID_C2PNB239V2 171 -#define OID_C2PNB239V3 172 -#define OID_C2PNB239V4 173 -#define OID_C2PNB239V5 174 -#define OID_C2PNB272W1 175 -#define OID_C2PNB304W1 176 -#define OID_C2PNB359V1 177 -#define OID_C2PNB368W1 178 -#define OID_C2PNB431R1 179 -#define OID_PRIME192V1 181 -#define OID_PRIME192V2 182 -#define OID_PRIME192V3 183 -#define OID_PRIME239V1 184 -#define OID_PRIME239V2 185 -#define OID_PRIME239V3 186 -#define OID_PRIME256V1 187 -#define OID_ECDSA_WITH_SHA1 189 -#define OID_ECDSA_WITH_SHA224 191 -#define OID_ECDSA_WITH_SHA256 192 -#define OID_ECDSA_WITH_SHA384 193 -#define OID_ECDSA_WITH_SHA512 194 -#define OID_MS_SMARTCARD_LOGON 208 -#define OID_USER_PRINCIPAL_NAME 209 -#define OID_STRONGSWAN 215 -#define OID_BLISS_PUBLICKEY 220 -#define OID_BLISS_I 222 -#define OID_BLISS_II 223 -#define OID_BLISS_III 224 -#define OID_BLISS_IV 225 -#define OID_BLISS_B_I 226 -#define OID_BLISS_B_II 227 -#define OID_BLISS_B_III 228 -#define OID_BLISS_B_IV 229 -#define OID_BLISS_WITH_SHA2_512 231 -#define OID_BLISS_WITH_SHA2_384 232 -#define OID_BLISS_WITH_SHA2_256 233 -#define OID_BLISS_WITH_SHA3_512 234 -#define OID_BLISS_WITH_SHA3_384 235 -#define OID_BLISS_WITH_SHA3_256 236 -#define OID_TCGID 243 -#define OID_BLOWFISH_CBC 247 -#define OID_AUTHORITY_INFO_ACCESS 291 -#define OID_IP_ADDR_BLOCKS 293 -#define OID_POLICY_QUALIFIER_CPS 296 -#define OID_POLICY_QUALIFIER_UNOTICE 297 -#define OID_SERVER_AUTH 299 -#define OID_CLIENT_AUTH 300 -#define OID_OCSP_SIGNING 307 -#define OID_XMPP_ADDR 313 -#define OID_AUTHENTICATION_INFO 317 -#define OID_ACCESS_IDENTITY 318 -#define OID_CHARGING_IDENTITY 319 -#define OID_GROUP 320 -#define OID_OCSP 323 -#define OID_BASIC 324 -#define OID_NONCE 325 -#define OID_CRL 326 -#define OID_RESPONSE 327 -#define OID_NO_CHECK 328 -#define OID_ARCHIVE_CUTOFF 329 -#define OID_SERVICE_LOCATOR 330 -#define OID_CA_ISSUERS 331 -#define OID_IKE_INTERMEDIATE 336 -#define OID_DES_CBC 340 -#define OID_SHA1 341 -#define OID_SHA1_WITH_RSA_OIW 342 -#define OID_ECGDSA_PUBKEY 361 -#define OID_ECGDSA_SIG_WITH_RIPEMD160 364 -#define OID_ECGDSA_SIG_WITH_SHA1 365 -#define OID_ECGDSA_SIG_WITH_SHA224 366 -#define OID_ECGDSA_SIG_WITH_SHA256 367 -#define OID_ECGDSA_SIG_WITH_SHA384 368 -#define OID_ECGDSA_SIG_WITH_SHA512 369 -#define OID_ED25519 390 -#define OID_ED448 391 -#define OID_SECT163K1 395 -#define OID_SECT163R1 396 -#define OID_SECT239K1 397 -#define OID_SECT113R1 398 -#define OID_SECT113R2 399 -#define OID_SECT112R1 400 -#define OID_SECT112R2 401 -#define OID_SECT160R1 402 -#define OID_SECT160K1 403 -#define OID_SECT256K1 404 -#define OID_SECT163R2 405 -#define OID_SECT283K1 406 -#define OID_SECT283R1 407 -#define OID_SECT131R1 408 -#define OID_SECT131R2 409 -#define OID_SECT193R1 410 -#define OID_SECT193R2 411 -#define OID_SECT233K1 412 -#define OID_SECT233R1 413 -#define OID_SECT128R1 414 -#define OID_SECT128R2 415 -#define OID_SECT160R2 416 -#define OID_SECT192K1 417 -#define OID_SECT224K1 418 -#define OID_SECT224R1 419 -#define OID_SECT384R1 420 -#define OID_SECT521R1 421 -#define OID_SECT409K1 422 -#define OID_SECT409R1 423 -#define OID_SECT571K1 424 -#define OID_SECT571R1 425 -#define OID_AES128_CBC 434 -#define OID_AES128_GCM 435 -#define OID_AES128_CCM 436 -#define OID_AES192_CBC 437 -#define OID_AES192_GCM 438 -#define OID_AES192_CCM 439 -#define OID_AES256_CBC 440 -#define OID_AES256_GCM 441 -#define OID_AES256_CCM 442 -#define OID_SHA256 444 -#define OID_SHA384 445 -#define OID_SHA512 446 -#define OID_SHA224 447 -#define OID_SHA3_224 450 -#define OID_SHA3_256 451 -#define OID_SHA3_384 452 -#define OID_SHA3_512 453 -#define OID_ECDSA_WITH_SHA3_224 457 -#define OID_ECDSA_WITH_SHA3_256 458 -#define OID_ECDSA_WITH_SHA3_384 459 -#define OID_ECDSA_WITH_SHA3_512 460 -#define OID_RSASSA_PKCS1V15_WITH_SHA3_224 461 -#define OID_RSASSA_PKCS1V15_WITH_SHA3_256 462 -#define OID_RSASSA_PKCS1V15_WITH_SHA3_384 463 -#define OID_RSASSA_PKCS1V15_WITH_SHA3_512 464 -#define OID_NS_REVOCATION_URL 470 -#define OID_NS_CA_REVOCATION_URL 471 -#define OID_NS_CA_POLICY_URL 472 -#define OID_NS_COMMENT 473 -#define OID_EMPLOYEE_NUMBER 476 -#define OID_PKI_MESSAGE_TYPE 482 -#define OID_PKI_STATUS 483 -#define OID_PKI_FAIL_INFO 484 -#define OID_PKI_SENDER_NONCE 485 -#define OID_PKI_RECIPIENT_NONCE 486 -#define OID_PKI_TRANS_ID 487 -#define OID_TPM_MANUFACTURER 493 -#define OID_TPM_MODEL 494 -#define OID_TPM_VERSION 495 -#define OID_TPM_ID_LABEL 496 +#define OID_HMAC_SHA1 152 +#define OID_HMAC_SHA224 153 +#define OID_HMAC_SHA256 154 +#define OID_HMAC_SHA384 155 +#define OID_HMAC_SHA512 156 +#define OID_HMAC_SHA512_224 157 +#define OID_HMAC_SHA512_256 158 +#define OID_3DES_EDE_CBC 160 +#define OID_EC_PUBLICKEY 164 +#define OID_C2PNB163V1 167 +#define OID_C2PNB163V2 168 +#define OID_C2PNB163V3 169 +#define OID_C2PNB176W1 170 +#define OID_C2PNB191V1 171 +#define OID_C2PNB191V2 172 +#define OID_C2PNB191V3 173 +#define OID_C2PNB191V4 174 +#define OID_C2PNB191V5 175 +#define OID_C2PNB208W1 176 +#define OID_C2PNB239V1 177 +#define OID_C2PNB239V2 178 +#define OID_C2PNB239V3 179 +#define OID_C2PNB239V4 180 +#define OID_C2PNB239V5 181 +#define OID_C2PNB272W1 182 +#define OID_C2PNB304W1 183 +#define OID_C2PNB359V1 184 +#define OID_C2PNB368W1 185 +#define OID_C2PNB431R1 186 +#define OID_PRIME192V1 188 +#define OID_PRIME192V2 189 +#define OID_PRIME192V3 190 +#define OID_PRIME239V1 191 +#define OID_PRIME239V2 192 +#define OID_PRIME239V3 193 +#define OID_PRIME256V1 194 +#define OID_ECDSA_WITH_SHA1 196 +#define OID_ECDSA_WITH_SHA224 198 +#define OID_ECDSA_WITH_SHA256 199 +#define OID_ECDSA_WITH_SHA384 200 +#define OID_ECDSA_WITH_SHA512 201 +#define OID_MS_SMARTCARD_LOGON 215 +#define OID_USER_PRINCIPAL_NAME 216 +#define OID_STRONGSWAN 222 +#define OID_BLISS_PUBLICKEY 227 +#define OID_BLISS_I 229 +#define OID_BLISS_II 230 +#define OID_BLISS_III 231 +#define OID_BLISS_IV 232 +#define OID_BLISS_B_I 233 +#define OID_BLISS_B_II 234 +#define OID_BLISS_B_III 235 +#define OID_BLISS_B_IV 236 +#define OID_BLISS_WITH_SHA2_512 238 +#define OID_BLISS_WITH_SHA2_384 239 +#define OID_BLISS_WITH_SHA2_256 240 +#define OID_BLISS_WITH_SHA3_512 241 +#define OID_BLISS_WITH_SHA3_384 242 +#define OID_BLISS_WITH_SHA3_256 243 +#define OID_TCGID 250 +#define OID_BLOWFISH_CBC 254 +#define OID_AUTHORITY_INFO_ACCESS 298 +#define OID_IP_ADDR_BLOCKS 300 +#define OID_POLICY_QUALIFIER_CPS 303 +#define OID_POLICY_QUALIFIER_UNOTICE 304 +#define OID_SERVER_AUTH 306 +#define OID_CLIENT_AUTH 307 +#define OID_OCSP_SIGNING 314 +#define OID_XMPP_ADDR 320 +#define OID_AUTHENTICATION_INFO 324 +#define OID_ACCESS_IDENTITY 325 +#define OID_CHARGING_IDENTITY 326 +#define OID_GROUP 327 +#define OID_OCSP 330 +#define OID_BASIC 331 +#define OID_NONCE 332 +#define OID_CRL 333 +#define OID_RESPONSE 334 +#define OID_NO_CHECK 335 +#define OID_ARCHIVE_CUTOFF 336 +#define OID_SERVICE_LOCATOR 337 +#define OID_CA_ISSUERS 338 +#define OID_IKE_INTERMEDIATE 343 +#define OID_DES_CBC 347 +#define OID_SHA1 348 +#define OID_SHA1_WITH_RSA_OIW 349 +#define OID_ECGDSA_PUBKEY 368 +#define OID_ECGDSA_SIG_WITH_RIPEMD160 371 +#define OID_ECGDSA_SIG_WITH_SHA1 372 +#define OID_ECGDSA_SIG_WITH_SHA224 373 +#define OID_ECGDSA_SIG_WITH_SHA256 374 +#define OID_ECGDSA_SIG_WITH_SHA384 375 +#define OID_ECGDSA_SIG_WITH_SHA512 376 +#define OID_ED25519 397 +#define OID_ED448 398 +#define OID_SECT163K1 402 +#define OID_SECT163R1 403 +#define OID_SECT239K1 404 +#define OID_SECT113R1 405 +#define OID_SECT113R2 406 +#define OID_SECT112R1 407 +#define OID_SECT112R2 408 +#define OID_SECT160R1 409 +#define OID_SECT160K1 410 +#define OID_SECT256K1 411 +#define OID_SECT163R2 412 +#define OID_SECT283K1 413 +#define OID_SECT283R1 414 +#define OID_SECT131R1 415 +#define OID_SECT131R2 416 +#define OID_SECT193R1 417 +#define OID_SECT193R2 418 +#define OID_SECT233K1 419 +#define OID_SECT233R1 420 +#define OID_SECT128R1 421 +#define OID_SECT128R2 422 +#define OID_SECT160R2 423 +#define OID_SECT192K1 424 +#define OID_SECT224K1 425 +#define OID_SECT224R1 426 +#define OID_SECT384R1 427 +#define OID_SECT521R1 428 +#define OID_SECT409K1 429 +#define OID_SECT409R1 430 +#define OID_SECT571K1 431 +#define OID_SECT571R1 432 +#define OID_AES128_CBC 441 +#define OID_AES128_GCM 442 +#define OID_AES128_CCM 443 +#define OID_AES192_CBC 444 +#define OID_AES192_GCM 445 +#define OID_AES192_CCM 446 +#define OID_AES256_CBC 447 +#define OID_AES256_GCM 448 +#define OID_AES256_CCM 449 +#define OID_SHA256 451 +#define OID_SHA384 452 +#define OID_SHA512 453 +#define OID_SHA224 454 +#define OID_SHA3_224 457 +#define OID_SHA3_256 458 +#define OID_SHA3_384 459 +#define OID_SHA3_512 460 +#define OID_ECDSA_WITH_SHA3_224 464 +#define OID_ECDSA_WITH_SHA3_256 465 +#define OID_ECDSA_WITH_SHA3_384 466 +#define OID_ECDSA_WITH_SHA3_512 467 +#define OID_RSASSA_PKCS1V15_WITH_SHA3_224 468 +#define OID_RSASSA_PKCS1V15_WITH_SHA3_256 469 +#define OID_RSASSA_PKCS1V15_WITH_SHA3_384 470 +#define OID_RSASSA_PKCS1V15_WITH_SHA3_512 471 +#define OID_NS_REVOCATION_URL 477 +#define OID_NS_CA_REVOCATION_URL 478 +#define OID_NS_CA_POLICY_URL 479 +#define OID_NS_COMMENT 480 +#define OID_EMPLOYEE_NUMBER 483 +#define OID_PKI_MESSAGE_TYPE 489 +#define OID_PKI_STATUS 490 +#define OID_PKI_FAIL_INFO 491 +#define OID_PKI_SENDER_NONCE 492 +#define OID_PKI_RECIPIENT_NONCE 493 +#define OID_PKI_TRANS_ID 494 +#define OID_TPM_MANUFACTURER 500 +#define OID_TPM_MODEL 501 +#define OID_TPM_VERSION 502 +#define OID_TPM_ID_LABEL 503 -#define OID_MAX 497 +#define OID_MAX 504 #endif /* OID_H_ */ diff --git a/src/libstrongswan/asn1/oid.pl b/src/libstrongswan/asn1/oid.pl index c45077a3f..f77e14b04 100644 --- a/src/libstrongswan/asn1/oid.pl +++ b/src/libstrongswan/asn1/oid.pl @@ -2,7 +2,7 @@ # Generates oid.h and oid.c out of oid.txt # # Copyright (C) 2003-2008 Andreas Steffen -# Hochschule fuer Technik Rapperswil +# HSR Hochschule fuer Technik Rapperswil # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt index 369f6f899..723cb36fc 100644 --- a/src/libstrongswan/asn1/oid.txt +++ b/src/libstrongswan/asn1/oid.txt @@ -150,6 +150,13 @@ 0x02 "digestAlgorithm" 0x02 "md2" OID_MD2 0x05 "md5" OID_MD5 + 0x07 "hmacWithSHA1" OID_HMAC_SHA1 + 0x08 "hmacWithSHA224" OID_HMAC_SHA224 + 0x09 "hmacWithSHA256" OID_HMAC_SHA256 + 0x0A "hmacWithSHA384" OID_HMAC_SHA384 + 0x0B "hmacWithSHA512" OID_HMAC_SHA512 + 0x0C "hmacWithSHA512-224" OID_HMAC_SHA512_224 + 0x0D "hmacWithSHA512-256" OID_HMAC_SHA512_256 0x03 "encryptionAlgorithm" 0x07 "3des-ede-cbc" OID_3DES_EDE_CBC 0xCE "" diff --git a/src/libstrongswan/bio/bio_reader.c b/src/libstrongswan/bio/bio_reader.c index 6e35999ce..82e405002 100644 --- a/src/libstrongswan/bio/bio_reader.c +++ b/src/libstrongswan/bio/bio_reader.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/bio/bio_reader.h b/src/libstrongswan/bio/bio_reader.h index 358993c4f..fbca8bdf5 100644 --- a/src/libstrongswan/bio/bio_reader.h +++ b/src/libstrongswan/bio/bio_reader.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/bio/bio_writer.c b/src/libstrongswan/bio/bio_writer.c index a21b376cf..348702071 100644 --- a/src/libstrongswan/bio/bio_writer.c +++ b/src/libstrongswan/bio/bio_writer.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/bio/bio_writer.h b/src/libstrongswan/bio/bio_writer.h index b6e3db730..88f365e9f 100644 --- a/src/libstrongswan/bio/bio_writer.h +++ b/src/libstrongswan/bio/bio_writer.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/collections/array.c b/src/libstrongswan/collections/array.c index c3dd6e0e9..fea28cedb 100644 --- a/src/libstrongswan/collections/array.c +++ b/src/libstrongswan/collections/array.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/libstrongswan/collections/array.h b/src/libstrongswan/collections/array.h index d8a16b5df..792dc7677 100644 --- a/src/libstrongswan/collections/array.h +++ b/src/libstrongswan/collections/array.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/libstrongswan/collections/blocking_queue.c b/src/libstrongswan/collections/blocking_queue.c index da3356970..40f65a930 100644 --- a/src/libstrongswan/collections/blocking_queue.c +++ b/src/libstrongswan/collections/blocking_queue.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/collections/blocking_queue.h b/src/libstrongswan/collections/blocking_queue.h index 9b014f719..d902c3245 100644 --- a/src/libstrongswan/collections/blocking_queue.h +++ b/src/libstrongswan/collections/blocking_queue.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/collections/dictionary.h b/src/libstrongswan/collections/dictionary.h index 679e41d2d..74f218e79 100644 --- a/src/libstrongswan/collections/dictionary.h +++ b/src/libstrongswan/collections/dictionary.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/collections/enumerator.c b/src/libstrongswan/collections/enumerator.c index 52c9e1cd5..21aa9f66b 100644 --- a/src/libstrongswan/collections/enumerator.c +++ b/src/libstrongswan/collections/enumerator.c @@ -291,7 +291,7 @@ typedef struct { char *string; /** current position */ char *pos; - /** separater chars */ + /** separator chars */ const char *sep; /** trim chars */ const char *trim; diff --git a/src/libstrongswan/collections/hashtable.c b/src/libstrongswan/collections/hashtable.c index b0eda9e6a..64f154c4e 100644 --- a/src/libstrongswan/collections/hashtable.c +++ b/src/libstrongswan/collections/hashtable.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/collections/hashtable.h b/src/libstrongswan/collections/hashtable.h index f60564a42..1bc674c6c 100644 --- a/src/libstrongswan/collections/hashtable.h +++ b/src/libstrongswan/collections/hashtable.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/collections/linked_list.c b/src/libstrongswan/collections/linked_list.c index f877be5a6..5ad7360d6 100644 --- a/src/libstrongswan/collections/linked_list.c +++ b/src/libstrongswan/collections/linked_list.c @@ -2,7 +2,7 @@ * Copyright (C) 2007-2015 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/collections/linked_list.h b/src/libstrongswan/collections/linked_list.h index c99cb836b..a9cb7f0d4 100644 --- a/src/libstrongswan/collections/linked_list.h +++ b/src/libstrongswan/collections/linked_list.h @@ -2,7 +2,7 @@ * Copyright (C) 2007-2017 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h index 2eb448546..b473223e4 100644 --- a/src/libstrongswan/credentials/auth_cfg.h +++ b/src/libstrongswan/credentials/auth_cfg.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2015 Tobias Brunner * Copyright (C) 2007-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/certificate.h b/src/libstrongswan/credentials/certificates/certificate.h index 6dc5c7694..bed55f8b8 100644 --- a/src/libstrongswan/credentials/certificates/certificate.h +++ b/src/libstrongswan/credentials/certificates/certificate.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/crl.c b/src/libstrongswan/credentials/certificates/crl.c index 09fd0bfc8..ba3bda561 100644 --- a/src/libstrongswan/credentials/certificates/crl.c +++ b/src/libstrongswan/credentials/certificates/crl.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/crl.h b/src/libstrongswan/credentials/certificates/crl.h index 8a48bd7ff..224585fb2 100644 --- a/src/libstrongswan/credentials/certificates/crl.h +++ b/src/libstrongswan/credentials/certificates/crl.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/ocsp_request.h b/src/libstrongswan/credentials/certificates/ocsp_request.h index 730d95d70..508a65f3e 100644 --- a/src/libstrongswan/credentials/certificates/ocsp_request.h +++ b/src/libstrongswan/credentials/certificates/ocsp_request.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/ocsp_response.c b/src/libstrongswan/credentials/certificates/ocsp_response.c index c4a39e28d..bf4f11334 100644 --- a/src/libstrongswan/credentials/certificates/ocsp_response.c +++ b/src/libstrongswan/credentials/certificates/ocsp_response.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/ocsp_response.h b/src/libstrongswan/credentials/certificates/ocsp_response.h index c6a4c1277..9e699aef6 100644 --- a/src/libstrongswan/credentials/certificates/ocsp_response.h +++ b/src/libstrongswan/credentials/certificates/ocsp_response.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/pgp_certificate.h b/src/libstrongswan/credentials/certificates/pgp_certificate.h index 94a31e14d..c49a39d66 100644 --- a/src/libstrongswan/credentials/certificates/pgp_certificate.h +++ b/src/libstrongswan/credentials/certificates/pgp_certificate.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h index 2c640e2da..46feca619 100644 --- a/src/libstrongswan/credentials/certificates/x509.h +++ b/src/libstrongswan/credentials/certificates/x509.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -62,6 +62,9 @@ enum x509_flag_t { X509_IKE_INTERMEDIATE = (1<<8), /** cert has Microsoft Smartcard Logon usage */ X509_MS_SMARTCARD_LOGON = (1<<9), + /** cert either lacks keyUsage bits, or includes either digitalSignature + * or nonRepudiation as per RFC 4945, section 5.1.3.2. */ + X509_IKE_COMPLIANT = (1<<10), }; extern enum_name_t *x509_flag_names; diff --git a/src/libstrongswan/credentials/containers/container.h b/src/libstrongswan/credentials/containers/container.h index ee329881d..627cda374 100644 --- a/src/libstrongswan/credentials/containers/container.h +++ b/src/libstrongswan/credentials/containers/container.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG diff --git a/src/libstrongswan/credentials/containers/pkcs12.c b/src/libstrongswan/credentials/containers/pkcs12.c index 8cc6a6c63..323198a19 100644 --- a/src/libstrongswan/credentials/containers/pkcs12.c +++ b/src/libstrongswan/credentials/containers/pkcs12.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/containers/pkcs12.h b/src/libstrongswan/credentials/containers/pkcs12.h index fc4fb39ce..e75dc2e9f 100644 --- a/src/libstrongswan/credentials/containers/pkcs12.h +++ b/src/libstrongswan/credentials/containers/pkcs12.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/cred_encoding.c b/src/libstrongswan/credentials/cred_encoding.c index d6523821e..ce59a6a2d 100644 --- a/src/libstrongswan/credentials/cred_encoding.c +++ b/src/libstrongswan/credentials/cred_encoding.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/cred_encoding.h b/src/libstrongswan/credentials/cred_encoding.h index 1129357ba..08dd97c7a 100644 --- a/src/libstrongswan/credentials/cred_encoding.h +++ b/src/libstrongswan/credentials/cred_encoding.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c index 07e6ea343..fd3ecb8fa 100644 --- a/src/libstrongswan/credentials/credential_factory.c +++ b/src/libstrongswan/credentials/credential_factory.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/credential_factory.h b/src/libstrongswan/credentials/credential_factory.h index 55b669529..a03dd1abc 100644 --- a/src/libstrongswan/credentials/credential_factory.h +++ b/src/libstrongswan/credentials/credential_factory.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c index 21b23f543..15f3f7b1b 100644 --- a/src/libstrongswan/credentials/credential_manager.c +++ b/src/libstrongswan/credentials/credential_manager.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/credential_manager.h b/src/libstrongswan/credentials/credential_manager.h index d99f29b85..a9947dcbc 100644 --- a/src/libstrongswan/credentials/credential_manager.h +++ b/src/libstrongswan/credentials/credential_manager.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2007-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/credential_set.h b/src/libstrongswan/credentials/credential_set.h index 8673c484f..d0b2c574d 100644 --- a/src/libstrongswan/credentials/credential_set.h +++ b/src/libstrongswan/credentials/credential_set.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/keys/private_key.c b/src/libstrongswan/credentials/keys/private_key.c index 8292af495..0b83eba89 100644 --- a/src/libstrongswan/credentials/keys/private_key.c +++ b/src/libstrongswan/credentials/keys/private_key.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/keys/shared_key.c b/src/libstrongswan/credentials/keys/shared_key.c index 1c2d31167..2294eaff7 100644 --- a/src/libstrongswan/credentials/keys/shared_key.c +++ b/src/libstrongswan/credentials/keys/shared_key.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/keys/shared_key.h b/src/libstrongswan/credentials/keys/shared_key.h index 900c6613e..d97139de2 100644 --- a/src/libstrongswan/credentials/keys/shared_key.h +++ b/src/libstrongswan/credentials/keys/shared_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c index 1cd4b9d03..4b59fa23f 100644 --- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c +++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Martin Willi * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.h b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.h index 3a4b197ac..1489289d4 100644 --- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.h +++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/sets/cert_cache.h b/src/libstrongswan/credentials/sets/cert_cache.h index 2235bc30d..3d764c9f5 100644 --- a/src/libstrongswan/credentials/sets/cert_cache.h +++ b/src/libstrongswan/credentials/sets/cert_cache.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/sets/mem_cred.c b/src/libstrongswan/credentials/sets/mem_cred.c index 4d594e439..b0f77be98 100644 --- a/src/libstrongswan/credentials/sets/mem_cred.c +++ b/src/libstrongswan/credentials/sets/mem_cred.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2016 Tobias Brunner - * HSR Hochschule fuer Technik Rapperwsil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c b/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c index 12d3f8156..e12d04534 100644 --- a/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c +++ b/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/credentials/sets/ocsp_response_wrapper.h b/src/libstrongswan/credentials/sets/ocsp_response_wrapper.h index dc4b451df..97f4efdc8 100644 --- a/src/libstrongswan/credentials/sets/ocsp_response_wrapper.h +++ b/src/libstrongswan/credentials/sets/ocsp_response_wrapper.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/aead.c b/src/libstrongswan/crypto/aead.c index d50bd4d22..f3c5abed6 100644 --- a/src/libstrongswan/crypto/aead.c +++ b/src/libstrongswan/crypto/aead.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/crypto/aead.h b/src/libstrongswan/crypto/aead.h index 9d1b8df55..cb21d3ca7 100644 --- a/src/libstrongswan/crypto/aead.h +++ b/src/libstrongswan/crypto/aead.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/crypto/crypters/crypter.c b/src/libstrongswan/crypto/crypters/crypter.c index 3e33765b1..9bde663d1 100644 --- a/src/libstrongswan/crypto/crypters/crypter.c +++ b/src/libstrongswan/crypto/crypters/crypter.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h index 19ba55d83..5ffcac253 100644 --- a/src/libstrongswan/crypto/crypters/crypter.h +++ b/src/libstrongswan/crypto/crypters/crypter.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c index e86e7ae76..f0f64ce42 100644 --- a/src/libstrongswan/crypto/crypto_tester.c +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2010 revosec AG * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libstrongswan/crypto/crypto_tester.h b/src/libstrongswan/crypto/crypto_tester.h index 1b02cb469..430929595 100644 --- a/src/libstrongswan/crypto/crypto_tester.h +++ b/src/libstrongswan/crypto/crypto_tester.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index 820b8d1d8..efcfdbc74 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -2,7 +2,7 @@ * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -66,11 +66,9 @@ static struct { diffie_hellman_params_t public; /* The group identifier as specified in IKEv2 */ diffie_hellman_group_t group; - /* Optimal length of the exponent (in bytes), as specified in RFC 3526. */ - size_t opt_exp; } dh_params[] = { { - .group = MODP_768_BIT, .opt_exp = 32, .public = { + .group = MODP_768_BIT, .public = { .exp_len = 32, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -82,7 +80,7 @@ static struct { 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_1024_BIT, .opt_exp = 32, .public = { + .group = MODP_1024_BIT, .public = { .exp_len = 32, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -96,7 +94,7 @@ static struct { 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_1536_BIT, .opt_exp = 32, .public = { + .group = MODP_1536_BIT, .public = { .exp_len = 32, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -114,7 +112,7 @@ static struct { 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_2048_BIT, .opt_exp = 48, .public = { + .group = MODP_2048_BIT, .public = { .exp_len = 48, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -136,7 +134,7 @@ static struct { 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_3072_BIT, .opt_exp = 48, .public = { + .group = MODP_3072_BIT, .public = { .exp_len = 48, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -166,7 +164,7 @@ static struct { 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_4096_BIT, .opt_exp = 64, .public = { + .group = MODP_4096_BIT, .public = { .exp_len = 64, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -204,7 +202,7 @@ static struct { 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_6144_BIT, .opt_exp = 64, .public = { + .group = MODP_6144_BIT, .public = { .exp_len = 64, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -258,7 +256,7 @@ static struct { 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_8192_BIT, .opt_exp = 64, .public = { + .group = MODP_8192_BIT, .public = { .exp_len = 64, .generator = chunk_from_chars(0x02), .prime = chunk_from_chars( @@ -328,7 +326,7 @@ static struct { 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF), }, },{ - .group = MODP_1024_160, .opt_exp = 20, .public = { + .group = MODP_1024_160, .public = { .exp_len = 20, .subgroup = chunk_from_chars( 0xF5,0x18,0xAA,0x87,0x81,0xA8,0xDF,0x27,0x8A,0xBA,0x4E,0x7D,0x64,0xB7,0xCB,0x9D, @@ -353,7 +351,7 @@ static struct { 0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71), }, }, { - .group = MODP_2048_224, .opt_exp = 28, .public = { + .group = MODP_2048_224, .public = { .exp_len = 28, .subgroup = chunk_from_chars( 0x80,0x1C,0x0D,0x34,0xC5,0x8D,0x93,0xFE,0x99,0x71,0x77,0x10,0x1F,0x80,0x53,0x5A, @@ -394,7 +392,7 @@ static struct { 0xCF,0x9D,0xE5,0x38,0x4E,0x71,0xB8,0x1C,0x0A,0xC4,0xDF,0xFE,0x0C,0x10,0xE6,0x4F) }, },{ - .group = MODP_2048_256, .opt_exp = 32, .public = { + .group = MODP_2048_256, .public = { .exp_len = 32, .subgroup = chunk_from_chars( 0x8C,0xF8,0x36,0x42,0xA7,0x09,0xA0,0x97,0xB4,0x47,0x99,0x76,0x40,0x12,0x9D,0xA2, @@ -444,11 +442,19 @@ void diffie_hellman_init() { int i; + /* the default exponent size set above is based on the optimal length + * according to RFC 3526 */ if (lib->settings->get_bool(lib->settings, "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns)) { for (i = 0; i < countof(dh_params); i++) { + /* according to RFC 5114 the size of the exponent for these DH + * groups should equal the size of their prime order subgroup */ + if (dh_params[i].public.subgroup.len) + { + continue; + } dh_params[i].public.exp_len = dh_params[i].public.prime.len; } } @@ -465,19 +471,6 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group) { if (dh_params[i].group == group) { - if (!dh_params[i].public.exp_len) - { - if (!dh_params[i].public.subgroup.len && - lib->settings->get_bool(lib->settings, - "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns)) - { - dh_params[i].public.exp_len = dh_params[i].public.prime.len; - } - else - { - dh_params[i].public.exp_len = dh_params[i].opt_exp; - } - } return &dh_params[i].public; } } diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h index 1a8110abb..ce01bb346 100644 --- a/src/libstrongswan/crypto/diffie_hellman.h +++ b/src/libstrongswan/crypto/diffie_hellman.h @@ -2,7 +2,7 @@ * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/hashers/hash_algorithm_set.c b/src/libstrongswan/crypto/hashers/hash_algorithm_set.c index 4087fe1d9..800bd0df7 100644 --- a/src/libstrongswan/crypto/hashers/hash_algorithm_set.c +++ b/src/libstrongswan/crypto/hashers/hash_algorithm_set.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/hashers/hash_algorithm_set.h b/src/libstrongswan/crypto/hashers/hash_algorithm_set.h index 00e90cc2e..e02ba8c4e 100644 --- a/src/libstrongswan/crypto/hashers/hash_algorithm_set.h +++ b/src/libstrongswan/crypto/hashers/hash_algorithm_set.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen.c b/src/libstrongswan/crypto/iv/iv_gen.c index c70627723..c6efe08d0 100644 --- a/src/libstrongswan/crypto/iv/iv_gen.c +++ b/src/libstrongswan/crypto/iv/iv_gen.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2015 Martin Willi * Copyright (C) 2015 revosec AG diff --git a/src/libstrongswan/crypto/iv/iv_gen.h b/src/libstrongswan/crypto/iv/iv_gen.h index 292fc329f..0808e24d5 100644 --- a/src/libstrongswan/crypto/iv/iv_gen.h +++ b/src/libstrongswan/crypto/iv/iv_gen.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen_null.c b/src/libstrongswan/crypto/iv/iv_gen_null.c index 3b8f93986..cb4a397f9 100644 --- a/src/libstrongswan/crypto/iv/iv_gen_null.c +++ b/src/libstrongswan/crypto/iv/iv_gen_null.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen_null.h b/src/libstrongswan/crypto/iv/iv_gen_null.h index b63f0c3e9..960327c14 100644 --- a/src/libstrongswan/crypto/iv/iv_gen_null.h +++ b/src/libstrongswan/crypto/iv/iv_gen_null.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen_rand.c b/src/libstrongswan/crypto/iv/iv_gen_rand.c index 1474b3a12..66dcff767 100644 --- a/src/libstrongswan/crypto/iv/iv_gen_rand.c +++ b/src/libstrongswan/crypto/iv/iv_gen_rand.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen_rand.h b/src/libstrongswan/crypto/iv/iv_gen_rand.h index 62d76ed21..edd449c1c 100644 --- a/src/libstrongswan/crypto/iv/iv_gen_rand.h +++ b/src/libstrongswan/crypto/iv/iv_gen_rand.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen_seq.c b/src/libstrongswan/crypto/iv/iv_gen_seq.c index 56620291c..42644e516 100644 --- a/src/libstrongswan/crypto/iv/iv_gen_seq.c +++ b/src/libstrongswan/crypto/iv/iv_gen_seq.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/iv/iv_gen_seq.h b/src/libstrongswan/crypto/iv/iv_gen_seq.h index 43ff4f65e..daf7ec203 100644 --- a/src/libstrongswan/crypto/iv/iv_gen_seq.h +++ b/src/libstrongswan/crypto/iv/iv_gen_seq.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/mac.h b/src/libstrongswan/crypto/mac.h index f23c6750f..50dc4c73a 100644 --- a/src/libstrongswan/crypto/mac.h +++ b/src/libstrongswan/crypto/mac.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/nonce_gen.h b/src/libstrongswan/crypto/nonce_gen.h index 98d159e12..4bdcb9403 100644 --- a/src/libstrongswan/crypto/nonce_gen.h +++ b/src/libstrongswan/crypto/nonce_gen.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/pkcs5.c b/src/libstrongswan/crypto/pkcs5.c index 8a1452425..e7677a9c1 100644 --- a/src/libstrongswan/crypto/pkcs5.c +++ b/src/libstrongswan/crypto/pkcs5.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -422,7 +422,9 @@ static bool parse_pbes1_params(private_pkcs5_t *this, chunk_t blob, int level0) /** * ASN.1 definition of a PBKDF2-params structure * The salt is actually a CHOICE and could be an AlgorithmIdentifier from - * PBKDF2-SaltSources (but as per RFC 2898 that's for future versions). + * PBKDF2-SaltSources (but as per RFC 8018 that's for future versions). + * The PRF algorithm is actually defined as DEFAULT and not OPTIONAL, but the + * parser can't handle ASN1_DEF with SEQUENCEs. */ static const asn1Object_t pbkdf2ParamsObjects[] = { { 0, "PBKDF2-params", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ @@ -430,7 +432,8 @@ static const asn1Object_t pbkdf2ParamsObjects[] = { { 1, "iterationCount",ASN1_INTEGER, ASN1_BODY }, /* 2 */ { 1, "keyLength", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 3 */ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */ - { 1, "prf", ASN1_EOC, ASN1_DEF|ASN1_RAW }, /* 5 */ + { 1, "prf", ASN1_SEQUENCE, ASN1_OPT|ASN1_RAW }, /* 5 */ + { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */ { 0, "exit", ASN1_EOC, ASN1_EXIT } }; #define PBKDF2_SALT 1 @@ -446,13 +449,15 @@ static bool parse_pbkdf2_params(private_pkcs5_t *this, chunk_t blob, int level0) asn1_parser_t *parser; chunk_t object; int objectID; - bool success; + bool success = FALSE; parser = asn1_parser_create(pbkdf2ParamsObjects, blob); parser->set_top_level(parser, level0); /* keylen is optional */ this->keylen = 0; + /* defaults to id-hmacWithSHA1 */ + this->data.pbes2.prf_alg = PRF_HMAC_SHA1; while (parser->iterate(parser, &objectID, &object)) { @@ -474,13 +479,22 @@ static bool parse_pbkdf2_params(private_pkcs5_t *this, chunk_t blob, int level0) break; } case PBKDF2_PRF: - { /* defaults to id-hmacWithSHA1, no other is currently defined */ - this->data.pbes2.prf_alg = PRF_HMAC_SHA1; + { + int oid; + + oid = asn1_parse_algorithmIdentifier(object, + parser->get_level(parser) + 1, NULL); + this->data.pbes2.prf_alg = pseudo_random_function_from_oid(oid); + if (this->data.pbes2.prf_alg == PRF_UNDEFINED) + { /* unsupported PRF algorithm */ + goto end; + } break; } } } success = parser->success(parser); +end: parser->destroy(parser); return success; } diff --git a/src/libstrongswan/crypto/pkcs5.h b/src/libstrongswan/crypto/pkcs5.h index b16d3736e..fd781fb00 100644 --- a/src/libstrongswan/crypto/pkcs5.h +++ b/src/libstrongswan/crypto/pkcs5.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/prf_plus.c b/src/libstrongswan/crypto/prf_plus.c index a26010aae..7d2b5217c 100644 --- a/src/libstrongswan/crypto/prf_plus.c +++ b/src/libstrongswan/crypto/prf_plus.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/prf_plus.h b/src/libstrongswan/crypto/prf_plus.h index 2c4b8852d..41fdfbb86 100644 --- a/src/libstrongswan/crypto/prf_plus.h +++ b/src/libstrongswan/crypto/prf_plus.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/prfs/mac_prf.c b/src/libstrongswan/crypto/prfs/mac_prf.c index 3f8eb7e5c..8db21df36 100644 --- a/src/libstrongswan/crypto/prfs/mac_prf.c +++ b/src/libstrongswan/crypto/prfs/mac_prf.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/prfs/mac_prf.h b/src/libstrongswan/crypto/prfs/mac_prf.h index 4ff925b04..0c1dda6f5 100644 --- a/src/libstrongswan/crypto/prfs/mac_prf.h +++ b/src/libstrongswan/crypto/prfs/mac_prf.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/prfs/prf.c b/src/libstrongswan/crypto/prfs/prf.c index 12e13ef57..eee09535d 100644 --- a/src/libstrongswan/crypto/prfs/prf.c +++ b/src/libstrongswan/crypto/prfs/prf.c @@ -1,7 +1,8 @@ /* + * Copyright (C) 2018 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -16,6 +17,8 @@ #include "prf.h" +#include + ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_CAMELLIA128_XCBC, "PRF_UNDEFINED", "PRF_FIPS_SHA1_160", @@ -33,3 +36,25 @@ ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_AES128_CMAC, PRF_CAMEL "PRF_AES128_CMAC"); ENUM_END(pseudo_random_function_names, PRF_AES128_CMAC); +/* + * Described in header. + */ +pseudo_random_function_t pseudo_random_function_from_oid(int oid) +{ + switch (oid) + { + case OID_HMAC_SHA1: + return PRF_HMAC_SHA1; + case OID_HMAC_SHA256: + return PRF_HMAC_SHA2_256; + case OID_HMAC_SHA384: + return PRF_HMAC_SHA2_384; + case OID_HMAC_SHA512: + return PRF_HMAC_SHA2_512; + case OID_HMAC_SHA224: + case OID_HMAC_SHA512_224: + case OID_HMAC_SHA512_256: + default: + return PRF_UNDEFINED; + } +} diff --git a/src/libstrongswan/crypto/prfs/prf.h b/src/libstrongswan/crypto/prfs/prf.h index fe9ffc2dd..a91de1ddc 100644 --- a/src/libstrongswan/crypto/prfs/prf.h +++ b/src/libstrongswan/crypto/prfs/prf.h @@ -1,7 +1,8 @@ /* + * Copyright (C) 2018 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -125,4 +126,12 @@ struct prf_t { void (*destroy)(prf_t *this); }; +/** + * Conversion of ASN.1 OID to PRF algorithm. + * + * @param oid ASN.1 OID + * @return encryption algorithm, PRF_UNDEFINED if OID unsupported + */ +pseudo_random_function_t pseudo_random_function_from_oid(int oid); + #endif /** PRF_H_ @}*/ diff --git a/src/libstrongswan/crypto/proposal/proposal.c b/src/libstrongswan/crypto/proposal/proposal.c index bb0a02b59..d671879c0 100644 --- a/src/libstrongswan/crypto/proposal/proposal.c +++ b/src/libstrongswan/crypto/proposal/proposal.c @@ -57,6 +57,11 @@ struct private_proposal_t { */ array_t *transforms; + /** + * Types of transforms contained, as transform_type_t + */ + array_t *types; + /** * senders SPI */ @@ -68,6 +73,101 @@ struct private_proposal_t { u_int number; }; +/** + * This is a hack to not change the previous order when printing proposals + */ +static transform_type_t type_for_sort(const void *type) +{ + const transform_type_t *t = type; + + switch (*t) + { + case PSEUDO_RANDOM_FUNCTION: + return INTEGRITY_ALGORITHM; + case INTEGRITY_ALGORITHM: + return PSEUDO_RANDOM_FUNCTION; + default: + return *t; + } +} + +/** + * Sort transform types + */ +static int type_sort(const void *a, const void *b, void *user) +{ + transform_type_t ta = type_for_sort(a), tb = type_for_sort(b); + return ta - tb; +} + +/** + * Find a transform type + */ +static int type_find(const void *a, const void *b) +{ + return type_sort(a, b, NULL); +} + +/** + * Check if the given transform type is already in the set + */ +static bool contains_type(array_t *types, transform_type_t type) +{ + return array_bsearch(types, &type, type_find, NULL) != -1; +} + +/** + * Add the given transform type to the set + */ +static void add_type(array_t *types, transform_type_t type) +{ + if (!contains_type(types, type)) + { + array_insert(types, ARRAY_TAIL, &type); + array_sort(types, type_sort, NULL); + } +} + +/** + * Merge two sets of transform types into a new array + */ +static array_t *merge_types(private_proposal_t *this, private_proposal_t *other) +{ + array_t *types; + transform_type_t type; + int i, count; + + count = max(array_count(this->types), array_count(other->types)); + types = array_create(sizeof(transform_type_t), count); + + for (i = 0; i < count; i++) + { + if (array_get(this->types, i, &type)) + { + add_type(types, type); + } + if (array_get(other->types, i, &type)) + { + add_type(types, type); + } + } + return types; +} + +/** + * Remove the given transform type from the set + */ +static void remove_type(private_proposal_t *this, transform_type_t type) +{ + int i; + + i = array_bsearch(this->types, &type, type_find, NULL); + if (i >= 0) + { + array_remove(this->types, i, NULL); + } +} + /** * Struct used to store different kinds of algorithms. */ @@ -91,6 +191,7 @@ METHOD(proposal_t, add_algorithm, void, }; array_insert(this->transforms, ARRAY_TAIL, &entry); + add_type(this->types, type); } CALLBACK(alg_filter, bool, @@ -206,17 +307,31 @@ METHOD(proposal_t, strip_dh, void, { enumerator_t *enumerator; entry_t *entry; + bool found = FALSE; enumerator = array_create_enumerator(this->transforms); while (enumerator->enumerate(enumerator, &entry)) { - if (entry->type == DIFFIE_HELLMAN_GROUP && - entry->alg != keep) + if (entry->type == DIFFIE_HELLMAN_GROUP) { - array_remove_at(this->transforms, enumerator); + if (entry->alg != keep) + { + array_remove_at(this->transforms, enumerator); + } + else + { + found = TRUE; + } } } enumerator->destroy(enumerator); + array_compress(this->transforms); + + if (keep == MODP_NONE || !found) + { + remove_type(this, DIFFIE_HELLMAN_GROUP); + array_compress(this->types); + } } /** @@ -310,6 +425,9 @@ METHOD(proposal_t, select_proposal, proposal_t*, bool private) { proposal_t *selected; + transform_type_t type; + array_t *types; + int i; DBG2(DBG_CFG, "selecting proposal:"); @@ -328,18 +446,20 @@ METHOD(proposal_t, select_proposal, proposal_t*, { selected = proposal_create(this->protocol, this->number); selected->set_spi(selected, this->spi); - } - if (!select_algo(this, other, selected, ENCRYPTION_ALGORITHM, private) || - !select_algo(this, other, selected, PSEUDO_RANDOM_FUNCTION, private) || - !select_algo(this, other, selected, INTEGRITY_ALGORITHM, private) || - !select_algo(this, other, selected, DIFFIE_HELLMAN_GROUP, private) || - !select_algo(this, other, selected, EXTENDED_SEQUENCE_NUMBERS, private)) + types = merge_types(this, (private_proposal_t*)other); + for (i = 0; i < array_count(types); i++) { - selected->destroy(selected); - return NULL; + array_get(types, i, &type); + if (!select_algo(this, other, selected, type, private)) + { + selected->destroy(selected); + array_destroy(types); + return NULL; + } } + array_destroy(types); DBG2(DBG_CFG, " proposal matches"); return selected; @@ -409,16 +529,27 @@ METHOD(proposal_t, get_number, u_int, METHOD(proposal_t, equals, bool, private_proposal_t *this, proposal_t *other) { + transform_type_t type; + array_t *types; + int i; + if (&this->public == other) { return TRUE; } - return ( - algo_list_equals(this, other, ENCRYPTION_ALGORITHM) && - algo_list_equals(this, other, INTEGRITY_ALGORITHM) && - algo_list_equals(this, other, PSEUDO_RANDOM_FUNCTION) && - algo_list_equals(this, other, DIFFIE_HELLMAN_GROUP) && - algo_list_equals(this, other, EXTENDED_SEQUENCE_NUMBERS)); + + types = merge_types(this, (private_proposal_t*)other); + for (i = 0; i < array_count(types); i++) + { + array_get(types, i, &type); + if (!algo_list_equals(this, other, type)) + { + array_destroy(types); + return FALSE; + } + } + array_destroy(types); + return TRUE; } METHOD(proposal_t, clone_, proposal_t*, @@ -427,6 +558,7 @@ METHOD(proposal_t, clone_, proposal_t*, private_proposal_t *clone; enumerator_t *enumerator; entry_t *entry; + transform_type_t *type; clone = (private_proposal_t*)proposal_create(this->protocol, 0); @@ -436,6 +568,12 @@ METHOD(proposal_t, clone_, proposal_t*, array_insert(clone->transforms, ARRAY_TAIL, entry); } enumerator->destroy(enumerator); + enumerator = array_create_enumerator(this->types); + while (enumerator->enumerate(enumerator, &type)) + { + array_insert(clone->types, ARRAY_TAIL, type); + } + enumerator->destroy(enumerator); clone->spi = this->spi; clone->number = this->number; @@ -479,6 +617,7 @@ static void remove_transform(private_proposal_t *this, transform_type_t type) } } e->destroy(e); + remove_type(this, type); } /** @@ -571,6 +710,14 @@ static bool check_proposal(private_proposal_t *this) * we MUST NOT propose any integrity algorithms */ remove_transform(this, INTEGRITY_ALGORITHM); } + else if (this->protocol == PROTO_IKE && + !get_algorithm(this, INTEGRITY_ALGORITHM, NULL, NULL)) + { + DBG1(DBG_CFG, "an integrity algorithm is mandatory in %N proposals " + "with classic (non-AEAD) encryption algorithms", + protocol_id_names, this->protocol); + return FALSE; + } } else { /* AES-GMAC is parsed as encryption algorithm, so we map that to the @@ -605,6 +752,7 @@ static bool check_proposal(private_proposal_t *this) } } e->destroy(e); + remove_type(this, ENCRYPTION_ALGORITHM); if (!get_algorithm(this, INTEGRITY_ALGORITHM, NULL, NULL)) { @@ -623,6 +771,7 @@ static bool check_proposal(private_proposal_t *this) } array_compress(this->transforms); + array_compress(this->types); return TRUE; } @@ -646,30 +795,44 @@ static bool add_string_algo(private_proposal_t *this, const char *alg) } /** - * print all algorithms of a kind to buffer + * Print all algorithms of the given type */ static int print_alg(private_proposal_t *this, printf_hook_data_t *data, - u_int kind, void *names, bool *first) + transform_type_t type, bool *first) { enumerator_t *enumerator; size_t written = 0; - uint16_t alg, size; + entry_t *entry; + enum_name_t *names; + + names = transform_get_enum_names(type); - enumerator = create_enumerator(this, kind); - while (enumerator->enumerate(enumerator, &alg, &size)) + enumerator = array_create_enumerator(this->transforms); + while (enumerator->enumerate(enumerator, &entry)) { + char *prefix = "/"; + + if (type != entry->type) + { + continue; + } if (*first) { - written += print_in_hook(data, "%N", names, alg); + prefix = ""; *first = FALSE; } + if (names) + { + written += print_in_hook(data, "%s%N", prefix, names, entry->alg); + } else { - written += print_in_hook(data, "/%N", names, alg); + written += print_in_hook(data, "%sUNKNOWN_%u_%u", prefix, + entry->type, entry->alg); } - if (size) + if (entry->key_size) { - written += print_in_hook(data, "_%u", size); + written += print_in_hook(data, "_%u", entry->key_size); } } enumerator->destroy(enumerator); @@ -685,6 +848,7 @@ int proposal_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec, private_proposal_t *this = *((private_proposal_t**)(args[0])); linked_list_t *list = *((linked_list_t**)(args[0])); enumerator_t *enumerator; + transform_type_t *type; size_t written = 0; bool first = TRUE; @@ -713,16 +877,12 @@ int proposal_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec, } written = print_in_hook(data, "%N:", protocol_id_names, this->protocol); - written += print_alg(this, data, ENCRYPTION_ALGORITHM, - encryption_algorithm_names, &first); - written += print_alg(this, data, INTEGRITY_ALGORITHM, - integrity_algorithm_names, &first); - written += print_alg(this, data, PSEUDO_RANDOM_FUNCTION, - pseudo_random_function_names, &first); - written += print_alg(this, data, DIFFIE_HELLMAN_GROUP, - diffie_hellman_group_names, &first); - written += print_alg(this, data, EXTENDED_SEQUENCE_NUMBERS, - extended_sequence_numbers_names, &first); + enumerator = array_create_enumerator(this->types); + while (enumerator->enumerate(enumerator, &type)) + { + written += print_alg(this, data, *type, &first); + } + enumerator->destroy(enumerator); return written; } @@ -730,6 +890,7 @@ METHOD(proposal_t, destroy, void, private_proposal_t *this) { array_destroy(this->transforms); + array_destroy(this->types); free(this); } @@ -760,6 +921,7 @@ proposal_t *proposal_create(protocol_id_t protocol, u_int number) .protocol = protocol, .number = number, .transforms = array_create(sizeof(entry_t), 0), + .types = array_create(sizeof(transform_type_t), 0), ); return &this->public; @@ -794,7 +956,7 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256); break; case ENCR_CHACHA20_POLY1305: - add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256); + add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 0); break; default: break; diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c index cd4e5763c..e83e18829 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.c +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.h b/src/libstrongswan/crypto/proposal/proposal_keywords.h index b062221e5..585377a6b 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.h +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c index 420a66d7c..cad94aa82 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c @@ -32,7 +32,7 @@ error "gperf generated tables don't work with this execution character set. Plea /* * Copyright (C) 2009-2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -59,12 +59,12 @@ struct proposal_token { uint16_t keysize; }; -#define TOTAL_KEYWORDS 143 +#define TOTAL_KEYWORDS 144 #define MIN_WORD_LENGTH 3 -#define MAX_WORD_LENGTH 17 +#define MAX_WORD_LENGTH 22 #define MIN_HASH_VALUE 7 -#define MAX_HASH_VALUE 259 -/* maximum key range = 253, duplicates = 0 */ +#define MAX_HASH_VALUE 250 +/* maximum key range = 244, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -78,34 +78,34 @@ hash (str, len) register const char *str; register unsigned int len; { - static const unsigned short asso_values[] = + static const unsigned char asso_values[] = { - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 73, 2, - 16, 40, 30, 26, 8, 15, 3, 1, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 106, 260, 2, 2, 16, - 46, 75, 1, 78, 2, 4, 260, 260, 1, 18, - 7, 2, 164, 5, 94, 116, 23, 41, 260, 260, - 1, 2, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260, 260, 260, 260, - 260, 260, 260, 260, 260, 260, 260 + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 73, 2, + 16, 47, 30, 26, 8, 6, 3, 1, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 98, 251, 2, 2, 16, + 46, 75, 1, 78, 6, 4, 251, 251, 1, 4, + 7, 2, 124, 1, 94, 116, 23, 64, 251, 251, + 1, 2, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251, 251, 251, 251, + 251, 251, 251, 251, 251, 251, 251 }; register int hval = len; @@ -154,15 +154,16 @@ static const struct proposal_token wordlist[] = {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, {"ntru128", DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0}, + {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0}, {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0}, {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0}, {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0}, - {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, {"ntru192", DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0}, {"ntru112", DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0}, + {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0}, {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256}, {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, @@ -175,11 +176,9 @@ static const struct proposal_token wordlist[] = {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0}, {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0}, - {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0}, {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, - {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, {"ntru256", DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0}, {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, @@ -201,24 +200,25 @@ static const struct proposal_token wordlist[] = {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192}, - {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0}, + {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128}, {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128}, - {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128}, {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128}, + {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0}, {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0}, {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256}, + {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256}, {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128}, {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256}, {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256}, + {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0}, {"modpnone", DIFFIE_HELLMAN_GROUP, MODP_NONE, 0}, {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192}, - {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0}, {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256}, {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, @@ -236,6 +236,7 @@ static const struct proposal_token wordlist[] = {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, + {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0}, {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, @@ -247,46 +248,46 @@ static const struct proposal_token wordlist[] = {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, - {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0}, - {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0}, + {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0}, {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256}, - {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, + {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192}, {"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0}, {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192}, {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"ecp384bp", DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0}, + {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0}, {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, - {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, - {"curve25519", DIFFIE_HELLMAN_GROUP, CURVE_25519, 0}, - {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128}, - {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"curve25519", DIFFIE_HELLMAN_GROUP, CURVE_25519, 0}, + {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128}, + {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, + {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0}, {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, - {"chacha20poly1305", ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 256}, + {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}, {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0}, {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256}, - {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, - {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}, - {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, - {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0}, + {"chacha20poly1305", ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 0}, + {"chacha20poly1305compat", ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 256}, {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, - {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, - {"ecp384bp", DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0}, - {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0}, + {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0}, - {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0}, + {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}, + {"newhope128", DIFFIE_HELLMAN_GROUP, NH_128_BIT, 0}, + {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0}, - {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0}, - {"newhope128", DIFFIE_HELLMAN_GROUP, NH_128_BIT, 0} + {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0} }; static const short lookup[] = @@ -294,29 +295,29 @@ static const short lookup[] = -1, -1, -1, -1, -1, -1, -1, 0, -1, -1, -1, 1, 2, -1, -1, -1, -1, -1, -1, -1, 3, 4, -1, -1, -1, -1, -1, 5, 6, 7, - 8, -1, -1, 9, -1, -1, 10, 11, 12, -1, - 13, 14, 15, 16, 17, 18, -1, -1, -1, 19, - 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, - 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, - 40, 41, 42, 43, 44, 45, -1, 46, 47, 48, - 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, - 59, 60, 61, 62, 63, -1, 64, 65, -1, 66, - 67, 68, 69, 70, 71, -1, 72, 73, -1, 74, + 8, -1, -1, 9, 10, -1, 11, 12, 13, -1, + 14, 15, 16, -1, 17, 18, -1, 19, -1, 20, + 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, + 31, -1, 32, 33, 34, -1, 35, 36, 37, 38, + 39, 40, 41, 42, 43, 44, -1, 45, 46, 47, + 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, + 58, -1, 59, 60, 61, 62, 63, 64, 65, 66, + 67, 68, 69, 70, 71, 72, 73, 74, -1, -1, -1, -1, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, -1, -1, -1, 86, 87, 88, -1, - 89, 90, 91, -1, 92, 93, 94, 95, 96, 97, - 98, 99, -1, 100, 101, -1, 102, 103, 104, -1, - 105, 106, -1, -1, 107, 108, 109, -1, 110, 111, - -1, 112, 113, 114, -1, 115, -1, 116, -1, -1, - 117, -1, 118, -1, -1, 119, 120, -1, -1, 121, - 122, 123, 124, 125, 126, 127, 128, 129, -1, 130, - -1, 131, -1, 132, 133, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, 134, -1, -1, 135, 136, - 137, -1, -1, -1, -1, -1, -1, -1, -1, -1, - 138, 139, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, 140, + 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, + 99, 100, -1, 101, 102, -1, 103, -1, 104, -1, + 105, 106, -1, 107, 108, 109, 110, 111, 112, -1, + -1, 113, 114, 115, -1, 116, -1, 117, 118, 119, + 120, -1, 121, 122, -1, 123, 124, -1, -1, 125, + -1, 126, 127, 128, 129, 130, 131, 132, -1, -1, + 133, -1, -1, -1, 134, -1, -1, -1, -1, -1, + -1, -1, -1, 135, -1, -1, 136, -1, -1, 137, + -1, -1, 138, -1, -1, -1, 139, -1, -1, 140, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, 141, -1, -1, 142, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, 141, -1, -1, -1, -1, 142 + 143 }; #ifdef __GNUC__ diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.h b/src/libstrongswan/crypto/proposal/proposal_keywords_static.h index e28f46513..1345f36bb 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.h +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.h.in b/src/libstrongswan/crypto/proposal/proposal_keywords_static.h.in index ee9f7b9da..be77410ab 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.h.in +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.h.in @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt index c44ed96a0..b214a9edf 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt @@ -1,7 +1,7 @@ %{ /* * Copyright (C) 2009-2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -78,7 +78,8 @@ aes256gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 aes128gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128 aes192gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192 aes256gmac, ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256 -chacha20poly1305, ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 256 +chacha20poly1305, ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 0 +chacha20poly1305compat, ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305, 256 blowfish, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 blowfish128, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 blowfish192, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192 diff --git a/src/libstrongswan/crypto/rngs/rng.c b/src/libstrongswan/crypto/rngs/rng.c index 1f39dedb8..d2e34d9f3 100644 --- a/src/libstrongswan/crypto/rngs/rng.c +++ b/src/libstrongswan/crypto/rngs/rng.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/rngs/rng.h b/src/libstrongswan/crypto/rngs/rng.h index 0ca2cb114..11473030e 100644 --- a/src/libstrongswan/crypto/rngs/rng.h +++ b/src/libstrongswan/crypto/rngs/rng.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/signers/mac_signer.c b/src/libstrongswan/crypto/signers/mac_signer.c index 4426782b4..d2b484424 100644 --- a/src/libstrongswan/crypto/signers/mac_signer.c +++ b/src/libstrongswan/crypto/signers/mac_signer.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/signers/mac_signer.h b/src/libstrongswan/crypto/signers/mac_signer.h index a50c8cadf..7fcdac909 100644 --- a/src/libstrongswan/crypto/signers/mac_signer.h +++ b/src/libstrongswan/crypto/signers/mac_signer.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/signers/signer.c b/src/libstrongswan/crypto/signers/signer.c index 522b4e29d..2ba38ad7f 100644 --- a/src/libstrongswan/crypto/signers/signer.c +++ b/src/libstrongswan/crypto/signers/signer.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h index 8958e66e9..f0d6667ff 100644 --- a/src/libstrongswan/crypto/signers/signer.h +++ b/src/libstrongswan/crypto/signers/signer.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/crypto/transform.c b/src/libstrongswan/crypto/transform.c index 808cb996e..77a57f527 100644 --- a/src/libstrongswan/crypto/transform.c +++ b/src/libstrongswan/crypto/transform.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -17,21 +17,20 @@ #include #include -ENUM_BEGIN(transform_type_names, UNDEFINED_TRANSFORM_TYPE, EXTENDED_OUTPUT_FUNCTION, - "UNDEFINED_TRANSFORM_TYPE", - "HASH_ALGORITHM", - "RANDOM_NUMBER_GENERATOR", - "AEAD_ALGORITHM", - "COMPRESSION_ALGORITHM", - "EXTENDED OUTPUT FUNCTION"); -ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS, - EXTENDED_OUTPUT_FUNCTION, +ENUM_BEGIN(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS, "ENCRYPTION_ALGORITHM", "PSEUDO_RANDOM_FUNCTION", "INTEGRITY_ALGORITHM", "DIFFIE_HELLMAN_GROUP", "EXTENDED_SEQUENCE_NUMBERS"); -ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS); +ENUM_NEXT(transform_type_names, HASH_ALGORITHM, EXTENDED_OUTPUT_FUNCTION, + EXTENDED_SEQUENCE_NUMBERS, + "HASH_ALGORITHM", + "RANDOM_NUMBER_GENERATOR", + "AEAD_ALGORITHM", + "COMPRESSION_ALGORITHM", + "EXTENDED OUTPUT FUNCTION"); +ENUM_END(transform_type_names, EXTENDED_OUTPUT_FUNCTION); ENUM(extended_sequence_numbers_names, NO_EXT_SEQ_NUMBERS, EXT_SEQ_NUMBERS, @@ -64,7 +63,6 @@ enum_name_t* transform_get_enum_names(transform_type_t type) return extended_sequence_numbers_names; case EXTENDED_OUTPUT_FUNCTION: return ext_out_function_names; - case UNDEFINED_TRANSFORM_TYPE: case COMPRESSION_ALGORITHM: break; } diff --git a/src/libstrongswan/crypto/transform.h b/src/libstrongswan/crypto/transform.h index e043e605c..63881b373 100644 --- a/src/libstrongswan/crypto/transform.h +++ b/src/libstrongswan/crypto/transform.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -29,17 +29,16 @@ typedef enum transform_type_t transform_type_t; * Type of a transform, as in IKEv2 RFC 3.3.2. */ enum transform_type_t { - UNDEFINED_TRANSFORM_TYPE = 241, - HASH_ALGORITHM = 242, - RANDOM_NUMBER_GENERATOR = 243, - AEAD_ALGORITHM = 244, - COMPRESSION_ALGORITHM = 245, - EXTENDED_OUTPUT_FUNCTION = 246, ENCRYPTION_ALGORITHM = 1, PSEUDO_RANDOM_FUNCTION = 2, INTEGRITY_ALGORITHM = 3, DIFFIE_HELLMAN_GROUP = 4, - EXTENDED_SEQUENCE_NUMBERS = 5 + EXTENDED_SEQUENCE_NUMBERS = 5, + HASH_ALGORITHM = 256, + RANDOM_NUMBER_GENERATOR = 257, + AEAD_ALGORITHM = 258, + COMPRESSION_ALGORITHM = 259, + EXTENDED_OUTPUT_FUNCTION = 260, }; /** diff --git a/src/libstrongswan/database/database.h b/src/libstrongswan/database/database.h index ad5ccf95e..dc6ed1315 100644 --- a/src/libstrongswan/database/database.h +++ b/src/libstrongswan/database/database.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/database/database_factory.c b/src/libstrongswan/database/database_factory.c index 6c714ba51..e34aa9f6b 100644 --- a/src/libstrongswan/database/database_factory.c +++ b/src/libstrongswan/database/database_factory.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/database/database_factory.h b/src/libstrongswan/database/database_factory.h index 3213e1a08..18561fd2a 100644 --- a/src/libstrongswan/database/database_factory.h +++ b/src/libstrongswan/database/database_factory.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/eap/eap.c b/src/libstrongswan/eap/eap.c index 2b7295e3d..68f304006 100644 --- a/src/libstrongswan/eap/eap.c +++ b/src/libstrongswan/eap/eap.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/eap/eap.h b/src/libstrongswan/eap/eap.h index 2d4a238cd..b3c441900 100644 --- a/src/libstrongswan/eap/eap.h +++ b/src/libstrongswan/eap/eap.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/fetcher/fetcher.h b/src/libstrongswan/fetcher/fetcher.h index 6043dac2e..953bf11b9 100644 --- a/src/libstrongswan/fetcher/fetcher.h +++ b/src/libstrongswan/fetcher/fetcher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2011 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2011 revosec AG * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libstrongswan/fetcher/fetcher_manager.c b/src/libstrongswan/fetcher/fetcher_manager.c index f36cfcf82..356270f28 100644 --- a/src/libstrongswan/fetcher/fetcher_manager.c +++ b/src/libstrongswan/fetcher/fetcher_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/fetcher/fetcher_manager.h b/src/libstrongswan/fetcher/fetcher_manager.h index 449f284f7..725fc613b 100644 --- a/src/libstrongswan/fetcher/fetcher_manager.h +++ b/src/libstrongswan/fetcher/fetcher_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/ipsec/ipsec_types.c b/src/libstrongswan/ipsec/ipsec_types.c index c992eb5ad..16dbf8d41 100644 --- a/src/libstrongswan/ipsec/ipsec_types.c +++ b/src/libstrongswan/ipsec/ipsec_types.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -37,6 +37,12 @@ ENUM(ipcomp_transform_names, IPCOMP_NONE, IPCOMP_LZJH, "IPCOMP_LZJH" ); +ENUM(hw_offload_names, HW_OFFLOAD_NO, HW_OFFLOAD_AUTO, + "no", + "yes", + "auto", +); + /* * See header */ diff --git a/src/libstrongswan/ipsec/ipsec_types.h b/src/libstrongswan/ipsec/ipsec_types.h index 1db78ba6f..4e6e2d9dc 100644 --- a/src/libstrongswan/ipsec/ipsec_types.h +++ b/src/libstrongswan/ipsec/ipsec_types.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -26,6 +26,7 @@ typedef enum policy_dir_t policy_dir_t; typedef enum policy_type_t policy_type_t; typedef enum policy_priority_t policy_priority_t; typedef enum ipcomp_transform_t ipcomp_transform_t; +typedef enum hw_offload_t hw_offload_t; typedef struct ipsec_sa_cfg_t ipsec_sa_cfg_t; typedef struct lifetime_cfg_t lifetime_cfg_t; typedef struct mark_t mark_t; @@ -116,6 +117,20 @@ enum ipcomp_transform_t { */ extern enum_name_t *ipcomp_transform_names; +/** + * HW offload mode options + */ +enum hw_offload_t { + HW_OFFLOAD_NO = 0, + HW_OFFLOAD_YES = 1, + HW_OFFLOAD_AUTO = 2, +}; + +/** + * enum names for hw_offload_t. + */ +extern enum_name_t *hw_offload_names; + /** * This struct contains details about IPsec SA(s) tied to a policy. */ diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c index dbdf5cfe9..86b275dad 100644 --- a/src/libstrongswan/library.c +++ b/src/libstrongswan/library.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009-2016 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h index 08316fd13..53f371c51 100644 --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2010-2016 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/host.c b/src/libstrongswan/networking/host.c index 953720498..110ece894 100644 --- a/src/libstrongswan/networking/host.c +++ b/src/libstrongswan/networking/host.c @@ -3,7 +3,7 @@ * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/host.h b/src/libstrongswan/networking/host.h index a777f9f97..29283af8e 100644 --- a/src/libstrongswan/networking/host.h +++ b/src/libstrongswan/networking/host.h @@ -3,7 +3,7 @@ * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/host_resolver.c b/src/libstrongswan/networking/host_resolver.c index bad87e434..580931e1f 100644 --- a/src/libstrongswan/networking/host_resolver.c +++ b/src/libstrongswan/networking/host_resolver.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/host_resolver.h b/src/libstrongswan/networking/host_resolver.h index f944a9cdf..d28f3bb27 100644 --- a/src/libstrongswan/networking/host_resolver.h +++ b/src/libstrongswan/networking/host_resolver.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/packet.c b/src/libstrongswan/networking/packet.c index f76a85a4b..00993f92b 100644 --- a/src/libstrongswan/networking/packet.c +++ b/src/libstrongswan/networking/packet.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/packet.h b/src/libstrongswan/networking/packet.h index 8699d4abe..806337ba0 100644 --- a/src/libstrongswan/networking/packet.h +++ b/src/libstrongswan/networking/packet.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/networking/streams/stream_service_unix.c b/src/libstrongswan/networking/streams/stream_service_unix.c index 1ed27c499..a9b71d6fd 100644 --- a/src/libstrongswan/networking/streams/stream_service_unix.c +++ b/src/libstrongswan/networking/streams/stream_service_unix.c @@ -39,8 +39,9 @@ stream_service_t *stream_service_create_unix(char *uri, int backlog) } if (!lib->caps->check(lib->caps, CAP_CHOWN)) { /* required to chown(2) service socket */ - DBG1(DBG_NET, "socket '%s' requires CAP_CHOWN capability", uri); - return NULL; + DBG1(DBG_NET, "cannot change ownership of socket '%s' without " + "CAP_CHOWN capability. socket directory should be accessible to " + "UID/GID under which the daemon will run", uri); } fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) @@ -58,7 +59,9 @@ stream_service_t *stream_service_create_unix(char *uri, int backlog) return NULL; } umask(old); - if (chown(addr.sun_path, lib->caps->get_uid(lib->caps), + /* only attempt to chown() socket if we have CAP_CHOWN */ + if (lib->caps->check(lib->caps, CAP_CHOWN) && + chown(addr.sun_path, lib->caps->get_uid(lib->caps), lib->caps->get_gid(lib->caps)) != 0) { DBG1(DBG_NET, "changing socket permissions for '%s' failed: %s", diff --git a/src/libstrongswan/networking/tun_device.c b/src/libstrongswan/networking/tun_device.c index 86951f1e7..3ebeb10ef 100644 --- a/src/libstrongswan/networking/tun_device.c +++ b/src/libstrongswan/networking/tun_device.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2012 Martin Willi * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libstrongswan/networking/tun_device.h b/src/libstrongswan/networking/tun_device.h index 4f9eacb07..798e3275d 100644 --- a/src/libstrongswan/networking/tun_device.h +++ b/src/libstrongswan/networking/tun_device.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c index 8829ba162..243a14296 100644 --- a/src/libstrongswan/plugins/aes/aes_crypter.c +++ b/src/libstrongswan/plugins/aes/aes_crypter.c @@ -2,7 +2,7 @@ * Copyright (C) 2001 Dr B. R. Gladman * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/aes/aes_crypter.h b/src/libstrongswan/plugins/aes/aes_crypter.h index 473772f04..d3e51ba75 100644 --- a/src/libstrongswan/plugins/aes/aes_crypter.h +++ b/src/libstrongswan/plugins/aes/aes_crypter.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c index 1e84a7c86..bfb356e58 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.c +++ b/src/libstrongswan/plugins/aes/aes_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/aes/aes_plugin.h b/src/libstrongswan/plugins/aes/aes_plugin.h index f0f0e8154..0fc42e4ec 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.h +++ b/src/libstrongswan/plugins/aes/aes_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/aesni/aesni_cmac.c b/src/libstrongswan/plugins/aesni/aesni_cmac.c index 07580c822..a232ef0e0 100644 --- a/src/libstrongswan/plugins/aesni/aesni_cmac.c +++ b/src/libstrongswan/plugins/aesni/aesni_cmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2015 Martin Willi * Copyright (C) 2015 revosec AG * diff --git a/src/libstrongswan/plugins/aesni/aesni_xcbc.c b/src/libstrongswan/plugins/aesni/aesni_xcbc.c index 974c5fedc..55276f62c 100644 --- a/src/libstrongswan/plugins/aesni/aesni_xcbc.c +++ b/src/libstrongswan/plugins/aesni/aesni_xcbc.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2015 Martin Willi * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2015 revosec AG * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c index dc6adc457..c381dfeb3 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.c +++ b/src/libstrongswan/plugins/agent/agent_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/agent/agent_plugin.h b/src/libstrongswan/plugins/agent/agent_plugin.h index d352c305c..79d99b206 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.h +++ b/src/libstrongswan/plugins/agent/agent_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c index cf2c5ea85..77c29916c 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.c +++ b/src/libstrongswan/plugins/agent/agent_private_key.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/agent/agent_private_key.h b/src/libstrongswan/plugins/agent/agent_private_key.h index 0623f2bb9..32c129ec4 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.h +++ b/src/libstrongswan/plugins/agent/agent_private_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.c b/src/libstrongswan/plugins/bliss/bliss_private_key.c index 964edcd93..a5b11d4ab 100644 --- a/src/libstrongswan/plugins/bliss/bliss_private_key.c +++ b/src/libstrongswan/plugins/bliss/bliss_private_key.c @@ -782,7 +782,7 @@ static uint32_t nks_norm(int8_t *s1, int8_t *s2, int n, uint16_t kappa) for (i = 0; i < n; i++) { wrap(t, n, i, t_wrapped); - qsort(t_wrapped, n, sizeof(int16_t), (__compar_fn_t)compare); + qsort(t_wrapped, n, sizeof(int16_t), (void*)compare); max_kappa[i] = 0; for (j = 1; j <= kappa; j++) @@ -790,7 +790,7 @@ static uint32_t nks_norm(int8_t *s1, int8_t *s2, int n, uint16_t kappa) max_kappa[i] += t_wrapped[n - j]; } } - qsort(max_kappa, n, sizeof(int16_t), (__compar_fn_t)compare); + qsort(max_kappa, n, sizeof(int16_t), (void*)compare); for (i = 1; i <= kappa; i++) { diff --git a/src/libstrongswan/plugins/blowfish/bf_enc.c b/src/libstrongswan/plugins/blowfish/bf_enc.c index f9591c1a4..7c32e3fbb 100644 --- a/src/libstrongswan/plugins/blowfish/bf_enc.c +++ b/src/libstrongswan/plugins/blowfish/bf_enc.c @@ -50,7 +50,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/blowfish/bf_locl.h b/src/libstrongswan/plugins/blowfish/bf_locl.h index e5f49280b..ad8deed80 100644 --- a/src/libstrongswan/plugins/blowfish/bf_locl.h +++ b/src/libstrongswan/plugins/blowfish/bf_locl.h @@ -50,7 +50,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/blowfish/bf_pi.h b/src/libstrongswan/plugins/blowfish/bf_pi.h index 86c2ef366..650783192 100644 --- a/src/libstrongswan/plugins/blowfish/bf_pi.h +++ b/src/libstrongswan/plugins/blowfish/bf_pi.h @@ -50,7 +50,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/blowfish/bf_skey.c b/src/libstrongswan/plugins/blowfish/bf_skey.c index 52a051890..f44b72383 100644 --- a/src/libstrongswan/plugins/blowfish/bf_skey.c +++ b/src/libstrongswan/plugins/blowfish/bf_skey.c @@ -50,7 +50,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/blowfish/blowfish.h b/src/libstrongswan/plugins/blowfish/blowfish.h index 3c8f77a0f..771afcf15 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish.h +++ b/src/libstrongswan/plugins/blowfish/blowfish.h @@ -50,7 +50,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c index 6d8d1d709..6ef60c883 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c @@ -49,7 +49,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.h b/src/libstrongswan/plugins/blowfish/blowfish_crypter.h index 70dcae66e..4d30c92e4 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.h +++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c index 7494c52c3..b7748df90 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Andreas Steffen * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h index 6a87f42ee..9d1c88f08 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/cmac/cmac.c b/src/libstrongswan/plugins/cmac/cmac.c index 22f077f58..28a3228dd 100644 --- a/src/libstrongswan/plugins/cmac/cmac.c +++ b/src/libstrongswan/plugins/cmac/cmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/cmac/cmac.h b/src/libstrongswan/plugins/cmac/cmac.h index dc85e3bc3..fb3871588 100644 --- a/src/libstrongswan/plugins/cmac/cmac.h +++ b/src/libstrongswan/plugins/cmac/cmac.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/cmac/cmac_plugin.c b/src/libstrongswan/plugins/cmac/cmac_plugin.c index 694e598a5..d5efdabf5 100644 --- a/src/libstrongswan/plugins/cmac/cmac_plugin.c +++ b/src/libstrongswan/plugins/cmac/cmac_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/cmac/cmac_plugin.h b/src/libstrongswan/plugins/cmac/cmac_plugin.h index a31e1077d..89c450259 100644 --- a/src/libstrongswan/plugins/cmac/cmac_plugin.h +++ b/src/libstrongswan/plugins/cmac/cmac_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index b52b35ba0..51ed89595 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2007 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.h b/src/libstrongswan/plugins/curl/curl_fetcher.h index 6b9cad657..b6467c979 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.h +++ b/src/libstrongswan/plugins/curl/curl_fetcher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c index 42ae9cdd2..94da81c6a 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.c +++ b/src/libstrongswan/plugins/curl/curl_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/curl/curl_plugin.h b/src/libstrongswan/plugins/curl/curl_plugin.h index ae17285c2..31ecdd672 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.h +++ b/src/libstrongswan/plugins/curl/curl_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c index cb5064d90..159c3872a 100644 --- a/src/libstrongswan/plugins/des/des_crypter.c +++ b/src/libstrongswan/plugins/des/des_crypter.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Derived from Plutos DES library by Eric Young. * @@ -52,7 +52,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * The licence and distribution terms for any publically available version or + * The licence and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] diff --git a/src/libstrongswan/plugins/des/des_crypter.h b/src/libstrongswan/plugins/des/des_crypter.h index 07215d0c5..4493fddcb 100644 --- a/src/libstrongswan/plugins/des/des_crypter.h +++ b/src/libstrongswan/plugins/des/des_crypter.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c index be2587679..1b6a633af 100644 --- a/src/libstrongswan/plugins/des/des_plugin.c +++ b/src/libstrongswan/plugins/des/des_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/des/des_plugin.h b/src/libstrongswan/plugins/des/des_plugin.h index cfff420c0..d98052c05 100644 --- a/src/libstrongswan/plugins/des/des_plugin.h +++ b/src/libstrongswan/plugins/des/des_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c index fd2471a48..ecad31d05 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.h b/src/libstrongswan/plugins/dnskey/dnskey_builder.h index 16eff3269..f6a6a642a 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_builder.h +++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c index 9a4f6252f..a879b1117 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.h b/src/libstrongswan/plugins/dnskey/dnskey_plugin.h index 8b49bd6cb..fabd452f5 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.h +++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/files/files_fetcher.c b/src/libstrongswan/plugins/files/files_fetcher.c index e0b7cbdb6..90a60a1e6 100644 --- a/src/libstrongswan/plugins/files/files_fetcher.c +++ b/src/libstrongswan/plugins/files/files_fetcher.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/files/files_fetcher.h b/src/libstrongswan/plugins/files/files_fetcher.h index 7fc4ec98e..d0ee51b96 100644 --- a/src/libstrongswan/plugins/files/files_fetcher.h +++ b/src/libstrongswan/plugins/files/files_fetcher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/files/files_plugin.c b/src/libstrongswan/plugins/files/files_plugin.c index 6ab735dab..df22af69c 100644 --- a/src/libstrongswan/plugins/files/files_plugin.c +++ b/src/libstrongswan/plugins/files/files_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/files/files_plugin.h b/src/libstrongswan/plugins/files/files_plugin.h index c121b9652..6e51690f9 100644 --- a/src/libstrongswan/plugins/files/files_plugin.h +++ b/src/libstrongswan/plugins/files/files_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index 47676b32f..a51cfe105 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.h b/src/libstrongswan/plugins/fips_prf/fips_prf.h index 514e3c5d9..3c66f7576 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.h +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c index 68b6bacb2..b3526a636 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h index 3bd26ad45..7b5c40946 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c index 80a8dc90d..4bee5b704 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h index e565e28c7..4bc34ea5e 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c index 5519125ba..f59144a86 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h index c6259f7ac..822ffe205 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c index 199c1d6c9..564828e53 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h index a7542bcdd..f37ab42c1 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index 8a3de1e01..45fba242b 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h index 05e5e7014..6cf87bf59 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c index bf11758b1..9a8424915 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h index a0cc12369..57fb0b9ad 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h index 0f3d66b80..3a8b7eec4 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h index ca0a284a2..d92c64f44 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c index b01adfe01..f07dd36cc 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c @@ -4,7 +4,7 @@ * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.h b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.h index a8cde7bca..dfc8560e2 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.h +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c index 700e29bf6..b0ae2d81d 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.c +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.h b/src/libstrongswan/plugins/gmp/gmp_plugin.h index e4a87c8e2..6ffa485bb 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.h +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.h b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.h index 32e1f292c..1e7d15218 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.h +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2005-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h index 14dd71e0b..fb6288754 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c index c777b47cd..63c294b32 100644 --- a/src/libstrongswan/plugins/hmac/hmac.c +++ b/src/libstrongswan/plugins/hmac/hmac.c @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/hmac/hmac.h b/src/libstrongswan/plugins/hmac/hmac.h index bf66dd4aa..d0993653a 100644 --- a/src/libstrongswan/plugins/hmac/hmac.h +++ b/src/libstrongswan/plugins/hmac/hmac.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c index 43d5a0364..68eb7d91a 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.c +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.h b/src/libstrongswan/plugins/hmac/hmac_plugin.h index 03d1d1cf9..c73687d7b 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.h +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c index 635d5fc0e..23c1dbe2b 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2007 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.h b/src/libstrongswan/plugins/ldap/ldap_fetcher.h index 30a141bae..d12c5a4fd 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.h +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c index 210d33a93..dd0ccad6b 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.c +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.h b/src/libstrongswan/plugins/ldap/ldap_plugin.h index e4fcebaa3..06da5a842 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.h +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/md4/md4_hasher.c b/src/libstrongswan/plugins/md4/md4_hasher.c index ada6c05da..c008d0188 100644 --- a/src/libstrongswan/plugins/md4/md4_hasher.c +++ b/src/libstrongswan/plugins/md4/md4_hasher.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 1990-1992, RSA Data Security, Inc. Created 1990. * All rights reserved. * diff --git a/src/libstrongswan/plugins/md4/md4_hasher.h b/src/libstrongswan/plugins/md4/md4_hasher.h index aeb68f718..7960a1337 100644 --- a/src/libstrongswan/plugins/md4/md4_hasher.h +++ b/src/libstrongswan/plugins/md4/md4_hasher.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c index baa44b7f5..7847415bd 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.c +++ b/src/libstrongswan/plugins/md4/md4_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/md4/md4_plugin.h b/src/libstrongswan/plugins/md4/md4_plugin.h index 9fde665e6..8718ea65e 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.h +++ b/src/libstrongswan/plugins/md4/md4_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/md5/md5_hasher.c b/src/libstrongswan/plugins/md5/md5_hasher.c index d14c10ae5..ed78a9859 100644 --- a/src/libstrongswan/plugins/md5/md5_hasher.c +++ b/src/libstrongswan/plugins/md5/md5_hasher.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 1991-1992, RSA Data Security, Inc. Created 1991. * All rights reserved. * diff --git a/src/libstrongswan/plugins/md5/md5_hasher.h b/src/libstrongswan/plugins/md5/md5_hasher.h index 7f29a9621..7bf21c2d4 100644 --- a/src/libstrongswan/plugins/md5/md5_hasher.h +++ b/src/libstrongswan/plugins/md5/md5_hasher.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c index 4a61af618..c6219e1b7 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.c +++ b/src/libstrongswan/plugins/md5/md5_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/md5/md5_plugin.h b/src/libstrongswan/plugins/md5/md5_plugin.h index c4ca619dc..0a4ec916d 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.h +++ b/src/libstrongswan/plugins/md5/md5_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c index 211eba704..d7e35d9fd 100644 --- a/src/libstrongswan/plugins/mysql/mysql_database.c +++ b/src/libstrongswan/plugins/mysql/mysql_database.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/mysql/mysql_database.h b/src/libstrongswan/plugins/mysql/mysql_database.h index bbf6a33e9..d948a1c09 100644 --- a/src/libstrongswan/plugins/mysql/mysql_database.h +++ b/src/libstrongswan/plugins/mysql/mysql_database.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c index 23d709739..cb4425cf8 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.c +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.h b/src/libstrongswan/plugins/mysql/mysql_plugin.h index d1f21870c..49f5c1e7d 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.h +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/nonce/nonce_nonceg.c b/src/libstrongswan/plugins/nonce/nonce_nonceg.c index 22c161df6..5f4162ed9 100644 --- a/src/libstrongswan/plugins/nonce/nonce_nonceg.c +++ b/src/libstrongswan/plugins/nonce/nonce_nonceg.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/nonce/nonce_nonceg.h b/src/libstrongswan/plugins/nonce/nonce_nonceg.h index 2ae0c97de..a4953c54e 100644 --- a/src/libstrongswan/plugins/nonce/nonce_nonceg.h +++ b/src/libstrongswan/plugins/nonce/nonce_nonceg.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/nonce/nonce_plugin.c b/src/libstrongswan/plugins/nonce/nonce_plugin.c index 90f2e8fac..724162193 100644 --- a/src/libstrongswan/plugins/nonce/nonce_plugin.c +++ b/src/libstrongswan/plugins/nonce/nonce_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/nonce/nonce_plugin.h b/src/libstrongswan/plugins/nonce/nonce_plugin.h index f4be1c3a8..d349145be 100644 --- a/src/libstrongswan/plugins/nonce/nonce_plugin.h +++ b/src/libstrongswan/plugins/nonce/nonce_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Adrian-Ken Rueegsegger - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.c b/src/libstrongswan/plugins/ntru/ntru_private_key.c index 844c8baf3..642a35ca5 100644 --- a/src/libstrongswan/plugins/ntru/ntru_private_key.c +++ b/src/libstrongswan/plugins/ntru/ntru_private_key.c @@ -276,7 +276,7 @@ METHOD(ntru_private_key_t, decrypt, bool, } if (!msg_rep_good) { - DBG1(DBG_LIB, "decryption failed due to unsufficient minimum weight"); + DBG1(DBG_LIB, "decryption failed due to insufficient minimum weight"); success = FALSE; } diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c index 88f7a67c2..bb5f20dcf 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crl.c +++ b/src/libstrongswan/plugins/openssl/openssl_crl.c @@ -358,7 +358,7 @@ METHOD(certificate_t, get_validity, bool, { *not_after = this->nextUpdate; } - return t <= this->nextUpdate; + return (t >= this->thisUpdate && t <= this->nextUpdate); } METHOD(certificate_t, get_encoding, bool, diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c index b9085f9aa..74beb762e 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.c +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.h b/src/libstrongswan/plugins/openssl/openssl_crypter.h index b12e7a6ab..2c5ef0b28 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.h +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c index 8e9c1183f..a567f5f4f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2010 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h index 5de5520b5..43d1f3fa8 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index 11185e0c7..19de540b6 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h index fd60732b9..2f58c976d 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index faa940839..ba41c508f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Martin Willi * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h index 8094083a7..00c82aced 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c index 5ef885b16..4b096f049 100644 --- a/src/libstrongswan/plugins/openssl/openssl_gcm.c +++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.h b/src/libstrongswan/plugins/openssl/openssl_gcm.h index 4ae268bd6..a64c90129 100644 --- a/src/libstrongswan/plugins/openssl/openssl_gcm.h +++ b/src/libstrongswan/plugins/openssl/openssl_gcm.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac.c b/src/libstrongswan/plugins/openssl/openssl_hmac.c index 16e707116..e3f44defa 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hmac.c +++ b/src/libstrongswan/plugins/openssl/openssl_hmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac.h b/src/libstrongswan/plugins/openssl/openssl_hmac.h index 95ab6bfc3..f77e9acfb 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hmac.h +++ b/src/libstrongswan/plugins/openssl/openssl_hmac.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs12.c b/src/libstrongswan/plugins/openssl/openssl_pkcs12.c index bbd400cac..c59c77b5b 100644 --- a/src/libstrongswan/plugins/openssl/openssl_pkcs12.c +++ b/src/libstrongswan/plugins/openssl/openssl_pkcs12.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs12.h b/src/libstrongswan/plugins/openssl/openssl_pkcs12.h index 5c3e5933d..3d6b5cb68 100644 --- a/src/libstrongswan/plugins/openssl/openssl_pkcs12.h +++ b/src/libstrongswan/plugins/openssl/openssl_pkcs12.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.h b/src/libstrongswan/plugins/openssl/openssl_plugin.h index 0762c37b9..a9c220a03 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.h +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h index 021257d3c..5654bcb58 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c index 3a6d2f193..8371bc17f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c +++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h index 384e328e2..49db884ad 100644 --- a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h +++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c index 6580e1c7d..b7f969f73 100644 --- a/src/libstrongswan/plugins/openssl/openssl_util.c +++ b/src/libstrongswan/plugins/openssl/openssl_util.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Martin Willi * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_util.h b/src/libstrongswan/plugins/openssl/openssl_util.h index 7c5c367f7..80e557fa8 100644 --- a/src/libstrongswan/plugins/openssl/openssl_util.h +++ b/src/libstrongswan/plugins/openssl/openssl_util.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c index 60c08770b..fae2d678f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_x509.c +++ b/src/libstrongswan/plugins/openssl/openssl_x509.c @@ -668,6 +668,9 @@ static bool parse_keyUsage_ext(private_openssl_x509_t *this, { ASN1_BIT_STRING *usage; + /* to be compliant with RFC 4945 specific KUs have to be included */ + this->flags &= ~X509_IKE_COMPLIANT; + usage = X509V3_EXT_d2i(ext); if (usage) { @@ -682,6 +685,11 @@ static bool parse_keyUsage_ext(private_openssl_x509_t *this, { this->flags |= X509_CRL_SIGN; } + if (flags & X509v3_KU_DIGITAL_SIGNATURE || + flags & X509v3_KU_NON_REPUDIATION) + { + this->flags |= X509_IKE_COMPLIANT; + } if (flags & X509v3_KU_KEY_CERT_SIGN) { /* we use the caBasicContraint, MUST be set */ @@ -988,6 +996,9 @@ static bool parse_extensions(private_openssl_x509_t *this) STACK_OF(X509_EXTENSION) *extensions; int i, num; + /* unless we see a keyUsage extension we are compliant with RFC 4945 */ + this->flags |= X509_IKE_COMPLIANT; + extensions = X509_get0_extensions(this->x509); if (extensions) { diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c index b5060de0a..2969f21d9 100644 --- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c +++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.h b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.h index 1c804860c..dc3182481 100644 --- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.h +++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index 9ce210961..a92f32d3c 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.h b/src/libstrongswan/plugins/padlock/padlock_plugin.h index d99d4db0f..6f3926021 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.h +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.c b/src/libstrongswan/plugins/padlock/padlock_rng.c index 6b337d82c..3153cf1bd 100644 --- a/src/libstrongswan/plugins/padlock/padlock_rng.c +++ b/src/libstrongswan/plugins/padlock/padlock_rng.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.h b/src/libstrongswan/plugins/padlock/padlock_rng.h index 776be8937..a1e22113e 100644 --- a/src/libstrongswan/plugins/padlock/padlock_rng.h +++ b/src/libstrongswan/plugins/padlock/padlock_rng.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c index 30040da39..764227a4e 100644 --- a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c +++ b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.h b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.h index bb45d7b4f..6373c4cad 100644 --- a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.h +++ b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Thomas Kallenberg * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c index ec90fb084..e9d464fe5 100644 --- a/src/libstrongswan/plugins/pem/pem_builder.c +++ b/src/libstrongswan/plugins/pem/pem_builder.c @@ -2,7 +2,7 @@ * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2009 Martin Willi * Copyright (C) 2001-2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pem/pem_builder.h b/src/libstrongswan/plugins/pem/pem_builder.h index b1bfc6d4d..bf64762b1 100644 --- a/src/libstrongswan/plugins/pem/pem_builder.h +++ b/src/libstrongswan/plugins/pem/pem_builder.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pem/pem_encoder.h b/src/libstrongswan/plugins/pem/pem_encoder.h index d8f05dd73..e779acb75 100644 --- a/src/libstrongswan/plugins/pem/pem_encoder.h +++ b/src/libstrongswan/plugins/pem/pem_encoder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c index 662b0fe8e..eb9e420ff 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.c +++ b/src/libstrongswan/plugins/pem/pem_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pem/pem_plugin.h b/src/libstrongswan/plugins/pem/pem_plugin.h index 944a3fc85..c9ee761d0 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.h +++ b/src/libstrongswan/plugins/pem/pem_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c index e8f5c5ddf..64e1a4c96 100644 --- a/src/libstrongswan/plugins/pgp/pgp_builder.c +++ b/src/libstrongswan/plugins/pgp/pgp_builder.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Martin Willi * Copyright (C) 2002-2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.h b/src/libstrongswan/plugins/pgp/pgp_builder.h index 1168babd6..5fbf7c784 100644 --- a/src/libstrongswan/plugins/pgp/pgp_builder.h +++ b/src/libstrongswan/plugins/pgp/pgp_builder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index 392ef5440..47271e1af 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.h b/src/libstrongswan/plugins/pgp/pgp_cert.h index 4db795ddc..e0c6795ff 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.h +++ b/src/libstrongswan/plugins/pgp/pgp_cert.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c index eba936b83..3b5b19d12 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.c +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.h b/src/libstrongswan/plugins/pgp/pgp_encoder.h index b5bc2af44..79130bb60 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.h +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c index a2cf403dc..2b5b7e098 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.c +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.h b/src/libstrongswan/plugins/pgp/pgp_plugin.h index 8a0ab89d6..bbfba2d4a 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.h +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c index 283bf8c36..5dbc03ad0 100644 --- a/src/libstrongswan/plugins/pgp/pgp_utils.c +++ b/src/libstrongswan/plugins/pgp/pgp_utils.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.h b/src/libstrongswan/plugins/pgp/pgp_utils.h index 180292a7a..36eed5866 100644 --- a/src/libstrongswan/plugins/pgp/pgp_utils.h +++ b/src/libstrongswan/plugins/pgp/pgp_utils.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h index 9f251833e..68c49e431 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c index 905f14c88..8bcf6e866 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h index 2eec736f1..7bd6c69c1 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h index 588bde559..a28827cc4 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c index b0fa41b6a..3d3df57fd 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.h b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.h index 1ad58e7a1..3f68c62ec 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.h +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c index 89ae1969e..b42632fdb 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG @@ -899,8 +899,8 @@ METHOD(pkcs11_library_t, create_mechanism_enumerator, enumerator_t*, return enumerator_create_empty(); } enumerator->mechs = malloc(sizeof(CK_MECHANISM_TYPE) * enumerator->count); - enumerator->lib->f->C_GetMechanismList(slot, enumerator->mechs, - &enumerator->count); + rv = enumerator->lib->f->C_GetMechanismList(slot, enumerator->mechs, + &enumerator->count); if (rv != CKR_OK) { DBG1(DBG_CFG, "C_GetMechanismList() failed: %N", ck_rv_names, rv); diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h index b8b4ff746..4038b7e8f 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c index bd2a2c114..d6bf4de42 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c index 6158f6d25..77cc9bd44 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.h b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.h index 6d3a9556e..b3bf911c2 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.h +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c index 36029fa30..ed450a6c7 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c index 753835187..847309b38 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.h b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.h index 998631f7e..1e4b6224b 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_rng.h +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_rng.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c b/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c index 82fc0c0b9..a20c05e91 100644 --- a/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c +++ b/src/libstrongswan/plugins/pkcs12/pkcs12_decode.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs12/pkcs12_decode.h b/src/libstrongswan/plugins/pkcs12/pkcs12_decode.h index e2998968f..5369b9e50 100644 --- a/src/libstrongswan/plugins/pkcs12/pkcs12_decode.h +++ b/src/libstrongswan/plugins/pkcs12/pkcs12_decode.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.c b/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.c index 902d2971b..5c2c8b4c4 100644 --- a/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.c +++ b/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.h b/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.h index 3bd7f2df3..c05c261eb 100644 --- a/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.h +++ b/src/libstrongswan/plugins/pkcs12/pkcs12_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -9,7 +9,7 @@ * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPSE. See the GNU General Public License + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. */ diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c index efcd2b30a..445dedcf7 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h index d5f6156a1..f82ef6016 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_attributes.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.c index 2c414c391..0eb57619c 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.h b/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.h index b685557fc..ea67ebb2d 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.h +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_encrypted_data.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c index 5cd0d8f93..82d113dec 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c @@ -4,7 +4,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2002-2008 Andreas Steffen * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c b/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c index 24d7cd848..9c3680190 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_generic.c @@ -4,7 +4,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2002-2008 Andreas Steffen * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h b/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h index 3d582c7c6..57c8cf0c1 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_plugin.h @@ -9,7 +9,7 @@ * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPSE. See the GNU General Public License + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. */ diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c index 6cd5da4fd..22b7829a4 100644 --- a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c +++ b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.h b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.h index b07f2d927..b78a532b3 100644 --- a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.h +++ b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.c b/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.c index fcd8f119e..b1c48f7ff 100644 --- a/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.c +++ b/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.h b/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.h index 03ca950a3..6ada49209 100644 --- a/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.h +++ b/src/libstrongswan/plugins/pkcs8/pkcs8_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -9,7 +9,7 @@ * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPSE. See the GNU General Public License + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. */ diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h index 7bfbdf1d4..0b67aa979 100644 --- a/src/libstrongswan/plugins/plugin.h +++ b/src/libstrongswan/plugins/plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c index 39d86c82a..844698bd2 100644 --- a/src/libstrongswan/plugins/plugin_feature.c +++ b/src/libstrongswan/plugins/plugin_feature.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2011 Martin Willi * Copyright (C) 2011 revosec AG diff --git a/src/libstrongswan/plugins/plugin_feature.h b/src/libstrongswan/plugins/plugin_feature.h index 8cc6277eb..d3c2df7f7 100644 --- a/src/libstrongswan/plugins/plugin_feature.h +++ b/src/libstrongswan/plugins/plugin_feature.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2011 Martin Willi * Copyright (C) 2011 revosec AG diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index 7d0cc88ed..121248bbe 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010-2014 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/plugin_loader.h b/src/libstrongswan/plugins/plugin_loader.h index 156bd8656..c5a16fef3 100644 --- a/src/libstrongswan/plugins/plugin_loader.h +++ b/src/libstrongswan/plugins/plugin_loader.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012-2014 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c index 81dad65b7..a7bf87e5b 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.h b/src/libstrongswan/plugins/pubkey/pubkey_cert.h index 06e4e0fa3..039111f87 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.h +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c index a898bbfcc..c79be9093 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.h b/src/libstrongswan/plugins/pubkey/pubkey_plugin.h index db71bddc0..8f649c828 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.h +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c index e159751be..9292de2cf 100644 --- a/src/libstrongswan/plugins/random/random_plugin.c +++ b/src/libstrongswan/plugins/random/random_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/random/random_plugin.h b/src/libstrongswan/plugins/random/random_plugin.h index ff79bef0c..302bf3086 100644 --- a/src/libstrongswan/plugins/random/random_plugin.h +++ b/src/libstrongswan/plugins/random/random_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index 3760630ab..45dd0dfdc 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/random/random_rng.h b/src/libstrongswan/plugins/random/random_rng.h index 4e6f3afb2..5fcf33d15 100644 --- a/src/libstrongswan/plugins/random/random_rng.h +++ b/src/libstrongswan/plugins/random/random_rng.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/rc2/rc2_crypter.c b/src/libstrongswan/plugins/rc2/rc2_crypter.c index d9681e834..de76580fc 100644 --- a/src/libstrongswan/plugins/rc2/rc2_crypter.c +++ b/src/libstrongswan/plugins/rc2/rc2_crypter.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/rc2/rc2_crypter.h b/src/libstrongswan/plugins/rc2/rc2_crypter.h index d478762a6..21f540dc4 100644 --- a/src/libstrongswan/plugins/rc2/rc2_crypter.h +++ b/src/libstrongswan/plugins/rc2/rc2_crypter.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/rc2/rc2_plugin.c b/src/libstrongswan/plugins/rc2/rc2_plugin.c index 6c6fa76d6..4365befd5 100644 --- a/src/libstrongswan/plugins/rc2/rc2_plugin.c +++ b/src/libstrongswan/plugins/rc2/rc2_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/rc2/rc2_plugin.h b/src/libstrongswan/plugins/rc2/rc2_plugin.h index cbbac51af..a387e0cc8 100644 --- a/src/libstrongswan/plugins/rc2/rc2_plugin.h +++ b/src/libstrongswan/plugins/rc2/rc2_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index 1b68320df..f8e78ac0c 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -1,8 +1,9 @@ /* + * Copyright (C) 2015-2018 Tobias Brunner * Copyright (C) 2010 Martin Willi * Copyright (C) 2010 revosec AG * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -15,6 +16,8 @@ * for more details. */ +#include + #include "revocation_validator.h" #include @@ -56,7 +59,7 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject, certificate_t *issuer) { certificate_t *request, *response; - chunk_t send, receive; + chunk_t send, receive = chunk_empty; /* TODO: requestor name, signature */ request = lib->creds->create(lib->creds, @@ -84,6 +87,7 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject, FETCH_END) != SUCCESS) { DBG1(DBG_CFG, "ocsp request to %s failed", url); + chunk_free(&receive); chunk_free(&send); return NULL; } @@ -351,13 +355,10 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, { valid = VALIDATION_FAILED; } - if (auth) - { - auth->add(auth, AUTH_RULE_OCSP_VALIDATION, valid); - if (valid == VALIDATION_GOOD) - { /* successful OCSP check fulfills also CRL constraint */ - auth->add(auth, AUTH_RULE_CRL_VALIDATION, VALIDATION_GOOD); - } + auth->add(auth, AUTH_RULE_OCSP_VALIDATION, valid); + if (valid == VALIDATION_GOOD) + { /* successful OCSP check fulfills also CRL constraint */ + auth->add(auth, AUTH_RULE_CRL_VALIDATION, VALIDATION_GOOD); } DESTROY_IF(best); return valid; @@ -369,12 +370,13 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, static certificate_t* fetch_crl(char *url) { certificate_t *crl; - chunk_t chunk; + chunk_t chunk = chunk_empty; DBG1(DBG_CFG, " fetching crl from '%s' ...", url); if (lib->fetcher->fetch(lib->fetcher, url, &chunk, FETCH_END) != SUCCESS) { DBG1(DBG_CFG, "crl fetching failed"); + chunk_free(&chunk); return NULL; } crl = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509_CRL, @@ -417,11 +419,11 @@ static bool verify_crl(certificate_t *crl) /** * Report the given CRL's validity and cache it if valid and requested */ -static bool is_crl_valid(certificate_t *crl, bool cache) +static bool is_crl_valid(certificate_t *crl, time_t now, bool cache) { time_t valid_until; - if (crl->get_validity(crl, NULL, NULL, &valid_until)) + if (crl->get_validity(crl, &now, NULL, &valid_until)) { DBG1(DBG_CFG, " crl is valid: until %T", &valid_until, FALSE); if (cache) @@ -434,6 +436,25 @@ static bool is_crl_valid(certificate_t *crl, bool cache) return FALSE; } +/** + * Check if the CRL should be used yet + */ +static bool is_crl_not_valid_yet(certificate_t *crl, time_t now) +{ + time_t this_update; + + if (!crl->get_validity(crl, &now, &this_update, NULL)) + { + if (this_update > now) + { + DBG1(DBG_CFG, " crl is not valid: until %T", &this_update, FALSE); + return TRUE; + } + /* we accept stale CRLs */ + } + return FALSE; +} + /** * Get the better of two CRLs, and check for usable CRL info */ @@ -442,7 +463,7 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, bool cache, crl_t *base) { enumerator_t *enumerator; - time_t revocation; + time_t now, revocation; crl_reason_t reason; chunk_t subject_serial, serial; crl_t *crl = (crl_t*)cand; @@ -472,6 +493,12 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, cand->destroy(cand); return best; } + now = time(NULL); + if (is_crl_not_valid_yet(cand, now)) + { + cand->destroy(cand); + return best; + } subject_serial = chunk_skip_zero(subject->get_serial(subject)); enumerator = crl->create_enumerator(crl); @@ -488,7 +515,7 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, /* if the cert is on hold, a newer CRL might not contain it */ *valid = VALIDATION_ON_HOLD; } - is_crl_valid(cand, cache); + is_crl_valid(cand, now, cache); DBG1(DBG_CFG, "certificate was revoked on %T, reason: %N", &revocation, TRUE, crl_reason_names, reason); enumerator->destroy(enumerator); @@ -503,7 +530,7 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, { DESTROY_IF(best); best = cand; - if (is_crl_valid(best, cache)) + if (is_crl_valid(best, now, cache)) { *valid = VALIDATION_GOOD; } @@ -578,6 +605,31 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer, return valid; } +/** + * Check if the issuer of the given CRL matches + */ +static bool check_issuer(certificate_t *crl, x509_t *issuer, x509_cdp_t *cdp) +{ + certificate_t *cissuer = (certificate_t*)issuer; + identification_t *id; + chunk_t chunk; + bool matches = FALSE; + + if (cdp->issuer) + { + return crl->has_issuer(crl, cdp->issuer); + } + /* check SKI/AKI first, but fall back to DN matching */ + chunk = issuer->get_subjectKeyIdentifier(issuer); + if (chunk.len) + { + id = identification_create_from_encoding(ID_KEY_ID, chunk); + matches = crl->has_issuer(crl, id); + id->destroy(id); + } + return matches || crl->has_issuer(crl, cissuer->get_subject(cissuer)); +} + /** * Look for a delta CRL for a given base CRL */ @@ -585,7 +637,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, crl_t *base, cert_validation_t base_valid) { cert_validation_t valid = VALIDATION_SKIPPED; - certificate_t *best = NULL, *current; + certificate_t *best = NULL, *current, *cissuer = (certificate_t*)issuer; enumerator_t *enumerator; identification_t *id; x509_cdp_t *cdp; @@ -621,11 +673,12 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, current = fetch_crl(cdp->uri); if (current) { - if (cdp->issuer && !current->has_issuer(current, cdp->issuer)) + if (!check_issuer(current, issuer, cdp)) { DBG1(DBG_CFG, "issuer of fetched delta CRL '%Y' does not match " - "certificates CRL issuer '%Y'", - current->get_issuer(current), cdp->issuer); + "certificate's %sissuer '%Y'", + current->get_issuer(current), cdp->issuer ? "CRL " : "", + cdp->issuer ?: cissuer->get_subject(cissuer)); current->destroy(current); continue; } @@ -653,7 +706,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, auth_cfg_t *auth) { cert_validation_t valid = VALIDATION_SKIPPED; - certificate_t *best = NULL; + certificate_t *best = NULL, *cissuer = (certificate_t*)issuer; identification_t *id; x509_cdp_t *cdp; bool uri_found = FALSE; @@ -692,11 +745,12 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, current = fetch_crl(cdp->uri); if (current) { - if (cdp->issuer && !current->has_issuer(current, cdp->issuer)) + if (!check_issuer(current, issuer, cdp)) { DBG1(DBG_CFG, "issuer of fetched CRL '%Y' does not match " - "certificates CRL issuer '%Y'", - current->get_issuer(current), cdp->issuer); + "certificate's %sissuer '%Y'", + current->get_issuer(current), cdp->issuer ? "CRL " : "", + cdp->issuer ?: cissuer->get_subject(cissuer)); current->destroy(current); continue; } @@ -722,18 +776,15 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, { valid = VALIDATION_FAILED; } - if (auth) + if (valid == VALIDATION_SKIPPED) + { /* if we skipped CRL validation, we use the result of OCSP for + * constraint checking */ + auth->add(auth, AUTH_RULE_CRL_VALIDATION, + auth->get(auth, AUTH_RULE_OCSP_VALIDATION)); + } + else { - if (valid == VALIDATION_SKIPPED) - { /* if we skipped CRL validation, we use the result of OCSP for - * constraint checking */ - auth->add(auth, AUTH_RULE_CRL_VALIDATION, - auth->get(auth, AUTH_RULE_OCSP_VALIDATION)); - } - else - { - auth->add(auth, AUTH_RULE_CRL_VALIDATION, valid); - } + auth->add(auth, AUTH_RULE_CRL_VALIDATION, valid); } DESTROY_IF(best); return valid; @@ -753,8 +804,7 @@ METHOD(cert_validator_t, validate, bool, if (this->enable_ocsp) { - switch (check_ocsp((x509_t*)subject, (x509_t*)issuer, - pathlen ? NULL : auth)) + switch (check_ocsp((x509_t*)subject, (x509_t*)issuer, auth)) { case VALIDATION_GOOD: DBG1(DBG_CFG, "certificate status is good"); @@ -776,11 +826,14 @@ METHOD(cert_validator_t, validate, bool, break; } } + else + { + auth->add(auth, AUTH_RULE_OCSP_VALIDATION, VALIDATION_SKIPPED); + } if (this->enable_crl) { - switch (check_crl((x509_t*)subject, (x509_t*)issuer, - pathlen ? NULL : auth)) + switch (check_crl((x509_t*)subject, (x509_t*)issuer, auth)) { case VALIDATION_GOOD: DBG1(DBG_CFG, "certificate status is good"); @@ -800,6 +853,11 @@ METHOD(cert_validator_t, validate, bool, break; } } + else + { + auth->add(auth, AUTH_RULE_CRL_VALIDATION, + auth->get(auth, AUTH_RULE_OCSP_VALIDATION)); + } lib->credmgr->call_hook(lib->credmgr, CRED_HOOK_VALIDATION_FAILED, subject); diff --git a/src/libstrongswan/plugins/sha1/sha1_hasher.c b/src/libstrongswan/plugins/sha1/sha1_hasher.c index fca65dfa2..4094175ab 100644 --- a/src/libstrongswan/plugins/sha1/sha1_hasher.c +++ b/src/libstrongswan/plugins/sha1/sha1_hasher.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Ported from Steve Reid's implementation * "SHA1 in C" found in strongSwan. diff --git a/src/libstrongswan/plugins/sha1/sha1_hasher.h b/src/libstrongswan/plugins/sha1/sha1_hasher.h index 7fa6f1bc0..7b409e2af 100644 --- a/src/libstrongswan/plugins/sha1/sha1_hasher.h +++ b/src/libstrongswan/plugins/sha1/sha1_hasher.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c index 66c80b292..dc3663495 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.c +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.h b/src/libstrongswan/plugins/sha1/sha1_plugin.h index cd1ff615d..43dc19d59 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.h +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.c b/src/libstrongswan/plugins/sha1/sha1_prf.c index 464f4c9ec..c404b8eac 100644 --- a/src/libstrongswan/plugins/sha1/sha1_prf.c +++ b/src/libstrongswan/plugins/sha1/sha1_prf.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.h b/src/libstrongswan/plugins/sha1/sha1_prf.h index 1ab4cbc24..f3454a12b 100644 --- a/src/libstrongswan/plugins/sha1/sha1_prf.h +++ b/src/libstrongswan/plugins/sha1/sha1_prf.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha2/sha2_hasher.c b/src/libstrongswan/plugins/sha2/sha2_hasher.c index 2c56a2f1b..083b11de3 100644 --- a/src/libstrongswan/plugins/sha2/sha2_hasher.c +++ b/src/libstrongswan/plugins/sha2/sha2_hasher.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2001 Jari Ruusu. * * Ported from strongSwans implementation written by Jari Ruusu. diff --git a/src/libstrongswan/plugins/sha2/sha2_hasher.h b/src/libstrongswan/plugins/sha2/sha2_hasher.h index ed57ae0bd..0a69a971b 100644 --- a/src/libstrongswan/plugins/sha2/sha2_hasher.h +++ b/src/libstrongswan/plugins/sha2/sha2_hasher.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c index 94a7ccd61..86d48f0aa 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.c +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.h b/src/libstrongswan/plugins/sha2/sha2_plugin.h index 48ee2d94c..d7b98a03c 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.h +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c index 9f874212e..8cd08563c 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_database.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.h b/src/libstrongswan/plugins/sqlite/sqlite_database.h index 75f89a7ed..504b74963 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_database.h +++ b/src/libstrongswan/plugins/sqlite/sqlite_database.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c index 7f46aced7..56fe3001c 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -61,7 +61,7 @@ METHOD(plugin_t, destroy, void, plugin_t *sqlite_plugin_create() { private_sqlite_plugin_t *this; - int threadsave = 0; + int threadsafe = 0; INIT(this, .public = { @@ -74,10 +74,10 @@ plugin_t *sqlite_plugin_create() ); #if SQLITE_VERSION_NUMBER >= 3005000 - threadsave = sqlite3_threadsafe(); + threadsafe = sqlite3_threadsafe(); #endif DBG2(DBG_LIB, "using SQLite %s, thread safety %d", - sqlite3_libversion(), threadsave); + sqlite3_libversion(), threadsafe); return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.h b/src/libstrongswan/plugins/sqlite/sqlite_plugin.h index dbc461cf4..2cc00aba6 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.h +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.c b/src/libstrongswan/plugins/sshkey/sshkey_builder.c index 4a9f5b849..eab6559b3 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_builder.c +++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.h b/src/libstrongswan/plugins/sshkey/sshkey_builder.h index 20979c283..8a2a5841a 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_builder.h +++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sshkey/sshkey_encoder.c b/src/libstrongswan/plugins/sshkey/sshkey_encoder.c index d423671bd..9f5f8bd1f 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_encoder.c +++ b/src/libstrongswan/plugins/sshkey/sshkey_encoder.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sshkey/sshkey_encoder.h b/src/libstrongswan/plugins/sshkey/sshkey_encoder.h index bdd31a6c8..f96778d64 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_encoder.h +++ b/src/libstrongswan/plugins/sshkey/sshkey_encoder.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sshkey/sshkey_plugin.c b/src/libstrongswan/plugins/sshkey/sshkey_plugin.c index 1fde0c6e9..49838df57 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_plugin.c +++ b/src/libstrongswan/plugins/sshkey/sshkey_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/sshkey/sshkey_plugin.h b/src/libstrongswan/plugins/sshkey/sshkey_plugin.h index 2b9095a98..23c4b77f4 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_plugin.h +++ b/src/libstrongswan/plugins/sshkey/sshkey_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors.h b/src/libstrongswan/plugins/test_vectors/test_vectors.h index a68f43647..9bbe701ee 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors.h +++ b/src/libstrongswan/plugins/test_vectors/test_vectors.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c index de5658da7..715608291 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c index 26aadb444..38aa94180 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cmac.c index cc4121424..b38a23c8e 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cmac.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c index 56d12f036..86f2bfd1b 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c b/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c index a4e06180a..9e71d2e66 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c @@ -2,7 +2,7 @@ * Copyright (C) 2009 Martin Willi * Copyright (C) 2009 Andreas Steffen * Copyright (C) JuanJo Ciarlante - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c index 28c038878..75789fc91 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c b/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c index a33a219ed..3e0920bf5 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c index b4bf1fe6a..76dadc9a4 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c b/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c index 74e000419..b6e873bfa 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c b/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c index 4856a480f..50c890414 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c index 3348e12d3..364a2f4de 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c index ef9406f5f..5b428c6ee 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c index c7b213674..e0c613f79 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c index 5221d530c..c7b992304 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/null.c b/src/libstrongswan/plugins/test_vectors/test_vectors/null.c index c4f5d41b3..cd352ef31 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/null.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/null.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rc2.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rc2.c index b03d12038..42e168970 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/rc2.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rc2.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c index 458f63aa9..8d45e3c75 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c index 3316c364d..8cb28e746 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c index 256a59603..ec7b67df0 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c index 669adf8c6..aec6bbe04 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c index 8d6f66373..1cc068fda 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c index 4679c26b3..424451e23 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c index 536eba8f6..da01f9ec1 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c index 9c3ca20cc..1d00f4cde 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c index c4d71848d..96faa561e 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h index 661529295..3ee55837a 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_plugin.c b/src/libstrongswan/plugins/unbound/unbound_plugin.c index f727cdaae..f719a8b40 100644 --- a/src/libstrongswan/plugins/unbound/unbound_plugin.c +++ b/src/libstrongswan/plugins/unbound/unbound_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_plugin.h b/src/libstrongswan/plugins/unbound/unbound_plugin.h index 1f0d36454..b8f7ea64f 100644 --- a/src/libstrongswan/plugins/unbound/unbound_plugin.h +++ b/src/libstrongswan/plugins/unbound/unbound_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_resolver.c b/src/libstrongswan/plugins/unbound/unbound_resolver.c index 745e59d5b..a53e974f1 100644 --- a/src/libstrongswan/plugins/unbound/unbound_resolver.c +++ b/src/libstrongswan/plugins/unbound/unbound_resolver.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_resolver.h b/src/libstrongswan/plugins/unbound/unbound_resolver.h index 818a717b8..caec42ba7 100644 --- a/src/libstrongswan/plugins/unbound/unbound_resolver.h +++ b/src/libstrongswan/plugins/unbound/unbound_resolver.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_response.c b/src/libstrongswan/plugins/unbound/unbound_response.c index 950df344c..e0e65c015 100644 --- a/src/libstrongswan/plugins/unbound/unbound_response.c +++ b/src/libstrongswan/plugins/unbound/unbound_response.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_response.h b/src/libstrongswan/plugins/unbound/unbound_response.h index c82f39d45..da4ea4bcd 100644 --- a/src/libstrongswan/plugins/unbound/unbound_response.h +++ b/src/libstrongswan/plugins/unbound/unbound_response.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_rr.c b/src/libstrongswan/plugins/unbound/unbound_rr.c index 91b5cdb33..a149aa500 100644 --- a/src/libstrongswan/plugins/unbound/unbound_rr.c +++ b/src/libstrongswan/plugins/unbound/unbound_rr.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/unbound/unbound_rr.h b/src/libstrongswan/plugins/unbound/unbound_rr.h index d7c114f86..ec13b6ba5 100644 --- a/src/libstrongswan/plugins/unbound/unbound_rr.h +++ b/src/libstrongswan/plugins/unbound/unbound_rr.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_ac.h b/src/libstrongswan/plugins/x509/x509_ac.h index da0988c6e..5e74fb80c 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.h +++ b/src/libstrongswan/plugins/x509/x509_ac.h @@ -4,7 +4,7 @@ * Copyright (C) 2002-2008 Andreas Steffen * Copyright (C) 2009 Martin Willi * - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index d1f9d9aac..bc3a44346 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -704,6 +704,9 @@ static void parse_keyUsage(chunk_t blob, private_x509_cert_t *this) KU_DECIPHER_ONLY = 8, }; + /* to be compliant with RFC 4945 specific KUs have to be included */ + this->flags &= ~X509_IKE_COMPLIANT; + if (asn1_unwrap(&blob, &blob) == ASN1_BIT_STRING && blob.len) { int bit, byte, unused = blob.ptr[0]; @@ -724,10 +727,12 @@ static void parse_keyUsage(chunk_t blob, private_x509_cert_t *this) case KU_CRL_SIGN: this->flags |= X509_CRL_SIGN; break; - case KU_KEY_CERT_SIGN: - /* we use the caBasicConstraint, MUST be set */ case KU_DIGITAL_SIGNATURE: case KU_NON_REPUDIATION: + this->flags |= X509_IKE_COMPLIANT; + break; + case KU_KEY_CERT_SIGN: + /* we use the caBasicConstraint, MUST be set */ case KU_KEY_ENCIPHERMENT: case KU_DATA_ENCIPHERMENT: case KU_KEY_AGREEMENT: @@ -1381,6 +1386,9 @@ static bool parse_certificate(private_x509_cert_t *this) parser = asn1_parser_create(certObjects, this->encoding); + /* unless we see a keyUsage extension we are compliant with RFC 4945 */ + this->flags |= X509_IKE_COMPLIANT; + while (parser->iterate(parser, &objectID, &object)) { u_int level = parser->get_level(parser)+1; diff --git a/src/libstrongswan/plugins/x509/x509_cert.h b/src/libstrongswan/plugins/x509/x509_cert.h index 772117f1c..355b75fcf 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.h +++ b/src/libstrongswan/plugins/x509/x509_cert.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index 699ac5a39..95cb11cf4 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -302,6 +302,7 @@ static bool parse(private_x509_crl_t *this) } break; case OID_AUTHORITY_KEY_ID: + chunk_free(&this->authKeyIdentifier); this->authKeyIdentifier = x509_parse_authorityKeyIdentifier( object, level, &this->authKeySerialNumber); @@ -545,7 +546,7 @@ METHOD(certificate_t, get_validity, bool, { *not_after = this->nextUpdate; } - return (t <= this->nextUpdate); + return (t >= this->thisUpdate && t <= this->nextUpdate); } METHOD(certificate_t, get_encoding, bool, diff --git a/src/libstrongswan/plugins/x509/x509_crl.h b/src/libstrongswan/plugins/x509/x509_crl.h index e8fe74e81..301b1544b 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.h +++ b/src/libstrongswan/plugins/x509/x509_crl.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index de22ab6be..50e3c6160 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Martin Willi * Copyright (C) 2007-2014 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2003 Christoph Gysin, Simon Zwahlen * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.h b/src/libstrongswan/plugins/x509/x509_ocsp_request.h index 4c0e4b8f2..ca552b9ba 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.h +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.h b/src/libstrongswan/plugins/x509/x509_ocsp_response.h index 7a525626e..90efabe2b 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.h +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c index 54bef7357..1eb56cf00 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.c +++ b/src/libstrongswan/plugins/x509/x509_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008-2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/x509/x509_plugin.h b/src/libstrongswan/plugins/x509/x509_plugin.h index e3f959ffa..3857ee313 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.h +++ b/src/libstrongswan/plugins/x509/x509_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c index 820298e27..3dbcda75e 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.c +++ b/src/libstrongswan/plugins/xcbc/xcbc.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/xcbc/xcbc.h b/src/libstrongswan/plugins/xcbc/xcbc.h index a36069a17..1fb6cffa9 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.h +++ b/src/libstrongswan/plugins/xcbc/xcbc.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c index 4706a9574..659741c13 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.h b/src/libstrongswan/plugins/xcbc/xcbc_plugin.h index 9824088c6..bf34b05af 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.h +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/jobs/callback_job.c b/src/libstrongswan/processing/jobs/callback_job.c index 8258ccb33..99464586c 100644 --- a/src/libstrongswan/processing/jobs/callback_job.c +++ b/src/libstrongswan/processing/jobs/callback_job.c @@ -2,7 +2,7 @@ * Copyright (C) 2009-2012 Tobias Brunner * Copyright (C) 2007-2011 Martin Willi * Copyright (C) 2011 revosec AG - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/jobs/callback_job.h b/src/libstrongswan/processing/jobs/callback_job.h index 6f2e39eb8..e5cfdd405 100644 --- a/src/libstrongswan/processing/jobs/callback_job.h +++ b/src/libstrongswan/processing/jobs/callback_job.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2007-2011 Martin Willi * Copyright (C) 2011 revosec AG - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/jobs/job.h b/src/libstrongswan/processing/jobs/job.h index 5b3a8a30b..d5d180392 100644 --- a/src/libstrongswan/processing/jobs/job.h +++ b/src/libstrongswan/processing/jobs/job.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/processor.c b/src/libstrongswan/processing/processor.c index bd8d534a5..0634368da 100644 --- a/src/libstrongswan/processing/processor.c +++ b/src/libstrongswan/processing/processor.c @@ -3,7 +3,7 @@ * Copyright (C) 2011 revosec AG * Copyright (C) 2008-2013 Tobias Brunner * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/processor.h b/src/libstrongswan/processing/processor.h index ee08870fb..4d5aa9bc8 100644 --- a/src/libstrongswan/processing/processor.h +++ b/src/libstrongswan/processing/processor.h @@ -2,7 +2,7 @@ * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/scheduler.c b/src/libstrongswan/processing/scheduler.c index 374742939..92713fea8 100644 --- a/src/libstrongswan/processing/scheduler.c +++ b/src/libstrongswan/processing/scheduler.c @@ -2,7 +2,7 @@ * Copyright (C) 2008-2015 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/processing/scheduler.h b/src/libstrongswan/processing/scheduler.h index 239487dae..77dd0f354 100644 --- a/src/libstrongswan/processing/scheduler.h +++ b/src/libstrongswan/processing/scheduler.h @@ -2,7 +2,7 @@ * Copyright (C) 2009-2015 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/resolver.h b/src/libstrongswan/resolver/resolver.h index 5be52b8b1..a802226ba 100644 --- a/src/libstrongswan/resolver/resolver.h +++ b/src/libstrongswan/resolver/resolver.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/resolver_manager.c b/src/libstrongswan/resolver/resolver_manager.c index 55531e157..06d435d5b 100644 --- a/src/libstrongswan/resolver/resolver_manager.c +++ b/src/libstrongswan/resolver/resolver_manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/resolver_manager.h b/src/libstrongswan/resolver/resolver_manager.h index 6ea22aa24..5f6044f75 100644 --- a/src/libstrongswan/resolver/resolver_manager.h +++ b/src/libstrongswan/resolver/resolver_manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011-2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/resolver_response.h b/src/libstrongswan/resolver/resolver_response.h index e45fb6401..a30c06e91 100644 --- a/src/libstrongswan/resolver/resolver_response.h +++ b/src/libstrongswan/resolver/resolver_response.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/rr.h b/src/libstrongswan/resolver/rr.h index 109ec5135..73b760abf 100644 --- a/src/libstrongswan/resolver/rr.h +++ b/src/libstrongswan/resolver/rr.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/rr_set.c b/src/libstrongswan/resolver/rr_set.c index dea5c4086..f0a8ed85e 100644 --- a/src/libstrongswan/resolver/rr_set.c +++ b/src/libstrongswan/resolver/rr_set.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/resolver/rr_set.h b/src/libstrongswan/resolver/rr_set.h index 5a1737a05..bef363889 100644 --- a/src/libstrongswan/resolver/rr_set.h +++ b/src/libstrongswan/resolver/rr_set.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Reto Guadagnini - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c index 12f160224..cfd2b029d 100644 --- a/src/libstrongswan/selectors/traffic_selector.c +++ b/src/libstrongswan/selectors/traffic_selector.c @@ -2,7 +2,7 @@ * Copyright (C) 2007-2017 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -293,15 +293,16 @@ int traffic_selector_printf_hook(printf_hook_data_t *data, written += print_in_hook(data, "%d", this->protocol); } } - - if (has_proto && has_ports) + else { - written += print_in_hook(data, "/"); + written += print_in_hook(data, "0"); } /* build port string */ if (has_ports) { + written += print_in_hook(data, "/"); + if (this->from_port == this->to_port) { struct servent *serv; diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h index a9f78303c..dd9ad7e1b 100644 --- a/src/libstrongswan/selectors/traffic_selector.h +++ b/src/libstrongswan/selectors/traffic_selector.h @@ -2,7 +2,7 @@ * Copyright (C) 2007-2017 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/settings/settings.c b/src/libstrongswan/settings/settings.c index c618d8837..a4c5060fa 100644 --- a/src/libstrongswan/settings/settings.c +++ b/src/libstrongswan/settings/settings.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2010-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/settings/settings.h b/src/libstrongswan/settings/settings.h index 28cde4876..e25c9da38 100644 --- a/src/libstrongswan/settings/settings.h +++ b/src/libstrongswan/settings/settings.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2010 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/settings/settings_lexer.c b/src/libstrongswan/settings/settings_lexer.c index 2151e930b..b13ff8009 100644 --- a/src/libstrongswan/settings/settings_lexer.c +++ b/src/libstrongswan/settings/settings_lexer.c @@ -468,8 +468,8 @@ static void yy_fatal_error (yyconst char msg[] ,yyscan_t yyscanner ); yyg->yy_c_buf_p = yy_cp; /* %% [4.0] data tables for the DFA and the user's section 1 definitions go here */ -#define YY_NUM_RULES 23 -#define YY_END_OF_BUFFER 24 +#define YY_NUM_RULES 30 +#define YY_END_OF_BUFFER 31 /* This struct is not used in this scanner, but its presence is necessary. */ struct yy_trans_info @@ -477,13 +477,15 @@ struct yy_trans_info flex_int32_t yy_verify; flex_int32_t yy_nxt; }; -static yyconst flex_int16_t yy_accept[49] = +static yyconst flex_int16_t yy_accept[63] = { 0, - 0, 0, 0, 0, 0, 0, 24, 9, 2, 3, - 8, 1, 6, 9, 4, 5, 14, 10, 11, 12, - 22, 15, 16, 9, 2, 1, 1, 3, 9, 14, - 13, 22, 21, 20, 21, 17, 18, 19, 1, 9, - 9, 9, 9, 9, 0, 7, 7, 0 + 0, 0, 0, 0, 0, 0, 0, 0, 31, 9, + 2, 3, 2, 8, 1, 6, 9, 4, 5, 14, + 11, 12, 10, 13, 20, 16, 15, 17, 18, 29, + 21, 22, 23, 9, 2, 2, 1, 1, 3, 0, + 9, 14, 11, 20, 19, 29, 28, 27, 28, 24, + 25, 26, 1, 9, 9, 9, 9, 9, 0, 7, + 7, 0 } ; static yyconst YY_CHAR yy_ec[256] = @@ -520,89 +522,111 @@ static yyconst YY_CHAR yy_ec[256] = static yyconst YY_CHAR yy_meta[21] = { 0, - 1, 2, 3, 1, 4, 5, 4, 6, 7, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 8, 9 + 1, 2, 3, 4, 5, 6, 7, 8, 9, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 10, 7 } ; -static yyconst flex_uint16_t yy_base[60] = +static yyconst flex_uint16_t yy_base[77] = { 0, - 0, 0, 19, 38, 21, 23, 55, 0, 47, 161, - 161, 50, 161, 37, 161, 161, 0, 161, 161, 0, - 0, 161, 56, 0, 44, 0, 47, 161, 39, 0, - 161, 0, 161, 161, 45, 161, 161, 161, 0, 32, - 24, 26, 11, 29, 31, 161, 33, 161, 73, 82, - 91, 97, 101, 110, 115, 124, 133, 142, 151 + 0, 0, 19, 38, 57, 76, 23, 24, 70, 0, + 95, 244, 0, 244, 31, 244, 54, 244, 244, 0, + 44, 244, 244, 244, 0, 244, 244, 244, 0, 0, + 244, 244, 100, 0, 0, 0, 0, 33, 244, 65, + 57, 0, 45, 0, 244, 0, 244, 244, 62, 244, + 244, 244, 0, 43, 36, 27, 19, 46, 50, 244, + 51, 244, 117, 127, 137, 147, 155, 160, 170, 180, + 186, 193, 203, 213, 223, 233 } ; -static yyconst flex_int16_t yy_def[60] = +static yyconst flex_int16_t yy_def[77] = { 0, - 48, 1, 49, 49, 50, 50, 48, 51, 52, 48, - 48, 53, 48, 51, 48, 48, 54, 48, 48, 55, - 56, 48, 57, 51, 52, 58, 53, 48, 51, 54, - 48, 56, 48, 48, 48, 48, 48, 48, 58, 51, - 51, 51, 51, 51, 59, 48, 59, 0, 48, 48, - 48, 48, 48, 48, 48, 48, 48, 48, 48 + 62, 1, 63, 63, 64, 64, 65, 65, 62, 66, + 62, 62, 67, 62, 68, 62, 66, 62, 62, 69, + 62, 62, 62, 62, 70, 62, 62, 62, 71, 72, + 62, 62, 73, 66, 11, 67, 74, 68, 62, 75, + 66, 69, 62, 70, 62, 72, 62, 62, 62, 62, + 62, 62, 74, 66, 66, 66, 66, 66, 76, 62, + 76, 0, 62, 62, 62, 62, 62, 62, 62, 62, + 62, 62, 62, 62, 62, 62 } ; -static yyconst flex_uint16_t yy_nxt[182] = +static yyconst flex_uint16_t yy_nxt[265] = { 0, - 8, 9, 10, 8, 9, 11, 12, 13, 8, 8, - 8, 8, 14, 8, 8, 8, 8, 8, 15, 16, - 18, 18, 44, 18, 19, 18, 22, 20, 22, 23, - 45, 23, 47, 45, 47, 47, 43, 47, 18, 18, - 18, 42, 18, 19, 18, 41, 20, 34, 40, 28, - 26, 29, 28, 26, 48, 48, 48, 18, 34, 35, - 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, - 36, 37, 38, 17, 17, 17, 17, 17, 17, 17, - 17, 17, 21, 21, 21, 21, 21, 21, 21, 21, - 21, 24, 48, 48, 48, 48, 48, 24, 25, 48, - - 25, 27, 27, 27, 27, 27, 27, 27, 27, 27, - 30, 48, 48, 48, 48, 30, 48, 30, 31, 31, - 48, 48, 48, 31, 32, 32, 32, 32, 48, 32, - 48, 32, 32, 33, 33, 33, 33, 33, 33, 33, - 33, 33, 39, 39, 48, 39, 39, 39, 39, 39, - 39, 46, 46, 46, 46, 46, 48, 46, 46, 46, - 7, 48, 48, 48, 48, 48, 48, 48, 48, 48, - 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, - 48 + 10, 11, 12, 13, 11, 14, 15, 16, 10, 10, + 10, 10, 17, 10, 10, 10, 10, 10, 18, 19, + 21, 22, 23, 21, 24, 22, 31, 31, 32, 32, + 58, 33, 33, 39, 40, 39, 40, 57, 22, 21, + 22, 23, 21, 24, 22, 43, 43, 59, 43, 43, + 59, 61, 61, 56, 61, 61, 55, 22, 26, 26, + 27, 26, 28, 26, 48, 29, 54, 39, 41, 62, + 62, 62, 62, 62, 62, 62, 26, 26, 26, 27, + 26, 28, 26, 62, 29, 62, 62, 62, 62, 62, + 62, 62, 62, 62, 62, 26, 35, 62, 36, 35, + + 62, 37, 48, 49, 62, 62, 62, 62, 62, 62, + 62, 62, 62, 62, 50, 51, 52, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 25, 25, 25, + 25, 25, 25, 25, 25, 25, 25, 30, 30, 30, + 30, 30, 30, 30, 30, 30, 30, 34, 62, 62, + 62, 62, 62, 62, 62, 34, 36, 62, 36, 36, + 38, 38, 38, 38, 38, 38, 38, 38, 38, 38, + 42, 62, 62, 62, 62, 62, 62, 42, 42, 42, + 44, 62, 62, 62, 62, 62, 62, 44, 62, 44, + 45, 45, 45, 46, 46, 46, 62, 46, 62, 46, + + 46, 62, 46, 47, 47, 47, 47, 47, 47, 47, + 47, 47, 47, 53, 53, 62, 62, 53, 53, 53, + 53, 53, 53, 40, 40, 40, 40, 40, 40, 40, + 40, 40, 40, 60, 60, 60, 60, 60, 60, 60, + 62, 60, 60, 9, 62, 62, 62, 62, 62, 62, + 62, 62, 62, 62, 62, 62, 62, 62, 62, 62, + 62, 62, 62, 62 } ; -static yyconst flex_int16_t yy_chk[182] = +static yyconst flex_int16_t yy_chk[265] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 3, 3, 43, 3, 3, 3, 5, 3, 6, 5, - 44, 6, 45, 44, 47, 45, 42, 47, 3, 4, - 4, 41, 4, 4, 4, 40, 4, 35, 29, 27, - 25, 14, 12, 9, 7, 0, 0, 4, 23, 23, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 23, 23, 23, 49, 49, 49, 49, 49, 49, 49, - 49, 49, 50, 50, 50, 50, 50, 50, 50, 50, - 50, 51, 0, 0, 0, 0, 0, 51, 52, 0, - - 52, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 54, 0, 0, 0, 0, 54, 0, 54, 55, 55, - 0, 0, 0, 55, 56, 56, 56, 56, 0, 56, - 0, 56, 56, 57, 57, 57, 57, 57, 57, 57, - 57, 57, 58, 58, 0, 58, 58, 58, 58, 58, - 58, 59, 59, 59, 59, 59, 0, 59, 59, 59, - 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, - 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, - 48 + 3, 3, 3, 3, 3, 3, 7, 8, 7, 8, + 57, 7, 8, 15, 15, 38, 38, 56, 3, 4, + 4, 4, 4, 4, 4, 21, 43, 58, 21, 43, + 58, 59, 61, 55, 59, 61, 54, 4, 5, 5, + 5, 5, 5, 5, 49, 5, 41, 40, 17, 9, + 0, 0, 0, 0, 0, 0, 5, 6, 6, 6, + 6, 6, 6, 0, 6, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 6, 11, 0, 11, 11, + + 0, 11, 33, 33, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 33, 33, 33, 63, 63, 63, + 63, 63, 63, 63, 63, 63, 63, 64, 64, 64, + 64, 64, 64, 64, 64, 64, 64, 65, 65, 65, + 65, 65, 65, 65, 65, 65, 65, 66, 0, 0, + 0, 0, 0, 0, 0, 66, 67, 0, 67, 67, + 68, 68, 68, 68, 68, 68, 68, 68, 68, 68, + 69, 0, 0, 0, 0, 0, 0, 69, 69, 69, + 70, 0, 0, 0, 0, 0, 0, 70, 0, 70, + 71, 71, 71, 72, 72, 72, 0, 72, 0, 72, + + 72, 0, 72, 73, 73, 73, 73, 73, 73, 73, + 73, 73, 73, 74, 74, 0, 0, 74, 74, 74, + 74, 74, 74, 75, 75, 75, 75, 75, 75, 75, + 75, 75, 75, 76, 76, 76, 76, 76, 76, 76, + 0, 76, 76, 62, 62, 62, 62, 62, 62, 62, + 62, 62, 62, 62, 62, 62, 62, 62, 62, 62, + 62, 62, 62, 62 } ; /* Table of booleans, true if rule could match eol. */ -static yyconst flex_int32_t yy_rule_can_match_eol[24] = +static yyconst flex_int32_t yy_rule_can_match_eol[31] = { 0, -0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 1, 0, 1, 0, }; +0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, }; -static yyconst flex_int16_t yy_rule_linenum[23] = +static yyconst flex_int16_t yy_rule_linenum[30] = { 0, - 59, 60, 61, 63, 64, 65, 67, 72, 77, 85, - 105, 108, 111, 114, 120, 122, 141, 142, 143, 144, - 145, 146 + 61, 62, 63, 65, 66, 68, 73, 78, 83, 89, + 90, 92, 112, 118, 125, 128, 148, 151, 154, 157, + 163, 164, 166, 186, 187, 188, 189, 190, 191 } ; /* The intent behind this definition is that it'll catch @@ -616,7 +640,7 @@ static yyconst flex_int16_t yy_rule_linenum[23] = #line 2 "settings/settings_lexer.l" /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -646,15 +670,18 @@ static void include_files(parser_helper_t *ctx); /* prefix function/variable declarations */ /* don't change the name of the output file otherwise autotools has issues */ /* type of our extra data */ +/* state used to scan values */ + /* state used to scan include file patterns */ /* state used to scan quoted strings */ -#line 654 "settings/settings_lexer.c" +#line 680 "settings/settings_lexer.c" #define INITIAL 0 -#define inc 1 -#define str 2 +#define val 1 +#define inc 2 +#define str 3 #ifndef YY_NO_UNISTD_H /* Special case for "unistd.h", since it is non-ANSI. We include it way @@ -1003,10 +1030,10 @@ YY_DECL { /* %% [7.0] user's declarations go here */ -#line 57 "settings/settings_lexer.l" +#line 59 "settings/settings_lexer.l" -#line 1010 "settings/settings_lexer.c" +#line 1037 "settings/settings_lexer.c" while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */ { @@ -1035,13 +1062,13 @@ yy_match: while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 49 ) + if ( yy_current_state >= 63 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; ++yy_cp; } - while ( yy_base[yy_current_state] != 161 ); + while ( yy_base[yy_current_state] != 244 ); yy_find_action: /* %% [10.0] code to find the action number goes here */ @@ -1076,13 +1103,13 @@ do_action: /* This label is used only to access EOF actions. */ { if ( yy_act == 0 ) fprintf( stderr, "--scanner backing up\n" ); - else if ( yy_act < 23 ) + else if ( yy_act < 30 ) fprintf( stderr, "--accepting rule at line %ld (\"%s\")\n", (long)yy_rule_linenum[yy_act], yytext ); - else if ( yy_act == 23 ) + else if ( yy_act == 30 ) fprintf( stderr, "--accepting default rule (\"%s\")\n", yytext ); - else if ( yy_act == 24 ) + else if ( yy_act == 31 ) fprintf( stderr, "--(end of buffer or a NUL)\n" ); else fprintf( stderr, "--EOF (start condition %d)\n", YY_START ); @@ -1100,29 +1127,35 @@ do_action: /* This label is used only to access EOF actions. */ case 1: YY_RULE_SETUP -#line 59 "settings/settings_lexer.l" +#line 61 "settings/settings_lexer.l" /* eat comments */ YY_BREAK case 2: YY_RULE_SETUP -#line 60 "settings/settings_lexer.l" +#line 62 "settings/settings_lexer.l" /* eat whitespace */ YY_BREAK case 3: /* rule 3 can match eol */ YY_RULE_SETUP -#line 61 "settings/settings_lexer.l" +#line 63 "settings/settings_lexer.l" return NEWLINE; /* also eats comments at the end of a line */ YY_BREAK case 4: -#line 64 "settings/settings_lexer.l" +#line 66 "settings/settings_lexer.l" case 5: -#line 65 "settings/settings_lexer.l" -case 6: YY_RULE_SETUP -#line 65 "settings/settings_lexer.l" +#line 66 "settings/settings_lexer.l" return yytext[0]; YY_BREAK +case 6: +YY_RULE_SETUP +#line 68 "settings/settings_lexer.l" +{ + yy_push_state(val, yyscanner); + return yytext[0]; +} + YY_BREAK case 7: /* rule 7 can match eol */ *yy_cp = yyg->yy_hold_char; /* undo effects of setting up yytext */ @@ -1130,7 +1163,7 @@ YY_LINENO_REWIND_TO(yy_cp - 1); yyg->yy_c_buf_p = yy_cp -= 1; YY_DO_BEFORE_ACTION; /* set up yytext again */ YY_RULE_SETUP -#line 67 "settings/settings_lexer.l" +#line 73 "settings/settings_lexer.l" { yyextra->string_init(yyextra); yy_push_state(inc, yyscanner); @@ -1138,28 +1171,88 @@ YY_RULE_SETUP YY_BREAK case 8: YY_RULE_SETUP -#line 72 "settings/settings_lexer.l" +#line 78 "settings/settings_lexer.l" { - yyextra->string_init(yyextra); - yy_push_state(str, yyscanner); + PARSER_DBG1(yyextra, "unexpected string detected"); + return STRING_ERROR; } YY_BREAK case 9: YY_RULE_SETUP -#line 77 "settings/settings_lexer.l" +#line 83 "settings/settings_lexer.l" { yylval->s = strdup(yytext); return NAME; } YY_BREAK +case 10: +YY_RULE_SETUP +#line 89 "settings/settings_lexer.l" +/* just ignore these */ + YY_BREAK +case 11: +YY_RULE_SETUP +#line 90 "settings/settings_lexer.l" + + YY_BREAK +case YY_STATE_EOF(val): +#line 91 "settings/settings_lexer.l" +case 12: +/* rule 12 can match eol */ +YY_RULE_SETUP +#line 92 "settings/settings_lexer.l" +{ + if (*yytext) + { + switch (yytext[0]) + { + case '\n': + /* put the newline back to fix the line numbers */ + unput('\n'); + yy_set_bol(0); + break; + case '#': + case '}': + /* these are parsed outside of this start condition */ + unput(yytext[0]); + break; + } + } + yy_pop_state(yyscanner); + } + YY_BREAK +case 13: +YY_RULE_SETUP +#line 112 "settings/settings_lexer.l" +{ + yyextra->string_init(yyextra); + yy_push_state(str, yyscanner); + } + YY_BREAK +/* same as above, but allow more characters */ +case 14: +YY_RULE_SETUP +#line 118 "settings/settings_lexer.l" +{ + yylval->s = strdup(yytext); + return NAME; + } + YY_BREAK + + +case 15: +YY_RULE_SETUP +#line 125 "settings/settings_lexer.l" +/* just ignore these */ + YY_BREAK /* we allow all characters except #, } and spaces, they can be escaped */ case YY_STATE_EOF(inc): -#line 84 "settings/settings_lexer.l" -case 10: -/* rule 10 can match eol */ +#line 127 "settings/settings_lexer.l" +case 16: +/* rule 16 can match eol */ YY_RULE_SETUP -#line 85 "settings/settings_lexer.l" +#line 128 "settings/settings_lexer.l" { if (*yytext) { @@ -1181,44 +1274,49 @@ YY_RULE_SETUP yy_pop_state(yyscanner); } YY_BREAK -case 11: +case 17: YY_RULE_SETUP -#line 105 "settings/settings_lexer.l" +#line 148 "settings/settings_lexer.l" { /* string include */ yy_push_state(str, yyscanner); } YY_BREAK -case 12: +case 18: YY_RULE_SETUP -#line 108 "settings/settings_lexer.l" +#line 151 "settings/settings_lexer.l" { yyextra->string_add(yyextra, yytext); } YY_BREAK -case 13: +case 19: YY_RULE_SETUP -#line 111 "settings/settings_lexer.l" +#line 154 "settings/settings_lexer.l" { yyextra->string_add(yyextra, yytext+1); } YY_BREAK -case 14: +case 20: YY_RULE_SETUP -#line 114 "settings/settings_lexer.l" +#line 157 "settings/settings_lexer.l" { yyextra->string_add(yyextra, yytext); } YY_BREAK -case 15: -#line 121 "settings/settings_lexer.l" +case 21: +YY_RULE_SETUP +#line 163 "settings/settings_lexer.l" +/* just ignore these */ + YY_BREAK +case 22: +#line 165 "settings/settings_lexer.l" YY_RULE_SETUP case YY_STATE_EOF(str): -#line 121 "settings/settings_lexer.l" -case 16: +#line 165 "settings/settings_lexer.l" +case 23: YY_RULE_SETUP -#line 122 "settings/settings_lexer.l" +#line 166 "settings/settings_lexer.l" { if (!streq(yytext, "\"")) { @@ -1239,43 +1337,43 @@ YY_RULE_SETUP } } YY_BREAK -case 17: +case 24: YY_RULE_SETUP -#line 141 "settings/settings_lexer.l" +#line 186 "settings/settings_lexer.l" yyextra->string_add(yyextra, "\n"); YY_BREAK -case 18: +case 25: YY_RULE_SETUP -#line 142 "settings/settings_lexer.l" +#line 187 "settings/settings_lexer.l" yyextra->string_add(yyextra, "\r"); YY_BREAK -case 19: +case 26: YY_RULE_SETUP -#line 143 "settings/settings_lexer.l" +#line 188 "settings/settings_lexer.l" yyextra->string_add(yyextra, "\t"); YY_BREAK -case 20: -/* rule 20 can match eol */ +case 27: +/* rule 27 can match eol */ YY_RULE_SETUP -#line 144 "settings/settings_lexer.l" -/* merge lines that end with EOL characters */ +#line 189 "settings/settings_lexer.l" +/* merge lines that end with escaped EOL characters */ YY_BREAK -case 21: +case 28: YY_RULE_SETUP -#line 145 "settings/settings_lexer.l" +#line 190 "settings/settings_lexer.l" yyextra->string_add(yyextra, yytext+1); YY_BREAK -case 22: -/* rule 22 can match eol */ +case 29: +/* rule 29 can match eol */ YY_RULE_SETUP -#line 146 "settings/settings_lexer.l" +#line 191 "settings/settings_lexer.l" { yyextra->string_add(yyextra, yytext); } YY_BREAK case YY_STATE_EOF(INITIAL): -#line 151 "settings/settings_lexer.l" +#line 196 "settings/settings_lexer.l" { settings_parser_pop_buffer_state(yyscanner); if (!settings_parser_open_next_file(yyextra) && !YY_CURRENT_BUFFER) @@ -1284,12 +1382,12 @@ case YY_STATE_EOF(INITIAL): } } YY_BREAK -case 23: +case 30: YY_RULE_SETUP -#line 159 "settings/settings_lexer.l" +#line 204 "settings/settings_lexer.l" YY_FATAL_ERROR( "flex scanner jammed" ); YY_BREAK -#line 1293 "settings/settings_lexer.c" +#line 1391 "settings/settings_lexer.c" case YY_END_OF_BUFFER: { @@ -1607,7 +1705,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 49 ) + if ( yy_current_state >= 63 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; @@ -1641,11 +1739,11 @@ static int yy_get_next_buffer (yyscan_t yyscanner) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 49 ) + if ( yy_current_state >= 63 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 48); + yy_is_jam = (yy_current_state == 62); (void)yyg; return yy_is_jam ? 0 : yy_current_state; @@ -2680,7 +2778,7 @@ void settings_parser_free (void * ptr , yyscan_t yyscanner) /* %ok-for-header */ -#line 159 "settings/settings_lexer.l" +#line 204 "settings/settings_lexer.l" diff --git a/src/libstrongswan/settings/settings_lexer.l b/src/libstrongswan/settings/settings_lexer.l index ce9d4eedc..fa1ecac10 100644 --- a/src/libstrongswan/settings/settings_lexer.l +++ b/src/libstrongswan/settings/settings_lexer.l @@ -1,7 +1,7 @@ %{ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -49,6 +49,8 @@ static void include_files(parser_helper_t *ctx); /* type of our extra data */ %option extra-type="parser_helper_t*" +/* state used to scan values */ +%x val /* state used to scan include file patterns */ %x inc /* state used to scan quoted strings */ @@ -56,13 +58,17 @@ static void include_files(parser_helper_t *ctx); %% -[\t ]*#[^\n]* /* eat comments */ -[\t ]+ /* eat whitespace */ +[\t ]*#[^\r\n]* /* eat comments */ +[\t\r ]+ /* eat whitespace */ \n|#.*\n return NEWLINE; /* also eats comments at the end of a line */ "{" | -"}" | -"=" return yytext[0]; +"}" return yytext[0]; + +"=" { + yy_push_state(val, yyscanner); + return yytext[0]; +} "include"[\t ]+/[^=] { yyextra->string_init(yyextra); @@ -70,16 +76,53 @@ static void include_files(parser_helper_t *ctx); } "\"" { - yyextra->string_init(yyextra); - yy_push_state(str, yyscanner); + PARSER_DBG1(yyextra, "unexpected string detected"); + return STRING_ERROR; } -[^#{}="\n\t ]+ { +[^#{}="\r\n\t ]+ { yylval->s = strdup(yytext); return NAME; } +{ + \r /* just ignore these */ + [\t ]+ + <> | + [#}\n] { + if (*yytext) + { + switch (yytext[0]) + { + case '\n': + /* put the newline back to fix the line numbers */ + unput('\n'); + yy_set_bol(0); + break; + case '#': + case '}': + /* these are parsed outside of this start condition */ + unput(yytext[0]); + break; + } + } + yy_pop_state(yyscanner); + } + + "\"" { + yyextra->string_init(yyextra); + yy_push_state(str, yyscanner); + } + + /* same as above, but allow more characters */ + [^#}"\r\n\t ]+ { + yylval->s = strdup(yytext); + return NAME; + } +} + { + \r /* just ignore these */ /* we allow all characters except #, } and spaces, they can be escaped */ <> | [#}\n\t ] { @@ -111,12 +154,13 @@ static void include_files(parser_helper_t *ctx); \\["#} ] { yyextra->string_add(yyextra, yytext+1); } - [^"\\#}\n\t ]+ { + [^"\\#}\r\n\t ]+ { yyextra->string_add(yyextra, yytext); } } { + \r /* just ignore these */ "\"" | <> | \\ { @@ -138,12 +182,13 @@ static void include_files(parser_helper_t *ctx); return STRING; } } + \\n yyextra->string_add(yyextra, "\n"); \\r yyextra->string_add(yyextra, "\r"); \\t yyextra->string_add(yyextra, "\t"); - \\\r?\n /* merge lines that end with EOL characters */ + \\\r?\n /* merge lines that end with escaped EOL characters */ \\. yyextra->string_add(yyextra, yytext+1); - [^\\"]+ { + [^\\\r"]+ { yyextra->string_add(yyextra, yytext); } } diff --git a/src/libstrongswan/settings/settings_parser.c b/src/libstrongswan/settings/settings_parser.c index 47cf8ebd4..3d1a2ba27 100644 --- a/src/libstrongswan/settings/settings_parser.c +++ b/src/libstrongswan/settings/settings_parser.c @@ -72,7 +72,7 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/settings/settings_parser.y b/src/libstrongswan/settings/settings_parser.y index 96ab36faf..2ab9ea723 100644 --- a/src/libstrongswan/settings/settings_parser.y +++ b/src/libstrongswan/settings/settings_parser.y @@ -1,7 +1,7 @@ %{ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/settings/settings_types.c b/src/libstrongswan/settings/settings_types.c index d753720f5..1c2d61de7 100644 --- a/src/libstrongswan/settings/settings_types.c +++ b/src/libstrongswan/settings/settings_types.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/settings/settings_types.h b/src/libstrongswan/settings/settings_types.h index 67299d8e7..82bcb230a 100644 --- a/src/libstrongswan/settings/settings_types.h +++ b/src/libstrongswan/settings/settings_types.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_array.c b/src/libstrongswan/tests/suites/test_array.c index eed8fba56..da2bfbb76 100644 --- a/src/libstrongswan/tests/suites/test_array.c +++ b/src/libstrongswan/tests/suites/test_array.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/libstrongswan/tests/suites/test_auth_cfg.c b/src/libstrongswan/tests/suites/test_auth_cfg.c index d0fa8a045..9fc2bbd90 100644 --- a/src/libstrongswan/tests/suites/test_auth_cfg.c +++ b/src/libstrongswan/tests/suites/test_auth_cfg.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2016 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_bio_reader.c b/src/libstrongswan/tests/suites/test_bio_reader.c index d3b4b4358..f5387301e 100644 --- a/src/libstrongswan/tests/suites/test_bio_reader.c +++ b/src/libstrongswan/tests/suites/test_bio_reader.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_bio_writer.c b/src/libstrongswan/tests/suites/test_bio_writer.c index e74288eb7..97ebe7e05 100644 --- a/src/libstrongswan/tests/suites/test_bio_writer.c +++ b/src/libstrongswan/tests/suites/test_bio_writer.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_chunk.c b/src/libstrongswan/tests/suites/test_chunk.c index 9b2e48b0e..fbfb3ff9f 100644 --- a/src/libstrongswan/tests/suites/test_chunk.c +++ b/src/libstrongswan/tests/suites/test_chunk.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_crypto_factory.c b/src/libstrongswan/tests/suites/test_crypto_factory.c index 94f45dada..f0c851f57 100644 --- a/src/libstrongswan/tests/suites/test_crypto_factory.c +++ b/src/libstrongswan/tests/suites/test_crypto_factory.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_enum.c b/src/libstrongswan/tests/suites/test_enum.c index 70bfdb2aa..dd6b86f8e 100644 --- a/src/libstrongswan/tests/suites/test_enum.c +++ b/src/libstrongswan/tests/suites/test_enum.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_enumerator.c b/src/libstrongswan/tests/suites/test_enumerator.c index b781ae9fd..924b34786 100644 --- a/src/libstrongswan/tests/suites/test_enumerator.c +++ b/src/libstrongswan/tests/suites/test_enumerator.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_hashtable.c b/src/libstrongswan/tests/suites/test_hashtable.c index 8cc7bfe42..de5c3f22e 100644 --- a/src/libstrongswan/tests/suites/test_hashtable.c +++ b/src/libstrongswan/tests/suites/test_hashtable.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_host.c b/src/libstrongswan/tests/suites/test_host.c index 63f0eb20a..2a06dc61c 100644 --- a/src/libstrongswan/tests/suites/test_host.c +++ b/src/libstrongswan/tests/suites/test_host.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_iv_gen.c b/src/libstrongswan/tests/suites/test_iv_gen.c index 8b0a14b79..fa1c70940 100644 --- a/src/libstrongswan/tests/suites/test_iv_gen.c +++ b/src/libstrongswan/tests/suites/test_iv_gen.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_linked_list.c b/src/libstrongswan/tests/suites/test_linked_list.c index aa1e0429f..93e11c42e 100644 --- a/src/libstrongswan/tests/suites/test_linked_list.c +++ b/src/libstrongswan/tests/suites/test_linked_list.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_linked_list_enumerator.c b/src/libstrongswan/tests/suites/test_linked_list_enumerator.c index 48d6f40e6..19f381ef3 100644 --- a/src/libstrongswan/tests/suites/test_linked_list_enumerator.c +++ b/src/libstrongswan/tests/suites/test_linked_list_enumerator.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_proposal.c b/src/libstrongswan/tests/suites/test_proposal.c index 1a2f97d5f..938fa38aa 100644 --- a/src/libstrongswan/tests/suites/test_proposal.c +++ b/src/libstrongswan/tests/suites/test_proposal.c @@ -29,6 +29,8 @@ static struct { { PROTO_IKE, "aes128", NULL }, { PROTO_IKE, "aes128-sha256", NULL }, { PROTO_IKE, "aes128-sha256-modpnone", NULL }, + { PROTO_IKE, "aes128-prfsha256", NULL }, + { PROTO_IKE, "aes128-prfsha256-modp2048", NULL }, { PROTO_IKE, "aes128-sha256-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" }, { PROTO_IKE, "aes128-sha256-prfsha384-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/MODP_3072" }, { PROTO_IKE, "aes128gcm16-modp3072", NULL }, @@ -194,6 +196,106 @@ START_TEST(test_promote_dh_group_not_contained) } END_TEST +START_TEST(test_unknown_transform_types_print) +{ + proposal_t *proposal; + + proposal = proposal_create(PROTO_IKE, 0); + proposal->add_algorithm(proposal, 242, 42, 128); + assert_proposal_eq(proposal, "IKE:UNKNOWN_242_42_128"); + proposal->destroy(proposal); + + proposal = proposal_create_from_string(PROTO_IKE, + "aes128-sha256-ecp256"); + proposal->add_algorithm(proposal, 242, 42, 128); + proposal->add_algorithm(proposal, 243, 1, 0); + assert_proposal_eq(proposal, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/UNKNOWN_242_42_128/UNKNOWN_243_1"); + proposal->destroy(proposal); +} +END_TEST + +START_TEST(test_unknown_transform_types_equals) +{ + proposal_t *self, *other; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 0); + ck_assert(!self->equals(self, other)); + ck_assert(!other->equals(other, self)); + self->add_algorithm(self, 242, 42, 0); + ck_assert(self->equals(self, other)); + ck_assert(other->equals(other, self)); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_unknown_transform_types_select_fail) +{ + proposal_t *self, *other, *selected; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 0); + + selected = self->select(self, other, TRUE, FALSE); + ck_assert(!selected); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_unknown_transform_types_select_fail_subtype) +{ + proposal_t *self, *other, *selected; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + self->add_algorithm(self, 242, 8, 0); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 0); + + selected = self->select(self, other, TRUE, FALSE); + ck_assert(!selected); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_unknown_transform_types_select_success) +{ + proposal_t *self, *other, *selected; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + self->add_algorithm(self, 242, 42, 128); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 128); + other->add_algorithm(other, 242, 1, 0); + + selected = self->select(self, other, TRUE, FALSE); + ck_assert(selected); + assert_proposal_eq(selected, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/UNKNOWN_242_42_128"); + selected->destroy(selected); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_chacha20_poly1305_key_length) +{ + proposal_t *proposal; + uint16_t alg, ks; + + proposal = proposal_create_from_string(PROTO_IKE, "chacha20poly1305-prfsha256-ecp256"); + proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &ks); + ck_assert_int_eq(alg, ENCR_CHACHA20_POLY1305); + ck_assert_int_eq(ks, 0); + assert_proposal_eq(proposal, "IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/ECP_256"); + proposal->destroy(proposal); +} +END_TEST + + Suite *proposal_suite_create() { Suite *s; @@ -216,5 +318,17 @@ Suite *proposal_suite_create() tcase_add_test(tc, test_promote_dh_group_not_contained); suite_add_tcase(s, tc); + tc = tcase_create("unknown transform types"); + tcase_add_test(tc, test_unknown_transform_types_print); + tcase_add_test(tc, test_unknown_transform_types_equals); + tcase_add_test(tc, test_unknown_transform_types_select_fail); + tcase_add_test(tc, test_unknown_transform_types_select_fail_subtype); + tcase_add_test(tc, test_unknown_transform_types_select_success); + suite_add_tcase(s, tc); + + tc = tcase_create("chacha20/poly1305"); + tcase_add_test(tc, test_chacha20_poly1305_key_length); + suite_add_tcase(s, tc); + return s; } diff --git a/src/libstrongswan/tests/suites/test_settings.c b/src/libstrongswan/tests/suites/test_settings.c index 9d0a6dea1..0759f7013 100644 --- a/src/libstrongswan/tests/suites/test_settings.c +++ b/src/libstrongswan/tests/suites/test_settings.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -1109,6 +1109,12 @@ START_TEST(test_valid) "}\n"); ck_assert(chunk_write(contents, path, 0022, TRUE)); ck_assert(settings->load_files(settings, path, FALSE)); + + contents = chunk_from_str( + "equals = a setting with = and { character"); + ck_assert(chunk_write(contents, path, 0022, TRUE)); + ck_assert(settings->load_files(settings, path, FALSE)); + verify_string("a setting with = and { character", "equals"); } END_TEST @@ -1148,12 +1154,110 @@ START_TEST(test_invalid) ck_assert(!settings->load_files(settings, path, FALSE)); contents = chunk_from_str( - "only = a single setting = per line"); + "\"unexpected\" = string"); ck_assert(chunk_write(contents, path, 0022, TRUE)); ck_assert(!settings->load_files(settings, path, FALSE)); } END_TEST +START_SETUP(setup_crlf_config) +{ + chunk_t inc1 = chunk_from_str( + "main {\r\n" + " key1 = n1\r\n" + " key2 = n2\n" + " key3 = val3\n" + " none = \n" + " sub1 {\n" + " key3 = value\n" + " }\n" + " sub2 {\n" + " sub3 = val3\n" + " }\n" + " include " include2 "\n" + "}"); + chunk_t inc2 = chunk_from_str( + "key2 = v2\n" + "sub1 {\n" + " key = val\n" + "}"); + ck_assert(chunk_write(inc1, include1, 0022, TRUE)); + ck_assert(chunk_write(inc2, include2, 0022, TRUE)); +} +END_SETUP + +START_TEST(test_crlf) +{ + chunk_t contents = chunk_from_str( + "main {\r\n" + " key1 = val1\r\n" + " none =\r\n" + " sub1 {\r\n" + " key2 = v2\r\n" + " # key2 = v3\r\n" + " sub1 {\r\n" + " key = val\r\n" + " }\r\n" + " }\r\n" + "}"); + + create_settings(contents); + + verify_string("val1", "main.key1"); + verify_string("v2", "main.sub1.key2"); + verify_string("val", "main.sub1.sub1.key"); + verify_null("main.none"); +} +END_TEST + +START_TEST(test_crlf_string) +{ + chunk_t contents = chunk_from_str( + "main {\r\n" + " key1 = \"new\r\nline\"\r\n" + " key2 = \"joi\\\r\nned\"\r\n" + " none =\r\n" + " sub1 {\r\n" + " key2 = v2\r\n" + " sub1 {\r\n" + " key = val\r\n" + " }\r\n" + " }\r\n" + "}"); + + create_settings(contents); + + verify_string("new\nline", "main.key1"); + verify_string("joined", "main.key2"); + verify_string("v2", "main.sub1.key2"); + verify_string("val", "main.sub1.sub1.key"); + verify_null("main.none"); +} +END_TEST + +START_TEST(test_crlf_include) +{ + chunk_t contents = chunk_from_str( + "main {\r\n" + " key1 = val1\r\n" + " none =\r\n" + " sub1 {\r\n" + " key2 = v2\r\n" + " sub1 {\r\n" + " key = val\r\n" + " }\r\n" + " }\r\n" + "}"); + + create_settings(contents); + + verify_string("val1", "main.key1"); + verify_string("v2", "main.sub1.key2"); + verify_string("val", "main.sub1.sub1.key"); + verify_null("main.none"); +} +END_TEST + Suite *settings_suite_create() { Suite *s; @@ -1241,5 +1345,12 @@ Suite *settings_suite_create() tcase_add_test(tc, test_invalid); suite_add_tcase(s, tc); + tc = tcase_create("crlf"); + tcase_add_checked_fixture(tc, setup_crlf_config, teardown_include_config); + tcase_add_test(tc, test_crlf); + tcase_add_test(tc, test_crlf_string); + tcase_add_test(tc, test_crlf_include); + suite_add_tcase(s, tc); + return s; } diff --git a/src/libstrongswan/tests/suites/test_threading.c b/src/libstrongswan/tests/suites/test_threading.c index 9a9fdd8e9..26e60db0d 100644 --- a/src/libstrongswan/tests/suites/test_threading.c +++ b/src/libstrongswan/tests/suites/test_threading.c @@ -1,7 +1,7 @@ /* - * Copyright (C) 2013 Tobias Brunner + * Copyright (C) 2013-2018 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -27,6 +27,36 @@ #include #include +#ifdef WIN32 +/* when running on AppVeyor the wait functions seem to frequently trigger a bit + * early, allow this if the difference is within 5ms. */ +static inline void time_is_at_least(timeval_t *expected, timeval_t *actual) +{ + if (!timercmp(actual, expected, >)) + { + timeval_t diff; + + timersub(expected, actual, &diff); + if (!diff.tv_sec && diff.tv_usec <= 5000) + { + warn("allow timer event %dus too early on Windows (expected: %u.%u, " + "actual: %u.%u)", diff.tv_usec, expected->tv_sec, + expected->tv_usec, actual->tv_sec, actual->tv_usec); + return; + } + fail("expected: %u.%u, actual: %u.%u", expected->tv_sec, + expected->tv_usec, actual->tv_sec, actual->tv_usec); + } +} +#else /* WIN32 */ +static inline void time_is_at_least(timeval_t *expected, timeval_t *actual) +{ + ck_assert_msg(timercmp(actual, expected, >), "expected: %u.%u, actual: " + "%u.%u", expected->tv_sec, expected->tv_usec, actual->tv_sec, + actual->tv_usec); +} +#endif /* WIN32 */ + /******************************************************************************* * recursive mutex test */ @@ -380,8 +410,7 @@ START_TEST(test_condvar_timed) time_monotonic(&end); mutex->unlock(mutex); timersub(&end, &start, &end); - ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u", - end.tv_sec, end.tv_usec, diff.tv_sec, diff.tv_usec); + time_is_at_least(&diff, &end); thread = thread_create(condvar_run, NULL); @@ -419,8 +448,7 @@ START_TEST(test_condvar_timed_abs) } time_monotonic(&end); mutex->unlock(mutex); - ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u", - end.tv_sec, end.tv_usec, abso.tv_sec, abso.tv_usec); + time_is_at_least(&diff, &end); thread = thread_create(condvar_run, NULL); @@ -704,8 +732,7 @@ START_TEST(test_rwlock_condvar_timed) rwlock->unlock(rwlock); time_monotonic(&end); timersub(&end, &start, &end); - ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u", - end.tv_sec, end.tv_usec, diff.tv_sec, diff.tv_usec); + time_is_at_least(&diff, &end); thread = thread_create(rwlock_condvar_run, NULL); @@ -743,8 +770,7 @@ START_TEST(test_rwlock_condvar_timed_abs) } rwlock->unlock(rwlock); time_monotonic(&end); - ck_assert_msg(timercmp(&end, &abso, >), "end: %u.%u, abso: %u.%u", - end.tv_sec, end.tv_usec, abso.tv_sec, abso.tv_usec); + time_is_at_least(&abso, &end); thread = thread_create(rwlock_condvar_run, NULL); @@ -866,8 +892,7 @@ START_TEST(test_semaphore_timed) ck_assert(semaphore->timed_wait(semaphore, diff.tv_usec / 1000)); time_monotonic(&end); timersub(&end, &start, &end); - ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u", - end.tv_sec, end.tv_usec, diff.tv_sec, diff.tv_usec); + time_is_at_least(&diff, &end); thread = thread_create(semaphore_run, NULL); @@ -889,8 +914,7 @@ START_TEST(test_semaphore_timed_abs) timeradd(&start, &diff, &abso); ck_assert(semaphore->timed_wait_abs(semaphore, abso)); time_monotonic(&end); - ck_assert_msg(timercmp(&end, &abso, >), "end: %u.%u, abso: %u.%u", - end.tv_sec, end.tv_usec, abso.tv_sec, abso.tv_usec); + time_is_at_least(&abso, &end); thread = thread_create(semaphore_run, NULL); diff --git a/src/libstrongswan/tests/suites/test_traffic_selector.c b/src/libstrongswan/tests/suites/test_traffic_selector.c index 93361f9bf..137c337dc 100644 --- a/src/libstrongswan/tests/suites/test_traffic_selector.c +++ b/src/libstrongswan/tests/suites/test_traffic_selector.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2015 Martin Willi * Copyright (C) 2015 revosec AG @@ -72,10 +72,13 @@ START_TEST(test_create_from_cidr) verify("10.1.0.1/32[udp]", "10.1.0.1/32[17]", traffic_selector_create_from_cidr("10.1.0.1/32", IPPROTO_UDP, 0, 65535)); + verify("10.1.0.1/32[0/domain]", "10.1.0.1/32[0/53]", + traffic_selector_create_from_cidr("10.1.0.1/32", 0, + 53, 53)); verify("10.1.0.1/32[udp/1234-1235]", "10.1.0.1/32[17/1234-1235]", traffic_selector_create_from_cidr("10.1.0.1/32", IPPROTO_UDP, 1234, 1235)); - verify("10.1.0.0/16[OPAQUE]", NULL, + verify("10.1.0.0/16[0/OPAQUE]", NULL, traffic_selector_create_from_cidr("10.1.0.0/16", 0, 65535, 0)); verify(NULL, NULL, diff --git a/src/libstrongswan/tests/suites/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c index b423d7d2d..00f000a6a 100644 --- a/src/libstrongswan/tests/suites/test_utils.c +++ b/src/libstrongswan/tests/suites/test_utils.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/tests/suites/test_vectors.c b/src/libstrongswan/tests/suites/test_vectors.c index a35342837..971b331b2 100644 --- a/src/libstrongswan/tests/suites/test_vectors.c +++ b/src/libstrongswan/tests/suites/test_vectors.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG diff --git a/src/libstrongswan/tests/test_runner.c b/src/libstrongswan/tests/test_runner.c index b9a0fe6d6..c6dd97716 100644 --- a/src/libstrongswan/tests/test_runner.c +++ b/src/libstrongswan/tests/test_runner.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG * diff --git a/src/libstrongswan/tests/test_suite.h b/src/libstrongswan/tests/test_suite.h index 9b9fcad85..3bc3b38ca 100644 --- a/src/libstrongswan/tests/test_suite.h +++ b/src/libstrongswan/tests/test_suite.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG * diff --git a/src/libstrongswan/tests/tests.h b/src/libstrongswan/tests/tests.h index 5fab227f2..9fc38d480 100644 --- a/src/libstrongswan/tests/tests.h +++ b/src/libstrongswan/tests/tests.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/condvar.h b/src/libstrongswan/threading/condvar.h index 48c949c7c..37b493b55 100644 --- a/src/libstrongswan/threading/condvar.h +++ b/src/libstrongswan/threading/condvar.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/lock_profiler.h b/src/libstrongswan/threading/lock_profiler.h index 1ae496455..a3c4241f7 100644 --- a/src/libstrongswan/threading/lock_profiler.h +++ b/src/libstrongswan/threading/lock_profiler.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/mutex.c b/src/libstrongswan/threading/mutex.c index 10cf04542..19cc11d15 100644 --- a/src/libstrongswan/threading/mutex.c +++ b/src/libstrongswan/threading/mutex.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/mutex.h b/src/libstrongswan/threading/mutex.h index ac36b6a25..147a3cde7 100644 --- a/src/libstrongswan/threading/mutex.h +++ b/src/libstrongswan/threading/mutex.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/rwlock.c b/src/libstrongswan/threading/rwlock.c index d7374cddf..bd57b65f0 100644 --- a/src/libstrongswan/threading/rwlock.c +++ b/src/libstrongswan/threading/rwlock.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2012 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/rwlock.h b/src/libstrongswan/threading/rwlock.h index a86a241c5..9fac91a82 100644 --- a/src/libstrongswan/threading/rwlock.h +++ b/src/libstrongswan/threading/rwlock.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2009 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/rwlock_condvar.h b/src/libstrongswan/threading/rwlock_condvar.h index 2b40c3fc6..d21e73d03 100644 --- a/src/libstrongswan/threading/rwlock_condvar.h +++ b/src/libstrongswan/threading/rwlock_condvar.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/semaphore.c b/src/libstrongswan/threading/semaphore.c index d90588b50..4147d7b93 100644 --- a/src/libstrongswan/threading/semaphore.c +++ b/src/libstrongswan/threading/semaphore.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/semaphore.h b/src/libstrongswan/threading/semaphore.h index bb384e669..034c92b60 100644 --- a/src/libstrongswan/threading/semaphore.h +++ b/src/libstrongswan/threading/semaphore.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2011 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/spinlock.c b/src/libstrongswan/threading/spinlock.c index a0de02ce5..901155089 100644 --- a/src/libstrongswan/threading/spinlock.c +++ b/src/libstrongswan/threading/spinlock.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/spinlock.h b/src/libstrongswan/threading/spinlock.h index 883980cc2..2c7164ab3 100644 --- a/src/libstrongswan/threading/spinlock.h +++ b/src/libstrongswan/threading/spinlock.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c index de5cbaa21..487ea0401 100644 --- a/src/libstrongswan/threading/thread.c +++ b/src/libstrongswan/threading/thread.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -348,6 +348,8 @@ thread_t *thread_create(thread_main_t main, void *arg) { DBG1(DBG_LIB, "failed to create thread!"); this->mutex->lock(this->mutex); + this->terminated = TRUE; + this->detached_or_joined = TRUE; thread_destroy(this); return NULL; } diff --git a/src/libstrongswan/threading/thread.h b/src/libstrongswan/threading/thread.h index 35da24459..1dfc3772d 100644 --- a/src/libstrongswan/threading/thread.h +++ b/src/libstrongswan/threading/thread.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/thread_value.c b/src/libstrongswan/threading/thread_value.c index 190b7434f..6d015494d 100644 --- a/src/libstrongswan/threading/thread_value.c +++ b/src/libstrongswan/threading/thread_value.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2012 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/threading/thread_value.h b/src/libstrongswan/threading/thread_value.h index 48f5f7d6b..028bdeebe 100644 --- a/src/libstrongswan/threading/thread_value.h +++ b/src/libstrongswan/threading/thread_value.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/backtrace.c b/src/libstrongswan/utils/backtrace.c index 18b19166e..146f91c4a 100644 --- a/src/libstrongswan/utils/backtrace.c +++ b/src/libstrongswan/utils/backtrace.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006-2013 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2013 revosec AG * * This program is free software; you can redistribute it and/or modify it diff --git a/src/libstrongswan/utils/backtrace.h b/src/libstrongswan/utils/backtrace.h index 16e84c4d9..85d8d250c 100644 --- a/src/libstrongswan/utils/backtrace.h +++ b/src/libstrongswan/utils/backtrace.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/capabilities.c b/src/libstrongswan/utils/capabilities.c index ce5f550b5..38c2ee09e 100644 --- a/src/libstrongswan/utils/capabilities.c +++ b/src/libstrongswan/utils/capabilities.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG * @@ -422,7 +422,10 @@ METHOD(capabilities_t, drop, bool, { #ifndef WIN32 #ifdef HAVE_PRCTL - prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); + if (has_capability(this, CAP_SETPCAP, NULL)) + { + prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); + } #endif if (this->uid && !init_supplementary_groups(this)) diff --git a/src/libstrongswan/utils/capabilities.h b/src/libstrongswan/utils/capabilities.h index 20c18554b..c7bdfa347 100644 --- a/src/libstrongswan/utils/capabilities.h +++ b/src/libstrongswan/utils/capabilities.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG * @@ -47,6 +47,9 @@ typedef struct capabilities_t capabilities_t; #ifndef CAP_DAC_OVERRIDE # define CAP_DAC_OVERRIDE 1 #endif +#ifndef CAP_SETPCAP +# define CAP_SETPCAP 8 +#endif /** * POSIX capability dropping abstraction layer. diff --git a/src/libstrongswan/utils/chunk.c b/src/libstrongswan/utils/chunk.c index 3a7984098..239353879 100644 --- a/src/libstrongswan/utils/chunk.c +++ b/src/libstrongswan/utils/chunk.c @@ -2,7 +2,7 @@ * Copyright (C) 2008-2013 Tobias Brunner * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/chunk.h b/src/libstrongswan/utils/chunk.h index 160d09944..e60cd8ad0 100644 --- a/src/libstrongswan/utils/chunk.h +++ b/src/libstrongswan/utils/chunk.h @@ -2,7 +2,7 @@ * Copyright (C) 2008-2013 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/compat/android.h b/src/libstrongswan/utils/compat/android.h index 6edd3effb..da8de6279 100644 --- a/src/libstrongswan/utils/compat/android.h +++ b/src/libstrongswan/utils/compat/android.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010-2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/debug.c b/src/libstrongswan/utils/debug.c index 8a80b81a2..812ade4f5 100644 --- a/src/libstrongswan/utils/debug.c +++ b/src/libstrongswan/utils/debug.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/debug.h b/src/libstrongswan/utils/debug.h index 3b554487c..a2258a879 100644 --- a/src/libstrongswan/utils/debug.h +++ b/src/libstrongswan/utils/debug.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/enum.c b/src/libstrongswan/utils/enum.c index 1cead77ca..25182f93d 100644 --- a/src/libstrongswan/utils/enum.c +++ b/src/libstrongswan/utils/enum.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/enum.h b/src/libstrongswan/utils/enum.h index 928f4079a..4312cb9a1 100644 --- a/src/libstrongswan/utils/enum.h +++ b/src/libstrongswan/utils/enum.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Tobias Brunner * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -53,7 +53,7 @@ typedef struct enum_name_t enum_name_t; * The ENUM and the ENUM_END define a enum_name_t pointer with the name supplied * in "name". * - * Resolving of enum names is done using a printf hook. A printf fromat + * Resolving of enum names is done using a printf hook. A printf format * character %N is replaced by the enum string. Printf needs two arguments to * resolve a %N, the enum_name_t* (the defined name in ENUM_BEGIN) followed * by the numerical enum value. diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h index 206f7c3e0..704df7842 100644 --- a/src/libstrongswan/utils/identification.h +++ b/src/libstrongswan/utils/identification.h @@ -2,7 +2,7 @@ * Copyright (C) 2009-2015 Tobias Brunner * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/integrity_checker.c b/src/libstrongswan/utils/integrity_checker.c index 6f9510b3e..d39b587a9 100644 --- a/src/libstrongswan/utils/integrity_checker.c +++ b/src/libstrongswan/utils/integrity_checker.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/integrity_checker.h b/src/libstrongswan/utils/integrity_checker.h index 2ac21c608..2766a0a74 100644 --- a/src/libstrongswan/utils/integrity_checker.h +++ b/src/libstrongswan/utils/integrity_checker.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c index 1dfeea557..b873e12a8 100644 --- a/src/libstrongswan/utils/leak_detective.c +++ b/src/libstrongswan/utils/leak_detective.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2013-2014 Tobias Brunner * Copyright (C) 2006-2013 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/leak_detective.h b/src/libstrongswan/utils/leak_detective.h index ca70067d4..b27534e2a 100644 --- a/src/libstrongswan/utils/leak_detective.h +++ b/src/libstrongswan/utils/leak_detective.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/lexparser.h b/src/libstrongswan/utils/lexparser.h index 7eb68069b..4c9d2b342 100644 --- a/src/libstrongswan/utils/lexparser.h +++ b/src/libstrongswan/utils/lexparser.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2001-2008 Andreas Steffen * - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c index 6f721c9ef..5c5f649b7 100644 --- a/src/libstrongswan/utils/optionsfrom.c +++ b/src/libstrongswan/utils/optionsfrom.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007-2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/optionsfrom.h b/src/libstrongswan/utils/optionsfrom.h index b0a9d0096..3ce52365f 100644 --- a/src/libstrongswan/utils/optionsfrom.h +++ b/src/libstrongswan/utils/optionsfrom.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2007-2008 Andreas Steffen * - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/parser_helper.c b/src/libstrongswan/utils/parser_helper.c index 4c6aa251f..3ed22b61d 100644 --- a/src/libstrongswan/utils/parser_helper.c +++ b/src/libstrongswan/utils/parser_helper.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/parser_helper.h b/src/libstrongswan/utils/parser_helper.h index 09ed1991c..818062c66 100644 --- a/src/libstrongswan/utils/parser_helper.h +++ b/src/libstrongswan/utils/parser_helper.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/printf_hook/printf_hook.h b/src/libstrongswan/utils/printf_hook/printf_hook.h index c1d6fa90d..bced19146 100644 --- a/src/libstrongswan/utils/printf_hook/printf_hook.h +++ b/src/libstrongswan/utils/printf_hook/printf_hook.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Tobias Brunner * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c b/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c index 5efe1d990..17b56d278 100644 --- a/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c +++ b/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009-2013 Tobias Brunner * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/printf_hook/printf_hook_vstr.c b/src/libstrongswan/utils/printf_hook/printf_hook_vstr.c index ab93b24ba..6d8827624 100644 --- a/src/libstrongswan/utils/printf_hook/printf_hook_vstr.c +++ b/src/libstrongswan/utils/printf_hook/printf_hook_vstr.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2009-2013 Tobias Brunner * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/printf_hook/printf_hook_vstr.h b/src/libstrongswan/utils/printf_hook/printf_hook_vstr.h index 7c24b05e2..6d744b257 100644 --- a/src/libstrongswan/utils/printf_hook/printf_hook_vstr.h +++ b/src/libstrongswan/utils/printf_hook/printf_hook_vstr.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2009 Tobias Brunner * Copyright (C) 2006-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/test.c b/src/libstrongswan/utils/test.c index 0b0a80f42..0e9f07cd0 100644 --- a/src/libstrongswan/utils/test.c +++ b/src/libstrongswan/utils/test.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/test.h b/src/libstrongswan/utils/test.h index f9a84713e..f7ae7d60c 100644 --- a/src/libstrongswan/utils/test.h +++ b/src/libstrongswan/utils/test.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils.c b/src/libstrongswan/utils/utils.c index 4deba0fe7..94863d3d6 100644 --- a/src/libstrongswan/utils/utils.c +++ b/src/libstrongswan/utils/utils.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2015 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils.h b/src/libstrongswan/utils/utils.h index ec994bfc5..ea08b68c2 100644 --- a/src/libstrongswan/utils/utils.h +++ b/src/libstrongswan/utils/utils.h @@ -206,7 +206,7 @@ void utils_deinit(); * Block and wait for a set of signals * * We don't replicate the functionality of siginfo_t. If info is not NULL - * -1 is returend and errno is set to EINVAL. + * -1 is returned and errno is set to EINVAL. * * @param set set of signals to wait for * @param info must be NULL diff --git a/src/libstrongswan/utils/utils/align.c b/src/libstrongswan/utils/utils/align.c index ffdb1b5ce..bb76866f1 100644 --- a/src/libstrongswan/utils/utils/align.c +++ b/src/libstrongswan/utils/utils/align.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/align.h b/src/libstrongswan/utils/utils/align.h index a28dc3668..85eb25974 100644 --- a/src/libstrongswan/utils/utils/align.h +++ b/src/libstrongswan/utils/utils/align.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/atomics.c b/src/libstrongswan/utils/utils/atomics.c index 17e823e70..82a889614 100644 --- a/src/libstrongswan/utils/utils/atomics.c +++ b/src/libstrongswan/utils/utils/atomics.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/atomics.h b/src/libstrongswan/utils/utils/atomics.h index e5db0a1cb..a973b1adc 100644 --- a/src/libstrongswan/utils/utils/atomics.h +++ b/src/libstrongswan/utils/utils/atomics.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/byteorder.h b/src/libstrongswan/utils/utils/byteorder.h index 0665ef363..6bd626cbc 100644 --- a/src/libstrongswan/utils/utils/byteorder.h +++ b/src/libstrongswan/utils/utils/byteorder.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/memory.c b/src/libstrongswan/utils/utils/memory.c index 4b4b6ccee..82c30d88e 100644 --- a/src/libstrongswan/utils/utils/memory.c +++ b/src/libstrongswan/utils/utils/memory.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -29,7 +29,7 @@ void memxor(uint8_t dst[], const uint8_t src[], size_t n) { dst[i] ^= src[i]; } - /* try to use words if src shares an aligment with dst */ + /* try to use words if src shares an alignment with dst */ switch (((uintptr_t)&src[i] % sizeof(long))) { case 0: diff --git a/src/libstrongswan/utils/utils/memory.h b/src/libstrongswan/utils/utils/memory.h index e84033010..1dffe85df 100644 --- a/src/libstrongswan/utils/utils/memory.h +++ b/src/libstrongswan/utils/utils/memory.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/object.h b/src/libstrongswan/utils/utils/object.h index 301fb6685..24169dafc 100644 --- a/src/libstrongswan/utils/utils/object.h +++ b/src/libstrongswan/utils/utils/object.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/path.c b/src/libstrongswan/utils/utils/path.c index 3abbe77ed..d964c70cc 100644 --- a/src/libstrongswan/utils/utils/path.c +++ b/src/libstrongswan/utils/utils/path.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/path.h b/src/libstrongswan/utils/utils/path.h index 838ce73e6..b72bdaf42 100644 --- a/src/libstrongswan/utils/utils/path.h +++ b/src/libstrongswan/utils/utils/path.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/status.c b/src/libstrongswan/utils/utils/status.c index 4a97d846c..21f38a6de 100644 --- a/src/libstrongswan/utils/utils/status.c +++ b/src/libstrongswan/utils/utils/status.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/status.h b/src/libstrongswan/utils/utils/status.h index c96eebd44..8d96c2bfc 100644 --- a/src/libstrongswan/utils/utils/status.h +++ b/src/libstrongswan/utils/utils/status.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/strerror.c b/src/libstrongswan/utils/utils/strerror.c index d35bbec68..c29b2f773 100644 --- a/src/libstrongswan/utils/utils/strerror.c +++ b/src/libstrongswan/utils/utils/strerror.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/strerror.h b/src/libstrongswan/utils/utils/strerror.h index f59649c2a..46138824f 100644 --- a/src/libstrongswan/utils/utils/strerror.h +++ b/src/libstrongswan/utils/utils/strerror.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2012-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/string.c b/src/libstrongswan/utils/utils/string.c index 56910ed79..df7a9936b 100644 --- a/src/libstrongswan/utils/utils/string.c +++ b/src/libstrongswan/utils/utils/string.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/string.h b/src/libstrongswan/utils/utils/string.h index 562516b91..67a915166 100644 --- a/src/libstrongswan/utils/utils/string.h +++ b/src/libstrongswan/utils/utils/string.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/tty.c b/src/libstrongswan/utils/utils/tty.c index 7cce71dc5..9f36b58c3 100644 --- a/src/libstrongswan/utils/utils/tty.c +++ b/src/libstrongswan/utils/utils/tty.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/tty.h b/src/libstrongswan/utils/utils/tty.h index 6cd285a9a..f45d62e49 100644 --- a/src/libstrongswan/utils/utils/tty.h +++ b/src/libstrongswan/utils/utils/tty.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libstrongswan/utils/utils/types.h b/src/libstrongswan/utils/utils/types.h index 45b5043bf..c6a122aa3 100644 --- a/src/libstrongswan/utils/utils/types.h +++ b/src/libstrongswan/utils/utils/types.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtls/tls_application.h b/src/libtls/tls_application.h index bd839fbb6..0debe9cee 100644 --- a/src/libtls/tls_application.h +++ b/src/libtls/tls_application.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2010 Andreas Steffen - * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnc_imc/tnc_imc_bind_function.c b/src/libtnccs/plugins/tnc_imc/tnc_imc_bind_function.c index 26a5ed2b4..7e6b2f672 100644 --- a/src/libtnccs/plugins/tnc_imc/tnc_imc_bind_function.c +++ b/src/libtnccs/plugins/tnc_imc/tnc_imc_bind_function.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/batch/tnccs_batch.c b/src/libtnccs/plugins/tnccs_11/batch/tnccs_batch.c index 660ba179d..292ceb6ad 100644 --- a/src/libtnccs/plugins/tnccs_11/batch/tnccs_batch.c +++ b/src/libtnccs/plugins/tnccs_11/batch/tnccs_batch.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/imc_imv_msg.c b/src/libtnccs/plugins/tnccs_11/messages/imc_imv_msg.c index f0e821c8c..f3b0d3faa 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/imc_imv_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/imc_imv_msg.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/tnccs_error_msg.c b/src/libtnccs/plugins/tnccs_11/messages/tnccs_error_msg.c index 26a6c032f..d20f8b09c 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/tnccs_error_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/tnccs_error_msg.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/tnccs_msg.c b/src/libtnccs/plugins/tnccs_11/messages/tnccs_msg.c index e3736560d..4cb4b302e 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/tnccs_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/tnccs_msg.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/tnccs_preferred_language_msg.c b/src/libtnccs/plugins/tnccs_11/messages/tnccs_preferred_language_msg.c index 710269ba9..3ff556699 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/tnccs_preferred_language_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/tnccs_preferred_language_msg.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c b/src/libtnccs/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c index 7c2f9b3f9..e855c16c6 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/tnccs_reason_strings_msg.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/tnccs_recommendation_msg.c b/src/libtnccs/plugins/tnccs_11/messages/tnccs_recommendation_msg.c index 013e0c7ed..f685dc667 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/tnccs_recommendation_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/tnccs_recommendation_msg.c @@ -1,6 +1,8 @@ /* + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * Copyright (C) 2006 Mike McCauley (mikem@open.com.au) - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtnccs/plugins/tnccs_11/messages/tnccs_tncs_contact_info_msg.c b/src/libtnccs/plugins/tnccs_11/messages/tnccs_tncs_contact_info_msg.c index 0d3e1c2a0..cc1f09bfc 100644 --- a/src/libtnccs/plugins/tnccs_11/messages/tnccs_tncs_contact_info_msg.c +++ b/src/libtnccs/plugins/tnccs_11/messages/tnccs_tncs_contact_info_msg.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2010 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtpmtss/plugins/tpm/tpm_cert.c b/src/libtpmtss/plugins/tpm/tpm_cert.c index 248da7e53..126941f8d 100644 --- a/src/libtpmtss/plugins/tpm/tpm_cert.c +++ b/src/libtpmtss/plugins/tpm/tpm_cert.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2017 Andreas Steffen - * HSR Hochschule für Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/libtpmtss/tpm_tss_tss2.c b/src/libtpmtss/tpm_tss_tss2.c index 8b91fb44a..90a16c103 100644 --- a/src/libtpmtss/tpm_tss_tss2.c +++ b/src/libtpmtss/tpm_tss_tss2.c @@ -278,8 +278,9 @@ static bool initialize_tcti_tabrmd_context(private_tpm_tss_tss2_t *this) return FALSE; } - /* allocate memory for tcti context */ + /* allocate and initialize memory for tcti context */ this->tcti_context = (TSS2_TCTI_CONTEXT*)malloc(tcti_context_size); + memset(this->tcti_context, 0x00, tcti_context_size); /* initialize tcti context */ rval = tss2_tcti_tabrmd_init(this->tcti_context, &tcti_context_size); diff --git a/src/manager/controller/auth_controller.c b/src/manager/controller/auth_controller.c index 5f2de5154..8abce7312 100644 --- a/src/manager/controller/auth_controller.c +++ b/src/manager/controller/auth_controller.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/auth_controller.h b/src/manager/controller/auth_controller.h index 07292273d..2e9548599 100644 --- a/src/manager/controller/auth_controller.h +++ b/src/manager/controller/auth_controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/config_controller.c b/src/manager/controller/config_controller.c index bc93c542d..fbde2f23f 100644 --- a/src/manager/controller/config_controller.c +++ b/src/manager/controller/config_controller.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/config_controller.h b/src/manager/controller/config_controller.h index 504ec8c3b..896ceb4c3 100644 --- a/src/manager/controller/config_controller.h +++ b/src/manager/controller/config_controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/control_controller.c b/src/manager/controller/control_controller.c index a8db2f272..f0a16eeb2 100644 --- a/src/manager/controller/control_controller.c +++ b/src/manager/controller/control_controller.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/control_controller.h b/src/manager/controller/control_controller.h index 0342f8ca2..9feb3c3b6 100644 --- a/src/manager/controller/control_controller.h +++ b/src/manager/controller/control_controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/gateway_controller.c b/src/manager/controller/gateway_controller.c index 6c0257980..bb14451b1 100644 --- a/src/manager/controller/gateway_controller.c +++ b/src/manager/controller/gateway_controller.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/gateway_controller.h b/src/manager/controller/gateway_controller.h index 170bc1bdb..f6bed4ddd 100644 --- a/src/manager/controller/gateway_controller.h +++ b/src/manager/controller/gateway_controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/ikesa_controller.c b/src/manager/controller/ikesa_controller.c index df0e5f475..5cb5245aa 100644 --- a/src/manager/controller/ikesa_controller.c +++ b/src/manager/controller/ikesa_controller.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/controller/ikesa_controller.h b/src/manager/controller/ikesa_controller.h index 592047539..cd76ee5a5 100644 --- a/src/manager/controller/ikesa_controller.h +++ b/src/manager/controller/ikesa_controller.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/gateway.c b/src/manager/gateway.c index 58ee6ab54..362611da3 100644 --- a/src/manager/gateway.c +++ b/src/manager/gateway.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/gateway.h b/src/manager/gateway.h index 1f62d2365..04f4dfb65 100644 --- a/src/manager/gateway.h +++ b/src/manager/gateway.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/main.c b/src/manager/main.c index b6169082f..1ba8b1e04 100644 --- a/src/manager/main.c +++ b/src/manager/main.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/manager.c b/src/manager/manager.c index 22a4191d9..bbffb1bb8 100644 --- a/src/manager/manager.c +++ b/src/manager/manager.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/manager.h b/src/manager/manager.h index e0ed7fcaf..506127b7f 100644 --- a/src/manager/manager.h +++ b/src/manager/manager.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/storage.c b/src/manager/storage.c index 6a8e76e5e..5fdfe0318 100644 --- a/src/manager/storage.c +++ b/src/manager/storage.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/storage.h b/src/manager/storage.h index 4324e99fe..76c2b7b9b 100644 --- a/src/manager/storage.h +++ b/src/manager/storage.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/xml.c b/src/manager/xml.c index 0aee5f69b..17c2512da 100644 --- a/src/manager/xml.c +++ b/src/manager/xml.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/manager/xml.h b/src/manager/xml.h index bd11cb4f8..46503b8af 100644 --- a/src/manager/xml.h +++ b/src/manager/xml.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/controller/peer_controller.c b/src/medsrv/controller/peer_controller.c index 4943647b5..7dbda8b49 100644 --- a/src/medsrv/controller/peer_controller.c +++ b/src/medsrv/controller/peer_controller.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/controller/peer_controller.h b/src/medsrv/controller/peer_controller.h index 1282156b7..3bc640b93 100644 --- a/src/medsrv/controller/peer_controller.h +++ b/src/medsrv/controller/peer_controller.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/controller/user_controller.c b/src/medsrv/controller/user_controller.c index 36d04e12c..8bdd86a42 100644 --- a/src/medsrv/controller/user_controller.c +++ b/src/medsrv/controller/user_controller.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/controller/user_controller.h b/src/medsrv/controller/user_controller.h index 8443a8d2b..62e15a7cf 100644 --- a/src/medsrv/controller/user_controller.h +++ b/src/medsrv/controller/user_controller.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/filter/auth_filter.c b/src/medsrv/filter/auth_filter.c index fb39bdb0e..713abe46b 100644 --- a/src/medsrv/filter/auth_filter.c +++ b/src/medsrv/filter/auth_filter.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/filter/auth_filter.h b/src/medsrv/filter/auth_filter.h index 022254dde..15c254256 100644 --- a/src/medsrv/filter/auth_filter.h +++ b/src/medsrv/filter/auth_filter.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/main.c b/src/medsrv/main.c index 745fcc359..6ad817334 100644 --- a/src/medsrv/main.c +++ b/src/medsrv/main.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2008 Philip Boetschi, Adrian Doerig - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/user.c b/src/medsrv/user.c index 023dafbed..26b766f96 100644 --- a/src/medsrv/user.c +++ b/src/medsrv/user.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/medsrv/user.h b/src/medsrv/user.h index 475972a5b..b58d14ab1 100644 --- a/src/medsrv/user.h +++ b/src/medsrv/user.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pki/command.c b/src/pki/command.c index f425af7e8..4ad4339a8 100644 --- a/src/pki/command.c +++ b/src/pki/command.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pki/command.h b/src/pki/command.h index a7dade758..353f5141c 100644 --- a/src/pki/command.h +++ b/src/pki/command.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pki/commands/dn.c b/src/pki/commands/dn.c index 75585fc16..96ce5326e 100644 --- a/src/pki/commands/dn.c +++ b/src/pki/commands/dn.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pki/commands/pkcs12.c b/src/pki/commands/pkcs12.c index dcd1496ba..e218c4c89 100644 --- a/src/pki/commands/pkcs12.c +++ b/src/pki/commands/pkcs12.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pki/commands/verify.c b/src/pki/commands/verify.c index dd667fb34..88ef448b5 100644 --- a/src/pki/commands/verify.c +++ b/src/pki/commands/verify.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2016 Tobias Brunner + * Copyright (C) 2016-2018 Tobias Brunner * Copyright (C) 2009 Martin Willi * HSR Hochschule fuer Technik Rapperswil * @@ -14,6 +14,9 @@ * for more details. */ +#include +#include +#include #include #include "pki.h" @@ -22,6 +25,84 @@ #include #include +/** + * Load a CA or CRL and add it to the credential set + */ +static bool load_cert(mem_cred_t *creds, char *path, certificate_type_t subtype) +{ + certificate_t *cert; + char *credname; + + switch (subtype) + { + case CERT_X509: + credname = "CA certificate"; + break; + case CERT_X509_CRL: + credname = "CRL"; + break; + default: + return FALSE; + } + cert = lib->creds->create(lib->creds, + CRED_CERTIFICATE, subtype, + BUILD_FROM_FILE, path, BUILD_END); + if (!cert) + { + fprintf(stderr, "parsing %s from '%s' failed\n", credname, path); + return FALSE; + } + if (subtype == CERT_X509_CRL) + { + creds->add_crl(creds, (crl_t*)cert); + } + else + { + creds->add_cert(creds, TRUE, cert); + } + return TRUE; +} + +/** + * Load CA cert or CRL either from a file or a path + */ +static bool load_certs(mem_cred_t *creds, char *path, + certificate_type_t subtype) +{ + enumerator_t *enumerator; + struct stat st; + bool loaded = FALSE; + + if (stat(path, &st)) + { + fprintf(stderr, "failed to access '%s': %s\n", path, strerror(errno)); + return FALSE; + } + if (S_ISDIR(st.st_mode)) + { + enumerator = enumerator_create_directory(path); + if (!enumerator) + { + fprintf(stderr, "directory '%s' can not be opened: %s", + path, strerror(errno)); + return FALSE; + } + while (enumerator->enumerate(enumerator, NULL, &path, &st)) + { + if (S_ISREG(st.st_mode) && load_cert(creds, path, subtype)) + { + loaded = TRUE; + } + } + enumerator->destroy(enumerator); + } + else + { + loaded = load_cert(creds, path, subtype); + } + return loaded; +} + /** * Verify a certificate signature */ @@ -49,28 +130,16 @@ static int verify() file = arg; continue; case 'c': - cert = lib->creds->create(lib->creds, - CRED_CERTIFICATE, CERT_X509, - BUILD_FROM_FILE, arg, BUILD_END); - if (!cert) + if (load_certs(creds, arg, CERT_X509)) { - fprintf(stderr, "parsing CA certificate failed\n"); - goto end; + has_ca = TRUE; } - has_ca = TRUE; - creds->add_cert(creds, TRUE, cert); continue; case 'l': - cert = lib->creds->create(lib->creds, - CRED_CERTIFICATE, CERT_X509_CRL, - BUILD_FROM_FILE, arg, BUILD_END); - if (!cert) + if (load_certs(creds, arg, CERT_X509_CRL)) { - fprintf(stderr, "parsing CRL failed\n"); - goto end; + online = TRUE; } - online = TRUE; - creds->add_crl(creds, (crl_t*)cert); continue; case 'o': online = TRUE; @@ -108,7 +177,7 @@ static int verify() fprintf(stderr, "parsing certificate failed\n"); goto end; } - creds->add_cert(creds, !has_ca, cert); + cert = creds->add_cert_ref(creds, !has_ca, cert); enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, KEY_ANY, cert->get_subject(cert), online); @@ -153,6 +222,7 @@ static int verify() printf("\n"); } enumerator->destroy(enumerator); + cert->destroy(cert); if (!trusted) { diff --git a/src/pki/man/pki---verify.1.in b/src/pki/man/pki---verify.1.in index 74adaf150..a655858a1 100644 --- a/src/pki/man/pki---verify.1.in +++ b/src/pki/man/pki---verify.1.in @@ -47,10 +47,13 @@ X.509 certificate to verify. If not given it is read from \fISTDIN\fR. .TP .BI "\-c, \-\-cacert " file CA certificate to use for trustchain verification. If not given the certificate -is assumed to be self\-signed. +is assumed to be self\-signed. May optionally be a path to a directory from +which CA certificates are loaded. Can be used multiple times. .TP .BI "\-l, \-\-crl " file -Local CRL to use for trustchain verification. Implies \fB-o\fR. +Local CRL to use for trustchain verification. May optionally be a path to a +directory from which CRLs are loaded. Can be used multiple times. +Implies \fB-o\fR. .TP .BI "\-o, \-\-online Enable online CRL/OCSP revocation checking. diff --git a/src/pool/pool_attributes.c b/src/pool/pool_attributes.c index 72af4f494..5ebdbeb37 100644 --- a/src/pool/pool_attributes.c +++ b/src/pool/pool_attributes.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pool/pool_attributes.h b/src/pool/pool_attributes.h index 6a5af3349..8536d4205 100644 --- a/src/pool/pool_attributes.h +++ b/src/pool/pool_attributes.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009-2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pool/pool_usage.c b/src/pool/pool_usage.c index 94cc041b5..2b380e386 100644 --- a/src/pool/pool_usage.c +++ b/src/pool/pool_usage.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2009-2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pool/pool_usage.h b/src/pool/pool_usage.h index 0082ef6f2..a7fa672ff 100644 --- a/src/pool/pool_usage.h +++ b/src/pool/pool_usage.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2008 Martin Willi * Copyright (C) 2009-2010 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/pt-tls-client/pt-tls-client.c b/src/pt-tls-client/pt-tls-client.c index d31e16220..9f1faf454 100644 --- a/src/pt-tls-client/pt-tls-client.c +++ b/src/pt-tls-client/pt-tls-client.c @@ -1,7 +1,9 @@ /* - * Copyright (C) 2010-2013 Martin Willi, revosec AG * Copyright (C) 2013-2015 Andreas Steffen - * HSR Hochschule für Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2010-2013 Martin Willi + * Copyright (C) 2010-2013 revosec AG * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c index 5bb29bbd8..cc227cc7a 100644 --- a/src/scepclient/scep.c +++ b/src/scepclient/scep.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/scepclient/scep.h b/src/scepclient/scep.h index 4ef5eaf8e..97fc7bf8e 100644 --- a/src/scepclient/scep.h +++ b/src/scepclient/scep.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 853490f61..83079f3d8 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/args.c b/src/starter/args.c index 477a52082..a37ce6a3e 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2014 Tobias Brunner * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/args.h b/src/starter/args.h index 76c05de8c..d1181f4a4 100644 --- a/src/starter/args.h +++ b/src/starter/args.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/confread.c b/src/starter/confread.c index f154f8951..345d0b60b 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security * diff --git a/src/starter/invokecharon.c b/src/starter/invokecharon.c index 5d95305cb..e78e65792 100644 --- a/src/starter/invokecharon.c +++ b/src/starter/invokecharon.c @@ -1,6 +1,9 @@ -/* strongSwan charon launcher - * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security - * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil +/* + * Copyright (C) 2006 Martin Willi + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2001-2002 Mathieu Lafon + * Arkoon Network Security * * Ported from invokepluto.c to fit charons needs. * diff --git a/src/starter/invokecharon.h b/src/starter/invokecharon.h index aaf913c9b..b789c761d 100644 --- a/src/starter/invokecharon.h +++ b/src/starter/invokecharon.h @@ -1,6 +1,9 @@ -/* strongSwan charon launcher - * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security - * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil +/* + * Copyright (C) 2006 Martin Willi + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2001-2002 Mathieu Lafon + * Arkoon Network Security * * Ported from invokepluto.h to fit charons needs. * diff --git a/src/starter/keywords.c b/src/starter/keywords.c index 0e2d0fb4b..a8f50169a 100644 --- a/src/starter/keywords.c +++ b/src/starter/keywords.c @@ -32,7 +32,7 @@ error "gperf generated tables don't work with this execution character set. Plea /* * Copyright (C) 2005 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/keywords.h b/src/starter/keywords.h index 27d16b0b8..d017134d9 100644 --- a/src/starter/keywords.h +++ b/src/starter/keywords.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2005 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/keywords.h.in b/src/starter/keywords.h.in index d2b08f2cf..60ec2723a 100644 --- a/src/starter/keywords.h.in +++ b/src/starter/keywords.h.in @@ -1,6 +1,6 @@ /* * Copyright (C) 2005 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt index dd673bc7a..e696dce8e 100644 --- a/src/starter/keywords.txt +++ b/src/starter/keywords.txt @@ -1,7 +1,7 @@ %{ /* * Copyright (C) 2005 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/parser/conf_parser.c b/src/starter/parser/conf_parser.c index 66e0ae8e4..d35dad76c 100644 --- a/src/starter/parser/conf_parser.c +++ b/src/starter/parser/conf_parser.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/parser/conf_parser.h b/src/starter/parser/conf_parser.h index 49131a0db..db486a03f 100644 --- a/src/starter/parser/conf_parser.h +++ b/src/starter/parser/conf_parser.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/parser/lexer.c b/src/starter/parser/lexer.c index afca86341..d19cee08a 100644 --- a/src/starter/parser/lexer.c +++ b/src/starter/parser/lexer.c @@ -634,7 +634,7 @@ static yyconst flex_int16_t yy_rule_linenum[26] = #line 2 "parser/lexer.l" /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/parser/lexer.l b/src/starter/parser/lexer.l index f70658e68..e10fd1b38 100644 --- a/src/starter/parser/lexer.l +++ b/src/starter/parser/lexer.l @@ -1,7 +1,7 @@ %{ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/parser/parser.c b/src/starter/parser/parser.c index 7204cc61d..7d9cd7805 100644 --- a/src/starter/parser/parser.c +++ b/src/starter/parser/parser.c @@ -72,7 +72,7 @@ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/parser/parser.y b/src/starter/parser/parser.y index 0b2b3b09f..1371fe931 100644 --- a/src/starter/parser/parser.y +++ b/src/starter/parser/parser.y @@ -1,7 +1,7 @@ %{ /* * Copyright (C) 2013-2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/starter.c b/src/starter/starter.c index 51a42a504..8ca1af29c 100644 --- a/src/starter/starter.c +++ b/src/starter/starter.c @@ -276,7 +276,7 @@ static bool check_pid(char *pid_file) pid = atoi(buf); } fclose(pidfile); - if (pid && kill(pid, 0) == 0) + if (pid && pid != getpid() && kill(pid, 0) == 0) { /* such a process is running */ return TRUE; } @@ -477,6 +477,7 @@ int main (int argc, char **argv) } } +#ifndef STARTER_ALLOW_NON_ROOT /* verify that we can start */ if (getuid() != 0) { @@ -484,6 +485,7 @@ int main (int argc, char **argv) cleanup(); exit(LSB_RC_NOT_ALLOWED); } +#endif if (check_pid(pid_file)) { @@ -520,6 +522,7 @@ int main (int argc, char **argv) exit(LSB_RC_INVALID_ARGUMENT); } +#ifndef SKIP_KERNEL_IPSEC_MODPROBES /* determine if we have a native netkey IPsec stack */ if (!starter_netkey_init()) { @@ -530,6 +533,7 @@ int main (int argc, char **argv) DBG1(DBG_APP, "no known IPsec stack detected, ignoring!"); } } +#endif last_reload = time_monotonic(NULL); diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 90af9372a..90ba1cd72 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2007-2015 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/starterstroke.h b/src/starter/starterstroke.h index 126486325..685c528b6 100644 --- a/src/starter/starterstroke.h +++ b/src/starter/starterstroke.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/tests/starter_tests.c b/src/starter/tests/starter_tests.c index 4194c5256..23722e96f 100644 --- a/src/starter/tests/starter_tests.c +++ b/src/starter/tests/starter_tests.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/tests/starter_tests.h b/src/starter/tests/starter_tests.h index 3486597a0..79a75c568 100644 --- a/src/starter/tests/starter_tests.h +++ b/src/starter/tests/starter_tests.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/starter/tests/suites/test_parser.c b/src/starter/tests/suites/test_parser.c index 4ae7b22fa..81555a86f 100644 --- a/src/starter/tests/suites/test_parser.c +++ b/src/starter/tests/suites/test_parser.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2014 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/stroke/stroke.c b/src/stroke/stroke.c index 6571815e5..8248440dd 100644 --- a/src/stroke/stroke.c +++ b/src/stroke/stroke.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2007-2015 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/stroke/stroke_keywords.c b/src/stroke/stroke_keywords.c index 4dce7fbc8..17a3663fe 100644 --- a/src/stroke/stroke_keywords.c +++ b/src/stroke/stroke_keywords.c @@ -30,9 +30,9 @@ error "gperf generated tables don't work with this execution character set. Plea #endif -/* stroke keywords +/* * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/stroke/stroke_keywords.h b/src/stroke/stroke_keywords.h index 00b992769..4e0b66b3d 100644 --- a/src/stroke/stroke_keywords.h +++ b/src/stroke/stroke_keywords.h @@ -1,6 +1,6 @@ -/* stroke keywords +/* * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/stroke/stroke_keywords.h.in b/src/stroke/stroke_keywords.h.in index 2b5780adc..416c8f9ad 100644 --- a/src/stroke/stroke_keywords.h.in +++ b/src/stroke/stroke_keywords.h.in @@ -1,6 +1,6 @@ -/* stroke keywords +/* * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/stroke/stroke_keywords.txt b/src/stroke/stroke_keywords.txt index ceb0dd253..1d96ccdd1 100644 --- a/src/stroke/stroke_keywords.txt +++ b/src/stroke/stroke_keywords.txt @@ -1,7 +1,7 @@ %{ -/* stroke keywords +/* * Copyright (C) 2006 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h index 60ea0028d..08560d36f 100644 --- a/src/stroke/stroke_msg.h +++ b/src/stroke/stroke_msg.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/sw-collector/sw-collector.8.in b/src/sw-collector/sw-collector.8.in index b9041c77b..5c8d25656 100644 --- a/src/sw-collector/sw-collector.8.in +++ b/src/sw-collector/sw-collector.8.in @@ -34,6 +34,12 @@ sw-collector \- Extracts software installation events from dpkg history log .YS . .SY "sw-collector" +.OP \-\-debug level +.OP \-\-quiet +.BR \-\-check +.YS +. +.SY "sw-collector" .B \-h | .B \-\-help @@ -76,7 +82,7 @@ installation status. .B "\-u, \-\-unregistered" Lists all software packages residing in the local collector database but for which no SWID tags exist yet in a central collector database reachable via a -REST interface. +REST interface. .TP .B "\-g, \-\-generate" Generates ISO 19770-2:2015 SWID tags for all software packages residing in the @@ -86,6 +92,10 @@ database reachable via a REST interface. .B "\-m, \-\-migrate" Can be used to migrate collector database versions. Currently all architecture suffixes are removed from dpkg package names. +.TP +.B "\-C, \-\-check" +Checks the integrity of the collector database against the actual list of +installed packages obtained with dpkg-query. . .SH "CONFIGURATION" . diff --git a/src/sw-collector/sw-collector.c b/src/sw-collector/sw-collector.c index a42f1068a..f8229a192 100644 --- a/src/sw-collector/sw-collector.c +++ b/src/sw-collector/sw-collector.c @@ -31,9 +31,10 @@ #include #include #include +#include #include - +#include /** * global debug output variables */ @@ -48,7 +49,8 @@ enum collector_op_t { COLLECTOR_OP_LIST, COLLECTOR_OP_UNREGISTERED, COLLECTOR_OP_GENERATE, - COLLECTOR_OP_MIGRATE + COLLECTOR_OP_MIGRATE, + COLLECTOR_OP_CHECK }; /** @@ -119,7 +121,8 @@ Usage:\n\ --list|-unregistered\n\ sw-collector [--debug ] [--quiet] [--installed|--removed] \ [--full] --generate\n\ - sw-collector [--debug ] [--quiet] --migrate\n"); + sw-collector [--debug ] [--quiet] --migrate\n\ + sw-collector [--debug ] [--quiet] --check\n"); } /** @@ -140,6 +143,7 @@ static collector_op_t do_args(int argc, char *argv[], bool *full_tags, struct option long_opts[] = { { "help", no_argument, NULL, 'h' }, + { "check", no_argument, NULL, 'C' }, { "count", required_argument, NULL, 'c' }, { "debug", required_argument, NULL, 'd' }, { "full", no_argument, NULL, 'f' }, @@ -153,7 +157,7 @@ static collector_op_t do_args(int argc, char *argv[], bool *full_tags, { 0,0,0,0 } }; - c = getopt_long(argc, argv, "hc:d:fgilmqru", long_opts, NULL); + c = getopt_long(argc, argv, "hCc:d:fgilmqru", long_opts, NULL); switch (c) { case EOF: @@ -162,6 +166,9 @@ static collector_op_t do_args(int argc, char *argv[], bool *full_tags, usage(); exit(SUCCESS); break; + case 'C': + op = COLLECTOR_OP_CHECK; + continue; case 'c': count = atoi(optarg); continue; @@ -537,7 +544,7 @@ end: } /** - * Append missing architecture suffix to package entries in the database + * Remove architecture suffix from package entries in the database */ static int migrate(sw_collector_db_t *db) { @@ -582,6 +589,84 @@ static int migrate(sw_collector_db_t *db) return status; } +/** + * Free hashtable entry + */ +static void free_entry(void *value, void *key) +{ + free(value); + free(key); +} + +/** + * Check consistency of installed software identifiers in collector database + */ +static int check(sw_collector_db_t *db) +{ + sw_collector_dpkg_t *dpkg; + swid_gen_info_t *info; + hashtable_t *table; + enumerator_t *e; + char *dpkg_name, *name, *package, *arch, *version; + uint32_t sw_id, count = 0, installed; + + dpkg = sw_collector_dpkg_create(); + if (!dpkg) + { + return EXIT_FAILURE; + } + info = swid_gen_info_create(); + table = hashtable_create(hashtable_hash_str, hashtable_equals_str, 4096); + + /* Store all installed sw identifiers (according to dpkg) in hashtable */ + e = dpkg->create_sw_enumerator(dpkg); + while (e->enumerate(e, &package, &arch, &version)) + { + dpkg_name = info->create_sw_id(info, package, version); + table->put(table, strdup(package), dpkg_name); + } + e->destroy(e); + + info->destroy(info); + dpkg->destroy(dpkg); + + e = db->create_sw_enumerator(db, SW_QUERY_ALL, NULL); + if (!e) + { + table->destroy_function(table, (void*)free_entry); + return EXIT_FAILURE; + } + while (e->enumerate(e, &sw_id, &name, &package, &version, &installed)) + { + dpkg_name = table->get(table, package); + if (installed) + { + if (!dpkg_name) + { + printf("%4d %s erroneously noted as installed\n", sw_id, name); + } + else if (!streq(name, dpkg_name)) + { + printf("%4d %s erroneously noted as installed instead of\n " + " %s\n", sw_id, name, dpkg_name); + } + } + else + { + if (dpkg_name && streq(name, dpkg_name)) + { + printf("%4d %s erroneously noted as removed\n", sw_id, name); + } + } + count++; + } + e->destroy(e); + + table->destroy_function(table, (void*)free_entry); + printf("checked %d software identifiers\n", count); + + return EXIT_SUCCESS; +} int main(int argc, char *argv[]) { @@ -646,6 +731,9 @@ int main(int argc, char *argv[]) case COLLECTOR_OP_MIGRATE: status = migrate(db); break; + case COLLECTOR_OP_CHECK: + status = check(db); + break; } db->destroy(db); diff --git a/src/swanctl/command.c b/src/swanctl/command.c index 225dff617..63f4523bb 100644 --- a/src/swanctl/command.c +++ b/src/swanctl/command.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/swanctl/command.h b/src/swanctl/command.h index 0d93ae45c..f2640d90f 100644 --- a/src/swanctl/command.h +++ b/src/swanctl/command.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/swanctl/commands/list_algs.c b/src/swanctl/commands/list_algs.c index 616e6ff75..99b5c7627 100644 --- a/src/swanctl/commands/list_algs.c +++ b/src/swanctl/commands/list_algs.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/swanctl/commands/redirect.c b/src/swanctl/commands/redirect.c index 6edb936e6..46e0c5719 100644 --- a/src/swanctl/commands/redirect.c +++ b/src/swanctl/commands/redirect.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015 Tobias Brunner - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the diff --git a/src/swanctl/commands/terminate.c b/src/swanctl/commands/terminate.c index 8b3233c89..bce404a54 100644 --- a/src/swanctl/commands/terminate.c +++ b/src/swanctl/commands/terminate.c @@ -39,6 +39,7 @@ static int terminate(vici_conn_t *conn) command_format_options_t format = COMMAND_FORMAT_NONE; char *arg, *child = NULL, *ike = NULL; int ret = 0, timeout = 0, level = 1, child_id = 0, ike_id = 0; + bool force = FALSE; while (TRUE) { @@ -55,6 +56,9 @@ static int terminate(vici_conn_t *conn) case 'c': child = arg; continue; + case 'f': + force = TRUE; + continue; case 'i': ike = arg; continue; @@ -101,6 +105,10 @@ static int terminate(vici_conn_t *conn) { vici_add_key_valuef(req, "ike-id", "%d", ike_id); } + if (force) + { + vici_add_key_valuef(req, "force", "yes"); + } if (timeout) { vici_add_key_valuef(req, "timeout", "%d", timeout * 1000); @@ -150,6 +158,7 @@ static void __attribute__ ((constructor))reg() {"ike", 'i', 1, "terminate by IKE_SA name"}, {"child-id", 'C', 1, "terminate by CHILD_SA reqid"}, {"ike-id", 'I', 1, "terminate by IKE_SA unique identifier"}, + {"force", 'f', 0, "terminate IKE_SA without waiting, unless timeout is set"}, {"timeout", 't', 1, "timeout in seconds before detaching"}, {"raw", 'r', 0, "dump raw response message"}, {"pretty", 'P', 0, "dump raw response message in pretty print"}, diff --git a/src/swanctl/swanctl.conf.5.main b/src/swanctl/swanctl.conf.5.main index 637661083..1f7e3a2cc 100644 --- a/src/swanctl/swanctl.conf.5.main +++ b/src/swanctl/swanctl.conf.5.main @@ -1146,7 +1146,13 @@ disables IPsec replay protection. .TP .BR connections..children..hw_offload " [no]" Enable hardware offload for this CHILD_SA, if supported by the IPsec -implementation. +implementation. The value +.RI "" "yes" "" +enforces offloading and the installation will +fail if it's not supported by either kernel or device. The value +.RI "" "auto" "" +enables offloading, if it's supported, but the installation does not fail +otherwise. .TP .BR connections..children..start_action " [none]" diff --git a/src/swanctl/swanctl.opt b/src/swanctl/swanctl.opt index 5675b31ca..120e5812e 100644 --- a/src/swanctl/swanctl.opt +++ b/src/swanctl/swanctl.opt @@ -931,6 +931,12 @@ connections..children..hw_offload = no Enable hardware offload for this CHILD_SA, if supported by the IPsec implementation. + Enable hardware offload for this CHILD_SA, if supported by the IPsec + implementation. The value _yes_ enforces offloading and the installation + will fail if it's not supported by either kernel or device. The value _auto_ + enables offloading, if it's supported, but the installation does not fail + otherwise. + connections..children..start_action = none Action to perform after loading the configuration (_none_, _trap_, _start_). diff --git a/testing/hosts/default/etc/sysctl.conf b/testing/hosts/default/etc/sysctl.conf index 43010d52e..364b64ad6 100644 --- a/testing/hosts/default/etc/sysctl.conf +++ b/testing/hosts/default/etc/sysctl.conf @@ -1,6 +1,6 @@ # # /etc/sysctl.conf - Configuration file for setting system variables -# See /etc/sysctl.d/ for additonal system variables +# See /etc/sysctl.d/ for additional system variables # See sysctl.conf (5) for information. # diff --git a/testing/scripts/recipes/patches/freeradius-tnc-fhh b/testing/scripts/recipes/patches/freeradius-tnc-fhh index 6460c86a3..26a233d48 100644 --- a/testing/scripts/recipes/patches/freeradius-tnc-fhh +++ b/testing/scripts/recipes/patches/freeradius-tnc-fhh @@ -5363,7 +5363,7 @@ diff -u -r -N freeradius-server-2.2.0.orig/src/modules/rlm_eap/types/rlm_eap_tnc -#define VLAN_ACCESS 2 -/* - **** -- * EAP - MD5 does not specify code, id & length but chap specifies them, +- * EAP - MD5 doesnot specify code, id & length but chap specifies them, - * for generalization purpose, complete header should be sent - * and not just value_size, value and name. - * future implementation. diff --git a/testing/testing.conf b/testing/testing.conf index 595fd9667..0da9aedad 100644 --- a/testing/testing.conf +++ b/testing/testing.conf @@ -24,14 +24,14 @@ fi : ${TESTDIR=/srv/strongswan-testing} # Kernel configuration -: ${KERNELVERSION=4.15} +: ${KERNELVERSION=4.15.18} : ${KERNEL=linux-$KERNELVERSION} : ${KERNELTARBALL=$KERNEL.tar.xz} : ${KERNELCONFIG=$DIR/../config/kernel/config-4.15} -: ${KERNELPATCH=ha-4.14-abicompat.patch.bz2} +: ${KERNELPATCH=ha-4.15.6-abicompat.patch.bz2} # strongSwan version used in tests -: ${SWANVERSION=5.6.2} +: ${SWANVERSION=5.6.3} # Build directory where the guest kernel and images will be built : ${BUILDDIR=$TESTDIR/build} diff --git a/testing/tests/ikev2/alg-chacha20poly1305/description.txt b/testing/tests/ikev2/alg-chacha20poly1305/description.txt index dd8918b68..a808c4b67 100644 --- a/testing/tests/ikev2/alg-chacha20poly1305/description.txt +++ b/testing/tests/ikev2/alg-chacha20poly1305/description.txt @@ -1,5 +1,5 @@ Roadwarrior carol proposes to gateway moon the cipher suite -CHACHA20_POLY1305_256 both for IKE and ESP by defining +CHACHA20_POLY1305 both for IKE and ESP by defining ike=chacha20poly1305-prfsha256-ntru256 and esp=chacha20poly1305-ntru256 in ipsec.conf, respectively. A ping from carol to alice successfully checks the established tunnel. diff --git a/testing/tests/ikev2/alg-chacha20poly1305/evaltest.dat b/testing/tests/ikev2/alg-chacha20poly1305/evaltest.dat index ab54ce153..ac29c66ff 100644 --- a/testing/tests/ikev2/alg-chacha20poly1305/evaltest.dat +++ b/testing/tests/ikev2/alg-chacha20poly1305/evaltest.dat @@ -3,10 +3,10 @@ carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon. moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_.eq=1::YES -moon:: ipsec statusall 2> /dev/null::IKE proposal: CHACHA20_POLY1305_256::YES -carol::ipsec statusall 2> /dev/null::IKE proposal: CHACHA20_POLY1305_256::YES -moon:: ipsec statusall 2> /dev/null::CHACHA20_POLY1305_256,::YES -carol::ipsec statusall 2> /dev/null::CHACHA20_POLY1305_256,::YES +moon:: ipsec statusall 2> /dev/null::IKE proposal: CHACHA20_POLY1305::YES +carol::ipsec statusall 2> /dev/null::IKE proposal: CHACHA20_POLY1305::YES +moon:: ipsec statusall 2> /dev/null::CHACHA20_POLY1305,::YES +carol::ipsec statusall 2> /dev/null::CHACHA20_POLY1305,::YES moon:: ip xfrm state::aead rfc7539esp(chacha20,poly1305)::YES carol::ip xfrm state::aead rfc7539esp(chacha20,poly1305)::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 184::YES diff --git a/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules b/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules index 2d9a466b0..792fc56bc 100644 --- a/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules +++ b/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootpc and bootps --A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT +# allow bootps (in relay mode also in OUTPUT) +-A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/ikev2/dhcp-dynamic/posttest.dat b/testing/tests/ikev2/dhcp-dynamic/posttest.dat index d4a05b28b..60be3f95c 100644 --- a/testing/tests/ikev2/dhcp-dynamic/posttest.dat +++ b/testing/tests/ikev2/dhcp-dynamic/posttest.dat @@ -1,8 +1,9 @@ moon::ipsec stop carol::ipsec stop dave::ipsec stop -venus::cat /var/state/dhcp/dhcpd.leases +venus::cat /var/lib/dhcp/dhcpd.leases venus::service isc-dhcp-server stop 2> /dev/null +venus::rm /var/lib/dhcp/dhcpd.leases*; touch /var/lib/dhcp/dhcpd.leases moon::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush dave::iptables-restore < /etc/iptables.flush diff --git a/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules b/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules index 2d9a466b0..792fc56bc 100644 --- a/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules +++ b/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootpc and bootps --A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT +# allow bootps (in relay mode also in OUTPUT) +-A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/strongswan.conf index c4a0ff8bb..0883bf058 100644 --- a/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/strongswan.conf @@ -6,6 +6,7 @@ charon { plugins { dhcp { server = 10.1.255.255 + identity_lease = yes } } } diff --git a/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules b/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules index 2d9a466b0..792fc56bc 100644 --- a/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules +++ b/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootpc and bootps --A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT +# allow bootps (in relay mode also in OUTPUT) +-A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/ikev2/multi-level-ca-skipped/description.txt b/testing/tests/ikev2/multi-level-ca-skipped/description.txt new file mode 100644 index 000000000..a5571d00c --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/description.txt @@ -0,0 +1,4 @@ +The roadwarrior carol possesses a certificate issued by the Research CA. +The CRL for the root CA can't be fetched and thus the status of the certificate +of the Research CA is unknown and the authentication is rejected due to the +strict CRL policy enforced by the gateway moon. diff --git a/testing/tests/ikev2/multi-level-ca-skipped/evaltest.dat b/testing/tests/ikev2/multi-level-ca-skipped/evaltest.dat new file mode 100644 index 000000000..5d445c27f --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/evaltest.dat @@ -0,0 +1,4 @@ +moon:: cat /var/log/daemon.log::constraint check failed: RULE_CRL_VALIDATION is FAILED, but requires at least GOOD::YES +carol::cat /var/log/daemon.log::received AUTHENTICATION_FAILED notify error::YES +moon:: ipsec status 2> /dev/null::alice.*ESTABLISHED::NO +carol::ipsec status 2> /dev/null::home.*INSTALLED::NO diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.conf new file mode 100644 index 000000000..297e348ea --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.conf @@ -0,0 +1,21 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + strictcrlpolicy=yes + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + keyexchange=ikev2 + +conn home + left=PH_IP_CAROL + leftcert=carolCert.pem + leftid=carol@strongswan.org + right=PH_IP_MOON + rightsubnet=10.1.0.0/16 + rightid=@moon.strongswan.org + rightca="C=CH, O=Linux strongSwan, CN=strongSwan Root CA" + auto=add diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/certs/carolCert.pem b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/certs/carolCert.pem new file mode 100644 index 000000000..698e47cc0 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/certs/carolCert.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIELDCCAxSgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjERMA8GA1UECxMIUmVzZWFyY2gxFDAS +BgNVBAMTC1Jlc2VhcmNoIENBMB4XDTE1MDQyNjEwMjUwNFoXDTE5MDQwMzEwMjUw +NFowWjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAP +BgNVBAsTCFJlc2VhcmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKupuHqUUqSufsEtjSTZEkTF +sTGWXQkwZoLbAPNlZ4PV0Dx1ju3xRvVtjQHN3Tsx6IsB1JO3k/dMExwttbeBA8HK +oKYw+CFG8+6XWUU+tBT5xlwa5sdVUHIo8On1x7Rb3s+RDhJ2/YvCf/H13aOtqG+L +7Xyt7OwRQZNx4Gx60sgU2Zhr9WsMslWJQeS92va6UiGYN4c6qRNyrS9zTZEJ0yib +tflhd07LLcgz+jHqCdUcPK4g8+TH8HCtek0n2QRu3IfbEM+i6EaZjUJq1kp6k9HA +IgKR48r9HVk3zBsWJBo6sxUn8/avFM54vdwD8NAClNn9xobEXsO3jwGljc5mb40C +AwEAAaOCAQQwggEAMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBRd +qfnvgHGNOog5OOLebmYkmJ/faTBtBgNVHSMEZjBkgBTndfCg8q0gzc1gI8zHyA8p +891UIKFJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3 +YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIBIDAfBgNVHREEGDAWgRRj +YXJvbEBzdHJvbmdzd2FuLm9yZzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3Js +LnN0cm9uZ3N3YW4ub3JnL3Jlc2VhcmNoLmNybDANBgkqhkiG9w0BAQsFAAOCAQEA +TgUJbXL83e11Fzo+XGMQ24FfxdUvlex9IcnnNZnjsy4cYaUhofdI1AIkOhdh7R4i +9dtdfbFLLQR3qc2jmL9ubdQP83FiZZQOXX55XV5/Gb4E4g2T2ZU8ahby+ZzQsEcI +jGeot7fRfbxUrcjnIKxZd7JsQSaR45rMrNcUOQpFT212urojUngrEoAeaC5USEiX +sF11P654UejR8DCczwLi4QBvjRTH3bcMC57FjsWt1n/KCB08dS0ojD+T+6lN7/1K +yLreeRNynXzc1GAln5G03Ivwm9STFT1mYjkBMOCY+3ihEOpzlR9pWCWl9p728db3 +mk0VsDm1jdOf3PK1Xd2PJw== +-----END CERTIFICATE----- diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/private/carolKey.pem b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/private/carolKey.pem new file mode 100644 index 000000000..3a5d7c487 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/private/carolKey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAq6m4epRSpK5+wS2NJNkSRMWxMZZdCTBmgtsA82Vng9XQPHWO +7fFG9W2NAc3dOzHoiwHUk7eT90wTHC21t4EDwcqgpjD4IUbz7pdZRT60FPnGXBrm +x1VQcijw6fXHtFvez5EOEnb9i8J/8fXdo62ob4vtfK3s7BFBk3HgbHrSyBTZmGv1 +awyyVYlB5L3a9rpSIZg3hzqpE3KtL3NNkQnTKJu1+WF3TsstyDP6MeoJ1Rw8riDz +5MfwcK16TSfZBG7ch9sQz6LoRpmNQmrWSnqT0cAiApHjyv0dWTfMGxYkGjqzFSfz +9q8Uzni93APw0AKU2f3GhsRew7ePAaWNzmZvjQIDAQABAoIBAEJqa+GhOUhV6ty6 +zv0Ory7EfgX9cwl3HHJMYVXKSf6L3wFFSoNs8lNKi1/DUnDwolQF5UUxpaHsYQhp +9wCEffugdf9WuunFFeOd0wAjfnEPIlvIXLmKnJFOnccnPJjfYplUOemS+A32tqHa +ymHlcmGV9dBjSmMbWg+942KVMrAOHtCnAk0yT2WlE+9efLTuXoZIQCx+Ico6Lwp8 +JCmZYW2pfUk9co9di6UCl50C+A5RcvpsE7CZcXCzEAqz06eFz4imgQuzQSLaedup +F77cyPd13nD2N7+YGfWrWKbdqGMuQnmfrOQWZf94rlOsQjyCzbHIeItJsXT+DBKT +0SwEIQECgYEA1mcoUiCYOcQcA+FtSO8byzSu0uQZO1cS/VES5mbtRIuLo33L0P0y +bVnBIfk3iaBq70GU98XjhCGUwNwQDQm+zbLK+p+j+4L2ayvjtOV5ql0b2gk6eyRZ +oX14evsmxC2OFqGmGD+VePN4pP+Q39QMCFvf26BMtKHyXQnkwA61G30CgYEAzPfH +Lp3iT9xLqpp9zP9j2m9Ts6m6/Uzzuazpzl7rYMlLkd6fBWBquQ46qbO5Wv+SO7yZ +aWU7OuWGe6zng1VWSrLBZlRMfu+ze1uEETNdedRI858nv1bMlHmt9+RiZgOgZe7H +3D4dLphrQrJC8tlsaP0GWYRZkf64n+37KZX2QVECgYEAyKcmbyYeEQHeDius8XMF +mfmmG6xpiMWG+hgkDgkJyPqoJswWMXKk/P3g6ACq31yId33zAqfqs8ARzSSmyOzz +6uKHYGKDP2FjaQ1cP/H7GVumMzorxw9P6vjYBpCByVuw/LEwFsV7CAUkRZcAaNm0 +oSYKrSqqXuqpPjWCJdQd3qkCgYAdIf6ylohLN5GdrxXAZHBp5Lbt62sDg8OEmZol +1gH4oMPX+N97YSfqI6ac5kmrMHY1fWoEu/m+Nk92Fq5VUXTRazTn+YVh6WoGV4ye +8UERBuZTkkSRAqJTXDQo7tI5k7xhoJ3RpRZ6v/lG4pV3dQXeqlATuycMBDtzp9yy +HXmB8QKBgQCut7SsOJ0DtgpzjatYzKBh43WgwjbeRyReyT6OWuPiLUiKQYN8W5od +pZ51zorvFxu6iEMjAzXs0k1zbM4/EaQwwatTEZF0ZQMYMvm46f0ndhN3fY0O0ENY +zZES5DrfCgboPlmrWoVexU3xEDCWO8hO0fLmwqIK8F4EU8ByOVsHcg== +-----END RSA PRIVATE KEY----- diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.secrets b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.secrets new file mode 100644 index 000000000..fac55d63b --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA carolKey.pem diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/strongswan.conf new file mode 100644 index 000000000..7a64dce30 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default +} diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.conf new file mode 100644 index 000000000..fe69abe92 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.conf @@ -0,0 +1,25 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + strictcrlpolicy=yes + +ca strongswan + cacert=strongswanCert.pem + crluri=http://crl.strongswan.org/not-available.crl + auto=add + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + keyexchange=ikev2 + left=PH_IP_MOON + leftcert=moonCert.pem + leftid=@moon.strongswan.org + +conn alice + leftsubnet=PH_IP_ALICE/32 + right=%any + rightca="C=CH, O=Linux strongSwan, OU=Research, CN=Research CA" + auto=add diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem b/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem new file mode 100644 index 000000000..4d9fed09a --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDwTCCAqmgAwIBAgIBKDANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTE0MDMyMjEzNTYyMloXDTE5MDMyMTEzNTYyMlowUTELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh +cmNoMRQwEgYDVQQDEwtSZXNlYXJjaCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALY5sjqm4AdbWKc/T7JahWpy9xtdPbHngBN6lbnpYaHfrxnGsvmD +FCFZHCd7egRqQ/AuJHHcEv3DUdfJWWAypVnUvdlcp58hBjpxfTPXP9IDBxzQaQyU +zsExIGWOVUY2e7xJ5BKBnXVkok3htY4Hr1GdqNh+3LEmbegJBngTRSRx4PKJ54FO +/b78LUzB+rMxrzxw/lnI8jEmAtKlugQ7c9auMeFCz+NmlSfnSoWhHN5qm+0iNKy0 +C+25IuE8Nq+i3jtBiI8BwBqHY3u2IuflUh9Nc9d/R6vGsRPMHs30X1Ha/m0Ug494 ++wwqwfEBZRjzxMmMF/1SG4I1E3TDOJ3srjkCAwEAAaOBrzCBrDAPBgNVHRMBAf8E +BTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU53XwoPKtIM3NYCPMx8gPKfPd +VCAwbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNV +BAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJv +bmdTd2FuIFJvb3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBAKHj4oUmSaG9u3QC +wjbETgexmKo6EViRjaf++QlK54ILHmPHCkN6Smzr5xpmi7P/FnBLqMlfMIQ3DCD7 +Fof/8SqaE/V9cP7TXK6c5vZHLoVU/NZW1A/HucMHSxd1DEiTfmrz8Q9RNb/r5adZ +Epbje7IRlufhpDD2hDNs1FyjmY9V9G4VfOBA/JBWlgs+A810uidNVD+YEFxDlIZG +6Kr0d5/WZowOUX7G8LUaa5kjoCS7MJONeEX2D/wtsx7Zw3f7GjFDdJfdi+CbAwBN +d8kt2l7yt7oEW9AfOcMQ7+HZOqihNrV8mCErk39p9f6zcZtYHnjM5fJlNRmc+EXC +mk13kTA= +-----END CERTIFICATE----- diff --git a/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/strongswan.conf new file mode 100644 index 000000000..7a64dce30 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default +} diff --git a/testing/tests/ikev2/multi-level-ca-skipped/posttest.dat b/testing/tests/ikev2/multi-level-ca-skipped/posttest.dat new file mode 100644 index 000000000..f84b7e37b --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/posttest.dat @@ -0,0 +1,3 @@ +moon::ipsec stop +carol::ipsec stop +moon::rm /etc/ipsec.d/cacerts/* diff --git a/testing/tests/ikev2/multi-level-ca-skipped/pretest.dat b/testing/tests/ikev2/multi-level-ca-skipped/pretest.dat new file mode 100644 index 000000000..1d847c013 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/pretest.dat @@ -0,0 +1,5 @@ +moon::ipsec start +carol::ipsec start +moon::expect-connection alice +carol::expect-connection home +carol::ipsec up home diff --git a/testing/tests/ikev2/multi-level-ca-skipped/test.conf b/testing/tests/ikev2/multi-level-ca-skipped/test.conf new file mode 100644 index 000000000..892f51cd9 --- /dev/null +++ b/testing/tests/ikev2/multi-level-ca-skipped/test.conf @@ -0,0 +1,21 @@ +#!/bin/bash +# +# This configuration file provides information on the +# guest instances used for this test + +# All guest instances that are required for this test +# +VIRTHOSTS="moon carol winnetou" + +# Corresponding block diagram +# +DIAGRAM="m-c-w.png" + +# Guest instances on which tcpdump is to be started +# +TCPDUMPHOSTS="" + +# Guest instances on which IPsec is started +# Used for IPsec logging purposes +# +IPSECHOSTS="moon carol" diff --git a/testing/tests/ipv6/rw-psk-ikev2/description.txt b/testing/tests/ipv6/rw-psk-ikev2/description.txt index 0bd1474a0..fd7369d8f 100644 --- a/testing/tests/ipv6/rw-psk-ikev2/description.txt +++ b/testing/tests/ipv6/rw-psk-ikev2/description.txt @@ -1,4 +1,4 @@ -TThe roadwarriors carol and dave set up an IPv6 tunnel connection each +The roadwarriors carol and dave set up an IPv6 tunnel connection each to gateway moon. The authentication is based on distinct pre-shared keys and IPv6 addresses. Upon the successful establishment of the IPsec tunnels, automatically inserted ip6tables-based firewall rules let pass the tunneled traffic. diff --git a/testing/tests/swanctl/dhcp-dynamic/hosts/moon/etc/iptables.rules b/testing/tests/swanctl/dhcp-dynamic/hosts/moon/etc/iptables.rules index 2d9a466b0..792fc56bc 100644 --- a/testing/tests/swanctl/dhcp-dynamic/hosts/moon/etc/iptables.rules +++ b/testing/tests/swanctl/dhcp-dynamic/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootpc and bootps --A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT +# allow bootps (in relay mode also in OUTPUT) +-A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/swanctl/dhcp-dynamic/posttest.dat b/testing/tests/swanctl/dhcp-dynamic/posttest.dat index 37e8b02d8..466fc931c 100644 --- a/testing/tests/swanctl/dhcp-dynamic/posttest.dat +++ b/testing/tests/swanctl/dhcp-dynamic/posttest.dat @@ -3,8 +3,9 @@ dave::swanctl --terminate --ike home carol::systemctl stop strongswan-swanctl dave::systemctl stop strongswan-swanctl moon::systemctl stop strongswan-swanctl -venus::cat /var/state/dhcp/dhcpd.leases -venus::server isc-dhcp-server stop 2> /dev/null +venus::cat /var/lib/dhcp/dhcpd.leases +venus::service isc-dhcp-server stop 2> /dev/null +venus::rm /var/lib/dhcp/dhcpd.leases*; touch /var/lib/dhcp/dhcpd.leases moon::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush dave::iptables-restore < /etc/iptables.flush -- cgit v1.2.3