From bba25e2ff6c4a193acb54560ea4417537bd2954e Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Tue, 30 May 2017 20:59:31 +0200 Subject: New upstream version 5.5.3 --- src/starter/Makefile.in | 2 ++ src/starter/args.c | 2 ++ src/starter/confread.h | 3 +++ src/starter/keywords.c | 33 ++++++++++++------------ src/starter/keywords.h | 1 + src/starter/keywords.txt | 1 + src/starter/parser/conf_parser.c | 55 ++++++++++++++++++++++++++++------------ src/starter/starterstroke.c | 1 + src/starter/tests/Makefile.in | 2 ++ 9 files changed, 68 insertions(+), 32 deletions(-) (limited to 'src/starter') diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in index 3c89b0c77..97a0713c3 100644 --- a/src/starter/Makefile.in +++ b/src/starter/Makefile.in @@ -400,6 +400,7 @@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ +fuzz_plugins = @fuzz_plugins@ gtk_CFLAGS = @gtk_CFLAGS@ gtk_LIBS = @gtk_LIBS@ host = @host@ @@ -422,6 +423,7 @@ json_CFLAGS = @json_CFLAGS@ json_LIBS = @json_LIBS@ libdir = @libdir@ libexecdir = @libexecdir@ +libfuzzer = @libfuzzer@ libiptc_CFLAGS = @libiptc_CFLAGS@ libiptc_LIBS = @libiptc_LIBS@ linux_headers = @linux_headers@ diff --git a/src/starter/args.c b/src/starter/args.c index 0874cc7e5..477a52082 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -110,6 +110,7 @@ static const char *LST_authby[] = { static const char *LST_fragmentation[] = { "no", + "accept", "yes", "force", NULL @@ -164,6 +165,7 @@ static const token_info_t token_info[] = { ARG_TIME, offsetof(starter_conn_t, dpd_timeout), NULL }, { ARG_ENUM, offsetof(starter_conn_t, dpd_action), LST_dpd_action }, { ARG_ENUM, offsetof(starter_conn_t, close_action), LST_dpd_action }, + { ARG_ENUM, offsetof(starter_conn_t, sha256_96), LST_bool }, { ARG_TIME, offsetof(starter_conn_t, inactivity), NULL }, { ARG_MISC, 0, NULL /* KW_MODECONFIG */ }, { ARG_MISC, 0, NULL /* KW_XAUTH */ }, diff --git a/src/starter/confread.h b/src/starter/confread.h index 45f34ce23..8ee730daa 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -65,6 +65,7 @@ typedef enum { typedef enum { /* same as in ike_cfg.h */ FRAGMENTATION_NO, + FRAGMENTATION_ACCEPT, FRAGMENTATION_YES, FRAGMENTATION_FORCE, } fragmentation_t; @@ -161,6 +162,8 @@ struct starter_conn { dpd_action_t close_action; + bool sha256_96; + time_t inactivity; bool me_mediation; diff --git a/src/starter/keywords.c b/src/starter/keywords.c index 762c5d947..505b66010 100644 --- a/src/starter/keywords.c +++ b/src/starter/keywords.c @@ -54,7 +54,7 @@ struct kw_entry { kw_token_t token; }; -#define TOTAL_KEYWORDS 139 +#define TOTAL_KEYWORDS 140 #define MIN_WORD_LENGTH 2 #define MAX_WORD_LENGTH 17 #define MIN_HASH_VALUE 9 @@ -80,7 +80,7 @@ hash (str, len) 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 14, - 129, 258, 258, 258, 258, 258, 258, 258, 258, 258, + 129, 258, 258, 258, 4, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, 258, @@ -202,6 +202,7 @@ static const struct kw_entry wordlist[] = {"klipsdebug", KW_SETUP_DEPRECATED}, {"ldapbase", KW_CA_DEPRECATED}, {"overridemtu", KW_SETUP_DEPRECATED}, + {"sha256_96", KW_SHA256_96}, {"ocspuri1", KW_OCSPURI}, {"dpdtimeout", KW_DPDTIMEOUT}, {"aaa_identity", KW_AAA_IDENTITY}, @@ -278,20 +279,20 @@ static const short lookup[] = 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, -1, -1, 60, 61, 62, -1, 63, -1, 64, -1, 65, 66, 67, 68, 69, 70, 71, 72, - -1, 73, 74, 75, 76, 77, 78, -1, 79, -1, - -1, 80, 81, -1, 82, -1, -1, 83, 84, 85, - 86, 87, 88, -1, 89, -1, 90, 91, -1, 92, - 93, -1, 94, 95, -1, 96, -1, -1, 97, 98, - 99, 100, -1, 101, -1, 102, 103, 104, -1, 105, - 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, - -1, 116, -1, 117, -1, 118, -1, -1, 119, 120, - -1, -1, -1, -1, -1, 121, -1, 122, -1, 123, - 124, 125, -1, -1, -1, -1, -1, 126, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, 127, -1, - -1, 128, 129, -1, 130, -1, 131, -1, -1, -1, - -1, -1, -1, 132, -1, 133, -1, 134, 135, -1, - -1, -1, -1, 136, -1, -1, -1, -1, -1, -1, - 137, -1, -1, -1, -1, -1, -1, 138 + -1, 73, 74, 75, 76, 77, 78, 79, 80, -1, + -1, 81, 82, -1, 83, -1, -1, 84, 85, 86, + 87, 88, 89, -1, 90, -1, 91, 92, -1, 93, + 94, -1, 95, 96, -1, 97, -1, -1, 98, 99, + 100, 101, -1, 102, -1, 103, 104, 105, -1, 106, + 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, + -1, 117, -1, 118, -1, 119, -1, -1, 120, 121, + -1, -1, -1, -1, -1, 122, -1, 123, -1, 124, + 125, 126, -1, -1, -1, -1, -1, 127, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, 128, -1, + -1, 129, 130, -1, 131, -1, 132, -1, -1, -1, + -1, -1, -1, 133, -1, 134, -1, 135, 136, -1, + -1, -1, -1, 137, -1, -1, -1, -1, -1, -1, + 138, -1, -1, -1, -1, -1, -1, 139 }; #ifdef __GNUC__ diff --git a/src/starter/keywords.h b/src/starter/keywords.h index 94af493f8..0cb46a740 100644 --- a/src/starter/keywords.h +++ b/src/starter/keywords.h @@ -64,6 +64,7 @@ enum kw_token_t { KW_DPDTIMEOUT, KW_DPDACTION, KW_CLOSEACTION, + KW_SHA256_96, KW_INACTIVITY, KW_MODECONFIG, KW_XAUTH, diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt index ee0bd31e1..3f92dc83f 100644 --- a/src/starter/keywords.txt +++ b/src/starter/keywords.txt @@ -61,6 +61,7 @@ dpddelay, KW_DPDDELAY dpdtimeout, KW_DPDTIMEOUT dpdaction, KW_DPDACTION closeaction, KW_CLOSEACTION +sha256_96, KW_SHA256_96 inactivity, KW_INACTIVITY modeconfig, KW_MODECONFIG xauth, KW_XAUTH diff --git a/src/starter/parser/conf_parser.c b/src/starter/parser/conf_parser.c index 6d1c54d20..66e0ae8e4 100644 --- a/src/starter/parser/conf_parser.c +++ b/src/starter/parser/conf_parser.c @@ -158,10 +158,13 @@ typedef struct { } dictionary_enumerator_t; METHOD(enumerator_t, dictionary_enumerate, bool, - dictionary_enumerator_t *this, char **key, char **value) + dictionary_enumerator_t *this, va_list args) { setting_t *setting; section_t *parent; + char **key, **value; + + VA_ARGS_VGET(args, key, value); while (TRUE) { @@ -221,7 +224,8 @@ METHOD(dictionary_t, dictionary_create_enumerator, enumerator_t*, INIT(enumerator, .public = { - .enumerate = (void*)_dictionary_enumerate, + .enumerate = enumerator_enumerate_default, + .venumerate = _dictionary_enumerate, .destroy = _dictionary_enumerator_destroy, }, .seen = hashtable_create(hashtable_hash_str, hashtable_equals_str, 8), @@ -290,24 +294,43 @@ static dictionary_t *section_dictionary_create(private_conf_parser_t *parser, return &this->public; } -static bool conn_filter(void *unused, section_t **section, char **name) +CALLBACK(conn_filter, bool, + void *unused, enumerator_t *orig, va_list args) { - if (streq((*section)->name, "%default")) + section_t *section; + char **name; + + VA_ARGS_VGET(args, name); + + while (orig->enumerate(orig, §ion)) { - return FALSE; + if (!streq(section->name, "%default")) + { + *name = section->name; + return TRUE; + } } - *name = (*section)->name; - return TRUE; + return FALSE; } -static bool ca_filter(void *unused, void *key, char **name, section_t **section) +CALLBACK(ca_filter, bool, + void *unused, enumerator_t *orig, va_list args) { - if (streq((*section)->name, "%default")) + void *key; + section_t *section; + char **name; + + VA_ARGS_VGET(args, name); + + while (orig->enumerate(orig, &key, §ion)) { - return FALSE; + if (!streq(section->name, "%default")) + { + *name = section->name; + return TRUE; + } } - *name = (*section)->name; - return TRUE; + return FALSE; } METHOD(conf_parser_t, get_sections, enumerator_t*, @@ -317,12 +340,12 @@ METHOD(conf_parser_t, get_sections, enumerator_t*, { case CONF_PARSER_CONN: return enumerator_create_filter( - array_create_enumerator(this->conns_order), - (void*)conn_filter, NULL, NULL); + array_create_enumerator(this->conns_order), + conn_filter, NULL, NULL); case CONF_PARSER_CA: return enumerator_create_filter( - this->cas->create_enumerator(this->cas), - (void*)ca_filter, NULL, NULL); + this->cas->create_enumerator(this->cas), + ca_filter, NULL, NULL); case CONF_PARSER_CONFIG_SETUP: default: return enumerator_create_empty(); diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index b92c00c87..90af9372a 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -220,6 +220,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) msg->add_conn.dpd.timeout = conn->dpd_timeout; msg->add_conn.dpd.action = conn->dpd_action; msg->add_conn.close_action = conn->close_action; + msg->add_conn.sha256_96 = conn->sha256_96; msg->add_conn.inactivity = conn->inactivity; msg->add_conn.ikeme.mediation = conn->me_mediation; push_string(&msg, add_conn.ikeme.mediated_by, conn->me_mediated_by); diff --git a/src/starter/tests/Makefile.in b/src/starter/tests/Makefile.in index 8e9028a7e..6ce8bdaee 100644 --- a/src/starter/tests/Makefile.in +++ b/src/starter/tests/Makefile.in @@ -352,6 +352,7 @@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ fips_mode = @fips_mode@ +fuzz_plugins = @fuzz_plugins@ gtk_CFLAGS = @gtk_CFLAGS@ gtk_LIBS = @gtk_LIBS@ host = @host@ @@ -374,6 +375,7 @@ json_CFLAGS = @json_CFLAGS@ json_LIBS = @json_LIBS@ libdir = @libdir@ libexecdir = @libexecdir@ +libfuzzer = @libfuzzer@ libiptc_CFLAGS = @libiptc_CFLAGS@ libiptc_LIBS = @libiptc_LIBS@ linux_headers = @linux_headers@ -- cgit v1.2.3