Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools/src/setkey Clean up setkey: remove d...
details: https://anonhg.NetBSD.org/src/rev/7f7bf9d198f6
branches: trunk
changeset: 433957:7f7bf9d198f6
user: maxv <maxv%NetBSD.org@localhost>
date: Sun Oct 14 08:27:39 2018 +0000
description:
Clean up setkey: remove dead wood, KNF, localify, and slightly improve.
diffstat:
crypto/dist/ipsec-tools/src/setkey/Makefile.am | 3 +-
crypto/dist/ipsec-tools/src/setkey/extern.h | 49 +-
crypto/dist/ipsec-tools/src/setkey/parse.y | 23 +-
crypto/dist/ipsec-tools/src/setkey/scriptdump.pl | 55 --
crypto/dist/ipsec-tools/src/setkey/setkey.c | 191 ++++---
crypto/dist/ipsec-tools/src/setkey/test-pfkey.c | 590 -----------------------
crypto/dist/ipsec-tools/src/setkey/token.l | 29 +-
7 files changed, 165 insertions(+), 775 deletions(-)
diffs (truncated from 1402 to 300 lines):
diff -r 69523068efea -r 7f7bf9d198f6 crypto/dist/ipsec-tools/src/setkey/Makefile.am
--- a/crypto/dist/ipsec-tools/src/setkey/Makefile.am Sun Oct 14 05:08:39 2018 +0000
+++ b/crypto/dist/ipsec-tools/src/setkey/Makefile.am Sun Oct 14 08:27:39 2018 +0000
@@ -18,5 +18,4 @@
noinst_HEADERS = vchar.h extern.h
man8_MANS = setkey.8
-EXTRA_DIST = ${man8_MANS} sample-policy01.cf sample-policy02.cf sample.cf \
- scriptdump.pl test-pfkey.c
+EXTRA_DIST = ${man8_MANS} sample-policy01.cf sample-policy02.cf sample.cf
diff -r 69523068efea -r 7f7bf9d198f6 crypto/dist/ipsec-tools/src/setkey/extern.h
--- a/crypto/dist/ipsec-tools/src/setkey/extern.h Sun Oct 14 05:08:39 2018 +0000
+++ b/crypto/dist/ipsec-tools/src/setkey/extern.h Sun Oct 14 08:27:39 2018 +0000
@@ -1,33 +1,54 @@
-/* $NetBSD: extern.h,v 1.6 2018/05/28 20:34:45 maxv Exp $ */
-
+/* $NetBSD: extern.h,v 1.7 2018/10/14 08:27:39 maxv Exp $ */
+/*
+ * Copyright (c) 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+/* parse.y */
void parse_init(void);
+
+/* token.l */
int parse(FILE **);
int parse_string(char *);
-int setkeymsg(char *, size_t *);
+/* setkey.c */
int sendkeymsg(char *, size_t);
+uint32_t *sendkeymsg_spigrep(unsigned int, struct addrinfo *,
+ struct addrinfo *, int *);
int yylex(void);
int yyparse(void);
void yyfatal(const char *);
void yyerror(const char *);
-u_int32_t *sendkeymsg_spigrep(unsigned int, struct addrinfo *,
- struct addrinfo *, int *);
-
+#ifdef HAVE_POLICY_FWD
extern int f_rfcmode;
+#endif
extern int lineno;
-extern int last_msg_type;
-extern u_int32_t last_priority;
extern int exit_now;
-
-extern u_char m_buf[BUFSIZ];
-extern u_int m_len;
-extern int f_debug;
-
#ifdef HAVE_PFKEY_POLICY_PRIORITY
extern int last_msg_type;
-extern u_int32_t last_priority;
+extern uint32_t last_priority;
#endif
diff -r 69523068efea -r 7f7bf9d198f6 crypto/dist/ipsec-tools/src/setkey/parse.y
--- a/crypto/dist/ipsec-tools/src/setkey/parse.y Sun Oct 14 05:08:39 2018 +0000
+++ b/crypto/dist/ipsec-tools/src/setkey/parse.y Sun Oct 14 08:27:39 2018 +0000
@@ -1,5 +1,4 @@
-/* $NetBSD: parse.y,v 1.21 2018/05/28 20:34:45 maxv Exp $ */
-
+/* $NetBSD: parse.y,v 1.22 2018/10/14 08:27:39 maxv Exp $ */
/* $KAME: parse.y,v 1.81 2003/07/01 04:01:48 itojun Exp $ */
/*
@@ -92,7 +91,7 @@
static struct addrinfo *parse_addr(char *, char *);
static int fix_portstr(int, vchar_t *, vchar_t *, vchar_t *);
-static int setvarbuf(char *, int *, struct sadb_ext *, int,
+static int setvarbuf(char *, int *, struct sadb_ext *, int,
const void *, int);
void parse_init(void);
void free_buffer(void);
@@ -488,14 +487,14 @@
p_key_auth = $2.buf;
#ifdef SADB_X_AALG_TCP_MD5
if (p_alg_auth == SADB_X_AALG_TCP_MD5) {
- if ((p_key_auth_len < 1) ||
+ if ((p_key_auth_len < 1) ||
(p_key_auth_len > 80))
return -1;
- } else
+ } else
#endif
{
if (ipsec_check_keylen(SADB_EXT_SUPPORTED_AUTH,
- p_alg_auth,
+ p_alg_auth,
PFKEY_UNUNIT64(p_key_auth_len)) < 0) {
yyerror(ipsec_strerror());
return -1;
@@ -849,8 +848,8 @@
upper_spec
: DECSTRING { $$ = $1; }
| ANY { $$ = IPSEC_ULPROTO_ANY; }
- | PR_TCP {
- $$ = IPPROTO_TCP;
+ | PR_TCP {
+ $$ = IPPROTO_TCP;
}
| STRING
{
@@ -1047,13 +1046,13 @@
m_sec_ctx.sadb_x_sec_len =
PFKEY_UNIT64(slen + PFKEY_ALIGN8(sec_ctx.len));
- m_sec_ctx.sadb_x_sec_exttype =
+ m_sec_ctx.sadb_x_sec_exttype =
SADB_X_EXT_SEC_CTX;
m_sec_ctx.sadb_x_ctx_len = sec_ctx.len;/*bytes*/
m_sec_ctx.sadb_x_ctx_doi = sec_ctx.doi;
m_sec_ctx.sadb_x_ctx_alg = sec_ctx.alg;
- setvarbuf(buf, &l,
- (struct sadb_ext *)&m_sec_ctx, slen,
+ setvarbuf(buf, &l,
+ (struct sadb_ext *)&m_sec_ctx, slen,
(caddr_t)sec_ctx.buf, sec_ctx.len);
}
#endif
@@ -1386,7 +1385,7 @@
m_sec_ctx.sadb_x_ctx_doi = sec_ctx.doi;
m_sec_ctx.sadb_x_ctx_alg = sec_ctx.alg;
setvarbuf(buf, &l, (struct sadb_ext *)&m_sec_ctx, slen,
- (caddr_t)sec_ctx.buf, sec_ctx.len);
+ (caddr_t)sec_ctx.buf, sec_ctx.len);
}
#endif
diff -r 69523068efea -r 7f7bf9d198f6 crypto/dist/ipsec-tools/src/setkey/scriptdump.pl
--- a/crypto/dist/ipsec-tools/src/setkey/scriptdump.pl Sun Oct 14 05:08:39 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-#! @LOCALPREFIX@/bin/perl
-
-if ($< != 0) {
- print STDERR "must be root to invoke this\n";
- exit 1;
-}
-
-$mode = 'add';
-while ($i = shift @ARGV) {
- if ($i eq '-d') {
- $mode = 'delete';
- } else {
- print STDERR "usage: scriptdump [-d]\n";
- exit 1;
- }
-}
-
-open(IN, "setkey -D |") || die;
-foreach $_ (<IN>) {
- if (/^[^\t]/) {
- ($src, $dst) = split(/\s+/, $_);
- } elsif (/^\t(esp|ah) mode=(\S+) spi=(\d+).*reqid=(\d+)/) {
- ($proto, $ipsecmode, $spi, $reqid) = ($1, $2, $3, $4);
- } elsif (/^\tE: (\S+) (.*)/) {
- $ealgo = $1;
- $ekey = $2;
- $ekey =~ s/\s//g;
- $ekey =~ s/^/0x/g;
- } elsif (/^\tA: (\S+) (.*)/) {
- $aalgo = $1;
- $akey = $2;
- $akey =~ s/\s//g;
- $akey =~ s/^/0x/g;
- } elsif (/^\tseq=(0x\d+) replay=(\d+) flags=(0x\d+) state=/) {
- print "$mode $src $dst $proto $spi";
- $replay = $2;
- print " -u $reqid" if $reqid;
- if ($mode eq 'add') {
- print " -m $ipsecmode -r $replay" if $replay;
- if ($proto eq 'esp') {
- print " -E $ealgo $ekey" if $ealgo;
- print " -A $aalgo $akey" if $aalgo;
- } elsif ($proto eq 'ah') {
- print " -A $aalgo $akey" if $aalgo;
- }
- }
- print ";\n";
-
- $src = $dst = $upper = $proxy = '';
- $ealgo = $ekey = $aalgo = $akey = '';
- }
-}
-close(IN);
-
-exit 0;
diff -r 69523068efea -r 7f7bf9d198f6 crypto/dist/ipsec-tools/src/setkey/setkey.c
--- a/crypto/dist/ipsec-tools/src/setkey/setkey.c Sun Oct 14 05:08:39 2018 +0000
+++ b/crypto/dist/ipsec-tools/src/setkey/setkey.c Sun Oct 14 08:27:39 2018 +0000
@@ -1,6 +1,31 @@
-/* $NetBSD: setkey.c,v 1.18 2018/05/28 20:34:45 maxv Exp $ */
+/* $NetBSD: setkey.c,v 1.19 2018/10/14 08:27:39 maxv Exp $ */
+/* $KAME: setkey.c,v 1.36 2003/09/24 23:52:51 itojun Exp $ */
-/* $KAME: setkey.c,v 1.36 2003/09/24 23:52:51 itojun Exp $ */
+/*
+ * Copyright (c) 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
@@ -66,25 +91,24 @@
#include "config.h"
#include "libpfkey.h"
#include "package_version.h"
-#define extern /* so that variables in extern.h are not extern... */
#include "extern.h"
#define strlcpy(d,s,l) (strncpy(d,s,l), (d)[(l)-1] = '\0')
-void usage(int);
-int main(int, char **);
-int get_supported(void);
-void sendkeyshort(u_int);
-void promisc(void);
-int postproc(struct sadb_msg *, int);
-int verifypriority(struct sadb_msg *m);
-int fileproc(const char *);
-const char *numstr(int);
-void shortdump_hdr(void);
-void shortdump(struct sadb_msg *);
+static int get_supported(void);
+static void sendkeyshort(u_int);
+static void promisc(void);
+static int postproc(struct sadb_msg *, int);
+#ifdef HAVE_PFKEY_POLICY_PRIORITY
+static int verifypriority(struct sadb_msg *);
+#endif
+static int fileproc(const char *);
+static const char *numstr(int);
+static void shortdump_hdr(void);
+static void shortdump(struct sadb_msg *);
static void printdate(void);
static int32_t gmt2local(time_t);
-void stdin_loop(void);
+static void stdin_loop(void);
#define MODE_SCRIPT 1
#define MODE_CMDDUMP 2
@@ -104,13 +128,16 @@
int f_tflag = 0;
int f_notreally = 0;
int f_withports = 0;
+#ifdef HAVE_PFKEY_POLICY_PRIORITY
+int last_msg_type;
+uint32_t last_priority;
+#endif
#ifdef HAVE_POLICY_FWD
int f_rfcmode = 1;
Home |
Main Index |
Thread Index |
Old Index