Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools Import ipsec-tools ipsec-tools-0_6-2...
details: https://anonhg.NetBSD.org/src/rev/4b7ab8c542ee
branches: trunk
changeset: 574820:4b7ab8c542ee
user: manu <manu%NetBSD.org@localhost>
date: Mon Mar 14 08:14:24 2005 +0000
description:
Import ipsec-tools ipsec-tools-0_6-20050314
diffstat:
crypto/dist/ipsec-tools/ChangeLog | 21 +++++++++++++++++++++
crypto/dist/ipsec-tools/configure.ac | 15 +++++++++------
crypto/dist/ipsec-tools/netbsd-import.sh | 2 +-
crypto/dist/ipsec-tools/src/racoon/isakmp.c | 8 ++++----
crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c | 9 ++++++---
crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c | 6 +++---
crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c | 5 ++---
crypto/dist/ipsec-tools/src/racoon/oakley.c | 10 ++++++----
8 files changed, 52 insertions(+), 24 deletions(-)
diffs (215 lines):
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/ChangeLog
--- a/crypto/dist/ipsec-tools/ChangeLog Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/ChangeLog Mon Mar 14 08:14:24 2005 +0000
@@ -1,3 +1,24 @@
+2005-03-14 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * configure.ac: handle correctly dynamic libradius
+
+2005-03-13 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp.c: Fixed a buffer underrun (CAN-2005-0398)
+
+2005-03-09 Emmanuel Dreyfus <manu%netbsd.org@localhost>
+
+ * src/racoon/isakmp_xauth.c: fix a crash when using RADIUS auth
+
+2005-03-02 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/isakmp_quick.c: tunnel_mode_prop() is now public
+ * src/racoon/isakmp_inf.c: fixed compilation if HAVE_POLICY_FWD.
+
+2005-03-01 Yvan Vanhullebus <vanhu%free.fr@localhost>
+
+ * src/racoon/oakley.c: fixed oakley_newiv2() when errors
+
2005-02-24 Emmanuel Dreyfus <manu%netbsd.org@localhost>
* src/racoon/privsep.c: safety check port numbers given by the
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/configure.ac
--- a/crypto/dist/ipsec-tools/configure.ac Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/configure.ac Mon Mar 14 08:14:24 2005 +0000
@@ -1,5 +1,5 @@
dnl -*- mode: m4 -*-
-dnl Id: configure.ac,v 1.47.2.2 2005/02/22 23:56:08 manubsd Exp
+dnl Id: configure.ac,v 1.47.2.3 2005/03/14 07:55:03 manubsd Exp
AC_PREREQ(2.52)
AC_INIT(ipsec-tools, 0.5pre)
@@ -218,6 +218,9 @@
fi
AC_SUBST(EXTRA_CRYPTO)
+# For dynamic libradius
+RACOON_PATH_LIBS(MD5_Init, crypto)
+
# Check for Kerberos5 support
AC_MSG_CHECKING(if --enable-gssapi option is specified)
AC_ARG_ENABLE(gssapi,
@@ -284,11 +287,11 @@
libradius_dir="";
fi;
if test "x$libradius_dir" = "x"; then
- RACOON_PATH_LIBS(rad_create_request, lradius)
+ RACOON_PATH_LIBS(rad_create_request, radius)
else
if test -d "$libradius_dir/lib" -a \
-d "$libradius_dir/include" ; then
- RACOON_PATH_LIBS(rad_create_request, lradius, "$libradius_dir/lib")
+ RACOON_PATH_LIBS(rad_create_request, radius, "$libradius_dir/lib")
CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include"
else
AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.])
@@ -310,11 +313,11 @@
libpam_dir="";
fi;
if test "x$libpam_dir" = "x"; then
- RACOON_PATH_LIBS(rad_create_request, lpam)
+ RACOON_PATH_LIBS(pam_start, pam)
else
if test -d "$libpam_dir/lib" -a \
-d "$libpam_dir/include" ; then
- RACOON_PATH_LIBS(rad_create_request, lpam, "$libpam_dir/lib")
+ RACOON_PATH_LIBS(pam_start, pam, "$libpam_dir/lib")
CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include"
else
AC_MSG_ERROR([PAM libs or includes not found. Aborting.])
@@ -322,7 +325,7 @@
fi
AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM])
LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam"
- AC_CHECK_FUNCS(rad_create_request)
+ AC_CHECK_FUNCS(pam_start)
fi
AC_MSG_CHECKING(if --enable-stats option is specified)
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/netbsd-import.sh
--- a/crypto/dist/ipsec-tools/netbsd-import.sh Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/netbsd-import.sh Mon Mar 14 08:14:24 2005 +0000
@@ -1,6 +1,6 @@
#! /bin/sh
#
-# $NetBSD: netbsd-import.sh,v 1.1.1.1 2005/02/24 20:52:27 manu Exp $
+# $NetBSD: netbsd-import.sh,v 1.1.1.2 2005/03/14 08:14:25 manu Exp $
#
# Copyright (c) 2000-2005 The NetBSD Foundation, Inc.
# All rights reserved.
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/src/racoon/isakmp.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp.c Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp.c Mon Mar 14 08:14:24 2005 +0000
@@ -1,6 +1,6 @@
-/* $NetBSD: isakmp.c,v 1.1.1.2 2005/02/23 14:54:17 manu Exp $ */
-
-/* Id: isakmp.c,v 1.34.2.1 2005/02/23 13:38:51 manubsd Exp */
+/* $NetBSD: isakmp.c,v 1.1.1.3 2005/03/14 08:14:29 manu Exp $ */
+
+/* Id: isakmp.c,v 1.34.2.2 2005/03/13 17:31:55 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1348,7 +1348,7 @@
p->type = np;
p->len = ntohs(gen->len);
- if (p->len == 0 || p->len > tlen) {
+ if (p->len < sizeof(struct isakmp_gen) || p->len > tlen) {
plog(LLV_DEBUG, LOCATION, NULL,
"invalid length of payload\n");
vfree(result);
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Mon Mar 14 08:14:24 2005 +0000
@@ -1,6 +1,6 @@
-/* $NetBSD: isakmp_inf.c,v 1.1.1.2 2005/02/23 14:54:21 manu Exp $ */
+/* $NetBSD: isakmp_inf.c,v 1.1.1.3 2005/03/14 08:14:30 manu Exp $ */
-/* Id: isakmp_inf.c,v 1.14.4.1 2005/02/18 10:01:39 vanhu Exp */
+/* Id: isakmp_inf.c,v 1.14.4.2 2005/03/02 20:00:03 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -115,6 +115,9 @@
static u_int32_t setscopeid __P((struct sockaddr *, struct sockaddr *));
#endif
+#ifdef HAVE_POLICY_FWD
+extern int tunnel_mode_prop __P((struct saprop *));
+#endif
/* �%%%
@@ -1208,7 +1211,7 @@
#ifdef HAVE_POLICY_FWD
/* make forward policy if required */
if (tunnel_mode_prop(iph2->approval)) {
- spidx->dir = IPSEC_DIR_FWD;
+ spidx.dir = IPSEC_DIR_FWD;
if (pk_sendspddelete(iph2) < 0) {
plog(LLV_ERROR, LOCATION, NULL,
"pfkey spddelete(forward) failed.\n");
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c Mon Mar 14 08:14:24 2005 +0000
@@ -1,6 +1,6 @@
-/* $NetBSD: isakmp_quick.c,v 1.1.1.2 2005/02/23 14:54:21 manu Exp $ */
+/* $NetBSD: isakmp_quick.c,v 1.1.1.3 2005/03/14 08:14:31 manu Exp $ */
-/* Id: isakmp_quick.c,v 1.13 2005/01/11 08:34:46 manubsd Exp */
+/* Id: isakmp_quick.c,v 1.13.2.1 2005/03/02 20:00:03 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1581,7 +1581,7 @@
return error;
}
-static int
+int
tunnel_mode_prop(p)
struct saprop *p;
{
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c Mon Mar 14 08:14:24 2005 +0000
@@ -1,6 +1,6 @@
-/* $NetBSD: isakmp_xauth.c,v 1.1.1.2 2005/02/23 14:54:21 manu Exp $ */
+/* $NetBSD: isakmp_xauth.c,v 1.1.1.3 2005/03/14 08:14:31 manu Exp $ */
-/* Id: isakmp_xauth.c,v 1.17.2.1 2005/02/23 12:18:40 manubsd Exp */
+/* Id: isakmp_xauth.c,v 1.17.2.2 2005/03/09 14:12:31 manubsd Exp */
/*
* Copyright (C) 2004 Emmanuel Dreyfus
@@ -458,7 +458,6 @@
char *usr;
char *pwd;
{
- static struct rad_handle *radius_state = NULL;
int res;
const void *data;
size_t len;
diff -r a6c173ee3edb -r 4b7ab8c542ee crypto/dist/ipsec-tools/src/racoon/oakley.c
--- a/crypto/dist/ipsec-tools/src/racoon/oakley.c Mon Mar 14 05:45:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/oakley.c Mon Mar 14 08:14:24 2005 +0000
@@ -1,6 +1,6 @@
-/* $NetBSD: oakley.c,v 1.1.1.2 2005/02/23 14:54:23 manu Exp $ */
-
-/* Id: oakley.c,v 1.17 2005/01/30 20:34:05 vanhu Exp */
+/* $NetBSD: oakley.c,v 1.1.1.3 2005/03/14 08:14:31 manu Exp $ */
+
+/* Id: oakley.c,v 1.17.2.1 2005/03/01 09:51:48 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -2794,8 +2794,10 @@
plogdump(LLV_DEBUG, newivm->iv->v, newivm->iv->l);
end:
- if (error && newivm != NULL)
+ if (error && newivm != NULL){
oakley_delivm(newivm);
+ newivm=NULL;
+ }
if (buf != NULL)
vfree(buf);
return newivm;
Home |
Main Index |
Thread Index |
Old Index