Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src update racoon to 2003/8/26 version. mostly minor bugfixes.
details: https://anonhg.NetBSD.org/src/rev/49ce35a31101
branches: trunk
changeset: 550941:49ce35a31101
user: itojun <itojun%NetBSD.org@localhost>
date: Tue Aug 26 03:31:50 2003 +0000
description:
update racoon to 2003/8/26 version. mostly minor bugfixes.
diffstat:
crypto/dist/kame/libipsec/pfkey_dump.c | 149 +++++++++++++++++-------------
crypto/dist/kame/libipsec/policy_token.l | 18 ++-
crypto/dist/kame/libipsec/test-policy.c | 2 +-
crypto/dist/kame/racoon/cfparse.y | 4 +-
crypto/dist/kame/racoon/cftoken.l | 4 +-
crypto/dist/kame/racoon/crypto_openssl.c | 84 ++++++++++++++++-
crypto/dist/kame/racoon/proposal.c | 19 ++-
crypto/dist/kame/racoon/strnames.c | 6 +-
crypto/dist/kame/racoon/var.h | 2 +-
usr.sbin/racoon/Makefile.inc | 4 +-
10 files changed, 197 insertions(+), 95 deletions(-)
diffs (truncated from 640 to 300 lines):
diff -r 7f0de41f74f4 -r 49ce35a31101 crypto/dist/kame/libipsec/pfkey_dump.c
--- a/crypto/dist/kame/libipsec/pfkey_dump.c Tue Aug 26 03:27:01 2003 +0000
+++ b/crypto/dist/kame/libipsec/pfkey_dump.c Tue Aug 26 03:31:50 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: pfkey_dump.c,v 1.35 2001/11/13 12:38:47 jinmei Exp $ */
+/* $KAME: pfkey_dump.c,v 1.44 2003/07/25 09:35:28 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
@@ -78,9 +78,9 @@
do { \
if (sizeof((str)[0]) == 0 \
|| num >= sizeof(str)/sizeof((str)[0])) \
- printf("%d ", (num)); \
+ printf("%u ", (num)); \
else if (strlen((str)[(num)]) == 0) \
- printf("%d ", (num)); \
+ printf("%u ", (num)); \
else \
printf("%s ", (str)[(num)]); \
} while (0)
@@ -95,7 +95,7 @@
if (p && p->str) \
printf("%s ", p->str); \
else \
- printf("%d ", (num)); \
+ printf("%u ", (num)); \
} while (0)
static char *str_ipaddr __P((struct sockaddr *));
@@ -154,6 +154,12 @@
#ifdef SADB_X_AALG_SHA2_512
{ SADB_X_AALG_SHA2_512, "hmac-sha2-512", },
#endif
+#ifdef SADB_X_AALG_RIPEMD160HMAC
+ { SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160", },
+#endif
+#ifdef SADB_X_AALG_AES_XCBC_MAC
+ { SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac", },
+#endif
{ -1, NULL, },
};
@@ -173,6 +179,9 @@
#ifdef SADB_X_EALG_TWOFISHCBC
{ SADB_X_EALG_TWOFISHCBC, "twofish-cbc", },
#endif
+#ifdef SADB_X_EALG_AESCTR
+ { SADB_X_EALG_AESCTR, "aes-ctr", },
+#endif
{ -1, NULL, },
};
@@ -353,6 +362,9 @@
char pbuf[NI_MAXSERV];
caddr_t mhp[SADB_EXT_MAX + 1];
struct sadb_address *m_saddr, *m_daddr;
+#ifdef SADB_X_EXT_TAG
+ struct sadb_x_tag *m_tag;
+#endif
struct sadb_x_policy *m_xpl;
struct sadb_lifetime *m_lftc = NULL, *m_lfth = NULL;
struct sockaddr *sa;
@@ -370,64 +382,67 @@
m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC];
m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST];
+#ifdef SADB_X_EXT_TAG
+ m_tag = (struct sadb_x_tag *)mhp[SADB_X_EXT_TAG];
+#endif
m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY];
m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT];
m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
- /* source address */
- if (m_saddr == NULL) {
- printf("no ADDRESS_SRC extension.\n");
- return;
- }
- sa = (struct sockaddr *)(m_saddr + 1);
- switch (sa->sa_family) {
- case AF_INET:
- case AF_INET6:
- if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf),
- NI_NUMERICSERV) != 0)
- sport = 0; /*XXX*/
- else
- sport = atoi(pbuf);
- printf("%s%s ", str_ipaddr(sa),
- str_prefport(sa->sa_family,
- m_saddr->sadb_address_prefixlen, sport,
- m_saddr->sadb_address_proto));
- break;
- default:
- printf("unknown-af ");
- break;
+ if (m_saddr && m_daddr) {
+ /* source address */
+ sa = (struct sockaddr *)(m_saddr + 1);
+ switch (sa->sa_family) {
+ case AF_INET:
+ case AF_INET6:
+ if (getnameinfo(sa, sa->sa_len, NULL, 0,
+ pbuf, sizeof(pbuf), NI_NUMERICSERV) != 0)
+ sport = 0; /*XXX*/
+ else
+ sport = atoi(pbuf);
+ printf("%s%s ", str_ipaddr(sa),
+ str_prefport(sa->sa_family,
+ m_saddr->sadb_address_prefixlen, sport,
+ m_saddr->sadb_address_proto));
+ break;
+ default:
+ printf("unknown-af ");
+ break;
+ }
+
+ /* destination address */
+ sa = (struct sockaddr *)(m_daddr + 1);
+ switch (sa->sa_family) {
+ case AF_INET:
+ case AF_INET6:
+ if (getnameinfo(sa, sa->sa_len, NULL, 0,
+ pbuf, sizeof(pbuf), NI_NUMERICSERV) != 0)
+ dport = 0; /*XXX*/
+ else
+ dport = atoi(pbuf);
+ printf("%s%s ", str_ipaddr(sa),
+ str_prefport(sa->sa_family,
+ m_daddr->sadb_address_prefixlen, dport,
+ m_saddr->sadb_address_proto));
+ break;
+ default:
+ printf("unknown-af ");
+ break;
+ }
+
+ /* upper layer protocol */
+ if (m_saddr->sadb_address_proto !=
+ m_daddr->sadb_address_proto) {
+ printf("upper layer protocol mismatched.\n");
+ return;
+ }
+ str_upperspec(m_saddr->sadb_address_proto, sport, dport);
}
- /* destination address */
- if (m_daddr == NULL) {
- printf("no ADDRESS_DST extension.\n");
- return;
- }
- sa = (struct sockaddr *)(m_daddr + 1);
- switch (sa->sa_family) {
- case AF_INET:
- case AF_INET6:
- if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf),
- NI_NUMERICSERV) != 0)
- dport = 0; /*XXX*/
- else
- dport = atoi(pbuf);
- printf("%s%s ", str_ipaddr(sa),
- str_prefport(sa->sa_family,
- m_daddr->sadb_address_prefixlen, dport,
- m_saddr->sadb_address_proto));
- break;
- default:
- printf("unknown-af ");
- break;
- }
-
- /* upper layer protocol */
- if (m_saddr->sadb_address_proto != m_daddr->sadb_address_proto) {
- printf("upper layer protocol mismatched.\n");
- return;
- }
- str_upperspec(m_saddr->sadb_address_proto, sport, dport);
+#ifdef SADB_X_EXT_TAG
+ if (m_tag)
+ printf("tagged \"%s\" ", m_tag->sadb_x_tag_name);
+#endif
/* policy */
{
@@ -446,15 +461,15 @@
/* lifetime */
if (m_lftc) {
- printf("\tcreated:%s ",
+ printf("\tcreated: %s ",
str_time(m_lftc->sadb_lifetime_addtime));
- printf("lastused:%s\n",
+ printf("lastused: %s\n",
str_time(m_lftc->sadb_lifetime_usetime));
}
if (m_lfth) {
- printf("\tlifetime:%lu(s) ",
+ printf("\tlifetime: %lu(s) ",
(u_long)m_lfth->sadb_lifetime_addtime);
- printf("validtime:%lu(s)\n",
+ printf("validtime: %lu(s)\n",
(u_long)m_lfth->sadb_lifetime_usetime);
}
@@ -518,10 +533,12 @@
if (ulp == IPPROTO_ICMPV6)
memset(portbuf, 0, sizeof(portbuf));
- else if (ulp != IPPROTO_ICMPV6 && port == IPSEC_PORT_ANY)
- snprintf(portbuf, sizeof(portbuf), "[%s]", "any");
- else
- snprintf(portbuf, sizeof(portbuf), "[%u]", port);
+ else {
+ if (port == IPSEC_PORT_ANY)
+ snprintf(portbuf, sizeof(portbuf), "[%s]", "any");
+ else
+ snprintf(portbuf, sizeof(portbuf), "[%u]", port);
+ }
snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf);
@@ -537,7 +554,7 @@
else if (ulp == IPPROTO_ICMPV6) {
printf("icmp6");
if (!(p1 == IPSEC_PORT_ANY && p2 == IPSEC_PORT_ANY))
- printf(" %d,%d", p1, p2);
+ printf(" %u,%u", p1, p2);
} else {
struct protoent *ent;
@@ -550,7 +567,7 @@
if (ent)
printf("%s", ent->p_name);
else
- printf("%d", ulp);
+ printf("%u", ulp);
endprotoent();
break;
diff -r 7f0de41f74f4 -r 49ce35a31101 crypto/dist/kame/libipsec/policy_token.l
--- a/crypto/dist/kame/libipsec/policy_token.l Tue Aug 26 03:27:01 2003 +0000
+++ b/crypto/dist/kame/libipsec/policy_token.l Tue Aug 26 03:31:50 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: policy_token.l,v 1.11 2000/12/01 10:08:29 sakane Exp $ */
+/* $KAME: policy_token.l,v 1.13 2003/05/09 05:19:55 sakane Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
@@ -132,18 +132,26 @@
%%
void __policy__strbuffer__init__ __P((char *));
+void __policy__strbuffer__free__ __P((void));
+
+static YY_BUFFER_STATE strbuffer;
void
__policy__strbuffer__init__(msg)
char *msg;
{
- YY_BUFFER_STATE yyb;
-
if (yy_current_buffer)
yy_delete_buffer(yy_current_buffer);
- yyb = (YY_BUFFER_STATE)yy_scan_string(msg);
- yy_switch_to_buffer(yyb);
+ strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
+ yy_switch_to_buffer(strbuffer);
return;
}
+void
+__policy__strbuffer__free__()
+{
+ yy_delete_buffer(strbuffer);
+
+ return;
+}
diff -r 7f0de41f74f4 -r 49ce35a31101 crypto/dist/kame/libipsec/test-policy.c
--- a/crypto/dist/kame/libipsec/test-policy.c Tue Aug 26 03:27:01 2003 +0000
+++ b/crypto/dist/kame/libipsec/test-policy.c Tue Aug 26 03:31:50 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: test-policy.c,v 1.15 2001/06/28 12:44:50 sakane Exp $ */
+/* $KAME: test-policy.c,v 1.16 2003/08/26 03:24:08 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
diff -r 7f0de41f74f4 -r 49ce35a31101 crypto/dist/kame/racoon/cfparse.y
--- a/crypto/dist/kame/racoon/cfparse.y Tue Aug 26 03:27:01 2003 +0000
+++ b/crypto/dist/kame/racoon/cfparse.y Tue Aug 26 03:31:50 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: cfparse.y,v 1.117 2003/06/27 07:32:37 sakane Exp $ */
+/* $KAME: cfparse.y,v 1.118 2003/07/12 09:34:48 itojun Exp $ */
%{
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
Home |
Main Index |
Thread Index |
Old Index