source-changes: CVS commit: src/crypto/dist/kame/racoon

Subject: CVS commit: src/crypto/dist/kame/racoon
To: None <source-changes@NetBSD.org>
From: Jason R Thorpe <thorpej@netbsd.org>
List: source-changes
Date: 11/10/2004 20:23:28
Module Name:	src
Committed By:	thorpej
Date:		Wed Nov 10 20:23:28 UTC 2004

Modified Files:
	src/crypto/dist/kame/racoon: auth_gssapi.h cfparse.y cftoken.l gssapi.c
	    ipsec_doi.c localconf.c localconf.h main.c racoon.conf.5
	src/crypto/dist/kame/racoon/samples: racoon.conf.sample-gssapi

Log Message:
Apply patches as discussed on:

    http://mail-index.netbsd.org/tech-net/2004/11/05/0004.html

Slightly modified to differentiate the version string from a stock racoon.

	* auth_gssapi.h (GSSAPI_DEF_NAME): Change from "ike" to "host".
	(gssapi_get_default_id): Rename to gssapi_get_id.
	(gssapi_get_default_gss_id): New prototype.
	* cfparse.y (GSSAPI_ID): Rename to GSS_ID.
	(GSS_ID_ENC, GSS_ID_ENCTYPE): New tokens.
	(gssenc_statement): New statement.
	(isakmpproposal_spec): Use GSS_ID token.
	(expand_isakmpspec): Fill in gssid in the new proposal only
	if authmethod is OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB.  If the
	GSS ID is not provided, call gssapi_get_default_gss_id() to
	place the default ID in the proposal.
	* cftoken.l (S_GSSENC): New start condition.
	(<S_RMTP>gss_id): New, return the GSS_ID token.
	(<S_RMTP>gssapi_id): Return the GSS_ID token.
	(<S_INI>gss_id_enc, <S_GSSENC>latin1, <S_GSSENC>utf-16le)
	(<S_GSSENC>{semi}): New, tokenize the "gss_id_enc enctype;"
	statement.
	* gssapi.c: Include <unistd.h>.
	(gssapi_get_default_gss_id): New function.
	(gssapi_init): Disable a broken debugging message.  Make
	printf formats consistent in their handling of non-NUL-terminated
	strings.
	(gssapi_get_default_id): Rename to...
	(gssapi_get_id): ...this.  If the proposal has a gssid, vdup()
	that and return it.  Disable a broken debugging message.  Make
	printf formats consistent in their handling of non-NUL-terminated
	strings.
	* ipsec_doi.c: Include <iconv.h>.
	(get_ph1approval): Make printf formats consistent in their handling
	of non-NUL-terminated strings.  Call gssapi_get_id() instead of
	gssapi_get_default_id(), and remove some complexity that has been
	pushed into that function.
	(t2isakmpsa): When parsing the OAKLEY_ATTR_GSS_ID attribute,
	check convert the attribute from UTF-16LE to ISO-Latin-1, unless
	we are configured to assume the attribute is already ISO-Latin-1
	encoded.
	(setph1attr): When setting the OAKLEY_ATTR_GSS_ID attribute,
	convert the attribute from ISO-Latin-1 to UTF-16LE, unless we
	are configured to encode the attribute in ISO-Latin-1.
	* localconf.c (setdefault): Set the default GSS ID encoding type
	to UTF-16LE.
	* localconf.h (LC_GSSENC_UTF16LE, LC_GSSENC_LATIN1)
	(LC_GSSENC_MAX): New constants.
	(struct localconf): Add gss_id_enc member.
	* main.c (RACOON_VERSION): Append " - NetBSD 20041110" to the
	version string.
	* racoon.conf.5: Document changes to GSS ID encoding and default
	GSS ID computation.  Document "gss_id_enc enctype;" statement.
	* samples/racoon.conf.sample-gssapi: Update and add comments to
	provide more information.


To generate a diff of this commit:
cvs rdiff -r1.1.1.1 -r1.2 src/crypto/dist/kame/racoon/auth_gssapi.h
cvs rdiff -r1.20 -r1.21 src/crypto/dist/kame/racoon/cfparse.y
cvs rdiff -r1.14 -r1.15 src/crypto/dist/kame/racoon/cftoken.l
cvs rdiff -r1.3 -r1.4 src/crypto/dist/kame/racoon/gssapi.c \
    src/crypto/dist/kame/racoon/localconf.c
cvs rdiff -r1.15 -r1.16 src/crypto/dist/kame/racoon/ipsec_doi.c
cvs rdiff -r1.1.1.6 -r1.2 src/crypto/dist/kame/racoon/localconf.h
cvs rdiff -r1.10 -r1.11 src/crypto/dist/kame/racoon/main.c
cvs rdiff -r1.21 -r1.22 src/crypto/dist/kame/racoon/racoon.conf.5
cvs rdiff -r1.4 -r1.5 \
    src/crypto/dist/kame/racoon/samples/racoon.conf.sample-gssapi

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.