Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src sync w/ latest racoon
details: https://anonhg.NetBSD.org/src/rev/d4afb240e8d8
branches: trunk
changeset: 549321:d4afb240e8d8
user: itojun <itojun%NetBSD.org@localhost>
date: Sat Jul 12 09:02:24 2003 +0000
description:
sync w/ latest racoon
diffstat:
crypto/dist/kame/racoon/algorithm.c | 6 +-
crypto/dist/kame/racoon/cfparse.h | 35 -----
crypto/dist/kame/racoon/cfparse.y | 50 ++++++-
crypto/dist/kame/racoon/cftoken.h | 41 ------
crypto/dist/kame/racoon/cftoken.l | 59 ++++++++-
crypto/dist/kame/racoon/crypto_openssl.c | 107 +++++++----------
crypto/dist/kame/racoon/eaytest.c | 8 +-
crypto/dist/kame/racoon/grabmyaddr.c | 13 +-
crypto/dist/kame/racoon/ipsec_doi.c | 106 +++++++++--------
crypto/dist/kame/racoon/isakmp.c | 10 +-
crypto/dist/kame/racoon/isakmp_quick.c | 10 +-
crypto/dist/kame/racoon/kmpstat.c | 4 +-
crypto/dist/kame/racoon/oakley.c | 4 +-
crypto/dist/kame/racoon/racoon.8 | 4 +-
crypto/dist/kame/racoon/racoon.conf.5 | 6 +-
crypto/dist/kame/racoon/random.c | 77 ------------
crypto/dist/kame/racoon/random.h | 32 -----
crypto/dist/kame/racoon/samples/sandiego.conf | 159 --------------------------
crypto/dist/kame/racoon/sockmisc.c | 2 +-
crypto/dist/kame/racoon/var.h | 2 +-
usr.sbin/racoon/racoon/Makefile | 6 +-
21 files changed, 236 insertions(+), 505 deletions(-)
diffs (truncated from 1325 to 300 lines):
diff -r 7a8b944e0107 -r d4afb240e8d8 crypto/dist/kame/racoon/algorithm.c
--- a/crypto/dist/kame/racoon/algorithm.c Sat Jul 12 08:45:39 2003 +0000
+++ b/crypto/dist/kame/racoon/algorithm.c Sat Jul 12 09:02:24 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: algorithm.c,v 1.25 2002/06/10 20:01:21 itojun Exp $ */
+/* $KAME: algorithm.c,v 1.28 2003/07/12 08:44:44 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -57,6 +57,7 @@
eay_sha1_init, eay_sha1_update,
eay_sha1_final, eay_sha1_hashlen,
eay_sha1_one, },
+#ifdef WITH_SHA2
{ "sha2_256", algtype_sha2_256, OAKLEY_ATTR_HASH_ALG_SHA2_256,
eay_sha2_256_init, eay_sha2_256_update,
eay_sha2_256_final, eay_sha2_256_hashlen,
@@ -69,6 +70,7 @@
eay_sha2_512_init, eay_sha2_512_update,
eay_sha2_512_final, eay_sha2_512_hashlen,
eay_sha2_512_one, },
+#endif
};
static struct hmac_algorithm oakley_hmacdef[] = {
@@ -80,6 +82,7 @@
eay_hmacsha1_init, eay_hmacsha1_update,
eay_hmacsha1_final, NULL,
eay_hmacsha1_one, },
+#ifdef WITH_SHA2
{ "hmac_sha2_256", algtype_sha2_256, OAKLEY_ATTR_HASH_ALG_SHA2_256,
eay_hmacsha2_256_init, eay_hmacsha2_256_update,
eay_hmacsha2_256_final, NULL,
@@ -92,6 +95,7 @@
eay_hmacsha2_512_init, eay_hmacsha2_512_update,
eay_hmacsha2_512_final, NULL,
eay_hmacsha2_512_one, },
+#endif
};
static struct enc_algorithm oakley_encdef[] = {
diff -r 7a8b944e0107 -r d4afb240e8d8 crypto/dist/kame/racoon/cfparse.h
--- a/crypto/dist/kame/racoon/cfparse.h Sat Jul 12 08:45:39 2003 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-/* $KAME: cfparse.h,v 1.11 2001/03/15 11:44:08 sakane Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* cfparse.y */
-extern int yyparse __P((void));
-extern int cfparse __P((void));
-extern int cfreparse __P((void));
diff -r 7a8b944e0107 -r d4afb240e8d8 crypto/dist/kame/racoon/cfparse.y
--- a/crypto/dist/kame/racoon/cfparse.y Sat Jul 12 08:45:39 2003 +0000
+++ b/crypto/dist/kame/racoon/cfparse.y Sat Jul 12 09:02:24 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: cfparse.y,v 1.113 2002/09/27 05:55:52 itojun Exp $ */
+/* $KAME: cfparse.y,v 1.117 2003/06/27 07:32:37 sakane Exp $ */
%{
#include <sys/types.h>
@@ -135,7 +135,7 @@
/* algorithm */
%token ALGORITHM_CLASS ALGORITHMTYPE STRENGTHTYPE
/* sainfo */
-%token SAINFO
+%token SAINFO FROM
/* remote */
%token REMOTE ANONYMOUS
%token EXCHANGE_MODE EXCHANGETYPE DOI DOITYPE SITUATION SITUATIONTYPE
@@ -144,7 +144,7 @@
%token DNSSEC CERT_X509
%token NONCE_SIZE DH_GROUP KEEPALIVE PASSIVE INITIAL_CONTACT
%token PROPOSAL_CHECK PROPOSAL_CHECK_LEVEL
-%token GENERATE_POLICY SUPPORT_MIP6
+%token GENERATE_POLICY SUPPORT_PROXY
%token PROPOSAL
%token EXEC_PATH EXEC_COMMAND EXEC_SUCCESS EXEC_FAILURE
%token GSSAPI_ID
@@ -396,7 +396,7 @@
return -1;
}
}
- sainfo_name BOC sainfo_specs
+ sainfo_name sainfo_peer BOC sainfo_specs
{
struct sainfo *check;
@@ -418,7 +418,9 @@
}
/* duplicate check */
- check = getsainfo(cur_sainfo->idsrc, cur_sainfo->iddst);
+ check = getsainfo(cur_sainfo->idsrc,
+ cur_sainfo->iddst,
+ cur_sainfo->id_i);
if (check && (!check->idsrc && !cur_sainfo->idsrc)) {
yyerror("duplicated sainfo: %s",
sainfo2str(cur_sainfo));
@@ -515,6 +517,38 @@
memcpy($$->v + sizeof(*id_b), $2->v, $2->l);
}
;
+sainfo_peer
+ : /* nothing */
+ {
+ cur_sainfo->id_i = NULL;
+ }
+
+ | FROM IDENTIFIERTYPE identifierstring
+ {
+ struct ipsecdoi_id_b *id_b;
+ vchar_t *idv;
+
+ if (set_identifier(&idv, $2, $3) != 0) {
+ yyerror("failed to set identifer.\n");
+ return -1;
+ }
+ cur_sainfo->id_i = vmalloc(sizeof(*id_b) + idv->l);
+ if (cur_sainfo->id_i == NULL) {
+ yyerror("failed to allocate identifier");
+ return -1;
+ }
+
+ id_b = (struct ipsecdoi_id_b *)cur_sainfo->id_i->v;
+ id_b->type = idtype2doi($2);
+
+ id_b->proto_id = 0;
+ id_b->port = 0;
+
+ memcpy(cur_sainfo->id_i->v + sizeof(*id_b),
+ idv->v, idv->l);
+ vfree(idv);
+ }
+ ;
sainfo_specs
: /* nothing */
| sainfo_specs sainfo_spec
@@ -804,7 +838,7 @@
| KEEPALIVE { cur_rmconf->keepalive = TRUE; } EOS
| PASSIVE SWITCH { cur_rmconf->passive = $2; } EOS
| GENERATE_POLICY SWITCH { cur_rmconf->gen_policy = $2; } EOS
- | SUPPORT_MIP6 SWITCH { cur_rmconf->support_mip6 = $2; } EOS
+ | SUPPORT_PROXY SWITCH { cur_rmconf->support_proxy = $2; } EOS
| INITIAL_CONTACT SWITCH { cur_rmconf->ini_contact = $2; } EOS
| PROPOSAL_CHECK PROPOSAL_CHECK_LEVEL { cur_rmconf->pcheck_level = $2; } EOS
| LIFETIME LIFETYPE_TIME NUMBER unittype_time
@@ -1323,7 +1357,7 @@
yycf_init_buffer();
- if (yycf_set_buffer(lcconf->racoon_conf) != 0)
+ if (yycf_switch_buffer(lcconf->racoon_conf) != 0)
return -1;
prhead = NULL;
@@ -1365,7 +1399,7 @@
clean_tmpalgtype();
yycf_init_buffer();
- if (yycf_set_buffer(lcconf->racoon_conf) != 0)
+ if (yycf_switch_buffer(lcconf->racoon_conf) != 0)
return -1;
return(cfparse());
diff -r 7a8b944e0107 -r d4afb240e8d8 crypto/dist/kame/racoon/cftoken.h
--- a/crypto/dist/kame/racoon/cftoken.h Sat Jul 12 08:45:39 2003 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,41 +0,0 @@
-/* $KAME: cftoken.h,v 1.4 2000/10/04 17:40:58 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-extern int yyerrorcount;
-
-extern int yylex __P((void));
-extern void yyerror __P((char *, ...));
-extern void yywarn __P((char *, ...));
-
-extern int yycf_switch_buffer __P((char *));
-extern int yycf_set_buffer __P((char *));
-extern void yycf_init_buffer __P((void));
-extern void yycf_clean_buffer __P((void));
diff -r 7a8b944e0107 -r d4afb240e8d8 crypto/dist/kame/racoon/cftoken.l
--- a/crypto/dist/kame/racoon/cftoken.l Sat Jul 12 08:45:39 2003 +0000
+++ b/crypto/dist/kame/racoon/cftoken.l Sat Jul 12 09:02:24 2003 +0000
@@ -1,4 +1,4 @@
-/* $KAME: cftoken.l,v 1.69 2002/09/27 06:03:51 itojun Exp $ */
+/* $KAME: cftoken.l,v 1.71 2003/06/27 07:32:38 sakane Exp $ */
%{
#include <sys/types.h>
@@ -14,6 +14,7 @@
#include <errno.h>
#include <limits.h>
#include <ctype.h>
+#include <glob.h>
#ifdef HAVE_STDARG_H
#include <stdarg.h>
#else
@@ -64,8 +65,10 @@
static struct include_stack {
char *path;
FILE *fp;
- YY_BUFFER_STATE state;
+ YY_BUFFER_STATE prevstate;
int lineno;
+ glob_t matches;
+ int matchon;
} incstack[MAX_INCLUDE_DEPTH];
static int incstackp = 0;
@@ -176,6 +179,7 @@
<S_SAINF>anonymous { YYD; return(ANONYMOUS); }
<S_SAINF>{blcl}any{elcl} { YYD; return(PORTANY); }
<S_SAINF>any { YYD; return(ANY); }
+<S_SAINF>from { YYD; return(FROM); }
/* sainfo spec */
<S_SAINF>{bcl} { BEGIN S_SAINFS; return(BOC); }
<S_SAINF>{semi} { BEGIN S_INI; return(EOS); }
@@ -222,7 +226,8 @@
<S_RMTS>dh_group { YYD; return(DH_GROUP); }
<S_RMTS>nonce_size { YYD; return(NONCE_SIZE); }
<S_RMTS>generate_policy { YYD; return(GENERATE_POLICY); }
-<S_RMTS>support_mip6 { YYD; return(SUPPORT_MIP6); }
+<S_RMTS>support_mip6 { YYD; yywarn("it is obsoleted. use \"support_proxy\"."); return(SUPPORT_PROXY); }
+<S_RMTS>support_proxy { YYD; return(SUPPORT_PROXY); }
<S_RMTS>initial_contact { YYD; return(INITIAL_CONTACT); }
<S_RMTS>proposal_check { YYD; return(PROPOSAL_CHECK); }
<S_RMTS>obey { YYD; yylval.num = PROP_CHECK_OBEY; return(PROPOSAL_CHECK_LEVEL); }
@@ -411,11 +416,26 @@
}
<<EOF>> {
- if ( --incstackp < 0 ) {
- yyterminate();
+ yy_delete_buffer(YY_CURRENT_BUFFER);
+ incstackp--;
+ nextfile:
+ if (incstack[incstackp].matchon <
+ incstack[incstackp].matches.gl_pathc) {
+ char* filepath = incstack[incstackp].matches.gl_pathv[incstack[incstackp].matchon];
+ incstack[incstackp].matchon++;
+ incstackp++;
+ if (yycf_set_buffer(filepath) != 0) {
Home |
Main Index |
Thread Index |
Old Index