more knf; ok hshoexer

1 files changed, 118 insertions, 104 deletions

diff --git a/sbin/isakmpd/conf.c b/sbin/isakmpd/conf.c
index 0258ee07ab2..89b63e93300 100644
--- a/sbin/isakmpd/conf.c
+++ b/sbin/isakmpd/conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf.c,v 1.64 2004/04/15 18:53:56 deraadt Exp $	 */
+/* $OpenBSD: conf.c,v 1.65 2004/04/15 20:20:55 deraadt Exp $	 */
 /* $EOM: conf.c,v 1.48 2000/12/04 02:04:29 angelos Exp $	 */
 
 /*
@@ -138,7 +138,7 @@ conf_remove_now(char *section, char *tag)
 		    && strcasecmp(cb->tag, tag) == 0) {
 			LIST_REMOVE(cb, link);
 			LOG_DBG((LOG_MISC, 95, "[%s]:%s->%s removed", section, tag,
-				 cb->value));
+			    cb->value));
 			free(cb->section);
 			free(cb->tag);
 			free(cb->value);
@@ -161,7 +161,7 @@ conf_remove_section_now(char *section)
 			unseen = 0;
 			LIST_REMOVE(cb, link);
 			LOG_DBG((LOG_MISC, 95, "[%s]:%s->%s removed", section, cb->tag,
-				 cb->value));
+			    cb->value));
 			free(cb->section);
 			free(cb->tag);
 			free(cb->value);
@@ -186,13 +186,13 @@ conf_set_now(char *section, char *tag, char *value, int override,
 	else if (conf_get_str(section, tag)) {
 		if (!is_default)
 			log_print("conf_set_now: duplicate tag [%s]:%s, ignoring...\n",
-				  section, tag);
+			    section, tag);
 		return 1;
 	}
 	node = calloc(1, sizeof *node);
 	if (!node) {
 		log_error("conf_set_now: calloc (1, %lu) failed", (unsigned long) sizeof
-			  *node);
+		    *node);
 		return 1;
 	}
 	node->section = strdup(section);
@@ -202,7 +202,7 @@ conf_set_now(char *section, char *tag, char *value, int override,
 
 	LIST_INSERT_HEAD(&conf_bindings[conf_hash(section)], node, link);
 	LOG_DBG((LOG_MISC, 95, "conf_set_now: [%s]:%s->%s", node->section, node->tag,
-		 node->value));
+	    node->value));
 	return 0;
 }
 
@@ -234,14 +234,14 @@ conf_parse_line(int trans, char *line, size_t sz)
 			free(section);
 		if (i == sz) {
 			log_print("conf_parse_line: %d:"
-			"non-matched ']', ignoring until next section", ln);
+			    "non-matched ']', ignoring until next section", ln);
 			section = 0;
 			return;
 		}
 		section = malloc(i);
 		if (!section) {
 			log_print("conf_parse_line: %d: malloc (%lu) failed", ln,
-				  (unsigned long) i);
+			    (unsigned long) i);
 			return;
 		}
 		strlcpy(section, line + 1, i);
@@ -252,8 +252,8 @@ conf_parse_line(int trans, char *line, size_t sz)
 		if (line[i] == '=') {
 			/* If no section, we are ignoring the lines.  */
 			if (!section) {
-				log_print("conf_parse_line: %d: ignoring line due to no section",
-					  ln);
+				log_print("conf_parse_line: %d: ignoring line "
+				    "due to no section", ln);
 				return;
 			}
 			line[strcspn(line, " \t=")] = '\0';
@@ -269,8 +269,6 @@ conf_parse_line(int trans, char *line, size_t sz)
 	i = strspn(line, " \t");
 	if (line[i])
 		log_print("conf_parse_line: %d: syntax error", ln);
-
-	return;
 }
 
 /* Parse the mapped configuration file.  */
@@ -438,35 +436,46 @@ conf_load_defaults(int tr)
 		 CONF_DFLT_PHASE1_TRANSFORMS, 0, 1);
 
 	/* Main modes */
-	for (enc = 0; mm_enc[enc]; enc++)
-		for (hash = 0; mm_hash[hash]; hash++)
-			for (auth = 0; mm_auth[auth]; auth++)
-				for (group = 0; dh_group_p[group]; group++) {	/* special */
-					snprintf(sect, sizeof sect, "%s-%s%s%s", mm_enc_p[enc],
-						 mm_hash[hash], dh_group_p[group], mm_auth_p[auth]);
+	for (enc = 0; mm_enc[enc]; enc++) {
+		for (hash = 0; mm_hash[hash]; hash++) {
+			for (auth = 0; mm_auth[auth]; auth++) {
+				for (group = 0; dh_group_p[group]; group++) {
+					/* special */
+					snprintf(sect, sizeof sect, "%s-%s%s%s",
+					    mm_enc_p[enc], mm_hash[hash],
+					    dh_group_p[group], mm_auth_p[auth]);
 
 #if 0
 					if (!conf_find_trans_xf(1, sect))
 						continue;
 #endif
 
-					LOG_DBG((LOG_MISC, 90, "conf_load_defaults : main mode %s",
-						 sect));
+					LOG_DBG((LOG_MISC, 90,
+					    "conf_load_defaults : main mode %s",
+					    sect));
 
-					conf_set(tr, sect, "ENCRYPTION_ALGORITHM", mm_enc[enc], 0, 1);
+					conf_set(tr, sect, "ENCRYPTION_ALGORITHM",
+					    mm_enc[enc], 0, 1);
 					if (strcmp(mm_enc[enc], "BLOWFISH_CBC") == 0)
-						conf_set(tr, sect, "KEY_LENGTH", CONF_DFLT_VAL_BLF_KEYLEN, 0,
-							 1);
+						conf_set(tr, sect, "KEY_LENGTH",
+						    CONF_DFLT_VAL_BLF_KEYLEN, 0, 1);
 
-					conf_set(tr, sect, "HASH_ALGORITHM", mm_hash[hash], 0, 1);
-					conf_set(tr, sect, "AUTHENTICATION_METHOD", mm_auth[auth], 0, 1);
+					conf_set(tr, sect, "HASH_ALGORITHM",
+					    mm_hash[hash], 0, 1);
+					conf_set(tr, sect, "AUTHENTICATION_METHOD",
+					    mm_auth[auth], 0, 1);
 
 					/* XXX Always DH group 2 (MODP_1024) */
 					conf_set(tr, sect, "GROUP_DESCRIPTION",
-						 dh_group[group < group_max ? group : 1], 0, 1);
+					    dh_group[group < group_max ? group : 1],
+					    0, 1);
 
-					conf_set(tr, sect, "Life", CONF_DFLT_TAG_LIFE_MAIN_MODE, 0, 1);
+					conf_set(tr, sect, "Life",
+					    CONF_DFLT_TAG_LIFE_MAIN_MODE, 0, 1);
 				}
+			}
+		}
+	}
 
 	/* Setup a default Phase 1 entry */
 	conf_set(tr, "Phase 1", "Default", "Default-phase-1", 0, 1);
@@ -479,98 +488,104 @@ conf_load_defaults(int tr)
 		conf_set(tr, "Default-phase-1", "ID", dflt, 0, 1);
 
 	/* Quick modes */
-	for (enc = 0; qm_enc[enc]; enc++)
-		for (proto = 0; proto < 2; proto++)
-			for (mode = 0; mode < 2; mode++)
-				for (pfs = 0; pfs < 2; pfs++)
-					for (hash = 0; qm_hash[hash]; hash++)
-						for (group = 0; dh_group_p[group]; group++)
-							if ((proto == 1 && strcmp(qm_hash[hash], "NONE") == 0))	/* AH */
+	for (enc = 0; qm_enc[enc]; enc++) {
+		for (proto = 0; proto < 2; proto++) {
+			for (mode = 0; mode < 2; mode++) {
+				for (pfs = 0; pfs < 2; pfs++) {
+					for (hash = 0; qm_hash[hash]; hash++) {
+						for (group = 0; dh_group_p[group];
+						    group++) {
+							char tmp[CONF_MAX];
+
+							if ((proto == 1 &&
+							    strcmp(qm_hash[hash],
+							    "NONE") == 0)) /* AH */
 								continue;
-							else {
-								char            tmp[CONF_MAX];
 
-								snprintf(tmp, sizeof tmp, "QM-%s%s%s%s%s%s", PROTO(proto),
-									 MODE_p(mode), qm_enc_p[enc], qm_hash_p[hash],
-									 PFS(pfs), dh_group_p[group]);
+							snprintf(tmp, sizeof tmp,
+							    "QM-%s%s%s%s%s%s",
+							    PROTO(proto),
+							    MODE_p(mode),
+							    qm_enc_p[enc],
+							    qm_hash_p[hash],
+							    PFS(pfs),
+							    dh_group_p[group]);
 
-								strlcpy(sect, tmp, CONF_MAX);
-								strlcat(sect, "-SUITE", CONF_MAX);
+							strlcpy(sect, tmp, CONF_MAX);
+							strlcat(sect, "-SUITE",
+							    CONF_MAX);
 
 #if 0
-								if (!conf_find_trans_xf(2, sect))
-									continue;
+							if (!conf_find_trans_xf(2, sect))
+								continue;
 #endif
 
-								LOG_DBG((LOG_MISC, 90, "conf_load_defaults : quick mode %s",
-								     sect));
+							LOG_DBG((LOG_MISC, 90,
+							    "conf_load_defaults : quick mode %s",
+							    sect));
 
-								conf_set(tr, sect, "Protocols", tmp, 0, 1);
+							conf_set(tr, sect, "Protocols",
+							    tmp, 0, 1);
 
-								snprintf(sect, sizeof sect, "IPSEC_%s", PROTO(proto));
-								conf_set(tr, tmp, "PROTOCOL_ID", sect, 0, 1);
+							snprintf(sect, sizeof sect,
+							    "IPSEC_%s", PROTO(proto));
+							conf_set(tr, tmp, "PROTOCOL_ID",
+							    sect, 0, 1);
 
-								strlcpy(sect, tmp, CONF_MAX);
-								strlcat(sect, "-XF", CONF_MAX);
-								conf_set(tr, tmp, "Transforms", sect, 0, 1);
+							strlcpy(sect, tmp, CONF_MAX);
+							strlcat(sect, "-XF", CONF_MAX);
+							conf_set(tr, tmp, "Transforms",
+							    sect, 0, 1);
 
-								/*
-								 * XXX For
-								 * now,
-								 * defaults
-								 * contain
-								 * one xf per
-								 * protocol.
-								 */
+							/*
+							 * XXX For now, defaults
+							 * contain one xf per protocol.
+							 */
+
+							conf_set(tr, sect,
+							    "TRANSFORM_ID",
+							    qm_enc[enc], 0, 1);
+
+							if (strcmp(qm_enc[enc],
+							    "BLOWFISH") == 0)
+								conf_set(tr, sect,
+								    "KEY_LENGTH",
+								    CONF_DFLT_VAL_BLF_KEYLEN,
+								    0, 1);
+
+							conf_set(tr, sect,
+							    "ENCAPSULATION_MODE",
+							    MODE(mode), 0, 1);
+
+							if (strcmp(qm_hash[hash], "NONE")) {
+								conf_set(tr, sect, "AUTHENTICATION_ALGORITHM",
+								    qm_hash[hash], 0, 1);
 
-								conf_set(tr, sect, "TRANSFORM_ID", qm_enc[enc], 0, 1);
-
-								if (strcmp(qm_enc[enc], "BLOWFISH") == 0)
-									conf_set(tr, sect, "KEY_LENGTH", CONF_DFLT_VAL_BLF_KEYLEN,
-										 0, 1);
-
-								conf_set(tr, sect, "ENCAPSULATION_MODE", MODE(mode), 0, 1);
-
-								if (strcmp(qm_hash[hash], "NONE")) {
-									conf_set(tr, sect, "AUTHENTICATION_ALGORITHM",
-										 qm_hash[hash], 0, 1);
-
-									/*
-									 * XXX
-									 *
-									 * Ano
-									 * the
-									 * r
-									 * sho
-									 * rtc
-									 * ut
-									 * --
-									 * to
-									 * kee
-									 * p
-									 * len
-									 * gth
-									 *
-									 * dow
-									 * n.
-									 */
-									if (pfs)
-										conf_set(tr, sect, "GROUP_DESCRIPTION",
-											 dh_group[group < group_max ? group : 1], 0,
-											 1);
-								}
 								/*
 								 * XXX
-								 * Lifetimes
-								 * depending
-								 * on
-								 * enc/auth
-								 * strength?
+								 *
+								 * Another shortcut:
+								 * to keep length down
 								 */
-								conf_set(tr, sect, "Life", CONF_DFLT_TAG_LIFE_QUICK_MODE, 0,
-									 1);
+								if (pfs)
+									conf_set(tr, sect, "GROUP_DESCRIPTION",
+									    dh_group[group < group_max ? group : 1],
+									    0, 1);
 							}
-	return;
+							/*
+							 * XXX
+							 * Lifetimes depending
+							 * on enc/auth strength?
+							 */
+							conf_set(tr, sect, "Life", CONF_DFLT_TAG_LIFE_QUICK_MODE, 0,
+							    1);
+
+						}
+					}
+				}
+			}
+		}
+	}
 }
 
 void
@@ -1139,5 +1154,4 @@ mem_fail:
 			free(dnode->s);
 		free(dnode);
 	}
-	return;
 }