diff options
| author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-06-02 03:40:27 +0000 |
|---|---|---|
| committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-06-02 03:40:27 +0000 |
| commit | ffc9d7efd7866d411a0ec1c06b9b192f06dab326 (patch) | |
| tree | 96160fa037e422957d5ad6ac64882d9bd112b7ba | |
| parent | 16ce5c8c14e5018230e2d16b15cf8b9bd79208f9 (diff) | |
Simplify main/quick mode parsing and generation of the actual ike config.
| -rw-r--r-- | sbin/ipsecctl/ike.c | 14 | ||||
| -rw-r--r-- | sbin/ipsecctl/parse.y | 14 |
2 files changed, 8 insertions, 20 deletions
diff --git a/sbin/ipsecctl/ike.c b/sbin/ipsecctl/ike.c index 57b04d7a36b..795577ede8c 100644 --- a/sbin/ipsecctl/ike.c +++ b/sbin/ipsecctl/ike.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike.c,v 1.33 2006/06/01 18:03:40 msf Exp $ */ +/* $OpenBSD: ike.c,v 1.34 2006/06/02 03:40:26 hshoexer Exp $ */ /* * Copyright (c) 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -181,7 +181,7 @@ ike_section_qm(struct ipsec_addr_wrap *src, struct ipsec_addr_wrap *dst, } fprintf(fd, "-"); - if (qmxfs->encxf) { + if (qmxfs && qmxfs->encxf) { switch (qmxfs->encxf->id) { case ENCXF_3DES_CBC: fprintf(fd, "3DES"); @@ -206,7 +206,7 @@ ike_section_qm(struct ipsec_addr_wrap *src, struct ipsec_addr_wrap *dst, fprintf(fd, "AES"); fprintf(fd, "-"); - if (qmxfs->authxf) { + if (qmxfs && qmxfs->authxf) { switch (qmxfs->authxf->id) { case AUTHXF_HMAC_MD5: fprintf(fd, "MD5"); @@ -234,7 +234,7 @@ ike_section_qm(struct ipsec_addr_wrap *src, struct ipsec_addr_wrap *dst, fprintf(fd, "SHA2-256"); fprintf(fd, "-PFS-"); - if (qmxfs->groupxf) { + if (qmxfs && qmxfs->groupxf) { switch (qmxfs->groupxf->id) { case GROUPXF_768: fprintf(fd, "GRP1"); @@ -287,7 +287,7 @@ ike_section_mm(struct ipsec_addr_wrap *peer, struct ipsec_transforms *mmxfs, fprintf(fd, ADD "[mm-default]:Transforms="); } - if (mmxfs->encxf) { + if (mmxfs && mmxfs->encxf) { switch (mmxfs->encxf->id) { case ENCXF_3DES_CBC: fprintf(fd, "3DES"); @@ -312,7 +312,7 @@ ike_section_mm(struct ipsec_addr_wrap *peer, struct ipsec_transforms *mmxfs, fprintf(fd, "AES"); fprintf(fd, "-"); - if (mmxfs->authxf) { + if (mmxfs && mmxfs->authxf) { switch (mmxfs->authxf->id) { case AUTHXF_HMAC_MD5: fprintf(fd, "MD5"); @@ -328,7 +328,7 @@ ike_section_mm(struct ipsec_addr_wrap *peer, struct ipsec_transforms *mmxfs, fprintf(fd, "SHA"); fprintf(fd, "-"); - if (mmxfs->groupxf) { + if (mmxfs && mmxfs->groupxf) { switch (mmxfs->groupxf->id) { case GROUPXF_768: fprintf(fd, "GRP1"); diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y index 9afe9c857c6..f9829e0c53e 100644 --- a/sbin/ipsecctl/parse.y +++ b/sbin/ipsecctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.91 2006/06/02 03:31:20 hshoexer Exp $ */ +/* $OpenBSD: parse.y,v 1.92 2006/06/02 03:40:26 hshoexer Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -657,16 +657,10 @@ transform : AUTHXF STRING { mainmode : /* empty */ { struct ike_mode *mm; - struct ipsec_transforms *xfs; /* We create just an empty mode */ if ((mm = calloc(1, sizeof(struct ike_mode))) == NULL) err(1, "mainmode: calloc"); - /* And an empty transform */ - if ((xfs = calloc(1, sizeof(struct ipsec_transforms))) - == NULL) - err(1, "mainmode: calloc"); - mm->xfs = xfs; $$ = mm; } | MAIN transforms life { @@ -681,16 +675,10 @@ mainmode : /* empty */ { quickmode : /* empty */ { struct ike_mode *qm; - struct ipsec_transforms *xfs; /* We create just an empty mode */ if ((qm = calloc(1, sizeof(struct ike_mode))) == NULL) err(1, "quickmode: calloc"); - /* And an empty transform */ - if ((xfs = calloc(1, sizeof(struct ipsec_transforms))) - == NULL) - err(1, "mainmode: calloc"); - qm->xfs = xfs; $$ = qm; } | QUICK transforms life { |