summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2005-05-04 10:05:03 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2005-05-04 10:05:03 +0000
commit193abae5eded07143cc0c855da148cfca6c23a98 (patch)
tree76d84fa8901a81ef0f64daf11daf20385d92c1b8 /sbin/isakmpd
parenta22baeec2285142cc4a94f0362d03b1d38102deb (diff)
clean up KEY_API() wrapper.
ok ho@
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r--sbin/isakmpd/app.c5
-rw-r--r--sbin/isakmpd/connection.c5
-rw-r--r--sbin/isakmpd/dpd.c5
-rw-r--r--sbin/isakmpd/ipsec.c17
-rw-r--r--sbin/isakmpd/sysdep.h18
-rw-r--r--sbin/isakmpd/sysdep/openbsd/sysdep.c88
6 files changed, 22 insertions, 116 deletions
diff --git a/sbin/isakmpd/app.c b/sbin/isakmpd/app.c
index bc7c913c123..1464b37a357 100644
--- a/sbin/isakmpd/app.c
+++ b/sbin/isakmpd/app.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: app.c,v 1.11 2005/04/08 16:15:38 deraadt Exp $ */
+/* $OpenBSD: app.c,v 1.12 2005/05/04 10:05:01 hshoexer Exp $ */
/* $EOM: app.c,v 1.6 1999/05/01 20:21:06 niklas Exp $ */
/*
@@ -40,6 +40,7 @@
#include "app.h"
#include "log.h"
#include "monitor.h"
+#include "pf_key_v2.h"
int app_socket;
@@ -60,5 +61,5 @@ app_init(void)
void
app_handler(void)
{
- sysdep_app_handler(app_socket);
+ pf_key_v2_handler(app_socket);
}
diff --git a/sbin/isakmpd/connection.c b/sbin/isakmpd/connection.c
index b3c4af95d8f..c631fe79162 100644
--- a/sbin/isakmpd/connection.c
+++ b/sbin/isakmpd/connection.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: connection.c,v 1.31 2005/04/08 19:40:02 deraadt Exp $ */
+/* $OpenBSD: connection.c,v 1.32 2005/05/04 10:05:01 hshoexer Exp $ */
/* $EOM: connection.c,v 1.28 2000/11/23 12:21:18 niklas Exp $ */
/*
@@ -42,6 +42,7 @@
#include "connection.h"
#include "doi.h"
#include "ipsec.h"
+#include "pf_key_v2.h"
/* XXX isakmp.h only required for compare_ids(). */
#include "isakmp.h"
@@ -154,7 +155,7 @@ connection_checker(void *vconn)
connection_checker, conn, &now);
if (!conn->ev)
log_print("connection_checker: could not add timer event");
- sysdep_connection_check(conn->name);
+ pf_key_v2_connection_check(conn->name);
}
/* Find the connection named NAME. */
diff --git a/sbin/isakmpd/dpd.c b/sbin/isakmpd/dpd.c
index 4f81589a0b7..040b030a3b6 100644
--- a/sbin/isakmpd/dpd.c
+++ b/sbin/isakmpd/dpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dpd.c,v 1.12 2005/04/08 21:14:49 cloder Exp $ */
+/* $OpenBSD: dpd.c,v 1.13 2005/05/04 10:05:01 hshoexer Exp $ */
/*
* Copyright (c) 2004 Håkan Olsson. All rights reserved.
@@ -38,6 +38,7 @@
#include "isakmp_fld.h"
#include "log.h"
#include "message.h"
+#include "pf_key_v2.h"
#include "sa.h"
#include "timer.h"
#include "transport.h"
@@ -274,7 +275,7 @@ dpd_check_time(struct sa *sa, void *v_arg)
sa->transport->vtbl->get_src(sa->transport, &dst);
gettimeofday(&tv, 0);
- ksa = sysdep_ipsec_get_kernel_sa(proto->spi[1], proto->spi_sz[1],
+ ksa = pf_key_v2_get_kernel_sa(proto->spi[1], proto->spi_sz[1],
proto->proto, dst);
if (!ksa || !ksa->last_used)
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c
index bace4f0f49b..d04f9d1c600 100644
--- a/sbin/isakmpd/ipsec.c
+++ b/sbin/isakmpd/ipsec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec.c,v 1.117 2005/04/08 23:15:26 hshoexer Exp $ */
+/* $OpenBSD: ipsec.c,v 1.118 2005/05/04 10:05:01 hshoexer Exp $ */
/* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */
/*
@@ -64,6 +64,7 @@
#include "math_group.h"
#include "message.h"
#include "nat_traversal.h"
+#include "pf_key_v2.h"
#include "prf.h"
#include "sa.h"
#include "timer.h"
@@ -359,15 +360,15 @@ ipsec_finalize_exchange(struct message *msg)
for (proto = TAILQ_FIRST(&sa->protos),
last_proto = 0; proto;
proto = TAILQ_NEXT(proto, link)) {
- if (sysdep_ipsec_set_spi(sa, proto,
+ if (pf_key_v2_set_spi(sa, proto,
0, isakmp_sa) ||
(last_proto &&
- sysdep_ipsec_group_spis(sa,
+ pf_key_v2_group_spis(sa,
last_proto, proto, 0)) ||
- sysdep_ipsec_set_spi(sa, proto,
+ pf_key_v2_set_spi(sa, proto,
1, isakmp_sa) ||
(last_proto &&
- sysdep_ipsec_group_spis(sa,
+ pf_key_v2_group_spis(sa,
last_proto, proto, 1)))
/*
* XXX Tear down this
@@ -413,7 +414,7 @@ ipsec_finalize_exchange(struct message *msg)
if (!(sa->flags & SA_FLAG_ONDEMAND ||
conf_get_str("General", "Acquire-Only") ||
acquire_only) &&
- sysdep_ipsec_enable_sa(sa, isakmp_sa))
+ pf_key_v2_enable_sa(sa, isakmp_sa))
/* XXX Tear down this exchange. */
return;
@@ -1409,7 +1410,7 @@ ipsec_delete_spi(struct sa *sa, struct proto *proto, int incoming)
if (sa->phase == 1)
return;
/* XXX Error handling? Is it interesting? */
- sysdep_ipsec_delete_spi(sa, proto, incoming);
+ pf_key_v2_delete_spi(sa, proto, incoming);
}
/*
@@ -1505,7 +1506,7 @@ ipsec_get_spi(size_t *sz, u_int8_t proto, struct message *msg)
transport->vtbl->get_src(transport, &dst);
/* The peer is the source. */
transport->vtbl->get_dst(transport, &src);
- return sysdep_ipsec_get_spi(sz, proto, src, dst,
+ return pf_key_v2_get_spi(sz, proto, src, dst,
msg->exchange->seq);
}
}
diff --git a/sbin/isakmpd/sysdep.h b/sbin/isakmpd/sysdep.h
index d1e1fb83e82..9dfe0bde9d0 100644
--- a/sbin/isakmpd/sysdep.h
+++ b/sbin/isakmpd/sysdep.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sysdep.h,v 1.24 2005/04/08 23:15:26 hshoexer Exp $ */
+/* $OpenBSD: sysdep.h,v 1.25 2005/05/04 10:05:01 hshoexer Exp $ */
/* $EOM: sysdep.h,v 1.17 2000/12/04 04:46:35 angelos Exp $ */
/*
@@ -38,23 +38,7 @@
#include <string.h>
#endif
-struct proto;
-struct sa;
-struct sockaddr;
-
-extern void sysdep_app_handler(int);
extern int sysdep_cleartext(int, int);
-extern void sysdep_connection_check(char *);
-extern int sysdep_ipsec_delete_spi(struct sa *, struct proto *, int);
-extern int sysdep_ipsec_enable_sa(struct sa *, struct sa *);
-extern u_int8_t *sysdep_ipsec_get_spi(size_t *, u_int8_t, struct sockaddr *,
- struct sockaddr *, u_int32_t);
-extern struct sa_kinfo *sysdep_ipsec_get_kernel_sa(u_int8_t *, size_t,
- u_int8_t, struct sockaddr *);
-extern int sysdep_ipsec_group_spis(struct sa *, struct proto *,
- struct proto *, int);
-extern int sysdep_ipsec_set_spi(struct sa *, struct proto *, int,
- struct sa *);
#if defined (USE_BOEHM_GC)
/*
diff --git a/sbin/isakmpd/sysdep/openbsd/sysdep.c b/sbin/isakmpd/sysdep/openbsd/sysdep.c
index 5168fcdd330..d9cdb9935e2 100644
--- a/sbin/isakmpd/sysdep/openbsd/sysdep.c
+++ b/sbin/isakmpd/sysdep/openbsd/sysdep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sysdep.c,v 1.33 2005/04/08 23:15:26 hshoexer Exp $ */
+/* $OpenBSD: sysdep.c,v 1.34 2005/05/04 10:05:02 hshoexer Exp $ */
/* $EOM: sysdep.c,v 1.9 2000/12/04 04:46:35 angelos Exp $ */
/*
@@ -39,59 +39,11 @@
#include "sysdep.h"
-#include "monitor.h"
-#include "util.h"
-
#include "app.h"
-#include "conf.h"
-#include "ipsec.h"
-
-#include "pf_key_v2.h"
-#define KEY_API(x) pf_key_v2_##x
-
#include "log.h"
+#include "monitor.h"
+#include "util.h"
-/*
- * When select(2) has noticed our application needs attendance, this is what
- * gets called. FD is the file descriptor causing the alarm.
- */
-void
-sysdep_app_handler(int fd)
-{
- KEY_API(handler)(fd);
-}
-
-/* Check that the connection named NAME is active, or else make it active. */
-void
-sysdep_connection_check(char *name)
-{
- KEY_API(connection_check)(name);
-}
-
-/*
- * Generate a SPI for protocol PROTO and the source/destination pair given by
- * SRC, SRCLEN, DST & DSTLEN. Stash the SPI size in SZ.
- */
-u_int8_t *
-sysdep_ipsec_get_spi(size_t *sz, u_int8_t proto, struct sockaddr *src,
- struct sockaddr *dst, u_int32_t seq)
-{
- if (app_none) {
- *sz = IPSEC_SPI_SIZE;
- /* XXX should be random instead I think. */
- return (u_int8_t *)strdup("\x12\x34\x56\x78");
- }
- return KEY_API(get_spi)(sz, proto, src, dst, seq);
-}
-
-struct sa_kinfo *
-sysdep_ipsec_get_kernel_sa(u_int8_t *spi, size_t spi_sz, u_int8_t proto,
- struct sockaddr *dst)
-{
- if (app_none)
- return 0;
- return KEY_API(get_kernel_sa)(spi, spi_sz, proto, dst);
-}
/* Force communication on socket FD to go in the clear. */
int
@@ -180,37 +132,3 @@ sysdep_cleartext(int fd, int af)
}
return 0;
}
-
-int
-sysdep_ipsec_delete_spi(struct sa *sa, struct proto *proto, int incoming)
-{
- if (app_none)
- return 0;
- return KEY_API(delete_spi)(sa, proto, incoming);
-}
-
-int
-sysdep_ipsec_enable_sa(struct sa *sa, struct sa *isakmp_sa)
-{
- if (app_none)
- return 0;
- return KEY_API(enable_sa)(sa, isakmp_sa);
-}
-
-int
-sysdep_ipsec_group_spis(struct sa *sa, struct proto *proto1,
- struct proto *proto2, int incoming)
-{
- if (app_none)
- return 0;
- return KEY_API(group_spis)(sa, proto1, proto2, incoming);
-}
-
-int
-sysdep_ipsec_set_spi(struct sa *sa, struct proto *proto, int incoming,
- struct sa *isakmp_sa)
-{
- if (app_none)
- return 0;
- return KEY_API(set_spi) (sa,proto, incoming, isakmp_sa);
-}