diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2004-08-08 19:11:07 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2004-08-08 19:11:07 +0000 |
commit | fe20a59c2f21da8587f57d524d1e231bcbb40838 (patch) | |
tree | 5443651e9bdfa49ff1836a41e006395db1ffbe99 /sbin/isakmpd | |
parent | 1499b7cac95c6a5e2e57f6179505336da5eabe2d (diff) |
spacing
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r-- | sbin/isakmpd/GNUmakefile | 4 | ||||
-rw-r--r-- | sbin/isakmpd/conf.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/dpd.c | 9 | ||||
-rw-r--r-- | sbin/isakmpd/exchange.c | 14 | ||||
-rw-r--r-- | sbin/isakmpd/ike_auth.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/ike_phase_1.c | 6 | ||||
-rw-r--r-- | sbin/isakmpd/ike_quick_mode.c | 16 | ||||
-rw-r--r-- | sbin/isakmpd/ipsec.c | 12 | ||||
-rw-r--r-- | sbin/isakmpd/isakmp_cfg.c | 6 | ||||
-rw-r--r-- | sbin/isakmpd/log.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/message.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/monitor.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/nat_traversal.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/pf_key_v2.c | 22 | ||||
-rw-r--r-- | sbin/isakmpd/policy.c | 14 | ||||
-rw-r--r-- | sbin/isakmpd/sa.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/sysdep.h | 4 | ||||
-rw-r--r-- | sbin/isakmpd/transport.c | 6 | ||||
-rw-r--r-- | sbin/isakmpd/udp.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/udp_encap.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/ui.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/util.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/virtual.c | 14 | ||||
-rw-r--r-- | sbin/isakmpd/x509.c | 12 |
24 files changed, 99 insertions, 100 deletions
diff --git a/sbin/isakmpd/GNUmakefile b/sbin/isakmpd/GNUmakefile index 9551b94ceb1..ef8982760d4 100644 --- a/sbin/isakmpd/GNUmakefile +++ b/sbin/isakmpd/GNUmakefile @@ -1,4 +1,4 @@ -# $OpenBSD: GNUmakefile,v 1.8 2004/08/02 15:30:33 ho Exp $ +# $OpenBSD: GNUmakefile,v 1.9 2004/08/08 19:11:06 deraadt Exp $ # # Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -131,7 +131,7 @@ all: ${PROG} mksubdirs ifneq ($(findstring install,$(MAKECMDGOALS)),install) # Skip 'regress' until the regress/ structure has gmake makefiles for it. #SUBDIR:= regress -SUBDIR:= +SUBDIR:= mksubdirs: $(foreach DIR, ${SUBDIR}, \ cd ${DIR}; ${MAKE} ${MAKEFLAGS} CFLAGS="${CFLAGS}" \ diff --git a/sbin/isakmpd/conf.c b/sbin/isakmpd/conf.c index 722bcb6b5db..0eaa1e9ed01 100644 --- a/sbin/isakmpd/conf.c +++ b/sbin/isakmpd/conf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.c,v 1.72 2004/07/29 20:02:02 ho Exp $ */ +/* $OpenBSD: conf.c,v 1.73 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: conf.c,v 1.48 2000/12/04 02:04:29 angelos Exp $ */ /* @@ -449,7 +449,7 @@ conf_load_defaults(int tr) { int enc, auth, hash, group, proto, mode, pfs; char *dflt; - + char *mm_auth[] = {"PRE_SHARED", "DSS", "RSA_SIG", 0}; char *mm_auth_p[] = {"", "-DSS", "-RSA_SIG", 0}; char *mm_hash[] = {"MD5", "SHA", 0}; @@ -1074,7 +1074,7 @@ conf_report(void) snprintf(dnode->s, len, "[%s]", current_section); dnode->next = (struct dumper *) - calloc(1, + calloc(1, sizeof(struct dumper)); dnode = dnode->next; if (!dnode) @@ -1082,7 +1082,7 @@ conf_report(void) dnode->s = ""; dnode->next = (struct dumper *) - calloc(1, + calloc(1, sizeof(struct dumper)); dnode = dnode->next; if (!dnode) diff --git a/sbin/isakmpd/dpd.c b/sbin/isakmpd/dpd.c index 9621fa1b23b..3bbaf05109d 100644 --- a/sbin/isakmpd/dpd.c +++ b/sbin/isakmpd/dpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dpd.c,v 1.2 2004/06/20 17:17:34 ho Exp $ */ +/* $OpenBSD: dpd.c,v 1.3 2004/08/08 19:11:06 deraadt Exp $ */ /* * Copyright (c) 2004 Håkan Olsson. All rights reserved. @@ -243,7 +243,7 @@ dpd_initiator_recv_ack(struct message *msg) isakmp_sa->dpd_nextev = timer_add_event("dpd_event", dpd_event, isakmp_sa, &tv); - if (!isakmp_sa->dpd_nextev) + if (!isakmp_sa->dpd_nextev) log_print("dpd_initiator_recv_ack: timer_add_event " "failed"); else @@ -269,7 +269,7 @@ dpd_responder_recv_notify(struct message *msg) return -1; } - if (GET_ISAKMP_NOTIFY_MSG_TYPE(p->p) != + if (GET_ISAKMP_NOTIFY_MSG_TYPE(p->p) != ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE) { message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 0); return -1; @@ -313,7 +313,7 @@ dpd_responder_recv_notify(struct message *msg) isakmp_sa->dpd_nextev = timer_add_event("dpd_event", dpd_event, isakmp_sa, &tv); - if (!isakmp_sa->dpd_nextev) + if (!isakmp_sa->dpd_nextev) log_print("dpd_responder_recv_notify: timer_add_event " "failed"); else @@ -349,4 +349,3 @@ dpd_event(void *v_sa) /* Create a new DPD exchange. XXX */ } - diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c index 55ec031836c..2d2073c52bf 100644 --- a/sbin/isakmpd/exchange.c +++ b/sbin/isakmpd/exchange.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.c,v 1.100 2004/07/09 16:06:48 deraadt Exp $ */ +/* $OpenBSD: exchange.c,v 1.101 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */ /* @@ -814,7 +814,7 @@ exchange_establish_p1(struct transport *t, u_int8_t type, u_int32_t doi, flag = TAILQ_NEXT(flag, link)) if (strcasecmp(flag->field, "ikecfg") == 0) { struct exchange_finalization_node *node; - + node = calloc(1, (unsigned long)sizeof *node); if (!node) { log_print("exchange_establish_p1: " @@ -1075,7 +1075,7 @@ exchange_setup_p1(struct message *msg, u_int32_t doi) } if (type != GET_ISAKMP_HDR_EXCH_TYPE(msg->iov[0].iov_base)) { log_print("exchange_setup_p1: " - "expected exchange type %s got %s", str, + "expected exchange type %s got %s", str, constant_name(isakmp_exch_cst, GET_ISAKMP_HDR_EXCH_TYPE(msg->iov[0].iov_base))); return 0; @@ -1099,7 +1099,7 @@ exchange_setup_p1(struct message *msg, u_int32_t doi) flag = TAILQ_NEXT(flag, link)) if (strcasecmp(flag->field, "ikecfg") == 0) { struct exchange_finalization_node *node; - + node = calloc(1, (unsigned long)sizeof *node); if (!node) { log_print("exchange_establish_p1: " @@ -1152,7 +1152,7 @@ exchange_setup_p2(struct message *msg, u_int8_t doi) exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE; if (msg->isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE) exchange->flags |= EXCHANGE_FLAG_NAT_T_KEEPALIVE; -#endif +#endif exchange_enter(exchange); #ifdef USE_DEBUG exchange_dump("exchange_setup_p2", exchange); @@ -1224,7 +1224,7 @@ exchange_report(void) static void exchange_free_aux(void *v_exch) { - struct exchange *exchange = v_exch; + struct exchange *exchange = v_exch; struct sa *sa, *next_sa; struct cert_handler *handler; @@ -1491,7 +1491,7 @@ exchange_finalize(struct message *msg) msg->isakmp_sa->flags |= SA_FLAG_NAT_T_ENABLE; if (exchange->flags & EXCHANGE_FLAG_NAT_T_KEEPALIVE) msg->isakmp_sa->flags |= SA_FLAG_NAT_T_KEEPALIVE; -#endif +#endif LOG_DBG((LOG_EXCHANGE, 10, "exchange_finalize: phase 1 done: %s, %s", id_doi, diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index ddcd8cd0b32..dcacb0ed6f8 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_auth.c,v 1.94 2004/06/23 03:01:52 hshoexer Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.95 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */ /* @@ -673,7 +673,7 @@ rsa_sig_decode_hash(struct message *msg) "be validated"); continue; } - if (GET_ISAKMP_CERT_ENCODING(p->p) == + if (GET_ISAKMP_CERT_ENCODING(p->p) == ISAKMP_CERTENC_X509_SIG) { if (!handler->cert_get_subjects(cert, &n, &id_cert, &id_cert_len)) { diff --git a/sbin/isakmpd/ike_phase_1.c b/sbin/isakmpd/ike_phase_1.c index 2caac756285..3630d2ec579 100644 --- a/sbin/isakmpd/ike_phase_1.c +++ b/sbin/isakmpd/ike_phase_1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_phase_1.c,v 1.55 2004/07/29 08:54:08 ho Exp $ */ +/* $OpenBSD: ike_phase_1.c,v 1.56 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: ike_phase_1.c,v 1.31 2000/12/11 23:47:56 niklas Exp $ */ /* @@ -568,7 +568,7 @@ ike_phase_1_send_KE_NONCE(struct message *msg, size_t nonce_sz) /* XXX Log? */ return -1; } -#endif +#endif return 0; } @@ -1180,7 +1180,7 @@ ike_phase_1_validate_prop(struct exchange *exchange, struct sa *sa, */ for (node = LIST_FIRST(&vs.attrs); node; node = next_node) { - next_node = + next_node = LIST_NEXT(node, link); if (node->type == constant_value(ike_attr_cst, diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c index 4d5e3ca1d80..6bc2af5d90a 100644 --- a/sbin/isakmpd/ike_quick_mode.c +++ b/sbin/isakmpd/ike_quick_mode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_quick_mode.c,v 1.84 2004/06/25 20:25:34 hshoexer Exp $ */ +/* $OpenBSD: ike_quick_mode.c,v 1.85 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */ /* @@ -199,7 +199,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) strlcpy(principal[1], "passphrase-md5-hex:", len); MD5(isakmp_sa->recv_key, strlen(isakmp_sa->recv_key), hashbuf); for (i = 0; i < 16; i++) - snprintf(principal[1] + 2 * i + + snprintf(principal[1] + 2 * i + sizeof "passphrase-md5-hex:" - 1, 3, "%02x", hashbuf[i]); @@ -375,7 +375,7 @@ policydone: /* Remove the policies */ for (i = 0; i < policy_asserts_num; i++) { if (keynote_ids[i] != -1) - kn_remove_assertion(isakmp_sa->policy_id, + kn_remove_assertion(isakmp_sa->policy_id, keynote_ids[i]); } @@ -623,8 +623,8 @@ initiator_send_HASH_SA_NONCE(struct message *msg) * XXX Deals with 16 and 32 * bit lifetimes only */ - value = - conf_get_num(life->field, + value = + conf_get_num(life->field, "LIFE_DURATION", 0); if (value) { if (value <= 0xffff) @@ -702,7 +702,7 @@ initiator_send_HASH_SA_NONCE(struct message *msg) IPSEC_ATTR_ECN_TUNNEL, value); /* Record the real transform size. */ - transforms_len[prop_no] += + transforms_len[prop_no] += (transform_len[prop_no][xf_no] = attr - transform[prop_no][xf_no]); @@ -744,7 +744,7 @@ initiator_send_HASH_SA_NONCE(struct message *msg) goto bail_out; } proposal_len = ISAKMP_PROP_SPI_OFF + spi_sz; - proposals_len += + proposals_len += proposal_len + transforms_len[prop_no]; proposal[prop_no] = malloc(proposal_len); if (!proposal[prop_no]) { @@ -1421,7 +1421,7 @@ post_quick_mode(struct message *msg) LOG_DBG_BUF((LOG_NEGOTIATION, 90, "post_quick_mode: SPI", proto->spi[i], proto->spi_sz[i])); - prf->Update(prf->prfctx, + prf->Update(prf->prfctx, proto->spi[i], proto->spi_sz[i]); LOG_DBG_BUF((LOG_NEGOTIATION, 90, "post_quick_mode: Ni_b", diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index dc12db6b796..a1537912a7b 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.101 2004/06/23 00:55:59 hshoexer Exp $ */ +/* $OpenBSD: ipsec.c,v 1.102 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -371,12 +371,12 @@ ipsec_finalize_exchange(struct message *msg) if (sysdep_ipsec_set_spi(sa, proto, 0, isakmp_sa) || (last_proto && - sysdep_ipsec_group_spis(sa, - last_proto, proto, 0)) || + sysdep_ipsec_group_spis(sa, + last_proto, proto, 0)) || sysdep_ipsec_set_spi(sa, proto, 1, isakmp_sa) || (last_proto && - sysdep_ipsec_group_spis(sa, + sysdep_ipsec_group_spis(sa, last_proto, proto, 1))) /* * XXX Tear down this @@ -523,7 +523,7 @@ ipsec_set_network(u_int8_t *src_id, u_int8_t *dst_id, struct ipsec_sa *isa) break; } - memcpy(&isa->sport, + memcpy(&isa->sport, src_id + ISAKMP_ID_DOI_DATA_OFF + IPSEC_ID_PORT_OFF, IPSEC_ID_PORT_LEN); @@ -1779,7 +1779,7 @@ ipsec_get_proto_port(char *section, u_int8_t *tproto, u_int16_t *port) struct protoent *pe = NULL; struct servent *se; char *pstr; - + pstr = conf_get_str(section, "Protocol"); if (!pstr) { *tproto = 0; diff --git a/sbin/isakmpd/isakmp_cfg.c b/sbin/isakmpd/isakmp_cfg.c index c5b879dc119..222d0c679a2 100644 --- a/sbin/isakmpd/isakmp_cfg.c +++ b/sbin/isakmpd/isakmp_cfg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: isakmp_cfg.c,v 1.33 2004/06/20 17:17:35 ho Exp $ */ +/* $OpenBSD: isakmp_cfg.c,v 1.34 2004/08/08 19:11:06 deraadt Exp $ */ /* * Copyright (c) 2001 Niklas Hallqvist. All rights reserved. @@ -893,7 +893,7 @@ cfg_encode_attributes(struct isakmp_cfg_attr_head *attrs, u_int32_t type, "attribute %s - expected %s got %s data", field, (family == AF_INET ? "IPv4" : "IPv6"), - (sa->sa_family == + (sa->sa_family == AF_INET ? "IPv4" : "IPv6")); free(sa); attr->length = 0; @@ -911,7 +911,7 @@ cfg_encode_attributes(struct isakmp_cfg_attr_head *attrs, u_int32_t type, free(sa); /* _SUBNET types need some extra work. */ - if (attr->type == + if (attr->type == ISAKMP_CFG_ATTR_INTERNAL_IP4_SUBNET) { sa = conf_get_address(id_string, "Netmask"); if (!sa) { diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c index 000530cd9c6..598c2ec7a91 100644 --- a/sbin/isakmpd/log.c +++ b/sbin/isakmpd/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.48 2004/06/25 00:58:39 hshoexer Exp $ */ +/* $OpenBSD: log.c,v 1.49 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */ /* @@ -220,7 +220,7 @@ _log_print(int error, int syslog_level, const char *fmt, va_list ap, /* * Close log_output to prevent isakmpd from locking * the file. We may need to explicitly close stdout - * to do this properly. + * to do this properly. * XXX - Figure out how to match two FILE *'s and * rewrite. */ diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c index 723b08001ba..313f2379a2e 100644 --- a/sbin/isakmpd/message.c +++ b/sbin/isakmpd/message.c @@ -1,4 +1,4 @@ -/* $OpenBSD: message.c,v 1.85 2004/07/07 09:16:20 hshoexer Exp $ */ +/* $OpenBSD: message.c,v 1.86 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */ /* @@ -135,7 +135,7 @@ static u_int8_t payload_revmap[] = { ISAKMP_PAYLOAD_SIG, ISAKMP_PAYLOAD_NONCE, ISAKMP_PAYLOAD_NOTIFY, ISAKMP_PAYLOAD_DELETE, ISAKMP_PAYLOAD_VENDOR, ISAKMP_PAYLOAD_ATTRIBUTE, #ifdef notyet - ISAKMP_PAYLOAD_SAK, ISAKMP_PAYLOAD_SAT, ISAKMP_PAYLOAD_KD, + ISAKMP_PAYLOAD_SAK, ISAKMP_PAYLOAD_SAT, ISAKMP_PAYLOAD_KD, ISAKMP_PAYLOAD_SEQ, ISAKMP_PAYLOAD_POP #endif ISAKMP_PAYLOAD_NAT_D, ISAKMP_PAYLOAD_NAT_OA @@ -1115,7 +1115,7 @@ message_validate_vendor(struct message *msg, struct payload *p) } #if defined (USE_DPD) dpd_check_vendor_payload(msg, p); -#endif +#endif #if defined (USE_NAT_TRAVERSAL) nat_t_check_vendor_payload(msg, p); #endif @@ -2461,7 +2461,7 @@ struct payload * payload_last(struct message *msg, u_int8_t payload) { if (payload_map[payload]) - return TAILQ_LAST(&msg->payload[payload_map[payload]], + return TAILQ_LAST(&msg->payload[payload_map[payload]], payload_head); else return 0; diff --git a/sbin/isakmpd/monitor.c b/sbin/isakmpd/monitor.c index eba00104e8c..48a6c9473f5 100644 --- a/sbin/isakmpd/monitor.c +++ b/sbin/isakmpd/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.27 2004/06/26 06:07:03 hshoexer Exp $ */ +/* $OpenBSD: monitor.c,v 1.28 2004/08/08 19:11:06 deraadt Exp $ */ /* * Copyright (c) 2003 Håkan Olsson. All rights reserved. @@ -137,7 +137,7 @@ monitor_init(int debug) log_print("monitor_init: stopped %s PID %d fd %d%s", m_state.pid ? "priv" : "child", getpid(), m_state.s, m_state.pid ? ", waiting for SIGCONT" : ""); - kill(getpid(), SIGSTOP); /* Wait here for SIGCONT. */ + kill(getpid(), SIGSTOP); /* Wait here for SIGCONT. */ if (m_state.pid) kill(m_state.pid, SIGCONT); /* Continue child. */ } diff --git a/sbin/isakmpd/nat_traversal.c b/sbin/isakmpd/nat_traversal.c index b3fe65e360a..1675b298133 100644 --- a/sbin/isakmpd/nat_traversal.c +++ b/sbin/isakmpd/nat_traversal.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nat_traversal.c,v 1.6 2004/08/03 10:54:09 ho Exp $ */ +/* $OpenBSD: nat_traversal.c,v 1.7 2004/08/08 19:11:06 deraadt Exp $ */ /* * Copyright (c) 2004 Håkan Olsson. All rights reserved. @@ -430,7 +430,7 @@ nat_t_setup_keepalive(struct sa *sa) { struct sockaddr *src; struct timeval now; - + if (sa->initiator) sa->transport->vtbl->get_src(sa->transport, &src); else diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c index eca2c2e3017..e89ba626eb7 100644 --- a/sbin/isakmpd/pf_key_v2.c +++ b/sbin/isakmpd/pf_key_v2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_key_v2.c,v 1.146 2004/06/26 06:07:03 hshoexer Exp $ */ +/* $OpenBSD: pf_key_v2.c,v 1.147 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */ /* @@ -658,7 +658,7 @@ pf_key_v2_get_spi(size_t *sz, u_int8_t proto, struct sockaddr *src, #endif /* Setup the ADDRESS extensions. */ - len = + len = sizeof(struct sadb_address) + PF_KEY_V2_ROUND(sysdep_sa_len(src)); addr = calloc(1, len); if (!addr) @@ -2166,7 +2166,7 @@ cleanup: LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_flow: " "SPDADD returns EEXIST")); } else if (err) { - log_print("pf_key_v2_flow: SPD%s: %s", + log_print("pf_key_v2_flow: SPD%s: %s", delete ? "DELETE" : "ADD", strerror(err)); goto cleanup; } @@ -2846,12 +2846,12 @@ pf_key_v2_expire(struct pf_key_v2_msg *pmsg) */ switch (msg->sadb_msg_satype) { case SADB_SATYPE_ESP: - sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi, + sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi, IPSEC_PROTO_IPSEC_ESP); break; case SADB_SATYPE_AH: - sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi, + sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi, IPSEC_PROTO_IPSEC_AH); break; @@ -3290,7 +3290,7 @@ pf_key_v2_acquire(struct pf_key_v2_msg *pmsg) goto fail; } if (srcident->sadb_ident_id) { - pwd = + pwd = getpwuid(srcident->sadb_ident_id); if (!pwd) { log_error("pf_key_v2_acquire: " @@ -3343,7 +3343,7 @@ pf_key_v2_acquire(struct pf_key_v2_msg *pmsg) || conf_set(af, srcid, "Refcount", "1", 1, 0) || conf_set(af, srcid, "Name", - srcid + sizeof "ID:/" - 1 + + srcid + sizeof "ID:/" - 1 + strlen(prefstring), 1, 0)) { conf_end(af, 0); goto fail; @@ -3847,7 +3847,7 @@ pf_key_v2_acquire(struct pf_key_v2_msg *pmsg) goto fail; } memcpy(authm, sauth + 1, - sauth->sadb_x_cred_len - + sauth->sadb_x_cred_len - sizeof *sauth + 1); /* Set the passphrase in the peer. */ @@ -3891,7 +3891,7 @@ pf_key_v2_acquire(struct pf_key_v2_msg *pmsg) goto fail; } /* - * Set the key in the peer. We don't + * Set the key in the peer. We don't * use "Authentication" to avoid * potential conflicts with file-based * configurations that use public key @@ -4010,7 +4010,7 @@ pf_key_v2_handler(int fd) /* * As synchronous read/writes to the socket can have taken place - * between the select(2) call of the main loop and this handler, we + * between the select(2) call of the main loop and this handler, we * need to recheck the readability. */ if (ioctl(pf_key_v2_socket, FIONREAD, &n) == -1) { @@ -4169,7 +4169,7 @@ pf_key_v2_group_spis(struct sa *sa, struct proto *proto1, goto cleanup; } protocol.sadb_protocol_reserved2 = 0; - if (pf_key_v2_msg_add(grpspis, + if (pf_key_v2_msg_add(grpspis, (struct sadb_ext *)&protocol, 0) == -1) goto cleanup; diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c index d1ab5558df7..a0b140d9297 100644 --- a/sbin/isakmpd/policy.c +++ b/sbin/isakmpd/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.77 2004/06/25 20:25:34 hshoexer Exp $ */ +/* $OpenBSD: policy.c,v 1.78 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */ /* @@ -1173,7 +1173,7 @@ policy_callback(char *name) case IPSEC_ID_USER_FQDN: remote_filter_type = "User FQDN"; - remote_filter = malloc(idremotesz - + remote_filter = malloc(idremotesz - ISAKMP_ID_DATA_OFF + 1); if (!remote_filter) { log_error("policy_callback: " @@ -1211,13 +1211,13 @@ policy_callback(char *name) case IPSEC_ID_KEY_ID: remote_filter_type = "Key ID"; remote_filter - = calloc(2 * (idremotesz - + = calloc(2 * (idremotesz - ISAKMP_ID_DATA_OFF) + 1, sizeof(char)); if (!remote_filter) { log_error("policy_callback: " "calloc (%lu, %lu) failed", - 2 * ((unsigned long)idremotesz - + 2 * ((unsigned long)idremotesz - ISAKMP_ID_DATA_OFF) + 1, (unsigned long)sizeof(char)); goto bad; @@ -1483,7 +1483,7 @@ policy_callback(char *name) case IPSEC_ID_FQDN: local_filter_type = "FQDN"; - local_filter = malloc(idlocalsz - + local_filter = malloc(idlocalsz - ISAKMP_ID_DATA_OFF + 1); if (!local_filter) { log_error("policy_callback: " @@ -1553,7 +1553,7 @@ policy_callback(char *name) * Does it contain any non-printable * characters ? */ - for (i = 0; + for (i = 0; i < idlocalsz - ISAKMP_ID_DATA_OFF; i++) if (!isprint(*(idlocal + ISAKMP_ID_DATA_OFF + i))) @@ -1743,7 +1743,7 @@ policy_callback(char *name) } if (strcmp(name, "phase_1") == 0) return phase_1; - + if (strcmp(name, "GMTTimeOfDay") == 0) { tt = time((time_t)NULL); strftime(mytimeofday, 14, "%Y%m%d%H%M%S", gmtime(&tt)); diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index f0fa8d8f336..977c7e00e91 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.84 2004/08/02 15:48:22 hshoexer Exp $ */ +/* $OpenBSD: sa.c,v 1.85 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -1128,11 +1128,11 @@ sa_reinit(void) LOG_DBG((LOG_SA, 30, "sa_reinit: renegotiating active connections")); - /* + /* * Get phase 2 SAs. Soft expire those without active exchanges. Do * not touch a phase 2 SA where the soft expiration is not set, ie. * the SA is not yet established. - * */ + */ for (i = 0; i <= bucket_mask; i++) for (sa = LIST_FIRST(&sa_tab[i]); sa; sa = LIST_NEXT(sa, link)) if (sa->phase == 2) @@ -1156,7 +1156,7 @@ sa_flag(char *attr) { "active-only", SA_FLAG_ACTIVE_ONLY }, - + /* * Below this point are flags that are internal to the * implementation. diff --git a/sbin/isakmpd/sysdep.h b/sbin/isakmpd/sysdep.h index b82c70e3bf9..7bc7826f283 100644 --- a/sbin/isakmpd/sysdep.h +++ b/sbin/isakmpd/sysdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sysdep.h,v 1.17 2004/07/30 10:45:27 ho Exp $ */ +/* $OpenBSD: sysdep.h,v 1.18 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: sysdep.h,v 1.17 2000/12/04 04:46:35 angelos Exp $ */ /* @@ -71,7 +71,7 @@ extern u_int8_t sysdep_sa_len(struct sockaddr *); */ void *GC_debug_malloc(size_t, char *, int); void *GC_debug_realloc(void *, size_t, char *, int); -void GC_debug_free(void *); +void GC_debug_free(void *); char *gc_strdup(const char *); #define malloc(x) GC_debug_malloc ((x), __FILE__, __LINE__) diff --git a/sbin/isakmpd/transport.c b/sbin/isakmpd/transport.c index a64c374e56c..023e819f37c 100644 --- a/sbin/isakmpd/transport.c +++ b/sbin/isakmpd/transport.c @@ -1,4 +1,4 @@ -/* $OpenBSD: transport.c,v 1.29 2004/08/03 10:54:09 ho Exp $ */ +/* $OpenBSD: transport.c,v 1.30 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: transport.c,v 1.43 2000/10/10 12:36:39 provos Exp $ */ /* @@ -223,7 +223,7 @@ transport_pending_wfd_set(fd_set * fds) if (TAILQ_FIRST(&t->virtual->sendq) || TAILQ_FIRST(&t->virtual->prio_sendq)) { n = t->vtbl->fd_set(t, fds, 1); - LOG_DBG((LOG_TRANSPORT, 95, + LOG_DBG((LOG_TRANSPORT, 95, "transport_pending_wfd_set: " "transport %p (virtual %p) fd %d pending", t, t->virtual, n)); @@ -276,7 +276,7 @@ transport_send_messages(fd_set * fds) */ for (t = LIST_FIRST(&transport_list); t; t = LIST_NEXT(t, link)) transport_reference(t->virtual); - + for (t = LIST_FIRST(&transport_list); t; t = LIST_NEXT(t, link)) { if ((TAILQ_FIRST(&t->virtual->sendq) || TAILQ_FIRST(&t->virtual->prio_sendq)) && diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c index 65b88e92c5e..090297b7b42 100644 --- a/sbin/isakmpd/udp.c +++ b/sbin/isakmpd/udp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp.c,v 1.78 2004/08/03 10:54:09 ho Exp $ */ +/* $OpenBSD: udp.c,v 1.79 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */ /* @@ -343,7 +343,7 @@ udp_create(char *name) rv = 0; goto ret; } - + v = virtual_listen_lookup(addr); free(addr); if (!v) { diff --git a/sbin/isakmpd/udp_encap.c b/sbin/isakmpd/udp_encap.c index c59bd0c7636..a01cbf78e59 100644 --- a/sbin/isakmpd/udp_encap.c +++ b/sbin/isakmpd/udp_encap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_encap.c,v 1.5 2004/08/03 10:54:09 ho Exp $ */ +/* $OpenBSD: udp_encap.c,v 1.6 2004/08/08 19:11:06 deraadt Exp $ */ /* * Copyright (c) 1998, 1999, 2001 Niklas Hallqvist. All rights reserved. @@ -237,7 +237,7 @@ udp_encap_create(char *name) struct sockaddr *dst, *addr; struct conf_list *addr_list = 0; struct conf_list_node *addr_node; - char *addr_str, *port_str; + char *addr_str, *port_str; port_str = conf_get_str(name, "Port"); /* XXX "Encap-port" ? */ if (!port_str) diff --git a/sbin/isakmpd/ui.c b/sbin/isakmpd/ui.c index bc4a1f17d1e..71678731cf1 100644 --- a/sbin/isakmpd/ui.c +++ b/sbin/isakmpd/ui.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ui.c,v 1.41 2004/06/25 00:58:39 hshoexer Exp $ */ +/* $OpenBSD: ui.c,v 1.42 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: ui.c,v 1.43 2000/10/05 09:25:12 niklas Exp $ */ /* @@ -159,13 +159,13 @@ static void ui_conn_reinit(void) { struct timeval tv; - + if (ui_cr_event) timer_remove_event(ui_cr_event); gettimeofday(&tv, 0); tv.tv_sec += 5; - + ui_cr_event = timer_add_event("ui_conn_reinit", ui_conn_reinit_event, 0, &tv); if (!ui_cr_event) @@ -383,7 +383,7 @@ ui_report_sa(char *cmd) FILE *fd = ui_open_result(); if (!fd) return; - + sa_report_all(fd); fclose(fd); diff --git a/sbin/isakmpd/util.c b/sbin/isakmpd/util.c index bbe01dee400..6504cb225c1 100644 --- a/sbin/isakmpd/util.c +++ b/sbin/isakmpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.47 2004/07/30 10:45:27 ho Exp $ */ +/* $OpenBSD: util.c,v 1.48 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: util.c,v 1.23 2000/11/23 12:22:08 niklas Exp $ */ /* @@ -256,7 +256,7 @@ text2sockaddr(char *address, char *port, struct sockaddr **sa) *sa = malloc(sysdep_sa_len(ai->ai_addr)); if (!*sa) { - freeaddrinfo(ai); + freeaddrinfo(ai); return -1; } diff --git a/sbin/isakmpd/virtual.c b/sbin/isakmpd/virtual.c index bd0dcb92415..f5e6ccdf1d7 100644 --- a/sbin/isakmpd/virtual.c +++ b/sbin/isakmpd/virtual.c @@ -1,4 +1,4 @@ -/* $OpenBSD: virtual.c,v 1.6 2004/08/03 10:54:09 ho Exp $ */ +/* $OpenBSD: virtual.c,v 1.7 2004/08/08 19:11:06 deraadt Exp $ */ /* * Copyright (c) 2004 Håkan Olsson. All rights reserved. @@ -354,10 +354,10 @@ virtual_bind_if(char *ifname, struct sockaddr *if_addr, void *arg) if (sockaddr2text(if_addr, &addr_str, 0)) addr_str = 0; - LOG_DBG((LOG_TRANSPORT, 90, + LOG_DBG((LOG_TRANSPORT, 90, "virtual_bind_if: interface %s family %s address %s", ifname ? ifname : "<unknown>", - if_addr->sa_family == AF_INET ? "v4" : + if_addr->sa_family == AF_INET ? "v4" : (if_addr->sa_family == AF_INET6 ? "v6" : "<unknown>"), addr_str ? addr_str : "<invalid>")); if (addr_str) @@ -523,7 +523,7 @@ virtual_clone(struct transport *vt, struct sockaddr *raddr) v2->main = 0; /* No need to clone this. */ else { v2->main = v->main->vtbl->clone(v->main, raddr); - v2->main->virtual = (struct transport *)v2; + v2->main->virtual = (struct transport *)v2; } #if defined (USE_NAT_TRAVERSAL) /* XXX fix strtol() call */ @@ -540,7 +540,7 @@ virtual_clone(struct transport *vt, struct sockaddr *raddr) transport_setup(t, 1); return t; } - + static struct transport * virtual_create(char *name) { @@ -613,7 +613,7 @@ virtual_handle_message(struct transport *t) /* XXX drain pending message. See udp_handle_message(). */ virtual_reinit(); - + /* * As we don't know the actual destination address of the * packet, we can't really deal with it. So, just ignore it @@ -647,7 +647,7 @@ virtual_send_message(struct message *msg, struct transport *t) #if defined (USE_NAT_TRAVERSAL) struct sockaddr *dst; in_port_t port; - + /* * Activate NAT-T Encapsulation if * - the exchange says we can, and diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c index 2978dfc6adb..5b5605fb424 100644 --- a/sbin/isakmpd/x509.c +++ b/sbin/isakmpd/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.93 2004/06/17 19:32:06 hshoexer Exp $ */ +/* $OpenBSD: x509.c,v 1.94 2004/08/08 19:11:06 deraadt Exp $ */ /* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */ /* @@ -108,10 +108,10 @@ int x509_generate_kn(int id, X509 *cert) { char *fmt = "Authorizer: \"rsa-hex:%s\"\nLicensees: \"rsa-hex:%s" - "\"\nConditions: %s >= \"%s\" && %s <= \"%s\";\n"; + "\"\nConditions: %s >= \"%s\" && %s <= \"%s\";\n"; char *ikey, *skey, *buf, isname[256], subname[256]; char *fmt2 = "Authorizer: \"DN:%s\"\nLicensees: \"DN:%s\"\n" - "Conditions: %s >= \"%s\" && %s <= \"%s\";\n"; + "Conditions: %s >= \"%s\" && %s <= \"%s\";\n"; X509_NAME *issuer, *subject; struct keynote_deckey dc; X509_STORE_CTX csc; @@ -522,7 +522,7 @@ x509_hash_init(void) x509_tab = malloc((bucket_mask + 1) * sizeof(struct x509_list)); if (!x509_tab) log_fatal("x509_hash_init: malloc (%lu) failed", - (bucket_mask + 1) * + (bucket_mask + 1) * (unsigned long)sizeof(struct x509_list)); for (i = 0; i <= bucket_mask; i++) { LIST_INIT(&x509_tab[i]); @@ -567,7 +567,7 @@ x509_hash_find(u_int8_t *id, size_t len) return cert->cert; } - LOG_DBG((LOG_CRYPTO, 70, + LOG_DBG((LOG_CRYPTO, 70, "x509_hash_find: no certificate matched query")); return 0; } @@ -752,7 +752,7 @@ x509_read_crls_from_dir(X509_STORE *ctx, char *name) if (file->d_type != DT_UNKNOWN) { if (file->d_type != DT_REG && file->d_type != DT_LNK) continue; - } + } LOG_DBG((LOG_CRYPTO, 60, "x509_read_crls_from_dir: reading " "CRL %s", file->d_name)); |