src - OpenBSD base system

diff options


context:
space:
mode:

author	Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org>	2004-04-28 20:20:33 +0000
committer	Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org>	2004-04-28 20:20:33 +0000
commit	6103b2424fe99a9b94580b47ee0671ce41aef3d4 (patch)
tree	944acdc7cfc503822087c58b12077816af93cb3e /sbin/isakmpd
parent	54b7c3c1749aae3a0dbfabadd6409c3040eb1a94 (diff)

remove unused variable and shorten names of two other. Removed some spaces

while around. ok ho@ markus@

Diffstat (limited to 'sbin/isakmpd')

-rw-r--r--

sbin/isakmpd/ike_quick_mode.c

116

-rw-r--r--

sbin/isakmpd/policy.c

142

-rw-r--r--

sbin/isakmpd/policy.h

3 files changed, 138 insertions, 141 deletions

diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c
index bb92aaf2a0e..768ebef3f86 100644
--- a/sbin/isakmpd/ike_quick_mode.c
+++ b/sbin/isakmpd/ike_quick_mode.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ike_quick_mode.c,v 1.77 2004/04/15 18:39:25 deraadt Exp $ */

+/* $OpenBSD: ike_quick_mode.c,v 1.78 2004/04/28 20:20:31 hshoexer Exp $ */

/* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */

@@ -78,13 +78,13 @@ static int responder_recv_HASH(struct message *);

static int check_policy(struct exchange *, struct sa *, struct sa *);

#endif

-int (*ike_quick_mode_initiator[]) (struct message *) = {

+int (*ike_quick_mode_initiator[])(struct message *) = {

initiator_send_HASH_SA_NONCE,

initiator_recv_HASH_SA_NONCE,

initiator_send_HASH

};

-int (*ike_quick_mode_responder[]) (struct message *) = {

+int (*ike_quick_mode_responder[])(struct message *) = {

responder_recv_HASH_SA_NONCE,

responder_send_HASH_SA_NONCE,

responder_recv_HASH

@@ -120,7 +120,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

}

/* Add the callback that will handle attributes. */

- if (kn_add_action(isakmp_sa->policy_id, ".*", (char *) policy_callback,

+ if (kn_add_action(isakmp_sa->policy_id, ".*", (char *)policy_callback,

ENVIRONMENT_FLAG_FUNC | ENVIRONMENT_FLAG_REGEX) == -1) {

log_print("check_policy: "

"kn_add_action (%d, \".*\", %p, FUNC | REGEX) failed",

@@ -129,20 +129,20 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

isakmp_sa->policy_id = -1;

return 0;

}

- if (keynote_policy_asserts_num) {

- keynote_ids = calloc(keynote_policy_asserts_num, sizeof *keynote_ids);

+ if (policy_asserts_num) {

+ keynote_ids = calloc(policy_asserts_num, sizeof *keynote_ids);

if (!keynote_ids) {

log_error("check_policy: calloc (%d, %lu) failed",

- keynote_policy_asserts_num,

- (unsigned long) sizeof *keynote_ids);

+ policy_asserts_num,

+ (unsigned long)sizeof *keynote_ids);

return 0;

}

/* Add the policy assertions */

- for (i = 0; i < keynote_policy_asserts_num; i++)

+ for (i = 0; i < policy_asserts_num; i++)

keynote_ids[i] = kn_add_assertion(isakmp_sa->policy_id,

- keynote_policy_asserts[i],

- strlen(keynote_policy_asserts[i]), ASSERT_FLAG_LOCAL);

+ policy_asserts[i],

+ strlen(policy_asserts[i]), ASSERT_FLAG_LOCAL);

/* Initialize -- we'll let the callback do all the work. */

policy_exchange = exchange;

@@ -165,14 +165,14 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal = calloc(nprinc, sizeof *principal);

if (!principal) {

log_error("check_policy: calloc (%d, %lu) failed", nprinc,

- (unsigned long) sizeof *principal);

+ (unsigned long)sizeof *principal);

goto policydone;

}

len = strlen(isakmp_sa->recv_key) + sizeof "passphrase:";

principal[0] = calloc(len, sizeof(char));

if (!principal[0]) {

log_error("check_policy: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto policydone;

}

@@ -187,7 +187,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal[1] = calloc(len, sizeof(char));

if (!principal[1]) {

log_error("check_policy: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto policydone;

}

strlcpy(principal[1], "passphrase-md5-hex:", len);

@@ -200,7 +200,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal[2] = calloc(len, sizeof(char));

if (!principal[2]) {

log_error("check_policy: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto policydone;

}

strlcpy(principal[2], "passphrase-sha1-hex:", len);

@@ -217,15 +217,15 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal = calloc(nprinc, sizeof *principal);

if (!principal) {

log_error("check_policy: calloc (%d, %lu) failed", nprinc,

- (unsigned long) sizeof *principal);

+ (unsigned long)sizeof *principal);

goto policydone;

}

/* Dup the keys */

principal[0] = strdup(isakmp_sa->keynote_key);

if (!principal[0]) {

log_error("check_policy: calloc (%lu, %lu) failed",

- (unsigned long) strlen(isakmp_sa->keynote_key),

- (unsigned long) sizeof(char));

+ (unsigned long)strlen(isakmp_sa->keynote_key),

+ (unsigned long)sizeof(char));

goto policydone;

}

#endif

@@ -236,7 +236,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal = calloc(2, sizeof *principal);

if (!principal) {

log_error("check_policy: calloc (2, %lu) failed",

- (unsigned long) sizeof *principal);

+ (unsigned long)sizeof *principal);

goto policydone;

}

if (isakmp_sa->recv_keytype == ISAKMP_KEY_RSA)

@@ -262,7 +262,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal[1] = calloc(len, sizeof(char));

if (!principal[1]) {

log_error("check_policy: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto policydone;

}

snprintf(principal[1], len, "rsa-hex:%s", principal[0]);

@@ -276,7 +276,7 @@ check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

principal[1] = calloc(259, sizeof(char));

if (!principal[1]) {

log_error("check_policy: calloc (259, %lu) failed",

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto policydone;

}

strlcpy(principal[1], "DN:", 259);

@@ -356,7 +356,7 @@ policydone:

free(principal);

/* Remove the policies */

- for (i = 0; i < keynote_policy_asserts_num; i++) {

+ for (i = 0; i < policy_asserts_num; i++) {

if (keynote_ids[i] != -1)

kn_remove_assertion(isakmp_sa->policy_id, keynote_ids[i]);

}

@@ -448,7 +448,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"realloc (%p, %lu) failed",

proposal,

- prop_cnt * (unsigned long) sizeof *proposal);

+ prop_cnt * (unsigned long)sizeof *proposal);

goto bail_out;

}

proposal = new_proposal;

@@ -459,7 +459,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"realloc (%p, %lu) failed",

transforms_len,

- prop_cnt * (unsigned long) sizeof *transforms_len);

+ prop_cnt * (unsigned long)sizeof *transforms_len);

goto bail_out;

}

transforms_len = new_transforms_len;

@@ -470,7 +470,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"realloc (%p, %lu) failed",

transform,

- prop_cnt * (unsigned long) sizeof *transform);

+ prop_cnt * (unsigned long)sizeof *transform);

goto bail_out;

}

transform = new_transform;

@@ -481,7 +481,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"realloc (%p, %lu) failed",

transform_cnt,

- prop_cnt * (unsigned long) sizeof *transform_cnt);

+ prop_cnt * (unsigned long)sizeof *transform_cnt);

goto bail_out;

}

transform_cnt = new_transform_cnt;

@@ -492,7 +492,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"realloc (%p, %lu) failed",

transform_len,

- prop_cnt * (unsigned long) sizeof *transform_len);

+ prop_cnt * (unsigned long)sizeof *transform_len);

goto bail_out;

}

transform_len = new_transform_len;

@@ -535,7 +535,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"calloc (%d, %lu) failed",

transform_cnt[prop_no],

- (unsigned long) sizeof **transform);

+ (unsigned long)sizeof **transform);

goto bail_out;

}

transform_len[prop_no] = calloc(transform_cnt[prop_no],

@@ -544,7 +544,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

log_error("initiator_send_HASH_SA_NONCE: "

"calloc (%d, %lu) failed",

transform_cnt[prop_no],

- (unsigned long) sizeof **transform_len);

+ (unsigned long)sizeof **transform_len);

goto bail_out;

}

transforms_len[prop_no] = 0;

@@ -603,7 +603,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

attr =

attribute_set_var(attr,

IPSEC_ATTR_SA_LIFE_DURATION,

- (u_int8_t *) & value,

+ (u_int8_t *)&value,

sizeof value);

}

@@ -664,11 +664,11 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

* Make sure that if a group description is specified, it is

* specified for all transforms equally.

- attr = (u_int8_t *) conf_get_str(xf->field,

+ attr = (u_int8_t *)conf_get_str(xf->field,

"GROUP_DESCRIPTION");

new_group_desc

= attr ? constant_value(ike_group_desc_cst,

- (char *) attr) : 0;

+ (char *)attr) : 0;

if (group_desc == -1)

group_desc = new_group_desc;

else if (group_desc != new_group_desc) {

@@ -696,7 +696,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

proposal[prop_no] = malloc(proposal_len);

if (!proposal[prop_no]) {

log_error("initiator_send_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) proposal_len);

+ (unsigned long)proposal_len);

goto bail_out;

}

SET_ISAKMP_PROP_NO(proposal[prop_no], suite_no + 1);

@@ -706,14 +706,14 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

proto = calloc(1, sizeof *proto);

if (!proto) {

log_error("initiator_send_HASH_SA_NONCE: calloc (1, %lu) "

- "failed", (unsigned long) sizeof *proto);

+ "failed", (unsigned long)sizeof *proto);

goto bail_out;

}

if (doi->proto_size) {

proto->data = calloc(1, doi->proto_size);

if (!proto->data) {

log_error("initiator_send_HASH_SA_NONCE: calloc (1, %lu) "

- "failed", (unsigned long) doi->proto_size);

+ "failed", (unsigned long)doi->proto_size);

goto bail_out;

}

@@ -723,11 +723,11 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

proto->xf_cnt = transform_cnt[prop_no];

TAILQ_INIT(&proto->xfs);

for (xf_no = 0; xf_no < proto->xf_cnt; xf_no++) {

- pa = (struct proto_attr *) calloc(1, sizeof *pa);

+ pa = (struct proto_attr *)calloc(1, sizeof *pa);

if (!pa)

goto bail_out;

pa->len = transform_len[prop_no][xf_no];

- pa->attrs = (u_int8_t *) malloc(pa->len);

+ pa->attrs = (u_int8_t *)malloc(pa->len);

if (!pa->attrs) {

free(pa);

goto bail_out;

@@ -763,7 +763,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

sa_buf = malloc(sa_len);

if (!sa_buf) {

log_error("initiator_send_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) sa_len);

+ (unsigned long)sa_len);

goto bail_out;

}

SET_ISAKMP_SA_DOI(sa_buf, IPSEC_DOI_IPSEC);

@@ -878,7 +878,7 @@ initiator_send_HASH_SA_NONCE(struct message * msg)

id = calloc(sz, sizeof(char));

if (!id) {

log_error("initiator_send_HASH_SA_NONCE: calloc (%lu, %lu) failed",

- (unsigned long) sz, (unsigned long) sizeof(char));

+ (unsigned long)sz, (unsigned long)sizeof(char));

return -1;

}

switch (src->sa_family) {

@@ -982,7 +982,7 @@ initiator_recv_HASH_SA_NONCE(struct message * msg)

/* Allocate the prf and start calculating our HASH(1). XXX Share? */

LOG_DBG_BUF((LOG_NEGOTIATION, 90, "initiator_recv_HASH_SA_NONCE: SKEYID_a",

- (u_int8_t *) isa->skeyid_a, isa->skeyid_len));

+ (u_int8_t *)isa->skeyid_a, isa->skeyid_len));

prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a, isa->skeyid_len);

if (!prf)

return -1;

@@ -997,7 +997,7 @@ initiator_recv_HASH_SA_NONCE(struct message * msg)

prf->Update(prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);

rest = hashp->p + GET_ISAKMP_GEN_LENGTH(hashp->p);

rest_len = (GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base)

- - (rest - (u_int8_t *) msg->iov[0].iov_base));

+ - (rest - (u_int8_t *)msg->iov[0].iov_base));

LOG_DBG_BUF((LOG_NEGOTIATION, 90,

"initiator_recv_HASH_SA_NONCE: payloads after HASH(2)", rest,

rest_len));

@@ -1045,7 +1045,7 @@ initiator_recv_HASH_SA_NONCE(struct message * msg)

ie->id_ci = malloc(ie->id_ci_sz);

if (!ie->id_ci) {

log_error("initiator_recv_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) ie->id_ci_sz);

+ (unsigned long)ie->id_ci_sz);

return -1;

}

memcpy(ie->id_ci, idp->p, ie->id_ci_sz);

@@ -1060,7 +1060,7 @@ initiator_recv_HASH_SA_NONCE(struct message * msg)

ie->id_cr = malloc(ie->id_cr_sz);

if (!ie->id_cr) {

log_error("initiator_recv_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) ie->id_cr_sz);

+ (unsigned long)ie->id_cr_sz);

return -1;

}

memcpy(ie->id_cr, idp->p, ie->id_cr_sz);

@@ -1094,7 +1094,7 @@ initiator_recv_HASH_SA_NONCE(struct message * msg)

if (!ie->id_ci || !ie->id_cr) {

log_error("initiator_recv_HASH_SA_NONCE: calloc (%lu, %lu) failed",

- (unsigned long) ie->id_cr_sz, (unsigned long) sizeof(char));

+ (unsigned long)ie->id_cr_sz, (unsigned long)sizeof(char));

if (ie->id_ci) {

free(ie->id_ci);

ie->id_ci = 0;

@@ -1210,7 +1210,7 @@ initiator_send_HASH(struct message * msg)

buf = malloc(ISAKMP_HASH_SZ + hashsize);

if (!buf) {

log_error("initiator_send_HASH: malloc (%lu) failed",

- ISAKMP_HASH_SZ + (unsigned long) hashsize);

+ ISAKMP_HASH_SZ + (unsigned long)hashsize);

return -1;

}

if (message_add_payload(msg, ISAKMP_PAYLOAD_HASH, buf,

@@ -1225,7 +1225,7 @@ initiator_send_HASH(struct message * msg)

if (!prf)

return -1;

prf->Init(prf->prfctx);

- prf->Update(prf->prfctx, (unsigned char *) "\0", 1);

+ prf->Update(prf->prfctx, (unsigned char *)"\0", 1);

LOG_DBG_BUF((LOG_NEGOTIATION, 90, "initiator_send_HASH: message_id",

exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));

prf->Update(prf->prfctx, exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);

@@ -1296,7 +1296,7 @@ post_quick_mode(struct message * msg)

/ prf->blocksize) * prf->blocksize);

if (!iproto->keymat[i]) {

log_error("post_quick_mode: malloc (%lu) failed",

- (((unsigned long) ie->keymat_len +

+ (((unsigned long)ie->keymat_len +

prf->blocksize - 1) / prf->blocksize) *

prf->blocksize);

/* XXX What more to do? */

@@ -1396,7 +1396,7 @@ responder_recv_HASH_SA_NONCE(struct message * msg)

my_hash = malloc(hash_len - ISAKMP_GEN_SZ);

if (!my_hash) {

log_error("responder_recv_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) hash_len - ISAKMP_GEN_SZ);

+ (unsigned long)hash_len - ISAKMP_GEN_SZ);

goto cleanup;

}

@@ -1448,7 +1448,7 @@ responder_recv_HASH_SA_NONCE(struct message * msg)

ie->id_ci = malloc(ie->id_ci_sz);

if (!ie->id_ci) {

log_error("responder_recv_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) ie->id_ci_sz);

+ (unsigned long)ie->id_ci_sz);

goto cleanup;

}

memcpy(ie->id_ci, idp->p, ie->id_ci_sz);

@@ -1463,7 +1463,7 @@ responder_recv_HASH_SA_NONCE(struct message * msg)

ie->id_cr = malloc(ie->id_cr_sz);

if (!ie->id_cr) {

log_error("responder_recv_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) ie->id_cr_sz);

+ (unsigned long)ie->id_cr_sz);

goto cleanup;

}

memcpy(ie->id_cr, idp->p, ie->id_cr_sz);

@@ -1497,7 +1497,7 @@ responder_recv_HASH_SA_NONCE(struct message * msg)

if (!ie->id_ci || !ie->id_cr) {

log_error("responder_recv_HASH_SA_NONCE: calloc (%lu, %lu) failed",

- (unsigned long) ie->id_ci_sz, (unsigned long) sizeof(char));

+ (unsigned long)ie->id_ci_sz, (unsigned long)sizeof(char));

goto cleanup;

}

if (src->sa_family != dst->sa_family) {

@@ -1549,7 +1549,7 @@ responder_recv_HASH_SA_NONCE(struct message * msg)

ipsec_decode_transform(msg, sa, proto, proto->chosen->p);

if (proto->proto == IPSEC_PROTO_IPSEC_AH

- && !((struct ipsec_proto *) proto->data)->auth) {

+ && !((struct ipsec_proto *)proto->data)->auth) {

log_print("responder_recv_HASH_SA_NONCE: "

"AH proposed without an algorithm attribute");

message_drop(msg, ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN, 0, 1, 0);

@@ -1683,7 +1683,7 @@ responder_send_HASH_SA_NONCE(struct message * msg)

buf = malloc(ISAKMP_HASH_SZ + hashsize);

if (!buf) {

log_error("responder_send_HASH_SA_NONCE: malloc (%lu) failed",

- ISAKMP_HASH_SZ + (unsigned long) hashsize);

+ ISAKMP_HASH_SZ + (unsigned long)hashsize);

return -1;

}

if (message_add_payload(msg, ISAKMP_PAYLOAD_HASH, buf,

@@ -1712,7 +1712,7 @@ responder_send_HASH_SA_NONCE(struct message * msg)

id = malloc(sz);

if (!id) {

log_error("responder_send_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) sz);

+ (unsigned long)sz);

return -1;

}

memcpy(id, ie->id_ci, sz);

@@ -1726,7 +1726,7 @@ responder_send_HASH_SA_NONCE(struct message * msg)

id = malloc(sz);

if (!id) {

log_error("responder_send_HASH_SA_NONCE: malloc (%lu) failed",

- (unsigned long) sz);

+ (unsigned long)sz);

return -1;

}

memcpy(id, ie->id_cr, sz);

@@ -1786,7 +1786,7 @@ gen_g_xy(struct message * msg)

/* Compute Diffie-Hellman shared value. */

ie->g_xy = malloc(ie->g_x_len);

if (!ie->g_xy) {

- log_error("gen_g_xy: malloc (%lu) failed", (unsigned long) ie->g_x_len);

+ log_error("gen_g_xy: malloc (%lu) failed", (unsigned long)ie->g_x_len);

return;

}

if (dh_create_shared(ie->group, ie->g_xy,

@@ -1816,7 +1816,7 @@ responder_recv_HASH(struct message * msg)

my_hash = malloc(hash_len - ISAKMP_GEN_SZ);

if (!my_hash) {

log_error("responder_recv_HASH: malloc (%lu) failed",

- (unsigned long) hash_len - ISAKMP_GEN_SZ);

+ (unsigned long)hash_len - ISAKMP_GEN_SZ);

goto cleanup;

}

/* Allocate the prf and start calculating our HASH(3). XXX Share? */

@@ -1828,7 +1828,7 @@ responder_recv_HASH(struct message * msg)

if (!prf)

goto cleanup;

prf->Init(prf->prfctx);

- prf->Update(prf->prfctx, (unsigned char *) "\0", 1);

+ prf->Update(prf->prfctx, (unsigned char *)"\0", 1);

LOG_DBG_BUF((LOG_NEGOTIATION, 90, "responder_recv_HASH: message_id",

exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));

prf->Update(prf->prfctx, exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);

diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c
index d6ea76eefff..27f3ca32d1a 100644
--- a/sbin/isakmpd/policy.c
+++ b/sbin/isakmpd/policy.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: policy.c,v 1.70 2004/04/15 18:39:26 deraadt Exp $ */

+/* $OpenBSD: policy.c,v 1.71 2004/04/28 20:20:31 hshoexer Exp $ */

/* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */

@@ -66,8 +66,8 @@

#include "policy.h"

#include "x509.h"

-char **keynote_policy_asserts = NULL;

-int keynote_policy_asserts_num = 0;

+char **policy_asserts = NULL;

+int policy_asserts_num = 0;

struct exchange *policy_exchange = 0;

struct sa *policy_sa = 0;

struct sa *policy_isakmp_sa = 0;

@@ -92,9 +92,9 @@ my_inet_ntop4(const in_addr_t * src, char *dst, size_t size, int normalize)

else

src2 = *src;

- if (snprintf(tmp, sizeof tmp, fmt, ((u_int8_t *) & src2)[0],

- ((u_int8_t *) & src2)[1], ((u_int8_t *) & src2)[2],

- ((u_int8_t *) & src2)[3]) > (int) size) {

+ if (snprintf(tmp, sizeof tmp, fmt, ((u_int8_t *)&src2)[0],

+ ((u_int8_t *)&src2)[1], ((u_int8_t *)&src2)[2],

+ ((u_int8_t *)&src2)[3]) > (int)size) {

errno = ENOSPC;

return 0;

}

@@ -111,7 +111,7 @@ my_inet_ntop6(const unsigned char *src, char *dst, size_t size)

if (snprintf(tmp, sizeof tmp, fmt, src[0], src[1], src[2], src[3], src[4],

src[5], src[6], src[7], src[8], src[9], src[10], src[11],

- src[12], src[13], src[14], src[15]) > (int) size) {

+ src[12], src[13], src[14], src[15]) > (int)size) {

errno = ENOSPC;

return 0;

}

@@ -704,7 +704,7 @@ policy_callback(char *name)

remote_id = calloc(len, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%d, %lu) failed",

- len, (unsigned long) sizeof(char));

+ len, (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_id, remote_id_addr_lower, len);

@@ -728,7 +728,7 @@ policy_callback(char *name)

remote_id = calloc(len, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%d, %lu) failed",

- len, (unsigned long) sizeof(char));

+ len, (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_id, remote_id_addr_lower, len);

@@ -766,7 +766,7 @@ policy_callback(char *name)

remote_id = calloc(len, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%d, %lu) failed",

- len, (unsigned long) sizeof(char));

+ len, (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_id, remote_id_addr_lower, len);

@@ -788,13 +788,13 @@ policy_callback(char *name)

for (i = 0; i < 16; i++)

net.s6_addr[i] &= mask.s6_addr[i];

- my_inet_ntop6((unsigned char *) &net, remote_id_addr_lower,

+ my_inet_ntop6((unsigned char *)&net, remote_id_addr_lower,

sizeof remote_id_addr_lower - 1);

for (i = 0; i < 16; i++)

net.s6_addr[i] |= ~mask.s6_addr[i];

- my_inet_ntop6((unsigned char *) &net, remote_id_addr_upper,

+ my_inet_ntop6((unsigned char *)&net, remote_id_addr_upper,

sizeof remote_id_addr_upper - 1);

len = strlen(remote_id_addr_upper) +

@@ -802,7 +802,7 @@ policy_callback(char *name)

remote_id = calloc(len, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%d, %lu) failed",

- len, (unsigned long) sizeof(char));

+ len, (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_id, remote_id_addr_lower, len);

@@ -817,9 +817,9 @@ policy_callback(char *name)

ISAKMP_GEN_SZ + 1, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%lu, %lu) failed",

- (unsigned long) id_sz - ISAKMP_ID_DATA_OFF +

+ (unsigned long)id_sz - ISAKMP_ID_DATA_OFF +

ISAKMP_GEN_SZ + 1,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

memcpy(remote_id, id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ,

@@ -832,9 +832,9 @@ policy_callback(char *name)

ISAKMP_GEN_SZ + 1, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%lu, %lu) failed",

- (unsigned long) id_sz - ISAKMP_ID_DATA_OFF +

+ (unsigned long)id_sz - ISAKMP_ID_DATA_OFF +

ISAKMP_GEN_SZ + 1,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

memcpy(remote_id, id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ,

@@ -864,9 +864,9 @@ policy_callback(char *name)

ISAKMP_GEN_SZ) + 1, sizeof(char));

if (!remote_id) {

log_error("policy_callback: calloc (%lu, %lu) failed",

- 2 * ((unsigned long) id_sz -

+ 2 * ((unsigned long)id_sz -

ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ) + 1,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

/* Does it contain any non-printable characters ? */

@@ -969,7 +969,7 @@ policy_callback(char *name)

if (!remote_filter) {

log_error("policy_callback: calloc "

"(%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_filter, remote_filter_addr_lower, len);

@@ -994,7 +994,7 @@ policy_callback(char *name)

if (!remote_filter) {

log_error("policy_callback: calloc "

"(%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_filter, remote_filter_addr_lower, len);

@@ -1036,7 +1036,7 @@ policy_callback(char *name)

if (!remote_filter) {

log_error("policy_callback: calloc "

"(%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_filter, remote_filter_addr_lower, len);

@@ -1056,13 +1056,13 @@ policy_callback(char *name)

for (i = 0; i < 16; i++)

net.s6_addr[i] &= mask.s6_addr[i];

- my_inet_ntop6((unsigned char *) &net, remote_filter_addr_lower,

+ my_inet_ntop6((unsigned char *)&net, remote_filter_addr_lower,

sizeof remote_filter_addr_lower - 1);

for (i = 0; i < 16; i++)

net.s6_addr[i] |= ~mask.s6_addr[i];

- my_inet_ntop6((unsigned char *) &net, remote_filter_addr_upper,

+ my_inet_ntop6((unsigned char *)&net, remote_filter_addr_upper,

sizeof remote_filter_addr_upper - 1);

len = strlen(remote_filter_addr_upper)

@@ -1070,7 +1070,7 @@ policy_callback(char *name)

remote_filter = calloc(len, sizeof(char));

if (!remote_filter) {

log_error("policy_callback: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(remote_filter, remote_filter_addr_lower, len);

@@ -1084,7 +1084,7 @@ policy_callback(char *name)

remote_filter = malloc(idremotesz - ISAKMP_ID_DATA_OFF + 1);

if (!remote_filter) {

log_error("policy_callback: malloc (%lu) failed",

- (unsigned long) idremotesz - ISAKMP_ID_DATA_OFF + 1);

+ (unsigned long)idremotesz - ISAKMP_ID_DATA_OFF + 1);

goto bad;

}

memcpy(remote_filter, idremote + ISAKMP_ID_DATA_OFF,

@@ -1097,7 +1097,7 @@ policy_callback(char *name)

remote_filter = malloc(idremotesz - ISAKMP_ID_DATA_OFF + 1);

if (!remote_filter) {

log_error("policy_callback: malloc (%lu) failed",

- (unsigned long) idremotesz - ISAKMP_ID_DATA_OFF + 1);

+ (unsigned long)idremotesz - ISAKMP_ID_DATA_OFF + 1);

goto bad;

}

memcpy(remote_filter, idremote + ISAKMP_ID_DATA_OFF,

@@ -1129,8 +1129,8 @@ policy_callback(char *name)

sizeof(char));

if (!remote_filter) {

log_error("policy_callback: calloc (%lu, %lu) failed",

- 2 * ((unsigned long) idremotesz - ISAKMP_ID_DATA_OFF) + 1,

- (unsigned long) sizeof(char));

+ 2 * ((unsigned long)idremotesz - ISAKMP_ID_DATA_OFF) + 1,

+ (unsigned long)sizeof(char));

goto bad;

}

@@ -1248,7 +1248,7 @@ policy_callback(char *name)

local_filter = calloc(len, sizeof(char));

if (!local_filter) {

log_error("policy_callback: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(local_filter, local_filter_addr_lower, len);

@@ -1272,7 +1272,7 @@ policy_callback(char *name)

local_filter = calloc(len, sizeof(char));

if (!local_filter) {

log_error("policy_callback: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(local_filter, local_filter_addr_lower, len);

@@ -1311,7 +1311,7 @@ policy_callback(char *name)

local_filter = calloc(len, sizeof(char));

if (!local_filter) {

log_error("policy_callback: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(local_filter, local_filter_addr_lower, len);

@@ -1331,13 +1331,13 @@ policy_callback(char *name)

for (i = 0; i < 16; i++)

net.s6_addr[i] &= mask.s6_addr[i];

- my_inet_ntop6((unsigned char *) &net, local_filter_addr_lower,

+ my_inet_ntop6((unsigned char *)&net, local_filter_addr_lower,

sizeof local_filter_addr_lower - 1);

for (i = 0; i < 16; i++)

net.s6_addr[i] |= ~mask.s6_addr[i];

- my_inet_ntop6((unsigned char *) &net, local_filter_addr_upper,

+ my_inet_ntop6((unsigned char *)&net, local_filter_addr_upper,

sizeof local_filter_addr_upper - 1);

len = strlen(local_filter_addr_upper)

@@ -1345,7 +1345,7 @@ policy_callback(char *name)

local_filter = calloc(len, sizeof(char));

if (!local_filter) {

log_error("policy_callback: calloc (%d, %lu) failed", len,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

goto bad;

}

strlcpy(local_filter, local_filter_addr_lower, len);

@@ -1359,7 +1359,7 @@ policy_callback(char *name)

local_filter = malloc(idlocalsz - ISAKMP_ID_DATA_OFF + 1);

if (!local_filter) {

log_error("policy_callback: malloc (%lu) failed",

- (unsigned long) idlocalsz - ISAKMP_ID_DATA_OFF + 1);

+ (unsigned long)idlocalsz - ISAKMP_ID_DATA_OFF + 1);

goto bad;

}

memcpy(local_filter, idlocal + ISAKMP_ID_DATA_OFF,

@@ -1372,7 +1372,7 @@ policy_callback(char *name)

local_filter = malloc(idlocalsz - ISAKMP_ID_DATA_OFF + 1);

if (!local_filter) {

log_error("policy_callback: malloc (%lu) failed",

- (unsigned long) idlocalsz - ISAKMP_ID_DATA_OFF + 1);

+ (unsigned long)idlocalsz - ISAKMP_ID_DATA_OFF + 1);

goto bad;

}

memcpy(local_filter, idlocal + ISAKMP_ID_DATA_OFF,

@@ -1403,8 +1403,8 @@ policy_callback(char *name)

sizeof(char));

if (!local_filter) {

log_error("policy_callback: calloc (%lu, %lu) failed",

- 2 * ((unsigned long) idlocalsz - ISAKMP_ID_DATA_OFF) + 1,

- (unsigned long) sizeof(char));

+ 2 * ((unsigned long)idlocalsz - ISAKMP_ID_DATA_OFF) + 1,

+ (unsigned long)sizeof(char));

goto bad;

}

@@ -1460,7 +1460,7 @@ policy_callback(char *name)

decode_16(idlocal + ISAKMP_GEN_SZ + 2));

} else {

policy_sa->transport->vtbl->get_src(policy_sa->transport,

- (struct sockaddr **) & sin);

+ (struct sockaddr **)&sin);

switch (sin->sa_family) {

case AF_INET:

local_filter_type = "IPv4 address";

@@ -1568,12 +1568,12 @@ policy_callback(char *name)

return phase_1;

if (strcmp(name, "GMTTimeOfDay") == 0) {

- tt = time((time_t) NULL);

+ tt = time((time_t)NULL);

strftime(mytimeofday, 14, "%Y%m%d%H%M%S", gmtime(&tt));

return mytimeofday;

}

if (strcmp(name, "LocalTimeOfDay") == 0) {

- tt = time((time_t) NULL);

+ tt = time((time_t)NULL);

strftime(mytimeofday, 14, "%Y%m%d%H%M%S", localtime(&tt));

return mytimeofday;

}

@@ -1779,15 +1779,15 @@ policy_init(void)

/* Allocate memory to keep policies. */

ptr = calloc(sz + 1, sizeof(char));

if (!ptr)

- log_fatal("policy_init: calloc (%lu, %lu) failed", (unsigned long) sz + 1,

- (unsigned long) sizeof(char));

+ log_fatal("policy_init: calloc (%lu, %lu) failed", (unsigned long)sz + 1,

+ (unsigned long)sizeof(char));

/* Just in case there are short reads... */

for (len = 0; len < sz; len += i) {

i = read(fd, ptr + len, sz - len);

if (i == -1)

log_fatal("policy_init: read (%d, %p, %lu) failed", fd, ptr + len,

- (unsigned long) (sz - len));

+ (unsigned long)(sz - len));

}

/* We're done with this. */

@@ -1799,19 +1799,19 @@ policy_init(void)

/* Begone! */

free(ptr);

- if (asserts == (char **) NULL)

+ if (asserts == (char **)NULL)

log_print("policy_init: all policies flushed");

/* Cleanup */

- if (keynote_policy_asserts) {

- for (fd = 0; fd < keynote_policy_asserts_num; fd++)

- if (keynote_policy_asserts && keynote_policy_asserts[fd])

- free(keynote_policy_asserts[fd]);

+ if (policy_asserts) {

+ for (fd = 0; fd < policy_asserts_num; fd++)

+ if (policy_asserts && policy_asserts[fd])

+ free(policy_asserts[fd]);

- free(keynote_policy_asserts);

+ free(policy_asserts);

}

- keynote_policy_asserts = asserts;

- keynote_policy_asserts_num = i;

+ policy_asserts = asserts;

+ policy_asserts_num = i;

}

/* Nothing needed for initialization */

@@ -1848,12 +1848,12 @@ keynote_cert_validate(void *scert)

if (scert == NULL)

return 0;

- foo = kn_read_asserts((char *) scert, strlen((char *) scert), &num);

+ foo = kn_read_asserts((char *)scert, strlen((char *)scert), &num);

if (foo == NULL)

return 0;

for (i = 0; i < num; i++) {

- if (kn_verify_assertion(scert, strlen((char *) scert))

+ if (kn_verify_assertion(scert, strlen((char *)scert))

!= SIGRESULT_TRUE) {

for (; i < num; i++)

free(foo[i]);

@@ -1877,7 +1877,7 @@ keynote_cert_insert(int sid, void *scert)

if (scert == NULL)

return 0;

- foo = kn_read_asserts((char *) scert, strlen((char *) scert), &num);

+ foo = kn_read_asserts((char *)scert, strlen((char *)scert), &num);

if (foo == NULL)

return 0;

@@ -1905,7 +1905,7 @@ keynote_certreq_validate(u_int8_t * data, u_int32_t len)

dat = calloc(len + 1, sizeof(char));

if (!dat) {

log_error("keynote_certreq_validate: calloc (%d, %lu) failed", len + 1,

- (unsigned long) sizeof(char));

+ (unsigned long)sizeof(char));

return 0;

}

memcpy(dat, data, len);

@@ -1971,7 +1971,7 @@ keynote_cert_obtain(u_int8_t * id, size_t id_len, void *data, u_int8_t ** cert,

file = calloc(len + strlen(addr_str), sizeof(char));

if (file == NULL) {

log_error("keynote_cert_obtain: failed to allocate %lu bytes",

- (unsigned long) len + strlen(addr_str));

+ (unsigned long)len + strlen(addr_str));

free(addr_str);

return 0;

}

@@ -1986,7 +1986,7 @@ keynote_cert_obtain(u_int8_t * id, size_t id_len, void *data, u_int8_t ** cert,

file = calloc(len + id_len, sizeof(char));

if (file == NULL) {

log_error("keynote_cert_obtain: failed to allocate %lu bytes",

- (unsigned long) len + id_len);

+ (unsigned long)len + id_len);

return 0;

}

snprintf(file, len + id_len, "%s/", dirname);

@@ -2006,12 +2006,12 @@ keynote_cert_obtain(u_int8_t * id, size_t id_len, void *data, u_int8_t ** cert,

free(file);

return 0;

}

- size = (size_t) sb.st_size;

+ size = (size_t)sb.st_size;

*cert = calloc(size + 1, sizeof(char));

if (*cert == NULL) {

log_error("keynote_cert_obtain: failed to allocate %lu bytes",

- (unsigned long) size);

+ (unsigned long)size);

free(file);

return 0;

}

@@ -2022,9 +2022,9 @@ keynote_cert_obtain(u_int8_t * id, size_t id_len, void *data, u_int8_t ** cert,

free(file);

return 0;

}

- if (read(fd, *cert, size) != (int) size) {

+ if (read(fd, *cert, size) != (int)size) {

LOG_DBG((LOG_POLICY, 30, "keynote_cert_obtain: failed to read %lu "

- "bytes from \"%s\"", (unsigned long) size, file));

+ "bytes from \"%s\"", (unsigned long)size, file));

free(file);

close(fd);

return 0;

@@ -2051,7 +2051,7 @@ keynote_cert_get_key(void *scert, void *keyp)

int sid, kid, num;

char **foo;

- foo = kn_read_asserts((char *) scert, strlen((char *) scert), &num);

+ foo = kn_read_asserts((char *)scert, strlen((char *)scert), &num);

if (foo == NULL || num == 0) {

log_print("keynote_cert_get_key: failed to decompose credentials");

return 0;

@@ -2075,12 +2075,12 @@ keynote_cert_get_key(void *scert, void *keyp)

kn_close(kid);

return 0;

}

- *(RSA **) keyp = NULL;

+ *(RSA **)keyp = NULL;

kl = kn_get_licensees(kid, sid);

while (kl) {

if (kl->key_alg == KEYNOTE_ALGORITHM_RSA) {

- *(RSA **) keyp = RSAPublicKey_dup(kl->key_key);

+ *(RSA **)keyp = RSAPublicKey_dup(kl->key_key);

break;

}

kl = kl->key_next;

@@ -2088,20 +2088,20 @@ keynote_cert_get_key(void *scert, void *keyp)

kn_remove_assertion(kid, sid);

kn_close(kid);

- return *(RSA **) keyp == NULL ? 0 : 1;

+ return *(RSA **)keyp == NULL ? 0 : 1;

}

void *

keynote_cert_dup(void *cert)

{

- return strdup((char *) cert);

+ return strdup((char *)cert);

}

void

keynote_serialize(void *cert, u_int8_t **data, u_int32_t *datalen)

{

- *datalen = strlen((char *) cert) + 1;

- *data = (u_int8_t *) strdup(cert); /* i.e an extra character at

+ *datalen = strlen((char *)cert) + 1;

+ *data = (u_int8_t *)strdup(cert); /* i.e an extra character at

* the end... */

if (*data == NULL)

log_error("keynote_serialize: malloc (%d) failed", *datalen);

@@ -2111,7 +2111,7 @@ keynote_serialize(void *cert, u_int8_t **data, u_int32_t *datalen)

char *

keynote_printable(void *cert)

{

- return strdup((char *) cert);

+ return strdup((char *)cert);

}

/* From printable to cert */

diff --git a/sbin/isakmpd/policy.h b/sbin/isakmpd/policy.h
index 4434f53c5bc..4b39c78f24c 100644
--- a/sbin/isakmpd/policy.h
+++ b/sbin/isakmpd/policy.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: policy.h,v 1.13 2004/04/15 18:39:26 deraadt Exp $ */

+/* $OpenBSD: policy.h,v 1.14 2004/04/28 20:20:32 hshoexer Exp $ */

/* $EOM: policy.h,v 1.12 2000/09/28 12:53:27 niklas Exp $ */

@@ -34,15 +34,14 @@

#define _POLICY_H_

#if defined (USE_KEYNOTE)

-#define CREDENTIAL_FILE "credentials"

-#define PRIVATE_KEY_FILE "private_key"

+#define CREDENTIAL_FILE "credentials"

+#define PRIVATE_KEY_FILE "private_key"

#endif

-extern int keynote_sessid;

-extern int keynote_policy_asserts_num;

+extern int policy_asserts_num;

extern int x509_policy_asserts_num;

extern int x509_policy_asserts_num_alloc;

-extern char **keynote_policy_asserts;

+extern char **policy_asserts;

extern char **x509_policy_asserts;

extern struct exchange *policy_exchange;

extern struct sa *policy_sa;

@@ -58,15 +57,13 @@ extern void keynote_cert_free(void *);

extern int keynote_certreq_validate(u_int8_t *, u_int32_t);

extern void *keynote_certreq_decode(u_int8_t *, u_int32_t);

extern void keynote_free_aca(void *);

-extern int

-keynote_cert_obtain(u_int8_t *, size_t, void *,

+extern int keynote_cert_obtain(u_int8_t *, size_t, void *,

u_int8_t **, u_int32_t *);

-extern int

-keynote_cert_get_subjects(void *, int *, u_int8_t ***,

- u_int32_t **);

+extern int keynote_cert_get_subjects(void *, int *, u_int8_t ***,

+ u_int32_t **);

extern int keynote_cert_get_key(void *, void *);

extern void *keynote_cert_dup(void *);

extern void keynote_serialize(void *, u_int8_t **, u_int32_t *);

extern char *keynote_printable(void *);

extern void *keynote_from_printable(char *);

-#endif /* _POLICY_H_ */

+#endif /* _POLICY_H_ */