diff options
| author | Niklas Hallqvist <niklas@cvs.openbsd.org> | 2000-04-07 22:05:20 +0000 |
|---|---|---|
| committer | Niklas Hallqvist <niklas@cvs.openbsd.org> | 2000-04-07 22:05:20 +0000 |
| commit | e4e6a4c075491d69022505f01bcd7fbb62c2ebbf (patch) | |
| tree | 57a83d0d9e184f63f6791ab63d7d294fcd474f35 /sbin | |
| parent | d3e8831b55aff529d61c72807dac07eb468fe8fb (diff) | |
Merge with EOM 1.121
author: niklas
log_fatal is only OK during initialization
author: ho
Missing #ifdef USE_X509 added
author: ho
typo
author: ho
Add #ifdef USE_X509
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/isakmpd/ike_quick_mode.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c index c0853cb046d..0983747c287 100644 --- a/sbin/isakmpd/ike_quick_mode.c +++ b/sbin/isakmpd/ike_quick_mode.c @@ -1,5 +1,5 @@ -/* $OpenBSD: ike_quick_mode.c,v 1.33 2000/02/25 17:22:22 niklas Exp $ */ -/* $EOM: ike_quick_mode.c,v 1.117 2000/02/25 07:06:22 angelos Exp $ */ +/* $OpenBSD: ike_quick_mode.c,v 1.34 2000/04/07 22:05:19 niklas Exp $ */ +/* $EOM: ike_quick_mode.c,v 1.121 2000/04/07 19:02:42 niklas Exp $ */ /* * Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -62,7 +62,9 @@ #include "prf.h" #include "sa.h" #include "transport.h" +#ifdef USE_X509 #include "x509.h" +#endif static void gen_g_xy (struct message *); static int initiator_send_HASH_SA_NONCE (struct message *); @@ -107,12 +109,15 @@ extern struct sa *policy_isakmp_sa; static int check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) { - char *return_values[RETVALUES_NUM], cn[259]; + char *return_values[RETVALUES_NUM]; char *principal = NULL, *principal2 = NULL; + int result; +#ifdef USE_X509 + char cn[259]; struct keynote_deckey dc; X509_NAME *subject; - int result; RSA *key; +#endif /* If there is no policy setup, everything fails. */ if (keynote_sessid < 0) @@ -143,6 +148,7 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) break; case ISAKMP_CERTENC_X509_SIG: +#ifdef USE_X509 /* Retrieve key from certificate. */ if (!x509_cert_get_key (isakmp_sa->recv_cert, &key)) { @@ -156,7 +162,11 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) principal = LK (kn_encode_key, (&dc, INTERNAL_ENC_PKCS1, ENCODING_HEX, KEYNOTE_PUBLIC_KEY)); if (LKV (keynote_errno) == ERROR_MEMORY) - log_fatal ("check_policy: failed to get memory for public key"); + { + log_print ("check_policy: failed to get memory for public key"); + LC (RSA_free, (key)); + return 0; + } if (principal == NULL) { log_print ("check_policy: failed to allocate memory for principal"); @@ -189,6 +199,7 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) principal2 = cn; } break; +#endif /* XXX Eventually handle these. */ case ISAKMP_CERTENC_PKCS: |