diff options
-rw-r--r-- | sbin/isakmpd/ike_phase_1.c | 14 | ||||
-rw-r--r-- | sbin/isakmpd/ike_quick_mode.c | 32 | ||||
-rw-r--r-- | sbin/isakmpd/ipsec.c | 67 | ||||
-rw-r--r-- | sbin/isakmpd/isakmp_cfg.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/util.c | 18 | ||||
-rw-r--r-- | sbin/isakmpd/util.h | 6 |
6 files changed, 77 insertions, 68 deletions
diff --git a/sbin/isakmpd/ike_phase_1.c b/sbin/isakmpd/ike_phase_1.c index 02865ff4197..6dce75ee43d 100644 --- a/sbin/isakmpd/ike_phase_1.c +++ b/sbin/isakmpd/ike_phase_1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_phase_1.c,v 1.30 2001/07/01 20:11:53 niklas Exp $ */ +/* $OpenBSD: ike_phase_1.c,v 1.31 2001/10/26 12:03:07 ho Exp $ */ /* $EOM: ike_phase_1.c,v 1.31 2000/12/11 23:47:56 niklas Exp $ */ /* @@ -802,7 +802,7 @@ ike_phase_1_send_ID (struct message *msg) my_id = conf_get_str ("General", "Default-phase-1-ID"); msg->transport->vtbl->get_src (msg->transport, &src); - sz = my_id ? ipsec_id_size (my_id, &id_type) : sockaddr_len (src); + sz = my_id ? ipsec_id_size (my_id, &id_type) : sockaddr_addrlen (src); if (sz == -1) return -1; @@ -824,8 +824,8 @@ ike_phase_1_send_ID (struct message *msg) case IPSEC_ID_IPV4_ADDR: case IPSEC_ID_IPV6_ADDR: /* Already in network byteorder. */ - memcpy (buf + ISAKMP_ID_DATA_OFF, sockaddr_data (src), - sockaddr_len (src)); + memcpy (buf + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (src), + sockaddr_addrlen (src)); break; case IPSEC_ID_FQDN: @@ -853,8 +853,8 @@ ike_phase_1_send_ID (struct message *msg) break; } /* Already in network byteorder. */ - memcpy (buf + ISAKMP_ID_DATA_OFF, sockaddr_data (src), - sockaddr_len (src)); + memcpy (buf + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (src), + sockaddr_addrlen (src)); } if (message_add_payload (msg, ISAKMP_PAYLOAD_ID, buf, sz, 1)) @@ -976,7 +976,7 @@ ike_phase_1_recv_ID (struct message *msg) return -1; } - memcpy (rid, sockaddr_data (sa), sockaddr_len (sa)); + memcpy (rid, sockaddr_addrdata (sa), sockaddr_addrlen (sa)); free (sa); break; diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c index e7f01dc03f9..e617eb3ac8d 100644 --- a/sbin/isakmpd/ike_quick_mode.c +++ b/sbin/isakmpd/ike_quick_mode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_quick_mode.c,v 1.55 2001/10/05 05:57:06 ho Exp $ */ +/* $OpenBSD: ike_quick_mode.c,v 1.56 2001/10/26 12:03:07 ho Exp $ */ /* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */ /* @@ -891,7 +891,7 @@ initiator_send_HASH_SA_NONCE (struct message *msg) /* If we're here, then we are the initiator, so use initiator address for local ID */ msg->transport->vtbl->get_src (msg->transport, &src); - sz = ISAKMP_ID_SZ + sockaddr_len (src); + sz = ISAKMP_ID_SZ + sockaddr_addrlen (src); id = calloc (sz, sizeof (char)); if (!id) @@ -914,8 +914,8 @@ initiator_send_HASH_SA_NONCE (struct message *msg) free (id); return -1; } - memcpy (id + ISAKMP_ID_DATA_OFF, sockaddr_data (src), - sockaddr_len (src)); + memcpy (id + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (src), + sockaddr_addrlen (src)); LOG_DBG_BUF ((LOG_NEGOTIATION, 90, "initiator_send_HASH_SA_NONCE: IDic", id, sz)); @@ -1125,8 +1125,8 @@ initiator_recv_HASH_SA_NONCE (struct message *msg) /* Get initiator and responder addresses. */ msg->transport->vtbl->get_src (msg->transport, &src); msg->transport->vtbl->get_dst (msg->transport, &dst); - ie->id_ci_sz = ISAKMP_ID_DATA_OFF + sockaddr_len (src); - ie->id_cr_sz = ISAKMP_ID_DATA_OFF + sockaddr_len (dst); + ie->id_ci_sz = ISAKMP_ID_DATA_OFF + sockaddr_addrlen (src); + ie->id_cr_sz = ISAKMP_ID_DATA_OFF + sockaddr_addrlen (dst); ie->id_ci = calloc (ie->id_ci_sz, sizeof (char)); ie->id_cr = calloc (ie->id_cr_sz, sizeof (char)); @@ -1168,10 +1168,10 @@ initiator_recv_HASH_SA_NONCE (struct message *msg) free (ie->id_cr); return -1; } - memcpy (ie->id_ci + ISAKMP_ID_DATA_OFF, sockaddr_data (src), - sockaddr_len (src)); - memcpy (ie->id_cr + ISAKMP_ID_DATA_OFF, sockaddr_data (dst), - sockaddr_len (dst)); + memcpy (ie->id_ci + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (src), + sockaddr_addrlen (src)); + memcpy (ie->id_cr + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (dst), + sockaddr_addrlen (dst)); } /* Build the protection suite in our SA. */ @@ -1539,8 +1539,8 @@ responder_recv_HASH_SA_NONCE (struct message *msg) /* Get initiator and responder addresses. */ msg->transport->vtbl->get_src (msg->transport, &src); msg->transport->vtbl->get_dst (msg->transport, &dst); - ie->id_ci_sz = ISAKMP_ID_DATA_OFF + sockaddr_len (src); - ie->id_cr_sz = ISAKMP_ID_DATA_OFF + sockaddr_len (dst); + ie->id_ci_sz = ISAKMP_ID_DATA_OFF + sockaddr_addrlen (src); + ie->id_cr_sz = ISAKMP_ID_DATA_OFF + sockaddr_addrlen (dst); ie->id_ci = calloc (ie->id_ci_sz, sizeof (char)); ie->id_cr = calloc (ie->id_cr_sz, sizeof (char)); @@ -1575,10 +1575,10 @@ responder_recv_HASH_SA_NONCE (struct message *msg) goto cleanup; } - memcpy (ie->id_cr + ISAKMP_ID_DATA_OFF, sockaddr_data (src), - sockaddr_len (src)); - memcpy (ie->id_ci + ISAKMP_ID_DATA_OFF, sockaddr_data (dst), - sockaddr_len (dst)); + memcpy (ie->id_cr + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (src), + sockaddr_addrlen (src)); + memcpy (ie->id_ci + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (dst), + sockaddr_addrlen (dst)); } #ifdef USE_POLICY diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index 47ef4eabe4e..72c9b7dffd7 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.58 2001/08/25 22:22:11 niklas Exp $ */ +/* $OpenBSD: ipsec.c,v 1.59 2001/10/26 12:03:07 ho Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -211,14 +211,14 @@ ipsec_sa_check (struct sa *sa, void *v_arg) return 0; sa->transport->vtbl->get_dst (sa->transport, &dst); - if (memcmp (sockaddr_data (dst), sockaddr_data (arg->dst), - sockaddr_len (dst)) == 0) + if (memcmp (sockaddr_addrdata (dst), sockaddr_addrdata (arg->dst), + sockaddr_addrlen (dst)) == 0) incoming = 0; else { sa->transport->vtbl->get_src (sa->transport, &src); - if (memcmp (sockaddr_data (src), sockaddr_data (arg->dst), - sockaddr_len (src)) == 0) + if (memcmp (sockaddr_addrdata (src), sockaddr_addrdata (arg->dst), + sockaddr_addrlen (src)) == 0) incoming = 1; else return 0; @@ -261,14 +261,18 @@ ipsec_sa_check_flow (struct sa *sa, void *v_arg) return 0; return isa->src_net->sa_family == isa2->src_net->sa_family - && memcmp (sockaddr_data (isa->src_net), sockaddr_data (isa2->src_net), - sockaddr_len (isa->src_net)) == 0 - && memcmp (sockaddr_data (isa->src_mask), sockaddr_data (isa2->src_mask), - sockaddr_len (isa->src_mask)) == 0 - && memcmp (sockaddr_data (isa->dst_net), sockaddr_data (isa2->dst_net), - sockaddr_len (isa->dst_net)) == 0 - && memcmp (sockaddr_data (isa->dst_mask), sockaddr_data (isa2->dst_mask), - sockaddr_len (isa->dst_mask)) == 0; + && memcmp (sockaddr_addrdata (isa->src_net), + sockaddr_addrdata (isa2->src_net), + sockaddr_addrlen (isa->src_net)) == 0 + && memcmp (sockaddr_addrdata (isa->src_mask), + sockaddr_addrdata (isa2->src_mask), + sockaddr_addrlen (isa->src_mask)) == 0 + && memcmp (sockaddr_addrdata (isa->dst_net), + sockaddr_addrdata (isa2->dst_net), + sockaddr_addrlen (isa->dst_net)) == 0 + && memcmp (sockaddr_addrdata (isa->dst_mask), + sockaddr_addrdata (isa2->dst_mask), + sockaddr_addrlen (isa->dst_mask)) == 0; } /* @@ -452,21 +456,22 @@ ipsec_set_network (u_int8_t *src_id, u_int8_t *dst_id, struct ipsec_sa *isa) } /* Net */ - memcpy (sockaddr_data (isa->src_net), src_id + ISAKMP_ID_DATA_OFF, - sockaddr_len (isa->src_net)); + memcpy (sockaddr_addrdata (isa->src_net), src_id + ISAKMP_ID_DATA_OFF, + sockaddr_addrlen (isa->src_net)); /* Mask */ switch (id) { case IPSEC_ID_IPV4_ADDR: case IPSEC_ID_IPV6_ADDR: - memset (sockaddr_data (isa->src_mask), 0xff, - sockaddr_len (isa->src_mask)); + memset (sockaddr_addrdata (isa->src_mask), 0xff, + sockaddr_addrlen (isa->src_mask)); break; case IPSEC_ID_IPV4_ADDR_SUBNET: case IPSEC_ID_IPV6_ADDR_SUBNET: - memcpy (sockaddr_data (isa->src_mask), src_id + ISAKMP_ID_DATA_OFF + - sockaddr_len (isa->src_net), sockaddr_len (isa->src_mask)); + memcpy (sockaddr_addrdata (isa->src_mask), src_id + ISAKMP_ID_DATA_OFF + + sockaddr_addrlen (isa->src_net), + sockaddr_addrlen (isa->src_mask)); break; } @@ -515,21 +520,22 @@ ipsec_set_network (u_int8_t *src_id, u_int8_t *dst_id, struct ipsec_sa *isa) } /* Net */ - memcpy (sockaddr_data (isa->dst_net), dst_id + ISAKMP_ID_DATA_OFF, - sockaddr_len (isa->dst_net)); + memcpy (sockaddr_addrdata (isa->dst_net), dst_id + ISAKMP_ID_DATA_OFF, + sockaddr_addrlen (isa->dst_net)); /* Mask */ switch (id) { case IPSEC_ID_IPV4_ADDR: case IPSEC_ID_IPV6_ADDR: - memset (sockaddr_data (isa->dst_mask), 0xff, - sockaddr_len (isa->dst_mask)); + memset (sockaddr_addrdata (isa->dst_mask), 0xff, + sockaddr_addrlen (isa->dst_mask)); break; case IPSEC_ID_IPV4_ADDR_SUBNET: case IPSEC_ID_IPV6_ADDR_SUBNET: - memcpy (sockaddr_data (isa->dst_mask), dst_id + ISAKMP_ID_DATA_OFF + - sockaddr_len (isa->dst_net), sockaddr_len (isa->dst_mask)); + memcpy (sockaddr_addrdata (isa->dst_mask), dst_id + ISAKMP_ID_DATA_OFF + + sockaddr_addrlen (isa->dst_net), + sockaddr_addrlen (isa->dst_mask)); break; } @@ -1969,9 +1975,9 @@ ipsec_build_id (char *section, size_t *sz) if (id == IPSEC_ID_IPV4_ADDR_SUBNET || id == IPSEC_ID_IPV6_ADDR_SUBNET) subnet = 1; - *sz = ISAKMP_ID_SZ + sockaddr_len (addr); + *sz = ISAKMP_ID_SZ + sockaddr_addrlen (addr); if (subnet) - *sz += sockaddr_len (mask); + *sz += sockaddr_addrlen (mask); p = malloc (*sz); if (!p) @@ -1983,10 +1989,11 @@ ipsec_build_id (char *section, size_t *sz) SET_ISAKMP_ID_TYPE (p, id); SET_ISAKMP_ID_DOI_DATA (p, "\000\000\000"); - memcpy (p + ISAKMP_ID_DATA_OFF, sockaddr_data (addr), sockaddr_len (addr)); + memcpy (p + ISAKMP_ID_DATA_OFF, sockaddr_addrdata (addr), + sockaddr_addrlen (addr)); if (subnet) - memcpy (p + ISAKMP_ID_DATA_OFF + sockaddr_len (addr), - sockaddr_data (mask), sockaddr_len (mask)); + memcpy (p + ISAKMP_ID_DATA_OFF + sockaddr_addrlen (addr), + sockaddr_addrdata (mask), sockaddr_addrlen (mask)); SET_IPSEC_ID_PROTO (p + ISAKMP_ID_DOI_DATA_OFF, tproto); SET_IPSEC_ID_PORT (p + ISAKMP_ID_DOI_DATA_OFF, port); diff --git a/sbin/isakmpd/isakmp_cfg.c b/sbin/isakmpd/isakmp_cfg.c index f575687f902..b71f493f608 100644 --- a/sbin/isakmpd/isakmp_cfg.c +++ b/sbin/isakmpd/isakmp_cfg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: isakmp_cfg.c,v 1.6 2001/08/27 03:10:55 deraadt Exp $ */ +/* $OpenBSD: isakmp_cfg.c,v 1.7 2001/10/26 12:03:07 ho Exp $ */ /* * Copyright (c) 2001 Niklas Hallqvist. All rights reserved. @@ -387,7 +387,7 @@ responder_send_ATTR (struct message *msg) break; } - memcpy (attrp + off + ISAKMP_ATTR_VALUE_OFF, sockaddr_data (sa), + memcpy (attrp + off + ISAKMP_ATTR_VALUE_OFF, sockaddr_addrdata (sa), attr->length); free (sa); break; @@ -424,7 +424,7 @@ responder_send_ATTR (struct message *msg) break; } - memcpy (attrp + off + ISAKMP_ATTR_VALUE_OFF, sockaddr_data (sa), + memcpy (attrp + off + ISAKMP_ATTR_VALUE_OFF, sockaddr_addrdata (sa), attr->length); free (sa); break; @@ -449,7 +449,7 @@ responder_send_ATTR (struct message *msg) break; } - memcpy (attrp + off + ISAKMP_ATTR_VALUE_OFF, sockaddr_data (sa), + memcpy (attrp + off + ISAKMP_ATTR_VALUE_OFF, sockaddr_addrdata (sa), attr->length); free (sa); break; diff --git a/sbin/isakmpd/util.c b/sbin/isakmpd/util.c index 9e773835544..27d1d8491c2 100644 --- a/sbin/isakmpd/util.c +++ b/sbin/isakmpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.21 2001/07/03 23:39:01 angelos Exp $ */ +/* $OpenBSD: util.c,v 1.22 2001/10/26 12:03:07 ho Exp $ */ /* $EOM: util.c,v 1.23 2000/11/23 12:22:08 niklas Exp $ */ /* @@ -284,7 +284,7 @@ text2sockaddr (char *address, char *port, struct sockaddr **sa) (*sa)->sa_len = sz; (*sa)->sa_family = af; - if (inet_pton (af, address, sockaddr_data (*sa)) != 1) + if (inet_pton (af, address, sockaddr_addrdata (*sa)) != 1) { free (*sa); return -1; @@ -410,11 +410,11 @@ sockaddr2text (struct sockaddr *sa, char **address, int zflag) } /* - * sockaddr_len and sockaddr_data return the relevant sockaddr info depending - * on address family. Useful to keep other code shorter(/clearer?). + * sockaddr_addrlen and sockaddr_addrdata return the relevant sockaddr info + * depending on address family. Useful to keep other code shorter(/clearer?). */ int -sockaddr_len (struct sockaddr *sa) +sockaddr_addrlen (struct sockaddr *sa) { switch (sa->sa_family) { @@ -423,14 +423,14 @@ sockaddr_len (struct sockaddr *sa) case AF_INET: return sizeof ((struct sockaddr_in *)sa)->sin_addr.s_addr; default: - log_print ("sockaddr_len: unsupported protocol family %d", + log_print ("sockaddr_addrlen: unsupported protocol family %d", sa->sa_family); return 0; } } u_int8_t * -sockaddr_data (struct sockaddr *sa) +sockaddr_addrdata (struct sockaddr *sa) { switch (sa->sa_family) { @@ -439,6 +439,8 @@ sockaddr_data (struct sockaddr *sa) case AF_INET: return (u_int8_t *)&((struct sockaddr_in *)sa)->sin_addr.s_addr; default: + log_print ("sockaddr_addrdata: unsupported protocol family %d", + sa->sa_family); return 0; } } @@ -467,7 +469,7 @@ util_ntoa (char **buf, int af, u_int8_t *addr) case AF_INET6: sfrom->sa_len = sizeof (struct sockaddr_in6); - memcpy (sockaddr_data (sfrom), addr, sizeof (struct in6_addr)); + memcpy (sockaddr_addrdata (sfrom), addr, sizeof (struct in6_addr)); break; } diff --git a/sbin/isakmpd/util.h b/sbin/isakmpd/util.h index bf34f31f890..ca1bb27322b 100644 --- a/sbin/isakmpd/util.h +++ b/sbin/isakmpd/util.h @@ -1,4 +1,4 @@ -/* $OpenBSD: util.h,v 1.12 2001/08/22 08:50:40 niklas Exp $ */ +/* $OpenBSD: util.h,v 1.13 2001/10/26 12:03:07 ho Exp $ */ /* $EOM: util.h,v 1.10 2000/10/24 13:33:39 niklas Exp $ */ /* @@ -66,8 +66,8 @@ extern u_int8_t *getrandom (u_int8_t *, size_t); extern int hex2raw (char *, u_int8_t *, size_t); extern int ones_test (const u_int8_t *, size_t); extern int sockaddr2text (struct sockaddr *, char **, int); -extern u_int8_t *sockaddr_data (struct sockaddr *); -extern int sockaddr_len (struct sockaddr *); +extern u_int8_t *sockaddr_addrdata (struct sockaddr *); +extern int sockaddr_addrlen (struct sockaddr *); extern int text2sockaddr (char *, char *, struct sockaddr **); extern void util_ntoa (char **, int, u_int8_t *); extern int zero_test (const u_int8_t *, size_t); |