diff options
| -rw-r--r-- | sbin/iked/ca.c | 82 | ||||
| -rw-r--r-- | sbin/iked/chap_ms.c | 124 | ||||
| -rw-r--r-- | sbin/iked/chap_ms.h | 26 | ||||
| -rw-r--r-- | sbin/iked/config.c | 47 | ||||
| -rw-r--r-- | sbin/iked/crypto.c | 52 | ||||
| -rw-r--r-- | sbin/iked/dh.c | 53 | ||||
| -rw-r--r-- | sbin/iked/dh.h | 14 | ||||
| -rw-r--r-- | sbin/iked/eap.c | 20 | ||||
| -rw-r--r-- | sbin/iked/eap.h | 58 | ||||
| -rw-r--r-- | sbin/iked/iked.c | 4 | ||||
| -rw-r--r-- | sbin/iked/iked.h | 287 | ||||
| -rw-r--r-- | sbin/iked/ikev1.c | 8 | ||||
| -rw-r--r-- | sbin/iked/ikev2.c | 175 | ||||
| -rw-r--r-- | sbin/iked/ikev2.h | 86 | ||||
| -rw-r--r-- | sbin/iked/ikev2_msg.c | 34 | ||||
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 118 | ||||
| -rw-r--r-- | sbin/iked/imsg_util.c | 4 | ||||
| -rw-r--r-- | sbin/iked/ocsp.c | 6 | ||||
| -rw-r--r-- | sbin/iked/parse.y | 136 | ||||
| -rw-r--r-- | sbin/iked/pfkey.c | 106 | ||||
| -rw-r--r-- | sbin/iked/policy.c | 22 | ||||
| -rw-r--r-- | sbin/iked/proc.c | 37 | ||||
| -rw-r--r-- | sbin/iked/types.h | 14 | ||||
| -rw-r--r-- | sbin/iked/util.c | 52 |
24 files changed, 787 insertions, 778 deletions
diff --git a/sbin/iked/ca.c b/sbin/iked/ca.c index d1eb3dd5e1e..cef15cf8372 100644 --- a/sbin/iked/ca.c +++ b/sbin/iked/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.35 2015/03/26 19:52:35 markus Exp $ */ +/* $OpenBSD: ca.c,v 1.36 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -52,9 +52,9 @@ int ca_reload(struct iked *); int ca_getreq(struct iked *, struct imsg *); int ca_getcert(struct iked *, struct imsg *); int ca_getauth(struct iked *, struct imsg *); -X509 *ca_by_subjectpubkey(X509_STORE *, u_int8_t *, size_t); +X509 *ca_by_subjectpubkey(X509_STORE *, uint8_t *, size_t); X509 *ca_by_issuer(X509_STORE *, X509_NAME *, struct iked_static_id *); -int ca_subjectpubkey_digest(X509 *, u_int8_t *, u_int *); +int ca_subjectpubkey_digest(X509 *, uint8_t *, unsigned int *); int ca_x509_subject_cmp(X509 *, struct iked_static_id *); int ca_validate_pubkey(struct iked *, struct iked_static_id *, void *, size_t); @@ -151,8 +151,8 @@ int ca_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) { struct iked *env = p->p_env; - struct ca_store *store = env->sc_priv; - u_int mode; + struct ca_store *store = env->sc_priv; + unsigned int mode; switch (imsg->hdr.type) { case IMSG_CTL_RESET: @@ -206,7 +206,7 @@ ca_dispatch_ikev2(int fd, struct privsep_proc *p, struct imsg *imsg) int ca_setcert(struct iked *env, struct iked_sahdr *sh, struct iked_id *id, - u_int8_t type, u_int8_t *data, size_t len, enum privsep_procid procid) + uint8_t type, uint8_t *data, size_t len, enum privsep_procid procid) { struct iovec iov[4]; int iovcnt = 0; @@ -249,7 +249,7 @@ ca_setcert(struct iked *env, struct iked_sahdr *sh, struct iked_id *id, int ca_setreq(struct iked *env, struct iked_sahdr *sh, - struct iked_static_id *localid, u_int8_t type, u_int8_t *data, + struct iked_static_id *localid, uint8_t type, uint8_t *data, size_t len, enum privsep_procid procid) { struct iovec iov[4]; @@ -300,7 +300,7 @@ ca_setauth(struct iked *env, struct iked_sa *sa, struct iovec iov[3]; int iovcnt = 3; struct iked_policy *policy = sa->sa_policy; - u_int8_t type = policy->pol_auth.auth_method; + uint8_t type = policy->pol_auth.auth_method; /* switch encoding to IKEV2_AUTH_SIG if SHA2 is supported */ if (sa->sa_sigsha2 && type == IKEV2_AUTH_RSA_SIG) { @@ -336,15 +336,15 @@ int ca_getcert(struct iked *env, struct imsg *imsg) { struct iked_sahdr sh; - u_int8_t type; - u_int8_t *ptr; + uint8_t type; + uint8_t *ptr; size_t len; struct iked_static_id id; - u_int i; + unsigned int i; struct iovec iov[2]; int iovcnt = 2, cmd, ret = 0; - ptr = (u_int8_t *)imsg->data; + ptr = (uint8_t *)imsg->data; len = IMSG_DATA_SIZE(imsg); i = sizeof(id) + sizeof(sh) + sizeof(type); if (len <= i) @@ -354,7 +354,7 @@ ca_getcert(struct iked *env, struct imsg *imsg) if (id.id_type == IKEV2_ID_NONE) return (-1); memcpy(&sh, ptr + sizeof(id), sizeof(sh)); - memcpy(&type, ptr + sizeof(id) + sizeof(sh), sizeof(u_int8_t)); + memcpy(&type, ptr + sizeof(id) + sizeof(sh), sizeof(uint8_t)); ptr += i; len -= i; @@ -396,19 +396,19 @@ ca_getcert(struct iked *env, struct imsg *imsg) int ca_getreq(struct iked *env, struct imsg *imsg) { - struct ca_store *store = env->sc_priv; + struct ca_store *store = env->sc_priv; struct iked_sahdr sh; - u_int8_t type; - u_int8_t *ptr; + uint8_t type; + uint8_t *ptr; size_t len; - u_int i, n; + unsigned int i, n; X509 *ca = NULL, *cert = NULL; struct ibuf *buf; struct iked_static_id id; - ptr = (u_int8_t *)imsg->data; + ptr = (uint8_t *)imsg->data; len = IMSG_DATA_SIZE(imsg); - i = sizeof(id) + sizeof(u_int8_t) + sizeof(sh); + i = sizeof(id) + sizeof(uint8_t) + sizeof(sh); if (len < i || ((len - i) % SHA_DIGEST_LENGTH) != 0) return (-1); @@ -416,7 +416,7 @@ ca_getreq(struct iked *env, struct imsg *imsg) if (id.id_type == IKEV2_ID_NONE) return (-1); memcpy(&sh, ptr + sizeof(id), sizeof(sh)); - memcpy(&type, ptr + sizeof(id) + sizeof(sh), sizeof(u_int8_t)); + memcpy(&type, ptr + sizeof(id) + sizeof(sh), sizeof(uint8_t)); switch (type) { case IKEV2_CERT_RSA_KEY: @@ -470,26 +470,26 @@ ca_getreq(struct iked *env, struct imsg *imsg) int ca_getauth(struct iked *env, struct imsg *imsg) { - struct ca_store *store = env->sc_priv; + struct ca_store *store = env->sc_priv; struct iked_sahdr sh; - u_int8_t method; - u_int8_t *ptr; + uint8_t method; + uint8_t *ptr; size_t len; - u_int i; + unsigned int i; int ret = -1; struct iked_sa sa; struct iked_policy policy; struct iked_id *id; struct ibuf *authmsg; - ptr = (u_int8_t *)imsg->data; + ptr = (uint8_t *)imsg->data; len = IMSG_DATA_SIZE(imsg); i = sizeof(method) + sizeof(sh); if (len <= i) return (-1); memcpy(&sh, ptr, sizeof(sh)); - memcpy(&method, ptr + sizeof(sh), sizeof(u_int8_t)); + memcpy(&method, ptr + sizeof(sh), sizeof(uint8_t)); if (method == IKEV2_AUTH_SHARED_KEY_MIC) return (-1); @@ -530,7 +530,7 @@ int ca_reload(struct iked *env) { struct ca_store *store = env->sc_priv; - u_int8_t md[EVP_MAX_MD_SIZE]; + uint8_t md[EVP_MAX_MD_SIZE]; char file[PATH_MAX]; struct iovec iov[2]; struct dirent *entry; @@ -692,14 +692,14 @@ ca_reload(struct iked *env) } X509 * -ca_by_subjectpubkey(X509_STORE *ctx, u_int8_t *sig, size_t siglen) +ca_by_subjectpubkey(X509_STORE *ctx, uint8_t *sig, size_t siglen) { STACK_OF(X509_OBJECT) *h; X509_OBJECT *xo; X509 *ca; int i; - u_int len; - u_int8_t md[EVP_MAX_MD_SIZE]; + unsigned int len; + uint8_t md[EVP_MAX_MD_SIZE]; h = ctx->objs; @@ -758,9 +758,9 @@ ca_by_issuer(X509_STORE *ctx, X509_NAME *subject, struct iked_static_id *id) } int -ca_subjectpubkey_digest(X509 *x509, u_int8_t *md, u_int *size) +ca_subjectpubkey_digest(X509 *x509, uint8_t *md, unsigned int *size) { - u_int8_t *buf = NULL; + uint8_t *buf = NULL; int buflen; if (*size < SHA_DIGEST_LENGTH) @@ -789,7 +789,7 @@ ca_x509_serialize(X509 *x509) { long len; struct ibuf *buf; - u_int8_t *d = NULL; + uint8_t *d = NULL; BIO *out; if ((out = BIO_new(BIO_s_mem())) == NULL) @@ -810,7 +810,7 @@ int ca_pubkey_serialize(EVP_PKEY *key, struct iked_id *id) { RSA *rsa = NULL; - u_int8_t *d; + uint8_t *d; int len = 0; int ret = -1; @@ -854,7 +854,7 @@ int ca_privkey_serialize(EVP_PKEY *key, struct iked_id *id) { RSA *rsa = NULL; - u_int8_t *d; + uint8_t *d; int len = 0; int ret = -1; @@ -895,11 +895,11 @@ ca_privkey_serialize(EVP_PKEY *key, struct iked_id *id) } char * -ca_asn1_name(u_int8_t *asn1, size_t len) +ca_asn1_name(uint8_t *asn1, size_t len) { X509_NAME *name = NULL; char *str = NULL; - const u_int8_t *p; + const uint8_t *p; p = asn1; if ((name = d2i_X509_NAME(NULL, &p, len)) == NULL) @@ -1214,7 +1214,7 @@ int ca_x509_subject_cmp(X509 *cert, struct iked_static_id *id) { X509_NAME *subject, *idname = NULL; - const u_int8_t *idptr; + const uint8_t *idptr; size_t idlen; int ret = -1; @@ -1269,7 +1269,7 @@ int ca_x509_subjectaltname(X509 *cert, struct iked_id *id) { X509_EXTENSION *san; - u_int8_t sanhdr[4], *data; + uint8_t sanhdr[4], *data; int ext, santype, sanlen; char idstr[IKED_ID_SIZE]; @@ -1289,7 +1289,7 @@ ca_x509_subjectaltname(X509 *cert, struct iked_id *id) } /* This is partially based on isakmpd's x509 subjectaltname code */ - data = (u_int8_t *)san->value->data; + data = (uint8_t *)san->value->data; memcpy(&sanhdr, data, sizeof(sanhdr)); santype = sanhdr[2] & 0x3f; sanlen = sanhdr[3]; @@ -1350,7 +1350,7 @@ ca_sslinit(void) void ca_sslerror(const char *caller) { - u_long error; + unsigned long error; while ((error = ERR_get_error()) != 0) log_warn("%s: %s: %.100s", __func__, caller, diff --git a/sbin/iked/chap_ms.c b/sbin/iked/chap_ms.c index eea7907e3b7..1e03f1de01d 100644 --- a/sbin/iked/chap_ms.c +++ b/sbin/iked/chap_ms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chap_ms.c,v 1.8 2014/11/20 03:48:12 tedu Exp $ */ +/* $OpenBSD: chap_ms.c,v 1.9 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -56,32 +56,32 @@ * "It is unclear to us why this protocol is so complicated." */ -static u_int8_t sha1_pad1[40] = { +static uint8_t sha1_pad1[40] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; -static u_int8_t sha1_pad2[40] = { +static uint8_t sha1_pad2[40] = { 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2 }; -u_int8_t get7bits(u_int8_t *, int); -void mschap_des_addparity(u_int8_t *, u_int8_t *); -void mschap_des_encrypt(u_int8_t *, u_int8_t *, u_int8_t *); -void mschap_challenge_response(u_int8_t *, u_int8_t *, u_int8_t *); +uint8_t get7bits(uint8_t *, int); +void mschap_des_addparity(uint8_t *, uint8_t *); +void mschap_des_encrypt(uint8_t *, uint8_t *, uint8_t *); +void mschap_challenge_response(uint8_t *, uint8_t *, uint8_t *); -u_int8_t -get7bits(u_int8_t *in, int start) +uint8_t +get7bits(uint8_t *in, int start) { - u_int word; + unsigned int word; - word = (u_int)in[start / 8] << 8; - word |= (u_int)in[start / 8 + 1]; + word = (unsigned int)in[start / 8] << 8; + word |= (unsigned int)in[start / 8 + 1]; word >>= 15 - (start % 8 + 7); return (word & 0xfe); @@ -90,7 +90,7 @@ get7bits(u_int8_t *in, int start) /* IN 56 bit DES key missing parity bits OUT 64 bit DES key with parity bits added */ void -mschap_des_addparity(u_int8_t *key, u_int8_t *des_key) +mschap_des_addparity(uint8_t *key, uint8_t *des_key) { des_key[0] = get7bits(key, 0); des_key[1] = get7bits(key, 7); @@ -105,7 +105,7 @@ mschap_des_addparity(u_int8_t *key, u_int8_t *des_key) } void -mschap_des_encrypt(u_int8_t *clear, u_int8_t *key, u_int8_t *cipher) +mschap_des_encrypt(uint8_t *clear, uint8_t *key, uint8_t *cipher) { DES_cblock des_key; DES_key_schedule key_schedule; @@ -118,10 +118,10 @@ mschap_des_encrypt(u_int8_t *clear, u_int8_t *key, u_int8_t *cipher) } void -mschap_challenge_response(u_int8_t *challenge, u_int8_t *pwhash, - u_int8_t *response) +mschap_challenge_response(uint8_t *challenge, uint8_t *pwhash, + uint8_t *response) { - u_int8_t padpwhash[21 + 1]; + uint8_t padpwhash[21 + 1]; bzero(&padpwhash, sizeof(padpwhash)); memcpy(padpwhash, pwhash, MSCHAP_HASH_SZ); @@ -132,10 +132,10 @@ mschap_challenge_response(u_int8_t *challenge, u_int8_t *pwhash, } void -mschap_ntpassword_hash(u_int8_t *in, int inlen, u_int8_t *hash) +mschap_ntpassword_hash(uint8_t *in, int inlen, uint8_t *hash) { EVP_MD_CTX ctx; - u_int mdlen; + unsigned int mdlen; EVP_DigestInit(&ctx, EVP_md4()); EVP_DigestUpdate(&ctx, in, inlen); @@ -143,13 +143,13 @@ mschap_ntpassword_hash(u_int8_t *in, int inlen, u_int8_t *hash) } void -mschap_challenge_hash(u_int8_t *peer_challenge, u_int8_t *auth_challenge, - u_int8_t *username, int usernamelen, u_int8_t *challenge) +mschap_challenge_hash(uint8_t *peer_challenge, uint8_t *auth_challenge, + uint8_t *username, int usernamelen, uint8_t *challenge) { EVP_MD_CTX ctx; - u_int8_t md[SHA_DIGEST_LENGTH]; - u_int mdlen; - u_int8_t *name; + uint8_t md[SHA_DIGEST_LENGTH]; + unsigned int mdlen; + uint8_t *name; if ((name = strrchr(username, '\\')) == NULL) name = username; @@ -166,12 +166,12 @@ mschap_challenge_hash(u_int8_t *peer_challenge, u_int8_t *auth_challenge, } void -mschap_nt_response(u_int8_t *auth_challenge, u_int8_t *peer_challenge, - u_int8_t *username, int usernamelen, u_int8_t *password, int passwordlen, - u_int8_t *response) +mschap_nt_response(uint8_t *auth_challenge, uint8_t *peer_challenge, + uint8_t *username, int usernamelen, uint8_t *password, int passwordlen, + uint8_t *response) { - u_int8_t challenge[MSCHAP_CHALLENGE_SZ]; - u_int8_t password_hash[MSCHAP_HASH_SZ]; + uint8_t challenge[MSCHAP_CHALLENGE_SZ]; + uint8_t password_hash[MSCHAP_HASH_SZ]; mschap_challenge_hash(peer_challenge, auth_challenge, username, usernamelen, challenge); @@ -181,25 +181,25 @@ mschap_nt_response(u_int8_t *auth_challenge, u_int8_t *peer_challenge, } void -mschap_auth_response(u_int8_t *password, int passwordlen, - u_int8_t *ntresponse, u_int8_t *auth_challenge, u_int8_t *peer_challenge, - u_int8_t *username, int usernamelen, u_int8_t *auth_response) +mschap_auth_response(uint8_t *password, int passwordlen, + uint8_t *ntresponse, uint8_t *auth_challenge, uint8_t *peer_challenge, + uint8_t *username, int usernamelen, uint8_t *auth_response) { EVP_MD_CTX ctx; - u_int8_t password_hash[MSCHAP_HASH_SZ]; - u_int8_t password_hash2[MSCHAP_HASH_SZ]; - u_int8_t challenge[MSCHAP_CHALLENGE_SZ]; - u_int8_t md[SHA_DIGEST_LENGTH], *ptr; - u_int mdlen; + uint8_t password_hash[MSCHAP_HASH_SZ]; + uint8_t password_hash2[MSCHAP_HASH_SZ]; + uint8_t challenge[MSCHAP_CHALLENGE_SZ]; + uint8_t md[SHA_DIGEST_LENGTH], *ptr; + unsigned int mdlen; int i; - const u_int8_t hex[] = "0123456789ABCDEF"; - static u_int8_t magic1[39] = { + const uint8_t hex[] = "0123456789ABCDEF"; + static uint8_t magic1[39] = { 0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74 }; - static u_int8_t magic2[41] = { + static uint8_t magic2[41] = { 0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B, 0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F, 0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E, @@ -242,13 +242,13 @@ mschap_auth_response(u_int8_t *password, int passwordlen, } void -mschap_masterkey(u_int8_t *password_hash2, u_int8_t *ntresponse, - u_int8_t *masterkey) +mschap_masterkey(uint8_t *password_hash2, uint8_t *ntresponse, + uint8_t *masterkey) { - u_int8_t md[SHA_DIGEST_LENGTH]; - u_int mdlen; + uint8_t md[SHA_DIGEST_LENGTH]; + unsigned int mdlen; EVP_MD_CTX ctx; - static u_int8_t magic1[27] = { + static uint8_t magic1[27] = { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79 @@ -264,14 +264,14 @@ mschap_masterkey(u_int8_t *password_hash2, u_int8_t *ntresponse, } void -mschap_asymetric_startkey(u_int8_t *masterkey, u_int8_t *sessionkey, +mschap_asymetric_startkey(uint8_t *masterkey, uint8_t *sessionkey, int sessionkeylen, int issend, int isserver) { EVP_MD_CTX ctx; - u_int8_t md[SHA_DIGEST_LENGTH]; - u_int mdlen; - u_int8_t *s; - static u_int8_t magic2[84] = { + uint8_t md[SHA_DIGEST_LENGTH]; + unsigned int mdlen; + uint8_t *s; + static uint8_t magic2[84] = { 0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, @@ -282,7 +282,7 @@ mschap_asymetric_startkey(u_int8_t *masterkey, u_int8_t *sessionkey, 0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x2e }; - static u_int8_t magic3[84] = { + static uint8_t magic3[84] = { 0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, @@ -310,14 +310,14 @@ mschap_asymetric_startkey(u_int8_t *masterkey, u_int8_t *sessionkey, } void -mschap_msk(u_int8_t *password, int passwordlen, - u_int8_t *ntresponse, u_int8_t *msk) +mschap_msk(uint8_t *password, int passwordlen, + uint8_t *ntresponse, uint8_t *msk) { - u_int8_t password_hash[MSCHAP_HASH_SZ]; - u_int8_t password_hash2[MSCHAP_HASH_SZ]; - u_int8_t masterkey[MSCHAP_MASTERKEY_SZ]; - u_int8_t sendkey[MSCHAP_MASTERKEY_SZ]; - u_int8_t recvkey[MSCHAP_MASTERKEY_SZ]; + uint8_t password_hash[MSCHAP_HASH_SZ]; + uint8_t password_hash2[MSCHAP_HASH_SZ]; + uint8_t masterkey[MSCHAP_MASTERKEY_SZ]; + uint8_t sendkey[MSCHAP_MASTERKEY_SZ]; + uint8_t recvkey[MSCHAP_MASTERKEY_SZ]; mschap_ntpassword_hash(password, passwordlen, password_hash); mschap_ntpassword_hash(password_hash, MSCHAP_HASH_SZ, password_hash2); @@ -333,12 +333,12 @@ mschap_msk(u_int8_t *password, int passwordlen, } void -mschap_radiuskey(u_int8_t *plain, const u_int8_t *crypted, - const u_int8_t *authenticator, const u_int8_t *secret) +mschap_radiuskey(uint8_t *plain, const uint8_t *crypted, + const uint8_t *authenticator, const uint8_t *secret) { EVP_MD_CTX ctx; - u_int8_t b[MD5_DIGEST_LENGTH], p[32]; - u_int i, mdlen; + uint8_t b[MD5_DIGEST_LENGTH], p[32]; + unsigned int i, mdlen; EVP_DigestInit(&ctx, EVP_md5()); EVP_DigestUpdate(&ctx, secret, strlen(secret)); diff --git a/sbin/iked/chap_ms.h b/sbin/iked/chap_ms.h index d78d335170a..53b3adb2da1 100644 --- a/sbin/iked/chap_ms.h +++ b/sbin/iked/chap_ms.h @@ -1,4 +1,4 @@ -/* $OpenBSD: chap_ms.h,v 1.5 2015/06/11 18:49:09 reyk Exp $ */ +/* $OpenBSD: chap_ms.h,v 1.6 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -29,19 +29,19 @@ #define MSCHAP_MAXNTPASSWORD_SZ 255 /* unicode chars */ -void mschap_nt_response(u_int8_t *, u_int8_t *, u_int8_t *, int, - u_int8_t *, int , u_int8_t *); -void mschap_auth_response(u_int8_t *, int, u_int8_t *, u_int8_t *, - u_int8_t *, u_int8_t *, int, u_int8_t *); +void mschap_nt_response(uint8_t *, uint8_t *, uint8_t *, int, + uint8_t *, int , uint8_t *); +void mschap_auth_response(uint8_t *, int, uint8_t *, uint8_t *, + uint8_t *, uint8_t *, int, uint8_t *); -void mschap_ntpassword_hash(u_int8_t *, int, u_int8_t *); -void mschap_challenge_hash(u_int8_t *, u_int8_t *, u_int8_t *, - int, u_int8_t *); +void mschap_ntpassword_hash(uint8_t *, int, uint8_t *); +void mschap_challenge_hash(uint8_t *, uint8_t *, uint8_t *, + int, uint8_t *); -void mschap_asymetric_startkey(u_int8_t *, u_int8_t *, int, int, int); -void mschap_masterkey(u_int8_t *, u_int8_t *, u_int8_t *); -void mschap_radiuskey(u_int8_t *, const u_int8_t *, const u_int8_t *, - const u_int8_t *); -void mschap_msk(u_int8_t *, int, u_int8_t *, u_int8_t *); +void mschap_asymetric_startkey(uint8_t *, uint8_t *, int, int, int); +void mschap_masterkey(uint8_t *, uint8_t *, uint8_t *); +void mschap_radiuskey(uint8_t *, const uint8_t *, const uint8_t *, + const uint8_t *); +void mschap_msk(uint8_t *, int, uint8_t *, uint8_t *); #endif /* CHAP_MS_H */ diff --git a/sbin/iked/config.c b/sbin/iked/config.c index 0e05d8f0361..b0d395ce5fe 100644 --- a/sbin/iked/config.c +++ b/sbin/iked/config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: config.c,v 1.36 2015/07/07 19:13:31 markus Exp $ */ +/* $OpenBSD: config.c,v 1.37 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -61,10 +61,10 @@ config_new_sa(struct iked *env, int initiator) return (sa); } -u_int64_t +uint64_t config_getspi(void) { - u_int64_t spi; + uint64_t spi; do { arc4random_buf(&spi, sizeof spi); @@ -194,7 +194,8 @@ config_free_policy(struct iked *env, struct iked_policy *pol) } struct iked_proposal * -config_add_proposal(struct iked_proposals *head, u_int id, u_int proto) +config_add_proposal(struct iked_proposals *head, unsigned int id, + unsigned int proto) { struct iked_proposal *pp; @@ -216,7 +217,7 @@ config_add_proposal(struct iked_proposals *head, u_int id, u_int proto) } void -config_free_proposals(struct iked_proposals *head, u_int proto) +config_free_proposals(struct iked_proposals *head, unsigned int proto) { struct iked_proposal *prop, *next; @@ -283,13 +284,13 @@ config_free_childsas(struct iked *env, struct iked_childsas *head, } struct iked_transform * -config_add_transform(struct iked_proposal *prop, u_int type, - u_int id, u_int length, u_int keylength) +config_add_transform(struct iked_proposal *prop, unsigned int type, + unsigned int id, unsigned int length, unsigned int keylength) { struct iked_transform *xform; struct iked_constmap *map = NULL; int score = 1; - u_int i; + unsigned int i; switch (type) { case IKEV2_XFORMTYPE_ENCR: @@ -358,12 +359,12 @@ config_add_transform(struct iked_proposal *prop, u_int type, } struct iked_transform * -config_findtransform(struct iked_proposals *props, u_int8_t type, - u_int proto) +config_findtransform(struct iked_proposals *props, uint8_t type, + unsigned int proto) { struct iked_proposal *prop; struct iked_transform *xform; - u_int i; + unsigned int i; /* Search of the first transform with the desired type */ TAILQ_FOREACH(prop, props, prop_entry) { @@ -409,9 +410,9 @@ config_new_user(struct iked *env, struct iked_user *new) */ int -config_setcoupled(struct iked *env, u_int couple) +config_setcoupled(struct iked *env, unsigned int couple) { - u_int type; + unsigned int type; type = couple ? IMSG_CTL_COUPLE : IMSG_CTL_DECOUPLE; proc_compose_imsg(&env->sc_ps, PROC_IKEV1, -1, type, -1, NULL, 0); @@ -421,16 +422,16 @@ config_setcoupled(struct iked *env, u_int couple) } int -config_getcoupled(struct iked *env, u_int type) +config_getcoupled(struct iked *env, unsigned int type) { return (pfkey_couple(env->sc_pfkey, &env->sc_sas, type == IMSG_CTL_COUPLE ? 1 : 0)); } int -config_setmode(struct iked *env, u_int passive) +config_setmode(struct iked *env, unsigned int passive) { - u_int type; + unsigned int type; type = passive ? IMSG_CTL_PASSIVE : IMSG_CTL_ACTIVE; proc_compose_imsg(&env->sc_ps, PROC_IKEV1, -1, type, -1, NULL, 0); @@ -440,10 +441,10 @@ config_setmode(struct iked *env, u_int passive) } int -config_getmode(struct iked *env, u_int type) +config_getmode(struct iked *env, unsigned int type) { - u_int8_t old; - u_char *mode[] = { "active", "passive" }; + uint8_t old; + unsigned char *mode[] = { "active", "passive" }; old = env->sc_passive ? 1 : 0; env->sc_passive = type == IMSG_CTL_PASSIVE ? 1 : 0; @@ -458,7 +459,7 @@ config_getmode(struct iked *env, u_int type) } int -config_setreset(struct iked *env, u_int mode, enum privsep_procid id) +config_setreset(struct iked *env, unsigned int mode, enum privsep_procid id) { proc_compose_imsg(&env->sc_ps, id, -1, IMSG_CTL_RESET, -1, &mode, sizeof(mode)); @@ -471,7 +472,7 @@ config_getreset(struct iked *env, struct imsg *imsg) struct iked_policy *pol, *nextpol; struct iked_sa *sa, *nextsa; struct iked_user *usr, *nextusr; - u_int mode; + unsigned int mode; IMSG_SIZE_CHECK(imsg, &mode); memcpy(&mode, imsg->data, sizeof(mode)); @@ -679,8 +680,8 @@ config_getpolicy(struct iked *env, struct imsg *imsg) struct iked_transform xf, *xform; struct iked_flow *flow; off_t offset = 0; - u_int i, j; - u_int8_t *buf = (u_int8_t *)imsg->data; + unsigned int i, j; + uint8_t *buf = (uint8_t *)imsg->data; IMSG_SIZE_CHECK(imsg, pol); log_debug("%s: received policy", __func__); diff --git a/sbin/iked/crypto.c b/sbin/iked/crypto.c index 3c694a7a96d..c956e79ff8e 100644 --- a/sbin/iked/crypto.c +++ b/sbin/iked/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.17 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: crypto.c,v 1.18 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -40,22 +40,22 @@ #include "ikev2.h" /* RFC 7427, A.1 */ -static const u_int8_t sha256WithRSAEncryption[] = { +static const uint8_t sha256WithRSAEncryption[] = { 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00 }; -static const u_int8_t sha384WithRSAEncryption[] = { +static const uint8_t sha384WithRSAEncryption[] = { 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c, 0x05, 0x00 }; -static const u_int8_t sha512WithRSAEncryption[] = { +static const uint8_t sha512WithRSAEncryption[] = { 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00 }; struct { - u_int8_t sc_len; - const u_int8_t *sc_oid; + uint8_t sc_len; + const uint8_t *sc_oid; const EVP_MD *(*sc_md)(void); } schemes[] = { { sizeof(sha256WithRSAEncryption), @@ -66,12 +66,12 @@ struct { sha512WithRSAEncryption, EVP_sha512 }, }; -int _dsa_verify_init(struct iked_dsa *, const u_int8_t *, size_t); -size_t _dsa_verify_offset(struct iked_dsa *, u_int8_t *); -int _dsa_sign_encode(struct iked_dsa *, u_int8_t *, size_t *); +int _dsa_verify_init(struct iked_dsa *, const uint8_t *, size_t); +size_t _dsa_verify_offset(struct iked_dsa *, uint8_t *); +int _dsa_sign_encode(struct iked_dsa *, uint8_t *, size_t *); struct iked_hash * -hash_new(u_int8_t type, u_int16_t id) +hash_new(uint8_t type, uint16_t id) { struct iked_hash *hash; const EVP_MD *md = NULL; @@ -229,7 +229,7 @@ hash_update(struct iked_hash *hash, void *buf, size_t len) void hash_final(struct iked_hash *hash, void *buf, size_t *len) { - u_int length = 0; + unsigned int length = 0; HMAC_Final(hash->hash_ctx, buf, &length); *len = (size_t)length; @@ -254,7 +254,7 @@ hash_keylength(struct iked_hash *hash) } struct iked_cipher * -cipher_new(u_int8_t type, u_int16_t id, u_int16_t id_length) +cipher_new(uint8_t type, uint16_t id, uint16_t id_length) { struct iked_cipher *encr; const EVP_CIPHER *cipher = NULL; @@ -466,7 +466,7 @@ cipher_outlength(struct iked_cipher *encr, size_t inlen) } struct iked_dsa * -dsa_new(u_int16_t id, struct iked_hash *prf, int sign) +dsa_new(uint16_t id, struct iked_hash *prf, int sign) { struct iked_dsa *dsap = NULL, dsa; @@ -536,13 +536,13 @@ dsa_new(u_int16_t id, struct iked_hash *prf, int sign) } struct iked_dsa * -dsa_sign_new(u_int16_t id, struct iked_hash *prf) +dsa_sign_new(uint16_t id, struct iked_hash *prf) { return (dsa_new(id, prf, 1)); } struct iked_dsa * -dsa_verify_new(u_int16_t id, struct iked_hash *prf) +dsa_verify_new(uint16_t id, struct iked_hash *prf) { return (dsa_new(id, prf, 0)); } @@ -568,7 +568,7 @@ dsa_free(struct iked_dsa *dsa) } struct ibuf * -dsa_setkey(struct iked_dsa *dsa, void *key, size_t keylen, u_int8_t type) +dsa_setkey(struct iked_dsa *dsa, void *key, size_t keylen, uint8_t type) { BIO *rawcert = NULL; X509 *cert = NULL; @@ -640,9 +640,9 @@ dsa_setkey(struct iked_dsa *dsa, void *key, size_t keylen, u_int8_t type) } int -_dsa_verify_init(struct iked_dsa *dsa, const u_int8_t *sig, size_t len) +_dsa_verify_init(struct iked_dsa *dsa, const uint8_t *sig, size_t len) { - u_int8_t oidlen; + uint8_t oidlen; size_t i; if (dsa->dsa_priv != NULL) @@ -725,7 +725,7 @@ dsa_update(struct iked_dsa *dsa, const void *buf, size_t len) /* Prefix signature hash with encoded type */ int -_dsa_sign_encode(struct iked_dsa *dsa, u_int8_t *ptr, size_t *offp) +_dsa_sign_encode(struct iked_dsa *dsa, uint8_t *ptr, size_t *offp) { if (offp) *offp = 0; @@ -758,9 +758,9 @@ dsa_length(struct iked_dsa *dsa) ssize_t dsa_sign_final(struct iked_dsa *dsa, void *buf, size_t len) { - u_int siglen; - size_t off = 0; - u_int8_t *ptr = buf; + unsigned int siglen; + size_t off = 0; + uint8_t *ptr = buf; if (len < dsa_length(dsa)) return (-1); @@ -781,7 +781,7 @@ dsa_sign_final(struct iked_dsa *dsa, void *buf, size_t len) } size_t -_dsa_verify_offset(struct iked_dsa *dsa, u_int8_t *ptr) +_dsa_verify_offset(struct iked_dsa *dsa, uint8_t *ptr) { /* * XXX assumes that _dsa_verify_init() has already checked @@ -795,9 +795,9 @@ _dsa_verify_offset(struct iked_dsa *dsa, u_int8_t *ptr) ssize_t dsa_verify_final(struct iked_dsa *dsa, void *buf, size_t len) { - u_int8_t sig[EVP_MAX_MD_SIZE]; - u_int siglen = sizeof(sig); - u_int8_t *ptr = buf; + uint8_t sig[EVP_MAX_MD_SIZE]; + unsigned int siglen = sizeof(sig); + uint8_t *ptr = buf; size_t off = 0; if (dsa->dsa_hmac) { diff --git a/sbin/iked/dh.c b/sbin/iked/dh.c index 5c5ae383fe5..a3c462ff292 100644 --- a/sbin/iked/dh.c +++ b/sbin/iked/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.16 2015/01/16 06:39:58 deraadt Exp $ */ +/* $OpenBSD: dh.c,v 1.17 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2014 Reyk Floeter <reyk@openbsd.org> @@ -32,32 +32,33 @@ int dh_init(struct group *); /* MODP */ int modp_init(struct group *); int modp_getlen(struct group *); -int modp_create_exchange(struct group *, u_int8_t *); -int modp_create_shared(struct group *, u_int8_t *, u_int8_t *); +int modp_create_exchange(struct group *, uint8_t *); +int modp_create_shared(struct group *, uint8_t *, uint8_t *); /* EC2N/ECP */ int ec_init(struct group *); int ec_getlen(struct group *); -int ec_create_exchange(struct group *, u_int8_t *); -int ec_create_shared(struct group *, u_int8_t *, u_int8_t *); +int ec_create_exchange(struct group *, uint8_t *); +int ec_create_shared(struct group *, uint8_t *, uint8_t *); -int ec_point2raw(struct group *, const EC_POINT *, u_int8_t *, size_t); +int ec_point2raw(struct group *, const EC_POINT *, uint8_t *, size_t); EC_POINT * - ec_raw2point(struct group *, u_int8_t *, size_t); + ec_raw2point(struct group *, uint8_t *, size_t); /* curve25519 */ int ec25519_init(struct group *); int ec25519_getlen(struct group *); -int ec25519_create_exchange(struct group *, u_int8_t *); -int ec25519_create_shared(struct group *, u_int8_t *, u_int8_t *); +int ec25519_create_exchange(struct group *, uint8_t *); +int ec25519_create_shared(struct group *, uint8_t *, uint8_t *); #define CURVE25519_SIZE 32 /* 256 bits */ struct curve25519_key { - u_int8_t secret[CURVE25519_SIZE]; - u_int8_t public[CURVE25519_SIZE]; + uint8_t secret[CURVE25519_SIZE]; + uint8_t public[CURVE25519_SIZE]; }; -extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], - const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) +extern int crypto_scalarmult_curve25519(unsigned char a[CURVE25519_SIZE], + const unsigned char b[CURVE25519_SIZE], + const unsigned char c[CURVE25519_SIZE]) __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 3, CURVE25519_SIZE))); @@ -333,11 +334,11 @@ group_free(struct group *group) } struct group * -group_get(u_int32_t id) +group_get(uint32_t id) { struct group_id *p = NULL; struct group *group; - u_int i, items; + unsigned int i, items; items = sizeof(ike_groups) / sizeof(ike_groups[0]); for (i = 0; i < items; i++) { @@ -401,13 +402,13 @@ dh_getlen(struct group *group) } int -dh_create_exchange(struct group *group, u_int8_t *buf) +dh_create_exchange(struct group *group, uint8_t *buf) { return (group->exchange(group, buf)); } int -dh_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) +dh_create_shared(struct group *group, uint8_t *secret, uint8_t *exchange) { return (group->shared(group, secret, exchange)); } @@ -437,7 +438,7 @@ modp_getlen(struct group *group) } int -modp_create_exchange(struct group *group, u_int8_t *buf) +modp_create_exchange(struct group *group, uint8_t *buf) { DH *dh = group->dh; int len, ret; @@ -460,7 +461,7 @@ modp_create_exchange(struct group *group, u_int8_t *buf) } int -modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) +modp_create_shared(struct group *group, uint8_t *secret, uint8_t *exchange) { BIGNUM *ex; int len, ret; @@ -508,7 +509,7 @@ ec_getlen(struct group *group) } int -ec_create_exchange(struct group *group, u_int8_t *buf) +ec_create_exchange(struct group *group, uint8_t *buf) { size_t len; @@ -520,7 +521,7 @@ ec_create_exchange(struct group *group, u_int8_t *buf) } int -ec_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) +ec_create_shared(struct group *group, uint8_t *secret, uint8_t *exchange) { const EC_GROUP *ecgroup = NULL; const BIGNUM *privkey; @@ -568,7 +569,7 @@ ec_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) int ec_point2raw(struct group *group, const EC_POINT *point, - u_int8_t *buf, size_t len) + uint8_t *buf, size_t len) { const EC_GROUP *ecgroup = NULL; BN_CTX *bnctx = NULL; @@ -627,7 +628,7 @@ ec_point2raw(struct group *group, const EC_POINT *point, } EC_POINT * -ec_raw2point(struct group *group, u_int8_t *buf, size_t len) +ec_raw2point(struct group *group, uint8_t *buf, size_t len) { const EC_GROUP *ecgroup = NULL; EC_POINT *point = NULL; @@ -687,7 +688,7 @@ ec_raw2point(struct group *group, u_int8_t *buf, size_t len) int ec25519_init(struct group *group) { - static const u_int8_t basepoint[CURVE25519_SIZE] = { 9 }; + static const uint8_t basepoint[CURVE25519_SIZE] = { 9 }; struct curve25519_key *curve25519; if ((curve25519 = calloc(1, sizeof(*curve25519))) == NULL) @@ -711,7 +712,7 @@ ec25519_getlen(struct group *group) } int -ec25519_create_exchange(struct group *group, u_int8_t *buf) +ec25519_create_exchange(struct group *group, uint8_t *buf) { struct curve25519_key *curve25519 = group->curve25519; @@ -720,7 +721,7 @@ ec25519_create_exchange(struct group *group, u_int8_t *buf) } int -ec25519_create_shared(struct group *group, u_int8_t *shared, u_int8_t *public) +ec25519_create_shared(struct group *group, uint8_t *shared, uint8_t *public) { struct curve25519_key *curve25519 = group->curve25519; diff --git a/sbin/iked/dh.h b/sbin/iked/dh.h index 8f04e33f831..e5b825cb64e 100644 --- a/sbin/iked/dh.h +++ b/sbin/iked/dh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.h,v 1.8 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: dh.h,v 1.9 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -28,7 +28,7 @@ enum group_type { struct group_id { enum group_type type; - u_int id; + unsigned int id; int bits; char *prime; char *generator; @@ -45,18 +45,18 @@ struct group { int (*init)(struct group *); int (*getlen)(struct group *); - int (*exchange)(struct group *, u_int8_t *); - int (*shared)(struct group *, u_int8_t *, u_int8_t *); + int (*exchange)(struct group *, uint8_t *); + int (*shared)(struct group *, uint8_t *, uint8_t *); }; #define DH_MAXSZ 1024 /* 8192 bits */ void group_init(void); void group_free(struct group *); -struct group *group_get(u_int32_t); +struct group *group_get(uint32_t); int dh_getlen(struct group *); -int dh_create_exchange(struct group *, u_int8_t *); -int dh_create_shared(struct group *, u_int8_t *, u_int8_t *); +int dh_create_exchange(struct group *, uint8_t *); +int dh_create_shared(struct group *, uint8_t *, uint8_t *); #endif /* DH_GROUP_H */ diff --git a/sbin/iked/eap.c b/sbin/iked/eap.c index a947a5dcd35..a7764b1411d 100644 --- a/sbin/iked/eap.c +++ b/sbin/iked/eap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eap.c,v 1.13 2015/02/06 10:39:01 deraadt Exp $ */ +/* $OpenBSD: eap.c,v 1.14 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -66,9 +66,9 @@ eap_identity_request(struct ibuf *e) char * eap_identity_response(struct eap_message *eap) { - size_t len; - char *str; - u_int8_t *ptr = (u_int8_t *)eap; + size_t len; + char *str; + uint8_t *ptr = (uint8_t *)eap; len = betoh16(eap->eap_length) - sizeof(*eap); ptr += sizeof(*eap); @@ -172,11 +172,11 @@ eap_mschap(struct iked *env, struct iked_sa *sa, struct eap_message *eap) struct eap_mschap_peer *msp; struct eap_mschap *ms; struct eap_mschap_success *mss; - u_int8_t *ptr, *pass; + uint8_t *ptr, *pass; size_t len, passlen; char *name, *msg; - u_int8_t ntresponse[EAP_MSCHAP_NTRESPONSE_SZ]; - u_int8_t successmsg[EAP_MSCHAP_SUCCESS_SZ]; + uint8_t ntresponse[EAP_MSCHAP_NTRESPONSE_SZ]; + uint8_t successmsg[EAP_MSCHAP_SUCCESS_SZ]; struct ibuf *eapmsg = NULL; int ret = -1; @@ -203,7 +203,7 @@ eap_mschap(struct iked *env, struct iked_sa *sa, struct eap_message *eap) } ms = (struct eap_mschap *)(eap + 1); - ptr = (u_int8_t *)(eap + 1); + ptr = (uint8_t *)(eap + 1); switch (ms->ms_opcode) { case EAP_MSOPCODE_RESPONSE: @@ -331,7 +331,7 @@ eap_parse(struct iked *env, struct iked_sa *sa, void *data, int response) struct eap_header *hdr = data; struct eap_message *eap = data; size_t len; - u_int8_t *ptr; + uint8_t *ptr; struct eap_mschap *ms; struct eap_mschap_challenge *msc; struct eap_mschap_response *msr; @@ -341,7 +341,7 @@ eap_parse(struct iked *env, struct iked_sa *sa, void *data, int response) /* length is already verified by the caller */ len = betoh16(hdr->eap_length); - ptr = (u_int8_t *)(eap + 1); + ptr = (uint8_t *)(eap + 1); switch (hdr->eap_code) { case EAP_CODE_REQUEST: diff --git a/sbin/iked/eap.h b/sbin/iked/eap.h index 799750cbfe5..cc567eaaa53 100644 --- a/sbin/iked/eap.h +++ b/sbin/iked/eap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: eap.h,v 1.4 2015/06/11 18:49:09 reyk Exp $ */ +/* $OpenBSD: eap.h,v 1.5 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -20,16 +20,16 @@ #define IKED_EAP_H struct eap_header { - u_int8_t eap_code; - u_int8_t eap_id; - u_int16_t eap_length; + uint8_t eap_code; + uint8_t eap_id; + uint16_t eap_length; } __packed; struct eap_message { - u_int8_t eap_code; - u_int8_t eap_id; - u_int16_t eap_length; - u_int8_t eap_type; + uint8_t eap_code; + uint8_t eap_id; + uint16_t eap_length; + uint8_t eap_type; /* Followed by type-specific data */ } __packed; @@ -114,48 +114,48 @@ extern struct iked_constmap eap_type_map[]; extern struct iked_constmap eap_msopcode_map[]; struct eap_mschap { - u_int8_t ms_opcode; + uint8_t ms_opcode; } __packed; struct eap_mschap_challenge { - u_int8_t msc_opcode; - u_int8_t msc_id; - u_int16_t msc_length; - u_int8_t msc_valuesize; - u_int8_t msc_challenge[EAP_MSCHAP_CHALLENGE_SZ]; + uint8_t msc_opcode; + uint8_t msc_id; + uint16_t msc_length; + uint8_t msc_valuesize; + uint8_t msc_challenge[EAP_MSCHAP_CHALLENGE_SZ]; /* Followed by variable-size name field */ } __packed; struct eap_mschap_peer { - u_int8_t msp_challenge[EAP_MSCHAP_CHALLENGE_SZ]; - u_int8_t msp_reserved[8]; - u_int8_t msp_ntresponse[EAP_MSCHAP_NTRESPONSE_SZ]; - u_int8_t msp_flags; + uint8_t msp_challenge[EAP_MSCHAP_CHALLENGE_SZ]; + uint8_t msp_reserved[8]; + uint8_t msp_ntresponse[EAP_MSCHAP_NTRESPONSE_SZ]; + uint8_t msp_flags; }; struct eap_mschap_response { - u_int8_t msr_opcode; - u_int8_t msr_id; - u_int16_t msr_length; - u_int8_t msr_valuesize; + uint8_t msr_opcode; + uint8_t msr_id; + uint16_t msr_length; + uint8_t msr_valuesize; union { - u_int8_t resp_data[EAP_MSCHAP_RESPONSE_SZ]; + uint8_t resp_data[EAP_MSCHAP_RESPONSE_SZ]; struct eap_mschap_peer resp_peer; } msr_response; /* Followed by variable-size name field */ } __packed; struct eap_mschap_success { - u_int8_t mss_opcode; - u_int8_t mss_id; - u_int16_t mss_length; + uint8_t mss_opcode; + uint8_t mss_id; + uint16_t mss_length; /* Followed by variable-size success message */ } __packed; struct eap_mschap_failure { - u_int8_t msf_opcode; - u_int8_t msf_id; - u_int16_t msf_length; + uint8_t msf_opcode; + uint8_t msf_id; + uint16_t msf_length; /* Followed by variable-size message field */ } __packed; diff --git a/sbin/iked/iked.c b/sbin/iked/iked.c index 9a9c7cdf1e4..b74251a853f 100644 --- a/sbin/iked/iked.c +++ b/sbin/iked/iked.c @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.c,v 1.24 2015/06/03 02:24:36 millert Exp $ */ +/* $OpenBSD: iked.c,v 1.25 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -362,7 +362,7 @@ parent_dispatch_ca(int fd, struct privsep_proc *p, struct imsg *imsg) struct iked *env = p->p_ps->ps_env; int v; char *str = NULL; - u_int type = imsg->hdr.type; + unsigned int type = imsg->hdr.type; switch (type) { case IMSG_CTL_RESET: diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index c6561ffe937..5138a3b4ccb 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.87 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: iked.h,v 1.88 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -33,14 +33,14 @@ */ struct ike_header { - u_int64_t ike_ispi; /* Initiator cookie */ - u_int64_t ike_rspi; /* Responder cookie */ - u_int8_t ike_nextpayload; /* Next payload type */ - u_int8_t ike_version; /* Major/Minor version number */ - u_int8_t ike_exchange; /* Exchange type */ - u_int8_t ike_flags; /* Message options */ - u_int32_t ike_msgid; /* Message identifier */ - u_int32_t ike_length; /* Total message length */ + uint64_t ike_ispi; /* Initiator cookie */ + uint64_t ike_rspi; /* Responder cookie */ + uint8_t ike_nextpayload; /* Next payload type */ + uint8_t ike_version; /* Major/Minor version number */ + uint8_t ike_exchange; /* Exchange type */ + uint8_t ike_flags; /* Message options */ + uint32_t ike_msgid; /* Message identifier */ + uint32_t ike_length; /* Total message length */ } __packed; /* @@ -88,7 +88,7 @@ TAILQ_HEAD(control_socks, control_sock); struct ctl_conn { TAILQ_ENTRY(ctl_conn) entry; - u_int8_t flags; + uint8_t flags; #define CTL_CONN_NOTIFY 0x01 struct imsgev iev; }; @@ -109,20 +109,20 @@ struct iked_timer { }; struct iked_spi { - u_int64_t spi; - u_int8_t spi_size; - u_int8_t spi_protoid; + uint64_t spi; + uint8_t spi_size; + uint8_t spi_protoid; }; struct iked_proposal { - u_int8_t prop_id; - u_int8_t prop_protoid; + uint8_t prop_id; + uint8_t prop_protoid; struct iked_spi prop_localspi; struct iked_spi prop_peerspi; struct iked_transform *prop_xforms; - u_int prop_nxforms; + unsigned int prop_nxforms; TAILQ_ENTRY(iked_proposal) prop_entry; }; @@ -131,7 +131,7 @@ TAILQ_HEAD(iked_proposals, iked_proposal); struct iked_addr { int addr_af; struct sockaddr_storage addr; - u_int8_t addr_mask; + uint8_t addr_mask; int addr_net; in_port_t addr_port; }; @@ -139,13 +139,13 @@ struct iked_addr { struct iked_flow { struct iked_addr flow_src; struct iked_addr flow_dst; - u_int flow_dir; /* in/out */ + unsigned int flow_dir; /* in/out */ - u_int flow_loaded; /* pfkey done */ + unsigned int flow_loaded; /* pfkey done */ - u_int8_t flow_saproto; - u_int8_t flow_ipproto; - u_int8_t flow_type; + uint8_t flow_saproto; + uint8_t flow_ipproto; + uint8_t flow_type; struct iked_addr *flow_local; /* outer source */ struct iked_addr *flow_peer; /* outer dest */ @@ -158,24 +158,24 @@ RB_HEAD(iked_flows, iked_flow); TAILQ_HEAD(iked_saflows, iked_flow); struct iked_childsa { - u_int8_t csa_saproto; /* IPSec protocol */ - u_int csa_dir; /* in/out */ + uint8_t csa_saproto; /* IPSec protocol */ + unsigned int csa_dir; /* in/out */ - u_int64_t csa_peerspi; /* peer relation */ - u_int8_t csa_loaded; /* pfkey done */ - u_int8_t csa_rekey; /* will be deleted */ - u_int8_t csa_allocated; /* from the kernel */ - u_int8_t csa_persistent;/* do not rekey */ - u_int8_t csa_esn; /* use ESN */ - u_int8_t csa_transport; /* transport mode */ + uint64_t csa_peerspi; /* peer relation */ + uint8_t csa_loaded; /* pfkey done */ + uint8_t csa_rekey; /* will be deleted */ + uint8_t csa_allocated; /* from the kernel */ + uint8_t csa_persistent;/* do not rekey */ + uint8_t csa_esn; /* use ESN */ + uint8_t csa_transport; /* transport mode */ struct iked_spi csa_spi; struct ibuf *csa_encrkey; /* encryption key */ - u_int16_t csa_encrid; /* encryption xform id */ + uint16_t csa_encrid; /* encryption xform id */ struct ibuf *csa_integrkey; /* auth key */ - u_int16_t csa_integrid; /* auth xform id */ + uint16_t csa_integrid; /* auth xform id */ struct iked_addr *csa_local; /* outer source */ struct iked_addr *csa_peer; /* outer dest */ @@ -184,7 +184,7 @@ struct iked_childsa { struct iked_childsa *csa_peersa; /* peer */ struct iked_childsa *csa_parent; /* IPCOMP parent */ - u_int csa_children; /* IPCOMP children */ + unsigned int csa_children; /* IPCOMP children */ RB_ENTRY(iked_childsa) csa_node; TAILQ_ENTRY(iked_childsa) csa_entry; @@ -194,22 +194,22 @@ TAILQ_HEAD(iked_childsas, iked_childsa); struct iked_static_id { - u_int8_t id_type; - u_int8_t id_length; - u_int8_t id_offset; - u_int8_t id_data[IKED_ID_SIZE]; + uint8_t id_type; + uint8_t id_length; + uint8_t id_offset; + uint8_t id_data[IKED_ID_SIZE]; }; struct iked_auth { - u_int8_t auth_method; - u_int8_t auth_eap; /* optional EAP */ - u_int8_t auth_length; /* zero if EAP */ - u_int8_t auth_data[IKED_PSK_SIZE]; + uint8_t auth_method; + uint8_t auth_eap; /* optional EAP */ + uint8_t auth_length; /* zero if EAP */ + uint8_t auth_data[IKED_PSK_SIZE]; }; struct iked_cfg { - u_int8_t cfg_action; - u_int16_t cfg_type; + uint8_t cfg_action; + uint16_t cfg_type; union { struct iked_addr address; } cfg; @@ -218,12 +218,12 @@ struct iked_cfg { TAILQ_HEAD(iked_sapeers, iked_sa); struct iked_lifetime { - u_int64_t lt_bytes; - u_int64_t lt_seconds; + uint64_t lt_bytes; + uint64_t lt_seconds; }; struct iked_policy { - u_int pol_id; + unsigned int pol_id; char pol_name[IKED_ID_SIZE]; #define IKED_SKIP_FLAGS 0 @@ -234,7 +234,7 @@ struct iked_policy { #define IKED_SKIP_COUNT 5 struct iked_policy *pol_skip[IKED_SKIP_COUNT]; - u_int8_t pol_flags; + uint8_t pol_flags; #define IKED_POLICY_PASSIVE 0x00 #define IKED_POLICY_DEFAULT 0x01 #define IKED_POLICY_ACTIVE 0x02 @@ -245,11 +245,11 @@ struct iked_policy { int pol_refcnt; - u_int8_t pol_certreqtype; + uint8_t pol_certreqtype; int pol_af; - u_int8_t pol_saproto; - u_int pol_ipproto; + uint8_t pol_saproto; + unsigned int pol_ipproto; struct iked_addr pol_peer; struct group *pol_peerdh; @@ -261,7 +261,7 @@ struct iked_policy { struct iked_auth pol_auth; char pol_tag[IKED_TAG_SIZE]; - u_int pol_tap; + unsigned int pol_tap; struct iked_proposals pol_proposals; size_t pol_nproposals; @@ -270,9 +270,9 @@ struct iked_policy { size_t pol_nflows; struct iked_cfg pol_cfg[IKED_CFG_MAX]; - u_int pol_ncfg; + unsigned int pol_ncfg; - u_int32_t pol_rekey; /* ike SA lifetime */ + uint32_t pol_rekey; /* ike SA lifetime */ struct iked_lifetime pol_lifetime; /* child SA lifetime */ struct iked_sapeers pol_sapeers; @@ -282,8 +282,8 @@ struct iked_policy { TAILQ_HEAD(iked_policies, iked_policy); struct iked_hash { - u_int8_t hash_type; /* PRF or INTEGR */ - u_int16_t hash_id; /* IKE PRF/INTEGR hash id */ + uint8_t hash_type; /* PRF or INTEGR */ + uint16_t hash_id; /* IKE PRF/INTEGR hash id */ const void *hash_priv; /* Identifying the hash alg */ void *hash_ctx; /* Context of the current invocation */ int hash_fixedkey; /* Requires fixed key length */ @@ -294,8 +294,8 @@ struct iked_hash { }; struct iked_cipher { - u_int8_t encr_type; /* ENCR */ - u_int16_t encr_id; /* IKE ENCR hash id */ + uint8_t encr_type; /* ENCR */ + uint16_t encr_id; /* IKE ENCR hash id */ const void *encr_priv; /* Identifying the hash alg */ void *encr_ctx; /* Context of the current invocation */ int encr_fixedkey; /* Requires fixed key length */ @@ -306,7 +306,7 @@ struct iked_cipher { }; struct iked_dsa { - u_int8_t dsa_method; /* AUTH method */ + uint8_t dsa_method; /* AUTH method */ const void *dsa_priv; /* PRF or signature hash function */ void *dsa_ctx; /* PRF or signature hash ctx */ struct ibuf *dsa_keydata; /* public, private or shared key */ @@ -317,8 +317,8 @@ struct iked_dsa { }; struct iked_id { - u_int8_t id_type; - u_int8_t id_offset; + uint8_t id_type; + uint8_t id_offset; struct ibuf *id_buf; }; @@ -337,9 +337,9 @@ struct iked_id { TAILQ_HEAD(iked_msgqueue, iked_message); struct iked_sahdr { - u_int64_t sh_ispi; /* Initiator SPI */ - u_int64_t sh_rspi; /* Responder SPI */ - u_int sh_initiator; /* Is initiator? */ + uint64_t sh_ispi; /* Initiator SPI */ + uint64_t sh_rspi; /* Responder SPI */ + unsigned int sh_initiator; /* Is initiator? */ } __packed; struct iked_kex { @@ -354,9 +354,9 @@ struct iked_kex { struct iked_sa { struct iked_sahdr sa_hdr; - u_int32_t sa_msgid; /* Last request rcvd */ + uint32_t sa_msgid; /* Last request rcvd */ int sa_msgid_set; /* msgid initialized */ - u_int32_t sa_reqid; /* Next request sent */ + uint32_t sa_reqid; /* Next request sent */ int sa_type; #define IKED_SATYPE_LOOKUP 0 /* Used for lookup */ @@ -370,9 +370,9 @@ struct iked_sa { int sa_udpencap; /* for pfkey */ int sa_state; - u_int sa_stateflags; - u_int sa_stateinit; /* SA_INIT */ - u_int sa_statevalid; /* IKE_AUTH */ + unsigned int sa_stateflags; + unsigned int sa_stateinit; /* SA_INIT */ + unsigned int sa_statevalid; /* IKE_AUTH */ int sa_cp; /* XXX */ @@ -424,11 +424,11 @@ struct iked_sa { struct iked_saflows sa_flows; /* IPSec flows */ struct iked_sa *sa_next; /* IKE SA rekeying */ - u_int64_t sa_rekeyspi; /* peerspi for rekey*/ + uint64_t sa_rekeyspi; /* peerspi for rekey*/ - u_int8_t sa_ipcomp; /* IPcomp transform */ - u_int16_t sa_cpi_out; /* IPcomp outgoing */ - u_int16_t sa_cpi_in; /* IPcomp incoming*/ + uint8_t sa_ipcomp; /* IPcomp transform */ + uint16_t sa_cpi_out; /* IPcomp outgoing */ + uint16_t sa_cpi_in; /* IPcomp incoming*/ struct iked_timer sa_timer; /* SA timeouts */ #define IKED_IKE_SA_DELETE_TIMEOUT 300 /* 5 minutes */ @@ -475,8 +475,8 @@ struct iked_message { struct iked_policy *msg_policy; struct iked_sa *msg_sa; - u_int32_t msg_msgid; - u_int8_t msg_exchange; + uint32_t msg_msgid; + uint8_t msg_exchange; /* Parsed information */ struct iked_proposals msg_proposals; @@ -489,7 +489,7 @@ struct iked_message { /* Parse stack */ struct iked_proposal *msg_prop; - u_int16_t msg_attrlength; + uint16_t msg_attrlength; /* Retransmit queue */ struct iked_timer msg_timer; @@ -523,9 +523,9 @@ struct privsep { struct control_sock ps_csock; struct control_socks ps_rcsocks; - u_int ps_instances[PROC_MAX]; - u_int ps_ninstances; - u_int ps_instance; + unsigned int ps_instances[PROC_MAX]; + unsigned int ps_ninstances; + unsigned int ps_instance; /* Event and signal handlers */ struct event ps_evsigint; @@ -549,7 +549,7 @@ struct privsep_proc { struct privsep *p_ps; struct iked *p_env; void (*p_shutdown)(void); - u_int p_instance; + unsigned int p_instance; }; struct iked_ocsp_entry { @@ -565,9 +565,9 @@ TAILQ_HEAD(iked_ocsp_requests, iked_ocsp_entry); struct iked { char sc_conffile[PATH_MAX]; - u_int32_t sc_opts; - u_int8_t sc_passive; - u_int8_t sc_decoupled; + uint32_t sc_opts; + uint8_t sc_passive; + uint8_t sc_decoupled; struct iked_policies sc_policies; struct iked_policy *sc_defaultcon; @@ -581,7 +581,7 @@ struct iked { int sc_pfkey; /* ike process */ struct event sc_pfkeyev; - u_int8_t sc_certreqtype; + uint8_t sc_certreqtype; struct ibuf *sc_certreq; struct iked_socket *sc_sock4[2]; @@ -623,25 +623,26 @@ struct iked_sa * config_new_sa(struct iked *, int); struct iked_user * config_new_user(struct iked *, struct iked_user *); -u_int64_t +uint64_t config_getspi(void); struct iked_transform * - config_findtransform(struct iked_proposals *, u_int8_t, u_int); + config_findtransform(struct iked_proposals *, uint8_t, unsigned int); void config_free_policy(struct iked *, struct iked_policy *); struct iked_proposal * - config_add_proposal(struct iked_proposals *, u_int, u_int); -void config_free_proposals(struct iked_proposals *, u_int); + config_add_proposal(struct iked_proposals *, unsigned int, + unsigned int); +void config_free_proposals(struct iked_proposals *, unsigned int); void config_free_flows(struct iked *, struct iked_flows *); void config_free_childsas(struct iked *, struct iked_childsas *, struct iked_spi *, struct iked_spi *); struct iked_transform * config_add_transform(struct iked_proposal *, - u_int, u_int, u_int, u_int); -int config_setcoupled(struct iked *, u_int); -int config_getcoupled(struct iked *, u_int); -int config_setmode(struct iked *, u_int); -int config_getmode(struct iked *, u_int); -int config_setreset(struct iked *, u_int, enum privsep_procid); + unsigned int, unsigned int, unsigned int, unsigned int); +int config_setcoupled(struct iked *, unsigned int); +int config_getcoupled(struct iked *, unsigned int); +int config_setmode(struct iked *, unsigned int); +int config_getmode(struct iked *, unsigned int); +int config_setreset(struct iked *, unsigned int, enum privsep_procid); int config_getreset(struct iked *, struct imsg *); int config_setpolicy(struct iked *, struct iked_policy *, enum privsep_procid); @@ -668,10 +669,10 @@ void policy_calc_skip_steps(struct iked_policies *); void policy_ref(struct iked *, struct iked_policy *); void policy_unref(struct iked *, struct iked_policy *); void sa_state(struct iked *, struct iked_sa *, int); -void sa_stateflags(struct iked_sa *, u_int); +void sa_stateflags(struct iked_sa *, unsigned int); int sa_stateok(struct iked_sa *, int); struct iked_sa * - sa_new(struct iked *, u_int64_t, u_int64_t, u_int, + sa_new(struct iked *, uint64_t, uint64_t, unsigned int, struct iked_policy *); void sa_free(struct iked *, struct iked_sa *); void sa_free_flows(struct iked *, struct iked_saflows *); @@ -679,10 +680,10 @@ int sa_address(struct iked_sa *, struct iked_addr *, struct sockaddr_storage *); void childsa_free(struct iked_childsa *); struct iked_childsa * - childsa_lookup(struct iked_sa *, u_int64_t, u_int8_t); + childsa_lookup(struct iked_sa *, uint64_t, uint8_t); void flow_free(struct iked_flow *); struct iked_sa * - sa_lookup(struct iked *, u_int64_t, u_int64_t, u_int); + sa_lookup(struct iked *, uint64_t, uint64_t, unsigned int); struct iked_user * user_lookup(struct iked *, const char *); RB_PROTOTYPE(iked_sas, iked_sa, sa_entry, sa_cmp); @@ -693,7 +694,7 @@ RB_PROTOTYPE(iked_flows, iked_flow, flow_node, flow_cmp); /* crypto.c */ struct iked_hash * - hash_new(u_int8_t, u_int16_t); + hash_new(uint8_t, uint16_t); struct ibuf * hash_setkey(struct iked_hash *, void *, size_t); void hash_free(struct iked_hash *); @@ -704,7 +705,7 @@ size_t hash_keylength(struct iked_hash *); size_t hash_length(struct iked_hash *); struct iked_cipher * - cipher_new(u_int8_t, u_int16_t, u_int16_t); + cipher_new(uint8_t, uint16_t, uint16_t); struct ibuf * cipher_setkey(struct iked_cipher *, void *, size_t); struct ibuf * @@ -721,13 +722,13 @@ size_t cipher_ivlength(struct iked_cipher *); size_t cipher_outlength(struct iked_cipher *, size_t); struct iked_dsa * - dsa_new(u_int16_t, struct iked_hash *, int); + dsa_new(uint16_t, struct iked_hash *, int); struct iked_dsa * - dsa_sign_new(u_int16_t, struct iked_hash *); + dsa_sign_new(uint16_t, struct iked_hash *); struct iked_dsa * - dsa_verify_new(u_int16_t, struct iked_hash *); + dsa_verify_new(uint16_t, struct iked_hash *); struct ibuf * - dsa_setkey(struct iked_dsa *, void *, size_t, u_int8_t); + dsa_setkey(struct iked_dsa *, void *, size_t, uint8_t); void dsa_free(struct iked_dsa *); int dsa_init(struct iked_dsa *, const void *, size_t); size_t dsa_length(struct iked_dsa *); @@ -747,25 +748,25 @@ int ikev2_sa_negotiate(struct iked_proposals *, struct iked_proposals *, int ikev2_policy2id(struct iked_static_id *, struct iked_id *, int); int ikev2_childsa_enable(struct iked *, struct iked_sa *); int ikev2_childsa_delete(struct iked *, struct iked_sa *, - u_int8_t, u_int64_t, u_int64_t *, int); + uint8_t, uint64_t, uint64_t *, int); struct ibuf * ikev2_prfplus(struct iked_hash *, struct ibuf *, struct ibuf *, size_t); -ssize_t ikev2_psk(struct iked_sa *, u_int8_t *, size_t, u_int8_t **); +ssize_t ikev2_psk(struct iked_sa *, uint8_t *, size_t, uint8_t **); ssize_t ikev2_nat_detection(struct iked *, struct iked_message *, - void *, size_t, u_int); + void *, size_t, unsigned int); int ikev2_send_informational(struct iked *, struct iked_message *); int ikev2_send_ike_e(struct iked *, struct iked_sa *, struct ibuf *, - u_int8_t, u_int8_t, int); + uint8_t, uint8_t, int); struct ike_header * ikev2_add_header(struct ibuf *, struct iked_sa *, - u_int32_t, u_int8_t, u_int8_t, u_int8_t); + uint32_t, uint8_t, uint8_t, uint8_t); int ikev2_set_header(struct ike_header *, size_t); struct ikev2_payload * ikev2_add_payload(struct ibuf *); int ikev2_next_payload(struct ikev2_payload *, size_t, - u_int8_t); + uint8_t); int ikev2_acquire_sa(struct iked *, struct iked_flow *); void ikev2_disable_rekeying(struct iked *, struct iked_sa *); int ikev2_rekey_sa(struct iked *, struct iked_spi *); @@ -781,19 +782,19 @@ struct ibuf * struct iked_message * ikev2_msg_copy(struct iked *, struct iked_message *); void ikev2_msg_cleanup(struct iked *, struct iked_message *); -u_int32_t +uint32_t ikev2_msg_id(struct iked *, struct iked_sa *); struct ibuf *ikev2_msg_auth(struct iked *, struct iked_sa *, int); int ikev2_msg_authsign(struct iked *, struct iked_sa *, struct iked_auth *, struct ibuf *); int ikev2_msg_authverify(struct iked *, struct iked_sa *, - struct iked_auth *, u_int8_t *, size_t, struct ibuf *); + struct iked_auth *, uint8_t *, size_t, struct ibuf *); int ikev2_msg_valid_ike_sa(struct iked *, struct ike_header *, struct iked_message *); int ikev2_msg_send(struct iked *, struct iked_message *); int ikev2_msg_send_encrypt(struct iked *, struct iked_sa *, - struct ibuf **, u_int8_t, u_int8_t, int); + struct ibuf **, uint8_t, uint8_t, int); struct ibuf *ikev2_msg_encrypt(struct iked *, struct iked_sa *, struct ibuf *); struct ibuf * @@ -826,11 +827,11 @@ int eap_parse(struct iked *, struct iked_sa *, void *, int); int pfkey_couple(int, struct iked_sas *, int); int pfkey_flow_add(int fd, struct iked_flow *); int pfkey_flow_delete(int fd, struct iked_flow *); -int pfkey_block(int, int, u_int); -int pfkey_sa_init(int, struct iked_childsa *, u_int32_t *); +int pfkey_block(int, int, unsigned int); +int pfkey_sa_init(int, struct iked_childsa *, uint32_t *); int pfkey_sa_add(int, struct iked_childsa *, struct iked_childsa *); int pfkey_sa_delete(int, struct iked_childsa *); -int pfkey_sa_last_used(int, struct iked_childsa *, u_int64_t *); +int pfkey_sa_last_used(int, struct iked_childsa *, uint64_t *); int pfkey_flush(int); int pfkey_socket(void); void pfkey_init(struct iked *, int fd); @@ -838,14 +839,14 @@ void pfkey_init(struct iked *, int fd); /* ca.c */ pid_t caproc(struct privsep *, struct privsep_proc *); int ca_setreq(struct iked *, struct iked_sahdr *, struct iked_static_id *, - u_int8_t, u_int8_t *, size_t, enum privsep_procid); + uint8_t, uint8_t *, size_t, enum privsep_procid); int ca_setcert(struct iked *, struct iked_sahdr *, struct iked_id *, - u_int8_t, u_int8_t *, size_t, enum privsep_procid); + uint8_t, uint8_t *, size_t, enum privsep_procid); int ca_setauth(struct iked *, struct iked_sa *, struct ibuf *, enum privsep_procid); void ca_sslinit(void); void ca_sslerror(const char *); -char *ca_asn1_name(u_int8_t *, size_t); +char *ca_asn1_name(uint8_t *, size_t); char *ca_x509_name(void *); void *ca_x509_name_parse(char *); @@ -856,22 +857,22 @@ void timer_add(struct iked *, struct iked_timer *, int); void timer_del(struct iked *, struct iked_timer *); /* proc.c */ -void proc_init(struct privsep *, struct privsep_proc *, u_int); +void proc_init(struct privsep *, struct privsep_proc *, unsigned int); void proc_kill(struct privsep *); void proc_listen(struct privsep *, struct privsep_proc *, size_t); void proc_dispatch(int, short event, void *); pid_t proc_run(struct privsep *, struct privsep_proc *, - struct privsep_proc *, u_int, + struct privsep_proc *, unsigned int, void (*)(struct privsep *, struct privsep_proc *, void *), void *); void imsg_event_add(struct imsgev *); -int imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t, - pid_t, int, void *, u_int16_t); -int imsg_composev_event(struct imsgev *, u_int16_t, u_int32_t, +int imsg_compose_event(struct imsgev *, uint16_t, uint32_t, + pid_t, int, void *, uint16_t); +int imsg_composev_event(struct imsgev *, uint16_t, uint32_t, pid_t, int, const struct iovec *, int); int proc_compose_imsg(struct privsep *, enum privsep_procid, int, - u_int16_t, int, void *, u_int16_t); + uint16_t, int, void *, uint16_t); int proc_composev_imsg(struct privsep *, enum privsep_procid, int, - u_int16_t, int, const struct iovec *, int); + uint16_t, int, const struct iovec *, int); int proc_forward_imsg(struct privsep *, struct imsg *, enum privsep_procid, int); struct imsgbuf * @@ -891,28 +892,28 @@ int udp_bind(struct sockaddr *, in_port_t); ssize_t recvfromto(int, void *, size_t, int, struct sockaddr *, socklen_t *, struct sockaddr *, socklen_t *); const char * - print_spi(u_int64_t, int); + print_spi(uint64_t, int); const char * - print_map(u_int, struct iked_constmap *); + print_map(unsigned int, struct iked_constmap *); void lc_string(char *); -void print_hex(u_int8_t *, off_t, size_t); -void print_hexval(u_int8_t *, off_t, size_t); +void print_hex(uint8_t *, off_t, size_t); +void print_hexval(uint8_t *, off_t, size_t); const char * - print_bits(u_short, u_char *); + print_bits(unsigned short, unsigned char *); int sockaddr_cmp(struct sockaddr *, struct sockaddr *, int); -u_int8_t mask2prefixlen(struct sockaddr *); -u_int8_t mask2prefixlen6(struct sockaddr *); +uint8_t mask2prefixlen(struct sockaddr *); +uint8_t mask2prefixlen6(struct sockaddr *); struct in6_addr * - prefixlen2mask6(u_int8_t, u_int32_t *); -u_int32_t - prefixlen2mask(u_int8_t); + prefixlen2mask6(uint8_t, uint32_t *); +uint32_t + prefixlen2mask(uint8_t); const char * print_host(struct sockaddr *, char *, size_t); -char *get_string(u_int8_t *, size_t); +char *get_string(uint8_t *, size_t); const char * - print_proto(u_int8_t); + print_proto(uint8_t); int expand_string(char *, size_t, const char *, const char *); -u_int8_t *string2unicode(const char *, size_t *); +uint8_t *string2unicode(const char *, size_t *); /* imsg_util.c */ struct ibuf * @@ -923,7 +924,7 @@ int ibuf_cat(struct ibuf *, struct ibuf *); void ibuf_release(struct ibuf *); size_t ibuf_length(struct ibuf *); int ibuf_setsize(struct ibuf *, size_t); -u_int8_t * +uint8_t * ibuf_data(struct ibuf *); void *ibuf_getdata(struct ibuf *, size_t); struct ibuf * @@ -952,14 +953,14 @@ __dead void fatalx(const char *); int ocsp_connect(struct iked *env); int ocsp_receive_fd(struct iked *, struct imsg *); int ocsp_validate_cert(struct iked *, struct iked_static_id *, - void *, size_t, struct iked_sahdr, u_int8_t); + void *, size_t, struct iked_sahdr, uint8_t); /* parse.y */ int parse_config(const char *, struct iked *); void print_user(struct iked_user *); void print_policy(struct iked_policy *); -size_t keylength_xf(u_int, u_int, u_int); -size_t noncelength_xf(u_int, u_int); +size_t keylength_xf(unsigned int, unsigned int, unsigned int); +size_t noncelength_xf(unsigned int, unsigned int); int cmdline_symset(char *); #endif /* IKED_H */ diff --git a/sbin/iked/ikev1.c b/sbin/iked/ikev1.c index 7d10e8601b1..dd2f3ec526e 100644 --- a/sbin/iked/ikev1.c +++ b/sbin/iked/ikev1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev1.c,v 1.17 2015/02/06 10:39:01 deraadt Exp $ */ +/* $OpenBSD: ikev1.c,v 1.18 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -90,7 +90,7 @@ ikev1_dispatch_ikev2(int fd, struct privsep_proc *p, struct imsg *imsg) { struct iked *env = p->p_env; struct iked_message msg; - u_int8_t *buf; + uint8_t *buf; ssize_t len; switch (imsg->hdr.type) { @@ -100,7 +100,7 @@ ikev1_dispatch_ikev2(int fd, struct privsep_proc *p, struct imsg *imsg) memcpy(&msg, imsg->data, sizeof(msg)); len = IMSG_DATA_SIZE(imsg) - sizeof(msg); - buf = (u_int8_t *)imsg->data + sizeof(msg); + buf = (uint8_t *)imsg->data + sizeof(msg); if (len <= 0 || (msg.msg_data = ibuf_new(buf, len)) == NULL) { log_debug("%s: short message", __func__); return (0); @@ -131,7 +131,7 @@ ikev1_msg_cb(int fd, short event, void *arg) struct iked *env = sock->sock_env; struct iked_message msg; struct ike_header hdr; - u_int8_t buf[IKED_MSGBUF_MAX]; + uint8_t buf[IKED_MSGBUF_MAX]; size_t len; struct iovec iov[2]; diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index af276a44d81..0f5b95af87a 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.122 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: ikev2.c,v 1.123 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -51,10 +51,10 @@ int ikev2_dispatch_cert(int, struct privsep_proc *, struct imsg *); struct iked_sa * ikev2_getimsgdata(struct iked *, struct imsg *, struct iked_sahdr *, - u_int8_t *, u_int8_t **, size_t *); + uint8_t *, uint8_t **, size_t *); void ikev2_recv(struct iked *, struct iked_message *); -int ikev2_ike_auth_compatible(struct iked_sa *, u_int8_t, u_int8_t); +int ikev2_ike_auth_compatible(struct iked_sa *, uint8_t, uint8_t); int ikev2_ike_auth_recv(struct iked *, struct iked_sa *, struct iked_message *); int ikev2_ike_auth(struct iked *, struct iked_sa *); @@ -74,7 +74,7 @@ int ikev2_resp_ike_auth(struct iked *, struct iked_sa *); int ikev2_resp_ike_eap(struct iked *, struct iked_sa *, struct ibuf *); int ikev2_send_create_child_sa(struct iked *, struct iked_sa *, - struct iked_spi *, u_int8_t); + struct iked_spi *, uint8_t); int ikev2_ikesa_enable(struct iked *, struct iked_sa *, struct iked_sa *); void ikev2_ikesa_delete(struct iked *, struct iked_sa *, int); int ikev2_init_create_child_sa(struct iked *, struct iked_message *); @@ -87,13 +87,15 @@ int ikev2_sa_initiator(struct iked *, struct iked_sa *, struct iked_sa *, struct iked_message *); int ikev2_sa_responder(struct iked *, struct iked_sa *, struct iked_sa *, struct iked_message *); -int ikev2_sa_initiator_dh(struct iked_sa *, struct iked_message *, u_int); +int ikev2_sa_initiator_dh(struct iked_sa *, struct iked_message *, + unsigned int); int ikev2_sa_responder_dh(struct iked_kex *, struct iked_proposals *, - struct iked_message *, u_int); + struct iked_message *, unsigned int); void ikev2_sa_cleanup_dh(struct iked_sa *); int ikev2_sa_keys(struct iked *, struct iked_sa *, struct ibuf *); int ikev2_sa_tag(struct iked_sa *, struct iked_id *); -int ikev2_set_sa_proposal(struct iked_sa *, struct iked_policy *, u_int); +int ikev2_set_sa_proposal(struct iked_sa *, struct iked_policy *, + unsigned int); int ikev2_childsa_negotiate(struct iked *, struct iked_sa *, struct iked_kex *, struct iked_proposals *, int, int); @@ -103,17 +105,17 @@ int ikev2_valid_proposal(struct iked_proposal *, struct iked_transform **, struct iked_transform **, int *); ssize_t ikev2_add_proposals(struct iked *, struct iked_sa *, struct ibuf *, - struct iked_proposals *, u_int8_t, int, int); + struct iked_proposals *, uint8_t, int, int); ssize_t ikev2_add_cp(struct iked *, struct iked_sa *, struct ibuf *); ssize_t ikev2_add_transform(struct ibuf *, - u_int8_t, u_int8_t, u_int16_t, u_int16_t); + uint8_t, uint8_t, uint16_t, uint16_t); ssize_t ikev2_add_ts(struct ibuf *, struct ikev2_payload **, ssize_t, struct iked_sa *, int); ssize_t ikev2_add_certreq(struct ibuf *, struct ikev2_payload **, ssize_t, - struct ibuf *, u_int8_t); + struct ibuf *, uint8_t); ssize_t ikev2_add_ipcompnotify(struct iked *, struct ibuf *, struct ikev2_payload **, ssize_t, struct iked_sa *); -ssize_t ikev2_add_ts_payload(struct ibuf *, u_int, struct iked_sa *); +ssize_t ikev2_add_ts_payload(struct ibuf *, unsigned int, struct iked_sa *); int ikev2_add_data(struct ibuf *, void *, size_t); int ikev2_add_buf(struct ibuf *buf, struct ibuf *); @@ -180,7 +182,7 @@ ikev2_dispatch_ikev1(int fd, struct privsep_proc *p, struct imsg *imsg) { struct iked *env = p->p_env; struct iked_message msg; - u_int8_t *buf; + uint8_t *buf; ssize_t len; switch (imsg->hdr.type) { @@ -190,7 +192,7 @@ ikev2_dispatch_ikev1(int fd, struct privsep_proc *p, struct imsg *imsg) memcpy(&msg, imsg->data, sizeof(msg)); len = IMSG_DATA_SIZE(imsg) - sizeof(msg); - buf = (u_int8_t *)imsg->data + sizeof(msg); + buf = (uint8_t *)imsg->data + sizeof(msg); if (len <= 0 || (msg.msg_data = ibuf_new(buf, len)) == NULL) { log_debug("%s: short message", __func__); return (0); @@ -214,8 +216,8 @@ ikev2_dispatch_cert(int fd, struct privsep_proc *p, struct imsg *imsg) struct iked *env = p->p_env; struct iked_sahdr sh; struct iked_sa *sa; - u_int8_t type; - u_int8_t *ptr; + uint8_t type; + uint8_t *ptr; size_t len; struct iked_id *id = NULL; int ignore = 0; @@ -241,7 +243,7 @@ ikev2_dispatch_cert(int fd, struct privsep_proc *p, struct imsg *imsg) case IMSG_CERTVALID: case IMSG_CERTINVALID: memcpy(&sh, imsg->data, sizeof(sh)); - memcpy(&type, (u_int8_t *)imsg->data + sizeof(sh), + memcpy(&type, (uint8_t *)imsg->data + sizeof(sh), sizeof(type)); /* Ignore invalid or unauthenticated SAs */ @@ -345,9 +347,9 @@ ikev2_dispatch_cert(int fd, struct privsep_proc *p, struct imsg *imsg) struct iked_sa * ikev2_getimsgdata(struct iked *env, struct imsg *imsg, struct iked_sahdr *sh, - u_int8_t *type, u_int8_t **buf, size_t *size) + uint8_t *type, uint8_t **buf, size_t *size) { - u_int8_t *ptr; + uint8_t *ptr; size_t len; struct iked_sa *sa; @@ -383,7 +385,7 @@ ikev2_recv(struct iked *env, struct iked_message *msg) struct ike_header *hdr; struct iked_message *m; struct iked_sa *sa; - u_int initiator, flag = 0; + unsigned int initiator, flag = 0; hdr = ibuf_seek(msg->msg_data, msg->msg_offset, sizeof(*hdr)); @@ -496,7 +498,7 @@ done: } int -ikev2_ike_auth_compatible(struct iked_sa *sa, u_int8_t want, u_int8_t have) +ikev2_ike_auth_compatible(struct iked_sa *sa, uint8_t want, uint8_t have) { if (want == have) return (0); @@ -795,7 +797,7 @@ ikev2_init_ike_sa_peer(struct iked *env, struct iked_policy *pol, struct iked_sa *sa; struct ibuf *buf; struct group *group; - u_int8_t *ptr; + uint8_t *ptr; ssize_t len; int ret = -1; struct iked_socket *sock; @@ -982,7 +984,7 @@ ikev2_init_ike_auth(struct iked *env, struct iked_sa *sa) struct ikev2_auth *auth; struct iked_id *id, *certid; struct ibuf *e = NULL; - u_int8_t firstpayload; + uint8_t firstpayload; int ret = -1; ssize_t len; @@ -1124,7 +1126,7 @@ ikev2_policy2id(struct iked_static_id *polid, struct iked_id *id, int srcid) struct in_addr in4; struct in6_addr in6; X509_NAME *name = NULL; - u_int8_t *p; + uint8_t *p; int len; /* Fixup the local Id if not specified */ @@ -1202,8 +1204,8 @@ ikev2_policy2id(struct iked_static_id *polid, struct iked_id *id, int srcid) struct ike_header * ikev2_add_header(struct ibuf *buf, struct iked_sa *sa, - u_int32_t msgid, u_int8_t nextpayload, - u_int8_t exchange, u_int8_t flags) + uint32_t msgid, uint8_t nextpayload, + uint8_t exchange, uint8_t flags) { struct ike_header *hdr; @@ -1230,7 +1232,7 @@ ikev2_add_header(struct ibuf *buf, struct iked_sa *sa, int ikev2_set_header(struct ike_header *hdr, size_t length) { - u_int32_t hdrlength = sizeof(*hdr) + length; + uint32_t hdrlength = sizeof(*hdr) + length; if (hdrlength > UINT32_MAX) { log_debug("%s: message too long", __func__); @@ -1259,7 +1261,7 @@ ikev2_add_payload(struct ibuf *buf) } ssize_t -ikev2_add_ts_payload(struct ibuf *buf, u_int type, struct iked_sa *sa) +ikev2_add_ts_payload(struct ibuf *buf, unsigned int type, struct iked_sa *sa) { struct iked_policy *pol = sa->sa_policy; struct ikev2_tsp *tsp; @@ -1267,9 +1269,9 @@ ikev2_add_ts_payload(struct ibuf *buf, u_int type, struct iked_sa *sa) struct iked_flow *flow; struct iked_addr *addr; struct iked_addr pooladdr; - u_int8_t *ptr; + uint8_t *ptr; size_t len = 0; - u_int32_t av[4], bv[4], mv[4]; + uint32_t av[4], bv[4], mv[4]; struct sockaddr_in *in4; struct sockaddr_in6 *in6; @@ -1397,7 +1399,7 @@ ikev2_add_ts(struct ibuf *e, struct ikev2_payload **pld, ssize_t len, ssize_t ikev2_add_certreq(struct ibuf *e, struct ikev2_payload **pld, ssize_t len, - struct ibuf *certreq, u_int8_t type) + struct ibuf *certreq, uint8_t type) { struct ikev2_cert *cert; @@ -1435,10 +1437,10 @@ ikev2_add_ipcompnotify(struct iked *env, struct ibuf *e, { struct iked_childsa csa; struct ikev2_notify *n; - u_int8_t *ptr; - u_int16_t cpi; - u_int32_t spi; - u_int8_t transform; + uint8_t *ptr; + uint16_t cpi; + uint32_t spi; + uint8_t transform; /* we only support deflate */ transform = IKEV2_IPCOMP_DEFLATE; @@ -1457,7 +1459,7 @@ ikev2_add_ipcompnotify(struct iked *env, struct ibuf *e, */ if (spi == 0) return (len); - cpi = htobe16((u_int16_t)spi); + cpi = htobe16((uint16_t)spi); if (*pld) if (ikev2_next_payload(*pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) return (-1); @@ -1486,9 +1488,9 @@ ikev2_add_sighashnotify(struct ibuf *e, struct ikev2_payload **pld, ssize_t len) { struct ikev2_notify *n; - u_int8_t *ptr; + uint8_t *ptr; size_t i; - u_int16_t hash, signature_hashes[] = { + uint16_t hash, signature_hashes[] = { IKEV2_SIGHASH_SHA2_256, IKEV2_SIGHASH_SHA2_384, IKEV2_SIGHASH_SHA2_512 @@ -1523,7 +1525,7 @@ ikev2_add_sighashnotify(struct ibuf *e, struct ikev2_payload **pld, int ikev2_next_payload(struct ikev2_payload *pld, size_t length, - u_int8_t nextpayload) + uint8_t nextpayload) { size_t pldlength = sizeof(*pld) + length; @@ -1543,21 +1545,21 @@ ikev2_next_payload(struct ikev2_payload *pld, size_t length, ssize_t ikev2_nat_detection(struct iked *env, struct iked_message *msg, - void *ptr, size_t len, u_int type) + void *ptr, size_t len, unsigned int type) { EVP_MD_CTX ctx; struct ike_header *hdr; - u_int8_t md[SHA_DIGEST_LENGTH]; - u_int mdlen = sizeof(md); + uint8_t md[SHA_DIGEST_LENGTH]; + unsigned int mdlen = sizeof(md); struct iked_sa *sa = msg->msg_sa; struct sockaddr_in *in4; struct sockaddr_in6 *in6; ssize_t ret = -1; struct sockaddr *src, *dst, *ss; - u_int64_t rspi, ispi; + uint64_t rspi, ispi; struct ibuf *buf; int frompeer = 0; - u_int32_t rnd; + uint32_t rnd; if (ptr == NULL) return (mdlen); @@ -1651,12 +1653,12 @@ ikev2_add_cp(struct iked *env, struct iked_sa *sa, struct ibuf *buf) struct ikev2_cp *cp; struct ikev2_cfg *cfg; struct iked_cfg *ikecfg; - u_int i; - u_int32_t mask4; + unsigned int i; + uint32_t mask4; size_t len; struct sockaddr_in *in4; struct sockaddr_in6 *in6; - u_int8_t prefixlen; + uint8_t prefixlen; if ((cp = ibuf_advance(buf, sizeof(*cp))) == NULL) return (-1); @@ -1759,7 +1761,7 @@ ikev2_add_cp(struct iked *env, struct iked_sa *sa, struct ibuf *buf) ssize_t ikev2_add_proposals(struct iked *env, struct iked_sa *sa, struct ibuf *buf, - struct iked_proposals *proposals, u_int8_t protoid, int initiator, + struct iked_proposals *proposals, uint8_t protoid, int initiator, int sendikespi) { struct ikev2_sa_proposal *sap; @@ -1767,9 +1769,9 @@ ikev2_add_proposals(struct iked *env, struct iked_sa *sa, struct ibuf *buf, struct iked_proposal *prop; struct iked_childsa csa; ssize_t length = 0, saplength, xflen; - u_int64_t spi64; - u_int32_t spi32, spi; - u_int i; + uint64_t spi64; + uint32_t spi32, spi; + unsigned int i; TAILQ_FOREACH(prop, proposals, prop_entry) { if ((protoid && prop->prop_protoid != protoid) || @@ -1851,7 +1853,7 @@ ikev2_add_proposals(struct iked *env, struct iked_sa *sa, struct ibuf *buf, ssize_t ikev2_add_transform(struct ibuf *buf, - u_int8_t more, u_int8_t type, u_int16_t id, u_int16_t length) + uint8_t more, uint8_t type, uint16_t id, uint16_t length) { struct ikev2_transform *xfrm; struct ikev2_attribute *attr; @@ -2022,7 +2024,7 @@ ikev2_resp_ike_sa_init(struct iked *env, struct iked_message *msg) struct iked_sa *sa = msg->msg_sa; struct ibuf *buf; struct group *group; - u_int8_t *ptr; + uint8_t *ptr; ssize_t len; int ret = -1; @@ -2165,7 +2167,7 @@ ikev2_resp_ike_auth(struct iked *env, struct iked_sa *sa) struct ikev2_auth *auth; struct iked_id *id, *certid; struct ibuf *e = NULL; - u_int8_t firstpayload; + uint8_t firstpayload; int ret = -1; ssize_t len; @@ -2319,7 +2321,7 @@ ikev2_resp_ike_eap(struct iked *env, struct iked_sa *sa, struct ibuf *eapmsg) struct ikev2_auth *auth; struct iked_id *id, *certid; struct ibuf *e = NULL; - u_int8_t firstpayload; + uint8_t firstpayload; int ret = -1; ssize_t len = 0; @@ -2398,7 +2400,7 @@ ikev2_resp_ike_eap(struct iked *env, struct iked_sa *sa, struct ibuf *eapmsg) int ikev2_send_ike_e(struct iked *env, struct iked_sa *sa, struct ibuf *buf, - u_int8_t firstpayload, u_int8_t exchange, int response) + uint8_t firstpayload, uint8_t exchange, int response) { struct ikev2_payload *pld; struct ibuf *e = NULL; @@ -2431,11 +2433,11 @@ ikev2_send_ike_e(struct iked *env, struct iked_sa *sa, struct ibuf *buf, int ikev2_set_sa_proposal(struct iked_sa *sa, struct iked_policy *pol, - u_int proto) + unsigned int proto) { struct iked_proposal *prop, *copy; struct iked_transform *xform; - u_int i; + unsigned int i; /* create copy of the policy proposals */ config_free_proposals(&sa->sa_proposals, proto); @@ -2458,7 +2460,7 @@ ikev2_set_sa_proposal(struct iked_sa *sa, struct iked_policy *pol, int ikev2_send_create_child_sa(struct iked *env, struct iked_sa *sa, - struct iked_spi *rekey, u_int8_t protoid) + struct iked_spi *rekey, uint8_t protoid) { struct iked_policy *pol = sa->sa_policy; struct iked_childsa *csa = NULL, *csb = NULL; @@ -2467,9 +2469,9 @@ ikev2_send_create_child_sa(struct iked *env, struct iked_sa *sa, struct ikev2_keyexchange *ke; struct group *group; struct ibuf *e = NULL, *nonce = NULL; - u_int8_t *ptr; - u_int8_t firstpayload; - u_int32_t spi; + uint8_t *ptr; + uint8_t firstpayload; + uint32_t spi; ssize_t len = 0; int initiator, ret = -1; @@ -2594,7 +2596,7 @@ ikev2_send_create_child_sa(struct iked *env, struct iked_sa *sa, if ((ptr = ibuf_advance(e, rekey->spi_size)) == NULL) goto done; len = rekey->spi_size; - spi = htobe32((u_int32_t)csa->csa_peerspi); + spi = htobe32((uint32_t)csa->csa_peerspi); memcpy(ptr, &spi, rekey->spi_size); len += sizeof(*n); } @@ -2728,7 +2730,7 @@ ikev2_init_create_child_sa(struct iked *env, struct iked_message *msg) struct iked_spi *spi; struct ikev2_delete *del; struct ibuf *buf = NULL; - u_int32_t spi32; + uint32_t spi32; int pfs = 0, ret = -1; if (!ikev2_msg_frompeer(msg) || @@ -2999,7 +3001,7 @@ ikev2_resp_create_child_sa(struct iked *env, struct iked_message *msg) struct ikev2_keyexchange *ke; struct ikev2_payload *pld = NULL; struct ibuf *e = NULL, *nonce = NULL; - u_int8_t firstpayload; + uint8_t firstpayload; ssize_t len = 0; int initiator, protoid, rekeying = 1; int ret = -1; @@ -3236,7 +3238,7 @@ ikev2_ike_sa_alive(struct iked *env, void *arg) struct iked_sa *sa = arg; struct iked_childsa *csa = NULL; struct timeval tv; - u_int64_t last_used, diff; + uint64_t last_used, diff; int foundin = 0, foundout = 0; /* check for incoming traffic on any child SA */ @@ -3247,7 +3249,7 @@ ikev2_ike_sa_alive(struct iked *env, void *arg) if (pfkey_sa_last_used(env->sc_pfkey, csa, &last_used) != 0) continue; gettimeofday(&tv, NULL); - diff = (u_int32_t)(tv.tv_sec - last_used); + diff = (uint32_t)(tv.tv_sec - last_used); log_debug("%s: %s CHILD SA spi %s last used %llu second(s) ago", __func__, csa->csa_dir == IPSP_DIRECTION_IN ? "incoming" : "outgoing", @@ -3388,10 +3390,10 @@ ikev2_send_informational(struct iked *env, struct iked_message *msg) } ssize_t -ikev2_psk(struct iked_sa *sa, u_int8_t *data, size_t length, - u_int8_t **pskptr) +ikev2_psk(struct iked_sa *sa, uint8_t *data, size_t length, + uint8_t **pskptr) { - u_int8_t *psk; + uint8_t *psk; size_t psklen = -1; if (hash_setkey(sa->sa_prf, data, length) == NULL) @@ -3413,8 +3415,8 @@ ikev2_match_proposals(struct iked_proposal *local, struct iked_proposal *peer, struct iked_transform **xforms) { struct iked_transform *tpeer, *tlocal; - u_int i, j, type, score; - u_int8_t protoid = peer->prop_protoid; + unsigned int i, j, type, score; + uint8_t protoid = peer->prop_protoid; for (i = 0; i < peer->prop_nxforms; i++) { tpeer = peer->prop_xforms + i; @@ -3477,8 +3479,8 @@ ikev2_sa_negotiate(struct iked_proposals *result, struct iked_proposals *local, struct iked_transform chosen[IKEV2_XFORMTYPE_MAX]; struct iked_transform *valid[IKEV2_XFORMTYPE_MAX]; struct iked_transform *match[IKEV2_XFORMTYPE_MAX]; - u_int i, score, chosen_score = 0; - u_int8_t protoid = 0; + unsigned int i, score, chosen_score = 0; + uint8_t protoid = 0; bzero(valid, sizeof(valid)); bzero(&vlocal, sizeof(vlocal)); @@ -3549,7 +3551,8 @@ ikev2_sa_negotiate(struct iked_proposals *result, struct iked_proposals *local, } int -ikev2_sa_initiator_dh(struct iked_sa *sa, struct iked_message *msg, u_int proto) +ikev2_sa_initiator_dh(struct iked_sa *sa, struct iked_message *msg, + unsigned int proto) { struct iked_policy *pol = sa->sa_policy; struct iked_transform *xform; @@ -3698,7 +3701,7 @@ ikev2_sa_initiator(struct iked *env, struct iked_sa *sa, int ikev2_sa_responder_dh(struct iked_kex *kex, struct iked_proposals *proposals, - struct iked_message *msg, u_int proto) + struct iked_message *msg, unsigned int proto) { struct iked_transform *xform; @@ -3834,7 +3837,7 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) struct group *group; struct ibuf *ninr, *dhsecret, *skeyseed, *s, *t; size_t nonceminlen, ilen, rlen, tmplen; - u_int64_t ispi, rspi; + uint64_t ispi, rspi; int ret = -1; ninr = dhsecret = skeyseed = s = t = NULL; @@ -4046,7 +4049,7 @@ ikev2_prfplus(struct iked_hash *prf, struct ibuf *key, struct ibuf *seed, { struct ibuf *t = NULL, *t1 = NULL, *t2 = NULL; size_t rlen, i, hashlen = 0; - u_int8_t pad = 0; + uint8_t pad = 0; /* * prf+ (K, S) = T1 | T2 | T3 | T4 | ... @@ -4207,8 +4210,8 @@ ikev2_childsa_negotiate(struct iked *env, struct iked_sa *sa, struct iked_flow *flow, *saflow, *flowa, *flowb; struct ibuf *keymat = NULL, *seed = NULL, *dhsecret = NULL; struct group *group; - u_int32_t spi = 0; - u_int i; + uint32_t spi = 0; + unsigned int i; size_t ilen = 0; int esn, skip, ret = -1; @@ -4664,11 +4667,11 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) } int -ikev2_childsa_delete(struct iked *env, struct iked_sa *sa, u_int8_t saproto, - u_int64_t spi, u_int64_t *spiptr, int cleanup) +ikev2_childsa_delete(struct iked *env, struct iked_sa *sa, uint8_t saproto, + uint64_t spi, uint64_t *spiptr, int cleanup) { struct iked_childsa *csa, *nextcsa = NULL; - u_int64_t peerspi = 0; + uint64_t peerspi = 0; int found = 0; for (csa = TAILQ_FIRST(&sa->sa_childsas); csa != NULL; csa = nextcsa) { @@ -4711,7 +4714,7 @@ ikev2_valid_proposal(struct iked_proposal *prop, struct iked_transform **exf, struct iked_transform **ixf, int *esn) { struct iked_transform *xform, *encrxf, *integrxf; - u_int i, doesn = 0; + unsigned int i, doesn = 0; switch (prop->prop_protoid) { case IKEV2_SAPROTO_ESP: @@ -4863,7 +4866,7 @@ ikev2_drop_sa(struct iked *env, struct iked_spi *drop) struct iked_childsa *csa, key; struct iked_sa *sa; struct ikev2_delete *del; - u_int32_t spi32; + uint32_t spi32; key.csa_spi = *drop; csa = RB_FIND(iked_activesas, &env->sc_activesas, &key); @@ -4929,7 +4932,7 @@ done: int ikev2_print_id(struct iked_id *id, char *idstr, size_t idstrlen) { - u_int8_t buf[BUFSIZ], *ptr; + uint8_t buf[BUFSIZ], *ptr; struct sockaddr_in *s4; struct sockaddr_in6 *s6; char *str; @@ -5030,7 +5033,7 @@ ikev2_cp_setaddr(struct iked *env, struct iked_sa *sa) struct sockaddr_in6 *in6 = NULL, *cfg6 = NULL; struct iked_sa key; struct iked_addr addr; - u_int32_t mask, host, lower, upper, start; + uint32_t mask, host, lower, upper, start; size_t i; if (sa->sa_addrpool || pol->pol_ncfg == 0) diff --git a/sbin/iked/ikev2.h b/sbin/iked/ikev2.h index b79466501f1..be111fb4bb3 100644 --- a/sbin/iked/ikev2.h +++ b/sbin/iked/ikev2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.h,v 1.19 2015/06/11 18:49:09 reyk Exp $ */ +/* $OpenBSD: ikev2.h,v 1.20 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -73,9 +73,9 @@ extern struct iked_constmap ikev2_flag_map[]; */ struct ikev2_payload { - u_int8_t pld_nextpayload; /* Next payload type */ - u_int8_t pld_reserved; /* Contains the critical bit */ - u_int16_t pld_length; /* Payload length with header */ + uint8_t pld_nextpayload; /* Next payload type */ + uint8_t pld_reserved; /* Contains the critical bit */ + uint16_t pld_length; /* Payload length with header */ } __packed; #define IKEV2_CRITICAL_PAYLOAD 0x01 /* First bit in the reserved field */ @@ -107,13 +107,13 @@ extern struct iked_constmap ikev2_payload_map[]; */ struct ikev2_sa_proposal { - u_int8_t sap_more; /* Last proposal or more */ - u_int8_t sap_reserved; /* Must be set to zero */ - u_int16_t sap_length; /* Proposal length */ - u_int8_t sap_proposalnr; /* Proposal number */ - u_int8_t sap_protoid; /* Protocol Id */ - u_int8_t sap_spisize; /* SPI size */ - u_int8_t sap_transforms; /* Number of transforms */ + uint8_t sap_more; /* Last proposal or more */ + uint8_t sap_reserved; /* Must be set to zero */ + uint16_t sap_length; /* Proposal length */ + uint8_t sap_proposalnr; /* Proposal number */ + uint8_t sap_protoid; /* Protocol Id */ + uint8_t sap_spisize; /* SPI size */ + uint8_t sap_transforms; /* Number of transforms */ /* Followed by variable-length SPI */ /* Followed by variable-length transforms */ } __packed; @@ -132,12 +132,12 @@ struct ikev2_sa_proposal { extern struct iked_constmap ikev2_saproto_map[]; struct ikev2_transform { - u_int8_t xfrm_more; /* Last transform or more */ - u_int8_t xfrm_reserved; /* Must be set to zero */ - u_int16_t xfrm_length; /* Transform length */ - u_int8_t xfrm_type; /* Transform type */ - u_int8_t xfrm_reserved1; /* Must be set to zero */ - u_int16_t xfrm_id; /* Transform Id */ + uint8_t xfrm_more; /* Last transform or more */ + uint8_t xfrm_reserved; /* Must be set to zero */ + uint16_t xfrm_length; /* Transform length */ + uint8_t xfrm_type; /* Transform type */ + uint8_t xfrm_reserved1; /* Must be set to zero */ + uint16_t xfrm_id; /* Transform Id */ /* Followed by variable-length transform attributes */ } __packed; @@ -252,8 +252,8 @@ extern struct iked_constmap ikev2_xformdh_map[]; extern struct iked_constmap ikev2_xformesn_map[]; struct ikev2_attribute { - u_int16_t attr_type; /* Attribute type */ - u_int16_t attr_length; /* Attribute length or value */ + uint16_t attr_type; /* Attribute type */ + uint16_t attr_length; /* Attribute length or value */ /* Followed by variable length (TLV) */ } __packed; @@ -269,8 +269,8 @@ extern struct iked_constmap ikev2_attrtype_map[]; */ struct ikev2_keyexchange { - u_int16_t kex_dhgroup; /* DH Group # */ - u_int16_t kex_reserved; /* Reserved */ + uint16_t kex_dhgroup; /* DH Group # */ + uint16_t kex_reserved; /* Reserved */ } __packed; /* @@ -278,9 +278,9 @@ struct ikev2_keyexchange { */ struct ikev2_notify { - u_int8_t n_protoid; /* Protocol Id */ - u_int8_t n_spisize; /* SPI size */ - u_int16_t n_type; /* Notify message type */ + uint8_t n_protoid; /* Protocol Id */ + uint8_t n_spisize; /* SPI size */ + uint16_t n_type; /* Notify message type */ /* Followed by variable length SPI */ /* Followed by variable length notification data */ } __packed; @@ -359,9 +359,9 @@ extern struct iked_constmap ikev2_n_map[]; */ struct ikev2_delete { - u_int8_t del_protoid; /* Protocol Id */ - u_int8_t del_spisize; /* SPI size */ - u_int16_t del_nspi; /* Number of SPIs */ + uint8_t del_protoid; /* Protocol Id */ + uint8_t del_spisize; /* SPI size */ + uint16_t del_nspi; /* Number of SPIs */ /* Followed by variable length SPIs */ } __packed; @@ -370,8 +370,8 @@ struct ikev2_delete { */ struct ikev2_id { - u_int8_t id_type; /* Id type */ - u_int8_t id_reserved[3]; /* Reserved */ + uint8_t id_type; /* Id type */ + uint8_t id_reserved[3]; /* Reserved */ /* Followed by the identification data */ } __packed; @@ -392,7 +392,7 @@ extern struct iked_constmap ikev2_id_map[]; */ struct ikev2_cert { - u_int8_t cert_type; /* Encoding */ + uint8_t cert_type; /* Encoding */ /* Followed by the certificate data */ } __packed; @@ -418,17 +418,17 @@ extern struct iked_constmap ikev2_cert_map[]; */ struct ikev2_tsp { - u_int8_t tsp_count; /* Number of TSs */ - u_int8_t tsp_reserved[3]; /* Reserved */ + uint8_t tsp_count; /* Number of TSs */ + uint8_t tsp_reserved[3]; /* Reserved */ /* Followed by the traffic selectors */ } __packed; struct ikev2_ts { - u_int8_t ts_type; /* TS type */ - u_int8_t ts_protoid; /* Protocol Id */ - u_int16_t ts_length; /* Length */ - u_int16_t ts_startport; /* Start port */ - u_int16_t ts_endport; /* End port */ + uint8_t ts_type; /* TS type */ + uint8_t ts_protoid; /* Protocol Id */ + uint16_t ts_length; /* Length */ + uint16_t ts_startport; /* Start port */ + uint16_t ts_endport; /* End port */ } __packed; #define IKEV2_TS_IPV4_ADDR_RANGE 7 /* RFC4306 */ @@ -442,8 +442,8 @@ extern struct iked_constmap ikev2_ts_map[]; */ struct ikev2_auth { - u_int8_t auth_method; /* Signature type */ - u_int8_t auth_reserved[3]; /* Reserved */ + uint8_t auth_method; /* Signature type */ + uint8_t auth_reserved[3]; /* Reserved */ /* Followed by the signature */ } __packed; @@ -474,8 +474,8 @@ extern struct iked_constmap ikev2_sighash_map[]; */ struct ikev2_cp { - u_int8_t cp_type; - u_int8_t cp_reserved[3]; + uint8_t cp_type; + uint8_t cp_reserved[3]; /* Followed by the attributes */ } __packed; @@ -487,8 +487,8 @@ struct ikev2_cp { extern struct iked_constmap ikev2_cp_map[]; struct ikev2_cfg { - u_int16_t cfg_type; /* first bit must be set to zero */ - u_int16_t cfg_length; + uint16_t cfg_type; /* first bit must be set to zero */ + uint16_t cfg_length; /* Followed by variable-length data */ } __packed; diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c index 88ffefc55c6..b03db56b022 100644 --- a/sbin/iked/ikev2_msg.c +++ b/sbin/iked/ikev2_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_msg.c,v 1.42 2015/03/26 19:52:35 markus Exp $ */ +/* $OpenBSD: ikev2_msg.c,v 1.43 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -53,8 +53,8 @@ ikev2_msg_cb(int fd, short event, void *arg) struct iked *env = sock->sock_env; struct iked_message msg; struct ike_header hdr; - u_int32_t natt = 0x00000000; - u_int8_t buf[IKED_MSGBUF_MAX]; + uint32_t natt = 0x00000000; + uint8_t buf[IKED_MSGBUF_MAX]; ssize_t len; off_t off; struct iovec iov[2]; @@ -270,9 +270,9 @@ ikev2_msg_send(struct iked *env, struct iked_message *msg) { struct iked_sa *sa = msg->msg_sa; struct ibuf *buf = msg->msg_data; - u_int32_t natt = 0x00000000; + uint32_t natt = 0x00000000; int isnatt = 0; - u_int8_t exchange, flags; + uint8_t exchange, flags; struct ike_header *hdr; struct iked_message *m; @@ -328,10 +328,10 @@ ikev2_msg_send(struct iked *env, struct iked_message *msg) return (0); } -u_int32_t +uint32_t ikev2_msg_id(struct iked *env, struct iked_sa *sa) { - u_int32_t id = sa->sa_reqid; + uint32_t id = sa->sa_reqid; if (++sa->sa_reqid == UINT32_MAX) { /* XXX we should close and renegotiate the connection now */ @@ -345,7 +345,7 @@ ikev2_msg_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf *src) { size_t len, ivlen, encrlen, integrlen, blocklen, outlen; - u_int8_t *buf, pad = 0, *ptr; + uint8_t *buf, pad = 0, *ptr; struct ibuf *encr, *dst = NULL, *out = NULL; buf = ibuf_data(src); @@ -428,7 +428,7 @@ ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src) int ret = -1; size_t integrlen, tmplen; struct ibuf *integr, *tmp = NULL; - u_int8_t *ptr; + uint8_t *ptr; log_debug("%s: message length %zu", __func__, ibuf_size(src)); print_hex(ibuf_data(src), 0, ibuf_size(src)); @@ -486,7 +486,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa, { ssize_t ivlen, encrlen, integrlen, blocklen, outlen, tmplen; - u_int8_t pad = 0, *ptr; + uint8_t pad = 0, *ptr; struct ibuf *integr, *encr, *tmp = NULL, *out = NULL; off_t ivoff, encroff, integroff; @@ -591,7 +591,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa, int ikev2_msg_send_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf **ep, - u_int8_t exchange, u_int8_t firstpayload, int response) + uint8_t exchange, uint8_t firstpayload, int response) { struct iked_message resp; struct ike_header *hdr; @@ -654,7 +654,7 @@ struct ibuf * ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response) { struct ibuf *authmsg = NULL, *nonce, *prfkey, *buf; - u_int8_t *ptr; + uint8_t *ptr; struct iked_id *id; size_t tmplen; @@ -712,14 +712,14 @@ ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response) int ikev2_msg_authverify(struct iked *env, struct iked_sa *sa, - struct iked_auth *auth, u_int8_t *buf, size_t len, struct ibuf *authmsg) + struct iked_auth *auth, uint8_t *buf, size_t len, struct ibuf *authmsg) { - u_int8_t *key, *psk = NULL; + uint8_t *key, *psk = NULL; ssize_t keylen; struct iked_id *id; struct iked_dsa *dsa = NULL; int ret = -1; - u_int8_t keytype; + uint8_t keytype; if (sa->sa_hdr.sh_initiator) id = &sa->sa_rcert; @@ -788,14 +788,14 @@ int ikev2_msg_authsign(struct iked *env, struct iked_sa *sa, struct iked_auth *auth, struct ibuf *authmsg) { - u_int8_t *key, *psk = NULL; + uint8_t *key, *psk = NULL; ssize_t keylen; struct iked_hash *prf = sa->sa_prf; struct iked_id *id; struct iked_dsa *dsa = NULL; struct ibuf *buf; int ret = -1; - u_int8_t keytype; + uint8_t keytype; if (sa->sa_hdr.sh_initiator) id = &sa->sa_icert; diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index c40305b26da..0b4c470c0e0 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.51 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.52 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -46,7 +46,7 @@ int ikev2_validate_pld(struct iked_message *, size_t, size_t, struct ikev2_payload *); int ikev2_pld_payloads(struct iked *, struct iked_message *, - size_t, size_t, u_int); + size_t, size_t, unsigned int); int ikev2_validate_sa(struct iked_message *, size_t, size_t, struct ikev2_payload *, struct ikev2_sa_proposal *); int ikev2_pld_sa(struct iked *, struct ikev2_payload *, @@ -66,7 +66,7 @@ int ikev2_pld_ke(struct iked *, struct ikev2_payload *, int ikev2_validate_id(struct iked_message *, size_t, size_t, struct ikev2_payload *, struct ikev2_id *); int ikev2_pld_id(struct iked *, struct ikev2_payload *, - struct iked_message *, size_t, size_t, u_int); + struct iked_message *, size_t, size_t, unsigned int); int ikev2_validate_cert(struct iked_message *, size_t, size_t, struct ikev2_payload *, struct ikev2_cert *); int ikev2_pld_cert(struct iked *, struct ikev2_payload *, @@ -90,7 +90,7 @@ int ikev2_pld_delete(struct iked *, struct ikev2_payload *, int ikev2_validate_ts(struct iked_message *, size_t, size_t, struct ikev2_payload *, struct ikev2_tsp *); int ikev2_pld_ts(struct iked *, struct ikev2_payload *, - struct iked_message *, size_t, size_t, u_int); + struct iked_message *, size_t, size_t, unsigned int); int ikev2_validate_auth(struct iked_message *, size_t, size_t, struct ikev2_payload *, struct ikev2_auth *); int ikev2_pld_auth(struct iked *, struct ikev2_payload *, @@ -138,7 +138,7 @@ int ikev2_validate_pld(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; /* We need at least the generic header. */ @@ -176,12 +176,12 @@ ikev2_validate_pld(struct iked_message *msg, size_t offset, size_t left, int ikev2_pld_payloads(struct iked *env, struct iked_message *msg, - size_t offset, size_t length, u_int payload) + size_t offset, size_t length, unsigned int payload) { struct ikev2_payload pld; - u_int e; + unsigned int e; int ret; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t left; /* Check if message was decrypted in an E payload */ @@ -282,7 +282,7 @@ int ikev2_validate_sa(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_sa_proposal *sap) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length, sap_length; pld_length = betoh16(pld->pld_length); @@ -355,9 +355,9 @@ ikev2_pld_sa(struct iked *env, struct ikev2_payload *pld, { struct ikev2_sa_proposal sap; struct iked_proposal *prop = NULL; - u_int32_t spi32; - u_int64_t spi = 0, spi64; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint32_t spi32; + uint64_t spi = 0, spi64; + uint8_t *msgbuf = ibuf_data(msg->msg_data); struct iked_proposals *props; size_t total; @@ -463,7 +463,7 @@ int ikev2_validate_xform(struct iked_message *msg, size_t offset, size_t total, struct ikev2_transform *xfrm) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t xfrm_length; if (total < sizeof(*xfrm)) { @@ -572,7 +572,7 @@ int ikev2_validate_attr(struct iked_message *msg, size_t offset, size_t total, struct ikev2_attribute *attr) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (total < sizeof(*attr)) { log_debug("%s: payload malformed: too short for header " @@ -589,8 +589,8 @@ ikev2_pld_attr(struct iked *env, struct ikev2_transform *xfrm, struct iked_message *msg, size_t offset, size_t total) { struct ikev2_attribute attr; - u_int type; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + unsigned int type; + uint8_t *msgbuf = ibuf_data(msg->msg_data); int ret = 0; size_t attr_length; @@ -643,7 +643,7 @@ int ikev2_validate_ke(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_keyexchange *kex) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -670,9 +670,9 @@ ikev2_pld_ke(struct iked *env, struct ikev2_payload *pld, struct iked_message *msg, size_t offset, size_t left) { struct ikev2_keyexchange kex; - u_int8_t *buf; + uint8_t *buf; size_t len; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (ikev2_validate_ke(msg, offset, left, pld, &kex)) return (-1); @@ -712,7 +712,7 @@ int ikev2_validate_id(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_id *id) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -736,14 +736,14 @@ ikev2_validate_id(struct iked_message *msg, size_t offset, size_t left, int ikev2_pld_id(struct iked *env, struct ikev2_payload *pld, - struct iked_message *msg, size_t offset, size_t left, u_int payload) + struct iked_message *msg, size_t offset, size_t left, unsigned int payload) { - u_int8_t *ptr; + uint8_t *ptr; struct ikev2_id id; size_t len; struct iked_id *idp, idb; struct iked_sa *sa = msg->msg_sa; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); char idstr[IKED_ID_SIZE]; if (ikev2_validate_id(msg, offset, left, pld, &id)) @@ -795,7 +795,7 @@ int ikev2_validate_cert(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_cert *cert) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -822,10 +822,10 @@ ikev2_pld_cert(struct iked *env, struct ikev2_payload *pld, struct iked_message *msg, size_t offset, size_t left) { struct ikev2_cert cert; - u_int8_t *buf; + uint8_t *buf; size_t len; struct iked_id *certid; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (ikev2_validate_cert(msg, offset, left, pld, &cert)) return (-1); @@ -862,7 +862,7 @@ int ikev2_validate_certreq(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_cert *cert) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -890,9 +890,9 @@ ikev2_pld_certreq(struct iked *env, struct ikev2_payload *pld, { struct iked_sa *sa = msg->msg_sa; struct ikev2_cert cert; - u_int8_t *buf; + uint8_t *buf; ssize_t len; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (ikev2_validate_certreq(msg, offset, left, pld, &cert)) return (-1); @@ -941,7 +941,7 @@ int ikev2_validate_auth(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_auth *auth) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -969,10 +969,10 @@ ikev2_pld_auth(struct iked *env, struct ikev2_payload *pld, { struct ikev2_auth auth; struct iked_id *idp; - u_int8_t *buf; + uint8_t *buf; size_t len; struct iked_sa *sa = msg->msg_sa; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (ikev2_validate_auth(msg, offset, left, pld, &auth)) return (-1); @@ -1031,8 +1031,8 @@ ikev2_pld_nonce(struct iked *env, struct ikev2_payload *pld, struct iked_message *msg, size_t offset, size_t left) { size_t len; - u_int8_t *buf; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *buf; + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (ikev2_validate_nonce(msg, offset, left, pld)) return (-1); @@ -1069,7 +1069,7 @@ int ikev2_validate_notify(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_notify *n) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -1096,16 +1096,16 @@ ikev2_pld_notify(struct iked *env, struct ikev2_payload *pld, struct iked_message *msg, size_t offset, size_t left) { struct ikev2_notify n; - u_int8_t *buf, md[SHA_DIGEST_LENGTH]; + uint8_t *buf, md[SHA_DIGEST_LENGTH]; size_t len; - u_int32_t spi32; - u_int64_t spi64; + uint32_t spi32; + uint64_t spi64; struct iked_spi *rekey; - u_int16_t type; - u_int16_t group; - u_int16_t cpi; - u_int16_t signature_hash; - u_int8_t transform; + uint16_t type; + uint16_t group; + uint16_t cpi; + uint16_t signature_hash; + uint8_t transform; if (ikev2_validate_notify(msg, offset, left, pld, &n)) return (-1); @@ -1296,7 +1296,7 @@ int ikev2_validate_delete(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_delete *del) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -1326,10 +1326,10 @@ ikev2_pld_delete(struct iked *env, struct ikev2_payload *pld, struct iked_sa *sa = msg->msg_sa; struct ikev2_delete del, *localdel; struct ibuf *resp = NULL; - u_int64_t *localspi = NULL; - u_int64_t spi64, spi = 0; - u_int32_t spi32; - u_int8_t *buf, *msgbuf = ibuf_data(msg->msg_data); + uint64_t *localspi = NULL; + uint64_t spi64, spi = 0; + uint32_t spi32; + uint8_t *buf, *msgbuf = ibuf_data(msg->msg_data); size_t found = 0, failed = 0; int cnt, i, len, sz, ret = -1; @@ -1389,7 +1389,7 @@ ikev2_pld_delete(struct iked *env, struct ikev2_payload *pld, if (ikev2_msg_frompeer(msg) && ((peersas = calloc(cnt, sizeof(struct iked_childsa *))) == NULL || - (localspi = calloc(cnt, sizeof(u_int64_t))) == NULL)) { + (localspi = calloc(cnt, sizeof(uint64_t))) == NULL)) { log_warn("%s", __func__); goto done; } @@ -1492,7 +1492,7 @@ int ikev2_validate_ts(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_tsp *tsp) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -1516,15 +1516,15 @@ ikev2_validate_ts(struct iked_message *msg, size_t offset, size_t left, int ikev2_pld_ts(struct iked *env, struct ikev2_payload *pld, - struct iked_message *msg, size_t offset, size_t left, u_int payload) + struct iked_message *msg, size_t offset, size_t left, unsigned int payload) { struct ikev2_tsp tsp; struct ikev2_ts ts; size_t len, i; struct sockaddr_in s4; struct sockaddr_in6 s6; - u_int8_t buf[2][128]; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t buf[2][128]; + uint8_t *msgbuf = ibuf_data(msg->msg_data); if (ikev2_validate_ts(msg, offset, left, pld, &tsp)) return (-1); @@ -1592,9 +1592,9 @@ ikev2_pld_e(struct iked *env, struct ikev2_payload *pld, { struct iked_sa *sa = msg->msg_sa; struct ibuf *e = NULL; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); struct iked_message emsg; - u_int8_t *buf; + uint8_t *buf; size_t len; int ret = -1; @@ -1638,7 +1638,7 @@ int ikev2_validate_cp(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct ikev2_cp *cp) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); @@ -1666,9 +1666,9 @@ ikev2_pld_cp(struct iked *env, struct ikev2_payload *pld, { struct ikev2_cp cp; struct ikev2_cfg *cfg; - u_int8_t *buf; + uint8_t *buf; size_t len, i; - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); struct iked_sa *sa = msg->msg_sa; if (ikev2_validate_cp(msg, offset, left, pld, &cp)) @@ -1706,7 +1706,7 @@ int ikev2_validate_eap(struct iked_message *msg, size_t offset, size_t left, struct ikev2_payload *pld, struct eap_header *hdr) { - u_int8_t *msgbuf = ibuf_data(msg->msg_data); + uint8_t *msgbuf = ibuf_data(msg->msg_data); size_t pld_length; pld_length = betoh16(pld->pld_length); diff --git a/sbin/iked/imsg_util.c b/sbin/iked/imsg_util.c index f88321757b2..9bd20038089 100644 --- a/sbin/iked/imsg_util.c +++ b/sbin/iked/imsg_util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: imsg_util.c,v 1.9 2014/05/06 11:11:14 reyk Exp $ */ +/* $OpenBSD: imsg_util.c,v 1.10 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -118,7 +118,7 @@ ibuf_length(struct ibuf *buf) return (ibuf_size(buf)); } -u_int8_t * +uint8_t * ibuf_data(struct ibuf *buf) { return (ibuf_seek(buf, 0, 0)); diff --git a/sbin/iked/ocsp.c b/sbin/iked/ocsp.c index f0337931102..37356d8049d 100644 --- a/sbin/iked/ocsp.c +++ b/sbin/iked/ocsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp.c,v 1.5 2015/08/19 19:31:59 reyk Exp $ */ +/* $OpenBSD: ocsp.c,v 1.6 2015/08/21 11:59:27 reyk Exp $ */ /* * Copyright (c) 2014 Markus Friedl @@ -42,7 +42,7 @@ struct iked_ocsp { struct iked *ocsp_env; /* back pointer to env */ struct iked_sahdr ocsp_sh; /* ike sa */ - u_int8_t ocsp_type; /* auth type */ + uint8_t ocsp_type; /* auth type */ struct iked_socket *ocsp_sock; /* socket to ocsp responder */ BIO *ocsp_cbio; /* matching OpenSSL obj */ OCSP_CERTID *ocsp_id; /* ocsp-id for cert */ @@ -207,7 +207,7 @@ ocsp_connect_finish(struct iked *env, int fd, struct ocsp_connect *oc) /* validate the certifcate stored in 'data' by querying the ocsp-responder */ int ocsp_validate_cert(struct iked *env, struct iked_static_id *id, - void *data, size_t len, struct iked_sahdr sh, u_int8_t type) + void *data, size_t len, struct iked_sahdr sh, uint8_t type) { struct iked_ocsp_entry *ioe; struct iked_ocsp *ocsp; diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y index 0c4e3a39cc6..9cf33a21266 100644 --- a/sbin/iked/parse.y +++ b/sbin/iked/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.49 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.50 2015/08/21 11:59:28 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -96,11 +96,11 @@ static char *ocsp_url = NULL; struct ipsec_xf { const char *name; - u_int id; - u_int length; - u_int keylength; - u_int nonce; - u_int noauth; + unsigned int id; + unsigned int length; + unsigned int keylength; + unsigned int nonce; + unsigned int noauth; }; struct ipsec_transforms { @@ -113,7 +113,7 @@ struct ipsec_transforms { struct ipsec_mode { struct ipsec_transforms *xfs; - u_int8_t ike_exch; + uint8_t ike_exch; }; struct iked_transform ikev2_default_ike_transforms[] = { @@ -288,11 +288,11 @@ const struct iked_lifetime deflifetime = { struct ipsec_addr_wrap { struct sockaddr_storage address; - u_int8_t mask; + uint8_t mask; int netaddress; sa_family_t af; - u_int type; - u_int action; + unsigned int type; + unsigned int action; char *name; struct ipsec_addr_wrap *next; struct ipsec_addr_wrap *tail; @@ -302,13 +302,13 @@ struct ipsec_addr_wrap { struct ipsec_hosts { struct ipsec_addr_wrap *src; struct ipsec_addr_wrap *dst; - u_int16_t sport; - u_int16_t dport; + uint16_t sport; + uint16_t dport; }; struct ipsec_filters { - char *tag; - u_int tap; + char *tag; + unsigned int tap; }; struct ipsec_addr_wrap *host(const char *); @@ -321,23 +321,25 @@ void ifa_load(void); int ifa_exists(const char *); struct ipsec_addr_wrap *ifa_lookup(const char *ifa_name); struct ipsec_addr_wrap *ifa_grouplookup(const char *); -void set_ipmask(struct ipsec_addr_wrap *, u_int8_t); -const struct ipsec_xf *parse_xf(const char *, u_int, const struct ipsec_xf *); -const char *print_xf(u_int, u_int, const struct ipsec_xf *); -void copy_transforms(u_int, const struct ipsec_xf *, +void set_ipmask(struct ipsec_addr_wrap *, uint8_t); +const struct ipsec_xf *parse_xf(const char *, unsigned int, + const struct ipsec_xf *); +const char *print_xf(unsigned int, unsigned int, + const struct ipsec_xf *); +void copy_transforms(unsigned int, const struct ipsec_xf *, const struct ipsec_xf *, struct iked_transform *, size_t, - u_int *, struct iked_transform *, size_t); -int create_ike(char *, int, u_int8_t, struct ipsec_hosts *, - struct ipsec_hosts *, struct ipsec_mode *, - struct ipsec_mode *, u_int8_t, - u_int8_t, char *, char *, - u_int32_t, struct iked_lifetime *, - struct iked_auth *, struct ipsec_filters *, - struct ipsec_addr_wrap *); + unsigned int *, struct iked_transform *, size_t); +int create_ike(char *, int, uint8_t, struct ipsec_hosts *, + struct ipsec_hosts *, struct ipsec_mode *, + struct ipsec_mode *, uint8_t, + uint8_t, char *, char *, + uint32_t, struct iked_lifetime *, + struct iked_auth *, struct ipsec_filters *, + struct ipsec_addr_wrap *); int create_user(const char *, const char *); int get_id_type(char *); -u_int8_t x2i(unsigned char *); +uint8_t x2i(unsigned char *); int parsekey(unsigned char *, size_t, struct iked_auth *); int parsekeyfile(char *, struct iked_auth *); @@ -347,12 +349,12 @@ struct ipsec_filters *ipsec_filters; typedef struct { union { int64_t number; - u_int8_t ikemode; - u_int8_t dir; - u_int8_t satype; - u_int8_t proto; + uint8_t ikemode; + uint8_t dir; + uint8_t satype; + uint8_t proto; char *string; - u_int16_t port; + uint16_t port; struct ipsec_hosts *hosts; struct ipsec_hosts peers; struct ipsec_addr_wrap *anyhost; @@ -363,7 +365,7 @@ typedef struct { char *dstid; } ids; char *id; - u_int8_t type; + uint8_t type; struct iked_lifetime lifetime; struct iked_auth ikeauth; struct iked_auth ikekey; @@ -821,7 +823,7 @@ ikeauth : /* empty */ { $$.auth_method = IKEV2_AUTH_SHARED_KEY_MIC; } | EAP STRING { - u_int i; + unsigned int i; for (i = 0; i < strlen($2); i++) if ($2[i] == '-') @@ -844,7 +846,7 @@ byte_spec : NUMBER { $$ = $1; } | STRING { - u_int64_t bytes = 0; + uint64_t bytes = 0; char unit = 0; if (sscanf($1, "%llu%c", &bytes, &unit) != 2) { @@ -873,7 +875,7 @@ time_spec : NUMBER { $$ = $1; } | STRING { - u_int64_t seconds = 0; + uint64_t seconds = 0; char unit = 0; if (sscanf($1, "%llu%c", &seconds, &unit) != 2) { @@ -916,7 +918,7 @@ ikelifetime : /* empty */ { } keyspec : STRING { - u_int8_t *hex; + uint8_t *hex; bzero(&$$, sizeof($$)); @@ -1140,10 +1142,10 @@ lookup(char *s) #define MAXPUSHBACK 128 -u_char *parsebuf; -int parseindex; -u_char pushback_buffer[MAXPUSHBACK]; -int pushback_index = 0; +unsigned char *parsebuf; +int parseindex; +unsigned char pushback_buffer[MAXPUSHBACK]; +int pushback_index = 0; int lgetc(int quotec) @@ -1235,10 +1237,10 @@ findeol(void) int yylex(void) { - u_char buf[8096]; - u_char *p, *val; - int quotec, next, c; - int token; + unsigned char buf[8096]; + unsigned char *p, *val; + int quotec, next, c; + int token; top: p = buf; @@ -1577,7 +1579,7 @@ symget(const char *nam) return (NULL); } -u_int8_t +uint8_t x2i(unsigned char *s) { char ss[3]; @@ -1590,13 +1592,13 @@ x2i(unsigned char *s) yyerror("keys need to be specified in hex digits"); return (-1); } - return ((u_int8_t)strtoul(ss, NULL, 16)); + return ((uint8_t)strtoul(ss, NULL, 16)); } int parsekey(unsigned char *hexkey, size_t len, struct iked_auth *auth) { - u_int i; + unsigned int i; bzero(auth, sizeof(*auth)); if ((len / 2) > sizeof(auth->auth_data)) @@ -2048,7 +2050,7 @@ ifa_lookup(const char *ifa_name) { struct ipsec_addr_wrap *p = NULL, *h = NULL, *n = NULL; struct sockaddr_in6 *in6; - u_int8_t *s6; + uint8_t *s6; if (iftab == NULL) ifa_load(); @@ -2073,11 +2075,11 @@ ifa_lookup(const char *ifa_name) break; case AF_INET6: in6 = (struct sockaddr_in6 *)&n->address; - s6 = (u_int8_t *)&in6->sin6_addr.s6_addr; + s6 = (uint8_t *)&in6->sin6_addr.s6_addr; /* route/show.c and bgpd/util.c give KAME credit */ if (IN6_IS_ADDR_LINKLOCAL(&in6->sin6_addr)) { - u_int16_t tmp16; + uint16_t tmp16; /* for now we can not handle link local, * therefore bail for now @@ -2110,13 +2112,13 @@ ifa_lookup(const char *ifa_name) } void -set_ipmask(struct ipsec_addr_wrap *address, u_int8_t b) +set_ipmask(struct ipsec_addr_wrap *address, uint8_t b) { address->mask = b; } const struct ipsec_xf * -parse_xf(const char *name, u_int length, const struct ipsec_xf xfs[]) +parse_xf(const char *name, unsigned int length, const struct ipsec_xf xfs[]) { int i; @@ -2130,7 +2132,7 @@ parse_xf(const char *name, u_int length, const struct ipsec_xf xfs[]) } const char * -print_xf(u_int id, u_int length, const struct ipsec_xf xfs[]) +print_xf(unsigned int id, unsigned int length, const struct ipsec_xf xfs[]) { int i; @@ -2144,7 +2146,7 @@ print_xf(u_int id, u_int length, const struct ipsec_xf xfs[]) } size_t -keylength_xf(u_int saproto, u_int type, u_int id) +keylength_xf(unsigned int saproto, unsigned int type, unsigned int id) { int i; const struct ipsec_xf *xfs; @@ -2171,7 +2173,7 @@ keylength_xf(u_int saproto, u_int type, u_int id) } size_t -noncelength_xf(u_int type, u_int id) +noncelength_xf(unsigned int type, unsigned int id) { const struct ipsec_xf *xfs = ipsecencxfs; int i; @@ -2198,7 +2200,7 @@ print_policy(struct iked_policy *pol) struct iked_transform *xform; struct iked_flow *flow; struct iked_cfg *cfg; - u_int i, j; + unsigned int i, j; const struct ipsec_xf *xfs = NULL; print_verbose("ikev2"); @@ -2364,12 +2366,12 @@ print_policy(struct iked_policy *pol) } void -copy_transforms(u_int type, const struct ipsec_xf *xf, +copy_transforms(unsigned int type, const struct ipsec_xf *xf, const struct ipsec_xf *xfs, struct iked_transform *dst, size_t ndst, - u_int *n, struct iked_transform *src, size_t nsrc) + unsigned int *n, struct iked_transform *src, size_t nsrc) { - u_int i; + unsigned int i; struct iked_transform *a, *b; if (xf != NULL) { @@ -2396,23 +2398,23 @@ copy_transforms(u_int type, const struct ipsec_xf *xf, } int -create_ike(char *name, int af, u_int8_t ipproto, struct ipsec_hosts *hosts, +create_ike(char *name, int af, uint8_t ipproto, struct ipsec_hosts *hosts, struct ipsec_hosts *peers, struct ipsec_mode *ike_sa, - struct ipsec_mode *ipsec_sa, u_int8_t saproto, - u_int8_t flags, char *srcid, char *dstid, - u_int32_t ikelifetime, struct iked_lifetime *lt, + struct ipsec_mode *ipsec_sa, uint8_t saproto, + uint8_t flags, char *srcid, char *dstid, + uint32_t ikelifetime, struct iked_lifetime *lt, struct iked_auth *authtype, struct ipsec_filters *filter, struct ipsec_addr_wrap *ikecfg) { char idstr[IKED_ID_SIZE]; - u_int idtype = IKEV2_ID_NONE; + unsigned int idtype = IKEV2_ID_NONE; struct ipsec_addr_wrap *ipa, *ipb; struct iked_policy pol; struct iked_proposal prop[2]; - u_int j; + unsigned int j; struct iked_transform ikexforms[64], ipsecxforms[64]; struct iked_flow flows[64]; - static u_int policy_id = 0; + static unsigned int policy_id = 0; struct iked_cfg *cfg; bzero(&pol, sizeof(pol)); diff --git a/sbin/iked/pfkey.c b/sbin/iked/pfkey.c index ce9865bccff..4566acd2733 100644 --- a/sbin/iked/pfkey.c +++ b/sbin/iked/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.43 2015/07/17 14:48:17 mikeb Exp $ */ +/* $OpenBSD: pfkey.c,v 1.44 2015/08/21 11:59:28 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -42,12 +42,12 @@ #define ROUNDUP(x) (((x) + (PFKEYV2_CHUNK - 1)) & ~(PFKEYV2_CHUNK - 1)) #define IOV_CNT 20 -#define PFKEYV2_CHUNK sizeof(u_int64_t) +#define PFKEYV2_CHUNK sizeof(uint64_t) #define PFKEY_REPLY_TIMEOUT 1000 -static u_int32_t sadb_msg_seq = 0; -static u_int sadb_decoupled = 0; -static u_int sadb_ipv6refcnt = 0; +static uint32_t sadb_msg_seq = 0; +static unsigned int sadb_decoupled = 0; +static unsigned int sadb_ipv6refcnt = 0; static int pfkey_blockipv6 = 0; static struct event pfkey_timer_ev; @@ -56,16 +56,16 @@ static struct timeval pfkey_timer_tv; struct pfkey_message { SIMPLEQ_ENTRY(pfkey_message) pm_entry; - u_int8_t *pm_data; + uint8_t *pm_data; ssize_t pm_length; }; SIMPLEQ_HEAD(, pfkey_message) pfkey_retry, pfkey_postponed = SIMPLEQ_HEAD_INITIALIZER(pfkey_postponed); struct pfkey_constmap { - u_int8_t pfkey_id; - u_int pfkey_ikeid; - u_int pfkey_fixedkey; + uint8_t pfkey_id; + unsigned int pfkey_ikeid; + unsigned int pfkey_fixedkey; }; static const struct pfkey_constmap pfkey_encr[] = { @@ -104,20 +104,20 @@ static const struct pfkey_constmap pfkey_satype[] = { { 0 } }; -int pfkey_map(const struct pfkey_constmap *, u_int16_t, u_int8_t *); -int pfkey_flow(int, u_int8_t, u_int8_t, struct iked_flow *); -int pfkey_sa(int, u_int8_t, u_int8_t, struct iked_childsa *); -int pfkey_sa_getspi(int, u_int8_t, struct iked_childsa *, u_int32_t *); -int pfkey_sagroup(int, u_int8_t, u_int8_t, +int pfkey_map(const struct pfkey_constmap *, uint16_t, uint8_t *); +int pfkey_flow(int, uint8_t, uint8_t, struct iked_flow *); +int pfkey_sa(int, uint8_t, uint8_t, struct iked_childsa *); +int pfkey_sa_getspi(int, uint8_t, struct iked_childsa *, uint32_t *); +int pfkey_sagroup(int, uint8_t, uint8_t, struct iked_childsa *, struct iked_childsa *); int pfkey_write(int, struct sadb_msg *, struct iovec *, int, - u_int8_t **, ssize_t *); -int pfkey_reply(int, u_int8_t **, ssize_t *); + uint8_t **, ssize_t *); +int pfkey_reply(int, uint8_t **, ssize_t *); void pfkey_dispatch(int, short, void *); struct sadb_ident * - pfkey_id2ident(struct iked_id *, u_int); -void *pfkey_find_ext(u_int8_t *, ssize_t, int); + pfkey_id2ident(struct iked_id *, unsigned int); +void *pfkey_find_ext(uint8_t *, ssize_t, int); void pfkey_timer_cb(int, short, void *); int pfkey_process(struct iked *, struct pfkey_message *); @@ -164,7 +164,7 @@ pfkey_couple(int sd, struct iked_sas *sas, int couple) } int -pfkey_map(const struct pfkey_constmap *map, u_int16_t alg, u_int8_t *pfkalg) +pfkey_map(const struct pfkey_constmap *map, uint16_t alg, uint8_t *pfkalg) { int i; @@ -177,7 +177,7 @@ pfkey_map(const struct pfkey_constmap *map, u_int16_t alg, u_int8_t *pfkalg) } int -pfkey_flow(int sd, u_int8_t satype, u_int8_t action, struct iked_flow *flow) +pfkey_flow(int sd, uint8_t satype, uint8_t action, struct iked_flow *flow) { struct sadb_msg smsg; struct sadb_address sa_src, sa_dst, sa_local, sa_peer, sa_smask, @@ -207,7 +207,7 @@ pfkey_flow(int sd, u_int8_t satype, u_int8_t action, struct iked_flow *flow) case AF_INET6: prefixlen2mask6(flow->flow_src.addr_net ? flow->flow_src.addr_mask : 128, - (u_int32_t *)((struct sockaddr_in6 *) + (uint32_t *)((struct sockaddr_in6 *) &smask)->sin6_addr.s6_addr); break; default: @@ -234,7 +234,7 @@ pfkey_flow(int sd, u_int8_t satype, u_int8_t action, struct iked_flow *flow) case AF_INET6: prefixlen2mask6(flow->flow_dst.addr_net ? flow->flow_dst.addr_mask : 128, - (u_int32_t *)((struct sockaddr_in6 *) + (uint32_t *)((struct sockaddr_in6 *) &dmask)->sin6_addr.s6_addr); break; default: @@ -420,7 +420,7 @@ pfkey_flow(int sd, u_int8_t satype, u_int8_t action, struct iked_flow *flow) } int -pfkey_sa(int sd, u_int8_t satype, u_int8_t action, struct iked_childsa *sa) +pfkey_sa(int sd, uint8_t satype, uint8_t action, struct iked_childsa *sa) { struct sadb_msg smsg; struct sadb_sa sadb; @@ -436,7 +436,7 @@ pfkey_sa(int sd, u_int8_t satype, u_int8_t action, struct iked_childsa *sa) struct iked_lifetime *lt; struct iked_policy *pol; struct iovec iov[IOV_CNT]; - u_int32_t jitter; + uint32_t jitter; int iov_cnt; sa_srcid = sa_dstid = NULL; @@ -725,7 +725,7 @@ pfkey_sa(int sd, u_int8_t satype, u_int8_t action, struct iked_childsa *sa) } int -pfkey_sa_last_used(int sd, struct iked_childsa *sa, u_int64_t *last_used) +pfkey_sa_last_used(int sd, struct iked_childsa *sa, uint64_t *last_used) { struct sadb_msg *msg, smsg; struct sadb_address sa_src, sa_dst; @@ -733,10 +733,10 @@ pfkey_sa_last_used(int sd, struct iked_childsa *sa, u_int64_t *last_used) struct sadb_lifetime *sa_life; struct sockaddr_storage ssrc, sdst; struct iovec iov[IOV_CNT]; - u_int8_t *data; + uint8_t *data; ssize_t n; int iov_cnt, ret = -1; - u_int8_t satype; + uint8_t satype; *last_used = 0; @@ -837,8 +837,8 @@ done: } int -pfkey_sa_getspi(int sd, u_int8_t satype, struct iked_childsa *sa, - u_int32_t *spip) +pfkey_sa_getspi(int sd, uint8_t satype, struct iked_childsa *sa, + uint32_t *spip) { struct sadb_msg *msg, smsg; struct sadb_address sa_src, sa_dst; @@ -846,7 +846,7 @@ pfkey_sa_getspi(int sd, u_int8_t satype, struct iked_childsa *sa, struct sadb_spirange sa_spirange; struct sockaddr_storage ssrc, sdst; struct iovec iov[IOV_CNT]; - u_int8_t *data; + uint8_t *data; ssize_t n; int iov_cnt, ret = -1; @@ -945,7 +945,7 @@ done: } int -pfkey_sagroup(int sd, u_int8_t satype1, u_int8_t action, +pfkey_sagroup(int sd, uint8_t satype1, uint8_t action, struct iked_childsa *sa1, struct iked_childsa *sa2) { struct sadb_msg smsg; @@ -955,7 +955,7 @@ pfkey_sagroup(int sd, u_int8_t satype1, u_int8_t action, struct sadb_protocol sa_proto; struct iovec iov[IOV_CNT]; int iov_cnt; - u_int8_t satype2; + uint8_t satype2; if (pfkey_map(pfkey_satype, sa2->csa_saproto, &satype2) == -1) return (-1); @@ -1059,7 +1059,7 @@ pfkey_sagroup(int sd, u_int8_t satype1, u_int8_t action, int pfkey_write(int sd, struct sadb_msg *smsg, struct iovec *iov, int iov_cnt, - u_int8_t **datap, ssize_t *lenp) + uint8_t **datap, ssize_t *lenp) { ssize_t n, len = smsg->sadb_msg_len * 8; @@ -1090,12 +1090,12 @@ pfkey_write(int sd, struct sadb_msg *smsg, struct iovec *iov, int iov_cnt, } int -pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp) +pfkey_reply(int sd, uint8_t **datap, ssize_t *lenp) { struct pfkey_message *pm; struct sadb_msg hdr; ssize_t len; - u_int8_t *data; + uint8_t *data; struct pollfd pfd[1]; int n; @@ -1145,12 +1145,12 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp) /* XXX: Only one message can be outstanding. */ if (hdr.sadb_msg_seq == sadb_msg_seq && - hdr.sadb_msg_pid == (u_int32_t)getpid()) + hdr.sadb_msg_pid == (uint32_t)getpid()) break; /* ignore messages for other processes */ if (hdr.sadb_msg_pid != 0 && - hdr.sadb_msg_pid != (u_int32_t)getpid()) { + hdr.sadb_msg_pid != (uint32_t)getpid()) { free(data); continue; } @@ -1187,7 +1187,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp) int pfkey_flow_add(int fd, struct iked_flow *flow) { - u_int8_t satype; + uint8_t satype; if (flow->flow_loaded) return (0); @@ -1212,7 +1212,7 @@ pfkey_flow_add(int fd, struct iked_flow *flow) int pfkey_flow_delete(int fd, struct iked_flow *flow) { - u_int8_t satype; + uint8_t satype; if (!flow->flow_loaded) return (0); @@ -1235,7 +1235,7 @@ pfkey_flow_delete(int fd, struct iked_flow *flow) } int -pfkey_block(int fd, int af, u_int action) +pfkey_block(int fd, int af, unsigned int action) { struct iked_flow flow; @@ -1265,9 +1265,9 @@ pfkey_block(int fd, int af, u_int action) } int -pfkey_sa_init(int fd, struct iked_childsa *sa, u_int32_t *spi) +pfkey_sa_init(int fd, struct iked_childsa *sa, uint32_t *spi) { - u_int8_t satype; + uint8_t satype; if (pfkey_map(pfkey_satype, sa->csa_saproto, &satype) == -1) return (-1); @@ -1283,8 +1283,8 @@ pfkey_sa_init(int fd, struct iked_childsa *sa, u_int32_t *spi) int pfkey_sa_add(int fd, struct iked_childsa *sa, struct iked_childsa *last) { - u_int8_t satype; - u_int cmd; + uint8_t satype; + unsigned int cmd; if (pfkey_map(pfkey_satype, sa->csa_saproto, &satype) == -1) return (-1); @@ -1328,7 +1328,7 @@ pfkey_sa_add(int fd, struct iked_childsa *sa, struct iked_childsa *last) int pfkey_sa_delete(int fd, struct iked_childsa *sa) { - u_int8_t satype; + uint8_t satype; if (!sa->csa_loaded || sa->csa_spi.spi == 0) return (0); @@ -1368,10 +1368,10 @@ pfkey_flush(int sd) } struct sadb_ident * -pfkey_id2ident(struct iked_id *id, u_int exttype) +pfkey_id2ident(struct iked_id *id, unsigned int exttype) { char idstr[IKED_ID_SIZE]; - u_int type; + unsigned int type; size_t len; struct sadb_ident *sa_id; @@ -1484,15 +1484,15 @@ pfkey_init(struct iked *env, int fd) } void * -pfkey_find_ext(u_int8_t *data, ssize_t len, int type) +pfkey_find_ext(uint8_t *data, ssize_t len, int type) { struct sadb_ext *ext = (struct sadb_ext *)(data + sizeof(struct sadb_msg)); - while (ext && ((u_int8_t *)ext - data < len)) { + while (ext && ((uint8_t *)ext - data < len)) { if (ext->sadb_ext_type == type) return (ext); - ext = (struct sadb_ext *)((u_int8_t *)ext + + ext = (struct sadb_ext *)((uint8_t *)ext + ext->sadb_ext_len * PFKEYV2_CHUNK); } @@ -1506,7 +1506,7 @@ pfkey_dispatch(int sd, short event, void *arg) struct pfkey_message pm, *pmp; struct sadb_msg hdr; ssize_t len; - u_int8_t *data; + uint8_t *data; if (recv(sd, &hdr, sizeof(hdr), MSG_PEEK) != sizeof(hdr)) { log_warn("%s: short recv", __func__); @@ -1598,10 +1598,10 @@ pfkey_process(struct iked *env, struct pfkey_message *pm) struct sockaddr *ssrc, *sdst, *smask, *dmask, *speer; struct iovec iov[IOV_CNT]; int ret = 0, iov_cnt, sd; - u_int8_t *reply; + uint8_t *reply; ssize_t rlen; const char *errmsg = NULL; - u_int8_t *data = pm->pm_data; + uint8_t *data = pm->pm_data; ssize_t len = pm->pm_length; size_t slen; diff --git a/sbin/iked/policy.c b/sbin/iked/policy.c index 38c3a875f79..de6b491cdda 100644 --- a/sbin/iked/policy.c +++ b/sbin/iked/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.38 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: policy.c,v 1.39 2015/08/21 11:59:28 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -100,7 +100,7 @@ policy_test(struct iked *env, struct iked_policy *key) { struct iked_policy *p = NULL, *pol = NULL; struct iked_flow *flow = NULL, *flowkey; - u_int cnt = 0; + unsigned int cnt = 0; p = TAILQ_FIRST(&env->sc_policies); while (p != NULL) { @@ -263,9 +263,9 @@ sa_state(struct iked *env, struct iked_sa *sa, int state) } void -sa_stateflags(struct iked_sa *sa, u_int flags) +sa_stateflags(struct iked_sa *sa, unsigned int flags) { - u_int require; + unsigned int require; if (sa->sa_state > IKEV2_STATE_SA_INIT) require = sa->sa_statevalid; @@ -283,7 +283,7 @@ sa_stateflags(struct iked_sa *sa, u_int flags) int sa_stateok(struct iked_sa *sa, int state) { - u_int require; + unsigned int require; if (sa->sa_state < state) return (0); @@ -308,13 +308,13 @@ sa_stateok(struct iked_sa *sa, int state) } struct iked_sa * -sa_new(struct iked *env, u_int64_t ispi, u_int64_t rspi, - u_int initiator, struct iked_policy *pol) +sa_new(struct iked *env, uint64_t ispi, uint64_t rspi, + unsigned int initiator, struct iked_policy *pol) { struct iked_sa *sa; struct iked_sa *old; struct iked_id *localid; - u_int diff; + unsigned int diff; if ((ispi == 0 && rspi == 0) || (sa = sa_lookup(env, ispi, rspi, initiator)) == NULL) { @@ -442,7 +442,7 @@ childsa_free(struct iked_childsa *csa) } struct iked_childsa * -childsa_lookup(struct iked_sa *sa, u_int64_t spi, u_int8_t protoid) +childsa_lookup(struct iked_sa *sa, uint64_t spi, uint8_t protoid) { struct iked_childsa *csa; @@ -464,8 +464,8 @@ flow_free(struct iked_flow *flow) } struct iked_sa * -sa_lookup(struct iked *env, u_int64_t ispi, u_int64_t rspi, - u_int initiator) +sa_lookup(struct iked *env, uint64_t ispi, uint64_t rspi, + unsigned int initiator) { struct iked_sa *sa, key; diff --git a/sbin/iked/proc.c b/sbin/iked/proc.c index 2e1fdf61249..18b219b5e12 100644 --- a/sbin/iked/proc.c +++ b/sbin/iked/proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.c,v 1.22 2015/01/16 06:39:58 deraadt Exp $ */ +/* $OpenBSD: proc.c,v 1.23 2015/08/21 11:59:28 reyk Exp $ */ /* * Copyright (c) 2010 - 2014 Reyk Floeter <reyk@openbsd.org> @@ -41,15 +41,16 @@ void proc_open(struct privsep *, struct privsep_proc *, struct privsep_proc *, size_t); void proc_close(struct privsep *); -int proc_ispeer(struct privsep_proc *, u_int, enum privsep_procid); +int proc_ispeer(struct privsep_proc *, unsigned int, enum privsep_procid); void proc_shutdown(struct privsep_proc *); void proc_sig_handler(int, short, void *); void proc_range(struct privsep *, enum privsep_procid, int *, int *); int -proc_ispeer(struct privsep_proc *procs, u_int nproc, enum privsep_procid type) +proc_ispeer(struct privsep_proc *procs, unsigned int nproc, + enum privsep_procid type) { - u_int i; + unsigned int i; for (i = 0; i < nproc; i++) if (procs[i].p_id == type) @@ -58,9 +59,9 @@ proc_ispeer(struct privsep_proc *procs, u_int nproc, enum privsep_procid type) } void -proc_init(struct privsep *ps, struct privsep_proc *procs, u_int nproc) +proc_init(struct privsep *ps, struct privsep_proc *procs, unsigned int nproc) { - u_int i, j, src, dst; + unsigned int i, j, src, dst; struct privsep_pipes *pp; /* @@ -126,7 +127,7 @@ void proc_kill(struct privsep *ps) { pid_t pid; - u_int i; + unsigned int i; if (privsep_process != PROC_PARENT) return; @@ -150,7 +151,7 @@ proc_open(struct privsep *ps, struct privsep_proc *p, { struct privsep_pipes *pa, *pb; int fds[2]; - u_int i, j, src, proc; + unsigned int i, j, src, proc; if (p == NULL) src = privsep_process; /* parent */ @@ -191,7 +192,7 @@ proc_open(struct privsep *ps, struct privsep_proc *p, void proc_listen(struct privsep *ps, struct privsep_proc *procs, size_t nproc) { - u_int i, dst, src, n, m; + unsigned int i, dst, src, n, m; struct privsep_pipes *pp; /* @@ -200,7 +201,7 @@ proc_listen(struct privsep *ps, struct privsep_proc *procs, size_t nproc) for (src = 0; src < PROC_MAX; src++) { for (n = 0; n < ps->ps_instances[src]; n++) { /* Ingore current process */ - if (src == (u_int)privsep_process && + if (src == (unsigned int)privsep_process && n == ps->ps_instance) continue; @@ -262,7 +263,7 @@ proc_listen(struct privsep *ps, struct privsep_proc *procs, size_t nproc) void proc_close(struct privsep *ps) { - u_int dst, n; + unsigned int dst, n; struct privsep_pipes *pp; if (ps == NULL) @@ -330,14 +331,14 @@ proc_sig_handler(int sig, short event, void *arg) pid_t proc_run(struct privsep *ps, struct privsep_proc *p, - struct privsep_proc *procs, u_int nproc, + struct privsep_proc *procs, unsigned int nproc, void (*init)(struct privsep *, struct privsep_proc *, void *), void *arg) { pid_t pid; struct passwd *pw; const char *root; struct control_sock *rcs; - u_int n; + unsigned int n; if (ps->ps_noaction) return (0); @@ -530,8 +531,8 @@ imsg_event_add(struct imsgev *iev) } int -imsg_compose_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid, - pid_t pid, int fd, void *data, u_int16_t datalen) +imsg_compose_event(struct imsgev *iev, uint16_t type, uint32_t peerid, + pid_t pid, int fd, void *data, uint16_t datalen) { int ret; @@ -543,7 +544,7 @@ imsg_compose_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid, } int -imsg_composev_event(struct imsgev *iev, u_int16_t type, u_int32_t peerid, +imsg_composev_event(struct imsgev *iev, uint16_t type, uint32_t peerid, pid_t pid, int fd, const struct iovec *iov, int iovcnt) { int ret; @@ -570,7 +571,7 @@ proc_range(struct privsep *ps, enum privsep_procid id, int *n, int *m) int proc_compose_imsg(struct privsep *ps, enum privsep_procid id, int n, - u_int16_t type, int fd, void *data, u_int16_t datalen) + uint16_t type, int fd, void *data, uint16_t datalen) { int m; @@ -586,7 +587,7 @@ proc_compose_imsg(struct privsep *ps, enum privsep_procid id, int n, int proc_composev_imsg(struct privsep *ps, enum privsep_procid id, int n, - u_int16_t type, int fd, const struct iovec *iov, int iovcnt) + uint16_t type, int fd, const struct iovec *iov, int iovcnt) { int m; diff --git a/sbin/iked/types.h b/sbin/iked/types.h index 3d6f6e38a52..476e8454380 100644 --- a/sbin/iked/types.h +++ b/sbin/iked/types.h @@ -1,4 +1,4 @@ -/* $OpenBSD: types.h,v 1.20 2015/08/19 14:12:43 reyk Exp $ */ +/* $OpenBSD: types.h,v 1.21 2015/08/21 11:59:28 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -70,17 +70,17 @@ #define IKED_E 0x1000 /* Decrypted flag */ struct iked_constmap { - u_int cm_type; + unsigned int cm_type; const char *cm_name; const char *cm_descr; }; struct iked_transform { - u_int8_t xform_type; - u_int16_t xform_id; - u_int16_t xform_length; - u_int16_t xform_keylength; - u_int xform_score; + uint8_t xform_type; + uint16_t xform_id; + uint16_t xform_length; + uint16_t xform_keylength; + unsigned int xform_score; struct iked_constmap *xform_map; }; diff --git a/sbin/iked/util.c b/sbin/iked/util.c index b7044c00cc8..7b108de21e8 100644 --- a/sbin/iked/util.c +++ b/sbin/iked/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.26 2015/01/16 06:39:58 deraadt Exp $ */ +/* $OpenBSD: util.c,v 1.27 2015/08/21 11:59:28 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -240,7 +240,7 @@ sockaddr_cmp(struct sockaddr *a, struct sockaddr *b, int prefixlen) { struct sockaddr_in *a4, *b4; struct sockaddr_in6 *a6, *b6; - u_int32_t av[4], bv[4], mv[4]; + uint32_t av[4], bv[4], mv[4]; if (a->sa_family == AF_UNSPEC || b->sa_family == AF_UNSPEC) return (0); @@ -369,7 +369,7 @@ recvfromto(int s, void *buf, size_t len, int flags, struct sockaddr *from, } const char * -print_spi(u_int64_t spi, int size) +print_spi(uint64_t spi, int size) { static char buf[IKED_CYCLE_BUFFERS][32]; static int i = 0; @@ -379,10 +379,10 @@ print_spi(u_int64_t spi, int size) switch (size) { case 2: - snprintf(ptr, 32, "0x%04x", (u_int16_t)spi); + snprintf(ptr, 32, "0x%04x", (uint16_t)spi); break; case 4: - snprintf(ptr, 32, "0x%08x", (u_int32_t)spi); + snprintf(ptr, 32, "0x%08x", (uint32_t)spi); break; case 8: snprintf(ptr, 32, "0x%016llx", spi); @@ -399,9 +399,9 @@ print_spi(u_int64_t spi, int size) } const char * -print_map(u_int type, struct iked_constmap *map) +print_map(unsigned int type, struct iked_constmap *map) { - u_int i; + unsigned int i; static char buf[IKED_CYCLE_BUFFERS][32]; static int idx = 0; const char *name = NULL; @@ -431,9 +431,9 @@ lc_string(char *str) } void -print_hex(u_int8_t *buf, off_t offset, size_t length) +print_hex(uint8_t *buf, off_t offset, size_t length) { - u_int i; + unsigned int i; extern int verbose; if (verbose < 3 || !length) @@ -452,9 +452,9 @@ print_hex(u_int8_t *buf, off_t offset, size_t length) } void -print_hexval(u_int8_t *buf, off_t offset, size_t length) +print_hexval(uint8_t *buf, off_t offset, size_t length) { - u_int i; + unsigned int i; extern int verbose; if (verbose < 2 || !length) @@ -467,12 +467,12 @@ print_hexval(u_int8_t *buf, off_t offset, size_t length) } const char * -print_bits(u_short v, u_char *bits) +print_bits(unsigned short v, unsigned char *bits) { static char buf[IKED_CYCLE_BUFFERS][BUFSIZ]; static int idx = 0; - u_int i, any = 0, j = 0; - u_char c; + unsigned int i, any = 0, j = 0; + unsigned char c; if (!bits) return (""); @@ -504,7 +504,7 @@ print_bits(u_short v, u_char *bits) return (buf[idx]); } -u_int8_t +uint8_t mask2prefixlen(struct sockaddr *sa) { struct sockaddr_in *sa_in = (struct sockaddr_in *)sa; @@ -516,18 +516,18 @@ mask2prefixlen(struct sockaddr *sa) return (33 - ffs(ntohl(ina))); } -u_int8_t +uint8_t mask2prefixlen6(struct sockaddr *sa) { struct sockaddr_in6 *sa_in6 = (struct sockaddr_in6 *)sa; - u_int8_t l = 0, *ap, *ep; + uint8_t l = 0, *ap, *ep; /* * sin6_len is the size of the sockaddr so substract the offset of * the possibly truncated sin6_addr struct. */ - ap = (u_int8_t *)&sa_in6->sin6_addr; - ep = (u_int8_t *)sa_in6 + sa_in6->sin6_len; + ap = (uint8_t *)&sa_in6->sin6_addr; + ep = (uint8_t *)sa_in6 + sa_in6->sin6_len; for (; ap < ep; ap++) { /* this "beauty" is adopted from sbin/route/show.c ... */ switch (*ap) { @@ -565,8 +565,8 @@ mask2prefixlen6(struct sockaddr *sa) return (l); } -u_int32_t -prefixlen2mask(u_int8_t prefixlen) +uint32_t +prefixlen2mask(uint8_t prefixlen) { if (prefixlen == 0) return (0); @@ -578,7 +578,7 @@ prefixlen2mask(u_int8_t prefixlen) } struct in6_addr * -prefixlen2mask6(u_int8_t prefixlen, u_int32_t *mask) +prefixlen2mask6(uint8_t prefixlen, uint32_t *mask) { static struct in6_addr s6; int i; @@ -633,7 +633,7 @@ print_host(struct sockaddr *sa, char *buf, size_t len) } char * -get_string(u_int8_t *ptr, size_t len) +get_string(uint8_t *ptr, size_t len) { size_t i; char *str; @@ -650,7 +650,7 @@ get_string(u_int8_t *ptr, size_t len) } const char * -print_proto(u_int8_t proto) +print_proto(uint8_t proto) { struct protoent *p; static char buf[IKED_CYCLE_BUFFERS][BUFSIZ]; @@ -701,10 +701,10 @@ expand_string(char *label, size_t len, const char *srch, const char *repl) return (0); } -u_int8_t * +uint8_t * string2unicode(const char *ascii, size_t *outlen) { - u_int8_t *uc = NULL; + uint8_t *uc = NULL; size_t i, len = strlen(ascii); if ((uc = calloc(1, (len * 2) + 2)) == NULL) |