summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/policy.c
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/isakmpd/policy.c')
-rw-r--r--sbin/isakmpd/policy.c85
1 files changed, 46 insertions, 39 deletions
diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c
index e2fb68512a7..1b3516399f2 100644
--- a/sbin/isakmpd/policy.c
+++ b/sbin/isakmpd/policy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: policy.c,v 1.72 2004/05/23 16:14:22 deraadt Exp $ */
+/* $OpenBSD: policy.c,v 1.73 2004/05/23 18:17:56 hshoexer Exp $ */
/* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */
/*
@@ -81,7 +81,7 @@ static const char hextab[] = {
* Adaptation of Vixie's inet_ntop4 ()
*/
static const char *
-my_inet_ntop4(const in_addr_t * src, char *dst, size_t size, int normalize)
+my_inet_ntop4(const in_addr_t *src, char *dst, size_t size, int normalize)
{
static const char fmt[] = "%03u.%03u.%03u.%03u";
char tmp[sizeof "255.255.255.255"];
@@ -107,10 +107,10 @@ my_inet_ntop6(const unsigned char *src, char *dst, size_t size)
{
static const char fmt[] =
"%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x";
- char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"];
+ char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"];
- if (snprintf(tmp, sizeof tmp, fmt, src[0], src[1], src[2], src[3], src[4],
- src[5], src[6], src[7], src[8], src[9], src[10], src[11],
+ if (snprintf(tmp, sizeof tmp, fmt, src[0], src[1], src[2], src[3],
+ src[4], src[5], src[6], src[7], src[8], src[9], src[10], src[11],
src[12], src[13], src[14], src[15]) > (int)size) {
errno = ENOSPC;
return 0;
@@ -209,10 +209,14 @@ policy_callback(char *name)
memset(esp_key_rounds, 0, sizeof esp_key_rounds);
memset(comp_dict_size, 0, sizeof comp_dict_size);
memset(comp_private_alg, 0, sizeof comp_private_alg);
- memset(remote_filter_addr_upper, 0, sizeof remote_filter_addr_upper);
- memset(remote_filter_addr_lower, 0, sizeof remote_filter_addr_lower);
- memset(local_filter_addr_upper, 0, sizeof local_filter_addr_upper);
- memset(local_filter_addr_lower, 0, sizeof local_filter_addr_lower);
+ memset(remote_filter_addr_upper, 0,
+ sizeof remote_filter_addr_upper);
+ memset(remote_filter_addr_lower, 0,
+ sizeof remote_filter_addr_lower);
+ memset(local_filter_addr_upper, 0,
+ sizeof local_filter_addr_upper);
+ memset(local_filter_addr_lower, 0,
+ sizeof local_filter_addr_lower);
memset(remote_id_addr_upper, 0, sizeof remote_id_addr_upper);
memset(remote_id_addr_lower, 0, sizeof remote_id_addr_lower);
memset(ah_group_desc, 0, sizeof ah_group_desc);
@@ -236,7 +240,8 @@ policy_callback(char *name)
pfs = "yes";
is = policy_isakmp_sa->data;
- snprintf(phase1_group, sizeof phase1_group, "%u", is->group_desc);
+ snprintf(phase1_group, sizeof phase1_group, "%u",
+ is->group_desc);
for (proto = TAILQ_FIRST(&policy_sa->protos); proto;
proto = TAILQ_NEXT(proto, link)) {
@@ -353,7 +358,8 @@ policy_callback(char *name)
break;
}
- for (attr = proto->chosen->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF;
+ for (attr = proto->chosen->p +
+ ISAKMP_TRANSFORM_SA_ATTRS_OFF;
attr < proto->chosen->p +
GET_ISAKMP_GEN_LENGTH(proto->chosen->p);
attr = value + len) {
@@ -365,7 +371,8 @@ policy_callback(char *name)
type = GET_ISAKMP_ATTR_TYPE(attr);
fmt = ISAKMP_ATTR_FORMAT(type);
type = ISAKMP_ATTR_TYPE(type);
- value = attr + (fmt ? ISAKMP_ATTR_LENGTH_VALUE_OFF :
+ value = attr + (fmt ?
+ ISAKMP_ATTR_LENGTH_VALUE_OFF :
ISAKMP_ATTR_VALUE_OFF);
len = (fmt ? ISAKMP_ATTR_LENGTH_VALUE_LEN :
GET_ISAKMP_ATTR_LENGTH_VALUE(attr));
@@ -1781,15 +1788,15 @@ policy_init(void)
/* Allocate memory to keep policies. */
ptr = calloc(sz + 1, sizeof(char));
if (!ptr)
- log_fatal("policy_init: calloc (%lu, %lu) failed", (unsigned long)sz + 1,
- (unsigned long)sizeof(char));
+ log_fatal("policy_init: calloc (%lu, %lu) failed",
+ (unsigned long)sz + 1, (unsigned long)sizeof(char));
/* Just in case there are short reads... */
for (len = 0; len < sz; len += i) {
i = read(fd, ptr + len, sz - len);
if (i == -1)
- log_fatal("policy_init: read (%d, %p, %lu) failed", fd, ptr + len,
- (unsigned long)(sz - len));
+ log_fatal("policy_init: read (%d, %p, %lu) failed", fd,
+ ptr + len, (unsigned long)(sz - len));
}
/* We're done with this. */
@@ -1825,9 +1832,9 @@ keynote_cert_init(void)
/* Just copy and return. */
void *
-keynote_cert_get(u_int8_t * data, u_int32_t len)
+keynote_cert_get(u_int8_t *data, u_int32_t len)
{
- char *foo = malloc(len + 1);
+ char *foo = malloc(len + 1);
if (foo == NULL)
return NULL;
@@ -1844,8 +1851,8 @@ keynote_cert_get(u_int8_t * data, u_int32_t len)
int
keynote_cert_validate(void *scert)
{
- char **foo;
- int num, i;
+ char **foo;
+ int num, i;
if (scert == NULL)
return 0;
@@ -1873,8 +1880,8 @@ keynote_cert_validate(void *scert)
int
keynote_cert_insert(int sid, void *scert)
{
- char **foo;
- int num;
+ char **foo;
+ int num;
if (scert == NULL)
return 0;
@@ -1898,16 +1905,16 @@ keynote_cert_free(void *cert)
/* Verify that the key given to us is valid. */
int
-keynote_certreq_validate(u_int8_t * data, u_int32_t len)
+keynote_certreq_validate(u_int8_t *data, u_int32_t len)
{
struct keynote_deckey dc;
- int err = 1;
- char *dat;
+ int err = 1;
+ char *dat;
dat = calloc(len + 1, sizeof(char));
if (!dat) {
- log_error("keynote_certreq_validate: calloc (%d, %lu) failed", len + 1,
- (unsigned long)sizeof(char));
+ log_error("keynote_certreq_validate: calloc (%d, %lu) failed",
+ len + 1, (unsigned long)sizeof(char));
return 0;
}
memcpy(dat, data, len);
@@ -1923,8 +1930,8 @@ keynote_certreq_validate(u_int8_t * data, u_int32_t len)
}
/* Beats me what we should be doing with this. */
-void *
-keynote_certreq_decode(u_int8_t * data, u_int32_t len)
+void *
+keynote_certreq_decode(u_int8_t *data, u_int32_t len)
{
/* XXX */
return NULL;
@@ -1937,8 +1944,8 @@ keynote_free_aca(void *blob)
}
int
-keynote_cert_obtain(u_int8_t * id, size_t id_len, void *data, u_int8_t ** cert,
- u_int32_t * certlen)
+keynote_cert_obtain(u_int8_t *id, size_t id_len, void *data, u_int8_t **cert,
+ u_int32_t *certlen)
{
char *dirname, *file, *addr_str;
struct stat sb;
@@ -1965,26 +1972,26 @@ keynote_cert_obtain(u_int8_t * id, size_t id_len, void *data, u_int8_t ** cert,
switch (idtype) {
case IPSEC_ID_IPV4_ADDR:
case IPSEC_ID_IPV6_ADDR:
- util_ntoa(&addr_str, idtype == IPSEC_ID_IPV4_ADDR ? AF_INET : AF_INET6,
- id);
+ util_ntoa(&addr_str, idtype == IPSEC_ID_IPV4_ADDR ?
+ AF_INET : AF_INET6, id);
if (addr_str == 0)
return 0;
file = calloc(len + strlen(addr_str), sizeof(char));
if (file == NULL) {
- log_error("keynote_cert_obtain: failed to allocate %lu bytes",
- (unsigned long)len + strlen(addr_str));
+ log_error("keynote_cert_obtain: failed to allocate "
+ "%lu bytes", (unsigned long)len +
+ strlen(addr_str));
free(addr_str);
return 0;
}
- snprintf(file, len + strlen(addr_str), "%s/%s/%s", dirname, addr_str,
- CREDENTIAL_FILE);
+ snprintf(file, len + strlen(addr_str), "%s/%s/%s", dirname,
+ addr_str, CREDENTIAL_FILE);
free(addr_str);
break;
case IPSEC_ID_FQDN:
- case IPSEC_ID_USER_FQDN:
- {
+ case IPSEC_ID_USER_FQDN: {
file = calloc(len + id_len, sizeof(char));
if (file == NULL) {
log_error("keynote_cert_obtain: failed to allocate %lu bytes",