diff options
Diffstat (limited to 'sbin/isakmpd')
| -rw-r--r-- | sbin/isakmpd/conf.c | 12 | ||||
| -rw-r--r-- | sbin/isakmpd/conf.h | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/connection.c | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/exchange.c | 8 | ||||
| -rw-r--r-- | sbin/isakmpd/exchange.h | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/genconstants.sh | 6 | ||||
| -rw-r--r-- | sbin/isakmpd/genfields.sh | 6 | ||||
| -rw-r--r-- | sbin/isakmpd/ike_auth.c | 9 | ||||
| -rw-r--r-- | sbin/isakmpd/ike_quick_mode.c | 26 | ||||
| -rw-r--r-- | sbin/isakmpd/ipsec.c | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/isakmpd.c | 8 | ||||
| -rw-r--r-- | sbin/isakmpd/libcrypto.c | 8 | ||||
| -rw-r--r-- | sbin/isakmpd/log.c | 13 | ||||
| -rw-r--r-- | sbin/isakmpd/message.c | 8 | ||||
| -rw-r--r-- | sbin/isakmpd/pf_encap.c | 5 | ||||
| -rw-r--r-- | sbin/isakmpd/pf_key_v2.c | 32 | ||||
| -rw-r--r-- | sbin/isakmpd/policy.c | 34 | ||||
| -rw-r--r-- | sbin/isakmpd/prf.h | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/sa.c | 6 | ||||
| -rw-r--r-- | sbin/isakmpd/udp.c | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/x509.c | 10 |
21 files changed, 128 insertions, 87 deletions
diff --git a/sbin/isakmpd/conf.c b/sbin/isakmpd/conf.c index 3d725dc8eca..3b603ee4d44 100644 --- a/sbin/isakmpd/conf.c +++ b/sbin/isakmpd/conf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.c,v 1.25 2000/12/12 01:45:55 niklas Exp $ */ +/* $OpenBSD: conf.c,v 1.26 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: conf.c,v 1.48 2000/12/04 02:04:29 angelos Exp $ */ /* @@ -322,7 +322,7 @@ conf_find_trans_xf (int phase, char *xf) struct conf_trans *node; char *p; - /* Find the relevant transforms and suites, if any. */ + /* Find the relevant transforms and suites, if any. */ for (node = TAILQ_FIRST (&conf_trans_queue); node; node = TAILQ_NEXT (node, link)) if (( phase == 1 && !strcmp ("Transforms", node->tag)) || @@ -995,8 +995,10 @@ conf_end (int transaction, int commit) return 0; } -/* Dump running configuration upon SIGUSR1. */ -/* XXX Configuration is "stored in reverse order", so reverse it. */ +/* + * Dump running configuration upon SIGUSR1. + * XXX Configuration is "stored in reverse order", so reverse it. + */ struct dumper { char *s, *v; struct dumper *next; @@ -1005,7 +1007,7 @@ struct dumper { static void conf_report_dump (struct dumper *node) { - /* Recursive, cleanup when we're done. */ + /* Recursive, cleanup when we're done. */ if (node->next) conf_report_dump (node->next); diff --git a/sbin/isakmpd/conf.h b/sbin/isakmpd/conf.h index 5c98a3b780b..e193451e957 100644 --- a/sbin/isakmpd/conf.h +++ b/sbin/isakmpd/conf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.h,v 1.12 2000/10/07 07:00:06 niklas Exp $ */ +/* $OpenBSD: conf.h,v 1.13 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: conf.h,v 1.13 2000/09/18 00:01:47 ho Exp $ */ /* @@ -44,7 +44,7 @@ #define CONFIG_FILE "/etc/isakmpd/isakmpd.conf" -/* Default values for autogenerated part of our configuration. */ +/* Default values for autogenerated part of our configuration. */ #define CONF_DFLT_TAG_LIFE_MAIN_MODE "LIFE_MAIN_MODE" #define CONF_DFLT_TYPE_LIFE_MAIN_MODE "SECONDS" #define CONF_DFLT_VAL_LIFE_MAIN_MODE "3600,60:86400" diff --git a/sbin/isakmpd/connection.c b/sbin/isakmpd/connection.c index d02d6844999..deebcc8c5f1 100644 --- a/sbin/isakmpd/connection.c +++ b/sbin/isakmpd/connection.c @@ -1,4 +1,4 @@ -/* $OpenBSD: connection.c,v 1.11 2000/11/23 12:56:59 niklas Exp $ */ +/* $OpenBSD: connection.c,v 1.12 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: connection.c,v 1.28 2000/11/23 12:21:18 niklas Exp $ */ /* @@ -459,7 +459,7 @@ connection_reinit (void) LOG_DBG ((LOG_MISC, 30, "connection_reinit: reinitializing connection list")); - /* Remove all present connections. */ + /* Remove all present connections. */ for (conn = TAILQ_FIRST (&connections); conn; conn = TAILQ_NEXT (conn, link)) connection_teardown (conn->name); diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c index 3235ad9007a..1475a243025 100644 --- a/sbin/isakmpd/exchange.c +++ b/sbin/isakmpd/exchange.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.c,v 1.38 2001/01/22 08:37:05 angelos Exp $ */ +/* $OpenBSD: exchange.c,v 1.39 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */ /* @@ -638,7 +638,7 @@ exchange_create (int phase, int initiator, int doi, int type) exchange, &expiration); if (!exchange->death) { - /* If we don't give up we might start leaking... */ + /* If we don't give up we might start leaking... */ exchange_free_aux (exchange); return 0; } @@ -1085,7 +1085,7 @@ exchange_dump_real (char *header, struct exchange *exchange, int class, int level) { char buf[LOG_SIZE]; - /* Don't risk overflowing the final log buffer. */ + /* Don't risk overflowing the final log buffer. */ int bufsize_max = LOG_SIZE - strlen (header) - 32; struct sa *sa; @@ -1644,7 +1644,7 @@ exchange_establish (char *name, trpt = conf_get_str (name, "Transport"); if (!trpt) { - /* Phase 1 transport defaults to "udp". */ + /* Phase 1 transport defaults to "udp". */ trpt = ISAKMP_DEFAULT_TRANSPORT; } diff --git a/sbin/isakmpd/exchange.h b/sbin/isakmpd/exchange.h index f4ec48836ad..8c493bf5e60 100644 --- a/sbin/isakmpd/exchange.h +++ b/sbin/isakmpd/exchange.h @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.h,v 1.15 2000/10/07 06:59:46 niklas Exp $ */ +/* $OpenBSD: exchange.h,v 1.16 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: exchange.h,v 1.28 2000/09/28 12:54:28 niklas Exp $ */ /* @@ -162,7 +162,7 @@ struct exchange { void *recv_cert; void *recv_key; - /* XXX This is no longer necessary, it is covered by policy. */ + /* XXX This is no longer necessary, it is covered by policy. */ /* Acceptable authorities for cert requests */ TAILQ_HEAD (aca_head, certreq_aca) aca_list; diff --git a/sbin/isakmpd/genconstants.sh b/sbin/isakmpd/genconstants.sh index e883980d672..24eba0caf7b 100644 --- a/sbin/isakmpd/genconstants.sh +++ b/sbin/isakmpd/genconstants.sh @@ -1,4 +1,4 @@ -# $OpenBSD: genconstants.sh,v 1.6 1999/04/27 21:02:57 niklas Exp $ +# $OpenBSD: genconstants.sh,v 1.7 2001/01/26 12:12:51 niklas Exp $ # $EOM: genconstants.sh,v 1.6 1999/04/02 01:15:53 niklas Exp $ # @@ -50,7 +50,7 @@ $awk " $locase_function "' BEGIN { - print "/* DO NOT EDIT-- this file is automatically generated. */\n" + print "/* DO NOT EDIT-- this file is automatically generated. */\n" print "#ifndef _'$upcased_name'_H_" print "#define _'$upcased_name'_H_\n" print "#include \"sysdep.h\"\n" @@ -86,7 +86,7 @@ $awk " $locase_function "' BEGIN { - print "/* DO NOT EDIT-- this file is automatically generated. */\n" + print "/* DO NOT EDIT-- this file is automatically generated. */\n" print "#include \"sysdep.h\"\n" print "#include \"constants.h\"" print "#include \"'$base'.h\"\n" diff --git a/sbin/isakmpd/genfields.sh b/sbin/isakmpd/genfields.sh index f53cdcb00ef..9626c8b26e7 100644 --- a/sbin/isakmpd/genfields.sh +++ b/sbin/isakmpd/genfields.sh @@ -1,4 +1,4 @@ -# $OpenBSD: genfields.sh,v 1.4 1999/04/27 21:02:57 niklas Exp $ +# $OpenBSD: genfields.sh,v 1.5 2001/01/26 12:12:51 niklas Exp $ # $EOM: genfields.sh,v 1.5 1999/04/02 01:15:55 niklas Exp $ # @@ -50,7 +50,7 @@ $awk " $locase_function "' BEGIN { - print "/* DO NOT EDIT-- this file is automatically generated. */\n" + print "/* DO NOT EDIT-- this file is automatically generated. */\n" print "#ifndef _'$upcased_name'_H_" print "#define _'$upcased_name'_H_\n" @@ -129,7 +129,7 @@ $awk " $locase_function "' BEGIN { - print "/* DO NOT EDIT-- this file is automatically generated. */\n" + print "/* DO NOT EDIT-- this file is automatically generated. */\n" print "#include \"sysdep.h\"\n" print "#include \"constants.h\"" print "#include \"field.h\"" diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index 856eadff44b..ce0ff5e2319 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_auth.c,v 1.31 2000/12/19 19:03:05 mickey Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.32 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */ /* @@ -565,9 +565,10 @@ rsa_sig_decode_hash (struct message *msg) return -1; } - /* XXX Assume we should use the same kind of certification as the - XXX remote...moreover, just use the first CERT payload to - XXX decide what to use. */ + /* + * XXX Assume we should use the same kind of certification as the remote... + * moreover, just use the first CERT payload to decide what to use. + */ p = TAILQ_FIRST (&msg->payload[ISAKMP_PAYLOAD_CERT]); if (!p) handler = cert_get (ISAKMP_CERTENC_KEYNOTE); diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c index f8b57b191a5..4a057071332 100644 --- a/sbin/isakmpd/ike_quick_mode.c +++ b/sbin/isakmpd/ike_quick_mode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_quick_mode.c,v 1.41 2001/01/26 11:08:43 niklas Exp $ */ +/* $OpenBSD: ike_quick_mode.c,v 1.42 2001/01/26 12:12:51 niklas Exp $ */ /* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */ /* @@ -141,20 +141,24 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) if (keynote_policy_asserts_num) { - keynote_ids = calloc (keynote_policy_asserts_num, sizeof(int)); - if (keynote_ids == NULL) + keynote_ids = calloc (keynote_policy_asserts_num, sizeof *keynote_ids); + if (!keynote_ids) { - log_print ("check_policy: failed to allocate %d bytes for book keeping", keynote_policy_asserts_num * sizeof(int)); + log_print ("check_policy: " + "failed to allocate %d bytes for book keeping", + keynote_policy_asserts_num * sizeof *keynote_ids); return 0; } } if (x509_policy_asserts_num) { - x509_ids = calloc (x509_policy_asserts_num, sizeof(int)); - if (x509_ids == NULL) + x509_ids = calloc (x509_policy_asserts_num, sizeof *x509_ids); + if (!x509_ids) { - log_print ("check_policy: failed to allocate %d bytes for book keeping", x509_policy_asserts_num * sizeof(int)); + log_print ("check_policy: " + "failed to allocate %d bytes for book keeping", + x509_policy_asserts_num * sizeof *x509_ids); free (keynote_ids); return 0; } @@ -186,8 +190,10 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) switch (isakmp_sa->recv_certtype) { case ISAKMP_CERTENC_NONE: - /* For shared keys, just duplicate the passphrase with the - appropriate prefix tag. */ + /* + * For shared keys, just duplicate the passphrase with the + * appropriate prefix tag. + */ nprinc = 1; principal = calloc (nprinc, sizeof(*principal)); if (principal == NULL) @@ -754,7 +760,7 @@ initiator_send_HASH_SA_NONCE (struct message *msg) proto->spi_sz[1] = spi_sz; proto->spi[1] = spi; - /* Let the DOI get at proto for initializing its own data. */ + /* Let the DOI get at proto for initializing its own data. */ if (doi->proto_init) doi->proto_init (proto, prot->field); diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index 62b2300e47d..32a948d192e 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.36 2001/01/14 23:40:01 angelos Exp $ */ +/* $OpenBSD: ipsec.c,v 1.37 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -360,7 +360,7 @@ ipsec_set_network (u_int8_t *src_id, u_int8_t *dst_id, struct ipsec_sa *isa) { int id; - /* Set source address. */ + /* Set source address. */ id = GET_ISAKMP_ID_TYPE (src_id); switch (id) { diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c index afb65351dc1..bf581bc6e8d 100644 --- a/sbin/isakmpd/isakmpd.c +++ b/sbin/isakmpd/isakmpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: isakmpd.c,v 1.25 2000/10/07 06:58:37 niklas Exp $ */ +/* $OpenBSD: isakmpd.c,v 1.26 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $ */ /* @@ -201,7 +201,7 @@ reinit (void) if (regrand) srandom (strtoul (optarg, 0, 0)); - /* Reread config file. */ + /* Reread config file. */ conf_reinit (); /* Try again to link in libcrypto (good if we started without /usr). */ @@ -211,14 +211,14 @@ reinit (void) tzset (); #ifdef USE_POLICY - /* Reread the policies. */ + /* Reread the policies. */ policy_init (); #endif /* Reinitialize certificates */ cert_init(); - /* Reinitialize our connection list. */ + /* Reinitialize our connection list. */ connection_reinit (); /* diff --git a/sbin/isakmpd/libcrypto.c b/sbin/isakmpd/libcrypto.c index d30001dd96d..d2b6ab4ae03 100644 --- a/sbin/isakmpd/libcrypto.c +++ b/sbin/isakmpd/libcrypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: libcrypto.c,v 1.8 2000/12/19 22:00:02 markus Exp $ */ +/* $OpenBSD: libcrypto.c,v 1.9 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: libcrypto.c,v 1.14 2000/09/28 12:53:27 niklas Exp $ */ /* @@ -108,7 +108,8 @@ int (*lc_i2d_RSAPublicKey) (RSA *, unsigned char **); int (*lc_i2d_RSAPrivateKey) (RSA *, unsigned char **); int (*lc_i2d_X509) (X509 *, unsigned char **); int (*lc_i2d_X509_NAME) (X509_NAME *, unsigned char **); -#if (SSLEAY_VERSION_NUMBER >= 0x00904100L && SSLEAY_VERSION_NUMBER < 0x0090600fL) +#if (SSLEAY_VERSION_NUMBER >= 0x00904100L \ + && SSLEAY_VERSION_NUMBER < 0x0090600fL) void (*lc_sk_X509_free) (STACK_OF (X509) *); STACK_OF (X509) *(*lc_sk_X509_new_null) (); #else @@ -177,7 +178,8 @@ static struct dynload_script libcrypto_script[] = { SYMENTRY (i2d_RSAPrivateKey), SYMENTRY (i2d_X509), SYMENTRY (i2d_X509_NAME), -#if (SSLEAY_VERSION_NUMBER >= 0x00904100L && SSLEAY_VERSION_NUMBER < 0x0090600fL) +#if (SSLEAY_VERSION_NUMBER >= 0x00904100L \ + && SSLEAY_VERSION_NUMBER < 0x0090600fL) SYMENTRY (sk_X509_free), SYMENTRY (sk_X509_new_null), #else diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c index 0433896ce97..fb2b042d6b4 100644 --- a/sbin/isakmpd/log.c +++ b/sbin/isakmpd/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.14 2000/12/12 05:12:45 todd Exp $ */ +/* $OpenBSD: log.c,v 1.15 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */ /* @@ -133,16 +133,17 @@ _log_print (int error, int syslog_level, const char *fmt, va_list ap, * We may need to explicitly close stdout to do this properly. * XXX - Figure out how to match two FILE *'s and rewrite. */ - if (fileno (log_output) != -1) - if (fileno (stdout) == fileno (log_output)) - fclose (stdout); + if (fileno (log_output) != -1 + && fileno (stdout) == fileno (log_output)) + fclose (stdout); fclose (log_output); /* Fallback to syslog. */ log_to (0); - /* (Re)send current message to syslog(). */ - syslog (class == LOG_REPORT ? LOG_ALERT : syslog_level, "%s", buffer); + /* (Re)send current message to syslog(). */ + syslog (class == LOG_REPORT ? LOG_ALERT + : syslog_level, "%s", buffer); } } else diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c index 33f82d59c2a..2884c5be9a3 100644 --- a/sbin/isakmpd/message.c +++ b/sbin/isakmpd/message.c @@ -1,4 +1,4 @@ -/* $OpenBSD: message.c,v 1.34 2000/10/10 13:35:11 niklas Exp $ */ +/* $OpenBSD: message.c,v 1.35 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */ /* @@ -281,7 +281,7 @@ message_parse_payloads (struct message *msg, struct payload *p, u_int8_t next, */ len = GET_ISAKMP_GEN_LENGTH (buf); - /* Ignore private payloads. */ + /* Ignore private payloads. */ if (next >= ISAKMP_PAYLOAD_PRIVATE_MIN) { LOG_DBG ((LOG_MESSAGE, 30, @@ -943,7 +943,9 @@ message_recv (struct message *msg) if (GET_ISAKMP_HDR_NEXT_PAYLOAD (buf) >= ISAKMP_PAYLOAD_RESERVED_MIN) { - log_print ("message_recv: invalid payload type %d in ISAKMP header (check passphrases, if applicable and in Phase 1)", + log_print ("message_recv: " + "invalid payload type %d in ISAKMP header " + "(check passphrases, if applicable and in Phase 1)", GET_ISAKMP_HDR_NEXT_PAYLOAD (buf)); message_drop (msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1); return -1; diff --git a/sbin/isakmpd/pf_encap.c b/sbin/isakmpd/pf_encap.c index f25fb335b84..cf2fb84d74c 100644 --- a/sbin/isakmpd/pf_encap.c +++ b/sbin/isakmpd/pf_encap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_encap.c,v 1.18 2000/12/12 01:46:29 niklas Exp $ */ +/* $OpenBSD: pf_encap.c,v 1.19 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: pf_encap.c,v 1.73 2000/12/04 04:46:34 angelos Exp $ */ /* @@ -281,7 +281,8 @@ pf_encap_write (struct encap_msghdr *em) } if ((size_t)n != em->em_msglen) { - log_error ("pf_encap_write: write (%d, ...) returned prematurely", pf_encap_socket); + log_error ("pf_encap_write: write (%d, ...) returned prematurely", + pf_encap_socket); return -1; } return 0; diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c index fa343ed7d90..cdb09ff30a8 100644 --- a/sbin/isakmpd/pf_key_v2.c +++ b/sbin/isakmpd/pf_key_v2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_key_v2.c,v 1.43 2001/01/10 21:41:54 angelos Exp $ */ +/* $OpenBSD: pf_key_v2.c,v 1.44 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */ /* @@ -792,7 +792,9 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming) #endif default: - LOG_DBG ((LOG_SYSDEP, 50, "pf_key_v2_set_spi: unknown encryption algorithm %d", proto->id)); + LOG_DBG ((LOG_SYSDEP, 50, + "pf_key_v2_set_spi: unknown encryption algorithm %d", + proto->id)); return -1; } @@ -827,7 +829,9 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming) case IPSEC_AUTH_DES_MAC: case IPSEC_AUTH_KPDK: /* XXX We should be supporting KPDK */ - LOG_DBG ((LOG_SYSDEP, 50, "pf_key_v2_set_spi: unknown authentication algorithm %d", iproto->auth)); + LOG_DBG ((LOG_SYSDEP, 50, + "pf_key_v2_set_spi: unknown authentication algorithm %d", + iproto->auth)); return -1; default: @@ -870,7 +874,9 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming) #endif default: - LOG_DBG ((LOG_SYSDEP, 50, "pf_key_v2_set_spi: unknown authentication algorithm %d", proto->id)); + LOG_DBG ((LOG_SYSDEP, 50, + "pf_key_v2_set_spi: unknown authentication algorithm %d", + proto->id)); goto cleanup; } break; @@ -1021,7 +1027,7 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming) addr = 0; #if 0 - /* XXX I am not sure about what to do here just yet. */ + /* XXX I am not sure about what to do here just yet. */ if (iproto->encap_mode == IPSEC_ENCAP_TUNNEL) { len = sizeof *addr + PF_KEY_V2_ROUND (dstlen); @@ -2308,14 +2314,18 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg) pwd = getpwuid (srcident->sadb_ident_id); if (pwd == NULL) { - log_error ("pf_key_v2_acquire: could not acquire username from provided ID %d", srcident->sadb_ident_id); + log_error ("pf_key_v2_acquire: could not acquire " + "username from provided ID %d", + srcident->sadb_ident_id); goto fail; } if (slen != 0) if (strcmp (pwd->pw_name, (char *)(srcident + 1)) != 0) { - log_error ("pf_key_v2_acquire: provided user name and ID do not match (%s != %s)", (char *)(srcident + 1), pwd->pw_name); + log_error ("pf_key_v2_acquire: provided user name and " + "ID do not match (%s != %s)", + (char *)(srcident + 1), pwd->pw_name); goto fail; } } @@ -2409,14 +2419,18 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg) pwd = getpwuid (dstident->sadb_ident_id); if (pwd == NULL) { - log_error ("pf_key_v2_acquire: could not acquire username from provided ID %d", dstident->sadb_ident_id); + log_error ("pf_key_v2_acquire: could not acquire " + "username from provided ID %d", + dstident->sadb_ident_id); goto fail; } if (slen != 0) if (strcmp (pwd->pw_name, (char *)(dstident + 1)) != 0) { - log_error ("pf_key_v2_acquire: provided user name and ID do not match (%s != %s)", (char *)(dstident + 1), pwd->pw_name); + log_error ("pf_key_v2_acquire: provided user name and " + "ID do not match (%s != %s)", + (char *)(dstident + 1), pwd->pw_name); goto fail; } } diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c index b87343549bb..d38ef4cae65 100644 --- a/sbin/isakmpd/policy.c +++ b/sbin/isakmpd/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.19 2001/01/10 00:42:00 angelos Exp $ */ +/* $OpenBSD: policy.c,v 1.20 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */ /* @@ -1233,25 +1233,35 @@ policy_callback (char *name) LOG_DBG ((LOG_SA, 80, "esp_group_desc == %s", esp_group_desc)); LOG_DBG ((LOG_SA, 80, "comp_group_desc == %s", comp_group_desc)); LOG_DBG ((LOG_SA, 80, "remote_filter_type == %s", remote_filter_type)); - LOG_DBG ((LOG_SA, 80, "remote_filter_addr_upper == %s", remote_filter_addr_upper)); - LOG_DBG ((LOG_SA, 80, "remote_filter_addr_lower == %s", remote_filter_addr_lower)); - LOG_DBG ((LOG_SA, 80, "remote_filter == %s", (remote_filter ? remote_filter : ""))); + LOG_DBG ((LOG_SA, 80, "remote_filter_addr_upper == %s", + remote_filter_addr_upper)); + LOG_DBG ((LOG_SA, 80, "remote_filter_addr_lower == %s", + remote_filter_addr_lower)); + LOG_DBG ((LOG_SA, 80, "remote_filter == %s", + (remote_filter ? remote_filter : ""))); LOG_DBG ((LOG_SA, 80, "remote_filter_port == %s", remote_filter_port)); LOG_DBG ((LOG_SA, 80, "remote_filter_proto == %s", remote_filter_proto)); LOG_DBG ((LOG_SA, 80, "local_filter_type == %s", local_filter_type)); - LOG_DBG ((LOG_SA, 80, "local_filter_addr_upper == %s", local_filter_addr_upper)); - LOG_DBG ((LOG_SA, 80, "local_filter_addr_lower == %s", local_filter_addr_lower)); - LOG_DBG ((LOG_SA, 80, "local_filter == %s", (local_filter ? local_filter : ""))); + LOG_DBG ((LOG_SA, 80, "local_filter_addr_upper == %s", + local_filter_addr_upper)); + LOG_DBG ((LOG_SA, 80, "local_filter_addr_lower == %s", + local_filter_addr_lower)); + LOG_DBG ((LOG_SA, 80, "local_filter == %s", + (local_filter ? local_filter : ""))); LOG_DBG ((LOG_SA, 80, "local_filter_port == %s", local_filter_port)); LOG_DBG ((LOG_SA, 80, "local_filter_proto == %s", local_filter_proto)); LOG_DBG ((LOG_SA, 80, "remote_id_type == %s", remote_id_type)); - LOG_DBG ((LOG_SA, 80, "remote_id_addr_upper == %s", remote_id_addr_upper)); - LOG_DBG ((LOG_SA, 80, "remote_id_addr_lower == %s", remote_id_addr_lower)); + LOG_DBG ((LOG_SA, 80, "remote_id_addr_upper == %s", + remote_id_addr_upper)); + LOG_DBG ((LOG_SA, 80, "remote_id_addr_lower == %s", + remote_id_addr_lower)); LOG_DBG ((LOG_SA, 80, "remote_id == %s", (remote_id ? remote_id : ""))); LOG_DBG ((LOG_SA, 80, "remote_id_port == %s", remote_id_port)); LOG_DBG ((LOG_SA, 80, "remote_id_proto == %s", remote_id_proto)); - LOG_DBG ((LOG_SA, 80, "remote_negotiation_address == %s", remote_ike_address)); - LOG_DBG ((LOG_SA, 80, "local_negotiation_address == %s", local_ike_address)); + LOG_DBG ((LOG_SA, 80, "remote_negotiation_address == %s", + remote_ike_address)); + LOG_DBG ((LOG_SA, 80, "local_negotiation_address == %s", + local_ike_address)); LOG_DBG ((LOG_SA, 80, "pfs == %s", pfs)); LOG_DBG ((LOG_SA, 80, "initiator == %s", initiator)); LOG_DBG ((LOG_SA, 80, "phase1_group_desc == %s", phase1_group)); @@ -1478,7 +1488,7 @@ policy_init (void) log_fatal ("policy_init: calloc (%d, %d) failed", st.st_size, sizeof (char)); - /* Just in case there are short reads... */ + /* Just in case there are short reads... */ for (len = 0; len < st.st_size; len += i) { i = read (fd, ptr + len, st.st_size - len); diff --git a/sbin/isakmpd/prf.h b/sbin/isakmpd/prf.h index 6426ad4a569..5cb91026f5d 100644 --- a/sbin/isakmpd/prf.h +++ b/sbin/isakmpd/prf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: prf.h,v 1.3 1998/11/17 11:10:19 niklas Exp $ */ +/* $OpenBSD: prf.h,v 1.4 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: prf.h,v 1.1 1998/07/11 20:06:22 provos Exp $ */ /* @@ -37,7 +37,7 @@ #ifndef _PRF_H_ #define _PRF_H_ -/* Enumeration of possible PRF - Pseudo-Random Functions. */ +/* Enumeration of possible PRF - Pseudo-Random Functions. */ enum prfs { PRF_HMAC = 0, /* No PRFs in drafts, this is the default */ }; diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index 93bfe78a5f1..0584adb9fcd 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.35 2001/01/22 08:14:24 angelos Exp $ */ +/* $OpenBSD: sa.c,v 1.36 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -783,7 +783,7 @@ sa_setup_expirations (struct sa *sa) = timer_add_event ("sa_soft_expire", sa_soft_expire, sa, &expiration); if (!sa->soft_death) { - /* If we don't give up we might start leaking... */ + /* If we don't give up we might start leaking... */ sa_delete (sa, 1); return -1; } @@ -801,7 +801,7 @@ sa_setup_expirations (struct sa *sa) = timer_add_event ("sa_hard_expire", sa_hard_expire, sa, &expiration); if (!sa->death) { - /* If we don't give up we might start leaking... */ + /* If we don't give up we might start leaking... */ sa_delete (sa, 1); return -1; } diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c index 48d78270bea..1c80286e179 100644 --- a/sbin/isakmpd/udp.c +++ b/sbin/isakmpd/udp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp.c,v 1.25 2001/01/26 11:08:08 niklas Exp $ */ +/* $OpenBSD: udp.c,v 1.26 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */ /* @@ -460,7 +460,7 @@ udp_init () LIST_INIT (&udp_listen_list); - /* Bind the ISAKMP UDP port on all network interfaces we have. */ + /* Bind the ISAKMP UDP port on all network interfaces we have. */ /* XXX need to check errors */ if_map (udp_bind_if, &port); diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c index e7ae5b1775b..e1fab8c8271 100644 --- a/sbin/isakmpd/x509.c +++ b/sbin/isakmpd/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.36 2001/01/26 11:09:12 niklas Exp $ */ +/* $OpenBSD: x509.c,v 1.37 2001/01/26 12:12:52 niklas Exp $ */ /* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */ /* @@ -118,12 +118,14 @@ x509_generate_kn (X509 *cert) RSA *key; char **new_asserts; - LOG_DBG ((LOG_CRYPTO, 90, "x509_generate_kn: generating KeyNote policy for certificate %p", cert)); + LOG_DBG ((LOG_CRYPTO, 90, + "x509_generate_kn: generating KeyNote policy for certificate %p", + cert)); issuer = LC (X509_get_issuer_name, (cert)); subject = LC (X509_get_subject_name, (cert)); - /* Missing or self-signed, ignore cert but don't report failure */ + /* Missing or self-signed, ignore cert but don't report failure. */ if (!issuer || !subject || !LC (X509_name_cmp, (issuer, subject))) return 1; @@ -232,7 +234,7 @@ x509_generate_kn (X509 *cert) return 0; } - /* We could print the assertion here, but log_print() truncates... */ + /* We could print the assertion here, but log_print() truncates... */ free (buf); |