summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r--sbin/isakmpd/pf_key_v2.c31
1 files changed, 17 insertions, 14 deletions
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index 2e8a6a9b815..7bbb24766d5 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.123 2003/04/14 10:14:16 ho Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.124 2003/04/14 10:22:13 ho Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -465,7 +465,7 @@ pf_key_v2_write (struct pf_key_v2_msg *pmsg)
for (i = 0; i < cnt; i++)
{
- snprintf (header, 80, "pf_key_v2_write: iov[%d]", i);
+ snprintf (header, sizeof header, "pf_key_v2_write: iov[%d]", i);
LOG_DBG_BUF ((LOG_SYSDEP, 80, header, (u_int8_t *)iov[i].iov_base,
iov[i].iov_len));
}
@@ -2367,7 +2367,7 @@ pf_key_v2_conf_refinc (int af, char *section)
if (num == 0)
return 0;
- snprintf (conn, 22, "%d", num + 1);
+ snprintf (conn, sizeof conn, "%d", num + 1);
conf_set (af, section, "Refcount", conn, 1, 0);
return 0;
}
@@ -2395,7 +2395,7 @@ pf_key_v2_conf_refhandle (int af, char *section)
else
if (num != 0)
{
- snprintf (conn, 22, "%d", num - 1);
+ snprintf (conn, sizeof conn, "%d", num - 1);
conf_set (af, section, "Refcount", conn, 1, 0);
}
@@ -2880,15 +2880,17 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
u_int16_t sport = 0, dport = 0;
u_int8_t tproto = 0;
char tmbuf[sizeof sport * 3 + 1], *xform;
+ int connlen;
#if defined (SADB_X_CREDTYPE_NONE)
struct sadb_x_cred *cred = 0, *sauth = 0;
#endif
/* This needs to be dynamically allocated. */
- conn = malloc (22);
+ connlen = 22;
+ conn = malloc (connlen);
if (!conn)
{
- log_error ("pf_key_v2_acquire: malloc (22) failed");
+ log_error ("pf_key_v2_acquire: malloc (%d) failed", connlen);
return;
}
@@ -3484,8 +3486,9 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
/* Get a new connection sequence number. */
for (;; connection_seq++)
{
- snprintf (conn, 22, "Connection-%u", connection_seq);
- snprintf (configname, 30, "Config-Phase2-%u", connection_seq);
+ snprintf (conn, connlen, "Connection-%u", connection_seq);
+ snprintf (configname, sizeof configname, "Config-Phase2-%u",
+ connection_seq);
/* Does it exist ? */
if (!conf_get_str (conn, "Phase")
@@ -3549,7 +3552,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
}
/* Set the sequence number. */
- snprintf (lname, 100, "%u", msg->sadb_msg_seq);
+ snprintf (lname, sizeof lname, "%u", msg->sadb_msg_seq);
if (conf_set (af, conn, "Acquire-ID", lname, 0, 0))
{
conf_end (af, 0);
@@ -3557,8 +3560,8 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
}
/* Set Phase 2 IDs -- this is the Local-ID section. */
- snprintf (lname, 100, "Phase2-ID:%s/%s/%u/%u", ssflow, ssmask, tproto,
- sport);
+ snprintf (lname, sizeof lname, "Phase2-ID:%s/%s/%u/%u", ssflow, ssmask,
+ tproto, sport);
if (conf_set (af, conn, "Local-ID", lname, 0, 0))
{
conf_end (af, 0);
@@ -3616,8 +3619,8 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
pf_key_v2_conf_refinc (af, lname);
/* Set Remote-ID section. */
- snprintf (dname, 100, "Phase2-ID:%s/%s/%u/%u", sdflow, sdmask, tproto,
- dport);
+ snprintf (dname, sizeof dname, "Phase2-ID:%s/%s/%u/%u", sdflow, sdmask,
+ tproto, dport);
if (conf_set (af, conn, "Remote-ID", dname, 0, 0))
{
conf_end (af, 0);
@@ -3731,7 +3734,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
goto fail;
}
- snprintf (confname, 120, "ISAKMP-Configuration-%s", peer);
+ snprintf (confname, sizeof confname, "ISAKMP-Configuration-%s", peer);
if (conf_set (af, peer, "Configuration", confname, 0, 0))
{
conf_end (af, 0);