summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
Diffstat (limited to 'sbin')
-rw-r--r--sbin/isakmpd/conf.c12
-rw-r--r--sbin/isakmpd/conf.h4
-rw-r--r--sbin/isakmpd/connection.c4
-rw-r--r--sbin/isakmpd/exchange.c8
-rw-r--r--sbin/isakmpd/exchange.h4
-rw-r--r--sbin/isakmpd/genconstants.sh6
-rw-r--r--sbin/isakmpd/genfields.sh6
-rw-r--r--sbin/isakmpd/ike_auth.c9
-rw-r--r--sbin/isakmpd/ike_quick_mode.c26
-rw-r--r--sbin/isakmpd/ipsec.c4
-rw-r--r--sbin/isakmpd/isakmpd.c8
-rw-r--r--sbin/isakmpd/libcrypto.c8
-rw-r--r--sbin/isakmpd/log.c13
-rw-r--r--sbin/isakmpd/message.c8
-rw-r--r--sbin/isakmpd/pf_encap.c5
-rw-r--r--sbin/isakmpd/pf_key_v2.c32
-rw-r--r--sbin/isakmpd/policy.c34
-rw-r--r--sbin/isakmpd/prf.h4
-rw-r--r--sbin/isakmpd/sa.c6
-rw-r--r--sbin/isakmpd/udp.c4
-rw-r--r--sbin/isakmpd/x509.c10
21 files changed, 128 insertions, 87 deletions
diff --git a/sbin/isakmpd/conf.c b/sbin/isakmpd/conf.c
index 3d725dc8eca..3b603ee4d44 100644
--- a/sbin/isakmpd/conf.c
+++ b/sbin/isakmpd/conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf.c,v 1.25 2000/12/12 01:45:55 niklas Exp $ */
+/* $OpenBSD: conf.c,v 1.26 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: conf.c,v 1.48 2000/12/04 02:04:29 angelos Exp $ */
/*
@@ -322,7 +322,7 @@ conf_find_trans_xf (int phase, char *xf)
struct conf_trans *node;
char *p;
- /* Find the relevant transforms and suites, if any. */
+ /* Find the relevant transforms and suites, if any. */
for (node = TAILQ_FIRST (&conf_trans_queue); node;
node = TAILQ_NEXT (node, link))
if (( phase == 1 && !strcmp ("Transforms", node->tag)) ||
@@ -995,8 +995,10 @@ conf_end (int transaction, int commit)
return 0;
}
-/* Dump running configuration upon SIGUSR1. */
-/* XXX Configuration is "stored in reverse order", so reverse it. */
+/*
+ * Dump running configuration upon SIGUSR1.
+ * XXX Configuration is "stored in reverse order", so reverse it.
+ */
struct dumper {
char *s, *v;
struct dumper *next;
@@ -1005,7 +1007,7 @@ struct dumper {
static void
conf_report_dump (struct dumper *node)
{
- /* Recursive, cleanup when we're done. */
+ /* Recursive, cleanup when we're done. */
if (node->next)
conf_report_dump (node->next);
diff --git a/sbin/isakmpd/conf.h b/sbin/isakmpd/conf.h
index 5c98a3b780b..e193451e957 100644
--- a/sbin/isakmpd/conf.h
+++ b/sbin/isakmpd/conf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf.h,v 1.12 2000/10/07 07:00:06 niklas Exp $ */
+/* $OpenBSD: conf.h,v 1.13 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: conf.h,v 1.13 2000/09/18 00:01:47 ho Exp $ */
/*
@@ -44,7 +44,7 @@
#define CONFIG_FILE "/etc/isakmpd/isakmpd.conf"
-/* Default values for autogenerated part of our configuration. */
+/* Default values for autogenerated part of our configuration. */
#define CONF_DFLT_TAG_LIFE_MAIN_MODE "LIFE_MAIN_MODE"
#define CONF_DFLT_TYPE_LIFE_MAIN_MODE "SECONDS"
#define CONF_DFLT_VAL_LIFE_MAIN_MODE "3600,60:86400"
diff --git a/sbin/isakmpd/connection.c b/sbin/isakmpd/connection.c
index d02d6844999..deebcc8c5f1 100644
--- a/sbin/isakmpd/connection.c
+++ b/sbin/isakmpd/connection.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: connection.c,v 1.11 2000/11/23 12:56:59 niklas Exp $ */
+/* $OpenBSD: connection.c,v 1.12 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: connection.c,v 1.28 2000/11/23 12:21:18 niklas Exp $ */
/*
@@ -459,7 +459,7 @@ connection_reinit (void)
LOG_DBG ((LOG_MISC, 30,
"connection_reinit: reinitializing connection list"));
- /* Remove all present connections. */
+ /* Remove all present connections. */
for (conn = TAILQ_FIRST (&connections); conn; conn = TAILQ_NEXT (conn, link))
connection_teardown (conn->name);
diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c
index 3235ad9007a..1475a243025 100644
--- a/sbin/isakmpd/exchange.c
+++ b/sbin/isakmpd/exchange.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: exchange.c,v 1.38 2001/01/22 08:37:05 angelos Exp $ */
+/* $OpenBSD: exchange.c,v 1.39 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */
/*
@@ -638,7 +638,7 @@ exchange_create (int phase, int initiator, int doi, int type)
exchange, &expiration);
if (!exchange->death)
{
- /* If we don't give up we might start leaking... */
+ /* If we don't give up we might start leaking... */
exchange_free_aux (exchange);
return 0;
}
@@ -1085,7 +1085,7 @@ exchange_dump_real (char *header, struct exchange *exchange, int class,
int level)
{
char buf[LOG_SIZE];
- /* Don't risk overflowing the final log buffer. */
+ /* Don't risk overflowing the final log buffer. */
int bufsize_max = LOG_SIZE - strlen (header) - 32;
struct sa *sa;
@@ -1644,7 +1644,7 @@ exchange_establish (char *name,
trpt = conf_get_str (name, "Transport");
if (!trpt)
{
- /* Phase 1 transport defaults to "udp". */
+ /* Phase 1 transport defaults to "udp". */
trpt = ISAKMP_DEFAULT_TRANSPORT;
}
diff --git a/sbin/isakmpd/exchange.h b/sbin/isakmpd/exchange.h
index f4ec48836ad..8c493bf5e60 100644
--- a/sbin/isakmpd/exchange.h
+++ b/sbin/isakmpd/exchange.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: exchange.h,v 1.15 2000/10/07 06:59:46 niklas Exp $ */
+/* $OpenBSD: exchange.h,v 1.16 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: exchange.h,v 1.28 2000/09/28 12:54:28 niklas Exp $ */
/*
@@ -162,7 +162,7 @@ struct exchange {
void *recv_cert;
void *recv_key;
- /* XXX This is no longer necessary, it is covered by policy. */
+ /* XXX This is no longer necessary, it is covered by policy. */
/* Acceptable authorities for cert requests */
TAILQ_HEAD (aca_head, certreq_aca) aca_list;
diff --git a/sbin/isakmpd/genconstants.sh b/sbin/isakmpd/genconstants.sh
index e883980d672..24eba0caf7b 100644
--- a/sbin/isakmpd/genconstants.sh
+++ b/sbin/isakmpd/genconstants.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: genconstants.sh,v 1.6 1999/04/27 21:02:57 niklas Exp $
+# $OpenBSD: genconstants.sh,v 1.7 2001/01/26 12:12:51 niklas Exp $
# $EOM: genconstants.sh,v 1.6 1999/04/02 01:15:53 niklas Exp $
#
@@ -50,7 +50,7 @@ $awk "
$locase_function
"'
BEGIN {
- print "/* DO NOT EDIT-- this file is automatically generated. */\n"
+ print "/* DO NOT EDIT-- this file is automatically generated. */\n"
print "#ifndef _'$upcased_name'_H_"
print "#define _'$upcased_name'_H_\n"
print "#include \"sysdep.h\"\n"
@@ -86,7 +86,7 @@ $awk "
$locase_function
"'
BEGIN {
- print "/* DO NOT EDIT-- this file is automatically generated. */\n"
+ print "/* DO NOT EDIT-- this file is automatically generated. */\n"
print "#include \"sysdep.h\"\n"
print "#include \"constants.h\""
print "#include \"'$base'.h\"\n"
diff --git a/sbin/isakmpd/genfields.sh b/sbin/isakmpd/genfields.sh
index f53cdcb00ef..9626c8b26e7 100644
--- a/sbin/isakmpd/genfields.sh
+++ b/sbin/isakmpd/genfields.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: genfields.sh,v 1.4 1999/04/27 21:02:57 niklas Exp $
+# $OpenBSD: genfields.sh,v 1.5 2001/01/26 12:12:51 niklas Exp $
# $EOM: genfields.sh,v 1.5 1999/04/02 01:15:55 niklas Exp $
#
@@ -50,7 +50,7 @@ $awk "
$locase_function
"'
BEGIN {
- print "/* DO NOT EDIT-- this file is automatically generated. */\n"
+ print "/* DO NOT EDIT-- this file is automatically generated. */\n"
print "#ifndef _'$upcased_name'_H_"
print "#define _'$upcased_name'_H_\n"
@@ -129,7 +129,7 @@ $awk "
$locase_function
"'
BEGIN {
- print "/* DO NOT EDIT-- this file is automatically generated. */\n"
+ print "/* DO NOT EDIT-- this file is automatically generated. */\n"
print "#include \"sysdep.h\"\n"
print "#include \"constants.h\""
print "#include \"field.h\""
diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c
index 856eadff44b..ce0ff5e2319 100644
--- a/sbin/isakmpd/ike_auth.c
+++ b/sbin/isakmpd/ike_auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_auth.c,v 1.31 2000/12/19 19:03:05 mickey Exp $ */
+/* $OpenBSD: ike_auth.c,v 1.32 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */
/*
@@ -565,9 +565,10 @@ rsa_sig_decode_hash (struct message *msg)
return -1;
}
- /* XXX Assume we should use the same kind of certification as the
- XXX remote...moreover, just use the first CERT payload to
- XXX decide what to use. */
+ /*
+ * XXX Assume we should use the same kind of certification as the remote...
+ * moreover, just use the first CERT payload to decide what to use.
+ */
p = TAILQ_FIRST (&msg->payload[ISAKMP_PAYLOAD_CERT]);
if (!p)
handler = cert_get (ISAKMP_CERTENC_KEYNOTE);
diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c
index f8b57b191a5..4a057071332 100644
--- a/sbin/isakmpd/ike_quick_mode.c
+++ b/sbin/isakmpd/ike_quick_mode.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_quick_mode.c,v 1.41 2001/01/26 11:08:43 niklas Exp $ */
+/* $OpenBSD: ike_quick_mode.c,v 1.42 2001/01/26 12:12:51 niklas Exp $ */
/* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */
/*
@@ -141,20 +141,24 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)
if (keynote_policy_asserts_num)
{
- keynote_ids = calloc (keynote_policy_asserts_num, sizeof(int));
- if (keynote_ids == NULL)
+ keynote_ids = calloc (keynote_policy_asserts_num, sizeof *keynote_ids);
+ if (!keynote_ids)
{
- log_print ("check_policy: failed to allocate %d bytes for book keeping", keynote_policy_asserts_num * sizeof(int));
+ log_print ("check_policy: "
+ "failed to allocate %d bytes for book keeping",
+ keynote_policy_asserts_num * sizeof *keynote_ids);
return 0;
}
}
if (x509_policy_asserts_num)
{
- x509_ids = calloc (x509_policy_asserts_num, sizeof(int));
- if (x509_ids == NULL)
+ x509_ids = calloc (x509_policy_asserts_num, sizeof *x509_ids);
+ if (!x509_ids)
{
- log_print ("check_policy: failed to allocate %d bytes for book keeping", x509_policy_asserts_num * sizeof(int));
+ log_print ("check_policy: "
+ "failed to allocate %d bytes for book keeping",
+ x509_policy_asserts_num * sizeof *x509_ids);
free (keynote_ids);
return 0;
}
@@ -186,8 +190,10 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)
switch (isakmp_sa->recv_certtype)
{
case ISAKMP_CERTENC_NONE:
- /* For shared keys, just duplicate the passphrase with the
- appropriate prefix tag. */
+ /*
+ * For shared keys, just duplicate the passphrase with the
+ * appropriate prefix tag.
+ */
nprinc = 1;
principal = calloc (nprinc, sizeof(*principal));
if (principal == NULL)
@@ -754,7 +760,7 @@ initiator_send_HASH_SA_NONCE (struct message *msg)
proto->spi_sz[1] = spi_sz;
proto->spi[1] = spi;
- /* Let the DOI get at proto for initializing its own data. */
+ /* Let the DOI get at proto for initializing its own data. */
if (doi->proto_init)
doi->proto_init (proto, prot->field);
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c
index 62b2300e47d..32a948d192e 100644
--- a/sbin/isakmpd/ipsec.c
+++ b/sbin/isakmpd/ipsec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec.c,v 1.36 2001/01/14 23:40:01 angelos Exp $ */
+/* $OpenBSD: ipsec.c,v 1.37 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */
/*
@@ -360,7 +360,7 @@ ipsec_set_network (u_int8_t *src_id, u_int8_t *dst_id, struct ipsec_sa *isa)
{
int id;
- /* Set source address. */
+ /* Set source address. */
id = GET_ISAKMP_ID_TYPE (src_id);
switch (id)
{
diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c
index afb65351dc1..bf581bc6e8d 100644
--- a/sbin/isakmpd/isakmpd.c
+++ b/sbin/isakmpd/isakmpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: isakmpd.c,v 1.25 2000/10/07 06:58:37 niklas Exp $ */
+/* $OpenBSD: isakmpd.c,v 1.26 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $ */
/*
@@ -201,7 +201,7 @@ reinit (void)
if (regrand)
srandom (strtoul (optarg, 0, 0));
- /* Reread config file. */
+ /* Reread config file. */
conf_reinit ();
/* Try again to link in libcrypto (good if we started without /usr). */
@@ -211,14 +211,14 @@ reinit (void)
tzset ();
#ifdef USE_POLICY
- /* Reread the policies. */
+ /* Reread the policies. */
policy_init ();
#endif
/* Reinitialize certificates */
cert_init();
- /* Reinitialize our connection list. */
+ /* Reinitialize our connection list. */
connection_reinit ();
/*
diff --git a/sbin/isakmpd/libcrypto.c b/sbin/isakmpd/libcrypto.c
index d30001dd96d..d2b6ab4ae03 100644
--- a/sbin/isakmpd/libcrypto.c
+++ b/sbin/isakmpd/libcrypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: libcrypto.c,v 1.8 2000/12/19 22:00:02 markus Exp $ */
+/* $OpenBSD: libcrypto.c,v 1.9 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: libcrypto.c,v 1.14 2000/09/28 12:53:27 niklas Exp $ */
/*
@@ -108,7 +108,8 @@ int (*lc_i2d_RSAPublicKey) (RSA *, unsigned char **);
int (*lc_i2d_RSAPrivateKey) (RSA *, unsigned char **);
int (*lc_i2d_X509) (X509 *, unsigned char **);
int (*lc_i2d_X509_NAME) (X509_NAME *, unsigned char **);
-#if (SSLEAY_VERSION_NUMBER >= 0x00904100L && SSLEAY_VERSION_NUMBER < 0x0090600fL)
+#if (SSLEAY_VERSION_NUMBER >= 0x00904100L \
+ && SSLEAY_VERSION_NUMBER < 0x0090600fL)
void (*lc_sk_X509_free) (STACK_OF (X509) *);
STACK_OF (X509) *(*lc_sk_X509_new_null) ();
#else
@@ -177,7 +178,8 @@ static struct dynload_script libcrypto_script[] = {
SYMENTRY (i2d_RSAPrivateKey),
SYMENTRY (i2d_X509),
SYMENTRY (i2d_X509_NAME),
-#if (SSLEAY_VERSION_NUMBER >= 0x00904100L && SSLEAY_VERSION_NUMBER < 0x0090600fL)
+#if (SSLEAY_VERSION_NUMBER >= 0x00904100L \
+ && SSLEAY_VERSION_NUMBER < 0x0090600fL)
SYMENTRY (sk_X509_free),
SYMENTRY (sk_X509_new_null),
#else
diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c
index 0433896ce97..fb2b042d6b4 100644
--- a/sbin/isakmpd/log.c
+++ b/sbin/isakmpd/log.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.c,v 1.14 2000/12/12 05:12:45 todd Exp $ */
+/* $OpenBSD: log.c,v 1.15 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */
/*
@@ -133,16 +133,17 @@ _log_print (int error, int syslog_level, const char *fmt, va_list ap,
* We may need to explicitly close stdout to do this properly.
* XXX - Figure out how to match two FILE *'s and rewrite.
*/
- if (fileno (log_output) != -1)
- if (fileno (stdout) == fileno (log_output))
- fclose (stdout);
+ if (fileno (log_output) != -1
+ && fileno (stdout) == fileno (log_output))
+ fclose (stdout);
fclose (log_output);
/* Fallback to syslog. */
log_to (0);
- /* (Re)send current message to syslog(). */
- syslog (class == LOG_REPORT ? LOG_ALERT : syslog_level, "%s", buffer);
+ /* (Re)send current message to syslog(). */
+ syslog (class == LOG_REPORT ? LOG_ALERT
+ : syslog_level, "%s", buffer);
}
}
else
diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c
index 33f82d59c2a..2884c5be9a3 100644
--- a/sbin/isakmpd/message.c
+++ b/sbin/isakmpd/message.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: message.c,v 1.34 2000/10/10 13:35:11 niklas Exp $ */
+/* $OpenBSD: message.c,v 1.35 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */
/*
@@ -281,7 +281,7 @@ message_parse_payloads (struct message *msg, struct payload *p, u_int8_t next,
*/
len = GET_ISAKMP_GEN_LENGTH (buf);
- /* Ignore private payloads. */
+ /* Ignore private payloads. */
if (next >= ISAKMP_PAYLOAD_PRIVATE_MIN)
{
LOG_DBG ((LOG_MESSAGE, 30,
@@ -943,7 +943,9 @@ message_recv (struct message *msg)
if (GET_ISAKMP_HDR_NEXT_PAYLOAD (buf) >= ISAKMP_PAYLOAD_RESERVED_MIN)
{
- log_print ("message_recv: invalid payload type %d in ISAKMP header (check passphrases, if applicable and in Phase 1)",
+ log_print ("message_recv: "
+ "invalid payload type %d in ISAKMP header "
+ "(check passphrases, if applicable and in Phase 1)",
GET_ISAKMP_HDR_NEXT_PAYLOAD (buf));
message_drop (msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1);
return -1;
diff --git a/sbin/isakmpd/pf_encap.c b/sbin/isakmpd/pf_encap.c
index f25fb335b84..cf2fb84d74c 100644
--- a/sbin/isakmpd/pf_encap.c
+++ b/sbin/isakmpd/pf_encap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_encap.c,v 1.18 2000/12/12 01:46:29 niklas Exp $ */
+/* $OpenBSD: pf_encap.c,v 1.19 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: pf_encap.c,v 1.73 2000/12/04 04:46:34 angelos Exp $ */
/*
@@ -281,7 +281,8 @@ pf_encap_write (struct encap_msghdr *em)
}
if ((size_t)n != em->em_msglen)
{
- log_error ("pf_encap_write: write (%d, ...) returned prematurely", pf_encap_socket);
+ log_error ("pf_encap_write: write (%d, ...) returned prematurely",
+ pf_encap_socket);
return -1;
}
return 0;
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index fa343ed7d90..cdb09ff30a8 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.43 2001/01/10 21:41:54 angelos Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.44 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -792,7 +792,9 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming)
#endif
default:
- LOG_DBG ((LOG_SYSDEP, 50, "pf_key_v2_set_spi: unknown encryption algorithm %d", proto->id));
+ LOG_DBG ((LOG_SYSDEP, 50,
+ "pf_key_v2_set_spi: unknown encryption algorithm %d",
+ proto->id));
return -1;
}
@@ -827,7 +829,9 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming)
case IPSEC_AUTH_DES_MAC:
case IPSEC_AUTH_KPDK:
/* XXX We should be supporting KPDK */
- LOG_DBG ((LOG_SYSDEP, 50, "pf_key_v2_set_spi: unknown authentication algorithm %d", iproto->auth));
+ LOG_DBG ((LOG_SYSDEP, 50,
+ "pf_key_v2_set_spi: unknown authentication algorithm %d",
+ iproto->auth));
return -1;
default:
@@ -870,7 +874,9 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming)
#endif
default:
- LOG_DBG ((LOG_SYSDEP, 50, "pf_key_v2_set_spi: unknown authentication algorithm %d", proto->id));
+ LOG_DBG ((LOG_SYSDEP, 50,
+ "pf_key_v2_set_spi: unknown authentication algorithm %d",
+ proto->id));
goto cleanup;
}
break;
@@ -1021,7 +1027,7 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming)
addr = 0;
#if 0
- /* XXX I am not sure about what to do here just yet. */
+ /* XXX I am not sure about what to do here just yet. */
if (iproto->encap_mode == IPSEC_ENCAP_TUNNEL)
{
len = sizeof *addr + PF_KEY_V2_ROUND (dstlen);
@@ -2308,14 +2314,18 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
pwd = getpwuid (srcident->sadb_ident_id);
if (pwd == NULL)
{
- log_error ("pf_key_v2_acquire: could not acquire username from provided ID %d", srcident->sadb_ident_id);
+ log_error ("pf_key_v2_acquire: could not acquire "
+ "username from provided ID %d",
+ srcident->sadb_ident_id);
goto fail;
}
if (slen != 0)
if (strcmp (pwd->pw_name, (char *)(srcident + 1)) != 0)
{
- log_error ("pf_key_v2_acquire: provided user name and ID do not match (%s != %s)", (char *)(srcident + 1), pwd->pw_name);
+ log_error ("pf_key_v2_acquire: provided user name and "
+ "ID do not match (%s != %s)",
+ (char *)(srcident + 1), pwd->pw_name);
goto fail;
}
}
@@ -2409,14 +2419,18 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
pwd = getpwuid (dstident->sadb_ident_id);
if (pwd == NULL)
{
- log_error ("pf_key_v2_acquire: could not acquire username from provided ID %d", dstident->sadb_ident_id);
+ log_error ("pf_key_v2_acquire: could not acquire "
+ "username from provided ID %d",
+ dstident->sadb_ident_id);
goto fail;
}
if (slen != 0)
if (strcmp (pwd->pw_name, (char *)(dstident + 1)) != 0)
{
- log_error ("pf_key_v2_acquire: provided user name and ID do not match (%s != %s)", (char *)(dstident + 1), pwd->pw_name);
+ log_error ("pf_key_v2_acquire: provided user name and "
+ "ID do not match (%s != %s)",
+ (char *)(dstident + 1), pwd->pw_name);
goto fail;
}
}
diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c
index b87343549bb..d38ef4cae65 100644
--- a/sbin/isakmpd/policy.c
+++ b/sbin/isakmpd/policy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: policy.c,v 1.19 2001/01/10 00:42:00 angelos Exp $ */
+/* $OpenBSD: policy.c,v 1.20 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */
/*
@@ -1233,25 +1233,35 @@ policy_callback (char *name)
LOG_DBG ((LOG_SA, 80, "esp_group_desc == %s", esp_group_desc));
LOG_DBG ((LOG_SA, 80, "comp_group_desc == %s", comp_group_desc));
LOG_DBG ((LOG_SA, 80, "remote_filter_type == %s", remote_filter_type));
- LOG_DBG ((LOG_SA, 80, "remote_filter_addr_upper == %s", remote_filter_addr_upper));
- LOG_DBG ((LOG_SA, 80, "remote_filter_addr_lower == %s", remote_filter_addr_lower));
- LOG_DBG ((LOG_SA, 80, "remote_filter == %s", (remote_filter ? remote_filter : "")));
+ LOG_DBG ((LOG_SA, 80, "remote_filter_addr_upper == %s",
+ remote_filter_addr_upper));
+ LOG_DBG ((LOG_SA, 80, "remote_filter_addr_lower == %s",
+ remote_filter_addr_lower));
+ LOG_DBG ((LOG_SA, 80, "remote_filter == %s",
+ (remote_filter ? remote_filter : "")));
LOG_DBG ((LOG_SA, 80, "remote_filter_port == %s", remote_filter_port));
LOG_DBG ((LOG_SA, 80, "remote_filter_proto == %s", remote_filter_proto));
LOG_DBG ((LOG_SA, 80, "local_filter_type == %s", local_filter_type));
- LOG_DBG ((LOG_SA, 80, "local_filter_addr_upper == %s", local_filter_addr_upper));
- LOG_DBG ((LOG_SA, 80, "local_filter_addr_lower == %s", local_filter_addr_lower));
- LOG_DBG ((LOG_SA, 80, "local_filter == %s", (local_filter ? local_filter : "")));
+ LOG_DBG ((LOG_SA, 80, "local_filter_addr_upper == %s",
+ local_filter_addr_upper));
+ LOG_DBG ((LOG_SA, 80, "local_filter_addr_lower == %s",
+ local_filter_addr_lower));
+ LOG_DBG ((LOG_SA, 80, "local_filter == %s",
+ (local_filter ? local_filter : "")));
LOG_DBG ((LOG_SA, 80, "local_filter_port == %s", local_filter_port));
LOG_DBG ((LOG_SA, 80, "local_filter_proto == %s", local_filter_proto));
LOG_DBG ((LOG_SA, 80, "remote_id_type == %s", remote_id_type));
- LOG_DBG ((LOG_SA, 80, "remote_id_addr_upper == %s", remote_id_addr_upper));
- LOG_DBG ((LOG_SA, 80, "remote_id_addr_lower == %s", remote_id_addr_lower));
+ LOG_DBG ((LOG_SA, 80, "remote_id_addr_upper == %s",
+ remote_id_addr_upper));
+ LOG_DBG ((LOG_SA, 80, "remote_id_addr_lower == %s",
+ remote_id_addr_lower));
LOG_DBG ((LOG_SA, 80, "remote_id == %s", (remote_id ? remote_id : "")));
LOG_DBG ((LOG_SA, 80, "remote_id_port == %s", remote_id_port));
LOG_DBG ((LOG_SA, 80, "remote_id_proto == %s", remote_id_proto));
- LOG_DBG ((LOG_SA, 80, "remote_negotiation_address == %s", remote_ike_address));
- LOG_DBG ((LOG_SA, 80, "local_negotiation_address == %s", local_ike_address));
+ LOG_DBG ((LOG_SA, 80, "remote_negotiation_address == %s",
+ remote_ike_address));
+ LOG_DBG ((LOG_SA, 80, "local_negotiation_address == %s",
+ local_ike_address));
LOG_DBG ((LOG_SA, 80, "pfs == %s", pfs));
LOG_DBG ((LOG_SA, 80, "initiator == %s", initiator));
LOG_DBG ((LOG_SA, 80, "phase1_group_desc == %s", phase1_group));
@@ -1478,7 +1488,7 @@ policy_init (void)
log_fatal ("policy_init: calloc (%d, %d) failed", st.st_size,
sizeof (char));
- /* Just in case there are short reads... */
+ /* Just in case there are short reads... */
for (len = 0; len < st.st_size; len += i)
{
i = read (fd, ptr + len, st.st_size - len);
diff --git a/sbin/isakmpd/prf.h b/sbin/isakmpd/prf.h
index 6426ad4a569..5cb91026f5d 100644
--- a/sbin/isakmpd/prf.h
+++ b/sbin/isakmpd/prf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: prf.h,v 1.3 1998/11/17 11:10:19 niklas Exp $ */
+/* $OpenBSD: prf.h,v 1.4 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: prf.h,v 1.1 1998/07/11 20:06:22 provos Exp $ */
/*
@@ -37,7 +37,7 @@
#ifndef _PRF_H_
#define _PRF_H_
-/* Enumeration of possible PRF - Pseudo-Random Functions. */
+/* Enumeration of possible PRF - Pseudo-Random Functions. */
enum prfs {
PRF_HMAC = 0, /* No PRFs in drafts, this is the default */
};
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c
index 93bfe78a5f1..0584adb9fcd 100644
--- a/sbin/isakmpd/sa.c
+++ b/sbin/isakmpd/sa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sa.c,v 1.35 2001/01/22 08:14:24 angelos Exp $ */
+/* $OpenBSD: sa.c,v 1.36 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */
/*
@@ -783,7 +783,7 @@ sa_setup_expirations (struct sa *sa)
= timer_add_event ("sa_soft_expire", sa_soft_expire, sa, &expiration);
if (!sa->soft_death)
{
- /* If we don't give up we might start leaking... */
+ /* If we don't give up we might start leaking... */
sa_delete (sa, 1);
return -1;
}
@@ -801,7 +801,7 @@ sa_setup_expirations (struct sa *sa)
= timer_add_event ("sa_hard_expire", sa_hard_expire, sa, &expiration);
if (!sa->death)
{
- /* If we don't give up we might start leaking... */
+ /* If we don't give up we might start leaking... */
sa_delete (sa, 1);
return -1;
}
diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c
index 48d78270bea..1c80286e179 100644
--- a/sbin/isakmpd/udp.c
+++ b/sbin/isakmpd/udp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: udp.c,v 1.25 2001/01/26 11:08:08 niklas Exp $ */
+/* $OpenBSD: udp.c,v 1.26 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */
/*
@@ -460,7 +460,7 @@ udp_init ()
LIST_INIT (&udp_listen_list);
- /* Bind the ISAKMP UDP port on all network interfaces we have. */
+ /* Bind the ISAKMP UDP port on all network interfaces we have. */
/* XXX need to check errors */
if_map (udp_bind_if, &port);
diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c
index e7ae5b1775b..e1fab8c8271 100644
--- a/sbin/isakmpd/x509.c
+++ b/sbin/isakmpd/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.36 2001/01/26 11:09:12 niklas Exp $ */
+/* $OpenBSD: x509.c,v 1.37 2001/01/26 12:12:52 niklas Exp $ */
/* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */
/*
@@ -118,12 +118,14 @@ x509_generate_kn (X509 *cert)
RSA *key;
char **new_asserts;
- LOG_DBG ((LOG_CRYPTO, 90, "x509_generate_kn: generating KeyNote policy for certificate %p", cert));
+ LOG_DBG ((LOG_CRYPTO, 90,
+ "x509_generate_kn: generating KeyNote policy for certificate %p",
+ cert));
issuer = LC (X509_get_issuer_name, (cert));
subject = LC (X509_get_subject_name, (cert));
- /* Missing or self-signed, ignore cert but don't report failure */
+ /* Missing or self-signed, ignore cert but don't report failure. */
if (!issuer || !subject || !LC (X509_name_cmp, (issuer, subject)))
return 1;
@@ -232,7 +234,7 @@ x509_generate_kn (X509 *cert)
return 0;
}
- /* We could print the assertion here, but log_print() truncates... */
+ /* We could print the assertion here, but log_print() truncates... */
free (buf);