diff --git a/distrib/sets/lists/base/shl.elf b/distrib/sets/lists/base/shl.elf index b893aededb09..8640c14d0b5c 100644 --- a/distrib/sets/lists/base/shl.elf +++ b/distrib/sets/lists/base/shl.elf @@ -1,4 +1,4 @@ -# $NetBSD: shl.elf,v 1.16 2000/02/20 07:02:48 mycroft Exp $ +# $NetBSD: shl.elf,v 1.17 2000/03/13 21:23:58 itojun Exp $ ./usr/lib/libamu.so.1 ./usr/lib/libbz2.so.0 ./usr/lib/libc.so.12 @@ -7,7 +7,7 @@ ./usr/lib/libedit.so.2 ./usr/lib/libg2c.so.0 ./usr/lib/libgnumalloc.so.0 -./usr/lib/libipsec.so.1 +./usr/lib/libipsec.so.2 ./usr/lib/libkvm.so.5 ./usr/lib/libm.so.0 ./usr/lib/libmenu.so.0 diff --git a/distrib/sets/lists/base/shl.mi b/distrib/sets/lists/base/shl.mi index 4a2aab72e57a..95ceae069a86 100644 --- a/distrib/sets/lists/base/shl.mi +++ b/distrib/sets/lists/base/shl.mi @@ -1,4 +1,4 @@ -# $NetBSD: shl.mi,v 1.57 2000/03/09 23:32:03 cjs Exp $ +# $NetBSD: shl.mi,v 1.58 2000/03/13 21:23:58 itojun Exp $ ./usr/lib/libamu.so.1.1 ./usr/lib/libbz2.so.0.0 ./usr/lib/libc.so.12.58 @@ -7,7 +7,7 @@ ./usr/lib/libedit.so.2.3 ./usr/lib/libg2c.so.0.0 ./usr/lib/libgnumalloc.so.0.0 -./usr/lib/libipsec.so.1.0 +./usr/lib/libipsec.so.2.0 ./usr/lib/libkvm.so.5.0 ./usr/lib/libm.so.0.1 ./usr/lib/libmenu.so.0.1 diff --git a/lib/libipsec/Makefile b/lib/libipsec/Makefile index 6d68b0b6438a..b09ed21ec912 100644 --- a/lib/libipsec/Makefile +++ b/lib/libipsec/Makefile @@ -1,18 +1,19 @@ -# $NetBSD: Makefile,v 1.3 2000/01/31 14:15:30 itojun Exp $ +# $NetBSD: Makefile,v 1.4 2000/03/13 21:23:55 itojun Exp $ LIB= ipsec CFLAGS+=-g CPPFLAGS+=-DIPSEC_DEBUG -DIPSEC -DINET6 -I. -DYY_NO_UNPUT -.PATH: ${.CURDIR}/../../sys/netkey -SRCS= pfkey.c pfkey_dump.c SRCS+= ipsec_strerror.c policy_parse.y policy_token.l SRCS+= ipsec_get_policylen.c ipsec_dump_policy.c -SRCS+= key_debug.c LPREFIX+=__libyy YPREFIX+=__libyy YHEADER=1 +#.PATH: ${.CURDIR}/../../sys/netkey +#SRCS+= pfkey.c pfkey_dump.c +#SRCS+= key_debug.c + #LFLAGS+= -olex.yy.c MAN= ipsec_set_policy.3 ipsec_strerror.3 diff --git a/lib/libipsec/ipsec_dump_policy.c b/lib/libipsec/ipsec_dump_policy.c index 8349b3dfb861..d31b3c0a0d34 100644 --- a/lib/libipsec/ipsec_dump_policy.c +++ b/lib/libipsec/ipsec_dump_policy.c @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_dump_policy.c,v 1.1 2000/02/01 03:08:36 itojun Exp $ */ +/* $NetBSD: ipsec_dump_policy.c,v 1.2 2000/03/13 21:23:55 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -79,7 +79,7 @@ ipsec_dump_policy(policy, delimiter) if (policy == NULL) return NULL; if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) { - ipsec_errcode = EIPSEC_INVAL_EXTTYPE; + __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; return NULL; } @@ -93,7 +93,7 @@ ipsec_dump_policy(policy, delimiter) case IPSEC_DIR_OUTBOUND: break; default: - ipsec_errcode = EIPSEC_INVAL_DIR; + __ipsec_errcode = EIPSEC_INVAL_DIR; return NULL; } @@ -105,7 +105,7 @@ ipsec_dump_policy(policy, delimiter) case IPSEC_POLICY_ENTRUST: break; default: - ipsec_errcode = EIPSEC_INVAL_POLICY; + __ipsec_errcode = EIPSEC_INVAL_POLICY; return NULL; } @@ -115,7 +115,7 @@ ipsec_dump_policy(policy, delimiter) + 1; /* NUL */ if ((buf = malloc(buflen)) == NULL) { - ipsec_errcode = EIPSEC_NO_BUFS; + __ipsec_errcode = EIPSEC_NO_BUFS; return NULL; } strcpy(buf, ipsp_dir_strs[xpl->sadb_x_policy_dir]); @@ -123,7 +123,7 @@ ipsec_dump_policy(policy, delimiter) strcat(buf, ipsp_policy_strs[xpl->sadb_x_policy_type]); if (xpl->sadb_x_policy_type != IPSEC_POLICY_IPSEC) { - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return buf; } @@ -142,13 +142,13 @@ ipsec_dump_policy(policy, delimiter) /* validity check */ if (xtlen < 0) { - ipsec_errcode = EIPSEC_INVAL_SADBMSG; + __ipsec_errcode = EIPSEC_INVAL_SADBMSG; free(buf); return NULL; } if ((buf = realloc(buf, buflen)) == NULL) { - ipsec_errcode = EIPSEC_NO_BUFS; + __ipsec_errcode = EIPSEC_NO_BUFS; return NULL; } @@ -169,7 +169,7 @@ ipsec_dump_policy(policy, delimiter) strcat(buf, "ipcomp"); break; default: - ipsec_errcode = EIPSEC_INVAL_PROTO; + __ipsec_errcode = EIPSEC_INVAL_PROTO; free(buf); return NULL; } @@ -187,7 +187,7 @@ ipsec_dump_policy(policy, delimiter) strcat(buf, "tunnel"); break; default: - ipsec_errcode = EIPSEC_INVAL_MODE; + __ipsec_errcode = EIPSEC_INVAL_MODE; free(buf); return NULL; } @@ -197,7 +197,7 @@ ipsec_dump_policy(policy, delimiter) if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { error = set_addresses(buf, (caddr_t)(xisr + 1)); if (error) { - ipsec_errcode = EIPSEC_INVAL_MODE; + __ipsec_errcode = EIPSEC_INVAL_MODE; free(buf); return NULL; } @@ -217,7 +217,7 @@ ipsec_dump_policy(policy, delimiter) strcat(buf, "/unique"); break; default: - ipsec_errcode = EIPSEC_INVAL_LEVEL; + __ipsec_errcode = EIPSEC_INVAL_LEVEL; free(buf); return NULL; } @@ -239,7 +239,7 @@ ipsec_dump_policy(policy, delimiter) + xisr->sadb_x_ipsecrequest_len); } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return buf; } diff --git a/lib/libipsec/ipsec_strerror.c b/lib/libipsec/ipsec_strerror.c index 33aad1712edc..44bbce57ed1a 100644 --- a/lib/libipsec/ipsec_strerror.c +++ b/lib/libipsec/ipsec_strerror.c @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_strerror.c,v 1.4 2000/01/31 14:15:31 itojun Exp $ */ +/* $NetBSD: ipsec_strerror.c,v 1.5 2000/03/13 21:23:55 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -37,7 +37,7 @@ #include "ipsec_strerror.h" -int ipsec_errcode; +int __ipsec_errcode; static char *ipsec_errlist[] = { "Success", /*EIPSEC_NO_ERROR*/ @@ -72,15 +72,15 @@ NULL, /*EIPSEC_SYSTEM_ERROR*/ char *ipsec_strerror(void) { - if (ipsec_errcode < 0 || ipsec_errcode > EIPSEC_MAX) - ipsec_errcode = EIPSEC_MAX; + if (__ipsec_errcode < 0 || __ipsec_errcode > EIPSEC_MAX) + __ipsec_errcode = EIPSEC_MAX; - return ipsec_errlist[ipsec_errcode]; + return ipsec_errlist[__ipsec_errcode]; } -void ipsec_set_strerror(char *str) +void __ipsec_set_strerror(char *str) { - ipsec_errcode = EIPSEC_SYSTEM_ERROR; + __ipsec_errcode = EIPSEC_SYSTEM_ERROR; ipsec_errlist[EIPSEC_SYSTEM_ERROR] = str; return; diff --git a/lib/libipsec/ipsec_strerror.h b/lib/libipsec/ipsec_strerror.h index 2af442154de4..bb50b31159b3 100644 --- a/lib/libipsec/ipsec_strerror.h +++ b/lib/libipsec/ipsec_strerror.h @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_strerror.h,v 1.4 2000/01/31 14:15:31 itojun Exp $ */ +/* $NetBSD: ipsec_strerror.h,v 1.5 2000/03/13 21:23:56 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -29,8 +29,8 @@ * SUCH DAMAGE. */ -extern int ipsec_errcode; -extern void ipsec_set_strerror __P((char *)); +extern int __ipsec_errcode; +extern void __ipsec_set_strerror __P((char *)); #define EIPSEC_NO_ERROR 0 /*success*/ #define EIPSEC_NOT_SUPPORTED 1 /*not supported*/ diff --git a/lib/libipsec/pfkey.c b/lib/libipsec/pfkey.c index 145b0c08a641..38b2c752ccb5 100644 --- a/lib/libipsec/pfkey.c +++ b/lib/libipsec/pfkey.c @@ -1,4 +1,4 @@ -/* $NetBSD: pfkey.c,v 1.8 2000/02/08 13:17:52 itojun Exp $ */ +/* $NetBSD: pfkey.c,v 1.9 2000/03/13 21:23:56 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -94,7 +94,7 @@ ipsec_check_keylen(supported, alg_id, keylen) /* validity check */ if (ipsec_supported == NULL) { - ipsec_errcode = EIPSEC_DO_GET_SUPP_LIST; + __ipsec_errcode = EIPSEC_DO_GET_SUPP_LIST; return -1; } switch (supported) { @@ -102,7 +102,7 @@ ipsec_check_keylen(supported, alg_id, keylen) case SADB_EXT_SUPPORTED_ENCRYPT: break; default: - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } @@ -133,18 +133,18 @@ ipsec_check_keylen(supported, alg_id, keylen) } } - ipsec_errcode = EIPSEC_NOT_SUPPORTED; + __ipsec_errcode = EIPSEC_NOT_SUPPORTED; return -1; /* NOTREACHED */ found: if (keylen < alg->sadb_alg_minbits || keylen > alg->sadb_alg_maxbits) { - ipsec_errcode = EIPSEC_INVAL_KEYLEN; + __ipsec_errcode = EIPSEC_INVAL_KEYLEN; return -1; } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -161,7 +161,7 @@ u_int pfkey_set_softrate(type, rate) u_int type, rate; { - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; if (rate > 100 || rate == 0) rate = 100; @@ -181,7 +181,7 @@ pfkey_set_softrate(type, rate) return 0; } - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return 1; } @@ -227,15 +227,15 @@ pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) /* validity check */ if (src == NULL || dst == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } if (src->sa_family != dst->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } if (min > max || (min > 0 && min <= 255)) { - ipsec_errcode = EIPSEC_INVAL_SPI; + __ipsec_errcode = EIPSEC_INVAL_SPI; return -1; } @@ -252,7 +252,7 @@ pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) } if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -293,7 +293,7 @@ pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq) if (len < 0) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -456,7 +456,7 @@ pfkey_recv_register(so) sup->sadb_supported_len = PFKEY_EXTLEN(sup); break; default: - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; free(newmsg); return -1; } @@ -466,7 +466,7 @@ pfkey_recv_register(so) } if (tlen < 0) { - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } @@ -475,7 +475,7 @@ pfkey_recv_register(so) ipsec_supported = newmsg; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -564,16 +564,16 @@ pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) /* validity check */ if (src == NULL || dst == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } if (src->sa_family != dst->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } if (prefs > (_INALENBYAF(src->sa_family) << 3) || prefd > (_INALENBYAF(dst->sa_family) << 3)) { - ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; + __ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; return -1; } @@ -586,7 +586,7 @@ pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) + policylen; if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -612,7 +612,7 @@ pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq) if (len < 0) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -636,16 +636,16 @@ pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, seq) /* validity check */ if (src == NULL || dst == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } if (src->sa_family != dst->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } if (prefs > (_INALENBYAF(src->sa_family) << 3) || prefd > (_INALENBYAF(dst->sa_family) << 3)) { - ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; + __ipsec_errcode = EIPSEC_INVAL_PREFIXLEN; return -1; } @@ -657,7 +657,7 @@ pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, seq) + PFKEY_ALIGN8(_SALENBYAF(src->sa_family)); if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -682,7 +682,7 @@ pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, seq) if (len < 0) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -742,35 +742,35 @@ pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, /* validity check */ if (src == NULL || dst == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } if (src->sa_family != dst->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } switch (satype) { case SADB_SATYPE_ESP: if (e_type == SADB_EALG_NONE) { - ipsec_errcode = EIPSEC_NO_ALGS; + __ipsec_errcode = EIPSEC_NO_ALGS; return -1; } break; case SADB_SATYPE_AH: if (e_type != SADB_EALG_NONE) { - ipsec_errcode = EIPSEC_INVAL_ALGS; + __ipsec_errcode = EIPSEC_INVAL_ALGS; return -1; } if (a_type == SADB_AALG_NONE) { - ipsec_errcode = EIPSEC_NO_ALGS; + __ipsec_errcode = EIPSEC_NO_ALGS; return -1; } break; case SADB_X_SATYPE_IPCOMP: break; default: - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } @@ -790,7 +790,7 @@ pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(a_keylen)); if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -828,7 +828,7 @@ pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize, if (len < 0) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -846,11 +846,11 @@ pfkey_send_x2(so, type, satype, mode, src, dst, spi) /* validity check */ if (src == NULL || dst == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } if (src->sa_family != dst->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } @@ -863,7 +863,7 @@ pfkey_send_x2(so, type, satype, mode, src, dst, spi) + PFKEY_ALIGN8(dst->sa_len); if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -887,7 +887,7 @@ pfkey_send_x2(so, type, satype, mode, src, dst, spi) if (len < 0) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -907,7 +907,7 @@ pfkey_send_x3(so, type, satype) switch (type) { case SADB_X_PROMISC: if (satype != 0 && satype != 1) { - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } break; @@ -919,7 +919,7 @@ pfkey_send_x3(so, type, satype) case SADB_X_SATYPE_IPCOMP: break; default: - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } } @@ -928,7 +928,7 @@ pfkey_send_x3(so, type, satype) len = sizeof(struct sadb_msg); if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -941,7 +941,7 @@ pfkey_send_x3(so, type, satype) if (len < 0) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -958,7 +958,7 @@ pfkey_open() const int bufsiz = 128 * 1024; /*is 128K enough?*/ if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } @@ -969,7 +969,7 @@ pfkey_open() (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)); (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return so; } @@ -985,7 +985,7 @@ pfkey_close(so) { (void)close(so); - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return; } @@ -1005,37 +1005,37 @@ pfkey_recv(so) while ((len = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK)) < 0) { if (errno == EINTR) continue; - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return NULL; } if (len < sizeof(buf)) { recv(so, (caddr_t)&buf, sizeof(buf), 0); - ipsec_errcode = EIPSEC_MAX; + __ipsec_errcode = EIPSEC_MAX; return NULL; } /* read real message */ reallen = PFKEY_UNUNIT64(buf.sadb_msg_len); if ((newmsg = CALLOC(reallen, struct sadb_msg *)) == 0) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return NULL; } while ((len = recv(so, (caddr_t)newmsg, reallen, 0)) < 0) { if (errno == EINTR) continue; - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); free(newmsg); return NULL; } if (len != reallen) { - ipsec_errcode = EIPSEC_SYSTEM_ERROR; + __ipsec_errcode = EIPSEC_SYSTEM_ERROR; free(newmsg); return NULL; } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return newmsg; } @@ -1052,11 +1052,11 @@ pfkey_send(so, msg, len) int len; { if ((len = send(so, (caddr_t)msg, len, 0)) < 0) { - ipsec_set_strerror(strerror(errno)); + __ipsec_set_strerror(strerror(errno)); return -1; } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return len; } @@ -1083,7 +1083,7 @@ pfkey_align(msg, mhp) /* validity check */ if (msg == NULL || mhp == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } @@ -1100,7 +1100,7 @@ pfkey_align(msg, mhp) /* duplicate check */ /* XXX Are there duplication either KEY_AUTH or KEY_ENCRYPT ?*/ if (mhp[ext->sadb_ext_type] != NULL) { - ipsec_errcode = EIPSEC_INVAL_EXTTYPE; + __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; return -1; } @@ -1128,7 +1128,7 @@ pfkey_align(msg, mhp) mhp[ext->sadb_ext_type] = (caddr_t)ext; break; default: - ipsec_errcode = EIPSEC_INVAL_EXTTYPE; + __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; return -1; } @@ -1137,7 +1137,7 @@ pfkey_align(msg, mhp) ext = (struct sadb_ext *)((caddr_t)ext + extlen); } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -1160,7 +1160,7 @@ pfkey_check(mhp) /* validity check */ if (mhp == NULL || mhp[0] == NULL) { - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return -1; } @@ -1168,13 +1168,13 @@ pfkey_check(mhp) /* check version */ if (msg->sadb_msg_version != PF_KEY_V2) { - ipsec_errcode = EIPSEC_INVAL_VERSION; + __ipsec_errcode = EIPSEC_INVAL_VERSION; return -1; } /* check type */ if (msg->sadb_msg_type > SADB_MAX) { - ipsec_errcode = EIPSEC_INVAL_MSGTYPE; + __ipsec_errcode = EIPSEC_INVAL_MSGTYPE; return -1; } @@ -1189,7 +1189,7 @@ pfkey_check(mhp) case SADB_GET: case SADB_ACQUIRE: case SADB_EXPIRE: - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } break; @@ -1202,7 +1202,7 @@ pfkey_check(mhp) case SADB_X_SPDGET: case SADB_X_SPDDUMP: case SADB_X_SPDFLUSH: - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } break; @@ -1210,14 +1210,14 @@ pfkey_check(mhp) case SADB_SATYPE_OSPFV2: case SADB_SATYPE_RIPV2: case SADB_SATYPE_MIP: - ipsec_errcode = EIPSEC_NOT_SUPPORTED; + __ipsec_errcode = EIPSEC_NOT_SUPPORTED; return -1; case 1: /* XXX: What does it do ? */ if (msg->sadb_msg_type == SADB_X_PROMISC) break; /*FALLTHROUGH*/ default: - ipsec_errcode = EIPSEC_INVAL_SATYPE; + __ipsec_errcode = EIPSEC_INVAL_SATYPE; return -1; } @@ -1230,13 +1230,13 @@ pfkey_check(mhp) dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]); if (src0->sadb_address_proto != dst0->sadb_address_proto) { - ipsec_errcode = EIPSEC_PROTO_MISMATCH; + __ipsec_errcode = EIPSEC_PROTO_MISMATCH; return -1; } if (PFKEY_ADDR_SADDR(src0)->sa_family != PFKEY_ADDR_SADDR(dst0)->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } @@ -1245,7 +1245,7 @@ pfkey_check(mhp) case AF_INET6: break; default: - ipsec_errcode = EIPSEC_INVAL_FAMILY; + __ipsec_errcode = EIPSEC_INVAL_FAMILY; return -1; } @@ -1255,7 +1255,7 @@ pfkey_check(mhp) */ } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } diff --git a/lib/libipsec/policy_parse.y b/lib/libipsec/policy_parse.y index 18bac00a9c39..ba499276c9bd 100644 --- a/lib/libipsec/policy_parse.y +++ b/lib/libipsec/policy_parse.y @@ -1,4 +1,4 @@ -/* $NetBSD: policy_parse.y,v 1.1 2000/02/01 03:08:37 itojun Exp $ */ +/* $NetBSD: policy_parse.y,v 1.2 2000/03/13 21:23:56 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -139,11 +139,11 @@ rule | protocol SLASH mode SLASH SLASH level | protocol SLASH mode | protocol SLASH { - ipsec_errcode = EIPSEC_FEW_ARGUMENTS; + __ipsec_errcode = EIPSEC_FEW_ARGUMENTS; return -1; } | protocol { - ipsec_errcode = EIPSEC_FEW_ARGUMENTS; + __ipsec_errcode = EIPSEC_FEW_ARGUMENTS; return -1; } ; @@ -181,13 +181,13 @@ addresses } | ME HYPHEN ANY { if (p_dir != IPSEC_DIR_OUTBOUND) { - ipsec_errcode = EIPSEC_INVAL_DIR; + __ipsec_errcode = EIPSEC_INVAL_DIR; return -1; } } | ANY HYPHEN ME { if (p_dir != IPSEC_DIR_INBOUND) { - ipsec_errcode = EIPSEC_INVAL_DIR; + __ipsec_errcode = EIPSEC_INVAL_DIR; return -1; } } @@ -225,19 +225,19 @@ parse_sockaddr(buf) error = getaddrinfo(buf->buf, serv, &hints, &res); if (error != 0) { yyerror("invalid IP address"); - ipsec_set_strerror(gai_strerror(error)); + __ipsec_set_strerror(gai_strerror(error)); return NULL; } if (res->ai_addr == NULL) { yyerror("invalid IP address"); - ipsec_set_strerror(gai_strerror(error)); + __ipsec_set_strerror(gai_strerror(error)); return NULL; } newaddr = malloc(res->ai_addr->sa_len); if (newaddr == NULL) { - ipsec_errcode = EIPSEC_NO_BUFS; + __ipsec_errcode = EIPSEC_NO_BUFS; freeaddrinfo(res); return NULL; } @@ -245,7 +245,7 @@ parse_sockaddr(buf) freeaddrinfo(res); - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return newaddr; } @@ -254,29 +254,29 @@ rule_check() { if (p_type == IPSEC_POLICY_IPSEC) { if (p_protocol == IPPROTO_IP) { - ipsec_errcode = EIPSEC_NO_PROTO; + __ipsec_errcode = EIPSEC_NO_PROTO; return -1; } if (p_mode != IPSEC_MODE_TRANSPORT && p_mode != IPSEC_MODE_TUNNEL) { - ipsec_errcode = EIPSEC_INVAL_MODE; + __ipsec_errcode = EIPSEC_INVAL_MODE; return -1; } if (p_src == NULL && p_dst == NULL) { if (p_mode != IPSEC_MODE_TRANSPORT) { - ipsec_errcode = EIPSEC_INVAL_ADDRESS; + __ipsec_errcode = EIPSEC_INVAL_ADDRESS; return -1; } } else if (p_src->sa_family != p_dst->sa_family) { - ipsec_errcode = EIPSEC_FAMILY_MISMATCH; + __ipsec_errcode = EIPSEC_FAMILY_MISMATCH; return -1; } } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -289,7 +289,7 @@ init_x_policy() pbuf = malloc(tlen); if (pbuf == NULL) { - ipsec_errcode = EIPSEC_NO_BUFS; + __ipsec_errcode = EIPSEC_NO_BUFS; return -1; } p = (struct sadb_x_policy *)pbuf; @@ -300,7 +300,7 @@ init_x_policy() p->sadb_x_policy_reserved = 0; offset = tlen; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -318,7 +318,7 @@ set_x_request(src, dst) pbuf = realloc(pbuf, tlen); if (pbuf == NULL) { - ipsec_errcode = EIPSEC_NO_BUFS; + __ipsec_errcode = EIPSEC_NO_BUFS; return -1; } p = (struct sadb_x_ipsecrequest *)&pbuf[offset]; @@ -332,7 +332,7 @@ set_x_request(src, dst) if (set_sockaddr(src) || set_sockaddr(dst)) return -1; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -341,7 +341,7 @@ set_sockaddr(addr) struct sockaddr *addr; { if (addr == NULL) { - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -351,7 +351,7 @@ set_sockaddr(addr) offset += addr->sa_len; - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return 0; } @@ -399,7 +399,7 @@ policy_parse(msg, msglen) /* update total length */ ((struct sadb_x_policy *)pbuf)->sadb_x_policy_len = PFKEY_UNIT64(tlen); - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return pbuf; } @@ -413,12 +413,12 @@ ipsec_set_policy(msg, msglen) policy = policy_parse(msg, msglen); if (policy == NULL) { - if (ipsec_errcode == EIPSEC_NO_ERROR) - ipsec_errcode = EIPSEC_INVAL_ARGUMENT; + if (__ipsec_errcode == EIPSEC_NO_ERROR) + __ipsec_errcode = EIPSEC_INVAL_ARGUMENT; return NULL; } - ipsec_errcode = EIPSEC_NO_ERROR; + __ipsec_errcode = EIPSEC_NO_ERROR; return policy; } diff --git a/lib/libipsec/policy_token.l b/lib/libipsec/policy_token.l index 3e1acbe4a2d5..e2c9015679eb 100644 --- a/lib/libipsec/policy_token.l +++ b/lib/libipsec/policy_token.l @@ -1,4 +1,4 @@ -/* $NetBSD: policy_token.l,v 1.2 2000/02/08 13:17:52 itojun Exp $ */ +/* $NetBSD: policy_token.l,v 1.3 2000/03/13 21:23:56 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -46,7 +46,11 @@ #include #include +#ifndef __NetBSD__ +#include "y.tab.h" +#else #include "policy_parse.h" +#endif #define yylval __libyylval /* XXX */ int yylex __P((void)); @@ -80,9 +84,7 @@ decstring {digit}+ hexpair {hexdigit}{hexdigit} hexstring 0[xX]{hexdigit}+ octetstring {octet}({dot}{octet})+ -ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]* -name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* -hostname {name}(({dot}{name})+{dot}?)? +ipaddress [a-zA-Z0-9:\._][a-zA-Z0-9:\._]*(%[a-zA-Z0-9]+)? %% diff --git a/lib/libipsec/shlib_version b/lib/libipsec/shlib_version index 5450fc6334a6..efb39e162d4a 100644 --- a/lib/libipsec/shlib_version +++ b/lib/libipsec/shlib_version @@ -1,5 +1,5 @@ -# $NetBSD: shlib_version,v 1.2 2000/01/31 14:15:32 itojun Exp $ +# $NetBSD: shlib_version,v 1.3 2000/03/13 21:23:56 itojun Exp $ # Remember to update distrib/sets/lists/base/shl.* when changing # -major=1 +major=2 minor=0