Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import ipsec-tools ipsec-tools-0_6-20050314

Browse Source
This commit is contained in:
manu 2005-03-14 08:14:24 +00:00
parent 041bcdce98
commit e298dc4582
8 changed files with 50 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
crypto/dist/ipsec-tools/ChangeLog vendored
View File

@ -1,3 +1,24 @@
2005-03-14 Emmanuel Dreyfus <manu@netbsd.org>
* configure.ac: handle correctly dynamic libradius
2005-03-13 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/isakmp.c: Fixed a buffer underrun (CAN-2005-0398)
2005-03-09 Emmanuel Dreyfus <manu@netbsd.org>
* src/racoon/isakmp_xauth.c: fix a crash when using RADIUS auth
2005-03-02 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/isakmp_quick.c: tunnel_mode_prop() is now public
* src/racoon/isakmp_inf.c: fixed compilation if HAVE_POLICY_FWD.
2005-03-01 Yvan Vanhullebus <vanhu@free.fr>
* src/racoon/oakley.c: fixed oakley_newiv2() when errors
2005-02-24 Emmanuel Dreyfus <manu@netbsd.org>
* src/racoon/privsep.c: safety check port numbers given by the

15
crypto/dist/ipsec-tools/configure.ac vendored
View File

@ -1,5 +1,5 @@
dnl -*- mode: m4 -*-
dnl Id: configure.ac,v 1.47.2.2 2005/02/22 23:56:08 manubsd Exp
dnl Id: configure.ac,v 1.47.2.3 2005/03/14 07:55:03 manubsd Exp
AC_PREREQ(2.52)
AC_INIT(ipsec-tools, 0.5pre)
@ -218,6 +218,9 @@ if test $enable_idea = "yes"; then
fi
AC_SUBST(EXTRA_CRYPTO)
# For dynamic libradius
RACOON_PATH_LIBS(MD5_Init, crypto)
# Check for Kerberos5 support
AC_MSG_CHECKING(if --enable-gssapi option is specified)
AC_ARG_ENABLE(gssapi,
@ -284,11 +287,11 @@ if test "$libradius_dir" != "no"; then
libradius_dir="";
fi;
if test "x$libradius_dir" = "x"; then
RACOON_PATH_LIBS(rad_create_request, lradius)
RACOON_PATH_LIBS(rad_create_request, radius)
else
if test -d "$libradius_dir/lib" -a \
-d "$libradius_dir/include" ; then
RACOON_PATH_LIBS(rad_create_request, lradius, "$libradius_dir/lib")
RACOON_PATH_LIBS(rad_create_request, radius, "$libradius_dir/lib")
CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libradius_dir/include"
else
AC_MSG_ERROR([RADIUS libs or includes not found. Aborting.])
@ -310,11 +313,11 @@ if test "$libpam_dir" != "no"; then
libpam_dir="";
fi;
if test "x$libpam_dir" = "x"; then
RACOON_PATH_LIBS(rad_create_request, lpam)
RACOON_PATH_LIBS(pam_start, pam)
else
if test -d "$libpam_dir/lib" -a \
-d "$libpam_dir/include" ; then
RACOON_PATH_LIBS(rad_create_request, lpam, "$libpam_dir/lib")
RACOON_PATH_LIBS(pam_start, pam, "$libpam_dir/lib")
CPPFLAGS_ADD="$CPPFLAGS_ADD -I$libpam_dir/include"
else
AC_MSG_ERROR([PAM libs or includes not found. Aborting.])
@ -322,7 +325,7 @@ if test "$libpam_dir" != "no"; then
fi
AC_DEFINE([HAVE_LIBPAM], [], [Hybrid authentication uses PAM])
LIBS="$LIBS -L$libpam_dir/lib -R$libpam_dir/lib -lpam"
AC_CHECK_FUNCS(rad_create_request)
AC_CHECK_FUNCS(pam_start)
fi
AC_MSG_CHECKING(if --enable-stats option is specified)

2
crypto/dist/ipsec-tools/netbsd-import.sh vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
#
# $NetBSD: netbsd-import.sh,v 1.1.1.1 2005/02/24 20:52:27 manu Exp $
# $NetBSD: netbsd-import.sh,v 1.1.1.2 2005/03/14 08:14:25 manu Exp $
#
# Copyright (c) 2000-2005 The NetBSD Foundation, Inc.
# All rights reserved.

6
crypto/dist/ipsec-tools/src/racoon/isakmp.c vendored
View File

@ -1,6 +1,6 @@
/* $NetBSD: isakmp.c,v 1.1.1.2 2005/02/23 14:54:17 manu Exp $ */
/* $NetBSD: isakmp.c,v 1.1.1.3 2005/03/14 08:14:29 manu Exp $ */
/* Id: isakmp.c,v 1.34.2.1 2005/02/23 13:38:51 manubsd Exp */
/* Id: isakmp.c,v 1.34.2.2 2005/03/13 17:31:55 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -1348,7 +1348,7 @@ isakmp_parsewoh(np0, gen, len)
p->type = np;
p->len = ntohs(gen->len);
if (p->len == 0 || p->len > tlen) {
if (p->len < sizeof(struct isakmp_gen) || p->len > tlen) {
plog(LLV_DEBUG, LOCATION, NULL,
"invalid length of payload\n");
vfree(result);

9
crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c vendored
View File

@ -1,6 +1,6 @@
/* $NetBSD: isakmp_inf.c,v 1.1.1.2 2005/02/23 14:54:21 manu Exp $ */
/* $NetBSD: isakmp_inf.c,v 1.1.1.3 2005/03/14 08:14:30 manu Exp $ */
/* Id: isakmp_inf.c,v 1.14.4.1 2005/02/18 10:01:39 vanhu Exp */
/* Id: isakmp_inf.c,v 1.14.4.2 2005/03/02 20:00:03 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -115,6 +115,9 @@ static void info_recv_initialcontact __P((struct ph1handle *));
static u_int32_t setscopeid __P((struct sockaddr *, struct sockaddr *));
#endif
#ifdef HAVE_POLICY_FWD
extern int tunnel_mode_prop __P((struct saprop *));
#endif
/* %%%
@ -1208,7 +1211,7 @@ purge_ipsec_spi(dst0, proto, spi, n)
#ifdef HAVE_POLICY_FWD
/* make forward policy if required */
if (tunnel_mode_prop(iph2->approval)) {
spidx->dir = IPSEC_DIR_FWD;
spidx.dir = IPSEC_DIR_FWD;
if (pk_sendspddelete(iph2) < 0) {
plog(LLV_ERROR, LOCATION, NULL,
"pfkey spddelete(forward) failed.\n");

6
crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c vendored
View File

@ -1,6 +1,6 @@
/* $NetBSD: isakmp_quick.c,v 1.1.1.2 2005/02/23 14:54:21 manu Exp $ */
/* $NetBSD: isakmp_quick.c,v 1.1.1.3 2005/03/14 08:14:31 manu Exp $ */
/* Id: isakmp_quick.c,v 1.13 2005/01/11 08:34:46 manubsd Exp */
/* Id: isakmp_quick.c,v 1.13.2.1 2005/03/02 20:00:03 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -1581,7 +1581,7 @@ end:
return error;
}
static int
int
tunnel_mode_prop(p)
struct saprop *p;
{

5
crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c vendored
View File

@ -1,6 +1,6 @@
/* $NetBSD: isakmp_xauth.c,v 1.1.1.2 2005/02/23 14:54:21 manu Exp $ */
/* $NetBSD: isakmp_xauth.c,v 1.1.1.3 2005/03/14 08:14:31 manu Exp $ */
/* Id: isakmp_xauth.c,v 1.17.2.1 2005/02/23 12:18:40 manubsd Exp */
/* Id: isakmp_xauth.c,v 1.17.2.2 2005/03/09 14:12:31 manubsd Exp */
/*
* Copyright (C) 2004 Emmanuel Dreyfus
@ -458,7 +458,6 @@ xauth_login_radius(iph1, usr, pwd)
char *usr;
char *pwd;
{
static struct rad_handle *radius_state = NULL;
int res;
const void *data;
size_t len;

8
crypto/dist/ipsec-tools/src/racoon/oakley.c vendored
View File

@ -1,6 +1,6 @@
/* $NetBSD: oakley.c,v 1.1.1.2 2005/02/23 14:54:23 manu Exp $ */
/* $NetBSD: oakley.c,v 1.1.1.3 2005/03/14 08:14:31 manu Exp $ */
/* Id: oakley.c,v 1.17 2005/01/30 20:34:05 vanhu Exp */
/* Id: oakley.c,v 1.17.2.1 2005/03/01 09:51:48 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -2794,8 +2794,10 @@ oakley_newiv2(iph1, msgid)
plogdump(LLV_DEBUG, newivm->iv->v, newivm->iv->l);
end:
if (error && newivm != NULL)
if (error && newivm != NULL){
oakley_delivm(newivm);
newivm=NULL;
}
if (buf != NULL)
vfree(buf);
return newivm;