Module Name: src
Committed By: tteras
Date: Mon May 18 17:40:38 UTC 2009
Modified Files:
src/crypto/dist/ipsec-tools/src/racoon: ipsec_doi.c isakmp.c sockmisc.c
sockmisc.h
Log Message:
>From Tomas Mraz: Introduce union sockaddr_any and use it to make code
more readable. Related to trac #293.
To generate a diff of this commit:
cvs rdiff -u -r1.41 -r1.42 src/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c
cvs rdiff -u -r1.54 -r1.55 src/crypto/dist/ipsec-tools/src/racoon/isakmp.c
cvs rdiff -u -r1.14 -r1.15 src/crypto/dist/ipsec-tools/src/racoon/sockmisc.c
cvs rdiff -u -r1.9 -r1.10 src/crypto/dist/ipsec-tools/src/racoon/sockmisc.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c:1.41 src/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c:1.42
--- src/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c:1.41 Thu Mar 12 10:57:26 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/ipsec_doi.c Mon May 18 17:40:38 2009
@@ -1,11 +1,11 @@
-/* $NetBSD: ipsec_doi.c,v 1.41 2009/03/12 10:57:26 tteras Exp $ */
+/* $NetBSD: ipsec_doi.c,v 1.42 2009/05/18 17:40:38 tteras Exp $ */
/* Id: ipsec_doi.c,v 1.55 2006/08/17 09:20:41 vanhu Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -17,7 +17,7 @@
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -622,7 +622,7 @@
plog(LLV_DEBUG, LOCATION, NULL,
"received old-style gss "
"id '%.*s' (len %zu)\n",
- (int)sa->gssid->l, sa->gssid->v,
+ (int)sa->gssid->l, sa->gssid->v,
sa->gssid->l);
error = 0;
goto out;
@@ -657,7 +657,7 @@
dst = sa->gssid->v;
dstleft = len / 2;
- rv = iconv(cd, (__iconv_const char **)&src, &srcleft,
+ rv = iconv(cd, (__iconv_const char **)&src, &srcleft,
&dst, &dstleft);
if (rv != 0) {
if (rv == -1) {
@@ -828,7 +828,7 @@
plog(LLV_WARNING, LOCATION, NULL,
"invalid proposal number:%d received.\n", i);
}
-
+
if (rpair[n]->tnext != NULL) {
plog(LLV_ERROR, LOCATION, NULL,
@@ -2312,7 +2312,7 @@
if (proto_id == IPSECDOI_PROTO_IPSEC_AH) {
if (trns->t_id != IPSECDOI_AH_SHA256)
goto ahmismatch;
- }
+ }
break;
case IPSECDOI_ATTR_AUTH_HMAC_SHA2_384:
if (proto_id == IPSECDOI_PROTO_IPSEC_AH) {
@@ -2729,7 +2729,7 @@
OAKLEY_ATTR_SA_LD_TYPE_SEC);
if (sa->lifetime > 0xffff) {
p = isakmp_set_attr_v(p, OAKLEY_ATTR_SA_LD,
- (caddr_t)&lifetime,
+ (caddr_t)&lifetime,
sizeof(lifetime));
} else {
p = isakmp_set_attr_l(p, OAKLEY_ATTR_SA_LD,
@@ -2740,7 +2740,7 @@
if (sa->lifebyte) {
u_int32_t lifebyte = htonl((u_int32_t)sa->lifebyte);
-
+
attrlen += sizeof(struct isakmp_data)
+ sizeof(struct isakmp_data);
if (sa->lifebyte > 0xffff)
@@ -2855,7 +2855,7 @@
goto gssid_done;
}
odst = dst;
- rv = iconv(cd, (__iconv_const char **)&src,
+ rv = iconv(cd, (__iconv_const char **)&src,
&srcleft, &dst, &dstleft);
if (rv != 0) {
if (rv == -1) {
@@ -2948,7 +2948,7 @@
np_t = NULL;
for (tr = pr->head; tr; tr = tr->next) {
-
+
switch (pr->proto_id) {
case IPSECDOI_PROTO_IPSEC_ESP:
/*
@@ -3803,9 +3803,9 @@
memcpy(new->v, value->v, new->l);
break;
case IDTYPE_KEYID:
- /*
+ /*
* If no qualifier is specified: IDQUAL_UNSPEC. It means
- * to use a file for backward compatibility sake.
+ * to use a file for backward compatibility sake.
*/
switch(qual) {
case IDQUAL_FILE:
@@ -3849,7 +3849,7 @@
return -1;
}
break;
-
+
case IDTYPE_ADDRESS: {
struct sockaddr *sa;
@@ -3893,7 +3893,7 @@
xn = d2i_X509_NAME(NULL, (void *)&ptr, new->l);
bio = BIO_new(BIO_s_mem());
-
+
X509_NAME_print_ex(bio, xn, 0, 0);
len = BIO_get_mem_data(bio, &ptr);
save = ptr[len];
@@ -4068,7 +4068,7 @@
/* set prefix */
if (len2) {
- u_char *p = (unsigned char *) new->v +
+ u_char *p = (unsigned char *) new->v +
sizeof(struct ipsecdoi_id_b) + len1;
u_int bits = prefixlen;
@@ -4139,10 +4139,10 @@
port = ((struct sockaddr_in *)(laddr))->sin_port;
((struct ipsecdoi_id_b *)new->v)->port =
port == IPSEC_PORT_ANY ? 0 : port;
- memcpy(new->v + sizeof(struct ipsecdoi_id_b),
- (caddr_t)&((struct sockaddr_in *)(laddr))->sin_addr,
+ memcpy(new->v + sizeof(struct ipsecdoi_id_b),
+ (caddr_t)&((struct sockaddr_in *)(laddr))->sin_addr,
len1);
- memcpy(new->v + sizeof(struct ipsecdoi_id_b) + len1,
+ memcpy(new->v + sizeof(struct ipsecdoi_id_b) + len1,
(caddr_t)&((struct sockaddr_in *)haddr)->sin_addr,
len2);
return new;
@@ -4296,29 +4296,20 @@
char *dat;
static char buf[BUFLEN];
struct ipsecdoi_id_b *id_b = (struct ipsecdoi_id_b *)id->v;
- struct sockaddr_storage saddr_storage;
- struct sockaddr *saddr;
- struct sockaddr_in *saddr_in;
- struct sockaddr_in6 *saddr_in6;
+ union sockaddr_any saddr;
u_int plen = 0;
- saddr = (struct sockaddr *)&saddr_storage;
- saddr_in = (struct sockaddr_in *)&saddr_storage;
- saddr_in6 = (struct sockaddr_in6 *)&saddr_storage;
-
-
switch (id_b->type) {
case IPSECDOI_ID_IPV4_ADDR:
case IPSECDOI_ID_IPV4_ADDR_SUBNET:
case IPSECDOI_ID_IPV4_ADDR_RANGE:
#ifndef __linux__
- saddr->sa_len = sizeof(struct sockaddr_in);
++ saddr.sa.sa_len = sizeof(struct sockaddr_in);
#endif
- saddr->sa_family = AF_INET;
-
- saddr_in->sin_port = IPSEC_PORT_ANY;
- memcpy(&saddr_in->sin_addr,
+ saddr.sa.sa_family = AF_INET;
+ saddr.sin.sin_port = IPSEC_PORT_ANY;
+ memcpy(&saddr.sin.sin_addr,
id->v + sizeof(*id_b), sizeof(struct in_addr));
break;
#ifdef INET6
@@ -4327,15 +4318,14 @@
case IPSECDOI_ID_IPV6_ADDR_RANGE:
#ifndef __linux__
- saddr->sa_len = sizeof(struct sockaddr_in6);
+ saddr.sa.sa_len = sizeof(struct sockaddr_in6);
#endif
- saddr->sa_family = AF_INET6;
-
- saddr_in6->sin6_port = IPSEC_PORT_ANY;
- memcpy(&saddr_in6->sin6_addr,
+ saddr.sa.sa_family = AF_INET6;
+ saddr.sin6.sin6_port = IPSEC_PORT_ANY;
+ memcpy(&saddr.sin6.sin6_addr,
id->v + sizeof(*id_b), sizeof(struct in6_addr));
- saddr_in6->sin6_scope_id =
- (IN6_IS_ADDR_LINKLOCAL(&saddr_in6->sin6_addr)
+ saddr.sin6.sin6_scope_id =
+ (IN6_IS_ADDR_LINKLOCAL(&saddr.sin6.sin6_addr)
? ((struct sockaddr_in6 *)id_b)->sin6_scope_id
: 0);
break;
@@ -4347,7 +4337,7 @@
#ifdef INET6
case IPSECDOI_ID_IPV6_ADDR:
#endif
- len = snprintf( buf, BUFLEN, "%s", saddrwop2str(saddr));
+ len = snprintf( buf, BUFLEN, "%s", saddrwop2str(&saddr.sa));
break;
case IPSECDOI_ID_IPV4_ADDR_SUBNET:
@@ -4403,47 +4393,44 @@
plen += l;
}
- len = snprintf( buf, BUFLEN, "%s/%i", saddrwop2str(saddr), plen);
+ len = snprintf( buf, BUFLEN, "%s/%i", saddrwop2str(&saddr.sa), plen);
}
break;
case IPSECDOI_ID_IPV4_ADDR_RANGE:
- len = snprintf( buf, BUFLEN, "%s-", saddrwop2str(saddr));
+ len = snprintf( buf, BUFLEN, "%s-", saddrwop2str(&saddr.sa));
#ifndef __linux__
- saddr->sa_len = sizeof(struct sockaddr_in);
+ saddr.sa.sa_len = sizeof(struct sockaddr_in);
#endif
- saddr->sa_family = AF_INET;
- saddr_in->sin_port = IPSEC_PORT_ANY;
- memcpy(&saddr_in->sin_addr,
+ saddr.sa.sa_family = AF_INET;
+ saddr.sin.sin_port = IPSEC_PORT_ANY;
+ memcpy(&saddr.sin.sin_addr,
id->v + sizeof(*id_b) + sizeof(struct in_addr),
sizeof(struct in_addr));
- len += snprintf( buf + len, BUFLEN - len, "%s", saddrwop2str(saddr));
-
+ len += snprintf(buf + len, BUFLEN - len, "%s", saddrwop2str(&saddr.sa));
break;
#ifdef INET6
case IPSECDOI_ID_IPV6_ADDR_RANGE:
-
- len = snprintf( buf, BUFLEN, "%s-", saddrwop2str(saddr));
+ len = snprintf( buf, BUFLEN, "%s-", saddrwop2str(&saddr.sa));
#ifndef __linux__
- saddr->sa_len = sizeof(struct sockaddr_in6);
+ saddr.sa.sa_len = sizeof(struct sockaddr_in6);
#endif
- saddr->sa_family = AF_INET6;
- saddr_in6->sin6_port = IPSEC_PORT_ANY;
- memcpy(&saddr_in6->sin6_addr,
+ saddr.sa.sa_family = AF_INET6;
+ saddr.sin6.sin6_port = IPSEC_PORT_ANY;
+ memcpy(&saddr.sin6.sin6_addr,
id->v + sizeof(*id_b) + sizeof(struct in6_addr),
sizeof(struct in6_addr));
- saddr_in6->sin6_scope_id =
- (IN6_IS_ADDR_LINKLOCAL(&saddr_in6->sin6_addr)
+ saddr.sin6.sin6_scope_id =
+ (IN6_IS_ADDR_LINKLOCAL(&saddr.sin6.sin6_addr)
? ((struct sockaddr_in6 *)id_b)->sin6_scope_id
: 0);
- len += snprintf( buf + len, BUFLEN - len, "%s", saddrwop2str(saddr));
-
+ len += snprintf(buf + len, BUFLEN - len, "%s", saddrwop2str(&saddr.sa));
break;
#endif
@@ -4753,7 +4740,7 @@
IPSECDOI_ID_FQDN, /* IDTYPE_FQDN, 1 */
IPSECDOI_ID_USER_FQDN, /* IDTYPE_USERFQDN, 2 */
IPSECDOI_ID_KEY_ID, /* IDTYPE_KEYID, 3 */
- 255, /* IDTYPE_ADDRESS, 4
+ 255, /* IDTYPE_ADDRESS, 4
* it expands into 4 types by another function. */
IPSECDOI_ID_DER_ASN1_DN, /* IDTYPE_ASN1DN, 5 */
};
Index: src/crypto/dist/ipsec-tools/src/racoon/isakmp.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/isakmp.c:1.54 src/crypto/dist/ipsec-tools/src/racoon/isakmp.c:1.55
--- src/crypto/dist/ipsec-tools/src/racoon/isakmp.c:1.54 Mon Apr 20 13:24:36 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/isakmp.c Mon May 18 17:40:38 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: isakmp.c,v 1.54 2009/04/20 13:24:36 tteras Exp $ */
+/* $NetBSD: isakmp.c,v 1.55 2009/05/18 17:40:38 tteras Exp $ */
/* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
@@ -206,13 +206,15 @@
union {
char buf[sizeof (isakmp) + 4];
u_int32_t non_esp[2];
- char lbuf[sizeof(struct udphdr) +
+ struct {
+ struct udphdr udp;
#ifdef __linux
- sizeof(struct iphdr) +
+ struct iphdr ip;
#else
- sizeof(struct ip) +
+ struct ip ip;
#endif
- sizeof(isakmp) + 4];
+ char buf[sizeof(isakmp) + 4];
+ } lbuf;
} x;
struct sockaddr_storage remote;
struct sockaddr_storage local;
@@ -248,22 +250,13 @@
/* Lucent IKE in UDP encapsulation */
{
- struct udphdr *udp;
#ifdef __linux__
- struct iphdr *ip;
-
- udp = (struct udphdr *)&x.lbuf[0];
- if (ntohs(udp->dest) == 501) {
- ip = (struct iphdr *)(x.lbuf + sizeof(*udp));
- extralen += sizeof(*udp) + ip->ihl;
+ if (ntohs(x.lbuf.udp.dest) == 501) {
+ extralen += sizeof(x.lbuf.udp) + x.lbuf.ip.ihl;
}
#else
- struct ip *ip;
-
- udp = (struct udphdr *)&x.lbuf[0];
- if (ntohs(udp->uh_dport) == 501) {
- ip = (struct ip *)(x.lbuf + sizeof(*udp));
- extralen += sizeof(*udp) + ip->ip_hl;
+ if (ntohs(lbuf.udp.uh_dport) == 501) {
+ extralen += sizeof(x.lbuf.udp) + x.lbuf.ip.ip_hl;
}
#endif
}
Index: src/crypto/dist/ipsec-tools/src/racoon/sockmisc.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/sockmisc.c:1.14 src/crypto/dist/ipsec-tools/src/racoon/sockmisc.c:1.15
--- src/crypto/dist/ipsec-tools/src/racoon/sockmisc.c:1.14 Thu Mar 12 10:57:26 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/sockmisc.c Mon May 18 17:40:38 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: sockmisc.c,v 1.14 2009/03/12 10:57:26 tteras Exp $ */
+/* $NetBSD: sockmisc.c,v 1.15 2009/05/18 17:40:38 tteras Exp $ */
/* Id: sockmisc.c,v 1.24 2006/05/07 21:32:59 manubsd Exp */
@@ -398,8 +398,9 @@
u_int *tolen;
{
int otolen;
- u_int len;
- struct sockaddr_storage ss;
+ socklen_t slen;
+ int len;
+ union sockaddr_any sa;
struct msghdr m;
struct cmsghdr *cm;
struct iovec iov[2];
@@ -412,8 +413,8 @@
struct sockaddr_in6 *sin6;
#endif
- len = sizeof(ss);
- if (getsockname(s, (struct sockaddr *)&ss, &len) < 0) {
+ slen = sizeof(sa);
+ if (getsockname(s, &sa.sa, &slen) < 0) {
plog(LLV_ERROR, LOCATION, NULL,
"getsockname (%s)\n", strerror(errno));
return -1;
@@ -446,7 +447,7 @@
"cmsg %d %d\n", cm->cmsg_level, cm->cmsg_type);)
#endif
#if defined(INET6) && defined(INET6_ADVAPI)
- if (ss.ss_family == AF_INET6
+ if (sa.sa.sa_family == AF_INET6
&& cm->cmsg_level == IPPROTO_IPV6
&& cm->cmsg_type == IPV6_PKTINFO
&& otolen >= sizeof(*sin6)) {
@@ -465,14 +466,13 @@
sin6->sin6_scope_id = pi->ipi6_ifindex;
else
sin6->sin6_scope_id = 0;
- sin6->sin6_port =
- ((struct sockaddr_in6 *)&ss)->sin6_port;
+ sin6->sin6_port = sa.sin6.sin6_port;
otolen = -1; /* "to" already set */
continue;
}
#endif
#ifdef __linux__
- if (ss.ss_family == AF_INET
+ if (sa.sa.sa_family == AF_INET
&& cm->cmsg_level == IPPROTO_IP
&& cm->cmsg_type == IP_PKTINFO
&& otolen >= sizeof(sin)) {
@@ -483,14 +483,13 @@
sin->sin_family = AF_INET;
memcpy(&sin->sin_addr, &pi->ipi_addr,
sizeof(sin->sin_addr));
- sin->sin_port =
- ((struct sockaddr_in *)&ss)->sin_port;
+ sin->sin_port = sa.sin.sin_port;
otolen = -1; /* "to" already set */
continue;
}
#endif
#if defined(INET6) && defined(IPV6_RECVDSTADDR)
- if (ss.ss_family == AF_INET6
+ if (sa.sa.sa_family == AF_INET6
&& cm->cmsg_level == IPPROTO_IPV6
&& cm->cmsg_type == IPV6_RECVDSTADDR
&& otolen >= sizeof(*sin6)) {
@@ -501,14 +500,13 @@
sin6->sin6_len = sizeof(*sin6);
memcpy(&sin6->sin6_addr, CMSG_DATA(cm),
sizeof(sin6->sin6_addr));
- sin6->sin6_port =
- ((struct sockaddr_in6 *)&ss)->sin6_port;
+ sin6->sin6_port = sa.sin6.sin6_port;
otolen = -1; /* "to" already set */
continue;
}
#endif
#ifndef __linux__
- if (ss.ss_family == AF_INET
+ if (sa.sa.sa_family == AF_INET
&& cm->cmsg_level == IPPROTO_IP
&& cm->cmsg_type == IP_RECVDSTADDR
&& otolen >= sizeof(*sin)) {
@@ -519,7 +517,7 @@
sin->sin_len = sizeof(*sin);
memcpy(&sin->sin_addr, CMSG_DATA(cm),
sizeof(sin->sin_addr));
- sin->sin_port = ((struct sockaddr_in *)&ss)->sin_port;
+ sin->sin_port = sa.sin.sin_port;
otolen = -1; /* "to" already set */
continue;
}
@@ -539,7 +537,8 @@
struct sockaddr *dst;
{
struct sockaddr_storage ss;
- u_int len;
+ socklen_t slen;
+ int len = 0;
int i;
if (src->sa_family != dst->sa_family) {
@@ -548,8 +547,8 @@
return -1;
}
- len = sizeof(ss);
- if (getsockname(s, (struct sockaddr *)&ss, &len) < 0) {
+ slen = sizeof(ss);
+ if (getsockname(s, (struct sockaddr *)&ss, &slen) < 0) {
plog(LLV_ERROR, LOCATION, NULL,
"getsockname (%s)\n", strerror(errno));
return -1;
Index: src/crypto/dist/ipsec-tools/src/racoon/sockmisc.h
diff -u src/crypto/dist/ipsec-tools/src/racoon/sockmisc.h:1.9 src/crypto/dist/ipsec-tools/src/racoon/sockmisc.h:1.10
--- src/crypto/dist/ipsec-tools/src/racoon/sockmisc.h:1.9 Wed Feb 11 15:18:59 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/sockmisc.h Mon May 18 17:40:38 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: sockmisc.h,v 1.9 2009/02/11 15:18:59 vanhu Exp $ */
+/* $NetBSD: sockmisc.h,v 1.10 2009/05/18 17:40:38 tteras Exp $ */
/* Id: sockmisc.h,v 1.9 2005/10/05 16:55:41 manubsd Exp */
@@ -43,12 +43,14 @@
"Tom Lendacky" <[email protected]> */
#endif
+union sockaddr_any {
+ struct sockaddr sa;
+ struct sockaddr_in sin;
+ struct sockaddr_in6 sin6;
+};
+
struct netaddr {
- union {
- struct sockaddr sa;
- struct sockaddr_in sin;
- struct sockaddr_in6 sin6;
- } sa;
+ union sockaddr_any sa;
unsigned long prefix;
};
