Module Name: src
Committed By: maxv
Date: Sat May 19 18:51:59 UTC 2018
Modified Files:
src/crypto/dist/ipsec-tools/src/racoon: main.c nattraversal.c
nattraversal.h
Log Message:
Style, a little...
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/crypto/dist/ipsec-tools/src/racoon/main.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/dist/ipsec-tools/src/racoon/nattraversal.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/dist/ipsec-tools/src/racoon/main.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/main.c:1.13 src/crypto/dist/ipsec-tools/src/racoon/main.c:1.14
--- src/crypto/dist/ipsec-tools/src/racoon/main.c:1.13 Fri Jul 12 13:11:50 2013
+++ src/crypto/dist/ipsec-tools/src/racoon/main.c Sat May 19 18:51:59 2018
@@ -1,11 +1,11 @@
-/* $NetBSD: main.c,v 1.13 2013/07/12 13:11:50 tteras Exp $ */
+/* $NetBSD: main.c,v 1.14 2018/05/19 18:51:59 maxv Exp $ */
/* Id: main.c,v 1.25 2006/06/20 20:31:34 manubsd Exp */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -17,7 +17,7 @@
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -85,9 +85,9 @@ static int loading_sa = 0; /* install sa
#ifdef TOP_PACKAGE
static char version[] = "@(#)" TOP_PACKAGE_STRING " (" TOP_PACKAGE_URL ")";
-#else /* TOP_PACKAGE */
+#else
static char version[] = "@(#) racoon / IPsec-tools";
-#endif /* TOP_PACKAGE */
+#endif
static void
print_version()
@@ -162,9 +162,7 @@ usage()
}
static void
-parse(ac, av)
- int ac;
- char **av;
+parse(int ac, char **av)
{
extern char *optarg;
extern int optind;
@@ -264,9 +262,7 @@ parse(ac, av)
}
int
-main(ac, av)
- int ac;
- char **av;
+main(int ac, char **av)
{
int error;
@@ -308,7 +304,7 @@ main(ac, av)
plog(LLV_INFO, LOCATION, NULL, "@(#)"
"This product linked %s (http://www.openssl.org/)"
"\n", eay_version());
- plog(LLV_INFO, LOCATION, NULL, "Reading configuration from \"%s\"\n",
+ plog(LLV_INFO, LOCATION, NULL, "Reading configuration from \"%s\"\n",
lcconf->racoon_conf);
/*
@@ -346,4 +342,3 @@ main(ac, av)
return 0;
}
-
Index: src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c:1.14 src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c:1.15
--- src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c:1.14 Mon Mar 14 17:18:13 2011
+++ src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c Sat May 19 18:51:59 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: nattraversal.c,v 1.14 2011/03/14 17:18:13 tteras Exp $ */
+/* $NetBSD: nattraversal.c,v 1.15 2018/05/19 18:51:59 maxv Exp $ */
/*
* Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany.
@@ -230,118 +230,117 @@ natt_udp_encap (int encmode)
}
int
-natt_fill_options (struct ph1natt_options *opts, int version)
+natt_fill_options(struct ph1natt_options *opts, int version)
{
- if (! opts)
- return -1;
+ if (!opts)
+ return -1;
- opts->version = version;
+ opts->version = version;
- switch (version) {
- case VENDORID_NATT_00:
- case VENDORID_NATT_01:
- opts->float_port = 0; /* No port floating for those drafts */
- opts->payload_nat_d = ISAKMP_NPTYPE_NATD_DRAFT;
- opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_DRAFT;
- opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT;
- opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT;
- opts->encaps_type = UDP_ENCAP_ESPINUDP_NON_IKE;
+ switch (version) {
+ case VENDORID_NATT_00:
+ case VENDORID_NATT_01:
+ opts->float_port = 0; /* No port floating for those drafts */
+ opts->payload_nat_d = ISAKMP_NPTYPE_NATD_DRAFT;
+ opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_DRAFT;
+ opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT;
+ opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT;
+ opts->encaps_type = UDP_ENCAP_ESPINUDP_NON_IKE;
+ break;
+ case VENDORID_NATT_02:
+ case VENDORID_NATT_02_N:
+ case VENDORID_NATT_03:
+ opts->float_port = lcconf->port_isakmp_natt;
+ opts->payload_nat_d = ISAKMP_NPTYPE_NATD_DRAFT;
+ opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_DRAFT;
+ opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT;
+ opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT;
+ opts->encaps_type = UDP_ENCAP_ESPINUDP;
+ break;
+ case VENDORID_NATT_04:
+ case VENDORID_NATT_05:
+ case VENDORID_NATT_06:
+ case VENDORID_NATT_07:
+ case VENDORID_NATT_08:
+ opts->float_port = lcconf->port_isakmp_natt;
+ opts->payload_nat_d = ISAKMP_NPTYPE_NATD_BADDRAFT;
+ opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_BADDRAFT;
+ opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC;
+ opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC;
+ opts->encaps_type = UDP_ENCAP_ESPINUDP;
break;
+ case VENDORID_NATT_RFC:
+ opts->float_port = lcconf->port_isakmp_natt;
+ opts->payload_nat_d = ISAKMP_NPTYPE_NATD_RFC;
+ opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_RFC;
+ opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC;
+ opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC;
+ opts->encaps_type = UDP_ENCAP_ESPINUDP;
+ break;
+ default:
+ plog(LLV_ERROR, LOCATION, NULL,
+ "unsupported NAT-T version: %s\n",
+ vid_string_by_id(version));
+ return -1;
+ }
- case VENDORID_NATT_02:
- case VENDORID_NATT_02_N:
- case VENDORID_NATT_03:
- opts->float_port = lcconf->port_isakmp_natt;
- opts->payload_nat_d = ISAKMP_NPTYPE_NATD_DRAFT;
- opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_DRAFT;
- opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT;
- opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT;
- opts->encaps_type = UDP_ENCAP_ESPINUDP;
- break;
- case VENDORID_NATT_04:
- case VENDORID_NATT_05:
- case VENDORID_NATT_06:
- case VENDORID_NATT_07:
- case VENDORID_NATT_08:
- opts->float_port = lcconf->port_isakmp_natt;
- opts->payload_nat_d = ISAKMP_NPTYPE_NATD_BADDRAFT;
- opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_BADDRAFT;
- opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC;
- opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC;
- opts->encaps_type = UDP_ENCAP_ESPINUDP;
- break;
- case VENDORID_NATT_RFC:
- opts->float_port = lcconf->port_isakmp_natt;
- opts->payload_nat_d = ISAKMP_NPTYPE_NATD_RFC;
- opts->payload_nat_oa = ISAKMP_NPTYPE_NATOA_RFC;
- opts->mode_udp_tunnel = IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC;
- opts->mode_udp_transport = IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC;
- opts->encaps_type = UDP_ENCAP_ESPINUDP;
- break;
- default:
- plog(LLV_ERROR, LOCATION, NULL,
- "unsupported NAT-T version: %s\n",
- vid_string_by_id(version));
- return -1;
- }
-
- opts->mode_udp_diff = opts->mode_udp_tunnel - IPSECDOI_ATTR_ENC_MODE_TUNNEL;
+ opts->mode_udp_diff = opts->mode_udp_tunnel - IPSECDOI_ATTR_ENC_MODE_TUNNEL;
- return 0;
+ return 0;
}
void
-natt_float_ports (struct ph1handle *iph1)
+natt_float_ports(struct ph1handle *iph1)
{
- if (! (iph1->natt_flags & NAT_DETECTED) )
+ if (!(iph1->natt_flags & NAT_DETECTED))
return;
- if (! iph1->natt_options->float_port){
+ if (!iph1->natt_options->float_port) {
/* Drafts 00 / 01, just schedule keepalive */
natt_keepalive_add_ph1 (iph1);
return;
}
-
- set_port (iph1->local, iph1->natt_options->float_port);
- set_port (iph1->remote, iph1->natt_options->float_port);
+
+ set_port(iph1->local, iph1->natt_options->float_port);
+ set_port(iph1->remote, iph1->natt_options->float_port);
iph1->natt_flags |= NAT_PORTS_CHANGED | NAT_ADD_NON_ESP_MARKER;
-
- natt_keepalive_add_ph1 (iph1);
+
+ natt_keepalive_add_ph1(iph1);
}
static int
-natt_is_enabled (struct remoteconf *rmconf, void *args)
+natt_is_enabled(struct remoteconf *rmconf, void *args)
{
- if (rmconf->nat_traversal)
- return 1;
- return 0;
+ if (rmconf->nat_traversal)
+ return 1;
+ return 0;
}
void
-natt_handle_vendorid (struct ph1handle *iph1, int vid_numeric)
+natt_handle_vendorid(struct ph1handle *iph1, int vid_numeric)
{
- if (iph1->rmconf == NULL) {
- /* Check if any candidate remote conf allows nat-t */
- struct rmconfselector rmconf;
- rmconf_selector_from_ph1(&rmconf, iph1);
- if (enumrmconf(&rmconf, natt_is_enabled, NULL) == 0)
- return;
- } else {
- if (!iph1->rmconf->nat_traversal)
- return;
- }
-
- if (! iph1->natt_options)
- iph1->natt_options = racoon_calloc (1, sizeof (*iph1->natt_options));
-
- if (! iph1->natt_options) {
- plog (LLV_ERROR, LOCATION, NULL,
- "Allocating memory for natt_options failed!\n");
- return;
- }
-
- if (iph1->natt_options->version < vid_numeric)
- if (natt_fill_options (iph1->natt_options, vid_numeric) == 0)
- iph1->natt_flags |= NAT_ANNOUNCED;
+ if (iph1->rmconf == NULL) {
+ /* Check if any candidate remote conf allows nat-t */
+ struct rmconfselector rmconf;
+ rmconf_selector_from_ph1(&rmconf, iph1);
+ if (enumrmconf(&rmconf, natt_is_enabled, NULL) == 0)
+ return;
+ } else {
+ if (!iph1->rmconf->nat_traversal)
+ return;
+ }
+
+ if (!iph1->natt_options)
+ iph1->natt_options = racoon_calloc(1, sizeof(*iph1->natt_options));
+
+ if (!iph1->natt_options) {
+ plog(LLV_ERROR, LOCATION, NULL,
+ "Allocating memory for natt_options failed!\n");
+ return;
+ }
+
+ if (iph1->natt_options->version < vid_numeric)
+ if (natt_fill_options(iph1->natt_options, vid_numeric) == 0)
+ iph1->natt_flags |= NAT_ANNOUNCED;
}
static void
Index: src/crypto/dist/ipsec-tools/src/racoon/nattraversal.h
diff -u src/crypto/dist/ipsec-tools/src/racoon/nattraversal.h:1.7 src/crypto/dist/ipsec-tools/src/racoon/nattraversal.h:1.8
--- src/crypto/dist/ipsec-tools/src/racoon/nattraversal.h:1.7 Wed Sep 22 07:34:51 2010
+++ src/crypto/dist/ipsec-tools/src/racoon/nattraversal.h Sat May 19 18:51:59 2018
@@ -1,10 +1,10 @@
-/* $NetBSD: nattraversal.h,v 1.7 2010/09/22 07:34:51 vanhu Exp $ */
+/* $NetBSD: nattraversal.h,v 1.8 2018/05/19 18:51:59 maxv Exp $ */
/*
* Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany.
* Contributed by: Michal Ludvig <[email protected]>, SUSE Labs
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -16,7 +16,7 @@
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,51 +49,50 @@
#define NON_ESP_MARKER_LEN sizeof(u_int32_t)
#define NON_ESP_MARKER_USE(_ph1) ((_ph1)->natt_flags & NAT_ADD_NON_ESP_MARKER)
-/* These are the values from parsing "remote {}"
- block of the config file. */
+/*
+ * These are the values from parsing "remote {}" block of the config file.
+ */
#define NATT_OFF FLASE /* = 0 */
#define NATT_ON TRUE /* = 1 */
#define NATT_FORCE 2
struct ph1natt_options {
- int version;
- u_int16_t float_port;
- u_int16_t mode_udp_tunnel;
- u_int16_t mode_udp_transport;
- u_int16_t encaps_type; /* ESPINUDP / ESPINUDP_NON_IKE */
- u_int16_t mode_udp_diff;
- u_int16_t payload_nat_d;
- u_int16_t payload_nat_oa;
+ int version;
+ u_int16_t float_port;
+ u_int16_t mode_udp_tunnel;
+ u_int16_t mode_udp_transport;
+ u_int16_t encaps_type; /* ESPINUDP / ESPINUDP_NON_IKE */
+ u_int16_t mode_udp_diff;
+ u_int16_t payload_nat_d;
+ u_int16_t payload_nat_oa;
};
struct ph2natt {
- u_int8_t type;
- u_int16_t sport;
- u_int16_t dport;
- struct sockaddr *oa;
- u_int16_t frag;
+ u_int8_t type;
+ u_int16_t sport;
+ u_int16_t dport;
+ struct sockaddr *oa;
+ u_int16_t frag;
};
-int natt_vendorid (int vid);
-vchar_t *natt_hash_addr (struct ph1handle *iph1, struct sockaddr *addr);
-int natt_compare_addr_hash (struct ph1handle *iph1, vchar_t *natd_received, int natd_seq);
-int natt_udp_encap (int encmode);
-int natt_fill_options (struct ph1natt_options *opts, int version);
-void natt_float_ports (struct ph1handle *iph1);
-void natt_handle_vendorid (struct ph1handle *iph1, int vid_numeric);
-
+int natt_vendorid(int vid);
+vchar_t *natt_hash_addr(struct ph1handle *iph1, struct sockaddr *addr);
+int natt_compare_addr_hash(struct ph1handle *iph1, vchar_t *natd_received, int natd_seq);
+int natt_udp_encap(int encmode);
+int natt_fill_options(struct ph1natt_options *opts, int version);
+void natt_float_ports(struct ph1handle *iph1);
+void natt_handle_vendorid(struct ph1handle *iph1, int vid_numeric);
struct payload_list *
-isakmp_plist_append_natt_vids (struct payload_list *plist, vchar_t *vid_natt[MAX_NATT_VID_COUNT]);
-
+isakmp_plist_append_natt_vids(struct payload_list *plist, vchar_t *vid_natt[MAX_NATT_VID_COUNT]);
/* NAT keepalive functions */
-void natt_keepalive_init (void);
-int natt_keepalive_add (struct sockaddr *src, struct sockaddr *dst);
-int natt_keepalive_add_ph1 (struct ph1handle *iph1);
-void natt_keepalive_remove (struct sockaddr *src, struct sockaddr *dst);
+void natt_keepalive_init(void);
+int natt_keepalive_add(struct sockaddr *src, struct sockaddr *dst);
+int natt_keepalive_add_ph1(struct ph1handle *iph1);
+void natt_keepalive_remove(struct sockaddr *src, struct sockaddr *dst);
/* Walk through all rmconfigs and tell if NAT-T is enabled in at least one. */
-int natt_enabled_in_rmconf (void);
+int natt_enabled_in_rmconf(void);
#endif /* _NATTRAVERSAL_H */
