- plug memory leak.
- fixed a length of the sadb extension in the case of pfkey_send_x5(). - used getprotobynumber() for printing a upper layer protocol name. - modified the output format against the change of the setkey syntax about a icmp6 type/code. - don't enumerate reserved fields. use memset. Obtained from: KAME
This commit is contained in:
parent
5cf7816f16
commit
bd9f52d566
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=122107
@ -24,6 +24,7 @@
|
|||||||
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
# SUCH DAMAGE.
|
# SUCH DAMAGE.
|
||||||
|
#
|
||||||
# $FreeBSD$
|
# $FreeBSD$
|
||||||
|
|
||||||
LIB= ipsec
|
LIB= ipsec
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
.\" $KAME: ipsec_set_policy.3,v 1.15 2001/08/17 07:21:36 itojun Exp $
|
.\" $KAME: ipsec_set_policy.3,v 1.16 2003/01/06 21:59:03 sumikawa Exp $
|
||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\"
|
.\"
|
||||||
.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
||||||
.\" All rights reserved.
|
.\" All rights reserved.
|
||||||
@ -117,7 +117,7 @@ means to consult to SPD defined by
|
|||||||
.It Ar direction Li bypass
|
.It Ar direction Li bypass
|
||||||
.Li bypass
|
.Li bypass
|
||||||
means to be bypassed the IPsec processing.
|
means to be bypassed the IPsec processing.
|
||||||
(packet will be transmitted in clear).
|
.Pq packet will be transmitted in clear .
|
||||||
This is for privileged socket.
|
This is for privileged socket.
|
||||||
.It Xo
|
.It Xo
|
||||||
.Ar direction
|
.Ar direction
|
||||||
@ -174,7 +174,7 @@ is this node
|
|||||||
and
|
and
|
||||||
.Ar src
|
.Ar src
|
||||||
is the other node
|
is the other node
|
||||||
(peer).
|
.Pq peer .
|
||||||
If
|
If
|
||||||
.Ar mode
|
.Ar mode
|
||||||
is
|
is
|
||||||
@ -203,9 +203,9 @@ regarding the system default.
|
|||||||
means that a relevant SA can be used when available,
|
means that a relevant SA can be used when available,
|
||||||
since the kernel may perform IPsec operation against packets when possible.
|
since the kernel may perform IPsec operation against packets when possible.
|
||||||
In this case, packets can be transmitted in clear
|
In this case, packets can be transmitted in clear
|
||||||
(when SA is not available),
|
.Pq when SA is not available ,
|
||||||
or encrypted
|
or encrypted
|
||||||
(when SA is available).
|
.Pq when SA is available .
|
||||||
.Li require
|
.Li require
|
||||||
means that a relevant SA is required,
|
means that a relevant SA is required,
|
||||||
since the kernel must perform IPsec operation against packets.
|
since the kernel must perform IPsec operation against packets.
|
||||||
@ -248,7 +248,7 @@ Refer to
|
|||||||
for detail.
|
for detail.
|
||||||
.Pp
|
.Pp
|
||||||
Here are several examples
|
Here are several examples
|
||||||
(long lines are wrapped for readability):
|
.Pq long lines are wrapped for readability :
|
||||||
.Bd -literal -offset indent
|
.Bd -literal -offset indent
|
||||||
in discard
|
in discard
|
||||||
out ipsec esp/transport//require
|
out ipsec esp/transport//require
|
||||||
@ -265,7 +265,7 @@ successful; otherwise a NULL pointer is returned.
|
|||||||
The
|
The
|
||||||
.Fn ipsec_get_policylen
|
.Fn ipsec_get_policylen
|
||||||
function returns with positive value
|
function returns with positive value
|
||||||
(meaning the buffer size)
|
.Pq meaning the buffer size
|
||||||
on success, and negative value on errors.
|
on success, and negative value on errors.
|
||||||
The
|
The
|
||||||
.Fn ipsec_dump_policy
|
.Fn ipsec_dump_policy
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
/* $KAME: pfkey.c,v 1.39 2001/03/05 18:22:17 thorpej Exp $ */
|
/* $KAME: pfkey.c,v 1.46 2003/08/26 03:37:06 itojun Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
||||||
@ -44,7 +44,6 @@ __FBSDID("$FreeBSD$");
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <stdio.h>
|
|
||||||
|
|
||||||
#include "ipsec_strerror.h"
|
#include "ipsec_strerror.h"
|
||||||
#include "libpfkey.h"
|
#include "libpfkey.h"
|
||||||
@ -706,11 +705,14 @@ pfkey_recv_register(so)
|
|||||||
int error = -1;
|
int error = -1;
|
||||||
|
|
||||||
/* receive message */
|
/* receive message */
|
||||||
do {
|
for (;;) {
|
||||||
if ((newmsg = pfkey_recv(so)) == NULL)
|
if ((newmsg = pfkey_recv(so)) == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
} while (newmsg->sadb_msg_type != SADB_REGISTER
|
if (newmsg->sadb_msg_type == SADB_REGISTER &&
|
||||||
|| newmsg->sadb_msg_pid != pid);
|
newmsg->sadb_msg_pid == pid)
|
||||||
|
break;
|
||||||
|
free(newmsg);
|
||||||
|
}
|
||||||
|
|
||||||
/* check and fix */
|
/* check and fix */
|
||||||
newmsg->sadb_msg_len = PFKEY_UNUNIT64(newmsg->sadb_msg_len);
|
newmsg->sadb_msg_len = PFKEY_UNUNIT64(newmsg->sadb_msg_len);
|
||||||
@ -1540,7 +1542,7 @@ pfkey_send_x5(so, type, spid)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
memset(&xpl, 0, sizeof(xpl));
|
memset(&xpl, 0, sizeof(xpl));
|
||||||
xpl.sadb_x_policy_len = PFKEY_UNUNIT64(sizeof(xpl));
|
xpl.sadb_x_policy_len = PFKEY_UNIT64(sizeof(xpl));
|
||||||
xpl.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
|
xpl.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
|
||||||
xpl.sadb_x_policy_id = spid;
|
xpl.sadb_x_policy_id = spid;
|
||||||
memcpy(p, &xpl, sizeof(xpl));
|
memcpy(p, &xpl, sizeof(xpl));
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
/* $KAME: pfkey_dump.c,v 1.28 2001/06/27 10:46:51 sakane Exp $ */
|
/* $KAME: pfkey_dump.c,v 1.45 2003/09/08 10:14:56 itojun Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
||||||
@ -102,7 +102,8 @@ do { \
|
|||||||
} while (0)
|
} while (0)
|
||||||
|
|
||||||
static char *str_ipaddr(struct sockaddr *);
|
static char *str_ipaddr(struct sockaddr *);
|
||||||
static char *str_prefport(u_int, u_int, u_int);
|
static char *str_prefport(u_int, u_int, u_int, u_int);
|
||||||
|
static void str_upperspec(u_int, u_int, u_int);
|
||||||
static char *str_time(time_t);
|
static char *str_time(time_t);
|
||||||
static void str_lifetime_byte(struct sadb_lifetime *, char *);
|
static void str_lifetime_byte(struct sadb_lifetime *, char *);
|
||||||
|
|
||||||
@ -133,22 +134,6 @@ static char *str_mode[] = {
|
|||||||
"tunnel",
|
"tunnel",
|
||||||
};
|
};
|
||||||
|
|
||||||
static char *str_upper[] = {
|
|
||||||
/*0*/ "ip", "icmp", "igmp", "ggp", "ip4",
|
|
||||||
"", "tcp", "", "egp", "",
|
|
||||||
/*10*/ "", "", "", "", "",
|
|
||||||
"", "", "udp", "", "",
|
|
||||||
/*20*/ "", "", "idp", "", "",
|
|
||||||
"", "", "", "", "tp",
|
|
||||||
/*30*/ "", "", "", "", "",
|
|
||||||
"", "", "", "", "",
|
|
||||||
/*40*/ "", "ip6", "", "rt6", "frag6",
|
|
||||||
"", "rsvp", "gre", "", "",
|
|
||||||
/*50*/ "esp", "ah", "", "", "",
|
|
||||||
"", "", "", "icmp6", "none",
|
|
||||||
/*60*/ "dst6",
|
|
||||||
};
|
|
||||||
|
|
||||||
static char *str_state[] = {
|
static char *str_state[] = {
|
||||||
"larval",
|
"larval",
|
||||||
"mature",
|
"mature",
|
||||||
@ -381,9 +366,9 @@ pfkey_spdump(m)
|
|||||||
caddr_t mhp[SADB_EXT_MAX + 1];
|
caddr_t mhp[SADB_EXT_MAX + 1];
|
||||||
struct sadb_address *m_saddr, *m_daddr;
|
struct sadb_address *m_saddr, *m_daddr;
|
||||||
struct sadb_x_policy *m_xpl;
|
struct sadb_x_policy *m_xpl;
|
||||||
struct sadb_lifetime *m_lft = NULL;
|
struct sadb_lifetime *m_lftc = NULL, *m_lfth = NULL;
|
||||||
struct sockaddr *sa;
|
struct sockaddr *sa;
|
||||||
u_int16_t port;
|
u_int16_t sport = 0, dport = 0;
|
||||||
|
|
||||||
/* check pfkey message. */
|
/* check pfkey message. */
|
||||||
if (pfkey_align(m, mhp)) {
|
if (pfkey_align(m, mhp)) {
|
||||||
@ -398,63 +383,60 @@ pfkey_spdump(m)
|
|||||||
m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC];
|
m_saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC];
|
||||||
m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST];
|
m_daddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST];
|
||||||
m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY];
|
m_xpl = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY];
|
||||||
m_lft = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
|
m_lftc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT];
|
||||||
|
m_lfth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
|
||||||
|
|
||||||
/* source address */
|
if (m_saddr && m_daddr) {
|
||||||
if (m_saddr == NULL) {
|
/* source address */
|
||||||
printf("no ADDRESS_SRC extension.\n");
|
sa = (struct sockaddr *)(m_saddr + 1);
|
||||||
return;
|
switch (sa->sa_family) {
|
||||||
}
|
case AF_INET:
|
||||||
sa = (struct sockaddr *)(m_saddr + 1);
|
case AF_INET6:
|
||||||
switch (sa->sa_family) {
|
if (getnameinfo(sa, sa->sa_len, NULL, 0,
|
||||||
case AF_INET:
|
pbuf, sizeof(pbuf), NI_NUMERICSERV) != 0)
|
||||||
case AF_INET6:
|
sport = 0; /*XXX*/
|
||||||
if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf),
|
else
|
||||||
NI_NUMERICSERV) != 0)
|
sport = atoi(pbuf);
|
||||||
port = 0; /*XXX*/
|
printf("%s%s ", str_ipaddr(sa),
|
||||||
else
|
str_prefport(sa->sa_family,
|
||||||
port = atoi(pbuf);
|
m_saddr->sadb_address_prefixlen, sport,
|
||||||
printf("%s%s ", str_ipaddr(sa),
|
m_saddr->sadb_address_proto));
|
||||||
str_prefport(sa->sa_family,
|
break;
|
||||||
m_saddr->sadb_address_prefixlen, port));
|
default:
|
||||||
break;
|
printf("unknown-af ");
|
||||||
default:
|
break;
|
||||||
printf("unknown-af ");
|
}
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* destination address */
|
/* destination address */
|
||||||
if (m_daddr == NULL) {
|
sa = (struct sockaddr *)(m_daddr + 1);
|
||||||
printf("no ADDRESS_DST extension.\n");
|
switch (sa->sa_family) {
|
||||||
return;
|
case AF_INET:
|
||||||
}
|
case AF_INET6:
|
||||||
sa = (struct sockaddr *)(m_daddr + 1);
|
if (getnameinfo(sa, sa->sa_len, NULL, 0,
|
||||||
switch (sa->sa_family) {
|
pbuf, sizeof(pbuf), NI_NUMERICSERV) != 0)
|
||||||
case AF_INET:
|
dport = 0; /*XXX*/
|
||||||
case AF_INET6:
|
else
|
||||||
if (getnameinfo(sa, sa->sa_len, NULL, 0, pbuf, sizeof(pbuf),
|
dport = atoi(pbuf);
|
||||||
NI_NUMERICSERV) != 0)
|
printf("%s%s ", str_ipaddr(sa),
|
||||||
port = 0; /*XXX*/
|
str_prefport(sa->sa_family,
|
||||||
else
|
m_daddr->sadb_address_prefixlen, dport,
|
||||||
port = atoi(pbuf);
|
m_saddr->sadb_address_proto));
|
||||||
printf("%s%s ", str_ipaddr(sa),
|
break;
|
||||||
str_prefport(sa->sa_family,
|
default:
|
||||||
m_daddr->sadb_address_prefixlen, port));
|
printf("unknown-af ");
|
||||||
break;
|
break;
|
||||||
default:
|
}
|
||||||
printf("unknown-af ");
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* upper layer protocol */
|
/* upper layer protocol */
|
||||||
if (m_saddr->sadb_address_proto != m_daddr->sadb_address_proto) {
|
if (m_saddr->sadb_address_proto !=
|
||||||
printf("upper layer protocol mismatched.\n");
|
m_daddr->sadb_address_proto) {
|
||||||
return;
|
printf("upper layer protocol mismatched.\n");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
str_upperspec(m_saddr->sadb_address_proto, sport, dport);
|
||||||
}
|
}
|
||||||
if (m_saddr->sadb_address_proto == IPSEC_ULPROTO_ANY)
|
|
||||||
printf("any");
|
|
||||||
else
|
else
|
||||||
GETMSGSTR(str_upper, m_saddr->sadb_address_proto);
|
printf("(no selector, probably per-socket policy) ");
|
||||||
|
|
||||||
/* policy */
|
/* policy */
|
||||||
{
|
{
|
||||||
@ -472,11 +454,19 @@ pfkey_spdump(m)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* lifetime */
|
/* lifetime */
|
||||||
if (m_lft) {
|
if (m_lftc) {
|
||||||
printf("\tlifetime:%lu validtime:%lu\n",
|
printf("\tcreated: %s ",
|
||||||
(u_long)m_lft->sadb_lifetime_addtime,
|
str_time(m_lftc->sadb_lifetime_addtime));
|
||||||
(u_long)m_lft->sadb_lifetime_usetime);
|
printf("lastused: %s\n",
|
||||||
|
str_time(m_lftc->sadb_lifetime_usetime));
|
||||||
}
|
}
|
||||||
|
if (m_lfth) {
|
||||||
|
printf("\tlifetime: %lu(s) ",
|
||||||
|
(u_long)m_lfth->sadb_lifetime_addtime);
|
||||||
|
printf("validtime: %lu(s)\n",
|
||||||
|
(u_long)m_lfth->sadb_lifetime_usetime);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
printf("\tspid=%ld seq=%ld pid=%ld\n",
|
printf("\tspid=%ld seq=%ld pid=%ld\n",
|
||||||
(u_long)m_xpl->sadb_x_policy_id,
|
(u_long)m_xpl->sadb_x_policy_id,
|
||||||
@ -511,8 +501,8 @@ str_ipaddr(sa)
|
|||||||
* set "/prefix[port number]" to buffer.
|
* set "/prefix[port number]" to buffer.
|
||||||
*/
|
*/
|
||||||
static char *
|
static char *
|
||||||
str_prefport(family, pref, port)
|
str_prefport(family, pref, port, ulp)
|
||||||
u_int family, pref, port;
|
u_int family, pref, port, ulp;
|
||||||
{
|
{
|
||||||
static char buf[128];
|
static char buf[128];
|
||||||
char prefbuf[128];
|
char prefbuf[128];
|
||||||
@ -535,16 +525,50 @@ str_prefport(family, pref, port)
|
|||||||
else
|
else
|
||||||
snprintf(prefbuf, sizeof(prefbuf), "/%u", pref);
|
snprintf(prefbuf, sizeof(prefbuf), "/%u", pref);
|
||||||
|
|
||||||
if (port == IPSEC_PORT_ANY)
|
if (ulp == IPPROTO_ICMPV6)
|
||||||
snprintf(portbuf, sizeof(portbuf), "[%s]", "any");
|
memset(portbuf, 0, sizeof(portbuf));
|
||||||
else
|
else {
|
||||||
snprintf(portbuf, sizeof(portbuf), "[%u]", port);
|
if (port == IPSEC_PORT_ANY)
|
||||||
|
snprintf(portbuf, sizeof(portbuf), "[%s]", "any");
|
||||||
|
else
|
||||||
|
snprintf(portbuf, sizeof(portbuf), "[%u]", port);
|
||||||
|
}
|
||||||
|
|
||||||
snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf);
|
snprintf(buf, sizeof(buf), "%s%s", prefbuf, portbuf);
|
||||||
|
|
||||||
return buf;
|
return buf;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
str_upperspec(ulp, p1, p2)
|
||||||
|
u_int ulp, p1, p2;
|
||||||
|
{
|
||||||
|
if (ulp == IPSEC_ULPROTO_ANY)
|
||||||
|
printf("any");
|
||||||
|
else if (ulp == IPPROTO_ICMPV6) {
|
||||||
|
printf("icmp6");
|
||||||
|
if (!(p1 == IPSEC_PORT_ANY && p2 == IPSEC_PORT_ANY))
|
||||||
|
printf(" %u,%u", p1, p2);
|
||||||
|
} else {
|
||||||
|
struct protoent *ent;
|
||||||
|
|
||||||
|
switch (ulp) {
|
||||||
|
case IPPROTO_IPV4:
|
||||||
|
printf("ip4");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
ent = getprotobynumber(ulp);
|
||||||
|
if (ent)
|
||||||
|
printf("%s", ent->p_name);
|
||||||
|
else
|
||||||
|
printf("%u", ulp);
|
||||||
|
|
||||||
|
endprotoent();
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* set "Mon Day Time Year" to buffer
|
* set "Mon Day Time Year" to buffer
|
||||||
*/
|
*/
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
/* $FreeBSD$ */
|
/* $KAME: policy_parse.y,v 1.14 2003/06/27 03:39:20 itojun Exp $ */
|
||||||
/* $KAME: policy_parse.y,v 1.10 2000/05/07 05:25:03 itojun Exp $ */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
||||||
@ -50,6 +49,9 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
%{
|
%{
|
||||||
|
#include <sys/cdefs.h>
|
||||||
|
__FBSDID("$FreeBSD$");
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/param.h>
|
#include <sys/param.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
@ -85,9 +87,12 @@ static void policy_parse_request_init(void);
|
|||||||
static caddr_t policy_parse(char *msg, int msglen);
|
static caddr_t policy_parse(char *msg, int msglen);
|
||||||
|
|
||||||
extern void __policy__strbuffer__init__(char *msg);
|
extern void __policy__strbuffer__init__(char *msg);
|
||||||
|
extern void __policy__strbuffer__free__(void);
|
||||||
extern int yyparse(void);
|
extern int yyparse(void);
|
||||||
extern int yylex(void);
|
extern int yylex(void);
|
||||||
|
|
||||||
|
extern char *__libipsecyytext; /*XXX*/
|
||||||
|
|
||||||
%}
|
%}
|
||||||
|
|
||||||
%union {
|
%union {
|
||||||
@ -210,8 +215,6 @@ void
|
|||||||
yyerror(msg)
|
yyerror(msg)
|
||||||
char *msg;
|
char *msg;
|
||||||
{
|
{
|
||||||
extern char *__libipsecyytext; /*XXX*/
|
|
||||||
|
|
||||||
fprintf(stderr, "libipsec: %s while parsing \"%s\"\n",
|
fprintf(stderr, "libipsec: %s while parsing \"%s\"\n",
|
||||||
msg, __libipsecyytext);
|
msg, __libipsecyytext);
|
||||||
|
|
||||||
@ -300,12 +303,14 @@ init_x_policy()
|
|||||||
__ipsec_errcode = EIPSEC_NO_BUFS;
|
__ipsec_errcode = EIPSEC_NO_BUFS;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
memset(pbuf, 0, tlen);
|
||||||
p = (struct sadb_x_policy *)pbuf;
|
p = (struct sadb_x_policy *)pbuf;
|
||||||
p->sadb_x_policy_len = 0; /* must update later */
|
p->sadb_x_policy_len = 0; /* must update later */
|
||||||
p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
|
p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
|
||||||
p->sadb_x_policy_type = p_type;
|
p->sadb_x_policy_type = p_type;
|
||||||
p->sadb_x_policy_dir = p_dir;
|
p->sadb_x_policy_dir = p_dir;
|
||||||
p->sadb_x_policy_reserved = 0;
|
p->sadb_x_policy_id = 0;
|
||||||
|
|
||||||
offset = tlen;
|
offset = tlen;
|
||||||
|
|
||||||
__ipsec_errcode = EIPSEC_NO_ERROR;
|
__ipsec_errcode = EIPSEC_NO_ERROR;
|
||||||
@ -398,6 +403,8 @@ policy_parse(msg, msglen)
|
|||||||
__policy__strbuffer__init__(msg);
|
__policy__strbuffer__init__(msg);
|
||||||
|
|
||||||
error = yyparse(); /* it must be set errcode. */
|
error = yyparse(); /* it must be set errcode. */
|
||||||
|
__policy__strbuffer__free__();
|
||||||
|
|
||||||
if (error) {
|
if (error) {
|
||||||
if (pbuf != NULL)
|
if (pbuf != NULL)
|
||||||
free(pbuf);
|
free(pbuf);
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/* $FreeBSD$ */
|
/* $FreeBSD$ */
|
||||||
/* $KAME: policy_token.l,v 1.11 2000/12/01 10:08:29 sakane Exp $ */
|
/* $KAME: policy_token.l,v 1.13 2003/05/09 05:19:55 sakane Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
|
||||||
@ -46,11 +46,7 @@
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
|
||||||
#ifndef __NetBSD__
|
|
||||||
#include "y.tab.h"
|
#include "y.tab.h"
|
||||||
#else
|
|
||||||
#include "policy_parse.h"
|
|
||||||
#endif
|
|
||||||
#define yylval __libipsecyylval /* XXX */
|
#define yylval __libipsecyylval /* XXX */
|
||||||
|
|
||||||
int yylex(void);
|
int yylex(void);
|
||||||
@ -133,16 +129,26 @@ unique { yylval.num = IPSEC_LEVEL_UNIQUE; return(LEVEL); }
|
|||||||
%%
|
%%
|
||||||
|
|
||||||
void __policy__strbuffer__init__(char *);
|
void __policy__strbuffer__init__(char *);
|
||||||
|
void __policy__strbuffer__free__(void);
|
||||||
|
|
||||||
|
static YY_BUFFER_STATE strbuffer;
|
||||||
|
|
||||||
void
|
void
|
||||||
__policy__strbuffer__init__(msg)
|
__policy__strbuffer__init__(msg)
|
||||||
char *msg;
|
char *msg;
|
||||||
{
|
{
|
||||||
YY_BUFFER_STATE yyb;
|
if (yy_current_buffer)
|
||||||
|
yy_delete_buffer(yy_current_buffer);
|
||||||
yyb = (YY_BUFFER_STATE)yy_scan_string(msg);
|
strbuffer = (YY_BUFFER_STATE)yy_scan_string(msg);
|
||||||
yy_switch_to_buffer(yyb);
|
yy_switch_to_buffer(strbuffer);
|
||||||
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
__policy__strbuffer__free__()
|
||||||
|
{
|
||||||
|
yy_delete_buffer(strbuffer);
|
||||||
|
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user