-/* $OpenBSD: ca.c,v 1.91 2023/03/05 22:17:22 tobhe Exp $ */
+/* $OpenBSD: ca.c,v 1.92 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
struct iked *env = iked_env;
struct ca_store *store;
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
if ((store = env->sc_priv) == NULL)
return;
X509_STORE_free(store->ca_cas);
X509_STORE_free(store->ca_certs);
- ibuf_release(store->ca_pubkey.id_buf);
- ibuf_release(store->ca_privkey.id_buf);
+ ibuf_free(store->ca_pubkey.id_buf);
+ ibuf_free(store->ca_privkey.id_buf);
free(store);
}
ibuf_length(key->id_buf));
/* clear old key and copy new one */
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
memcpy(id, key, sizeof(*id));
}
iovcnt++;
ret = proc_composev(&env->sc_ps, PROC_IKEV2, IMSG_SCERT, iov, iovcnt);
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
ret = 0;
done:
- ibuf_release(id.id_buf);
+ ibuf_free(id.id_buf);
return (ret);
}
ca_setcert(env, &sh, NULL, type,
ibuf_data(buf), ibuf_size(buf), PROC_IKEV2);
- ibuf_release(buf);
+ ibuf_free(buf);
return (0);
}
ret = ca_setauth(env, &sa, sa.sa_localauth.id_buf, PROC_IKEV2);
- ibuf_release(sa.sa_localauth.id_buf);
+ ibuf_free(sa.sa_localauth.id_buf);
sa.sa_localauth.id_buf = NULL;
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (ret);
}
/*
* Save CAs signatures for the IKEv2 CERTREQ
*/
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
if ((env->sc_certreq = ibuf_new(NULL, 0)) == NULL)
return (-1);
OPENSSL_free(subj_name);
if (ibuf_add(env->sc_certreq, md, len) != 0) {
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
env->sc_certreq = NULL;
return (-1);
}
case EVP_PKEY_RSA:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((rsa = EVP_PKEY_get0_RSA(key)) == NULL)
d = ibuf_data(id->id_buf);
if (i2d_RSAPublicKey(rsa, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
case EVP_PKEY_EC:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((ec = EVP_PKEY_get0_EC_KEY(key)) == NULL)
d = ibuf_data(id->id_buf);
if (i2d_EC_PUBKEY(ec, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
case EVP_PKEY_RSA:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((rsa = EVP_PKEY_get0_RSA(key)) == NULL)
d = ibuf_data(id->id_buf);
if (i2d_RSAPrivateKey(rsa, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
case EVP_PKEY_EC:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((ec = EVP_PKEY_get0_EC_KEY(key)) == NULL)
d = ibuf_data(id->id_buf);
if (i2d_ECPrivateKey(ec, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
if (ret != 0)
ca_sslerror(__func__);
done:
- ibuf_release(idp.id_buf);
+ ibuf_free(idp.id_buf);
EVP_PKEY_free(localkey);
RSA_free(localrsa);
if (len > 0)
}
ikev2_print_id(&sanid, idstr, sizeof(idstr));
log_info("%s: altname: %s", logmsg, idstr);
- ibuf_release(sanid.id_buf);
+ ibuf_free(sanid.id_buf);
sanid.id_buf = NULL;
}
/* Compare length and data */
}
/* Get first ID */
if (mode == MODE_ALT_GET) {
- ibuf_release(retid->id_buf);
+ ibuf_free(retid->id_buf);
if ((retid->id_buf = ibuf_new(data, len)) == NULL) {
log_debug("%s: failed to get id buffer",
__func__);
-/* $OpenBSD: config.c,v 1.91 2022/12/03 22:34:35 tobhe Exp $ */
+/* $OpenBSD: config.c,v 1.92 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
if (kex == NULL)
return;
- ibuf_release(kex->kex_inonce);
- ibuf_release(kex->kex_rnonce);
+ ibuf_free(kex->kex_inonce);
+ ibuf_free(kex->kex_rnonce);
group_free(kex->kex_dhgroup);
- ibuf_release(kex->kex_dhiexchange);
- ibuf_release(kex->kex_dhrexchange);
+ ibuf_free(kex->kex_dhiexchange);
+ ibuf_free(kex->kex_dhrexchange);
free(kex);
}
ikev2_msg_flushqueue(env, &sa->sa_requests);
ikev2_msg_flushqueue(env, &sa->sa_responses);
- ibuf_release(sa->sa_inonce);
- ibuf_release(sa->sa_rnonce);
+ ibuf_free(sa->sa_inonce);
+ ibuf_free(sa->sa_rnonce);
group_free(sa->sa_dhgroup);
- ibuf_release(sa->sa_dhiexchange);
- ibuf_release(sa->sa_dhrexchange);
+ ibuf_free(sa->sa_dhiexchange);
+ ibuf_free(sa->sa_dhrexchange);
- ibuf_release(sa->sa_simult);
+ ibuf_free(sa->sa_simult);
hash_free(sa->sa_prf);
hash_free(sa->sa_integr);
cipher_free(sa->sa_encr);
- ibuf_release(sa->sa_key_d);
- ibuf_release(sa->sa_key_iauth);
- ibuf_release(sa->sa_key_rauth);
- ibuf_release(sa->sa_key_iencr);
- ibuf_release(sa->sa_key_rencr);
- ibuf_release(sa->sa_key_iprf);
- ibuf_release(sa->sa_key_rprf);
-
- ibuf_release(sa->sa_1stmsg);
- ibuf_release(sa->sa_2ndmsg);
-
- ibuf_release(sa->sa_iid.id_buf);
- ibuf_release(sa->sa_rid.id_buf);
- ibuf_release(sa->sa_icert.id_buf);
- ibuf_release(sa->sa_rcert.id_buf);
+ ibuf_free(sa->sa_key_d);
+ ibuf_free(sa->sa_key_iauth);
+ ibuf_free(sa->sa_key_rauth);
+ ibuf_free(sa->sa_key_iencr);
+ ibuf_free(sa->sa_key_rencr);
+ ibuf_free(sa->sa_key_iprf);
+ ibuf_free(sa->sa_key_rprf);
+
+ ibuf_free(sa->sa_1stmsg);
+ ibuf_free(sa->sa_2ndmsg);
+
+ ibuf_free(sa->sa_iid.id_buf);
+ ibuf_free(sa->sa_rid.id_buf);
+ ibuf_free(sa->sa_icert.id_buf);
+ ibuf_free(sa->sa_rcert.id_buf);
for (i = 0; i < IKED_SCERT_MAX; i++)
- ibuf_release(sa->sa_scert[i].id_buf);
- ibuf_release(sa->sa_localauth.id_buf);
- ibuf_release(sa->sa_peerauth.id_buf);
+ ibuf_free(sa->sa_scert[i].id_buf);
+ ibuf_free(sa->sa_localauth.id_buf);
+ ibuf_free(sa->sa_peerauth.id_buf);
- ibuf_release(sa->sa_eap.id_buf);
+ ibuf_free(sa->sa_eap.id_buf);
free(sa->sa_eapid);
- ibuf_release(sa->sa_eapmsk);
+ ibuf_free(sa->sa_eapmsk);
free(sa->sa_cp_addr);
free(sa->sa_cp_addr6);
if (fp != NULL)
fclose(fp);
- ibuf_release(pubkey.id_buf);
- ibuf_release(privkey.id_buf);
+ ibuf_free(pubkey.id_buf);
+ ibuf_free(privkey.id_buf);
EVP_PKEY_free(key);
return (ret);
-/* $OpenBSD: crypto.c,v 1.42 2023/03/30 17:20:53 bluhm Exp $ */
+/* $OpenBSD: crypto.c,v 1.43 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
struct ibuf *
hash_setkey(struct iked_hash *hash, void *key, size_t keylen)
{
- ibuf_release(hash->hash_key);
+ ibuf_free(hash->hash_key);
if ((hash->hash_key = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc hash key", __func__);
return (NULL);
if (hash == NULL)
return;
HMAC_CTX_free(hash->hash_ctx);
- ibuf_release(hash->hash_key);
+ ibuf_free(hash->hash_key);
free(hash);
}
struct ibuf *
cipher_setkey(struct iked_cipher *encr, const void *key, size_t keylen)
{
- ibuf_release(encr->encr_key);
+ ibuf_free(encr->encr_key);
if ((encr->encr_key = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc cipher key", __func__);
return (NULL);
struct ibuf *
cipher_setiv(struct iked_cipher *encr, const void *iv, size_t len)
{
- ibuf_release(encr->encr_iv);
+ ibuf_free(encr->encr_iv);
encr->encr_iv = NULL;
if (iv != NULL) {
if (len < encr->encr_ivlength) {
if (encr == NULL)
return;
EVP_CIPHER_CTX_free(encr->encr_ctx);
- ibuf_release(encr->encr_iv);
- ibuf_release(encr->encr_key);
+ ibuf_free(encr->encr_iv);
+ ibuf_free(encr->encr_key);
free(encr);
}
EVP_PKEY_free(dsa->dsa_key);
}
- ibuf_release(dsa->dsa_keydata);
+ ibuf_free(dsa->dsa_keydata);
free(dsa);
}
EC_KEY *ec = NULL;
EVP_PKEY *pkey = NULL;
- ibuf_release(dsa->dsa_keydata);
+ ibuf_free(dsa->dsa_keydata);
if ((dsa->dsa_keydata = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc signature key", __func__);
return (NULL);
EVP_PKEY_free(pkey);
X509_free(cert);
BIO_free(rawcert);
- ibuf_release(dsa->dsa_keydata);
+ ibuf_free(dsa->dsa_keydata);
dsa->dsa_keydata = NULL;
return (NULL);
}
-/* $OpenBSD: eap.c,v 1.22 2022/12/03 21:02:27 tobhe Exp $ */
+/* $OpenBSD: eap.c,v 1.23 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
ret = ikev2_msg_send_encrypt(env, sa, &e,
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 1);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
ret = ikev2_send_ike_e(env, sa, e,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
ret = ikev2_send_ike_e(env, sa, e,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
ret = ikev2_send_ike_e(env, sa, eapmsg,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(eapmsg);
+ ibuf_free(eapmsg);
return (ret);
}
ret = ikev2_send_ike_e(env, sa, eapmsg,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(eapmsg);
+ ibuf_free(eapmsg);
return (ret);
}
-/* $OpenBSD: iked.h,v 1.211 2023/05/23 12:43:26 claudio Exp $ */
+/* $OpenBSD: iked.h,v 1.212 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
struct ibuf *
ibuf_static(void);
int ibuf_cat(struct ibuf *, struct ibuf *);
-void ibuf_release(struct ibuf *);
size_t ibuf_length(struct ibuf *);
int ibuf_setsize(struct ibuf *, size_t);
uint8_t *
-/* $OpenBSD: ikev2.c,v 1.365 2023/03/10 19:26:06 tobhe Exp $ */
+/* $OpenBSD: ikev2.c,v 1.366 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
{
struct iked *env = iked_env;
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
env->sc_certreq = NULL;
config_doreset(env, RESET_ALL);
}
memcpy(&type, ptr, sizeof(type));
ptr += sizeof(type);
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
env->sc_certreqtype = type;
env->sc_certreq = ibuf_new(ptr,
IMSG_DATA_SIZE(imsg) - sizeof(type));
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (len > 0 && (id->id_buf = ibuf_new(ptr, len)) == NULL) {
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (len <= 0 || (id->id_buf = ibuf_new(ptr, len)) == NULL) {
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (len <= 0 || (id->id_buf = ibuf_new(ptr, len)) == NULL) {
id = &sa->sa_localauth;
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (type != IKEV2_AUTH_NONE) {
ibuf_data(sa->sa_peerauth.id_buf),
ibuf_length(sa->sa_peerauth.id_buf),
authmsg);
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
if (ret != 0) {
log_info("%s: ikev2_msg_authverify failed",
SPI_SA(sa, __func__));
/* XXX 2nd AUTH for EAP messages */
ret = ikev2_msg_authsign(env, sa, &ikeauth, authmsg);
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
if (ret != 0) {
ikev2_send_auth_failed(env, sa);
explicit_bzero(&ikeauth, sizeof(ikeauth));
}
ca_setauth(env, sa, authmsg, PROC_CERT);
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
}
}
(void)ikev2_pld_parse(env, hdr, &req, 0);
- ibuf_release(sa->sa_1stmsg);
+ ibuf_free(sa->sa_1stmsg);
if ((sa->sa_1stmsg = ibuf_dup(buf)) == NULL) {
log_debug("%s: failed to copy 1st message", __func__);
goto done;
if (ca_setauth(env, sa, authmsg, PROC_CERT) == -1) {
log_info("%s: failed to get cert", SPI_SA(sa, __func__));
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (-1);
}
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (ikev2_init_ike_auth(env, sa));
}
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 0);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
case IKEV2_ID_IPV4:
if (inet_pton(AF_INET, (char *)polid->id_data, &in4) != 1 ||
ibuf_add(id->id_buf, &in4, sizeof(in4)) != 0) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
case IKEV2_ID_IPV6:
if (inet_pton(AF_INET6, (char *)polid->id_data, &in6) != 1 ||
ibuf_add(id->id_buf, &in6, sizeof(in6)) != 0) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
(i2d_X509_NAME(name, &p)) < 0) {
if (name)
X509_NAME_free(name);
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
default:
if (ibuf_add(id->id_buf,
polid->id_data, polid->id_length) != 0) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
sa_state(env, sa, IKEV2_STATE_CLOSED);
}
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
done:
free(localspi);
free(peersas);
- ibuf_release(spibuf);
+ ibuf_free(spibuf);
return (ret);
}
(void)ikev2_pld_parse(env, hdr, &resp, 0);
- ibuf_release(sa->sa_2ndmsg);
+ ibuf_free(sa->sa_2ndmsg);
if ((sa->sa_2ndmsg = ibuf_dup(buf)) == NULL) {
log_debug("%s: failed to copy 2nd message", __func__);
goto done;
if (exchange == IKEV2_EXCHANGE_INFORMATIONAL)
sa->sa_stateflags |= IKED_REQ_INF;
done:
- ibuf_release(buf);
+ ibuf_free(buf);
/* cleanup SA after timeout */
sa_state(env, sa, IKEV2_STATE_CLOSING);
ret = ikev2_send_ike_e(env, sa, buf, IKEV2_PAYLOAD_NOTIFY,
exchange, 1);
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
ibuf_length(cr->cr_data),
PROC_CERT);
- ibuf_release(cr->cr_data);
+ ibuf_free(cr->cr_data);
SIMPLEQ_REMOVE_HEAD(&msg->msg_certreqs, cr_entry);
free(cr);
}
done:
if (ret)
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1);
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
response);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
return (-1);
}
- ibuf_release(sa->sa_simult);
+ ibuf_free(sa->sa_simult);
sa->sa_simult = NULL;
sa->sa_rekeyspi = 0; /* clear rekey spi */
initiator = sa->sa_hdr.sh_initiator ? 1 : 0;
goto done;
/* Update initiator nonce */
- ibuf_release(sa->sa_inonce);
+ ibuf_free(sa->sa_inonce);
sa->sa_inonce = nonce;
if ((e = ibuf_static()) == NULL)
}
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
ikev2_ike_sa_setreason(nsa, "failed to send CREATE_CHILD_SA");
sa_free(env, nsa);
}
- ibuf_release(e);
+ ibuf_free(e);
if (ret == 0)
log_debug("%s: create child SA sent", __func__);
SPI_SA(sa, __func__));
return (-1);
}
- ibuf_release(sa->sa_rnonce);
+ ibuf_free(sa->sa_rnonce);
sa->sa_rnonce = msg->msg_nonce;
msg->msg_nonce = NULL;
ikev2_childsa_delete(env, sa, csa->csa_saproto,
csa->csa_peerspi, NULL, 0);
}
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
}
/* Preserve ID information */
- ibuf_release(nsa->sa_iid.id_buf);
- ibuf_release(nsa->sa_rid.id_buf);
- ibuf_release(nsa->sa_icert.id_buf);
- ibuf_release(nsa->sa_rcert.id_buf);
+ ibuf_free(nsa->sa_iid.id_buf);
+ ibuf_free(nsa->sa_rid.id_buf);
+ ibuf_free(nsa->sa_icert.id_buf);
+ ibuf_free(nsa->sa_rcert.id_buf);
if (sa->sa_hdr.sh_initiator == nsa->sa_hdr.sh_initiator) {
nsa->sa_iid = sa->sa_iid;
nsa->sa_rid = sa->sa_rid;
sa->sa_stateflags |= IKED_REQ_INF;
log_info("%s: sent delete, closing SA", SPI_SA(sa, __func__));
done:
- ibuf_release(buf);
+ ibuf_free(buf);
sa_state(env, sa, IKEV2_STATE_CLOSED);
} else {
sa_state(env, sa, IKEV2_STATE_CLOSING);
log_debug("%s: initiator didn't send nonce", __func__);
goto fail;
}
- ibuf_release(kex->kex_inonce);
+ ibuf_free(kex->kex_inonce);
kex->kex_inonce = msg->msg_nonce;
msg->msg_nonce = NULL;
goto fail;
/* Update responder's nonce */
- ibuf_release(kex->kex_rnonce);
+ ibuf_free(kex->kex_rnonce);
kex->kex_rnonce = nonce;
if (ikev2_childsa_negotiate(env, sa, kex, &proposals, 0, pfs)) {
SPI_SA(sa, __func__),
print_spi(rekey->spi, rekey->spi_size),
print_spi(sa->sa_rekeyspi, rekey->spi_size));
- ibuf_release(sa->sa_simult);
+ ibuf_free(sa->sa_simult);
if (ikev2_nonce_cmp(kex->kex_inonce, nonce) < 0)
sa->sa_simult = ibuf_dup(kex->kex_inonce);
else
done:
if (ret && protoid != IKEV2_SAPROTO_IKE)
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1);
- ibuf_release(e);
+ ibuf_free(e);
config_free_proposals(&proposals, 0);
config_free_kex(kextmp);
return (ret);
ret = ikev2_msg_send(env, &resp);
done:
- ibuf_release(e);
+ ibuf_free(e);
ikev2_msg_cleanup(env, &resp);
return (ret);
if (ikev2_sa_negotiate_common(env, sa, msg) != 0)
return (-1);
- ibuf_release(sa->sa_2ndmsg);
+ ibuf_free(sa->sa_2ndmsg);
if ((sa->sa_2ndmsg = ibuf_dup(msg->msg_data)) == NULL) {
log_info("%s: failed to copy 2nd message",
SPI_SA(sa, __func__));
sa_state(env, sa, IKEV2_STATE_SA_INIT);
- ibuf_release(sa->sa_1stmsg);
+ ibuf_free(sa->sa_1stmsg);
if ((sa->sa_1stmsg = ibuf_dup(msg->msg_data)) == NULL) {
log_debug("%s: failed to copy 1st message", __func__);
return (-1);
ret = 0;
done:
- ibuf_release(ninr);
- ibuf_release(dhsecret);
- ibuf_release(skeyseed);
- ibuf_release(s);
- ibuf_release(t);
+ ibuf_free(ninr);
+ ibuf_free(dhsecret);
+ ibuf_free(skeyseed);
+ ibuf_free(s);
+ ibuf_free(t);
return (ret);
}
void
ikev2_sa_cleanup_dh(struct iked_sa *sa)
{
- ibuf_release(sa->sa_dhiexchange);
- ibuf_release(sa->sa_dhrexchange);
+ ibuf_free(sa->sa_dhiexchange);
+ ibuf_free(sa->sa_dhrexchange);
group_free(sa->sa_dhgroup);
sa->sa_dhiexchange = NULL;
sa->sa_dhrexchange = NULL;
for (i = 0; i < rlen; i++) {
if (t1 != NULL) {
t2 = ibuf_new(t1->buf, ibuf_length(t1));
- ibuf_release(t1);
+ ibuf_free(t1);
} else
t2 = ibuf_new(NULL, 0);
t1 = ibuf_new(NULL, hash_keylength(prf));
if (hashlen != hash_length(prf))
fatalx("ikev2_prfplus: hash length mismatch");
- ibuf_release(t2);
+ ibuf_free(t2);
ibuf_add(t, t1->buf, ibuf_length(t1));
log_debug("%s: T%d with %zu bytes", __func__,
log_debug("%s: Tn with %zu bytes", __func__, ibuf_length(t));
print_hex(t->buf, 0, ibuf_length(t));
- ibuf_release(t1);
+ ibuf_free(t1);
return (t);
fail:
- ibuf_release(t1);
- ibuf_release(t);
+ ibuf_free(t1);
+ ibuf_free(t);
return (NULL);
}
sa->sa_stateflags |= IKED_REQ_INF;
ret = 0;
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
ret = 0;
done:
sa->sa_use_transport_mode = 0; /* reset state after use */
- ibuf_release(dhsecret);
- ibuf_release(keymat);
- ibuf_release(seed);
+ ibuf_free(dhsecret);
+ ibuf_free(keymat);
+ ibuf_free(seed);
childsa_free(csa);
childsa_free(csb);
childsa_free(csa2);
ret = 0;
done:
- ibuf_release(spibuf);
- ibuf_release(flowbuf);
+ ibuf_free(spibuf);
+ ibuf_free(flowbuf);
return (ret);
}
sa->sa_stateflags |= IKED_REQ_INF;
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (0);
}
}
ret = 0;
done:
- ibuf_release(idp.id_buf);
+ ibuf_free(idp.id_buf);
return (ret);
}
-/* $OpenBSD: ikev2_msg.c,v 1.90 2022/12/06 09:07:33 tobhe Exp $ */
+/* $OpenBSD: ikev2_msg.c,v 1.91 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
struct iked_certreq *cr;
if (msg == msg->msg_parent) {
- ibuf_release(msg->msg_nonce);
- ibuf_release(msg->msg_ke);
- ibuf_release(msg->msg_auth.id_buf);
- ibuf_release(msg->msg_peerid.id_buf);
- ibuf_release(msg->msg_localid.id_buf);
- ibuf_release(msg->msg_cert.id_buf);
- ibuf_release(msg->msg_cookie);
- ibuf_release(msg->msg_cookie2);
- ibuf_release(msg->msg_del_buf);
+ ibuf_free(msg->msg_nonce);
+ ibuf_free(msg->msg_ke);
+ ibuf_free(msg->msg_auth.id_buf);
+ ibuf_free(msg->msg_peerid.id_buf);
+ ibuf_free(msg->msg_localid.id_buf);
+ ibuf_free(msg->msg_cert.id_buf);
+ ibuf_free(msg->msg_cookie);
+ ibuf_free(msg->msg_cookie2);
+ ibuf_free(msg->msg_del_buf);
free(msg->msg_eap.eam_user);
free(msg->msg_cp_addr);
free(msg->msg_cp_addr6);
config_free_proposals(&msg->msg_proposals, 0);
while ((cr = SIMPLEQ_FIRST(&msg->msg_certreqs))) {
- ibuf_release(cr->cr_data);
+ ibuf_free(cr->cr_data);
SIMPLEQ_REMOVE_HEAD(&msg->msg_certreqs, cr_entry);
free(cr);
}
}
if (msg->msg_data != NULL) {
- ibuf_release(msg->msg_data);
+ ibuf_free(msg->msg_data);
msg->msg_data = NULL;
}
}
__func__, len + sizeof(pad), pad, ibuf_size(dst));
print_hex(ibuf_data(dst), 0, ibuf_size(dst));
- ibuf_release(src);
- ibuf_release(out);
+ ibuf_free(src);
+ ibuf_free(out);
return (dst);
done:
- ibuf_release(src);
- ibuf_release(out);
- ibuf_release(dst);
+ ibuf_free(src);
+ ibuf_free(out);
+ ibuf_free(dst);
return (NULL);
}
ret = 0;
done:
- ibuf_release(tmp);
+ ibuf_free(tmp);
return (ret);
}
log_debug("%s: integrity check succeeded", __func__);
print_hex(tmp->buf, 0, tmplen);
- ibuf_release(tmp);
+ ibuf_free(tmp);
tmp = NULL;
}
if (ibuf_setsize(out, outlen - pad - 1) != 0)
goto done;
- ibuf_release(src);
+ ibuf_free(src);
return (out);
done:
- ibuf_release(tmp);
- ibuf_release(out);
- ibuf_release(src);
+ ibuf_free(tmp);
+ ibuf_free(out);
+ ibuf_free(src);
return (NULL);
}
firstpayload = 0;
ikev2_msg_cleanup(env, &resp);
- ibuf_release(e);
+ ibuf_free(e);
e = NULL;
}
return 0;
done:
ikev2_msg_cleanup(env, &resp);
- ibuf_release(e);
+ ibuf_free(e);
ikestat_inc(env, ikes_frag_send_failures);
return ret;
}
return (authmsg);
fail:
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (NULL);
}
goto done;
}
- ibuf_release(sa->sa_localauth.id_buf);
+ ibuf_free(sa->sa_localauth.id_buf);
sa->sa_localauth.id_buf = NULL;
if ((buf = ibuf_new(NULL, dsa_length(dsa))) == NULL) {
if ((siglen = dsa_sign_final(dsa,
ibuf_data(buf), ibuf_size(buf))) < 0) {
log_debug("%s: failed to create auth signature", __func__);
- ibuf_release(buf);
+ ibuf_free(buf);
goto done;
}
if (ibuf_setsize(buf, siglen) < 0) {
log_debug("%s: failed to set auth signature size to %zd",
__func__, siglen);
- ibuf_release(buf);
+ ibuf_free(buf);
goto done;
}
-/* $OpenBSD: ikev2_pld.c,v 1.127 2022/12/06 09:07:33 tobhe Exp $ */
+/* $OpenBSD: ikev2_pld.c,v 1.128 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
return (-1);
if (ikev2_print_id(&idb, idstr, sizeof(idstr)) == -1) {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
log_debug("%s: malformed id", __func__);
return (-1);
}
log_debug("%s: id %s length %zu", __func__, idstr, len);
if (!ikev2_msg_frompeer(msg)) {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
return (0);
}
else if (!sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDr)
idp = &msg->msg_parent->msg_localid;
else {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
log_debug("%s: unexpected id payload", __func__);
return (0);
}
if (idp->id_type) {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
log_debug("%s: duplicate id payload", __func__);
return (-1);
}
return (-1);
}
- ibuf_release(idp->id_buf);
+ ibuf_free(idp->id_buf);
idp->id_type = auth.auth_method;
idp->id_offset = 0;
if ((idp->id_buf = ibuf_new(buf, len)) == NULL)
" notification: %zu", __func__, left);
return (0);
}
- ibuf_release(msg->msg_cookie2); /* should not happen */
+ ibuf_free(msg->msg_cookie2); /* should not happen */
if ((msg->msg_cookie2 = ibuf_new(buf, left)) == NULL) {
log_debug("%s: failed to get peer cookie2", __func__);
return (-1);
log_debug("%s: received cookie, len %zu", __func__, left);
print_hex(buf, 0, left);
- ibuf_release(msg->msg_cookie);
+ ibuf_free(msg->msg_cookie);
if ((msg->msg_cookie = ibuf_new(buf, left)) == NULL) {
log_debug("%s: failed to get peer cookie", __func__);
return (-1);
done:
if (!processed)
ikestat_inc(env, ikes_frag_rcvd_drop);
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
dropall:
ikestat_add(env, ikes_frag_rcvd_drop, sa_frag->frag_count + 1);
config_free_fragments(sa_frag);
- ibuf_release(e);
+ ibuf_free(e);
return -1;
}
else
ikestat_add(env, ikes_frag_reass_drop, sa_frag->frag_total);
config_free_fragments(sa_frag);
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
pld->pld_nextpayload);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
-/* $OpenBSD: imsg_util.c,v 1.14 2023/05/23 12:43:26 claudio Exp $ */
+/* $OpenBSD: imsg_util.c,v 1.15 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
return ibuf_reserve(buf, len);
}
-void
-ibuf_release(struct ibuf *buf)
-{
- ibuf_free(buf);
-}
-
size_t
ibuf_length(struct ibuf *buf)
{
if ((new = ibuf_new(data, len)) == NULL)
return (-1);
if (ibuf_cat(new, buf) == -1) {
- ibuf_release(new);
+ ibuf_free(new);
return (-1);
}
free(buf->buf);
-/* $OpenBSD: policy.c,v 1.93 2023/02/08 19:59:10 tb Exp $ */
+/* $OpenBSD: policy.c,v 1.94 2023/05/23 13:12:19 claudio Exp $ */
/*
* Copyright (c) 2020-2021 Tobias Heider <tobhe@openbsd.org>
csb->csa_bundled = NULL;
if ((csb = csa->csa_peersa) != NULL)
csb->csa_peersa = NULL;
- ibuf_release(csa->csa_encrkey);
- ibuf_release(csa->csa_integrkey);
+ ibuf_free(csa->csa_encrkey);
+ ibuf_free(csa->csa_integrkey);
free(csa);
}
projects / openbsd / commitdiff