-/* $OpenBSD: ikev2.c,v 1.370 2023/06/13 12:34:12 tb Exp $ */
+/* $OpenBSD: ikev2.c,v 1.371 2023/06/14 14:09:29 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
struct sockaddr_in *in4;
struct sockaddr_in6 *in6;
ssize_t ret = -1;
- struct sockaddr *src, *dst, *ss;
+ struct sockaddr_storage *src, *dst, *ss;
uint64_t rspi, ispi;
struct ibuf *buf;
uint32_t rnd;
return (-1);
ispi = hdr->ike_ispi;
rspi = hdr->ike_rspi;
- src = (struct sockaddr *)&msg->msg_peer;
- dst = (struct sockaddr *)&msg->msg_local;
+ src = &msg->msg_peer;
+ dst = &msg->msg_local;
} else {
ispi = htobe64(sa->sa_hdr.sh_ispi);
rspi = htobe64(sa->sa_hdr.sh_rspi);
- src = (struct sockaddr *)&msg->msg_local;
- dst = (struct sockaddr *)&msg->msg_peer;
+ src = &msg->msg_local;
+ dst = &msg->msg_peer;
}
ctx = EVP_MD_CTX_new();
EVP_DigestUpdate(ctx, &ispi, sizeof(ispi));
EVP_DigestUpdate(ctx, &rspi, sizeof(rspi));
- switch (ss->sa_family) {
+ switch (ss->ss_family) {
case AF_INET:
in4 = (struct sockaddr_in *)ss;
EVP_DigestUpdate(ctx, &in4->sin_addr.s_addr,
int
ikev2_print_id(struct iked_id *id, char *idstr, size_t idstrlen)
{
- uint8_t buf[BUFSIZ], *ptr;
- struct sockaddr_in *s4;
- struct sockaddr_in6 *s6;
+ uint8_t *ptr;
+ struct sockaddr_in s4 = { 0 };
+ struct sockaddr_in6 s6 = { 0 };
char *str;
ssize_t len;
int i;
const char *type;
- bzero(buf, sizeof(buf));
bzero(idstr, idstrlen);
if (id->id_buf == NULL)
strlcat(idstr, "/", idstrlen) >= idstrlen)
return (-1);
- idstrlen -= strlen(idstr);
- idstr += strlen(idstr);
-
switch (id->id_type) {
case IKEV2_ID_IPV4:
- s4 = (struct sockaddr_in *)buf;
- s4->sin_family = AF_INET;
- s4->sin_len = sizeof(*s4);
- memcpy(&s4->sin_addr.s_addr, ptr, len);
+ s4.sin_family = AF_INET;
+ s4.sin_len = sizeof(s4);
+ memcpy(&s4.sin_addr.s_addr, ptr, len);
- if (print_host((struct sockaddr *)s4,
- idstr, idstrlen) == NULL)
+ if (strlcat(idstr, print_addr(&s4), idstrlen) >= idstrlen)
return (-1);
break;
case IKEV2_ID_FQDN:
case IKEV2_ID_UFQDN:
- if (len >= (ssize_t)sizeof(buf))
- return (-1);
-
if ((str = get_string(ptr, len)) == NULL)
return (-1);
- if (strlcpy(idstr, str, idstrlen) >= idstrlen) {
+ if (strlcat(idstr, str, idstrlen) >= idstrlen) {
free(str);
return (-1);
}
free(str);
break;
case IKEV2_ID_IPV6:
- s6 = (struct sockaddr_in6 *)buf;
- s6->sin6_family = AF_INET6;
- s6->sin6_len = sizeof(*s6);
- memcpy(&s6->sin6_addr, ptr, len);
+ s6.sin6_family = AF_INET6;
+ s6.sin6_len = sizeof(s6);
+ memcpy(&s6.sin6_addr, ptr, len);
- if (print_host((struct sockaddr *)s6,
- idstr, idstrlen) == NULL)
+ if (strlcat(idstr, print_addr(&s6), idstrlen) >= idstrlen)
return (-1);
break;
case IKEV2_ID_ASN1_DN:
if ((str = ca_asn1_name(ptr, len)) == NULL)
return (-1);
- if (strlcpy(idstr, str, idstrlen) >= idstrlen) {
+ if (strlcat(idstr, str, idstrlen) >= idstrlen) {
OPENSSL_free(str);
return (-1);
}
break;
default:
/* XXX test */
- for (i = 0; i < ((ssize_t)idstrlen - 1) && i < len; i++)
- snprintf(idstr + i, idstrlen - i,
- "%02x", ptr[i]);
+ for (i = 0; i < len; i++) {
+ char buf[3];
+ snprintf(buf, sizeof(buf), "%02x", ptr[i]);
+ if (strlcat(idstr, buf, idstrlen) >= idstrlen)
+ break;
+ }
break;
}
-/* $OpenBSD: ikev2_pld.c,v 1.129 2023/06/06 16:09:35 claudio Exp $ */
+/* $OpenBSD: ikev2_pld.c,v 1.130 2023/06/14 14:09:29 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
ikev2_pld_ts(struct iked *env, struct ikev2_payload *pld,
struct iked_message *msg, size_t offset, size_t left, unsigned int type)
{
- struct sockaddr_in s4;
- struct sockaddr_in6 s6;
- uint8_t buf[2][128];
+ struct sockaddr_in start4, end4;
+ struct sockaddr_in6 start6, end6;
uint8_t *msgbuf = ibuf_data(msg->msg_data);
uint8_t *ptr;
return (-1);
}
- bzero(&s4, sizeof(s4));
- s4.sin_family = AF_INET;
- s4.sin_len = sizeof(s4);
- memcpy(&s4.sin_addr.s_addr, ptr, 4);
+ bzero(&start4, sizeof(start4));
+ start4.sin_family = AF_INET;
+ start4.sin_len = sizeof(start4);
+ memcpy(&start4.sin_addr.s_addr, ptr, 4);
ptr += 4;
left -= 4;
- print_host((struct sockaddr *)&s4,
- (char *)buf[0], sizeof(buf[0]));
- memcpy(&s4.sin_addr.s_addr, ptr, 4);
+ bzero(&end4, sizeof(end4));
+ end4.sin_family = AF_INET;
+ end4.sin_len = sizeof(end4);
+ memcpy(&end4.sin_addr.s_addr, ptr, 4);
left -= 4;
- print_host((struct sockaddr *)&s4,
- (char *)buf[1], sizeof(buf[1]));
log_debug("%s: start %s end %s", __func__,
- buf[0], buf[1]);
+ print_addr(&start4), print_addr(&end4));
break;
case IKEV2_TS_IPV6_ADDR_RANGE:
if (left < 2 * 16) {
__func__, left, 2 * 16);
return (-1);
}
- bzero(&s6, sizeof(s6));
- s6.sin6_family = AF_INET6;
- s6.sin6_len = sizeof(s6);
- memcpy(&s6.sin6_addr, ptr, 16);
+ bzero(&start6, sizeof(start6));
+ start6.sin6_family = AF_INET6;
+ start6.sin6_len = sizeof(start6);
+ memcpy(&start6.sin6_addr, ptr, 16);
ptr += 16;
left -= 16;
- print_host((struct sockaddr *)&s6,
- (char *)buf[0], sizeof(buf[0]));
- memcpy(&s6.sin6_addr, ptr, 16);
+ bzero(&end6, sizeof(end6));
+ end6.sin6_family = AF_INET6;
+ end6.sin6_len = sizeof(end6);
+ memcpy(&end6.sin6_addr, ptr, 16);
left -= 16;
- print_host((struct sockaddr *)&s6,
- (char *)buf[1], sizeof(buf[1]));
+
log_debug("%s: start %s end %s", __func__,
- buf[0], buf[1]);
+ print_addr(&start6), print_addr(&end6));
break;
default:
log_debug("%s: ignoring unknown TS type %u", __func__, type);
uint8_t *msgbuf = ibuf_data(msg->msg_data);
uint8_t *ptr;
size_t len;
- uint8_t buf[128];
int cfg_type;
if (ikev2_validate_cp(msg, offset, left, &cp))
in4->sin_family = AF_INET;
in4->sin_len = sizeof(*in4);
memcpy(&in4->sin_addr.s_addr, ptr, 4);
- print_host((struct sockaddr *)in4, (char *)buf,
- sizeof(buf));
- log_debug("%s: cfg %s", __func__, buf);
switch(cfg_type) {
case IKEV2_CFG_INTERNAL_IP4_ADDRESS:
msg->msg_parent->msg_cp_addr = addr;
- log_debug("%s: IP4_ADDRESS %s", __func__, buf);
+ log_debug("%s: IP4_ADDRESS %s", __func__,
+ print_addr(&addr->addr));
break;
case IKEV2_CFG_INTERNAL_IP4_DNS:
msg->msg_parent->msg_cp_dns = addr;
- log_debug("%s: IP4_DNS %s", __func__, buf);
+ log_debug("%s: IP4_DNS %s", __func__,
+ print_addr(&addr->addr));
+ break;
+ default:
+ log_debug("%s: cfg %s", __func__,
+ print_addr(&addr->addr));
break;
}
break;
in6->sin6_family = AF_INET6;
in6->sin6_len = sizeof(*in6);
memcpy(&in6->sin6_addr, ptr, 16);
- print_host((struct sockaddr *)in6, (char *)buf,
- sizeof(buf));
- log_debug("%s: cfg %s/%d", __func__, buf, ptr[16]);
switch(cfg_type) {
case IKEV2_CFG_INTERNAL_IP6_ADDRESS:
msg->msg_parent->msg_cp_addr6 = addr;
- log_debug("%s: IP6_ADDRESS %s", __func__, buf);
+ log_debug("%s: IP6_ADDRESS %s", __func__,
+ print_addr(&addr->addr));
break;
case IKEV2_CFG_INTERNAL_IP6_DNS:
msg->msg_parent->msg_cp_dns = addr;
- log_debug("%s: IP6_DNS %s", __func__, buf);
+ log_debug("%s: IP6_DNS %s", __func__,
+ print_addr(&addr->addr));
+ break;
+ default:
+ log_debug("%s: cfg %s/%d", __func__,
+ print_addr(&addr->addr), ptr[16]);
break;
}
break;
projects / openbsd / commitdiff