| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: handler.c,v 1.39 2011/03/14 17:18:12 tteras Exp $ */ | | 1 | /* $NetBSD: handler.c,v 1.39.2.1 2011/11/17 14:46:31 vanhu Exp $ */ |
2 | | | 2 | |
3 | /* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */ | | 3 | /* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */ |
4 | | | 4 | |
5 | /* | | 5 | /* |
6 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | | 6 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
7 | * All rights reserved. | | 7 | * All rights reserved. |
8 | * | | 8 | * |
9 | * Redistribution and use in source and binary forms, with or without | | 9 | * Redistribution and use in source and binary forms, with or without |
10 | * modification, are permitted provided that the following conditions | | 10 | * modification, are permitted provided that the following conditions |
11 | * are met: | | 11 | * are met: |
12 | * 1. Redistributions of source code must retain the above copyright | | 12 | * 1. Redistributions of source code must retain the above copyright |
13 | * notice, this list of conditions and the following disclaimer. | | 13 | * notice, this list of conditions and the following disclaimer. |
14 | * 2. Redistributions in binary form must reproduce the above copyright | | 14 | * 2. Redistributions in binary form must reproduce the above copyright |
| @@ -601,29 +601,31 @@ getph2bymsgid(iph1, msgid) | | | @@ -601,29 +601,31 @@ getph2bymsgid(iph1, msgid) |
601 | * but the source and destination addresses used for | | 601 | * but the source and destination addresses used for |
602 | * for SA negotiation (best example is tunnel mode SA | | 602 | * for SA negotiation (best example is tunnel mode SA |
603 | * where src and dst are the endpoints). There is at most | | 603 | * where src and dst are the endpoints). There is at most |
604 | * a unique match because racoon does not support bundles | | 604 | * a unique match because racoon does not support bundles |
605 | * which makes that there is at most a single established | | 605 | * which makes that there is at most a single established |
606 | * SA for a given spid. One could say that src and dst | | 606 | * SA for a given spid. One could say that src and dst |
607 | * are in fact useless ... | | 607 | * are in fact useless ... |
608 | */ | | 608 | */ |
609 | struct ph2handle * | | 609 | struct ph2handle * |
610 | getph2byid(src, dst, spid) | | 610 | getph2byid(src, dst, spid) |
611 | struct sockaddr *src, *dst; | | 611 | struct sockaddr *src, *dst; |
612 | u_int32_t spid; | | 612 | u_int32_t spid; |
613 | { | | 613 | { |
614 | struct ph2handle *p; | | 614 | struct ph2handle *p, *next; |
| | | 615 | |
| | | 616 | for (p = LIST_FIRST(&ph2tree); p; p = next) { |
| | | 617 | next = LIST_NEXT(p, chain); |
615 | | | 618 | |
616 | LIST_FOREACH(p, &ph2tree, chain) { | | | |
617 | if (spid == p->spid && | | 619 | if (spid == p->spid && |
618 | cmpsaddr(src, p->src) <= CMPSADDR_WILDPORT_MATCH && | | 620 | cmpsaddr(src, p->src) <= CMPSADDR_WILDPORT_MATCH && |
619 | cmpsaddr(dst, p->dst) <= CMPSADDR_WILDPORT_MATCH){ | | 621 | cmpsaddr(dst, p->dst) <= CMPSADDR_WILDPORT_MATCH){ |
620 | /* Sanity check to detect zombie handlers | | 622 | /* Sanity check to detect zombie handlers |
621 | * XXX Sould be done "somewhere" more interesting, | | 623 | * XXX Sould be done "somewhere" more interesting, |
622 | * because we have lots of getph2byxxxx(), but this one | | 624 | * because we have lots of getph2byxxxx(), but this one |
623 | * is called by pk_recvacquire(), so is the most important. | | 625 | * is called by pk_recvacquire(), so is the most important. |
624 | */ | | 626 | */ |
625 | if(p->status < PHASE2ST_ESTABLISHED && | | 627 | if(p->status < PHASE2ST_ESTABLISHED && |
626 | p->retry_counter == 0 | | 628 | p->retry_counter == 0 |
627 | && p->sce.func == NULL && p->scr.func == NULL) { | | 629 | && p->sce.func == NULL && p->scr.func == NULL) { |
628 | plog(LLV_DEBUG, LOCATION, NULL, | | 630 | plog(LLV_DEBUG, LOCATION, NULL, |
629 | "Zombie ph2 found, expiring it\n"); | | 631 | "Zombie ph2 found, expiring it\n"); |
| @@ -975,29 +977,31 @@ inscontacted(remote) | | | @@ -975,29 +977,31 @@ inscontacted(remote) |
975 | racoon_free(new); | | 977 | racoon_free(new); |
976 | return -1; | | 978 | return -1; |
977 | } | | 979 | } |
978 | | | 980 | |
979 | LIST_INSERT_HEAD(&ctdtree, new, chain); | | 981 | LIST_INSERT_HEAD(&ctdtree, new, chain); |
980 | | | 982 | |
981 | return 0; | | 983 | return 0; |
982 | } | | 984 | } |
983 | | | 985 | |
984 | void | | 986 | void |
985 | remcontacted(remote) | | 987 | remcontacted(remote) |
986 | struct sockaddr *remote; | | 988 | struct sockaddr *remote; |
987 | { | | 989 | { |
988 | struct contacted *p; | | 990 | struct contacted *p, *next; |
| | | 991 | |
| | | 992 | for (p = LIST_FIRST(&ctdtree); p; p = next) { |
| | | 993 | next = LIST_NEXT(p, chain); |
989 | | | 994 | |
990 | LIST_FOREACH(p, &ctdtree, chain) { | | | |
991 | if (cmpsaddr(remote, p->remote) <= CMPSADDR_WILDPORT_MATCH) { | | 995 | if (cmpsaddr(remote, p->remote) <= CMPSADDR_WILDPORT_MATCH) { |
992 | LIST_REMOVE(p, chain); | | 996 | LIST_REMOVE(p, chain); |
993 | racoon_free(p->remote); | | 997 | racoon_free(p->remote); |
994 | racoon_free(p); | | 998 | racoon_free(p); |
995 | break; | | 999 | break; |
996 | } | | 1000 | } |
997 | } | | 1001 | } |
998 | } | | 1002 | } |
999 | | | 1003 | |
1000 | void | | 1004 | void |
1001 | initctdtree() | | 1005 | initctdtree() |
1002 | { | | 1006 | { |
1003 | LIST_INIT(&ctdtree); | | 1007 | LIST_INIT(&ctdtree); |
| @@ -1545,30 +1549,32 @@ getph1bylogin(login) | | | @@ -1545,30 +1549,32 @@ getph1bylogin(login) |
1545 | if (p->mode_cfg == NULL) | | 1549 | if (p->mode_cfg == NULL) |
1546 | continue; | | 1550 | continue; |
1547 | if (strncmp(p->mode_cfg->login, login, LOGINLEN) == 0) | | 1551 | if (strncmp(p->mode_cfg->login, login, LOGINLEN) == 0) |
1548 | return p; | | 1552 | return p; |
1549 | } | | 1553 | } |
1550 | | | 1554 | |
1551 | return NULL; | | 1555 | return NULL; |
1552 | } | | 1556 | } |
1553 | | | 1557 | |
1554 | int | | 1558 | int |
1555 | purgeph1bylogin(login) | | 1559 | purgeph1bylogin(login) |
1556 | char *login; | | 1560 | char *login; |
1557 | { | | 1561 | { |
1558 | struct ph1handle *p; | | 1562 | struct ph1handle *p, *next; |
1559 | int found = 0; | | 1563 | int found = 0; |
1560 | | | 1564 | |
1561 | LIST_FOREACH(p, &ph1tree, chain) { | | 1565 | for (p = LIST_FIRST(&ph1tree); p; p = next) { |
| | | 1566 | next = LIST_NEXT(p, chain); |
| | | 1567 | |
1562 | if (p->mode_cfg == NULL) | | 1568 | if (p->mode_cfg == NULL) |
1563 | continue; | | 1569 | continue; |
1564 | if (strncmp(p->mode_cfg->login, login, LOGINLEN) == 0) { | | 1570 | if (strncmp(p->mode_cfg->login, login, LOGINLEN) == 0) { |
1565 | if (p->status >= PHASE1ST_EXPIRED) | | 1571 | if (p->status >= PHASE1ST_EXPIRED) |
1566 | continue; | | 1572 | continue; |
1567 | | | 1573 | |
1568 | if (p->status >= PHASE1ST_ESTABLISHED) | | 1574 | if (p->status >= PHASE1ST_ESTABLISHED) |
1569 | isakmp_info_send_d1(p); | | 1575 | isakmp_info_send_d1(p); |
1570 | purge_remote(p); | | 1576 | purge_remote(p); |
1571 | found++; | | 1577 | found++; |
1572 | } | | 1578 | } |
1573 | } | | 1579 | } |
1574 | | | 1580 | |