summaryrefslogtreecommitdiff
path: root/keyexchange/isakmpd-20041012/sysdep/bsdi/sysdep.c
diff options
context:
space:
mode:
Diffstat (limited to 'keyexchange/isakmpd-20041012/sysdep/bsdi/sysdep.c')
-rw-r--r--keyexchange/isakmpd-20041012/sysdep/bsdi/sysdep.c225
1 files changed, 0 insertions, 225 deletions
diff --git a/keyexchange/isakmpd-20041012/sysdep/bsdi/sysdep.c b/keyexchange/isakmpd-20041012/sysdep/bsdi/sysdep.c
deleted file mode 100644
index 99715d5..0000000
--- a/keyexchange/isakmpd-20041012/sysdep/bsdi/sysdep.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* $OpenBSD: sysdep.c,v 1.12 2004/08/10 15:59:10 ho Exp $ */
-
-/*
- * Copyright (c) 1998, 1999 Niklas Hallqvist. All rights reserved.
- * Copyright (c) 2000 H\xe5kan Olsson. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "sysdep.h"
-
-#include "util.h"
-
-#ifdef NEED_SYSDEP_APP
-#include "app.h"
-#include "conf.h"
-#include "ipsec.h"
-
-#ifdef USE_PF_KEY_V2
-#include "pf_key_v2.h"
-#define KEY_API(x) pf_key_v2_##x
-#endif
-
-#endif /* NEED_SYSDEP_APP */
-#include "log.h"
-
-extern char *__progname;
-
-/*
- * An as strong as possible random number generator, reverting to a
- * deterministic pseudo-random one if regrand is set.
- */
-u_int32_t
-sysdep_random ()
-{
- return random();
-}
-
-/* Return the basename of the command used to invoke us. */
-char *
-sysdep_progname ()
-{
- return __progname;
-}
-
-/* Return the length of the sockaddr struct. */
-u_int8_t
-sysdep_sa_len (struct sockaddr *sa)
-{
- return sa->sa_len;
-}
-
-/* As regress/ use this file I protect the sysdep_app_* stuff like this. */
-#ifdef NEED_SYSDEP_APP
-/*
- * Prepare the application we negotiate SAs for (i.e. the IPsec stack)
- * for communication. We return a file descriptor useable to select(2) on.
- */
-int
-sysdep_app_open ()
-{
- return KEY_API(open) ();
-}
-
-/*
- * When select(2) has noticed our application needs attendance, this is what
- * gets called. FD is the file descriptor causing the alarm.
- */
-void
-sysdep_app_handler (int fd)
-{
- KEY_API (handler) (fd);
-}
-
-/* Check that the connection named NAME is active, or else make it active. */
-void
-sysdep_connection_check (char *name)
-{
- KEY_API (connection_check) (name);
-}
-
-/*
- * Generate a SPI for protocol PROTO and the source/destination pair given by
- * SRC, SRCLEN, DST & DSTLEN. Stash the SPI size in SZ.
- */
-u_int8_t *
-sysdep_ipsec_get_spi (size_t *sz, u_int8_t proto, struct sockaddr *src,
- struct sockaddr *dst, u_int32_t seq)
-{
- if (app_none)
- {
- *sz = IPSEC_SPI_SIZE;
- /* XXX should be random instead I think. */
- return strdup ("\x12\x34\x56\x78");
- }
- return KEY_API (get_spi) (sz, proto, src, dst, seq);
-}
-
-struct sa_kinfo *
-sysdep_ipsec_get_kernel_sa(u_int8_t *spi, size_t spi_sz, u_int8_t proto,
- struct sockaddr *dst)
-{
- if (app_none)
- return 0;
- /* XXX return KEY_API(get_kernel_sa)(spi, spi_sz, proto, dst); */
- return 0;
-}
-
-/* Force communication on socket FD to go in the clear. */
-int
-sysdep_cleartext (int fd, int af)
-{
- char *buf;
- char *policy[] = { "in bypass", "out bypass", NULL };
- char **p;
- int ipp;
- int opt;
- char *msgstr;
-
- if (app_none)
- return 0;
-
- switch (af)
- {
- case AF_INET:
- ipp = IPPROTO_IP;
- opt = IP_IPSEC_POLICY;
- msgstr = "";
- break;
- case AF_INET6:
- ipp = IPPROTO_IPV6;
- opt = IPV6_IPSEC_POLICY;
- msgstr = "V6";
- break;
- default:
- log_print ("sysdep_cleartext: unsupported protocol family %d", af);
- return -1;
- }
-
- /*
- * Need to bypass system security policy, so I can send and
- * receive key management datagrams in the clear.
- */
-
- for (p = policy; p && *p; p++)
- {
- buf = ipsec_set_policy (*p, strlen(*p));
- if (buf == NULL)
- {
- log_error ("sysdep_cleartext: %s: %s", *p, ipsec_strerror());
- return -1;
- }
-
- if (setsockopt(fd, ipp, opt, buf, ipsec_get_policylen(buf)) < 0)
- {
- log_error ("sysdep_cleartext: "
- "setsockopt (%d, IPPROTO_IP%s, IP%s_IPSEC_POLICY, ...) "
- "failed", fd, msgstr, msgstr);
- return -1;
- }
- free(buf);
- }
-
- return 0;
-}
-
-int
-sysdep_ipsec_delete_spi (struct sa *sa, struct proto *proto, int incoming)
-{
- if (app_none)
- return 0;
- return KEY_API (delete_spi) (sa, proto, incoming);
-}
-
-int
-sysdep_ipsec_enable_sa (struct sa *sa, struct sa *isakmp_sa)
-{
- if (app_none)
- return 0;
- return KEY_API (enable_sa) (sa, isakmp_sa);
-}
-
-int
-sysdep_ipsec_group_spis (struct sa *sa, struct proto *proto1,
- struct proto *proto2, int incoming)
-{
- if (app_none)
- return 0;
- return KEY_API (group_spis) (sa, proto1, proto2, incoming);
-}
-
-int
-sysdep_ipsec_set_spi (struct sa *sa, struct proto *proto, int incoming,
- struct sa *isakmp_sa)
-{
- if (app_none)
- return 0;
- return KEY_API (set_spi) (sa, proto, incoming, isakmp_sa);
-}
-#endif