From 71da41451212389bea25d67bc5da696b6d194bff Mon Sep 17 00:00:00 2001
From: Othmar Gsenger <otti@anytun.org>
Date: Sun, 25 May 2008 09:50:42 +0000
Subject: moved keyexchange to http://anytun.org/svn/keyexchange

---
 .../isakmpd-20041012/sysdep/openbsd/sysdep.c       | 266 ---------------------
 1 file changed, 266 deletions(-)
 delete mode 100644 keyexchange/isakmpd-20041012/sysdep/openbsd/sysdep.c

(limited to 'keyexchange/isakmpd-20041012/sysdep/openbsd/sysdep.c')

diff --git a/keyexchange/isakmpd-20041012/sysdep/openbsd/sysdep.c b/keyexchange/isakmpd-20041012/sysdep/openbsd/sysdep.c
deleted file mode 100644
index f59922f..0000000
--- a/keyexchange/isakmpd-20041012/sysdep/openbsd/sysdep.c
+++ /dev/null
@@ -1,266 +0,0 @@
-/* $OpenBSD: sysdep.c,v 1.28 2004/08/10 15:59:11 ho Exp $	 */
-/* $EOM: sysdep.c,v 1.9 2000/12/04 04:46:35 angelos Exp $	 */
-
-/*
- * Copyright (c) 1998, 1999 Niklas Hallqvist.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This code was written under funding by Ericsson Radio Systems.
- */
-
-#include <sys/errno.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "sysdep.h"
-
-#include "monitor.h"
-#include "util.h"
-
-#ifdef NEED_SYSDEP_APP
-#include "app.h"
-#include "conf.h"
-#include "ipsec.h"
-
-#ifdef USE_PF_KEY_V2
-#include "pf_key_v2.h"
-#define KEY_API(x) pf_key_v2_##x
-#endif
-
-#endif /* NEED_SYSDEP_APP */
-#include "log.h"
-
-extern char    *__progname;
-
-/*
- * An as strong as possible random number generator, reverting to a
- * deterministic pseudo-random one if regrand is set.
- */
-u_int32_t
-sysdep_random()
-{
-	if (!regrand)
-		return arc4random();
-	else
-		return random();
-}
-
-/* Return the basename of the command used to invoke us.  */
-char *
-sysdep_progname()
-{
-	return __progname;
-}
-
-/* Return the length of the sockaddr struct.  */
-u_int8_t
-sysdep_sa_len(struct sockaddr *sa)
-{
-	return sa->sa_len;
-}
-
-/* As regress/ use this file I protect the sysdep_app_* stuff like this.  */
-#ifdef NEED_SYSDEP_APP
-/*
- * Prepare the application we negotiate SAs for (i.e. the IPsec stack)
- * for communication.  We return a file descriptor useable to select(2) on.
- */
-int
-sysdep_app_open()
-{
-#ifdef USE_PRIVSEP
-	return monitor_pf_key_v2_open();
-#else
-	return KEY_API(open)();
-#endif
-}
-
-/*
- * When select(2) has noticed our application needs attendance, this is what
- * gets called.  FD is the file descriptor causing the alarm.
- */
-void
-sysdep_app_handler(int fd)
-{
-	KEY_API(handler)(fd);
-}
-
-/* Check that the connection named NAME is active, or else make it active.  */
-void
-sysdep_connection_check(char *name)
-{
-	KEY_API(connection_check)(name);
-}
-
-/*
- * Generate a SPI for protocol PROTO and the source/destination pair given by
- * SRC, SRCLEN, DST & DSTLEN.  Stash the SPI size in SZ.
- */
-u_int8_t *
-sysdep_ipsec_get_spi(size_t *sz, u_int8_t proto, struct sockaddr *src,
-    struct sockaddr *dst, u_int32_t seq)
-{
-	if (app_none) {
-		*sz = IPSEC_SPI_SIZE;
-		/* XXX should be random instead I think.  */
-		return (u_int8_t *)strdup("\x12\x34\x56\x78");
-	}
-	return KEY_API(get_spi)(sz, proto, src, dst, seq);
-}
-
-struct sa_kinfo *
-sysdep_ipsec_get_kernel_sa(u_int8_t *spi, size_t spi_sz, u_int8_t proto,
-    struct sockaddr *dst)
-{
-	if (app_none)
-		return 0;
-	return KEY_API(get_kernel_sa)(spi, spi_sz, proto, dst);
-}
-
-/* Force communication on socket FD to go in the clear.  */
-int
-sysdep_cleartext(int fd, int af)
-{
-	int level, sw;
-	struct {
-		int             ip_proto;	/* IP protocol */
-		int             auth_level;
-		int             esp_trans_level;
-		int             esp_network_level;
-		int             ipcomp_level;
-	} optsw[] = {
-	    {
-		IPPROTO_IP,
-		IP_AUTH_LEVEL,
-		IP_ESP_TRANS_LEVEL,
-		IP_ESP_NETWORK_LEVEL,
-#ifdef IP_IPCOMP_LEVEL
-		IP_IPCOMP_LEVEL
-#else
-		0
-#endif
-	    }, {
-		IPPROTO_IPV6,
-		IPV6_AUTH_LEVEL,
-		IPV6_ESP_TRANS_LEVEL,
-		IPV6_ESP_NETWORK_LEVEL,
-#ifdef IPV6_IPCOMP_LEVEL
-		IPV6_IPCOMP_LEVEL
-#else
-		0
-#endif
-	    },
-	};
-
-	if (app_none)
-		return 0;
-
-	switch (af) {
-	case AF_INET:
-		sw = 0;
-		break;
-	case AF_INET6:
-		sw = 1;
-		break;
-	default:
-		log_print("sysdep_cleartext: unsupported protocol family %d", af);
-		return -1;
-	}
-
-	/*
-         * Need to bypass system security policy, so I can send and
-         * receive key management datagrams in the clear.
-         */
-	level = IPSEC_LEVEL_BYPASS;
-	if (monitor_setsockopt(fd, optsw[sw].ip_proto, optsw[sw].auth_level,
-	    (char *) &level, sizeof level) == -1) {
-		log_error("sysdep_cleartext: "
-		    "setsockopt (%d, %d, IP_AUTH_LEVEL, ...) failed", fd,
-		    optsw[sw].ip_proto);
-		return -1;
-	}
-	if (monitor_setsockopt(fd, optsw[sw].ip_proto, optsw[sw].esp_trans_level,
-	    (char *) &level, sizeof level) == -1) {
-		log_error("sysdep_cleartext: "
-		    "setsockopt (%d, %d, IP_ESP_TRANS_LEVEL, ...) failed", fd,
-		    optsw[sw].ip_proto);
-		return -1;
-	}
-	if (monitor_setsockopt(fd, optsw[sw].ip_proto, optsw[sw].esp_network_level,
-	    (char *) &level, sizeof level) == -1) {
-		log_error("sysdep_cleartext: "
-		    "setsockopt (%d, %d, IP_ESP_NETWORK_LEVEL, ...) failed", fd,
-		    optsw[sw].ip_proto);
-		return -1;
-	}
-	if (optsw[sw].ipcomp_level &&
-	    monitor_setsockopt(fd, optsw[sw].ip_proto, optsw[sw].ipcomp_level,
-	    (char *) &level, sizeof level) == -1 &&
-	    errno != ENOPROTOOPT) {
-		log_error("sysdep_cleartext: "
-		    "setsockopt (%d, %d, IP_IPCOMP_LEVEL, ...) failed,", fd,
-		    optsw[sw].ip_proto);
-		return -1;
-	}
-	return 0;
-}
-
-int
-sysdep_ipsec_delete_spi(struct sa *sa, struct proto *proto, int incoming)
-{
-	if (app_none)
-		return 0;
-	return KEY_API(delete_spi)(sa, proto, incoming);
-}
-
-int
-sysdep_ipsec_enable_sa(struct sa *sa, struct sa *isakmp_sa)
-{
-	if (app_none)
-		return 0;
-	return KEY_API(enable_sa)(sa, isakmp_sa);
-}
-
-int
-sysdep_ipsec_group_spis(struct sa *sa, struct proto *proto1,
-    struct proto *proto2, int incoming)
-{
-	if (app_none)
-		return 0;
-	return KEY_API(group_spis)(sa, proto1, proto2, incoming);
-}
-
-int
-sysdep_ipsec_set_spi(struct sa *sa, struct proto *proto, int incoming,
-    struct sa *isakmp_sa)
-{
-	if (app_none)
-		return 0;
-	return KEY_API(set_spi) (sa,proto, incoming, isakmp_sa);
-}
-#endif
-- 
cgit v1.2.3