fixed memory corruption problem in starter
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 27 Apr 2008 10:49:31 +0000 (10:49 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 27 Apr 2008 10:49:31 +0000 (10:49 -0000)
src/starter/args.c
src/starter/confread.c
src/starter/confread.h
src/starter/starterwhack.c

index 84179b6..c292148 100644 (file)
@@ -218,9 +218,9 @@ static const token_info_t token_info[] =
     { ARG_ENUM, offsetof(starter_conn_t, dpd_action), LST_dpd_action               },
     { ARG_MISC, 0, NULL  /* KW_MODECONFIG */                                       },
     { ARG_MISC, 0, NULL  /* KW_XAUTH */                                            },
-    { ARG_ENUM, offsetof(starter_conn_t, me_mediation), LST_bool                  },
-    { ARG_STR,  offsetof(starter_conn_t, me_mediated_by), NULL                    },
-    { ARG_STR,  offsetof(starter_conn_t, me_peerid), NULL                         },
+    { ARG_ENUM, offsetof(starter_conn_t, me_mediation), LST_bool                   },
+    { ARG_STR,  offsetof(starter_conn_t, me_mediated_by), NULL                     },
+    { ARG_STR,  offsetof(starter_conn_t, me_peerid), NULL                          },
 
     /* ca section keywords */
     { ARG_STR,  offsetof(starter_ca_t, name), NULL                                 },
@@ -237,10 +237,10 @@ static const token_info_t token_info[] =
     /* end keywords */
     { ARG_MISC, 0, NULL  /* KW_HOST */                                             },
     { ARG_MISC, 0, NULL  /* KW_NEXTHOP */                                          },
-    { ARG_MISC, 0, NULL  /* KW_SUBNET */                                           },
+    { ARG_STR, offsetof(starter_end_t, subnet), NULL                               },
     { ARG_MISC, 0, NULL  /* KW_SUBNETWITHIN */                                     },
     { ARG_MISC, 0, NULL  /* KW_PROTOPORT */                                        },
-    { ARG_MISC, 0, NULL  /* KW_SOURCEIP */                                         },
+    { ARG_STR, offsetof(starter_end_t, srcip), NULL                                },
     { ARG_MISC, 0, NULL  /* KW_NATIP */                                            },
     { ARG_ENUM, offsetof(starter_end_t, firewall), LST_bool                        },
     { ARG_ENUM, offsetof(starter_end_t, hostaccess), LST_bool                      },
index 606f1e3..4bc36bb 100644 (file)
@@ -146,17 +146,89 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
        if (!assign_arg(token, KW_END_FIRST, kw, (char *)end, &assigned))
                goto err;
 
-       if (token == KW_SENDCERT)
+       /* post processing of some keywords that were assigned automatically */
+       switch (token)
        {
+       case KW_SUBNET:
+               if ((strlen(value) >= 6 && strncmp(value,"vhost:",6) == 0)
+               ||  (strlen(value) >= 5 && strncmp(value,"vnet:",5) == 0))
+               {
+                       /* used by pluto only */
+                       end->has_virt = TRUE;
+               }
+               else
+               {
+                       ip_subnet net;
+                       char *pos;
+                       int len = 0;
+                       
+                       end->has_client = TRUE;
+                       conn->tunnel_addr_family = ip_version(value);
+                       
+                       pos = strchr(value, ',');
+                       if (pos)
+                       {
+                               len = pos - value;
+                       }
+                       ugh = ttosubnet(value, len, ip_version(value), &net);
+                       if (ugh != NULL)
+                       {
+                               plog("# bad subnet: %s=%s [%s]", name, value, ugh);
+                               goto err;
+                       }
+               }
+               break;
+       case KW_SOURCEIP:
+               if (end->has_natip)
+               {
+                       plog("# natip and sourceip cannot be defined at the same time");
+                       goto err;
+               }
+               if (streq(value, "%modeconfig") || streq(value, "%modecfg") ||
+                       streq(value, "%config") || streq(value, "%cfg"))
+               {
+                       end->modecfg = TRUE;
+               }
+               else
+               {
+                       ip_address addr;
+                       ip_subnet net;
+               
+                       conn->tunnel_addr_family = ip_version(value);
+                       if (strchr(value, '/'))
+                       {       /* CIDR notation, address pool */
+                               ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &net);
+                       }
+                       else if (value[0] != '%')
+                       {       /* old style fixed srcip, a %poolname otherwise */
+                               ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &addr);
+                       }
+                       if (ugh != NULL)
+                       {
+                               plog("# bad addr: %s=%s [%s]", name, value, ugh);
+                               goto err;
+                       }
+               }
+               conn->policy |= POLICY_TUNNEL;
+               break;
+       case KW_SENDCERT:
                if (end->sendcert == CERT_YES_SEND)
+               {
                        end->sendcert = CERT_ALWAYS_SEND;
+               }
                else if (end->sendcert == CERT_NO_SEND)
+               {
                        end->sendcert = CERT_NEVER_SEND;
+               }
+               break;
+       default:
+               break;
        }
 
        if (assigned)
                return;
 
+       /* individual processing of keywords that were not assigned automatically */
        switch (token)
        {
        case KW_HOST:
@@ -242,35 +314,6 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
                        goto err;
                }
                break;
-       case KW_SUBNET:
-               if ((strlen(value) >= 6 && strncmp(value,"vhost:",6) == 0)
-               ||  (strlen(value) >= 5 && strncmp(value,"vnet:",5) == 0))
-               {
-                       end->virt = clone_str(value, "virt");
-               }
-               else
-               {
-                       ip_subnet net;
-                       char *pos;
-                       int len = 0;
-                       
-                       end->has_client = TRUE;
-                       conn->tunnel_addr_family = ip_version(value);
-                       
-                       pos = strchr(value, ',');
-                       if (pos)
-                       {
-                               len = pos - value;
-                       }
-                       ugh = ttosubnet(value, len, ip_version(value), &net);
-                       if (ugh != NULL)
-                       {
-                               plog("# bad subnet: %s=%s [%s]", name, value, ugh);
-                               goto err;
-                       }
-                       end->subnet = clone_str(value, "subnet");
-               }
-               break;
        case KW_SUBNETWITHIN:
        {
                ip_subnet net;
@@ -292,40 +335,6 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
                ugh = ttoprotoport(value, 0, &end->protocol, &end->port, &has_port_wildcard);
                end->has_port_wildcard = has_port_wildcard;
                break;
-       case KW_SOURCEIP:
-               if (end->has_natip)
-               {
-                       plog("# natip and sourceip cannot be defined at the same time");
-                       goto err;
-               }
-               if (streq(value, "%modeconfig") || streq(value, "%modecfg") ||
-                       streq(value, "%config") || streq(value, "%cfg"))
-               {
-                       end->modecfg = TRUE;
-               }
-               else
-               {
-                       ip_address addr;
-                       ip_subnet net;
-               
-                       conn->tunnel_addr_family = ip_version(value);
-                       if (strchr(value, '/'))
-                       {       /* CIDR notation, address pool */
-                               ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &net);
-                       }
-                       else if (value[0] != '%')
-                       {       /* old style fixed srcip, a %poolname otherwise */
-                               ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &addr);
-                       }
-                       if (ugh != NULL)
-                       {
-                               plog("# bad addr: %s=%s [%s]", name, value, ugh);
-                               goto err;
-                       }
-                       end->srcip = clone_str(value, "srcip");
-               }
-               conn->policy |= POLICY_TUNNEL;
-               break;
        case KW_NATIP:
                if (end->srcip)
                {
@@ -848,12 +857,6 @@ free_also(also_t *head)
 static void
 confread_free_conn(starter_conn_t *conn)
 {
-       pfree(conn->left.subnet);
-       pfree(conn->right.subnet);
-       pfree(conn->left.virt);
-       pfree(conn->right.virt);
-       pfree(conn->left.srcip);
-       pfree(conn->right.srcip);
        free_args(KW_END_FIRST, KW_END_LAST,  (char *)&conn->left);
        free_args(KW_END_FIRST, KW_END_LAST,  (char *)&conn->right);
        free_args(KW_CONN_NAME, KW_CONN_LAST, (char *)conn);
index d7e8ec3..d7b2752 100644 (file)
@@ -70,6 +70,7 @@ struct starter_end {
        bool            has_client_wildcard;
        bool            has_port_wildcard;
        bool            has_natip;
+       bool            has_virt;
        bool            modecfg;
        certpolicy_t    sendcert;
        bool            firewall;
@@ -79,7 +80,6 @@ struct starter_end {
        char            *updown;
        u_int16_t       port;
        u_int8_t        protocol;
-       char            *virt;
        char            *srcip;
 };
 
index 4535a58..0c86d09 100644 (file)
@@ -197,7 +197,13 @@ set_whack_end(whack_end_t *w, starter_end_t *end, sa_family_t family)
        ttosubnet(end->subnet, len, ip_version(end->subnet), &w->client);
     }
     else
+    {
+       if (end->has_virt)
+       {
+           w->virt = end->subnet;
+       }
        w->client.addr.u.v4.sin_family = addrtypeof(&w->host_addr);
+    }
 
     w->has_client_wildcard = end->has_client_wildcard;
     w->has_port_wildcard   = end->has_port_wildcard;
@@ -210,7 +216,6 @@ set_whack_end(whack_end_t *w, starter_end_t *end, sa_family_t family)
     w->host_port           = IKE_UDP_PORT;
     w->port                = end->port;
     w->protocol            = end->protocol;
-    w->virt                = end->virt;
 
     if (w->port != 0)
     {