aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/libcharon/plugins/load_tester/load_tester_config.c74
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.c1
-rw-r--r--src/libhydra/attributes/mem_pool.c51
-rw-r--r--src/libhydra/attributes/mem_pool.h10
-rw-r--r--src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c2
5 files changed, 119 insertions, 19 deletions
diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c
index 52afe1b0a..744eda58f 100644
--- a/src/libcharon/plugins/load_tester/load_tester_config.c
+++ b/src/libcharon/plugins/load_tester/load_tester_config.c
@@ -205,31 +205,75 @@ static bool equals(host_t *a, host_t *b)
*/
static void load_addrs(private_load_tester_config_t *this)
{
- enumerator_t *enumerator;
- host_t *net;
+ enumerator_t *enumerator, *tokens;
+ host_t *from, *to;
int bits;
- char *iface, *cidr;
+ char *iface, *token, *pos;
mem_pool_t *pool;
-
this->prefix = lib->settings->get_int(lib->settings,
"%s.plugins.load-tester.addrs_prefix", 16, charon->name);
enumerator = lib->settings->create_key_value_enumerator(lib->settings,
"%s.plugins.load-tester.addrs", charon->name);
- while (enumerator->enumerate(enumerator, &iface, &cidr))
+ while (enumerator->enumerate(enumerator, &iface, &token))
{
- net = host_create_from_subnet(cidr, &bits);
- if (net)
- {
- DBG1(DBG_CFG, "loaded load-tester addresses %s", cidr);
- pool = mem_pool_create(iface, net, bits);
- net->destroy(net);
- this->pools->insert_last(this->pools, pool);
- }
- else
+ tokens = enumerator_create_token(token, ",", " ");
+ while (tokens->enumerate(tokens, &token))
{
- DBG1(DBG_CFG, "parsing load-tester addresses %s failed", cidr);
+ pos = strchr(token, '-');
+ if (pos)
+ { /* range */
+ *(pos++) = '\0';
+ /* trim whitespace */
+ while (*pos == ' ')
+ {
+ pos++;
+ }
+ while (token[strlen(token) - 1] == ' ')
+ {
+ token[strlen(token) - 1] = '\0';
+ }
+ from = host_create_from_string(token, 0);
+ to = host_create_from_string(pos, 0);
+ if (from && to)
+ {
+ pool = mem_pool_create_range(iface, from, to);
+ if (pool)
+ {
+ DBG1(DBG_CFG, "loaded load-tester address range "
+ "%H-%H on %s", from, to, iface);
+ this->pools->insert_last(this->pools, pool);
+ }
+ from->destroy(from);
+ to->destroy(to);
+ }
+ else
+ {
+ DBG1(DBG_CFG, "parsing load-tester address range %s-%s "
+ "failed, skipped", token, pos);
+ DESTROY_IF(from);
+ DESTROY_IF(to);
+ }
+ }
+ else
+ { /* subnet */
+ from = host_create_from_subnet(token, &bits);
+ if (from)
+ {
+ DBG1(DBG_CFG, "loaded load-tester address pool %H/%d on %s",
+ from, bits, iface);
+ pool = mem_pool_create(iface, from, bits);
+ from->destroy(from);
+ this->pools->insert_last(this->pools, pool);
+ }
+ else
+ {
+ DBG1(DBG_CFG, "parsing load-tester address %s failed, "
+ "skipped", token);
+ }
+ }
}
+ tokens->destroy(tokens);
}
enumerator->destroy(enumerator);
}
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index eb642109b..39e4cad20 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -431,6 +431,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
{
case AUTH_PSK:
case AUTH_XAUTH_INIT_PSK:
+ case AUTH_XAUTH_RESP_PSK:
{ /* SKEYID = prf(pre-shared-key, Ni_b | Nr_b) */
chunk_t psk;
if (!shared_key)
diff --git a/src/libhydra/attributes/mem_pool.c b/src/libhydra/attributes/mem_pool.c
index f9225f68d..c82b1d02f 100644
--- a/src/libhydra/attributes/mem_pool.c
+++ b/src/libhydra/attributes/mem_pool.c
@@ -513,12 +513,11 @@ METHOD(mem_pool_t, destroy, void,
}
/**
- * Described in header
+ * Generic constructor
*/
-mem_pool_t *mem_pool_create(char *name, host_t *base, int bits)
+static private_mem_pool_t *create_generic(char *name)
{
private_mem_pool_t *this;
- int addr_bits;
INIT(this,
.public = {
@@ -538,6 +537,18 @@ mem_pool_t *mem_pool_create(char *name, host_t *base, int bits)
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
);
+ return this;
+}
+
+/**
+ * Described in header
+ */
+mem_pool_t *mem_pool_create(char *name, host_t *base, int bits)
+{
+ private_mem_pool_t *this;
+ int addr_bits;
+
+ this = create_generic(name);
if (base)
{
addr_bits = base->get_family(base) == AF_INET ? 32 : 128;
@@ -563,3 +574,37 @@ mem_pool_t *mem_pool_create(char *name, host_t *base, int bits)
return &this->public;
}
+/**
+ * Described in header
+ */
+mem_pool_t *mem_pool_create_range(char *name, host_t *from, host_t *to)
+{
+ private_mem_pool_t *this;
+ chunk_t fromaddr, toaddr;
+ u_int32_t diff;
+
+ fromaddr = from->get_address(from);
+ toaddr = to->get_address(to);
+
+ if (from->get_family(from) != to->get_family(to) ||
+ fromaddr.len != toaddr.len || fromaddr.len < sizeof(diff) ||
+ memcmp(fromaddr.ptr, toaddr.ptr, toaddr.len) > 0)
+ {
+ DBG1(DBG_CFG, "invalid IP address range: %H-%H", from, to);
+ return NULL;
+ }
+ if (fromaddr.len > sizeof(diff) &&
+ !chunk_equals(chunk_create(fromaddr.ptr, fromaddr.len - sizeof(diff)),
+ chunk_create(toaddr.ptr, toaddr.len - sizeof(diff))))
+ {
+ DBG1(DBG_CFG, "IP address range too large: %H-%H", from, to);
+ return NULL;
+ }
+ this = create_generic(name);
+ this->base = from->clone(from);
+ diff = untoh32(toaddr.ptr + toaddr.len - sizeof(diff)) -
+ untoh32(fromaddr.ptr + fromaddr.len - sizeof(diff));
+ this->size = diff + 1;
+
+ return &this->public;
+}
diff --git a/src/libhydra/attributes/mem_pool.h b/src/libhydra/attributes/mem_pool.h
index f273b18e9..7347bb547 100644
--- a/src/libhydra/attributes/mem_pool.h
+++ b/src/libhydra/attributes/mem_pool.h
@@ -133,4 +133,14 @@ struct mem_pool_t {
*/
mem_pool_t *mem_pool_create(char *name, host_t *base, int bits);
+/**
+ * Create an in-memory IP address from a range.
+ *
+ * @param name name of this pool
+ * @param from start of ranged pool
+ * @param to end of ranged pool
+ * @return memory pool instance, NULL if range invalid
+ */
+mem_pool_t *mem_pool_create_range(char *name, host_t *from, host_t *to);
+
#endif /** MEM_POOL_H_ @} */
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
index b6df9879c..3e0725a35 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
@@ -1760,7 +1760,7 @@ METHOD(kernel_net_t, add_ip, status_t,
/* during IKEv1 reauthentication, children get moved from
* old the new SA before the virtual IP is available. This
* kills the route for our virtual IP, reinstall. */
- queue_route_reinstall(this, entry->iface->ifname);
+ queue_route_reinstall(this, strdup(entry->iface->ifname));
return SUCCESS;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-19 10:36:05 +0000