| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
In some situations we expect strongswan.conf to not exist, for instance,
when running the unit tests before installation.
|
| |
|
|
| |
Closes #539.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A valgrind analysis of libstrongswan revealed an invalid read of 1 in
the function starts_with(). A more thorough analysis proved this to be
true and showed that with a specially crafted config file (e.g. a single
'#'-character not followed by a newline), the parser might even
interpret the random memory contents following the allocated buffer as
part of the configuration file.
The way the parser is designed, it must be able to skip an inserted
'\0' and continue parsing. Since it is not able to skip two '\0'
characters, the 'fix' of allocating two more bytes than the size of the
parsed file and setting them to '\0' seems to be a safe bet.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
|
| | |
|
| |
|
|
|
|
|
|
| |
dirname(3) may return a pointer to a statically allocated buffer.
So freeing the returned value can result to undefined behavior. This was
noticed on FreeBSD where it caused very strange crashes.
It is also not thread-safe, which will be addressed later.
|
| | |
|
| |
|
|
|
|
| |
Is a bit more memory efficient (also due to lazy instantiation) and
lookups for sections with lots of subsections/keys (e.g. charon.plugins) are
faster.
|
| |
|
|
|
| |
The fallbacks are currently only used for single value lookups.
Enumerators are not affected by them.
|
| |
|
|
|
| |
The key to print (e.g. until the next .) still has to be
null-terminated.
|
| | |
|
| |
|
|
|
| |
The value is set only if it is not configured in strongswan.conf or has
not been set() otherwise.
|
| |
|
