aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/utils
Commit message (Collapse)AuthorAgeFilesLines
...
* utils: Enable __atomic* built-ins based on the GCC versionTobias Brunner2014-05-041-0/+7
| | | | | | | | | | | This solves a problem with GNAT when compiling charon-tkm as __atomic* built-ins are only provided in GCC 4.7 and newer. Currently GNAT 4.6 and GCC 4.7.2 is shipped with Debian wheezy (stable), as used in the testing environment. So while the configure script correctly detected the __atomic* built-ins, and defined HAVE_GCC_ATOMIC_OPERATIONS, this define turned out to be incorrect when charon-tkm was later built with GNAT.
* utils: Use GCC's __atomic built-ins if availableTobias Brunner2014-04-242-3/+22
| | | | | | | | These are available since GCC 4.7 and will eventually replace the __sync operations. They support the memory model defined by C++11. For instance, by using __ATOMIC_RELAXED for some operations on the reference counters we can avoid memory barriers, which are required by __sync operations (whose memory model essentially is __ATOMIC_SEQ_CST).
* utils: Add ref_cur() to retrieve the current value of a reference counterTobias Brunner2014-04-242-3/+24
| | | | | | | | | | On many architectures it is safe to read the value directly (those using cache coherency protocols, and with atomic loads for 32-bit values) but it is not if that's not the case or if we ever decide to make refcount_t 64-bit (load not atomic on x86). So make sure the operation is actually atomic and that users do not have to care about the size of refcount_t.
* leak-detective: LEAK_DETECTIVE_DISABLE completely disables LDTobias Brunner2014-04-032-15/+18
| | | | | If lib->leak_detective is non-null some code parts (e.g. the plugin loader) assume LD is actually used.
* unit-tests: Always load address of testable functionsTobias Brunner2014-03-311-1/+1
| | | | | | | The addresses can actually change as plugins are loaded/unloaded for each test case. Fixes #551.
* settings: Reduce log verbosity if strongswan.conf does not existTobias Brunner2014-03-311-1/+10
| | | | | In some situations we expect strongswan.conf to not exist, for instance, when running the unit tests before installation.
* unit-tests: Implement registered functions without __builtin_apply()Tobias Brunner2014-03-201-17/+17
| | | | | This makes the tests work with clang, which does not implement said builtin.
* unit-tests: Prefix imported testable functions with TEST_Tobias Brunner2014-03-201-3/+3
| | | | This avoids any clashes with existing functions in the monolithic build.
* unit-tests: Change how hashtable for testable functions is createdTobias Brunner2014-03-202-19/+36
| | | | | | | | Because GCC does not adhere to the priorities defined for constructors when building with --enable-monolithic (not sure if it was just luck that it worked in non-monolithic mode - anyway, it's not very portable) function registration would fail because the hashtable would not be created yet.
* settings: Log all errors on level 1Tobias Brunner2014-03-041-4/+3
| | | | Closes #539.
* settings: Avoid conf file parsing beyond allocated bufferThomas Egerer2014-03-031-2/+2
| | | | | | | | | | | | | | | A valgrind analysis of libstrongswan revealed an invalid read of 1 in the function starts_with(). A more thorough analysis proved this to be true and showed that with a specially crafted config file (e.g. a single '#'-character not followed by a newline), the parser might even interpret the random memory contents following the allocated buffer as part of the configuration file. The way the parser is designed, it must be able to skip an inserted '\0' and continue parsing. Since it is not able to skip two '\0' characters, the 'fix' of allocating two more bytes than the size of the parsed file and setting them to '\0' seems to be a safe bet. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* utils: Add memrchr(3) replacement for platforms that don't support itTobias Brunner2014-02-262-1/+37
| | | | For instance, on Mac OS X memrchr(3) is not provided by the C library.
* settings: Use thread-safe dirname(3)Tobias Brunner2014-02-241-5/+3
|
* utils: Add thread-safe variants of dirname(3) and basename(3)Tobias Brunner2014-02-242-4/+88
|
* utils: Move thread-safe strerror replacement to a separate fileTobias Brunner2014-02-245-96/+139
| | | | | For some utils _GNU_SOURCE might be needed but that conflicts with the signature of strerror_r(3).
* settings: Use dirname(3) correctlyTobias Brunner2014-02-241-4/+4
| | | | | | | | dirname(3) may return a pointer to a statically allocated buffer. So freeing the returned value can result to undefined behavior. This was noticed on FreeBSD where it caused very strange crashes. It is also not thread-safe, which will be addressed later.
* Fixed some typosTobias Brunner2014-02-181-3/+3
|
* printf-hook-glibc: printf.h on FreeBSD 10 does not include stdargs.hTobias Brunner2014-02-131-1/+1
|
* settings: Add support to enumerate sections and key/value pairs with fallbacksTobias Brunner2014-02-122-35/+163
|
* settings: Implement subsections and key/value pairs with sorted arraysTobias Brunner2014-02-121-68/+74
| | | | | | Is a bit more memory efficient (also due to lazy instantiation) and lookups for sections with lots of subsections/keys (e.g. charon.plugins) are faster.
* lib: All settings use configured namespaceTobias Brunner2014-02-121-3/+3
|
* settings: Add method that allows to define fallback sections for other sectionsTobias Brunner2014-02-122-13/+167
| | | | | The fallbacks are currently only used for single value lookups. Enumerators are not affected by them.
* settings: Make print_key() not rely on null-terminated beginning of key bufferTobias Brunner2014-02-121-10/+5
| | | | | The key to print (e.g. until the next .) still has to be null-terminated.
* settings: Allow empty strings in section keyTobias Brunner2014-02-121-23/+31
|
* identification: Fix printing of empty RDNs on FreeBSDTobias Brunner2014-02-121-1/+6
| | | | On FreeBSD (null) is printed for NULL even if the precision is 0.
* leak_detective: Assign return value of realloc to bufThomas Egerer2014-02-101-1/+1
| | | | | | | If realloc return a pointer value different from the value to be reallocated, a double free can occur in this context. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* integrity-checker: Use chunk_map() instead of non-portable mmap()Martin Willi2014-01-231-31/+6
|
* chunk: Externalize error reporting in chunk_write()Martin Willi2014-01-232-11/+9
| | | | | This avoids passing that arbitrary label just for error messages, and gives greater flexibility in handling errors.
* chunk: Provide a fallback chunk_map() if mmap is not availableMartin Willi2014-01-231-1/+46
|
* chunk: Use dynamically allocated buffer in chunk_from_fd()Martin Willi2014-01-232-14/+46
| | | | | | | | When acting on files, we can use fstat() to estimate the buffer size. On non-file FDs, we dynamically increase an allocated buffer. Additionally we slightly change the function signature to properly handle zero-length files and add appropriate unit tests.
* chunk: Add functions to map file contents to a chunkMartin Willi2014-01-232-0/+106
|
* utils: Add strreplace functionTobias Brunner2014-01-232-2/+68
|
* agent: Keep CAP_DAC_OVERRIDE to connect to ssh-agent socketTobias Brunner2014-01-231-0/+3
| | | | This is also required if charon-cmd is used with capability dropping.
* printf-hook-builtin: Correctly calculate written bytes in print_in_hook()Martin Willi2014-01-151-3/+7
| | | | | | | | | | The hook data counts remaining buffer bytes, not used ones. Counting them correctly fixes a crash for long hexdumps. Further, print_in_hook() must return the number of bytes that would have been written, not the actually written bytes. This is important, as we allocate a dynamic buffer in bus that relies on the exact byte count. Fixes long hexdumps that got truncated.
* utils: Fix %T printf hook on big-endian systemsTobias Brunner2014-01-061-1/+1
| | | | | | | | The cast to a bool* cut of the actual value on big-endian systems if bool was shorter than int because the bool argument to printf gets promoted to an int. Fixes #479.
* unit-tests: Don't use priority for destructor that unregisters testable ↵Tobias Brunner2013-12-041-1/+6
| | | | | | | | | functions This fixes coverage reports, at least if leak detective is disabled. If it is enabled the plugins are not unloaded so the destructor is not executed until the process is destroyed, which seems not to be covered by gcov.
* unit-tests: Add facility to register testable functionsTobias Brunner2013-12-042-0/+141
| | | | | These can be defined in plugins, or other parts of the tested libraries. They can even be static.
* chunk: Fix signedness warnings caused by chunk_from_* macrosTobias Brunner2013-11-271-3/+3
| | | | | | There are countless other such warnings because e.g. chunk_create() is called with char*, but at least we prevent users from causing such warnings inadvertently when using these macros.
* printf-hook-builtin: Don't use %P to print uppercase hex pointersMartin Willi2013-11-201-6/+0
| | | | We use %P as custom printf specifier for proposals.
* backtrace: Support backtracing even if library is not initializedMartin Willi2013-11-061-2/+2
| | | | But of course backtracing must be initialized anyway using backtrace_init().
* leak-detective: Call {gm,local}time_r() to allocate static bufferMartin Willi2013-11-061-0/+5
| | | | | On OS X Mavericks, these functions use a static allocation and are hard to whitelist using other means.
* leak-detective: Register OS X specific hooks just onceMartin Willi2013-11-061-0/+7
| | | | | If we initialize libstrongswan more than once in the same process, we may not register the hooks twice.
* leak-detective: Reset leak list during cleanupMartin Willi2013-11-061-0/+1
| | | | This resets leak detective state should it get created/destroyed more than once.
* leak-detective: Use callback functions to report leaks and usage informationMartin Willi2013-11-063-45/+100
| | | | This is more flexible than printing reports to a FILE.
* identification: Properly check length before comparing for binary DN equalityMartin Willi2013-10-311-1/+1
| | | | Fixes CVE-2013-6075.
* utils: Include stdio.h for fmemopen() replacementTobias Brunner2013-10-291-0/+1
| | | | | This might now be required because Vstr is not necessarily required anymore, which means stdio.h might not be pulled in by prinf_hook.h.
* utils: Fix check for fmemopen() fallback implementationMartin Willi2013-10-242-2/+3
|
* printf-hook-builtin: Don't rely on isinf() return value signednessMartin Willi2013-10-241-8/+9
| | | | | Many systems don't return a negative value for negative infinities; so do a separate check.
* utils: Provide a fmemopen(3) fallback using BSD funopen()Martin Willi2013-10-242-0/+61
|
* chunk: Add helper function to create a chunk from data read from a file ↵Tobias Brunner2013-10-232-0/+40
| | | | descriptor
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 17:17:51 +0000