| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
By definition, m must be <= n-1, we didn't enforce that and because
mpz_export() returns NULL if the passed value is zero a crash could have
been triggered with m == n.
Fixes CVE-2017-11185.
|
| | |
|
| |
|
|
|
|
| |
This avoids having the last output in internal memory that's not wiped.
References #2388.
|
| |
|
|
|
|
|
| |
The buffer contains key material we handed out last and the seed can
contain the DH secret.
References #2388.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When requiring unique flags for CHILD_SAs, allow the configuration to
request different marks for each direction by using the %unique-dir keyword.
This is useful when different marks are desired for each direction but the
number of peers is not predefined.
An example use case is when implementing a site-to-site route-based VPN
without VTI devices.
A use of 0.0.0.0/0 - 0.0.0.0/0 traffic selectors with identical in/out marks
results in outbound traffic being wrongfully matched against the 'fwd'
policy - for which the underlay 'template' does not match - and dropped.
Using different marks for each direction avoids this issue as the 'fwd' policy
uses the 'in' mark will not match outbound traffic.
Closes strongswan/strongswan#78.
|
| |
|
|
|
| |
That's required when these are used as include paths in settings file
strings.
|
| |
|
|
| |
We currently don't have an RNG in Windows builds.
|
| | |
|
| |
|
|
| |
Otherwise this won't work if the certificate is only locally available.
|
| |
|
|
|
|
|
| |
The maximum number of redirects can be limited. The functionality can also
be disabled.
Fixes #2366.
|
| | |
|
| |
|
|
|
| |
The nonce value is encoded as OCTET STRING, however, the extension
values themselves must also be encoded as OCTET STRING.
|
| | |
|
| | |
|
| |
|
|
| |
Newer NDKs fail otherwise as there is no actual module anymore.
|
| | |
|
| | |
|
| |
|
|
| |
Fixes: CVE-2017-9023
|
| | |
|
| |
|
|
| |
Fixes: CVE-2017-9023
|
| |
|
|
|
|
|
|
|
| |
Unlike mpz_powm() its secure replacement mpz_powm_sec() has the additional
requirement that the exponent must be > 0 and the modulus has to be odd.
Otherwise, it will crash with a floating-point exception.
Fixes: CVE-2017-9022
Fixes: 3e35a6e7a1b0 ("Use side-channel secured mpz_powm_sec of libgmp 5, if available")
|
| | |
|
| | |
|
| |
|
|
| |
This avoids the unportable five pointer hack.
|
| |
|
|
| |
This avoids the unportable five pointer hack.
|
| | |
|
| |
|
|
|
| |
This avoids the unportable 5 pointer hack, but requires enumerating in
the callback.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This will allow us to implement e.g. enumerator_cleaner without having to
use that unportable 5 pointer forwarding or having to define a callback for
each instance.
A generic implementation for enumerate() is provided so only venumerate()
has to be implemented, which may be simplified by using the VA_ARGS_VGET()
macro.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
That's not correct Base64 but invalid data could trigger this. Since
outlen would get reduced four times, but is only ever increased three
times per iteration, this could result in an integer underflow and then
a potential buffer overflow.
|
| |
|
|
|
| |
This avoids evaluating %N. An alternative would be to define a printf-hook
for plugin features.
|
| |
|
|
| |
This avoids a warning about the custom %Y printf specifier.
|
| |
|
|
|
|
| |
This avoids the evaluation of %N even if the thread pool is never used.
We need to avoid as many custom printf specifiers as possible when
fuzzing our code to avoid excessive log messages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately, we can't just add the generated C file to the sources in
Makefile.am as the linker would remove that object file when it notices
that no symbol in it is ever referenced. So we include it in the file
that contains the library initialization, which will definitely be
referenced by the executable.
This allows building an almost stand-alone static version of e.g. charon
when building with `--enable-monolithic --enable-static --disable-shared`
(without `--disable-shared` libtool will only build a version that links
the libraries dynamically). External libraries (e.g. gmp or openssl) are
not linked statically this way, though.
|
| |
|
|
| |
Using a Python script so this works in cross-compilation situations.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enabled when building monolithically and statically.
This should allow us to work around the -whole-archive issue with
libtool. If the libraries register the plugin constructors they provide
they reference the constructors and will therefore prevent the linker from
removing these seemingly unused symbols from the final executable.
For use cases where dlsym() can be used, e.g. because the static libraries
are manually linked with -whole-archive (Linux) or -force-load (Apple),
this can be disabled by passing ss_cv_static_plugin_constructors=no to
the configure script.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Invert set enumeration order to first enumerate local and then global
credential sets.
|
| |
|
|
|
|
|
|
|
|
|
| |
While this API is documented as legacy (and there is a sysctl option to
disable it) the documentation also mentions that it will probably stay
enabled by default due to compatibility issues with existing applications.
With the previous approach only 255 devices could be opened then the
daemon had to be restarted.
Fixes #2313.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename the crypt() method to avoid conflict with POSIX crypt(). Fixes the
following build failure with musl libc:
In file included from ../../../../src/libstrongswan/utils/utils.h:53:0,
from ../../../../src/libstrongswan/library.h:101,
from af_alg_ops.h:24,
from af_alg_ops.c:16:
af_alg_ops.c:110:22: error: conflicting types for 'crypt'
METHOD(af_alg_ops_t, crypt, bool,
^
../../../../src/libstrongswan/utils/utils/object.h:99:13: note: in definition of macro 'METHOD'
static ret name(union {iface *_public; this;} \
^
In file included from af_alg_ops.c:18:0:
.../host/usr/x86_64-buildroot-linux-musl/sysroot/usr/include/unistd.h:144:7: note: previous declaration of 'crypt' was here
char *crypt(const char *, const char *);
^
Closes strongswan/strongswan#72.
|
| | |
|
