rpms-fedora-extras/strongswan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed initialization crash of IMV and IMC particularly

Browse Source 
attestation imv/imc as libstrongswas was not getting
  initialized.
This commit is contained in:
Avesh Agarwal
2013-09-12 13:18:45 -04:00
parent 5c3c2f4422
commit 764be31e95
2 changed files with 153 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
imcv-initialization-crash-git-5ec08.patch Normal file
View File

@@ -0,0 +1,145 @@
diff -urNp strongswan-5.1.0/src/libimcv/plugins/imv_os/imv_os_agent.c strongswan-5.1.0-test/src/libimcv/plugins/imv_os/imv_os_agent.c
--- strongswan-5.1.0/src/libimcv/plugins/imv_os/imv_os_agent.c 2013-07-04 15:55:16.000000000 -0400
+++ strongswan-5.1.0-test/src/libimcv/plugins/imv_os/imv_os_agent.c 2013-09-11 15:39:04.263741942 -0400
@@ -779,6 +779,14 @@ imv_agent_if_t *imv_os_agent_create(cons
TNC_Version *actual_version)
{
private_imv_os_agent_t *this;
+ imv_agent_t *agent;
+
+ agent = imv_agent_create(name, msg_types, countof(msg_types), id,
+ actual_version);
+ if (!agent)
+ {
+ return NULL;
+ }
INIT(this,
.public = {
@@ -790,16 +798,10 @@ imv_agent_if_t *imv_os_agent_create(cons
.solicit_recommendation = _solicit_recommendation,
.destroy = _destroy,
},
- .agent = imv_agent_create(name, msg_types, countof(msg_types), id,
- actual_version),
+ .agent = agent,
.db = imv_os_database_create(imcv_db),
);
- if (!this->agent)
- {
- destroy(this);
- return NULL;
- }
return &this->public;
}
diff -urNp strongswan-5.1.0/src/libimcv/plugins/imv_test/imv_test_agent.c strongswan-5.1.0-test/src/libimcv/plugins/imv_test/imv_test_agent.c
--- strongswan-5.1.0/src/libimcv/plugins/imv_test/imv_test_agent.c 2013-06-21 17:27:07.000000000 -0400
+++ strongswan-5.1.0-test/src/libimcv/plugins/imv_test/imv_test_agent.c 2013-09-11 15:39:04.263741942 -0400
@@ -296,6 +296,14 @@ imv_agent_if_t *imv_test_agent_create(co
TNC_Version *actual_version)
{
private_imv_test_agent_t *this;
+ imv_agent_t *agent;
+
+ agent = imv_agent_create(name, msg_types, countof(msg_types), id,
+ actual_version);
+ if (!agent)
+ {
+ return NULL;
+ }
INIT(this,
.public = {
@@ -307,15 +315,9 @@ imv_agent_if_t *imv_test_agent_create(co
.solicit_recommendation = _solicit_recommendation,
.destroy = _destroy,
},
- .agent = imv_agent_create(name, msg_types, countof(msg_types), id,
- actual_version),
+ .agent = agent,
);
- if (!this->agent)
- {
- destroy(this);
- return NULL;
- }
return &this->public;
}
diff -urNp strongswan-5.1.0/src/libpts/plugins/imc_attestation/imc_attestation.c strongswan-5.1.0-test/src/libpts/plugins/imc_attestation/imc_attestation.c
--- strongswan-5.1.0/src/libpts/plugins/imc_attestation/imc_attestation.c 2013-05-14 05:16:46.000000000 -0400
+++ strongswan-5.1.0-test/src/libpts/plugins/imc_attestation/imc_attestation.c 2013-09-11 15:39:04.264741942 -0400
@@ -71,11 +71,6 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID
DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
- if (!pts_meas_algo_probe(&supported_algorithms) ||
- !pts_dh_group_probe(&supported_dh_groups))
- {
- return TNC_RESULT_FATAL;
- }
imc_attestation = imc_agent_create(imc_name, msg_types, countof(msg_types),
imc_id, actual_version);
if (!imc_attestation)
@@ -83,6 +78,13 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID
return TNC_RESULT_FATAL;
}
+ if (!pts_meas_algo_probe(&supported_algorithms) ||
+ !pts_dh_group_probe(&supported_dh_groups))
+ {
+ imc_attestation->destroy(imc_attestation);
+ imc_attestation = NULL;
+ return TNC_RESULT_FATAL;
+ }
libpts_init();
if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1)
diff -urNp strongswan-5.1.0/src/libpts/plugins/imv_attestation/imv_attestation_agent.c strongswan-5.1.0-test/src/libpts/plugins/imv_attestation/imv_attestation_agent.c
--- strongswan-5.1.0/src/libpts/plugins/imv_attestation/imv_attestation_agent.c 2013-07-10 05:00:34.000000000 -0400
+++ strongswan-5.1.0-test/src/libpts/plugins/imv_attestation/imv_attestation_agent.c 2013-09-11 15:39:04.264741942 -0400
@@ -565,8 +565,16 @@ imv_agent_if_t *imv_attestation_agent_cr
TNC_Version *actual_version)
{
private_imv_attestation_agent_t *this;
+ imv_agent_t *agent;
char *hash_alg, *dh_group, *cadir;
+ agent = imv_agent_create(name, msg_types, countof(msg_types), id,
+ actual_version);
+ if (!agent)
+ {
+ return NULL;
+ }
+
hash_alg = lib->settings->get_str(lib->settings,
"libimcv.plugins.imv-attestation.hash_algorithm", "sha256");
dh_group = lib->settings->get_str(lib->settings,
@@ -584,8 +592,7 @@ imv_agent_if_t *imv_attestation_agent_cr
.solicit_recommendation = _solicit_recommendation,
.destroy = _destroy,
},
- .agent = imv_agent_create(name, msg_types, countof(msg_types), id,
- actual_version),
+ .agent = agent,
.supported_algorithms = PTS_MEAS_ALGO_NONE,
.supported_dh_groups = PTS_DH_GROUP_NONE,
.pts_credmgr = credential_manager_create(),
@@ -595,8 +602,7 @@ imv_agent_if_t *imv_attestation_agent_cr
libpts_init();
- if (!this->agent ||
- !pts_meas_algo_probe(&this->supported_algorithms) ||
+ if (!pts_meas_algo_probe(&this->supported_algorithms) ||
!pts_dh_group_probe(&this->supported_dh_groups) ||
!pts_meas_algo_update(hash_alg, &this->supported_algorithms) ||
!pts_dh_group_update(dh_group, &this->supported_dh_groups))
@@ -613,4 +619,3 @@ imv_agent_if_t *imv_attestation_agent_cr
return &this->public;
}
-

9
strongswan.spec
View File

@@ -9,7 +9,7 @@
Name: strongswan Name: strongswan
Version: 5.1.0 Version: 5.1.0
Release: 2%{?dist} Release: 3%{?dist}
Summary: An OpenSource IPsec-based VPN Solution Summary: An OpenSource IPsec-based VPN Solution
Group: System Environment/Daemons Group: System Environment/Daemons
License: GPLv2+ License: GPLv2+
@@ -19,6 +19,7 @@ Patch0: strongswan-init.patch
Patch1: strongswan-pts-ecp-disable.patch Patch1: strongswan-pts-ecp-disable.patch
Patch2: libstrongswan-plugin.patch Patch2: libstrongswan-plugin.patch
Patch3: libstrongswan-settings-debug.patch Patch3: libstrongswan-settings-debug.patch
Patch4: imcv-initialization-crash-git-5ec08.patch
BuildRequires: gmp-devel BuildRequires: gmp-devel
BuildRequires: libcurl-devel BuildRequires: libcurl-devel
@@ -79,6 +80,7 @@ implementation possessing a standard IF-IMC/IMV interface.
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1
echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora
@@ -317,6 +319,11 @@ fi
%changelog %changelog
* Thu Sep 12 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.1.0-3
- Fixed initialization crash of IMV and IMC particularly
attestation imv/imc as libstrongswas was not getting
initialized.
* Fri Aug 30 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.1.0-2 * Fri Aug 30 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.1.0-2
- Enabled fips support - Enabled fips support
- Enabled TNC's ifmap support - Enabled TNC's ifmap support