From 49efd9a4da061812bda02beecc4a38979acd4d4b Mon Sep 17 00:00:00 2001 From: thorpej Date: Fri, 4 Aug 2000 00:25:04 +0000 Subject: Fix a bug where the parser would fail if a keylength was not explicitly specified in a Phase-1 proposal statement. Patch sent to sakane@kame.net. --- security/racoon/patches/patch-ae | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 security/racoon/patches/patch-ae (limited to 'security/racoon/patches') diff --git a/security/racoon/patches/patch-ae b/security/racoon/patches/patch-ae new file mode 100644 index 00000000000..cf2ab7f01a9 --- /dev/null +++ b/security/racoon/patches/patch-ae @@ -0,0 +1,37 @@ +$NetBSD: patch-ae,v 1.1 2000/08/04 00:25:06 thorpej Exp $ +--- cfparse.y.orig Thu Aug 3 16:14:39 2000 ++++ cfparse.y Thu Aug 3 16:19:14 2000 +@@ -1107,6 +1107,7 @@ + | ALGORITHM_CLASS ALGORITHMTYPE keylength EOS + { + int doi; ++ int defklen; + + doi = algtype2doi($1, $2); + if (doi == -1) { +@@ -1116,9 +1117,22 @@ + switch ($1) { + case algclass_isakmp_enc: + prhead->spspec->algclass[algclass_isakmp_enc] = doi; +- if (check_keylen($1, $2, $3) == -1) +- return -1; +- prhead->spspec->encklen = $3; ++ defklen = default_keylen($1, $2); ++ if (defklen == 0) { ++ if ($3) { ++ yyerror("keylen not allowed"); ++ return -1; ++ } ++ } else { ++ if ($3 && check_keylen($1, $2, $3) < 0) { ++ yyerror("invalid keylen %d", $3); ++ return -1; ++ } ++ } ++ if ($3) ++ prhead->spspec->encklen = $3; ++ else ++ prhead->spspec->encklen = defklen; + break; + case algclass_isakmp_hash: + prhead->spspec->algclass[algclass_isakmp_hash] = doi; -- cgit v1.2.3