This avoids the use of a variable length array, which should probably
be avoided in general due to potential performance, portability and
security issues (not in this particular case, though).
Closesstrongswan/strongswan#1095
The compiler warned that a dangling pointer might be used because `name`,
which is returned from the function via `ima_name`, might point into the
locally determined `uri`. Determining the URI outside and passing it to
the function fixes this.
GCC assumes this->b is zero (or may be zero) and spits out the following
warning (or error with -Werror):
src/libstrongswan/plugins/fips_prf/fips_prf.c:124:12: error: array subscript 18446744073709551615 is above array bounds of ‘uint8_t[<U8090>]’ {aka ‘unsigned char[<U8090>]’} [-Werror=array-bounds]
124 | one[this->b - 1] = 0x01;
| ~~~^~~~~~~~~~~~~
Even though the assignment of `removed` to `out_row` is tied to the
`found_removed` flag, which is only set if `removed` is set, the
compiler complains that it may be used uninitialized.
GCC 12 produces weird code when a callback is called directly (e.g.
parse_bool() via parse_option() in vici_config.c). Instead of the actual
pointer, it explicitly passes 0 as first argument, which likely causes
a segmentation fault. It doesn't happen when called indirectly via
function pointer that has void* as first argument, which this patch
kinda replicates for direct calls to avoid the issue.
Closesstrongswan/strongswan#1053
These only apply to the usage reports that are available via
`stroke memusage`, not to leak reports when executables are terminated,
which always include all non-whitelisted leaks.
This should make it clearer to what the log messages generated by
verify_trust_chain() are related (in particular if building the chain
fails or the cert has expired).
The TCG TNC IF-M Segmentation standard was implemented based on a
draft version. The attribute names are updated to comply with the
final TCG IF-M Segmentation Specification Version 1.0 Rev. 5
dated 4 April 2016
Adds support for GTK 4. Two versions of the UI are built as shared
objects, the plugin dynamically loads and instantiates the appropriate one
based on the determined GTK version.
Closesstrongswan/strongswan#961
GTK4 does not support buttons at the bottom, so we put them in a header
bar, which is the preferred layout by current desktop environments. And
while it doesn't look ideal on older desktops, it also works with GTK3
and changing it avoids having to maintain multiple UI files.
Note that this layout is not supported by glade, so we generally can't
use it to edit the GUI anymore (it also doesn't support GTK4 in general).
Remove outbound SA and policy of rekeyed CHILD_SA since only one is valid.
Otherwise, during update-SA job (when NAT mapping changed), CHILD_SA are
updated and installed one by one, leaving a window where old SAs are being
used. There are also circumstances where the new SA is not processed last.
Closesstrongswan/strongswan#1041
This ensures the plugin is available if AES-based PRFs could get used or
none of the third-party crypto plugins is enabled and it's required for
HMAC-based PRFs as well.
References strongswan/strongswan#1026
A recent security fix for Git added a fatal error if the directory that
contains the .git directory is not owned by the user that runs git in
that directory tree:
Determine strongSwan version fatal: unsafe repository ('...' is owned by someone else)
To avoid this, we call the git commands as owner of the source
directory (the script has to run as root, so this is no problem).
The user/group ID and name is now also determined via `stat(1)` so it
directly depends on the actual source dir and should work even when not
using sudo.
mallinfo() is deprecated because it uses `int` for the members of the
returned struct, whereas mallinfo2() uses `size_t`. It's available
since glibc 2.33.
The external-id parameter takes an int32 and the generated run_id was
apparently not valid lately, resulting in undocumented 404 errors when
submitting patches (the API endpoint probably doesn't like negative numbers
because the last accepted id was 2059658094, rejected ids were e.g.
2167472705 or 2168792083).
More of this code was already removed with previous commits.
While versions < 1.1.1 are not officially supported anymore, 1.0.2 might
still be in use because before 3.x that was the latest version with
official FIPS support (OpenSSL apparently also provides extended commercial
support for it).
