This way we can use the IKE_REKEYED state for both redundant and old SAs
to suppress ike_updown().
In the ike-delete task we don't suppress events in state IKE_REKEYING as
that's the case when we delete an SA the peer is currently rekeying with
multiple key exchanges.
This gives us more flexibility with tasks that return NEED_MORE (currently
none of the colliding tasks do, but that will change with multi-KE
rekeyings). The active task has to check itself if the passive task is
done and should be removed from the task manager.
Since f67199378df9 ("ike-rekey: Handle undetected collisions also if
delete is delayed") we only ever track tasks of type TASK_IKE_REKEY, so
there is no need to check the type or use the generic task_t interface.
Also changed some of the comments to clarify collision handling.
If the peer successfully rekeyed the SA it gets marked as IKE_REKEYED
and it remains until the peer deletes it (or a timeout). There is no
point in rekeying such SAs again.
IKE_REKEYING will be relevant if we have multi-KE rekeyings and are
waiting for followup key exchanges for a passive rekeying.
This avoids the use of a variable length array, which should probably
be avoided in general due to potential performance, portability and
security issues (not in this particular case, though).
Closesstrongswan/strongswan#1095
The compiler warned that a dangling pointer might be used because `name`,
which is returned from the function via `ima_name`, might point into the
locally determined `uri`. Determining the URI outside and passing it to
the function fixes this.
GCC assumes this->b is zero (or may be zero) and spits out the following
warning (or error with -Werror):
src/libstrongswan/plugins/fips_prf/fips_prf.c:124:12: error: array subscript 18446744073709551615 is above array bounds of ‘uint8_t[<U8090>]’ {aka ‘unsigned char[<U8090>]’} [-Werror=array-bounds]
124 | one[this->b - 1] = 0x01;
| ~~~^~~~~~~~~~~~~
Even though the assignment of `removed` to `out_row` is tied to the
`found_removed` flag, which is only set if `removed` is set, the
compiler complains that it may be used uninitialized.
GCC 12 produces weird code when a callback is called directly (e.g.
parse_bool() via parse_option() in vici_config.c). Instead of the actual
pointer, it explicitly passes 0 as first argument, which likely causes
a segmentation fault. It doesn't happen when called indirectly via
function pointer that has void* as first argument, which this patch
kinda replicates for direct calls to avoid the issue.
Closesstrongswan/strongswan#1053
These only apply to the usage reports that are available via
`stroke memusage`, not to leak reports when executables are terminated,
which always include all non-whitelisted leaks.
This should make it clearer to what the log messages generated by
verify_trust_chain() are related (in particular if building the chain
fails or the cert has expired).
The TCG TNC IF-M Segmentation standard was implemented based on a
draft version. The attribute names are updated to comply with the
final TCG IF-M Segmentation Specification Version 1.0 Rev. 5
dated 4 April 2016
Adds support for GTK 4. Two versions of the UI are built as shared
objects, the plugin dynamically loads and instantiates the appropriate one
based on the determined GTK version.
Closesstrongswan/strongswan#961
GTK4 does not support buttons at the bottom, so we put them in a header
bar, which is the preferred layout by current desktop environments. And
while it doesn't look ideal on older desktops, it also works with GTK3
and changing it avoids having to maintain multiple UI files.
Note that this layout is not supported by glade, so we generally can't
use it to edit the GUI anymore (it also doesn't support GTK4 in general).
Remove outbound SA and policy of rekeyed CHILD_SA since only one is valid.
Otherwise, during update-SA job (when NAT mapping changed), CHILD_SA are
updated and installed one by one, leaving a window where old SAs are being
used. There are also circumstances where the new SA is not processed last.
Closesstrongswan/strongswan#1041
