| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous API of xfrmnl_sa_get_*_params() would always require
a @key buffer, but it was not possible to avoid buffer overflow
because the required size was unknown.
That is not really fixable, because the old API is broken.
Now, allow omitting the @key argument to only request the @key_size.
That allows the caller to ask beforehand how large the @key buffer
must be: ((@key_size + 7) / 8).
Unfortunately, omitting the key against previous versions of libnl
leads to a crash. And passing a key against older versions makes it
impossible to avoid buffer-overflow.
Another option would be to add functions like
xfrmnl_sa_get_crypto_params_keylen() so the user can query the required
buffer size by calling that instead of xfrmnl_sa_get_crypto_params().
However, then the user also requires a backport of the new API
and this will not be possible against older libnl3 versions either.
Thus, if the user already requires the fix, he can just as well
require a backport of this patch and then safely call xfrmnl_sa_get_crypto_params()
without @key argument. This way has the advantage/disadvantage, that
it can detect the presence of the patch at runtime.
The cumbersome way to get it right would be:
unsiged key_len;
char *key;
int r;
if (!nl_has_capability(17 /*NL_CAPABILITY_XFRM_SA_KEY_SIZE*/)) {
/* no way to use this API safely. Abort. */
return -NLE_OPNOTSUPP;
}
r = xfrmnl_sa_get_crypto_params(sa, NULL, &key_len, NULL);
if (r < 0)
return r;
key = malloc((key_len + 7) / 8);
if (!key)
return -NLE_NOMEM;
r = xfrmnl_sa_get_crypto_params(sa, NULL, &key_len, &key);
if (r < 0) {
free(key);
return r;
}
...
http://lists.infradead.org/pipermail/libnl/2016-June/002155.html
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
| |
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The kernel only uses the xfrm alg auth attribute if the xfrm alg auth
truncated attribute is not present. Hence sending both attributes in one
message does not make sense.
This piece of code also removes the call to nla_reserve in favor of the
NLA_PUT macro.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002139.html
|
| |
|
|
|
|
|
| |
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002141.html
|
| |
|
|
| |
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002140.html
|
| |
|
|
|
|
|
|
|
|
|
|
| |
All of these pointers are either strcpy'd or memcpy'd and usually const
in a calling application. Changing them to const in the header does not
break the compatibility and allows for users with const pointers to use
the library without compiler warnings.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002137.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the parameter alg_name points to a string longer then what libnl
accepts as alg_name, the call to strcpy may write far beyond the
particular data structure.
Instead of truncating the string (using strncpy) this patch adds a check
and returns -1 for strings being longer than 63 bytes.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Fixes: 917154470895520a77f527343f3a0cc1605934b0
http://lists.infradead.org/pipermail/libnl/2016-May/002133.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A colleague of mine came to notice that -- when adding keys to the
xfrm-part of libnl -- memcpy is given newlen, which copies sizeof(struct
xfrmnl_...) plus keysize instead of only the keysize.
This patch uses a keysize parameter to only copy the required number of
bytes.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Fixes: 917154470895520a77f527343f3a0cc1605934b0
http://lists.infradead.org/pipermail/libnl/2016-May/002132.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lib/route/link.c already defines 32 attributes which fills the current
uint32_t used for ce_mask. To accommodate more attributes the mask needs
to be expanded. This patch updates the definition to uint64_t.
The nl_object_diff API is maintained for ABI with existing users. A new
nl_object_diff64 API is added for the expanded attribute list. The MSB
of the 32-bit API is used to indicate if higher order attributes had a
mismatch. (Suggested by Thomas).
Note that LINK_ATTR_LINK_NETNSID changes. But since the attribute flags
are not public API it shouldn't be a problem.
http://lists.infradead.org/pipermail/libnl/2015-December/002078.html
http://lists.infradead.org/pipermail/libnl/2015-December/002083.html
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
| |
nl_send_simple()
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If xfrmnl_sel_alloc() returns NULL, the daddr and saddr members are
still accessed, leading to a potential NULL dereference. The same is the
case for xfrmnl_user_tmpl_alloc(). Fix this by returning NULL right away
if allocation fails.
http://lists.infradead.org/pipermail/libnl/2015-May/001874.html
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
| |
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
|
| |
xfrmnl_ae_parse()
fix : err = -ENOMEM if calloc() failed
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
|
| |
sp->sec_ctx->ctx is a zero-length member, so it's already allocated
https://github.com/thom311/libnl/pull/61
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
| |
Cc: Sruthi Yellamraju <ysruthi@gmail.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
| |
$ sed -i 's/^\([\t ]\+\<__ADD\> \?([^)]\+)\) *$/\1,/' `git grep -w -l __ADD`
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This fixes compile warnings like this:
xfrm/sp.c: In function 'xfrm_sp_dump_line':
xfrm/sp.c:346:3: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 3 has type 'uint64_t' [-Wformat=]
sprintf (dir, "%llu", sp->lft->soft_byte_limit);
Cc: Thomas Haller <thaller@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
| |
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
Signed-off-by: Sruthi Yellamraju <ysruthi@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
