As specified by RFC 7296, section 2.6, the data associated with COOKIE
notifications MUST be between 1 and 64 octets in length (inclusive).
Fixes#3160.
The compiler complains that "taking address of packed member ... of
class or structure 'ip6_hdr' may result in an unaligned pointer value".
We don't care if the address is aligned as we explicitly use untoh16()
to convert the read value.
BSD make only evaluates $< for implicit rules, so building from the
repository won't work unless GNU make is installed and used, or we
replace affected uses like this.
No idea when exactly this happens but on many Huawei devices (and
only on them) it seems that onStartListening is sometimes called after
onDestroy i.e. when the database was already closed. This caused an
InvalidStateException in getProfile via updateTile when retrieving the
current profile. It's possible that it happens during shutdown (there
have been similar reports related to TileService implementations) so
users might not even notice, but it pollutes the Play Console, so this
workaround now makes sure the database is open when updateTile is called.
When missing gperf, the redirection generates an empty file, which must
be manually removed after gperf has been installed. This is difficult
to diagnose, as the produced build error is cryptic.
Use --output-file of gperf instead to avoid creating an empty file if
gperf is missing. This still requires the user to re-run ./configure
after installing gperf, though.
Compiling with GCC 9.1, as e.g. happens on AppVeyor, results in the
following warning:
asn1/asn1.c: In function 'asn1_integer':
asn1/asn1.c:871:24: error: '<Ucb40>' may be used uninitialized in this function [-Werror=maybe-uninitialized]
871 | len = content.len + ((*content.ptr & 0x80) ? 1 : 0);
| ^~~~~~~~~~~~
Some experiments showed that the problem was the chunk_from_chars()
assignment. This might be because the temporary chunk_t that was assigned
to the variable was defined in a sub-block, so it might actually be
undefined later when *content.ptr is read.
This allows using the certificate, which is technically a CA cert, as
end-entity certificate again after the RFC4945-related changes added
with 5.6.3.
Fixes#3139.
Each private key object created to access a key residing in a TPM 2.0
creates a context structure used for communication with the TSS.
When multiple IKE SAs are established at the same time and using the
same private key, it is possible to make concurrent calls to the
TSS with the same context which results in multiple threads writing
to the same place in memory causing undefined behaviour.
Fix this by protecting calls to the TSS with a mutex unique for
each TPM 2.0 context object.
By default, charon and its derivatives internally handle the SIGSEGV,
SIGILL, and SIGBUS signals raised by threads (segv_handler). Add a compile
option so that the signal handling can optionally be done externally.
Closesstrongswan/strongswan#132.
If CHILD_SAs are created while waiting for the third QM message we'd not
notice the redundancy and updown events would be triggered unevenly.
This is consistent with the behavior on the initiator, which already does
this check right before installation. Moving the existing check is not
possible due to the narrow hook and moving the installation changes which
peer installs the SAs first and could have other side-effects (e.g. in
error or conflict cases). Still, this might result in CHILD_SA state
discrepancies between the two peers.
Fixes#3060.
If the key type was specified but the ID was NULL or matched a subject, it
was possible that a certificate was returned that didn't actually match
the requested key type.
Closesstrongswan/strongswan#141.
Checking specifically for /proc/net/pfkey is not ideal as af_key will
eventually be removed in Linux kernels. Support for KLIPS is long gone.
The detection also wasn't used for anything anymore (failures were just
ignored since the ports to BSD-based systems). And modprobing doesn't seem
to be necessary either (charon-systemd doesn't do that, for instance).
Usually, changing this won't be necessary (actually, some plugins
specifically use different DRGBs for RNG_WEAK in order to separate
the public nonces from random data used for e.g. DH).
But for experts with special plugin configurations this might be
more flexible and avoids code changes.
Also expose a method to call arbitrary commands, which allows calling not
yet wrapped commands. Exceptions are raised for all commands if the response
includes a negative "success" key (similar to how it's done in the Python
bindings).