The values of `yytext` and `yyleng` might not be properly defined when
the error function is called (in particular if the lexer reached EOF).
While this might just cause non-printable characters in the output, it
could actually lead to a crash depending on where `yytext` points.
Closesstrongswan/strongswan#346.
Depending on from where bison is called, the file might not end up in
the same directory as the .y file, but the location of the Makefile.
This has been seen on FreeBSD.
There is a conflict between Flex's bison-bridge and Bison's api.prefix
options. Apparently, the former was added without consulting the Bison
devs and requires YYSTYPE, which is not added to the header anymore by
the latter. Instead, we just provide the proper definition of yyflex()
manually (as recommended by the Bison docs), so the option is not
required anymore.
BSD make only evaluates $< for implicit rules, so building from the
repository won't work unless GNU make is installed and used, or we
replace affected uses like this.
When missing gperf, the redirection generates an empty file, which must
be manually removed after gperf has been installed. This is difficult
to diagnose, as the produced build error is cryptic.
Use --output-file of gperf instead to avoid creating an empty file if
gperf is missing. This still requires the user to re-run ./configure
after installing gperf, though.
Checking specifically for /proc/net/pfkey is not ideal as af_key will
eventually be removed in Linux kernels. Support for KLIPS is long gone.
The detection also wasn't used for anything anymore (failures were just
ignored since the ports to BSD-based systems). And modprobing doesn't seem
to be necessary either (charon-systemd doesn't do that, for instance).
Because the file is not available on all platforms the inclusion comes
after the user options in order to disable including it. But that means
the inclusion also follows after the defined scanner states, which are
generated as simple #defines to numbers. If the included unistd.h e.g.
uses variables in function definitions with the same names this could
result in compilation errors.
Interactive mode has to be disabled too as it relies on isatty() from
unistd.h. Since we don't use the scanners interactively, this is not a
problem and might even make the scanners a bit faster.
Fixes#2806.
%unique (and the upcoming %same key) are usable in specific contexts only.
To restrict the user from using it in other places where it does not get the
expected results, reject such keywords unless explicitly allowed.
Stater will lose update/reload commands when there is a second signal
coming in when the previous is still processed. This can happen more
easily with big configurations.
Closesstrongswan/strongswan#101.
This patch allows for giving strongSwan only the runtime capabilities it
needs, rather than full root privileges.
Adds preprocessor directives which allow strongSwan to be configured to
1) start up as a non-root user
2) avoid modprobe()'ing IPsec kernel modules into the kernel, which
would normally require root or CAP_SYS_MODULE
Additionally, some small mods to charon/libstrongswan ensure that charon
fully supports starting as a non-root user.
Tested with strongSwan 5.5.3.
The fix for gperf in 0ae19f0ced added the generated header to
EXTRA_DIST but that's already added to the distribution because it is
contained in *_SOURCES, what was not added, though, was the .h.in file.
Also fixes the reference to the header file in the .c rule here and for
stroke in out-of-tree builds.
Fixes: 0ae19f0ced ("configure: Fix gperf length parameter determination")
Just rely on the default proposals by charon if nothing is defined. The
hard-coded IKE proposal used curve25519, which depends on an optional
plugin (while enabled by default it might still not be loaded, or, like
on Debian, shipped in an optional package). With charon's default
proposal only loaded algorithms are proposed for IKE avoiding this issue.
gperf is not actually a build dependency as the generated files are
shipped in the tarball. So the type depends on the gperf version on
the host that ran gperf and created the tarball, which might not be
the same as that on the actual build host, and gperf might not even
be installed there, leaving the type undetermined.
Fixes: e0e4322973 ("configure: Detect type of length parameter for gperf generated function")
We can't control which policies we flush, so if policies are installed
and used outside of strongSwan for other protocols we'd flush them too.
And if installpolicies=no is used we probably shouldn't flush policies
either. Luckily already existing policies are not treated as fatal
errors anymore, so not flushing policies should not be that much of an
issue (in case of a crash in dynamic setups, e.g. with virtual IPs,
policies could be left behind even after restarting the connections and
properly terminating the daemon).
The only purpose of starter is to control the IKE daemon, so we
terminate it if the daemon executable is not found (e.g. because
DAEMON_NAME is incorrect).
This removes the charonstart setting (it was not actually configurable
anymore).
Since the removal of pluto this is quite superfluous. The flag itself
might be useful to avoid starting charon if the executable does not
exist for some reason (e.g. if DAEMON_NAME is incorrect).
As we use libstrongswan and expect that it still works after the fork, we
can't just closefrom() all file descriptors. Watcher, for example, uses
a pipe to notify FDSET changes, which must be kept open.
Reverts 652ddf5ce2.
Tobias Brunner