]> git.ipfire.org Git - thirdparty/strongswan.git/commit
ipsec-types: Restrict the use of %unique and other keywords when parsing marks
authorMartin Willi <martin@strongswan.org>
Mon, 14 May 2018 11:42:53 +0000 (13:42 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 31 Aug 2018 10:26:40 +0000 (12:26 +0200)
commitebd2d3877e146ad128a06dcec9e8aa3ea85adffd
tree339d2a68f9fd31e12330db7c87792ab3022ab04d
parentb9aacf9adc96b11c6cd140e4e43a781a5c7a6304
ipsec-types: Restrict the use of %unique and other keywords when parsing marks

%unique (and the upcoming %same key) are usable in specific contexts only.
To restrict the user from using it in other places where it does not get the
expected results, reject such keywords unless explicitly allowed.
src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
src/libcharon/plugins/socket_default/socket_default_socket.c
src/libcharon/plugins/vici/vici_config.c
src/libstrongswan/ipsec/ipsec_types.c
src/libstrongswan/ipsec/ipsec_types.h
src/libstrongswan/tests/suites/test_utils.c
src/starter/confread.c