This is mostly a mechanical diff replacing ibuf_release with ibuf_free.
ibuf_release() just calls ibuf_free() now so this indirection is no longer
needed.
--
:wq Claudio
Index: ca.c
===================================================================
RCS file: /cvs/src/sbin/iked/ca.c,v
retrieving revision 1.91
diff -u -p -r1.91 ca.c
--- ca.c 5 Mar 2023 22:17:22 -0000 1.91
+++ ca.c 23 May 2023 12:45:30 -0000
@@ -132,13 +132,13 @@ ca_shutdown(void)
struct iked *env = iked_env;
struct ca_store *store;
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
if ((store = env->sc_priv) == NULL)
return;
X509_STORE_free(store->ca_cas);
X509_STORE_free(store->ca_certs);
- ibuf_release(store->ca_pubkey.id_buf);
- ibuf_release(store->ca_privkey.id_buf);
+ ibuf_free(store->ca_pubkey.id_buf);
+ ibuf_free(store->ca_privkey.id_buf);
free(store);
}
@@ -171,7 +171,7 @@ ca_getkey(struct privsep *ps, struct ike
ibuf_length(key->id_buf));
/* clear old key and copy new one */
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
memcpy(id, key, sizeof(*id));
}
@@ -348,7 +348,7 @@ ca_setscert(struct iked *env, struct ike
iovcnt++;
ret = proc_composev(&env->sc_ps, PROC_IKEV2, IMSG_SCERT, iov, iovcnt);
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
@@ -401,7 +401,7 @@ ca_setreq(struct iked *env, struct iked_
ret = 0;
done:
- ibuf_release(id.id_buf);
+ ibuf_free(id.id_buf);
return (ret);
}
@@ -757,7 +757,7 @@ ca_getreq(struct iked *env, struct imsg
ca_setcert(env, &sh, NULL, type,
ibuf_data(buf), ibuf_size(buf), PROC_IKEV2);
- ibuf_release(buf);
+ ibuf_free(buf);
return (0);
}
@@ -816,9 +816,9 @@ ca_getauth(struct iked *env, struct imsg
ret = ca_setauth(env, &sa, sa.sa_localauth.id_buf, PROC_IKEV2);
- ibuf_release(sa.sa_localauth.id_buf);
+ ibuf_free(sa.sa_localauth.id_buf);
sa.sa_localauth.id_buf = NULL;
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (ret);
}
@@ -899,7 +899,7 @@ ca_reload(struct iked *env)
/*
* Save CAs signatures for the IKEv2 CERTREQ
*/
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
if ((env->sc_certreq = ibuf_new(NULL, 0)) == NULL)
return (-1);
@@ -922,7 +922,7 @@ ca_reload(struct iked *env)
OPENSSL_free(subj_name);
if (ibuf_add(env->sc_certreq, md, len) != 0) {
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
env->sc_certreq = NULL;
return (-1);
}
@@ -1267,7 +1267,7 @@ ca_pubkey_serialize(EVP_PKEY *key, struc
case EVP_PKEY_RSA:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((rsa = EVP_PKEY_get0_RSA(key)) == NULL)
@@ -1279,7 +1279,7 @@ ca_pubkey_serialize(EVP_PKEY *key, struc
d = ibuf_data(id->id_buf);
if (i2d_RSAPublicKey(rsa, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
@@ -1289,7 +1289,7 @@ ca_pubkey_serialize(EVP_PKEY *key, struc
case EVP_PKEY_EC:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((ec = EVP_PKEY_get0_EC_KEY(key)) == NULL)
@@ -1301,7 +1301,7 @@ ca_pubkey_serialize(EVP_PKEY *key, struc
d = ibuf_data(id->id_buf);
if (i2d_EC_PUBKEY(ec, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
@@ -1336,7 +1336,7 @@ ca_privkey_serialize(EVP_PKEY *key, stru
case EVP_PKEY_RSA:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((rsa = EVP_PKEY_get0_RSA(key)) == NULL)
@@ -1348,7 +1348,7 @@ ca_privkey_serialize(EVP_PKEY *key, stru
d = ibuf_data(id->id_buf);
if (i2d_RSAPrivateKey(rsa, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
@@ -1358,7 +1358,7 @@ ca_privkey_serialize(EVP_PKEY *key, stru
case EVP_PKEY_EC:
id->id_type = 0;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if ((ec = EVP_PKEY_get0_EC_KEY(key)) == NULL)
@@ -1370,7 +1370,7 @@ ca_privkey_serialize(EVP_PKEY *key, stru
d = ibuf_data(id->id_buf);
if (i2d_ECPrivateKey(ec, &d) != len) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
goto done;
}
@@ -1680,7 +1680,7 @@ ca_validate_pubkey(struct iked *env, str
if (ret != 0)
ca_sslerror(__func__);
done:
- ibuf_release(idp.id_buf);
+ ibuf_free(idp.id_buf);
EVP_PKEY_free(localkey);
RSA_free(localrsa);
if (len > 0)
@@ -1901,7 +1901,7 @@ ca_x509_subjectaltname_do(X509 *cert, in
}
ikev2_print_id(&sanid, idstr, sizeof(idstr));
log_info("%s: altname: %s", logmsg, idstr);
- ibuf_release(sanid.id_buf);
+ ibuf_free(sanid.id_buf);
sanid.id_buf = NULL;
}
/* Compare length and data */
@@ -1916,7 +1916,7 @@ ca_x509_subjectaltname_do(X509 *cert, in
}
/* Get first ID */
if (mode == MODE_ALT_GET) {
- ibuf_release(retid->id_buf);
+ ibuf_free(retid->id_buf);
if ((retid->id_buf = ibuf_new(data, len)) ==
NULL) {
log_debug("%s: failed to get id buffer",
__func__);
Index: config.c
===================================================================
RCS file: /cvs/src/sbin/iked/config.c,v
retrieving revision 1.91
diff -u -p -r1.91 config.c
--- config.c 3 Dec 2022 22:34:35 -0000 1.91
+++ config.c 23 May 2023 12:45:31 -0000
@@ -82,12 +82,12 @@ config_free_kex(struct iked_kex *kex)
if (kex == NULL)
return;
- ibuf_release(kex->kex_inonce);
- ibuf_release(kex->kex_rnonce);
+ ibuf_free(kex->kex_inonce);
+ ibuf_free(kex->kex_rnonce);
group_free(kex->kex_dhgroup);
- ibuf_release(kex->kex_dhiexchange);
- ibuf_release(kex->kex_dhrexchange);
+ ibuf_free(kex->kex_dhiexchange);
+ ibuf_free(kex->kex_dhrexchange);
free(kex);
}
@@ -140,42 +140,42 @@ config_free_sa(struct iked *env, struct
ikev2_msg_flushqueue(env, &sa->sa_requests);
ikev2_msg_flushqueue(env, &sa->sa_responses);
- ibuf_release(sa->sa_inonce);
- ibuf_release(sa->sa_rnonce);
+ ibuf_free(sa->sa_inonce);
+ ibuf_free(sa->sa_rnonce);
group_free(sa->sa_dhgroup);
- ibuf_release(sa->sa_dhiexchange);
- ibuf_release(sa->sa_dhrexchange);
+ ibuf_free(sa->sa_dhiexchange);
+ ibuf_free(sa->sa_dhrexchange);
- ibuf_release(sa->sa_simult);
+ ibuf_free(sa->sa_simult);
hash_free(sa->sa_prf);
hash_free(sa->sa_integr);
cipher_free(sa->sa_encr);
- ibuf_release(sa->sa_key_d);
- ibuf_release(sa->sa_key_iauth);
- ibuf_release(sa->sa_key_rauth);
- ibuf_release(sa->sa_key_iencr);
- ibuf_release(sa->sa_key_rencr);
- ibuf_release(sa->sa_key_iprf);
- ibuf_release(sa->sa_key_rprf);
-
- ibuf_release(sa->sa_1stmsg);
- ibuf_release(sa->sa_2ndmsg);
-
- ibuf_release(sa->sa_iid.id_buf);
- ibuf_release(sa->sa_rid.id_buf);
- ibuf_release(sa->sa_icert.id_buf);
- ibuf_release(sa->sa_rcert.id_buf);
+ ibuf_free(sa->sa_key_d);
+ ibuf_free(sa->sa_key_iauth);
+ ibuf_free(sa->sa_key_rauth);
+ ibuf_free(sa->sa_key_iencr);
+ ibuf_free(sa->sa_key_rencr);
+ ibuf_free(sa->sa_key_iprf);
+ ibuf_free(sa->sa_key_rprf);
+
+ ibuf_free(sa->sa_1stmsg);
+ ibuf_free(sa->sa_2ndmsg);
+
+ ibuf_free(sa->sa_iid.id_buf);
+ ibuf_free(sa->sa_rid.id_buf);
+ ibuf_free(sa->sa_icert.id_buf);
+ ibuf_free(sa->sa_rcert.id_buf);
for (i = 0; i < IKED_SCERT_MAX; i++)
- ibuf_release(sa->sa_scert[i].id_buf);
- ibuf_release(sa->sa_localauth.id_buf);
- ibuf_release(sa->sa_peerauth.id_buf);
+ ibuf_free(sa->sa_scert[i].id_buf);
+ ibuf_free(sa->sa_localauth.id_buf);
+ ibuf_free(sa->sa_peerauth.id_buf);
- ibuf_release(sa->sa_eap.id_buf);
+ ibuf_free(sa->sa_eap.id_buf);
free(sa->sa_eapid);
- ibuf_release(sa->sa_eapmsk);
+ ibuf_free(sa->sa_eapmsk);
free(sa->sa_cp_addr);
free(sa->sa_cp_addr6);
@@ -1064,8 +1064,8 @@ config_setkeys(struct iked *env)
if (fp != NULL)
fclose(fp);
- ibuf_release(pubkey.id_buf);
- ibuf_release(privkey.id_buf);
+ ibuf_free(pubkey.id_buf);
+ ibuf_free(privkey.id_buf);
EVP_PKEY_free(key);
return (ret);
Index: crypto.c
===================================================================
RCS file: /cvs/src/sbin/iked/crypto.c,v
retrieving revision 1.42
diff -u -p -r1.42 crypto.c
--- crypto.c 30 Mar 2023 17:20:53 -0000 1.42
+++ crypto.c 23 May 2023 12:45:31 -0000
@@ -306,7 +306,7 @@ hash_new(uint8_t type, uint16_t id)
struct ibuf *
hash_setkey(struct iked_hash *hash, void *key, size_t keylen)
{
- ibuf_release(hash->hash_key);
+ ibuf_free(hash->hash_key);
if ((hash->hash_key = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc hash key", __func__);
return (NULL);
@@ -320,7 +320,7 @@ hash_free(struct iked_hash *hash)
if (hash == NULL)
return;
HMAC_CTX_free(hash->hash_ctx);
- ibuf_release(hash->hash_key);
+ ibuf_free(hash->hash_key);
free(hash);
}
@@ -487,7 +487,7 @@ cipher_new(uint8_t type, uint16_t id, ui
struct ibuf *
cipher_setkey(struct iked_cipher *encr, const void *key, size_t keylen)
{
- ibuf_release(encr->encr_key);
+ ibuf_free(encr->encr_key);
if ((encr->encr_key = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc cipher key", __func__);
return (NULL);
@@ -498,7 +498,7 @@ cipher_setkey(struct iked_cipher *encr,
struct ibuf *
cipher_setiv(struct iked_cipher *encr, const void *iv, size_t len)
{
- ibuf_release(encr->encr_iv);
+ ibuf_free(encr->encr_iv);
encr->encr_iv = NULL;
if (iv != NULL) {
if (len < encr->encr_ivlength) {
@@ -551,8 +551,8 @@ cipher_free(struct iked_cipher *encr)
if (encr == NULL)
return;
EVP_CIPHER_CTX_free(encr->encr_ctx);
- ibuf_release(encr->encr_iv);
- ibuf_release(encr->encr_key);
+ ibuf_free(encr->encr_iv);
+ ibuf_free(encr->encr_key);
free(encr);
}
@@ -767,7 +767,7 @@ dsa_free(struct iked_dsa *dsa)
EVP_PKEY_free(dsa->dsa_key);
}
- ibuf_release(dsa->dsa_keydata);
+ ibuf_free(dsa->dsa_keydata);
free(dsa);
}
@@ -780,7 +780,7 @@ dsa_setkey(struct iked_dsa *dsa, void *k
EC_KEY *ec = NULL;
EVP_PKEY *pkey = NULL;
- ibuf_release(dsa->dsa_keydata);
+ ibuf_free(dsa->dsa_keydata);
if ((dsa->dsa_keydata = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc signature key", __func__);
return (NULL);
@@ -855,7 +855,7 @@ dsa_setkey(struct iked_dsa *dsa, void *k
EVP_PKEY_free(pkey);
X509_free(cert);
BIO_free(rawcert);
- ibuf_release(dsa->dsa_keydata);
+ ibuf_free(dsa->dsa_keydata);
dsa->dsa_keydata = NULL;
return (NULL);
}
Index: eap.c
===================================================================
RCS file: /cvs/src/sbin/iked/eap.c,v
retrieving revision 1.22
diff -u -p -r1.22 eap.c
--- eap.c 3 Dec 2022 21:02:27 -0000 1.22
+++ eap.c 23 May 2023 12:45:32 -0000
@@ -176,7 +176,7 @@ eap_identity_request(struct iked *env, s
ret = ikev2_msg_send_encrypt(env, sa, &e,
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 1);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -230,7 +230,7 @@ eap_challenge_request(struct iked *env,
ret = ikev2_send_ike_e(env, sa, e,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -253,7 +253,7 @@ eap_message_send(struct iked *env, struc
ret = ikev2_send_ike_e(env, sa, e,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -300,7 +300,7 @@ eap_mschap_challenge(struct iked *env, s
ret = ikev2_send_ike_e(env, sa, eapmsg,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(eapmsg);
+ ibuf_free(eapmsg);
return (ret);
}
@@ -327,7 +327,7 @@ eap_mschap_success(struct iked *env, str
ret = ikev2_send_ike_e(env, sa, eapmsg,
IKEV2_PAYLOAD_EAP, IKEV2_EXCHANGE_IKE_AUTH, 1);
done:
- ibuf_release(eapmsg);
+ ibuf_free(eapmsg);
return (ret);
}
Index: iked.h
===================================================================
RCS file: /cvs/src/sbin/iked/iked.h,v
retrieving revision 1.211
diff -u -p -r1.211 iked.h
--- iked.h 23 May 2023 12:43:26 -0000 1.211
+++ iked.h 23 May 2023 12:45:33 -0000
@@ -1268,7 +1268,6 @@ struct ibuf *
struct ibuf *
ibuf_static(void);
int ibuf_cat(struct ibuf *, struct ibuf *);
-void ibuf_release(struct ibuf *);
size_t ibuf_length(struct ibuf *);
int ibuf_setsize(struct ibuf *, size_t);
uint8_t *
Index: ikev2.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2.c,v
retrieving revision 1.365
diff -u -p -r1.365 ikev2.c
--- ikev2.c 10 Mar 2023 19:26:06 -0000 1.365
+++ ikev2.c 23 May 2023 12:45:40 -0000
@@ -222,7 +222,7 @@ ikev2_shutdown(void)
{
struct iked *env = iked_env;
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
env->sc_certreq = NULL;
config_doreset(env, RESET_ALL);
}
@@ -324,7 +324,7 @@ ikev2_dispatch_cert(int fd, struct privs
memcpy(&type, ptr, sizeof(type));
ptr += sizeof(type);
- ibuf_release(env->sc_certreq);
+ ibuf_free(env->sc_certreq);
env->sc_certreqtype = type;
env->sc_certreq = ibuf_new(ptr,
IMSG_DATA_SIZE(imsg) - sizeof(type));
@@ -349,7 +349,7 @@ ikev2_dispatch_cert(int fd, struct privs
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (len > 0 && (id->id_buf = ibuf_new(ptr, len)) == NULL) {
@@ -402,7 +402,7 @@ ikev2_dispatch_cert(int fd, struct privs
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (len <= 0 || (id->id_buf = ibuf_new(ptr, len)) == NULL) {
@@ -451,7 +451,7 @@ ikev2_dispatch_cert(int fd, struct privs
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (len <= 0 || (id->id_buf = ibuf_new(ptr, len)) == NULL) {
@@ -479,7 +479,7 @@ ikev2_dispatch_cert(int fd, struct privs
id = &sa->sa_localauth;
id->id_type = type;
id->id_offset = 0;
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
if (type != IKEV2_AUTH_NONE) {
@@ -900,7 +900,7 @@ ikev2_auth_verify(struct iked *env, stru
ibuf_data(sa->sa_peerauth.id_buf),
ibuf_length(sa->sa_peerauth.id_buf),
authmsg);
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
if (ret != 0) {
log_info("%s: ikev2_msg_authverify failed",
SPI_SA(sa, __func__));
@@ -919,7 +919,7 @@ ikev2_auth_verify(struct iked *env, stru
/* XXX 2nd AUTH for EAP messages */
ret = ikev2_msg_authsign(env, sa, &ikeauth, authmsg);
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
if (ret != 0) {
ikev2_send_auth_failed(env, sa);
explicit_bzero(&ikeauth, sizeof(ikeauth));
@@ -1044,7 +1044,7 @@ ikev2_ike_auth_recv(struct iked *env, st
}
ca_setauth(env, sa, authmsg, PROC_CERT);
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
}
}
@@ -1502,7 +1502,7 @@ ikev2_init_ike_sa_peer(struct iked *env,
(void)ikev2_pld_parse(env, hdr, &req, 0);
- ibuf_release(sa->sa_1stmsg);
+ ibuf_free(sa->sa_1stmsg);
if ((sa->sa_1stmsg = ibuf_dup(buf)) == NULL) {
log_debug("%s: failed to copy 1st message", __func__);
goto done;
@@ -1550,10 +1550,10 @@ ikev2_init_auth(struct iked *env, struct
if (ca_setauth(env, sa, authmsg, PROC_CERT) == -1) {
log_info("%s: failed to get cert", SPI_SA(sa, __func__));
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (-1);
}
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (ikev2_init_ike_auth(env, sa));
}
@@ -1702,7 +1702,7 @@ ikev2_init_ike_auth(struct iked *env, st
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 0);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -1815,7 +1815,7 @@ ikev2_policy2id(struct iked_static_id *p
case IKEV2_ID_IPV4:
if (inet_pton(AF_INET, (char *)polid->id_data, &in4) != 1 ||
ibuf_add(id->id_buf, &in4, sizeof(in4)) != 0) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
@@ -1823,7 +1823,7 @@ ikev2_policy2id(struct iked_static_id *p
case IKEV2_ID_IPV6:
if (inet_pton(AF_INET6, (char *)polid->id_data, &in6) != 1 ||
ibuf_add(id->id_buf, &in6, sizeof(in6)) != 0) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
@@ -1836,7 +1836,7 @@ ikev2_policy2id(struct iked_static_id *p
(i2d_X509_NAME(name, &p)) < 0) {
if (name)
X509_NAME_free(name);
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
@@ -1845,7 +1845,7 @@ ikev2_policy2id(struct iked_static_id *p
default:
if (ibuf_add(id->id_buf,
polid->id_data, polid->id_length) != 0) {
- ibuf_release(id->id_buf);
+ ibuf_free(id->id_buf);
id->id_buf = NULL;
return (-1);
}
@@ -2876,7 +2876,7 @@ ikev2_resp_informational(struct iked *en
sa_state(env, sa, IKEV2_STATE_CLOSED);
}
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
@@ -3156,7 +3156,7 @@ ikev2_handle_delete(struct iked *env, st
done:
free(localspi);
free(peersas);
- ibuf_release(spibuf);
+ ibuf_free(spibuf);
return (ret);
}
@@ -3429,7 +3429,7 @@ ikev2_resp_ike_sa_init(struct iked *env,
(void)ikev2_pld_parse(env, hdr, &resp, 0);
- ibuf_release(sa->sa_2ndmsg);
+ ibuf_free(sa->sa_2ndmsg);
if ((sa->sa_2ndmsg = ibuf_dup(buf)) == NULL) {
log_debug("%s: failed to copy 2nd message", __func__);
goto done;
@@ -3481,7 +3481,7 @@ ikev2_send_auth_failed(struct iked *env,
if (exchange == IKEV2_EXCHANGE_INFORMATIONAL)
sa->sa_stateflags |= IKED_REQ_INF;
done:
- ibuf_release(buf);
+ ibuf_free(buf);
/* cleanup SA after timeout */
sa_state(env, sa, IKEV2_STATE_CLOSING);
@@ -3615,7 +3615,7 @@ ikev2_send_error(struct iked *env, struc
ret = ikev2_send_ike_e(env, sa, buf, IKEV2_PAYLOAD_NOTIFY,
exchange, 1);
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
@@ -3722,7 +3722,7 @@ ikev2_handle_certreq(struct iked* env, s
ibuf_length(cr->cr_data),
PROC_CERT);
- ibuf_release(cr->cr_data);
+ ibuf_free(cr->cr_data);
SIMPLEQ_REMOVE_HEAD(&msg->msg_certreqs, cr_entry);
free(cr);
}
@@ -3991,7 +3991,7 @@ ikev2_resp_ike_auth(struct iked *env, st
done:
if (ret)
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1);
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -4023,7 +4023,7 @@ ikev2_send_ike_e(struct iked *env, struc
response);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -4087,7 +4087,7 @@ ikev2_send_create_child_sa(struct iked *
return (-1);
}
- ibuf_release(sa->sa_simult);
+ ibuf_free(sa->sa_simult);
sa->sa_simult = NULL;
sa->sa_rekeyspi = 0; /* clear rekey spi */
initiator = sa->sa_hdr.sh_initiator ? 1 : 0;
@@ -4106,7 +4106,7 @@ ikev2_send_create_child_sa(struct iked *
goto done;
/* Update initiator nonce */
- ibuf_release(sa->sa_inonce);
+ ibuf_free(sa->sa_inonce);
sa->sa_inonce = nonce;
if ((e = ibuf_static()) == NULL)
@@ -4229,7 +4229,7 @@ ikev2_send_create_child_sa(struct iked *
}
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -4336,7 +4336,7 @@ done:
ikev2_ike_sa_setreason(nsa, "failed to send CREATE_CHILD_SA");
sa_free(env, nsa);
}
- ibuf_release(e);
+ ibuf_free(e);
if (ret == 0)
log_debug("%s: create child SA sent", __func__);
@@ -4523,7 +4523,7 @@ ikev2_init_create_child_sa(struct iked *
SPI_SA(sa, __func__));
return (-1);
}
- ibuf_release(sa->sa_rnonce);
+ ibuf_free(sa->sa_rnonce);
sa->sa_rnonce = msg->msg_nonce;
msg->msg_nonce = NULL;
@@ -4588,7 +4588,7 @@ done:
ikev2_childsa_delete(env, sa, csa->csa_saproto,
csa->csa_peerspi, NULL, 0);
}
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
@@ -4660,10 +4660,10 @@ ikev2_ikesa_enable(struct iked *env, str
}
/* Preserve ID information */
- ibuf_release(nsa->sa_iid.id_buf);
- ibuf_release(nsa->sa_rid.id_buf);
- ibuf_release(nsa->sa_icert.id_buf);
- ibuf_release(nsa->sa_rcert.id_buf);
+ ibuf_free(nsa->sa_iid.id_buf);
+ ibuf_free(nsa->sa_rid.id_buf);
+ ibuf_free(nsa->sa_icert.id_buf);
+ ibuf_free(nsa->sa_rcert.id_buf);
if (sa->sa_hdr.sh_initiator == nsa->sa_hdr.sh_initiator) {
nsa->sa_iid = sa->sa_iid;
nsa->sa_rid = sa->sa_rid;
@@ -4768,7 +4768,7 @@ ikev2_ikesa_delete(struct iked *env, str
sa->sa_stateflags |= IKED_REQ_INF;
log_info("%s: sent delete, closing SA", SPI_SA(sa, __func__));
done:
- ibuf_release(buf);
+ ibuf_free(buf);
sa_state(env, sa, IKEV2_STATE_CLOSED);
} else {
sa_state(env, sa, IKEV2_STATE_CLOSING);
@@ -4968,7 +4968,7 @@ ikev2_resp_create_child_sa(struct iked *
log_debug("%s: initiator didn't send nonce", __func__);
goto fail;
}
- ibuf_release(kex->kex_inonce);
+ ibuf_free(kex->kex_inonce);
kex->kex_inonce = msg->msg_nonce;
msg->msg_nonce = NULL;
@@ -4977,7 +4977,7 @@ ikev2_resp_create_child_sa(struct iked *
goto fail;
/* Update responder's nonce */
- ibuf_release(kex->kex_rnonce);
+ ibuf_free(kex->kex_rnonce);
kex->kex_rnonce = nonce;
if (ikev2_childsa_negotiate(env, sa, kex, &proposals, 0, pfs)) {
@@ -4991,7 +4991,7 @@ ikev2_resp_create_child_sa(struct iked *
SPI_SA(sa, __func__),
print_spi(rekey->spi, rekey->spi_size),
print_spi(sa->sa_rekeyspi, rekey->spi_size));
- ibuf_release(sa->sa_simult);
+ ibuf_free(sa->sa_simult);
if (ikev2_nonce_cmp(kex->kex_inonce, nonce) < 0)
sa->sa_simult = ibuf_dup(kex->kex_inonce);
else
@@ -5088,7 +5088,7 @@ ikev2_resp_create_child_sa(struct iked *
done:
if (ret && protoid != IKEV2_SAPROTO_IKE)
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1);
- ibuf_release(e);
+ ibuf_free(e);
config_free_proposals(&proposals, 0);
config_free_kex(kextmp);
return (ret);
@@ -5339,7 +5339,7 @@ ikev2_send_informational(struct iked *en
ret = ikev2_msg_send(env, &resp);
done:
- ibuf_release(e);
+ ibuf_free(e);
ikev2_msg_cleanup(env, &resp);
return (ret);
@@ -5520,7 +5520,7 @@ ikev2_sa_initiator(struct iked *env, str
if (ikev2_sa_negotiate_common(env, sa, msg) != 0)
return (-1);
- ibuf_release(sa->sa_2ndmsg);
+ ibuf_free(sa->sa_2ndmsg);
if ((sa->sa_2ndmsg = ibuf_dup(msg->msg_data)) == NULL) {
log_info("%s: failed to copy 2nd message",
SPI_SA(sa, __func__));
@@ -5609,7 +5609,7 @@ ikev2_sa_responder(struct iked *env, str
sa_state(env, sa, IKEV2_STATE_SA_INIT);
- ibuf_release(sa->sa_1stmsg);
+ ibuf_free(sa->sa_1stmsg);
if ((sa->sa_1stmsg = ibuf_dup(msg->msg_data)) == NULL) {
log_debug("%s: failed to copy 1st message", __func__);
return (-1);
@@ -5847,11 +5847,11 @@ ikev2_sa_keys(struct iked *env, struct i
ret = 0;
done:
- ibuf_release(ninr);
- ibuf_release(dhsecret);
- ibuf_release(skeyseed);
- ibuf_release(s);
- ibuf_release(t);
+ ibuf_free(ninr);
+ ibuf_free(dhsecret);
+ ibuf_free(skeyseed);
+ ibuf_free(s);
+ ibuf_free(t);
return (ret);
}
@@ -5859,8 +5859,8 @@ ikev2_sa_keys(struct iked *env, struct i
void
ikev2_sa_cleanup_dh(struct iked_sa *sa)
{
- ibuf_release(sa->sa_dhiexchange);
- ibuf_release(sa->sa_dhrexchange);
+ ibuf_free(sa->sa_dhiexchange);
+ ibuf_free(sa->sa_dhrexchange);
group_free(sa->sa_dhgroup);
sa->sa_dhiexchange = NULL;
sa->sa_dhrexchange = NULL;
@@ -5901,7 +5901,7 @@ ikev2_prfplus(struct iked_hash *prf, str
for (i = 0; i < rlen; i++) {
if (t1 != NULL) {
t2 = ibuf_new(t1->buf, ibuf_length(t1));
- ibuf_release(t1);
+ ibuf_free(t1);
} else
t2 = ibuf_new(NULL, 0);
t1 = ibuf_new(NULL, hash_keylength(prf));
@@ -5917,7 +5917,7 @@ ikev2_prfplus(struct iked_hash *prf, str
if (hashlen != hash_length(prf))
fatalx("ikev2_prfplus: hash length mismatch");
- ibuf_release(t2);
+ ibuf_free(t2);
ibuf_add(t, t1->buf, ibuf_length(t1));
log_debug("%s: T%d with %zu bytes", __func__,
@@ -5928,13 +5928,13 @@ ikev2_prfplus(struct iked_hash *prf, str
log_debug("%s: Tn with %zu bytes", __func__, ibuf_length(t));
print_hex(t->buf, 0, ibuf_length(t));
- ibuf_release(t1);
+ ibuf_free(t1);
return (t);
fail:
- ibuf_release(t1);
- ibuf_release(t);
+ ibuf_free(t1);
+ ibuf_free(t);
return (NULL);
}
@@ -6076,7 +6076,7 @@ ikev2_childsa_delete_proposed(struct ike
sa->sa_stateflags |= IKED_REQ_INF;
ret = 0;
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (ret);
}
@@ -6397,9 +6397,9 @@ ikev2_childsa_negotiate(struct iked *env
ret = 0;
done:
sa->sa_use_transport_mode = 0; /* reset state after use */
- ibuf_release(dhsecret);
- ibuf_release(keymat);
- ibuf_release(seed);
+ ibuf_free(dhsecret);
+ ibuf_free(keymat);
+ ibuf_free(seed);
childsa_free(csa);
childsa_free(csb);
childsa_free(csa2);
@@ -6586,8 +6586,8 @@ ikev2_childsa_enable(struct iked *env, s
ret = 0;
done:
- ibuf_release(spibuf);
- ibuf_release(flowbuf);
+ ibuf_free(spibuf);
+ ibuf_free(flowbuf);
return (ret);
}
@@ -6865,7 +6865,7 @@ ikev2_child_sa_drop(struct iked *env, st
sa->sa_stateflags |= IKED_REQ_INF;
done:
- ibuf_release(buf);
+ ibuf_free(buf);
return (0);
}
@@ -6888,7 +6888,7 @@ ikev2_print_static_id(struct iked_static
}
ret = 0;
done:
- ibuf_release(idp.id_buf);
+ ibuf_free(idp.id_buf);
return (ret);
}
Index: ikev2_msg.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2_msg.c,v
retrieving revision 1.90
diff -u -p -r1.90 ikev2_msg.c
--- ikev2_msg.c 6 Dec 2022 09:07:33 -0000 1.90
+++ ikev2_msg.c 23 May 2023 12:45:41 -0000
@@ -191,15 +191,15 @@ ikev2_msg_cleanup(struct iked *env, stru
struct iked_certreq *cr;
if (msg == msg->msg_parent) {
- ibuf_release(msg->msg_nonce);
- ibuf_release(msg->msg_ke);
- ibuf_release(msg->msg_auth.id_buf);
- ibuf_release(msg->msg_peerid.id_buf);
- ibuf_release(msg->msg_localid.id_buf);
- ibuf_release(msg->msg_cert.id_buf);
- ibuf_release(msg->msg_cookie);
- ibuf_release(msg->msg_cookie2);
- ibuf_release(msg->msg_del_buf);
+ ibuf_free(msg->msg_nonce);
+ ibuf_free(msg->msg_ke);
+ ibuf_free(msg->msg_auth.id_buf);
+ ibuf_free(msg->msg_peerid.id_buf);
+ ibuf_free(msg->msg_localid.id_buf);
+ ibuf_free(msg->msg_cert.id_buf);
+ ibuf_free(msg->msg_cookie);
+ ibuf_free(msg->msg_cookie2);
+ ibuf_free(msg->msg_del_buf);
free(msg->msg_eap.eam_user);
free(msg->msg_cp_addr);
free(msg->msg_cp_addr6);
@@ -221,14 +221,14 @@ ikev2_msg_cleanup(struct iked *env, stru
config_free_proposals(&msg->msg_proposals, 0);
while ((cr = SIMPLEQ_FIRST(&msg->msg_certreqs))) {
- ibuf_release(cr->cr_data);
+ ibuf_free(cr->cr_data);
SIMPLEQ_REMOVE_HEAD(&msg->msg_certreqs, cr_entry);
free(cr);
}
}
if (msg->msg_data != NULL) {
- ibuf_release(msg->msg_data);
+ ibuf_free(msg->msg_data);
msg->msg_data = NULL;
}
}
@@ -478,13 +478,13 @@ ikev2_msg_encrypt(struct iked *env, stru
__func__, len + sizeof(pad), pad, ibuf_size(dst));
print_hex(ibuf_data(dst), 0, ibuf_size(dst));
- ibuf_release(src);
- ibuf_release(out);
+ ibuf_free(src);
+ ibuf_free(out);
return (dst);
done:
- ibuf_release(src);
- ibuf_release(out);
- ibuf_release(dst);
+ ibuf_free(src);
+ ibuf_free(out);
+ ibuf_free(dst);
return (NULL);
}
@@ -548,7 +548,7 @@ ikev2_msg_integr(struct iked *env, struc
ret = 0;
done:
- ibuf_release(tmp);
+ ibuf_free(tmp);
return (ret);
}
@@ -623,7 +623,7 @@ ikev2_msg_decrypt(struct iked *env, stru
log_debug("%s: integrity check succeeded", __func__);
print_hex(tmp->buf, 0, tmplen);
- ibuf_release(tmp);
+ ibuf_free(tmp);
tmp = NULL;
}
@@ -691,12 +691,12 @@ ikev2_msg_decrypt(struct iked *env, stru
if (ibuf_setsize(out, outlen - pad - 1) != 0)
goto done;
- ibuf_release(src);
+ ibuf_free(src);
return (out);
done:
- ibuf_release(tmp);
- ibuf_release(out);
- ibuf_release(src);
+ ibuf_free(tmp);
+ ibuf_free(out);
+ ibuf_free(src);
return (NULL);
}
@@ -906,14 +906,14 @@ ikev2_send_encrypted_fragments(struct ik
firstpayload = 0;
ikev2_msg_cleanup(env, &resp);
- ibuf_release(e);
+ ibuf_free(e);
e = NULL;
}
return 0;
done:
ikev2_msg_cleanup(env, &resp);
- ibuf_release(e);
+ ibuf_free(e);
ikestat_inc(env, ikes_frag_send_failures);
return ret;
}
@@ -977,7 +977,7 @@ ikev2_msg_auth(struct iked *env, struct
return (authmsg);
fail:
- ibuf_release(authmsg);
+ ibuf_free(authmsg);
return (NULL);
}
@@ -1109,7 +1109,7 @@ ikev2_msg_authsign(struct iked *env, str
goto done;
}
- ibuf_release(sa->sa_localauth.id_buf);
+ ibuf_free(sa->sa_localauth.id_buf);
sa->sa_localauth.id_buf = NULL;
if ((buf = ibuf_new(NULL, dsa_length(dsa))) == NULL) {
@@ -1120,14 +1120,14 @@ ikev2_msg_authsign(struct iked *env, str
if ((siglen = dsa_sign_final(dsa,
ibuf_data(buf), ibuf_size(buf))) < 0) {
log_debug("%s: failed to create auth signature", __func__);
- ibuf_release(buf);
+ ibuf_free(buf);
goto done;
}
if (ibuf_setsize(buf, siglen) < 0) {
log_debug("%s: failed to set auth signature size to %zd",
__func__, siglen);
- ibuf_release(buf);
+ ibuf_free(buf);
goto done;
}
Index: ikev2_pld.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2_pld.c,v
retrieving revision 1.127
diff -u -p -r1.127 ikev2_pld.c
--- ikev2_pld.c 6 Dec 2022 09:07:33 -0000 1.127
+++ ikev2_pld.c 23 May 2023 12:45:43 -0000
@@ -748,7 +748,7 @@ ikev2_pld_id(struct iked *env, struct ik
return (-1);
if (ikev2_print_id(&idb, idstr, sizeof(idstr)) == -1) {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
log_debug("%s: malformed id", __func__);
return (-1);
}
@@ -756,7 +756,7 @@ ikev2_pld_id(struct iked *env, struct ik
log_debug("%s: id %s length %zu", __func__, idstr, len);
if (!ikev2_msg_frompeer(msg)) {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
return (0);
}
@@ -766,13 +766,13 @@ ikev2_pld_id(struct iked *env, struct ik
else if (!sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDr)
idp = &msg->msg_parent->msg_localid;
else {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
log_debug("%s: unexpected id payload", __func__);
return (0);
}
if (idp->id_type) {
- ibuf_release(idb.id_buf);
+ ibuf_free(idb.id_buf);
log_debug("%s: duplicate id payload", __func__);
return (-1);
}
@@ -964,7 +964,7 @@ ikev2_pld_auth(struct iked *env, struct
return (-1);
}
- ibuf_release(idp->id_buf);
+ ibuf_free(idp->id_buf);
idp->id_type = auth.auth_method;
idp->id_offset = 0;
if ((idp->id_buf = ibuf_new(buf, len)) == NULL)
@@ -1279,7 +1279,7 @@ ikev2_pld_notify(struct iked *env, struc
" notification: %zu", __func__, left);
return (0);
}
- ibuf_release(msg->msg_cookie2); /* should not happen */
+ ibuf_free(msg->msg_cookie2); /* should not happen */
if ((msg->msg_cookie2 = ibuf_new(buf, left)) == NULL) {
log_debug("%s: failed to get peer cookie2", __func__);
return (-1);
@@ -1300,7 +1300,7 @@ ikev2_pld_notify(struct iked *env, struc
log_debug("%s: received cookie, len %zu", __func__, left);
print_hex(buf, 0, left);
- ibuf_release(msg->msg_cookie);
+ ibuf_free(msg->msg_cookie);
if ((msg->msg_cookie = ibuf_new(buf, left)) == NULL) {
log_debug("%s: failed to get peer cookie", __func__);
return (-1);
@@ -1710,12 +1710,12 @@ ikev2_pld_ef(struct iked *env, struct ik
done:
if (!processed)
ikestat_inc(env, ikes_frag_rcvd_drop);
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
dropall:
ikestat_add(env, ikes_frag_rcvd_drop, sa_frag->frag_count + 1);
config_free_fragments(sa_frag);
- ibuf_release(e);
+ ibuf_free(e);
return -1;
}
@@ -1782,7 +1782,7 @@ done:
else
ikestat_add(env, ikes_frag_reass_drop, sa_frag->frag_total);
config_free_fragments(sa_frag);
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
@@ -1837,7 +1837,7 @@ ikev2_pld_e(struct iked *env, struct ike
pld->pld_nextpayload);
done:
- ibuf_release(e);
+ ibuf_free(e);
return (ret);
}
Index: imsg_util.c
===================================================================
RCS file: /cvs/src/sbin/iked/imsg_util.c,v
retrieving revision 1.14
diff -u -p -r1.14 imsg_util.c
--- imsg_util.c 23 May 2023 12:43:26 -0000 1.14
+++ imsg_util.c 23 May 2023 12:45:43 -0000
@@ -81,12 +81,6 @@ ibuf_advance(struct ibuf *buf, size_t le
return ibuf_reserve(buf, len);
}
-void
-ibuf_release(struct ibuf *buf)
-{
- ibuf_free(buf);
-}
-
size_t
ibuf_length(struct ibuf *buf)
{
@@ -166,7 +160,7 @@ ibuf_prepend(struct ibuf *buf, void *dat
if ((new = ibuf_new(data, len)) == NULL)
return (-1);
if (ibuf_cat(new, buf) == -1) {
- ibuf_release(new);
+ ibuf_free(new);
return (-1);
}
free(buf->buf);
Index: policy.c
===================================================================
RCS file: /cvs/src/sbin/iked/policy.c,v
retrieving revision 1.93
diff -u -p -r1.93 policy.c
--- policy.c 8 Feb 2023 19:59:10 -0000 1.93
+++ policy.c 23 May 2023 12:45:46 -0000
@@ -784,8 +784,8 @@ childsa_free(struct iked_childsa *csa)
csb->csa_bundled = NULL;
if ((csb = csa->csa_peersa) != NULL)
csb->csa_peersa = NULL;
- ibuf_release(csa->csa_encrkey);
- ibuf_release(csa->csa_integrkey);
+ ibuf_free(csa->csa_encrkey);
+ ibuf_free(csa->csa_integrkey);
free(csa);
}
