aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec
diff options
context:
space:
mode:
authorKingwel Xie <kingwel.xie@ericsson.com>2019-03-07 06:34:30 -0500
committerNeale Ranns <nranns@cisco.com>2019-03-07 13:31:39 +0000
commitd3d1205087783eb36c9e44d98a33a0f01adb47c9 (patch)
tree6b2f1a863e9af7ddd9f6b38590f1a62b37a3f31c /src/vnet/ipsec
parent48ae19e9096fab98b14eaddaaa73e1b54bcbda8d (diff)
ipsec: cli bug fixes
1. fix wrong assignemnt of lik/rik 2. keys initialized to 0, to avoid using random data in stack. could cause memory overlapped then crash 3. show sa->id in hex format Change-Id: Id0430aa49bb55c27cee4f97f8c0e4ec87515dcd2 Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r--src/vnet/ipsec/ipsec_cli.c12
-rw-r--r--src/vnet/ipsec/ipsec_format.c2
2 files changed, 9 insertions, 5 deletions
diff --git a/src/vnet/ipsec/ipsec_cli.c b/src/vnet/ipsec/ipsec_cli.c
index ee2e870c343..648455bbecf 100644
--- a/src/vnet/ipsec/ipsec_cli.c
+++ b/src/vnet/ipsec/ipsec_cli.c
@@ -82,7 +82,8 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
ipsec_protocol_t proto;
ipsec_sa_flags_t flags;
clib_error_t *error;
- ipsec_key_t ck, ik;
+ ipsec_key_t ck = { 0 };
+ ipsec_key_t ik = { 0 };
int is_add, rv;
u32 id, spi;
@@ -619,7 +620,10 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
u8 ipv4_set = 0;
u8 ipv6_set = 0;
clib_error_t *error = NULL;
- ipsec_key_t rck, lck, lik, rik;
+ ipsec_key_t rck = { 0 };
+ ipsec_key_t lck = { 0 };
+ ipsec_key_t lik = { 0 };
+ ipsec_key_t rik = { 0 };
clib_memset (&a, 0, sizeof (a));
a.is_add = 1;
@@ -709,9 +713,9 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
clib_memcpy (a.remote_crypto_key, rck.data, rck.len);
a.remote_crypto_key_len = rck.len;
- clib_memcpy (a.local_integ_key, lck.data, lck.len);
+ clib_memcpy (a.local_integ_key, lik.data, lik.len);
a.local_integ_key_len = lck.len;
- clib_memcpy (a.remote_integ_key, rck.data, rck.len);
+ clib_memcpy (a.remote_integ_key, rik.data, rik.len);
a.remote_integ_key_len = rck.len;
rv = ipsec_add_del_tunnel_if (&a);
diff --git a/src/vnet/ipsec/ipsec_format.c b/src/vnet/ipsec/ipsec_format.c
index dc66569702e..d65b2a7ee4f 100644
--- a/src/vnet/ipsec/ipsec_format.c
+++ b/src/vnet/ipsec/ipsec_format.c
@@ -244,7 +244,7 @@ format_ipsec_sa (u8 * s, va_list * args)
sa = pool_elt_at_index (im->sad, sai);
- s = format (s, "[%d] sa %u spi %u mode %s%s protocol %s%s%s%s",
+ s = format (s, "[%d] sa 0x%x spi %u mode %s%s protocol %s%s%s%s",
sai, sa->id, sa->spi,
sa->is_tunnel ? "tunnel" : "transport",
sa->is_tunnel_ip6 ? "-ip6" : "",
or: #008800 } /* Operator.Word */ .highlight .w { color: #bbbbbb } /* Text.Whitespace */ .highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */ .highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */ .highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */ .highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */ .highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */ .highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */ .highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */ .highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */ .highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */ .highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */ .highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */ .highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */ .highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ } 
#!/usr/bin/env python

import sys
import os
import logging

""" @var formatting delimiter consisting of '=' characters """
double_line_delim = '=' * 78
""" @var formatting delimiter consisting of '-' characters """
single_line_delim = '-' * 78


def colorize(msg, color):
    return color + msg + COLOR_RESET


class ColorFormatter(logging.Formatter):

    def init(self, fmt=None, datefmt=None):
        super(ColorFormatter, self).__init__(fmt, datefmt)

    def format(self, record):
        message = super(ColorFormatter, self).format(record)
        if hasattr(record, 'color'):
            message = colorize(message, record.color)
        return message
try:
    verbose = int(os.getenv("V", 0))
except:
    verbose = 0

# 40 = ERROR, 30 = WARNING, 20 = INFO, 10 = DEBUG, 0 = NOTSET (all messages)
if verbose >= 2:
    log_level = 10
elif verbose == 1:
    log_level = 20
else:
    log_level = 40

handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(ColorFormatter(fmt='%(asctime)s,%(msecs)03d %(message)s',
                                    datefmt="%H:%M:%S"))
handler.setLevel(log_level)

global_logger = logging.getLogger()
global_logger.addHandler(handler)

scapy_logger = logging.getLogger("scapy.runtime")
scapy_logger.setLevel(logging.ERROR)


def getLogger(name):
    logger = logging.getLogger(name)
    logger.setLevel(logging.DEBUG)
    return logger

# Static variables to store color formatting strings.
#
# These variables (RED, GREEN, YELLOW and LPURPLE) are used to configure
# the color of the text to be printed in the terminal. Variable COLOR_RESET
# is used to revert the text color to the default one.
if hasattr(sys.stdout, 'isatty') and sys.stdout.isatty():
    RED = '\033[91m'
    GREEN = '\033[92m'
    YELLOW = '\033[93m'
    LPURPLE = '\033[94m'
    COLOR_RESET = '\033[0m'
else:
    RED = ''
    GREEN = ''
    YELLOW = ''
    LPURPLE = ''
    COLOR_RESET = ''