aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch')
-rw-r--r--main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch92
1 files changed, 73 insertions, 19 deletions
diff --git a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
index e246c04294..3f61be6584 100644
--- a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
+++ b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
@@ -1,6 +1,6 @@
-From 82c26f6c6c8dc8de620cdb6b191f04451ddedd11 Mon Sep 17 00:00:00 2001
+From 6bc204df6722a9c3726d95fc3b34353e7ce9bd3d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Wed, 27 Aug 2014 16:05:21 +0300
+Date: Mon, 21 Sep 2015 13:41:58 +0300
Subject: [PATCH] charon: add optional source and remote overrides for initiate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
@@ -26,9 +26,9 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi>
src/libcharon/processing/jobs/start_action_job.c | 2 +-
src/libcharon/sa/ike_sa_manager.c | 51 ++++++++++++++++++-
src/libcharon/sa/ike_sa_manager.h | 8 ++-
- src/libcharon/sa/trap_manager.c | 3 +-
+ src/libcharon/sa/trap_manager.c | 46 +++++++----------
src/swanctl/commands/initiate.c | 40 ++++++++++++++-
- 13 files changed, 203 insertions(+), 23 deletions(-)
+ 13 files changed, 220 insertions(+), 49 deletions(-)
diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index 0c6a504..dc4eca3 100644
@@ -57,7 +57,7 @@ index fc7e899..4f4461a 100644
{
peer_cfg->destroy(peer_cfg);
diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c
-index 097f5ac..9c3b45b 100644
+index 6dd54b4..d0524a5 100644
--- a/src/libcharon/control/controller.c
+++ b/src/libcharon/control/controller.c
@@ -15,6 +15,28 @@
@@ -205,10 +205,10 @@ index 0125d17..72c806c 100644
switch (status)
{
diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
-index b6950f3..600b83f 100644
+index ea6d295..5537ed9 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
-@@ -1584,7 +1584,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
+@@ -1589,7 +1589,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
DBG1(DBG_CFG, "initiating '%s'", child_cfg->get_name(child_cfg));
charon->controller->initiate(charon->controller,
peer_cfg->get_ref(peer_cfg), child_cfg->get_ref(child_cfg),
@@ -218,7 +218,7 @@ index b6950f3..600b83f 100644
case ACTION_ROUTE:
DBG1(DBG_CFG, "installing '%s'", child_cfg->get_name(child_cfg));
diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
-index 88574f8..55f667b 100644
+index 752007c..174bae4 100644
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
@@ -13,6 +13,28 @@
@@ -341,7 +341,7 @@ index 5e88ac2..7043332 100644
case ACTION_ROUTE:
DBG1(DBG_JOB, "start action: route '%s'", name);
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index 20b6e50..ccce3de 100644
+index 9a613a6..9fa615a 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -16,6 +16,28 @@
@@ -373,7 +373,7 @@ index 20b6e50..ccce3de 100644
#include <string.h>
#include "ike_sa_manager.h"
-@@ -1335,7 +1357,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
+@@ -1358,7 +1380,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
}
METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
@@ -383,7 +383,7 @@ index 20b6e50..ccce3de 100644
{
enumerator_t *enumerator;
entry_t *entry;
-@@ -1344,7 +1367,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1367,7 +1390,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
ike_cfg_t *current_ike;
u_int segment;
@@ -402,7 +402,7 @@ index 20b6e50..ccce3de 100644
if (this->reuse_ikesa)
{
-@@ -1359,6 +1392,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1382,6 +1415,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
{ /* skip IKE_SAs which are not usable */
continue;
}
@@ -419,7 +419,7 @@ index 20b6e50..ccce3de 100644
current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa);
if (current_peer && current_peer->equals(current_peer, peer_cfg))
{
-@@ -1388,6 +1431,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1411,6 +1454,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
return NULL;
}
ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
@@ -431,7 +431,7 @@ index 20b6e50..ccce3de 100644
charon->bus->set_sa(charon->bus, ike_sa);
return ike_sa;
diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h
-index f259d8e..5a69083 100644
+index 3ea928e..151ab22 100644
--- a/src/libcharon/sa/ike_sa_manager.h
+++ b/src/libcharon/sa/ike_sa_manager.h
@@ -83,7 +83,8 @@ struct ike_sa_manager_t {
@@ -460,16 +460,70 @@ index f259d8e..5a69083 100644
/**
* Check for duplicates of the given IKE_SA.
diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c
-index 424d9e7..62a70f5 100644
+index 63505c9..442919f 100644
--- a/src/libcharon/sa/trap_manager.c
+++ b/src/libcharon/sa/trap_manager.c
-@@ -421,7 +421,8 @@ METHOD(trap_manager_t, acquire, void,
+@@ -401,7 +401,7 @@ METHOD(trap_manager_t, acquire, void,
+ peer_cfg_t *peer;
+ child_cfg_t *child;
+ ike_sa_t *ike_sa;
+- host_t *host;
++ host_t *host, *my_host = NULL, *other_host = NULL;
+ bool wildcard, ignore = FALSE;
+
+ this->lock->read_lock(this->lock);
+@@ -477,36 +477,28 @@ METHOD(trap_manager_t, acquire, void,
this->lock->unlock(this->lock);
- ike_sa = charon->ike_sa_manager->checkout_by_config(
+ if (wildcard)
+- { /* the peer config would match IKE_SAs with other peers */
+- ike_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
+- peer->get_ike_version(peer), TRUE);
+- if (ike_sa)
+- {
+- ike_cfg_t *ike_cfg;
+- u_int16_t port;
+- u_int8_t mask;
+-
+- ike_sa->set_peer_cfg(ike_sa, peer);
+- ike_cfg = ike_sa->get_ike_cfg(ike_sa);
++ {
++ ike_cfg_t *ike_cfg;
++ u_int16_t port;
++ u_int8_t mask;
+
+- port = ike_cfg->get_other_port(ike_cfg);
+- dst->to_subnet(dst, &host, &mask);
+- host->set_port(host, port);
+- ike_sa->set_other_host(ike_sa, host);
++ ike_sa->set_peer_cfg(ike_sa, peer);
++ ike_cfg = ike_sa->get_ike_cfg(ike_sa);
+
+- port = ike_cfg->get_my_port(ike_cfg);
+- src->to_subnet(src, &host, &mask);
+- host->set_port(host, port);
+- ike_sa->set_my_host(ike_sa, host);
++ port = ike_cfg->get_other_port(ike_cfg);
++ dst->to_subnet(dst, &other_host, &mask);
++ other_host->set_port(other_host, port);
+
+- charon->bus->set_sa(charon->bus, ike_sa);
+- }
+- }
+- else
+- {
+- ike_sa = charon->ike_sa_manager->checkout_by_config(
- charon->ike_sa_manager, peer);
++ port = ike_cfg->get_my_port(ike_cfg);
++ src->to_subnet(src, &my_host, &mask);
++ my_host->set_port(my_host, port);
+ }
++ ike_sa = charon->ike_sa_manager->checkout_by_config(
+ charon->ike_sa_manager, peer,
-+ NULL, NULL);
++ my_host, other_host);
++ DESTROY_IF(my_host);
++ DESTROY_IF(other_host);
++
if (ike_sa)
{
if (ike_sa->get_peer_cfg(ike_sa) == NULL)
@@ -553,5 +607,5 @@ index eb7b6ad..706fa57 100644
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
--
-2.4.6
+2.5.3