child-cfg: Use flags for boolean options

Makes it potentially easier to add new flags.

6 files changed, 67 insertions, 20 deletions

diff --git a/src/libcharon/plugins/sql/sql_config.c b/src/libcharon/plugins/sql/sql_config.c
index 88cac7f26..cf7c3b814 100644
--- a/src/libcharon/plugins/sql/sql_config.c
+++ b/src/libcharon/plugins/sql/sql_config.c
@@ -173,7 +173,8 @@ static child_cfg_t *build_child_cfg(private_sql_config_t *this, enumerator_t *e)
 		child_cfg_create_t child = {
 			.mode = mode,
 			.reqid = reqid,
-			.ipcomp = ipcomp,
+			.options = (ipcomp ? OPT_IPCOMP : 0) |
+					   (hostaccess ? OPT_HOSTACCESS : 0),
 			.lifetime = {
 				.time = {
 					.life = lifetime, .rekey = rekeytime, .jitter = jitter
@@ -183,7 +184,6 @@ static child_cfg_t *build_child_cfg(private_sql_config_t *this, enumerator_t *e)
 			.dpd_action = dpd,
 			.close_action = close,
 			.updown = updown,
-			.hostaccess = hostaccess,
 		};
 		child_cfg = child_cfg_create(name, &child);
 		add_esp_proposals(this, child_cfg, id);
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index bbdc2116d..a9d073684 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -1071,15 +1071,15 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
 		},
 		.reqid = msg->add_conn.reqid,
 		.mode = msg->add_conn.mode,
-		.proxy_mode = msg->add_conn.proxy_mode,
-		.ipcomp = msg->add_conn.ipcomp,
+		.options = (msg->add_conn.proxy_mode ? OPT_PROXY_MODE : 0) |
+				   (msg->add_conn.ipcomp ? OPT_IPCOMP : 0) |
+				   (msg->add_conn.me.hostaccess ? OPT_HOSTACCESS : 0) |
+				   (msg->add_conn.install_policy ? 0 : OPT_NO_POLICIES),
 		.tfc = msg->add_conn.tfc,
 		.inactivity = msg->add_conn.inactivity,
 		.dpd_action = map_action(msg->add_conn.dpd.action),
 		.close_action = map_action(msg->add_conn.close_action),
 		.updown = msg->add_conn.me.updown,
-		.hostaccess = msg->add_conn.me.hostaccess,
-		.suppress_policies = !msg->add_conn.install_policy,
 	};
 
 	child_cfg = child_cfg_create(msg->add_conn.name, &child);
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index 92e368669..a33316658 100644
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -218,7 +218,7 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
 			child_sa->get_name(child_sa), child_sa->get_unique_id(child_sa),
 			child_sa_state_names, child_sa->get_state(child_sa),
 			ipsec_mode_names, child_sa->get_mode(child_sa),
-			config->use_proxy_mode(config) ? "_PROXY" : "",
+			config->has_option(config, OPT_PROXY_MODE) ? "_PROXY" : "",
 			child_sa->get_reqid(child_sa));
 
 	if (child_sa->get_state(child_sa) == CHILD_INSTALLED)
diff --git a/src/libcharon/plugins/updown/updown_listener.c b/src/libcharon/plugins/updown/updown_listener.c
index 6a1581c85..bbefd6a02 100644
--- a/src/libcharon/plugins/updown/updown_listener.c
+++ b/src/libcharon/plugins/updown/updown_listener.c
@@ -366,7 +366,7 @@ static void invoke_once(private_updown_listener_t *this, ike_sa_t *ike_sa,
 		push_env(envp, countof(envp), "PLUTO_IPCOMP=1");
 	}
 	push_dns_env(this, ike_sa, envp, countof(envp));
-	if (config->get_hostaccess(config))
+	if (config->has_option(config, OPT_HOSTACCESS))
 	{
 		push_env(envp, countof(envp), "PLUTO_HOST_ACCESS=1");
 	}
diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index baa350784..02fb9e27d 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -478,7 +478,6 @@ typedef struct {
 	linked_list_t *remote_ts;
 	uint32_t replay_window;
 	bool policies;
-	bool policies_fwd_out;
 	child_cfg_create_t cfg;
 } child_data_t;
 
@@ -500,12 +499,12 @@ static void log_child_data(child_data_t *data, char *name)
 	DBG2(DBG_CFG, "   life_packets = %llu", cfg->lifetime.packets.life);
 	DBG2(DBG_CFG, "   rand_packets = %llu", cfg->lifetime.packets.jitter);
 	DBG2(DBG_CFG, "   updown = %s", cfg->updown);
-	DBG2(DBG_CFG, "   hostaccess = %u", cfg->hostaccess);
-	DBG2(DBG_CFG, "   ipcomp = %u", cfg->ipcomp);
+	DBG2(DBG_CFG, "   hostaccess = %u", cfg->options & OPT_HOSTACCESS);
+	DBG2(DBG_CFG, "   ipcomp = %u", cfg->options & OPT_IPCOMP);
 	DBG2(DBG_CFG, "   mode = %N%s", ipsec_mode_names, cfg->mode,
-		 cfg->proxy_mode ? "_PROXY" : "");
+		 cfg->options & OPT_PROXY_MODE ? "_PROXY" : "");
 	DBG2(DBG_CFG, "   policies = %u", data->policies);
-	DBG2(DBG_CFG, "   policies_fwd_out = %u", data->policies_fwd_out);
+	DBG2(DBG_CFG, "   policies_fwd_out = %u", cfg->options & OPT_FWD_OUT_POLICIES);
 	if (data->replay_window != REPLAY_UNDEFINED)
 	{
 		DBG2(DBG_CFG, "   replay_window = %u", data->replay_window);
@@ -827,13 +826,62 @@ CALLBACK(parse_mode, bool,
 	if (parse_map(map, countof(map), &d, v))
 	{
 		cfg->mode = d;
-		cfg->proxy_mode = (d == MODE_TRANSPORT) && (v.len > 9);
+		if ((d == MODE_TRANSPORT) && (v.len > 9))
+		{
+			cfg->options |= OPT_PROXY_MODE;
+		}
 		return TRUE;
 	}
 	return FALSE;
 }
 
 /**
+ * Enable a child_cfg_option_t
+ */
+static bool parse_option(child_cfg_option_t *out, child_cfg_option_t opt,
+						 chunk_t v)
+{
+	bool val;
+
+	if (parse_bool(&val, v))
+	{
+		if (val)
+		{
+			*out |= opt;
+		}
+		return TRUE;
+	}
+	return FALSE;
+}
+
+/**
+ * Parse OPT_HOSTACCESS option
+ */
+CALLBACK(parse_opt_haccess, bool,
+	child_cfg_option_t *out, chunk_t v)
+{
+	return parse_option(out, OPT_HOSTACCESS, v);
+}
+
+/**
+ * Parse OPT_FWD_OUT_POLICIES option
+ */
+CALLBACK(parse_opt_fwd_out, bool,
+	child_cfg_option_t *out, chunk_t v)
+{
+	return parse_option(out, OPT_FWD_OUT_POLICIES, v);
+}
+
+/**
+ * Parse OPT_FWD_OUT_POLICIES option
+ */
+CALLBACK(parse_opt_ipcomp, bool,
+	child_cfg_option_t *out, chunk_t v)
+{
+	return parse_option(out, OPT_IPCOMP, v);
+}
+
+/**
  * Parse an action_t
  */
 CALLBACK(parse_action, bool,
@@ -1466,10 +1514,10 @@ CALLBACK(child_kv, bool,
 {
 	parse_rule_t rules[] = {
 		{ "updown",				parse_string,		&child->cfg.updown					},
-		{ "hostaccess",			parse_bool,			&child->cfg.hostaccess				},
+		{ "hostaccess",			parse_opt_haccess,	&child->cfg.options					},
 		{ "mode",				parse_mode,			&child->cfg							},
 		{ "policies",			parse_bool,			&child->policies					},
-		{ "policies_fwd_out",	parse_bool,			&child->policies_fwd_out			},
+		{ "policies_fwd_out",	parse_opt_fwd_out,	&child->cfg.options					},
 		{ "replay_window",		parse_uint32,		&child->replay_window				},
 		{ "rekey_time",			parse_time,			&child->cfg.lifetime.time.rekey		},
 		{ "life_time",			parse_time,			&child->cfg.lifetime.time.life		},
@@ -1483,7 +1531,7 @@ CALLBACK(child_kv, bool,
 		{ "dpd_action",			parse_action,		&child->cfg.dpd_action				},
 		{ "start_action",		parse_action,		&child->cfg.start_action			},
 		{ "close_action",		parse_action,		&child->cfg.close_action			},
-		{ "ipcomp",				parse_bool,			&child->cfg.ipcomp					},
+		{ "ipcomp",				parse_opt_ipcomp,	&child->cfg.options					},
 		{ "inactivity",			parse_time,			&child->cfg.inactivity				},
 		{ "reqid",				parse_uint32,		&child->cfg.reqid					},
 		{ "mark_in",			parse_mark,			&child->cfg.mark_in					},
@@ -1756,8 +1804,7 @@ CALLBACK(children_sn, bool,
 			child.proposals->insert_last(child.proposals, proposal);
 		}
 	}
-	child.cfg.suppress_policies = !child.policies;
-	child.cfg.fwd_out_policies = child.policies_fwd_out;
+	child.cfg.options |= child.policies ? 0 : OPT_NO_POLICIES;
 
 	check_lifetimes(&child.cfg.lifetime);
 
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index c0f4e2de9..2cc59591f 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -107,7 +107,7 @@ static void list_mode(vici_builder_t *b, child_sa_t *child, child_cfg_t *cfg)
 			cfg = child->get_config(child);
 		}
 		mode = child ? child->get_mode(child) : cfg->get_mode(cfg);
-		if (mode == MODE_TRANSPORT && cfg->use_proxy_mode(cfg))
+		if (mode == MODE_TRANSPORT && cfg->has_option(cfg, OPT_PROXY_MODE))
 		{	/* only report this if the negotiated mode is actually TRANSPORT */
 			sub_mode = "_PROXY";
 		}