diff options
author | Martin Willi <martin@strongswan.org> | 2006-05-18 06:02:28 +0000 |
---|---|---|
committer | Martin Willi <martin@strongswan.org> | 2006-05-18 06:02:28 +0000 |
commit | b5e1560659f9e7e74299077c1456c29065dbb4c9 (patch) | |
tree | 40b8e86f26c2879166e6a05b86e682b0eafcd893 /src | |
parent | 1e93135408e9810cc10b2b10395b508d687bc819 (diff) | |
download | strongswan-b5e1560659f9e7e74299077c1456c29065dbb4c9.tar.bz2 strongswan-b5e1560659f9e7e74299077c1456c29065dbb4c9.tar.xz |
- applied andreas's patch
- logger output improvements
- testin gupdates
- and a lot more
Diffstat (limited to 'src')
-rw-r--r-- | src/charon/config/connections/local_connection_store.c | 97 | ||||
-rw-r--r-- | src/charon/network/socket.c | 8 | ||||
-rw-r--r-- | src/charon/sa/ike_sa_manager.c | 6 | ||||
-rw-r--r-- | src/charon/threads/receiver.c | 2 | ||||
-rw-r--r-- | src/charon/threads/scheduler.c | 2 | ||||
-rw-r--r-- | src/charon/threads/sender.c | 2 | ||||
-rwxr-xr-x | src/charon/threads/stroke_interface.c | 15 | ||||
-rw-r--r-- | src/charon/threads/thread_pool.c | 4 | ||||
-rw-r--r-- | src/libstrongswan/Makefile.am | 2 | ||||
-rw-r--r-- | src/libstrongswan/utils/host.c | 24 | ||||
-rw-r--r-- | src/libstrongswan/utils/host.h | 2 | ||||
-rw-r--r-- | src/libstrongswan/utils/logger.c | 10 | ||||
-rw-r--r-- | src/libstrongswan/utils/logger_manager.c | 16 | ||||
-rw-r--r-- | src/pluto/fetch.c | 6 | ||||
-rw-r--r-- | src/pluto/vendor.c | 5 | ||||
-rw-r--r-- | src/pluto/vendor.h | 3 | ||||
-rw-r--r-- | src/starter/starterstroke.c | 197 | ||||
-rw-r--r-- | src/stroke/Makefile.am | 1 | ||||
-rw-r--r-- | src/whack/Makefile.am | 2 |
19 files changed, 211 insertions, 193 deletions
diff --git a/src/charon/config/connections/local_connection_store.c b/src/charon/config/connections/local_connection_store.c index 0ae18e0a7..a7e4d18f1 100644 --- a/src/charon/config/connections/local_connection_store.c +++ b/src/charon/config/connections/local_connection_store.c @@ -57,69 +57,84 @@ struct private_local_connection_store_t { */ static connection_t *get_connection_by_hosts(private_local_connection_store_t *this, host_t *my_host, host_t *other_host) { + typedef enum { + PRIO_UNDEFINED= 0x00, + PRIO_ADDR_ANY= 0x01, + PRIO_ADDR_MATCH= 0x02 + } prio_t; + + prio_t best_prio = PRIO_UNDEFINED; + iterator_t *iterator; - connection_t *current, *found = NULL; + connection_t *candidate; + connection_t *found = NULL; - this->logger->log(this->logger, CONTROL|LEVEL1, "getting config for hosts %s - %s", + this->logger->log(this->logger, CONTROL|LEVEL1, "searching connection for host pair %s...%s", my_host->get_address(my_host), other_host->get_address(other_host)); - + iterator = this->connections->create_iterator(this->connections, TRUE); + + /* determine closest matching connection */ while (iterator->has_next(iterator)) { - host_t *config_my_host, *config_other_host; + host_t *candidate_my_host; + host_t *candidate_other_host; - iterator->current(iterator, (void**)¤t); + iterator->current(iterator, (void**)&candidate); - config_my_host = current->get_my_host(current); - config_other_host = current->get_other_host(current); + candidate_my_host = candidate->get_my_host(candidate); + candidate_other_host = candidate->get_other_host(candidate); - /* first check if ip is equal */ - if(config_other_host->ip_equals(config_other_host, other_host)) + /* my_host addresses must match*/ + if (my_host->ip_equals(my_host, candidate_my_host)) { - this->logger->log(this->logger, CONTROL|LEVEL2, "config entry with remote host %s", - config_other_host->get_address(config_other_host)); - /* could be right one, check my_host for default route*/ - if (config_my_host->is_default_route(config_my_host)) + prio_t prio = PRIO_UNDEFINED; + + /* exact match of peer host address or wildcard address? */ + if (other_host->ip_equals(other_host, candidate_other_host)) { - found = current->clone(current); - break; + prio |= PRIO_ADDR_MATCH; } - /* check now if host informations are the same */ - else if (config_my_host->ip_equals(config_my_host,my_host)) + else if (candidate_other_host->is_anyaddr(candidate_other_host)) { - found = current->clone(current); - break; + prio |= PRIO_ADDR_ANY; } - - } - /* Then check for wildcard hosts! - * TODO - * actually its only checked if other host with default route can be found! */ - else if (config_other_host->is_default_route(config_other_host)) - { - /* could be right one, check my_host for default route*/ - if (config_my_host->is_default_route(config_my_host)) - { - found = current->clone(current); - break; - } - /* check now if host informations are the same */ - else if (config_my_host->ip_equals(config_my_host,my_host)) + + this->logger->log(this->logger, CONTROL|LEVEL2, + "candidate connection \"%s\": %s...%s (prio=%d)", + candidate->get_name(candidate), + candidate_my_host->get_address(candidate_my_host), + candidate_other_host->get_address(candidate_other_host), + prio); + + if (prio > best_prio) { - found = current->clone(current); - break; - } + found = candidate; + best_prio = prio; + } } } iterator->destroy(iterator); - /* apply hosts as they are supplied since my_host may be %defaultroute, and other_host may be %any. */ if (found) { - found->update_my_host(found, my_host->clone(my_host)); - found->update_other_host(found, other_host->clone(other_host)); + host_t *found_my_host = found->get_my_host(found); + host_t *found_other_host = found->get_other_host(found); + + this->logger->log(this->logger, CONTROL|LEVEL1, + "found matching connection \"%s\": %s...%s (prio=%d)", + found->get_name(found), + found_my_host->get_address(found_my_host), + found_other_host->get_address(found_other_host), + best_prio); + + found = found->clone(found); + if (best_prio & PRIO_ADDR_ANY) + { + /* replace %any by the peer's address */ + found->update_other_host(found, other_host->clone(other_host)); + } } - return found; } diff --git a/src/charon/network/socket.c b/src/charon/network/socket.c index 4193e6fd8..89f67c964 100644 --- a/src/charon/network/socket.c +++ b/src/charon/network/socket.c @@ -390,11 +390,9 @@ static bool is_listening_on(private_socket_t *this, host_t *host) { iterator_t *iterator; - /* listening on 0.0.0.0 is always TRUE */ - if (host->is_default_route(host)) - { - return TRUE; - } + /* listening on wildcard 0.0.0.0 is always FALSE */ + if (host->is_anyaddr(host)) + return FALSE; /* compare host with all interfaces */ iterator = this->interfaces->create_iterator(this->interfaces, TRUE); diff --git a/src/charon/sa/ike_sa_manager.c b/src/charon/sa/ike_sa_manager.c index a65f41042..e6c8e4982 100644 --- a/src/charon/sa/ike_sa_manager.c +++ b/src/charon/sa/ike_sa_manager.c @@ -507,9 +507,9 @@ static status_t checkout_by_hosts(private_ike_sa_manager_t *this, host_t *me, ho sa_other = current->ike_sa->get_other_host(current->ike_sa); /* one end may be default/any, but not both */ - if (me->is_default_route(me)) + if (me->is_anyaddr(me)) { - if (other->is_default_route(other)) + if (other->is_anyaddr(other)) { break; } @@ -519,7 +519,7 @@ static status_t checkout_by_hosts(private_ike_sa_manager_t *this, host_t *me, ho ike_sa_id = current->ike_sa_id; } } - else if (other->is_default_route(other)) + else if (other->is_anyaddr(other)) { if (me->equals(me, sa_me)) { diff --git a/src/charon/threads/receiver.c b/src/charon/threads/receiver.c index 0cf8b7bde..598657724 100644 --- a/src/charon/threads/receiver.c +++ b/src/charon/threads/receiver.c @@ -74,7 +74,7 @@ static void receive_packets(private_receiver_t * this) /* cancellation disabled by default */ pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); - this->logger->log(this->logger, CONTROL, "Receiver thread running, thread_id %u", (int)pthread_self()); + this->logger->log(this->logger, CONTROL, "receiver thread running, thread_ID: %06d", (int)pthread_self()); while (1) { diff --git a/src/charon/threads/scheduler.c b/src/charon/threads/scheduler.c index 47c5d6fb9..9bbe5c9b9 100644 --- a/src/charon/threads/scheduler.c +++ b/src/charon/threads/scheduler.c @@ -72,7 +72,7 @@ static void get_events(private_scheduler_t * this) /* cancellation disabled by default */ pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); - this->logger->log(this->logger, CONTROL, "Scheduler thread running, thread_id %u", (int)pthread_self()); + this->logger->log(this->logger, CONTROL, "scheduler thread running, thread_ID: %06d", (int)pthread_self()); for (;;) { diff --git a/src/charon/threads/sender.c b/src/charon/threads/sender.c index 42d11beb9..4f5f7e117 100644 --- a/src/charon/threads/sender.c +++ b/src/charon/threads/sender.c @@ -73,7 +73,7 @@ static void send_packets(private_sender_t * this) /* cancellation disabled by default */ pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); - this->logger->log(this->logger, CONTROL, "Sender thread running, thread_id %u", (int)pthread_self()); + this->logger->log(this->logger, CONTROL, "sender thread running, thread_ID: %06d", (int)pthread_self()); while (1) { diff --git a/src/charon/threads/stroke_interface.c b/src/charon/threads/stroke_interface.c index a9c55673b..f8db7ad8e 100755 --- a/src/charon/threads/stroke_interface.c +++ b/src/charon/threads/stroke_interface.c @@ -240,9 +240,6 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) my_id = cert->get_subject(cert); my_id = my_id->clone(my_id); cert->destroy(cert); - this->logger->log(this->logger, CONTROL, - "valid certificate with ID \"%s\"", - my_id->get_string(my_id)); } } if (msg->add_conn.other.cert) @@ -256,9 +253,6 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) other_id = cert->get_subject(cert); other_id = other_id->clone(other_id); cert->destroy(cert); - this->logger->log(this->logger, CONTROL, - "valid certificate with ID \"%s\"", - other_id->get_string(other_id)); } } @@ -278,8 +272,15 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0); proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0); connection->add_proposal(connection, proposal); + /* add to global connection list */ charon->connections->add_connection(charon->connections, connection); + this->logger->log(this->logger, CONTROL, "added connection \"%s\": %s[%s]...%s[%s]", + msg->add_conn.name, + my_host->get_address(my_host), + my_id->get_string(my_id), + other_host->get_address(other_host), + other_id->get_string(other_id)); policy = policy_create(my_id, other_id); proposal = proposal_create(1); @@ -289,10 +290,10 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) policy->add_proposal(policy, proposal); policy->add_my_traffic_selector(policy, my_ts); policy->add_other_traffic_selector(policy, other_ts); + /* add to global policy list */ charon->policies->add_policy(charon->policies, policy); - this->stroke_logger->log(this->stroke_logger, CONTROL|LEVEL1, "connection \"%s\" added", msg->add_conn.name); } /** diff --git a/src/charon/threads/thread_pool.c b/src/charon/threads/thread_pool.c index 4482e795f..0a39c2e9e 100644 --- a/src/charon/threads/thread_pool.c +++ b/src/charon/threads/thread_pool.c @@ -144,7 +144,7 @@ static void process_jobs(private_thread_pool_t *this) /* cancellation disabled by default */ pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); - this->worker_logger->log(this->worker_logger, CONTROL, "Worker thread running, thread_id: %u", (int)pthread_self()); + this->worker_logger->log(this->worker_logger, CONTROL, "worker thread running, thread_ID: %06d", (int)pthread_self()); for (;;) { @@ -600,7 +600,7 @@ thread_pool_t *thread_pool_create(size_t pool_size) { if (pthread_create(&(this->threads[current]), NULL, (void*(*)(void*))this->process_jobs, this) == 0) { - this->pool_logger->log(this->pool_logger, CONTROL, "Created worker thread #%d", current+1); + this->pool_logger->log(this->pool_logger, CONTROL, "created worker thread #%d", current+1); } else { diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index e9827a860..85e6e97b6 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -65,7 +65,7 @@ library.c \ types.c \ library.h -LDADD = -lgmp -lpthread +libstrongswan_la_LIBADD = -lgmp -lpthread INCLUDES = -I$(top_srcdir)/src/libstrongswan EXTRA_DIST = asn1/oid.txt asn1/oid.pl diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c index b85dc07a5..53b69328a 100644 --- a/src/libstrongswan/utils/host.c +++ b/src/libstrongswan/utils/host.c @@ -77,21 +77,17 @@ static socklen_t *get_sockaddr_len(private_host_t *this) } /** - * Implementation of host_t.is_default_route. + * Implementation of host_t.is_anyaddr. */ -static bool is_default_route (private_host_t *this) +static bool is_anyaddr(private_host_t *this) { switch (this->family) { case AF_INET: { - static u_int8_t default_route[4] = {0x00,0x00,0x00,0x00}; + static u_int8_t default_route[4] = {0x00, 0x00, 0x00, 0x00}; - if (memcmp(default_route,&(this->address4.sin_addr.s_addr),4) == 0) - { - return TRUE; - } - return FALSE; + return !memcmp(default_route, &(this->address4.sin_addr.s_addr), 4); } default: { @@ -114,10 +110,12 @@ static char *get_address(private_host_t *this) /* we need to clone it, since inet_ntoa overwrites * internal buffer on subsequent calls */ - free(this->string); - string = inet_ntoa(this->address4.sin_addr); - this->string = malloc(strlen(string)+1); - strcpy(this->string, string); + if (this->string == NULL) + { + string = is_anyaddr(this)? "%any" : inet_ntoa(this->address4.sin_addr); + this->string = malloc(strlen(string)+1); + strcpy(this->string, string); + } return this->string; } default: @@ -275,7 +273,7 @@ static private_host_t *host_create_empty(void) this->public.get_port = (u_int16_t (*) (host_t *))get_port; this->public.ip_equals = (bool (*) (host_t *,host_t *)) ip_equals; this->public.equals = (bool (*) (host_t *,host_t *)) equals; - this->public.is_default_route = (bool (*) (host_t *)) is_default_route; + this->public.is_anyaddr = (bool (*) (host_t *)) is_anyaddr; this->public.destroy = (void (*) (host_t*))destroy; this->string = NULL; diff --git a/src/libstrongswan/utils/host.h b/src/libstrongswan/utils/host.h index d81efffa6..0ca7d5738 100644 --- a/src/libstrongswan/utils/host.h +++ b/src/libstrongswan/utils/host.h @@ -126,7 +126,7 @@ struct host_t { * - TRUE if host has IP 0.0.0.0 for default route * - FALSE otherwise */ - bool (*is_default_route) (host_t *this); + bool (*is_anyaddr) (host_t *this); /** * @brief get the address of this host as chunk_t diff --git a/src/libstrongswan/utils/logger.c b/src/libstrongswan/utils/logger.c index 151fbfd50..728892b17 100644 --- a/src/libstrongswan/utils/logger.c +++ b/src/libstrongswan/utils/logger.c @@ -122,9 +122,9 @@ static void prepend_prefix(private_logger_t *this, log_level_t loglevel, const c if (this->log_thread_id) { - snprintf(thread_id, sizeof(thread_id), " @%d", (int)pthread_self()); + snprintf(thread_id, sizeof(thread_id), "%06d", (int)pthread_self()); } - snprintf(buffer, MAX_LOG, "[%c%c:%s]%s %s", log_type, log_details, this->name, thread_id, string); + snprintf(buffer, MAX_LOG, "%s[%c%c:%s] %s", thread_id, log_type, log_details, this->name, string); } /** @@ -200,7 +200,7 @@ static void log_bytes(private_logger_t *this, log_level_t loglevel, const char * if (this->log_thread_id) { - snprintf(thread_id, sizeof(thread_id), " @%d", (int)pthread_self()); + snprintf(thread_id, sizeof(thread_id), "%06d", (int)pthread_self()); } /* since me can't do multi-line output to syslog, @@ -244,11 +244,11 @@ static void log_bytes(private_logger_t *this, log_level_t loglevel, const char * if (this->output == NULL) { - syslog(get_priority(loglevel), "[ :%5d]%s %s %s", line_start, thread_id, buffer, ascii_buffer); + syslog(get_priority(loglevel), "%s[ :%5d] %s %s", thread_id, line_start, buffer, ascii_buffer); } else { - fprintf(this->output, "[ :%5d]%s %s %s\n", line_start, thread_id, buffer, ascii_buffer); + fprintf(this->output, "%s[ :%5d] %s %s\n", thread_id, line_start, buffer, ascii_buffer); } buffer_pos = buffer; line_start += MAX_BYTES; diff --git a/src/libstrongswan/utils/logger_manager.c b/src/libstrongswan/utils/logger_manager.c index 62956c7cd..bc093e7a7 100644 --- a/src/libstrongswan/utils/logger_manager.c +++ b/src/libstrongswan/utils/logger_manager.c @@ -66,14 +66,14 @@ struct { { "SAMGR", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* IKE_SA_MANAGER */ { "CHDSA", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* CHILD_SA */ { "MESSG", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* MESSAGE */ - { "TPOOL", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* THREAD_POOL */ + { "TPOOL", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* THREAD_POOL */ { "WORKR", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* WORKER */ - { "SCHED", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* SCHEDULER */ - { "SENDR", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* SENDER */ - { "RECVR", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* RECEIVER */ - { "SOCKT", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* SOCKET */ - { "TESTR", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* TESTER */ - { "DAEMN", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* DAEMON */ + { "SCHED", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* SCHEDULER */ + { "SENDR", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* SENDER */ + { "RECVR", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* RECEIVER */ + { "SOCKT", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* SOCKET */ + { "TESTR", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* TESTER */ + { "DAEMN", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* DAEMON */ { "CONFG", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* CONFIG */ { "ENCPL", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* ENCRYPTION_PAYLOAD */ { "PAYLD", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* PAYLOAD */ @@ -81,7 +81,7 @@ struct { { "DEREC", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* DER_ENCODER */ { "ASN_1", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* ASN1 */ { "XFRM ", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* XFRM */ - { "LEAKD", ERROR|CONTROL|AUDIT|LEVEL0, FALSE}, /* LEAK_DETECT */ + { "LEAKD", ERROR|CONTROL|AUDIT|LEVEL0, TRUE }, /* LEAK_DETECT */ }; diff --git a/src/pluto/fetch.c b/src/pluto/fetch.c index 075b88fd2..4bfb6031b 100644 --- a/src/pluto/fetch.c +++ b/src/pluto/fetch.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: fetch.c,v 1.11 2005/11/25 10:08:00 as Exp $ + * RCSID $Id: fetch.c,v 1.12 2006/05/16 14:19:27 as Exp $ */ #include <stdlib.h> @@ -339,7 +339,7 @@ fetch_curl(char *url, chunk_t *blob) } curl_easy_cleanup(curl); /* not using freeanychunk because of realloc (no leak detective) */ - free(response.ptr); + curl_free(response.ptr); } return strlen(errorbuffer) > 0 ? "libcurl error" : NULL; #else /* !LIBCURL */ @@ -728,7 +728,7 @@ fetch_ocsp_status(ocsp_location_t* location) curl_easy_cleanup(curl); pfree(uri); /* not using freeanychunk because of realloc (no leak detective) */ - free(response.ptr); + curl_free(response.ptr); } freeanychunk(location->nonce); freeanychunk(request); diff --git a/src/pluto/vendor.c b/src/pluto/vendor.c index 1616fed28..fe19cc467 100644 --- a/src/pluto/vendor.c +++ b/src/pluto/vendor.c @@ -198,7 +198,10 @@ static struct vid_struct _vid_tab[] = { /* * strongSwan */ - DEC_MD5_VID(STRONGSWAN, "strongSwan 4.0.0") + DEC_MD5_VID(STRONGSWAN, "strongSwan 4.0.1") + DEC_MD5_VID(STRONGSWAN_4_0_0, "strongSwan 4.0.0") + + DEC_MD5_VID(STRONGSWAN_2_7_1, "strongSwan 2.7.1") DEC_MD5_VID(STRONGSWAN_2_7_0, "strongSwan 2.7.0") DEC_MD5_VID(STRONGSWAN_2_6_4, "strongSwan 2.6.4") DEC_MD5_VID(STRONGSWAN_2_6_3, "strongSwan 2.6.3") diff --git a/src/pluto/vendor.h b/src/pluto/vendor.h index 7c2030d76..c512560df 100644 --- a/src/pluto/vendor.h +++ b/src/pluto/vendor.h @@ -77,6 +77,9 @@ enum known_vendorid { VID_STRONGSWAN_2_6_3 = 56, VID_STRONGSWAN_2_6_4 = 57, VID_STRONGSWAN_2_7_0 = 58, + VID_STRONGSWAN_2_7_1 = 59, + + VID_STRONGSWAN_4_0_0 = 70, /* 101 - 200 : NAT-Traversal */ VID_NATT_STENBERG_01 =101, diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 9ef4b7577..67a0995a3 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -38,135 +38,136 @@ static char* push_string(stroke_msg_t **strm, char *string) { - stroke_msg_t *stroke_msg; - size_t string_length; - - if (string == NULL) - { - return NULL; - } - stroke_msg = *strm; - string_length = strlen(string) + 1; - stroke_msg->length += string_length; - - stroke_msg = realloc(stroke_msg, stroke_msg->length); - strcpy((char*)stroke_msg + stroke_msg->length - string_length, string); - - *strm = stroke_msg; - return (char*)(u_int)stroke_msg->length - string_length; + stroke_msg_t *stroke_msg; + size_t string_length; + + if (string == NULL) + { + return NULL; + } + stroke_msg = *strm; + string_length = strlen(string) + 1; + stroke_msg->length += string_length; + + stroke_msg = realloc(stroke_msg, stroke_msg->length); + strcpy((char*)stroke_msg + stroke_msg->length - string_length, string); + + *strm = stroke_msg; + return (char*)(u_int)stroke_msg->length - string_length; } static int send_stroke_msg (stroke_msg_t *msg) { - struct sockaddr_un ctl_addr = { AF_UNIX, CHARON_CTL_FILE }; - int sock; - int byte_count; - char buffer[64]; - - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - { - plog("socket() failed: %s", strerror(errno)); - return -1; - } - if (connect(sock, (struct sockaddr *)&ctl_addr, - offsetof(struct sockaddr_un, sun_path) + strlen(ctl_addr.sun_path)) < 0) - { - plog("connect(charon_ctl) failed: %s", strerror(errno)); - close(sock); - return -1; - } - - /* send message */ + struct sockaddr_un ctl_addr = { AF_UNIX, CHARON_CTL_FILE }; + int sock; + int byte_count; + char buffer[64]; + + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) + { + plog("socket() failed: %s", strerror(errno)); + return -1; + } + if (connect(sock, (struct sockaddr *)&ctl_addr, + offsetof(struct sockaddr_un, sun_path) + strlen(ctl_addr.sun_path)) < 0) + { + plog("connect(charon_ctl) failed: %s", strerror(errno)); + close(sock); + return -1; + } + + /* send message */ if (write(sock, msg, msg->length) != msg->length) - { - plog("write(charon_ctl) failed: %s", strerror(errno)); + { + plog("write(charon_ctl) failed: %s", strerror(errno)); + close(sock); + return -1; + } + while ((byte_count = read(sock, buffer, sizeof(buffer)-1)) > 0) + { + buffer[byte_count] = '\0'; + plog("%s", buffer); + } + if (byte_count < 0) + { + plog("read() failed: %s", strerror(errno)); + } + close(sock); - return -1; - } - while ((byte_count = read(sock, buffer, sizeof(buffer)-1)) > 0) - { - buffer[byte_count] = '\0'; - plog("%s", buffer); - } - if (byte_count < 0) - { - plog("read() failed: %s", strerror(errno)); - } - - close(sock); - return 0; + return 0; } static char * connection_name(starter_conn_t *conn) { - /* if connection name is '%auto', create a new name like conn_xxxxx */ - static char buf[32]; - - if (streq(conn->name, "%auto")) - { - sprintf(buf, "conn_%ld", conn->id); - return buf; - } - return conn->name; + /* if connection name is '%auto', create a new name like conn_xxxxx */ + static char buf[32]; + + if (streq(conn->name, "%auto")) + { + sprintf(buf, "conn_%ld", conn->id); + return buf; + } + return conn->name; } int starter_stroke_add_conn(starter_conn_t *conn) { - stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); - int res; + stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); + int res; - msg->length = sizeof(stroke_msg_t); - msg->type = STR_ADD_CONN; + msg->length = sizeof(stroke_msg_t); + msg->type = STR_ADD_CONN; - msg->add_conn.name = push_string(&msg, connection_name(conn)); + msg->add_conn.name = push_string(&msg, connection_name(conn)); - msg->add_conn.me.id = push_string(&msg, conn->left.id); - msg->add_conn.me.cert = push_string(&msg, conn->left.cert); - msg->add_conn.me.address = push_string(&msg, inet_ntoa(conn->left.addr.u.v4.sin_addr)); - msg->add_conn.me.subnet = push_string(&msg, inet_ntoa(conn->left.subnet.addr.u.v4.sin_addr)); - msg->add_conn.me.subnet_mask = conn->left.subnet.maskbits; + msg->add_conn.me.id = push_string(&msg, conn->left.id); + msg->add_conn.me.cert = push_string(&msg, conn->left.cert); + msg->add_conn.me.address = push_string(&msg, inet_ntoa(conn->left.addr.u.v4.sin_addr)); + msg->add_conn.me.subnet = push_string(&msg, inet_ntoa(conn->left.subnet.addr.u.v4.sin_addr)); + msg->add_conn.me.subnet_mask = conn->left.subnet.maskbits; - msg->add_conn.other.id = push_string(&msg, conn->right.id); - msg->add_conn.other.cert = push_string(&msg, conn->right.cert); - msg->add_conn.other.address = push_string(&msg, inet_ntoa(conn->right.addr.u.v4.sin_addr)); - msg->add_conn.other.subnet = push_string(&msg, inet_ntoa(conn->right.subnet.addr.u.v4.sin_addr)); - msg->add_conn.other.subnet_mask = conn->right.subnet.maskbits; + msg->add_conn.other.id = push_string(&msg, conn->right.id); + msg->add_conn.other.cert = push_string(&msg, conn->right.cert); + msg->add_conn.other.address = push_string(&msg, inet_ntoa(conn->right.addr.u.v4.sin_addr)); + msg->add_conn.other.subnet = push_string(&msg, inet_ntoa(conn->right.subnet.addr.u.v4.sin_addr)); + msg->add_conn.other.subnet_mask = conn->right.subnet.maskbits; - res = send_stroke_msg(msg); - free(msg); - return res; + res = send_stroke_msg(msg); + free(msg); + return res; } int starter_stroke_del_conn(starter_conn_t *conn) { - return 0; + return 0; } + int starter_stroke_route_conn(starter_conn_t *conn) { - stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); - int res; - - msg->length = sizeof(stroke_msg_t); - msg->type = STR_INSTALL; - msg->install.name = push_string(&msg, connection_name(conn)); - res = send_stroke_msg(msg); - free(msg); - return res; + stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); + int res; + + msg->length = sizeof(stroke_msg_t); + msg->type = STR_INSTALL; + msg->install.name = push_string(&msg, connection_name(conn)); + res = send_stroke_msg(msg); + free(msg); + return res; } int starter_stroke_initiate_conn(starter_conn_t *conn) { - stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); - int res; - - msg->length = sizeof(stroke_msg_t); - msg->type = STR_INITIATE; - msg->initiate.name = push_string(&msg, connection_name(conn)); - res = send_stroke_msg(msg); - free(msg); - return res; + stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); + int res; + + msg->length = sizeof(stroke_msg_t); + msg->type = STR_INITIATE; + msg->initiate.name = push_string(&msg, connection_name(conn)); + res = send_stroke_msg(msg); + free(msg); + return res; } diff --git a/src/stroke/Makefile.am b/src/stroke/Makefile.am index 611f2a808..2f183495d 100644 --- a/src/stroke/Makefile.am +++ b/src/stroke/Makefile.am @@ -1,4 +1,3 @@ ipsec_PROGRAMS = stroke stroke_SOURCES = stroke.c stroke.h -stroke_INCLUDES = -I$(top_srcdir)/src/libstrongswan diff --git a/src/whack/Makefile.am b/src/whack/Makefile.am index 7eabef588..5583defc8 100644 --- a/src/whack/Makefile.am +++ b/src/whack/Makefile.am @@ -2,4 +2,4 @@ ipsec_PROGRAMS = whack whack_SOURCES = whack.c whack.h INCLUDES = -I$(top_srcdir)/src/libfreeswan -I$(top_srcdir)/src/pluto -LDADD = $(top_builddir)/src/libfreeswan/libfreeswan.a +whack_LDADD = $(top_builddir)/src/libfreeswan/libfreeswan.a |