diff options
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_config.c | 2 | ||||
| -rw-r--r-- | src/starter/args.c | 17 | ||||
| -rw-r--r-- | src/starter/confread.h | 2 | ||||
| -rw-r--r-- | src/starter/keywords.h | 2 | ||||
| -rw-r--r-- | src/starter/keywords.txt | 1 | ||||
| -rw-r--r-- | src/starter/starterstroke.c | 2 | ||||
| -rw-r--r-- | src/stroke/stroke_msg.h | 1 |
7 files changed, 23 insertions, 4 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index 0f40356d2..7bca94d43 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -235,7 +235,7 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg msg->add_conn.other.allow_any, msg->add_conn.other.ikeport, msg->add_conn.fragmentation, - 0); + msg->add_conn.ikedscp); add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL); return ike_cfg; } diff --git a/src/starter/args.c b/src/starter/args.c index 390062a99..5fbf51856 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -33,6 +33,7 @@ typedef enum { ARG_TIME, ARG_ULNG, ARG_ULLI, + ARG_UBIN, ARG_PCNT, ARG_STR, ARG_LST, @@ -146,6 +147,7 @@ static const token_info_t token_info[] = { ARG_MISC, 0, NULL /* KW_MOBIKE */ }, { ARG_MISC, 0, NULL /* KW_FORCEENCAPS */ }, { ARG_ENUM, offsetof(starter_conn_t, fragmentation), LST_fragmentation }, + { ARG_UBIN, offsetof(starter_conn_t, ikedscp), NULL }, { ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL }, { ARG_TIME, offsetof(starter_conn_t, sa_ipsec_life_seconds), NULL }, { ARG_TIME, offsetof(starter_conn_t, sa_rekey_margin), NULL }, @@ -399,6 +401,21 @@ bool assign_arg(kw_token_t token, kw_token_t first, kw_list_t *kw, char *base, } } break; + case ARG_UBIN: + { + char *endptr; + u_int *u = (u_int *)p; + + *u = strtoul(kw->value, &endptr, 2); + + if (*endptr != '\0') + { + DBG1(DBG_APP, "# bad binary value: %s=%s", kw->entry->name, + kw->value); + return FALSE; + } + } + break; case ARG_TIME: { char *endptr; diff --git a/src/starter/confread.h b/src/starter/confread.h index a0f6234f9..8dd56080d 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -148,6 +148,7 @@ struct starter_conn { ipsec_mode_t mode; bool proxy_mode; fragmentation_t fragmentation; + u_int ikedscp; sa_option_t options; time_t sa_ike_life_seconds; time_t sa_ipsec_life_seconds; @@ -246,4 +247,3 @@ extern starter_config_t *confread_load(const char *file); extern void confread_free(starter_config_t *cfg); #endif /* _IPSEC_CONFREAD_H_ */ - diff --git a/src/starter/keywords.h b/src/starter/keywords.h index f776f33c9..4a96a418c 100644 --- a/src/starter/keywords.h +++ b/src/starter/keywords.h @@ -43,6 +43,7 @@ typedef enum { KW_MOBIKE, KW_FORCEENCAPS, KW_FRAGMENTATION, + KW_IKEDSCP, KW_IKELIFETIME, KW_KEYLIFE, KW_REKEYMARGIN, @@ -186,4 +187,3 @@ typedef enum { } kw_token_t; #endif /* _KEYWORDS_H_ */ - diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt index 1f1641287..cd964b0e3 100644 --- a/src/starter/keywords.txt +++ b/src/starter/keywords.txt @@ -41,6 +41,7 @@ aaa_identity, KW_AAA_IDENTITY mobike, KW_MOBIKE forceencaps, KW_FORCEENCAPS fragmentation, KW_FRAGMENTATION +ikedscp, KW_IKEDSCP, ikelifetime, KW_IKELIFETIME lifetime, KW_KEYLIFE keylife, KW_KEYLIFE diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 4f9e8fb14..9d096453a 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -181,6 +181,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) msg.add_conn.mobike = conn->options & SA_OPTION_MOBIKE; msg.add_conn.force_encap = conn->options & SA_OPTION_FORCE_ENCAP; msg.add_conn.fragmentation = conn->fragmentation; + msg.add_conn.ikedscp = conn->ikedscp; msg.add_conn.ipcomp = conn->options & SA_OPTION_COMPRESS; msg.add_conn.install_policy = conn->install_policy; msg.add_conn.aggressive = conn->aggressive; @@ -330,4 +331,3 @@ int starter_stroke_configure(starter_config_t *cfg) } return 0; } - diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h index e972a5984..b2df887ae 100644 --- a/src/stroke/stroke_msg.h +++ b/src/stroke/stroke_msg.h @@ -262,6 +262,7 @@ struct stroke_msg_t { int close_action; u_int32_t reqid; u_int32_t tfc; + u_int8_t ikedscp; crl_policy_t crl_policy; int unique; |