aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/config
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/config')
-rw-r--r--src/charon/config/backend_manager.c22
-rw-r--r--src/charon/config/ike_cfg.c35
-rw-r--r--src/charon/config/ike_cfg.h14
3 files changed, 42 insertions, 29 deletions
diff --git a/src/charon/config/backend_manager.c b/src/charon/config/backend_manager.c
index 7b2ddca90..41c26e1af 100644
--- a/src/charon/config/backend_manager.c
+++ b/src/charon/config/backend_manager.c
@@ -138,9 +138,13 @@ static ike_cfg_t *get_ike_cfg(private_backend_manager_t *this,
while (enumerator->enumerate(enumerator, (void**)&current))
{
prio = MATCH_NONE;
- my_candidate = current->get_my_host(current);
- other_candidate = current->get_other_host(current);
+ my_candidate = host_create_from_dns(current->get_my_addr(current),
+ me->get_family(me), 0);
+ if (!my_candidate)
+ {
+ continue;
+ }
if (my_candidate->ip_equals(my_candidate, me))
{
prio += MATCH_ME;
@@ -149,6 +153,14 @@ static ike_cfg_t *get_ike_cfg(private_backend_manager_t *this,
{
prio += MATCH_ANY;
}
+ my_candidate->destroy(my_candidate);
+
+ other_candidate = host_create_from_dns(current->get_other_addr(current),
+ other->get_family(other), 0);
+ if (!other_candidate)
+ {
+ continue;
+ }
if (other_candidate->ip_equals(other_candidate, other))
{
prio += MATCH_OTHER;
@@ -157,9 +169,11 @@ static ike_cfg_t *get_ike_cfg(private_backend_manager_t *this,
{
prio += MATCH_ANY;
}
+ other_candidate->destroy(other_candidate);
- DBG2(DBG_CFG, " candidate: %H...%H, prio %d",
- my_candidate, other_candidate, prio);
+ DBG2(DBG_CFG, " candidate: %s...%s, prio %d",
+ current->get_my_addr(current), current->get_other_addr(current),
+ prio);
/* we require at least two MATCH_ANY */
if (prio > best)
diff --git a/src/charon/config/ike_cfg.c b/src/charon/config/ike_cfg.c
index b92cb98c6..36f84147d 100644
--- a/src/charon/config/ike_cfg.c
+++ b/src/charon/config/ike_cfg.c
@@ -41,12 +41,12 @@ struct private_ike_cfg_t {
/**
* Address of local host
*/
- host_t *my_host;
+ char *me;
/**
* Address of remote host
*/
- host_t *other_host;
+ char *other;
/**
* should we send a certificate request?
@@ -81,19 +81,19 @@ static bool force_encap_meth(private_ike_cfg_t *this)
}
/**
- * Implementation of ike_cfg_t.get_my_host.
+ * Implementation of ike_cfg_t.get_my_addr.
*/
-static host_t *get_my_host (private_ike_cfg_t *this)
+static char *get_my_addr(private_ike_cfg_t *this)
{
- return this->my_host;
+ return this->me;
}
/**
- * Implementation of ike_cfg_t.get_other_host.
+ * Implementation of ike_cfg_t.get_other_addr.
*/
-static host_t *get_other_host (private_ike_cfg_t *this)
+static char *get_other_addr(private_ike_cfg_t *this)
{
- return this->other_host;
+ return this->other;
}
/**
@@ -219,8 +219,8 @@ static bool equals(private_ike_cfg_t *this, private_ike_cfg_t *other)
return (eq &&
this->certreq == other->certreq &&
this->force_encap == other->force_encap &&
- this->my_host->equals(this->my_host, other->my_host) &&
- this->other_host->equals(this->other_host, other->other_host));
+ streq(this->me, other->me) &&
+ streq(this->other, other->other));
}
/**
@@ -241,8 +241,8 @@ static void destroy(private_ike_cfg_t *this)
{
this->proposals->destroy_offset(this->proposals,
offsetof(proposal_t, destroy));
- this->my_host->destroy(this->my_host);
- this->other_host->destroy(this->other_host);
+ free(this->me);
+ free(this->other);
free(this);
}
}
@@ -251,15 +251,15 @@ static void destroy(private_ike_cfg_t *this)
* Described in header.
*/
ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
- host_t *my_host, host_t *other_host)
+ char *me, char *other)
{
private_ike_cfg_t *this = malloc_thing(private_ike_cfg_t);
/* public functions */
this->public.send_certreq = (bool(*)(ike_cfg_t*))send_certreq;
this->public.force_encap = (bool (*) (ike_cfg_t *))force_encap_meth;
- this->public.get_my_host = (host_t*(*)(ike_cfg_t*))get_my_host;
- this->public.get_other_host = (host_t*(*)(ike_cfg_t*))get_other_host;
+ this->public.get_my_addr = (char*(*)(ike_cfg_t*))get_my_addr;
+ this->public.get_other_addr = (char*(*)(ike_cfg_t*))get_other_addr;
this->public.add_proposal = (void(*)(ike_cfg_t*, proposal_t*)) add_proposal;
this->public.get_proposals = (linked_list_t*(*)(ike_cfg_t*))get_proposals;
this->public.select_proposal = (proposal_t*(*)(ike_cfg_t*,linked_list_t*))select_proposal;
@@ -272,9 +272,8 @@ ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
this->refcount = 1;
this->certreq = certreq;
this->force_encap = force_encap;
- this->my_host = my_host;
- this->other_host = other_host;
-
+ this->me = strdup(me);
+ this->other = strdup(other);
this->proposals = linked_list_create();
return &this->public;
diff --git a/src/charon/config/ike_cfg.h b/src/charon/config/ike_cfg.h
index d1cae000b..e84246bac 100644
--- a/src/charon/config/ike_cfg.h
+++ b/src/charon/config/ike_cfg.h
@@ -43,16 +43,16 @@ struct ike_cfg_t {
/**
* Get own address.
*
- * @return host information as host_t object
+ * @return string of address/DNS name
*/
- host_t* (*get_my_host) (ike_cfg_t *this);
+ char* (*get_my_addr) (ike_cfg_t *this);
/**
* Get peers address.
*
- * @return host information as host_t object
+ * @return string of address/DNS name
*/
- host_t* (*get_other_host) (ike_cfg_t *this);
+ char* (*get_other_addr) (ike_cfg_t *this);
/**
* Adds a proposal to the list.
@@ -136,11 +136,11 @@ struct ike_cfg_t {
* @param name ike_cfg identifier
* @param certreq TRUE to send a certificate request
* @param force_encap enforce UDP encapsulation by faking NATD notify
- * @param my_host host_t representing local address
- * @param other_host host_t representing remote address
+ * @param me address/DNS name of local peer
+ * @param other address/DNS name of remote peer
* @return ike_cfg_t object.
*/
ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
- host_t *my_host, host_t *other_host);
+ char *me, char *other);
#endif /* IKE_CFG_H_ @} */