diff options
Diffstat (limited to 'src/charon/plugins/uci')
| -rw-r--r-- | src/charon/plugins/uci/uci_config.c | 41 | ||||
| -rw-r--r-- | src/charon/plugins/uci/uci_control.c | 45 | ||||
| -rw-r--r-- | src/charon/plugins/uci/uci_creds.c | 8 |
3 files changed, 39 insertions, 55 deletions
diff --git a/src/charon/plugins/uci/uci_config.c b/src/charon/plugins/uci/uci_config.c index c9d54a532..d185476fd 100644 --- a/src/charon/plugins/uci/uci_config.c +++ b/src/charon/plugins/uci/uci_config.c @@ -83,24 +83,6 @@ static proposal_t *create_proposal(char *string, protocol_id_t proto) } /** - * create an identity, with fallback to %any - */ -static identification_t *create_id(char *string) -{ - identification_t *id = NULL; - - if (string) - { - id = identification_create_from_string(string); - } - if (!id) - { - id = identification_create_from_encoding(ID_ANY, chunk_empty); - } - return id; -} - -/** * create an traffic selector, fallback to dynamic */ static traffic_selector_t *create_ts(char *string) @@ -163,8 +145,7 @@ static bool peer_enumerator_enumerate(peer_enumerator_t *this, peer_cfg_t **cfg) char *remote_id, *remote_addr, *remote_net; child_cfg_t *child_cfg; ike_cfg_t *ike_cfg; - auth_info_t *auth; - auth_class_t class; + auth_cfg_t *auth; /* defaults */ name = "unnamed"; @@ -187,16 +168,26 @@ static bool peer_enumerator_enumerate(peer_enumerator_t *this, peer_cfg_t **cfg) ike_cfg = ike_cfg_create(FALSE, FALSE, local_addr, remote_addr); ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE)); this->peer_cfg = peer_cfg_create( - name, 2, ike_cfg, create_id(local_id), create_id(remote_id), - CERT_SEND_IF_ASKED, UNIQUE_NO, + name, 2, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO, 1, create_rekey(ike_rekey), 0, /* keytries, rekey, reauth */ 1800, 900, /* jitter, overtime */ TRUE, 60, /* mobike, dpddelay */ NULL, NULL, /* vip, pool */ FALSE, NULL, NULL); /* mediation, med by, peer id */ - auth = this->peer_cfg->get_auth(this->peer_cfg); - class = AUTH_CLASS_PSK; - auth->add_item(auth, AUTHN_AUTH_CLASS, &class); + auth = auth_cfg_create(); + auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK); + auth->add(auth, AUTH_RULE_IDENTITY, + identification_create_from_string(local_id)); + this->peer_cfg->add_auth_cfg(this->peer_cfg, auth, TRUE); + + auth = auth_cfg_create(); + auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK); + if (remote_id) + { + auth->add(auth, AUTH_RULE_IDENTITY, + identification_create_from_string(remote_id)); + } + this->peer_cfg->add_auth_cfg(this->peer_cfg, auth, FALSE); child_cfg = child_cfg_create(name, create_rekey(esp_rekey) + 300, create_rekey(ike_rekey), 300, NULL, TRUE, MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE); diff --git a/src/charon/plugins/uci/uci_control.c b/src/charon/plugins/uci/uci_control.c index 2ffdd2b7b..7a428afb0 100644 --- a/src/charon/plugins/uci/uci_control.c +++ b/src/charon/plugins/uci/uci_control.c @@ -39,15 +39,15 @@ typedef struct private_uci_control_t private_uci_control_t; * private data of uci_control_t */ struct private_uci_control_t { - + /** - * Public part - */ + * Public part + */ uci_control_t public; - + /** - * Job - */ + * Job + */ callback_job_t *job; }; @@ -86,13 +86,14 @@ static void status(private_uci_control_t *this, char *name) char buf[2048]; FILE *out = NULL; - configs = charon->backends->create_peer_cfg_enumerator(charon->backends); - while (configs->enumerate(configs, &peer_cfg)) - { - if (name && !streq(name, peer_cfg->get_name(peer_cfg))) - { - continue; - } + configs = charon->backends->create_peer_cfg_enumerator(charon->backends, + NULL, NULL, NULL, NULL); + while (configs->enumerate(configs, &peer_cfg)) + { + if (name && !streq(name, peer_cfg->get_name(peer_cfg))) + { + continue; + } sas = charon->controller->create_ike_sa_enumerator(charon->controller); while (sas->enumerate(sas, &ike_sa)) { @@ -108,9 +109,9 @@ static void status(private_uci_control_t *this, char *name) continue; } } - fprintf(out, "%-8s %-20D %-16H ", ike_sa->get_name(ike_sa), - ike_sa->get_other_id(ike_sa), ike_sa->get_other_host(ike_sa)); - + fprintf(out, "%-8s %-20D %-16H ", ike_sa->get_name(ike_sa), + ike_sa->get_other_id(ike_sa), ike_sa->get_other_host(ike_sa)); + children = ike_sa->create_child_sa_iterator(ike_sa); while (children->iterate(children, (void**)&child_sa)) { @@ -118,7 +119,7 @@ static void status(private_uci_control_t *this, char *name) child_sa->get_traffic_selectors(child_sa, FALSE)); } children->destroy(children); - fprintf(out, "\n"); + fprintf(out, "\n"); } sas->destroy(sas); } @@ -142,7 +143,7 @@ static void initiate(private_uci_control_t *this, char *name) peer_cfg_t *peer_cfg; child_cfg_t *child_cfg; enumerator_t *enumerator; - + peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, name); if (peer_cfg) { @@ -174,7 +175,7 @@ static void terminate(private_uci_control_t *this, char *name) enumerator_t *enumerator; ike_sa_t *ike_sa; u_int id; - + enumerator = charon->controller->create_ike_sa_enumerator(charon->controller); while (enumerator->enumerate(enumerator, &ike_sa)) { @@ -240,7 +241,7 @@ static job_requeue_t receive(private_uci_control_t *this) char message[128]; int oldstate, len; FILE *in; - + memset(message, 0, sizeof(message)); pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldstate); in = fopen(FIFO_FILE, "r"); @@ -281,9 +282,9 @@ static void destroy(private_uci_control_t *this) uci_control_t *uci_control_create() { private_uci_control_t *this = malloc_thing(private_uci_control_t); - + this->public.destroy = (void(*)(uci_control_t*))destroy; - + unlink(FIFO_FILE); if (mkfifo(FIFO_FILE, S_IRUSR|S_IWUSR) != 0) { diff --git a/src/charon/plugins/uci/uci_creds.c b/src/charon/plugins/uci/uci_creds.c index 60f6fc934..2813850e8 100644 --- a/src/charon/plugins/uci/uci_creds.c +++ b/src/charon/plugins/uci/uci_creds.c @@ -81,10 +81,6 @@ static bool shared_enumerator_enumerate(shared_enumerator_t *this, if (me) { local = identification_create_from_string(local_id); - if (!local) - { - continue; - } *me = this->me ? this->me->matches(this->me, local) : ID_MATCH_ANY; local->destroy(local); @@ -96,10 +92,6 @@ static bool shared_enumerator_enumerate(shared_enumerator_t *this, if (other) { remote = identification_create_from_string(remote_id); - if (!remote) - { - continue; - } *other = this->other ? this->other->matches(this->other, remote) : ID_MATCH_ANY; remote->destroy(remote); |