diff options
Diffstat (limited to 'src/charon/plugins')
| -rw-r--r-- | src/charon/plugins/medcli/medcli_config.c | 13 | ||||
| -rw-r--r-- | src/charon/plugins/medsrv/medsrv_config.c | 3 | ||||
| -rw-r--r-- | src/charon/plugins/sql/sql_config.c | 27 | ||||
| -rw-r--r-- | src/charon/plugins/stroke/stroke_config.c | 104 | ||||
| -rw-r--r-- | src/charon/plugins/stroke/stroke_list.c | 6 |
5 files changed, 52 insertions, 101 deletions
diff --git a/src/charon/plugins/medcli/medcli_config.c b/src/charon/plugins/medcli/medcli_config.c index dff6c3dec..8a56bfefe 100644 --- a/src/charon/plugins/medcli/medcli_config.c +++ b/src/charon/plugins/medcli/medcli_config.c @@ -100,7 +100,6 @@ static peer_cfg_t *get_peer_cfg_by_name(private_medcli_config_t *this, char *nam child_cfg_t *child_cfg; chunk_t me, other; char *address, *local_net, *remote_net; - host_t *med; /* query mediation server config: * - build ike_cfg/peer_cfg for mediation connection on-the-fly @@ -114,14 +113,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_medcli_config_t *this, char *nam DESTROY_IF(e); return NULL; } - med = host_create_from_string(address, 500); - if (!med) - { - e->destroy(e); - return NULL; - } - ike_cfg = ike_cfg_create(FALSE, FALSE, - host_create_from_string("0.0.0.0", 500), med); + ike_cfg = ike_cfg_create(FALSE, FALSE, "0.0.0.0", address); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); DBG1(DBG_CFG, "mediation server id: %B", &other); med_cfg = peer_cfg_create( @@ -313,8 +305,7 @@ medcli_config_t *medcli_config_create(database_t *db) this->rekey = lib->settings->get_int(lib->settings, "medclient.rekey", 20) * 60; this->dpd = lib->settings->get_int(lib->settings, "medclient.dpd", 300); - this->ike = ike_cfg_create(FALSE, FALSE, host_create_any(AF_INET), - host_create_any(AF_INET)); + this->ike = ike_cfg_create(FALSE, FALSE, "0.0.0.0", "0.0.0.0"); this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE)); return &this->public; diff --git a/src/charon/plugins/medsrv/medsrv_config.c b/src/charon/plugins/medsrv/medsrv_config.c index 8439c207b..04cb56930 100644 --- a/src/charon/plugins/medsrv/medsrv_config.c +++ b/src/charon/plugins/medsrv/medsrv_config.c @@ -139,8 +139,7 @@ medsrv_config_t *medsrv_config_create(database_t *db) this->rekey = lib->settings->get_int(lib->settings, "medmanager.rekey", 20) * 60; this->dpd = lib->settings->get_int(lib->settings, "medmanager.dpd", 300); - this->ike = ike_cfg_create(FALSE, FALSE, host_create_any(AF_INET), - host_create_any(AF_INET)); + this->ike = ike_cfg_create(FALSE, FALSE, "0.0.0.0", "0.0.0.0"); this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE)); return &this->public; diff --git a/src/charon/plugins/sql/sql_config.c b/src/charon/plugins/sql/sql_config.c index 06fd29850..7a2e96fe6 100644 --- a/src/charon/plugins/sql/sql_config.c +++ b/src/charon/plugins/sql/sql_config.c @@ -179,34 +179,9 @@ static ike_cfg_t *build_ike_cfg(private_sql_config_t *this, enumerator_t *e, while (e->enumerate(e, &certreq, &force_encap, &local, &remote)) { - host_t *me, *other; ike_cfg_t *ike_cfg; - me = host_create_from_string(local, 500); - if (!me) - { - continue; - } - if (my_host && !me->is_anyaddr(me) && - !me->ip_equals(me, my_host)) - { - me->destroy(me); - continue; - } - other = host_create_from_string(remote, 500); - if (!other) - { - me->destroy(me); - continue; - } - if (other_host && !other->is_anyaddr(other) && - !other->ip_equals(other, other_host)) - { - me->destroy(me); - other->destroy(other); - continue; - } - ike_cfg = ike_cfg_create(certreq, force_encap, me, other); + ike_cfg = ike_cfg_create(certreq, force_encap, local, remote); /* TODO: read proposal from db */ ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); return ike_cfg; diff --git a/src/charon/plugins/stroke/stroke_config.c b/src/charon/plugins/stroke/stroke_config.c index af196751e..0069191b5 100644 --- a/src/charon/plugins/stroke/stroke_config.c +++ b/src/charon/plugins/stroke/stroke_config.c @@ -139,20 +139,8 @@ static void ike_data_destroy(ike_data_t *data) */ static bool ike_filter(ike_data_t *data, peer_cfg_t **in, ike_cfg_t **out) { - ike_cfg_t *ike_cfg; - host_t *me, *other; - - ike_cfg = (*in)->get_ike_cfg(*in); - - me = ike_cfg->get_my_host(ike_cfg); - other = ike_cfg->get_other_host(ike_cfg); - if ((!data->me || me->is_anyaddr(me) || me->ip_equals(me, data->me)) && - (!data->other || other->is_anyaddr(other) || other->ip_equals(other, data->other))) - { - *out = ike_cfg; - return TRUE; - } - return FALSE; + *out = (*in)->get_ike_cfg(*in); + return TRUE; } /** @@ -296,58 +284,50 @@ static void add_proposals(private_stroke_config_t *this, char *string, */ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg) { - host_t *me = NULL, *other = NULL, *tmp; stroke_end_t tmp_end; ike_cfg_t *ike_cfg; char *interface; - - if (msg->add_conn.me.address) - { - me = host_create_from_string(msg->add_conn.me.address, IKEV2_UDP_PORT); - } - if (!me) - { - DBG1(DBG_CFG, "invalid left host: %s", msg->add_conn.me.address); - return NULL; - } - if (msg->add_conn.other.address) - { - other = host_create_from_string(msg->add_conn.other.address, IKEV2_UDP_PORT); - } - if (!other) - { - DBG1(DBG_CFG, "invalid right host: %s", msg->add_conn.other.address); - me->destroy(me); - return NULL; - } - interface = charon->kernel_interface->get_interface( - charon->kernel_interface, other); - if (interface) - { - DBG2(DBG_CFG, "left is other host, swapping ends"); - tmp = me; - me = other; - other = tmp; - tmp_end = msg->add_conn.me; - msg->add_conn.me = msg->add_conn.other; - msg->add_conn.other = tmp_end; - free(interface); - } - else + host_t *host; + + host = host_create_from_dns(msg->add_conn.other.address, 0, 0); + if (host) { interface = charon->kernel_interface->get_interface( - charon->kernel_interface, me); - if (!interface) + charon->kernel_interface, host); + host->destroy(host); + if (interface) { - DBG1(DBG_CFG, "left nor right host is our side, assuming left=local"); + DBG2(DBG_CFG, "left is other host, swapping ends"); + tmp_end = msg->add_conn.me; + msg->add_conn.me = msg->add_conn.other; + msg->add_conn.other = tmp_end; + free(interface); } else { - free(interface); + host = host_create_from_dns(msg->add_conn.me.address, 0, 0); + if (host) + { + interface = charon->kernel_interface->get_interface( + charon->kernel_interface, host); + host->destroy(host); + if (!interface) + { + DBG1(DBG_CFG, "left nor right host is our side, " + "assuming left=local"); + } + else + { + free(interface); + } + + } } } ike_cfg = ike_cfg_create(msg->add_conn.other.sendcert != CERT_NEVER_SEND, - msg->add_conn.force_encap, me, other); + msg->add_conn.force_encap, + msg->add_conn.me.address, + msg->add_conn.other.address); add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL); return ike_cfg; } @@ -485,8 +465,14 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this, } else { - host_t* my_host = ike_cfg->get_my_host(ike_cfg); - vip = host_create_any(my_host->get_family(my_host)); + if (strchr(ike_cfg->get_my_addr(ike_cfg), ':')) + { + vip = host_create_any(AF_INET6); + } + else + { + vip = host_create_any(AF_INET); + } } } } @@ -777,9 +763,9 @@ static void add(private_stroke_config_t *this, stroke_msg_t *msg) else { /* add config to backend */ - DBG1(DBG_CFG, "added configuration '%s': %H[%D]...%H[%D]", msg->add_conn.name, - ike_cfg->get_my_host(ike_cfg), peer_cfg->get_my_id(peer_cfg), - ike_cfg->get_other_host(ike_cfg), peer_cfg->get_other_id(peer_cfg)); + DBG1(DBG_CFG, "added configuration '%s': %s[%D]...%s[%D]", msg->add_conn.name, + ike_cfg->get_my_addr(ike_cfg), peer_cfg->get_my_id(peer_cfg), + ike_cfg->get_other_addr(ike_cfg), peer_cfg->get_other_id(peer_cfg)); this->mutex->lock(this->mutex); this->list->insert_last(this->list, peer_cfg); this->mutex->unlock(this->mutex); diff --git a/src/charon/plugins/stroke/stroke_list.c b/src/charon/plugins/stroke/stroke_list.c index db9d829e1..4f0602498 100644 --- a/src/charon/plugins/stroke/stroke_list.c +++ b/src/charon/plugins/stroke/stroke_list.c @@ -229,9 +229,9 @@ static void status(private_stroke_list_t *this, stroke_msg_t *msg, FILE *out, bo } ike_cfg = peer_cfg->get_ike_cfg(peer_cfg); - fprintf(out, "%12s: %H[%D]...%H[%D]\n", peer_cfg->get_name(peer_cfg), - ike_cfg->get_my_host(ike_cfg), peer_cfg->get_my_id(peer_cfg), - ike_cfg->get_other_host(ike_cfg), peer_cfg->get_other_id(peer_cfg)); + fprintf(out, "%12s: %s[%D]...%s[%D]\n", peer_cfg->get_name(peer_cfg), + ike_cfg->get_my_addr(ike_cfg), peer_cfg->get_my_id(peer_cfg), + ike_cfg->get_other_addr(ike_cfg), peer_cfg->get_other_id(peer_cfg)); /* TODO: list CAs and groups */ children = peer_cfg->create_child_cfg_enumerator(peer_cfg); while (children->enumerate(children, &child_cfg)) |