diff options
Diffstat (limited to 'src/libcharon/plugins')
| -rw-r--r-- | src/libcharon/plugins/android/android_service.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/ha/ha_tunnel.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/load_tester/load_tester_config.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/maemo/maemo_service.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/medcli/medcli_config.c | 4 | ||||
| -rw-r--r-- | src/libcharon/plugins/medsrv/medsrv_config.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/socket_default/socket_default_socket.c | 26 | ||||
| -rw-r--r-- | src/libcharon/plugins/socket_raw/socket_raw_socket.c | 20 | ||||
| -rw-r--r-- | src/libcharon/plugins/sql/sql_config.c | 2 | ||||
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_config.c | 5 | ||||
| -rw-r--r-- | src/libcharon/plugins/uci/uci_config.c | 4 |
11 files changed, 37 insertions, 34 deletions
diff --git a/src/libcharon/plugins/android/android_service.c b/src/libcharon/plugins/android/android_service.c index 6ca7407ca..c5553f24f 100644 --- a/src/libcharon/plugins/android/android_service.c +++ b/src/libcharon/plugins/android/android_service.c @@ -264,7 +264,7 @@ static job_requeue_t initiate(private_android_service_t *this) this->creds->set_username_password(this->creds, user, password); } - ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, IKEV2_UDP_PORT, + ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, CHARON_UDP_PORT, hostname, FALSE, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c index d1edb3e55..200733cac 100644 --- a/src/libcharon/plugins/ha/ha_tunnel.c +++ b/src/libcharon/plugins/ha/ha_tunnel.c @@ -203,7 +203,7 @@ static void setup_tunnel(private_ha_tunnel_t *this, lib->credmgr->add_set(lib->credmgr, &this->creds.public); /* create config and backend */ - ike_cfg = ike_cfg_create(FALSE, FALSE, local, FALSE, IKEV2_UDP_PORT, + ike_cfg = ike_cfg_create(FALSE, FALSE, local, FALSE, CHARON_UDP_PORT, remote, FALSE, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); peer_cfg = peer_cfg_create("ha", IKEV2, ike_cfg, CERT_NEVER_SEND, diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c index d041d4cdc..2e02fb57c 100644 --- a/src/libcharon/plugins/load_tester/load_tester_config.c +++ b/src/libcharon/plugins/load_tester/load_tester_config.c @@ -257,7 +257,7 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num) else { ike_cfg = ike_cfg_create(FALSE, FALSE, - this->local, FALSE, IKEV2_UDP_PORT, + this->local, FALSE, CHARON_UDP_PORT, this->remote, FALSE, IKEV2_UDP_PORT); } ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal)); diff --git a/src/libcharon/plugins/maemo/maemo_service.c b/src/libcharon/plugins/maemo/maemo_service.c index b5f50f1c6..9f1f16956 100644 --- a/src/libcharon/plugins/maemo/maemo_service.c +++ b/src/libcharon/plugins/maemo/maemo_service.c @@ -323,7 +323,7 @@ static gboolean initiate_connection(private_maemo_service_t *this, NULL); } - ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, IKEV2_UDP_PORT, + ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, CHARON_UDP_PORT, hostname, FALSE, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c index 15d4ffa3f..6b28f751c 100644 --- a/src/libcharon/plugins/medcli/medcli_config.c +++ b/src/libcharon/plugins/medcli/medcli_config.c @@ -119,7 +119,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*, return NULL; } ike_cfg = ike_cfg_create(FALSE, FALSE, - "0.0.0.0", FALSE, IKEV2_UDP_PORT, + "0.0.0.0", FALSE, CHARON_UDP_PORT, address, FALSE, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); med_cfg = peer_cfg_create( @@ -396,7 +396,7 @@ medcli_config_t *medcli_config_create(database_t *db) .rekey = lib->settings->get_time(lib->settings, "medcli.rekey", 1200), .dpd = lib->settings->get_time(lib->settings, "medcli.dpd", 300), .ike = ike_cfg_create(FALSE, FALSE, - "0.0.0.0", FALSE, IKEV2_UDP_PORT, + "0.0.0.0", FALSE, CHARON_UDP_PORT, "0.0.0.0", FALSE, IKEV2_UDP_PORT), ); this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE)); diff --git a/src/libcharon/plugins/medsrv/medsrv_config.c b/src/libcharon/plugins/medsrv/medsrv_config.c index ef3b04497..b19847b87 100644 --- a/src/libcharon/plugins/medsrv/medsrv_config.c +++ b/src/libcharon/plugins/medsrv/medsrv_config.c @@ -141,7 +141,7 @@ medsrv_config_t *medsrv_config_create(database_t *db) .rekey = lib->settings->get_time(lib->settings, "medsrv.rekey", 1200), .dpd = lib->settings->get_time(lib->settings, "medsrv.dpd", 300), .ike = ike_cfg_create(FALSE, FALSE, - "0.0.0.0", FALSE, IKEV2_UDP_PORT, + "0.0.0.0", FALSE, CHARON_UDP_PORT, "0.0.0.0", FALSE, IKEV2_UDP_PORT), ); this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE)); diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c index d1c5626b7..0df040e85 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.c +++ b/src/libcharon/plugins/socket_default/socket_default_socket.c @@ -171,22 +171,22 @@ METHOD(socket_t, receiver, status_t, if (FD_ISSET(this->ipv4, &rfds)) { - port = IKEV2_UDP_PORT; + port = CHARON_UDP_PORT; selected = this->ipv4; } if (FD_ISSET(this->ipv4_natt, &rfds)) { - port = IKEV2_NATT_PORT; + port = CHARON_NATT_PORT; selected = this->ipv4_natt; } if (FD_ISSET(this->ipv6, &rfds)) { - port = IKEV2_UDP_PORT; + port = CHARON_UDP_PORT; selected = this->ipv6; } if (FD_ISSET(this->ipv6_natt, &rfds)) { - port = IKEV2_NATT_PORT; + port = CHARON_NATT_PORT; selected = this->ipv6_natt; } if (selected) @@ -299,7 +299,7 @@ METHOD(socket_t, receiver, status_t, DBG2(DBG_NET, "received packet: from %#H to %#H", source, dest); data_offset = 0; /* remove non esp marker */ - if (dest->get_port(dest) == IKEV2_NATT_PORT) + if (dest->get_port(dest) == CHARON_NATT_PORT) { data_offset += MARKER_LEN; } @@ -339,7 +339,7 @@ METHOD(socket_t, sender, status_t, /* send data */ sport = src->get_port(src); family = dst->get_family(dst); - if (sport == IKEV2_UDP_PORT) + if (sport == CHARON_UDP_PORT) { if (family == AF_INET) { @@ -350,7 +350,7 @@ METHOD(socket_t, sender, status_t, skt = this->ipv6; } } - else if (sport == IKEV2_NATT_PORT) + else if (sport == CHARON_NATT_PORT) { if (family == AF_INET) { @@ -537,7 +537,7 @@ static int open_socket(private_socket_default_socket_t *this, { /* enable UDP decapsulation globally, only for one socket needed */ int type = UDP_ENCAP_ESPINUDP; - if (family == AF_INET && port == IKEV2_NATT_PORT && + if (family == AF_INET && port == CHARON_NATT_PORT && setsockopt(skt, SOL_UDP, UDP_ENCAP, &type, sizeof(type)) < 0) { DBG1(DBG_NET, "unable to set UDP_ENCAP: %s", strerror(errno)); @@ -590,7 +590,7 @@ socket_default_socket_t *socket_default_socket_create() #ifdef __APPLE__ { - int natt_port = IKEV2_NATT_PORT; + int natt_port = CHARON_NATT_PORT; if (sysctlbyname("net.inet.ipsec.esp_port", NULL, NULL, &natt_port, sizeof(natt_port)) != 0) { @@ -600,28 +600,28 @@ socket_default_socket_t *socket_default_socket_create() } #endif - this->ipv4 = open_socket(this, AF_INET, IKEV2_UDP_PORT); + this->ipv4 = open_socket(this, AF_INET, CHARON_UDP_PORT); if (this->ipv4 == 0) { DBG1(DBG_NET, "could not open IPv4 socket, IPv4 disabled"); } else { - this->ipv4_natt = open_socket(this, AF_INET, IKEV2_NATT_PORT); + this->ipv4_natt = open_socket(this, AF_INET, CHARON_NATT_PORT); if (this->ipv4_natt == 0) { DBG1(DBG_NET, "could not open IPv4 NAT-T socket"); } } - this->ipv6 = open_socket(this, AF_INET6, IKEV2_UDP_PORT); + this->ipv6 = open_socket(this, AF_INET6, CHARON_UDP_PORT); if (this->ipv6 == 0) { DBG1(DBG_NET, "could not open IPv6 socket, IPv6 disabled"); } else { - this->ipv6_natt = open_socket(this, AF_INET6, IKEV2_NATT_PORT); + this->ipv6_natt = open_socket(this, AF_INET6, CHARON_NATT_PORT); if (this->ipv6_natt == 0) { DBG1(DBG_NET, "could not open IPv6 NAT-T socket"); diff --git a/src/libcharon/plugins/socket_raw/socket_raw_socket.c b/src/libcharon/plugins/socket_raw/socket_raw_socket.c index 6557fc12f..539411379 100644 --- a/src/libcharon/plugins/socket_raw/socket_raw_socket.c +++ b/src/libcharon/plugins/socket_raw/socket_raw_socket.c @@ -204,7 +204,7 @@ METHOD(socket_t, receiver, status_t, DBG2(DBG_NET, "received packet: from %#H to %#H", source, dest); data_offset = IP_LEN + UDP_LEN; /* remove non esp marker */ - if (dest->get_port(dest) == IKEV2_NATT_PORT) + if (dest->get_port(dest) == CHARON_NATT_PORT) { data_offset += MARKER_LEN; } @@ -291,7 +291,7 @@ METHOD(socket_t, receiver, status_t, DBG2(DBG_NET, "received packet: from %#H to %#H", source, dest); data_offset = UDP_LEN; /* remove non esp marker */ - if (dest->get_port(dest) == IKEV2_NATT_PORT) + if (dest->get_port(dest) == CHARON_NATT_PORT) { data_offset += MARKER_LEN; } @@ -332,7 +332,7 @@ METHOD(socket_t, sender, status_t, /* send data */ sport = src->get_port(src); family = dst->get_family(dst); - if (sport == IKEV2_UDP_PORT) + if (sport == CHARON_UDP_PORT) { if (family == AF_INET) { @@ -343,7 +343,7 @@ METHOD(socket_t, sender, status_t, skt = this->send6; } } - else if (sport == IKEV2_NATT_PORT) + else if (sport == CHARON_NATT_PORT) { if (family == AF_INET) { @@ -541,8 +541,8 @@ static int open_recv_socket(private_socket_raw_socket_t *this, int family) { /* Destination Port must be either port or natt_port */ BPF_STMT(BPF_LD+BPF_H+BPF_ABS, udp_header + 2), - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IKEV2_UDP_PORT, 1, 0), - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IKEV2_NATT_PORT, 6, 14), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, CHARON_UDP_PORT, 1, 0), + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, CHARON_NATT_PORT, 6, 14), /* port */ /* IKE version must be 2.x */ BPF_STMT(BPF_LD+BPF_B+BPF_ABS, ike_header + IKE_VERSION_OFFSET), @@ -667,7 +667,7 @@ socket_raw_socket_t *socket_raw_socket_create() } else { - this->send4 = open_send_socket(this, AF_INET, IKEV2_UDP_PORT); + this->send4 = open_send_socket(this, AF_INET, CHARON_UDP_PORT); if (this->send4 == 0) { DBG1(DBG_NET, "could not open IPv4 send socket, IPv4 disabled"); @@ -675,7 +675,7 @@ socket_raw_socket_t *socket_raw_socket_create() } else { - this->send4_natt = open_send_socket(this, AF_INET, IKEV2_NATT_PORT); + this->send4_natt = open_send_socket(this, AF_INET, CHARON_NATT_PORT); if (this->send4_natt == 0) { DBG1(DBG_NET, "could not open IPv4 NAT-T send socket"); @@ -690,7 +690,7 @@ socket_raw_socket_t *socket_raw_socket_create() } else { - this->send6 = open_send_socket(this, AF_INET6, IKEV2_UDP_PORT); + this->send6 = open_send_socket(this, AF_INET6, CHARON_UDP_PORT); if (this->send6 == 0) { DBG1(DBG_NET, "could not open IPv6 send socket, IPv6 disabled"); @@ -698,7 +698,7 @@ socket_raw_socket_t *socket_raw_socket_create() } else { - this->send6_natt = open_send_socket(this, AF_INET6, IKEV2_NATT_PORT); + this->send6_natt = open_send_socket(this, AF_INET6, CHARON_NATT_PORT); if (this->send6_natt == 0) { DBG1(DBG_NET, "could not open IPv6 NAT-T send socket"); diff --git a/src/libcharon/plugins/sql/sql_config.c b/src/libcharon/plugins/sql/sql_config.c index dd9a0b09d..28b493e7a 100644 --- a/src/libcharon/plugins/sql/sql_config.c +++ b/src/libcharon/plugins/sql/sql_config.c @@ -259,7 +259,7 @@ static ike_cfg_t *build_ike_cfg(private_sql_config_t *this, enumerator_t *e, ike_cfg_t *ike_cfg; ike_cfg = ike_cfg_create(certreq, force_encap, - local, FALSE, IKEV2_UDP_PORT, + local, FALSE, CHARON_UDP_PORT, remote, FALSE, IKEV2_UDP_PORT); add_ike_proposals(this, ike_cfg, id); return ike_cfg; diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index c884da05d..83f04bd38 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -188,6 +188,7 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg ike_cfg_t *ike_cfg; char *interface; host_t *host; + u_int16_t ikeport; host = host_create_from_dns(msg->add_conn.other.address, 0, 0); if (host) @@ -224,11 +225,13 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg } } } + ikeport = msg->add_conn.me.ikeport; + ikeport = (ikeport == IKEV2_UDP_PORT) ? CHARON_UDP_PORT : ikeport; ike_cfg = ike_cfg_create(msg->add_conn.other.sendcert != CERT_NEVER_SEND, msg->add_conn.force_encap, msg->add_conn.me.address, msg->add_conn.me.allow_any, - msg->add_conn.me.ikeport, + ikeport, msg->add_conn.other.address, msg->add_conn.other.allow_any, msg->add_conn.other.ikeport); diff --git a/src/libcharon/plugins/uci/uci_config.c b/src/libcharon/plugins/uci/uci_config.c index 9b0fd73ad..9dc0cfcde 100644 --- a/src/libcharon/plugins/uci/uci_config.c +++ b/src/libcharon/plugins/uci/uci_config.c @@ -169,7 +169,7 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool, { DESTROY_IF(this->peer_cfg); ike_cfg = ike_cfg_create(FALSE, FALSE, - local_addr, FALSE, IKEV2_UDP_PORT, + local_addr, FALSE, CHARON_UDP_PORT, remote_addr, FALSE, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE)); this->peer_cfg = peer_cfg_create( @@ -267,7 +267,7 @@ METHOD(enumerator_t, ike_enumerator_enumerate, bool, { DESTROY_IF(this->ike_cfg); this->ike_cfg = ike_cfg_create(FALSE, FALSE, - local_addr, FALSE, IKEV2_UDP_PORT, + local_addr, FALSE, CHARON_UDP_PORT, remote_addr, FALSE, IKEV2_UDP_PORT); this->ike_cfg->add_proposal(this->ike_cfg, create_proposal(ike_proposal, PROTO_IKE)); |