diff options
Diffstat (limited to 'src/starter')
| -rw-r--r-- | src/starter/args.c | 8 | ||||
| -rw-r--r-- | src/starter/confread.h | 40 | ||||
| -rw-r--r-- | src/starter/invokecharon.c | 1 |
3 files changed, 31 insertions, 18 deletions
diff --git a/src/starter/args.c b/src/starter/args.c index 82e957f59..fb8424841 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -61,6 +61,12 @@ static const char *LST_sendcert[] = { NULL }; +static const char *LST_strict[] = { + "no", + "yes", + "ifuri", + NULL +}; static const char *LST_dpd_action[] = { "none", "clear", @@ -160,7 +166,7 @@ static const token_info_t token_info[] = { ARG_UINT, offsetof(starter_config_t, setup.overridemtu), NULL }, { ARG_TIME, offsetof(starter_config_t, setup.crlcheckinterval), NULL }, { ARG_ENUM, offsetof(starter_config_t, setup.cachecrls), LST_bool }, - { ARG_ENUM, offsetof(starter_config_t, setup.strictcrlpolicy), LST_bool }, + { ARG_ENUM, offsetof(starter_config_t, setup.strictcrlpolicy), LST_strict }, { ARG_ENUM, offsetof(starter_config_t, setup.nocrsend), LST_bool }, { ARG_ENUM, offsetof(starter_config_t, setup.nat_traversal), LST_bool }, { ARG_TIME, offsetof(starter_config_t, setup.keep_alive), NULL }, diff --git a/src/starter/confread.h b/src/starter/confread.h index e0de68376..2fe75fcc6 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -46,6 +46,12 @@ typedef enum { KEY_EXCHANGE_IKEV2 } keyexchange_t; +typedef enum { + STRICT_NO, + STRICT_YES, + STRICT_IFURI +} strict_t; + typedef struct starter_end starter_end_t; struct starter_end { @@ -156,23 +162,23 @@ struct starter_config { bool plutostart; /* pluto/charon keywords */ - char **plutodebug; - char *charondebug; - char *prepluto; - char *postpluto; - bool uniqueids; - u_int overridemtu; - u_int crlcheckinterval; - bool cachecrls; - bool strictcrlpolicy; - bool nocrsend; - bool nat_traversal; - u_int keep_alive; - char *virtual_private; - char *eapdir; - char *pkcs11module; - bool pkcs11keepstate; - bool pkcs11proxy; + char **plutodebug; + char *charondebug; + char *prepluto; + char *postpluto; + bool uniqueids; + u_int overridemtu; + u_int crlcheckinterval; + bool cachecrls; + strict_t strictcrlpolicy; + bool nocrsend; + bool nat_traversal; + u_int keep_alive; + char *virtual_private; + char *eapdir; + char *pkcs11module; + bool pkcs11keepstate; + bool pkcs11proxy; /* KLIPS keywords */ char **klipsdebug; diff --git a/src/starter/invokecharon.c b/src/starter/invokecharon.c index 94d046d35..7e93b9ac6 100644 --- a/src/starter/invokecharon.c +++ b/src/starter/invokecharon.c @@ -116,6 +116,7 @@ starter_start_charon (starter_config_t *cfg, bool debug) if (cfg->setup.strictcrlpolicy) { arg[argc++] = "--strictcrlpolicy"; + arg[argc++] = cfg->setup.strictcrlpolicy == STRICT_IFURI ? "2":"1"; } if (cfg->setup.cachecrls) { |