From d7376e2ab43316e0e5a4b93aa19f8a85644d94b6 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 12 Dec 2011 12:17:13 +0100 Subject: Accept NULL identities passed to peer config enumeration --- src/libcharon/config/backend_manager.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'src/libcharon/config/backend_manager.c') diff --git a/src/libcharon/config/backend_manager.c b/src/libcharon/config/backend_manager.c index a93457ea4..c84da2504 100644 --- a/src/libcharon/config/backend_manager.c +++ b/src/libcharon/config/backend_manager.c @@ -160,7 +160,7 @@ METHOD(backend_manager_t, get_ike_cfg, ike_cfg_t*, while (enumerator->enumerate(enumerator, (void**)¤t)) { match = get_ike_match(current, me, other); - + DBG3(DBG_CFG, "ike config match: %d (%H %H)", match, me, other); if (match) { DBG2(DBG_CFG, " candidate: %s...%s, prio %d", @@ -195,9 +195,12 @@ static id_match_t get_peer_match(identification_t *id, auth_cfg_t *auth; identification_t *candidate; id_match_t match = ID_MATCH_NONE; + chunk_t data; if (!id) { + DBG3(DBG_CFG, "peer config match %s: %d (%N)", + local ? "local" : "remote", ID_MATCH_ANY, id_type_names, ID_ANY); return ID_MATCH_ANY; } @@ -221,6 +224,10 @@ static id_match_t get_peer_match(identification_t *id, } } enumerator->destroy(enumerator); + + data = id->get_encoding(id); + DBG3(DBG_CFG, "peer config match %s: %d (%N -> %#B)", + match, id_type_names, id->get_type(id), &data); return match; } @@ -351,18 +358,11 @@ METHOD(backend_manager_t, create_peer_cfg_enumerator, enumerator_t*, id_match_t match_peer_me, match_peer_other; ike_cfg_match_t match_ike; match_entry_t *entry; - chunk_t data; match_peer_me = get_peer_match(my_id, cfg, TRUE); - data = my_id->get_encoding(my_id); - DBG3(DBG_CFG, "match_peer_me: %d (%N -> %#B)", match_peer_me, - id_type_names, my_id->get_type(my_id), &data); match_peer_other = get_peer_match(other_id, cfg, FALSE); - data = other_id->get_encoding(other_id); - DBG3(DBG_CFG, "match_peer_other: %d (%N -> %#B)", match_peer_other, - id_type_names, other_id->get_type(other_id), &data); match_ike = get_ike_match(cfg->get_ike_cfg(cfg), me, other); - DBG3(DBG_CFG, "match_ike: %d (%H %H)", match_ike, me, other); + DBG3(DBG_CFG, "ike config match: %d (%H %H)", match_ike, me, other); if (match_peer_me && match_peer_other && match_ike) { -- cgit v1.2.3 From 033dfba01febe6e0c3310496f8d8a8c74fd3e626 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 12 Dec 2011 12:30:47 +0100 Subject: Log peer cfg enumeration externally for flexibility --- src/libcharon/config/backend_manager.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'src/libcharon/config/backend_manager.c') diff --git a/src/libcharon/config/backend_manager.c b/src/libcharon/config/backend_manager.c index c84da2504..5fe137ed5 100644 --- a/src/libcharon/config/backend_manager.c +++ b/src/libcharon/config/backend_manager.c @@ -347,9 +347,6 @@ METHOD(backend_manager_t, create_peer_cfg_enumerator, enumerator_t*, return enumerator; } - DBG1(DBG_CFG, "looking for peer configs matching %H[%Y]...%H[%Y]", - me, my_id, other, other_id); - configs = linked_list_create(); /* only once allocated helper list for sorting */ helper = linked_list_create(); -- cgit v1.2.3 From e6503db2cf3e922f4efbcae113cf9f9fe8e31390 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 13 Dec 2011 13:08:54 +0100 Subject: Fixed SIGSEGV when logging peer config matches. --- src/libcharon/config/backend_manager.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/libcharon/config/backend_manager.c') diff --git a/src/libcharon/config/backend_manager.c b/src/libcharon/config/backend_manager.c index 5fe137ed5..e7e7a9055 100644 --- a/src/libcharon/config/backend_manager.c +++ b/src/libcharon/config/backend_manager.c @@ -195,12 +195,13 @@ static id_match_t get_peer_match(identification_t *id, auth_cfg_t *auth; identification_t *candidate; id_match_t match = ID_MATCH_NONE; + char *where = local ? "local" : "remote"; chunk_t data; if (!id) { DBG3(DBG_CFG, "peer config match %s: %d (%N)", - local ? "local" : "remote", ID_MATCH_ANY, id_type_names, ID_ANY); + where, ID_MATCH_ANY, id_type_names, ID_ANY); return ID_MATCH_ANY; } @@ -227,7 +228,7 @@ static id_match_t get_peer_match(identification_t *id, data = id->get_encoding(id); DBG3(DBG_CFG, "peer config match %s: %d (%N -> %#B)", - match, id_type_names, id->get_type(id), &data); + where, match, id_type_names, id->get_type(id), &data); return match; } -- cgit v1.2.3 From ac009df132e9b7a66962e1cf860cd2e2f40be60e Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Sat, 17 Dec 2011 13:31:27 +0100 Subject: Pass IKE version to peer config enumerator, filter configs --- src/libcharon/config/backend_manager.c | 56 +++++++++++++++++++++++----------- 1 file changed, 39 insertions(+), 17 deletions(-) (limited to 'src/libcharon/config/backend_manager.c') diff --git a/src/libcharon/config/backend_manager.c b/src/libcharon/config/backend_manager.c index e7e7a9055..507f26d2f 100644 --- a/src/libcharon/config/backend_manager.c +++ b/src/libcharon/config/backend_manager.c @@ -146,10 +146,11 @@ METHOD(backend_manager_t, get_ike_cfg, ike_cfg_t*, ike_cfg_match_t match, best = MATCH_ANY; ike_data_t *data; - data = malloc_thing(ike_data_t); - data->this = this; - data->me = me; - data->other = other; + INIT(data, + .this = this, + .me = me, + .other = other, + ); DBG2(DBG_CFG, "looking for an ike config for %H...%H", me, other); @@ -232,6 +233,22 @@ static id_match_t get_peer_match(identification_t *id, return match; } +/** + * Get match quality of IKE version + */ +static int get_version_match(ike_version_t cfg, ike_version_t req) +{ + if (req == IKE_ANY || cfg == IKE_ANY) + { + return 1; + } + if (req == cfg) + { + return 2; + } + return 0; +} + /** * data to pass nested peer enumerator */ @@ -325,17 +342,18 @@ static void insert_sorted(match_entry_t *entry, linked_list_t *list, METHOD(backend_manager_t, create_peer_cfg_enumerator, enumerator_t*, private_backend_manager_t *this, host_t *me, host_t *other, - identification_t *my_id, identification_t *other_id) + identification_t *my_id, identification_t *other_id, ike_version_t version) { enumerator_t *enumerator; peer_data_t *data; peer_cfg_t *cfg; linked_list_t *configs, *helper; - data = malloc_thing(peer_data_t); - data->lock = this->lock; - data->me = my_id; - data->other = other_id; + INIT(data, + .lock = this->lock, + .me = my_id, + .other = other_id, + ); /* create a sorted list with all matches */ this->lock->read_lock(this->lock); @@ -355,22 +373,26 @@ METHOD(backend_manager_t, create_peer_cfg_enumerator, enumerator_t*, { id_match_t match_peer_me, match_peer_other; ike_cfg_match_t match_ike; + int match_version; match_entry_t *entry; match_peer_me = get_peer_match(my_id, cfg, TRUE); match_peer_other = get_peer_match(other_id, cfg, FALSE); match_ike = get_ike_match(cfg->get_ike_cfg(cfg), me, other); + match_version = get_version_match(cfg->get_ike_version(cfg), version); DBG3(DBG_CFG, "ike config match: %d (%H %H)", match_ike, me, other); - if (match_peer_me && match_peer_other && match_ike) + if (match_peer_me && match_peer_other && match_ike && match_version) { - DBG2(DBG_CFG, " candidate \"%s\", match: %d/%d/%d (me/other/ike)", - cfg->get_name(cfg), match_peer_me, match_peer_other, match_ike); - - entry = malloc_thing(match_entry_t); - entry->match_peer = match_peer_me + match_peer_other; - entry->match_ike = match_ike; - entry->cfg = cfg->get_ref(cfg); + DBG2(DBG_CFG, " candidate \"%s\", match: %d/%d/%d/%d " + "(me/other/ike/version)", cfg->get_name(cfg), + match_peer_me, match_peer_other, match_ike, match_version); + + INIT(entry, + .match_peer = match_peer_me + match_peer_other, + .match_ike = match_ike, + .cfg = cfg->get_ref(cfg), + ); insert_sorted(entry, configs, helper); } } -- cgit v1.2.3