diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2013-02-07 13:27:27 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2013-02-07 13:27:27 +0100 |
| commit | 7585facf05d927eb6df3929ce09ed5e60d905437 (patch) | |
| tree | e4d14b4dc180db20356b6b01ce0112f3a2d7897e /src/libcharon/plugins/uci/uci_config.c | |
| parent | c1343b3278cdf99533b7902744d15969f9d6fdc1 (diff) | |
| download | vyos-strongswan-7585facf05d927eb6df3929ce09ed5e60d905437.tar.gz vyos-strongswan-7585facf05d927eb6df3929ce09ed5e60d905437.zip | |
Imported Upstream version 5.0.2
Diffstat (limited to 'src/libcharon/plugins/uci/uci_config.c')
| -rw-r--r-- | src/libcharon/plugins/uci/uci_config.c | 42 |
1 files changed, 15 insertions, 27 deletions
diff --git a/src/libcharon/plugins/uci/uci_config.c b/src/libcharon/plugins/uci/uci_config.c index 1201f568e..de0bf91af 100644 --- a/src/libcharon/plugins/uci/uci_config.c +++ b/src/libcharon/plugins/uci/uci_config.c @@ -87,28 +87,12 @@ static traffic_selector_t *create_ts(char *string) { if (string) { - int netbits = 32; - host_t *net; - char *pos; + traffic_selector_t *ts; - string = strdupa(string); - pos = strchr(string, '/'); - if (pos) + ts = traffic_selector_create_from_cidr(string, 0, 0); + if (ts) { - *pos++ = '\0'; - netbits = atoi(pos); - } - else - { - if (strchr(string, ':')) - { - netbits = 128; - } - } - net = host_create_from_string(string, 0); - if (net) - { - return traffic_selector_create_from_subnet(net, netbits, 0, 0); + return ts; } } return traffic_selector_create_dynamic(0, 0, 65535); @@ -168,12 +152,14 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool, &ike_proposal, &esp_proposal, &ike_rekey, &esp_rekey)) { DESTROY_IF(this->peer_cfg); - ike_cfg = ike_cfg_create(FALSE, FALSE, - local_addr, FALSE, charon->socket->get_port(charon->socket, FALSE), - remote_addr, FALSE, IKEV2_UDP_PORT); + ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE, + local_addr, FALSE, + charon->socket->get_port(charon->socket, FALSE), + remote_addr, FALSE, IKEV2_UDP_PORT, + FRAGMENTATION_NO); ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE)); this->peer_cfg = peer_cfg_create( - name, IKEV2, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO, + name, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO, 1, create_rekey(ike_rekey), 0, /* keytries, rekey, reauth */ 1800, 900, /* jitter, overtime */ TRUE, FALSE, /* mobike, aggressive */ @@ -265,9 +251,11 @@ METHOD(enumerator_t, ike_enumerator_enumerate, bool, &local_addr, &remote_addr, &ike_proposal)) { DESTROY_IF(this->ike_cfg); - this->ike_cfg = ike_cfg_create(FALSE, FALSE, - local_addr, FALSE, charon->socket->get_port(charon->socket, FALSE), - remote_addr, FALSE, IKEV2_UDP_PORT); + this->ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE, + local_addr, FALSE, + charon->socket->get_port(charon->socket, FALSE), + remote_addr, FALSE, IKEV2_UDP_PORT, + FRAGMENTATION_NO); this->ike_cfg->add_proposal(this->ike_cfg, create_proposal(ike_proposal, PROTO_IKE)); |