Imported Upstream version 5.0.1

2 files changed, 47 insertions, 41 deletions

diff --git a/src/libhydra/plugins/attr/Makefile.in b/src/libhydra/plugins/attr/Makefile.in
index 1ceb93ef3..831adf9d6 100644
--- a/src/libhydra/plugins/attr/Makefile.in
+++ b/src/libhydra/plugins/attr/Makefile.in
@@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -82,7 +83,7 @@ libstrongswan_attr_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(libstrongswan_attr_la_LDFLAGS) $(LDFLAGS) -o $@
 @MONOLITHIC_FALSE@am_libstrongswan_attr_la_rpath = -rpath $(plugindir)
 @MONOLITHIC_TRUE@am_libstrongswan_attr_la_rpath =
-DEFAULT_INCLUDES = -I.@am__isrc@
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
@@ -108,6 +109,7 @@ AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
+BFDLIB = @BFDLIB@
 BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
@@ -202,11 +204,14 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
 clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
-default_pkcs11 = @default_pkcs11@
+dev_headers = @dev_headers@
 docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
@@ -223,11 +228,12 @@ imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
 ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
-libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
 libexecdir = @libexecdir@
 linux_headers = @linux_headers@
@@ -243,6 +249,7 @@ mkdir_p = @mkdir_p@
 nm_CFLAGS = @nm_CFLAGS@
 nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
 p_plugins = @p_plugins@
@@ -252,7 +259,6 @@ pdfdir = @pdfdir@
 piddir = @piddir@
 pki_plugins = @pki_plugins@
 plugindir = @plugindir@
-pluto_plugins = @pluto_plugins@
 pool_plugins = @pool_plugins@
 prefix = @prefix@
 program_transform_name = @program_transform_name@
diff --git a/src/libhydra/plugins/attr/attr_provider.c b/src/libhydra/plugins/attr/attr_provider.c
index 44242c259..c1c3cd895 100644
--- a/src/libhydra/plugins/attr/attr_provider.c
+++ b/src/libhydra/plugins/attr/attr_provider.c
@@ -77,10 +77,10 @@ static bool attr_enum_filter(void *null, attribute_entry_t **in,
 }
 
 METHOD(attribute_provider_t, create_attribute_enumerator, enumerator_t*,
-	private_attr_provider_t *this, char *pool,
-	identification_t *id, host_t *vip)
+	private_attr_provider_t *this, linked_list_t *pools,
+	identification_t *id, linked_list_t *vips)
 {
-	if (vip)
+	if (vips->get_count(vips))
 	{
 		this->lock->read_lock(this->lock);
 		return enumerator_create_filter(
@@ -145,18 +145,22 @@ static void add_legacy_entry(private_attr_provider_t *this, char *key, int nr,
 /**
  * Key to attribute type mappings, for v4 and v6 attributes
  */
-static struct {
+typedef struct {
 	char *name;
 	configuration_attribute_type_t v4;
 	configuration_attribute_type_t v6;
-} keys[] = {
-	{"address",		INTERNAL_IP4_ADDRESS,	INTERNAL_IP6_ADDRESS},
-	{"dns",			INTERNAL_IP4_DNS,		INTERNAL_IP6_DNS},
-	{"nbns",		INTERNAL_IP4_NBNS,		INTERNAL_IP6_NBNS},
-	{"dhcp",		INTERNAL_IP4_DHCP,		INTERNAL_IP6_DHCP},
-	{"netmask",		INTERNAL_IP4_NETMASK,	INTERNAL_IP6_NETMASK},
-	{"server",		INTERNAL_IP4_SERVER,	INTERNAL_IP6_SERVER},
-	{"subnet",		INTERNAL_IP4_SUBNET,	INTERNAL_IP6_SUBNET},
+} attribute_type_key_t;
+
+static attribute_type_key_t keys[] = {
+	{"address",			INTERNAL_IP4_ADDRESS,	INTERNAL_IP6_ADDRESS},
+	{"dns",				INTERNAL_IP4_DNS,		INTERNAL_IP6_DNS},
+	{"nbns",			INTERNAL_IP4_NBNS,		INTERNAL_IP6_NBNS},
+	{"dhcp",			INTERNAL_IP4_DHCP,		INTERNAL_IP6_DHCP},
+	{"netmask",			INTERNAL_IP4_NETMASK,	INTERNAL_IP6_NETMASK},
+	{"server",			INTERNAL_IP4_SERVER,	INTERNAL_IP6_SERVER},
+	{"subnet",			INTERNAL_IP4_SUBNET,	INTERNAL_IP6_SUBNET},
+	{"split-include",	UNITY_SPLIT_INCLUDE,	UNITY_SPLIT_INCLUDE},
+	{"split-exclude",	UNITY_LOCAL_LAN,		UNITY_LOCAL_LAN},
 };
 
 /**
@@ -179,12 +183,29 @@ static void load_entries(private_attr_provider_t *this)
 	while (enumerator->enumerate(enumerator, &key, &value))
 	{
 		configuration_attribute_type_t type;
+		attribute_type_key_t *mapped = NULL;
 		attribute_entry_t *entry;
 		host_t *host;
 		char *pos;
-		int i, mask = -1;
+		int i, mask = -1, family;
 
 		type = atoi(key);
+		if (!type)
+		{
+			for (i = 0; i < countof(keys); i++)
+			{
+				if (streq(key, keys[i].name))
+				{
+					mapped = &keys[i];
+					break;
+				}
+			}
+			if (!mapped)
+			{
+				DBG1(DBG_CFG, "mapping attribute type %s failed", key);
+				continue;
+			}
+		}
 		tokens = enumerator_create_token(value, ",", " ");
 		while (tokens->enumerate(tokens, &token))
 		{
@@ -200,37 +221,16 @@ static void load_entries(private_attr_provider_t *this)
 				DBG1(DBG_CFG, "invalid host in key %s: %s", key, token);
 				continue;
 			}
-			if (!type)
-			{
-				for (i = 0; i < countof(keys); i++)
-				{
-					if (streq(key, keys[i].name))
-					{
-						if (host->get_family(host) == AF_INET)
-						{
-							type = keys[i].v4;
-						}
-						else
-						{
-							type = keys[i].v6;
-						}
-					}
-				}
-				if (!type)
-				{
-					DBG1(DBG_CFG, "mapping attribute type %s failed", key);
-					break;
-				}
-			}
+			family = host->get_family(host);
 			entry = malloc_thing(attribute_entry_t);
-			entry->type = type;
+			entry->type = type ?: (family == AF_INET ? mapped->v4 : mapped->v6);
 			if (mask == -1)
 			{
 				entry->value = chunk_clone(host->get_address(host));
 			}
 			else
 			{
-				if (host->get_family(host) == AF_INET)
+				if (family == AF_INET)
 				{	/* IPv4 attributes contain a subnet mask */
 					u_int32_t netmask;