summaryrefslogtreecommitdiff
path: root/src/libhydra
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2014-03-11 20:48:48 +0100
committerYves-Alexis Perez <corsac@debian.org>2014-03-11 20:48:48 +0100
commit15fb7904f4431a6e7c305fd08732458f7f885e7e (patch)
treec93b60ee813af70509f00f34e29ebec311762427 /src/libhydra
parent5313d2d78ca150515f7f5eb39801c100690b6b29 (diff)
downloadvyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.tar.gz
vyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.zip
Imported Upstream version 5.1.2
Diffstat (limited to 'src/libhydra')
-rw-r--r--src/libhydra/Android.mk1
-rw-r--r--src/libhydra/Makefile.in12
-rw-r--r--src/libhydra/attributes/mem_pool.c2
-rw-r--r--src/libhydra/hydra.c4
-rw-r--r--src/libhydra/hydra.h12
-rw-r--r--src/libhydra/kernel/kernel_interface.c4
-rw-r--r--src/libhydra/plugins/attr/Makefile.in12
-rw-r--r--src/libhydra/plugins/attr/attr_provider.c8
-rw-r--r--src/libhydra/plugins/attr_sql/Makefile.in12
-rw-r--r--src/libhydra/plugins/attr_sql/attr_sql_plugin.c4
-rw-r--r--src/libhydra/plugins/attr_sql/sql_attribute.c2
-rw-r--r--src/libhydra/plugins/kernel_klips/Makefile.in12
-rw-r--r--src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c10
-rw-r--r--src/libhydra/plugins/kernel_netlink/Makefile.in12
-rw-r--r--src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c22
-rw-r--r--src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c25
-rw-r--r--src/libhydra/plugins/kernel_pfkey/Makefile.in12
-rw-r--r--src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c4
-rw-r--r--src/libhydra/plugins/kernel_pfroute/Makefile.in12
-rw-r--r--src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c11
-rw-r--r--src/libhydra/plugins/resolve/Makefile.in12
-rw-r--r--src/libhydra/plugins/resolve/resolve_handler.c4
22 files changed, 140 insertions, 69 deletions
diff --git a/src/libhydra/Android.mk b/src/libhydra/Android.mk
index 429feed55..ff134da7b 100644
--- a/src/libhydra/Android.mk
+++ b/src/libhydra/Android.mk
@@ -26,7 +26,6 @@ LOCAL_SRC_FILES += $(call add_plugin, kernel-netlink)
# build libhydra ---------------------------------------------------------------
LOCAL_C_INCLUDES += \
- $(libvstr_PATH) \
$(strongswan_PATH)/src/include \
$(strongswan_PATH)/src/libstrongswan
diff --git a/src/libhydra/Makefile.in b/src/libhydra/Makefile.in
index d3c3ed459..5e0bf3f17 100644
--- a/src/libhydra/Makefile.in
+++ b/src/libhydra/Makefile.in
@@ -275,8 +275,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -344,6 +342,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -432,12 +435,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -452,6 +459,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/attributes/mem_pool.c b/src/libhydra/attributes/mem_pool.c
index 77567ce48..cc45e5629 100644
--- a/src/libhydra/attributes/mem_pool.c
+++ b/src/libhydra/attributes/mem_pool.c
@@ -573,7 +573,7 @@ static private_mem_pool_t *create_generic(char *name)
(hashtable_equals_t)id_equals, 16),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
.reassign_online = lib->settings->get_bool(lib->settings,
- "%s.mem-pool.reassign_online", FALSE, hydra->daemon),
+ "%s.mem-pool.reassign_online", FALSE, lib->ns),
);
return this;
diff --git a/src/libhydra/hydra.c b/src/libhydra/hydra.c
index f531bd5f4..1b5065081 100644
--- a/src/libhydra/hydra.c
+++ b/src/libhydra/hydra.c
@@ -59,7 +59,6 @@ void libhydra_deinit()
this->public.attributes->destroy(this->public.attributes);
this->public.kernel_interface->destroy(this->public.kernel_interface);
- free((void*)this->public.daemon);
free(this);
hydra = NULL;
}
@@ -67,7 +66,7 @@ void libhydra_deinit()
/**
* Described in header.
*/
-bool libhydra_init(const char *daemon)
+bool libhydra_init()
{
private_hydra_t *this;
@@ -81,7 +80,6 @@ bool libhydra_init(const char *daemon)
INIT(this,
.public = {
.attributes = attribute_manager_create(),
- .daemon = strdup(daemon ?: "libhydra"),
},
.ref = 1,
);
diff --git a/src/libhydra/hydra.h b/src/libhydra/hydra.h
index 2a8709d72..94209ff59 100644
--- a/src/libhydra/hydra.h
+++ b/src/libhydra/hydra.h
@@ -53,11 +53,6 @@ struct hydra_t {
* kernel interface to communicate with kernel
*/
kernel_interface_t *kernel_interface;
-
- /**
- * name of the daemon that initialized the library
- */
- const char *daemon;
};
/**
@@ -70,15 +65,12 @@ extern hydra_t *hydra;
/**
* Initialize libhydra.
*
- * The daemon's name is used to load daemon-specific settings.
- *
* libhydra_init() may be called multiple times in a single process, but each
- * caller should call libhydra_deinit() for each call to libhydra_init().
+ * caller must call libhydra_deinit() for each call to libhydra_init().
*
- * @param daemon name of the daemon that initializes the library
* @return FALSE if integrity check failed
*/
-bool libhydra_init(const char *daemon);
+bool libhydra_init();
/**
* Deinitialize libhydra.
diff --git a/src/libhydra/kernel/kernel_interface.c b/src/libhydra/kernel/kernel_interface.c
index cbfddd03b..3e34d20a6 100644
--- a/src/libhydra/kernel/kernel_interface.c
+++ b/src/libhydra/kernel/kernel_interface.c
@@ -796,12 +796,12 @@ kernel_interface_t *kernel_interface_create()
);
ifaces = lib->settings->get_str(lib->settings,
- "%s.interfaces_use", NULL, hydra->daemon);
+ "%s.interfaces_use", NULL, lib->ns);
if (!ifaces)
{
this->ifaces_exclude = TRUE;
ifaces = lib->settings->get_str(lib->settings,
- "%s.interfaces_ignore", NULL, hydra->daemon);
+ "%s.interfaces_ignore", NULL, lib->ns);
}
if (ifaces)
{
diff --git a/src/libhydra/plugins/attr/Makefile.in b/src/libhydra/plugins/attr/Makefile.in
index af0a77fe3..e762b7757 100644
--- a/src/libhydra/plugins/attr/Makefile.in
+++ b/src/libhydra/plugins/attr/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/attr/attr_provider.c b/src/libhydra/plugins/attr/attr_provider.c
index 1a2fa7f28..a27fd57b1 100644
--- a/src/libhydra/plugins/attr/attr_provider.c
+++ b/src/libhydra/plugins/attr/attr_provider.c
@@ -109,7 +109,7 @@ static void add_legacy_entry(private_attr_provider_t *this, char *key, int nr,
host_t *host;
char *str;
- str = lib->settings->get_str(lib->settings, "%s.%s%d", NULL, hydra->daemon,
+ str = lib->settings->get_str(lib->settings, "%s.%s%d", NULL, lib->ns,
key, nr);
if (str)
{
@@ -179,7 +179,7 @@ static void load_entries(private_attr_provider_t *this)
}
enumerator = lib->settings->create_key_value_enumerator(lib->settings,
- "%s.plugins.attr", hydra->daemon);
+ "%s.plugins.attr", lib->ns);
while (enumerator->enumerate(enumerator, &key, &value))
{
configuration_attribute_type_t type;
@@ -190,6 +190,10 @@ static void load_entries(private_attr_provider_t *this)
char *pos;
int i, mask = -1, family;
+ if (streq(key, "load"))
+ {
+ continue;
+ }
type = atoi(key);
if (!type)
{
diff --git a/src/libhydra/plugins/attr_sql/Makefile.in b/src/libhydra/plugins/attr_sql/Makefile.in
index 7b7b5de05..1d258f2fb 100644
--- a/src/libhydra/plugins/attr_sql/Makefile.in
+++ b/src/libhydra/plugins/attr_sql/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/attr_sql/attr_sql_plugin.c b/src/libhydra/plugins/attr_sql/attr_sql_plugin.c
index 702872c57..dde90051a 100644
--- a/src/libhydra/plugins/attr_sql/attr_sql_plugin.c
+++ b/src/libhydra/plugins/attr_sql/attr_sql_plugin.c
@@ -61,7 +61,7 @@ static bool open_database(private_attr_sql_plugin_t *this,
char *uri;
uri = lib->settings->get_str(lib->settings,
- "libhydra.plugins.attr-sql.database", NULL);
+ "%s.plugins.attr-sql.database", NULL, lib->ns);
if (!uri)
{
DBG1(DBG_CFG, "attr-sql plugin: database URI not set");
@@ -122,6 +122,8 @@ plugin_t *attr_sql_plugin_create()
},
},
);
+ lib->settings->add_fallback(lib->settings, "%s.plugins.attr-sql",
+ "libhydra.plugins.attr-sql", lib->ns);
return &this->public.plugin;
}
diff --git a/src/libhydra/plugins/attr_sql/sql_attribute.c b/src/libhydra/plugins/attr_sql/sql_attribute.c
index 0a06c419f..d527c3fba 100644
--- a/src/libhydra/plugins/attr_sql/sql_attribute.c
+++ b/src/libhydra/plugins/attr_sql/sql_attribute.c
@@ -457,7 +457,7 @@ sql_attribute_t *sql_attribute_create(database_t *db)
},
.db = db,
.history = lib->settings->get_bool(lib->settings,
- "libhydra.plugins.attr-sql.lease_history", TRUE),
+ "%s.plugins.attr-sql.lease_history", TRUE, lib->ns),
);
/* close any "online" leases in the case we crashed */
diff --git a/src/libhydra/plugins/kernel_klips/Makefile.in b/src/libhydra/plugins/kernel_klips/Makefile.in
index a639ef6c3..c804c8e81 100644
--- a/src/libhydra/plugins/kernel_klips/Makefile.in
+++ b/src/libhydra/plugins/kernel_klips/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c
index a226162c3..a75ccf3b6 100644
--- a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c
+++ b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c
@@ -311,8 +311,8 @@ static status_t attach_ipsec_dev(char* name, char *phys_name)
}
mtu = lib->settings->get_int(lib->settings,
- "%s.plugins.kernel-klips.ipsec_dev_mtu", 0,
- hydra->daemon);
+ "%s.plugins.kernel-klips.ipsec_dev_mtu", 0,
+ lib->ns);
if (mtu <= 0)
{
/* guess MTU as physical MTU - ESP overhead [- NAT-T overhead]
@@ -2505,8 +2505,8 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
static void init_ipsec_devices(private_kernel_klips_ipsec_t *this)
{
int i, count = lib->settings->get_int(lib->settings,
- "%s.plugins.kernel-klips.ipsec_dev_count",
- DEFAULT_IPSEC_DEV_COUNT, hydra->daemon);
+ "%s.plugins.kernel-klips.ipsec_dev_count",
+ DEFAULT_IPSEC_DEV_COUNT, lib->ns);
for (i = 0; i < count; ++i)
{
@@ -2611,7 +2611,7 @@ kernel_klips_ipsec_t *kernel_klips_ipsec_create()
.mutex_pfkey = mutex_create(MUTEX_TYPE_DEFAULT),
.install_routes = lib->settings->get_bool(lib->settings,
"%s.install_routes", TRUE,
- hydra->daemon),
+ lib->ns),
);
/* initialize ipsec devices */
diff --git a/src/libhydra/plugins/kernel_netlink/Makefile.in b/src/libhydra/plugins/kernel_netlink/Makefile.in
index 5f85da653..5910cfd92 100644
--- a/src/libhydra/plugins/kernel_netlink/Makefile.in
+++ b/src/libhydra/plugins/kernel_netlink/Makefile.in
@@ -219,8 +219,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
index 8352b9311..c864a92f4 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -1203,6 +1203,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
struct nlmsghdr *hdr;
struct xfrm_usersa_info *sa;
u_int16_t icv_size = 64;
+ ipsec_mode_t original_mode = mode;
status_t status = FAILED;
/* if IPComp is used, we install an additional IPComp SA. if the cpi is 0
@@ -1213,7 +1214,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
add_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, reqid, mark,
tfc, &lft, ENCR_UNDEFINED, chunk_empty, AUTH_UNDEFINED,
chunk_empty, mode, ipcomp, 0, initiator, FALSE, FALSE, inbound,
- NULL, NULL);
+ src_ts, dst_ts);
ipcomp = IPCOMP_NONE;
/* use transport mode ESP SA, IPComp uses tunnel mode */
mode = MODE_TRANSPORT;
@@ -1243,7 +1244,12 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
break;
case MODE_BEET:
case MODE_TRANSPORT:
- if(src_ts && dst_ts)
+ if (original_mode == MODE_TUNNEL)
+ { /* don't install selectors for switched SAs. because only one
+ * selector can be installed other traffic would get dropped */
+ break;
+ }
+ if (src_ts && dst_ts)
{
sa->sel = ts2selector(src_ts, dst_ts);
/* don't install proto/port on SA. This would break
@@ -1459,8 +1465,8 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
goto failed;
}
- if (tfc)
- {
+ if (tfc && protocol == IPPROTO_ESP && mode == MODE_TUNNEL)
+ { /* the kernel supports TFC padding only for tunnel mode ESP SAs */
u_int32_t *tfcpad;
tfcpad = netlink_reserve(hdr, sizeof(request), XFRMA_TFCPAD,
@@ -2679,15 +2685,15 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
.policy_history = TRUE,
.install_routes = lib->settings->get_bool(lib->settings,
- "%s.install_routes", TRUE, hydra->daemon),
+ "%s.install_routes", TRUE, lib->ns),
.replay_window = lib->settings->get_int(lib->settings,
- "%s.replay_window", DEFAULT_REPLAY_WINDOW, hydra->daemon),
+ "%s.replay_window", DEFAULT_REPLAY_WINDOW, lib->ns),
);
this->replay_bmp = (this->replay_window + sizeof(u_int32_t) * 8 - 1) /
(sizeof(u_int32_t) * 8);
- if (streq(hydra->daemon, "starter"))
+ if (streq(lib->ns, "starter"))
{ /* starter has no threads, so we do not register for kernel events */
register_for_events = FALSE;
}
@@ -2697,7 +2703,7 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
{
fprintf(f, "%u", lib->settings->get_int(lib->settings,
"%s.plugins.kernel-netlink.xfrm_acq_expires",
- DEFAULT_ACQUIRE_LIFETIME, hydra->daemon));
+ DEFAULT_ACQUIRE_LIFETIME, lib->ns));
fclose(f);
}
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
index d27075082..3cf317634 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
@@ -1962,10 +1962,13 @@ METHOD(kernel_net_t, add_route, status_t,
this->routes_lock->unlock(this->routes_lock);
return ALREADY_DONE;
}
- found = route_entry_clone(&route);
- this->routes->put(this->routes, found, found);
status = manage_srcroute(this, RTM_NEWROUTE, NLM_F_CREATE | NLM_F_EXCL,
dst_net, prefixlen, gateway, src_ip, if_name);
+ if (status == SUCCESS)
+ {
+ found = route_entry_clone(&route);
+ this->routes->put(this->routes, found, found);
+ }
this->routes_lock->unlock(this->routes_lock);
return status;
}
@@ -2122,7 +2125,7 @@ static status_t manage_rule(private_kernel_netlink_net_t *this, int nlmsg_type,
netlink_add_attribute(hdr, RTA_PRIORITY, chunk, sizeof(request));
fwmark = lib->settings->get_str(lib->settings,
- "%s.plugins.kernel-netlink.fwmark", NULL, hydra->daemon);
+ "%s.plugins.kernel-netlink.fwmark", NULL, lib->ns);
if (fwmark)
{
#ifdef HAVE_LINUX_FIB_RULES_H
@@ -2282,30 +2285,30 @@ kernel_netlink_net_t *kernel_netlink_net_create()
.condvar = rwlock_condvar_create(),
.roam_lock = spinlock_create(),
.routing_table = lib->settings->get_int(lib->settings,
- "%s.routing_table", ROUTING_TABLE, hydra->daemon),
+ "%s.routing_table", ROUTING_TABLE, lib->ns),
.routing_table_prio = lib->settings->get_int(lib->settings,
- "%s.routing_table_prio", ROUTING_TABLE_PRIO, hydra->daemon),
+ "%s.routing_table_prio", ROUTING_TABLE_PRIO, lib->ns),
.process_route = lib->settings->get_bool(lib->settings,
- "%s.process_route", TRUE, hydra->daemon),
+ "%s.process_route", TRUE, lib->ns),
.install_virtual_ip = lib->settings->get_bool(lib->settings,
- "%s.install_virtual_ip", TRUE, hydra->daemon),
+ "%s.install_virtual_ip", TRUE, lib->ns),
.install_virtual_ip_on = lib->settings->get_str(lib->settings,
- "%s.install_virtual_ip_on", NULL, hydra->daemon),
+ "%s.install_virtual_ip_on", NULL, lib->ns),
.roam_events = lib->settings->get_bool(lib->settings,
- "%s.plugins.kernel-netlink.roam_events", TRUE, hydra->daemon),
+ "%s.plugins.kernel-netlink.roam_events", TRUE, lib->ns),
);
timerclear(&this->last_route_reinstall);
timerclear(&this->next_roam);
check_kernel_features(this);
- if (streq(hydra->daemon, "starter"))
+ if (streq(lib->ns, "starter"))
{ /* starter has no threads, so we do not register for kernel events */
register_for_events = FALSE;
}
exclude = lib->settings->get_str(lib->settings,
- "%s.ignore_routing_tables", NULL, hydra->daemon);
+ "%s.ignore_routing_tables", NULL, lib->ns);
if (exclude)
{
char *token;
diff --git a/src/libhydra/plugins/kernel_pfkey/Makefile.in b/src/libhydra/plugins/kernel_pfkey/Makefile.in
index 8903a460e..5d0e927de 100644
--- a/src/libhydra/plugins/kernel_pfkey/Makefile.in
+++ b/src/libhydra/plugins/kernel_pfkey/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index 98a6f81d5..4704d419f 100644
--- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -2861,10 +2861,10 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create()
.mutex_pfkey = mutex_create(MUTEX_TYPE_DEFAULT),
.install_routes = lib->settings->get_bool(lib->settings,
"%s.install_routes", TRUE,
- hydra->daemon),
+ lib->ns),
);
- if (streq(hydra->daemon, "starter"))
+ if (streq(lib->ns, "starter"))
{ /* starter has no threads, so we do not register for kernel events */
register_for_events = FALSE;
}
diff --git a/src/libhydra/plugins/kernel_pfroute/Makefile.in b/src/libhydra/plugins/kernel_pfroute/Makefile.in
index 29a70799f..8e01d2992 100644
--- a/src/libhydra/plugins/kernel_pfroute/Makefile.in
+++ b/src/libhydra/plugins/kernel_pfroute/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
index bc10610cd..a8a57a5a2 100644
--- a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
+++ b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
@@ -1420,9 +1420,12 @@ METHOD(kernel_net_t, add_route, status_t,
this->routes_lock->unlock(this->routes_lock);
return ALREADY_DONE;
}
- found = route_entry_clone(&route);
- this->routes->put(this->routes, found, found);
status = manage_route(this, RTM_ADD, dst_net, prefixlen, gateway, if_name);
+ if (status == SUCCESS)
+ {
+ found = route_entry_clone(&route);
+ this->routes->put(this->routes, found, found);
+ }
this->routes_lock->unlock(this->routes_lock);
return status;
}
@@ -1782,7 +1785,7 @@ kernel_pfroute_net_t *kernel_pfroute_net_create()
.net_changes_lock = mutex_create(MUTEX_TYPE_DEFAULT),
.roam_lock = spinlock_create(),
.vip_wait = lib->settings->get_int(lib->settings,
- "%s.plugins.kernel-pfroute.vip_wait", 1000, hydra->daemon),
+ "%s.plugins.kernel-pfroute.vip_wait", 1000, lib->ns),
);
timerclear(&this->last_route_reinstall);
timerclear(&this->next_roam);
@@ -1796,7 +1799,7 @@ kernel_pfroute_net_t *kernel_pfroute_net_create()
return NULL;
}
- if (streq(hydra->daemon, "starter"))
+ if (streq(lib->ns, "starter"))
{
/* starter has no threads, so we do not register for kernel events */
if (shutdown(this->socket, SHUT_RD) != 0)
diff --git a/src/libhydra/plugins/resolve/Makefile.in b/src/libhydra/plugins/resolve/Makefile.in
index 28b4b8fcf..0e520f126 100644
--- a/src/libhydra/plugins/resolve/Makefile.in
+++ b/src/libhydra/plugins/resolve/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libhydra/plugins/resolve/resolve_handler.c b/src/libhydra/plugins/resolve/resolve_handler.c
index 2eee854a9..069466ab5 100644
--- a/src/libhydra/plugins/resolve/resolve_handler.c
+++ b/src/libhydra/plugins/resolve/resolve_handler.c
@@ -361,7 +361,7 @@ resolve_handler_t *resolve_handler_create()
},
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
.file = lib->settings->get_str(lib->settings, "%s.plugins.resolve.file",
- RESOLV_CONF, hydra->daemon),
+ RESOLV_CONF, lib->ns),
);
if (stat(RESOLVCONF_EXEC, &st) == 0)
@@ -369,7 +369,7 @@ resolve_handler_t *resolve_handler_create()
this->use_resolvconf = TRUE;
this->iface_prefix = lib->settings->get_str(lib->settings,
"%s.plugins.resolve.resolvconf.iface_prefix",
- RESOLVCONF_PREFIX, hydra->daemon);
+ RESOLVCONF_PREFIX, lib->ns);
}
return &this->public;