diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2008-12-05 16:44:41 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2008-12-05 16:44:41 +0000 |
| commit | 2db1ef4ac8928944958712923b9c89c263a337d2 (patch) | |
| tree | 700043d9d97b7e7ba344b448918728af0a8be8d1 /src/starter/confread.c | |
| parent | 5dc75410286b0e3a16845b44dd696ba0f40df573 (diff) | |
| download | vyos-strongswan-2db1ef4ac8928944958712923b9c89c263a337d2.tar.gz vyos-strongswan-2db1ef4ac8928944958712923b9c89c263a337d2.zip | |
- Updated to new upstream.
Diffstat (limited to 'src/starter/confread.c')
| -rw-r--r-- | src/starter/confread.c | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/src/starter/confread.c b/src/starter/confread.c index 959a98b77..1560266c1 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: confread.c 4269 2008-08-21 12:10:07Z martin $ + * RCSID $Id: confread.c 4612 2008-11-11 06:37:37Z andreas $ */ #include <stddef.h> @@ -79,6 +79,7 @@ static void default_values(starter_config_t *cfg) cfg->conn_default.sa_keying_tries = SA_REPLACEMENT_RETRIES_DEFAULT; cfg->conn_default.addr_family = AF_INET; cfg->conn_default.tunnel_addr_family = AF_INET; + cfg->conn_default.install_policy = TRUE; cfg->conn_default.dpd_delay = 30; /* seconds */ cfg->conn_default.dpd_timeout = 150; /* seconds */ @@ -497,15 +498,29 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) case KW_TYPE: conn->policy &= ~(POLICY_TUNNEL | POLICY_SHUNT_MASK); if (streq(kw->value, "tunnel")) + { conn->policy |= POLICY_TUNNEL; + } else if (streq(kw->value, "beet")) + { conn->policy |= POLICY_BEET; + } + else if (streq(kw->value, "transport_proxy")) + { + conn->policy |= POLICY_PROXY; + } else if (streq(kw->value, "passthrough") || streq(kw->value, "pass")) + { conn->policy |= POLICY_SHUNT_PASS; + } else if (streq(kw->value, "drop")) + { conn->policy |= POLICY_SHUNT_DROP; + } else if (streq(kw->value, "reject")) + { conn->policy |= POLICY_SHUNT_REJECT; + } else if (strcmp(kw->value, "transport") != 0) { plog("# bad policy value: %s=%s", kw->entry->name, kw->value); @@ -530,21 +545,33 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) char *second = strchr(kw->value, '|'); if (second != NULL) + { *second = '\0'; + } /* also handles the cases secret|rsasig and rsasig|secret */ for (;;) { if (streq(value, "rsa") || streq(value, "rsasig")) + { conn->policy |= POLICY_RSASIG | POLICY_ENCRYPT; + } else if (streq(value, "secret") || streq(value, "psk")) + { conn->policy |= POLICY_PSK | POLICY_ENCRYPT; + } else if (streq(value, "ecdsa") || streq(value, "ecdsasig")) + { conn->policy |= POLICY_ECDSASIG | POLICY_ENCRYPT; + } else if (streq(value, "xauthrsasig")) + { conn->policy |= POLICY_XAUTH_RSASIG | POLICY_ENCRYPT; + } else if (streq(value, "xauthpsk")) + { conn->policy |= POLICY_XAUTH_PSK | POLICY_ENCRYPT; + } else { plog("# bad policy value: %s=%s", kw->entry->name, kw->value); @@ -552,7 +579,9 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) break; } if (second == NULL) + { break; + } value = second; second = NULL; /* traverse the loop no more than twice */ } |