summaryrefslogtreecommitdiff
path: root/src/starter/starterwhack.c
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2010-02-23 10:34:14 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2010-02-23 10:34:14 +0000
commited7d79f96177044949744da10f4431c1d6242241 (patch)
tree3aabaa55ed3b5291daef891cfee9befb5235e2b8 /src/starter/starterwhack.c
parent7410d3c6d6a9a1cd7aa55083c938946af6ff9498 (diff)
downloadvyos-strongswan-ed7d79f96177044949744da10f4431c1d6242241.tar.gz
vyos-strongswan-ed7d79f96177044949744da10f4431c1d6242241.zip
[svn-upgrade] Integrating new upstream version, strongswan (4.3.6)
Diffstat (limited to 'src/starter/starterwhack.c')
-rw-r--r--src/starter/starterwhack.c137
1 files changed, 64 insertions, 73 deletions
diff --git a/src/starter/starterwhack.c b/src/starter/starterwhack.c
index 44b442ae2..67916395f 100644
--- a/src/starter/starterwhack.c
+++ b/src/starter/starterwhack.c
@@ -33,8 +33,7 @@
#define ip_version(string) (strchr(string, '.') ? AF_INET : AF_INET6)
-static int
-pack_str (char **p, char **next, char **roof)
+static int pack_str (char **p, char **next, char **roof)
{
const char *s = (*p==NULL) ? "" : *p; /* note: NULL becomes ""! */
size_t len = strlen(s) + 1;
@@ -52,8 +51,7 @@ pack_str (char **p, char **next, char **roof)
}
}
-static int
-send_whack_msg (whack_message_t *msg)
+static int send_whack_msg (whack_message_t *msg)
{
struct sockaddr_un ctl_addr;
int sock;
@@ -67,37 +65,41 @@ send_whack_msg (whack_message_t *msg)
str_next = (char *)msg->string;
str_roof = (char *)&msg->string[sizeof(msg->string)];
- if (!pack_str(&msg->name, &str_next, &str_roof)
- || !pack_str(&msg->left.id, &str_next, &str_roof)
- || !pack_str(&msg->left.cert, &str_next, &str_roof)
- || !pack_str(&msg->left.ca, &str_next, &str_roof)
- || !pack_str(&msg->left.groups, &str_next, &str_roof)
- || !pack_str(&msg->left.updown, &str_next, &str_roof)
- || !pack_str(&msg->left.virt, &str_next, &str_roof)
- || !pack_str(&msg->right.id, &str_next, &str_roof)
- || !pack_str(&msg->right.cert, &str_next, &str_roof)
- || !pack_str(&msg->right.ca, &str_next, &str_roof)
- || !pack_str(&msg->right.groups, &str_next, &str_roof)
- || !pack_str(&msg->right.updown, &str_next, &str_roof)
- || !pack_str(&msg->right.virt, &str_next, &str_roof)
- || !pack_str(&msg->keyid, &str_next, &str_roof)
- || !pack_str(&msg->myid, &str_next, &str_roof)
- || !pack_str(&msg->cacert, &str_next, &str_roof)
- || !pack_str(&msg->ldaphost, &str_next, &str_roof)
- || !pack_str(&msg->ldapbase, &str_next, &str_roof)
- || !pack_str(&msg->crluri, &str_next, &str_roof)
- || !pack_str(&msg->crluri2, &str_next, &str_roof)
- || !pack_str(&msg->ocspuri, &str_next, &str_roof)
- || !pack_str(&msg->ike, &str_next, &str_roof)
- || !pack_str(&msg->esp, &str_next, &str_roof)
- || !pack_str(&msg->sc_data, &str_next, &str_roof)
- || (str_roof - str_next < msg->keyval.len))
+ if (!pack_str(&msg->name, &str_next, &str_roof)
+ || !pack_str(&msg->left.id, &str_next, &str_roof)
+ || !pack_str(&msg->left.cert, &str_next, &str_roof)
+ || !pack_str(&msg->left.ca, &str_next, &str_roof)
+ || !pack_str(&msg->left.groups, &str_next, &str_roof)
+ || !pack_str(&msg->left.updown, &str_next, &str_roof)
+ || !pack_str(&msg->left.sourceip, &str_next, &str_roof)
+ || !pack_str(&msg->left.virt, &str_next, &str_roof)
+ || !pack_str(&msg->right.id, &str_next, &str_roof)
+ || !pack_str(&msg->right.cert, &str_next, &str_roof)
+ || !pack_str(&msg->right.ca, &str_next, &str_roof)
+ || !pack_str(&msg->right.groups, &str_next, &str_roof)
+ || !pack_str(&msg->right.updown, &str_next, &str_roof)
+ || !pack_str(&msg->right.sourceip, &str_next, &str_roof)
+ || !pack_str(&msg->right.virt, &str_next, &str_roof)
+ || !pack_str(&msg->keyid, &str_next, &str_roof)
+ || !pack_str(&msg->myid, &str_next, &str_roof)
+ || !pack_str(&msg->cacert, &str_next, &str_roof)
+ || !pack_str(&msg->ldaphost, &str_next, &str_roof)
+ || !pack_str(&msg->ldapbase, &str_next, &str_roof)
+ || !pack_str(&msg->crluri, &str_next, &str_roof)
+ || !pack_str(&msg->crluri2, &str_next, &str_roof)
+ || !pack_str(&msg->ocspuri, &str_next, &str_roof)
+ || !pack_str(&msg->ike, &str_next, &str_roof)
+ || !pack_str(&msg->esp, &str_next, &str_roof)
+ || !pack_str(&msg->sc_data, &str_next, &str_roof)
+ || (str_roof - str_next < msg->keyval.len))
{
plog("send_wack_msg(): can't pack strings");
return -1;
}
if (msg->keyval.ptr)
+ {
memcpy(str_next, msg->keyval.ptr, msg->keyval.len);
+ }
msg->keyval.ptr = NULL;
str_next += msg->keyval.len;
len = str_next - (char *)msg;
@@ -130,15 +132,13 @@ send_whack_msg (whack_message_t *msg)
return 0;
}
-static void
-init_whack_msg(whack_message_t *msg)
+static void init_whack_msg(whack_message_t *msg)
{
memset(msg, 0, sizeof(whack_message_t));
msg->magic = WHACK_MAGIC;
}
-static char *
-connection_name(starter_conn_t *conn)
+static char *connection_name(starter_conn_t *conn)
{
/* if connection name is '%auto', create a new name like conn_xxxxx */
static char buf[32];
@@ -151,34 +151,26 @@ connection_name(starter_conn_t *conn)
return conn->name;
}
-static void
-set_whack_end(whack_end_t *w, starter_end_t *end, sa_family_t family)
-{
- if (end->srcip && end->srcip[0] != '%')
- {
- int len = 0;
- char *pos;
-
- pos = strchr(end->srcip, '/');
- if (pos)
- {
- /* use first address only for pluto */
- len = pos - end->srcip;
- }
- w->has_srcip = !end->has_natip;
- ttoaddr(end->srcip, len, ip_version(end->srcip), &w->host_srcip);
- }
- else
- {
- anyaddr(AF_INET, &w->host_srcip);
- }
-
+static void set_whack_end(whack_end_t *w, starter_end_t *end, sa_family_t family)
+{
w->id = end->id;
w->cert = end->cert;
w->ca = end->ca;
w->groups = end->groups;
w->host_addr = end->addr;
w->has_client = end->has_client;
+ w->sourceip = end->sourceip;
+ w->sourceip_mask = end->sourceip_mask;
+
+ if (end->sourceip && end->sourceip_mask > 0)
+ {
+ ttoaddr(end->sourceip, 0, ip_version(end->sourceip), &w->host_srcip);
+ w->has_srcip = !end->has_natip;
+ }
+ else
+ {
+ anyaddr(AF_INET, &w->host_srcip);
+ }
if (family == AF_INET6 && isanyaddr(&end->nexthop))
{
@@ -234,13 +226,14 @@ starter_whack_add_pubkey (starter_conn_t *conn, starter_end_t *end
{
const char *err;
static char keyspace[1024 + 4];
+ char buf[ADDRTOT_BUF];
whack_message_t msg;
init_whack_msg(&msg);
msg.whack_key = TRUE;
msg.pubkey_alg = PUBKEY_ALG_RSA;
- if (end->id && end->rsakey)
+ if (end->rsakey)
{
/* special values to ignore */
if (streq(end->rsakey, "")
@@ -250,24 +243,28 @@ starter_whack_add_pubkey (starter_conn_t *conn, starter_end_t *end
{
return 0;
}
- msg.keyid = end->id;
err = atobytes(end->rsakey, 0, keyspace, sizeof(keyspace), &msg.keyval.len);
if (err)
{
plog("conn %s/%s: rsakey malformed [%s]", connection_name(conn), lr, err);
return 1;
}
+ if (end->id)
+ {
+ msg.keyid = end->id;
+ }
else
{
- msg.keyval.ptr = keyspace;
- return send_whack_msg(&msg);
+ addrtot(&end->addr, 0, buf, sizeof(buf));
+ msg.keyid = buf;
}
+ msg.keyval.ptr = keyspace;
+ return send_whack_msg(&msg);
}
return 0;
}
-int
-starter_whack_add_conn(starter_conn_t *conn)
+int starter_whack_add_conn(starter_conn_t *conn)
{
whack_message_t msg;
int r;
@@ -332,8 +329,7 @@ starter_whack_add_conn(starter_conn_t *conn)
return r;
}
-int
-starter_whack_del_conn(starter_conn_t *conn)
+int starter_whack_del_conn(starter_conn_t *conn)
{
whack_message_t msg;
@@ -343,8 +339,7 @@ starter_whack_del_conn(starter_conn_t *conn)
return send_whack_msg(&msg);
}
-int
-starter_whack_route_conn(starter_conn_t *conn)
+int starter_whack_route_conn(starter_conn_t *conn)
{
whack_message_t msg;
@@ -354,8 +349,7 @@ starter_whack_route_conn(starter_conn_t *conn)
return send_whack_msg(&msg);
}
-int
-starter_whack_initiate_conn(starter_conn_t *conn)
+int starter_whack_initiate_conn(starter_conn_t *conn)
{
whack_message_t msg;
@@ -366,8 +360,7 @@ starter_whack_initiate_conn(starter_conn_t *conn)
return send_whack_msg(&msg);
}
-int
-starter_whack_listen(void)
+int starter_whack_listen(void)
{
whack_message_t msg;
init_whack_msg(&msg);
@@ -384,8 +377,7 @@ int starter_whack_shutdown(void)
return send_whack_msg(&msg);
}
-int
-starter_whack_add_ca(starter_ca_t *ca)
+int starter_whack_add_ca(starter_ca_t *ca)
{
whack_message_t msg;
@@ -404,8 +396,7 @@ starter_whack_add_ca(starter_ca_t *ca)
return send_whack_msg(&msg);
}
-int
-starter_whack_del_ca(starter_ca_t *ca)
+int starter_whack_del_ca(starter_ca_t *ca)
{
whack_message_t msg;