diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-06-01 14:46:30 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-06-01 14:46:30 +0200 |
| commit | fc556ec2bc92a9d476c11406fad2c33db8bf7cb0 (patch) | |
| tree | 7360889e50de867d72741213d534a756c73902c8 /src/starter | |
| parent | 83b8aebb19fe6e49e13a05d4e8f5ab9a06177642 (diff) | |
| download | vyos-strongswan-fc556ec2bc92a9d476c11406fad2c33db8bf7cb0.tar.gz vyos-strongswan-fc556ec2bc92a9d476c11406fad2c33db8bf7cb0.zip | |
Imported Upstream version 5.3.1
Diffstat (limited to 'src/starter')
| -rw-r--r-- | src/starter/Android.mk | 2 | ||||
| -rw-r--r-- | src/starter/Makefile.am | 4 | ||||
| -rw-r--r-- | src/starter/Makefile.in | 7 | ||||
| -rw-r--r-- | src/starter/confread.c | 23 | ||||
| -rw-r--r-- | src/starter/confread.h | 1 | ||||
| -rw-r--r-- | src/starter/starter.c | 9 | ||||
| -rw-r--r-- | src/starter/starterstroke.c | 308 |
7 files changed, 176 insertions, 178 deletions
diff --git a/src/starter/Android.mk b/src/starter/Android.mk index c37fc1aa6..8c5d1a92f 100644 --- a/src/starter/Android.mk +++ b/src/starter/Android.mk @@ -19,7 +19,7 @@ LOCAL_C_INCLUDES += \ $(strongswan_PATH)/src/starter \ $(strongswan_PATH)/src/stroke -LOCAL_CFLAGS := $(strongswan_CFLAGS) -DSTART_CHARON \ +LOCAL_CFLAGS := $(strongswan_CFLAGS) \ -DIPSEC_SCRIPT='"ipsec"' \ -DPLUGINS='"$(strongswan_STARTER_PLUGINS)"' diff --git a/src/starter/Makefile.am b/src/starter/Makefile.am index f0a2be856..7f5d1ca5b 100644 --- a/src/starter/Makefile.am +++ b/src/starter/Makefile.am @@ -40,10 +40,6 @@ EXTRA_DIST = keywords.txt ipsec.conf Android.mk MAINTAINERCLEANFILES = keywords.c BUILT_SOURCES = keywords.c parser/parser.h -if USE_CHARON - AM_CPPFLAGS += -DSTART_CHARON -endif - if USE_LOAD_WARNING AM_CPPFLAGS += -DLOAD_WARNING endif diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in index ee68adc21..3166cc5d5 100644 --- a/src/starter/Makefile.in +++ b/src/starter/Makefile.in @@ -80,9 +80,8 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ ipsec_PROGRAMS = starter$(EXEEXT) -@USE_CHARON_TRUE@am__append_1 = -DSTART_CHARON -@USE_LOAD_WARNING_TRUE@am__append_2 = -DLOAD_WARNING -@USE_SCEPCLIENT_TRUE@am__append_3 = -DGENERATE_SELFCERT +@USE_LOAD_WARNING_TRUE@am__append_1 = -DLOAD_WARNING +@USE_SCEPCLIENT_TRUE@am__append_2 = -DGENERATE_SELFCERT subdir = src/starter DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ parser/parser.h parser/parser.c parser/lexer.c \ @@ -493,7 +492,7 @@ AM_CPPFLAGS = -I${linux_headers} -I$(top_srcdir)/src/libstrongswan \ -DDEV_RANDOM=\"${random_device}\" \ -DDEV_URANDOM=\"${urandom_device}\" \ -DPLUGINS=\""${starter_plugins}\"" -DDEBUG $(am__append_1) \ - $(am__append_2) $(am__append_3) + $(am__append_2) AM_YFLAGS = -v -d starter_LDADD = \ $(top_builddir)/src/libstrongswan/libstrongswan.la \ diff --git a/src/starter/confread.c b/src/starter/confread.c index de9099a1b..c3a0ac07f 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -50,17 +50,6 @@ static const char firewall_defaults[] = IPSEC_SCRIPT " _updown iptables"; */ extern kw_entry_t *in_word_set (char *str, unsigned int len); -static bool daemon_exists(char *daemon, char *path) -{ - struct stat st; - if (stat(path, &st) != 0) - { - DBG1(DBG_APP, "Disabling %sstart option, '%s' not found", daemon, path); - return FALSE; - } - return TRUE; -} - /** * Process deprecated keywords */ @@ -147,14 +136,6 @@ static void load_setup(starter_config_t *cfg, conf_parser_t *parser) } enumerator->destroy(enumerator); dict->destroy(dict); - - /* verify the executables are actually available */ -#ifdef START_CHARON - cfg->setup.charonstart = cfg->setup.charonstart && - daemon_exists(daemon_name, cmd); -#else - cfg->setup.charonstart = FALSE; -#endif } /* @@ -722,12 +703,8 @@ starter_config_t* confread_load(const char *file) INIT(cfg, .setup = { .uniqueids = TRUE, - } ); -#ifdef START_CHARON - cfg->setup.charonstart = TRUE; -#endif /* load config setup section */ load_setup(cfg, parser); diff --git a/src/starter/confread.h b/src/starter/confread.h index 0eea98849..457327f18 100644 --- a/src/starter/confread.h +++ b/src/starter/confread.h @@ -193,7 +193,6 @@ typedef struct starter_config starter_config_t; struct starter_config { struct { - bool charonstart; char *charondebug; bool uniqueids; bool cachecrls; diff --git a/src/starter/starter.c b/src/starter/starter.c index 74b5b5286..a19298923 100644 --- a/src/starter/starter.c +++ b/src/starter/starter.c @@ -517,6 +517,13 @@ int main (int argc, char **argv) exit(status); } + if (stat(cmd, &stb) != 0) + { + DBG1(DBG_APP, "IKE daemon '%s' not found", cmd); + cleanup(); + exit(LSB_RC_FAILURE); + } + DBG1(DBG_APP, "Starting %sSwan "VERSION" IPsec [starter]...", lib->settings->get_bool(lib->settings, "charon.i_dont_care_about_security_and_use_aggressive_mode_psk", @@ -836,7 +843,7 @@ int main (int argc, char **argv) */ if (_action_ & FLAG_ACTION_START_CHARON) { - if (cfg->setup.charonstart && !starter_charon_pid()) + if (!starter_charon_pid()) { DBG2(DBG_APP, "Attempting to start %s...", daemon_name); if (starter_start_charon(cfg, no_fork, attach_gdb)) diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 6e1f1605d..79a92cdad 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2007-2015 Tobias Brunner * Copyright (C) 2006 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -31,37 +32,57 @@ #define IPV4_LEN 4 #define IPV6_LEN 16 -static char* push_string(stroke_msg_t *msg, char *string) +static stroke_msg_t *create_stroke_msg(int type) { - unsigned long string_start = msg->length; + stroke_msg_t *msg; - if (string == NULL) + INIT(msg, + .type = type, + .length = offsetof(stroke_msg_t, buffer), + ); + return msg; +} + +#define push_string(msg, field, str) \ + push_string_impl(msg, offsetof(stroke_msg_t, field), str) +#define push_string_end(msg, offset, field, str) \ + push_string_impl(msg, offset + offsetof(stroke_end_t, field), str) + +static void push_string_impl(stroke_msg_t **msg, size_t offset, char *string) +{ + size_t cur_len = (*msg)->length, str_len; + + if (!string) { - return NULL; + return; } - else if ((size_t)msg->length + strlen(string) >= sizeof(stroke_msg_t)) + str_len = strlen(string) + 1; + if (cur_len + str_len >= UINT16_MAX) { - /* set invalid length to fail during message send */ - msg->length = ~0; - return NULL; + (*msg)->length = UINT16_MAX; + return; } - else + while (cur_len + str_len > sizeof(stroke_msg_t) + (*msg)->buflen) { - msg->length += strlen(string) + 1; - strcpy((char*)msg + string_start, string); - return (char*)string_start; + *msg = realloc(*msg, sizeof(stroke_msg_t) + (*msg)->buflen + + STROKE_BUF_LEN_INC); + (*msg)->buflen += STROKE_BUF_LEN_INC; } + (*msg)->length += str_len; + strcpy((char*)*msg + cur_len, string); + *(char**)((char*)*msg + offset) = (char*)cur_len; } -static int send_stroke_msg (stroke_msg_t *msg) +static int send_stroke_msg(stroke_msg_t *msg) { stream_t *stream; char *uri, buffer[64]; int count; - if (msg->length > sizeof(stroke_msg_t)) + if (msg->length == UINT16_MAX) { - DBG1(DBG_APP, "stroke message exceeds buffer size"); + DBG1(DBG_APP, "stroke message exceeds maximum buffer size"); + free(msg); return -1; } @@ -74,6 +95,7 @@ static int send_stroke_msg (stroke_msg_t *msg) if (!stream) { DBG1(DBG_APP, "failed to connect to stroke socket '%s'", uri); + free(msg); return -1; } @@ -81,6 +103,7 @@ static int send_stroke_msg (stroke_msg_t *msg) { DBG1(DBG_APP, "sending stroke message failed"); stream->destroy(stream); + free(msg); return -1; } while ((count = stream->read(stream, buffer, sizeof(buffer)-1, TRUE)) > 0) @@ -93,6 +116,7 @@ static int send_stroke_msg (stroke_msg_t *msg) DBG1(DBG_APP, "reading stroke response failed"); } stream->destroy(stream); + free(msg); return 0; } @@ -109,33 +133,38 @@ static char* connection_name(starter_conn_t *conn) return conn->name; } -static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, starter_end_t *conn_end) +static void add_end(stroke_msg_t **msg, size_t offset, starter_end_t *conn_end) { - msg_end->auth = push_string(msg, conn_end->auth); - msg_end->auth2 = push_string(msg, conn_end->auth2); - msg_end->id = push_string(msg, conn_end->id); - msg_end->id2 = push_string(msg, conn_end->id2); - msg_end->rsakey = push_string(msg, conn_end->rsakey); - msg_end->cert = push_string(msg, conn_end->cert); - msg_end->cert2 = push_string(msg, conn_end->cert2); - msg_end->cert_policy = push_string(msg, conn_end->cert_policy); - msg_end->ca = push_string(msg, conn_end->ca); - msg_end->ca2 = push_string(msg, conn_end->ca2); - msg_end->groups = push_string(msg, conn_end->groups); - msg_end->groups2 = push_string(msg, conn_end->groups2); - msg_end->updown = push_string(msg, conn_end->updown); + stroke_end_t *msg_end; + + push_string_end(msg, offset, auth, conn_end->auth); + push_string_end(msg, offset, auth2, conn_end->auth2); + push_string_end(msg, offset, id, conn_end->id); + push_string_end(msg, offset, id2, conn_end->id2); + push_string_end(msg, offset, rsakey, conn_end->rsakey); + push_string_end(msg, offset, cert, conn_end->cert); + push_string_end(msg, offset, cert2, conn_end->cert2); + push_string_end(msg, offset, cert_policy, conn_end->cert_policy); + push_string_end(msg, offset, ca, conn_end->ca); + push_string_end(msg, offset, ca2, conn_end->ca2); + push_string_end(msg, offset, groups, conn_end->groups); + push_string_end(msg, offset, groups2, conn_end->groups2); + push_string_end(msg, offset, updown, conn_end->updown); if (conn_end->host) { - msg_end->address = push_string(msg, conn_end->host); + push_string_end(msg, offset, address, conn_end->host); } else { - msg_end->address = push_string(msg, "%any"); + push_string_end(msg, offset, address, "%any"); } + push_string_end(msg, offset, subnets, conn_end->subnet); + push_string_end(msg, offset, sourceip, conn_end->sourceip); + push_string_end(msg, offset, dns, conn_end->dns); + + /* we can't assign it earlier as msg might change */ + msg_end = (stroke_end_t*)((char*)(*msg) + offset); msg_end->ikeport = conn_end->ikeport; - msg_end->subnets = push_string(msg, conn_end->subnet); - msg_end->sourceip = push_string(msg, conn_end->sourceip); - msg_end->dns = push_string(msg, conn_end->dns); msg_end->sendcert = conn_end->sendcert; msg_end->hostaccess = conn_end->hostaccess; msg_end->tohost = !conn_end->subnet; @@ -147,187 +176,178 @@ static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, sta int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) { - stroke_msg_t msg; + stroke_msg_t *msg; - memset(&msg, 0, sizeof(msg)); - msg.type = STR_ADD_CONN; - msg.length = offsetof(stroke_msg_t, buffer); - msg.add_conn.version = conn->keyexchange; - msg.add_conn.name = push_string(&msg, connection_name(conn)); - msg.add_conn.eap_identity = push_string(&msg, conn->eap_identity); - msg.add_conn.aaa_identity = push_string(&msg, conn->aaa_identity); - msg.add_conn.xauth_identity = push_string(&msg, conn->xauth_identity); + msg = create_stroke_msg(STR_ADD_CONN); + msg->add_conn.version = conn->keyexchange; + push_string(&msg, add_conn.name, connection_name(conn)); + push_string(&msg, add_conn.eap_identity, conn->eap_identity); + push_string(&msg, add_conn.aaa_identity, conn->aaa_identity); + push_string(&msg, add_conn.xauth_identity, conn->xauth_identity); - msg.add_conn.mode = conn->mode; - msg.add_conn.proxy_mode = conn->proxy_mode; + msg->add_conn.mode = conn->mode; + msg->add_conn.proxy_mode = conn->proxy_mode; if (!(conn->options & SA_OPTION_DONT_REKEY)) { - msg.add_conn.rekey.reauth = !(conn->options & SA_OPTION_DONT_REAUTH); - msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds; - msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds; - msg.add_conn.rekey.margin = conn->sa_rekey_margin; - msg.add_conn.rekey.life_bytes = conn->sa_ipsec_life_bytes; - msg.add_conn.rekey.margin_bytes = conn->sa_ipsec_margin_bytes; - msg.add_conn.rekey.life_packets = conn->sa_ipsec_life_packets; - msg.add_conn.rekey.margin_packets = conn->sa_ipsec_margin_packets; - msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz; + msg->add_conn.rekey.reauth = !(conn->options & SA_OPTION_DONT_REAUTH); + msg->add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds; + msg->add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds; + msg->add_conn.rekey.margin = conn->sa_rekey_margin; + msg->add_conn.rekey.life_bytes = conn->sa_ipsec_life_bytes; + msg->add_conn.rekey.margin_bytes = conn->sa_ipsec_margin_bytes; + msg->add_conn.rekey.life_packets = conn->sa_ipsec_life_packets; + msg->add_conn.rekey.margin_packets = conn->sa_ipsec_margin_packets; + msg->add_conn.rekey.fuzz = conn->sa_rekey_fuzz; } - msg.add_conn.rekey.tries = conn->sa_keying_tries; - - msg.add_conn.mobike = conn->options & SA_OPTION_MOBIKE; - msg.add_conn.force_encap = conn->options & SA_OPTION_FORCE_ENCAP; - msg.add_conn.fragmentation = conn->fragmentation; - msg.add_conn.ikedscp = conn->ikedscp; - msg.add_conn.ipcomp = conn->options & SA_OPTION_COMPRESS; - msg.add_conn.install_policy = conn->install_policy; - msg.add_conn.aggressive = conn->aggressive; - msg.add_conn.pushmode = conn->options & SA_OPTION_MODECFG_PUSH; - msg.add_conn.crl_policy = (crl_policy_t)cfg->setup.strictcrlpolicy; - msg.add_conn.unique = cfg->setup.uniqueids; - msg.add_conn.algorithms.ike = push_string(&msg, conn->ike); - msg.add_conn.algorithms.esp = push_string(&msg, conn->esp); - msg.add_conn.algorithms.ah = push_string(&msg, conn->ah); - msg.add_conn.dpd.delay = conn->dpd_delay; - msg.add_conn.dpd.timeout = conn->dpd_timeout; - msg.add_conn.dpd.action = conn->dpd_action; - msg.add_conn.close_action = conn->close_action; - msg.add_conn.inactivity = conn->inactivity; - msg.add_conn.ikeme.mediation = conn->me_mediation; - msg.add_conn.ikeme.mediated_by = push_string(&msg, conn->me_mediated_by); - msg.add_conn.ikeme.peerid = push_string(&msg, conn->me_peerid); - msg.add_conn.reqid = conn->reqid; - msg.add_conn.replay_window = conn->replay_window; - msg.add_conn.mark_in.value = conn->mark_in.value; - msg.add_conn.mark_in.mask = conn->mark_in.mask; - msg.add_conn.mark_out.value = conn->mark_out.value; - msg.add_conn.mark_out.mask = conn->mark_out.mask; - msg.add_conn.tfc = conn->tfc; - - starter_stroke_add_end(&msg, &msg.add_conn.me, &conn->left); - starter_stroke_add_end(&msg, &msg.add_conn.other, &conn->right); - - if (!msg.add_conn.me.auth && !msg.add_conn.other.auth && + msg->add_conn.rekey.tries = conn->sa_keying_tries; + + msg->add_conn.mobike = conn->options & SA_OPTION_MOBIKE; + msg->add_conn.force_encap = conn->options & SA_OPTION_FORCE_ENCAP; + msg->add_conn.fragmentation = conn->fragmentation; + msg->add_conn.ikedscp = conn->ikedscp; + msg->add_conn.ipcomp = conn->options & SA_OPTION_COMPRESS; + msg->add_conn.install_policy = conn->install_policy; + msg->add_conn.aggressive = conn->aggressive; + msg->add_conn.pushmode = conn->options & SA_OPTION_MODECFG_PUSH; + msg->add_conn.crl_policy = (crl_policy_t)cfg->setup.strictcrlpolicy; + msg->add_conn.unique = cfg->setup.uniqueids; + push_string(&msg, add_conn.algorithms.ike, conn->ike); + push_string(&msg, add_conn.algorithms.esp, conn->esp); + push_string(&msg, add_conn.algorithms.ah, conn->ah); + msg->add_conn.dpd.delay = conn->dpd_delay; + msg->add_conn.dpd.timeout = conn->dpd_timeout; + msg->add_conn.dpd.action = conn->dpd_action; + msg->add_conn.close_action = conn->close_action; + msg->add_conn.inactivity = conn->inactivity; + msg->add_conn.ikeme.mediation = conn->me_mediation; + push_string(&msg, add_conn.ikeme.mediated_by, conn->me_mediated_by); + push_string(&msg, add_conn.ikeme.peerid, conn->me_peerid); + msg->add_conn.reqid = conn->reqid; + msg->add_conn.replay_window = conn->replay_window; + msg->add_conn.mark_in.value = conn->mark_in.value; + msg->add_conn.mark_in.mask = conn->mark_in.mask; + msg->add_conn.mark_out.value = conn->mark_out.value; + msg->add_conn.mark_out.mask = conn->mark_out.mask; + msg->add_conn.tfc = conn->tfc; + + add_end(&msg, offsetof(stroke_msg_t, add_conn.me), &conn->left); + add_end(&msg, offsetof(stroke_msg_t, add_conn.other), &conn->right); + + if (!msg->add_conn.me.auth && !msg->add_conn.other.auth && conn->authby) { /* leftauth/rightauth not set, use legacy options */ if (streq(conn->authby, "rsa") || streq(conn->authby, "rsasig") || streq(conn->authby, "ecdsa") || streq(conn->authby, "ecdsasig") || streq(conn->authby, "pubkey")) { - msg.add_conn.me.auth = push_string(&msg, "pubkey"); - msg.add_conn.other.auth = push_string(&msg, "pubkey"); + push_string(&msg, add_conn.me.auth, "pubkey"); + push_string(&msg, add_conn.other.auth, "pubkey"); } else if (streq(conn->authby, "secret") || streq(conn->authby, "psk")) { - msg.add_conn.me.auth = push_string(&msg, "psk"); - msg.add_conn.other.auth = push_string(&msg, "psk"); + push_string(&msg, add_conn.me.auth, "psk"); + push_string(&msg, add_conn.other.auth, "psk"); } else if (streq(conn->authby, "xauthrsasig")) { - msg.add_conn.me.auth = push_string(&msg, "pubkey"); - msg.add_conn.other.auth = push_string(&msg, "pubkey"); + push_string(&msg, add_conn.me.auth, "pubkey"); + push_string(&msg, add_conn.other.auth, "pubkey"); if (conn->options & SA_OPTION_XAUTH_SERVER) { - msg.add_conn.other.auth2 = push_string(&msg, "xauth"); + push_string(&msg, add_conn.other.auth2, "xauth"); } else { - msg.add_conn.me.auth2 = push_string(&msg, "xauth"); + push_string(&msg, add_conn.me.auth2, "xauth"); } } else if (streq(conn->authby, "xauthpsk")) { - msg.add_conn.me.auth = push_string(&msg, "psk"); - msg.add_conn.other.auth = push_string(&msg, "psk"); + push_string(&msg, add_conn.me.auth, "psk"); + push_string(&msg, add_conn.other.auth, "psk"); if (conn->options & SA_OPTION_XAUTH_SERVER) { - msg.add_conn.other.auth2 = push_string(&msg, "xauth"); + push_string(&msg, add_conn.other.auth2, "xauth"); } else { - msg.add_conn.me.auth2 = push_string(&msg, "xauth"); + push_string(&msg, add_conn.me.auth2, "xauth"); } } } - return send_stroke_msg(&msg); + return send_stroke_msg(msg); } int starter_stroke_del_conn(starter_conn_t *conn) { - stroke_msg_t msg; + stroke_msg_t *msg; - msg.type = STR_DEL_CONN; - msg.length = offsetof(stroke_msg_t, buffer); - msg.del_conn.name = push_string(&msg, connection_name(conn)); - return send_stroke_msg(&msg); + msg = create_stroke_msg(STR_DEL_CONN); + push_string(&msg, del_conn.name, connection_name(conn)); + return send_stroke_msg(msg); } int starter_stroke_route_conn(starter_conn_t *conn) { - stroke_msg_t msg; + stroke_msg_t *msg; - msg.type = STR_ROUTE; - msg.length = offsetof(stroke_msg_t, buffer); - msg.route.name = push_string(&msg, connection_name(conn)); - return send_stroke_msg(&msg); + msg = create_stroke_msg(STR_ROUTE); + push_string(&msg, route.name, connection_name(conn)); + return send_stroke_msg(msg); } int starter_stroke_unroute_conn(starter_conn_t *conn) { - stroke_msg_t msg; + stroke_msg_t *msg; - msg.type = STR_UNROUTE; - msg.length = offsetof(stroke_msg_t, buffer); - msg.route.name = push_string(&msg, connection_name(conn)); - return send_stroke_msg(&msg); + msg = create_stroke_msg(STR_UNROUTE); + push_string(&msg, route.name, connection_name(conn)); + return send_stroke_msg(msg); } int starter_stroke_initiate_conn(starter_conn_t *conn) { - stroke_msg_t msg; + stroke_msg_t *msg; - msg.type = STR_INITIATE; - msg.length = offsetof(stroke_msg_t, buffer); - msg.initiate.name = push_string(&msg, connection_name(conn)); - return send_stroke_msg(&msg); + msg = create_stroke_msg(STR_INITIATE); + push_string(&msg, initiate.name, connection_name(conn)); + return send_stroke_msg(msg); } int starter_stroke_add_ca(starter_ca_t *ca) { - stroke_msg_t msg; - - msg.type = STR_ADD_CA; - msg.length = offsetof(stroke_msg_t, buffer); - msg.add_ca.name = push_string(&msg, ca->name); - msg.add_ca.cacert = push_string(&msg, ca->cacert); - msg.add_ca.crluri = push_string(&msg, ca->crluri); - msg.add_ca.crluri2 = push_string(&msg, ca->crluri2); - msg.add_ca.ocspuri = push_string(&msg, ca->ocspuri); - msg.add_ca.ocspuri2 = push_string(&msg, ca->ocspuri2); - msg.add_ca.certuribase = push_string(&msg, ca->certuribase); - return send_stroke_msg(&msg); + stroke_msg_t *msg; + + msg = create_stroke_msg(STR_ADD_CA); + push_string(&msg, add_ca.name, ca->name); + push_string(&msg, add_ca.cacert, ca->cacert); + push_string(&msg, add_ca.crluri, ca->crluri); + push_string(&msg, add_ca.crluri2, ca->crluri2); + push_string(&msg, add_ca.ocspuri, ca->ocspuri); + push_string(&msg, add_ca.ocspuri2, ca->ocspuri2); + push_string(&msg, add_ca.certuribase, ca->certuribase); + return send_stroke_msg(msg); } int starter_stroke_del_ca(starter_ca_t *ca) { - stroke_msg_t msg; + stroke_msg_t *msg; - msg.type = STR_DEL_CA; - msg.length = offsetof(stroke_msg_t, buffer); - msg.del_ca.name = push_string(&msg, ca->name); - return send_stroke_msg(&msg); + msg = create_stroke_msg(STR_DEL_CA); + push_string(&msg, del_ca.name, ca->name); + return send_stroke_msg(msg); } int starter_stroke_configure(starter_config_t *cfg) { - stroke_msg_t msg; + stroke_msg_t *msg; if (cfg->setup.cachecrls) { - msg.type = STR_CONFIG; - msg.length = offsetof(stroke_msg_t, buffer); - msg.config.cachecrl = 1; - return send_stroke_msg(&msg); + msg = create_stroke_msg(STR_CONFIG); + msg->config.cachecrl = 1; + return send_stroke_msg(msg); } return 0; } |