diff options
Diffstat (limited to 'programs/starter')
| -rw-r--r-- | programs/starter/confread.c | 26 | ||||
| -rw-r--r-- | programs/starter/interfaces.c | 19 | ||||
| -rw-r--r-- | programs/starter/starterwhack.c | 10 |
3 files changed, 29 insertions, 26 deletions
diff --git a/programs/starter/confread.c b/programs/starter/confread.c index cf12d05ca..af0f00877 100644 --- a/programs/starter/confread.c +++ b/programs/starter/confread.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: confread.c,v 1.37 2006/04/17 19:35:07 as Exp $ + * RCSID $Id: confread.c,v 1.38 2006/06/20 21:52:53 as Exp $ */ #include <stddef.h> @@ -31,6 +31,9 @@ #include "args.h" #include "interfaces.h" +/* strings containing a colon are interpreted as an IPv6 address */ +#define ip_version(string) (strchr(string, ':') != NULL)? AF_INET6 : AF_INET; + static const char ike_defaults[] = "3des-sha, 3des-md5"; static const char esp_defaults[] = "3des-sha1, 3des-md5"; @@ -166,8 +169,13 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token goto err; } } - else if (streq(value,"%any")) - { + else if (streq(value, "%any")) + { + anyaddr(conn->addr_family, &end->addr); + } + else if (streq(value, "%any6")) + { + conn->addr_family = AF_INET6; anyaddr(conn->addr_family, &end->addr); } else if (value[0] == '%') @@ -183,6 +191,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token } else { + conn->addr_family = ip_version(value); ugh = ttoaddr(value, 0, conn->addr_family, &end->addr); if (ugh != NULL) { @@ -203,10 +212,14 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token } } else if (streq(value, "%direct")) + { ugh = anyaddr(conn->addr_family, &end->nexthop); + } else + { + conn->addr_family = ip_version(value); ugh = ttoaddr(value, 0, conn->addr_family, &end->nexthop); - + } if (ugh != NULL) { plog("# bad addr: %s=%s [%s]", name, value, ugh); @@ -222,6 +235,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token else { end->has_client = TRUE; + conn->tunnel_addr_family = ip_version(value); ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &end->subnet); if (ugh != NULL) { @@ -233,6 +247,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token case KW_SUBNETWITHIN: end->has_client = TRUE; end->has_client_wildcard = TRUE; + conn->tunnel_addr_family = ip_version(value); ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &end->subnet); break; case KW_PROTOPORT: @@ -246,7 +261,8 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token } else { - ugh = ttoaddr(value, 0, conn->addr_family, &end->srcip); + conn->tunnel_addr_family = ip_version(value); + ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &end->srcip); if (ugh != NULL) { plog("# bad addr: %s=%s [%s]", name, value, ugh); diff --git a/programs/starter/interfaces.c b/programs/starter/interfaces.c index 9926ea059..3b24e2faf 100644 --- a/programs/starter/interfaces.c +++ b/programs/starter/interfaces.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: interfaces.c,v 1.15 2006/02/05 10:51:55 as Exp $ + * RCSID $Id: interfaces.c,v 1.16 2006/05/25 12:10:15 as Exp $ */ #include <sys/socket.h> @@ -192,9 +192,6 @@ _iface_up (int sock, struct st_ipsec_if *iface, char *phys struct ipsectunnelconf *shc=(struct ipsectunnelconf *)&req.ifr_data; short phys_flags; int ret = 0; - /* sscholz@astaro.com: for network mask 32 bit - struct sockaddr_in *inp; - */ strncpy(req.ifr_name, phys, IFNAMSIZ); if (ioctl(sock, SIOCGIFFLAGS, &req) !=0 ) @@ -239,13 +236,6 @@ _iface_up (int sock, struct st_ipsec_if *iface, char *phys if (ioctl(sock, SIOCGIFNETMASK, &req) == 0) { strncpy(req.ifr_name, iface->name, IFNAMSIZ); - /* sscholz@astaro.com: changed netmask to 32 bit - * in order to prevent network routes from being created - - inp = (struct sockaddr_in *)&req.ifr_addr; - inp->sin_addr.s_addr = 0xFFFFFFFFL; - - */ ioctl(sock, SIOCSIFNETMASK, &req); } @@ -253,8 +243,7 @@ _iface_up (int sock, struct st_ipsec_if *iface, char *phys strncpy(req.ifr_name, iface->name, IFNAMSIZ); if (ioctl(sock, SIOCGIFFLAGS, &req)==0) { -/* removed by sscholz@astaro.com (caused trouble with DSL/ppp0) */ -/* if (phys_flags & IFF_POINTOPOINT) + if (phys_flags & IFF_POINTOPOINT) { req.ifr_flags |= IFF_POINTOPOINT; req.ifr_flags &= ~IFF_BROADCAST; @@ -266,9 +255,7 @@ _iface_up (int sock, struct st_ipsec_if *iface, char *phys ioctl(sock, SIOCSIFDSTADDR, &req); } } - else - */ - if (phys_flags & IFF_BROADCAST) + else if (phys_flags & IFF_BROADCAST) { req.ifr_flags &= ~IFF_POINTOPOINT; req.ifr_flags |= IFF_BROADCAST; diff --git a/programs/starter/starterwhack.c b/programs/starter/starterwhack.c index a671c560c..0d7a3715e 100644 --- a/programs/starter/starterwhack.c +++ b/programs/starter/starterwhack.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: starterwhack.c,v 1.17 2006/04/17 10:32:36 as Exp $ + * RCSID $Id: starterwhack.c,v 1.18 2006/06/20 21:52:53 as Exp $ */ #include <sys/types.h> @@ -161,13 +161,13 @@ set_whack_end(whack_end_t *w, starter_end_t *end) w->host_addr = end->addr; w->host_nexthop = end->nexthop; w->host_srcip = end->srcip; + w->has_client = end->has_client; - if (end->has_client) - w->client = end->subnet; + if (w->has_client) + w->client = end->subnet; else - w->client.addr.u.v4.sin_family = AF_INET; + w->client.addr.u.v4.sin_family = addrtypeof(&w->host_addr); - w->has_client = end->has_client; w->has_client_wildcard = end->has_client_wildcard; w->has_port_wildcard = end->has_port_wildcard; w->has_srcip = end->has_srcip; |