summaryrefslogtreecommitdiff
path: root/src/charon/config/child_cfg.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/config/child_cfg.c')
-rw-r--r--src/charon/config/child_cfg.c99
1 files changed, 85 insertions, 14 deletions
diff --git a/src/charon/config/child_cfg.c b/src/charon/config/child_cfg.c
index 24242345b..ab083b212 100644
--- a/src/charon/config/child_cfg.c
+++ b/src/charon/config/child_cfg.c
@@ -14,7 +14,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: child_cfg.c 4358 2008-09-25 13:56:23Z tobias $
+ * $Id: child_cfg.c 4611 2008-11-11 06:29:25Z andreas $
*/
#include "child_cfg.h"
@@ -118,10 +118,20 @@ struct private_child_cfg_t {
* enable IPComp
*/
bool use_ipcomp;
+
+ /**
+ * set up IPsec transport SA in MIPv6 proxy mode
+ */
+ bool proxy_mode;
+
+ /**
+ * enable installation and removal of kernel IPsec policies
+ */
+ bool install_policy;
};
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.get_name.
*/
static char *get_name(private_child_cfg_t *this)
{
@@ -129,7 +139,7 @@ static char *get_name(private_child_cfg_t *this)
}
/**
- * Implementation of child_cfg_t.add_proposal
+ * Implementation of child_cfg_t.add_proposal.
*/
static void add_proposal(private_child_cfg_t *this, proposal_t *proposal)
{
@@ -137,7 +147,7 @@ static void add_proposal(private_child_cfg_t *this, proposal_t *proposal)
}
/**
- * Implementation of child_cfg_t.get_proposals
+ * Implementation of child_cfg_t.get_proposals.
*/
static linked_list_t* get_proposals(private_child_cfg_t *this, bool strip_dh)
{
@@ -161,7 +171,7 @@ static linked_list_t* get_proposals(private_child_cfg_t *this, bool strip_dh)
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.select_proposal.
*/
static proposal_t* select_proposal(private_child_cfg_t*this,
linked_list_t *proposals, bool strip_dh)
@@ -210,7 +220,7 @@ static proposal_t* select_proposal(private_child_cfg_t*this,
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.add_traffic_selector.
*/
static void add_traffic_selector(private_child_cfg_t *this, bool local,
traffic_selector_t *ts)
@@ -226,7 +236,7 @@ static void add_traffic_selector(private_child_cfg_t *this, bool local,
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.get_traffic_selectors.
*/
static linked_list_t* get_traffic_selectors(private_child_cfg_t *this, bool local,
linked_list_t *supplied,
@@ -337,7 +347,36 @@ static linked_list_t* get_traffic_selectors(private_child_cfg_t *this, bool loca
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.equal_traffic_selectors.
+ */
+bool equal_traffic_selectors(private_child_cfg_t *this, bool local,
+ linked_list_t *ts_list, host_t *host)
+{
+ linked_list_t *this_list;
+ traffic_selector_t *this_ts, *ts;
+ bool result;
+
+ this_list = (local) ? this->my_ts : this->other_ts;
+
+ /* currently equality is established for single traffic selectors only */
+ if (this_list->get_count(this_list) != 1 || ts_list->get_count(ts_list) != 1)
+ {
+ return FALSE;
+ }
+
+ this_list->get_first(this_list, (void**)&this_ts);
+ this_ts = this_ts->clone(this_ts);
+ this_ts->set_address(this_ts, host);
+ ts_list->get_first(ts_list, (void**)&ts);
+
+ result = ts->equals(ts, this_ts);
+
+ this_ts->destroy(this_ts);
+ return result;
+}
+
+/**
+ * Implementation of child_cfg_t.get_updown.
*/
static char* get_updown(private_child_cfg_t *this)
{
@@ -345,7 +384,7 @@ static char* get_updown(private_child_cfg_t *this)
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.get_hostaccess.
*/
static bool get_hostaccess(private_child_cfg_t *this)
{
@@ -353,7 +392,7 @@ static bool get_hostaccess(private_child_cfg_t *this)
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.get_lifetime.
*/
static u_int32_t get_lifetime(private_child_cfg_t *this, bool rekey)
{
@@ -369,7 +408,7 @@ static u_int32_t get_lifetime(private_child_cfg_t *this, bool rekey)
}
/**
- * Implementation of child_cfg_t.get_mode
+ * Implementation of child_cfg_t.get_mode.
*/
static ipsec_mode_t get_mode(private_child_cfg_t *this)
{
@@ -377,7 +416,7 @@ static ipsec_mode_t get_mode(private_child_cfg_t *this)
}
/**
- * Implementation of child_cfg_t.get_dpd_action
+ * Implementation of child_cfg_t.get_dpd_action.
*/
static action_t get_dpd_action(private_child_cfg_t *this)
{
@@ -385,7 +424,7 @@ static action_t get_dpd_action(private_child_cfg_t *this)
}
/**
- * Implementation of child_cfg_t.get_close_action
+ * Implementation of child_cfg_t.get_close_action.
*/
static action_t get_close_action(private_child_cfg_t *this)
{
@@ -422,7 +461,33 @@ static bool use_ipcomp(private_child_cfg_t *this)
}
/**
- * Implementation of child_cfg_t.get_name
+ * Implementation of child_cfg_t.set_mipv6_options.
+ */
+static void set_mipv6_options(private_child_cfg_t *this, bool proxy_mode,
+ bool install_policy)
+{
+ this->proxy_mode = proxy_mode;
+ this->install_policy = install_policy;
+}
+
+/**
+ * Implementation of child_cfg_t.use_proxy_mode.
+ */
+static bool use_proxy_mode(private_child_cfg_t *this)
+{
+ return this->proxy_mode;
+}
+
+/**
+ * Implementation of child_cfg_t.install_policy.
+ */
+static bool install_policy(private_child_cfg_t *this)
+{
+ return this->install_policy;
+}
+
+/**
+ * Implementation of child_cfg_t.get_ref.
*/
static child_cfg_t* get_ref(private_child_cfg_t *this)
{
@@ -462,6 +527,7 @@ child_cfg_t *child_cfg_create(char *name, u_int32_t lifetime,
this->public.get_name = (char* (*) (child_cfg_t*))get_name;
this->public.add_traffic_selector = (void (*)(child_cfg_t*,bool,traffic_selector_t*))add_traffic_selector;
this->public.get_traffic_selectors = (linked_list_t*(*)(child_cfg_t*,bool,linked_list_t*,host_t*))get_traffic_selectors;
+ this->public.equal_traffic_selectors = (bool (*)(child_cfg_t*,bool,linked_list_t*,host_t*))equal_traffic_selectors;
this->public.add_proposal = (void (*) (child_cfg_t*,proposal_t*))add_proposal;
this->public.get_proposals = (linked_list_t* (*) (child_cfg_t*,bool))get_proposals;
this->public.select_proposal = (proposal_t* (*) (child_cfg_t*,linked_list_t*,bool))select_proposal;
@@ -472,7 +538,10 @@ child_cfg_t *child_cfg_create(char *name, u_int32_t lifetime,
this->public.get_close_action = (action_t (*) (child_cfg_t *))get_close_action;
this->public.get_lifetime = (u_int32_t (*) (child_cfg_t *,bool))get_lifetime;
this->public.get_dh_group = (diffie_hellman_group_t(*)(child_cfg_t*)) get_dh_group;
+ this->public.set_mipv6_options = (void (*) (child_cfg_t*,bool,bool))set_mipv6_options;
this->public.use_ipcomp = (bool (*) (child_cfg_t *))use_ipcomp;
+ this->public.use_proxy_mode = (bool (*) (child_cfg_t *))use_proxy_mode;
+ this->public.install_policy = (bool (*) (child_cfg_t *))install_policy;
this->public.get_ref = (child_cfg_t* (*) (child_cfg_t*))get_ref;
this->public.destroy = (void (*) (child_cfg_t*))destroy;
@@ -486,6 +555,8 @@ child_cfg_t *child_cfg_create(char *name, u_int32_t lifetime,
this->dpd_action = dpd_action;
this->close_action = close_action;
this->use_ipcomp = ipcomp;
+ this->proxy_mode = FALSE;
+ this->install_policy = TRUE;
this->refcount = 1;
this->proposals = linked_list_create();
this->my_ts = linked_list_create();
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 14:55:38 +0000