diff options
Diffstat (limited to 'src/libcharon/config/ike_cfg.c')
| -rw-r--r-- | src/libcharon/config/ike_cfg.c | 87 |
1 files changed, 51 insertions, 36 deletions
diff --git a/src/libcharon/config/ike_cfg.c b/src/libcharon/config/ike_cfg.c index a720e1493..7d52ac88f 100644 --- a/src/libcharon/config/ike_cfg.c +++ b/src/libcharon/config/ike_cfg.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012-2015 Tobias Brunner + * Copyright (C) 2012-2016 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -83,12 +83,12 @@ struct private_ike_cfg_t { /** * our source port */ - u_int16_t my_port; + uint16_t my_port; /** * destination port */ - u_int16_t other_port; + uint16_t other_port; /** * should we send a certificate request? @@ -108,7 +108,7 @@ struct private_ike_cfg_t { /** * DSCP value to use on sent IKE packets */ - u_int8_t dscp; + uint8_t dscp; /** * List of proposals to use @@ -143,7 +143,7 @@ METHOD(ike_cfg_t, fragmentation, fragmentation_t, /** * Common function for resolve_me/other */ -static host_t* resolve(linked_list_t *hosts, int family, u_int16_t port) +static host_t* resolve(linked_list_t *hosts, int family, uint16_t port) { enumerator_t *enumerator; host_t *host = NULL; @@ -192,7 +192,7 @@ static u_int match(linked_list_t *hosts, linked_list_t *ranges, host_t *cand) traffic_selector_t *ts; char *str; host_t *host; - u_int8_t mask; + uint8_t mask; u_int quality = 0; /* try single hosts first */ @@ -261,19 +261,19 @@ METHOD(ike_cfg_t, get_other_addr, char*, return this->other; } -METHOD(ike_cfg_t, get_my_port, u_int16_t, +METHOD(ike_cfg_t, get_my_port, uint16_t, private_ike_cfg_t *this) { return this->my_port; } -METHOD(ike_cfg_t, get_other_port, u_int16_t, +METHOD(ike_cfg_t, get_other_port, uint16_t, private_ike_cfg_t *this) { return this->other_port; } -METHOD(ike_cfg_t, get_dscp, u_int8_t, +METHOD(ike_cfg_t, get_dscp, uint8_t, private_ike_cfg_t *this) { return this->dscp; @@ -310,42 +310,57 @@ METHOD(ike_cfg_t, get_proposals, linked_list_t*, } METHOD(ike_cfg_t, select_proposal, proposal_t*, - private_ike_cfg_t *this, linked_list_t *proposals, bool private) + private_ike_cfg_t *this, linked_list_t *proposals, bool private, + bool prefer_self) { - enumerator_t *stored_enum, *supplied_enum; - proposal_t *stored, *supplied, *selected; + enumerator_t *prefer_enum, *match_enum; + proposal_t *proposal, *match, *selected = NULL; - stored_enum = this->proposals->create_enumerator(this->proposals); - supplied_enum = proposals->create_enumerator(proposals); - - - /* compare all stored proposals with all supplied. Stored ones are preferred.*/ - while (stored_enum->enumerate(stored_enum, (void**)&stored)) + if (prefer_self) + { + prefer_enum = this->proposals->create_enumerator(this->proposals); + match_enum = proposals->create_enumerator(proposals); + } + else { - proposals->reset_enumerator(proposals, supplied_enum); + prefer_enum = proposals->create_enumerator(proposals); + match_enum = this->proposals->create_enumerator(this->proposals); + } - while (supplied_enum->enumerate(supplied_enum, (void**)&supplied)) + while (prefer_enum->enumerate(prefer_enum, (void**)&proposal)) + { + if (prefer_self) + { + proposals->reset_enumerator(proposals, match_enum); + } + else { - selected = stored->select(stored, supplied, private); + this->proposals->reset_enumerator(this->proposals, match_enum); + } + while (match_enum->enumerate(match_enum, (void**)&match)) + { + selected = proposal->select(proposal, match, private); if (selected) { - /* they match, return */ - stored_enum->destroy(stored_enum); - supplied_enum->destroy(supplied_enum); DBG2(DBG_CFG, "received proposals: %#P", proposals); DBG2(DBG_CFG, "configured proposals: %#P", this->proposals); DBG2(DBG_CFG, "selected proposal: %P", selected); - return selected; + break; } } + if (selected) + { + break; + } } - /* no proposal match :-(, will result in a NO_PROPOSAL_CHOSEN... */ - stored_enum->destroy(stored_enum); - supplied_enum->destroy(supplied_enum); - DBG1(DBG_CFG, "received proposals: %#P", proposals); - DBG1(DBG_CFG, "configured proposals: %#P", this->proposals); - - return NULL; + prefer_enum->destroy(prefer_enum); + match_enum->destroy(match_enum); + if (!selected) + { + DBG1(DBG_CFG, "received proposals: %#P", proposals); + DBG1(DBG_CFG, "configured proposals: %#P", this->proposals); + } + return selected; } METHOD(ike_cfg_t, get_dh_group, diffie_hellman_group_t, @@ -353,7 +368,7 @@ METHOD(ike_cfg_t, get_dh_group, diffie_hellman_group_t, { enumerator_t *enumerator; proposal_t *proposal; - u_int16_t dh_group = MODP_NONE; + uint16_t dh_group = MODP_NONE; enumerator = this->proposals->create_enumerator(this->proposals); while (enumerator->enumerate(enumerator, &proposal)) @@ -545,9 +560,9 @@ int ike_cfg_get_family(ike_cfg_t *cfg, bool local) * Described in header. */ ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap, - char *me, u_int16_t my_port, - char *other, u_int16_t other_port, - fragmentation_t fragmentation, u_int8_t dscp) + char *me, uint16_t my_port, + char *other, uint16_t other_port, + fragmentation_t fragmentation, uint8_t dscp) { private_ike_cfg_t *this; |