summaryrefslogtreecommitdiff
path: root/src/libcharon/plugins/medcli/medcli_config.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/plugins/medcli/medcli_config.c')
-rw-r--r--src/libcharon/plugins/medcli/medcli_config.c45
1 files changed, 16 insertions, 29 deletions
diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c
index a1825effc..4be3dea02 100644
--- a/src/libcharon/plugins/medcli/medcli_config.c
+++ b/src/libcharon/plugins/medcli/medcli_config.c
@@ -61,28 +61,12 @@ static traffic_selector_t *ts_from_string(char *str)
{
if (str)
{
- int netbits = 32;
- host_t *net;
- char *pos;
+ traffic_selector_t *ts;
- str = strdupa(str);
- pos = strchr(str, '/');
- if (pos)
+ ts = traffic_selector_create_from_cidr(str, 0, 0);
+ if (ts)
{
- *pos++ = '\0';
- netbits = atoi(pos);
- }
- else
- {
- if (strchr(str, ':'))
- {
- netbits = 128;
- }
- }
- net = host_create_from_string(str, 0);
- if (net)
- {
- return traffic_selector_create_from_subnet(net, netbits, 0, 0);
+ return ts;
}
}
return traffic_selector_create_dynamic(0, 0, 65535);
@@ -118,12 +102,13 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
DESTROY_IF(e);
return NULL;
}
- ike_cfg = ike_cfg_create(FALSE, FALSE,
- "0.0.0.0", FALSE, charon->socket->get_port(charon->socket, FALSE),
- address, FALSE, IKEV2_UDP_PORT);
+ ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
+ "0.0.0.0", FALSE,
+ charon->socket->get_port(charon->socket, FALSE),
+ address, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
med_cfg = peer_cfg_create(
- "mediation", IKEV2, ike_cfg,
+ "mediation", ike_cfg,
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
@@ -160,7 +145,7 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
return NULL;
}
peer_cfg = peer_cfg_create(
- name, IKEV2, this->ike->get_ref(this->ike),
+ name, this->ike->get_ref(this->ike),
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
@@ -235,7 +220,7 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
return FALSE;
}
this->current = peer_cfg_create(
- name, IKEV2, this->ike->get_ref(this->ike),
+ name, this->ike->get_ref(this->ike),
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
@@ -392,9 +377,11 @@ medcli_config_t *medcli_config_create(database_t *db)
.db = db,
.rekey = lib->settings->get_time(lib->settings, "medcli.rekey", 1200),
.dpd = lib->settings->get_time(lib->settings, "medcli.dpd", 300),
- .ike = ike_cfg_create(FALSE, FALSE,
- "0.0.0.0", FALSE, charon->socket->get_port(charon->socket, FALSE),
- "0.0.0.0", FALSE, IKEV2_UDP_PORT),
+ .ike = ike_cfg_create(IKEV2, FALSE, FALSE,
+ "0.0.0.0", FALSE,
+ charon->socket->get_port(charon->socket, FALSE),
+ "0.0.0.0", FALSE, IKEV2_UDP_PORT,
+ FRAGMENTATION_NO),
);
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 06:37:18 +0000