summaryrefslogtreecommitdiff
path: root/src/libcharon/plugins/unity/unity_provider.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/plugins/unity/unity_provider.c')
-rw-r--r--src/libcharon/plugins/unity/unity_provider.c77
1 files changed, 47 insertions, 30 deletions
diff --git a/src/libcharon/plugins/unity/unity_provider.c b/src/libcharon/plugins/unity/unity_provider.c
index ac6f93d69..86f81fcfb 100644
--- a/src/libcharon/plugins/unity/unity_provider.c
+++ b/src/libcharon/plugins/unity/unity_provider.c
@@ -1,4 +1,7 @@
/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2012 Martin Willi
* Copyright (C) 2012 revosec AG
*
@@ -16,6 +19,7 @@
#include "unity_provider.h"
#include <daemon.h>
+#include <bio/bio_writer.h>
typedef struct private_unity_provider_t private_unity_provider_t;
@@ -31,58 +35,70 @@ struct private_unity_provider_t {
};
/**
- * Attribute enumerator for traffic selector list
+ * Attribute enumerator for UNITY_SPLIT_INCLUDE attribute
*/
typedef struct {
/** Implements enumerator_t */
enumerator_t public;
/** list of traffic selectors to enumerate */
linked_list_t *list;
- /** currently enumerating subnet */
- u_char subnet[4];
- /** currently enumerating subnet mask */
- u_char mask[4];
+ /** attribute value */
+ chunk_t attr;
} attribute_enumerator_t;
+/**
+ * Append data from the given traffic selector to the attribute data
+ */
+static void append_ts(bio_writer_t *writer, traffic_selector_t *ts)
+{
+ host_t *net, *mask;
+ chunk_t padding;
+ u_int8_t bits;
+
+ if (!ts->to_subnet(ts, &net, &bits))
+ {
+ return;
+ }
+ mask = host_create_netmask(AF_INET, bits);
+ if (!mask)
+ {
+ net->destroy(net);
+ return;
+ }
+ writer->write_data(writer, net->get_address(net));
+ writer->write_data(writer, mask->get_address(mask));
+ /* the Cisco client parses the "padding" as protocol, src and dst port, the
+ * first two in network order the last in host order - no other clients seem
+ * to support these fields so we don't use them either */
+ padding = writer->skip(writer, 6);
+ memset(padding.ptr, 0, padding.len);
+ mask->destroy(mask);
+ net->destroy(net);
+}
+
METHOD(enumerator_t, attribute_enumerate, bool,
attribute_enumerator_t *this, configuration_attribute_type_t *type,
chunk_t *attr)
{
traffic_selector_t *ts;
- u_int8_t i, mask;
- host_t *net;
+ bio_writer_t *writer;
- while (TRUE)
+ if (this->list->get_count(this->list) == 0)
{
- if (this->list->remove_first(this->list, (void**)&ts) != SUCCESS)
- {
- return FALSE;
- }
- if (ts->to_subnet(ts, &net, &mask))
- {
- ts->destroy(ts);
- break;
- }
- ts->destroy(ts);
+ return FALSE;
}
- memset(this->mask, 0, sizeof(this->mask));
- for (i = 0; i < sizeof(this->mask); i++)
+ writer = bio_writer_create(14);
+ while (this->list->remove_first(this->list, (void**)&ts) == SUCCESS)
{
- if (mask < 8)
- {
- this->mask[i] = 0xFF << (8 - mask);
- break;
- }
- this->mask[i] = 0xFF;
- mask -= 8;
+ append_ts(writer, ts);
+ ts->destroy(ts);
}
- memcpy(this->subnet, net->get_address(net).ptr, sizeof(this->subnet));
- net->destroy(net);
*type = UNITY_SPLIT_INCLUDE;
- *attr = chunk_create(this->subnet, sizeof(this->subnet) + sizeof(this->mask));
+ *attr = this->attr = writer->extract_buf(writer);
+ writer->destroy(writer);
return TRUE;
}
@@ -90,6 +106,7 @@ METHOD(enumerator_t, attribute_destroy, void,
attribute_enumerator_t *this)
{
this->list->destroy_offset(this->list, offsetof(traffic_selector_t, destroy));
+ chunk_free(&this->attr);
free(this);
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-07 22:33:53 +0000