From 06cdeac25f3f45b950cf169add66359c82ce8c7c Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 3 Aug 2010 12:23:14 +0200 Subject: [PATCH] Charon specific strongswan.conf options generalized. --- src/libhydra/Android.mk | 2 +- .../plugins/kernel_klips/kernel_klips_ipsec.c | 14 ++++++++------ .../plugins/kernel_netlink/kernel_netlink_ipsec.c | 3 ++- .../plugins/kernel_netlink/kernel_netlink_net.c | 10 +++++----- .../plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 3 ++- 5 files changed, 18 insertions(+), 14 deletions(-) diff --git a/src/libhydra/Android.mk b/src/libhydra/Android.mk index 6ef38b1ac..2418e76ad 100644 --- a/src/libhydra/Android.mk +++ b/src/libhydra/Android.mk @@ -21,7 +21,7 @@ LOCAL_SRC_FILES += $(call add_plugin, kernel-pfkey) LOCAL_SRC_FILES += $(call add_plugin, kernel-netlink) -# build libcharon -------------------------------------------------------------- +# build libhydra --------------------------------------------------------------- LOCAL_C_INCLUDES += \ $(libvstr_PATH) \ diff --git a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c index 0df5f8baf..0ccb2ac5f 100644 --- a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c +++ b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c @@ -316,7 +316,8 @@ static status_t attach_ipsec_dev(char* name, char *phys_name) } mtu = lib->settings->get_int(lib->settings, - "charon.plugins.kernel-klips.ipsec_dev_mtu", 0); + "%s.plugins.kernel-klips.ipsec_dev_mtu", 0, + hydra->daemon); if (mtu <= 0) { /* guess MTU as physical MTU - ESP overhead [- NAT-T overhead] @@ -1418,7 +1419,7 @@ static job_requeue_t receive_events(private_kernel_klips_ipsec_t *this) * longer period than configured as hard limit, we wouldn't be able * to rekey the SA and just receive the hard expire and thus delete * the SA. - * To avoid this behavior and to make charon behave as with the + * To avoid this behavior and to make the daemon behave as with the * other kernel plugins, we implement the expiration of SAs * ourselves. */ break; @@ -1532,7 +1533,7 @@ METHOD(kernel_ipsec_t, get_spi, status_t, rng->get_bytes(rng, sizeof(spi_gen), (void*)&spi_gen); rng->destroy(rng); - /* charon's SPIs lie within the range from 0xc0000000 to 0xcFFFFFFF */ + /* allocated SPIs lie within the range from 0xc0000000 to 0xcFFFFFFF */ spi_gen = 0xc0000000 | (spi_gen & 0x0FFFFFFF); *spi = htonl(spi_gen); @@ -2488,8 +2489,8 @@ METHOD(kernel_ipsec_t, del_policy, status_t, static void init_ipsec_devices(private_kernel_klips_ipsec_t *this) { int i, count = lib->settings->get_int(lib->settings, - "charon.plugins.kernel-klips.ipsec_dev_count", - DEFAULT_IPSEC_DEV_COUNT); + "%s.plugins.kernel-klips.ipsec_dev_count", + DEFAULT_IPSEC_DEV_COUNT, hydra->daemon); for (i = 0; i < count; ++i) { @@ -2599,7 +2600,8 @@ kernel_klips_ipsec_t *kernel_klips_ipsec_create() .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .mutex_pfkey = mutex_create(MUTEX_TYPE_DEFAULT), .install_routes = lib->settings->get_bool(lib->settings, - "charon.install_routes", TRUE), + "%s.install_routes", TRUE, + hydra->daemon), ); /* initialize ipsec devices */ diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c index 55158af48..25878addf 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -2167,7 +2167,8 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create() (hashtable_equals_t)policy_equals, 32), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .install_routes = lib->settings->get_bool(lib->settings, - "charon.install_routes", TRUE), + "%s.install_routes", TRUE, + hydra->daemon), ); /* disable lifetimes for allocated SPIs in kernel */ diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c index f509d8286..90e97899d 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c @@ -1437,17 +1437,17 @@ kernel_netlink_net_t *kernel_netlink_net_create() this->condvar = condvar_create(CONDVAR_TYPE_DEFAULT); timerclear(&this->last_roam); this->routing_table = lib->settings->get_int(lib->settings, - "charon.routing_table", ROUTING_TABLE); + "%s.routing_table", ROUTING_TABLE, hydra->daemon); this->routing_table_prio = lib->settings->get_int(lib->settings, - "charon.routing_table_prio", ROUTING_TABLE_PRIO); + "%s.routing_table_prio", ROUTING_TABLE_PRIO, hydra->daemon); this->process_route = lib->settings->get_bool(lib->settings, - "charon.process_route", TRUE); + "%s.process_route", TRUE, hydra->daemon); this->install_virtual_ip = lib->settings->get_bool(lib->settings, - "charon.install_virtual_ip", TRUE); + "%s.install_virtual_ip", TRUE, hydra->daemon); this->rt_exclude = linked_list_create(); exclude = lib->settings->get_str(lib->settings, - "charon.ignore_routing_tables", NULL); + "%s.ignore_routing_tables", NULL, hydra->daemon); if (exclude) { char *token; diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 1b18f6a9c..b4e64b61f 100644 --- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -2133,7 +2133,8 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create() .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .mutex_pfkey = mutex_create(MUTEX_TYPE_DEFAULT), .install_routes = lib->settings->get_bool(lib->settings, - "charon.install_routes", TRUE), + "%s.install_routes", TRUE, + hydra->daemon), ); /* create a PF_KEY socket to communicate with the kernel */