ikev2: Use config value for sending of vendor IDs

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>

src/libcharon/sa/ikev2/tasks/ike_vendor.c

@@ -13,6 +13,29 @@
  * for more details.
  */
 
+/*
+ * Copyright (C) 2016 secunet Security Networks AG
+ * Copyright (C) 2016 Thomas Egerer
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
 #include "ike_vendor.h"
 
 #include <daemon.h>
@@ -49,6 +72,8 @@ typedef struct {
 	char *desc;
 	/* extension flag negotiated with vendor ID, if any */
 	ike_extension_t extension;
+	/* Value from strongswan.conf, whether to send vendor ID */
+	char *setting;
 	/* length of vendor ID string, 0 for NULL terminated */
 	int len;
 	/* vendor ID string */
@@ -68,23 +93,23 @@ static chunk_t get_vid_data(vid_data_t *data)
  */
 static vid_data_t vids[] = {
 	/* strongSwan MD5("strongSwan") */
-	{ "strongSwan", EXT_STRONGSWAN, 16,
+	{ "strongSwan", EXT_STRONGSWAN, "send_vendor_id", 16,
 	  "\x88\x2f\xe5\x6d\x6f\xd2\x0d\xbc\x22\x51\x61\x3b\x2e\xbe\x5b\xeb"},
-	{ "Cisco Delete Reason", 0, 0,
+	{ "Cisco Delete Reason", 0, NULL, 0,
 	  "CISCO-DELETE-REASON" },
-	{ "Cisco Copyright (c) 2009", 0, 0,
+	{ "Cisco Copyright (c) 2009", 0, NULL, 0,
 	  "CISCO(COPYRIGHT)&Copyright (c) 2009 Cisco Systems, Inc." },
-	{ "FRAGMENTATION", 0, 16,
+	{ "FRAGMENTATION", 0, NULL, 16,
 	  "\x40\x48\xb7\xd5\x6e\xbc\xe8\x85\x25\xe7\xde\x7f\x00\xd6\xc2\xd3"},
-	{ "MS NT5 ISAKMPOAKLEY v7", 0, 20,
+	{ "MS NT5 ISAKMPOAKLEY v7", 0, NULL, 20,
 	  "\x1e\x2b\x51\x69\x05\x99\x1c\x7d\x7c\x96\xfc\xbf\xb5\x87\xe4\x61\x00\x00\x00\x07"},
-	{ "MS NT5 ISAKMPOAKLEY v8", 0, 20,
+	{ "MS NT5 ISAKMPOAKLEY v8", 0, NULL, 20,
 	  "\x1e\x2b\x51\x69\x05\x99\x1c\x7d\x7c\x96\xfc\xbf\xb5\x87\xe4\x61\x00\x00\x00\x08"},
-	{ "MS NT5 ISAKMPOAKLEY v9", 0, 20,
+	{ "MS NT5 ISAKMPOAKLEY v9", 0, NULL, 20,
 	  "\x1e\x2b\x51\x69\x05\x99\x1c\x7d\x7c\x96\xfc\xbf\xb5\x87\xe4\x61\x00\x00\x00\x09"},
-	{ "MS-Negotiation Discovery Capable", 0, 16,
+	{ "MS-Negotiation Discovery Capable", 0, NULL, 16,
 	  "\xfb\x1d\xe3\xcd\xf3\x41\xb7\xea\x16\xb7\xe5\xbe\x08\x55\xf1\x20"},
-	{ "Vid-Initial-Contact", 0, 16,
+	{ "Vid-Initial-Contact", 0, NULL, 16,
 	  "\x26\x24\x4d\x38\xed\xdb\x61\xb3\x17\x2a\x36\xe3\xd0\xcf\xb8\x19"},
 };
 
@@ -92,14 +117,19 @@ METHOD(task_t, build, status_t,
 	private_ike_vendor_t *this, message_t *message)
 {
 	vendor_id_payload_t *vid;
-	bool strongswan;
+	bool send_vid;
 	int i;
 
-	strongswan = lib->settings->get_bool(lib->settings,
-							"%s.send_vendor_id", FALSE, lib->ns);
 	for (i = 0; i < countof(vids); i++)
 	{
-		if (vids[i].extension == EXT_STRONGSWAN && strongswan)
+		send_vid = FALSE;
+
+		if (vids[i].setting)
+		{
+			send_vid = lib->settings->get_bool(lib->settings, "%s.%s", send_vid,
+											   lib->ns, vids[i].setting);
+		}
+		if (send_vid)
 		{
 			DBG2(DBG_IKE, "sending %s vendor ID", vids[i].desc);
 			vid = vendor_id_payload_create_data(PLV2_VENDOR_ID,