From c59825fbfc3384fbbe2aff8a14c9873dd4271744 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 5 Feb 2009 22:13:48 +0000
Subject: [PATCH] support of dynamic/128 and %any6

---
 src/charon/config/child_cfg.c                 |  2 +-
 src/charon/config/traffic_selector.c          |  5 +--
 src/charon/config/traffic_selector.h          |  2 ++
 .../plugins/load_tester/load_tester_config.c  |  4 +--
 src/charon/plugins/medcli/medcli_config.c     |  2 +-
 src/charon/plugins/nm/nm_service.c            |  2 +-
 src/charon/plugins/sql/sql_config.c           |  2 +-
 src/charon/plugins/stroke/stroke_config.c     |  3 ++
 src/charon/plugins/uci/uci_config.c           |  2 +-
 src/libstrongswan/utils/host.c                |  4 +++
 src/libstrongswan/utils/identification.c      |  1 +
 src/starter/starterstroke.c                   | 31 +++++++++----------
 12 files changed, 35 insertions(+), 25 deletions(-)

diff --git a/src/charon/config/child_cfg.c b/src/charon/config/child_cfg.c
index 3b581b0d2..9f1523f8e 100644
--- a/src/charon/config/child_cfg.c
+++ b/src/charon/config/child_cfg.c
@@ -301,7 +301,7 @@ static linked_list_t* get_traffic_selectors(private_child_cfg_t *this, bool loca
 				else
 				{
 					DBG2(DBG_CFG, " config: %R, received: %R => no match",
-						 ts1, ts2, selected);
+						 ts1, ts2);
 				}
 			}
 			e2->destroy(e2);
diff --git a/src/charon/config/traffic_selector.c b/src/charon/config/traffic_selector.c
index 4c26a943a..9de168fd6 100644
--- a/src/charon/config/traffic_selector.c
+++ b/src/charon/config/traffic_selector.c
@@ -823,11 +823,12 @@ traffic_selector_t *traffic_selector_create_from_string(
 /*
  * see header
  */
-traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol, 
+traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
+									ts_type_t type, 
 									u_int16_t from_port, u_int16_t to_port)
 {
 	private_traffic_selector_t *this = traffic_selector_create(
-							protocol, TS_IPV4_ADDR_RANGE, from_port, to_port);
+							protocol, type, from_port, to_port);
 	
 	memset(this->from6, 0, sizeof(this->from6));
 	memset(this->to6, 0xFF, sizeof(this->to6));
diff --git a/src/charon/config/traffic_selector.h b/src/charon/config/traffic_selector.h
index 073bbc17b..b7645620d 100644
--- a/src/charon/config/traffic_selector.h
+++ b/src/charon/config/traffic_selector.h
@@ -281,6 +281,7 @@ traffic_selector_t *traffic_selector_create_from_subnet(
  * 
  * 
  * @param protocol		upper layer protocl to allow
+ * @param type			type of following addresses, such as TS_IPV4_ADDR_RANGE
  * @param from_port		start of allowed port range
  * @param to_port		end of range
  * @return
@@ -288,6 +289,7 @@ traffic_selector_t *traffic_selector_create_from_subnet(
  * 						- NULL if type not supported
  */
 traffic_selector_t *traffic_selector_create_dynamic(u_int8_t protocol,
+									ts_type_t type,
 									u_int16_t from_port, u_int16_t to_port);
 
 /**
diff --git a/src/charon/plugins/load_tester/load_tester_config.c b/src/charon/plugins/load_tester/load_tester_config.c
index f3cd33b61..b5d2f5815 100644
--- a/src/charon/plugins/load_tester/load_tester_config.c
+++ b/src/charon/plugins/load_tester/load_tester_config.c
@@ -109,9 +109,9 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
 								 MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE);
 	proposal = proposal_create_from_string(PROTO_ESP, "aes128-sha1");
 	child_cfg->add_proposal(child_cfg, proposal);
-	ts = traffic_selector_create_dynamic(0, 0, 65535);
+	ts = traffic_selector_create_dynamic(0, TS_IPV4_ADDR_RANGE, 0, 65535);
 	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
-	ts = traffic_selector_create_dynamic(0, 0, 65535);
+	ts = traffic_selector_create_dynamic(0, TS_IPV4_ADDR_RANGE, 0, 65535);
 	child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
 	peer_cfg->add_child_cfg(peer_cfg, child_cfg);
 	return peer_cfg;
diff --git a/src/charon/plugins/medcli/medcli_config.c b/src/charon/plugins/medcli/medcli_config.c
index d1e6c0c9e..23385c7b1 100644
--- a/src/charon/plugins/medcli/medcli_config.c
+++ b/src/charon/plugins/medcli/medcli_config.c
@@ -87,7 +87,7 @@ static traffic_selector_t *ts_from_string(char *str)
 			return traffic_selector_create_from_subnet(net, netbits, 0, 0);
 		}
 	}
-	return traffic_selector_create_dynamic(0, 0, 65535);
+	return traffic_selector_create_dynamic(0, TS_IPV4_ADDR_RANGE, 0, 65535);
 }
 
 /**
diff --git a/src/charon/plugins/nm/nm_service.c b/src/charon/plugins/nm/nm_service.c
index f90bfa448..d1aabe1bd 100644
--- a/src/charon/plugins/nm/nm_service.c
+++ b/src/charon/plugins/nm/nm_service.c
@@ -319,7 +319,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 								 NULL, TRUE, MODE_TUNNEL, /* updown, hostaccess */
 								 ACTION_NONE, ACTION_RESTART, ipcomp);
 	child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
-	ts = traffic_selector_create_dynamic(0, 0, 65535);
+	ts = traffic_selector_create_dynamic(0, TS_IPV4_ADDR_RANGE, 0, 65535);
 	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
 	ts = traffic_selector_create_from_string(0, TS_IPV4_ADDR_RANGE,
 											 "0.0.0.0", 0,
diff --git a/src/charon/plugins/sql/sql_config.c b/src/charon/plugins/sql/sql_config.c
index 8efa1cb2e..a36c01538 100644
--- a/src/charon/plugins/sql/sql_config.c
+++ b/src/charon/plugins/sql/sql_config.c
@@ -78,7 +78,7 @@ static traffic_selector_t *build_traffic_selector(private_sql_config_t *this,
 				*local = TRUE;
 				/* FALL */
 			case TS_REMOTE_DYNAMIC:
-				ts = traffic_selector_create_dynamic(protocol,
+				ts = traffic_selector_create_dynamic(protocol, type,
 								start_port, end_port);
 				break;
 			default:
diff --git a/src/charon/plugins/stroke/stroke_config.c b/src/charon/plugins/stroke/stroke_config.c
index cb91ecb72..d480eeacb 100644
--- a/src/charon/plugins/stroke/stroke_config.c
+++ b/src/charon/plugins/stroke/stroke_config.c
@@ -691,7 +691,10 @@ static void add_ts(private_stroke_config_t *this,
 	
 	if (end->tohost)
 	{
+		bool is_ipv6 = strchr(end->address, ':') || streq(end->address, "%any6");
+
 		ts = traffic_selector_create_dynamic(end->protocol,
+					is_ipv6? TS_IPV6_ADDR_RANGE:TS_IPV4_ADDR_RANGE,
 					end->port ? end->port : 0, end->port ? end->port : 65535);
 		child_cfg->add_traffic_selector(child_cfg, local, ts);
 	}
diff --git a/src/charon/plugins/uci/uci_config.c b/src/charon/plugins/uci/uci_config.c
index c9d54a532..7872a5add 100644
--- a/src/charon/plugins/uci/uci_config.c
+++ b/src/charon/plugins/uci/uci_config.c
@@ -131,7 +131,7 @@ static traffic_selector_t *create_ts(char *string)
 			return traffic_selector_create_from_subnet(net, netbits, 0, 0);
 		}
 	}
-	return traffic_selector_create_dynamic(0, 0, 65535);
+	return traffic_selector_create_dynamic(0, TS_IPV4_ADDR_RANGE, 0, 65535);
 }
 
 /**
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c
index 8c79f718a..eddd6f163 100644
--- a/src/libstrongswan/utils/host.c
+++ b/src/libstrongswan/utils/host.c
@@ -453,6 +453,10 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port)
 	{
 		return host_create_any(af ? af : AF_INET);
 	}
+	if (streq(string, "%any6"))
+	{
+		return host_create_any(af ? af : AF_INET6);
+	}
 	else if (strchr(string, ':'))
 	{
 		/* gethostbyname does not like IPv6 addresses - fallback */
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index b5b438a74..fad7e6acc 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -1046,6 +1046,7 @@ identification_t *identification_create_from_string(char *string)
 	else if (strchr(string, '@') == NULL)
 	{
 		if (streq(string, "%any")
+		||  streq(string, "%any6")
 		||	streq(string, "0.0.0.0")
 		||	streq(string, "*")
 		||	streq(string, "::")
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index bc29e7442..9ce7edee3 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -127,19 +127,6 @@ static void ip_address2string(ip_address *addr, char *buffer, size_t len)
 {
 	switch (((struct sockaddr*)addr)->sa_family)
 	{
-		case AF_INET:
-		{
-			struct sockaddr_in* sin = (struct sockaddr_in*)addr;
-			u_int8_t zeroes[IPV4_LEN];
-
-			memset(zeroes, 0, IPV4_LEN);
-			if (memcmp(zeroes, &(sin->sin_addr.s_addr), IPV4_LEN) &&
-				inet_ntop(AF_INET, &sin->sin_addr, buffer, len))
-			{
-				return;
-			}
-			break;
-		}
 		case AF_INET6:
 		{
 			struct sockaddr_in6* sin6 = (struct sockaddr_in6*)addr;
@@ -151,16 +138,28 @@ static void ip_address2string(ip_address *addr, char *buffer, size_t len)
 			{
 				return;
 			}
+			snprintf(buffer, len, "%%any6");
 			break;
 		}
+		case AF_INET:
+		{
+			struct sockaddr_in* sin = (struct sockaddr_in*)addr;
+			u_int8_t zeroes[IPV4_LEN];
+
+			memset(zeroes, 0, IPV4_LEN);
+			if (memcmp(zeroes, &(sin->sin_addr.s_addr), IPV4_LEN) &&
+				inet_ntop(AF_INET, &sin->sin_addr, buffer, len))
+			{
+				return;
+			}
+			/* fall through to default */
+		}
 		default:
+			snprintf(buffer, len, "%%any");
 			break;
 	}
-	/* default */
-	snprintf(buffer, len, "%%any");
 }
 
-
 static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, starter_end_t *conn_end)
 {
 	char buffer[INET6_ADDRSTRLEN];