From c9e85424a8cb61580a80b716fc4c846f7f535b69 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 4 Feb 2014 11:29:28 +0100 Subject: [PATCH] charon-cmd: Add --esp/--ah-proposal options to specify CHILD_SA proposals --- src/charon-cmd/cmd/cmd_connection.c | 38 ++++++++++++++++++++++++++++- src/charon-cmd/cmd/cmd_options.c | 4 +++ src/charon-cmd/cmd/cmd_options.h | 2 ++ 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c index e015d01dc..14719384a 100644 --- a/src/charon-cmd/cmd/cmd_connection.c +++ b/src/charon-cmd/cmd/cmd_connection.c @@ -91,6 +91,11 @@ struct private_cmd_connection_t { */ linked_list_t *ike_proposals; + /** + * List of CHILD proposals + */ + linked_list_t *child_proposals; + /** * Hostname to connect to */ @@ -327,6 +332,7 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this) { child_cfg_t *child_cfg; traffic_selector_t *ts; + proposal_t *proposal; lifetime_cfg_t lifetime = { .time = { .life = 10800 /* 3h */, @@ -339,7 +345,18 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this) NULL, FALSE, MODE_TUNNEL, /* updown, hostaccess */ ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE, 0, 0, NULL, NULL, 0); - child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP)); + if (this->child_proposals->get_count(this->child_proposals)) + { + while (this->child_proposals->remove_first(this->child_proposals, + (void**)&proposal) == SUCCESS) + { + child_cfg->add_proposal(child_cfg, proposal); + } + } + else + { + child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP)); + } while (this->local_ts->remove_first(this->local_ts, (void**)&ts) == SUCCESS) { child_cfg->add_traffic_selector(child_cfg, TRUE, ts); @@ -474,6 +491,22 @@ METHOD(cmd_connection_t, handle, bool, } this->ike_proposals->insert_last(this->ike_proposals, proposal); break; + case CMD_OPT_ESP_PROPOSAL: + proposal = proposal_create_from_string(PROTO_ESP, arg); + if (!proposal) + { + exit(1); + } + this->child_proposals->insert_last(this->child_proposals, proposal); + break; + case CMD_OPT_AH_PROPOSAL: + proposal = proposal_create_from_string(PROTO_AH, arg); + if (!proposal) + { + exit(1); + } + this->child_proposals->insert_last(this->child_proposals, proposal); + break; case CMD_OPT_PROFILE: set_profile(this, arg); break; @@ -488,6 +521,8 @@ METHOD(cmd_connection_t, destroy, void, { this->ike_proposals->destroy_offset(this->ike_proposals, offsetof(proposal_t, destroy)); + this->child_proposals->destroy_offset(this->child_proposals, + offsetof(proposal_t, destroy)); this->local_ts->destroy_offset(this->local_ts, offsetof(traffic_selector_t, destroy)); this->remote_ts->destroy_offset(this->remote_ts, @@ -511,6 +546,7 @@ cmd_connection_t *cmd_connection_create() .local_ts = linked_list_create(), .remote_ts = linked_list_create(), .ike_proposals = linked_list_create(), + .child_proposals = linked_list_create(), .profile = PROF_UNDEF, ); diff --git a/src/charon-cmd/cmd/cmd_options.c b/src/charon-cmd/cmd/cmd_options.c index 562244100..5428941ff 100644 --- a/src/charon-cmd/cmd/cmd_options.c +++ b/src/charon-cmd/cmd/cmd_options.c @@ -58,6 +58,10 @@ cmd_option_t cmd_options[CMD_OPT_COUNT] = { "traffic selector to propose for remote side", {}}, { CMD_OPT_IKE_PROPOSAL, "ike-proposal", required_argument, "proposal", "a single IKE proposal to offer instead of the default", {}}, + { CMD_OPT_ESP_PROPOSAL, "esp-proposal", required_argument, "proposal", + "a single ESP proposal to offer instead of the default", {}}, + { CMD_OPT_AH_PROPOSAL, "ah-proposal", required_argument, "proposal", + "a single AH proposal to offer instead of the default", {}}, { CMD_OPT_PROFILE, "profile", required_argument, "name", "authentication profile to use, where name is one of:", { " ikev2-pub, ikev2-eap, ikev2-pub-eap", diff --git a/src/charon-cmd/cmd/cmd_options.h b/src/charon-cmd/cmd/cmd_options.h index ecb5e6ca5..c7441e795 100644 --- a/src/charon-cmd/cmd/cmd_options.h +++ b/src/charon-cmd/cmd/cmd_options.h @@ -46,6 +46,8 @@ enum cmd_option_type_t { CMD_OPT_LOCAL_TS, CMD_OPT_REMOTE_TS, CMD_OPT_IKE_PROPOSAL, + CMD_OPT_AH_PROPOSAL, + CMD_OPT_ESP_PROPOSAL, CMD_OPT_PROFILE, CMD_OPT_COUNT