charon-cmd: Add --esp/--ah-proposal options to specify CHILD_SA proposals
This commit is contained in:
Martin Willi
parent
2796cf59bc
commit
c9e85424a8
|
|
@ -91,6 +91,11 @@ struct private_cmd_connection_t {
|
||||||
*/
|
*/
|
||||||
linked_list_t *ike_proposals;
|
linked_list_t *ike_proposals;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* List of CHILD proposals
|
||||||
|
*/
|
||||||
|
linked_list_t *child_proposals;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Hostname to connect to
|
* Hostname to connect to
|
||||||
*/
|
*/
|
||||||
|
|
@ -327,6 +332,7 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this)
|
||||||
{
|
{
|
||||||
child_cfg_t *child_cfg;
|
child_cfg_t *child_cfg;
|
||||||
traffic_selector_t *ts;
|
traffic_selector_t *ts;
|
||||||
|
proposal_t *proposal;
|
||||||
lifetime_cfg_t lifetime = {
|
lifetime_cfg_t lifetime = {
|
||||||
.time = {
|
.time = {
|
||||||
.life = 10800 /* 3h */,
|
.life = 10800 /* 3h */,
|
||||||
|
|
@ -339,7 +345,18 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this)
|
||||||
NULL, FALSE, MODE_TUNNEL, /* updown, hostaccess */
|
NULL, FALSE, MODE_TUNNEL, /* updown, hostaccess */
|
||||||
ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
|
ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
|
||||||
0, 0, NULL, NULL, 0);
|
0, 0, NULL, NULL, 0);
|
||||||
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
|
if (this->child_proposals->get_count(this->child_proposals))
|
||||||
|
{
|
||||||
|
while (this->child_proposals->remove_first(this->child_proposals,
|
||||||
|
(void**)&proposal) == SUCCESS)
|
||||||
|
{
|
||||||
|
child_cfg->add_proposal(child_cfg, proposal);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
|
||||||
|
}
|
||||||
while (this->local_ts->remove_first(this->local_ts, (void**)&ts) == SUCCESS)
|
while (this->local_ts->remove_first(this->local_ts, (void**)&ts) == SUCCESS)
|
||||||
{
|
{
|
||||||
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
|
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
|
||||||
|
|
@ -474,6 +491,22 @@ METHOD(cmd_connection_t, handle, bool,
|
||||||
}
|
}
|
||||||
this->ike_proposals->insert_last(this->ike_proposals, proposal);
|
this->ike_proposals->insert_last(this->ike_proposals, proposal);
|
||||||
break;
|
break;
|
||||||
|
case CMD_OPT_ESP_PROPOSAL:
|
||||||
|
proposal = proposal_create_from_string(PROTO_ESP, arg);
|
||||||
|
if (!proposal)
|
||||||
|
{
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
this->child_proposals->insert_last(this->child_proposals, proposal);
|
||||||
|
break;
|
||||||
|
case CMD_OPT_AH_PROPOSAL:
|
||||||
|
proposal = proposal_create_from_string(PROTO_AH, arg);
|
||||||
|
if (!proposal)
|
||||||
|
{
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
this->child_proposals->insert_last(this->child_proposals, proposal);
|
||||||
|
break;
|
||||||
case CMD_OPT_PROFILE:
|
case CMD_OPT_PROFILE:
|
||||||
set_profile(this, arg);
|
set_profile(this, arg);
|
||||||
break;
|
break;
|
||||||
|
|
@ -488,6 +521,8 @@ METHOD(cmd_connection_t, destroy, void,
|
||||||
{
|
{
|
||||||
this->ike_proposals->destroy_offset(this->ike_proposals,
|
this->ike_proposals->destroy_offset(this->ike_proposals,
|
||||||
offsetof(proposal_t, destroy));
|
offsetof(proposal_t, destroy));
|
||||||
|
this->child_proposals->destroy_offset(this->child_proposals,
|
||||||
|
offsetof(proposal_t, destroy));
|
||||||
this->local_ts->destroy_offset(this->local_ts,
|
this->local_ts->destroy_offset(this->local_ts,
|
||||||
offsetof(traffic_selector_t, destroy));
|
offsetof(traffic_selector_t, destroy));
|
||||||
this->remote_ts->destroy_offset(this->remote_ts,
|
this->remote_ts->destroy_offset(this->remote_ts,
|
||||||
|
|
@ -511,6 +546,7 @@ cmd_connection_t *cmd_connection_create()
|
||||||
.local_ts = linked_list_create(),
|
.local_ts = linked_list_create(),
|
||||||
.remote_ts = linked_list_create(),
|
.remote_ts = linked_list_create(),
|
||||||
.ike_proposals = linked_list_create(),
|
.ike_proposals = linked_list_create(),
|
||||||
|
.child_proposals = linked_list_create(),
|
||||||
.profile = PROF_UNDEF,
|
.profile = PROF_UNDEF,
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -58,6 +58,10 @@ cmd_option_t cmd_options[CMD_OPT_COUNT] = {
|
||||||
"traffic selector to propose for remote side", {}},
|
"traffic selector to propose for remote side", {}},
|
||||||
{ CMD_OPT_IKE_PROPOSAL, "ike-proposal", required_argument, "proposal",
|
{ CMD_OPT_IKE_PROPOSAL, "ike-proposal", required_argument, "proposal",
|
||||||
"a single IKE proposal to offer instead of the default", {}},
|
"a single IKE proposal to offer instead of the default", {}},
|
||||||
|
{ CMD_OPT_ESP_PROPOSAL, "esp-proposal", required_argument, "proposal",
|
||||||
|
"a single ESP proposal to offer instead of the default", {}},
|
||||||
|
{ CMD_OPT_AH_PROPOSAL, "ah-proposal", required_argument, "proposal",
|
||||||
|
"a single AH proposal to offer instead of the default", {}},
|
||||||
{ CMD_OPT_PROFILE, "profile", required_argument, "name",
|
{ CMD_OPT_PROFILE, "profile", required_argument, "name",
|
||||||
"authentication profile to use, where name is one of:", {
|
"authentication profile to use, where name is one of:", {
|
||||||
" ikev2-pub, ikev2-eap, ikev2-pub-eap",
|
" ikev2-pub, ikev2-eap, ikev2-pub-eap",
|
||||||
|
|
|
||||||
|
|
@ -46,6 +46,8 @@ enum cmd_option_type_t {
|
||||||
CMD_OPT_LOCAL_TS,
|
CMD_OPT_LOCAL_TS,
|
||||||
CMD_OPT_REMOTE_TS,
|
CMD_OPT_REMOTE_TS,
|
||||||
CMD_OPT_IKE_PROPOSAL,
|
CMD_OPT_IKE_PROPOSAL,
|
||||||
|
CMD_OPT_AH_PROPOSAL,
|
||||||
|
CMD_OPT_ESP_PROPOSAL,
|
||||||
CMD_OPT_PROFILE,
|
CMD_OPT_PROFILE,
|
||||||
|
|
||||||
CMD_OPT_COUNT
|
CMD_OPT_COUNT
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue