src/libstrongswan/ipsec/ipsec_types.c

   1 /*
   2  * Copyright (C) 2012-2013 Tobias Brunner
   3  *
   4  * Copyright (C) secunet Security Networks AG
   5  *
   6  * This program is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2 of the License, or (at your
   9  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * for more details.
  15  */
  16
  17 #include "ipsec_types.h"
  18
  19 ENUM(ipsec_mode_names, MODE_TRANSPORT, MODE_DROP,
  20         "TRANSPORT",
  21         "TUNNEL",
  22         "BEET",
  23         "PASS",
  24         "DROP"
  25 );
  26
  27 ENUM(policy_dir_names, POLICY_IN, POLICY_FWD,
  28         "in",
  29         "out",
  30         "fwd"
  31 );
  32
  33 ENUM(ipcomp_transform_names, IPCOMP_NONE, IPCOMP_LZJH,
  34         "IPCOMP_NONE",
  35         "IPCOMP_OUI",
  36         "IPCOMP_DEFLATE",
  37         "IPCOMP_LZS",
  38         "IPCOMP_LZJH"
  39 );
  40
  41 ENUM(hw_offload_names, HW_OFFLOAD_NO, HW_OFFLOAD_AUTO,
  42         "no",
  43         "yes",
  44         "auto",
  45 );
  46
  47 ENUM(dscp_copy_names, DSCP_COPY_OUT_ONLY, DSCP_COPY_NO,
  48         "out",
  49         "in",
  50         "yes",
  51         "no",
  52 );
  53
  54 /*
  55  * See header
  56  */
  57 bool ipsec_sa_cfg_equals(ipsec_sa_cfg_t *a, ipsec_sa_cfg_t *b)
  58 {
  59         return a->mode == b->mode &&
  60                 a->reqid == b->reqid &&
  61                 a->policy_count == b->policy_count &&
  62                 a->esp.use == b->esp.use &&
  63                 a->esp.spi == b->esp.spi &&
  64                 a->ah.use == b->ah.use &&
  65                 a->ah.spi == b->ah.spi &&
  66                 a->ipcomp.transform == b->ipcomp.transform &&
  67                 a->ipcomp.cpi == b->ipcomp.cpi;
  68 }
  69
  70 /*
  71  * See header
  72  */
  73 bool mark_from_string(const char *value, mark_op_t ops, mark_t *mark)
  74 {
  75         char *endptr;
  76
  77         if (!value)
  78         {
  79                 return FALSE;
  80         }
  81         if (strcasepfx(value, "%unique"))
  82         {
  83                 if (!(ops & MARK_OP_UNIQUE))
  84                 {
  85                         DBG1(DBG_APP, "unexpected use of %%unique mark", value);
  86                         return FALSE;
  87                 }
  88                 endptr = (char*)value + strlen("%unique");
  89                 if (strcasepfx(endptr, "-dir"))
  90                 {
  91                         mark->value = MARK_UNIQUE_DIR;
  92                         endptr += strlen("-dir");
  93                 }
  94                 else if (!*endptr || *endptr == '/')
  95                 {
  96                         mark->value = MARK_UNIQUE;
  97                 }
  98                 else
  99                 {
 100                         DBG1(DBG_APP, "invalid mark value: %s", value);
 101                         return FALSE;
 102                 }
 103         }
 104         else if (strcasepfx(value, "%same"))
 105         {
 106                 if (!(ops & MARK_OP_SAME))
 107                 {
 108                         DBG1(DBG_APP, "unexpected use of %%same mark", value);
 109                         return FALSE;
 110                 }
 111                 endptr = (char*)value + strlen("%same");
 112                 if (!*endptr || *endptr == '/')
 113                 {
 114                         mark->value = MARK_SAME;
 115                 }
 116                 else
 117                 {
 118                         DBG1(DBG_APP, "invalid mark value: %s", value);
 119                         return FALSE;
 120                 }
 121         }
 122         else
 123         {
 124                 mark->value = strtoul(value, &endptr, 0);
 125         }
 126         if (*endptr)
 127         {
 128                 if (*endptr != '/')
 129                 {
 130                         DBG1(DBG_APP, "invalid mark value: %s", value);
 131                         return FALSE;
 132                 }
 133                 mark->mask = strtoul(endptr+1, &endptr, 0);
 134                 if (*endptr)
 135                 {
 136                         DBG1(DBG_LIB, "invalid mark mask: %s", endptr);
 137                         return FALSE;
 138                 }
 139         }
 140         else
 141         {
 142                 mark->mask = 0xffffffff;
 143         }
 144         if (!MARK_IS_UNIQUE(mark->value))
 145         {
 146                 /* apply the mask to ensure the value is in range */
 147                 mark->value &= mark->mask;
 148         }
 149         return TRUE;
 150 }
 151
 152 /*
 153  * Described in header
 154  */
 155 bool if_id_from_string(const char *value, uint32_t *if_id)
 156 {
 157         char *endptr;
 158
 159         if (!value)
 160         {
 161                 return FALSE;
 162         }
 163         if (strcasepfx(value, "%unique"))
 164         {
 165                 endptr = (char*)value + strlen("%unique");
 166                 if (strcasepfx(endptr, "-dir"))
 167                 {
 168                         *if_id = IF_ID_UNIQUE_DIR;
 169                         endptr += strlen("-dir");
 170                 }
 171                 else if (!*endptr)
 172                 {
 173                         *if_id = IF_ID_UNIQUE;
 174                 }
 175                 else
 176                 {
 177                         DBG1(DBG_APP, "invalid interface ID: %s", value);
 178                         return FALSE;
 179                 }
 180         }
 181         else
 182         {
 183                 *if_id = strtoul(value, &endptr, 0);
 184         }
 185         if (*endptr)
 186         {
 187                 DBG1(DBG_APP, "invalid interface ID: %s", value);
 188                 return FALSE;
 189         }
 190         return TRUE;
 191 }
 192
 193 /*
 194  * Described in header
 195  */
 196 void allocate_unique_if_ids(uint32_t *in, uint32_t *out)
 197 {
 198         static refcount_t unique_if_id = 0;
 199
 200         if (IF_ID_IS_UNIQUE(*in) || IF_ID_IS_UNIQUE(*out))
 201         {
 202                 refcount_t if_id = 0;
 203                 bool unique_dir = *in == IF_ID_UNIQUE_DIR ||
 204                                                   *out == IF_ID_UNIQUE_DIR;
 205
 206                 if (!unique_dir)
 207                 {
 208                         if_id = ref_get(&unique_if_id);
 209                 }
 210                 if (IF_ID_IS_UNIQUE(*in))
 211                 {
 212                         *in = unique_dir ? ref_get(&unique_if_id) : if_id;
 213                 }
 214                 if (IF_ID_IS_UNIQUE(*out))
 215                 {
 216                         *out = unique_dir ? ref_get(&unique_if_id) : if_id;
 217                 }
 218         }
 219 }