charon->socket->get_port(charon->socket, FALSE),
(char*)address, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
- peer_cfg = peer_cfg_create(priv->name, IKEV2, ike_cfg,
+ peer_cfg = peer_cfg_create(priv->name, ike_cfg,
CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
36000, 0, /* rekey 10h, reauth none */
600, 600, /* jitter, over 10min */
uintptr_t strength;
ike_cfg = load_ike_config(this, settings, config);
- peer_cfg = peer_cfg_create(config, IKEV2, ike_cfg, CERT_ALWAYS_SEND,
+ peer_cfg = peer_cfg_create(config, ike_cfg, CERT_ALWAYS_SEND,
UNIQUE_NO, 1, 0, 0, 0, 0, FALSE, FALSE, 0, 0,
FALSE, NULL, NULL);
this->gateway, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
- peer_cfg = peer_cfg_create("android", IKEV2, ike_cfg, CERT_SEND_IF_ASKED,
+ peer_cfg = peer_cfg_create("android", ike_cfg, CERT_SEND_IF_ASKED,
UNIQUE_REPLACE, 0, /* keyingtries */
36000, 0, /* rekey 10h, reauth none */
600, 600, /* jitter, over 10min */
*/
char *name;
- /**
- * IKE version to use for initiation
- */
- ike_version_t ike_version;
-
/**
* IKE config associated to this peer config
*/
METHOD(peer_cfg_t, get_ike_version, ike_version_t,
private_peer_cfg_t *this)
{
- return this->ike_version;
+ return this->ike_cfg->get_version(this->ike_cfg);
}
METHOD(peer_cfg_t, get_ike_cfg, ike_cfg_t*,
e2->destroy(e2);
return (
- this->ike_version == other->ike_version &&
+ get_ike_version(this) == get_ike_version(other) &&
this->cert_policy == other->cert_policy &&
this->unique == other->unique &&
this->keyingtries == other->keyingtries &&
/*
* Described in header-file
*/
-peer_cfg_t *peer_cfg_create(char *name, ike_version_t ike_version,
+peer_cfg_t *peer_cfg_create(char *name,
ike_cfg_t *ike_cfg, cert_policy_t cert_policy,
unique_policy_t unique, u_int32_t keyingtries,
u_int32_t rekey_time, u_int32_t reauth_time,
#endif /* ME */
},
.name = strdup(name),
- .ike_version = ike_version,
.ike_cfg = ike_cfg,
.child_cfgs = linked_list_create(),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
* (rekeylifetime - random(0, jitter)).
*
* @param name name of the peer_cfg
- * @param ike_version which IKE version we should use for this peer
* @param ike_cfg IKE config to use when acting as initiator
* @param cert_policy should we send a certificate payload?
* @param unique uniqueness of an IKE_SA
* @param peer_id ID that identifies our peer at the mediation server
* @return peer_cfg_t object
*/
-peer_cfg_t *peer_cfg_create(char *name, ike_version_t ike_version,
+peer_cfg_t *peer_cfg_create(char *name,
ike_cfg_t *ike_cfg, cert_policy_t cert_policy,
unique_policy_t unique, u_int32_t keyingtries,
u_int32_t rekey_time, u_int32_t reauth_time,
hostname, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
- peer_cfg = peer_cfg_create("android", IKEV2, ike_cfg, CERT_SEND_IF_ASKED,
+ peer_cfg = peer_cfg_create("android", ike_cfg, CERT_SEND_IF_ASKED,
UNIQUE_REPLACE, 1, /* keyingtries */
36000, 0, /* rekey 10h, reauth none */
600, 600, /* jitter, over 10min */
charon->socket->get_port(charon->socket, FALSE),
remote, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
- peer_cfg = peer_cfg_create("ha", IKEV2, ike_cfg, CERT_NEVER_SEND,
+ peer_cfg = peer_cfg_create("ha", ike_cfg, CERT_NEVER_SEND,
UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE, 30,
0, FALSE, NULL, NULL);
this->remote, FALSE, IKEV2_UDP_PORT);
}
ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal));
- peer_cfg = peer_cfg_create("load-test", IKEV2, ike_cfg,
+ peer_cfg = peer_cfg_create("load-test", ike_cfg,
CERT_SEND_IF_ASKED, UNIQUE_NO, 1, /* keytries */
this->ike_rekey, 0, /* rekey, reauth */
0, this->ike_rekey, /* jitter, overtime */
hostname, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
- peer_cfg = peer_cfg_create(this->current, IKEV2, ike_cfg,
+ peer_cfg = peer_cfg_create(this->current, ike_cfg,
CERT_SEND_IF_ASKED,
UNIQUE_REPLACE, 1, /* keyingtries */
36000, 0, /* rekey 10h, reauth none */
address, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
med_cfg = peer_cfg_create(
- "mediation", IKEV2, ike_cfg,
+ "mediation", ike_cfg,
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
return NULL;
}
peer_cfg = peer_cfg_create(
- name, IKEV2, this->ike->get_ref(this->ike),
+ name, this->ike->get_ref(this->ike),
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
return FALSE;
}
this->current = peer_cfg_create(
- name, IKEV2, this->ike->get_ref(this->ike),
+ name, this->ike->get_ref(this->ike),
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
if (e->enumerate(e, &name))
{
peer_cfg = peer_cfg_create(
- name, IKEV2, this->ike->get_ref(this->ike),
+ name, this->ike->get_ref(this->ike),
CERT_NEVER_SEND, UNIQUE_REPLACE,
1, this->rekey*60, 0, /* keytries, rekey, reauth */
this->rekey*5, this->rekey*3, /* jitter, overtime */
if (ike)
{
peer_cfg = peer_cfg_create(
- name, IKEV2, ike, cert_policy, uniqueid,
+ name, ike, cert_policy, uniqueid,
keyingtries, rekeytime, reauthtime, jitter, overtime,
mobike, FALSE, dpd_delay, 0,
mediation, mediated_cfg, peer_id);
/* other.sourceip is managed in stroke_attributes. If it is set, we define
* the pool name as the connection name, which the attribute provider
* uses to serve pool addresses. */
- peer_cfg = peer_cfg_create(msg->add_conn.name,
- msg->add_conn.version, ike_cfg,
+ peer_cfg = peer_cfg_create(msg->add_conn.name, ike_cfg,
msg->add_conn.me.sendcert, unique,
msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
msg->add_conn.mobike, msg->add_conn.aggressive,
remote_addr, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE));
this->peer_cfg = peer_cfg_create(
- name, IKEV2, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO,
+ name, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO,
1, create_rekey(ike_rekey), 0, /* keytries, rekey, reauth */
1800, 900, /* jitter, overtime */
TRUE, FALSE, /* mobike, aggressive */
projects / thirdparty / strongswan.git / commitdiff
