ike_cfg = ike_cfg_create(IKEV2, TRUE, encap, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
(char*)address, FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
peer_cfg = peer_cfg_create(priv->name, ike_cfg,
CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */
}
return plugin;
}
-
settings->get_int(settings, "configs.%s.lport", 500, config),
settings->get_str(settings, "configs.%s.rhost", "%any", config), FALSE,
settings->get_int(settings, "configs.%s.rport", 500, config),
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
token = settings->get_str(settings, "configs.%s.proposal", NULL, config);
if (token)
{
ike_cfg = ike_cfg_create(IKEV2, TRUE, TRUE, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
this->gateway, FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
peer_cfg = peer_cfg_create("android", ike_cfg, CERT_SEND_IF_ASKED,
*/
fragmentation_t fragmentation;
+ /**
+ * DSCP value to use on sent IKE packets
+ */
+ u_int8_t dscp;
+
/**
* List of proposals to use
*/
return this->other_port;
}
+METHOD(ike_cfg_t, get_dscp, u_int8_t,
+ private_ike_cfg_t *this)
+{
+ return this->dscp;
+}
+
METHOD(ike_cfg_t, add_proposal, void,
private_ike_cfg_t *this, proposal_t *proposal)
{
ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
char *me, bool my_allow_any, u_int16_t my_port,
char *other, bool other_allow_any, u_int16_t other_port,
- fragmentation_t fragmentation)
+ fragmentation_t fragmentation, u_int8_t dscp)
{
private_ike_cfg_t *this;
.get_other_addr = _get_other_addr,
.get_my_port = _get_my_port,
.get_other_port = _get_other_port,
+ .get_dscp = _get_dscp,
.add_proposal = _add_proposal,
.get_proposals = _get_proposals,
.select_proposal = _select_proposal,
.other_allow_any = other_allow_any,
.my_port = my_port,
.other_port = other_port,
+ .dscp = dscp,
.proposals = linked_list_create(),
);
*/
u_int16_t (*get_other_port)(ike_cfg_t *this);
+ /**
+ * Get the DSCP value to use for IKE packets send from connections.
+ *
+ * @return DSCP value
+ */
+ u_int8_t (*get_dscp)(ike_cfg_t *this);
+
/**
* Adds a proposal to the list.
*
* @param other_allow_any allow override of remote address by any address
* @param other_port IKE port to use as dest, 500 uses IKEv2 port floating
* @param fragmentation use IKEv1 fragmentation
+ * @param dscp DSCP value to send IKE packets with
* @return ike_cfg_t object.
*/
ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
char *me, bool my_allow_any, u_int16_t my_port,
char *other, bool other_allow_any, u_int16_t other_port,
- fragmentation_t fragmentation);
+ fragmentation_t fragmentation, u_int8_t dscp);
#endif /** IKE_CFG_H_ @}*/
ike_cfg = ike_cfg_create(IKEV2, TRUE, FALSE, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
- hostname, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO);
+ hostname, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO,
+ 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
peer_cfg = peer_cfg_create("android", ike_cfg, CERT_SEND_IF_ASKED,
return &this->public;
}
-
/* create config and backend */
ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE, local, FALSE,
charon->socket->get_port(charon->socket, FALSE),
- remote, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO);
+ remote, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
peer_cfg = peer_cfg_create("ha", ike_cfg, CERT_NEVER_SEND,
UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE, 30,
return &this->public;
}
-
ike_cfg = ike_cfg_create(this->version, TRUE, FALSE,
local, FALSE, this->port + num - 1,
remote, FALSE, IKEV2_NATT_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
}
else
{
local, FALSE,
charon->socket->get_port(charon->socket, FALSE),
remote, FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
}
ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal));
peer_cfg = peer_cfg_create("load-test", ike_cfg,
ike_cfg = ike_cfg_create(IKEV2, TRUE, FALSE, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
- hostname, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO);
+ hostname, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO,
+ 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
peer_cfg = peer_cfg_create(this->current, ike_cfg,
return &this->public;
}
-
ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
"0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
- address, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO);
+ address, FALSE, IKEV2_UDP_PORT, FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
med_cfg = peer_cfg_create(
"mediation", ike_cfg,
"0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
"0.0.0.0", FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO),
+ FRAGMENTATION_NO, 0),
);
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
return &this->public;
}
-
"0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
"0.0.0.0", FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO),
+ FRAGMENTATION_NO, 0),
);
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
return &this->public;
}
-
local, FALSE,
charon->socket->get_port(charon->socket, FALSE),
remote, FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
add_ike_proposals(this, ike_cfg, id);
return ike_cfg;
}
return &this->public;
}
-
msg->add_conn.other.address,
msg->add_conn.other.allow_any,
msg->add_conn.other.ikeport,
- msg->add_conn.fragmentation);
+ msg->add_conn.fragmentation,
+ 0);
add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL);
return ike_cfg;
}
local_addr, FALSE,
charon->socket->get_port(charon->socket, FALSE),
remote_addr, FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE));
this->peer_cfg = peer_cfg_create(
name, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO,
local_addr, FALSE,
charon->socket->get_port(charon->socket, FALSE),
remote_addr, FALSE, IKEV2_UDP_PORT,
- FRAGMENTATION_NO);
+ FRAGMENTATION_NO, 0);
this->ike_cfg->add_proposal(this->ike_cfg,
create_proposal(ike_proposal, PROTO_IKE));
return &this->public;
}
-