From: Tobias Brunner Date: Thu, 25 Jun 2015 15:19:12 +0000 (+0200) Subject: updown: Pass virtual IPs assigned to a peer to the updown script X-Git-Tag: 5.3.3dr4~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1de31bcc2b3d6b5ff9f8d06651bc5c68d94d5e9b;p=thirdparty%2Fstrongswan.git updown: Pass virtual IPs assigned to a peer to the updown script Previously only received virtual IPs were available. References #1008. --- diff --git a/src/_updown/_updown.in b/src/_updown/_updown.in index 4090fe0747..6e7abca092 100644 --- a/src/_updown/_updown.in +++ b/src/_updown/_updown.in @@ -71,7 +71,7 @@ # PLUTO_MY_SOURCEIP6_$i # contains IPv4/IPv6 virtual IP received from a responder, # $i enumerates from 1 to the number of IP per address family. -# PLUTO_MY_SOURCEIP is a legacy variable and equals to the first +# PLUTO_MY_SOURCEIP is a legacy variable and equal to the first # virtual IP, IPv4 or IPv6. # # PLUTO_MY_PROTOCOL @@ -94,6 +94,14 @@ # the peer's own IP address / max (where max is 32 # for IPv4 and 128 for IPv6). # +# PLUTO_PEER_SOURCEIP +# PLUTO_PEER_SOURCEIP4_$i +# PLUTO_PEER_SOURCEIP6_$i +# contains IPv4/IPv6 virtual IP sent to an initiator, +# $i enumerates from 1 to the number of IP per address family. +# PLUTO_PEER_SOURCEIP is a legacy variable and equal to the first +# virtual IP, IPv4 or IPv6. +# # PLUTO_PEER_PROTOCOL # is the IP protocol that will be transported. # diff --git a/src/libcharon/plugins/updown/updown_listener.c b/src/libcharon/plugins/updown/updown_listener.c index be65d599f2..96282bee07 100644 --- a/src/libcharon/plugins/updown/updown_listener.c +++ b/src/libcharon/plugins/updown/updown_listener.c @@ -169,31 +169,34 @@ static void push_dns_env(private_updown_listener_t *this, ike_sa_t *ike_sa, } /** - * Push variables for local virtual IPs + * Push variables for local/remote virtual IPs */ static void push_vip_env(private_updown_listener_t *this, ike_sa_t *ike_sa, - char *envp[], u_int count) + char *envp[], u_int count, bool local) { enumerator_t *enumerator; host_t *host; int v4 = 0, v6 = 0; bool first = TRUE; - enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, TRUE); + enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, local); while (enumerator->enumerate(enumerator, &host)) { if (first) { /* legacy variable for first VIP */ first = FALSE; - push_env(envp, count, "PLUTO_MY_SOURCEIP=%H", host); + push_env(envp, count, "PLUTO_%s_SOURCEIP=%H", + local ? "MY" : "PEER", host); } switch (host->get_family(host)) { case AF_INET: - push_env(envp, count, "PLUTO_MY_SOURCEIP4_%d=%H", ++v4, host); + push_env(envp, count, "PLUTO_%s_SOURCEIP4_%d=%H", + local ? "MY" : "PEER", ++v4, host); break; case AF_INET6: - push_env(envp, count, "PLUTO_MY_SOURCEIP6_%d=%H", ++v6, host); + push_env(envp, count, "PLUTO_%s_SOURCEIP6_%d=%H", + local ? "MY" : "PEER", ++v6, host); break; default: continue; @@ -313,7 +316,8 @@ static void invoke_once(private_updown_listener_t *this, ike_sa_t *ike_sa, push_env(envp, countof(envp), "PLUTO_XAUTH_ID=%Y", ike_sa->get_other_eap_id(ike_sa)); } - push_vip_env(this, ike_sa, envp, countof(envp)); + push_vip_env(this, ike_sa, envp, countof(envp), TRUE); + push_vip_env(this, ike_sa, envp, countof(envp), FALSE); mark = config->get_mark(config, TRUE); if (mark.value) {