cfg->conn_default.seen = SEEN_NONE;
cfg->conn_default.startup = STARTUP_NO;
cfg->conn_default.state = STATE_IGNORE;
- cfg->conn_default.policy = POLICY_ENCRYPT | POLICY_TUNNEL | POLICY_PUBKEY |
- POLICY_PFS | POLICY_MOBIKE;
+ cfg->conn_default.mode = MODE_TUNNEL;
+ cfg->conn_default.policy = POLICY_PFS | POLICY_MOBIKE;
cfg->conn_default.ike = strdupnull(ike_defaults);
cfg->conn_default.esp = strdupnull(esp_defaults);
32 : 128;
}
}
- conn->policy |= POLICY_TUNNEL;
+ conn->mode = MODE_TUNNEL;
+ conn->proxy_mode = FALSE;
break;
case KW_SENDCERT:
if (end->sendcert == CERT_YES_SEND)
}
end->sourceip = strdupnull(value);
end->has_natip = TRUE;
- conn->policy |= POLICY_TUNNEL;
+ conn->mode = MODE_TUNNEL;
+ conn->proxy_mode = FALSE;
break;
}
default:
switch (token)
{
case KW_TYPE:
- conn->policy &= ~(POLICY_TUNNEL | POLICY_SHUNT_MASK);
+ conn->mode = MODE_TRANSPORT;
+ conn->proxy_mode = FALSE;
if (streq(kw->value, "tunnel"))
{
- conn->policy |= POLICY_TUNNEL;
+ conn->mode = MODE_TUNNEL;
}
else if (streq(kw->value, "beet"))
{
- conn->policy |= POLICY_BEET;
+ conn->mode = MODE_BEET;
}
else if (streq(kw->value, "transport_proxy"))
{
- conn->policy |= POLICY_PROXY;
+ conn->mode = MODE_TRANSPORT;
+ conn->proxy_mode = TRUE;
}
else if (streq(kw->value, "passthrough") || streq(kw->value, "pass"))
{
- conn->policy |= POLICY_SHUNT_PASS;
+ conn->mode = MODE_PASS;
}
- else if (streq(kw->value, "drop"))
+ else if (streq(kw->value, "drop") || streq(kw->value, "reject"))
{
- conn->policy |= POLICY_SHUNT_DROP;
+ conn->mode = MODE_DROP;
}
- else if (streq(kw->value, "reject"))
- {
- conn->policy |= POLICY_SHUNT_REJECT;
- }
- else if (strcmp(kw->value, "transport") != 0)
+ else if (!streq(kw->value, "transport"))
{
DBG1(DBG_APP, "# bad policy value: %s=%s", kw->entry->name,
kw->value);
-/* Stroke for charon is the counterpart to whack from pluto
+/*
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
msg.add_conn.aaa_identity = push_string(&msg, conn->aaa_identity);
msg.add_conn.xauth_identity = push_string(&msg, conn->xauth_identity);
- if (conn->policy & POLICY_TUNNEL)
- {
- msg.add_conn.mode = MODE_TUNNEL;
- }
- else if (conn->policy & POLICY_BEET)
- {
- msg.add_conn.mode = MODE_BEET;
- }
- else if (conn->policy & POLICY_PROXY)
- {
- msg.add_conn.mode = MODE_TRANSPORT;
- msg.add_conn.proxy_mode = TRUE;
- }
- else if (conn->policy & POLICY_SHUNT_PASS)
- {
- msg.add_conn.mode = MODE_PASS;
- }
- else if (conn->policy & (POLICY_SHUNT_DROP | POLICY_SHUNT_REJECT))
- {
- msg.add_conn.mode = MODE_DROP;
- }
- else
- {
- msg.add_conn.mode = MODE_TRANSPORT;
- }
+ msg.add_conn.mode = conn->mode;
+ msg.add_conn.proxy_mode = conn->proxy_mode;
if (!(conn->policy & POLICY_DONT_REKEY))
{
-/* Stroke for charon is the counterpart to whack from pluto
- * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
#include "confread.h"
-extern int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn);
-extern int starter_stroke_del_conn(starter_conn_t *conn);
-extern int starter_stroke_route_conn(starter_conn_t *conn);
-extern int starter_stroke_initiate_conn(starter_conn_t *conn);
-extern int starter_stroke_add_ca(starter_ca_t *ca);
-extern int starter_stroke_del_ca(starter_ca_t *ca);
-extern int starter_stroke_configure(starter_config_t *cfg);
+int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn);
+int starter_stroke_del_conn(starter_conn_t *conn);
+int starter_stroke_route_conn(starter_conn_t *conn);
+int starter_stroke_initiate_conn(starter_conn_t *conn);
+int starter_stroke_add_ca(starter_ca_t *ca);
+int starter_stroke_del_ca(starter_ca_t *ca);
+int starter_stroke_configure(starter_config_t *cfg);
#endif /* _STARTER_STROKE_H_ */
projects / thirdparty / strongswan.git / commitdiff
