From: Martin Willi Date: Sun, 23 Nov 2008 11:58:41 +0000 (-0000) Subject: added a "load_tester.auth" option: "pubkey" (default) or "psk" X-Git-Tag: 4.2.10~100 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18e2788fbeeeb155e5f6436664ea157de02a3526;p=thirdparty%2Fstrongswan.git added a "load_tester.auth" option: "pubkey" (default) or "psk" --- diff --git a/src/charon/plugins/load_tester/load_tester_config.c b/src/charon/plugins/load_tester/load_tester_config.c index 8e93d24bb5..b184ad2b68 100644 --- a/src/charon/plugins/load_tester/load_tester_config.c +++ b/src/charon/plugins/load_tester/load_tester_config.c @@ -67,7 +67,7 @@ static peer_cfg_t *get_peer_cfg_by_name(private_load_tester_config_t *this, { if (streq(name, "load-test")) { - return this->peer_cfg->get_ref(this->peer_cfg);; + return this->peer_cfg->get_ref(this->peer_cfg); } return NULL; } @@ -93,7 +93,7 @@ load_tester_config_t *load_tester_config_create() traffic_selector_t *ts; auth_info_t *auth; auth_class_t class; - char *remote, *pool; + char *remote, *pool, *authstr; host_t *vip = NULL; this->public.backend.create_peer_cfg_enumerator = (enumerator_t*(*)(backend_t*, identification_t *me, identification_t *other))create_peer_cfg_enumerator; @@ -126,7 +126,16 @@ load_tester_config_t *load_tester_config_create() 0, 0, TRUE, 60, /* jitter, overtime, mobike, dpddelay */ vip, pool, FALSE, NULL, NULL); auth = this->peer_cfg->get_auth(this->peer_cfg); - class = AUTH_CLASS_PUBKEY; + authstr = lib->settings->get_str(lib->settings, + "charon.plugins.load_tester.auth", "pubkey"); + if (streq(authstr, "psk")) + { + class = AUTH_CLASS_PSK; + } + else + { + class = AUTH_CLASS_PUBKEY; + } auth->add_item(auth, AUTHN_AUTH_CLASS, &class); child_cfg = child_cfg_create("load-test", 600, 400, 100, NULL, TRUE, MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE); diff --git a/src/charon/plugins/load_tester/load_tester_creds.c b/src/charon/plugins/load_tester/load_tester_creds.c index ec69a1ac9e..f3f5a12846 100644 --- a/src/charon/plugins/load_tester/load_tester_creds.c +++ b/src/charon/plugins/load_tester/load_tester_creds.c @@ -41,6 +41,16 @@ struct private_load_tester_creds_t { * Trusted certificate to verify signatures */ certificate_t *cert; + + /** + * Preshared key + */ + shared_key_t *shared; + + /** + * Identification for shared key + */ + identification_t *id; }; /** @@ -151,6 +161,13 @@ static char cert[] = { 0x1a,0xef,0xe4,0x75,0xac,0x11,0x19,0xc0,0x75,0x6d,0x23,0x18,0x05,0x72,0x73, }; +/** + * A preshared key + */ +static char psk[] = { + 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 +}; + /** * Implements credential_set_t.create_private_enumerator */ @@ -204,6 +221,28 @@ static enumerator_t* create_cert_enumerator(private_load_tester_creds_t *this, return enumerator_create_single(this->cert, NULL); } +/** + * Implements credential_set_t.create_shared_enumerator + */ +static enumerator_t* create_shared_enumerator(private_load_tester_creds_t *this, + shared_key_type_t type, identification_t *me, + identification_t *other) +{ + if (type != SHARED_ANY && type != SHARED_IKE) + { + return NULL; + } + if (me && !this->id->matches(this->id, me)) + { + return NULL; + } + if (other && !this->id->matches(this->id, other)) + { + return NULL; + } + return enumerator_create_single(this->shared, NULL); +} + /** * Implementation of load_tester_creds_t.destroy */ @@ -211,6 +250,8 @@ static void destroy(private_load_tester_creds_t *this) { DESTROY_IF(this->private); DESTROY_IF(this->cert); + this->shared->destroy(this->shared); + this->id->destroy(this->id); free(this); } @@ -218,7 +259,7 @@ load_tester_creds_t *load_tester_creds_create() { private_load_tester_creds_t *this = malloc_thing(private_load_tester_creds_t); - this->public.credential_set.create_shared_enumerator = (enumerator_t*(*)(credential_set_t*, shared_key_type_t, identification_t*, identification_t*))return_null; + this->public.credential_set.create_shared_enumerator = (enumerator_t*(*)(credential_set_t*, shared_key_type_t, identification_t*, identification_t*))create_shared_enumerator; this->public.credential_set.create_private_enumerator = (enumerator_t*(*) (credential_set_t*, key_type_t, identification_t*))create_private_enumerator; this->public.credential_set.create_cert_enumerator = (enumerator_t*(*) (credential_set_t*, certificate_type_t, key_type_t,identification_t *, bool))create_cert_enumerator; this->public.credential_set.create_cdp_enumerator = (enumerator_t*(*) (credential_set_t *,certificate_type_t, identification_t *))return_null; @@ -231,6 +272,9 @@ load_tester_creds_t *load_tester_creds_create() this->cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, BUILD_BLOB_ASN1_DER, chunk_create(cert, sizeof(cert)), BUILD_END); + this->shared = shared_key_create(SHARED_IKE, + chunk_clone(chunk_create(psk, sizeof(psk)))); + this->id = identification_create_from_string("load-test@strongswan.org"); return &this->public; }