#include "kernel_alg.h"
#include "nat_traversal.h"
#include "virtual.h"
+#include "whack_attribute.h"
static void flush_pending_by_connection(connection_t *c); /* forward */
}
static bool extract_end(struct end *dst, const whack_end_t *src,
- const char *which)
+ const char *name, const char *which)
{
bool same_ca = FALSE;
dst->updown = clone_str(src->updown);
dst->host_port = src->host_port;
- /* if the sourceip netmask is zero a named pool exists */
- if (src->sourceip_mask == 0)
+ if (streq(which, "right"))
{
- dst->pool = clone_str(src->sourceip);
+ /* if the sourceip netmask is zero a named pool exists */
+ if (src->sourceip_mask == 0)
+ {
+ dst->pool = clone_str(src->sourceip);
+ }
+ else if (whack_attr->add_pool(whack_attr, name, src))
+ { /* otherwise we try to add a new in-memory pool, which in case of
+ * %config (sourceip == NULL, sourceip_maks == 1) just returns
+ * the requested address */
+ dst->pool = clone_str(name);
+ dst->modecfg = TRUE;
+ /* reset the host sourceip so it gets assigned in modecfg */
+ anyaddr(AF_INET, &dst->host_srcip);
+ }
}
/* if host sourceip is defined but no client is present
c->requested_ca = NULL;
- same_leftca = extract_end(&c->spd.this, &wm->left, "left");
- same_rightca = extract_end(&c->spd.that, &wm->right, "right");
+ same_leftca = extract_end(&c->spd.this, &wm->left, wm->name, "left");
+ same_rightca = extract_end(&c->spd.that, &wm->right, wm->name, "right");
if (same_rightca && c->spd.this.ca)
{
{
ia->ipaddr = c->spd.that.host_srcip;
vip = host_create_from_sockaddr((sockaddr_t*)&ia->ipaddr);
- plog("assigning virtual IP %H to peer", vip);
+ plog("assigning virtual IP %H to peer", vip);
}
if (!isanyaddr(&ia->ipaddr)) /* We got an IP address, send it */
#include "timer.h"
#include "vendor.h"
#include "builder.h"
+#include "whack_attribute.h"
static void usage(const char *mess)
{
init_myid();
fetch_initialize();
ac_initialize();
+ whack_attribute_initialize();
/* drop unneeded capabilities and change UID/GID */
prctl(PR_SET_KEEPCAPS, 1);
free_preshared_secrets();
free_remembered_public_keys();
delete_every_connection();
+ whack_attribute_finalize(); /* free in-memory pools */
fetch_finalize(); /* stop fetching thread */
free_crl_fetch(); /* free chain of crl fetch requests */
free_ocsp_fetch(); /* free chain of ocsp fetch requests */
projects / thirdparty / strongswan.git / commitdiff
