Adapted the config backends to the new lifetime configuration.
[strongswan.git] / src / charon / plugins / sql / sql_config.c
index 3777c6e..71fb378 100644 (file)
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include <string.h>
@@ -125,15 +123,17 @@ static void add_traffic_selectors(private_sql_config_t *this,
  */
 static child_cfg_t *build_child_cfg(private_sql_config_t *this, enumerator_t *e)
 {
-       int id, lifetime, rekeytime, jitter, hostaccess, mode, dpd, close;
+       int id, lifetime, rekeytime, jitter, hostaccess, mode, dpd, close, ipcomp;
        char *name, *updown;
        child_cfg_t *child_cfg;
        
        if (e->enumerate(e, &id, &name, &lifetime, &rekeytime, &jitter, 
-                                               &updown, &hostaccess, &mode, &dpd, &close))
+                                               &updown, &hostaccess, &mode, &dpd, &close, &ipcomp))
        {
-               child_cfg = child_cfg_create(name, lifetime, rekeytime, jitter,
-                                                                        updown, hostaccess, mode, dpd, close);
+               lifetime_cfg_t *lft = lifetime_cfg_create_time(lifetime, rekeytime,
+                                                                                                          jitter);
+               child_cfg = child_cfg_create(name, lft, updown, hostaccess, mode,
+                                                                        dpd, close, ipcomp);
                /* TODO: read proposal from db */
                child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
                add_traffic_selectors(this, child_cfg, id);
@@ -152,12 +152,12 @@ static void add_child_cfgs(private_sql_config_t *this, peer_cfg_t *peer, int id)
        
        e = this->db->query(this->db,
                        "SELECT id, name, lifetime, rekeytime, jitter, "
-                       "updown, hostaccess, mode, dpd_action, close_action "
+                       "updown, hostaccess, mode, dpd_action, close_action, ipcomp "
                        "FROM child_configs JOIN peer_config_child_config ON id = child_cfg "
                        "WHERE peer_cfg = ?",
                        DB_INT, id,
                        DB_INT, DB_TEXT, DB_INT, DB_INT, DB_INT,
-                       DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT);
+                       DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT, DB_INT);
        if (e)
        {
                while ((child_cfg = build_child_cfg(this, e)))
@@ -179,34 +179,9 @@ static ike_cfg_t *build_ike_cfg(private_sql_config_t *this, enumerator_t *e,
        
        while (e->enumerate(e, &certreq, &force_encap, &local, &remote))
        {
-               host_t *me, *other;
                ike_cfg_t *ike_cfg;
                
-               me = host_create_from_string(local, 500);
-               if (!me)
-               {
-                       continue;
-               }
-               if (my_host && !me->is_anyaddr(me) &&
-                       !me->ip_equals(me, my_host))
-               {
-                       me->destroy(me);
-                       continue;
-               }
-               other = host_create_from_string(remote, 500);
-               if (!other)
-               {
-                       me->destroy(me);
-                       continue;
-               }
-               if (other_host && !other->is_anyaddr(other) &&
-                       !other->ip_equals(other, other_host))
-               {
-                       me->destroy(me);
-                       other->destroy(other);
-                       continue;
-               }
-               ike_cfg = ike_cfg_create(certreq, force_encap, me, other);
+               ike_cfg = ike_cfg_create(certreq, force_encap, local, remote);
                /* TODO: read proposal from db */
                ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
                return ike_cfg;
@@ -292,6 +267,7 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
                peer_cfg_t *peer_cfg, *mediated_cfg;
                ike_cfg_t *ike;
                host_t *vip = NULL;
+               auth_cfg_t *auth;
                
                local_id = identification_create_from_encoding(l_type, l_data);
                remote_id = identification_create_from_encoding(r_type, r_data);
@@ -315,11 +291,26 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
                if (ike)
                {
                        peer_cfg = peer_cfg_create(
-                                       name, 2, ike, local_id, remote_id, cert_policy, uniqueid,
-                                       auth_method, eap_type, eap_vendor, keyingtries, 
-                                       rekeytime, reauthtime, jitter, overtime, mobike,
-                                       dpd_delay, vip, pool,
+                                       name, 2, ike, cert_policy, uniqueid,
+                                       keyingtries, rekeytime, reauthtime, jitter, overtime,
+                                       mobike, dpd_delay, vip, pool,
                                        mediation, mediated_cfg, peer_id);
+                       auth = auth_cfg_create();
+                       auth->add(auth, AUTH_RULE_AUTH_CLASS, auth_method);
+                       auth->add(auth, AUTH_RULE_IDENTITY, local_id);
+                       peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
+                       auth = auth_cfg_create();
+                       auth->add(auth, AUTH_RULE_IDENTITY, remote_id);
+                       if (eap_type)
+                       {
+                               auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+                               auth->add(auth, AUTH_RULE_EAP_TYPE, eap_type);
+                               if (eap_vendor)
+                               {
+                                       auth->add(auth, AUTH_RULE_EAP_VENDOR, eap_vendor);
+                               }
+                       }
+                       peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
                        add_child_cfgs(this, peer_cfg, id);
                        return peer_cfg;
                }