Adapted the config backends to the new lifetime configuration.
[strongswan.git] / src / charon / plugins / sql / sql_config.c
index 8efa1cb..71fb378 100644 (file)
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include <string.h>
@@ -132,8 +130,10 @@ static child_cfg_t *build_child_cfg(private_sql_config_t *this, enumerator_t *e)
        if (e->enumerate(e, &id, &name, &lifetime, &rekeytime, &jitter, 
                                                &updown, &hostaccess, &mode, &dpd, &close, &ipcomp))
        {
-               child_cfg = child_cfg_create(name, lifetime, rekeytime, jitter,
-                                                                        updown, hostaccess, mode, dpd, close, ipcomp);
+               lifetime_cfg_t *lft = lifetime_cfg_create_time(lifetime, rekeytime,
+                                                                                                          jitter);
+               child_cfg = child_cfg_create(name, lft, updown, hostaccess, mode,
+                                                                        dpd, close, ipcomp);
                /* TODO: read proposal from db */
                child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
                add_traffic_selectors(this, child_cfg, id);
@@ -267,7 +267,7 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
                peer_cfg_t *peer_cfg, *mediated_cfg;
                ike_cfg_t *ike;
                host_t *vip = NULL;
-               auth_info_t *auth;
+               auth_cfg_t *auth;
                
                local_id = identification_create_from_encoding(l_type, l_data);
                remote_id = identification_create_from_encoding(r_type, r_data);
@@ -291,20 +291,26 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
                if (ike)
                {
                        peer_cfg = peer_cfg_create(
-                                       name, 2, ike, local_id, remote_id, cert_policy, uniqueid,
+                                       name, 2, ike, cert_policy, uniqueid,
                                        keyingtries, rekeytime, reauthtime, jitter, overtime,
                                        mobike, dpd_delay, vip, pool,
                                        mediation, mediated_cfg, peer_id);
-                       auth = peer_cfg->get_auth(peer_cfg);
-                       auth->add_item(auth, AUTHN_AUTH_CLASS, &auth_method);
+                       auth = auth_cfg_create();
+                       auth->add(auth, AUTH_RULE_AUTH_CLASS, auth_method);
+                       auth->add(auth, AUTH_RULE_IDENTITY, local_id);
+                       peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
+                       auth = auth_cfg_create();
+                       auth->add(auth, AUTH_RULE_IDENTITY, remote_id);
                        if (eap_type)
                        {
-                               auth->add_item(auth, AUTHN_EAP_TYPE, &eap_type);
+                               auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+                               auth->add(auth, AUTH_RULE_EAP_TYPE, eap_type);
                                if (eap_vendor)
                                {
-                                       auth->add_item(auth, AUTHN_EAP_VENDOR, &eap_vendor);
+                                       auth->add(auth, AUTH_RULE_EAP_VENDOR, eap_vendor);
                                }
                        }
+                       peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
                        add_child_cfgs(this, peer_cfg, id);
                        return peer_cfg;
                }