fixed memleak in SQL config lookup
[strongswan.git] / src / charon / plugins / sql / sql_config.c
index 9b70364..e7dfe57 100644 (file)
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include <string.h>
@@ -157,7 +155,7 @@ static void add_child_cfgs(private_sql_config_t *this, peer_cfg_t *peer, int id)
                        "WHERE peer_cfg = ?",
                        DB_INT, id,
                        DB_INT, DB_TEXT, DB_INT, DB_INT, DB_INT,
-                       DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT);
+                       DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT, DB_INT);
        if (e)
        {
                while ((child_cfg = build_child_cfg(this, e)))
@@ -179,34 +177,9 @@ static ike_cfg_t *build_ike_cfg(private_sql_config_t *this, enumerator_t *e,
        
        while (e->enumerate(e, &certreq, &force_encap, &local, &remote))
        {
-               host_t *me, *other;
                ike_cfg_t *ike_cfg;
                
-               me = host_create_from_string(local, 500);
-               if (!me)
-               {
-                       continue;
-               }
-               if (my_host && !me->is_anyaddr(me) &&
-                       !me->ip_equals(me, my_host))
-               {
-                       me->destroy(me);
-                       continue;
-               }
-               other = host_create_from_string(remote, 500);
-               if (!other)
-               {
-                       me->destroy(me);
-                       continue;
-               }
-               if (other_host && !other->is_anyaddr(other) &&
-                       !other->ip_equals(other, other_host))
-               {
-                       me->destroy(me);
-                       other->destroy(other);
-                       continue;
-               }
-               ike_cfg = ike_cfg_create(certreq, force_encap, me, other);
+               ike_cfg = ike_cfg_create(certreq, force_encap, local, remote);
                /* TODO: read proposal from db */
                ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
                return ike_cfg;
@@ -292,6 +265,7 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
                peer_cfg_t *peer_cfg, *mediated_cfg;
                ike_cfg_t *ike;
                host_t *vip = NULL;
+               auth_cfg_t *auth;
                
                local_id = identification_create_from_encoding(l_type, l_data);
                remote_id = identification_create_from_encoding(r_type, r_data);
@@ -315,11 +289,26 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
                if (ike)
                {
                        peer_cfg = peer_cfg_create(
-                                       name, 2, ike, local_id, remote_id, cert_policy, uniqueid,
-                                       auth_method, eap_type, eap_vendor, keyingtries, 
-                                       rekeytime, reauthtime, jitter, overtime, mobike,
-                                       dpd_delay, vip, pool,
+                                       name, 2, ike, cert_policy, uniqueid,
+                                       keyingtries, rekeytime, reauthtime, jitter, overtime,
+                                       mobike, dpd_delay, vip, pool,
                                        mediation, mediated_cfg, peer_id);
+                       auth = auth_cfg_create();
+                       auth->add(auth, AUTH_RULE_AUTH_CLASS, auth_method);
+                       auth->add(auth, AUTH_RULE_IDENTITY, local_id);
+                       peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
+                       auth = auth_cfg_create();
+                       auth->add(auth, AUTH_RULE_IDENTITY, remote_id);
+                       if (eap_type)
+                       {
+                               auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+                               auth->add(auth, AUTH_RULE_EAP_TYPE, eap_type);
+                               if (eap_vendor)
+                               {
+                                       auth->add(auth, AUTH_RULE_EAP_VENDOR, eap_vendor);
+                               }
+                       }
+                       peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
                        add_child_cfgs(this, peer_cfg, id);
                        return peer_cfg;
                }