fixed sleep command in ikev1/esp-ah-tunnel scenario
[strongswan.git] / src / conftest / config.c
index 77a8fac..9521412 100644 (file)
@@ -146,14 +146,18 @@ static child_cfg_t *load_child_config(private_config_t *this,
        host_t *net;
        char *token;
        int bits;
+       u_int32_t tfc;
 
        if (settings->get_bool(settings, "configs.%s.%s.transport",
                                                   FALSE, config, child))
        {
                mode = MODE_TRANSPORT;
        }
+       tfc = settings->get_int(settings, "configs.%s.%s.tfc_padding",
+                                                       0, config, child);
        child_cfg = child_cfg_create(child, &lifetime, NULL, FALSE, mode,
-                                               ACTION_NONE, ACTION_NONE, FALSE, 0, 0, NULL, NULL);
+                                                                ACTION_NONE, ACTION_NONE, ACTION_NONE,
+                                                                FALSE, 0, 0, NULL, NULL, tfc);
 
        token = settings->get_str(settings, "configs.%s.%s.proposal",
                                                          NULL, config, child);
@@ -243,7 +247,7 @@ static peer_cfg_t *load_peer_config(private_config_t *this,
        child_cfg_t *child_cfg;
        enumerator_t *enumerator;
        identification_t *lid, *rid;
-       char *child;
+       char *child, *policy;
        uintptr_t strength;
 
        ike_cfg = load_ike_config(this, settings, config);
@@ -272,6 +276,11 @@ static peer_cfg_t *load_peer_config(private_config_t *this,
        {
                auth->add(auth, AUTH_RULE_ECDSA_STRENGTH, strength);
        }
+       policy = settings->get_str(settings, "configs.%s.cert_policy", NULL, config);
+       if (policy)
+       {
+               auth->add(auth, AUTH_RULE_CERT_POLICY, strdup(policy));
+       }
        auth->add(auth, AUTH_RULE_IDENTITY, rid);
        peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);