ike: Add an additional but separate AEAD proposal to IKE config, if supported
[strongswan.git] / src / conftest / config.c
index 22c9d23..bd63df0 100644 (file)
@@ -103,11 +103,11 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
 
        ike_cfg = ike_cfg_create(IKEV2, TRUE,
                settings->get_bool(settings, "configs.%s.fake_nat", FALSE, config),
-               settings->get_str(settings, "configs.%s.lhost", "%any", config), FALSE,
+               settings->get_str(settings, "configs.%s.lhost", "%any", config),
                settings->get_int(settings, "configs.%s.lport", 500, config),
-               settings->get_str(settings, "configs.%s.rhost", "%any", config), FALSE,
+               settings->get_str(settings, "configs.%s.rhost", "%any", config),
                settings->get_int(settings, "configs.%s.rport", 500, config),
-               FRAGMENTATION_NO);
+               FRAGMENTATION_NO, 0);
        token = settings->get_str(settings, "configs.%s.proposal", NULL, config);
        if (token)
        {
@@ -129,6 +129,7 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
        else
        {
                ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+               ike_cfg->add_proposal(ike_cfg, proposal_create_default_aead(PROTO_IKE));
        }
        return ike_cfg;
 }
@@ -188,7 +189,7 @@ static child_cfg_t *load_child_config(private_config_t *this,
                enumerator = enumerator_create_token(token, ",", " ");
                while (enumerator->enumerate(enumerator, &token))
                {
-                       ts = traffic_selector_create_from_cidr(token, 0, 0);
+                       ts = traffic_selector_create_from_cidr(token, 0, 0, 65535);
                        if (ts)
                        {
                                child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
@@ -212,7 +213,7 @@ static child_cfg_t *load_child_config(private_config_t *this,
                enumerator = enumerator_create_token(token, ",", " ");
                while (enumerator->enumerate(enumerator, &token))
                {
-                       ts = traffic_selector_create_from_cidr(token, 0, 0);
+                       ts = traffic_selector_create_from_cidr(token, 0, 0, 65535);
                        if (ts)
                        {
                                child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
@@ -244,13 +245,13 @@ static peer_cfg_t *load_peer_config(private_config_t *this,
        child_cfg_t *child_cfg;
        enumerator_t *enumerator;
        identification_t *lid, *rid;
-       char *child, *policy;
+       char *child, *policy, *pool;
        uintptr_t strength;
 
        ike_cfg = load_ike_config(this, settings, config);
        peer_cfg = peer_cfg_create(config, ike_cfg, CERT_ALWAYS_SEND,
-                                                          UNIQUE_NO, 1, 0, 0, 0, 0, FALSE, FALSE, 0, 0,
-                                                          FALSE, NULL, NULL);
+                                                          UNIQUE_NO, 1, 0, 0, 0, 0, FALSE, FALSE, TRUE,
+                                                          0, 0, FALSE, NULL, NULL);
 
        auth = auth_cfg_create();
        auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
@@ -280,6 +281,11 @@ static peer_cfg_t *load_peer_config(private_config_t *this,
        }
        auth->add(auth, AUTH_RULE_IDENTITY, rid);
        peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
+       pool = settings->get_str(settings, "configs.%s.named_pool", NULL, config);
+       if (pool)
+       {
+               peer_cfg->add_pool(peer_cfg, pool);
+       }
 
        DBG1(DBG_CFG, "loaded config %s: %Y - %Y", config, lid, rid);