added options for virtual IP, UDP encapsulation, IPComp
authorMartin Willi <martin@strongswan.org>
Thu, 31 Jul 2008 14:32:11 +0000 (14:32 -0000)
committerMartin Willi <martin@strongswan.org>
Thu, 31 Jul 2008 14:32:11 +0000 (14:32 -0000)
proper handling of libstrongswan/glib TRUE/FALSE conflict

src/charon/plugins/nm/nm_service.c
src/charon/plugins/nm/nm_service.h
src/libstrongswan/utils.h

index ed30d7f..f910736 100644 (file)
@@ -172,6 +172,21 @@ static char* get_str(GHashTable *hash, char *key)
 }
 
 /**
+ * Read a boolean from a hash table using a given key
+ */
+static bool get_bool(GHashTable *hash, char *key)
+{
+       GValue *value;
+
+       value = g_hash_table_lookup(hash, key);
+       if (G_VALUE_TYPE (value) == G_TYPE_BOOLEAN)
+       {
+               return g_value_get_boolean(value);
+       }
+       return FALSE;
+}
+
+/**
  * Connect function called from NM via DBUS
  */
 static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
@@ -180,6 +195,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        NMSettingVPNProperties *properties;
        identification_t *user = NULL;
        char *address, *str;
+       bool virtual, encap, ipcomp;
        ike_cfg_t *ike_cfg;
        peer_cfg_t *peer_cfg;
        child_cfg_t *child_cfg;
@@ -203,16 +219,18 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
                 nm_setting_to_string(NM_SETTING(properties)));
 
        str = get_str(properties->data, "user");
-       if (str)
-       {
-               user = identification_create_from_string(str);
-       }
-       if (!user)
+       if (!str)
        {
                g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-                                   "Username '%s' invalid.", str);
+                                   "Username missing.");
                return FALSE;
        }
+       user = identification_create_from_string(str);
+       if (!user)
+       {       /* fallback to ID_KEY_ID for non-qualified usernames */
+               user = identification_create_from_encoding(ID_KEY_ID,
+                                                                                               chunk_create(str, strlen(str)));
+       }
        address = get_str(properties->data, "address");
        if (!address || !*address)
        {
@@ -220,11 +238,14 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
                                    "Gateway address missing.");
                return FALSE;
        }
+       virtual = get_bool(properties->data, "virtual");
+       encap = get_bool(properties->data, "encap");
+       ipcomp = get_bool(properties->data, "ipcomp");
        
        /**
         * Set up configurations
         */
-       ike_cfg = ike_cfg_create(TRUE, TRUE, "0.0.0.0", address);
+       ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", address);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
        peer_cfg = peer_cfg_create(CONFIG_NAME, 2, ike_cfg, user,
                                        identification_create_from_encoding(ID_ANY, chunk_empty),
@@ -233,13 +254,13 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
                                        18000, 0, /* rekey 5h, reauth none */
                                        600, 600, /* jitter, over 10min */
                                        TRUE, 0, /* mobike, DPD */
-                                       host_create_from_string("0.0.0.0", 0), /* virtual ip */
+                                       virtual ? host_create_from_string("0.0.0.0", 0) : NULL,
                                        NULL, FALSE, NULL, NULL); /* pool, mediation */
        child_cfg = child_cfg_create(CONFIG_NAME,
                                                                 3600, 3000, /* lifetime 1h, rekey 50min */
                                                                 300, /* jitter 5min */
                                                                 NULL, TRUE, MODE_TUNNEL, /* updown, hostaccess */
-                                                                ACTION_NONE, ACTION_NONE, FALSE); /* ipcomp */
+                                                                ACTION_NONE, ACTION_NONE, ipcomp);
        child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
        ts = traffic_selector_create_dynamic(0, 0, 65535);
        child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
index 7133472..67d4c6b 100644 (file)
@@ -26,8 +26,6 @@
 #include <glib/gtypes.h>
 #include <glib-object.h>
 #include <nm-vpn-plugin.h>
-#undef TRUE
-#undef FALSE
 
 #define NM_TYPE_STRONGSWAN_PLUGIN            (nm_strongswan_plugin_get_type ())
 #define NM_STRONGSWAN_PLUGIN(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_STRONGSWAN_PLUGIN, NMSTRONGSWANPlugin))
index 2669be6..251a3eb 100644 (file)
  * General purpose boolean type.
  */
 typedef int bool;
-#define FALSE 0
-#define TRUE  1
+#ifndef FALSE
+# define FALSE 0
+#endif /* FALSE */
+#ifndef TRUE
+# define TRUE  1
+#endif /* TRUE */
 
 typedef enum status_t status_t;