Add a left/rightdns keyword to configure connection specific DNS attributes
authorMartin Willi <martin@revosec.ch>
Tue, 31 Jul 2012 08:00:57 +0000 (10:00 +0200)
committerMartin Willi <martin@revosec.ch>
Tue, 21 Aug 2012 07:38:00 +0000 (09:38 +0200)
src/libcharon/plugins/stroke/stroke_socket.c
src/starter/args.c
src/starter/confread.h
src/starter/keywords.h
src/starter/keywords.txt
src/starter/starterstroke.c
src/stroke/stroke_msg.h

index 6bf65cc..427a5e8 100644 (file)
@@ -171,6 +171,7 @@ static void pop_end(stroke_msg_t *msg, const char* label, stroke_end_t *end)
        pop_string(msg, &end->address);
        pop_string(msg, &end->subnets);
        pop_string(msg, &end->sourceip);
+       pop_string(msg, &end->dns);
        pop_string(msg, &end->auth);
        pop_string(msg, &end->auth2);
        pop_string(msg, &end->id);
@@ -188,6 +189,7 @@ static void pop_end(stroke_msg_t *msg, const char* label, stroke_end_t *end)
        DBG2(DBG_CFG, "  %s=%s", label, end->address);
        DBG2(DBG_CFG, "  %ssubnet=%s", label, end->subnets);
        DBG2(DBG_CFG, "  %ssourceip=%s", label, end->sourceip);
+       DBG2(DBG_CFG, "  %sdns=%s", label, end->dns);
        DBG2(DBG_CFG, "  %sauth=%s", label, end->auth);
        DBG2(DBG_CFG, "  %sauth2=%s", label, end->auth2);
        DBG2(DBG_CFG, "  %sid=%s", label, end->id);
index 640cc43..13ffec6 100644 (file)
@@ -186,6 +186,7 @@ static const token_info_t token_info[] =
        { ARG_STR,  offsetof(starter_end_t, subnet), NULL                              },
        { ARG_MISC, 0, NULL  /* KW_PROTOPORT */                                        },
        { ARG_STR,  offsetof(starter_end_t, sourceip), NULL                            },
+       { ARG_STR,  offsetof(starter_end_t, dns), NULL                                 },
        { ARG_MISC, 0, NULL  /* KW_NATIP */                                            },
        { ARG_ENUM, offsetof(starter_end_t, firewall), LST_bool                        },
        { ARG_ENUM, offsetof(starter_end_t, hostaccess), LST_bool                      },
index 0c28422..55022ff 100644 (file)
@@ -113,6 +113,7 @@ struct starter_end {
                u_int8_t        protocol;
                char            *sourceip;
                int                             sourceip_mask;
+               char            *dns;
 };
 
 typedef struct also also_t;
index bd9affe..96609e1 100644 (file)
@@ -97,6 +97,7 @@ typedef enum {
        KW_SUBNET,
        KW_PROTOPORT,
        KW_SOURCEIP,
+       KW_DNS,
        KW_NATIP,
        KW_FIREWALL,
        KW_HOSTACCESS,
@@ -126,6 +127,7 @@ typedef enum {
        KW_LEFTSUBNET,
        KW_LEFTPROTOPORT,
        KW_LEFTSOURCEIP,
+       KW_LEFTDNS,
        KW_LEFTNATIP,
        KW_LEFTFIREWALL,
        KW_LEFTHOSTACCESS,
@@ -155,6 +157,7 @@ typedef enum {
        KW_RIGHTSUBNET,
        KW_RIGHTPROTOPORT,
        KW_RIGHTSOURCEIP,
+       KW_RIGHTDNS,
        KW_RIGHTNATIP,
        KW_RIGHTFIREWALL,
        KW_RIGHTHOSTACCESS,
index 30d89f9..f4d1f47 100644 (file)
@@ -85,6 +85,7 @@ leftsubnet,        KW_LEFTSUBNET
 leftsubnetwithin,  KW_LEFTSUBNET
 leftprotoport,     KW_LEFTPROTOPORT
 leftsourceip,      KW_LEFTSOURCEIP
+leftdns,           KW_LEFTDNS
 leftnatip,         KW_LEFTNATIP
 leftfirewall,      KW_LEFTFIREWALL
 lefthostaccess,    KW_LEFTHOSTACCESS
@@ -109,6 +110,7 @@ rightsubnet,       KW_RIGHTSUBNET
 rightsubnetwithin, KW_RIGHTSUBNET
 rightprotoport,    KW_RIGHTPROTOPORT
 rightsourceip,     KW_RIGHTSOURCEIP
+rightdns,          KW_RIGHTDNS
 rightnatip,        KW_RIGHTNATIP
 rightfirewall,     KW_RIGHTFIREWALL
 righthostaccess,   KW_RIGHTHOSTACCESS
index 0fbc5d2..79bb0ba 100644 (file)
@@ -141,6 +141,7 @@ static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, sta
        msg_end->subnets = push_string(msg, conn_end->subnet);
        msg_end->sourceip = push_string(msg, conn_end->sourceip);
        msg_end->sourceip_mask = conn_end->sourceip_mask;
+       msg_end->dns = push_string(msg, conn_end->dns);
        msg_end->sendcert = conn_end->sendcert;
        msg_end->hostaccess = conn_end->hostaccess;
        msg_end->tohost = !conn_end->subnet;
index 95de7d6..c941aaf 100644 (file)
@@ -159,6 +159,7 @@ struct stroke_end_t {
        u_int16_t ikeport;
        char *sourceip;
        int sourceip_mask;
+       char *dns;
        char *subnets;
        int sendcert;
        int hostaccess;