We only throw a warning now instead of rejecting the config.
{ ARG_ENUM, offsetof(starter_config_t, setup.uniqueids), LST_unique },
{ ARG_ENUM, offsetof(starter_config_t, setup.cachecrls), LST_bool },
{ ARG_ENUM, offsetof(starter_config_t, setup.strictcrlpolicy), LST_strict },
+ { ARG_MISC, 0, NULL /* KW_SETUP_DEPRECATED */ },
/* conn section keywords */
{ ARG_STR, offsetof(starter_conn_t, name), NULL },
{ ARG_MISC, 0, NULL /* KW_MARK_IN */ },
{ ARG_MISC, 0, NULL /* KW_MARK_OUT */ },
{ ARG_MISC, 0, NULL /* KW_TFC */ },
+ { ARG_MISC, 0, NULL /* KW_CONN_DEPRECATED */ },
/* ca section keywords */
{ ARG_STR, offsetof(starter_ca_t, name), NULL },
{ ARG_STR, offsetof(starter_ca_t, ocspuri), NULL },
{ ARG_STR, offsetof(starter_ca_t, ocspuri2), NULL },
{ ARG_STR, offsetof(starter_ca_t, certuribase), NULL },
+ { ARG_MISC, 0, NULL /* KW_CA_DEPRECATED */ },
/* end keywords */
{ ARG_STR, offsetof(starter_end_t, host), NULL },
{ ARG_STR, offsetof(starter_end_t, ca), NULL },
{ ARG_STR, offsetof(starter_end_t, ca2), NULL },
{ ARG_STR, offsetof(starter_end_t, groups), NULL },
+ { ARG_MISC, 0, NULL /* KW_END_DEPRECATED */ },
};
static void free_list(char **list)
return TRUE;
}
+/**
+ * Process deprecated keywords
+ */
+static bool is_deprecated(kw_token_t token, kw_list_t *kw, char *name)
+{
+ switch (token)
+ {
+ case KW_SETUP_DEPRECATED:
+ DBG1(DBG_APP, "# deprecated keyword '%s' in config setup",
+ kw->entry->name);
+ break;
+ case KW_CONN_DEPRECATED:
+ case KW_END_DEPRECATED:
+ DBG1(DBG_APP, "# deprecated keyword '%s' in conn '%s'",
+ kw->entry->name, name);
+ break;
+ case KW_CA_DEPRECATED:
+ DBG1(DBG_APP, "# deprecated keyword '%s' in ca '%s'",
+ kw->entry->name, name);
+ break;
+ default:
+ return FALSE;
+ }
+ return TRUE;
+}
+
static void default_values(starter_config_t *cfg)
{
if (cfg == NULL)
continue;
}
+ if (is_deprecated(token, kw, ""))
+ {
+ cfg->non_fatal_err++;
+ continue;
+ }
+
if (!assign_arg(token, KW_SETUP_FIRST, kw, (char *)cfg, &assigned))
{
DBG1(DBG_APP, " bad argument value in config setup");
char *name = kw->entry->name;
char *value = kw->value;
+ if (is_deprecated(token, kw, conn_name))
+ {
+ cfg->non_fatal_err++;
+ return;
+ }
+
if (!assign_arg(token, KW_END_FIRST, kw, (char *)end, &assigned))
goto err;
continue;
}
+ if (is_deprecated(token, kw, conn_name))
+ {
+ cfg->non_fatal_err++;
+ continue;
+ }
+
if (!assign_arg(token, KW_CONN_FIRST, kw, (char *)conn, &assigned))
{
DBG1(DBG_APP, " bad argument value in conn '%s'", conn_name);
continue;
}
+ if (is_deprecated(token, kw, ca_name))
+ {
+ cfg->non_fatal_err++;
+ continue;
+ }
+
if (!assign_arg(token, KW_CA_FIRST, kw, (char *)ca, &assigned))
{
DBG1(DBG_APP, " bad argument value in ca '%s'", ca_name);
KW_UNIQUEIDS,
KW_CACHECRLS,
KW_STRICTCRLPOLICY,
+ KW_SETUP_DEPRECATED,
#define KW_SETUP_FIRST KW_CHARONDEBUG
-#define KW_SETUP_LAST KW_STRICTCRLPOLICY
+#define KW_SETUP_LAST KW_SETUP_DEPRECATED
/* conn section keywords */
KW_CONN_NAME,
KW_MARK_IN,
KW_MARK_OUT,
KW_TFC,
+ KW_CONN_DEPRECATED,
#define KW_CONN_FIRST KW_CONN_SETUP
-#define KW_CONN_LAST KW_TFC
+#define KW_CONN_LAST KW_CONN_DEPRECATED
/* ca section keywords */
KW_CA_NAME,
KW_OCSPURI,
KW_OCSPURI2,
KW_CERTURIBASE,
+ KW_CA_DEPRECATED,
#define KW_CA_FIRST KW_CA_SETUP
-#define KW_CA_LAST KW_CERTURIBASE
+#define KW_CA_LAST KW_CA_DEPRECATED
/* end keywords */
KW_HOST,
KW_CA,
KW_CA2,
KW_GROUPS,
+ KW_END_DEPRECATED,
#define KW_END_FIRST KW_HOST
-#define KW_END_LAST KW_GROUPS
+#define KW_END_LAST KW_END_DEPRECATED
/* left end keywords */
KW_LEFT,
KW_LEFTCA,
KW_LEFTCA2,
KW_LEFTGROUPS,
+ KW_LEFT_DEPRECATED,
#define KW_LEFT_FIRST KW_LEFT
-#define KW_LEFT_LAST KW_LEFTGROUPS
+#define KW_LEFT_LAST KW_LEFT_DEPRECATED
/* right end keywords */
KW_RIGHT,
KW_RIGHTCA,
KW_RIGHTCA2,
KW_RIGHTGROUPS,
+ KW_RIGHT_DEPRECATED,
#define KW_RIGHT_FIRST KW_RIGHT
-#define KW_RIGHT_LAST KW_RIGHTGROUPS
+#define KW_RIGHT_LAST KW_RIGHT_DEPRECATED
/* general section keywords */
KW_ALSO,
- KW_AUTO
+ KW_AUTO,
} kw_token_t;
kw_token_t token;
};
%%
+# regular keywords
charondebug, KW_CHARONDEBUG
uniqueids, KW_UNIQUEIDS
cachecrls, KW_CACHECRLS
rightgroups, KW_RIGHTGROUPS
also, KW_ALSO
auto, KW_AUTO
+# deprecated/removed keywords
+interfaces, KW_SETUP_DEPRECATED
+dumpdir, KW_SETUP_DEPRECATED
+charonstart, KW_SETUP_DEPRECATED
+plutostart, KW_SETUP_DEPRECATED
+klipsdebug, KW_SETUP_DEPRECATED
+plutodebug, KW_SETUP_DEPRECATED
+prepluto, KW_SETUP_DEPRECATED
+postpluto, KW_SETUP_DEPRECATED
+plutostderrlog, KW_SETUP_DEPRECATED
+fragicmp, KW_SETUP_DEPRECATED
+packetdefault, KW_SETUP_DEPRECATED
+hidetos, KW_SETUP_DEPRECATED
+overridemtu, KW_SETUP_DEPRECATED
+crlcheckinterval, KW_SETUP_DEPRECATED
+nocrsend, KW_SETUP_DEPRECATED
+nat_traversal, KW_SETUP_DEPRECATED
+keep_alive, KW_SETUP_DEPRECATED
+force_keepalive, KW_SETUP_DEPRECATED
+virtual_private, KW_SETUP_DEPRECATED
+pkcs11module, KW_SETUP_DEPRECATED
+pkcs11initargs, KW_SETUP_DEPRECATED
+pkcs11keepstate, KW_SETUP_DEPRECATED
+pkcs11proxy, KW_SETUP_DEPRECATED
+pfs, KW_CONN_DEPRECATED
+pfsgroup, KW_CONN_DEPRECATED
+eap, KW_CONN_DEPRECATED
+leftnexthop, KW_LEFT_DEPRECATED
+leftsubnetwithin, KW_LEFT_DEPRECATED
+rightnexthop, KW_RIGHT_DEPRECATED
+rightsubnetwithin, KW_RIGHT_DEPRECATED
projects / strongswan.git / commitdiff