Added a "aggressive" ipsec.conf connection option
authorMartin Willi <martin@revosec.ch>
Mon, 9 Jan 2012 16:44:43 +0000 (17:44 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:34 +0000 (17:31 +0100)
src/libcharon/plugins/stroke/stroke_config.c
src/starter/args.c
src/starter/confread.h
src/starter/keywords.h
src/starter/keywords.txt
src/starter/starterstroke.c
src/stroke/stroke_msg.h

index e39233b..bc2518a 100644 (file)
@@ -689,7 +689,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
                msg->add_conn.version, ike_cfg,
                msg->add_conn.me.sendcert, unique,
                msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
-               msg->add_conn.mobike, FALSE, msg->add_conn.dpd.delay,
+               msg->add_conn.mobike, msg->add_conn.aggressive, msg->add_conn.dpd.delay,
                vip, msg->add_conn.other.sourceip_mask ?
                                                        msg->add_conn.name : msg->add_conn.other.sourceip,
                msg->add_conn.ikeme.mediation, mediated_by, peer_id);
index 65d0a75..88133dd 100644 (file)
@@ -204,6 +204,7 @@ static const token_info_t token_info[] =
        { ARG_MISC, 0, NULL  /* KW_PFS */                                              },
        { ARG_MISC, 0, NULL  /* KW_COMPRESS */                                         },
        { ARG_ENUM, offsetof(starter_conn_t, install_policy), LST_bool                 },
+       { ARG_ENUM, offsetof(starter_conn_t, aggressive), LST_bool                     },
        { ARG_MISC, 0, NULL  /* KW_AUTH */                                             },
        { ARG_MISC, 0, NULL  /* KW_AUTHBY */                                           },
        { ARG_MISC, 0, NULL  /* KW_EAP */                                              },
index 47bd846..25f37e6 100644 (file)
@@ -132,6 +132,7 @@ struct starter_conn {
                sa_family_t     addr_family;
                sa_family_t     tunnel_addr_family;
                bool            install_policy;
+               bool            aggressive;
                starter_end_t   left, right;
 
                unsigned long   id;
index 02be919..71e31e9 100644 (file)
@@ -67,6 +67,7 @@ typedef enum {
        KW_PFS,
        KW_COMPRESS,
        KW_INSTALLPOLICY,
+       KW_AGGRESSIVE,
        KW_AUTH,
        KW_AUTHBY,
        KW_EAP,
index 548fa2f..bd1f930 100644 (file)
@@ -61,6 +61,7 @@ type,              KW_TYPE
 pfs,               KW_PFS
 compress,          KW_COMPRESS
 installpolicy,     KW_INSTALLPOLICY
+aggressive,        KW_AGGRESSIVE
 auth,              KW_AUTH
 authby,            KW_AUTHBY
 keylife,           KW_KEYLIFE
index c4d9fa2..9fbfffc 100644 (file)
@@ -265,6 +265,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
        msg.add_conn.force_encap = (conn->policy & POLICY_FORCE_ENCAP) != 0;
        msg.add_conn.ipcomp = (conn->policy & POLICY_COMPRESS) != 0;
        msg.add_conn.install_policy = conn->install_policy;
+       msg.add_conn.aggressive = conn->aggressive;
        msg.add_conn.crl_policy = cfg->setup.strictcrlpolicy;
        msg.add_conn.unique = cfg->setup.uniqueids;
        msg.add_conn.algorithms.ike = push_string(&msg, conn->ike);
index af566b9..825228e 100644 (file)
@@ -249,6 +249,7 @@ struct stroke_msg_t {
                        char *xauth_identity;
                        int mode;
                        int mobike;
+                       int aggressive;
                        int force_encap;
                        int ipcomp;
                        time_t inactivity;