sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity

stroke: Use peer name as namespace for shunt policies

Browse Source 
The same goes for the start-action-job.  When unrouting, we search for
the first policy with a matching child-cfg.
This commit is contained in:
Tobias Brunner 2017-02-08 16:13:32 +01:00
parent 7a0fdbab42
commit 02767e4309
2 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/libcharon/plugins/stroke/stroke_control.c
View File

@ -641,7 +641,8 @@ static void charon_route(peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
mode = child_cfg->get_mode(child_cfg);
if (mode == MODE_PASS || mode == MODE_DROP)
{
if (charon->shunts->install(charon->shunts, NULL, child_cfg))
if (charon->shunts->install(charon->shunts,
peer_cfg->get_name(peer_cfg), child_cfg))
{
fprintf(out, "'%s' shunt %N policy installed\n",
name, ipsec_mode_names, mode);
@ -729,15 +730,30 @@ METHOD(stroke_control_t, route, void,
METHOD(stroke_control_t, unroute, void,
private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
{
child_cfg_t *child_cfg;
child_sa_t *child_sa;
enumerator_t *enumerator;
char *ns, *found = NULL;
uint32_t id = 0;
if (charon->shunts->uninstall(charon->shunts, NULL, msg->unroute.name))
enumerator = charon->shunts->create_enumerator(charon->shunts);
while (enumerator->enumerate(enumerator, &ns, &child_cfg))
{
if (ns && streq(msg->unroute.name, child_cfg->get_name(child_cfg)))
{
found = strdup(ns);
break;
}
}
enumerator->destroy(enumerator);
if (found && charon->shunts->uninstall(charon->shunts, found,
msg->unroute.name))
{
free(found);
fprintf(out, "shunt policy '%s' uninstalled\n", msg->unroute.name);
return;
}
free(found);
enumerator = charon->traps->create_enumerator(charon->traps);
while (enumerator->enumerate(enumerator, NULL, &child_sa))

3
src/libcharon/processing/jobs/start_action_job.c
View File

@ -68,7 +68,8 @@ METHOD(job_t, execute, job_requeue_t,
mode = child_cfg->get_mode(child_cfg);
if (mode == MODE_PASS || mode == MODE_DROP)
{
charon->shunts->install(charon->shunts, NULL,
charon->shunts->install(charon->shunts,
peer_cfg->get_name(peer_cfg),
child_cfg);
}
else