sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity

configuration of DNS server assignment via strongswan.conf

Browse Source
This commit is contained in:
Andreas Steffen 2009-02-12 09:02:15 +00:00
parent 6f1271855b
commit 48f9a22b57
3 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/charon/sa/tasks/ike_config.c
View File

@ -21,6 +21,9 @@
#include <daemon.h> #include <daemon.h>
#include <encoding/payloads/cp_payload.h> #include <encoding/payloads/cp_payload.h>
#define DNS_SERVER_MAX 2
#define NBNS_SERVER_MAX 2
typedef struct private_ike_config_t private_ike_config_t; typedef struct private_ike_config_t private_ike_config_t;
/** /**
@ -351,7 +354,7 @@ static status_t process_i(private_ike_config_t *this, message_t *message)
process_payloads(this, message); process_payloads(this, message);
if (this->virtual_ip == NULL) if (this->virtual_ip == NULL)
{ /* force a configured virtual IP, even server didn't return one */ { /* force a configured virtual IP, even if server didn't return one */
config = this->ike_sa->get_peer_cfg(this->ike_sa); config = this->ike_sa->get_peer_cfg(this->ike_sa);
this->virtual_ip = config->get_virtual_ip(config); this->virtual_ip = config->get_virtual_ip(config);
if (this->virtual_ip) if (this->virtual_ip)
@ -420,6 +423,11 @@ ike_config_t *ike_config_create(ike_sa_t *ike_sa, bool initiator)
this->public.task.migrate = (void(*)(task_t*,ike_sa_t*))migrate; this->public.task.migrate = (void(*)(task_t*,ike_sa_t*))migrate;
this->public.task.destroy = (void(*)(task_t*))destroy; this->public.task.destroy = (void(*)(task_t*))destroy;
this->initiator = initiator;
this->ike_sa = ike_sa;
this->virtual_ip = NULL;
this->dns = linked_list_create();
if (initiator) if (initiator)
{ {
this->public.task.build = (status_t(*)(task_t*,message_t*))build_i; this->public.task.build = (status_t(*)(task_t*,message_t*))build_i;
@ -427,13 +435,28 @@ ike_config_t *ike_config_create(ike_sa_t *ike_sa, bool initiator)
} }
else else
{ {
int i;
for (i = 1; i <= DNS_SERVER_MAX; i++)
{
char dns_key[12], *dns_str;
snprintf(dns_key, sizeof(dns_key), "charon.dns%d", i);
dns_str = lib->settings->get_str(lib->settings, dns_key, NULL);
if (dns_str)
{
host_t *dns = host_create_from_string(dns_str, 0);
if (dns)
{
DBG2(DBG_CFG, "assigning DNS server %H to peer", dns);
this->dns->insert_last(this->dns, dns);
}
}
}
this->public.task.build = (status_t(*)(task_t*,message_t*))build_r; this->public.task.build = (status_t(*)(task_t*,message_t*))build_r;
this->public.task.process = (status_t(*)(task_t*,message_t*))process_r; this->public.task.process = (status_t(*)(task_t*,message_t*))process_r;
} }
this->initiator = initiator;
this->ike_sa = ike_sa;
this->virtual_ip = NULL;
this->dns = linked_list_create();
return &this->public; return &this->public;
} }

2
testing/tests/ikev2/config-payload/evaltest.dat
View File

@ -1,6 +1,8 @@
carol::cat /var/log/daemon.log::installing new virtual IP PH_IP_CAROL1::YES carol::cat /var/log/daemon.log::installing new virtual IP PH_IP_CAROL1::YES
carol::ip addr list dev eth0::PH_IP_CAROL1::YES carol::ip addr list dev eth0::PH_IP_CAROL1::YES
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
carol::cat /etc/resolv.conf::nameserver PH_IP_WINNETOU::YES
carol::cat /etc/resolv.conf::nameserver PH_IP_BOB::YES
carol::ipsec status::home.*INSTALLED::YES carol::ipsec status::home.*INSTALLED::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES

2
testing/tests/ikev2/config-payload/hosts/moon/etc/strongswan.conf
View File

@ -2,4 +2,6 @@
charon { charon {
load = curl aes des sha1 sha2 md5 gmp random x509 pubkey hmac xcbc stroke kernel-netlink updown load = curl aes des sha1 sha2 md5 gmp random x509 pubkey hmac xcbc stroke kernel-netlink updown
dns1 = PH_IP_WINNETOU
dns2 = PH_IP_BOB
} }