/*
* Преобразование строки даты из Unix-формата в RFC 1036.
* Wdy, DD Mon YY HH:MM:SS *HHMM
* 0 0 0 0
* Wdy Mon DD HH:MM:SS YYYY
*/
static char *ctim2rfc (register char *ct, int tz)
{
if (ct[8] == ' ')
ct[8] = '0';
strcpy (buf, "Wdy, DD Mon YY HH:MM:SS *HHMM");
strncpy (buf, ct, 3); /* Wdy */
strncpy (buf+5, ct+8, 2); /* DD */
strncpy (buf+8, ct+4, 3); /* Mon */
strncpy (buf+15, ct+11, 8); /* HH:MM:SS */
if (ct[20] == '1' || ct[20] == '2')
strncpy (buf+12, ct+22, 2); /* YY */
else {
char *czone;
/* Wdy Mon DD HH:MM:SS DST YYYY */
strncpy (buf+12, ct+26, 2); /* YY */
czone = ct + 20;
tz = getkeyword (&czone, zonetab, KEYSIZE (zonetab));
if (tz == ERROR)
tz = 0;
}
settz (buf, tz);
return (buf);
}
/*
* Преобразование даты в стандарт RFC 1036.
*/
char *rfcdate (char *ctim)
{
#define skip(p) while (*(p)==' ' || *(p)=='\t') ++(p)
int wday, day, mon, year, h, m, s, tz;
skip (ctim);
if (ctim[3]==' ' && ctim[7]==' ' && ctim[10]==' ' &&
ctim[13]==':' && ctim[16]==':' && ctim[19]==' ' &&
(ctim[20]=='1' || ctim[20]=='2' || ctim[24]=='1' || ctim[24]=='2'))
return (ctim2rfc (ctim, 0));
/* [Wdy,] DD Mon YY HH:MM[:SS] TIMEZONE */
if ((*ctim>='A' && *ctim<='Z') || (*ctim>='a' && *ctim<='z')) {
wday = getkeyword (&ctim, daytab, KEYSIZE (daytab));
if (wday == ERROR)
return (0);
if (*ctim == ',')
++ctim;
skip (ctim);
} else
wday = -1;
day = getint (&ctim);
if (day < 0)
return (0);
skip (ctim);
mon = getkeyword (&ctim, monthtab, KEYSIZE (monthtab));
if (mon == ERROR)
return (0);
skip (ctim);
year = getint (&ctim);
if (year < 0)
return (0);
if (year < 70)
year += 2000;
else if (year < 100)
year += 1900;
if (year <= 1981) /* ancient date */
return (0);
skip (ctim);
if (*ctim>='0' && *ctim<='9') {
h = getint (&ctim);
if (h<0 || *ctim!=':')
return (0);
++ctim;
skip (ctim);
m = getint (&ctim);
if (m < 0)
return (0);
if (*ctim == ':') {
++ctim;
skip (ctim);
s = getint (&ctim);
if (s < 0)
return (0);
} else
s = 0;
skip (ctim);
} else {
h = 12;
m = s = 0;
}
if (*ctim=='+' || *ctim=='-') {
int sign = (*ctim == '+');
++ctim;
skip (ctim);
tz = getint (&ctim);
if (tz < 0)
return (0);
tz = tz / 100 * 60 + tz % 100;
if (sign)
tz = -tz;
} else if (*ctim) {
tz = getkeyword (&ctim, zonetab, KEYSIZE (zonetab));
if (tz == ERROR)
return (0);
} else
tz = 0;
if (wday < 0)
wday = weekday (day, mon, year);
sprintf (buf, "%s, %02d %s %02d %02d:%02d:%02d *HHMM",
dayname [wday], day, monthname [mon-1],
year % 100, h, m, s);
settz (buf, tz);
return (buf);
}
Boolean d_sad_fill_default_policy(SshSADHandle sad_handle)
{
if ((sad_handle->default_ike_sa = ssh_ikev2_sa_allocate(sad_handle))
!= NULL)
{
int i;
SshIkev2PayloadSA sa = sad_handle->default_ike_sa;
for (i = 0; i < d_sad_ciphers_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_ENCR,
d_sad_ciphers[i].transform,
KEYSIZE(d_sad_ciphers[i].keylen));
for (i = 0; i < d_sad_prfs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_PRF,
d_sad_prfs[i].transform,
KEYSIZE(d_sad_prfs[i].keylen));
for (i = 0; i < d_sad_integs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_INTEG,
d_sad_integs[i].transform,
KEYSIZE(d_sad_integs[i].keylen));
for (i = 0; i < d_sad_dhs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_D_H,
d_sad_dhs[i].transform, KEYSIZE(d_sad_dhs[i].keylen));
sa->protocol_id[0] = SSH_IKEV2_PROTOCOL_ID_IKE;
}
if ((sad_handle->default_ike_nosa = ssh_ikev2_sa_allocate(sad_handle))
!= NULL)
{
int i;
SshIkev2PayloadSA sa = sad_handle->default_ike_nosa;
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_ENCR,
SSH_IKEV2_TRANSFORM_ENCR_IDEA, 0);
for (i = 0; i < d_sad_prfs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_PRF,
d_sad_prfs[i].transform,
KEYSIZE(d_sad_prfs[i].keylen));
for (i = 0; i < d_sad_integs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_INTEG,
d_sad_integs[i].transform,
KEYSIZE(d_sad_integs[i].keylen));
for (i = 0; i < d_sad_dhs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_D_H,
d_sad_dhs[i].transform, KEYSIZE(d_sad_dhs[i].keylen));
sa->protocol_id[0] = SSH_IKEV2_PROTOCOL_ID_IKE;
}
if ((sad_handle->default_ipsec_sa = ssh_ikev2_sa_allocate(sad_handle))
!= NULL)
{
int i;
SshIkev2PayloadSA sa = sad_handle->default_ipsec_sa;
for (i = 0; i < d_sad_ciphers_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_ENCR,
d_sad_ciphers[i].transform,
KEYSIZE(d_sad_ciphers[i].keylen));
for (i = 0; i < d_sad_integs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_INTEG,
d_sad_integs[i].transform,
KEYSIZE(d_sad_integs[i].keylen));
/* Remove if no ipsec pfs ... */
#if 0
for (i = 0; i < d_sad_dhs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_D_H,
d_sad_dhs[i].transform, KEYSIZE(d_sad_dhs[i].keylen));
#endif
for (i = 0; i < d_sad_esns_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_ESN,
d_sad_esns[i].transform,
KEYSIZE(d_sad_esns[i].keylen));
sa->protocol_id[0] = SSH_IKEV2_PROTOCOL_ID_ESP;
}
if ((sad_handle->default_ipsec_nosa = ssh_ikev2_sa_allocate(sad_handle))
!= NULL)
{
int i;
SshIkev2PayloadSA sa = sad_handle->default_ipsec_nosa;
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_ENCR,
SSH_IKEV2_TRANSFORM_ENCR_IDEA, 0);
for (i = 0; i < d_sad_integs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_INTEG,
d_sad_integs[i].transform,
KEYSIZE(d_sad_integs[i].keylen));
/* Remove if no ipsec pfs ... */
#if 0
for (i = 0; i < d_sad_dhs_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_D_H,
d_sad_dhs[i].transform, KEYSIZE(d_sad_dhs[i].keylen));
#endif
for (i = 0; i < d_sad_esns_num; i++)
ssh_ikev2_sa_add(sa,
0,
SSH_IKEV2_TRANSFORM_TYPE_ESN,
d_sad_esns[i].transform,
KEYSIZE(d_sad_esns[i].keylen));
sa->protocol_id[0] = SSH_IKEV2_PROTOCOL_ID_ESP;
}
return TRUE;
}
