/*
* parse a conn section
*/
static void load_conn(starter_conn_t *conn, starter_config_t *cfg,
conf_parser_t *parser)
{
enumerator_t *enumerator;
dictionary_t *dict;
const kw_entry_t *entry;
kw_token_t token;
char *key, *value;
DBG2(DBG_APP, "Loading conn '%s'", conn->name);
dict = parser->get_section(parser, CONF_PARSER_CONN, conn->name);
if (!dict)
{
return;
}
enumerator = dict->create_enumerator(dict);
while (enumerator->enumerate(enumerator, &key, &value))
{
bool assigned = FALSE;
entry = in_word_set(key, strlen(key));
if (!entry)
{
DBG1(DBG_APP, "# unknown keyword '%s'", key);
cfg->non_fatal_err++;
continue;
}
token = entry->token;
if (token >= KW_LEFT_FIRST && token <= KW_LEFT_LAST)
{
kw_end(conn, &conn->left, token - KW_LEFT_FIRST + KW_END_FIRST,
key, value, cfg);
continue;
}
else if (token >= KW_RIGHT_FIRST && token <= KW_RIGHT_LAST)
{
kw_end(conn, &conn->right, token - KW_RIGHT_FIRST + KW_END_FIRST,
key, value, cfg);
continue;
}
if (token == KW_AUTO)
{
token = KW_CONN_SETUP;
}
if (token < KW_CONN_FIRST || token > KW_CONN_LAST)
{
DBG1(DBG_APP, "# unsupported keyword '%s' in conn '%s'",
key, conn->name);
cfg->err++;
continue;
}
if (is_deprecated(token, key, conn->name))
{
cfg->non_fatal_err++;
continue;
}
if (!assign_arg(token, KW_CONN_FIRST, key, value, conn,
&assigned))
{
DBG1(DBG_APP, " bad argument value in conn '%s'", conn->name);
cfg->err++;
continue;
}
if (!assigned)
{
handle_keyword(token, conn, key, value, cfg);
}
}
enumerator->destroy(enumerator);
dict->destroy(dict);
handle_firewall("left", &conn->left, cfg);
handle_firewall("right", &conn->right, cfg);
}
/*
* parse a conn section
*/
static void load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg)
{
char *conn_name = (conn->name == NULL)? "%default":conn->name;
for ( ; kw; kw = kw->next)
{
bool assigned = FALSE;
kw_token_t token = kw->entry->token;
if (token >= KW_LEFT_FIRST && token <= KW_LEFT_LAST)
{
kw_end(conn, &conn->left, token - KW_LEFT_FIRST + KW_END_FIRST
, kw, conn_name, cfg);
continue;
}
else if (token >= KW_RIGHT_FIRST && token <= KW_RIGHT_LAST)
{
kw_end(conn, &conn->right, token - KW_RIGHT_FIRST + KW_END_FIRST
, kw, conn_name, cfg);
continue;
}
if (token == KW_AUTO)
{
token = KW_CONN_SETUP;
}
else if (token == KW_ALSO)
{
if (cfg->parse_also)
{
also_t *also = malloc_thing(also_t);
also->name = strdupnull(kw->value);
also->next = conn->also;
conn->also = also;
DBG2(DBG_APP, " also=%s", kw->value);
}
continue;
}
if (token < KW_CONN_FIRST || token > KW_CONN_LAST)
{
DBG1(DBG_APP, "# unsupported keyword '%s' in conn '%s'",
kw->entry->name, conn_name);
cfg->err++;
continue;
}
if (is_deprecated(token, kw, conn_name))
{
cfg->non_fatal_err++;
continue;
}
if (!assign_arg(token, KW_CONN_FIRST, kw, (char *)conn, &assigned))
{
DBG1(DBG_APP, " bad argument value in conn '%s'", conn_name);
cfg->err++;
continue;
}
if (assigned)
continue;
switch (token)
{
case KW_TYPE:
conn->mode = MODE_TRANSPORT;
conn->proxy_mode = FALSE;
if (streq(kw->value, "tunnel"))
{
conn->mode = MODE_TUNNEL;
}
else if (streq(kw->value, "beet"))
{
conn->mode = MODE_BEET;
}
else if (streq(kw->value, "transport_proxy"))
{
conn->mode = MODE_TRANSPORT;
conn->proxy_mode = TRUE;
}
else if (streq(kw->value, "passthrough") || streq(kw->value, "pass"))
{
conn->mode = MODE_PASS;
}
else if (streq(kw->value, "drop") || streq(kw->value, "reject"))
{
conn->mode = MODE_DROP;
}
else if (!streq(kw->value, "transport"))
{
DBG1(DBG_APP, "# bad policy value: %s=%s", kw->entry->name,
kw->value);
cfg->err++;
}
break;
case KW_COMPRESS:
KW_SA_OPTION_FLAG("yes", "no", SA_OPTION_COMPRESS)
break;
case KW_AUTH:
KW_SA_OPTION_FLAG("ah", "esp", SA_OPTION_AUTHENTICATE)
break;
case KW_MARK:
if (!handle_mark(kw->value, &conn->mark_in))
{
cfg->err++;
break;
}
conn->mark_out = conn->mark_in;
break;
case KW_MARK_IN:
if (!handle_mark(kw->value, &conn->mark_in))
{
cfg->err++;
}
break;
case KW_MARK_OUT:
if (!handle_mark(kw->value, &conn->mark_out))
{
cfg->err++;
}
break;
case KW_TFC:
if (streq(kw->value, "%mtu"))
{
conn->tfc = -1;
}
else
{
char *endptr;
conn->tfc = strtoul(kw->value, &endptr, 10);
if (*endptr != '\0')
{
DBG1(DBG_APP, "# bad integer value: %s=%s", kw->entry->name,
kw->value);
cfg->err++;
}
}
break;
case KW_KEYINGTRIES:
if (streq(kw->value, "%forever"))
{
conn->sa_keying_tries = 0;
}
else
{
char *endptr;
conn->sa_keying_tries = strtoul(kw->value, &endptr, 10);
if (*endptr != '\0')
{
DBG1(DBG_APP, "# bad integer value: %s=%s", kw->entry->name,
kw->value);
cfg->err++;
}
}
break;
case KW_REKEY:
KW_SA_OPTION_FLAG("no", "yes", SA_OPTION_DONT_REKEY)
break;
case KW_REAUTH:
KW_SA_OPTION_FLAG("no", "yes", SA_OPTION_DONT_REAUTH)
break;
case KW_MOBIKE:
KW_SA_OPTION_FLAG("yes", "no", SA_OPTION_MOBIKE)
break;
case KW_FORCEENCAPS:
KW_SA_OPTION_FLAG("yes", "no", SA_OPTION_FORCE_ENCAP)
break;
case KW_MODECONFIG:
KW_SA_OPTION_FLAG("push", "pull", SA_OPTION_MODECFG_PUSH)
break;
case KW_XAUTH:
KW_SA_OPTION_FLAG("server", "client", SA_OPTION_XAUTH_SERVER)
break;
default:
break;
}
}
handle_firewall("left", &conn->left, cfg);
handle_firewall("right", &conn->right, cfg);
}