![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to args.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / starter|
Return to args.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / starter |
1.1 misho 1: /*
2: * Copyright (C) 2014 Tobias Brunner
3: * Copyright (C) 2006 Andreas Steffen
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: #include <stddef.h>
18: #include <stdlib.h>
19: #include <string.h>
20:
21: #include <library.h>
22: #include <utils/debug.h>
23:
24: #include "confread.h"
25: #include "args.h"
26:
27: /* argument types */
28:
29: typedef enum {
30: ARG_NONE,
31: ARG_ENUM,
32: ARG_UINT,
33: ARG_TIME,
34: ARG_ULNG,
35: ARG_ULLI,
36: ARG_UBIN,
37: ARG_PCNT,
38: ARG_STR,
39: ARG_MISC
40: } arg_t;
41:
42: /* various keyword lists */
43:
44: static const char *LST_bool[] = {
45: "no",
46: "yes",
47: NULL
48: };
49:
50: static const char *LST_sendcert[] = {
51: "always",
52: "ifasked",
53: "never",
54: "yes",
55: "no",
56: NULL
57: };
58:
59: static const char *LST_unique[] = {
60: "no",
61: "yes",
62: "replace",
63: "keep",
64: "never",
65: NULL
66: };
67:
68: static const char *LST_strict[] = {
69: "no",
70: "yes",
71: "ifuri",
72: NULL
73: };
74: static const char *LST_dpd_action[] = {
75: "none",
76: "clear",
77: "hold",
78: "restart",
79: NULL
80: };
81:
82: static const char *LST_startup[] = {
83: "ignore",
84: "add",
85: "route",
86: "start",
87: NULL
88: };
89:
90: static const char *LST_keyexchange[] = {
91: "ike",
92: "ikev1",
93: "ikev2",
94: NULL
95: };
96:
97: static const char *LST_authby[] = {
98: "psk",
99: "secret",
100: "pubkey",
101: "rsa",
102: "rsasig",
103: "ecdsa",
104: "ecdsasig",
105: "xauthpsk",
106: "xauthrsasig",
107: "never",
108: NULL
109: };
110:
111: static const char *LST_fragmentation[] = {
112: "no",
113: "accept",
114: "yes",
115: "force",
116: NULL
117: };
118:
119: typedef struct {
120: arg_t type;
121: size_t offset;
122: const char **list;
123: } token_info_t;
124:
125: static const token_info_t token_info[] =
126: {
127: /* config setup keywords */
128: { ARG_STR, offsetof(starter_config_t, setup.charondebug), NULL },
129: { ARG_ENUM, offsetof(starter_config_t, setup.uniqueids), LST_unique },
130: { ARG_ENUM, offsetof(starter_config_t, setup.cachecrls), LST_bool },
131: { ARG_ENUM, offsetof(starter_config_t, setup.strictcrlpolicy), LST_strict },
132: { ARG_MISC, 0, NULL /* KW_PKCS11_DEPRECATED */ },
133: { ARG_MISC, 0, NULL /* KW_SETUP_DEPRECATED */ },
134:
135: /* conn section keywords */
136: { ARG_STR, offsetof(starter_conn_t, name), NULL },
137: { ARG_ENUM, offsetof(starter_conn_t, startup), LST_startup },
138: { ARG_ENUM, offsetof(starter_conn_t, keyexchange), LST_keyexchange },
139: { ARG_MISC, 0, NULL /* KW_TYPE */ },
140: { ARG_MISC, 0, NULL /* KW_COMPRESS */ },
141: { ARG_ENUM, offsetof(starter_conn_t, install_policy), LST_bool },
142: { ARG_ENUM, offsetof(starter_conn_t, aggressive), LST_bool },
143: { ARG_STR, offsetof(starter_conn_t, authby), LST_authby },
144: { ARG_STR, offsetof(starter_conn_t, eap_identity), NULL },
145: { ARG_STR, offsetof(starter_conn_t, aaa_identity), NULL },
146: { ARG_MISC, 0, NULL /* KW_MOBIKE */ },
147: { ARG_MISC, 0, NULL /* KW_FORCEENCAPS */ },
148: { ARG_ENUM, offsetof(starter_conn_t, fragmentation), LST_fragmentation },
149: { ARG_UBIN, offsetof(starter_conn_t, ikedscp), NULL },
150: { ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL },
151: { ARG_TIME, offsetof(starter_conn_t, sa_ipsec_life_seconds), NULL },
152: { ARG_TIME, offsetof(starter_conn_t, sa_rekey_margin), NULL },
153: { ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_life_bytes), NULL },
154: { ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_margin_bytes), NULL },
155: { ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_life_packets), NULL },
156: { ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_margin_packets), NULL },
157: { ARG_MISC, 0, NULL /* KW_KEYINGTRIES */ },
158: { ARG_PCNT, offsetof(starter_conn_t, sa_rekey_fuzz), NULL },
159: { ARG_MISC, 0, NULL /* KW_REKEY */ },
160: { ARG_MISC, 0, NULL /* KW_REAUTH */ },
161: { ARG_STR, offsetof(starter_conn_t, ike), NULL },
162: { ARG_STR, offsetof(starter_conn_t, esp), NULL },
163: { ARG_STR, offsetof(starter_conn_t, ah), NULL },
164: { ARG_TIME, offsetof(starter_conn_t, dpd_delay), NULL },
165: { ARG_TIME, offsetof(starter_conn_t, dpd_timeout), NULL },
166: { ARG_ENUM, offsetof(starter_conn_t, dpd_action), LST_dpd_action },
167: { ARG_ENUM, offsetof(starter_conn_t, close_action), LST_dpd_action },
168: { ARG_ENUM, offsetof(starter_conn_t, sha256_96), LST_bool },
169: { ARG_TIME, offsetof(starter_conn_t, inactivity), NULL },
170: { ARG_MISC, 0, NULL /* KW_MODECONFIG */ },
171: { ARG_MISC, 0, NULL /* KW_XAUTH */ },
172: { ARG_STR, offsetof(starter_conn_t, xauth_identity), NULL },
173: { ARG_ENUM, offsetof(starter_conn_t, me_mediation), LST_bool },
174: { ARG_STR, offsetof(starter_conn_t, me_mediated_by), NULL },
175: { ARG_STR, offsetof(starter_conn_t, me_peerid), NULL },
176: { ARG_UINT, offsetof(starter_conn_t, reqid), NULL },
177: { ARG_UINT, offsetof(starter_conn_t, replay_window), NULL },
178: { ARG_MISC, 0, NULL /* KW_MARK */ },
179: { ARG_MISC, 0, NULL /* KW_MARK_IN */ },
180: { ARG_MISC, 0, NULL /* KW_MARK_OUT */ },
181: { ARG_MISC, 0, NULL /* KW_TFC */ },
182: { ARG_MISC, 0, NULL /* KW_PFS_DEPRECATED */ },
183: { ARG_MISC, 0, NULL /* KW_CONN_DEPRECATED */ },
184:
185: /* ca section keywords */
186: { ARG_STR, offsetof(starter_ca_t, name), NULL },
187: { ARG_ENUM, offsetof(starter_ca_t, startup), LST_startup },
188: { ARG_STR, offsetof(starter_ca_t, cacert), NULL },
189: { ARG_STR, offsetof(starter_ca_t, crluri), NULL },
190: { ARG_STR, offsetof(starter_ca_t, crluri2), NULL },
191: { ARG_STR, offsetof(starter_ca_t, ocspuri), NULL },
192: { ARG_STR, offsetof(starter_ca_t, ocspuri2), NULL },
193: { ARG_STR, offsetof(starter_ca_t, certuribase), NULL },
194: { ARG_MISC, 0, NULL /* KW_CA_DEPRECATED */ },
195:
196: /* end keywords */
197: { ARG_STR, offsetof(starter_end_t, host), NULL },
198: { ARG_UINT, offsetof(starter_end_t, ikeport), NULL },
199: { ARG_STR, offsetof(starter_end_t, subnet), NULL },
200: { ARG_MISC, 0, NULL /* KW_PROTOPORT */ },
201: { ARG_STR, offsetof(starter_end_t, sourceip), NULL },
202: { ARG_STR, offsetof(starter_end_t, dns), NULL },
203: { ARG_ENUM, offsetof(starter_end_t, firewall), LST_bool },
204: { ARG_ENUM, offsetof(starter_end_t, hostaccess), LST_bool },
205: { ARG_ENUM, offsetof(starter_end_t, allow_any), LST_bool },
206: { ARG_STR, offsetof(starter_end_t, updown), NULL },
207: { ARG_STR, offsetof(starter_end_t, auth), NULL },
208: { ARG_STR, offsetof(starter_end_t, auth2), NULL },
209: { ARG_STR, offsetof(starter_end_t, id), NULL },
210: { ARG_STR, offsetof(starter_end_t, id2), NULL },
211: { ARG_STR, offsetof(starter_end_t, rsakey), NULL },
212: { ARG_STR, offsetof(starter_end_t, cert), NULL },
213: { ARG_STR, offsetof(starter_end_t, cert2), NULL },
214: { ARG_STR, offsetof(starter_end_t, cert_policy), NULL },
215: { ARG_ENUM, offsetof(starter_end_t, sendcert), LST_sendcert },
216: { ARG_STR, offsetof(starter_end_t, ca), NULL },
217: { ARG_STR, offsetof(starter_end_t, ca2), NULL },
218: { ARG_STR, offsetof(starter_end_t, groups), NULL },
219: { ARG_STR, offsetof(starter_end_t, groups2), NULL },
220: { ARG_MISC, 0, NULL /* KW_END_DEPRECATED */ },
221: };
222:
223: /*
224: * assigns an argument value to a struct field
225: */
226: bool assign_arg(kw_token_t token, kw_token_t first, char *key, char *value,
227: void *base, bool *assigned)
228: {
229: char *p = (char*)base + token_info[token].offset;
230: const char **list = token_info[token].list;
231: int index = -1; /* used for enumeration arguments */
232:
233: *assigned = FALSE;
234:
235: DBG3(DBG_APP, " %s=%s", key, value);
236:
237: /* is there a keyword list? */
238: if (list != NULL)
239: {
240: bool match = FALSE;
241:
242: while (*list != NULL && !match)
243: {
244: index++;
245: match = streq(value, *list++);
246: }
247: if (!match)
248: {
249: DBG1(DBG_APP, "# bad value: %s=%s", key, value);
250: return FALSE;
251: }
252: }
253:
254: switch (token_info[token].type)
255: {
256: case ARG_NONE:
257: DBG1(DBG_APP, "# option '%s' not supported yet", key);
258: return FALSE;
259: case ARG_ENUM:
260: {
261: if (index < 0)
262: {
263: DBG1(DBG_APP, "# bad enumeration value: %s=%s (%d)",
264: key, value, index);
265: return FALSE;
266: }
267:
268: if (token_info[token].list == LST_bool)
269: {
270: bool *b = (bool *)p;
271: *b = (index > 0);
272: }
273: else
274: { /* FIXME: this is not entirely correct as the args are enums */
275: int *i = (int *)p;
276: *i = index;
277: }
278: break;
279: }
280: case ARG_UINT:
281: {
282: char *endptr;
283: u_int *u = (u_int *)p;
284:
285: *u = strtoul(value, &endptr, 10);
286:
287: if (*endptr != '\0')
288: {
289: DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
290: return FALSE;
291: }
292: break;
293: }
294: case ARG_ULNG:
295: case ARG_PCNT:
296: {
297: char *endptr;
298: unsigned long *l = (unsigned long *)p;
299:
300: *l = strtoul(value, &endptr, 10);
301:
302: if (token_info[token].type == ARG_ULNG)
303: {
304: if (*endptr != '\0')
305: {
306: DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
307: return FALSE;
308: }
309: }
310: else
311: {
312: if ((*endptr != '%') || (endptr[1] != '\0') || endptr == value)
313: {
314: DBG1(DBG_APP, "# bad percent value: %s=%s", key, value);
315: return FALSE;
316: }
317: }
318: break;
319: }
320: case ARG_ULLI:
321: {
322: char *endptr;
323: unsigned long long *ll = (unsigned long long *)p;
324:
325: *ll = strtoull(value, &endptr, 10);
326:
327: if (*endptr != '\0')
328: {
329: DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
330: return FALSE;
331: }
332: break;
333: }
334: case ARG_UBIN:
335: {
336: char *endptr;
337: u_int *u = (u_int *)p;
338:
339: *u = strtoul(value, &endptr, 2);
340:
341: if (*endptr != '\0')
342: {
343: DBG1(DBG_APP, "# bad binary value: %s=%s", key, value);
344: return FALSE;
345: }
346: break;
347: }
348: case ARG_TIME:
349: {
350: char *endptr;
351: time_t *t = (time_t *)p;
352:
353: *t = strtoul(value, &endptr, 10);
354:
355: /* time in seconds? */
356: if (*endptr == '\0' || (*endptr == 's' && endptr[1] == '\0'))
357: {
358: break;
359: }
360: if (endptr[1] == '\0')
361: {
362: if (*endptr == 'm') /* time in minutes? */
363: {
364: *t *= 60;
365: break;
366: }
367: if (*endptr == 'h') /* time in hours? */
368: {
369: *t *= 3600;
370: break;
371: }
372: if (*endptr == 'd') /* time in days? */
373: {
374: *t *= 3600*24;
375: break;
376: }
377: }
378: DBG1(DBG_APP, "# bad duration value: %s=%s", key, value);
379: return FALSE;
380: }
381: case ARG_STR:
382: {
383: char **cp = (char **)p;
384:
385: /* free any existing string */
386: free(*cp);
387: /* assign the new string */
388: *cp = strdupnull(value);
389: break;
390: }
391: default:
392: return TRUE;
393: }
394:
395: *assigned = TRUE;
396: return TRUE;
397: }
398:
399: /*
400: * frees all dynamically allocated arguments in a struct
401: */
402: void free_args(kw_token_t first, kw_token_t last, void *base)
403: {
404: kw_token_t token;
405:
406: for (token = first; token <= last; token++)
407: {
408: char *p = (char*)base + token_info[token].offset;
409:
410: switch (token_info[token].type)
411: {
412: case ARG_STR:
413: {
414: char **cp = (char **)p;
415:
416: free(*cp);
417: *cp = NULL;
418: break;
419: }
420: default:
421: break;
422: }
423: }
424: }
425:
426: /*
427: * compare all arguments in a struct
428: */
429: bool cmp_args(kw_token_t first, kw_token_t last, void *base1, void *base2)
430: {
431: kw_token_t token;
432:
433: for (token = first; token <= last; token++)
434: {
435: char *p1 = (char*)base1 + token_info[token].offset;
436: char *p2 = (char*)base2 + token_info[token].offset;
437:
438: switch (token_info[token].type)
439: {
440: case ARG_ENUM:
441: {
442: if (token_info[token].list == LST_bool)
443: {
444: bool *b1 = (bool *)p1;
445: bool *b2 = (bool *)p2;
446:
447: if (*b1 != *b2)
448: {
449: return FALSE;
450: }
451: }
452: else
453: {
454: int *i1 = (int *)p1;
455: int *i2 = (int *)p2;
456:
457: if (*i1 != *i2)
458: {
459: return FALSE;
460: }
461: }
462: break;
463: }
464: case ARG_UINT:
465: {
466: u_int *u1 = (u_int *)p1;
467: u_int *u2 = (u_int *)p2;
468:
469: if (*u1 != *u2)
470: {
471: return FALSE;
472: }
473: break;
474: }
475: case ARG_ULNG:
476: case ARG_PCNT:
477: {
478: unsigned long *l1 = (unsigned long *)p1;
479: unsigned long *l2 = (unsigned long *)p2;
480:
481: if (*l1 != *l2)
482: {
483: return FALSE;
484: }
485: break;
486: }
487: case ARG_ULLI:
488: {
489: unsigned long long *ll1 = (unsigned long long *)p1;
490: unsigned long long *ll2 = (unsigned long long *)p2;
491:
492: if (*ll1 != *ll2)
493: {
494: return FALSE;
495: }
496: break;
497: }
498: case ARG_TIME:
499: {
500: time_t *t1 = (time_t *)p1;
501: time_t *t2 = (time_t *)p2;
502:
503: if (*t1 != *t2)
504: {
505: return FALSE;
506: }
507: break;
508: }
509: case ARG_STR:
510: {
511: char **cp1 = (char **)p1;
512: char **cp2 = (char **)p2;
513:
514: if (*cp1 == NULL && *cp2 == NULL)
515: {
516: break;
517: }
518: if (*cp1 == NULL || *cp2 == NULL || strcmp(*cp1, *cp2) != 0)
519: {
520: return FALSE;
521: }
522: break;
523: }
524: default:
525: break;
526: }
527: }
528: return TRUE;
529: }