File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / starter / args.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:43 2020 UTC (4 years, 5 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

/*
 * Copyright (C) 2014 Tobias Brunner
 * Copyright (C) 2006 Andreas Steffen
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include <stddef.h>
#include <stdlib.h>
#include <string.h>

#include <library.h>
#include <utils/debug.h>

#include "confread.h"
#include "args.h"

/* argument types */

typedef enum {
	ARG_NONE,
	ARG_ENUM,
	ARG_UINT,
	ARG_TIME,
	ARG_ULNG,
	ARG_ULLI,
	ARG_UBIN,
	ARG_PCNT,
	ARG_STR,
	ARG_MISC
} arg_t;

/* various keyword lists */

static const char *LST_bool[] = {
	"no",
	"yes",
	 NULL
};

static const char *LST_sendcert[] = {
	"always",
	"ifasked",
	"never",
	"yes",
	"no",
	 NULL
};

static const char *LST_unique[] = {
	"no",
	"yes",
	"replace",
	"keep",
	"never",
	 NULL
};

static const char *LST_strict[] = {
	"no",
	"yes",
	"ifuri",
	 NULL
};
static const char *LST_dpd_action[] = {
	"none",
	"clear",
	"hold",
	"restart",
	 NULL
};

static const char *LST_startup[] = {
	"ignore",
	"add",
	"route",
	"start",
	 NULL
};

static const char *LST_keyexchange[] = {
	"ike",
	"ikev1",
	"ikev2",
	 NULL
};

static const char *LST_authby[] = {
	"psk",
	"secret",
	"pubkey",
	"rsa",
	"rsasig",
	"ecdsa",
	"ecdsasig",
	"xauthpsk",
	"xauthrsasig",
	"never",
	 NULL
};

static const char *LST_fragmentation[] = {
	"no",
	"accept",
	"yes",
	"force",
	 NULL
};

typedef struct {
	arg_t       type;
	size_t      offset;
	const char  **list;
} token_info_t;

static const token_info_t token_info[] =
{
	/* config setup keywords */
	{ ARG_STR,  offsetof(starter_config_t, setup.charondebug),  NULL               },
	{ ARG_ENUM, offsetof(starter_config_t, setup.uniqueids), LST_unique            },
	{ ARG_ENUM, offsetof(starter_config_t, setup.cachecrls), LST_bool              },
	{ ARG_ENUM, offsetof(starter_config_t, setup.strictcrlpolicy), LST_strict      },
	{ ARG_MISC, 0, NULL  /* KW_PKCS11_DEPRECATED */                                },
	{ ARG_MISC, 0, NULL  /* KW_SETUP_DEPRECATED */                                 },

	/* conn section keywords */
	{ ARG_STR,  offsetof(starter_conn_t, name), NULL                               },
	{ ARG_ENUM, offsetof(starter_conn_t, startup), LST_startup                     },
	{ ARG_ENUM, offsetof(starter_conn_t, keyexchange), LST_keyexchange             },
	{ ARG_MISC, 0, NULL  /* KW_TYPE */                                             },
	{ ARG_MISC, 0, NULL  /* KW_COMPRESS */                                         },
	{ ARG_ENUM, offsetof(starter_conn_t, install_policy), LST_bool                 },
	{ ARG_ENUM, offsetof(starter_conn_t, aggressive), LST_bool                     },
	{ ARG_STR,  offsetof(starter_conn_t, authby), LST_authby                       },
	{ ARG_STR,  offsetof(starter_conn_t, eap_identity), NULL                       },
	{ ARG_STR,  offsetof(starter_conn_t, aaa_identity), NULL                       },
	{ ARG_MISC, 0, NULL  /* KW_MOBIKE */                                           },
	{ ARG_MISC, 0, NULL  /* KW_FORCEENCAPS */                                      },
	{ ARG_ENUM, offsetof(starter_conn_t, fragmentation), LST_fragmentation         },
	{ ARG_UBIN, offsetof(starter_conn_t, ikedscp), NULL                            },
	{ ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL                },
	{ ARG_TIME, offsetof(starter_conn_t, sa_ipsec_life_seconds), NULL              },
	{ ARG_TIME, offsetof(starter_conn_t, sa_rekey_margin), NULL                    },
	{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_life_bytes), NULL                },
	{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_margin_bytes), NULL              },
	{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_life_packets), NULL              },
	{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_margin_packets), NULL            },
	{ ARG_MISC, 0, NULL  /* KW_KEYINGTRIES */                                      },
	{ ARG_PCNT, offsetof(starter_conn_t, sa_rekey_fuzz), NULL                      },
	{ ARG_MISC, 0, NULL  /* KW_REKEY */                                            },
	{ ARG_MISC, 0, NULL  /* KW_REAUTH */                                           },
	{ ARG_STR,  offsetof(starter_conn_t, ike), NULL                                },
	{ ARG_STR,  offsetof(starter_conn_t, esp), NULL                                },
	{ ARG_STR,  offsetof(starter_conn_t, ah), NULL                                 },
	{ ARG_TIME, offsetof(starter_conn_t, dpd_delay), NULL                          },
	{ ARG_TIME, offsetof(starter_conn_t, dpd_timeout), NULL                        },
	{ ARG_ENUM, offsetof(starter_conn_t, dpd_action), LST_dpd_action               },
	{ ARG_ENUM, offsetof(starter_conn_t, close_action), LST_dpd_action             },
	{ ARG_ENUM, offsetof(starter_conn_t, sha256_96), LST_bool                      },
	{ ARG_TIME, offsetof(starter_conn_t, inactivity), NULL                         },
	{ ARG_MISC, 0, NULL  /* KW_MODECONFIG */                                       },
	{ ARG_MISC, 0, NULL  /* KW_XAUTH */                                            },
	{ ARG_STR,  offsetof(starter_conn_t, xauth_identity), NULL                     },
	{ ARG_ENUM, offsetof(starter_conn_t, me_mediation), LST_bool                   },
	{ ARG_STR,  offsetof(starter_conn_t, me_mediated_by), NULL                     },
	{ ARG_STR,  offsetof(starter_conn_t, me_peerid), NULL                          },
	{ ARG_UINT, offsetof(starter_conn_t, reqid), NULL                              },
	{ ARG_UINT, offsetof(starter_conn_t, replay_window), NULL                      },
	{ ARG_MISC, 0, NULL  /* KW_MARK */                                             },
	{ ARG_MISC, 0, NULL  /* KW_MARK_IN */                                          },
	{ ARG_MISC, 0, NULL  /* KW_MARK_OUT */                                         },
	{ ARG_MISC, 0, NULL  /* KW_TFC */                                              },
	{ ARG_MISC, 0, NULL  /* KW_PFS_DEPRECATED */                                   },
	{ ARG_MISC, 0, NULL  /* KW_CONN_DEPRECATED */                                  },

	/* ca section keywords */
	{ ARG_STR,  offsetof(starter_ca_t, name), NULL                                 },
	{ ARG_ENUM, offsetof(starter_ca_t, startup), LST_startup                       },
	{ ARG_STR,  offsetof(starter_ca_t, cacert), NULL                               },
	{ ARG_STR,  offsetof(starter_ca_t, crluri), NULL                               },
	{ ARG_STR,  offsetof(starter_ca_t, crluri2), NULL                              },
	{ ARG_STR,  offsetof(starter_ca_t, ocspuri), NULL                              },
	{ ARG_STR,  offsetof(starter_ca_t, ocspuri2), NULL                             },
	{ ARG_STR,  offsetof(starter_ca_t, certuribase), NULL                          },
	{ ARG_MISC, 0, NULL  /* KW_CA_DEPRECATED */                                    },

	/* end keywords */
	{ ARG_STR,  offsetof(starter_end_t, host), NULL                                },
	{ ARG_UINT, offsetof(starter_end_t, ikeport), NULL                             },
	{ ARG_STR,  offsetof(starter_end_t, subnet), NULL                              },
	{ ARG_MISC, 0, NULL  /* KW_PROTOPORT */                                        },
	{ ARG_STR,  offsetof(starter_end_t, sourceip), NULL                            },
	{ ARG_STR,  offsetof(starter_end_t, dns), NULL                                 },
	{ ARG_ENUM, offsetof(starter_end_t, firewall), LST_bool                        },
	{ ARG_ENUM, offsetof(starter_end_t, hostaccess), LST_bool                      },
	{ ARG_ENUM, offsetof(starter_end_t, allow_any), LST_bool                       },
	{ ARG_STR,  offsetof(starter_end_t, updown), NULL                              },
	{ ARG_STR,  offsetof(starter_end_t, auth), NULL                                },
	{ ARG_STR,  offsetof(starter_end_t, auth2), NULL                               },
	{ ARG_STR,  offsetof(starter_end_t, id), NULL                                  },
	{ ARG_STR,  offsetof(starter_end_t, id2), NULL                                 },
	{ ARG_STR,  offsetof(starter_end_t, rsakey), NULL                              },
	{ ARG_STR,  offsetof(starter_end_t, cert), NULL                                },
	{ ARG_STR,  offsetof(starter_end_t, cert2), NULL                               },
	{ ARG_STR,  offsetof(starter_end_t, cert_policy), NULL                         },
	{ ARG_ENUM, offsetof(starter_end_t, sendcert), LST_sendcert                    },
	{ ARG_STR,  offsetof(starter_end_t, ca), NULL                                  },
	{ ARG_STR,  offsetof(starter_end_t, ca2), NULL                                 },
	{ ARG_STR,  offsetof(starter_end_t, groups), NULL                              },
	{ ARG_STR,  offsetof(starter_end_t, groups2), NULL                             },
	{ ARG_MISC, 0, NULL  /* KW_END_DEPRECATED */                                   },
};

/*
 * assigns an argument value to a struct field
 */
bool assign_arg(kw_token_t token, kw_token_t first, char *key, char *value,
				void *base, bool *assigned)
{
	char *p = (char*)base + token_info[token].offset;
	const char **list = token_info[token].list;
	int index = -1;  /* used for enumeration arguments */

	*assigned = FALSE;

	DBG3(DBG_APP, "  %s=%s", key, value);

	/* is there a keyword list? */
	if (list != NULL)
	{
		bool match = FALSE;

		while (*list != NULL && !match)
		{
			index++;
			match = streq(value, *list++);
		}
		if (!match)
		{
			DBG1(DBG_APP, "# bad value: %s=%s", key, value);
			return FALSE;
		}
	}

	switch (token_info[token].type)
	{
		case ARG_NONE:
			DBG1(DBG_APP, "# option '%s' not supported yet", key);
			return FALSE;
		case ARG_ENUM:
		{
			if (index < 0)
			{
				DBG1(DBG_APP, "# bad enumeration value: %s=%s (%d)",
					 key, value, index);
				return FALSE;
			}

			if (token_info[token].list == LST_bool)
			{
				bool *b = (bool *)p;
				*b = (index > 0);
			}
			else
			{	/* FIXME: this is not entirely correct as the args are enums */
				int *i = (int *)p;
				*i = index;
			}
			break;
		}
		case ARG_UINT:
		{
			char *endptr;
			u_int *u = (u_int *)p;

			*u = strtoul(value, &endptr, 10);

			if (*endptr != '\0')
			{
				DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
				return FALSE;
			}
			break;
		}
		case ARG_ULNG:
		case ARG_PCNT:
		{
			char *endptr;
			unsigned long *l = (unsigned long *)p;

			*l = strtoul(value, &endptr, 10);

			if (token_info[token].type == ARG_ULNG)
			{
				if (*endptr != '\0')
				{
					DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
					return FALSE;
				}
			}
			else
			{
				if ((*endptr != '%') || (endptr[1] != '\0') || endptr == value)
				{
					DBG1(DBG_APP, "# bad percent value: %s=%s", key, value);
					return FALSE;
				}
			}
			break;
		}
		case ARG_ULLI:
		{
			char *endptr;
			unsigned long long *ll = (unsigned long long *)p;

			*ll = strtoull(value, &endptr, 10);

			if (*endptr != '\0')
			{
				DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
				return FALSE;
			}
			break;
		}
		case ARG_UBIN:
		{
			char *endptr;
			u_int *u = (u_int *)p;

			*u = strtoul(value, &endptr, 2);

			if (*endptr != '\0')
			{
				DBG1(DBG_APP, "# bad binary value: %s=%s", key, value);
				return FALSE;
			}
			break;
		}
		case ARG_TIME:
		{
			char *endptr;
			time_t *t = (time_t *)p;

			*t = strtoul(value, &endptr, 10);

			/* time in seconds? */
			if (*endptr == '\0' || (*endptr == 's' && endptr[1] == '\0'))
			{
				break;
			}
			if (endptr[1] == '\0')
			{
				if (*endptr == 'm')  /* time in minutes? */
				{
					*t *= 60;
					break;
				}
				if (*endptr == 'h')  /* time in hours? */
				{
					*t *= 3600;
					break;
				}
				if (*endptr == 'd')  /* time in days? */
				{
					*t *= 3600*24;
					break;
				}
			}
			DBG1(DBG_APP, "# bad duration value: %s=%s", key, value);
			return FALSE;
		}
		case ARG_STR:
		{
			char **cp = (char **)p;

			/* free any existing string */
			free(*cp);
			/* assign the new string */
			*cp = strdupnull(value);
			break;
		}
		default:
			return TRUE;
	}

	*assigned = TRUE;
	return TRUE;
}

/*
 *  frees all dynamically allocated arguments in a struct
 */
void free_args(kw_token_t first, kw_token_t last, void *base)
{
	kw_token_t token;

	for (token = first; token <= last; token++)
	{
		char *p = (char*)base + token_info[token].offset;

		switch (token_info[token].type)
		{
			case ARG_STR:
			{
				char **cp = (char **)p;

				free(*cp);
				*cp = NULL;
				break;
			}
			default:
				break;
		}
	}
}

/*
 *  compare all arguments in a struct
 */
bool cmp_args(kw_token_t first, kw_token_t last, void *base1, void *base2)
{
	kw_token_t token;

	for (token = first; token <= last; token++)
	{
		char *p1 = (char*)base1 + token_info[token].offset;
		char *p2 = (char*)base2 + token_info[token].offset;

		switch (token_info[token].type)
		{
			case ARG_ENUM:
			{
				if (token_info[token].list == LST_bool)
				{
					bool *b1 = (bool *)p1;
					bool *b2 = (bool *)p2;

					if (*b1 != *b2)
					{
						return FALSE;
					}
				}
				else
				{
					int *i1 = (int *)p1;
					int *i2 = (int *)p2;

					if (*i1 != *i2)
					{
						return FALSE;
					}
				}
				break;
			}
			case ARG_UINT:
			{
				u_int *u1 = (u_int *)p1;
				u_int *u2 = (u_int *)p2;

				if (*u1 != *u2)
				{
					return FALSE;
				}
				break;
			}
			case ARG_ULNG:
			case ARG_PCNT:
			{
				unsigned long *l1 = (unsigned long *)p1;
				unsigned long *l2 = (unsigned long *)p2;

				if (*l1 != *l2)
				{
					return FALSE;
				}
				break;
			}
			case ARG_ULLI:
			{
				unsigned long long *ll1 = (unsigned long long *)p1;
				unsigned long long *ll2 = (unsigned long long *)p2;

				if (*ll1 != *ll2)
				{
					return FALSE;
				}
				break;
			}
			case ARG_TIME:
			{
				time_t *t1 = (time_t *)p1;
				time_t *t2 = (time_t *)p2;

				if (*t1 != *t2)
				{
					return FALSE;
				}
				break;
			}
			case ARG_STR:
			{
				char **cp1 = (char **)p1;
				char **cp2 = (char **)p2;

				if (*cp1 == NULL && *cp2 == NULL)
				{
					break;
				}
				if (*cp1 == NULL || *cp2 == NULL || strcmp(*cp1, *cp2) != 0)
				{
					return FALSE;
				}
				break;
			}
			default:
				break;
		}
	}
	return TRUE;
}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>