/*
* Copyright (C) 2014 Tobias Brunner
* Copyright (C) 2006 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
#include <library.h>
#include <utils/debug.h>
#include "confread.h"
#include "args.h"
/* argument types */
typedef enum {
ARG_NONE,
ARG_ENUM,
ARG_UINT,
ARG_TIME,
ARG_ULNG,
ARG_ULLI,
ARG_UBIN,
ARG_PCNT,
ARG_STR,
ARG_MISC
} arg_t;
/* various keyword lists */
static const char *LST_bool[] = {
"no",
"yes",
NULL
};
static const char *LST_sendcert[] = {
"always",
"ifasked",
"never",
"yes",
"no",
NULL
};
static const char *LST_unique[] = {
"no",
"yes",
"replace",
"keep",
"never",
NULL
};
static const char *LST_strict[] = {
"no",
"yes",
"ifuri",
NULL
};
static const char *LST_dpd_action[] = {
"none",
"clear",
"hold",
"restart",
NULL
};
static const char *LST_startup[] = {
"ignore",
"add",
"route",
"start",
NULL
};
static const char *LST_keyexchange[] = {
"ike",
"ikev1",
"ikev2",
NULL
};
static const char *LST_authby[] = {
"psk",
"secret",
"pubkey",
"rsa",
"rsasig",
"ecdsa",
"ecdsasig",
"xauthpsk",
"xauthrsasig",
"never",
NULL
};
static const char *LST_fragmentation[] = {
"no",
"accept",
"yes",
"force",
NULL
};
typedef struct {
arg_t type;
size_t offset;
const char **list;
} token_info_t;
static const token_info_t token_info[] =
{
/* config setup keywords */
{ ARG_STR, offsetof(starter_config_t, setup.charondebug), NULL },
{ ARG_ENUM, offsetof(starter_config_t, setup.uniqueids), LST_unique },
{ ARG_ENUM, offsetof(starter_config_t, setup.cachecrls), LST_bool },
{ ARG_ENUM, offsetof(starter_config_t, setup.strictcrlpolicy), LST_strict },
{ ARG_MISC, 0, NULL /* KW_PKCS11_DEPRECATED */ },
{ ARG_MISC, 0, NULL /* KW_SETUP_DEPRECATED */ },
/* conn section keywords */
{ ARG_STR, offsetof(starter_conn_t, name), NULL },
{ ARG_ENUM, offsetof(starter_conn_t, startup), LST_startup },
{ ARG_ENUM, offsetof(starter_conn_t, keyexchange), LST_keyexchange },
{ ARG_MISC, 0, NULL /* KW_TYPE */ },
{ ARG_MISC, 0, NULL /* KW_COMPRESS */ },
{ ARG_ENUM, offsetof(starter_conn_t, install_policy), LST_bool },
{ ARG_ENUM, offsetof(starter_conn_t, aggressive), LST_bool },
{ ARG_STR, offsetof(starter_conn_t, authby), LST_authby },
{ ARG_STR, offsetof(starter_conn_t, eap_identity), NULL },
{ ARG_STR, offsetof(starter_conn_t, aaa_identity), NULL },
{ ARG_MISC, 0, NULL /* KW_MOBIKE */ },
{ ARG_MISC, 0, NULL /* KW_FORCEENCAPS */ },
{ ARG_ENUM, offsetof(starter_conn_t, fragmentation), LST_fragmentation },
{ ARG_UBIN, offsetof(starter_conn_t, ikedscp), NULL },
{ ARG_TIME, offsetof(starter_conn_t, sa_ike_life_seconds), NULL },
{ ARG_TIME, offsetof(starter_conn_t, sa_ipsec_life_seconds), NULL },
{ ARG_TIME, offsetof(starter_conn_t, sa_rekey_margin), NULL },
{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_life_bytes), NULL },
{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_margin_bytes), NULL },
{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_life_packets), NULL },
{ ARG_ULLI, offsetof(starter_conn_t, sa_ipsec_margin_packets), NULL },
{ ARG_MISC, 0, NULL /* KW_KEYINGTRIES */ },
{ ARG_PCNT, offsetof(starter_conn_t, sa_rekey_fuzz), NULL },
{ ARG_MISC, 0, NULL /* KW_REKEY */ },
{ ARG_MISC, 0, NULL /* KW_REAUTH */ },
{ ARG_STR, offsetof(starter_conn_t, ike), NULL },
{ ARG_STR, offsetof(starter_conn_t, esp), NULL },
{ ARG_STR, offsetof(starter_conn_t, ah), NULL },
{ ARG_TIME, offsetof(starter_conn_t, dpd_delay), NULL },
{ ARG_TIME, offsetof(starter_conn_t, dpd_timeout), NULL },
{ ARG_ENUM, offsetof(starter_conn_t, dpd_action), LST_dpd_action },
{ ARG_ENUM, offsetof(starter_conn_t, close_action), LST_dpd_action },
{ ARG_ENUM, offsetof(starter_conn_t, sha256_96), LST_bool },
{ ARG_TIME, offsetof(starter_conn_t, inactivity), NULL },
{ ARG_MISC, 0, NULL /* KW_MODECONFIG */ },
{ ARG_MISC, 0, NULL /* KW_XAUTH */ },
{ ARG_STR, offsetof(starter_conn_t, xauth_identity), NULL },
{ ARG_ENUM, offsetof(starter_conn_t, me_mediation), LST_bool },
{ ARG_STR, offsetof(starter_conn_t, me_mediated_by), NULL },
{ ARG_STR, offsetof(starter_conn_t, me_peerid), NULL },
{ ARG_UINT, offsetof(starter_conn_t, reqid), NULL },
{ ARG_UINT, offsetof(starter_conn_t, replay_window), NULL },
{ ARG_MISC, 0, NULL /* KW_MARK */ },
{ ARG_MISC, 0, NULL /* KW_MARK_IN */ },
{ ARG_MISC, 0, NULL /* KW_MARK_OUT */ },
{ ARG_MISC, 0, NULL /* KW_TFC */ },
{ ARG_MISC, 0, NULL /* KW_PFS_DEPRECATED */ },
{ ARG_MISC, 0, NULL /* KW_CONN_DEPRECATED */ },
/* ca section keywords */
{ ARG_STR, offsetof(starter_ca_t, name), NULL },
{ ARG_ENUM, offsetof(starter_ca_t, startup), LST_startup },
{ ARG_STR, offsetof(starter_ca_t, cacert), NULL },
{ ARG_STR, offsetof(starter_ca_t, crluri), NULL },
{ ARG_STR, offsetof(starter_ca_t, crluri2), NULL },
{ ARG_STR, offsetof(starter_ca_t, ocspuri), NULL },
{ ARG_STR, offsetof(starter_ca_t, ocspuri2), NULL },
{ ARG_STR, offsetof(starter_ca_t, certuribase), NULL },
{ ARG_MISC, 0, NULL /* KW_CA_DEPRECATED */ },
/* end keywords */
{ ARG_STR, offsetof(starter_end_t, host), NULL },
{ ARG_UINT, offsetof(starter_end_t, ikeport), NULL },
{ ARG_STR, offsetof(starter_end_t, subnet), NULL },
{ ARG_MISC, 0, NULL /* KW_PROTOPORT */ },
{ ARG_STR, offsetof(starter_end_t, sourceip), NULL },
{ ARG_STR, offsetof(starter_end_t, dns), NULL },
{ ARG_ENUM, offsetof(starter_end_t, firewall), LST_bool },
{ ARG_ENUM, offsetof(starter_end_t, hostaccess), LST_bool },
{ ARG_ENUM, offsetof(starter_end_t, allow_any), LST_bool },
{ ARG_STR, offsetof(starter_end_t, updown), NULL },
{ ARG_STR, offsetof(starter_end_t, auth), NULL },
{ ARG_STR, offsetof(starter_end_t, auth2), NULL },
{ ARG_STR, offsetof(starter_end_t, id), NULL },
{ ARG_STR, offsetof(starter_end_t, id2), NULL },
{ ARG_STR, offsetof(starter_end_t, rsakey), NULL },
{ ARG_STR, offsetof(starter_end_t, cert), NULL },
{ ARG_STR, offsetof(starter_end_t, cert2), NULL },
{ ARG_STR, offsetof(starter_end_t, cert_policy), NULL },
{ ARG_ENUM, offsetof(starter_end_t, sendcert), LST_sendcert },
{ ARG_STR, offsetof(starter_end_t, ca), NULL },
{ ARG_STR, offsetof(starter_end_t, ca2), NULL },
{ ARG_STR, offsetof(starter_end_t, groups), NULL },
{ ARG_STR, offsetof(starter_end_t, groups2), NULL },
{ ARG_MISC, 0, NULL /* KW_END_DEPRECATED */ },
};
/*
* assigns an argument value to a struct field
*/
bool assign_arg(kw_token_t token, kw_token_t first, char *key, char *value,
void *base, bool *assigned)
{
char *p = (char*)base + token_info[token].offset;
const char **list = token_info[token].list;
int index = -1; /* used for enumeration arguments */
*assigned = FALSE;
DBG3(DBG_APP, " %s=%s", key, value);
/* is there a keyword list? */
if (list != NULL)
{
bool match = FALSE;
while (*list != NULL && !match)
{
index++;
match = streq(value, *list++);
}
if (!match)
{
DBG1(DBG_APP, "# bad value: %s=%s", key, value);
return FALSE;
}
}
switch (token_info[token].type)
{
case ARG_NONE:
DBG1(DBG_APP, "# option '%s' not supported yet", key);
return FALSE;
case ARG_ENUM:
{
if (index < 0)
{
DBG1(DBG_APP, "# bad enumeration value: %s=%s (%d)",
key, value, index);
return FALSE;
}
if (token_info[token].list == LST_bool)
{
bool *b = (bool *)p;
*b = (index > 0);
}
else
{ /* FIXME: this is not entirely correct as the args are enums */
int *i = (int *)p;
*i = index;
}
break;
}
case ARG_UINT:
{
char *endptr;
u_int *u = (u_int *)p;
*u = strtoul(value, &endptr, 10);
if (*endptr != '\0')
{
DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
return FALSE;
}
break;
}
case ARG_ULNG:
case ARG_PCNT:
{
char *endptr;
unsigned long *l = (unsigned long *)p;
*l = strtoul(value, &endptr, 10);
if (token_info[token].type == ARG_ULNG)
{
if (*endptr != '\0')
{
DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
return FALSE;
}
}
else
{
if ((*endptr != '%') || (endptr[1] != '\0') || endptr == value)
{
DBG1(DBG_APP, "# bad percent value: %s=%s", key, value);
return FALSE;
}
}
break;
}
case ARG_ULLI:
{
char *endptr;
unsigned long long *ll = (unsigned long long *)p;
*ll = strtoull(value, &endptr, 10);
if (*endptr != '\0')
{
DBG1(DBG_APP, "# bad integer value: %s=%s", key, value);
return FALSE;
}
break;
}
case ARG_UBIN:
{
char *endptr;
u_int *u = (u_int *)p;
*u = strtoul(value, &endptr, 2);
if (*endptr != '\0')
{
DBG1(DBG_APP, "# bad binary value: %s=%s", key, value);
return FALSE;
}
break;
}
case ARG_TIME:
{
char *endptr;
time_t *t = (time_t *)p;
*t = strtoul(value, &endptr, 10);
/* time in seconds? */
if (*endptr == '\0' || (*endptr == 's' && endptr[1] == '\0'))
{
break;
}
if (endptr[1] == '\0')
{
if (*endptr == 'm') /* time in minutes? */
{
*t *= 60;
break;
}
if (*endptr == 'h') /* time in hours? */
{
*t *= 3600;
break;
}
if (*endptr == 'd') /* time in days? */
{
*t *= 3600*24;
break;
}
}
DBG1(DBG_APP, "# bad duration value: %s=%s", key, value);
return FALSE;
}
case ARG_STR:
{
char **cp = (char **)p;
/* free any existing string */
free(*cp);
/* assign the new string */
*cp = strdupnull(value);
break;
}
default:
return TRUE;
}
*assigned = TRUE;
return TRUE;
}
/*
* frees all dynamically allocated arguments in a struct
*/
void free_args(kw_token_t first, kw_token_t last, void *base)
{
kw_token_t token;
for (token = first; token <= last; token++)
{
char *p = (char*)base + token_info[token].offset;
switch (token_info[token].type)
{
case ARG_STR:
{
char **cp = (char **)p;
free(*cp);
*cp = NULL;
break;
}
default:
break;
}
}
}
/*
* compare all arguments in a struct
*/
bool cmp_args(kw_token_t first, kw_token_t last, void *base1, void *base2)
{
kw_token_t token;
for (token = first; token <= last; token++)
{
char *p1 = (char*)base1 + token_info[token].offset;
char *p2 = (char*)base2 + token_info[token].offset;
switch (token_info[token].type)
{
case ARG_ENUM:
{
if (token_info[token].list == LST_bool)
{
bool *b1 = (bool *)p1;
bool *b2 = (bool *)p2;
if (*b1 != *b2)
{
return FALSE;
}
}
else
{
int *i1 = (int *)p1;
int *i2 = (int *)p2;
if (*i1 != *i2)
{
return FALSE;
}
}
break;
}
case ARG_UINT:
{
u_int *u1 = (u_int *)p1;
u_int *u2 = (u_int *)p2;
if (*u1 != *u2)
{
return FALSE;
}
break;
}
case ARG_ULNG:
case ARG_PCNT:
{
unsigned long *l1 = (unsigned long *)p1;
unsigned long *l2 = (unsigned long *)p2;
if (*l1 != *l2)
{
return FALSE;
}
break;
}
case ARG_ULLI:
{
unsigned long long *ll1 = (unsigned long long *)p1;
unsigned long long *ll2 = (unsigned long long *)p2;
if (*ll1 != *ll2)
{
return FALSE;
}
break;
}
case ARG_TIME:
{
time_t *t1 = (time_t *)p1;
time_t *t2 = (time_t *)p2;
if (*t1 != *t2)
{
return FALSE;
}
break;
}
case ARG_STR:
{
char **cp1 = (char **)p1;
char **cp2 = (char **)p2;
if (*cp1 == NULL && *cp2 == NULL)
{
break;
}
if (*cp1 == NULL || *cp2 == NULL || strcmp(*cp1, *cp2) != 0)
{
return FALSE;
}
break;
}
default:
break;
}
}
return TRUE;
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>