diff options
author | Hakan Olsson <ho@cvs.openbsd.org> | 2002-06-09 01:15:21 +0000 |
---|---|---|
committer | Hakan Olsson <ho@cvs.openbsd.org> | 2002-06-09 01:15:21 +0000 |
commit | 556a28df8796f4a606dea113a3cb8fdf2171ee63 (patch) | |
tree | d2dfbf1534ad06c2bde17f7efbfa183e1e48db31 /sbin/isakmpd | |
parent | d7ae3d7bbd6b8a3526cf4a6556d14100b610e5f4 (diff) |
CFG_REQUEST
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r-- | sbin/isakmpd/isakmp_cfg.c | 69 |
1 files changed, 63 insertions, 6 deletions
diff --git a/sbin/isakmpd/isakmp_cfg.c b/sbin/isakmpd/isakmp_cfg.c index aeb1a02451c..fcfde10bdc6 100644 --- a/sbin/isakmpd/isakmp_cfg.c +++ b/sbin/isakmpd/isakmp_cfg.c @@ -95,9 +95,8 @@ int (*isakmp_cfg_responder[]) (struct message *) = { }; /* - * As "the server", this starts SET/ACK mode - * As "the client", this starts REQ/REPLY mode - * XXX A lot can be shared with responder_send_ATTR. + * When we are "the server", this starts SET/ACK mode + * When we are "the client", this starts REQ/REPLY mode */ static int cfg_initiator_send_ATTR (struct message *msg) @@ -186,18 +185,76 @@ cfg_initiator_send_ATTR (struct message *msg) } else { - /* XXX REQ/REPLY */ + struct conf_list *alist; + struct conf_list_node *anode; + ie->cfg_type = ISAKMP_CFG_REQUEST; LOG_DBG ((LOG_NEGOTIATION, 10, "cfg_initiator_send_ATTR: REQ/REPLY mode")); + + alist = conf_get_list (id_string, "Attributes"); + if (!alist) + continue; + + for (anode = TAILQ_FIRST (&alist->fields); anode; + anove = TAILQ_NEXT (anode, link)) + { + if (strcasecmp (anode->field, "Address") == 0) + { + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP4_ADDRESS); + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP6_ADDRESS); + attrlen += ISAKMP_ATTR_SZ * 2; + } + else if (strcasecmp (anode->field, "Netmask") == 0) + { + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP4_NETMASK); + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP6_NETMASK); + attrlen += ISAKMP_ATTR_SZ * 2; + } + else if (strcasecmp (anode->field, "Nameserver") == 0) + { + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP4_DNS); + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP6_DNS); + attrlen += ISAKMP_ATTR_SZ * 2; + } + else if (strcasecmp (anode->field, "WINS-server") == 0) + { + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP4_NBNS); + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP6_NBNS); + attrlen += ISAKMP_ATTR_SZ * 2; + } + else if (strcasecmp (anode->field, "DHCP-server") == 0) + { + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP4_DHCP); + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_IP6_DHCP); + attrlen += ISAKMP_ATTR_SZ * 2; + } + else if (strcasecmp (anode->field, "Lifetime") == 0) + { + bit_set (attrbits, ISAKMP_CFG_ATTR_INTERNAL_ADDRESS_EXPIRY); + attrlen += ISAKMP_ATTR_SZ; + } + else + { + log_print ("cfg_initiator_send_ATTR: unknown attribute %.20s " + "in section [%s]", anode->field, id_string); + } + } + + conf_free_list (alist); } if (attrlen == 0) { /* No data found. */ - log_print ("cfg_initiator_send_ATTR: no IKECFG attributes found for %s", - id_string); + log_print ("cfg_initiator_send_ATTR: no IKECFG attributes " + "found for [%s]", id_string); + + /* + * We can continue, but this indicates a configuration error that + * the user probably will want to correct. + */ free (id_string); return 0; } |