1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/* Libreswan config file parser (confread.h)
*
* Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
* Copyright (C) 2009 Jose Quaresma <josequaresma@gmail.com>
* Copyright (C) 2003-2006 Michael Richardson <mcr@xelerance.com>
* Copyright (C) 2012-2013 Paul Wouters <paul@libreswan.org>
* Copyright (C) 2013 Antony Antony <antony@phenome.org>
* Copyright (C) 2016, Andrew Cagney <cagney@gnu.org>
* Copyright (C) 2019 D. Hugh Redelmeier <hugh@mimosa.com>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <https://www.gnu.org/licenses/gpl2.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef _IPSEC_CONFREAD_H_
#define _IPSEC_CONFREAD_H_
#include <sys/queue.h> /* for TAILQ_ENTRY() */
#include "ipsecconf/keywords.h"
#include "lset.h"
#include "err.h"
#include "ip_range.h"
#include "ip_subnet.h"
#include "ip_protoport.h"
#include "ip_cidr.h"
#include "lswcdefs.h"
#include "authby.h"
#include "end.h"
struct logger;
/*
* Code tests <<set[flag] != k_set>> to detect either k_unset or
* k_default and allow an override.
*/
enum keyword_set {
k_unset = false,
k_set = true,
k_default = 2
};
struct keyword_value {
enum keyword_set set;
char *string;
intmax_t option;
deltatime_t deltatime;
};
typedef struct keyword_value keyword_values[KW_roof];
/*
* Note: string fields in struct starter_end and struct starter_conn
* should correspond to STR_FIELD calls in copy_conn_default() and confread_free_conn.
*/
struct starter_end {
const char *leftright;
const struct ip_info *host_family; /* XXX: move to starter_conn? */
enum keyword_host addrtype;
enum keyword_host nexttype;
ip_address addr;
ip_address nexthop;
ip_cidr vti_ip;
keyword_values values;
};
/*
* Note: string fields in struct starter_end and struct starter_conn
* should correspond to STR_FIELD calls in copy_conn_default() and confread_free_conn.
*/
struct starter_conn {
TAILQ_ENTRY(starter_conn) link;
char *name;
keyword_values values;
enum ike_version ike_version;
struct authby authby;
lset_t sighash_policy;
enum shunt_policy shunt[SHUNT_KIND_ROOF];
struct starter_end end[END_ROOF];
const struct ip_info *clientaddrfamily;
enum {
STATE_INVALID,
STATE_LOADED,
STATE_INCOMPLETE,
STATE_ADDED,
STATE_FAILED,
} state;
uint32_t xfrm_if_id;
};
struct starter_config {
keyword_values values;
/* conn %default */
struct starter_conn conn_default;
/* connections list (without %default) */
TAILQ_HEAD(, starter_conn) conns;
};
extern struct config_parsed *parser_load_conf(const char *file,
struct logger *logger);
extern void parser_freeany_config_parsed(struct config_parsed **cfg);
extern struct starter_config *confread_load(const char *file,
bool setuponly,
struct logger *logger);
extern void confread_free(struct starter_config *cfg);
#endif /* _IPSEC_CONFREAD_H_ */
|
