Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(447)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: ipsec_manager.cc

Issue 6731015: vpn-manager: accept a hostname for remote host (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vpn-manager.git@master
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« ipsec_manager.h ('K') | « ipsec_manager.h ('k') | ipsec_manager_test.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: ipsec_manager.cc
diff --git a/ipsec_manager.cc b/ipsec_manager.cc
index 287d62b3a5f67edccc105b1f694a2b08080eaff8..ccedd2387159b60fdae8410a23979d22fc34029b 100644
--- a/ipsec_manager.cc
+++ b/ipsec_manager.cc
@@ -53,6 +53,7 @@ using ::chromeos::ProcessImpl;
IpsecManager::IpsecManager()
: ServiceManager(kIpsecServiceName),
force_local_address_(NULL),
+ force_remote_address_(NULL),
output_fd_(-1),
ike_version_(0),
ipsec_group_(0),
@@ -64,16 +65,16 @@ IpsecManager::IpsecManager()
}
bool IpsecManager::Initialize(int ike_version,
- const std::string& remote_address,
+ const std::string& remote_host,
const std::string& psk_file,
const std::string& server_ca_file,
const std::string& client_key_file,
const std::string& client_cert_file) {
- if (remote_address.empty()) {
- LOG(ERROR) << "Missing remote address to IPsec layer";
+ if (remote_host.empty()) {
+ LOG(ERROR) << "Missing remote host to IPsec layer";
return false;
}
- remote_address_ = remote_address;
+ remote_host_ = remote_host;
if (psk_file.empty()) {
if (server_ca_file.empty() && client_key_file.empty() &&
@@ -128,21 +129,54 @@ bool IpsecManager::Initialize(int ike_version,
return true;
}
-bool IpsecManager::GetLocalAddressForRemote(
- const std::string& remote_address_text,
+bool IpsecManager::ConvertSockAddrToIPString(struct sockaddr* socket_address,
+ std::string* output) {
+ // convert local_address to local_address_text.
petkov 2011/03/24 16:52:22 Convert
+ char str[INET6_ADDRSTRLEN] = { 0 };
+ switch (socket_address->sa_family) {
+ case AF_INET:
+ if (!inet_ntop(AF_INET, &reinterpret_cast<sockaddr_in*>(
+ socket_address)->sin_addr, str, INET6_ADDRSTRLEN)) {
+ LOG(ERROR) << "inet_ntop failed";
+ return false;
+ }
+ break;
+ case AF_INET6:
+ if (!inet_ntop(AF_INET6, &reinterpret_cast<sockaddr_in6*>(
+ socket_address)->sin6_addr, str, INET6_ADDRSTRLEN)) {
+ LOG(ERROR) << "inet_ntop failed";
+ return false;
+ }
+ break;
+ default:
+ LOG(ERROR) << "Unknown address family";
+ return false;
+ }
+ *output = str;
+ return true;
+}
+
+bool IpsecManager::GetAddressesFromRemoteHost(
+ const std::string& remote_host,
+ std::string* remote_address_text,
std::string* local_address_text) {
static const char kService[] = "80";
if (force_local_address_ != NULL) {
*local_address_text = force_local_address_;
+ *remote_address_text = force_remote_address_;
return true;
}
struct addrinfo *remote_address;
- int s = getaddrinfo(remote_address_text.c_str(), kService, NULL,
+ int s = getaddrinfo(remote_host.c_str(), kService, NULL,
&remote_address);
if (s != 0) {
LOG(ERROR) << "getaddrinfo failed: " << gai_strerror(s);
return false;
}
+ if (!ConvertSockAddrToIPString(remote_address->ai_addr,
+ remote_address_text)) {
+ return false;
+ }
int sock = HANDLE_EINTR(socket(AF_INET, SOCK_DGRAM, 0));
if (sock < 0) {
LOG(ERROR) << "Unable to create socket";
@@ -157,34 +191,14 @@ bool IpsecManager::GetLocalAddressForRemote(
bool result = false;
struct sockaddr local_address;
socklen_t addr_len = sizeof(local_address);
- char str[INET6_ADDRSTRLEN] = { 0 };
if (getsockname(sock, &local_address, &addr_len) != 0) {
int saved_errno = errno;
LOG(ERROR) << "getsockname failed on socket connecting to "
<< remote_address_text << ": " << saved_errno;
goto error_label;
}
- // convert local_address to local_address_text.
- switch (local_address.sa_family) {
- case AF_INET:
- if (!inet_ntop(AF_INET, &reinterpret_cast<sockaddr_in*>(
- &local_address)->sin_addr, str, INET6_ADDRSTRLEN)) {
- LOG(ERROR) << "inet_ntop failed on " << remote_address_text;
- goto error_label;
- }
- break;
- case AF_INET6:
- if (!inet_ntop(AF_INET6, &reinterpret_cast<sockaddr_in6*>(
- &local_address)->sin6_addr, str, INET6_ADDRSTRLEN)) {
- LOG(ERROR) << "inet_ntop failed on " << remote_address_text;
- goto error_label;
- }
- break;
- default:
- LOG(ERROR) << "Unknown address family converting " << remote_address_text;
- goto error_label;
- }
- *local_address_text = str;
+ if (!ConvertSockAddrToIPString(&local_address, local_address_text))
+ goto error_label;
LOG(INFO) << "Remote address " << remote_address_text << " has local address "
<< *local_address_text;
result = true;
@@ -203,14 +217,16 @@ bool IpsecManager::FormatPsk(const FilePath& input_file,
return false;
}
std::string local_address;
- if (!GetLocalAddressForRemote(remote_address_, &local_address)) {
+ std::string remote_address;
+ if (!GetAddressesFromRemoteHost(remote_host_, &remote_address,
+ &local_address)) {
LOG(ERROR) << "Local IP address could not be determined for PSK mode";
return false;
}
TrimWhitespaceASCII(psk, TRIM_TRAILING, &psk);
*formatted =
StringPrintf("%s %s : PSK \"%s\"\n", local_address.c_str(),
- remote_address_.c_str(), psk.c_str());
+ remote_address.c_str(), psk.c_str());
return true;
}
@@ -276,7 +292,7 @@ std::string IpsecManager::FormatStarterConfigFile() {
AppendStringSetting(&config, "left", "%defaultroute");
AppendStringSetting(&config, "leftprotoport", FLAGS_leftprotoport);
AppendStringSetting(&config, "leftupdown", IPSEC_UPDOWN);
- AppendStringSetting(&config, "right", remote_address_);
+ AppendStringSetting(&config, "right", remote_host_);
AppendStringSetting(&config, "rightprotoport", FLAGS_rightprotoport);
AppendStringSetting(&config, "type", FLAGS_type);
AppendStringSetting(&config, "auto", "start");
« ipsec_manager.h ('K') | « ipsec_manager.h ('k') | ipsec_manager_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698