diff options
| author | jim-p <jimp@pfsense.org> | 2014-05-15 13:34:21 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2014-05-15 13:34:21 -0400 |
| commit | 95589abda7b0cb9d30e374e9bbc8da439b0fa76f (patch) | |
| tree | 7fe1e1fb87816ac88ad7dcdc7a7fd88870d2b268 /etc/inc/ipsec.inc | |
| parent | 25e2281c6d64fb0272d8cf1bfc8030dbc6e6c3d4 (diff) | |
| download | pfsense-95589abda7b0cb9d30e374e9bbc8da439b0fa76f.zip pfsense-95589abda7b0cb9d30e374e9bbc8da439b0fa76f.tar.gz | |
Move duplicated code into a function; Include local ID on mobile tunnel key line in ipsec.secrets.
Diffstat (limited to 'etc/inc/ipsec.inc')
| -rw-r--r-- | etc/inc/ipsec.inc | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index e3829f8..a6efa65 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -669,4 +669,57 @@ function ipsec_fixup_ip($ipaddr) { return $ipaddr; } +function ipsec_find_id(& $ph1ent, $side = "local", $rgmap = array()) { + if ($side == "local") { + $id_type = $ph1ent['myid_type']; + $id_data = $ph1ent['myid_data']; + + $addr = ipsec_get_phase1_src($ph1ent); + if (!$addr) + return array(); + } elseif ($side = "peer") { + $id_type = $ph1ent['peerid_type']; + $id_data = $ph1ent['peerid_data']; + + if (isset($ph1ent['mobile'])) + $addr = "%any"; + else + $addr = $ph1ent['remote-gateway']; + } else { + return array(); + } + + + $thisid_type = $id_type; + switch ($thisid_type) { + case "myaddress": + $thisid_type = "address"; + $thisid_data = $addr; + break; + + case "dyn_dns": + $thisid_type = "address"; + $thisid_data = resolve_retry($id_data); + break; + + case "peeraddress": + $thisid_type = "address"; + $thisid_data = $rgmap[$ph1ent['remote-gateway']]; + break; + + case "address"; + $thisid_data = $id_data; + break; + + case "fqdn"; + case "keyid tag"; + case "user_fqdn"; + case "asn1dn"; + $thisid_data = $id_data; + if( $thisid_data ) + $thisid_data = "{$thisid_data}"; + break; + } + return array($thisid_type, $thisid_data); +} ?> |
