[Openswan dev] [openswan dev] from ipsec.conf to internal representation
desmarco at student.ethz.ch
Mon Jun 25 04:45:38 EDT 2007
I'm currently trying to implement Multi-Layer IPsec based on
the Openswan 2.4.7 source code.
The goal is to be able to en-/decrypt the TCP header in the
IP datagrams using an additional key. Hence I would like to
add an additional key to the ipsec.conf file and have it parsed
and transfered to the internal representation of the connection
This is my view on how the keys are processed:
starter.c: main(...) calls confread.c confread_load(...)
confread_load(...) parses the ipsec.conf file (call to parser.y
parser_load_conf(...)). The result of the parsing procedure is a
struct config_parsed where all keywords are stored with their
respective values as a linked list. On return of the parser_load_conf(...)
function, the function load_setup(...) is called having the parsed
config as a parameter.
In this function (load_setup(...), located in confread.c) there's
a for-loop double-checking whether the keywords in the linked
list are valid.
As I understood, the "leftrsasigkey" and "rightrsasigkey" entries
and their key values in the ipsec.conf file are stored as keywords
of type kt_rsakey.
In the function load_setup(...) however, these keywords seem to
be treated as invalid keywords (error counter is incremented and
How can this be? What did I miss? Did I miss an instruction
that changes the keyword type from kt_rsakey (to kt_loose_enum
I'd apreciate your help and suggestions.
More information about the Dev