2010-07-06 09:36:58 +00:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2010 Tobias Brunner
|
2018-05-23 14:04:50 +00:00
|
|
|
* HSR Hochschule fuer Technik Rapperswil
|
2010-07-06 09:36:58 +00:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
|
|
* under the terms of the GNU General Public License as published by the
|
|
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
* for more details.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "kernel_handler.h"
|
|
|
|
|
|
|
|
#include <daemon.h>
|
2010-07-06 09:50:43 +00:00
|
|
|
#include <processing/jobs/acquire_job.h>
|
2010-07-06 10:09:06 +00:00
|
|
|
#include <processing/jobs/delete_child_sa_job.h>
|
2010-07-06 10:46:40 +00:00
|
|
|
#include <processing/jobs/migrate_job.h>
|
|
|
|
#include <processing/jobs/rekey_child_sa_job.h>
|
2010-07-06 14:03:09 +00:00
|
|
|
#include <processing/jobs/roam_job.h>
|
2010-07-06 10:34:15 +00:00
|
|
|
#include <processing/jobs/update_sa_job.h>
|
2010-07-06 09:36:58 +00:00
|
|
|
|
|
|
|
typedef struct private_kernel_handler_t private_kernel_handler_t;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Private data of a kernel_handler_t object.
|
|
|
|
*/
|
|
|
|
struct private_kernel_handler_t {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Public part of kernel_handler_t object.
|
|
|
|
*/
|
|
|
|
kernel_handler_t public;
|
|
|
|
};
|
|
|
|
|
2010-07-12 08:35:19 +00:00
|
|
|
/**
|
|
|
|
* convert an IP protocol identifier to the IKEv2 specific protocol identifier.
|
|
|
|
*/
|
2016-03-22 12:22:01 +00:00
|
|
|
static inline protocol_id_t proto_ip2ike(uint8_t protocol)
|
2010-07-12 08:35:19 +00:00
|
|
|
{
|
|
|
|
switch (protocol)
|
|
|
|
{
|
|
|
|
case IPPROTO_ESP:
|
|
|
|
return PROTO_ESP;
|
|
|
|
case IPPROTO_AH:
|
|
|
|
return PROTO_AH;
|
|
|
|
default:
|
|
|
|
return protocol;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-07-06 09:50:43 +00:00
|
|
|
METHOD(kernel_listener_t, acquire, bool,
|
2016-03-22 12:22:01 +00:00
|
|
|
private_kernel_handler_t *this, uint32_t reqid,
|
2013-06-20 14:16:39 +00:00
|
|
|
traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
|
2010-07-06 09:50:43 +00:00
|
|
|
{
|
|
|
|
if (src_ts && dst_ts)
|
|
|
|
{
|
2013-06-20 14:16:39 +00:00
|
|
|
DBG1(DBG_KNL, "creating acquire job for policy %R === %R with "
|
|
|
|
"reqid {%u}", src_ts, dst_ts, reqid);
|
2010-07-06 09:50:43 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
DBG1(DBG_KNL, "creating acquire job for policy with reqid {%u}", reqid);
|
|
|
|
}
|
2013-06-20 14:16:39 +00:00
|
|
|
lib->processor->queue_job(lib->processor,
|
|
|
|
(job_t*)acquire_job_create(reqid, src_ts, dst_ts));
|
2010-07-06 09:50:43 +00:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2010-07-06 10:09:06 +00:00
|
|
|
METHOD(kernel_listener_t, expire, bool,
|
2016-03-22 12:22:01 +00:00
|
|
|
private_kernel_handler_t *this, uint8_t protocol, uint32_t spi,
|
2014-10-27 14:07:05 +00:00
|
|
|
host_t *dst, bool hard)
|
2010-07-06 10:09:06 +00:00
|
|
|
{
|
2010-07-12 08:35:19 +00:00
|
|
|
protocol_id_t proto = proto_ip2ike(protocol);
|
2013-06-20 14:16:39 +00:00
|
|
|
|
2014-10-27 14:07:05 +00:00
|
|
|
DBG1(DBG_KNL, "creating %s job for CHILD_SA %N/0x%08x/%H",
|
|
|
|
hard ? "delete" : "rekey", protocol_id_names, proto, ntohl(spi), dst);
|
2013-06-20 14:16:39 +00:00
|
|
|
|
2010-07-06 10:09:06 +00:00
|
|
|
if (hard)
|
|
|
|
{
|
2013-06-20 14:16:39 +00:00
|
|
|
lib->processor->queue_job(lib->processor,
|
2014-10-27 14:07:05 +00:00
|
|
|
(job_t*)delete_child_sa_job_create(proto, spi, dst, hard));
|
2010-07-06 10:09:06 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2013-06-20 14:16:39 +00:00
|
|
|
lib->processor->queue_job(lib->processor,
|
2014-10-27 14:07:05 +00:00
|
|
|
(job_t*)rekey_child_sa_job_create(proto, spi, dst));
|
2010-07-06 10:09:06 +00:00
|
|
|
}
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2010-07-06 10:34:15 +00:00
|
|
|
METHOD(kernel_listener_t, mapping, bool,
|
2016-03-22 12:22:01 +00:00
|
|
|
private_kernel_handler_t *this, uint8_t protocol, uint32_t spi,
|
2014-10-27 14:38:47 +00:00
|
|
|
host_t *dst, host_t *remote)
|
2010-07-06 10:34:15 +00:00
|
|
|
{
|
2014-10-27 14:38:47 +00:00
|
|
|
protocol_id_t proto = proto_ip2ike(protocol);
|
|
|
|
|
2015-03-17 12:00:54 +00:00
|
|
|
DBG1(DBG_KNL, "NAT mappings of CHILD_SA %N/0x%08x/%H changed to %#H, "
|
|
|
|
"queuing update job", protocol_id_names, proto, ntohl(spi), dst,
|
|
|
|
remote);
|
2013-06-20 14:16:39 +00:00
|
|
|
|
|
|
|
lib->processor->queue_job(lib->processor,
|
2014-10-27 14:38:47 +00:00
|
|
|
(job_t*)update_sa_job_create(proto, spi, dst, remote));
|
2010-07-06 10:34:15 +00:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2010-07-06 10:46:40 +00:00
|
|
|
METHOD(kernel_listener_t, migrate, bool,
|
2016-03-22 12:22:01 +00:00
|
|
|
private_kernel_handler_t *this, uint32_t reqid,
|
2013-06-20 14:16:39 +00:00
|
|
|
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
|
|
|
|
policy_dir_t direction, host_t *local, host_t *remote)
|
2010-07-06 10:46:40 +00:00
|
|
|
{
|
2013-06-20 14:16:39 +00:00
|
|
|
DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N with reqid {%u}",
|
|
|
|
src_ts, dst_ts, policy_dir_names, direction, reqid, local);
|
|
|
|
|
|
|
|
lib->processor->queue_job(lib->processor,
|
|
|
|
(job_t*)migrate_job_create(reqid, src_ts, dst_ts,
|
|
|
|
direction, local, remote));
|
2010-07-06 10:46:40 +00:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2010-07-06 14:03:09 +00:00
|
|
|
METHOD(kernel_listener_t, roam, bool,
|
2013-06-20 14:16:39 +00:00
|
|
|
private_kernel_handler_t *this, bool address)
|
2010-07-06 14:03:09 +00:00
|
|
|
{
|
2013-06-20 14:16:39 +00:00
|
|
|
DBG2(DBG_KNL, "creating roam job %s",
|
|
|
|
address ? "due to address/link change" : "due to route change");
|
|
|
|
|
|
|
|
lib->processor->queue_job(lib->processor, (job_t*)roam_job_create(address));
|
2010-07-06 14:03:09 +00:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2010-07-06 09:36:58 +00:00
|
|
|
METHOD(kernel_handler_t, destroy, void,
|
2013-06-20 14:16:39 +00:00
|
|
|
private_kernel_handler_t *this)
|
2010-07-06 09:36:58 +00:00
|
|
|
{
|
2016-02-12 14:30:18 +00:00
|
|
|
charon->kernel->remove_listener(charon->kernel, &this->public.listener);
|
2010-07-06 09:36:58 +00:00
|
|
|
free(this);
|
|
|
|
}
|
|
|
|
|
|
|
|
kernel_handler_t *kernel_handler_create()
|
|
|
|
{
|
|
|
|
private_kernel_handler_t *this;
|
|
|
|
|
|
|
|
INIT(this,
|
|
|
|
.public = {
|
|
|
|
.listener = {
|
2010-07-06 09:50:43 +00:00
|
|
|
.acquire = _acquire,
|
2010-07-06 10:09:06 +00:00
|
|
|
.expire = _expire,
|
2010-07-06 10:34:15 +00:00
|
|
|
.mapping = _mapping,
|
2010-07-06 10:46:40 +00:00
|
|
|
.migrate = _migrate,
|
2010-07-06 14:03:09 +00:00
|
|
|
.roam = _roam,
|
2010-07-06 09:36:58 +00:00
|
|
|
},
|
|
|
|
.destroy = _destroy,
|
|
|
|
},
|
|
|
|
);
|
|
|
|
|
2016-02-12 14:30:18 +00:00
|
|
|
charon->kernel->add_listener(charon->kernel, &this->public.listener);
|
2010-07-06 09:36:58 +00:00
|
|
|
|
|
|
|
return &this->public;
|
|
|
|
}
|