message: fragment() generates message and fragments and caches them
This commit is contained in:
parent
e0b35142c1
commit
2e7a2c06a1
|
@ -877,6 +877,11 @@ struct private_message_t {
|
|||
*/
|
||||
packet_t *packet;
|
||||
|
||||
/**
|
||||
* Array of generated fragments (if any), as packet_t*.
|
||||
*/
|
||||
array_t *fragments;
|
||||
|
||||
/**
|
||||
* Linked List where payload data are stored in.
|
||||
*/
|
||||
|
@ -1051,6 +1056,12 @@ METHOD(message_t, is_encoded, bool,
|
|||
return this->packet->get_data(this->packet).ptr != NULL;
|
||||
}
|
||||
|
||||
METHOD(message_t, is_fragmented, bool,
|
||||
private_message_t *this)
|
||||
{
|
||||
return array_count(this->fragments) > 0;
|
||||
}
|
||||
|
||||
METHOD(message_t, add_payload, void,
|
||||
private_message_t *this, payload_t *payload)
|
||||
{
|
||||
|
@ -1341,6 +1352,8 @@ static void order_payloads(private_message_t *this)
|
|||
payload_t *payload;
|
||||
int i;
|
||||
|
||||
DBG2(DBG_ENC, "order payloads in message");
|
||||
|
||||
/* move to temp list */
|
||||
list = linked_list_create();
|
||||
while (this->payloads->remove_last(this->payloads,
|
||||
|
@ -1669,6 +1682,7 @@ static message_t *clone_message(private_message_t *this)
|
|||
dst = this->packet->get_destination(this->packet);
|
||||
|
||||
message = message_create(this->major_version, this->minor_version);
|
||||
message->set_ike_sa_id(message, this->ike_sa_id);
|
||||
message->set_message_id(message, this->message_id);
|
||||
message->set_request(message, this->is_request);
|
||||
message->set_source(message, src->clone(src));
|
||||
|
@ -1685,36 +1699,64 @@ static message_t *create_fragment(private_message_t *this, u_int8_t num,
|
|||
{
|
||||
fragment_payload_t *fragment;
|
||||
message_t *message;
|
||||
peer_cfg_t *peer_cfg;
|
||||
ike_sa_t *ike_sa;
|
||||
|
||||
fragment = fragment_payload_create_from_data(num, last, data);
|
||||
message = clone_message(this);
|
||||
/* other implementations seem to just use 0 as message ID, so here we go */
|
||||
message->set_message_id(message, 0);
|
||||
/* always use the initial message type for fragments, even for quick mode
|
||||
* or transaction messages. */
|
||||
ike_sa = charon->bus->get_sa(charon->bus);
|
||||
if (ike_sa && (peer_cfg = ike_sa->get_peer_cfg(ike_sa)) &&
|
||||
peer_cfg->use_aggressive(peer_cfg))
|
||||
{
|
||||
message->set_exchange_type(message, AGGRESSIVE);
|
||||
}
|
||||
else
|
||||
{
|
||||
message->set_exchange_type(message, ID_PROT);
|
||||
}
|
||||
message->add_payload(message, (payload_t*)fragment);
|
||||
return message;
|
||||
}
|
||||
|
||||
/**
|
||||
* Destroy all messages in the given array
|
||||
* Destroy all fragments
|
||||
*/
|
||||
CALLBACK(destroy_fragments, void,
|
||||
array_t *fragments)
|
||||
static void clear_fragments(private_message_t *this)
|
||||
{
|
||||
array_destroy_offset(fragments, offsetof(message_t, destroy));
|
||||
array_destroy_offset(this->fragments, offsetof(packet_t, destroy));
|
||||
this->fragments = NULL;
|
||||
}
|
||||
|
||||
METHOD(message_t, fragment, status_t,
|
||||
private_message_t *this, size_t frag_len, enumerator_t **fragments)
|
||||
private_message_t *this, keymat_t *keymat, size_t frag_len,
|
||||
enumerator_t **fragments)
|
||||
{
|
||||
array_t *messages;
|
||||
message_t *fragment;
|
||||
packet_t *packet;
|
||||
u_int8_t num, count;
|
||||
host_t *src, *dst;
|
||||
chunk_t data;
|
||||
status_t status;
|
||||
size_t len;
|
||||
|
||||
if (!is_encoded(this) || this->major_version == IKEV2_MAJOR_VERSION)
|
||||
if (this->major_version == IKEV2_MAJOR_VERSION)
|
||||
{
|
||||
return INVALID_STATE;
|
||||
}
|
||||
clear_fragments(this);
|
||||
|
||||
if (!is_encoded(this))
|
||||
{
|
||||
status = generate(this, keymat, NULL);
|
||||
if (status != SUCCESS)
|
||||
{
|
||||
return status;
|
||||
}
|
||||
}
|
||||
|
||||
src = this->packet->get_source(this->packet);
|
||||
dst = this->packet->get_destination(this->packet);
|
||||
|
@ -1736,13 +1778,14 @@ METHOD(message_t, fragment, status_t,
|
|||
data = this->packet->get_data(this->packet);
|
||||
if (data.len <= frag_len)
|
||||
{
|
||||
return ALREADY_DONE;
|
||||
*fragments = enumerator_create_single(this->packet, NULL);
|
||||
return SUCCESS;
|
||||
}
|
||||
/* overhead for the fragmentation payload header */
|
||||
frag_len -= 8;
|
||||
|
||||
count = data.len / frag_len + (data.len % frag_len ? 1 : 0);
|
||||
messages = array_create(0, count);
|
||||
this->fragments = array_create(0, count);
|
||||
DBG2(DBG_ENC, "splitting IKE message with length of %zu bytes into "
|
||||
"%hhu fragments", data.len, count);
|
||||
for (num = 1; num <= count; num++)
|
||||
|
@ -1750,34 +1793,39 @@ METHOD(message_t, fragment, status_t,
|
|||
len = min(data.len, frag_len);
|
||||
fragment = create_fragment(this, num, num == count,
|
||||
chunk_create(data.ptr, len));
|
||||
array_insert(messages, ARRAY_TAIL, fragment);
|
||||
status = fragment->generate(fragment, keymat, &packet);
|
||||
fragment->destroy(fragment);
|
||||
if (status != SUCCESS)
|
||||
{
|
||||
DBG1(DBG_ENC, "failed to generate IKE fragment");
|
||||
clear_fragments(this);
|
||||
return FAILED;
|
||||
}
|
||||
array_insert(this->fragments, ARRAY_TAIL, packet);
|
||||
data = chunk_skip(data, len);
|
||||
}
|
||||
*fragments = enumerator_create_cleaner(array_create_enumerator(messages),
|
||||
destroy_fragments, messages);
|
||||
*fragments = array_create_enumerator(this->fragments);
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
METHOD(message_t, get_packet, packet_t*,
|
||||
private_message_t *this)
|
||||
{
|
||||
if (this->packet == NULL)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
return this->packet->clone(this->packet);
|
||||
}
|
||||
|
||||
METHOD(message_t, get_packet_data, chunk_t,
|
||||
private_message_t *this)
|
||||
{
|
||||
if (this->packet == NULL)
|
||||
{
|
||||
return chunk_empty;
|
||||
}
|
||||
return this->packet->get_data(this->packet);
|
||||
}
|
||||
|
||||
METHOD(message_t, get_fragments, enumerator_t*,
|
||||
private_message_t *this)
|
||||
{
|
||||
return array_create_enumerator(this->fragments);
|
||||
}
|
||||
|
||||
METHOD(message_t, parse_header, status_t,
|
||||
private_message_t *this)
|
||||
{
|
||||
|
@ -2264,6 +2312,7 @@ METHOD(message_t, destroy, void,
|
|||
{
|
||||
DESTROY_IF(this->ike_sa_id);
|
||||
this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
|
||||
array_destroy_offset(this->fragments, offsetof(packet_t, destroy));
|
||||
this->packet->destroy(this->packet);
|
||||
this->parser->destroy(this->parser);
|
||||
free(this);
|
||||
|
@ -2301,6 +2350,7 @@ message_t *message_create_from_packet(packet_t *packet)
|
|||
.disable_sort = _disable_sort,
|
||||
.generate = _generate,
|
||||
.is_encoded = _is_encoded,
|
||||
.is_fragmented = _is_fragmented,
|
||||
.fragment = _fragment,
|
||||
.set_source = _set_source,
|
||||
.get_source = _get_source,
|
||||
|
@ -2314,6 +2364,7 @@ message_t *message_create_from_packet(packet_t *packet)
|
|||
.parse_body = _parse_body,
|
||||
.get_packet = _get_packet,
|
||||
.get_packet_data = _get_packet_data,
|
||||
.get_fragments = _get_fragments,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
.exchange_type = EXCHANGE_TYPE_UNDEFINED,
|
||||
|
|
|
@ -265,24 +265,37 @@ struct message_t {
|
|||
bool (*is_encoded)(message_t *this);
|
||||
|
||||
/**
|
||||
* Split the (generated) message into fragments of the given size (total IP
|
||||
* Generates the message split into fragments of the given size (total IP
|
||||
* datagram length).
|
||||
*
|
||||
* @note Only supported for IKEv1 at the moment.
|
||||
*
|
||||
* @param keymat keymat to encrypt/sign message(s)
|
||||
* @param frag_len fragment length (maximum total IP datagram length), 0
|
||||
* for default value depending on address family
|
||||
* @param fragments receives an enumerator with message_t* (not generated),
|
||||
* @param fragments receives an enumerator with generated packet_t*,
|
||||
* which are owned by the enumerator
|
||||
* @return
|
||||
* - SUCCESS if message could be fragmented
|
||||
* - ALREADY_DONE if message does not need to be fragmented
|
||||
* - INVALID_STATE if message was not generated or is IKEv2
|
||||
* - INVALID_STATE if message is IKEv2
|
||||
* - FAILED if fragmentation failed
|
||||
* - and the possible return values of generate()
|
||||
*/
|
||||
status_t (*fragment)(message_t *this, size_t frag_len,
|
||||
status_t (*fragment)(message_t *this, keymat_t *keymat, size_t frag_len,
|
||||
enumerator_t **fragments);
|
||||
|
||||
/**
|
||||
* Check if the message has been encoded and fragmented using fragment(),
|
||||
* and whether there actually resulted fragments (if not is_encoded() will
|
||||
* be TRUE).
|
||||
*
|
||||
* The packets of individual fragments can be retrieved with
|
||||
* get_fragments().
|
||||
*
|
||||
* @return TRUE if message has been encoded and fragmented
|
||||
*/
|
||||
bool (*is_fragmented)(message_t *this);
|
||||
|
||||
/**
|
||||
* Gets the source host informations.
|
||||
*
|
||||
|
@ -356,11 +369,11 @@ struct message_t {
|
|||
notify_payload_t* (*get_notify)(message_t *this, notify_type_t type);
|
||||
|
||||
/**
|
||||
* Returns a clone of the internal stored packet_t object.
|
||||
* Returns a clone of the internally stored packet_t object.
|
||||
*
|
||||
* @return packet_t object as clone of internal one
|
||||
*/
|
||||
packet_t * (*get_packet) (message_t *this);
|
||||
packet_t *(*get_packet) (message_t *this);
|
||||
|
||||
/**
|
||||
* Returns a chunk pointing to internal packet_t data.
|
||||
|
@ -369,6 +382,13 @@ struct message_t {
|
|||
*/
|
||||
chunk_t (*get_packet_data) (message_t *this);
|
||||
|
||||
/**
|
||||
* Returns internally stored packet_t* objects for each fragment.
|
||||
*
|
||||
* @return enumerator internal packet_t* objects
|
||||
*/
|
||||
enumerator_t *(*get_fragments)(message_t *this);
|
||||
|
||||
/**
|
||||
* Destroys a message and all including objects.
|
||||
*/
|
||||
|
|
|
@ -401,16 +401,9 @@ static bool generate_message(private_task_manager_t *this, message_t *message,
|
|||
bool use_frags = FALSE, result = TRUE;
|
||||
ike_cfg_t *ike_cfg;
|
||||
enumerator_t *fragments;
|
||||
message_t *fragment;
|
||||
packet_t *packet;
|
||||
status_t status;
|
||||
|
||||
if (this->ike_sa->generate_message(this->ike_sa, message,
|
||||
&packet) != SUCCESS)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
|
||||
if (ike_cfg)
|
||||
{
|
||||
|
@ -430,37 +423,24 @@ static bool generate_message(private_task_manager_t *this, message_t *message,
|
|||
|
||||
if (!use_frags)
|
||||
{
|
||||
array_insert_create(packets, ARRAY_TAIL, packet);
|
||||
return TRUE;
|
||||
}
|
||||
/* other implementations seem to just use 0 as message ID, so here we go */
|
||||
message->set_message_id(message, 0);
|
||||
/* always use the initial message type for fragments */
|
||||
message->set_exchange_type(message, this->frag.exchange);
|
||||
status = message->fragment(message, this->frag.size, &fragments);
|
||||
if (status == ALREADY_DONE)
|
||||
{
|
||||
array_insert_create(packets, ARRAY_TAIL, packet);
|
||||
return TRUE;
|
||||
}
|
||||
else if (status != SUCCESS)
|
||||
{
|
||||
packet->destroy(packet);
|
||||
return FALSE;
|
||||
}
|
||||
packet->destroy(packet);
|
||||
|
||||
while (fragments->enumerate(fragments, &fragment))
|
||||
{
|
||||
status = this->ike_sa->generate_message(this->ike_sa, fragment,
|
||||
&packet);
|
||||
if (status != SUCCESS)
|
||||
if (this->ike_sa->generate_message(this->ike_sa, message,
|
||||
&packet) != SUCCESS)
|
||||
{
|
||||
DBG1(DBG_IKE, "failed to generate IKE fragment");
|
||||
result = FALSE;
|
||||
break;
|
||||
return FALSE;
|
||||
}
|
||||
array_insert_create(packets, ARRAY_TAIL, packet);
|
||||
return TRUE;
|
||||
}
|
||||
message->set_ike_sa_id(message, this->ike_sa->get_id(this->ike_sa));
|
||||
status = message->fragment(message, this->ike_sa->get_keymat(this->ike_sa),
|
||||
this->frag.size, &fragments);
|
||||
if (status != SUCCESS)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
while (fragments->enumerate(fragments, &packet))
|
||||
{
|
||||
array_insert_create(packets, ARRAY_TAIL, packet->clone(packet));
|
||||
}
|
||||
fragments->destroy(fragments);
|
||||
return result;
|
||||
|
|
Loading…
Reference in New Issue