Fixed some typos; whitespace cleanup.
This commit is contained in:
parent
5293b02945
commit
484a06bce7
|
@ -144,7 +144,7 @@ struct private_peer_cfg_t {
|
|||
*/
|
||||
linked_list_t *remote_auth;
|
||||
|
||||
#ifdef ME
|
||||
#ifdef ME
|
||||
/**
|
||||
* Is this a mediation connection?
|
||||
*/
|
||||
|
@ -567,7 +567,7 @@ static bool equals(private_peer_cfg_t *this, private_peer_cfg_t *other)
|
|||
(this->virtual_ip == other->virtual_ip ||
|
||||
(this->virtual_ip && other->virtual_ip &&
|
||||
this->virtual_ip->equals(this->virtual_ip, other->virtual_ip))) &&
|
||||
(this->pool == other->pool ||
|
||||
(this->pool == other->pool ||
|
||||
(this->pool && other->pool && streq(this->pool, other->pool))) &&
|
||||
auth_cfg_equal(this, other)
|
||||
#ifdef ME
|
||||
|
@ -630,8 +630,8 @@ peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg,
|
|||
private_peer_cfg_t *this = malloc_thing(private_peer_cfg_t);
|
||||
|
||||
/* public functions */
|
||||
this->public.get_name = (char* (*) (peer_cfg_t *))get_name;
|
||||
this->public.get_ike_version = (u_int(*) (peer_cfg_t *))get_ike_version;
|
||||
this->public.get_name = (char* (*) (peer_cfg_t *))get_name;
|
||||
this->public.get_ike_version = (u_int(*) (peer_cfg_t *))get_ike_version;
|
||||
this->public.get_ike_cfg = (ike_cfg_t* (*) (peer_cfg_t *))get_ike_cfg;
|
||||
this->public.add_child_cfg = (void (*) (peer_cfg_t *, child_cfg_t*))add_child_cfg;
|
||||
this->public.remove_child_cfg = (void(*)(peer_cfg_t*, enumerator_t*))remove_child_cfg;
|
||||
|
|
|
@ -43,7 +43,7 @@ typedef struct peer_cfg_t peer_cfg_t;
|
|||
* requests when using this definition for the other peer. If
|
||||
* it is CERT_NEVER_SEND, a certreq is omitted, otherwise its
|
||||
* included.
|
||||
*
|
||||
*
|
||||
* @warning These definitions must be the same as in pluto/starter,
|
||||
* as they are sent over the stroke socket.
|
||||
*/
|
||||
|
@ -108,7 +108,7 @@ extern enum_name_t *unique_policy_names;
|
|||
* Each peer_cfg has two lists of authentication config attached. Local
|
||||
* authentication configs define how to authenticate ourself against the remote
|
||||
* peer. Each config is enforced using the multiple authentication extension
|
||||
* (RFC4739).
|
||||
* (RFC4739).
|
||||
* The remote authentication configs are handled as constraints. The peer has
|
||||
* to fullfill each of these rules (using multiple authentication, in any order)
|
||||
* to gain access to the configuration.
|
||||
|
@ -117,9 +117,9 @@ struct peer_cfg_t {
|
|||
|
||||
/**
|
||||
* Get the name of the peer_cfg.
|
||||
*
|
||||
*
|
||||
* Returned object is not getting cloned.
|
||||
*
|
||||
*
|
||||
* @return peer_cfg's name
|
||||
*/
|
||||
char* (*get_name) (peer_cfg_t *this);
|
||||
|
@ -133,14 +133,14 @@ struct peer_cfg_t {
|
|||
|
||||
/**
|
||||
* Get the IKE config to use for initiaton.
|
||||
*
|
||||
*
|
||||
* @return the IKE config to use
|
||||
*/
|
||||
ike_cfg_t* (*get_ike_cfg) (peer_cfg_t *this);
|
||||
|
||||
/**
|
||||
* Attach a CHILD config.
|
||||
*
|
||||
*
|
||||
* @param child_cfg CHILD config to add
|
||||
*/
|
||||
void (*add_child_cfg) (peer_cfg_t *this, child_cfg_t *child_cfg);
|
||||
|
@ -154,14 +154,14 @@ struct peer_cfg_t {
|
|||
|
||||
/**
|
||||
* Create an enumerator for all attached CHILD configs.
|
||||
*
|
||||
*
|
||||
* @return an enumerator over all CHILD configs.
|
||||
*/
|
||||
enumerator_t* (*create_child_cfg_enumerator) (peer_cfg_t *this);
|
||||
|
||||
/**
|
||||
* Select a CHILD config from traffic selectors.
|
||||
*
|
||||
*
|
||||
* @param my_ts TS for local side
|
||||
* @param other_ts TS for remote side
|
||||
* @param my_host host to narrow down dynamic TS for local side
|
||||
|
@ -232,14 +232,14 @@ struct peer_cfg_t {
|
|||
|
||||
/**
|
||||
* Use MOBIKE (RFC4555) if peer supports it?
|
||||
*
|
||||
*
|
||||
* @return TRUE to enable MOBIKE support
|
||||
*/
|
||||
bool (*use_mobike) (peer_cfg_t *this);
|
||||
|
||||
/**
|
||||
* Get the DPD check interval.
|
||||
*
|
||||
*
|
||||
* @return dpd_delay in seconds
|
||||
*/
|
||||
u_int32_t (*get_dpd) (peer_cfg_t *this);
|
||||
|
@ -266,26 +266,26 @@ struct peer_cfg_t {
|
|||
#ifdef ME
|
||||
/**
|
||||
* Is this a mediation connection?
|
||||
*
|
||||
*
|
||||
* @return TRUE, if this is a mediation connection
|
||||
*/
|
||||
bool (*is_mediation) (peer_cfg_t *this);
|
||||
|
||||
/**
|
||||
* Get peer_cfg of the connection this one is mediated through.
|
||||
*
|
||||
*
|
||||
* @return the peer_cfg of the mediation connection
|
||||
*/
|
||||
peer_cfg_t* (*get_mediated_by) (peer_cfg_t *this);
|
||||
|
||||
/**
|
||||
* Get the id of the other peer at the mediation server.
|
||||
*
|
||||
*
|
||||
* This is the leftid of the peer's connection with the mediation server.
|
||||
*
|
||||
*
|
||||
* If it is not configured, it is assumed to be the same as the right id
|
||||
* of this connection.
|
||||
*
|
||||
* of this connection.
|
||||
*
|
||||
* @return the id of the other peer
|
||||
*/
|
||||
identification_t* (*get_peer_id) (peer_cfg_t *this);
|
||||
|
@ -319,14 +319,14 @@ struct peer_cfg_t {
|
|||
|
||||
/**
|
||||
* Create a configuration object for IKE_AUTH and later.
|
||||
*
|
||||
*
|
||||
* name-string gets cloned, ID's not.
|
||||
* Virtual IPs are used if they are != NULL. A %any host means the virtual
|
||||
* IP should be obtained from the other peer.
|
||||
* Lifetimes are in seconds. To prevent to peers to start rekeying at the
|
||||
* same time, a jitter may be specified. Rekeying of an SA starts at
|
||||
* (rekeylifetime - random(0, jitter)).
|
||||
*
|
||||
* (rekeylifetime - random(0, jitter)).
|
||||
*
|
||||
* @param name name of the peer_cfg
|
||||
* @param ike_version which IKE version we sould use for this peer
|
||||
* @param ike_cfg IKE config to use when acting as initiator
|
||||
|
|
|
@ -92,17 +92,17 @@ struct interface_listener_t {
|
|||
|
||||
typedef struct interface_job_t interface_job_t;
|
||||
|
||||
/**
|
||||
/**
|
||||
* job for asynchronous listen operations
|
||||
*/
|
||||
struct interface_job_t {
|
||||
/**
|
||||
* job interface
|
||||
/**
|
||||
* job interface
|
||||
*/
|
||||
job_t public;
|
||||
|
||||
/**
|
||||
* associated listener
|
||||
/**
|
||||
* associated listener
|
||||
*/
|
||||
interface_listener_t listener;
|
||||
};
|
||||
|
@ -295,7 +295,7 @@ static status_t terminate_ike_execute(interface_job_t *job)
|
|||
/**
|
||||
* Implementation of controller_t.terminate_ike.
|
||||
*/
|
||||
static status_t terminate_ike(controller_t *this, u_int32_t unique_id,
|
||||
static status_t terminate_ike(controller_t *this, u_int32_t unique_id,
|
||||
controller_cb_t callback, void *param)
|
||||
{
|
||||
ike_sa_t *ike_sa;
|
||||
|
@ -357,7 +357,7 @@ static status_t terminate_child_execute(interface_job_t *job)
|
|||
/**
|
||||
* Implementation of controller_t.terminate_child.
|
||||
*/
|
||||
static status_t terminate_child(controller_t *this, u_int32_t reqid,
|
||||
static status_t terminate_child(controller_t *this, u_int32_t reqid,
|
||||
controller_cb_t callback, void *param)
|
||||
{
|
||||
ike_sa_t *ike_sa;
|
||||
|
@ -382,7 +382,7 @@ static status_t terminate_child(controller_t *this, u_int32_t reqid,
|
|||
};
|
||||
|
||||
ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
|
||||
reqid, TRUE);
|
||||
reqid, TRUE);
|
||||
if (ike_sa == NULL)
|
||||
{
|
||||
DBG1(DBG_IKE, "unable to terminate, CHILD_SA with ID %d not found",
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/*
|
||||
/*
|
||||
* Copyright (C) 2006-2009 Tobias Brunner
|
||||
* Copyright (C) 2005-2009 Martin Willi
|
||||
* Copyright (C) 2006 Daniel Roethlisberger
|
||||
|
@ -120,8 +120,8 @@ static void run(private_daemon_t *this)
|
|||
|
||||
/* handle SIGINT, SIGHUP ans SIGTERM in this handler */
|
||||
sigemptyset(&set);
|
||||
sigaddset(&set, SIGINT);
|
||||
sigaddset(&set, SIGHUP);
|
||||
sigaddset(&set, SIGINT);
|
||||
sigaddset(&set, SIGHUP);
|
||||
sigaddset(&set, SIGTERM);
|
||||
|
||||
while (TRUE)
|
||||
|
@ -251,11 +251,11 @@ static void drop_capabilities(private_daemon_t *this)
|
|||
|
||||
if (setgid(charon->gid) != 0)
|
||||
{
|
||||
kill_daemon(this, "change to unprivileged group failed");
|
||||
kill_daemon(this, "change to unprivileged group failed");
|
||||
}
|
||||
if (setuid(charon->uid) != 0)
|
||||
{
|
||||
kill_daemon(this, "change to unprivileged user failed");
|
||||
kill_daemon(this, "change to unprivileged user failed");
|
||||
}
|
||||
|
||||
#ifdef CAPABILITIES
|
||||
|
@ -279,7 +279,7 @@ static void keep_cap(private_daemon_t *this, u_int cap)
|
|||
}
|
||||
|
||||
/**
|
||||
* lookup UID and GID
|
||||
* lookup UID and GID
|
||||
*/
|
||||
static void lookup_uid_gid(private_daemon_t *this)
|
||||
{
|
||||
|
@ -491,7 +491,7 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[])
|
|||
this->public.traps = trap_manager_create();
|
||||
|
||||
/* load plugins, further infrastructure may need it */
|
||||
if (!lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR,
|
||||
if (!lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR,
|
||||
lib->settings->get_str(lib->settings, "charon.load", PLUGINS)))
|
||||
{
|
||||
return FALSE;
|
||||
|
@ -543,7 +543,7 @@ static void segv_handler(int signal)
|
|||
* Create the daemon.
|
||||
*/
|
||||
private_daemon_t *daemon_create(void)
|
||||
{
|
||||
{
|
||||
struct sigaction action;
|
||||
private_daemon_t *this = malloc_thing(private_daemon_t);
|
||||
|
||||
|
@ -607,7 +607,7 @@ private_daemon_t *daemon_create(void)
|
|||
}
|
||||
|
||||
/**
|
||||
* Check/create PID file, return TRUE if already running
|
||||
* Check/create PID file, return TRUE if already running
|
||||
*/
|
||||
static bool check_pidfile()
|
||||
{
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
*
|
||||
* @defgroup bus bus
|
||||
* @ingroup charon
|
||||
*
|
||||
*
|
||||
* @defgroup listeners listeners
|
||||
* @ingroup bus
|
||||
*
|
||||
|
@ -84,13 +84,13 @@
|
|||
* from the processor. Work is delegated to the processor by queueing jobs
|
||||
* to it.
|
||||
@verbatim
|
||||
|
||||
|
||||
+---------------------------------+ +----------------------------+
|
||||
| controller | | config |
|
||||
+---------------------------------+ +----------------------------+
|
||||
| | | ^ ^ ^
|
||||
V V V | | |
|
||||
|
||||
+---------------------------------+ +----------------------------+
|
||||
| | | ^ ^ ^
|
||||
V V V | | |
|
||||
|
||||
+----------+ +-----------+ +------+ +----------+ +----+
|
||||
| receiver | | | | | +------+ | CHILD_SA | | K |
|
||||
+---+------+ | Scheduler | | IKE- | | IKE- |--+----------+ | e |
|
||||
|
@ -100,43 +100,43 @@
|
|||
+------+---+ +-----------+ | ager | +------+ +----------+ | l |
|
||||
| | | | | | IKE- |--| CHILD_SA | | - |
|
||||
+---+------+ | Processor |---| |--| SA | +----------+ | I |
|
||||
| sender | | | | | +------+ | f |
|
||||
| sender | | | | | +------+ | f |
|
||||
+----------+ +-----------+ +------+ +----+
|
||||
|
||||
| | | | | |
|
||||
V V V V V V
|
||||
+---------------------------------+ +----------------------------+
|
||||
| Bus | | credentials |
|
||||
+---------------------------------+ +----------------------------+
|
||||
|
||||
| | | | | |
|
||||
V V V V V V
|
||||
+---------------------------------+ +----------------------------+
|
||||
| Bus | | credentials |
|
||||
+---------------------------------+ +----------------------------+
|
||||
|
||||
@endverbatim
|
||||
* The scheduler is responsible to execute timed events. Jobs may be queued to
|
||||
* the scheduler to get executed at a defined time (e.g. rekeying). The
|
||||
* The scheduler is responsible to execute timed events. Jobs may be queued to
|
||||
* the scheduler to get executed at a defined time (e.g. rekeying). The
|
||||
* scheduler does not execute the jobs itself, it queues them to the processor.
|
||||
*
|
||||
* The IKE_SA manager managers all IKE_SA. It further handles the
|
||||
*
|
||||
* The IKE_SA manager managers all IKE_SA. It further handles the
|
||||
* synchronization:
|
||||
* Each IKE_SA must be checked out strictly and checked in again after use. The
|
||||
* manager guarantees that only one thread may check out a single IKE_SA. This
|
||||
* Each IKE_SA must be checked out strictly and checked in again after use. The
|
||||
* manager guarantees that only one thread may check out a single IKE_SA. This
|
||||
* allows us to write the (complex) IKE_SAs routines non-threadsave.
|
||||
* The IKE_SA contain the state and the logic of each IKE_SA and handle the
|
||||
* The IKE_SA contain the state and the logic of each IKE_SA and handle the
|
||||
* messages.
|
||||
*
|
||||
*
|
||||
* The CHILD_SA contains state about a IPsec security association and manages
|
||||
* them. An IKE_SA may have multiple CHILD_SAs. Communication to the kernel
|
||||
* them. An IKE_SA may have multiple CHILD_SAs. Communication to the kernel
|
||||
* takes place here through the kernel interface.
|
||||
*
|
||||
*
|
||||
* The kernel interface installs IPsec security associations, policies, routes
|
||||
* and virtual addresses. It further provides methods to enumerate interfaces
|
||||
* and virtual addresses. It further provides methods to enumerate interfaces
|
||||
* and may notify the daemon about state changes at lower layers.
|
||||
*
|
||||
* The bus receives signals from the different threads and relais them to interested
|
||||
* listeners. Debugging signals, but also important state changes or error
|
||||
* messages are sent over the bus.
|
||||
* It's listeners are not only for logging, but also to track the state of an
|
||||
*
|
||||
* The bus receives signals from the different threads and relays them to
|
||||
* interested listeners. Debugging signals, but also important state changes or
|
||||
* error messages are sent over the bus.
|
||||
* Its listeners are not only for logging, but also to track the state of an
|
||||
* IKE_SA.
|
||||
*
|
||||
* The controller, credential_manager, bus and backend_manager (config) are
|
||||
* The controller, credential_manager, bus and backend_manager (config) are
|
||||
* places where a plugin ca register itself to privide information or observe
|
||||
* and control the daemon.
|
||||
*/
|
||||
|
@ -307,7 +307,7 @@ struct daemon_t {
|
|||
*/
|
||||
gid_t gid;
|
||||
|
||||
/**
|
||||
/**
|
||||
* The thread_id of main-thread.
|
||||
*/
|
||||
pthread_t main_thread_id;
|
||||
|
@ -323,7 +323,7 @@ struct daemon_t {
|
|||
|
||||
/**
|
||||
* Shut down the daemon.
|
||||
*
|
||||
*
|
||||
* @param reason describtion why it will be killed
|
||||
*/
|
||||
void (*kill) (daemon_t *this, char *reason);
|
||||
|
|
|
@ -47,7 +47,7 @@ typedef struct payload_rule_t payload_rule_t;
|
|||
|
||||
/**
|
||||
* A payload rule defines the rules for a payload
|
||||
* in a specific message rule. It defines if and how
|
||||
* in a specific message rule. It defines if and how
|
||||
* many times a payload must/can occur in a message
|
||||
* and if it must be encrypted.
|
||||
*/
|
||||
|
@ -74,7 +74,7 @@ struct payload_rule_t {
|
|||
|
||||
/**
|
||||
* If this payload occurs, the message rule is
|
||||
* fullfilled in any case. This applies e.g. to
|
||||
* fullfilled in any case. This applies e.g. to
|
||||
* notify_payloads.
|
||||
*/
|
||||
bool sufficient;
|
||||
|
@ -88,11 +88,11 @@ typedef struct payload_order_t payload_order_t;
|
|||
struct payload_order_t {
|
||||
|
||||
/**
|
||||
* payload type
|
||||
* payload type
|
||||
*/
|
||||
payload_type_t type;
|
||||
|
||||
/**
|
||||
/**
|
||||
* notify type, if payload == NOTIFY
|
||||
*/
|
||||
notify_type_t notify;
|
||||
|
@ -516,7 +516,7 @@ static message_rule_t message_rules[] = {
|
|||
(sizeof(me_connect_r_payload_order)/sizeof(payload_order_t)),
|
||||
me_connect_r_payload_order,
|
||||
},
|
||||
#endif /* ME */
|
||||
#endif /* ME */
|
||||
};
|
||||
|
||||
|
||||
|
@ -791,7 +791,7 @@ static void add_payload(private_message_t *this, payload_t *payload)
|
|||
/**
|
||||
* Implementation of message_t.add_notify.
|
||||
*/
|
||||
static void add_notify(private_message_t *this, bool flush, notify_type_t type,
|
||||
static void add_notify(private_message_t *this, bool flush, notify_type_t type,
|
||||
chunk_t data)
|
||||
{
|
||||
notify_payload_t *notify;
|
||||
|
@ -799,7 +799,7 @@ static void add_notify(private_message_t *this, bool flush, notify_type_t type,
|
|||
|
||||
if (flush)
|
||||
{
|
||||
while (this->payloads->remove_last(this->payloads,
|
||||
while (this->payloads->remove_last(this->payloads,
|
||||
(void**)&payload) == SUCCESS)
|
||||
{
|
||||
payload->destroy(payload);
|
||||
|
@ -912,7 +912,7 @@ static char* get_string(private_message_t *this, char *buf, int len)
|
|||
len--;
|
||||
|
||||
written = snprintf(pos, len, "%N %s %d [",
|
||||
exchange_type_names, this->exchange_type,
|
||||
exchange_type_names, this->exchange_type,
|
||||
this->is_request ? "request" : "response",
|
||||
this->message_id);
|
||||
if (written >= len || written < 0)
|
||||
|
@ -992,7 +992,7 @@ static void order_payloads(private_message_t *this)
|
|||
list->remove_at(list, enumerator);
|
||||
add_payload(this, payload);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
|
@ -1056,7 +1056,7 @@ static status_t encrypt_payloads(private_message_t *this,
|
|||
|
||||
status = get_payload_rule(this,
|
||||
current_payload->get_type(current_payload),&payload_rule);
|
||||
/* for payload types which are not found in supported payload list,
|
||||
/* for payload types which are not found in supported payload list,
|
||||
* it is presumed that they don't have to be encrypted */
|
||||
if ((status == SUCCESS) && (payload_rule->encrypted))
|
||||
{
|
||||
|
@ -1119,7 +1119,7 @@ static status_t generate(private_message_t *this, crypter_t *crypter,
|
|||
}
|
||||
|
||||
if (this->packet->get_source(this->packet) == NULL ||
|
||||
this->packet->get_destination(this->packet) == NULL)
|
||||
this->packet->get_destination(this->packet) == NULL)
|
||||
{
|
||||
DBG1(DBG_ENC, "%s not defined",
|
||||
!this->packet->get_source(this->packet) ? "source" : "destination");
|
||||
|
@ -1391,7 +1391,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
|
|||
}
|
||||
|
||||
/* encryption payload is processed, payloads are moved. Destroy it. */
|
||||
encryption_payload->destroy(encryption_payload);
|
||||
encryption_payload->destroy(encryption_payload);
|
||||
}
|
||||
|
||||
/* we allow unknown payloads of any type and don't bother if it was encrypted. Not our problem. */
|
||||
|
@ -1465,7 +1465,7 @@ static status_t verify(private_message_t *this)
|
|||
DBG1(DBG_ENC, "%N is not supported, but its critical!",
|
||||
payload_type_names, current_payload_type);
|
||||
enumerator->destroy(enumerator);
|
||||
return NOT_SUPPORTED;
|
||||
return NOT_SUPPORTED;
|
||||
}
|
||||
}
|
||||
else if (current_payload_type == rule->payload_type)
|
||||
|
@ -1475,7 +1475,7 @@ static status_t verify(private_message_t *this)
|
|||
DBG2(DBG_ENC, "found payload of type %N", payload_type_names,
|
||||
rule->payload_type);
|
||||
|
||||
/* as soon as ohe payload occures more then specified,
|
||||
/* as soon as ohe payload occures more then specified,
|
||||
* the verification fails */
|
||||
if (found_payloads >
|
||||
rule->max_occurence)
|
||||
|
@ -1502,7 +1502,7 @@ static status_t verify(private_message_t *this)
|
|||
this->payloads->get_count(this->payloads) == total_found_payloads)
|
||||
{
|
||||
enumerator->destroy(enumerator);
|
||||
return SUCCESS;
|
||||
return SUCCESS;
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
|
@ -1518,7 +1518,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
|
|||
payload_type_t current_payload_type;
|
||||
char str[256];
|
||||
|
||||
current_payload_type = this->first_payload;
|
||||
current_payload_type = this->first_payload;
|
||||
|
||||
DBG2(DBG_ENC, "parsing body of message, first payload is %N",
|
||||
payload_type_names, current_payload_type);
|
||||
|
@ -1528,7 +1528,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
|
|||
{
|
||||
payload_t *current_payload;
|
||||
|
||||
DBG2(DBG_ENC, "starting parsing a %N payload",
|
||||
DBG2(DBG_ENC, "starting parsing a %N payload",
|
||||
payload_type_names, current_payload_type);
|
||||
|
||||
/* parse current payload */
|
||||
|
@ -1652,7 +1652,7 @@ message_t *message_create_from_packet(packet_t *packet)
|
|||
/* private values */
|
||||
if (packet == NULL)
|
||||
{
|
||||
packet = packet_create();
|
||||
packet = packet_create();
|
||||
}
|
||||
this->message_rule = NULL;
|
||||
this->packet = packet;
|
||||
|
|
|
@ -27,7 +27,6 @@ typedef struct private_ike_header_t private_ike_header_t;
|
|||
|
||||
/**
|
||||
* Private data of an ike_header_t object.
|
||||
*
|
||||
*/
|
||||
struct private_ike_header_t {
|
||||
/**
|
||||
|
@ -56,19 +55,18 @@ struct private_ike_header_t {
|
|||
|
||||
/**
|
||||
* IKE minor version.
|
||||
*/
|
||||
*/
|
||||
u_int8_t min_version;
|
||||
|
||||
/**
|
||||
* Exchange type .
|
||||
*/
|
||||
*/
|
||||
u_int8_t exchange_type;
|
||||
|
||||
/**
|
||||
* Flags of the Message.
|
||||
*
|
||||
*/
|
||||
struct {
|
||||
struct {
|
||||
/**
|
||||
* Sender is initiator of the associated IKE_SA_INIT-Exchange.
|
||||
*/
|
||||
|
@ -93,7 +91,7 @@ struct private_ike_header_t {
|
|||
/**
|
||||
* Length of the whole IKEv2-Message (header and all payloads).
|
||||
*/
|
||||
u_int32_t length;
|
||||
u_int32_t length;
|
||||
};
|
||||
|
||||
ENUM_BEGIN(exchange_type_names, EXCHANGE_TYPE_UNDEFINED, EXCHANGE_TYPE_UNDEFINED,
|
||||
|
@ -114,9 +112,8 @@ ENUM_END(exchange_type_names, INFORMATIONAL);
|
|||
/**
|
||||
* Encoding rules to parse or generate a IKEv2-Header.
|
||||
*
|
||||
* The defined offsets are the positions in a object of type
|
||||
* The defined offsets are the positions in a object of type
|
||||
* ike_header_t.
|
||||
*
|
||||
*/
|
||||
encoding_rule_t ike_header_encodings[] = {
|
||||
/* 8 Byte SPI, stored in the field initiator_spi */
|
||||
|
@ -132,10 +129,10 @@ encoding_rule_t ike_header_encodings[] = {
|
|||
/* 8 Bit for the exchange type */
|
||||
{ U_INT_8, offsetof(private_ike_header_t, exchange_type) },
|
||||
/* 2 Bit reserved bits, nowhere stored */
|
||||
{ RESERVED_BIT, 0 },
|
||||
{ RESERVED_BIT, 0 },
|
||||
{ RESERVED_BIT, 0 },
|
||||
{ RESERVED_BIT, 0 },
|
||||
/* 3 Bit flags, stored in the fields response, version and initiator */
|
||||
{ FLAG, offsetof(private_ike_header_t, flags.response) },
|
||||
{ FLAG, offsetof(private_ike_header_t, flags.response) },
|
||||
{ FLAG, offsetof(private_ike_header_t, flags.version) },
|
||||
{ FLAG, offsetof(private_ike_header_t, flags.initiator) },
|
||||
/* 3 Bit reserved bits, nowhere stored */
|
||||
|
@ -212,7 +209,7 @@ static void set_next_type(payload_t *this,payload_type_t type)
|
|||
*/
|
||||
static u_int64_t get_initiator_spi(private_ike_header_t *this)
|
||||
{
|
||||
return this->initiator_spi;
|
||||
return this->initiator_spi;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -228,7 +225,7 @@ static void set_initiator_spi(private_ike_header_t *this, u_int64_t initiator_sp
|
|||
*/
|
||||
static u_int64_t get_responder_spi(private_ike_header_t *this)
|
||||
{
|
||||
return this->responder_spi;
|
||||
return this->responder_spi;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -244,7 +241,7 @@ static void set_responder_spi(private_ike_header_t *this, u_int64_t responder_sp
|
|||
*/
|
||||
static u_int8_t get_maj_version(private_ike_header_t *this)
|
||||
{
|
||||
return this->maj_version;
|
||||
return this->maj_version;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -252,7 +249,7 @@ static u_int8_t get_maj_version(private_ike_header_t *this)
|
|||
*/
|
||||
static u_int8_t get_min_version(private_ike_header_t *this)
|
||||
{
|
||||
return this->min_version;
|
||||
return this->min_version;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -260,7 +257,7 @@ static u_int8_t get_min_version(private_ike_header_t *this)
|
|||
*/
|
||||
static bool get_response_flag(private_ike_header_t *this)
|
||||
{
|
||||
return this->flags.response;
|
||||
return this->flags.response;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -268,7 +265,7 @@ static bool get_response_flag(private_ike_header_t *this)
|
|||
*/
|
||||
static void set_response_flag(private_ike_header_t *this, bool response)
|
||||
{
|
||||
this->flags.response = response;
|
||||
this->flags.response = response;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -276,7 +273,7 @@ static void set_response_flag(private_ike_header_t *this, bool response)
|
|||
*/
|
||||
static bool get_version_flag(private_ike_header_t *this)
|
||||
{
|
||||
return this->flags.version;
|
||||
return this->flags.version;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -284,7 +281,7 @@ static bool get_version_flag(private_ike_header_t *this)
|
|||
*/
|
||||
static bool get_initiator_flag(private_ike_header_t *this)
|
||||
{
|
||||
return this->flags.initiator;
|
||||
return this->flags.initiator;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -292,7 +289,7 @@ static bool get_initiator_flag(private_ike_header_t *this)
|
|||
*/
|
||||
static void set_initiator_flag(private_ike_header_t *this, bool initiator)
|
||||
{
|
||||
this->flags.initiator = initiator;
|
||||
this->flags.initiator = initiator;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -300,7 +297,7 @@ static void set_initiator_flag(private_ike_header_t *this, bool initiator)
|
|||
*/
|
||||
static u_int8_t get_exchange_type(private_ike_header_t *this)
|
||||
{
|
||||
return this->exchange_type;
|
||||
return this->exchange_type;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -308,7 +305,7 @@ static u_int8_t get_exchange_type(private_ike_header_t *this)
|
|||
*/
|
||||
static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type)
|
||||
{
|
||||
this->exchange_type = exchange_type;
|
||||
this->exchange_type = exchange_type;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -317,7 +314,7 @@ static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type
|
|||
*/
|
||||
static u_int32_t get_message_id(private_ike_header_t *this)
|
||||
{
|
||||
return this->message_id;
|
||||
return this->message_id;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -94,11 +94,11 @@ enum exchange_type_t{
|
|||
extern enum_name_t *exchange_type_names;
|
||||
|
||||
/**
|
||||
* An object of this type represents an IKEv2 header and is used to
|
||||
* An object of this type represents an IKEv2 header and is used to
|
||||
* generate and parse IKEv2 headers.
|
||||
*
|
||||
* The header format of an IKEv2-Message is compatible to the
|
||||
* ISAKMP-Header format to allow implementations supporting
|
||||
*
|
||||
* The header format of an IKEv2-Message is compatible to the
|
||||
* ISAKMP-Header format to allow implementations supporting
|
||||
* both versions of the IKE-protocol.
|
||||
*/
|
||||
struct ike_header_t {
|
||||
|
@ -160,7 +160,6 @@ struct ike_header_t {
|
|||
* Set the response flag-
|
||||
*
|
||||
* @param response response flag
|
||||
*
|
||||
*/
|
||||
void (*set_response_flag) (ike_header_t *this, bool response);
|
||||
/**
|
||||
|
@ -220,7 +219,7 @@ struct ike_header_t {
|
|||
|
||||
/**
|
||||
* Create an ike_header_t object
|
||||
*
|
||||
*
|
||||
* @return ike_header_t object
|
||||
*/
|
||||
ike_header_t *ike_header_create(void);
|
||||
|
|
|
@ -33,7 +33,7 @@ typedef struct payload_t payload_t;
|
|||
/**
|
||||
* Payload-Types of a IKEv2-Message.
|
||||
*
|
||||
* Header and substructures are also defined as
|
||||
* Header and substructures are also defined as
|
||||
* payload types with values from PRIVATE USE space.
|
||||
*/
|
||||
enum payload_type_t{
|
||||
|
@ -126,63 +126,63 @@ enum payload_type_t{
|
|||
#ifdef ME
|
||||
/**
|
||||
* Identification payload for peers has a value from
|
||||
* the PRIVATE USE space.
|
||||
* the PRIVATE USE space.
|
||||
*/
|
||||
ID_PEER = 128,
|
||||
#endif /* ME */
|
||||
|
||||
/**
|
||||
* Header has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle IKEv2-Header like a payload.
|
||||
*/
|
||||
HEADER = 140,
|
||||
|
||||
/**
|
||||
* PROPOSAL_SUBSTRUCTURE has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle a proposal substructure like a payload.
|
||||
*/
|
||||
PROPOSAL_SUBSTRUCTURE = 141,
|
||||
|
||||
/**
|
||||
* TRANSFORM_SUBSTRUCTURE has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle a transform substructure like a payload.
|
||||
*/
|
||||
TRANSFORM_SUBSTRUCTURE = 142,
|
||||
|
||||
/**
|
||||
* TRANSFORM_ATTRIBUTE has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle a transform attribute like a payload.
|
||||
*/
|
||||
TRANSFORM_ATTRIBUTE = 143,
|
||||
|
||||
/**
|
||||
* TRAFFIC_SELECTOR_SUBSTRUCTURE has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle a transform selector like a payload.
|
||||
*/
|
||||
*/
|
||||
TRAFFIC_SELECTOR_SUBSTRUCTURE = 144,
|
||||
|
||||
/**
|
||||
* CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle a transform attribute like a payload.
|
||||
*/
|
||||
CONFIGURATION_ATTRIBUTE = 145,
|
||||
|
||||
/**
|
||||
* A unknown payload has a value of PRIVATE USE space.
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
*
|
||||
* This payload type is not sent over wire and just
|
||||
* used internally to handle a unknown payload.
|
||||
*/
|
||||
UNKNOWN_PAYLOAD = 146,
|
||||
|
@ -201,7 +201,7 @@ extern enum_name_t *payload_type_short_names;
|
|||
|
||||
/**
|
||||
* Generic interface for all payload types (incl.header and substructures).
|
||||
*
|
||||
*
|
||||
* To handle all kinds of payloads on a generic way, this interface must
|
||||
* be implemented by every payload. This allows parser_t/generator_t a simple
|
||||
* handling of all payloads.
|
||||
|
@ -259,11 +259,11 @@ struct payload_t {
|
|||
|
||||
/**
|
||||
* Create an empty payload.
|
||||
*
|
||||
*
|
||||
* Useful for the parser, who wants a generic constructor for all payloads.
|
||||
* It supports all payload_t methods. If a payload type is not known,
|
||||
* It supports all payload_t methods. If a payload type is not known,
|
||||
* an unknwon_paylod is created with the chunk of data in it.
|
||||
*
|
||||
*
|
||||
* @param type type of the payload to create
|
||||
* @return payload_t object
|
||||
*/
|
||||
|
|
|
@ -236,7 +236,7 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
|
|||
msg->add_conn.me.address,
|
||||
msg->add_conn.other.address);
|
||||
add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL);
|
||||
return ike_cfg;
|
||||
return ike_cfg;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -380,7 +380,7 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
|
|||
{
|
||||
this->ca->check_for_hash_and_url(this->ca, certificate);
|
||||
}
|
||||
cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate);
|
||||
cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate);
|
||||
if (identity->get_type(identity) == ID_ANY ||
|
||||
!certificate->has_subject(certificate, identity))
|
||||
{
|
||||
|
@ -533,8 +533,8 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
|
|||
#ifdef ME
|
||||
if (msg->add_conn.ikeme.mediation && msg->add_conn.ikeme.mediated_by)
|
||||
{
|
||||
DBG1(DBG_CFG, "a mediation connection cannot be a"
|
||||
" mediated connection at the same time, aborting");
|
||||
DBG1(DBG_CFG, "a mediation connection cannot be a mediated connection "
|
||||
"at the same time, aborting");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -547,19 +547,18 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
|
|||
if (msg->add_conn.ikeme.mediated_by)
|
||||
{
|
||||
mediated_by = charon->backends->get_peer_cfg_by_name(charon->backends,
|
||||
msg->add_conn.ikeme.mediated_by);
|
||||
msg->add_conn.ikeme.mediated_by);
|
||||
if (!mediated_by)
|
||||
{
|
||||
DBG1(DBG_CFG, "mediation connection '%s' not found, aborting",
|
||||
msg->add_conn.ikeme.mediated_by);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (!mediated_by->is_mediation(mediated_by))
|
||||
{
|
||||
DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is"
|
||||
"no mediation connection, aborting",
|
||||
msg->add_conn.ikeme.mediated_by, msg->add_conn.name);
|
||||
DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is "
|
||||
"no mediation connection, aborting",
|
||||
msg->add_conn.ikeme.mediated_by, msg->add_conn.name);
|
||||
mediated_by->destroy(mediated_by);
|
||||
return NULL;
|
||||
}
|
||||
|
@ -583,7 +582,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
|
|||
else
|
||||
{
|
||||
rekey = msg->add_conn.rekey.ike_lifetime - over;
|
||||
}
|
||||
}
|
||||
if (msg->add_conn.me.sourceip_size)
|
||||
{
|
||||
if (msg->add_conn.me.sourceip)
|
||||
|
@ -639,7 +638,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
|
|||
* uses to serve pool addresses. */
|
||||
peer_cfg = peer_cfg_create(msg->add_conn.name,
|
||||
msg->add_conn.ikev2 ? 2 : 1, ike_cfg,
|
||||
msg->add_conn.me.sendcert, unique,
|
||||
msg->add_conn.me.sendcert, unique,
|
||||
msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
|
||||
msg->add_conn.mobike, msg->add_conn.dpd.delay,
|
||||
vip, msg->add_conn.other.sourceip_size ?
|
||||
|
|
|
@ -52,7 +52,7 @@ static void execute(private_process_message_job_t *this)
|
|||
ike_sa_t *ike_sa;
|
||||
|
||||
#ifdef ME
|
||||
/* if this is an unencrypted INFORMATIONAL exchange it is likely a
|
||||
/* if this is an unencrypted INFORMATIONAL exchange it is likely a
|
||||
* connectivity check. */
|
||||
if (this->message->get_exchange_type(this->message) == INFORMATIONAL &&
|
||||
this->message->get_first_payload_type(this->message) != ENCRYPTED)
|
||||
|
|
|
@ -148,7 +148,7 @@ struct private_ike_sa_t {
|
|||
*/
|
||||
chunk_t connect_id;
|
||||
#endif /* ME */
|
||||
|
||||
|
||||
/**
|
||||
* Identification used for us
|
||||
*/
|
||||
|
@ -637,7 +637,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
|
|||
/* schedule rekeying if we have a time which is smaller than
|
||||
* an already scheduled rekeying */
|
||||
t = this->peer_cfg->get_rekey_time(this->peer_cfg);
|
||||
if (t && (this->stats[STAT_REKEY] == 0 ||
|
||||
if (t && (this->stats[STAT_REKEY] == 0 ||
|
||||
(this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED])))
|
||||
{
|
||||
this->stats[STAT_REKEY] = t + this->stats[STAT_ESTABLISHED];
|
||||
|
@ -646,7 +646,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
|
|||
DBG1(DBG_IKE, "scheduling rekeying in %ds", t);
|
||||
}
|
||||
t = this->peer_cfg->get_reauth_time(this->peer_cfg);
|
||||
if (t && (this->stats[STAT_REAUTH] == 0 ||
|
||||
if (t && (this->stats[STAT_REAUTH] == 0 ||
|
||||
(this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED])))
|
||||
{
|
||||
this->stats[STAT_REAUTH] = t + this->stats[STAT_ESTABLISHED];
|
||||
|
@ -686,7 +686,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
|
|||
{
|
||||
/* delete may fail if a packet gets lost, so set a timeout */
|
||||
job_t *job = (job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE);
|
||||
charon->scheduler->schedule_job(charon->scheduler, job,
|
||||
charon->scheduler->schedule_job(charon->scheduler, job,
|
||||
HALF_OPEN_IKE_SA_TIMEOUT);
|
||||
break;
|
||||
}
|
||||
|
@ -988,7 +988,7 @@ static chunk_t get_connect_id(private_ike_sa_t *this)
|
|||
* Implementation of ike_sa_t.respond
|
||||
*/
|
||||
static status_t respond(private_ike_sa_t *this, identification_t *peer_id,
|
||||
chunk_t connect_id)
|
||||
chunk_t connect_id)
|
||||
{
|
||||
ike_me_t *task = ike_me_create(&this->public, TRUE);
|
||||
task->respond(task, peer_id, connect_id);
|
||||
|
@ -1011,7 +1011,8 @@ static status_t callback(private_ike_sa_t *this, identification_t *peer_id)
|
|||
* Implementation of ike_sa_t.relay
|
||||
*/
|
||||
static status_t relay(private_ike_sa_t *this, identification_t *requester,
|
||||
chunk_t connect_id, chunk_t connect_key, linked_list_t *endpoints, bool response)
|
||||
chunk_t connect_id, chunk_t connect_key,
|
||||
linked_list_t *endpoints, bool response)
|
||||
{
|
||||
ike_me_t *task = ike_me_create(&this->public, TRUE);
|
||||
task->relay(task, requester, connect_id, connect_key, endpoints, response);
|
||||
|
@ -1022,7 +1023,8 @@ static status_t relay(private_ike_sa_t *this, identification_t *requester,
|
|||
/**
|
||||
* Implementation of ike_sa_t.initiate_mediation
|
||||
*/
|
||||
static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_cfg)
|
||||
static status_t initiate_mediation(private_ike_sa_t *this,
|
||||
peer_cfg_t *mediated_cfg)
|
||||
{
|
||||
ike_me_t *task = ike_me_create(&this->public, TRUE);
|
||||
task->connect(task, mediated_cfg->get_peer_id(mediated_cfg));
|
||||
|
@ -1033,14 +1035,13 @@ static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_
|
|||
/**
|
||||
* Implementation of ike_sa_t.initiate_mediated
|
||||
*/
|
||||
static status_t initiate_mediated(private_ike_sa_t *this, host_t *me, host_t *other,
|
||||
chunk_t connect_id)
|
||||
static status_t initiate_mediated(private_ike_sa_t *this, host_t *me,
|
||||
host_t *other, chunk_t connect_id)
|
||||
{
|
||||
set_my_host(this, me->clone(me));
|
||||
set_other_host(this, other->clone(other));
|
||||
chunk_free(&this->connect_id);
|
||||
this->connect_id = chunk_clone(connect_id);
|
||||
|
||||
return this->task_manager->initiate(this->task_manager);
|
||||
}
|
||||
#endif /* ME */
|
||||
|
@ -1158,8 +1159,8 @@ static status_t initiate(private_ike_sa_t *this,
|
|||
{
|
||||
if (this->state == IKE_ESTABLISHED)
|
||||
{
|
||||
/* mediation connection is already established, retrigger state change
|
||||
* to notify bus listeners */
|
||||
/* mediation connection is already established, retrigger state
|
||||
* change to notify bus listeners */
|
||||
DBG1(DBG_IKE, "mediation connection is already up");
|
||||
set_state(this, IKE_ESTABLISHED);
|
||||
}
|
||||
|
@ -1509,7 +1510,7 @@ static status_t reauth(private_ike_sa_t *this)
|
|||
if (this->other_virtual_ip != NULL ||
|
||||
has_condition(this, COND_EAP_AUTHENTICATED)
|
||||
#ifdef ME
|
||||
/* if we are mediation server we too cannot reauth the IKE_SA */
|
||||
/* as mediation server we too cannot reauth the IKE_SA */
|
||||
|| this->is_mediation_server
|
||||
#endif /* ME */
|
||||
)
|
||||
|
@ -1545,7 +1546,7 @@ static status_t reestablish(private_ike_sa_t *this)
|
|||
bool required = FALSE;
|
||||
status_t status = FAILED;
|
||||
|
||||
/* check if we have children to keep up at all*/
|
||||
/* check if we have children to keep up at all */
|
||||
iterator = create_child_sa_iterator(this);
|
||||
while (iterator->iterate(iterator, (void**)&child_sa))
|
||||
{
|
||||
|
@ -1569,7 +1570,7 @@ static status_t reestablish(private_ike_sa_t *this)
|
|||
}
|
||||
iterator->destroy(iterator);
|
||||
#ifdef ME
|
||||
/* we initiate the new IKE_SA of the mediation connection without CHILD_SA */
|
||||
/* mediation connections have no children, keep them up anyway */
|
||||
if (this->peer_cfg->is_mediation(this->peer_cfg))
|
||||
{
|
||||
required = TRUE;
|
||||
|
@ -1720,7 +1721,7 @@ static void set_auth_lifetime(private_ike_sa_t *this, u_int32_t lifetime)
|
|||
(job_t*)rekey_ike_sa_job_create(this->ike_sa_id, TRUE));
|
||||
}
|
||||
else if (this->stats[STAT_REAUTH] == 0 ||
|
||||
this->stats[STAT_REAUTH] > reauth_time)
|
||||
this->stats[STAT_REAUTH] > reauth_time)
|
||||
{
|
||||
this->stats[STAT_REAUTH] = reauth_time;
|
||||
DBG1(DBG_IKE, "received AUTH_LIFETIME of %ds, scheduling reauthentication"
|
||||
|
@ -1886,7 +1887,7 @@ static status_t inherit(private_ike_sa_t *this, private_ike_sa_t *other)
|
|||
}
|
||||
|
||||
/* ... and configuration attributes */
|
||||
while (other->attributes->remove_last(other->attributes,
|
||||
while (other->attributes->remove_last(other->attributes,
|
||||
(void**)&entry) == SUCCESS)
|
||||
{
|
||||
this->attributes->insert_first(this->attributes, entry);
|
||||
|
@ -1932,9 +1933,9 @@ static status_t inherit(private_ike_sa_t *this, private_ike_sa_t *other)
|
|||
this->stats[STAT_DELETE] = this->stats[STAT_REAUTH] + delete;
|
||||
DBG1(DBG_IKE, "rescheduling reauthentication in %ds after rekeying, "
|
||||
"lifetime reduced to %ds", reauth, delete);
|
||||
charon->scheduler->schedule_job(charon->scheduler,
|
||||
charon->scheduler->schedule_job(charon->scheduler,
|
||||
(job_t*)rekey_ike_sa_job_create(this->ike_sa_id, TRUE), reauth);
|
||||
charon->scheduler->schedule_job(charon->scheduler,
|
||||
charon->scheduler->schedule_job(charon->scheduler,
|
||||
(job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE), delete);
|
||||
}
|
||||
/* we have to initate here, there may be new tasks to handle */
|
||||
|
@ -1953,7 +1954,7 @@ static void destroy(private_ike_sa_t *this)
|
|||
set_state(this, IKE_DESTROYING);
|
||||
|
||||
/* remove attributes first, as we pass the IKE_SA to the handler */
|
||||
while (this->attributes->remove_last(this->attributes,
|
||||
while (this->attributes->remove_last(this->attributes,
|
||||
(void**)&entry) == SUCCESS)
|
||||
{
|
||||
charon->attributes->release(charon->attributes, entry->handler,
|
||||
|
@ -1992,7 +1993,8 @@ static void destroy(private_ike_sa_t *this)
|
|||
#ifdef ME
|
||||
if (this->is_mediation_server)
|
||||
{
|
||||
charon->mediation_manager->remove(charon->mediation_manager, this->ike_sa_id);
|
||||
charon->mediation_manager->remove(charon->mediation_manager,
|
||||
this->ike_sa_id);
|
||||
}
|
||||
DESTROY_IF(this->server_reflexive_host);
|
||||
chunk_free(&this->connect_id);
|
||||
|
|
|
@ -164,7 +164,7 @@ enum statistic_t {
|
|||
¦ SA_CREATED ¦
|
||||
+----------------+
|
||||
¦
|
||||
on initiate()---> ¦ <----- on IKE_SA_INIT received
|
||||
on initiate()---> ¦ <----- on IKE_SA_INIT received
|
||||
V
|
||||
+----------------+
|
||||
¦ SA_CONNECTING ¦
|
||||
|
@ -246,7 +246,7 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Get the id of the SA.
|
||||
*
|
||||
*
|
||||
* Returned ike_sa_id_t object is not getting cloned!
|
||||
*
|
||||
* @return ike_sa's ike_sa_id_t
|
||||
|
@ -291,28 +291,28 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Get the own host address.
|
||||
*
|
||||
*
|
||||
* @return host address
|
||||
*/
|
||||
host_t* (*get_my_host) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the own host address.
|
||||
*
|
||||
*
|
||||
* @param me host address
|
||||
*/
|
||||
void (*set_my_host) (ike_sa_t *this, host_t *me);
|
||||
|
||||
/**
|
||||
* Get the other peers host address.
|
||||
*
|
||||
*
|
||||
* @return host address
|
||||
*/
|
||||
host_t* (*get_other_host) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the others host address.
|
||||
*
|
||||
*
|
||||
* @param other host address
|
||||
*/
|
||||
void (*set_other_host) (ike_sa_t *this, host_t *other);
|
||||
|
@ -329,28 +329,28 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Get the own identification.
|
||||
*
|
||||
*
|
||||
* @return identification
|
||||
*/
|
||||
identification_t* (*get_my_id) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the own identification.
|
||||
*
|
||||
*
|
||||
* @param me identification
|
||||
*/
|
||||
void (*set_my_id) (ike_sa_t *this, identification_t *me);
|
||||
|
||||
/**
|
||||
* Get the other peer's identification.
|
||||
*
|
||||
*
|
||||
* @return identification
|
||||
*/
|
||||
identification_t* (*get_other_id) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the other peer's identification.
|
||||
*
|
||||
*
|
||||
* @param other identification
|
||||
*/
|
||||
void (*set_other_id) (ike_sa_t *this, identification_t *other);
|
||||
|
@ -359,42 +359,42 @@ struct ike_sa_t {
|
|||
* Get the peers EAP identity.
|
||||
*
|
||||
* The EAP identity is exchanged in a EAP-Identity exchange.
|
||||
*
|
||||
*
|
||||
* @return identification, NULL if none set
|
||||
*/
|
||||
identification_t* (*get_eap_identity) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the peer's EAP identity.
|
||||
*
|
||||
*
|
||||
* @param id identification
|
||||
*/
|
||||
void (*set_eap_identity) (ike_sa_t *this, identification_t *id);
|
||||
|
||||
/**
|
||||
* Get the config used to setup this IKE_SA.
|
||||
*
|
||||
*
|
||||
* @return ike_config
|
||||
*/
|
||||
ike_cfg_t* (*get_ike_cfg) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the config to setup this IKE_SA.
|
||||
*
|
||||
*
|
||||
* @param config ike_config to use
|
||||
*/
|
||||
void (*set_ike_cfg) (ike_sa_t *this, ike_cfg_t* config);
|
||||
|
||||
/**
|
||||
* Get the peer config used by this IKE_SA.
|
||||
*
|
||||
*
|
||||
* @return peer_config
|
||||
*/
|
||||
peer_cfg_t* (*get_peer_cfg) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the peer config to use with this IKE_SA.
|
||||
*
|
||||
*
|
||||
* @param config peer_config to use
|
||||
*/
|
||||
void (*set_peer_cfg) (ike_sa_t *this, peer_cfg_t *config);
|
||||
|
@ -515,91 +515,93 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Get the server reflexive host.
|
||||
*
|
||||
*
|
||||
* @return server reflexive host
|
||||
*/
|
||||
host_t* (*get_server_reflexive_host) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Set the server reflexive host.
|
||||
*
|
||||
*
|
||||
* @param host server reflexive host
|
||||
*/
|
||||
void (*set_server_reflexive_host) (ike_sa_t *this, host_t *host);
|
||||
|
||||
/**
|
||||
* Get the connect ID.
|
||||
*
|
||||
*
|
||||
* @return connect ID
|
||||
*/
|
||||
chunk_t (*get_connect_id) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* Initiate the mediation of a mediated connection (i.e. initiate a
|
||||
* ME_CONNECT exchange).
|
||||
*
|
||||
* @param mediated_cfg peer_cfg of the mediated connection
|
||||
* @return
|
||||
* - SUCCESS if initialization started
|
||||
* - DESTROY_ME if initialization failed
|
||||
* ME_CONNECT exchange to a mediation server).
|
||||
*
|
||||
* @param mediated_cfg peer_cfg of the mediated connection
|
||||
* @return
|
||||
* - SUCCESS if initialization started
|
||||
* - DESTROY_ME if initialization failed
|
||||
*/
|
||||
status_t (*initiate_mediation) (ike_sa_t *this, peer_cfg_t *mediated_cfg);
|
||||
|
||||
/**
|
||||
* Initiate the mediated connection
|
||||
*
|
||||
* @param me local endpoint (gets cloned)
|
||||
* @param other remote endpoint (gets cloned)
|
||||
* @param connect_id connect ID (gets cloned)
|
||||
* @return
|
||||
* - SUCCESS if initialization started
|
||||
* - DESTROY_ME if initialization failed
|
||||
*
|
||||
* @param me local endpoint (gets cloned)
|
||||
* @param other remote endpoint (gets cloned)
|
||||
* @param connect_id connect ID (gets cloned)
|
||||
* @return
|
||||
* - SUCCESS if initialization started
|
||||
* - DESTROY_ME if initialization failed
|
||||
*/
|
||||
status_t (*initiate_mediated) (ike_sa_t *this, host_t *me, host_t *other,
|
||||
chunk_t connect_id);
|
||||
chunk_t connect_id);
|
||||
|
||||
/**
|
||||
* Relay data from one peer to another (i.e. initiate a
|
||||
* ME_CONNECT exchange).
|
||||
* Relay data from one peer to another (i.e. initiate a ME_CONNECT exchange
|
||||
* to a peer).
|
||||
*
|
||||
* Data is cloned.
|
||||
*
|
||||
* @param requester ID of the requesting peer
|
||||
* @param connect_id data of the ME_CONNECTID payload
|
||||
* @param connect_key data of the ME_CONNECTKEY payload
|
||||
* @param endpoints endpoints
|
||||
* @param response TRUE if this is a response
|
||||
* @return
|
||||
* - SUCCESS if relay started
|
||||
* - DESTROY_ME if relay failed
|
||||
*
|
||||
* @param requester ID of the requesting peer
|
||||
* @param connect_id data of the ME_CONNECTID payload
|
||||
* @param connect_key data of the ME_CONNECTKEY payload
|
||||
* @param endpoints endpoints
|
||||
* @param response TRUE if this is a response
|
||||
* @return
|
||||
* - SUCCESS if relay started
|
||||
* - DESTROY_ME if relay failed
|
||||
*/
|
||||
status_t (*relay) (ike_sa_t *this, identification_t *requester, chunk_t connect_id,
|
||||
chunk_t connect_key, linked_list_t *endpoints, bool response);
|
||||
status_t (*relay) (ike_sa_t *this, identification_t *requester,
|
||||
chunk_t connect_id, chunk_t connect_key,
|
||||
linked_list_t *endpoints, bool response);
|
||||
|
||||
/**
|
||||
* Send a callback to a peer.
|
||||
*
|
||||
*
|
||||
* Data is cloned.
|
||||
*
|
||||
* @param peer_id ID of the other peer
|
||||
*
|
||||
* @param peer_id ID of the other peer
|
||||
* @return
|
||||
* - SUCCESS if response started
|
||||
* - DESTROY_ME if response failed
|
||||
* - SUCCESS if response started
|
||||
* - DESTROY_ME if response failed
|
||||
*/
|
||||
status_t (*callback) (ike_sa_t *this, identification_t *peer_id);
|
||||
|
||||
/**
|
||||
* Respond to a ME_CONNECT request.
|
||||
*
|
||||
*
|
||||
* Data is cloned.
|
||||
*
|
||||
* @param peer_id ID of the other peer
|
||||
* @param connect_id the connect ID supplied by the initiator
|
||||
*
|
||||
* @param peer_id ID of the other peer
|
||||
* @param connect_id the connect ID supplied by the initiator
|
||||
* @return
|
||||
* - SUCCESS if response started
|
||||
* - DESTROY_ME if response failed
|
||||
* - SUCCESS if response started
|
||||
* - DESTROY_ME if response failed
|
||||
*/
|
||||
status_t (*respond) (ike_sa_t *this, identification_t *peer_id, chunk_t connect_id);
|
||||
status_t (*respond) (ike_sa_t *this, identification_t *peer_id,
|
||||
chunk_t connect_id);
|
||||
#endif /* ME */
|
||||
|
||||
/**
|
||||
|
@ -608,12 +610,12 @@ struct ike_sa_t {
|
|||
* The configs are owned by the IKE_SA after the call. If the initiate
|
||||
* is triggered by a packet, traffic selectors of the packet can be added
|
||||
* to the CHILD_SA.
|
||||
*
|
||||
*
|
||||
* @param child_cfg child config to create CHILD from
|
||||
* @param reqid reqid to use for CHILD_SA, 0 assigne uniquely
|
||||
* @param tsi source of triggering packet
|
||||
* @param tsr destination of triggering packet.
|
||||
* @return
|
||||
* @return
|
||||
* - SUCCESS if initialization started
|
||||
* - DESTROY_ME if initialization failed
|
||||
*/
|
||||
|
@ -623,14 +625,14 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Initiates the deletion of an IKE_SA.
|
||||
*
|
||||
*
|
||||
* Sends a delete message to the remote peer and waits for
|
||||
* its response. If the response comes in, or a timeout occurs,
|
||||
* the IKE SA gets deleted.
|
||||
*
|
||||
*
|
||||
* @return
|
||||
* - SUCCESS if deletion is initialized
|
||||
* - DESTROY_ME, if the IKE_SA is not in
|
||||
* - DESTROY_ME, if the IKE_SA is not in
|
||||
* an established state and can not be
|
||||
* deleted (but destroyed).
|
||||
*/
|
||||
|
@ -653,12 +655,12 @@ struct ike_sa_t {
|
|||
/**
|
||||
* Processes a incoming IKEv2-Message.
|
||||
*
|
||||
* Message processing may fail. If a critical failure occurs,
|
||||
* process_message() return DESTROY_ME. Then the caller must
|
||||
* Message processing may fail. If a critical failure occurs,
|
||||
* process_message() return DESTROY_ME. Then the caller must
|
||||
* destroy the IKE_SA immediatly, as it is unusable.
|
||||
*
|
||||
*
|
||||
* @param message message to process
|
||||
* @return
|
||||
* @return
|
||||
* - SUCCESS
|
||||
* - FAILED
|
||||
* - DESTROY_ME if this IKE_SA MUST be deleted
|
||||
|
@ -667,13 +669,13 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Generate a IKE message to send it to the peer.
|
||||
*
|
||||
*
|
||||
* This method generates all payloads in the message and encrypts/signs
|
||||
* the packet.
|
||||
*
|
||||
*
|
||||
* @param message message to generate
|
||||
* @param packet generated output packet
|
||||
* @return
|
||||
* @return
|
||||
* - SUCCESS
|
||||
* - FAILED
|
||||
* - DESTROY_ME if this IKE_SA MUST be deleted
|
||||
|
@ -683,7 +685,7 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Retransmits a request.
|
||||
*
|
||||
*
|
||||
* @param message_id ID of the request to retransmit
|
||||
* @return
|
||||
* - SUCCESS
|
||||
|
@ -697,7 +699,7 @@ struct ike_sa_t {
|
|||
* To check if a peer is still alive, periodic
|
||||
* empty INFORMATIONAL messages are sent if no
|
||||
* other traffic was received.
|
||||
*
|
||||
*
|
||||
* @return
|
||||
* - SUCCESS
|
||||
* - DESTROY_ME, if peer did not respond
|
||||
|
@ -723,25 +725,25 @@ struct ike_sa_t {
|
|||
|
||||
/**
|
||||
* Associates a child SA to this IKE SA
|
||||
*
|
||||
*
|
||||
* @param child_sa child_sa to add
|
||||
*/
|
||||
void (*add_child_sa) (ike_sa_t *this, child_sa_t *child_sa);
|
||||
|
||||
/**
|
||||
* Get a CHILD_SA identified by protocol and SPI.
|
||||
*
|
||||
*
|
||||
* @param protocol protocol of the SA
|
||||
* @param spi SPI of the CHILD_SA
|
||||
* @param inbound TRUE if SPI is inbound, FALSE if outbound
|
||||
* @return child_sa, or NULL if none found
|
||||
*/
|
||||
child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol,
|
||||
child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol,
|
||||
u_int32_t spi, bool inbound);
|
||||
|
||||
/**
|
||||
* Create an iterator over all CHILD_SAs.
|
||||
*
|
||||
*
|
||||
* @return iterator
|
||||
*/
|
||||
iterator_t* (*create_child_sa_iterator) (ike_sa_t *this);
|
||||
|
|
|
@ -133,7 +133,7 @@ struct private_task_manager_t {
|
|||
linked_list_t *passive_tasks;
|
||||
|
||||
/**
|
||||
* the task manager has been reset
|
||||
* the task manager has been reset
|
||||
*/
|
||||
bool reset;
|
||||
};
|
||||
|
@ -143,7 +143,7 @@ struct private_task_manager_t {
|
|||
*/
|
||||
static void flush(private_task_manager_t *this)
|
||||
{
|
||||
this->queued_tasks->destroy_offset(this->queued_tasks,
|
||||
this->queued_tasks->destroy_offset(this->queued_tasks,
|
||||
offsetof(task_t, destroy));
|
||||
this->passive_tasks->destroy_offset(this->passive_tasks,
|
||||
offsetof(task_t, destroy));
|
||||
|
@ -521,7 +521,7 @@ static status_t process_response(private_task_manager_t *this,
|
|||
this->reset = FALSE;
|
||||
iterator->destroy(iterator);
|
||||
return build_request(this);
|
||||
}
|
||||
}
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
|
||||
|
@ -688,7 +688,7 @@ static status_t process_request(private_task_manager_t *this,
|
|||
this->passive_tasks->insert_last(this->passive_tasks, task);
|
||||
task = (task_t*)ike_cert_pre_create(this->ike_sa, FALSE);
|
||||
this->passive_tasks->insert_last(this->passive_tasks, task);
|
||||
#ifdef ME
|
||||
#ifdef ME
|
||||
task = (task_t*)ike_me_create(this->ike_sa, FALSE);
|
||||
this->passive_tasks->insert_last(this->passive_tasks, task);
|
||||
#endif /* ME */
|
||||
|
|
|
@ -123,7 +123,7 @@ static void build_payloads(private_ike_init_t *this, message_t *message)
|
|||
{
|
||||
proposal_list = this->config->get_proposals(this->config);
|
||||
if (this->old_sa)
|
||||
{
|
||||
{
|
||||
/* include SPI of new IKE_SA when we are rekeying */
|
||||
iterator = proposal_list->create_iterator(proposal_list, TRUE);
|
||||
while (iterator->iterate(iterator, (void**)&proposal))
|
||||
|
@ -184,7 +184,7 @@ static void process_payloads(private_ike_init_t *this, message_t *message)
|
|||
proposal_list = sa_payload->get_proposals(sa_payload);
|
||||
this->proposal = this->config->select_proposal(this->config,
|
||||
proposal_list);
|
||||
proposal_list->destroy_offset(proposal_list,
|
||||
proposal_list->destroy_offset(proposal_list,
|
||||
offsetof(proposal_t, destroy));
|
||||
break;
|
||||
}
|
||||
|
@ -217,7 +217,7 @@ static void process_payloads(private_ike_init_t *this, message_t *message)
|
|||
vendor_id_payload_t *vendor_id = (vendor_id_payload_t*)payload;
|
||||
chunk_t vid = vendor_id->get_data(vendor_id);
|
||||
|
||||
DBG1(DBG_ENC, "received vendor id: %#B", &vid);
|
||||
DBG1(DBG_ENC, "received vendor id: %#B", &vid);
|
||||
}
|
||||
default:
|
||||
break;
|
||||
|
@ -296,7 +296,7 @@ static status_t build_i(private_ike_init_t *this, message_t *message)
|
|||
* Implementation of task_t.process for responder
|
||||
*/
|
||||
static status_t process_r(private_ike_init_t *this, message_t *message)
|
||||
{
|
||||
{
|
||||
rng_t *rng;
|
||||
|
||||
this->config = this->ike_sa->get_ike_cfg(this->ike_sa);
|
||||
|
@ -513,7 +513,7 @@ static status_t process_i(private_ike_init_t *this, message_t *message)
|
|||
DBG1(DBG_IKE, "received %N notify error",
|
||||
notify_type_names, type);
|
||||
enumerator->destroy(enumerator);
|
||||
return FAILED;
|
||||
return FAILED;
|
||||
}
|
||||
DBG2(DBG_IKE, "received %N notify",
|
||||
notify_type_names, type);
|
||||
|
|
|
@ -137,7 +137,7 @@ static notify_payload_t *build_natd_payload(private_ike_natd_t *this,
|
|||
notify_type_t type, host_t *host)
|
||||
{
|
||||
chunk_t hash;
|
||||
notify_payload_t *notify;
|
||||
notify_payload_t *notify;
|
||||
ike_sa_id_t *ike_sa_id;
|
||||
ike_cfg_t *config;
|
||||
|
||||
|
@ -245,12 +245,12 @@ static void process_payloads(private_ike_natd_t *this, message_t *message)
|
|||
this->ike_sa->set_condition(this->ike_sa, COND_NAT_HERE,
|
||||
!this->dst_matched);
|
||||
this->ike_sa->set_condition(this->ike_sa, COND_NAT_THERE,
|
||||
!this->src_matched);
|
||||
!this->src_matched);
|
||||
config = this->ike_sa->get_ike_cfg(this->ike_sa);
|
||||
if (this->dst_matched && this->src_matched &&
|
||||
config->force_encap(config))
|
||||
{
|
||||
this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE);
|
||||
this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -278,7 +278,7 @@ static status_t process_i(private_ike_natd_t *this, message_t *message)
|
|||
|
||||
if (this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY) ||
|
||||
#ifdef ME
|
||||
/* if we are on a mediation connection we swith to port 4500 even
|
||||
/* if we are on a mediation connection we switch to port 4500 even
|
||||
* if no NAT is detected. */
|
||||
peer_cfg->is_mediation(peer_cfg) ||
|
||||
#endif /* ME */
|
||||
|
@ -406,7 +406,7 @@ static status_t build_r(private_ike_natd_t *this, message_t *message)
|
|||
* Implementation of task_t.process for responder
|
||||
*/
|
||||
static status_t process_r(private_ike_natd_t *this, message_t *message)
|
||||
{
|
||||
{
|
||||
process_payloads(this, message);
|
||||
|
||||
return NEED_MORE;
|
||||
|
|
|
@ -70,7 +70,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
|
|||
iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
|
||||
if (iterator->get_count(iterator) == 0
|
||||
#ifdef ME
|
||||
/* we allow a peer to reauth a mediation connection (without CHILD_SA) */
|
||||
/* we allow peers to reauth mediation connections (without children) */
|
||||
&& !peer_cfg->is_mediation(peer_cfg)
|
||||
#endif /* ME */
|
||||
)
|
||||
|
|
|
@ -79,7 +79,7 @@ extern enum_name_t *task_type_names;
|
|||
*
|
||||
* A task is an elemantary operation. It may be handled by a single or by
|
||||
* multiple exchanges. An exchange may even complete multiple tasks.
|
||||
* A task has a build() and an process() operation. The build() operation
|
||||
* A task has a build() and an process() operation. The build() operation
|
||||
* creates payloads and adds it to the message. The process() operation
|
||||
* inspects a message and handles its payloads. An initiator of an exchange
|
||||
* first calls build() to build the request, and processes the response message
|
||||
|
@ -97,7 +97,7 @@ struct task_t {
|
|||
|
||||
/**
|
||||
* Build a request or response message for this task.
|
||||
*
|
||||
*
|
||||
* @param message message to add payloads to
|
||||
* @return
|
||||
* - FAILED if a critical error occured
|
||||
|
@ -109,7 +109,7 @@ struct task_t {
|
|||
|
||||
/**
|
||||
* Process a request or response message for this task.
|
||||
*
|
||||
*
|
||||
* @param message message to read payloads from
|
||||
* @return
|
||||
* - FAILED if a critical error occured
|
||||
|
|
Loading…
Reference in New Issue