ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

Fixed some typos; whitespace cleanup.

This commit is contained in:
Tobias Brunner 2009-09-02 17:26:36 +02:00
parent 5293b02945
commit 484a06bce7
18 changed files with 266 additions and 267 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/charon/config/peer_cfg.c
View File

@ -144,7 +144,7 @@ struct private_peer_cfg_t {
*/
linked_list_t *remote_auth;
#ifdef ME
#ifdef ME
/**
* Is this a mediation connection?
*/
@ -567,7 +567,7 @@ static bool equals(private_peer_cfg_t *this, private_peer_cfg_t *other)
(this->virtual_ip == other->virtual_ip ||
(this->virtual_ip && other->virtual_ip &&
this->virtual_ip->equals(this->virtual_ip, other->virtual_ip))) &&
(this->pool == other->pool ||
(this->pool == other->pool ||
(this->pool && other->pool && streq(this->pool, other->pool))) &&
auth_cfg_equal(this, other)
#ifdef ME
@ -630,8 +630,8 @@ peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg,
private_peer_cfg_t *this = malloc_thing(private_peer_cfg_t);
/* public functions */
this->public.get_name = (char* (*) (peer_cfg_t *))get_name;
this->public.get_ike_version = (u_int(*) (peer_cfg_t *))get_ike_version;
this->public.get_name = (char* (*) (peer_cfg_t *))get_name;
this->public.get_ike_version = (u_int(*) (peer_cfg_t *))get_ike_version;
this->public.get_ike_cfg = (ike_cfg_t* (*) (peer_cfg_t *))get_ike_cfg;
this->public.add_child_cfg = (void (*) (peer_cfg_t *, child_cfg_t*))add_child_cfg;
this->public.remove_child_cfg = (void(*)(peer_cfg_t*, enumerator_t*))remove_child_cfg;

38
src/charon/config/peer_cfg.h
View File

@ -43,7 +43,7 @@ typedef struct peer_cfg_t peer_cfg_t;
* requests when using this definition for the other peer. If
* it is CERT_NEVER_SEND, a certreq is omitted, otherwise its
* included.
*
*
* @warning These definitions must be the same as in pluto/starter,
* as they are sent over the stroke socket.
*/
@ -108,7 +108,7 @@ extern enum_name_t *unique_policy_names;
* Each peer_cfg has two lists of authentication config attached. Local
* authentication configs define how to authenticate ourself against the remote
* peer. Each config is enforced using the multiple authentication extension
* (RFC4739).
* (RFC4739).
* The remote authentication configs are handled as constraints. The peer has
* to fullfill each of these rules (using multiple authentication, in any order)
* to gain access to the configuration.
@ -117,9 +117,9 @@ struct peer_cfg_t {
/**
* Get the name of the peer_cfg.
*
*
* Returned object is not getting cloned.
*
*
* @return peer_cfg's name
*/
char* (*get_name) (peer_cfg_t *this);
@ -133,14 +133,14 @@ struct peer_cfg_t {
/**
* Get the IKE config to use for initiaton.
*
*
* @return the IKE config to use
*/
ike_cfg_t* (*get_ike_cfg) (peer_cfg_t *this);
/**
* Attach a CHILD config.
*
*
* @param child_cfg CHILD config to add
*/
void (*add_child_cfg) (peer_cfg_t *this, child_cfg_t *child_cfg);
@ -154,14 +154,14 @@ struct peer_cfg_t {
/**
* Create an enumerator for all attached CHILD configs.
*
*
* @return an enumerator over all CHILD configs.
*/
enumerator_t* (*create_child_cfg_enumerator) (peer_cfg_t *this);
/**
* Select a CHILD config from traffic selectors.
*
*
* @param my_ts TS for local side
* @param other_ts TS for remote side
* @param my_host host to narrow down dynamic TS for local side
@ -232,14 +232,14 @@ struct peer_cfg_t {
/**
* Use MOBIKE (RFC4555) if peer supports it?
*
*
* @return TRUE to enable MOBIKE support
*/
bool (*use_mobike) (peer_cfg_t *this);
/**
* Get the DPD check interval.
*
*
* @return dpd_delay in seconds
*/
u_int32_t (*get_dpd) (peer_cfg_t *this);
@ -266,26 +266,26 @@ struct peer_cfg_t {
#ifdef ME
/**
* Is this a mediation connection?
*
*
* @return TRUE, if this is a mediation connection
*/
bool (*is_mediation) (peer_cfg_t *this);
/**
* Get peer_cfg of the connection this one is mediated through.
*
*
* @return the peer_cfg of the mediation connection
*/
peer_cfg_t* (*get_mediated_by) (peer_cfg_t *this);
/**
* Get the id of the other peer at the mediation server.
*
*
* This is the leftid of the peer's connection with the mediation server.
*
*
* If it is not configured, it is assumed to be the same as the right id
* of this connection.
*
* of this connection.
*
* @return the id of the other peer
*/
identification_t* (*get_peer_id) (peer_cfg_t *this);
@ -319,14 +319,14 @@ struct peer_cfg_t {
/**
* Create a configuration object for IKE_AUTH and later.
*
*
* name-string gets cloned, ID's not.
* Virtual IPs are used if they are != NULL. A %any host means the virtual
* IP should be obtained from the other peer.
* Lifetimes are in seconds. To prevent to peers to start rekeying at the
* same time, a jitter may be specified. Rekeying of an SA starts at
* (rekeylifetime - random(0, jitter)).
*
* (rekeylifetime - random(0, jitter)).
*
* @param name name of the peer_cfg
* @param ike_version which IKE version we sould use for this peer
* @param ike_cfg IKE config to use when acting as initiator

16
src/charon/control/controller.c
View File

@ -92,17 +92,17 @@ struct interface_listener_t {
typedef struct interface_job_t interface_job_t;
/**
/**
* job for asynchronous listen operations
*/
struct interface_job_t {
/**
* job interface
/**
* job interface
*/
job_t public;
/**
* associated listener
/**
* associated listener
*/
interface_listener_t listener;
};
@ -295,7 +295,7 @@ static status_t terminate_ike_execute(interface_job_t *job)
/**
* Implementation of controller_t.terminate_ike.
*/
static status_t terminate_ike(controller_t *this, u_int32_t unique_id,
static status_t terminate_ike(controller_t *this, u_int32_t unique_id,
controller_cb_t callback, void *param)
{
ike_sa_t *ike_sa;
@ -357,7 +357,7 @@ static status_t terminate_child_execute(interface_job_t *job)
/**
* Implementation of controller_t.terminate_child.
*/
static status_t terminate_child(controller_t *this, u_int32_t reqid,
static status_t terminate_child(controller_t *this, u_int32_t reqid,
controller_cb_t callback, void *param)
{
ike_sa_t *ike_sa;
@ -382,7 +382,7 @@ static status_t terminate_child(controller_t *this, u_int32_t reqid,
};
ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
reqid, TRUE);
reqid, TRUE);
if (ike_sa == NULL)
{
DBG1(DBG_IKE, "unable to terminate, CHILD_SA with ID %d not found",

18
src/charon/daemon.c
View File

@ -1,4 +1,4 @@
/*
/*
* Copyright (C) 2006-2009 Tobias Brunner
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2006 Daniel Roethlisberger
@ -120,8 +120,8 @@ static void run(private_daemon_t *this)
/* handle SIGINT, SIGHUP ans SIGTERM in this handler */
sigemptyset(&set);
sigaddset(&set, SIGINT);
sigaddset(&set, SIGHUP);
sigaddset(&set, SIGINT);
sigaddset(&set, SIGHUP);
sigaddset(&set, SIGTERM);
while (TRUE)
@ -251,11 +251,11 @@ static void drop_capabilities(private_daemon_t *this)
if (setgid(charon->gid) != 0)
{
kill_daemon(this, "change to unprivileged group failed");
kill_daemon(this, "change to unprivileged group failed");
}
if (setuid(charon->uid) != 0)
{
kill_daemon(this, "change to unprivileged user failed");
kill_daemon(this, "change to unprivileged user failed");
}
#ifdef CAPABILITIES
@ -279,7 +279,7 @@ static void keep_cap(private_daemon_t *this, u_int cap)
}
/**
* lookup UID and GID
* lookup UID and GID
*/
static void lookup_uid_gid(private_daemon_t *this)
{
@ -491,7 +491,7 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[])
this->public.traps = trap_manager_create();
/* load plugins, further infrastructure may need it */
if (!lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR,
if (!lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR,
lib->settings->get_str(lib->settings, "charon.load", PLUGINS)))
{
return FALSE;
@ -543,7 +543,7 @@ static void segv_handler(int signal)
* Create the daemon.
*/
private_daemon_t *daemon_create(void)
{
{
struct sigaction action;
private_daemon_t *this = malloc_thing(private_daemon_t);
@ -607,7 +607,7 @@ private_daemon_t *daemon_create(void)
}
/**
* Check/create PID file, return TRUE if already running
* Check/create PID file, return TRUE if already running
*/
static bool check_pidfile()
{

64
src/charon/daemon.h
View File

@ -21,7 +21,7 @@
*
* @defgroup bus bus
* @ingroup charon
*
*
* @defgroup listeners listeners
* @ingroup bus
*
@ -84,13 +84,13 @@
* from the processor. Work is delegated to the processor by queueing jobs
* to it.
@verbatim
+---------------------------------+ +----------------------------+
| controller | | config |
+---------------------------------+ +----------------------------+
| | | ^ ^ ^
V V V | | |
+---------------------------------+ +----------------------------+
| | | ^ ^ ^
V V V | | |
+----------+ +-----------+ +------+ +----------+ +----+
| receiver | | | | | +------+ | CHILD_SA | | K |
+---+------+ | Scheduler | | IKE- | | IKE- |--+----------+ | e |
@ -100,43 +100,43 @@
+------+---+ +-----------+ | ager | +------+ +----------+ | l |
| | | | | | IKE- |--| CHILD_SA | | - |
+---+------+ | Processor |---| |--| SA | +----------+ | I |
| sender | | | | | +------+ | f |
| sender | | | | | +------+ | f |
+----------+ +-----------+ +------+ +----+
| | | | | |
V V V V V V
+---------------------------------+ +----------------------------+
| Bus | | credentials |
+---------------------------------+ +----------------------------+
| | | | | |
V V V V V V
+---------------------------------+ +----------------------------+
| Bus | | credentials |
+---------------------------------+ +----------------------------+
@endverbatim
* The scheduler is responsible to execute timed events. Jobs may be queued to
* the scheduler to get executed at a defined time (e.g. rekeying). The
* The scheduler is responsible to execute timed events. Jobs may be queued to
* the scheduler to get executed at a defined time (e.g. rekeying). The
* scheduler does not execute the jobs itself, it queues them to the processor.
*
* The IKE_SA manager managers all IKE_SA. It further handles the
*
* The IKE_SA manager managers all IKE_SA. It further handles the
* synchronization:
* Each IKE_SA must be checked out strictly and checked in again after use. The
* manager guarantees that only one thread may check out a single IKE_SA. This
* Each IKE_SA must be checked out strictly and checked in again after use. The
* manager guarantees that only one thread may check out a single IKE_SA. This
* allows us to write the (complex) IKE_SAs routines non-threadsave.
* The IKE_SA contain the state and the logic of each IKE_SA and handle the
* The IKE_SA contain the state and the logic of each IKE_SA and handle the
* messages.
*
*
* The CHILD_SA contains state about a IPsec security association and manages
* them. An IKE_SA may have multiple CHILD_SAs. Communication to the kernel
* them. An IKE_SA may have multiple CHILD_SAs. Communication to the kernel
* takes place here through the kernel interface.
*
*
* The kernel interface installs IPsec security associations, policies, routes
* and virtual addresses. It further provides methods to enumerate interfaces
* and virtual addresses. It further provides methods to enumerate interfaces
* and may notify the daemon about state changes at lower layers.
*
* The bus receives signals from the different threads and relais them to interested
* listeners. Debugging signals, but also important state changes or error
* messages are sent over the bus.
* It's listeners are not only for logging, but also to track the state of an
*
* The bus receives signals from the different threads and relays them to
* interested listeners. Debugging signals, but also important state changes or
* error messages are sent over the bus.
* Its listeners are not only for logging, but also to track the state of an
* IKE_SA.
*
* The controller, credential_manager, bus and backend_manager (config) are
* The controller, credential_manager, bus and backend_manager (config) are
* places where a plugin ca register itself to privide information or observe
* and control the daemon.
*/
@ -307,7 +307,7 @@ struct daemon_t {
*/
gid_t gid;
/**
/**
* The thread_id of main-thread.
*/
pthread_t main_thread_id;
@ -323,7 +323,7 @@ struct daemon_t {
/**
* Shut down the daemon.
*
*
* @param reason describtion why it will be killed
*/
void (*kill) (daemon_t *this, char *reason);

36
src/charon/encoding/message.c
View File

@ -47,7 +47,7 @@ typedef struct payload_rule_t payload_rule_t;
/**
* A payload rule defines the rules for a payload
* in a specific message rule. It defines if and how
* in a specific message rule. It defines if and how
* many times a payload must/can occur in a message
* and if it must be encrypted.
*/
@ -74,7 +74,7 @@ struct payload_rule_t {
/**
* If this payload occurs, the message rule is
* fullfilled in any case. This applies e.g. to
* fullfilled in any case. This applies e.g. to
* notify_payloads.
*/
bool sufficient;
@ -88,11 +88,11 @@ typedef struct payload_order_t payload_order_t;
struct payload_order_t {
/**
* payload type
* payload type
*/
payload_type_t type;
/**
/**
* notify type, if payload == NOTIFY
*/
notify_type_t notify;
@ -516,7 +516,7 @@ static message_rule_t message_rules[] = {
(sizeof(me_connect_r_payload_order)/sizeof(payload_order_t)),
me_connect_r_payload_order,
},
#endif /* ME */
#endif /* ME */
};
@ -791,7 +791,7 @@ static void add_payload(private_message_t *this, payload_t *payload)
/**
* Implementation of message_t.add_notify.
*/
static void add_notify(private_message_t *this, bool flush, notify_type_t type,
static void add_notify(private_message_t *this, bool flush, notify_type_t type,
chunk_t data)
{
notify_payload_t *notify;
@ -799,7 +799,7 @@ static void add_notify(private_message_t *this, bool flush, notify_type_t type,
if (flush)
{
while (this->payloads->remove_last(this->payloads,
while (this->payloads->remove_last(this->payloads,
(void**)&payload) == SUCCESS)
{
payload->destroy(payload);
@ -912,7 +912,7 @@ static char* get_string(private_message_t *this, char *buf, int len)
len--;
written = snprintf(pos, len, "%N %s %d [",
exchange_type_names, this->exchange_type,
exchange_type_names, this->exchange_type,
this->is_request ? "request" : "response",
this->message_id);
if (written >= len || written < 0)
@ -992,7 +992,7 @@ static void order_payloads(private_message_t *this)
list->remove_at(list, enumerator);
add_payload(this, payload);
}
}
}
}
enumerator->destroy(enumerator);
}
@ -1056,7 +1056,7 @@ static status_t encrypt_payloads(private_message_t *this,
status = get_payload_rule(this,
current_payload->get_type(current_payload),&payload_rule);
/* for payload types which are not found in supported payload list,
/* for payload types which are not found in supported payload list,
* it is presumed that they don't have to be encrypted */
if ((status == SUCCESS) && (payload_rule->encrypted))
{
@ -1119,7 +1119,7 @@ static status_t generate(private_message_t *this, crypter_t *crypter,
}
if (this->packet->get_source(this->packet) == NULL ||
this->packet->get_destination(this->packet) == NULL)
this->packet->get_destination(this->packet) == NULL)
{
DBG1(DBG_ENC, "%s not defined",
!this->packet->get_source(this->packet) ? "source" : "destination");
@ -1391,7 +1391,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
}
/* encryption payload is processed, payloads are moved. Destroy it. */
encryption_payload->destroy(encryption_payload);
encryption_payload->destroy(encryption_payload);
}
/* we allow unknown payloads of any type and don't bother if it was encrypted. Not our problem. */
@ -1465,7 +1465,7 @@ static status_t verify(private_message_t *this)
DBG1(DBG_ENC, "%N is not supported, but its critical!",
payload_type_names, current_payload_type);
enumerator->destroy(enumerator);
return NOT_SUPPORTED;
return NOT_SUPPORTED;
}
}
else if (current_payload_type == rule->payload_type)
@ -1475,7 +1475,7 @@ static status_t verify(private_message_t *this)
DBG2(DBG_ENC, "found payload of type %N", payload_type_names,
rule->payload_type);
/* as soon as ohe payload occures more then specified,
/* as soon as ohe payload occures more then specified,
* the verification fails */
if (found_payloads >
rule->max_occurence)
@ -1502,7 +1502,7 @@ static status_t verify(private_message_t *this)
this->payloads->get_count(this->payloads) == total_found_payloads)
{
enumerator->destroy(enumerator);
return SUCCESS;
return SUCCESS;
}
enumerator->destroy(enumerator);
}
@ -1518,7 +1518,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
payload_type_t current_payload_type;
char str[256];
current_payload_type = this->first_payload;
current_payload_type = this->first_payload;
DBG2(DBG_ENC, "parsing body of message, first payload is %N",
payload_type_names, current_payload_type);
@ -1528,7 +1528,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
{
payload_t *current_payload;
DBG2(DBG_ENC, "starting parsing a %N payload",
DBG2(DBG_ENC, "starting parsing a %N payload",
payload_type_names, current_payload_type);
/* parse current payload */
@ -1652,7 +1652,7 @@ message_t *message_create_from_packet(packet_t *packet)
/* private values */
if (packet == NULL)
{
packet = packet_create();
packet = packet_create();
}
this->message_rule = NULL;
this->packet = packet;

43
src/charon/encoding/payloads/ike_header.c
View File

@ -27,7 +27,6 @@ typedef struct private_ike_header_t private_ike_header_t;
/**
* Private data of an ike_header_t object.
*
*/
struct private_ike_header_t {
/**
@ -56,19 +55,18 @@ struct private_ike_header_t {
/**
* IKE minor version.
*/
*/
u_int8_t min_version;
/**
* Exchange type .
*/
*/
u_int8_t exchange_type;
/**
* Flags of the Message.
*
*/
struct {
struct {
/**
* Sender is initiator of the associated IKE_SA_INIT-Exchange.
*/
@ -93,7 +91,7 @@ struct private_ike_header_t {
/**
* Length of the whole IKEv2-Message (header and all payloads).
*/
u_int32_t length;
u_int32_t length;
};
ENUM_BEGIN(exchange_type_names, EXCHANGE_TYPE_UNDEFINED, EXCHANGE_TYPE_UNDEFINED,
@ -114,9 +112,8 @@ ENUM_END(exchange_type_names, INFORMATIONAL);
/**
* Encoding rules to parse or generate a IKEv2-Header.
*
* The defined offsets are the positions in a object of type
* The defined offsets are the positions in a object of type
* ike_header_t.
*
*/
encoding_rule_t ike_header_encodings[] = {
/* 8 Byte SPI, stored in the field initiator_spi */
@ -132,10 +129,10 @@ encoding_rule_t ike_header_encodings[] = {
/* 8 Bit for the exchange type */
{ U_INT_8, offsetof(private_ike_header_t, exchange_type) },
/* 2 Bit reserved bits, nowhere stored */
{ RESERVED_BIT, 0 },
{ RESERVED_BIT, 0 },
{ RESERVED_BIT, 0 },
{ RESERVED_BIT, 0 },
/* 3 Bit flags, stored in the fields response, version and initiator */
{ FLAG, offsetof(private_ike_header_t, flags.response) },
{ FLAG, offsetof(private_ike_header_t, flags.response) },
{ FLAG, offsetof(private_ike_header_t, flags.version) },
{ FLAG, offsetof(private_ike_header_t, flags.initiator) },
/* 3 Bit reserved bits, nowhere stored */
@ -212,7 +209,7 @@ static void set_next_type(payload_t *this,payload_type_t type)
*/
static u_int64_t get_initiator_spi(private_ike_header_t *this)
{
return this->initiator_spi;
return this->initiator_spi;
}
/**
@ -228,7 +225,7 @@ static void set_initiator_spi(private_ike_header_t *this, u_int64_t initiator_sp
*/
static u_int64_t get_responder_spi(private_ike_header_t *this)
{
return this->responder_spi;
return this->responder_spi;
}
/**
@ -244,7 +241,7 @@ static void set_responder_spi(private_ike_header_t *this, u_int64_t responder_sp
*/
static u_int8_t get_maj_version(private_ike_header_t *this)
{
return this->maj_version;
return this->maj_version;
}
/**
@ -252,7 +249,7 @@ static u_int8_t get_maj_version(private_ike_header_t *this)
*/
static u_int8_t get_min_version(private_ike_header_t *this)
{
return this->min_version;
return this->min_version;
}
/**
@ -260,7 +257,7 @@ static u_int8_t get_min_version(private_ike_header_t *this)
*/
static bool get_response_flag(private_ike_header_t *this)
{
return this->flags.response;
return this->flags.response;
}
/**
@ -268,7 +265,7 @@ static bool get_response_flag(private_ike_header_t *this)
*/
static void set_response_flag(private_ike_header_t *this, bool response)
{
this->flags.response = response;
this->flags.response = response;
}
/**
@ -276,7 +273,7 @@ static void set_response_flag(private_ike_header_t *this, bool response)
*/
static bool get_version_flag(private_ike_header_t *this)
{
return this->flags.version;
return this->flags.version;
}
/**
@ -284,7 +281,7 @@ static bool get_version_flag(private_ike_header_t *this)
*/
static bool get_initiator_flag(private_ike_header_t *this)
{
return this->flags.initiator;
return this->flags.initiator;
}
/**
@ -292,7 +289,7 @@ static bool get_initiator_flag(private_ike_header_t *this)
*/
static void set_initiator_flag(private_ike_header_t *this, bool initiator)
{
this->flags.initiator = initiator;
this->flags.initiator = initiator;
}
/**
@ -300,7 +297,7 @@ static void set_initiator_flag(private_ike_header_t *this, bool initiator)
*/
static u_int8_t get_exchange_type(private_ike_header_t *this)
{
return this->exchange_type;
return this->exchange_type;
}
/**
@ -308,7 +305,7 @@ static u_int8_t get_exchange_type(private_ike_header_t *this)
*/
static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type)
{
this->exchange_type = exchange_type;
this->exchange_type = exchange_type;
}
/**
@ -317,7 +314,7 @@ static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type
*/
static u_int32_t get_message_id(private_ike_header_t *this)
{
return this->message_id;
return this->message_id;
}
/**

11
src/charon/encoding/payloads/ike_header.h
View File

@ -94,11 +94,11 @@ enum exchange_type_t{
extern enum_name_t *exchange_type_names;
/**
* An object of this type represents an IKEv2 header and is used to
* An object of this type represents an IKEv2 header and is used to
* generate and parse IKEv2 headers.
*
* The header format of an IKEv2-Message is compatible to the
* ISAKMP-Header format to allow implementations supporting
*
* The header format of an IKEv2-Message is compatible to the
* ISAKMP-Header format to allow implementations supporting
* both versions of the IKE-protocol.
*/
struct ike_header_t {
@ -160,7 +160,6 @@ struct ike_header_t {
* Set the response flag-
*
* @param response response flag
*
*/
void (*set_response_flag) (ike_header_t *this, bool response);
/**
@ -220,7 +219,7 @@ struct ike_header_t {
/**
* Create an ike_header_t object
*
*
* @return ike_header_t object
*/
ike_header_t *ike_header_create(void);

42
src/charon/encoding/payloads/payload.h
View File

@ -33,7 +33,7 @@ typedef struct payload_t payload_t;
/**
* Payload-Types of a IKEv2-Message.
*
* Header and substructures are also defined as
* Header and substructures are also defined as
* payload types with values from PRIVATE USE space.
*/
enum payload_type_t{
@ -126,63 +126,63 @@ enum payload_type_t{
#ifdef ME
/**
* Identification payload for peers has a value from
* the PRIVATE USE space.
* the PRIVATE USE space.
*/
ID_PEER = 128,
#endif /* ME */
/**
* Header has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle IKEv2-Header like a payload.
*/
HEADER = 140,
/**
* PROPOSAL_SUBSTRUCTURE has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle a proposal substructure like a payload.
*/
PROPOSAL_SUBSTRUCTURE = 141,
/**
* TRANSFORM_SUBSTRUCTURE has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle a transform substructure like a payload.
*/
TRANSFORM_SUBSTRUCTURE = 142,
/**
* TRANSFORM_ATTRIBUTE has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle a transform attribute like a payload.
*/
TRANSFORM_ATTRIBUTE = 143,
/**
* TRAFFIC_SELECTOR_SUBSTRUCTURE has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle a transform selector like a payload.
*/
*/
TRAFFIC_SELECTOR_SUBSTRUCTURE = 144,
/**
* CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle a transform attribute like a payload.
*/
CONFIGURATION_ATTRIBUTE = 145,
/**
* A unknown payload has a value of PRIVATE USE space.
*
* This payload type is not sent over wire and just
*
* This payload type is not sent over wire and just
* used internally to handle a unknown payload.
*/
UNKNOWN_PAYLOAD = 146,
@ -201,7 +201,7 @@ extern enum_name_t *payload_type_short_names;
/**
* Generic interface for all payload types (incl.header and substructures).
*
*
* To handle all kinds of payloads on a generic way, this interface must
* be implemented by every payload. This allows parser_t/generator_t a simple
* handling of all payloads.
@ -259,11 +259,11 @@ struct payload_t {
/**
* Create an empty payload.
*
*
* Useful for the parser, who wants a generic constructor for all payloads.
* It supports all payload_t methods. If a payload type is not known,
* It supports all payload_t methods. If a payload type is not known,
* an unknwon_paylod is created with the chunk of data in it.
*
*
* @param type type of the payload to create
* @return payload_t object
*/

21
src/charon/plugins/stroke/stroke_config.c
View File

@ -236,7 +236,7 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
msg->add_conn.me.address,
msg->add_conn.other.address);
add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL);
return ike_cfg;
return ike_cfg;
}
/**
@ -380,7 +380,7 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
{
this->ca->check_for_hash_and_url(this->ca, certificate);
}
cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate);
cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate);
if (identity->get_type(identity) == ID_ANY ||
!certificate->has_subject(certificate, identity))
{
@ -533,8 +533,8 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
#ifdef ME
if (msg->add_conn.ikeme.mediation && msg->add_conn.ikeme.mediated_by)
{
DBG1(DBG_CFG, "a mediation connection cannot be a"
" mediated connection at the same time, aborting");
DBG1(DBG_CFG, "a mediation connection cannot be a mediated connection "
"at the same time, aborting");
return NULL;
}
@ -547,19 +547,18 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
if (msg->add_conn.ikeme.mediated_by)
{
mediated_by = charon->backends->get_peer_cfg_by_name(charon->backends,
msg->add_conn.ikeme.mediated_by);
msg->add_conn.ikeme.mediated_by);
if (!mediated_by)
{
DBG1(DBG_CFG, "mediation connection '%s' not found, aborting",
msg->add_conn.ikeme.mediated_by);
return NULL;
}
if (!mediated_by->is_mediation(mediated_by))
{
DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is"
"no mediation connection, aborting",
msg->add_conn.ikeme.mediated_by, msg->add_conn.name);
DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is "
"no mediation connection, aborting",
msg->add_conn.ikeme.mediated_by, msg->add_conn.name);
mediated_by->destroy(mediated_by);
return NULL;
}
@ -583,7 +582,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
else
{
rekey = msg->add_conn.rekey.ike_lifetime - over;
}
}
if (msg->add_conn.me.sourceip_size)
{
if (msg->add_conn.me.sourceip)
@ -639,7 +638,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
* uses to serve pool addresses. */
peer_cfg = peer_cfg_create(msg->add_conn.name,
msg->add_conn.ikev2 ? 2 : 1, ike_cfg,
msg->add_conn.me.sendcert, unique,
msg->add_conn.me.sendcert, unique,
msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
msg->add_conn.mobike, msg->add_conn.dpd.delay,
vip, msg->add_conn.other.sourceip_size ?

2
src/charon/processing/jobs/process_message_job.c
View File

@ -52,7 +52,7 @@ static void execute(private_process_message_job_t *this)
ike_sa_t *ike_sa;
#ifdef ME
/* if this is an unencrypted INFORMATIONAL exchange it is likely a
/* if this is an unencrypted INFORMATIONAL exchange it is likely a
* connectivity check. */
if (this->message->get_exchange_type(this->message) == INFORMATIONAL &&
this->message->get_first_payload_type(this->message) != ENCRYPTED)

44
src/charon/sa/ike_sa.c
View File

@ -148,7 +148,7 @@ struct private_ike_sa_t {
*/
chunk_t connect_id;
#endif /* ME */
/**
* Identification used for us
*/
@ -637,7 +637,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
/* schedule rekeying if we have a time which is smaller than
* an already scheduled rekeying */
t = this->peer_cfg->get_rekey_time(this->peer_cfg);
if (t && (this->stats[STAT_REKEY] == 0 ||
if (t && (this->stats[STAT_REKEY] == 0 ||
(this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED])))
{
this->stats[STAT_REKEY] = t + this->stats[STAT_ESTABLISHED];
@ -646,7 +646,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
DBG1(DBG_IKE, "scheduling rekeying in %ds", t);
}
t = this->peer_cfg->get_reauth_time(this->peer_cfg);
if (t && (this->stats[STAT_REAUTH] == 0 ||
if (t && (this->stats[STAT_REAUTH] == 0 ||
(this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED])))
{
this->stats[STAT_REAUTH] = t + this->stats[STAT_ESTABLISHED];
@ -686,7 +686,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
{
/* delete may fail if a packet gets lost, so set a timeout */
job_t *job = (job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE);
charon->scheduler->schedule_job(charon->scheduler, job,
charon->scheduler->schedule_job(charon->scheduler, job,
HALF_OPEN_IKE_SA_TIMEOUT);
break;
}
@ -988,7 +988,7 @@ static chunk_t get_connect_id(private_ike_sa_t *this)
* Implementation of ike_sa_t.respond
*/
static status_t respond(private_ike_sa_t *this, identification_t *peer_id,
chunk_t connect_id)
chunk_t connect_id)
{
ike_me_t *task = ike_me_create(&this->public, TRUE);
task->respond(task, peer_id, connect_id);
@ -1011,7 +1011,8 @@ static status_t callback(private_ike_sa_t *this, identification_t *peer_id)
* Implementation of ike_sa_t.relay
*/
static status_t relay(private_ike_sa_t *this, identification_t *requester,
chunk_t connect_id, chunk_t connect_key, linked_list_t *endpoints, bool response)
chunk_t connect_id, chunk_t connect_key,
linked_list_t *endpoints, bool response)
{
ike_me_t *task = ike_me_create(&this->public, TRUE);
task->relay(task, requester, connect_id, connect_key, endpoints, response);
@ -1022,7 +1023,8 @@ static status_t relay(private_ike_sa_t *this, identification_t *requester,
/**
* Implementation of ike_sa_t.initiate_mediation
*/
static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_cfg)
static status_t initiate_mediation(private_ike_sa_t *this,
peer_cfg_t *mediated_cfg)
{
ike_me_t *task = ike_me_create(&this->public, TRUE);
task->connect(task, mediated_cfg->get_peer_id(mediated_cfg));
@ -1033,14 +1035,13 @@ static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_
/**
* Implementation of ike_sa_t.initiate_mediated
*/
static status_t initiate_mediated(private_ike_sa_t *this, host_t *me, host_t *other,
chunk_t connect_id)
static status_t initiate_mediated(private_ike_sa_t *this, host_t *me,
host_t *other, chunk_t connect_id)
{
set_my_host(this, me->clone(me));
set_other_host(this, other->clone(other));
chunk_free(&this->connect_id);
this->connect_id = chunk_clone(connect_id);
return this->task_manager->initiate(this->task_manager);
}
#endif /* ME */
@ -1158,8 +1159,8 @@ static status_t initiate(private_ike_sa_t *this,
{
if (this->state == IKE_ESTABLISHED)
{
/* mediation connection is already established, retrigger state change
* to notify bus listeners */
/* mediation connection is already established, retrigger state
* change to notify bus listeners */
DBG1(DBG_IKE, "mediation connection is already up");
set_state(this, IKE_ESTABLISHED);
}
@ -1509,7 +1510,7 @@ static status_t reauth(private_ike_sa_t *this)
if (this->other_virtual_ip != NULL ||
has_condition(this, COND_EAP_AUTHENTICATED)
#ifdef ME
/* if we are mediation server we too cannot reauth the IKE_SA */
/* as mediation server we too cannot reauth the IKE_SA */
|| this->is_mediation_server
#endif /* ME */
)
@ -1545,7 +1546,7 @@ static status_t reestablish(private_ike_sa_t *this)
bool required = FALSE;
status_t status = FAILED;
/* check if we have children to keep up at all*/
/* check if we have children to keep up at all */
iterator = create_child_sa_iterator(this);
while (iterator->iterate(iterator, (void**)&child_sa))
{
@ -1569,7 +1570,7 @@ static status_t reestablish(private_ike_sa_t *this)
}
iterator->destroy(iterator);
#ifdef ME
/* we initiate the new IKE_SA of the mediation connection without CHILD_SA */
/* mediation connections have no children, keep them up anyway */
if (this->peer_cfg->is_mediation(this->peer_cfg))
{
required = TRUE;
@ -1720,7 +1721,7 @@ static void set_auth_lifetime(private_ike_sa_t *this, u_int32_t lifetime)
(job_t*)rekey_ike_sa_job_create(this->ike_sa_id, TRUE));
}
else if (this->stats[STAT_REAUTH] == 0 ||
this->stats[STAT_REAUTH] > reauth_time)
this->stats[STAT_REAUTH] > reauth_time)
{
this->stats[STAT_REAUTH] = reauth_time;
DBG1(DBG_IKE, "received AUTH_LIFETIME of %ds, scheduling reauthentication"
@ -1886,7 +1887,7 @@ static status_t inherit(private_ike_sa_t *this, private_ike_sa_t *other)
}
/* ... and configuration attributes */
while (other->attributes->remove_last(other->attributes,
while (other->attributes->remove_last(other->attributes,
(void**)&entry) == SUCCESS)
{
this->attributes->insert_first(this->attributes, entry);
@ -1932,9 +1933,9 @@ static status_t inherit(private_ike_sa_t *this, private_ike_sa_t *other)
this->stats[STAT_DELETE] = this->stats[STAT_REAUTH] + delete;
DBG1(DBG_IKE, "rescheduling reauthentication in %ds after rekeying, "
"lifetime reduced to %ds", reauth, delete);
charon->scheduler->schedule_job(charon->scheduler,
charon->scheduler->schedule_job(charon->scheduler,
(job_t*)rekey_ike_sa_job_create(this->ike_sa_id, TRUE), reauth);
charon->scheduler->schedule_job(charon->scheduler,
charon->scheduler->schedule_job(charon->scheduler,
(job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE), delete);
}
/* we have to initate here, there may be new tasks to handle */
@ -1953,7 +1954,7 @@ static void destroy(private_ike_sa_t *this)
set_state(this, IKE_DESTROYING);
/* remove attributes first, as we pass the IKE_SA to the handler */
while (this->attributes->remove_last(this->attributes,
while (this->attributes->remove_last(this->attributes,
(void**)&entry) == SUCCESS)
{
charon->attributes->release(charon->attributes, entry->handler,
@ -1992,7 +1993,8 @@ static void destroy(private_ike_sa_t *this)
#ifdef ME
if (this->is_mediation_server)
{
charon->mediation_manager->remove(charon->mediation_manager, this->ike_sa_id);
charon->mediation_manager->remove(charon->mediation_manager,
this->ike_sa_id);
}
DESTROY_IF(this->server_reflexive_host);
chunk_free(&this->connect_id);

154
src/charon/sa/ike_sa.h
View File

@ -164,7 +164,7 @@ enum statistic_t {
¦ SA_CREATED ¦
+----------------+
¦
on initiate()---> ¦ <----- on IKE_SA_INIT received
on initiate()---> ¦ <----- on IKE_SA_INIT received
V
+----------------+
¦ SA_CONNECTING ¦
@ -246,7 +246,7 @@ struct ike_sa_t {
/**
* Get the id of the SA.
*
*
* Returned ike_sa_id_t object is not getting cloned!
*
* @return ike_sa's ike_sa_id_t
@ -291,28 +291,28 @@ struct ike_sa_t {
/**
* Get the own host address.
*
*
* @return host address
*/
host_t* (*get_my_host) (ike_sa_t *this);
/**
* Set the own host address.
*
*
* @param me host address
*/
void (*set_my_host) (ike_sa_t *this, host_t *me);
/**
* Get the other peers host address.
*
*
* @return host address
*/
host_t* (*get_other_host) (ike_sa_t *this);
/**
* Set the others host address.
*
*
* @param other host address
*/
void (*set_other_host) (ike_sa_t *this, host_t *other);
@ -329,28 +329,28 @@ struct ike_sa_t {
/**
* Get the own identification.
*
*
* @return identification
*/
identification_t* (*get_my_id) (ike_sa_t *this);
/**
* Set the own identification.
*
*
* @param me identification
*/
void (*set_my_id) (ike_sa_t *this, identification_t *me);
/**
* Get the other peer's identification.
*
*
* @return identification
*/
identification_t* (*get_other_id) (ike_sa_t *this);
/**
* Set the other peer's identification.
*
*
* @param other identification
*/
void (*set_other_id) (ike_sa_t *this, identification_t *other);
@ -359,42 +359,42 @@ struct ike_sa_t {
* Get the peers EAP identity.
*
* The EAP identity is exchanged in a EAP-Identity exchange.
*
*
* @return identification, NULL if none set
*/
identification_t* (*get_eap_identity) (ike_sa_t *this);
/**
* Set the peer's EAP identity.
*
*
* @param id identification
*/
void (*set_eap_identity) (ike_sa_t *this, identification_t *id);
/**
* Get the config used to setup this IKE_SA.
*
*
* @return ike_config
*/
ike_cfg_t* (*get_ike_cfg) (ike_sa_t *this);
/**
* Set the config to setup this IKE_SA.
*
*
* @param config ike_config to use
*/
void (*set_ike_cfg) (ike_sa_t *this, ike_cfg_t* config);
/**
* Get the peer config used by this IKE_SA.
*
*
* @return peer_config
*/
peer_cfg_t* (*get_peer_cfg) (ike_sa_t *this);
/**
* Set the peer config to use with this IKE_SA.
*
*
* @param config peer_config to use
*/
void (*set_peer_cfg) (ike_sa_t *this, peer_cfg_t *config);
@ -515,91 +515,93 @@ struct ike_sa_t {
/**
* Get the server reflexive host.
*
*
* @return server reflexive host
*/
host_t* (*get_server_reflexive_host) (ike_sa_t *this);
/**
* Set the server reflexive host.
*
*
* @param host server reflexive host
*/
void (*set_server_reflexive_host) (ike_sa_t *this, host_t *host);
/**
* Get the connect ID.
*
*
* @return connect ID
*/
chunk_t (*get_connect_id) (ike_sa_t *this);
/**
* Initiate the mediation of a mediated connection (i.e. initiate a
* ME_CONNECT exchange).
*
* @param mediated_cfg peer_cfg of the mediated connection
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
* ME_CONNECT exchange to a mediation server).
*
* @param mediated_cfg peer_cfg of the mediated connection
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*/
status_t (*initiate_mediation) (ike_sa_t *this, peer_cfg_t *mediated_cfg);
/**
* Initiate the mediated connection
*
* @param me local endpoint (gets cloned)
* @param other remote endpoint (gets cloned)
* @param connect_id connect ID (gets cloned)
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*
* @param me local endpoint (gets cloned)
* @param other remote endpoint (gets cloned)
* @param connect_id connect ID (gets cloned)
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*/
status_t (*initiate_mediated) (ike_sa_t *this, host_t *me, host_t *other,
chunk_t connect_id);
chunk_t connect_id);
/**
* Relay data from one peer to another (i.e. initiate a
* ME_CONNECT exchange).
* Relay data from one peer to another (i.e. initiate a ME_CONNECT exchange
* to a peer).
*
* Data is cloned.
*
* @param requester ID of the requesting peer
* @param connect_id data of the ME_CONNECTID payload
* @param connect_key data of the ME_CONNECTKEY payload
* @param endpoints endpoints
* @param response TRUE if this is a response
* @return
* - SUCCESS if relay started
* - DESTROY_ME if relay failed
*
* @param requester ID of the requesting peer
* @param connect_id data of the ME_CONNECTID payload
* @param connect_key data of the ME_CONNECTKEY payload
* @param endpoints endpoints
* @param response TRUE if this is a response
* @return
* - SUCCESS if relay started
* - DESTROY_ME if relay failed
*/
status_t (*relay) (ike_sa_t *this, identification_t *requester, chunk_t connect_id,
chunk_t connect_key, linked_list_t *endpoints, bool response);
status_t (*relay) (ike_sa_t *this, identification_t *requester,
chunk_t connect_id, chunk_t connect_key,
linked_list_t *endpoints, bool response);
/**
* Send a callback to a peer.
*
*
* Data is cloned.
*
* @param peer_id ID of the other peer
*
* @param peer_id ID of the other peer
* @return
* - SUCCESS if response started
* - DESTROY_ME if response failed
* - SUCCESS if response started
* - DESTROY_ME if response failed
*/
status_t (*callback) (ike_sa_t *this, identification_t *peer_id);
/**
* Respond to a ME_CONNECT request.
*
*
* Data is cloned.
*
* @param peer_id ID of the other peer
* @param connect_id the connect ID supplied by the initiator
*
* @param peer_id ID of the other peer
* @param connect_id the connect ID supplied by the initiator
* @return
* - SUCCESS if response started
* - DESTROY_ME if response failed
* - SUCCESS if response started
* - DESTROY_ME if response failed
*/
status_t (*respond) (ike_sa_t *this, identification_t *peer_id, chunk_t connect_id);
status_t (*respond) (ike_sa_t *this, identification_t *peer_id,
chunk_t connect_id);
#endif /* ME */
/**
@ -608,12 +610,12 @@ struct ike_sa_t {
* The configs are owned by the IKE_SA after the call. If the initiate
* is triggered by a packet, traffic selectors of the packet can be added
* to the CHILD_SA.
*
*
* @param child_cfg child config to create CHILD from
* @param reqid reqid to use for CHILD_SA, 0 assigne uniquely
* @param tsi source of triggering packet
* @param tsr destination of triggering packet.
* @return
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*/
@ -623,14 +625,14 @@ struct ike_sa_t {
/**
* Initiates the deletion of an IKE_SA.
*
*
* Sends a delete message to the remote peer and waits for
* its response. If the response comes in, or a timeout occurs,
* the IKE SA gets deleted.
*
*
* @return
* - SUCCESS if deletion is initialized
* - DESTROY_ME, if the IKE_SA is not in
* - DESTROY_ME, if the IKE_SA is not in
* an established state and can not be
* deleted (but destroyed).
*/
@ -653,12 +655,12 @@ struct ike_sa_t {
/**
* Processes a incoming IKEv2-Message.
*
* Message processing may fail. If a critical failure occurs,
* process_message() return DESTROY_ME. Then the caller must
* Message processing may fail. If a critical failure occurs,
* process_message() return DESTROY_ME. Then the caller must
* destroy the IKE_SA immediatly, as it is unusable.
*
*
* @param message message to process
* @return
* @return
* - SUCCESS
* - FAILED
* - DESTROY_ME if this IKE_SA MUST be deleted
@ -667,13 +669,13 @@ struct ike_sa_t {
/**
* Generate a IKE message to send it to the peer.
*
*
* This method generates all payloads in the message and encrypts/signs
* the packet.
*
*
* @param message message to generate
* @param packet generated output packet
* @return
* @return
* - SUCCESS
* - FAILED
* - DESTROY_ME if this IKE_SA MUST be deleted
@ -683,7 +685,7 @@ struct ike_sa_t {
/**
* Retransmits a request.
*
*
* @param message_id ID of the request to retransmit
* @return
* - SUCCESS
@ -697,7 +699,7 @@ struct ike_sa_t {
* To check if a peer is still alive, periodic
* empty INFORMATIONAL messages are sent if no
* other traffic was received.
*
*
* @return
* - SUCCESS
* - DESTROY_ME, if peer did not respond
@ -723,25 +725,25 @@ struct ike_sa_t {
/**
* Associates a child SA to this IKE SA
*
*
* @param child_sa child_sa to add
*/
void (*add_child_sa) (ike_sa_t *this, child_sa_t *child_sa);
/**
* Get a CHILD_SA identified by protocol and SPI.
*
*
* @param protocol protocol of the SA
* @param spi SPI of the CHILD_SA
* @param inbound TRUE if SPI is inbound, FALSE if outbound
* @return child_sa, or NULL if none found
*/
child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol,
child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol,
u_int32_t spi, bool inbound);
/**
* Create an iterator over all CHILD_SAs.
*
*
* @return iterator
*/
iterator_t* (*create_child_sa_iterator) (ike_sa_t *this);

8
src/charon/sa/task_manager.c
View File

@ -133,7 +133,7 @@ struct private_task_manager_t {
linked_list_t *passive_tasks;
/**
* the task manager has been reset
* the task manager has been reset
*/
bool reset;
};
@ -143,7 +143,7 @@ struct private_task_manager_t {
*/
static void flush(private_task_manager_t *this)
{
this->queued_tasks->destroy_offset(this->queued_tasks,
this->queued_tasks->destroy_offset(this->queued_tasks,
offsetof(task_t, destroy));
this->passive_tasks->destroy_offset(this->passive_tasks,
offsetof(task_t, destroy));
@ -521,7 +521,7 @@ static status_t process_response(private_task_manager_t *this,
this->reset = FALSE;
iterator->destroy(iterator);
return build_request(this);
}
}
}
iterator->destroy(iterator);
@ -688,7 +688,7 @@ static status_t process_request(private_task_manager_t *this,
this->passive_tasks->insert_last(this->passive_tasks, task);
task = (task_t*)ike_cert_pre_create(this->ike_sa, FALSE);
this->passive_tasks->insert_last(this->passive_tasks, task);
#ifdef ME
#ifdef ME
task = (task_t*)ike_me_create(this->ike_sa, FALSE);
this->passive_tasks->insert_last(this->passive_tasks, task);
#endif /* ME */

10
src/charon/sa/tasks/ike_init.c
View File

@ -123,7 +123,7 @@ static void build_payloads(private_ike_init_t *this, message_t *message)
{
proposal_list = this->config->get_proposals(this->config);
if (this->old_sa)
{
{
/* include SPI of new IKE_SA when we are rekeying */
iterator = proposal_list->create_iterator(proposal_list, TRUE);
while (iterator->iterate(iterator, (void**)&proposal))
@ -184,7 +184,7 @@ static void process_payloads(private_ike_init_t *this, message_t *message)
proposal_list = sa_payload->get_proposals(sa_payload);
this->proposal = this->config->select_proposal(this->config,
proposal_list);
proposal_list->destroy_offset(proposal_list,
proposal_list->destroy_offset(proposal_list,
offsetof(proposal_t, destroy));
break;
}
@ -217,7 +217,7 @@ static void process_payloads(private_ike_init_t *this, message_t *message)
vendor_id_payload_t *vendor_id = (vendor_id_payload_t*)payload;
chunk_t vid = vendor_id->get_data(vendor_id);
DBG1(DBG_ENC, "received vendor id: %#B", &vid);
DBG1(DBG_ENC, "received vendor id: %#B", &vid);
}
default:
break;
@ -296,7 +296,7 @@ static status_t build_i(private_ike_init_t *this, message_t *message)
* Implementation of task_t.process for responder
*/
static status_t process_r(private_ike_init_t *this, message_t *message)
{
{
rng_t *rng;
this->config = this->ike_sa->get_ike_cfg(this->ike_sa);
@ -513,7 +513,7 @@ static status_t process_i(private_ike_init_t *this, message_t *message)
DBG1(DBG_IKE, "received %N notify error",
notify_type_names, type);
enumerator->destroy(enumerator);
return FAILED;
return FAILED;
}
DBG2(DBG_IKE, "received %N notify",
notify_type_names, type);

10
src/charon/sa/tasks/ike_natd.c
View File

@ -137,7 +137,7 @@ static notify_payload_t *build_natd_payload(private_ike_natd_t *this,
notify_type_t type, host_t *host)
{
chunk_t hash;
notify_payload_t *notify;
notify_payload_t *notify;
ike_sa_id_t *ike_sa_id;
ike_cfg_t *config;
@ -245,12 +245,12 @@ static void process_payloads(private_ike_natd_t *this, message_t *message)
this->ike_sa->set_condition(this->ike_sa, COND_NAT_HERE,
!this->dst_matched);
this->ike_sa->set_condition(this->ike_sa, COND_NAT_THERE,
!this->src_matched);
!this->src_matched);
config = this->ike_sa->get_ike_cfg(this->ike_sa);
if (this->dst_matched && this->src_matched &&
config->force_encap(config))
{
this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE);
this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE);
}
}
}
@ -278,7 +278,7 @@ static status_t process_i(private_ike_natd_t *this, message_t *message)
if (this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY) ||
#ifdef ME
/* if we are on a mediation connection we swith to port 4500 even
/* if we are on a mediation connection we switch to port 4500 even
* if no NAT is detected. */
peer_cfg->is_mediation(peer_cfg) ||
#endif /* ME */
@ -406,7 +406,7 @@ static status_t build_r(private_ike_natd_t *this, message_t *message)
* Implementation of task_t.process for responder
*/
static status_t process_r(private_ike_natd_t *this, message_t *message)
{
{
process_payloads(this, message);
return NEED_MORE;

2
src/charon/sa/tasks/ike_reauth.c
View File

@ -70,7 +70,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
if (iterator->get_count(iterator) == 0
#ifdef ME
/* we allow a peer to reauth a mediation connection (without CHILD_SA) */
/* we allow peers to reauth mediation connections (without children) */
&& !peer_cfg->is_mediation(peer_cfg)
#endif /* ME */
)

6
src/charon/sa/tasks/task.h
View File

@ -79,7 +79,7 @@ extern enum_name_t *task_type_names;
*
* A task is an elemantary operation. It may be handled by a single or by
* multiple exchanges. An exchange may even complete multiple tasks.
* A task has a build() and an process() operation. The build() operation
* A task has a build() and an process() operation. The build() operation
* creates payloads and adds it to the message. The process() operation
* inspects a message and handles its payloads. An initiator of an exchange
* first calls build() to build the request, and processes the response message
@ -97,7 +97,7 @@ struct task_t {
/**
* Build a request or response message for this task.
*
*
* @param message message to add payloads to
* @return
* - FAILED if a critical error occured
@ -109,7 +109,7 @@ struct task_t {
/**
* Process a request or response message for this task.
*
*
* @param message message to read payloads from
* @return
* - FAILED if a critical error occured