Allow creation of message_t objects for IKEv1 packets.

2011-11-16 12:06:55 +01:00 · 2011-11-16 12:06:55 +01:00 · 4ed52db2bb
parent 8a2d079d78
commit 4ed52db2bb
8 changed files with 62 additions and 49 deletions
--- a/src/conftest/hooks/force_cookie.c
+++ b/src/conftest/hooks/force_cookie.c
@ -68,7 +68,7 @@ METHOD(listener_t, message, bool,
 			chunk_t data = chunk_from_thing("COOKIE test data");

 			DBG1(DBG_CFG, "sending COOKIE: %#B", &data);
-			response = message_create();
+			response = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 			dst = message->get_source(message);
 			src = message->get_destination(message);
 			response->set_source(response, src->clone(src));
--- a/src/conftest/hooks/unencrypted_notify.c
+++ b/src/conftest/hooks/unencrypted_notify.c
@ -95,7 +95,7 @@ METHOD(listener_t, ike_updown, bool,

 		DBG1(DBG_CFG, "injecting unencrypted INFORMATIONAL message");

-		message = message_create();
+		message = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 		message->set_message_id(message, this->id);
 		message->set_ike_sa_id(message, ike_sa->get_id(ike_sa));
 		message->set_exchange_type(message, INFORMATIONAL);
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@ -686,6 +686,11 @@ struct private_message_t {
 	 */
 	bool is_request;

+	/**
+	 * The message is encrypted (IKEv1)
+	 */
+	bool is_encrypted;
+
 	/**
 	 * Higher version supported?
 	 */
@ -694,7 +699,7 @@ struct private_message_t {
 	/**
 	 * Reserved bits in IKE header
 	 */
-	bool reserved[5];
+	bool reserved[2];

 	/**
 	 * Sorting of message disabled?
@ -1422,13 +1427,15 @@ METHOD(message_t, parse_header, status_t,
 	}

 	DESTROY_IF(this->ike_sa_id);
-	this->ike_sa_id = ike_sa_id_create(ike_header->get_initiator_spi(ike_header),
+	this->ike_sa_id = ike_sa_id_create(
+									ike_header->get_initiator_spi(ike_header),
 									ike_header->get_responder_spi(ike_header),
 									ike_header->get_initiator_flag(ike_header));

 	this->exchange_type = ike_header->get_exchange_type(ike_header);
 	this->message_id = ike_header->get_message_id(ike_header);
 	this->is_request = !ike_header->get_response_flag(ike_header);
+	this->is_encrypted = ike_header->get_encryption_flag(ike_header);
 	this->major_version = ike_header->get_maj_version(ike_header);
 	this->minor_version = ike_header->get_min_version(ike_header);
 	this->first_payload = ike_header->payload_interface.get_next_type(
@ -1442,19 +1449,12 @@ METHOD(message_t, parse_header, status_t,
 			this->reserved[i] = *reserved;
 		}
 	}
-	DBG2(DBG_ENC, "parsed a %N %s", exchange_type_names, this->exchange_type,
-		 this->is_request ? "request" : "response");
-
 	ike_header->destroy(ike_header);

-	this->rule = get_message_rule(this);
-	if (!this->rule)
-	{
-		DBG1(DBG_ENC, "no message rules specified for a %N %s",
-			 exchange_type_names, this->exchange_type,
-			 this->is_request ? "request" : "response");
-	}
-	return status;
+	DBG2(DBG_ENC, "parsed a %N %s header", exchange_type_names,
+		 this->exchange_type, this->major_version == IKEV1_MAJOR_VERSION ?
+		 "message" : (this->is_request ? "request" : "response"));
+	return SUCCESS;
 }

 /**
@ -1640,6 +1640,15 @@ METHOD(message_t, parse_body, status_t,
 	DBG2(DBG_ENC, "parsing body of message, first payload is %N",
 		 payload_type_names, type);

+	this->rule = get_message_rule(this);
+	if (!this->rule)
+	{
+		DBG1(DBG_ENC, "no message rules specified for a %N %s",
+			 exchange_type_names, this->exchange_type,
+			 this->is_request ? "request" : "response");
+		return PARSE_ERROR;
+	}
+
 	while (type != NO_PAYLOAD)
 	{
 		DBG2(DBG_ENC, "starting parsing a %N payload",
@ -1707,7 +1716,7 @@ METHOD(message_t, destroy, void,
 }

 /*
- * Described in Header-File
+ * Described in header.
 */
 message_t *message_create_from_packet(packet_t *packet)
 {
@ -1752,8 +1761,6 @@ message_t *message_create_from_packet(packet_t *packet)
 			.get_packet_data = _get_packet_data,
 			.destroy = _destroy,
 		},
-		.major_version = IKEV2_MAJOR_VERSION,
-		.minor_version = IKEV2_MINOR_VERSION,
 		.exchange_type = EXCHANGE_TYPE_UNDEFINED,
 		.is_request = TRUE,
 		.first_payload = NO_PAYLOAD,
@ -1762,14 +1769,19 @@ message_t *message_create_from_packet(packet_t *packet)
 		.parser = parser_create(packet->get_data(packet)),
 	);

-	return (&this->public);
+	return &this->public;
 }

 /*
- * Described in Header.
+ * Described in header.
 */
-message_t *message_create()
+message_t *message_create(int major, int minor)
 {
-	return message_create_from_packet(packet_create());
+	message_t *this = message_create_from_packet(packet_create());
+
+	this->set_major_version(this, major);
+	this->set_minor_version(this, minor);
+
+	return this;
 }

--- a/src/libcharon/encoding/message.h
+++ b/src/libcharon/encoding/message.h
@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2007 Tobias Brunner
+ * Copyright (C) 2006-2011 Tobias Brunner
 * Copyright (C) 2005-2009 Martin Willi
 * Copyright (C) 2006 Daniel Roethlisberger
 * Copyright (C) 2005 Jan Hutter
@ -182,7 +182,7 @@ struct message_t {
 	 * all payloads to encrypt are added to the encryption payload, which is
 	 * always the last one.
 	 *
-	 * @param payload 		payload to append
+	 * @param payload		payload to append
 	 */
 	void (*add_payload) (message_t *this, payload_t *payload);

@ -208,14 +208,14 @@ struct message_t {
 	/**
 	 * Parses header of message.
 	 *
-	 * Begins parisng of a message created via message_create_from_packet().
+	 * Begins parsing of a message created via message_create_from_packet().
 	 * The parsing context is stored, so a subsequent call to parse_body()
 	 * will continue the parsing process.
 	 *
 	 * @return
-	 * 					- SUCCESS if header could be parsed
+	 *					- SUCCESS if header could be parsed
 	 *					- PARSE_ERROR if corrupted/invalid data found
-	 * 					- FAILED if consistence check of header failed
+	 *					- FAILED if consistency check of header failed
 	 */
 	status_t (*parse_header) (message_t *this);

@ -230,11 +230,11 @@ struct message_t {
 	 *
 	 * @param aead		aead transform to verify/decrypt message
 	 * @return
-	 * 					- SUCCESS if parsing successful
+	 *					- SUCCESS if parsing successful
 	 *					- PARSE_ERROR if message parsing failed
-	 * 					- VERIFY_ERROR if message verification failed (bad syntax)
-	 * 					- FAILED if integrity check failed
-	 * 					- INVALID_STATE if aead not supplied, but needed
+	 *					- VERIFY_ERROR if message verification failed (bad syntax)
+	 *					- FAILED if integrity check failed
+	 *					- INVALID_STATE if aead not supplied, but needed
 	 */
 	status_t (*parse_body) (message_t *this, aead_t *aead);

@ -250,10 +250,10 @@ struct message_t {
 	 * @param aead		aead transform to encrypt/sign message
 	 * @param packet	copy of generated packet
 	 * @return
-	 * 					- SUCCESS if packet could be generated
-	 * 					- INVALID_STATE if exchange type is currently not set
-	 * 					- NOT_FOUND if no rules found for message generation
-	 * 					- INVALID_STATE if aead not supplied but needed.
+	 *					- SUCCESS if packet could be generated
+	 *					- INVALID_STATE if exchange type is currently not set
+	 *					- NOT_FOUND if no rules found for message generation
+	 *					- INVALID_STATE if aead not supplied but needed.
 	 */
 	status_t (*generate) (message_t *this, aead_t *aead, packet_t **packet);

@ -278,7 +278,7 @@ struct message_t {
 	 * Sets the source host informations.
 	 *
 	 * @warning host_t object is not getting cloned and gets destroyed by
-	 * 			message_t.destroy or next call of message_t.set_source.
+	 *			message_t.destroy or next call of message_t.set_source.
 	 *
 	 * @param host		host_t object representing source host
 	 */
@ -298,7 +298,7 @@ struct message_t {
 	 * Sets the destination host informations.
 	 *
 	 * @warning host_t object is not getting cloned and gets destroyed by
-	 * 			message_t.destroy or next call of message_t.set_destination.
+	 *			message_t.destroy or next call of message_t.set_destination.
 	 *
 	 * @param host		host_t object representing destination host
 	 */
@ -357,26 +357,27 @@ struct message_t {
 };

 /**
- * Creates an message_t object from a incoming UDP Packet.
+ * Creates a message_t object from an incoming UDP packet.
 *
 * The given packet gets owned by the message. The message is uninitialized,
 * call parse_header() to populate header fields.
 *
 * @param packet		packet_t object which is assigned to message
- * @return 				message_t object
+ * @return				message_t object
 */
-message_t * message_create_from_packet(packet_t *packet);
-
+message_t *message_create_from_packet(packet_t *packet);

 /**
- * Creates an empty message_t object.
+ * Creates an empty message_t object for a specific major/minor version.
 *
 * - exchange_type is set to NOT_SET
 * - original_initiator is set to TRUE
 * - is_request is set to TRUE
 *
- * @return message_t object
+ * @param major			major IKE version of this message
+ * @param minor			minor IKE version of this message
+ * @return				message_t object
 */
-message_t * message_create(void);
+message_t *message_create(int major, int minor);

 #endif /** MESSAGE_H_ @}*/
--- a/src/libcharon/network/receiver.c
+++ b/src/libcharon/network/receiver.c
@ -144,7 +144,7 @@ static void send_notify(message_t *request, notify_type_t type, chunk_t data)
 		packet_t *packet;
 		ike_sa_id_t *ike_sa_id;

-		response = message_create();
+		response = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 		dst = request->get_source(request);
 		src = request->get_destination(request);
 		response->set_source(response, src->clone(src));
--- a/src/libcharon/sa/connect_manager.c
+++ b/src/libcharon/sa/connect_manager.c
@ -1028,7 +1028,7 @@ static void queue_retransmission(private_connect_manager_t *this, check_list_t *
 static void send_check(private_connect_manager_t *this, check_list_t *checklist,
 		check_t *check, endpoint_pair_t *pair, bool request)
 {
-	message_t *message = message_create();
+	message_t *message = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 	message->set_message_id(message, check->mid);
 	message->set_exchange_type(message, INFORMATIONAL);
 	message->set_request(message, request);
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@ -926,7 +926,7 @@ static void send_notify_response(private_ike_sa_t *this, message_t *request,
 	message_t *response;
 	packet_t *packet;

-	response = message_create();
+	response = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 	response->set_exchange_type(response, request->get_exchange_type(request));
 	response->set_request(response, FALSE);
 	response->set_message_id(response, request->get_message_id(request));
--- a/src/libcharon/sa/task_manager.c
+++ b/src/libcharon/sa/task_manager.c
@ -425,7 +425,7 @@ METHOD(task_manager_t, initiate, status_t,
 	me = this->ike_sa->get_my_host(this->ike_sa);
 	other = this->ike_sa->get_other_host(this->ike_sa);

-	message = message_create();
+	message = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 	message->set_message_id(message, this->initiating.mid);
 	message->set_source(message, me->clone(me));
 	message->set_destination(message, other->clone(other));
@ -607,7 +607,7 @@ static status_t build_response(private_task_manager_t *this, message_t *request)
 	me = request->get_destination(request);
 	other = request->get_source(request);

-	message = message_create();
+	message = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 	message->set_exchange_type(message, request->get_exchange_type(request));
 	/* send response along the path the request came in */
 	message->set_source(message, me->clone(me));