This commit is contained in:
Jan Hutter
parent
ff43984dca
commit
8c7824fb57
|
|
@ -155,7 +155,7 @@ static void load_default_config (private_configuration_manager_t *this)
|
|||
sa_config_t *sa_config1, *sa_config2;
|
||||
traffic_selector_t *ts;
|
||||
|
||||
init_config1 = init_config_create("152.96.193.131","152.96.193.131",IKEV2_UDP_PORT,500);
|
||||
init_config1 = init_config_create("152.96.193.131","152.96.193.131",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
|
||||
init_config2 = init_config_create("152.96.193.131","152.96.193.130",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
|
||||
init_config3 = init_config_create("0.0.0.0","127.0.0.1",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
|
||||
ts = traffic_selector_create_from_string(1, TS_IPV4_ADDR_RANGE, "0.0.0.0", 0, "255.255.255.255", 65535);
|
||||
|
|
|
|||
|
|
@ -159,7 +159,7 @@ static void build_test_jobs(private_daemon_t *this)
|
|||
for(i = 0; i<1; i++)
|
||||
{
|
||||
initiate_ike_sa_job_t *initiate_job;
|
||||
initiate_job = initiate_ike_sa_job_create("pinflb30");
|
||||
initiate_job = initiate_ike_sa_job_create("localhost");
|
||||
this->public.job_queue->add(this->public.job_queue, (job_t*)initiate_job);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@
|
|||
* Port on which the daemon will
|
||||
* listen for incoming traffic
|
||||
*/
|
||||
#define IKEV2_UDP_PORT 500
|
||||
#define IKEV2_UDP_PORT 4500
|
||||
|
||||
/**
|
||||
* Default loglevel to use. This is the
|
||||
|
|
|
|||
|
|
@ -37,6 +37,15 @@ struct private_ike_auth_requested_t {
|
|||
*/
|
||||
ike_auth_requested_t public;
|
||||
|
||||
/**
|
||||
* Sent nonce value
|
||||
*/
|
||||
chunk_t sent_nonce;
|
||||
|
||||
/**
|
||||
* Received nonce
|
||||
*/
|
||||
chunk_t received_nonce;
|
||||
|
||||
/**
|
||||
* Assigned IKE_SA
|
||||
|
|
@ -65,13 +74,15 @@ static ike_sa_state_t get_state(private_ike_auth_requested_t *this)
|
|||
*/
|
||||
static void destroy(private_ike_auth_requested_t *this)
|
||||
{
|
||||
allocator_free(this->sent_nonce.ptr);
|
||||
allocator_free(this->received_nonce.ptr);
|
||||
allocator_free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header.
|
||||
*/
|
||||
ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa)
|
||||
ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa, chunk_t sent_nonce, chunk_t received_nonce)
|
||||
{
|
||||
private_ike_auth_requested_t *this = allocator_alloc_thing(private_ike_auth_requested_t);
|
||||
|
||||
|
|
@ -82,6 +93,9 @@ ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa)
|
|||
|
||||
/* private data */
|
||||
this->ike_sa = ike_sa;
|
||||
this->sent_nonce = sent_nonce;
|
||||
this->received_nonce = received_nonce;
|
||||
|
||||
|
||||
return &(this->public);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -46,10 +46,12 @@ struct ike_auth_requested_t {
|
|||
* Constructor of class ike_auth_requested_t
|
||||
*
|
||||
* @param ike_sa assigned ike_sa object
|
||||
* @param sent_nonce Sent nonce value
|
||||
* @param received_nonce Received nonce value
|
||||
* @return created ike_auth_requested_t object
|
||||
*
|
||||
* @ingroup states
|
||||
*/
|
||||
ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa);
|
||||
ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa, chunk_t sent_nonce, chunk_t received_nonce);
|
||||
|
||||
#endif /*IKE_AUTH_REQUESTED_H_*/
|
||||
|
|
|
|||
|
|
@ -326,9 +326,9 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t
|
|||
|
||||
/* state can now be changed */
|
||||
this->logger->log(this->logger, CONTROL|MOST, "Create next state object");
|
||||
next_state = ike_auth_requested_create(this->ike_sa);
|
||||
next_state = ike_auth_requested_create(this->ike_sa,this->sent_nonce,this->received_nonce);
|
||||
|
||||
/* last message can now be set */
|
||||
/* last messages can now be set */
|
||||
status = this->ike_sa->set_last_requested_message(this->ike_sa, request);
|
||||
|
||||
if (status != SUCCESS)
|
||||
|
|
@ -400,10 +400,8 @@ static void build_id_payload (private_ike_sa_init_requested_t *this, payload_t *
|
|||
identification_t *identification;
|
||||
|
||||
sa_config = this->ike_sa->get_sa_config(this->ike_sa);
|
||||
|
||||
/* identification_t object gets NOT cloned here */
|
||||
identification = sa_config->get_my_id(sa_config);
|
||||
|
||||
/* create IDi */
|
||||
id_payload = id_payload_create_from_identification(TRUE,identification);
|
||||
|
||||
*payload = (payload_t *) id_payload;
|
||||
|
|
@ -418,9 +416,12 @@ static void build_auth_payload (private_ike_sa_init_requested_t *this, payload_t
|
|||
sa_config_t *sa_config;
|
||||
|
||||
sa_config = this->ike_sa->get_sa_config(this->ike_sa);
|
||||
|
||||
auth_payload = auth_payload_create();
|
||||
auth_payload->set_auth_method(auth_payload,sa_config->get_auth_method(sa_config));
|
||||
/*
|
||||
* TODO generate AUTH DATA
|
||||
*/
|
||||
|
||||
*payload = (payload_t *) auth_payload;
|
||||
}
|
||||
|
||||
|
|
@ -429,19 +430,21 @@ static void build_auth_payload (private_ike_sa_init_requested_t *this, payload_t
|
|||
*/
|
||||
static void build_sa_payload (private_ike_sa_init_requested_t *this, payload_t **payload)
|
||||
{
|
||||
sa_config_t *sa_config;
|
||||
child_proposal_t *proposals;
|
||||
sa_payload_t *sa_payload;
|
||||
sa_config_t *sa_config;
|
||||
size_t proposal_count;
|
||||
/*
|
||||
* TODO: get SPIs from kernel
|
||||
*/
|
||||
u_int8_t esp_spi[4] = {0x01,0x01,0x01,0x01};
|
||||
u_int8_t ah_spi[4] = {0x01,0x01,0x01,0x01};
|
||||
size_t proposal_count;
|
||||
child_proposal_t *proposals;
|
||||
|
||||
sa_config = this->ike_sa->get_sa_config(this->ike_sa);
|
||||
|
||||
proposal_count = sa_config->get_proposals(sa_config,ah_spi,esp_spi,&proposals);
|
||||
/* create IDi */
|
||||
sa_payload = sa_payload_create_from_child_proposals(proposals, proposal_count);
|
||||
allocator_free(proposals);
|
||||
|
||||
*payload = (payload_t *) sa_payload;
|
||||
}
|
||||
|
||||
|
|
@ -450,18 +453,16 @@ static void build_sa_payload (private_ike_sa_init_requested_t *this, payload_t *
|
|||
*/
|
||||
static void build_tsi_payload (private_ike_sa_init_requested_t *this, payload_t **payload)
|
||||
{
|
||||
sa_config_t *sa_config;
|
||||
ts_payload_t *ts_payload;
|
||||
size_t traffic_selectors_count;
|
||||
traffic_selector_t **traffic_selectors;
|
||||
size_t traffic_selectors_count;
|
||||
ts_payload_t *ts_payload;
|
||||
sa_config_t *sa_config;
|
||||
|
||||
sa_config = this->ike_sa->get_sa_config(this->ike_sa);
|
||||
|
||||
traffic_selectors_count = sa_config->get_traffic_selectors_initiator(sa_config,&traffic_selectors);
|
||||
|
||||
/* create IDi */
|
||||
ts_payload = ts_payload_create_from_traffic_selectors(TRUE,traffic_selectors, traffic_selectors_count);
|
||||
allocator_free(traffic_selectors);
|
||||
|
||||
*payload = (payload_t *) ts_payload;
|
||||
}
|
||||
|
||||
|
|
@ -470,18 +471,16 @@ static void build_tsi_payload (private_ike_sa_init_requested_t *this, payload_t
|
|||
*/
|
||||
static void build_tsr_payload (private_ike_sa_init_requested_t *this, payload_t **payload)
|
||||
{
|
||||
sa_config_t *sa_config;
|
||||
ts_payload_t *ts_payload;
|
||||
size_t traffic_selectors_count;
|
||||
traffic_selector_t **traffic_selectors;
|
||||
size_t traffic_selectors_count;
|
||||
ts_payload_t *ts_payload;
|
||||
sa_config_t *sa_config;
|
||||
|
||||
sa_config = this->ike_sa->get_sa_config(this->ike_sa);
|
||||
|
||||
traffic_selectors_count = sa_config->get_traffic_selectors_responder(sa_config,&traffic_selectors);
|
||||
|
||||
/* create IDi */
|
||||
ts_payload = ts_payload_create_from_traffic_selectors(FALSE,traffic_selectors, traffic_selectors_count);
|
||||
allocator_free(traffic_selectors);
|
||||
|
||||
*payload = (payload_t *) ts_payload;
|
||||
}
|
||||
|
||||
|
|
@ -499,14 +498,13 @@ static ike_sa_state_t get_state(private_ike_sa_init_requested_t *this)
|
|||
*/
|
||||
static void destroy_after_state_change (private_ike_sa_init_requested_t *this)
|
||||
{
|
||||
this->logger->log(this->logger, CONTROL | MORE, "Going to destroy state of type ike_sa_init_requested_t after state change");
|
||||
this->logger->log(this->logger, CONTROL | MORE, "Going to destroy state of type ike_sa_init_requested_t after state change.");
|
||||
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy diffie hellman object");
|
||||
this->diffie_hellman->destroy(this->diffie_hellman);
|
||||
|
||||
allocator_free(this->sent_nonce.ptr);
|
||||
allocator_free(this->received_nonce.ptr);
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy shared secret (secrets allready derived)");
|
||||
allocator_free(this->shared_secret.ptr);
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy object itself");
|
||||
allocator_free(this);
|
||||
}
|
||||
|
||||
|
|
@ -519,10 +517,13 @@ static void destroy(private_ike_sa_init_requested_t *this)
|
|||
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy diffie hellman object");
|
||||
this->diffie_hellman->destroy(this->diffie_hellman);
|
||||
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy sent nonce");
|
||||
allocator_free(this->sent_nonce.ptr);
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy received nonce");
|
||||
allocator_free(this->received_nonce.ptr);
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy shared secret (secrets allready derived)");
|
||||
allocator_free(this->shared_secret.ptr);
|
||||
this->logger->log(this->logger, CONTROL | MOST, "Destroy object itself");
|
||||
allocator_free(this);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
/**
|
||||
* @file initiator_init.c
|
||||
*
|
||||
* @brief Start state of a IKE_SA as initiator
|
||||
* @brief Implementation of initiator_init_t.
|
||||
*
|
||||
*/
|
||||
|
||||
|
|
@ -36,7 +36,7 @@
|
|||
typedef struct private_initiator_init_t private_initiator_init_t;
|
||||
|
||||
/**
|
||||
* Private data of a initiator_init_t object.
|
||||
* Private data of a initiator_init_t object..
|
||||
*
|
||||
*/
|
||||
struct private_initiator_init_t {
|
||||
|
|
@ -131,28 +131,24 @@ struct private_initiator_init_t {
|
|||
static status_t initiate_connection (private_initiator_init_t *this, char *name)
|
||||
{
|
||||
ike_sa_init_requested_t *next_state;
|
||||
init_config_t *init_config;
|
||||
randomizer_t *randomizer;
|
||||
sa_config_t *sa_config;
|
||||
message_t *message;
|
||||
packet_t *packet;
|
||||
status_t status;
|
||||
randomizer_t *randomizer;
|
||||
init_config_t *init_config;
|
||||
sa_config_t *sa_config;
|
||||
|
||||
this->logger->log(this->logger, CONTROL, "Initializing connection %s",name);
|
||||
|
||||
/* get init_config_t object */
|
||||
status = charon->configuration_manager->get_init_config_for_name(charon->configuration_manager,name,&init_config);
|
||||
|
||||
if (status != SUCCESS)
|
||||
{
|
||||
this->logger->log(this->logger, ERROR | MORE, "Could not retrieve INIT configuration informations for %s",name);
|
||||
return INVALID_ARG;
|
||||
}
|
||||
|
||||
/* configuration can be set */
|
||||
this->ike_sa->set_init_config(this->ike_sa,init_config);
|
||||
|
||||
/* get sa_config_t object */
|
||||
status = charon->configuration_manager->get_sa_config_for_name(charon->configuration_manager,name,&sa_config);
|
||||
|
||||
if (status != SUCCESS)
|
||||
|
|
@ -161,9 +157,10 @@ static status_t initiate_connection (private_initiator_init_t *this, char *name)
|
|||
return INVALID_ARG;
|
||||
}
|
||||
|
||||
/* configuration can be set */
|
||||
this->ike_sa->set_sa_config(this->ike_sa,sa_config);
|
||||
|
||||
|
||||
|
||||
this->ike_sa->set_other_host(this->ike_sa,init_config->get_other_host_clone(init_config));
|
||||
this->ike_sa->set_my_host(this->ike_sa,init_config->get_my_host_clone(init_config));
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue