diff options
author | Tobias Brunner <tobias@strongswan.org> | 2009-09-02 17:26:36 +0200 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2009-09-02 17:30:46 +0200 |
commit | 484a06bce795e1d1508c965f969138715dcf02cb (patch) | |
tree | c79f6265b5213e00f3a960cb8667362e5ddcd95e | |
parent | 5293b029455a81ca1e3146e5865a2dc13ec07dc6 (diff) | |
download | strongswan-484a06bce795e1d1508c965f969138715dcf02cb.tar.bz2 strongswan-484a06bce795e1d1508c965f969138715dcf02cb.tar.xz |
Fixed some typos; whitespace cleanup.
-rw-r--r-- | src/charon/config/peer_cfg.c | 8 | ||||
-rw-r--r-- | src/charon/config/peer_cfg.h | 38 | ||||
-rw-r--r-- | src/charon/control/controller.c | 16 | ||||
-rw-r--r-- | src/charon/daemon.c | 18 | ||||
-rw-r--r-- | src/charon/daemon.h | 64 | ||||
-rw-r--r-- | src/charon/encoding/message.c | 36 | ||||
-rw-r--r-- | src/charon/encoding/payloads/ike_header.c | 43 | ||||
-rw-r--r-- | src/charon/encoding/payloads/ike_header.h | 11 | ||||
-rw-r--r-- | src/charon/encoding/payloads/payload.h | 42 | ||||
-rw-r--r-- | src/charon/plugins/stroke/stroke_config.c | 21 | ||||
-rw-r--r-- | src/charon/processing/jobs/process_message_job.c | 2 | ||||
-rw-r--r-- | src/charon/sa/ike_sa.c | 44 | ||||
-rw-r--r-- | src/charon/sa/ike_sa.h | 154 | ||||
-rw-r--r-- | src/charon/sa/task_manager.c | 8 | ||||
-rw-r--r-- | src/charon/sa/tasks/ike_init.c | 10 | ||||
-rw-r--r-- | src/charon/sa/tasks/ike_natd.c | 10 | ||||
-rw-r--r-- | src/charon/sa/tasks/ike_reauth.c | 2 | ||||
-rw-r--r-- | src/charon/sa/tasks/task.h | 6 |
18 files changed, 266 insertions, 267 deletions
diff --git a/src/charon/config/peer_cfg.c b/src/charon/config/peer_cfg.c index f096f269e..b2d29919d 100644 --- a/src/charon/config/peer_cfg.c +++ b/src/charon/config/peer_cfg.c @@ -144,7 +144,7 @@ struct private_peer_cfg_t { */ linked_list_t *remote_auth; -#ifdef ME +#ifdef ME /** * Is this a mediation connection? */ @@ -567,7 +567,7 @@ static bool equals(private_peer_cfg_t *this, private_peer_cfg_t *other) (this->virtual_ip == other->virtual_ip || (this->virtual_ip && other->virtual_ip && this->virtual_ip->equals(this->virtual_ip, other->virtual_ip))) && - (this->pool == other->pool || + (this->pool == other->pool || (this->pool && other->pool && streq(this->pool, other->pool))) && auth_cfg_equal(this, other) #ifdef ME @@ -630,8 +630,8 @@ peer_cfg_t *peer_cfg_create(char *name, u_int ike_version, ike_cfg_t *ike_cfg, private_peer_cfg_t *this = malloc_thing(private_peer_cfg_t); /* public functions */ - this->public.get_name = (char* (*) (peer_cfg_t *))get_name; - this->public.get_ike_version = (u_int(*) (peer_cfg_t *))get_ike_version; + this->public.get_name = (char* (*) (peer_cfg_t *))get_name; + this->public.get_ike_version = (u_int(*) (peer_cfg_t *))get_ike_version; this->public.get_ike_cfg = (ike_cfg_t* (*) (peer_cfg_t *))get_ike_cfg; this->public.add_child_cfg = (void (*) (peer_cfg_t *, child_cfg_t*))add_child_cfg; this->public.remove_child_cfg = (void(*)(peer_cfg_t*, enumerator_t*))remove_child_cfg; diff --git a/src/charon/config/peer_cfg.h b/src/charon/config/peer_cfg.h index 3c095eff0..e6f0db443 100644 --- a/src/charon/config/peer_cfg.h +++ b/src/charon/config/peer_cfg.h @@ -43,7 +43,7 @@ typedef struct peer_cfg_t peer_cfg_t; * requests when using this definition for the other peer. If * it is CERT_NEVER_SEND, a certreq is omitted, otherwise its * included. - * + * * @warning These definitions must be the same as in pluto/starter, * as they are sent over the stroke socket. */ @@ -108,7 +108,7 @@ extern enum_name_t *unique_policy_names; * Each peer_cfg has two lists of authentication config attached. Local * authentication configs define how to authenticate ourself against the remote * peer. Each config is enforced using the multiple authentication extension - * (RFC4739). + * (RFC4739). * The remote authentication configs are handled as constraints. The peer has * to fullfill each of these rules (using multiple authentication, in any order) * to gain access to the configuration. @@ -117,9 +117,9 @@ struct peer_cfg_t { /** * Get the name of the peer_cfg. - * + * * Returned object is not getting cloned. - * + * * @return peer_cfg's name */ char* (*get_name) (peer_cfg_t *this); @@ -133,14 +133,14 @@ struct peer_cfg_t { /** * Get the IKE config to use for initiaton. - * + * * @return the IKE config to use */ ike_cfg_t* (*get_ike_cfg) (peer_cfg_t *this); /** * Attach a CHILD config. - * + * * @param child_cfg CHILD config to add */ void (*add_child_cfg) (peer_cfg_t *this, child_cfg_t *child_cfg); @@ -154,14 +154,14 @@ struct peer_cfg_t { /** * Create an enumerator for all attached CHILD configs. - * + * * @return an enumerator over all CHILD configs. */ enumerator_t* (*create_child_cfg_enumerator) (peer_cfg_t *this); /** * Select a CHILD config from traffic selectors. - * + * * @param my_ts TS for local side * @param other_ts TS for remote side * @param my_host host to narrow down dynamic TS for local side @@ -232,14 +232,14 @@ struct peer_cfg_t { /** * Use MOBIKE (RFC4555) if peer supports it? - * + * * @return TRUE to enable MOBIKE support */ bool (*use_mobike) (peer_cfg_t *this); /** * Get the DPD check interval. - * + * * @return dpd_delay in seconds */ u_int32_t (*get_dpd) (peer_cfg_t *this); @@ -266,26 +266,26 @@ struct peer_cfg_t { #ifdef ME /** * Is this a mediation connection? - * + * * @return TRUE, if this is a mediation connection */ bool (*is_mediation) (peer_cfg_t *this); /** * Get peer_cfg of the connection this one is mediated through. - * + * * @return the peer_cfg of the mediation connection */ peer_cfg_t* (*get_mediated_by) (peer_cfg_t *this); /** * Get the id of the other peer at the mediation server. - * + * * This is the leftid of the peer's connection with the mediation server. - * + * * If it is not configured, it is assumed to be the same as the right id - * of this connection. - * + * of this connection. + * * @return the id of the other peer */ identification_t* (*get_peer_id) (peer_cfg_t *this); @@ -319,14 +319,14 @@ struct peer_cfg_t { /** * Create a configuration object for IKE_AUTH and later. - * + * * name-string gets cloned, ID's not. * Virtual IPs are used if they are != NULL. A %any host means the virtual * IP should be obtained from the other peer. * Lifetimes are in seconds. To prevent to peers to start rekeying at the * same time, a jitter may be specified. Rekeying of an SA starts at - * (rekeylifetime - random(0, jitter)). - * + * (rekeylifetime - random(0, jitter)). + * * @param name name of the peer_cfg * @param ike_version which IKE version we sould use for this peer * @param ike_cfg IKE config to use when acting as initiator diff --git a/src/charon/control/controller.c b/src/charon/control/controller.c index 021cb4fdd..97d7e33ea 100644 --- a/src/charon/control/controller.c +++ b/src/charon/control/controller.c @@ -92,17 +92,17 @@ struct interface_listener_t { typedef struct interface_job_t interface_job_t; -/** +/** * job for asynchronous listen operations */ struct interface_job_t { - /** - * job interface + /** + * job interface */ job_t public; - /** - * associated listener + /** + * associated listener */ interface_listener_t listener; }; @@ -295,7 +295,7 @@ static status_t terminate_ike_execute(interface_job_t *job) /** * Implementation of controller_t.terminate_ike. */ -static status_t terminate_ike(controller_t *this, u_int32_t unique_id, +static status_t terminate_ike(controller_t *this, u_int32_t unique_id, controller_cb_t callback, void *param) { ike_sa_t *ike_sa; @@ -357,7 +357,7 @@ static status_t terminate_child_execute(interface_job_t *job) /** * Implementation of controller_t.terminate_child. */ -static status_t terminate_child(controller_t *this, u_int32_t reqid, +static status_t terminate_child(controller_t *this, u_int32_t reqid, controller_cb_t callback, void *param) { ike_sa_t *ike_sa; @@ -382,7 +382,7 @@ static status_t terminate_child(controller_t *this, u_int32_t reqid, }; ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager, - reqid, TRUE); + reqid, TRUE); if (ike_sa == NULL) { DBG1(DBG_IKE, "unable to terminate, CHILD_SA with ID %d not found", diff --git a/src/charon/daemon.c b/src/charon/daemon.c index cf2b1c7be..26858af6c 100644 --- a/src/charon/daemon.c +++ b/src/charon/daemon.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (C) 2006-2009 Tobias Brunner * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger @@ -120,8 +120,8 @@ static void run(private_daemon_t *this) /* handle SIGINT, SIGHUP ans SIGTERM in this handler */ sigemptyset(&set); - sigaddset(&set, SIGINT); - sigaddset(&set, SIGHUP); + sigaddset(&set, SIGINT); + sigaddset(&set, SIGHUP); sigaddset(&set, SIGTERM); while (TRUE) @@ -251,11 +251,11 @@ static void drop_capabilities(private_daemon_t *this) if (setgid(charon->gid) != 0) { - kill_daemon(this, "change to unprivileged group failed"); + kill_daemon(this, "change to unprivileged group failed"); } if (setuid(charon->uid) != 0) { - kill_daemon(this, "change to unprivileged user failed"); + kill_daemon(this, "change to unprivileged user failed"); } #ifdef CAPABILITIES @@ -279,7 +279,7 @@ static void keep_cap(private_daemon_t *this, u_int cap) } /** - * lookup UID and GID + * lookup UID and GID */ static void lookup_uid_gid(private_daemon_t *this) { @@ -491,7 +491,7 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[]) this->public.traps = trap_manager_create(); /* load plugins, further infrastructure may need it */ - if (!lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, + if (!lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, lib->settings->get_str(lib->settings, "charon.load", PLUGINS))) { return FALSE; @@ -543,7 +543,7 @@ static void segv_handler(int signal) * Create the daemon. */ private_daemon_t *daemon_create(void) -{ +{ struct sigaction action; private_daemon_t *this = malloc_thing(private_daemon_t); @@ -607,7 +607,7 @@ private_daemon_t *daemon_create(void) } /** - * Check/create PID file, return TRUE if already running + * Check/create PID file, return TRUE if already running */ static bool check_pidfile() { diff --git a/src/charon/daemon.h b/src/charon/daemon.h index 023bae447..430654c8e 100644 --- a/src/charon/daemon.h +++ b/src/charon/daemon.h @@ -21,7 +21,7 @@ * * @defgroup bus bus * @ingroup charon - * + * * @defgroup listeners listeners * @ingroup bus * @@ -84,13 +84,13 @@ * from the processor. Work is delegated to the processor by queueing jobs * to it. @verbatim - + +---------------------------------+ +----------------------------+ | controller | | config | - +---------------------------------+ +----------------------------+ - | | | ^ ^ ^ - V V V | | | - + +---------------------------------+ +----------------------------+ + | | | ^ ^ ^ + V V V | | | + +----------+ +-----------+ +------+ +----------+ +----+ | receiver | | | | | +------+ | CHILD_SA | | K | +---+------+ | Scheduler | | IKE- | | IKE- |--+----------+ | e | @@ -100,43 +100,43 @@ +------+---+ +-----------+ | ager | +------+ +----------+ | l | | | | | | | IKE- |--| CHILD_SA | | - | +---+------+ | Processor |---| |--| SA | +----------+ | I | - | sender | | | | | +------+ | f | + | sender | | | | | +------+ | f | +----------+ +-----------+ +------+ +----+ - - | | | | | | - V V V V V V - +---------------------------------+ +----------------------------+ - | Bus | | credentials | - +---------------------------------+ +----------------------------+ + + | | | | | | + V V V V V V + +---------------------------------+ +----------------------------+ + | Bus | | credentials | + +---------------------------------+ +----------------------------+ @endverbatim - * The scheduler is responsible to execute timed events. Jobs may be queued to - * the scheduler to get executed at a defined time (e.g. rekeying). The + * The scheduler is responsible to execute timed events. Jobs may be queued to + * the scheduler to get executed at a defined time (e.g. rekeying). The * scheduler does not execute the jobs itself, it queues them to the processor. - * - * The IKE_SA manager managers all IKE_SA. It further handles the + * + * The IKE_SA manager managers all IKE_SA. It further handles the * synchronization: - * Each IKE_SA must be checked out strictly and checked in again after use. The - * manager guarantees that only one thread may check out a single IKE_SA. This + * Each IKE_SA must be checked out strictly and checked in again after use. The + * manager guarantees that only one thread may check out a single IKE_SA. This * allows us to write the (complex) IKE_SAs routines non-threadsave. - * The IKE_SA contain the state and the logic of each IKE_SA and handle the + * The IKE_SA contain the state and the logic of each IKE_SA and handle the * messages. - * + * * The CHILD_SA contains state about a IPsec security association and manages - * them. An IKE_SA may have multiple CHILD_SAs. Communication to the kernel + * them. An IKE_SA may have multiple CHILD_SAs. Communication to the kernel * takes place here through the kernel interface. - * + * * The kernel interface installs IPsec security associations, policies, routes - * and virtual addresses. It further provides methods to enumerate interfaces + * and virtual addresses. It further provides methods to enumerate interfaces * and may notify the daemon about state changes at lower layers. - * - * The bus receives signals from the different threads and relais them to interested - * listeners. Debugging signals, but also important state changes or error - * messages are sent over the bus. - * It's listeners are not only for logging, but also to track the state of an + * + * The bus receives signals from the different threads and relays them to + * interested listeners. Debugging signals, but also important state changes or + * error messages are sent over the bus. + * Its listeners are not only for logging, but also to track the state of an * IKE_SA. * - * The controller, credential_manager, bus and backend_manager (config) are + * The controller, credential_manager, bus and backend_manager (config) are * places where a plugin ca register itself to privide information or observe * and control the daemon. */ @@ -307,7 +307,7 @@ struct daemon_t { */ gid_t gid; - /** + /** * The thread_id of main-thread. */ pthread_t main_thread_id; @@ -323,7 +323,7 @@ struct daemon_t { /** * Shut down the daemon. - * + * * @param reason describtion why it will be killed */ void (*kill) (daemon_t *this, char *reason); diff --git a/src/charon/encoding/message.c b/src/charon/encoding/message.c index 7c6fdb499..ff82a57c7 100644 --- a/src/charon/encoding/message.c +++ b/src/charon/encoding/message.c @@ -47,7 +47,7 @@ typedef struct payload_rule_t payload_rule_t; /** * A payload rule defines the rules for a payload - * in a specific message rule. It defines if and how + * in a specific message rule. It defines if and how * many times a payload must/can occur in a message * and if it must be encrypted. */ @@ -74,7 +74,7 @@ struct payload_rule_t { /** * If this payload occurs, the message rule is - * fullfilled in any case. This applies e.g. to + * fullfilled in any case. This applies e.g. to * notify_payloads. */ bool sufficient; @@ -88,11 +88,11 @@ typedef struct payload_order_t payload_order_t; struct payload_order_t { /** - * payload type + * payload type */ payload_type_t type; - /** + /** * notify type, if payload == NOTIFY */ notify_type_t notify; @@ -516,7 +516,7 @@ static message_rule_t message_rules[] = { (sizeof(me_connect_r_payload_order)/sizeof(payload_order_t)), me_connect_r_payload_order, }, -#endif /* ME */ +#endif /* ME */ }; @@ -791,7 +791,7 @@ static void add_payload(private_message_t *this, payload_t *payload) /** * Implementation of message_t.add_notify. */ -static void add_notify(private_message_t *this, bool flush, notify_type_t type, +static void add_notify(private_message_t *this, bool flush, notify_type_t type, chunk_t data) { notify_payload_t *notify; @@ -799,7 +799,7 @@ static void add_notify(private_message_t *this, bool flush, notify_type_t type, if (flush) { - while (this->payloads->remove_last(this->payloads, + while (this->payloads->remove_last(this->payloads, (void**)&payload) == SUCCESS) { payload->destroy(payload); @@ -912,7 +912,7 @@ static char* get_string(private_message_t *this, char *buf, int len) len--; written = snprintf(pos, len, "%N %s %d [", - exchange_type_names, this->exchange_type, + exchange_type_names, this->exchange_type, this->is_request ? "request" : "response", this->message_id); if (written >= len || written < 0) @@ -992,7 +992,7 @@ static void order_payloads(private_message_t *this) list->remove_at(list, enumerator); add_payload(this, payload); } - } + } } enumerator->destroy(enumerator); } @@ -1056,7 +1056,7 @@ static status_t encrypt_payloads(private_message_t *this, status = get_payload_rule(this, current_payload->get_type(current_payload),&payload_rule); - /* for payload types which are not found in supported payload list, + /* for payload types which are not found in supported payload list, * it is presumed that they don't have to be encrypted */ if ((status == SUCCESS) && (payload_rule->encrypted)) { @@ -1119,7 +1119,7 @@ static status_t generate(private_message_t *this, crypter_t *crypter, } if (this->packet->get_source(this->packet) == NULL || - this->packet->get_destination(this->packet) == NULL) + this->packet->get_destination(this->packet) == NULL) { DBG1(DBG_ENC, "%s not defined", !this->packet->get_source(this->packet) ? "source" : "destination"); @@ -1391,7 +1391,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig } /* encryption payload is processed, payloads are moved. Destroy it. */ - encryption_payload->destroy(encryption_payload); + encryption_payload->destroy(encryption_payload); } /* we allow unknown payloads of any type and don't bother if it was encrypted. Not our problem. */ @@ -1465,7 +1465,7 @@ static status_t verify(private_message_t *this) DBG1(DBG_ENC, "%N is not supported, but its critical!", payload_type_names, current_payload_type); enumerator->destroy(enumerator); - return NOT_SUPPORTED; + return NOT_SUPPORTED; } } else if (current_payload_type == rule->payload_type) @@ -1475,7 +1475,7 @@ static status_t verify(private_message_t *this) DBG2(DBG_ENC, "found payload of type %N", payload_type_names, rule->payload_type); - /* as soon as ohe payload occures more then specified, + /* as soon as ohe payload occures more then specified, * the verification fails */ if (found_payloads > rule->max_occurence) @@ -1502,7 +1502,7 @@ static status_t verify(private_message_t *this) this->payloads->get_count(this->payloads) == total_found_payloads) { enumerator->destroy(enumerator); - return SUCCESS; + return SUCCESS; } enumerator->destroy(enumerator); } @@ -1518,7 +1518,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t payload_type_t current_payload_type; char str[256]; - current_payload_type = this->first_payload; + current_payload_type = this->first_payload; DBG2(DBG_ENC, "parsing body of message, first payload is %N", payload_type_names, current_payload_type); @@ -1528,7 +1528,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t { payload_t *current_payload; - DBG2(DBG_ENC, "starting parsing a %N payload", + DBG2(DBG_ENC, "starting parsing a %N payload", payload_type_names, current_payload_type); /* parse current payload */ @@ -1652,7 +1652,7 @@ message_t *message_create_from_packet(packet_t *packet) /* private values */ if (packet == NULL) { - packet = packet_create(); + packet = packet_create(); } this->message_rule = NULL; this->packet = packet; diff --git a/src/charon/encoding/payloads/ike_header.c b/src/charon/encoding/payloads/ike_header.c index d27bfb82c..614919fac 100644 --- a/src/charon/encoding/payloads/ike_header.c +++ b/src/charon/encoding/payloads/ike_header.c @@ -27,7 +27,6 @@ typedef struct private_ike_header_t private_ike_header_t; /** * Private data of an ike_header_t object. - * */ struct private_ike_header_t { /** @@ -56,19 +55,18 @@ struct private_ike_header_t { /** * IKE minor version. - */ + */ u_int8_t min_version; /** * Exchange type . - */ + */ u_int8_t exchange_type; /** * Flags of the Message. - * */ - struct { + struct { /** * Sender is initiator of the associated IKE_SA_INIT-Exchange. */ @@ -93,7 +91,7 @@ struct private_ike_header_t { /** * Length of the whole IKEv2-Message (header and all payloads). */ - u_int32_t length; + u_int32_t length; }; ENUM_BEGIN(exchange_type_names, EXCHANGE_TYPE_UNDEFINED, EXCHANGE_TYPE_UNDEFINED, @@ -114,9 +112,8 @@ ENUM_END(exchange_type_names, INFORMATIONAL); /** * Encoding rules to parse or generate a IKEv2-Header. * - * The defined offsets are the positions in a object of type + * The defined offsets are the positions in a object of type * ike_header_t. - * */ encoding_rule_t ike_header_encodings[] = { /* 8 Byte SPI, stored in the field initiator_spi */ @@ -132,10 +129,10 @@ encoding_rule_t ike_header_encodings[] = { /* 8 Bit for the exchange type */ { U_INT_8, offsetof(private_ike_header_t, exchange_type) }, /* 2 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* 3 Bit flags, stored in the fields response, version and initiator */ - { FLAG, offsetof(private_ike_header_t, flags.response) }, + { FLAG, offsetof(private_ike_header_t, flags.response) }, { FLAG, offsetof(private_ike_header_t, flags.version) }, { FLAG, offsetof(private_ike_header_t, flags.initiator) }, /* 3 Bit reserved bits, nowhere stored */ @@ -212,7 +209,7 @@ static void set_next_type(payload_t *this,payload_type_t type) */ static u_int64_t get_initiator_spi(private_ike_header_t *this) { - return this->initiator_spi; + return this->initiator_spi; } /** @@ -228,7 +225,7 @@ static void set_initiator_spi(private_ike_header_t *this, u_int64_t initiator_sp */ static u_int64_t get_responder_spi(private_ike_header_t *this) { - return this->responder_spi; + return this->responder_spi; } /** @@ -244,7 +241,7 @@ static void set_responder_spi(private_ike_header_t *this, u_int64_t responder_sp */ static u_int8_t get_maj_version(private_ike_header_t *this) { - return this->maj_version; + return this->maj_version; } /** @@ -252,7 +249,7 @@ static u_int8_t get_maj_version(private_ike_header_t *this) */ static u_int8_t get_min_version(private_ike_header_t *this) { - return this->min_version; + return this->min_version; } /** @@ -260,7 +257,7 @@ static u_int8_t get_min_version(private_ike_header_t *this) */ static bool get_response_flag(private_ike_header_t *this) { - return this->flags.response; + return this->flags.response; } /** @@ -268,7 +265,7 @@ static bool get_response_flag(private_ike_header_t *this) */ static void set_response_flag(private_ike_header_t *this, bool response) { - this->flags.response = response; + this->flags.response = response; } /** @@ -276,7 +273,7 @@ static void set_response_flag(private_ike_header_t *this, bool response) */ static bool get_version_flag(private_ike_header_t *this) { - return this->flags.version; + return this->flags.version; } /** @@ -284,7 +281,7 @@ static bool get_version_flag(private_ike_header_t *this) */ static bool get_initiator_flag(private_ike_header_t *this) { - return this->flags.initiator; + return this->flags.initiator; } /** @@ -292,7 +289,7 @@ static bool get_initiator_flag(private_ike_header_t *this) */ static void set_initiator_flag(private_ike_header_t *this, bool initiator) { - this->flags.initiator = initiator; + this->flags.initiator = initiator; } /** @@ -300,7 +297,7 @@ static void set_initiator_flag(private_ike_header_t *this, bool initiator) */ static u_int8_t get_exchange_type(private_ike_header_t *this) { - return this->exchange_type; + return this->exchange_type; } /** @@ -308,7 +305,7 @@ static u_int8_t get_exchange_type(private_ike_header_t *this) */ static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type) { - this->exchange_type = exchange_type; + this->exchange_type = exchange_type; } /** @@ -317,7 +314,7 @@ static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type */ static u_int32_t get_message_id(private_ike_header_t *this) { - return this->message_id; + return this->message_id; } /** diff --git a/src/charon/encoding/payloads/ike_header.h b/src/charon/encoding/payloads/ike_header.h index 8de316d19..4514c23b7 100644 --- a/src/charon/encoding/payloads/ike_header.h +++ b/src/charon/encoding/payloads/ike_header.h @@ -94,11 +94,11 @@ enum exchange_type_t{ extern enum_name_t *exchange_type_names; /** - * An object of this type represents an IKEv2 header and is used to + * An object of this type represents an IKEv2 header and is used to * generate and parse IKEv2 headers. - * - * The header format of an IKEv2-Message is compatible to the - * ISAKMP-Header format to allow implementations supporting + * + * The header format of an IKEv2-Message is compatible to the + * ISAKMP-Header format to allow implementations supporting * both versions of the IKE-protocol. */ struct ike_header_t { @@ -160,7 +160,6 @@ struct ike_header_t { * Set the response flag- * * @param response response flag - * */ void (*set_response_flag) (ike_header_t *this, bool response); /** @@ -220,7 +219,7 @@ struct ike_header_t { /** * Create an ike_header_t object - * + * * @return ike_header_t object */ ike_header_t *ike_header_create(void); diff --git a/src/charon/encoding/payloads/payload.h b/src/charon/encoding/payloads/payload.h index 78f5b7b97..95e702ff8 100644 --- a/src/charon/encoding/payloads/payload.h +++ b/src/charon/encoding/payloads/payload.h @@ -33,7 +33,7 @@ typedef struct payload_t payload_t; /** * Payload-Types of a IKEv2-Message. * - * Header and substructures are also defined as + * Header and substructures are also defined as * payload types with values from PRIVATE USE space. */ enum payload_type_t{ @@ -126,63 +126,63 @@ enum payload_type_t{ #ifdef ME /** * Identification payload for peers has a value from - * the PRIVATE USE space. + * the PRIVATE USE space. */ ID_PEER = 128, #endif /* ME */ /** * Header has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle IKEv2-Header like a payload. */ HEADER = 140, /** * PROPOSAL_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a proposal substructure like a payload. */ PROPOSAL_SUBSTRUCTURE = 141, /** * TRANSFORM_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform substructure like a payload. */ TRANSFORM_SUBSTRUCTURE = 142, /** * TRANSFORM_ATTRIBUTE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform attribute like a payload. */ TRANSFORM_ATTRIBUTE = 143, /** * TRAFFIC_SELECTOR_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform selector like a payload. - */ + */ TRAFFIC_SELECTOR_SUBSTRUCTURE = 144, /** * CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform attribute like a payload. */ CONFIGURATION_ATTRIBUTE = 145, /** * A unknown payload has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a unknown payload. */ UNKNOWN_PAYLOAD = 146, @@ -201,7 +201,7 @@ extern enum_name_t *payload_type_short_names; /** * Generic interface for all payload types (incl.header and substructures). - * + * * To handle all kinds of payloads on a generic way, this interface must * be implemented by every payload. This allows parser_t/generator_t a simple * handling of all payloads. @@ -259,11 +259,11 @@ struct payload_t { /** * Create an empty payload. - * + * * Useful for the parser, who wants a generic constructor for all payloads. - * It supports all payload_t methods. If a payload type is not known, + * It supports all payload_t methods. If a payload type is not known, * an unknwon_paylod is created with the chunk of data in it. - * + * * @param type type of the payload to create * @return payload_t object */ diff --git a/src/charon/plugins/stroke/stroke_config.c b/src/charon/plugins/stroke/stroke_config.c index e5c1471fc..4404f7078 100644 --- a/src/charon/plugins/stroke/stroke_config.c +++ b/src/charon/plugins/stroke/stroke_config.c @@ -236,7 +236,7 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg msg->add_conn.me.address, msg->add_conn.other.address); add_proposals(this, msg->add_conn.algorithms.ike, ike_cfg, NULL); - return ike_cfg; + return ike_cfg; } /** @@ -380,7 +380,7 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this, { this->ca->check_for_hash_and_url(this->ca, certificate); } - cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate); + cfg->add(cfg, AUTH_RULE_SUBJECT_CERT, certificate); if (identity->get_type(identity) == ID_ANY || !certificate->has_subject(certificate, identity)) { @@ -533,8 +533,8 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this, #ifdef ME if (msg->add_conn.ikeme.mediation && msg->add_conn.ikeme.mediated_by) { - DBG1(DBG_CFG, "a mediation connection cannot be a" - " mediated connection at the same time, aborting"); + DBG1(DBG_CFG, "a mediation connection cannot be a mediated connection " + "at the same time, aborting"); return NULL; } @@ -547,19 +547,18 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this, if (msg->add_conn.ikeme.mediated_by) { mediated_by = charon->backends->get_peer_cfg_by_name(charon->backends, - msg->add_conn.ikeme.mediated_by); + msg->add_conn.ikeme.mediated_by); if (!mediated_by) { DBG1(DBG_CFG, "mediation connection '%s' not found, aborting", msg->add_conn.ikeme.mediated_by); return NULL; } - if (!mediated_by->is_mediation(mediated_by)) { - DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is" - "no mediation connection, aborting", - msg->add_conn.ikeme.mediated_by, msg->add_conn.name); + DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is " + "no mediation connection, aborting", + msg->add_conn.ikeme.mediated_by, msg->add_conn.name); mediated_by->destroy(mediated_by); return NULL; } @@ -583,7 +582,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this, else { rekey = msg->add_conn.rekey.ike_lifetime - over; - } + } if (msg->add_conn.me.sourceip_size) { if (msg->add_conn.me.sourceip) @@ -639,7 +638,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this, * uses to serve pool addresses. */ peer_cfg = peer_cfg_create(msg->add_conn.name, msg->add_conn.ikev2 ? 2 : 1, ike_cfg, - msg->add_conn.me.sendcert, unique, + msg->add_conn.me.sendcert, unique, msg->add_conn.rekey.tries, rekey, reauth, jitter, over, msg->add_conn.mobike, msg->add_conn.dpd.delay, vip, msg->add_conn.other.sourceip_size ? diff --git a/src/charon/processing/jobs/process_message_job.c b/src/charon/processing/jobs/process_message_job.c index 1f0b3e287..2703e5775 100644 --- a/src/charon/processing/jobs/process_message_job.c +++ b/src/charon/processing/jobs/process_message_job.c @@ -52,7 +52,7 @@ static void execute(private_process_message_job_t *this) ike_sa_t *ike_sa; #ifdef ME - /* if this is an unencrypted INFORMATIONAL exchange it is likely a + /* if this is an unencrypted INFORMATIONAL exchange it is likely a * connectivity check. */ if (this->message->get_exchange_type(this->message) == INFORMATIONAL && this->message->get_first_payload_type(this->message) != ENCRYPTED) diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index 712c022bc..e54a331d2 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -148,7 +148,7 @@ struct private_ike_sa_t { */ chunk_t connect_id; #endif /* ME */ - + /** * Identification used for us */ @@ -637,7 +637,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state) /* schedule rekeying if we have a time which is smaller than * an already scheduled rekeying */ t = this->peer_cfg->get_rekey_time(this->peer_cfg); - if (t && (this->stats[STAT_REKEY] == 0 || + if (t && (this->stats[STAT_REKEY] == 0 || (this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED]))) { this->stats[STAT_REKEY] = t + this->stats[STAT_ESTABLISHED]; @@ -646,7 +646,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state) DBG1(DBG_IKE, "scheduling rekeying in %ds", t); } t = this->peer_cfg->get_reauth_time(this->peer_cfg); - if (t && (this->stats[STAT_REAUTH] == 0 || + if (t && (this->stats[STAT_REAUTH] == 0 || (this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED]))) { this->stats[STAT_REAUTH] = t + this->stats[STAT_ESTABLISHED]; @@ -686,7 +686,7 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state) { /* delete may fail if a packet gets lost, so set a timeout */ job_t *job = (job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE); - charon->scheduler->schedule_job(charon->scheduler, job, + charon->scheduler->schedule_job(charon->scheduler, job, HALF_OPEN_IKE_SA_TIMEOUT); break; } @@ -988,7 +988,7 @@ static chunk_t get_connect_id(private_ike_sa_t *this) * Implementation of ike_sa_t.respond */ static status_t respond(private_ike_sa_t *this, identification_t *peer_id, - chunk_t connect_id) + chunk_t connect_id) { ike_me_t *task = ike_me_create(&this->public, TRUE); task->respond(task, peer_id, connect_id); @@ -1011,7 +1011,8 @@ static status_t callback(private_ike_sa_t *this, identification_t *peer_id) * Implementation of ike_sa_t.relay */ static status_t relay(private_ike_sa_t *this, identification_t *requester, - chunk_t connect_id, chunk_t connect_key, linked_list_t *endpoints, bool response) + chunk_t connect_id, chunk_t connect_key, + linked_list_t *endpoints, bool response) { ike_me_t *task = ike_me_create(&this->public, TRUE); task->relay(task, requester, connect_id, connect_key, endpoints, response); @@ -1022,7 +1023,8 @@ static status_t relay(private_ike_sa_t *this, identification_t *requester, /** * Implementation of ike_sa_t.initiate_mediation */ -static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_cfg) +static status_t initiate_mediation(private_ike_sa_t *this, + peer_cfg_t *mediated_cfg) { ike_me_t *task = ike_me_create(&this->public, TRUE); task->connect(task, mediated_cfg->get_peer_id(mediated_cfg)); @@ -1033,14 +1035,13 @@ static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_ /** * Implementation of ike_sa_t.initiate_mediated */ -static status_t initiate_mediated(private_ike_sa_t *this, host_t *me, host_t *other, - chunk_t connect_id) +static status_t initiate_mediated(private_ike_sa_t *this, host_t *me, + host_t *other, chunk_t connect_id) { set_my_host(this, me->clone(me)); set_other_host(this, other->clone(other)); chunk_free(&this->connect_id); this->connect_id = chunk_clone(connect_id); - return this->task_manager->initiate(this->task_manager); } #endif /* ME */ @@ -1158,8 +1159,8 @@ static status_t initiate(private_ike_sa_t *this, { if (this->state == IKE_ESTABLISHED) { - /* mediation connection is already established, retrigger state change - * to notify bus listeners */ + /* mediation connection is already established, retrigger state + * change to notify bus listeners */ DBG1(DBG_IKE, "mediation connection is already up"); set_state(this, IKE_ESTABLISHED); } @@ -1509,7 +1510,7 @@ static status_t reauth(private_ike_sa_t *this) if (this->other_virtual_ip != NULL || has_condition(this, COND_EAP_AUTHENTICATED) #ifdef ME - /* if we are mediation server we too cannot reauth the IKE_SA */ + /* as mediation server we too cannot reauth the IKE_SA */ || this->is_mediation_server #endif /* ME */ ) @@ -1545,7 +1546,7 @@ static status_t reestablish(private_ike_sa_t *this) bool required = FALSE; status_t status = FAILED; - /* check if we have children to keep up at all*/ + /* check if we have children to keep up at all */ iterator = create_child_sa_iterator(this); while (iterator->iterate(iterator, (void**)&child_sa)) { @@ -1569,7 +1570,7 @@ static status_t reestablish(private_ike_sa_t *this) } iterator->destroy(iterator); #ifdef ME - /* we initiate the new IKE_SA of the mediation connection without CHILD_SA */ + /* mediation connections have no children, keep them up anyway */ if (this->peer_cfg->is_mediation(this->peer_cfg)) { required = TRUE; @@ -1720,7 +1721,7 @@ static void set_auth_lifetime(private_ike_sa_t *this, u_int32_t lifetime) (job_t*)rekey_ike_sa_job_create(this->ike_sa_id, TRUE)); } else if (this->stats[STAT_REAUTH] == 0 || - this->stats[STAT_REAUTH] > reauth_time) + this->stats[STAT_REAUTH] > reauth_time) { this->stats[STAT_REAUTH] = reauth_time; DBG1(DBG_IKE, "received AUTH_LIFETIME of %ds, scheduling reauthentication" @@ -1886,7 +1887,7 @@ static status_t inherit(private_ike_sa_t *this, private_ike_sa_t *other) } /* ... and configuration attributes */ - while (other->attributes->remove_last(other->attributes, + while (other->attributes->remove_last(other->attributes, (void**)&entry) == SUCCESS) { this->attributes->insert_first(this->attributes, entry); @@ -1932,9 +1933,9 @@ static status_t inherit(private_ike_sa_t *this, private_ike_sa_t *other) this->stats[STAT_DELETE] = this->stats[STAT_REAUTH] + delete; DBG1(DBG_IKE, "rescheduling reauthentication in %ds after rekeying, " "lifetime reduced to %ds", reauth, delete); - charon->scheduler->schedule_job(charon->scheduler, + charon->scheduler->schedule_job(charon->scheduler, (job_t*)rekey_ike_sa_job_create(this->ike_sa_id, TRUE), reauth); - charon->scheduler->schedule_job(charon->scheduler, + charon->scheduler->schedule_job(charon->scheduler, (job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE), delete); } /* we have to initate here, there may be new tasks to handle */ @@ -1953,7 +1954,7 @@ static void destroy(private_ike_sa_t *this) set_state(this, IKE_DESTROYING); /* remove attributes first, as we pass the IKE_SA to the handler */ - while (this->attributes->remove_last(this->attributes, + while (this->attributes->remove_last(this->attributes, (void**)&entry) == SUCCESS) { charon->attributes->release(charon->attributes, entry->handler, @@ -1992,7 +1993,8 @@ static void destroy(private_ike_sa_t *this) #ifdef ME if (this->is_mediation_server) { - charon->mediation_manager->remove(charon->mediation_manager, this->ike_sa_id); + charon->mediation_manager->remove(charon->mediation_manager, + this->ike_sa_id); } DESTROY_IF(this->server_reflexive_host); chunk_free(&this->connect_id); diff --git a/src/charon/sa/ike_sa.h b/src/charon/sa/ike_sa.h index 41d7a7976..1f216fd71 100644 --- a/src/charon/sa/ike_sa.h +++ b/src/charon/sa/ike_sa.h @@ -164,7 +164,7 @@ enum statistic_t { ¦ SA_CREATED ¦ +----------------+ ¦ - on initiate()---> ¦ <----- on IKE_SA_INIT received + on initiate()---> ¦ <----- on IKE_SA_INIT received V +----------------+ ¦ SA_CONNECTING ¦ @@ -246,7 +246,7 @@ struct ike_sa_t { /** * Get the id of the SA. - * + * * Returned ike_sa_id_t object is not getting cloned! * * @return ike_sa's ike_sa_id_t @@ -291,28 +291,28 @@ struct ike_sa_t { /** * Get the own host address. - * + * * @return host address */ host_t* (*get_my_host) (ike_sa_t *this); /** * Set the own host address. - * + * * @param me host address */ void (*set_my_host) (ike_sa_t *this, host_t *me); /** * Get the other peers host address. - * + * * @return host address */ host_t* (*get_other_host) (ike_sa_t *this); /** * Set the others host address. - * + * * @param other host address */ void (*set_other_host) (ike_sa_t *this, host_t *other); @@ -329,28 +329,28 @@ struct ike_sa_t { /** * Get the own identification. - * + * * @return identification */ identification_t* (*get_my_id) (ike_sa_t *this); /** * Set the own identification. - * + * * @param me identification */ void (*set_my_id) (ike_sa_t *this, identification_t *me); /** * Get the other peer's identification. - * + * * @return identification */ identification_t* (*get_other_id) (ike_sa_t *this); /** * Set the other peer's identification. - * + * * @param other identification */ void (*set_other_id) (ike_sa_t *this, identification_t *other); @@ -359,42 +359,42 @@ struct ike_sa_t { * Get the peers EAP identity. * * The EAP identity is exchanged in a EAP-Identity exchange. - * + * * @return identification, NULL if none set */ identification_t* (*get_eap_identity) (ike_sa_t *this); /** * Set the peer's EAP identity. - * + * * @param id identification */ void (*set_eap_identity) (ike_sa_t *this, identification_t *id); /** * Get the config used to setup this IKE_SA. - * + * * @return ike_config */ ike_cfg_t* (*get_ike_cfg) (ike_sa_t *this); /** * Set the config to setup this IKE_SA. - * + * * @param config ike_config to use */ void (*set_ike_cfg) (ike_sa_t *this, ike_cfg_t* config); /** * Get the peer config used by this IKE_SA. - * + * * @return peer_config */ peer_cfg_t* (*get_peer_cfg) (ike_sa_t *this); /** * Set the peer config to use with this IKE_SA. - * + * * @param config peer_config to use */ void (*set_peer_cfg) (ike_sa_t *this, peer_cfg_t *config); @@ -515,91 +515,93 @@ struct ike_sa_t { /** * Get the server reflexive host. - * + * * @return server reflexive host */ host_t* (*get_server_reflexive_host) (ike_sa_t *this); /** * Set the server reflexive host. - * + * * @param host server reflexive host */ void (*set_server_reflexive_host) (ike_sa_t *this, host_t *host); /** * Get the connect ID. - * + * * @return connect ID */ chunk_t (*get_connect_id) (ike_sa_t *this); /** * Initiate the mediation of a mediated connection (i.e. initiate a - * ME_CONNECT exchange). - * - * @param mediated_cfg peer_cfg of the mediated connection - * @return - * - SUCCESS if initialization started - * - DESTROY_ME if initialization failed + * ME_CONNECT exchange to a mediation server). + * + * @param mediated_cfg peer_cfg of the mediated connection + * @return + * - SUCCESS if initialization started + * - DESTROY_ME if initialization failed */ status_t (*initiate_mediation) (ike_sa_t *this, peer_cfg_t *mediated_cfg); /** * Initiate the mediated connection - * - * @param me local endpoint (gets cloned) - * @param other remote endpoint (gets cloned) - * @param connect_id connect ID (gets cloned) - * @return - * - SUCCESS if initialization started - * - DESTROY_ME if initialization failed + * + * @param me local endpoint (gets cloned) + * @param other remote endpoint (gets cloned) + * @param connect_id connect ID (gets cloned) + * @return + * - SUCCESS if initialization started + * - DESTROY_ME if initialization failed */ status_t (*initiate_mediated) (ike_sa_t *this, host_t *me, host_t *other, - chunk_t connect_id); + chunk_t connect_id); /** - * Relay data from one peer to another (i.e. initiate a - * ME_CONNECT exchange). + * Relay data from one peer to another (i.e. initiate a ME_CONNECT exchange + * to a peer). * * Data is cloned. - * - * @param requester ID of the requesting peer - * @param connect_id data of the ME_CONNECTID payload - * @param connect_key data of the ME_CONNECTKEY payload - * @param endpoints endpoints - * @param response TRUE if this is a response - * @return - * - SUCCESS if relay started - * - DESTROY_ME if relay failed + * + * @param requester ID of the requesting peer + * @param connect_id data of the ME_CONNECTID payload + * @param connect_key data of the ME_CONNECTKEY payload + * @param endpoints endpoints + * @param response TRUE if this is a response + * @return + * - SUCCESS if relay started + * - DESTROY_ME if relay failed */ - status_t (*relay) (ike_sa_t *this, identification_t *requester, chunk_t connect_id, - chunk_t connect_key, linked_list_t *endpoints, bool response); + status_t (*relay) (ike_sa_t *this, identification_t *requester, + chunk_t connect_id, chunk_t connect_key, + linked_list_t *endpoints, bool response); /** * Send a callback to a peer. - * + * * Data is cloned. - * - * @param peer_id ID of the other peer + * + * @param peer_id ID of the other peer * @return - * - SUCCESS if response started - * - DESTROY_ME if response failed + * - SUCCESS if response started + * - DESTROY_ME if response failed */ status_t (*callback) (ike_sa_t *this, identification_t *peer_id); /** * Respond to a ME_CONNECT request. - * + * * Data is cloned. - * - * @param peer_id ID of the other peer - * @param connect_id the connect ID supplied by the initiator + * + * @param peer_id ID of the other peer + * @param connect_id the connect ID supplied by the initiator * @return - * - SUCCESS if response started - * - DESTROY_ME if response failed + * - SUCCESS if response started + * - DESTROY_ME if response failed */ - status_t (*respond) (ike_sa_t *this, identification_t *peer_id, chunk_t connect_id); + status_t (*respond) (ike_sa_t *this, identification_t *peer_id, + chunk_t connect_id); #endif /* ME */ /** @@ -608,12 +610,12 @@ struct ike_sa_t { * The configs are owned by the IKE_SA after the call. If the initiate * is triggered by a packet, traffic selectors of the packet can be added * to the CHILD_SA. - * + * * @param child_cfg child config to create CHILD from * @param reqid reqid to use for CHILD_SA, 0 assigne uniquely * @param tsi source of triggering packet * @param tsr destination of triggering packet. - * @return + * @return * - SUCCESS if initialization started * - DESTROY_ME if initialization failed */ @@ -623,14 +625,14 @@ struct ike_sa_t { /** * Initiates the deletion of an IKE_SA. - * + * * Sends a delete message to the remote peer and waits for * its response. If the response comes in, or a timeout occurs, * the IKE SA gets deleted. - * + * * @return * - SUCCESS if deletion is initialized - * - DESTROY_ME, if the IKE_SA is not in + * - DESTROY_ME, if the IKE_SA is not in * an established state and can not be * deleted (but destroyed). */ @@ -653,12 +655,12 @@ struct ike_sa_t { /** * Processes a incoming IKEv2-Message. * - * Message processing may fail. If a critical failure occurs, - * process_message() return DESTROY_ME. Then the caller must + * Message processing may fail. If a critical failure occurs, + * process_message() return DESTROY_ME. Then the caller must * destroy the IKE_SA immediatly, as it is unusable. - * + * * @param message message to process - * @return + * @return * - SUCCESS * - FAILED * - DESTROY_ME if this IKE_SA MUST be deleted @@ -667,13 +669,13 @@ struct ike_sa_t { /** * Generate a IKE message to send it to the peer. - * + * * This method generates all payloads in the message and encrypts/signs * the packet. - * + * * @param message message to generate * @param packet generated output packet - * @return + * @return * - SUCCESS * - FAILED * - DESTROY_ME if this IKE_SA MUST be deleted @@ -683,7 +685,7 @@ struct ike_sa_t { /** * Retransmits a request. - * + * * @param message_id ID of the request to retransmit * @return * - SUCCESS @@ -697,7 +699,7 @@ struct ike_sa_t { * To check if a peer is still alive, periodic * empty INFORMATIONAL messages are sent if no * other traffic was received. - * + * * @return * - SUCCESS * - DESTROY_ME, if peer did not respond @@ -723,25 +725,25 @@ struct ike_sa_t { /** * Associates a child SA to this IKE SA - * + * * @param child_sa child_sa to add */ void (*add_child_sa) (ike_sa_t *this, child_sa_t *child_sa); /** * Get a CHILD_SA identified by protocol and SPI. - * + * * @param protocol protocol of the SA * @param spi SPI of the CHILD_SA * @param inbound TRUE if SPI is inbound, FALSE if outbound * @return child_sa, or NULL if none found */ - child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol, + child_sa_t* (*get_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi, bool inbound); /** * Create an iterator over all CHILD_SAs. - * + * * @return iterator */ iterator_t* (*create_child_sa_iterator) (ike_sa_t *this); diff --git a/src/charon/sa/task_manager.c b/src/charon/sa/task_manager.c index f33fcd6d4..b3d678bf3 100644 --- a/src/charon/sa/task_manager.c +++ b/src/charon/sa/task_manager.c @@ -133,7 +133,7 @@ struct private_task_manager_t { linked_list_t *passive_tasks; /** - * the task manager has been reset + * the task manager has been reset */ bool reset; }; @@ -143,7 +143,7 @@ struct private_task_manager_t { */ static void flush(private_task_manager_t *this) { - this->queued_tasks->destroy_offset(this->queued_tasks, + this->queued_tasks->destroy_offset(this->queued_tasks, offsetof(task_t, destroy)); this->passive_tasks->destroy_offset(this->passive_tasks, offsetof(task_t, destroy)); @@ -521,7 +521,7 @@ static status_t process_response(private_task_manager_t *this, this->reset = FALSE; iterator->destroy(iterator); return build_request(this); - } + } } iterator->destroy(iterator); @@ -688,7 +688,7 @@ static status_t process_request(private_task_manager_t *this, this->passive_tasks->insert_last(this->passive_tasks, task); task = (task_t*)ike_cert_pre_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); -#ifdef ME +#ifdef ME task = (task_t*)ike_me_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); #endif /* ME */ diff --git a/src/charon/sa/tasks/ike_init.c b/src/charon/sa/tasks/ike_init.c index 2705f5886..ce94cd172 100644 --- a/src/charon/sa/tasks/ike_init.c +++ b/src/charon/sa/tasks/ike_init.c @@ -123,7 +123,7 @@ static void build_payloads(private_ike_init_t *this, message_t *message) { proposal_list = this->config->get_proposals(this->config); if (this->old_sa) - { + { /* include SPI of new IKE_SA when we are rekeying */ iterator = proposal_list->create_iterator(proposal_list, TRUE); while (iterator->iterate(iterator, (void**)&proposal)) @@ -184,7 +184,7 @@ static void process_payloads(private_ike_init_t *this, message_t *message) proposal_list = sa_payload->get_proposals(sa_payload); this->proposal = this->config->select_proposal(this->config, proposal_list); - proposal_list->destroy_offset(proposal_list, + proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy)); break; } @@ -217,7 +217,7 @@ static void process_payloads(private_ike_init_t *this, message_t *message) vendor_id_payload_t *vendor_id = (vendor_id_payload_t*)payload; chunk_t vid = vendor_id->get_data(vendor_id); - DBG1(DBG_ENC, "received vendor id: %#B", &vid); + DBG1(DBG_ENC, "received vendor id: %#B", &vid); } default: break; @@ -296,7 +296,7 @@ static status_t build_i(private_ike_init_t *this, message_t *message) * Implementation of task_t.process for responder */ static status_t process_r(private_ike_init_t *this, message_t *message) -{ +{ rng_t *rng; this->config = this->ike_sa->get_ike_cfg(this->ike_sa); @@ -513,7 +513,7 @@ static status_t process_i(private_ike_init_t *this, message_t *message) DBG1(DBG_IKE, "received %N notify error", notify_type_names, type); enumerator->destroy(enumerator); - return FAILED; + return FAILED; } DBG2(DBG_IKE, "received %N notify", notify_type_names, type); diff --git a/src/charon/sa/tasks/ike_natd.c b/src/charon/sa/tasks/ike_natd.c index bb18e7bda..f3a70c742 100644 --- a/src/charon/sa/tasks/ike_natd.c +++ b/src/charon/sa/tasks/ike_natd.c @@ -137,7 +137,7 @@ static notify_payload_t *build_natd_payload(private_ike_natd_t *this, notify_type_t type, host_t *host) { chunk_t hash; - notify_payload_t *notify; + notify_payload_t *notify; ike_sa_id_t *ike_sa_id; ike_cfg_t *config; @@ -245,12 +245,12 @@ static void process_payloads(private_ike_natd_t *this, message_t *message) this->ike_sa->set_condition(this->ike_sa, COND_NAT_HERE, !this->dst_matched); this->ike_sa->set_condition(this->ike_sa, COND_NAT_THERE, - !this->src_matched); + !this->src_matched); config = this->ike_sa->get_ike_cfg(this->ike_sa); if (this->dst_matched && this->src_matched && config->force_encap(config)) { - this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE); + this->ike_sa->set_condition(this->ike_sa, COND_NAT_FAKE, TRUE); } } } @@ -278,7 +278,7 @@ static status_t process_i(private_ike_natd_t *this, message_t *message) if (this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY) || #ifdef ME - /* if we are on a mediation connection we swith to port 4500 even + /* if we are on a mediation connection we switch to port 4500 even * if no NAT is detected. */ peer_cfg->is_mediation(peer_cfg) || #endif /* ME */ @@ -406,7 +406,7 @@ static status_t build_r(private_ike_natd_t *this, message_t *message) * Implementation of task_t.process for responder */ static status_t process_r(private_ike_natd_t *this, message_t *message) -{ +{ process_payloads(this, message); return NEED_MORE; diff --git a/src/charon/sa/tasks/ike_reauth.c b/src/charon/sa/tasks/ike_reauth.c index 80f1b7b8c..3d8b7e256 100644 --- a/src/charon/sa/tasks/ike_reauth.c +++ b/src/charon/sa/tasks/ike_reauth.c @@ -70,7 +70,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message) iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa); if (iterator->get_count(iterator) == 0 #ifdef ME - /* we allow a peer to reauth a mediation connection (without CHILD_SA) */ + /* we allow peers to reauth mediation connections (without children) */ && !peer_cfg->is_mediation(peer_cfg) #endif /* ME */ ) diff --git a/src/charon/sa/tasks/task.h b/src/charon/sa/tasks/task.h index 3d2014599..0e0af072f 100644 --- a/src/charon/sa/tasks/task.h +++ b/src/charon/sa/tasks/task.h @@ -79,7 +79,7 @@ extern enum_name_t *task_type_names; * * A task is an elemantary operation. It may be handled by a single or by * multiple exchanges. An exchange may even complete multiple tasks. - * A task has a build() and an process() operation. The build() operation + * A task has a build() and an process() operation. The build() operation * creates payloads and adds it to the message. The process() operation * inspects a message and handles its payloads. An initiator of an exchange * first calls build() to build the request, and processes the response message @@ -97,7 +97,7 @@ struct task_t { /** * Build a request or response message for this task. - * + * * @param message message to add payloads to * @return * - FAILED if a critical error occured @@ -109,7 +109,7 @@ struct task_t { /** * Process a request or response message for this task. - * + * * @param message message to read payloads from * @return * - FAILED if a critical error occured |