""

author: Martin Willi <martin@strongswan.org> 2005-11-17 14:28:07 +0000
committer: Martin Willi <martin@strongswan.org> 2005-11-17 14:28:07 +0000
commit: c1e9c3f69739ff4519006922f6be5ef89c06a742 (patch)
tree: efbaf25a888c3b348a811423aa7a6e68767a7cfd
parent: 6d63e6864e45f17386aedd1f6f5e56c957cb9c01 (diff)
download: strongswan-c1e9c3f69739ff4519006922f6be5ef89c06a742.tar.bz2
strongswan-c1e9c3f69739ff4519006922f6be5ef89c06a742.tar.xz
3 files changed, 180 insertions, 111 deletions
diff --git a/Source/charon/configuration_manager.c b/Source/charon/configuration_manager.c
index 68118d497..81b1303f2 100644
--- a/Source/charon/configuration_manager.c
+++ b/Source/charon/configuration_manager.c
@@ -28,6 +28,11 @@
 
 #include "types.h"
 #include "utils/allocator.h"
+#include "payloads/nonce_payload.h"
+#include "payloads/proposal_substructure.h"
+#include "payloads/ke_payload.h"
+#include "payloads/transform_substructure.h"
+#include "payloads/transform_attribute.h"
 
 /**
  * Private data of an configuration_t object
@@ -79,13 +84,157 @@ static status_t get_local_host(private_configuration_manager_t *this, char *name
 	return SUCCESS;
 }
 	
-static status_t get_proposals_for_host(private_configuration_manager_t *this, host_t *host, linked_list_iterator_t *list)
+static status_t get_proposals_for_host(private_configuration_manager_t *this, host_t *host, linked_list_iterator_t *iterator)
 {
-	return FAILED;
+	/* use a default proposal:
+	 * - ENCR_AES_CBC 128Bit
+	 * - PRF_HMAC_SHA1 128Bit
+	 * - AUTH_HMAC_SHA1_96 96Bit
+	 * - MODP_1024_BIT
+	 */
+	proposal_substructure_t *proposal;
+	transform_substructure_t *transform;
+	transform_attribute_t *attribute;
+	status_t status;
+	
+	proposal = proposal_substructure_create();
+	if (proposal == NULL)
+	{
+		return OUT_OF_RES;
+	}
+	
+	/* 
+	 * Encryption Algorithm 
+	 */
+	transform = transform_substructure_create();
+	if (transform == NULL)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = proposal->add_transform_substructure(proposal, transform);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	transform->set_is_last_transform(transform, FALSE);
+	transform->set_transform_type(transform, ENCRYPTION_ALGORITHM);
+	transform->set_transform_id(transform, ENCR_AES_CBC);
+	
+	attribute = transform_attribute_create();
+	if (attribute == NULL)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = transform->add_transform_attribute(transform, attribute);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	attribute->set_attribute_type(attribute, KEY_LENGTH);
+	attribute->set_value(attribute, 16);
+	
+ 	/* 
+ 	 * Pseudo-random Function
+ 	 */
+ 	transform = transform_substructure_create();
+	if (transform == NULL)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = proposal->add_transform_substructure(proposal, transform);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	transform->set_is_last_transform(transform, FALSE);
+	transform->set_transform_type(transform, PSEUDO_RANDOM_FUNCTION);
+	transform->set_transform_id(transform, PRF_HMAC_SHA1);
+	
+	attribute = transform_attribute_create();
+	if (attribute == NULL)
+	{		
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = transform->add_transform_attribute(transform, attribute);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	attribute->set_attribute_type(attribute, KEY_LENGTH);
+	attribute->set_value(attribute, 16);
+
+ 	
+ 	/* 
+ 	 * Integrity Algorithm 
+ 	 */
+ 	transform = transform_substructure_create();
+	if (transform == NULL)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = proposal->add_transform_substructure(proposal, transform);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	transform->set_is_last_transform(transform, FALSE);
+	transform->set_transform_type(transform, INTEGRITIY_ALGORITHM);
+	transform->set_transform_id(transform, AUTH_HMAC_SHA1_96);
+	
+	attribute = transform_attribute_create();
+	if (attribute == NULL)
+	{		
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = transform->add_transform_attribute(transform, attribute);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	attribute->set_attribute_type(attribute, KEY_LENGTH);
+	attribute->set_value(attribute, 12);
+ 	
+ 	
+    /* 
+     * Diffie-Hellman Group 
+     */
+ 	transform = transform_substructure_create();
+	if (transform == NULL)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	status = proposal->add_transform_substructure(proposal, transform);
+	if (status != SUCCESS)
+	{
+		proposal->destroy(proposal);
+		return OUT_OF_RES;
+	}
+	transform->set_is_last_transform(transform, FALSE);
+	transform->set_transform_type(transform, DIFFIE_HELLMAN_GROUP);
+	transform->set_transform_id(transform, MODP_1024_BIT);
+	
+	iterator->insert_after(iterator, (void*)proposal);
+	
+	return SUCCESS;
 }
 	
 static status_t select_proposals_for_host(private_configuration_manager_t *this, host_t *host, linked_list_iterator_t *in, linked_list_iterator_t *out)
 {
+	
+	
 	return FAILED;
 }
 
diff --git a/Source/charon/ike_sa.c b/Source/charon/ike_sa.c
index d84375ae8..5f6cd40c1 100644
--- a/Source/charon/ike_sa.c
+++ b/Source/charon/ike_sa.c
@@ -193,20 +193,19 @@ static status_t initialize_connection(private_ike_sa_t *this, char *name)
 	message_t *message;
 	payload_t *payload;
 	packet_t *packet;
-	host_t *source, *destination;
 	status_t status;
 	
 	this->logger->log(this->logger, CONTROL, "initializing connection");
 	
 	this->original_initiator = TRUE;
 	
-	status = global_configuration_manager->get_local_host(global_configuration_manager, name, &source);
+	status = global_configuration_manager->get_local_host(global_configuration_manager, name, &(this->me.host));
 	if (status != SUCCESS)
 	{	
 		return INVALID_ARG;
 	}
 	
-	status = global_configuration_manager->get_remote_host(global_configuration_manager, name, &destination);
+	status = global_configuration_manager->get_remote_host(global_configuration_manager, name, &(this->other.host));
 	if (status != SUCCESS)
 	{	
 		return INVALID_ARG;
@@ -220,8 +219,8 @@ static status_t initialize_connection(private_ike_sa_t *this, char *name)
 	}
 	
 
-	message->set_source(message, source);
-	message->set_destination(message, destination);
+	message->set_source(message, this->me.host);
+	message->set_destination(message, this->other.host);
 
 	message->set_exchange_type(message, IKE_SA_INIT);
 	message->set_original_initiator(message, this->original_initiator);
@@ -272,6 +271,7 @@ static status_t initialize_connection(private_ike_sa_t *this, char *name)
 
 	message->destroy(message);
 
+	this->current_state = IKE_SA_INIT_REQUESTED;
 
 	return SUCCESS;
 }
@@ -289,12 +289,10 @@ static ike_sa_id_t* get_id(private_ike_sa_t *this)
  */
 static status_t build_sa_payload(private_ike_sa_t *this, sa_payload_t **payload)
 {
-	sa_payload_t *sa_payload;
-	proposal_substructure_t *proposal;
-	transform_substructure_t *transform;
-	transform_attribute_t *attribute;
-	
-	
+	sa_payload_t* sa_payload;
+	linked_list_iterator_t *iterator;
+	status_t status;
+
 	this->logger->log(this->logger, CONTROL_MORE, "building sa payload");
 	
 	sa_payload = sa_payload_create();
@@ -302,104 +300,22 @@ static status_t build_sa_payload(private_ike_sa_t *this, sa_payload_t **payload)
 	{
 		return OUT_OF_RES;
 	}
+	status = sa_payload->create_proposal_substructure_iterator(sa_payload, &iterator, FALSE);
+	if (status != SUCCESS)
+	{
+		sa_payload->destroy(sa_payload);
+		return status;
+	}
+	status = global_configuration_manager->get_proposals_for_host(global_configuration_manager, this->other.host, iterator);
+	if (status != SUCCESS)
+	{
+		sa_payload->destroy(sa_payload);
+		return status;
+	}
 	
-	do
-	{	/* no loop, just to break */
-		proposal = proposal_substructure_create();
-		if (proposal == NULL)
-		{
-			break;
-		}
-		sa_payload->add_proposal_substructure(sa_payload, proposal);
-		
-		/* 
-		 * Encryption Algorithm 
-		 */
-		transform = transform_substructure_create();
-		if (transform == NULL)
-		{
-			break;
-		}
-		proposal->add_transform_substructure(proposal, transform);
-		transform->set_is_last_transform(transform, FALSE);
-		transform->set_transform_type(transform, ENCRYPTION_ALGORITHM);
-		transform->set_transform_id(transform, ENCR_AES_CBC);
-		
-		attribute = transform_attribute_create();
-		if (attribute == NULL)
-		{		
-			break;
-		}
-		transform->add_transform_attribute(transform, attribute);
-		attribute->set_attribute_type(attribute, KEY_LENGTH);
-		attribute->set_value(attribute, 16);
-		
-	 	/* 
-	 	 * Pseudo-random Function
-	 	 */
-	 	transform = transform_substructure_create();
-		if (transform == NULL)
-		{
-			break;
-		}
-		proposal->add_transform_substructure(proposal, transform);
-		transform->set_is_last_transform(transform, FALSE);
-		transform->set_transform_type(transform, PSEUDO_RANDOM_FUNCTION);
-		transform->set_transform_id(transform, PRF_HMAC_SHA1);
-		
-		attribute = transform_attribute_create();
-		if (attribute == NULL)
-		{		
-			break;
-		}
-		transform->add_transform_attribute(transform, attribute);
-		attribute->set_attribute_type(attribute, KEY_LENGTH);
-		attribute->set_value(attribute, 16);
-
-	 	
-	 	/* 
-	 	 * Integrity Algorithm 
-	 	 */
-	 	transform = transform_substructure_create();
-		if (transform == NULL)
-		{
-			break;
-		}
-		proposal->add_transform_substructure(proposal, transform);
-		transform->set_is_last_transform(transform, FALSE);
-		transform->set_transform_type(transform, INTEGRITIY_ALGORITHM);
-		transform->set_transform_id(transform, AUTH_HMAC_SHA1_96);
-		
-		attribute = transform_attribute_create();
-		if (attribute == NULL)
-		{		
-			break;
-		}
-		transform->add_transform_attribute(transform, attribute);
-		attribute->set_attribute_type(attribute, KEY_LENGTH);
-		attribute->set_value(attribute, 16);
-	 	
-	 	
-	    /* 
-	     * Diffie-Hellman Group 
-	     */
-	 	transform = transform_substructure_create();
-		if (transform == NULL)
-		{
-			break;
-		}
-		proposal->add_transform_substructure(proposal, transform);
-		transform->set_is_last_transform(transform, FALSE);
-		transform->set_transform_type(transform, DIFFIE_HELLMAN_GROUP);
-		transform->set_transform_id(transform, MODP_1024_BIT);
-		
-		*payload = sa_payload;
-		
-		return SUCCESS;
-		
-	} while(FALSE);
+	*payload = sa_payload;
 	
-	return OUT_OF_RES;
+	return SUCCESS;
 }
 
 /**
diff --git a/Source/charon/message.c b/Source/charon/message.c
index d30648fca..b0146eb97 100644
--- a/Source/charon/message.c
+++ b/Source/charon/message.c
@@ -469,9 +469,13 @@ static status_t generate(private_message_t *this, packet_t **packet)
 	ike_header->set_response_flag(ike_header, !this->is_request);
 	ike_header->set_initiator_flag(ike_header, is_initiator);
 	ike_header->set_initiator_spi(ike_header, initiator_spi);
-	ike_header->set_initiator_spi(ike_header, responder_spi);
-
+	ike_header->set_responder_spi(ike_header, responder_spi);
+	
 	generator = generator_create();
+	if (generator == NULL)
+	{
+		return OUT_OF_RES;	
+	}
 	
 	payload = (payload_t*)ike_header;
author	Martin Willi <martin@strongswan.org>	2005-11-17 14:28:07 +0000
committer	Martin Willi <martin@strongswan.org>	2005-11-17 14:28:07 +0000
commit	c1e9c3f69739ff4519006922f6be5ef89c06a742 (patch)
tree	efbaf25a888c3b348a811423aa7a6e68767a7cfd
parent	6d63e6864e45f17386aedd1f6f5e56c957cb9c01 (diff)
download	strongswan-c1e9c3f69739ff4519006922f6be5ef89c06a742.tar.bz2 strongswan-c1e9c3f69739ff4519006922f6be5ef89c06a742.tar.xz