diff options
| author | Martin Willi <martin@strongswan.org> | 2006-07-13 12:49:35 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-07-13 12:49:35 +0000 |
| commit | 325e49779856899b9fc42905787218178b602708 (patch) | |
| tree | ee5fd408d46bd2aa025c4f794de47b6b83f92651 /src/charon/encoding/payloads/proposal_substructure.c | |
| parent | 7af345e11e72b0985e2186f86e7ffbfd464e336d (diff) | |
| download | strongswan-325e49779856899b9fc42905787218178b602708.tar.bz2 strongswan-325e49779856899b9fc42905787218178b602708.tar.xz | |
improved logging on verify errors for some payloads
enforcing IKE_SA shutdown, even when transactions are outstanding
proper reject of CREATE_CHILD_SA message with KE payload
Diffstat (limited to 'src/charon/encoding/payloads/proposal_substructure.c')
| -rw-r--r-- | src/charon/encoding/payloads/proposal_substructure.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/charon/encoding/payloads/proposal_substructure.c b/src/charon/encoding/payloads/proposal_substructure.c index d97763360..cf4e413ea 100644 --- a/src/charon/encoding/payloads/proposal_substructure.c +++ b/src/charon/encoding/payloads/proposal_substructure.c @@ -29,6 +29,7 @@ #include <encoding/payloads/transform_substructure.h> #include <types.h> #include <utils/linked_list.h> +#include <utils/logger_manager.h> /** @@ -90,6 +91,11 @@ struct private_proposal_substructure_t { linked_list_t * transforms; /** + * assigned logger + */ + logger_t *logger; + + /** * @brief Computes the length of this substructure. * * @param this calling private_proposal_substructure_t object @@ -153,17 +159,20 @@ static status_t verify(private_proposal_substructure_t *this) if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 2)) { /* must be 0 or 2 */ + this->logger->log(this->logger, ERROR, "inconsistent next payload"); return FAILED; } if (this->transforms_count != this->transforms->get_count(this->transforms)) { /* must be the same! */ + this->logger->log(this->logger, ERROR, "transform count invalid"); return FAILED; } if ((this->protocol_id == 0) || (this->protocol_id >= 4)) { /* reserved are not supported */ + this->logger->log(this->logger, ERROR, "invalid protocol"); return FAILED; } @@ -177,6 +186,7 @@ static status_t verify(private_proposal_substructure_t *this) status = current_transform->verify(current_transform); if (status != SUCCESS) { + this->logger->log(this->logger, ERROR, "TRANSFORM_SUBSTRUCTURE verification failed"); break; } } @@ -452,7 +462,7 @@ proposal_t* get_proposal(private_proposal_substructure_t *this) /** * Implementation of proposal_substructure_t.clone. */ -static private_proposal_substructure_t* clone(private_proposal_substructure_t *this) +static private_proposal_substructure_t* clone_(private_proposal_substructure_t *this) { private_proposal_substructure_t * new_clone; iterator_t *transforms; @@ -547,7 +557,7 @@ proposal_substructure_t *proposal_substructure_create() this->public.get_spi = (chunk_t (*) (proposal_substructure_t *)) get_spi; this->public.get_transform_count = (size_t (*) (proposal_substructure_t *)) get_transform_count; this->public.get_spi_size = (size_t (*) (proposal_substructure_t *)) get_spi_size; - this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone; + this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone_; this->public.destroy = (void (*) (proposal_substructure_t *)) destroy; /* private functions */ @@ -562,6 +572,7 @@ proposal_substructure_t *proposal_substructure_create() this->spi_size = 0; this->spi.ptr = NULL; this->spi.len = 0; + this->logger = logger_manager->get_logger(logger_manager, PAYLOAD); this->transforms = linked_list_create(); |