Merge branch 'ah'

Brings support for Security Associations integrity protected by the
Authentication Header protocol, both to IKEv1 and IKEv2. Currently only plain
AH is supported, but no (now deprecated) RFC2401 style AH+ESP bundles.

1 files changed, 38 insertions, 42 deletions

diff --git a/src/libcharon/kernel/kernel_handler.c b/src/libcharon/kernel/kernel_handler.c
index aa5c4e059..059124e35 100644
--- a/src/libcharon/kernel/kernel_handler.c
+++ b/src/libcharon/kernel/kernel_handler.c
@@ -35,7 +35,6 @@ struct private_kernel_handler_t {
 	 * Public part of kernel_handler_t object.
 	 */
 	kernel_handler_t public;
-
 };
 
 /**
@@ -55,85 +54,83 @@ static inline protocol_id_t proto_ip2ike(u_int8_t protocol)
 }
 
 METHOD(kernel_listener_t, acquire, bool,
-	   private_kernel_handler_t *this, u_int32_t reqid,
-	   traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
+	private_kernel_handler_t *this, u_int32_t reqid,
+	traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
 {
-	job_t *job;
 	if (src_ts && dst_ts)
 	{
-		DBG1(DBG_KNL, "creating acquire job for policy %R === %R "
-					  "with reqid {%u}", src_ts, dst_ts, reqid);
+		DBG1(DBG_KNL, "creating acquire job for policy %R === %R with "
+			 "reqid {%u}", src_ts, dst_ts, reqid);
 	}
 	else
 	{
 		DBG1(DBG_KNL, "creating acquire job for policy with reqid {%u}", reqid);
 	}
-	job = (job_t*)acquire_job_create(reqid, src_ts, dst_ts);
-	lib->processor->queue_job(lib->processor, job);
+	lib->processor->queue_job(lib->processor,
+							(job_t*)acquire_job_create(reqid, src_ts, dst_ts));
 	return TRUE;
 }
 
 METHOD(kernel_listener_t, expire, bool,
-	   private_kernel_handler_t *this, u_int32_t reqid, u_int8_t protocol,
-	   u_int32_t spi, bool hard)
+	private_kernel_handler_t *this, u_int32_t reqid, u_int8_t protocol,
+	u_int32_t spi, bool hard)
 {
-	job_t *job;
 	protocol_id_t proto = proto_ip2ike(protocol);
-	DBG1(DBG_KNL, "creating %s job for %N CHILD_SA with SPI %.8x "
-				  "and reqid {%u}", hard ? "delete" : "rekey",
-				  protocol_id_names, proto, ntohl(spi), reqid);
+
+	DBG1(DBG_KNL, "creating %s job for %N CHILD_SA with SPI %.8x and reqid {%u}",
+		 hard ? "delete" : "rekey", protocol_id_names, proto, ntohl(spi), reqid);
+
 	if (hard)
 	{
-		job = (job_t*)delete_child_sa_job_create(reqid, proto, spi, hard);
+		lib->processor->queue_job(lib->processor,
+				(job_t*)delete_child_sa_job_create(reqid, proto, spi, hard));
 	}
 	else
 	{
-		job = (job_t*)rekey_child_sa_job_create(reqid, proto, spi);
+		lib->processor->queue_job(lib->processor,
+				(job_t*)rekey_child_sa_job_create(reqid, proto, spi));
 	}
-	lib->processor->queue_job(lib->processor, job);
 	return TRUE;
 }
 
 METHOD(kernel_listener_t, mapping, bool,
-	   private_kernel_handler_t *this, u_int32_t reqid, u_int32_t spi,
-	   host_t *remote)
+	private_kernel_handler_t *this, u_int32_t reqid, u_int32_t spi,
+	host_t *remote)
 {
-	job_t *job;
-	DBG1(DBG_KNL, "NAT mappings of ESP CHILD_SA with SPI %.8x and "
-				  "reqid {%u} changed, queuing update job", ntohl(spi), reqid);
-	job = (job_t*)update_sa_job_create(reqid, remote);
-	lib->processor->queue_job(lib->processor, job);
+	DBG1(DBG_KNL, "NAT mappings of ESP CHILD_SA with SPI %.8x and reqid {%u} "
+		 "changed, queuing update job", ntohl(spi), reqid);
+
+	lib->processor->queue_job(lib->processor,
+							  (job_t*)update_sa_job_create(reqid, remote));
 	return TRUE;
 }
 
 METHOD(kernel_listener_t, migrate, bool,
-	   private_kernel_handler_t *this, u_int32_t reqid,
-	   traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
-	   policy_dir_t direction, host_t *local, host_t *remote)
+	private_kernel_handler_t *this, u_int32_t reqid,
+	traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
+	policy_dir_t direction, host_t *local, host_t *remote)
 {
-	job_t *job;
-	DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N with "
-				  "reqid {%u}", src_ts, dst_ts, policy_dir_names, direction,
-				  reqid, local);
-	job = (job_t*)migrate_job_create(reqid, src_ts, dst_ts, direction, local,
-									 remote);
-	lib->processor->queue_job(lib->processor, job);
+	DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N with reqid {%u}",
+		 src_ts, dst_ts, policy_dir_names, direction, reqid, local);
+
+	lib->processor->queue_job(lib->processor,
+						(job_t*)migrate_job_create(reqid, src_ts, dst_ts,
+												   direction, local, remote));
 	return TRUE;
 }
 
 METHOD(kernel_listener_t, roam, bool,
-	   private_kernel_handler_t *this, bool address)
+	private_kernel_handler_t *this, bool address)
 {
-	job_t *job;
-	DBG2(DBG_KNL, "creating roam job %s", address ? "due to address/link change"
-												  : "due to route change");
-	job = (job_t*)roam_job_create(address);
-	lib->processor->queue_job(lib->processor, job);
+	DBG2(DBG_KNL, "creating roam job %s",
+		 address ? "due to address/link change" : "due to route change");
+
+	lib->processor->queue_job(lib->processor, (job_t*)roam_job_create(address));
 	return TRUE;
 }
 
 METHOD(kernel_handler_t, destroy, void,
-	   private_kernel_handler_t *this)
+	private_kernel_handler_t *this)
 {
 	hydra->kernel_interface->remove_listener(hydra->kernel_interface,
 											 &this->public.listener);
@@ -162,4 +159,3 @@ kernel_handler_t *kernel_handler_create()
 
 	return &this->public;
 }
-