diff options
| author | Clavister OpenSource <opensource@clavister.com> | 2011-11-23 08:55:59 +0100 |
|---|---|---|
| committer | Clavister OpenSource <opensource@clavister.com> | 2012-03-20 17:30:49 +0100 |
| commit | 23f4e4b42d10a914f5a480d938282916aa6c124e (patch) | |
| tree | 25ca9ab8cd42b570a5343e7e9c7b2a7c24c00183 /src/libcharon/sa/tasks/xauth_request.c | |
| parent | 79e9f776dc37caf5512fc4816cd7a01159042f96 (diff) | |
| download | strongswan-23f4e4b42d10a914f5a480d938282916aa6c124e.tar.bz2 strongswan-23f4e4b42d10a914f5a480d938282916aa6c124e.tar.xz | |
IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response.
Diffstat (limited to 'src/libcharon/sa/tasks/xauth_request.c')
| -rw-r--r-- | src/libcharon/sa/tasks/xauth_request.c | 185 |
1 files changed, 185 insertions, 0 deletions
diff --git a/src/libcharon/sa/tasks/xauth_request.c b/src/libcharon/sa/tasks/xauth_request.c new file mode 100644 index 000000000..a50d0fb43 --- /dev/null +++ b/src/libcharon/sa/tasks/xauth_request.c @@ -0,0 +1,185 @@ + +#include "xauth_request.h" + +#include <daemon.h> +#include <hydra.h> +#include <encoding/payloads/attribute_payload_v1.h> +#include <encoding/payloads/data_attribute_v1.h> +#include <encoding/payloads/hash_payload.h> +#include <encoding/generator.h> + +typedef struct private_xauth_request_t private_xauth_request_t; + +/** + * Private members of a xauth_request_t task. + */ +struct private_xauth_request_t { + + /** + * Public methods and task_t interface. + */ + xauth_request_t public; + + /** + * Assigned IKE_SA. + */ + ike_sa_t *ike_sa; + + /** + * Are we the initiator? + */ + bool initiator; + + /** + * virtual ip + */ + host_t *virtual_ip; + + /** + * list of attributes requested and its handler, entry_t + */ + linked_list_t *requested; +}; + +/** + * Entry for a requested attribute and the requesting handler + */ +typedef struct { + /** attribute requested */ + configuration_attribute_type_t type; + /** handler requesting this attribute */ + attribute_handler_t *handler; +} entry_t; + +/** + * Scan for configuration payloads and attributes + */ +static void process_payloads(private_xauth_request_t *this, message_t *message) +{ +} + +METHOD(task_t, build_i, status_t, + private_xauth_request_t *this, message_t *message) +{ + attribute_payload_v1_t *ap = NULL; + chunk_t chunk = chunk_empty; + data_attribute_v1_t *da = NULL; + hash_payload_t *hash_payload = NULL; + generator_t *generator; + chunk_t attr_chunk; + chunk_t mid_chunk; + u_int32_t *lenpos; + u_int32_t message_id; + keymat_t *keymat; + prf_t *prf; + chunk_t hash_in, hash_out; + + DBG1(DBG_IKE, "BUILDING XAUTH REQUEST PACKET"); + /* TODO1: Create ATTR payload */ + ap = attribute_payload_v1_create(); + + da = data_attribute_v1_create_value(XAUTH_USER_NAME, chunk); + ap->add_attribute(ap, da); + + da = data_attribute_v1_create_value(XAUTH_USER_PASSWORD, chunk); + ap->add_attribute(ap, da); + + /* Create HASH payload */ + hash_payload = hash_payload_create(); + /* TODO1: Add data into the hash */ + + /* Calculate the chunk for the ATTR payload */ + generator = generator_create(); + ap->payload_interface.set_next_type(&ap->payload_interface, NO_PAYLOAD); + generator->generate_payload(generator, (payload_t *)ap); + attr_chunk = generator->get_chunk(generator, &lenpos); + + /* Get the message ID in network order */ + htoun32(&message_id, message->get_message_id(message)); + mid_chunk = chunk_from_thing(message_id); + + /* Get the hashed data */ + hash_in = chunk_cat("cc", mid_chunk, attr_chunk); + + message->add_payload(message, (payload_t *)hash_payload); + message->add_payload(message, (payload_t *)ap); + + return NEED_MORE; +} + +METHOD(task_t, process_r, status_t, + private_xauth_request_t *this, message_t *message) +{ + return NEED_MORE; +} + +METHOD(task_t, build_r, status_t, + private_xauth_request_t *this, message_t *message) +{ + return NEED_MORE; +} + +METHOD(task_t, process_i, status_t, + private_xauth_request_t *this, message_t *message) +{ + return NEED_MORE; +} + +METHOD(task_t, get_type, task_type_t, + private_xauth_request_t *this) +{ + return TASK_XAUTH_REQUEST; +} + +METHOD(task_t, migrate, void, + private_xauth_request_t *this, ike_sa_t *ike_sa) +{ + DESTROY_IF(this->virtual_ip); + + this->ike_sa = ike_sa; + this->virtual_ip = NULL; + this->requested->destroy_function(this->requested, free); + this->requested = linked_list_create(); +} + +METHOD(task_t, destroy, void, + private_xauth_request_t *this) +{ + DESTROY_IF(this->virtual_ip); + this->requested->destroy_function(this->requested, free); + free(this); +} + +/* + * Described in header. + */ +xauth_request_t *xauth_request_create(ike_sa_t *ike_sa, bool initiator) +{ + private_xauth_request_t *this; + + INIT(this, + .public = { + .task = { + .get_type = _get_type, + .migrate = _migrate, + .destroy = _destroy, + }, + }, + .initiator = initiator, + .ike_sa = ike_sa, + .requested = linked_list_create(), + ); + + if (initiator) + { + this->public.task.build = _build_i; + this->public.task.process = _process_i; + } + else + { + this->public.task.build = _build_r; + this->public.task.process = _process_r; + } + + return &this->public; +} |