diff options
Diffstat (limited to 'Source/charon')
| -rw-r--r-- | Source/charon/encoding/message.c | 9 | ||||
| -rw-r--r-- | Source/charon/encoding/message.h | 8 | ||||
| -rw-r--r-- | Source/charon/queues/jobs/Makefile.jobs | 4 | ||||
| -rw-r--r-- | Source/charon/queues/jobs/job.h | 3 | ||||
| -rw-r--r-- | Source/charon/queues/jobs/retransmit_request_job.c | 109 | ||||
| -rw-r--r-- | Source/charon/queues/jobs/retransmit_request_job.h | 83 | ||||
| -rw-r--r-- | Source/charon/sa/ike_sa.c | 100 | ||||
| -rw-r--r-- | Source/charon/sa/ike_sa.h | 29 | ||||
| -rw-r--r-- | Source/charon/sa/states/ike_sa_init_requested.c | 29 | ||||
| -rw-r--r-- | Source/charon/sa/states/ike_sa_init_responded.c | 24 | ||||
| -rw-r--r-- | Source/charon/sa/states/initiator_init.c | 29 | ||||
| -rw-r--r-- | Source/charon/sa/states/responder_init.c | 39 | ||||
| -rw-r--r-- | Source/charon/threads/thread_pool.c | 103 |
13 files changed, 435 insertions, 134 deletions
diff --git a/Source/charon/encoding/message.c b/Source/charon/encoding/message.c index bcc34ca96..84f174365 100644 --- a/Source/charon/encoding/message.c +++ b/Source/charon/encoding/message.c @@ -631,6 +631,14 @@ static status_t generate(private_message_t *this, crypter_t *crypter, signer_t* } /** + * Implementation of message_t.get_packet. + */ +static packet_t *get_packet (private_message_t *this) +{ + return this->packet->clone(this->packet); +} + +/** * Implementation of message_t.parse_header. */ static status_t parse_header(private_message_t *this) @@ -1154,6 +1162,7 @@ message_t *message_create_from_packet(packet_t *packet) this->public.parse_header = (status_t (*) (message_t *)) parse_header; this->public.parse_body = (status_t (*) (message_t *,crypter_t*,signer_t*)) parse_body; this->public.verify = (status_t (*) (message_t*)) verify; + this->public.get_packet = (packet_t * (*) (message_t*)) get_packet; this->public.destroy = (void(*)(message_t*))destroy; /* private values */ diff --git a/Source/charon/encoding/message.h b/Source/charon/encoding/message.h index 8d420fbe2..dfbb10da9 100644 --- a/Source/charon/encoding/message.h +++ b/Source/charon/encoding/message.h @@ -282,6 +282,14 @@ struct message_t { iterator_t * (*get_payload_iterator) (message_t *this); /** + * Returns a clone of the internal stored packet_t object. + * + * @param this message_t object + * @return packet_t object as clone of internal one + */ + packet_t * (*get_packet) (message_t *this); + + /** * @brief Destroys a message and all including objects. * * @param this message_t object diff --git a/Source/charon/queues/jobs/Makefile.jobs b/Source/charon/queues/jobs/Makefile.jobs index b0482f6e3..d4cbf75cc 100644 --- a/Source/charon/queues/jobs/Makefile.jobs +++ b/Source/charon/queues/jobs/Makefile.jobs @@ -26,6 +26,10 @@ OBJS+= $(BUILD_DIR)initiate_ike_sa_job.o $(BUILD_DIR)initiate_ike_sa_job.o : $(JOBS_DIR)initiate_ike_sa_job.c $(JOBS_DIR)initiate_ike_sa_job.h $(CC) $(CFLAGS) -c -o $@ $< +OBJS+= $(BUILD_DIR)retransmit_request_job.o +$(BUILD_DIR)retransmit_request_job.o : $(JOBS_DIR)retransmit_request_job.c $(JOBS_DIR)retransmit_request_job.h + $(CC) $(CFLAGS) -c -o $@ $< + OBJS+= $(BUILD_DIR)job.o $(BUILD_DIR)job.o : $(JOBS_DIR)job.c $(JOBS_DIR)job.h $(CC) $(CFLAGS) -c -o $@ $< diff --git a/Source/charon/queues/jobs/job.h b/Source/charon/queues/jobs/job.h index ee1675fcd..753bea358 100644 --- a/Source/charon/queues/jobs/job.h +++ b/Source/charon/queues/jobs/job.h @@ -41,15 +41,18 @@ enum job_type_t { * Job is implemented in class type incoming_packet_job_t */ INCOMING_PACKET, + /** * Retransmit an IKEv2-Message */ RETRANSMIT_REQUEST, + /** * Establish an ike sa as initiator * * Job is implemented in class type initiate_ike_sa_job_t */ + INITIATE_IKE_SA, /** * Delete an ike sa diff --git a/Source/charon/queues/jobs/retransmit_request_job.c b/Source/charon/queues/jobs/retransmit_request_job.c new file mode 100644 index 000000000..f54de361d --- /dev/null +++ b/Source/charon/queues/jobs/retransmit_request_job.c @@ -0,0 +1,109 @@ +/** + * @file retransmit_request_job.c + * + * @brief Implementation of retransmit_request_job_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "retransmit_request_job.h" + + +#include <utils/allocator.h> + + +typedef struct private_retransmit_request_job_t private_retransmit_request_job_t; + +/** + * Private data of an retransmit_request_job_t Object. + */ +struct private_retransmit_request_job_t { + /** + * Public retransmit_request_job_t interface. + */ + retransmit_request_job_t public; + + /** + * Message ID of the request to resend. + */ + u_int32_t message_id; + + /** + * ID of the IKE_SA which the message belongs to. + */ + ike_sa_id_t *ike_sa_id; +}; + + +/** + * Implements job_t.get_type. + */ +static job_type_t get_type(private_retransmit_request_job_t *this) +{ + return RETRANSMIT_REQUEST; +} + +/** + * Implements retransmit_request_job_t.get_ike_sa_id. + */ +static ike_sa_id_t *get_ike_sa_id(private_retransmit_request_job_t *this) +{ + return this->ike_sa_id; +} + +/** + * Implements retransmit_request_job_t.get_message_id. + */ +static u_int32_t get_message_id(private_retransmit_request_job_t *this) +{ + return this->message_id; +} + + +/** + * Implements job_t.destroy. + */ +static void destroy(private_retransmit_request_job_t *this) +{ + this->ike_sa_id->destroy(this->ike_sa_id); + allocator_free(this); +} + +/* + * Described in header. + */ +retransmit_request_job_t *retransmit_request_job_create(u_int32_t message_id,ike_sa_id_t *ike_sa_id) +{ + private_retransmit_request_job_t *this = allocator_alloc_thing(private_retransmit_request_job_t); + + /* interface functions */ + this->public.job_interface.get_type = (job_type_t (*) (job_t *)) get_type; + /* same as destroy */ + this->public.job_interface.destroy_all = (void (*) (job_t *)) destroy; + this->public.job_interface.destroy = (void (*) (job_t *)) destroy; + + /* public functions */ + this->public.get_ike_sa_id = (ike_sa_id_t * (*)(retransmit_request_job_t *)) get_ike_sa_id; + this->public.get_message_id = (u_int32_t (*)(retransmit_request_job_t *)) get_message_id; + this->public.destroy = (void (*)(retransmit_request_job_t *)) destroy; + + /* private variables */ + this->message_id = message_id; + this->ike_sa_id = ike_sa_id->clone(ike_sa_id); + + return &(this->public); +} diff --git a/Source/charon/queues/jobs/retransmit_request_job.h b/Source/charon/queues/jobs/retransmit_request_job.h new file mode 100644 index 000000000..591c79864 --- /dev/null +++ b/Source/charon/queues/jobs/retransmit_request_job.h @@ -0,0 +1,83 @@ +/** + * @file retransmit_request_job.c + * + * @brief Interface of retransmit_request_job_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef _RESEND_MESSAGE_JOB_H_ +#define _RESEND_MESSAGE_JOB_H_ + +#include <types.h> +#include <queues/jobs/job.h> +#include <sa/ike_sa_id.h> + + +typedef struct retransmit_request_job_t retransmit_request_job_t; + +/** + * Object representing an RETRANSMIT_REQUEST Job. + * + * @ingroup jobs + */ +struct retransmit_request_job_t { + /** + * The job_t interface. + */ + job_t job_interface; + + /** + * @brief Returns the message_id of the request to be resent + * + * @param this calling retransmit_request_job_t object + * @return message id of the request to resend + */ + u_int32_t (*get_message_id) (retransmit_request_job_t *this); + + /** + * @brief Returns the ike_sa_id_t object of the IKE_SA + * which the request belongs to + * + * @warning returned ike_sa_id_t object is getting destroyed in + * retransmit_request_job_t.destroy. + * + * @param this calling retransmit_request_job_t object + * @return ike_sa_id_t object to identify IKE_SA (gets NOT cloned) + */ + ike_sa_id_t *(*get_ike_sa_id) (retransmit_request_job_t *this); + + /** + * @brief Destroys an retransmit_request_job_t object. + * + * @param this retransmit_request_job_t object to destroy + */ + void (*destroy) (retransmit_request_job_t *this); +}; + +/** + * @brief Creates a job of type RETRANSMIT_REQUEST. + * + * @param message_id message_id of the request to resend + * @param ike_sa_id identification of the ike_sa as ike_sa_id_t object (gets cloned) + * @return retransmit_request_job_t object + * + * @ingroup jobs + */ +retransmit_request_job_t *retransmit_request_job_create(u_int32_t message_id,ike_sa_id_t *ike_sa_id); + +#endif //_RESEND_MESSAGE_JOB_H_ diff --git a/Source/charon/sa/ike_sa.c b/Source/charon/sa/ike_sa.c index 36ed8ee9a..46807de51 100644 --- a/Source/charon/sa/ike_sa.c +++ b/Source/charon/sa/ike_sa.c @@ -407,23 +407,36 @@ static void compute_secrets(private_ike_sa_t *this,chunk_t dh_shared_secret,chun } /** - * Implements protected_ike_sa_t.resend_last_reply. + * Implementation of private_ike_sa_t.resend_last_reply. */ static status_t resend_last_reply(private_ike_sa_t *this) { packet_t *packet; - status_t status; - status = this->last_responded_message->generate(this->last_responded_message, NULL, NULL, &packet); - if (status != SUCCESS) + packet = this->last_responded_message->get_packet(this->last_responded_message); + charon->send_queue->add(charon->send_queue, packet); + + return SUCCESS; +} + +/** + * Implementation of ike_sa_t.retransmit_request. + */ +status_t retransmit_request (private_ike_sa_t *this, u_int32_t message_id) +{ + packet_t *packet; + + if ((this->message_id_out -1) != message_id) { - this->logger->log(this->logger, ERROR, "Could not generate message to resent"); - return status; + return NOT_FOUND; } + packet = this->last_responded_message->get_packet(this->last_responded_message); charon->send_queue->add(charon->send_queue, packet); + return SUCCESS; } + /** * Implements protected_ike_sa_t.resend_last_reply. @@ -615,6 +628,9 @@ static signer_t *get_signer_initiator (private_ike_sa_t *this) } /** +<<<<<<< .mine + * Implementation of protected_ike_sa_t.send_request. +======= * Implementation of protected_ike_sa_t.get_crypter_responder. */ static crypter_t *get_crypter_responder(private_ike_sa_t *this) @@ -633,50 +649,82 @@ static signer_t *get_signer_responder (private_ike_sa_t *this) /** * Implementation of protected_ike_sa_t.set_last_requested_message. +>>>>>>> .r660 */ -static status_t set_last_requested_message (private_ike_sa_t *this,message_t * message) +static status_t send_request (private_ike_sa_t *this,message_t * message) { - if (this->last_requested_message != NULL) + packet_t *packet; + status_t status; + + if (message->get_message_id(message) != this->message_id_out) { - /* destroy message */ - this->last_requested_message->destroy(this->last_requested_message); + this->logger->log(this->logger, ERROR, "Message could not be sent cause id was not as expected"); + return FAILED; } - if (message->get_message_id(message) != this->message_id_out) + /* generate packet */ + this->logger->log(this->logger, CONTROL|MOST, "Generate packet from message"); + + status = message->generate(message, this->crypter_initiator,this->signer_initiator, &packet); + if (status != SUCCESS) { - this->logger->log(this->logger, CONTROL|MOST, "last requested message could not be set cause id was not as expected"); + this->logger->log(this->logger, ERROR, "Could not generate packet from message"); return FAILED; } + + this->logger->log(this->logger, CONTROL|MOST, "Add packet to global send queue"); + charon->send_queue->add(charon->send_queue, packet); + + if (this->last_requested_message != NULL) + { + /* destroy message */ + this->last_requested_message->destroy(this->last_requested_message); + } + this->logger->log(this->logger, CONTROL|MOST, "replace last requested message with new one"); this->last_requested_message = message; /* message counter can now be increased */ - this->logger->log(this->logger, CONTROL|MOST, "Increate message counter for outgoing messages"); + this->logger->log(this->logger, CONTROL|MOST, "Increase message counter for outgoing messages"); this->message_id_out++; return SUCCESS; } /** - * Implementation of protected_ike_sa_t.set_last_responded_message. + * Implementation of protected_ike_sa_t.send_response. */ -static status_t set_last_responded_message (private_ike_sa_t *this,message_t * message) +static status_t send_response (private_ike_sa_t *this,message_t * message) { - if (this->last_responded_message != NULL) + packet_t *packet; + status_t status; + + if (message->get_message_id(message) != this->message_id_in) { - /* destroy message */ - this->last_responded_message->destroy(this->last_responded_message); + this->logger->log(this->logger, CONTROL|MOST, "Message could not be sent cause id was not as expected"); + return FAILED; } - if (message->get_message_id(message) != this->message_id_in) + + status = message->generate(message, this->crypter_initiator,this->signer_initiator, &packet); + if (status != SUCCESS) { - this->logger->log(this->logger, CONTROL|MOST, "last responded message could not be set cause id was not as expected"); + this->logger->log(this->logger, ERROR, "Could not generate packet from message"); return FAILED; - } + + this->logger->log(this->logger, CONTROL|MOST, "Add packet to global send queue"); + charon->send_queue->add(charon->send_queue, packet); + + if (this->last_responded_message != NULL) + { + /* destroy message */ + this->last_responded_message->destroy(this->last_responded_message); + } + this->logger->log(this->logger, CONTROL|MOST, "replace last responded message with new one"); this->last_responded_message = message; /* message counter can now be increased */ - this->logger->log(this->logger, CONTROL|MOST, "Increate message counter for incoming messages"); + this->logger->log(this->logger, CONTROL|MOST, "Increase message counter for incoming messages"); this->message_id_in++; return SUCCESS; @@ -811,6 +859,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->protected.public.process_message = (status_t(*)(ike_sa_t*, message_t*)) process_message; this->protected.public.initialize_connection = (status_t(*)(ike_sa_t*, char*)) initialize_connection; this->protected.public.get_id = (ike_sa_id_t*(*)(ike_sa_t*)) get_id; + this->protected.public.retransmit_request = (status_t (*) (ike_sa_t *, u_int32_t)) retransmit_request; this->protected.public.destroy = (void(*)(ike_sa_t*))destroy; /* protected functions */ @@ -826,8 +875,8 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->protected.set_my_host = (void(*) (protected_ike_sa_t *,host_t *)) set_my_host; this->protected.set_other_host = (void(*) (protected_ike_sa_t *, host_t *)) set_other_host; this->protected.get_randomizer = (randomizer_t *(*) (protected_ike_sa_t *)) get_randomizer; - this->protected.set_last_requested_message = (status_t (*) (protected_ike_sa_t *,message_t *)) set_last_requested_message; - this->protected.set_last_responded_message = (status_t (*) (protected_ike_sa_t *,message_t *)) set_last_responded_message; + this->protected.send_request = (status_t (*) (protected_ike_sa_t *,message_t *)) send_request; + this->protected.send_response = (status_t (*) (protected_ike_sa_t *,message_t *)) send_response; this->protected.create_transforms_from_proposal = (status_t (*) (protected_ike_sa_t *,ike_proposal_t *)) create_transforms_from_proposal; this->protected.set_new_state = (void (*) (protected_ike_sa_t *,state_t *)) set_new_state; this->protected.get_crypter_initiator = (crypter_t *(*) (protected_ike_sa_t *)) get_crypter_initiator; @@ -840,9 +889,6 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->resend_last_reply = resend_last_reply; this->create_delete_job = create_delete_job; - - - /* initialize private fields */ this->logger = charon->logger_manager->create_logger(charon->logger_manager, IKE_SA, NULL); diff --git a/Source/charon/sa/ike_sa.h b/Source/charon/sa/ike_sa.h index 806fd6581..6a12aaf8d 100644 --- a/Source/charon/sa/ike_sa.h +++ b/Source/charon/sa/ike_sa.h @@ -71,6 +71,17 @@ struct ike_sa_t { * @return TODO */ status_t (*initialize_connection) (ike_sa_t *this, char *name); + + /** + * @brief Retransmits a request. + * + * @param this calling object + * @param message_id ID of the request to retransmit + * @return + * - SUCCESS + * - NOT_FOUND if request doesn't have to be retransmited + */ + status_t (*retransmit_request) (ike_sa_t *this, u_int32_t message_id); /** * @brief Get the id of the SA. @@ -223,30 +234,32 @@ struct protected_ike_sa_t { status_t (*create_transforms_from_proposal) (protected_ike_sa_t *this,ike_proposal_t * proposal); /** - * Sets the last requested message. + * Sends the next request message. + * + * Also the first retransmit job is created. * - * Allready set last requested message gets destroyed. object gets not cloned! + * Stored requested message gets destroyed. object gets not cloned! * * @param this calling object - * @param message pointer to the new last requested message + * @param message pointer to the message which should be sent * @return * - SUCCESS * - FAILED if message id is not next expected one */ - status_t (*set_last_requested_message) (protected_ike_sa_t *this,message_t * message); + status_t (*send_request) (protected_ike_sa_t *this,message_t * message); /** - * Sets the last responded message. + * Sends the next response message. * - * Allready set last requested message gets destroyed. object gets not cloned! + * Stored responded message gets destroyed. object gets not cloned! * * @param this calling object - * @param message pointer to the new last responded message + * @param message pointer to the message which should be sent * return * - SUCCESS * - FAILED if message id is not next expected one */ - status_t (*set_last_responded_message) (protected_ike_sa_t *this,message_t * message); + status_t (*send_response) (protected_ike_sa_t *this,message_t * message); /** * Gets the internal stored randomizer_t object. diff --git a/Source/charon/sa/states/ike_sa_init_requested.c b/Source/charon/sa/states/ike_sa_init_requested.c index 424f75950..62fa172a3 100644 --- a/Source/charon/sa/states/ike_sa_init_requested.c +++ b/Source/charon/sa/states/ike_sa_init_requested.c @@ -162,7 +162,6 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t ike_sa_id_t *ike_sa_id; iterator_t *payloads; message_t *request; - packet_t *packet; status_t status; /* @@ -384,34 +383,18 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t /* build the complete IKE_AUTH request */ this->build_ike_auth_request (this,&request); - /* generate packet */ - this->logger->log(this->logger, CONTROL|MOST, "Generate packet from message"); - - status = request->generate(request, this->ike_sa->get_crypter_initiator(this->ike_sa), this->ike_sa->get_signer_initiator(this->ike_sa), &packet); + /* message can now be sent (must not be destroyed) */ + status = this->ike_sa->send_request(this->ike_sa, request); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "Could not generate packet from message"); + this->logger->log(this->logger, ERROR, "Could not send request message"); request->destroy(request); return DELETE_ME; } - - this->logger->log(this->logger, CONTROL|MOST, "Add packet to global send queue"); - charon->send_queue->add(charon->send_queue, packet); - + /* state can now be changed */ this->logger->log(this->logger, CONTROL|MOST, "Create next state object"); next_state = ike_auth_requested_create(this->ike_sa,this->sent_nonce,this->received_nonce); - - /* last messages can now be set */ - status = this->ike_sa->set_last_requested_message(this->ike_sa, request); - - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "Could not set last requested message"); - (next_state->state_interface).destroy(&(next_state->state_interface)); - request->destroy(request); - return DELETE_ME; - } /* state can now be changed */ this->ike_sa->set_new_state(this->ike_sa,(state_t *) next_state); @@ -579,7 +562,7 @@ static void destroy_after_state_change (private_ike_sa_init_requested_t *this) this->logger->log(this->logger, CONTROL | MOST, "Destroy diffie hellman object"); this->diffie_hellman->destroy(this->diffie_hellman); this->logger->log(this->logger, CONTROL | MOST, "Destroy shared secret (secrets allready derived)"); - allocator_free(this->shared_secret.ptr); + allocator_free_chunk(&(this->shared_secret)); this->logger->log(this->logger, CONTROL | MOST, "Destroy object itself"); allocator_free(this); } @@ -598,7 +581,7 @@ static void destroy(private_ike_sa_init_requested_t *this) this->logger->log(this->logger, CONTROL | MOST, "Destroy received nonce"); allocator_free(this->received_nonce.ptr); this->logger->log(this->logger, CONTROL | MOST, "Destroy shared secret (secrets allready derived)"); - allocator_free(this->shared_secret.ptr); + allocator_free_chunk(&(this->shared_secret)); this->logger->log(this->logger, CONTROL | MOST, "Destroy object itself"); allocator_free(this); } diff --git a/Source/charon/sa/states/ike_sa_init_responded.c b/Source/charon/sa/states/ike_sa_init_responded.c index 58d5ed506..f97bae87e 100644 --- a/Source/charon/sa/states/ike_sa_init_responded.c +++ b/Source/charon/sa/states/ike_sa_init_responded.c @@ -83,7 +83,6 @@ static status_t process_message(private_ike_sa_init_responded_t *this, message_t sa_payload_t *sa_request; ts_payload_t *tsi_request, *tsr_request; message_t *response; - packet_t *response_packet; exchange_type = request->get_exchange_type(request); if (exchange_type != IKE_AUTH) @@ -210,25 +209,18 @@ static status_t process_message(private_ike_sa_init_responded_t *this, message_t this->logger->log(this->logger, ERROR, "Building tsr payload failed"); response->destroy(response); return status; - } - - /* generate response, get transfroms first */ - signer = this->ike_sa->get_signer_responder(this->ike_sa); - crypter = this->ike_sa->get_crypter_responder(this->ike_sa); - status = response->generate(response, crypter, signer, &response_packet); + } + + this->logger->log(this->logger, CONTROL | MORE, "IKE_AUTH request successfully handled. Sending reply."); + status = this->ike_sa->send_response(this->ike_sa, response); + + /* message can now be sent (must not be destroyed) */ if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "Error in message generation"); + this->logger->log(this->logger, ERROR, "Could not send response message"); response->destroy(response); - return status; + return DELETE_ME; } - - - /* send it out */ - this->logger->log(this->logger, CONTROL | MORE, "IKE_AUTH request successfully handled. Sending reply."); - charon->send_queue->add(charon->send_queue, response_packet); - /* store for timeout reply */ - this->ike_sa->set_last_responded_message(this->ike_sa, response); /* create new state */ this->ike_sa->set_new_state(this->ike_sa, (state_t*)ike_sa_established_create(this->ike_sa)); diff --git a/Source/charon/sa/states/initiator_init.c b/Source/charon/sa/states/initiator_init.c index 7c63a4587..59a6a2e2a 100644 --- a/Source/charon/sa/states/initiator_init.c +++ b/Source/charon/sa/states/initiator_init.c @@ -27,6 +27,7 @@ #include <sa/states/state.h> #include <sa/states/ike_sa_init_requested.h> #include <utils/allocator.h> +#include <queues/jobs/retransmit_request_job.h> #include <transforms/diffie_hellman.h> #include <encoding/payloads/sa_payload.h> #include <encoding/payloads/ke_payload.h> @@ -179,7 +180,6 @@ status_t retry_initiate_connection (private_initiator_init_t *this, int dh_group init_config_t *init_config; randomizer_t *randomizer; message_t *message; - packet_t *packet; status_t status; ike_sa_id_t *ike_sa_id; @@ -201,49 +201,36 @@ status_t retry_initiate_connection (private_initiator_init_t *this, int dh_group this->logger->log(this->logger, CONTROL|MOST, "Get pseudo random bytes for nonce"); randomizer = this->ike_sa->get_randomizer(this->ike_sa); + + allocator_free_chunk(&(this->sent_nonce)); + randomizer->allocate_pseudo_random_bytes(randomizer, NONCE_SIZE, &(this->sent_nonce)); this->logger->log(this->logger, RAW|MOST, "Nonce",&(this->sent_nonce)); this->build_ike_sa_init_request (this,&message); - /* generate packet */ - this->logger->log(this->logger, CONTROL|MOST, "generate packet from message"); - status = message->generate(message, NULL, NULL, &packet); + /* message can now be sent (must not be destroyed) */ + status = this->ike_sa->send_request(this->ike_sa, message); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "could not generate packet from message"); + this->logger->log(this->logger, ERROR, "Could not send request message"); message->destroy(message); return DELETE_ME; } - - this->logger->log(this->logger, CONTROL|MOST, "Add packet to global send queue"); - charon->send_queue->add(charon->send_queue, packet); /* state can now be changed */ this->logger->log(this->logger, CONTROL|MOST, "Create next state object"); next_state = ike_sa_init_requested_create(this->ike_sa, this->dh_group_priority, this->diffie_hellman, this->sent_nonce); - /* last message can now be set */ - status = this->ike_sa->set_last_requested_message(this->ike_sa, message); - - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "Could not set last requested message"); - (next_state->state_interface).destroy(&(next_state->state_interface)); - message->destroy(message); - return DELETE_ME; - } - /* state can now be changed */ this->ike_sa->set_new_state(this->ike_sa,(state_t *) next_state); /* state has NOW changed :-) */ this->logger->log(this->logger, CONTROL|MORE, "Changed state of IKE_SA from %s to %s", mapping_find(ike_sa_state_m,INITIATOR_INIT),mapping_find(ike_sa_state_m,IKE_SA_INIT_REQUESTED) ); - + this->logger->log(this->logger, CONTROL|MOST, "Destroy old sate object"); this->destroy_after_state_change(this); - return SUCCESS; } diff --git a/Source/charon/sa/states/responder_init.c b/Source/charon/sa/states/responder_init.c index 3c03adf41..9409d57df 100644 --- a/Source/charon/sa/states/responder_init.c +++ b/Source/charon/sa/states/responder_init.c @@ -163,7 +163,6 @@ static status_t process_message(private_responder_init_t *this, message_t *messa iterator_t *payloads; message_t *response; host_t *other_host; - packet_t *packet; host_t *my_host; status_t status; @@ -344,36 +343,27 @@ static status_t process_message(private_responder_init_t *this, message_t *messa this->ike_sa->compute_secrets(this->ike_sa,shared_secret,this->received_nonce, this->sent_nonce); + /* not used anymore */ + allocator_free_chunk(&shared_secret); + this->build_ike_sa_init_reply(this,&response); - - /* generate packet */ - this->logger->log(this->logger, CONTROL|MOST, "generate packet from message"); - status = response->generate(response, NULL, NULL, &packet); + + /* message can now be sent (must not be destroyed) */ + status = this->ike_sa->send_response(this->ike_sa, response); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "could not generate packet from message"); + this->logger->log(this->logger, ERROR, "Could not send response message"); + response->destroy(response); return DELETE_ME; } - - this->logger->log(this->logger, CONTROL|MOST, "Add packet to global send queue"); - charon->send_queue->add(charon->send_queue, packet); + + /* state can now be changed */ this->logger->log(this->logger, CONTROL|MOST, "Create next state object"); next_state = ike_sa_init_responded_create(this->ike_sa); - /* last message can now be set */ - status = this->ike_sa->set_last_responded_message(this->ike_sa, response); - - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "Could not set last responded message"); - response->destroy(response); - (next_state->state_interface).destroy(&(next_state->state_interface)); - return DELETE_ME; - } - /* state can now be changed */ this->ike_sa->set_new_state(this->ike_sa, (state_t *) next_state); /* state has NOW changed :-) */ @@ -517,9 +507,9 @@ static void destroy(private_responder_init_t *this) this->logger->log(this->logger, CONTROL | MORE, "Going to destroy responder init state object"); this->logger->log(this->logger, CONTROL | MOST, "Destroy sent nonce"); - allocator_free(this->sent_nonce.ptr); + allocator_free_chunk(&(this->sent_nonce)); this->logger->log(this->logger, CONTROL | MOST, "Destroy received nonce"); - allocator_free(this->received_nonce.ptr); + allocator_free_chunk(&(this->received_nonce)); if (this->diffie_hellman != NULL) { @@ -543,6 +533,11 @@ static void destroy_after_state_change (private_responder_init_t *this) this->logger->log(this->logger, CONTROL | MOST, "Destroy diffie_hellman_t object"); this->diffie_hellman->destroy(this->diffie_hellman); } + + this->logger->log(this->logger, CONTROL | MOST, "Destroy sent nonce"); + allocator_free_chunk(&(this->sent_nonce)); + this->logger->log(this->logger, CONTROL | MOST, "Destroy received nonce"); + allocator_free_chunk(&(this->received_nonce)); this->logger->log(this->logger, CONTROL | MOST, "Destroy object"); allocator_free(this); diff --git a/Source/charon/threads/thread_pool.c b/Source/charon/threads/thread_pool.c index f6f5278f5..649679fc3 100644 --- a/Source/charon/threads/thread_pool.c +++ b/Source/charon/threads/thread_pool.c @@ -33,6 +33,7 @@ #include <queues/jobs/delete_ike_sa_job.h> #include <queues/jobs/incoming_packet_job.h> #include <queues/jobs/initiate_ike_sa_job.h> +#include <queues/jobs/retransmit_request_job.h> #include <utils/allocator.h> #include <utils/logger.h> @@ -58,27 +59,38 @@ struct private_thread_pool_t { void (*process_jobs) (private_thread_pool_t *this); /** - * @brief Process a INCOMING_PACKET_JOB. + * @brief Process a INCOMING_PACKET job. * - * @param this private_thread_pool_t-Object + * @param this private_thread_pool_t object + * @param job incoming_packet_job_t object */ void (*process_incoming_packet_job) (private_thread_pool_t *this, incoming_packet_job_t *job); /** - * @brief Process a INITIATE_IKE_SA_JOB. + * @brief Process a INITIATE_IKE_SA job. * - * @param this private_thread_pool_t-Object + * @param this private_thread_pool_t object + * @param job initiate_ike_sa_job_t object */ void (*process_initiate_ike_sa_job) (private_thread_pool_t *this, initiate_ike_sa_job_t *job); /** - * @brief Process a DELETE_IKE_SA_JOB. + * @brief Process a DELETE_IKE_SA job. * - * @param this private_thread_pool_t-Object + * @param this private_thread_pool_t object + * @param job delete_ike_sa_job_t object */ void (*process_delete_ike_sa_job) (private_thread_pool_t *this, delete_ike_sa_job_t *job); /** + * @brief Process a RETRANSMIT_REQUEST job. + * + * @param this private_thread_pool_t object + * @param job retransmit_request_job_t object + */ + void (*process_retransmit_request_job) (private_thread_pool_t *this, retransmit_request_job_t *job); + + /** * number of running threads */ size_t pool_size; @@ -99,10 +111,8 @@ struct private_thread_pool_t { logger_t *worker_logger; } ; - - /** - * implements private_thread_pool_t.function + * Implementation of private_thread_pool_t.process_jobs. */ static void process_jobs(private_thread_pool_t *this) { @@ -117,7 +127,7 @@ static void process_jobs(private_thread_pool_t *this) job = charon->job_queue->get(charon->job_queue); job_type = job->get_type(job); - this->worker_logger->log(this->worker_logger, CONTROL|MORE, "got a job of type %s", + this->worker_logger->log(this->worker_logger, CONTROL|MORE, "Process job of type %s", mapping_find(job_type_m,job_type)); switch (job_type) @@ -125,31 +135,44 @@ static void process_jobs(private_thread_pool_t *this) case INCOMING_PACKET: { this->process_incoming_packet_job(this, (incoming_packet_job_t*)job); + job->destroy(job); break; } case INITIATE_IKE_SA: { this->process_initiate_ike_sa_job(this, (initiate_ike_sa_job_t*)job); + job->destroy(job); break; } case DELETE_IKE_SA: { this->process_delete_ike_sa_job(this, (delete_ike_sa_job_t*)job); + job->destroy(job); + break; + } + case RETRANSMIT_REQUEST: + { + this->process_retransmit_request_job(this, (retransmit_request_job_t*)job); + job->destroy(job); break; } default: { this->worker_logger->log(this->worker_logger, ERROR, "job of type %s not supported!", mapping_find(job_type_m,job_type)); + job->destroy(job); break; } } - job->destroy(job); + + this->worker_logger->log(this->worker_logger, CONTROL|MORE, "Processing of job finished"); + + } } /** - * implementation of private_thread_pool_t.process_incoming_packet_job + * Implementation of private_thread_pool_t.process_incoming_packet_job. */ static void process_incoming_packet_job(private_thread_pool_t *this, incoming_packet_job_t *job) { @@ -240,7 +263,7 @@ static void process_incoming_packet_job(private_thread_pool_t *this, incoming_pa } /** - * implementation of private_thread_pool_t.process_initiate_ike_sa_job + * Implementation of private_thread_pool_t.process_initiate_ike_sa_job. */ static void process_initiate_ike_sa_job(private_thread_pool_t *this, initiate_ike_sa_job_t *job) { @@ -279,7 +302,7 @@ static void process_initiate_ike_sa_job(private_thread_pool_t *this, initiate_ik } /** - * implementation of private_thread_pool_t.process_delete_ike_sa_job + * Implementation of private_thread_pool_t.process_delete_ike_sa_job. */ static void process_delete_ike_sa_job(private_thread_pool_t *this, delete_ike_sa_job_t *job) { @@ -299,9 +322,54 @@ static void process_delete_ike_sa_job(private_thread_pool_t *this, delete_ike_sa } } +/** + * Implementation of private_thread_pool_t.process_retransmit_request_job. + */ +static void process_retransmit_request_job(private_thread_pool_t *this, retransmit_request_job_t *job) +{ + status_t status; + ike_sa_id_t *ike_sa_id = job->get_ike_sa_id(job); + u_int32_t message_id = job->get_message_id(job); + ike_sa_t *ike_sa; + + this->worker_logger->log(this->worker_logger, CONTROL|MOST, "checking out IKE SA %lld:%lld, role %s", + ike_sa_id->get_initiator_spi(ike_sa_id), + ike_sa_id->get_responder_spi(ike_sa_id), + ike_sa_id->is_initiator(ike_sa_id) ? "initiator" : "responder"); + + status = charon->ike_sa_manager->checkout(charon->ike_sa_manager,ike_sa_id, &ike_sa); + if (status != SUCCESS) + { + this->worker_logger->log(this->worker_logger, ERROR, "IKE SA could not be checked out. Allready deleted?"); + return; + } + + status = ike_sa->retransmit_request(ike_sa, message_id); + + if (status != SUCCESS) + { + this->worker_logger->log(this->worker_logger, CONTROL | MOST, "Message does'nt have to be retransmitted"); + } + + this->worker_logger->log(this->worker_logger, CONTROL|MOST, "Checkin IKE SA %lld:%lld, role %s", + ike_sa_id->get_initiator_spi(ike_sa_id), + ike_sa_id->get_responder_spi(ike_sa_id), + ike_sa_id->is_initiator(ike_sa_id) ? "initiator" : "responder"); + + status = charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); + if (status != SUCCESS) + { + this->worker_logger->log(this->worker_logger, ERROR, "Checkin of IKE SA failed!"); + } +/* + u_int32_t message_id = message->get_message_id(message); + retransmit_request_job_t *new_job = retransmit_request_job_create(message_id,ike_sa_id); + charon->event_queue->add_relative(charon->event_queue,(job_t *) new_job,5000);*/ + +} /** - * implementation of thread_pool_t.get_pool_size + * Implementation of thread_pool_t.get_pool_size. */ static size_t get_pool_size(private_thread_pool_t *this) { @@ -309,7 +377,7 @@ static size_t get_pool_size(private_thread_pool_t *this) } /** - * Implementation of thread_pool_t.destroy + * Implementation of thread_pool_t.destroy. */ static void destroy(private_thread_pool_t *this) { @@ -334,7 +402,7 @@ static void destroy(private_thread_pool_t *this) } /* - * see header + * Described in header. */ thread_pool_t *thread_pool_create(size_t pool_size) { @@ -350,6 +418,7 @@ thread_pool_t *thread_pool_create(size_t pool_size) this->process_initiate_ike_sa_job = process_initiate_ike_sa_job; this->process_delete_ike_sa_job = process_delete_ike_sa_job; this->process_incoming_packet_job = process_incoming_packet_job; + this->process_retransmit_request_job = process_retransmit_request_job; this->pool_size = pool_size; this->threads = allocator_alloc(sizeof(pthread_t) * pool_size); |