diff options
Diffstat (limited to 'Source')
| -rw-r--r-- | Source/charon/network/host.c | 80 | ||||
| -rw-r--r-- | Source/charon/network/host.h | 11 | ||||
| -rw-r--r-- | Source/charon/sa/Makefile.sa | 4 | ||||
| -rw-r--r-- | Source/charon/sa/child_sa.c | 82 | ||||
| -rw-r--r-- | Source/charon/sa/child_sa.h | 56 | ||||
| -rw-r--r-- | Source/charon/threads/Makefile.threads | 4 | ||||
| -rw-r--r-- | Source/charon/threads/kernel_interface.c | 279 | ||||
| -rw-r--r-- | Source/charon/threads/kernel_interface.h | 54 |
8 files changed, 539 insertions, 31 deletions
diff --git a/Source/charon/network/host.c b/Source/charon/network/host.c index 7313aedce..e09bfac75 100644 --- a/Source/charon/network/host.c +++ b/Source/charon/network/host.c @@ -49,8 +49,10 @@ struct private_host_t { /** * low-lewel structure, wich stores the address */ - sockaddr_t address; - + union { + struct sockaddr address; + struct sockaddr_in address4; + }; /** * length of address structure */ @@ -84,9 +86,8 @@ static bool is_default_route (private_host_t *this) case AF_INET: { static u_int8_t default_route[4] = {0x00,0x00,0x00,0x00}; - struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address); - if (memcmp(default_route,&(sin->sin_addr.s_addr),4) == 0) + if (memcmp(default_route,&(this->address4.sin_addr.s_addr),4) == 0) { return TRUE; } @@ -110,9 +111,11 @@ static char *get_address(private_host_t *this) case AF_INET: { char *string; - struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address); + /* we need to clone it, since inet_ntoa overwrites + * internal buffer on subsequent calls + */ allocator_free(this->string); - string = inet_ntoa(sin->sin_addr); + string = inet_ntoa(this->address4.sin_addr); this->string = allocator_alloc(strlen(string)+1); strcpy(this->string, string); return this->string; @@ -138,8 +141,7 @@ static chunk_t get_address_as_chunk(private_host_t *this) /* allocate 4 bytes for IPV4 address*/ address.ptr = allocator_alloc(4); address.len = 4; - struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address); - memcpy(address.ptr,&(sin->sin_addr.s_addr),4); + memcpy(address.ptr,&(this->address4.sin_addr.s_addr),4); } default: { @@ -147,7 +149,27 @@ static chunk_t get_address_as_chunk(private_host_t *this) return address; } } - +} + +static xfrm_address_t get_xfrm_addr(private_host_t *this) +{ + switch (this->family) + { + case AF_INET: + { + return (xfrm_address_t)(this->address4.sin_addr.s_addr); + } + default: + { + /* todo */ + return (xfrm_address_t)(this->address4.sin_addr.s_addr); + } + } +} + +static int get_family(private_host_t *this) +{ + return this->family; } /** @@ -159,8 +181,7 @@ static u_int16_t get_port(private_host_t *this) { case AF_INET: { - struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address); - return ntohs(sin->sin_port); + return ntohs(this->address4.sin_port); } default: { @@ -198,10 +219,8 @@ static bool ip_is_equal(private_host_t *this, private_host_t *other) /* IPv4 */ case AF_INET: { - struct sockaddr_in *sin1 = (struct sockaddr_in*)&(this->address); - struct sockaddr_in *sin2 = (struct sockaddr_in*)&(other->address); - if ((sin1->sin_family == sin2->sin_family) && - (sin1->sin_addr.s_addr == sin2->sin_addr.s_addr)) + if ((this->address4.sin_family == other->address4.sin_family) && + (this->address4.sin_addr.s_addr == other->address4.sin_addr.s_addr)) { return TRUE; } @@ -229,6 +248,8 @@ static private_host_t *host_create_empty() this->public.get_sockaddr = (sockaddr_t* (*) (host_t*))get_sockaddr; this->public.get_sockaddr_len = (socklen_t*(*) (host_t*))get_sockaddr_len; this->public.clone = (host_t* (*) (host_t*))clone; + this->public.get_family = (int (*) (host_t*))get_family; + this->public.get_xfrm_addr = (xfrm_address_t (*) (host_t *))get_xfrm_addr; this->public.get_address = (char* (*) (host_t *))get_address; this->public.get_address_as_chunk = (chunk_t (*) (host_t *)) get_address_as_chunk; this->public.get_port = (u_int16_t (*) (host_t *))get_port; @@ -255,10 +276,9 @@ host_t *host_create(int family, char *address, u_int16_t port) /* IPv4 */ case AF_INET: { - struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address); - sin->sin_family = AF_INET; - sin->sin_addr.s_addr = inet_addr(address); - sin->sin_port = htons(port); + this->address4.sin_family = AF_INET; + this->address4.sin_addr.s_addr = inet_addr(address); + this->address4.sin_port = htons(port); this->socklen = sizeof(struct sockaddr_in); return &(this->public); } @@ -280,22 +300,20 @@ host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port) private_host_t *this = host_create_empty(); this->family = family; - - if (address.len == 4) + switch (family) { - switch (family) + /* IPv4 */ + case AF_INET: { - /* IPv4 */ - case AF_INET: + if (address.len != 4) { - struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address); - sin->sin_family = AF_INET; - memcpy(&(sin->sin_addr.s_addr),address.ptr,4); - sin->sin_port = htons(port); - this->socklen = sizeof(struct sockaddr_in); - return &(this->public); + break; } - + this->address4.sin_family = AF_INET; + memcpy(&(this->address4.sin_addr.s_addr),address.ptr,4); + this->address4.sin_port = htons(port); + this->socklen = sizeof(struct sockaddr_in); + return &(this->public); } } allocator_free(this); diff --git a/Source/charon/network/host.h b/Source/charon/network/host.h index b5223ef4c..57274525d 100644 --- a/Source/charon/network/host.h +++ b/Source/charon/network/host.h @@ -29,6 +29,7 @@ #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> +#include <linux/xfrm.h> #include <types.h> @@ -75,6 +76,16 @@ struct host_t { */ socklen_t *(*get_sockaddr_len) (host_t *this); + /** + * @brief Gets the address as xfrm_address_t. + */ + xfrm_address_t (*get_xfrm_addr) (host_t *this); + + /** + * @brief Gets the address as xfrm_address_t. + */ + int (*get_family) (host_t *this); + /** * @brief get the address of this host * diff --git a/Source/charon/sa/Makefile.sa b/Source/charon/sa/Makefile.sa index b22a58b93..4c3e11bbc 100644 --- a/Source/charon/sa/Makefile.sa +++ b/Source/charon/sa/Makefile.sa @@ -29,5 +29,9 @@ $(BUILD_DIR)ike_sa.o : $(SA_DIR)ike_sa.c $(SA_DIR)ike_sa.h OBJS+= $(BUILD_DIR)authenticator.o $(BUILD_DIR)authenticator.o : $(SA_DIR)authenticator.c $(SA_DIR)authenticator.h $(CC) $(CFLAGS) -c -o $@ $< + +OBJS+= $(BUILD_DIR)child_sa.o +$(BUILD_DIR)child_sa.o : $(SA_DIR)child_sa.c $(SA_DIR)child_sa.h + $(CC) $(CFLAGS) -c -o $@ $< include $(SA_DIR)states/Makefile.states
\ No newline at end of file diff --git a/Source/charon/sa/child_sa.c b/Source/charon/sa/child_sa.c new file mode 100644 index 000000000..b0ba55d41 --- /dev/null +++ b/Source/charon/sa/child_sa.c @@ -0,0 +1,82 @@ +/** + * @file child_sa.c + * + * @brief Implementation of child_sa_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "child_sa.h" + + +#include <utils/allocator.h> + +typedef struct private_child_sa_t private_child_sa_t; + +/** + * Private data of an child_sa_t object + */ +struct private_child_sa_t { + /** + * Public part of a child_sa object + */ + child_sa_t public; + + /** + * type of this child sa, ESP or AH + */ + protocol_id_t sa_type; + + +}; + + +/** + * implements child_sa_t.clone. + */ +static u_int32_t get_spi(private_child_sa_t *this) +{ + return 0; +} + +/** + * implements child_sa_t.clone. + */ +static void destroy(private_child_sa_t *this) +{ + allocator_free(this); +} + +/* + * Described in Header-File + */ +child_sa_t * child_sa_create(protocol_id_t sa_type, prf_plus_t *prf_plus) +{ + private_child_sa_t *this = allocator_alloc_thing(private_child_sa_t); + + /* Public functions */ + this->public.get_spi = (u_int32_t(*)(child_sa_t*))get_spi; + this->public.destroy = (void(*)(child_sa_t*))destroy; + + /* private data */ + this->sa_type = sa_type; + + + + + return (&this->public); +} diff --git a/Source/charon/sa/child_sa.h b/Source/charon/sa/child_sa.h new file mode 100644 index 000000000..da8883cc9 --- /dev/null +++ b/Source/charon/sa/child_sa.h @@ -0,0 +1,56 @@ +/** + * @file child_sa.h + * + * @brief Interface of child_sa_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + + +#ifndef CHILD_SA_H_ +#define CHILD_SA_H_ + +#include <types.h> +#include <transforms/prf_plus.h> +#include <encoding/payloads/proposal_substructure.h> + +typedef struct child_sa_t child_sa_t; + +/** + * @brief + * @ingroup sa + */ +struct child_sa_t { + + u_int32_t (*get_spi) (child_sa_t *this); + + /** + * @brief Destroys a child_sa. + * + * @param this child_sa_t object + */ + void (*destroy) (child_sa_t *this); +}; + +/** + * @brief + * + * @ingroup sa + */ +child_sa_t * child_sa_create(protocol_id_t protocol_id, prf_plus_t *prf_plus); + +#endif /*CHILD_SA_H_*/ diff --git a/Source/charon/threads/Makefile.threads b/Source/charon/threads/Makefile.threads index 4ed507a1c..8c18d4047 100644 --- a/Source/charon/threads/Makefile.threads +++ b/Source/charon/threads/Makefile.threads @@ -33,3 +33,7 @@ $(BUILD_DIR)thread_pool.o : $(THREADS_DIR)thread_pool.c $(THREADS_DIR)thread_po OBJS+= $(BUILD_DIR)prime_pool.o $(BUILD_DIR)prime_pool.o : $(THREADS_DIR)prime_pool.c $(THREADS_DIR)prime_pool.h $(CC) $(CFLAGS) -c -o $@ $< + +OBJS+= $(BUILD_DIR)kernel_interface.o +$(BUILD_DIR)kernel_interface.o :$(THREADS_DIR)kernel_interface.c $(THREADS_DIR)kernel_interface.h + $(CC) $(CFLAGS) -c -o $@ $< diff --git a/Source/charon/threads/kernel_interface.c b/Source/charon/threads/kernel_interface.c new file mode 100644 index 000000000..ffc839038 --- /dev/null +++ b/Source/charon/threads/kernel_interface.c @@ -0,0 +1,279 @@ +/** + * @file kernel_interface.c + * + * @brief Implementation of kernel_interface_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <sys/types.h> +#include <sys/socket.h> +#include <linux/netlink.h> +#include <linux/xfrm.h> +#include <pthread.h> + +#include "kernel_interface.h" + +#include <utils/allocator.h> +#include <utils/linked_list.h> +#include <network/host.h> +#include <encoding/payloads/proposal_substructure.h> + + +typedef struct netlink_message_t netlink_message_t; + +struct netlink_message_t { + + /** + * header of the netlink message + */ + struct nlmsghdr hdr; + + union { + struct nlmsgerr e; + struct xfrm_userspi_info spi; + struct xfrm_usersa_info sa; + }; + + u_int8_t data[]; +}; + + +typedef struct private_kernel_interface_t private_kernel_interface_t; + + /** + * @brief Private Variables and Functions of kernel_interface class + * + */ +struct private_kernel_interface_t { + /** + * Public part of the kernel_interface_t object + */ + kernel_interface_t public; + + /** + * netlink communication socket + */ + int socket; + + /** + * since we use multiple threads, we can't call + * getpid multiple times. The pid is set once. + */ + pid_t pid; + + /** + * sequence number for messages + */ + u_int32_t seq; + + /** + * list of replies messages + */ + linked_list_t *replies; + + /** + * Function for the thread, receives messages + */ + void (*receive_messages) (private_kernel_interface_t *this); + + /** + * Sends a netlink_message_t down to the kernel + */ + void (*send_message) (private_kernel_interface_t *this, netlink_message_t *request, netlink_message_t *response); +}; + + +//static u_int32_t get_spi(private_kernel_interface_t *this, host_t *src, host_t *dest, protocol_id_t protocol, bool tunnel_mode) +//{ +// netlink_message_t request, response; +// +// memset(&request, 0, sizeof(request)); +// request.hdr.nlmsg_flags = NLM_F_REQUEST; +// request.hdr.nlmsg_type = XFRM_MSG_ALLOCSPI; +// request.spi.info.saddr = src->get_xfrm_addr(src); +// request.spi.info.id.daddr = dest->get_xfrm_addr(dest); +// request.spi.info.mode = tunnel_mode; +// request.spi.info.id.proto = protocol; +// request.spi.info.family = src->get_family(src); +// request.spi.min = 0; +// request.spi.max = 50000; +// request.hdr.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(request.spi))); +// +// this->send_message(this, &request, &response); +// +// if (response.hdr.nlmsg_type == NLMSG_ERROR) +// { +// /* error handling */ +// } +// else if (response.hdr.nlmsg_len < NLMSG_LENGTH(sizeof(response.sa))) +// { +// /* error handling */ +// } +// +// return response.sa.id.spi; +//} +// +// +// +//static status_t send_message(private_kernel_interface_t *this, netlink_message_t *request, netlink_message_t *response) +//{ +// size_t length; +// ssize_t r; +// +// length = request->hdr.nlmsg_len; +// +// +// +// +// +// size_t len; +// ssize_t r; +// +// +// +// request->hdr.nlmsg_seq = ++this->seq; +// length = request->hdr.nlmsg_len; +// +// do { +// r = write(netlinkfd, hdr, len); +// } while (r < 0 && errno == EINTR); +// +// if (r < 0) +// { +// return FAILED; +// } +// else if ((size_t)r != len) +// { +// return FAILED; +// } +// +// +// /* wait for receiver thread */ +// +// return TRUE; +//} +// +// +//static void receive_messages(private_kernel_interface_t *this) +//{ +// while(TRUE) +// { +// netlink_message_t *response; +// +// +// socklen_t addr_length; +// struct sockaddr_nl addr; +// size_t length; +// +// addr_length = sizeof(addr); +// length = recvfrom(netlinkfd, &rsp, sizeof(rsp), 0, (struct sockaddr*)&addr, &addr_length); +// if (r < 0) +// { +// if (errno == EINTR) +// { +// continue; +// } +// return FAILED; +// } +// else if ((size_t) r < sizeof(rsp.n)) +// { +// /* not enought bytes for header */ +// continue; +// } +// else if (addr.nl_pid != 0) +// { +// /* not interested */ +// continue; +// } +// else if (rsp.n.nlmsg_seq != seq) +// { +// DBG(DBG_KLIPS, +// DBG_log("netlink: ignoring out of sequence (%u/%u) message %s" +// , rsp.n.nlmsg_seq, seq +// , sparse_val_show(xfrm_type_names, rsp.n.nlmsg_type))); +// continue; +// } +// break; +// } +// +// if (rsp.n.nlmsg_len > (size_t) r) +// { +// return FALSE; +// } +// else if (rsp.n.nlmsg_type != NLMSG_ERROR +// && (rbuf && rsp.n.nlmsg_type != rbuf->nlmsg_type)) +// { +// loglog(RC_LOG_SERIOUS +// , "netlink recvfrom() of response to our %s message" +// " for %s %s was of wrong type (%s)" +// , sparse_val_show(xfrm_type_names, hdr->nlmsg_type) +// , description, text_said +// , sparse_val_show(xfrm_type_names, rsp.n.nlmsg_type)); +// return FALSE; +// } +// else if (rbuf) +// { +// if ((size_t) r > rbuf_len) +// { +// loglog(RC_LOG_SERIOUS +// , "netlink recvfrom() of response to our %s message" +// " for %s %s was too long: %ld > %lu" +// , sparse_val_show(xfrm_type_names, hdr->nlmsg_type) +// , description, text_said +// , (long)r, (unsigned long)rbuf_len); +// return FALSE; +// } +// memcpy(rbuf, &rsp, r); +// return TRUE; +// } +// else if (rsp.n.nlmsg_type == NLMSG_ERROR && rsp.e.error) +// { +// loglog(RC_LOG_SERIOUS +// , "ERROR: netlink response for %s %s included errno %d: %s" +// , description, text_said +// , -rsp.e.error +// , strerror(-rsp.e.error)); +// return FALSE; +// } +//} + + + + /** + * implements kernel_interface_t.destroy + */ +static void destroy (private_kernel_interface_t *this) +{ + allocator_free(this); +} + +/* + * Documented in header + */ +kernel_interface_t *kernel_interface_create() +{ + private_kernel_interface_t *this = allocator_alloc_thing(private_kernel_interface_t); + + /* public functions */ + this->public.destroy = (void(*)(kernel_interface_t*)) destroy; + + /* private members */ + this->socket = socket(PF_NETLINK, SOCK_RAW, NETLINK_XFRM); + + return (&this->public); +} diff --git a/Source/charon/threads/kernel_interface.h b/Source/charon/threads/kernel_interface.h new file mode 100644 index 000000000..3ade97426 --- /dev/null +++ b/Source/charon/threads/kernel_interface.h @@ -0,0 +1,54 @@ +/** + * @file kernel_interface.h + * + * @brief Interface of kernel_interface_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef KERNEL_INTERFACE_H_ +#define KERNEL_INTERFACE_H_ + + + +typedef struct kernel_interface_t kernel_interface_t; + +/** + * @brief + * + * @ingroup threads + */ +struct kernel_interface_t { + + /** + * @brief Destroys a kernel_interface object. + * + * Stopps the prime thread and destroys the pool. + * + * @param kernel_interface_t calling object + */ + void (*destroy) (kernel_interface_t *kernel_interface); +}; + +/** + * @brief + * + * @ingroup threads + */ +kernel_interface_t *kernel_interface_create(); + +#endif /*KERNEL_INTERFACE_H_*/ |