diff options
Diffstat (limited to 'Source')
26 files changed, 398 insertions, 417 deletions
diff --git a/Source/Makefile b/Source/Makefile index d1aff1e07..b69438b84 100644 --- a/Source/Makefile +++ b/Source/Makefile @@ -17,13 +17,15 @@ FREESWANSRCDIR=../.. ifeq ($(shell ls $(FREESWANSRCDIR)/Makefile.inc 2>&1), ../../Makefile.inc) include ${FREESWANSRCDIR}/Makefile.inc else - # use leak detective by default - USE_LEAK_DETECTIVE?=true +# Defaults if not using strongswan defines + USE_LEAK_DETECTIVE?=false + INSTALL=install + INSTBINFLAGS=-b --suffix=.old + LIBEXECDIR=/usr/local/libexec/ipsec + SHAREDLIBDIR=/usr/local/lib endif - - BUILD_DIR= ./bin/ BINNAMECHARON= $(BUILD_DIR)charon @@ -65,7 +67,7 @@ build_dir: mkdir -p $(BUILD_DIR) $(BINNAMELIB) : build_dir $(LIB_OBJS) - $(CC) -ldl -lgmp -lpthread -shared $(LIB_OBJS) -o $@ + $(CC) -lpthread -ldl -lgmp -shared $(LIB_OBJS) -o $@ $(BINNAMECHARON) : build_dir $(CHARON_OBJS) $(BINNAMELIB) $(BUILD_DIR)daemon.o $(CC) -L./bin -lstrongswan $(CHARON_OBJS) $(BUILD_DIR)daemon.o -o $@ diff --git a/Source/charon/config/connections/connection.c b/Source/charon/config/connections/connection.c index d2e50c780..2ce544cc9 100644 --- a/Source/charon/config/connections/connection.c +++ b/Source/charon/config/connections/connection.c @@ -20,6 +20,8 @@ * for more details. */ +#include <string.h> + #include "connection.h" #include <utils/linked_list.h> @@ -49,6 +51,11 @@ struct private_connection_t { connection_t public; /** + * Name of the connection + */ + char *name; + + /** * ID of us */ identification_t *my_id; @@ -80,6 +87,14 @@ struct private_connection_t { }; /** + * Implementation of connection_t.get_name. + */ +static char *get_name (private_connection_t *this) +{ + return this->name; +} + +/** * Implementation of connection_t.get_my_id. */ static identification_t *get_my_id (private_connection_t *this) @@ -253,6 +268,7 @@ static connection_t *clone(private_connection_t *this) iterator_t *iterator; proposal_t *proposal; private_connection_t *clone = (private_connection_t*)connection_create( + this->name, this->my_host->clone(this->my_host), this->other_host->clone(this->other_host), this->my_id->clone(this->my_id), @@ -295,11 +311,12 @@ static void destroy (private_connection_t *this) /** * Described in header. */ -connection_t * connection_create(host_t *my_host, host_t *other_host, identification_t *my_id, identification_t *other_id, auth_method_t auth_method) +connection_t * connection_create(char *name, host_t *my_host, host_t *other_host, identification_t *my_id, identification_t *other_id, auth_method_t auth_method) { private_connection_t *this = malloc_thing(private_connection_t); /* public functions */ + this->public.get_name = (char*(*)(connection_t*))get_name; this->public.get_my_id = (identification_t*(*)(connection_t*))get_my_id; this->public.get_other_id = (identification_t*(*)(connection_t*))get_other_id; this->public.get_my_host = (host_t*(*)(connection_t*))get_my_host; @@ -316,6 +333,7 @@ connection_t * connection_create(host_t *my_host, host_t *other_host, identifica this->public.destroy = (void(*)(connection_t*))destroy; /* private variables */ + this->name = strdup(name); this->my_host = my_host; this->other_host = other_host; this->my_id = my_id; diff --git a/Source/charon/config/connections/connection.h b/Source/charon/config/connections/connection.h index 39b076411..fb960d1a0 100644 --- a/Source/charon/config/connections/connection.h +++ b/Source/charon/config/connections/connection.h @@ -186,6 +186,17 @@ struct connection_t { auth_method_t (*get_auth_method) (connection_t *this); /** + * @brief Get the connection name. + * + * Name must not be freed, since it points to + * internal data. + * + * @param this calling object + * @return name of the connection + */ + char* (*get_name) (connection_t *this); + + /** * @brief Get the DH group to use for connection initialization. * * @param this calling object @@ -225,8 +236,9 @@ struct connection_t { * * Supplied hosts/IDs become owned by connection, so * do not modify or destroy them after a call to - * connection_create(). - * + * connection_create(). Name gets cloned internally. + * + * @param name connection identifier * @param my_host host_t representing local address * @param other_host host_t representing remote address * @param my_id identification_t for me @@ -236,7 +248,8 @@ struct connection_t { * * @ingroup config */ -connection_t * connection_create(host_t *my_host, host_t *other_host, +connection_t * connection_create(char *name, + host_t *my_host, host_t *other_host, identification_t *my_id, identification_t *other_id, auth_method_t auth_method); diff --git a/Source/charon/config/connections/connection_store.h b/Source/charon/config/connections/connection_store.h index f1814a00d..41fd58e42 100755 --- a/Source/charon/config/connections/connection_store.h +++ b/Source/charon/config/connections/connection_store.h @@ -72,7 +72,21 @@ struct connection_store_t { * - NULL otherwise */ connection_t *(*get_connection_by_hosts) (connection_store_t *this, host_t *my_host, host_t *other_host); - + + /** + * @brief Returns a connection identified by its name. + * + * This call is usefull to get a connection identified its + * name, as on an connection setup. + * + * @param this calling object + * @param name name of the connection to get + * @return + * - connection_t, if found + * - NULL otherwise + */ + connection_t *(*get_connection_by_name) (connection_store_t *this, char *name); + /** * @brief Add a connection to the store. * diff --git a/Source/charon/config/connections/local_connection_store.c b/Source/charon/config/connections/local_connection_store.c index 3eee2ba58..3f07f0d21 100644 --- a/Source/charon/config/connections/local_connection_store.c +++ b/Source/charon/config/connections/local_connection_store.c @@ -20,6 +20,8 @@ * for more details. */ +#include <string.h> + #include "local_connection_store.h" #include <utils/linked_list.h> @@ -159,9 +161,32 @@ static connection_t *get_connection_by_ids(private_local_connection_store_t *thi } /** + * Implementation of connection_store_t.get_connection_by_name. + */ +static connection_t *get_connection_by_name(private_local_connection_store_t *this, char *name) +{ + iterator_t *iterator; + connection_t *current, *found = NULL; + + iterator = this->connections->create_iterator(this->connections, TRUE); + while (iterator->has_next(iterator)) + { + iterator->current(iterator, (void**)¤t); + if (strcmp(name, current->get_name(current)) == 0) + { + found = current->clone(current); + break; + } + } + iterator->destroy(iterator); + + return found; +} + +/** * Implementation of connection_store_t.add_connection. */ -status_t add_connection(private_local_connection_store_t *this, connection_t *connection) +static status_t add_connection(private_local_connection_store_t *this, connection_t *connection) { this->connections->insert_last(this->connections, connection); return SUCCESS; @@ -191,6 +216,7 @@ local_connection_store_t * local_connection_store_create() this->public.connection_store.get_connection_by_hosts = (connection_t*(*)(connection_store_t*,host_t*,host_t*))get_connection_by_hosts; this->public.connection_store.get_connection_by_ids = (connection_t*(*)(connection_store_t*,identification_t*,identification_t*))get_connection_by_ids; + this->public.connection_store.get_connection_by_name = (connection_t*(*)(connection_store_t*,char*))get_connection_by_name; this->public.connection_store.add_connection = (status_t(*)(connection_store_t*,connection_t*))add_connection; this->public.connection_store.destroy = (void(*)(connection_store_t*))destroy; diff --git a/Source/charon/config/policies/local_policy_store.c b/Source/charon/config/policies/local_policy_store.c index a03b86a73..7dcdf1728 100644 --- a/Source/charon/config/policies/local_policy_store.c +++ b/Source/charon/config/policies/local_policy_store.c @@ -66,6 +66,9 @@ static policy_t *get_policy(private_local_policy_store_t *this, identification_t iterator_t *iterator; policy_t *current, *found = NULL; + this->logger->log(this->logger, CONTROL|LEVEL0, "Looking for policy for IDs %s - %s", + my_id ? my_id->get_string(my_id) : "%any", + other_id->get_string(other_id)); iterator = this->policies->create_iterator(this->policies, TRUE); while (iterator->has_next(iterator)) { @@ -73,8 +76,12 @@ static policy_t *get_policy(private_local_policy_store_t *this, identification_t identification_t *config_my_id = current->get_my_id(current); identification_t *config_other_id = current->get_other_id(current); + this->logger->log(this->logger, CONTROL|LEVEL0, "Found one for %s - %s", + config_my_id->get_string(config_my_id), + config_other_id->get_string(config_other_id)); + /* check other host first */ - if (config_other_id->belongs_to(config_other_id, other_id)) + if (other_id->belongs_to(other_id, config_other_id)) { /* get it if my_id not specified */ if (my_id == NULL) @@ -82,7 +89,7 @@ static policy_t *get_policy(private_local_policy_store_t *this, identification_t found = current->clone(current); break; } - if (config_my_id->belongs_to(config_my_id, my_id)) + if (my_id->belongs_to(my_id, config_my_id)) { found = current->clone(current); break; diff --git a/Source/charon/daemon.h b/Source/charon/daemon.h index 037f40cc5..5aee21fdb 100644 --- a/Source/charon/daemon.h +++ b/Source/charon/daemon.h @@ -207,21 +207,21 @@ * * @ingroup charon */ -#define IPSEC_DIR "/etc/ipsec.d/" +#define IPSEC_DIR "/etc/ipsec.d" /** * Directory for private keys * * @ingroup charon */ -#define PRIVATE_KEY_DIR IPSEC_DIR "private/" +#define PRIVATE_KEY_DIR IPSEC_DIR "/private" /** * Directory for trusted certificates * * @ingroup charon */ -#define CERTIFICATE_DIR IPSEC_DIR "certs/" +#define CERTIFICATE_DIR IPSEC_DIR "/certs" typedef struct daemon_t daemon_t; diff --git a/Source/charon/sa/child_sa.c b/Source/charon/sa/child_sa.c index f5828be2e..8871b73a1 100644 --- a/Source/charon/sa/child_sa.c +++ b/Source/charon/sa/child_sa.c @@ -467,7 +467,7 @@ static status_t add_policies(private_child_sa_t *this, linked_list_t *my_ts_list /** * Implementation of child_sa_t.log_status. */ -static void log_status(private_child_sa_t *this, logger_t *logger) +static void log_status(private_child_sa_t *this, logger_t *logger, char* name) { iterator_t *iterator; sa_policy_t *policy; @@ -479,7 +479,8 @@ static void log_status(private_child_sa_t *this, logger_t *logger) { logger = this->logger; } - logger->log(logger, CONTROL, " protected with ESP (%x/%x), AH (%x,%x); traffic:", + logger->log(logger, CONTROL|LEVEL1, "\"%s\": protected with ESP (%x/%x), AH (%x,%x):", + name, htonl(this->my_esp_spi), htonl(this->other_esp_spi), htonl(this->my_ah_spi), htonl(this->other_ah_spi)); iterator = this->policies->create_iterator(this->policies, TRUE); @@ -498,7 +499,8 @@ static void log_status(private_child_sa_t *this, logger_t *logger) snprintf(proto_buf, sizeof(proto_buf), "<%d>", policy->upper_proto); } } - logger->log(logger, CONTROL, " %s/%d===%s===%s/%d", + logger->log(logger, CONTROL, "\"%s\": %s/%d==%s==%s/%d", + name, policy->my_net->get_address(policy->my_net), policy->my_net_mask, proto_name, policy->other_net->get_address(policy->other_net), policy->other_net_mask); @@ -570,7 +572,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other) this->public.add = (status_t(*)(child_sa_t*,proposal_t*,prf_plus_t*))add; this->public.update = (status_t(*)(child_sa_t*,proposal_t*,prf_plus_t*))update; this->public.add_policies = (status_t (*)(child_sa_t*, linked_list_t*,linked_list_t*))add_policies; - this->public.log_status = (void (*)(child_sa_t*, logger_t*))log_status; + this->public.log_status = (void (*)(child_sa_t*, logger_t*, char*))log_status; this->public.destroy = (void(*)(child_sa_t*))destroy; /* private data */ diff --git a/Source/charon/sa/child_sa.h b/Source/charon/sa/child_sa.h index c49d85de9..6ccbff13f 100644 --- a/Source/charon/sa/child_sa.h +++ b/Source/charon/sa/child_sa.h @@ -118,12 +118,14 @@ struct child_sa_t { * The status of ESP/AH SAs is logged with the supplied logger in * a human readable form. * Supplying NULL as logger uses the internal child_sa logger - * to do the logging. + * to do the logging. The name is only a log-prefix without further + * meaning. * * @param this calling object * @param logger logger to use for logging + * @param name connection name */ - void (*log_status) (child_sa_t *this, logger_t *logger); + void (*log_status) (child_sa_t *this, logger_t *logger, char *name); /** * @brief Destroys a child_sa. diff --git a/Source/charon/sa/ike_sa.c b/Source/charon/sa/ike_sa.c index 0360695c0..99531d75e 100644 --- a/Source/charon/sa/ike_sa.c +++ b/Source/charon/sa/ike_sa.c @@ -979,11 +979,24 @@ static void reset_message_buffers (private_ike_sa_t *this) /** * Implementation of protected_ike_sa_t.log_status. */ -static void log_status(private_ike_sa_t *this, logger_t *logger) +static void log_status(private_ike_sa_t *this, logger_t *logger, char *name) { iterator_t *iterator; child_sa_t *child_sa; + /* only log if name == NULL or name == connection_name */ + if (name) + { + if (strcmp(this->connection->get_name(this->connection), name) != 0) + { + return; + } + } + else + { + name = this->connection->get_name(this->connection); + } + host_t *my_host = this->connection->get_my_host(this->connection); host_t *other_host = this->connection->get_other_host(this->connection); @@ -994,11 +1007,13 @@ static void log_status(private_ike_sa_t *this, logger_t *logger) { logger = this->logger; } - logger->log(logger, CONTROL, "IKE_SA in state %s, SPIs: %lld %lld", + logger->log(logger, CONTROL|LEVEL1, "\"%s\": IKE_SA in state %s, SPIs: %llx %llx", + name, mapping_find(ike_sa_state_m, this->current_state->get_state(this->current_state)), this->ike_sa_id->get_initiator_spi(this->ike_sa_id), this->ike_sa_id->get_responder_spi(this->ike_sa_id)); - logger->log(logger, CONTROL, "%s[%s]...%s[%s]; tunnels:", + logger->log(logger, CONTROL, "\"%s\": %s[%s]...%s[%s]", + name, my_host->get_address(my_host), my_id->get_string(my_id), other_host->get_address(other_host), @@ -1008,7 +1023,7 @@ static void log_status(private_ike_sa_t *this, logger_t *logger) while (iterator->has_next(iterator)) { iterator->current(iterator, (void**)&child_sa); - child_sa->log_status(child_sa, logger); + child_sa->log_status(child_sa, logger, name); } iterator->destroy(iterator); } @@ -1109,10 +1124,11 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->protected.public.get_other_host = (host_t*(*)(ike_sa_t*)) get_other_host; this->protected.public.get_my_id = (identification_t*(*)(ike_sa_t*)) get_my_id; this->protected.public.get_other_id = (identification_t*(*)(ike_sa_t*)) get_other_id; + this->protected.public.get_connection = (connection_t*(*)(ike_sa_t*)) get_connection; this->protected.public.retransmit_request = (status_t (*) (ike_sa_t *, u_int32_t)) retransmit_request; this->protected.public.get_state = (ike_sa_state_t (*) (ike_sa_t *this)) get_state; this->protected.public.send_delete_ike_sa_request = (void (*)(ike_sa_t*)) send_delete_ike_sa_request; - this->protected.public.log_status = (void (*) (ike_sa_t*,logger_t*))log_status; + this->protected.public.log_status = (void (*) (ike_sa_t*,logger_t*,char*))log_status; this->protected.public.destroy = (void(*)(ike_sa_t*))destroy; /* protected functions */ diff --git a/Source/charon/sa/ike_sa.h b/Source/charon/sa/ike_sa.h index 71688394a..c526c6347 100644 --- a/Source/charon/sa/ike_sa.h +++ b/Source/charon/sa/ike_sa.h @@ -153,6 +153,19 @@ struct ike_sa_t { * @return remote identification_t */ identification_t* (*get_other_id) (ike_sa_t *this); + + /** + * @brief Get the connection of the IKE_SA. + * + * The internal used connection specification + * can be queried to get some data of an IKE_SA. + * The connection is still owned to the IKE_SA + * and must not be manipulated. + * + * @param this calling object + * @return connection_t + */ + connection_t* (*get_connection) (ike_sa_t *this); /** * @brief Get the state of type of associated state object. @@ -167,12 +180,14 @@ struct ike_sa_t { * * The status of the IKE SA and all child SAs is logged. * Supplying NULL as logger uses the internal child_sa logger - * to do the logging. + * to do the logging. The log is only done if the supplied + * connection name is NULL or matches the connections name. * * @param this calling object * @param logger logger to use for logging + * @param name name of the connection */ - void (*log_status) (ike_sa_t *this, logger_t *logger); + void (*log_status) (ike_sa_t *this, logger_t *logger, char *name); /** * @brief Destroys a ike_sa_t object. diff --git a/Source/charon/sa/ike_sa_manager.c b/Source/charon/sa/ike_sa_manager.c index d0120fa7e..01f3f5ad2 100644 --- a/Source/charon/sa/ike_sa_manager.c +++ b/Source/charon/sa/ike_sa_manager.c @@ -574,6 +574,27 @@ linked_list_t *get_ike_sa_list(private_ike_sa_manager_t* this) } /** + * Implementation of ike_sa_manager_t.log_status. + */ +static void log_status(private_ike_sa_manager_t* this, logger_t* logger, char* name) +{ + iterator_t *iterator; + + pthread_mutex_lock(&(this->mutex)); + + iterator = this->ike_sa_list->create_iterator(this->ike_sa_list, TRUE); + while (iterator->has_next(iterator)) + { + ike_sa_entry_t *entry; + iterator->current(iterator, (void**)&entry); + entry->ike_sa->log_status(entry->ike_sa, logger, name); + } + iterator->destroy(iterator); + + pthread_mutex_unlock(&(this->mutex)); +} + +/** * Implementation of ike_sa_manager_t.checkin. */ static status_t checkin(private_ike_sa_manager_t *this, ike_sa_t *ike_sa) @@ -767,6 +788,7 @@ ike_sa_manager_t *ike_sa_manager_create() this->public.checkout = (status_t(*)(ike_sa_manager_t*, ike_sa_id_t*,ike_sa_t**))checkout; this->public.checkout_by_hosts = (status_t(*)(ike_sa_manager_t*,host_t*,host_t*,ike_sa_t**))checkout_by_hosts; this->public.get_ike_sa_list = (linked_list_t*(*)(ike_sa_manager_t*))get_ike_sa_list; + this->public.log_status = (void(*)(ike_sa_manager_t*,logger_t*,char*))log_status; this->public.checkin = (status_t(*)(ike_sa_manager_t*,ike_sa_t*))checkin; this->public.delete = (status_t(*)(ike_sa_manager_t*,ike_sa_id_t*))delete; this->public.checkin_and_delete = (status_t(*)(ike_sa_manager_t*,ike_sa_t*))checkin_and_delete; diff --git a/Source/charon/sa/ike_sa_manager.h b/Source/charon/sa/ike_sa_manager.h index a00f37e4f..e2235b4b6 100644 --- a/Source/charon/sa/ike_sa_manager.h +++ b/Source/charon/sa/ike_sa_manager.h @@ -25,6 +25,7 @@ #include <types.h> #include <sa/ike_sa.h> +#include <utils/logger.h> typedef struct ike_sa_manager_t ike_sa_manager_t; @@ -58,7 +59,7 @@ struct ike_sa_manager_t { * @warning checking out two times without checking in will * result in a deadlock! * - * @param ike_sa_manager the manager object + * @param this the manager object * @param ike_sa_id[in/out] the SA identifier, will be updated * @param ike_sa[out] checked out SA * @returns @@ -66,7 +67,7 @@ struct ike_sa_manager_t { * - NOT_FOUND when no such SA is available * - CREATED if a new IKE_SA got created */ - status_t (*checkout) (ike_sa_manager_t* ike_sa_manager, ike_sa_id_t *sa_id, ike_sa_t **ike_sa); + status_t (*checkout) (ike_sa_manager_t* this, ike_sa_id_t *sa_id, ike_sa_t **ike_sa); /** * @brief Create and checkout an IKE_SA as original initator. @@ -74,10 +75,10 @@ struct ike_sa_manager_t { * Creates and checks out a SA as initiator. * Management of SPIs is the managers job, he will set it. * - * @param ike_sa_manager the manager object + * @param this the manager object * @param ike_sa[out] checked out SA */ - void (*create_and_checkout) (ike_sa_manager_t* ike_sa_manager,ike_sa_t **ike_sa); + void (*create_and_checkout) (ike_sa_manager_t* this,ike_sa_t **ike_sa); /** * @brief Check out an IKE_SA, defined be the two peers. @@ -86,7 +87,7 @@ struct ike_sa_manager_t { * for kernel traps, status querying and so on... one of the hosts * may be 0.0.0.0 (defaultroute/any), but not both. * - * @param ike_sa_manager the manager object + * @param this the manager object * @param me host on local side * @param other host on remote side * @param ike_sa[out] checked out SA @@ -94,7 +95,7 @@ struct ike_sa_manager_t { * - NOT_FOUND, if no such SA found * - SUCCESS, if SA found and ike_sa set appropriatly */ - status_t (*checkout_by_hosts) (ike_sa_manager_t* ike_sa_manager, host_t *me, host_t *other, ike_sa_t **ike_sa); + status_t (*checkout_by_hosts) (ike_sa_manager_t* this, host_t *me, host_t *other, ike_sa_t **ike_sa); /** * @brief Get a list of all IKE_SA SAs currently set up. @@ -104,10 +105,23 @@ struct ike_sa_manager_t { * corrensponding ID really exists, since it may be deleted * in the meantime by another thread. * - * @param ike_sa_manager the manager object + * @param this the manager object * @return a list with ike_sa_id_t s */ - linked_list_t *(*get_ike_sa_list) (ike_sa_manager_t* ike_sa_manager); + linked_list_t *(*get_ike_sa_list) (ike_sa_manager_t* this); + + /** + * @brief Log the status of the IKE_SA's in the manager. + * + * A informational log is done to the supplied logger. If logger is + * NULL, an internal logger is used. If a name is supplied, + * only connections with the matching name will be logged. + * + * @param this the manager object + * @param logger logger to do the log, or NULL + * @param name name of a connection, or NULL + */ + void (*log_status) (ike_sa_manager_t* this, logger_t* logger, char* name); /** * @brief Checkin the SA after usage. @@ -115,14 +129,14 @@ struct ike_sa_manager_t { * @warning the SA pointer MUST NOT be used after checkin! * The SA must be checked out again! * - * @param ike_sa_manager the manager object + * @param this the manager object * @param ike_sa_id[in/out] the SA identifier, will be updated * @param ike_sa[out] checked out SA * @returns * - SUCCESS if checked in * - NOT_FOUND when not found (shouldn't happen!) */ - status_t (*checkin) (ike_sa_manager_t* ike_sa_manager, ike_sa_t *ike_sa); + status_t (*checkin) (ike_sa_manager_t* this, ike_sa_t *ike_sa); /** * @brief Delete a SA, which was not checked out. @@ -130,33 +144,33 @@ struct ike_sa_manager_t { * @warning do not use this when the SA is already checked out, this will * deadlock! * - * @param ike_sa_manager the manager object + * @param this the manager object * @param ike_sa_id[in/out] the SA identifier * @returns * - SUCCESS if found * - NOT_FOUND when no such SA is available */ - status_t (*delete) (ike_sa_manager_t* ike_sa_manager, ike_sa_id_t *ike_sa_id); + status_t (*delete) (ike_sa_manager_t* this, ike_sa_id_t *ike_sa_id); /** * @brief Delete a checked out SA. * - * @param ike_sa_manager the manager object + * @param this the manager object * @param ike_sa SA to delete * @returns * - SUCCESS if found * - NOT_FOUND when no such SA is available */ - status_t (*checkin_and_delete) (ike_sa_manager_t* ike_sa_manager, ike_sa_t *ike_sa); + status_t (*checkin_and_delete) (ike_sa_manager_t* this, ike_sa_t *ike_sa); /** * @brief Destroys the manager with all associated SAs. * * Threads will be driven out, so all SAs can be deleted cleanly. * - * @param ike_sa_manager the manager object + * @param this the manager object */ - void (*destroy) (ike_sa_manager_t *ike_sa_manager); + void (*destroy) (ike_sa_manager_t *this); }; /** diff --git a/Source/charon/threads/stroke_interface.c b/Source/charon/threads/stroke_interface.c index 143dcd691..3078c03c6 100755 --- a/Source/charon/threads/stroke_interface.c +++ b/Source/charon/threads/stroke_interface.c @@ -42,24 +42,6 @@ struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET}; -typedef struct connection_entry_t connection_entry_t; - -/** - * A connection entry combines a connection name with a connection. - */ -struct connection_entry_t { - - /** - * connection name. - */ - char *name; - - /** - * Configuration for IKE_SA_INIT exchange. - */ - connection_t *connection; -}; - typedef struct private_stroke_t private_stroke_t; @@ -74,11 +56,6 @@ struct private_stroke_t { stroke_t public; /** - * Holding all connections as connection_entry_t's. - */ - linked_list_t *connections; - - /** * Assigned logger_t object in charon. */ logger_t *logger; @@ -102,11 +79,6 @@ struct private_stroke_t { * Read from the socket and handle stroke messages */ void (*stroke_receive) (private_stroke_t *this); - - /** - * find a connection in the config list by name - */ - connection_t *(*get_connection_by_name) (private_stroke_t *this, char *name); }; /** @@ -147,7 +119,6 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) host_t *my_host, *other_host, *my_subnet, *other_subnet; proposal_t *proposal; traffic_selector_t *my_ts, *other_ts; - connection_entry_t *entry; x509_t *cert; pop_string(msg, &msg->add_conn.name); @@ -291,7 +262,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) } } - connection = connection_create(my_host, other_host, my_id->clone(my_id), other_id->clone(other_id), + connection = connection_create(msg->add_conn.name, + my_host, other_host, + my_id->clone(my_id), other_id->clone(other_id), RSA_DIGITAL_SIGNATURE); proposal = proposal_create(1); proposal->add_algorithm(proposal, PROTO_IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); @@ -305,11 +278,6 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0); proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0); connection->add_proposal(connection, proposal); - /* add in our list, so we can manipulate the connection further via name */ - entry = malloc_thing(connection_entry_t); - entry->name = strdup(msg->add_conn.name); - entry->connection = connection; - this->connections->insert_last(this->connections, entry); /* add to global connection list */ charon->connections->add_connection(charon->connections, connection); @@ -337,7 +305,7 @@ static void stroke_initiate(private_stroke_t *this, stroke_msg_t *msg) pop_string(msg, &(msg->initiate.name)); this->logger->log(this->logger, CONTROL, "received stroke: initiate \"%s\"", msg->initiate.name); - connection = this->get_connection_by_name(this, msg->initiate.name); + connection = charon->connections->get_connection_by_name(charon->connections, msg->initiate.name); if (connection == NULL) { this->stroke_logger->log(this->stroke_logger, ERROR, "could not find a connection named \"%s\"", msg->initiate.name); @@ -361,13 +329,15 @@ static void stroke_terminate(private_stroke_t *this, stroke_msg_t *msg) pop_string(msg, &(msg->terminate.name)); this->logger->log(this->logger, CONTROL, "received stroke: terminate \"%s\"", msg->terminate.name); - connection = this->get_connection_by_name(this, msg->terminate.name); + connection = charon->connections->get_connection_by_name(charon->connections, msg->terminate.name); if (connection) { my_host = connection->get_my_host(connection); other_host = connection->get_other_host(connection); + /* TODO: Do this directly by name now */ + /* TODO: terminate any instance of the name */ status = charon->ike_sa_manager->checkout_by_hosts(charon->ike_sa_manager, my_host, other_host, &ike_sa); @@ -396,31 +366,11 @@ static void stroke_terminate(private_stroke_t *this, stroke_msg_t *msg) */ static void stroke_status(private_stroke_t *this, stroke_msg_t *msg) { - linked_list_t *list; - iterator_t *iterator; - status_t status; - - - list = charon->ike_sa_manager->get_ike_sa_list(charon->ike_sa_manager); - iterator = list->create_iterator(list, TRUE); - while (iterator->has_next(iterator)) - { - ike_sa_id_t *ike_sa_id; - ike_sa_t *ike_sa; - iterator->current(iterator, (void**)&ike_sa_id); - /* TODO: A log_status method (as in IKE_SA/CHILD_SA) would be better than checking - * out every single IKE... - */ - status = charon->ike_sa_manager->checkout(charon->ike_sa_manager, ike_sa_id, &ike_sa); - if (status == SUCCESS) - { - ike_sa->log_status(ike_sa, this->stroke_logger); - charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); - } - ike_sa_id->destroy(ike_sa_id); + if (msg->status.name) + { + pop_string(msg, &(msg->status.name)); } - iterator->destroy(iterator); - list->destroy(list); + charon->ike_sa_manager->log_status(charon->ike_sa_manager, this->stroke_logger, msg->status.name); } logger_context_t get_context(char *context) @@ -607,6 +557,12 @@ static void stroke_receive(private_stroke_t *this) stroke_status(this, msg); break; } + case STR_STATUS_ALL: + { + this->stroke_logger->enable_level(this->stroke_logger, LEVEL1); + stroke_status(this, msg); + break; + } case STR_ADD_CONN: { stroke_add_conn(this, msg); @@ -632,50 +588,14 @@ static void stroke_receive(private_stroke_t *this) } } - -/** - * Implementation of private_stroke_t.get_connection_by_name. - */ -static connection_t *get_connection_by_name(private_stroke_t *this, char *name) -{ - iterator_t *iterator; - connection_t *found = NULL; - - iterator = this->connections->create_iterator(this->connections, TRUE); - while (iterator->has_next(iterator)) - { - connection_entry_t *entry; - iterator->current(iterator,(void **) &entry); - - if (strcmp(entry->name,name) == 0) - { - /* found configuration */ - found = entry->connection; - break; - } - } - iterator->destroy(iterator); - - return found; -} - /** * Implementation of stroke_t.destroy. */ static void destroy(private_stroke_t *this) { - connection_entry_t *entry; pthread_cancel(this->assigned_thread); pthread_join(this->assigned_thread, NULL); - - while (this->connections->remove_first(this->connections, (void **)&entry) == SUCCESS) - { - /* connection is destroyed by global list */ - free(entry->name); - free(entry); - } - this->connections->destroy(this->connections); close(this->socket); unlink(socket_addr.sun_path); @@ -696,7 +616,6 @@ stroke_t *stroke_create() /* private functions */ this->stroke_receive = stroke_receive; - this->get_connection_by_name = get_connection_by_name; this->logger = logger_manager->get_logger(logger_manager, CONFIG); @@ -738,8 +657,5 @@ stroke_t *stroke_create() return NULL; } - /* private variables */ - this->connections = linked_list_create(); - return (&this->public); } diff --git a/Source/lib/Makefile.lib b/Source/lib/Makefile.lib index 0e8c359bd..80a44ff69 100644 --- a/Source/lib/Makefile.lib +++ b/Source/lib/Makefile.lib @@ -14,6 +14,10 @@ LIB_DIR= $(MAIN_DIR)lib/ +include $(MAIN_DIR)lib/utils/Makefile.utils +include $(MAIN_DIR)lib/crypto/Makefile.transforms +include $(MAIN_DIR)lib/asn1/Makefile.asn1 + LIB_OBJS+= $(BUILD_DIR)types.o $(BUILD_DIR)types.o : $(LIB_DIR)types.c $(LIB_DIR)types.h $(CC) $(CFLAGS) -c -o $@ $< @@ -25,7 +29,3 @@ $(BUILD_DIR)definitions.o : $(LIB_DIR)definitions.c $(LIB_DIR)definitions.h LIB_OBJS+= $(BUILD_DIR)library.o $(BUILD_DIR)library.o : $(LIB_DIR)library.c $(LIB_DIR)library.h $(CC) $(CFLAGS) -c -o $@ $< - -include $(MAIN_DIR)lib/crypto/Makefile.transforms -include $(MAIN_DIR)lib/utils/Makefile.utils -include $(MAIN_DIR)lib/asn1/Makefile.asn1 diff --git a/Source/lib/utils/Makefile.utils b/Source/lib/utils/Makefile.utils index 9b6eac7bf..1c82283d7 100644 --- a/Source/lib/utils/Makefile.utils +++ b/Source/lib/utils/Makefile.utils @@ -14,6 +14,9 @@ UTILS_DIR= $(LIB_DIR)utils/ +LIB_OBJS+= $(BUILD_DIR)leak_detective.o +$(BUILD_DIR)leak_detective.o : $(UTILS_DIR)leak_detective.c $(UTILS_DIR)leak_detective.h + $(CC) $(CFLAGS) -c -o $@ $< LIB_OBJS+= $(BUILD_DIR)linked_list.o $(BUILD_DIR)linked_list.o : $(UTILS_DIR)linked_list.c $(UTILS_DIR)linked_list.h @@ -41,8 +44,4 @@ $(BUILD_DIR)identification.o : $(UTILS_DIR)identification.c $(UTILS_DIR)identifi LIB_OBJS+= $(BUILD_DIR)host.o $(BUILD_DIR)host.o : $(UTILS_DIR)host.c $(UTILS_DIR)host.h - $(CC) $(CFLAGS) -c -o $@ $< - -LIB_OBJS+= $(BUILD_DIR)leak_detective.o -$(BUILD_DIR)leak_detective.o : $(UTILS_DIR)leak_detective.c $(UTILS_DIR)leak_detective.h $(CC) $(CFLAGS) -c -o $@ $<
\ No newline at end of file diff --git a/Source/lib/utils/leak_detective.c b/Source/lib/utils/leak_detective.c index 06d8916ac..a6a5c9a91 100644 --- a/Source/lib/utils/leak_detective.c +++ b/Source/lib/utils/leak_detective.c @@ -253,7 +253,7 @@ void free_hook(void *ptr, const void *caller) { pthread_mutex_unlock(&mutex); /* TODO: since pthread_join cannot be excluded cleanly, we are not whining about bad frees */ - return; + //return; logger->log(logger, ERROR, "freeing of invalid memory (%p)", ptr); stack_frame_count = backtrace(stack_frames, STACK_FRAMES_COUNT); log_stack_frames(stack_frames, stack_frame_count); @@ -323,8 +323,8 @@ void leak_detective_init() */ void leak_detective_cleanup() { - report_leaks(); uninstall_hooks(); + report_leaks(); } @@ -348,6 +348,7 @@ struct excluded_function { {"libpthread.so.0", "_pthread_cleanup_pop", NULL, NULL}, {"libc.so.6", "mktime", NULL, NULL}, {"libc.so.6", "vsyslog", NULL, NULL}, + {"libc.so.6", "strerror", NULL, NULL}, }; #define INET_NTOA 0 #define PTHREAD_CREATE 1 @@ -357,6 +358,7 @@ struct excluded_function { #define PTHREAD_CLEANUP_POP 5 #define MKTIME 6 #define VSYSLOG 7 +#define STRERROR 8 /** @@ -402,120 +404,137 @@ char *inet_ntoa(struct in_addr in) return result; } -int pthread_create(pthread_t *__restrict __threadp, __const pthread_attr_t *__restrict __attr, - void *(*__start_routine) (void *), void *__restrict __arg) -{ - int (*_pthread_create) (pthread_t *__restrict __threadp, - __const pthread_attr_t *__restrict __attr, - void *(*__start_routine) (void *), - void *__restrict __arg) = excluded_functions[PTHREAD_CREATE].lib_function; - int result; - - pthread_mutex_lock(&mutex); - uninstall_hooks(); - - result = _pthread_create(__threadp, __attr, __start_routine, __arg); - - install_hooks(); - pthread_mutex_unlock(&mutex); - return result; -} +// int pthread_create(pthread_t *__restrict __threadp, __const pthread_attr_t *__restrict __attr, +// void *(*__start_routine) (void *), void *__restrict __arg) +// { +// int (*_pthread_create) (pthread_t *__restrict __threadp, +// __const pthread_attr_t *__restrict __attr, +// void *(*__start_routine) (void *), +// void *__restrict __arg) = excluded_functions[PTHREAD_CREATE].lib_function; +// int result; +// +// pthread_mutex_lock(&mutex); +// uninstall_hooks(); +// +// result = _pthread_create(__threadp, __attr, __start_routine, __arg); +// +// install_hooks(); +// pthread_mutex_unlock(&mutex); +// return result; +// } +// +// +// int pthread_cancel(pthread_t __th) +// { +// int (*_pthread_cancel) (pthread_t) = excluded_functions[PTHREAD_CANCEL].lib_function; +// int result; +// +// pthread_mutex_lock(&mutex); +// uninstall_hooks(); +// +// result = _pthread_cancel(__th); +// +// install_hooks(); +// pthread_mutex_unlock(&mutex); +// return result; +// } +// +// /* TODO: join has probs, since it dellocates memory +// * allocated (somewhere) with leak_detective :-(. +// * We should exclude all pthread_ functions to fix it !? */ +// int pthread_join(pthread_t __th, void **__thread_return) +// { +// int (*_pthread_join) (pthread_t, void **) = excluded_functions[PTHREAD_JOIN].lib_function; +// int result; +// +// pthread_mutex_lock(&mutex); +// uninstall_hooks(); +// +// result = _pthread_join(__th, __thread_return); +// +// install_hooks(); +// pthread_mutex_unlock(&mutex); +// return result; +// } +// +// void _pthread_cleanup_push (struct _pthread_cleanup_buffer *__buffer, +// void (*__routine) (void *), +// void *__arg) +// { +// int (*__pthread_cleanup_push) (struct _pthread_cleanup_buffer *__buffer, +// void (*__routine) (void *), +// void *__arg) = +// excluded_functions[PTHREAD_CLEANUP_PUSH].lib_function; +// +// pthread_mutex_lock(&mutex); +// uninstall_hooks(); +// +// __pthread_cleanup_push(__buffer, __routine, __arg); +// +// install_hooks(); +// pthread_mutex_unlock(&mutex); +// return; +// } +// +// void _pthread_cleanup_pop (struct _pthread_cleanup_buffer *__buffer, int __execute) +// { +// int (*__pthread_cleanup_pop) (struct _pthread_cleanup_buffer *__buffer, int __execute) = +// excluded_functions[PTHREAD_CLEANUP_POP].lib_function; +// +// pthread_mutex_lock(&mutex); +// uninstall_hooks(); +// +// __pthread_cleanup_pop(__buffer, __execute); +// +// install_hooks(); +// pthread_mutex_unlock(&mutex); +// return; +// } - -int pthread_cancel(pthread_t __th) +time_t mktime(struct tm *tm) { - int (*_pthread_cancel) (pthread_t) = excluded_functions[PTHREAD_CANCEL].lib_function; - int result; - - pthread_mutex_lock(&mutex); - uninstall_hooks(); - - result = _pthread_cancel(__th); - - install_hooks(); - pthread_mutex_unlock(&mutex); - return result; -} + time_t (*_mktime)(struct tm *tm) = excluded_functions[MKTIME].lib_function; + time_t result; -/* TODO: join has probs, since it dellocates memory - * allocated (somewhere) with leak_detective :-(. - * We should exclude all pthread_ functions to fix it !? -int pthread_join(pthread_t __th, void **__thread_return) -{ - int (*_pthread_join) (pthread_t, void **) = excluded_functions[PTHREAD_JOIN].lib_function; - int result; - pthread_mutex_lock(&mutex); uninstall_hooks(); - - result = _pthread_join(__th, __thread_return); + + result = _mktime(tm); install_hooks(); pthread_mutex_unlock(&mutex); return result; } -void _pthread_cleanup_push (struct _pthread_cleanup_buffer *__buffer, - void (*__routine) (void *), - void *__arg) +void vsyslog (int __pri, __const char *__fmt, __gnuc_va_list __ap) { - int (*__pthread_cleanup_push) (struct _pthread_cleanup_buffer *__buffer, - void (*__routine) (void *), - void *__arg) = - excluded_functions[PTHREAD_CLEANUP_PUSH].lib_function; - + void (*_vsyslog) (int __pri, __const char *__fmt, __gnuc_va_list __ap) = excluded_functions[VSYSLOG].lib_function; + pthread_mutex_lock(&mutex); uninstall_hooks(); - __pthread_cleanup_push(__buffer, __routine, __arg); + _vsyslog(__pri, __fmt, __ap); install_hooks(); pthread_mutex_unlock(&mutex); return; } - -void _pthread_cleanup_pop (struct _pthread_cleanup_buffer *__buffer, int __execute) -{ - int (*__pthread_cleanup_pop) (struct _pthread_cleanup_buffer *__buffer, int __execute) = - excluded_functions[PTHREAD_CLEANUP_POP].lib_function; - - pthread_mutex_lock(&mutex); - uninstall_hooks(); - - __pthread_cleanup_pop(__buffer, __execute); - - install_hooks(); - pthread_mutex_unlock(&mutex); - return; -}*/ -time_t mktime(struct tm *tm) -{ - time_t (*_mktime)(struct tm *tm) = excluded_functions[MKTIME].lib_function; - time_t result; - pthread_mutex_lock(&mutex); - uninstall_hooks(); - - result = _mktime(tm); - - install_hooks(); - pthread_mutex_unlock(&mutex); - return result; -} -void vsyslog (int __pri, __const char *__fmt, __gnuc_va_list __ap) +char *strerror(int errnum) { - void (*_vsyslog) (int __pri, __const char *__fmt, __gnuc_va_list __ap) = excluded_functions[VSYSLOG].lib_function; + char* (*_strerror) (int) = excluded_functions[STRERROR].lib_function; + char *result; pthread_mutex_lock(&mutex); uninstall_hooks(); - _vsyslog(__pri, __fmt, __ap); + result = _strerror(errnum); install_hooks(); pthread_mutex_unlock(&mutex); - return; + return result; } #endif /* LEAK_DETECTION */ diff --git a/Source/patches/strongswan-2.6.4.patch b/Source/patches/strongswan-2.6.4.patch index ce6fe631f..9358efcd5 100644 --- a/Source/patches/strongswan-2.6.4.patch +++ b/Source/patches/strongswan-2.6.4.patch @@ -65,13 +65,13 @@ diff -Naur strongswan-2.6.4/programs/ipsec/ipsec.in strongswan-2.6.4-charon/prog $IPSEC_EXECDIR/whack "--$op" + if test -e $IPSEC_EXECDIR/stroke + then -+ $IPSEC_EXECDIR/stroke status ++ $IPSEC_EXECDIR/stroke "$op" + fi else $IPSEC_EXECDIR/whack --name "$1" "--$op" + if test -e $IPSEC_EXECDIR/stroke + then -+ $IPSEC_EXECDIR/stroke status ++ $IPSEC_EXECDIR/stroke "$op" "$1" + fi fi exit 0 diff --git a/Source/stroke/stroke.c b/Source/stroke/stroke.c index e4876ced0..9ecda0413 100644 --- a/Source/stroke/stroke.c +++ b/Source/stroke/stroke.c @@ -146,13 +146,21 @@ static int terminate_connection(char *name) return res; } -static int show_status() +static int show_status(char *mode, char *connection) { stroke_msg_t *msg = malloc(sizeof(stroke_msg_t)); int res; msg->length = sizeof(stroke_msg_t); - msg->type = STR_STATUS; + if (strcmp(mode, "statusall") == 0) + { + msg->type = STR_STATUS_ALL; + } + else + { + msg->type = STR_STATUS; + } + msg->status.name = push_string(&msg, connection); res = send_stroke_msg(msg); free(msg); return res; @@ -240,7 +248,7 @@ int main(int argc, char *argv[]) if (strcmp(argv[1], "status") == 0 || strcmp(argv[1], "statusall") == 0) { - res = show_status(); + res = show_status(argv[1], argc > 2 ? argv[2] : NULL); } else if (strcmp(argv[1], "up") == 0) diff --git a/Source/stroke/stroke.h b/Source/stroke/stroke.h index abafe79e9..cb40cf843 100644 --- a/Source/stroke/stroke.h +++ b/Source/stroke/stroke.h @@ -51,6 +51,8 @@ struct stroke_msg_t { STR_TERMINATE, /* show connection status */ STR_STATUS, + /* show verbose connection status */ + STR_STATUS_ALL, /* set a log type to log/not log */ STR_LOGTYPE, /* set the verbosity of a logging context */ @@ -61,7 +63,7 @@ struct stroke_msg_t { /* data for STR_INITIATE, STR_INSTALL, STR_UP, STR_DOWN */ struct { char *name; - } initiate, install, terminate; + } initiate, install, terminate, status; /* data for STR_ADD_CONN */ struct { char *name; diff --git a/Source/testing/Makefile.testcases b/Source/testing/Makefile.testcases index 49ec84a95..5a261a799 100644 --- a/Source/testing/Makefile.testcases +++ b/Source/testing/Makefile.testcases @@ -86,10 +86,6 @@ TEST_OBJS+= $(BUILD_DIR)packet_test.o $(BUILD_DIR)packet_test.o : $(TESTCASES_DIR)packet_test.c $(TESTCASES_DIR)packet_test.h $(CC) $(CFLAGS) -c -o $@ $< -TEST_OBJS+= $(BUILD_DIR)receiver_test.o -$(BUILD_DIR)receiver_test.o : $(TESTCASES_DIR)receiver_test.c $(TESTCASES_DIR)receiver_test.h - $(CC) $(CFLAGS) -c -o $@ $< - TEST_OBJS+= $(BUILD_DIR)ike_sa_test.o $(BUILD_DIR)ike_sa_test.o : $(TESTCASES_DIR)ike_sa_test.c $(TESTCASES_DIR)ike_sa_test.h $(CC) $(CFLAGS) -c -o $@ $< diff --git a/Source/testing/receiver_test.c b/Source/testing/receiver_test.c deleted file mode 100644 index 763e52517..000000000 --- a/Source/testing/receiver_test.c +++ /dev/null @@ -1,89 +0,0 @@ -/** - * @file receiver_test.c - * - * @brief Tests for the receiver_t class. - * - */ - -/* - * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <string.h> -#include <unistd.h> - -#include "receiver_test.h" - -#include <daemon.h> -#include <threads/receiver.h> -#include <network/packet.h> -#include <network/socket.h> -#include <queues/send_queue.h> -#include <queues/job_queue.h> -#include <queues/jobs/incoming_packet_job.h> -#include <encoding/payloads/encodings.h> - -/** - * Number of packets to send by sender-thread - */ -#define NUMBER_OF_PACKETS_TO_SEND 100 - -/** - * Port to send the packets to - */ -#define PORT_TO_SEND 4600 - -/** - * Destination IP Address - */ -#define DESTINATION_IP "127.0.0.1" - -void test_receiver(protected_tester_t *tester) -{ - int i; - receiver_t *receiver; - packet_t *packet; - job_t *job; - packet_t *received_packet; - receiver = receiver_create(); - chunk_t test_data; - - for (i = 0; i < NUMBER_OF_PACKETS_TO_SEND; i++) - { - packet = packet_create(); - packet->set_destination(packet, host_create(AF_INET,DESTINATION_IP,PORT_TO_SEND)); - test_data.len = (sizeof(int)); - test_data.ptr = malloc(test_data.len); - *((int *) (test_data.ptr)) = i; - packet->set_data(packet, test_data); - charon->socket->send(charon->socket, packet); - packet->destroy(packet); - } - - for (i = 0; i < NUMBER_OF_PACKETS_TO_SEND; i++) - { - job = charon->job_queue->get(charon->job_queue); - tester->assert_true(tester, (job->get_type(job) == INCOMING_PACKET), "job type check"); - - received_packet = ((incoming_packet_job_t *)(job))->get_packet((incoming_packet_job_t *)(job)); - test_data = received_packet->get_data(received_packet); - tester->assert_true(tester, (test_data.len == (sizeof(int))), "received data length check"); - tester->assert_true(tester, (i == *((int *)(test_data.ptr))), "received data value check"); - received_packet->destroy(received_packet); - - job->destroy(job); - } - - receiver->destroy(receiver); -} diff --git a/Source/testing/receiver_test.h b/Source/testing/receiver_test.h deleted file mode 100644 index 59b87df16..000000000 --- a/Source/testing/receiver_test.h +++ /dev/null @@ -1,37 +0,0 @@ -/** - * @file receiver_test.h - * - * @brief Tests for the receiver_t class. - * - */ - -/* - * Copyright (C) 2005 Jan Hutter, Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#ifndef RECEIVER_TEST_H_ -#define RECEIVER_TEST_H_ - -#include <utils/tester.h> - -/** - * @brief Test function for the type receiver_t. - * - * @param tester tester object - * - * @ingroup testcases - */ -void test_receiver(protected_tester_t *tester); - -#endif /*RECEIVER_TEST_H_*/ diff --git a/Source/testing/sender_test.c b/Source/testing/sender_test.c index 4559de0f4..391d71fbc 100644 --- a/Source/testing/sender_test.c +++ b/Source/testing/sender_test.c @@ -30,50 +30,59 @@ #include <network/socket.h> #include <queues/send_queue.h> #include <queues/job_queue.h> +#include <queues/jobs/incoming_packet_job.h> /** * Number of packets to send by sender-thread */ -#define NUMBER_OF_PACKETS_TO_SEND 50 - -/** - * Port to send the packets to - */ -#define PORT_TO_SEND 4600 - -/** - * Destination IP Address - */ -#define DESTINATION_IP "127.0.0.1" +#define NUMBER_OF_PACKETS_TO_SEND 5 void test_sender(protected_tester_t *tester) { int i; sender_t *sender; + receiver_t *receiver; + job_t *job; packet_t *packet; - packet_t *received_packet; - chunk_t packet_data; + packet_t *received_packet; + char test_data[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x03, /* spi */ + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x05, /* spi */ + 0x05, /* next payload */ + 0x20, /* IKE version */ + 0x00, /* exchange type */ + 0x00, /* flags */ + 0x00,0x00,0x00,0x01, /* message id */ + 0x00,0x00,0x00,0x24, /* length */ + 0x12,0x34,0x56,0x67, /* some data */ + 0x12,0x34,0x56,0x67, + }; + chunk_t data = chunk_from_buf(test_data); + chunk_t received; sender = sender_create(); + receiver = receiver_create(); for (i = 0; i < NUMBER_OF_PACKETS_TO_SEND; i++) { packet = packet_create(AF_INET); - packet->set_destination(packet, host_create(AF_INET,DESTINATION_IP,PORT_TO_SEND)); - packet_data.len = ( sizeof(int)); - packet_data.ptr = malloc(packet_data.len); - *((int *) (packet_data.ptr)) = i; - packet->set_data(packet, packet_data); + packet->set_destination(packet, host_create(AF_INET, "127.0.0.1", 500)); + packet->set_source(packet, host_create(AF_INET, "127.0.0.1", 500)); + packet->set_data(packet, chunk_clone(data)); charon->send_queue->add(charon->send_queue,packet); } for (i = 0; i < NUMBER_OF_PACKETS_TO_SEND; i++) { - charon->socket->receive(charon->socket,&received_packet); - packet_data = received_packet->get_data(received_packet); - tester->assert_true(tester, (packet_data.len == (sizeof(int))), "received data length check"); - tester->assert_true(tester, (i == *((int *)(packet_data.ptr))), "received data value check"); + job = charon->job_queue->get(charon->job_queue); + tester->assert_true(tester, (job->get_type(job) == INCOMING_PACKET), "job type check"); + received_packet = ((incoming_packet_job_t *)(job))->get_packet((incoming_packet_job_t *)(job)); + received = received_packet->get_data(received_packet); + tester->assert_true(tester, received.len == data.len, "received data length check"); + tester->assert_true(tester, memcmp(received.ptr, data.ptr, data.len) == 0, "received data value check"); received_packet->destroy(received_packet); + job->destroy(job); } sender->destroy(sender); + receiver->destroy(receiver); } diff --git a/Source/testing/socket_test.c b/Source/testing/socket_test.c index e3fbca452..9ae1b0fbc 100644 --- a/Source/testing/socket_test.c +++ b/Source/testing/socket_test.c @@ -26,44 +26,54 @@ #include "socket_test.h" #include <network/socket.h> +#include <utils/logger.h> /* * Description in header file */ void test_socket(protected_tester_t *tester) { - int packet_count = 5; + int packet_count = 10; int current; - socket_t *skt = socket_create(4500); + socket_t *skt = socket_create(500); packet_t *pkt = packet_create(AF_INET); - char *test_string = "Testing functionality of socket_t"; - chunk_t data; - - - data.ptr = malloc(strlen(test_string) + 1); - memcpy(data.ptr,test_string,strlen(test_string) + 1); - data.len = strlen(test_string) + 1; + char test_data[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x03, /* spi */ + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x05, /* spi */ + 0x05, /* next payload */ + 0x20, /* IKE version */ + 0x00, /* exchange type */ + 0x00, /* flags */ + 0x00,0x00,0x00,0x01, /* message id */ + 0x00,0x00,0x00,0x24, /* length */ + 0x12,0x34,0x56,0x67, /* some data */ + 0x12,0x34,0x56,0x67, + }; + chunk_t data = chunk_from_buf(test_data); + chunk_t received; /* send to previously bound socket */ - pkt->set_destination(pkt, host_create(AF_INET, "127.0.0.1", 4500)); - pkt->set_data(pkt, data); + pkt->set_destination(pkt, host_create(AF_INET, "127.0.0.1", 500)); + pkt->set_source(pkt, host_create(AF_INET, "127.0.0.1", 500)); + pkt->set_data(pkt, chunk_clone(data)); /* send packet_count packets */ for (current = 0; current < packet_count; current++) - { + { if (skt->send(skt, pkt) == FAILED) { tester->assert_true(tester, 0, "packet send"); } } pkt->destroy(pkt); + /* receive packet_count packets */ for (current = 0; current < packet_count; current++) { skt->receive(skt, &pkt); - data = pkt->get_data(pkt); - tester->assert_false(tester, strcmp(test_string, data.ptr), "packet exchange"); + received = pkt->get_data(pkt); + tester->assert_false(tester, memcmp(received.ptr, data.ptr, max(received.len, data.len)), "packet exchange"); pkt->destroy(pkt); } diff --git a/Source/testing/testcases.c b/Source/testing/testcases.c index 72ba52c3f..e4d92becf 100644 --- a/Source/testing/testcases.c +++ b/Source/testing/testcases.c @@ -41,7 +41,6 @@ #include "socket_test.h" #include "sender_test.h" #include "scheduler_test.h" -#include "receiver_test.h" #include "ike_sa_id_test.h" #include "ike_sa_test.h" #include "ike_sa_manager_test.h" @@ -78,7 +77,6 @@ test_t socket_test = {test_socket,"Socket"}; test_t thread_pool_test = {test_thread_pool,"Thread Pool"}; test_t sender_test = {test_sender,"Sender"}; test_t scheduler_test = {test_scheduler,"Scheduler"}; -test_t receiver_test = {test_receiver,"Receiver"}; test_t ike_sa_id_test = {test_ike_sa_id,"IKE_SA-Identifier"}; test_t ike_sa_test = {test_ike_sa,"IKE_SA"}; test_t ike_sa_manager_test = {test_ike_sa_manager, "IKE_SA-Manager"}; @@ -161,7 +159,7 @@ daemon_t *daemon_create() /* assign methods */ charon->kill = daemon_kill; - //charon->socket = socket_create(4510); + charon->socket = socket_create(500); charon->ike_sa_manager = ike_sa_manager_create(); charon->job_queue = job_queue_create(); charon->event_queue = event_queue_create(); @@ -192,7 +190,6 @@ int main() &scheduler_test, &socket_test, &sender_test, - &receiver_test, &ike_sa_id_test, &ike_sa_test, &generator_test1, @@ -254,8 +251,8 @@ int main() tester_t *tester = tester_create(test_output, FALSE); - //tester->perform_tests(tester,all_tests); - tester->perform_test(tester,&certificate_test); + tester->perform_tests(tester,all_tests); + //tester->perform_test(tester,&sender_test); tester->destroy(tester); |