diff options
Diffstat (limited to 'src/charon/encoding')
28 files changed, 974 insertions, 1244 deletions
diff --git a/src/charon/encoding/generator.c b/src/charon/encoding/generator.c index 34e87fadb..392a4602d 100644 --- a/src/charon/encoding/generator.c +++ b/src/charon/encoding/generator.c @@ -32,7 +32,6 @@ #include <types.h> #include <daemon.h> #include <utils/linked_list.h> -#include <utils/logger_manager.h> #include <encoding/payloads/payload.h> #include <encoding/payloads/proposal_substructure.h> #include <encoding/payloads/transform_substructure.h> @@ -222,24 +221,19 @@ struct private_generator_t { */ u_int8_t last_spi_size; - /* + /** * Attribute format of the last generated transform attribute. - * + * * Used to check if a variable value field is used or not for * the transform attribute value. */ bool attribute_format; - /* + /** * Depending on the value of attribute_format this field is used * to hold the length of the transform attribute in bytes. */ u_int16_t attribute_length; - - /** - * Associated Logger. - */ - logger_t *logger; }; /** @@ -312,16 +306,16 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t break; default: - this->logger->log(this->logger, ERROR, "U_INT Type %s is not supported", - mapping_find(encoding_type_m,int_type)); + DBG1(SIG_DBG_ENC, "U_INT Type %N is not supported", + encoding_type_names, int_type); return; } /* U_INT Types of multiple then 8 bits must be aligned */ if (((number_of_bits % 8) == 0) && (this->current_bit != 0)) { - this->logger->log(this->logger, ERROR, "U_INT Type %s is not 8 Bit aligned", - mapping_find(encoding_type_m,int_type)); + DBG1(SIG_DBG_ENC, "U_INT Type %N is not 8 Bit aligned", + encoding_type_names, int_type); /* current bit has to be zero for values multiple of 8 bits */ return; } @@ -341,7 +335,7 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t u_int8_t low_val = *(this->out_position) & 0x0F; /* highval is set, low_val is not changed */ *(this->out_position) = high_val | low_val; - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *(this->out_position)); + DBG3(SIG_DBG_ENC, " => %d", *(this->out_position)); /* write position is not changed, just bit position is moved */ this->current_bit = 4; } @@ -352,14 +346,14 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t /* lowval of current byte in buffer has to be set to the new value*/ u_int low_val = *((u_int8_t *)(this->data_struct + offset)) & 0x0F; *(this->out_position) = high_val | low_val; - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *(this->out_position)); + DBG3(SIG_DBG_ENC, " => %d", *(this->out_position)); this->out_position++; this->current_bit = 0; } else { - this->logger->log(this->logger, ERROR, "U_INT_4 Type is not 4 Bit aligned"); + DBG1(SIG_DBG_ENC, "U_INT_4 Type is not 4 Bit aligned"); /* 4 Bit integers must have a 4 bit alignment */ return; }; @@ -370,7 +364,7 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t { /* 8 bit values are written as they are */ *this->out_position = *((u_int8_t *)(this->data_struct + offset)); - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *(this->out_position)); + DBG3(SIG_DBG_ENC, " => %d", *(this->out_position)); this->out_position++; break; @@ -380,7 +374,7 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t /* attribute type must not change first bit uf current byte ! */ if (this->current_bit != 1) { - this->logger->log(this->logger, ERROR, "ATTRIBUTE FORMAT flag is not set"); + DBG1(SIG_DBG_ENC, "ATTRIBUTE FORMAT flag is not set"); /* first bit has to be set! */ return; } @@ -392,7 +386,7 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t int16_val = int16_val & 0xFF7F; int16_val = int16_val | attribute_format_flag; - this->logger->log(this->logger, RAW|LEVEL2, " => %d", int16_val); + DBG3(SIG_DBG_ENC, " => %d", int16_val); /* write bytes to buffer (set bit is overwritten)*/ this->write_bytes_to_buffer(this,&int16_val,sizeof(u_int16_t)); this->current_bit = 0; @@ -403,14 +397,14 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t case CONFIGURATION_ATTRIBUTE_LENGTH: { u_int16_t int16_val = htons(*((u_int16_t*)(this->data_struct + offset))); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)&int16_val, sizeof(int16_val)); + DBG3(SIG_DBG_ENC, " => %b", (void*)&int16_val, sizeof(int16_val)); this->write_bytes_to_buffer(this,&int16_val,sizeof(u_int16_t)); break; } case U_INT_32: { u_int32_t int32_val = htonl(*((u_int32_t*)(this->data_struct + offset))); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)&int32_val, sizeof(int32_val)); + DBG3(SIG_DBG_ENC, " => %b", (void*)&int32_val, sizeof(int32_val)); this->write_bytes_to_buffer(this,&int32_val,sizeof(u_int32_t)); break; } @@ -419,8 +413,9 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t /* 64 bit integers are written as two 32 bit integers */ u_int32_t int32_val_low = htonl(*((u_int32_t*)(this->data_struct + offset))); u_int32_t int32_val_high = htonl(*((u_int32_t*)(this->data_struct + offset) + 1)); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " => (low)", (void*)&int32_val_low, sizeof(int32_val_low)); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " => (high)", (void*)&int32_val_high, sizeof(int32_val_high)); + DBG3(SIG_DBG_ENC, " => %b %b", + (void*)&int32_val_low, sizeof(int32_val_low), + (void*)&int32_val_high, sizeof(int32_val_high)); /* TODO add support for big endian machines */ this->write_bytes_to_buffer(this,&int32_val_high,sizeof(u_int32_t)); this->write_bytes_to_buffer(this,&int32_val_low,sizeof(u_int32_t)); @@ -431,12 +426,13 @@ static void generate_u_int_type (private_generator_t *this,encoding_type_t int_t { /* 64 bit are written as they come :-) */ this->write_bytes_to_buffer(this,(this->data_struct + offset),sizeof(u_int64_t)); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)(this->data_struct + offset), sizeof(u_int64_t)); + DBG3(SIG_DBG_ENC, " => %b", (void*)(this->data_struct + offset), sizeof(u_int64_t)); break; } default: { - this->logger->log(this->logger, ERROR, "U_INT Type %s is not supported", mapping_find(encoding_type_m,int_type)); + DBG1(SIG_DBG_ENC, "U_INT Type %N is not supported", + encoding_type_names, int_type); return; } } @@ -450,7 +446,7 @@ static void generate_reserved_field(private_generator_t *this,int bits) /* only one bit or 8 bit fields are supported */ if ((bits != 1) && (bits != 8)) { - this->logger->log(this->logger, ERROR, "Reserved field of %d bits cannot be generated", bits); + DBG1(SIG_DBG_ENC, "reserved field of %d bits cannot be generated", bits); return ; } /* make sure enough space is available in buffer */ @@ -480,9 +476,8 @@ static void generate_reserved_field(private_generator_t *this,int bits) /* one byte processing*/ if (this->current_bit > 0) { - this->logger->log(this->logger, ERROR, - "Reserved field cannot be written cause allignement of current bit is %d", - this->current_bit); + DBG1(SIG_DBG_ENC, "reserved field cannot be written cause " + "alignement of current bit is %d", this->current_bit); return; } *(this->out_position) = 0x00; @@ -516,7 +511,7 @@ static void generate_flag (private_generator_t *this,u_int32_t offset) *(this->out_position) = *(this->out_position) | flag; - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *(this->out_position)); + DBG3(SIG_DBG_ENC, " => %d", *(this->out_position)); this->current_bit++; if (this->current_bit >= 8) @@ -533,14 +528,14 @@ static void generate_from_chunk (private_generator_t *this,u_int32_t offset) { if (this->current_bit != 0) { - this->logger->log(this->logger, ERROR, "can not generate a chunk at Bitpos %d", this->current_bit); + DBG1(SIG_DBG_ENC, "can not generate a chunk at Bitpos %d", this->current_bit); return ; } /* position in buffer */ chunk_t *attribute_value = (chunk_t *)(this->data_struct + offset); - this->logger->log_chunk(this->logger, RAW|LEVEL2, " =>", *attribute_value); + DBG3(SIG_DBG_ENC, " => %B", attribute_value); /* use write_bytes_to_buffer function to do the job */ this->write_bytes_to_buffer(this,attribute_value->ptr,attribute_value->len); @@ -558,8 +553,8 @@ static void make_space_available (private_generator_t *this, size_t bits) size_t new_buffer_size = old_buffer_size + GENERATOR_DATA_BUFFER_INCREASE_VALUE; size_t out_position_offset = ((this->out_position) - (this->buffer)); - this->logger->log(this->logger, CONTROL|LEVEL3, "increased gen buffer from %d to %d byte", - old_buffer_size, new_buffer_size); + DBG2(SIG_DBG_ENC, "increased gen buffer from %d to %d byte", + old_buffer_size, new_buffer_size); /* Reallocate space for new buffer */ this->buffer = realloc(this->buffer,new_buffer_size); @@ -633,7 +628,7 @@ static void write_to_chunk (private_generator_t *this,chunk_t *data) memcpy(data->ptr,this->buffer,data_length); data->len = data_length; - this->logger->log_chunk(this->logger, RAW|LEVEL3, "generated data of this generator", *data); + DBG3(SIG_DBG_ENC, "generated data of this generator %B", data); } /** @@ -655,16 +650,16 @@ static void generate_payload (private_generator_t *this,payload_t *payload) payload_start = this->out_position; - this->logger->log(this->logger, CONTROL|LEVEL1, "generating payload of type %s", - mapping_find(payload_type_m,payload_type)); + DBG2(SIG_DBG_ENC, "generating payload of type %N", + payload_type_names, payload_type); /* each payload has its own encoding rules */ payload->get_encoding_rules(payload,&rules,&rule_count); for (i = 0; i < rule_count;i++) { - this->logger->log(this->logger, CONTROL|LEVEL2, " generating rule %d %s", - i, mapping_find(encoding_type_m,rules[i].type)); + DBG2(SIG_DBG_ENC, " generating rule %d %N", + i, encoding_type_names, rules[i].type); switch (rules[i].type) { /* all u int values, IKE_SPI,TS_TYPE and ATTRIBUTE_TYPE are generated in generate_u_int_type */ @@ -964,7 +959,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) { if (this->attribute_format == FALSE) { - this->logger->log(this->logger, CONTROL|LEVEL3, "attribute value has not fixed size"); + DBG2(SIG_DBG_ENC, "attribute value has not fixed size"); /* the attribute value is generated */ this->generate_from_chunk(this,rules[i].offset); } @@ -1012,15 +1007,15 @@ static void generate_payload (private_generator_t *this,payload_t *payload) break; } default: - this->logger->log(this->logger, ERROR, "field type %s is not supported", - mapping_find(encoding_type_m,rules[i].type)); + DBG1(SIG_DBG_ENC, "field type %N is not supported", + encoding_type_names, rules[i].type); return; } } - this->logger->log(this->logger, CONTROL|LEVEL2, "generating %s payload finished.", - mapping_find(payload_type_m, payload_type)); - this->logger->log_bytes(this->logger, RAW|LEVEL3, "generated data for this payload", - payload_start, this->out_position-payload_start); + DBG2(SIG_DBG_ENC, "generating %N payload finished", + payload_type_names, payload_type); + DBG3(SIG_DBG_ENC, "generated data for this payload %b", + payload_start, this->out_position-payload_start); } /** @@ -1072,7 +1067,6 @@ generator_t *generator_create() this->current_bit = 0; this->last_payload_length_position_offset = 0; this->header_length_position_offset = 0; - this->logger = logger_manager->get_logger(logger_manager, GENERATOR); return &(this->public); } diff --git a/src/charon/encoding/message.c b/src/charon/encoding/message.c index b4bede333..65e4729b3 100644 --- a/src/charon/encoding/message.c +++ b/src/charon/encoding/message.c @@ -24,6 +24,7 @@ #include <stdlib.h> #include <string.h> +#include <printf.h> #include "message.h" @@ -33,7 +34,6 @@ #include <encoding/generator.h> #include <encoding/parser.h> #include <utils/linked_list.h> -#include <utils/logger_manager.h> #include <encoding/payloads/encodings.h> #include <encoding/payloads/payload.h> #include <encoding/payloads/encryption_payload.h> @@ -42,7 +42,7 @@ /** * Max number of notify payloads per IKEv2 Message */ -#define MAX_NOTIFY_PAYLOADS 10 +#define MAX_NOTIFY_PAYLOADS 20 typedef struct payload_rule_t payload_rule_t; @@ -66,7 +66,7 @@ struct payload_rule_t { /** * Max occurence of this payload. - */ + */ size_t max_occurence; /** @@ -295,72 +295,6 @@ struct private_message_t { * The message rule for this message instance */ message_rule_t *message_rule; - - /** - * Assigned logger. - */ - logger_t *logger; - - /** - * Sets the private message_rule member to the rule which - * applies to this message. Must be called before get_payload_rule(). - * - * @param this calling object - * @return - * - SUCCESS - * - NOT_FOUND if no message rule applies to this message. - */ - status_t (*set_message_rule) (private_message_t *this); - - /** - * Gets the payload_rule_t for a specific message_rule_t and payload type. - * - * @param this calling object - * @param payload_type payload type - * @param[out] payload_rule returned payload_rule_t - * @return - * - SUCCESS - * - NOT_FOUND if payload not defined in current message rule - * - INVALID_STATE if message rule is not set via set_message_rule() - */ - status_t (*get_payload_rule) (private_message_t *this, payload_type_t payload_type, payload_rule_t **payload_rule); - - /** - * Encrypts all payloads which has to get encrypted. - * - * Can also be called with messages not containing encrypted content. - * - * @param this calling object - * @param crypter crypter_t object - * @param signer signer_t object - * @return - * - SUCCESS - * - INVALID_STATE if no crypter/signer supplied but needed - */ - status_t (*encrypt_payloads) (private_message_t *this,crypter_t *crypter, signer_t* signer); - - /** - * Decrypts encrypted contents, and checks if a payload is encrypted if it has to be. - * - * @param this calling object - * @param crypter crypter_t object - * @param signer signer_t object - * @return - * - SUCCESS - * - FAILED if decryption not successfull - * - INVALID_STATE if no crypter/signer supplied but needed - */ - status_t (*decrypt_payloads) (private_message_t *this,crypter_t *crypter, signer_t* signer); - - /** - * Verifies the message. Checks for payloads count. - * - * @param calling object - * @return - * - SUCCESS if message valid, or - * - FAILED if message does not align with message rules. - */ - status_t (*verify) (private_message_t *this); }; /** @@ -549,8 +483,8 @@ static void add_payload(private_message_t *this, payload_t *payload) payload->set_next_type(payload, NO_PAYLOAD); this->payloads->insert_last(this->payloads, (void*)payload); - this->logger->log(this->logger, CONTROL|LEVEL1, "added payload of type %s to message", - mapping_find(payload_type_m, payload->get_type(payload))); + DBG2(SIG_DBG_ENC ,"added payload of type %N to message", + payload_type_names, payload->get_type(payload)); } /** @@ -566,7 +500,6 @@ static void set_source(private_message_t *this, host_t *host) */ static void set_destination(private_message_t *this, host_t *host) { - this->packet->set_destination(this->packet, host); } @@ -595,46 +528,159 @@ static iterator_t *get_payload_iterator(private_message_t *this) } /** - * Build a string containing short names for all payload in this message + * output handler in printf() */ -static void build_payload_string(private_message_t *this, char* buffer, size_t size) +static int print(FILE *stream, const struct printf_info *info, + const void *const *args) { + private_message_t *this = *((private_message_t**)(args[0])); iterator_t *iterator; payload_t *payload; bool first = TRUE; + size_t total_written = 0; + size_t written; + + if (this == NULL) + { + return fprintf(stream, "(null)"); + } - *buffer = '\0'; - size--; + written = fprintf(stream, "%N %s [", + exchange_type_names, this->exchange_type, + this->is_request ? "request" : "response"); + if (written < 0) + { + return written; + } + total_written += written; iterator = this->payloads->create_iterator(this->payloads, TRUE); while (iterator->iterate(iterator, (void**)&payload)) { - payload_type_t type = payload->get_type(payload); - char *name = mapping_find(payload_type_short_m, type); - size_t name_len = strlen(name); if (!first) { - strncat(buffer, " ", size); - if (size) + written = fprintf(stream, " "); + if (written < 0) { - size--; + return written; } + total_written += written; } else { first = FALSE; } - strncat(buffer, name, size); - if (name_len > size) + written = fprintf(stream, "%N", payload_type_short_names, + payload->get_type(payload)); + if (written < 0) + { + return written; + } + total_written += written; + } + iterator->destroy(iterator); + written = fprintf(stream, "]"); + if (written < 0) + { + return written; + } + total_written += written; + return total_written; +} + +/** + * arginfo handler in printf() + */ +static int print_arginfo(const struct printf_info *info, size_t n, int *argtypes) +{ + if (n > 0) + { + argtypes[0] = PA_POINTER; + } + return 1; +} + +/** + * register printf() handlers + */ +static void __attribute__ ((constructor))print_register() +{ + register_printf_function(MESSAGE_PRINTF_SPEC, print, print_arginfo); +} + +/** + * Implementation of private_message_t.encrypt_payloads. + */ +static status_t encrypt_payloads (private_message_t *this,crypter_t *crypter, signer_t* signer) +{ + encryption_payload_t *encryption_payload = NULL; + status_t status; + linked_list_t *all_payloads; + + if (!this->message_rule->encrypted_content) + { + DBG2(SIG_DBG_ENC, "message doesn't have to be encrypted"); + /* message contains no content to encrypt */ + return SUCCESS; + } + + DBG2(SIG_DBG_ENC, "copy all payloads to a temporary list"); + all_payloads = linked_list_create(); + + /* first copy all payloads in a temporary list */ + while (this->payloads->get_count(this->payloads) > 0) + { + void *current_payload; + this->payloads->remove_first(this->payloads,¤t_payload); + all_payloads->insert_last(all_payloads,current_payload); + } + + encryption_payload = encryption_payload_create(); + + DBG2(SIG_DBG_ENC, "check each payloads if they have to get encrypted"); + while (all_payloads->get_count(all_payloads) > 0) + { + payload_rule_t *payload_rule; + payload_t *current_payload; + bool to_encrypt = FALSE; + + all_payloads->remove_first(all_payloads,(void **)¤t_payload); + + status = get_payload_rule(this, + current_payload->get_type(current_payload),&payload_rule); + /* for payload types which are not found in supported payload list, + * it is presumed that they don't have to be encrypted */ + if ((status == SUCCESS) && (payload_rule->encrypted)) + { + DBG2(SIG_DBG_ENC, "payload %N gets encrypted", + payload_type_names, current_payload->get_type(current_payload)); + to_encrypt = TRUE; + } + + if (to_encrypt) { - size = 0; + DBG2(SIG_DBG_ENC, "insert payload %N to encryption payload", + payload_type_names, current_payload->get_type(current_payload)); + encryption_payload->add_payload(encryption_payload,current_payload); } else { - size -= name_len; + DBG2(SIG_DBG_ENC, "insert payload %N unencrypted", + payload_type_names ,current_payload->get_type(current_payload)); + add_payload(this, (payload_t*)encryption_payload); } } - iterator->destroy(iterator); + + status = SUCCESS; + DBG2(SIG_DBG_ENC, "encrypting encryption payload"); + encryption_payload->set_transforms(encryption_payload, crypter,signer); + status = encryption_payload->encrypt(encryption_payload); + DBG2(SIG_DBG_ENC, "add encrypted payload to payload list"); + add_payload(this, (payload_t*)encryption_payload); + + all_payloads->destroy(all_payloads); + + return status; } /** @@ -648,7 +694,6 @@ static status_t generate(private_message_t *this, crypter_t *crypter, signer_t* iterator_t *iterator; status_t status; chunk_t packet_data; - char payload_names[128]; if (is_encoded(this)) { @@ -657,50 +702,41 @@ static status_t generate(private_message_t *this, crypter_t *crypter, signer_t* return SUCCESS; } - build_payload_string(this, payload_names, sizeof(payload_names)); - this->logger->log(this->logger, CONTROL, "generating %s %s (%d) [%s]", - mapping_find(exchange_type_m,this->exchange_type), - this->is_request ? "request" : "response", - this->message_id, - payload_names); + DBG1(SIG_DBG_ENC, "generating %M", this); if (this->exchange_type == EXCHANGE_TYPE_UNDEFINED) { - this->logger->log(this->logger, ERROR | LEVEL1, "exchange type %s is not defined", - mapping_find(exchange_type_m,this->exchange_type)); + DBG1(SIG_DBG_ENC, "exchange type is not defined"); return INVALID_STATE; } if (this->packet->get_source(this->packet) == NULL || this->packet->get_destination(this->packet) == NULL) { - this->logger->log(this->logger, ERROR|LEVEL1, "%s not defined", - !this->packet->get_source(this->packet) ? "source" : "destination"); + DBG1(SIG_DBG_ENC, "%s not defined", + !this->packet->get_source(this->packet) ? "source" : "destination"); return INVALID_STATE; } /* set the rules for this messge */ - status = this->set_message_rule(this); + status = set_message_rule(this); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "no message rules specified for a %s %s", - mapping_find(exchange_type_m,this->exchange_type), - this->is_request ? "request" : "response"); + DBG1(SIG_DBG_ENC, "no message rules specified for this message type"); return NOT_SUPPORTED; } - /* going to encrypt all content which have to be encrypted */ - status = this->encrypt_payloads(this, crypter, signer); + status = encrypt_payloads(this, crypter, signer); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR | LEVEL1, "could not encrypt payloads"); + DBG1(SIG_DBG_ENC, "payload encryption failed"); return status; } - + /* build ike header */ ike_header = ike_header_create(); - + ike_header->set_exchange_type(ike_header, this->exchange_type); ike_header->set_message_id(ike_header, this->message_id); ike_header->set_response_flag(ike_header, !this->is_request); @@ -738,7 +774,7 @@ static status_t generate(private_message_t *this, crypter_t *crypter, signer_t* /* if last payload is of type encrypted, integrity checksum if necessary */ if (payload->get_type(payload) == ENCRYPTED) { - this->logger->log(this->logger, CONTROL | LEVEL1, "build signature on whole message"); + DBG2(SIG_DBG_ENC, "build signature on whole message"); encryption_payload_t *encryption_payload = (encryption_payload_t*)payload; status = encryption_payload->build_signature(encryption_payload, packet_data); if (status != SUCCESS) @@ -752,8 +788,7 @@ static status_t generate(private_message_t *this, crypter_t *crypter, signer_t* /* clone packet for caller */ *packet = this->packet->clone(this->packet); - this->logger->log(this->logger, CONTROL|LEVEL1, "message of type %s generated successfully", - mapping_find(exchange_type_m,this->exchange_type)); + DBG2(SIG_DBG_ENC, "message generated successfully"); return SUCCESS; } @@ -781,14 +816,13 @@ static status_t parse_header(private_message_t *this) ike_header_t *ike_header; status_t status; - - this->logger->log(this->logger, CONTROL|LEVEL1, "parsing Header of message"); + DBG2(SIG_DBG_ENC, "parsing header of message"); this->parser->reset_context(this->parser); status = this->parser->parse_payload(this->parser,HEADER,(payload_t **) &ike_header); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR | LEVEL1, "header could not be parsed"); + DBG1(SIG_DBG_ENC, "header could not be parsed"); return status; } @@ -797,10 +831,10 @@ static status_t parse_header(private_message_t *this) status = ike_header->payload_interface.verify(&(ike_header->payload_interface)); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR | LEVEL1, "header verification failed"); + DBG1(SIG_DBG_ENC, "header verification failed"); ike_header->destroy(ike_header); return status; - } + } if (this->ike_sa_id != NULL) { @@ -818,190 +852,23 @@ static status_t parse_header(private_message_t *this) this->minor_version = ike_header->get_min_version(ike_header); this->first_payload = ike_header->payload_interface.get_next_type(&(ike_header->payload_interface)); - this->logger->log(this->logger, CONTROL|LEVEL1, "parsed a %s %s", - mapping_find(exchange_type_m, this->exchange_type), - this->is_request ? "request" : "response"); + DBG2(SIG_DBG_ENC, "parsed a %N %s", exchange_type_names, this->exchange_type, + this->is_request ? "request" : "response"); - ike_header->destroy(ike_header); + ike_header->destroy(ike_header); /* get the rules for this messge */ - status = this->set_message_rule(this); + status = set_message_rule(this); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "no message rules specified for a %s %s", - mapping_find(exchange_type_m,this->exchange_type), - this->is_request ? "request" : "response"); + DBG1(SIG_DBG_ENC, "no message rules specified for a %N %s", + exchange_type_names, this->exchange_type, + this->is_request ? "request" : "response"); } - return status; -} - -/** - * Implementation of message_t.parse_body. - */ -static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t *signer) -{ - status_t status = SUCCESS; - payload_type_t current_payload_type; - char payload_names[128]; - - current_payload_type = this->first_payload; - - this->logger->log(this->logger, CONTROL|LEVEL1, "parsing body of message, first payload is %s", - mapping_find(payload_type_m, current_payload_type)); - - /* parse payload for payload, while there are more available */ - while ((current_payload_type != NO_PAYLOAD)) - { - payload_t *current_payload; - - this->logger->log(this->logger, CONTROL|LEVEL2, "start parsing a %s payload", - mapping_find(payload_type_m, current_payload_type)); - - /* parse current payload */ - status = this->parser->parse_payload(this->parser,current_payload_type,(payload_t **) ¤t_payload); - - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "payload type %s could not be parsed", - mapping_find(payload_type_m,current_payload_type)); - return PARSE_ERROR; - } - - this->logger->log(this->logger, CONTROL|LEVEL2, "verify payload of type %s", - mapping_find(payload_type_m, current_payload_type)); - - /* verify it, stop parsig if its invalid */ - status = current_payload->verify(current_payload); - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "%s payload verification failed", - mapping_find(payload_type_m,current_payload_type)); - current_payload->destroy(current_payload); - return VERIFY_ERROR; - } - - this->logger->log(this->logger, CONTROL|LEVEL2, "%s payload verified. Adding to payload list", - mapping_find(payload_type_m, current_payload_type)); - this->payloads->insert_last(this->payloads,current_payload); - - /* an encryption payload is the last one, so STOP here. decryption is done later */ - if (current_payload_type == ENCRYPTED) - { - this->logger->log(this->logger, CONTROL|LEVEL2, "%s payload found. Stop parsing", - mapping_find(payload_type_m, current_payload_type)); - break; - } - - /* get next payload type */ - current_payload_type = current_payload->get_next_type(current_payload); - } - - if (current_payload_type == ENCRYPTED) - { - status = this->decrypt_payloads(this,crypter,signer); - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "Could not decrypt payloads"); - return status; - } - } - - status = this->verify(this); - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "verification of message failed"); - return status; - } - - build_payload_string(this, payload_names, sizeof(payload_names)); - this->logger->log(this->logger, CONTROL, "parsed %s %s (%d) [%s]", - mapping_find(exchange_type_m, this->exchange_type), - this->is_request ? "request" : "response", - this->message_id, - payload_names); - - return SUCCESS; -} - -/** - * Implementation of private_message_t.verify. - */ -static status_t verify(private_message_t *this) -{ - int i; - iterator_t *iterator; - size_t total_found_payloads = 0; - - this->logger->log(this->logger, CONTROL|LEVEL1, "verifying message structure"); - - iterator = this->payloads->create_iterator(this->payloads,TRUE); - /* check for payloads with wrong count*/ - for (i = 0; i < this->message_rule->payload_rule_count;i++) - { - size_t found_payloads = 0; - - /* check all payloads for specific rule */ - iterator->reset(iterator); - - while(iterator->has_next(iterator)) - { - payload_t *current_payload; - payload_type_t current_payload_type; - - iterator->current(iterator,(void **)¤t_payload); - current_payload_type = current_payload->get_type(current_payload); - - if (current_payload_type == UNKNOWN_PAYLOAD) - { - /* unknown payloads are ignored, IF they are not critical */ - unknown_payload_t *unknown_payload = (unknown_payload_t*)current_payload; - if (unknown_payload->is_critical(unknown_payload)) - { - this->logger->log(this->logger, ERROR|LEVEL1, "%s (%d) is not supported, but its critical!", - mapping_find(payload_type_m, current_payload_type), current_payload_type); - iterator->destroy(iterator); - return NOT_SUPPORTED; - } - } - else if (current_payload_type == this->message_rule->payload_rules[i].payload_type) - { - found_payloads++; - total_found_payloads++; - this->logger->log(this->logger, CONTROL|LEVEL2, "found payload of type %s", - mapping_find(payload_type_m, this->message_rule->payload_rules[i].payload_type)); - - /* as soon as ohe payload occures more then specified, the verification fails */ - if (found_payloads > this->message_rule->payload_rules[i].max_occurence) - { - this->logger->log(this->logger, ERROR|LEVEL1, "payload of type %s more than %d times (%d) occured in current message", - mapping_find(payload_type_m, current_payload_type), - this->message_rule->payload_rules[i].max_occurence, found_payloads); - iterator->destroy(iterator); - return VERIFY_ERROR; - } - } - } - - if (found_payloads < this->message_rule->payload_rules[i].min_occurence) - { - this->logger->log(this->logger, ERROR|LEVEL1, "payload of type %s not occured %d times (%d)", - mapping_find(payload_type_m, this->message_rule->payload_rules[i].payload_type), - this->message_rule->payload_rules[i].min_occurence, found_payloads); - iterator->destroy(iterator); - return VERIFY_ERROR; - } - if ((this->message_rule->payload_rules[i].sufficient) && (this->payloads->get_count(this->payloads) == total_found_payloads)) - { - iterator->destroy(iterator); - return SUCCESS; - } - } - iterator->destroy(iterator); - return SUCCESS; + return status; } - /** * Implementation of private_message_t.decrypt_and_verify_payloads. */ @@ -1028,8 +895,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig /* needed to check */ current_payload_type = current_payload->get_type(current_payload); - this->logger->log(this->logger, CONTROL|LEVEL2, "process payload of type %s", - mapping_find(payload_type_m,current_payload_type)); + DBG2(SIG_DBG_ENC, "process payload of type %N", + payload_type_names, current_payload_type); if (current_payload_type == ENCRYPTED) { @@ -1038,31 +905,31 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig encryption_payload = (encryption_payload_t*)current_payload; - this->logger->log(this->logger, CONTROL | LEVEL2, "found an encryption payload"); + DBG2(SIG_DBG_ENC, "found an encryption payload"); if (payload_number != this->payloads->get_count(this->payloads)) { /* encrypted payload is not last one */ - this->logger->log(this->logger, ERROR, "encrypted payload is not last payload"); + DBG1(SIG_DBG_ENC, "encrypted payload is not last payload"); iterator->destroy(iterator); return VERIFY_ERROR; } /* decrypt */ encryption_payload->set_transforms(encryption_payload, crypter, signer); - this->logger->log(this->logger, CONTROL | LEVEL1, "verify signature of encryption payload"); - status = encryption_payload->verify_signature(encryption_payload, this->packet->get_data(this->packet)); + DBG2(SIG_DBG_ENC, "verify signature of encryption payload"); + status = encryption_payload->verify_signature(encryption_payload, + this->packet->get_data(this->packet)); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "encryption payload signature invalid"); + DBG1(SIG_DBG_ENC, "encryption payload signature invalid"); iterator->destroy(iterator); return FAILED; } - this->logger->log(this->logger, CONTROL | LEVEL2, "decrypt content of encryption payload"); + DBG2(SIG_DBG_ENC, "decrypting content of encryption payload"); status = encryption_payload->decrypt(encryption_payload); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, - "encrypted payload could not be decrypted and parsed"); + DBG1(SIG_DBG_ENC, "encrypted payload could not be decrypted and parsed"); iterator->destroy(iterator); return PARSE_ERROR; } @@ -1073,7 +940,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig /* check if there are payloads contained in the encryption payload */ if (encryption_payload->get_payload_count(encryption_payload) == 0) { - this->logger->log(this->logger, CONTROL|LEVEL2, "encrypted payload is empty"); + DBG2(SIG_DBG_ENC, "encrypted payload is empty"); /* remove the encryption payload, is not needed anymore */ iterator->remove(iterator); /* encrypted payload contains no other payload */ @@ -1103,9 +970,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig while (encryption_payload->get_payload_count(encryption_payload) > 0) { encryption_payload->remove_first_payload(encryption_payload, ¤t_encrypted_payload); - this->logger->log(this->logger, CONTROL | LEVEL1, - "insert unencrypted payload of type %s at end of list.", - mapping_find(payload_type_m, current_encrypted_payload->get_type(current_encrypted_payload))); + DBG2(SIG_DBG_ENC, "insert unencrypted payload of type %N at end of list", + payload_type_names, current_encrypted_payload->get_type(current_encrypted_payload)); this->payloads->insert_last(this->payloads,current_encrypted_payload); } @@ -1117,12 +983,12 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig if (current_payload_type != UNKNOWN_PAYLOAD && current_payload_type != NO_PAYLOAD) { /* get the ruleset for found payload */ - status = this->get_payload_rule(this, current_payload_type, &payload_rule); + status = get_payload_rule(this, current_payload_type, &payload_rule); if (status != SUCCESS) { /* payload is not allowed */ - this->logger->log(this->logger, ERROR, "payload type %s not allowed", - mapping_find(payload_type_m,current_payload_type)); + DBG1(SIG_DBG_ENC, "payload type %N not allowed", + payload_type_names, current_payload_type); iterator->destroy(iterator); return VERIFY_ERROR; } @@ -1131,9 +997,9 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig if (payload_rule->encrypted != current_payload_was_encrypted) { /* payload was not encrypted, but should have been. or vice-versa */ - this->logger->log(this->logger, ERROR, "payload type %s should be %s!", - mapping_find(payload_type_m,current_payload_type), - (payload_rule->encrypted) ? "encrypted" : "not encrypted"); + DBG1(SIG_DBG_ENC, "payload type %N should be %s!", + payload_type_names, current_payload_type, + (payload_rule->encrypted) ? "encrypted" : "not encrypted"); iterator->destroy(iterator); return VERIFY_ERROR; } @@ -1148,90 +1014,164 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig } /** - * Implementation of private_message_t.encrypt_payloads. + * Implementation of private_message_t.verify. */ -static status_t encrypt_payloads (private_message_t *this,crypter_t *crypter, signer_t* signer) +static status_t verify(private_message_t *this) { - encryption_payload_t *encryption_payload = NULL; - status_t status; - linked_list_t *all_payloads; - - if (!this->message_rule->encrypted_content) - { - this->logger->log(this->logger, CONTROL | LEVEL1, "message doesn't have to be encrypted"); - /* message contains no content to encrypt */ - return SUCCESS; - } + int i; + iterator_t *iterator; + size_t total_found_payloads = 0; - this->logger->log(this->logger, CONTROL | LEVEL2, "copy all payloads to a temporary list"); - all_payloads = linked_list_create(); + DBG2(SIG_DBG_ENC, "verifying message structure"); - /* first copy all payloads in a temporary list */ - while (this->payloads->get_count(this->payloads) > 0) + iterator = this->payloads->create_iterator(this->payloads,TRUE); + /* check for payloads with wrong count*/ + for (i = 0; i < this->message_rule->payload_rule_count;i++) { - void *current_payload; - this->payloads->remove_first(this->payloads,¤t_payload); - all_payloads->insert_last(all_payloads,current_payload); - } + size_t found_payloads = 0; - encryption_payload = encryption_payload_create(); + /* check all payloads for specific rule */ + iterator->reset(iterator); + + while(iterator->has_next(iterator)) + { + payload_t *current_payload; + payload_type_t current_payload_type; + + iterator->current(iterator,(void **)¤t_payload); + current_payload_type = current_payload->get_type(current_payload); + + if (current_payload_type == UNKNOWN_PAYLOAD) + { + /* unknown payloads are ignored, IF they are not critical */ + unknown_payload_t *unknown_payload = (unknown_payload_t*)current_payload; + if (unknown_payload->is_critical(unknown_payload)) + { + DBG1(SIG_DBG_ENC, "%N is not supported, but its critical!", + payload_type_names, current_payload_type); + iterator->destroy(iterator); + return NOT_SUPPORTED; + } + } + else if (current_payload_type == this->message_rule->payload_rules[i].payload_type) + { + found_payloads++; + total_found_payloads++; + DBG2(SIG_DBG_ENC, "found payload of type %N", + payload_type_names, this->message_rule->payload_rules[i].payload_type); + + /* as soon as ohe payload occures more then specified, the verification fails */ + if (found_payloads > this->message_rule->payload_rules[i].max_occurence) + { + DBG1(SIG_DBG_ENC, "payload of type %N more than %d times (%d) occured in current message", + payload_type_names, current_payload_type, + this->message_rule->payload_rules[i].max_occurence, found_payloads); + iterator->destroy(iterator); + return VERIFY_ERROR; + } + } + } + + if (found_payloads < this->message_rule->payload_rules[i].min_occurence) + { + DBG1(SIG_DBG_ENC, "payload of type %N not occured %d times (%d)", + payload_type_names, this->message_rule->payload_rules[i].payload_type, + this->message_rule->payload_rules[i].min_occurence, found_payloads); + iterator->destroy(iterator); + return VERIFY_ERROR; + } + if ((this->message_rule->payload_rules[i].sufficient) && (this->payloads->get_count(this->payloads) == total_found_payloads)) + { + iterator->destroy(iterator); + return SUCCESS; + } + } + iterator->destroy(iterator); + return SUCCESS; +} - this->logger->log(this->logger, CONTROL | LEVEL2, "check each payloads if they have to get encrypted"); - while (all_payloads->get_count(all_payloads) > 0) +/** + * Implementation of message_t.parse_body. + */ +static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t *signer) +{ + status_t status = SUCCESS; + payload_type_t current_payload_type; + + current_payload_type = this->first_payload; + + DBG2(SIG_DBG_ENC, "parsing body of message, first payload is %N", + payload_type_names, current_payload_type); + + /* parse payload for payload, while there are more available */ + while ((current_payload_type != NO_PAYLOAD)) { - payload_rule_t *payload_rule; payload_t *current_payload; - bool to_encrypt = FALSE; - all_payloads->remove_first(all_payloads,(void **)¤t_payload); - this->logger->log(this->logger, CONTROL | LEVEL3, "get rule for payload %s", - mapping_find(payload_type_m,current_payload->get_type(current_payload))); + DBG2(SIG_DBG_ENC, "starting parsing a %N payload", + payload_type_names, current_payload_type); - status = this->get_payload_rule(this,current_payload->get_type(current_payload),&payload_rule); - /* for payload types which are not found in supported payload list, it is presumed - * that they don't have to be encrypted */ - if ((status == SUCCESS) && (payload_rule->encrypted)) + /* parse current payload */ + status = this->parser->parse_payload(this->parser,current_payload_type,(payload_t **) ¤t_payload); + + if (status != SUCCESS) { - this->logger->log(this->logger, CONTROL | LEVEL2, "payload %s has to get encrypted", - mapping_find(payload_type_m,current_payload->get_type(current_payload))); - to_encrypt = TRUE; + DBG1(SIG_DBG_ENC, "payload type %N could not be parsed", + payload_type_names, current_payload_type); + return PARSE_ERROR; } - else if (status != SUCCESS) + + DBG2(SIG_DBG_ENC, "verifying payload of type %N", + payload_type_names, current_payload_type); + + /* verify it, stop parsig if its invalid */ + status = current_payload->verify(current_payload); + if (status != SUCCESS) { - this->logger->log(this->logger, CONTROL | LEVEL2, "payload %s not defined for exchange type %s. Handle it anyway", - mapping_find(payload_type_m,current_payload->get_type(current_payload)), - mapping_find(exchange_type_m,this->exchange_type)); + DBG1(SIG_DBG_ENC, "%N payload verification failed", + payload_type_names, current_payload_type); + current_payload->destroy(current_payload); + return VERIFY_ERROR; } - if (to_encrypt) + DBG2(SIG_DBG_ENC, "%N payload verified. Adding to payload list", + payload_type_names, current_payload_type); + this->payloads->insert_last(this->payloads,current_payload); + + /* an encryption payload is the last one, so STOP here. decryption is done later */ + if (current_payload_type == ENCRYPTED) { - this->logger->log(this->logger, CONTROL | LEVEL2, "insert payload %s to encryption payload", - mapping_find(payload_type_m,current_payload->get_type(current_payload))); - - encryption_payload->add_payload(encryption_payload,current_payload); + DBG2(SIG_DBG_ENC, "%N payload found. Stop parsing", + payload_type_names, current_payload_type); + break; } - else + + /* get next payload type */ + current_payload_type = current_payload->get_next_type(current_payload); + } + + if (current_payload_type == ENCRYPTED) + { + status = decrypt_payloads(this,crypter,signer); + if (status != SUCCESS) { - this->logger->log(this->logger, CONTROL | LEVEL2, "insert payload %s as payload wich does not have to be encrypted", - mapping_find(payload_type_m,current_payload->get_type(current_payload))); - this->public.add_payload(&(this->public), (payload_t*)encryption_payload); + DBG1(SIG_DBG_ENC, "could not decrypt payloads"); + return status; } } - - status = SUCCESS; - this->logger->log(this->logger, CONTROL | LEVEL2, "set transforms for encryption payload "); - encryption_payload->set_transforms(encryption_payload,crypter,signer); - this->logger->log(this->logger, CONTROL | LEVEL1, "encrypt all payloads of encrypted payload"); - status = encryption_payload->encrypt(encryption_payload); - this->logger->log(this->logger, CONTROL | LEVEL2, "add encrypted payload to payload list"); - this->public.add_payload(&(this->public), (payload_t*)encryption_payload); - all_payloads->destroy(all_payloads); + status = verify(this); + if (status != SUCCESS) + { + DBG1(SIG_DBG_ENC, "verification of message failed"); + return status; + } - return status; + DBG1(SIG_DBG_ENC, "parsed %M", this); + + return SUCCESS; } - /** * Implementation of message_t.destroy. */ @@ -1297,18 +1237,11 @@ message_t *message_create_from_packet(packet_t *packet) /* private values */ this->exchange_type = EXCHANGE_TYPE_UNDEFINED; - this->is_request = TRUE; - this->ike_sa_id = NULL; - this->first_payload = NO_PAYLOAD; - this->message_id = 0; - - /* private functions */ - this->set_message_rule = set_message_rule; - this->get_payload_rule = get_payload_rule; - this->encrypt_payloads = encrypt_payloads; - this->decrypt_payloads = decrypt_payloads; - this->verify = verify; - + this->is_request = TRUE; + this->ike_sa_id = NULL; + this->first_payload = NO_PAYLOAD; + this->message_id = 0; + /* private values */ if (packet == NULL) { @@ -1319,10 +1252,8 @@ message_t *message_create_from_packet(packet_t *packet) this->payloads = linked_list_create(); /* parser is created from data of packet */ - this->parser = parser_create(this->packet->get_data(this->packet)); - - this->logger = logger_manager->get_logger(logger_manager, MESSAGE); - + this->parser = parser_create(this->packet->get_data(this->packet)); + return (&this->public); } diff --git a/src/charon/encoding/message.h b/src/charon/encoding/message.h index ac171028e..3b91e8e94 100644 --- a/src/charon/encoding/message.h +++ b/src/charon/encoding/message.h @@ -34,6 +34,11 @@ #include <crypto/crypters/crypter.h> #include <crypto/signers/signer.h> +/** + * printf() specifier for message + */ +#define MESSAGE_PRINTF_SPEC 'M' + typedef struct message_t message_t; diff --git a/src/charon/encoding/parser.c b/src/charon/encoding/parser.c index e7cfb3217..4215d3840 100644 --- a/src/charon/encoding/parser.c +++ b/src/charon/encoding/parser.c @@ -30,7 +30,6 @@ #include <types.h> #include <definitions.h> #include <daemon.h> -#include <utils/logger.h> #include <utils/linked_list.h> #include <encoding/payloads/encodings.h> #include <encoding/payloads/payload.h> @@ -233,11 +232,6 @@ struct private_parser_t { * Set of encoding rules for this parsing session. */ encoding_rule_t *rules; - - /** - * Assigned logger_t object. - */ - logger_t *logger; }; /** @@ -247,9 +241,8 @@ static status_t parse_uint4(private_parser_t *this, int rule_number, u_int8_t *o { if (this->byte_pos + sizeof(u_int8_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, - this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } switch (this->bit_pos) @@ -272,15 +265,15 @@ static status_t parse_uint4(private_parser_t *this, int rule_number, u_int8_t *o this->byte_pos++; break; default: - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, - this->rules[rule_number].type), this->bit_pos); + DBG2(SIG_DBG_ENC, " found rule %d %N on bitpos %d", + rule_number, encoding_type_names, + this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } if (output_pos != NULL) { - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos); + DBG3(SIG_DBG_ENC, " => %d", *output_pos); } return SUCCESS; @@ -293,16 +286,15 @@ static status_t parse_uint8(private_parser_t *this, int rule_number, u_int8_t *o { if (this->byte_pos + sizeof(u_int8_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, - this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, - this->rules[rule_number].type), this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", + rule_number, encoding_type_names, + this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } @@ -310,7 +302,7 @@ static status_t parse_uint8(private_parser_t *this, int rule_number, u_int8_t *o if (output_pos != NULL) { *output_pos = *(this->byte_pos); - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos); + DBG3(SIG_DBG_ENC, " => %d", *output_pos); } this->byte_pos++; @@ -324,23 +316,21 @@ static status_t parse_uint15(private_parser_t *this, int rule_number, u_int16_t { if (this->byte_pos + sizeof(u_int16_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, - this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos != 1) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), - this->bit_pos); + DBG2(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } /* caller interested in result ? */ if (output_pos != NULL) { *output_pos = ntohs(*((u_int16_t*)this->byte_pos)) & ~0x8000; - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos); + DBG3(SIG_DBG_ENC, " => %d", *output_pos); } this->byte_pos += 2; this->bit_pos = 0; @@ -355,15 +345,14 @@ static status_t parse_uint16(private_parser_t *this, int rule_number, u_int16_t { if (this->byte_pos + sizeof(u_int16_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), - this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } /* caller interested in result ? */ @@ -371,7 +360,7 @@ static status_t parse_uint16(private_parser_t *this, int rule_number, u_int16_t { *output_pos = ntohs(*((u_int16_t*)this->byte_pos)); - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos); + DBG3(SIG_DBG_ENC, " => %d", *output_pos); } this->byte_pos += 2; @@ -384,15 +373,14 @@ static status_t parse_uint32(private_parser_t *this, int rule_number, u_int32_t { if (this->byte_pos + sizeof(u_int32_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), - this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } /* caller interested in result ? */ @@ -400,7 +388,7 @@ static status_t parse_uint32(private_parser_t *this, int rule_number, u_int32_t { *output_pos = ntohl(*((u_int32_t*)this->byte_pos)); - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos); + DBG3(SIG_DBG_ENC, " => %d", *output_pos); } this->byte_pos += 4; @@ -414,15 +402,14 @@ static status_t parse_uint64(private_parser_t *this, int rule_number, u_int64_t { if (this->byte_pos + sizeof(u_int64_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), - this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } /* caller interested in result ? */ @@ -432,7 +419,7 @@ static status_t parse_uint64(private_parser_t *this, int rule_number, u_int64_t *(output_pos + 1) = ntohl(*((u_int32_t*)this->byte_pos)); *output_pos = ntohl(*(((u_int32_t*)this->byte_pos) + 1)); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)output_pos, 8); + DBG3(SIG_DBG_ENC, " => %b", (void*)output_pos, sizeof(u_int64_t)); } this->byte_pos += 8; @@ -446,15 +433,14 @@ static status_t parse_bytes (private_parser_t *this, int rule_number, u_int8_t * { if (this->byte_pos + bytes > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), - this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } @@ -463,7 +449,7 @@ static status_t parse_bytes (private_parser_t *this, int rule_number, u_int8_t * { memcpy(output_pos,this->byte_pos,bytes); - this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)output_pos, bytes); + DBG3(SIG_DBG_ENC, " => %b", (void*)output_pos, bytes); } this->byte_pos += bytes; @@ -477,8 +463,8 @@ static status_t parse_bit(private_parser_t *this, int rule_number, bool *output_ { if (this->byte_pos + sizeof(u_int8_t) > this->input_roof) { - this->logger->log(this->logger, ERROR|LEVEL1, " not enough input to parse rule %d %s", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input to parse rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } /* caller interested in result ? */ @@ -494,7 +480,7 @@ static status_t parse_bit(private_parser_t *this, int rule_number, bool *output_ *output_pos = TRUE; } - this->logger->log(this->logger, RAW|LEVEL2, " => %d", *output_pos); + DBG3(SIG_DBG_ENC, " => %d", *output_pos); } this->bit_pos = (this->bit_pos + 1) % 8; if (this->bit_pos == 0) @@ -514,15 +500,15 @@ static status_t parse_list(private_parser_t *this, int rule_number, linked_list_ if (length < 0) { - this->logger->log(this->logger, ERROR|LEVEL1, " invalid length for rule %d %s", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " invalid length for rule %d %N", + rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } @@ -531,13 +517,13 @@ static status_t parse_list(private_parser_t *this, int rule_number, linked_list_ u_int8_t *pos_before = this->byte_pos; payload_t *payload; status_t status; - this->logger->log(this->logger, CONTROL|LEVEL1, " %d bytes left, parsing recursivly %s", - length, mapping_find(payload_type_m, payload_type)); + DBG2(SIG_DBG_ENC, " %d bytes left, parsing recursivly %N", + length, payload_type_names, payload_type); status = this->public.parse_payload((parser_t*)this, payload_type, &payload); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, " parsing of a %s substructure failed", - mapping_find(payload_type_m, payload_type)); + DBG1(SIG_DBG_ENC, " parsing of a %N substructure failed", + payload_type_names, payload_type); return status; } list->insert_last(list, payload); @@ -554,14 +540,14 @@ static status_t parse_chunk(private_parser_t *this, int rule_number, chunk_t *ou { if (this->byte_pos + length > this->input_roof) { - this->logger->log(this->logger, ERROR, " not enough input (%d bytes) to parse rule %d %s", - length, rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type)); + DBG1(SIG_DBG_ENC, " not enough input (%d bytes) to parse rule %d %N", + length, rule_number, encoding_type_names, this->rules[rule_number].type); return PARSE_ERROR; } if (this->bit_pos) { - this->logger->log(this->logger, ERROR, " found rule %d %s on bitpos %d", - rule_number, mapping_find(encoding_type_m, this->rules[rule_number].type), this->bit_pos); + DBG1(SIG_DBG_ENC, " found rule %d %N on bitpos %d", rule_number, + encoding_type_names, this->rules[rule_number].type, this->bit_pos); return PARSE_ERROR; } if (output_pos != NULL) @@ -571,7 +557,7 @@ static status_t parse_chunk(private_parser_t *this, int rule_number, chunk_t *ou memcpy(output_pos->ptr, this->byte_pos, length); } this->byte_pos += length; - this->logger->log_bytes(this->logger, RAW|LEVEL2, " =>", (void*)output_pos->ptr, length); + DBG3(SIG_DBG_ENC, " => %b", (void*)output_pos->ptr, length); return SUCCESS; } @@ -592,17 +578,16 @@ static status_t parse_payload(private_parser_t *this, payload_type_t payload_typ /* create instance of the payload to parse */ pld = payload_create(payload_type); - this->logger->log(this->logger, CONTROL|LEVEL1, "parsing %s payload, %d bytes left", - mapping_find(payload_type_m, payload_type), - this->input_roof-this->byte_pos); + DBG2(SIG_DBG_ENC, "parsing %N payload, %d bytes left", + payload_type_names, payload_type, this->input_roof - this->byte_pos); - this->logger->log_bytes(this->logger, RAW|LEVEL3, "parsing payload from", this->byte_pos, - this->input_roof-this->byte_pos); + DBG3(SIG_DBG_ENC, "parsing payload from %b", + this->byte_pos, this->input_roof-this->byte_pos); if (pld->get_type(pld) == UNKNOWN_PAYLOAD) { - this->logger->log(this->logger, ERROR|LEVEL1, " payload type %d is unknown, handling as %s", - payload_type, mapping_find(payload_type_m, UNKNOWN_PAYLOAD)); + DBG1(SIG_DBG_ENC, " payload type %d is unknown, handling as %N", + payload_type, payload_type_names, UNKNOWN_PAYLOAD); } /* base pointer for output, avoids casting in every rule */ @@ -613,8 +598,8 @@ static status_t parse_payload(private_parser_t *this, payload_type_t payload_typ for (rule_number = 0; rule_number < rule_count; rule_number++) { rule = &(this->rules[rule_number]); - this->logger->log(this->logger, CONTROL|LEVEL2, " parsing rule %d %s", - rule_number, mapping_find(encoding_type_m, rule->type)); + DBG2(SIG_DBG_ENC, " parsing rule %d %N", + rule_number, encoding_type_names, rule->type); switch (rule->type) { case U_INT_4: @@ -990,7 +975,8 @@ static status_t parse_payload(private_parser_t *this, payload_type_t payload_typ } default: { - this->logger->log(this->logger, ERROR, " no rule to parse rule %d %s (%d)", rule_number, mapping_find(encoding_type_m, rule->type), rule->type); + DBG1(SIG_DBG_ENC, " no rule to parse rule %d %N", + rule_number, encoding_type_names, rule->type); pld->destroy(pld); return PARSE_ERROR; } @@ -999,9 +985,9 @@ static status_t parse_payload(private_parser_t *this, payload_type_t payload_typ rule++; } - *payload = pld; - this->logger->log(this->logger, CONTROL|LEVEL2, "parsing %s payload finished.", - mapping_find(payload_type_m, payload_type)); + *payload = pld; + DBG2(SIG_DBG_ENC, "parsing %N payload finished", + payload_type_names, payload_type); return SUCCESS; } @@ -1038,8 +1024,6 @@ parser_t *parser_create(chunk_t data) { private_parser_t *this = malloc_thing(private_parser_t); - this->logger = logger_manager->get_logger(logger_manager, PARSER); - this->public.parse_payload = (status_t(*)(parser_t*,payload_type_t,payload_t**)) parse_payload; this->public.reset_context = (void(*)(parser_t*)) reset_context; this->public.get_remaining_byte_count = (int (*) (parser_t *))get_remaining_byte_count; @@ -1055,7 +1039,7 @@ parser_t *parser_create(chunk_t data) this->parse_bit = parse_bit; this->parse_list = parse_list; this->parse_chunk = parse_chunk; - + this->input = data.ptr; this->byte_pos = data.ptr; this->bit_pos = 0; @@ -1063,4 +1047,3 @@ parser_t *parser_create(chunk_t data) return (parser_t*)this; } - diff --git a/src/charon/encoding/payloads/cert_payload.c b/src/charon/encoding/payloads/cert_payload.c index 78e1fb9d4..f7c375593 100644 --- a/src/charon/encoding/payloads/cert_payload.c +++ b/src/charon/encoding/payloads/cert_payload.c @@ -26,10 +26,7 @@ #include "cert_payload.h" -/** - * String mappings for cert_encoding_t. - */ -static const char *const cert_encoding_name[] = { +ENUM(cert_encoding_names, CERT_NONE, CERT_X509_HASH_AND_URL_BUNDLE, "CERT_NONE", "CERT_PKCS7_WRAPPED_X509", "CERT_PGP", @@ -43,11 +40,8 @@ static const char *const cert_encoding_name[] = { "CERT_X509_ATTRIBUTE", "CERT_RAW_RSA_KEY", "CERT_X509_HASH_AND_URL", - "CERT_X509_HASH_AND_URL_BUNDLE" -}; - -enum_names cert_encoding_names = - { CERT_NONE, CERT_X509_HASH_AND_URL_BUNDLE, cert_encoding_name, NULL }; + "CERT_X509_HASH_AND_URL_BUNDLE", +); typedef struct private_cert_payload_t private_cert_payload_t; diff --git a/src/charon/encoding/payloads/cert_payload.h b/src/charon/encoding/payloads/cert_payload.h index 4eb854741..aaf0b8566 100644 --- a/src/charon/encoding/payloads/cert_payload.h +++ b/src/charon/encoding/payloads/cert_payload.h @@ -64,7 +64,7 @@ enum cert_encoding_t { * * @ingroup payloads */ -extern enum_names cert_encoding_names; +extern enum_name_t *cert_encoding_names; typedef struct cert_payload_t cert_payload_t; diff --git a/src/charon/encoding/payloads/configuration_attribute.c b/src/charon/encoding/payloads/configuration_attribute.c index 88adbd66f..5982214ac 100644 --- a/src/charon/encoding/payloads/configuration_attribute.c +++ b/src/charon/encoding/payloads/configuration_attribute.c @@ -58,27 +58,23 @@ struct private_configuration_attribute_t { chunk_t attribute_value; }; -/** - * String mappings for configuration_attribute_type_t. - */ -mapping_t configuration_attribute_type_m[] = { - {INTERNAL_IP4_ADDRESS, "INTERNAL_IP4_ADDRESS"}, - {INTERNAL_IP4_NETMASK, "INTERNAL_IP4_NETMASK"}, - {INTERNAL_IP4_DNS, "INTERNAL_IP4_DNS"}, - {INTERNAL_IP4_NBNS, "INTERNAL_IP4_NBNS"}, - {INTERNAL_ADDRESS_EXPIRY, "INTERNAL_ADDRESS_EXPIRY"}, - {INTERNAL_IP4_DHCP, "INTERNAL_IP4_DHCP"}, - {APPLICATION_VERSION, "APPLICATION_VERSION"}, - {INTERNAL_IP6_ADDRESS, "INTERNAL_IP6_ADDRESS"}, - {INTERNAL_IP6_DNS, "INTERNAL_IP6_DNS"}, - {INTERNAL_IP6_NBNS, "INTERNAL_IP6_NBNS"}, - {INTERNAL_IP6_DHCP, "INTERNAL_IP6_DHCP"}, - {INTERNAL_IP4_SUBNET, "INTERNAL_IP4_SUBNET"}, - {SUPPORTED_ATTRIBUTES, "SUPPORTED_ATTRIBUTES"}, - {INTERNAL_IP6_SUBNET, "INTERNAL_IP6_SUBNET"}, - {MAPPING_END, NULL} -}; - +ENUM_BEGIN(configuration_attribute_type_name, INTERNAL_IP4_ADDRESS, INTERNAL_IP6_ADDRESS, + "INTERNAL_IP4_ADDRESS", + "INTERNAL_IP4_NETMASK", + "INTERNAL_IP4_DNS", + "INTERNAL_IP4_NBNS", + "INTERNAL_ADDRESS_EXPIRY", + "INTERNAL_IP4_DHCP", + "APPLICATION_VERSION", + "INTERNAL_IP6_ADDRESS"); +ENUM_NEXT(configuration_attribute_type_name, INTERNAL_IP6_DNS, INTERNAL_IP6_SUBNET, INTERNAL_IP6_ADDRESS, + "INTERNAL_IP6_DNS", + "INTERNAL_IP6_NBNS", + "INTERNAL_IP6_DHCP", + "INTERNAL_IP4_SUBNET", + "SUPPORTED_ATTRIBUTES", + "INTERNAL_IP6_SUBNET"); +ENUM_END(configuration_attribute_type_name, INTERNAL_IP6_SUBNET); /** * Encoding rules to parse or generate a configuration attribute. diff --git a/src/charon/encoding/payloads/configuration_attribute.h b/src/charon/encoding/payloads/configuration_attribute.h index 442e0cb83..5cd7b2263 100644 --- a/src/charon/encoding/payloads/configuration_attribute.h +++ b/src/charon/encoding/payloads/configuration_attribute.h @@ -62,11 +62,11 @@ enum configuration_attribute_type_t { }; /** - * String mappings for configuration_attribute_type_t. + * enum names for configuration_attribute_type_t. * * @ingroup payloads */ -extern mapping_t configuration_attribute_type_m[]; +extern enum_name_t *configuration_attribute_type_names; typedef struct configuration_attribute_t configuration_attribute_t; diff --git a/src/charon/encoding/payloads/cp_payload.c b/src/charon/encoding/payloads/cp_payload.c index ed779d955..f1297e444 100644 --- a/src/charon/encoding/payloads/cp_payload.c +++ b/src/charon/encoding/payloads/cp_payload.c @@ -28,18 +28,12 @@ #include <encoding/payloads/encodings.h> #include <utils/linked_list.h> - -/** - * String mappings for config_type_t. - */ -mapping_t config_type_m[] = { - {CFG_REQUEST, "CFG_REQUEST"}, - {CFG_REPLY, "CFG_REPLY"}, - {CFG_SET, "CFG_SET"}, - {CFG_ACK, "CFG_ACK"}, - {MAPPING_END, NULL} -}; - +ENUM(config_type_names, CFG_REQUEST, CFG_ACK, + "CFG_REQUEST", + "CFG_REPLY", + "CFG_SET", + "CFG_ACK", +); typedef struct private_cp_payload_t private_cp_payload_t; @@ -77,13 +71,6 @@ struct private_cp_payload_t { * Config Type. */ u_int8_t config_type; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_cp_payload_t object - */ - void (*compute_length) (private_cp_payload_t *this); }; /** @@ -190,11 +177,30 @@ static void set_next_type(private_cp_payload_t *this,payload_type_t type) } /** + * recompute the length of the payload. + */ +static void compute_length(private_cp_payload_t *this) +{ + iterator_t *iterator; + size_t length = CP_PAYLOAD_HEADER_LENGTH; + iterator = this->attributes->create_iterator(this->attributes,TRUE); + while (iterator->has_next(iterator)) + { + payload_t *current_attribute; + iterator->current(iterator,(void **) ¤t_attribute); + length += current_attribute->get_length(current_attribute); + } + iterator->destroy(iterator); + + this->payload_length = length; +} + +/** * Implementation of payload_t.get_length. */ static size_t get_length(private_cp_payload_t *this) { - this->compute_length(this); + compute_length(this); return this->payload_length; } @@ -212,7 +218,7 @@ static iterator_t *create_configuration_attribute_iterator (private_cp_payload_t static void add_configuration_attribute (private_cp_payload_t *this,configuration_attribute_t *attribute) { this->attributes->insert_last(this->attributes,(void *) attribute); - this->compute_length(this); + compute_length(this); } /** @@ -232,25 +238,6 @@ static config_type_t get_config_type (private_cp_payload_t *this) } /** - * Implementation of private_cp_payload_t.compute_length. - */ -static void compute_length (private_cp_payload_t *this) -{ - iterator_t *iterator; - size_t length = CP_PAYLOAD_HEADER_LENGTH; - iterator = this->attributes->create_iterator(this->attributes,TRUE); - while (iterator->has_next(iterator)) - { - payload_t *current_attribute; - iterator->current(iterator,(void **) ¤t_attribute); - length += current_attribute->get_length(current_attribute); - } - iterator->destroy(iterator); - - this->payload_length = length; -} - -/** * Implementation of payload_t.destroy and cp_payload_t.destroy. */ static status_t destroy(private_cp_payload_t *this) @@ -292,10 +279,6 @@ cp_payload_t *cp_payload_create() this->public.get_config_type = (config_type_t (*) (cp_payload_t *)) get_config_type; this->public.destroy = (void (*) (cp_payload_t *)) destroy; - - /* private functions */ - this->compute_length = compute_length; - /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/cp_payload.h b/src/charon/encoding/payloads/cp_payload.h index 3fd4011e3..3391881eb 100644 --- a/src/charon/encoding/payloads/cp_payload.h +++ b/src/charon/encoding/payloads/cp_payload.h @@ -52,11 +52,11 @@ enum config_type_t { }; /** - * string mappings for config_type_t. - * + * enum name for config_type_t. + * * @ingroup payloads */ -extern mapping_t config_type_m[]; +extern enum_name_t *config_type_names; typedef struct cp_payload_t cp_payload_t; diff --git a/src/charon/encoding/payloads/encodings.c b/src/charon/encoding/payloads/encodings.c index 8e0f30b2e..9ec0a94f9 100644 --- a/src/charon/encoding/payloads/encodings.c +++ b/src/charon/encoding/payloads/encodings.c @@ -24,46 +24,44 @@ #include "encodings.h" - -mapping_t encoding_type_m[] = { - {U_INT_4, "U_INT_4"}, - {U_INT_8, "U_INT_8"}, - {U_INT_16, "U_INT_16"}, - {U_INT_32, "U_INT_32"}, - {U_INT_64, "U_INT_64"}, - {IKE_SPI, "IKE_SPI"}, - {RESERVED_BIT, "RESERVED_BIT"}, - {RESERVED_BYTE, "RESERVED_BYTE"}, - {FLAG, "FLAG"}, - {PAYLOAD_LENGTH, "PAYLOAD_LENGTH"}, - {HEADER_LENGTH, "HEADER_LENGTH"}, - {SPI_SIZE, "SPI_SIZE"}, - {SPI, "SPI"}, - {KEY_EXCHANGE_DATA, "KEY_EXCHANGE_DATA"}, - {NOTIFICATION_DATA, "NOTIFICATION_DATA"}, - {PROPOSALS, "PROPOSALS"}, - {TRANSFORMS, "TRANSFORMS"}, - {TRANSFORM_ATTRIBUTES, "TRANSFORM_ATTRIBUTES"}, - {ATTRIBUTE_FORMAT, "ATTRIBUTE_FORMAT"}, - {ATTRIBUTE_TYPE, "ATTRIBUTE_TYPE"}, - {ATTRIBUTE_LENGTH_OR_VALUE, "ATTRIBUTE_LENGTH_OR_VALUE"}, - {ATTRIBUTE_VALUE, "ATTRIBUTE_VALUE"}, - {NONCE_DATA, "NONCE_DATA"}, - {ID_DATA, "ID_DATA"}, - {AUTH_DATA, "AUTH_DATA"}, - {ENCRYPTED_DATA, "ENCRYPTED_DATA"}, - {TS_TYPE, "TS_TYPE"}, - {ADDRESS, "ADDRESS"}, - {TRAFFIC_SELECTORS, "TRAFFIC_SELECTORS"}, - {CERT_DATA, "CERT_DATA"}, - {CERTREQ_DATA, "CERTREQ_DATA"}, - {SPIS, "SPIS"}, - {VID_DATA, "VID_DATA"}, - {VID_DATA, "VID_DATA"}, - {CONFIGURATION_ATTRIBUTES, "CONFIGURATION_ATTRIBUTES"}, - {CONFIGURATION_ATTRIBUTE_LENGTH, "CONFIGURATION_ATTRIBUTE_LENGTH"}, - {CONFIGURATION_ATTRIBUTE_VALUE, "CONFIGURATION_ATTRIBUTE_VALUE"}, - {EAP_MESSAGE, "EAP_MESSAGE"}, - {UNKNOWN_DATA,"UNKNOWN_DATA"}, - {MAPPING_END, NULL} -}; +ENUM(encoding_type_names, U_INT_4, UNKNOWN_DATA, + "U_INT_4", + "U_INT_8", + "U_INT_16", + "U_INT_32", + "U_INT_64", + "IKE_SPI", + "RESERVED_BIT", + "RESERVED_BYTE", + "FLAG", + "PAYLOAD_LENGTH", + "HEADER_LENGTH", + "SPI_SIZE", + "SPI", + "KEY_EXCHANGE_DATA", + "NOTIFICATION_DATA", + "PROPOSALS", + "TRANSFORMS", + "TRANSFORM_ATTRIBUTES", + "ATTRIBUTE_FORMAT", + "ATTRIBUTE_TYPE", + "ATTRIBUTE_LENGTH_OR_VALUE", + "ATTRIBUTE_VALUE", + "NONCE_DATA", + "ID_DATA", + "AUTH_DATA", + "ENCRYPTED_DATA", + "TS_TYPE", + "ADDRESS", + "TRAFFIC_SELECTORS", + "CERT_DATA", + "CERTREQ_DATA", + "SPIS", + "VID_DATA", + "VID_DATA", + "CONFIGURATION_ATTRIBUTES", + "CONFIGURATION_ATTRIBUTE_LENGTH", + "CONFIGURATION_ATTRIBUTE_VALUE", + "EAP_MESSAGE", + "UNKNOWN_DATA", +); diff --git a/src/charon/encoding/payloads/encodings.h b/src/charon/encoding/payloads/encodings.h index bacfb48a9..24dc16fa7 100644 --- a/src/charon/encoding/payloads/encodings.h +++ b/src/charon/encoding/payloads/encodings.h @@ -499,11 +499,11 @@ enum encoding_type_t { }; /** - * mappings to map encoding_type_t's to strings + * enum name for encoding_type_t * * @ingroup payloads */ -extern mapping_t encoding_type_m[]; +extern enum_name_t *encoding_type_names; typedef struct encoding_rule_t encoding_rule_t; diff --git a/src/charon/encoding/payloads/encryption_payload.c b/src/charon/encoding/payloads/encryption_payload.c index caf34fbaa..d32e6c902 100644 --- a/src/charon/encoding/payloads/encryption_payload.c +++ b/src/charon/encoding/payloads/encryption_payload.c @@ -29,7 +29,6 @@ #include <daemon.h> #include <encoding/payloads/encodings.h> #include <utils/linked_list.h> -#include <utils/logger.h> #include <encoding/generator.h> #include <encoding/parser.h> #include <utils/iterator.h> @@ -37,8 +36,6 @@ #include <crypto/signers/signer.h> - - typedef struct private_encryption_payload_t private_encryption_payload_t; /** @@ -95,32 +92,6 @@ struct private_encryption_payload_t { * Contained payloads of this encrpytion_payload. */ linked_list_t *payloads; - - /** - * logger for this payload, uses MESSAGE context - */ - logger_t *logger; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_encryption_payload_t object - */ - void (*compute_length) (private_encryption_payload_t *this); - - /** - * @brief Generate payloads (unencrypted) in chunk decrypted. - * - * @param this calling private_encryption_payload_t object - */ - void (*generate) (private_encryption_payload_t *this); - - /** - * @brief Parse payloads from a (unencrypted) chunk. - * - * @param this calling private_encryption_payload_t object - */ - status_t (*parse) (private_encryption_payload_t *this); }; /** @@ -212,11 +183,45 @@ static void set_next_type(private_encryption_payload_t *this, payload_type_t typ } /** + * (re-)compute the lenght of the whole payload + */ +static void compute_length(private_encryption_payload_t *this) +{ + iterator_t *iterator; + size_t block_size, length = 0; + iterator = this->payloads->create_iterator(this->payloads, TRUE); + + /* count payload length */ + while (iterator->has_next(iterator)) + { + payload_t *current_payload; + iterator->current(iterator, (void **) ¤t_payload); + length += current_payload->get_length(current_payload); + } + iterator->destroy(iterator); + + if (this->crypter && this->signer) + { + /* append one byte for padding length */ + length++; + /* append padding */ + block_size = this->crypter->get_block_size(this->crypter); + length += block_size - length % block_size; + /* add iv */ + length += block_size; + /* add signature */ + length += this->signer->get_block_size(this->signer); + } + length += ENCRYPTION_PAYLOAD_HEADER_LENGTH; + this->payload_length = length; +} + +/** * Implementation of payload_t.get_length. */ static size_t get_length(private_encryption_payload_t *this) { - this->compute_length(this); + compute_length(this); return this->payload_length; } @@ -245,7 +250,7 @@ static void add_payload(private_encryption_payload_t *this, payload_t *payload) } payload->set_next_type(payload, NO_PAYLOAD); this->payloads->insert_last(this->payloads, (void*)payload); - this->compute_length(this); + compute_length(this); } /** @@ -264,6 +269,60 @@ static size_t get_payload_count(private_encryption_payload_t *this) return this->payloads->get_count(this->payloads); } +/** + * Generate payload before encryption. + */ +static void generate(private_encryption_payload_t *this) +{ + payload_t *current_payload, *next_payload; + generator_t *generator; + iterator_t *iterator; + + /* recalculate length before generating */ + compute_length(this); + + /* create iterator */ + iterator = this->payloads->create_iterator(this->payloads, TRUE); + + /* get first payload */ + if (iterator->has_next(iterator)) + { + iterator->current(iterator, (void**)¤t_payload); + this->next_payload = current_payload->get_type(current_payload); + } + else + { + /* no paylads? */ + DBG2(SIG_DBG_ENC, "generating contained payloads, but none available"); + free(this->decrypted.ptr); + this->decrypted = CHUNK_INITIALIZER; + iterator->destroy(iterator); + return; + } + + generator = generator_create(); + + /* build all payload, except last */ + while(iterator->has_next(iterator)) + { + iterator->current(iterator, (void**)&next_payload); + current_payload->set_next_type(current_payload, next_payload->get_type(next_payload)); + generator->generate_payload(generator, current_payload); + current_payload = next_payload; + } + iterator->destroy(iterator); + + /* build last payload */ + current_payload->set_next_type(current_payload, NO_PAYLOAD); + generator->generate_payload(generator, current_payload); + + /* free already generated data */ + free(this->decrypted.ptr); + + generator->write_to_chunk(generator, &(this->decrypted)); + generator->destroy(generator); + DBG2(SIG_DBG_ENC, "successfully generated content in encryption payload"); +} /** * Implementation of encryption_payload_t.encrypt. @@ -277,19 +336,18 @@ static status_t encrypt(private_encryption_payload_t *this) if (this->signer == NULL || this->crypter == NULL) { - this->logger->log(this->logger, ERROR, "could not encrypt, signer/crypter not set"); + DBG1(SIG_DBG_ENC, "could not encrypt, signer/crypter not set"); return INVALID_STATE; } /* for random data in iv and padding */ randomizer = randomizer_create(); - - + /* build payload chunk */ - this->generate(this); + generate(this); - this->logger->log(this->logger, CONTROL|LEVEL2, "encrypting payloads"); - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data to encrypt", this->decrypted); + DBG2(SIG_DBG_ENC, "encrypting payloads"); + DBG3(SIG_DBG_ENC, "data to encrypt %B", &this->decrypted); /* build padding */ block_size = this->crypter->get_block_size(this->crypter); @@ -320,8 +378,8 @@ static status_t encrypt(private_encryption_payload_t *this) return status; } - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data before encryption with padding", to_crypt); - + DBG3(SIG_DBG_ENC, "data before encryption with padding %B", &to_crypt); + /* encrypt to_crypt chunk */ free(this->encrypted.ptr); status = this->crypter->encrypt(this->crypter, to_crypt, iv, &result); @@ -329,12 +387,11 @@ static status_t encrypt(private_encryption_payload_t *this) free(to_crypt.ptr); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR|LEVEL1, "encryption failed"); + DBG2(SIG_DBG_ENC, "encryption failed"); free(iv.ptr); return status; } - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after encryption", result); - + DBG3(SIG_DBG_ENC, "data after encryption %B", &result); /* build encrypted result with iv and signature */ this->encrypted.len = iv.len + result.len + this->signer->get_block_size(this->signer); @@ -347,12 +404,58 @@ static status_t encrypt(private_encryption_payload_t *this) free(result.ptr); free(iv.ptr); - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after encryption with IV and (invalid) signature", this->encrypted); + DBG3(SIG_DBG_ENC, "data after encryption with IV and (invalid) signature %B", + &this->encrypted); return SUCCESS; } /** + * Parse the payloads after decryption. + */ +static status_t parse(private_encryption_payload_t *this) +{ + parser_t *parser; + status_t status; + payload_type_t current_payload_type; + + /* build a parser on the decrypted data */ + parser = parser_create(this->decrypted); + + current_payload_type = this->next_payload; + /* parse all payloads */ + while (current_payload_type != NO_PAYLOAD) + { + payload_t *current_payload; + + status = parser->parse_payload(parser, current_payload_type, (payload_t**)¤t_payload); + if (status != SUCCESS) + { + parser->destroy(parser); + return PARSE_ERROR; + } + + status = current_payload->verify(current_payload); + if (status != SUCCESS) + { + DBG1(SIG_DBG_ENC, "%N verification failed", + payload_type_names, current_payload->get_type(current_payload)); + current_payload->destroy(current_payload); + parser->destroy(parser); + return VERIFY_ERROR; + } + + /* get next payload type */ + current_payload_type = current_payload->get_next_type(current_payload); + + this->payloads->insert_last(this->payloads,current_payload); + } + parser->destroy(parser); + DBG2(SIG_DBG_ENC, "succesfully parsed content of encryption payload"); + return SUCCESS; +} + +/** * Implementation of encryption_payload_t.encrypt. */ static status_t decrypt(private_encryption_payload_t *this) @@ -361,14 +464,13 @@ static status_t decrypt(private_encryption_payload_t *this) u_int8_t padding_length; status_t status; - - this->logger->log(this->logger, CONTROL|LEVEL2, "decrypting encryption payload"); - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data before decryption with IV and (invalid) signature", this->encrypted); - + DBG2(SIG_DBG_ENC, "decrypting encryption payload"); + DBG3(SIG_DBG_ENC, "data before decryption with IV and (invalid) signature %B", + &this->encrypted); if (this->signer == NULL || this->crypter == NULL) { - this->logger->log(this->logger, ERROR, "could not decrypt, no crypter/signer set"); + DBG1(SIG_DBG_ENC, "could not decrypt, no crypter/signer set"); return INVALID_STATE; } @@ -386,22 +488,22 @@ static status_t decrypt(private_encryption_payload_t *this) */ if (concatenated.len < iv.len) { - this->logger->log(this->logger, ERROR, "could not decrypt, invalid input"); + DBG1(SIG_DBG_ENC, "could not decrypt, invalid input"); return FAILED; } /* free previus data, if any */ free(this->decrypted.ptr); - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data before decryption", concatenated); + DBG3(SIG_DBG_ENC, "data before decryption %B", &concatenated); status = this->crypter->decrypt(this->crypter, concatenated, iv, &(this->decrypted)); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "could not decrypt, decryption failed"); + DBG1(SIG_DBG_ENC, "could not decrypt, decryption failed"); return FAILED; } - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after decryption with padding", this->decrypted); + DBG3(SIG_DBG_ENC, "data after decryption with padding %B", &this->decrypted); /* get padding length, sits just bevore signature */ @@ -413,16 +515,16 @@ static status_t decrypt(private_encryption_payload_t *this) /* check size again */ if (padding_length > concatenated.len || this->decrypted.len < 0) { - this->logger->log(this->logger, ERROR, "decryption failed, invalid padding length found. Invalid key?"); + DBG1(SIG_DBG_ENC, "decryption failed, invalid padding length found. Invalid key?"); /* decryption failed :-/ */ return FAILED; } /* free padding */ this->decrypted.ptr = realloc(this->decrypted.ptr, this->decrypted.len); - this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after decryption without padding", this->decrypted); - this->logger->log(this->logger, CONTROL|LEVEL2, "decryption successful, trying to parse content"); - return (this->parse(this)); + DBG3(SIG_DBG_ENC, "data after decryption without padding %B", &this->decrypted); + DBG2(SIG_DBG_ENC, "decryption successful, trying to parse content"); + return parse(this); } /** @@ -444,14 +546,14 @@ static status_t build_signature(private_encryption_payload_t *this, chunk_t data if (this->signer == NULL) { - this->logger->log(this->logger, ERROR, "unable to build signature, no signer set"); + DBG1(SIG_DBG_ENC, "unable to build signature, no signer set"); return INVALID_STATE; } sig.len = this->signer->get_block_size(this->signer); data_without_sig.len -= sig.len; sig.ptr = data.ptr + data_without_sig.len; - this->logger->log(this->logger, CONTROL|LEVEL2, "building signature"); + DBG2(SIG_DBG_ENC, "building signature"); this->signer->get_signature(this->signer, data_without_sig, sig.ptr); return SUCCESS; } @@ -466,14 +568,14 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat if (this->signer == NULL) { - this->logger->log(this->logger, ERROR, "unable to verify signature, no signer set"); + DBG1(SIG_DBG_ENC, "unable to verify signature, no signer set"); return INVALID_STATE; } /* find signature in data chunk */ sig.len = this->signer->get_block_size(this->signer); if (data.len <= sig.len) { - this->logger->log(this->logger, ERROR|LEVEL1, "unable to verify signature, invalid input"); + DBG1(SIG_DBG_ENC, "unable to verify signature, invalid input"); return FAILED; } sig.ptr = data.ptr + data.len - sig.len; @@ -485,150 +587,15 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat if (!valid) { - this->logger->log(this->logger, ERROR|LEVEL1, "signature verification failed"); + DBG1(SIG_DBG_ENC, "signature verification failed"); return FAILED; } - this->logger->log(this->logger, CONTROL|LEVEL2, "signature verification successful"); - return SUCCESS; -} - -/** - * Implementation of private_encryption_payload_t.generate. - */ -static void generate(private_encryption_payload_t *this) -{ - payload_t *current_payload, *next_payload; - generator_t *generator; - iterator_t *iterator; - - /* recalculate length before generating */ - this->compute_length(this); - - /* create iterator */ - iterator = this->payloads->create_iterator(this->payloads, TRUE); - - /* get first payload */ - if (iterator->has_next(iterator)) - { - iterator->current(iterator, (void**)¤t_payload); - this->next_payload = current_payload->get_type(current_payload); - } - else - { - /* no paylads? */ - this->logger->log(this->logger, CONTROL|LEVEL1, "generating contained payloads, but no available"); - free(this->decrypted.ptr); - this->decrypted = CHUNK_INITIALIZER; - iterator->destroy(iterator); - return; - } - - generator = generator_create(); - - /* build all payload, except last */ - while(iterator->has_next(iterator)) - { - iterator->current(iterator, (void**)&next_payload); - current_payload->set_next_type(current_payload, next_payload->get_type(next_payload)); - generator->generate_payload(generator, current_payload); - current_payload = next_payload; - } - iterator->destroy(iterator); - - /* build last payload */ - current_payload->set_next_type(current_payload, NO_PAYLOAD); - generator->generate_payload(generator, current_payload); - - /* free already generated data */ - free(this->decrypted.ptr); - - generator->write_to_chunk(generator, &(this->decrypted)); - generator->destroy(generator); - this->logger->log(this->logger, CONTROL|LEVEL1, "successfully generated content in encrpytion payload"); -} - -/** - * Implementation of private_encryption_payload_t.parse. - */ -static status_t parse(private_encryption_payload_t *this) -{ - parser_t *parser; - status_t status; - payload_type_t current_payload_type; - - /* build a parser on the decrypted data */ - parser = parser_create(this->decrypted); - - current_payload_type = this->next_payload; - /* parse all payloads */ - while (current_payload_type != NO_PAYLOAD) - { - payload_t *current_payload; - - status = parser->parse_payload(parser, current_payload_type, (payload_t**)¤t_payload); - if (status != SUCCESS) - { - parser->destroy(parser); - return PARSE_ERROR; - } - - status = current_payload->verify(current_payload); - if (status != SUCCESS) - { - this->logger->log(this->logger, ERROR, "%s verification failed", - mapping_find(payload_type_m,current_payload->get_type(current_payload))); - current_payload->destroy(current_payload); - parser->destroy(parser); - return VERIFY_ERROR; - } - - /* get next payload type */ - current_payload_type = current_payload->get_next_type(current_payload); - - this->payloads->insert_last(this->payloads,current_payload); - } - parser->destroy(parser); - this->logger->log(this->logger, CONTROL|LEVEL1, "succesfully parsed content of encryption payload"); + DBG2(SIG_DBG_ENC, "signature verification successful"); return SUCCESS; } /** - * Implementation of private_encryption_payload_t.compute_length. - */ -static void compute_length(private_encryption_payload_t *this) -{ - iterator_t *iterator; - size_t block_size, length = 0; - iterator = this->payloads->create_iterator(this->payloads, TRUE); - - /* count payload length */ - while (iterator->has_next(iterator)) - { - payload_t *current_payload; - iterator->current(iterator, (void **) ¤t_payload); - length += current_payload->get_length(current_payload); - } - iterator->destroy(iterator); - - if (this->crypter && this->signer) - { - /* append one byte for padding length */ - length++; - /* append padding */ - block_size = this->crypter->get_block_size(this->crypter); - length += block_size - length % block_size; - /* add iv */ - length += block_size; - /* add signature */ - length += this->signer->get_block_size(this->signer); - } - length += ENCRYPTION_PAYLOAD_HEADER_LENGTH; - this->payload_length = length; -} - - -/** * Implementation of payload_t.destroy. */ static void destroy(private_encryption_payload_t *this) @@ -675,12 +642,6 @@ encryption_payload_t *encryption_payload_create() this->public.verify_signature = (status_t (*) (encryption_payload_t*, chunk_t)) verify_signature; this->public.destroy = (void (*) (encryption_payload_t *)) destroy; - /* private functions */ - this->compute_length = compute_length; - this->generate = generate; - this->parse = parse; - this->logger = logger_manager->get_logger(logger_manager, ENCRYPTION_PAYLOAD); - /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/ike_header.c b/src/charon/encoding/payloads/ike_header.c index 4e324397a..b1b4fbf87 100644 --- a/src/charon/encoding/payloads/ike_header.c +++ b/src/charon/encoding/payloads/ike_header.c @@ -100,19 +100,16 @@ struct private_ike_header_t { * Length of the whole IKEv2-Message (header and all payloads). */ u_int32_t length; -}; - -/** - * Mappings used to get strings for exchange_type_t. - */ -mapping_t exchange_type_m[] = { - {EXCHANGE_TYPE_UNDEFINED, "EXCHANGE_TYPE_UNDEFINED"}, - {IKE_SA_INIT, "IKE_SA_INIT"}, - {IKE_AUTH, "IKE_AUTH"}, - {CREATE_CHILD_SA, "CREATE_CHILD_SA"}, - {INFORMATIONAL, "INFORMATIONAL"} }; +ENUM_BEGIN(exchange_type_names, EXCHANGE_TYPE_UNDEFINED, EXCHANGE_TYPE_UNDEFINED, + "EXCHANGE_TYPE_UNDEFINED"); +ENUM_NEXT(exchange_type_names, IKE_SA_INIT, INFORMATIONAL, EXCHANGE_TYPE_UNDEFINED, + "IKE_SA_INIT", + "IKE_AUTH", + "CREATE_CHILD_SA", + "INFORMATIONAL"); +ENUM_END(exchange_type_names, INFORMATIONAL); /** * Encoding rules to parse or generate a IKEv2-Header. diff --git a/src/charon/encoding/payloads/ike_header.h b/src/charon/encoding/payloads/ike_header.h index e3b469e6e..7bb380d43 100644 --- a/src/charon/encoding/payloads/ike_header.h +++ b/src/charon/encoding/payloads/ike_header.h @@ -93,11 +93,11 @@ enum exchange_type_t{ }; /** - * string mappings for exchange_type_t + * enum name for exchange_type_t * * @ingroup payloads */ -extern mapping_t exchange_type_m[]; +extern enum_name_t *exchange_type_names; typedef struct ike_header_t ike_header_t; diff --git a/src/charon/encoding/payloads/ke_payload.c b/src/charon/encoding/payloads/ke_payload.c index e4fdc9a2e..fc875517c 100644 --- a/src/charon/encoding/payloads/ke_payload.c +++ b/src/charon/encoding/payloads/ke_payload.c @@ -64,13 +64,6 @@ struct private_ke_payload_t { * Key Exchange Data of this KE payload. */ chunk_t key_exchange_data; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_ke_payload_t object - */ - void (*compute_length) (private_ke_payload_t *this); }; /** @@ -172,18 +165,9 @@ static void set_next_type(private_ke_payload_t *this,payload_type_t type) } /** - * Implementation of payload_t.get_length. + * recompute the length of the payload. */ -static size_t get_length(private_ke_payload_t *this) -{ - this->compute_length(this); - return this->payload_length; -} - -/** - * Implementation of private_ke_payload_t.compute_length. - */ -static void compute_length (private_ke_payload_t *this) +static void compute_length(private_ke_payload_t *this) { size_t length = KE_PAYLOAD_HEADER_LENGTH; if (this->key_exchange_data.ptr != NULL) @@ -193,6 +177,14 @@ static void compute_length (private_ke_payload_t *this) this->payload_length = length; } +/** + * Implementation of payload_t.get_length. + */ +static size_t get_length(private_ke_payload_t *this) +{ + compute_length(this); + return this->payload_length; +} /** * Implementation of ke_payload_t.get_key_exchange_data. @@ -218,7 +210,7 @@ static void set_key_exchange_data(private_ke_payload_t *this, chunk_t key_exchan } this->key_exchange_data = chunk_clone(key_exchange_data); - this->compute_length(this); + compute_length(this); } /** @@ -260,9 +252,6 @@ ke_payload_t *ke_payload_create() this->public.set_dh_group_number =(void (*) (ke_payload_t *,diffie_hellman_group_t)) set_dh_group_number; this->public.destroy = (void (*) (ke_payload_t *)) destroy; - /* private functions */ - this->compute_length = compute_length; - /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -282,7 +271,7 @@ ke_payload_t *ke_payload_create_from_diffie_hellman(diffie_hellman_t *dh) dh->get_my_public_value(dh, &this->key_exchange_data); this->dh_group_number = dh->get_dh_group(dh); - this->compute_length(this); + compute_length(this); return &this->public; } diff --git a/src/charon/encoding/payloads/nonce_payload.c b/src/charon/encoding/payloads/nonce_payload.c index 036bb20b1..8e1fc505e 100644 --- a/src/charon/encoding/payloads/nonce_payload.c +++ b/src/charon/encoding/payloads/nonce_payload.c @@ -60,13 +60,6 @@ struct private_nonce_payload_t { * The contained nonce value. */ chunk_t nonce; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_nonce_payload_t object - */ - void (*compute_length) (private_nonce_payload_t *this); }; /** @@ -176,20 +169,20 @@ static void set_next_type(private_nonce_payload_t *this,payload_type_t type) } /** - * Implementation of payload_t.get_length. + * recompute the length of the payload. */ -static size_t get_length(private_nonce_payload_t *this) +static void compute_length(private_nonce_payload_t *this) { - this->compute_length(this); - return this->payload_length; + this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + this->nonce.len; } /** - * Implementation of private_id_payload_t.compute_length. + * Implementation of payload_t.get_length. */ -static void compute_length(private_nonce_payload_t *this) +static size_t get_length(private_nonce_payload_t *this) { - this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + this->nonce.len; + compute_length(this); + return this->payload_length; } /** @@ -226,9 +219,6 @@ nonce_payload_t *nonce_payload_create() this->public.set_nonce = (void (*) (nonce_payload_t *,chunk_t)) set_nonce; this->public.get_nonce = (chunk_t (*) (nonce_payload_t *)) get_nonce; - /* private functions */ - this->compute_length = compute_length; - /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/notify_payload.c b/src/charon/encoding/payloads/notify_payload.c index a147ae747..faea6028b 100644 --- a/src/charon/encoding/payloads/notify_payload.c +++ b/src/charon/encoding/payloads/notify_payload.c @@ -28,50 +28,54 @@ #include <daemon.h> #include <encoding/payloads/encodings.h> - -#define SHA1_HASH_SIZE 20 - -/** - * String mappings for notify_type_t. - */ -mapping_t notify_type_m[] = { - {UNSUPPORTED_CRITICAL_PAYLOAD, "UNSUPPORTED_CRITICAL_PAYLOAD"}, - {INVALID_IKE_SPI, "INVALID_IKE_SPI"}, - {INVALID_MAJOR_VERSION, "INVALID_MAJOR_VERSION"}, - {INVALID_SYNTAX, "INVALID_SYNTAX"}, - {INVALID_MESSAGE_ID, "INVALID_MESSAGE_ID"}, - {INVALID_SPI, "INVALID_SPI"}, - {NO_PROPOSAL_CHOSEN, "NO_PROPOSAL_CHOSEN"}, - {INVALID_KE_PAYLOAD, "INVALID_KE_PAYLOAD"}, - {AUTHENTICATION_FAILED, "AUTHENTICATION_FAILED"}, - {SINGLE_PAIR_REQUIRED, "SINGLE_PAIR_REQUIRED"}, - {NO_ADDITIONAL_SAS, "NO_ADDITIONAL_SAS"}, - {INTERNAL_ADDRESS_FAILURE, "INTERNAL_ADDRESS_FAILURE"}, - {FAILED_CP_REQUIRED, "FAILED_CP_REQUIRED"}, - {TS_UNACCEPTABLE, "TS_UNACCEPTABLE"}, - {INVALID_SELECTORS, "INVALID_SELECTORS"}, - {INITIAL_CONTACT, "INITIAL_CONTACT"}, - {SET_WINDOW_SIZE, "SET_WINDOW_SIZE"}, - {ADDITIONAL_TS_POSSIBLE, "ADDITIONAL_TS_POSSIBLE"}, - {IPCOMP_SUPPORTED, "IPCOMP_SUPPORTED"}, - {NAT_DETECTION_SOURCE_IP, "NAT_DETECTION_SOURCE_IP"}, - {NAT_DETECTION_DESTINATION_IP, "NAT_DETECTION_DESTINATION_IP"}, - {COOKIE, "COOKIE"}, - {USE_TRANSPORT_MODE, "USE_TRANSPORT_MODE"}, - {HTTP_CERT_LOOKUP_SUPPORTED, "HTTP_CERT_LOOKUP_SUPPORTED"}, - {REKEY_SA, "REKEY_SA"}, - {ESP_TFC_PADDING_NOT_SUPPORTED, "ESP_TFC_PADDING_NOT_SUPPORTED"}, - {NON_FIRST_FRAGMENTS_ALSO, "NON_FIRST_FRAGMENTS_ALSO"}, - {MOBIKE_SUPPORTED, "MOBIKE_SUPPORTED"}, - {ADDITIONAL_IP4_ADDRESS, "ADDITIONAL_IP4_ADDRESS"}, - {ADDITIONAL_IP6_ADDRESS, "ADDITIONAL_IP6_ADDRESS"}, - {NO_ADDITIONAL_ADDRESSES, "NO_ADDITIONAL_ADDRESSES"}, - {UPDATE_SA_ADDRESSES, "UPDATE_SA_ADDRESSES"}, - {COOKIE2, "COOKIE2"}, - {NO_NATS_ALLOWED, "NO_NATS_ALLOWED"}, - {AUTH_LIFETIME, "AUTH_LIFETIME"}, - {MAPPING_END, NULL} -}; +#include <crypto/hashers/hasher.h> + +ENUM_BEGIN(notify_type_names, UNSUPPORTED_CRITICAL_PAYLOAD, UNSUPPORTED_CRITICAL_PAYLOAD, + "UNSUPPORTED_CRITICAL_PAYLOAD"); +ENUM_NEXT(notify_type_names, INVALID_IKE_SPI, INVALID_MAJOR_VERSION, UNSUPPORTED_CRITICAL_PAYLOAD, + "INVALID_IKE_SPI", + "INVALID_MAJOR_VERSION"); +ENUM_NEXT(notify_type_names, INVALID_SYNTAX, INVALID_SYNTAX, INVALID_MAJOR_VERSION, + "INVALID_SYNTAX"); +ENUM_NEXT(notify_type_names, INVALID_MESSAGE_ID, INVALID_MESSAGE_ID, INVALID_SYNTAX, + "INVALID_MESSAGE_ID"); +ENUM_NEXT(notify_type_names, INVALID_SPI, INVALID_SPI, INVALID_MESSAGE_ID, + "INVALID_SPI"); +ENUM_NEXT(notify_type_names, NO_PROPOSAL_CHOSEN, NO_PROPOSAL_CHOSEN, INVALID_SPI, + "NO_PROPOSAL_CHOSEN"); +ENUM_NEXT(notify_type_names, INVALID_KE_PAYLOAD, INVALID_KE_PAYLOAD, NO_PROPOSAL_CHOSEN, + "INVALID_KE_PAYLOAD"); +ENUM_NEXT(notify_type_names, AUTHENTICATION_FAILED, AUTHENTICATION_FAILED, INVALID_KE_PAYLOAD, + "AUTHENTICATION_FAILED"); +ENUM_NEXT(notify_type_names, SINGLE_PAIR_REQUIRED, INVALID_SELECTORS, AUTHENTICATION_FAILED, + "SINGLE_PAIR_REQUIRED", + "NO_ADDITIONAL_SAS", + "INTERNAL_ADDRESS_FAILURE", + "FAILED_CP_REQUIRED", + "TS_UNACCEPTABLE", + "INVALID_SELECTORS"); +ENUM_NEXT(notify_type_names, INITIAL_CONTACT, AUTH_LIFETIME, INVALID_SELECTORS, + "INITIAL_CONTACT", + "SET_WINDOW_SIZE", + "ADDITIONAL_TS_POSSIBLE", + "IPCOMP_SUPPORTED", + "NAT_DETECTION_SOURCE_IP", + "NAT_DETECTION_DESTINATION_IP", + "COOKIE", + "USE_TRANSPORT_MODE", + "HTTP_CERT_LOOKUP_SUPPORTED", + "REKEY_SA", + "ESP_TFC_PADDING_NOT_SUPPORTED", + "NON_FIRST_FRAGMENTS_ALSO", + "MOBIKE_SUPPORTED", + "ADDITIONAL_IP4_ADDRESS", + "ADDITIONAL_IP6_ADDRESS", + "NO_ADDITIONAL_ADDRESSES", + "UPDATE_SA_ADDRESSES", + "COOKIE2", + "NO_NATS_ALLOWED", + "AUTH_LIFETIME"); +ENUM_END(notify_type_names, AUTH_LIFETIME); typedef struct private_notify_payload_t private_notify_payload_t; @@ -124,18 +128,6 @@ struct private_notify_payload_t { * Notification data. */ chunk_t notification_data; - - /** - * Assigned logger - */ - logger_t *logger; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_ke_payload_t object - */ - void (*compute_length) (private_notify_payload_t *this); }; /** @@ -204,13 +196,13 @@ static status_t verify(private_notify_payload_t *this) case PROTO_ESP: if (this->spi.len != 4) { - this->logger->log(this->logger, ERROR, "Invalid SPI size for %s", - mapping_find(protocol_id_m, this->protocol_id)); + DBG1(SIG_DBG_ENC, "Invalid SPI size for %N", + protocol_id_names, this->protocol_id); return FAILED; } break; default: - this->logger->log(this->logger, ERROR, "Unknown protocol (%d)", this->protocol_id); + DBG1(SIG_DBG_ENC, "Unknown protocol (%d)", this->protocol_id); return FAILED; } @@ -237,7 +229,7 @@ static status_t verify(private_notify_payload_t *this) case MODP_8192_BIT: break; default: - this->logger->log(this->logger, ERROR, "Bad DH group (%d)", dh_group); + DBG1(SIG_DBG_ENC, "Bad DH group (%d)", dh_group); return FAILED; } break; @@ -245,10 +237,10 @@ static status_t verify(private_notify_payload_t *this) case NAT_DETECTION_SOURCE_IP: case NAT_DETECTION_DESTINATION_IP: { - if (this->notification_data.len != SHA1_HASH_SIZE) + if (this->notification_data.len != HASH_SIZE_SHA1) { - this->logger->log(this->logger, ERROR, "invalid %s notify length", - mapping_find(notify_type_m, this->notify_type)); + DBG1(SIG_DBG_ENC, "invalid %N notify length", + notify_type_names, this->notify_type); return FAILED; } break; @@ -259,8 +251,8 @@ static status_t verify(private_notify_payload_t *this) { if (this->notification_data.len != 0) { - this->logger->log(this->logger, ERROR, "invalid %s notify", - mapping_find(notify_type_m, this->notify_type)); + DBG1(SIG_DBG_ENC, "invalid %N notify", + notify_type_names, this->notify_type); return FAILED; } break; @@ -306,16 +298,7 @@ static void set_next_type(private_notify_payload_t *this,payload_type_t type) } /** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_notify_payload_t *this) -{ - this->compute_length(this); - return this->payload_length; -} - -/** - * Implementation of private_notify_payload_t.compute_length. + * recompute the payloads length. */ static void compute_length (private_notify_payload_t *this) { @@ -332,6 +315,15 @@ static void compute_length (private_notify_payload_t *this) } /** + * Implementation of payload_t.get_length. + */ +static size_t get_length(private_notify_payload_t *this) +{ + compute_length(this); + return this->payload_length; +} + +/** * Implementation of notify_payload_t.get_protocol_id. */ static u_int8_t get_protocol_id(private_notify_payload_t *this) @@ -395,7 +387,7 @@ static void set_spi(private_notify_payload_t *this, u_int32_t spi) break; } this->spi_size = this->spi.len; - this->compute_length(this); + compute_length(this); } /** @@ -413,7 +405,7 @@ static status_t set_notification_data(private_notify_payload_t *this, chunk_t no { chunk_free(&this->notification_data); this->notification_data = chunk_clone(notification_data); - this->compute_length(this); + compute_length(this); return SUCCESS; } @@ -455,9 +447,6 @@ notify_payload_t *notify_payload_create() this->public.set_notification_data = (void (*) (notify_payload_t *,chunk_t)) set_notification_data; this->public.destroy = (void (*) (notify_payload_t *)) destroy; - /* private functions */ - this->compute_length = compute_length; - /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -469,8 +458,7 @@ notify_payload_t *notify_payload_create() this->spi_size = 0; this->notification_data.ptr = NULL; this->notification_data.len = 0; - this->logger = logger_manager->get_logger(logger_manager, PAYLOAD); - + return &this->public; } diff --git a/src/charon/encoding/payloads/notify_payload.h b/src/charon/encoding/payloads/notify_payload.h index d09b7439e..ec6536cdf 100644 --- a/src/charon/encoding/payloads/notify_payload.h +++ b/src/charon/encoding/payloads/notify_payload.h @@ -90,12 +90,12 @@ enum notify_type_t { AUTH_LIFETIME = 16403, }; -/** - * String mappings for notify_type_t. - * +/** + * enum name for notify_type_t. + * * @ingroup payloads */ -extern mapping_t notify_type_m[]; +extern enum_name_t *notify_type_names; typedef struct notify_payload_t notify_payload_t; diff --git a/src/charon/encoding/payloads/payload.c b/src/charon/encoding/payloads/payload.c index b6b8edbbb..3bd4cdb13 100644 --- a/src/charon/encoding/payloads/payload.c +++ b/src/charon/encoding/payloads/payload.c @@ -43,67 +43,65 @@ #include <encoding/payloads/eap_payload.h> #include <encoding/payloads/unknown_payload.h> -/* - * build the mappings for payload_type_t - */ -mapping_t payload_type_m[] = { - {NO_PAYLOAD, "NO_PAYLOAD"}, - {SECURITY_ASSOCIATION, "SECURITY_ASSOCIATION"}, - {KEY_EXCHANGE, "KEY_EXCHANGE"}, - {ID_INITIATOR, "ID_INITIATOR"}, - {ID_RESPONDER, "ID_RESPONDER"}, - {CERTIFICATE, "CERTIFICATE"}, - {CERTIFICATE_REQUEST, "CERTIFICATE_REQUEST"}, - {AUTHENTICATION, "AUTHENTICATION"}, - {NONCE, "NONCE"}, - {NOTIFY, "NOTIFY"}, - {DELETE, "DELETE"}, - {VENDOR_ID, "VENDOR_ID"}, - {TRAFFIC_SELECTOR_INITIATOR, "TRAFFIC_SELECTOR_INITIATOR"}, - {TRAFFIC_SELECTOR_RESPONDER, "TRAFFIC_SELECTOR_RESPONDER"}, - {ENCRYPTED, "ENCRYPTED"}, - {CONFIGURATION, "CONFIGURATION"}, - {EXTENSIBLE_AUTHENTICATION, "EXTENSIBLE_AUTHENTICATION"}, - {HEADER, "HEADER"}, - {PROPOSAL_SUBSTRUCTURE, "PROPOSAL_SUBSTRUCTURE"}, - {TRANSFORM_SUBSTRUCTURE, "TRANSFORM_SUBSTRUCTURE"}, - {TRANSFORM_ATTRIBUTE, "TRANSFORM_ATTRIBUTE"}, - {TRAFFIC_SELECTOR_SUBSTRUCTURE, "TRAFFIC_SELECTOR_SUBSTRUCTURE"}, - {CONFIGURATION_ATTRIBUTE,"CONFIGURATION_ATTRIBUTE"}, - {UNKNOWN_PAYLOAD,"UNKNOWN_PAYLOAD"}, - {MAPPING_END, NULL} -}; -/* - * build the short mappings for payload_type_t - */ -mapping_t payload_type_short_m[] = { - {NO_PAYLOAD, "--"}, - {SECURITY_ASSOCIATION, "SA"}, - {KEY_EXCHANGE, "KE"}, - {ID_INITIATOR, "IDi"}, - {ID_RESPONDER, "IDr"}, - {CERTIFICATE, "CERT"}, - {CERTIFICATE_REQUEST, "CERTREQ"}, - {AUTHENTICATION, "AUTH"}, - {NONCE, "No"}, - {NOTIFY, "N"}, - {DELETE, "D"}, - {VENDOR_ID, "V"}, - {TRAFFIC_SELECTOR_INITIATOR, "TSi"}, - {TRAFFIC_SELECTOR_RESPONDER, "TSr"}, - {ENCRYPTED, "E"}, - {CONFIGURATION, "CP"}, - {EXTENSIBLE_AUTHENTICATION, "EAP"}, - {HEADER, "HDR"}, - {PROPOSAL_SUBSTRUCTURE, "PROP"}, - {TRANSFORM_SUBSTRUCTURE, "TRANS"}, - {TRANSFORM_ATTRIBUTE, "TRANSATTR"}, - {TRAFFIC_SELECTOR_SUBSTRUCTURE, "TSSUB"}, - {CONFIGURATION_ATTRIBUTE, "CPATTR"}, - {UNKNOWN_PAYLOAD, "??"}, - {MAPPING_END, NULL} -}; +ENUM_BEGIN(payload_type_names, NO_PAYLOAD, NO_PAYLOAD, + "NO_PAYLOAD"); +ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, NO_PAYLOAD, + "SECURITY_ASSOCIATION", + "KEY_EXCHANGE", + "ID_INITIATOR", + "ID_RESPONDER", + "CERTIFICATE", + "CERTIFICATE_REQUEST", + "AUTHENTICATION", + "NONCE", + "NOTIFY", + "DELETE", + "VENDOR_ID", + "TRAFFIC_SELECTOR_INITIATOR", + "TRAFFIC_SELECTOR_RESPONDER", + "ENCRYPTED", + "CONFIGURATION", + "EXTENSIBLE_AUTHENTICATION"); +ENUM_NEXT(payload_type_names, HEADER, UNKNOWN_PAYLOAD, EXTENSIBLE_AUTHENTICATION, + "HEADER", + "PROPOSAL_SUBSTRUCTURE", + "TRANSFORM_SUBSTRUCTURE", + "TRANSFORM_ATTRIBUTE", + "TRAFFIC_SELECTOR_SUBSTRUCTURE", + "CONFIGURATION_ATTRIBUTE", + "UNKNOWN_PAYLOAD"); +ENUM_END(payload_type_names, UNKNOWN_PAYLOAD); + +/* short forms of payload names */ +ENUM_BEGIN(payload_type_short_names, NO_PAYLOAD, NO_PAYLOAD, + "--"); +ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, NO_PAYLOAD, + "SA", + "KE", + "IDi", + "IDr", + "CERT", + "CERTREQ", + "AUTH", + "No", + "N", + "D", + "V", + "TSi", + "TSr", + "E", + "CP", + "EAP"); +ENUM_NEXT(payload_type_short_names, HEADER, UNKNOWN_PAYLOAD, EXTENSIBLE_AUTHENTICATION, + "HDR", + "PROP", + "TRANS", + "TRANSATTR", + "TSSUB", + "CPATTR", + "??"); +ENUM_END(payload_type_short_names, UNKNOWN_PAYLOAD); /* * see header diff --git a/src/charon/encoding/payloads/payload.h b/src/charon/encoding/payloads/payload.h index d42739620..30f2cbfda 100644 --- a/src/charon/encoding/payloads/payload.h +++ b/src/charon/encoding/payloads/payload.h @@ -185,14 +185,14 @@ enum payload_type_t{ /** - * String mappings for payload_type_t. + * enum names for payload_type_t. */ -extern mapping_t payload_type_m[]; +extern enum_name_t *payload_type_names; /** - * Special string mappings for payload_type_t in a short form. + * enum names for payload_type_t in a short form. */ -extern mapping_t payload_type_short_m[]; +extern enum_name_t *payload_type_short_names; typedef struct payload_t payload_t; diff --git a/src/charon/encoding/payloads/proposal_substructure.c b/src/charon/encoding/payloads/proposal_substructure.c index 4d2eae0bc..58c1dd29b 100644 --- a/src/charon/encoding/payloads/proposal_substructure.c +++ b/src/charon/encoding/payloads/proposal_substructure.c @@ -29,7 +29,7 @@ #include <encoding/payloads/transform_substructure.h> #include <types.h> #include <utils/linked_list.h> -#include <utils/logger_manager.h> +#include <daemon.h> /** @@ -89,18 +89,6 @@ struct private_proposal_substructure_t { * Transforms are stored in a linked_list_t. */ linked_list_t * transforms; - - /** - * assigned logger - */ - logger_t *logger; - - /** - * @brief Computes the length of this substructure. - * - * @param this calling private_proposal_substructure_t object - */ - void (*compute_length) (private_proposal_substructure_t *this); }; /** @@ -158,13 +146,13 @@ static status_t verify(private_proposal_substructure_t *this) if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 2)) { /* must be 0 or 2 */ - this->logger->log(this->logger, ERROR, "inconsistent next payload"); + DBG1(SIG_DBG_ENC, "inconsistent next payload"); return FAILED; } if (this->transforms_count != this->transforms->get_count(this->transforms)) { /* must be the same! */ - this->logger->log(this->logger, ERROR, "transform count invalid"); + DBG1(SIG_DBG_ENC, "transform count invalid"); return FAILED; } @@ -174,29 +162,26 @@ static status_t verify(private_proposal_substructure_t *this) case PROTO_ESP: if (this->spi.len != 4) { - this->logger->log(this->logger, ERROR, - "invalid SPI length in %s proposal", - mapping_find(protocol_id_m, this->protocol_id)); + DBG1(SIG_DBG_ENC, "invalid SPI length in %N proposal", + protocol_id_names, this->protocol_id); return FAILED; } break; case PROTO_IKE: if (this->spi.len != 0 && this->spi.len != 8) { - this->logger->log(this->logger, ERROR, - "invalid SPI length in IKE proposal"); + DBG1(SIG_DBG_ENC, "invalid SPI length in IKE proposal"); return FAILED; } break; default: - this->logger->log(this->logger, ERROR, - "invalid proposal protocol (%d)", this->protocol_id); + DBG1(SIG_DBG_ENC, "invalid proposal protocol (%d)", this->protocol_id); return FAILED; } if ((this->protocol_id == 0) || (this->protocol_id >= 4)) { /* reserved are not supported */ - this->logger->log(this->logger, ERROR, "invalid protocol"); + DBG1(SIG_DBG_ENC, "invalid protocol"); return FAILED; } @@ -209,7 +194,7 @@ static status_t verify(private_proposal_substructure_t *this) status = current_transform->verify(current_transform); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "TRANSFORM_SUBSTRUCTURE verification failed"); + DBG1(SIG_DBG_ENC, "TRANSFORM_SUBSTRUCTURE verification failed"); break; } } @@ -252,11 +237,34 @@ static void set_next_type(private_proposal_substructure_t *this,payload_type_t t } /** + * (re-)compute the length of the payload. + */ +static void compute_length(private_proposal_substructure_t *this) +{ + iterator_t *iterator; + size_t transforms_count = 0; + size_t length = PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH; + iterator = this->transforms->create_iterator(this->transforms,TRUE); + while (iterator->has_next(iterator)) + { + payload_t * current_transform; + iterator->current(iterator,(void **) ¤t_transform); + length += current_transform->get_length(current_transform); + transforms_count++; + } + iterator->destroy(iterator); + + length += this->spi.len; + this->transforms_count = transforms_count; + this->proposal_length = length; +} + +/** * Implementation of payload_t.get_length. */ static size_t get_length(private_proposal_substructure_t *this) { - this->compute_length(this); + compute_length(this); return this->proposal_length; } @@ -285,7 +293,7 @@ static void add_transform_substructure (private_proposal_substructure_t *this,tr transform->set_is_last_transform(transform,TRUE); this->transforms->insert_last(this->transforms,(void *) transform); - this->compute_length(this); + compute_length(this); } /** @@ -339,13 +347,13 @@ static void set_spi(private_proposal_substructure_t *this, chunk_t spi) free(this->spi.ptr); this->spi.ptr = NULL; this->spi.len = 0; - this->compute_length(this); + compute_length(this); } this->spi.ptr = clalloc(spi.ptr,spi.len); this->spi.len = spi.len; this->spi_size = spi.len; - this->compute_length(this); + compute_length(this); } /** @@ -361,29 +369,6 @@ static chunk_t get_spi(private_proposal_substructure_t *this) } /** - * Implementation of private_proposal_substructure_t.compute_length. - */ -static void compute_length(private_proposal_substructure_t *this) -{ - iterator_t *iterator; - size_t transforms_count = 0; - size_t length = PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH; - iterator = this->transforms->create_iterator(this->transforms,TRUE); - while (iterator->has_next(iterator)) - { - payload_t * current_transform; - iterator->current(iterator,(void **) ¤t_transform); - length += current_transform->get_length(current_transform); - transforms_count++; - } - iterator->destroy(iterator); - - length += this->spi.len; - this->transforms_count = transforms_count; - this->proposal_length = length; -} - -/** * Implementation of proposal_substructure_t.get_transform_count. */ static size_t get_transform_count (private_proposal_substructure_t *this) @@ -544,9 +529,6 @@ proposal_substructure_t *proposal_substructure_create() this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone_; this->public.destroy = (void (*) (proposal_substructure_t *)) destroy; - /* private functions */ - this->compute_length = compute_length; - /* set default values of the fields */ this->next_payload = NO_PAYLOAD; this->proposal_length = 0; @@ -556,7 +538,6 @@ proposal_substructure_t *proposal_substructure_create() this->spi_size = 0; this->spi.ptr = NULL; this->spi.len = 0; - this->logger = logger_manager->get_logger(logger_manager, PAYLOAD); this->transforms = linked_list_create(); diff --git a/src/charon/encoding/payloads/sa_payload.c b/src/charon/encoding/payloads/sa_payload.c index 32b6b6a7e..e03770d1e 100644 --- a/src/charon/encoding/payloads/sa_payload.c +++ b/src/charon/encoding/payloads/sa_payload.c @@ -27,7 +27,7 @@ #include <encoding/payloads/encodings.h> #include <utils/linked_list.h> -#include <utils/logger_manager.h> +#include <daemon.h> typedef struct private_sa_payload_t private_sa_payload_t; @@ -61,18 +61,6 @@ struct private_sa_payload_t { * Proposals in this payload are stored in a linked_list_t. */ linked_list_t * proposals; - - /** - * Logger for error handling - */ - logger_t *logger; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_sa_payload_t object - */ - void (*compute_length) (private_sa_payload_t *this); }; /** @@ -136,15 +124,15 @@ static status_t verify(private_sa_payload_t *this) { if (first) { - this->logger->log(this->logger, ERROR, "first proposal is not proposal #1"); + DBG1(SIG_DBG_ENC, "first proposal is not proposal #1"); status = FAILED; break; } if (current_number != (expected_number + 1)) { - this->logger->log(this->logger, ERROR, "proposal number is %d, excepted %d or %d", - current_number, expected_number, expected_number + 1); + DBG1(SIG_DBG_ENC, "proposal number is %d, excepted %d or %d", + current_number, expected_number, expected_number + 1); status = FAILED; break; } @@ -152,7 +140,7 @@ static status_t verify(private_sa_payload_t *this) else if (current_number < expected_number) { /* must not be smaller then proceeding one */ - this->logger->log(this->logger, ERROR, "proposal number smaller than that of previous proposal"); + DBG1(SIG_DBG_ENC, "proposal number smaller than that of previous proposal"); status = FAILED; break; } @@ -160,7 +148,7 @@ static status_t verify(private_sa_payload_t *this) status = current_proposal->payload_interface.verify(&(current_proposal->payload_interface)); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "PROPOSAL_SUBSTRUCTURE verification failed"); + DBG1(SIG_DBG_ENC, "PROPOSAL_SUBSTRUCTURE verification failed"); break; } first = FALSE; @@ -225,11 +213,30 @@ static void set_next_type(private_sa_payload_t *this,payload_type_t type) } /** + * recompute length of the payload. + */ +static void compute_length (private_sa_payload_t *this) +{ + iterator_t *iterator; + size_t length = SA_PAYLOAD_HEADER_LENGTH; + iterator = this->proposals->create_iterator(this->proposals,TRUE); + while (iterator->has_next(iterator)) + { + payload_t *current_proposal; + iterator->current(iterator,(void **) ¤t_proposal); + length += current_proposal->get_length(current_proposal); + } + iterator->destroy(iterator); + + this->payload_length = length; +} + +/** * Implementation of payload_t.get_length. */ static size_t get_length(private_sa_payload_t *this) { - this->compute_length(this); + compute_length(this); return this->payload_length; } @@ -259,7 +266,7 @@ static void add_proposal_substructure(private_sa_payload_t *this,proposal_substr proposal->set_is_last_proposal(proposal, TRUE); proposal->set_proposal_number(proposal, proposal_count + 1); this->proposals->insert_last(this->proposals,(void *) proposal); - this->compute_length(this); + compute_length(this); } /** @@ -321,25 +328,6 @@ static linked_list_t *get_proposals(private_sa_payload_t *this) return proposal_list; } -/** - * Implementation of private_sa_payload_t.compute_length. - */ -static void compute_length (private_sa_payload_t *this) -{ - iterator_t *iterator; - size_t length = SA_PAYLOAD_HEADER_LENGTH; - iterator = this->proposals->create_iterator(this->proposals,TRUE); - while (iterator->has_next(iterator)) - { - payload_t *current_proposal; - iterator->current(iterator,(void **) ¤t_proposal); - length += current_proposal->get_length(current_proposal); - } - iterator->destroy(iterator); - - this->payload_length = length; -} - /* * Described in header. */ @@ -363,15 +351,10 @@ sa_payload_t *sa_payload_create() this->public.get_proposals = (linked_list_t* (*) (sa_payload_t *)) get_proposals; this->public.destroy = (void (*) (sa_payload_t *)) destroy; - /* private functions */ - this->compute_length = compute_length; - /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = SA_PAYLOAD_HEADER_LENGTH; - this->logger = logger_manager->get_logger(logger_manager, PARSER); - this->proposals = linked_list_create(); return &this->public; } diff --git a/src/charon/encoding/payloads/traffic_selector_substructure.c b/src/charon/encoding/payloads/traffic_selector_substructure.c index 6ca600e63..4a1404244 100644 --- a/src/charon/encoding/payloads/traffic_selector_substructure.c +++ b/src/charon/encoding/payloads/traffic_selector_substructure.c @@ -26,15 +26,6 @@ #include <encoding/payloads/encodings.h> #include <utils/linked_list.h> -/** - * String mappings for ts_type_t. - */ -mapping_t ts_type_m[] = { - {TS_IPV4_ADDR_RANGE, "TS_IPV4_ADDR_RANGE"}, - {TS_IPV6_ADDR_RANGE, "TS_IPV6_ADDR_RANGE"}, - {MAPPING_END, NULL} -}; - typedef struct private_traffic_selector_substructure_t private_traffic_selector_substructure_t; diff --git a/src/charon/encoding/payloads/transform_attribute.c b/src/charon/encoding/payloads/transform_attribute.c index 6575bd2b7..eddad000a 100644 --- a/src/charon/encoding/payloads/transform_attribute.c +++ b/src/charon/encoding/payloads/transform_attribute.c @@ -65,14 +65,12 @@ struct private_transform_attribute_t { chunk_t attribute_value; }; -/** - * String mappings for transform_attribute_type_t. - */ -mapping_t transform_attribute_type_m[] = { - {ATTRIBUTE_UNDEFINED, "ATTRIBUTE_UNDEFINED"}, - {KEY_LENGTH, "KEY_LENGTH"}, - {MAPPING_END, NULL} -}; + +ENUM_BEGIN(transform_attribute_type_name, ATTRIBUTE_UNDEFINED, ATTRIBUTE_UNDEFINED, + "ATTRIBUTE_UNDEFINED"); +ENUM_NEXT(transform_attribute_type_name, KEY_LENGTH, KEY_LENGTH, ATTRIBUTE_UNDEFINED, + "KEY_LENGTH"); +ENUM_END(transform_attribute_type_name, KEY_LENGTH); /** * Encoding rules to parse or generate a Transform attribute. diff --git a/src/charon/encoding/payloads/transform_attribute.h b/src/charon/encoding/payloads/transform_attribute.h index 57d79e729..ffc06503c 100644 --- a/src/charon/encoding/payloads/transform_attribute.h +++ b/src/charon/encoding/payloads/transform_attribute.h @@ -41,11 +41,11 @@ enum transform_attribute_type_t { }; /** - * String mappings for transform_attribute_type_t. + * enum name for transform_attribute_type_t. * * @ingroup payloads */ -extern mapping_t transform_attribute_type_m[]; +extern enum_name_t *transform_attribute_type_names; typedef struct transform_attribute_t transform_attribute_t; diff --git a/src/charon/encoding/payloads/transform_substructure.c b/src/charon/encoding/payloads/transform_substructure.c index e24191814..59e335a74 100644 --- a/src/charon/encoding/payloads/transform_substructure.c +++ b/src/charon/encoding/payloads/transform_substructure.c @@ -29,7 +29,7 @@ #include <encoding/payloads/encodings.h> #include <types.h> #include <utils/linked_list.h> -#include <utils/logger_manager.h> +#include <daemon.h> typedef struct private_transform_substructure_t private_transform_substructure_t; @@ -70,18 +70,6 @@ struct private_transform_substructure_t { * Transforms Attributes are stored in a linked_list_t. */ linked_list_t *attributes; - - /** - * assigned logger - */ - logger_t *logger; - - /** - * @brief Computes the length of this substructure. - * - * @param this calling private_transform_substructure_t object - */ - void (*compute_length) (private_transform_substructure_t *this); }; @@ -136,7 +124,7 @@ static status_t verify(private_transform_substructure_t *this) if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 3)) { /* must be 0 or 3 */ - this->logger->log(this->logger, ERROR, "inconsistent next payload"); + DBG1(SIG_DBG_ENC, "inconsistent next payload"); return FAILED; } @@ -152,8 +140,7 @@ static status_t verify(private_transform_substructure_t *this) break; default: { - this->logger->log(this->logger, ERROR, "invalid transform type: %d", - this->transform_type); + DBG1(SIG_DBG_ENC, "invalid transform type: %d", this->transform_type); return FAILED; } } @@ -167,8 +154,7 @@ static status_t verify(private_transform_substructure_t *this) status = current_attributes->verify(current_attributes); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, - "TRANSFORM_ATTRIBUTE verification failed"); + DBG1(SIG_DBG_ENC, "TRANSFORM_ATTRIBUTE verification failed"); } } iterator->destroy(iterator); @@ -203,12 +189,30 @@ static payload_type_t get_next_type(private_transform_substructure_t *this) } /** + * recompute the length of the payload. + */ +static void compute_length (private_transform_substructure_t *this) +{ + iterator_t *iterator; + size_t length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; + iterator = this->attributes->create_iterator(this->attributes,TRUE); + while (iterator->has_next(iterator)) + { + payload_t * current_attribute; + iterator->current(iterator,(void **) ¤t_attribute); + length += current_attribute->get_length(current_attribute); + } + iterator->destroy(iterator); + + this->transform_length = length; +} + +/** * Implementation of payload_t.get_length. */ static size_t get_length(private_transform_substructure_t *this) { - this->compute_length(this); - + compute_length(this); return this->transform_length; } @@ -226,7 +230,7 @@ static iterator_t *create_transform_attribute_iterator (private_transform_substr static void add_transform_attribute (private_transform_substructure_t *this,transform_attribute_t *attribute) { this->attributes->insert_last(this->attributes,(void *) attribute); - this->compute_length(this); + compute_length(this); } /** @@ -285,25 +289,6 @@ static u_int16_t get_transform_id (private_transform_substructure_t *this) } /** - * Implementation of private_transform_substructure_t.compute_length. - */ -static void compute_length (private_transform_substructure_t *this) -{ - iterator_t *iterator; - size_t length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; - iterator = this->attributes->create_iterator(this->attributes,TRUE); - while (iterator->has_next(iterator)) - { - payload_t * current_attribute; - iterator->current(iterator,(void **) ¤t_attribute); - length += current_attribute->get_length(current_attribute); - } - iterator->destroy(iterator); - - this->transform_length = length; -} - -/** * Implementation of transform_substructure_t.clone. */ static transform_substructure_t *clone_(private_transform_substructure_t *this) @@ -410,16 +395,12 @@ transform_substructure_t *transform_substructure_create() this->public.clone = (transform_substructure_t* (*) (transform_substructure_t *)) clone_; this->public.destroy = (void (*) (transform_substructure_t *)) destroy; - /* private functions */ - this->compute_length = compute_length; - /* set default values of the fields */ this->next_payload = NO_PAYLOAD; this->transform_length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; this->transform_id = 0; this->transform_type = 0; this->attributes = linked_list_create(); - this->logger = logger_manager->get_logger(logger_manager, PAYLOAD); return (&(this->public)); } diff --git a/src/charon/encoding/payloads/ts_payload.c b/src/charon/encoding/payloads/ts_payload.c index c026f7e6d..7cd08eeed 100644 --- a/src/charon/encoding/payloads/ts_payload.c +++ b/src/charon/encoding/payloads/ts_payload.c @@ -69,13 +69,6 @@ struct private_ts_payload_t { * Contains the traffic selectors of type traffic_selector_substructure_t. */ linked_list_t *traffic_selectors; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_ts_payload_t object - */ - void (*compute_length) (private_ts_payload_t *this); }; /** @@ -196,11 +189,34 @@ static void set_next_type(private_ts_payload_t *this,payload_type_t type) } /** + * recompute the length of the payload. + */ +static void compute_length (private_ts_payload_t *this) +{ + iterator_t *iterator; + size_t ts_count = 0; + size_t length = TS_PAYLOAD_HEADER_LENGTH; + iterator = this->traffic_selectors->create_iterator(this->traffic_selectors,TRUE); + while (iterator->has_next(iterator)) + { + payload_t * current_traffic_selector; + iterator->current(iterator,(void **) ¤t_traffic_selector); + length += current_traffic_selector->get_length(current_traffic_selector); + ts_count++; + } + iterator->destroy(iterator); + + this->number_of_traffic_selectors= ts_count; + this->payload_length = length; + +} + +/** * Implementation of payload_t.get_length. */ static size_t get_length(private_ts_payload_t *this) { - this->compute_length(this); + compute_length(this); return this->payload_length; } @@ -260,30 +276,6 @@ static linked_list_t *get_traffic_selectors(private_ts_payload_t *this) } /** - * Implementation of private_ts_payload_t.compute_length. - */ -static void compute_length (private_ts_payload_t *this) -{ - iterator_t *iterator; - size_t ts_count = 0; - size_t length = TS_PAYLOAD_HEADER_LENGTH; - iterator = this->traffic_selectors->create_iterator(this->traffic_selectors,TRUE); - while (iterator->has_next(iterator)) - { - payload_t * current_traffic_selector; - iterator->current(iterator,(void **) ¤t_traffic_selector); - length += current_traffic_selector->get_length(current_traffic_selector); - ts_count++; - } - iterator->destroy(iterator); - - this->number_of_traffic_selectors= ts_count; - this->payload_length = length; - -} - - -/** * Implementation of payload_t.destroy and ts_payload_t.destroy. */ static void destroy(private_ts_payload_t *this) @@ -326,9 +318,6 @@ ts_payload_t *ts_payload_create(bool is_initiator) this->public.create_traffic_selector_substructure_iterator = (iterator_t* (*) (ts_payload_t *,bool)) create_traffic_selector_substructure_iterator; this->public.get_traffic_selectors = (linked_list_t *(*) (ts_payload_t *)) get_traffic_selectors; - /* private functions */ - this->compute_length = compute_length; - /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; |