diff options
Diffstat (limited to 'src/charon/sa')
| -rw-r--r-- | src/charon/sa/connect_manager.c | 144 | ||||
| -rw-r--r-- | src/charon/sa/connect_manager.h | 8 | ||||
| -rw-r--r-- | src/charon/sa/ike_sa.c | 58 | ||||
| -rw-r--r-- | src/charon/sa/ike_sa.h | 22 | ||||
| -rw-r--r-- | src/charon/sa/task_manager.c | 32 | ||||
| -rw-r--r-- | src/charon/sa/tasks/ike_auth.c | 4 | ||||
| -rw-r--r-- | src/charon/sa/tasks/ike_me.c (renamed from src/charon/sa/tasks/ike_p2p.c) | 232 | ||||
| -rw-r--r-- | src/charon/sa/tasks/ike_me.h (renamed from src/charon/sa/tasks/ike_p2p.h) | 50 | ||||
| -rw-r--r-- | src/charon/sa/tasks/ike_natd.c | 8 | ||||
| -rw-r--r-- | src/charon/sa/tasks/task.c | 6 | ||||
| -rw-r--r-- | src/charon/sa/tasks/task.h | 8 |
11 files changed, 286 insertions, 286 deletions
diff --git a/src/charon/sa/connect_manager.c b/src/charon/sa/connect_manager.c index fa5be96ec..c0f49713e 100644 --- a/src/charon/sa/connect_manager.c +++ b/src/charon/sa/connect_manager.c @@ -29,13 +29,13 @@ #include <encoding/payloads/endpoint_notify.h> /* base timeout - * the sending interval is P2P_INTERVAL * active checklists (N) - * retransmission timeout is P2P_INTERVAL * N * checks in waiting state (NW) */ -#define P2P_INTERVAL 20 /* ms */ -/* min retransmission timeout (RTO is P2P_INTERVAL * N * checks in waiting state) */ -#define P2P_RTO_MIN 100 /* ms */ + * the sending interval is ME_INTERVAL * active checklists (N) + * retransmission timeout is ME_INTERVAL * N * checks in waiting state (NW) */ +#define ME_INTERVAL 20 /* ms */ +/* min retransmission timeout (RTO is ME_INTERVAL * N * checks in waiting state) */ +#define ME_RTO_MIN 100 /* ms */ /* max number of retransmissions (+ the initial check) */ -#define P2P_MAX_RETRANS 2 +#define ME_MAX_RETRANS 2 typedef struct private_connect_manager_t private_connect_manager_t; @@ -65,7 +65,7 @@ struct private_connect_manager_t { linked_list_t *initiated; /** - * Linked list with checklists (hash table with session ID as key would be better). + * Linked list with checklists (hash table with connect ID as key would be better). */ linked_list_t *checklists; }; @@ -175,8 +175,8 @@ struct check_list_t { linked_list_t *endpoints; } responder; - /** session id */ - chunk_t session_id; + /** connect id */ + chunk_t connect_id; /** list of endpoint pairs */ linked_list_t *pairs; @@ -200,7 +200,7 @@ static void check_list_destroy(check_list_t *this) DESTROY_IF(this->initiator.id); DESTROY_IF(this->responder.id); - chunk_free(&this->session_id); + chunk_free(&this->connect_id); chunk_free(&this->initiator.key); chunk_free(&this->responder.key); @@ -218,12 +218,12 @@ static void check_list_destroy(check_list_t *this) * Creates a new checklist */ static check_list_t *check_list_create(identification_t *initiator, identification_t *responder, - chunk_t session_id, chunk_t initiator_key, linked_list_t *initiator_endpoints, + chunk_t connect_id, chunk_t initiator_key, linked_list_t *initiator_endpoints, bool is_initiator) { check_list_t *this = malloc_thing(check_list_t); - this->session_id = chunk_clone(session_id); + this->connect_id = chunk_clone(connect_id); this->initiator.id = initiator->clone(initiator); this->initiator.key = chunk_clone(initiator_key); @@ -335,8 +335,8 @@ struct check_t { /** destination of the connectivity check */ host_t *dst; - /** session id */ - chunk_t session_id; + /** connect id */ + chunk_t connect_id; /** endpoint */ endpoint_notify_t *endpoint; @@ -353,7 +353,7 @@ struct check_t { */ static void check_destroy(check_t *this) { - chunk_free(&this->session_id); + chunk_free(&this->connect_id); chunk_free(&this->endpoint_raw); chunk_free(&this->cookie); DESTROY_IF(this->endpoint); @@ -367,7 +367,7 @@ static check_t *check_create() { check_t *this = malloc_thing(check_t); - this->session_id = chunk_empty; + this->connect_id = chunk_empty; this->cookie = chunk_empty; this->endpoint_raw = chunk_empty; this->endpoint = NULL; @@ -386,8 +386,8 @@ struct sender_data_t { /** connect manager */ private_connect_manager_t *connect_manager; - /** session id */ - chunk_t session_id; + /** connect id */ + chunk_t connect_id; }; /** @@ -395,18 +395,18 @@ struct sender_data_t { */ static void sender_data_destroy(sender_data_t *this) { - chunk_free(&this->session_id); + chunk_free(&this->connect_id); free(this); } /** * Creates a new sender data object */ -static sender_data_t *sender_data_create(private_connect_manager_t *connect_manager, chunk_t session_id) +static sender_data_t *sender_data_create(private_connect_manager_t *connect_manager, chunk_t connect_id) { sender_data_t *this = malloc_thing(sender_data_t); this->connect_manager = connect_manager; - this->session_id = session_id; + this->connect_id = connect_id; return this; } @@ -419,8 +419,8 @@ struct retransmit_data_t { /** connect manager */ private_connect_manager_t *connect_manager; - /** session id */ - chunk_t session_id; + /** connect id */ + chunk_t connect_id; /** message (pair) id */ u_int32_t mid; @@ -431,7 +431,7 @@ struct retransmit_data_t { */ static void retransmit_data_destroy(retransmit_data_t *this) { - chunk_free(&this->session_id); + chunk_free(&this->connect_id); free(this); } @@ -439,12 +439,12 @@ static void retransmit_data_destroy(retransmit_data_t *this) * Creates a new retransmission data object */ static retransmit_data_t *retransmit_data_create(private_connect_manager_t *connect_manager, - chunk_t session_id, u_int32_t mid) + chunk_t connect_id, u_int32_t mid) { retransmit_data_t *this = malloc_thing(retransmit_data_t); this->connect_manager = connect_manager; - this->session_id = session_id; + this->connect_id = connect_id; this->mid = mid; return this; @@ -539,19 +539,19 @@ static status_t get_waiting_sa(initiated_t *initiated, ike_sa_id_t *ike_sa_id, w } /** - * Find the checklist with a specific session ID + * Find the checklist with a specific connect ID */ -static bool match_checklist_by_id(check_list_t *current, chunk_t *session_id) +static bool match_checklist_by_id(check_list_t *current, chunk_t *connect_id) { - return chunk_equals(*session_id, current->session_id); + return chunk_equals(*connect_id, current->connect_id); } static status_t get_checklist_by_id(private_connect_manager_t *this, - chunk_t session_id, check_list_t **check_list) + chunk_t connect_id, check_list_t **check_list) { return this->checklists->find_first(this->checklists, (linked_list_match_t)match_checklist_by_id, - (void**)check_list, &session_id); + (void**)check_list, &connect_id); } /** @@ -833,34 +833,34 @@ static status_t process_payloads(message_t *message, check_t *check) switch (notify->get_notify_type(notify)) { - case P2P_ENDPOINT: + case ME_ENDPOINT: { if (check->endpoint) { - DBG1(DBG_IKE, "connectivity check contains multiple P2P_ENDPOINT notifies"); + DBG1(DBG_IKE, "connectivity check contains multiple ME_ENDPOINT notifies"); break; } endpoint_notify_t *endpoint = endpoint_notify_create_from_payload(notify); if (!endpoint) { - DBG1(DBG_IKE, "received invalid P2P_ENDPOINT notify"); + DBG1(DBG_IKE, "received invalid ME_ENDPOINT notify"); break; } check->endpoint = endpoint; check->endpoint_raw = chunk_clone(notify->get_notification_data(notify)); - DBG2(DBG_IKE, "received P2P_ENDPOINT notify"); + DBG2(DBG_IKE, "received ME_ENDPOINT notify"); break; } - case P2P_SESSIONID: + case ME_CONNECTID: { - if (check->session_id.ptr) + if (check->connect_id.ptr) { - DBG1(DBG_IKE, "connectivity check contains multiple P2P_SESSIONID notifies"); + DBG1(DBG_IKE, "connectivity check contains multiple ME_CONNECTID notifies"); break; } - check->session_id = chunk_clone(notify->get_notification_data(notify)); - DBG2(DBG_IKE, "received P2P_SESSIONID %#B", &check->session_id); + check->connect_id = chunk_clone(notify->get_notification_data(notify)); + DBG2(DBG_IKE, "received ME_CONNECTID %#B", &check->connect_id); break; } case COOKIE: @@ -880,7 +880,7 @@ static status_t process_payloads(message_t *message, check_t *check) } iterator->destroy(iterator); - if (!check->session_id.ptr || !check->endpoint || !check->cookie.ptr) + if (!check->connect_id.ptr || !check->endpoint || !check->cookie.ptr) { DBG1(DBG_IKE, "at least one payload was missing from the connectivity check"); return FAILED; @@ -903,8 +903,8 @@ static chunk_t build_signature(private_connect_manager_t *this, key_chunk = (checklist->is_initiator && outbound) || (!checklist->is_initiator && !outbound) ? checklist->initiator.key : checklist->responder.key; - /* signature = SHA1( MID | P2P_SESSIONID | P2P_ENDPOINT | P2P_SESSIONKEY ) */ - sig_chunk = chunk_cat("cccc", mid_chunk, check->session_id, check->endpoint_raw, key_chunk); + /* signature = SHA1( MID | ME_CONNECTID | ME_ENDPOINT | ME_CONNECTKEY ) */ + sig_chunk = chunk_cat("cccc", mid_chunk, check->connect_id, check->endpoint_raw, key_chunk); this->hasher->allocate_hash(this->hasher, sig_chunk, &sig_hash); DBG3(DBG_IKE, "sig_chunk %B", &sig_chunk); DBG3(DBG_IKE, "sig_hash %B", &sig_hash); @@ -913,7 +913,7 @@ static chunk_t build_signature(private_connect_manager_t *this, return sig_hash; } -static void queue_retransmission(private_connect_manager_t *this, chunk_t session_id, u_int32_t mid); +static void queue_retransmission(private_connect_manager_t *this, chunk_t connect_id, u_int32_t mid); static void schedule_checks(private_connect_manager_t *this, check_list_t *checklist, u_int32_t time); static void finish_checks(private_connect_manager_t *this, check_list_t *checklist); @@ -927,10 +927,10 @@ static job_requeue_t retransmit(retransmit_data_t *data) pthread_mutex_lock(&(this->mutex)); check_list_t *checklist; - if (get_checklist_by_id(this, data->session_id, &checklist) != SUCCESS) + if (get_checklist_by_id(this, data->connect_id, &checklist) != SUCCESS) { DBG1(DBG_IKE, "checklist with id '%B' not found, can't retransmit connectivity check", - &data->session_id); + &data->connect_id); pthread_mutex_unlock(&(this->mutex)); return JOB_REQUEUE_NONE; } @@ -950,7 +950,7 @@ static job_requeue_t retransmit(retransmit_data_t *data) goto retransmit_end; } - if (++pair->retransmitted >= P2P_MAX_RETRANS) + if (++pair->retransmitted >= ME_MAX_RETRANS) { DBG2(DBG_IKE, "pair with id '%d' failed after %d tries", data->mid, pair->retransmitted); @@ -960,7 +960,7 @@ static job_requeue_t retransmit(retransmit_data_t *data) charon->sender->send(charon->sender, pair->packet->clone(pair->packet)); - queue_retransmission(this, checklist->session_id, pair->id); + queue_retransmission(this, checklist->connect_id, pair->id); retransmit_end: update_checklist_state(checklist); @@ -984,11 +984,11 @@ retransmit_end: /** * Queues a retransmission job */ -static void queue_retransmission(private_connect_manager_t *this, chunk_t session_id, u_int32_t mid) +static void queue_retransmission(private_connect_manager_t *this, chunk_t connect_id, u_int32_t mid) { - retransmit_data_t *data = retransmit_data_create(this, chunk_clone(session_id), mid); + retransmit_data_t *data = retransmit_data_create(this, chunk_clone(connect_id), mid); job_t *job = (job_t*)callback_job_create((callback_job_cb_t)retransmit, data, (callback_job_cleanup_t)retransmit_data_destroy, NULL); - charon->scheduler->schedule_job(charon->scheduler, (job_t*)job, P2P_RTO_MIN); + charon->scheduler->schedule_job(charon->scheduler, (job_t*)job, ME_RTO_MIN); } /** @@ -1006,13 +1006,13 @@ static void send_check(private_connect_manager_t *this, check_list_t *checklist, message->set_ike_sa_id(message, ike_sa_id_create(0, 0, request)); - message->add_notify(message, FALSE, P2P_SESSIONID, check->session_id); - DBG2(DBG_IKE, "send P2P_SESSIONID %#B", &check->session_id); + message->add_notify(message, FALSE, ME_CONNECTID, check->connect_id); + DBG2(DBG_IKE, "send ME_CONNECTID %#B", &check->connect_id); notify_payload_t *endpoint = check->endpoint->build_notify(check->endpoint); check->endpoint_raw = chunk_clone(endpoint->get_notification_data(endpoint)); message->add_payload(message, (payload_t*)endpoint); - DBG2(DBG_IKE, "send P2P_ENDPOINT notify"); + DBG2(DBG_IKE, "send ME_ENDPOINT notify"); check->cookie = build_signature(this, checklist, check, TRUE); message->add_notify(message, FALSE, COOKIE, check->cookie); @@ -1027,7 +1027,7 @@ static void send_check(private_connect_manager_t *this, check_list_t *checklist, { DESTROY_IF(pair->packet); pair->packet = packet; - queue_retransmission(this, checklist->session_id, pair->id); + queue_retransmission(this, checklist->connect_id, pair->id); } else { @@ -1055,10 +1055,10 @@ static job_requeue_t sender(sender_data_t *data) pthread_mutex_lock(&(this->mutex)); check_list_t *checklist; - if (get_checklist_by_id(this, data->session_id, &checklist) != SUCCESS) + if (get_checklist_by_id(this, data->connect_id, &checklist) != SUCCESS) { DBG1(DBG_IKE, "checklist with id '%B' not found, can't send connectivity check", - &data->session_id); + &data->connect_id); pthread_mutex_unlock(&(this->mutex)); return JOB_REQUEUE_NONE; } @@ -1085,7 +1085,7 @@ static job_requeue_t sender(sender_data_t *data) check->mid = pair->id; check->src = pair->local->clone(pair->local); check->dst = pair->remote->clone(pair->remote); - check->session_id = chunk_clone(checklist->session_id); + check->connect_id = chunk_clone(checklist->connect_id); check->endpoint = endpoint_notify_create(); pair->state = CHECK_IN_PROGRESS; @@ -1096,7 +1096,7 @@ static job_requeue_t sender(sender_data_t *data) /* schedule this job again */ u_int32_t N = this->checklists->get_count(this->checklists); - schedule_checks(this, checklist, P2P_INTERVAL * N); + schedule_checks(this, checklist, ME_INTERVAL * N); pthread_mutex_unlock(&(this->mutex)); @@ -1109,8 +1109,8 @@ static job_requeue_t sender(sender_data_t *data) */ static void schedule_checks(private_connect_manager_t *this, check_list_t *checklist, u_int32_t time) { - chunk_t session_id = chunk_clone(checklist->session_id); - sender_data_t *data = sender_data_create(this, session_id); + chunk_t connect_id = chunk_clone(checklist->connect_id); + sender_data_t *data = sender_data_create(this, connect_id); job_t *job = (job_t*)callback_job_create((callback_job_cb_t)sender, data, (callback_job_cleanup_t)sender_data_destroy, NULL); charon->scheduler->schedule_job(charon->scheduler, job, time); } @@ -1251,7 +1251,7 @@ static void process_request(private_connect_manager_t *this, check_t *check, { case CHECK_IN_PROGRESS: /* prevent retransmissions */ - pair->retransmitted = P2P_MAX_RETRANS; + pair->retransmitted = ME_MAX_RETRANS; /* FIXME: we should wait to the next rto to send the triggered check * fall-through */ case CHECK_WAITING: @@ -1286,7 +1286,7 @@ static void process_request(private_connect_manager_t *this, check_t *check, response->mid = check->mid; response->src = check->dst->clone(check->dst); response->dst = check->src->clone(check->src); - response->session_id = chunk_clone(check->session_id); + response->connect_id = chunk_clone(check->connect_id); response->endpoint = peer_reflexive; send_check(this, checklist, response, pair, FALSE); @@ -1324,10 +1324,10 @@ static void process_check(private_connect_manager_t *this, message_t *message) pthread_mutex_lock(&(this->mutex)); check_list_t *checklist; - if (get_checklist_by_id(this, check->session_id, &checklist) != SUCCESS) + if (get_checklist_by_id(this, check->connect_id, &checklist) != SUCCESS) { DBG1(DBG_IKE, "checklist with id '%B' not found", - &check->session_id); + &check->connect_id); check_destroy(check); pthread_mutex_unlock(&(this->mutex)); return; @@ -1427,21 +1427,21 @@ static void check_and_initiate(private_connect_manager_t *this, ike_sa_id_t *med */ static status_t set_initiator_data(private_connect_manager_t *this, identification_t *initiator, identification_t *responder, - chunk_t session_id, chunk_t key, linked_list_t *endpoints, bool is_initiator) + chunk_t connect_id, chunk_t key, linked_list_t *endpoints, bool is_initiator) { check_list_t *checklist; pthread_mutex_lock(&(this->mutex)); - if (get_checklist_by_id(this, session_id, NULL) == SUCCESS) + if (get_checklist_by_id(this, connect_id, NULL) == SUCCESS) { DBG1(DBG_IKE, "checklist with id '%B' already exists, aborting", - &session_id); + &connect_id); pthread_mutex_unlock(&(this->mutex)); return FAILED; } - checklist = check_list_create(initiator, responder, session_id, key, endpoints, is_initiator); + checklist = check_list_create(initiator, responder, connect_id, key, endpoints, is_initiator); this->checklists->insert_last(this->checklists, checklist); pthread_mutex_unlock(&(this->mutex)); @@ -1453,16 +1453,16 @@ static status_t set_initiator_data(private_connect_manager_t *this, * Implementation of connect_manager_t.set_responder_data. */ static status_t set_responder_data(private_connect_manager_t *this, - chunk_t session_id, chunk_t key, linked_list_t *endpoints) + chunk_t connect_id, chunk_t key, linked_list_t *endpoints) { check_list_t *checklist; pthread_mutex_lock(&(this->mutex)); - if (get_checklist_by_id(this, session_id, &checklist) != SUCCESS) + if (get_checklist_by_id(this, connect_id, &checklist) != SUCCESS) { DBG1(DBG_IKE, "checklist with id '%B' not found", - &session_id); + &connect_id); pthread_mutex_unlock(&(this->mutex)); return NOT_FOUND; } diff --git a/src/charon/sa/connect_manager.h b/src/charon/sa/connect_manager.h index c1a443557..2f121c123 100644 --- a/src/charon/sa/connect_manager.h +++ b/src/charon/sa/connect_manager.h @@ -67,7 +67,7 @@ struct connect_manager_t { * * @param initiator ID of the initiator * @param responder ID of the responder - * @param session_id the session ID provided by the initiator + * @param connect_id the connect ID provided by the initiator * @param key the initiator's key * @param endpoints the initiator's endpoints * @param is_initiator TRUE, if the caller of this method is the initiator @@ -76,13 +76,13 @@ struct connect_manager_t { */ status_t (*set_initiator_data) (connect_manager_t *this, identification_t *initiator, identification_t *responder, - chunk_t session_id, chunk_t key, linked_list_t *endpoints, bool is_initiator); + chunk_t connect_id, chunk_t key, linked_list_t *endpoints, bool is_initiator); /** * Updates a checklist and sets the responder's data. The checklist's * state is advanced to WAITING which means that checks will be sent. * - * @param session_id the session ID + * @param connect_id the connect ID * @param chunk_t the responder's key * @param endpoints the responder's endpoints * @returns @@ -90,7 +90,7 @@ struct connect_manager_t { * - SUCCESS, otherwise */ status_t (*set_responder_data) (connect_manager_t *this, - chunk_t session_id, chunk_t key, linked_list_t *endpoints); + chunk_t connect_id, chunk_t key, linked_list_t *endpoints); /** diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index 33537bc74..da5f0e0aa 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -63,8 +63,8 @@ #include <processing/jobs/send_keepalive_job.h> #include <processing/jobs/rekey_ike_sa_job.h> -#ifdef P2P -#include <sa/tasks/ike_p2p.h> +#ifdef ME +#include <sa/tasks/ike_me.h> #include <processing/jobs/initiate_mediation_job.h> #endif @@ -142,12 +142,12 @@ struct private_ike_sa_t { */ host_t *other_host; -#ifdef P2P +#ifdef ME /** * Server reflexive host */ host_t *server_reflexive_host; -#endif /* P2P */ +#endif /* ME */ /** * Identification used for us @@ -924,7 +924,7 @@ static void send_notify_response(private_ike_sa_t *this, message_t *request, response->destroy(response); } -#ifdef P2P +#ifdef ME /** * Implementation of ike_sa_t.get_server_reflexive_host. */ @@ -946,10 +946,10 @@ static void set_server_reflexive_host(private_ike_sa_t *this, host_t *host) * Implementation of ike_sa_t.respond */ static status_t respond(private_ike_sa_t *this, identification_t *peer_id, - chunk_t session_id) + chunk_t connect_id) { - ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); - task->respond(task, peer_id, session_id); + ike_me_t *task = ike_me_create(&this->public, TRUE); + task->respond(task, peer_id, connect_id); this->task_manager->queue_task(this->task_manager, (task_t*)task); return this->task_manager->initiate(this->task_manager); } @@ -959,7 +959,7 @@ static status_t respond(private_ike_sa_t *this, identification_t *peer_id, */ static status_t callback(private_ike_sa_t *this, identification_t *peer_id) { - ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); + ike_me_t *task = ike_me_create(&this->public, TRUE); task->callback(task, peer_id); this->task_manager->queue_task(this->task_manager, (task_t*)task); return this->task_manager->initiate(this->task_manager); @@ -969,10 +969,10 @@ static status_t callback(private_ike_sa_t *this, identification_t *peer_id) * Implementation of ike_sa_t.relay */ static status_t relay(private_ike_sa_t *this, identification_t *requester, - chunk_t session_id, chunk_t session_key, linked_list_t *endpoints, bool response) + chunk_t connect_id, chunk_t connect_key, linked_list_t *endpoints, bool response) { - ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); - task->relay(task, requester, session_id, session_key, endpoints, response); + ike_me_t *task = ike_me_create(&this->public, TRUE); + task->relay(task, requester, connect_id, connect_key, endpoints, response); this->task_manager->queue_task(this->task_manager, (task_t*)task); return this->task_manager->initiate(this->task_manager); } @@ -982,7 +982,7 @@ static status_t relay(private_ike_sa_t *this, identification_t *requester, */ static status_t initiate_mediation(private_ike_sa_t *this, peer_cfg_t *mediated_cfg) { - ike_p2p_t *task = ike_p2p_create(&this->public, TRUE); + ike_me_t *task = ike_me_create(&this->public, TRUE); task->connect(task, mediated_cfg->get_peer_id(mediated_cfg)); this->task_manager->queue_task(this->task_manager, (task_t*)task); return this->task_manager->initiate(this->task_manager); @@ -1008,7 +1008,7 @@ static status_t initiate_mediated(private_ike_sa_t *this, host_t *me, host_t *ot iterator->destroy(iterator); return this->task_manager->initiate(this->task_manager); } -#endif /* P2P */ +#endif /* ME */ /** * Implementation of ike_sa_t.initiate. @@ -1020,9 +1020,9 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) if (this->state == IKE_CREATED) { if (this->other_host->is_anyaddr(this->other_host) -#ifdef P2P +#ifdef ME && !this->peer_cfg->get_mediated_by(this->peer_cfg) -#endif /* P2P */ +#endif /* ME */ ) { child_cfg->destroy(child_cfg); @@ -1052,13 +1052,13 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) task = (task_t*)ike_mobike_create(&this->public, TRUE); this->task_manager->queue_task(this->task_manager, task); } -#ifdef P2P - task = (task_t*)ike_p2p_create(&this->public, TRUE); +#ifdef ME + task = (task_t*)ike_me_create(&this->public, TRUE); this->task_manager->queue_task(this->task_manager, task); -#endif /* P2P */ +#endif /* ME */ } -#ifdef P2P +#ifdef ME if (this->peer_cfg->get_mediated_by(this->peer_cfg)) { /* mediated connection, initiate mediation process */ @@ -1075,7 +1075,7 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) } } else -#endif /* P2P */ +#endif /* ME */ { /* normal IKE_SA with CHILD_SA */ task = (task_t*)child_create_create(&this->public, child_cfg); @@ -1090,7 +1090,7 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg) * Implementation of ike_sa_t.acquire. */ static status_t acquire(private_ike_sa_t *this, u_int32_t reqid) -{ /* FIXME: P2P-NAT-T */ +{ /* FIXME: IKE-ME */ child_cfg_t *child_cfg; iterator_t *iterator; child_sa_t *current, *child_sa = NULL; @@ -1418,7 +1418,7 @@ static status_t process_message(private_ike_sa_t *this, message_t *message) * Implementation of ike_sa_t.retransmit. */ static status_t retransmit(private_ike_sa_t *this, u_int32_t message_id) -{ /* FIXME: P2P-NAT-T */ +{ /* FIXME: IKE-ME */ this->time.outbound = time(NULL); if (this->task_manager->retransmit(this->task_manager, message_id) != SUCCESS) { @@ -2306,7 +2306,7 @@ static void destroy(private_ike_sa_t *this) offsetof(host_t, destroy)); this->additional_addresses->destroy_offset(this->additional_addresses, offsetof(host_t, destroy)); -#ifdef P2P +#ifdef ME if (this->peer_cfg && this->peer_cfg->is_mediation(this->peer_cfg) && !this->ike_sa_id->is_initiator(this->ike_sa_id)) { @@ -2314,7 +2314,7 @@ static void destroy(private_ike_sa_t *this) charon->mediation_manager->remove(charon->mediation_manager, this->ike_sa_id); } DESTROY_IF(this->server_reflexive_host); -#endif /* P2P */ +#endif /* ME */ DESTROY_IF(this->my_host); DESTROY_IF(this->other_host); @@ -2400,7 +2400,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->public.set_virtual_ip = (void (*)(ike_sa_t*,bool,host_t*))set_virtual_ip; this->public.get_virtual_ip = (host_t* (*)(ike_sa_t*,bool))get_virtual_ip; this->public.add_dns_server = (void (*)(ike_sa_t*,host_t*))add_dns_server; -#ifdef P2P +#ifdef ME this->public.get_server_reflexive_host = (host_t* (*)(ike_sa_t*)) get_server_reflexive_host; this->public.set_server_reflexive_host = (void (*)(ike_sa_t*,host_t*)) set_server_reflexive_host; this->public.initiate_mediation = (status_t (*)(ike_sa_t*,peer_cfg_t*)) initiate_mediation; @@ -2408,7 +2408,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->public.relay = (status_t (*)(ike_sa_t*,identification_t*,chunk_t,chunk_t,linked_list_t*,bool)) relay; this->public.callback = (status_t (*)(ike_sa_t*,identification_t*)) callback; this->public.respond = (status_t (*)(ike_sa_t*,identification_t*,chunk_t)) respond; -#endif /* P2P */ +#endif /* ME */ /* initialize private fields */ this->ike_sa_id = ike_sa_id->clone(ike_sa_id); @@ -2446,9 +2446,9 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id) this->pending_updates = 0; this->keyingtry = 0; this->ike_initiator = FALSE; -#ifdef P2P +#ifdef ME this->server_reflexive_host = NULL; -#endif /* P2P */ +#endif /* ME */ return &this->public; } diff --git a/src/charon/sa/ike_sa.h b/src/charon/sa/ike_sa.h index f3d96f9de..33b990703 100644 --- a/src/charon/sa/ike_sa.h +++ b/src/charon/sa/ike_sa.h @@ -434,7 +434,7 @@ struct ike_sa_t { */ void (*set_pending_updates)(ike_sa_t *this, u_int32_t updates); -#ifdef P2P +#ifdef ME /** * Get the server reflexive host. * @@ -451,7 +451,7 @@ struct ike_sa_t { /** * Initiate the mediation of a mediated connection (i.e. initiate a - * P2P_CONNECT exchange). + * ME_CONNECT exchange). * * @param mediated_cfg peer_cfg of the mediated connection * @return @@ -475,21 +475,21 @@ struct ike_sa_t { /** * Relay data from one peer to another (i.e. initiate a - * P2P_CONNECT exchange). + * ME_CONNECT exchange). * * Data is cloned. * * @param requester ID of the requesting peer - * @param session_id data of the P2P_SESSIONID payload - * @param session_key data of the P2P_SESSIONKEY payload + * @param connect_id data of the ME_CONNECTID payload + * @param connect_key data of the ME_CONNECTKEY payload * @param endpoints endpoints * @param response TRUE if this is a response * @return * - SUCCESS if relay started * - DESTROY_ME if relay failed */ - status_t (*relay) (ike_sa_t *this, identification_t *requester, chunk_t session_id, - chunk_t session_key, linked_list_t *endpoints, bool response); + status_t (*relay) (ike_sa_t *this, identification_t *requester, chunk_t connect_id, + chunk_t connect_key, linked_list_t *endpoints, bool response); /** * Send a callback to a peer. @@ -504,18 +504,18 @@ struct ike_sa_t { status_t (*callback) (ike_sa_t *this, identification_t *peer_id); /** - * Respond to a P2P_CONNECT request. + * Respond to a ME_CONNECT request. * * Data is cloned. * * @param peer_id ID of the other peer - * @param session_id the session ID supplied by the initiator + * @param connect_id the connect ID supplied by the initiator * @return * - SUCCESS if response started * - DESTROY_ME if response failed */ - status_t (*respond) (ike_sa_t *this, identification_t *peer_id, chunk_t session_id); -#endif /* P2P */ + status_t (*respond) (ike_sa_t *this, identification_t *peer_id, chunk_t connect_id); +#endif /* ME */ /** * Initiate a new connection. diff --git a/src/charon/sa/task_manager.c b/src/charon/sa/task_manager.c index df0697055..b1c755a1a 100644 --- a/src/charon/sa/task_manager.c +++ b/src/charon/sa/task_manager.c @@ -38,8 +38,8 @@ #include <encoding/payloads/delete_payload.h> #include <processing/jobs/retransmit_job.h> -#ifdef P2P -#include <sa/tasks/ike_p2p.h> +#ifdef ME +#include <sa/tasks/ike_me.h> #endif typedef struct exchange_t exchange_t; @@ -325,13 +325,13 @@ static status_t build_request(private_task_manager_t *this) exchange = IKE_SA_INIT; activate_task(this, IKE_NATD); activate_task(this, IKE_CERT_PRE); -#ifdef P2P +#ifdef ME /* this task has to be activated before the IKE_AUTHENTICATE * task, because that task pregenerates the packet after * which no payloads can be added to the message anymore. */ - activate_task(this, IKE_P2P); -#endif /* P2P */ + activate_task(this, IKE_ME); +#endif /* ME */ activate_task(this, IKE_AUTHENTICATE); activate_task(this, IKE_CERT_POST); activate_task(this, IKE_CONFIG); @@ -381,13 +381,13 @@ static status_t build_request(private_task_manager_t *this) exchange = INFORMATIONAL; break; } -#ifdef P2P - if (activate_task(this, IKE_P2P)) +#ifdef ME + if (activate_task(this, IKE_ME)) { - exchange = P2P_CONNECT; + exchange = ME_CONNECT; break; } -#endif /* P2P */ +#endif /* ME */ case IKE_REKEYING: if (activate_task(this, IKE_DELETE)) { @@ -686,10 +686,10 @@ static status_t process_request(private_task_manager_t *this, this->passive_tasks->insert_last(this->passive_tasks, task); task = (task_t*)ike_cert_pre_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); -#ifdef P2P - task = (task_t*)ike_p2p_create(this->ike_sa, FALSE); +#ifdef ME + task = (task_t*)ike_me_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); -#endif /* P2P */ +#endif /* ME */ task = (task_t*)ike_auth_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); task = (task_t*)ike_cert_post_create(this->ike_sa, FALSE); @@ -817,13 +817,13 @@ static status_t process_request(private_task_manager_t *this, this->passive_tasks->insert_last(this->passive_tasks, task); break; } -#ifdef P2P - case P2P_CONNECT: +#ifdef ME + case ME_CONNECT: { - task = (task_t*)ike_p2p_create(this->ike_sa, FALSE); + task = (task_t*)ike_me_create(this->ike_sa, FALSE); this->passive_tasks->insert_last(this->passive_tasks, task); } -#endif /* P2P */ +#endif /* ME */ default: break; } diff --git a/src/charon/sa/tasks/ike_auth.c b/src/charon/sa/tasks/ike_auth.c index b96371bcf..6efd47244 100644 --- a/src/charon/sa/tasks/ike_auth.c +++ b/src/charon/sa/tasks/ike_auth.c @@ -649,8 +649,8 @@ static status_t process_i(private_ike_auth_t *this, message_t *message) case AUTH_LIFETIME: /* handled in ike_auth_lifetime task */ break; - case P2P_ENDPOINT: - /* handled in ike_p2p task */ + case ME_ENDPOINT: + /* handled in ike_me task */ break; default: { diff --git a/src/charon/sa/tasks/ike_p2p.c b/src/charon/sa/tasks/ike_me.c index 5a9ae00a4..64741c6ba 100644 --- a/src/charon/sa/tasks/ike_p2p.c +++ b/src/charon/sa/tasks/ike_me.c @@ -15,7 +15,7 @@ * $Id$ */ -#include "ike_p2p.h" +#include "ike_me.h" #include <string.h> @@ -26,27 +26,27 @@ #include <encoding/payloads/endpoint_notify.h> #include <processing/jobs/mediation_job.h> -#define P2P_SESSIONID_LEN 8 -#define P2P_SESSIONKEY_LEN 16 +#define ME_CONNECTID_LEN 8 +#define ME_CONNECTKEY_LEN 16 /* FIXME: proposed values */ -#define P2P_SESSIONID_MIN_LEN 4 -#define P2P_SESSIONID_MAX_LEN 16 -#define P2P_SESSIONKEY_MIN_LEN 8 -#define P2P_SESSIONKEY_MAX_LEN 64 +#define ME_CONNECTID_MIN_LEN 4 +#define ME_CONNECTID_MAX_LEN 16 +#define ME_CONNECTKEY_MIN_LEN 8 +#define ME_CONNECTKEY_MAX_LEN 64 -typedef struct private_ike_p2p_t private_ike_p2p_t; +typedef struct private_ike_me_t private_ike_me_t; /** - * Private members of a ike_p2p_t task. + * Private members of a ike_me_t task. */ -struct private_ike_p2p_t { +struct private_ike_me_t { /** * Public methods and task_t interface. */ - ike_p2p_t public; + ike_me_t public; /** * Assigned IKE_SA. @@ -100,12 +100,12 @@ struct private_ike_p2p_t { /** * Received ID used for connectivity checks */ - chunk_t session_id; + chunk_t connect_id; /** * Received key used for connectivity checks */ - chunk_t session_key; + chunk_t connect_key; /** * Peer config of the mediated connection @@ -133,7 +133,7 @@ static void add_endpoints_to_message(message_t *message, linked_list_t *endpoint /** * Gathers endpoints and adds them to the current message */ -static void gather_and_add_endpoints(private_ike_p2p_t *this, message_t *message) +static void gather_and_add_endpoints(private_ike_me_t *this, message_t *message) { iterator_t *iterator; host_t *addr, *host; @@ -171,7 +171,7 @@ static void gather_and_add_endpoints(private_ike_p2p_t *this, message_t *message /** * read notifys from message and evaluate them */ -static void process_payloads(private_ike_p2p_t *this, message_t *message) +static void process_payloads(private_ike_me_t *this, message_t *message) { iterator_t *iterator; payload_t *payload; @@ -188,55 +188,55 @@ static void process_payloads(private_ike_p2p_t *this, message_t *message) switch (notify->get_notify_type(notify)) { - case P2P_CONNECT_FAILED: + case ME_CONNECT_FAILED: { - DBG2(DBG_IKE, "received P2P_CONNECT_FAILED notify"); + DBG2(DBG_IKE, "received ME_CONNECT_FAILED notify"); this->failed = TRUE; break; } - case P2P_MEDIATION: + case ME_MEDIATION: { - DBG2(DBG_IKE, "received P2P_MEDIATION notify"); + DBG2(DBG_IKE, "received ME_MEDIATION notify"); this->mediation = TRUE; break; } - case P2P_ENDPOINT: + case ME_ENDPOINT: { endpoint_notify_t *endpoint = endpoint_notify_create_from_payload(notify); if (!endpoint) { - DBG1(DBG_IKE, "received invalid P2P_ENDPOINT notify"); + DBG1(DBG_IKE, "received invalid ME_ENDPOINT notify"); break; } - DBG1(DBG_IKE, "received %N P2P_ENDPOINT %#H", p2p_endpoint_type_names, + DBG1(DBG_IKE, "received %N ME_ENDPOINT %#H", me_endpoint_type_names, endpoint->get_type(endpoint), endpoint->get_host(endpoint)); this->remote_endpoints->insert_last(this->remote_endpoints, endpoint); break; } - case P2P_CALLBACK: + case ME_CALLBACK: { - DBG2(DBG_IKE, "received P2P_CALLBACK notify"); + DBG2(DBG_IKE, "received ME_CALLBACK notify"); this->callback = TRUE; break; } - case P2P_SESSIONID: + case ME_CONNECTID: { - chunk_free(&this->session_id); - this->session_id = chunk_clone(notify->get_notification_data(notify)); - DBG2(DBG_IKE, "received P2P_SESSIONID %#B", &this->session_id); + chunk_free(&this->connect_id); + this->connect_id = chunk_clone(notify->get_notification_data(notify)); + DBG2(DBG_IKE, "received ME_CONNECTID %#B", &this->connect_id); break; } - case P2P_SESSIONKEY: + case ME_CONNECTKEY: { - chunk_free(&this->session_key); - this->session_key = chunk_clone(notify->get_notification_data(notify)); - DBG4(DBG_IKE, "received P2P_SESSIONKEY %#B", &this->session_key); + chunk_free(&this->connect_key); + this->connect_key = chunk_clone(notify->get_notification_data(notify)); + DBG4(DBG_IKE, "received ME_CONNECTKEY %#B", &this->connect_key); break; } - case P2P_RESPONSE: + case ME_RESPONSE: { - DBG2(DBG_IKE, "received P2P_RESPONSE notify"); + DBG2(DBG_IKE, "received ME_RESPONSE notify"); this->response = TRUE; break; } @@ -250,7 +250,7 @@ static void process_payloads(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.process for initiator */ -static status_t build_i(private_ike_p2p_t *this, message_t *message) +static status_t build_i(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { @@ -259,8 +259,8 @@ static status_t build_i(private_ike_p2p_t *this, message_t *message) peer_cfg_t *peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa); if (peer_cfg->is_mediation(peer_cfg)) { - DBG2(DBG_IKE, "adding P2P_MEDIATION"); - message->add_notify(message, FALSE, P2P_MEDIATION, chunk_empty); + DBG2(DBG_IKE, "adding ME_MEDIATION"); + message->add_notify(message, FALSE, ME_MEDIATION, chunk_empty); } else { @@ -278,7 +278,7 @@ static status_t build_i(private_ike_p2p_t *this, message_t *message) } break; } - case P2P_CONNECT: + case ME_CONNECT: { id_payload_t *id_payload; randomizer_t *rand = randomizer_create(); @@ -288,38 +288,38 @@ static status_t build_i(private_ike_p2p_t *this, message_t *message) if (!this->response) { - /* only the initiator creates a session ID. the responder returns - * the session ID that it received from the initiator */ + /* only the initiator creates a connect ID. the responder returns + * the connect ID that it received from the initiator */ if (rand->allocate_pseudo_random_bytes(rand, - P2P_SESSIONID_LEN, &this->session_id) != SUCCESS) + ME_CONNECTID_LEN, &this->connect_id) != SUCCESS) { - DBG1(DBG_IKE, "unable to generate session ID for P2P_CONNECT"); + DBG1(DBG_IKE, "unable to generate connect ID for ME_CONNECT"); rand->destroy(rand); return FAILED; } } if (rand->allocate_pseudo_random_bytes(rand, - P2P_SESSIONKEY_LEN, &this->session_key) != SUCCESS) + ME_CONNECTKEY_LEN, &this->connect_key) != SUCCESS) { - DBG1(DBG_IKE, "unable to generate session key for P2P_CONNECT"); + DBG1(DBG_IKE, "unable to generate connect key for ME_CONNECT"); rand->destroy(rand); return FAILED; } rand->destroy(rand); - message->add_notify(message, FALSE, P2P_SESSIONID, this->session_id); - message->add_notify(message, FALSE, P2P_SESSIONKEY, this->session_key); + message->add_notify(message, FALSE, ME_CONNECTID, this->connect_id); + message->add_notify(message, FALSE, ME_CONNECTKEY, this->connect_key); if (this->response) { - message->add_notify(message, FALSE, P2P_RESPONSE, chunk_empty); + message->add_notify(message, FALSE, ME_RESPONSE, chunk_empty); } else { /* FIXME: should we make that configurable? */ - message->add_notify(message, FALSE, P2P_CALLBACK, chunk_empty); + message->add_notify(message, FALSE, ME_CALLBACK, chunk_empty); } gather_and_add_endpoints(this, message); @@ -335,17 +335,17 @@ static status_t build_i(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.process for responder */ -static status_t process_r(private_ike_p2p_t *this, message_t *message) +static status_t process_r(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { - case P2P_CONNECT: + case ME_CONNECT: { id_payload_t *id_payload; id_payload = (id_payload_t*)message->get_payload(message, ID_PEER); if (!id_payload) { - DBG1(DBG_IKE, "received P2P_CONNECT without ID_PEER payload, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without ID_PEER payload, aborting"); break; } this->peer_id = id_payload->get_identification(id_payload); @@ -354,32 +354,32 @@ static status_t process_r(private_ike_p2p_t *this, message_t *message) if (this->callback) { - DBG1(DBG_IKE, "received P2P_CALLBACK for '%D'", this->peer_id); + DBG1(DBG_IKE, "received ME_CALLBACK for '%D'", this->peer_id); break; } - if (!this->session_id.ptr) + if (!this->connect_id.ptr) { - DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONID notify, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without ME_CONNECTID notify, aborting"); this->invalid_syntax = TRUE; break; } - if (!this->session_key.ptr) + if (!this->connect_key.ptr) { - DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONKEY notify, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without ME_CONNECTKEY notify, aborting"); this->invalid_syntax = TRUE; break; } if (!this->remote_endpoints->get_count(this->remote_endpoints)) { - DBG1(DBG_IKE, "received P2P_CONNECT without any P2P_ENDPOINT payloads, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without any ME_ENDPOINT payloads, aborting"); this->invalid_syntax = TRUE; break; } - DBG1(DBG_IKE, "received P2P_CONNECT"); + DBG1(DBG_IKE, "received ME_CONNECT"); break; } default: @@ -391,11 +391,11 @@ static status_t process_r(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.build for responder */ -static status_t build_r(private_ike_p2p_t *this, message_t *message) +static status_t build_r(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { - case P2P_CONNECT: + case ME_CONNECT: { if (this->invalid_syntax) { @@ -417,7 +417,7 @@ static status_t build_r(private_ike_p2p_t *this, message_t *message) * as initiator, upon receiving a response from another peer, * update the checklist and start sending checks */ charon->connect_manager->set_responder_data(charon->connect_manager, - this->session_id, this->session_key, this->remote_endpoints); + this->connect_id, this->connect_key, this->remote_endpoints); } else { @@ -425,10 +425,10 @@ static status_t build_r(private_ike_p2p_t *this, message_t *message) * as responder, create a checklist with the initiator's data */ charon->connect_manager->set_initiator_data(charon->connect_manager, this->peer_id, this->ike_sa->get_my_id(this->ike_sa), - this->session_id, this->session_key, this->remote_endpoints, + this->connect_id, this->connect_key, this->remote_endpoints, FALSE); if (this->ike_sa->respond(this->ike_sa, this->peer_id, - this->session_id) != SUCCESS) + this->connect_id) != SUCCESS) { return FAILED; } @@ -444,7 +444,7 @@ static status_t build_r(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.process for initiator */ -static status_t process_i(private_ike_p2p_t *this, message_t *message) +static status_t process_i(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { @@ -454,7 +454,7 @@ static status_t process_i(private_ike_p2p_t *this, message_t *message) if (!this->mediation) { - DBG1(DBG_IKE, "server did not return a P2P_MEDIATION, aborting"); + DBG1(DBG_IKE, "server did not return a ME_MEDIATION, aborting"); return FAILED; } @@ -480,7 +480,7 @@ static status_t process_i(private_ike_p2p_t *this, message_t *message) break; } - case P2P_CONNECT: + case ME_CONNECT: { process_payloads(this, message); @@ -498,7 +498,7 @@ static status_t process_i(private_ike_p2p_t *this, message_t *message) /* FIXME: handle result of set_responder_data. * as responder, we update the checklist and start sending checks */ charon->connect_manager->set_responder_data(charon->connect_manager, - this->session_id, this->session_key, this->local_endpoints); + this->connect_id, this->connect_key, this->local_endpoints); } else { @@ -506,7 +506,7 @@ static status_t process_i(private_ike_p2p_t *this, message_t *message) * as initiator, we create a checklist and set the initiator's data */ charon->connect_manager->set_initiator_data(charon->connect_manager, this->ike_sa->get_my_id(this->ike_sa), this->peer_id, - this->session_id, this->session_key, this->local_endpoints, + this->connect_id, this->connect_key, this->local_endpoints, TRUE); } } @@ -521,27 +521,27 @@ static status_t process_i(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.process for initiator (mediation server) */ -static status_t build_i_ms(private_ike_p2p_t *this, message_t *message) +static status_t build_i_ms(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { - case P2P_CONNECT: + case ME_CONNECT: { id_payload_t *id_payload = id_payload_create_from_identification(ID_PEER, this->peer_id); message->add_payload(message, (payload_t*)id_payload); if (this->callback) { - message->add_notify(message, FALSE, P2P_CALLBACK, chunk_empty); + message->add_notify(message, FALSE, ME_CALLBACK, chunk_empty); } else { if (this->response) { - message->add_notify(message, FALSE, P2P_RESPONSE, chunk_empty); + message->add_notify(message, FALSE, ME_RESPONSE, chunk_empty); } - message->add_notify(message, FALSE, P2P_SESSIONID, this->session_id); - message->add_notify(message, FALSE, P2P_SESSIONKEY, this->session_key); + message->add_notify(message, FALSE, ME_CONNECTID, this->connect_id); + message->add_notify(message, FALSE, ME_CONNECTKEY, this->connect_key); add_endpoints_to_message(message, this->remote_endpoints); } @@ -557,7 +557,7 @@ static status_t build_i_ms(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.process for responder (mediation server) */ -static status_t process_r_ms(private_ike_p2p_t *this, message_t *message) +static status_t process_r_ms(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { @@ -571,13 +571,13 @@ static status_t process_r_ms(private_ike_p2p_t *this, message_t *message) process_payloads(this, message); break; } - case P2P_CONNECT: + case ME_CONNECT: { id_payload_t *id_payload; id_payload = (id_payload_t*)message->get_payload(message, ID_PEER); if (!id_payload) { - DBG1(DBG_IKE, "received P2P_CONNECT without ID_PEER payload, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without ID_PEER payload, aborting"); this->invalid_syntax = TRUE; break; } @@ -586,23 +586,23 @@ static status_t process_r_ms(private_ike_p2p_t *this, message_t *message) process_payloads(this, message); - if (!this->session_id.ptr) + if (!this->connect_id.ptr) { - DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONID notify, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without ME_CONNECTID notify, aborting"); this->invalid_syntax = TRUE; break; } - if (!this->session_key.ptr) + if (!this->connect_key.ptr) { - DBG1(DBG_IKE, "received P2P_CONNECT without P2P_SESSIONKEY notify, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without ME_CONNECTKEY notify, aborting"); this->invalid_syntax = TRUE; break; } if (!this->remote_endpoints->get_count(this->remote_endpoints)) { - DBG1(DBG_IKE, "received P2P_CONNECT without any P2P_ENDPOINT payloads, aborting"); + DBG1(DBG_IKE, "received ME_CONNECT without any ME_ENDPOINT payloads, aborting"); this->invalid_syntax = TRUE; break; } @@ -618,13 +618,13 @@ static status_t process_r_ms(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.build for responder (mediation server) */ -static status_t build_r_ms(private_ike_p2p_t *this, message_t *message) +static status_t build_r_ms(private_ike_me_t *this, message_t *message) { switch(message->get_exchange_type(message)) { case IKE_SA_INIT: { - message->add_notify(message, FALSE, P2P_MEDIATION, chunk_empty); + message->add_notify(message, FALSE, ME_MEDIATION, chunk_empty); return NEED_MORE; } case IKE_AUTH: @@ -650,7 +650,7 @@ static status_t build_r_ms(private_ike_p2p_t *this, message_t *message) break; } - case P2P_CONNECT: + case ME_CONNECT: { if (this->invalid_syntax) { @@ -673,13 +673,13 @@ static status_t build_r_ms(private_ike_p2p_t *this, message_t *message) if (!peer_sa) { /* the peer is not online */ - message->add_notify(message, TRUE, P2P_CONNECT_FAILED, chunk_empty); + message->add_notify(message, TRUE, ME_CONNECT_FAILED, chunk_empty); break; } job_t *job = (job_t*)mediation_job_create(this->peer_id, - this->ike_sa->get_other_id(this->ike_sa), this->session_id, - this->session_key, this->remote_endpoints, this->response); + this->ike_sa->get_other_id(this->ike_sa), this->connect_id, + this->connect_key, this->remote_endpoints, this->response); charon->processor->queue_job(charon->processor, job); break; @@ -693,48 +693,48 @@ static status_t build_r_ms(private_ike_p2p_t *this, message_t *message) /** * Implementation of task_t.process for initiator (mediation server) */ -static status_t process_i_ms(private_ike_p2p_t *this, message_t *message) +static status_t process_i_ms(private_ike_me_t *this, message_t *message) { return SUCCESS; } /** - * Implementation of ike_p2p.connect + * Implementation of ike_me.connect */ -static void p2p_connect(private_ike_p2p_t *this, identification_t *peer_id) +static void me_connect(private_ike_me_t *this, identification_t *peer_id) { this->peer_id = peer_id->clone(peer_id); } /** - * Implementation of ike_p2p.respond + * Implementation of ike_me.respond */ -static void p2p_respond(private_ike_p2p_t *this, identification_t *peer_id, - chunk_t session_id) +static void me_respond(private_ike_me_t *this, identification_t *peer_id, + chunk_t connect_id) { this->peer_id = peer_id->clone(peer_id); - this->session_id = chunk_clone(session_id); + this->connect_id = chunk_clone(connect_id); this->response = TRUE; } /** - * Implementation of ike_p2p.callback + * Implementation of ike_me.callback */ -static void p2p_callback(private_ike_p2p_t *this, identification_t *peer_id) +static void me_callback(private_ike_me_t *this, identification_t *peer_id) { this->peer_id = peer_id->clone(peer_id); this->callback = TRUE; } /** - * Implementation of ike_p2p.relay + * Implementation of ike_me.relay */ -static void relay(private_ike_p2p_t *this, identification_t *requester, chunk_t session_id, - chunk_t session_key, linked_list_t *endpoints, bool response) +static void relay(private_ike_me_t *this, identification_t *requester, chunk_t connect_id, + chunk_t connect_key, linked_list_t *endpoints, bool response) { this->peer_id = requester->clone(requester); - this->session_id = chunk_clone(session_id); - this->session_key = chunk_clone(session_key); + this->connect_id = chunk_clone(connect_id); + this->connect_key = chunk_clone(connect_key); this->remote_endpoints = endpoints->clone_offset(endpoints, offsetof(endpoint_notify_t, clone)); this->response = response; } @@ -742,15 +742,15 @@ static void relay(private_ike_p2p_t *this, identification_t *requester, chunk_t /** * Implementation of task_t.get_type */ -static task_type_t get_type(private_ike_p2p_t *this) +static task_type_t get_type(private_ike_me_t *this) { - return IKE_P2P; + return IKE_ME; } /** * Implementation of task_t.migrate */ -static void migrate(private_ike_p2p_t *this, ike_sa_t *ike_sa) +static void migrate(private_ike_me_t *this, ike_sa_t *ike_sa) { this->ike_sa = ike_sa; } @@ -758,12 +758,12 @@ static void migrate(private_ike_p2p_t *this, ike_sa_t *ike_sa) /** * Implementation of task_t.destroy */ -static void destroy(private_ike_p2p_t *this) +static void destroy(private_ike_me_t *this) { DESTROY_IF(this->peer_id); - chunk_free(&this->session_id); - chunk_free(&this->session_key); + chunk_free(&this->connect_id); + chunk_free(&this->connect_key); this->local_endpoints->destroy_offset(this->local_endpoints, offsetof(endpoint_notify_t, destroy)); this->remote_endpoints->destroy_offset(this->remote_endpoints, offsetof(endpoint_notify_t, destroy)); @@ -775,9 +775,9 @@ static void destroy(private_ike_p2p_t *this) /* * Described in header. */ -ike_p2p_t *ike_p2p_create(ike_sa_t *ike_sa, bool initiator) +ike_me_t *ike_me_create(ike_sa_t *ike_sa, bool initiator) { - private_ike_p2p_t *this = malloc_thing(private_ike_p2p_t); + private_ike_me_t *this = malloc_thing(private_ike_me_t); this->public.task.get_type = (task_type_t(*)(task_t*))get_type; this->public.task.migrate = (void(*)(task_t*,ike_sa_t*))migrate; @@ -812,17 +812,17 @@ ike_p2p_t *ike_p2p_create(ike_sa_t *ike_sa, bool initiator) } } - this->public.connect = (void(*)(ike_p2p_t*,identification_t*))p2p_connect; - this->public.respond = (void(*)(ike_p2p_t*,identification_t*,chunk_t))p2p_respond; - this->public.callback = (void(*)(ike_p2p_t*,identification_t*))p2p_callback; - this->public.relay = (void(*)(ike_p2p_t*,identification_t*,chunk_t,chunk_t,linked_list_t*,bool))relay; + this->public.connect = (void(*)(ike_me_t*,identification_t*))me_connect; + this->public.respond = (void(*)(ike_me_t*,identification_t*,chunk_t))me_respond; + this->public.callback = (void(*)(ike_me_t*,identification_t*))me_callback; + this->public.relay = (void(*)(ike_me_t*,identification_t*,chunk_t,chunk_t,linked_list_t*,bool))relay; this->ike_sa = ike_sa; this->initiator = initiator; this->peer_id = NULL; - this->session_id = chunk_empty; - this->session_key = chunk_empty; + this->connect_id = chunk_empty; + this->connect_key = chunk_empty; this->local_endpoints = linked_list_create(); this->remote_endpoints = linked_list_create(); this->mediation = FALSE; diff --git a/src/charon/sa/tasks/ike_p2p.h b/src/charon/sa/tasks/ike_me.h index fe6bbd1a2..7fdc7243f 100644 --- a/src/charon/sa/tasks/ike_p2p.h +++ b/src/charon/sa/tasks/ike_me.h @@ -16,32 +16,32 @@ */ /** - * @defgroup ike_p2p ike_p2p + * @defgroup ike_me ike_me * @{ @ingroup tasks */ -#ifndef IKE_P2P_H_ -#define IKE_P2P_H_ +#ifndef IKE_ME_H_ +#define IKE_ME_H_ -typedef struct ike_p2p_t ike_p2p_t; +typedef struct ike_me_t ike_me_t; #include <library.h> #include <sa/ike_sa.h> #include <sa/tasks/task.h> /** - * Task of type IKE_P2P, detects and handles P2P-NAT-T extensions. + * Task of type IKE_ME, detects and handles IKE-ME extensions. * - * This tasks handles the P2P_MEDIATION notify exchange to setup a mediation - * connection, allows to initiate mediated connections using P2P_CONNECT + * This tasks handles the ME_MEDIATION Notify exchange to setup a mediation + * connection, allows to initiate mediated connections using ME_CONNECT * exchanges and to request reflexive addresses from the mediation server using - * P2P_ENDPOINT notifies. + * ME_ENDPOINT notifies. * * @note This task has to be activated before the IKE_AUTH task, because that * task generates the IKE_SA_INIT message so that no more payloads can be added * to it afterwards. */ -struct ike_p2p_t { +struct ike_me_t { /** * Implements the task_t interface @@ -49,52 +49,52 @@ struct ike_p2p_t { task_t task; /** - * Initiates a connection with another peer (i.e. sends a P2P_CONNECT + * Initiates a connection with another peer (i.e. sends a ME_CONNECT * to the mediation server) * * @param peer_id ID of the other peer (gets cloned) */ - void (*connect)(ike_p2p_t *this, identification_t *peer_id); + void (*connect)(ike_me_t *this, identification_t *peer_id); /** - * Responds to a P2P_CONNECT from another peer (i.e. sends a P2P_CONNECT + * Responds to a ME_CONNECT from another peer (i.e. sends a ME_CONNECT * to the mediation server) * * @param peer_id ID of the other peer (gets cloned) - * @param session_id the session ID as provided by the initiator (gets cloned) + * @param connect_id the connect ID as provided by the initiator (gets cloned) */ - void (*respond)(ike_p2p_t *this, identification_t *peer_id, chunk_t session_id); + void (*respond)(ike_me_t *this, identification_t *peer_id, chunk_t connect_id); /** - * Sends a P2P_CALLBACK to a peer that previously requested another peer. + * Sends a ME_CALLBACK to a peer that previously requested another peer. * * @param peer_id ID of the other peer (gets cloned) */ - void (*callback)(ike_p2p_t *this, identification_t *peer_id); + void (*callback)(ike_me_t *this, identification_t *peer_id); /** - * Relays data to another peer (i.e. sends a P2P_CONNECT to the peer) + * Relays data to another peer (i.e. sends a ME_CONNECT to the peer) * * Data gets cloned. * * @param requester ID of the requesting peer - * @param session_id content of the P2P_SESSIONID notify - * @param session_key content of the P2P_SESSIONKEY notify + * @param connect_id content of the ME_CONNECTID notify + * @param connect_key content of the ME_CONNECTKEY notify * @param endpoints endpoints * @param response TRUE if this is a response */ - void (*relay)(ike_p2p_t *this, identification_t *requester, chunk_t session_id, - chunk_t session_key, linked_list_t *endpoints, bool response); + void (*relay)(ike_me_t *this, identification_t *requester, chunk_t connect_id, + chunk_t connect_key, linked_list_t *endpoints, bool response); }; /** - * Create a new ike_p2p task. + * Create a new ike_me task. * * @param ike_sa IKE_SA this task works for * @param initiator TRUE if taks is initiated by us - * @return ike_p2p task to handle by the task_manager + * @return ike_me task to handle by the task_manager */ -ike_p2p_t *ike_p2p_create(ike_sa_t *ike_sa, bool initiator); +ike_me_t *ike_me_create(ike_sa_t *ike_sa, bool initiator); -#endif /*IKE_P2P_H_ @} */ +#endif /*IKE_ME_H_ @} */ diff --git a/src/charon/sa/tasks/ike_natd.c b/src/charon/sa/tasks/ike_natd.c index 1662a3268..e8daecdba 100644 --- a/src/charon/sa/tasks/ike_natd.c +++ b/src/charon/sa/tasks/ike_natd.c @@ -254,7 +254,7 @@ static status_t process_i(private_ike_natd_t *this, message_t *message) { peer_cfg_t *peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa); -#ifdef P2P +#ifdef ME /* if we are on a mediated connection we have already switched to * port 4500 and the correct destination port is already configured, * therefore we must not switch again */ @@ -262,14 +262,14 @@ static status_t process_i(private_ike_natd_t *this, message_t *message) { return SUCCESS; } -#endif /* P2P */ +#endif /* ME */ if (this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY) || -#ifdef P2P +#ifdef ME /* if we are on a mediation connection we swith to port 4500 even * if no NAT is detected. */ peer_cfg->is_mediation(peer_cfg) || -#endif /* P2P */ +#endif /* ME */ /* if peer supports NAT-T, we switch to port 4500 even * if no NAT is detected. MOBIKE requires this. */ (peer_cfg->use_mobike(peer_cfg) && diff --git a/src/charon/sa/tasks/task.c b/src/charon/sa/tasks/task.c index 0ff2afd77..4ff50a610 100644 --- a/src/charon/sa/tasks/task.c +++ b/src/charon/sa/tasks/task.c @@ -31,9 +31,9 @@ ENUM(task_type_names, IKE_INIT, CHILD_REKEY, "IKE_REAUTH", "IKE_DELETE", "IKE_DPD", -#ifdef P2P - "IKE_P2P", -#endif /* P2P */ +#ifdef ME + "IKE_ME", +#endif /* ME */ "CHILD_CREATE", "CHILD_DELETE", "CHILD_REKEY", diff --git a/src/charon/sa/tasks/task.h b/src/charon/sa/tasks/task.h index 773bc60c6..d2854701e 100644 --- a/src/charon/sa/tasks/task.h +++ b/src/charon/sa/tasks/task.h @@ -59,10 +59,10 @@ enum task_type_t { IKE_DELETE, /** liveness check */ IKE_DPD, -#ifdef P2P - /** handle P2P-NAT-T stuff */ - IKE_P2P, -#endif /* P2P */ +#ifdef ME + /** handle ME stuff */ + IKE_ME, +#endif /* ME */ /** establish a CHILD_SA within an IKE_SA */ CHILD_CREATE, /** delete an established CHILD_SA */ |