diff options
Diffstat (limited to 'src/libcharon/sa')
| -rw-r--r-- | src/libcharon/sa/child_sa.c | 63 | ||||
| -rw-r--r-- | src/libcharon/sa/ike_sa.c | 26 | ||||
| -rw-r--r-- | src/libcharon/sa/tasks/ike_me.c | 4 | ||||
| -rw-r--r-- | src/libcharon/sa/tasks/ike_mobike.c | 15 | ||||
| -rw-r--r-- | src/libcharon/sa/tasks/ike_natd.c | 7 | ||||
| -rw-r--r-- | src/libcharon/sa/trap_manager.c | 5 |
6 files changed, 62 insertions, 58 deletions
diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index 2f5d948c7..b5c2feb21 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -23,6 +23,7 @@ #include <string.h> #include <time.h> +#include <hydra.h> #include <daemon.h> ENUM(child_sa_state_names, CHILD_CREATED, CHILD_DESTROYING, @@ -413,7 +414,7 @@ static status_t update_usebytes(private_child_sa_t *this, bool inbound) { if (this->my_spi) { - status = charon->kernel_interface->query_sa(charon->kernel_interface, + status = hydra->kernel_interface->query_sa(hydra->kernel_interface, this->other_addr, this->my_addr, this->my_spi, proto_ike2ip(this->protocol), this->mark_in, &bytes); @@ -432,7 +433,7 @@ static status_t update_usebytes(private_child_sa_t *this, bool inbound) { if (this->other_spi) { - status = charon->kernel_interface->query_sa(charon->kernel_interface, + status = hydra->kernel_interface->query_sa(hydra->kernel_interface, this->my_addr, this->other_addr, this->other_spi, proto_ike2ip(this->protocol), this->mark_out, &bytes); @@ -466,14 +467,14 @@ static void update_usetime(private_child_sa_t *this, bool inbound) if (inbound) { - if (charon->kernel_interface->query_policy(charon->kernel_interface, + if (hydra->kernel_interface->query_policy(hydra->kernel_interface, other_ts, my_ts, POLICY_IN, this->mark_in, &in) == SUCCESS) { last_use = max(last_use, in); } if (this->mode != MODE_TRANSPORT) { - if (charon->kernel_interface->query_policy(charon->kernel_interface, + if (hydra->kernel_interface->query_policy(hydra->kernel_interface, other_ts, my_ts, POLICY_FWD, this->mark_in, &fwd) == SUCCESS) { last_use = max(last_use, fwd); @@ -482,7 +483,7 @@ static void update_usetime(private_child_sa_t *this, bool inbound) } else { - if (charon->kernel_interface->query_policy(charon->kernel_interface, + if (hydra->kernel_interface->query_policy(hydra->kernel_interface, my_ts, other_ts, POLICY_OUT, this->mark_out, &out) == SUCCESS) { last_use = max(last_use, out); @@ -534,10 +535,10 @@ METHOD(child_sa_t, get_lifetime, time_t, METHOD(child_sa_t, alloc_spi, u_int32_t, private_child_sa_t *this, protocol_id_t protocol) { - if (charon->kernel_interface->get_spi(charon->kernel_interface, - this->other_addr, this->my_addr, - proto_ike2ip(protocol), this->reqid, - &this->my_spi) == SUCCESS) + if (hydra->kernel_interface->get_spi(hydra->kernel_interface, + this->other_addr, this->my_addr, + proto_ike2ip(protocol), this->reqid, + &this->my_spi) == SUCCESS) { return this->my_spi; } @@ -547,9 +548,9 @@ METHOD(child_sa_t, alloc_spi, u_int32_t, METHOD(child_sa_t, alloc_cpi, u_int16_t, private_child_sa_t *this) { - if (charon->kernel_interface->get_cpi(charon->kernel_interface, - this->other_addr, this->my_addr, - this->reqid, &this->my_cpi) == SUCCESS) + if (hydra->kernel_interface->get_cpi(hydra->kernel_interface, + this->other_addr, this->my_addr, + this->reqid, &this->my_cpi) == SUCCESS) { return this->my_cpi; } @@ -636,7 +637,7 @@ METHOD(child_sa_t, install, status_t, } } - status = charon->kernel_interface->add_sa(charon->kernel_interface, + status = hydra->kernel_interface->add_sa(hydra->kernel_interface, src, dst, spi, proto_ike2ip(this->protocol), this->reqid, inbound ? this->mark_in : this->mark_out, lifetime, enc_alg, encr, int_alg, integ, this->mode, @@ -677,14 +678,14 @@ METHOD(child_sa_t, add_policies, status_t, while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { /* install 3 policies: out, in and forward */ - status |= charon->kernel_interface->add_policy(charon->kernel_interface, + status |= hydra->kernel_interface->add_policy(hydra->kernel_interface, this->my_addr, this->other_addr, my_ts, other_ts, POLICY_OUT, this->other_spi, proto_ike2ip(this->protocol), this->reqid, this->mark_out, this->mode, this->ipcomp, this->other_cpi, routed); - status |= charon->kernel_interface->add_policy(charon->kernel_interface, + status |= hydra->kernel_interface->add_policy(hydra->kernel_interface, this->other_addr, this->my_addr, other_ts, my_ts, POLICY_IN, this->my_spi, proto_ike2ip(this->protocol), this->reqid, @@ -692,7 +693,7 @@ METHOD(child_sa_t, add_policies, status_t, this->my_cpi, routed); if (this->mode != MODE_TRANSPORT) { - status |= charon->kernel_interface->add_policy(charon->kernel_interface, + status |= hydra->kernel_interface->add_policy(hydra->kernel_interface, this->other_addr, this->my_addr, other_ts, my_ts, POLICY_FWD, this->my_spi, proto_ike2ip(this->protocol), this->reqid, @@ -739,7 +740,7 @@ METHOD(child_sa_t, update, status_t, /* update our (initator) SA */ if (this->my_spi) { - if (charon->kernel_interface->update_sa(charon->kernel_interface, + if (hydra->kernel_interface->update_sa(hydra->kernel_interface, this->my_spi, proto_ike2ip(this->protocol), this->ipcomp != IPCOMP_NONE ? this->my_cpi : 0, this->other_addr, this->my_addr, other, me, @@ -752,7 +753,7 @@ METHOD(child_sa_t, update, status_t, /* update his (responder) SA */ if (this->other_spi) { - if (charon->kernel_interface->update_sa(charon->kernel_interface, + if (hydra->kernel_interface->update_sa(hydra->kernel_interface, this->other_spi, proto_ike2ip(this->protocol), this->ipcomp != IPCOMP_NONE ? this->other_cpi : 0, this->my_addr, this->other_addr, me, other, @@ -777,13 +778,13 @@ METHOD(child_sa_t, update, status_t, while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { /* remove old policies first */ - charon->kernel_interface->del_policy(charon->kernel_interface, + hydra->kernel_interface->del_policy(hydra->kernel_interface, my_ts, other_ts, POLICY_OUT, this->mark_out, FALSE); - charon->kernel_interface->del_policy(charon->kernel_interface, + hydra->kernel_interface->del_policy(hydra->kernel_interface, other_ts, my_ts, POLICY_IN, this->mark_in, FALSE); if (this->mode != MODE_TRANSPORT) { - charon->kernel_interface->del_policy(charon->kernel_interface, + hydra->kernel_interface->del_policy(hydra->kernel_interface, other_ts, my_ts, POLICY_FWD, this->mark_in, FALSE); } @@ -803,24 +804,24 @@ METHOD(child_sa_t, update, status_t, * correctly */ if (vip) { - charon->kernel_interface->del_ip(charon->kernel_interface, vip); - charon->kernel_interface->add_ip(charon->kernel_interface, vip, me); + hydra->kernel_interface->del_ip(hydra->kernel_interface, vip); + hydra->kernel_interface->add_ip(hydra->kernel_interface, vip, me); } /* reinstall updated policies */ - charon->kernel_interface->add_policy(charon->kernel_interface, + hydra->kernel_interface->add_policy(hydra->kernel_interface, me, other, my_ts, other_ts, POLICY_OUT, this->other_spi, proto_ike2ip(this->protocol), this->reqid, this->mark_out, this->mode, this->ipcomp, this->other_cpi, FALSE); - charon->kernel_interface->add_policy(charon->kernel_interface, + hydra->kernel_interface->add_policy(hydra->kernel_interface, other, me, other_ts, my_ts, POLICY_IN, this->my_spi, proto_ike2ip(this->protocol), this->reqid, this->mark_in, this->mode, this->ipcomp, this->my_cpi, FALSE); if (this->mode != MODE_TRANSPORT) { - charon->kernel_interface->add_policy(charon->kernel_interface, + hydra->kernel_interface->add_policy(hydra->kernel_interface, other, me, other_ts, my_ts, POLICY_FWD, this->my_spi, proto_ike2ip(this->protocol), this->reqid, this->mark_in, this->mode, @@ -870,14 +871,14 @@ METHOD(child_sa_t, destroy, void, { this->protocol = PROTO_ESP; } - charon->kernel_interface->del_sa(charon->kernel_interface, + hydra->kernel_interface->del_sa(hydra->kernel_interface, this->other_addr, this->my_addr, this->my_spi, proto_ike2ip(this->protocol), this->my_cpi, this->mark_in); } if (this->other_spi) { - charon->kernel_interface->del_sa(charon->kernel_interface, + hydra->kernel_interface->del_sa(hydra->kernel_interface, this->my_addr, this->other_addr, this->other_spi, proto_ike2ip(this->protocol), this->other_cpi, this->mark_out); @@ -889,13 +890,13 @@ METHOD(child_sa_t, destroy, void, enumerator = create_policy_enumerator(this); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - charon->kernel_interface->del_policy(charon->kernel_interface, + hydra->kernel_interface->del_policy(hydra->kernel_interface, my_ts, other_ts, POLICY_OUT, this->mark_out, unrouted); - charon->kernel_interface->del_policy(charon->kernel_interface, + hydra->kernel_interface->del_policy(hydra->kernel_interface, other_ts, my_ts, POLICY_IN, this->mark_in, unrouted); if (this->mode != MODE_TRANSPORT) { - charon->kernel_interface->del_policy(charon->kernel_interface, + hydra->kernel_interface->del_policy(hydra->kernel_interface, other_ts, my_ts, POLICY_FWD, this->mark_in, unrouted); } } diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index 6656317b7..e82b4e0a1 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -730,14 +730,14 @@ METHOD(ike_sa_t, set_virtual_ip, void, if (local) { DBG1(DBG_IKE, "installing new virtual IP %H", ip); - if (charon->kernel_interface->add_ip(charon->kernel_interface, ip, - this->my_host) == SUCCESS) + if (hydra->kernel_interface->add_ip(hydra->kernel_interface, ip, + this->my_host) == SUCCESS) { if (this->my_virtual_ip) { DBG1(DBG_IKE, "removing old virtual IP %H", this->my_virtual_ip); - charon->kernel_interface->del_ip(charon->kernel_interface, - this->my_virtual_ip); + hydra->kernel_interface->del_ip(hydra->kernel_interface, + this->my_virtual_ip); } DESTROY_IF(this->my_virtual_ip); this->my_virtual_ip = ip->clone(ip); @@ -1062,8 +1062,8 @@ static void resolve_hosts(private_ike_sa_t *this) !this->other_host->is_anyaddr(this->other_host)) { host->destroy(host); - host = charon->kernel_interface->get_source_addr( - charon->kernel_interface, this->other_host, NULL); + host = hydra->kernel_interface->get_source_addr( + hydra->kernel_interface, this->other_host, NULL); if (host) { host->set_port(host, this->ike_cfg->get_my_port(this->ike_cfg)); @@ -1760,7 +1760,7 @@ METHOD(ike_sa_t, roam, status_t, } /* keep existing path if possible */ - src = charon->kernel_interface->get_source_addr(charon->kernel_interface, + src = hydra->kernel_interface->get_source_addr(hydra->kernel_interface, this->other_host, this->my_host); if (src) { @@ -1781,8 +1781,8 @@ METHOD(ike_sa_t, roam, status_t, enumerator_t *enumerator; host_t *addr; - src = charon->kernel_interface->get_source_addr(charon->kernel_interface, - this->other_host, NULL); + src = hydra->kernel_interface->get_source_addr(hydra->kernel_interface, + this->other_host, NULL); if (!src) { enumerator = this->additional_addresses->create_enumerator( @@ -1790,8 +1790,8 @@ METHOD(ike_sa_t, roam, status_t, while (enumerator->enumerate(enumerator, &addr)) { DBG1(DBG_IKE, "looking for a route to %H ...", addr); - src = charon->kernel_interface->get_source_addr( - charon->kernel_interface, addr, NULL); + src = hydra->kernel_interface->get_source_addr( + hydra->kernel_interface, addr, NULL); if (src) { break; @@ -1958,8 +1958,8 @@ METHOD(ike_sa_t, destroy, void, if (this->my_virtual_ip) { - charon->kernel_interface->del_ip(charon->kernel_interface, - this->my_virtual_ip); + hydra->kernel_interface->del_ip(hydra->kernel_interface, + this->my_virtual_ip); this->my_virtual_ip->destroy(this->my_virtual_ip); } if (this->other_virtual_ip) diff --git a/src/libcharon/sa/tasks/ike_me.c b/src/libcharon/sa/tasks/ike_me.c index 1b3771696..3ccefd47c 100644 --- a/src/libcharon/sa/tasks/ike_me.c +++ b/src/libcharon/sa/tasks/ike_me.c @@ -135,8 +135,8 @@ static void gather_and_add_endpoints(private_ike_me_t *this, message_t *message) host = this->ike_sa->get_my_host(this->ike_sa); port = host->get_port(host); - enumerator = charon->kernel_interface->create_address_enumerator( - charon->kernel_interface, FALSE, FALSE); + enumerator = hydra->kernel_interface->create_address_enumerator( + hydra->kernel_interface, FALSE, FALSE); while (enumerator->enumerate(enumerator, (void**)&addr)) { host = addr->clone(addr); diff --git a/src/libcharon/sa/tasks/ike_mobike.c b/src/libcharon/sa/tasks/ike_mobike.c index a62886f02..8d963a289 100644 --- a/src/libcharon/sa/tasks/ike_mobike.c +++ b/src/libcharon/sa/tasks/ike_mobike.c @@ -17,6 +17,7 @@ #include <string.h> +#include <hydra.h> #include <daemon.h> #include <sa/tasks/ike_natd.h> #include <encoding/payloads/notify_payload.h> @@ -193,8 +194,8 @@ static void build_address_list(private_ike_mobike_t *this, message_t *message) int added = 0; me = this->ike_sa->get_my_host(this->ike_sa); - enumerator = charon->kernel_interface->create_address_enumerator( - charon->kernel_interface, FALSE, FALSE); + enumerator = hydra->kernel_interface->create_address_enumerator( + hydra->kernel_interface, FALSE, FALSE); while (enumerator->enumerate(enumerator, (void**)&host)) { if (me->ip_equals(me, host)) @@ -310,8 +311,8 @@ static void transmit(private_ike_mobike_t *this, packet_t *packet) other_old = this->ike_sa->get_other_host(this->ike_sa); ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa); - me = charon->kernel_interface->get_source_addr( - charon->kernel_interface, other_old, NULL); + me = hydra->kernel_interface->get_source_addr( + hydra->kernel_interface, other_old, NULL); if (me) { apply_port(this, me, me_old, ike_cfg->get_my_port(ike_cfg)); @@ -324,8 +325,8 @@ static void transmit(private_ike_mobike_t *this, packet_t *packet) iterator = this->ike_sa->create_additional_address_iterator(this->ike_sa); while (iterator->iterate(iterator, (void**)&other)) { - me = charon->kernel_interface->get_source_addr( - charon->kernel_interface, other, NULL); + me = hydra->kernel_interface->get_source_addr( + hydra->kernel_interface, other, NULL); if (me) { if (me->get_family(me) != other->get_family(other)) @@ -363,7 +364,7 @@ static status_t build_i(private_ike_mobike_t *this, message_t *message) /* we check if the existing address is still valid */ old = message->get_source(message); - new = charon->kernel_interface->get_source_addr(charon->kernel_interface, + new = hydra->kernel_interface->get_source_addr(hydra->kernel_interface, message->get_destination(message), old); if (new) { diff --git a/src/libcharon/sa/tasks/ike_natd.c b/src/libcharon/sa/tasks/ike_natd.c index aa0d3ec1c..7839b52eb 100644 --- a/src/libcharon/sa/tasks/ike_natd.c +++ b/src/libcharon/sa/tasks/ike_natd.c @@ -18,6 +18,7 @@ #include <string.h> +#include <hydra.h> #include <daemon.h> #include <config/peer_cfg.h> #include <crypto/hashers/hasher.h> @@ -316,7 +317,7 @@ static status_t build_i(private_ike_natd_t *this, message_t *message) } else { - host = charon->kernel_interface->get_source_addr(charon->kernel_interface, + host = hydra->kernel_interface->get_source_addr(hydra->kernel_interface, this->ike_sa->get_other_host(this->ike_sa), NULL); if (host) { /* 2. */ @@ -327,8 +328,8 @@ static status_t build_i(private_ike_natd_t *this, message_t *message) } else { /* 3. */ - enumerator = charon->kernel_interface->create_address_enumerator( - charon->kernel_interface, FALSE, FALSE); + enumerator = hydra->kernel_interface->create_address_enumerator( + hydra->kernel_interface, FALSE, FALSE); while (enumerator->enumerate(enumerator, (void**)&host)) { /* apply port 500 to host, but work on a copy */ diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c index 80bf647cd..f91eff077 100644 --- a/src/libcharon/sa/trap_manager.c +++ b/src/libcharon/sa/trap_manager.c @@ -15,6 +15,7 @@ #include "trap_manager.h" +#include <hydra.h> #include <daemon.h> #include <threading/rwlock.h> #include <utils/linked_list.h> @@ -138,8 +139,8 @@ static u_int32_t install(private_trap_manager_t *this, peer_cfg_t *peer, if (!me || me->is_anyaddr(me)) { DESTROY_IF(me); - me = charon->kernel_interface->get_source_addr( - charon->kernel_interface, other, NULL); + me = hydra->kernel_interface->get_source_addr( + hydra->kernel_interface, other, NULL); if (!me) { DBG1(DBG_CFG, "installing trap failed, local address unknown"); |