1 files changed, 12 insertions, 85 deletions

diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
index 6b9e9d58a..7818db492 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
@@ -14,21 +14,7 @@
  */
 
 #include "af_alg_signer.h"
-
-#include <unistd.h>
-#include <errno.h>
-#include <linux/socket.h>
-#include <linux/if_alg.h>
-
-#include <debug.h>
-
-#ifndef AF_ALG
-#define AF_ALG		38
-#endif /* AF_ALG */
-
-#ifndef SOL_ALG
-#define SOL_ALG 279
-#endif /* SOL_ALG */
+#include "af_alg_ops.h"
 
 typedef struct private_af_alg_signer_t private_af_alg_signer_t;
 
@@ -43,14 +29,9 @@ struct private_af_alg_signer_t {
 	af_alg_signer_t public;
 
 	/**
-	 * Transform fd
+	 * AF_ALG operations
 	 */
-	int tfm;
-
-	/**
-	 * Current operation fd, -1 if none
-	 */
-	int op;
+	af_alg_ops_t *ops;
 
 	/**
 	 * Size of the truncated signature
@@ -66,7 +47,7 @@ struct private_af_alg_signer_t {
 /**
  * Get the kernel algorithm string and block/key size for our identifier
  */
-static size_t lookup_alg(integrity_algorithm_t algo, char *name,
+static size_t lookup_alg(integrity_algorithm_t algo, char **name,
 						 size_t *key_size)
 {
 	static struct {
@@ -95,7 +76,7 @@ static size_t lookup_alg(integrity_algorithm_t algo, char *name,
 	{
 		if (algs[i].id == algo)
 		{
-			strcpy(name, algs[i].name);
+			*name = algs[i].name;
 			*key_size = algs[i].key_size;
 			return algs[i].block_size;
 		}
@@ -106,41 +87,7 @@ static size_t lookup_alg(integrity_algorithm_t algo, char *name,
 METHOD(signer_t, get_signature, void,
 	private_af_alg_signer_t *this, chunk_t data, u_int8_t *buffer)
 {
-	ssize_t len;
-
-	while (this->op == -1)
-	{
-		this->op = accept(this->tfm, NULL, 0);
-		if (this->op == -1)
-		{
-			DBG1(DBG_LIB, "opening AF_ALG signer failed: %s", strerror(errno));
-			sleep(1);
-		}
-	}
-	do
-	{
-		len = send(this->op, data.ptr, data.len, buffer ? 0 : MSG_MORE);
-		if (len == -1)
-		{
-			DBG1(DBG_LIB, "writing to AF_ALG signer failed: %s", strerror(errno));
-			sleep(1);
-		}
-		else
-		{
-			data = chunk_skip(data, len);
-		}
-	}
-	while (data.len);
-	if (buffer)
-	{
-		while (read(this->op, buffer, this->block_size) != this->block_size)
-		{
-			DBG1(DBG_LIB, "reading AF_ALG signer failed: %s", strerror(errno));
-			sleep(1);
-		}
-		close(this->op);
-		this->op = -1;
-	}
+	this->ops->hash(this->ops, data, buffer, this->block_size);
 }
 
 METHOD(signer_t, allocate_signature, void,
@@ -185,20 +132,13 @@ METHOD(signer_t, get_block_size, size_t,
 METHOD(signer_t, set_key, void,
 	private_af_alg_signer_t *this, chunk_t key)
 {
-	if (setsockopt(this->tfm, SOL_ALG, ALG_SET_KEY, key.ptr, key.len) == -1)
-	{
-		DBG1(DBG_LIB, "setting AF_ALG key failed: %s", strerror(errno));
-	}
+	this->ops->set_key(this->ops, key);
 }
 
 METHOD(signer_t, destroy, void,
 	private_af_alg_signer_t *this)
 {
-	if (this->op != -1)
-	{
-		close(this->op);
-	}
-	close(this->tfm);
+	this->ops->destroy(this->ops);
 	free(this);
 }
 
@@ -208,13 +148,10 @@ METHOD(signer_t, destroy, void,
 af_alg_signer_t *af_alg_signer_create(integrity_algorithm_t algo)
 {
 	private_af_alg_signer_t *this;
-	struct sockaddr_alg sa = {
-		.salg_family = AF_ALG,
-		.salg_type = "hash",
-	};
 	size_t block_size, key_size;
+	char *name;
 
-	block_size = lookup_alg(algo, sa.salg_name, &key_size);
+	block_size = lookup_alg(algo, &name, &key_size);
 	if (!block_size)
 	{	/* not supported by kernel */
 		return NULL;
@@ -232,24 +169,14 @@ af_alg_signer_t *af_alg_signer_create(integrity_algorithm_t algo)
 				.destroy = _destroy,
 			},
 		},
-		.tfm = socket(AF_ALG, SOCK_SEQPACKET, 0),
-		.op = -1,
+		.ops = af_alg_ops_create("hash", name),
 		.block_size = block_size,
 		.key_size = key_size,
 	);
-
-	if (this->tfm == -1)
+	if (!this->ops)
 	{
-		DBG1(DBG_LIB, "opening AF_ALG socket failed: %s", strerror(errno));
 		free(this);
 		return NULL;
 	}
-	if (bind(this->tfm, (struct sockaddr*)&sa, sizeof(sa)) == -1)
-	{
-		DBG1(DBG_LIB, "binding AF_ALG socket for '%s' failed: %s",
-			 sa.salg_name, strerror(errno));
-		destroy(this);
-		return NULL;
-	}
 	return &this->public;
 }