From b0b9d185931e7f88f0f7c89e9ef4e6034ac38dd3 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Wed, 16 Nov 2011 09:29:38 +0100
Subject: Extend sa_payload for IKEv1 support

---
 src/conftest/hooks/pretend_auth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index 4b7168cac..dd6ab9959 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -294,7 +294,8 @@ static void process_auth_response(private_pretend_auth_t *this,
 	if (this->proposal)
 	{
 		message->add_payload(message, (payload_t*)
-					sa_payload_create_from_proposal(this->proposal));
+					sa_payload_create_from_proposal(SECURITY_ASSOCIATION,
+													this->proposal));
 	}
 	if (this->tsi)
 	{
-- 
cgit v1.2.3


From c311d22d0f62b68bf0e69c110d94b569788c0fd3 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Fri, 18 Nov 2011 17:49:53 +0100
Subject: Don't clone chunk in message.get_packet_data

---
 src/conftest/hooks/pretend_auth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index dd6ab9959..ff99900f2 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -135,7 +135,7 @@ static void process_auth_request(private_pretend_auth_t *this,
 static void process_init_response(private_pretend_auth_t *this,
 								  ike_sa_t *ike_sa, message_t *message)
 {
-	this->ike_init = message->get_packet_data(message);
+	this->ike_init = chunk_clone(message->get_packet_data(message));
 }
 
 /**
-- 
cgit v1.2.3


From a0563846b0aebb692cb81647862807712d173e59 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 18 Nov 2011 10:56:48 +0100
Subject: Moved version specific keymat functions to specific interfaces.

---
 src/conftest/hooks/pretend_auth.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index ff99900f2..f91b6bf9b 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -15,6 +15,7 @@
 
 #include "hook.h"
 
+#include <sa/keymat_v2.h>
 #include <encoding/payloads/nonce_payload.h>
 #include <encoding/payloads/cert_payload.h>
 #include <encoding/payloads/auth_payload.h>
@@ -190,7 +191,7 @@ static bool build_auth(private_pretend_auth_t *this,
 	auth_payload_t *auth_payload;
 	auth_method_t auth_method;
 	signature_scheme_t scheme;
-	keymat_t *keymat;
+	keymat_v2_t *keymat;
 
 	auth = auth_cfg_create();
 	private = lib->credmgr->get_private(lib->credmgr, KEY_ANY, this->id, auth);
@@ -235,7 +236,7 @@ static bool build_auth(private_pretend_auth_t *this,
 					key_type_names, private->get_type(private));
 			return FALSE;
 	}
-	keymat = ike_sa->get_keymat(ike_sa);
+	keymat = (keymat_v2_t*)ike_sa->get_keymat(ike_sa);
 	octets = keymat->get_auth_octets(keymat, TRUE, this->ike_init,
 									 this->nonce, this->id, this->reserved);
 	if (!private->sign(private, scheme, octets, &auth_data))
-- 
cgit v1.2.3


From d6cec44b2400589a746649862326f72490288544 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 23 Nov 2011 12:11:49 +0100
Subject: Fixed conftests after extending CERT payload.

---
 src/conftest/hooks/pretend_auth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index f91b6bf9b..560864db5 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -154,7 +154,7 @@ static void build_certs(private_pretend_auth_t *this,
 	cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
 	if (cert)
 	{
-		payload = cert_payload_create_from_cert(cert);
+		payload = cert_payload_create_from_cert(cert, CERTIFICATE);
 		if (payload)
 		{
 			DBG1(DBG_IKE, "pretending end entity cert \"%Y\"",
@@ -167,7 +167,7 @@ static void build_certs(private_pretend_auth_t *this,
 	{
 		if (type == AUTH_RULE_IM_CERT)
 		{
-			payload = cert_payload_create_from_cert(cert);
+			payload = cert_payload_create_from_cert(cert, CERTIFICATE);
 			if (payload)
 			{
 				DBG1(DBG_IKE, "pretending issuer cert \"%Y\"",
-- 
cgit v1.2.3


From e174e0d4455e30a8d9a1900916a195f20588afdb Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 24 Nov 2011 11:39:31 +0100
Subject: Added not-yet used sa_payload parameters used in IKEv1

---
 src/conftest/hooks/pretend_auth.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index 560864db5..b8f961403 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -295,8 +295,7 @@ static void process_auth_response(private_pretend_auth_t *this,
 	if (this->proposal)
 	{
 		message->add_payload(message, (payload_t*)
-					sa_payload_create_from_proposal(SECURITY_ASSOCIATION,
-													this->proposal));
+					sa_payload_create_from_proposal_v2(this->proposal));
 	}
 	if (this->tsi)
 	{
-- 
cgit v1.2.3


From 9ad5b8fa951c294f3f79ffe701cac712a6cf18df Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Tue, 6 Dec 2011 13:37:57 +0100
Subject: Cleanup CERT payload constructors

---
 src/conftest/hooks/pretend_auth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index b8f961403..10b13c6ac 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -154,7 +154,7 @@ static void build_certs(private_pretend_auth_t *this,
 	cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
 	if (cert)
 	{
-		payload = cert_payload_create_from_cert(cert, CERTIFICATE);
+		payload = cert_payload_create_from_cert(CERTIFICATE, cert);
 		if (payload)
 		{
 			DBG1(DBG_IKE, "pretending end entity cert \"%Y\"",
@@ -167,7 +167,7 @@ static void build_certs(private_pretend_auth_t *this,
 	{
 		if (type == AUTH_RULE_IM_CERT)
 		{
-			payload = cert_payload_create_from_cert(cert, CERTIFICATE);
+			payload = cert_payload_create_from_cert(CERTIFICATE, cert);
 			if (payload)
 			{
 				DBG1(DBG_IKE, "pretending issuer cert \"%Y\"",
-- 
cgit v1.2.3


From 15a682f4c23d0b8340b31077698e6f6d924c2861 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Mon, 19 Dec 2011 13:10:29 +0100
Subject: Separated libcharon/sa directory with ikev1 and ikev2 subfolders

---
 src/conftest/hooks/pretend_auth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index 10b13c6ac..3a7bb4f6b 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -15,7 +15,7 @@
 
 #include "hook.h"
 
-#include <sa/keymat_v2.h>
+#include <sa/ikev2/keymat_v2.h>
 #include <encoding/payloads/nonce_payload.h>
 #include <encoding/payloads/cert_payload.h>
 #include <encoding/payloads/auth_payload.h>
-- 
cgit v1.2.3


From 47b8f6ef4b3637e94d4b211721b38ba263f6d9c0 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 19 Jan 2012 16:22:25 +0100
Subject: Invoke bus_t.message hook twice, once plain and parsed, once encoded
 and encrypted

---
 src/conftest/hooks/pretend_auth.c | 45 +++++++++++++++++++++------------------
 1 file changed, 24 insertions(+), 21 deletions(-)

(limited to 'src/conftest/hooks/pretend_auth.c')

diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index 3a7bb4f6b..cfc39e3a9 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -311,35 +311,38 @@ static void process_auth_response(private_pretend_auth_t *this,
 
 METHOD(listener_t, message, bool,
 	private_pretend_auth_t *this, ike_sa_t *ike_sa, message_t *message,
-	bool incoming)
+	bool incoming, bool plain)
 {
-	if (incoming)
+	if (plain)
 	{
-		if (!message->get_request(message))
+		if (incoming)
 		{
-			if (message->get_exchange_type(message) == IKE_SA_INIT)
+			if (!message->get_request(message))
 			{
-				process_init_response(this, ike_sa, message);
-			}
-			if (message->get_exchange_type(message) == IKE_AUTH &&
-				message->get_message_id(message) == 1)
-			{
-				process_auth_response(this, ike_sa, message);
+				if (message->get_exchange_type(message) == IKE_SA_INIT)
+				{
+					process_init_response(this, ike_sa, message);
+				}
+				if (message->get_exchange_type(message) == IKE_AUTH &&
+					message->get_message_id(message) == 1)
+				{
+					process_auth_response(this, ike_sa, message);
+				}
 			}
 		}
-	}
-	else
-	{
-		if (message->get_request(message))
+		else
 		{
-			if (message->get_exchange_type(message) == IKE_SA_INIT)
-			{
-				process_init_request(this, ike_sa, message);
-			}
-			if (message->get_exchange_type(message) == IKE_AUTH &&
-				message->get_message_id(message) == 1)
+			if (message->get_request(message))
 			{
-				process_auth_request(this, ike_sa, message);
+				if (message->get_exchange_type(message) == IKE_SA_INIT)
+				{
+					process_init_request(this, ike_sa, message);
+				}
+				if (message->get_exchange_type(message) == IKE_AUTH &&
+					message->get_message_id(message) == 1)
+				{
+					process_auth_request(this, ike_sa, message);
+				}
 			}
 		}
 	}
-- 
cgit v1.2.3