projects / strongswan.git / blob
? search:


35f46a6b79f29835962b283060ed63a16984a16d
[strongswan.git] / src / charon / config / ike_cfg.c
1 /**
2 * @file ike_cfg.c
3 *
4 * @brief Implementation of ike_cfg_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005-2007 Martin Willi
10 * Copyright (C) 2005 Jan Hutter
11 * Hochschule fuer Technik Rapperswil
12 *
13 * This program is free software; you can redistribute it and/or modify it
14 * under the terms of the GNU General Public License as published by the
15 * Free Software Foundation; either version 2 of the License, or (at your
16 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 *
18 * This program is distributed in the hope that it will be useful, but
19 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
20 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
21 * for more details.
22 */
23
24 #include "ike_cfg.h"
25
26 #include <string.h>
27
28
29 typedef struct private_ike_cfg_t private_ike_cfg_t;
30
31 /**
32 * Private data of an ike_cfg_t object
33 */
34 struct private_ike_cfg_t {
35
36 /**
37 * Public part
38 */
39 ike_cfg_t public;
40
41 /**
42 * Number of references hold by others to this ike_cfg
43 */
44 refcount_t refcount;
45
46 /**
47 * Address of local host
48 */
49 host_t *my_host;
50
51 /**
52 * Address of remote host
53 */
54 host_t *other_host;
55
56 /**
57 * should we send a certificate request?
58 */
59 bool certreq;
60
61 /**
62 * List of proposals to use
63 */
64 linked_list_t *proposals;
65 };
66
67 /**
68 * Implementation of ike_cfg_t.certreq.
69 */
70 static bool send_certreq(private_ike_cfg_t *this)
71 {
72 return this->certreq;
73 }
74
75 /**
76 * Implementation of ike_cfg_t.get_my_host.
77 */
78 static host_t *get_my_host (private_ike_cfg_t *this)
79 {
80 return this->my_host;
81 }
82
83 /**
84 * Implementation of ike_cfg_t.get_other_host.
85 */
86 static host_t *get_other_host (private_ike_cfg_t *this)
87 {
88 return this->other_host;
89 }
90
91 /**
92 * Implementation of ike_cfg_t.add_proposal.
93 */
94 static void add_proposal(private_ike_cfg_t *this, proposal_t *proposal)
95 {
96 this->proposals->insert_last(this->proposals, proposal);
97 }
98
99 /**
100 * Implementation of ike_cfg_t.get_proposals.
101 */
102 static linked_list_t* get_proposals(private_ike_cfg_t *this)
103 {
104 iterator_t *iterator;
105 proposal_t *current;
106 linked_list_t *proposals = linked_list_create();
107
108 iterator = this->proposals->create_iterator(this->proposals, TRUE);
109 while (iterator->iterate(iterator, (void**)&current))
110 {
111 current = current->clone(current);
112 proposals->insert_last(proposals, (void*)current);
113 }
114 iterator->destroy(iterator);
115
116 return proposals;
117 }
118
119 /**
120 * Implementation of ike_cfg_t.select_proposal.
121 */
122 static proposal_t *select_proposal(private_ike_cfg_t *this,
123 linked_list_t *proposals)
124 {
125 iterator_t *stored_iter, *supplied_iter;
126 proposal_t *stored, *supplied, *selected;
127
128 stored_iter = this->proposals->create_iterator(this->proposals, TRUE);
129 supplied_iter = proposals->create_iterator(proposals, TRUE);
130
131 /* compare all stored proposals with all supplied. Stored ones are preferred.*/
132 while (stored_iter->iterate(stored_iter, (void**)&stored))
133 {
134 supplied_iter->reset(supplied_iter);
135
136 while (supplied_iter->iterate(supplied_iter, (void**)&supplied))
137 {
138 selected = stored->select(stored, supplied);
139 if (selected)
140 {
141 /* they match, return */
142 stored_iter->destroy(stored_iter);
143 supplied_iter->destroy(supplied_iter);
144 return selected;
145 }
146 }
147 }
148 /* no proposal match :-(, will result in a NO_PROPOSAL_CHOSEN... */
149 stored_iter->destroy(stored_iter);
150 supplied_iter->destroy(supplied_iter);
151
152 return NULL;
153 }
154
155 /**
156 * Implementation of ike_cfg_t.get_dh_group.
157 */
158 static diffie_hellman_group_t get_dh_group(private_ike_cfg_t *this)
159 {
160 iterator_t *iterator;
161 proposal_t *proposal;
162 algorithm_t *algo;
163 diffie_hellman_group_t dh_group = MODP_NONE;
164
165 iterator = this->proposals->create_iterator(this->proposals, TRUE);
166 while (iterator->iterate(iterator, (void**)&proposal))
167 {
168 if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, &algo))
169 {
170 dh_group = algo->algorithm;
171 break;
172 }
173 }
174 iterator->destroy(iterator);
175 return dh_group;
176 }
177
178 /**
179 * Implementation of ike_cfg_t.get_ref.
180 */
181 static void get_ref(private_ike_cfg_t *this)
182 {
183 ref_get(&this->refcount);
184 }
185
186 /**
187 * Implementation of ike_cfg_t.destroy.
188 */
189 static void destroy(private_ike_cfg_t *this)
190 {
191 if (ref_put(&this->refcount))
192 {
193 this->proposals->destroy_offset(this->proposals,
194 offsetof(proposal_t, destroy));
195 this->my_host->destroy(this->my_host);
196 this->other_host->destroy(this->other_host);
197 free(this);
198 }
199 }
200
201 /**
202 * Described in header.
203 */
204 ike_cfg_t *ike_cfg_create(bool certreq, host_t *my_host, host_t *other_host)
205 {
206 private_ike_cfg_t *this = malloc_thing(private_ike_cfg_t);
207
208 /* public functions */
209 this->public.send_certreq = (bool(*)(ike_cfg_t*))send_certreq;
210 this->public.get_my_host = (host_t*(*)(ike_cfg_t*))get_my_host;
211 this->public.get_other_host = (host_t*(*)(ike_cfg_t*))get_other_host;
212 this->public.add_proposal = (void(*)(ike_cfg_t*, proposal_t*)) add_proposal;
213 this->public.get_proposals = (linked_list_t*(*)(ike_cfg_t*))get_proposals;
214 this->public.select_proposal = (proposal_t*(*)(ike_cfg_t*,linked_list_t*))select_proposal;
215 this->public.get_dh_group = (diffie_hellman_group_t(*)(ike_cfg_t*)) get_dh_group;
216 this->public.get_ref = (void(*)(ike_cfg_t*))get_ref;
217 this->public.destroy = (void(*)(ike_cfg_t*))destroy;
218
219 /* private variables */
220 this->refcount = 1;
221 this->certreq = certreq;
222 this->my_host = my_host;
223 this->other_host = other_host;
224
225 this->proposals = linked_list_create();
226
227 return &this->public;
228 }
strongSwan - IPsec VPN