958bc105276167f1329ead836258d5fb9c35ea91
[strongswan.git] / src / conftest / hooks / custom_proposal.c
1 /*
2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "hook.h"
17
18 #include <errno.h>
19
20 #include <encoding/payloads/sa_payload.h>
21 #include <config/proposal.h>
22 #include <crypto/proposal/proposal_keywords.h>
23
24 typedef struct private_custom_proposal_t private_custom_proposal_t;
25
26 /**
27 * Private data of an custom_proposal_t object.
28 */
29 struct private_custom_proposal_t {
30
31 /**
32 * Implements the hook_t interface.
33 */
34 hook_t hook;
35
36 /**
37 * Alter requests or responses?
38 */
39 bool req;
40
41 /**
42 * ID of message to alter.
43 */
44 int id;
45
46 /**
47 * hook name
48 */
49 char *name;
50 };
51
52 /**
53 * Load custom proposal configuration to proposal list
54 */
55 static linked_list_t* load_proposals(private_custom_proposal_t *this,
56 protocol_id_t proto, u_int64_t spi)
57 {
58 enumerator_t *props, *algs;
59 char *number, *key, *value;
60 linked_list_t *list;
61
62 list = linked_list_create();
63 props = conftest->test->create_section_enumerator(conftest->test,
64 "hooks.%s", this->name);
65 while (props->enumerate(props, &number))
66 {
67 const proposal_token_t *token = NULL;
68 proposal_t *proposal;
69 u_int16_t type, alg, keysize = 0;
70 char *end;
71
72 proposal = proposal_create(proto, atoi(number));
73 proposal->set_spi(proposal, spi);
74
75 algs = conftest->test->create_key_value_enumerator(conftest->test,
76 "hooks.%s.%s", this->name, number);
77 while (algs->enumerate(algs, &key, &value))
78 {
79 errno = 0;
80 type = strtoul(key, &end, 10);
81 if (end == key || errno)
82 {
83 type = enum_from_name(transform_type_names, key);
84 if (type == -1)
85 {
86 DBG1(DBG_CFG, "unknown transform: '%s', skipped", key);
87 continue;
88 }
89 }
90 errno = 0;
91 alg = strtoul(value, &end, 10);
92 if (end == value || errno)
93 {
94 token = proposal_get_token(value, strlen(value));
95 if (!token)
96 {
97 DBG1(DBG_CFG, "unknown algorithm: '%s', skipped", value);
98 continue;
99 }
100 keysize = token->keysize;
101 alg = token->algorithm;
102 }
103 proposal->add_algorithm(proposal, type, alg, keysize);
104 }
105 algs->destroy(algs);
106 list->insert_last(list, proposal);
107 }
108 props->destroy(props);
109 return list;
110 }
111
112 METHOD(listener_t, message, bool,
113 private_custom_proposal_t *this, ike_sa_t *ike_sa, message_t *message,
114 bool incoming, bool plain)
115 {
116 if (!incoming && plain &&
117 message->get_request(message) == this->req &&
118 message->get_message_id(message) == this->id)
119 {
120 enumerator_t *enumerator;
121 payload_t *payload;
122 sa_payload_t *new, *old = NULL;
123 linked_list_t *new_props, *old_props;
124 proposal_t *proposal;
125
126 enumerator = message->create_payload_enumerator(message);
127 while (enumerator->enumerate(enumerator, &payload))
128 {
129 if (payload->get_type(payload) == SECURITY_ASSOCIATION)
130 {
131 old = (sa_payload_t*)payload;
132 message->remove_payload_at(message, enumerator);
133 }
134 }
135 enumerator->destroy(enumerator);
136
137 if (old)
138 {
139 old_props = old->get_proposals(old);
140 old->destroy(old);
141 enumerator = old_props->create_enumerator(old_props);
142 if (enumerator->enumerate(enumerator, &proposal))
143 {
144 new_props = load_proposals(this,
145 proposal->get_protocol(proposal),
146 proposal->get_spi(proposal));
147 DBG1(DBG_CFG, "injecting custom proposal: %#P", new_props);
148 new = sa_payload_create_from_proposals_v2(new_props);
149 message->add_payload(message, (payload_t*)new);
150 new_props->destroy_offset(new_props, offsetof(proposal_t, destroy));
151 }
152 enumerator->destroy(enumerator);
153 old_props->destroy_offset(old_props, offsetof(proposal_t, destroy));
154 }
155 }
156 return TRUE;
157 }
158
159 METHOD(hook_t, destroy, void,
160 private_custom_proposal_t *this)
161 {
162 free(this->name);
163 free(this);
164 }
165
166 /**
167 * Create the IKE_AUTH fill hook
168 */
169 hook_t *custom_proposal_hook_create(char *name)
170 {
171 private_custom_proposal_t *this;
172
173 INIT(this,
174 .hook = {
175 .listener = {
176 .message = _message,
177 },
178 .destroy = _destroy,
179 },
180 .req = conftest->test->get_bool(conftest->test,
181 "hooks.%s.request", TRUE, name),
182 .id = conftest->test->get_int(conftest->test,
183 "hooks.%s.id", 0, name),
184 .name = strdup(name),
185 );
186
187 return &this->hook;
188 }