src/conftest/hooks/set_proposal_number.c

   1 /*
   2  * Copyright (C) 2010 Martin Willi
   3  * Copyright (C) 2010 revosec AG
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include "hook.h"
  17
  18 #include <encoding/payloads/sa_payload.h>
  19
  20 typedef struct private_set_proposal_number_t private_set_proposal_number_t;
  21
  22 /**
  23  * Private data of an set_proposal_number_t object.
  24  */
  25 struct private_set_proposal_number_t {
  26
  27         /**
  28          * Implements the hook_t interface.
  29          */
  30         hook_t hook;
  31
  32         /**
  33          * Alter requests or responses?
  34          */
  35         bool req;
  36
  37         /**
  38          * ID of message to alter.
  39          */
  40         int id;
  41
  42         /**
  43          * Proposal number to modify
  44          */
  45         int from;
  46
  47         /**
  48          * Proposal number to set
  49          */
  50         int to;
  51 };
  52
  53 /**
  54  * Copy all algs from given type from one proposal to another
  55  */
  56 static void copy_proposal_algs(proposal_t *from, proposal_t *to,
  57                                                            transform_type_t type)
  58 {
  59         enumerator_t *enumerator;
  60         u_int16_t alg, key_size;
  61
  62         enumerator = from->create_enumerator(from, type);
  63         while (enumerator->enumerate(enumerator, &alg, &key_size))
  64         {
  65                 to->add_algorithm(to, type, alg, key_size);
  66         }
  67         enumerator->destroy(enumerator);
  68 }
  69
  70 METHOD(listener_t, message, bool,
  71         private_set_proposal_number_t *this, ike_sa_t *ike_sa, message_t *message,
  72         bool incoming)
  73 {
  74         if (!incoming &&
  75                 message->get_request(message) == this->req &&
  76                 message->get_message_id(message) == this->id)
  77         {
  78                 enumerator_t *enumerator;
  79                 payload_t *payload;
  80                 linked_list_t *list = NULL, *updated;
  81                 sa_payload_t *sa;
  82                 proposal_t *proposal, *new;
  83
  84                 updated = linked_list_create();
  85                 enumerator = message->create_payload_enumerator(message);
  86                 while (enumerator->enumerate(enumerator, &payload))
  87                 {
  88                         if (payload->get_type(payload) == SECURITY_ASSOCIATION)
  89                         {
  90                                 sa = (sa_payload_t*)payload;
  91                                 list = sa->get_proposals(sa);
  92                                 message->remove_payload_at(message, enumerator);
  93                                 sa->destroy(sa);
  94                         }
  95                 }
  96                 enumerator->destroy(enumerator);
  97
  98                 if (list)
  99                 {
 100                         enumerator = list->create_enumerator(list);
 101                         while (enumerator->enumerate(enumerator, &proposal))
 102                         {
 103                                 if (proposal->get_number(proposal) == this->from)
 104                                 {
 105                                         DBG1(DBG_CFG, "setting proposal number from %d to %d",
 106                                                  this->from, this->to);
 107                                         new = proposal_create(proposal->get_protocol(proposal),
 108                                                                                   this->to);
 109                                         copy_proposal_algs(proposal, new, ENCRYPTION_ALGORITHM);
 110                                         copy_proposal_algs(proposal, new, INTEGRITY_ALGORITHM);
 111                                         copy_proposal_algs(proposal, new, PSEUDO_RANDOM_FUNCTION);
 112                                         copy_proposal_algs(proposal, new, DIFFIE_HELLMAN_GROUP);
 113                                         copy_proposal_algs(proposal, new, EXTENDED_SEQUENCE_NUMBERS);
 114                                         updated->insert_last(updated, new);
 115                                 }
 116                                 else
 117                                 {
 118                                         list->remove_at(list, enumerator);
 119                                         updated->insert_last(updated, proposal);
 120                                 }
 121                         }
 122                         enumerator->destroy(enumerator);
 123                 }
 124                 sa = sa_payload_create_from_proposal_list(SECURITY_ASSOCIATION, updated);
 125                 list->destroy_offset(list, offsetof(proposal_t, destroy));
 126                 updated->destroy_offset(updated, offsetof(proposal_t, destroy));
 127                 message->add_payload(message, (payload_t*)sa);
 128         }
 129         return TRUE;
 130 }
 131
 132 METHOD(hook_t, destroy, void,
 133         private_set_proposal_number_t *this)
 134 {
 135         free(this);
 136 }
 137
 138 /**
 139  * Create the IKE_AUTH fill hook
 140  */
 141 hook_t *set_proposal_number_hook_create(char *name)
 142 {
 143         private_set_proposal_number_t *this;
 144
 145         INIT(this,
 146                 .hook = {
 147                         .listener = {
 148                                 .message = _message,
 149                         },
 150                         .destroy = _destroy,
 151                 },
 152                 .req = conftest->test->get_bool(conftest->test,
 153                                                                                 "hooks.%s.request", TRUE, name),
 154                 .id = conftest->test->get_int(conftest->test,
 155                                                                                 "hooks.%s.id", 0, name),
 156                 .from = conftest->test->get_int(conftest->test,
 157                                                                                 "hooks.%s.from", 0, name),
 158                 .to = conftest->test->get_int(conftest->test,
 159                                                                                 "hooks.%s.to", 1, name),
 160         );
 161
 162         return &this->hook;
 163 }