src/libcharon/config/ike_cfg.c

   1 /*
   2  * Copyright (C) 2005-2007 Martin Willi
   3  * Copyright (C) 2005 Jan Hutter
   4  * Hochschule fuer Technik Rapperswil
   5  *
   6  * This program is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2 of the License, or (at your
   9  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * for more details.
  15  */
  16
  17 #include "ike_cfg.h"
  18
  19 #include <string.h>
  20
  21 #include <daemon.h>
  22
  23
  24 typedef struct private_ike_cfg_t private_ike_cfg_t;
  25
  26 /**
  27  * Private data of an ike_cfg_t object
  28  */
  29 struct private_ike_cfg_t {
  30
  31         /**
  32          * Public part
  33          */
  34         ike_cfg_t public;
  35
  36         /**
  37          * Number of references hold by others to this ike_cfg
  38          */
  39         refcount_t refcount;
  40
  41         /**
  42          * Address of local host
  43          */
  44         char *me;
  45
  46         /**
  47          * Address of remote host
  48          */
  49         char *other;
  50
  51         /**
  52          * our source port
  53          */
  54         u_int16_t my_port;
  55
  56         /**
  57          * destination port
  58          */
  59         u_int16_t other_port;
  60
  61         /**
  62          * should we send a certificate request?
  63          */
  64         bool certreq;
  65
  66         /**
  67          * enforce UDP encapsulation
  68          */
  69         bool force_encap;
  70
  71         /**
  72          * List of proposals to use
  73          */
  74         linked_list_t *proposals;
  75 };
  76
  77 METHOD(ike_cfg_t, send_certreq, bool,
  78         private_ike_cfg_t *this)
  79 {
  80         return this->certreq;
  81 }
  82
  83 METHOD(ike_cfg_t, force_encap_, bool,
  84         private_ike_cfg_t *this)
  85 {
  86         return this->force_encap;
  87 }
  88
  89 METHOD(ike_cfg_t, get_my_addr, char*,
  90         private_ike_cfg_t *this)
  91 {
  92         return this->me;
  93 }
  94
  95 METHOD(ike_cfg_t, get_other_addr, char*,
  96         private_ike_cfg_t *this)
  97 {
  98         return this->other;
  99 }
 100
 101 METHOD(ike_cfg_t, get_my_port, u_int16_t,
 102         private_ike_cfg_t *this)
 103 {
 104         return this->my_port;
 105 }
 106
 107 METHOD(ike_cfg_t, get_other_port, u_int16_t,
 108         private_ike_cfg_t *this)
 109 {
 110         return this->other_port;
 111 }
 112
 113 METHOD(ike_cfg_t, add_proposal, void,
 114         private_ike_cfg_t *this, proposal_t *proposal)
 115 {
 116         this->proposals->insert_last(this->proposals, proposal);
 117 }
 118
 119 METHOD(ike_cfg_t, get_proposals, linked_list_t*,
 120         private_ike_cfg_t *this)
 121 {
 122         enumerator_t *enumerator;
 123         proposal_t *current;
 124         linked_list_t *proposals;
 125
 126         proposals = linked_list_create();
 127         enumerator = this->proposals->create_enumerator(this->proposals);
 128         while (enumerator->enumerate(enumerator, &current))
 129         {
 130                 current = current->clone(current);
 131                 proposals->insert_last(proposals, current);
 132         }
 133         enumerator->destroy(enumerator);
 134
 135         return proposals;
 136 }
 137
 138 METHOD(ike_cfg_t, select_proposal, proposal_t*,
 139         private_ike_cfg_t *this, linked_list_t *proposals, bool private)
 140 {
 141         enumerator_t *stored_enum, *supplied_enum;
 142         proposal_t *stored, *supplied, *selected;
 143
 144         stored_enum = this->proposals->create_enumerator(this->proposals);
 145         supplied_enum = proposals->create_enumerator(proposals);
 146
 147
 148         /* compare all stored proposals with all supplied. Stored ones are preferred.*/
 149         while (stored_enum->enumerate(stored_enum, (void**)&stored))
 150         {
 151                 proposals->reset_enumerator(proposals, supplied_enum);
 152
 153                 while (supplied_enum->enumerate(supplied_enum, (void**)&supplied))
 154                 {
 155                         selected = stored->select(stored, supplied, private);
 156                         if (selected)
 157                         {
 158                                 /* they match, return */
 159                                 stored_enum->destroy(stored_enum);
 160                                 supplied_enum->destroy(supplied_enum);
 161                                 DBG2(DBG_CFG, "received proposals: %#P", proposals);
 162                                 DBG2(DBG_CFG, "configured proposals: %#P", this->proposals);
 163                                 DBG2(DBG_CFG, "selected proposal: %P", selected);
 164                                 return selected;
 165                         }
 166                 }
 167         }
 168         /* no proposal match :-(, will result in a NO_PROPOSAL_CHOSEN... */
 169         stored_enum->destroy(stored_enum);
 170         supplied_enum->destroy(supplied_enum);
 171         DBG1(DBG_CFG, "received proposals: %#P", proposals);
 172         DBG1(DBG_CFG, "configured proposals: %#P", this->proposals);
 173
 174         return NULL;
 175 }
 176
 177 METHOD(ike_cfg_t, get_dh_group, diffie_hellman_group_t,
 178         private_ike_cfg_t *this)
 179 {
 180         enumerator_t *enumerator;
 181         proposal_t *proposal;
 182         u_int16_t dh_group = MODP_NONE;
 183
 184         enumerator = this->proposals->create_enumerator(this->proposals);
 185         while (enumerator->enumerate(enumerator, &proposal))
 186         {
 187                 if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, &dh_group, NULL))
 188                 {
 189                         break;
 190                 }
 191         }
 192         enumerator->destroy(enumerator);
 193         return dh_group;
 194 }
 195
 196 METHOD(ike_cfg_t, equals, bool,
 197         private_ike_cfg_t *this, ike_cfg_t *other_public)
 198 {
 199         private_ike_cfg_t *other = (private_ike_cfg_t*)other_public;
 200         enumerator_t *e1, *e2;
 201         proposal_t *p1, *p2;
 202         bool eq = TRUE;
 203
 204         if (this == other)
 205         {
 206                 return TRUE;
 207         }
 208         if (this->public.equals != other->public.equals)
 209         {
 210                 return FALSE;
 211         }
 212         if (this->proposals->get_count(this->proposals) !=
 213                 other->proposals->get_count(other->proposals))
 214         {
 215                 return FALSE;
 216         }
 217         e1 = this->proposals->create_enumerator(this->proposals);
 218         e2 = this->proposals->create_enumerator(this->proposals);
 219         while (e1->enumerate(e1, &p1) && e2->enumerate(e2, &p2))
 220         {
 221                 if (!p1->equals(p1, p2))
 222                 {
 223                         eq = FALSE;
 224                         break;
 225                 }
 226         }
 227         e1->destroy(e1);
 228         e2->destroy(e2);
 229
 230         return (eq &&
 231                 this->certreq == other->certreq &&
 232                 this->force_encap == other->force_encap &&
 233                 streq(this->me, other->me) &&
 234                 streq(this->other, other->other) &&
 235                 this->my_port == other->my_port &&
 236                 this->other_port == other->other_port);
 237 }
 238
 239 METHOD(ike_cfg_t, get_ref, ike_cfg_t*,
 240         private_ike_cfg_t *this)
 241 {
 242         ref_get(&this->refcount);
 243         return &this->public;
 244 }
 245
 246 METHOD(ike_cfg_t, destroy, void,
 247         private_ike_cfg_t *this)
 248 {
 249         if (ref_put(&this->refcount))
 250         {
 251                 this->proposals->destroy_offset(this->proposals,
 252                                                                                 offsetof(proposal_t, destroy));
 253                 free(this->me);
 254                 free(this->other);
 255                 free(this);
 256         }
 257 }
 258
 259 /**
 260  * Described in header.
 261  */
 262 ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
 263                                 char *me, u_int16_t my_port, char *other, u_int16_t other_port)
 264 {
 265         private_ike_cfg_t *this;
 266
 267         INIT(this,
 268                 .public = {
 269                         .send_certreq = _send_certreq,
 270                         .force_encap = _force_encap_,
 271                         .get_my_addr = _get_my_addr,
 272                         .get_other_addr = _get_other_addr,
 273                         .get_my_port = _get_my_port,
 274                         .get_other_port = _get_other_port,
 275                         .add_proposal = _add_proposal,
 276                         .get_proposals = _get_proposals,
 277                         .select_proposal = _select_proposal,
 278                         .get_dh_group = _get_dh_group,
 279                         .equals = _equals,
 280                         .get_ref = _get_ref,
 281                         .destroy = _destroy,
 282                 },
 283                 .refcount = 1,
 284                 .certreq = certreq,
 285                 .force_encap = force_encap,
 286                 .me = strdup(me),
 287                 .other = strdup(other),
 288                 .my_port = my_port,
 289                 .other_port = other_port,
 290                 .proposals = linked_list_create(),
 291         );
 292
 293         return &this->public;
 294 }