Moving charon to libcharon.
[strongswan.git] / src / libcharon / sa / tasks / ike_auth_lifetime.c
1 /*
2 * Copyright (C) 2007 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "ike_auth_lifetime.h"
17
18 #include <time.h>
19
20 #include <daemon.h>
21 #include <encoding/payloads/notify_payload.h>
22
23
24 typedef struct private_ike_auth_lifetime_t private_ike_auth_lifetime_t;
25
26 /**
27 * Private members of a ike_auth_lifetime_t task.
28 */
29 struct private_ike_auth_lifetime_t {
30
31 /**
32 * Public methods and task_t interface.
33 */
34 ike_auth_lifetime_t public;
35
36 /**
37 * Assigned IKE_SA.
38 */
39 ike_sa_t *ike_sa;
40 };
41
42 /**
43 * add the AUTH_LIFETIME notify to the message
44 */
45 static void add_auth_lifetime(private_ike_auth_lifetime_t *this, message_t *message)
46 {
47 chunk_t chunk;
48 u_int32_t lifetime;
49
50 lifetime = this->ike_sa->get_statistic(this->ike_sa, STAT_REAUTH);
51 if (lifetime)
52 {
53 lifetime -= time_monotonic(NULL);
54 chunk = chunk_from_thing(lifetime);
55 *(u_int32_t*)chunk.ptr = htonl(lifetime);
56 message->add_notify(message, FALSE, AUTH_LIFETIME, chunk);
57 }
58 }
59
60 /**
61 * read notifys from message and evaluate them
62 */
63 static void process_payloads(private_ike_auth_lifetime_t *this, message_t *message)
64 {
65 notify_payload_t *notify;
66 chunk_t data;
67 u_int32_t lifetime;
68
69 notify = message->get_notify(message, AUTH_LIFETIME);
70 if (notify)
71 {
72 data = notify->get_notification_data(notify);
73 lifetime = ntohl(*(u_int32_t*)data.ptr);
74 this->ike_sa->set_auth_lifetime(this->ike_sa, lifetime);
75 }
76 }
77
78 /**
79 * Implementation of task_t.process for initiator
80 */
81 static status_t build_i(private_ike_auth_lifetime_t *this, message_t *message)
82 {
83 if (message->get_exchange_type(message) == INFORMATIONAL)
84 {
85 add_auth_lifetime(this, message);
86 return SUCCESS;
87 }
88 return NEED_MORE;
89 }
90
91 /**
92 * Implementation of task_t.process for responder
93 */
94 static status_t process_r(private_ike_auth_lifetime_t *this, message_t *message)
95 {
96 if (message->get_exchange_type(message) == INFORMATIONAL)
97 {
98 process_payloads(this, message);
99 return SUCCESS;
100 }
101 return NEED_MORE;
102 }
103
104 /**
105 * Implementation of task_t.build for responder
106 */
107 static status_t build_r(private_ike_auth_lifetime_t *this, message_t *message)
108 {
109 if (message->get_exchange_type(message) == IKE_AUTH &&
110 this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
111 {
112 add_auth_lifetime(this, message);
113 return SUCCESS;
114 }
115 return NEED_MORE;
116 }
117
118 /**
119 * Implementation of task_t.process for initiator
120 */
121 static status_t process_i(private_ike_auth_lifetime_t *this, message_t *message)
122 {
123 if (message->get_exchange_type(message) == IKE_AUTH &&
124 this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
125 {
126 process_payloads(this, message);
127 return SUCCESS;
128 }
129 return NEED_MORE;
130 }
131
132 /**
133 * Implementation of task_t.get_type
134 */
135 static task_type_t get_type(private_ike_auth_lifetime_t *this)
136 {
137 return IKE_AUTH_LIFETIME;
138 }
139
140 /**
141 * Implementation of task_t.migrate
142 */
143 static void migrate(private_ike_auth_lifetime_t *this, ike_sa_t *ike_sa)
144 {
145 this->ike_sa = ike_sa;
146 }
147
148 /**
149 * Implementation of task_t.destroy
150 */
151 static void destroy(private_ike_auth_lifetime_t *this)
152 {
153 free(this);
154 }
155
156 /*
157 * Described in header.
158 */
159 ike_auth_lifetime_t *ike_auth_lifetime_create(ike_sa_t *ike_sa, bool initiator)
160 {
161 private_ike_auth_lifetime_t *this = malloc_thing(private_ike_auth_lifetime_t);
162
163 this->public.task.get_type = (task_type_t(*)(task_t*))get_type;
164 this->public.task.migrate = (void(*)(task_t*,ike_sa_t*))migrate;
165 this->public.task.destroy = (void(*)(task_t*))destroy;
166
167 if (initiator)
168 {
169 this->public.task.build = (status_t(*)(task_t*,message_t*))build_i;
170 this->public.task.process = (status_t(*)(task_t*,message_t*))process_i;
171 }
172 else
173 {
174 this->public.task.build = (status_t(*)(task_t*,message_t*))build_r;
175 this->public.task.process = (status_t(*)(task_t*,message_t*))process_r;
176 }
177
178 this->ike_sa = ike_sa;
179
180 return &this->public;
181 }
182