IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle XAUTH reques...
[strongswan.git] / src / libcharon / sa / tasks / xauth_request.c
1
2 #include "xauth_request.h"
3
4 #include <daemon.h>
5 #include <hydra.h>
6 #include <encoding/payloads/attribute_payload_v1.h>
7 #include <encoding/payloads/data_attribute_v1.h>
8 #include <encoding/payloads/hash_payload.h>
9 #include <encoding/generator.h>
10
11 typedef struct private_xauth_request_t private_xauth_request_t;
12
13 /**
14 * Private members of a xauth_request_t task.
15 */
16 struct private_xauth_request_t {
17
18 /**
19 * Public methods and task_t interface.
20 */
21 xauth_request_t public;
22
23 /**
24 * Assigned IKE_SA.
25 */
26 ike_sa_t *ike_sa;
27
28 /**
29 * Are we the initiator?
30 */
31 bool initiator;
32
33 /**
34 * virtual ip
35 */
36 host_t *virtual_ip;
37
38 /**
39 * list of attributes requested and its handler, entry_t
40 */
41 linked_list_t *requested;
42 };
43
44 /**
45 * Entry for a requested attribute and the requesting handler
46 */
47 typedef struct {
48 /** attribute requested */
49 configuration_attribute_type_t type;
50 /** handler requesting this attribute */
51 attribute_handler_t *handler;
52 } entry_t;
53
54 /**
55 * Scan for configuration payloads and attributes
56 */
57 static void process_payloads(private_xauth_request_t *this, message_t *message)
58 {
59 }
60
61 METHOD(task_t, build_i, status_t,
62 private_xauth_request_t *this, message_t *message)
63 {
64 attribute_payload_v1_t *ap = NULL;
65 chunk_t chunk = chunk_empty;
66 data_attribute_v1_t *da = NULL;
67 hash_payload_t *hash_payload = NULL;
68 generator_t *generator;
69 chunk_t attr_chunk;
70 chunk_t mid_chunk;
71 u_int32_t *lenpos;
72 u_int32_t message_id;
73 keymat_t *keymat;
74 prf_t *prf;
75 chunk_t hash_in, hash_out;
76
77 DBG1(DBG_IKE, "BUILDING XAUTH REQUEST PACKET");
78 /* TODO1: Create ATTR payload */
79 ap = attribute_payload_v1_create();
80
81 da = data_attribute_v1_create_value(XAUTH_USER_NAME, chunk);
82 ap->add_attribute(ap, da);
83
84 da = data_attribute_v1_create_value(XAUTH_USER_PASSWORD, chunk);
85 ap->add_attribute(ap, da);
86
87 /* Create HASH payload */
88 hash_payload = hash_payload_create();
89 /* TODO1: Add data into the hash */
90
91 /* Calculate the chunk for the ATTR payload */
92 generator = generator_create();
93 ap->payload_interface.set_next_type(&ap->payload_interface, NO_PAYLOAD);
94 generator->generate_payload(generator, (payload_t *)ap);
95 attr_chunk = generator->get_chunk(generator, &lenpos);
96
97 /* Get the message ID in network order */
98 htoun32(&message_id, message->get_message_id(message));
99 mid_chunk = chunk_from_thing(message_id);
100
101 /* Get the hashed data */
102 hash_in = chunk_cat("cc", mid_chunk, attr_chunk);
103
104 message->add_payload(message, (payload_t *)hash_payload);
105 message->add_payload(message, (payload_t *)ap);
106
107 return NEED_MORE;
108 }
109
110 METHOD(task_t, process_r, status_t,
111 private_xauth_request_t *this, message_t *message)
112 {
113 return NEED_MORE;
114 }
115
116 METHOD(task_t, build_r, status_t,
117 private_xauth_request_t *this, message_t *message)
118 {
119 return NEED_MORE;
120 }
121
122 METHOD(task_t, process_i, status_t,
123 private_xauth_request_t *this, message_t *message)
124 {
125 return NEED_MORE;
126 }
127
128 METHOD(task_t, get_type, task_type_t,
129 private_xauth_request_t *this)
130 {
131 return TASK_XAUTH_REQUEST;
132 }
133
134 METHOD(task_t, migrate, void,
135 private_xauth_request_t *this, ike_sa_t *ike_sa)
136 {
137 DESTROY_IF(this->virtual_ip);
138
139 this->ike_sa = ike_sa;
140 this->virtual_ip = NULL;
141 this->requested->destroy_function(this->requested, free);
142 this->requested = linked_list_create();
143 }
144
145 METHOD(task_t, destroy, void,
146 private_xauth_request_t *this)
147 {
148 DESTROY_IF(this->virtual_ip);
149 this->requested->destroy_function(this->requested, free);
150 free(this);
151 }
152
153 /*
154 * Described in header.
155 */
156 xauth_request_t *xauth_request_create(ike_sa_t *ike_sa, bool initiator)
157 {
158 private_xauth_request_t *this;
159
160 INIT(this,
161 .public = {
162 .task = {
163 .get_type = _get_type,
164 .migrate = _migrate,
165 .destroy = _destroy,
166 },
167 },
168 .initiator = initiator,
169 .ike_sa = ike_sa,
170 .requested = linked_list_create(),
171 );
172
173 if (initiator)
174 {
175 this->public.task.build = _build_i;
176 this->public.task.process = _process_i;
177 }
178 else
179 {
180 this->public.task.build = _build_r;
181 this->public.task.process = _process_r;
182 }
183
184 return &this->public;
185 }