Moved data structures to new collections subfolder
[strongswan.git] / src / libimcv / ietf / ietf_attr_port_filter.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include "ietf_attr_port_filter.h"
16
17 #include <pa_tnc/pa_tnc_msg.h>
18 #include <bio/bio_writer.h>
19 #include <bio/bio_reader.h>
20 #include <collections/linked_list.h>
21 #include <debug.h>
22
23
24 typedef struct private_ietf_attr_port_filter_t private_ietf_attr_port_filter_t;
25 typedef struct port_entry_t port_entry_t;
26
27 /**
28 * Port Filter entry
29 */
30 struct port_entry_t {
31 bool blocked;
32 u_int8_t protocol;
33 u_int16_t port;
34 };
35
36 /**
37 * PA-TNC Port Filter Type (see section 4.2.6 of RFC 5792)
38 *
39 * 1 2 3
40 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
41 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
42 * | Reserved |B| Protocol | Port Number |
43 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
44 * | Reserved |B| Protocol | Port Number |
45 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
46 */
47
48 #define PORT_FILTER_ENTRY_SIZE 4
49
50 /**
51 * Private data of an ietf_attr_port_filter_t object.
52 */
53 struct private_ietf_attr_port_filter_t {
54
55 /**
56 * Public members of ietf_attr_port_filter_t
57 */
58 ietf_attr_port_filter_t public;
59
60 /**
61 * Vendor-specific attribute type
62 */
63 pen_type_t type;
64
65 /**
66 * Attribute value
67 */
68 chunk_t value;
69
70 /**
71 * Noskip flag
72 */
73 bool noskip_flag;
74
75 /**
76 * List of Port Filter entries
77 */
78 linked_list_t *ports;
79
80 /**
81 * Reference count
82 */
83 refcount_t ref;
84 };
85
86 METHOD(pa_tnc_attr_t, get_type, pen_type_t,
87 private_ietf_attr_port_filter_t *this)
88 {
89 return this->type;
90 }
91
92 METHOD(pa_tnc_attr_t, get_value, chunk_t,
93 private_ietf_attr_port_filter_t *this)
94 {
95 return this->value;
96 }
97
98 METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
99 private_ietf_attr_port_filter_t *this)
100 {
101 return this->noskip_flag;
102 }
103
104 METHOD(pa_tnc_attr_t, set_noskip_flag,void,
105 private_ietf_attr_port_filter_t *this, bool noskip)
106 {
107 this->noskip_flag = noskip;
108 }
109
110 METHOD(pa_tnc_attr_t, build, void,
111 private_ietf_attr_port_filter_t *this)
112 {
113 bio_writer_t *writer;
114 enumerator_t *enumerator;
115 port_entry_t *entry;
116
117 if (this->value.ptr)
118 {
119 return;
120 }
121 writer = bio_writer_create(this->ports->get_count(this->ports) *
122 PORT_FILTER_ENTRY_SIZE);
123
124 enumerator = this->ports->create_enumerator(this->ports);
125 while (enumerator->enumerate(enumerator, &entry))
126 {
127 writer->write_uint8 (writer, entry->blocked ? 0x01 : 0x00);
128 writer->write_uint8 (writer, entry->protocol);
129 writer->write_uint16(writer, entry->port);
130 }
131 enumerator->destroy(enumerator);
132
133 this->value = chunk_clone(writer->get_buf(writer));
134 writer->destroy(writer);
135 }
136
137 METHOD(pa_tnc_attr_t, process, status_t,
138 private_ietf_attr_port_filter_t *this, u_int32_t *offset)
139 {
140 bio_reader_t *reader;
141 port_entry_t *entry;
142 u_int8_t blocked;
143
144 if (this->value.len % PORT_FILTER_ENTRY_SIZE)
145 {
146 DBG1(DBG_TNC, "ietf port filter attribute value is not a multiple of %d",
147 PORT_FILTER_ENTRY_SIZE);
148 *offset = 0;
149 return FAILED;
150 }
151 reader = bio_reader_create(this->value);
152
153 while (reader->remaining(reader))
154 {
155 entry = malloc_thing(port_entry_t);
156 reader->read_uint8 (reader, &blocked);
157 entry->blocked = blocked & 0x01;
158 reader->read_uint8 (reader, &entry->protocol);
159 reader->read_uint16(reader, &entry->port);
160 this->ports->insert_last(this->ports, entry);
161 }
162 reader->destroy(reader);
163
164 return SUCCESS;
165 }
166
167 METHOD(pa_tnc_attr_t, get_ref, pa_tnc_attr_t*,
168 private_ietf_attr_port_filter_t *this)
169 {
170 ref_get(&this->ref);
171 return &this->public.pa_tnc_attribute;
172 }
173
174 METHOD(pa_tnc_attr_t, destroy, void,
175 private_ietf_attr_port_filter_t *this)
176 {
177 if (ref_put(&this->ref))
178 {
179 this->ports->destroy_function(this->ports, free);
180 free(this->value.ptr);
181 free(this);
182 }
183 }
184
185 METHOD(ietf_attr_port_filter_t, add_port, void,
186 private_ietf_attr_port_filter_t *this, bool blocked, u_int8_t protocol,
187 u_int16_t port)
188 {
189 port_entry_t *entry;
190
191 entry = malloc_thing(port_entry_t);
192 entry->blocked = blocked;
193 entry->protocol = protocol;
194 entry->port = port;
195 this->ports->insert_last(this->ports, entry);
196 }
197
198 /**
199 * Enumerate port filter entries
200 */
201 static bool port_filter(void *null, port_entry_t **entry,
202 bool *blocked, void *i2, u_int8_t *protocol, void *i3,
203 u_int16_t *port)
204 {
205 *blocked = (*entry)->blocked;
206 *protocol = (*entry)->protocol;
207 *port = (*entry)->port;
208 return TRUE;
209 }
210
211 METHOD(ietf_attr_port_filter_t, create_port_enumerator, enumerator_t*,
212 private_ietf_attr_port_filter_t *this)
213 {
214 return enumerator_create_filter(this->ports->create_enumerator(this->ports),
215 (void*)port_filter, NULL, NULL);
216 }
217
218 /**
219 * Described in header.
220 */
221 pa_tnc_attr_t *ietf_attr_port_filter_create(void)
222 {
223 private_ietf_attr_port_filter_t *this;
224
225 INIT(this,
226 .public = {
227 .pa_tnc_attribute = {
228 .get_type = _get_type,
229 .get_value = _get_value,
230 .get_noskip_flag = _get_noskip_flag,
231 .set_noskip_flag = _set_noskip_flag,
232 .build = _build,
233 .process = _process,
234 .get_ref = _get_ref,
235 .destroy = _destroy,
236 },
237 .add_port = _add_port,
238 .create_port_enumerator = _create_port_enumerator,
239 },
240 .type = { PEN_IETF, IETF_ATTR_PORT_FILTER },
241 .ports = linked_list_create(),
242 .ref = 1,
243 );
244
245 return &this->public.pa_tnc_attribute;
246 }
247
248 /**
249 * Described in header.
250 */
251 pa_tnc_attr_t *ietf_attr_port_filter_create_from_data(chunk_t data)
252 {
253 private_ietf_attr_port_filter_t *this;
254
255 INIT(this,
256 .public = {
257 .pa_tnc_attribute = {
258 .get_type = _get_type,
259 .get_value = _get_value,
260 .build = _build,
261 .process = _process,
262 .get_ref = _get_ref,
263 .destroy = _destroy,
264 },
265 .add_port = _add_port,
266 .create_port_enumerator = _create_port_enumerator,
267 },
268 .type = {PEN_IETF, IETF_ATTR_PORT_FILTER },
269 .value = chunk_clone(data),
270 .ports = linked_list_create(),
271 .ref = 1,
272 );
273
274 return &this->public.pa_tnc_attribute;
275 }
276
277