- implemented sa_config
[strongswan.git] / Source / charon / sa / states / ike_sa_init_responded.c
index 34bc1db..cd44faf 100644 (file)
  
 #include "ike_sa_init_responded.h"
 
+#include <daemon.h>
 #include <utils/allocator.h>
+#include <encoding/payloads/ts_payload.h>
+#include <encoding/payloads/sa_payload.h>
+#include <encoding/payloads/id_payload.h>
+#include <encoding/payloads/auth_payload.h>
 #include <transforms/signers/signer.h>
 #include <transforms/crypters/crypter.h>
 
@@ -78,9 +83,12 @@ static status_t process_message(private_ike_sa_init_responded_t *this, message_t
        status_t status;
        signer_t *signer;
        crypter_t *crypter;
-       iterator_t *payloads;
+       iterator_t *payloads, *iterator;
        exchange_type_t exchange_type;
-       
+       id_payload_t *idi_payload, *idr_payload;
+       auth_payload_t *auth_payload;
+       sa_payload_t *sa_payload;
+       ts_payload_t *tsi_payload, *tsr_payload;
 
        exchange_type = message->get_exchange_type(message);
        if (exchange_type != IKE_AUTH)
@@ -96,7 +104,6 @@ static status_t process_message(private_ike_sa_init_responded_t *this, message_t
                return FAILED;
        }
        
-       
        /* get signer for verification and crypter for decryption */
        signer = this->ike_sa->get_signer_initiator(this->ike_sa);
        crypter = this->ike_sa->get_crypter_initiator(this->ike_sa);
@@ -109,77 +116,59 @@ static status_t process_message(private_ike_sa_init_responded_t *this, message_t
                return status;
        }
        
-       /* iterate over incoming payloads. We can be sure, the message contains only accepted payloads! */
+       /* iterate over incoming payloads. Message is verified, we can be sure there are the required payloads */
        payloads = message->get_payload_iterator(message);
-       
        while (payloads->has_next(payloads))
        {
                payload_t *payload;
-               
-               /* get current payload */
                payloads->current(payloads, (void**)&payload);
                
-               this->logger->log(this->logger, CONTROL|MORE, "Processing payload of type %s", mapping_find(payload_type_m, payload->get_type(payload)));
                switch (payload->get_type(payload))
                {
-//                     case SECURITY_ASSOCIATION:
-//                     {
-//                             sa_payload_t *sa_payload = (sa_payload_t*)payload;
-//                             iterator_t *suggested_proposals, *accepted_proposals;
-//                             proposal_substructure_t *accepted_proposal;
-//                             
-//                             accepted_proposals = this->proposals->create_iterator(this->proposals, FALSE);
-//                             
-//                             /* get the list of suggested proposals */ 
-//                             suggested_proposals = sa_payload->create_proposal_substructure_iterator(sa_payload, TRUE);
-//                             
-//                             /* now let the configuration-manager select a subset of the proposals */
-//                             status = charon->configuration_manager->select_proposals_for_host(charon->configuration_manager,
-//                                                                     this->ike_sa->get_other_host(this->ike_sa), suggested_proposals, accepted_proposals);
-//                             if (status != SUCCESS)
-//                             {
-//                                     this->logger->log(this->logger, CONTROL | MORE, "No proposal of suggested proposals selected");
-//                                     suggested_proposals->destroy(suggested_proposals);
-//                                     accepted_proposals->destroy(accepted_proposals);
-//                                     payloads->destroy(payloads);
-//                                     return status;
-//                             }
-//                             
-//                             /* iterators are not needed anymore */                  
-//                             suggested_proposals->destroy(suggested_proposals);
-//                             
-//                             /* let the ike_sa create their own transforms from proposal informations */
-//                             accepted_proposals->reset(accepted_proposals);
-//                             /* TODO check for true*/
-//                             accepted_proposals->has_next(accepted_proposals);
-//                             status = accepted_proposals->current(accepted_proposals,(void **)&accepted_proposal);
-//                             if (status != SUCCESS)
-//                             {
-//                                     this->logger->log(this->logger, ERROR | MORE, "Accepted proposals not supported?!");
-//                                     accepted_proposals->destroy(accepted_proposals);
-//                                     payloads->destroy(payloads);
-//                                     return status;
-//                             }
-//                             
-//                             status = this->ike_sa->create_transforms_from_proposal(this->ike_sa,accepted_proposal); 
-//                             accepted_proposals->destroy(accepted_proposals);
-//                             if (status != SUCCESS)
-//                             {
-//                                     this->logger->log(this->logger, ERROR | MORE, "Transform objects could not be created from selected proposal");
-//                                     payloads->destroy(payloads);
-//                                     return status;
-//                             }
-//                             
-//                             this->logger->log(this->logger, CONTROL | MORE, "SA Payload processed");
-//                             /* ok, we have what we need for sa_payload (proposals are stored in this->proposals)*/
-//                             break;
-//                     }
-       
+                       case ID_INITIATOR:
+                       {
+                               idi_payload = (id_payload_t*)payload;
+                               break;  
+                       }
+                       case AUTHENTICATION:
+                       {
+                               auth_payload = (auth_payload_t*)payload;
+                               break;  
+                       }
+                       case ID_RESPONDER:
+                       {
+                               /* TODO handle idr payloads */
+                               break;  
+                       }
+                       case SECURITY_ASSOCIATION:
+                       {
+                               sa_payload = (sa_payload_t*)payload;
+                               break;
+                       }
+                       case CERTIFICATE:
+                       {
+                               /* TODO handle cert payloads */
+                               break;
+                       }
+                       case CERTIFICATE_REQUEST:
+                       {
+                               /* TODO handle certrequest payloads */
+                               break;
+                       }
+                       case TRAFFIC_SELECTOR_INITIATOR:
+                       {
+                               tsi_payload = (ts_payload_t*)payload;                           
+                               break;  
+                       }
+                       case TRAFFIC_SELECTOR_RESPONDER:
+                       {
+                               tsr_payload = (ts_payload_t*)payload;
+                               break;  
+                       }
                        default:
                        {
-                               this->logger->log(this->logger, ERROR | MORE, "Payload type not supported!");
-                               payloads->destroy(payloads);
-                               return NOT_SUPPORTED;
+                               /* can't happen, since message is verified */
+                               break;
                        }
                }
        }
@@ -187,11 +176,64 @@ static status_t process_message(private_ike_sa_init_responded_t *this, message_t
        payloads->destroy(payloads);
        
        
+       /* 
+        * ID Payload 
+        */
+       this->logger->log(this->logger, CONTROL|MOST, "type of IDi is %s", 
+                                               mapping_find(id_type_m, idi_payload->get_id_type(idi_payload)));
+       chunk_t data = idi_payload->get_data(idi_payload);
+       
+       this->logger->log(this->logger, CONTROL|MOST, "data of IDi is %s", 
+                                               data.ptr);
+       
+//     charon->configuration_manager->get_my_default_id(charon->configuration_manager, id
+//
+//     
+//     
+//     
+//     this->logger->log(this->logger, CONTROL|MOST, "type of AUTH is %s", 
+//                                             mapping_find(auth_method_m, auth_payload->get_auth_method(auth_payload)));
+//     
+//     /* get the list of suggested proposals */ 
+//     suggested_proposals = sa_payload->create_proposal_substructure_iterator(sa_payload, TRUE);
+//     
+//     /* now let the configuration-manager select a subset of the proposals */
+//     status = charon->configuration_manager->select_proposals_for_host(charon->configuration_manager,
+//                                             this->ike_sa->get_other_host(this->ike_sa), suggested_proposals, accepted_proposals);
+//                             
+                       
+//     iterator = tsi_payload->create_traffic_selector_substructure_iterator(tsi_payload, TRUE);
+//     while (iterator->has_next(iterator))
+//     {
+//             traffic_selector_substructure_t *ts;
+//             iterator->current(iterator, (void**)ts);
+//             this->logger->log(this->logger, CONTROL|MOST, "type of TSi is %s", 
+//                                                     mapping_find(ts_type_m, ts->get_ts_type(ts)));
+//             
+//     }
+//     iterator->destroy(iterator);
+//     
+//     iterator = tsr_payload->create_traffic_selector_substructure_iterator(tsr_payload, TRUE);
+//     while (iterator->has_next(iterator))
+//     {
+//             traffic_selector_substructure_t *ts;
+//             iterator->current(iterator, (void**)ts);
+//             this->logger->log(this->logger, CONTROL|MOST, "type of TSr is %s", 
+//                                                     mapping_find(ts_type_m, ts->get_ts_type(ts)));
+//             
+//     }
+//     iterator->destroy(iterator);
+       
+       
        
        this->logger->log(this->logger, CONTROL | MORE, "Request successfully handled. Going to create reply.");
-
-       this->logger->log(this->logger, CONTROL | MOST, "Going to create nonce.");      
        
+       return SUCCESS;
+}
+
+
+static status_t build_id_payload(private_ike_sa_init_responded_t *this, id_payload_t *id_payload)
+{
        
        return SUCCESS;
 }