Store the major IKE version on ike_sa_id_t.
authorTobias Brunner <tobias@strongswan.org>
Wed, 29 Feb 2012 13:47:09 +0000 (14:47 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 20 Mar 2012 16:31:40 +0000 (17:31 +0100)
src/libcharon/encoding/message.c
src/libcharon/plugins/ha/ha_message.c
src/libcharon/plugins/ha/ha_message.h
src/libcharon/sa/ike_sa_id.c
src/libcharon/sa/ike_sa_id.h
src/libcharon/sa/ike_sa_manager.c
src/libcharon/sa/ikev2/connect_manager.c

index dd7f8ec..63114c9 100644 (file)
@@ -1655,6 +1655,7 @@ METHOD(message_t, parse_header, status_t,
 
        DESTROY_IF(this->ike_sa_id);
        this->ike_sa_id = ike_sa_id_create(
+                                                                       ike_header->get_maj_version(ike_header),
                                                                        ike_header->get_initiator_spi(ike_header),
                                                                        ike_header->get_responder_spi(ike_header),
                                                                        ike_header->get_initiator_flag(ike_header));
index c7c624d..52317e5 100644 (file)
@@ -67,6 +67,7 @@ typedef struct ike_sa_id_encoding_t ike_sa_id_encoding_t;
  * Encoding if an ike_sa_id_t
  */
 struct ike_sa_id_encoding_t {
+       u_int8_t ike_version;
        u_int64_t initiator_spi;
        u_int64_t responder_spi;
        u_int8_t initiator;
@@ -157,6 +158,7 @@ METHOD(ha_message_t, add_attribute, void,
                        enc = (ike_sa_id_encoding_t*)(this->buf.ptr + this->buf.len);
                        this->buf.len += sizeof(ike_sa_id_encoding_t);
                        enc->initiator = id->is_initiator(id);
+                       enc->ike_version = id->get_ike_version(id);
                        enc->initiator_spi = id->get_initiator_spi(id);
                        enc->responder_spi = id->get_responder_spi(id);
                        break;
@@ -357,8 +359,9 @@ METHOD(enumerator_t, attribute_enumerate, bool,
                                return FALSE;
                        }
                        enc = (ike_sa_id_encoding_t*)(this->buf.ptr);
-                       value->ike_sa_id = ike_sa_id_create(enc->initiator_spi,
-                                                                                       enc->responder_spi, enc->initiator);
+                       value->ike_sa_id = ike_sa_id_create(enc->ike_version,
+                                                                               enc->initiator_spi, enc->responder_spi,
+                                                                               enc->initiator);
                        *attr_out = attr;
                        this->cleanup = (void*)value->ike_sa_id->destroy;
                        this->cleanup_data = value->ike_sa_id;
index 89f9fc3..22a5bd4 100644 (file)
@@ -30,7 +30,7 @@
 /**
  * Protocol version of this implementation
  */
-#define HA_MESSAGE_VERSION 2
+#define HA_MESSAGE_VERSION 3
 
 typedef struct ha_message_t ha_message_t;
 typedef enum ha_message_type_t ha_message_type_t;
index fb73bdd..0f0f1ab 100644 (file)
@@ -1,4 +1,5 @@
 /*
+ * Copyright (C) 2012 Tobias Brunner
  * Copyright (C) 2005-2006 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  * Hochschule fuer Technik Rapperswil
@@ -30,13 +31,18 @@ struct private_ike_sa_id_t {
         */
        ike_sa_id_t public;
 
+       /**
+        * Major IKE version of IKE_SA.
+        */
+       u_int8_t ike_version;
+
         /**
-         * SPI of Initiator.
+         * SPI of initiator.
          */
        u_int64_t initiator_spi;
 
         /**
-         * SPI of Responder.
+         * SPI of responder.
          */
        u_int64_t responder_spi;
 
@@ -46,6 +52,12 @@ struct private_ike_sa_id_t {
        bool is_initiator_flag;
 };
 
+METHOD(ike_sa_id_t, get_ike_version, u_int8_t,
+       private_ike_sa_id_t *this)
+{
+       return this->ike_version;
+}
+
 METHOD(ike_sa_id_t, set_responder_spi, void,
        private_ike_sa_id_t *this, u_int64_t responder_spi)
 {
@@ -77,13 +89,15 @@ METHOD(ike_sa_id_t, equals, bool,
        {
                return FALSE;
        }
-       return this->initiator_spi == other->initiator_spi &&
+       return this->ike_version == other->ike_version &&
+                  this->initiator_spi == other->initiator_spi &&
                   this->responder_spi == other->responder_spi;
 }
 
 METHOD(ike_sa_id_t, replace_values, void,
        private_ike_sa_id_t *this, private_ike_sa_id_t *other)
 {
+       this->ike_version = other->ike_version;
        this->initiator_spi = other->initiator_spi;
        this->responder_spi = other->responder_spi;
        this->is_initiator_flag = other->is_initiator_flag;
@@ -98,22 +112,15 @@ METHOD(ike_sa_id_t, is_initiator, bool,
 METHOD(ike_sa_id_t, switch_initiator, bool,
        private_ike_sa_id_t *this)
 {
-       if (this->is_initiator_flag)
-       {
-               this->is_initiator_flag = FALSE;
-       }
-       else
-       {
-               this->is_initiator_flag = TRUE;
-       }
+       this->is_initiator_flag = !this->is_initiator_flag;
        return this->is_initiator_flag;
 }
 
 METHOD(ike_sa_id_t, clone_, ike_sa_id_t*,
        private_ike_sa_id_t *this)
 {
-       return ike_sa_id_create(this->initiator_spi, this->responder_spi,
-                                                       this->is_initiator_flag);
+       return ike_sa_id_create(this->ike_version, this->initiator_spi,
+                                                       this->responder_spi, this->is_initiator_flag);
 }
 
 METHOD(ike_sa_id_t, destroy, void,
@@ -125,13 +132,14 @@ METHOD(ike_sa_id_t, destroy, void,
 /*
  * Described in header.
  */
-ike_sa_id_t * ike_sa_id_create(u_int64_t initiator_spi, u_int64_t responder_spi,
-                                                          bool is_initiator_flag)
+ike_sa_id_t * ike_sa_id_create(u_int8_t ike_version, u_int64_t initiator_spi,
+                                                          u_int64_t responder_spi, bool is_initiator_flag)
 {
        private_ike_sa_id_t *this;
 
        INIT(this,
                .public = {
+                       .get_ike_version = _get_ike_version,
                        .set_responder_spi = _set_responder_spi,
                        .set_initiator_spi = _set_initiator_spi,
                        .get_responder_spi = _get_responder_spi,
@@ -143,6 +151,7 @@ ike_sa_id_t * ike_sa_id_create(u_int64_t initiator_spi, u_int64_t responder_spi,
                        .clone = _clone_,
                        .destroy = _destroy,
                },
+               .ike_version = ike_version,
                .initiator_spi = initiator_spi,
                .responder_spi = responder_spi,
                .is_initiator_flag = is_initiator_flag,
index fb55359..227683d 100644 (file)
@@ -1,4 +1,5 @@
 /*
+ * Copyright (C) 2012 Tobias Brunner
  * Copyright (C) 2005-2006 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  * Hochschule fuer Technik Rapperswil
@@ -29,13 +30,20 @@ typedef struct ike_sa_id_t ike_sa_id_t;
 /**
  * An object of type ike_sa_id_t is used to identify an IKE_SA.
  *
- * An IKE_SA is identified by its initiator and responder spi's.
- * Additionally it contains the role of the actual running IKEv2 daemon
- * for the specific IKE_SA (original initiator or responder).
+ * An IKE_SA is identified by its initiator and responder SPIs.
+ * Additionally, it contains the major IKE version of the IKE_SA and, for IKEv2,
+ * the role of the daemon (original initiator or responder).
  */
 struct ike_sa_id_t {
 
        /**
+        * Get the major IKE version of this IKE_SA.
+        *
+        * @return                                      IKE version
+        */
+       u_int8_t (*get_ike_version) (ike_sa_id_t *this);
+
+       /**
         * Set the SPI of the responder.
         *
         * This function is called when a request or reply of a IKE_SA_INIT is received.
@@ -68,10 +76,12 @@ struct ike_sa_id_t {
        /**
         * Check if two ike_sa_id_t objects are equal.
         *
-        * Two ike_sa_id_t objects are equal if both SPI values and the role matches.
+        * Two ike_sa_id_t objects are equal if version and both SPI values match.
+        * The role is not compared.
         *
         * @param other                         ike_sa_id_t object to check if equal
-        * @return                                      TRUE if given ike_sa_id_t are equal, FALSE otherwise
+        * @return                                      TRUE if given ike_sa_id_t are equal,
+        *                                                      FALSE otherwise
         */
        bool (*equals) (ike_sa_id_t *this, ike_sa_id_t *other);
 
@@ -93,9 +103,9 @@ struct ike_sa_id_t {
        bool (*is_initiator) (ike_sa_id_t *this);
 
        /**
-        * Switche the original initiator flag.
+        * Switch the original initiator flag.
         *
-        * @return                                      TRUE if we are the original initiator after switch, FALSE otherwise
+        * @return                                      new value if initiator flag.
         */
        bool (*switch_initiator) (ike_sa_id_t *this);
 
@@ -113,14 +123,15 @@ struct ike_sa_id_t {
 };
 
 /**
- * Creates an ike_sa_id_t object with specific SPI's and defined role.
+ * Creates an ike_sa_id_t object.
  *
+ * @param ike_version                  major IKE version
  * @param initiator_spi                        initiators SPI
  * @param responder_spi                        responders SPI
  * @param is_initiaor                  TRUE if we are the original initiator
  * @return                                             ike_sa_id_t object
  */
-ike_sa_id_t * ike_sa_id_create(u_int64_t initiator_spi, u_int64_t responder_spi,
-                                                          bool is_initiaor);
+ike_sa_id_t * ike_sa_id_create(u_int8_t ike_version, u_int64_t initiator_spi,
+                                                          u_int64_t responder_spi, bool is_initiaor);
 
 #endif /** IKE_SA_ID_H_ @}*/
index 455d538..3a06f1d 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * Copyright (C) 2005-2011 Martin Willi
  * Copyright (C) 2011 revosec AG
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2012 Tobias Brunner
  * Copyright (C) 2005 Jan Hutter
  * Hochschule fuer Technik Rapperswil
  *
@@ -943,14 +943,17 @@ METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
 {
        ike_sa_id_t *ike_sa_id;
        ike_sa_t *ike_sa;
+       u_int8_t ike_version;
+
+       ike_version = version == IKEV1 ? IKEV1_MAJOR_VERSION : IKEV2_MAJOR_VERSION;
 
        if (initiator)
        {
-               ike_sa_id = ike_sa_id_create(get_spi(this), 0, TRUE);
+               ike_sa_id = ike_sa_id_create(ike_version, get_spi(this), 0, TRUE);
        }
        else
        {
-               ike_sa_id = ike_sa_id_create(0, get_spi(this), FALSE);
+               ike_sa_id = ike_sa_id_create(ike_version, 0, get_spi(this), FALSE);
        }
        ike_sa = ike_sa_create(ike_sa_id, initiator, version);
        ike_sa_id->destroy(ike_sa_id);
index 31947aa..a8366e9 100644 (file)
@@ -1035,7 +1035,8 @@ static void send_check(private_connect_manager_t *this, check_list_t *checklist,
        message->set_destination(message, check->dst->clone(check->dst));
        message->set_source(message, check->src->clone(check->src));
 
-       ike_sa_id_t *ike_sa_id = ike_sa_id_create(0, 0, request);
+       ike_sa_id_t *ike_sa_id = ike_sa_id_create(IKEV2_MAJOR_VERSION, 0, 0,
+                                                                                         request);
        message->set_ike_sa_id(message, ike_sa_id);
        ike_sa_id->destroy(ike_sa_id);