store IKE proposal implicitly during derive_keys
authorMartin Willi <martin@strongswan.org>
Tue, 28 Oct 2008 10:12:21 +0000 (10:12 -0000)
committerMartin Willi <martin@strongswan.org>
Tue, 28 Oct 2008 10:12:21 +0000 (10:12 -0000)
src/charon/plugins/stroke/stroke_list.c
src/charon/sa/ike_sa.c
src/charon/sa/ike_sa.h
src/charon/sa/tasks/ike_init.c

index acc48a4..555239f 100644 (file)
@@ -79,7 +79,7 @@ static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all)
        
        if (all)
        {
        
        if (all)
        {
-               char *ike_proposal = ike_sa->get_proposal(ike_sa);
+               proposal_t *ike_proposal = ike_sa->get_proposal(ike_sa);
 
                fprintf(out, "%12s[%d]: IKE SPIs: %.16llx_i%s %.16llx_r%s",
                                ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
 
                fprintf(out, "%12s[%d]: IKE SPIs: %.16llx_i%s %.16llx_r%s",
                                ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
@@ -115,9 +115,12 @@ static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all)
 
                if (ike_proposal)
                {
 
                if (ike_proposal)
                {
+                       char buf[BUF_LEN];
+                       
+                       snprintf(buf, BUF_LEN, "%P", ike_proposal);
                        fprintf(out, "%12s[%d]: IKE proposal: %s\n",
                                        ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
                        fprintf(out, "%12s[%d]: IKE proposal: %s\n",
                                        ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
-                                       ike_proposal);
+                                       buf+4);
                }               
        }
 }
                }               
        }
 }
index ba8c352..d4ee4bb 100644 (file)
@@ -191,10 +191,10 @@ struct private_ike_sa_t {
        linked_list_t *child_sas;
        
        /**
        linked_list_t *child_sas;
        
        /**
-        * String describing the selected IKE proposal
+        * Selected IKE proposal
         */
         */
-       char *selected_proposal;
-
+       proposal_t *selected_proposal;
+       
        /**
         * crypter for inbound traffic
         */
        /**
         * crypter for inbound traffic
         */
@@ -1767,27 +1767,21 @@ static status_t derive_keys(private_ike_sa_t *this,
        /* all done, prf_plus not needed anymore */
        prf_plus->destroy(prf_plus);
        
        /* all done, prf_plus not needed anymore */
        prf_plus->destroy(prf_plus);
        
+       /* save selected proposal */
+       this->selected_proposal = proposal->clone(proposal);
+       
        return SUCCESS;
 }
 
 /**
  * Implementation of ike_sa_t.get_proposal.
  */
        return SUCCESS;
 }
 
 /**
  * Implementation of ike_sa_t.get_proposal.
  */
-static char* get_proposal(private_ike_sa_t *this)
+static proposal_t* get_proposal(private_ike_sa_t *this)
 {
        return this->selected_proposal;
 }
 
 /**
 {
        return this->selected_proposal;
 }
 
 /**
- * Implementation of ike_sa_t.set_proposal.
- */
-static void set_proposal(private_ike_sa_t *this, char *proposal)
-{
-       free(this->selected_proposal);
-       this->selected_proposal = strdup(proposal);
-}
-
-/**
  * Implementation of ike_sa_t.add_child_sa.
  */
 static void add_child_sa(private_ike_sa_t *this, child_sa_t *child_sa)
  * Implementation of ike_sa_t.add_child_sa.
  */
 static void add_child_sa(private_ike_sa_t *this, child_sa_t *child_sa)
@@ -2467,7 +2461,7 @@ static void destroy(private_ike_sa_t *this)
        DESTROY_IF(this->child_prf);
        chunk_free(&this->skp_verify);
        chunk_free(&this->skp_build);
        DESTROY_IF(this->child_prf);
        chunk_free(&this->skp_verify);
        chunk_free(&this->skp_build);
-       free(this->selected_proposal);
+       DESTROY_IF(this->selected_proposal);
        
        if (this->my_virtual_ip)
        {
        
        if (this->my_virtual_ip)
        {
@@ -2572,8 +2566,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
        this->public.get_skp_verify = (chunk_t (*)(ike_sa_t *)) get_skp_verify;
        this->public.get_skp_build = (chunk_t (*)(ike_sa_t *)) get_skp_build;
        this->public.derive_keys = (status_t (*)(ike_sa_t *,proposal_t*,chunk_t,chunk_t,chunk_t,bool,prf_t*,prf_t*)) derive_keys;
        this->public.get_skp_verify = (chunk_t (*)(ike_sa_t *)) get_skp_verify;
        this->public.get_skp_build = (chunk_t (*)(ike_sa_t *)) get_skp_build;
        this->public.derive_keys = (status_t (*)(ike_sa_t *,proposal_t*,chunk_t,chunk_t,chunk_t,bool,prf_t*,prf_t*)) derive_keys;
-       this->public.get_proposal = (char* (*)(ike_sa_t*)) get_proposal;
-       this->public.set_proposal = (void (*)(ike_sa_t*,char*)) set_proposal;
+       this->public.get_proposal = (proposal_t* (*)(ike_sa_t*)) get_proposal;
        this->public.add_child_sa = (void (*)(ike_sa_t*,child_sa_t*)) add_child_sa;
        this->public.get_child_sa = (child_sa_t* (*)(ike_sa_t*,protocol_id_t,u_int32_t,bool)) get_child_sa;
        this->public.create_child_sa_iterator = (iterator_t* (*)(ike_sa_t*)) create_child_sa_iterator;
        this->public.add_child_sa = (void (*)(ike_sa_t*,child_sa_t*)) add_child_sa;
        this->public.get_child_sa = (child_sa_t* (*)(ike_sa_t*,protocol_id_t,u_int32_t,bool)) get_child_sa;
        this->public.create_child_sa_iterator = (iterator_t* (*)(ike_sa_t*)) create_child_sa_iterator;
index be6796e..a438e41 100644 (file)
@@ -737,19 +737,11 @@ struct ike_sa_t {
                                                        bool initiator, prf_t *child_prf, prf_t *old_prf);
        
        /**
                                                        bool initiator, prf_t *child_prf, prf_t *old_prf);
        
        /**
-        * Get the selected IKE proposal string
+        * Get the selected IKE proposal
         *
         *
-        * @return                              string describing the selected IKE proposal
+        * @return                              selected IKE proposal
         */
         */
-       char* (*get_proposal)(ike_sa_t *this);                  
-
-       /**
-        * Set the selected IKE proposal string for status information purposes
-        * (the "%P" printf format handler is used)
-     *
-        * @param proposal              string describing the selected IKE proposal
-        */
-       void (*set_proposal)(ike_sa_t *this, char *proposal);                   
+       proposal_t* (*get_proposal)(ike_sa_t *this);                                    
 
        /**
         * Get a multi purpose prf for the negotiated PRF function.
 
        /**
         * Get a multi purpose prf for the negotiated PRF function.
index ae9fa7b..c109bff 100644 (file)
@@ -433,15 +433,7 @@ static status_t build_r(private_ike_init_t *this, message_t *message)
                message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
                return FAILED;
        }
                message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
                return FAILED;
        }
-
-       /* Keep the selected IKE proposal for status information purposes */
-       {
-               char buf[BUF_LEN];
-
-               snprintf(buf, BUF_LEN, "%P", this->proposal);
-               this->ike_sa->set_proposal(this->ike_sa, buf+4);
-       }
-
+       
        build_payloads(this, message);
        return SUCCESS;
 }
        build_payloads(this, message);
        return SUCCESS;
 }
@@ -565,14 +557,6 @@ static status_t process_i(private_ike_init_t *this, message_t *message)
                return FAILED;
        }
 
                return FAILED;
        }
 
-       /* Keep the selected IKE proposal for status information purposes */
-       {
-               char buf[BUF_LEN];
-
-               snprintf(buf, BUF_LEN, "%P", this->proposal);
-               this->ike_sa->set_proposal(this->ike_sa, buf+4);
-       }
-
        return SUCCESS;
 }
 
        return SUCCESS;
 }