METHOD(listener_t, message, bool,
private_add_notify_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_add_payload_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_custom_proposal_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_force_cookie_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming && message->get_request(message) &&
+ if (incoming && plain && message->get_request(message) &&
message->get_exchange_type(message) == IKE_SA_INIT)
{
enumerator_t *enumerator;
METHOD(listener_t, message, bool,
private_ignore_message_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming == this->in &&
+ if (incoming == this->in && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_ike_auth_fill_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_log_id_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming)
+ if (incoming && plain)
{
enumerator_t *enumerator;
payload_t *payload;
METHOD(listener_t, message, bool,
private_log_ke_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming)
+ if (incoming && plain)
{
enumerator_t *enumerator;
payload_t *payload;
METHOD(listener_t, message, bool,
private_log_proposals_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming)
+ if (incoming && plain)
{
enumerator_t *enumerator, *proposals;
payload_t *payload;
METHOD(listener_t, message, bool,
private_log_ts_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming)
+ if (incoming && plain)
{
enumerator_t *enumerator;
payload_t *payload;
METHOD(listener_t, message, bool,
private_pretend_auth_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (incoming)
+ if (plain)
{
- if (!message->get_request(message))
+ if (incoming)
{
- if (message->get_exchange_type(message) == IKE_SA_INIT)
+ if (!message->get_request(message))
{
- process_init_response(this, ike_sa, message);
- }
- if (message->get_exchange_type(message) == IKE_AUTH &&
- message->get_message_id(message) == 1)
- {
- process_auth_response(this, ike_sa, message);
+ if (message->get_exchange_type(message) == IKE_SA_INIT)
+ {
+ process_init_response(this, ike_sa, message);
+ }
+ if (message->get_exchange_type(message) == IKE_AUTH &&
+ message->get_message_id(message) == 1)
+ {
+ process_auth_response(this, ike_sa, message);
+ }
}
}
- }
- else
- {
- if (message->get_request(message))
+ else
{
- if (message->get_exchange_type(message) == IKE_SA_INIT)
- {
- process_init_request(this, ike_sa, message);
- }
- if (message->get_exchange_type(message) == IKE_AUTH &&
- message->get_message_id(message) == 1)
+ if (message->get_request(message))
{
- process_auth_request(this, ike_sa, message);
+ if (message->get_exchange_type(message) == IKE_SA_INIT)
+ {
+ process_init_request(this, ike_sa, message);
+ }
+ if (message->get_exchange_type(message) == IKE_AUTH &&
+ message->get_message_id(message) == 1)
+ {
+ process_auth_request(this, ike_sa, message);
+ }
}
}
}
METHOD(listener_t, message, bool,
private_rebuild_auth_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming && message->get_message_id(message) == 1)
+ if (plain)
{
- rebuild_auth(this, ike_sa, message);
- }
- if (message->get_exchange_type(message) == IKE_SA_INIT)
- {
- if (incoming)
+ if (!incoming && message->get_message_id(message) == 1)
{
- nonce_payload_t *nonce;
-
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
- if (nonce)
- {
- free(this->nonce.ptr);
- this->nonce = nonce->get_nonce(nonce);
- }
+ rebuild_auth(this, ike_sa, message);
}
- else
+ if (message->get_exchange_type(message) == IKE_SA_INIT)
{
- packet_t *packet;
-
- if (message->generate(message, NULL, &packet) == SUCCESS)
+ if (incoming)
+ {
+ nonce_payload_t *nonce;
+
+ nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+ if (nonce)
+ {
+ free(this->nonce.ptr);
+ this->nonce = nonce->get_nonce(nonce);
+ }
+ }
+ else
{
- free(this->ike_init.ptr);
- this->ike_init = chunk_clone(packet->get_data(packet));
- packet->destroy(packet);
+ packet_t *packet;
+
+ if (message->generate(message, NULL, &packet) == SUCCESS)
+ {
+ free(this->ike_init.ptr);
+ this->ike_init = chunk_clone(packet->get_data(packet));
+ packet->destroy(packet);
+ }
}
}
}
METHOD(listener_t, message, bool,
private_set_critical_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_ike_initiator_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_ike_request_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_ike_spi_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_ike_version_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_length_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_proposal_number_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_set_reserved_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
METHOD(listener_t, message, bool,
private_unsort_message_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming)
+ bool incoming, bool plain)
{
- if (!incoming &&
+ if (!incoming && plain &&
message->get_request(message) == this->req &&
message->get_message_id(message) == this->id)
{
}
METHOD(bus_t, message, void,
- private_bus_t *this, message_t *message, bool incoming)
+ private_bus_t *this, message_t *message, bool incoming, bool plain)
{
enumerator_t *enumerator;
ike_sa_t *ike_sa;
}
entry->calling++;
keep = entry->listener->message(entry->listener, ike_sa,
- message, incoming);
+ message, incoming, plain);
entry->calling--;
if (!keep)
{
/**
* Message send/receive hook.
*
+ * The hook is invoked twice for each message: Once with plain, parsed data
+ * and once encoded and encrypted.
+ *
* @param message message to send/receive
* @param incoming TRUE for incoming messages, FALSE for outgoing
+ * @param plain TRUE if message is parsed and decrypted, FALSE it not
+ * @param
*/
- void (*message)(bus_t *this, message_t *message, bool incoming);
+ void (*message)(bus_t *this, message_t *message, bool incoming, bool plain);
/**
* IKE_SA authorization hook.
/**
* Hook called for received/sent messages of an IKE_SA.
*
+ * The hook is invoked twice for each message: Once with plain, parsed data
+ * and once encoded and encrypted.
+ *
* @param ike_sa IKE_SA sending/receiving a message
* @param message message object
* @param incoming TRUE for incoming messages, FALSE for outgoing
+ * @param plain TRUE if message is parsed and decrypted, FALSE it not
* @return TRUE to stay registered, FALSE to unregister
*/
bool (*message)(listener_t *this, ike_sa_t *ike_sa, message_t *message,
- bool incoming);
+ bool incoming, bool plain);
/**
* Hook called with IKE_SA key material.
METHOD(listener_t, message_hook, bool,
private_duplicheck_listener_t *this, ike_sa_t *ike_sa,
- message_t *message, bool incoming)
+ message_t *message, bool incoming, bool plain)
{
- if (incoming && !message->get_request(message))
+ if (incoming && plain && !message->get_request(message))
{
identification_t *id;
entry_t *entry;
METHOD(listener_t, message_hook, bool,
private_farp_listener_t *this, ike_sa_t *ike_sa,
- message_t *message, bool incoming)
+ message_t *message, bool incoming, bool plain)
{
- if (ike_sa->get_state(ike_sa) == IKE_ESTABLISHED &&
+ if (plain && ike_sa->get_state(ike_sa) == IKE_ESTABLISHED &&
message->get_exchange_type(message) == IKE_AUTH &&
!message->get_request(message))
{
}
METHOD(listener_t, message_hook, bool,
- private_ha_ike_t *this, ike_sa_t *ike_sa, message_t *message, bool incoming)
+ private_ha_ike_t *this, ike_sa_t *ike_sa, message_t *message,
+ bool incoming, bool plain)
{
if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
METHOD(listener_t, message_hook, bool,
private_led_listener_t *this, ike_sa_t *ike_sa,
- message_t *message, bool incoming)
+ message_t *message, bool incoming, bool plain)
{
- if (incoming || message->get_request(message))
+ if (plain && (incoming || message->get_request(message)))
{
blink_activity(this);
}
METHOD(ike_sa_t, generate_message, status_t,
private_ike_sa_t *this, message_t *message, packet_t **packet)
{
+ status_t status;
+
if (message->is_encoded(message))
{ /* already done */
*packet = message->get_packet(message);
}
this->stats[STAT_OUTBOUND] = time_monotonic(NULL);
message->set_ike_sa_id(message, this->ike_sa_id);
- charon->bus->message(charon->bus, message, FALSE);
- return message->generate(message, this->keymat, packet);
+ charon->bus->message(charon->bus, message, FALSE, TRUE);
+ status = message->generate(message, this->keymat, packet);
+ if (status == SUCCESS)
+ {
+ charon->bus->message(charon->bus, message, FALSE, FALSE);
+ }
+ return status;
}
METHOD(ike_sa_t, set_kmaddress, void,
this->active_tasks->get_count(this->active_tasks)))
{
msg->set_request(msg, FALSE);
+ charon->bus->message(charon->bus, msg, TRUE, FALSE);
status = parse_message(this, msg);
if (status != SUCCESS)
{
this->ike_sa->set_statistic(this->ike_sa, STAT_INBOUND,
time_monotonic(NULL));
this->ike_sa->update_hosts(this->ike_sa, me, other, TRUE);
- charon->bus->message(charon->bus, msg, TRUE);
+ charon->bus->message(charon->bus, msg, TRUE, TRUE);
if (process_response(this, msg) != SUCCESS)
{
flush(this);
}
msg->set_request(msg, TRUE);
+ charon->bus->message(charon->bus, msg, TRUE, FALSE);
status = parse_message(this, msg);
if (status != SUCCESS)
{
"charon.half_open_timeout", HALF_OPEN_IKE_SA_TIMEOUT));
}
this->ike_sa->update_hosts(this->ike_sa, me, other, TRUE);
- charon->bus->message(charon->bus, msg, TRUE);
+ charon->bus->message(charon->bus, msg, TRUE, TRUE);
if (process_request(this, msg) != SUCCESS)
{
flush(this);
status_t status;
u_int32_t mid;
+ charon->bus->message(charon->bus, msg, TRUE, FALSE);
status = parse_message(this, msg);
if (status != SUCCESS)
{
this->ike_sa->update_hosts(this->ike_sa, me, other, mid == 1);
}
}
- charon->bus->message(charon->bus, msg, TRUE);
+ charon->bus->message(charon->bus, msg, TRUE, TRUE);
if (msg->get_exchange_type(msg) == EXCHANGE_TYPE_UNDEFINED)
{ /* ignore messages altered to EXCHANGE_TYPE_UNDEFINED */
return SUCCESS;
this->ike_sa->update_hosts(this->ike_sa, me, other, FALSE);
}
}
- charon->bus->message(charon->bus, msg, TRUE);
+ charon->bus->message(charon->bus, msg, TRUE, TRUE);
if (msg->get_exchange_type(msg) == EXCHANGE_TYPE_UNDEFINED)
{ /* ignore messages altered to EXCHANGE_TYPE_UNDEFINED */
return SUCCESS;