(no commit message)
authorJan Hutter <jhutter@hsr.ch>
Fri, 2 Dec 2005 08:05:20 +0000 (08:05 -0000)
committerJan Hutter <jhutter@hsr.ch>
Fri, 2 Dec 2005 08:05:20 +0000 (08:05 -0000)
Source/charon/config/configuration_manager.c
Source/charon/daemon.c
Source/charon/daemon.h
Source/charon/sa/states/ike_auth_requested.c
Source/charon/sa/states/ike_auth_requested.h
Source/charon/sa/states/ike_sa_init_requested.c
Source/charon/sa/states/initiator_init.c

index 03e34bf..73e5aab 100644 (file)
@@ -155,7 +155,7 @@ static void load_default_config (private_configuration_manager_t *this)
        sa_config_t *sa_config1, *sa_config2;
        traffic_selector_t *ts;
        
-       init_config1 = init_config_create("152.96.193.131","152.96.193.131",IKEV2_UDP_PORT,500);
+       init_config1 = init_config_create("152.96.193.131","152.96.193.131",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
        init_config2 = init_config_create("152.96.193.131","152.96.193.130",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
        init_config3 = init_config_create("0.0.0.0","127.0.0.1",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
        ts = traffic_selector_create_from_string(1, TS_IPV4_ADDR_RANGE, "0.0.0.0", 0, "255.255.255.255", 65535);
index 175cfa3..7fe3d5b 100644 (file)
@@ -159,7 +159,7 @@ static void build_test_jobs(private_daemon_t *this)
        for(i = 0; i<1; i++)
        {
                initiate_ike_sa_job_t *initiate_job;
-               initiate_job = initiate_ike_sa_job_create("pinflb30");
+               initiate_job = initiate_ike_sa_job_create("localhost");
                this->public.job_queue->add(this->public.job_queue, (job_t*)initiate_job);
        }
 }
index 651ed03..8da5eb5 100644 (file)
@@ -54,7 +54,7 @@
  * Port on which the daemon will 
  * listen for incoming traffic
  */
-#define IKEV2_UDP_PORT 500
+#define IKEV2_UDP_PORT 4500
 
 /**
  * Default loglevel to use. This is the
index 9f7d5b9..316b0a2 100644 (file)
@@ -37,6 +37,15 @@ struct private_ike_auth_requested_t {
         */
        ike_auth_requested_t public;
        
+       /**
+        * Sent nonce value
+        */
+       chunk_t sent_nonce;
+       
+       /**
+        * Received nonce
+        */
+       chunk_t received_nonce;
        
        /**
         * Assigned IKE_SA
@@ -65,13 +74,15 @@ static ike_sa_state_t get_state(private_ike_auth_requested_t *this)
  */
 static void destroy(private_ike_auth_requested_t *this)
 {
+       allocator_free(this->sent_nonce.ptr);
+       allocator_free(this->received_nonce.ptr);
        allocator_free(this);
 }
 
 /* 
  * Described in header.
  */
-ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa)
+ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa, chunk_t sent_nonce, chunk_t received_nonce)
 {
        private_ike_auth_requested_t *this = allocator_alloc_thing(private_ike_auth_requested_t);
 
@@ -82,6 +93,9 @@ ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa)
        
        /* private data */
        this->ike_sa = ike_sa;
+       this->sent_nonce = sent_nonce;
+       this->received_nonce = received_nonce;
+       
        
        return &(this->public);
 }
index c75a65f..0c502c3 100644 (file)
@@ -46,10 +46,12 @@ struct ike_auth_requested_t {
  * Constructor of class ike_auth_requested_t
  * 
  * @param ike_sa               assigned ike_sa object
+ * @param sent_nonce   Sent nonce value
+ * @param received_nonce       Received nonce value
  * @return                             created ike_auth_requested_t object
  * 
  * @ingroup states
  */
-ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa);
+ike_auth_requested_t *ike_auth_requested_create(protected_ike_sa_t *ike_sa, chunk_t sent_nonce, chunk_t received_nonce);
 
 #endif /*IKE_AUTH_REQUESTED_H_*/
index 2dfcd8f..39e2403 100644 (file)
@@ -326,9 +326,9 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t
        
        /* state can now be changed */
        this->logger->log(this->logger, CONTROL|MOST, "Create next state object");
-       next_state = ike_auth_requested_create(this->ike_sa);
+       next_state = ike_auth_requested_create(this->ike_sa,this->sent_nonce,this->received_nonce);
        
-       /* last message can now be set */
+       /* last messages can now be set */
        status = this->ike_sa->set_last_requested_message(this->ike_sa, request);
 
        if (status != SUCCESS)
@@ -400,10 +400,8 @@ static void build_id_payload (private_ike_sa_init_requested_t *this, payload_t *
        identification_t *identification;
        
        sa_config = this->ike_sa->get_sa_config(this->ike_sa);
-
+       /* identification_t object gets NOT cloned here */
        identification = sa_config->get_my_id(sa_config);
-       
-       /* create IDi */
        id_payload = id_payload_create_from_identification(TRUE,identification);
        
        *payload = (payload_t *) id_payload;
@@ -418,9 +416,12 @@ static void build_auth_payload (private_ike_sa_init_requested_t *this, payload_t
        sa_config_t *sa_config;
 
        sa_config = this->ike_sa->get_sa_config(this->ike_sa);
-       
        auth_payload = auth_payload_create();
        auth_payload->set_auth_method(auth_payload,sa_config->get_auth_method(sa_config));
+       /*
+        * TODO generate AUTH DATA 
+        */
+
        *payload = (payload_t *) auth_payload;
 }
 
@@ -429,19 +430,21 @@ static void build_auth_payload (private_ike_sa_init_requested_t *this, payload_t
  */
 static void build_sa_payload (private_ike_sa_init_requested_t *this, payload_t **payload)
 {
-       sa_config_t *sa_config;
+       child_proposal_t *proposals;
        sa_payload_t *sa_payload;
+       sa_config_t *sa_config;
+       size_t proposal_count;
+       /*
+        * TODO: get SPIs from kernel
+        */
        u_int8_t esp_spi[4] = {0x01,0x01,0x01,0x01};
        u_int8_t ah_spi[4] = {0x01,0x01,0x01,0x01};
-       size_t proposal_count;
-       child_proposal_t *proposals;
 
        sa_config = this->ike_sa->get_sa_config(this->ike_sa);
-
        proposal_count = sa_config->get_proposals(sa_config,ah_spi,esp_spi,&proposals);
-       /* create IDi */
        sa_payload = sa_payload_create_from_child_proposals(proposals, proposal_count);
        allocator_free(proposals);
+
        *payload = (payload_t *) sa_payload;
 }
 
@@ -450,18 +453,16 @@ static void build_sa_payload (private_ike_sa_init_requested_t *this, payload_t *
  */
 static void build_tsi_payload (private_ike_sa_init_requested_t *this, payload_t **payload)
 {
-       sa_config_t *sa_config;
-       ts_payload_t *ts_payload;
-       size_t traffic_selectors_count;
        traffic_selector_t **traffic_selectors;
+       size_t traffic_selectors_count;
+       ts_payload_t *ts_payload;
+       sa_config_t *sa_config;
        
        sa_config = this->ike_sa->get_sa_config(this->ike_sa);
-       
        traffic_selectors_count = sa_config->get_traffic_selectors_initiator(sa_config,&traffic_selectors);
-
-       /* create IDi */
        ts_payload = ts_payload_create_from_traffic_selectors(TRUE,traffic_selectors, traffic_selectors_count);
        allocator_free(traffic_selectors);
+
        *payload = (payload_t *) ts_payload;
 }
 
@@ -470,18 +471,16 @@ static void build_tsi_payload (private_ike_sa_init_requested_t *this, payload_t
  */
 static void build_tsr_payload (private_ike_sa_init_requested_t *this, payload_t **payload)
 {
-       sa_config_t *sa_config;
-       ts_payload_t *ts_payload;
-       size_t traffic_selectors_count;
        traffic_selector_t **traffic_selectors;
+       size_t traffic_selectors_count;
+       ts_payload_t *ts_payload;
+       sa_config_t *sa_config;
        
        sa_config = this->ike_sa->get_sa_config(this->ike_sa);
-       
        traffic_selectors_count = sa_config->get_traffic_selectors_responder(sa_config,&traffic_selectors);
-
-       /* create IDi */
        ts_payload = ts_payload_create_from_traffic_selectors(FALSE,traffic_selectors, traffic_selectors_count);
        allocator_free(traffic_selectors);
+
        *payload = (payload_t *) ts_payload;
 }
 
@@ -499,14 +498,13 @@ static ike_sa_state_t get_state(private_ike_sa_init_requested_t *this)
  */
 static void destroy_after_state_change (private_ike_sa_init_requested_t *this)
 {
-       this->logger->log(this->logger, CONTROL | MORE, "Going to destroy state of type ike_sa_init_requested_t after state change");
+       this->logger->log(this->logger, CONTROL | MORE, "Going to destroy state of type ike_sa_init_requested_t after state change.");
        
        this->logger->log(this->logger, CONTROL | MOST, "Destroy diffie hellman object");
        this->diffie_hellman->destroy(this->diffie_hellman);
-
-       allocator_free(this->sent_nonce.ptr);
-       allocator_free(this->received_nonce.ptr);
+       this->logger->log(this->logger, CONTROL | MOST, "Destroy shared secret (secrets allready derived)");
        allocator_free(this->shared_secret.ptr);
+       this->logger->log(this->logger, CONTROL | MOST, "Destroy object itself");
        allocator_free(this);   
 }
 
@@ -519,10 +517,13 @@ static void destroy(private_ike_sa_init_requested_t *this)
        
        this->logger->log(this->logger, CONTROL | MOST, "Destroy diffie hellman object");
        this->diffie_hellman->destroy(this->diffie_hellman);
-       
+       this->logger->log(this->logger, CONTROL | MOST, "Destroy sent nonce");  
        allocator_free(this->sent_nonce.ptr);
+       this->logger->log(this->logger, CONTROL | MOST, "Destroy received nonce");
        allocator_free(this->received_nonce.ptr);
+       this->logger->log(this->logger, CONTROL | MOST, "Destroy shared secret (secrets allready derived)");
        allocator_free(this->shared_secret.ptr);
+       this->logger->log(this->logger, CONTROL | MOST, "Destroy object itself");
        allocator_free(this);
 }
 
index 8a0669a..95fc88c 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file initiator_init.c
  * 
- * @brief Start state of a IKE_SA as initiator
+ * @brief Implementation of initiator_init_t.
  * 
  */
 
@@ -36,7 +36,7 @@
 typedef struct private_initiator_init_t private_initiator_init_t;
 
 /**
- * Private data of a initiator_init_t object.
+ * Private data of a initiator_init_t object..
  *
  */
 struct private_initiator_init_t {
@@ -131,28 +131,24 @@ struct private_initiator_init_t {
 static status_t initiate_connection (private_initiator_init_t *this, char *name)
 {
        ike_sa_init_requested_t *next_state;
+       init_config_t *init_config;
+       randomizer_t *randomizer;
+       sa_config_t *sa_config;
        message_t *message;
        packet_t *packet;
        status_t status;
-       randomizer_t *randomizer;
-       init_config_t *init_config;
-       sa_config_t *sa_config;
        
        this->logger->log(this->logger, CONTROL, "Initializing connection %s",name);
        
-       /* get init_config_t object */
        status = charon->configuration_manager->get_init_config_for_name(charon->configuration_manager,name,&init_config);
-       
        if (status != SUCCESS)
        {       
                this->logger->log(this->logger, ERROR | MORE, "Could not retrieve INIT configuration informations for %s",name);
                return INVALID_ARG;
        }
        
-       /* configuration can be set */
        this->ike_sa->set_init_config(this->ike_sa,init_config);
        
-       /* get sa_config_t object */
        status = charon->configuration_manager->get_sa_config_for_name(charon->configuration_manager,name,&sa_config);
        
        if (status != SUCCESS)
@@ -161,9 +157,10 @@ static status_t initiate_connection (private_initiator_init_t *this, char *name)
                return INVALID_ARG;
        }
        
-       /* configuration can be set */
        this->ike_sa->set_sa_config(this->ike_sa,sa_config);
        
+       
+       
        this->ike_sa->set_other_host(this->ike_sa,init_config->get_other_host_clone(init_config));
        this->ike_sa->set_my_host(this->ike_sa,init_config->get_my_host_clone(init_config));