/**
- * @file configuration.c
+ * @file configuration_manager.c
*
- * @brief Configuration class used to store IKE_SA-configurations.
- *
- * Object of this type represents the configuration for all IKE_SA's and their child_sa's.
+ * @brief Implementation of configuration_manager_t.
*
*/
typedef struct preshared_secret_entry_t preshared_secret_entry_t;
/**
- * An preshared secret entry combines an identifier with a
+ * A preshared secret entry combines an identifier and a
* preshared secret.
*/
struct preshared_secret_entry_t {
identification_t *identification;
/**
- * Preshared secret as chunk
+ * Preshared secret as chunk_t. The NULL termination is not included.
*/
chunk_t preshared_secret;
};
identification_t *identification;
/**
- * private key
+ * Private key.
*/
rsa_private_key_t* private_key;
};
identification_t *identification;
/**
- * private key
+ * Private key.
*/
rsa_public_key_t* public_key;
};
/* A configuration entry combines a configuration name with a init and sa
* configuration represented as init_config_t and sa_config_t objects.
+ *
+ * @b Constructors:
+ * - configuration_entry_create()
*/
struct configuration_entry_t {
/**
* Destroys a configuration_entry_t
*
- *
* @param this calling object
*/
void (*destroy) (configuration_entry_t *this);
};
+/**
+ * Implementation of configuration_entry_t.destroy.
+ */
static void configuration_entry_destroy (configuration_entry_t *this)
{
allocator_free(this->name);
}
/**
- * Creates a configuration_entry_t object
+ * @brief Creates a configuration_entry_t object.
*
* @param name name of the configuration entry (gets copied)
* @param init_config object of type init_config_t
return entry;
}
-
typedef struct private_configuration_manager_t private_configuration_manager_t;
/**
- * Private data of an configuration_t object
+ * Private data of an configuration_manager_t object.
*/
struct private_configuration_manager_t {
/**
- * Public part of configuration manager.
+ * Public part of configuration_manager_t object.
*/
configuration_manager_t public;
linked_list_t *configurations;
/**
- * Holding all init_configs.
+ * Holding all managed init_configs.
*/
linked_list_t *init_configs;
/**
- * Holding all init_configs.
+ * Holding all managed init_configs.
*/
linked_list_t *sa_configs;
/**
- * Holding all preshared secrets.
+ * Holding all managed preshared secrets.
*/
linked_list_t *preshared_secrets;
/**
- * Holding all private secrets.
+ * Holding all managed private secrets.
*/
linked_list_t *rsa_private_keys;
/**
- * Holding all public secrets.
+ * Holding all managed public secrets.
*/
linked_list_t *rsa_public_keys;
/**
- * Assigned logger object.
+ * Assigned logger_t object.
*/
logger_t *logger;
-
/**
- * Max number of retransmitted requests.
+ * Max number of requests to be retransmitted.
+ * 0 for infinite.
*/
u_int32_t max_retransmit_count;
u_int32_t first_retransmit_timeout;
/**
- * Adds a new IKE_SA configuration
+ * Adds a new IKE_SA configuration.
*
*
* @param this calling object
void (*add_new_configuration) (private_configuration_manager_t *this, char *name, init_config_t *init_config, sa_config_t *sa_config);
/**
- * Adds a new IKE_SA configuration
+ * Adds a new preshared secret.
*
*
* @param this calling object
void (*add_new_preshared_secret) (private_configuration_manager_t *this,id_type_t type, char *id_string, char *preshared_secret);
/**
- * Adds a new IKE_SA configuration
+ * Adds a new rsa private key.
*
*
* @param this calling object
* @param type type of identification
* @param id_string identification as string
- * @param preshared_secret preshared secret as string
+ * @param key_pos location of key
+ * @param key_len length of key
*/
void (*add_new_rsa_private_key) (private_configuration_manager_t *this,id_type_t type, char *id_string, u_int8_t *key_pos, size_t key_len);
/**
- * Adds a new IKE_SA configuration
+ * Adds a new rsa public key.
*
*
* @param this calling object
* @param type type of identification
* @param id_string identification as string
- * @param preshared_secret preshared secret as string
+ * @param key_pos location of key
+ * @param key_len length of key
*/
void (*add_new_rsa_public_key) (private_configuration_manager_t *this,id_type_t type, char *id_string, u_int8_t *key_pos, size_t key_len);
/**
- * Load default configuration
- *
+ * Load default configuration.
*
* @param this calling object
*/
void (*load_default_config) (private_configuration_manager_t *this);
};
+
u_int8_t public_key_1[];
u_int8_t private_key_1[];
u_int8_t public_key_2[];
{
this->logger->log(this->logger,CONTROL | MORE, "Going to destroy configuration manager ");
+ this->logger->log(this->logger,CONTROL | MOST, "Destroy configuration entries");
while (this->configurations->get_count(this->configurations) > 0)
{
configuration_entry_t *entry;
this->configurations->remove_first(this->configurations,(void **) &entry);
entry->destroy(entry);
}
- /* todo delete all config objects */
-
this->configurations->destroy(this->configurations);
-
+
+ this->logger->log(this->logger,CONTROL | MOST, "Destroy sa_config_t objects");
while (this->sa_configs->get_count(this->sa_configs) > 0)
{
sa_config_t *sa_config;
this->sa_configs->destroy(this->sa_configs);
+ this->logger->log(this->logger,CONTROL | MOST, "Destroy init_config_t objects");
while (this->init_configs->get_count(this->init_configs) > 0)
{
init_config_t *init_config;
allocator_free(entry);
}
this->preshared_secrets->destroy(this->preshared_secrets);
-
+
+ this->logger->log(this->logger,CONTROL | MOST, "Destroy rsa private keys");
while (this->rsa_private_keys->get_count(this->rsa_private_keys) > 0)
{
rsa_private_key_entry_t *entry;
allocator_free(entry);
}
this->rsa_private_keys->destroy(this->rsa_private_keys);
-
+
+ this->logger->log(this->logger,CONTROL | MOST, "Destroy rsa public keys");
while (this->rsa_public_keys->get_count(this->rsa_public_keys) > 0)
{
rsa_public_key_entry_t *entry;
}
-
-
-
-
-
-
-
-
-
-
-
-
-
u_int8_t public_key_1[] = {
0xD4,0x8D,0x40,0x8E,0xBD,0xFC,0x6D,0xE9,0xDB,0x1C,0xD2,0x21,0x19,0x37,0x6B,0xE2,
0xDC,0xCE,0x74,0xA2,0x63,0xF6,0xD8,0x8D,0xAF,0x1C,0xC0,0xFF,0x07,0x3F,0xFB,0x52,
/**
* @file configuration_manager.h
*
- * @brief Manages all configuration aspects of the daemon.
+ * @brief Interface of configuration_manager_t.
*
*/
/**
* @brief Manages all configuration aspects of the daemon.
*
+ * @b Constructors:
+ * - configuration_manager_create()
+ *
* @ingroup config
*
*/
struct configuration_manager_t {
/**
- * Get the configuration information needed for IKE_SA_INIT exchange
+ * @brief Returns the configuration information needed for IKE_SA_INIT exchange
* for a specific configuration name.
*
- * The returned init_config_t object MUST NOT be destroyed cause it's the original one.
+ * The returned init_config_t object MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param name name of the configuration
- * @param[out] init_config the configuration is stored at this place
+ * @param[out] init_config the init_config_t object is stored at this location
*
* @return
- * - NOT_FOUND
- * - SUCCESS
+ * - NOT_FOUND
+ * - SUCCESS
*/
status_t (*get_init_config_for_name) (configuration_manager_t *this, char *name, init_config_t **init_config);
/**
- * Get the configuration information needed for IKE_SA_INIT exchange
+ * @brief Returns the configuration information needed for IKE_SA_INIT exchange
* for specific host informations.
*
- * The returned init_config_t object MUST NOT be destroyed cause it's the original one.
+ * The returned init_config_t object MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param my_host my host informations
- * @param other_host other host informations
- * @param[out] init_config the configuration is stored at this place
+ * @param other_host other host informations
+ * @param[out] init_config the init_config_t object is stored at this location
*
* @return
- * - NOT_FOUND
- * - SUCCESS
+ * - NOT_FOUND
+ * - SUCCESS
*/
status_t (*get_init_config_for_host) (configuration_manager_t *this, host_t *my_host, host_t *other_host,init_config_t **init_config);
/**
- * Get the configuration information needed after IKE_SA_INIT exchange.
+ * @brief Returns the configuration information needed after IKE_SA_INIT exchange
+ * for a specific configuration name.
*
- * The returned sa_config_t object MUST not be destroyed cause it's the original one.
+ * The returned sa_config_t object MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param name name of the configuration
- * @param[out] sa_config the configuration is stored at this place
+ * @param[out] sa_config the sa_config_t object is stored at this location
*
* @return
* - NOT_FOUND
status_t (*get_sa_config_for_name) (configuration_manager_t *this, char *name, sa_config_t **sa_config);
/**
- * Get the configuration information needed after IKE_SA_INIT exchange
+ * @brief Returns the configuration information needed after IKE_SA_INIT exchange
* for specific init_config_t and ID data.
*
- * The returned sa_config_t object MUST NOT be destroyed cause it's the original one.
+ * The returned sa_config_t object MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param init_config init_config_t object
* @param other_id identification of other one
- * @param my_id my identification (can be NULL)
- * @param[out] sa_config the configuration is stored at this place
+ * @param my_id my identification (can be NULL)
+ * @param[out] sa_config the sa_config_t object is stored at this location
*
* @return
- * - NOT_FOUND
- * - SUCCESS
+ * - NOT_FOUND
+ * - SUCCESS
*/
status_t (*get_sa_config_for_init_config_and_id) (configuration_manager_t *this, init_config_t *init_config, identification_t *other_id, identification_t *my_id,sa_config_t **sa_config);
/**
- * Get the retransmit timeout.
+ * @brief Returns the retransmit timeout.
*
* The timeout values are managed by the configuration manager.
*
* @param this calling object
- * @param retransmit_count number of times a message was allready retransmitted
+ * @param retransmit_count number of times a message was retransmitted so far
* @param[out] timeout the new retransmit timeout in milliseconds
*
* @return
- * - FAILED, if the message should not be resent again
- * - SUCCESS
+ * - FAILED, if the message should not be retransmitted
+ * - SUCCESS
*/
status_t (*get_retransmit_timeout) (configuration_manager_t *this, u_int32_t retransmit_count, u_int32_t *timeout);
/**
- * Get the preshared secret of a specific ID.
+ * @brief Returns the preshared secret of a specific ID.
*
- * The preshared secret gets not cloned.
+ * The returned preshared secret MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param identification identification_t object identifiying the ID.
- * @param[out] preshared_secret the preshared secret will be written there
+ * @param[out] preshared_secret the preshared secret will be written there.
*
* @return
- * - NOT_FOUND if no preshared secrets is configured for specific id
- * - SUCCESS
+ * - NOT_FOUND if no preshared secrets for specific ID could be found
+ * - SUCCESS
*/
status_t (*get_shared_secret) (configuration_manager_t *this, identification_t *identification, chunk_t *preshared_secret);
/**
- * Get the RSA public key of a specific ID.
+ * @brief Returns the RSA public key of a specific ID.
*
- * Object is not cloned and shuld not be destroyed.
+ * The returned rsa_public_key_t object MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param identification identification_t object identifiying the ID.
* @param[out] public_key the public key will be written there
*
* @return
- * - NOT_FOUND if no key is configured for specific id
- * - SUCCESS
+ * - NOT_FOUND if no key is configured for specific id
+ * - SUCCESS
*/
status_t (*get_rsa_public_key) (configuration_manager_t *this, identification_t *identification, rsa_public_key_t **public_key);
/**
- * Get the RSA public key of a specific ID.
+ * @brief Returns the RSA private key of a specific ID.
*
- * Object is not cloned and shuld not be destroyed.
+ * The returned rsa_private_key_t object MUST NOT be destroyed cause it's managed by
+ * this configuration_manager_t object.
*
* @param this calling object
* @param identification identification_t object identifiying the ID.
* @param[out] private_key the private key will be written there
*
* @return
- * - NOT_FOUND if no key is configured for specific id
- * - SUCCESS
+ * - NOT_FOUND if no key is configured for specific id
+ * - SUCCESS
*/
status_t (*get_rsa_private_key) (configuration_manager_t *this, identification_t *identification, rsa_private_key_t **private_key);
/**
- * Destroys configuration manager
- *
+ * Destroys a configuration_manager_t object.
*
- * @param this calling object
+ * @param this calling object
* @return
- * - SUCCESS
+ * - SUCCESS
*/
void (*destroy) (configuration_manager_t *this);
};
/**
- * Creates the mighty configuration manager
+ * @brief Creates the mighty configuration manager.
*
* @param first_retransmit_timeout first retransmit timeout in milliseconds
- * @param max_retransmit_count max number of retransmitted requests (0 for infinite)
+ * @param max_retransmit_count max number of tries to retransmitted a requests (0 for infinite)
* @return
- * - pointer to created manager object if succeeded
- * - NULL if memory allocation failed
- *
+ * - pointer to created configuration_manager_t object
* @ingroup config
*/
configuration_manager_t *configuration_manager_create(u_int32_t first_retransmit_timeout,u_int32_t max_retransmit_count);
/**
* @file rsa_private_key.h
*
- * @brief Interface rsa_private_key_t.
+ * @brief Interface of rsa_private_key_t.
*
*/
#include <types.h>
#include <definitions.h>
-
#include <transforms/rsa/rsa_public_key.h>
#include <transforms/hashers/hasher.h>
*
* Currently only supports signing using EMSA encoding.
*
- * @todo Implement proper key set/get load/save
+ * @TODO Implement proper key set/get load/save
* methods using ASN1.
*
* @b Constructors:
/**
* @bief Build a signature over a chunk using EMSA-PKCS1 encoding.
*
- * This signature creates a hash using the specied hash algorithm, concatenates
+ * This signature creates a hash using the specified hash algorithm, concatenates
* it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
* on it.
*
/**
* @file rsa_public_key.h
*
- * @brief Interface rsa_public_key_t.
+ * @brief Interface of rsa_public_key_t.
*
*/
projects / strongswan.git / commitdiff