attribute-handler: Pass full IKE_SA to handler backends
authorMartin Willi <martin@revosec.ch>
Tue, 4 Nov 2014 14:53:50 +0000 (15:53 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 20 Feb 2015 12:34:56 +0000 (13:34 +0100)
src/charon-nm/nm/nm_handler.c
src/frontends/android/jni/libandroidbridge/backend/android_attr.c
src/libcharon/attributes/attribute_handler.h
src/libcharon/attributes/attribute_manager.c
src/libcharon/plugins/android_dns/android_dns_handler.c
src/libcharon/plugins/osx_attr/osx_attr_handler.c
src/libcharon/plugins/resolve/resolve_handler.c
src/libcharon/plugins/stroke/stroke_handler.c
src/libcharon/plugins/unity/unity_handler.c
src/libcharon/plugins/updown/updown_handler.c

index 28aa04b..bdc0667 100644 (file)
@@ -41,7 +41,7 @@ struct private_nm_handler_t {
 };
 
 METHOD(attribute_handler_t, handle, bool,
-       private_nm_handler_t *this, identification_t *server,
+       private_nm_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        linked_list_t *list;
@@ -92,7 +92,7 @@ static bool enumerate_dns(enumerator_t *this,
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
-       private_nm_handler_t *this, identification_t *server, linked_list_t *vips)
+       private_nm_handler_t *this, ike_sa_t *ike_sa, linked_list_t *vips)
 {
        if (vips->get_count(vips))
        {
@@ -185,4 +185,3 @@ nm_handler_t *nm_handler_create()
 
        return &this->public;
 }
-
index 1d7bf14..645b3fa 100644 (file)
@@ -36,7 +36,7 @@ struct private_android_attr_t {
 };
 
 METHOD(attribute_handler_t, handle, bool,
-       private_android_attr_t *this, identification_t *server,
+       private_android_attr_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        vpnservice_builder_t *builder;
@@ -67,7 +67,7 @@ METHOD(attribute_handler_t, handle, bool,
 }
 
 METHOD(attribute_handler_t, release, void,
-       private_android_attr_t *this, identification_t *server,
+       private_android_attr_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        /* DNS servers cannot be removed from an existing TUN device */
@@ -92,7 +92,7 @@ METHOD(enumerator_t, enumerate_dns4, bool,
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
-       private_android_attr_t *this, identification_t *server, linked_list_t *vips)
+       private_android_attr_t *this, ike_sa_t *ike_sa, linked_list_t *vips)
 {
        enumerator_t *enumerator;
 
@@ -129,4 +129,3 @@ android_attr_t *android_attr_create()
 
        return &this->public;
 }
-
index bc488f6..3c14323 100644 (file)
 #ifndef ATTRIBUTE_HANDLER_H_
 #define ATTRIBUTE_HANDLER_H_
 
+typedef struct attribute_handler_t attribute_handler_t;
+
+#include <sa/ike_sa.h>
 #include <utils/chunk.h>
-#include <utils/identification.h>
 #include <collections/linked_list.h>
 
 #include "attributes.h"
 
-typedef struct attribute_handler_t attribute_handler_t;
-
 /**
  * Interface to handle configuration payload attributes.
  */
@@ -40,12 +40,12 @@ struct attribute_handler_t {
         * After receiving a configuration attriubte, it is passed to each
         * attribute handler until it is handled.
         *
-        * @param server        server from which the attribute was received
+        * @param ike_sa        IKE_SA under which attribute is received
         * @param type          type of configuration attribute to handle
         * @param data          associated attribute data
         * @return                      TRUE if attribute handled
         */
-       bool (*handle)(attribute_handler_t *this, identification_t *server,
+       bool (*handle)(attribute_handler_t *this, ike_sa_t *ike_sa,
                                   configuration_attribute_type_t type, chunk_t data);
 
        /**
@@ -54,19 +54,23 @@ struct attribute_handler_t {
         * A handler that handle()d an attribute gets a call to release() when the
         * connection gets closed. Depending on the implementation, this is required
         * to remove the attribute.
+        *
+        * @param ike_sa        IKE_SA which releases attribute
+        * @param type          type of configuration attribute to release
+        * @param data          associated attribute data
         */
-       void (*release)(attribute_handler_t *this, identification_t *server,
+       void (*release)(attribute_handler_t *this, ike_sa_t *ike_sa,
                                        configuration_attribute_type_t type, chunk_t data);
 
        /**
         * Enumerate attributes to request from a server.
         *
-        * @param server                server identity to request attributes from
+        * @param ike_sa                IKE_SA to request attributes for
         * @param vips                  list of virtual IPs (host_t*) we are requesting
         * @return                              enumerator (configuration_attribute_type_t, chunk_t)
         */
        enumerator_t* (*create_attribute_enumerator)(attribute_handler_t *this,
-                                                               identification_t *server, linked_list_t *vips);
+                                                                               ike_sa_t *ike_sa, linked_list_t *vips);
 };
 
 #endif /** ATTRIBUTE_HANDLER_H_ @}*/
index ad9a639..2ab7ed1 100644 (file)
@@ -158,18 +158,15 @@ METHOD(attribute_manager_t, handle, attribute_handler_t*,
        chunk_t data)
 {
        enumerator_t *enumerator;
-       identification_t *server;
        attribute_handler_t *current, *handled = NULL;
 
-       server = ike_sa->get_other_id(ike_sa);
-
        this->lock->read_lock(this->lock);
 
        /* try to find the passed handler */
        enumerator = this->handlers->create_enumerator(this->handlers);
        while (enumerator->enumerate(enumerator, &current))
        {
-               if (current == handler && current->handle(current, server, type, data))
+               if (current == handler && current->handle(current, ike_sa, type, data))
                {
                        handled = current;
                        break;
@@ -181,7 +178,7 @@ METHOD(attribute_manager_t, handle, attribute_handler_t*,
                enumerator = this->handlers->create_enumerator(this->handlers);
                while (enumerator->enumerate(enumerator, &current))
                {
-                       if (current->handle(current, server, type, data))
+                       if (current->handle(current, ike_sa, type, data))
                        {
                                handled = current;
                                break;
@@ -205,9 +202,6 @@ METHOD(attribute_manager_t, release, void,
 {
        enumerator_t *enumerator;
        attribute_handler_t *current;
-       identification_t *server;
-
-       server = ike_sa->get_other_id(ike_sa);
 
        this->lock->read_lock(this->lock);
        enumerator = this->handlers->create_enumerator(this->handlers);
@@ -215,7 +209,7 @@ METHOD(attribute_manager_t, release, void,
        {
                if (current == handler)
                {
-                       current->release(current, server, type, data);
+                       current->release(current, ike_sa, type, data);
                        break;
                }
        }
@@ -251,10 +245,6 @@ static bool initiator_enumerate(initiator_enumerator_t *this,
                                                                configuration_attribute_type_t *type,
                                                                chunk_t *value)
 {
-       identification_t *id;
-
-       id = this->ike_sa->get_other_id(this->ike_sa);
-
        /* enumerate inner attributes using outer handler enumerator */
        while (!this->inner || !this->inner->enumerate(this->inner, type, value))
        {
@@ -264,7 +254,7 @@ static bool initiator_enumerate(initiator_enumerator_t *this,
                }
                DESTROY_IF(this->inner);
                this->inner = this->handler->create_attribute_enumerator(this->handler,
-                                                                                                                       id, this->vips);
+                                                                                                       this->ike_sa, this->vips);
        }
        /* inject the handler as additional attribute */
        *handler = this->handler;
index 5268103..160a145 100644 (file)
@@ -128,7 +128,7 @@ static bool set_dns_server(private_android_dns_handler_t *this, int index,
 }
 
 METHOD(attribute_handler_t, handle, bool,
-       private_android_dns_handler_t *this, identification_t *id,
+       private_android_dns_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        switch (type)
@@ -158,7 +158,7 @@ METHOD(attribute_handler_t, handle, bool,
 }
 
 METHOD(attribute_handler_t, release, void,
-       private_android_dns_handler_t *this, identification_t *server,
+       private_android_dns_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        if (type == INTERNAL_IP4_DNS)
@@ -192,7 +192,7 @@ METHOD(enumerator_t, enumerate_dns, bool,
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t *,
-       private_android_dns_handler_t *this, identification_t *id,
+       private_android_dns_handler_t *this, ike_sa_t *ike_sa,
        linked_list_t *vips)
 {
        enumerator_t *enumerator;
@@ -232,4 +232,3 @@ android_dns_handler_t *android_dns_handler_create()
 
        return &this->public;
 }
-
index 9a3b270..d974b57 100644 (file)
@@ -169,7 +169,7 @@ static bool manage_dns(int family, chunk_t data, bool add)
 }
 
 METHOD(attribute_handler_t, handle, bool,
-       private_osx_attr_handler_t *this, identification_t *id,
+       private_osx_attr_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        switch (type)
@@ -182,7 +182,7 @@ METHOD(attribute_handler_t, handle, bool,
 }
 
 METHOD(attribute_handler_t, release, void,
-       private_osx_attr_handler_t *this, identification_t *server,
+       private_osx_attr_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        switch (type)
@@ -206,7 +206,7 @@ METHOD(enumerator_t, enumerate_dns, bool,
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t *,
-       private_osx_attr_handler_t *this, identification_t *id,
+       private_osx_attr_handler_t *this, ike_sa_t *ike_sa,
        linked_list_t *vips)
 {
        enumerator_t *enumerator;
index 1242ca6..74c3960 100644 (file)
@@ -185,9 +185,10 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 }
 
 METHOD(attribute_handler_t, handle, bool,
-       private_resolve_handler_t *this, identification_t *server,
+       private_resolve_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
+       identification_t *server;
        host_t *addr;
        bool handled;
 
@@ -208,6 +209,7 @@ METHOD(attribute_handler_t, handle, bool,
                DESTROY_IF(addr);
                return FALSE;
        }
+       server = ike_sa->get_other_id(ike_sa);
 
        this->mutex->lock(this->mutex);
        if (this->use_resolvconf)
@@ -229,9 +231,10 @@ METHOD(attribute_handler_t, handle, bool,
 }
 
 METHOD(attribute_handler_t, release, void,
-       private_resolve_handler_t *this, identification_t *server,
+       private_resolve_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
+       identification_t *server;
        host_t *addr;
        int family;
 
@@ -247,6 +250,7 @@ METHOD(attribute_handler_t, release, void,
                        return;
        }
        addr = host_create_from_chunk(family, data, 0);
+       server = ike_sa->get_other_id(ike_sa);
 
        this->mutex->lock(this->mutex);
        if (this->use_resolvconf)
@@ -319,7 +323,7 @@ static bool has_host_family(linked_list_t *list, int family)
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
-       private_resolve_handler_t *this, identification_t *server,
+       private_resolve_handler_t *this, ike_sa_t *ike_sa,
        linked_list_t *vips)
 {
        attribute_enumerator_t *enumerator;
index fef8cab..d0cc9af 100644 (file)
@@ -94,10 +94,9 @@ static bool attr_filter(void *lock, host_t **in,
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
-       private_stroke_handler_t *this, identification_t *server,
+       private_stroke_handler_t *this, ike_sa_t *ike_sa,
        linked_list_t *vips)
 {
-       ike_sa_t *ike_sa;
        peer_cfg_t *peer_cfg;
        enumerator_t *enumerator;
        attributes_t *attr;
index eb0ddba..9fc9be6 100644 (file)
@@ -317,7 +317,7 @@ static bool remove_exclude(private_unity_handler_t *this, chunk_t data)
 }
 
 METHOD(attribute_handler_t, handle, bool,
-       private_unity_handler_t *this, identification_t *id,
+       private_unity_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        switch (type)
@@ -332,7 +332,7 @@ METHOD(attribute_handler_t, handle, bool,
 }
 
 METHOD(attribute_handler_t, release, void,
-       private_unity_handler_t *this, identification_t *server,
+       private_unity_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        switch (type)
@@ -380,10 +380,9 @@ METHOD(enumerator_t, enumerate_attributes, bool,
 }
 
 METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t *,
-       unity_handler_t *this, identification_t *id, linked_list_t *vips)
+       unity_handler_t *this, ike_sa_t *ike_sa, linked_list_t *vips)
 {
        attribute_enumerator_t *enumerator;
-       ike_sa_t *ike_sa;
 
        ike_sa = charon->bus->get_sa(charon->bus);
        if (!ike_sa || ike_sa->get_version(ike_sa) != IKEV1 ||
index 0894d2d..72d7f7d 100644 (file)
@@ -62,19 +62,13 @@ static void attributes_destroy(attributes_t *this)
 }
 
 METHOD(attribute_handler_t, handle, bool,
-       private_updown_handler_t *this, identification_t *server,
+       private_updown_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        attributes_t *current, *attr = NULL;
        enumerator_t *enumerator;
-       ike_sa_t *ike_sa;
        host_t *host;
 
-       ike_sa = charon->bus->get_sa(charon->bus);
-       if (!ike_sa)
-       {
-               return FALSE;
-       }
        switch (type)
        {
                case INTERNAL_IP4_DNS:
@@ -117,12 +111,11 @@ METHOD(attribute_handler_t, handle, bool,
 }
 
 METHOD(attribute_handler_t, release, void,
-       private_updown_handler_t *this, identification_t *server,
+       private_updown_handler_t *this, ike_sa_t *ike_sa,
        configuration_attribute_type_t type, chunk_t data)
 {
        attributes_t *attr;
        enumerator_t *enumerator, *servers;
-       ike_sa_t *ike_sa;
        host_t *host;
        bool found = FALSE;
        int family;
@@ -139,43 +132,39 @@ METHOD(attribute_handler_t, release, void,
                        return;
        }
 
-       ike_sa = charon->bus->get_sa(charon->bus);
-       if (ike_sa)
+       this->lock->write_lock(this->lock);
+       enumerator = this->attrs->create_enumerator(this->attrs);
+       while (enumerator->enumerate(enumerator, &attr))
        {
-               this->lock->write_lock(this->lock);
-               enumerator = this->attrs->create_enumerator(this->attrs);
-               while (enumerator->enumerate(enumerator, &attr))
+               if (attr->id == ike_sa->get_unique_id(ike_sa))
                {
-                       if (attr->id == ike_sa->get_unique_id(ike_sa))
+                       servers = attr->dns->create_enumerator(attr->dns);
+                       while (servers->enumerate(servers, &host))
                        {
-                               servers = attr->dns->create_enumerator(attr->dns);
-                               while (servers->enumerate(servers, &host))
+                               if (host->get_family(host) == family &&
+                                       chunk_equals(data, host->get_address(host)))
                                {
-                                       if (host->get_family(host) == family &&
-                                               chunk_equals(data, host->get_address(host)))
-                                       {
-                                               attr->dns->remove_at(attr->dns, servers);
-                                               host->destroy(host);
-                                               found = TRUE;
-                                               break;
-                                       }
-                               }
-                               servers->destroy(servers);
-                               if (attr->dns->get_count(attr->dns) == 0)
-                               {
-                                       this->attrs->remove_at(this->attrs, enumerator);
-                                       attributes_destroy(attr);
+                                       attr->dns->remove_at(attr->dns, servers);
+                                       host->destroy(host);
+                                       found = TRUE;
                                        break;
                                }
                        }
-                       if (found)
+                       servers->destroy(servers);
+                       if (attr->dns->get_count(attr->dns) == 0)
                        {
+                               this->attrs->remove_at(this->attrs, enumerator);
+                               attributes_destroy(attr);
                                break;
                        }
                }
-               enumerator->destroy(enumerator);
-               this->lock->unlock(this->lock);
+               if (found)
+               {
+                       break;
+               }
        }
+       enumerator->destroy(enumerator);
+       this->lock->unlock(this->lock);
 }
 
 METHOD(updown_handler_t, create_dns_enumerator, enumerator_t*,