abbreviated struct connection by connection_t
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 27 Sep 2009 21:49:37 +0000 (23:49 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 27 Sep 2009 21:49:37 +0000 (23:49 +0200)
17 files changed:
src/pluto/connections.c
src/pluto/connections.h
src/pluto/demux.c
src/pluto/foodgroups.c
src/pluto/ike_alg.c
src/pluto/ipsec_doi.c
src/pluto/kernel.c
src/pluto/kernel_alg.c
src/pluto/keys.c
src/pluto/log.c
src/pluto/modecfg.c
src/pluto/nat_traversal.c
src/pluto/rcv_whack.c
src/pluto/spdb.c
src/pluto/state.c
src/pluto/timer.c
src/pluto/virtual.c

index 5cd74d7..d375e49 100644 (file)
@@ -62,9 +62,9 @@
 #include "nat_traversal.h"
 #include "virtual.h"
 
-static void flush_pending_by_connection(struct connection *c);  /* forward */
+static void flush_pending_by_connection(connection_t *c);  /* forward */
 
-static struct connection *connections = NULL;
+static connection_t *connections = NULL;
 
 /* struct host_pair: a nexus of information about a pair of hosts.
  * A host is an IP address, UDP port pair.  This is a debatable choice:
@@ -82,17 +82,17 @@ struct host_pair {
                u_int16_t port; /* host order */
        } me, him;
        bool initial_connection_sent;
-       struct connection *connections;     /* connections with this pair */
+       connection_t *connections;     /* connections with this pair */
        struct pending *pending;    /* awaiting Keying Channel */
        struct host_pair *next;
 };
 
 static struct host_pair *host_pairs = NULL;
 
-static struct connection *unoriented_connections = NULL;
+static connection_t *unoriented_connections = NULL;
 
 /* check to see that Ids of peers match */
-bool same_peer_ids(const struct connection *c, const struct connection *d,
+bool same_peer_ids(const connection_t *c, const connection_t *d,
                                   const struct id *his_id)
 {
        return same_id(&c->spd.this.id, &d->spd.this.id)
@@ -138,7 +138,7 @@ static struct host_pair *find_host_pair(const ip_address *myaddr,
 }
 
 /* find head of list of connections with this pair of hosts */
-static struct connection *find_host_pair_connections(const ip_address *myaddr,
+static connection_t *find_host_pair_connections(const ip_address *myaddr,
                                                                                                         u_int16_t myport,
                                                                                                         const ip_address *hisaddr,
                                                                                                                u_int16_t hisport)
@@ -147,7 +147,7 @@ static struct connection *find_host_pair_connections(const ip_address *myaddr,
 
        if (nat_traversal_enabled && hp && hisaddr)
        {
-               struct connection *c;
+               connection_t *c;
 
                for (c = hp->connections; c != NULL; c = c->hp_next)
                {
@@ -159,7 +159,7 @@ static struct connection *find_host_pair_connections(const ip_address *myaddr,
        return hp == NULL? NULL : hp->connections;
 }
 
-static void connect_to_host_pair(struct connection *c)
+static void connect_to_host_pair(connection_t *c)
 {
        if (oriented(*c))
        {
@@ -206,9 +206,9 @@ static void connect_to_host_pair(struct connection *c)
  * Move the winner (if any) to the front.
  * If none is found, and strict, a diagnostic is logged to whack.
  */
-struct connection *con_by_name(const char *nm, bool strict)
+connection_t *con_by_name(const char *nm, bool strict)
 {
-       struct connection *p, *prev;
+       connection_t *p, *prev;
 
        for (prev = NULL, p = connections; ; prev = p, p = p->ac_next)
        {
@@ -234,7 +234,7 @@ struct connection *con_by_name(const char *nm, bool strict)
        return p;
 }
 
-void release_connection(struct connection *c, bool relations)
+void release_connection(connection_t *c, bool relations)
 {
        if (c->kind == CK_INSTANCE)
        {
@@ -262,9 +262,9 @@ void release_connection(struct connection *c, bool relations)
        }
 
 
-void delete_connection(struct connection *c, bool relations)
+void delete_connection(connection_t *c, bool relations)
 {
-       struct connection *old_cur_connection
+       connection_t *old_cur_connection
                = cur_connection == c? NULL : cur_connection;
 #ifdef DEBUG
        lset_t old_cur_debugging = cur_debugging;
@@ -297,20 +297,20 @@ void delete_connection(struct connection *c, bool relations)
        perpeer_logfree(c);
 
        /* find and delete c from connections list */
-       list_rm(struct connection, ac_next, c, connections);
+       list_rm(connection_t, ac_next, c, connections);
        cur_connection = old_cur_connection;
 
        /* find and delete c from the host pair list */
        if (c->host_pair == NULL)
        {
                if (c->ikev1)
-                       list_rm(struct connection, hp_next, c, unoriented_connections);
+                       list_rm(connection_t, hp_next, c, unoriented_connections);
        }
        else
        {
                struct host_pair *hp = c->host_pair;
 
-               list_rm(struct connection, hp_next, c, hp->connections);
+               list_rm(connection_t, hp_next, c, hp->connections);
                c->host_pair = NULL;    /* redundant, but safe */
 
                /* if there are no more connections with this host_pair
@@ -360,7 +360,7 @@ void delete_connection(struct connection *c, bool relations)
 /* Delete connections with the specified name */
 void delete_connections_by_name(const char *name, bool strict)
 {
-       struct connection *c = con_by_name(name, strict);
+       connection_t *c = con_by_name(name, strict);
 
        for (; c != NULL; c = con_by_name(name, FALSE))
                delete_connection(c, FALSE);
@@ -378,7 +378,7 @@ void release_dead_interfaces(void)
 
        for (hp = host_pairs; hp != NULL; hp = hp->next)
        {
-               struct connection **pp
+               connection_t **pp
                        , *p;
 
                for (pp = &hp->connections; (p = *pp) != NULL; )
@@ -425,13 +425,13 @@ void check_orientations(void)
 {
        /* try to orient all the unoriented connections */
        {
-               struct connection *c = unoriented_connections;
+               connection_t *c = unoriented_connections;
 
                unoriented_connections = NULL;
 
                while (c != NULL)
                {
-                       struct connection *nxt = c->hp_next;
+                       connection_t *nxt = c->hp_next;
 
                        (void)orient(c);
                        connect_to_host_pair(c);
@@ -465,12 +465,12 @@ void check_orientations(void)
                                                 * cost of leaving it is slight and cannot
                                                 * be induced by a foe).
                                                 */
-                                               struct connection *c = hp->connections;
+                                               connection_t *c = hp->connections;
 
                                                hp->connections = NULL;
                                                while (c != NULL)
                                                {
-                                                       struct connection *nxt = c->hp_next;
+                                                       connection_t *nxt = c->hp_next;
 
                                                        c->interface = NULL;
                                                        (void)orient(c);
@@ -656,7 +656,7 @@ size_t format_end(char *buf, size_t buf_len, const struct end *this,
 #define CONNECTION_BUF  (2 * (END_BUF - 1) + 4)
 
 static size_t format_connection(char *buf, size_t buf_len,
-                                                               const struct connection *c,
+                                                               const connection_t *c,
                                                                struct spd_route *sr)
 {
        size_t w = format_end(buf, buf_len, &sr->this, &sr->that, TRUE, LEMPTY);
@@ -665,7 +665,7 @@ static size_t format_connection(char *buf, size_t buf_len,
        return w + format_end(buf + w, buf_len - w, &sr->that, &sr->this, FALSE, c->policy);
 }
 
-static void unshare_connection_strings(struct connection *c)
+static void unshare_connection_strings(connection_t *c)
 {
        c->name = clone_str(c->name);
 
@@ -913,9 +913,9 @@ static bool check_connection_end(const whack_end_t *this,
        return TRUE;        /* happy */
 }
 
-struct connection *find_connection_by_reqid(uint32_t reqid)
+connection_t *find_connection_by_reqid(uint32_t reqid)
 {
-       struct connection *c;
+       connection_t *c;
 
        reqid &= ~3;
        for (c = connections; c != NULL; c = c->ac_next)
@@ -962,7 +962,7 @@ void add_connection(const whack_message_t *wm)
        && check_connection_end(&wm->left, &wm->right, wm))
        {
                bool same_rightca, same_leftca;
-               struct connection *c = malloc_thing(struct connection);
+               connection_t *c = malloc_thing(connection_t);
 
                zero(c);
                c->name   = wm->name;
@@ -1161,11 +1161,10 @@ void add_connection(const whack_message_t *wm)
  * Returns name of new connection.  May be NULL.
  * Caller is responsible for freeing.
  */
-char *add_group_instance(struct connection *group, const ip_subnet *target)
+char *add_group_instance(connection_t *group, const ip_subnet *target)
 {
-       char namebuf[100]
-               , targetbuf[SUBNETTOT_BUF];
-       struct connection *t;
+       char namebuf[100], targetbuf[SUBNETTOT_BUF];
+       connection_t *t;
        char *name = NULL;
 
        passert(group->kind == CK_GROUP);
@@ -1222,7 +1221,7 @@ char *add_group_instance(struct connection *group, const ip_subnet *target)
 }
 
 /* an old target has disappeared for a group: delete instance */
-void remove_group_instance(const struct connection *group USED_BY_DEBUG,
+void remove_group_instance(const connection_t *group USED_BY_DEBUG,
                                                   const char *name)
 {
        passert(group->kind == CK_GROUP);
@@ -1241,11 +1240,11 @@ void remove_group_instance(const struct connection *group USED_BY_DEBUG,
  *
  * Note that instantiate can only deal with a single SPD/eroute.
  */
-static struct connection *instantiate(struct connection *c,
-                                                                         const ip_address *him, u_int16_t his_port,
-                                                                         const struct id *his_id)
+static connection_t *instantiate(connection_t *c,
+                                                                const ip_address *him, u_int16_t his_port,
+                                                                const struct id *his_id)
 {
-       struct connection *d;
+       connection_t *d;
        int wildcards;
 
        passert(c->kind == CK_TEMPLATE);
@@ -1304,11 +1303,11 @@ static struct connection *instantiate(struct connection *c,
        }
 }
 
-struct connection *rw_instantiate(struct connection *c, const ip_address *him,
-                                                                 u_int16_t his_port, const ip_subnet *his_net,
-                                                                 const struct id *his_id)
+connection_t *rw_instantiate(connection_t *c, const ip_address *him,
+                                                        u_int16_t his_port, const ip_subnet *his_net,
+                                                        const struct id *his_id)
 {
-       struct connection *d = instantiate(c, him, his_port, his_id);
+       connection_t *d = instantiate(c, him, his_port, his_id);
 
        if (d && his_net && is_virtual_connection(c))
        {
@@ -1331,12 +1330,12 @@ struct connection *rw_instantiate(struct connection *c, const ip_address *him,
        return d;
 }
 
-struct connection *oppo_instantiate(struct connection *c, const ip_address *him,
-                                                                       const struct id *his_id, struct gw_info *gw,
-                                                                       const ip_address *our_client USED_BY_DEBUG,
-                                                                       const ip_address *peer_client)
+connection_t *oppo_instantiate(connection_t *c, const ip_address *him,
+                                                          const struct id *his_id, struct gw_info *gw,
+                                                          const ip_address *our_client USED_BY_DEBUG,
+                                                          const ip_address *peer_client)
 {
-       struct connection *d = instantiate(c, him, 0, his_id);
+       connection_t *d = instantiate(c, him, 0, his_id);
 
        passert(d->spd.next == NULL);
 
@@ -1434,7 +1433,7 @@ static size_t fmt_client(const ip_subnet *client, const ip_address *gw,
        return strlen(buf);
 }
 
-void fmt_conn_instance(const struct connection *c, char buf[CONN_INST_BUF])
+void fmt_conn_instance(const connection_t *c, char buf[CONN_INST_BUF])
 {
        char *p = buf;
 
@@ -1491,12 +1490,12 @@ void fmt_conn_instance(const struct connection *c, char buf[CONN_INST_BUF])
  *
  * See also build_outgoing_opportunistic_connection.
  */
-struct connection *find_connection_for_clients(struct spd_route **srp,
-                                                                                          const ip_address *our_client,
-                                                                                          const ip_address *peer_client,
-                                                                                          int transport_proto)
+connection_t *find_connection_for_clients(struct spd_route **srp,
+                                                                                 const ip_address *our_client,
+                                                                                 const ip_address *peer_client,
+                                                                                 int transport_proto)
 {
-       struct connection *c = connections, *best = NULL;
+       connection_t *c = connections, *best = NULL;
        policy_prio_t best_prio = BOTTOM_PRIO;
        struct spd_route *sr;
        struct spd_route *best_sr = NULL;
@@ -1634,12 +1633,12 @@ struct connection *find_connection_for_clients(struct spd_route **srp,
  * find_connection_for_clients.  In this case, we know the gateways
  * that we need to instantiate an opportunistic connection.
  */
-struct connection *build_outgoing_opportunistic_connection(struct gw_info *gw,
+connection_t *build_outgoing_opportunistic_connection(struct gw_info *gw,
                                                                                        const ip_address *our_client,
                                                                                        const ip_address *peer_client)
 {
        struct iface *p;
-       struct connection *best = NULL;
+       connection_t *best = NULL;
        struct spd_route *sr, *bestsr;
        char ocb[ADDRTOT_BUF], pcb[ADDRTOT_BUF];
 
@@ -1659,8 +1658,8 @@ struct connection *build_outgoing_opportunistic_connection(struct gw_info *gw,
                 * We cannot know what port the peer would use, so we assume
                 * that it is pluto_port (makes debugging easier).
                 */
-               struct connection *c = find_host_pair_connections(&p->addr
-                       , pluto_port, (ip_address *)NULL, pluto_port);
+               connection_t *c = find_host_pair_connections(&p->addr, pluto_port,
+                                                                                (ip_address *)NULL, pluto_port);
 
                for (; c != NULL; c = c->hp_next)
                {
@@ -1712,7 +1711,7 @@ struct connection *build_outgoing_opportunistic_connection(struct gw_info *gw,
                                                          , our_client, peer_client);
 }
 
-bool orient(struct connection *c)
+bool orient(connection_t *c)
 {
        struct spd_route *sr;
 
@@ -1776,7 +1775,7 @@ bool orient(struct connection *c)
 
 void initiate_connection(const char *name, int whackfd)
 {
-       struct connection *c = con_by_name(name, TRUE);
+       connection_t *c = con_by_name(name, TRUE);
 
        if (c != NULL && c->ikev1)
        {
@@ -1905,8 +1904,7 @@ struct find_oppo_continuation {
        struct find_oppo_bundle b;
 };
 
-static void cannot_oppo(struct connection *c, struct find_oppo_bundle *b,
-                                               err_t ugh)
+static void cannot_oppo(connection_t *c, struct find_oppo_bundle *b, err_t ugh)
 {
        char pcb[ADDRTOT_BUF];
        char ocb[ADDRTOT_BUF];
@@ -1925,7 +1923,7 @@ static void cannot_oppo(struct connection *c, struct find_oppo_bundle *b,
        {
                /* there is some policy that comes afterwards */
                struct spd_route *shunt_spd;
-               struct connection *nc = c->policy_next;
+               connection_t *nc = c->policy_next;
                struct state *st;
 
                passert(c->kind == CK_TEMPLATE);
@@ -2045,7 +2043,7 @@ void initiate_opportunistic(const ip_address *our_client,
 static void continue_oppo(struct adns_continuation *acr, err_t ugh)
 {
        struct find_oppo_continuation *cr = (void *)acr;    /* inherit, damn you! */
-       struct connection *c;
+       connection_t *c;
        bool was_held = cr->b.held;
        int whackfd = cr->b.whackfd;
 
@@ -2116,8 +2114,7 @@ static void continue_oppo(struct adns_continuation *acr, err_t ugh)
 }
 
 #ifdef USE_KEYRR
-static err_t check_key_recs(enum myid_state try_state,
-                                                       const struct connection *c,
+static err_t check_key_recs(enum myid_state try_state, const connection_t *c,
                                                        struct adns_continuation *ac)
 {
        /* Check if KEY lookup yielded good results.
@@ -2170,8 +2167,7 @@ static err_t check_key_recs(enum myid_state try_state,
 }
 #endif /* USE_KEYRR */
 
-static err_t check_txt_recs(enum myid_state try_state,
-                                                       const struct connection *c,
+static err_t check_txt_recs(enum myid_state try_state, const connection_t *c,
                                                        struct adns_continuation *ac)
 {
        /* Check if TXT lookup yielded good results.
@@ -2234,7 +2230,7 @@ static void initiate_opportunistic_body(struct find_oppo_bundle *b,
                                                                                struct adns_continuation *ac,
                                                                                err_t ac_ugh)
 {
-       struct connection *c;
+       connection_t *c;
        struct spd_route *sr;
 
        /* What connection shall we use?
@@ -2938,14 +2934,14 @@ void terminate_connection(const char *nm)
        /* Loop because more than one may match (master and instances)
         * But at least one is required (enforced by con_by_name).
         */
-       struct connection *c = con_by_name(nm, TRUE);
+       connection_t *c = con_by_name(nm, TRUE);
 
        if (c == NULL || !c->ikev1)
                return;
 
        do
        {
-               struct connection *n = c->ac_next;  /* grab this before c might disappear */
+               connection_t *n = c->ac_next;  /* grab this before c might disappear */
 
                if (streq(c->name, nm)
                && c->kind >= CK_PERMANENT
@@ -2970,7 +2966,7 @@ void terminate_connection(const char *nm)
  */
 bool uniqueIDs = FALSE; /* --uniqueids? */
 
-void ISAKMP_SA_established(struct connection *c, so_serial_t serial)
+void ISAKMP_SA_established(connection_t *c, so_serial_t serial)
 {
        c->newest_isakmp_sa = serial;
 
@@ -2985,11 +2981,11 @@ void ISAKMP_SA_established(struct connection *c, so_serial_t serial)
                /* for all connections: if the same Phase 1 IDs are used
                 * for a different IP address, unorient that connection.
                 */
-               struct connection *d;
+               connection_t *d;
 
                for (d = connections; d != NULL; )
                {
-                       struct connection *next = d->ac_next;       /* might move underneath us */
+                       connection_t *next = d->ac_next;       /* might move underneath us */
 
                        if (d->kind >= CK_PERMANENT
                        && same_id(&c->spd.this.id, &d->spd.this.id)
@@ -3014,10 +3010,10 @@ void ISAKMP_SA_established(struct connection *c, so_serial_t serial)
  * The return value is used to find other connections sharing a route.
  * *erop is used to find other connections sharing an eroute.
  */
-struct connection *route_owner(struct connection *c, struct spd_route **srp,
-                                                          struct connection **erop, struct spd_route **esrp)
+connection_t *route_owner(connection_t *c, struct spd_route **srp,
+                                                 connection_t **erop, struct spd_route **esrp)
 {
-       struct connection *d
+       connection_t *d
                , *best_ro = c
                , *best_ero = c;
        struct spd_route *srd, *src;
@@ -3121,9 +3117,9 @@ struct connection *route_owner(struct connection *c, struct spd_route **srp,
  * There ought to be only one.
  * This might get to be a bottleneck -- try hashing if it does.
  */
-struct connection *shunt_owner(const ip_subnet *ours, const ip_subnet *his)
+connection_t *shunt_owner(const ip_subnet *ours, const ip_subnet *his)
 {
-       struct connection *c;
+       connection_t *c;
        struct spd_route *sr;
 
        for (c = connections; c != NULL; c = c->ac_next)
@@ -3143,11 +3139,11 @@ struct connection *shunt_owner(const ip_subnet *ours, const ip_subnet *his)
  * We don't know enough to chose amongst those available.
  * ??? no longer usefully different from find_host_pair_connections
  */
-struct connection *find_host_connection(const ip_address *me, u_int16_t my_port,
-                                                                               const ip_address *him, u_int16_t his_port,
-                                                                               lset_t policy)
+connection_t *find_host_connection(const ip_address *me, u_int16_t my_port,
+                                                                  const ip_address *him, u_int16_t his_port,
+                                                                  lset_t policy)
 {
-       struct connection *c = find_host_pair_connections(me, my_port, him, his_port);
+       connection_t *c = find_host_pair_connections(me, my_port, him, his_port);
 
        if (policy != LEMPTY)
        {
@@ -3229,13 +3225,13 @@ struct connection *find_host_connection(const ip_address *me, u_int16_t my_port,
  */
 #define PRIO_NO_MATCH_FOUND     2048
 
-struct connection *refine_host_connection(const struct state *st,
-                                                                                 const struct id *peer_id,
-                                                                                 chunk_t peer_ca)
+connection_t *refine_host_connection(const struct state *st,
+                                                                        const struct id *peer_id,
+                                                                        chunk_t peer_ca)
 {
-       struct connection *c = st->st_connection;
-       struct connection *d;
-       struct connection *best_found = NULL;
+       connection_t *c = st->st_connection;
+       connection_t *d;
+       connection_t *best_found = NULL;
        u_int16_t auth = st->st_oakley.auth;
        lset_t auth_policy = POLICY_PSK;
        const chunk_t *psk = NULL;
@@ -3422,7 +3418,7 @@ struct connection *refine_host_connection(const struct state *st,
 static bool is_virtual_net_used(const ip_subnet *peer_net,
                                                                const struct id *peer_id)
 {
-       struct connection *d;
+       connection_t *d;
 
        for (d = connections; d != NULL; d = d->ac_next)
        {
@@ -3483,20 +3479,19 @@ static bool is_virtual_net_used(const ip_subnet *peer_net,
 #define PRIO_WEIGHT     (MAX_WILDCARDS+1)*WILD_WEIGHT
 
 /* fc_try: a helper function for find_client_connection */
-static struct connection *fc_try(const struct connection *c,
-                                                                struct host_pair *hp,
-                                                                const struct id *peer_id,
-                                                                const ip_subnet *our_net,
-                                                                const ip_subnet *peer_net,
-                                                                const u_int8_t our_protocol,
-                                                                const u_int16_t our_port,
-                                                                const u_int8_t peer_protocol,
-                                                                const u_int16_t peer_port,
-                                                                chunk_t peer_ca,
-                                                                const ietfAttrList_t *peer_list)
+static connection_t *fc_try(const connection_t *c, struct host_pair *hp,
+                                                       const struct id *peer_id,
+                                                       const ip_subnet *our_net,
+                                                       const ip_subnet *peer_net,
+                                                       const u_int8_t our_protocol,
+                                                       const u_int16_t our_port,
+                                                       const u_int8_t peer_protocol,
+                                                       const u_int16_t peer_port,
+                                                       chunk_t peer_ca,
+                                                       const ietfAttrList_t *peer_list)
 {
-       struct connection *d;
-       struct connection *best = NULL;
+       connection_t *d;
+       connection_t *best = NULL;
        policy_prio_t best_prio = BOTTOM_PRIO;
        int wildcards, pathlen;
 
@@ -3612,19 +3607,19 @@ static struct connection *fc_try(const struct connection *c,
        return best;
 }
 
-static struct connection *fc_try_oppo(const struct connection *c,
-                                                                         struct host_pair *hp,
-                                                                         const ip_subnet *our_net,
-                                                                         const ip_subnet *peer_net,
-                                                                         const u_int8_t our_protocol,
-                                                                         const u_int16_t our_port,
-                                                                         const u_int8_t peer_protocol,
-                                                                         const u_int16_t peer_port,
-                                                                         chunk_t peer_ca,
-                                                                         const ietfAttrList_t *peer_list)
+static connection_t *fc_try_oppo(const connection_t *c,
+                                                                struct host_pair *hp,
+                                                                const ip_subnet *our_net,
+                                                                const ip_subnet *peer_net,
+                                                                const u_int8_t our_protocol,
+                                                                const u_int16_t our_port,
+                                                                const u_int8_t peer_protocol,
+                                                                const u_int16_t peer_port,
+                                                                chunk_t peer_ca,
+                                                                const ietfAttrList_t *peer_list)
 {
-       struct connection *d;
-       struct connection *best = NULL;
+       connection_t *d;
+       connection_t *best = NULL;
        policy_prio_t best_prio = BOTTOM_PRIO;
        int wildcards, pathlen;
 
@@ -3715,8 +3710,7 @@ static struct connection *fc_try_oppo(const struct connection *c,
 /*
  * get the peer's CA and group attributes
  */
-chunk_t get_peer_ca_and_groups(struct connection *c,
-                                                          const ietfAttrList_t **peer_list)
+chunk_t get_peer_ca_and_groups(connection_t *c, const ietfAttrList_t **peer_list)
 {
        struct state *p1st = find_phase1_state(c, ISAKMP_SA_ESTABLISHED_STATES);
 
@@ -3742,15 +3736,15 @@ chunk_t get_peer_ca_and_groups(struct connection *c,
        return chunk_empty;
 }
 
-struct connection *find_client_connection(struct connection *c,
-                                                                                 const ip_subnet *our_net,
-                                                                                 const ip_subnet *peer_net,
-                                                                                 const u_int8_t our_protocol,
-                                                                                 const u_int16_t our_port,
-                                                                                 const u_int8_t peer_protocol,
-                                                                                 const u_int16_t peer_port)
+connection_t *find_client_connection(connection_t *c,
+                                                                        const ip_subnet *our_net,
+                                                                        const ip_subnet *peer_net,
+                                                                        const u_int8_t our_protocol,
+                                                                        const u_int16_t our_port,
+                                                                        const u_int8_t peer_protocol,
+                                                                        const u_int16_t peer_port)
 {
-       struct connection *d;
+       connection_t *d;
        struct spd_route *sr;
 
        const ietfAttrList_t *peer_list = NULL;
@@ -3776,7 +3770,7 @@ struct connection *find_client_connection(struct connection *c,
         * but even greater priority to a routed concrete connection
         */
        {
-               struct connection *unrouted = NULL;
+               connection_t *unrouted = NULL;
                int srnum = -1;
 
                for (sr = &c->spd; unrouted == NULL && sr != NULL; sr = sr->next)
@@ -3882,7 +3876,7 @@ struct connection *find_client_connection(struct connection *c,
        return d;
 }
 
-int connection_compare(const struct connection *ca, const struct connection *cb)
+int connection_compare(const connection_t *ca, const connection_t *cb)
 {
        int ret;
 
@@ -3913,15 +3907,15 @@ int connection_compare(const struct connection *ca, const struct connection *cb)
 
 static int connection_compare_qsort(const void *a, const void *b)
 {
-       return connection_compare(*(const struct connection *const *)a
-                                                       , *(const struct connection *const *)b);
+       return connection_compare(*(const connection_t *const *)a
+                                                       , *(const connection_t *const *)b);
 }
 
 void show_connections_status(bool all, const char *name)
 {
-       struct connection *c;
+       connection_t *c;
        int count, i;
-       struct connection **array;
+       connection_t **array;
 
        /* make an array of connections, and sort it */
        count = 0;
@@ -3930,7 +3924,7 @@ void show_connections_status(bool all, const char *name)
                if (c->ikev1 && (name == NULL || streq(c->name, name)))
                        count++;
        }
-       array = malloc(sizeof(struct connection *)*count);
+       array = malloc(sizeof(connection_t *)*count);
 
        count=0;
        for (c = connections; c != NULL; c = c->ac_next)
@@ -3940,7 +3934,7 @@ void show_connections_status(bool all, const char *name)
        }
 
        /* sort it! */
-       qsort(array, count, sizeof(struct connection *), connection_compare_qsort);
+       qsort(array, count, sizeof(connection_t *), connection_compare_qsort);
 
        for (i = 0; i < count; i++)
        {
@@ -4075,7 +4069,7 @@ void show_connections_status(bool all, const char *name)
 struct pending {
        int whack_sock;
        struct state *isakmp_sa;
-       struct connection *connection;
+       connection_t *connection;
        lset_t policy;
        unsigned long try;
        so_serial_t replacing;
@@ -4084,7 +4078,7 @@ struct pending {
 };
 
 /* queue a Quick Mode negotiation pending completion of a suitable Main Mode */
-void add_pending(int whack_sock, struct state *isakmp_sa, struct connection *c,
+void add_pending(int whack_sock, struct state *isakmp_sa, connection_t *c,
                                 lset_t policy, unsigned long try, so_serial_t replacing)
 {
        bool already_queued = FALSE;
@@ -4229,7 +4223,7 @@ void flush_pending_by_state(struct state *st)
 }
 
 /* a connection has been deleted; discard any related pending */
-static void flush_pending_by_connection(struct connection *c)
+static void flush_pending_by_connection(connection_t *c)
 {
        if (c->host_pair != NULL)
        {
@@ -4276,7 +4270,7 @@ void show_pending_phase2(const struct host_pair *hp, const struct state *st)
  * We must be careful to avoid circularity:
  * we don't touch it if it is CK_GOING_AWAY.
  */
-void connection_discard(struct connection *c)
+void connection_discard(connection_t *c)
 {
        if (c->kind == CK_INSTANCE)
        {
@@ -4300,9 +4294,9 @@ void connection_discard(struct connection *c)
 
 long eclipse_count = 0;
 
-struct connection *eclipsed(struct connection *c, struct spd_route **esrp)
+connection_t *eclipsed(connection_t *c, struct spd_route **esrp)
 {
-       struct connection *ue;
+       connection_t *ue;
        struct spd_route *sr1 = &c->spd;
 
        ue = NULL;
index 512c688..d688149 100644 (file)
@@ -166,6 +166,8 @@ struct spd_route {
        uint32_t reqid;
 };
 
+typedef struct connection connection_t;
+
 struct connection {
        char *name;
        bool ikev1;
@@ -210,7 +212,7 @@ struct connection {
        sa_family_t addr_family;            /* between gateways */
        sa_family_t tunnel_addr_family;     /* between clients */
 
-       struct connection *policy_next;     /* if multiple policies,
+       connection_t *policy_next;          /* if multiple policies,
                                                                                   next one to apply */
 
        struct gw_info *gw_info;
@@ -218,64 +220,60 @@ struct connection {
        struct alg_info_ike *alg_info_ike;
 
        struct host_pair *host_pair;
-       struct connection *hp_next;         /* host pair list link */
-
-       struct connection *ac_next;         /* all connections list link */
+       connection_t *hp_next;              /* host pair list link */
+       connection_t *ac_next;              /* all connections list link */
 
        generalName_t *requested_ca;        /* collected certificate requests */
        bool got_certrequest;
 };
 
 #define oriented(c) ((c).interface != NULL)
-extern bool orient(struct connection *c);
+extern bool orient(connection_t *c);
 
-extern bool same_peer_ids(const struct connection *c
-       , const struct connection *d, const struct id *his_id);
+extern bool same_peer_ids(const connection_t *c, const connection_t *d,
+                                                 const struct id *his_id);
 
 /* Format the topology of a connection end, leaving out defaults.
  * Largest left end looks like: client === host : port [ host_id ] --- hop
  * Note: if that==NULL, skip nexthop
  */
 #define END_BUF (SUBNETTOT_BUF + ADDRTOT_BUF + IDTOA_BUF + ADDRTOT_BUF + 10)
-extern size_t format_end(char *buf, size_t buf_len
-       , const struct end *this, const struct end *that
-       , bool is_left, lset_t policy);
+extern size_t format_end(char *buf, size_t buf_len, const struct end *this,
+                                                const struct end *that, bool is_left, lset_t policy);
 
 extern void add_connection(const whack_message_t *wm);
 extern void initiate_connection(const char *name, int whackfd);
-extern void initiate_opportunistic(const ip_address *our_client
-       , const ip_address *peer_client, int transport_proto, bool held, int whackfd);
+extern void initiate_opportunistic(const ip_address *our_client,
+                                                                  const ip_address *peer_client,
+                                                                  int transport_proto, bool held, int whackfd);
 extern void terminate_connection(const char *nm);
-extern void release_connection(struct connection *c, bool relations);
-extern void delete_connection(struct connection *c, bool relations);
+extern void release_connection(connection_t *c, bool relations);
+extern void delete_connection(connection_t *c, bool relations);
 extern void delete_connections_by_name(const char *name, bool strict);
 extern void delete_every_connection(void);
-extern char *add_group_instance(struct connection *group, const ip_subnet *target);
-extern void remove_group_instance(const struct connection *group, const char *name);
+extern char *add_group_instance(connection_t *group, const ip_subnet *target);
+extern void remove_group_instance(const connection_t *group, const char *name);
 extern void release_dead_interfaces(void);
 extern void check_orientations(void);
-extern struct connection *route_owner(struct connection *c
-                                                                         , struct spd_route **srp
-                                                                         , struct connection **erop
-                                                                         , struct spd_route **esrp);
-extern struct connection *shunt_owner(const ip_subnet *ours
-       , const ip_subnet *his);
+extern connection_t *route_owner(connection_t *c, struct spd_route **srp,
+                                                                connection_t **erop, struct spd_route **esrp);
+extern connection_t *shunt_owner(const ip_subnet *ours, const ip_subnet *his);
 
 extern bool uniqueIDs;  /* --uniqueids? */
-extern void ISAKMP_SA_established(struct connection *c, so_serial_t serial);
+extern void ISAKMP_SA_established(connection_t *c, so_serial_t serial);
 
 #define his_id_was_instantiated(c) ((c)->kind == CK_INSTANCE \
        && (id_is_ipaddr(&(c)->spd.that.id)? \
        sameaddr(&(c)->spd.that.id.ip_addr, &(c)->spd.that.host_addr) : TRUE))
 
 struct state;   /* forward declaration of tag (defined in state.h) */
-extern struct connection
+extern connection_t
        *con_by_name(const char *nm, bool strict),
        *find_host_connection(const ip_address *me, u_int16_t my_port
                , const ip_address *him, u_int16_t his_port, lset_t policy),
        *refine_host_connection(const struct state *st, const struct id *id
                , chunk_t peer_ca),
-       *find_client_connection(struct connection *c
+       *find_client_connection(connection_t *c
                , const ip_subnet *our_net
                , const ip_subnet *peer_net
                , const u_int8_t our_protocol
@@ -284,13 +282,13 @@ extern struct connection
                , const u_int16_t peer_port),
        *find_connection_by_reqid(uint32_t reqid);
 
-extern struct connection *
+extern connection_t *
 find_connection_for_clients(struct spd_route **srp
                                                        , const ip_address *our_client
                                                        , const ip_address *peer_client
                                                        , int transport_proto);
 
-extern chunk_t get_peer_ca_and_groups(struct connection *c
+extern chunk_t get_peer_ca_and_groups(connection_t *c
        , const ietfAttrList_t **peer_list);
 
 /* instantiating routines
@@ -299,20 +297,20 @@ extern chunk_t get_peer_ca_and_groups(struct connection *c
  */
 struct gw_info; /* forward declaration of tag (defined in dnskey.h) */
 struct alg_info;        /* forward declaration of tag (defined in alg_info.h) */
-extern struct connection *rw_instantiate(struct connection *c
+extern connection_t *rw_instantiate(connection_t *c
                                                                                 , const ip_address *him
                                                                                 , u_int16_t his_port
                                                                                 , const ip_subnet *his_net
                                                                                 , const struct id *his_id);
 
-extern struct connection *oppo_instantiate(struct connection *c
+extern connection_t *oppo_instantiate(connection_t *c
                                                                                   , const ip_address *him
                                                                                   , const struct id *his_id
                                                                                   , struct gw_info *gw
                                                                                   , const ip_address *our_client
                                                                                   , const ip_address *peer_client);
 
-extern struct connection
+extern connection_t
   *build_outgoing_opportunistic_connection(struct gw_info *gw
                                                                                   , const ip_address *our_client
                                                                                   , const ip_address *peer_client);
@@ -321,7 +319,7 @@ extern struct connection
 #define CONN_INST_BUF \
        (2 + 10 + 1 + SUBNETTOT_BUF + 7 + ADDRTOT_BUF + 3 + SUBNETTOT_BUF + 1)
 
-extern void fmt_conn_instance(const struct connection *c
+extern void fmt_conn_instance(const connection_t *c
        , char buf[CONN_INST_BUF]);
 
 /* operations on "pending", the structure representing Quick Mode
@@ -332,7 +330,7 @@ struct pending; /* forward declaration (opaque outside connections.c) */
 
 extern void add_pending(int whack_sock
        , struct state *isakmp_sa
-       , struct connection *c
+       , connection_t *c
        , lset_t policy
        , unsigned long try
        , so_serial_t replacing);
@@ -343,7 +341,7 @@ extern void update_pending(struct state *os, struct state *ns);
 extern void flush_pending_by_state(struct state *st);
 extern void show_pending_phase2(const struct host_pair *hp, const struct state *st);
 
-extern void connection_discard(struct connection *c);
+extern void connection_discard(connection_t *c);
 
 /* A template connection's eroute can be eclipsed by
  * either a %hold or an eroute for an instance iff
@@ -351,15 +349,15 @@ extern void connection_discard(struct connection *c);
  */
 #define eclipsable(sr) (subnetishost(&(sr)->this.client) && subnetishost(&(sr)->that.client))
 extern long eclipse_count;
-extern struct connection *eclipsed(struct connection *c, struct spd_route **);
+extern connection_t *eclipsed(connection_t *c, struct spd_route **);
 
 
 /* print connection status */
 
 extern void show_connections_status(bool all, const char *name);
-extern int  connection_compare(const struct connection *ca
-       , const struct connection *cb);
-extern void update_host_pair(const char *why, struct connection *c
+extern int  connection_compare(const connection_t *ca
+       , const connection_t *cb);
+extern void update_host_pair(const char *why, connection_t *c
        , const ip_address *myaddr, u_int16_t myport
        , const ip_address *hisaddr, u_int16_t hisport);
 
index b41c816..f2aa862 100644 (file)
@@ -819,7 +819,7 @@ check_msg_errqueue(const struct iface *ifp, short interest)
 bool
 send_packet(struct state *st, const char *where)
 {
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        int port_buf;
        bool err;
        u_int8_t ike_pkt[MAX_OUTPUT_UDP_SIZE];
@@ -2192,7 +2192,7 @@ complete_state_transition(struct msg_digest **mdp, stf_status result)
                                time_t delay = UNDEFINED_TIME;
                                enum event_type kind = smc->timeout_event;
                                bool agreed_time = FALSE;
-                               struct connection *c = st->st_connection;
+                               connection_t *c = st->st_connection;
 
                                switch (kind)
                                {
index ed9853f..e4f9a1d 100644 (file)
@@ -48,7 +48,7 @@ static size_t fg_path_space = 0;
 
 struct fg_groups {
        struct fg_groups *next;
-       struct connection *connection;
+       connection_t *connection;
 };
 
 static struct fg_groups *groups = NULL;
@@ -78,8 +78,7 @@ struct fg_targets *new_targets;
  * It returns -1, 0, or +1 if a is, respectively,
  * less than, equal to, or greater than b.
  */
-static int
-ipcmp(ip_address *a, ip_address *b)
+static int ipcmp(ip_address *a, ip_address *b)
 {
        if (addrtypeof(a) != addrtypeof(b))
        {
@@ -105,8 +104,7 @@ ipcmp(ip_address *a, ip_address *b)
  * It returns -1, 0, or +1 if a is, respectively,
  * less than, equal to, or greater than b.
  */
-static int
-subnetcmp(const ip_subnet *a, const ip_subnet *b)
+static int subnetcmp(const ip_subnet *a, const ip_subnet *b)
 {
        ip_address neta, maska, netb, maskb;
        int r;
@@ -121,8 +119,7 @@ subnetcmp(const ip_subnet *a, const ip_subnet *b)
        return r;
 }
 
-static void
-read_foodgroup(struct fg_groups *g)
+static void read_foodgroup(struct fg_groups *g)
 {
        const char *fgn = g->connection->name;
        const ip_subnet *lsn = &g->connection->spd.this.client;
@@ -244,8 +241,7 @@ read_foodgroup(struct fg_groups *g)
        }
 }
 
-static void
-free_targets(void)
+static void free_targets(void)
 {
        while (targets != NULL)
        {
@@ -257,8 +253,7 @@ free_targets(void)
        }
 }
 
-void
-load_groups(void)
+void load_groups(void)
 {
        passert(new_targets == NULL);
 
@@ -341,8 +336,7 @@ load_groups(void)
 }
 
 
-void
-add_group(struct connection *c)
+void add_group(connection_t *c)
 {
        struct fg_groups *g = malloc_thing(struct fg_groups);
 
@@ -352,8 +346,7 @@ add_group(struct connection *c)
        g->connection = c;
 }
 
-static struct fg_groups *
-find_group(const struct connection *c)
+static struct fg_groups *find_group(const connection_t *c)
 {
        struct fg_groups *g;
 
@@ -362,8 +355,7 @@ find_group(const struct connection *c)
        return g;
 }
 
-void
-route_group(struct connection *c)
+void route_group(connection_t *c)
 {
        /* it makes no sense to route a connection that is ISAKMP-only */
        if (!NEVER_NEGOTIATE(c->policy) && !HAS_IPSEC_POLICY(c->policy))
@@ -381,7 +373,7 @@ route_group(struct connection *c)
                {
                        if (t->group == g)
                        {
-                               struct connection *ci = con_by_name(t->name, FALSE);
+                               connection_t *ci = con_by_name(t->name, FALSE);
 
                                if (ci != NULL)
                                {
@@ -395,8 +387,7 @@ route_group(struct connection *c)
        }
 }
 
-void
-unroute_group(struct connection *c)
+void unroute_group(connection_t *c)
 {
        struct fg_groups *g = find_group(c);
        struct fg_targets *t;
@@ -407,7 +398,7 @@ unroute_group(struct connection *c)
        {
                if (t->group == g)
                {
-                       struct connection *ci = con_by_name(t->name, FALSE);
+                       connection_t *ci = con_by_name(t->name, FALSE);
 
                        if (ci != NULL)
                        {
@@ -419,8 +410,7 @@ unroute_group(struct connection *c)
        }
 }
 
-void
-delete_group(const struct connection *c)
+void delete_group(const connection_t *c)
 {
        struct fg_groups *g;
 
index a264879..5d26a95 100644 (file)
@@ -126,7 +126,7 @@ struct dh_desc *ike_alg_get_dh_group(u_int alg)
 /**
  * Get pfsgroup for this connection
  */
-const struct dh_desc *ike_alg_pfsgroup(struct connection *c, lset_t policy)
+const struct dh_desc *ike_alg_pfsgroup(connection_t *c, lset_t policy)
 {
        const struct dh_desc *ret = NULL;
 
@@ -141,7 +141,7 @@ const struct dh_desc *ike_alg_pfsgroup(struct connection *c, lset_t policy)
 /**
  * Create an OAKLEY proposal based on alg_info and policy
  */
-struct db_context *ike_alg_db_new(struct connection *c, lset_t policy)
+struct db_context *ike_alg_db_new(connection_t *c, lset_t policy)
 {
        struct alg_info_ike *ai = c->alg_info_ike;
        struct db_context *db_ctx = NULL;
@@ -344,7 +344,7 @@ void ike_alg_list(void)
  * Show IKE algorithms for this connection (result from ike= string)
  * and newest SA
  */
-void ike_alg_show_connection(struct connection *c, const char *instance)
+void ike_alg_show_connection(connection_t *c, const char *instance)
 {
        struct state *st = state_with_serialno(c->newest_isakmp_sa);
 
index 43c01a8..5ea00a8 100644 (file)
@@ -235,7 +235,7 @@ static bool build_and_ship_nonce(chunk_t *n, pb_stream *outs, u_int8_t np,
 
 static bool collect_rw_ca_candidates(struct msg_digest *md, generalName_t **top)
 {
-       struct connection *d = find_host_connection(&md->iface->addr
+       connection_t *d = find_host_connection(&md->iface->addr
                , pluto_port, (ip_address*)NULL, md->sender_port, LEMPTY);
 
        for (; d != NULL; d = d->hp_next)
@@ -492,7 +492,7 @@ void send_notification_from_md(struct msg_digest *md, u_int16_t type)
         *   st_connection->interface
         */
        struct state st;
-       struct connection cnx;
+       connection_t cnx;
 
        passert(md);
 
@@ -781,7 +781,7 @@ void accept_delete(struct state *st, struct msg_digest *md,
                        }
                        else
                        {
-                               struct connection *oldc;
+                               connection_t *oldc;
 
                                oldc = cur_connection;
                                set_cur_connection(dst->st_connection);
@@ -817,8 +817,8 @@ void accept_delete(struct state *st, struct msg_digest *md,
                        }
                        else
                        {
-                               struct connection *rc = dst->st_connection;
-                               struct connection *oldc;
+                               connection_t *rc = dst->st_connection;
+                               connection_t *oldc;
 
                                oldc = cur_connection;
                                set_cur_connection(rc);
@@ -894,7 +894,7 @@ void close_message(pb_stream *pbs)
  * Note: this is not called from demux.c
  */
 static stf_status
-main_outI1(int whack_sock, struct connection *c, struct state *predecessor
+main_outI1(int whack_sock, connection_t *c, struct state *predecessor
        , lset_t policy, unsigned long try)
 {
        struct state *st = new_state();
@@ -1089,7 +1089,7 @@ main_outI1(int whack_sock, struct connection *c, struct state *predecessor
        return STF_OK;
 }
 
-void ipsecdoi_initiate(int whack_sock, struct connection *c, lset_t policy,
+void ipsecdoi_initiate(int whack_sock, connection_t *c, lset_t policy,
                                           unsigned long try, so_serial_t replacing)
 {
        /* If there's already an ISAKMP SA established, use that and
@@ -1463,7 +1463,7 @@ static bool generate_skeyids_iv(struct state *st)
  * Use PKCS#1 version 1.5 encryption of hash (called
  * RSAES-PKCS1-V1_5) in PKCS#2.
  */
-static size_t sign_hash(signature_scheme_t scheme, struct connection *c,
+static size_t sign_hash(signature_scheme_t scheme, connection_t *c,
                                                u_char sig_val[RSA_MAX_OCTETS], chunk_t hash)
 {
        size_t sz = 0;
@@ -1574,7 +1574,7 @@ static stf_status check_signature(key_type_t key_type, const struct id* peer,
 #endif /* USE_KEYRR */
                                                                  const struct gw_info *gateways_from_dns)
 {
-       const struct connection *c = st->st_connection;
+       const connection_t *c = st->st_connection;
        struct tac_state s;
 
        s.st = st;
@@ -1912,7 +1912,7 @@ static bool emit_subnet_id(ip_subnet *net, u_int8_t np, u_int8_t protoid,
 }
 
 stf_status quick_outI1(int whack_sock, struct state *isakmp_sa,
-                                          struct connection *c, lset_t policy, unsigned long try,
+                                          connection_t *c, lset_t policy, unsigned long try,
                                           so_serial_t replacing)
 {
        struct state *st = duplicate_state(isakmp_sa);
@@ -2200,7 +2200,7 @@ static void decode_cert(struct msg_digest *md)
 /*
  * Decode the CR payload of Phase 1.
  */
-static void decode_cr(struct msg_digest *md, struct connection *c)
+static void decode_cr(struct msg_digest *md, connection_t *c)
 {
        struct payload_digest *p;
 
@@ -2371,7 +2371,7 @@ static bool switch_connection(struct msg_digest *md, struct id *peer,
                                                          bool initiator)
 {
        struct state *const st = md->st;
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
 
        chunk_t peer_ca = (st->st_peer_pubkey != NULL)
                                         ? st->st_peer_pubkey->issuer : chunk_empty;
@@ -2416,7 +2416,7 @@ static bool switch_connection(struct msg_digest *md, struct id *peer,
        }
        else
        {
-               struct connection *r;
+               connection_t *r;
 
                /* check for certificate requests */
                decode_cr(md, c);
@@ -2678,7 +2678,7 @@ static bool check_net_id(struct isakmp_ipsec_id *id, pb_stream *id_pbs,
  */
 static bool has_preloaded_public_key(struct state *st)
 {
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
 
        /* do not consider rw connections since
         * the peer's identity must be known
@@ -2917,7 +2917,7 @@ stf_status main_inI1_outR1(struct msg_digest *md)
 {
        struct payload_digest *const sa_pd = md->chain[ISAKMP_NEXT_SA];
        struct state *st;
-       struct connection *c;
+       connection_t *c;
        struct isakmp_proposal proposal;
        pb_stream proposal_pbs;
        pb_stream r_sa_pbs;
@@ -2961,7 +2961,7 @@ stf_status main_inI1_outR1(struct msg_digest *md)
                 * but Food Groups kind of assumes one.
                 */
                {
-                       struct connection *d;
+                       connection_t *d;
 
                        d = find_host_connection(&md->iface->addr
                                , pluto_port, (ip_address*)NULL, md->sender_port, policy);
@@ -4256,7 +4256,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b
 stf_status quick_inI1_outR1(struct msg_digest *md)
 {
        const struct state *const p1st = md->st;
-       struct connection *c = p1st->st_connection;
+       connection_t *c = p1st->st_connection;
        struct payload_digest *const id_pd = md->chain[ISAKMP_NEXT_ID];
        struct verify_oppo_bundle b;
 
@@ -4403,7 +4403,7 @@ static stf_status quick_inI1_outR1_start_query(struct verify_oppo_bundle *b,
 {
        struct msg_digest *md = b->md;
        struct state *p1st = md->st;
-       struct connection *c = p1st->st_connection;
+       connection_t *c = p1st->st_connection;
        struct verify_oppo_continuation *vc = malloc_thing(struct verify_oppo_continuation);
        struct id id        /* subject of query */
                , *our_id       /* needed for myid playing */
@@ -4519,7 +4519,7 @@ static enum verify_oppo_step quick_inI1_outR1_process_answer(
                                                                                struct adns_continuation *ac,
                                                                                struct state *p1st)
 {
-       struct connection *c = p1st->st_connection;
+       connection_t *c = p1st->st_connection;
        enum verify_oppo_step next_step = vos_our_client;
        err_t ugh = NULL;
 
@@ -4696,7 +4696,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b,
 {
        struct msg_digest *md = b->md;
        struct state *const p1st = md->st;
-       struct connection *c = p1st->st_connection;
+       connection_t *c = p1st->st_connection;
        struct payload_digest *const id_pd = md->chain[ISAKMP_NEXT_ID];
        ip_subnet *our_net = &b->my.net
                , *his_net = &b->his.net;
@@ -4709,7 +4709,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b,
         * a suitable connection (our current one only matches for hosts).
         */
        {
-               struct connection *p = find_client_connection(c
+               connection_t *p = find_client_connection(c
                        , our_net, his_net, b->my.proto, b->my.port, b->his.proto, b->his.port);
 
                if (p == NULL)
@@ -4873,7 +4873,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b,
 
                if (st->st_connection != c)
                {
-                       struct connection *t = st->st_connection;
+                       connection_t *t = st->st_connection;
 
                        st->st_connection = c;
                        set_cur_connection(c);
@@ -5095,7 +5095,7 @@ static void dpd_init(struct state *st)
 stf_status quick_inR1_outI2(struct msg_digest *md)
 {
        struct state *const st = md->st;
-       const struct connection *c = st->st_connection;
+       const connection_t *c = st->st_connection;
 
        /* HASH(2) in */
        CHECK_QUICK_HASH(md
@@ -5677,7 +5677,7 @@ void
 dpd_timeout(struct state *st)
 {
        struct state *newest_phase1_st;
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        int action = st->st_connection->dpd_action;
        char cname[BUF_LEN];
 
index 27e3e36..6086459 100644 (file)
@@ -151,7 +151,7 @@ static void DBG_bare_shunt(const char *op, const struct bare_shunt *bs)
 struct eroute_info *orphaned_holds = NULL;
 
 /* forward declaration */
-static bool shunt_eroute(struct connection *c, struct spd_route *sr,
+static bool shunt_eroute(connection_t *c, struct spd_route *sr,
                                                 enum routing_t rt_kind, unsigned int op,
                                                 const char *opname);
 
@@ -394,7 +394,7 @@ ipsec_spi_t get_my_cpi(struct spd_route *sr, bool tunnel)
 # define DEFAULT_UPDOWN "ipsec _updown"
 #endif
 
-static bool do_command(struct connection *c, struct spd_route *sr,
+static bool do_command(connection_t *c, struct spd_route *sr,
                                           const char *verb)
 {
        char cmd[1536];     /* arbitrary limit on shell command length */
@@ -655,10 +655,10 @@ enum routability {
        route_farconflict = 3
 };
 
-static enum routability could_route(struct connection *c)
+static enum routability could_route(connection_t *c)
 {
        struct spd_route *esr, *rosr;
-       struct connection *ero      /* who, if anyone, owns our eroute? */
+       connection_t *ero      /* who, if anyone, owns our eroute? */
                , *ro = route_owner(c, &rosr, &ero, &esr); /* who owns our route? */
 
        /* it makes no sense to route a connection that is ISAKMP-only */
@@ -712,8 +712,8 @@ static enum routability could_route(struct connection *c)
        /* if there is an eroute for another connection, there is a problem */
        if (ero != NULL && ero != c)
        {
-               struct connection *ero2, *ero_top;
-               struct connection *inside, *outside;
+               connection_t *ero2, *ero_top;
+               connection_t *inside, *outside;
 
                /*
                 * note, wavesec (PERMANENT) goes *outside* and
@@ -799,7 +799,7 @@ static enum routability could_route(struct connection *c)
        return route_easy;
 }
 
-bool trap_connection(struct connection *c)
+bool trap_connection(connection_t *c)
 {
        switch (could_route(c))
        {
@@ -827,7 +827,7 @@ bool trap_connection(struct connection *c)
 /**
  * Delete any eroute for a connection and unroute it if route isn't shared
  */
-void unroute_connection(struct connection *c)
+void unroute_connection(connection_t *c)
 {
        struct spd_route *sr;
        enum routing_t cr;
@@ -1088,7 +1088,7 @@ static bool eroute_connection(struct spd_route *sr, ipsec_spi_t spi,
 
 /* assign a bare hold to a connection */
 
-bool assign_hold(struct connection *c USED_BY_DEBUG, struct spd_route *sr,
+bool assign_hold(connection_t *c USED_BY_DEBUG, struct spd_route *sr,
                                 int transport_proto,
                                 const ip_address *src,
                                 const ip_address *dst)
@@ -1230,7 +1230,7 @@ static bool sag_eroute(struct state *st, struct spd_route *sr,
 
 /* compute a (host-order!) SPI to implement the policy in connection c */
 ipsec_spi_t
-shunt_policy_spi(struct connection *c, bool prospective)
+shunt_policy_spi(connection_t *c, bool prospective)
 {
        /* note: these are in host order :-( */
        static const ipsec_spi_t shunt_spi[] =
@@ -1261,7 +1261,7 @@ shunt_policy_spi(struct connection *c, bool prospective)
  * If negotiation has failed, the choice between %trap/%pass/%drop/%reject
  * is specified in the policy of connection c.
  */
-static bool shunt_eroute(struct connection *c, struct spd_route *sr,
+static bool shunt_eroute(connection_t *c, struct spd_route *sr,
                                                 enum routing_t rt_kind,
                                                 unsigned int op, const char *opname)
 {
@@ -1321,7 +1321,7 @@ static bool shunt_eroute(struct connection *c, struct spd_route *sr,
        {
                /* maybe we are uneclipsing something */
                struct spd_route *esr;
-               struct connection *ue = eclipsed(c, &esr);
+               connection_t *ue = eclipsed(c, &esr);
 
                if (ue != NULL)
                {
@@ -1694,7 +1694,7 @@ static bool setup_half_ipsec_sa(struct state *st, bool inbound)
 {
        /* Build an inbound or outbound SA */
 
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        ip_subnet src, dst;
        ip_subnet src_client, dst_client;
        ipsec_spi_t inner_spi = 0;
@@ -2167,7 +2167,7 @@ static bool teardown_half_ipsec_sa(struct state *st, bool inbound)
         * so deleting any one will do.  So we just delete the
         * first one found.  It may or may not be the only one.
         */
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        struct {
                unsigned proto;
                struct ipsec_proto_info *info;
@@ -2259,7 +2259,7 @@ bool get_sa_info(struct state *st, bool inbound, u_int *bytes, time_t *use_time)
 {
        char text_said[SATOT_BUF];
        struct kernel_sa sa;
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
 
        *use_time = UNDEFINED_TIME;
 
@@ -2385,7 +2385,7 @@ void init_kernel(void)
  */
 bool install_inbound_ipsec_sa(struct state *st)
 {
-       struct connection *const c = st->st_connection;
+       connection_t *const c = st->st_connection;
 
        /* If our peer has a fixed-address client, check if we already
         * have a route for that client that conflicts.  We will take this
@@ -2399,7 +2399,7 @@ bool install_inbound_ipsec_sa(struct state *st)
                for (;;)
                {
                        struct spd_route *esr;
-                       struct connection *o = route_owner(c, &esr, NULL, NULL);
+                       connection_t *o = route_owner(c, &esr, NULL, NULL);
 
                        if (o == NULL)
                        {
@@ -2449,20 +2449,20 @@ bool install_inbound_ipsec_sa(struct state *st)
  * Any SA Group must have already been created.
  * On failure, steps will be unwound.
  */
-bool route_and_eroute(struct connection *c USED_BY_KLIPS,
+bool route_and_eroute(connection_t *c USED_BY_KLIPS,
                                          struct spd_route *sr USED_BY_KLIPS,
                                          struct state *st USED_BY_KLIPS)
 {
 #ifdef KLIPS
        struct spd_route *esr;
        struct spd_route *rosr;
-       struct connection *ero      /* who, if anyone, owns our eroute? */
+       connection_t *ero      /* who, if anyone, owns our eroute? */
                , *ro = route_owner(c, &rosr, &ero, &esr);
        bool eroute_installed = FALSE
                , firewall_notified = FALSE
                , route_installed = FALSE;
 
-       struct connection *ero_top;
+       connection_t *ero_top;
        struct bare_shunt **bspp;
 
        DBG(DBG_CONTROLMORE,
@@ -2623,7 +2623,7 @@ bool route_and_eroute(struct connection *c USED_BY_KLIPS,
                else if (ero != NULL && ero != c)
                {
                        /* check if ero is an ancestor of c. */
-                       struct connection *ero2;
+                       connection_t *ero2;
 
                        for (ero2 = c; ero2 != NULL && ero2 != c; ero2 = ero2->policy_next)
                                ;
@@ -2823,7 +2823,7 @@ void delete_ipsec_sa(struct state *st USED_BY_KLIPS,
                /* If the state is the eroute owner, we must adjust
                 * the routing for the connection.
                 */
-               struct connection *c = st->st_connection;
+               connection_t *c = st->st_connection;
                struct spd_route *sr;
 
                passert(st->st_connection);
@@ -2872,7 +2872,7 @@ void delete_ipsec_sa(struct state *st USED_BY_KLIPS,
 #ifdef KLIPS
 static bool update_nat_t_ipsec_esp_sa (struct state *st, bool inbound)
 {
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        char text_said[SATOT_BUF];
        struct kernel_sa sa;
        ip_address
index 35e3eab..a2bb51c 100644 (file)
@@ -493,7 +493,7 @@ void kernel_alg_list(void)
        whack_log(RC_COMMENT, "  integrity: %s", buf);
 }
 
-void kernel_alg_show_connection(struct connection *c, const char *instance)
+void kernel_alg_show_connection(connection_t *c, const char *instance)
 {
        struct state *st = state_with_serialno(c->newest_ipsec_sa);
 
index d1ea88f..af494c6 100644 (file)
@@ -97,7 +97,7 @@ secret_t *secrets = NULL;
  * me and the peer.  We match the Id (if none, the IP address).
  * Failure is indicated by a NULL.
  */
-static const secret_t* get_secret(const struct connection *c,
+static const secret_t* get_secret(const connection_t *c,
                                                                  enum PrivateKeyKind kind, bool asym)
 {
        enum {      /* bits */
@@ -247,7 +247,7 @@ static const secret_t* get_secret(const struct connection *c,
  * Failure is indicated by a NULL pointer.
  * Note: the result is not to be freed by the caller.
  */
-const chunk_t* get_preshared_secret(const struct connection *c)
+const chunk_t* get_preshared_secret(const connection_t *c)
 {
        const secret_t *s = get_secret(c, PPK_PSK, FALSE);
 
@@ -308,7 +308,7 @@ private_key_t* get_x509_private_key(const x509cert_t *cert)
 /* find the appropriate private key (see get_secret).
  * Failure is indicated by a NULL pointer.
  */
-private_key_t* get_private_key(const struct connection *c)
+private_key_t* get_private_key(const connection_t *c)
 {
        const secret_t *s = get_secret(c, PPK_PUBKEY, TRUE);
 
index 1a211c2..2b813a8 100644 (file)
@@ -43,7 +43,7 @@
 #include "timer.h"
 
 /* close one per-peer log */
-static void perpeer_logclose(struct connection *c);     /* forward */
+static void perpeer_logclose(connection_t *c);     /* forward */
 
 
 bool
@@ -77,7 +77,7 @@ static TAILQ_HEAD(perpeer, connection) perpeer_list;
  */
 int whack_log_fd = NULL_FD;     /* only set during whack_handle() */
 struct state *cur_state = NULL; /* current state, for diagnostics */
-struct connection *cur_connection = NULL;       /* current connection, for diagnostics */
+connection_t *cur_connection = NULL;       /* current connection, for diagnostics */
 const ip_address *cur_from = NULL;      /* source of current current message */
 u_int16_t cur_from_port;        /* host order */
 
@@ -245,7 +245,7 @@ fmt_log(char *buf, size_t buf_len, const char *fmt, va_list ap)
 {
        bool reproc = *fmt == '~';
        size_t ps;
-       struct connection *c = cur_state != NULL ? cur_state->st_connection
+       connection_t *c = cur_state != NULL ? cur_state->st_connection
                : cur_connection;
 
        buf[0] = '\0';
@@ -293,7 +293,7 @@ fmt_log(char *buf, size_t buf_len, const char *fmt, va_list ap)
 }
 
 static void
-perpeer_logclose(struct connection *c)
+perpeer_logclose(connection_t *c)
 {
        /* only free/close things if we had used them! */
        if (c->log_file != NULL)
@@ -308,7 +308,7 @@ perpeer_logclose(struct connection *c)
 }
 
 void
-perpeer_logfree(struct connection *c)
+perpeer_logfree(connection_t *c)
 {
        perpeer_logclose(c);
        if (c->log_file_name != NULL)
@@ -321,7 +321,7 @@ perpeer_logfree(struct connection *c)
 
 /* open the per-peer log */
 static void
-open_peerlog(struct connection *c)
+open_peerlog(connection_t *c)
 {
        syslog(LOG_INFO, "opening log file for conn %s", c->name);
 
@@ -725,7 +725,7 @@ lset_t
        cur_debugging =  DBG_NONE;
 
 void
-extra_debugging(const struct connection *c)
+extra_debugging(const connection_t *c)
 {
        if(c == NULL)
        {
index c1092f4..1000aa2 100644 (file)
@@ -117,7 +117,7 @@ init_internal_addr(internal_addr_t *ia)
  * get internal IP address for a connection
  */
 static void
-get_internal_addr(struct connection *c, internal_addr_t *ia)
+get_internal_addr(connection_t *c, internal_addr_t *ia)
 {
        int i, dns_idx = 0, nbns_idx = 0;
 
@@ -203,7 +203,7 @@ get_internal_addr(struct connection *c, internal_addr_t *ia)
  * Set srcip and client subnet to internal IP address
  */
 static bool
-set_internal_addr(struct connection *c, internal_addr_t *ia)
+set_internal_addr(connection_t *c, internal_addr_t *ia)
 {
        if (ia->attr_set & LELEM(INTERNAL_IP4_ADDRESS)
        && !isanyaddr(&ia->ipaddr))
index ac35b01..feedf2a 100644 (file)
@@ -600,7 +600,7 @@ static void nat_traversal_send_ka (struct state *st)
 static void nat_traversal_ka_event_state (struct state *st, void *data)
 {
        unsigned int *_kap_st = (unsigned int *)data;
-       const struct connection *c = st->st_connection;
+       const connection_t *c = st->st_connection;
 
        if (!c)
                return;
@@ -658,7 +658,7 @@ struct _new_mapp_nfo {
 
 static void nat_traversal_find_new_mapp_state (struct state *st, void *data)
 {
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        struct _new_mapp_nfo *nfo = (struct _new_mapp_nfo *)data;
 
        if (c != NULL
@@ -720,7 +720,7 @@ static int nat_traversal_new_mapping(const ip_address *src, u_int16_t sport,
 
 void nat_traversal_change_port_lookup(struct msg_digest *md, struct state *st)
 {
-       struct connection *c = st ? st->st_connection : NULL;
+       connection_t *c = st ? st->st_connection : NULL;
        struct iface *i = NULL;
 
        if ((st == NULL) || (c == NULL))
@@ -804,7 +804,7 @@ struct _new_klips_mapp_nfo {
 
 static void nat_t_new_klips_mapp (struct state *st, void *data)
 {
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        struct _new_klips_mapp_nfo *nfo = (struct _new_klips_mapp_nfo *)data;
 
        if (c != NULL && st->st_esp.present
index 818b84e..ef984f6 100644 (file)
@@ -372,7 +372,7 @@ whack_handle(int whackctlfd)
                }
                else if (!msg.whack_connection)
                {
-                       struct connection *c = con_by_name(msg.name, TRUE);
+                       connection_t *c = con_by_name(msg.name, TRUE);
 
                        if (c != NULL)
                        {
@@ -562,7 +562,7 @@ whack_handle(int whackctlfd)
                }
                else
                {
-                       struct connection *c = con_by_name(msg.name, TRUE);
+                       connection_t *c = con_by_name(msg.name, TRUE);
 
                        if (c != NULL && c->ikev1)
                        {
@@ -588,7 +588,7 @@ whack_handle(int whackctlfd)
                }
                else
                {
-                       struct connection *c = con_by_name(msg.name, TRUE);
+                       connection_t *c = con_by_name(msg.name, TRUE);
 
                        if (c != NULL && c->ikev1)
                        {
index 975e79f..e6756d8 100644 (file)
@@ -831,7 +831,7 @@ notification_t parse_isakmp_policy(pb_stream *proposal_pbs, u_int notrans,
 static err_t find_preshared_key(struct state* st)
 {
        err_t ugh = NULL;
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
 
        if (get_preshared_secret(c) == NULL)
        {
@@ -868,7 +868,7 @@ notification_t parse_isakmp_sa_body(u_int32_t ipsecdoisit,
                                                                        struct state *st,
                                                                        bool initiator)
 {
-       struct connection *c = st->st_connection;
+       connection_t *c = st->st_connection;
        unsigned no_trans_left;
 
        /* for each transform payload... */
@@ -1712,7 +1712,7 @@ parse_ipsec_sa_body(
        bool selection,             /* if this SA is a selection, only one transform may appear */
        struct state *st)           /* current state object */
 {
-       const struct connection *c = st->st_connection;
+       const connection_t *c = st->st_connection;
        u_int32_t ipsecdoisit;
        pb_stream next_proposal_pbs;
 
index 9c6f492..29d78fb 100644 (file)
@@ -277,7 +277,7 @@ void release_whack(struct state *st)
  */
 void delete_state(struct state *st)
 {
-       struct connection *const c = st->st_connection;
+       connection_t *const c = st->st_connection;
        struct state *old_cur_state = cur_state == st? NULL : cur_state;
 
        set_cur_state(st);
@@ -371,7 +371,7 @@ void delete_state(struct state *st)
 /**
  * Is a connection in use by some state?
  */
-bool states_use_connection(struct connection *c)
+bool states_use_connection(connection_t *c)
 {
        /* are there any states still using it? */
        struct state *st = NULL;
@@ -390,7 +390,7 @@ bool states_use_connection(struct connection *c)
  * if relations == TRUE, then also delete states that share
  * the same phase 1 SA.
  */
-void delete_states_by_connection(struct connection *c, bool relations)
+void delete_states_by_connection(connection_t *c, bool relations)
 {
        int pass;
        /* this kludge avoids an n^2 algorithm */
@@ -480,7 +480,7 @@ void delete_states_by_peer(ip_address *peer)
                {
                        struct state *this = st;
                        struct spd_route *sr;
-                       struct connection *c = this->st_connection;
+                       connection_t *c = this->st_connection;
 
                        st = st->st_hashchain_next; /* before this is deleted */
 
@@ -646,7 +646,7 @@ struct state *find_phase2_state_to_delete(const struct state *p1st,
 /**
  * Find newest Phase 1 negotiation state object for suitable for connection c
  */
-struct state *find_phase1_state(const struct connection *c, lset_t ok_states)
+struct state *find_phase1_state(const connection_t *c, lset_t ok_states)
 {
        struct state
                *st,
@@ -674,7 +674,7 @@ void state_eroute_usage(ip_subnet *ours, ip_subnet *his, unsigned long count,
        {
                for (st = statetable[i]; st != NULL; st = st->st_hashchain_next)
                {
-                       struct connection *c = st->st_connection;
+                       connection_t *c = st->st_connection;
 
                        /* XXX spd-enum */
                        if (IS_IPSEC_SA_ESTABLISHED(st->st_state)
@@ -708,7 +708,7 @@ void fmt_state(bool all, struct state *st, time_t n, char *state_buf,
                           size_t state_buf_len, char *state_buf2, size_t state_buf2_len)
 {
        /* what the heck is interesting about a state? */
-       const struct connection *c = st->st_connection;
+       const connection_t *c = st->st_connection;
 
        long delta = st->st_event->ev_time >= n
                ? (long)(st->st_event->ev_time - n)
@@ -824,9 +824,9 @@ void fmt_state(bool all, struct state *st, time_t n, char *state_buf,
 static int state_compare(const void *a, const void *b)
 {
        const struct state *sap = *(const struct state *const *)a;
-       struct connection *ca = sap->st_connection;
+       connection_t *ca = sap->st_connection;
        const struct state *sbp = *(const struct state *const *)b;
-       struct connection *cb = sbp->st_connection;
+       connection_t *cb = sbp->st_connection;
 
        /* DBG_log("comparing %s to %s", ca->name, cb->name); */
 
index 1fbd929..74806a4 100644 (file)
@@ -166,7 +166,7 @@ void handle_timer_event(void)
        struct event *ev = evlist;
        int type;
        struct state *st;
-       struct connection *c = NULL;
+       connection_t *c = NULL;
        ip_address peer;
 
        if (ev == (struct event *) NULL)    /* Just paranoid */
index 84f24e9..3e8d5fc 100644 (file)
@@ -180,7 +180,7 @@ init_virtual_ip(const char *private_list)
  * ex: vhost:%no,%dhcp,%priv,%v4:192.168.1.0/24
  */
 struct virtual_t
-*create_virtual(const struct connection *c, const char *string)
+*create_virtual(const connection_t *c, const char *string)
 {
        unsigned short flags=0, n_net=0, i;
        const char *str = string, *next, *first_net=NULL;
@@ -267,14 +267,13 @@ is_virtual_end(const struct end *that)
 }
 
 bool
-is_virtual_connection(const struct connection *c)
+is_virtual_connection(const connection_t *c)
 {
        return ((c->spd.that.virt)?TRUE:FALSE);
 }
 
-static bool
-net_in_list(const ip_subnet *peer_net, const ip_subnet *list,
-       unsigned short len)
+static bool net_in_list(const ip_subnet *peer_net, const ip_subnet *list,
+                                               unsigned short len)
 {
        unsigned short i;
 
@@ -289,9 +288,8 @@ net_in_list(const ip_subnet *peer_net, const ip_subnet *list,
        return FALSE;
 }
 
-bool
-is_virtual_net_allowed(const struct connection *c, const ip_subnet *peer_net,
-               const ip_address *his_addr)
+bool is_virtual_net_allowed(const connection_t *c, const ip_subnet *peer_net,
+                                                       const ip_address *his_addr)
 {
        if (c->spd.that.virt == NULL)
                return FALSE;