- rewrite of logger_manager, uses now one instance per context
authorMartin Willi <martin@strongswan.org>
Thu, 23 Mar 2006 15:25:43 +0000 (15:25 -0000)
committerMartin Willi <martin@strongswan.org>
Thu, 23 Mar 2006 15:25:43 +0000 (15:25 -0000)
- cleanups for logger here and there
- removed critical flag check in payload verification (conformance to IKEv2)
- so thats and theres everywere... ;-)

59 files changed:
Source/charon/config/connection.c
Source/charon/config/proposal.c
Source/charon/config/proposal.h
Source/charon/daemon.c
Source/charon/doc/Architecture.txt
Source/charon/encoding/generator.c
Source/charon/encoding/message.c
Source/charon/encoding/parser.c
Source/charon/encoding/payloads/auth_payload.c
Source/charon/encoding/payloads/cert_payload.c
Source/charon/encoding/payloads/certreq_payload.c
Source/charon/encoding/payloads/cp_payload.c
Source/charon/encoding/payloads/delete_payload.c
Source/charon/encoding/payloads/eap_payload.c
Source/charon/encoding/payloads/encryption_payload.c
Source/charon/encoding/payloads/id_payload.c
Source/charon/encoding/payloads/ke_payload.c
Source/charon/encoding/payloads/nonce_payload.c
Source/charon/encoding/payloads/notify_payload.c
Source/charon/encoding/payloads/notify_payload.h
Source/charon/encoding/payloads/proposal_substructure.c
Source/charon/encoding/payloads/sa_payload.c
Source/charon/encoding/payloads/sa_payload.h
Source/charon/encoding/payloads/ts_payload.c
Source/charon/encoding/payloads/vendor_id_payload.c
Source/charon/network/host.c
Source/charon/network/host.h
Source/charon/network/socket.c
Source/charon/network/socket.h
Source/charon/sa/authenticator.c
Source/charon/sa/child_sa.c
Source/charon/sa/ike_sa.c
Source/charon/sa/ike_sa_manager.c
Source/charon/sa/states/ike_auth_requested.c
Source/charon/sa/states/ike_sa_established.c
Source/charon/sa/states/ike_sa_init_requested.c
Source/charon/sa/states/ike_sa_init_responded.c
Source/charon/sa/states/responder_init.c
Source/charon/stroke.c
Source/charon/testcases/aes_cbc_crypter_test.c
Source/charon/testcases/diffie_hellman_test.c
Source/charon/testcases/encryption_payload_test.c
Source/charon/testcases/generator_test.c
Source/charon/testcases/hmac_signer_test.c
Source/charon/testcases/policy_test.c
Source/charon/testcases/rsa_test.c
Source/charon/testcases/testcases.c
Source/charon/threads/kernel_interface.c
Source/charon/threads/receiver.c
Source/charon/threads/scheduler.c
Source/charon/threads/sender.c
Source/charon/threads/stroke.c
Source/charon/threads/thread_pool.c
Source/charon/transforms/diffie_hellman.h
Source/charon/transforms/rsa/rsa_private_key.c
Source/charon/utils/logger.c
Source/charon/utils/logger.h
Source/charon/utils/logger_manager.c
Source/charon/utils/logger_manager.h

index e0b29ac..24f16a0 100644 (file)
@@ -205,7 +205,7 @@ static diffie_hellman_group_t get_dh_group(private_connection_t *this)
        while (iterator->has_next(iterator))
        {
                iterator->current(iterator, (void**)&proposal);
-               proposal->get_algorithm(proposal, IKE, DIFFIE_HELLMAN_GROUP, &algo);
+               proposal->get_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, &algo);
                if (algo)
                {
                        iterator->destroy(iterator);
@@ -229,7 +229,7 @@ static bool check_dh_group(private_connection_t *this, diffie_hellman_group_t dh
        while (prop_iter->has_next(prop_iter))
        {
                prop_iter->current(prop_iter, (void**)&proposal);
-               alg_iter = proposal->create_algorithm_iterator(proposal, IKE, DIFFIE_HELLMAN_GROUP);
+               alg_iter = proposal->create_algorithm_iterator(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP);
                while (alg_iter->has_next(alg_iter))
                {
                        alg_iter->current(alg_iter, (void**)&algo);
index e5a8a64..760d580 100644 (file)
  * String mappings for protocol_id_t.
  */
 mapping_t protocol_id_m[] = {
-       {UNDEFINED_PROTOCOL_ID, "UNDEFINED_PROTOCOL_ID"},
-       {IKE, "IKE"},
-       {AH, "AH"},
-       {ESP, "ESP"},
+       {PROTO_NONE, "PROTO_NONE"},
+       {PROTO_IKE, "PROTO_IKE"},
+       {PROTO_AH, "PROTO_AH"},
+       {PROTO_ESP, "PROTO_ESP"},
        {MAPPING_END, NULL}
 };
 
@@ -159,7 +159,7 @@ static protocol_proposal_t *get_protocol_proposal(private_proposal_t *this, prot
                proto_proposal->prf_algos = linked_list_create();
                proto_proposal->dh_groups = linked_list_create();
                proto_proposal->esns = linked_list_create();
-               if (proto == IKE)
+               if (proto == PROTO_IKE)
                {
                        proto_proposal->spi.len = 8;
                }
@@ -446,15 +446,15 @@ static proposal_t *select_proposal(private_proposal_t *this, private_proposal_t
        iterator->destroy(iterator);
        
        /* apply spis from "other" */
-       spi = other->public.get_spi(&(other->public), AH);
+       spi = other->public.get_spi(&(other->public), PROTO_AH);
        if (spi)
        {
-               selected->set_spi(selected, AH, spi);
+               selected->set_spi(selected, PROTO_AH, spi);
        }
-       spi = other->public.get_spi(&(other->public), ESP);
+       spi = other->public.get_spi(&(other->public), PROTO_ESP);
        if (spi)
        {
-               selected->set_spi(selected, ESP, spi);
+               selected->set_spi(selected, PROTO_ESP, spi);
        }
        
        /* everything matched, return new proposal */
@@ -477,8 +477,8 @@ static void get_protocols(private_proposal_t *this, protocol_id_t ids[2])
        iterator_t *iterator = this->protocol_proposals->create_iterator(this->protocol_proposals, TRUE);
        u_int i = 0;
        
-       ids[0] = UNDEFINED_PROTOCOL_ID;
-       ids[1] = UNDEFINED_PROTOCOL_ID;
+       ids[0] = PROTO_NONE;
+       ids[1] = PROTO_NONE;
        while (iterator->has_next(iterator))
        {
                protocol_proposal_t *proto_prop;
@@ -501,7 +501,7 @@ static void set_spi(private_proposal_t *this, protocol_id_t proto, u_int64_t spi
        protocol_proposal_t *proto_proposal = get_protocol_proposal(this, proto, FALSE);
        if (proto_proposal)
        {
-               if (proto == AH || proto == ESP)
+               if (proto == PROTO_AH || proto == PROTO_ESP)
                {
                        *((u_int32_t*)proto_proposal->spi.ptr) = (u_int32_t)spi;
                }
@@ -520,7 +520,7 @@ static u_int64_t get_spi(private_proposal_t *this, protocol_id_t proto)
        protocol_proposal_t *proto_proposal = get_protocol_proposal(this, proto, FALSE);
        if (proto_proposal)
        {
-               if (proto == AH || proto == ESP)
+               if (proto == PROTO_AH || proto == PROTO_ESP)
                {
                        return (u_int64_t)*((u_int32_t*)proto_proposal->spi.ptr);
                }
index e2a4856..9c75406 100644 (file)
@@ -41,10 +41,10 @@ typedef enum protocol_id_t protocol_id_t;
  * @ingroup config
  */
 enum protocol_id_t {
-       UNDEFINED_PROTOCOL_ID = 201,
-       IKE = 1,
-       AH = 2,
-       ESP = 3,
+       PROTO_NONE = 0,
+       PROTO_IKE = 1,
+       PROTO_AH = 2,
+       PROTO_ESP = 3,
 };
 
 /** 
index 6455dc2..1bc8057 100644 (file)
@@ -262,7 +262,7 @@ private_daemon_t *daemon_create()
        
        /* first build a logger */
        this->public.logger_manager = logger_manager_create(DEFAULT_LOGLEVEL);
-       this->logger = (this->public.logger_manager)->create_logger(this->public.logger_manager, DAEMON, NULL);
+       this->logger = (this->public.logger_manager)->get_logger(this->public.logger_manager, DAEMON);
        
        /* NULL members for clean destruction */
        this->public.socket = NULL;
index 360f83f..fb7c28a 100644 (file)
@@ -51,6 +51,9 @@ Therefore plutos behavior is changed to discard any IKEv2 traffic silently.
  IKEv2 keying daemon: charon
 =============================
 
+ Threading modell
+------------------
+
 All IKEv2 stuff is handled in charon. It uses a newer and more flexible
 architecture than pluto. Charon uses a thread-pool, which allows parallel
 execution SA-management. Beside the thread-pool, there are some special purpose
@@ -60,14 +63,14 @@ threads which do their job for the common health of the daemon.
                        ¦ E  Q ¦
                        ¦ v  u ¦---+                   +------+  +------+
                        ¦ e  e ¦   ¦                   ¦      ¦  ¦ IKE- ¦
-                       ¦ n  u ¦  +----------        ¦      ¦--¦ SA   ¦
-                       ¦ t  e ¦  ¦          ¦         ¦ I  M ¦  +------+
-     +------------+    ¦ -    ¦  ¦ Sceduler ¦         ¦ K  A ¦
-     ¦  receiver  ¦    +------+  ¦          ¦         ¦ E  N ¦  +------+
-     +----+-------+              +----------+         ¦ -  A ¦  ¦ IKE- ¦
-          ¦      ¦     +------+   ¦                   ¦ S  G ¦--¦ SA   ¦
-  +-------+--+   +-----¦ J  Q ¦---+  +------------+   ¦ A  E ¦  +------+
- -¦  socket  ¦         ¦ o  u ¦      ¦            ¦   ¦ -  R ¦
+                       ¦ n  u ¦  +-----------+        ¦      ¦--¦ SA   ¦
+                       ¦ t  e ¦  ¦           ¦        ¦ I  M ¦  +------+
+     +------------+    ¦ -    ¦  ¦ Scheduler ¦        ¦ K  a ¦
+     ¦  receiver  ¦    +------+  ¦           ¦        ¦ E  n ¦  +------+
+     +----+-------+              +-----------+        ¦ -  a ¦  ¦ IKE- ¦
+          ¦      ¦     +------+   ¦                   ¦ S  g ¦--¦ SA   ¦
+  +-------+--+   +-----¦ J  Q ¦---+  +------------+   ¦ A  e ¦  +------+
+ -¦  socket  ¦         ¦ o  u ¦      ¦            ¦   ¦ -  r ¦
   +-------+--+         ¦ b  e ¦      ¦   Thread-  ¦   ¦      ¦
           ¦            ¦ -  u ¦      ¦   Pool     ¦   ¦      ¦
      +----+-------+    ¦    e ¦------¦            ¦---¦      ¦
@@ -77,18 +80,16 @@ threads which do their job for the common health of the daemon.
           ¦            ¦ S  Q ¦
           ¦            ¦ e  u ¦
           ¦            ¦ n  e ¦
-          ¦            ¦ d  u ¦
-          ¦            ¦ -  e ¦
-          ¦            +--+---+
-          ¦               ¦
-          +---------------+
+          +------------¦ d  u ¦
+                       ¦ -  e ¦
+                       +--+---+
 
 The thread-pool is the heart of the architecture. It processes jobs from a
 (fully synchronized) job-queue. Mostly, a job is associated with a specific
 IKE SA. These IKE SAs are synchronized, only one thread can work one an IKE SA.
 This makes it unnecesary to use further synchronisation methods once a IKE SA
 is checked out. The (rather complex) synchronization of IKE SAs is completely
-don in the IKE SA manager.
+done in the IKE SA manager.
 The sceduler is responsible for event firing. It waits until a event in the
 (fully synchronized) event-queue is ready for processing and pushes the event
 down to the job-queue. A thread form the pool will pick it up as quick as
@@ -101,6 +102,11 @@ There are even more threads, not drawn in the upper scheme. The stroke thread
 is responsible for reading and processessing commands from another process. The
 kernel interface thread handles communication from and to the kernel via a
 netlink socket. It waits for kernel events and processes them appropriately.
+
+
+ configuration backends
+------------------------
+
 The configuration architecture for charon is complex, but is flexible and
 extensible. All configuration stuff is split up in multiple parts:
 
@@ -110,13 +116,13 @@ policy          Defines the rules to apply ontop of a connection. A policy is
                 defined between two IDs. Proposals and traffic selectors allow
                 fine grained configuration of the CHILD SAs (AH and ESP) to set
                 up.
-credential      A credential something used for authentication, such as a
+credential      A credential is something used for authentication, such as a
                 preshared key, a RSA private or public key, certificate, ...
 configuration   The configuration itself handles daemon related configuration
                 stuff, such as interface binding or logging settings.
 
 These configuration types are defined as interfaces, and are currently
-implemented only in the stroke class. Through the modular design, parts can be
+implemented only in the stroke class. Through the modular design, parts could be
 replaced with more powerful backends, such as a RADIUS server for the
 credentials, a SQL database for the connections, policy definitions on an LDAP
-server, and so on...
\ No newline at end of file
+server, and so on...
index 7b65223..0d7394a 100644 (file)
@@ -1029,7 +1029,6 @@ static void generate_payload (private_generator_t *this,payload_t *payload)
 static status_t destroy(private_generator_t *this)
 {
        allocator_free(this->buffer);
-       charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
        allocator_free(this);
        return SUCCESS;
 }
@@ -1073,7 +1072,7 @@ generator_t *generator_create()
        this->current_bit = 0;
        this->last_payload_length_position_offset = 0;
        this->header_length_position_offset = 0;
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager,GENERATOR,NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, GENERATOR);
 
        return &(this->public);
 }
index b79020a..360e44a 100644 (file)
@@ -746,7 +746,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
                
        current_payload_type = this->first_payload;     
                
-       this->logger->log(this->logger, CONTROL|LEVEL1, "Parsing body of message, first payload %s",
+       this->logger->log(this->logger, CONTROL|LEVEL1, "Parsing body of message, first payload is %s",
                                          mapping_find(payload_type_m, current_payload_type));
 
        /* parse payload for payload, while there are more available */
@@ -754,7 +754,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
        {
                payload_t *current_payload;
                
-               this->logger->log(this->logger, CONTROL|LEVEL2, "Start parsing payload of type %s", 
+               this->logger->log(this->logger, CONTROL|LEVEL2, "Start parsing a %s payload", 
                                                        mapping_find(payload_type_m, current_payload_type));
                
                /* parse current payload */
@@ -774,21 +774,21 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
                status = current_payload->verify(current_payload);
                if (status != SUCCESS)
                {
-                       this->logger->log(this->logger, ERROR, "Payload type %s verification failed",
+                       this->logger->log(this->logger, ERROR, "%s payload verification failed",
                                                                mapping_find(payload_type_m,current_payload_type));
                        current_payload->destroy(current_payload);
                        status = VERIFY_ERROR;
                        return status;
                }
                
-               this->logger->log(this->logger, CONTROL|LEVEL2, "Payload verified. Adding to payload list", 
+               this->logger->log(this->logger, CONTROL|LEVEL2, "%s payload verified. Adding to payload list", 
                                                        mapping_find(payload_type_m, current_payload_type));
                this->payloads->insert_last(this->payloads,current_payload);
                
                /* an encryption payload is the last one, so STOP here. decryption is done later */
                if (current_payload_type == ENCRYPTED)
                {
-                       this->logger->log(this->logger, CONTROL|LEVEL2, "Payload of type encrypted found. Stop parsing", 
+                       this->logger->log(this->logger, CONTROL|LEVEL2, "%s payload found. Stop parsing", 
                                                                mapping_find(payload_type_m, current_payload_type));                    
                        break;  
                }
@@ -1153,7 +1153,6 @@ static void destroy (private_message_t *this)
        iterator->destroy(iterator);
        this->payloads->destroy(this->payloads);
        this->parser->destroy(this->parser);
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
        
        allocator_free(this);
 }
@@ -1218,7 +1217,7 @@ message_t *message_create_from_packet(packet_t *packet)
        /* parser is created from data of packet */
        this->parser = parser_create(this->packet->get_data(this->packet));
                
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, MESSAGE, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, MESSAGE);
 
        return (&this->public);
 }
@@ -1246,7 +1245,7 @@ message_t *message_create_notify_reply(host_t *source, host_t *destination, exch
        message->set_message_id(message,0);
        message->set_ike_sa_id(message, ike_sa_id);
        
-       payload = notify_payload_create_from_protocol_and_type(IKE,notify_type);
+       payload = notify_payload_create_from_protocol_and_type(PROTO_IKE, notify_type);
        message->add_payload(message,(payload_t *) payload);
        
        return message;
index f161391..769a815 100644 (file)
@@ -1027,7 +1027,6 @@ static void reset_context (private_parser_t *this)
  */
 static void destroy(private_parser_t *this)
 {
-       charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
        allocator_free(this);   
 }
 
@@ -1038,7 +1037,7 @@ parser_t *parser_create(chunk_t data)
 {
        private_parser_t *this = allocator_alloc_thing(private_parser_t);
        
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, PARSER, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, PARSER);
        
        this->public.parse_payload = (status_t(*)(parser_t*,payload_type_t,payload_t**)) parse_payload;
        this->public.reset_context = (void(*)(parser_t*)) reset_context;
index 73e5abd..8adb6fd 100644 (file)
@@ -116,11 +116,6 @@ encoding_rule_t auth_payload_encodings[] = {
  */
 static status_t verify(private_auth_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if ((this->auth_method == 0) ||
                ((this->auth_method >= 4) && (this->auth_method <= 200)))
        {
index 10256cf..a361f13 100644 (file)
@@ -129,11 +129,6 @@ encoding_rule_t cert_payload_encodings[] = {
  */
 static status_t verify(private_cert_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if ((this->cert_encoding == 0) ||
                ((this->cert_encoding >= 14) && (this->cert_encoding <= 200)))
        {
index 8058ff0..b7372a7 100644 (file)
@@ -109,11 +109,6 @@ encoding_rule_t certreq_payload_encodings[] = {
  */
 static status_t verify(private_certreq_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if ((this->cert_encoding == 0) ||
                ((this->cert_encoding >= 14) && (this->cert_encoding <= 200)))
        {
index cca06d1..e9d8af7 100644 (file)
@@ -139,12 +139,6 @@ static status_t verify(private_cp_payload_t *this)
 {
        status_t status = SUCCESS;
        iterator_t *iterator;
-       
-       if (this->critical)
-       {
-               /* critical bit set! */
-               return FAILED;
-       }
 
        iterator = this->attributes->create_iterator(this->attributes,TRUE);
        
index 21f064e..59d8779 100644 (file)
@@ -121,11 +121,6 @@ encoding_rule_t delete_payload_encodings[] = {
  */
 static status_t verify(private_delete_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if ((this->protocol_id == 0) ||
                (this->protocol_id > 3))
        {
@@ -136,7 +131,7 @@ static status_t verify(private_delete_payload_t *this)
        {
                return FAILED;
        }
-       if ((this->protocol_id == IKE) && (this->spis.len != 0))
+       if ((this->protocol_id == PROTO_IKE) && (this->spis.len != 0))
        {
                /* IKE deletion has no spi assigned! */
                return FAILED;
@@ -318,7 +313,7 @@ delete_payload_t *delete_payload_create()
        this->critical = FALSE;
        this->next_payload = NO_PAYLOAD;
        this->payload_length =DELETE_PAYLOAD_HEADER_LENGTH;
-       this->protocol_id = UNDEFINED_PROTOCOL_ID;
+       this->protocol_id = PROTO_NONE;
        this->spi_size = 0;
        this->spi_count = 0;
        this->spis = CHUNK_INITIALIZER;
index f6f8426..2bd8d5e 100644 (file)
@@ -101,11 +101,6 @@ encoding_rule_t eap_payload_encodings[] = {
  */
 static status_t verify(private_eap_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        return SUCCESS;
 }
 
index e642bb3..da48c83 100644 (file)
@@ -638,7 +638,6 @@ static void destroy(private_encryption_payload_t *this)
                current_payload->destroy(current_payload);
        }
        this->payloads->destroy(this->payloads);
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
        allocator_free(this->encrypted.ptr);
        allocator_free(this->decrypted.ptr);
        allocator_free(this);
@@ -677,10 +676,10 @@ encryption_payload_t *encryption_payload_create()
        this->compute_length = compute_length;
        this->generate = generate;
        this->parse = parse;
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, ENCRYPTION_PAYLOAD, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, ENCRYPTION_PAYLOAD);
        
        /* set default values of the fields */
-       this->critical = TRUE;
+       this->critical = FALSE;
        this->next_payload = NO_PAYLOAD;
        this->payload_length = ENCRYPTION_PAYLOAD_HEADER_LENGTH;
        this->encrypted = CHUNK_INITIALIZER;
index c720c71..df37a06 100644 (file)
@@ -119,11 +119,6 @@ encoding_rule_t id_payload_encodings[] = {
  */
 static status_t verify(private_id_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if ((this->id_type == 0) ||
                (this->id_type == 4) ||
                ((this->id_type >= 6) && (this->id_type <= 8)) ||
index f1ba922..5cbf99b 100644 (file)
@@ -123,12 +123,6 @@ encoding_rule_t ke_payload_encodings[] = {
  */
 static status_t verify(private_ke_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
-       
        /* dh group is not verified in here */
        return SUCCESS;
 }
index 63f1add..aa71f8b 100644 (file)
@@ -111,11 +111,6 @@ encoding_rule_t nonce_payload_encodings[] = {
  */
 static status_t verify(private_nonce_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if ((this->nonce.len < 16) || ((this->nonce.len > 256)))
        {
                /* nonce length is wrong */
index ee4b44e..b26f89b 100644 (file)
@@ -25,6 +25,7 @@
 
 #include "notify_payload.h"
 
+#include <daemon.h>
 #include <encoding/payloads/encodings.h>
 #include <utils/allocator.h>
 
@@ -105,6 +106,11 @@ struct private_notify_payload_t {
        chunk_t notification_data;
        
        /**
+        * Assigned logger
+        */
+       logger_t *logger;
+       
+       /**
         * @brief Computes the length of this payload.
         *
         * @param this  calling private_ke_payload_t object
@@ -169,11 +175,6 @@ encoding_rule_t notify_payload_encodings[] = {
  */
 static status_t verify(private_notify_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if (this->protocol_id > 3)
        {
                /* reserved for future use */
@@ -191,9 +192,20 @@ static status_t verify(private_notify_payload_t *this)
                        return FAILED;
                }
                dh_group = ntohs(*((u_int16_t*)this->notification_data.ptr));
-               if (dh_group < MODP_1024_BIT || dh_group > MODP_8192_BIT)
+               switch (dh_group)
                {
-                       return FAILED;
+                       case MODP_768_BIT:
+                       case MODP_1024_BIT:
+                       case MODP_1536_BIT:
+                       case MODP_2048_BIT:
+                       case MODP_3072_BIT:
+                       case MODP_4096_BIT:
+                       case MODP_6144_BIT:
+                       case MODP_8192_BIT:
+                               break;
+                       default:
+                               this->logger->log(this->logger, ERROR, "Bad DH group (%d)", dh_group);
+                               return FAILED;
                }
        }
        return SUCCESS;
@@ -402,7 +414,7 @@ notify_payload_t *notify_payload_create()
        this->compute_length = compute_length;
        
        /* set default values of the fields */
-       this->critical = NOTIFY_PAYLOAD_CRITICAL_FLAG;
+       this->critical = FALSE;
        this->next_payload = NO_PAYLOAD;
        this->payload_length = NOTIFY_PAYLOAD_HEADER_LENGTH;
        this->protocol_id = 0;
@@ -412,6 +424,7 @@ notify_payload_t *notify_payload_create()
        this->spi_size = 0;
        this->notification_data.ptr = NULL;
        this->notification_data.len = 0;
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, PAYLOAD);
 
        return (&(this->public));
 }
index 148a883..093f991 100644 (file)
 #include <utils/linked_list.h>
 
 /**
- * Critical flag must not be set.
- * 
- * @ingroup payloads
- */
-#define NOTIFY_PAYLOAD_CRITICAL_FLAG FALSE;
-
-/**
  * Notify payload length in bytes without any spi and notification data.
  * 
  * @ingroup payloads
index 922dde4..4ee2e91 100644 (file)
@@ -620,7 +620,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t *
        iterator->destroy(iterator);
        
        /* take over general infos */
-       this->spi_size = proto == IKE ? 8 : 4;
+       this->spi_size = proto == PROTO_IKE ? 8 : 4;
        this->spi.len = this->spi_size;
        this->spi.ptr = allocator_alloc(this->spi_size);
        *((u_int32_t*)this->spi.ptr) = proposal->get_spi(proposal, proto);
index 3a40d41..91049dd 100644 (file)
@@ -118,12 +118,6 @@ static status_t verify(private_sa_payload_t *this)
        status_t status = SUCCESS;
        iterator_t *iterator;
        bool first = TRUE;
-       
-       if (this->critical)
-       {
-               /* critical bit set! */
-               return FAILED;
-       }
 
        /* check proposal numbering */          
        iterator = this->proposals->create_iterator(this->proposals,TRUE);
@@ -269,7 +263,7 @@ static void add_proposal(private_sa_payload_t *this, proposal_t *proposal)
        proposal->get_protocols(proposal, proto);
        for (i = 0; i<2; i++)
        {
-               if (proto[i] != UNDEFINED_PROTOCOL_ID)
+               if (proto[i] != PROTO_NONE)
                {
                        substructure = proposal_substructure_create_from_proposal(proposal, proto[i]);
                        add_proposal_substructure(this, substructure);
@@ -356,7 +350,7 @@ sa_payload_t *sa_payload_create()
        this->compute_length = compute_length;
        
        /* set default values of the fields */
-       this->critical = SA_PAYLOAD_CRITICAL_FLAG;
+       this->critical = FALSE;
        this->next_payload = NO_PAYLOAD;
        this->payload_length = SA_PAYLOAD_HEADER_LENGTH;
 
index d7120ec..45095c0 100644 (file)
 #include <utils/linked_list.h>
 
 /**
- * Critical flag must not be set.
- * 
- * @ingroup payloads
- */
-#define SA_PAYLOAD_CRITICAL_FLAG FALSE;
-
-/**
  * SA_PAYLOAD length in bytes without any proposal substructure.
  * 
  * @ingroup payloads
index 4bc6ccb..33a0cda 100644 (file)
@@ -130,11 +130,6 @@ static status_t verify(private_ts_payload_t *this)
        iterator_t *iterator;
        status_t status = SUCCESS;
        
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
        if (this->number_of_traffic_selectors != (this->traffic_selectors->get_count(this->traffic_selectors)))
        {
                /* must be the same */
index b598f60..28f0760 100644 (file)
@@ -102,12 +102,6 @@ encoding_rule_t vendor_id_payload_encodings[] = {
  */
 static status_t verify(private_vendor_id_payload_t *this)
 {
-       if (this->critical)
-       {
-               /* critical bit is set! */
-               return FAILED;
-       }
-
        return SUCCESS;
 }
 
index 7d12088..245df8b 100644 (file)
@@ -208,11 +208,30 @@ static private_host_t *clone(private_host_t *this)
        return new;
 }
 
+/**
+ * Impelements host_t.ip_equals
+ */
+static bool ip_equals(private_host_t *this, private_host_t *other)
+{
+       switch (this->family)
+       {
+               /* IPv4 */
+               case AF_INET:
+               {
+                       if ((this->address4.sin_family == other->address4.sin_family) &&
+                               (this->address4.sin_addr.s_addr == other->address4.sin_addr.s_addr))
+                       {
+                               return TRUE;    
+                       }
+               }
+       }
+       return FALSE;
+}
 
 /**
  * Impelements host_t.equals
  */
-static bool ip_is_equal(private_host_t *this, private_host_t *other)
+static bool equals(private_host_t *this, private_host_t *other)
 {
        switch (this->family)
        {
@@ -220,7 +239,8 @@ static bool ip_is_equal(private_host_t *this, private_host_t *other)
                case AF_INET:
                {
                        if ((this->address4.sin_family == other->address4.sin_family) &&
-                               (this->address4.sin_addr.s_addr == other->address4.sin_addr.s_addr))
+                               (this->address4.sin_addr.s_addr == other->address4.sin_addr.s_addr) &&
+                               (this->address4.sin_port == other->address4.sin_port))
                        {
                                return TRUE;    
                        }
@@ -253,7 +273,8 @@ static private_host_t *host_create_empty()
        this->public.get_address = (char* (*) (host_t *))get_address;
        this->public.get_address_as_chunk = (chunk_t (*) (host_t *)) get_address_as_chunk;
        this->public.get_port = (u_int16_t (*) (host_t *))get_port;
-       this->public.ip_is_equal = (bool (*) (host_t *,host_t *)) ip_is_equal;
+       this->public.ip_equals = (bool (*) (host_t *,host_t *)) ip_equals;
+       this->public.equals = (bool (*) (host_t *,host_t *)) equals;
        this->public.is_default_route = (bool (*) (host_t *)) is_default_route;
        this->public.destroy = (void (*) (host_t*))destroy;
        
index c5293bc..d81efff 100644 (file)
@@ -155,7 +155,16 @@ struct host_t {
         * @param other                 the other to compare
         * @return                              TRUE if addresses are equal.
         */
-       bool (*ip_is_equal) (host_t *this, host_t *other);
+       bool (*ip_equals) (host_t *this, host_t *other);
+               
+       /** 
+        * @brief Compare two hosts, with port.
+        * 
+        * @param this                  object to compare
+        * @param other                 the other to compare
+        * @return                              TRUE if addresses and ports are equal.
+        */
+       bool (*equals) (host_t *this, host_t *other);
        
        /** 
         * @brief Destroy this host object
index 0b66109..c7a7ab1 100644 (file)
@@ -97,6 +97,11 @@ struct interface_t {
         * Associated socket
         */
        int socket_fd;
+       
+       /**
+        * Host with listening address
+        */
+       host_t *address;
 };
 
 typedef struct private_socket_t private_socket_t;
@@ -366,8 +371,9 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port)
                memcpy(interface->name, buf[i].ifr_name, IFNAMSIZ);
                interface->name[IFNAMSIZ-1] = '\0';
                interface->socket_fd = skt;
+               interface->address = host_create_from_sockaddr((struct sockaddr*)current);
                this->logger->log(this->logger, CONTROL, "listening on %s (%s)",
-                                                 interface->name, inet_ntoa(current->sin_addr));
+                                                 interface->name, interface->address->get_address(interface->address));
                this->interfaces->insert_last(this->interfaces, (void*)interface);
        }
        
@@ -380,18 +386,47 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port)
 }
 
 /**
+ * implementation of socket_t.is_listening_on
+ */
+static bool is_listening_on(private_socket_t *this, host_t *host)
+{
+       iterator_t *iterator;
+       
+       /* listening on 0.0.0.0 is always TRUE */
+       if (host->is_default_route(host))
+       {
+               return TRUE;
+       }
+       
+       /* compare host with all interfaces */
+       iterator = this->interfaces->create_iterator(this->interfaces, TRUE);
+       while (iterator->has_next(iterator))
+       {
+               interface_t *interface;
+               iterator->current(iterator, (void**)&interface);
+               if (host->equals(host, interface->address))
+               {
+                       iterator->destroy(iterator);
+                       return TRUE;
+               }
+       }
+       iterator->destroy(iterator);
+       return FALSE;
+}
+
+/**
  * implementation of socket_t.destroy
  */
-void destroy(private_socket_t *this)
+static void destroy(private_socket_t *this)
 {
        interface_t *interface;
        while (this->interfaces->remove_last(this->interfaces, (void**)&interface) == SUCCESS)
        {
+               interface->address->destroy(interface->address);
                close(interface->socket_fd);
                allocator_free(interface);
        }
        this->interfaces->destroy(this->interfaces);
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
        close(this->master_fd);
        allocator_free(this);
 }
@@ -406,9 +441,10 @@ socket_t *socket_create(u_int16_t port)
        /* public functions */
        this->public.send = (status_t(*)(socket_t*, packet_t*))sender;
        this->public.receive = (status_t(*)(socket_t*, packet_t**))receiver;
+       this->public.is_listening_on = (bool (*)(socket_t*,host_t*))is_listening_on;
        this->public.destroy = (void(*)(socket_t*)) destroy;
        
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, SOCKET, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, SOCKET);
        this->interfaces = linked_list_create();
        
        if (build_interface_list(this, port) != SUCCESS)
index 7e43ffa..498e770 100644 (file)
@@ -93,6 +93,15 @@ struct socket_t {
        status_t (*send) (socket_t *sock, packet_t *packet);
        
        /**
+        * @brief Check if socket listens on an address.
+        * 
+        * @param sock                  socket_t object to work on
+        * @param host                  address to check
+        * @return                              TRUE if listening on host, FALSE otherwise
+        */
+       bool (*is_listening_on) (socket_t *sock, host_t *host);
+       
+       /**
         * @brief Destroy sockets.
         * 
         * close sockets and destroy socket_t object
index 8b96246..92dee5c 100644 (file)
@@ -125,9 +125,6 @@ static chunk_t allocate_octets(private_authenticator_t *this,
        chunk_t octets;
        
        id_with_header[0] = my_id->get_id_type(my_id);
-       /* TODO:
-        * Reserved bytes are not in any case zero.
-        */
        id_with_header[1] = 0x00;
        id_with_header[2] = 0x00;
        id_with_header[3] = 0x00;
@@ -213,11 +210,11 @@ static status_t verify_auth_data (private_authenticator_t *this,
                        }
                        
                        chunk_t my_auth_data = this->build_preshared_secret_signature(this,
-                                                                                                                                                                 last_received_packet,
-                                                                                                                                                                 my_nonce,
-                                                                                                                                                                 other_id_payload,
-                                                                                                                                                                 initiator,
-                                                                                                                                                                 preshared_secret);
+                                                                                                                                                 last_received_packet,
+                                                                                                                                                 my_nonce,
+                                                                                                                                                 other_id_payload,
+                                                                                                                                                 initiator,
+                                                                                                                                                 preshared_secret);
                        allocator_free_chunk(&preshared_secret);
                        
                        if (auth_data.len != my_auth_data.len)
@@ -251,8 +248,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
                        auth_data = auth_payload->get_data(auth_payload);
                        
                        status = charon->credentials->get_rsa_public_key(charon->credentials,
-                                                                                                                       other_id,
-                                                                                                                       &public_key);
+                                                                                                                        other_id,
+                                                                                                                        &public_key);
                        if (status != SUCCESS)
                        {
                                other_id->destroy(other_id);
@@ -393,5 +390,5 @@ authenticator_t *authenticator_create(protected_ike_sa_t *ike_sa)
        this->prf = this->ike_sa->get_prf(this->ike_sa);
        this->logger = this->ike_sa->get_logger(this->ike_sa);
        
-       return  &(this->public);
+       return &(this->public);
 }
index 64257b3..7f19f87 100644 (file)
@@ -142,7 +142,7 @@ static status_t alloc(private_child_sa_t *this, linked_list_t *proposals)
                {
                        switch (protocols[i])
                        {
-                               case AH:
+                               case PROTO_AH:
                                        /* do we already have an spi for AH?*/
                                        if (this->my_ah_spi == 0)
                                        {
@@ -150,13 +150,13 @@ static status_t alloc(private_child_sa_t *this, linked_list_t *proposals)
                                                status = charon->kernel_interface->get_spi(
                                                                                        charon->kernel_interface,
                                                                                        this->me, this->other,
-                                                                                       AH, FALSE,
+                                                                                       PROTO_AH, FALSE,
                                                                                        &(this->my_ah_spi));
                                        }
                                        /* update proposal */
-                                       proposal->set_spi(proposal, AH, (u_int64_t)this->my_ah_spi);
+                                       proposal->set_spi(proposal, PROTO_AH, (u_int64_t)this->my_ah_spi);
                                        break;
-                               case ESP:
+                               case PROTO_ESP:
                                        /* do we already have an spi for ESP?*/
                                        if (this->my_esp_spi == 0)
                                        {
@@ -164,11 +164,11 @@ static status_t alloc(private_child_sa_t *this, linked_list_t *proposals)
                                                status = charon->kernel_interface->get_spi(
                                                                                        charon->kernel_interface,
                                                                                        this->me, this->other,
-                                                                                       ESP, FALSE,
+                                                                                       PROTO_ESP, FALSE,
                                                                                        &(this->my_esp_spi));
                                        }
                                        /* update proposal */
-                                       proposal->set_spi(proposal, ESP, (u_int64_t)this->my_esp_spi);
+                                       proposal->set_spi(proposal, PROTO_ESP, (u_int64_t)this->my_esp_spi);
                                        break;
                                default:
                                        break;
@@ -216,14 +216,14 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus
        /* derive keys in order as protocols appear */
        for (i = 0; i<2; i++)
        {
-               if (protocols[i] != UNDEFINED_PROTOCOL_ID)
+               if (protocols[i] != PROTO_NONE)
                {
                        
                        /* now we have to decide which spi to use. Use self allocated, if "mine",
                         * or the one in the proposal, if not "mine" (others). */
                        if (mine)
                        {
-                               if (protocols[i] == AH)
+                               if (protocols[i] == PROTO_AH)
                                {
                                        spi = this->my_ah_spi;
                                }
@@ -235,7 +235,7 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus
                        else /* use proposals spi */
                        {
                                spi = proposal->get_spi(proposal, protocols[i]);
-                               if (protocols[i] == AH)
+                               if (protocols[i] == PROTO_AH)
                                {
                                        this->other_ah_spi = spi;
                                }
@@ -499,19 +499,17 @@ static void destroy(private_child_sa_t *this)
        if (this->my_ah_spi)
        {
                charon->kernel_interface->del_sa(charon->kernel_interface,
-                                                                                this->other, this->my_ah_spi, AH);
+                                                                                this->other, this->my_ah_spi, PROTO_AH);
                charon->kernel_interface->del_sa(charon->kernel_interface,
-                                                                                this->me, this->other_ah_spi, AH);
+                                                                                this->me, this->other_ah_spi, PROTO_AH);
        }
        if (this->my_esp_spi)
        {
                charon->kernel_interface->del_sa(charon->kernel_interface,
-                                                                                this->other, this->my_esp_spi, ESP);
+                                                                                this->other, this->my_esp_spi, PROTO_ESP);
                charon->kernel_interface->del_sa(charon->kernel_interface,
-                                                                                this->me, this->other_esp_spi, ESP);
+                                                                                this->me, this->other_esp_spi, PROTO_ESP);
        }
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
        allocator_free(this);
 }
 
@@ -531,7 +529,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other)
        this->public.destroy = (void(*)(child_sa_t*))destroy;
 
        /* private data */
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, CHILD_SA, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, CHILD_SA);
        this->me = me;
        this->other = other;
        this->my_ah_spi = 0;
index c990e1d..622ea34 100644 (file)
@@ -321,7 +321,7 @@ static void send_delete_ike_sa_request (private_ike_sa_t *this)
        this->protected.build_message(&(this->protected), INFORMATIONAL, TRUE, &informational_request);
        
        delete_payload = delete_payload_create();
-       delete_payload->set_protocol_id(delete_payload,IKE);
+       delete_payload->set_protocol_id(delete_payload, PROTO_IKE);
                
        informational_request->add_payload(informational_request,(payload_t *)delete_payload);
        
@@ -502,7 +502,7 @@ static status_t build_transforms(private_ike_sa_t *this, proposal_t *proposal, d
        {
                this->prf->destroy(this->prf);
        }
-       proposal->get_algorithm(proposal, IKE, PSEUDO_RANDOM_FUNCTION, &algo);
+       proposal->get_algorithm(proposal, PROTO_IKE, PSEUDO_RANDOM_FUNCTION, &algo);
        if (algo == NULL)
        {
                this->logger->log(this->logger, ERROR|LEVEL2, "No PRF algoithm selected!?");
@@ -568,7 +568,7 @@ static status_t build_transforms(private_ike_sa_t *this, proposal_t *proposal, d
        
        
        /* SK_ai/SK_ar used for integrity protection */
-       proposal->get_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, &algo);
+       proposal->get_algorithm(proposal, PROTO_IKE, INTEGRITY_ALGORITHM, &algo);
        if (algo == NULL)
        {
                this->logger->log(this->logger, ERROR|LEVEL2, "No integrity algoithm selected?!");
@@ -606,7 +606,7 @@ static status_t build_transforms(private_ike_sa_t *this, proposal_t *proposal, d
        
        
        /* SK_ei/SK_er used for encryption */
-       proposal->get_algorithm(proposal, IKE, ENCRYPTION_ALGORITHM, &algo);
+       proposal->get_algorithm(proposal, PROTO_IKE, ENCRYPTION_ALGORITHM, &algo);
        if (algo == NULL)
        {
                this->logger->log(this->logger, ERROR|LEVEL2, "No encryption algoithm selected!?");
@@ -644,7 +644,7 @@ static status_t build_transforms(private_ike_sa_t *this, proposal_t *proposal, d
        allocator_free_chunk(&key);
        
        /* SK_pi/SK_pr used for authentication */
-       proposal->get_algorithm(proposal, IKE, PSEUDO_RANDOM_FUNCTION, &algo);
+       proposal->get_algorithm(proposal, PROTO_IKE, PSEUDO_RANDOM_FUNCTION, &algo);
        if (this->prf_auth_i != NULL)
        {
                this->prf_auth_i->destroy(this->prf_auth_i);
@@ -861,7 +861,7 @@ static void send_notify(private_ike_sa_t *this, exchange_type_t exchange_type, n
        this->logger->log(this->logger, CONTROL|LEVEL2, "Going to build message with notify payload");
        /* set up the reply */
        this->protected.build_message(&(this->protected), exchange_type, FALSE, &response);
-       payload = notify_payload_create_from_protocol_and_type(IKE,type);
+       payload = notify_payload_create_from_protocol_and_type(PROTO_IKE, type);
        if ((data.ptr != NULL) && (data.len > 0))
        {
                this->logger->log(this->logger, CONTROL|LEVEL2, "Add Data to notify payload");
@@ -1023,7 +1023,6 @@ static void destroy (private_ike_sa_t *this)
        this->ike_sa_id->destroy(this->ike_sa_id);
        this->randomizer->destroy(this->randomizer);
        this->current_state->destroy(this->current_state);
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
 
        allocator_free(this);
 }
@@ -1076,7 +1075,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
        this->resend_last_reply = resend_last_reply;
 
        /* initialize private fields */
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, IKE_SA, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, IKE_SA);
        
        this->ike_sa_id = ike_sa_id->clone(ike_sa_id);
        this->child_sas = linked_list_create();
index 0eec8ea..ebb306a 100644 (file)
@@ -667,9 +667,6 @@ static void destroy(private_ike_sa_manager_t *this)
        this->logger->log(this->logger,CONTROL | LEVEL2,"IKE_SA's deleted");
        pthread_mutex_unlock(&(this->mutex));
 
-       /* destroy logger at end */
-       charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
-
        allocator_free(this);
 }
 
@@ -695,7 +692,7 @@ ike_sa_manager_t *ike_sa_manager_create()
        this->delete_entry = delete_entry;
 
        /* initialize private variables */
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager,IKE_SA_MANAGER,NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, IKE_SA_MANAGER);
        
        this->ike_sa_list = linked_list_create();
 
index 3fedf43..eecfaab 100644 (file)
@@ -512,15 +512,8 @@ static status_t process_notify_payload(private_ike_auth_requested_t *this, notif
 {
        notify_message_type_t notify_message_type = notify_payload->get_notify_message_type(notify_payload);
        
-       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s for protocol %s",
-                                                         mapping_find(notify_message_type_m, notify_message_type),
-                                                         mapping_find(protocol_id_m, notify_payload->get_protocol_id(notify_payload)));
-                                                         
-       if (notify_payload->get_protocol_id(notify_payload) != IKE)
-       {
-               this->logger->log(this->logger, AUDIT, "IKE_AUTH reply contained a notify for an invalid protocol. Deleting IKE_SA");
-               return DELETE_ME;
-       }
+       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s",
+                                                         mapping_find(notify_message_type_m, notify_message_type));
        
        switch (notify_message_type)
        {
index 976ed76..37b69c2 100644 (file)
@@ -151,7 +151,7 @@ static status_t process_message(private_ike_sa_established_t *this, message_t *m
        
        if (delete_request)
        {       
-               if (delete_request->get_protocol_id(delete_request) == IKE)
+               if (delete_request->get_protocol_id(delete_request) == PROTO_IKE)
                {
                        this->logger->log(this->logger, AUDIT, "DELETE request for IKE_SA received");
                        response->destroy(response);
index 0c4b6b6..904dadf 100644 (file)
@@ -294,8 +294,9 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t
                                if (status != SUCCESS)
                                {
                                        payloads->destroy(payloads);
-                                       return status;  
+                                       return status;
                                }
+                               break;
                        }
                        default:
                        {
@@ -537,11 +538,6 @@ static status_t build_sa_payload (private_ike_sa_init_requested_t *this, message
                return DELETE_ME;
        }
        
-       /* TODO:
-        * Huston, we've got a problem here. Since SPIs are stored in
-        * the proposal, and these proposals are shared across configs,
-        * there may be some threading issues... fix it!
-        */
        sa_payload = sa_payload_create_from_proposal_list(proposal_list);
 
        this->logger->log(this->logger, CONTROL|LEVEL2, "Add SA payload to message");
@@ -595,15 +591,9 @@ static status_t process_notify_payload(private_ike_sa_init_requested_t *this, no
 {
        notify_message_type_t notify_message_type = notify_payload->get_notify_message_type(notify_payload);
        
-       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s for protocol %s",
-                                                 mapping_find(notify_message_type_m, notify_message_type),
-                                                 mapping_find(protocol_id_m, notify_payload->get_protocol_id(notify_payload)));
-                                                                 
-       if (notify_payload->get_protocol_id(notify_payload) != IKE)
-       {
-               this->logger->log(this->logger, ERROR | LEVEL1, "Notify reply not for IKE protocol.");
-               return FAILED;  
-       }
+       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s",
+                                         mapping_find(notify_message_type_m, notify_message_type));
+       
        switch (notify_message_type)
        {
                case NO_PROPOSAL_CHOSEN:
@@ -620,16 +610,24 @@ static status_t process_notify_payload(private_ike_sa_init_requested_t *this, no
                {
                        initiator_init_t *initiator_init_state;
                        chunk_t notify_data;
-                       diffie_hellman_group_t dh_group;
+                       diffie_hellman_group_t dh_group, old_dh_group;
                        connection_t *connection;
                        
+                       connection = this->ike_sa->get_connection(this->ike_sa);
+                       old_dh_group = connection->get_dh_group(connection);
                        notify_data = notify_payload->get_notification_data(notify_payload);
                        dh_group = ntohs(*((u_int16_t*)notify_data.ptr));
                        
-                       this->logger->log(this->logger, ERROR|LEVEL1, "Peer wouldn't accept DH group, it requested %s!",
+                       /* TODO:
+                        * We are very restrictive here: If the other didn't accept
+                        * our DH group, and we do not accept his offer, continuation
+                        * is cancelled...
+                        */
+                       
+                       this->logger->log(this->logger, AUDIT, "Peer didn't accept %s, it requested %s!",
+                                                         mapping_find(diffie_hellman_group_m, old_dh_group),
                                                          mapping_find(diffie_hellman_group_m, dh_group));
                        /* check if we can accept this dh group */
-                       connection = this->ike_sa->get_connection(this->ike_sa);
                        if (!connection->check_dh_group(connection, dh_group))
                        {
                                this->logger->log(this->logger, AUDIT, 
@@ -649,9 +647,6 @@ static status_t process_notify_payload(private_ike_sa_init_requested_t *this, no
                        this->ike_sa->set_new_state(this->ike_sa,(state_t *) initiator_init_state);
 
                        /* state has NOW changed :-) */
-                       this->logger->log(this->logger, CONTROL|LEVEL1, "Changed state of IKE_SA from %s to %s", 
-                                                               mapping_find(ike_sa_state_m,INITIATOR_INIT), mapping_find(ike_sa_state_m,IKE_SA_INIT_REQUESTED));
-
                        this->logger->log(this->logger, CONTROL|LEVEL2, "Destroy old sate object");
                        this->logger->log(this->logger, CONTROL|LEVEL2, "Going to retry initialization of connection");
                        
index 751f135..da3b68c 100644 (file)
@@ -572,9 +572,8 @@ static status_t process_notify_payload(private_ike_sa_init_responded_t *this, no
 {
        notify_message_type_t notify_message_type = notify_payload->get_notify_message_type(notify_payload);
        
-       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s for protocol %s",
-                                         mapping_find(notify_message_type_m, notify_message_type),
-                                         mapping_find(protocol_id_m, notify_payload->get_protocol_id(notify_payload)));
+       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s",
+                                         mapping_find(notify_message_type_m, notify_message_type));
                                          
        switch (notify_message_type)
        {
index 6db0a66..a1d951b 100644 (file)
@@ -344,7 +344,7 @@ static status_t build_sa_payload(private_responder_init_t *this,sa_payload_t *sa
                return DELETE_ME;
        }
        /* get selected DH group to force policy, this is very restrictive!? */
-       this->proposal->get_algorithm(this->proposal, IKE, DIFFIE_HELLMAN_GROUP, &algo);
+       this->proposal->get_algorithm(this->proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, &algo);
        this->dh_group_number = algo->algorithm;
        
        this->logger->log(this->logger, CONTROL | LEVEL2, "SA Payload processed");
@@ -458,11 +458,10 @@ static status_t process_notify_payload(private_responder_init_t *this, notify_pa
 {
        notify_message_type_t notify_message_type = notify_payload->get_notify_message_type(notify_payload);
        
-       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s for protocol %s",
-                                                 mapping_find(notify_message_type_m, notify_message_type),
-                                                 mapping_find(protocol_id_m, notify_payload->get_protocol_id(notify_payload)));
+       this->logger->log(this->logger, CONTROL|LEVEL1, "Process notify type %s",
+                                                 mapping_find(notify_message_type_m, notify_message_type));
                                                                  
-       if (notify_payload->get_protocol_id(notify_payload) != IKE)
+       if (notify_payload->get_protocol_id(notify_payload) != PROTO_IKE)
        {
                this->logger->log(this->logger, ERROR | LEVEL1, "Notify reply not for IKE protocol.");
                return FAILED;  
index 8f5f324..6f4ceb8 100644 (file)
@@ -77,10 +77,10 @@ static int send_stroke_msg (stroke_msg_t *msg)
 }
 
 static int add_connection(char *name,
-                                  char *my_id, char *other_id, 
-                                  char *my_addr, char *other_addr, 
-                                  char *my_net, char *other_net,
-                                  u_int8_t my_netmask, u_int8_t other_netmask)
+                                                 char *my_id, char *other_id, 
+                                                 char *my_addr, char *other_addr, 
+                                                 char *my_net, char *other_net,
+                                                 u_int8_t my_netmask, u_int8_t other_netmask)
 {
        stroke_msg_t *msg = malloc(sizeof(stroke_msg_t));
        int res;
index 3208e84..1ea2983 100644 (file)
@@ -53,7 +53,7 @@ void test_aes_cbc_crypter(protected_tester_t *tester)
        chunk_t decrypted1;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"AES CBC");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
                 
        crypter = (crypter_t *) aes_cbc_crypter_create(16);
        tester->assert_true(tester, (crypter != NULL), "create call test");
@@ -198,7 +198,5 @@ void test_aes_cbc_crypter(protected_tester_t *tester)
        allocator_free_chunk(&decrypted3);
        
        crypter->destroy(crypter);
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);
 }
 
index e1e54af..7a74622 100644 (file)
@@ -39,7 +39,7 @@ void test_diffie_hellman(protected_tester_t *tester)
        chunk_t my_public_value, other_public_value;
        chunk_t my_secret, other_secret;
 
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Diffie Hellman");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
 
 
        my_diffie_hellman = diffie_hellman_create(MODP_1024_BIT);
@@ -60,18 +60,17 @@ void test_diffie_hellman(protected_tester_t *tester)
        allocator_free(my_public_value.ptr);
        allocator_free(other_public_value.ptr);
        
-       tester->assert_true(tester,(    my_diffie_hellman->get_shared_secret(my_diffie_hellman,&my_secret) == SUCCESS), "get_shared_secret call check");
+       tester->assert_true(tester,(my_diffie_hellman->get_shared_secret(my_diffie_hellman,&my_secret) == SUCCESS), "get_shared_secret call check");
        logger->log_chunk(logger,RAW,"My shared secret",my_secret);
 
-       tester->assert_true(tester,(    other_diffie_hellman->get_shared_secret(other_diffie_hellman,&other_secret) == SUCCESS), "get_shared_secret call check");
+       tester->assert_true(tester,(other_diffie_hellman->get_shared_secret(other_diffie_hellman,&other_secret) == SUCCESS), "get_shared_secret call check");
        logger->log_chunk(logger,RAW,"Other shared secret",other_secret);
        
-       tester->assert_true(tester,(    memcmp(my_secret.ptr,other_secret.ptr,other_secret.len) == 0), "shared secret same value check");
+       tester->assert_true(tester,(memcmp(my_secret.ptr,other_secret.ptr,other_secret.len) == 0), "shared secret same value check");
        
        allocator_free(my_secret.ptr);
        allocator_free(other_secret.ptr);       
                
        my_diffie_hellman->destroy(my_diffie_hellman);
        other_diffie_hellman->destroy(other_diffie_hellman);
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);
 }
index 8f6a0c5..4557237 100644 (file)
@@ -60,7 +60,7 @@ void test_encryption_payload(protected_tester_t *tester)
        key.ptr = key_bytes;
        key.len = sizeof(key_bytes);
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager, TESTER, NULL);
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        
        nonce.ptr = "test text und so...";
        nonce.len = strlen(nonce.ptr) +1;
index e235401..df999cc 100644 (file)
@@ -58,7 +58,7 @@ void test_generator_with_header_payload(protected_tester_t *tester)
        chunk_t generated_data;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"header payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        
        header_data = ike_header_create();
        header_data->set_initiator_spi(header_data,1);
@@ -129,7 +129,6 @@ void test_generator_with_header_payload(protected_tester_t *tester)
 
        header_data->destroy(header_data);
        
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);
        generator->destroy(generator);
 }
 
@@ -143,7 +142,7 @@ void test_generator_with_transform_attribute(protected_tester_t *tester)
        chunk_t generated_data;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"transform_attribute payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        
        
        /* test empty attribute */
@@ -222,9 +221,6 @@ void test_generator_with_transform_attribute(protected_tester_t *tester)
        allocator_free_chunk(&generated_data);
        attribute->destroy(attribute);
        generator->destroy(generator);
-               
-
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 
@@ -241,7 +237,7 @@ void test_generator_with_transform_substructure(protected_tester_t *tester)
        chunk_t generated_data;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"transform substr.");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -293,9 +289,6 @@ void test_generator_with_transform_substructure(protected_tester_t *tester)
        allocator_free_chunk(&generated_data);
        transform->destroy(transform);
        generator->destroy(generator);
-       
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 
@@ -312,7 +305,7 @@ void test_generator_with_proposal_substructure(protected_tester_t *tester)
        chunk_t generated_data;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"transform substr.");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -409,9 +402,6 @@ void test_generator_with_proposal_substructure(protected_tester_t *tester)
        allocator_free_chunk(&generated_data);
        proposal->destroy(proposal);
        generator->destroy(generator);
-       
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -432,7 +422,7 @@ void test_generator_with_sa_payload(protected_tester_t *tester)
        chunk_t generated_data;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with SA Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -756,9 +746,6 @@ void test_generator_with_sa_payload(protected_tester_t *tester)
        allocator_free_chunk(&generated_data);
        generator->destroy(generator);
        
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
-       
 }
 
 /*
@@ -772,7 +759,7 @@ void test_generator_with_ke_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t key_exchange_data;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with KE Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -811,8 +798,6 @@ void test_generator_with_ke_payload(protected_tester_t *tester)
        
        ke_payload->destroy(ke_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
        
 }
 
@@ -827,7 +812,7 @@ void test_generator_with_notify_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t spi,notification_data;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with Notify Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -871,9 +856,6 @@ void test_generator_with_notify_payload(protected_tester_t *tester)
        
        notify_payload->destroy(notify_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
-       
 }
 
 /*
@@ -887,7 +869,7 @@ void test_generator_with_nonce_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t nonce;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with Nonce Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -925,9 +907,6 @@ void test_generator_with_nonce_payload(protected_tester_t *tester)
        
        nonce_payload->destroy(nonce_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
-       
 }
 
 /*
@@ -941,7 +920,7 @@ void test_generator_with_id_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t id;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with ID Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -979,8 +958,6 @@ void test_generator_with_id_payload(protected_tester_t *tester)
        
        id_payload->destroy(id_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -994,7 +971,7 @@ void test_generator_with_auth_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t auth;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with AUTH Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1032,8 +1009,6 @@ void test_generator_with_auth_payload(protected_tester_t *tester)
        
        auth_payload->destroy(auth_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1048,7 +1023,7 @@ void test_generator_with_ts_payload(protected_tester_t *tester)
        logger_t *logger;
        chunk_t generated_data;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with TS Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1116,8 +1091,6 @@ void test_generator_with_ts_payload(protected_tester_t *tester)
        
        ts_payload->destroy(ts_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1131,7 +1104,7 @@ void test_generator_with_cert_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t cert;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with CERT Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1168,8 +1141,6 @@ void test_generator_with_cert_payload(protected_tester_t *tester)
        
        cert_payload->destroy(cert_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1183,7 +1154,7 @@ void test_generator_with_certreq_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t certreq;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with CERTREQ Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1220,8 +1191,6 @@ void test_generator_with_certreq_payload(protected_tester_t *tester)
        
        certreq_payload->destroy(certreq_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1235,7 +1204,7 @@ void test_generator_with_delete_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t spis;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with DELETE Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1274,8 +1243,6 @@ void test_generator_with_delete_payload(protected_tester_t *tester)
        
        delete_payload->destroy(delete_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1289,7 +1256,7 @@ void test_generator_with_vendor_id_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t data;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with VENDOR ID Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1323,8 +1290,6 @@ void test_generator_with_vendor_id_payload(protected_tester_t *tester)
        
        vendor_id_payload->destroy(vendor_id_payload);
        generator->destroy(generator);
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1339,7 +1304,7 @@ void test_generator_with_cp_payload(protected_tester_t *tester)
        chunk_t generated_data;
        logger_t *logger;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"CP Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
@@ -1396,9 +1361,6 @@ void test_generator_with_cp_payload(protected_tester_t *tester)
        allocator_free_chunk(&generated_data);
        configuration->destroy(configuration);
        generator->destroy(generator);
-       
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
 }
 
 /*
@@ -1412,7 +1374,7 @@ void test_generator_with_eap_payload(protected_tester_t *tester)
        chunk_t generated_data;
        chunk_t message;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with EAP Payload");
+       logger = charon->logger_manager->get_logger(charon->logger_manager,TESTER);
        
        /* create generator */
        generator = generator_create();
index e5c4bac..6fd74c1 100644 (file)
@@ -56,7 +56,7 @@ void test_hmac_md5_signer(protected_tester_t *tester)
        logger_t *logger;
        bool valid;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"HMAC MD5 96");
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        
        signer_t *signer = (signer_t *) signer_create(AUTH_HMAC_MD5_96);
        tester->assert_true(tester, (signer != NULL), "signer create call check");
@@ -104,12 +104,8 @@ void test_hmac_md5_signer(protected_tester_t *tester)
 
                valid = signer->verify_signature(signer, data[i],wrong_reference[i]);
                tester->assert_true(tester, (valid == FALSE), "Signature not valid check");
-       }
-       
-       
-
+       }
        signer->destroy(signer);        
-       charon->logger_manager->destroy_logger(charon->logger_manager,logger);
 }
 
 
@@ -138,7 +134,7 @@ void test_hmac_sha1_signer(protected_tester_t *tester)
        logger_t *logger;
        bool valid;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"HMAC SHA1 96");
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        
        signer_t *signer = (signer_t *) signer_create(AUTH_HMAC_SHA1_96);
        tester->assert_true(tester, (signer != NULL), "signer create call check");
index d02c419..da906ee 100644 (file)
@@ -44,7 +44,7 @@ void test_policy(protected_tester_t *tester)
        logger_t *logger;
        identification_t *alice, *bob;
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager, TESTER, NULL);
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        logger->disable_level(logger, FULL);
        
        alice = identification_create_from_string(ID_IPV4_ADDR, "152.96.193.131");
index 75df88a..31b6a24 100644 (file)
@@ -53,7 +53,7 @@ void test_rsa(protected_tester_t *tester)
        data.ptr = test_data;
        data.len = sizeof(test_data);
        
-       logger = charon->logger_manager->create_logger(charon->logger_manager, TESTER, NULL);
+       logger = charon->logger_manager->get_logger(charon->logger_manager, TESTER);
        logger->disable_level(logger, FULL);
        
        private_key = rsa_private_key_create();
index aa8f372..1d44cf5 100644 (file)
@@ -249,9 +249,9 @@ int main()
  
        daemon_create();
  
-       charon->logger_manager->disable_logger_level(charon->logger_manager,TESTER,FULL);
-       charon->logger_manager->enable_logger_level(charon->logger_manager,CHILD_SA,FULL);
-       /* charon->logger_manager->enable_logger_level(charon->logger_manager,TESTER,RAW); */
+       charon->logger_manager->disable_log_level(charon->logger_manager,TESTER,FULL);
+       charon->logger_manager->enable_log_level(charon->logger_manager,CHILD_SA,FULL);
+       /* charon->logger_manager->enable_log_level(charon->logger_manager,TESTER,RAW); */
        
        tester_t *tester = tester_create(test_output, FALSE);
        
index c42a091..87238d0 100644 (file)
@@ -216,7 +216,7 @@ static status_t get_spi(private_kernel_interface_t *this,
        request.spi.info.id.daddr = dest->get_xfrm_addr(dest);
        request.spi.info.mode = TRUE; /* tunnel mode */
        request.spi.info.reqid = reqid;
-       request.spi.info.id.proto = (protocol == ESP) ? KERNEL_ESP : KERNEL_AH;
+       request.spi.info.id.proto = (protocol == PROTO_ESP) ? KERNEL_ESP : KERNEL_AH;
        request.spi.info.family = PF_INET;
        request.spi.min = 0xc0000000;
        request.spi.max = 0xcFFFFFFF;
@@ -270,7 +270,7 @@ static status_t add_sa(     private_kernel_interface_t *this,
        request.sa.id.daddr = other->get_xfrm_addr(other);
        
        request.sa.id.spi = spi;
-       request.sa.id.proto = (protocol == ESP) ? KERNEL_ESP : KERNEL_AH;
+       request.sa.id.proto = (protocol == PROTO_ESP) ? KERNEL_ESP : KERNEL_AH;
        request.sa.family = me->get_family(me);
        request.sa.mode = TRUE; /* tunnel mode */
        request.sa.replay_window = 32;
@@ -348,7 +348,7 @@ static status_t del_sa(     private_kernel_interface_t *this,
        request.sa_id.daddr = dst->get_xfrm_addr(dst);
        
        request.sa_id.spi = spi;
-       request.sa_id.proto = (protocol == ESP) ? KERNEL_ESP : KERNEL_AH;
+       request.sa_id.proto = (protocol == PROTO_ESP) ? KERNEL_ESP : KERNEL_AH;
        request.sa_id.family = dst->get_family(dst);
        
        request.hdr.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(request.sa_id)));
@@ -686,6 +686,6 @@ kernel_interface_t *kernel_interface_create()
                charon->kill(charon, "Unable to create netlink thread");
        }
        
-       charon->logger_manager->enable_logger_level(charon->logger_manager, TESTER, FULL);
+       charon->logger_manager->enable_log_level(charon->logger_manager, TESTER, FULL);
        return (&this->public);
 }
index 3b22c82..9058ecb 100644 (file)
@@ -102,8 +102,6 @@ static void destroy(private_receiver_t *this)
 
        pthread_join(this->assigned_thread, NULL);
        this->logger->log(this->logger, CONTROL | LEVEL1, "Receiver thread terminated");
-               
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
 
        allocator_free(this);
 }
@@ -118,12 +116,11 @@ receiver_t * receiver_create()
        this->public.destroy = (void(*)(receiver_t*)) destroy;
        this->receive_packets = receive_packets;
        
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, RECEIVER, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, RECEIVER);
        
        if (pthread_create(&(this->assigned_thread), NULL, (void*(*)(void*))this->receive_packets, this) != 0)
        {
                this->logger->log(this->logger, ERROR, "Receiver thread could not be started");
-               charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
                allocator_free(this);
                charon->kill(charon, "Unable to create receiver thread");
        }
index 8205cfd..8750cda 100644 (file)
@@ -96,9 +96,7 @@ static void destroy(private_scheduler_t *this)
        pthread_cancel(this->assigned_thread);
 
        pthread_join(this->assigned_thread, NULL);
-       this->logger->log(this->logger, CONTROL | LEVEL1, "Scheduler thread terminated");       
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
+       this->logger->log(this->logger, CONTROL | LEVEL1, "Scheduler thread terminated");
 
        allocator_free(this);
 }
@@ -113,13 +111,12 @@ scheduler_t * scheduler_create()
        this->public.destroy = (void(*)(scheduler_t*)) destroy;
        this->get_events = get_events;
        
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, SCHEDULER, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, SCHEDULER);
        
        if (pthread_create(&(this->assigned_thread), NULL, (void*(*)(void*))this->get_events, this) != 0)
        {
                /* thread could not be created  */
                this->logger->log(this->logger, ERROR, "Scheduler thread could not be created!");
-               charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
                allocator_free(this);
                charon->kill(charon, "Unable to create scheduler thread");
        }
index 82aa2b2..90d9e40 100644 (file)
@@ -99,9 +99,7 @@ static void destroy(private_sender_t *this)
        pthread_cancel(this->assigned_thread);
 
        pthread_join(this->assigned_thread, NULL);
-       this->logger->log(this->logger, CONTROL | LEVEL1, "Sender thread terminated");  
-       
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
+       this->logger->log(this->logger, CONTROL | LEVEL1, "Sender thread terminated");
 
        allocator_free(this);
 }
@@ -116,7 +114,7 @@ sender_t * sender_create()
        this->send_packets = send_packets;
        this->public.destroy = (void(*)(sender_t*)) destroy;
        
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager, SENDER, NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, SENDER);
 
        if (pthread_create(&(this->assigned_thread), NULL, (void*(*)(void*))this->send_packets, this) != 0)
        {
index 1bc94c8..40b3cec 100755 (executable)
@@ -224,7 +224,7 @@ static void stroke_receive(private_stroke_t *this)
                        continue;
                }
                
-               this->logger->log_bytes(this->logger, CONTROL, "stroke message", (void*)msg, msg_length);
+               this->logger->log_bytes(this->logger, RAW, "stroke message", (void*)msg, msg_length);
                
                switch (msg->type)
                {
@@ -327,35 +327,70 @@ static void stroke_receive(private_stroke_t *this)
                                        break;
                                }
                                
-                               this->logger->log(this->logger, CONTROL, "my ID %s, others ID %s",
-                                                                 my_id->get_string(my_id),
-                                                                 other_id->get_string(other_id));
+                               my_ts = traffic_selector_create_from_subnet(my_subnet, *msg->add_conn.me.subnet ? msg->add_conn.me.subnet_mask : 32);
+                               my_subnet->destroy(my_subnet);
+                               other_ts = traffic_selector_create_from_subnet(other_subnet, *msg->add_conn.other.subnet ? msg->add_conn.other.subnet_mask : 32);
+                               other_subnet->destroy(other_subnet);
+                               
+                               if (charon->socket->is_listening_on(charon->socket, other_host))
+                               {
+                                       this->logger->log(this->logger, CONTROL|LEVEL1, "left is other host, switching");
+                                       
+                                       host_t *tmp_host = my_host;
+                                       identification_t *tmp_id = my_id;
+                                       traffic_selector_t *tmp_ts = my_ts;
+                                       
+                                       my_host = other_host;
+                                       other_host = tmp_host;
+                                       my_id = other_id;
+                                       other_id = tmp_id;
+                                       my_ts = other_ts;
+                                       other_ts = tmp_ts;
+                               }
+                               else if (charon->socket->is_listening_on(charon->socket, my_host))
+                               {
+                                       this->logger->log(this->logger, CONTROL|LEVEL1, "left is own host, not switching");
+                               }
+                               else
+                               {
+                                       this->logger->log(this->logger, ERROR, "left nor right host is our, aborting");
+                                       
+                                       my_host->destroy(my_host);
+                                       other_host->destroy(other_host);
+                                       my_id->destroy(my_id);
+                                       other_id->destroy(other_id);
+                                       my_ts->destroy(my_ts);
+                                       other_ts->destroy(other_ts);
+                                       break;
+                               }
                                
                                connection = connection_create(my_host, other_host, my_id->clone(my_id), other_id->clone(other_id), SHARED_KEY_MESSAGE_INTEGRITY_CODE);
                                proposal = proposal_create(1);
-                               proposal->add_algorithm(proposal, IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16);
-                               proposal->add_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
-                               proposal->add_algorithm(proposal, IKE, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0);
-                               proposal->add_algorithm(proposal, IKE, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16);
+                               proposal->add_algorithm(proposal, PROTO_IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0);
+                               proposal->add_algorithm(proposal, PROTO_IKE, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0);
                                connection->add_proposal(connection, proposal);
                                
                                policy = policy_create(my_id, other_id);
                                proposal = proposal_create(1);
-                               proposal->add_algorithm(proposal, ESP, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16);
-                               proposal->add_algorithm(proposal, ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+                               proposal->add_algorithm(proposal, PROTO_ESP, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16);
+                               proposal->add_algorithm(proposal, PROTO_ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+                               proposal->add_algorithm(proposal, PROTO_ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
                                policy->add_proposal(policy, proposal);
-                               
-                               my_ts = traffic_selector_create_from_subnet(my_subnet, *msg->add_conn.me.subnet ? msg->add_conn.me.subnet_mask : 32);
-                               my_subnet->destroy(my_subnet);
                                policy->add_my_traffic_selector(policy, my_ts);
-                               other_ts = traffic_selector_create_from_subnet(other_subnet, *msg->add_conn.other.subnet ? msg->add_conn.other.subnet_mask : 32);
-                               other_subnet->destroy(other_subnet);
                                policy->add_other_traffic_selector(policy, other_ts);
                                
                                this->configurations->insert_last(this->configurations, 
                                                configuration_entry_create(msg->add_conn.name, connection, policy));
                                
-                               this->logger->log(this->logger, CONTROL, "connection \"%s\" added (%d in store)", 
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "connection \"%s\" added (%d in store)", 
                                                                  msg->add_conn.name,
                                                                  this->configurations->get_count(this->configurations));
                                break;
@@ -395,7 +430,7 @@ static connection_t *get_connection_by_hosts(connection_store_t *store, host_t *
                config_other_host = entry->connection->get_other_host(entry->connection);
 
                /* first check if ip is equal */
-               if(config_other_host->ip_is_equal(config_other_host, other_host))
+               if(config_other_host->ip_equals(config_other_host, other_host))
                {
                        this->logger->log(this->logger, CONTROL|LEVEL2, "config entry with remote host %s", 
                                                config_other_host->get_address(config_other_host));
@@ -406,7 +441,7 @@ static connection_t *get_connection_by_hosts(connection_store_t *store, host_t *
                                break;
                        }
                        /* check now if host informations are the same */
-                       else if (config_my_host->ip_is_equal(config_my_host,my_host))
+                       else if (config_my_host->ip_equals(config_my_host,my_host))
                        {
                                found = entry->connection->clone(entry->connection);
                                break;
@@ -425,7 +460,7 @@ static connection_t *get_connection_by_hosts(connection_store_t *store, host_t *
                                break;
                        }
                        /* check now if host informations are the same */
-                       else if (config_my_host->ip_is_equal(config_my_host,my_host))
+                       else if (config_my_host->ip_equals(config_my_host,my_host))
                        {
                                found = entry->connection->clone(entry->connection);
                                break;
@@ -562,7 +597,7 @@ static policy_t *get_policy(policy_store_t *store,identification_t *my_id, ident
  */    
 static status_t get_shared_secret(credential_store_t *this, identification_t *identification, chunk_t *preshared_secret)
 {
-       char *secret = "schluessel";
+       char *secret = "schluessel\n";
        preshared_secret->ptr = secret;
        preshared_secret->len = strlen(secret) + 1;
        
@@ -613,7 +648,6 @@ static void destroy(private_stroke_t *this)
        }
        this->rsa_public_keys->destroy(this->rsa_public_keys);
 
-       charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
        close(this->socket);
        unlink(socket_addr.sun_path);
        allocator_free(this);
@@ -653,14 +687,13 @@ stroke_t *stroke_create()
        this->stroke_receive = stroke_receive;
        this->get_connection_by_name = get_connection_by_name;
        
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager,CONFIG,NULL);
+       this->logger = charon->logger_manager->get_logger(charon->logger_manager, CONFIG);
        
        /* set up unix socket */
        this->socket = socket(AF_UNIX, SOCK_STREAM, 0);
        if (this->socket == -1)
        {
                this->logger->log(this->logger, ERROR, "could not create whack socket");
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
                allocator_free(this);
                return NULL;
        }
@@ -669,7 +702,6 @@ stroke_t *stroke_create()
        if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0)
        {
                this->logger->log(this->logger, ERROR, "could not bind stroke socket: %s", strerror(errno));
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
                close(this->socket);
                allocator_free(this);
                return NULL;
@@ -679,7 +711,6 @@ stroke_t *stroke_create()
        if (listen(this->socket, 0) < 0)
        {
                this->logger->log(this->logger, ERROR, "could not listen on stroke socket: %s", strerror(errno));
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
                close(this->socket);
                unlink(socket_addr.sun_path);
                allocator_free(this);
@@ -690,7 +721,6 @@ stroke_t *stroke_create()
        if (pthread_create(&(this->assigned_thread), NULL, (void*(*)(void*))this->stroke_receive, this) != 0)
        {
                this->logger->log(this->logger, ERROR, "Could not spawn stroke thread");
-               charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
                close(this->socket);
                unlink(socket_addr.sun_path);
                allocator_free(this);
index f3e2fd8..1f1584e 100644 (file)
@@ -296,11 +296,7 @@ static void process_incoming_packet_job(private_thread_pool_t *this, incoming_pa
                this->create_delete_half_open_ike_sa_job(this,ike_sa_id,charon->configuration->get_half_open_ike_sa_timeout(charon->configuration));
        }
 
-       status = ike_sa->process_message(ike_sa, message);                              
-       if ((status != SUCCESS) && (status != DELETE_ME))
-       {
-               this->worker_logger->log(this->worker_logger, ERROR, "Message could not be processed by IKE SA");
-       }
+       status = ike_sa->process_message(ike_sa, message);
                                
        this->worker_logger->log(this->worker_logger, CONTROL|LEVEL3, "%s IKE SA %lld:%lld, role %s", 
                                                         (status == DELETE_ME) ? "Checkin and delete" : "Checkin",
@@ -558,8 +554,6 @@ static void destroy(private_thread_pool_t *this)
        }       
 
        /* free mem */
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->pool_logger);
-       charon->logger_manager->destroy_logger(charon->logger_manager, this->worker_logger);
        allocator_free(this->threads);
        allocator_free(this);
 }
@@ -589,9 +583,9 @@ thread_pool_t *thread_pool_create(size_t pool_size)
        
        this->threads = allocator_alloc(sizeof(pthread_t) * pool_size);
 
-       this->pool_logger = charon->logger_manager->create_logger(charon->logger_manager,THREAD_POOL,NULL);
+       this->pool_logger = charon->logger_manager->get_logger(charon->logger_manager, THREAD_POOL);
 
-       this->worker_logger = charon->logger_manager->create_logger(charon->logger_manager,WORKER,NULL);
+       this->worker_logger = charon->logger_manager->get_logger(charon->logger_manager, WORKER);
        
        /* try to create as many threads as possible, up tu pool_size */
        for (current = 0; current < pool_size; current++) 
@@ -606,8 +600,6 @@ thread_pool_t *thread_pool_create(size_t pool_size)
                        if (current == 0) 
                        {
                                this->pool_logger->log(this->pool_logger, ERROR, "Could not create any thread");
-                               charon->logger_manager->destroy_logger(charon->logger_manager, this->pool_logger);
-                               charon->logger_manager->destroy_logger(charon->logger_manager, this->worker_logger);
                                allocator_free(this->threads);
                                allocator_free(this);
                                return NULL;
index 9a3608a..48a1655 100644 (file)
@@ -35,8 +35,6 @@ typedef enum diffie_hellman_group_t diffie_hellman_group_t;
  * 
  * See IKEv2 RFC 3.3.2 and RFC 3526.
  * 
- * @warning Use of big modulus sizes can be cpu consuming.
- * 
  * @ingroup transforms
  */
 enum diffie_hellman_group_t {
index f6522ab..34a217c 100644 (file)
@@ -39,6 +39,21 @@ extern u_int8_t sha256_oid[19];
 extern u_int8_t sha384_oid[19];
 extern u_int8_t sha512_oid[19];
 
+/*
+asn1_module_t rsa_private_key_module = {
+       {ASN1_SEQUENCE, 0, 0, 0},
+       {       ASN1_INTEGER, 0,                offsetof(private_rsa_private_key, version), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, n), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, e), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, d), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, p), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, q), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, exp1), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, exp2), 0},
+       {       ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key, coeff), 0},
+       {ASN1_END, 0, 0, 0},
+};*/
+
 /**
  *  Public exponent to use for key generation.
  */
@@ -57,6 +72,11 @@ struct private_rsa_private_key_t {
        rsa_private_key_t public;
        
        /**
+        * Version of key, as encoded in PKCS#1
+        */
+       u_int version;
+       
+       /**
         * Is the key already set ?
         */
        bool is_key_set;
index 3e2c938..51efa2b 100644 (file)
@@ -51,7 +51,7 @@ struct private_logger_t {
        /**
         * Detail-level of logger.
         */
-       logger_level_t level;
+       log_level_t level;
        /**
         * Name of logger.
         */
@@ -72,13 +72,13 @@ struct private_logger_t {
         * 
         * @warning: buffer must be at least have MAX_LOG size.
         */
-       void (*prepend_prefix) (private_logger_t *this, logger_level_t loglevel, char *string, char *buffer);
+       void (*prepend_prefix) (private_logger_t *this, log_level_t loglevel, char *string, char *buffer);
 };
 
 /**
  * Implementation of private_logger_t.prepend_prefix.
  */
-static void prepend_prefix(private_logger_t *this, logger_level_t loglevel, char *string, char *buffer)
+static void prepend_prefix(private_logger_t *this, log_level_t loglevel, char *string, char *buffer)
 {
        char log_type, log_details;
        if (loglevel & CONTROL)
@@ -138,7 +138,7 @@ static void prepend_prefix(private_logger_t *this, logger_level_t loglevel, char
  *
  * Yes, logg is wrong written :-).
  */
-static void logg(private_logger_t *this, logger_level_t loglevel, char *format, ...)
+static void logg(private_logger_t *this, log_level_t loglevel, char *format, ...)
 {
        if ((this->level & loglevel) == loglevel)
        {
@@ -170,7 +170,7 @@ static void logg(private_logger_t *this, logger_level_t loglevel, char *format,
 /**
  * Implementation of logger_t.log_bytes.
  */
-static void log_bytes(private_logger_t *this, logger_level_t loglevel, char *label, char *bytes, size_t len)
+static void log_bytes(private_logger_t *this, log_level_t loglevel, char *label, char *bytes, size_t len)
 {
        static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
 
@@ -272,7 +272,7 @@ static void log_bytes(private_logger_t *this, logger_level_t loglevel, char *lab
 /**
  * Implementation of logger_t.log_chunk.
  */
-static void log_chunk(logger_t *this, logger_level_t loglevel, char *label, chunk_t chunk)
+static void log_chunk(logger_t *this, log_level_t loglevel, char *label, chunk_t chunk)
 {
        this->log_bytes(this, loglevel, label, chunk.ptr, chunk.len);
 }
@@ -280,7 +280,7 @@ static void log_chunk(logger_t *this, logger_level_t loglevel, char *label, chun
 /**
  * Implementation of logger_t.enable_level.
  */
-static void enable_level(private_logger_t *this, logger_level_t log_level)
+static void enable_level(private_logger_t *this, log_level_t log_level)
 {
        this->level |= log_level;
 }
@@ -288,12 +288,20 @@ static void enable_level(private_logger_t *this, logger_level_t log_level)
 /**
  * Implementation of logger_t.disable_level.
  */
-static void disable_level(private_logger_t *this, logger_level_t log_level)
+static void disable_level(private_logger_t *this, log_level_t log_level)
 {
        this->level &= ~log_level;
 }
 
 /**
+ * Implementation of logger_t.get_level.
+ */
+static log_level_t get_level(private_logger_t *this)
+{
+       return this->level;
+}
+
+/**
  * Implementation of logger_t.destroy.
  */
 static void destroy(private_logger_t *this)
@@ -305,16 +313,17 @@ static void destroy(private_logger_t *this)
 /*
  * Described in header.
  */    
-logger_t *logger_create(char *logger_name, logger_level_t log_level, bool log_thread_id, FILE * output)
+logger_t *logger_create(char *logger_name, log_level_t log_level, bool log_thread_id, FILE * output)
 {
        private_logger_t *this = allocator_alloc_thing(private_logger_t);
        
        /* public functions */
-       this->public.log = (void(*)(logger_t*,logger_level_t,char*,...))logg;
-       this->public.log_bytes = (void(*)(logger_t*, logger_level_t, char*,char*,size_t))log_bytes;
+       this->public.log = (void(*)(logger_t*,log_level_t,char*,...))logg;
+       this->public.log_bytes = (void(*)(logger_t*, log_level_t, char*,char*,size_t))log_bytes;
        this->public.log_chunk = log_chunk;
-       this->public.enable_level = (void(*)(logger_t*,logger_level_t))enable_level;
-       this->public.disable_level = (void(*)(logger_t*,logger_level_t))disable_level;
+       this->public.enable_level = (void(*)(logger_t*,log_level_t))enable_level;
+       this->public.disable_level = (void(*)(logger_t*,log_level_t))disable_level;
+       this->public.get_level = (log_level_t(*)(logger_t*))get_level;
        this->public.destroy = (void(*)(logger_t*))destroy;
 
        /* private functions */
index 52c21e6..bdf5e18 100644 (file)
@@ -28,7 +28,7 @@
 #include <types.h>
 
 
-typedef enum logger_level_t logger_level_t;
+typedef enum log_level_t log_level_t;
 
 /**
  * @brief Log Levels supported by the logger object.
@@ -43,7 +43,7 @@ typedef enum logger_level_t logger_level_t;
  * 
  * @ingroup utils
  */
-enum logger_level_t {
+enum log_level_t {
        /**
         * Control flow.
         */
@@ -107,11 +107,11 @@ struct logger_t {
         * the log is done.
         *
         * @param this          logger_t object
-        * @param loglevel      or'ed set of logger_level_t's
+        * @param loglevel      or'ed set of log_level_t's
         * @param format        printf like format string
         * @param ...           printf like parameters
         */
-       void (*log) (logger_t *this, logger_level_t log_level, char *format, ...);
+       void (*log) (logger_t *this, log_level_t log_level, char *format, ...);
 
        /**
         * @brief Log some bytes, useful for debugging.
@@ -120,12 +120,12 @@ struct logger_t {
         * the log is done.
         *
         * @param this          logger_t object
-        * @param loglevel      or'ed set of logger_level_t's
+        * @param loglevel      or'ed set of log_level_t's
         * @param label         a labeling name, logged with the bytes
         * @param bytes         pointer to the bytes to dump
         * @param len           number of bytes to dump
         */
-       void (*log_bytes) (logger_t *this, logger_level_t loglevel, char *label, char *bytes, size_t len);
+       void (*log_bytes) (logger_t *this, log_level_t loglevel, char *label, char *bytes, size_t len);
 
        /**
         * @brief Log a chunk, useful for debugging.
@@ -134,27 +134,35 @@ struct logger_t {
         * the log is done.
         *
         * @param this          logger_t object
-        * @param loglevel      or'ed set of logger_level_t's
+        * @param loglevel      or'ed set of log_level_t's
         * @param label         a labeling name, logged with the bytes
         * @param chunk         chunk to log
         */
-       void (*log_chunk) (logger_t *this, logger_level_t loglevel, char *label, chunk_t chunk);
+       void (*log_chunk) (logger_t *this, log_level_t loglevel, char *label, chunk_t chunk);
 
        /**
         * @brief Enables a loglevel for the current logger_t object.
         *
-        * @param                       this logger_t object
-        * @param                       log_level loglevel to enable
+        * @param this          logger_t object
+        * @param log_level loglevel to enable
         */
-       void (*enable_level) (logger_t *this, logger_level_t log_level);
+       void (*enable_level) (logger_t *this, log_level_t log_level);
 
        /**
         * @brief Disables a loglevel for the current logger_t object.
         *
-        * @param                       this logger_t object
-        * @param                       log_level loglevel to enable
+        * @param this          logger_t object
+        * @param log_level loglevel to enable
+        */
+       void (*disable_level) (logger_t *this, log_level_t log_level);
+
+       /**
+        * @brief Get the currently used loglevel.
+        *
+        * @param this          logger_t object
+        * @return                      currently used loglevel
         */
-       void (*disable_level) (logger_t *this, logger_level_t log_level);
+       log_level_t (*get_level) (logger_t *this);
 
        /**
         * @brief Destroys a logger_t object.
@@ -175,7 +183,7 @@ struct logger_t {
  * 
  * @ingroup utils
  */
-logger_t *logger_create(char *logger_name, logger_level_t log_level, bool log_thread_id, FILE * output);
+logger_t *logger_create(char *logger_name, log_level_t log_level, bool log_thread_id, FILE * output);
 
 
 #endif /*LOGGER_H_*/
index fe8ae9b..ad7a031 100644 (file)
  */
 mapping_t logger_context_t_mappings[] = {
        {PARSER, "PARSER"},
-       {GENERATOR, "GENRAT"},
+       {GENERATOR, "GENERATOR"},
        {IKE_SA, "IKE_SA"},
-       {IKE_SA_MANAGER, "ISAMGR"},
-       {CHILD_SA, "CHLDSA"},
-       {MESSAGE, "MESSAG"},
-       {THREAD_POOL, "THPOOL"},
+       {IKE_SA_MANAGER, "IKE_SA_MANAGER"},
+       {CHILD_SA, "CHILD_SA"},
+       {MESSAGE, "MESSAGE"},
+       {THREAD_POOL, "THREAD_POOL"},
        {WORKER, "WORKER"},
-       {SCHEDULER, "SCHEDU"},
+       {SCHEDULER, "SCHEDULER"},
        {SENDER, "SENDER"},
-       {RECEIVER, "RECEVR"},
+       {RECEIVER, "RECEIVER"},
        {SOCKET, "SOCKET"},
        {TESTER, "TESTER"},
        {DAEMON, "DAEMON"},
        {CONFIG, "CONFIG"},
-       {ENCRYPTION_PAYLOAD, "ENCPLD"},
+       {ENCRYPTION_PAYLOAD, "ENCRYPTION_PAYLOAD"},
+       {PAYLOAD, "PAYLOAD"},
        {MAPPING_END, NULL},
 };
 
-/** 
- * Maximum length of a logger name in bytes.
- */
-#define MAX_LOGGER_NAME 45
+struct {
+       char *name;
+       log_level_t level;
+       bool log_thread_ids;
+       FILE *output;
+} logger_defaults[] = {
+       { "PARSR", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* PARSER */
+       { "GNRAT", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* GENERATOR */
+       { "IKESA", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* IKE_SA */
+       { "SAMGR", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* IKE_SA_MANAGER */
+       { "CHDSA", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* CHILD_SA */
+       { "MESSG", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* MESSAGE */
+       { "TPOOL", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* THREAD_POOL */
+       { "WORKR", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* WORKER */
+       { "SCHED", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* SCHEDULER */
+       { "SENDR", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* SENDER */
+       { "RECVR", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* RECEIVER */
+       { "SOCKT", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* SOCKET */
+       { "TESTR", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* TESTER */
+       { "DAEMN", ERROR|CONTROL|AUDIT|LEVEL0,  FALSE, NULL}, /* DAEMON */
+       { "CONFG", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* CONFIG */
+       { "ENCPL", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* ENCRYPTION_PAYLOAD */
+       { "PAYLD", ERROR|CONTROL|AUDIT|LEVEL0,  TRUE,  NULL}, /* PAYLOAD */
+};
 
 
 typedef struct private_logger_manager_t private_logger_manager_t;
@@ -69,372 +90,78 @@ struct private_logger_manager_t {
        logger_manager_t public;
 
        /**
-        * List of managed loggers.
-        */
-       linked_list_t *loggers;
-       
-       /**
-        * Log Levels.
-        */
-       linked_list_t *logger_levels;
-       
-       /**
-        * Used to manage logger list.
-        */
-       pthread_mutex_t mutex;
-       
-       /**
-        * Default logger level for a created logger used 
-        * if no specific logger_level is set.
+        * Array of loggers, one for each context
         */
-       logger_level_t default_log_level;
-       
-       /**
-        * Sets set logger_level of a specific context.
-        * 
-        * @param this                  calling object
-        * @param context               context to set level
-        * @param logger_level  logger_level to set
-        * @param enable                enable specific level or disable it
-        */
-       void (*set_logger_level) (private_logger_manager_t *this, 
-                                                         logger_context_t context,
-                                                         logger_level_t logger_level,
-                                                         bool enable);
+       logger_t *loggers[LOGGER_CONTEXT_ROOF];
        
 };
 
-
-typedef struct logger_levels_entry_t logger_levels_entry_t;
-
-/**
- * Entry in the logger_levels linked list.
- * 
- * This entry specifies the current log level for 
- * logger_t objects in specific context.
- */
-struct logger_levels_entry_t {
-       /**
-        * Logger context.
-        */
-       logger_context_t context;
-       
-       /**
-        * Logger level of logger context.
-        */
-       logger_level_t level;
-};
-
-
-typedef struct loggers_entry_t loggers_entry_t;
-
-/**
- * Entry in the loggers linked list.
- * 
- * @todo Replace loggers_entry_t with logger_t and add get_context() function to logger_t class.
- */
-struct loggers_entry_t {
-       /**
-        * Logger context.
-        */
-       logger_context_t context;
-       /**
-        * Assigned logger
-        */
-       logger_t *logger;
-};
-
-/**
- * Implementation of logger_manager_t.create_logger.
- */
-static logger_t *create_logger(private_logger_manager_t *this, logger_context_t context, char * name)
-{
-       
-       char * context_name;
-       bool log_thread_ids = TRUE;
-       FILE * output = NULL;
-       char buffer[MAX_LOGGER_NAME];
-       loggers_entry_t *entry;
-       logger_t *logger;
-       logger_level_t logger_level = 0;
-       
-       context_name = mapping_find(logger_context_t_mappings,context);
-       
-       /* output to stdout, since we are debugging all days */
-       output = LOG_OUTPUT;
-       
-       /* defaults */
-       log_thread_ids = FALSE;
-       logger_level = this->public.get_logger_level(&(this->public), context);
-
-       switch(context)
-       {
-               case TESTER:
-                       output = stdout;
-                       break;
-               case IKE_SA_MANAGER:
-                       log_thread_ids = TRUE;
-                       break;
-               case IKE_SA:
-                       log_thread_ids = TRUE;
-                       break;
-               case CHILD_SA:
-                       log_thread_ids = TRUE;
-                       break;
-               case CONFIG:
-                       log_thread_ids = TRUE;
-                       break;
-               case MESSAGE:
-                       log_thread_ids = TRUE;
-                       break;
-               case ENCRYPTION_PAYLOAD:
-                       log_thread_ids = TRUE;
-                       break;
-               case GENERATOR:
-                       log_thread_ids = TRUE;
-                       break;
-               case PARSER:
-                       log_thread_ids = TRUE;
-                       break;
-               case WORKER:
-                       log_thread_ids = TRUE;
-                       break;
-               case THREAD_POOL:
-                       break;
-               case SCHEDULER:
-                       break;
-               case SENDER:
-                       break;
-               case RECEIVER:
-                       break;
-               case SOCKET:
-                       break;
-               case DAEMON:
-                       break;
-       }
-       
-       /* logger manager is thread save */
-       pthread_mutex_lock(&(this->mutex));
-       if (name != NULL)
-       {
-               snprintf(buffer, MAX_LOGGER_NAME, "%s - %s",context_name,name);
-                       /* create logger with default log_level */
-               logger = logger_create(buffer,logger_level,log_thread_ids,output);
-       }
-       else
-       {
-               logger = logger_create(context_name,logger_level,log_thread_ids,output);
-       }
-       
-
-       entry = allocator_alloc_thing(loggers_entry_t);
-
-       entry->context = context;
-       entry->logger = logger;
-
-       this->loggers->insert_last(this->loggers,entry);
-
-       pthread_mutex_unlock(&(this->mutex));
-       return logger;
-       
-}
-
 /**
- * Implementation of logger_manager_t.get_logger_level.
+ * Implementation of logger_manager_t.get_logger.
  */
-static logger_level_t get_logger_level (private_logger_manager_t *this, logger_context_t context)
+static logger_t *get_logger(private_logger_manager_t *this, logger_context_t context)
 {
-       iterator_t *iterator;
-       /* set logger_level to default logger_level */
-       logger_level_t logger_level = this->default_log_level;
-
-       pthread_mutex_lock(&(this->mutex));
-
-       iterator = this->logger_levels->create_iterator(this->logger_levels,TRUE);
-       /* check for existing logger_level entry */
-       while (iterator->has_next(iterator))
-       {
-               logger_levels_entry_t * entry;
-               iterator->current(iterator,(void **)&entry);
-               if (entry->context == context)
-               {
-                       logger_level = entry->level;
-                       break;
-               }
-       }
-       iterator->destroy(iterator);
-
-       pthread_mutex_unlock(&(this->mutex));
-       return logger_level;
+       return this->loggers[context];
 }
 
 /**
- * Implementation of logger_manager_t.destroy_logger.
+ * Implementation of logger_manager_t.get_log_level.
  */
-static void destroy_logger(private_logger_manager_t *this,logger_t *logger)
+static log_level_t get_log_level (private_logger_manager_t *this, logger_context_t context)
 {
-       iterator_t *iterator;
-       
-       pthread_mutex_lock(&(this->mutex));
-       
-       iterator = this->loggers->create_iterator(this->loggers,TRUE);
-       while (iterator->has_next(iterator))
-       {
-               loggers_entry_t * entry;
-               iterator->current(iterator,(void **)&entry);
-               if (entry->logger == logger)
-               {
-                       iterator->remove(iterator);
-                       allocator_free(entry);
-                       logger->destroy(logger);
-                       break; 
-               }
-       }
-       iterator->destroy(iterator);
-       pthread_mutex_unlock(&(this->mutex));
+       return this->loggers[context]->get_level(this->loggers[context]);
 }
 
 /**
- * Implementation of private_logger_manager_t.set_logger_level.
+ * Implementation of private_logger_manager_t.enable_log_level.
  */
-static void set_logger_level(private_logger_manager_t *this, logger_context_t context,logger_level_t logger_level,bool enable)
+static void enable_log_level(private_logger_manager_t *this, logger_context_t context, log_level_t level)
 {
-       iterator_t *iterator;
-       bool found = FALSE;
-       
-       pthread_mutex_lock(&(this->mutex));
-       iterator = this->logger_levels->create_iterator(this->logger_levels,TRUE);
-
-       /* find existing logger_level entry */
-       while (iterator->has_next(iterator))
-       {       
-               logger_levels_entry_t * entry;
-               iterator->current(iterator,(void **)&entry);
-               if (entry->context == context)
-               {
-                       if (enable)
-                       {
-                               entry->level |= logger_level;
-                       }
-                       else
-                       {
-                               entry->level &= ~logger_level;
-                       }
-                       found = TRUE;
-                       break; 
-               }
-       }
-       iterator->destroy(iterator);
-       
-       if (!found)
-       {
-               /* logger_levels entry not existing for current context */
-               logger_levels_entry_t *entry = allocator_alloc_thing(logger_levels_entry_t);
-
-               entry->context = context;
-               entry->level =  (enable) ? logger_level : (this->default_log_level & (~logger_level));
-
-               this->logger_levels->insert_last(this->logger_levels,entry);
-       }
-       
-       iterator = this->loggers->create_iterator(this->loggers,TRUE);
-       while (iterator->has_next(iterator))
-       {
-               loggers_entry_t * entry;
-               iterator->current(iterator,(void **)&entry);
-
-               if (entry->context == context)
-               {
-                       if (enable)
-                       {
-                               entry->logger->enable_level(entry->logger,logger_level);
-                       }
-                       else
-                       {
-                               entry->logger->disable_level(entry->logger,logger_level);
-                       }
-                       
-               }
-       }
-       iterator->destroy(iterator);
-       
-       pthread_mutex_unlock(&(this->mutex));
+       this->loggers[context]->enable_level(this->loggers[context], level);
 }
 
 /**
- * Implementation of logger_manager_t.enable_logger_level.
+ * Implementation of private_logger_manager_t.disable_log_level.
  */
-static void enable_logger_level(private_logger_manager_t *this, logger_context_t context,logger_level_t logger_level)
+static void disable_log_level(private_logger_manager_t *this, logger_context_t context, log_level_t level)
 {
-       return set_logger_level(this,context,logger_level,TRUE);
+       this->loggers[context]->disable_level(this->loggers[context], level);
 }
 
-/**
- * Implementation of logger_manager_t.disable_logger_level.
- */
-static void disable_logger_level(private_logger_manager_t *this, logger_context_t context,logger_level_t logger_level)
-{
-       return set_logger_level(this,context,logger_level,FALSE);
-}
 
 /**
  * Implementation of logger_manager_t.destroy.
  */
 static void destroy(private_logger_manager_t *this)
 {
-
-       while (this->loggers->get_count(this->loggers) > 0)
-       {
-               loggers_entry_t *current_entry;
-               
-               this->loggers->remove_first(this->loggers,(void **)&current_entry);
-               
-               /* destroy logger object */
-               current_entry->logger->destroy(current_entry->logger);
-               
-               /* entry can be destroyed */
-               allocator_free(current_entry);  
-       }
-       
-       while (this->logger_levels->get_count(this->logger_levels) > 0)
+       int i;
+       for (i = 0; i < LOGGER_CONTEXT_ROOF; i++)
        {
-               logger_levels_entry_t *current_entry;
-               
-               this->logger_levels->remove_first(this->logger_levels,(void **)&current_entry);
-               
-               /* entry can be destroyed */
-               allocator_free(current_entry);
+               this->loggers[i]->destroy(this->loggers[i]);
        }
-       
-       this->loggers->destroy(this->loggers);
-       this->logger_levels->destroy(this->logger_levels);
-       pthread_mutex_destroy(&(this->mutex));
-       
        allocator_free(this);
 }
 
 /*
  * Described in header.
  */
-logger_manager_t *logger_manager_create(logger_level_t default_log_level)
+logger_manager_t *logger_manager_create(log_level_t default_log_level)
 {
        private_logger_manager_t *this = allocator_alloc_thing(private_logger_manager_t);
+       int i;
        
-       this->public.create_logger = (logger_t *(*)(logger_manager_t*,logger_context_t context, char *))create_logger;
-       this->public.destroy_logger = (void(*)(logger_manager_t*,logger_t *logger))destroy_logger;
+       this->public.get_logger = (logger_t *(*)(logger_manager_t*,logger_context_t context))get_logger;
+       this->public.get_log_level = (log_level_t (*)(logger_manager_t *, logger_context_t)) get_log_level;
+       this->public.enable_log_level = (void (*)(logger_manager_t *, logger_context_t, log_level_t)) enable_log_level;
+       this->public.disable_log_level = (void (*)(logger_manager_t *, logger_context_t, log_level_t)) disable_log_level;
        this->public.destroy = (void(*)(logger_manager_t*))destroy;
-       this->public.get_logger_level = (logger_level_t (*)(logger_manager_t *, logger_context_t)) get_logger_level;
-       this->public.enable_logger_level = (void (*)(logger_manager_t *, logger_context_t,logger_level_t)) enable_logger_level;
-       this->public.disable_logger_level = (void (*)(logger_manager_t *, logger_context_t,logger_level_t)) disable_logger_level;
-       this->set_logger_level = (void (*)(private_logger_manager_t *, logger_context_t,logger_level_t,bool)) set_logger_level;
        
-       /* private variables */
-       this->loggers = linked_list_create();
-       this->logger_levels = linked_list_create();
-       this->default_log_level = default_log_level;
+       for (i = 0; i < LOGGER_CONTEXT_ROOF; i++)
+       {
+               this->loggers[i] = logger_create(logger_defaults[i].name, logger_defaults[i].level, 
+                                                                                logger_defaults[i].log_thread_ids, logger_defaults[i].output);
+       }
        
-       pthread_mutex_init(&(this->mutex), NULL);
-
-       return (logger_manager_t*)this;
+       return &this->public;
 }
 
index f160c0c..475fdc9 100644 (file)
@@ -36,7 +36,7 @@ typedef enum logger_context_t logger_context_t;
  * @ingroup utils
  */
 enum logger_context_t {
-       PARSER,
+       PARSER = 0,
        GENERATOR,
        IKE_SA,
        IKE_SA_MANAGER,
@@ -52,6 +52,8 @@ enum logger_context_t {
        DAEMON,
        CONFIG,
        ENCRYPTION_PAYLOAD,
+       PAYLOAD,
+       LOGGER_CONTEXT_ROOF,
 };
 
 
@@ -69,23 +71,12 @@ typedef struct logger_manager_t logger_manager_t;
  * 
  * @see logger_t
  * 
- * @todo We currently give out a new instance for every logger requested.
- * This is unnecessary. One logger for each class would be sufficient.
- * 
- * @todo We could remove logger naming (additional to classes), since we have
- * never used it (and probably never will).
- * 
  * @ingroup utils
  */
 struct logger_manager_t {
        
        /**
         * @brief Gets a logger_t object for a specific logger context.
-        * 
-        * @warning Objects of type logger_t which are not destroyed over function
-        * #logger_manager_t.destroy_logger are destroyed in logger_managers 
-        * destroy function. Don't use logger_t's own destroy function with 
-        * managed logger_t objects.
         *
         * @param this                  logger_manager_t object
         * @param context               logger_context to use the logger for
@@ -93,37 +84,25 @@ struct logger_manager_t {
         *                                              and has not to be specified (so NULL is allowed)
         * @return                              logger_t object
         */
-       logger_t *(*create_logger) (logger_manager_t *this, logger_context_t context, char *name);
-       
-       /**
-        * @brief Destroys a logger_t object which is not used anymore.
-        * 
-        * Objects of type logger_t which are not destroyed over function
-        * #logger_manager_t.destroy_logger are destroyed in logger_managers 
-        * destroy function.
-        *
-        * @param this          logger_manager_t object
-        * @param logger        pointer to the logger which has to be destroyed
-        */
-       void (*destroy_logger) (logger_manager_t *this,logger_t *logger);
+       logger_t *(*get_logger) (logger_manager_t *this, logger_context_t context);
        
        /**
-        * Returns the set logger_level of a specific context or 0.
+        * Returns the set log_level of a specific context or 0.
         * 
         * @param this                  calling object
         * @param context               context to check level
-        * @return                              logger_level for the given logger_context
+        * @return                              log_level for the given logger_context
         */
-       logger_level_t (*get_logger_level) (logger_manager_t *this, logger_context_t context);
+       log_level_t (*get_log_level) (logger_manager_t *this, logger_context_t context);
        
        /**
         * Enables a logger level of a specific context.
         * 
         * @param this                  calling object
         * @param context               context to set level
-        * @param logger_level  logger level to eanble
+        * @param log_level     logger level to eanble
         */
-       void (*enable_logger_level) (logger_manager_t *this, logger_context_t context,logger_level_t logger_level);
+       void (*enable_log_level) (logger_manager_t *this, logger_context_t context,log_level_t log_level);
                
 
        /**
@@ -131,9 +110,9 @@ struct logger_manager_t {
         * 
         * @param this                  calling object
         * @param context               context to set level
-        * @param logger_level  logger level to disable
+        * @param log_level     logger level to disable
         */
-       void (*disable_logger_level) (logger_manager_t *this, logger_context_t context,logger_level_t logger_level);
+       void (*disable_log_level) (logger_manager_t *this, logger_context_t context,log_level_t log_level);
 
 
        /**
@@ -154,7 +133,7 @@ struct logger_manager_t {
  * 
  * @ingroup utils
  */
-logger_manager_t *logger_manager_create(logger_level_t default_log_level);
+logger_manager_t *logger_manager_create(log_level_t default_log_level);
 
 
 #endif /*LOGGER_MANAGER_H_*/