summaryrefslogtreecommitdiff
path: root/src/libsimaka/simaka_message.c
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2012-06-28 21:16:07 +0200
committerYves-Alexis Perez <corsac@corsac.net>2012-06-28 21:16:07 +0200
commitb34738ed08c2227300d554b139e2495ca5da97d6 (patch)
tree62f33b52820f2e49f0e53c0f8c636312037c8054 /src/libsimaka/simaka_message.c
parent0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff)
downloadvyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.tar.gz
vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.zip
Imported Upstream version 4.6.4
Diffstat (limited to 'src/libsimaka/simaka_message.c')
-rw-r--r--src/libsimaka/simaka_message.c169
1 files changed, 86 insertions, 83 deletions
diff --git a/src/libsimaka/simaka_message.c b/src/libsimaka/simaka_message.c
index 3a8f4beaf..a5754b985 100644
--- a/src/libsimaka/simaka_message.c
+++ b/src/libsimaka/simaka_message.c
@@ -15,6 +15,11 @@
#include "simaka_message.h"
+#include "simaka_manager.h"
+
+#include <debug.h>
+#include <utils/linked_list.h>
+
typedef struct private_simaka_message_t private_simaka_message_t;
typedef struct hdr_t hdr_t;
typedef struct attr_hdr_t attr_hdr_t;
@@ -134,9 +139,9 @@ ENUM(simaka_client_error_names, SIM_UNABLE_TO_PROCESS, SIM_RANDS_NOT_FRESH,
*/
bool simaka_attribute_skippable(simaka_attribute_t attribute)
{
- bool skippable = !(attribute >= 0 && attribute <= 127);
+ bool skippable = !((int)attribute >= 0 && attribute <= 127);
- DBG1(DBG_IKE, "%sskippable EAP-SIM/AKA attribute %N",
+ DBG1(DBG_LIB, "%sskippable EAP-SIM/AKA attribute %N",
skippable ? "ignoring " : "found non-",
simaka_attribute_names, attribute);
return skippable;
@@ -193,34 +198,26 @@ struct private_simaka_message_t {
chunk_t iv;
};
-/**
- * Implementation of simaka_message_t.is_request
- */
-static bool is_request(private_simaka_message_t *this)
+METHOD(simaka_message_t, is_request, bool,
+ private_simaka_message_t *this)
{
return this->hdr->code == EAP_REQUEST;
}
-/**
- * Implementation of simaka_message_t.get_identifier
- */
-static u_int8_t get_identifier(private_simaka_message_t *this)
+METHOD(simaka_message_t, get_identifier, u_int8_t,
+ private_simaka_message_t *this)
{
return this->hdr->identifier;
}
-/**
- * Implementation of simaka_message_t.get_subtype
- */
-static simaka_subtype_t get_subtype(private_simaka_message_t *this)
+METHOD(simaka_message_t, get_subtype, simaka_subtype_t,
+ private_simaka_message_t *this)
{
return this->hdr->subtype;
}
-/**
- * Implementation of simaka_message_t.get_type
- */
-static eap_type_t get_type(private_simaka_message_t *this)
+METHOD(simaka_message_t, get_type, eap_type_t,
+ private_simaka_message_t *this)
{
return this->hdr->type;
}
@@ -238,21 +235,16 @@ static bool attr_enum_filter(void *null, attr_t **in, simaka_attribute_t *type,
return TRUE;
}
-/**
- * Implementation of simaka_message_t.create_attribute_enumerator
- */
-static enumerator_t* create_attribute_enumerator(private_simaka_message_t *this)
+METHOD(simaka_message_t, create_attribute_enumerator, enumerator_t*,
+ private_simaka_message_t *this)
{
return enumerator_create_filter(
this->attributes->create_enumerator(this->attributes),
(void*)attr_enum_filter, NULL, NULL);
}
-/**
- * Implementation of simaka_message_t.add_attribute
- */
-static void add_attribute(private_simaka_message_t *this,
- simaka_attribute_t type, chunk_t data)
+METHOD(simaka_message_t, add_attribute, void,
+ private_simaka_message_t *this, simaka_attribute_t type, chunk_t data)
{
attr_t *attr;
@@ -269,7 +261,7 @@ static void add_attribute(private_simaka_message_t *this,
*/
static bool not_encrypted(simaka_attribute_t type)
{
- DBG1(DBG_IKE, "received unencrypted %N", simaka_attribute_names, type);
+ DBG1(DBG_LIB, "received unencrypted %N", simaka_attribute_names, type);
return FALSE;
}
@@ -278,11 +270,33 @@ static bool not_encrypted(simaka_attribute_t type)
*/
static bool invalid_length(simaka_attribute_t type)
{
- DBG1(DBG_IKE, "invalid length of %N", simaka_attribute_names, type);
+ DBG1(DBG_LIB, "invalid length of %N", simaka_attribute_names, type);
return FALSE;
}
/**
+ * Call SIM/AKA message hooks
+ */
+static void call_hook(private_simaka_message_t *this,
+ bool inbound, bool decrypted)
+{
+ simaka_manager_t *mgr;
+
+ switch (this->hdr->type)
+ {
+ case EAP_SIM:
+ mgr = lib->get(lib, "sim-manager");
+ break;
+ case EAP_AKA:
+ mgr = lib->get(lib, "aka-manager");
+ break;
+ default:
+ return;
+ }
+ mgr->message_hook(mgr, &this->public, inbound, decrypted);
+}
+
+/**
* Parse attributes from a chunk of data
*/
static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
@@ -294,7 +308,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
if (in.len < sizeof(attr_hdr_t))
{
- DBG1(DBG_IKE, "found short %N attribute header",
+ DBG1(DBG_LIB, "found short %N attribute header",
eap_type_names, this->hdr->type);
return FALSE;
}
@@ -450,7 +464,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
}
else if (!this->encrypted)
{
- DBG1(DBG_IKE, "found P-bit 0 notify in unencrypted message");
+ DBG1(DBG_LIB, "found P-bit 0 notify in unencrypted message");
return FALSE;
}
/* FALL */
@@ -460,7 +474,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
}
}
- charon->sim->message_hook(charon->sim, &this->public, TRUE, this->encrypted);
+ call_hook(this, TRUE, this->encrypted);
return TRUE;
}
@@ -481,7 +495,7 @@ static bool decrypt(private_simaka_message_t *this)
}
if (this->encr.len % crypter->get_block_size(crypter))
{
- DBG1(DBG_IKE, "%N ENCR_DATA not a multiple of block size",
+ DBG1(DBG_LIB, "%N ENCR_DATA not a multiple of block size",
eap_type_names, this->hdr->type);
return FALSE;
}
@@ -495,10 +509,8 @@ static bool decrypt(private_simaka_message_t *this)
return success;
}
-/**
- * Implementation of simaka_message_t.parse
- */
-static bool parse(private_simaka_message_t *this)
+METHOD(simaka_message_t, parse, bool,
+ private_simaka_message_t *this)
{
chunk_t in;
@@ -516,10 +528,8 @@ static bool parse(private_simaka_message_t *this)
return decrypt(this);
}
-/**
- * Implementation of simaka_message_t.verify
- */
-static bool verify(private_simaka_message_t *this, chunk_t sigdata)
+METHOD(simaka_message_t, verify, bool,
+ private_simaka_message_t *this, chunk_t sigdata)
{
chunk_t data, backup;
signer_t *signer;
@@ -543,7 +553,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
{
if (!this->mac.ptr || !signer)
{ /* require MAC, but not found */
- DBG1(DBG_IKE, "%N message requires a MAC, but none found",
+ DBG1(DBG_LIB, "%N message requires a MAC, but none found",
simaka_subtype_names, this->hdr->subtype);
return FALSE;
}
@@ -558,7 +568,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
}
if (!this->mac.ptr || !signer)
{
- DBG1(DBG_IKE, "%N message has a phase 0 notify, but "
+ DBG1(DBG_LIB, "%N message has a phase 0 notify, but "
"no MAC found", simaka_subtype_names, this->hdr->subtype);
return FALSE;
}
@@ -566,7 +576,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
}
default:
/* unknown message? */
- DBG1(DBG_IKE, "signature rule for %N messages missing",
+ DBG1(DBG_LIB, "signature rule for %N messages missing",
simaka_subtype_names, this->hdr->subtype);
return FALSE;
}
@@ -582,17 +592,15 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
}
if (!signer->verify_signature(signer, data, backup))
{
- DBG1(DBG_IKE, "%N MAC verification failed",
+ DBG1(DBG_LIB, "%N MAC verification failed",
eap_type_names, this->hdr->type);
return FALSE;
}
return TRUE;
}
-/**
- * Implementation of simaka_message_t.generate
- */
-static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
+METHOD(simaka_message_t, generate, chunk_t,
+ private_simaka_message_t *this, chunk_t sigdata)
{
/* buffers large enough for messages we generate */
char out_buf[1024], encr_buf[512];
@@ -603,7 +611,7 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
u_int16_t len;
signer_t *signer;
- charon->sim->message_hook(charon->sim, &this->public, FALSE, TRUE);
+ call_hook(this, FALSE, TRUE);
out = chunk_create(out_buf, sizeof(out_buf));
encr = chunk_create(encr_buf, sizeof(encr_buf));
@@ -723,7 +731,7 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
}
default:
{
- DBG1(DBG_IKE, "no rule to encode %N, skipped",
+ DBG1(DBG_LIB, "no rule to encode %N, skipped",
simaka_attribute_names, type);
break;
}
@@ -817,15 +825,13 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
signer->get_signature(signer, data, mac.ptr);
}
- charon->sim->message_hook(charon->sim, &this->public, FALSE, FALSE);
+ call_hook(this, FALSE, FALSE);
- return eap_payload_create_data(out);
+ return chunk_clone(out);
}
-/**
- * Implementation of simaka_message_t.destroy.
- */
-static void destroy(private_simaka_message_t *this)
+METHOD(simaka_message_t, destroy, void,
+ private_simaka_message_t *this)
{
this->attributes->destroy_function(this->attributes, free);
free(this->hdr);
@@ -843,43 +849,40 @@ static simaka_message_t *simaka_message_create_data(chunk_t data,
if (data.len < sizeof(hdr_t) || hdr->length != htons(data.len))
{
- DBG1(DBG_IKE, "EAP-SIM/AKA header has invalid length");
+ DBG1(DBG_LIB, "EAP-SIM/AKA header has invalid length");
return NULL;
}
if (hdr->code != EAP_REQUEST && hdr->code != EAP_RESPONSE)
{
- DBG1(DBG_IKE, "invalid EAP code in EAP-SIM/AKA message",
+ DBG1(DBG_LIB, "invalid EAP code in EAP-SIM/AKA message",
eap_type_names, hdr->type);
return NULL;
}
if (hdr->type != EAP_SIM && hdr->type != EAP_AKA)
{
- DBG1(DBG_IKE, "invalid EAP type in EAP-SIM/AKA message",
+ DBG1(DBG_LIB, "invalid EAP type in EAP-SIM/AKA message",
eap_type_names, hdr->type);
return NULL;
}
- this = malloc_thing(private_simaka_message_t);
-
- this->public.is_request = (bool(*)(simaka_message_t*))is_request;
- this->public.get_identifier = (u_int8_t(*)(simaka_message_t*))get_identifier;
- this->public.get_type = (eap_type_t(*)(simaka_message_t*))get_type;
- this->public.get_subtype = (simaka_subtype_t(*)(simaka_message_t*))get_subtype;
- this->public.create_attribute_enumerator = (enumerator_t*(*)(simaka_message_t*))create_attribute_enumerator;
- this->public.add_attribute = (void(*)(simaka_message_t*, simaka_attribute_t type, chunk_t data))add_attribute;
- this->public.parse = (bool(*)(simaka_message_t*))parse;
- this->public.verify = (bool(*)(simaka_message_t*, chunk_t sigdata))verify;
- this->public.generate = (eap_payload_t*(*)(simaka_message_t*, chunk_t sigdata))generate;
- this->public.destroy = (void(*)(simaka_message_t*))destroy;
-
- this->attributes = linked_list_create();
- this->encrypted = FALSE;
- this->crypto = crypto;
- this->p_bit = TRUE;
- this->mac = chunk_empty;
- this->encr = chunk_empty;
- this->iv = chunk_empty;
- this->hdr = malloc(data.len);
+ INIT(this,
+ .public = {
+ .is_request = _is_request,
+ .get_identifier = _get_identifier,
+ .get_type = _get_type,
+ .get_subtype = _get_subtype,
+ .create_attribute_enumerator = _create_attribute_enumerator,
+ .add_attribute = _add_attribute,
+ .parse = _parse,
+ .verify = _verify,
+ .generate = _generate,
+ .destroy = _destroy,
+ },
+ .attributes = linked_list_create(),
+ .crypto = crypto,
+ .p_bit = TRUE,
+ .hdr = malloc(data.len),
+ );
memcpy(this->hdr, hdr, data.len);
return &this->public;
@@ -888,10 +891,10 @@ static simaka_message_t *simaka_message_create_data(chunk_t data,
/**
* See header.
*/
-simaka_message_t *simaka_message_create_from_payload(eap_payload_t *payload,
+simaka_message_t *simaka_message_create_from_payload(chunk_t data,
simaka_crypto_t *crypto)
{
- return simaka_message_create_data(payload->get_data(payload), crypto);
+ return simaka_message_create_data(data, crypto);
}
/**