Annotation of embedaddon/strongswan/src/libcharon/encoding/message.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2006-2014 Tobias Brunner
3: * Copyright (C) 2005-2009 Martin Willi
4: * Copyright (C) 2006 Daniel Roethlisberger
5: * Copyright (C) 2005 Jan Hutter
6: * HSR Hochschule fuer Technik Rapperswil
7: *
8: * This program is free software; you can redistribute it and/or modify it
9: * under the terms of the GNU General Public License as published by the
10: * Free Software Foundation; either version 2 of the License, or (at your
11: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12: *
13: * This program is distributed in the hope that it will be useful, but
14: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16: * for more details.
17: */
18:
19: /**
20: * @defgroup message message
21: * @{ @ingroup encoding
22: */
23:
24: #ifndef MESSAGE_H_
25: #define MESSAGE_H_
26:
27: typedef struct message_t message_t;
28:
29: #include <library.h>
30: #include <encoding/payloads/ike_header.h>
31: #include <encoding/payloads/notify_payload.h>
32: #include <sa/keymat.h>
33: #include <sa/ike_sa_id.h>
34: #include <networking/packet.h>
35: #include <collections/linked_list.h>
36:
37: /**
38: * This class is used to represent an IKE-Message.
39: *
40: * The message handles parsing and generation of payloads
41: * via parser_t/generator_t. Encryption is done transparently
42: * via the encrypted_payload_t. A set of rules for messages
43: * and payloads does check parsed messages.
44: */
45: struct message_t {
46:
47: /**
48: * Sets the IKE major version of the message.
49: *
50: * @param major_version major version to set
51: */
52: void (*set_major_version) (message_t *this, uint8_t major_version);
53:
54: /**
55: * Gets the IKE major version of the message.
56: *
57: * @return major version of the message
58: */
59: uint8_t (*get_major_version) (message_t *this);
60:
61: /**
62: * Sets the IKE minor version of the message.
63: *
64: * @param minor_version minor version to set
65: */
66: void (*set_minor_version) (message_t *this, uint8_t minor_version);
67:
68: /**
69: * Gets the IKE minor version of the message.
70: *
71: * @return minor version of the message
72: */
73: uint8_t (*get_minor_version) (message_t *this);
74:
75: /**
76: * Sets the Message ID of the message.
77: *
78: * @param message_id message_id to set
79: */
80: void (*set_message_id) (message_t *this, uint32_t message_id);
81:
82: /**
83: * Gets the Message ID of the message.
84: *
85: * @return message_id type of the message
86: */
87: uint32_t (*get_message_id) (message_t *this);
88:
89: /**
90: * Gets the initiator SPI of the message.
91: *
92: * @return initiator spi of the message
93: */
94: uint64_t (*get_initiator_spi) (message_t *this);
95:
96: /**
97: * Gets the responder SPI of the message.
98: *
99: * @return responder spi of the message
100: */
101: uint64_t (*get_responder_spi) (message_t *this);
102:
103: /**
104: * Sets the IKE_SA ID of the message.
105: *
106: * ike_sa_id gets cloned.
107: *
108: * @param ike_sa_id ike_sa_id to set
109: */
110: void (*set_ike_sa_id) (message_t *this, ike_sa_id_t *ike_sa_id);
111:
112: /**
113: * Gets the IKE_SA ID of the message.
114: *
115: * The ike_sa_id points to the message internal id, do not modify.
116: *
117: * @return ike_sa_id of message
118: */
119: ike_sa_id_t *(*get_ike_sa_id) (message_t *this);
120:
121: /**
122: * Sets the exchange type of the message.
123: *
124: * @param exchange_type exchange_type to set
125: */
126: void (*set_exchange_type) (message_t *this, exchange_type_t exchange_type);
127:
128: /**
129: * Gets the exchange type of the message.
130: *
131: * @return exchange type of the message
132: */
133: exchange_type_t (*get_exchange_type) (message_t *this);
134:
135: /**
136: * Gets the payload type of the first payload.
137: *
138: * @return payload type of the first payload
139: */
140: payload_type_t (*get_first_payload_type) (message_t *this);
141:
142: /**
143: * Sets the request flag.
144: *
145: * @param request TRUE if message is a request, FALSE if it is a reply
146: */
147: void (*set_request) (message_t *this, bool request);
148:
149: /**
150: * Gets request flag.
151: *
152: * @return TRUE if message is a request, FALSE if it is a reply
153: */
154: bool (*get_request) (message_t *this);
155:
156: /**
157: * Set the version flag in the IKE header.
158: */
159: void (*set_version_flag)(message_t *this);
160:
161: /**
162: * Get a reserved bit in the IKE header.
163: *
164: * @param nr reserved bit to get in IKE header, 0-4
165: * @return TRUE if bit is set
166: */
167: bool (*get_reserved_header_bit)(message_t *this, u_int nr);
168:
169: /**
170: * Set a reserved bit in the IKE header.
171: *
172: * @param nr reserved bit to set in IKE header, 0-4
173: */
174: void (*set_reserved_header_bit)(message_t *this, u_int nr);
175:
176: /**
177: * Append a payload to the message.
178: *
179: * If the payload must be encrypted is not specified here. Encryption
180: * of payloads is evaluated via internal rules for the messages and
181: * is done before generation. The order of payloads may change, since
182: * all payloads to encrypt are added to the encryption payload, which is
183: * always the last one.
184: *
185: * @param payload payload to append
186: */
187: void (*add_payload) (message_t *this, payload_t *payload);
188:
189: /**
190: * Build a notify payload and add it to the message.
191: *
192: * This is a helper method to create notify messages or add
193: * notify payload to messages. The flush parameter specifies if existing
194: * payloads should get removed before appending the notify.
195: *
196: * @param flush TRUE to remove existing payloads
197: * @param type type of the notify
198: * @param data a chunk of data to add to the notify, gets cloned
199: */
200: void (*add_notify) (message_t *this, bool flush, notify_type_t type,
201: chunk_t data);
202:
203: /**
204: * Disable automatic payload sorting for this message.
205: */
206: void (*disable_sort)(message_t *this);
207:
208: /**
209: * Parses header of message.
210: *
211: * Begins parsing of a message created via message_create_from_packet().
212: * The parsing context is stored, so a subsequent call to parse_body()
213: * will continue the parsing process.
214: *
215: * @return
216: * - SUCCESS if header could be parsed
217: * - PARSE_ERROR if corrupted/invalid data found
218: * - FAILED if consistency check of header failed
219: */
220: status_t (*parse_header) (message_t *this);
221:
222: /**
223: * Parses body of message.
224: *
225: * The body gets not only parsed, but rather it gets verified.
226: * All payloads are verified if they are allowed to exist in the message
227: * of this type and if their own structure is ok.
228: * If there are encrypted payloads, they get decrypted and verified using
229: * the given aead transform (if given).
230: *
231: * @param keymat keymat to verify/decrypt message
232: * @return
233: * - SUCCESS if parsing successful
234: * - PARSE_ERROR if message parsing failed
235: * - VERIFY_ERROR if message verification failed (bad syntax)
236: * - FAILED if integrity check failed
237: * - INVALID_STATE if aead not supplied, but needed
238: */
239: status_t (*parse_body) (message_t *this, keymat_t *keymat);
240:
241: /**
242: * Generates the UDP packet of specific message.
243: *
244: * Payloads which must be encrypted are generated first and added to
245: * an encryption payload. This encryption payload will get encrypted and
246: * signed via the supplied aead transform (if given).
247: * Generation is only done once, multiple calls will just return a copy
248: * of the packet.
249: *
250: * @param keymat keymat to encrypt/sign message
251: * @param packet copy of generated packet
252: * @return
253: * - SUCCESS if packet could be generated
254: * - INVALID_STATE if exchange type is currently not set
255: * - NOT_FOUND if no rules found for message generation
256: * - INVALID_STATE if aead not supplied but needed.
257: */
258: status_t (*generate) (message_t *this, keymat_t *keymat, packet_t **packet);
259:
260: /**
261: * Check if the message has already been encoded using generate().
262: *
263: * @return TRUE if message has been encoded
264: */
265: bool (*is_encoded)(message_t *this);
266:
267: /**
268: * Generates the message split into fragments of the given size (total IP
269: * datagram length).
270: *
271: * @param keymat keymat to encrypt/sign message(s)
272: * @param frag_len fragment length (maximum total IP datagram length), 0
273: * for default value depending on address family
274: * @param fragments receives an enumerator with generated packet_t*,
275: * which are owned by the enumerator
276: * @return
277: * - SUCCESS if message could be fragmented
278: * - FAILED if fragmentation failed
279: * - and the possible return values of generate()
280: */
281: status_t (*fragment)(message_t *this, keymat_t *keymat, size_t frag_len,
282: enumerator_t **fragments);
283:
284: /**
285: * Check if the message has been encoded and fragmented using fragment(),
286: * and whether there actually resulted fragments (if not is_encoded() will
287: * be TRUE).
288: *
289: * The packets of individual fragments can be retrieved with
290: * get_fragments().
291: *
292: * @return TRUE if message has been encoded and fragmented
293: */
294: bool (*is_fragmented)(message_t *this);
295:
296: /**
297: * Add a fragment to the message if it was created with
298: * message_create_defrag().
299: *
300: * Once the message is completed it should be processed like any other
301: * inbound message.
302: *
303: * @param fragment fragment to add
304: * @return
305: * - SUCCESS if message was reassembled
306: * - NEED_MORE if not all fragments have yet been received
307: * - FAILED if reassembling failed
308: * - INVALID_ARG if fragment is invalid for some reason
309: * - INVALID_STATE if message was not created using
310: * message_create_defrag()
311: */
312: status_t (*add_fragment)(message_t *this, message_t *fragment);
313:
314: /**
315: * Gets the source host information.
316: *
317: * @warning Returned host_t object is not getting cloned,
318: * do not destroy nor modify.
319: *
320: * @return host_t object representing source host
321: */
322: host_t * (*get_source) (message_t *this);
323:
324: /**
325: * Sets the source host information.
326: *
327: * @warning host_t object is not getting cloned and gets destroyed by
328: * message_t.destroy or next call of message_t.set_source.
329: *
330: * @param host host_t object representing source host
331: */
332: void (*set_source) (message_t *this, host_t *host);
333:
334: /**
335: * Gets the destination host information.
336: *
337: * @warning Returned host_t object is not getting cloned,
338: * do not destroy nor modify.
339: *
340: * @return host_t object representing destination host
341: */
342: host_t * (*get_destination) (message_t *this);
343:
344: /**
345: * Sets the destination host information.
346: *
347: * @warning host_t object is not getting cloned and gets destroyed by
348: * message_t.destroy or next call of message_t.set_destination.
349: *
350: * @param host host_t object representing destination host
351: */
352: void (*set_destination) (message_t *this, host_t *host);
353:
354: /**
355: * Create an enumerator over all payloads.
356: *
357: * @return enumerator over payload_t
358: */
359: enumerator_t * (*create_payload_enumerator) (message_t *this);
360:
361: /**
362: * Remove the payload at the current enumerator position.
363: *
364: * @param enumerator enumerator created by create_payload_enumerator()
365: */
366: void (*remove_payload_at)(message_t *this, enumerator_t *enumerator);
367:
368: /**
369: * Find a payload of a specific type.
370: *
371: * Returns the first occurrence.
372: *
373: * @param type type of the payload to find
374: * @return payload, or NULL if no such payload found
375: */
376: payload_t* (*get_payload) (message_t *this, payload_type_t type);
377:
378: /**
379: * Get the first notify payload of a specific type.
380: *
381: * @param type type of notification payload
382: * @return notify payload, NULL if no such notify found
383: */
384: notify_payload_t* (*get_notify)(message_t *this, notify_type_t type);
385:
386: /**
387: * Returns a clone of the internally stored packet_t object.
388: *
389: * @return packet_t object as clone of internal one
390: */
391: packet_t *(*get_packet) (message_t *this);
392:
393: /**
394: * Returns a chunk pointing to internal packet_t data.
395: *
396: * @return packet data.
397: */
398: chunk_t (*get_packet_data) (message_t *this);
399:
400: /**
401: * Returns internally stored packet_t* objects for each fragment.
402: *
403: * @return enumerator internal packet_t* objects
404: */
405: enumerator_t *(*get_fragments)(message_t *this);
406:
407: /**
408: * Destroys a message and all including objects.
409: */
410: void (*destroy) (message_t *this);
411: };
412:
413: /**
414: * Creates a message_t object from an incoming UDP packet.
415: *
416: * The given packet gets owned by the message. The message is uninitialized,
417: * call parse_header() to populate header fields.
418: *
419: * @param packet packet_t object which is assigned to message
420: * @return message_t object
421: */
422: message_t *message_create_from_packet(packet_t *packet);
423:
424: /**
425: * Creates an empty message_t object for a specific major/minor version.
426: *
427: * - exchange_type is set to NOT_SET
428: * - original_initiator is set to TRUE
429: * - is_request is set to TRUE
430: *
431: * @param major major IKE version of this message
432: * @param minor minor IKE version of this message
433: * @return message_t object
434: */
435: message_t *message_create(int major, int minor);
436:
437: /**
438: * Creates a message_t object that is used to reassemble fragmented messages.
439: *
440: * Use add_fragment() to add fragments.
441: *
442: * @param fragment initial fragment (is not added)
443: * @return message_t object, NULL if fragment is not actually one
444: */
445: message_t *message_create_defrag(message_t *fragment);
446:
447: #endif /** MESSAGE_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>