[BACK]Return to ipseckey.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / ipseckey
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / ipseckey / ipseckey.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:45 2020 UTC (4 years, 5 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

/*
 * Copyright (C) 2012 Reto Guadagnini
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include "ipseckey.h"

#include <library.h>
#include <utils/debug.h>
#include <bio/bio_reader.h>

typedef struct private_ipseckey_t private_ipseckey_t;

/**
* private data of the ipseckey
*/
struct private_ipseckey_t {

	/**
	 * public functions
	 */
	ipseckey_t public;

	/**
	 * Precedence
	 */
	uint8_t precedence;

	/**
	 * Gateway type
	 */
	uint8_t gateway_type;

	/**
	 * Algorithm
	 */
	uint8_t algorithm;

	/**
	 * Gateway
	 */
	chunk_t gateway;

	/**
	 * Public key
	 */
	chunk_t public_key;
};

METHOD(ipseckey_t, get_precedence, uint8_t,
	private_ipseckey_t *this)
{
	return this->precedence;
}

METHOD(ipseckey_t, get_gateway_type, ipseckey_gw_type_t,
	private_ipseckey_t *this)
{
	return this->gateway_type;
}

METHOD(ipseckey_t, get_algorithm, ipseckey_algorithm_t,
	private_ipseckey_t *this)
{
	return this->algorithm;
}

METHOD(ipseckey_t, get_gateway, chunk_t,
	private_ipseckey_t *this)
{
	return this->gateway;
}

METHOD(ipseckey_t, get_public_key, chunk_t,
	private_ipseckey_t *this)
{
	return this->public_key;
}

METHOD(ipseckey_t, destroy, void,
	private_ipseckey_t *this)
{
	chunk_free(&this->gateway);
	chunk_free(&this->public_key);
	free(this);
}

/*
 * See header
 */
ipseckey_t *ipseckey_create_frm_rr(rr_t *rr)
{
	private_ipseckey_t *this;
	bio_reader_t *reader = NULL;
	uint8_t label;
	chunk_t tmp;

	INIT(this,
			.public = {
				.get_precedence = _get_precedence,
				.get_gateway_type = _get_gateway_type,
				.get_algorithm = _get_algorithm,
				.get_gateway = _get_gateway,
				.get_public_key = _get_public_key,
				.destroy = _destroy,
			},
	);

	if (rr->get_type(rr) != RR_TYPE_IPSECKEY)
	{
		DBG1(DBG_CFG, "unable to create an ipseckey out of an RR "
					  "whose type is not IPSECKEY");
		free(this);
		return NULL;
	}

	/** Parse the content (RDATA field) of the RR */
	reader = bio_reader_create(rr->get_rdata(rr));
	if (!reader->read_uint8(reader, &this->precedence) ||
		!reader->read_uint8(reader, &this->gateway_type) ||
		!reader->read_uint8(reader, &this->algorithm))
	{
		DBG1(DBG_CFG, "ipseckey RR has a wrong format");
		reader->destroy(reader);
		free(this);
		return NULL;
	}

	switch (this->gateway_type)
	{
		case IPSECKEY_GW_TP_NOT_PRESENT:
			break;

		case IPSECKEY_GW_TP_IPV4:
			if (!reader->read_data(reader, 4, &this->gateway))
			{
				DBG1(DBG_CFG, "ipseckey gateway field does not contain an "
							  "IPv4 address as expected");
				reader->destroy(reader);
				free(this);
				return NULL;
			}
			this->gateway = chunk_clone(this->gateway);
			break;

		case IPSECKEY_GW_TP_IPV6:
			if (!reader->read_data(reader, 16, &this->gateway))
			{
				DBG1(DBG_CFG, "ipseckey gateway field does not contain an "
							  "IPv6 address as expected");
				reader->destroy(reader);
				free(this);
				return NULL;
			}
			this->gateway = chunk_clone(this->gateway);
			break;

		case IPSECKEY_GW_TP_WR_ENC_DNAME:
			/**
			 * Uncompressed domain name as defined in RFC 1035 chapter 3.
			 *
			 * TODO: Currently we ignore wire encoded domain names.
			 *
			 */
			while (reader->read_uint8(reader, &label) &&
				   label != 0 && label < 192)
			{
				if (!reader->read_data(reader, label, &tmp))
				{
					DBG1(DBG_CFG, "wrong wire encoded domain name format "
								  "in ipseckey gateway field");
					reader->destroy(reader);
					free(this);
					return NULL;
				}
			}
			break;

		default:
			DBG1(DBG_CFG, "unable to parse ipseckey gateway field");
			reader->destroy(reader);
			free(this);
			return NULL;
	}

	if (!reader->read_data(reader, reader->remaining(reader),
						   &this->public_key))
	{
		DBG1(DBG_CFG, "failed to read ipseckey public key field");
		reader->destroy(reader);
		chunk_free(&this->gateway);
		free(this);
		return NULL;
	}
	this->public_key = chunk_clone(this->public_key);
	reader->destroy(reader);
	return &this->public;
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>