Return to process_message_job.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / processing / jobs |
1.1 misho 1: /* 2: * Copyright (C) 2005-2007 Martin Willi 3: * Copyright (C) 2005 Jan Hutter 4: * HSR Hochschule fuer Technik Rapperswil 5: * 6: * This program is free software; you can redistribute it and/or modify it 7: * under the terms of the GNU General Public License as published by the 8: * Free Software Foundation; either version 2 of the License, or (at your 9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 10: * 11: * This program is distributed in the hope that it will be useful, but 12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14: * for more details. 15: */ 16: 17: #include "process_message_job.h" 18: 19: #include <daemon.h> 20: 21: typedef struct private_process_message_job_t private_process_message_job_t; 22: 23: /** 24: * Private data of an process_message_job_t Object 25: */ 26: struct private_process_message_job_t { 27: /** 28: * public process_message_job_t interface 29: */ 30: process_message_job_t public; 31: 32: /** 33: * Message associated with this job 34: */ 35: message_t *message; 36: }; 37: 38: METHOD(job_t, destroy, void, 39: private_process_message_job_t *this) 40: { 41: this->message->destroy(this->message); 42: free(this); 43: } 44: 45: METHOD(job_t, execute, job_requeue_t, 46: private_process_message_job_t *this) 47: { 48: ike_sa_t *ike_sa; 49: 50: #ifdef ME 51: /* if this is an unencrypted INFORMATIONAL exchange it is likely a 52: * connectivity check. */ 53: if (this->message->get_exchange_type(this->message) == INFORMATIONAL && 54: this->message->get_first_payload_type(this->message) != PLV2_ENCRYPTED) 55: { 56: /* theoretically this could also be an error message 57: * see RFC 4306, section 1.5. */ 58: DBG1(DBG_NET, "received unencrypted informational: from %#H to %#H", 59: this->message->get_source(this->message), 60: this->message->get_destination(this->message)); 61: charon->connect_manager->process_check(charon->connect_manager, this->message); 62: return JOB_REQUEUE_NONE; 63: } 64: #endif /* ME */ 65: 66: ike_sa = charon->ike_sa_manager->checkout_by_message(charon->ike_sa_manager, 67: this->message); 68: if (ike_sa) 69: { 70: DBG1(DBG_NET, "received packet: from %#H to %#H (%zu bytes)", 71: this->message->get_source(this->message), 72: this->message->get_destination(this->message), 73: this->message->get_packet_data(this->message).len); 74: if (ike_sa->process_message(ike_sa, this->message) == DESTROY_ME) 75: { 76: charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, 77: ike_sa); 78: } 79: else 80: { 81: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); 82: } 83: } 84: return JOB_REQUEUE_NONE; 85: } 86: 87: METHOD(job_t, get_priority, job_priority_t, 88: private_process_message_job_t *this) 89: { 90: switch (this->message->get_exchange_type(this->message)) 91: { 92: case IKE_AUTH: 93: /* IKE auth is rather expensive and often blocking, low priority */ 94: case AGGRESSIVE: 95: case ID_PROT: 96: /* AM is basically IKE_SA_INIT/IKE_AUTH combined (without EAP/XAuth) 97: * MM is similar, but stretched out more */ 98: return JOB_PRIO_LOW; 99: case INFORMATIONAL: 100: case INFORMATIONAL_V1: 101: /* INFORMATIONALs are inexpensive, for DPD we should have low 102: * reaction times */ 103: return JOB_PRIO_HIGH; 104: case IKE_SA_INIT: 105: /* IKE_SA_INIT is expensive, but we will drop them in the receiver 106: * if we are overloaded */ 107: case CREATE_CHILD_SA: 108: case QUICK_MODE: 109: /* these may require DH, but if not they are relatively cheap */ 110: case TRANSACTION: 111: /* these are mostly cheap, however, if XAuth via RADIUS is used 112: * they may block */ 113: default: 114: return JOB_PRIO_MEDIUM; 115: } 116: } 117: 118: /* 119: * Described in header 120: */ 121: process_message_job_t *process_message_job_create(message_t *message) 122: { 123: private_process_message_job_t *this; 124: 125: INIT(this, 126: .public = { 127: .job_interface = { 128: .execute = _execute, 129: .get_priority = _get_priority, 130: .destroy = _destroy, 131: }, 132: }, 133: .message = message, 134: ); 135: 136: return &(this->public); 137: }