![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to process_message_job.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / processing / jobs|
Return to process_message_job.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / processing / jobs |
1.1 misho 1: /*
2: * Copyright (C) 2005-2007 Martin Willi
3: * Copyright (C) 2005 Jan Hutter
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: #include "process_message_job.h"
18:
19: #include <daemon.h>
20:
21: typedef struct private_process_message_job_t private_process_message_job_t;
22:
23: /**
24: * Private data of an process_message_job_t Object
25: */
26: struct private_process_message_job_t {
27: /**
28: * public process_message_job_t interface
29: */
30: process_message_job_t public;
31:
32: /**
33: * Message associated with this job
34: */
35: message_t *message;
36: };
37:
38: METHOD(job_t, destroy, void,
39: private_process_message_job_t *this)
40: {
41: this->message->destroy(this->message);
42: free(this);
43: }
44:
45: METHOD(job_t, execute, job_requeue_t,
46: private_process_message_job_t *this)
47: {
48: ike_sa_t *ike_sa;
49:
50: #ifdef ME
51: /* if this is an unencrypted INFORMATIONAL exchange it is likely a
52: * connectivity check. */
53: if (this->message->get_exchange_type(this->message) == INFORMATIONAL &&
54: this->message->get_first_payload_type(this->message) != PLV2_ENCRYPTED)
55: {
56: /* theoretically this could also be an error message
57: * see RFC 4306, section 1.5. */
58: DBG1(DBG_NET, "received unencrypted informational: from %#H to %#H",
59: this->message->get_source(this->message),
60: this->message->get_destination(this->message));
61: charon->connect_manager->process_check(charon->connect_manager, this->message);
62: return JOB_REQUEUE_NONE;
63: }
64: #endif /* ME */
65:
66: ike_sa = charon->ike_sa_manager->checkout_by_message(charon->ike_sa_manager,
67: this->message);
68: if (ike_sa)
69: {
70: DBG1(DBG_NET, "received packet: from %#H to %#H (%zu bytes)",
71: this->message->get_source(this->message),
72: this->message->get_destination(this->message),
73: this->message->get_packet_data(this->message).len);
74: if (ike_sa->process_message(ike_sa, this->message) == DESTROY_ME)
75: {
76: charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
77: ike_sa);
78: }
79: else
80: {
81: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
82: }
83: }
84: return JOB_REQUEUE_NONE;
85: }
86:
87: METHOD(job_t, get_priority, job_priority_t,
88: private_process_message_job_t *this)
89: {
90: switch (this->message->get_exchange_type(this->message))
91: {
92: case IKE_AUTH:
93: /* IKE auth is rather expensive and often blocking, low priority */
94: case AGGRESSIVE:
95: case ID_PROT:
96: /* AM is basically IKE_SA_INIT/IKE_AUTH combined (without EAP/XAuth)
97: * MM is similar, but stretched out more */
98: return JOB_PRIO_LOW;
99: case INFORMATIONAL:
100: case INFORMATIONAL_V1:
101: /* INFORMATIONALs are inexpensive, for DPD we should have low
102: * reaction times */
103: return JOB_PRIO_HIGH;
104: case IKE_SA_INIT:
105: /* IKE_SA_INIT is expensive, but we will drop them in the receiver
106: * if we are overloaded */
107: case CREATE_CHILD_SA:
108: case QUICK_MODE:
109: /* these may require DH, but if not they are relatively cheap */
110: case TRANSACTION:
111: /* these are mostly cheap, however, if XAuth via RADIUS is used
112: * they may block */
113: default:
114: return JOB_PRIO_MEDIUM;
115: }
116: }
117:
118: /*
119: * Described in header
120: */
121: process_message_job_t *process_message_job_create(message_t *message)
122: {
123: private_process_message_job_t *this;
124:
125: INIT(this,
126: .public = {
127: .job_interface = {
128: .execute = _execute,
129: .get_priority = _get_priority,
130: .destroy = _destroy,
131: },
132: },
133: .message = message,
134: );
135:
136: return &(this->public);
137: }