Annotation of embedaddon/strongswan/src/libcharon/sa/ikev2/tasks/ike_auth_lifetime.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2007 Martin Willi
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "ike_auth_lifetime.h"
17:
18: #include <time.h>
19:
20: #include <daemon.h>
21: #include <encoding/payloads/notify_payload.h>
22:
23:
24: typedef struct private_ike_auth_lifetime_t private_ike_auth_lifetime_t;
25:
26: /**
27: * Private members of a ike_auth_lifetime_t task.
28: */
29: struct private_ike_auth_lifetime_t {
30:
31: /**
32: * Public methods and task_t interface.
33: */
34: ike_auth_lifetime_t public;
35:
36: /**
37: * Assigned IKE_SA.
38: */
39: ike_sa_t *ike_sa;
40: };
41:
42: /**
43: * add the AUTH_LIFETIME notify to the message
44: */
45: static void add_auth_lifetime(private_ike_auth_lifetime_t *this, message_t *message)
46: {
47: chunk_t chunk;
48: uint32_t lifetime;
49:
50: lifetime = this->ike_sa->get_statistic(this->ike_sa, STAT_REAUTH);
51: if (lifetime)
52: {
53: lifetime -= time_monotonic(NULL);
54: chunk = chunk_from_thing(lifetime);
55: *(uint32_t*)chunk.ptr = htonl(lifetime);
56: message->add_notify(message, FALSE, AUTH_LIFETIME, chunk);
57: }
58: }
59:
60: /**
61: * read notifys from message and evaluate them
62: */
63: static void process_payloads(private_ike_auth_lifetime_t *this, message_t *message)
64: {
65: notify_payload_t *notify;
66: chunk_t data;
67: uint32_t lifetime;
68:
69: notify = message->get_notify(message, AUTH_LIFETIME);
70: if (notify)
71: {
72: data = notify->get_notification_data(notify);
73: lifetime = ntohl(*(uint32_t*)data.ptr);
74: this->ike_sa->set_auth_lifetime(this->ike_sa, lifetime);
75: }
76: }
77:
78: METHOD(task_t, build_i, status_t,
79: private_ike_auth_lifetime_t *this, message_t *message)
80: {
81: if (message->get_exchange_type(message) == INFORMATIONAL)
82: {
83: add_auth_lifetime(this, message);
84: return SUCCESS;
85: }
86: return NEED_MORE;
87: }
88:
89: METHOD(task_t, process_r, status_t,
90: private_ike_auth_lifetime_t *this, message_t *message)
91: {
92: if (message->get_exchange_type(message) == INFORMATIONAL)
93: {
94: process_payloads(this, message);
95: return SUCCESS;
96: }
97: return NEED_MORE;
98: }
99:
100: METHOD(task_t, build_r, status_t,
101: private_ike_auth_lifetime_t *this, message_t *message)
102: {
103: if (message->get_exchange_type(message) == IKE_AUTH &&
104: this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
105: {
106: add_auth_lifetime(this, message);
107: return SUCCESS;
108: }
109: return NEED_MORE;
110: }
111:
112: METHOD(task_t, process_i, status_t,
113: private_ike_auth_lifetime_t *this, message_t *message)
114: {
115: if (message->get_exchange_type(message) == IKE_AUTH &&
116: this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
117: {
118: process_payloads(this, message);
119: return SUCCESS;
120: }
121: return NEED_MORE;
122: }
123:
124: METHOD(task_t, get_type, task_type_t,
125: private_ike_auth_lifetime_t *this)
126: {
127: return TASK_IKE_AUTH_LIFETIME;
128: }
129:
130: METHOD(task_t, migrate, void,
131: private_ike_auth_lifetime_t *this, ike_sa_t *ike_sa)
132: {
133: this->ike_sa = ike_sa;
134: }
135:
136: METHOD(task_t, destroy, void,
137: private_ike_auth_lifetime_t *this)
138: {
139: free(this);
140: }
141:
142: /*
143: * Described in header.
144: */
145: ike_auth_lifetime_t *ike_auth_lifetime_create(ike_sa_t *ike_sa, bool initiator)
146: {
147: private_ike_auth_lifetime_t *this;
148:
149: INIT(this,
150: .public = {
151: .task = {
152: .get_type = _get_type,
153: .migrate = _migrate,
154: .destroy = _destroy,
155: },
156: },
157: .ike_sa = ike_sa,
158: );
159:
160: if (initiator)
161: {
162: this->public.task.build = _build_i;
163: this->public.task.process = _process_i;
164: }
165: else
166: {
167: this->public.task.build = _build_r;
168: this->public.task.process = _process_r;
169: }
170:
171: return &this->public;
172: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>