sainfo.c revision f8a6a7636d53a5730c58ae041e4e09ae12e1657c
1f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh/* $NetBSD: sainfo.c,v 1.14 2011/02/02 15:21:34 vanhu Exp $ */ 20a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 30a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* $KAME: sainfo.c,v 1.16 2003/06/27 07:32:39 sakane Exp $ */ 40a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 50a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 60a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 70a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * All rights reserved. 80a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 90a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Redistribution and use in source and binary forms, with or without 100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * modification, are permitted provided that the following conditions 110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * are met: 120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1. Redistributions of source code must retain the above copyright 130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer. 140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 2. Redistributions in binary form must reproduce the above copyright 150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer in the 160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * documentation and/or other materials provided with the distribution. 170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 3. Neither the name of the project nor the names of its contributors 180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * may be used to endorse or promote products derived from this software 190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * without specific prior written permission. 200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * SUCH DAMAGE. 320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "config.h" 350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/param.h> 370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/types.h> 380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/socket.h> 390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/queue.h> 400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <netinet/in.h> 420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <netinet/in.h> 430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include PATH_IPSEC_H 440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <stdlib.h> 460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <stdio.h> 470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <string.h> 480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <errno.h> 490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "var.h" 510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "misc.h" 520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "vmbuf.h" 530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "plog.h" 540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "sockmisc.h" 550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "debug.h" 560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "localconf.h" 580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "isakmp_var.h" 590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "isakmp.h" 600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "ipsec_doi.h" 610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "oakley.h" 620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "handler.h" 630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "algorithm.h" 640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "sainfo.h" 650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "gcmalloc.h" 660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 67f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehtypedef LIST_HEAD(_sitree, sainfo) sainfo_tailq_head_t; 68f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehstatic sainfo_tailq_head_t sitree, sitree_save; 690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* %%% 710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * modules for ipsec sa info 720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * return matching entry. 750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * no matching entry found and if there is anonymous entry, return it. 760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * else return NULL. 770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * First pass is for sainfo from a specified peer, second for others. 780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct sainfo * 80f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehgetsainfo(loc, rmt, peer, client, remoteid) 81f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh const vchar_t *loc, *rmt, *peer, *client; 82f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh uint32_t remoteid; 830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfo *s = NULL; 850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* debug level output */ 870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if(loglevel >= LLV_DEBUG) { 880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang char *dloc, *drmt, *dpeer, *dclient; 89f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (loc == NULL) 910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang dloc = strdup("ANONYMOUS"); 920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang dloc = ipsecdoi_id2str(loc); 94f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 95f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (rmt == SAINFO_ANONYMOUS) 960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang drmt = strdup("ANONYMOUS"); 97f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh else if (rmt == SAINFO_CLIENTADDR) 98f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh drmt = strdup("CLIENTADDR"); 990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 1000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang drmt = ipsecdoi_id2str(rmt); 101f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 1020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (peer == NULL) 1030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang dpeer = strdup("NULL"); 1040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 1050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang dpeer = ipsecdoi_id2str(peer); 106f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 107f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (client == NULL) 108f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh dclient = strdup("NULL"); 109f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh else 110f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh dclient = ipsecdoi_id2str(client); 111f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 1120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_DEBUG, LOCATION, NULL, 113f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh "getsainfo params: loc=\'%s\' rmt=\'%s\' peer=\'%s\' client=\'%s\' id=%u\n", 114f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh dloc, drmt, dpeer, dclient, remoteid ); 1150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(dloc); 1170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(drmt); 1180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(dpeer); 119f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh racoon_free(dclient); 1200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang LIST_FOREACH(s, &sitree, chain) { 1230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang const char *sainfostr = sainfo2str(s); 1240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_DEBUG, LOCATION, NULL, 1250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "evaluating sainfo: %s\n", sainfostr); 1260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 127f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(s->remoteid != remoteid) { 128f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh plog(LLV_DEBUG, LOCATION, NULL, 129f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh "remoteid mismatch: %u != %u\n", 130f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh s->remoteid, remoteid); 1310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang continue; 132f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 133f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 134f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* compare 'from' id value */ 135f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (s->id_i != NULL) 1360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (ipsecdoi_chkcmpids(peer, s->id_i, 0)) 1370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang continue; 1380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 139f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* compare ids - client */ 140f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if( s->iddst == SAINFO_CLIENTADDR ) { 141f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* 142f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * This sainfo section enforces client address 143f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * checking. Prevent match if the client value 144f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * ( modecfg or tunnel address ) is NULL. 145f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh */ 146f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 147f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (client == NULL) 148f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh continue; 149f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 150f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if( rmt == SAINFO_CLIENTADDR ) { 151f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* 152f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * In the case where a supplied rmt value is 153f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * also SAINFO_CLIENTADDR, we are comparing 154f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * with another sainfo to check for duplicate. 155f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * Only compare the local values to determine 156f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * a match. 157f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh */ 158f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 159f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (!ipsecdoi_chkcmpids(loc, s->idsrc, 0)) 160f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh return s; 161f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 162f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh else { 163f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* 164f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * In the case where a supplied rmt value is 165f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * not SAINFO_CLIENTADDR, do a standard match 166f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * for local values and enforce that the rmt 167f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * id matches the client address value. 168f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh */ 169f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 170f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (!ipsecdoi_chkcmpids(loc, s->idsrc, 0) && 171f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh !ipsecdoi_chkcmpids(rmt, client, 0)) 172f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh return s; 173f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 174f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 1750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang continue; 1760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 178f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 179f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* compare ids - standard */ 1800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (!ipsecdoi_chkcmpids(loc, s->idsrc, 0) && 1810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang !ipsecdoi_chkcmpids(rmt, s->iddst, 0)) 1820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return s; 1830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 185f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh return NULL; 1860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 1870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct sainfo * 1890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangnewsainfo() 1900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 1910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfo *new; 1920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang new = racoon_calloc(1, sizeof(*new)); 1940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (new == NULL) 1950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return NULL; 1960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang new->lifetime = IPSECDOI_ATTR_SA_LD_SEC_DEFAULT; 1980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang new->lifebyte = IPSECDOI_ATTR_SA_LD_KB_MAX; 1990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return new; 2010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 2020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 2040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangdelsainfo(si) 2050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfo *si; 2060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 2070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int i; 2080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (i = 0; i < MAXALGCLASS; i++) 2100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang delsainfoalg(si->algs[i]); 2110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (si->idsrc) 2130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vfree(si->idsrc); 214f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (si->iddst != NULL && 215f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh si->iddst != SAINFO_CLIENTADDR) 2160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vfree(si->iddst); 2170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#ifdef ENABLE_HYBRID 2190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (si->group) 2200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vfree(si->group); 2210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif 2220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(si); 2240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 2250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 226f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehint prisainfo(s) 227f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh struct sainfo *s; 228f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh{ 229f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* 230f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * determine the matching priority 231f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * of an sainfo section 232f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh */ 233f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 234f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh int pri = 0; 235f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 236f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(s->remoteid) 237f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh pri += 3; 238f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 239f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(s->id_i) 240f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh pri += 3; 241f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 242f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(s->idsrc) 243f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh pri++; 244f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 245f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(s->iddst) 246f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh pri++; 247f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 248f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh return pri; 249f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh} 250f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 2510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 2520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wanginssainfo(new) 2530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfo *new; 2540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 255f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(LIST_EMPTY(&sitree)) { 256f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 257f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* first in list */ 258f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh LIST_INSERT_HEAD(&sitree, new, chain); 259f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 260f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh else { 261f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh int npri, spri; 262f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh struct sainfo *s, *n; 263f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 264f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* 265f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * insert our new sainfo section 266f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * into our list which is sorted 267f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh * based on the match priority 268f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh */ 269f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 270f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh npri = prisainfo(new); 271f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 272f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh s = LIST_FIRST(&sitree); 273f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh while (1) { 274f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 275f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh spri = prisainfo(s); 276f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh n = LIST_NEXT(s, chain); 277f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 278f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(npri > spri) 279f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh { 280f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* higher priority */ 281f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh LIST_INSERT_BEFORE(s, new, chain); 282f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh return; 283f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 284f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 285f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if(n == NULL) 286f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh { 287f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh /* last in list */ 288f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh LIST_INSERT_AFTER(s, new, chain); 289f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh return; 290f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 291f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 292f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh s = n; 293f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 294f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh } 2950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 2960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 2980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangremsainfo(si) 2990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfo *si; 3000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang LIST_REMOVE(si, chain); 3020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 3050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangflushsainfo() 3060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfo *s, *next; 3080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (s = LIST_FIRST(&sitree); s; s = next) { 3100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang next = LIST_NEXT(s, chain); 3110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang remsainfo(s); 3120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang delsainfo(s); 3130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 3140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 3170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wanginitsainfo() 3180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang LIST_INIT(&sitree); 3200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct sainfoalg * 3230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangnewsainfoalg() 3240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfoalg *new; 3260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang new = racoon_calloc(1, sizeof(*new)); 3280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (new == NULL) 3290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return NULL; 3300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return new; 3320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 3350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangdelsainfoalg(alg) 3360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfoalg *alg; 3370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfoalg *a, *next; 3390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (a = alg; a; a = next) { 3410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang next = a->next; 3420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(a); 3430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 3440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 3470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wanginssainfoalg(head, new) 3480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfoalg **head; 3490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfoalg *new; 3500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct sainfoalg *a; 3520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (a = *head; a && a->next; a = a->next) 3540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ; 3550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (a) 3560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang a->next = new; 3570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 3580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang *head = new; 3590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangconst char * 3620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangsainfo2str(si) 3630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang const struct sainfo *si; 3640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 3650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang static char buf[256]; 3660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang char *idloc = NULL, *idrmt = NULL, *id_i; 3680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 369f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (si->idsrc == SAINFO_ANONYMOUS) 3700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang idloc = strdup("ANONYMOUS"); 3710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 3720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang idloc = ipsecdoi_id2str(si->idsrc); 3730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 374f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh if (si->iddst == SAINFO_ANONYMOUS) 3750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang idrmt = strdup("ANONYMOUS"); 376f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh else if (si->iddst == SAINFO_CLIENTADDR) 377f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh idrmt = strdup("CLIENTADDR"); 3780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 3790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang idrmt = ipsecdoi_id2str(si->iddst); 3800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (si->id_i == NULL) 3820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang id_i = strdup("ANY"); 3830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 3840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang id_i = ipsecdoi_id2str(si->id_i); 3850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 386f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh snprintf(buf, 255, "loc=\'%s\', rmt=\'%s\', peer=\'%s\', id=%u", 3870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang idloc, idrmt, id_i, si->remoteid); 3880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(idloc); 3900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(idrmt); 3910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang racoon_free(id_i); 3920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return buf; 3940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 3950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 396f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehvoid sainfo_start_reload(void){ 3970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sitree_save=sitree; 3980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang initsainfo(); 3990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 4000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 401f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yehvoid sainfo_finish_reload(void){ 402f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh sainfo_tailq_head_t sitree_tmp; 403f8a6a7636d53a5730c58ae041e4e09ae12e1657cChia-chi Yeh 4040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sitree_tmp=sitree; 4050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sitree=sitree_save; 4060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang flushsainfo(); 4070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sitree=sitree_tmp; 4080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 4090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 4100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid save_sainfotree_restore(void){ 4110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang flushsainfo(); 4120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sitree=sitree_save; 4130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 414