Changeset 4646

Timestamp:

11/13/08 08:15:45 (2 months ago)

Author:

martin

Message:

ported socket enumerator to raw-socket.c
some cleanups in socket.c

Files:

• trunk/src/charon/network/socket-raw.c (modified) (14 diffs)
• trunk/src/charon/network/socket.c (modified) (5 diffs)

trunk/src/charon/network/socket-raw.c

@@ -1 +1 @@
-/*
- * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger
-6
+8
- * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
@@ -34 +34 @@
-#include <netinet/ip6.h>
-#include <netinet/udp.h>
-ipsec
+types
-#include <linux/filter.h>
-#include <net/if.h>
@@ -54 +54 @@
-#define IKE_LENGTH_OFFSET 24
-
-/* from linux/in.h */
-#ifndef IP_IPSEC_POLICY
-#define IP_IPSEC_POLICY 16
-#endif /*IP_IPSEC_POLICY*/
-
-/* from linux/udp.h */
-#ifndef UDP_ENCAP
@@ -72 +67 @@
-#define IPV6_2292PKTINFO 2
-#endif /*IPV6_2292PKTINFO*/
-
-/* missing on uclibc */
-#ifndef IPV6_IPSEC_POLICY
-#define IPV6_IPSEC_POLICY 34
-#endif /*IPV6_IPSEC_POLICY*/
-
-typedef struct private_socket_t private_socket_t;
@@ -441 +431 @@
-    int type = UDP_ENCAP_ESPINUDP;
-    struct sockaddr_storage addr;
-
-
+
-    int skt;
-    
@@ -456 +445 @@
-            sin->sin_port = htons(port);
-            sol = SOL_IP;
-            ipsec_policy = IP_IPSEC_POLICY;
-            break;
-        }
@@ -466 +454 @@
-            sin6->sin6_port = htons(port);
-            sol = SOL_IPV6;
-            ipsec_policy = IPV6_IPSEC_POLICY;
-            break;
-        }
@@ -488 +475 @@
-    }
-    
-    /* bypass outgoung IKE traffic on send socket */
-    memset(&policy, 0, sizeof(policy));
-    policy.sadb_x_policy_len = sizeof(policy) / sizeof(u_int64_t);
-    policy.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
-    policy.sadb_x_policy_type = IPSEC_POLICY_BYPASS;
-    policy.sadb_x_policy_dir = IPSEC_DIR_OUTBOUND;
-    
-    if (setsockopt(skt, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
-    {
-        DBG1(DBG_NET, "unable to set IPSEC_POLICY on send socket: %s",
-             strerror(errno));
-        close(skt);
-        return 0;
-    }
-    
-    /* We don't receive packets on the send socket, but we need a INBOUND policy.
-     * Otherwise, UDP decapsulation does not work!!! */
-    policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
-    if (setsockopt(skt, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
-    {
-        DBG1(DBG_NET, "unable to set IPSEC_POLICY on send socket: %s", 
-             strerror(errno));
-        close(skt);
-        return 0;
-    }
-    
-    /* bind the send socket */
-    if (bind(skt, (struct sockaddr *)&addr, sizeof(addr)) < 0)
@@ -543 +504 @@
-    int skt;
-    int on = TRUE;
-
-
+
-    
-    /* precalculate constants depending on address family */
@@ -553 +513 @@
-            ip_len = IP_LEN;
-            sol = SOL_IP;
-            ipsec_policy = IP_IPSEC_POLICY;
-            break;
-        case AF_INET6:
@@ -559 +518 @@
-            ip_len = 0; /* IPv6 raw sockets contain no IP header */
-            sol = SOL_IPV6;
-            ipsec_policy = IPV6_IPSEC_POLICY;
-            break;
-        default:
@@ -634 +592 @@
-    }
-    
-    /* bypass incomining IKE traffic on this socket */
-    memset(&policy, 0, sizeof(policy));
-    policy.sadb_x_policy_len = sizeof(policy) / sizeof(u_int64_t);
-    policy.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
-    policy.sadb_x_policy_type = IPSEC_POLICY_BYPASS;
-    policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
-    
-    if (setsockopt(skt, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
-    {
-        DBG1(DBG_NET, "unable to set IPSEC_POLICY on raw socket: %s",
-             strerror(errno));
-        close(skt);
-        return 0;
-    }
-    
-    return skt;
+}
+
+/**
+ * enumerator for underlying sockets
+ */
+typedef struct {
+    /** implements enumerator_t */
+    enumerator_t public;
+    /** sockets we enumerate */
+    private_socket_t *socket;
+    /** counter */
+    int index;
+} socket_enumerator_t;
+
+/**
+ * enumerate function for socket_enumerator_t
+ */
+static bool enumerate(socket_enumerator_t *this, int *fd, int *family, int *port)
+{
+    static const struct {
+        int fd_offset;
+        int family;
+        int port;
+    } sockets[] = {
+        { offsetof(private_socket_t, recv4), AF_INET, IKEV2_UDP_PORT },
+        { offsetof(private_socket_t, recv6), AF_INET6, IKEV2_UDP_PORT },
+        { offsetof(private_socket_t, send4), AF_INET, IKEV2_UDP_PORT },
+        { offsetof(private_socket_t, send6), AF_INET6, IKEV2_UDP_PORT },
+        { offsetof(private_socket_t, send4_natt), AF_INET, IKEV2_NATT_PORT },
+        { offsetof(private_socket_t, send6_natt), AF_INET6, IKEV2_NATT_PORT }
+    };
+    
+    while(++this->index < countof(sockets))
+    {
+        int sock = *(int*)((char*)this->socket + sockets[this->index].fd_offset);
+        if (!sock)
+        {
+            continue;
+        }
+        *fd = sock;
+        *family = sockets[this->index].family;
+        *port = sockets[this->index].port;
+        return TRUE;
+    }
+    return FALSE;
+}
+
+/**
+ * implementation of socket_t.create_enumerator
+ */
+static enumerator_t *create_enumerator(private_socket_t *this)
+{
+    socket_enumerator_t *enumerator;
+    
+    enumerator = malloc_thing(socket_enumerator_t);
+    enumerator->index = -1;
+    enumerator->socket = this;
+    enumerator->public.enumerate = (void*)enumerate;
+    enumerator->public.destroy = (void*)free;
+    return &enumerator->public;
-}
-
@@ -689 +692 @@
-socket_t *socket_create()
-{
-    int key;
-    private_socket_t *this = malloc_thing(private_socket_t);
-
+
-    /* public functions */
-    this->public.send = (status_t(*)(socket_t*, packet_t*))sender;
-    this->public.receive = (status_t(*)(socket_t*, packet_t**))receiver;
+    this->public.create_enumerator = (enumerator_t*(*)(socket_t*))create_enumerator;
-    this->public.destroy = (void(*)(socket_t*)) destroy;
-    
@@ -704 +707 @@
-    this->send6_natt = 0;
-    
-    /* we open a AF_KEY socket to autoload the af_key module. Otherwise
-     * setsockopt(IPSEC_POLICY) won't work. */
-    key = socket(AF_KEY, SOCK_RAW, PF_KEY_V2);
-    if (key == 0)
-    {
-        charon->kill(charon, "could not open AF_KEY socket");
-    }
-    close(key);
-    
-    this->recv4 = open_recv_socket(this, AF_INET);
-    if (this->recv4 == 0)

trunk/src/charon/network/socket.c

@@ -96 +96 @@
-     int ipv6_natt;
-};
-
-/**
- * enumerator for underlying sockets
- */
-typedef struct {
-    /** implements enumerator_t */
-    enumerator_t public;
-    /** sockets we enumerate */
-    private_socket_t *socket;
-    /** counter */
-    u_int8_t index;
-} socket_enumerator_t;
-
-/**
@@ -484 +472 @@
-
-/**
+ * enumerator for underlying sockets
+ */
+typedef struct {
+    /** implements enumerator_t */
+    enumerator_t public;
+    /** sockets we enumerate */
+    private_socket_t *socket;
+    /** counter */
+    int index;
+} socket_enumerator_t;
+
+/**
- * enumerate function for socket_enumerator_t
- */
@@ -493 +493 @@
-        int port;
-    } sockets[] = {
-        { 0, 0, 0 },
-        { offsetof(private_socket_t, ipv4), AF_INET, IKEV2_UDP_PORT },
-        { offsetof(private_socket_t, ipv6), AF_INET6, IKEV2_UDP_PORT },
@@ -500 +499 @@
-    };
-    
-= 4
+ countof(sockets)
-    {
-        int sock = *(int*)((char*)this->socket + sockets[this->index].fd_offset);
@@ -523 +522 @@
-    
-    enumerator = malloc_thing(socket_enumerator_t);
-0
+-1
-    enumerator->socket = this;
-    enumerator->public.enumerate = (void*)enumerate;