Navigation

← Previous Changeset
Next Changeset →

Changeset 4653

Timestamp:

11/14/08 10:38:49 (2 months ago)

Author:

martin

Message:

do not use public interface for functions which are local anyway

Files:

trunk/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c (modified) (10 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c

r4639	r4653
869	869	if (ipcomp != IPCOMP_NONE && cpi != 0)
870	870	{
871		this->public.interface.add_sa(&this->public.interface,
872		src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, reqid, 0, 0,
873		ENCR_UNDEFINED, chunk_empty, AUTH_UNDEFINED, chunk_empty,
874		mode, ipcomp, 0, FALSE, inbound);
	871	add_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, reqid, 0, 0,
	872	ENCR_UNDEFINED, chunk_empty, AUTH_UNDEFINED, chunk_empty,
	873	mode, ipcomp, 0, FALSE, inbound);
875	874	ipcomp = IPCOMP_NONE;
876	875	}
…	…
1098	1097	hdr->nlmsg_type = XFRM_MSG_GETAE;
1099	1098	hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id));
1100
	1099
1101	1100	aevent_id = (struct xfrm_aevent_id*)NLMSG_DATA(hdr);
1102	1101	aevent_id->flags = XFRM_AE_RVAL;
…	…
1164	1163
1165	1164	/**
	1165	* Implementation of kernel_interface_t.del_sa.
	1166	*/
	1167	static status_t del_sa(private_kernel_netlink_ipsec_t this, host_t dst,
	1168	u_int32_t spi, protocol_id_t protocol, u_int16_t cpi)
	1169	{
	1170	unsigned char request[NETLINK_BUFFER_SIZE];
	1171	struct nlmsghdr *hdr;
	1172	struct xfrm_usersa_id *sa_id;
	1173
	1174	/* if IPComp was used, we first delete the additional IPComp SA */
	1175	if (cpi)
	1176	{
	1177	del_sa(this, dst, htonl(ntohs(cpi)), IPPROTO_COMP, 0);
	1178	}
	1179
	1180	memset(&request, 0, sizeof(request));
	1181
	1182	DBG2(DBG_KNL, "deleting SAD entry with SPI %.8x", ntohl(spi));
	1183
	1184	hdr = (struct nlmsghdr*)request;
	1185	hdr->nlmsg_flags = NLM_F_REQUEST \| NLM_F_ACK;
	1186	hdr->nlmsg_type = XFRM_MSG_DELSA;
	1187	hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_id));
	1188
	1189	sa_id = (struct xfrm_usersa_id*)NLMSG_DATA(hdr);
	1190	host2xfrm(dst, &sa_id->daddr);
	1191	sa_id->spi = spi;
	1192	sa_id->proto = proto_ike2kernel(protocol);
	1193	sa_id->family = dst->get_family(dst);
	1194
	1195	if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS)
	1196	{
	1197	DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x", ntohl(spi));
	1198	return FAILED;
	1199	}
	1200	DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x", ntohl(spi));
	1201	return SUCCESS;
	1202	}
	1203
	1204	/**
1166	1205	* Implementation of kernel_interface_t.update_sa.
1167	1206	*/
…	…
1180	1219	size_t rtasize;
1181	1220	struct xfrm_encap_tmpl* tmpl = NULL;
1182		bool got_replay_state;
	1221	bool got_replay_state = FALSE;
1183	1222	struct xfrm_replay_state replay;
1184	1223
…	…
1186	1225	if (cpi)
1187	1226	{
1188		this->public.interface.update_sa(&this->public.interface,
1189		htonl(ntohs(cpi)), IPPROTO_COMP, 0,
1190		src, dst, new_src, new_dst, FALSE, FALSE);
	1227	update_sa(this, htonl(ntohs(cpi)), IPPROTO_COMP, 0,
	1228	src, dst, new_src, new_dst, FALSE, FALSE);
1191	1229	}
1192	1230
…	…
1194	1232
1195	1233	DBG2(DBG_KNL, "querying SAD entry with SPI %.8x for update", ntohl(spi));
1196
	1234
1197	1235	/* query the existing SA first */
1198	1236	hdr = (struct nlmsghdr*)request;
…	…
1200	1238	hdr->nlmsg_type = XFRM_MSG_GETSA;
1201	1239	hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_id));
1202
	1240
1203	1241	sa_id = (struct xfrm_usersa_id*)NLMSG_DATA(hdr);
1204	1242	host2xfrm(dst, &sa_id->daddr);
…	…
1243	1281
1244	1282	/* try to get the replay state */
1245		got_replay_state = (get_replay_state(
1246		this, spi, protocol, dst, &replay) == SUCCESS);
	1283	if (get_replay_state(this, spi, protocol, dst, &replay) == SUCCESS)
	1284	{
	1285	got_replay_state = TRUE;
	1286	}
1247	1287
1248	1288	/* delete the old SA (without affecting the IPComp SA) */
1249		if (this->public.interface.del_sa(&this->public.interface, dst, spi,
1250		protocol, 0) != SUCCESS)
	1289	if (del_sa(this, dst, spi, protocol, 0) != SUCCESS)
1251	1290	{
1252	1291	DBG1(DBG_KNL, "unable to delete old SAD entry with SPI %.8x", ntohl(spi));
…	…
1257	1296	DBG2(DBG_KNL, "updating SAD entry with SPI %.8x from %#H..%#H to %#H..%#H",
1258	1297	ntohl(spi), src, dst, new_src, new_dst);
1259
1260	1298	/* copy over the SA from out to request */
1261	1299	hdr = (struct nlmsghdr*)request;
…	…
1341	1379	free(out);
1342	1380
1343		~~return SUCCESS;~~
1344		}
1345
1346		/**
1347		* Implementation of kernel_interface_t.del_sa.
1348		*/
1349		~~static status_t del_sa(private_kernel_netlink_ipsec_t this, host_t dst,~~
1350		~~u_int32_t spi, protocol_id_t protocol, u_int16_t cpi)~~
1351		{
1352		~~unsigned char request[NETLINK_BUFFER_SIZE];~~
1353		~~struct nlmsghdr *hdr;~~
1354		~~struct xfrm_usersa_id *sa_id;~~
1355
1356		~~/* if IPComp was used, we first delete the additional IPComp SA */~~
1357		~~if (cpi)~~
1358		{
1359		~~this->public.interface.del_sa(&this->public.interface, dst,~~
1360		~~htonl(ntohs(cpi)), IPPROTO_COMP, 0);~~
1361		}
1362
1363		~~memset(&request, 0, sizeof(request));~~
1364
1365		~~DBG2(DBG_KNL, "deleting SAD entry with SPI %.8x", ntohl(spi));~~
1366
1367		~~hdr = (struct nlmsghdr*)request;~~
1368		~~hdr->nlmsg_flags = NLM_F_REQUEST \| NLM_F_ACK;~~
1369		~~hdr->nlmsg_type = XFRM_MSG_DELSA;~~
1370		~~hdr->nlmsg_len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_id));~~
1371
1372		~~sa_id = (struct xfrm_usersa_id*)NLMSG_DATA(hdr);~~
1373		~~host2xfrm(dst, &sa_id->daddr);~~
1374		~~sa_id->spi = spi;~~
1375		~~sa_id->proto = proto_ike2kernel(protocol);~~
1376		~~sa_id->family = dst->get_family(dst);~~
1377
1378		~~if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS)~~
1379		{
1380		~~DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x", ntohl(spi));~~
1381		~~return FAILED;~~
1382		}
1383		~~DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x", ntohl(spi));~~
1384	1381	return SUCCESS;
1385	1382	}

Navigation

Changeset 4653

Legend:

trunk/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c

Download in other formats: