From: Tobias Brunner Date: Fri, 22 Mar 2019 16:18:00 +0000 (+0100) Subject: ipsec-types: Move allocation of unique interface IDs to helper function X-Git-Tag: 5.8.0rc1~41^2~8 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9347f72494e608c40a90c300478ceb43280a0b93;p=thirdparty%2Fstrongswan.git ipsec-types: Move allocation of unique interface IDs to helper function --- diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index 2ea678067a..40137d3c20 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -1793,7 +1793,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, uint32_t if_id_in, uint32_t if_id_out) { private_child_sa_t *this; - static refcount_t unique_id = 0, unique_mark = 0, unique_if_id = 0; + static refcount_t unique_id = 0, unique_mark = 0; INIT(this, .public = { @@ -1878,6 +1878,8 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, this->if_id_out = if_id_out; } + allocate_unique_if_ids(&this->if_id_in, &this->if_id_out); + if (MARK_IS_UNIQUE(this->mark_in.value) || MARK_IS_UNIQUE(this->mark_out.value)) { @@ -1899,27 +1901,6 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, } } - if (IF_ID_IS_UNIQUE(this->if_id_in) || - IF_ID_IS_UNIQUE(this->if_id_out)) - { - refcount_t if_id = 0; - bool unique_dir = this->if_id_in == IF_ID_UNIQUE_DIR || - this->if_id_out == IF_ID_UNIQUE_DIR; - - if (!unique_dir) - { - if_id = ref_get(&unique_if_id); - } - if (IF_ID_IS_UNIQUE(this->if_id_in)) - { - this->if_id_in = unique_dir ? ref_get(&unique_if_id) : if_id; - } - if (IF_ID_IS_UNIQUE(this->if_id_out)) - { - this->if_id_out = unique_dir ? ref_get(&unique_if_id) : if_id; - } - } - if (!this->reqid) { /* reuse old reqid if we are rekeying an existing CHILD_SA and when diff --git a/src/libstrongswan/ipsec/ipsec_types.c b/src/libstrongswan/ipsec/ipsec_types.c index aa0728b6ee..2f0f31abd4 100644 --- a/src/libstrongswan/ipsec/ipsec_types.c +++ b/src/libstrongswan/ipsec/ipsec_types.c @@ -149,7 +149,7 @@ bool mark_from_string(const char *value, mark_op_t ops, mark_t *mark) } /* - * See header + * Described in header */ bool if_id_from_string(const char *value, uint32_t *if_id) { @@ -188,3 +188,31 @@ bool if_id_from_string(const char *value, uint32_t *if_id) } return TRUE; } + +/* + * Described in header + */ +void allocate_unique_if_ids(uint32_t *in, uint32_t *out) +{ + static refcount_t unique_if_id = 0; + + if (IF_ID_IS_UNIQUE(*in) || IF_ID_IS_UNIQUE(*out)) + { + refcount_t if_id = 0; + bool unique_dir = *in == IF_ID_UNIQUE_DIR || + *out == IF_ID_UNIQUE_DIR; + + if (!unique_dir) + { + if_id = ref_get(&unique_if_id); + } + if (IF_ID_IS_UNIQUE(*in)) + { + *in = unique_dir ? ref_get(&unique_if_id) : if_id; + } + if (IF_ID_IS_UNIQUE(*out)) + { + *out = unique_dir ? ref_get(&unique_if_id) : if_id; + } + } +} diff --git a/src/libstrongswan/ipsec/ipsec_types.h b/src/libstrongswan/ipsec/ipsec_types.h index 6750e22940..1c61fecfe8 100644 --- a/src/libstrongswan/ipsec/ipsec_types.h +++ b/src/libstrongswan/ipsec/ipsec_types.h @@ -256,4 +256,12 @@ bool mark_from_string(const char *value, mark_op_t ops, mark_t *mark); */ bool if_id_from_string(const char *value, uint32_t *if_id); +/** + * Allocate up to two unique interface IDs depending on the given values. + * + * @param[out] in inbound interface ID + * @param[out] out outbound interface ID + */ +void allocate_unique_if_ids(uint32_t *in, uint32_t *out); + #endif /** IPSEC_TYPES_H_ @}*/ diff --git a/src/libstrongswan/tests/suites/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c index 976d7f4cf9..27343349e5 100644 --- a/src/libstrongswan/tests/suites/test_utils.c +++ b/src/libstrongswan/tests/suites/test_utils.c @@ -983,6 +983,41 @@ START_TEST(test_if_id_from_string) } END_TEST +/******************************************************************************* + * allocate_unique_if_ids + */ + +static struct { + uint32_t in; + uint32_t out; + uint32_t exp_in; + uint32_t exp_out; +} unique_if_id_data[] = { + {0, 0, 0, 0 }, + {42, 42, 42, 42 }, + {42, 1337, 42, 1337 }, + /* each call increases the internal counter by 1 or 2*/ + {IF_ID_UNIQUE, 42, 1, 42 }, + {42, IF_ID_UNIQUE, 42, 2 }, + {IF_ID_UNIQUE_DIR, 42, 3, 42 }, + {42, IF_ID_UNIQUE_DIR, 42, 4 }, + {IF_ID_UNIQUE, IF_ID_UNIQUE, 5, 5 }, + {IF_ID_UNIQUE_DIR, IF_ID_UNIQUE, 6, 7 }, + {IF_ID_UNIQUE, IF_ID_UNIQUE_DIR, 8, 9 }, + {IF_ID_UNIQUE_DIR, IF_ID_UNIQUE_DIR, 10, 11 }, +}; + +START_TEST(test_allocate_unique_if_ids) +{ + uint32_t if_id_in = unique_if_id_data[_i].in, + if_id_out = unique_if_id_data[_i].out; + + allocate_unique_if_ids(&if_id_in, &if_id_out); + ck_assert_int_eq(if_id_in, unique_if_id_data[_i].exp_in); + ck_assert_int_eq(if_id_out, unique_if_id_data[_i].exp_out); +} +END_TEST + /******************************************************************************* * signature_schemes_for_key */ @@ -1134,6 +1169,10 @@ Suite *utils_suite_create() tcase_add_loop_test(tc, test_if_id_from_string, 0, countof(if_id_data)); suite_add_tcase(s, tc); + tc = tcase_create("allocate_unique_if_ids"); + tcase_add_loop_test(tc, test_allocate_unique_if_ids, 0, countof(unique_if_id_data)); + suite_add_tcase(s, tc); + tc = tcase_create("signature_schemes_for_key"); tcase_add_loop_test(tc, test_signature_schemes_for_key, 0, countof(scheme_data)); suite_add_tcase(s, tc);