From: Adrian-Ken Rueegsegger Date: Wed, 8 Apr 2015 16:54:54 +0000 (+0200) Subject: charon-tkm: Add get_other_esa_id function to TKM kernel SAD X-Git-Tag: 5.3.1rc1~35^2~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c7ce0d96cd89b8071637cd59879776b01053f28a;p=thirdparty%2Fstrongswan.git charon-tkm: Add get_other_esa_id function to TKM kernel SAD The function gets the ESA id for another entry associated with the same security policy as the specified ESA. --- diff --git a/src/charon-tkm/src/tkm/tkm_kernel_sad.c b/src/charon-tkm/src/tkm/tkm_kernel_sad.c index 3394b58af7..619ebeeb61 100644 --- a/src/charon-tkm/src/tkm/tkm_kernel_sad.c +++ b/src/charon-tkm/src/tkm/tkm_kernel_sad.c @@ -126,6 +126,26 @@ static bool sad_entry_match_dst(sad_entry_t * const entry, entry->proto == *proto; } +/** + * Find a list entry with given esa id. + */ +static bool sad_entry_match_esa_id(sad_entry_t * const entry, + const esa_id_type * const esa_id) +{ + return entry->esa_id == *esa_id; +} + +/** + * Find a list entry with given reqid and different esa id. + */ +static bool sad_entry_match_other_esa(sad_entry_t * const entry, + const esa_id_type * const esa_id, + const u_int32_t * const reqid) +{ + return entry->reqid == *reqid && + entry->esa_id != *esa_id; +} + /** * Compare two SAD entries for equality. */ @@ -209,6 +229,42 @@ METHOD(tkm_kernel_sad_t, get_esa_id, esa_id_type, return id; } +METHOD(tkm_kernel_sad_t, get_other_esa_id, esa_id_type, + private_tkm_kernel_sad_t * const this, const esa_id_type esa_id) +{ + esa_id_type id = 0; + sad_entry_t *entry = NULL; + u_int32_t reqid; + status_t res; + + this->mutex->lock(this->mutex); + res = this->data->find_first(this->data, + (linked_list_match_t)sad_entry_match_esa_id, + (void**)&entry, &esa_id); + if (res == SUCCESS && entry) + { + reqid = entry->reqid; + } + else + { + DBG3(DBG_KNL, "no SAD entry found for ESA id %llu", esa_id); + this->mutex->unlock(this->mutex); + return id; + } + + res = this->data->find_first(this->data, + (linked_list_match_t)sad_entry_match_other_esa, + (void**)&entry, &esa_id, &reqid); + if (res == SUCCESS && entry) + { + id = entry->esa_id; + DBG3(DBG_KNL, "returning ESA id %llu of other SAD entry with reqid %u", + id, reqid); + } + this->mutex->unlock(this->mutex); + return id; +} + METHOD(tkm_kernel_sad_t, get_dst_host, host_t *, private_tkm_kernel_sad_t * const this, const u_int32_t reqid, const u_int32_t spi, const u_int8_t proto) @@ -289,6 +345,7 @@ tkm_kernel_sad_t *tkm_kernel_sad_create() .public = { .insert = _insert, .get_esa_id = _get_esa_id, + .get_other_esa_id = _get_other_esa_id, .get_dst_host = _get_dst_host, .remove = __remove, .destroy = _destroy, diff --git a/src/charon-tkm/src/tkm/tkm_kernel_sad.h b/src/charon-tkm/src/tkm/tkm_kernel_sad.h index 38b19dd01b..fd48308052 100644 --- a/src/charon-tkm/src/tkm/tkm_kernel_sad.h +++ b/src/charon-tkm/src/tkm/tkm_kernel_sad.h @@ -62,6 +62,16 @@ struct tkm_kernel_sad_t { const host_t * const src, const host_t * const dst, const u_int32_t spi, const u_int8_t proto); + /** + * Get ESA id for entry associated with same security policy as the + * specified ESA. + * + * @param esa_id id of ESA identifying the security policy + * @return ESA id of entry if found, 0 otherwise + */ + esa_id_type (*get_other_esa_id)(tkm_kernel_sad_t * const this, + const esa_id_type esa_id); + /** * Get destination host for entry with given parameters. * diff --git a/src/charon-tkm/tests/kernel_sad_tests.c b/src/charon-tkm/tests/kernel_sad_tests.c index b9ab3cb5e9..91ccdd4dd2 100644 --- a/src/charon-tkm/tests/kernel_sad_tests.c +++ b/src/charon-tkm/tests/kernel_sad_tests.c @@ -81,6 +81,37 @@ START_TEST(test_get_esa_id_nonexistent) } END_TEST +START_TEST(test_get_other_esa_id) +{ + host_t *addr = host_create_from_string("127.0.0.1", 1024); + tkm_kernel_sad_t *sad = tkm_kernel_sad_create(); + fail_unless(sad->insert(sad, 23, 54, addr, addr, 42, 50), + "Error inserting SAD entry"); + fail_unless(sad->insert(sad, 24, 54, addr, addr, 42, 50), + "Error inserting SAD entry"); + fail_unless(sad->get_other_esa_id(sad, 23) == 24, + "Error getting other esa id"); + sad->destroy(sad); + addr->destroy(addr); +} +END_TEST + +START_TEST(test_get_other_esa_id_nonexistent) +{ + host_t *addr = host_create_from_string("127.0.0.1", 1024); + tkm_kernel_sad_t *sad = tkm_kernel_sad_create(); + fail_unless(sad->get_other_esa_id(sad, 1) == 0, + "Got other esa id for nonexistent SAD entry"); + fail_unless(sad->insert(sad, 23, 54, addr, addr, 42, 50), + "Error inserting SAD entry"); + fail_unless(sad->get_other_esa_id(sad, 23) == 0, + "Got own esa id"); + + sad->destroy(sad); + addr->destroy(addr); +} +END_TEST + START_TEST(test_get_dst_host) { host_t *addr = host_create_from_string("127.0.0.1", 1024); @@ -151,6 +182,11 @@ Suite *make_kernel_sad_tests() tcase_add_test(tc, test_get_esa_id_nonexistent); suite_add_tcase(s, tc); + tc = tcase_create("get_other_esa_id"); + tcase_add_test(tc, test_get_other_esa_id); + tcase_add_test(tc, test_get_other_esa_id_nonexistent); + suite_add_tcase(s, tc); + tc = tcase_create("get_dst_host"); tcase_add_test(tc, test_get_dst_host); tcase_add_test(tc, test_get_dst_host_nonexistent);