From ae43af050f6dc5f70eb99693395a99f6a9edce27 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Thu, 19 Jul 2018 16:53:01 +0200 Subject: [PATCH] ike-cfg: Generalize get_ke_method() method --- src/libcharon/config/ike_cfg.c | 13 ++++++------- src/libcharon/config/ike_cfg.h | 12 ++++++++---- src/libcharon/sa/ikev1/tasks/aggressive_mode.c | 5 +++-- src/libcharon/sa/ikev2/tasks/ike_init.c | 6 ++++-- 4 files changed, 21 insertions(+), 15 deletions(-) diff --git a/src/libcharon/config/ike_cfg.c b/src/libcharon/config/ike_cfg.c index 589b41905c..349aa44a83 100644 --- a/src/libcharon/config/ike_cfg.c +++ b/src/libcharon/config/ike_cfg.c @@ -347,24 +347,23 @@ METHOD(ike_cfg_t, select_proposal, proposal_t*, return proposal_select(this->proposals, proposals, flags); } -METHOD(ike_cfg_t, get_ke_method, key_exchange_method_t, - private_ike_cfg_t *this) +METHOD(ike_cfg_t, get_algorithm, uint16_t, + private_ike_cfg_t *this, transform_type_t type) { enumerator_t *enumerator; proposal_t *proposal; - uint16_t method = MODP_NONE; + uint16_t alg = 0; enumerator = this->proposals->create_enumerator(this->proposals); while (enumerator->enumerate(enumerator, &proposal)) { - if (proposal->get_algorithm(proposal, KEY_EXCHANGE_METHOD, &method, - NULL)) + if (proposal->get_algorithm(proposal, type, &alg, NULL)) { break; } } enumerator->destroy(enumerator); - return method; + return alg; } METHOD(ike_cfg_t, equals, bool, @@ -603,7 +602,7 @@ ike_cfg_t *ike_cfg_create(ike_cfg_create_t *data) .get_proposals = _get_proposals, .select_proposal = _select_proposal, .has_proposal = _has_proposal, - .get_ke_method = _get_ke_method, + .get_algorithm = _get_algorithm, .equals = _equals, .get_ref = _get_ref, .destroy = _destroy, diff --git a/src/libcharon/config/ike_cfg.h b/src/libcharon/config/ike_cfg.h index ce32e756d6..1752c88ca7 100644 --- a/src/libcharon/config/ike_cfg.h +++ b/src/libcharon/config/ike_cfg.h @@ -34,7 +34,6 @@ typedef struct ike_cfg_create_t ike_cfg_create_t; #include #include #include -#include /** * IKE version. @@ -230,11 +229,16 @@ struct ike_cfg_t { childless_t (*childless)(ike_cfg_t *this); /** - * Get the key exchange method to use for IKE_SA setup. + * Get the first algorithm of a certain transform type that's contained in + * any of the configured proposals. * - * @return key exchange method to use for initialization + * For instance, use with KEY_EXCHANGE_METHOD to get the KE metho to use + * for the IKE_SA initiation. + * + * @param type transform type to look for + * @return algorithm identifier (0 for none) */ - key_exchange_method_t (*get_ke_method)(ike_cfg_t *this); + uint16_t (*get_algorithm)(ike_cfg_t *this, transform_type_t type); /** * Check if two IKE configs are equal. diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c index f303305f58..fdbeda6b37 100644 --- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c +++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c @@ -253,8 +253,9 @@ METHOD(task_t, build_i, status_t, message->add_payload(message, &sa_payload->payload_interface); - group = this->ike_cfg->get_ke_method(this->ike_cfg); - if (group == MODP_NONE) + group = this->ike_cfg->get_algorithm(this->ike_cfg, + KEY_EXCHANGE_METHOD); + if (!group) { DBG1(DBG_IKE, "DH group selection failed"); return FAILED; diff --git a/src/libcharon/sa/ikev2/tasks/ike_init.c b/src/libcharon/sa/ikev2/tasks/ike_init.c index f71df314ee..e3ee9d7892 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_init.c +++ b/src/libcharon/sa/ikev2/tasks/ike_init.c @@ -673,12 +673,14 @@ METHOD(task_t, build_i, status_t, } else { /* this shouldn't happen, but let's be safe */ - this->dh_group = ike_cfg->get_ke_method(ike_cfg); + this->dh_group = ike_cfg->get_algorithm(ike_cfg, + KEY_EXCHANGE_METHOD); } } else { - this->dh_group = ike_cfg->get_ke_method(ike_cfg); + this->dh_group = ike_cfg->get_algorithm(ike_cfg, + KEY_EXCHANGE_METHOD); } this->dh = this->keymat->keymat.create_ke(&this->keymat->keymat, this->dh_group); -- 2.47.2