src/conftest/hooks/force_cookie.c - manifest_repos/strongswan - Git at Google

 /*
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
  * Free Software Foundation; either version 2 of the License, or (at your
  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  */

 #include "hook.h"

 #include <encoding/payloads/unknown_payload.h>

 typedef struct private_force_cookie_t private_force_cookie_t;

 /**
  * Private data of an force_cookie_t object.
  */
 struct private_force_cookie_t {

 	/**
 	 * Implements the hook_t interface.
 	 */
 	hook_t hook;
 };

 METHOD(listener_t, message, bool,
 	private_force_cookie_t *this, ike_sa_t *ike_sa, message_t *message,
 	bool incoming, bool plain)
 {
 	if (incoming && plain && message->get_request(message) &&
 		message->get_exchange_type(message) == IKE_SA_INIT)
 	{
 		enumerator_t *enumerator;
 		bool has_cookie = FALSE;
 		payload_t *payload;

 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
 			if (payload->get_type(payload) == PLV2_NOTIFY)
 			{
 				notify_payload_t *notify = (notify_payload_t*)payload;
 				chunk_t data;

 				if (notify->get_notify_type(notify) == COOKIE)
 				{
 					data = notify->get_notification_data(notify);
 					DBG1(DBG_CFG, "received COOKIE: %#B", &data);
 					has_cookie = TRUE;
 					break;
 				}
 			}
 		}
 		enumerator->destroy(enumerator);
 		if (!has_cookie)
 		{
 			message_t *response;
 			host_t *src, *dst;
 			packet_t *packet;
 			ike_sa_id_t *ike_sa_id;
 			chunk_t data = chunk_from_thing("COOKIE test data");

 			DBG1(DBG_CFG, "sending COOKIE: %#B", &data);
 			response = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
 			dst = message->get_source(message);
 			src = message->get_destination(message);
 			response->set_source(response, src->clone(src));
 			response->set_destination(response, dst->clone(dst));
 			response->set_exchange_type(response, IKE_SA_INIT);
 			response->set_request(response, FALSE);
 			response->set_message_id(response, 0);
 			ike_sa_id = message->get_ike_sa_id(message);
 			ike_sa_id->switch_initiator(ike_sa_id);
 			response->set_ike_sa_id(response, ike_sa_id);
 			response->add_notify(response, FALSE, COOKIE, data);
 			if (response->generate(response, NULL, &packet) == SUCCESS)
 			{
 				charon->sender->send(charon->sender, packet);
 				response->destroy(response);
 			}
 			message->set_exchange_type(message, EXCHANGE_TYPE_UNDEFINED);
 		}
 	}
 	return TRUE;
 }

 METHOD(hook_t, destroy, void,
 	private_force_cookie_t *this)
 {
 	free(this);
 }

 /**
  * Create the IKE_AUTH fill hook
  */
 hook_t *force_cookie_hook_create(char *name)
 {
 	private_force_cookie_t *this;

 	INIT(this,
 		.hook = {
 			.listener = {
 				.message = _message,
 			},
 			.destroy = _destroy,
 		},
 	);

 	return &this->hook;
 }
	/*
	* Copyright (C) 2010 Martin Willi
	* Copyright (C) 2010 revosec AG
	*
	* This program is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License as published by the
	* Free Software Foundation; either version 2 of the License, or (at your
	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	*
	* This program is distributed in the hope that it will be useful, but
	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* for more details.
	*/

	#include "hook.h"

	#include <encoding/payloads/unknown_payload.h>

	typedef struct private_force_cookie_t private_force_cookie_t;

	/**
	* Private data of an force_cookie_t object.
	*/
	struct private_force_cookie_t {

	/**
	* Implements the hook_t interface.
	*/
	hook_t hook;
	};

	METHOD(listener_t, message, bool,
	private_force_cookie_t this, ike_sa_t ike_sa, message_t *message,
	bool incoming, bool plain)
	{
	if (incoming && plain && message->get_request(message) &&
	message->get_exchange_type(message) == IKE_SA_INIT)
	{
	enumerator_t *enumerator;
	bool has_cookie = FALSE;
	payload_t *payload;

	enumerator = message->create_payload_enumerator(message);
	while (enumerator->enumerate(enumerator, &payload))
	{
	if (payload->get_type(payload) == PLV2_NOTIFY)
	{
	notify_payload_t notify = (notify_payload_t)payload;
	chunk_t data;

	if (notify->get_notify_type(notify) == COOKIE)
	{
	data = notify->get_notification_data(notify);
	DBG1(DBG_CFG, "received COOKIE: %#B", &data);
	has_cookie = TRUE;
	break;
	}
	}
	}
	enumerator->destroy(enumerator);
	if (!has_cookie)
	{
	message_t *response;
	host_t src, dst;
	packet_t *packet;
	ike_sa_id_t *ike_sa_id;
	chunk_t data = chunk_from_thing("COOKIE test data");

	DBG1(DBG_CFG, "sending COOKIE: %#B", &data);
	response = message_create(IKEV2_MAJOR_VERSION, IKEV2_MINOR_VERSION);
	dst = message->get_source(message);
	src = message->get_destination(message);
	response->set_source(response, src->clone(src));
	response->set_destination(response, dst->clone(dst));
	response->set_exchange_type(response, IKE_SA_INIT);
	response->set_request(response, FALSE);
	response->set_message_id(response, 0);
	ike_sa_id = message->get_ike_sa_id(message);
	ike_sa_id->switch_initiator(ike_sa_id);
	response->set_ike_sa_id(response, ike_sa_id);
	response->add_notify(response, FALSE, COOKIE, data);
	if (response->generate(response, NULL, &packet) == SUCCESS)
	{
	charon->sender->send(charon->sender, packet);
	response->destroy(response);
	}
	message->set_exchange_type(message, EXCHANGE_TYPE_UNDEFINED);
	}
	}
	return TRUE;
	}

	METHOD(hook_t, destroy, void,
	private_force_cookie_t *this)
	{
	free(this);
	}

	/**
	* Create the IKE_AUTH fill hook
	*/
	hook_t force_cookie_hook_create(char name)
	{
	private_force_cookie_t *this;

	INIT(this,
	.hook = {
	.listener = {
	.message = _message,
	},
	.destroy = _destroy,
	},
	);

	return &this->hook;
	}