/* build an ID payload
* Note: no memory is allocated for the body of the payload (tl->ptr).
* We assume it will end up being a pointer into a sufficiently
* stable datastructure. It only needs to last a short time.
*/
void build_id_payload(struct isakmp_ipsec_id *hd, chunk_t *tl, struct end *end)
{
const struct id *id = resolve_myid(&end->id);
zero(hd);
zero(tl);
hd->isaiid_idtype = id->kind;
switch (id->kind) {
case ID_NONE:
hd->isaiid_idtype =
aftoinfo(addrtypeof(&end->host_addr))->id_addr;
tl->len = addrbytesptr(&end->host_addr, &tl->ptr); /* sets tl->ptr too */
break;
case ID_FQDN:
case ID_USER_FQDN:
case ID_DER_ASN1_DN:
case ID_KEY_ID:
*tl = id->name;
break;
case ID_IPV4_ADDR:
case ID_IPV6_ADDR:
tl->len = addrbytesptr(&id->ip_addr, &tl->ptr); /* sets tl->ptr too */
break;
case ID_NULL:
tl->len = 0;
tl->ptr = NULL;
break;
default:
bad_case(id->kind);
}
}
/** returns a host pair based upon addresses.
*
* find_host_pair is given a pair of addresses, plus UDP ports, and
* returns a host_pair entry that covers it. It also moves the relevant
* pair description to the beginning of the list, so that it can be
* found faster next time.
*/
struct host_pair *find_host_pair(const ip_address *myaddr,
u_int16_t myport,
const ip_address *hisaddr,
u_int16_t hisport)
{
struct host_pair *p, *prev;
/* default hisaddr to an appropriate any */
if (hisaddr == NULL) {
#if 0
/* broken */
const struct af_info *af = aftoinfo(addrtypeof(myaddr));
if (af == NULL)
af = aftoinfo(AF_INET);
if (af)
hisaddr = af->any;
#else
hisaddr = aftoinfo(addrtypeof(myaddr))->any;
#endif
}
/*
* look for a host-pair that has the right set of ports/address.
*
*/
/*
* for the purposes of comparison, port 500 and 4500 are identical,
* but other ports are not.
* So if any port==4500, then set it to 500.
* But we can also have non-RFC values for pluto_port and pluto_nat_port
*/
if (myport == pluto_nat_port)
myport = pluto_port;
if (hisport == pluto_nat_port)
hisport = pluto_port;
for (prev = NULL, p = host_pairs; p != NULL; prev = p, p = p->next) {
DBG(DBG_CONTROLMORE, {
ipstr_buf b1;
ipstr_buf b2;
DBG_log("find_host_pair: comparing %s:%d to %s:%d",
ipstr(&p->me.addr, &b1), p->me.host_port,
ipstr(&p->him.addr, &b2), p->him.host_port);
});
if (sameaddr(&p->me.addr, myaddr) &&
(!p->me.host_port_specific || p->me.host_port == myport) &&
sameaddr(&p->him.addr, hisaddr) &&
(!p->him.host_port_specific || p->him.host_port == hisport)
) {
if (prev != NULL) {
prev->next = p->next; /* remove p from list */
p->next = host_pairs; /* and stick it on front */
host_pairs = p;
}
break;
}
}
