static void
connection_state(struct state *st, void *data)
{
struct log_conn_info *lc = data;
if (!st || st == lc->ignore || !st->st_connection || !lc->conn)
return;
if (st->st_connection != lc->conn) {
if (lc->conn->IPhost_pair != st->st_connection->IPhost_pair ||
!same_peer_ids(lc->conn, st->st_connection, NULL))
return;
/* phase1 is shared with another connnection */
}
/* ignore undefined states (ie., just deleted) */
if (st->st_state == STATE_UNDEFINED)
return;
if (IS_PHASE1(st->st_state)) {
if (lc->tunnel < tun_phase1)
lc->tunnel = tun_phase1;
if (IS_ISAKMP_SA_ESTABLISHED(st->st_state)) {
if (lc->tunnel < tun_phase1up)
lc->tunnel = tun_phase1up;
lc->phase1 = p1_up;
} else {
if (lc->phase1 < p1_init)
lc->phase1 = p1_init;
if (IS_ISAKMP_ENCRYPTED(st->st_state) && lc->phase1 < p1_encrypt)
lc->phase1 = p1_encrypt;
if (IS_ISAKMP_AUTHENTICATED(st->st_state) && lc->phase1 < p1_auth)
lc->phase1 = p1_auth;
}
} else lc->phase1 = p1_down;
/* only phase one shares across connections, so we can quit now */
if (st->st_connection != lc->conn)
return;
if (IS_PHASE15(st->st_state)) {
if (lc->tunnel < tun_phase15)
lc->tunnel = tun_phase15;
}
if (IS_QUICK(st->st_state)) {
if (lc->tunnel < tun_phase2)
lc->tunnel = tun_phase2;
if (IS_IPSEC_SA_ESTABLISHED(st->st_state)) {
if (lc->tunnel < tun_up)
lc->tunnel = tun_up;
lc->phase2 = p2_up;
} else {
if (lc->phase2 < p2_neg)
lc->phase2 = p2_neg;
}
}
}
bool unique_msgid(struct state *isakmp_sa, msgid_t msgid)
{
struct msgid_list *p;
passert(msgid != MAINMODE_MSGID);
passert(IS_ISAKMP_ENCRYPTED(isakmp_sa->st_state));
for (p = isakmp_sa->st_used_msgids; p != NULL; p = p->next)
if (p->msgid == msgid)
return FALSE;
return TRUE;
}
msgid_t generate_msgid(struct state *isakmp_sa)
{
int timeout = 100; /* only try so hard for unique msgid */
msgid_t msgid;
passert(IS_ISAKMP_ENCRYPTED(isakmp_sa->st_state));
for (;; ) {
get_rnd_bytes((void *) &msgid, sizeof(msgid));
if (msgid != 0 && unique_msgid(isakmp_sa, msgid))
break;
if (--timeout == 0) {
libreswan_log(
"gave up looking for unique msgid; using 0x%08lx",
(unsigned long) msgid);
break;
}
}
return msgid;
}
