pluto实现分析(2)

本文档的Copyleft归yfydz所有,使用GPL发布,可以自由拷贝,转载,转载时请保持文档的完整性,
严禁用于任何商业用途。
msn: [email protected]
来源: http://yfydz.cublog.cn
 
4. 代码函数调用关系表

main
  -> getopt_long
  -> init_ctl_socket
  -> init_info_socket
  -> init_constants
  -> pluto_init_log
  -> init_pluto_vendorid
  -> init_nat_traversal
  -> init_virtual_ip
  -> init_rnd_pool
  -> init_secret
  -> init_states
  -> init_connections
    -> event_schedule
  -> init_crypto
    -> mpz_init_set_str
    -> ike_alg_twofish_init
    -> ike_alg_serpent_init
    -> ike_alg_aes_init
    -> ike_alg_add
    -> ike_alg_blowfish_init
  -> init_crypto_helpers
    -> pluto_init_log
    -> init_rnd_pool
    -> free_preshared_secrets
    -> pluto_crypto_helper
    -> pluto_init_log
  -> init_demux
  -> init_kernel
    -> init_pfkey
    -> kernel_ops == &linux_kernel_ops, &klips_kernel_ops, &noklips_kernel_ops
    -> kernel_ops->init
      -> klips_kernel_ops: NULL
      -> noklips_kernel_ops: init_noklips
      -> linux_kernel_ops: init_netlink
        -> socket, fcntl, bind
    -> kernel_ops->pfkey_register
      -> klips_kernel_ops:  klips_pfkey_register
        -> pfkey_register_proto
          -> pfkey_msg_start
          -> finish_pfkey_msg
          -> kernel_ops->pfkey_register_response
      -> noklips_kernel_ops: noklips_register
      -> linux_kernel_ops: linux_pfkey_register
        -> pfkey_register_proto
        -> pfkey_close
    -> event_schedule (timer.c)
      -> alloc_thing(struct event)
  -> init_adns
    -> readlink("/proc/self/exe")
    -> fork
  -> init_id
    -> set_myid
      -> atoid
      -> free_id_content
      -> unshare_id_content
      -> calc_myid_str
    -> set_myFQDN
      -> gethostname
      -> free_id_content
      -> clonetochunk
      -> calc_myid_str
  -> init_fetch
    -> curl_global_init
    -> pthread_create
      -> fetch_thread
        -> pthread_cond_signal
  -> load_authcerts
  -> load_crls
  -> load_acerts
  -> daily_log_event
  -> call_server (server.c)
    -> SIGHUP: huphandler
    -> SIGTERM: termhandler
    -> SIGCHILD: childhandler
    -> next_event
    -> reapchildren
      -> adns_reapchild
        -> free_any
        -> release_all_continuations
      -> pluto_crypt_handle_dead_child
    -> kernel_ops->process_queue
      -> klips_kernel_ops: pfkey_dequeue
        -> pfkey_input_ready
        -> record_and_initiate_opportunistic
      -> noklips_kernel_ops: noklips_dequeue
      -> linux_kernel_ops: NULL
    -> pluto_crypto_helper_sockets
    -> select
    -> handle_timer_event (timer.c)
      -> set_cur_state
      -> init_secret
      -> scan_proc_shunts
      -> connection_check_phase2
      -> daily_log_event
      -> send_packet (demux.c)
        -> setportof
        -> check_msg_errqueue
        -> sendto
      -> event_schedule
      -> release_pending_whacks
      -> ipsecdoi_replace
        -> aggr_outI1
        -> main_outI1
        -> ipsecdoi_initiate
      -> delete_state
      -> delete_dpd_event
        -> _delete_dpd_event
      -> release_md
      -> dpd_event (dpd.c)
        -> p1_dpd_outI1
          -> dpd_outI
            -> event_schedule
            -> was_eroute_idle
            -> dpd_sched_timeout
              -> delete_dpd_event
              -> event_schedule
            -> send_isakmp_notification
        -> p2_dpd_outI1
          -> find_phase1_state
          -> dpd_outI
      -> dpd_timeout (dpd.c)
        -> set_cur_connection
        -> delete_states_by_connection
        -> unroute_connection
        -> initiate_connection
        -> reset_cur_connection
      -> nat_traversal_ka_event
        -> for_each_state
          -> nat_traversal_ka_event_state
            -> state_with_serialno
            -> nat_traversal_send_ka
              -> setchunk
              -> send_packet
        -> nat_traversal_new_ka_event
          -> event_schedule
      -> pfree
      -> reset_cur_state
    -> send_unsent_ADNS_queries
    -> handle_adns_answer
    -> kernel_ops->process_msg
      -> klips_kernel_ops: pfkey_event (kernel_pfkey.c)
        -> pfkey_get
          -> pfkey_input_ready
        -> pfkey_async
          -> pfkey_msg_parse
          -> kernel_ops->pfkey_register_response
            -> klips_kernel_ops:  klips_pfkey_register_response
              -> kernel_alg_register_pfkey
            -> noklips_kernel_ops
            -> linux_kernel_ops: linux_pfkey_register_response
              -> kernel_alg_register_pfkey
          -> process_pfkey_acquire
            -> record_and_initiate_opportunistic (kernel.c)
              -> alloc_thing(struct bare_shunt
              -> initiate_opportunistic (connections.c)
                -> initiate_opportunistic_body
                  -> find_connection_for_clients
                  -> assign_hold
                  -> ipsecdoi_initiate
                  -> check_txt_recs
                  -> get_RSA_private_key
                  -> same_RSA_public_key
                  -> build_outgoing_opportunistic_connection
                    -> find_host_pair_connections
                    -> oppo_instantiate
                      -> instantiate
                        -> clone_thing
                        -> unshare_connection_strings
                        -> unshare_ietfAttrList
                        -> alg_info_addref
                        -> default_end
                        -> connect_to_host_pair
                          -> find_host_pair
                      -> routed
                      -> format_connection
                        -> format_end
                          -> is_virtual_end
                          -> networkof
                          -> maskof
                  -> replace_bare_shunt
                    -> bare_shunt_ptr
                    -> raw_eroute
                    -> alloc_thing(struct bare_shunt
                  -> shunt_policy_spi
                    -> null
                  -> alloc_thing(struct find_oppo_continuation
                  -> start_adns_query
                  -> cannot_oppo
                  -> close_any
          -> process_pfkey_nat_t_new_mapping
            -> initaddr
            -> for_each_state
              -> nat_t_new_klips_mapp
                -> nat_traversal_new_mapping
                  -> addrtot
                  -> sameaddr
                  -> for_each_state
                    -> nat_traversal_find_new_mapp_state
                      -> IS_IPSEC_SA_ESTABLISHED
                      -> update_ipsec_sa
                        -> IS_IPSEC_SA_ESTABLISHED
                        -> IS_ONLY_INBOUND_IPSEC_SA_ESTABLISHED
                        -> update_nat_t_ipsec_esp_sa
                          -> set_text_said
                          -> kernel_ops->add_sa
                            -> klips_kernel_ops: pfkey_add_sa (kernel_pfkey.c)
                              -> pfkey_msg_start
                              -> pfkey_build
                                -> pfkey_extensions_free
                              -> pfkey_sa_build
                              -> pfkeyext_address
                              -> pfkey_key_build
                              -> pfkey_x_nat_t_type_build
                              -> pfkey_x_nat_t_port_build
                              -> finish_pfkey_msg
                            -> noklips_kernel_ops: noklips_event
                            -> linux_kernel_ops: netlink_add_sa (kernel_nerlink.c)
                              -> sparse_name
                              -> send_netlink_msg
                              ->
      -> noklips_kernel_ops: noklips_event
      -> linux_kernel_ops: netlink_process_msg
        -> netlink_get
          -> netlink_acquire
            -> xfrm_to_ip_address
            -> addrtosubnet
            -> has_bare_hold
            -> record_and_initiate_opportunistic
          -> netlink_policy_expire
            -> send_netlink_msg
            -> netlink_shunt_expire
    -> comm_handle(interfaces) (demux.c)
      -> check_msg_errqueue
      -> alloc_md (msg_digest)
      -> process_packet (demux.c)
        -> SEND_NOTIFICATION
          -> send_notification (ipsec_doi.c)
            -> delete_state
            -> init_pbs
            -> out_struct
            -> out_generic
            -> out_zero
            -> close_output_pbs
            -> out_raw
            -> hmac_init_chunk
            -> hmac_update
            -> hmac_final
            -> init_phase2_iv
            -> encrypt_message
            -> setchunk
            -> send_packet
          -> send_notification_from_state
            -> find_phase1_state
            -> send_notification
          -> send_notification_from_md
            -> send_notification
          do state change
        -> find_state
          -> state_hash
          -> sameaddr, memcmp
        -> find_info_state
          -> state_hash
          -> sameaddr, memcmp
        -> reserve_msgid
        -> init_phase2_iv
        -> receive_ike_echo_request (ikeping.c)
          -> addrtot
        -> receive_ike_echo_reply
          -> addrtot
        -> xauth_calcbaseauth
        -> send_packet
        -> clonetochunk
        -> init_new_iv
        -> crypto_cbc_encrypt
        -> accept_delete
          -> same_peer_ids
          -> nat_traversal_change_port_lookup
          -> delete_state
          -> find_phase2_state_to_delete
          -> delete_event
          -> event_schedule
        -> handle_vendorid
        -> echo_hdr
        -> smc->processor (demux.c)
          -> main_inI1_outR1 (ipsec_doi.c)
            -> pbs_left
            -> find_host_connection
            -> rw_instantiate (connections.c)
              -> instantiate
                -> unshare_connection_strings
                -> unshare_ietfAttrList
                -> alg_info_addref
                -> default_end
                -> connect_to_host_pair
              -> subnetishost
              -> addrinsubnet
              -> aftoinfo
            -> new_state
              -> clone_thing(blank_state,
            -> get_cookie
            -> insert_state
              -> event_schedule
            -> copy_quirks
            -> out_struct
            -> out_generic_raw
            -> out_vendorid
            -> nat_traversal_vid_to_method
          -> main_inR1_outI2
            -> parse_isakmp_sa_body
            -> nat_traversal_vid_to_method
            -> alloc_thing(struct ke_continuation
            -> build_ke (crypt_ke.c)
              -> alloc_thing(struct pluto_crypto_req
              -> send_crypto_helper_request (pluto_crypt.c)
                -> reset_cur_state
                -> pluto_do_crypto_op
                -> (*cn->pcrc_func)
                -> pfree
                -> cleanup_crypto_helper
                -> init_crypto_helper
              -> delete_event
              -> event_schedule
              -> pcrc_func: main_inR1_outI2_continue
                -> set_cur_state
                -> main_inR1_outI2_tail
                -> complete_state_transition
                -> release_md
                -> reset_cur_state
            -> main_inR1_outI2_tail
              -> init_pbs
              -> echo_hdr
              -> ship_KE
                -> freeanychunk
                -> clonetochunk
                -> n_to_mpz
                -> out_generic_chunk
              -> ship_nonce
                -> freeanychunk
                -> clonetochunk
                -> out_generic_chunk
              -> out_generic
              -> out_zero
              -> close_output_pbs
              -> nat_traversal_add_natd
                -> out_modify_previous_np
                -> _natd_hash
                -> out_generic_raw
              -> close_message
              -> unhash_state
              -> insert_state
          -> main_inI2_outR2
            -> accept_KE
              -> clonereplacechunk
            -> accept_nonce
              -> clonereplacechunk
            -> decode_cr
              -> clonetochunk
              -> dntoa_or_null
            -> nat_traversal_natd_lookup
              -> _natd_hash
            -> nat_traversal_show_result
              -> null
            -> nat_traversal_new_ka_event
              -> event_schedule
            -> alloc_thing(struct ke_continuation
            -> build_ke
              -> pcrc_func: main_inI2_outR2_continue
                -> set_cur_state
                -> main_inI2_outR2_tail
                -> complete_state_transition
                -> release_md
                -> reset_cur_state
            -> main_inI2_outR2_tail
              -> has_preloaded_public_key
              -> ship_KE
              -> ship_nonce
              -> out_generic
              -> out_zero
              -> close_output_pbs
              -> build_and_ship_CR
              -> collect_rw_ca_candidates
              -> free_generalNames
              -> nat_traversal_add_natd
              -> close_message
              -> alloc_thing(struct dh_continuation
              -> perform_dh_secretiv
                 -> main_inI2_outR2_calcdone
                   -> process_packet
                   -> release_md
              -> update_iv
              -> pfree
          -> unexpected
          -> main_inR2_outI3
            -> accept_KE
            -> accept_nonce
            -> decode_cr
            -> doi_log_cert_thinking
            -> free_generalNames
            -> perform_dh_secretiv
            -> nat_traversal_natd_lookup
            -> nat_traversal_show_result
            -> nat_traversal_new_ka_event
            -> build_id_payload
            -> out_struct
            -> close_output_pbs
            -> out_chunk
            -> build_and_ship_CR
            -> main_mode_hash
              -> hmac_init_chunk
              -> main_mode_hash_body
                ->  hash_update_chunk
                ->  hash_update
              -> hmac_final
            -> out_generic_raw
            -> RSA_sign_hash
            -> encrypt_message
              -> pad_up
              -> out_zero
              -> crypto_cbc_encrypt
              -> update_iv
              -> close_message
          -> main_inI3_outR3
            -> main_inI3_outR3_tail
              -> main_id_and_auth
                -> main_inI3_outR3_continue
                  -> key_continue
                    -> delete_event
                    -> report_key_dns_failure
                    -> tail: main_inI3_outR3_tail
                    -> complete_state_transition
                    -> release_md
              -> doi_log_cert_thinking
              -> echo_hdr
              -> build_id_payload
              -> out_struct
              -> out_chunk
              -> close_output_pbs
              -> out_generic_raw
              -> encrypt_message
              -> ISAKMP_SA_established (connections.c)
                -> same_id
                -> sameaddr
                -> release_connection
          -> main_inR3
            -> main_inR3_tail
              -> main_id_and_auth
                -> main_inR3_continue
                  -> key_continue
                    -> tail: main_inR3_tail
            -> ISAKMP_SA_established
            -> set_ph1_iv
            -> update_iv
          -> aggr_inI1_outR1_psk (ikev1_aggr.c)
            -> aggr_inI1_outR1_common
              -> find_host_connection
              -> rw_instantiate
              -> new_state
              -> decode_peer_id
                -> setchunk
                -> decode_cert
                  -> parse_x509cert
                  -> verify_x509cert
                  -> add_x509_public_key
                  -> free_generalNames
                  -> parse_pkcs7_cert
                  -> store_x509certs
                -> same_id
                -> decode_cr
                -> refine_host_connection
                -> free_generalNames
                -> rw_instantiate
                -> connection_discard
                -> free_id_content
                -> unshare_id_content
              -> idtoa
              -> get_cookie
              -> insert_state
              -> nat_traversal_vid_to_method
              -> clonereplacechunk
              -> parse_isakmp_sa_body
              -> accept_KE
              -> accept_nonce
              -> alloc_thing(struct ke_continuation
              -> build_ke
                -> pcrc_func: aggr_inI1_outR1_continue
                  -> set_cur_state
                  -> aggr_inI1_outR1_tail
                  -> complete_state_transition
                  -> release_md
                  -> reset_cur_state
              -> aggr_inI1_outR1_tail
                -> init_pbs
                -> out_struct
                -> parse_isakmp_sa_body
                -> ship_KE
                -> ship_nonce
                -> build_id_payload
                -> out_chunk
                -> close_output_pbs
                -> perform_dh_secretiv
                -> update_iv
                -> main_mode_hash
                -> out_generic_raw
                -> RSA_sign_hash
                -> out_vendorid
                -> nat_traversal_add_natd
                -> close_message
          -> aggr_inI1_outR1_rsasig
            -> aggr_inI1_outR1_common
          -> aggr_inR1_outI2
            -> decode_peer_id
            -> idtoa
            -> parse_isakmp_sa_body
            -> copy_quirks
            -> nat_traversal_vid_to_method
            -> accept_KE
            -> accept_nonce
            -> unhash_state
            -> insert_state
            -> nat_traversal_natd_lookup
            -> nat_traversal_show_result
            -> nat_traversal_new_ka_event
            -> perform_dh_secretiv
            -> aggr_inR1_outI2_tail
              -> aggr_id_and_auth
                -> aggr_inR1_outI2_continue
                  -> key_continue
                    -> tail: aggr_inR1_outI2_tail
              -> out_struct
              -> nat_traversal_add_natd
              -> build_id_payload
              -> init_pbs
              -> out_chunk
              -> main_mode_hash
              -> out_generic_raw
              -> RSA_sign_hash
              -> encrypt_message
...... 待续 ......

你可能感兴趣的:(职场,休闲)