Use a string to identify xauth backends, no need for integer types

2011-12-08 16:42:11 +01:00 · 2011-12-08 16:42:11 +01:00 · 1fe6cdfac2
parent 4e73f85b81
commit 1fe6cdfac2
11 changed files with 52 additions and 187 deletions
--- a/src/libcharon/plugins/xauth_null/xauth_null.c
+++ b/src/libcharon/plugins/xauth_null/xauth_null.c
@ -72,12 +72,6 @@ METHOD(xauth_method_t, initiate_server, status_t,
 	return NEED_MORE;
 }

-METHOD(xauth_method_t, get_type, xauth_type_t,
-	private_xauth_null_t *this, u_int32_t *vendor)
-{
-	return XAUTH_NULL;
-}
-
 METHOD(xauth_method_t, destroy, void,
 	private_xauth_null_t *this)
 {
@ -89,7 +83,7 @@ METHOD(xauth_method_t, destroy, void,
 * Described in header.
 */
 xauth_null_t *xauth_null_create_peer(identification_t *server,
-										 identification_t *peer)
+									 identification_t *peer)
 {
 	private_xauth_null_t *this;

@ -98,7 +92,6 @@ xauth_null_t *xauth_null_create_peer(identification_t *server,
 			.xauth_method = {
 				.initiate = _initiate_peer,
 				.process = _process_peer,
-				.get_type = _get_type,
 				.destroy = _destroy,
 			},
 		},
@ -121,7 +114,6 @@ xauth_null_t *xauth_null_create_server(identification_t *server,
 			.xauth_method = {
 				.initiate = _initiate_server,
 				.process = _process_server,
-				.get_type = _get_type,
 				.destroy = _destroy,
 			},
 		},
--- a/src/libcharon/plugins/xauth_null/xauth_null.h
+++ b/src/libcharon/plugins/xauth_null/xauth_null.h
@ -44,7 +44,7 @@ struct xauth_null_t {
 * @return			xauth_null_t object
 */
 xauth_null_t *xauth_null_create_server(identification_t *server,
-										   identification_t *peer);
+									   identification_t *peer);

 /**
 * Creates the XAuth method XAuth NULL, acting as peer.
@ -54,6 +54,6 @@ xauth_null_t *xauth_null_create_server(identification_t *server,
 * @return			xauth_null_t object
 */
 xauth_null_t *xauth_null_create_peer(identification_t *server,
-										 identification_t *peer);
+									 identification_t *peer);

 #endif /** XAUTH_NULL_H_ @}*/
--- a/src/libcharon/plugins/xauth_null/xauth_null_plugin.c
+++ b/src/libcharon/plugins/xauth_null/xauth_null_plugin.c
@ -29,9 +29,9 @@ METHOD(plugin_t, get_features, int,
 {
 	static plugin_feature_t f[] = {
 		PLUGIN_CALLBACK(xauth_method_register, xauth_null_create_server),
-			PLUGIN_PROVIDE(XAUTH_SERVER, XAUTH_NULL),
+			PLUGIN_PROVIDE(XAUTH_SERVER, "null"),
 		PLUGIN_CALLBACK(xauth_method_register, xauth_null_create_peer),
-			PLUGIN_PROVIDE(XAUTH_PEER, XAUTH_NULL),
+			PLUGIN_PROVIDE(XAUTH_PEER, "null"),
 	};
 	*features = f;
 	return countof(f);
--- a/src/libcharon/sa/authenticators/xauth/xauth_manager.c
+++ b/src/libcharon/sa/authenticators/xauth/xauth_manager.c
@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -27,17 +27,12 @@ typedef struct xauth_entry_t xauth_entry_t;
 struct xauth_entry_t {

 	/**
-	 * XAuth method type, vendor specific if vendor is set
+	 * Xauth backend name
 	 */
-	xauth_type_t type;
+	char *name;

 	/**
-	 * vendor ID, 0 for default XAuth methods
-	 */
-	u_int32_t vendor;
-
-	/**
-	 * Role of the method returned by the constructor, XAUTH_SERVER or XAUTH_PEER
+	 * Role of the method, XAUTH_SERVER or XAUTH_PEER
 	 */
 	xauth_role_t role;

@ -69,15 +64,16 @@ struct private_xauth_manager_t {
 };

 METHOD(xauth_manager_t, add_method, void,
-	private_xauth_manager_t *this, xauth_type_t type, u_int32_t vendor,
-	xauth_role_t role, xauth_constructor_t constructor)
+	private_xauth_manager_t *this, char *name, xauth_role_t role,
+	xauth_constructor_t constructor)
 {
-	xauth_entry_t *entry = malloc_thing(xauth_entry_t);
+	xauth_entry_t *entry;

-	entry->type = type;
-	entry->vendor = vendor;
-	entry->role = role;
-	entry->constructor = constructor;
+	INIT(entry,
+		.name = name,
+		.role = role,
+		.constructor = constructor,
+	);

 	this->lock->write_lock(this->lock);
 	this->methods->insert_last(this->methods, entry);
@ -105,8 +101,8 @@ METHOD(xauth_manager_t, remove_method, void,
 }

 METHOD(xauth_manager_t, create_instance, xauth_method_t*,
-	private_xauth_manager_t *this, xauth_type_t type, u_int32_t vendor,
-	xauth_role_t role, identification_t *server, identification_t *peer)
+	private_xauth_manager_t *this, char *name, xauth_role_t role,
+	identification_t *server, identification_t *peer)
 {
 	enumerator_t *enumerator;
 	xauth_entry_t *entry;
@ -116,8 +112,7 @@ METHOD(xauth_manager_t, create_instance, xauth_method_t*,
 	enumerator = this->methods->create_enumerator(this->methods);
 	while (enumerator->enumerate(enumerator, &entry))
 	{
-		if (type == entry->type && vendor == entry->vendor &&
-			role == entry->role)
+		if (streq(name, entry->name) && role == entry->role)
 		{
 			method = entry->constructor(server, peer);
 			if (method)
@ -147,14 +142,14 @@ xauth_manager_t *xauth_manager_create()
 	private_xauth_manager_t *this;

 	INIT(this,
-			.public = {
-				.add_method = _add_method,
-				.remove_method = _remove_method,
-				.create_instance = _create_instance,
-				.destroy = _destroy,
-			},
-			.methods = linked_list_create(),
-			.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
+		.public = {
+			.add_method = _add_method,
+			.remove_method = _remove_method,
+			.create_instance = _create_instance,
+			.destroy = _destroy,
+		},
+		.methods = linked_list_create(),
+		.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
 	);

 	return &this->public;
--- a/src/libcharon/sa/authenticators/xauth/xauth_manager.h
+++ b/src/libcharon/sa/authenticators/xauth/xauth_manager.h
@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -38,34 +38,32 @@ struct xauth_manager_t {
 	/**
 	 * Register a XAuth method implementation.
 	 *
-	 * @param method		vendor specific method, if vendor != 0
-	 * @param vendor		vendor ID, 0 for non-vendor (default) XAuth methods
-	 * @param role			XAuth role of the registered method
+	 * @param name			backend name to register
+	 * @param role			XAUTH_SERVER or XAUTH_PEER
 	 * @param constructor	constructor function, returns an xauth_method_t
 	 */
-	void (*add_method)(xauth_manager_t *this, xauth_type_t type, u_int32_t vendor,
+	void (*add_method)(xauth_manager_t *this, char *name,
 					   xauth_role_t role, xauth_constructor_t constructor);

 	/**
 	 * Unregister a XAuth method implementation using it's constructor.
 	 *
-	 * @param constructor	constructor function to remove, as added in add_method
+	 * @param constructor	constructor function, as added in add_method
 	 */
 	void (*remove_method)(xauth_manager_t *this, xauth_constructor_t constructor);

 	/**
 	 * Create a new XAuth method instance.
 	 *
-	 * @param vendor		vendor ID, 0 for non-vendor (default) XAuth methods
-	 * @param role			role of XAuth method, either XAUTH_SERVER or XAUTH_PEER
+	 * @param name			backend name, as it was registered with
+	 * @param role			XAUTH_SERVER or XAUTH_PEER
 	 * @param server		identity of the server
 	 * @param peer			identity of the peer (client)
 	 * @return				XAUTH method instance, NULL if no constructor found
 	 */
-	xauth_method_t* (*create_instance)(xauth_manager_t *this, xauth_type_t type,
-									 u_int32_t vendor, xauth_role_t role,
-									 identification_t *server,
-									 identification_t *peer);
+	xauth_method_t* (*create_instance)(xauth_manager_t *this,
+							char *name, xauth_role_t role,
+							identification_t *server, identification_t *peer);

 	/**
 	 * Destroy a eap_manager instance.
@ -78,4 +76,4 @@ struct xauth_manager_t {
 */
 xauth_manager_t *xauth_manager_create();

-#endif /** EAP_MANAGER_H_ @}*/
+#endif /** XAUTH_MANAGER_H_ @}*/
--- a/src/libcharon/sa/authenticators/xauth/xauth_method.c
+++ b/src/libcharon/sa/authenticators/xauth/xauth_method.c
@ -30,9 +30,9 @@ bool xauth_method_register(plugin_t *plugin, plugin_feature_t *feature,
 {
 	if (reg)
 	{
-		charon->xauth->add_method(charon->xauth, feature->arg.xauth, 0,
-					feature->type == FEATURE_XAUTH_SERVER ? XAUTH_SERVER : XAUTH_PEER,
-					(xauth_constructor_t)data);
+		charon->xauth->add_method(charon->xauth, feature->arg.xauth,
+			feature->type == FEATURE_XAUTH_SERVER ? XAUTH_SERVER : XAUTH_PEER,
+			(xauth_constructor_t)data);
 	}
 	else
 	{
--- a/src/libcharon/sa/authenticators/xauth/xauth_method.h
+++ b/src/libcharon/sa/authenticators/xauth/xauth_method.h
@ -28,7 +28,6 @@ typedef enum xauth_role_t xauth_role_t;
 #include <plugins/plugin.h>
 #include <utils/identification.h>
 #include <encoding/payloads/cp_payload.h>
-#include <xauth/xauth.h>

 /**
 * Role of an xauth_method, SERVER or PEER (client)
@ -37,6 +36,7 @@ enum xauth_role_t {
 	XAUTH_SERVER,
 	XAUTH_PEER,
 };
+
 /**
 * enum names for xauth_role_t.
 */
@ -46,12 +46,8 @@ extern enum_name_t *xauth_role_names;
 * Interface of an XAuth method for server and client side.
 *
 * An XAuth method initiates an XAuth exchange and processes requests and
- * responses. An XAuth method may need multiple exchanges before succeeding, and
- * the xauth_authentication may use multiple XAuth methods to authenticate a peer.
- * To accomplish these requirements, all XAuth methods have their own
- * implementation while the xauth_authenticatior uses one or more of these
- * XAuth methods. Sending of XAUTH(STATUS) message is not the job
- * of the method, the xauth_authenticator does this.
+ * responses. An XAuth method may need multiple exchanges before succeeding.
+ * Sending of XAUTH(STATUS) message is done by the framework, not a method.
 */
 struct xauth_method_t {

@ -84,14 +80,6 @@ struct xauth_method_t {
 	status_t (*process) (xauth_method_t *this, cp_payload_t *in,
 						 cp_payload_t **out);

-	/**
-	 * Get the XAuth type implemented in this method.
-	 *
-	 * @param vendor	pointer receiving vendor identifier for type, 0 for none
-	 * @return			type of the XAuth method
-	 */
-	xauth_type_t (*get_type) (xauth_method_t *this, u_int32_t *vendor);
-
 	/**
 	 * Destroys a eap_method_t object.
 	 */
@ -106,8 +94,6 @@ struct xauth_method_t {
 * Constructors for server and peers are identical, to support both roles
 * of a XAuth method, a plugin needs register two constructors in the
 * xauth_manager_t.
- * The passed identites are of type ID_EAP and valid only during the
- * constructor invocation.
 *
 * @param server		ID of the server to use for credential lookup
 * @param peer			ID of the peer to use for credential lookup
@ -128,6 +114,6 @@ typedef xauth_method_t *(*xauth_constructor_t)(identification_t *server,
 * @param data			data passed to callback, an xauth_constructor_t
 */
 bool xauth_method_register(plugin_t *plugin, plugin_feature_t *feature,
-						 bool reg, void *data);
+						   bool reg, void *data);

 #endif /** XAUTH_METHOD_H_ @}*/
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@ -70,8 +70,7 @@ utils/linked_list.c utils/linked_list.h \
 utils/hashtable.c utils/hashtable.h \
 utils/enumerator.c utils/enumerator.h \
 utils/optionsfrom.c utils/optionsfrom.h \
-utils/backtrace.c utils/backtrace.h \
-xauth/xauth.h xauth/xauth.c
+utils/backtrace.c utils/backtrace.h


 library.lo :	$(top_builddir)/config.status
--- a/src/libstrongswan/plugins/plugin_feature.h
+++ b/src/libstrongswan/plugins/plugin_feature.h
@ -25,7 +25,6 @@ typedef struct plugin_feature_t plugin_feature_t;

 #include <library.h>
 #include <eap/eap.h>
-#include <xauth/xauth.h>
 #include <plugins/plugin.h>

 /**
@ -188,7 +187,7 @@ struct plugin_feature_t {
 		/** FEATURE_CUSTOM */
 		char *custom;
 		/** FEATURE_XAUTH_SERVER/CLIENT */
-		xauth_type_t xauth;
+		char *xauth;

 		/** FEATURE_REGISTER */
 		struct {
@ -273,8 +272,8 @@ struct plugin_feature_t {
 #define _PLUGIN_FEATURE_DATABASE(kind, type)				__PLUGIN_FEATURE(kind, DATABASE, .database = type)
 #define _PLUGIN_FEATURE_FETCHER(kind, type)					__PLUGIN_FEATURE(kind, FETCHER, .fetcher = type)
 #define _PLUGIN_FEATURE_CUSTOM(kind, name)					__PLUGIN_FEATURE(kind, CUSTOM, .custom = name)
-#define _PLUGIN_FEATURE_XAUTH_SERVER(kind, type)			__PLUGIN_FEATURE(kind, XAUTH_SERVER, .xauth = type)
-#define _PLUGIN_FEATURE_XAUTH_PEER(kind, type)				__PLUGIN_FEATURE(kind, XAUTH_PEER, .xauth = type)
+#define _PLUGIN_FEATURE_XAUTH_SERVER(kind, name)			__PLUGIN_FEATURE(kind, XAUTH_SERVER, .xauth = name)
+#define _PLUGIN_FEATURE_XAUTH_PEER(kind, name)				__PLUGIN_FEATURE(kind, XAUTH_PEER, .xauth = name)

 #define __PLUGIN_FEATURE_REGISTER(type, _f)					(plugin_feature_t){ FEATURE_REGISTER, FEATURE_##type, .arg.reg.f = _f }
 #define __PLUGIN_FEATURE_REGISTER_BUILDER(type, _f, _final)	(plugin_feature_t){ FEATURE_REGISTER, FEATURE_##type, .arg.reg = {.f = _f, .final = _final, }}
--- a/src/libstrongswan/xauth/xauth.c
+++ b/src/libstrongswan/xauth/xauth.c
@ -1,50 +0,0 @@
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "xauth.h"
-
-ENUM_BEGIN(xauth_method_type_names, XAUTH_RADIUS, XAUTH_NULL,
-	"XAUTH_RADIUS",
-	"XAUTH_NULL");
-ENUM_END(xauth_method_type_names, XAUTH_NULL);
-
-ENUM_BEGIN(xauth_method_type_short_names, XAUTH_RADIUS, XAUTH_NULL,
-	"RAD",
-	"NULL");
-ENUM_END(xauth_method_type_short_names, XAUTH_NULL);
-
-/*
- * See header
- */
-xauth_type_t xauth_type_from_string(char *name)
-{
-	int i;
-	static struct {
-		char *name;
-		xauth_type_t type;
-	} types[] = {
-		{"radius",		XAUTH_RADIUS},
-		{"null",		XAUTH_NULL},
-	};
-
-	for (i = 0; i < countof(types); i++)
-	{
-		if (strcaseeq(name, types[i].name))
-		{
-			return types[i].type;
-		}
-	}
-	return 0;
-}
--- a/src/libstrongswan/xauth/xauth.h
+++ b/src/libstrongswan/xauth/xauth.h
@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2010 Martin Willi
- * Copyright (C) 2010 revosec AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup xauth xauth
- * @{ @ingroup libstrongswan
- */
-
-#ifndef XAUTH_H__
-#define XAUTH_H__
-
-typedef enum xauth_type_t xauth_type_t;
-
-#include <library.h>
-
-/**
- * XAuth types, defines the XAuth method implementation
- */
-enum xauth_type_t {
-	XAUTH_RADIUS = 253,
-	XAUTH_NULL = 254,
-};
-
-/**
- * enum names for xauth_type_t.
- */
-extern enum_name_t *xauth_method_type_names;
-
-/**
- * short string enum names for xauth_type_t.
- */
-extern enum_name_t *xauth_method_type_short_names;
-
-/**
- * Lookup the XAuth method type from a string.
- *
- * @param name		XAuth method name (such as "md5", "aka")
- * @return			method type, 0 if unknown
- */
-xauth_type_t xauth_type_from_string(char *name);
-
-#endif /** XAUTH_H_ @}*/