move SQL-based pool functionality to new attr-sql libstrongswan plugin

2009-10-13 17:02:29 +02:00 · 2009-10-13 17:02:29 +02:00 · 247794827e
parent 4c8bb47abd
commit 247794827e
20 changed files with 245 additions and 45 deletions
--- a/configure.in
+++ b/configure.in
@ -127,6 +127,7 @@ ARG_DISBL_SET([tools],          [disable additional utilities (openac, scepclien
 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
 ARG_DISBL_SET([updown],         [disable updown firewall script plugin.])
 ARG_DISBL_SET([attr],           [disable strongswan.conf based configuration attribute plugin.])
 ARG_ENABL_SET([attr-sql],       [enable SQL based configuration attribute plugin.])
 ARG_DISBL_SET([resolve],        [disable resolve DNS handler plugin.])
 ARG_ENABL_SET([padlock],        [enables VIA Padlock crypto plugin.])
 ARG_ENABL_SET([openssl],        [enables the OpenSSL crypto plugin.])
@ -618,6 +619,10 @@ fi
 if test x$sqlite = xtrue; then
 	libstrongswan_plugins=${libstrongswan_plugins}" sqlite"
 fi
 if test x$attr_sql = xtrue -o x$sql = xtrue; then
 	libstrongswan_plugins=${libstrongswan_plugins}" attr-sql"
 	pluto_plugins=${pluto_plugins}" attr-sql"
 fi
 if test x$padlock = xtrue; then
 	libstrongswan_plugins=${libstrongswan_plugins}" padlock"
 fi
@ -676,6 +681,7 @@ AM_CONDITIONAL(USE_HMAC, test x$hmac = xtrue)
 AM_CONDITIONAL(USE_XCBC, test x$xcbc = xtrue)
 AM_CONDITIONAL(USE_MYSQL, test x$mysql = xtrue)
 AM_CONDITIONAL(USE_SQLITE, test x$sqlite = xtrue)
 AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue -o x$sql = xtrue)
 AM_CONDITIONAL(USE_PADLOCK, test x$padlock = xtrue)
 AM_CONDITIONAL(USE_OPENSSL, test x$openssl = xtrue)
 AM_CONDITIONAL(USE_GCRYPT, test x$gcrypt = xtrue)
@ -775,6 +781,7 @@ AC_OUTPUT(
 	src/libstrongswan/plugins/ldap/Makefile
 	src/libstrongswan/plugins/mysql/Makefile
 	src/libstrongswan/plugins/sqlite/Makefile
 	src/libstrongswan/plugins/attr_sql/Makefile
 	src/libstrongswan/plugins/padlock/Makefile
 	src/libstrongswan/plugins/openssl/Makefile
 	src/libstrongswan/plugins/gcrypt/Makefile
--- a/src/charon/plugins/sql/Makefile.am
+++ b/src/charon/plugins/sql/Makefile.am
@ -5,11 +5,8 @@ AM_CFLAGS = -rdynamic \
  -DPLUGINS=\""${libstrongswan_plugins}\""
 plugin_LTLIBRARIES = libstrongswan-sql.la
-libstrongswan_sql_la_SOURCES = sql_plugin.h sql_plugin.c \
+libstrongswan_sql_la_SOURCES = \
-  sql_config.h sql_config.c sql_cred.h sql_cred.c \
+  sql_plugin.h sql_plugin.c sql_config.h sql_config.c \
-  sql_attribute.h sql_attribute.c sql_logger.h sql_logger.c
+  sql_cred.h sql_cred.c sql_logger.h sql_logger.c
 libstrongswan_sql_la_LDFLAGS = -module -avoid-version
 ipsec_PROGRAMS = pool
 pool_SOURCES = pool.c
 pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
--- a/src/charon/plugins/sql/sql_plugin.c
+++ b/src/charon/plugins/sql/sql_plugin.c
@ -18,7 +18,6 @@
 #include <daemon.h>
 #include "sql_config.h"
 #include "sql_cred.h"
 #include "sql_attribute.h"
 #include "sql_logger.h"
 typedef struct private_sql_plugin_t private_sql_plugin_t;
@ -48,11 +47,6 @@ struct private_sql_plugin_t {
 	 */
 	sql_cred_t *cred;
 	/**
 	 * CFG attributes
 	 */
 	sql_attribute_t *attribute;
 	/**
 	 * bus listener/logger
 	 */
@ -67,10 +61,8 @@ static void destroy(private_sql_plugin_t *this)
 	charon->backends->remove_backend(charon->backends, &this->config->backend);
 	charon->credentials->remove_set(charon->credentials, &this->cred->set);
 	charon->bus->remove_listener(charon->bus, &this->logger->listener);
 	lib->attributes->remove_provider(lib->attributes, &this->attribute->provider);
 	this->config->destroy(this->config);
 	this->cred->destroy(this->cred);
 	this->attribute->destroy(this->attribute);
 	this->logger->destroy(this->logger);
 	this->db->destroy(this->db);
 	free(this);
@ -104,10 +96,8 @@ plugin_t *plugin_create()
 	}
 	this->config = sql_config_create(this->db);
 	this->cred = sql_cred_create(this->db);
 	this->attribute = sql_attribute_create(this->db);
 	this->logger = sql_logger_create(this->db);
 	lib->attributes->add_provider(lib->attributes, &this->attribute->provider);
 	charon->backends->add_backend(charon->backends, &this->config->backend);
 	charon->credentials->add_set(charon->credentials, &this->cred->set);
 	charon->bus->add_listener(charon->bus, &this->logger->listener);
--- a/src/checksum/Makefile.am
+++ b/src/checksum/Makefile.am
@ -29,8 +29,8 @@ if USE_TOOLS
  libs += $(top_builddir)/src/scepclient/.libs/scepclient
 endif
-if USE_SQL
+if USE_ATTR_SQL
-  libs += $(top_builddir)/src/charon/plugins/sql/.libs/pool
+  libs += $(top_builddir)/src/libstrongswan/plugins/attr_sql/.libs/pool
 endif
 checksum.c : checksum_builder $(libs)
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@ -200,6 +200,10 @@ if USE_SQLITE
  SUBDIRS += plugins/sqlite
 endif
 if USE_ATTR_SQL
  SUBDIRS += plugins/attr_sql
 endif
 if USE_PADLOCK
  SUBDIRS += plugins/padlock
 endif
--- a/src/libstrongswan/plugins/attr_sql/Makefile.am
+++ b/src/libstrongswan/plugins/attr_sql/Makefile.am
@ -0,0 +1,15 @@
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
 AM_CFLAGS = -rdynamic \
  -DPLUGINS=\""${libstrongswan_plugins}\""
 plugin_LTLIBRARIES = libstrongswan-attr-sql.la
 libstrongswan_attr_sql_la_SOURCES = \
  attr_sql_plugin.h attr_sql_plugin.c \
  sql_attribute.h sql_attribute.c
 libstrongswan_attr_sql_la_LDFLAGS = -module -avoid-version
 ipsec_PROGRAMS = pool
 pool_SOURCES = pool.c
 pool_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
--- a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c
+++ b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.c
@ -0,0 +1,87 @@
 /*
 * Copyright (C) 2008 Martin Willi
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */
 #include <library.h>
 #include "attr_sql_plugin.h"
 #include "sql_attribute.h"
 typedef struct private_attr_sql_plugin_t private_attr_sql_plugin_t;
 /**
 * private data of attr_sql plugin
 */
 struct private_attr_sql_plugin_t {
 	/**
 	 * implements plugin interface
 	 */
 	attr_sql_plugin_t public;
 	/**
 	 * database connection instance
 	 */
 	database_t *db;
 	/**
 	 * configuration attributes
 	 */
 	sql_attribute_t *attribute;
 };
 /**
 * Implementation of plugin_t.destroy
 */
 static void destroy(private_attr_sql_plugin_t *this)
 {
 	lib->attributes->remove_provider(lib->attributes, &this->attribute->provider);
 	this->attribute->destroy(this->attribute);
 	this->db->destroy(this->db);
 	free(this);
 }
 /*
 * see header file
 */
 plugin_t *plugin_create()
 {
 	char *uri;
 	private_attr_sql_plugin_t *this;
 	uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL);
 	if (!uri)
 	{
 		DBG1("attr-sql plugin: database URI not set");
 		return NULL;
 	}
 	this = malloc_thing(private_attr_sql_plugin_t);
 	this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
 	this->db = lib->db->create(lib->db, uri);
 	if (!this->db)
 	{
 		DBG1("attr-sql plugin failed to connect to database");
 		free(this);
 		return NULL;
 	}
 	this->attribute = sql_attribute_create(this->db);
 	lib->attributes->add_provider(lib->attributes, &this->attribute->provider);
 	return &this->public.plugin;
 }
--- a/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h
+++ b/src/libstrongswan/plugins/attr_sql/attr_sql_plugin.h
@ -0,0 +1,47 @@
 /*
 * Copyright (C) 2008 Martin Willi
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */
 /**
 * @defgroup sql sql
 * @ingroup cplugins
 *
 * @defgroup sql_plugin sql_plugin
 * @{ @ingroup sql
 */
 #ifndef ATTR_SQL_PLUGIN_H_
 #define ATTR_SQL_PLUGIN_H_
 #include <plugins/plugin.h>
 typedef struct attr_sql_plugin_t attr_sql_plugin_t;
 /**
 * SQL database attribute configuration plugin
 */
 struct attr_sql_plugin_t {
 	/**
 	 * implements plugin interface
 	 */
 	plugin_t plugin;
 };
 /**
 * Create a sql_plugin instance.
 */
 plugin_t *plugin_create();
 #endif /** ATTR_SQL_PLUGIN_H_ @}*/
--- a/src/libstrongswan/plugins/attr_sql/pool.c
+++ b/src/libstrongswan/plugins/attr_sql/pool.c
@ -623,10 +623,10 @@ int main(int argc, char *argv[])
 		exit(SS_RC_INITIALIZATION_FAILED);
 	}
-	uri = lib->settings->get_str(lib->settings, "charon.plugins.sql.database", NULL);
+	uri = lib->settings->get_str(lib->settings, "libstrongswan.plugins.attr-sql.database", NULL);
 	if (!uri)
 	{
-		fprintf(stderr, "database URI charon.plugins.sql.database not set.\n");
+		fprintf(stderr, "database URI libstrongswan.plugins.attr-sql.database not set.\n");
 		exit(SS_RC_INITIALIZATION_FAILED);
 	}
 	db = lib->db->create(lib->db, uri);
--- a/src/libstrongswan/plugins/attr_sql/sql_attribute.c
+++ b/src/libstrongswan/plugins/attr_sql/sql_attribute.c
@ -13,11 +13,12 @@
 * for more details.
 */
 #include "sql_attribute.h"
 #include <time.h>
-#include <daemon.h>
+#include <debug.h>
 #include <library.h>
 #include "sql_attribute.h"
 typedef struct private_sql_attribute_t private_sql_attribute_t;
@ -126,8 +127,8 @@ static host_t* check_lease(private_sql_attribute_t *this, char *name,
 			host = host_create_from_chunk(AF_UNSPEC, address, 0);
 			if (host)
 			{
-				DBG1(DBG_CFG, "acquired existing lease "
+				DBG1("acquired existing lease for address %H in pool '%s'",
-					 "for address %H in pool '%s'", host, name);
+					 host, name);
 				return host;
 			}
 		}
@ -201,13 +202,13 @@ static host_t* get_lease(private_sql_attribute_t *this, char *name,
 			host = host_create_from_chunk(AF_UNSPEC, address, 0);
 			if (host)
 			{
-				DBG1(DBG_CFG, "acquired new lease "
+				DBG1("acquired new lease for address %H in pool '%s'",
-					 "for address %H in pool '%s'", host, name);
+					 host, name);
 				return host;
 			}
 		}
 	}
-	DBG1(DBG_CFG, "no available address found in pool '%s'", name);
+	DBG1("no available address found in pool '%s'", name);
 	return NULL;
 }
--- a/src/libstrongswan/plugins/attr_sql/sql_attribute.h
+++ b/src/libstrongswan/plugins/attr_sql/sql_attribute.h
--- a/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf
@ -1,12 +1,15 @@
 # /etc/strongswan.conf - strongSwan configuration file
 charon {
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite attr-sql updown
 }
 libstrongswan {
  plugins {
-    sql {
+    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite sql updown
 }
 pool {
--- a/testing/tests/ikev2/ip-split-pools-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/ip-split-pools-db/hosts/moon/etc/strongswan.conf
@ -1,12 +1,15 @@
 # /etc/strongswan.conf - strongSwan configuration file
 charon {
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite attr-sql updown
 }
 libstrongswan {
  plugins {
-    sql {
+    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink sqlite sql updown
 }
 pool {
--- a/testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf
@ -1,12 +1,15 @@
 # /etc/strongswan.conf - strongSwan configuration file
 charon {
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite attr-sql kernel-netlink updown
 }
 libstrongswan {
  plugins {
-    sql {
+    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite sql kernel-netlink updown
 }
 pool {
--- a/testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf
@ -1,12 +1,15 @@
 # /etc/strongswan.conf - strongSwan configuration file
 charon {
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite attr-sql kernel-netlink updown
 }
 libstrongswan {
  plugins {
-    sql {
+    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke sqlite sql kernel-netlink updown
 }
 pool {
--- a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf
@ -6,7 +6,15 @@ charon {
      database = sqlite:///etc/ipsec.d/ipsec.db 
    }
  }
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql
 }
 libstrongswan {
  plugins {
    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
 }
 pool {
--- a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf
@ -6,7 +6,15 @@ charon {
      database = sqlite:///etc/ipsec.d/ipsec.db 
    }
  }
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql
 }
 libstrongswan {
  plugins {
    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
 }
 pool {
--- a/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf
@ -6,7 +6,15 @@ charon {
      database = sqlite:///etc/ipsec.d/ipsec.db 
    }
  }
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql
 }
 libstrongswan {
  plugins {
    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
 }
 pool {
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf
@ -6,7 +6,15 @@ charon {
      database = sqlite:///etc/ipsec.d/ipsec.db 
    }
  }
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql
 }
 libstrongswan {
  plugins {
    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
 }
 pool {
--- a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf
@ -6,7 +6,15 @@ charon {
      database = sqlite:///etc/ipsec.d/ipsec.db 
    }
  }
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql attr-sql
 }
 libstrongswan {
  plugins {
    attr-sql {
      database = sqlite:///etc/ipsec.d/ipsec.db
    }
  }
 }
 pool {