From 9f963a7cfcececbbaf5bb211d6dd96620a76ffe2 Mon Sep 17 00:00:00 2001 From: Reto Guadagnini Date: Tue, 27 Mar 2012 09:22:14 +0200 Subject: [PATCH] Added unbound plugin implementing the resolver interface using libunbound --- configure.in | 11 +++ src/libstrongswan/Makefile.am | 7 ++ src/libstrongswan/plugins/unbound/Makefile.am | 16 ++++ .../plugins/unbound/unbound_plugin.c | 66 +++++++++++++++++ .../plugins/unbound/unbound_plugin.h | 42 +++++++++++ .../plugins/unbound/unbound_resolver.c | 74 +++++++++++++++++++ .../plugins/unbound/unbound_resolver.h | 29 ++++++++ 7 files changed, 245 insertions(+) create mode 100644 src/libstrongswan/plugins/unbound/Makefile.am create mode 100644 src/libstrongswan/plugins/unbound/unbound_plugin.c create mode 100644 src/libstrongswan/plugins/unbound/unbound_plugin.h create mode 100644 src/libstrongswan/plugins/unbound/unbound_resolver.c create mode 100644 src/libstrongswan/plugins/unbound/unbound_resolver.h diff --git a/configure.in b/configure.in index b10b0b04c..6a77e209b 100644 --- a/configure.in +++ b/configure.in @@ -104,6 +104,7 @@ AC_SUBST(ipsec_script_upper, [`echo -n "$ipsec_script" | tr a-z A-Z`]) m4_include(m4/macros/enable-disable.m4) ARG_ENABL_SET([curl], [enable CURL fetcher plugin to fetch files via libcurl. Requires libcurl.]) +ARG_ENABL_SET([unbound], [enable UNBOUND resolver plugin to perform DNS queries via libunbound. Requires libldns and libunbound.]) ARG_ENABL_SET([soup], [enable soup fetcher plugin to fetch from HTTP via libsoup. Requires libsoup.]) ARG_ENABL_SET([ldap], [enable LDAP fetching plugin to fetch files via libldap. Requires openLDAP.]) ARG_DISBL_SET([aes], [disable AES software implementation plugin.]) @@ -643,6 +644,13 @@ if test x$curl = xtrue; then AC_CHECK_HEADER([curl/curl.h],,[AC_MSG_ERROR([CURL header curl/curl.h not found!])]) fi +if test x$unbound = xtrue; then + AC_HAVE_LIBRARY([ldns],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library ldns not found])]) + AC_CHECK_HEADER([ldns/ldns.h],,[AC_MSG_ERROR([UNBOUND header ldns/ldns.h not found!])]) + AC_HAVE_LIBRARY([unbound],[LIBS="$LIBS"],[AC_MSG_ERROR([UNBOUND library libunbound not found])]) + AC_CHECK_HEADER([unbound.h],,[AC_MSG_ERROR([UNBOUND header unbound.h not found!])]) +fi + if test x$soup = xtrue; then PKG_CHECK_MODULES(soup, [libsoup-2.4]) AC_SUBST(soup_CFLAGS) @@ -911,6 +919,7 @@ s_plugins= ADD_PLUGIN([test-vectors], [s charon openac scepclient pki]) ADD_PLUGIN([curl], [s charon scepclient scripts nm]) ADD_PLUGIN([soup], [s charon scripts nm]) +ADD_PLUGIN([unbound], [s charon scripts]) ADD_PLUGIN([ldap], [s charon scepclient scripts nm]) ADD_PLUGIN([mysql], [s charon pool manager medsrv attest]) ADD_PLUGIN([sqlite], [s charon pool manager medsrv attest]) @@ -1036,6 +1045,7 @@ AC_SUBST(s_plugins) # ----------------------- AM_CONDITIONAL(USE_TEST_VECTORS, test x$test_vectors = xtrue) AM_CONDITIONAL(USE_CURL, test x$curl = xtrue) +AM_CONDITIONAL(USE_UNBOUND, test x$unbound = xtrue) AM_CONDITIONAL(USE_SOUP, test x$soup = xtrue) AM_CONDITIONAL(USE_LDAP, test x$ldap = xtrue) AM_CONDITIONAL(USE_AES, test x$aes = xtrue) @@ -1248,6 +1258,7 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/dnskey/Makefile src/libstrongswan/plugins/pem/Makefile src/libstrongswan/plugins/curl/Makefile + src/libstrongswan/plugins/unbound/Makefile src/libstrongswan/plugins/soup/Makefile src/libstrongswan/plugins/ldap/Makefile src/libstrongswan/plugins/mysql/Makefile diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index b0dd86223..08be77c89 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -326,6 +326,13 @@ if MONOLITHIC endif endif +if USE_UNBOUND + SUBDIRS += plugins/unbound +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/unbound/libstrongswan-unbound.la +endif +endif + if USE_SOUP SUBDIRS += plugins/soup if MONOLITHIC diff --git a/src/libstrongswan/plugins/unbound/Makefile.am b/src/libstrongswan/plugins/unbound/Makefile.am new file mode 100644 index 000000000..3bb7af6e2 --- /dev/null +++ b/src/libstrongswan/plugins/unbound/Makefile.am @@ -0,0 +1,16 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic + +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-unbound.la +else +plugin_LTLIBRARIES = libstrongswan-unbound.la +endif + +libstrongswan_unbound_la_SOURCES = \ + unbound_plugin.h unbound_plugin.c unbound_resolver.c unbound_resolver.h + +libstrongswan_unbound_la_LDFLAGS = -module -avoid-version +libstrongswan_unbound_la_LIBADD = -lunbound -lldns diff --git a/src/libstrongswan/plugins/unbound/unbound_plugin.c b/src/libstrongswan/plugins/unbound/unbound_plugin.c new file mode 100644 index 000000000..90b95330a --- /dev/null +++ b/src/libstrongswan/plugins/unbound/unbound_plugin.c @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2011-2012 Reto Guadagnini + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "unbound_plugin.h" + +#include +#include "unbound_resolver.h" + +typedef struct private_unbound_plugin_t private_unbound_plugin_t; + +/** + * private data of unbound_plugin + */ +struct private_unbound_plugin_t { + + /** + * public functions + */ + unbound_plugin_t public; +}; + +METHOD(plugin_t, get_name, char*, + private_unbound_plugin_t *this) +{ + return "unbound"; +} + +METHOD(plugin_t, destroy, void, + private_unbound_plugin_t *this) +{ + lib->resolver->remove_resolver(lib->resolver, unbound_resolver_create); + free(this); +} + +/* + * see header file + */ +plugin_t *unbound_plugin_create() +{ + private_unbound_plugin_t *this; + + INIT(this, + .public = { + .plugin = { + .get_name = _get_name, + .destroy = _destroy, + }, + }, + ); + + lib->resolver->add_resolver(lib->resolver, unbound_resolver_create); + + return &this->public.plugin; +} diff --git a/src/libstrongswan/plugins/unbound/unbound_plugin.h b/src/libstrongswan/plugins/unbound/unbound_plugin.h new file mode 100644 index 000000000..1f0d36454 --- /dev/null +++ b/src/libstrongswan/plugins/unbound/unbound_plugin.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2011-2012 Reto Guadagnini + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup unbound_p unbound + * @ingroup plugins + * + * @defgroup unbound_plugin unbound_plugin + * @{ @ingroup unbound_p + */ + +#ifndef unbound_PLUGIN_H_ +#define unbound_PLUGIN_H_ + +#include + +typedef struct unbound_plugin_t unbound_plugin_t; + +/** + * Plugin implementing the resolver interface using the libunbound DNS library. + */ +struct unbound_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +#endif /** unbound_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/unbound/unbound_resolver.c b/src/libstrongswan/plugins/unbound/unbound_resolver.c new file mode 100644 index 000000000..817067d1c --- /dev/null +++ b/src/libstrongswan/plugins/unbound/unbound_resolver.c @@ -0,0 +1,74 @@ +/* + * Copyright (C) 2011-2012 Reto Guadagnini + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +#include +#include + +#include "unbound_resolver.h" + +typedef struct private_resolver_t private_resolver_t; + +/** + * private data of a unbound_resolver_t object. + */ +struct private_resolver_t { + + /** + * Public data + */ + resolver_t public; +}; + +/** + * query method implementation + */ +METHOD(resolver_t, query, resolver_response_t*, + private_resolver_t *this, char *domain, rr_class_t rr_class, + rr_type_t rr_type) +{ + /* TODO: Implement */ + return NULL; +} + +/** + * destroy method implementation + */ +METHOD(resolver_t, destroy, void, + private_resolver_t *this) +{ + free(this); +} + +/* + * Described in header. + */ +resolver_t *unbound_resolver_create() +{ + private_resolver_t *this; + + INIT(this, + .public = { + .query = _query, + .destroy = _destroy, + }, + ); + + /* TODO: Implement */ + destroy(this); + return NULL; +} + diff --git a/src/libstrongswan/plugins/unbound/unbound_resolver.h b/src/libstrongswan/plugins/unbound/unbound_resolver.h new file mode 100644 index 000000000..659906c74 --- /dev/null +++ b/src/libstrongswan/plugins/unbound/unbound_resolver.h @@ -0,0 +1,29 @@ +/* + * Copyright (C) 2011-2012 Reto Guadagnini + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup unbound_resolver unbound_resolver + * @{ @ingroup unbound_p + */ + +#ifndef unbound_RESOLVER_H_ +#define unbound_RESOLVER_H_ + +/** + * Create a resolver_t instance. + */ +resolver_t *unbound_resolver_create(); + +#endif /** LIBunbound_RESOLVER_H_ @}*/