ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

restructuring of configuration backends 

added propotypes of new control interfaces (xml & dbus)
introduced loadable:
  configuration backends
  control interfaces
using pluggable modules as in EAP
This commit is contained in:
Martin Willi 2007-04-27 14:25:08 +00:00
parent bb1030cb3d
commit a84fb01b96
23 changed files with 1401 additions and 526 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
configure.in
View File

@ -75,9 +75,23 @@ AC_ARG_WITH(
AC_ARG_WITH(
[eapdir],
AS_HELP_STRING([--with-eapdir=dir],[path for pluggable EAP modules other than "ipsecdir/eap"]),
AS_HELP_STRING([--with-eapdir=dir],[path for pluggable EAP modules other than "ipsecdir/plugins/eap"]),
[AC_SUBST(eapdir, "$withval")],
[AC_SUBST(eapdir, "${ipsecdir}/eap")]
[AC_SUBST(eapdir, "${ipsecdir}/plugins/eap")]
)
AC_ARG_WITH(
[backenddir],
AS_HELP_STRING([--with-backenddir=dir],[path for pluggable configuration backend modules other than "ipsecdir/plugins/backends"]),
[AC_SUBST(backenddir, "$withval")],
[AC_SUBST(backenddir, "${ipsecdir}/plugins/backends")]
)
AC_ARG_WITH(
[interfacedir],
AS_HELP_STRING([--with-interfacedir=dir],[path for pluggable control interface modules other than "ipsecdir/plugins/interfaces"]),
[AC_SUBST(interfacedir, "$withval")],
[AC_SUBST(interfacedir, "${ipsecdir}/plugins/interfaces")]
)
AC_ARG_WITH(
@ -113,6 +127,26 @@ AC_ARG_ENABLE(
)
AM_CONDITIONAL(USE_LIBLDAP, test x$ldap = xtrue)
AC_ARG_ENABLE(
[dbus],
AS_HELP_STRING([--enable-dbus],[enable DBUS configuration and control interface (default is NO). Requires libdbus.]),
[if test x$enableval = xyes; then
dbus=true
AC_DEFINE(LIBDBUS)
fi]
)
AM_CONDITIONAL(USE_LIBDBUS, test x$dbus = xtrue)
AC_ARG_ENABLE(
[xml],
AS_HELP_STRING([--enable-xml],[enable XML configuration and control interface (default is NO). Requires libxml.]),
[if test x$enableval = xyes; then
xml=true
AC_DEFINE(LIBXML)
fi]
)
AM_CONDITIONAL(USE_LIBXML, test x$xml = xtrue)
AC_ARG_ENABLE(
[smartcard],
AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]),
@ -199,6 +233,17 @@ if test "$http" = "true"; then
AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([HTTP enabled, but library curl not found])])
fi
if test "$dbus" = "true"; then
PKG_CHECK_MODULES(dbus, dbus-1,, AC_MSG_ERROR([No libdbus package information found]))
AC_SUBST(dbus_CFLAGS)
AC_SUBST(dbus_LIBS)
fi
if test "$xml" = "true"; then
PKG_CHECK_MODULES(xml, libxml-2.0,, AC_MSG_ERROR([No libxml2 package information found]))
AC_SUBST(xml_CFLAGS)
AC_SUBST(xml_LIBS)
fi
dnl =============================
dnl check required header files
@ -236,7 +281,6 @@ AC_OUTPUT(
src/pluto/Makefile
src/whack/Makefile
src/charon/Makefile
dnl src/charon/testing/Makefile
src/stroke/Makefile
src/ipsec/Makefile
src/starter/Makefile

71
src/charon/Makefile.am
View File

@ -1,17 +1,4 @@
# SUBDIRS = . testing
eap_LTLIBRARIES = libeapidentity.la
# always build EAP Identity module
libeapidentity_la_SOURCES = sa/authenticators/eap/eap_identity.h sa/authenticators/eap/eap_identity.c
libeapidentity_la_LDFLAGS = -module
# build optional EAP modules
if BUILD_EAP_SIM
eap_LTLIBRARIES += libeapsim.la
libeapsim_la_SOURCES = sa/authenticators/eap/eap_sim.h sa/authenticators/eap/eap_sim.c
libeapsim_la_LDFLAGS = -module
endif
ipsec_PROGRAMS = charon
@ -20,16 +7,14 @@ bus/bus.c bus/bus.h \
bus/listeners/file_logger.c bus/listeners/file_logger.h \
bus/listeners/sys_logger.c bus/listeners/sys_logger.h \
config/backends/backend.h \
config/backends/local_backend.c config/backends/local_backend.h \
config/cfg_store.c config/cfg_store.h \
config/backend_manager.c config/backend_maanger.h \
config/child_cfg.c config/child_cfg.h \
config/credentials/local_credential_store.c config/credentials/local_credential_store.h \
config/ike_cfg.c config/ike_cfg.h \
config/peer_cfg.c config/peer_cfg.h \
config/proposal.c config/proposal.h \
config/traffic_selector.c config/traffic_selector.h \
control/controller.c control/controller.h \
control/stroke_interface.c control/stroke_interface.h \
control/interface_manager.c control/interface_manager.h \
daemon.c daemon.h \
encoding/generator.c encoding/generator.h \
encoding/message.c encoding/message.h \
@ -103,10 +88,58 @@ sa/tasks/task.c sa/tasks/task.h
INCLUDES = -I${linuxdir} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon -I$(top_srcdir)/src/stroke
AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" -DIPSEC_EAPDIR=\"${eapdir}\"
AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \
-DIPSEC_EAPDIR=\"${eapdir}\" -DIPSEC_BACKENDDIR=\"${backenddir}\" -DIPSEC_INTERFACEDIR=\"${interfacedir}\"
charon_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lgmp -lpthread -lm -ldl
if USE_LIBCURL
charon_LDADD += -lcurl
charon_LDADD += -lcurl
endif
# build EAP plugins, EAP-Identity is always built
#################################################
eap_LTLIBRARIES =
eap_LTLIBRARIES += libeapidentity.la
libeapidentity_la_SOURCES = sa/authenticators/eap/eap_identity.h sa/authenticators/eap/eap_identity.c
libeapidentity_la_LDFLAGS = -module
if BUILD_EAP_SIM
eap_LTLIBRARIES += libeapsim.la
libeapsim_la_SOURCES = sa/authenticators/eap/eap_sim.h sa/authenticators/eap/eap_sim.c
libeapsim_la_LDFLAGS = -module
endif
# build backends, local backend is always built
###############################################
backend_LTLIBRARIES =
backend_LTLIBRARIES += liblocal.la
liblocal_la_SOURCES = config/backends/local_backend.h config/backends/local_backend.c
liblocal_la_LDFLAGS = -module
# build control interfaces, stroke interface is always built
############################################################
interface_LTLIBRARIES =
interface_LTLIBRARIES += libstroke.la
libstroke_la_SOURCES = control/interfaces/stroke_interface.h control/interfaces/stroke_interface.c
libstroke_la_LDFLAGS = -module
if USE_LIBDBUS
interface_LTLIBRARIES += libdbus.la
libdbus_la_SOURCES = control/interfaces/dbus_interface.h control/interfaces/dbus_interface.c
libdbus_la_LDFLAGS = -module
libdbus_la_LIBADD = ${dbus_LIBS}
INCLUDES += ${dbus_CFLAGS}
endif
if USE_LIBXML
interface_LTLIBRARIES += libxml.la
libxml_la_SOURCES = control/interfaces/xml_interface.h control/interfaces/xml_interface.c
libxml_la_LDFLAGS = -module
libxml_la_LIBADD = ${xml_LIBS}
INCLUDES += ${xml_CFLAGS}
endif

244
src/charon/config/backend_manager.c Normal file
View File

@ -0,0 +1,244 @@
/**
* @file backend_manager.c
*
* @brief Implementation of backend_manager_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "backend_manager.h"
#include <sys/types.h>
#include <dirent.h>
#include <sys/stat.h>
#include <dlfcn.h>
#include <daemon.h>
#include <utils/linked_list.h>
#include <config/backends/writeable_backend.h>
typedef struct private_backend_manager_t private_backend_manager_t;
/**
* Private data of an backend_manager_t object.
*/
struct private_backend_manager_t {
/**
* Public part of backend_manager_t object.
*/
backend_manager_t public;
/**
* list of registered backends
*/
linked_list_t *backends;
/**
* Additional list of writable backends.
*/
linked_list_t *writeable;
/**
* List of dlopen() handles we used to open backends
*/
linked_list_t *handles;
};
/**
* implements backend_manager_t.get_ike_cfg.
*/
static ike_cfg_t *get_ike_cfg(private_backend_manager_t *this,
host_t *my_host, host_t *other_host)
{
backend_t *backend;
ike_cfg_t *config = NULL;
iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE);
while (config == NULL && iterator->iterate(iterator, (void**)&backend))
{
config = backend->get_ike_cfg(backend, my_host, other_host);
}
iterator->destroy(iterator);
return config;
}
/**
* implements backend_manager_t.get_peer_cfg.
*/
static peer_cfg_t *get_peer_cfg(private_backend_manager_t *this,
identification_t *my_id, identification_t *other_id,
identification_t *other_ca, char *other_group,
host_t *my_host, host_t *other_host)
{
backend_t *backend;
peer_cfg_t *config = NULL;
iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE);
while (config == NULL && iterator->iterate(iterator, (void**)&backend))
{
config = backend->get_peer_cfg(backend, my_id, other_id, other_ca,
other_group, my_host, other_host);
}
iterator->destroy(iterator);
return config;
}
/**
* implements backend_manager_t.add_peer_cfg.
*/
static void add_peer_cfg(private_backend_manager_t *this, peer_cfg_t *config)
{
writeable_backend_t *backend;
if (this->writeable->get_first(this->writeable, (void**)&backend) == SUCCESS)
{
backend->add_cfg(backend, config);
}
}
/**
* implements backend_manager_t.create_iterator.
*/
static iterator_t* create_iterator(private_backend_manager_t *this)
{
writeable_backend_t *backend;
if (this->writeable->get_first(this->writeable, (void**)&backend) == SUCCESS)
{
return backend->create_iterator(backend);
}
/* give out an empty iterator if we have no writable backend*/
return this->writeable->create_iterator(this->writeable, TRUE);
}
/**
* load the configuration backend modules
*/
static void load_backends(private_backend_manager_t *this)
{
struct dirent* entry;
struct stat stb;
DIR* dir;
if (stat(IPSEC_BACKENDDIR, &stb) == -1 || !(stb.st_mode & S_IFDIR))
{
DBG1(DBG_CFG, "error opening backend modules directory "IPSEC_BACKENDDIR);
return;
}
dir = opendir(IPSEC_BACKENDDIR);
if (dir == NULL)
{
DBG1(DBG_CFG, "error opening backend modules directory "IPSEC_BACKENDDIR);
return;
}
DBG1(DBG_CFG, "loading backend modules from '"IPSEC_BACKENDDIR"'");
while ((entry = readdir(dir)) != NULL)
{
char file[256];
backend_t *backend;
backend_constructor_t constructor;
void *handle;
char *ending;
snprintf(file, sizeof(file), IPSEC_BACKENDDIR"/%s", entry->d_name);
if (stat(file, &stb) == -1 || !(stb.st_mode & S_IFREG))
{
DBG2(DBG_CFG, " skipping %s, doesn't look like a file",
entry->d_name);
continue;
}
ending = entry->d_name + strlen(entry->d_name) - 3;
if (ending <= entry->d_name || !streq(ending, ".so"))
{
/* skip anything which does not look like a library */
DBG2(DBG_CFG, " skipping %s, doesn't look like a library",
entry->d_name);
continue;
}
/* try to load the library */
handle = dlopen(file, RTLD_LAZY);
if (handle == NULL)
{
DBG1(DBG_CFG, " opening backend module %s failed: %s",
entry->d_name, dlerror());
continue;
}
constructor = dlsym(handle, "backend_create");
if (constructor == NULL)
{
DBG1(DBG_CFG, " backend module %s has no backend_create() "
"function, skipped", entry->d_name);
dlclose(handle);
continue;
}
backend = constructor();
if (backend == NULL)
{
DBG1(DBG_CFG, " unable to create instance of backend "
"module %s, skipped", entry->d_name);
dlclose(handle);
continue;
}
DBG1(DBG_CFG, " loaded backend module successfully from %s", entry->d_name);
this->backends->insert_last(this->backends, backend);
if (backend->is_writeable(backend))
{
this->writeable->insert_last(this->writeable, backend);
}
this->handles->insert_last(this->handles, handle);
}
closedir(dir);
}
/**
* Implementation of backend_manager_t.destroy.
*/
static void destroy(private_backend_manager_t *this)
{
this->backends->destroy_offset(this->backends, offsetof(backend_t, destroy));
this->writeable->destroy(this->writeable);
this->handles->destroy_function(this->handles, (void*)dlclose);
free(this);
}
/*
* Described in header-file
*/
backend_manager_t *backend_manager_create()
{
private_backend_manager_t *this = malloc_thing(private_backend_manager_t);
this->public.get_ike_cfg = (ike_cfg_t*(*)(backend_manager_t*, host_t *, host_t *))get_ike_cfg;
this->public.get_peer_cfg = (peer_cfg_t*(*)(backend_manager_t*, identification_t *, identification_t *))get_peer_cfg;
this->public.add_peer_cfg = (void(*)(backend_manager_t*, peer_cfg_t*))add_peer_cfg;
this->public.create_iterator = (iterator_t*(*)(backend_manager_t*))create_iterator;
this->public.destroy = (void(*)(backend_manager_t*))destroy;
this->backends = linked_list_create();
this->writeable = linked_list_create();
this->handles = linked_list_create();
load_backends(this);
return &this->public;
}

57
src/charon/config/cfg_store.h → src/charon/config/backend_manager.h
View File

@ -1,7 +1,7 @@
/**
* @file cfg_store.h
* @file backend_manager.h
*
* @brief Interface cfg_store_t.
* @brief Interface backend_manager_t.
*
*/
@ -20,10 +20,10 @@
* for more details.
*/
#ifndef CFG_STORE_H_
#define CFG_STORE_H_
#ifndef BACKEND_MANAGER_H_
#define BACKEND_MANAGER_H_
typedef struct cfg_store_t cfg_store_t;
typedef struct backend_manager_t backend_manager_t;
#include <library.h>
#include <utils/host.h>
@ -34,9 +34,9 @@ typedef struct cfg_store_t cfg_store_t;
/**
* @brief A multiplexer to use multiple cfg_store backends.
* @brief A multiplexer to use multiple backends.
*
* Charon allows the use of multiple cfg_store backends simultaneously. To
* Charon allows the use of multiple backend_manager backends simultaneously. To
* access all this backends by a single call, this class wraps multiple
* backends behind a single object.
* Backends may be registered and unregister at runtime dynamically.
@ -44,22 +44,20 @@ typedef struct cfg_store_t cfg_store_t;
+---------+ +-----------+ +--------------+ |
| | | | +--------------+ | |
| daemon |----->| cfg_store | +--------------+ |-+ <==|==> IPC
| core | | |---->| backends |-+ |
| daemon |----->| backend_- | +--------------+ |-+ <==|==> IPC
| core | | manager |---->| backends |-+ |
| |----->| | +--------------+ |
| | | | |
+---------+ +-----------+ |
@endverbatim
* Configuration lookup is done only when acting as responder. For initating
* the corresponding controller is responsible to get a config to initiate.
*
* @b Constructors:
* - cfg_store_create()
* - backend_manager_create()
*
* @ingroup config
*/
struct cfg_store_t {
struct backend_manager_t {
/**
* @brief Get an ike_config identified by two hosts.
@ -69,7 +67,7 @@ struct cfg_store_t {
* @param other_host address of remote host
* @return matching ike_config, or NULL if none found
*/
ike_cfg_t *(*get_ike_cfg)(cfg_store_t *this,
ike_cfg_t *(*get_ike_cfg)(backend_manager_t *this,
host_t *my_host, host_t *other_host);
/**
@ -80,40 +78,41 @@ struct cfg_store_t {
* @param other_id peers ID
* @return matching peer_config, or NULL if none found
*/
peer_cfg_t *(*get_peer_cfg)(cfg_store_t *this, identification_t *my_id,
peer_cfg_t *(*get_peer_cfg)(backend_manager_t *this, identification_t *my_id,
identification_t *other_id);
/**
* @brief Register a backend to be queried by the calls above.
* @brief Add a peer_config to the first found writable backend.
*
* The backend first added is the most preferred.
*
* @param this calling object
* @param this calling object
* @param config peer_config to add to the backend
*/
void (*register_backend) (cfg_store_t *this, backend_t *backend);
void (*add_peer_cfg)(backend_manager_t *this, peer_cfg_t *config);
/**
* @brief Unregister a backend.
* @brief Create an iterator over all peer configs of the writable backend.
*
* @param this calling object
* @param this calling object
* @return iterator over peer configs
*/
void (*unregister_backend) (cfg_store_t *this, backend_t *backend);
iterator_t* (*create_iterator)(backend_manager_t *this);
/**
* @brief Destroys a cfg_store_t object.
* @brief Destroys a backend_manager_t object.
*
* @param this calling object
*/
void (*destroy) (cfg_store_t *this);
void (*destroy) (backend_manager_t *this);
};
/**
* @brief Create a new instance of the store.
* @brief Create a new instance of the manager and loads all backends.
*
* @return cfg_store instance
* @return backend_manager instance
*
* @ingroup config
*/
cfg_store_t *cfg_store_create(void);
backend_manager_t *backend_manager_create(void);
#endif /*BACKEND_MANAGER_H_*/
#endif /*CFG_STORE_H_*/

37
src/charon/config/backends/backend.h
View File

@ -30,7 +30,6 @@ typedef struct backend_t backend_t;
#include <config/peer_cfg.h>
#include <utils/linked_list.h>
/**
* @brief The interface for a configuration backend.
*
@ -54,28 +53,48 @@ struct backend_t {
* @return matching ike_config, or NULL if none found
*/
ike_cfg_t *(*get_ike_cfg)(backend_t *this,
host_t *my_host, host_t *other_host);
host_t *my_host, host_t *other_host);
/**
* @brief Get a peer_cfg identified by two IDs.
*
* Select a config for two IDs, the others certificate issuer, and
* a AC certificate group. The hosts are just a hint to select the
* correct config if multiple configs match.
*
* @param this calling object
* @param my_id own ID
* @param other_id peers ID
* @param my_host address of own host
* @param other_host address of remote host
* @return matching peer_config, or NULL if none found
*/
peer_cfg_t *(*get_peer_cfg)(backend_t *this,
identification_t *my_id,
identification_t *other_id);
identification_t *my_id, identification_t *other_id,
identification_t *other_ca, char *other_group,
host_t *my_host, host_t *other_host);
/**
* @brief Get a peer_cfg identified by its name.
* @brief Check if a backend is writable and implements writable_backend_t.
*
* @param this calling object
* @param name configs name
* @return matching peer_config, or NULL if none found
* @param this calling object
* @return TRUE if backend implements writable_backend_t.
*/
peer_cfg_t *(*get_peer_cfg_by_name)(backend_t *this, char *name);
bool (*is_writeable)(backend_t *this);
/**
* @brief Destroy a backend.
*
* @param this calling object
*/
void (*destroy)(backend_t *this);
};
/**
* Construction to create a backend.
*/
typedef backend_t*(*backend_constructor_t)(void);
#endif /* BACKEND_H_ */

78
src/charon/config/backends/local_backend.c
View File

@ -52,7 +52,7 @@ struct private_local_backend_t {
};
/**
* implements cfg_store_t.get_ike_cfg.
* implements backen_t.get_ike_cfg.
*/
static ike_cfg_t *get_ike_cfg(private_local_backend_t *this,
host_t *my_host, host_t *other_host)
@ -116,11 +116,12 @@ static ike_cfg_t *get_ike_cfg(private_local_backend_t *this,
}
/**
* implements cfg_store_t.get_peer.
* implements backend_t.get_peer.
*/
static peer_cfg_t *get_peer_cfg(private_local_backend_t *this,
identification_t *my_id,
identification_t *other_id)
static peer_cfg_t *get_peer_cfg(private_local_backend_t *this,
identification_t *my_id, identification_t *other_id,
identification_t *other_ca, char *other_group,
host_t *my_host, host_t *other_host)
{
peer_cfg_t *current, *found = NULL;
iterator_t *iterator;
@ -166,58 +167,25 @@ static peer_cfg_t *get_peer_cfg(private_local_backend_t *this,
}
/**
* implements cfg_store_t.get_peer_by_name.
*/
static peer_cfg_t *get_peer_cfg_by_name(private_local_backend_t *this,
char *name)
* Implementation of backend_t.is_writable.
*/
static bool is_writeable(private_local_backend_t *this)
{
iterator_t *i1, *i2;
peer_cfg_t *current, *found = NULL;
child_cfg_t *child;
i1 = this->cfgs->create_iterator(this->cfgs, TRUE);
while (i1->iterate(i1, (void**)&current))
{
/* compare peer_cfgs name first */
if (streq(current->get_name(current), name))
{
found = current;
found->get_ref(found);
break;
}
/* compare all child_cfg names otherwise */
i2 = current->create_child_cfg_iterator(current);
while (i2->iterate(i2, (void**)&child))
{
if (streq(child->get_name(child), name))
{
found = current;
found->get_ref(found);
break;
}
}
i2->destroy(i2);
if (found)
{
break;
}
}
i1->destroy(i1);
return found;
return TRUE;
}
/**
* Implementation of local_backend_t.create_peer_cfg_iterator.
* Implementation of writable_backend_t.create_iterator.
*/
static iterator_t* create_peer_cfg_iterator(private_local_backend_t *this)
static iterator_t* create_iterator(private_local_backend_t *this)
{
return this->cfgs->create_iterator_locked(this->cfgs, &this->mutex);
}
/**
* Implementation of local_backend_t.add_peer_cfg.
* Implementation of writable_backend_t.add_peer_cfg.
*/
static void add_peer_cfg(private_local_backend_t *this, peer_cfg_t *config)
static void add_cfg(private_local_backend_t *this, peer_cfg_t *config)
{
pthread_mutex_lock(&this->mutex);
this->cfgs->insert_last(this->cfgs, config);
@ -225,7 +193,7 @@ static void add_peer_cfg(private_local_backend_t *this, peer_cfg_t *config)
}
/**
* Implementation of local_backend_t.destroy.
* Implementation of backend_t.destroy.
*/
static void destroy(private_local_backend_t *this)
{
@ -236,20 +204,20 @@ static void destroy(private_local_backend_t *this)
/**
* Described in header.
*/
local_backend_t *local_backend_create(void)
backend_t *backend_create(void)
{
private_local_backend_t *this = malloc_thing(private_local_backend_t);
this->public.backend.get_ike_cfg = (ike_cfg_t*(*)(backend_t*, host_t *, host_t *))get_ike_cfg;
this->public.backend.get_peer_cfg = (peer_cfg_t*(*)(backend_t*, identification_t *, identification_t *))get_peer_cfg;
this->public.create_peer_cfg_iterator = (iterator_t*(*)(local_backend_t*))create_peer_cfg_iterator;
this->public.get_peer_cfg_by_name = (peer_cfg_t*(*)(local_backend_t*, char *))get_peer_cfg_by_name;
this->public.add_peer_cfg = (void(*)(local_backend_t*, peer_cfg_t *))add_peer_cfg;
this->public.destroy = (void(*)(local_backend_t*))destroy;
this->public.backend.backend.get_ike_cfg = (ike_cfg_t*(*)(backend_t*, host_t *, host_t *))get_ike_cfg;
this->public.backend.backend.get_peer_cfg = (peer_cfg_t*(*)(backend_t*,identification_t*,identification_t*,identification_t*,char*,host_t*,host_t*))get_peer_cfg;
this->public.backend.backend.is_writeable = (bool(*)(backend_t*))is_writeable;
this->public.backend.backend.destroy = (void(*)(backend_t*))destroy;
this->public.backend.create_iterator = (iterator_t*(*)(writeable_backend_t*))create_iterator;
this->public.backend.add_cfg = (void(*)(writeable_backend_t*, peer_cfg_t *))add_cfg;
/* private variables */
this->cfgs = linked_list_create();
pthread_mutex_init(&this->mutex, NULL);
return (&this->public);
return (&this->public.backend.backend);
}

49
src/charon/config/backends/local_backend.h
View File

@ -26,13 +26,13 @@
typedef struct local_backend_t local_backend_t;
#include <library.h>
#include <config/backends/backend.h>
#include <config/backends/writeable_backend.h>
/**
* @brief An in-memory backend to store configuration information.
*
* The local_backend_t stores the configuration in a simple list. Additional
* to the backend_t functionality, it adds the modification (add/remove).
* The local_backend_t stores the configuration in a simple list. It
* implements both, backend_t and writeable_backend_t.
*
* @b Constructors:
* - local_backend_create()
@ -42,50 +42,19 @@ typedef struct local_backend_t local_backend_t;
struct local_backend_t {
/**
* Implements backend_t interface
* Implements writable_backend_t interface
*/
backend_t backend;
/**
* @brief Add a peer_config to the backend.
*
* @param this calling object
* @param config peer_config to add to the backend
*/
void (*add_peer_cfg)(local_backend_t *this, peer_cfg_t *config);
/**
* @brief Get a peer_config identified by name, or a name of its child_cfgs.
*
* @param this calling object
* @param name name of the peer config
* @return matching peer_config, or NULL if none found
*/
peer_cfg_t *(*get_peer_cfg_by_name)(local_backend_t *this, char *name);
/**
* @brief Create an iterator over all peer configs.
*
* @param this calling object
* @return iterator over peer configs
*/
iterator_t* (*create_peer_cfg_iterator)(local_backend_t *this);
/**
* @brief Destroy a local backend.
*
* @param this calling object
*/
void (*destroy)(local_backend_t *this);
writeable_backend_t backend;
};
/**
* @brief Creates a local_backend_t instance.
* @brief Create a backend_t instance implemented as local backend.
*
* @return local_backend instance.
* @return backend instance.
*
* @ingroup backends
*/
local_backend_t *local_backend_create(void);
backend_t *backend_create(void);
#endif /* LOCAL_BACKEND_H_ */

64
src/charon/config/backends/writeable_backend.h Normal file
View File

@ -0,0 +1,64 @@
/**
* @file writeable_backend.h
*
* @brief Interface of writeable_backend_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef WRITEABLE_BACKEND_H_
#define WRITEABLE_BACKEND_H_
typedef struct writeable_backend_t writeable_backend_t;
#include <library.h>
#include <config/backends/backend.h>
/**
* @brief A writeable backend extends the backend by modification functions.
*
* @b Constructors:
* - writeable_backend_create()
*
* @ingroup backends
*/
struct writeable_backend_t {
/**
* Implements backend_t interface
*/
backend_t backend;
/**
* @brief Add a peer_config to the backend.
*
* @param this calling object
* @param config peer_config to add to the backend
*/
void (*add_cfg)(writeable_backend_t *this, peer_cfg_t *config);
/**
* @brief Create an iterator over all peer configs.
*
* @param this calling object
* @return iterator over peer configs
*/
iterator_t* (*create_iterator)(writeable_backend_t *this);
};
#endif /* WRITEABLE_BACKEND_H_ */

146
src/charon/config/cfg_store.c
View File

@ -1,146 +0,0 @@
/**
* @file cfg_store.c
*
* @brief Implementation of cfg_store_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <pthread.h>
#include "cfg_store.h"
#include <library.h>
#include <utils/linked_list.h>
typedef struct private_cfg_store_t private_cfg_store_t;
/**
* Private data of an cfg_store_t object.
*/
struct private_cfg_store_t {
/**
* Public part of cfg_store_t object.
*/
cfg_store_t public;
/**
* list of registered backends
*/
linked_list_t *backends;
/**
* mutex to lock backend list
*/
pthread_mutex_t mutex;
};
/**
* implements cfg_store_t.get_ike.
*/
static ike_cfg_t *get_ike_cfg(private_cfg_store_t *this,
host_t *my_host, host_t *other_host)
{
backend_t *backend;
ike_cfg_t *config = NULL;
iterator_t *iterator = this->backends->create_iterator_locked(
this->backends, &this->mutex);
while (config == NULL && iterator->iterate(iterator, (void**)&backend))
{
config = backend->get_ike_cfg(backend, my_host, other_host);
}
iterator->destroy(iterator);
return config;
}
/**
* implements cfg_store_t.get_peer.
*/
static peer_cfg_t *get_peer_cfg(private_cfg_store_t *this,
identification_t *my_id,
identification_t *other_id)
{
backend_t *backend;
peer_cfg_t *config = NULL;
iterator_t *iterator = this->backends->create_iterator_locked(
this->backends, &this->mutex);
while (config == NULL && iterator->iterate(iterator, (void**)&backend))
{
config = backend->get_peer_cfg(backend, my_id, other_id);
}
iterator->destroy(iterator);
return config;
}
/**
* implements cfg_store_t.register_backend.
*/
static void register_backend(private_cfg_store_t *this, backend_t *backend)
{
pthread_mutex_lock(&this->mutex);
this->backends->insert_last(this->backends, backend);
pthread_mutex_unlock(&this->mutex);
}
/**
* implements cfg_store_t.unregister_backend.
*/
static void unregister_backend(private_cfg_store_t *this, backend_t *backend)
{
backend_t *current;
iterator_t *iterator = this->backends->create_iterator_locked(
this->backends, &this->mutex);
while (iterator->iterate(iterator, (void**)&current))
{
if (backend == current)
{
iterator->remove(iterator);
break;
}
}
iterator->destroy(iterator);
}
/**
* Implementation of cfg_store_t.destroy.
*/
static void destroy(private_cfg_store_t *this)
{
this->backends->destroy(this->backends);
free(this);
}
/*
* Described in header-file
*/
cfg_store_t *cfg_store_create()
{
private_cfg_store_t *this = malloc_thing(private_cfg_store_t);
this->public.get_ike_cfg = (ike_cfg_t*(*)(cfg_store_t*, host_t *, host_t *))get_ike_cfg;
this->public.get_peer_cfg = (peer_cfg_t*(*)(cfg_store_t*, identification_t *, identification_t *))get_peer_cfg;
this->public.register_backend = (void(*)(cfg_store_t*, backend_t *))register_backend;
this->public.unregister_backend = (void(*)(cfg_store_t*, backend_t *))unregister_backend;
this->public.destroy = (void(*)(cfg_store_t*))destroy;
this->backends = linked_list_create();
pthread_mutex_init(&this->mutex, NULL);
return &this->public;
}

134
src/charon/control/controller.c
View File

@ -1,134 +0,0 @@
/**
* @file controller.c
*
* @brief Implementation of controller_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "controller.h"
#include <daemon.h>
#include <library.h>
#include <processing/job_queue.h>
#include <processing/jobs/initiate_job.h>
typedef struct private_controller_t private_controller_t;
/**
* Private data of an stroke_t object.
*/
struct private_controller_t {
/**
* Public part of stroke_t object.
*/
controller_t public;
};
/**
* Implementation of controller_t.initiate.
*/
static status_t initiate(private_controller_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
bool(*cb)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),
void *param)
{
ike_sa_t *ours = NULL;
job_t *job;
status_t retval;
charon->bus->set_listen_state(charon->bus, TRUE);
job = (job_t*)initiate_job_create(peer_cfg, child_cfg);
charon->job_queue->add(charon->job_queue, job);
while (TRUE)
{
level_t level;
signal_t signal;
int thread;
ike_sa_t *ike_sa;
char* format;
va_list args;
signal = charon->bus->listen(charon->bus, &level, &thread,
&ike_sa, &format, &args);
if (ike_sa == ours || ours == NULL)
{
if (!cb(param, signal, level, ike_sa, format, args))
{
charon->bus->set_listen_state(charon->bus, FALSE);
return NEED_MORE;
}
}
switch (signal)
{
case CHILD_UP_SUCCESS:
if (ike_sa == ours)
{
retval = SUCCESS;
break;
}
continue;
case CHILD_UP_FAILED:
case IKE_UP_FAILED:
if (ike_sa == ours)
{
retval = FAILED;
break;
}
continue;
case CHILD_UP_START:
case IKE_UP_START:
if (ours == NULL)
{
ours = ike_sa;
}
continue;
default:
continue;
}
break;
}
charon->bus->set_listen_state(charon->bus, FALSE);
return retval;
}
/**
* Implementation of stroke_t.destroy.
*/
static void destroy(private_controller_t *this)
{
free(this);
}
/*
* Described in header-file
*/
controller_t *controller_create(void)
{
private_controller_t *this = malloc_thing(private_controller_t);
this->public.initiate = (status_t(*)(controller_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate;
this->public.destroy = (void (*)(controller_t*))destroy;
return &this->public;
}

239
src/charon/control/interface_manager.c Normal file
View File

@ -0,0 +1,239 @@
/**
* @file interface_manager.c
*
* @brief Implementation of interface_manager_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "interface_manager.h"
#include <sys/types.h>
#include <dirent.h>
#include <sys/stat.h>
#include <dlfcn.h>
#include <daemon.h>
#include <library.h>
#include <control/interfaces/interface.h>
#include <processing/job_queue.h>
#include <processing/jobs/initiate_job.h>
typedef struct private_interface_manager_t private_interface_manager_t;
/**
* Private data of an stroke_t object.
*/
struct private_interface_manager_t {
/**
* Public part of stroke_t object.
*/
interface_manager_t public;
/**
* a list of all loaded interfaces
*/
linked_list_t *interfaces;
/**
* dlopen() handles of interfaces
*/
linked_list_t *handles;
};
/**
* Implementation of interface_manager_t.initiate.
*/
static status_t initiate(private_interface_manager_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
bool(*cb)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),
void *param)
{
ike_sa_t *ours = NULL;
job_t *job;
status_t retval;
charon->bus->set_listen_state(charon->bus, TRUE);
job = (job_t*)initiate_job_create(peer_cfg, child_cfg);
charon->job_queue->add(charon->job_queue, job);
while (TRUE)
{
level_t level;
signal_t signal;
int thread;
ike_sa_t *ike_sa;
char* format;
va_list args;
signal = charon->bus->listen(charon->bus, &level, &thread,
&ike_sa, &format, &args);
if (cb && (ike_sa == ours || ours == NULL))
{
if (!cb(param, signal, level, ike_sa, format, args))
{
charon->bus->set_listen_state(charon->bus, FALSE);
return NEED_MORE;
}
}
switch (signal)
{
case CHILD_UP_SUCCESS:
if (ike_sa == ours)
{
retval = SUCCESS;
break;
}
continue;
case CHILD_UP_FAILED:
case IKE_UP_FAILED:
if (ike_sa == ours)
{
retval = FAILED;
break;
}
continue;
case CHILD_UP_START:
case IKE_UP_START:
if (ours == NULL)
{
ours = ike_sa;
}
continue;
default:
continue;
}
break;
}
charon->bus->set_listen_state(charon->bus, FALSE);
return retval;
}
/**
* load the control interface modules
*/
static void load_interfaces(private_interface_manager_t *this)
{
struct dirent* entry;
struct stat stb;
DIR* dir;
if (stat(IPSEC_INTERFACEDIR, &stb) == -1 || !(stb.st_mode & S_IFDIR))
{
DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR);
return;
}
dir = opendir(IPSEC_INTERFACEDIR);
if (dir == NULL)
{
DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR);
return;
}
DBG1(DBG_CFG, "loading control interface modules from '"IPSEC_INTERFACEDIR"'");
while ((entry = readdir(dir)) != NULL)
{
char file[256];
interface_t *interface;
interface_constructor_t constructor;
void *handle;
char *ending;
snprintf(file, sizeof(file), IPSEC_INTERFACEDIR"/%s", entry->d_name);
if (stat(file, &stb) == -1 || !(stb.st_mode & S_IFREG))
{
DBG2(DBG_CFG, " skipping %s, doesn't look like a file",
entry->d_name);
continue;
}
ending = entry->d_name + strlen(entry->d_name) - 3;
if (ending <= entry->d_name || !streq(ending, ".so"))
{
/* skip anything which does not look like a library */
DBG2(DBG_CFG, " skipping %s, doesn't look like a library",
entry->d_name);
continue;
}
/* try to load the library */
handle = dlopen(file, RTLD_LAZY);
if (handle == NULL)
{
DBG1(DBG_CFG, " opening control interface module %s failed: %s",
entry->d_name, dlerror());
continue;
}
constructor = dlsym(handle, "interface_create");
if (constructor == NULL)
{
DBG1(DBG_CFG, " interface module %s has no interface_create() "
"function, skipped", entry->d_name);
dlclose(handle);
continue;
}
interface = constructor();
if (interface == NULL)
{
DBG1(DBG_CFG, " unable to create instance of interface "
"module %s, skipped", entry->d_name);
dlclose(handle);
continue;
}
DBG1(DBG_CFG, " loaded control interface module successfully from %s", entry->d_name);
this->interfaces->insert_last(this->interfaces, interface);
this->handles->insert_last(this->handles, handle);
}
closedir(dir);
}
/**
* Implementation of stroke_t.destroy.
*/
static void destroy(private_interface_manager_t *this)
{
this->interfaces->destroy_offset(this->interfaces, offsetof(interface_t, destroy));
this->handles->destroy_function(this->handles, (void*)dlclose);
free(this);
}
/*
* Described in header-file
*/
interface_manager_t *interface_manager_create(void)
{
private_interface_manager_t *this = malloc_thing(private_interface_manager_t);
this->public.initiate = (status_t(*)(interface_manager_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate;
this->public.destroy = (void (*)(interface_manager_t*))destroy;
this->interfaces = linked_list_create();
this->handles = linked_list_create();
load_interfaces(this);
return &this->public;
}

41
src/charon/control/controller.h → src/charon/control/interface_manager.h
View File

@ -1,7 +1,7 @@
/**
* @file controller.h
* @file interface_manager.h
*
* @brief Interface of controller_t.
* @brief Interface of interface_manager_t.
*
*/
@ -20,13 +20,13 @@
* for more details.
*/
#ifndef CONTROLLER_H_
#define CONTROLLER_H_
#ifndef INTERFACE_MANAGER_H_
#define INTERFACE_MANAGER_H_
#include <bus/bus.h>
/**
* callback to log things triggered by controller
* callback to log things triggered by interface_manager
*
* @param param echoed parameter supplied when function invoked
* @param signal type of signal
@ -37,23 +37,23 @@
* @return FALSE to return from invoked function
* @ingroup control
*/
typedef bool(*controller_cb_t)(void* param, signal_t signal, level_t level,
typedef bool(*interface_manager_cb_t)(void* param, signal_t signal, level_t level,
ike_sa_t* ike_sa, char* format, va_list args);
typedef struct controller_t controller_t;
typedef struct interface_manager_t interface_manager_t;
/**
* @brief The controller controls the daemon.
* @brief The interface_manager controls the daemon.
*
* The controller starts actions by creating jobs. It then tries to
* The interface_manager starts actions by creating jobs. It then tries to
* evaluate the result of the operation by listening on the bus.
*
* @b Constructors:
* - controller_create()
* - interface_manager_create()
*
* @ingroup control
*/
struct controller_t {
struct interface_manager_t {
/**
* @brief Initiate a CHILD_SA, and if required, an IKE_SA.
@ -68,26 +68,27 @@ struct controller_t {
* - FAILED, if setup failed
* - NEED_MORE, if callback returned FALSE
*/
status_t (*initiate)(controller_t *this,
status_t (*initiate)(interface_manager_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
controller_cb_t callback, void *param);
interface_manager_cb_t callback, void *param);
/**
* @brief Destroy a controller_t instance.
* @brief Destroy a interface_manager_t instance.
*
* @param this controller_t objec to destroy
* @param this interface_manager_t objec to destroy
*/
void (*destroy) (controller_t *this);
void (*destroy) (interface_manager_t *this);
};
/**
* @brief Create a controller instance.
* @brief Create a interface_manager instance and loads all interface modules.
*
* @return controller_t object
* @return interface_manager_t object
*
* @ingroup control
*/
controller_t *controller_create();
interface_manager_t *interface_manager_create(void);
#endif /* INTERFACE_MANAGER_H_ */
#endif /* CONTROLLER_H_ */

324
src/charon/control/interfaces/dbus_interface.c Normal file
View File

@ -0,0 +1,324 @@
/**
* @file dbus_interface.c
*
* @brief Implementation of dbus_interface_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#define DBUS_API_SUBJECT_TO_CHANGE
#include <dbus/dbus.h>
#include <NetworkManager/NetworkManager.h>
#include <NetworkManager/NetworkManagerVPN.h>
#include <stdlib.h>
#include "dbus_interface.h"
#include <library.h>
#include <daemon.h>
#define NM_DBUS_SERVICE_STRONG "org.freedesktop.NetworkManager.strongswan"
#define NM_DBUS_INTERFACE_STRONG "org.freedesktop.NetworkManager.strongswan"
#define NM_DBUS_PATH_STRONG "/org/freedesktop/NetworkManager/strongswan"
typedef struct private_dbus_interface_t private_dbus_interface_t;
/**
* Private data of an dbus_interface_t object.
*/
struct private_dbus_interface_t {
/**
* Public part of dbus_t object.
*/
dbus_interface_t public;
/**
* DBUS connection
*/
DBusConnection* conn;
/**
* error value used here and there
*/
DBusError err;
/**
* state of the daemon
*/
NMVPNState state;
/**
* dispatcher thread for DBUS messages
*/
pthread_t thread;
};
/**
* set daemon state and send StateChange signal to the bus
*/
static void set_state(private_dbus_interface_t *this, NMVPNState state)
{
DBusMessage* msg;
msg = dbus_message_new_signal(NM_DBUS_PATH_STRONG, NM_DBUS_INTERFACE_STRONG, NM_DBUS_VPN_SIGNAL_STATE_CHANGE);
if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &this->state,
DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID) ||
!dbus_connection_send(this->conn, msg, NULL))
{
DBG1(DBG_CFG, "unable to send DBUS StateChange signal");
}
dbus_connection_flush(this->conn);
dbus_message_unref(msg);
this->state = state;
}
/**
* process NetworkManagers startConnection method call
*/
static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg)
{
DBusMessage *reply, *signal;
char *name, *user, **data, **passwords, **routes;
int data_count, passwords_count, routes_count;
u_int32_t me, other, p2p, netmask, mss;
char *dev, *domain, *banner;
const dbus_int32_t array[] = {};
const dbus_int32_t *varray = array;
if (!dbus_message_get_args(msg, &this->err,
DBUS_TYPE_STRING, &name, DBUS_TYPE_STRING, &user,
DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &passwords, &passwords_count,
DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &data, &data_count,
DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &routes, &routes_count,
DBUS_TYPE_INVALID))
{
return FALSE;
}
set_state(this, NM_VPN_STATE_STARTING);
reply = dbus_message_new_method_return(msg);
dbus_connection_send(this->conn, reply, NULL);
signal = dbus_message_new_signal(NM_DBUS_PATH_STRONG,
NM_DBUS_INTERFACE_STRONG,
NM_DBUS_VPN_SIGNAL_IP4_CONFIG);
me = other = p2p = mss = netmask = 0;
dev = domain = banner = "";
if (dbus_message_append_args(signal,
DBUS_TYPE_UINT32, &other,
DBUS_TYPE_STRING, &dev,
DBUS_TYPE_UINT32, &me,
DBUS_TYPE_UINT32, &p2p,
DBUS_TYPE_UINT32, &netmask,
DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0,
DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0,
DBUS_TYPE_UINT32, &mss,
DBUS_TYPE_STRING, &domain,
DBUS_TYPE_STRING, &banner))
{
dbus_connection_send(this->conn, signal, NULL);
}
dbus_message_unref(signal);
set_state(this, NM_VPN_STATE_STARTED);
dbus_connection_flush(this->conn);
dbus_message_unref(reply);
return TRUE;
}
/**
* process NetworkManagers stopConnection method call
*/
static bool stop_connection(private_dbus_interface_t *this, DBusMessage* msg)
{
set_state(this, NM_VPN_STATE_STOPPING);
set_state(this, NM_VPN_STATE_STOPPED);
return FALSE;
}
/**
* process NetworkManagers getState method call
*/
static bool get_state(private_dbus_interface_t *this, DBusMessage* msg)
{
DBusMessage* reply;
reply = dbus_message_new_method_return(msg);
if (!reply || !dbus_message_append_args(reply,
DBUS_TYPE_UINT32, &this->state,
DBUS_TYPE_INVALID))
{
return FALSE;
}
dbus_connection_send(this->conn, reply, NULL);
return TRUE;
}
/**
* Handle incoming messages
*/
static DBusHandlerResult message_handler(DBusConnection *con, DBusMessage *msg,
private_dbus_interface_t *this)
{
bool handled;
if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
"startConnection"))
{
handled = start_connection(this, msg);
}
else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
"stopConnection"))
{
handled = stop_connection(this, msg);
}
else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
"getState"))
{
handled = get_state(this, msg);
}
else
{
DBG1(DBG_CFG, "ignoring DBUS message %s.%s",
dbus_message_get_interface(msg), dbus_message_get_member(msg));
handled = FALSE;
}
if (handled)
{
return DBUS_HANDLER_RESULT_HANDLED;
}
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
}
/**
* Handle received signals
static DBusHandlerResult signal_handler(DBusConnection *con, DBusMessage *msg,
private_dbus_interface_t *this)
{
bool handled;
if (dbus_message_is_signal(msg, NM_DBUS_INTERFACE, "VPNConnectionStateChange"))
{
NMVPNState state;
char *name;
if (dbus_message_get_args(msg, &this->err, DBUS_TYPE_STRING, &name,
DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID))
{
DBG1(DBG_CFG, "got state %d for %s", state, name);
}
handled = TRUE;
}
else
{
DBG1(DBG_CFG, "ignoring DBUS signal %s.%s",
dbus_message_get_interface(msg), dbus_message_get_member(msg));
handled = FALSE;
}
if (handled)
{
return DBUS_HANDLER_RESULT_HANDLED;
}
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
} */
/**
* dispatcher function processed by a seperate thread
*/
static void dispatch(private_dbus_interface_t *this)
{
while (dbus_connection_read_write_dispatch(this->conn, -1))
{
/* nothing */
}
}
/**
* Implementation of interface_t.destroy.
*/
static void destroy(private_dbus_interface_t *this)
{
pthread_cancel(this->thread);
pthread_join(this->thread, NULL);
dbus_error_free(&this->err);
free(this);
}
/*
* Described in header file
*/
interface_t *interface_create()
{
int ret;
DBusObjectPathVTable v = {NULL, (void*)&message_handler, NULL, NULL, NULL, NULL};
private_dbus_interface_t *this = malloc_thing(private_dbus_interface_t);
this->public.interface.destroy = (void (*)(dbus_interface_t*))destroy;
dbus_error_init(&this->err);
this->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &this->err);
if (dbus_error_is_set(&this->err))
{
DBG1(DBG_CFG, "unable to open DBUS connection: %s", this->err.message);
charon->kill(charon, "DBUS initialization failed");
}
ret = dbus_bus_request_name(this->conn, NM_DBUS_SERVICE_STRONG,
DBUS_NAME_FLAG_REPLACE_EXISTING , &this->err);
if (dbus_error_is_set(&this->err))
{
DBG1(DBG_CFG, "unable to set DBUS name: %s", this->err.message);
charon->kill(charon, "unable to set DBUS name");
}
if (ret != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER)
{
charon->kill(charon, "DBUS name already owned");
}
if (!dbus_connection_register_object_path(this->conn, NM_DBUS_PATH_STRONG, &v, this))
{
charon->kill(charon, "unable to register DBUS message handler");
}
/*
if (!dbus_connection_add_filter(this->conn, (void*)signal_handler, this, NULL))
{
charon->kill(charon, "unable to register DBUS signal handler");
}
dbus_bus_add_match(this->conn, "type='signal', "
"interface='" NM_DBUS_INTERFACE_VPN "',"
"path='" NM_DBUS_PATH_VPN "'", &this->err);
if (dbus_error_is_set (&this->err))
{
charon->kill(charon, "unable to add DBUS signal match");
}*/
this->state = NM_VPN_STATE_INIT;
set_state(this, NM_VPN_STATE_STOPPED);
if (pthread_create(&this->thread, NULL, (void*(*)(void*))dispatch, this) != 0)
{
charon->kill(charon, "unable to create stroke thread");
}
return &this->public;
}

57
src/charon/control/interfaces/dbus_interface.h Normal file
View File

@ -0,0 +1,57 @@
/**
* @file dbus_interface.h
*
* @brief Interface of dbus_interface_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef DBUS_INTERFACE_H_
#define DBUS_INTERFACE_H_
typedef struct dbus_interface_t dbus_interface_t;
#include <control/interfaces/interface.h>
/**
* @brief The DBUS interface uses the DBUS system bus to communicate.
*
* @b Constructors:
* - dbus_interface_create()
*
* @ingroup interfaces
*/
struct dbus_interface_t {
/**
* implements interface_t.
*/
interface_t interface;
};
/**
* @brief Create the DBUS interface.
*
* @return stroke_t object
*
* @ingroup interfaces
*/
interface_t *interface_create();
#endif /* DBUS_INTERFACE_H_ */

55
src/charon/control/interfaces/interface.h Normal file
View File

@ -0,0 +1,55 @@
/**
* @file interface.h
*
* @brief Interface of interface_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef INTERFACE_H_
#define INTERFACE_H_
typedef struct interface_t interface_t;
/**
* @brief Interface for a controller.
*
* @b Constructors:
* - interface_create() of one of the modules
*
* @ingroup interfaces
*/
struct interface_t {
/**
* @brief Destroy all interfaces
*
* @param this stroke_t objec to destroy
*/
void (*destroy) (interface_t *this);
};
/**
* Constructor in a control interface module to create the interface.
*
* @ingroup interfaces
*/
typedef interface_t*(*interface_constructor_t)(void);
#endif /* INTERFACE_H_ */

79
src/charon/control/stroke_interface.c → src/charon/control/interfaces/stroke_interface.c
View File

@ -40,7 +40,8 @@
#include <crypto/x509.h>
#include <crypto/ca.h>
#include <crypto/crl.h>
#include <control/controller.h>
#include <control/interface_manager.h>
#include <control/interfaces/interface.h>
#include <processing/jobs/initiate_job.h>
#include <processing/jobs/route_job.h>
#include <utils/leak_detective.h>
@ -55,19 +56,14 @@ struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET};
typedef struct private_stroke_interface_t private_stroke_interface_t;
/**
* Private data of an stroke_t object.
* Private data of an stroke_interfacet object.
*/
struct private_stroke_interface_t {
/**
* Public part of stroke_t object.
* Public part of stroke_interfacet object.
*/
stroke_t public;
/**
* backend to store configurations
*/
local_backend_t *backend;
stroke_interface_t public;
/**
* Unix socket to listen for strokes
@ -445,7 +441,7 @@ static void stroke_add_conn(private_stroke_interface_t *this,
DBG2(DBG_CFG, " updown: '%s'", msg->add_conn.me.updown);
/* have a look for an (almost) identical peer config to reuse */
iterator = this->backend->create_peer_cfg_iterator(this->backend);
iterator = charon->backends->create_iterator(charon->backends);
while (iterator->iterate(iterator, (void**)&peer_cfg))
{
ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
@ -579,7 +575,7 @@ static void stroke_add_conn(private_stroke_interface_t *this,
if (!use_existing)
{
/* add config to backend */
this->backend->add_peer_cfg(this->backend, peer_cfg);
charon->backends->add_peer_cfg(charon->backends, peer_cfg);
DBG1(DBG_CFG, "added configuration '%s': %H[%D]...%H[%D]",
msg->add_conn.name, my_host, my_id, other_host, other_id);
}
@ -608,7 +604,7 @@ static void stroke_del_conn(private_stroke_interface_t *this,
pop_string(msg, &(msg->del_conn.name));
DBG1(DBG_CFG, "received stroke: delete connection '%s'", msg->del_conn.name);
peer_iter = this->backend->create_peer_cfg_iterator(this->backend);
peer_iter = charon->backends->create_iterator(charon->backends);
while (peer_iter->iterate(peer_iter, (void**)&peer))
{
/* remove peer config with such a name */
@ -672,6 +668,46 @@ static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level,
return TRUE;
}
/**
* get a peer configuration by its name, or a name of its children
*/
static peer_cfg_t *get_peer_cfg_by_name(char *name)
{
iterator_t *i1, *i2;
peer_cfg_t *current, *found = NULL;
child_cfg_t *child;
i1 = charon->backends->create_iterator(charon->backends);
while (i1->iterate(i1, (void**)&current))
{
/* compare peer_cfgs name first */
if (streq(current->get_name(current), name))
{
found = current;
found->get_ref(found);
break;
}
/* compare all child_cfg names otherwise */
i2 = current->create_child_cfg_iterator(current);
while (i2->iterate(i2, (void**)&child))
{
if (streq(child->get_name(child), name))
{
found = current;
found->get_ref(found);
break;
}
}
i2->destroy(i2);
if (found)
{
break;
}
}
i1->destroy(i1);
return found;
}
/**
* initiate a connection by name
*/
@ -685,8 +721,7 @@ static void stroke_initiate(private_stroke_interface_t *this,
pop_string(msg, &(msg->initiate.name));
DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name);
peer_cfg = this->backend->get_peer_cfg_by_name(this->backend,
msg->initiate.name);
peer_cfg = get_peer_cfg_by_name(msg->initiate.name);
if (peer_cfg == NULL)
{
fprintf(out, "no config named '%s'\n", msg->initiate.name);
@ -711,8 +746,8 @@ static void stroke_initiate(private_stroke_interface_t *this,
info.out = out;
info.level = msg->output_verbosity;
charon->controller->initiate(charon->controller, peer_cfg, child_cfg,
(controller_cb_t)stroke_log, &info);
charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg,
(interface_manager_cb_t)stroke_log, &info);
}
/**
@ -729,7 +764,7 @@ static void stroke_route(private_stroke_interface_t *this,
DBG1(DBG_CFG, "received stroke: %s '%s'",
route ? "route" : "unroute", msg->route.name);
peer_cfg = this->backend->get_peer_cfg_by_name(this->backend, msg->route.name);
peer_cfg = get_peer_cfg_by_name(msg->route.name);
if (peer_cfg == NULL)
{
fprintf(out, "no config named '%s'\n", msg->route.name);
@ -1115,7 +1150,7 @@ static void stroke_status(private_stroke_interface_t *this,
list->destroy(list);
fprintf(out, "Connections:\n");
iterator = this->backend->create_peer_cfg_iterator(this->backend);
iterator = charon->backends->create_iterator(charon->backends);
while (iterator->iterate(iterator, (void**)&peer_cfg))
{
if (peer_cfg->get_ike_version(peer_cfg) != 2 ||
@ -1517,7 +1552,7 @@ static void stroke_receive(private_stroke_interface_t *this)
}
/**
* Implementation of stroke_t.destroy.
* Implementation of interface_t.destroy.
*/
static void destroy(private_stroke_interface_t *this)
{
@ -1537,16 +1572,14 @@ static void destroy(private_stroke_interface_t *this)
/*
* Described in header-file
*/
stroke_t *stroke_create(local_backend_t *backend)
interface_t *interface_create()
{
private_stroke_interface_t *this = malloc_thing(private_stroke_interface_t);
mode_t old;
int i;
/* public functions */
this->public.destroy = (void (*)(stroke_t*))destroy;
this->backend = backend;
this->public.interface.destroy = (void (*)(stroke_interface_t*))destroy;
/* set up unix socket */
this->socket = socket(AF_UNIX, SOCK_STREAM, 0);

22
src/charon/control/stroke_interface.h → src/charon/control/interfaces/stroke_interface.h
View File

@ -1,5 +1,5 @@
/**
* @file stroke.h
* @file stroke_interface.h
*
* @brief Interface of stroke_t.
*
@ -23,9 +23,9 @@
#ifndef STROKE_INTERFACE_H_
#define STROKE_INTERFACE_H_
typedef struct stroke_t stroke_t;
typedef struct stroke_interface_t stroke_interface_t;
#include <config/backends/local_backend.h>
#include <control/interfaces/interface.h>
/**
* @brief Stroke is a configuration and control interface which
@ -39,27 +39,25 @@ typedef struct stroke_t stroke_t;
* @b Constructors:
* - stroke_create()
*
* @ingroup control
* @ingroup interfaces
*/
struct stroke_t {
struct stroke_interface_t {
/**
* @brief Destroy a stroke_t instance.
*
* @param this stroke_t objec to destroy
* implements interface_t.
*/
void (*destroy) (stroke_t *this);
interface_t interface;
};
/**
* @brief Create the stroke interface and listen on the socket.
*
* @param backend backend to store received configurations
* @return stroke_t object
*
* @ingroup control
* @ingroup interfaces
*/
stroke_t *stroke_create(local_backend_t *backend);
interface_t *interface_create(void);
#endif /* STROKE_INTERFACE_H_ */

63
src/charon/control/interfaces/xml_interface.c Normal file
View File

@ -0,0 +1,63 @@
/**
* @file xml_interface.c
*
* @brief Implementation of xml_interface_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <stdlib.h>
#include "xml_interface.h"
#include <library.h>
#include <daemon.h>
typedef struct private_xml_interface_t private_xml_interface_t;
/**
* Private data of an xml_interface_t object.
*/
struct private_xml_interface_t {
/**
* Public part of xml_t object.
*/
xml_interface_t public;
};
/**
* Implementation of itnerface_t.destroy.
*/
static void destroy(private_xml_interface_t *this)
{
free(this);
}
/*
* Described in header file
*/
interface_t *interface_create()
{
private_xml_interface_t *this = malloc_thing(private_xml_interface_t);
this->public.interface.destroy = (void (*)(xml_interface_t*))destroy;
return &this->public;
}

57
src/charon/control/interfaces/xml_interface.h Normal file
View File

@ -0,0 +1,57 @@
/**
* @file xml_interface.h
*
* @brief Interface of xml_interface_t.
*
*/
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef XML_INTERFACE_H_
#define XML_INTERFACE_H_
typedef struct xml_interface_t xml_interface_t;
#include <control/interfaces/interface.h>
/**
* @brief The XML interface uses a socket to communicate using XML.
*
* @b Constructors:
* - xml_interface_create()
*
* @ingroup interfaces
*/
struct xml_interface_t {
/**
* implements interface_t.
*/
interface_t interface;
};
/**
* @brief Create the XML interface.
*
* @return stroke_t object
*
* @ingroup interfaces
*/
interface_t *interface_create(void);
#endif /* XML_INTERFACE_H_ */

20
src/charon/daemon.c
View File

@ -164,8 +164,7 @@ static void destroy(private_daemon_t *this)
/* we don't want to receive anything anymore... */
DESTROY_IF(this->public.receiver);
/* ignore all incoming user requests */
DESTROY_IF(this->public.stroke);
DESTROY_IF(this->public.controller);
DESTROY_IF(this->public.interfaces);
/* stop scheduing jobs */
DESTROY_IF(this->public.scheduler);
/* stop processing jobs */
@ -178,8 +177,7 @@ static void destroy(private_daemon_t *this)
DESTROY_IF(this->public.job_queue);
DESTROY_IF(this->public.event_queue);
DESTROY_IF(this->public.credentials);
DESTROY_IF(this->public.cfg_store);
DESTROY_IF(this->public.local_backend);
DESTROY_IF(this->public.backends);
sched_yield();
/* we hope the sender could send the outstanding deletes, but
* we shut down here at any cost */
@ -262,10 +260,7 @@ static void initialize(private_daemon_t *this, bool syslog, level_t levels[])
this->public.job_queue = job_queue_create();
this->public.event_queue = event_queue_create();
this->public.credentials = (credential_store_t*)local_credential_store_create();
this->public.cfg_store = cfg_store_create();
this->public.local_backend = local_backend_create();
this->public.cfg_store->register_backend(this->public.cfg_store,
&this->public.local_backend->backend);
this->public.backends = backend_manager_create();
/* initialize fetcher_t class */
fetcher_initialize();
@ -280,8 +275,7 @@ static void initialize(private_daemon_t *this, bool syslog, level_t levels[])
credentials->load_secrets(credentials);
/* start building threads, we are multi-threaded NOW */
this->public.controller = controller_create();
this->public.stroke = stroke_create(this->public.local_backend);
this->public.interfaces = interface_manager_create();
this->public.sender = sender_create();
this->public.receiver = receiver_create();
this->public.scheduler = scheduler_create();
@ -336,15 +330,13 @@ private_daemon_t *daemon_create(void)
this->public.job_queue = NULL;
this->public.event_queue = NULL;
this->public.credentials = NULL;
this->public.cfg_store = NULL;
this->public.local_backend = NULL;
this->public.backends = NULL;
this->public.sender= NULL;
this->public.receiver = NULL;
this->public.scheduler = NULL;
this->public.kernel_interface = NULL;
this->public.thread_pool = NULL;
this->public.controller = NULL;
this->public.stroke = NULL;
this->public.interfaces = NULL;
this->public.bus = NULL;
this->public.outlog = NULL;
this->public.syslog = NULL;

34
src/charon/daemon.h
View File

@ -37,14 +37,12 @@ typedef struct daemon_t daemon_t;
#include <processing/job_queue.h>
#include <processing/event_queue.h>
#include <kernel/kernel_interface.h>
#include <control/controller.h>
#include <control/stroke_interface.h>
#include <control/interface_manager.h>
#include <bus/bus.h>
#include <bus/listeners/file_logger.h>
#include <bus/listeners/sys_logger.h>
#include <sa/ike_sa_manager.h>
#include <config/cfg_store.h>
#include <config/backends/local_backend.h>
#include <config/backend_manager.h>
/**
* @defgroup charon charon
@ -132,11 +130,19 @@ typedef struct daemon_t daemon_t;
/**
* @defgroup control control
*
* Classes which control the daemon using IPC mechanisms.
* Handling of loadable control interface modules.
*
* @ingroup charon
*/
/**
* @defgroup interfaces interfaces
*
* Classes which control the daemon using IPC mechanisms.
*
* @ingroup control
*/
/**
* @defgroup encoding encoding
*
@ -353,14 +359,9 @@ struct daemon_t {
ike_sa_manager_t *ike_sa_manager;
/**
* A connection_store_t instance.
* Manager for the different configuration backends.
*/
cfg_store_t *cfg_store;
/**
* A backend for cfg_store using in-memory lists
*/
local_backend_t *local_backend;
backend_manager_t *backends;
/**
* A credential_store_t instance.
@ -413,14 +414,9 @@ struct daemon_t {
kernel_interface_t *kernel_interface;
/**
* control the daemon
* Interfaces for IPC
*/
controller_t *controller;;
/**
* IPC interface, as whack in pluto
*/
stroke_t *stroke;
interface_manager_t *interfaces;
/**
* @brief Shut down the daemon.

4
src/charon/sa/ike_sa.c
View File

@ -746,8 +746,8 @@ static status_t process_message(private_ike_sa_t *this, message_t *message)
if (this->ike_cfg == NULL)
{
job_t *job;
this->ike_cfg = charon->cfg_store->get_ike_cfg(charon->cfg_store,
me, other);
this->ike_cfg = charon->backends->get_ike_cfg(charon->backends,
me, other);
if (this->ike_cfg == NULL)
{
/* no config found for these hosts, destroy */

2
src/charon/sa/tasks/ike_auth.c
View File

@ -511,7 +511,7 @@ static status_t process_r(private_ike_auth_t *this, message_t *message)
return NEED_MORE;
}
config = charon->cfg_store->get_peer_cfg(charon->cfg_store,
config = charon->backends->get_peer_cfg(charon->backends,
this->ike_sa->get_my_id(this->ike_sa),
this->ike_sa->get_other_id(this->ike_sa));
if (config)