Implement Esa Event Service (EES)

The Esa Event Service can be used to trigger ESP SA (ESA) events such as
acquire or expire. The incoming events are forwarded to the hydra kernel
interface for processing.

src/charon-tkm/Makefile.am

@@ -17,6 +17,7 @@ LIBFL = -lstrongswan -lhydra -lcharon
 DEFS += -DPLUGINS=\""$(PLUGINS)\"" -DIPSEC_PIDDIR=\"${piddir}\"
 
 BUILD_OPTS = \
+	-XOBJ_DIR=$(CURDIR)/obj \
 	-cargs $(INCLUDES) $(DEFS) \
 	-largs $(LIBLD) $(LIBFL)
 

src/charon-tkm/build_charon.gpr

@@ -2,12 +2,13 @@ with "build_common";
 
 project Build_Charon is
 
-   for Languages use ("C");
+   for Languages use ("Ada", "C");
    for Source_Dirs use ("src/**");
    for Main use ("charon-tkm");
    for Object_Dir use Build_Common.Obj_Dir;
 
    package Compiler is
+      for Default_Switches ("ada") use Build_Common.Ada_Compiler_Switches;
       for Default_Switches ("c") use Build_Common.C_Compiler_Switches
         & "-Werror";
    end Compiler;

src/charon-tkm/build_common.gpr

@@ -1,10 +1,22 @@
 with "tkmrpc_client";
+with "tkmrpc_server-ees";
 
 project Build_Common is
 
    for Source_Dirs use ();
 
-   Obj_Dir           := "obj";
-   Compiler_Switches := ("-W", "-Wall", "-Wno-unused-parameter");
+   Obj_Dir := "obj";
 
+   C_Compiler_Switches   := ("-W",
+                             "-Wall",
+                             "-Wno-unused-parameter");
+   Ada_Compiler_Switches := ("-gnatwale",
+                             "-gnatygAdISuxo",
+                             "-gnata",
+                             "-gnatVa",
+                             "-gnat05",
+                             "-gnatf",
+                             "-fstack-check",
+                             "-gnato",
+                             "-g");
 end Build_Common;

src/charon-tkm/build_tests.gpr

@@ -2,13 +2,13 @@ with "build_common";
 
 project Build_Tests is
 
-   for Languages use ("C");
-   for Source_Dirs use ("src/tkm", "tests");
+   for Languages use ("Ada", "C");
+   for Source_Dirs use ("src/tkm", "src/ees", "tests");
    for Main use ("test_runner");
    for Object_Dir use Build_Common.Obj_Dir;
 
    package Compiler is
-      for Default_Switches ("c") use Build_Common.Compiler_Switches;
+      for Default_Switches ("c") use Build_Common.C_Compiler_Switches;
    end Compiler;
 
 end Build_Tests;

src/charon-tkm/src/ees/ees_callbacks.c

@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2012 Reto Buerki
+ * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <hydra.h>
+#include <utils/debug.h>
+#include <tkm/constants.h>
+#include <tkm/types.h>
+
+#include "ees_callbacks.h"
+
+void charon_esa_acquire(result_type *res, const sp_id_type sp_id)
+{
+	DBG1(DBG_KNL, "ees: acquire received for reqid {%d}", sp_id);
+	hydra->kernel_interface->acquire(hydra->kernel_interface, sp_id, NULL,
+									 NULL);
+	*res = TKM_OK;
+}
+
+void charon_esa_expire(result_type *res, const sp_id_type sp_id,
+					   const esp_spi_type spi_rem, const protocol_type protocol,
+					   const expiry_flag_type hard)
+{
+	DBG1(DBG_KNL, "ees: expire received for reqid {%d}", sp_id);
+	hydra->kernel_interface->expire(hydra->kernel_interface, sp_id, protocol,
+									spi_rem, hard != 0);
+	*res = TKM_OK;
+}

src/charon-tkm/src/ees/ees_callbacks.h

@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2012 Reto Buerki
+ * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef EES_CALLBACKS_H_
+#define EES_CALLBACKS_H_
+
+/**
+ * Process Acquire event for given security policy.
+ */
+void charon_esa_acquire(result_type *res, const sp_id_type sp_id);
+
+/**
+ * Process Expire event for given security policy.
+ */
+void charon_esa_expire(result_type *res, const sp_id_type sp_id,
+					   const esp_spi_type spi_rem, const protocol_type protocol,
+					   const expiry_flag_type hard);
+
+#endif /** EES_CALLBACKS_H_ */

src/charon-tkm/src/ees/esa_event_service.adb

@@ -0,0 +1,65 @@
+--
+--  Copyright (C) 2012 Reto Buerki
+--  Copyright (C) 2012 Adrian-Ken Rueegsegger
+--  Hochschule fuer Technik Rapperswil
+--
+--  This program is free software; you can redistribute it and/or modify it
+--  under the terms of the GNU General Public License as published by the
+--  Free Software Foundation; either version 2 of the License, or (at your
+--  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+--
+--  This program is distributed in the hope that it will be useful, but
+--  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+--  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+--  for more details.
+--
+
+with Anet.Sockets.Unix;
+with Anet.Receivers.Stream;
+
+with Tkmrpc.Dispatchers.Ees;
+with Tkmrpc.Process_Stream;
+
+pragma Elaborate_All (Anet.Receivers.Stream);
+pragma Elaborate_All (Tkmrpc.Process_Stream);
+
+package body Esa_Event_Service
+is
+
+   package Unix_TCP_Receiver is new Anet.Receivers.Stream
+     (Socket_Type => Anet.Sockets.Unix.TCP_Socket_Type);
+
+   procedure Dispatch is new Tkmrpc.Process_Stream
+     (Dispatch => Tkmrpc.Dispatchers.Ees.Dispatch);
+
+   Sock     : aliased Anet.Sockets.Unix.TCP_Socket_Type;
+   Receiver : Unix_TCP_Receiver.Receiver_Type (S => Sock'Access);
+
+   -------------------------------------------------------------------------
+
+   procedure Finalize
+   is
+   begin
+      Receiver.Stop;
+   end Finalize;
+
+   -------------------------------------------------------------------------
+
+   procedure Init
+     (Result  : out Tkmrpc.Results.Result_Type;
+      Address :     Interfaces.C.Strings.chars_ptr)
+   is
+      Path : constant String := Interfaces.C.Strings.Value (Address);
+   begin
+      Sock.Init;
+      Sock.Bind (Path => Anet.Sockets.Unix.Path_Type (Path));
+      Receiver.Listen (Callback => Dispatch'Access);
+
+      Result := Tkmrpc.Results.Ok;
+
+   exception
+      when others =>
+         Result := Tkmrpc.Results.Invalid_Operation;
+   end Init;
+
+end Esa_Event_Service;

src/charon-tkm/src/ees/esa_event_service.ads

@@ -0,0 +1,35 @@
+--
+--  Copyright (C) 2012 Reto Buerki
+--  Copyright (C) 2012 Adrian-Ken Rueegsegger
+--  Hochschule fuer Technik Rapperswil
+--
+--  This program is free software; you can redistribute it and/or modify it
+--  under the terms of the GNU General Public License as published by the
+--  Free Software Foundation; either version 2 of the License, or (at your
+--  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+--
+--  This program is distributed in the hope that it will be useful, but
+--  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+--  or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+--  for more details.
+--
+
+with Interfaces.C.Strings;
+
+with Tkmrpc.Results;
+
+package Esa_Event_Service
+is
+
+   procedure Init
+     (Result  : out Tkmrpc.Results.Result_Type;
+      Address :     Interfaces.C.Strings.chars_ptr);
+   pragma Export (C, Init, "ees_server_init");
+   pragma Export_Valued_Procedure (Init);
+   --  Initialize Esa Event Service (EES) with given address.
+
+   procedure Finalize;
+   pragma Export (C, Finalize, "ees_server_finalize");
+   --  Finalize EES.
+
+end Esa_Event_Service;

src/charon-tkm/src/ees/tkmrpc-servers-ees.adb

@@ -0,0 +1,65 @@
+package body Tkmrpc.Servers.Ees
+is
+
+   --------------------------------
+   -- charon callback signatures --
+   --------------------------------
+
+   procedure Charon_Esa_Acquire
+     (Result : out Results.Result_Type;
+      Sp_Id  :     Types.Sp_Id_Type);
+   pragma Import (C, Charon_Esa_Acquire, "charon_esa_acquire");
+
+   procedure Charon_Esa_Expire
+     (Result   : out Results.Result_Type;
+      Sp_Id    :     Types.Sp_Id_Type;
+      Spi_Rem  :     Types.Esp_Spi_Type;
+      Protocol :     Types.Protocol_Type;
+      Hard     :     Types.Expiry_Flag_Type);
+   pragma Import (C, Charon_Esa_Expire, "charon_esa_expire");
+
+   -------------------------------------------------------------------------
+
+   procedure Esa_Acquire
+     (Result : out Results.Result_Type;
+      Sp_Id  :     Types.Sp_Id_Type)
+   is
+   begin
+      Charon_Esa_Acquire (Result => Result,
+                          Sp_Id  => Sp_Id);
+   end Esa_Acquire;
+
+   -------------------------------------------------------------------------
+
+   procedure Esa_Expire
+     (Result   : out Results.Result_Type;
+      Sp_Id    :     Types.Sp_Id_Type;
+      Spi_Rem  :     Types.Esp_Spi_Type;
+      Protocol :     Types.Protocol_Type;
+      Hard     :     Types.Expiry_Flag_Type)
+   is
+   begin
+      Charon_Esa_Expire (Result   => Result,
+                         Sp_Id    => Sp_Id,
+                         Spi_Rem  => Spi_Rem,
+                         Protocol => Protocol,
+                         Hard     => Hard);
+   end Esa_Expire;
+
+   -------------------------------------------------------------------------
+
+   procedure Finalize
+   is
+   begin
+      null;
+   end Finalize;
+
+   -------------------------------------------------------------------------
+
+   procedure Init
+   is
+   begin
+      null;
+   end Init;
+
+end Tkmrpc.Servers.Ees;

src/charon-tkm/src/tkm/tkm.c

@@ -20,10 +20,14 @@
 #include "tkm.h"
 
 #define IKE_SOCKET "/tmp/tkm.rpc.ike"
+#define EES_SOCKET "/tmp/tkm.rpc.ees"
 
 typedef struct private_tkm_t private_tkm_t;
 
-/**
+extern result_type ees_server_init(const char * const address);
+extern void ees_server_finalize(void);
+
+/*
  * Private additions to tkm_t.
  */
 struct private_tkm_t {
@@ -61,9 +65,16 @@ bool tkm_init()
 		tkmlib_final();
 		return FALSE;
 	}
+	/* init esa event service */
+	if (ees_server_init(EES_SOCKET) != TKM_OK)
+	{
+		tkmlib_final();
+		return FALSE;
+	}
 
 	if (ike_tkm_reset() != TKM_OK)
 	{
+		ees_server_finalize();
 		tkmlib_final();
 		return FALSE;
 	}
@@ -71,6 +82,7 @@ bool tkm_init()
 	/* get limits from tkm */
 	if (ike_tkm_limits(&max_requests, &nc, &dh, &cc, &ae, &isa, &esa) != TKM_OK)
 	{
+		ees_server_finalize();
 		tkmlib_final();
 		return FALSE;
 	}
@@ -101,6 +113,8 @@ void tkm_deinit()
 	this->public.idmgr->destroy(this->public.idmgr);
 	this->public.chunk_map->destroy(this->public.chunk_map);
 
+	ees_server_finalize();
+
 	tkmlib_final();
 	free(this);
 	tkm = NULL;