diff options
| author | Martin Willi <martin@strongswan.org> | 2007-04-27 14:25:08 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2007-04-27 14:25:08 +0000 |
| commit | a84fb01b965831ee0b45f70aa44cb333c7d98473 (patch) | |
| tree | 39128bff64b06e14a5e36869dac0974c03c7bb6e | |
| parent | bb1030cb3de0758a579c264bd9f63cb91fab6a95 (diff) | |
| download | strongswan-a84fb01b965831ee0b45f70aa44cb333c7d98473.tar.bz2 strongswan-a84fb01b965831ee0b45f70aa44cb333c7d98473.tar.xz | |
restructuring of configuration backends
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
configuration backends
control interfaces
using pluggable modules as in EAP
23 files changed, 1401 insertions, 526 deletions
diff --git a/configure.in b/configure.in index 3748756e5..8b54b42c9 100644 --- a/configure.in +++ b/configure.in @@ -75,9 +75,23 @@ AC_ARG_WITH( AC_ARG_WITH( [eapdir], - AS_HELP_STRING([--with-eapdir=dir],[path for pluggable EAP modules other than "ipsecdir/eap"]), + AS_HELP_STRING([--with-eapdir=dir],[path for pluggable EAP modules other than "ipsecdir/plugins/eap"]), [AC_SUBST(eapdir, "$withval")], - [AC_SUBST(eapdir, "${ipsecdir}/eap")] + [AC_SUBST(eapdir, "${ipsecdir}/plugins/eap")] +) + +AC_ARG_WITH( + [backenddir], + AS_HELP_STRING([--with-backenddir=dir],[path for pluggable configuration backend modules other than "ipsecdir/plugins/backends"]), + [AC_SUBST(backenddir, "$withval")], + [AC_SUBST(backenddir, "${ipsecdir}/plugins/backends")] +) + +AC_ARG_WITH( + [interfacedir], + AS_HELP_STRING([--with-interfacedir=dir],[path for pluggable control interface modules other than "ipsecdir/plugins/interfaces"]), + [AC_SUBST(interfacedir, "$withval")], + [AC_SUBST(interfacedir, "${ipsecdir}/plugins/interfaces")] ) AC_ARG_WITH( @@ -114,6 +128,26 @@ AC_ARG_ENABLE( AM_CONDITIONAL(USE_LIBLDAP, test x$ldap = xtrue) AC_ARG_ENABLE( + [dbus], + AS_HELP_STRING([--enable-dbus],[enable DBUS configuration and control interface (default is NO). Requires libdbus.]), + [if test x$enableval = xyes; then + dbus=true + AC_DEFINE(LIBDBUS) + fi] +) +AM_CONDITIONAL(USE_LIBDBUS, test x$dbus = xtrue) + +AC_ARG_ENABLE( + [xml], + AS_HELP_STRING([--enable-xml],[enable XML configuration and control interface (default is NO). Requires libxml.]), + [if test x$enableval = xyes; then + xml=true + AC_DEFINE(LIBXML) + fi] +) +AM_CONDITIONAL(USE_LIBXML, test x$xml = xtrue) + +AC_ARG_ENABLE( [smartcard], AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]), [if test x$enableval = xyes; then @@ -199,6 +233,17 @@ if test "$http" = "true"; then AC_HAVE_LIBRARY([curl],[LIBS="$LIBS"],[AC_MSG_ERROR([HTTP enabled, but library curl not found])]) fi +if test "$dbus" = "true"; then + PKG_CHECK_MODULES(dbus, dbus-1,, AC_MSG_ERROR([No libdbus package information found])) + AC_SUBST(dbus_CFLAGS) + AC_SUBST(dbus_LIBS) +fi + +if test "$xml" = "true"; then + PKG_CHECK_MODULES(xml, libxml-2.0,, AC_MSG_ERROR([No libxml2 package information found])) + AC_SUBST(xml_CFLAGS) + AC_SUBST(xml_LIBS) +fi dnl ============================= dnl check required header files @@ -236,7 +281,6 @@ AC_OUTPUT( src/pluto/Makefile src/whack/Makefile src/charon/Makefile -dnl src/charon/testing/Makefile src/stroke/Makefile src/ipsec/Makefile src/starter/Makefile diff --git a/src/charon/Makefile.am b/src/charon/Makefile.am index 2dad4915c..48696b23c 100644 --- a/src/charon/Makefile.am +++ b/src/charon/Makefile.am @@ -1,17 +1,4 @@ -# SUBDIRS = . testing -eap_LTLIBRARIES = libeapidentity.la - -# always build EAP Identity module -libeapidentity_la_SOURCES = sa/authenticators/eap/eap_identity.h sa/authenticators/eap/eap_identity.c -libeapidentity_la_LDFLAGS = -module - -# build optional EAP modules -if BUILD_EAP_SIM - eap_LTLIBRARIES += libeapsim.la - libeapsim_la_SOURCES = sa/authenticators/eap/eap_sim.h sa/authenticators/eap/eap_sim.c - libeapsim_la_LDFLAGS = -module -endif ipsec_PROGRAMS = charon @@ -20,16 +7,14 @@ bus/bus.c bus/bus.h \ bus/listeners/file_logger.c bus/listeners/file_logger.h \ bus/listeners/sys_logger.c bus/listeners/sys_logger.h \ config/backends/backend.h \ -config/backends/local_backend.c config/backends/local_backend.h \ -config/cfg_store.c config/cfg_store.h \ +config/backend_manager.c config/backend_maanger.h \ config/child_cfg.c config/child_cfg.h \ config/credentials/local_credential_store.c config/credentials/local_credential_store.h \ config/ike_cfg.c config/ike_cfg.h \ config/peer_cfg.c config/peer_cfg.h \ config/proposal.c config/proposal.h \ config/traffic_selector.c config/traffic_selector.h \ -control/controller.c control/controller.h \ -control/stroke_interface.c control/stroke_interface.h \ +control/interface_manager.c control/interface_manager.h \ daemon.c daemon.h \ encoding/generator.c encoding/generator.h \ encoding/message.c encoding/message.h \ @@ -103,10 +88,58 @@ sa/tasks/task.c sa/tasks/task.h INCLUDES = -I${linuxdir} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon -I$(top_srcdir)/src/stroke -AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" -DIPSEC_EAPDIR=\"${eapdir}\" +AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \ + -DIPSEC_EAPDIR=\"${eapdir}\" -DIPSEC_BACKENDDIR=\"${backenddir}\" -DIPSEC_INTERFACEDIR=\"${interfacedir}\" charon_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lgmp -lpthread -lm -ldl if USE_LIBCURL - charon_LDADD += -lcurl + charon_LDADD += -lcurl +endif + + +# build EAP plugins, EAP-Identity is always built +################################################# +eap_LTLIBRARIES = + +eap_LTLIBRARIES += libeapidentity.la +libeapidentity_la_SOURCES = sa/authenticators/eap/eap_identity.h sa/authenticators/eap/eap_identity.c +libeapidentity_la_LDFLAGS = -module + +if BUILD_EAP_SIM + eap_LTLIBRARIES += libeapsim.la + libeapsim_la_SOURCES = sa/authenticators/eap/eap_sim.h sa/authenticators/eap/eap_sim.c + libeapsim_la_LDFLAGS = -module +endif + +# build backends, local backend is always built +############################################### +backend_LTLIBRARIES = + +backend_LTLIBRARIES += liblocal.la +liblocal_la_SOURCES = config/backends/local_backend.h config/backends/local_backend.c +liblocal_la_LDFLAGS = -module + +# build control interfaces, stroke interface is always built +############################################################ +interface_LTLIBRARIES = + +interface_LTLIBRARIES += libstroke.la +libstroke_la_SOURCES = control/interfaces/stroke_interface.h control/interfaces/stroke_interface.c +libstroke_la_LDFLAGS = -module + +if USE_LIBDBUS + interface_LTLIBRARIES += libdbus.la + libdbus_la_SOURCES = control/interfaces/dbus_interface.h control/interfaces/dbus_interface.c + libdbus_la_LDFLAGS = -module + libdbus_la_LIBADD = ${dbus_LIBS} + INCLUDES += ${dbus_CFLAGS} +endif + +if USE_LIBXML + interface_LTLIBRARIES += libxml.la + libxml_la_SOURCES = control/interfaces/xml_interface.h control/interfaces/xml_interface.c + libxml_la_LDFLAGS = -module + libxml_la_LIBADD = ${xml_LIBS} + INCLUDES += ${xml_CFLAGS} endif diff --git a/src/charon/config/backend_manager.c b/src/charon/config/backend_manager.c new file mode 100644 index 000000000..186273b6e --- /dev/null +++ b/src/charon/config/backend_manager.c @@ -0,0 +1,244 @@ +/** + * @file backend_manager.c + * + * @brief Implementation of backend_manager_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "backend_manager.h" + +#include <sys/types.h> +#include <dirent.h> +#include <sys/stat.h> +#include <dlfcn.h> + +#include <daemon.h> +#include <utils/linked_list.h> +#include <config/backends/writeable_backend.h> + + +typedef struct private_backend_manager_t private_backend_manager_t; + +/** + * Private data of an backend_manager_t object. + */ +struct private_backend_manager_t { + + /** + * Public part of backend_manager_t object. + */ + backend_manager_t public; + + /** + * list of registered backends + */ + linked_list_t *backends; + + /** + * Additional list of writable backends. + */ + linked_list_t *writeable; + + /** + * List of dlopen() handles we used to open backends + */ + linked_list_t *handles; +}; + +/** + * implements backend_manager_t.get_ike_cfg. + */ +static ike_cfg_t *get_ike_cfg(private_backend_manager_t *this, + host_t *my_host, host_t *other_host) +{ + backend_t *backend; + ike_cfg_t *config = NULL; + iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE); + while (config == NULL && iterator->iterate(iterator, (void**)&backend)) + { + config = backend->get_ike_cfg(backend, my_host, other_host); + } + iterator->destroy(iterator); + return config; +} + +/** + * implements backend_manager_t.get_peer_cfg. + */ +static peer_cfg_t *get_peer_cfg(private_backend_manager_t *this, + identification_t *my_id, identification_t *other_id, + identification_t *other_ca, char *other_group, + host_t *my_host, host_t *other_host) +{ + backend_t *backend; + peer_cfg_t *config = NULL; + iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE); + while (config == NULL && iterator->iterate(iterator, (void**)&backend)) + { + config = backend->get_peer_cfg(backend, my_id, other_id, other_ca, + other_group, my_host, other_host); + } + iterator->destroy(iterator); + return config; +} + +/** + * implements backend_manager_t.add_peer_cfg. + */ +static void add_peer_cfg(private_backend_manager_t *this, peer_cfg_t *config) +{ + writeable_backend_t *backend; + + if (this->writeable->get_first(this->writeable, (void**)&backend) == SUCCESS) + { + backend->add_cfg(backend, config); + } +} + +/** + * implements backend_manager_t.create_iterator. + */ +static iterator_t* create_iterator(private_backend_manager_t *this) +{ + writeable_backend_t *backend; + + if (this->writeable->get_first(this->writeable, (void**)&backend) == SUCCESS) + { + return backend->create_iterator(backend); + } + /* give out an empty iterator if we have no writable backend*/ + return this->writeable->create_iterator(this->writeable, TRUE); +} + +/** + * load the configuration backend modules + */ +static void load_backends(private_backend_manager_t *this) +{ + struct dirent* entry; + struct stat stb; + DIR* dir; + + if (stat(IPSEC_BACKENDDIR, &stb) == -1 || !(stb.st_mode & S_IFDIR)) + { + DBG1(DBG_CFG, "error opening backend modules directory "IPSEC_BACKENDDIR); + return; + } + + dir = opendir(IPSEC_BACKENDDIR); + if (dir == NULL) + { + DBG1(DBG_CFG, "error opening backend modules directory "IPSEC_BACKENDDIR); + return; + } + + DBG1(DBG_CFG, "loading backend modules from '"IPSEC_BACKENDDIR"'"); + + while ((entry = readdir(dir)) != NULL) + { + char file[256]; + backend_t *backend; + backend_constructor_t constructor; + void *handle; + char *ending; + + snprintf(file, sizeof(file), IPSEC_BACKENDDIR"/%s", entry->d_name); + + if (stat(file, &stb) == -1 || !(stb.st_mode & S_IFREG)) + { + DBG2(DBG_CFG, " skipping %s, doesn't look like a file", + entry->d_name); + continue; + } + ending = entry->d_name + strlen(entry->d_name) - 3; + if (ending <= entry->d_name || !streq(ending, ".so")) + { + /* skip anything which does not look like a library */ + DBG2(DBG_CFG, " skipping %s, doesn't look like a library", + entry->d_name); + continue; + } + /* try to load the library */ + handle = dlopen(file, RTLD_LAZY); + if (handle == NULL) + { + DBG1(DBG_CFG, " opening backend module %s failed: %s", + entry->d_name, dlerror()); + continue; + } + constructor = dlsym(handle, "backend_create"); + if (constructor == NULL) + { + DBG1(DBG_CFG, " backend module %s has no backend_create() " + "function, skipped", entry->d_name); + dlclose(handle); + continue; + } + + backend = constructor(); + if (backend == NULL) + { + DBG1(DBG_CFG, " unable to create instance of backend " + "module %s, skipped", entry->d_name); + dlclose(handle); + continue; + } + DBG1(DBG_CFG, " loaded backend module successfully from %s", entry->d_name); + this->backends->insert_last(this->backends, backend); + if (backend->is_writeable(backend)) + { + this->writeable->insert_last(this->writeable, backend); + } + this->handles->insert_last(this->handles, handle); + } + closedir(dir); +} + +/** + * Implementation of backend_manager_t.destroy. + */ +static void destroy(private_backend_manager_t *this) +{ + this->backends->destroy_offset(this->backends, offsetof(backend_t, destroy)); + this->writeable->destroy(this->writeable); + this->handles->destroy_function(this->handles, (void*)dlclose); + free(this); +} + +/* + * Described in header-file + */ +backend_manager_t *backend_manager_create() +{ + private_backend_manager_t *this = malloc_thing(private_backend_manager_t); + + this->public.get_ike_cfg = (ike_cfg_t*(*)(backend_manager_t*, host_t *, host_t *))get_ike_cfg; + this->public.get_peer_cfg = (peer_cfg_t*(*)(backend_manager_t*, identification_t *, identification_t *))get_peer_cfg; + this->public.add_peer_cfg = (void(*)(backend_manager_t*, peer_cfg_t*))add_peer_cfg; + this->public.create_iterator = (iterator_t*(*)(backend_manager_t*))create_iterator; + this->public.destroy = (void(*)(backend_manager_t*))destroy; + + this->backends = linked_list_create(); + this->writeable = linked_list_create(); + this->handles = linked_list_create(); + + load_backends(this); + + return &this->public; +} + diff --git a/src/charon/config/cfg_store.h b/src/charon/config/backend_manager.h index be36cd399..07cd9c541 100644 --- a/src/charon/config/cfg_store.h +++ b/src/charon/config/backend_manager.h @@ -1,7 +1,7 @@ /** - * @file cfg_store.h + * @file backend_manager.h * - * @brief Interface cfg_store_t. + * @brief Interface backend_manager_t. * */ @@ -20,10 +20,10 @@ * for more details. */ -#ifndef CFG_STORE_H_ -#define CFG_STORE_H_ +#ifndef BACKEND_MANAGER_H_ +#define BACKEND_MANAGER_H_ -typedef struct cfg_store_t cfg_store_t; +typedef struct backend_manager_t backend_manager_t; #include <library.h> #include <utils/host.h> @@ -34,9 +34,9 @@ typedef struct cfg_store_t cfg_store_t; /** - * @brief A multiplexer to use multiple cfg_store backends. + * @brief A multiplexer to use multiple backends. * - * Charon allows the use of multiple cfg_store backends simultaneously. To + * Charon allows the use of multiple backend_manager backends simultaneously. To * access all this backends by a single call, this class wraps multiple * backends behind a single object. * Backends may be registered and unregister at runtime dynamically. @@ -44,22 +44,20 @@ typedef struct cfg_store_t cfg_store_t; +---------+ +-----------+ +--------------+ | | | | | +--------------+ | | - | daemon |----->| cfg_store | +--------------+ |-+ <==|==> IPC - | core | | |---->| backends |-+ | + | daemon |----->| backend_- | +--------------+ |-+ <==|==> IPC + | core | | manager |---->| backends |-+ | | |----->| | +--------------+ | | | | | | +---------+ +-----------+ | @endverbatim - * Configuration lookup is done only when acting as responder. For initating - * the corresponding controller is responsible to get a config to initiate. * * @b Constructors: - * - cfg_store_create() + * - backend_manager_create() * * @ingroup config */ -struct cfg_store_t { +struct backend_manager_t { /** * @brief Get an ike_config identified by two hosts. @@ -69,7 +67,7 @@ struct cfg_store_t { * @param other_host address of remote host * @return matching ike_config, or NULL if none found */ - ike_cfg_t *(*get_ike_cfg)(cfg_store_t *this, + ike_cfg_t *(*get_ike_cfg)(backend_manager_t *this, host_t *my_host, host_t *other_host); /** @@ -80,40 +78,41 @@ struct cfg_store_t { * @param other_id peers ID * @return matching peer_config, or NULL if none found */ - peer_cfg_t *(*get_peer_cfg)(cfg_store_t *this, identification_t *my_id, + peer_cfg_t *(*get_peer_cfg)(backend_manager_t *this, identification_t *my_id, identification_t *other_id); /** - * @brief Register a backend to be queried by the calls above. + * @brief Add a peer_config to the first found writable backend. * - * The backend first added is the most preferred. - * - * @param this calling object + * @param this calling object + * @param config peer_config to add to the backend */ - void (*register_backend) (cfg_store_t *this, backend_t *backend); + void (*add_peer_cfg)(backend_manager_t *this, peer_cfg_t *config); /** - * @brief Unregister a backend. + * @brief Create an iterator over all peer configs of the writable backend. * - * @param this calling object + * @param this calling object + * @return iterator over peer configs */ - void (*unregister_backend) (cfg_store_t *this, backend_t *backend); + iterator_t* (*create_iterator)(backend_manager_t *this); /** - * @brief Destroys a cfg_store_t object. + * @brief Destroys a backend_manager_t object. * * @param this calling object */ - void (*destroy) (cfg_store_t *this); + void (*destroy) (backend_manager_t *this); }; /** - * @brief Create a new instance of the store. + * @brief Create a new instance of the manager and loads all backends. * - * @return cfg_store instance + * @return backend_manager instance * * @ingroup config */ -cfg_store_t *cfg_store_create(void); +backend_manager_t *backend_manager_create(void); + +#endif /*BACKEND_MANAGER_H_*/ -#endif /*CFG_STORE_H_*/ diff --git a/src/charon/config/backends/backend.h b/src/charon/config/backends/backend.h index 52df0a287..5f9543028 100644 --- a/src/charon/config/backends/backend.h +++ b/src/charon/config/backends/backend.h @@ -30,7 +30,6 @@ typedef struct backend_t backend_t; #include <config/peer_cfg.h> #include <utils/linked_list.h> - /** * @brief The interface for a configuration backend. * @@ -54,28 +53,48 @@ struct backend_t { * @return matching ike_config, or NULL if none found */ ike_cfg_t *(*get_ike_cfg)(backend_t *this, - host_t *my_host, host_t *other_host); + host_t *my_host, host_t *other_host); /** * @brief Get a peer_cfg identified by two IDs. + * + * Select a config for two IDs, the others certificate issuer, and + * a AC certificate group. The hosts are just a hint to select the + * correct config if multiple configs match. * * @param this calling object * @param my_id own ID * @param other_id peers ID + * @param my_host address of own host + * @param other_host address of remote host * @return matching peer_config, or NULL if none found */ peer_cfg_t *(*get_peer_cfg)(backend_t *this, - identification_t *my_id, - identification_t *other_id); + identification_t *my_id, identification_t *other_id, + identification_t *other_ca, char *other_group, + host_t *my_host, host_t *other_host); /** - * @brief Get a peer_cfg identified by its name. + * @brief Check if a backend is writable and implements writable_backend_t. * - * @param this calling object - * @param name configs name - * @return matching peer_config, or NULL if none found + * @param this calling object + * @return TRUE if backend implements writable_backend_t. + */ + bool (*is_writeable)(backend_t *this); + + /** + * @brief Destroy a backend. + * + * @param this calling object */ - peer_cfg_t *(*get_peer_cfg_by_name)(backend_t *this, char *name); + void (*destroy)(backend_t *this); }; + +/** + * Construction to create a backend. + */ +typedef backend_t*(*backend_constructor_t)(void); + #endif /* BACKEND_H_ */ + diff --git a/src/charon/config/backends/local_backend.c b/src/charon/config/backends/local_backend.c index be6fc923b..b1e68ee6f 100644 --- a/src/charon/config/backends/local_backend.c +++ b/src/charon/config/backends/local_backend.c @@ -52,7 +52,7 @@ struct private_local_backend_t { }; /** - * implements cfg_store_t.get_ike_cfg. + * implements backen_t.get_ike_cfg. */ static ike_cfg_t *get_ike_cfg(private_local_backend_t *this, host_t *my_host, host_t *other_host) @@ -116,11 +116,12 @@ static ike_cfg_t *get_ike_cfg(private_local_backend_t *this, } /** - * implements cfg_store_t.get_peer. + * implements backend_t.get_peer. */ -static peer_cfg_t *get_peer_cfg(private_local_backend_t *this, - identification_t *my_id, - identification_t *other_id) +static peer_cfg_t *get_peer_cfg(private_local_backend_t *this, + identification_t *my_id, identification_t *other_id, + identification_t *other_ca, char *other_group, + host_t *my_host, host_t *other_host) { peer_cfg_t *current, *found = NULL; iterator_t *iterator; @@ -166,58 +167,25 @@ static peer_cfg_t *get_peer_cfg(private_local_backend_t *this, } /** - * implements cfg_store_t.get_peer_by_name. - */ -static peer_cfg_t *get_peer_cfg_by_name(private_local_backend_t *this, - char *name) + * Implementation of backend_t.is_writable. + */ +static bool is_writeable(private_local_backend_t *this) { - iterator_t *i1, *i2; - peer_cfg_t *current, *found = NULL; - child_cfg_t *child; - - i1 = this->cfgs->create_iterator(this->cfgs, TRUE); - while (i1->iterate(i1, (void**)¤t)) - { - /* compare peer_cfgs name first */ - if (streq(current->get_name(current), name)) - { - found = current; - found->get_ref(found); - break; - } - /* compare all child_cfg names otherwise */ - i2 = current->create_child_cfg_iterator(current); - while (i2->iterate(i2, (void**)&child)) - { - if (streq(child->get_name(child), name)) - { - found = current; - found->get_ref(found); - break; - } - } - i2->destroy(i2); - if (found) - { - break; - } - } - i1->destroy(i1); - return found; + return TRUE; } /** - * Implementation of local_backend_t.create_peer_cfg_iterator. + * Implementation of writable_backend_t.create_iterator. */ -static iterator_t* create_peer_cfg_iterator(private_local_backend_t *this) +static iterator_t* create_iterator(private_local_backend_t *this) { return this->cfgs->create_iterator_locked(this->cfgs, &this->mutex); } /** - * Implementation of local_backend_t.add_peer_cfg. + * Implementation of writable_backend_t.add_peer_cfg. */ -static void add_peer_cfg(private_local_backend_t *this, peer_cfg_t *config) +static void add_cfg(private_local_backend_t *this, peer_cfg_t *config) { pthread_mutex_lock(&this->mutex); this->cfgs->insert_last(this->cfgs, config); @@ -225,7 +193,7 @@ static void add_peer_cfg(private_local_backend_t *this, peer_cfg_t *config) } /** - * Implementation of local_backend_t.destroy. + * Implementation of backend_t.destroy. */ static void destroy(private_local_backend_t *this) { @@ -236,20 +204,20 @@ static void destroy(private_local_backend_t *this) /** * Described in header. */ -local_backend_t *local_backend_create(void) +backend_t *backend_create(void) { private_local_backend_t *this = malloc_thing(private_local_backend_t); - this->public.backend.get_ike_cfg = (ike_cfg_t*(*)(backend_t*, host_t *, host_t *))get_ike_cfg; - this->public.backend.get_peer_cfg = (peer_cfg_t*(*)(backend_t*, identification_t *, identification_t *))get_peer_cfg; - this->public.create_peer_cfg_iterator = (iterator_t*(*)(local_backend_t*))create_peer_cfg_iterator; - this->public.get_peer_cfg_by_name = (peer_cfg_t*(*)(local_backend_t*, char *))get_peer_cfg_by_name; - this->public.add_peer_cfg = (void(*)(local_backend_t*, peer_cfg_t *))add_peer_cfg; - this->public.destroy = (void(*)(local_backend_t*))destroy; + this->public.backend.backend.get_ike_cfg = (ike_cfg_t*(*)(backend_t*, host_t *, host_t *))get_ike_cfg; + this->public.backend.backend.get_peer_cfg = (peer_cfg_t*(*)(backend_t*,identification_t*,identification_t*,identification_t*,char*,host_t*,host_t*))get_peer_cfg; + this->public.backend.backend.is_writeable = (bool(*)(backend_t*))is_writeable; + this->public.backend.backend.destroy = (void(*)(backend_t*))destroy; + this->public.backend.create_iterator = (iterator_t*(*)(writeable_backend_t*))create_iterator; + this->public.backend.add_cfg = (void(*)(writeable_backend_t*, peer_cfg_t *))add_cfg; /* private variables */ this->cfgs = linked_list_create(); pthread_mutex_init(&this->mutex, NULL); - return (&this->public); + return (&this->public.backend.backend); } diff --git a/src/charon/config/backends/local_backend.h b/src/charon/config/backends/local_backend.h index 4caf4a896..f3538eab2 100644 --- a/src/charon/config/backends/local_backend.h +++ b/src/charon/config/backends/local_backend.h @@ -26,13 +26,13 @@ typedef struct local_backend_t local_backend_t; #include <library.h> -#include <config/backends/backend.h> +#include <config/backends/writeable_backend.h> /** * @brief An in-memory backend to store configuration information. * - * The local_backend_t stores the configuration in a simple list. Additional - * to the backend_t functionality, it adds the modification (add/remove). + * The local_backend_t stores the configuration in a simple list. It + * implements both, backend_t and writeable_backend_t. * * @b Constructors: * - local_backend_create() @@ -42,50 +42,19 @@ typedef struct local_backend_t local_backend_t; struct local_backend_t { /** - * Implements backend_t interface + * Implements writable_backend_t interface */ - backend_t backend; - - /** - * @brief Add a peer_config to the backend. - * - * @param this calling object - * @param config peer_config to add to the backend - */ - void (*add_peer_cfg)(local_backend_t *this, peer_cfg_t *config); - - /** - * @brief Get a peer_config identified by name, or a name of its child_cfgs. - * - * @param this calling object - * @param name name of the peer config - * @return matching peer_config, or NULL if none found - */ - peer_cfg_t *(*get_peer_cfg_by_name)(local_backend_t *this, char *name); - - /** - * @brief Create an iterator over all peer configs. - * - * @param this calling object - * @return iterator over peer configs - */ - iterator_t* (*create_peer_cfg_iterator)(local_backend_t *this); - - /** - * @brief Destroy a local backend. - * - * @param this calling object - */ - void (*destroy)(local_backend_t *this); + writeable_backend_t backend; }; /** - * @brief Creates a local_backend_t instance. + * @brief Create a backend_t instance implemented as local backend. * - * @return local_backend instance. + * @return backend instance. * * @ingroup backends */ -local_backend_t *local_backend_create(void); +backend_t *backend_create(void); #endif /* LOCAL_BACKEND_H_ */ + diff --git a/src/charon/config/backends/writeable_backend.h b/src/charon/config/backends/writeable_backend.h new file mode 100644 index 000000000..4771a0cff --- /dev/null +++ b/src/charon/config/backends/writeable_backend.h @@ -0,0 +1,64 @@ +/** + * @file writeable_backend.h + * + * @brief Interface of writeable_backend_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef WRITEABLE_BACKEND_H_ +#define WRITEABLE_BACKEND_H_ + +typedef struct writeable_backend_t writeable_backend_t; + +#include <library.h> +#include <config/backends/backend.h> + +/** + * @brief A writeable backend extends the backend by modification functions. + * + * @b Constructors: + * - writeable_backend_create() + * + * @ingroup backends + */ +struct writeable_backend_t { + + /** + * Implements backend_t interface + */ + backend_t backend; + + /** + * @brief Add a peer_config to the backend. + * + * @param this calling object + * @param config peer_config to add to the backend + */ + void (*add_cfg)(writeable_backend_t *this, peer_cfg_t *config); + + /** + * @brief Create an iterator over all peer configs. + * + * @param this calling object + * @return iterator over peer configs + */ + iterator_t* (*create_iterator)(writeable_backend_t *this); +}; + +#endif /* WRITEABLE_BACKEND_H_ */ + diff --git a/src/charon/config/cfg_store.c b/src/charon/config/cfg_store.c deleted file mode 100644 index ef945da90..000000000 --- a/src/charon/config/cfg_store.c +++ /dev/null @@ -1,146 +0,0 @@ -/** - * @file cfg_store.c - * - * @brief Implementation of cfg_store_t. - * - */ - -/* - * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <pthread.h> - -#include "cfg_store.h" - -#include <library.h> -#include <utils/linked_list.h> - - -typedef struct private_cfg_store_t private_cfg_store_t; - -/** - * Private data of an cfg_store_t object. - */ -struct private_cfg_store_t { - - /** - * Public part of cfg_store_t object. - */ - cfg_store_t public; - - /** - * list of registered backends - */ - linked_list_t *backends; - - /** - * mutex to lock backend list - */ - pthread_mutex_t mutex; -}; - -/** - * implements cfg_store_t.get_ike. - */ -static ike_cfg_t *get_ike_cfg(private_cfg_store_t *this, - host_t *my_host, host_t *other_host) -{ - backend_t *backend; - ike_cfg_t *config = NULL; - iterator_t *iterator = this->backends->create_iterator_locked( - this->backends, &this->mutex); - while (config == NULL && iterator->iterate(iterator, (void**)&backend)) - { - config = backend->get_ike_cfg(backend, my_host, other_host); - } - iterator->destroy(iterator); - return config; -} - -/** - * implements cfg_store_t.get_peer. - */ -static peer_cfg_t *get_peer_cfg(private_cfg_store_t *this, - identification_t *my_id, - identification_t *other_id) -{ - backend_t *backend; - peer_cfg_t *config = NULL; - iterator_t *iterator = this->backends->create_iterator_locked( - this->backends, &this->mutex); - while (config == NULL && iterator->iterate(iterator, (void**)&backend)) - { - config = backend->get_peer_cfg(backend, my_id, other_id); - } - iterator->destroy(iterator); - return config; -} - -/** - * implements cfg_store_t.register_backend. - */ -static void register_backend(private_cfg_store_t *this, backend_t *backend) -{ - pthread_mutex_lock(&this->mutex); - this->backends->insert_last(this->backends, backend); - pthread_mutex_unlock(&this->mutex); -} - -/** - * implements cfg_store_t.unregister_backend. - */ -static void unregister_backend(private_cfg_store_t *this, backend_t *backend) -{ - backend_t *current; - iterator_t *iterator = this->backends->create_iterator_locked( - this->backends, &this->mutex); - while (iterator->iterate(iterator, (void**)¤t)) - { - if (backend == current) - { - iterator->remove(iterator); - break; - } - } - iterator->destroy(iterator); -} - -/** - * Implementation of cfg_store_t.destroy. - */ -static void destroy(private_cfg_store_t *this) -{ - this->backends->destroy(this->backends); - free(this); -} - -/* - * Described in header-file - */ -cfg_store_t *cfg_store_create() -{ - private_cfg_store_t *this = malloc_thing(private_cfg_store_t); - - this->public.get_ike_cfg = (ike_cfg_t*(*)(cfg_store_t*, host_t *, host_t *))get_ike_cfg; - this->public.get_peer_cfg = (peer_cfg_t*(*)(cfg_store_t*, identification_t *, identification_t *))get_peer_cfg; - this->public.register_backend = (void(*)(cfg_store_t*, backend_t *))register_backend; - this->public.unregister_backend = (void(*)(cfg_store_t*, backend_t *))unregister_backend; - this->public.destroy = (void(*)(cfg_store_t*))destroy; - - this->backends = linked_list_create(); - pthread_mutex_init(&this->mutex, NULL); - - return &this->public; -} diff --git a/src/charon/control/controller.c b/src/charon/control/controller.c deleted file mode 100644 index 8e0268e6a..000000000 --- a/src/charon/control/controller.c +++ /dev/null @@ -1,134 +0,0 @@ -/** - * @file controller.c - * - * @brief Implementation of controller_t. - * - */ - -/* - * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "controller.h" - -#include <daemon.h> -#include <library.h> -#include <processing/job_queue.h> -#include <processing/jobs/initiate_job.h> - - -typedef struct private_controller_t private_controller_t; - -/** - * Private data of an stroke_t object. - */ -struct private_controller_t { - - /** - * Public part of stroke_t object. - */ - controller_t public; -}; - -/** - * Implementation of controller_t.initiate. - */ -static status_t initiate(private_controller_t *this, - peer_cfg_t *peer_cfg, child_cfg_t *child_cfg, - bool(*cb)(void*,signal_t,level_t,ike_sa_t*,char*,va_list), - void *param) -{ - ike_sa_t *ours = NULL; - job_t *job; - status_t retval; - - charon->bus->set_listen_state(charon->bus, TRUE); - - job = (job_t*)initiate_job_create(peer_cfg, child_cfg); - charon->job_queue->add(charon->job_queue, job); - - while (TRUE) - { - level_t level; - signal_t signal; - int thread; - ike_sa_t *ike_sa; - char* format; - va_list args; - - signal = charon->bus->listen(charon->bus, &level, &thread, - &ike_sa, &format, &args); - - if (ike_sa == ours || ours == NULL) - { - if (!cb(param, signal, level, ike_sa, format, args)) - { - charon->bus->set_listen_state(charon->bus, FALSE); - return NEED_MORE; - } - } - - switch (signal) - { - case CHILD_UP_SUCCESS: - if (ike_sa == ours) - { - retval = SUCCESS; - break; - } - continue; - case CHILD_UP_FAILED: - case IKE_UP_FAILED: - if (ike_sa == ours) - { - retval = FAILED; - break; - } - continue; - case CHILD_UP_START: - case IKE_UP_START: - if (ours == NULL) - { - ours = ike_sa; - } - continue; - default: - continue; - } - break; - } - charon->bus->set_listen_state(charon->bus, FALSE); - return retval; -} - -/** - * Implementation of stroke_t.destroy. - */ -static void destroy(private_controller_t *this) -{ - free(this); -} - -/* - * Described in header-file - */ -controller_t *controller_create(void) -{ - private_controller_t *this = malloc_thing(private_controller_t); - - this->public.initiate = (status_t(*)(controller_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate; - this->public.destroy = (void (*)(controller_t*))destroy; - - return &this->public; -} diff --git a/src/charon/control/interface_manager.c b/src/charon/control/interface_manager.c new file mode 100644 index 000000000..5f4a7e810 --- /dev/null +++ b/src/charon/control/interface_manager.c @@ -0,0 +1,239 @@ +/** + * @file interface_manager.c + * + * @brief Implementation of interface_manager_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "interface_manager.h" + +#include <sys/types.h> +#include <dirent.h> +#include <sys/stat.h> +#include <dlfcn.h> + +#include <daemon.h> +#include <library.h> +#include <control/interfaces/interface.h> +#include <processing/job_queue.h> +#include <processing/jobs/initiate_job.h> + + +typedef struct private_interface_manager_t private_interface_manager_t; + +/** + * Private data of an stroke_t object. + */ +struct private_interface_manager_t { + + /** + * Public part of stroke_t object. + */ + interface_manager_t public; + + /** + * a list of all loaded interfaces + */ + linked_list_t *interfaces; + + /** + * dlopen() handles of interfaces + */ + linked_list_t *handles; +}; + +/** + * Implementation of interface_manager_t.initiate. + */ +static status_t initiate(private_interface_manager_t *this, + peer_cfg_t *peer_cfg, child_cfg_t *child_cfg, + bool(*cb)(void*,signal_t,level_t,ike_sa_t*,char*,va_list), + void *param) +{ + ike_sa_t *ours = NULL; + job_t *job; + status_t retval; + + charon->bus->set_listen_state(charon->bus, TRUE); + + job = (job_t*)initiate_job_create(peer_cfg, child_cfg); + charon->job_queue->add(charon->job_queue, job); + + while (TRUE) + { + level_t level; + signal_t signal; + int thread; + ike_sa_t *ike_sa; + char* format; + va_list args; + + signal = charon->bus->listen(charon->bus, &level, &thread, + &ike_sa, &format, &args); + + if (cb && (ike_sa == ours || ours == NULL)) + { + if (!cb(param, signal, level, ike_sa, format, args)) + { + charon->bus->set_listen_state(charon->bus, FALSE); + return NEED_MORE; + } + } + + switch (signal) + { + case CHILD_UP_SUCCESS: + if (ike_sa == ours) + { + retval = SUCCESS; + break; + } + continue; + case CHILD_UP_FAILED: + case IKE_UP_FAILED: + if (ike_sa == ours) + { + retval = FAILED; + break; + } + continue; + case CHILD_UP_START: + case IKE_UP_START: + if (ours == NULL) + { + ours = ike_sa; + } + continue; + default: + continue; + } + break; + } + charon->bus->set_listen_state(charon->bus, FALSE); + return retval; +} + +/** + * load the control interface modules + */ +static void load_interfaces(private_interface_manager_t *this) +{ + struct dirent* entry; + struct stat stb; + DIR* dir; + + if (stat(IPSEC_INTERFACEDIR, &stb) == -1 || !(stb.st_mode & S_IFDIR)) + { + DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR); + return; + } + + dir = opendir(IPSEC_INTERFACEDIR); + if (dir == NULL) + { + DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR); + return; + } + + DBG1(DBG_CFG, "loading control interface modules from '"IPSEC_INTERFACEDIR"'"); + + while ((entry = readdir(dir)) != NULL) + { + char file[256]; + interface_t *interface; + interface_constructor_t constructor; + void *handle; + char *ending; + + snprintf(file, sizeof(file), IPSEC_INTERFACEDIR"/%s", entry->d_name); + + if (stat(file, &stb) == -1 || !(stb.st_mode & S_IFREG)) + { + DBG2(DBG_CFG, " skipping %s, doesn't look like a file", + entry->d_name); + continue; + } + ending = entry->d_name + strlen(entry->d_name) - 3; + if (ending <= entry->d_name || !streq(ending, ".so")) + { + /* skip anything which does not look like a library */ + DBG2(DBG_CFG, " skipping %s, doesn't look like a library", + entry->d_name); + continue; + } + /* try to load the library */ + handle = dlopen(file, RTLD_LAZY); + if (handle == NULL) + { + DBG1(DBG_CFG, " opening control interface module %s failed: %s", + entry->d_name, dlerror()); + continue; + } + constructor = dlsym(handle, "interface_create"); + if (constructor == NULL) + { + DBG1(DBG_CFG, " interface module %s has no interface_create() " + "function, skipped", entry->d_name); + dlclose(handle); + continue; + } + + interface = constructor(); + if (interface == NULL) + { + DBG1(DBG_CFG, " unable to create instance of interface " + "module %s, skipped", entry->d_name); + dlclose(handle); + continue; + } + DBG1(DBG_CFG, " loaded control interface module successfully from %s", entry->d_name); + this->interfaces->insert_last(this->interfaces, interface); + this->handles->insert_last(this->handles, handle); + } + closedir(dir); +} + + +/** + * Implementation of stroke_t.destroy. + */ +static void destroy(private_interface_manager_t *this) +{ + this->interfaces->destroy_offset(this->interfaces, offsetof(interface_t, destroy)); + this->handles->destroy_function(this->handles, (void*)dlclose); + free(this); +} + +/* + * Described in header-file + */ +interface_manager_t *interface_manager_create(void) +{ + private_interface_manager_t *this = malloc_thing(private_interface_manager_t); + + this->public.initiate = (status_t(*)(interface_manager_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate; + this->public.destroy = (void (*)(interface_manager_t*))destroy; + + this->interfaces = linked_list_create(); + this->handles = linked_list_create(); + + load_interfaces(this); + + return &this->public; +} + diff --git a/src/charon/control/controller.h b/src/charon/control/interface_manager.h index 7dc4b6704..57121c833 100644 --- a/src/charon/control/controller.h +++ b/src/charon/control/interface_manager.h @@ -1,7 +1,7 @@ /** - * @file controller.h + * @file interface_manager.h * - * @brief Interface of controller_t. + * @brief Interface of interface_manager_t. * */ @@ -20,13 +20,13 @@ * for more details. */ -#ifndef CONTROLLER_H_ -#define CONTROLLER_H_ +#ifndef INTERFACE_MANAGER_H_ +#define INTERFACE_MANAGER_H_ #include <bus/bus.h> /** - * callback to log things triggered by controller + * callback to log things triggered by interface_manager * * @param param echoed parameter supplied when function invoked * @param signal type of signal @@ -37,23 +37,23 @@ * @return FALSE to return from invoked function * @ingroup control */ -typedef bool(*controller_cb_t)(void* param, signal_t signal, level_t level, +typedef bool(*interface_manager_cb_t)(void* param, signal_t signal, level_t level, ike_sa_t* ike_sa, char* format, va_list args); -typedef struct controller_t controller_t; +typedef struct interface_manager_t interface_manager_t; /** - * @brief The controller controls the daemon. + * @brief The interface_manager controls the daemon. * - * The controller starts actions by creating jobs. It then tries to + * The interface_manager starts actions by creating jobs. It then tries to * evaluate the result of the operation by listening on the bus. * * @b Constructors: - * - controller_create() + * - interface_manager_create() * * @ingroup control */ -struct controller_t { +struct interface_manager_t { /** * @brief Initiate a CHILD_SA, and if required, an IKE_SA. @@ -68,26 +68,27 @@ struct controller_t { * - FAILED, if setup failed * - NEED_MORE, if callback returned FALSE */ - status_t (*initiate)(controller_t *this, + status_t (*initiate)(interface_manager_t *this, peer_cfg_t *peer_cfg, child_cfg_t *child_cfg, - controller_cb_t callback, void *param); + interface_manager_cb_t callback, void *param); /** - * @brief Destroy a controller_t instance. + * @brief Destroy a interface_manager_t instance. * - * @param this controller_t objec to destroy + * @param this interface_manager_t objec to destroy */ - void (*destroy) (controller_t *this); + void (*destroy) (interface_manager_t *this); }; /** - * @brief Create a controller instance. + * @brief Create a interface_manager instance and loads all interface modules. * - * @return controller_t object + * @return interface_manager_t object * * @ingroup control */ -controller_t *controller_create(); +interface_manager_t *interface_manager_create(void); + +#endif /* INTERFACE_MANAGER_H_ */ -#endif /* CONTROLLER_H_ */ diff --git a/src/charon/control/interfaces/dbus_interface.c b/src/charon/control/interfaces/dbus_interface.c new file mode 100644 index 000000000..178f74ff5 --- /dev/null +++ b/src/charon/control/interfaces/dbus_interface.c @@ -0,0 +1,324 @@ +/** + * @file dbus_interface.c + * + * @brief Implementation of dbus_interface_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define DBUS_API_SUBJECT_TO_CHANGE +#include <dbus/dbus.h> +#include <NetworkManager/NetworkManager.h> +#include <NetworkManager/NetworkManagerVPN.h> +#include <stdlib.h> + +#include "dbus_interface.h" + +#include <library.h> +#include <daemon.h> + + +#define NM_DBUS_SERVICE_STRONG "org.freedesktop.NetworkManager.strongswan" +#define NM_DBUS_INTERFACE_STRONG "org.freedesktop.NetworkManager.strongswan" +#define NM_DBUS_PATH_STRONG "/org/freedesktop/NetworkManager/strongswan" + +typedef struct private_dbus_interface_t private_dbus_interface_t; + +/** + * Private data of an dbus_interface_t object. + */ +struct private_dbus_interface_t { + + /** + * Public part of dbus_t object. + */ + dbus_interface_t public; + + /** + * DBUS connection + */ + DBusConnection* conn; + + /** + * error value used here and there + */ + DBusError err; + + /** + * state of the daemon + */ + NMVPNState state; + + /** + * dispatcher thread for DBUS messages + */ + pthread_t thread; +}; + +/** + * set daemon state and send StateChange signal to the bus + */ +static void set_state(private_dbus_interface_t *this, NMVPNState state) +{ + DBusMessage* msg; + + msg = dbus_message_new_signal(NM_DBUS_PATH_STRONG, NM_DBUS_INTERFACE_STRONG, NM_DBUS_VPN_SIGNAL_STATE_CHANGE); + + if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &this->state, + DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID) || + !dbus_connection_send(this->conn, msg, NULL)) + { + DBG1(DBG_CFG, "unable to send DBUS StateChange signal"); + } + dbus_connection_flush(this->conn); + dbus_message_unref(msg); + this->state = state; +} + +/** + * process NetworkManagers startConnection method call + */ +static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg) +{ + DBusMessage *reply, *signal; + char *name, *user, **data, **passwords, **routes; + int data_count, passwords_count, routes_count; + u_int32_t me, other, p2p, netmask, mss; + char *dev, *domain, *banner; + const dbus_int32_t array[] = {}; + const dbus_int32_t *varray = array; + + if (!dbus_message_get_args(msg, &this->err, + DBUS_TYPE_STRING, &name, DBUS_TYPE_STRING, &user, + DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &passwords, &passwords_count, + DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &data, &data_count, + DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &routes, &routes_count, + DBUS_TYPE_INVALID)) + { + return FALSE; + } + set_state(this, NM_VPN_STATE_STARTING); + + reply = dbus_message_new_method_return(msg); + dbus_connection_send(this->conn, reply, NULL); + + signal = dbus_message_new_signal(NM_DBUS_PATH_STRONG, + NM_DBUS_INTERFACE_STRONG, + NM_DBUS_VPN_SIGNAL_IP4_CONFIG); + + me = other = p2p = mss = netmask = 0; + dev = domain = banner = ""; + if (dbus_message_append_args(signal, + DBUS_TYPE_UINT32, &other, + DBUS_TYPE_STRING, &dev, + DBUS_TYPE_UINT32, &me, + DBUS_TYPE_UINT32, &p2p, + DBUS_TYPE_UINT32, &netmask, + DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0, + DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0, + DBUS_TYPE_UINT32, &mss, + DBUS_TYPE_STRING, &domain, + DBUS_TYPE_STRING, &banner)) + { + dbus_connection_send(this->conn, signal, NULL); + } + dbus_message_unref(signal); + + set_state(this, NM_VPN_STATE_STARTED); + + dbus_connection_flush(this->conn); + dbus_message_unref(reply); + return TRUE; +} + +/** + * process NetworkManagers stopConnection method call + */ +static bool stop_connection(private_dbus_interface_t *this, DBusMessage* msg) +{ + set_state(this, NM_VPN_STATE_STOPPING); + set_state(this, NM_VPN_STATE_STOPPED); + return FALSE; +} + +/** + * process NetworkManagers getState method call + */ +static bool get_state(private_dbus_interface_t *this, DBusMessage* msg) +{ + DBusMessage* reply; + reply = dbus_message_new_method_return(msg); + if (!reply || !dbus_message_append_args(reply, + DBUS_TYPE_UINT32, &this->state, + DBUS_TYPE_INVALID)) + { + return FALSE; + } + dbus_connection_send(this->conn, reply, NULL); + return TRUE; +} + +/** + * Handle incoming messages + */ +static DBusHandlerResult message_handler(DBusConnection *con, DBusMessage *msg, + private_dbus_interface_t *this) +{ + bool handled; + + if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG, + "startConnection")) + { + handled = start_connection(this, msg); + } + else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG, + "stopConnection")) + { + handled = stop_connection(this, msg); + } + else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG, + "getState")) + { + handled = get_state(this, msg); + } + else + { + DBG1(DBG_CFG, "ignoring DBUS message %s.%s", + dbus_message_get_interface(msg), dbus_message_get_member(msg)); + handled = FALSE; + } + + if (handled) + { + return DBUS_HANDLER_RESULT_HANDLED; + } + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; +} + +/** + * Handle received signals + +static DBusHandlerResult signal_handler(DBusConnection *con, DBusMessage *msg, + private_dbus_interface_t *this) +{ + bool handled; + + if (dbus_message_is_signal(msg, NM_DBUS_INTERFACE, "VPNConnectionStateChange")) + { + NMVPNState state; + char *name; + + if (dbus_message_get_args(msg, &this->err, DBUS_TYPE_STRING, &name, + DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID)) + { + DBG1(DBG_CFG, "got state %d for %s", state, name); + } + handled = TRUE; + } + else + { + DBG1(DBG_CFG, "ignoring DBUS signal %s.%s", + dbus_message_get_interface(msg), dbus_message_get_member(msg)); + handled = FALSE; + } + if (handled) + { + return DBUS_HANDLER_RESULT_HANDLED; + } + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; +} */ + +/** + * dispatcher function processed by a seperate thread + */ +static void dispatch(private_dbus_interface_t *this) +{ + while (dbus_connection_read_write_dispatch(this->conn, -1)) + { + /* nothing */ + } +} + +/** + * Implementation of interface_t.destroy. + */ +static void destroy(private_dbus_interface_t *this) +{ + pthread_cancel(this->thread); + pthread_join(this->thread, NULL); + dbus_error_free(&this->err); + free(this); +} + +/* + * Described in header file + */ +interface_t *interface_create() +{ + int ret; + DBusObjectPathVTable v = {NULL, (void*)&message_handler, NULL, NULL, NULL, NULL}; + private_dbus_interface_t *this = malloc_thing(private_dbus_interface_t); + + this->public.interface.destroy = (void (*)(dbus_interface_t*))destroy; + + dbus_error_init(&this->err); + this->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &this->err); + if (dbus_error_is_set(&this->err)) + { + DBG1(DBG_CFG, "unable to open DBUS connection: %s", this->err.message); + charon->kill(charon, "DBUS initialization failed"); + } + + ret = dbus_bus_request_name(this->conn, NM_DBUS_SERVICE_STRONG, + DBUS_NAME_FLAG_REPLACE_EXISTING , &this->err); + if (dbus_error_is_set(&this->err)) + { + DBG1(DBG_CFG, "unable to set DBUS name: %s", this->err.message); + charon->kill(charon, "unable to set DBUS name"); + } + if (ret != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER) + { + charon->kill(charon, "DBUS name already owned"); + } + if (!dbus_connection_register_object_path(this->conn, NM_DBUS_PATH_STRONG, &v, this)) + { + charon->kill(charon, "unable to register DBUS message handler"); + } + /* + if (!dbus_connection_add_filter(this->conn, (void*)signal_handler, this, NULL)) + { + charon->kill(charon, "unable to register DBUS signal handler"); + } + + dbus_bus_add_match(this->conn, "type='signal', " + "interface='" NM_DBUS_INTERFACE_VPN "'," + "path='" NM_DBUS_PATH_VPN "'", &this->err); + if (dbus_error_is_set (&this->err)) + { + charon->kill(charon, "unable to add DBUS signal match"); + }*/ + + this->state = NM_VPN_STATE_INIT; + set_state(this, NM_VPN_STATE_STOPPED); + + if (pthread_create(&this->thread, NULL, (void*(*)(void*))dispatch, this) != 0) + { + charon->kill(charon, "unable to create stroke thread"); + } + + return &this->public; +} diff --git a/src/charon/control/interfaces/dbus_interface.h b/src/charon/control/interfaces/dbus_interface.h new file mode 100644 index 000000000..0ce57bbbc --- /dev/null +++ b/src/charon/control/interfaces/dbus_interface.h @@ -0,0 +1,57 @@ +/** + * @file dbus_interface.h + * + * @brief Interface of dbus_interface_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef DBUS_INTERFACE_H_ +#define DBUS_INTERFACE_H_ + +typedef struct dbus_interface_t dbus_interface_t; + +#include <control/interfaces/interface.h> + +/** + * @brief The DBUS interface uses the DBUS system bus to communicate. + * + * @b Constructors: + * - dbus_interface_create() + * + * @ingroup interfaces + */ +struct dbus_interface_t { + + /** + * implements interface_t. + */ + interface_t interface; +}; + + +/** + * @brief Create the DBUS interface. + * + * @return stroke_t object + * + * @ingroup interfaces + */ +interface_t *interface_create(); + +#endif /* DBUS_INTERFACE_H_ */ + diff --git a/src/charon/control/interfaces/interface.h b/src/charon/control/interfaces/interface.h new file mode 100644 index 000000000..1949556cc --- /dev/null +++ b/src/charon/control/interfaces/interface.h @@ -0,0 +1,55 @@ +/** + * @file interface.h + * + * @brief Interface of interface_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef INTERFACE_H_ +#define INTERFACE_H_ + +typedef struct interface_t interface_t; + +/** + * @brief Interface for a controller. + * + * @b Constructors: + * - interface_create() of one of the modules + * + * @ingroup interfaces + */ +struct interface_t { + + /** + * @brief Destroy all interfaces + * + * @param this stroke_t objec to destroy + */ + void (*destroy) (interface_t *this); +}; + + +/** + * Constructor in a control interface module to create the interface. + * + * @ingroup interfaces + */ +typedef interface_t*(*interface_constructor_t)(void); + +#endif /* INTERFACE_H_ */ + diff --git a/src/charon/control/stroke_interface.c b/src/charon/control/interfaces/stroke_interface.c index 9743f5778..d33cae8ed 100755 --- a/src/charon/control/stroke_interface.c +++ b/src/charon/control/interfaces/stroke_interface.c @@ -40,7 +40,8 @@ #include <crypto/x509.h> #include <crypto/ca.h> #include <crypto/crl.h> -#include <control/controller.h> +#include <control/interface_manager.h> +#include <control/interfaces/interface.h> #include <processing/jobs/initiate_job.h> #include <processing/jobs/route_job.h> #include <utils/leak_detective.h> @@ -55,19 +56,14 @@ struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET}; typedef struct private_stroke_interface_t private_stroke_interface_t; /** - * Private data of an stroke_t object. + * Private data of an stroke_interfacet object. */ struct private_stroke_interface_t { /** - * Public part of stroke_t object. + * Public part of stroke_interfacet object. */ - stroke_t public; - - /** - * backend to store configurations - */ - local_backend_t *backend; + stroke_interface_t public; /** * Unix socket to listen for strokes @@ -445,7 +441,7 @@ static void stroke_add_conn(private_stroke_interface_t *this, DBG2(DBG_CFG, " updown: '%s'", msg->add_conn.me.updown); /* have a look for an (almost) identical peer config to reuse */ - iterator = this->backend->create_peer_cfg_iterator(this->backend); + iterator = charon->backends->create_iterator(charon->backends); while (iterator->iterate(iterator, (void**)&peer_cfg)) { ike_cfg = peer_cfg->get_ike_cfg(peer_cfg); @@ -579,7 +575,7 @@ static void stroke_add_conn(private_stroke_interface_t *this, if (!use_existing) { /* add config to backend */ - this->backend->add_peer_cfg(this->backend, peer_cfg); + charon->backends->add_peer_cfg(charon->backends, peer_cfg); DBG1(DBG_CFG, "added configuration '%s': %H[%D]...%H[%D]", msg->add_conn.name, my_host, my_id, other_host, other_id); } @@ -608,7 +604,7 @@ static void stroke_del_conn(private_stroke_interface_t *this, pop_string(msg, &(msg->del_conn.name)); DBG1(DBG_CFG, "received stroke: delete connection '%s'", msg->del_conn.name); - peer_iter = this->backend->create_peer_cfg_iterator(this->backend); + peer_iter = charon->backends->create_iterator(charon->backends); while (peer_iter->iterate(peer_iter, (void**)&peer)) { /* remove peer config with such a name */ @@ -673,6 +669,46 @@ static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level, } /** + * get a peer configuration by its name, or a name of its children + */ +static peer_cfg_t *get_peer_cfg_by_name(char *name) +{ + iterator_t *i1, *i2; + peer_cfg_t *current, *found = NULL; + child_cfg_t *child; + + i1 = charon->backends->create_iterator(charon->backends); + while (i1->iterate(i1, (void**)¤t)) + { + /* compare peer_cfgs name first */ + if (streq(current->get_name(current), name)) + { + found = current; + found->get_ref(found); + break; + } + /* compare all child_cfg names otherwise */ + i2 = current->create_child_cfg_iterator(current); + while (i2->iterate(i2, (void**)&child)) + { + if (streq(child->get_name(child), name)) + { + found = current; + found->get_ref(found); + break; + } + } + i2->destroy(i2); + if (found) + { + break; + } + } + i1->destroy(i1); + return found; +} + +/** * initiate a connection by name */ static void stroke_initiate(private_stroke_interface_t *this, @@ -685,8 +721,7 @@ static void stroke_initiate(private_stroke_interface_t *this, pop_string(msg, &(msg->initiate.name)); DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name); - peer_cfg = this->backend->get_peer_cfg_by_name(this->backend, - msg->initiate.name); + peer_cfg = get_peer_cfg_by_name(msg->initiate.name); if (peer_cfg == NULL) { fprintf(out, "no config named '%s'\n", msg->initiate.name); @@ -711,8 +746,8 @@ static void stroke_initiate(private_stroke_interface_t *this, info.out = out; info.level = msg->output_verbosity; - charon->controller->initiate(charon->controller, peer_cfg, child_cfg, - (controller_cb_t)stroke_log, &info); + charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg, + (interface_manager_cb_t)stroke_log, &info); } /** @@ -729,7 +764,7 @@ static void stroke_route(private_stroke_interface_t *this, DBG1(DBG_CFG, "received stroke: %s '%s'", route ? "route" : "unroute", msg->route.name); - peer_cfg = this->backend->get_peer_cfg_by_name(this->backend, msg->route.name); + peer_cfg = get_peer_cfg_by_name(msg->route.name); if (peer_cfg == NULL) { fprintf(out, "no config named '%s'\n", msg->route.name); @@ -1115,7 +1150,7 @@ static void stroke_status(private_stroke_interface_t *this, list->destroy(list); fprintf(out, "Connections:\n"); - iterator = this->backend->create_peer_cfg_iterator(this->backend); + iterator = charon->backends->create_iterator(charon->backends); while (iterator->iterate(iterator, (void**)&peer_cfg)) { if (peer_cfg->get_ike_version(peer_cfg) != 2 || @@ -1517,7 +1552,7 @@ static void stroke_receive(private_stroke_interface_t *this) } /** - * Implementation of stroke_t.destroy. + * Implementation of interface_t.destroy. */ static void destroy(private_stroke_interface_t *this) { @@ -1537,16 +1572,14 @@ static void destroy(private_stroke_interface_t *this) /* * Described in header-file */ -stroke_t *stroke_create(local_backend_t *backend) +interface_t *interface_create() { private_stroke_interface_t *this = malloc_thing(private_stroke_interface_t); mode_t old; int i; /* public functions */ - this->public.destroy = (void (*)(stroke_t*))destroy; - - this->backend = backend; + this->public.interface.destroy = (void (*)(stroke_interface_t*))destroy; /* set up unix socket */ this->socket = socket(AF_UNIX, SOCK_STREAM, 0); diff --git a/src/charon/control/stroke_interface.h b/src/charon/control/interfaces/stroke_interface.h index 7fab28fec..f189048bd 100644 --- a/src/charon/control/stroke_interface.h +++ b/src/charon/control/interfaces/stroke_interface.h @@ -1,5 +1,5 @@ /** - * @file stroke.h + * @file stroke_interface.h * * @brief Interface of stroke_t. * @@ -23,9 +23,9 @@ #ifndef STROKE_INTERFACE_H_ #define STROKE_INTERFACE_H_ -typedef struct stroke_t stroke_t; +typedef struct stroke_interface_t stroke_interface_t; -#include <config/backends/local_backend.h> +#include <control/interfaces/interface.h> /** * @brief Stroke is a configuration and control interface which @@ -39,27 +39,25 @@ typedef struct stroke_t stroke_t; * @b Constructors: * - stroke_create() * - * @ingroup control + * @ingroup interfaces */ -struct stroke_t { +struct stroke_interface_t { /** - * @brief Destroy a stroke_t instance. - * - * @param this stroke_t objec to destroy + * implements interface_t. */ - void (*destroy) (stroke_t *this); + interface_t interface; }; /** * @brief Create the stroke interface and listen on the socket. * - * @param backend backend to store received configurations * @return stroke_t object * - * @ingroup control + * @ingroup interfaces */ -stroke_t *stroke_create(local_backend_t *backend); +interface_t *interface_create(void); #endif /* STROKE_INTERFACE_H_ */ + diff --git a/src/charon/control/interfaces/xml_interface.c b/src/charon/control/interfaces/xml_interface.c new file mode 100644 index 000000000..ad92e8050 --- /dev/null +++ b/src/charon/control/interfaces/xml_interface.c @@ -0,0 +1,63 @@ +/** + * @file xml_interface.c + * + * @brief Implementation of xml_interface_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <stdlib.h> + +#include "xml_interface.h" + +#include <library.h> +#include <daemon.h> + + +typedef struct private_xml_interface_t private_xml_interface_t; + +/** + * Private data of an xml_interface_t object. + */ +struct private_xml_interface_t { + + /** + * Public part of xml_t object. + */ + xml_interface_t public; +}; + + +/** + * Implementation of itnerface_t.destroy. + */ +static void destroy(private_xml_interface_t *this) +{ + free(this); +} + +/* + * Described in header file + */ +interface_t *interface_create() +{ + private_xml_interface_t *this = malloc_thing(private_xml_interface_t); + + this->public.interface.destroy = (void (*)(xml_interface_t*))destroy; + + return &this->public; +} diff --git a/src/charon/control/interfaces/xml_interface.h b/src/charon/control/interfaces/xml_interface.h new file mode 100644 index 000000000..6d88c3842 --- /dev/null +++ b/src/charon/control/interfaces/xml_interface.h @@ -0,0 +1,57 @@ +/** + * @file xml_interface.h + * + * @brief Interface of xml_interface_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef XML_INTERFACE_H_ +#define XML_INTERFACE_H_ + +typedef struct xml_interface_t xml_interface_t; + +#include <control/interfaces/interface.h> + +/** + * @brief The XML interface uses a socket to communicate using XML. + * + * @b Constructors: + * - xml_interface_create() + * + * @ingroup interfaces + */ +struct xml_interface_t { + + /** + * implements interface_t. + */ + interface_t interface; +}; + + +/** + * @brief Create the XML interface. + * + * @return stroke_t object + * + * @ingroup interfaces + */ +interface_t *interface_create(void); + +#endif /* XML_INTERFACE_H_ */ + diff --git a/src/charon/daemon.c b/src/charon/daemon.c index d2b8d346e..ac16eb2c2 100644 --- a/src/charon/daemon.c +++ b/src/charon/daemon.c @@ -164,8 +164,7 @@ static void destroy(private_daemon_t *this) /* we don't want to receive anything anymore... */ DESTROY_IF(this->public.receiver); /* ignore all incoming user requests */ - DESTROY_IF(this->public.stroke); - DESTROY_IF(this->public.controller); + DESTROY_IF(this->public.interfaces); /* stop scheduing jobs */ DESTROY_IF(this->public.scheduler); /* stop processing jobs */ @@ -178,8 +177,7 @@ static void destroy(private_daemon_t *this) DESTROY_IF(this->public.job_queue); DESTROY_IF(this->public.event_queue); DESTROY_IF(this->public.credentials); - DESTROY_IF(this->public.cfg_store); - DESTROY_IF(this->public.local_backend); + DESTROY_IF(this->public.backends); sched_yield(); /* we hope the sender could send the outstanding deletes, but * we shut down here at any cost */ @@ -262,10 +260,7 @@ static void initialize(private_daemon_t *this, bool syslog, level_t levels[]) this->public.job_queue = job_queue_create(); this->public.event_queue = event_queue_create(); this->public.credentials = (credential_store_t*)local_credential_store_create(); - this->public.cfg_store = cfg_store_create(); - this->public.local_backend = local_backend_create(); - this->public.cfg_store->register_backend(this->public.cfg_store, - &this->public.local_backend->backend); + this->public.backends = backend_manager_create(); /* initialize fetcher_t class */ fetcher_initialize(); @@ -280,8 +275,7 @@ static void initialize(private_daemon_t *this, bool syslog, level_t levels[]) credentials->load_secrets(credentials); /* start building threads, we are multi-threaded NOW */ - this->public.controller = controller_create(); - this->public.stroke = stroke_create(this->public.local_backend); + this->public.interfaces = interface_manager_create(); this->public.sender = sender_create(); this->public.receiver = receiver_create(); this->public.scheduler = scheduler_create(); @@ -336,15 +330,13 @@ private_daemon_t *daemon_create(void) this->public.job_queue = NULL; this->public.event_queue = NULL; this->public.credentials = NULL; - this->public.cfg_store = NULL; - this->public.local_backend = NULL; + this->public.backends = NULL; this->public.sender= NULL; this->public.receiver = NULL; this->public.scheduler = NULL; this->public.kernel_interface = NULL; this->public.thread_pool = NULL; - this->public.controller = NULL; - this->public.stroke = NULL; + this->public.interfaces = NULL; this->public.bus = NULL; this->public.outlog = NULL; this->public.syslog = NULL; diff --git a/src/charon/daemon.h b/src/charon/daemon.h index 3a5a79d9b..c442094ff 100644 --- a/src/charon/daemon.h +++ b/src/charon/daemon.h @@ -37,14 +37,12 @@ typedef struct daemon_t daemon_t; #include <processing/job_queue.h> #include <processing/event_queue.h> #include <kernel/kernel_interface.h> -#include <control/controller.h> -#include <control/stroke_interface.h> +#include <control/interface_manager.h> #include <bus/bus.h> #include <bus/listeners/file_logger.h> #include <bus/listeners/sys_logger.h> #include <sa/ike_sa_manager.h> -#include <config/cfg_store.h> -#include <config/backends/local_backend.h> +#include <config/backend_manager.h> /** * @defgroup charon charon @@ -132,12 +130,20 @@ typedef struct daemon_t daemon_t; /** * @defgroup control control * - * Classes which control the daemon using IPC mechanisms. + * Handling of loadable control interface modules. * * @ingroup charon */ /** + * @defgroup interfaces interfaces + * + * Classes which control the daemon using IPC mechanisms. + * + * @ingroup control + */ + +/** * @defgroup encoding encoding * * Classes used to encode and decode IKEv2 messages. @@ -353,14 +359,9 @@ struct daemon_t { ike_sa_manager_t *ike_sa_manager; /** - * A connection_store_t instance. + * Manager for the different configuration backends. */ - cfg_store_t *cfg_store; - - /** - * A backend for cfg_store using in-memory lists - */ - local_backend_t *local_backend; + backend_manager_t *backends; /** * A credential_store_t instance. @@ -413,14 +414,9 @@ struct daemon_t { kernel_interface_t *kernel_interface; /** - * control the daemon - */ - controller_t *controller;; - - /** - * IPC interface, as whack in pluto + * Interfaces for IPC */ - stroke_t *stroke; + interface_manager_t *interfaces; /** * @brief Shut down the daemon. diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index b1d76ac84..e9c56dcbc 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -746,8 +746,8 @@ static status_t process_message(private_ike_sa_t *this, message_t *message) if (this->ike_cfg == NULL) { job_t *job; - this->ike_cfg = charon->cfg_store->get_ike_cfg(charon->cfg_store, - me, other); + this->ike_cfg = charon->backends->get_ike_cfg(charon->backends, + me, other); if (this->ike_cfg == NULL) { /* no config found for these hosts, destroy */ diff --git a/src/charon/sa/tasks/ike_auth.c b/src/charon/sa/tasks/ike_auth.c index 9e2f6b085..c6fc98839 100644 --- a/src/charon/sa/tasks/ike_auth.c +++ b/src/charon/sa/tasks/ike_auth.c @@ -511,7 +511,7 @@ static status_t process_r(private_ike_auth_t *this, message_t *message) return NEED_MORE; } - config = charon->cfg_store->get_peer_cfg(charon->cfg_store, + config = charon->backends->get_peer_cfg(charon->backends, this->ike_sa->get_my_id(this->ike_sa), this->ike_sa->get_other_id(this->ike_sa)); if (config) |