Stub library for user space IPsec implementation added.

8 files changed, 187 insertions, 0 deletions

diff --git a/Doxyfile.in b/Doxyfile.in
index 7fb516190..343f130b3 100644
--- a/Doxyfile.in
+++ b/Doxyfile.in
@@ -530,6 +530,7 @@ WARN_LOGFILE           =
 INPUT                  = @SRC_DIR@/src/libstrongswan \
                          @SRC_DIR@/src/libhydra \
                          @SRC_DIR@/src/libcharon \
+                         @SRC_DIR@/src/libipsec \
                          @SRC_DIR@/src/libsimaka \
                          @SRC_DIR@/src/libtls \
                          @SRC_DIR@/src/libradius \
diff --git a/configure.in b/configure.in
index 96b1fe373..5ee3b8723 100644
--- a/configure.in
+++ b/configure.in
@@ -174,6 +174,7 @@ ARG_DISBL_SET([kernel-netlink], [disable the netlink kernel interface.])
 ARG_ENABL_SET([kernel-pfkey],   [enable the PF_KEY kernel interface.])
 ARG_ENABL_SET([kernel-pfroute], [enable the PF_ROUTE kernel interface.])
 ARG_ENABL_SET([kernel-klips],   [enable the KLIPS kernel interface.])
+ARG_ENABL_SET([libipsec],       [enable user space IPsec implementation.])
 ARG_DISBL_SET([socket-default], [disable default socket implementation for charon.])
 ARG_ENABL_SET([socket-raw],     [enable raw socket implementation of charon])
 ARG_ENABL_SET([socket-dynamic], [enable dynamic socket implementation for charon])
@@ -1104,6 +1105,7 @@ AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
 AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue)
 AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue)
 AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue)
+AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
 AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
@@ -1195,6 +1197,7 @@ AC_OUTPUT(
 	src/libhydra/plugins/kernel_pfkey/Makefile
 	src/libhydra/plugins/kernel_pfroute/Makefile
 	src/libhydra/plugins/resolve/Makefile
+	src/libipsec/Makefile
 	src/libsimaka/Makefile
 	src/libtls/Makefile
 	src/libradius/Makefile
diff --git a/src/Makefile.am b/src/Makefile.am
index 452036b8b..e4c0374a2 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -8,6 +8,10 @@ if USE_LIBHYDRA
   SUBDIRS += libhydra
 endif
 
+if USE_LIBIPSEC
+  SUBDIRS += libipsec
+endif
+
 if USE_SIMAKA
   SUBDIRS += libsimaka
 endif
diff --git a/src/checksum/Makefile.am b/src/checksum/Makefile.am
index 0d0da5acf..1405fcd05 100644
--- a/src/checksum/Makefile.am
+++ b/src/checksum/Makefile.am
@@ -40,6 +40,11 @@ if !MONOLITHIC
 endif
 endif
 
+if USE_LIBIPSEC
+  deps += $(top_builddir)/src/libipsec/libipsec.la
+  libs += $(DESTDIR)$(ipseclibdir)/libipsec.so
+endif
+
 if USE_TLS
   deps += $(top_builddir)/src/libtls/libtls.la
   libs += $(DESTDIR)$(ipseclibdir)/libtls.so
diff --git a/src/libipsec/Android.mk b/src/libipsec/Android.mk
new file mode 100644
index 000000000..99ff69106
--- /dev/null
+++ b/src/libipsec/Android.mk
@@ -0,0 +1,29 @@
+LOCAL_PATH := $(call my-dir)
+include $(CLEAR_VARS)
+
+# copy-n-paste from Makefile.am
+LOCAL_SRC_FILES := \
+ipsec.c ipsec.h
+
+# build libipsec ---------------------------------------------------------------
+
+LOCAL_C_INCLUDES += \
+	$(libvstr_PATH) \
+	$(strongswan_PATH)/src/include \
+	$(strongswan_PATH)/src/libhydra \
+	$(strongswan_PATH)/src/libstrongswan
+
+LOCAL_CFLAGS := $(strongswan_CFLAGS)
+
+LOCAL_MODULE := libipsec
+
+LOCAL_MODULE_TAGS := optional
+
+LOCAL_ARM_MODE := arm
+
+LOCAL_PRELINK_MODULE := false
+
+LOCAL_SHARED_LIBRARIES += libstrongswan libhydra
+
+include $(BUILD_SHARED_LIBRARY)
+
diff --git a/src/libipsec/Makefile.am b/src/libipsec/Makefile.am
new file mode 100644
index 000000000..0b8faf724
--- /dev/null
+++ b/src/libipsec/Makefile.am
@@ -0,0 +1,20 @@
+ipseclib_LTLIBRARIES = libipsec.la
+
+libipsec_la_SOURCES = \
+ipsec.c ipsec.h
+
+libipsec_la_LIBADD =
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+EXTRA_DIST = Android.mk
+
+# build optional plugins
+########################
+
+if MONOLITHIC
+SUBDIRS =
+else
+SUBDIRS = .
+endif
+
diff --git a/src/libipsec/ipsec.c b/src/libipsec/ipsec.c
new file mode 100644
index 000000000..add3b463a
--- /dev/null
+++ b/src/libipsec/ipsec.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "ipsec.h"
+
+#include <debug.h>
+
+typedef struct private_ipsec_t private_ipsec_t;
+
+/**
+ * Private additions to ipsec_t.
+ */
+struct private_ipsec_t {
+
+	/**
+	 * Public members of ipsec_t.
+	 */
+	ipsec_t public;
+};
+
+/**
+ * Single instance of ipsec_t.
+ */
+ipsec_t *ipsec;
+
+/**
+ * Described in header.
+ */
+void libipsec_deinit()
+{
+	private_ipsec_t *this = (private_ipsec_t*)ipsec;
+	free(this);
+	ipsec = NULL;
+}
+
+/**
+ * Described in header.
+ */
+bool libipsec_init()
+{
+	private_ipsec_t *this;
+
+	INIT(this,
+		.public = {
+		},
+	);
+	ipsec = &this->public;
+
+	if (lib->integrity &&
+		!lib->integrity->check(lib->integrity, "libipsec", libipsec_init))
+	{
+		DBG1(DBG_LIB, "integrity check of libipsec failed");
+		return FALSE;
+	}
+	return TRUE;
+}
+
diff --git a/src/libipsec/ipsec.h b/src/libipsec/ipsec.h
new file mode 100644
index 000000000..80bef5426
--- /dev/null
+++ b/src/libipsec/ipsec.h
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup libipsec libipsec
+ *
+ * @addtogroup libipsec
+ * @{
+ */
+
+#ifndef IPSEC_H_
+#define IPSEC_H_
+
+typedef struct ipsec_t ipsec_t;
+
+#include <library.h>
+
+/**
+ * User space IPsec implementation.
+ */
+struct ipsec_t {
+
+};
+
+/**
+ * The single instance of ipsec_t.
+ *
+ * Set between calls to libipsec_init() and libipsec_deinit() calls.
+ */
+extern ipsec_t *ipsec;
+
+/**
+ * Initialize libipsec.
+ *
+ * @return				FALSE if integrity check failed
+ */
+bool libipsec_init();
+
+/**
+ * Deinitialize libipsec.
+ */
+void libipsec_deinit();
+
+#endif /** IPSEC_H_ @}*/