restructuring of configuration backends

added propotypes of new control interfaces (xml & dbus)
introduced loadable:
  configuration backends
  control interfaces
using pluggable modules as in EAP

10 files changed, 882 insertions, 189 deletions

diff --git a/src/charon/control/controller.c b/src/charon/control/controller.c
deleted file mode 100644
index 8e0268e6a..000000000
--- a/src/charon/control/controller.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/**
- * @file controller.c
- * 
- * @brief Implementation of controller_t.
- * 
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "controller.h"
-
-#include <daemon.h>
-#include <library.h>
-#include <processing/job_queue.h>
-#include <processing/jobs/initiate_job.h>
-
-
-typedef struct private_controller_t private_controller_t;
-
-/**
- * Private data of an stroke_t object.
- */
-struct private_controller_t {
-
-	/**
-	 * Public part of stroke_t object.
-	 */
-	controller_t public;
-};
-	
-/**
- * Implementation of controller_t.initiate.
- */
-static status_t initiate(private_controller_t *this,
-						 peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
-						 bool(*cb)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),
-						 void *param)
-{
-	ike_sa_t *ours = NULL;
-	job_t *job;
-	status_t retval;
-	
-	charon->bus->set_listen_state(charon->bus, TRUE);
-	
-	job = (job_t*)initiate_job_create(peer_cfg, child_cfg);
-	charon->job_queue->add(charon->job_queue, job);
-	
-	while (TRUE)
-	{
-		level_t level;
-		signal_t signal;
-		int thread;
-		ike_sa_t *ike_sa;
-		char* format;
-		va_list args;
-		
-		signal = charon->bus->listen(charon->bus, &level, &thread, 
-									 &ike_sa, &format, &args);
-		
-		if (ike_sa == ours || ours == NULL)
-		{
-			if (!cb(param, signal, level, ike_sa, format, args))
-			{
-				charon->bus->set_listen_state(charon->bus, FALSE);
-				return NEED_MORE;
-			}
-		}
-		
-		switch (signal)
-		{
-			case CHILD_UP_SUCCESS:
-				if (ike_sa == ours)
-				{
-					retval = SUCCESS;
-					break;
-				}
-				continue;
-			case CHILD_UP_FAILED:
-			case IKE_UP_FAILED:
-				if (ike_sa == ours)
-				{
-					retval = FAILED;
-					break;
-				}
-				continue;
-			case CHILD_UP_START:
-			case IKE_UP_START:
-				if (ours == NULL)
-				{
-					ours = ike_sa;
-				}
-				continue;
-			default:
-				continue;
-		}
-		break;
-	}
-	charon->bus->set_listen_state(charon->bus, FALSE);
-	return retval;
-}
-
-/**
- * Implementation of stroke_t.destroy.
- */
-static void destroy(private_controller_t *this)
-{
-	free(this);
-}
-
-/*
- * Described in header-file
- */
-controller_t *controller_create(void)
-{
-	private_controller_t *this = malloc_thing(private_controller_t);
-	
-	this->public.initiate = (status_t(*)(controller_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate;
-	this->public.destroy = (void (*)(controller_t*))destroy;
-	
-	return &this->public;
-}
diff --git a/src/charon/control/interface_manager.c b/src/charon/control/interface_manager.c
new file mode 100644
index 000000000..5f4a7e810
--- /dev/null
+++ b/src/charon/control/interface_manager.c
@@ -0,0 +1,239 @@
+/**
+ * @file interface_manager.c
+ * 
+ * @brief Implementation of interface_manager_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "interface_manager.h"
+
+#include <sys/types.h>
+#include <dirent.h>
+#include <sys/stat.h>
+#include <dlfcn.h>
+
+#include <daemon.h>
+#include <library.h>
+#include <control/interfaces/interface.h>
+#include <processing/job_queue.h>
+#include <processing/jobs/initiate_job.h>
+
+
+typedef struct private_interface_manager_t private_interface_manager_t;
+
+/**
+ * Private data of an stroke_t object.
+ */
+struct private_interface_manager_t {
+
+	/**
+	 * Public part of stroke_t object.
+	 */
+	interface_manager_t public;
+	
+	/**
+	 * a list of all loaded interfaces
+	 */
+	linked_list_t *interfaces;
+	
+	/**
+	 * dlopen() handles of interfaces
+	 */
+	linked_list_t *handles;
+};
+	
+/**
+ * Implementation of interface_manager_t.initiate.
+ */
+static status_t initiate(private_interface_manager_t *this,
+						 peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
+						 bool(*cb)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),
+						 void *param)
+{
+	ike_sa_t *ours = NULL;
+	job_t *job;
+	status_t retval;
+	
+	charon->bus->set_listen_state(charon->bus, TRUE);
+	
+	job = (job_t*)initiate_job_create(peer_cfg, child_cfg);
+	charon->job_queue->add(charon->job_queue, job);
+	
+	while (TRUE)
+	{
+		level_t level;
+		signal_t signal;
+		int thread;
+		ike_sa_t *ike_sa;
+		char* format;
+		va_list args;
+		
+		signal = charon->bus->listen(charon->bus, &level, &thread, 
+									 &ike_sa, &format, &args);
+		
+		if (cb && (ike_sa == ours || ours == NULL))
+		{
+			if (!cb(param, signal, level, ike_sa, format, args))
+			{
+				charon->bus->set_listen_state(charon->bus, FALSE);
+				return NEED_MORE;
+			}
+		}
+		
+		switch (signal)
+		{
+			case CHILD_UP_SUCCESS:
+				if (ike_sa == ours)
+				{
+					retval = SUCCESS;
+					break;
+				}
+				continue;
+			case CHILD_UP_FAILED:
+			case IKE_UP_FAILED:
+				if (ike_sa == ours)
+				{
+					retval = FAILED;
+					break;
+				}
+				continue;
+			case CHILD_UP_START:
+			case IKE_UP_START:
+				if (ours == NULL)
+				{
+					ours = ike_sa;
+				}
+				continue;
+			default:
+				continue;
+		}
+		break;
+	}
+	charon->bus->set_listen_state(charon->bus, FALSE);
+	return retval;
+}
+
+/**
+ * load the control interface modules
+ */
+static void load_interfaces(private_interface_manager_t *this)
+{
+	struct dirent* entry;
+	struct stat stb;
+	DIR* dir;
+	
+	if (stat(IPSEC_INTERFACEDIR, &stb) == -1 || !(stb.st_mode & S_IFDIR))
+	{
+		DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR);
+		return;
+	}
+
+	dir = opendir(IPSEC_INTERFACEDIR);
+	if (dir == NULL)
+	{
+		DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR);
+		return;
+	}
+	
+	DBG1(DBG_CFG, "loading control interface modules from '"IPSEC_INTERFACEDIR"'");
+
+	while ((entry = readdir(dir)) != NULL)
+	{
+		char file[256];
+		interface_t *interface;
+		interface_constructor_t constructor;
+		void *handle;
+		char *ending;
+		
+		snprintf(file, sizeof(file), IPSEC_INTERFACEDIR"/%s", entry->d_name);
+		
+		if (stat(file, &stb) == -1 || !(stb.st_mode & S_IFREG))
+		{
+			DBG2(DBG_CFG, "  skipping %s, doesn't look like a file",
+				 entry->d_name);
+			continue;
+		}
+		ending = entry->d_name + strlen(entry->d_name) - 3;
+		if (ending <= entry->d_name || !streq(ending, ".so"))
+		{
+			/* skip anything which does not look like a library */
+			DBG2(DBG_CFG, "  skipping %s, doesn't look like a library",
+				 entry->d_name);
+			continue;
+		}
+		/* try to load the library */
+		handle = dlopen(file, RTLD_LAZY);
+		if (handle == NULL)
+		{
+			DBG1(DBG_CFG, "  opening control interface module %s failed: %s",
+				 entry->d_name, dlerror());
+			continue;
+		}
+		constructor = dlsym(handle, "interface_create");
+		if (constructor == NULL)
+		{
+			DBG1(DBG_CFG, "  interface module %s has no interface_create() "
+				 "function, skipped", entry->d_name);
+			dlclose(handle);
+			continue;
+		}
+		
+		interface = constructor();
+		if (interface == NULL)
+		{
+			DBG1(DBG_CFG, "  unable to create instance of interface "
+				 "module %s, skipped", entry->d_name);
+			dlclose(handle);
+			continue;
+		}
+		DBG1(DBG_CFG, "  loaded control interface module successfully from %s", entry->d_name);
+		this->interfaces->insert_last(this->interfaces, interface);
+		this->handles->insert_last(this->handles, handle);
+	}
+	closedir(dir);
+}
+
+
+/**
+ * Implementation of stroke_t.destroy.
+ */
+static void destroy(private_interface_manager_t *this)
+{
+	this->interfaces->destroy_offset(this->interfaces, offsetof(interface_t, destroy));
+	this->handles->destroy_function(this->handles, (void*)dlclose);
+	free(this);
+}
+
+/*
+ * Described in header-file
+ */
+interface_manager_t *interface_manager_create(void)
+{
+	private_interface_manager_t *this = malloc_thing(private_interface_manager_t);
+	
+	this->public.initiate = (status_t(*)(interface_manager_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate;
+	this->public.destroy = (void (*)(interface_manager_t*))destroy;
+	
+	this->interfaces = linked_list_create();
+	this->handles = linked_list_create();
+	
+	load_interfaces(this);
+	
+	return &this->public;
+}
+
diff --git a/src/charon/control/controller.h b/src/charon/control/interface_manager.h
index 7dc4b6704..57121c833 100644
--- a/src/charon/control/controller.h
+++ b/src/charon/control/interface_manager.h
@@ -1,7 +1,7 @@
 /**
- * @file controller.h
+ * @file interface_manager.h
  *
- * @brief Interface of controller_t.
+ * @brief Interface of interface_manager_t.
  *
  */
 
@@ -20,13 +20,13 @@
  * for more details.
  */
 
-#ifndef CONTROLLER_H_
-#define CONTROLLER_H_
+#ifndef INTERFACE_MANAGER_H_
+#define INTERFACE_MANAGER_H_
 
 #include <bus/bus.h>
 
 /**
- * callback to log things triggered by controller
+ * callback to log things triggered by interface_manager
  *
  * @param param			echoed parameter supplied when function invoked
  * @param signal		type of signal
@@ -37,23 +37,23 @@
  * @return				FALSE to return from invoked function
  * @ingroup control
  */
-typedef bool(*controller_cb_t)(void* param, signal_t signal, level_t level,
+typedef bool(*interface_manager_cb_t)(void* param, signal_t signal, level_t level,
 							   ike_sa_t* ike_sa, char* format, va_list args);
 
-typedef struct controller_t controller_t;
+typedef struct interface_manager_t interface_manager_t;
 
 /**
- * @brief The controller controls the daemon.
+ * @brief The interface_manager controls the daemon.
  *
- * The controller starts actions by creating jobs. It then tries to
+ * The interface_manager starts actions by creating jobs. It then tries to
  * evaluate the result of the operation by listening on the bus.
  * 
  * @b Constructors:
- * - controller_create()
+ * - interface_manager_create()
  * 
  * @ingroup control
  */
-struct controller_t {
+struct interface_manager_t {
 
 	/**
 	 * @brief Initiate a CHILD_SA, and if required, an IKE_SA.
@@ -68,26 +68,27 @@ struct controller_t {
 	 *						- FAILED, if setup failed
 	 *						- NEED_MORE, if callback returned FALSE
 	 */
-	status_t (*initiate)(controller_t *this,
+	status_t (*initiate)(interface_manager_t *this,
 						 peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
-						 controller_cb_t callback, void *param);
+						 interface_manager_cb_t callback, void *param);
 	
 	/**
-	 * @brief Destroy a controller_t instance.
+	 * @brief Destroy a interface_manager_t instance.
 	 * 
-	 * @param this		controller_t objec to destroy
+	 * @param this		interface_manager_t objec to destroy
 	 */
-	void (*destroy) (controller_t *this);
+	void (*destroy) (interface_manager_t *this);
 };
 
 
 /**
- * @brief Create a controller instance.
+ * @brief Create a interface_manager instance and loads all interface modules.
  * 
- * @return 			controller_t object
+ * @return 			interface_manager_t object
  * 
  * @ingroup control
  */
-controller_t *controller_create();
+interface_manager_t *interface_manager_create(void);
+
+#endif /* INTERFACE_MANAGER_H_ */
 
-#endif /* CONTROLLER_H_ */
diff --git a/src/charon/control/interfaces/dbus_interface.c b/src/charon/control/interfaces/dbus_interface.c
new file mode 100644
index 000000000..178f74ff5
--- /dev/null
+++ b/src/charon/control/interfaces/dbus_interface.c
@@ -0,0 +1,324 @@
+/**
+ * @file dbus_interface.c
+ * 
+ * @brief Implementation of dbus_interface_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#define DBUS_API_SUBJECT_TO_CHANGE
+#include <dbus/dbus.h>
+#include <NetworkManager/NetworkManager.h>
+#include <NetworkManager/NetworkManagerVPN.h>
+#include <stdlib.h>
+
+#include "dbus_interface.h"
+
+#include <library.h>
+#include <daemon.h>
+
+
+#define NM_DBUS_SERVICE_STRONG "org.freedesktop.NetworkManager.strongswan"
+#define NM_DBUS_INTERFACE_STRONG "org.freedesktop.NetworkManager.strongswan"
+#define NM_DBUS_PATH_STRONG "/org/freedesktop/NetworkManager/strongswan"
+
+typedef struct private_dbus_interface_t private_dbus_interface_t;
+
+/**
+ * Private data of an dbus_interface_t object.
+ */
+struct private_dbus_interface_t {
+
+	/**
+	 * Public part of dbus_t object.
+	 */
+	dbus_interface_t public;
+	
+	/**
+	 * DBUS connection
+	 */
+	DBusConnection* conn;
+	
+	/**
+	 * error value used here and there
+	 */
+	DBusError err;
+	
+	/**
+	 * state of the daemon
+	 */
+	NMVPNState state;
+	
+	/**
+	 * dispatcher thread for DBUS messages
+	 */
+	pthread_t thread;
+};
+
+/**
+ * set daemon state and send StateChange signal to the bus
+ */
+static void set_state(private_dbus_interface_t *this, NMVPNState state)
+{
+	DBusMessage* msg;
+
+	msg = dbus_message_new_signal(NM_DBUS_PATH_STRONG, NM_DBUS_INTERFACE_STRONG, NM_DBUS_VPN_SIGNAL_STATE_CHANGE);
+
+	if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &this->state,
+							  DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID) ||
+		!dbus_connection_send(this->conn, msg, NULL))
+	{
+		DBG1(DBG_CFG, "unable to send DBUS StateChange signal");
+	}
+	dbus_connection_flush(this->conn);
+	dbus_message_unref(msg);
+	this->state = state;
+}
+
+/**
+ * process NetworkManagers startConnection method call
+ */
+static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg)
+{
+	DBusMessage *reply, *signal;
+	char *name, *user, **data, **passwords, **routes;
+	int data_count, passwords_count, routes_count;
+	u_int32_t me, other, p2p, netmask, mss;
+	char *dev, *domain, *banner;
+	const dbus_int32_t array[] = {};
+	const dbus_int32_t *varray = array;
+
+	if (!dbus_message_get_args(msg, &this->err,
+  			 DBUS_TYPE_STRING, &name, DBUS_TYPE_STRING, &user,
+			 DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &passwords, &passwords_count,
+			 DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &data, &data_count,
+			 DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &routes, &routes_count,
+			 DBUS_TYPE_INVALID))
+	{
+		return FALSE;
+	}
+	set_state(this, NM_VPN_STATE_STARTING);
+	
+	reply = dbus_message_new_method_return(msg);
+	dbus_connection_send(this->conn, reply, NULL);
+	
+	signal = dbus_message_new_signal(NM_DBUS_PATH_STRONG,
+									 NM_DBUS_INTERFACE_STRONG,
+									 NM_DBUS_VPN_SIGNAL_IP4_CONFIG);
+	
+	me = other = p2p = mss = netmask = 0;
+	dev = domain = banner = "";
+	if (dbus_message_append_args(signal,
+					DBUS_TYPE_UINT32, &other,
+					DBUS_TYPE_STRING, &dev,
+					DBUS_TYPE_UINT32, &me,
+					DBUS_TYPE_UINT32, &p2p,
+					DBUS_TYPE_UINT32, &netmask,
+					DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0,
+					DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0,
+					DBUS_TYPE_UINT32, &mss,
+					DBUS_TYPE_STRING, &domain,
+					DBUS_TYPE_STRING, &banner))
+	{
+		dbus_connection_send(this->conn, signal, NULL);
+	}						 
+	dbus_message_unref(signal);
+	
+	set_state(this, NM_VPN_STATE_STARTED);
+	
+	dbus_connection_flush(this->conn);
+	dbus_message_unref(reply);
+	return TRUE;
+}
+
+/**
+ * process NetworkManagers stopConnection method call
+ */
+static bool stop_connection(private_dbus_interface_t *this, DBusMessage* msg)
+{
+	set_state(this, NM_VPN_STATE_STOPPING);
+	set_state(this, NM_VPN_STATE_STOPPED);
+	return FALSE;
+}
+
+/**
+ * process NetworkManagers getState method call
+ */
+static bool get_state(private_dbus_interface_t *this, DBusMessage* msg)
+{
+	DBusMessage* reply;
+	reply = dbus_message_new_method_return(msg);
+	if (!reply || !dbus_message_append_args(reply,
+											DBUS_TYPE_UINT32, &this->state,
+											DBUS_TYPE_INVALID))
+	{
+		return FALSE;
+	}
+	dbus_connection_send(this->conn, reply, NULL);
+	return TRUE;
+}
+
+/**
+ * Handle incoming messages
+ */
+static DBusHandlerResult message_handler(DBusConnection *con, DBusMessage *msg,
+										 private_dbus_interface_t *this)
+{
+	bool handled;
+
+	if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
+									"startConnection"))
+	{
+		handled = start_connection(this, msg);
+	}
+	else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
+										 "stopConnection"))
+	{
+		handled = stop_connection(this, msg);
+	}
+	else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
+										 "getState"))
+	{
+		handled = get_state(this, msg);
+	}
+	else
+	{
+		DBG1(DBG_CFG, "ignoring DBUS message %s.%s",
+			 dbus_message_get_interface(msg), dbus_message_get_member(msg));
+		handled = FALSE;
+	}
+	
+	if (handled)
+	{
+		return DBUS_HANDLER_RESULT_HANDLED;
+	}
+	return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
+}
+
+/**
+ * Handle received signals
+
+static DBusHandlerResult signal_handler(DBusConnection *con, DBusMessage *msg,
+										private_dbus_interface_t *this)
+{
+	bool handled;
+
+	if (dbus_message_is_signal(msg, NM_DBUS_INTERFACE, "VPNConnectionStateChange"))
+	{
+		NMVPNState state;
+		char *name;
+		
+		if (dbus_message_get_args(msg, &this->err, DBUS_TYPE_STRING, &name, 
+								  DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID))
+		{
+			DBG1(DBG_CFG, "got state %d for %s", state, name);
+		}
+		handled = TRUE;
+	}
+	else
+	{
+		DBG1(DBG_CFG, "ignoring DBUS signal %s.%s",
+			 dbus_message_get_interface(msg), dbus_message_get_member(msg));
+		handled = FALSE;
+	}
+	if (handled)
+	{
+		return DBUS_HANDLER_RESULT_HANDLED;
+	}
+	return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
+} */
+
+/**
+ * dispatcher function processed by a seperate thread
+ */
+static void dispatch(private_dbus_interface_t *this)
+{
+	while (dbus_connection_read_write_dispatch(this->conn, -1))
+	{
+		/* nothing */
+	}
+}
+
+/**
+ * Implementation of interface_t.destroy.
+ */
+static void destroy(private_dbus_interface_t *this)
+{
+	pthread_cancel(this->thread);
+	pthread_join(this->thread, NULL);
+	dbus_error_free(&this->err); 
+	free(this);
+}
+
+/*
+ * Described in header file
+ */
+interface_t *interface_create()
+{
+	int ret;
+	DBusObjectPathVTable v = {NULL, (void*)&message_handler, NULL, NULL, NULL, NULL};
+	private_dbus_interface_t *this = malloc_thing(private_dbus_interface_t);
+  
+	this->public.interface.destroy = (void (*)(dbus_interface_t*))destroy;
+	
+	dbus_error_init(&this->err); 
+	this->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &this->err);
+	if (dbus_error_is_set(&this->err))
+	{ 
+		DBG1(DBG_CFG, "unable to open DBUS connection: %s", this->err.message); 
+		charon->kill(charon, "DBUS initialization failed");
+	}
+	
+	ret = dbus_bus_request_name(this->conn, NM_DBUS_SERVICE_STRONG,
+							    DBUS_NAME_FLAG_REPLACE_EXISTING , &this->err);
+	if (dbus_error_is_set(&this->err))
+	{
+		DBG1(DBG_CFG, "unable to set DBUS name: %s", this->err.message);
+		charon->kill(charon, "unable to set DBUS name");
+	}
+	if (ret != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER)
+	{
+		charon->kill(charon, "DBUS name already owned");
+	}
+	if (!dbus_connection_register_object_path(this->conn, NM_DBUS_PATH_STRONG, &v, this))
+    {
+		charon->kill(charon, "unable to register DBUS message handler");
+    }
+	/*
+	if (!dbus_connection_add_filter(this->conn, (void*)signal_handler, this, NULL))
+	{
+		charon->kill(charon, "unable to register DBUS signal handler");
+	}
+	
+	dbus_bus_add_match(this->conn, "type='signal', "
+					   "interface='" NM_DBUS_INTERFACE_VPN "',"
+					   "path='" NM_DBUS_PATH_VPN "'", &this->err);
+	if (dbus_error_is_set (&this->err))
+	{
+		charon->kill(charon, "unable to add DBUS signal match");
+	}*/
+
+	this->state = NM_VPN_STATE_INIT;
+	set_state(this, NM_VPN_STATE_STOPPED);
+
+	if (pthread_create(&this->thread, NULL, (void*(*)(void*))dispatch, this) != 0)
+	{
+		charon->kill(charon, "unable to create stroke thread");
+	}
+
+	return &this->public;
+}
diff --git a/src/charon/control/interfaces/dbus_interface.h b/src/charon/control/interfaces/dbus_interface.h
new file mode 100644
index 000000000..0ce57bbbc
--- /dev/null
+++ b/src/charon/control/interfaces/dbus_interface.h
@@ -0,0 +1,57 @@
+/**
+ * @file dbus_interface.h
+ *
+ * @brief Interface of dbus_interface_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef DBUS_INTERFACE_H_
+#define DBUS_INTERFACE_H_
+
+typedef struct dbus_interface_t dbus_interface_t;
+
+#include <control/interfaces/interface.h>
+
+/**
+ * @brief The DBUS interface uses the DBUS system bus to communicate.
+ * 
+ * @b Constructors:
+ * - dbus_interface_create()
+ * 
+ * @ingroup interfaces
+ */
+struct dbus_interface_t {
+	
+	/**
+	 * implements interface_t.
+	 */
+	interface_t interface;
+};
+
+
+/**
+ * @brief Create the DBUS interface.
+ *
+ * @return 			stroke_t object
+ * 
+ * @ingroup interfaces
+ */
+interface_t *interface_create();
+
+#endif /* DBUS_INTERFACE_H_ */
+
diff --git a/src/charon/control/interfaces/interface.h b/src/charon/control/interfaces/interface.h
new file mode 100644
index 000000000..1949556cc
--- /dev/null
+++ b/src/charon/control/interfaces/interface.h
@@ -0,0 +1,55 @@
+/**
+ * @file interface.h
+ *
+ * @brief Interface of interface_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef INTERFACE_H_
+#define INTERFACE_H_
+
+typedef struct interface_t interface_t;
+
+/**
+ * @brief Interface for a controller.
+ * 
+ * @b Constructors:
+ * - interface_create() of one of the modules
+ * 
+ * @ingroup interfaces
+ */
+struct interface_t {
+	
+	/**
+	 * @brief Destroy all interfaces
+	 * 
+	 * @param this		stroke_t objec to destroy
+	 */
+	void (*destroy) (interface_t *this);
+};
+
+
+/**
+ * Constructor in a control interface module to create the interface.
+ *
+ * @ingroup interfaces
+ */
+typedef interface_t*(*interface_constructor_t)(void);
+
+#endif /* INTERFACE_H_ */
+
diff --git a/src/charon/control/stroke_interface.c b/src/charon/control/interfaces/stroke_interface.c
index 9743f5778..d33cae8ed 100755
--- a/src/charon/control/stroke_interface.c
+++ b/src/charon/control/interfaces/stroke_interface.c
@@ -40,7 +40,8 @@
 #include <crypto/x509.h>
 #include <crypto/ca.h>
 #include <crypto/crl.h>
-#include <control/controller.h>
+#include <control/interface_manager.h>
+#include <control/interfaces/interface.h>
 #include <processing/jobs/initiate_job.h>
 #include <processing/jobs/route_job.h>
 #include <utils/leak_detective.h>
@@ -55,19 +56,14 @@ struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET};
 typedef struct private_stroke_interface_t private_stroke_interface_t;
 
 /**
- * Private data of an stroke_t object.
+ * Private data of an stroke_interfacet object.
  */
 struct private_stroke_interface_t {
 
 	/**
-	 * Public part of stroke_t object.
+	 * Public part of stroke_interfacet object.
 	 */
-	stroke_t public;
-	
-	/**
-	 * backend to store configurations
-	 */
-	local_backend_t *backend;
+	stroke_interface_t public;
 		
 	/**
 	 * Unix socket to listen for strokes
@@ -445,7 +441,7 @@ static void stroke_add_conn(private_stroke_interface_t *this,
 	DBG2(DBG_CFG, "  updown: '%s'", msg->add_conn.me.updown);
 
 	/* have a look for an (almost) identical peer config to reuse */
-	iterator = this->backend->create_peer_cfg_iterator(this->backend);
+	iterator = charon->backends->create_iterator(charon->backends);
 	while (iterator->iterate(iterator, (void**)&peer_cfg))
 	{
 		ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
@@ -579,7 +575,7 @@ static void stroke_add_conn(private_stroke_interface_t *this,
 	if (!use_existing)
 	{
 		/* add config to backend */
-		this->backend->add_peer_cfg(this->backend, peer_cfg);
+		charon->backends->add_peer_cfg(charon->backends, peer_cfg);
 		DBG1(DBG_CFG, "added configuration '%s': %H[%D]...%H[%D]",
 			 msg->add_conn.name, my_host, my_id, other_host, other_id);
 	}
@@ -608,7 +604,7 @@ static void stroke_del_conn(private_stroke_interface_t *this,
 	pop_string(msg, &(msg->del_conn.name));
 	DBG1(DBG_CFG, "received stroke: delete connection '%s'", msg->del_conn.name);
 	
-	peer_iter = this->backend->create_peer_cfg_iterator(this->backend);
+	peer_iter = charon->backends->create_iterator(charon->backends);
 	while (peer_iter->iterate(peer_iter, (void**)&peer))
 	{
 		/* remove peer config with such a name */
@@ -673,6 +669,46 @@ static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level,
 }
 
 /**
+ * get a peer configuration by its name, or a name of its children
+ */
+static peer_cfg_t *get_peer_cfg_by_name(char *name)
+{
+	iterator_t *i1, *i2;
+	peer_cfg_t *current, *found = NULL;
+	child_cfg_t *child;
+
+	i1 = charon->backends->create_iterator(charon->backends);
+	while (i1->iterate(i1, (void**)&current))
+	{
+	        /* compare peer_cfgs name first */
+	        if (streq(current->get_name(current), name))
+	        {
+	                found = current;
+	                found->get_ref(found);
+	                break;
+	        }
+	        /* compare all child_cfg names otherwise */
+	        i2 = current->create_child_cfg_iterator(current);
+	        while (i2->iterate(i2, (void**)&child))
+	        {
+	                if (streq(child->get_name(child), name))
+	                {
+	                        found = current;
+	                        found->get_ref(found);
+	                        break;
+	                }
+	        }
+	        i2->destroy(i2);
+	        if (found)
+	        {
+	                break;
+	        }
+	}
+	i1->destroy(i1);
+	return found;
+}
+
+/**
  * initiate a connection by name
  */
 static void stroke_initiate(private_stroke_interface_t *this,
@@ -685,8 +721,7 @@ static void stroke_initiate(private_stroke_interface_t *this,
 	pop_string(msg, &(msg->initiate.name));
 	DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name);
 	
-	peer_cfg = this->backend->get_peer_cfg_by_name(this->backend,
-												   msg->initiate.name);
+	peer_cfg = get_peer_cfg_by_name(msg->initiate.name);
 	if (peer_cfg == NULL)
 	{
 		fprintf(out, "no config named '%s'\n", msg->initiate.name);
@@ -711,8 +746,8 @@ static void stroke_initiate(private_stroke_interface_t *this,
 	info.out = out;
 	info.level = msg->output_verbosity;
 	
-	charon->controller->initiate(charon->controller, peer_cfg, child_cfg,
-								 (controller_cb_t)stroke_log, &info);
+	charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg,
+								 (interface_manager_cb_t)stroke_log, &info);
 }
 
 /**
@@ -729,7 +764,7 @@ static void stroke_route(private_stroke_interface_t *this,
 	DBG1(DBG_CFG, "received stroke: %s '%s'",
 		 route ? "route" : "unroute", msg->route.name);
 	
-	peer_cfg = this->backend->get_peer_cfg_by_name(this->backend, msg->route.name);
+	peer_cfg = get_peer_cfg_by_name(msg->route.name);
 	if (peer_cfg == NULL)
 	{
 		fprintf(out, "no config named '%s'\n", msg->route.name);
@@ -1115,7 +1150,7 @@ static void stroke_status(private_stroke_interface_t *this,
 		list->destroy(list);
 	
 		fprintf(out, "Connections:\n");
-		iterator = this->backend->create_peer_cfg_iterator(this->backend);
+		iterator = charon->backends->create_iterator(charon->backends);
 		while (iterator->iterate(iterator, (void**)&peer_cfg))
 		{
 			if (peer_cfg->get_ike_version(peer_cfg) != 2 ||
@@ -1517,7 +1552,7 @@ static void stroke_receive(private_stroke_interface_t *this)
 }
 
 /**
- * Implementation of stroke_t.destroy.
+ * Implementation of interface_t.destroy.
  */
 static void destroy(private_stroke_interface_t *this)
 {
@@ -1537,16 +1572,14 @@ static void destroy(private_stroke_interface_t *this)
 /*
  * Described in header-file
  */
-stroke_t *stroke_create(local_backend_t *backend)
+interface_t *interface_create()
 {
 	private_stroke_interface_t *this = malloc_thing(private_stroke_interface_t);
 	mode_t old;
 	int i;
 
 	/* public functions */
-	this->public.destroy = (void (*)(stroke_t*))destroy;
-	
-	this->backend = backend;
+	this->public.interface.destroy = (void (*)(stroke_interface_t*))destroy;
 	
 	/* set up unix socket */
 	this->socket = socket(AF_UNIX, SOCK_STREAM, 0);
diff --git a/src/charon/control/stroke_interface.h b/src/charon/control/interfaces/stroke_interface.h
index 7fab28fec..f189048bd 100644
--- a/src/charon/control/stroke_interface.h
+++ b/src/charon/control/interfaces/stroke_interface.h
@@ -1,5 +1,5 @@
 /**
- * @file stroke.h
+ * @file stroke_interface.h
  *
  * @brief Interface of stroke_t.
  *
@@ -23,9 +23,9 @@
 #ifndef STROKE_INTERFACE_H_
 #define STROKE_INTERFACE_H_
 
-typedef struct stroke_t stroke_t;
+typedef struct stroke_interface_t stroke_interface_t;
 
-#include <config/backends/local_backend.h>
+#include <control/interfaces/interface.h>
 
 /**
  * @brief Stroke is a configuration and control interface which
@@ -39,27 +39,25 @@ typedef struct stroke_t stroke_t;
  * @b Constructors:
  * - stroke_create()
  * 
- * @ingroup control
+ * @ingroup interfaces
  */
-struct stroke_t {
+struct stroke_interface_t {
 	
 	/**
-	 * @brief Destroy a stroke_t instance.
-	 * 
-	 * @param this		stroke_t objec to destroy
+	 * implements interface_t.
 	 */
-	void (*destroy) (stroke_t *this);
+	interface_t interface;
 };
 
 
 /**
  * @brief Create the stroke interface and listen on the socket.
  * 
- * @param backend	backend to store received configurations
  * @return 			stroke_t object
  * 
- * @ingroup control
+ * @ingroup interfaces
  */
-stroke_t *stroke_create(local_backend_t *backend);
+interface_t *interface_create(void);
 
 #endif /* STROKE_INTERFACE_H_ */
+
diff --git a/src/charon/control/interfaces/xml_interface.c b/src/charon/control/interfaces/xml_interface.c
new file mode 100644
index 000000000..ad92e8050
--- /dev/null
+++ b/src/charon/control/interfaces/xml_interface.c
@@ -0,0 +1,63 @@
+/**
+ * @file xml_interface.c
+ * 
+ * @brief Implementation of xml_interface_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+
+#include "xml_interface.h"
+
+#include <library.h>
+#include <daemon.h>
+
+
+typedef struct private_xml_interface_t private_xml_interface_t;
+
+/**
+ * Private data of an xml_interface_t object.
+ */
+struct private_xml_interface_t {
+
+	/**
+	 * Public part of xml_t object.
+	 */
+	xml_interface_t public;
+};
+
+
+/**
+ * Implementation of itnerface_t.destroy.
+ */
+static void destroy(private_xml_interface_t *this)
+{
+	free(this);
+}
+
+/*
+ * Described in header file
+ */
+interface_t *interface_create()
+{
+	private_xml_interface_t *this = malloc_thing(private_xml_interface_t);
+
+	this->public.interface.destroy = (void (*)(xml_interface_t*))destroy;
+	
+	return &this->public;
+}
diff --git a/src/charon/control/interfaces/xml_interface.h b/src/charon/control/interfaces/xml_interface.h
new file mode 100644
index 000000000..6d88c3842
--- /dev/null
+++ b/src/charon/control/interfaces/xml_interface.h
@@ -0,0 +1,57 @@
+/**
+ * @file xml_interface.h
+ *
+ * @brief Interface of xml_interface_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef XML_INTERFACE_H_
+#define XML_INTERFACE_H_
+
+typedef struct xml_interface_t xml_interface_t;
+
+#include <control/interfaces/interface.h>
+
+/**
+ * @brief The XML interface uses a socket to communicate using XML.
+ * 
+ * @b Constructors:
+ * - xml_interface_create()
+ * 
+ * @ingroup interfaces
+ */
+struct xml_interface_t {
+	
+	/**
+	 * implements interface_t.
+	 */
+	interface_t interface;
+};
+
+
+/**
+ * @brief Create the XML interface.
+ *
+ * @return 			stroke_t object
+ * 
+ * @ingroup interfaces
+ */
+interface_t *interface_create(void);
+
+#endif /* XML_INTERFACE_H_ */
+