prototype implemementation of an sqlite configuration backend

9 files changed, 454 insertions, 84 deletions

diff --git a/src/charon/Makefile.am b/src/charon/Makefile.am
index 9812a32ae..ec4279ec8 100644
--- a/src/charon/Makefile.am
+++ b/src/charon/Makefile.am
@@ -89,7 +89,7 @@ sa/tasks/task.c sa/tasks/task.h
 
 
 INCLUDES = -I${linuxdir} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon -I$(top_srcdir)/src/stroke
-AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \
+AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \
 	-DIPSEC_EAPDIR=\"${eapdir}\" -DIPSEC_BACKENDDIR=\"${backenddir}\" -DIPSEC_INTERFACEDIR=\"${interfacedir}\"
 charon_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lgmp -lpthread -lm -ldl
 
@@ -120,6 +120,13 @@ backend_LTLIBRARIES += liblocal.la
 liblocal_la_SOURCES = config/backends/local_backend.h config/backends/local_backend.c
 liblocal_la_LDFLAGS = -module
 
+if USE_LIBSQLITE
+  backend_LTLIBRARIES += libsqlite.la
+  libsqlite_la_SOURCES = config/backends/sqlite_backend.h config/backends/sqlite_backend.c
+  libsqlite_la_LIBADD = -lsqlite3
+  libsqlite_la_LDFLAGS = -module
+endif
+
 # build control interfaces, stroke interface is always built
 ############################################################
 interface_LTLIBRARIES =
diff --git a/src/charon/config/backend_manager.c b/src/charon/config/backend_manager.c
index 6df68c700..b2104acea 100644
--- a/src/charon/config/backend_manager.c
+++ b/src/charon/config/backend_manager.c
@@ -96,6 +96,22 @@ static peer_cfg_t *get_peer_cfg(private_backend_manager_t *this,
 }
 
 /**
+ * implements backend_manager_t.get_peer_cfg_by_name.
+ */			
+static peer_cfg_t *get_peer_cfg_by_name(private_backend_manager_t *this, char *name)
+{
+	backend_t *backend;
+	peer_cfg_t *config = NULL;
+	iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE);
+	while (config == NULL && iterator->iterate(iterator, (void**)&backend))
+	{
+		config = backend->get_peer_cfg_by_name(backend, name);
+	}
+	iterator->destroy(iterator);
+	return config;
+}
+
+/**
  * implements backend_manager_t.add_peer_cfg.
  */	
 static void add_peer_cfg(private_backend_manager_t *this, peer_cfg_t *config)
@@ -214,6 +230,7 @@ backend_manager_t *backend_manager_create()
 	
 	this->public.get_ike_cfg = (ike_cfg_t* (*)(backend_manager_t*, host_t*, host_t*))get_ike_cfg;
 	this->public.get_peer_cfg = (peer_cfg_t* (*)(backend_manager_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
+	this->public.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_manager_t*,char*))get_peer_cfg_by_name;
 	this->public.add_peer_cfg = (void (*)(backend_manager_t*,peer_cfg_t*))add_peer_cfg;
 	this->public.create_iterator = (iterator_t* (*)(backend_manager_t*))create_iterator;
 	this->public.destroy = (void (*)(backend_manager_t*))destroy;
diff --git a/src/charon/config/backend_manager.h b/src/charon/config/backend_manager.h
index 22a19a218..7ca6d660e 100644
--- a/src/charon/config/backend_manager.h
+++ b/src/charon/config/backend_manager.h
@@ -88,6 +88,15 @@ struct backend_manager_t {
 								ca_info_t *other_ca_info);
 	
 	/**
+	 * @brief Get a peer_config identified by it's name.
+	 *
+	 * @param this				calling object
+	 * @param name				name of the peer_config
+	 * @return					matching peer_config, or NULL if none found
+	 */
+	peer_cfg_t* (*get_peer_cfg_by_name)(backend_manager_t *this, char *name);
+	
+	/**
 	 * @brief Add a peer_config to the first found writable backend.
 	 *
 	 * @param this		calling object
diff --git a/src/charon/config/backends/backend.h b/src/charon/config/backends/backend.h
index acab660b6..592d1dd4c 100644
--- a/src/charon/config/backends/backend.h
+++ b/src/charon/config/backends/backend.h
@@ -71,6 +71,15 @@ struct backend_t {
 								ca_info_t *other_ca_info);
 	
 	/**
+	 * @brief Get a peer_cfg identified by it's name, or a name of its child.
+	 *
+	 * @param this				calling object
+	 * @param name				
+	 * @return					matching peer_config, or NULL if none found
+	 */
+	peer_cfg_t *(*get_peer_cfg_by_name)(backend_t *this, char *name);
+	
+	/**
 	 * @brief Check if a backend is writable and implements writable_backend_t.
 	 *
 	 * @param this		calling object
diff --git a/src/charon/config/backends/local_backend.c b/src/charon/config/backends/local_backend.c
index b5795098a..e04c72ac1 100644
--- a/src/charon/config/backends/local_backend.c
+++ b/src/charon/config/backends/local_backend.c
@@ -225,6 +225,46 @@ static peer_cfg_t *get_peer_cfg(private_local_backend_t *this,
 }
 
 /**
+ * implements backend_t.get_peer_cfg_by_name.
+ */			
+static peer_cfg_t *get_peer_cfg_by_name(private_local_backend_t *this, char *name)
+{
+	iterator_t *i1, *i2;
+	peer_cfg_t *current, *found = NULL;
+	child_cfg_t *child;
+
+	i1 = this->cfgs->create_iterator(this->cfgs, TRUE);
+	while (i1->iterate(i1, (void**)&current))
+	{
+        /* compare peer_cfgs name first */
+        if (streq(current->get_name(current), name))
+        {
+            found = current;
+            found->get_ref(found);
+            break;
+        }
+        /* compare all child_cfg names otherwise */
+        i2 = current->create_child_cfg_iterator(current);
+        while (i2->iterate(i2, (void**)&child))
+        {
+            if (streq(child->get_name(child), name))
+            {
+                found = current;
+                found->get_ref(found);
+                break;
+            }
+        }
+        i2->destroy(i2);
+        if (found)
+        {
+            break;
+        }
+	}
+	i1->destroy(i1);
+	return found;
+}
+
+/**
  * Implementation of backend_t.is_writable.
  */
 static bool is_writeable(private_local_backend_t *this)
@@ -268,6 +308,7 @@ backend_t *backend_create(void)
 	
 	this->public.backend.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg;
 	this->public.backend.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
+	this->public.backend.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
     this->public.backend.backend.is_writeable = (bool(*) (backend_t*))is_writeable;
     this->public.backend.backend.destroy = (void (*)(backend_t*))destroy;
 	this->public.backend.create_iterator = (iterator_t* (*)(writeable_backend_t*))create_iterator;
diff --git a/src/charon/config/backends/sqlite_backend.c b/src/charon/config/backends/sqlite_backend.c
new file mode 100644
index 000000000..2db90f909
--- /dev/null
+++ b/src/charon/config/backends/sqlite_backend.c
@@ -0,0 +1,307 @@
+/**
+ * @file sqlite_backend.c
+ *
+ * @brief Implementation of sqlite_backend_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <sqlite3.h>
+
+#include "sqlite_backend.h"
+
+#include <daemon.h>
+
+
+typedef struct private_sqlite_backend_t private_sqlite_backend_t;
+
+/**
+ * Private data of an sqlite_backend_t object
+ */
+struct private_sqlite_backend_t {
+
+	/**
+	 * Public part
+	 */
+	sqlite_backend_t public;
+	
+	/**
+	 * SQLite database handle
+	 */
+	sqlite3 *db;
+};
+
+/**
+ * implements backen_t.get_ike_cfg.
+ */
+static ike_cfg_t *get_ike_cfg(private_sqlite_backend_t *this, 
+							  host_t *my_host, host_t *other_host)
+{
+	return NULL;
+}
+
+/**
+ * add TS with child "id" to "child_cfg"
+ */
+static void add_ts(private_sqlite_backend_t *this, child_cfg_t *child_cfg, int id)
+{
+	sqlite3_stmt *stmt;
+	
+	if (sqlite3_prepare_v2(this->db,
+		"SELECT type, protocol, start_addr, end_addr, start_port, end_port, kind "
+		"FROM traffic_selectors, child_config_traffic_selector "
+			"ON traffic_selectors.oid = child_config_traffic_selector.traffic_selector "
+		"WHERE child_config_traffic_selector.child_cfg = ?;",
+		-1, &stmt, NULL) == SQLITE_OK &&
+		sqlite3_bind_int(stmt, 1, id) == SQLITE_OK)
+	{
+		while (sqlite3_step(stmt) == SQLITE_ROW)
+		{
+			traffic_selector_t *ts;
+			bool local = FALSE;
+			enum {
+				TS_LOCAL = 0,
+				TS_REMOTE = 1,
+				TS_LOCAL_DYNAMIC = 2,
+				TS_REMOTE_DYNAMIC = 3,
+			} kind;
+			
+			kind = sqlite3_column_int(stmt, 6);
+			switch (kind)
+			{
+				case TS_LOCAL:
+					local = TRUE;
+					/* FALL */
+				case TS_REMOTE:
+					ts = traffic_selector_create_from_string(
+						sqlite3_column_int(stmt, 1), 			/* protocol */
+						sqlite3_column_int(stmt, 0),			/* type */
+						(char*)sqlite3_column_text(stmt, 2),	/* from addr */
+						sqlite3_column_int(stmt, 4),			/* from port */
+						(char*)sqlite3_column_text(stmt, 3),	/* to addr */
+						sqlite3_column_int(stmt, 5));			/* to port */
+					break;
+				case TS_LOCAL_DYNAMIC:
+					local = TRUE;
+					/* FALL */
+				case TS_REMOTE_DYNAMIC:
+					ts = traffic_selector_create_dynamic(
+						sqlite3_column_int(stmt, 1), 			/* protocol */
+						sqlite3_column_int(stmt, 0),			/* type */
+						sqlite3_column_int(stmt, 4),			/* from port */
+						sqlite3_column_int(stmt, 5));			/* to port */
+					break;
+				default:
+					continue;
+			}
+			if (ts)
+			{
+				child_cfg->add_traffic_selector(child_cfg, local, ts);
+			}
+		}
+	}
+	sqlite3_finalize(stmt);
+}
+
+/**
+ * add childrens belonging to config with "id" to "peer_cfg"
+ */
+static void add_children(private_sqlite_backend_t *this, peer_cfg_t *peer_cfg, int id)
+{
+	sqlite3_stmt *stmt;
+	child_cfg_t *child_cfg;
+	
+	if (sqlite3_prepare_v2(this->db,
+		"SELECT child_configs.oid, name, updown, hostaccess, mode, "
+			   "lifetime, rekeytime, jitter "
+		"FROM child_configs, peer_config_child_config "
+			"ON child_configs.oid = peer_config_child_config.child_cfg "
+		"WHERE peer_config_child_config.peer_cfg = ?;",
+		-1, &stmt, NULL) == SQLITE_OK &&
+		sqlite3_bind_int(stmt, 1, id) == SQLITE_OK)
+	{
+		while (sqlite3_step(stmt) == SQLITE_ROW)
+		{
+			child_cfg = child_cfg_create(
+					(char*)sqlite3_column_text(stmt, 1), 	/* name */
+					sqlite3_column_int(stmt, 5),			/* lifetime */
+					sqlite3_column_int(stmt, 6), 			/* rekeytime */
+					sqlite3_column_int(stmt, 7),			/* jitter */
+					(char*)sqlite3_column_text(stmt, 2), 	/* updown */
+					sqlite3_column_int(stmt, 3),			/* hostaccess */
+					sqlite3_column_int(stmt, 4));			/* mode */
+			add_ts(this, child_cfg, sqlite3_column_int(stmt, 0));
+			child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
+			peer_cfg->add_child_cfg(peer_cfg, child_cfg);
+		}
+	}
+	sqlite3_finalize(stmt);
+}
+
+/**
+ * processing function for get_peer_cfg and get_peer_cfg_by_name
+ */
+static peer_cfg_t *process_peer_cfg_row(private_sqlite_backend_t *this,
+										sqlite3_stmt *stmt)
+{
+	host_t *local_host, *remote_host, *local_vip = NULL, *remote_vip = NULL;
+	identification_t *local_id, *remote_id;
+	peer_cfg_t *peer_cfg;
+	ike_cfg_t *ike_cfg;
+
+	local_host = host_create_from_string((char*)sqlite3_column_text(stmt, 17), IKEV2_UDP_PORT);
+	remote_host = host_create_from_string((char*)sqlite3_column_text(stmt, 18), IKEV2_UDP_PORT);
+	if (sqlite3_column_text(stmt, 15))
+	{
+		local_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 15), 0);
+	}
+	if (sqlite3_column_text(stmt, 16))
+	{
+		remote_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 16), 0);
+	}
+	local_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 2));
+	remote_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 3));
+	if (local_host && remote_host && local_id && remote_id)
+	{
+		ike_cfg = ike_cfg_create(sqlite3_column_int(stmt, 19),  local_host, remote_host);		
+		ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+		peer_cfg = peer_cfg_create(
+			(char*)sqlite3_column_text(stmt, 1),		/* name */
+			2, ike_cfg,	local_id, remote_id, NULL, NULL, linked_list_create(),
+			sqlite3_column_int(stmt, 4),				/* cert_policy */
+			sqlite3_column_int(stmt, 5),				/* auth_method */
+			sqlite3_column_int(stmt, 6),				/* eap_type */
+			sqlite3_column_int(stmt, 7),				/* keyingtries */
+			sqlite3_column_int(stmt, 8),				/* lifetime */
+			sqlite3_column_int(stmt, 9),				/* rekeytime */
+			sqlite3_column_int(stmt, 10),				/* jitter */
+			sqlite3_column_int(stmt, 13),				/* reauth */
+			sqlite3_column_int(stmt, 14),				/* mobike */
+			sqlite3_column_int(stmt, 11),				/* dpd_delay */
+			sqlite3_column_int(stmt, 12),				/* dpd_action */
+			local_vip, remote_vip);
+		add_children(this, peer_cfg, sqlite3_column_int(stmt, 0));
+		return peer_cfg;
+	}
+	
+	DESTROY_IF(local_host);
+	DESTROY_IF(remote_host);
+	DESTROY_IF(local_id);
+	DESTROY_IF(remote_id);
+	DESTROY_IF(local_vip);
+	DESTROY_IF(remote_vip);
+	return NULL;
+}
+
+/**
+ * implements backend_t.get_peer_cfg.
+ */			
+static peer_cfg_t *get_peer_cfg(private_sqlite_backend_t *this,
+								identification_t *my_id, identification_t *other_id,
+								ca_info_t *other_ca_info)
+{
+	sqlite3_stmt *stmt;
+	char local[256], remote[256];
+	peer_cfg_t *peer_cfg = NULL;
+
+	snprintf(local, sizeof(local), "%D",  my_id);
+	snprintf(remote, sizeof(remote), "%D", other_id);
+	
+	if (sqlite3_prepare_v2(this->db,
+			"SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, "
+				   "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, "
+				   "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, "
+				   "local, remote, certreq "
+			"FROM peer_configs, ike_configs "
+				"ON peer_configs.ike_cfg = ike_configs.oid "
+			"WHERE local_id = ? and remote_id = ?;", -1, &stmt, NULL) == SQLITE_OK &&
+		sqlite3_bind_text(stmt, 1, local, -1, SQLITE_STATIC) == SQLITE_OK &&
+		sqlite3_bind_text(stmt, 2, remote, -1, SQLITE_STATIC) == SQLITE_OK &&
+		sqlite3_step(stmt) == SQLITE_ROW)
+	{
+		peer_cfg = process_peer_cfg_row(this, stmt);
+	}
+	sqlite3_finalize(stmt);
+	return peer_cfg;
+}
+
+/**
+ * implements backend_t.get_peer_cfg_by_name.
+ */			
+static peer_cfg_t *get_peer_cfg_by_name(private_sqlite_backend_t *this, char *name)
+{
+	sqlite3_stmt *stmt;
+	peer_cfg_t *peer_cfg = NULL;
+	
+	if (sqlite3_prepare_v2(this->db,
+			"SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, "
+				   "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, "
+				   "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, "
+				   "local, remote, certreq "
+			"FROM peer_configs, ike_configs "
+				"ON peer_configs.ike_cfg = ike_configs.oid "
+			"WHERE name = ? ;", -1, &stmt, NULL) == SQLITE_OK &&
+		sqlite3_bind_text(stmt, 1, name, -1, SQLITE_STATIC) == SQLITE_OK &&
+		sqlite3_step(stmt) == SQLITE_ROW)
+	{
+		peer_cfg = process_peer_cfg_row(this, stmt);
+	}
+	sqlite3_finalize(stmt);
+	return peer_cfg;
+}
+
+/**
+ * Implementation of backend_t.is_writable.
+ */
+static bool is_writeable(private_sqlite_backend_t *this)
+{
+    return FALSE;
+}
+
+/**
+ * Implementation of backend_t.destroy.
+ */
+static void destroy(private_sqlite_backend_t *this)
+{
+	sqlite3_close(this->db);
+    free(this);
+}
+
+/**
+ * Described in header.
+ */
+backend_t *backend_create(void)
+{
+	private_sqlite_backend_t *this = malloc_thing(private_sqlite_backend_t);
+
+	this->public.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg;
+	this->public.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
+	this->public.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
+	this->public.backend.is_writeable = (bool(*) (backend_t*))is_writeable;
+	this->public.backend.destroy = (void (*)(backend_t*))destroy;
+	
+	if (sqlite3_open(IPSEC_DIR "/sqlite.db", &this->db) != SQLITE_OK)
+	{
+		DBG1(DBG_CFG, "opening SQLite database '" IPSEC_DIR "/sqlite.db' failed.");
+		destroy(this);
+		return NULL;
+	}
+	
+	return &this->public.backend;
+}
+
diff --git a/src/charon/config/backends/sqlite_backend.h b/src/charon/config/backends/sqlite_backend.h
new file mode 100644
index 000000000..4bc146583
--- /dev/null
+++ b/src/charon/config/backends/sqlite_backend.h
@@ -0,0 +1,58 @@
+/**
+ * @file sqlite_backend.h
+ *
+ * @brief Interface of sqlite_backend_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+ 
+#ifndef SQLITE_BACKEND_H_
+#define SQLITE_BACKEND_H_
+
+typedef struct sqlite_backend_t sqlite_backend_t;
+
+#include <library.h>
+
+#include "backend.h"
+
+/**
+ * @brief An SQLite based configuration backend.
+ *
+ * @b Constructors:
+ *  - sqlite_backend_create()
+ * 
+ * @ingroup backends
+ */
+struct sqlite_backend_t {
+	
+	/**
+	 * Implements backend_t interface
+	 */
+	backend_t backend;
+};
+
+/**
+ * @brief Create a backend_t instance implemented as sqlite backend.
+ *
+ * @return backend instance
+ * 
+ * @ingroup backends
+ */
+backend_t *backend_create(void);
+
+#endif /* SQLITE_BACKEND_H_ */
+
diff --git a/src/charon/control/interfaces/dbus_interface.c b/src/charon/control/interfaces/dbus_interface.c
index d93a5d048..10307af88 100644
--- a/src/charon/control/interfaces/dbus_interface.c
+++ b/src/charon/control/interfaces/dbus_interface.c
@@ -119,46 +119,6 @@ static child_cfg_t* get_child_from_peer(peer_cfg_t *peer_cfg, char *name)
 }
 
 /**
- * get a peer configuration by its name, or a name of its children
- */
-static peer_cfg_t *get_peer_cfg_by_name(char *name)
-{
-	iterator_t *i1, *i2;
-	peer_cfg_t *current, *found = NULL;
-	child_cfg_t *child;
-
-	i1 = charon->backends->create_iterator(charon->backends);
-	while (i1->iterate(i1, (void**)&current))
-	{
-	        /* compare peer_cfgs name first */
-	        if (streq(current->get_name(current), name))
-	        {
-	                found = current;
-	                found->get_ref(found);
-	                break;
-	        }
-	        /* compare all child_cfg names otherwise */
-	        i2 = current->create_child_cfg_iterator(current);
-	        while (i2->iterate(i2, (void**)&child))
-	        {
-	                if (streq(child->get_name(child), name))
-	                {
-	                        found = current;
-	                        found->get_ref(found);
-	                        break;
-	                }
-	        }
-	        i2->destroy(i2);
-	        if (found)
-	        {
-	                break;
-	        }
-	}
-	i1->destroy(i1);
-	return found;
-}
-
-/**
  * logging dummy
  */
 static bool dbus_log(void *param, signal_t signal, level_t level,
@@ -197,7 +157,7 @@ static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg)
 	}
 	set_state(this, NM_VPN_STATE_STARTING);
 	
-	peer_cfg = get_peer_cfg_by_name(name);
+	peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, name);
 	if (peer_cfg)
 	{
 		free(this->name);
diff --git a/src/charon/control/interfaces/stroke_interface.c b/src/charon/control/interfaces/stroke_interface.c
index 1a827249a..74bfa1aec 100755
--- a/src/charon/control/interfaces/stroke_interface.c
+++ b/src/charon/control/interfaces/stroke_interface.c
@@ -719,46 +719,6 @@ static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level,
 }
 
 /**
- * get a peer configuration by its name, or a name of its children
- */
-static peer_cfg_t *get_peer_cfg_by_name(char *name)
-{
-	iterator_t *i1, *i2;
-	peer_cfg_t *current, *found = NULL;
-	child_cfg_t *child;
-
-	i1 = charon->backends->create_iterator(charon->backends);
-	while (i1->iterate(i1, (void**)&current))
-	{
-	        /* compare peer_cfgs name first */
-	        if (streq(current->get_name(current), name))
-	        {
-	                found = current;
-	                found->get_ref(found);
-	                break;
-	        }
-	        /* compare all child_cfg names otherwise */
-	        i2 = current->create_child_cfg_iterator(current);
-	        while (i2->iterate(i2, (void**)&child))
-	        {
-	                if (streq(child->get_name(child), name))
-	                {
-	                        found = current;
-	                        found->get_ref(found);
-	                        break;
-	                }
-	        }
-	        i2->destroy(i2);
-	        if (found)
-	        {
-	                break;
-	        }
-	}
-	i1->destroy(i1);
-	return found;
-}
-
-/**
  * initiate a connection by name
  */
 static void stroke_initiate(stroke_msg_t *msg, FILE *out)
@@ -770,7 +730,8 @@ static void stroke_initiate(stroke_msg_t *msg, FILE *out)
 	pop_string(msg, &(msg->initiate.name));
 	DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name);
 	
-	peer_cfg = get_peer_cfg_by_name(msg->initiate.name);
+	peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
+													  msg->initiate.name);
 	if (peer_cfg == NULL)
 	{
 		fprintf(out, "no config named '%s'\n", msg->initiate.name);
@@ -818,7 +779,8 @@ static void stroke_route(stroke_msg_t *msg, FILE *out)
 	pop_string(msg, &(msg->route.name));
 	DBG1(DBG_CFG, "received stroke: route '%s'", msg->route.name);
 	
-	peer_cfg = get_peer_cfg_by_name(msg->route.name);
+	peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
+													  msg->route.name);
 	if (peer_cfg == NULL)
 	{
 		fprintf(out, "no config named '%s'\n", msg->route.name);