Give plugins more control of which configuration attributes to request, and pass received attributes back to the requesting handler

4 files changed, 99 insertions, 19 deletions

diff --git a/src/libstrongswan/attributes/attribute_handler.h b/src/libstrongswan/attributes/attribute_handler.h
index c9b668cc3..d042f47ef 100644
--- a/src/libstrongswan/attributes/attribute_handler.h
+++ b/src/libstrongswan/attributes/attribute_handler.h
@@ -22,6 +22,7 @@
 #define ATTRIBUTE_HANDLER_H_
 
 #include <chunk.h>
+#include <utils/host.h>
 #include <utils/identification.h>
 
 #include "attributes.h"
@@ -56,6 +57,16 @@ struct attribute_handler_t {
 	 */
 	void (*release)(attribute_handler_t *this, identification_t *server,
 					configuration_attribute_type_t type, chunk_t data);
+
+	/**
+	 * Enumerate attributes to request from a server.
+	 *
+	 * @param server		server identity to request attributes from
+	 * @param vip			virtual IP we are requesting, if any
+	 * @return				enumerator (configuration_attribute_type_t, chunk_t)
+	 */
+	enumerator_t* (*create_attribute_enumerator)(attribute_handler_t *this,
+										identification_t *server, host_t *vip);
 };
 
 #endif /** ATTRIBUTE_HANDLER_H_ @}*/
diff --git a/src/libstrongswan/attributes/attribute_manager.c b/src/libstrongswan/attributes/attribute_manager.c
index e09c211dc..0615316f9 100644
--- a/src/libstrongswan/attributes/attribute_manager.c
+++ b/src/libstrongswan/attributes/attribute_manager.c
@@ -48,6 +48,16 @@ struct private_attribute_manager_t {
 };
 
 /**
+ * Data to pass to enumerator filters
+ */
+typedef struct {
+	/** server/peer identity */
+	identification_t *id;
+	/** requesting/assigned virtual IP */
+	host_t *vip;
+} enum_data_t;
+
+/**
  * Implementation of attribute_manager_t.acquire_address.
  */
 static host_t* acquire_address(private_attribute_manager_t *this,
@@ -108,25 +118,29 @@ static void release_address(private_attribute_manager_t *this,
 }
 
 /**
- * inner enumerator constructor for attributes
+ * inner enumerator constructor for responder attributes
  */
-static enumerator_t *attrib_enum_create(attribute_provider_t *provider,
-										identification_t *id)
+static enumerator_t *responder_enum_create(attribute_provider_t *provider,
+										   enum_data_t *data)
 {
-	return provider->create_attribute_enumerator(provider, id);
+	return provider->create_attribute_enumerator(provider, data->id, data->vip);
 }
 
 /**
- * Implementation of attribute_manager_t.create_attribute_enumerator
+ * Implementation of attribute_manager_t.create_responder_enumerator
  */
-static enumerator_t* create_attribute_enumerator(
-						private_attribute_manager_t *this, identification_t *id)
+static enumerator_t* create_responder_enumerator(
+			private_attribute_manager_t *this, identification_t *id, host_t *vip)
 {
+	enum_data_t *data = malloc_thing(enum_data_t);
+
+	data->id = id;
+	data->vip = vip;
 	this->lock->read_lock(this->lock);
 	return enumerator_create_cleaner(
 				enumerator_create_nested(
 					this->providers->create_enumerator(this->providers),
-					(void*)attrib_enum_create, id, NULL),
+					(void*)responder_enum_create, data, free),
 				(void*)this->lock->unlock, this->lock);
 }
 
@@ -156,24 +170,38 @@ static void remove_provider(private_attribute_manager_t *this,
  * Implementation of attribute_manager_t.handle
  */
 static attribute_handler_t* handle(private_attribute_manager_t *this,
-								   identification_t *server,
-								   configuration_attribute_type_t type,
-								   chunk_t data)
+						identification_t *server, attribute_handler_t *handler,
+						configuration_attribute_type_t type, chunk_t data)
 {
 	enumerator_t *enumerator;
 	attribute_handler_t *current, *handled = NULL;
 
 	this->lock->read_lock(this->lock);
+
+	/* try to find the passed handler */
 	enumerator = this->handlers->create_enumerator(this->handlers);
 	while (enumerator->enumerate(enumerator, &current))
 	{
-		if (current->handle(current, server, type, data))
+		if (current == handler && current->handle(current, server, type, data))
 		{
 			handled = current;
 			break;
 		}
 	}
 	enumerator->destroy(enumerator);
+	if (!handled)
+	{	/* handler requesting this attribute not found, try any other */
+		enumerator = this->handlers->create_enumerator(this->handlers);
+		while (enumerator->enumerate(enumerator, &current))
+		{
+			if (current->handle(current, server, type, data))
+			{
+				handled = current;
+				break;
+			}
+		}
+		enumerator->destroy(enumerator);
+	}
 	this->lock->unlock(this->lock);
 
 	if (!handled)
@@ -210,6 +238,33 @@ static void release(private_attribute_manager_t *this,
 }
 
 /**
+ * inner enumerator constructor for initiator attributes
+ */
+static enumerator_t *initiator_enum_create(attribute_handler_t *handler,
+										   enum_data_t *data)
+{
+	return handler->create_attribute_enumerator(handler, data->id, data->vip);
+}
+
+/**
+ * Implementation of attribute_manager_t.create_initiator_enumerator
+ */
+static enumerator_t* create_initiator_enumerator(
+		private_attribute_manager_t *this, identification_t *id, host_t *vip)
+{
+	enum_data_t *data = malloc_thing(enum_data_t);
+
+	data->id = id;
+	data->vip = vip;
+	this->lock->read_lock(this->lock);
+	return enumerator_create_cleaner(
+				enumerator_create_nested(
+					this->handlers->create_enumerator(this->handlers),
+					(void*)initiator_enum_create, data, free),
+				(void*)this->lock->unlock, this->lock);
+}
+
+/**
  * Implementation of attribute_manager_t.add_handler
  */
 static void add_handler(private_attribute_manager_t *this,
@@ -251,11 +306,12 @@ attribute_manager_t *attribute_manager_create()
 
 	this->public.acquire_address = (host_t*(*)(attribute_manager_t*, char*, identification_t*,host_t*))acquire_address;
 	this->public.release_address = (void(*)(attribute_manager_t*, char *, host_t*, identification_t*))release_address;
-	this->public.create_attribute_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*))create_attribute_enumerator;
+	this->public.create_responder_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*, host_t*))create_responder_enumerator;
 	this->public.add_provider = (void(*)(attribute_manager_t*, attribute_provider_t *provider))add_provider;
 	this->public.remove_provider = (void(*)(attribute_manager_t*, attribute_provider_t *provider))remove_provider;
-	this->public.handle = (attribute_handler_t*(*)(attribute_manager_t*, identification_t*, configuration_attribute_type_t, chunk_t))handle;
+	this->public.handle = (attribute_handler_t*(*)(attribute_manager_t*,identification_t*, attribute_handler_t*, configuration_attribute_type_t, chunk_t))handle;
 	this->public.release = (void(*)(attribute_manager_t*, attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))release;
+	this->public.create_initiator_enumerator = (enumerator_t*(*)(attribute_manager_t*, identification_t*, host_t*))create_initiator_enumerator;
 	this->public.add_handler = (void(*)(attribute_manager_t*, attribute_handler_t*))add_handler;
 	this->public.remove_handler = (void(*)(attribute_manager_t*, attribute_handler_t*))remove_handler;
 	this->public.destroy = (void(*)(attribute_manager_t*))destroy;
diff --git a/src/libstrongswan/attributes/attribute_manager.h b/src/libstrongswan/attributes/attribute_manager.h
index ba194b563..642662366 100644
--- a/src/libstrongswan/attributes/attribute_manager.h
+++ b/src/libstrongswan/attributes/attribute_manager.h
@@ -62,10 +62,11 @@ struct attribute_manager_t {
 	 * Create an enumerator over attributes to hand out to a peer.
 	 *
 	 * @param id			peer identity to hand out attributes to
+	 * @param vip			virtual IP to assign to peer, if any
 	 * @return				enumerator (configuration_attribute_type_t, chunk_t)
 	 */
-	enumerator_t* (*create_attribute_enumerator)(attribute_manager_t *this,
-												 identification_t *id);
+	enumerator_t* (*create_responder_enumerator)(attribute_manager_t *this,
+											identification_t *id, host_t *vip);
 
 	/**
 	 * Register an attribute provider to the manager.
@@ -86,13 +87,14 @@ struct attribute_manager_t {
 	 * Handle a configuration attribute by passing them to the handlers.
 	 *
 	 * @param server		server from which the attribute was received
+	 * @param handler		handler we requested the attribute for, if any
 	 * @param type			type of configuration attribute
 	 * @param data			associated attribute data
 	 * @return				handler which handled this attribute, NULL if none
 	 */
 	attribute_handler_t* (*handle)(attribute_manager_t *this,
-							identification_t *server,
-							configuration_attribute_type_t type, chunk_t data);
+						identification_t *server, attribute_handler_t *handler,
+						configuration_attribute_type_t type, chunk_t data);
 
 	/**
 	 * Release an attribute previously handle()d by a handler.
@@ -108,6 +110,16 @@ struct attribute_manager_t {
 						chunk_t data);
 
 	/**
+	 * Create an enumerator over attributes to request from server.
+	 *
+	 * @param id			server identity to hand out attributes to
+	 * @param vip			virtual IP going to request, if any
+	 * @return				enumerator (attribute_handler_t, ca_type_t, chunk_t)
+	 */
+	enumerator_t* (*create_initiator_enumerator)(attribute_manager_t *this,
+											identification_t *id, host_t *vip);
+
+	/**
 	 * Register an attribute handler to the manager.
 	 *
 	 * @param handler		attribute handler to register
diff --git a/src/libstrongswan/attributes/attribute_provider.h b/src/libstrongswan/attributes/attribute_provider.h
index 14721d921..f8485cc6c 100644
--- a/src/libstrongswan/attributes/attribute_provider.h
+++ b/src/libstrongswan/attributes/attribute_provider.h
@@ -57,10 +57,11 @@ struct attribute_provider_t {
 	 * Create an enumerator over attributes to hand out to a peer.
 	 *
 	 * @param id			peer ID
+	 * @param vip			virtual IP to assign to peer, if any
 	 * @return				enumerator (configuration_attribute_type_t, chunk_t)
 	 */
 	enumerator_t* (*create_attribute_enumerator)(attribute_provider_t *this,
-												 identification_t *id);
+											identification_t *id, host_t *vip);
 };
 
 #endif /** ATTRIBUTE_PROVIDER_H_ @}*/