diff options
| -rw-r--r-- | src/libcharon/plugins/xauth_null/xauth_null.c | 10 | ||||
| -rw-r--r-- | src/libcharon/plugins/xauth_null/xauth_null.h | 4 | ||||
| -rw-r--r-- | src/libcharon/plugins/xauth_null/xauth_null_plugin.c | 4 | ||||
| -rw-r--r-- | src/libcharon/sa/authenticators/xauth/xauth_manager.c | 53 | ||||
| -rw-r--r-- | src/libcharon/sa/authenticators/xauth/xauth_manager.h | 26 | ||||
| -rw-r--r-- | src/libcharon/sa/authenticators/xauth/xauth_method.c | 6 | ||||
| -rw-r--r-- | src/libcharon/sa/authenticators/xauth/xauth_method.h | 22 | ||||
| -rw-r--r-- | src/libstrongswan/Makefile.am | 3 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/plugin_feature.h | 7 | ||||
| -rw-r--r-- | src/libstrongswan/xauth/xauth.c | 50 | ||||
| -rw-r--r-- | src/libstrongswan/xauth/xauth.h | 54 |
11 files changed, 52 insertions, 187 deletions
diff --git a/src/libcharon/plugins/xauth_null/xauth_null.c b/src/libcharon/plugins/xauth_null/xauth_null.c index 34ed4959a..5d2b02d24 100644 --- a/src/libcharon/plugins/xauth_null/xauth_null.c +++ b/src/libcharon/plugins/xauth_null/xauth_null.c @@ -72,12 +72,6 @@ METHOD(xauth_method_t, initiate_server, status_t, return NEED_MORE; } -METHOD(xauth_method_t, get_type, xauth_type_t, - private_xauth_null_t *this, u_int32_t *vendor) -{ - return XAUTH_NULL; -} - METHOD(xauth_method_t, destroy, void, private_xauth_null_t *this) { @@ -89,7 +83,7 @@ METHOD(xauth_method_t, destroy, void, * Described in header. */ xauth_null_t *xauth_null_create_peer(identification_t *server, - identification_t *peer) + identification_t *peer) { private_xauth_null_t *this; @@ -98,7 +92,6 @@ xauth_null_t *xauth_null_create_peer(identification_t *server, .xauth_method = { .initiate = _initiate_peer, .process = _process_peer, - .get_type = _get_type, .destroy = _destroy, }, }, @@ -121,7 +114,6 @@ xauth_null_t *xauth_null_create_server(identification_t *server, .xauth_method = { .initiate = _initiate_server, .process = _process_server, - .get_type = _get_type, .destroy = _destroy, }, }, diff --git a/src/libcharon/plugins/xauth_null/xauth_null.h b/src/libcharon/plugins/xauth_null/xauth_null.h index e3ebaa128..1d3c34002 100644 --- a/src/libcharon/plugins/xauth_null/xauth_null.h +++ b/src/libcharon/plugins/xauth_null/xauth_null.h @@ -44,7 +44,7 @@ struct xauth_null_t { * @return xauth_null_t object */ xauth_null_t *xauth_null_create_server(identification_t *server, - identification_t *peer); + identification_t *peer); /** * Creates the XAuth method XAuth NULL, acting as peer. @@ -54,6 +54,6 @@ xauth_null_t *xauth_null_create_server(identification_t *server, * @return xauth_null_t object */ xauth_null_t *xauth_null_create_peer(identification_t *server, - identification_t *peer); + identification_t *peer); #endif /** XAUTH_NULL_H_ @}*/ diff --git a/src/libcharon/plugins/xauth_null/xauth_null_plugin.c b/src/libcharon/plugins/xauth_null/xauth_null_plugin.c index 25b7b3841..28ea7af8d 100644 --- a/src/libcharon/plugins/xauth_null/xauth_null_plugin.c +++ b/src/libcharon/plugins/xauth_null/xauth_null_plugin.c @@ -29,9 +29,9 @@ METHOD(plugin_t, get_features, int, { static plugin_feature_t f[] = { PLUGIN_CALLBACK(xauth_method_register, xauth_null_create_server), - PLUGIN_PROVIDE(XAUTH_SERVER, XAUTH_NULL), + PLUGIN_PROVIDE(XAUTH_SERVER, "null"), PLUGIN_CALLBACK(xauth_method_register, xauth_null_create_peer), - PLUGIN_PROVIDE(XAUTH_PEER, XAUTH_NULL), + PLUGIN_PROVIDE(XAUTH_PEER, "null"), }; *features = f; return countof(f); diff --git a/src/libcharon/sa/authenticators/xauth/xauth_manager.c b/src/libcharon/sa/authenticators/xauth/xauth_manager.c index 3cddf64bd..618a0bdac 100644 --- a/src/libcharon/sa/authenticators/xauth/xauth_manager.c +++ b/src/libcharon/sa/authenticators/xauth/xauth_manager.c @@ -1,6 +1,6 @@ /* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * Copyright (C) 2011 Martin Willi + * Copyright (C) 2011 revosec AG * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -27,17 +27,12 @@ typedef struct xauth_entry_t xauth_entry_t; struct xauth_entry_t { /** - * XAuth method type, vendor specific if vendor is set + * Xauth backend name */ - xauth_type_t type; + char *name; /** - * vendor ID, 0 for default XAuth methods - */ - u_int32_t vendor; - - /** - * Role of the method returned by the constructor, XAUTH_SERVER or XAUTH_PEER + * Role of the method, XAUTH_SERVER or XAUTH_PEER */ xauth_role_t role; @@ -69,15 +64,16 @@ struct private_xauth_manager_t { }; METHOD(xauth_manager_t, add_method, void, - private_xauth_manager_t *this, xauth_type_t type, u_int32_t vendor, - xauth_role_t role, xauth_constructor_t constructor) + private_xauth_manager_t *this, char *name, xauth_role_t role, + xauth_constructor_t constructor) { - xauth_entry_t *entry = malloc_thing(xauth_entry_t); + xauth_entry_t *entry; - entry->type = type; - entry->vendor = vendor; - entry->role = role; - entry->constructor = constructor; + INIT(entry, + .name = name, + .role = role, + .constructor = constructor, + ); this->lock->write_lock(this->lock); this->methods->insert_last(this->methods, entry); @@ -105,8 +101,8 @@ METHOD(xauth_manager_t, remove_method, void, } METHOD(xauth_manager_t, create_instance, xauth_method_t*, - private_xauth_manager_t *this, xauth_type_t type, u_int32_t vendor, - xauth_role_t role, identification_t *server, identification_t *peer) + private_xauth_manager_t *this, char *name, xauth_role_t role, + identification_t *server, identification_t *peer) { enumerator_t *enumerator; xauth_entry_t *entry; @@ -116,8 +112,7 @@ METHOD(xauth_manager_t, create_instance, xauth_method_t*, enumerator = this->methods->create_enumerator(this->methods); while (enumerator->enumerate(enumerator, &entry)) { - if (type == entry->type && vendor == entry->vendor && - role == entry->role) + if (streq(name, entry->name) && role == entry->role) { method = entry->constructor(server, peer); if (method) @@ -147,14 +142,14 @@ xauth_manager_t *xauth_manager_create() private_xauth_manager_t *this; INIT(this, - .public = { - .add_method = _add_method, - .remove_method = _remove_method, - .create_instance = _create_instance, - .destroy = _destroy, - }, - .methods = linked_list_create(), - .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), + .public = { + .add_method = _add_method, + .remove_method = _remove_method, + .create_instance = _create_instance, + .destroy = _destroy, + }, + .methods = linked_list_create(), + .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), ); return &this->public; diff --git a/src/libcharon/sa/authenticators/xauth/xauth_manager.h b/src/libcharon/sa/authenticators/xauth/xauth_manager.h index 401c13e99..7f07cc22a 100644 --- a/src/libcharon/sa/authenticators/xauth/xauth_manager.h +++ b/src/libcharon/sa/authenticators/xauth/xauth_manager.h @@ -1,6 +1,6 @@ /* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil + * Copyright (C) 2011 Martin Willi + * Copyright (C) 2011 revosec AG * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -38,34 +38,32 @@ struct xauth_manager_t { /** * Register a XAuth method implementation. * - * @param method vendor specific method, if vendor != 0 - * @param vendor vendor ID, 0 for non-vendor (default) XAuth methods - * @param role XAuth role of the registered method + * @param name backend name to register + * @param role XAUTH_SERVER or XAUTH_PEER * @param constructor constructor function, returns an xauth_method_t */ - void (*add_method)(xauth_manager_t *this, xauth_type_t type, u_int32_t vendor, + void (*add_method)(xauth_manager_t *this, char *name, xauth_role_t role, xauth_constructor_t constructor); /** * Unregister a XAuth method implementation using it's constructor. * - * @param constructor constructor function to remove, as added in add_method + * @param constructor constructor function, as added in add_method */ void (*remove_method)(xauth_manager_t *this, xauth_constructor_t constructor); /** * Create a new XAuth method instance. * - * @param vendor vendor ID, 0 for non-vendor (default) XAuth methods - * @param role role of XAuth method, either XAUTH_SERVER or XAUTH_PEER + * @param name backend name, as it was registered with + * @param role XAUTH_SERVER or XAUTH_PEER * @param server identity of the server * @param peer identity of the peer (client) * @return XAUTH method instance, NULL if no constructor found */ - xauth_method_t* (*create_instance)(xauth_manager_t *this, xauth_type_t type, - u_int32_t vendor, xauth_role_t role, - identification_t *server, - identification_t *peer); + xauth_method_t* (*create_instance)(xauth_manager_t *this, + char *name, xauth_role_t role, + identification_t *server, identification_t *peer); /** * Destroy a eap_manager instance. @@ -78,4 +76,4 @@ struct xauth_manager_t { */ xauth_manager_t *xauth_manager_create(); -#endif /** EAP_MANAGER_H_ @}*/ +#endif /** XAUTH_MANAGER_H_ @}*/ diff --git a/src/libcharon/sa/authenticators/xauth/xauth_method.c b/src/libcharon/sa/authenticators/xauth/xauth_method.c index 14da7b9ba..838822d1e 100644 --- a/src/libcharon/sa/authenticators/xauth/xauth_method.c +++ b/src/libcharon/sa/authenticators/xauth/xauth_method.c @@ -30,9 +30,9 @@ bool xauth_method_register(plugin_t *plugin, plugin_feature_t *feature, { if (reg) { - charon->xauth->add_method(charon->xauth, feature->arg.xauth, 0, - feature->type == FEATURE_XAUTH_SERVER ? XAUTH_SERVER : XAUTH_PEER, - (xauth_constructor_t)data); + charon->xauth->add_method(charon->xauth, feature->arg.xauth, + feature->type == FEATURE_XAUTH_SERVER ? XAUTH_SERVER : XAUTH_PEER, + (xauth_constructor_t)data); } else { diff --git a/src/libcharon/sa/authenticators/xauth/xauth_method.h b/src/libcharon/sa/authenticators/xauth/xauth_method.h index fb289a247..cc3c77540 100644 --- a/src/libcharon/sa/authenticators/xauth/xauth_method.h +++ b/src/libcharon/sa/authenticators/xauth/xauth_method.h @@ -28,7 +28,6 @@ typedef enum xauth_role_t xauth_role_t; #include <plugins/plugin.h> #include <utils/identification.h> #include <encoding/payloads/cp_payload.h> -#include <xauth/xauth.h> /** * Role of an xauth_method, SERVER or PEER (client) @@ -37,6 +36,7 @@ enum xauth_role_t { XAUTH_SERVER, XAUTH_PEER, }; + /** * enum names for xauth_role_t. */ @@ -46,12 +46,8 @@ extern enum_name_t *xauth_role_names; * Interface of an XAuth method for server and client side. * * An XAuth method initiates an XAuth exchange and processes requests and - * responses. An XAuth method may need multiple exchanges before succeeding, and - * the xauth_authentication may use multiple XAuth methods to authenticate a peer. - * To accomplish these requirements, all XAuth methods have their own - * implementation while the xauth_authenticatior uses one or more of these - * XAuth methods. Sending of XAUTH(STATUS) message is not the job - * of the method, the xauth_authenticator does this. + * responses. An XAuth method may need multiple exchanges before succeeding. + * Sending of XAUTH(STATUS) message is done by the framework, not a method. */ struct xauth_method_t { @@ -85,14 +81,6 @@ struct xauth_method_t { cp_payload_t **out); /** - * Get the XAuth type implemented in this method. - * - * @param vendor pointer receiving vendor identifier for type, 0 for none - * @return type of the XAuth method - */ - xauth_type_t (*get_type) (xauth_method_t *this, u_int32_t *vendor); - - /** * Destroys a eap_method_t object. */ void (*destroy) (xauth_method_t *this); @@ -106,8 +94,6 @@ struct xauth_method_t { * Constructors for server and peers are identical, to support both roles * of a XAuth method, a plugin needs register two constructors in the * xauth_manager_t. - * The passed identites are of type ID_EAP and valid only during the - * constructor invocation. * * @param server ID of the server to use for credential lookup * @param peer ID of the peer to use for credential lookup @@ -128,6 +114,6 @@ typedef xauth_method_t *(*xauth_constructor_t)(identification_t *server, * @param data data passed to callback, an xauth_constructor_t */ bool xauth_method_register(plugin_t *plugin, plugin_feature_t *feature, - bool reg, void *data); + bool reg, void *data); #endif /** XAUTH_METHOD_H_ @}*/ diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index bfa440d03..284decbd9 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -70,8 +70,7 @@ utils/linked_list.c utils/linked_list.h \ utils/hashtable.c utils/hashtable.h \ utils/enumerator.c utils/enumerator.h \ utils/optionsfrom.c utils/optionsfrom.h \ -utils/backtrace.c utils/backtrace.h \ -xauth/xauth.h xauth/xauth.c +utils/backtrace.c utils/backtrace.h library.lo : $(top_builddir)/config.status diff --git a/src/libstrongswan/plugins/plugin_feature.h b/src/libstrongswan/plugins/plugin_feature.h index 89c954471..54fd2c67f 100644 --- a/src/libstrongswan/plugins/plugin_feature.h +++ b/src/libstrongswan/plugins/plugin_feature.h @@ -25,7 +25,6 @@ typedef struct plugin_feature_t plugin_feature_t; #include <library.h> #include <eap/eap.h> -#include <xauth/xauth.h> #include <plugins/plugin.h> /** @@ -188,7 +187,7 @@ struct plugin_feature_t { /** FEATURE_CUSTOM */ char *custom; /** FEATURE_XAUTH_SERVER/CLIENT */ - xauth_type_t xauth; + char *xauth; /** FEATURE_REGISTER */ struct { @@ -273,8 +272,8 @@ struct plugin_feature_t { #define _PLUGIN_FEATURE_DATABASE(kind, type) __PLUGIN_FEATURE(kind, DATABASE, .database = type) #define _PLUGIN_FEATURE_FETCHER(kind, type) __PLUGIN_FEATURE(kind, FETCHER, .fetcher = type) #define _PLUGIN_FEATURE_CUSTOM(kind, name) __PLUGIN_FEATURE(kind, CUSTOM, .custom = name) -#define _PLUGIN_FEATURE_XAUTH_SERVER(kind, type) __PLUGIN_FEATURE(kind, XAUTH_SERVER, .xauth = type) -#define _PLUGIN_FEATURE_XAUTH_PEER(kind, type) __PLUGIN_FEATURE(kind, XAUTH_PEER, .xauth = type) +#define _PLUGIN_FEATURE_XAUTH_SERVER(kind, name) __PLUGIN_FEATURE(kind, XAUTH_SERVER, .xauth = name) +#define _PLUGIN_FEATURE_XAUTH_PEER(kind, name) __PLUGIN_FEATURE(kind, XAUTH_PEER, .xauth = name) #define __PLUGIN_FEATURE_REGISTER(type, _f) (plugin_feature_t){ FEATURE_REGISTER, FEATURE_##type, .arg.reg.f = _f } #define __PLUGIN_FEATURE_REGISTER_BUILDER(type, _f, _final) (plugin_feature_t){ FEATURE_REGISTER, FEATURE_##type, .arg.reg = {.f = _f, .final = _final, }} diff --git a/src/libstrongswan/xauth/xauth.c b/src/libstrongswan/xauth/xauth.c deleted file mode 100644 index b2caf374a..000000000 --- a/src/libstrongswan/xauth/xauth.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "xauth.h" - -ENUM_BEGIN(xauth_method_type_names, XAUTH_RADIUS, XAUTH_NULL, - "XAUTH_RADIUS", - "XAUTH_NULL"); -ENUM_END(xauth_method_type_names, XAUTH_NULL); - -ENUM_BEGIN(xauth_method_type_short_names, XAUTH_RADIUS, XAUTH_NULL, - "RAD", - "NULL"); -ENUM_END(xauth_method_type_short_names, XAUTH_NULL); - -/* - * See header - */ -xauth_type_t xauth_type_from_string(char *name) -{ - int i; - static struct { - char *name; - xauth_type_t type; - } types[] = { - {"radius", XAUTH_RADIUS}, - {"null", XAUTH_NULL}, - }; - - for (i = 0; i < countof(types); i++) - { - if (strcaseeq(name, types[i].name)) - { - return types[i].type; - } - } - return 0; -} diff --git a/src/libstrongswan/xauth/xauth.h b/src/libstrongswan/xauth/xauth.h deleted file mode 100644 index 97008afcb..000000000 --- a/src/libstrongswan/xauth/xauth.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (C) 2010 Martin Willi - * Copyright (C) 2010 revosec AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup xauth xauth - * @{ @ingroup libstrongswan - */ - -#ifndef XAUTH_H__ -#define XAUTH_H__ - -typedef enum xauth_type_t xauth_type_t; - -#include <library.h> - -/** - * XAuth types, defines the XAuth method implementation - */ -enum xauth_type_t { - XAUTH_RADIUS = 253, - XAUTH_NULL = 254, -}; - -/** - * enum names for xauth_type_t. - */ -extern enum_name_t *xauth_method_type_names; - -/** - * short string enum names for xauth_type_t. - */ -extern enum_name_t *xauth_method_type_short_names; - -/** - * Lookup the XAuth method type from a string. - * - * @param name XAuth method name (such as "md5", "aka") - * @return method type, 0 if unknown - */ -xauth_type_t xauth_type_from_string(char *name); - -#endif /** XAUTH_H_ @}*/ |