aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libstrongswan/Android.mk1
-rw-r--r--src/libstrongswan/Makefile.am1
-rw-r--r--src/libstrongswan/plugins/plugin.h17
-rw-r--r--src/libstrongswan/plugins/plugin_feature.c212
-rw-r--r--src/libstrongswan/plugins/plugin_feature.h294
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c366
6 files changed, 840 insertions, 51 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
index dbaa1cbe5..745ed96e7 100644
--- a/src/libstrongswan/Android.mk
+++ b/src/libstrongswan/Android.mk
@@ -53,6 +53,7 @@ fetcher/fetcher.h fetcher/fetcher.c fetcher/fetcher_manager.h fetcher/fetcher_ma
eap/eap.h eap/eap.c \
pen/pen.h pen/pen.c \
plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h \
+plugins/plugin_feature.h plugins/plugin_feature.c \
processing/jobs/job.h processing/jobs/job.c \
processing/jobs/callback_job.c processing/jobs/callback_job.h \
processing/processor.c processing/processor.h \
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 5739d152d..284decbd9 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -51,6 +51,7 @@ fetcher/fetcher.h fetcher/fetcher.c fetcher/fetcher_manager.h fetcher/fetcher_ma
eap/eap.h eap/eap.c \
pen/pen.h pen/pen.c \
plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h \
+plugins/plugin_feature.c plugins/plugin_feature.h \
processing/jobs/job.h processing/jobs/job.c \
processing/jobs/callback_job.c processing/jobs/callback_job.h \
processing/processor.c processing/processor.h \
diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h
index c0150487c..7bfbdf1d4 100644
--- a/src/libstrongswan/plugins/plugin.h
+++ b/src/libstrongswan/plugins/plugin.h
@@ -21,11 +21,11 @@
#ifndef PLUGIN_H_
#define PLUGIN_H_
-#include "../utils.h"
-#include <library.h>
-
typedef struct plugin_t plugin_t;
+#include <library.h>
+#include <plugins/plugin_feature.h>
+
/**
* Interface definition of a plugin.
*/
@@ -39,6 +39,17 @@ struct plugin_t {
char* (*get_name)(plugin_t *this);
/**
+ * Get plugin features with dependencies.
+ *
+ * The returned array contains features provided by the plugin and
+ * dependencies for that feature. See plugin_feature_t for details.
+ *
+ * @param features pointer receiving plugin features
+ * @return number of features
+ */
+ int (*get_features)(plugin_t *this, plugin_feature_t *features[]);
+
+ /**
* Try to reload plugin configuration.
*
* @return TRUE if reloaded, FALSE if reloading not supporty by plugin
diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c
new file mode 100644
index 000000000..4b7517472
--- /dev/null
+++ b/src/libstrongswan/plugins/plugin_feature.c
@@ -0,0 +1,212 @@
+/*
+ * Copyright (C) 2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+
+#include "plugin_feature.h"
+
+ENUM(plugin_feature_names, FEATURE_NONE, FEATURE_CUSTOM,
+ "NONE",
+ "CRYPTER",
+ "SIGNER",
+ "HASHER",
+ "PRF",
+ "DH",
+ "RNG",
+ "PRIVKEY",
+ "PRIVKEY_GEN",
+ "PRIVKEY_SIGN",
+ "PRIVKEY_DECRYPT",
+ "PUBKEY",
+ "PUBKEY_VERIFY",
+ "PUBKEY_ENCRYPT",
+ "CERT_DECODE",
+ "CERT_ENCODE",
+ "EAP_SERVER",
+ "EAP_CLIENT",
+ "DATABASE",
+ "CUSTOM",
+);
+
+/**
+ * See header.
+ */
+bool plugin_feature_matches(plugin_feature_t *a, plugin_feature_t *b)
+{
+ if (a->type == b->type)
+ {
+ switch (a->type)
+ {
+ case FEATURE_NONE:
+ return FALSE;
+ case FEATURE_CRYPTER:
+ return a->crypter.alg == b->crypter.alg &&
+ a->crypter.key_size == b->crypter.key_size;
+ case FEATURE_SIGNER:
+ return a->signer == b->signer;
+ case FEATURE_HASHER:
+ return a->hasher == b->hasher;
+ case FEATURE_PRF:
+ return a->prf == b->prf;
+ case FEATURE_DH:
+ return a->dh_group == b->dh_group;
+ case FEATURE_RNG:
+ return a->rng_quality <= b->rng_quality;
+ case FEATURE_DATABASE:
+ return a->database == b->database;
+ case FEATURE_PRIVKEY:
+ case FEATURE_PRIVKEY_GEN:
+ case FEATURE_PUBKEY:
+ return a->privkey == b->privkey;
+ case FEATURE_PRIVKEY_SIGN:
+ case FEATURE_PUBKEY_VERIFY:
+ return a->privkey_sign == b->privkey_sign;
+ case FEATURE_PRIVKEY_DECRYPT:
+ case FEATURE_PUBKEY_ENCRYPT:
+ return a->privkey_decrypt == b->privkey_decrypt;
+ case FEATURE_CERT_DECODE:
+ case FEATURE_CERT_ENCODE:
+ return a->cert == b->cert;
+ case FEATURE_EAP_SERVER:
+ case FEATURE_EAP_PEER:
+ return a->eap == b->eap;
+ case FEATURE_CUSTOM:
+ return streq(a->custom, b->custom);
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * See header.
+ */
+char* plugin_feature_get_string(plugin_feature_t *feature)
+{
+ char *str = NULL;
+
+ if (feature->kind == FEATURE_REGISTER)
+ {
+ return strdup("(register function)");
+ }
+ switch (feature->type)
+ {
+ case FEATURE_NONE:
+ return strdup("NONE");
+ case FEATURE_CRYPTER:
+ if (asprintf(&str, "%N:%N-%d", plugin_feature_names, feature->type,
+ encryption_algorithm_names, feature->crypter.alg,
+ feature->crypter.key_size) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_SIGNER:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ integrity_algorithm_names, feature->signer) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_HASHER:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ hash_algorithm_names, feature->hasher) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_PRF:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ pseudo_random_function_names, feature->prf) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_DH:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ diffie_hellman_group_names, feature->dh_group) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_RNG:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ rng_quality_names, feature->rng_quality) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_DATABASE:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ db_driver_names, feature->database) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_PRIVKEY:
+ case FEATURE_PRIVKEY_GEN:
+ case FEATURE_PUBKEY:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ key_type_names, feature->privkey) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_PRIVKEY_SIGN:
+ case FEATURE_PUBKEY_VERIFY:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ signature_scheme_names, feature->privkey_sign) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_PRIVKEY_DECRYPT:
+ case FEATURE_PUBKEY_ENCRYPT:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ encryption_scheme_names, feature->privkey_decrypt) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_CERT_DECODE:
+ case FEATURE_CERT_ENCODE:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ certificate_type_names, feature->cert) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_EAP_SERVER:
+ case FEATURE_EAP_PEER:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ eap_type_short_names, feature->eap) > 0)
+ {
+ return str;
+ }
+ break;
+ case FEATURE_CUSTOM:
+ if (asprintf(&str, "%N:%N", plugin_feature_names, feature->type,
+ db_driver_names, feature->database) > 0)
+ {
+ return str;
+ }
+ break;
+ }
+ if (!str)
+ {
+ str = strdup("(invalid)");
+ }
+ return str;
+}
diff --git a/src/libstrongswan/plugins/plugin_feature.h b/src/libstrongswan/plugins/plugin_feature.h
new file mode 100644
index 000000000..706663bac
--- /dev/null
+++ b/src/libstrongswan/plugins/plugin_feature.h
@@ -0,0 +1,294 @@
+/*
+ * Copyright (C) 2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup plugin_feature plugin_feature
+ * @{ @ingroup plugins
+ */
+
+#ifndef PLUGIN_FEATURE_H_
+#define PLUGIN_FEATURE_H_
+
+typedef struct plugin_feature_t plugin_feature_t;
+
+#include <library.h>
+#include <eap/eap.h>
+#include <plugins/plugin.h>
+
+/**
+ * Callback function of a plugin to (un-)register a specified feature.
+ *
+ * @param plugin plugin instance
+ * @param feature feature to register
+ * @param reg TRUE to register, FALSE to unregister
+ * @param cb_data user data passed with callback function
+ * @return TRUE if registered successfully
+ */
+typedef bool (*plugin_feature_callback_t)(plugin_t *plugin,
+ plugin_feature_t *feature,
+ bool reg,void *cb_data);
+
+/**
+ * Feature a plugin provides or depends on, including registration functions.
+ *
+ * Each plugin returns a list of plugin features, allowing the plugin loader
+ * to resolve dependencies and register the feature. FEATURE_PROVIDE defines
+ * features provided by the plugin, hard (DEPENDS) or soft (SDEPEND) dependency
+ * specified is related to the previously defined PROVIDE feature.
+ * If a plugin feature requires to hook in functionality into the library
+ * or a daemon, it can use REGISTER or CALLBACK entries. Each PROVIDED feature
+ * uses the REGISTER/CALLBACK entry defined previously. The REGISTER entry
+ * defines a common feature registration function directly passed to the
+ * associated manager or factory (crypto/credential factory etc.). A callback
+ * function is more generic allows the loader to invoke a callback to do
+ * the registration.
+ *
+ * To conviently create feature lists, use the four macros PLUGIN_REGISTER,
+ * PLUGIN_CALLBACK, PLUGIN_PROVIDE, PLUGIN_DEPENDS and PLUGIN_SDEPEND. Use
+ * identation to show how the registration functions and dependencies are
+ * related to a provided feature, such as:
+ *
+ * @verbatim
+ // two features, one with two dependencies, both use a callback to register
+ PLUGIN_CALLBACK(...),
+ PLUGIN_PROVIDE(...),
+ PLUGIN_DEPENDS(...),
+ PLUGIN_SDEPEND(...),
+ PLUGIN_PROVIDE(...),
+ // common constructor to register for a feature with one dependency
+ PLUGIN_REGISTER(...),
+ PLUGIN_PROVIDE(...),
+ PLUGIN_DEPENDS(...),
+ // feature that does not use a registration function
+ PLUGIN_PROVIDE(...),
+ @endverbatim
+ */
+struct plugin_feature_t {
+ /** kind of entry */
+ enum {
+ /* plugin provides this feature */
+ FEATURE_PROVIDE,
+ /* a feature depends on this feature, hard dependency */
+ FEATURE_DEPENDS,
+ /* a feature can optionally use this feature, soft dependency */
+ FEATURE_SDEPEND,
+ /* register the specified function for all following features */
+ FEATURE_REGISTER,
+ /* use a callback to register all following features */
+ FEATURE_CALLBACK,
+ } kind;
+ /* type of feature */
+ enum {
+ /** not a feature */
+ FEATURE_NONE,
+ /** crypter_t */
+ FEATURE_CRYPTER,
+ /** signer_t */
+ FEATURE_SIGNER,
+ /** hasher_t */
+ FEATURE_HASHER,
+ /** prf_t */
+ FEATURE_PRF,
+ /** diffie_hellman_t */
+ FEATURE_DH,
+ /** rng_t */
+ FEATURE_RNG,
+ /** generic private key support */
+ FEATURE_PRIVKEY,
+ /** generating new private keys */
+ FEATURE_PRIVKEY_GEN,
+ /** private_key_t->sign() */
+ FEATURE_PRIVKEY_SIGN,
+ /** private_key_t->decrypt() */
+ FEATURE_PRIVKEY_DECRYPT,
+ /** generic public key support */
+ FEATURE_PUBKEY,
+ /** public_key_t->verify() */
+ FEATURE_PUBKEY_VERIFY,
+ /** public_key_t->encrypt() */
+ FEATURE_PUBKEY_ENCRYPT,
+ /** parsing certificates */
+ FEATURE_CERT_DECODE,
+ /** generating certificates */
+ FEATURE_CERT_ENCODE,
+ /** EAP server implementation */
+ FEATURE_EAP_SERVER,
+ /** EAP peer implementation */
+ FEATURE_EAP_PEER,
+ /** database_t */
+ FEATURE_DATABASE,
+ /** custom feature, described with a string */
+ FEATURE_CUSTOM,
+ } type;
+ /** More specific data for each type */
+ union {
+ /** FEATURE_CRYPTER */
+ struct {
+ encryption_algorithm_t alg;
+ size_t key_size;
+ } crypter;
+ /** FEATURE_SIGNER */
+ integrity_algorithm_t signer;
+ /** FEATURE_PRF */
+ pseudo_random_function_t prf;
+ /** FEATURE_HASHER */
+ hash_algorithm_t hasher;
+ /** FEATURE_DH */
+ diffie_hellman_group_t dh_group;
+ /** FEATURE_RNG */
+ rng_quality_t rng_quality;
+ /** FEATURE_PRIVKEY */
+ key_type_t privkey;
+ /** FEATURE_PRIVKEY_GEN */
+ key_type_t privkey_gen;
+ /** FEATURE_PRIVKEY_SIGN */
+ signature_scheme_t privkey_sign;
+ /** FEATURE_PRIVKEY_DECRYPT */
+ encryption_scheme_t privkey_decrypt;
+ /** FEATURE_PUBKEY */
+ key_type_t pubkey;
+ /** FEATURE_PUBKEY_VERIFY */
+ signature_scheme_t pubkey_verify;
+ /** FEATURE_PUBKEY_ENCRYPT */
+ encryption_scheme_t pubkey_encrypt;
+ /** FEATURE_CERT_DECODE/ENCODE */
+ certificate_type_t cert;
+ /** FEATURE_EAP_SERVER/CLIENT */
+ eap_type_t eap;
+ /** FEATURE_DATABASE */
+ db_driver_t database;
+ /** FEATURE_CUSTOM */
+ char *custom;
+
+ /** FEATURE_REGISTER */
+ struct {
+ /** feature specific function to register for this type */
+ void *f;
+ /** final flag to pass for builder_function_t */
+ bool final;
+ } reg;
+
+ /** FEATURE_CALLBACK */
+ struct {
+ /** callback function to invoke for registration */
+ plugin_feature_callback_t f;
+ /** data to pass to callback */
+ void *data;
+ } cb;
+ };
+};
+
+#define FEATURE(kind, type, ...) _PLUGIN_FEATURE_##type(kind, __VA_ARGS__)
+
+/**
+ * Define function to register directly for all upcoming features.
+ *
+ * @param type feature type to register
+ * @param f type specific function to register
+ * @param ... type specific additional arguments
+ */
+#define PLUGIN_REGISTER(type, f, ...) _PLUGIN_FEATURE_REGISTER_##type(type, f, ##__VA_ARGS__)
+
+/**
+ * Define a callback to invoke for registering all upcoming features.
+ *
+ * @param type feature type to register
+ * @param cb type specific callback function to register
+ * @param data data pointer to pass to callback
+ */
+#define PLUGIN_CALLBACK(cb, data) _PLUGIN_FEATURE_CALLBACK(cb, data)
+
+/**
+ * Define a feature the plugin provides.
+ *
+ * @param type feature type to provide
+ * @param ... type specific arguments
+ */
+#define PLUGIN_PROVIDE(type, ...) _PLUGIN_FEATURE_##type(PROVIDE, __VA_ARGS__)
+
+/**
+ * Define a hard dependency for the previously defined feature.
+ *
+ * @param type feature type to provide
+ * @param ... type specific arguments
+ */
+#define PLUGIN_DEPENDS(type, ...) _PLUGIN_FEATURE_##type(DEPENDS, __VA_ARGS__)
+
+/**
+ * Define a soft dependency for the previously defined feature.
+ *
+ * @param type feature type to provide
+ * @param ... type specific arguments
+ */
+#define PLUGIN_SDEPEND(type, ...) _PLUGIN_FEATURE_##type(SDEPEND, __VA_ARGS__)
+
+#define __PLUGIN_FEATURE(kind, type, ...) (plugin_feature_t){ FEATURE_##kind, FEATURE_##type, { __VA_ARGS__ }}
+#define _PLUGIN_FEATURE_CRYPTER(kind, alg, size) __PLUGIN_FEATURE(kind, CRYPTER, .crypter = { alg, size })
+#define _PLUGIN_FEATURE_SIGNER(kind, alg) __PLUGIN_FEATURE(kind, SIGNER, .signer = alg)
+#define _PLUGIN_FEATURE_HASHER(kind, alg) __PLUGIN_FEATURE(kind, HASHER, .hasher = alg)
+#define _PLUGIN_FEATURE_PRF(kind, alg) __PLUGIN_FEATURE(kind, PRF, .prf = alg)
+#define _PLUGIN_FEATURE_DH(kind, group) __PLUGIN_FEATURE(kind, DH, .dh_group = group)
+#define _PLUGIN_FEATURE_RNG(kind, quality) __PLUGIN_FEATURE(kind, RNG, .rng_quality = quality)
+#define _PLUGIN_FEATURE_PRIVKEY(kind, type) __PLUGIN_FEATURE(kind, PRIVKEY, .privkey = type)
+#define _PLUGIN_FEATURE_PRIVKEY_GEN(kind, type) __PLUGIN_FEATURE(kind, PRIVKEY_GEN, .privkey_gen = type)
+#define _PLUGIN_FEATURE_PRIVKEY_SIGN(kind, scheme) __PLUGIN_FEATURE(kind, PRIVKEY_SIGN, .privkey_sign = scheme)
+#define _PLUGIN_FEATURE_PRIVKEY_DECRYPT(kind, scheme) __PLUGIN_FEATURE(kind, PRIVKEY_DECRYPT, .privkey_decrypt = scheme)
+#define _PLUGIN_FEATURE_PUBKEY(kind, type) __PLUGIN_FEATURE(kind, PUBKEY, .pubkey = type)
+#define _PLUGIN_FEATURE_PUBKEY_VERIFY(kind, scheme) __PLUGIN_FEATURE(kind, PUBKEY_VERIFY, .pubkey_verify = scheme)
+#define _PLUGIN_FEATURE_PUBKEY_ENCRYPT(kind, scheme) __PLUGIN_FEATURE(kind, PUBKEY_ENCRYPT, .pubkey_encrypt = scheme)
+#define _PLUGIN_FEATURE_CERT_DECODE(kind, type) __PLUGIN_FEATURE(kind, CERT_DECODE, .cert = type)
+#define _PLUGIN_FEATURE_CERT_ENCODE(kind, type) __PLUGIN_FEATURE(kind, CERT_ENCODE, .cert = type)
+#define _PLUGIN_FEATURE_EAP_SERVER(kind, type) __PLUGIN_FEATURE(kind, EAP_SERVER, .eap = type)
+#define _PLUGIN_FEATURE_EAP_PEER(kind, type) __PLUGIN_FEATURE(kind, EAP_PEER, .eap = type)
+
+#define __PLUGIN_FEATURE_REGISTER(type, _f) (plugin_feature_t){ FEATURE_REGISTER, FEATURE_##type, .reg.f = _f }
+#define __PLUGIN_FEATURE_REGISTER_BUILDER(type, _f, _final) (plugin_feature_t){ FEATURE_REGISTER, FEATURE_##type, .reg = {.f = _f, .final = _final, }}
+#define _PLUGIN_FEATURE_REGISTER_CRYPTER(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
+#define _PLUGIN_FEATURE_REGISTER_SIGNER(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
+#define _PLUGIN_FEATURE_REGISTER_HASHER(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
+#define _PLUGIN_FEATURE_REGISTER_PRF(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
+#define _PLUGIN_FEATURE_REGISTER_DH(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
+#define _PLUGIN_FEATURE_REGISTER_RNG(type, f) __PLUGIN_FEATURE_REGISTER(type, f)
+#define _PLUGIN_FEATURE_REGISTER_PRIVKEY(type, f, final) __PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+#define _PLUGIN_FEATURE_REGISTER_PRIVKEY_GEN(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+#define _PLUGIN_FEATURE_REGISTER_PUBKEY(type, f, final) __PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+#define _PLUGIN_FEATURE_REGISTER_CERT_DECODE(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+#define _PLUGIN_FEATURE_REGISTER_CERT_ENCODE(type, f, final)__PLUGIN_FEATURE_REGISTER_BUILDER(type, f, final)
+
+#define _PLUGIN_FEATURE_CALLBACK(_cb, _data) (plugin_feature_t){ FEATURE_CALLBACK, FEATURE_NONE, .cb = { .f = _cb, .data = _data } }
+
+/**
+ * Names for plugin_feature_t types.
+ */
+extern enum_name_t *plugin_feature_names;
+
+/**
+ * Check if feature a matches to feature b.
+ *
+ * @param a feature to check
+ * @param b feature to match against
+ * @return TRUE if a matches b
+ */
+bool plugin_feature_matches(plugin_feature_t *a, plugin_feature_t *b);
+
+/**
+ * Get a string describing feature.
+ *
+ * @param feature feature to describe
+ * @return allocated string describing feature
+ */
+char* plugin_feature_get_string(plugin_feature_t *feature);
+
+#endif /** PLUGIN_FEATURE_H_ @}*/
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index 894e25f2e..26af529d4 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -29,6 +29,7 @@
#include <plugins/plugin.h>
typedef struct private_plugin_loader_t private_plugin_loader_t;
+typedef struct plugin_entry_t plugin_entry_t;
/**
* private data of plugin_loader
@@ -41,20 +42,56 @@ struct private_plugin_loader_t {
plugin_loader_t public;
/**
- * list of loaded plugins
+ * List of plugins, as plugin_entry_t
*/
linked_list_t *plugins;
};
/**
+ * Entry for a plugin
+ */
+struct plugin_entry_t {
+
+ /**
+ * Plugin instance
+ */
+ plugin_t *plugin;
+
+ /**
+ * dlopen handle, if in separate lib
+ */
+ void *handle;
+
+ /**
+ * List of loaded features
+ */
+ linked_list_t *loaded;
+};
+
+/**
+ * Destroy a plugin entry
+ */
+static void plugin_entry_destroy(plugin_entry_t *entry)
+{
+ DESTROY_IF(entry->plugin);
+ if (entry->handle)
+ {
+ dlclose(entry->handle);
+ }
+ entry->loaded->destroy(entry->loaded);
+ free(entry);
+}
+
+/**
* create a plugin
* returns: NOT_FOUND, if the constructor was not found
* FAILED, if the plugin could not be constructed
*/
static status_t create_plugin(private_plugin_loader_t *this, void *handle,
- char *name, bool integrity, plugin_t **plugin)
+ char *name, bool integrity, plugin_entry_t **entry)
{
char create[128];
+ plugin_t *plugin;
plugin_constructor_t constructor;
if (snprintf(create, sizeof(create), "%s_plugin_create",
@@ -78,13 +115,17 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle,
DBG1(DBG_LIB, "plugin '%s': passed file and segment integrity tests",
name);
}
- *plugin = constructor();
- if (*plugin == NULL)
+ plugin = constructor();
+ if (plugin == NULL)
{
DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name,
create);
return FAILED;
}
+ INIT(*entry,
+ .plugin = plugin,
+ .loaded = linked_list_create(),
+ );
DBG2(DBG_LIB, "plugin '%s': loaded successfully", name);
return SUCCESS;
}
@@ -92,28 +133,21 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle,
/**
* load a single plugin
*/
-static plugin_t* load_plugin(private_plugin_loader_t *this,
- char *path, char *name)
+static bool load_plugin(private_plugin_loader_t *this, char *name, char *file)
{
- char file[PATH_MAX];
+ plugin_entry_t *entry;
void *handle;
- plugin_t *plugin;
- switch (create_plugin(this, RTLD_DEFAULT, name, FALSE, &plugin))
+ switch (create_plugin(this, RTLD_DEFAULT, name, FALSE, &entry))
{
case SUCCESS:
- return plugin;
+ this->plugins->insert_last(this->plugins, entry);
+ return TRUE;
case NOT_FOUND:
/* try to load the plugin from a file */
break;
default:
- return NULL;
- }
-
- if (snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path,
- name) >= sizeof(file))
- {
- return NULL;
+ return FALSE;
}
if (lib->integrity)
{
@@ -121,23 +155,40 @@ static plugin_t* load_plugin(private_plugin_loader_t *this,
{
DBG1(DBG_LIB, "plugin '%s': failed file integrity test of '%s'",
name, file);
- return NULL;
+ return FALSE;
}
}
handle = dlopen(file, RTLD_LAZY);
if (handle == NULL)
{
DBG1(DBG_LIB, "plugin '%s' failed to load: %s", name, dlerror());
- return NULL;
+ return FALSE;
}
- if (create_plugin(this, handle, name, TRUE, &plugin) != SUCCESS)
+ if (create_plugin(this, handle, name, TRUE, &entry) != SUCCESS)
{
dlclose(handle);
- return NULL;
+ return FALSE;
}
- /* we do not store or free dlopen() handles, leak_detective requires
- * the modules to keep loaded until leak report */
- return plugin;
+ entry->handle = handle;
+ this->plugins->insert_last(this->plugins, entry);
+ return TRUE;
+}
+
+/**
+ * Convert enumerated entries to plugin_t
+ */
+static bool plugin_filter(void *null, plugin_entry_t **entry, plugin_t **plugin)
+{
+ *plugin = (*entry)->plugin;
+ return TRUE;
+}
+
+METHOD(plugin_loader_t, create_plugin_enumerator, enumerator_t*,
+ private_plugin_loader_t *this)
+{
+ return enumerator_create_filter(
+ this->plugins->create_enumerator(this->plugins),
+ (void*)plugin_filter, NULL, NULL);
}
/**
@@ -149,8 +200,8 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name)
bool found = FALSE;
plugin_t *plugin;
- enumerator = this->plugins->create_enumerator(this->plugins);
- while (enumerator->enumerate(enumerator, &plugin))
+ enumerator = create_plugin_enumerator(this);
+ while (enumerator->enumerate(enumerator, &plugin, NULL))
{
if (streq(plugin->get_name(plugin), name))
{
@@ -162,6 +213,216 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name)
return found;
}
+/**
+ * Check if a feature of a plugin is already loaded
+ */
+static bool feature_loaded(private_plugin_loader_t *this, plugin_entry_t *entry,
+ plugin_feature_t *feature)
+{
+ return entry->loaded->find_first(entry->loaded, NULL,
+ (void**)&feature) == SUCCESS;
+}
+
+/**
+ * Check if dependencies are satisfied
+ */
+
+static bool dependencies_satisfied(private_plugin_loader_t *this, char *name,
+ bool soft, bool report, plugin_feature_t *features, int count)
+{
+ int i;
+
+ /* first entry is provided feature, followed by dependencies */
+ for (i = 1; i < count; i++)
+ {
+ enumerator_t *entries, *loaded;
+ plugin_feature_t *feature;
+ plugin_entry_t *entry;
+ bool found = FALSE;
+
+ if (features[i].kind != FEATURE_DEPENDS &&
+ features[i].kind != FEATURE_SDEPEND)
+ { /* end of dependencies */
+ break;
+ }
+ entries = this->plugins->create_enumerator(this->plugins);
+ while (entries->enumerate(entries, &entry))
+ {
+ loaded = entry->loaded->create_enumerator(entry->loaded);
+ while (loaded->enumerate(loaded, &feature))
+ {
+ if (plugin_feature_matches(&features[i], feature))
+ {
+ found = TRUE;
+ break;
+ }
+ }
+ loaded->destroy(loaded);
+ }
+ entries->destroy(entries);
+
+ if (!found && !(features[i].kind == FEATURE_SDEPEND && !soft))
+ {
+ if (report)
+ {
+ char *provide, *depend;
+
+ provide = plugin_feature_get_string(&features[0]);
+ depend = plugin_feature_get_string(&features[i]);
+ DBG1(DBG_LIB, "feature %s in '%s' plugin has unsatisfied "
+ "dependency: %s", provide, name, depend);
+ free(provide);
+ free(depend);
+ }
+ return FALSE;
+ }
+ }
+ return TRUE;
+}
+
+/**
+ * Load a plugin feature
+ */
+static bool load_feature(private_plugin_loader_t *this, plugin_entry_t *entry,
+ char *name, plugin_feature_t *feature, plugin_feature_t *reg)
+{
+ char *str;
+
+ str = plugin_feature_get_string(feature);
+ switch (feature->type)
+ {
+ case FEATURE_CRYPTER:
+ case FEATURE_SIGNER:
+ case FEATURE_HASHER:
+ case FEATURE_PRF:
+ case FEATURE_DH:
+ case FEATURE_RNG:
+ case FEATURE_PRIVKEY:
+ case FEATURE_PRIVKEY_GEN:
+ case FEATURE_PUBKEY:
+ case FEATURE_CERT_DECODE:
+ case FEATURE_CERT_ENCODE:
+ /* require a registration function */
+ if (!reg ||
+ (reg->kind == FEATURE_REGISTER && reg->type != feature->type))
+ {
+ DBG1(DBG_LIB, "loading '%s' plugin feature %s failed: "
+ "invalid registration function", name, str);
+ free(str);
+ return FALSE;
+ }
+ break;
+ default:
+ break;
+ }
+ if (reg && reg->kind == FEATURE_CALLBACK)
+ {
+ if (!reg->cb.f(entry->plugin, feature, TRUE, reg->cb.data))
+ {
+ DBG1(DBG_LIB, "loading '%s' plugin feature %s with callback failed",
+ name, str);
+ free(str);
+ return FALSE;
+ }
+ }
+ else
+ {
+ switch (feature->type)
+ {
+ case FEATURE_CRYPTER:
+ lib->crypto->add_crypter(lib->crypto, feature->crypter.alg,
+ name, reg->reg.f);
+ break;
+ case FEATURE_SIGNER:
+ lib->crypto->add_signer(lib->crypto, feature->signer,
+ name, reg->reg.f);
+ break;
+ case FEATURE_HASHER:
+ lib->crypto->add_hasher(lib->crypto, feature->hasher,
+ name, reg->reg.f);
+ break;
+ case FEATURE_PRF:
+ lib->crypto->add_prf(lib->crypto, feature->prf,
+ name, reg->reg.f);
+ break;
+ case FEATURE_DH:
+ lib->crypto->add_dh(lib->crypto, feature->dh_group,
+ name, reg->reg.f);
+ break;
+ case FEATURE_RNG:
+ lib->crypto->add_rng(lib->crypto, feature->rng_quality,
+ name, reg->reg.f);
+ break;
+ case FEATURE_PRIVKEY:
+ case FEATURE_PRIVKEY_GEN:
+ lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY,
+ feature->privkey, reg->reg.final, reg->reg.f);
+ break;
+ case FEATURE_PUBKEY:
+ lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY,
+ feature->pubkey, reg->reg.final, reg->reg.f);
+ break;
+ case FEATURE_CERT_DECODE:
+ case FEATURE_CERT_ENCODE:
+ lib->creds->add_builder(lib->creds, CRED_CERTIFICATE,
+ feature->cert, reg->reg.final, reg->reg.f);
+ break;
+ default:
+ break;
+ }
+ }
+ DBG2(DBG_LIB, "loaded '%s' plugin feature %s", name, str);
+ free(str);
+ entry->loaded->insert_last(entry->loaded, feature);
+ return TRUE;
+}
+
+/**
+ * Load plugin features in correct order
+ */
+static int load_features(private_plugin_loader_t *this, bool soft, bool report)
+{
+ enumerator_t *enumerator;
+ plugin_feature_t *features, *reg = NULL;
+ plugin_entry_t *entry;
+ int count, i, loaded = 0;
+ char *name;
+
+ enumerator = this->plugins->create_enumerator(this->plugins);
+ while (enumerator->enumerate(enumerator, &entry))
+ {
+ if (!entry->plugin->get_features)
+ { /* feature interface not supported */
+ continue;
+ }
+ name = entry->plugin->get_name(entry->plugin);
+ count = entry->plugin->get_features(entry->plugin, &features);
+ for (i = 0; i < count; i++)
+ {
+ switch (features[i].kind)
+ {
+ case FEATURE_PROVIDE:
+ if (!feature_loaded(this, entry, &features[i]) &&
+ dependencies_satisfied(this, name, soft, report,
+ &features[i], count - i) &&
+ load_feature(this, entry, name, &features[i], reg))
+ {
+ loaded++;
+ }
+ break;
+ case FEATURE_REGISTER:
+ case FEATURE_CALLBACK:
+ reg = &features[i];
+ break;
+ default:
+ break;
+ }
+ }
+ }
+ enumerator->destroy(enumerator);
+ return loaded;
+}
+
METHOD(plugin_loader_t, load_plugins, bool,
private_plugin_loader_t *this, char *path, char *list)
{
@@ -177,8 +438,8 @@ METHOD(plugin_loader_t, load_plugins, bool,
enumerator = enumerator_create_token(list, " ", " ");
while (!critical_failed && enumerator->enumerate(enumerator, &token))
{
- plugin_t *plugin;
bool critical = FALSE;
+ char file[PATH_MAX];
int len;
token = strdup(token);
@@ -193,44 +454,52 @@ METHOD(plugin_loader_t, load_plugins, bool,
free(token);
continue;
}
- plugin = load_plugin(this, path, token);
- if (plugin)
+ if (snprintf(file, sizeof(file), "%s/libstrongswan-%s.so",
+ path, token) >= sizeof(file))
{
- this->plugins->insert_last(this->plugins, plugin);
+ return NULL;
}
- else
+ if (!load_plugin(this, token, file) && critical)
{
- if (critical)
- {
- critical_failed = TRUE;
- DBG1(DBG_LIB, "loading critical plugin '%s' failed", token);
- }
+ critical_failed = TRUE;
+ DBG1(DBG_LIB, "loading critical plugin '%s' failed", token);
}
free(token);
}
enumerator->destroy(enumerator);
+ if (!critical_failed)
+ {
+ while (load_features(this, TRUE, FALSE))
+ {
+ /* try load new features until we don't get new ones */
+ }
+ while (load_features(this, FALSE, FALSE))
+ {
+ /* second round, ignoring soft dependencies */
+ }
+ /* report missing dependencies */
+ load_features(this, FALSE, TRUE);
+ }
return !critical_failed;
}
METHOD(plugin_loader_t, unload, void,
private_plugin_loader_t *this)
{
- plugin_t *plugin;
+ plugin_entry_t *entry;
/* unload plugins in reverse order */
while (this->plugins->remove_last(this->plugins,
- (void**)&plugin) == SUCCESS)
+ (void**)&entry) == SUCCESS)
{
- plugin->destroy(plugin);
+ if (lib->leak_detective)
+ { /* keep handle to report leaks properly */
+ entry->handle = NULL;
+ }
+ plugin_entry_destroy(entry);
}
}
-METHOD(plugin_loader_t, create_plugin_enumerator, enumerator_t*,
- private_plugin_loader_t *this)
-{
- return this->plugins->create_enumerator(this->plugins);
-}
-
/**
* Reload a plugin by name, NULL for all
*/
@@ -241,11 +510,11 @@ static u_int reload_by_name(private_plugin_loader_t *this, char *name)
plugin_t *plugin;
enumerator = create_plugin_enumerator(this);
- while (enumerator->enumerate(enumerator, &plugin))
+ while (enumerator->enumerate(enumerator, &plugin, NULL))
{
if (name == NULL || streq(name, plugin->get_name(plugin)))
{
- if (plugin->reload(plugin))
+ if (plugin->reload && plugin->reload(plugin))
{
DBG2(DBG_LIB, "reloaded configuration of '%s' plugin",
plugin->get_name(plugin));
@@ -280,7 +549,8 @@ METHOD(plugin_loader_t, reload, u_int,
METHOD(plugin_loader_t, destroy, void,
private_plugin_loader_t *this)
{
- this->plugins->destroy_offset(this->plugins, offsetof(plugin_t, destroy));
+ unload(this);
+ this->plugins->destroy(this->plugins);
free(this);
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 17:28:45 +0000