From 55b02db74e09e43a7a86b60357242c77b5617f26 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 12 Nov 2007 15:09:11 +0000 Subject: implemented IKE/CHILD_SA close through manager --- src/manager/Makefile.am | 7 +- src/manager/controller/control_controller.c | 138 ++++++++++++++++++++++++++++ src/manager/controller/control_controller.h | 47 ++++++++++ src/manager/gateway.c | 44 ++++++++- src/manager/gateway.h | 8 ++ src/manager/main.c | 2 + src/manager/templates/static/close.png | Bin 0 -> 825 bytes src/manager/templates/static/script.js | 6 +- src/manager/templates/static/style.css | 10 ++ src/manager/templates/status/ikesalist.cs | 16 +++- 10 files changed, 267 insertions(+), 11 deletions(-) create mode 100644 src/manager/controller/control_controller.c create mode 100644 src/manager/controller/control_controller.h create mode 100644 src/manager/templates/static/close.png (limited to 'src/manager') diff --git a/src/manager/Makefile.am b/src/manager/Makefile.am index 17eecdbab..d141f3737 100644 --- a/src/manager/Makefile.am +++ b/src/manager/Makefile.am @@ -4,6 +4,7 @@ manager_fcgi_SOURCES = \ main.c manager.c manager.h gateway.h gateway.c database.h database.c \ controller/auth_controller.c controller/auth_controller.h \ controller/status_controller.c controller/status_controller.h \ +controller/control_controller.c controller/control_controller.h \ controller/gateway_controller.c controller/gateway_controller.h manager_fcgi_LDADD = $(top_builddir)/src/manager/libappserv.la -lsqlite3 @@ -42,7 +43,8 @@ ipsec_templates_static_DATA = templates/static/style.css templates/static/script templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \ templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \ templates/static/gateway-left.png templates/static/client-left.png templates/static/strongswan.png \ -templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png +templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png \ +templates/static/close.png EXTRA_DIST = manager.db templates/header.cs templates/footer.cs templates/error.cs \ templates/auth/login.cs templates/gateway/list.cs templates/status/ikesalist.cs \ @@ -50,4 +52,5 @@ templates/static/style.css templates/static/script.js templates/static/jquery.js templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \ templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \ templates/static/gateway-left.png templates/static/client-left.png templates/static/strongswan.png \ -templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png +templates/static/router.png templates/static/gateway-right.png templates/static/client-right.png \ +templates/static/close.png diff --git a/src/manager/controller/control_controller.c b/src/manager/controller/control_controller.c new file mode 100644 index 000000000..9d0789d8d --- /dev/null +++ b/src/manager/controller/control_controller.c @@ -0,0 +1,138 @@ +/** + * @file control_controller.c + * + * @brief Implementation of control_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "control_controller.h" +#include "../manager.h" +#include "../gateway.h" + +#include + +#include + + +typedef struct private_control_controller_t private_control_controller_t; + +/** + * private data of the task manager + */ +struct private_control_controller_t { + + /** + * public functions + */ + control_controller_t public; + + /** + * manager instance + */ + manager_t *manager; +}; + +/** + * terminate a IKE or CHILD SA + */ +static void terminate(private_control_controller_t *this, request_t *r, + bool ike, u_int32_t id) +{ + gateway_t *gateway; + + gateway = this->manager->select_gateway(this->manager, 0); + if (gateway->terminate(gateway, ike, id)) + { + r->redirect(r, "status/ikesalist"); + } + else + { + r->set(r, "title", "Error"); + r->set(r, "error", "controlling the gateway failed"); + r->render(r, "templates/error.cs"); + } +} + +/** + * Implementation of controller_t.get_name + */ +static char* get_name(private_control_controller_t *this) +{ + return "control"; +} + +/** + * Implementation of controller_t.handle + */ +static void handle(private_control_controller_t *this, + request_t *request, char *action, char *strid) +{ + if (!this->manager->logged_in(this->manager)) + { + return request->redirect(request, "auth/login"); + } + if (this->manager->select_gateway(this->manager, 0) == NULL) + { + return request->redirect(request, "gateway/list"); + } + if (action) + { + u_int32_t id; + + if (streq(action, "terminateike")) + { + if (strid && (id = atoi(strid))) + { + return terminate(this, request, TRUE, id); + } + } + if (streq(action, "terminatechild")) + { + if (strid && (id = atoi(strid))) + { + return terminate(this, request, FALSE, id); + } + } + } + return request->redirect(request, "status/ikesalist"); +} + +/** + * Implementation of controller_t.destroy + */ +static void destroy(private_control_controller_t *this) +{ + free(this); +} + +/* + * see header file + */ +controller_t *control_controller_create(context_t *context, void *param) +{ + private_control_controller_t *this = malloc_thing(private_control_controller_t); + + this->public.controller.get_name = (char*(*)(controller_t*))get_name; + this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle; + this->public.controller.destroy = (void(*)(controller_t*))destroy; + + this->manager = (manager_t*)context; + + return &this->public.controller; +} + diff --git a/src/manager/controller/control_controller.h b/src/manager/controller/control_controller.h new file mode 100644 index 000000000..6a55170aa --- /dev/null +++ b/src/manager/controller/control_controller.h @@ -0,0 +1,47 @@ +/** + * @file control_controller.h + * + * @brief Interface of control_controller_t. + * + */ + +/* + * Copyright (C) 2007 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef CONTROL_CONTROLLER_H_ +#define CONTROL_CONTROLLER_H_ + + +#include + +typedef struct control_controller_t control_controller_t; + +/** + * @brief Status controller. + */ +struct control_controller_t { + + /** + * Implements controller_t interface. + */ + controller_t controller; +}; + +/** + * @brief Create a control_controller controller instance. + */ +controller_t *control_controller_create(context_t *context, void *param); + +#endif /* CONTROL_CONTROLLER_H_ */ diff --git a/src/manager/gateway.c b/src/manager/gateway.c index 5f5a4b477..011025b9c 100644 --- a/src/manager/gateway.c +++ b/src/manager/gateway.c @@ -103,7 +103,7 @@ static bool connect_(private_gateway_t *this) /** * Implementation of gateway_t.request. */ -static char* request(private_gateway_t *this, char *xml) +static char* request(private_gateway_t *this, char *xml, ...) { if (this->fd < 0) { @@ -116,9 +116,16 @@ static char* request(private_gateway_t *this, char *xml) { char buf[8096]; ssize_t len; + va_list args; - len = strlen(xml); - if (send(this->fd, xml, len, 0) != len) + va_start(args, xml); + len = vsnprintf(buf, sizeof(buf), xml, args); + va_end(args); + if (len < 0 || len >= sizeof(buf)) + { + return NULL; + } + if (send(this->fd, buf, len, 0) != len) { return NULL; } @@ -197,6 +204,36 @@ static enumerator_t* query_ikesalist(private_gateway_t *this) return NULL; } +/** + * Implementation of gateway_t.terminate. + */ +static bool terminate(private_gateway_t *this, bool ike, u_int32_t id) +{ + char *str, *kind; + xml_t *xml; + + if (ike) + { + kind = "ike"; + } + else + { + kind = "child"; + } + + str = request(this, "" + "" + "<%ssaterminate>%d" + "" + "", kind, id, kind); + if (str == NULL) + { + return FALSE; + } + free(str); + return TRUE; +} + /** * Implementation of gateway_t.destroy */ @@ -220,6 +257,7 @@ static private_gateway_t *gateway_create(char *name) this->public.request = (char*(*)(gateway_t*, char *xml))request; this->public.query_ikesalist = (enumerator_t*(*)(gateway_t*))query_ikesalist; + this->public.terminate = (bool(*)(gateway_t*, bool ike, u_int32_t id))terminate; this->public.destroy = (void(*)(gateway_t*))destroy; this->name = strdup(name); diff --git a/src/manager/gateway.h b/src/manager/gateway.h index 1fe2aef4b..060a97a58 100644 --- a/src/manager/gateway.h +++ b/src/manager/gateway.h @@ -48,6 +48,14 @@ struct gateway_t { */ enumerator_t* (*query_ikesalist)(gateway_t *this); + /** + * @brief Terminate an IKE or a CHILD SA. + * + * @param ike TRUE for IKE-, FALSE for a CHILD-SA + * @return TRUE if successful + */ + bool (*terminate)(gateway_t *this, bool ike, u_int32_t id); + /** * @brief Destroy a gateway instance. */ diff --git a/src/manager/main.c b/src/manager/main.c index bbe07cbf3..7af957d0d 100644 --- a/src/manager/main.c +++ b/src/manager/main.c @@ -28,6 +28,7 @@ #include "controller/auth_controller.h" #include "controller/status_controller.h" #include "controller/gateway_controller.h" +#include "controller/control_controller.h" #define DBFILE IPSECDIR "/manager.db" #define SESSION_TIMEOUT 180 @@ -55,6 +56,7 @@ int main (int arc, char *argv[]) dispatcher->add_controller(dispatcher, status_controller_create, NULL); dispatcher->add_controller(dispatcher, gateway_controller_create, NULL); dispatcher->add_controller(dispatcher, auth_controller_create, NULL); + dispatcher->add_controller(dispatcher, control_controller_create, NULL); dispatcher->run(dispatcher, THREADS, NULL, NULL, NULL, NULL); diff --git a/src/manager/templates/static/close.png b/src/manager/templates/static/close.png new file mode 100644 index 000000000..7cb058d69 Binary files /dev/null and b/src/manager/templates/static/close.png differ diff --git a/src/manager/templates/static/script.js b/src/manager/templates/static/script.js index 7b2a5823c..ba6f62215 100644 --- a/src/manager/templates/static/script.js +++ b/src/manager/templates/static/script.js @@ -1,8 +1,8 @@ $(function(){ - $(".expand > div").hide(); + $(".expander").hide(); $(".expand > h1").toggle( - function(){$(this).parent(".expand").find("div").slideDown('fast');}, - function(){$(this).parent(".expand").find("div").slideUp('fast');} + function(){$(this).parent(".expand").find(".expander").slideDown('fast');}, + function(){$(this).parent(".expand").find(".expander").slideUp('fast');} ); }); diff --git a/src/manager/templates/static/style.css b/src/manager/templates/static/style.css index 8a7f4960d..22c0805fa 100644 --- a/src/manager/templates/static/style.css +++ b/src/manager/templates/static/style.css @@ -57,6 +57,7 @@ a img { font-size: 1em; cursor: pointer; margin: 0; + float: left; } .expand h1 span { @@ -64,6 +65,15 @@ a img { margin-right: 2em; } +.expander { + clear:left; +} + +.controls { + margin-top: 3px; + text-align: right; +} + .center { text-align: center; } diff --git a/src/manager/templates/status/ikesalist.cs b/src/manager/templates/status/ikesalist.cs index 2238aafd3..15fe4070e 100644 --- a/src/manager/templates/status/ikesalist.cs +++ b/src/manager/templates/status/ikesalist.cs @@ -5,8 +5,13 @@ IKE # []: <-> - -
+ +
+ + + +
+
@@ -66,9 +71,14 @@ - + -- cgit v1.2.3
+

IPsec # []:

 + + + +