summaryrefslogtreecommitdiff
path: root/src/charon/control
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2008-07-10 12:47:56 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2008-07-10 12:47:56 +0000
commiteb841c5ef668a48782ef1154fda65cb6048f5885 (patch)
tree00dd0cb4313bf2291d94ed511fe51f0b4bc7ea7a /src/charon/control
parent738206039047924ae7e4762a53d121be1ca43000 (diff)
downloadvyos-strongswan-eb841c5ef668a48782ef1154fda65cb6048f5885.tar.gz
vyos-strongswan-eb841c5ef668a48782ef1154fda65cb6048f5885.zip
- Updated to new upstream.
Diffstat (limited to 'src/charon/control')
-rw-r--r--src/charon/control/controller.c (renamed from src/charon/control/interface_manager.c)175
-rw-r--r--src/charon/control/controller.h (renamed from src/charon/control/interface_manager.h)120
-rw-r--r--src/charon/control/interfaces/dbus_interface.c427
-rw-r--r--src/charon/control/interfaces/dbus_interface.h57
-rw-r--r--src/charon/control/interfaces/interface.h59
-rwxr-xr-xsrc/charon/control/interfaces/stroke_interface.c1818
-rw-r--r--src/charon/control/interfaces/stroke_interface.h60
-rw-r--r--src/charon/control/interfaces/xml_interface.c754
-rw-r--r--src/charon/control/interfaces/xml_interface.h57
9 files changed, 82 insertions, 3445 deletions
diff --git a/src/charon/control/interface_manager.c b/src/charon/control/controller.c
index 4d5aa2ea6..2d1decd88 100644
--- a/src/charon/control/interface_manager.c
+++ b/src/charon/control/controller.c
@@ -1,10 +1,3 @@
-/**
- * @file interface_manager.c
- *
- * @brief Implementation of interface_manager_t.
- *
- */
-
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
@@ -18,9 +11,11 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
+ *
+ * $Id: controller.c 3820 2008-04-17 11:22:37Z martin $
*/
-#include "interface_manager.h"
+#include "controller.h"
#include <sys/types.h>
#include <dirent.h>
@@ -29,31 +24,20 @@
#include <daemon.h>
#include <library.h>
-#include <control/interfaces/interface.h>
-typedef struct private_interface_manager_t private_interface_manager_t;
+typedef struct private_controller_t private_controller_t;
typedef struct interface_bus_listener_t interface_bus_listener_t;
/**
* Private data of an stroke_t object.
*/
-struct private_interface_manager_t {
+struct private_controller_t {
/**
* Public part of stroke_t object.
*/
- interface_manager_t public;
-
- /**
- * a list of all loaded interfaces
- */
- linked_list_t *interfaces;
-
- /**
- * dlopen() handles of interfaces
- */
- linked_list_t *handles;
+ controller_t public;
};
@@ -80,7 +64,7 @@ struct interface_bus_listener_t {
/**
* interface callback (listener gets redirected to here)
*/
- interface_manager_cb_t callback;
+ controller_cb_t callback;
/**
* user parameter to pass to callback
@@ -122,19 +106,11 @@ struct interface_job_t {
};
/**
- * Implements the famous nop operation
+ * Implementation of controller_t.create_ike_sa_iterator.
*/
-static void nop(job_t *job)
+static enumerator_t* create_ike_sa_enumerator(controller_t *this)
{
- /* NOP */
-}
-
-/**
- * Implementation of interface_manager_t.create_ike_sa_iterator.
- */
-static iterator_t* create_ike_sa_iterator(interface_manager_t *this)
-{
- return charon->ike_sa_manager->create_iterator(charon->ike_sa_manager);
+ return charon->ike_sa_manager->create_enumerator(charon->ike_sa_manager);
}
/**
@@ -173,11 +149,11 @@ static status_t initiate_execute(interface_job_t *job)
ike_sa_t *ike_sa;
interface_bus_listener_t *listener = &job->listener;
peer_cfg_t *peer_cfg = listener->peer_cfg;
-
+
ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager,
peer_cfg);
listener->ike_sa = ike_sa;
-
+
if (ike_sa->get_peer_cfg(ike_sa) == NULL)
{
ike_sa->set_peer_cfg(ike_sa, peer_cfg);
@@ -193,11 +169,11 @@ static status_t initiate_execute(interface_job_t *job)
}
/**
- * Implementation of interface_manager_t.initiate.
+ * Implementation of controller_t.initiate.
*/
-static status_t initiate(private_interface_manager_t *this,
+static status_t initiate(private_controller_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
- interface_manager_cb_t callback, void *param)
+ controller_cb_t callback, void *param)
{
interface_job_t job;
@@ -273,10 +249,10 @@ static status_t terminate_ike_execute(interface_job_t *job)
}
/**
- * Implementation of interface_manager_t.terminate_ike.
+ * Implementation of controller_t.terminate_ike.
*/
-static status_t terminate_ike(interface_manager_t *this, u_int32_t unique_id,
- interface_manager_cb_t callback, void *param)
+static status_t terminate_ike(controller_t *this, u_int32_t unique_id,
+ controller_cb_t callback, void *param)
{
interface_job_t job;
@@ -375,10 +351,10 @@ static status_t terminate_child_execute(interface_job_t *job)
}
/**
- * Implementation of interface_manager_t.terminate_child.
+ * Implementation of controller_t.terminate_child.
*/
-static status_t terminate_child(interface_manager_t *this, u_int32_t reqid,
- interface_manager_cb_t callback, void *param)
+static status_t terminate_child(controller_t *this, u_int32_t reqid,
+ controller_cb_t callback, void *param)
{
interface_job_t job;
@@ -434,7 +410,6 @@ static status_t route_execute(interface_job_t *job)
ike_sa_t *ike_sa;
interface_bus_listener_t *listener = &job->listener;
peer_cfg_t *peer_cfg = listener->peer_cfg;
-
ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager,
peer_cfg);
listener->ike_sa = ike_sa;
@@ -452,11 +427,11 @@ static status_t route_execute(interface_job_t *job)
}
/**
- * Implementation of interface_manager_t.route.
+ * Implementation of controller_t.route.
*/
-static status_t route(interface_manager_t *this,
+static status_t route(controller_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
- interface_manager_cb_t callback, void *param)
+ controller_cb_t callback, void *param)
{
interface_job_t job;
@@ -530,10 +505,10 @@ static status_t unroute_execute(interface_job_t *job)
}
/**
- * Implementation of interface_manager_t.unroute.
+ * Implementation of controller_t.unroute.
*/
-static status_t unroute(interface_manager_t *this, u_int32_t reqid,
- interface_manager_cb_t callback, void *param)
+static status_t unroute(controller_t *this, u_int32_t reqid,
+ controller_cb_t callback, void *param)
{
interface_job_t job;
@@ -555,76 +530,9 @@ static status_t unroute(interface_manager_t *this, u_int32_t reqid,
}
/**
- * load the control interface modules
- */
-static void load_interfaces(private_interface_manager_t *this)
-{
- struct dirent* entry;
- DIR* dir;
-
- dir = opendir(IPSEC_INTERFACEDIR);
- if (dir == NULL)
- {
- DBG1(DBG_CFG, "error opening interface modules directory "IPSEC_INTERFACEDIR);
- return;
- }
-
- DBG1(DBG_CFG, "loading control interface modules from '"IPSEC_INTERFACEDIR"'");
-
- while ((entry = readdir(dir)) != NULL)
- {
- char file[256];
- interface_t *interface;
- interface_constructor_t constructor;
- void *handle;
- char *ending;
-
- snprintf(file, sizeof(file), IPSEC_INTERFACEDIR"/%s", entry->d_name);
-
- ending = entry->d_name + strlen(entry->d_name) - 3;
- if (ending <= entry->d_name || !streq(ending, ".so"))
- {
- /* skip anything which does not look like a library */
- DBG2(DBG_CFG, " skipping %s, doesn't look like a library",
- entry->d_name);
- continue;
- }
- /* try to load the library */
- handle = dlopen(file, RTLD_LAZY);
- if (handle == NULL)
- {
- DBG1(DBG_CFG, " opening control interface module %s failed: %s",
- entry->d_name, dlerror());
- continue;
- }
- constructor = dlsym(handle, "interface_create");
- if (constructor == NULL)
- {
- DBG1(DBG_CFG, " interface module %s has no interface_create() "
- "function, skipped", entry->d_name);
- dlclose(handle);
- continue;
- }
-
- interface = constructor();
- if (interface == NULL)
- {
- DBG1(DBG_CFG, " unable to create instance of interface "
- "module %s, skipped", entry->d_name);
- dlclose(handle);
- continue;
- }
- DBG1(DBG_CFG, " loaded control interface module successfully from %s", entry->d_name);
- this->interfaces->insert_last(this->interfaces, interface);
- this->handles->insert_last(this->handles, handle);
- }
- closedir(dir);
-}
-
-/**
* See header
*/
-bool interface_manager_cb_empty(void *param, signal_t signal, level_t level,
+bool controller_cb_empty(void *param, signal_t signal, level_t level,
ike_sa_t *ike_sa, char *format, va_list args)
{
return TRUE;
@@ -633,32 +541,25 @@ bool interface_manager_cb_empty(void *param, signal_t signal, level_t level,
/**
* Implementation of stroke_t.destroy.
*/
-static void destroy(private_interface_manager_t *this)
+static void destroy(private_controller_t *this)
{
- this->interfaces->destroy_offset(this->interfaces, offsetof(interface_t, destroy));
- this->handles->destroy_function(this->handles, (void*)dlclose);
free(this);
}
/*
* Described in header-file
*/
-interface_manager_t *interface_manager_create(void)
+controller_t *controller_create(void)
{
- private_interface_manager_t *this = malloc_thing(private_interface_manager_t);
-
- this->public.create_ike_sa_iterator = (iterator_t*(*)(interface_manager_t*))create_ike_sa_iterator;
- this->public.initiate = (status_t(*)(interface_manager_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate;
- this->public.terminate_ike = (status_t(*)(interface_manager_t*,u_int32_t,interface_manager_cb_t, void*))terminate_ike;
- this->public.terminate_child = (status_t(*)(interface_manager_t*,u_int32_t,interface_manager_cb_t, void *param))terminate_child;
- this->public.route = (status_t(*)(interface_manager_t*,peer_cfg_t*, child_cfg_t*,interface_manager_cb_t,void*))route;
- this->public.unroute = (status_t(*)(interface_manager_t*,u_int32_t,interface_manager_cb_t,void*))unroute;
- this->public.destroy = (void (*)(interface_manager_t*))destroy;
-
- this->interfaces = linked_list_create();
- this->handles = linked_list_create();
+ private_controller_t *this = malloc_thing(private_controller_t);
- load_interfaces(this);
+ this->public.create_ike_sa_enumerator = (enumerator_t*(*)(controller_t*))create_ike_sa_enumerator;
+ this->public.initiate = (status_t(*)(controller_t*,peer_cfg_t*,child_cfg_t*,bool(*)(void*,signal_t,level_t,ike_sa_t*,char*,va_list),void*))initiate;
+ this->public.terminate_ike = (status_t(*)(controller_t*,u_int32_t,controller_cb_t, void*))terminate_ike;
+ this->public.terminate_child = (status_t(*)(controller_t*,u_int32_t,controller_cb_t, void *param))terminate_child;
+ this->public.route = (status_t(*)(controller_t*,peer_cfg_t*, child_cfg_t*,controller_cb_t,void*))route;
+ this->public.unroute = (status_t(*)(controller_t*,u_int32_t,controller_cb_t,void*))unroute;
+ this->public.destroy = (void (*)(controller_t*))destroy;
return &this->public;
}
diff --git a/src/charon/control/interface_manager.h b/src/charon/control/controller.h
index 3ee1f0e39..643611965 100644
--- a/src/charon/control/interface_manager.h
+++ b/src/charon/control/controller.h
@@ -1,10 +1,3 @@
-/**
- * @file interface_manager.h
- *
- * @brief Interface of interface_manager_t.
- *
- */
-
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
@@ -18,15 +11,22 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
+ *
+ * $Id: controller.h 3804 2008-04-14 11:37:46Z martin $
*/
-#ifndef INTERFACE_MANAGER_H_
-#define INTERFACE_MANAGER_H_
+/**
+ * @defgroup controller_i controller
+ * @{ @ingroup control
+ */
+
+#ifndef CONTROLLER_H_
+#define CONTROLLER_H_
#include <bus/bus.h>
/**
- * callback to log things triggered by interface_manager.
+ * callback to log things triggered by controller.
*
* @param param echoed parameter supplied when function invoked
* @param signal type of signal
@@ -35,74 +35,51 @@
* @param format printf like format string
* @param args list of arguments to use for format
* @return FALSE to return from invoked function
- * @ingroup control
*/
-typedef bool(*interface_manager_cb_t)(void* param, signal_t signal, level_t level,
+typedef bool(*controller_cb_t)(void* param, signal_t signal, level_t level,
ike_sa_t* ike_sa, char* format, va_list args);
/**
- * @brief Empty callback function for interface_manager_t functions.
+ * Empty callback function for controller_t functions.
*
* If you wan't to do a syncrhonous call, but don't need a callback, pass
- * this function to the interface_managers methods.
+ * this function to the controllers methods.
*/
-bool interface_manager_cb_empty(void *param, signal_t signal, level_t level,
+bool controller_cb_empty(void *param, signal_t signal, level_t level,
ike_sa_t *ike_sa, char *format, va_list args);
-typedef struct interface_manager_t interface_manager_t;
+typedef struct controller_t controller_t;
/**
- * @brief The interface_manager loads control interfaces and has helper methods.
+ * The controller provides a simple interface to run actions.
*
- * One job of the interface manager is to load pluggable control interface
- * modules, implemented as interface_t.
- * @verbatim
-
- +---------+ +------------+ +--------------+ |
- | | | |<----- +--------------+ | |
- | daemon |<-----| interface- | +--------------+ |-+ <==|==> IPC
- | core | | manager |<----| interfaces |-+ |
- | |<-----| | +--------------+ |
- | | | | |
- +---------+ +------------+ |
-
- @endverbatim
- * The manager does not really use the interfaces, instead, the interface
- * use the manager to fullfill their tasks (initiating, terminating, ...).
- * The interface_manager starts actions by creating jobs. It then tries to
+ * The controller starts actions by creating jobs. It then tries to
* evaluate the result of the operation by listening on the bus.
*
* Passing NULL as callback to the managers function calls them asynchronously.
* If a callback is specified, they are called synchronoulsy. There is a default
- * callback "interface_manager_cb_empty" if you wan't to call a function
+ * callback "controller_cb_empty" if you wan't to call a function
* synchronously, but don't need a callback.
- *
- * @b Constructors:
- * - interface_manager_create()
- *
- * @ingroup control
*/
-struct interface_manager_t {
+struct controller_t {
/**
- * @brief Create an iterator for all IKE_SAs.
+ * Create an enumerator for all IKE_SAs.
*
- * The iterator blocks the IKE_SA manager until it gets destroyed. Do
+ * The enumerator blocks the IKE_SA manager until it gets destroyed. Do
* not call another interface/manager method while the iterator is alive.
*
- * @param this calling object
- * @return iterator, locks IKE_SA manager until destroyed
+ * @return enumerator, locks IKE_SA manager until destroyed
*/
- iterator_t* (*create_ike_sa_iterator)(interface_manager_t *this);
+ enumerator_t* (*create_ike_sa_enumerator)(controller_t *this);
/**
- * @brief Initiate a CHILD_SA, and if required, an IKE_SA.
+ * Initiate a CHILD_SA, and if required, an IKE_SA.
*
* The inititate() function is synchronous and thus blocks until the
* IKE_SA is established or failed. Because of this, the initiate() function
* contains a thread cancellation point.
*
- * @param this calling object
* @param peer_cfg peer_cfg to use for IKE_SA setup
* @param child_cfg child_cfg to set up CHILD_SA from
* @param cb logging callback
@@ -112,18 +89,17 @@ struct interface_manager_t {
* - FAILED, if setup failed
* - NEED_MORE, if callback returned FALSE
*/
- status_t (*initiate)(interface_manager_t *this,
+ status_t (*initiate)(controller_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
- interface_manager_cb_t callback, void *param);
+ controller_cb_t callback, void *param);
/**
- * @brief Terminate an IKE_SA and all of its CHILD_SAs.
+ * Terminate an IKE_SA and all of its CHILD_SAs.
*
* The terminate() function is synchronous and thus blocks until the
* IKE_SA is properly deleted, or the delete timed out.
* The terminate() function contains a thread cancellation point.
*
- * @param this calling object
* @param unique_id unique id of the IKE_SA to terminate.
* @param cb logging callback
* @param param parameter to include in each call of cb
@@ -132,13 +108,12 @@ struct interface_manager_t {
* - NOT_FOUND, if no such CHILD_SA found
* - NEED_MORE, if callback returned FALSE
*/
- status_t (*terminate_ike)(interface_manager_t *this, u_int32_t unique_id,
- interface_manager_cb_t callback, void *param);
+ status_t (*terminate_ike)(controller_t *this, u_int32_t unique_id,
+ controller_cb_t callback, void *param);
/**
- * @brief Terminate a CHILD_SA.
+ * Terminate a CHILD_SA.
*
- * @param this calling object
* @param reqid reqid of the CHILD_SA to terminate
* @param cb logging callback
* @param param parameter to include in each call of cb
@@ -147,13 +122,12 @@ struct interface_manager_t {
* - NOT_FOUND, if no such CHILD_SA found
* - NEED_MORE, if callback returned FALSE
*/
- status_t (*terminate_child)(interface_manager_t *this, u_int32_t reqid,
- interface_manager_cb_t callback, void *param);
+ status_t (*terminate_child)(controller_t *this, u_int32_t reqid,
+ controller_cb_t callback, void *param);
/**
- * @brief Route a CHILD_SA (install triggering policies).
+ * Route a CHILD_SA (install triggering policies).
*
- * @param this calling object
* @param peer_cfg peer_cfg to use for IKE_SA setup, if triggered
* @param child_cfg child_cfg to route
* @param cb logging callback
@@ -163,16 +137,15 @@ struct interface_manager_t {
* - FAILED, if routing failed
* - NEED_MORE, if callback returned FALSE
*/
- status_t (*route)(interface_manager_t *this,
+ status_t (*route)(controller_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
- interface_manager_cb_t callback, void *param);
+ controller_cb_t callback, void *param);
/**
- * @brief Unroute a routed CHILD_SA (uninstall triggering policies).
+ * Unroute a routed CHILD_SA (uninstall triggering policies).
*
* Only the route is removed, not the CHILD_SAs the route triggered.
*
- * @param this calling object
* @param reqid reqid of the CHILD_SA to unroute
* @param cb logging callback
* @param param parameter to include in each call of cb
@@ -181,26 +154,21 @@ struct interface_manager_t {
* - NOT_FOUND, if no such CHILD_SA routed
* - NEED_MORE, if callback returned FALSE
*/
- status_t (*unroute)(interface_manager_t *this, u_int32_t reqid,
- interface_manager_cb_t callback, void *param);
+ status_t (*unroute)(controller_t *this, u_int32_t reqid,
+ controller_cb_t callback, void *param);
/**
- * @brief Destroy a interface_manager_t instance.
- *
- * @param this interface_manager_t objec to destroy
+ * Destroy a controller_t instance.
*/
- void (*destroy) (interface_manager_t *this);
+ void (*destroy) (controller_t *this);
};
/**
- * @brief Creates a interface_manager instance and loads all interface modules.
- *
- * @return interface_manager_t object
+ * Creates a controller instance.
*
- * @ingroup control
+ * @return controller_t object
*/
-interface_manager_t *interface_manager_create(void);
-
-#endif /* INTERFACE_MANAGER_H_ */
+controller_t *controller_create(void);
+#endif /* CONTROLLER_H_ @} */
diff --git a/src/charon/control/interfaces/dbus_interface.c b/src/charon/control/interfaces/dbus_interface.c
deleted file mode 100644
index 39226aaef..000000000
--- a/src/charon/control/interfaces/dbus_interface.c
+++ /dev/null
@@ -1,427 +0,0 @@
-/**
- * @file dbus_interface.c
- *
- * @brief Implementation of dbus_interface_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#define DBUS_API_SUBJECT_TO_CHANGE
-#include <dbus/dbus.h>
-#include <NetworkManager/NetworkManager.h>
-#include <NetworkManager/NetworkManagerVPN.h>
-#include <stdlib.h>
-
-#include "dbus_interface.h"
-
-#include <library.h>
-#include <daemon.h>
-#include <processing/jobs/callback_job.h>
-
-
-#define NM_DBUS_SERVICE_STRONG "org.freedesktop.NetworkManager.strongswan"
-#define NM_DBUS_INTERFACE_STRONG "org.freedesktop.NetworkManager.strongswan"
-#define NM_DBUS_PATH_STRONG "/org/freedesktop/NetworkManager/strongswan"
-
-typedef struct private_dbus_interface_t private_dbus_interface_t;
-
-/**
- * Private data of an dbus_interface_t object.
- */
-struct private_dbus_interface_t {
-
- /**
- * Public part of dbus_t object.
- */
- dbus_interface_t public;
-
- /**
- * DBUS connection
- */
- DBusConnection* conn;
-
- /**
- * error value used here and there
- */
- DBusError err;
-
- /**
- * state of the daemon
- */
- NMVPNState state;
-
- /**
- * job accepting stroke messages
- */
- callback_job_t *job;
-
- /**
- * name of the currently active connection
- */
- char *name;
-};
-
-/**
- * set daemon state and send StateChange signal to the bus
- */
-static void set_state(private_dbus_interface_t *this, NMVPNState state)
-{
- DBusMessage* msg;
-
- msg = dbus_message_new_signal(NM_DBUS_PATH_STRONG, NM_DBUS_INTERFACE_STRONG, NM_DBUS_VPN_SIGNAL_STATE_CHANGE);
-
- if (!dbus_message_append_args(msg, DBUS_TYPE_UINT32, &this->state,
- DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID) ||
- !dbus_connection_send(this->conn, msg, NULL))
- {
- DBG1(DBG_CFG, "unable to send DBUS StateChange signal");
- }
- dbus_connection_flush(this->conn);
- dbus_message_unref(msg);
- this->state = state;
-}
-
-
-/**
- * get the child_cfg with the same name as the peer cfg
- */
-static child_cfg_t* get_child_from_peer(peer_cfg_t *peer_cfg, char *name)
-{
- child_cfg_t *current, *found = NULL;
- iterator_t *iterator;
-
- iterator = peer_cfg->create_child_cfg_iterator(peer_cfg);
- while (iterator->iterate(iterator, (void**)&current))
- {
- if (streq(current->get_name(current), name))
- {
- found = current;
- found->get_ref(found);
- break;
- }
- }
- iterator->destroy(iterator);
- return found;
-}
-
-
-/**
- * process NetworkManagers startConnection method call
- */
-static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg)
-{
- DBusMessage *reply, *signal;
- char *name, *user, **data, **passwords, **routes;
- int data_count, passwords_count, routes_count;
- u_int32_t me, other, p2p, netmask, mss;
- char *dev, *domain, *banner;
- const dbus_int32_t array[] = {};
- const dbus_int32_t *varray = array;
- peer_cfg_t *peer_cfg;
- child_cfg_t *child_cfg;
- status_t status = FAILED;
-
- dbus_error_free(&this->err);
-
- if (!dbus_message_get_args(msg, &this->err,
- DBUS_TYPE_STRING, &name, DBUS_TYPE_STRING, &user,
- DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &passwords, &passwords_count,
- DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &data, &data_count,
- DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &routes, &routes_count,
- DBUS_TYPE_INVALID))
- {
- return FALSE;
- }
- set_state(this, NM_VPN_STATE_STARTING);
-
- peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, name);
- if (peer_cfg)
- {
- free(this->name);
- this->name = strdup(peer_cfg->get_name(peer_cfg));
- child_cfg = get_child_from_peer(peer_cfg, name);
- if (child_cfg)
- {
- status = charon->interfaces->initiate(charon->interfaces,
- peer_cfg, child_cfg, interface_manager_cb_empty, NULL);
- }
- else
- {
- peer_cfg->destroy(peer_cfg);
- }
- }
- reply = dbus_message_new_method_return(msg);
- dbus_connection_send(this->conn, reply, NULL);
- dbus_message_unref(reply);
-
- if (status == SUCCESS)
- {
-
- set_state(this, NM_VPN_STATE_STARTED);
- signal = dbus_message_new_signal(NM_DBUS_PATH_STRONG,
- NM_DBUS_INTERFACE_STRONG,
- NM_DBUS_VPN_SIGNAL_IP4_CONFIG);
- me = other = p2p = mss = netmask = 0;
- dev = domain = banner = "";
- if (dbus_message_append_args(signal,
- DBUS_TYPE_UINT32, &other,
- DBUS_TYPE_STRING, &dev,
- DBUS_TYPE_UINT32, &me,
- DBUS_TYPE_UINT32, &p2p,
- DBUS_TYPE_UINT32, &netmask,
- DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0,
- DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &varray, 0,
- DBUS_TYPE_UINT32, &mss,
- DBUS_TYPE_STRING, &domain,
- DBUS_TYPE_STRING, &banner, DBUS_TYPE_INVALID))
- {
- dbus_connection_send(this->conn, signal, NULL);
- }
- dbus_message_unref(signal);
- }
- else
- {
- set_state(this, NM_VPN_STATE_STOPPED);
- }
-
- dbus_connection_flush(this->conn);
- return TRUE;
-}
-
-/**
- * process NetworkManagers stopConnection method call
- */
-static bool stop_connection(private_dbus_interface_t *this, DBusMessage* msg)
-{
- u_int32_t id;
- iterator_t *iterator;
- ike_sa_t *ike_sa;
-
- if (this->name == NULL)
- {
- return FALSE;
- }
-
- dbus_error_free(&this->err);
-
- set_state(this, NM_VPN_STATE_STOPPING);
-
- iterator = charon->interfaces->create_ike_sa_iterator(charon->interfaces);
- while (iterator->iterate(iterator, (void**)&ike_sa))
- {
- child_sa_t *child_sa;
- iterator_t *children;
-
- if (this->name && streq(this->name, ike_sa->get_name(ike_sa)))
- {
- id = ike_sa->get_unique_id(ike_sa);
- iterator->destroy(iterator);
- charon->interfaces->terminate_ike(charon->interfaces, id, NULL, NULL);
- set_state(this, NM_VPN_STATE_STOPPED);
- return TRUE;;
- }
- children = ike_sa->create_child_sa_iterator(ike_sa);
- while (children->iterate(children, (void**)&child_sa))
- {
- if (this->name && streq(this->name, child_sa->get_name(child_sa)))
- {
- id = child_sa->get_reqid(child_sa);
- children->destroy(children);
- iterator->destroy(iterator);
- charon->interfaces->terminate_child(charon->interfaces, id, NULL, NULL);
- set_state(this, NM_VPN_STATE_STOPPED);
- return TRUE;
- }
- }
- children->destroy(children);
- }
- iterator->destroy(iterator);
- set_state(this, NM_VPN_STATE_STOPPED);
- return TRUE;
-}
-
-/**
- * process NetworkManagers getState method call
- */
-static bool get_state(private_dbus_interface_t *this, DBusMessage* msg)
-{
- DBusMessage* reply;
- reply = dbus_message_new_method_return(msg);
- if (!reply || !dbus_message_append_args(reply,
- DBUS_TYPE_UINT32, &this->state,
- DBUS_TYPE_INVALID))
- {
- return FALSE;
- }
- dbus_connection_send(this->conn, reply, NULL);
- return TRUE;
-}
-
-/**
- * Handle incoming messages
- */
-static DBusHandlerResult message_handler(DBusConnection *con, DBusMessage *msg,
- private_dbus_interface_t *this)
-{
- bool handled;
-
- if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
- "startConnection"))
- {
- handled = start_connection(this, msg);
- }
- else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
- "stopConnection"))
- {
- handled = stop_connection(this, msg);
- }
- else if (dbus_message_is_method_call(msg, NM_DBUS_INTERFACE_STRONG,
- "getState"))
- {
- handled = get_state(this, msg);
- }
- else
- {
- DBG1(DBG_CFG, "ignoring DBUS message %s.%s",
- dbus_message_get_interface(msg), dbus_message_get_member(msg));
- handled = FALSE;
- }
-
- if (handled)
- {
- return DBUS_HANDLER_RESULT_HANDLED;
- }
- return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
-}
-
-/**
- * Handle received signals
-
-static DBusHandlerResult signal_handler(DBusConnection *con, DBusMessage *msg,
- private_dbus_interface_t *this)
-{
- bool handled;
-
- if (dbus_message_is_signal(msg, NM_DBUS_INTERFACE, "VPNConnectionStateChange"))
- {
- NMVPNState state;
- char *name;
-
- if (dbus_message_get_args(msg, &this->err, DBUS_TYPE_STRING, &name,
- DBUS_TYPE_UINT32, &state, DBUS_TYPE_INVALID))
- {
- DBG1(DBG_CFG, "got state %d for %s", state, name);
- }
- handled = TRUE;
- }
- else
- {
- DBG1(DBG_CFG, "ignoring DBUS signal %s.%s",
- dbus_message_get_interface(msg), dbus_message_get_member(msg));
- handled = FALSE;
- }
- if (handled)
- {
- return DBUS_HANDLER_RESULT_HANDLED;
- }
- return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
-} */
-
-/**
- * dispatcher function processed by a seperate thread
- */
-static job_requeue_t dispatch(private_dbus_interface_t *this)
-{
- if (dbus_connection_read_write_dispatch(this->conn, -1))
- {
- return JOB_REQUEUE_DIRECT;
- }
- return JOB_REQUEUE_NONE;
-}
-
-/**
- * Implementation of interface_t.destroy.
- */
-static void destroy(private_dbus_interface_t *this)
-{
- this->job->cancel(this->job);
- dbus_connection_close(this->conn);
- dbus_error_free(&this->err);
- dbus_shutdown();
- free(this->name);
- free(this);
-}
-
-/*
- * Described in header file
- */
-interface_t *interface_create()
-{
- int ret;
- DBusObjectPathVTable v = {NULL, (void*)&message_handler, NULL, NULL, NULL, NULL};
- private_dbus_interface_t *this = malloc_thing(private_dbus_interface_t);
-
- this->public.interface.destroy = (void (*)(interface_t*))destroy;
-
- dbus_error_init(&this->err);
- this->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &this->err);
- if (dbus_error_is_set(&this->err))
- {
- DBG1(DBG_CFG, "unable to open DBUS connection: %s", this->err.message);
- charon->kill(charon, "DBUS initialization failed");
- }
- dbus_connection_set_exit_on_disconnect(this->conn, FALSE);
-
- ret = dbus_bus_request_name(this->conn, NM_DBUS_SERVICE_STRONG,
- DBUS_NAME_FLAG_REPLACE_EXISTING , &this->err);
- if (dbus_error_is_set(&this->err))
- {
- DBG1(DBG_CFG, "unable to set DBUS name: %s", this->err.message);
- charon->kill(charon, "unable to set DBUS name");
- }
- if (ret != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER)
- {
- charon->kill(charon, "DBUS name already owned");
- }
- if (!dbus_connection_register_object_path(this->conn, NM_DBUS_PATH_STRONG, &v, this))
- {
- charon->kill(charon, "unable to register DBUS message handler");
- }
- /*
- if (!dbus_connection_add_filter(this->conn, (void*)signal_handler, this, NULL))
- {
- charon->kill(charon, "unable to register DBUS signal handler");
- }
-
- dbus_bus_add_match(this->conn, "type='signal', "
- "interface='" NM_DBUS_INTERFACE_VPN "',"
- "path='" NM_DBUS_PATH_VPN "'", &this->err);
- if (dbus_error_is_set (&this->err))
- {
- charon->kill(charon, "unable to add DBUS signal match");
- }*/
-
- this->name = NULL;
- this->state = NM_VPN_STATE_INIT;
- set_state(this, NM_VPN_STATE_STOPPED);
-
- this->job = callback_job_create((callback_job_cb_t)dispatch, this, NULL, NULL);
- charon->processor->queue_job(charon->processor, (job_t*)this->job);
-
- return &this->public.interface;
-}
-
diff --git a/src/charon/control/interfaces/dbus_interface.h b/src/charon/control/interfaces/dbus_interface.h
deleted file mode 100644
index 0ce57bbbc..000000000
--- a/src/charon/control/interfaces/dbus_interface.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * @file dbus_interface.h
- *
- * @brief Interface of dbus_interface_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef DBUS_INTERFACE_H_
-#define DBUS_INTERFACE_H_
-
-typedef struct dbus_interface_t dbus_interface_t;
-
-#include <control/interfaces/interface.h>
-
-/**
- * @brief The DBUS interface uses the DBUS system bus to communicate.
- *
- * @b Constructors:
- * - dbus_interface_create()
- *
- * @ingroup interfaces
- */
-struct dbus_interface_t {
-
- /**
- * implements interface_t.
- */
- interface_t interface;
-};
-
-
-/**
- * @brief Create the DBUS interface.
- *
- * @return stroke_t object
- *
- * @ingroup interfaces
- */
-interface_t *interface_create();
-
-#endif /* DBUS_INTERFACE_H_ */
-
diff --git a/src/charon/control/interfaces/interface.h b/src/charon/control/interfaces/interface.h
deleted file mode 100644
index 955f4a4eb..000000000
--- a/src/charon/control/interfaces/interface.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * @file interface.h
- *
- * @brief Interface of interface_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef INTERFACE_H_
-#define INTERFACE_H_
-
-typedef struct interface_t interface_t;
-
-/**
- * @brief Interface for a controller.
- *
- * An interface controls the daemon by calling functions on the
- * interface_manager. All interfaces are manager by the interface_manager
- * in a generic way, so they need their own class.
- *
- * @b Constructors:
- * - interface_create() of one of the modules
- *
- * @ingroup interfaces
- */
-struct interface_t {
-
- /**
- * @brief Destroy all interfaces
- *
- * @param this stroke_t objec to destroy
- */
- void (*destroy) (interface_t *this);
-};
-
-
-/**
- * Constructor in a control interface module to create the interface.
- *
- * @ingroup interfaces
- */
-typedef interface_t*(*interface_constructor_t)(void);
-
-#endif /* INTERFACE_H_ */
-
diff --git a/src/charon/control/interfaces/stroke_interface.c b/src/charon/control/interfaces/stroke_interface.c
deleted file mode 100755
index 3b4b246bd..000000000
--- a/src/charon/control/interfaces/stroke_interface.c
+++ /dev/null
@@ -1,1818 +0,0 @@
-/**
- * @file stroke_interface.c
- *
- * @brief Implementation of stroke_interface_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Tobias Brunner
- * Copyright (C) 2006-2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/fcntl.h>
-#include <unistd.h>
-#include <dirent.h>
-#include <errno.h>
-#include <pthread.h>
-#include <signal.h>
-
-#include "stroke_interface.h"
-
-#include <library.h>
-#include <stroke.h>
-#include <daemon.h>
-#include <crypto/x509.h>
-#include <crypto/ietf_attr_list.h>
-#include <crypto/ac.h>
-#include <crypto/ca.h>
-#include <crypto/crl.h>
-#include <control/interface_manager.h>
-#include <control/interfaces/interface.h>
-#include <utils/leak_detective.h>
-#include <processing/jobs/callback_job.h>
-
-#define IKE_PORT 500
-#define PATH_BUF 256
-#define STROKE_THREADS 3
-
-typedef struct private_stroke_interface_t private_stroke_interface_t;
-
-/**
- * Private data of an stroke_interfacet object.
- */
-struct private_stroke_interface_t {
-
- /**
- * Public part of stroke_interfacet object.
- */
- stroke_interface_t public;
-
- /**
- * Unix socket to listen for strokes
- */
- int socket;
-
- /**
- * job accepting stroke messages
- */
- callback_job_t *job;
-};
-
-typedef struct stroke_log_info_t stroke_log_info_t;
-
-/**
- * helper struct to say what and where to log when using controller callback
- */
-struct stroke_log_info_t {
-
- /**
- * level to log up to
- */
- level_t level;
-
- /**
- * where to write log
- */
- FILE* out;
-};
-
-/**
- * Helper function which corrects the string pointers
- * in a stroke_msg_t. Strings in a stroke_msg sent over "wire"
- * contains RELATIVE addresses (relative to the beginning of the
- * stroke_msg). They must be corrected if they reach our address
- * space...
- */
-static void pop_string(stroke_msg_t *msg, char **string)
-{
- if (*string == NULL)
- return;
-
- /* check for sanity of string pointer and string */
- if (string < (char**)msg
- || string > (char**)msg + sizeof(stroke_msg_t)
- || (unsigned long)*string < (unsigned long)((char*)msg->buffer - (char*)msg)
- || (unsigned long)*string > msg->length)
- {
- *string = "(invalid pointer in stroke msg)";
- }
- else
- {
- *string = (char*)msg + (unsigned long)*string;
- }
-}
-
-/**
- * Load end entitity certificate
- */
-static x509_t* load_end_certificate(const char *filename, identification_t **idp)
-{
- char path[PATH_BUF];
- x509_t *cert;
-
- if (*filename == '/')
- {
- /* absolute path name */
- snprintf(path, sizeof(path), "%s", filename);
- }
- else
- {
- /* relative path name */
- snprintf(path, sizeof(path), "%s/%s", CERTIFICATE_DIR, filename);
- }
-
- cert = x509_create_from_file(path, "end entity");
-
- if (cert)
- {
- identification_t *id = *idp;
- identification_t *subject = cert->get_subject(cert);
-
- err_t ugh = cert->is_valid(cert, NULL);
-
- if (ugh != NULL)
- {
- DBG1(DBG_CFG, "warning: certificate %s", ugh);
- }
- if (!id->equals(id, subject) && !cert->equals_subjectAltName(cert, id))
- {
- id->destroy(id);
- id = subject;
- *idp = id->clone(id);
- }
- return charon->credentials->add_end_certificate(charon->credentials, cert);
- }
- return NULL;
-}
-
-/**
- * Load ca certificate
- */
-static x509_t* load_ca_certificate(const char *filename)
-{
- char path[PATH_BUF];
- x509_t *cert;
-
- if (*filename == '/')
- {
- /* absolute path name */
- snprintf(path, sizeof(path), "%s", filename);
- }
- else
- {
- /* relative path name */
- snprintf(path, sizeof(path), "%s/%s", CA_CERTIFICATE_DIR, filename);
- }
-
- cert = x509_create_from_file(path, "ca");
-
- if (cert)
- {
- if (cert->is_ca(cert))
- {
- return charon->credentials->add_auth_certificate(charon->credentials, cert, AUTH_CA);
- }
- else
- {
- DBG1(DBG_CFG, " CA basic constraints flag not set, cert discarded");
- cert->destroy(cert);
- }
- }
- return NULL;
-}
-
-/**
- * Pop the strings of a stroke_end_t struct and log them for debugging purposes
- */
-static void pop_end(stroke_msg_t *msg, const char* label, stroke_end_t *end)
-{
- pop_string(msg, &end->address);
- pop_string(msg, &end->subnet);
- pop_string(msg, &end->sourceip);
- pop_string(msg, &end->id);
- pop_string(msg, &end->cert);
- pop_string(msg, &end->ca);
- pop_string(msg, &end->groups);
- pop_string(msg, &end->updown);
-
- DBG2(DBG_CFG, " %s=%s", label, end->address);
- DBG2(DBG_CFG, " %ssubnet=%s", label, end->subnet);
- DBG2(DBG_CFG, " %ssourceip=%s", label, end->sourceip);
- DBG2(DBG_CFG, " %sid=%s", label, end->id);
- DBG2(DBG_CFG, " %scert=%s", label, end->cert);
- DBG2(DBG_CFG, " %sca=%s", label, end->ca);
- DBG2(DBG_CFG, " %sgroups=%s", label, end->groups);
- DBG2(DBG_CFG, " %supdown=%s", label, end->updown);
-}
-
-/**
- * Add a connection to the configuration list
- */
-static void stroke_add_conn(stroke_msg_t *msg, FILE *out)
-{
- ike_cfg_t *ike_cfg;
- peer_cfg_t *peer_cfg;
- peer_cfg_t *mediated_by_cfg = NULL;
- child_cfg_t *child_cfg;
- identification_t *my_id, *other_id;
- identification_t *my_ca = NULL;
- identification_t *other_ca = NULL;
- identification_t *peer_id = NULL;
- bool my_ca_same = FALSE;
- bool other_ca_same =FALSE;
- host_t *my_host, *other_host, *my_subnet, *other_subnet;
- host_t *my_vip = NULL, *other_vip = NULL;
- linked_list_t *other_groups = linked_list_create();
- proposal_t *proposal;
- traffic_selector_t *my_ts, *other_ts;
- char *interface;
- bool use_existing = FALSE;
- iterator_t *iterator;
- u_int32_t vendor;
-
- pop_string(msg, &msg->add_conn.name);
- DBG1(DBG_CFG, "received stroke: add connection '%s'", msg->add_conn.name);
- DBG2(DBG_CFG, "conn %s", msg->add_conn.name);
- pop_end(msg, "left", &msg->add_conn.me);
- pop_end(msg, "right", &msg->add_conn.other);
- pop_string(msg, &msg->add_conn.algorithms.ike);
- pop_string(msg, &msg->add_conn.algorithms.esp);
- DBG2(DBG_CFG, " ike=%s", msg->add_conn.algorithms.ike);
- DBG2(DBG_CFG, " esp=%s", msg->add_conn.algorithms.esp);
- pop_string(msg, &msg->add_conn.p2p.mediated_by);
- pop_string(msg, &msg->add_conn.p2p.peerid);
- DBG2(DBG_CFG, " p2p_mediation=%s", msg->add_conn.p2p.mediation ? "yes" : "no");
- DBG2(DBG_CFG, " p2p_mediated_by=%s", msg->add_conn.p2p.mediated_by);
- DBG2(DBG_CFG, " p2p_peerid=%s", msg->add_conn.p2p.peerid);
-
- my_host = msg->add_conn.me.address ?
- host_create_from_string(msg->add_conn.me.address, IKE_PORT) : NULL;
- if (my_host == NULL)
- {
- DBG1(DBG_CFG, "invalid host: %s\n", msg->add_conn.me.address);
- return;
- }
-
- other_host = msg->add_conn.other.address ?
- host_create_from_string(msg->add_conn.other.address, IKE_PORT) : NULL;
- if (other_host == NULL)
- {
- DBG1(DBG_CFG, "invalid host: %s\n", msg->add_conn.other.address);
- my_host->destroy(my_host);
- return;
- }
-
- interface = charon->kernel_interface->get_interface(charon->kernel_interface,
- other_host);
- if (interface)
- {
- stroke_end_t tmp_end;
- host_t *tmp_host;
-
- DBG2(DBG_CFG, "left is other host, swapping ends\n");
-
- tmp_host = my_host;
- my_host = other_host;
- other_host = tmp_host;
-
- tmp_end = msg->add_conn.me;
- msg->add_conn.me = msg->add_conn.other;
- msg->add_conn.other = tmp_end;
- free(interface);
- }
- else
- {
- interface = charon->kernel_interface->get_interface(
- charon->kernel_interface, my_host);
- if (!interface)
- {
- DBG1(DBG_CFG, "left nor right host is our side, assuming left=local");
- }
- else
- {
- free(interface);
- }
- }
-
- my_id = identification_create_from_string(msg->add_conn.me.id ?
- msg->add_conn.me.id : msg->add_conn.me.address);
- if (my_id == NULL)
- {
- DBG1(DBG_CFG, "invalid ID: %s\n", msg->add_conn.me.id);
- goto destroy_hosts;
- }
-
- other_id = identification_create_from_string(msg->add_conn.other.id ?
- msg->add_conn.other.id : msg->add_conn.other.address);
- if (other_id == NULL)
- {
- DBG1(DBG_CFG, "invalid ID: %s\n", msg->add_conn.other.id);
- my_id->destroy(my_id);
- goto destroy_hosts;
- }
-
-#ifdef P2P
- if (msg->add_conn.p2p.mediation && msg->add_conn.p2p.mediated_by)
- {
- DBG1(DBG_CFG, "a mediation connection cannot be a"
- " mediated connection at the same time, aborting");
- goto destroy_ids;
- }
-
- if (msg->add_conn.p2p.mediated_by)
- {
- mediated_by_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, msg->add_conn.p2p.mediated_by);
- if (!mediated_by_cfg)
- {
- DBG1(DBG_CFG, "mediation connection '%s' not found, aborting",
- msg->add_conn.p2p.mediated_by);
- goto destroy_ids;
- }
-
- if (!mediated_by_cfg->is_mediation(mediated_by_cfg))
- {
- DBG1(DBG_CFG, "connection '%s' as referred to by '%s' is"
- "no mediation connection, aborting",
- msg->add_conn.p2p.mediated_by, msg->add_conn.name);
- goto destroy_ids;
- }
- }
-
- if (msg->add_conn.p2p.peerid)
- {
- peer_id = identification_create_from_string(msg->add_conn.p2p.peerid);
- if (!peer_id)
- {
- DBG1(DBG_CFG, "invalid peer ID: %s\n", msg->add_conn.p2p.peerid);
- goto destroy_ids;
- }
- }
- else
- {
- /* no peer ID supplied, assume right ID */
- peer_id = other_id->clone(other_id);
- }
-#endif /* P2P */
-
- my_subnet = host_create_from_string(msg->add_conn.me.subnet ?
- msg->add_conn.me.subnet : msg->add_conn.me.address, IKE_PORT);
- if (my_subnet == NULL)
- {
- DBG1(DBG_CFG, "invalid subnet: %s\n", msg->add_conn.me.subnet);
- goto destroy_ids;
- }
-
- other_subnet = host_create_from_string(msg->add_conn.other.subnet ?
- msg->add_conn.other.subnet : msg->add_conn.other.address, IKE_PORT);
- if (other_subnet == NULL)
- {
- DBG1(DBG_CFG, "invalid subnet: %s\n", msg->add_conn.me.subnet);
- my_subnet->destroy(my_subnet);
- goto destroy_ids;
- }
-
- if (msg->add_conn.me.virtual_ip && msg->add_conn.me.sourceip)
- {
- my_vip = host_create_from_string(msg->add_conn.me.sourceip, 0);
- }
- if (msg->add_conn.other.virtual_ip && msg->add_conn.other.sourceip)
- {
- other_vip = host_create_from_string(msg->add_conn.other.sourceip, 0);
- }
-
- if (msg->add_conn.me.tohost)
- {
- my_ts = traffic_selector_create_dynamic(msg->add_conn.me.protocol,
- my_host->get_family(my_host) == AF_INET ?
- TS_IPV4_ADDR_RANGE : TS_IPV6_ADDR_RANGE,
- msg->add_conn.me.port ? msg->add_conn.me.port : 0,
- msg->add_conn.me.port ? msg->add_conn.me.port : 65535);
- }
- else
- {
- my_ts = traffic_selector_create_from_subnet(my_subnet,
- msg->add_conn.me.subnet ? msg->add_conn.me.subnet_mask : 0,
- msg->add_conn.me.protocol, msg->add_conn.me.port);
- }
- my_subnet->destroy(my_subnet);
-
- if (msg->add_conn.other.tohost)
- {
- other_ts = traffic_selector_create_dynamic(msg->add_conn.other.protocol,
- other_host->get_family(other_host) == AF_INET ?
- TS_IPV4_ADDR_RANGE : TS_IPV6_ADDR_RANGE,
- msg->add_conn.other.port ? msg->add_conn.other.port : 0,
- msg->add_conn.other.port ? msg->add_conn.other.port : 65535);
- }
- else
- {
- other_ts = traffic_selector_create_from_subnet(other_subnet,
- msg->add_conn.other.subnet ? msg->add_conn.other.subnet_mask : 0,
- msg->add_conn.other.protocol, msg->add_conn.other.port);
- }
- other_subnet->destroy(other_subnet);
-
- if (msg->add_conn.me.ca)
- {
- if (streq(msg->add_conn.me.ca, "%same"))
- {
- my_ca_same = TRUE;
- }
- else
- {
- my_ca = identification_create_from_string(msg->add_conn.me.ca);
- }
- }
- if (msg->add_conn.other.ca)
- {
- if (streq(msg->add_conn.other.ca, "%same"))
- {
- other_ca_same = TRUE;
- }
- else
- {
- other_ca = identification_create_from_string(msg->add_conn.other.ca);
- }
- }
- if (msg->add_conn.me.cert)
- {
- x509_t *cert = load_end_certificate(msg->add_conn.me.cert, &my_id);
-
- if (cert)
- {
- ca_info_t *ca_info;
-
- if (cert->is_self_signed(cert))
- {
- /* a self-signed certificate is its own ca */
- ca_info = ca_info_create(NULL, cert);
- ca_info = charon->credentials->add_ca_info(charon->credentials, ca_info);
- cert->set_ca_info(cert, ca_info);
- }
- else
- {
- /* get_issuer() automatically sets cert->ca_info */
- ca_info = charon->credentials->get_issuer(charon->credentials, cert);
- }
- if (my_ca == NULL && !my_ca_same)
- {
- identification_t *issuer = cert->get_issuer(cert);
-
- my_ca = issuer->clone(issuer);
- }
- }
- }
- if (msg->add_conn.other.cert)
- {
- x509_t *cert = load_end_certificate(msg->add_conn.other.cert, &other_id);
-
- if (cert)
- {
- ca_info_t *ca_info;
-
- if (cert->is_self_signed(cert))
- {
- /* a self-signed certificate is its own ca */
- ca_info = ca_info_create(NULL, cert);
- ca_info = charon->credentials->add_ca_info(charon->credentials, ca_info);
- cert->set_ca_info(cert, ca_info);
- }
- else
- {
- /* get_issuer() automatically sets cert->ca_info */
- ca_info = charon->credentials->get_issuer(charon->credentials, cert);
- }
- if (other_ca == NULL && !other_ca_same)
- {
- identification_t *issuer = cert->get_issuer(cert);
-
- other_ca = issuer->clone(issuer);
- }
- }
- }
- if (other_ca_same && my_ca)
- {
- other_ca = my_ca->clone(my_ca);
- }
- else if (my_ca_same && other_ca)
- {
- my_ca = other_ca->clone(other_ca);
- }
- if (my_ca == NULL)
- {
- my_ca = identification_create_from_string("%any");
- }
- if (other_ca == NULL)
- {
- other_ca = identification_create_from_string("%any");
- }
- DBG2(DBG_CFG, " my ca: '%D'", my_ca);
- DBG2(DBG_CFG, " other ca:'%D'", other_ca);
-
- if (msg->add_conn.other.groups)
- {
- ietfAttr_list_create_from_string(msg->add_conn.other.groups, other_groups);
- }
-
- /* have a look for an (almost) identical peer config to reuse */
- iterator = charon->backends->create_iterator(charon->backends);
- while (iterator->iterate(iterator, (void**)&peer_cfg))
- {
- host_t *my_vip_conf, *other_vip_conf;
- bool my_vip_equals = FALSE, other_vip_equals = FALSE;
-
- my_vip_conf = peer_cfg->get_my_virtual_ip(peer_cfg);
- if ((my_vip && my_vip_conf && my_vip->equals(my_vip, my_vip_conf)) ||
- (!my_vip_conf && !my_vip))
- {
- my_vip_equals = TRUE;
- }
- DESTROY_IF(my_vip_conf);
- other_vip_conf = peer_cfg->get_other_virtual_ip(peer_cfg, NULL);
- if ((other_vip && other_vip_conf && other_vip->equals(other_vip, other_vip_conf)) ||
- (!other_vip_conf && !other_vip))
- {
- other_vip_equals = TRUE;
- }
- DESTROY_IF(other_vip_conf);
-
- ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
- if (my_id->equals(my_id, peer_cfg->get_my_id(peer_cfg))
- && other_id->equals(other_id, peer_cfg->get_other_id(peer_cfg))
- && my_host->equals(my_host, ike_cfg->get_my_host(ike_cfg))
- && other_host->equals(other_host, ike_cfg->get_other_host(ike_cfg))
- && other_ca->equals(other_ca, peer_cfg->get_other_ca(peer_cfg))
- && ietfAttr_list_equals(other_groups, peer_cfg->get_groups(peer_cfg))
- && peer_cfg->get_ike_version(peer_cfg) == (msg->add_conn.ikev2 ? 2 : 1)
- && peer_cfg->get_auth_method(peer_cfg) == msg->add_conn.auth_method
- && peer_cfg->get_eap_type(peer_cfg, &vendor) == msg->add_conn.eap_type
- && vendor == msg->add_conn.eap_vendor
- && my_vip_equals && other_vip_equals)
- {
- DBG1(DBG_CFG, "reusing existing configuration '%s'",
- peer_cfg->get_name(peer_cfg));
- use_existing = TRUE;
- break;
- }
- }
- iterator->destroy(iterator);
-
- if (use_existing)
- {
- DESTROY_IF(my_vip);
- DESTROY_IF(other_vip);
- my_host->destroy(my_host);
- my_id->destroy(my_id);
- my_ca->destroy(my_ca);
- other_host->destroy(other_host);
- other_id->destroy(other_id);
- other_ca->destroy(other_ca);
- DESTROY_IF(peer_id);
- DESTROY_IF(mediated_by_cfg);
- ietfAttr_list_destroy(other_groups);
- }
- else
- {
- ike_cfg = ike_cfg_create(msg->add_conn.other.sendcert != CERT_NEVER_SEND,
- msg->add_conn.force_encap, my_host, other_host);
-
- if (msg->add_conn.algorithms.ike)
- {
- char *proposal_string;
- char *strict = msg->add_conn.algorithms.ike + strlen(msg->add_conn.algorithms.ike) - 1;
-
- if (*strict == '!')
- *strict = '\0';
- else
- strict = NULL;
-
- while ((proposal_string = strsep(&msg->add_conn.algorithms.ike, ",")))
- {
- proposal = proposal_create_from_string(PROTO_IKE, proposal_string);
- if (proposal == NULL)
- {
- DBG1(DBG_CFG, "invalid IKE proposal string: %s", proposal_string);
- my_id->destroy(my_id);
- other_id->destroy(other_id);
- my_ts->destroy(my_ts);
- other_ts->destroy(other_ts);
- my_ca->destroy(my_ca);
- other_ca->destroy(other_ca);
- ike_cfg->destroy(ike_cfg);
- return;
- }
- ike_cfg->add_proposal(ike_cfg, proposal);
- }
- if (!strict)
- {
- proposal = proposal_create_default(PROTO_IKE);
- ike_cfg->add_proposal(ike_cfg, proposal);
- }
- }
- else
- {
- proposal = proposal_create_default(PROTO_IKE);
- ike_cfg->add_proposal(ike_cfg, proposal);
- }
-
- u_int32_t rekey = 0, reauth = 0, over, jitter;
-
- jitter = msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100;
- over = msg->add_conn.rekey.margin;
- if (msg->add_conn.rekey.reauth)
- {
- reauth = msg->add_conn.rekey.ike_lifetime - over;
- }
- else
- {
- rekey = msg->add_conn.rekey.ike_lifetime - over;
- }
-
- peer_cfg = peer_cfg_create(msg->add_conn.name, msg->add_conn.ikev2 ? 2 : 1,
- ike_cfg, my_id, other_id, my_ca, other_ca, other_groups,
- msg->add_conn.me.sendcert, msg->add_conn.auth_method,
- msg->add_conn.eap_type, msg->add_conn.eap_vendor,
- msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
- msg->add_conn.mobike,
- msg->add_conn.dpd.delay, msg->add_conn.dpd.action, my_vip, other_vip,
- msg->add_conn.p2p.mediation, mediated_by_cfg, peer_id);
- }
-
- child_cfg = child_cfg_create(
- msg->add_conn.name, msg->add_conn.rekey.ipsec_lifetime,
- msg->add_conn.rekey.ipsec_lifetime - msg->add_conn.rekey.margin,
- msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100,
- msg->add_conn.me.updown, msg->add_conn.me.hostaccess,
- msg->add_conn.mode);
-
- peer_cfg->add_child_cfg(peer_cfg, child_cfg);
-
- child_cfg->add_traffic_selector(child_cfg, TRUE, my_ts);
- child_cfg->add_traffic_selector(child_cfg, FALSE, other_ts);
-
- if (msg->add_conn.algorithms.esp)
- {
- char *proposal_string;
- char *strict = msg->add_conn.algorithms.esp + strlen(msg->add_conn.algorithms.esp) - 1;
-
- if (*strict == '!')
- *strict = '\0';
- else
- strict = NULL;
-
- while ((proposal_string = strsep(&msg->add_conn.algorithms.esp, ",")))
- {
- proposal = proposal_create_from_string(PROTO_ESP, proposal_string);
- if (proposal == NULL)
- {
- DBG1(DBG_CFG, "invalid ESP proposal string: %s", proposal_string);
- peer_cfg->destroy(peer_cfg);
- return;
- }
- child_cfg->add_proposal(child_cfg, proposal);
- }
- if (!strict)
- {
- proposal = proposal_create_default(PROTO_ESP);
- child_cfg->add_proposal(child_cfg, proposal);
- }
- }
- else
- {
- proposal = proposal_create_default(PROTO_ESP);
- child_cfg->add_proposal(child_cfg, proposal);
- }
-
- if (!use_existing)
- {
- /* add config to backend */
- charon->backends->add_peer_cfg(charon->backends, peer_cfg);
- DBG1(DBG_CFG, "added configuration '%s': %H[%D]...%H[%D]",
- msg->add_conn.name, my_host, my_id, other_host, other_id);
- }
- return;
-
- /* mopping up after parsing errors */
-
-destroy_ids:
- my_id->destroy(my_id);
- other_id->destroy(other_id);
- DESTROY_IF(mediated_by_cfg);
- DESTROY_IF(peer_id);
-
-destroy_hosts:
- my_host->destroy(my_host);
- other_host->destroy(other_host);
-}
-
-/**
- * Delete a connection from the list
- */
-static void stroke_del_conn(stroke_msg_t *msg, FILE *out)
-{
- iterator_t *peer_iter, *child_iter;
- peer_cfg_t *peer;
- child_cfg_t *child;
-
- pop_string(msg, &(msg->del_conn.name));
- DBG1(DBG_CFG, "received stroke: delete connection '%s'", msg->del_conn.name);
-
- peer_iter = charon->backends->create_iterator(charon->backends);
- while (peer_iter->iterate(peer_iter, (void**)&peer))
- {
- /* remove peer config with such a name */
- if (streq(peer->get_name(peer), msg->del_conn.name))
- {
- peer_iter->remove(peer_iter);
- peer->destroy(peer);
- continue;
- }
- /* remove any child with such a name */
- child_iter = peer->create_child_cfg_iterator(peer);
- while (child_iter->iterate(child_iter, (void**)&child))
- {
- if (streq(child->get_name(child), msg->del_conn.name))
- {
- child_iter->remove(child_iter);
- child->destroy(child);
- }
- }
- child_iter->destroy(child_iter);
- }
- peer_iter->destroy(peer_iter);
-
- fprintf(out, "deleted connection '%s'\n", msg->del_conn.name);
-}
-
-/**
- * get the child_cfg with the same name as the peer cfg
- */
-static child_cfg_t* get_child_from_peer(peer_cfg_t *peer_cfg, char *name)
-{
- child_cfg_t *current, *found = NULL;
- iterator_t *iterator;
-
- iterator = peer_cfg->create_child_cfg_iterator(peer_cfg);
- while (iterator->iterate(iterator, (void**)&current))
- {
- if (streq(current->get_name(current), name))
- {
- found = current;
- found->get_ref(found);
- break;
- }
- }
- iterator->destroy(iterator);
- return found;
-}
-
-/**
- * logging to the stroke interface
- */
-static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level,
- ike_sa_t *ike_sa, char *format, va_list args)
-{
- if (level <= info->level)
- {
- if (vfprintf(info->out, format, args) < 0 ||
- fprintf(info->out, "\n") < 0 ||
- fflush(info->out) != 0)
- {
- return FALSE;
- }
- }
- return TRUE;
-}
-
-/**
- * initiate a connection by name
- */
-static void stroke_initiate(stroke_msg_t *msg, FILE *out)
-{
- peer_cfg_t *peer_cfg;
- child_cfg_t *child_cfg;
- stroke_log_info_t info;
-
- pop_string(msg, &(msg->initiate.name));
- DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name);
-
- peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
- msg->initiate.name);
- if (peer_cfg == NULL)
- {
- fprintf(out, "no config named '%s'\n", msg->initiate.name);
- return;
- }
- if (peer_cfg->get_ike_version(peer_cfg) != 2)
- {
- DBG1(DBG_CFG, "ignoring initiation request for IKEv%d config",
- peer_cfg->get_ike_version(peer_cfg));
- peer_cfg->destroy(peer_cfg);
- return;
- }
-
- child_cfg = get_child_from_peer(peer_cfg, msg->initiate.name);
- if (child_cfg == NULL)
- {
- fprintf(out, "no child config named '%s'\n", msg->initiate.name);
- peer_cfg->destroy(peer_cfg);
- return;
- }
-
- if (msg->output_verbosity < 0)
- {
- charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg,
- NULL, NULL);
- }
- else
- {
- info.out = out;
- info.level = msg->output_verbosity;
- charon->interfaces->initiate(charon->interfaces, peer_cfg, child_cfg,
- (interface_manager_cb_t)stroke_log, &info);
- }
-}
-
-/**
- * route a policy (install SPD entries)
- */
-static void stroke_route(stroke_msg_t *msg, FILE *out)
-{
- peer_cfg_t *peer_cfg;
- child_cfg_t *child_cfg;
- stroke_log_info_t info;
-
- pop_string(msg, &(msg->route.name));
- DBG1(DBG_CFG, "received stroke: route '%s'", msg->route.name);
-
- peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
- msg->route.name);
- if (peer_cfg == NULL)
- {
- fprintf(out, "no config named '%s'\n", msg->route.name);
- return;
- }
- if (peer_cfg->get_ike_version(peer_cfg) != 2)
- {
- peer_cfg->destroy(peer_cfg);
- return;
- }
-
- child_cfg = get_child_from_peer(peer_cfg, msg->route.name);
- if (child_cfg == NULL)
- {
- fprintf(out, "no child config named '%s'\n", msg->route.name);
- peer_cfg->destroy(peer_cfg);
- return;
- }
-
- info.out = out;
- info.level = msg->output_verbosity;
- charon->interfaces->route(charon->interfaces, peer_cfg, child_cfg,
- (interface_manager_cb_t)stroke_log, &info);
- peer_cfg->destroy(peer_cfg);
- child_cfg->destroy(child_cfg);
-}
-
-/**
- * unroute a policy
- */
-static void stroke_unroute(stroke_msg_t *msg, FILE *out)
-{
- char *name;
- ike_sa_t *ike_sa;
- iterator_t *iterator;
- stroke_log_info_t info;
-
- pop_string(msg, &(msg->terminate.name));
- name = msg->terminate.name;
-
- info.out = out;
- info.level = msg->output_verbosity;
-
- iterator = charon->interfaces->create_ike_sa_iterator(charon->interfaces);
- while (iterator->iterate(iterator, (void**)&ike_sa))
- {
- child_sa_t *child_sa;
- iterator_t *children;
- u_int32_t id;
-
- children = ike_sa->create_child_sa_iterator(ike_sa);
- while (children->iterate(children, (void**)&child_sa))
- {
- if (child_sa->get_state(child_sa) == CHILD_ROUTED &&
- streq(name, child_sa->get_name(child_sa)))
- {
- id = child_sa->get_reqid(child_sa);
- children->destroy(children);
- iterator->destroy(iterator);
- charon->interfaces->unroute(charon->interfaces, id,
- (interface_manager_cb_t)stroke_log, &info);
- return;
- }
- }
- children->destroy(children);
- }
- iterator->destroy(iterator);
- DBG1(DBG_CFG, "no such SA found");
-}
-
-/**
- * terminate a connection by name
- */
-static void stroke_terminate(stroke_msg_t *msg, FILE *out)
-{
- char *string, *pos = NULL, *name = NULL;
- u_int32_t id = 0;
- bool child;
- int len;
- ike_sa_t *ike_sa;
- iterator_t *iterator;
- stroke_log_info_t info;
-
- pop_string(msg, &(msg->terminate.name));
- string = msg->terminate.name;
- DBG1(DBG_CFG, "received stroke: terminate '%s'", string);
-
- len = strlen(string);
- if (len < 1)
- {
- DBG1(DBG_CFG, "error parsing string");
- return;
- }
- switch (string[len-1])
- {
- case '}':
- child = TRUE;
- pos = strchr(string, '{');
- break;
- case ']':
- child = FALSE;
- pos = strchr(string, '[');
- break;
- default:
- name = string;
- child = FALSE;
- break;
- }
-
- if (name)
- {
- /* is a single name */
- }
- else if (pos == string + len - 2)
- { /* is name[] or name{} */
- string[len-2] = '\0';
- name = string;
- }
- else
- { /* is name[123] or name{23} */
- string[len-1] = '\0';
- id = atoi(pos + 1);
- if (id == 0)
- {
- DBG1(DBG_CFG, "error parsing string");
- return;
- }
- }
-
- info.out = out;
- info.level = msg->output_verbosity;
-
- iterator = charon->interfaces->create_ike_sa_iterator(charon->interfaces);
- while (iterator->iterate(iterator, (void**)&ike_sa))
- {
- child_sa_t *child_sa;
- iterator_t *children;
-
- if (child)
- {
- children = ike_sa->create_child_sa_iterator(ike_sa);
- while (children->iterate(children, (void**)&child_sa))
- {
- if ((name && streq(name, child_sa->get_name(child_sa))) ||
- (id && id == child_sa->get_reqid(child_sa)))
- {
- id = child_sa->get_reqid(child_sa);
- children->destroy(children);
- iterator->destroy(iterator);
-
- charon->interfaces->terminate_child(charon->interfaces, id,
- (interface_manager_cb_t)stroke_log, &info);
- return;
- }
- }
- children->destroy(children);
- }
- else if ((name && streq(name, ike_sa->get_name(ike_sa))) ||
- (id && id == ike_sa->get_unique_id(ike_sa)))
- {
- id = ike_sa->get_unique_id(ike_sa);
- /* unlock manager first */
- iterator->destroy(iterator);
-
- charon->interfaces->terminate_ike(charon->interfaces, id,
- (interface_manager_cb_t)stroke_log, &info);
- return;
- }
-
- }
- iterator->destroy(iterator);
- DBG1(DBG_CFG, "no such SA found");
-}
-
-/**
- * Add a ca information record to the cainfo list
- */
-static void stroke_add_ca(stroke_msg_t *msg, FILE *out)
-{
- x509_t *cacert;
- ca_info_t *ca_info;
-
- pop_string(msg, &msg->add_ca.name);
- pop_string(msg, &msg->add_ca.cacert);
- pop_string(msg, &msg->add_ca.crluri);
- pop_string(msg, &msg->add_ca.crluri2);
- pop_string(msg, &msg->add_ca.ocspuri);
- pop_string(msg, &msg->add_ca.ocspuri2);
-
- DBG1(DBG_CFG, "received stroke: add ca '%s'", msg->add_ca.name);
-
- DBG2(DBG_CFG, "ca %s", msg->add_ca.name);
- DBG2(DBG_CFG, " cacert=%s", msg->add_ca.cacert);
- DBG2(DBG_CFG, " crluri=%s", msg->add_ca.crluri);
- DBG2(DBG_CFG, " crluri2=%s", msg->add_ca.crluri2);
- DBG2(DBG_CFG, " ocspuri=%s", msg->add_ca.ocspuri);
- DBG2(DBG_CFG, " ocspuri2=%s", msg->add_ca.ocspuri2);
-
- if (msg->add_ca.cacert == NULL)
- {
- DBG1(DBG_CFG, "missing cacert parameter\n");
- return;
- }
-
- cacert = load_ca_certificate(msg->add_ca.cacert);
-
- if (cacert == NULL)
- {
- return;
- }
- ca_info = ca_info_create(msg->add_ca.name, cacert);
-
- if (msg->add_ca.crluri)
- {
- chunk_t uri = { msg->add_ca.crluri, strlen(msg->add_ca.crluri) };
-
- ca_info->add_crluri(ca_info, uri);
- }
- if (msg->add_ca.crluri2)
- {
- chunk_t uri = { msg->add_ca.crluri2, strlen(msg->add_ca.crluri2) };
-
- ca_info->add_crluri(ca_info, uri);
- }
- if (msg->add_ca.ocspuri)
- {
- chunk_t uri = { msg->add_ca.ocspuri, strlen(msg->add_ca.ocspuri) };
-
- ca_info->add_ocspuri(ca_info, uri);
- }
- if (msg->add_ca.ocspuri2)
- {
- chunk_t uri = { msg->add_ca.ocspuri2, strlen(msg->add_ca.ocspuri2) };
-
- ca_info->add_ocspuri(ca_info, uri);
- }
- charon->credentials->add_ca_info(charon->credentials, ca_info);
- DBG1(DBG_CFG, "added ca '%s'", msg->add_ca.name);
-
-}
-
-/**
- * Delete a ca information record from the cainfo list
- */
-static void stroke_del_ca(stroke_msg_t *msg, FILE *out)
-{
- status_t status;
-
- pop_string(msg, &(msg->del_ca.name));
- DBG1(DBG_CFG, "received stroke: delete ca '%s'", msg->del_ca.name);
-
- status = charon->credentials->release_ca_info(charon->credentials,
- msg->del_ca.name);
-
- if (status == SUCCESS)
- {
- fprintf(out, "deleted ca '%s'\n", msg->del_ca.name);
- }
- else
- {
- fprintf(out, "no ca named '%s'\n", msg->del_ca.name);
- }
-}
-
-/**
- * log an IKE_SA to out
- */
-static void log_ike_sa(FILE *out, ike_sa_t *ike_sa, bool all)
-{
- ike_sa_id_t *id = ike_sa->get_id(ike_sa);
- u_int32_t rekey, reauth;
-
- fprintf(out, "%12s[%d]: %N, %H[%D]...%H[%D]\n",
- ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
- ike_sa_state_names, ike_sa->get_state(ike_sa),
- ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
- ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
-
- if (all)
- {
- fprintf(out, "%12s[%d]: IKE SPIs: %.16llx_i%s %.16llx_r%s",
- ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
- id->get_initiator_spi(id), id->is_initiator(id) ? "*" : "",
- id->get_responder_spi(id), id->is_initiator(id) ? "" : "*");
-
- rekey = ike_sa->get_statistic(ike_sa, STAT_REKEY_TIME);
- reauth = ike_sa->get_statistic(ike_sa, STAT_REAUTH_TIME);
- if (rekey)
- {
- fprintf(out, ", rekeying in %V", &rekey);
- }
- if (reauth)
- {
- fprintf(out, ", reauthentication in %V", &reauth);
- }
- if (!rekey && !reauth)
- {
- fprintf(out, ", rekeying disabled");
- }
- fprintf(out, "\n");
- }
-}
-
-/**
- * log an CHILD_SA to out
- */
-static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
-{
- u_int32_t rekey, now = time(NULL);
- u_int32_t use_in, use_out, use_fwd;
- encryption_algorithm_t encr_alg;
- integrity_algorithm_t int_alg;
- size_t encr_len, int_len;
- mode_t mode;
-
- child_sa->get_stats(child_sa, &mode, &encr_alg, &encr_len,
- &int_alg, &int_len, &rekey, &use_in, &use_out,
- &use_fwd);
-
- fprintf(out, "%12s{%d}: %N, %N",
- child_sa->get_name(child_sa), child_sa->get_reqid(child_sa),
- child_sa_state_names, child_sa->get_state(child_sa),
- mode_names, mode);
-
- if (child_sa->get_state(child_sa) == CHILD_INSTALLED)
- {
- fprintf(out, ", %N SPIs: %.8x_i %.8x_o",
- protocol_id_names, child_sa->get_protocol(child_sa),
- htonl(child_sa->get_spi(child_sa, TRUE)),
- htonl(child_sa->get_spi(child_sa, FALSE)));
-
- if (all)
- {
- fprintf(out, "\n%12s{%d}: ", child_sa->get_name(child_sa),
- child_sa->get_reqid(child_sa));
-
-
- if (child_sa->get_protocol(child_sa) == PROTO_ESP)
- {
- fprintf(out, "%N", encryption_algorithm_names, encr_alg);
-
- if (encr_len)
- {
- fprintf(out, "-%d", encr_len);
- }
- fprintf(out, "/");
- }
-
- fprintf(out, "%N", integrity_algorithm_names, int_alg);
- if (int_len)
- {
- fprintf(out, "-%d", int_len);
- }
- fprintf(out, ", rekeying ");
-
- if (rekey)
- {
- fprintf(out, "in %#V", &now, &rekey);
- }
- else
- {
- fprintf(out, "disabled");
- }
-
- fprintf(out, ", last use: ");
- use_in = max(use_in, use_fwd);
- if (use_in)
- {
- fprintf(out, "%ds_i ", now - use_in);
- }
- else
- {
- fprintf(out, "no_i ");
- }
- if (use_out)
- {
- fprintf(out, "%ds_o ", now - use_out);
- }
- else
- {
- fprintf(out, "no_o ");
- }
- }
- }
-
- fprintf(out, "\n%12s{%d}: %#R=== %#R\n",
- child_sa->get_name(child_sa), child_sa->get_reqid(child_sa),
- child_sa->get_traffic_selectors(child_sa, TRUE),
- child_sa->get_traffic_selectors(child_sa, FALSE));
-}
-
-/**
- * show status of daemon
- */
-static void stroke_status(stroke_msg_t *msg, FILE *out, bool all)
-{
- iterator_t *iterator, *children;
- host_t *host;
- peer_cfg_t *peer_cfg;
- ike_cfg_t *ike_cfg;
- child_cfg_t *child_cfg;
- ike_sa_t *ike_sa;
- char *name = NULL;
-
- if (msg->status.name)
- {
- pop_string(msg, &(msg->status.name));
- name = msg->status.name;
- }
-
- if (all)
- {
- leak_detective_status(out);
-
- fprintf(out, "Performance:\n");
- fprintf(out, " worker threads: %d idle of %d,",
- charon->processor->get_idle_threads(charon->processor),
- charon->processor->get_total_threads(charon->processor));
- fprintf(out, " job queue load: %d,",
- charon->processor->get_job_load(charon->processor));
- fprintf(out, " scheduled events: %d\n",
- charon->scheduler->get_job_load(charon->scheduler));
- iterator = charon->kernel_interface->create_address_iterator(
- charon->kernel_interface);
- fprintf(out, "Listening IP addresses:\n");
- while (iterator->iterate(iterator, (void**)&host))
- {
- fprintf(out, " %H\n", host);
- }
- iterator->destroy(iterator);
-
- fprintf(out, "Connections:\n");
- iterator = charon->backends->create_iterator(charon->backends);
- while (iterator->iterate(iterator, (void**)&peer_cfg))
- {
- if (peer_cfg->get_ike_version(peer_cfg) != 2 ||
- (name && !streq(name, peer_cfg->get_name(peer_cfg))))
- {
- continue;
- }
-
- ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
- fprintf(out, "%12s: %H[%D]...%H[%D]\n", peer_cfg->get_name(peer_cfg),
- ike_cfg->get_my_host(ike_cfg), peer_cfg->get_my_id(peer_cfg),
- ike_cfg->get_other_host(ike_cfg), peer_cfg->get_other_id(peer_cfg));
- {
- identification_t *my_ca = peer_cfg->get_my_ca(peer_cfg);
- identification_t *other_ca = peer_cfg->get_other_ca(peer_cfg);
- linked_list_t *groups = peer_cfg->get_groups(peer_cfg);
-
- if (my_ca->get_type(my_ca) != ID_ANY
- || other_ca->get_type(other_ca) != ID_ANY)
- {
- fprintf(out, "%12s: CAs: '%D'...'%D'\n", peer_cfg->get_name(peer_cfg),
- my_ca, other_ca);
- }
- if (groups->get_count(groups) > 0)
- {
- fprintf(out, "%12s: groups: ", peer_cfg->get_name(peer_cfg));
- ietfAttr_list_list(groups, out);
- fprintf(out, "\n");
- }
-
- }
- children = peer_cfg->create_child_cfg_iterator(peer_cfg);
- while (children->iterate(children, (void**)&child_cfg))
- {
- linked_list_t *my_ts, *other_ts;
- my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
- other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
- fprintf(out, "%12s: %#R=== %#R\n", child_cfg->get_name(child_cfg),
- my_ts, other_ts);
- my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
- other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
- }
- children->destroy(children);
- }
- iterator->destroy(iterator);
- }
-
- iterator = charon->ike_sa_manager->create_iterator(charon->ike_sa_manager);
- if (all && iterator->get_count(iterator) > 0)
- {
- fprintf(out, "Security Associations:\n");
- }
- while (iterator->iterate(iterator, (void**)&ike_sa))
- {
- bool ike_printed = FALSE;
- child_sa_t *child_sa;
- iterator_t *children = ike_sa->create_child_sa_iterator(ike_sa);
-
- if (name == NULL || streq(name, ike_sa->get_name(ike_sa)))
- {
- log_ike_sa(out, ike_sa, all);
- ike_printed = TRUE;
- }
-
- while (children->iterate(children, (void**)&child_sa))
- {
- if (name == NULL || streq(name, child_sa->get_name(child_sa)))
- {
- if (!ike_printed)
- {
- log_ike_sa(out, ike_sa, all);
- ike_printed = TRUE;
- }
- log_child_sa(out, child_sa, all);
- }
- }
- children->destroy(children);
- }
- iterator->destroy(iterator);
-}
-
-/**
- * list all authority certificates matching a specified flag
- */
-static void list_auth_certificates(u_int flag, const char *label,
- bool utc, FILE *out)
-{
- bool first = TRUE;
- x509_t *cert;
-
- iterator_t *iterator = charon->credentials->create_auth_cert_iterator(charon->credentials);
-
- while (iterator->iterate(iterator, (void**)&cert))
- {
- if (cert->has_authority_flag(cert, flag))
- {
- if (first)
- {
- fprintf(out, "\n");
- fprintf(out, "List of X.509 %s Certificates:\n", label);
- fprintf(out, "\n");
- first = FALSE;
- }
- cert->list(cert, out, utc);
- fprintf(out, "\n");
- }
- }
- iterator->destroy(iterator);
-}
-
-/**
- * list various information
- */
-static void stroke_list(stroke_msg_t *msg, FILE *out)
-{
- iterator_t *iterator;
-
- if (msg->list.flags & LIST_CERTS)
- {
- x509_t *cert;
-
- iterator = charon->credentials->create_cert_iterator(charon->credentials);
- if (iterator->get_count(iterator))
- {
- fprintf(out, "\n");
- fprintf(out, "List of X.509 End Entity Certificates:\n");
- fprintf(out, "\n");
- }
- while (iterator->iterate(iterator, (void**)&cert))
- {
- cert->list(cert, out, msg->list.utc);
- if (charon->credentials->has_rsa_private_key(
- charon->credentials, cert->get_public_key(cert)))
- {
- fprintf(out, ", has private key");
- }
- fprintf(out, "\n");
-
- }
- iterator->destroy(iterator);
- }
- if (msg->list.flags & LIST_CACERTS)
- {
- list_auth_certificates(AUTH_CA, "CA", msg->list.utc, out);
- }
- if (msg->list.flags & LIST_OCSPCERTS)
- {
- list_auth_certificates(AUTH_OCSP, "OCSP", msg->list.utc, out);
- }
- if (msg->list.flags & LIST_AACERTS)
- {
- list_auth_certificates(AUTH_AA, "AA", msg->list.utc, out);
- }
- if (msg->list.flags & LIST_ACERTS)
- {
- x509ac_t *cert;
-
- iterator = charon->credentials->create_acert_iterator(charon->credentials);
- if (iterator->get_count(iterator))
- {
- fprintf(out, "\n");
- fprintf(out, "List of X.509 Attribute Certificates:\n");
- fprintf(out, "\n");
- }
- while (iterator->iterate(iterator, (void**)&cert))
- {
- cert->list(cert, out, msg->list.utc);
- }
- iterator->destroy(iterator);
- }
- if (msg->list.flags & LIST_CAINFOS)
- {
- ca_info_t *ca_info;
- bool first = TRUE;
-
- iterator = charon->credentials->create_cainfo_iterator(charon->credentials);
- while (iterator->iterate(iterator, (void**)&ca_info))
- {
- if (ca_info->is_ca(ca_info))
- {
- if (first)
- {
- fprintf(out, "\n");
- fprintf(out, "List of X.509 CA Information Records:\n");
- fprintf(out, "\n");
- first = FALSE;
- }
- ca_info->list(ca_info, out, msg->list.utc);
- }
- }
- iterator->destroy(iterator);
- }
- if (msg->list.flags & LIST_CRLS)
- {
- ca_info_t *ca_info;
- bool first = TRUE;
-
- iterator = charon->credentials->create_cainfo_iterator(charon->credentials);
- while (iterator->iterate(iterator, (void **)&ca_info))
- {
- if (ca_info->is_ca(ca_info) && ca_info->has_crl(ca_info))
- {
- if (first)
- {
- fprintf(out, "\n");
- fprintf(out, "List of X.509 CRLs:\n");
- fprintf(out, "\n");
- first = FALSE;
- }
- ca_info->list_crl(ca_info, out, msg->list.utc);
- }
- }
- iterator->destroy(iterator);
- }
- if (msg->list.flags & LIST_OCSP)
- {
- ca_info_t *ca_info;
- bool first = TRUE;
-
- iterator = charon->credentials->create_cainfo_iterator(charon->credentials);
- while (iterator->iterate(iterator, (void **)&ca_info))
- {
- if (ca_info->is_ca(ca_info) && ca_info->has_certinfos(ca_info))
- {
- if (first)
- {
- fprintf(out, "\n");
- fprintf(out, "List of OCSP responses:\n");
- first = FALSE;
- }
- fprintf(out, "\n");
- ca_info->list_certinfos(ca_info, out, msg->list.utc);
- }
- }
- iterator->destroy(iterator);
- }
-}
-
-/**
- * reread various information
- */
-static void stroke_reread(stroke_msg_t *msg, FILE *out)
-{
- if (msg->reread.flags & REREAD_SECRETS)
- {
- charon->credentials->load_secrets(charon->credentials, TRUE);
- }
- if (msg->reread.flags & REREAD_CACERTS)
- {
- charon->credentials->load_ca_certificates(charon->credentials);
- }
- if (msg->reread.flags & REREAD_OCSPCERTS)
- {
- charon->credentials->load_ocsp_certificates(charon->credentials);
- }
- if (msg->reread.flags & REREAD_AACERTS)
- {
- charon->credentials->load_aa_certificates(charon->credentials);
- }
- if (msg->reread.flags & REREAD_ACERTS)
- {
- charon->credentials->load_attr_certificates(charon->credentials);
- }
- if (msg->reread.flags & REREAD_CRLS)
- {
- charon->credentials->load_crls(charon->credentials);
- }
-}
-
-/**
- * purge various information
- */
-static void stroke_purge(stroke_msg_t *msg, FILE *out)
-{
- if (msg->purge.flags & PURGE_OCSP)
- {
- iterator_t *iterator = charon->credentials->create_cainfo_iterator(charon->credentials);
- ca_info_t *ca_info;
-
- while (iterator->iterate(iterator, (void**)&ca_info))
- {
- if (ca_info->is_ca(ca_info))
- {
- ca_info->purge_ocsp(ca_info);
- }
- }
- iterator->destroy(iterator);
- }
-}
-
-signal_t get_signal_from_logtype(char *type)
-{
- if (strcasecmp(type, "any") == 0) return SIG_ANY;
- else if (strcasecmp(type, "mgr") == 0) return DBG_MGR;
- else if (strcasecmp(type, "ike") == 0) return DBG_IKE;
- else if (strcasecmp(type, "chd") == 0) return DBG_CHD;
- else if (strcasecmp(type, "job") == 0) return DBG_JOB;
- else if (strcasecmp(type, "cfg") == 0) return DBG_CFG;
- else if (strcasecmp(type, "knl") == 0) return DBG_KNL;
- else if (strcasecmp(type, "net") == 0) return DBG_NET;
- else if (strcasecmp(type, "enc") == 0) return DBG_ENC;
- else if (strcasecmp(type, "lib") == 0) return DBG_LIB;
- else return -1;
-}
-
-/**
- * set the verbosity debug output
- */
-static void stroke_loglevel(stroke_msg_t *msg, FILE *out)
-{
- signal_t signal;
-
- pop_string(msg, &(msg->loglevel.type));
- DBG1(DBG_CFG, "received stroke: loglevel %d for %s",
- msg->loglevel.level, msg->loglevel.type);
-
- signal = get_signal_from_logtype(msg->loglevel.type);
- if (signal < 0)
- {
- fprintf(out, "invalid type (%s)!\n", msg->loglevel.type);
- return;
- }
-
- charon->outlog->set_level(charon->outlog, signal, msg->loglevel.level);
- charon->syslog->set_level(charon->syslog, signal, msg->loglevel.level);
-}
-
-/**
- * process a stroke request from the socket pointed by "fd"
- */
-static job_requeue_t stroke_process(int *fdp)
-{
- stroke_msg_t *msg;
- u_int16_t msg_length;
- ssize_t bytes_read;
- FILE *out;
- int strokefd = *fdp;
-
- /* peek the length */
- bytes_read = recv(strokefd, &msg_length, sizeof(msg_length), MSG_PEEK);
- if (bytes_read != sizeof(msg_length))
- {
- DBG1(DBG_CFG, "reading length of stroke message failed: %s",
- strerror(errno));
- close(strokefd);
- return JOB_REQUEUE_NONE;
- }
-
- /* read message */
- msg = malloc(msg_length);
- bytes_read = recv(strokefd, msg, msg_length, 0);
- if (bytes_read != msg_length)
- {
- DBG1(DBG_CFG, "reading stroke message failed: %s", strerror(errno));
- close(strokefd);
- return JOB_REQUEUE_NONE;
- }
-
- out = fdopen(strokefd, "w");
- if (out == NULL)
- {
- DBG1(DBG_CFG, "opening stroke output channel failed: %s", strerror(errno));
- close(strokefd);
- free(msg);
- return JOB_REQUEUE_NONE;
- }
-
- DBG3(DBG_CFG, "stroke message %b", (void*)msg, msg_length);
-
- /* the stroke_* functions are blocking, as they listen on the bus. Add
- * cancellation handlers. */
- pthread_cleanup_push((void*)fclose, out);
- pthread_cleanup_push(free, msg);
-
- switch (msg->type)
- {
- case STR_INITIATE:
- stroke_initiate(msg, out);
- break;
- case STR_ROUTE:
- stroke_route(msg, out);
- break;
- case STR_UNROUTE:
- stroke_unroute(msg, out);
- break;
- case STR_TERMINATE:
- stroke_terminate(msg, out);
- break;
- case STR_STATUS:
- stroke_status(msg, out, FALSE);
- break;
- case STR_STATUS_ALL:
- stroke_status(msg, out, TRUE);
- break;
- case STR_ADD_CONN:
- stroke_add_conn(msg, out);
- break;
- case STR_DEL_CONN:
- stroke_del_conn(msg, out);
- break;
- case STR_ADD_CA:
- stroke_add_ca(msg, out);
- break;
- case STR_DEL_CA:
- stroke_del_ca(msg, out);
- break;
- case STR_LOGLEVEL:
- stroke_loglevel(msg, out);
- break;
- case STR_LIST:
- stroke_list(msg, out);
- break;
- case STR_REREAD:
- stroke_reread(msg, out);
- break;
- case STR_PURGE:
- stroke_purge(msg, out);
- break;
- default:
- DBG1(DBG_CFG, "received unknown stroke");
- }
- /* remove and execute cancellation handlers */
- pthread_cleanup_pop(1);
- pthread_cleanup_pop(1);
-
- return JOB_REQUEUE_NONE;
-}
-
-/**
- * Implementation of private_stroke_interface_t.stroke_receive.
- */
-static job_requeue_t stroke_receive(private_stroke_interface_t *this)
-{
- struct sockaddr_un strokeaddr;
- int strokeaddrlen = sizeof(strokeaddr);
- int strokefd, *fdp;
- int oldstate;
- callback_job_t *job;
-
- pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldstate);
- strokefd = accept(this->socket, (struct sockaddr *)&strokeaddr, &strokeaddrlen);
- pthread_setcancelstate(oldstate, NULL);
-
- if (strokefd < 0)
- {
- DBG1(DBG_CFG, "accepting stroke connection failed: %s", strerror(errno));
- return JOB_REQUEUE_FAIR;
- }
-
- fdp = malloc_thing(int);
- *fdp = strokefd;
- job = callback_job_create((callback_job_cb_t)stroke_process, fdp, free, this->job);
- charon->processor->queue_job(charon->processor, (job_t*)job);
-
- return JOB_REQUEUE_FAIR;
-}
-
-/**
- * Implementation of interface_t.destroy.
- */
-static void destroy(private_stroke_interface_t *this)
-{
- this->job->cancel(this->job);
- free(this);
-}
-
-/*
- * Described in header-file
- */
-interface_t *interface_create()
-{
- struct sockaddr_un socket_addr = { AF_UNIX, STROKE_SOCKET};
- private_stroke_interface_t *this = malloc_thing(private_stroke_interface_t);
- mode_t old;
-
- /* public functions */
- this->public.interface.destroy = (void (*)(interface_t*))destroy;
-
- /* set up unix socket */
- this->socket = socket(AF_UNIX, SOCK_STREAM, 0);
- if (this->socket == -1)
- {
- DBG1(DBG_CFG, "could not create stroke socket");
- free(this);
- return NULL;
- }
-
- unlink(socket_addr.sun_path);
- old = umask(~(S_IRWXU | S_IRWXG));
- if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0)
- {
- DBG1(DBG_CFG, "could not bind stroke socket: %s", strerror(errno));
- close(this->socket);
- free(this);
- return NULL;
- }
- umask(old);
- if (chown(socket_addr.sun_path, IPSEC_UID, IPSEC_GID) != 0)
- {
- DBG1(DBG_CFG, "changing stroke socket permissions failed: %s",
- strerror(errno));
- }
-
- if (listen(this->socket, 0) < 0)
- {
- DBG1(DBG_CFG, "could not listen on stroke socket: %s", strerror(errno));
- close(this->socket);
- unlink(socket_addr.sun_path);
- free(this);
- return NULL;
- }
-
- this->job = callback_job_create((callback_job_cb_t)stroke_receive,
- this, NULL, NULL);
- charon->processor->queue_job(charon->processor, (job_t*)this->job);
-
- return &this->public.interface;
-}
-
diff --git a/src/charon/control/interfaces/stroke_interface.h b/src/charon/control/interfaces/stroke_interface.h
deleted file mode 100644
index f1b68023a..000000000
--- a/src/charon/control/interfaces/stroke_interface.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @file stroke_interface.h
- *
- * @brief Interface of stroke_t.
- *
- */
-
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef STROKE_INTERFACE_H_
-#define STROKE_INTERFACE_H_
-
-typedef struct stroke_interface_t stroke_interface_t;
-
-#include <control/interfaces/interface.h>
-
-/**
- * @brief Simple configuration interface using unix-sockets.
- *
- * Stroke is a home-brewed communication interface inspired by whack. It
- * uses a unix socket (/var/run/charon.ctl).
- *
- * @b Constructors:
- * - stroke_create()
- *
- * @ingroup interfaces
- */
-struct stroke_interface_t {
-
- /**
- * implements interface_t.
- */
- interface_t interface;
-};
-
-
-/**
- * @brief Create the stroke interface and listen on the socket.
- *
- * @return interface_t for the stroke interface
- *
- * @ingroup interfaces
- */
-interface_t *interface_create(void);
-
-#endif /* STROKE_INTERFACE_H_ */
-
diff --git a/src/charon/control/interfaces/xml_interface.c b/src/charon/control/interfaces/xml_interface.c
deleted file mode 100644
index aa2a554a0..000000000
--- a/src/charon/control/interfaces/xml_interface.c
+++ /dev/null
@@ -1,754 +0,0 @@
-/**
- * @file xml_interface.c
- *
- * @brief Implementation of xml_interface_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <stdlib.h>
-
-#include "xml_interface.h"
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <unistd.h>
-#include <errno.h>
-#include <pthread.h>
-#include <signal.h>
-#include <libxml/xmlreader.h>
-#include <libxml/xmlwriter.h>
-
-#include <library.h>
-#include <daemon.h>
-#include <processing/jobs/callback_job.h>
-
-
-typedef struct private_xml_interface_t private_xml_interface_t;
-
-/**
- * Private data of an xml_interface_t object.
- */
-struct private_xml_interface_t {
-
- /**
- * Public part of xml_t object.
- */
- xml_interface_t public;
-
- /**
- * XML unix socket fd
- */
- int socket;
-
- /**
- * job accepting stroke messages
- */
- callback_job_t *job;
-};
-
-ENUM(ike_sa_state_lower_names, IKE_CREATED, IKE_DELETING,
- "created",
- "connecting",
- "established",
- "rekeying",
- "deleting",
-);
-
-/**
- * write a bool into element
- */
-static void write_bool(xmlTextWriterPtr writer, char *element, bool val)
-{
- xmlTextWriterWriteElement(writer, element, val ? "true" : "false");
-}
-
-/**
- * write a identification_t into element
- */
-static void write_id(xmlTextWriterPtr writer, char *element, identification_t *id)
-{
- xmlTextWriterStartElement(writer, element);
- switch (id->get_type(id))
- {
- {
- char *type = "";
- while (TRUE)
- {
- case ID_ANY:
- type = "any";
- break;
- case ID_IPV4_ADDR:
- type = "ipv4";
- break;
- case ID_IPV6_ADDR:
- type = "ipv6";
- break;
- case ID_FQDN:
- type = "fqdn";
- break;
- case ID_RFC822_ADDR:
- type = "email";
- break;
- case ID_DER_ASN1_DN:
- type = "asn1dn";
- break;
- case ID_DER_ASN1_GN:
- type = "asn1gn";
- break;
- }
- xmlTextWriterWriteAttribute(writer, "type", type);
- xmlTextWriterWriteFormatString(writer, "%D", id);
- break;
- }
- default:
- /* TODO: base64 keyid */
- xmlTextWriterWriteAttribute(writer, "type", "keyid");
- break;
- }
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * write a host_t address into an element
- */
-static void write_address(xmlTextWriterPtr writer, char *element, host_t *host)
-{
- xmlTextWriterStartElement(writer, element);
- xmlTextWriterWriteAttribute(writer, "type",
- host->get_family(host) == AF_INET ? "ipv4" : "ipv6");
- if (host->is_anyaddr(host))
- { /* do not use %any for XML */
- xmlTextWriterWriteFormatString(writer, "%s",
- host->get_family(host) == AF_INET ? "0.0.0.0" : "::");
- }
- else
- {
- xmlTextWriterWriteFormatString(writer, "%H", host);
- }
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * write networks element
- */
-static void write_networks(xmlTextWriterPtr writer, char *element,
- linked_list_t *list)
-{
- iterator_t *iterator;
- traffic_selector_t *ts;
-
- xmlTextWriterStartElement(writer, element);
- iterator = list->create_iterator(list, TRUE);
- while (iterator->iterate(iterator, (void**)&ts))
- {
- xmlTextWriterStartElement(writer, "network");
- xmlTextWriterWriteAttribute(writer, "type",
- ts->get_type(ts) == TS_IPV4_ADDR_RANGE ? "ipv4" : "ipv6");
- xmlTextWriterWriteFormatString(writer, "%R", ts);
- xmlTextWriterEndElement(writer);
- }
- iterator->destroy(iterator);
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * write a childEnd
- */
-static void write_childend(xmlTextWriterPtr writer, child_sa_t *child, bool local)
-{
- linked_list_t *list;
-
- xmlTextWriterWriteFormatElement(writer, "spi", "%lx",
- htonl(child->get_spi(child, local)));
- list = child->get_traffic_selectors(child, local);
- write_networks(writer, "networks", list);
-}
-
-/**
- * write a child_sa_t
- */
-static void write_child(xmlTextWriterPtr writer, child_sa_t *child)
-{
- mode_t mode;
- encryption_algorithm_t encr;
- integrity_algorithm_t int_algo;
- size_t encr_len, int_len;
- u_int32_t rekey, use_in, use_out, use_fwd;
- child_cfg_t *config;
-
- config = child->get_config(child);
- child->get_stats(child, &mode, &encr, &encr_len, &int_algo, &int_len,
- &rekey, &use_in, &use_out, &use_fwd);
-
- xmlTextWriterStartElement(writer, "childsa");
- xmlTextWriterWriteFormatElement(writer, "reqid", "%d", child->get_reqid(child));
- xmlTextWriterWriteFormatElement(writer, "childconfig", "%s",
- config->get_name(config));
- xmlTextWriterStartElement(writer, "local");
- write_childend(writer, child, TRUE);
- xmlTextWriterEndElement(writer);
- xmlTextWriterStartElement(writer, "remote");
- write_childend(writer, child, FALSE);
- xmlTextWriterEndElement(writer);
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * process a ikesalist query request message
- */
-static void request_query_ikesa(xmlTextReaderPtr reader, xmlTextWriterPtr writer)
-{
- iterator_t *iterator;
- ike_sa_t *ike_sa;
-
- /* <ikesalist> */
- xmlTextWriterStartElement(writer, "ikesalist");
-
- iterator = charon->ike_sa_manager->create_iterator(charon->ike_sa_manager);
- while (iterator->iterate(iterator, (void**)&ike_sa))
- {
- ike_sa_id_t *id;
- host_t *local, *remote;
- iterator_t *children;
- child_sa_t *child_sa;
-
- id = ike_sa->get_id(ike_sa);
-
- xmlTextWriterStartElement(writer, "ikesa");
- xmlTextWriterWriteFormatElement(writer, "id", "%d",
- ike_sa->get_unique_id(ike_sa));
- xmlTextWriterWriteFormatElement(writer, "status", "%N",
- ike_sa_state_lower_names, ike_sa->get_state(ike_sa));
- xmlTextWriterWriteElement(writer, "role",
- id->is_initiator(id) ? "initiator" : "responder");
- xmlTextWriterWriteElement(writer, "peerconfig", ike_sa->get_name(ike_sa));
-
- /* <local> */
- local = ike_sa->get_my_host(ike_sa);
- xmlTextWriterStartElement(writer, "local");
- xmlTextWriterWriteFormatElement(writer, "spi", "%.16llx",
- id->is_initiator(id) ? id->get_initiator_spi(id)
- : id->get_responder_spi(id));
- write_id(writer, "identification", ike_sa->get_my_id(ike_sa));
- write_address(writer, "address", local);
- xmlTextWriterWriteFormatElement(writer, "port", "%d",
- local->get_port(local));
- if (ike_sa->supports_extension(ike_sa, EXT_NATT))
- {
- write_bool(writer, "nat", ike_sa->has_condition(ike_sa, COND_NAT_HERE));
- }
- xmlTextWriterEndElement(writer);
- /* </local> */
-
- /* <remote> */
- remote = ike_sa->get_other_host(ike_sa);
- xmlTextWriterStartElement(writer, "remote");
- xmlTextWriterWriteFormatElement(writer, "spi", "%.16llx",
- id->is_initiator(id) ? id->get_responder_spi(id)
- : id->get_initiator_spi(id));
- write_id(writer, "identification", ike_sa->get_other_id(ike_sa));
- write_address(writer, "address", remote);
- xmlTextWriterWriteFormatElement(writer, "port", "%d",
- remote->get_port(remote));
- if (ike_sa->supports_extension(ike_sa, EXT_NATT))
- {
- write_bool(writer, "nat", ike_sa->has_condition(ike_sa, COND_NAT_THERE));
- }
- xmlTextWriterEndElement(writer);
- /* </remote> */
-
- /* <childsalist> */
- xmlTextWriterStartElement(writer, "childsalist");
- children = ike_sa->create_child_sa_iterator(ike_sa);
- while (children->iterate(children, (void**)&child_sa))
- {
- write_child(writer, child_sa);
- }
- children->destroy(children);
- /* </childsalist> */
- xmlTextWriterEndElement(writer);
-
- /* </ikesa> */
- xmlTextWriterEndElement(writer);
- }
- iterator->destroy(iterator);
-
- /* </ikesalist> */
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * process a configlist query request message
- */
-static void request_query_config(xmlTextReaderPtr reader, xmlTextWriterPtr writer)
-{
- iterator_t *iterator;
- peer_cfg_t *peer_cfg;
-
- /* <configlist> */
- xmlTextWriterStartElement(writer, "configlist");
-
- iterator = charon->backends->create_iterator(charon->backends);
- while (iterator->iterate(iterator, (void**)&peer_cfg))
- {
- iterator_t *children;
- child_cfg_t *child_cfg;
- ike_cfg_t *ike_cfg;
- linked_list_t *list;
-
- if (peer_cfg->get_ike_version(peer_cfg) != 2)
- { /* only IKEv2 connections yet */
- continue;
- }
-
- /* <peerconfig> */
- xmlTextWriterStartElement(writer, "peerconfig");
- xmlTextWriterWriteElement(writer, "name", peer_cfg->get_name(peer_cfg));
- write_id(writer, "local", peer_cfg->get_my_id(peer_cfg));
- write_id(writer, "remote", peer_cfg->get_other_id(peer_cfg));
-
- /* <ikeconfig> */
- ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
- xmlTextWriterStartElement(writer, "ikeconfig");
- write_address(writer, "local", ike_cfg->get_my_host(ike_cfg));
- write_address(writer, "remote", ike_cfg->get_other_host(ike_cfg));
- xmlTextWriterEndElement(writer);
- /* </ikeconfig> */
-
- /* <childconfiglist> */
- xmlTextWriterStartElement(writer, "childconfiglist");
- children = peer_cfg->create_child_cfg_iterator(peer_cfg);
- while (children->iterate(children, (void**)&child_cfg))
- {
- /* <childconfig> */
- xmlTextWriterStartElement(writer, "childconfig");
- xmlTextWriterWriteElement(writer, "name",
- child_cfg->get_name(child_cfg));
- list = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
- write_networks(writer, "local", list);
- list->destroy_offset(list, offsetof(traffic_selector_t, destroy));
- list = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
- write_networks(writer, "remote", list);
- list->destroy_offset(list, offsetof(traffic_selector_t, destroy));
- xmlTextWriterEndElement(writer);
- /* </childconfig> */
- }
- children->destroy(children);
- /* </childconfiglist> */
- xmlTextWriterEndElement(writer);
- /* </peerconfig> */
- xmlTextWriterEndElement(writer);
- }
- iterator->destroy(iterator);
- /* </configlist> */
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * callback which logs to a XML writer
- */
-static bool xml_callback(xmlTextWriterPtr writer, signal_t signal, level_t level,
- ike_sa_t* ike_sa, char* format, va_list args)
-{
- if (level <= 1)
- {
- /* <item> */
- xmlTextWriterStartElement(writer, "item");
- xmlTextWriterWriteFormatAttribute(writer, "level", "%d", level);
- xmlTextWriterWriteFormatAttribute(writer, "source", "%N", signal_names, signal);
- xmlTextWriterWriteFormatAttribute(writer, "thread", "%u", pthread_self());
- xmlTextWriterWriteVFormatString(writer, format, args);
- xmlTextWriterEndElement(writer);
- /* </item> */
- }
- return TRUE;
-}
-
-/**
- * process a *terminate control request message
- */
-static void request_control_terminate(xmlTextReaderPtr reader,
- xmlTextWriterPtr writer, bool ike)
-{
- if (xmlTextReaderRead(reader) &&
- xmlTextReaderNodeType(reader) == XML_READER_TYPE_TEXT)
- {
- const char *str;
- u_int32_t id;
- status_t status;
-
- str = xmlTextReaderConstValue(reader);
- if (str == NULL || !(id = atoi(str)))
- {
- DBG1(DBG_CFG, "error parsing XML id string");
- return;
- }
- DBG1(DBG_CFG, "terminating %s_SA %d", ike ? "IKE" : "CHILD", id);
-
- /* <log> */
- xmlTextWriterStartElement(writer, "log");
- if (ike)
- {
- status = charon->interfaces->terminate_ike(
- charon->interfaces, id,
- (interface_manager_cb_t)xml_callback, writer);
- }
- else
- {
- status = charon->interfaces->terminate_child(
- charon->interfaces, id,
- (interface_manager_cb_t)xml_callback, writer);
- }
- /* </log> */
- xmlTextWriterEndElement(writer);
- xmlTextWriterWriteFormatElement(writer, "status", "%d", status);
- }
-}
-
-/**
- * process a *initiate control request message
- */
-static void request_control_initiate(xmlTextReaderPtr reader,
- xmlTextWriterPtr writer, bool ike)
-{
- if (xmlTextReaderRead(reader) &&
- xmlTextReaderNodeType(reader) == XML_READER_TYPE_TEXT)
- {
- const char *str;
- status_t status = FAILED;
- peer_cfg_t *peer;
- child_cfg_t *child = NULL;
- iterator_t *iterator;
-
- str = xmlTextReaderConstValue(reader);
- if (str == NULL)
- {
- DBG1(DBG_CFG, "error parsing XML config name string");
- return;
- }
- DBG1(DBG_CFG, "initiating %s_SA %s", ike ? "IKE" : "CHILD", str);
-
- /* <log> */
- xmlTextWriterStartElement(writer, "log");
- peer = charon->backends->get_peer_cfg_by_name(charon->backends, (char*)str);
- if (peer)
- {
- iterator = peer->create_child_cfg_iterator(peer);
- if (ike)
- {
- if (!iterator->iterate(iterator, (void**)&child))
- {
- child = NULL;
- }
- child->get_ref(child);
- }
- else
- {
- while (iterator->iterate(iterator, (void**)&child))
- {
- if (streq(child->get_name(child), str))
- {
- child->get_ref(child);
- break;
- }
- child = NULL;
- }
- }
- iterator->destroy(iterator);
- if (child)
- {
- status = charon->interfaces->initiate(charon->interfaces,
- peer, child, (interface_manager_cb_t)xml_callback,
- writer);
- }
- else
- {
- peer->destroy(peer);
- }
- }
- /* </log> */
- xmlTextWriterEndElement(writer);
- xmlTextWriterWriteFormatElement(writer, "status", "%d", status);
- }
-}
-
-/**
- * process a query request
- */
-static void request_query(xmlTextReaderPtr reader, xmlTextWriterPtr writer)
-{
- /* <query> */
- xmlTextWriterStartElement(writer, "query");
- while (xmlTextReaderRead(reader))
- {
- if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT)
- {
- if (streq(xmlTextReaderConstName(reader), "ikesalist"))
- {
- request_query_ikesa(reader, writer);
- break;
- }
- if (streq(xmlTextReaderConstName(reader), "configlist"))
- {
- request_query_config(reader, writer);
- break;
- }
- }
- }
- /* </query> */
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * process a control request
- */
-static void request_control(xmlTextReaderPtr reader, xmlTextWriterPtr writer)
-{
- /* <control> */
- xmlTextWriterStartElement(writer, "control");
- while (xmlTextReaderRead(reader))
- {
- if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT)
- {
- if (streq(xmlTextReaderConstName(reader), "ikesaterminate"))
- {
- request_control_terminate(reader, writer, TRUE);
- break;
- }
- if (streq(xmlTextReaderConstName(reader), "childsaterminate"))
- {
- request_control_terminate(reader, writer, FALSE);
- break;
- }
- if (streq(xmlTextReaderConstName(reader), "ikesainitiate"))
- {
- request_control_initiate(reader, writer, TRUE);
- break;
- }
- if (streq(xmlTextReaderConstName(reader), "childsainitiate"))
- {
- request_control_initiate(reader, writer, FALSE);
- break;
- }
- }
- }
- /* </control> */
- xmlTextWriterEndElement(writer);
-}
-
-/**
- * process a request message
- */
-static void request(xmlTextReaderPtr reader, char *id, int fd)
-{
- xmlTextWriterPtr writer;
-
- writer = xmlNewTextWriter(xmlOutputBufferCreateFd(fd, NULL));
- if (writer == NULL)
- {
- DBG1(DBG_CFG, "opening SMP XML writer failed");
- return;
- }
-
- xmlTextWriterStartDocument(writer, NULL, NULL, NULL);
- /* <message xmlns="http://www.strongswan.org/smp/1.0"
- id="id" type="response"> */
- xmlTextWriterStartElement(writer, "message");
- xmlTextWriterWriteAttribute(writer, "xmlns",
- "http://www.strongswan.org/smp/1.0");
- xmlTextWriterWriteAttribute(writer, "id", id);
- xmlTextWriterWriteAttribute(writer, "type", "response");
-
- while (xmlTextReaderRead(reader))
- {
- if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT)
- {
- if (streq(xmlTextReaderConstName(reader), "query"))
- {
- request_query(reader, writer);
- break;
- }
- if (streq(xmlTextReaderConstName(reader), "control"))
- {
- request_control(reader, writer);
- break;
- }
- }
- }
- /* </message> and close document */
- xmlTextWriterEndDocument(writer);
- xmlFreeTextWriter(writer);
-}
-
-/**
- * cleanup helper function for open file descriptors
- */
-static void closefdp(int *fd)
-{
- close(*fd);
-}
-
-/**
- * read from a opened connection and process it
- */
-static job_requeue_t process(int *fdp)
-{
- int oldstate, fd = *fdp;
- char buffer[4096];
- size_t len;
- xmlTextReaderPtr reader;
- char *id = NULL, *type = NULL;
-
- pthread_cleanup_push((void*)closefdp, (void*)&fd);
- pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldstate);
- len = read(fd, buffer, sizeof(buffer));
- pthread_setcancelstate(oldstate, NULL);
- pthread_cleanup_pop(0);
- if (len <= 0)
- {
- close(fd);
- DBG2(DBG_CFG, "SMP XML connection closed");
- return JOB_REQUEUE_NONE;
- }
- DBG3(DBG_CFG, "got XML request: %b", buffer, len);
-
- reader = xmlReaderForMemory(buffer, len, NULL, NULL, 0);
- if (reader == NULL)
- {
- DBG1(DBG_CFG, "opening SMP XML reader failed");
- return JOB_REQUEUE_FAIR;;
- }
-
- /* read message type and id */
- while (xmlTextReaderRead(reader))
- {
- if (xmlTextReaderNodeType(reader) == XML_READER_TYPE_ELEMENT &&
- streq(xmlTextReaderConstName(reader), "message"))
- {
- id = xmlTextReaderGetAttribute(reader, "id");
- type = xmlTextReaderGetAttribute(reader, "type");
- break;
- }
- }
-
- /* process message */
- if (id && type)
- {
- if (streq(type, "request"))
- {
- request(reader, id, fd);
- }
- else
- {
- /* response(reader, id) */
- }
- }
- xmlFreeTextReader(reader);
- return JOB_REQUEUE_FAIR;;
-}
-
-/**
- * accept from XML socket and create jobs to process connections
- */
-static job_requeue_t dispatch(private_xml_interface_t *this)
-{
- struct sockaddr_un strokeaddr;
- int oldstate, fd, *fdp, strokeaddrlen = sizeof(strokeaddr);
- callback_job_t *job;
-
- /* wait for connections, but allow thread to terminate */
- pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldstate);
- fd = accept(this->socket, (struct sockaddr *)&strokeaddr, &strokeaddrlen);
- pthread_setcancelstate(oldstate, NULL);
-
- if (fd < 0)
- {
- DBG1(DBG_CFG, "accepting SMP XML socket failed: %s", strerror(errno));
- sleep(1);
- return JOB_REQUEUE_FAIR;;
- }
-
- fdp = malloc_thing(int);
- *fdp = fd;
- job = callback_job_create((callback_job_cb_t)process, fdp, free, this->job);
- charon->processor->queue_job(charon->processor, (job_t*)job);
-
- return JOB_REQUEUE_DIRECT;
-}
-
-/**
- * Implementation of itnerface_t.destroy.
- */
-static void destroy(private_xml_interface_t *this)
-{
- this->job->cancel(this->job);
- close(this->socket);
- free(this);
-}
-
-/*
- * Described in header file
- */
-interface_t *interface_create()
-{
- struct sockaddr_un unix_addr = { AF_UNIX, IPSEC_PIDDIR "/charon.xml"};
- private_xml_interface_t *this = malloc_thing(private_xml_interface_t);
- mode_t old;
-
- this->public.interface.destroy = (void (*)(interface_t*))destroy;
-
- /* set up unix socket */
- this->socket = socket(AF_UNIX, SOCK_STREAM, 0);
- if (this->socket == -1)
- {
- DBG1(DBG_CFG, "could not create XML socket");
- free(this);
- return NULL;
- }
-
- unlink(unix_addr.sun_path);
- old = umask(~(S_IRWXU | S_IRWXG));
- if (bind(this->socket, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) < 0)
- {
- DBG1(DBG_CFG, "could not bind XML socket: %s", strerror(errno));
- close(this->socket);
- free(this);
- return NULL;
- }
- umask(old);
- if (chown(unix_addr.sun_path, IPSEC_UID, IPSEC_GID) != 0)
- {
- DBG1(DBG_CFG, "changing XML socket permissions failed: %s", strerror(errno));
- }
-
- if (listen(this->socket, 5) < 0)
- {
- DBG1(DBG_CFG, "could not listen on XML socket: %s", strerror(errno));
- close(this->socket);
- free(this);
- return NULL;
- }
-
- this->job = callback_job_create((callback_job_cb_t)dispatch, this, NULL, NULL);
- charon->processor->queue_job(charon->processor, (job_t*)this->job);
-
- return &this->public.interface;
-}
-
diff --git a/src/charon/control/interfaces/xml_interface.h b/src/charon/control/interfaces/xml_interface.h
deleted file mode 100644
index 6d88c3842..000000000
--- a/src/charon/control/interfaces/xml_interface.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * @file xml_interface.h
- *
- * @brief Interface of xml_interface_t.
- *
- */
-
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef XML_INTERFACE_H_
-#define XML_INTERFACE_H_
-
-typedef struct xml_interface_t xml_interface_t;
-
-#include <control/interfaces/interface.h>
-
-/**
- * @brief The XML interface uses a socket to communicate using XML.
- *
- * @b Constructors:
- * - xml_interface_create()
- *
- * @ingroup interfaces
- */
-struct xml_interface_t {
-
- /**
- * implements interface_t.
- */
- interface_t interface;
-};
-
-
-/**
- * @brief Create the XML interface.
- *
- * @return stroke_t object
- *
- * @ingroup interfaces
- */
-interface_t *interface_create(void);
-
-#endif /* XML_INTERFACE_H_ */
-
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-27 07:47:26 +0000