Imported Upstream version 4.6.4

7 files changed, 126 insertions, 87 deletions

diff --git a/src/libcharon/plugins/eap_simaka_reauth/Makefile.am b/src/libcharon/plugins/eap_simaka_reauth/Makefile.am
index fbcd544d3..0b35c7521 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/Makefile.am
+++ b/src/libcharon/plugins/eap_simaka_reauth/Makefile.am
@@ -1,6 +1,6 @@
 
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon
+	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = -rdynamic
 
@@ -8,6 +8,7 @@ if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-simaka-reauth.la
 else
 plugin_LTLIBRARIES = libstrongswan-eap-simaka-reauth.la
+libstrongswan_eap_simaka_reauth_la_LIBADD = $(top_builddir)/src/libsimaka/libsimaka.la
 endif
 
 libstrongswan_eap_simaka_reauth_la_SOURCES = \
diff --git a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
index 56bc188b0..6177f3b3a 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
@@ -74,7 +74,8 @@ am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
 am__installdirs = "$(DESTDIR)$(plugindir)"
 LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
-libstrongswan_eap_simaka_reauth_la_LIBADD =
+@MONOLITHIC_FALSE@libstrongswan_eap_simaka_reauth_la_DEPENDENCIES =  \
+@MONOLITHIC_FALSE@	$(top_builddir)/src/libsimaka/libsimaka.la
 am_libstrongswan_eap_simaka_reauth_la_OBJECTS =  \
 	eap_simaka_reauth_plugin.lo eap_simaka_reauth_card.lo \
 	eap_simaka_reauth_provider.lo
@@ -196,6 +197,9 @@ am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+axis2c_CFLAGS = @axis2c_CFLAGS@
+axis2c_LIBS = @axis2c_LIBS@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@
@@ -204,6 +208,7 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
@@ -220,11 +225,13 @@ host_cpu = @host_cpu@
 host_os = @host_os@
 host_vendor = @host_vendor@
 htmldir = @htmldir@
+imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
 libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
@@ -268,6 +275,7 @@ sharedstatedir = @sharedstatedir@
 soup_CFLAGS = @soup_CFLAGS@
 soup_LIBS = @soup_LIBS@
 srcdir = @srcdir@
+starter_plugins = @starter_plugins@
 strongswan_conf = @strongswan_conf@
 sysconfdir = @sysconfdir@
 systemdsystemunitdir = @systemdsystemunitdir@
@@ -279,11 +287,12 @@ urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
-	-I$(top_srcdir)/src/libcharon
+	-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = -rdynamic
 @MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-eap-simaka-reauth.la
 @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-eap-simaka-reauth.la
+@MONOLITHIC_FALSE@libstrongswan_eap_simaka_reauth_la_LIBADD = $(top_builddir)/src/libsimaka/libsimaka.la
 libstrongswan_eap_simaka_reauth_la_SOURCES = \
 	eap_simaka_reauth_plugin.h eap_simaka_reauth_plugin.c \
 	eap_simaka_reauth_card.h eap_simaka_reauth_card.c \
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c
index 14d0416d9..870d72781 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.c
@@ -66,12 +66,9 @@ static bool equals(identification_t *key1, identification_t *key2)
 	return key1->equals(key1, key2);
 }
 
-/**
- * Implementation of sim_card_t.get_reauth
- */
-static identification_t *get_reauth(private_eap_simaka_reauth_card_t *this,
-								identification_t *id, char mk[HASH_SIZE_SHA1],
-								u_int16_t *counter)
+METHOD(simaka_card_t, get_reauth, identification_t*,
+	private_eap_simaka_reauth_card_t *this, identification_t *id,
+	char mk[HASH_SIZE_SHA1], u_int16_t *counter)
 {
 	reauth_data_t *data;
 	identification_t *reauth;
@@ -90,12 +87,9 @@ static identification_t *get_reauth(private_eap_simaka_reauth_card_t *this,
 	return reauth;
 }
 
-/**
- * Implementation of sim_card_t.set_reauth
- */
-static void set_reauth(private_eap_simaka_reauth_card_t *this,
-					   identification_t *id, identification_t* next,
-					   char mk[HASH_SIZE_SHA1], u_int16_t counter)
+METHOD(simaka_card_t, set_reauth, void,
+	private_eap_simaka_reauth_card_t *this, identification_t *id,
+	identification_t* next, char mk[HASH_SIZE_SHA1], u_int16_t counter)
 {
 	reauth_data_t *data;
 
@@ -115,18 +109,16 @@ static void set_reauth(private_eap_simaka_reauth_card_t *this,
 	memcpy(data->mk, mk, HASH_SIZE_SHA1);
 }
 
-/**
- * Implementation of sim_card_t.get_quintuplet
- */
-static status_t get_quintuplet()
+METHOD(simaka_card_t, get_quintuplet, status_t,
+	private_eap_simaka_reauth_card_t *this, identification_t *id,
+	char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN],
+	char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len)
 {
 	return NOT_SUPPORTED;
 }
 
-/**
- * Implementation of eap_simaka_reauth_card_t.destroy.
- */
-static void destroy(private_eap_simaka_reauth_card_t *this)
+METHOD(eap_simaka_reauth_card_t, destroy, void,
+	private_eap_simaka_reauth_card_t *this)
 {
 	enumerator_t *enumerator;
 	reauth_data_t *data;
@@ -152,18 +144,21 @@ eap_simaka_reauth_card_t *eap_simaka_reauth_card_create()
 {
 	private_eap_simaka_reauth_card_t *this;
 
-	this = malloc_thing(private_eap_simaka_reauth_card_t);
-
-	this->public.card.get_triplet = (bool(*)(sim_card_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_null;
-	this->public.card.get_quintuplet = (status_t(*)(sim_card_t*, identification_t *id, char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len))get_quintuplet;
-	this->public.card.resync = (bool(*)(sim_card_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false;
-	this->public.card.get_pseudonym = (identification_t*(*)(sim_card_t*, identification_t *perm))return_null;
-	this->public.card.set_pseudonym = (void(*)(sim_card_t*, identification_t *id, identification_t *pseudonym))nop;
-	this->public.card.get_reauth = (identification_t*(*)(sim_card_t*, identification_t *id, char mk[HASH_SIZE_SHA1], u_int16_t *counter))get_reauth;
-	this->public.card.set_reauth = (void(*)(sim_card_t*, identification_t *id, identification_t* next, char mk[HASH_SIZE_SHA1], u_int16_t counter))set_reauth;
-	this->public.destroy = (void(*)(eap_simaka_reauth_card_t*))destroy;
-
-	this->reauth = hashtable_create((void*)hash, (void*)equals, 0);
+	INIT(this,
+		.public = {
+			.card = {
+				.get_triplet = (void*)return_null,
+				.get_quintuplet = _get_quintuplet,
+				.resync = (void*)return_false,
+				.get_pseudonym = (void*)return_null,
+				.set_pseudonym = (void*)nop,
+				.get_reauth = _get_reauth,
+				.set_reauth = _set_reauth,
+			},
+			.destroy = _destroy,
+		},
+		.reauth = hashtable_create((void*)hash, (void*)equals, 0),
+	);
 
 	return &this->public;
 }
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h
index f24dc8a15..683de7559 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_card.h
@@ -21,7 +21,7 @@
 #ifndef EAP_SIMAKA_REAUTH_CARD_H_
 #define EAP_SIMAKA_REAUTH_CARD_H_
 
-#include <sa/authenticators/eap/sim_manager.h>
+#include <simaka_provider.h>
 
 typedef struct eap_simaka_reauth_card_t eap_simaka_reauth_card_t;
 
@@ -31,9 +31,9 @@ typedef struct eap_simaka_reauth_card_t eap_simaka_reauth_card_t;
 struct eap_simaka_reauth_card_t {
 
 	/**
-	 * Implements sim_card_t interface
+	 * Implements simaka_card_t interface
 	 */
-	sim_card_t card;
+	simaka_card_t card;
 
 	/**
 	 * Destroy a eap_simaka_reauth_card_t.
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c
index 343e4eefb..ab3ab2f4d 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_plugin.c
@@ -48,13 +48,60 @@ METHOD(plugin_t, get_name, char*,
 	return "eap-simaka-reauth";
 }
 
+/**
+ * Callback providing our card to register
+ */
+static simaka_card_t* get_card(private_eap_simaka_reauth_t *this)
+{
+	if (!this->card)
+	{
+		this->card = eap_simaka_reauth_card_create();
+	}
+	return &this->card->card;
+}
+
+/**
+ * Callback providing our provider to register
+ */
+static simaka_provider_t* get_provider(private_eap_simaka_reauth_t *this)
+{
+	if (!this->provider)
+	{
+		this->provider = eap_simaka_reauth_provider_create();
+		if (!this->provider)
+		{
+			return NULL;
+		}
+	}
+	return &this->provider->provider;
+}
+
+METHOD(plugin_t, get_features, int,
+	private_eap_simaka_reauth_t *this, plugin_feature_t *features[])
+{
+	static plugin_feature_t f[] = {
+		PLUGIN_CALLBACK(simaka_manager_register, get_card),
+			PLUGIN_PROVIDE(CUSTOM, "aka-card"),
+				PLUGIN_DEPENDS(CUSTOM, "aka-manager"),
+			PLUGIN_PROVIDE(CUSTOM, "sim-card"),
+				PLUGIN_DEPENDS(CUSTOM, "sim-manager"),
+		PLUGIN_CALLBACK(simaka_manager_register, get_provider),
+			PLUGIN_PROVIDE(CUSTOM, "aka-provider"),
+				PLUGIN_DEPENDS(CUSTOM, "aka-manager"),
+				PLUGIN_DEPENDS(RNG, RNG_WEAK),
+			PLUGIN_PROVIDE(CUSTOM, "sim-provider"),
+				PLUGIN_DEPENDS(CUSTOM, "sim-manager"),
+				PLUGIN_DEPENDS(RNG, RNG_WEAK),
+	};
+	*features = f;
+	return countof(f);
+}
+
 METHOD(plugin_t, destroy, void,
 	private_eap_simaka_reauth_t *this)
 {
-	charon->sim->remove_card(charon->sim, &this->card->card);
-	charon->sim->remove_provider(charon->sim, &this->provider->provider);
-	this->card->destroy(this->card);
-	this->provider->destroy(this->provider);
+	DESTROY_IF(this->card);
+	DESTROY_IF(this->provider);
 	free(this);
 }
 
@@ -69,23 +116,12 @@ plugin_t *eap_simaka_reauth_plugin_create()
 		.public = {
 			.plugin = {
 				.get_name = _get_name,
-				.reload = (void*)return_false,
+				.get_features = _get_features,
 				.destroy = _destroy,
 			},
 		},
-		.provider = eap_simaka_reauth_provider_create(),
 	);
 
-	if (!this->provider)
-	{
-		free(this);
-		return NULL;
-	}
-	this->card = eap_simaka_reauth_card_create();
-
-	charon->sim->add_card(charon->sim, &this->card->card);
-	charon->sim->add_provider(charon->sim, &this->provider->provider);
-
 	return &this->public.plugin;
 }
 
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
index f962b2d84..ba1a32778 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
@@ -87,12 +87,9 @@ static identification_t *gen_identity(private_eap_simaka_reauth_provider_t *this
 	return identification_create_from_string(hex);
 }
 
-/**
- * Implementation of sim_provider_t.is_reauth
- */
-static identification_t *is_reauth(private_eap_simaka_reauth_provider_t *this,
-								identification_t *id, char mk[HASH_SIZE_SHA1],
-								u_int16_t *counter)
+METHOD(simaka_provider_t, is_reauth, identification_t*,
+	private_eap_simaka_reauth_provider_t *this, identification_t *id,
+	char mk[HASH_SIZE_SHA1], u_int16_t *counter)
 {
 	identification_t *permanent;
 	reauth_data_t *data;
@@ -114,11 +111,9 @@ static identification_t *is_reauth(private_eap_simaka_reauth_provider_t *this,
 	return permanent->clone(permanent);
 }
 
-/**
- * Implementation of sim_provider_t.gen_reauth
- */
-static identification_t *gen_reauth(private_eap_simaka_reauth_provider_t *this,
-								identification_t *id, char mk[HASH_SIZE_SHA1])
+METHOD(simaka_provider_t, gen_reauth, identification_t*,
+	private_eap_simaka_reauth_provider_t *this, identification_t *id,
+	char mk[HASH_SIZE_SHA1])
 {
 	reauth_data_t *data;
 	identification_t *permanent;
@@ -136,9 +131,9 @@ static identification_t *gen_reauth(private_eap_simaka_reauth_provider_t *this,
 	}
 	else
 	{	/* generate new entry */
-		data = malloc_thing(reauth_data_t);
-		data->counter = 0;
-		data->id = gen_identity(this);
+		INIT(data,
+			.id = gen_identity(this),
+		);
 		id = id->clone(id);
 		this->reauth->put(this->reauth, id, data);
 		this->permanent->put(this->permanent, data->id, id);
@@ -148,10 +143,8 @@ static identification_t *gen_reauth(private_eap_simaka_reauth_provider_t *this,
 	return data->id->clone(data->id);
 }
 
-/**
- * Implementation of eap_simaka_reauth_provider_t.destroy.
- */
-static void destroy(private_eap_simaka_reauth_provider_t *this)
+METHOD(eap_simaka_reauth_provider_t, destroy, void,
+	private_eap_simaka_reauth_provider_t *this)
 {
 	enumerator_t *enumerator;
 	identification_t *id;
@@ -184,18 +177,23 @@ static void destroy(private_eap_simaka_reauth_provider_t *this)
  */
 eap_simaka_reauth_provider_t *eap_simaka_reauth_provider_create()
 {
-	private_eap_simaka_reauth_provider_t *this = malloc_thing(private_eap_simaka_reauth_provider_t);
-
-	this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_false;
-	this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *id, char rand[AKA_RAND_LEN], char xres[AKA_RES_MAX], int *xres_len, char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))return_false;
-	this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false;
-	this->public.provider.is_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
-	this->public.provider.gen_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
-	this->public.provider.is_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char [HASH_SIZE_SHA1], u_int16_t *counter))is_reauth;
-	this->public.provider.gen_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))gen_reauth;
-	this->public.destroy = (void(*)(eap_simaka_reauth_provider_t*))destroy;
-
-	this->rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
+	private_eap_simaka_reauth_provider_t *this;
+
+	INIT(this,
+		.public = {
+			.provider = {
+				.get_triplet = (void*)return_false,
+				.get_quintuplet = (void*)return_false,
+				.resync = (void*)return_false,
+				.is_pseudonym = (void*)return_null,
+				.gen_pseudonym = (void*)return_null,
+				.is_reauth = _is_reauth,
+				.gen_reauth = _gen_reauth,
+			},
+			.destroy = _destroy,
+		},
+		.rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK),
+	);
 	if (!this->rng)
 	{
 		free(this);
diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h
index 7ae151a27..bc6376d53 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.h
@@ -21,7 +21,7 @@
 #ifndef EAP_SIMAKA_REAUTH_PROVIDER_H_
 #define EAP_SIMAKA_REAUTH_PROVIDER_H_
 
-#include <sa/authenticators/eap/sim_manager.h>
+#include <simaka_provider.h>
 
 typedef struct eap_simaka_reauth_provider_t eap_simaka_reauth_provider_t;
 
@@ -31,9 +31,9 @@ typedef struct eap_simaka_reauth_provider_t eap_simaka_reauth_provider_t;
 struct eap_simaka_reauth_provider_t {
 
 	/**
-	 * Implements sim_provider_t interface.
+	 * Implements simaka_provider_t interface.
 	 */
-	sim_provider_t provider;
+	simaka_provider_t provider;
 
 	/**
 	 * Destroy a eap_simaka_reauth_provider_t.