diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-06-01 15:00:29 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-06-01 15:00:29 +0200 |
| commit | 67b61882ae49026bd719fffe5455c7655d38c81a (patch) | |
| tree | effdddbd0961208a357c3025f5eeba10a95a7bdb /src/libcharon/plugins/vici | |
| parent | 67003dcc0cb5b0ba7e06104b99cb5acced9f6fca (diff) | |
| parent | fc556ec2bc92a9d476c11406fad2c33db8bf7cb0 (diff) | |
| download | vyos-strongswan-67b61882ae49026bd719fffe5455c7655d38c81a.tar.gz vyos-strongswan-67b61882ae49026bd719fffe5455c7655d38c81a.zip | |
Merge tag 'upstream/5.3.1'
Upstream version 5.3.1
Conflicts:
src/libstrongswan/plugins/aesni/aesni_cbc.h
Diffstat (limited to 'src/libcharon/plugins/vici')
| -rw-r--r-- | src/libcharon/plugins/vici/libvici.h | 29 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/python/Makefile.am | 12 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/python/Makefile.in | 17 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/ruby/Makefile.am | 4 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/ruby/Makefile.in | 14 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_config.c | 37 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_dispatcher.c | 41 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_dispatcher.h | 33 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_plugin.c | 24 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_query.c | 85 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_query.h | 28 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_socket.c | 46 |
12 files changed, 329 insertions, 41 deletions
diff --git a/src/libcharon/plugins/vici/libvici.h b/src/libcharon/plugins/vici/libvici.h index 641370efd..3ca9de424 100644 --- a/src/libcharon/plugins/vici/libvici.h +++ b/src/libcharon/plugins/vici/libvici.h @@ -2,15 +2,26 @@ * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. + * libvici.h is MIT-licensed to simplify reuse, but please note that libvici.c + * is not, as it depends on the GPLv2 licensed libstrongswan. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. */ /** diff --git a/src/libcharon/plugins/vici/python/Makefile.am b/src/libcharon/plugins/vici/python/Makefile.am index f51737870..5936f2a5e 100644 --- a/src/libcharon/plugins/vici/python/Makefile.am +++ b/src/libcharon/plugins/vici/python/Makefile.am @@ -8,25 +8,27 @@ EXTRA_DIST = LICENSE MANIFEST.in \ vici/protocol.py \ vici/session.py -setup.py: $(srcdir)/setup.py.in +$(srcdir)/setup.py: $(srcdir)/setup.py.in $(AM_V_GEN) sed \ -e "s:@EGG_VERSION@:$(PACKAGE_VERSION):" \ $(srcdir)/setup.py.in > $@ all-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg -dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) setup.py +dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) $(srcdir)/setup.py (cd $(srcdir); $(PYTHON) setup.py bdist_egg \ -b $(shell readlink -f $(builddir))/build \ -d $(shell readlink -f $(builddir))/dist) -clean-local: setup.py - $(PYTHON) setup.py clean -a - rm -rf vici.egg-info dist setup.py +clean-local: + (cd $(srcdir); [ ! -f setup.py ] || $(PYTHON) setup.py clean -a) + rm -rf $(srcdir)/setup.py $(srcdir)/vici.egg-info $(builddir)/dist +if PYTHON_EGGS_INSTALL install-exec-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg $(EASY_INSTALL) $(PYTHONEGGINSTALLDIR) \ dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg +endif if USE_PY_TEST TESTS = $(PY_TEST) diff --git a/src/libcharon/plugins/vici/python/Makefile.in b/src/libcharon/plugins/vici/python/Makefile.in index 3a5e5ea72..eb4bab6ca 100644 --- a/src/libcharon/plugins/vici/python/Makefile.in +++ b/src/libcharon/plugins/vici/python/Makefile.in @@ -579,6 +579,7 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." +@PYTHON_EGGS_INSTALL_FALSE@install-exec-local: clean: clean-am clean-am: clean-generic clean-libtool clean-local mostlyclean-am @@ -661,25 +662,25 @@ uninstall-am: tags-am uninstall uninstall-am -setup.py: $(srcdir)/setup.py.in +$(srcdir)/setup.py: $(srcdir)/setup.py.in $(AM_V_GEN) sed \ -e "s:@EGG_VERSION@:$(PACKAGE_VERSION):" \ $(srcdir)/setup.py.in > $@ all-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg -dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) setup.py +dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg: $(EXTRA_DIST) $(srcdir)/setup.py (cd $(srcdir); $(PYTHON) setup.py bdist_egg \ -b $(shell readlink -f $(builddir))/build \ -d $(shell readlink -f $(builddir))/dist) -clean-local: setup.py - $(PYTHON) setup.py clean -a - rm -rf vici.egg-info dist setup.py +clean-local: + (cd $(srcdir); [ ! -f setup.py ] || $(PYTHON) setup.py clean -a) + rm -rf $(srcdir)/setup.py $(srcdir)/vici.egg-info $(builddir)/dist -install-exec-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg - $(EASY_INSTALL) $(PYTHONEGGINSTALLDIR) \ - dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg +@PYTHON_EGGS_INSTALL_TRUE@install-exec-local: dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg +@PYTHON_EGGS_INSTALL_TRUE@ $(EASY_INSTALL) $(PYTHONEGGINSTALLDIR) \ +@PYTHON_EGGS_INSTALL_TRUE@ dist/vici-$(PACKAGE_VERSION)-py$(PYTHON_VERSION).egg # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/libcharon/plugins/vici/ruby/Makefile.am b/src/libcharon/plugins/vici/ruby/Makefile.am index 3e12f86cc..e2d340431 100644 --- a/src/libcharon/plugins/vici/ruby/Makefile.am +++ b/src/libcharon/plugins/vici/ruby/Makefile.am @@ -15,10 +15,12 @@ all-local: vici-$(PACKAGE_VERSION).gem clean-local: rm -f vici.gemspec vici-$(PACKAGE_VERSION).gem +if RUBY_GEMS_INSTALL install-data-local: vici-$(PACKAGE_VERSION).gem - $(GEM) install --install-dir $(DESTDIR)$(RUBYGEMDIR) \ + $(GEM) install --no-user-install --install-dir $(DESTDIR)$(RUBYGEMDIR) \ vici-$(PACKAGE_VERSION).gem uninstall-local: $(GEM) uninstall --install-dir $(DESTDIR)$(RUBYGEMDIR) \ --version $(PACKAGE_VERSION) vici +endif diff --git a/src/libcharon/plugins/vici/ruby/Makefile.in b/src/libcharon/plugins/vici/ruby/Makefile.in index f37c09ea2..bf81e5395 100644 --- a/src/libcharon/plugins/vici/ruby/Makefile.in +++ b/src/libcharon/plugins/vici/ruby/Makefile.in @@ -453,6 +453,8 @@ distclean-generic: maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." +@RUBY_GEMS_INSTALL_FALSE@uninstall-local: +@RUBY_GEMS_INSTALL_FALSE@install-data-local: clean: clean-am clean-am: clean-generic clean-libtool clean-local mostlyclean-am @@ -550,13 +552,13 @@ all-local: vici-$(PACKAGE_VERSION).gem clean-local: rm -f vici.gemspec vici-$(PACKAGE_VERSION).gem -install-data-local: vici-$(PACKAGE_VERSION).gem - $(GEM) install --install-dir $(DESTDIR)$(RUBYGEMDIR) \ - vici-$(PACKAGE_VERSION).gem +@RUBY_GEMS_INSTALL_TRUE@install-data-local: vici-$(PACKAGE_VERSION).gem +@RUBY_GEMS_INSTALL_TRUE@ $(GEM) install --no-user-install --install-dir $(DESTDIR)$(RUBYGEMDIR) \ +@RUBY_GEMS_INSTALL_TRUE@ vici-$(PACKAGE_VERSION).gem -uninstall-local: - $(GEM) uninstall --install-dir $(DESTDIR)$(RUBYGEMDIR) \ - --version $(PACKAGE_VERSION) vici +@RUBY_GEMS_INSTALL_TRUE@uninstall-local: +@RUBY_GEMS_INSTALL_TRUE@ $(GEM) uninstall --install-dir $(DESTDIR)$(RUBYGEMDIR) \ +@RUBY_GEMS_INSTALL_TRUE@ --version $(PACKAGE_VERSION) vici # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c index 649161020..d23259912 100644 --- a/src/libcharon/plugins/vici/vici_config.c +++ b/src/libcharon/plugins/vici/vici_config.c @@ -13,6 +13,28 @@ * for more details. */ +/* + * Copyright (C) 2014 Timo Teräs <timo.teras@iki.fi> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + #define _GNU_SOURCE #include "vici_config.h" @@ -1460,6 +1482,21 @@ CALLBACK(peer_sn, bool, return FALSE; } + if (!auth.cfg->get(auth.cfg, AUTH_RULE_IDENTITY)) + { + identification_t *id; + certificate_t *cert; + + cert = auth.cfg->get(auth.cfg, AUTH_RULE_SUBJECT_CERT); + if (cert) + { + id = cert->get_subject(cert); + DBG1(DBG_CFG, " id not specified, defaulting to cert id '%Y'", + id); + auth.cfg->add(auth.cfg, AUTH_RULE_IDENTITY, id->clone(id)); + } + } + if (strcasepfx(name, "local")) { peer->local->insert_last(peer->local, auth.cfg); diff --git a/src/libcharon/plugins/vici/vici_dispatcher.c b/src/libcharon/plugins/vici/vici_dispatcher.c index 6db36fbe0..31292d6b3 100644 --- a/src/libcharon/plugins/vici/vici_dispatcher.c +++ b/src/libcharon/plugins/vici/vici_dispatcher.c @@ -13,6 +13,28 @@ * for more details. */ +/* + * Copyright (C) 2014 Timo Teräs <timo.teras@iki.fi> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + #include "vici_dispatcher.h" #include "vici_socket.h" @@ -446,6 +468,24 @@ METHOD(vici_dispatcher_t, manage_event, void, this->mutex->unlock(this->mutex); } +METHOD(vici_dispatcher_t, has_event_listeners, bool, + private_vici_dispatcher_t *this, char *name) +{ + bool retval = FALSE; + + this->mutex->lock(this->mutex); + if (this->events->get(this->events, name)) + { + /* the entry might be getting destroyed, but returning + * false positive is not a problem as a later raise_event + * will check things again. */ + retval = TRUE; + } + this->mutex->unlock(this->mutex); + + return retval; +} + METHOD(vici_dispatcher_t, raise_event, void, private_vici_dispatcher_t *this, char *name, u_int id, vici_message_t *message) @@ -504,6 +544,7 @@ vici_dispatcher_t *vici_dispatcher_create(char *uri) .public = { .manage_command = _manage_command, .manage_event = _manage_event, + .has_event_listeners = _has_event_listeners, .raise_event = _raise_event, .destroy = _destroy, }, diff --git a/src/libcharon/plugins/vici/vici_dispatcher.h b/src/libcharon/plugins/vici/vici_dispatcher.h index 2297a80bd..e48cf3bd1 100644 --- a/src/libcharon/plugins/vici/vici_dispatcher.h +++ b/src/libcharon/plugins/vici/vici_dispatcher.h @@ -13,6 +13,28 @@ * for more details. */ +/* + * Copyright (C) 2014 Timo Teräs <timo.teras@iki.fi> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + /** * @defgroup vici_dispatcher vici_dispatcher * @{ @ingroup vici @@ -96,6 +118,17 @@ struct vici_dispatcher_t { void (*manage_event)(vici_dispatcher_t *this, char *name, bool reg); /** + * Check if an event has listeners. + * + * This can be used to check if a vici message needs to be generated or not, + * as in some cases the generation can be a heavy operation. + * + * @param name event name to check + * @return TRUE if event has listeners + */ + bool (*has_event_listeners)(vici_dispatcher_t *this, char *name); + + /** * Raise an event to a specific or all clients registered to that event. * * @param name event name to raise diff --git a/src/libcharon/plugins/vici/vici_plugin.c b/src/libcharon/plugins/vici/vici_plugin.c index af8bd283b..7ae58a317 100644 --- a/src/libcharon/plugins/vici/vici_plugin.c +++ b/src/libcharon/plugins/vici/vici_plugin.c @@ -13,6 +13,28 @@ * for more details. */ +/* + * Copyright (C) 2014 Timo Teräs <timo.teras@iki.fi> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + #include "vici_plugin.h" #include "vici_dispatcher.h" #include "vici_query.h" @@ -106,12 +128,14 @@ static bool register_vici(private_vici_plugin_t *this, charon->attributes->add_provider(charon->attributes, &this->attrs->provider); charon->bus->add_logger(charon->bus, &this->logger->logger); + charon->bus->add_listener(charon->bus, &this->query->listener); return TRUE; } return FALSE; } else { + charon->bus->remove_listener(charon->bus, &this->query->listener); charon->bus->remove_logger(charon->bus, &this->logger->logger); charon->attributes->remove_provider(charon->attributes, &this->attrs->provider); diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c index 3e0d73cdf..d94d760b9 100644 --- a/src/libcharon/plugins/vici/vici_query.c +++ b/src/libcharon/plugins/vici/vici_query.c @@ -13,6 +13,28 @@ * for more details. */ +/* + * Copyright (C) 2014 Timo Teräs <timo.teras@iki.fi> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + #include "vici_query.h" #include "vici_builder.h" @@ -1008,6 +1030,8 @@ static void manage_commands(private_vici_query_t *this, bool reg) this->dispatcher->manage_event(this->dispatcher, "list-policy", reg); this->dispatcher->manage_event(this->dispatcher, "list-conn", reg); this->dispatcher->manage_event(this->dispatcher, "list-cert", reg); + this->dispatcher->manage_event(this->dispatcher, "ike-updown", reg); + this->dispatcher->manage_event(this->dispatcher, "child-updown", reg); manage_command(this, "list-sas", list_sas, reg); manage_command(this, "list-policies", list_policies, reg); manage_command(this, "list-conns", list_conns, reg); @@ -1016,6 +1040,63 @@ static void manage_commands(private_vici_query_t *this, bool reg) manage_command(this, "stats", stats, reg); } +METHOD(listener_t, ike_updown, bool, + private_vici_query_t *this, ike_sa_t *ike_sa, bool up) +{ + vici_builder_t *b; + time_t now; + + if (!this->dispatcher->has_event_listeners(this->dispatcher, "ike-updown")) + { + return TRUE; + } + + now = time_monotonic(NULL); + + b = vici_builder_create(); + b->begin_section(b, ike_sa->get_name(ike_sa)); + list_ike(this, b, ike_sa, now); + b->begin_section(b, "child-sas"); + b->end_section(b); + b->end_section(b); + + this->dispatcher->raise_event(this->dispatcher, + "ike-updown", 0, b->finalize(b)); + + return TRUE; +} + +METHOD(listener_t, child_updown, bool, + private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, bool up) +{ + vici_builder_t *b; + time_t now; + + if (!this->dispatcher->has_event_listeners(this->dispatcher, "child-updown")) + { + return TRUE; + } + + now = time_monotonic(NULL); + b = vici_builder_create(); + + b->begin_section(b, ike_sa->get_name(ike_sa)); + list_ike(this, b, ike_sa, now); + b->begin_section(b, "child-sas"); + + b->begin_section(b, child_sa->get_name(child_sa)); + list_child(this, b, child_sa, now); + b->end_section(b); + + b->end_section(b); + b->end_section(b); + + this->dispatcher->raise_event(this->dispatcher, + "child-updown", 0, b->finalize(b)); + + return TRUE; +} + METHOD(vici_query_t, destroy, void, private_vici_query_t *this) { @@ -1032,6 +1113,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher) INIT(this, .public = { + .listener = { + .ike_updown = _ike_updown, + .child_updown = _child_updown, + }, .destroy = _destroy, }, .dispatcher = dispatcher, diff --git a/src/libcharon/plugins/vici/vici_query.h b/src/libcharon/plugins/vici/vici_query.h index da72b1411..0149e8d4f 100644 --- a/src/libcharon/plugins/vici/vici_query.h +++ b/src/libcharon/plugins/vici/vici_query.h @@ -13,11 +13,34 @@ * for more details. */ +/* + * Copyright (C) 2014 Timo Teräs <timo.teras@iki.fi> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + /** * @defgroup vici_query vici_query * @{ @ingroup vici */ +#include <bus/listeners/listener.h> #include "vici_dispatcher.h" #ifndef VICI_QUERY_H_ @@ -31,6 +54,11 @@ typedef struct vici_query_t vici_query_t; struct vici_query_t { /** + * Implements listener_t. + */ + listener_t listener; + + /** * Destroy a vici_query_t. */ void (*destroy)(vici_query_t *this); diff --git a/src/libcharon/plugins/vici/vici_socket.c b/src/libcharon/plugins/vici/vici_socket.c index 916772871..67fd7e8e3 100644 --- a/src/libcharon/plugins/vici/vici_socket.c +++ b/src/libcharon/plugins/vici/vici_socket.c @@ -118,6 +118,8 @@ typedef struct { array_t *queue; /** do we have job processing input queue? */ bool has_processor; + /** is this client disconnecting */ + bool disconnecting; /** client connection identifier */ u_int id; /** any users reading over this connection? */ @@ -187,6 +189,10 @@ static entry_t* find_entry(private_vici_socket_t *this, stream_t *stream, continue; } } + if (entry->disconnecting) + { + continue; + } candidate = TRUE; if ((reader && entry->readers) || @@ -304,7 +310,7 @@ static void disconnect(private_vici_socket_t *this, u_int id) * Write queued output data */ static bool do_write(private_vici_socket_t *this, entry_t *entry, - stream_t *stream) + stream_t *stream, char *errmsg, size_t errlen) { msg_buf_t *out; ssize_t len; @@ -326,7 +332,8 @@ static bool do_write(private_vici_socket_t *this, entry_t *entry, { return TRUE; } - DBG1(DBG_CFG, "vici header write error: %s", strerror(errno)); + snprintf(errmsg, errlen, "vici header write error: %s", + strerror(errno)); return FALSE; } out->hdrlen += len; @@ -339,7 +346,7 @@ static bool do_write(private_vici_socket_t *this, entry_t *entry, out->buf.len - out->done, FALSE); if (len == 0) { - DBG1(DBG_CFG, "premature vici disconnect"); + snprintf(errmsg, errlen, "premature vici disconnect"); return FALSE; } if (len < 0) @@ -348,7 +355,7 @@ static bool do_write(private_vici_socket_t *this, entry_t *entry, { return TRUE; } - DBG1(DBG_CFG, "vici write error: %s", strerror(errno)); + snprintf(errmsg, errlen, "vici write error: %s", strerror(errno)); return FALSE; } out->done += len; @@ -369,13 +376,14 @@ static bool do_write(private_vici_socket_t *this, entry_t *entry, CALLBACK(on_write, bool, private_vici_socket_t *this, stream_t *stream) { + char errmsg[256] = ""; entry_t *entry; bool ret = FALSE; entry = find_entry(this, stream, 0, FALSE, TRUE); if (entry) { - ret = do_write(this, entry, stream); + ret = do_write(this, entry, stream, errmsg, sizeof(errmsg)); if (ret) { /* unregister if we have no more messages to send */ @@ -383,9 +391,15 @@ CALLBACK(on_write, bool, } else { + entry->disconnecting = TRUE; disconnect(entry->this, entry->id); } put_entry(this, entry, FALSE, TRUE); + + if (!ret && errmsg[0]) + { + DBG1(DBG_CFG, errmsg); + } } return ret; @@ -395,7 +409,7 @@ CALLBACK(on_write, bool, * Read in available header with data, non-blocking cumulating to buffer */ static bool do_read(private_vici_socket_t *this, entry_t *entry, - stream_t *stream) + stream_t *stream, char *errmsg, size_t errlen) { u_int32_t msglen; ssize_t len; @@ -415,7 +429,8 @@ static bool do_read(private_vici_socket_t *this, entry_t *entry, { return TRUE; } - DBG1(DBG_CFG, "vici header read error: %s", strerror(errno)); + snprintf(errmsg, errlen, "vici header read error: %s", + strerror(errno)); return FALSE; } entry->in.hdrlen += len; @@ -424,8 +439,8 @@ static bool do_read(private_vici_socket_t *this, entry_t *entry, msglen = untoh32(entry->in.hdr); if (msglen > VICI_MESSAGE_SIZE_MAX) { - DBG1(DBG_CFG, "vici message length %u exceeds %u bytes limit, " - "ignored", msglen, VICI_MESSAGE_SIZE_MAX); + snprintf(errmsg, errlen, "vici message length %u exceeds %u " + "bytes limit, ignored", msglen, VICI_MESSAGE_SIZE_MAX); return FALSE; } /* header complete, continue with data */ @@ -440,7 +455,7 @@ static bool do_read(private_vici_socket_t *this, entry_t *entry, entry->in.buf.len - entry->in.done, FALSE); if (len == 0) { - DBG1(DBG_CFG, "premature vici disconnect"); + snprintf(errmsg, errlen, "premature vici disconnect"); return FALSE; } if (len < 0) @@ -449,7 +464,7 @@ static bool do_read(private_vici_socket_t *this, entry_t *entry, { return TRUE; } - DBG1(DBG_CFG, "vici read error: %s", strerror(errno)); + snprintf(errmsg, errlen, "vici read error: %s", strerror(errno)); return FALSE; } entry->in.done += len; @@ -502,6 +517,7 @@ CALLBACK(process_queue, job_requeue_t, CALLBACK(on_read, bool, private_vici_socket_t *this, stream_t *stream) { + char errmsg[256] = ""; entry_selector_t *sel; entry_t *entry; bool ret = FALSE; @@ -509,9 +525,10 @@ CALLBACK(on_read, bool, entry = find_entry(this, stream, 0, TRUE, FALSE); if (entry) { - ret = do_read(this, entry, stream); + ret = do_read(this, entry, stream, errmsg, sizeof(errmsg)); if (!ret) { + entry->disconnecting = TRUE; disconnect(this, entry->id); } else if (entry->in.hdrlen == sizeof(entry->in.hdr) && @@ -534,6 +551,11 @@ CALLBACK(on_read, bool, } } put_entry(this, entry, TRUE, FALSE); + + if (!ret && errmsg[0]) + { + DBG1(DBG_CFG, errmsg); + } } return ret; |