diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2014-03-11 20:48:48 +0100 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2014-03-11 20:48:48 +0100 |
commit | 15fb7904f4431a6e7c305fd08732458f7f885e7e (patch) | |
tree | c93b60ee813af70509f00f34e29ebec311762427 /src/libcharon | |
parent | 5313d2d78ca150515f7f5eb39801c100690b6b29 (diff) | |
download | vyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.tar.gz vyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.zip |
Imported Upstream version 5.1.2
Diffstat (limited to 'src/libcharon')
150 files changed, 1495 insertions, 621 deletions
diff --git a/src/libcharon/Android.mk b/src/libcharon/Android.mk index 0fe88efb4..cc5220973 100644 --- a/src/libcharon/Android.mk +++ b/src/libcharon/Android.mk @@ -217,7 +217,6 @@ endif # build libcharon -------------------------------------------------------------- LOCAL_C_INCLUDES += \ - $(libvstr_PATH) \ $(strongswan_PATH)/src/include \ $(strongswan_PATH)/src/libhydra \ $(strongswan_PATH)/src/libstrongswan diff --git a/src/libcharon/Makefile.in b/src/libcharon/Makefile.in index 4413d69c0..5f8453616 100644 --- a/src/libcharon/Makefile.in +++ b/src/libcharon/Makefile.in @@ -715,8 +715,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -784,6 +782,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -872,12 +875,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -892,6 +899,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/config/ike_cfg.c b/src/libcharon/config/ike_cfg.c index cb6f6ca0e..c74daa0cc 100644 --- a/src/libcharon/config/ike_cfg.c +++ b/src/libcharon/config/ike_cfg.c @@ -14,12 +14,12 @@ * for more details. */ -#include "ike_cfg.h" - +#define _GNU_SOURCE /* for stdndup() */ #include <string.h> -#include <daemon.h> +#include "ike_cfg.h" +#include <daemon.h> ENUM(ike_version_names, IKE_ANY, IKEV2, "IKEv1/2", diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c index 1f3f2ba8b..891d1be84 100644 --- a/src/libcharon/config/proposal.c +++ b/src/libcharon/config/proposal.c @@ -741,6 +741,10 @@ static void proposal_add_supported_ike(private_proposal_t *this) case ECP_256_BP: case ECP_384_BP: case ECP_512_BP: + case NTRU_112_BIT: + case NTRU_128_BIT: + case NTRU_192_BIT: + case NTRU_256_BIT: add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0); break; default: diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c index 5e3ae72b9..0cecd1d3b 100644 --- a/src/libcharon/daemon.c +++ b/src/libcharon/daemon.c @@ -181,7 +181,7 @@ static void handle_syslog_identifier(private_daemon_t *this) char *identifier; identifier = lib->settings->get_str(lib->settings, "%s.syslog.identifier", - NULL, charon->name); + NULL, lib->ns); if (identifier) { /* set identifier, which is prepended to each log line */ if (!this->syslog_identifier || @@ -292,15 +292,15 @@ static void load_sys_logger(private_daemon_t *this, char *facility, sys_logger = add_sys_logger(this, facility, current_loggers); sys_logger->set_options(sys_logger, lib->settings->get_bool(lib->settings, "%s.syslog.%s.ike_name", - FALSE, charon->name, facility)); + FALSE, lib->ns, facility)); def = lib->settings->get_int(lib->settings, "%s.syslog.%s.default", 1, - charon->name, facility); + lib->ns, facility); for (group = 0; group < DBG_MAX; group++) { sys_logger->set_level(sys_logger, group, lib->settings->get_int(lib->settings, "%s.syslog.%s.%N", def, - charon->name, facility, debug_lower_names, group)); + lib->ns, facility, debug_lower_names, group)); } charon->bus->add_logger(charon->bus, &sys_logger->logger); } @@ -318,25 +318,25 @@ static void load_file_logger(private_daemon_t *this, char *filename, char *time_format; time_format = lib->settings->get_str(lib->settings, - "%s.filelog.%s.time_format", NULL, charon->name, filename); + "%s.filelog.%s.time_format", NULL, lib->ns, filename); ike_name = lib->settings->get_bool(lib->settings, - "%s.filelog.%s.ike_name", FALSE, charon->name, filename); + "%s.filelog.%s.ike_name", FALSE, lib->ns, filename); flush_line = lib->settings->get_bool(lib->settings, - "%s.filelog.%s.flush_line", FALSE, charon->name, filename); + "%s.filelog.%s.flush_line", FALSE, lib->ns, filename); append = lib->settings->get_bool(lib->settings, - "%s.filelog.%s.append", TRUE, charon->name, filename); + "%s.filelog.%s.append", TRUE, lib->ns, filename); file_logger = add_file_logger(this, filename, current_loggers); file_logger->set_options(file_logger, time_format, ike_name); file_logger->open(file_logger, flush_line, append); def = lib->settings->get_int(lib->settings, "%s.filelog.%s.default", 1, - charon->name, filename); + lib->ns, filename); for (group = 0; group < DBG_MAX; group++) { file_logger->set_level(file_logger, group, lib->settings->get_int(lib->settings, "%s.filelog.%s.%N", def, - charon->name, filename, debug_lower_names, group)); + lib->ns, filename, debug_lower_names, group)); } charon->bus->add_logger(charon->bus, &file_logger->logger); } @@ -353,7 +353,7 @@ METHOD(daemon_t, load_loggers, void, current_loggers = this->loggers; this->loggers = linked_list_create(); enumerator = lib->settings->create_section_enumerator(lib->settings, - "%s.syslog", charon->name); + "%s.syslog", lib->ns); while (enumerator->enumerate(enumerator, &target)) { load_sys_logger(this, target, current_loggers); @@ -361,7 +361,7 @@ METHOD(daemon_t, load_loggers, void, enumerator->destroy(enumerator); enumerator = lib->settings->create_section_enumerator(lib->settings, - "%s.filelog", charon->name); + "%s.filelog", lib->ns); while (enumerator->enumerate(enumerator, &target)) { load_file_logger(this, target, current_loggers); @@ -473,7 +473,6 @@ static void destroy(private_daemon_t *this) DESTROY_IF(this->public.bus); this->loggers->destroy_function(this->loggers, (void*)logger_entry_destroy); this->mutex->destroy(this->mutex); - free((void*)this->public.name); free(this); } @@ -483,7 +482,7 @@ METHOD(daemon_t, start, void, /* start the engine, go multithreaded */ lib->processor->set_threads(lib->processor, lib->settings->get_int(lib->settings, "%s.threads", - DEFAULT_THREADS, charon->name)); + DEFAULT_THREADS, lib->ns)); } @@ -525,7 +524,7 @@ METHOD(daemon_t, initialize, bool, PLUGIN_DEPENDS(RNG, RNG_STRONG), PLUGIN_DEPENDS(CUSTOM, "socket"), }; - lib->plugins->add_static_features(lib->plugins, charon->name, features, + lib->plugins->add_static_features(lib->plugins, lib->ns, features, countof(features), TRUE); /* load plugins, further infrastructure may need it */ @@ -558,7 +557,7 @@ METHOD(daemon_t, initialize, bool, /** * Create the daemon. */ -private_daemon_t *daemon_create(const char *name) +private_daemon_t *daemon_create() { private_daemon_t *this; @@ -569,7 +568,6 @@ private_daemon_t *daemon_create(const char *name) .load_loggers = _load_loggers, .set_level = _set_level, .bus = bus_create(), - .name = strdup(name ?: "libcharon"), }, .loggers = linked_list_create(), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), @@ -607,7 +605,7 @@ void libcharon_deinit() /** * Described in header. */ -bool libcharon_init(const char *name) +bool libcharon_init() { private_daemon_t *this; @@ -618,7 +616,7 @@ bool libcharon_init(const char *name) return !this->integrity_failed; } - this = daemon_create(name); + this = daemon_create(); /* for uncritical pseudo random numbers */ srandom(time(NULL) + getpid()); diff --git a/src/libcharon/daemon.h b/src/libcharon/daemon.h index 24e623c44..36242bb04 100644 --- a/src/libcharon/daemon.h +++ b/src/libcharon/daemon.h @@ -272,11 +272,6 @@ struct daemon_t { #endif /* ME */ /** - * Name of the binary that uses the library (used for settings etc.) - */ - const char *name; - - /** * Initialize the daemon. * * @param plugins list of plugins to load @@ -324,12 +319,11 @@ extern daemon_t *charon; * calling initialize(). * * libcharon_init() may be called multiple times in a single process, but each - * caller should call libcharon_deinit() for each call to libcharon_init(). + * caller must call libcharon_deinit() for each call to libcharon_init(). * - * @param name name of the binary that uses the library * @return FALSE if integrity check failed */ -bool libcharon_init(const char *name); +bool libcharon_init(); /** * Deinitialize libcharon and destroy the "charon" instance of daemon_t. diff --git a/src/libcharon/encoding/payloads/notify_payload.c b/src/libcharon/encoding/payloads/notify_payload.c index f7a13d728..889ad6358 100644 --- a/src/libcharon/encoding/payloads/notify_payload.c +++ b/src/libcharon/encoding/payloads/notify_payload.c @@ -65,7 +65,7 @@ ENUM_NEXT(notify_type_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, CHILD_SA_NOT_ "ME_CONNECT_FAILED"); ENUM_NEXT(notify_type_names, MS_NOTIFY_STATUS, MS_NOTIFY_STATUS, ME_CONNECT_FAILED, "MS_NOTIFY_STATUS"); -ENUM_NEXT(notify_type_names, INITIAL_CONTACT, ERX_SUPPORTED, MS_NOTIFY_STATUS, +ENUM_NEXT(notify_type_names, INITIAL_CONTACT, IFOM_CAPABILITY, MS_NOTIFY_STATUS, "INITIAL_CONTACT", "SET_WINDOW_SIZE", "ADDITIONAL_TS_POSSIBLE", @@ -109,8 +109,9 @@ ENUM_NEXT(notify_type_names, INITIAL_CONTACT, ERX_SUPPORTED, MS_NOTIFY_STATUS, "SECURE PASSWORD_METHOD", "PSK_PERSIST", "PSK_CONFIRM", - "ERX_SUPPORTED"); -ENUM_NEXT(notify_type_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, ERX_SUPPORTED, + "ERX_SUPPORTED", + "IFOM_CAPABILITY"); +ENUM_NEXT(notify_type_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, IFOM_CAPABILITY, "INITIAL_CONTACT"); ENUM_NEXT(notify_type_names, DPD_R_U_THERE, DPD_R_U_THERE_ACK, INITIAL_CONTACT_IKEV1, "DPD_R_U_THERE", @@ -171,7 +172,7 @@ ENUM_NEXT(notify_type_short_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, CHILD_S "ME_CONN_FAIL"); ENUM_NEXT(notify_type_short_names, MS_NOTIFY_STATUS, MS_NOTIFY_STATUS, ME_CONNECT_FAILED, "MS_STATUS"); -ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, ERX_SUPPORTED, MS_NOTIFY_STATUS, +ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, IFOM_CAPABILITY, MS_NOTIFY_STATUS, "INIT_CONTACT", "SET_WINSIZE", "ADD_TS_POSS", @@ -215,8 +216,9 @@ ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, ERX_SUPPORTED, MS_NOTIFY_STA "SEC_PASSWD", "PSK_PST", "PSK_CFM", - "ERX_SUP"); -ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, ERX_SUPPORTED, + "ERX_SUP", + "IFOM_CAP"); +ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, IFOM_CAPABILITY, "INITIAL_CONTACT"); ENUM_NEXT(notify_type_short_names, DPD_R_U_THERE, DPD_R_U_THERE_ACK, INITIAL_CONTACT_IKEV1, "DPD", diff --git a/src/libcharon/encoding/payloads/notify_payload.h b/src/libcharon/encoding/payloads/notify_payload.h index 847fddc69..c67644a01 100644 --- a/src/libcharon/encoding/payloads/notify_payload.h +++ b/src/libcharon/encoding/payloads/notify_payload.h @@ -145,6 +145,8 @@ enum notify_type_t { PSK_CONFIRM = 16426, /* EAP Re-authentication Extension, RFC 6867 */ ERX_SUPPORTED = 16427, + /* IFOM capability, 3GPP TS 24.303, annex B.2 */ + IFOM_CAPABILITY = 16428, /* IKEv1 initial contact */ INITIAL_CONTACT_IKEV1 = 24578, /* IKEv1 DPD */ diff --git a/src/libcharon/network/receiver.c b/src/libcharon/network/receiver.c index 2209f1997..8dfb47b69 100644 --- a/src/libcharon/network/receiver.c +++ b/src/libcharon/network/receiver.c @@ -633,27 +633,27 @@ receiver_t *receiver_create() ); if (lib->settings->get_bool(lib->settings, - "%s.dos_protection", TRUE, charon->name)) + "%s.dos_protection", TRUE, lib->ns)) { this->cookie_threshold = lib->settings->get_int(lib->settings, - "%s.cookie_threshold", COOKIE_THRESHOLD_DEFAULT, charon->name); + "%s.cookie_threshold", COOKIE_THRESHOLD_DEFAULT, lib->ns); this->block_threshold = lib->settings->get_int(lib->settings, - "%s.block_threshold", BLOCK_THRESHOLD_DEFAULT, charon->name); + "%s.block_threshold", BLOCK_THRESHOLD_DEFAULT, lib->ns); } this->init_limit_job_load = lib->settings->get_int(lib->settings, - "%s.init_limit_job_load", 0, charon->name); + "%s.init_limit_job_load", 0, lib->ns); this->init_limit_half_open = lib->settings->get_int(lib->settings, - "%s.init_limit_half_open", 0, charon->name); + "%s.init_limit_half_open", 0, lib->ns); this->receive_delay = lib->settings->get_int(lib->settings, - "%s.receive_delay", 0, charon->name); + "%s.receive_delay", 0, lib->ns); this->receive_delay_type = lib->settings->get_int(lib->settings, - "%s.receive_delay_type", 0, charon->name), + "%s.receive_delay_type", 0, lib->ns), this->receive_delay_request = lib->settings->get_bool(lib->settings, - "%s.receive_delay_request", TRUE, charon->name), + "%s.receive_delay_request", TRUE, lib->ns), this->receive_delay_response = lib->settings->get_bool(lib->settings, - "%s.receive_delay_response", TRUE, charon->name), + "%s.receive_delay_response", TRUE, lib->ns), this->initiator_only = lib->settings->get_bool(lib->settings, - "%s.initiator_only", FALSE, charon->name), + "%s.initiator_only", FALSE, lib->ns), this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (!this->hasher) diff --git a/src/libcharon/network/sender.c b/src/libcharon/network/sender.c index dd8efc1ec..bed4f35ce 100644 --- a/src/libcharon/network/sender.c +++ b/src/libcharon/network/sender.c @@ -204,13 +204,13 @@ sender_t * sender_create() .got = condvar_create(CONDVAR_TYPE_DEFAULT), .sent = condvar_create(CONDVAR_TYPE_DEFAULT), .send_delay = lib->settings->get_int(lib->settings, - "%s.send_delay", 0, charon->name), + "%s.send_delay", 0, lib->ns), .send_delay_type = lib->settings->get_int(lib->settings, - "%s.send_delay_type", 0, charon->name), + "%s.send_delay_type", 0, lib->ns), .send_delay_request = lib->settings->get_bool(lib->settings, - "%s.send_delay_request", TRUE, charon->name), + "%s.send_delay_request", TRUE, lib->ns), .send_delay_response = lib->settings->get_bool(lib->settings, - "%s.send_delay_response", TRUE, charon->name), + "%s.send_delay_response", TRUE, lib->ns), ); lib->processor->queue_job(lib->processor, diff --git a/src/libcharon/plugins/addrblock/Makefile.in b/src/libcharon/plugins/addrblock/Makefile.in index 4a8150291..bc32b5ade 100644 --- a/src/libcharon/plugins/addrblock/Makefile.in +++ b/src/libcharon/plugins/addrblock/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/android_dns/Makefile.in b/src/libcharon/plugins/android_dns/Makefile.in index f2147f694..6278a6234 100644 --- a/src/libcharon/plugins/android_dns/Makefile.in +++ b/src/libcharon/plugins/android_dns/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/android_log/Makefile.in b/src/libcharon/plugins/android_log/Makefile.in index 7d8d12d3b..ae64a8758 100644 --- a/src/libcharon/plugins/android_log/Makefile.in +++ b/src/libcharon/plugins/android_log/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/android_log/android_log_logger.c b/src/libcharon/plugins/android_log/android_log_logger.c index 48bcaa577..99eb66bb1 100644 --- a/src/libcharon/plugins/android_log/android_log_logger.c +++ b/src/libcharon/plugins/android_log/android_log_logger.c @@ -100,7 +100,7 @@ android_log_logger_t *android_log_logger_create() }, .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .level = lib->settings->get_int(lib->settings, - "%s.plugins.android_log.loglevel", 1, charon->name), + "%s.plugins.android_log.loglevel", 1, lib->ns), ); return &this->public; diff --git a/src/libcharon/plugins/certexpire/Makefile.in b/src/libcharon/plugins/certexpire/Makefile.in index 8fcd0f19f..f812770f3 100644 --- a/src/libcharon/plugins/certexpire/Makefile.in +++ b/src/libcharon/plugins/certexpire/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/certexpire/certexpire_export.c b/src/libcharon/plugins/certexpire/certexpire_export.c index f1205cfd8..4aa84904b 100644 --- a/src/libcharon/plugins/certexpire/certexpire_export.c +++ b/src/libcharon/plugins/certexpire/certexpire_export.c @@ -430,31 +430,31 @@ certexpire_export_t *certexpire_export_create() (hashtable_equals_t)equals, 32), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .local_path = lib->settings->get_str(lib->settings, - "%s.plugins.certexpire.csv.local", - NULL, charon->name), + "%s.plugins.certexpire.csv.local", + NULL, lib->ns), .remote_path = lib->settings->get_str(lib->settings, - "%s.plugins.certexpire.csv.remote", - NULL, charon->name), + "%s.plugins.certexpire.csv.remote", + NULL, lib->ns), .separator = lib->settings->get_str(lib->settings, - "%s.plugins.certexpire.csv.separator", - ",", charon->name), + "%s.plugins.certexpire.csv.separator", + ",", lib->ns), .format = lib->settings->get_str(lib->settings, - "%s.plugins.certexpire.csv.format", - "%d:%m:%Y", charon->name), + "%s.plugins.certexpire.csv.format", + "%d:%m:%Y", lib->ns), .fixed_fields = lib->settings->get_bool(lib->settings, - "%s.plugins.certexpire.csv.fixed_fields", - TRUE, charon->name), + "%s.plugins.certexpire.csv.fixed_fields", + TRUE, lib->ns), .empty_string = lib->settings->get_str(lib->settings, - "%s.plugins.certexpire.csv.empty_string", - "", charon->name), + "%s.plugins.certexpire.csv.empty_string", + "", lib->ns), .force = lib->settings->get_bool(lib->settings, - "%s.plugins.certexpire.csv.force", - TRUE, charon->name), + "%s.plugins.certexpire.csv.force", + TRUE, lib->ns), ); cron = lib->settings->get_str(lib->settings, "%s.plugins.certexpire.csv.cron", - NULL, charon->name); + NULL, lib->ns); if (cron) { this->cron = certexpire_cron_create(cron, diff --git a/src/libcharon/plugins/coupling/Makefile.in b/src/libcharon/plugins/coupling/Makefile.in index 48492595d..d8eb802b7 100644 --- a/src/libcharon/plugins/coupling/Makefile.in +++ b/src/libcharon/plugins/coupling/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/coupling/coupling_validator.c b/src/libcharon/plugins/coupling/coupling_validator.c index 958bd2b6d..fc35462e3 100644 --- a/src/libcharon/plugins/coupling/coupling_validator.c +++ b/src/libcharon/plugins/coupling/coupling_validator.c @@ -214,12 +214,11 @@ coupling_validator_t *coupling_validator_create() .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .max_couplings = lib->settings->get_int(lib->settings, "%s.plugins.coupling.max", 1, - charon->name), + lib->ns), ); hash = lib->settings->get_str(lib->settings, - "%s.plugins.coupling.hash", "sha1", - charon->name); + "%s.plugins.coupling.hash", "sha1", lib->ns); this->hasher = lib->crypto->create_hasher(lib->crypto, enum_from_name(hash_algorithm_short_names, hash)); if (!this->hasher) @@ -230,8 +229,7 @@ coupling_validator_t *coupling_validator_create() } path = lib->settings->get_str(lib->settings, - "%s.plugins.coupling.file", NULL, - charon->name); + "%s.plugins.coupling.file", NULL, lib->ns); if (!path) { DBG1(DBG_CFG, "coupling file path unspecified"); diff --git a/src/libcharon/plugins/dhcp/Makefile.in b/src/libcharon/plugins/dhcp/Makefile.in index 4a2ebe7f4..395cd76ea 100644 --- a/src/libcharon/plugins/dhcp/Makefile.in +++ b/src/libcharon/plugins/dhcp/Makefile.in @@ -216,8 +216,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/dhcp/dhcp_socket.c b/src/libcharon/plugins/dhcp/dhcp_socket.c index 044c8a819..b8c1b4059 100644 --- a/src/libcharon/plugins/dhcp/dhcp_socket.c +++ b/src/libcharon/plugins/dhcp/dhcp_socket.c @@ -643,6 +643,28 @@ METHOD(dhcp_socket_t, destroy, void, } /** + * Bind a socket to a particular interface name + */ +static bool bind_to_device(int fd, char *iface) +{ + struct ifreq ifreq; + + if (strlen(iface) > sizeof(ifreq.ifr_name)) + { + DBG1(DBG_CFG, "name for DHCP interface too long: '%s'", iface); + return FALSE; + } + memcpy(ifreq.ifr_name, iface, sizeof(ifreq.ifr_name)); + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, &ifreq, sizeof(ifreq))) + { + DBG1(DBG_CFG, "binding DHCP socket to '%s' failed: %s", + iface, strerror(errno)); + return FALSE; + } + return TRUE; +} + +/** * See header */ dhcp_socket_t *dhcp_socket_create() @@ -655,6 +677,7 @@ dhcp_socket_t *dhcp_socket_create() .s_addr = INADDR_ANY, }, }; + char *iface; int on = 1; struct sock_filter dhcp_filter_code[] = { BPF_STMT(BPF_LD+BPF_B+BPF_ABS, @@ -711,13 +734,15 @@ dhcp_socket_t *dhcp_socket_create() } this->identity_lease = lib->settings->get_bool(lib->settings, "%s.plugins.dhcp.identity_lease", FALSE, - charon->name); + lib->ns); this->force_dst = lib->settings->get_str(lib->settings, "%s.plugins.dhcp.force_server_address", FALSE, - charon->name); + lib->ns); this->dst = host_create_from_string(lib->settings->get_str(lib->settings, "%s.plugins.dhcp.server", "255.255.255.255", - charon->name), DHCP_SERVER_PORT); + lib->ns), DHCP_SERVER_PORT); + iface = lib->settings->get_str(lib->settings, "%s.plugins.dhcp.interface", + NULL, lib->ns); if (!this->dst) { DBG1(DBG_CFG, "configured DHCP server address invalid"); @@ -766,6 +791,15 @@ dhcp_socket_t *dhcp_socket_create() destroy(this); return NULL; } + if (iface) + { + if (!bind_to_device(this->send, iface) || + !bind_to_device(this->receive, iface)) + { + destroy(this); + return NULL; + } + } lib->watcher->add(lib->watcher, this->receive, WATCHER_READ, (watcher_cb_t)receive_dhcp, this); diff --git a/src/libcharon/plugins/dnscert/Makefile.in b/src/libcharon/plugins/dnscert/Makefile.in index c9222c202..4be453ea8 100644 --- a/src/libcharon/plugins/dnscert/Makefile.in +++ b/src/libcharon/plugins/dnscert/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/dnscert/dnscert_plugin.c b/src/libcharon/plugins/dnscert/dnscert_plugin.c index 713bc9e3b..1b93480cf 100644 --- a/src/libcharon/plugins/dnscert/dnscert_plugin.c +++ b/src/libcharon/plugins/dnscert/dnscert_plugin.c @@ -74,7 +74,7 @@ METHOD(plugin_t, reload, bool, private_dnscert_plugin_t *this) { bool enabled = lib->settings->get_bool(lib->settings, - "%s.plugins.dnscert.enable", FALSE, charon->name); + "%s.plugins.dnscert.enable", FALSE, lib->ns); if (enabled != this->enabled) { diff --git a/src/libcharon/plugins/duplicheck/Makefile.in b/src/libcharon/plugins/duplicheck/Makefile.in index bac7d846f..e9da68ee8 100644 --- a/src/libcharon/plugins/duplicheck/Makefile.in +++ b/src/libcharon/plugins/duplicheck/Makefile.in @@ -225,8 +225,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -294,6 +292,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -382,12 +385,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -402,6 +409,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/duplicheck/duplicheck_notify.c b/src/libcharon/plugins/duplicheck/duplicheck_notify.c index e3a4e17b7..f77b48b09 100644 --- a/src/libcharon/plugins/duplicheck/duplicheck_notify.c +++ b/src/libcharon/plugins/duplicheck/duplicheck_notify.c @@ -130,7 +130,7 @@ duplicheck_notify_t *duplicheck_notify_create() uri = lib->settings->get_str(lib->settings, "%s.plugins.duplicheck.socket", "unix://" DUPLICHECK_SOCKET, - charon->name); + lib->ns); this->service = lib->streams->create_service(lib->streams, uri, 3); if (!this->service) { diff --git a/src/libcharon/plugins/duplicheck/duplicheck_plugin.c b/src/libcharon/plugins/duplicheck/duplicheck_plugin.c index 4d018dbef..689c795d8 100644 --- a/src/libcharon/plugins/duplicheck/duplicheck_plugin.c +++ b/src/libcharon/plugins/duplicheck/duplicheck_plugin.c @@ -93,7 +93,7 @@ plugin_t *duplicheck_plugin_create() private_duplicheck_plugin_t *this; if (!lib->settings->get_bool(lib->settings, - "%s.plugins.duplicheck.enable", TRUE, charon->name)) + "%s.plugins.duplicheck.enable", TRUE, lib->ns)) { return NULL; } diff --git a/src/libcharon/plugins/eap_aka/Makefile.in b/src/libcharon/plugins/eap_aka/Makefile.in index 139ce1483..67cf66720 100644 --- a/src/libcharon/plugins/eap_aka/Makefile.in +++ b/src/libcharon/plugins/eap_aka/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_aka/eap_aka_server.c b/src/libcharon/plugins/eap_aka/eap_aka_server.c index b7608382d..eba7af874 100644 --- a/src/libcharon/plugins/eap_aka/eap_aka_server.c +++ b/src/libcharon/plugins/eap_aka/eap_aka_server.c @@ -721,7 +721,7 @@ eap_aka_server_t *eap_aka_server_create(identification_t *server, this->permanent = peer->clone(peer); this->use_reauth = this->use_pseudonym = this->use_permanent = lib->settings->get_bool(lib->settings, - "%s.plugins.eap-aka.request_identity", TRUE, charon->name); + "%s.plugins.eap-aka.request_identity", TRUE, lib->ns); /* generate a non-zero identifier */ do { diff --git a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in index 9fb9ef709..7d6ae956c 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in +++ b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c index 1bfc39e5a..a71dae78a 100644 --- a/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c +++ b/src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_card.c @@ -177,7 +177,7 @@ eap_aka_3gpp2_card_t *eap_aka_3gpp2_card_create(eap_aka_3gpp2_functions_t *f) #else /* !SEQ_CHECK */ FALSE, #endif /* SEQ_CHECK */ - charon->name), + lib->ns), ); eap_aka_3gpp2_get_sqn(this->sqn, 0); diff --git a/src/libcharon/plugins/eap_dynamic/Makefile.in b/src/libcharon/plugins/eap_dynamic/Makefile.in index 61a9da187..6ff0acb32 100644 --- a/src/libcharon/plugins/eap_dynamic/Makefile.in +++ b/src/libcharon/plugins/eap_dynamic/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_dynamic/eap_dynamic.c b/src/libcharon/plugins/eap_dynamic/eap_dynamic.c index d24cbd128..3216446af 100644 --- a/src/libcharon/plugins/eap_dynamic/eap_dynamic.c +++ b/src/libcharon/plugins/eap_dynamic/eap_dynamic.c @@ -377,14 +377,14 @@ eap_dynamic_t *eap_dynamic_create(identification_t *server, .server = server->clone(server), .types = linked_list_create(), .prefer_peer = lib->settings->get_bool(lib->settings, - "%s.plugins.eap-dynamic.prefer_peer", FALSE, charon->name), + "%s.plugins.eap-dynamic.prefer_peer", FALSE, lib->ns), ); /* get all supported EAP methods */ get_supported_eap_types(this); /* move preferred methods to the front */ preferred = lib->settings->get_str(lib->settings, - "%s.plugins.eap-dynamic.preferred", NULL, charon->name); + "%s.plugins.eap-dynamic.preferred", NULL, lib->ns); if (preferred) { handle_preferred_eap_types(this, preferred); diff --git a/src/libcharon/plugins/eap_gtc/Makefile.in b/src/libcharon/plugins/eap_gtc/Makefile.in index c48d95527..99ae94e37 100644 --- a/src/libcharon/plugins/eap_gtc/Makefile.in +++ b/src/libcharon/plugins/eap_gtc/Makefile.in @@ -217,8 +217,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_gtc/eap_gtc.c b/src/libcharon/plugins/eap_gtc/eap_gtc.c index 2f64f325c..e751b51b6 100644 --- a/src/libcharon/plugins/eap_gtc/eap_gtc.c +++ b/src/libcharon/plugins/eap_gtc/eap_gtc.c @@ -149,7 +149,7 @@ METHOD(eap_method_t, process_server, status_t, /* get XAuth backend to use for credential verification. Default to PAM * to support legacy EAP-GTC configurations */ backend = lib->settings->get_str(lib->settings, - "%s.plugins.eap-gtc.backend", "pam", charon->name); + "%s.plugins.eap-gtc.backend", "pam", lib->ns); xauth = charon->xauth->create_instance(charon->xauth, backend, XAUTH_SERVER, this->server, this->peer); if (!xauth) diff --git a/src/libcharon/plugins/eap_identity/Makefile.in b/src/libcharon/plugins/eap_identity/Makefile.in index 01fbe22a5..688879a82 100644 --- a/src/libcharon/plugins/eap_identity/Makefile.in +++ b/src/libcharon/plugins/eap_identity/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_md5/Makefile.in b/src/libcharon/plugins/eap_md5/Makefile.in index 6ae97da15..150b131f0 100644 --- a/src/libcharon/plugins/eap_md5/Makefile.in +++ b/src/libcharon/plugins/eap_md5/Makefile.in @@ -217,8 +217,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_mschapv2/Makefile.in b/src/libcharon/plugins/eap_mschapv2/Makefile.in index bdc6a9d1d..d52f26a9a 100644 --- a/src/libcharon/plugins/eap_mschapv2/Makefile.in +++ b/src/libcharon/plugins/eap_mschapv2/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_peap/Makefile.in b/src/libcharon/plugins/eap_peap/Makefile.in index 35ec4db8b..7ac4a6edf 100644 --- a/src/libcharon/plugins/eap_peap/Makefile.in +++ b/src/libcharon/plugins/eap_peap/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_peap/eap_peap.c b/src/libcharon/plugins/eap_peap/eap_peap.c index 8aba703c5..c24dd578c 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap.c +++ b/src/libcharon/plugins/eap_peap/eap_peap.c @@ -157,18 +157,18 @@ static eap_peap_t *eap_peap_create(private_eap_peap_t * this, if (is_server && !lib->settings->get_bool(lib->settings, "%s.plugins.eap-peap.request_peer_auth", FALSE, - charon->name)) + lib->ns)) { peer = NULL; } frag_size = lib->settings->get_int(lib->settings, "%s.plugins.eap-peap.fragment_size", MAX_FRAGMENT_LEN, - charon->name); + lib->ns); max_msg_count = lib->settings->get_int(lib->settings, "%s.plugins.eap-peap.max_message_count", MAX_MESSAGE_COUNT, - charon->name); + lib->ns); include_length = lib->settings->get_bool(lib->settings, - "%s.plugins.eap-peap.include_length", FALSE, charon->name); + "%s.plugins.eap-peap.include_length", FALSE, lib->ns); tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_PEAP, application, NULL); this->tls_eap = tls_eap_create(EAP_PEAP, tls, frag_size, max_msg_count, diff --git a/src/libcharon/plugins/eap_peap/eap_peap_server.c b/src/libcharon/plugins/eap_peap/eap_peap_server.c index 5237cb62c..33b01e95e 100644 --- a/src/libcharon/plugins/eap_peap/eap_peap_server.c +++ b/src/libcharon/plugins/eap_peap/eap_peap_server.c @@ -92,7 +92,7 @@ static status_t start_phase2_auth(private_eap_peap_server_t *this) eap_type_str = lib->settings->get_str(lib->settings, "%s.plugins.eap-peap.phase2_method", "mschapv2", - charon->name); + lib->ns); type = eap_type_from_string(eap_type_str); if (type == 0) { @@ -129,7 +129,7 @@ static status_t start_phase2_auth(private_eap_peap_server_t *this) static status_t start_phase2_tnc(private_eap_peap_server_t *this) { if (this->start_phase2_tnc && lib->settings->get_bool(lib->settings, - "%s.plugins.eap-peap.phase2_tnc", FALSE, charon->name)) + "%s.plugins.eap-peap.phase2_tnc", FALSE, lib->ns)) { DBG1(DBG_IKE, "phase2 method %N selected", eap_type_names, EAP_TNC); this->ph2_method = charon->eap->create_instance(charon->eap, EAP_TNC, @@ -274,7 +274,7 @@ METHOD(tls_application_t, process, status_t, /* Start Phase 2 of EAP-PEAP authentication */ if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-peap.request_peer_auth", FALSE, charon->name)) + "%s.plugins.eap-peap.request_peer_auth", FALSE, lib->ns)) { return start_phase2_tnc(this); } @@ -425,7 +425,7 @@ eap_peap_server_t *eap_peap_server_create(identification_t *server, .start_phase2_tnc = TRUE, .start_phase2_id = lib->settings->get_bool(lib->settings, "%s.plugins.eap-peap.phase2_piggyback", - FALSE, charon->name), + FALSE, lib->ns), .phase2_result = EAP_FAILURE, .avp = eap_peap_avp_create(TRUE), ); diff --git a/src/libcharon/plugins/eap_radius/Makefile.in b/src/libcharon/plugins/eap_radius/Makefile.in index 3064ceadb..3e2bf046d 100644 --- a/src/libcharon/plugins/eap_radius/Makefile.in +++ b/src/libcharon/plugins/eap_radius/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_radius/eap_radius.c b/src/libcharon/plugins/eap_radius/eap_radius.c index 6087a528f..6719497d3 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius.c +++ b/src/libcharon/plugins/eap_radius/eap_radius.c @@ -188,7 +188,7 @@ void eap_radius_build_attributes(radius_message_t *request) } if (lib->settings->get_bool(lib->settings, "%s.plugins.eap-radius.station_id_with_port", - TRUE, charon->name)) + TRUE, lib->ns)) { station_id_fmt = "%#H"; } @@ -573,12 +573,12 @@ static void process_cfg_attributes(radius_message_t *msg) void eap_radius_process_attributes(radius_message_t *message) { if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-radius.class_group", FALSE, charon->name)) + "%s.plugins.eap-radius.class_group", FALSE, lib->ns)) { process_class(message); } if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-radius.filter_id", FALSE, charon->name)) + "%s.plugins.eap-radius.filter_id", FALSE, lib->ns)) { process_filter_id(message); } @@ -720,10 +720,10 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer .type = EAP_RADIUS, .eap_start = lib->settings->get_bool(lib->settings, "%s.plugins.eap-radius.eap_start", FALSE, - charon->name), + lib->ns), .id_prefix = lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.id_prefix", "", - charon->name), + lib->ns), ); this->client = eap_radius_create_client(); if (!this->client) diff --git a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c index afb661e19..8c780e78d 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c @@ -712,7 +712,7 @@ eap_radius_accounting_t *eap_radius_accounting_create() .mutex = mutex_create(MUTEX_TYPE_DEFAULT), ); if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-radius.station_id_with_port", TRUE, charon->name)) + "%s.plugins.eap-radius.station_id_with_port", TRUE, lib->ns)) { this->station_id_fmt = "%#H"; } @@ -721,14 +721,14 @@ eap_radius_accounting_t *eap_radius_accounting_create() this->station_id_fmt = "%H"; } if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-radius.accounting", FALSE, charon->name)) + "%s.plugins.eap-radius.accounting", FALSE, lib->ns)) { singleton = this; charon->bus->add_listener(charon->bus, &this->public.listener); } this->acct_req_vip = lib->settings->get_bool(lib->settings, "%s.plugins.eap-radius.accounting_requires_vip", - FALSE, charon->name); + FALSE, lib->ns); return &this->public; } diff --git a/src/libcharon/plugins/eap_radius/eap_radius_dae.c b/src/libcharon/plugins/eap_radius/eap_radius_dae.c index f22ddc56f..a0bf99efd 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_dae.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_dae.c @@ -452,11 +452,11 @@ static bool open_socket(private_eap_radius_dae_t *this) host = host_create_from_string( lib->settings->get_str(lib->settings, - "%s.plugins.eap-radius.dae.listen", "0.0.0.0", - charon->name), + "%s.plugins.eap-radius.dae.listen", "0.0.0.0", + lib->ns), lib->settings->get_int(lib->settings, - "%s.plugins.eap-radius.dae.port", RADIUS_DAE_PORT, - charon->name)); + "%s.plugins.eap-radius.dae.port", RADIUS_DAE_PORT, + lib->ns)); if (!host) { DBG1(DBG_CFG, "invalid RADIUS DAE listen address"); @@ -504,7 +504,7 @@ eap_radius_dae_t *eap_radius_dae_create(eap_radius_accounting_t *accounting) .secret = { .ptr = lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.dae.secret", NULL, - charon->name), + lib->ns), }, .hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5), .signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_MD5_128), diff --git a/src/libcharon/plugins/eap_radius/eap_radius_forward.c b/src/libcharon/plugins/eap_radius/eap_radius_forward.c index 3e80e8918..b873e1d69 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_forward.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_forward.c @@ -438,10 +438,10 @@ eap_radius_forward_t *eap_radius_forward_create() }, .from_attr = parse_selector(lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.forward.ike_to_radius", "", - charon->name)), + lib->ns)), .to_attr = parse_selector(lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.forward.radius_to_ike", "", - charon->name)), + lib->ns)), .from = hashtable_create((hashtable_hash_t)hash, (hashtable_equals_t)equals, 8), .to = hashtable_create((hashtable_hash_t)hash, diff --git a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c index 90a4ef6de..1a48c07e5 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c @@ -100,23 +100,23 @@ static void load_configs(private_eap_radius_plugin_t *this) int auth_port, acct_port, sockets, preference; address = lib->settings->get_str(lib->settings, - "%s.plugins.eap-radius.server", NULL, charon->name); + "%s.plugins.eap-radius.server", NULL, lib->ns); if (address) { /* legacy configuration */ secret = lib->settings->get_str(lib->settings, - "%s.plugins.eap-radius.secret", NULL, charon->name); + "%s.plugins.eap-radius.secret", NULL, lib->ns); if (!secret) { DBG1(DBG_CFG, "no RADIUS secret defined"); return; } nas_identifier = lib->settings->get_str(lib->settings, - "%s.plugins.eap-radius.nas_identifier", "strongSwan", - charon->name); + "%s.plugins.eap-radius.nas_identifier", "strongSwan", + lib->ns); auth_port = lib->settings->get_int(lib->settings, - "%s.plugins.eap-radius.port", AUTH_PORT, charon->name); + "%s.plugins.eap-radius.port", AUTH_PORT, lib->ns); sockets = lib->settings->get_int(lib->settings, - "%s.plugins.eap-radius.sockets", 1, charon->name); + "%s.plugins.eap-radius.sockets", 1, lib->ns); config = radius_config_create(address, address, auth_port, ACCT_PORT, nas_identifier, secret, sockets, 0); if (!config) @@ -129,12 +129,12 @@ static void load_configs(private_eap_radius_plugin_t *this) } enumerator = lib->settings->create_section_enumerator(lib->settings, - "%s.plugins.eap-radius.servers", charon->name); + "%s.plugins.eap-radius.servers", lib->ns); while (enumerator->enumerate(enumerator, §ion)) { address = lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.servers.%s.address", NULL, - charon->name, section); + lib->ns, section); if (!address) { DBG1(DBG_CFG, "RADIUS server '%s' misses address, skipped", section); @@ -142,7 +142,7 @@ static void load_configs(private_eap_radius_plugin_t *this) } secret = lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.servers.%s.secret", NULL, - charon->name, section); + lib->ns, section); if (!secret) { DBG1(DBG_CFG, "RADIUS server '%s' misses secret, skipped", section); @@ -150,22 +150,22 @@ static void load_configs(private_eap_radius_plugin_t *this) } nas_identifier = lib->settings->get_str(lib->settings, "%s.plugins.eap-radius.servers.%s.nas_identifier", "strongSwan", - charon->name, section); + lib->ns, section); auth_port = lib->settings->get_int(lib->settings, "%s.plugins.eap-radius.servers.%s.auth_port", lib->settings->get_int(lib->settings, "%s.plugins.eap-radius.servers.%s.port", - AUTH_PORT, charon->name, section), - charon->name, section); + AUTH_PORT, lib->ns, section), + lib->ns, section); acct_port = lib->settings->get_int(lib->settings, "%s.plugins.eap-radius.servers.%s.acct_port", ACCT_PORT, - charon->name, section); + lib->ns, section); sockets = lib->settings->get_int(lib->settings, "%s.plugins.eap-radius.servers.%s.sockets", 1, - charon->name, section); + lib->ns, section); preference = lib->settings->get_int(lib->settings, "%s.plugins.eap-radius.servers.%s.preference", 0, - charon->name, section); + lib->ns, section); config = radius_config_create(section, address, auth_port, acct_port, nas_identifier, secret, sockets, preference); if (!config) @@ -203,7 +203,7 @@ static bool plugin_cb(private_eap_radius_plugin_t *this, load_configs(this); if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-radius.dae.enable", FALSE, charon->name)) + "%s.plugins.eap-radius.dae.enable", FALSE, lib->ns)) { this->dae = eap_radius_dae_create(this->accounting); } @@ -368,7 +368,7 @@ void eap_radius_handle_timeout(ike_sa_id_t *id) if (lib->settings->get_bool(lib->settings, "%s.plugins.eap-radius.close_all_on_timeout", - FALSE, charon->name)) + FALSE, lib->ns)) { DBG1(DBG_CFG, "deleting all IKE_SAs after RADIUS timeout"); lib->processor->queue_job(lib->processor, diff --git a/src/libcharon/plugins/eap_radius/eap_radius_xauth.c b/src/libcharon/plugins/eap_radius/eap_radius_xauth.c index e66bbf38f..d00f6bb2c 100644 --- a/src/libcharon/plugins/eap_radius/eap_radius_xauth.c +++ b/src/libcharon/plugins/eap_radius/eap_radius_xauth.c @@ -256,7 +256,7 @@ static bool parse_rounds(private_eap_radius_xauth_t *this, char *profile) } enumerator = lib->settings->create_key_value_enumerator(lib->settings, - "%s.plugins.eap-radius.xauth.%s", charon->name, profile); + "%s.plugins.eap-radius.xauth.%s", lib->ns, profile); while (enumerator->enumerate(enumerator, &type, &message)) { bool invalid = TRUE; diff --git a/src/libcharon/plugins/eap_sim/Makefile.in b/src/libcharon/plugins/eap_sim/Makefile.in index c9d80681a..3707f64f3 100644 --- a/src/libcharon/plugins/eap_sim/Makefile.in +++ b/src/libcharon/plugins/eap_sim/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_sim/eap_sim_server.c b/src/libcharon/plugins/eap_sim/eap_sim_server.c index 334e2df1d..f22266bda 100644 --- a/src/libcharon/plugins/eap_sim/eap_sim_server.c +++ b/src/libcharon/plugins/eap_sim/eap_sim_server.c @@ -635,7 +635,7 @@ eap_sim_server_t *eap_sim_server_create(identification_t *server, this->use_reauth = this->use_pseudonym = this->use_permanent = lib->settings->get_bool(lib->settings, "%s.plugins.eap-sim.request_identity", TRUE, - charon->name); + lib->ns); /* generate a non-zero identifier */ do { diff --git a/src/libcharon/plugins/eap_sim_file/Makefile.in b/src/libcharon/plugins/eap_sim_file/Makefile.in index 39995495e..05bbc3129 100644 --- a/src/libcharon/plugins/eap_sim_file/Makefile.in +++ b/src/libcharon/plugins/eap_sim_file/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_sim_pcsc/Makefile.in b/src/libcharon/plugins/eap_sim_pcsc/Makefile.in index 2723f4059..a22a5c355 100644 --- a/src/libcharon/plugins/eap_sim_pcsc/Makefile.in +++ b/src/libcharon/plugins/eap_sim_pcsc/Makefile.in @@ -221,8 +221,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -290,6 +288,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -378,12 +381,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -398,6 +405,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in b/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in index 27a9f0c09..189baacbc 100644 --- a/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in +++ b/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in @@ -221,8 +221,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -290,6 +288,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -378,12 +381,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -398,6 +405,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in index 5c136cec4..33443a1d2 100644 --- a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in +++ b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_simaka_sql/Makefile.in b/src/libcharon/plugins/eap_simaka_sql/Makefile.in index 86cf3a752..02cf1532c 100644 --- a/src/libcharon/plugins/eap_simaka_sql/Makefile.in +++ b/src/libcharon/plugins/eap_simaka_sql/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_simaka_sql/eap_simaka_sql_plugin.c b/src/libcharon/plugins/eap_simaka_sql/eap_simaka_sql_plugin.c index 6bcc58e66..176321833 100644 --- a/src/libcharon/plugins/eap_simaka_sql/eap_simaka_sql_plugin.c +++ b/src/libcharon/plugins/eap_simaka_sql/eap_simaka_sql_plugin.c @@ -66,7 +66,7 @@ static bool load_db(private_eap_simaka_sql_t *this, uri = lib->settings->get_str(lib->settings, "%s.plugins.eap-simaka-sql.database", NULL, - charon->name); + lib->ns); if (!uri) { DBG1(DBG_CFG, "eap-simaka-sql database URI missing"); @@ -80,7 +80,7 @@ static bool load_db(private_eap_simaka_sql_t *this, } remove_used = lib->settings->get_bool(lib->settings, "%s.plugins.eap-simaka-sql.remove_used", FALSE, - charon->name); + lib->ns); this->provider = eap_simaka_sql_provider_create(this->db, remove_used); this->card = eap_simaka_sql_card_create(this->db, remove_used); diff --git a/src/libcharon/plugins/eap_tls/Makefile.in b/src/libcharon/plugins/eap_tls/Makefile.in index 7be65990c..ec189f895 100644 --- a/src/libcharon/plugins/eap_tls/Makefile.in +++ b/src/libcharon/plugins/eap_tls/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_tls/eap_tls.c b/src/libcharon/plugins/eap_tls/eap_tls.c index 48e38755d..dffbaf266 100644 --- a/src/libcharon/plugins/eap_tls/eap_tls.c +++ b/src/libcharon/plugins/eap_tls/eap_tls.c @@ -145,12 +145,12 @@ static eap_tls_t *eap_tls_create(identification_t *server, frag_size = lib->settings->get_int(lib->settings, "%s.plugins.eap-tls.fragment_size", MAX_FRAGMENT_LEN, - charon->name); + lib->ns); max_msg_count = lib->settings->get_int(lib->settings, "%s.plugins.eap-tls.max_message_count", MAX_MESSAGE_COUNT, - charon->name); + lib->ns); include_length = lib->settings->get_bool(lib->settings, - "%s.plugins.eap-tls.include_length", TRUE, charon->name); + "%s.plugins.eap-tls.include_length", TRUE, lib->ns); tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TLS, NULL, NULL); this->tls_eap = tls_eap_create(EAP_TLS, tls, frag_size, max_msg_count, include_length); diff --git a/src/libcharon/plugins/eap_tnc/Makefile.in b/src/libcharon/plugins/eap_tnc/Makefile.in index e482a7148..6d4ff8756 100644 --- a/src/libcharon/plugins/eap_tnc/Makefile.in +++ b/src/libcharon/plugins/eap_tnc/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc.c b/src/libcharon/plugins/eap_tnc/eap_tnc.c index f9ab74258..2147c0482 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc.c +++ b/src/libcharon/plugins/eap_tnc/eap_tnc.c @@ -273,10 +273,10 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, ); max_msg_count = lib->settings->get_int(lib->settings, - "%s.plugins.eap-tnc.max_message_count", - EAP_TNC_MAX_MESSAGE_COUNT, charon->name); + "%s.plugins.eap-tnc.max_message_count", + EAP_TNC_MAX_MESSAGE_COUNT, lib->ns); protocol = lib->settings->get_str(lib->settings, - "%s.plugins.eap-tnc.protocol", "tnccs-1.1", charon->name); + "%s.plugins.eap-tnc.protocol", "tnccs-1.1", lib->ns); if (strcaseeq(protocol, "tnccs-2.0")) { type = TNCCS_2_0; diff --git a/src/libcharon/plugins/eap_ttls/Makefile.in b/src/libcharon/plugins/eap_ttls/Makefile.in index a774ad609..a22b1e220 100644 --- a/src/libcharon/plugins/eap_ttls/Makefile.in +++ b/src/libcharon/plugins/eap_ttls/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c index ebd1c5479..703cd3f29 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c @@ -147,18 +147,18 @@ static eap_ttls_t *eap_ttls_create(identification_t *server, ); if (is_server && !lib->settings->get_bool(lib->settings, "%s.plugins.eap-ttls.request_peer_auth", FALSE, - charon->name)) + lib->ns)) { peer = NULL; } frag_size = lib->settings->get_int(lib->settings, "%s.plugins.eap-ttls.fragment_size", MAX_FRAGMENT_LEN, - charon->name); + lib->ns); max_msg_count = lib->settings->get_int(lib->settings, "%s.plugins.eap-ttls.max_message_count", MAX_MESSAGE_COUNT, - charon->name); + lib->ns); include_length = lib->settings->get_bool(lib->settings, - "%s.plugins.eap-ttls.include_length", TRUE, charon->name); + "%s.plugins.eap-ttls.include_length", TRUE, lib->ns); tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TTLS, application, NULL); this->tls_eap = tls_eap_create(EAP_TTLS, tls, frag_size, max_msg_count, diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_server.c b/src/libcharon/plugins/eap_ttls/eap_ttls_server.c index eef8d6682..88c2b88c6 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls_server.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls_server.c @@ -80,7 +80,7 @@ static status_t start_phase2_auth(private_eap_ttls_server_t *this) eap_type_str = lib->settings->get_str(lib->settings, "%s.plugins.eap-ttls.phase2_method", "md5", - charon->name); + lib->ns); type = eap_type_from_string(eap_type_str); if (type == 0) { @@ -115,7 +115,7 @@ static status_t start_phase2_tnc(private_eap_ttls_server_t *this, eap_inner_method_t *inner_method; if (this->start_phase2_tnc && lib->settings->get_bool(lib->settings, - "%s.plugins.eap-ttls.phase2_tnc", FALSE, charon->name)) + "%s.plugins.eap-ttls.phase2_tnc", FALSE, lib->ns)) { DBG1(DBG_IKE, "phase2 method %N selected", eap_type_names, EAP_TNC); this->method = charon->eap->create_instance(charon->eap, EAP_TNC, @@ -242,7 +242,7 @@ METHOD(tls_application_t, process, status_t, /* Start Phase 2 of EAP-TTLS authentication */ if (lib->settings->get_bool(lib->settings, - "%s.plugins.eap-ttls.request_peer_auth", FALSE, charon->name)) + "%s.plugins.eap-ttls.request_peer_auth", FALSE, lib->ns)) { return start_phase2_tnc(this, EAP_TLS); } @@ -301,7 +301,7 @@ METHOD(tls_application_t, build, status_t, if (this->method == NULL && this->start_phase2 && lib->settings->get_bool(lib->settings, - "%s.plugins.eap-ttls.phase2_piggyback", FALSE, charon->name)) + "%s.plugins.eap-ttls.phase2_piggyback", FALSE, lib->ns)) { /* generate an EAP Identity request which will be piggybacked right * onto the TLS Finished message thus initiating EAP-TTLS phase2 diff --git a/src/libcharon/plugins/error_notify/Makefile.in b/src/libcharon/plugins/error_notify/Makefile.in index ad8aba11e..d8a135cc1 100644 --- a/src/libcharon/plugins/error_notify/Makefile.in +++ b/src/libcharon/plugins/error_notify/Makefile.in @@ -226,8 +226,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -295,6 +293,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -383,12 +386,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -403,6 +410,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/error_notify/error_notify_socket.c b/src/libcharon/plugins/error_notify/error_notify_socket.c index aafd0a4cd..959c4c67d 100644 --- a/src/libcharon/plugins/error_notify/error_notify_socket.c +++ b/src/libcharon/plugins/error_notify/error_notify_socket.c @@ -142,7 +142,7 @@ error_notify_socket_t *error_notify_socket_create() uri = lib->settings->get_str(lib->settings, "%s.plugins.error-notify.socket", "unix://" ERROR_NOTIFY_SOCKET, - charon->name); + lib->ns); this->service = lib->streams->create_service(lib->streams, uri, 10); if (!this->service) { diff --git a/src/libcharon/plugins/farp/Makefile.in b/src/libcharon/plugins/farp/Makefile.in index 4d2a32e6f..60c55f01e 100644 --- a/src/libcharon/plugins/farp/Makefile.in +++ b/src/libcharon/plugins/farp/Makefile.in @@ -216,8 +216,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/ha/Makefile.in b/src/libcharon/plugins/ha/Makefile.in index 9948ab3db..2f3263064 100644 --- a/src/libcharon/plugins/ha/Makefile.in +++ b/src/libcharon/plugins/ha/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/ha/ha_attribute.c b/src/libcharon/plugins/ha/ha_attribute.c index d26c38325..dd55fae8b 100644 --- a/src/libcharon/plugins/ha/ha_attribute.c +++ b/src/libcharon/plugins/ha/ha_attribute.c @@ -309,7 +309,7 @@ static void load_pools(private_ha_attribute_t *this) pool_t *pool; enumerator = lib->settings->create_key_value_enumerator(lib->settings, - "%s.plugins.ha.pools", charon->name); + "%s.plugins.ha.pools", lib->ns); while (enumerator->enumerate(enumerator, &name, &net)) { net = strdup(net); diff --git a/src/libcharon/plugins/ha/ha_plugin.c b/src/libcharon/plugins/ha/ha_plugin.c index 5d4cc6184..493cad5ec 100644 --- a/src/libcharon/plugins/ha/ha_plugin.c +++ b/src/libcharon/plugins/ha/ha_plugin.c @@ -160,19 +160,19 @@ plugin_t *ha_plugin_create() bool fifo, monitor, resync; local = lib->settings->get_str(lib->settings, - "%s.plugins.ha.local", NULL, charon->name); + "%s.plugins.ha.local", NULL, lib->ns); remote = lib->settings->get_str(lib->settings, - "%s.plugins.ha.remote", NULL, charon->name); + "%s.plugins.ha.remote", NULL, lib->ns); secret = lib->settings->get_str(lib->settings, - "%s.plugins.ha.secret", NULL, charon->name); + "%s.plugins.ha.secret", NULL, lib->ns); fifo = lib->settings->get_bool(lib->settings, - "%s.plugins.ha.fifo_interface", TRUE, charon->name); + "%s.plugins.ha.fifo_interface", TRUE, lib->ns); monitor = lib->settings->get_bool(lib->settings, - "%s.plugins.ha.monitor", TRUE, charon->name); + "%s.plugins.ha.monitor", TRUE, lib->ns); resync = lib->settings->get_bool(lib->settings, - "%s.plugins.ha.resync", TRUE, charon->name); + "%s.plugins.ha.resync", TRUE, lib->ns); count = min(SEGMENTS_MAX, lib->settings->get_int(lib->settings, - "%s.plugins.ha.segment_count", 1, charon->name)); + "%s.plugins.ha.segment_count", 1, lib->ns)); if (!local || !remote) { DBG1(DBG_CFG, "HA config misses local/remote address"); diff --git a/src/libcharon/plugins/ha/ha_segments.c b/src/libcharon/plugins/ha/ha_segments.c index cab38c63d..fc7d7a8b4 100644 --- a/src/libcharon/plugins/ha/ha_segments.c +++ b/src/libcharon/plugins/ha/ha_segments.c @@ -470,12 +470,12 @@ ha_segments_t *ha_segments_create(ha_socket_t *socket, ha_kernel_t *kernel, .condvar = condvar_create(CONDVAR_TYPE_DEFAULT), .heartbeat_delay = lib->settings->get_int(lib->settings, "%s.plugins.ha.heartbeat_delay", DEFAULT_HEARTBEAT_DELAY, - charon->name), + lib->ns), .heartbeat_timeout = lib->settings->get_int(lib->settings, "%s.plugins.ha.heartbeat_timeout", DEFAULT_HEARTBEAT_TIMEOUT, - charon->name), + lib->ns), .autobalance = lib->settings->get_int(lib->settings, - "%s.plugins.ha.autobalance", 0, charon->name), + "%s.plugins.ha.autobalance", 0, lib->ns), ); if (monitor) diff --git a/src/libcharon/plugins/ipseckey/Makefile.in b/src/libcharon/plugins/ipseckey/Makefile.in index 5c3d01558..2ee5a49f1 100644 --- a/src/libcharon/plugins/ipseckey/Makefile.in +++ b/src/libcharon/plugins/ipseckey/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/ipseckey/ipseckey_plugin.c b/src/libcharon/plugins/ipseckey/ipseckey_plugin.c index 9bc49ba28..9f00abe8b 100644 --- a/src/libcharon/plugins/ipseckey/ipseckey_plugin.c +++ b/src/libcharon/plugins/ipseckey/ipseckey_plugin.c @@ -53,7 +53,7 @@ METHOD(plugin_t, reload, bool, private_ipseckey_plugin_t *this) { bool enabled = lib->settings->get_bool(lib->settings, - "%s.plugins.ipseckey.enable", FALSE, charon->name); + "%s.plugins.ipseckey.enable", FALSE, lib->ns); if (enabled != this->enabled) { diff --git a/src/libcharon/plugins/kernel_libipsec/Makefile.in b/src/libcharon/plugins/kernel_libipsec/Makefile.in index fa28babe4..1726c689c 100644 --- a/src/libcharon/plugins/kernel_libipsec/Makefile.in +++ b/src/libcharon/plugins/kernel_libipsec/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c index d0744e300..b33580700 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c @@ -695,7 +695,7 @@ kernel_libipsec_ipsec_t *kernel_libipsec_ipsec_create() .policies = linked_list_create(), .excludes = linked_list_create(), .allow_peer_ts = lib->settings->get_bool(lib->settings, - "%s.plugins.kernel-libipsec.allow_peer_ts", FALSE, hydra->daemon), + "%s.plugins.kernel-libipsec.allow_peer_ts", FALSE, lib->ns), ); ipsec->events->register_listener(ipsec->events, &this->ipsec_listener); diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c index 56f526217..e3b688dd6 100644 --- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c +++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c @@ -144,6 +144,6 @@ plugin_t *kernel_libipsec_plugin_create() /* set TUN device as default to install VIPs */ lib->settings->set_str(lib->settings, "%s.install_virtual_ip_on", - this->tun->get_name(this->tun), charon->name); + this->tun->get_name(this->tun), lib->ns); return &this->public.plugin; } diff --git a/src/libcharon/plugins/led/Makefile.in b/src/libcharon/plugins/led/Makefile.in index 9373703a2..48163aff2 100644 --- a/src/libcharon/plugins/led/Makefile.in +++ b/src/libcharon/plugins/led/Makefile.in @@ -215,8 +215,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/led/led_listener.c b/src/libcharon/plugins/led/led_listener.c index be80bcde2..3351f6614 100644 --- a/src/libcharon/plugins/led/led_listener.c +++ b/src/libcharon/plugins/led/led_listener.c @@ -230,12 +230,12 @@ led_listener_t *led_listener_create() }, .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .blink_time = lib->settings->get_int(lib->settings, - "%s.plugins.led.blink_time", 50, charon->name), + "%s.plugins.led.blink_time", 50, lib->ns), ); this->activity = open_led(lib->settings->get_str(lib->settings, - "%s.plugins.led.activity_led", NULL, charon->name), - &this->activity_max); + "%s.plugins.led.activity_led", NULL, lib->ns), + &this->activity_max); set_led(this->activity, 0); return &this->public; diff --git a/src/libcharon/plugins/load_tester/Makefile.in b/src/libcharon/plugins/load_tester/Makefile.in index 93dd6b486..2369044dd 100644 --- a/src/libcharon/plugins/load_tester/Makefile.in +++ b/src/libcharon/plugins/load_tester/Makefile.in @@ -228,8 +228,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -297,6 +295,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -385,12 +388,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -405,6 +412,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c index e4e47c1ac..e133190b4 100644 --- a/src/libcharon/plugins/load_tester/load_tester_config.c +++ b/src/libcharon/plugins/load_tester/load_tester_config.c @@ -236,11 +236,11 @@ static void load_addrs(private_load_tester_config_t *this) mem_pool_t *pool; this->keep = lib->settings->get_bool(lib->settings, - "%s.plugins.load-tester.addrs_keep", FALSE, charon->name); + "%s.plugins.load-tester.addrs_keep", FALSE, lib->ns); this->prefix = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.addrs_prefix", 16, charon->name); + "%s.plugins.load-tester.addrs_prefix", 16, lib->ns); enumerator = lib->settings->create_key_value_enumerator(lib->settings, - "%s.plugins.load-tester.addrs", charon->name); + "%s.plugins.load-tester.addrs", lib->ns); while (enumerator->enumerate(enumerator, &iface, &token)) { tokens = enumerator_create_token(token, ",", " "); @@ -917,72 +917,71 @@ load_tester_config_t *load_tester_config_create() ); if (lib->settings->get_bool(lib->settings, - "%s.plugins.load-tester.request_virtual_ip", FALSE, charon->name)) + "%s.plugins.load-tester.request_virtual_ip", FALSE, lib->ns)) { this->vip = host_create_from_string("0.0.0.0", 0); } this->pool = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.pool", NULL, charon->name); + "%s.plugins.load-tester.pool", NULL, lib->ns); this->initiator = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.initiator", "0.0.0.0", charon->name); + "%s.plugins.load-tester.initiator", "0.0.0.0", lib->ns); this->responder = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.responder", "127.0.0.1", charon->name); + "%s.plugins.load-tester.responder", "127.0.0.1", lib->ns); this->proposal = proposal_create_from_string(PROTO_IKE, lib->settings->get_str(lib->settings, "%s.plugins.load-tester.proposal", "aes128-sha1-modp768", - charon->name)); + lib->ns)); if (!this->proposal) { /* fallback */ this->proposal = proposal_create_from_string(PROTO_IKE, "aes128-sha1-modp768"); } this->esp = proposal_create_from_string(PROTO_ESP, - lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.esp", "aes128-sha1", - charon->name)); + lib->settings->get_str(lib->settings, + "%s.plugins.load-tester.esp", "aes128-sha1", lib->ns)); if (!this->esp) { /* fallback */ this->esp = proposal_create_from_string(PROTO_ESP, "aes128-sha1"); } this->ike_rekey = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.ike_rekey", 0, charon->name); + "%s.plugins.load-tester.ike_rekey", 0, lib->ns); this->child_rekey = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.child_rekey", 600, charon->name); + "%s.plugins.load-tester.child_rekey", 600, lib->ns); this->dpd_delay = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.dpd_delay", 0, charon->name); + "%s.plugins.load-tester.dpd_delay", 0, lib->ns); this->dpd_timeout = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.dpd_timeout", 0, charon->name); + "%s.plugins.load-tester.dpd_timeout", 0, lib->ns); this->initiator_auth = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.initiator_auth", "pubkey", charon->name); + "%s.plugins.load-tester.initiator_auth", "pubkey", lib->ns); this->responder_auth = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.responder_auth", "pubkey", charon->name); + "%s.plugins.load-tester.responder_auth", "pubkey", lib->ns); this->initiator_id = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.initiator_id", NULL, charon->name); + "%s.plugins.load-tester.initiator_id", NULL, lib->ns); this->initiator_match = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.initiator_match", NULL, charon->name); + "%s.plugins.load-tester.initiator_match", NULL, lib->ns); this->responder_id = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.responder_id", NULL, charon->name); + "%s.plugins.load-tester.responder_id", NULL, lib->ns); this->mode = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.mode", NULL, charon->name); + "%s.plugins.load-tester.mode", NULL, lib->ns); this->initiator_tsi = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.initiator_tsi", NULL, charon->name); + "%s.plugins.load-tester.initiator_tsi", NULL, lib->ns); this->responder_tsi =lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.responder_tsi", - this->initiator_tsi, charon->name); + "%s.plugins.load-tester.responder_tsi", + this->initiator_tsi, lib->ns); this->initiator_tsr = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.initiator_tsr", NULL, charon->name); + "%s.plugins.load-tester.initiator_tsr", NULL, lib->ns); this->responder_tsr =lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.responder_tsr", - this->initiator_tsr, charon->name); + "%s.plugins.load-tester.responder_tsr", + this->initiator_tsr, lib->ns); this->port = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.dynamic_port", 0, charon->name); + "%s.plugins.load-tester.dynamic_port", 0, lib->ns); this->version = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.version", IKE_ANY, charon->name); + "%s.plugins.load-tester.version", IKE_ANY, lib->ns); load_addrs(this); diff --git a/src/libcharon/plugins/load_tester/load_tester_control.c b/src/libcharon/plugins/load_tester/load_tester_control.c index f9ec9142f..5f089f5db 100644 --- a/src/libcharon/plugins/load_tester/load_tester_control.c +++ b/src/libcharon/plugins/load_tester/load_tester_control.c @@ -302,7 +302,7 @@ load_tester_control_t *load_tester_control_create() uri = lib->settings->get_str(lib->settings, "%s.plugins.load-tester.socket", "unix://" LOAD_TESTER_SOCKET, - charon->name); + lib->ns); this->service = lib->streams->create_service(lib->streams, uri, 10); if (this->service) { diff --git a/src/libcharon/plugins/load_tester/load_tester_creds.c b/src/libcharon/plugins/load_tester/load_tester_creds.c index 028205bd2..f17d41f46 100644 --- a/src/libcharon/plugins/load_tester/load_tester_creds.c +++ b/src/libcharon/plugins/load_tester/load_tester_creds.c @@ -202,7 +202,7 @@ static private_key_t *load_issuer_key() char *path; path = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.issuer_key", NULL, charon->name); + "%s.plugins.load-tester.issuer_key", NULL, lib->ns); if (!path) { return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, @@ -222,7 +222,7 @@ static certificate_t *load_issuer_cert() char *path; path = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.issuer_cert", NULL, charon->name); + "%s.plugins.load-tester.issuer_cert", NULL, lib->ns); if (!path) { return lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, @@ -246,7 +246,7 @@ static void load_ca_certs(private_load_tester_creds_t *this) char *path; path = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.ca_dir", NULL, charon->name); + "%s.plugins.load-tester.ca_dir", NULL, lib->ns); if (path) { enumerator = enumerator_create_directory(path); @@ -445,11 +445,11 @@ load_tester_creds_t *load_tester_creds_create() char *pwd, *psk, *digest; psk = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.preshared_key", default_psk, charon->name); + "%s.plugins.load-tester.preshared_key", default_psk, lib->ns); pwd = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.eap_password", default_pwd, charon->name); + "%s.plugins.load-tester.eap_password", default_pwd, lib->ns); digest = lib->settings->get_str(lib->settings, - "%s.plugins.load-tester.digest", "sha1", charon->name); + "%s.plugins.load-tester.digest", "sha1", lib->ns); INIT(this, .public = { diff --git a/src/libcharon/plugins/load_tester/load_tester_listener.c b/src/libcharon/plugins/load_tester/load_tester_listener.c index 7e832ddc0..068020ef7 100644 --- a/src/libcharon/plugins/load_tester/load_tester_listener.c +++ b/src/libcharon/plugins/load_tester/load_tester_listener.c @@ -126,7 +126,7 @@ load_tester_listener_t *load_tester_listener_create(u_int shutdown_on, }, .delete_after_established = lib->settings->get_bool(lib->settings, "%s.plugins.load-tester.delete_after_established", FALSE, - charon->name), + lib->ns), .shutdown_on = shutdown_on, .config = config, ); diff --git a/src/libcharon/plugins/load_tester/load_tester_plugin.c b/src/libcharon/plugins/load_tester/load_tester_plugin.c index 03557a269..e684f22ce 100644 --- a/src/libcharon/plugins/load_tester/load_tester_plugin.c +++ b/src/libcharon/plugins/load_tester/load_tester_plugin.c @@ -193,7 +193,7 @@ static bool register_load_tester(private_load_tester_plugin_t *this, lib->credmgr->add_set(lib->credmgr, &this->creds->credential_set); if (lib->settings->get_bool(lib->settings, - "%s.plugins.load-tester.shutdown_when_complete", 0, charon->name)) + "%s.plugins.load-tester.shutdown_when_complete", 0, lib->ns)) { shutdown_on = this->iterations * this->initiators; } @@ -262,8 +262,8 @@ plugin_t *load_tester_plugin_create() { private_load_tester_plugin_t *this; - if (!lib->settings->get_bool(lib->settings, - "%s.plugins.load-tester.enable", FALSE, charon->name)) + if (!lib->settings->get_bool(lib->settings, "%s.plugins.load-tester.enable", + FALSE, lib->ns)) { DBG1(DBG_CFG, "disabling load-tester plugin, not configured"); return NULL; @@ -279,19 +279,19 @@ plugin_t *load_tester_plugin_create() }, }, .delay = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.delay", 0, charon->name), + "%s.plugins.load-tester.delay", 0, lib->ns), .iterations = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.iterations", 1, charon->name), + "%s.plugins.load-tester.iterations", 1, lib->ns), .initiators = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.initiators", 0, charon->name), + "%s.plugins.load-tester.initiators", 0, lib->ns), .init_limit = lib->settings->get_int(lib->settings, - "%s.plugins.load-tester.init_limit", 0, charon->name), + "%s.plugins.load-tester.init_limit", 0, lib->ns), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .condvar = condvar_create(CONDVAR_TYPE_DEFAULT), ); if (lib->settings->get_bool(lib->settings, - "%s.plugins.load-tester.fake_kernel", FALSE, charon->name)) + "%s.plugins.load-tester.fake_kernel", FALSE, lib->ns)) { hydra->kernel_interface->add_ipsec_interface(hydra->kernel_interface, (kernel_ipsec_constructor_t)load_tester_ipsec_create); diff --git a/src/libcharon/plugins/lookip/Makefile.in b/src/libcharon/plugins/lookip/Makefile.in index d74ce4668..4b6d214de 100644 --- a/src/libcharon/plugins/lookip/Makefile.in +++ b/src/libcharon/plugins/lookip/Makefile.in @@ -224,8 +224,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -293,6 +291,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -381,12 +384,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -401,6 +408,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/lookip/lookip_socket.c b/src/libcharon/plugins/lookip/lookip_socket.c index d25573bf4..4b33e3e31 100644 --- a/src/libcharon/plugins/lookip/lookip_socket.c +++ b/src/libcharon/plugins/lookip/lookip_socket.c @@ -87,10 +87,21 @@ static void entry_destroy(entry_t *entry) } /** - * Disconnect a stream, remove connection entry + * Data for async disconnect job */ -static void disconnect(private_lookip_socket_t *this, stream_t *stream) +typedef struct { + /** socket ref */ + private_lookip_socket_t *this; + /** stream to disconnect */ + stream_t *stream; +} disconnect_data_t; + +/** + * Disconnect a stream asynchronously, remove connection entry + */ +static job_requeue_t disconnect_async(disconnect_data_t *data) { + private_lookip_socket_t *this = data->this; enumerator_t *enumerator; entry_t *entry; @@ -98,7 +109,7 @@ static void disconnect(private_lookip_socket_t *this, stream_t *stream) enumerator = this->connected->create_enumerator(this->connected); while (enumerator->enumerate(enumerator, &entry)) { - if (entry->stream == stream) + if (entry->stream == data->stream) { this->connected->remove_at(this->connected, enumerator); if (entry->up || entry->down) @@ -111,6 +122,24 @@ static void disconnect(private_lookip_socket_t *this, stream_t *stream) } enumerator->destroy(enumerator); this->mutex->unlock(this->mutex); + return JOB_REQUEUE_NONE; +} + +/** + * Queue async disconnect job + */ +static void disconnect(private_lookip_socket_t *this, stream_t *stream) +{ + disconnect_data_t *data; + + INIT(data, + .this = this, + .stream = stream, + ); + + lib->processor->queue_job(lib->processor, + (job_t*)callback_job_create((void*)disconnect_async, data, + free, NULL)); } /** @@ -393,8 +422,8 @@ lookip_socket_t *lookip_socket_create(lookip_listener_t *listener) ); uri = lib->settings->get_str(lib->settings, - "%s.plugins.lookip.socket", "unix://" LOOKIP_SOCKET, - charon->name); + "%s.plugins.lookip.socket", "unix://" LOOKIP_SOCKET, + lib->ns); this->service = lib->streams->create_service(lib->streams, uri, 10); if (!this->service) { diff --git a/src/libcharon/plugins/maemo/Makefile.in b/src/libcharon/plugins/maemo/Makefile.in index a8b793f6f..314088a25 100644 --- a/src/libcharon/plugins/maemo/Makefile.in +++ b/src/libcharon/plugins/maemo/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/medcli/Makefile.in b/src/libcharon/plugins/medcli/Makefile.in index 76b05c634..8d7ca04e6 100644 --- a/src/libcharon/plugins/medcli/Makefile.in +++ b/src/libcharon/plugins/medcli/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/medsrv/Makefile.in b/src/libcharon/plugins/medsrv/Makefile.in index 20e3553e7..7abc23e50 100644 --- a/src/libcharon/plugins/medsrv/Makefile.in +++ b/src/libcharon/plugins/medsrv/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/osx_attr/Makefile.in b/src/libcharon/plugins/osx_attr/Makefile.in index 9e794cec3..b891f55f1 100644 --- a/src/libcharon/plugins/osx_attr/Makefile.in +++ b/src/libcharon/plugins/osx_attr/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/radattr/Makefile.in b/src/libcharon/plugins/radattr/Makefile.in index c8d8fae1c..bf85d5713 100644 --- a/src/libcharon/plugins/radattr/Makefile.in +++ b/src/libcharon/plugins/radattr/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/radattr/radattr_listener.c b/src/libcharon/plugins/radattr/radattr_listener.c index 5443800e5..aca83aafc 100644 --- a/src/libcharon/plugins/radattr/radattr_listener.c +++ b/src/libcharon/plugins/radattr/radattr_listener.c @@ -19,7 +19,6 @@ #include <sys/stat.h> #include <unistd.h> #include <fcntl.h> -#include <sys/mman.h> #include <errno.h> #include <daemon.h> @@ -110,10 +109,7 @@ static void add_radius_attribute(private_radattr_listener_t *this, identification_t *id; auth_cfg_t *auth; char path[PATH_MAX]; - chunk_t data; - struct stat sb; - void *addr; - int fd; + chunk_t *data; auth = ike_sa->get_auth_cfg(ike_sa, TRUE); id = auth->get(auth, AUTH_RULE_EAP_IDENTITY); @@ -123,44 +119,16 @@ static void add_radius_attribute(private_radattr_listener_t *this, } snprintf(path, sizeof(path), "%s/%Y", this->dir, id); - fd = open(path, O_RDONLY); - if (fd != -1) + data = chunk_map(path, FALSE); + if (data) { - if (fstat(fd, &sb) != -1) + if (data->len >= 2) { - if (sb.st_size <= MAX_ATTR_SIZE) - { - addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); - if (addr != MAP_FAILED) - { - data = chunk_create(addr, sb.st_size); - if (data.len >= 2) - { - DBG1(DBG_CFG, "adding RADIUS %N attribute", - radius_attribute_type_names, data.ptr[0]); - message->add_notify(message, FALSE, - RADIUS_ATTRIBUTE, data); - } - munmap(addr, sb.st_size); - } - else - { - DBG1(DBG_CFG, "mapping RADIUS attribute '%s' failed: %s", - path, strerror(errno)); - } - } - else - { - DBG1(DBG_CFG, "RADIUS attribute '%s' exceeds size limit", - path); - } - } - else - { - DBG1(DBG_CFG, "fstat RADIUS attribute '%s' failed: %s", - path, strerror(errno)); + DBG1(DBG_CFG, "adding RADIUS %N attribute", + radius_attribute_type_names, data->ptr[0]); + message->add_notify(message, FALSE, RADIUS_ATTRIBUTE, *data); } - close(fd); + chunk_unmap(data); } else { @@ -212,9 +180,9 @@ radattr_listener_t *radattr_listener_create() .destroy = _destroy, }, .dir = lib->settings->get_str(lib->settings, - "%s.plugins.radattr.dir", NULL, charon->name), + "%s.plugins.radattr.dir", NULL, lib->ns), .mid = lib->settings->get_int(lib->settings, - "%s.plugins.radattr.message_id", -1, charon->name), + "%s.plugins.radattr.message_id", -1, lib->ns), ); return &this->public; diff --git a/src/libcharon/plugins/smp/Makefile.in b/src/libcharon/plugins/smp/Makefile.in index f56840410..43f3c6fbf 100644 --- a/src/libcharon/plugins/smp/Makefile.in +++ b/src/libcharon/plugins/smp/Makefile.in @@ -216,8 +216,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/socket_default/Makefile.in b/src/libcharon/plugins/socket_default/Makefile.in index cfcee2f79..155113e48 100644 --- a/src/libcharon/plugins/socket_default/Makefile.in +++ b/src/libcharon/plugins/socket_default/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c index ea976dfe9..081d3efc7 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.c +++ b/src/libcharon/plugins/socket_default/socket_default_socket.c @@ -617,7 +617,7 @@ static int open_socket(private_socket_default_socket_t *this, mark_t mark; fwmark = lib->settings->get_str(lib->settings, - "%s.plugins.socket-default.fwmark", NULL, charon->name); + "%s.plugins.socket-default.fwmark", NULL, lib->ns); if (fwmark && mark_from_string(fwmark, &mark)) { if (setsockopt(skt, SOL_SOCKET, SO_MARK, &mark.value, @@ -657,10 +657,10 @@ static bool use_family(int family) { case AF_INET: return lib->settings->get_bool(lib->settings, - "%s.plugins.socket-default.use_ipv4", TRUE, charon->name); + "%s.plugins.socket-default.use_ipv4", TRUE, lib->ns); case AF_INET6: return lib->settings->get_bool(lib->settings, - "%s.plugins.socket-default.use_ipv6", TRUE, charon->name); + "%s.plugins.socket-default.use_ipv6", TRUE, lib->ns); default: return FALSE; } @@ -735,14 +735,14 @@ socket_default_socket_t *socket_default_socket_create() }, }, .port = lib->settings->get_int(lib->settings, - "%s.port", CHARON_UDP_PORT, charon->name), + "%s.port", CHARON_UDP_PORT, lib->ns), .natt = lib->settings->get_int(lib->settings, - "%s.port_nat_t", CHARON_NATT_PORT, charon->name), + "%s.port_nat_t", CHARON_NATT_PORT, lib->ns), .max_packet = lib->settings->get_int(lib->settings, - "%s.max_packet", MAX_PACKET, charon->name), + "%s.max_packet", MAX_PACKET, lib->ns), .set_source = lib->settings->get_bool(lib->settings, "%s.plugins.socket-default.set_source", TRUE, - charon->name), + lib->ns), ); if (this->port && this->port == this->natt) diff --git a/src/libcharon/plugins/socket_dynamic/Makefile.in b/src/libcharon/plugins/socket_dynamic/Makefile.in index 1efbdabbc..da40a433b 100644 --- a/src/libcharon/plugins/socket_dynamic/Makefile.in +++ b/src/libcharon/plugins/socket_dynamic/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c index 012f18e31..3161a709f 100644 --- a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c +++ b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c @@ -668,7 +668,7 @@ socket_dynamic_socket_t *socket_dynamic_socket_create() }, .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), .max_packet = lib->settings->get_int(lib->settings, - "%s.max_packet", MAX_PACKET, charon->name), + "%s.max_packet", MAX_PACKET, lib->ns), ); if (pipe(this->notify) != 0) diff --git a/src/libcharon/plugins/sql/Makefile.in b/src/libcharon/plugins/sql/Makefile.in index 18461fa04..963804932 100644 --- a/src/libcharon/plugins/sql/Makefile.in +++ b/src/libcharon/plugins/sql/Makefile.in @@ -216,8 +216,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/sql/sql_logger.c b/src/libcharon/plugins/sql/sql_logger.c index 547e7691e..9a7a6e0ff 100644 --- a/src/libcharon/plugins/sql/sql_logger.c +++ b/src/libcharon/plugins/sql/sql_logger.c @@ -141,7 +141,7 @@ sql_logger_t *sql_logger_create(database_t *db) .db = db, .recursive = thread_value_create(NULL), .level = lib->settings->get_int(lib->settings, - "%s.plugins.sql.loglevel", -1, charon->name), + "%s.plugins.sql.loglevel", -1, lib->ns), ); return &this->public; diff --git a/src/libcharon/plugins/sql/sql_plugin.c b/src/libcharon/plugins/sql/sql_plugin.c index c1b4461d2..c5dd6e8b3 100644 --- a/src/libcharon/plugins/sql/sql_plugin.c +++ b/src/libcharon/plugins/sql/sql_plugin.c @@ -73,7 +73,7 @@ static bool open_database(private_sql_plugin_t *this, char *uri; uri = lib->settings->get_str(lib->settings, "%s.plugins.sql.database", - NULL, charon->name); + NULL, lib->ns); if (!uri) { DBG1(DBG_CFG, "sql plugin: database URI not set"); diff --git a/src/libcharon/plugins/stroke/Makefile.in b/src/libcharon/plugins/stroke/Makefile.in index a913e063e..11a8771cc 100644 --- a/src/libcharon/plugins/stroke/Makefile.in +++ b/src/libcharon/plugins/stroke/Makefile.in @@ -220,8 +220,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index 2e10f324b..e5e6d9246 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -880,7 +880,7 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this, else { vip = host_create_from_string(token, 0); - if (vip) + if (!vip) { DBG1(DBG_CFG, "ignored invalid subnet token: %s", token); } diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c index b583bfc53..f770d7c9e 100644 --- a/src/libcharon/plugins/stroke/stroke_control.c +++ b/src/libcharon/plugins/stroke/stroke_control.c @@ -778,7 +778,7 @@ stroke_control_t *stroke_control_create() .destroy = _destroy, }, .timeout = lib->settings->get_int(lib->settings, - "%s.plugins.stroke.timeout", 0, charon->name), + "%s.plugins.stroke.timeout", 0, lib->ns), ); return &this->public; diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c index 8d0001271..f908219ed 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.c +++ b/src/libcharon/plugins/stroke/stroke_cred.c @@ -17,8 +17,6 @@ #include <sys/types.h> #include <sys/stat.h> #include <limits.h> -#include <libgen.h> -#include <sys/mman.h> #include <fcntl.h> #include <errno.h> #include <unistd.h> @@ -521,7 +519,16 @@ METHOD(stroke_cred_t, cache_cert, void, if (cert->get_encoding(cert, CERT_ASN1_DER, &chunk)) { - chunk_write(chunk, buf, "crl", 022, TRUE); + if (chunk_write(chunk, buf, 022, TRUE)) + { + DBG1(DBG_CFG, " written crl file '%s' (%d bytes)", + buf, chunk.len); + } + else + { + DBG1(DBG_CFG, " writing crl file '%s' failed: %s", + buf, strerror(errno)); + } free(chunk.ptr); } } @@ -1092,46 +1099,24 @@ static bool load_shared(mem_cred_t *secrets, chunk_t line, int line_nr, static void load_secrets(private_stroke_cred_t *this, mem_cred_t *secrets, char *file, int level, FILE *prompt) { - int line_nr = 0, fd; - chunk_t src, line; - struct stat sb; - void *addr; + int line_nr = 0; + chunk_t *src, line; DBG1(DBG_CFG, "loading secrets from '%s'", file); - fd = open(file, O_RDONLY); - if (fd == -1) + src = chunk_map(file, FALSE); + if (!src) { DBG1(DBG_CFG, "opening secrets file '%s' failed: %s", file, strerror(errno)); return; } - if (fstat(fd, &sb) == -1) - { - DBG1(DBG_LIB, "getting file size of '%s' failed: %s", file, - strerror(errno)); - close(fd); - return; - } - if (sb.st_size == 0) - { /* skip empty files, as mmap() complains */ - close(fd); - return; - } - addr = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); - if (addr == MAP_FAILED) - { - DBG1(DBG_LIB, "mapping '%s' failed: %s", file, strerror(errno)); - close(fd); - return; - } - src = chunk_create(addr, sb.st_size); if (!secrets) { secrets = mem_cred_create(); } - while (fetchline(&src, &line)) + while (fetchline(src, &line)) { chunk_t ids, token; shared_key_type_t type; @@ -1172,8 +1157,7 @@ static void load_secrets(private_stroke_cred_t *this, mem_cred_t *secrets, } else { /* use directory of current file if relative */ - dir = strdup(file); - dir = dirname(dir); + dir = path_dirname(file); if (line.len + 1 + strlen(dir) + 1 > sizeof(pattern)) { @@ -1272,8 +1256,7 @@ static void load_secrets(private_stroke_cred_t *this, mem_cred_t *secrets, break; } } - munmap(addr, sb.st_size); - close(fd); + chunk_unmap(src); if (level == 0) { /* replace secrets in active credential set */ @@ -1394,7 +1377,7 @@ stroke_cred_t *stroke_cred_create() this->force_ca_cert = lib->settings->get_bool(lib->settings, "%s.plugins.stroke.ignore_missing_ca_basic_constraint", - FALSE, charon->name); + FALSE, lib->ns); load_certs(this); load_secrets(this, NULL, SECRETS_FILE, 0, NULL); diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c index 3adebb523..169ff2bf6 100644 --- a/src/libcharon/plugins/stroke/stroke_socket.c +++ b/src/libcharon/plugins/stroke/stroke_socket.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Tobias Brunner + * Copyright (C) 2011-2013 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -99,6 +99,11 @@ struct private_stroke_socket_t { * Counter values for IKE events */ stroke_counter_t *counter; + + /** + * TRUE if log level changes are not allowed + */ + bool prevent_loglevel_changes; }; /** @@ -490,6 +495,25 @@ static void stroke_leases(private_stroke_socket_t *this, } /** + * Callback function for usage report + */ +static void report_usage(FILE *out, int count, size_t bytes, + backtrace_t *bt, bool detailed) +{ + fprintf(out, "%zu bytes total, %d allocations, %zu bytes average:\n", + bytes, count, bytes / count); + bt->log(bt, out, detailed); +} + +/** + * Callback function for memusage summary + */ +static void sum_usage(FILE *out, int count, size_t bytes, int whitelisted) +{ + fprintf(out, "Total memory usage: %zu\n", bytes); +} + +/** * Show memory usage */ static void stroke_memusage(private_stroke_socket_t *this, @@ -497,7 +521,9 @@ static void stroke_memusage(private_stroke_socket_t *this, { if (lib->leak_detective) { - lib->leak_detective->usage(lib->leak_detective, out); + lib->leak_detective->usage(lib->leak_detective, + (leak_detective_report_cb_t)report_usage, + (leak_detective_summary_cb_t)sum_usage, out); } } @@ -546,6 +572,12 @@ static void stroke_loglevel(private_stroke_socket_t *this, DBG1(DBG_CFG, "received stroke: loglevel %d for %s", msg->loglevel.level, msg->loglevel.type); + if (this->prevent_loglevel_changes) + { + DBG1(DBG_CFG, "prevented log level change"); + fprintf(out, "command not allowed!\n"); + return; + } if (strcaseeq(msg->loglevel.type, "any")) { group = DBG_ANY; @@ -555,7 +587,7 @@ static void stroke_loglevel(private_stroke_socket_t *this, group = enum_from_name(debug_names, msg->loglevel.type); if ((int)group < 0) { - fprintf(out, "invalid type (%s)!\n", msg->loglevel.type); + fprintf(out, "unknown type '%s'!\n", msg->loglevel.type); return; } } @@ -591,8 +623,8 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream) return FALSE; } - /* read message */ - msg = malloc(len); + /* read message (we need an additional byte to terminate the buffer) */ + msg = malloc(len + 1); msg->length = len; if (!stream->read_all(stream, (char*)msg + sizeof(len), len - sizeof(len))) { @@ -603,6 +635,9 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream) free(msg); return FALSE; } + /* make sure even incorrectly unterminated strings don't extend over the + * message boundaries */ + ((char*)msg)[len] = '\0'; DBG3(DBG_CFG, "stroke message %b", (void*)msg, len); @@ -727,6 +762,8 @@ stroke_socket_t *stroke_socket_create() .public = { .destroy = _destroy, }, + .prevent_loglevel_changes = lib->settings->get_bool(lib->settings, + "%s.plugins.stroke.prevent_loglevel_changes", FALSE, lib->ns), ); this->cred = stroke_cred_create(); @@ -746,10 +783,10 @@ stroke_socket_t *stroke_socket_create() charon->bus->add_listener(charon->bus, &this->counter->listener); max_concurrent = lib->settings->get_int(lib->settings, - "%s.plugins.stroke.max_concurrent", MAX_CONCURRENT_DEFAULT, - charon->name); + "%s.plugins.stroke.max_concurrent", MAX_CONCURRENT_DEFAULT, + lib->ns); uri = lib->settings->get_str(lib->settings, - "%s.plugins.stroke.socket", "unix://" STROKE_SOCKET, charon->name); + "%s.plugins.stroke.socket", "unix://" STROKE_SOCKET, lib->ns); this->service = lib->streams->create_service(lib->streams, uri, 10); if (!this->service) { diff --git a/src/libcharon/plugins/systime_fix/Makefile.in b/src/libcharon/plugins/systime_fix/Makefile.in index 8ad5c88ba..63724728a 100644 --- a/src/libcharon/plugins/systime_fix/Makefile.in +++ b/src/libcharon/plugins/systime_fix/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/systime_fix/systime_fix_plugin.c b/src/libcharon/plugins/systime_fix/systime_fix_plugin.c index c8596114c..c1594b0b2 100644 --- a/src/libcharon/plugins/systime_fix/systime_fix_plugin.c +++ b/src/libcharon/plugins/systime_fix/systime_fix_plugin.c @@ -178,9 +178,9 @@ static bool load_validator(private_systime_fix_plugin_t *this) char *str, *fmt; fmt = lib->settings->get_str(lib->settings, - "%s.plugins.%s.threshold_format", "%Y", charon->name, get_name(this)); + "%s.plugins.%s.threshold_format", "%Y", lib->ns, get_name(this)); str = lib->settings->get_str(lib->settings, - "%s.plugins.%s.threshold", NULL, charon->name, get_name(this)); + "%s.plugins.%s.threshold", NULL, lib->ns, get_name(this)); if (!str) { DBG1(DBG_CFG, "no threshold configured for %s, disabled", @@ -274,9 +274,9 @@ plugin_t *systime_fix_plugin_create() }, }, .interval = lib->settings->get_int(lib->settings, - "%s.plugins.%s.interval", 0, charon->name, get_name(this)), + "%s.plugins.%s.interval", 0, lib->ns, get_name(this)), .reauth = lib->settings->get_bool(lib->settings, - "%s.plugins.%s.reauth", FALSE, charon->name, get_name(this)), + "%s.plugins.%s.reauth", FALSE, lib->ns, get_name(this)), ); return &this->public.plugin; diff --git a/src/libcharon/plugins/tnc_ifmap/Makefile.in b/src/libcharon/plugins/tnc_ifmap/Makefile.in index ca995b01f..ace18e77c 100644 --- a/src/libcharon/plugins/tnc_ifmap/Makefile.in +++ b/src/libcharon/plugins/tnc_ifmap/Makefile.in @@ -221,8 +221,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -290,6 +288,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -378,12 +381,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -398,6 +405,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c index 4ad19c530..d2ba2e345 100644 --- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c +++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_listener.c @@ -191,8 +191,8 @@ tnc_ifmap_listener_t *tnc_ifmap_listener_create(bool reload) /* schedule periodic transmission of IF-MAP renewSession request */ reschedule = lib->settings->get_int(lib->settings, - "%s.plugins.tnc-ifmap.renew_session_interval", - IFMAP_RENEW_SESSION_INTERVAL, charon->name); + "%s.plugins.tnc-ifmap.renew_session_interval", + IFMAP_RENEW_SESSION_INTERVAL, lib->ns); job = (job_t*)tnc_ifmap_renew_session_job_create( this->ifmap->get_ref(this->ifmap), reschedule); diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c index df7d2e2a1..8f24daea3 100644 --- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c +++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c @@ -134,8 +134,8 @@ METHOD(tnc_ifmap_soap_t, newSession, bool, /* set PEP and PDP device name (defaults to IF-MAP Publisher ID) */ this->device_name = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-ifmap.device_name", - this->ifmap_publisher_id, charon->name); + "%s.plugins.tnc-ifmap.device_name", + this->ifmap_publisher_id, lib->ns); this->device_name = strdup(this->device_name); return this->session_id && this->ifmap_publisher_id; @@ -731,15 +731,15 @@ static bool soap_init(private_tnc_ifmap_soap_t *this) /* getting configuration parameters from strongswan.conf */ server_uri = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-ifmap.server_uri", IFMAP_URI, charon->name); + "%s.plugins.tnc-ifmap.server_uri", IFMAP_URI, lib->ns); server_cert = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-ifmap.server_cert", NULL, charon->name); + "%s.plugins.tnc-ifmap.server_cert", NULL, lib->ns); client_cert = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-ifmap.client_cert", NULL, charon->name); + "%s.plugins.tnc-ifmap.client_cert", NULL, lib->ns); client_key = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-ifmap.client_key", NULL, charon->name); + "%s.plugins.tnc-ifmap.client_key", NULL, lib->ns); user_pass = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-ifmap.username_password", NULL, charon->name); + "%s.plugins.tnc-ifmap.username_password", NULL, lib->ns); /* load [self-signed] MAP server certificate */ if (!server_cert) diff --git a/src/libcharon/plugins/tnc_pdp/Makefile.in b/src/libcharon/plugins/tnc_pdp/Makefile.in index d263bdec4..b2958efdb 100644 --- a/src/libcharon/plugins/tnc_pdp/Makefile.in +++ b/src/libcharon/plugins/tnc_pdp/Makefile.in @@ -222,8 +222,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -291,6 +289,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -379,12 +382,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -399,6 +406,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/tnc_pdp/tnc_pdp.c b/src/libcharon/plugins/tnc_pdp/tnc_pdp.c index 31cee9e2b..89237f564 100644 --- a/src/libcharon/plugins/tnc_pdp/tnc_pdp.c +++ b/src/libcharon/plugins/tnc_pdp/tnc_pdp.c @@ -758,19 +758,19 @@ tnc_pdp_t *tnc_pdp_create(void) bool radius_enable, pt_tls_enable; server = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-pdp.server", NULL, charon->name); + "%s.plugins.tnc-pdp.server", NULL, lib->ns); pt_tls_enable = lib->settings->get_bool(lib->settings, - "%s.plugins.tnc-pdp.pt_tls.enable", TRUE, charon->name); + "%s.plugins.tnc-pdp.pt_tls.enable", TRUE, lib->ns); pt_tls_port = lib->settings->get_int(lib->settings, - "%s.plugins.tnc-pdp.pt_tls.port", PT_TLS_PORT, charon->name); + "%s.plugins.tnc-pdp.pt_tls.port", PT_TLS_PORT, lib->ns); radius_enable = lib->settings->get_bool(lib->settings, - "%s.plugins.tnc-pdp.radius.enable", TRUE, charon->name); + "%s.plugins.tnc-pdp.radius.enable", TRUE, lib->ns); radius_port = lib->settings->get_int(lib->settings, - "%s.plugins.tnc-pdp.radius.port", RADIUS_PORT, charon->name); + "%s.plugins.tnc-pdp.radius.port", RADIUS_PORT, lib->ns); secret = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-pdp.radius.secret", NULL, charon->name); + "%s.plugins.tnc-pdp.radius.secret", NULL, lib->ns); eap_type_str = lib->settings->get_str(lib->settings, - "%s.plugins.tnc-pdp.radius.method", "ttls", charon->name); + "%s.plugins.tnc-pdp.radius.method", "ttls", lib->ns); if (!pt_tls_enable && !radius_enable) { diff --git a/src/libcharon/plugins/tnc_pdp/tnc_pdp_connections.c b/src/libcharon/plugins/tnc_pdp/tnc_pdp_connections.c index f789c31d2..6c7659bb1 100644 --- a/src/libcharon/plugins/tnc_pdp/tnc_pdp_connections.c +++ b/src/libcharon/plugins/tnc_pdp/tnc_pdp_connections.c @@ -298,7 +298,7 @@ tnc_pdp_connections_t *tnc_pdp_connections_create(void) .list = linked_list_create(), .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), .timeout = lib->settings->get_int(lib->settings, - "%s.plugins.tnc-pdp.timeout", DEFAULT_TIMEOUT, charon->name), + "%s.plugins.tnc-pdp.timeout", DEFAULT_TIMEOUT, lib->ns), ); return &this->public; diff --git a/src/libcharon/plugins/uci/Makefile.in b/src/libcharon/plugins/uci/Makefile.in index b36a53394..b2b473c32 100644 --- a/src/libcharon/plugins/uci/Makefile.in +++ b/src/libcharon/plugins/uci/Makefile.in @@ -216,8 +216,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/unit_tester/Makefile.in b/src/libcharon/plugins/unit_tester/Makefile.in index 2f8a65c07..2d9f59678 100644 --- a/src/libcharon/plugins/unit_tester/Makefile.in +++ b/src/libcharon/plugins/unit_tester/Makefile.in @@ -221,8 +221,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -290,6 +288,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -378,12 +381,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -398,6 +405,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/unity/Makefile.in b/src/libcharon/plugins/unity/Makefile.in index 11d6091db..65fe14e1d 100644 --- a/src/libcharon/plugins/unity/Makefile.in +++ b/src/libcharon/plugins/unity/Makefile.in @@ -217,8 +217,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/unity/unity_narrow.c b/src/libcharon/plugins/unity/unity_narrow.c index edff51a08..9f72a80da 100644 --- a/src/libcharon/plugins/unity/unity_narrow.c +++ b/src/libcharon/plugins/unity/unity_narrow.c @@ -97,9 +97,9 @@ static void narrow_initiator(private_unity_narrow_t *this, ike_sa_t *ike_sa, } /** - * As initiator, bump up TS to 0.0.0.0/0 for on-the-wire bits + * As initiator and responder, bump up TS to 0.0.0.0/0 for on-the-wire bits */ -static void narrow_initiator_pre(linked_list_t *list) +static void narrow_pre(linked_list_t *list, char *side) { traffic_selector_t *ts; @@ -112,7 +112,7 @@ static void narrow_initiator_pre(linked_list_t *list) "255.255.255.255", 65535); if (ts) { - DBG2(DBG_CFG, "changing proposed traffic selectors for other:"); + DBG2(DBG_CFG, "changing proposed traffic selectors for %s:", side); DBG2(DBG_CFG, " %R", ts); list->insert_last(list, ts); } @@ -149,12 +149,15 @@ METHOD(listener_t, narrow, bool, switch (type) { case NARROW_INITIATOR_PRE_AUTH: - narrow_initiator_pre(remote); + narrow_pre(remote, "other"); break; case NARROW_INITIATOR_POST_AUTH: narrow_initiator(this, ike_sa, child_sa->get_config(child_sa), remote); break; + case NARROW_RESPONDER: + narrow_pre(local, "us"); + break; case NARROW_RESPONDER_POST: narrow_responder_post(child_sa->get_config(child_sa), local); break; diff --git a/src/libcharon/plugins/unity/unity_provider.c b/src/libcharon/plugins/unity/unity_provider.c index ac6f93d69..86f81fcfb 100644 --- a/src/libcharon/plugins/unity/unity_provider.c +++ b/src/libcharon/plugins/unity/unity_provider.c @@ -1,4 +1,7 @@ /* + * Copyright (C) 2013 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * * Copyright (C) 2012 Martin Willi * Copyright (C) 2012 revosec AG * @@ -16,6 +19,7 @@ #include "unity_provider.h" #include <daemon.h> +#include <bio/bio_writer.h> typedef struct private_unity_provider_t private_unity_provider_t; @@ -31,58 +35,70 @@ struct private_unity_provider_t { }; /** - * Attribute enumerator for traffic selector list + * Attribute enumerator for UNITY_SPLIT_INCLUDE attribute */ typedef struct { /** Implements enumerator_t */ enumerator_t public; /** list of traffic selectors to enumerate */ linked_list_t *list; - /** currently enumerating subnet */ - u_char subnet[4]; - /** currently enumerating subnet mask */ - u_char mask[4]; + /** attribute value */ + chunk_t attr; } attribute_enumerator_t; +/** + * Append data from the given traffic selector to the attribute data + */ +static void append_ts(bio_writer_t *writer, traffic_selector_t *ts) +{ + host_t *net, *mask; + chunk_t padding; + u_int8_t bits; + + if (!ts->to_subnet(ts, &net, &bits)) + { + return; + } + mask = host_create_netmask(AF_INET, bits); + if (!mask) + { + net->destroy(net); + return; + } + writer->write_data(writer, net->get_address(net)); + writer->write_data(writer, mask->get_address(mask)); + /* the Cisco client parses the "padding" as protocol, src and dst port, the + * first two in network order the last in host order - no other clients seem + * to support these fields so we don't use them either */ + padding = writer->skip(writer, 6); + memset(padding.ptr, 0, padding.len); + mask->destroy(mask); + net->destroy(net); +} + METHOD(enumerator_t, attribute_enumerate, bool, attribute_enumerator_t *this, configuration_attribute_type_t *type, chunk_t *attr) { traffic_selector_t *ts; - u_int8_t i, mask; - host_t *net; + bio_writer_t *writer; - while (TRUE) + if (this->list->get_count(this->list) == 0) { - if (this->list->remove_first(this->list, (void**)&ts) != SUCCESS) - { - return FALSE; - } - if (ts->to_subnet(ts, &net, &mask)) - { - ts->destroy(ts); - break; - } - ts->destroy(ts); + return FALSE; } - memset(this->mask, 0, sizeof(this->mask)); - for (i = 0; i < sizeof(this->mask); i++) + writer = bio_writer_create(14); + while (this->list->remove_first(this->list, (void**)&ts) == SUCCESS) { - if (mask < 8) - { - this->mask[i] = 0xFF << (8 - mask); - break; - } - this->mask[i] = 0xFF; - mask -= 8; + append_ts(writer, ts); + ts->destroy(ts); } - memcpy(this->subnet, net->get_address(net).ptr, sizeof(this->subnet)); - net->destroy(net); *type = UNITY_SPLIT_INCLUDE; - *attr = chunk_create(this->subnet, sizeof(this->subnet) + sizeof(this->mask)); + *attr = this->attr = writer->extract_buf(writer); + writer->destroy(writer); return TRUE; } @@ -90,6 +106,7 @@ METHOD(enumerator_t, attribute_destroy, void, attribute_enumerator_t *this) { this->list->destroy_offset(this->list, offsetof(traffic_selector_t, destroy)); + chunk_free(&this->attr); free(this); } diff --git a/src/libcharon/plugins/updown/Makefile.in b/src/libcharon/plugins/updown/Makefile.in index 697c95917..e2d6d32fb 100644 --- a/src/libcharon/plugins/updown/Makefile.in +++ b/src/libcharon/plugins/updown/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/updown/updown_handler.c b/src/libcharon/plugins/updown/updown_handler.c index 3a644380a..0894d2d07 100644 --- a/src/libcharon/plugins/updown/updown_handler.c +++ b/src/libcharon/plugins/updown/updown_handler.c @@ -188,7 +188,7 @@ METHOD(updown_handler_t, create_dns_enumerator, enumerator_t*, ike_sa = charon->bus->get_sa(charon->bus); if (!ike_sa) { - return FALSE; + return enumerator_create_empty(); } this->lock->read_lock(this->lock); diff --git a/src/libcharon/plugins/updown/updown_listener.c b/src/libcharon/plugins/updown/updown_listener.c index 81adfdb13..2c3f93298 100644 --- a/src/libcharon/plugins/updown/updown_listener.c +++ b/src/libcharon/plugins/updown/updown_listener.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2013 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -218,12 +219,12 @@ METHOD(listener_t, child_updown, bool, enumerator = child_sa->create_policy_enumerator(child_sa); while (enumerator->enumerate(enumerator, &my_ts, &other_ts)) { - char command[1024]; + char command[2048]; host_t *my_client, *other_client; u_int8_t my_client_mask, other_client_mask; char *virtual_ip, *iface, *mark_in, *mark_out, *udp_enc, *dns, *xauth; mark_t mark; - bool is_host, is_ipv6; + bool is_host, is_ipv6, use_ipcomp; FILE *shell; my_ts->to_subnet(my_ts, &my_client, &my_client_mask); @@ -322,6 +323,9 @@ METHOD(listener_t, child_updown, bool, dns = make_dns_vars(this, ike_sa); + /* check for IPComp */ + use_ipcomp = child_sa->get_ipcomp(child_sa) != IPCOMP_NONE; + /* determine IPv4/IPv6 and client/host situation */ is_host = my_ts->is_host(my_ts, me); is_ipv6 = is_host ? (me->get_family(me) == AF_INET6) : @@ -355,6 +359,7 @@ METHOD(listener_t, child_updown, bool, "%s" "%s" "%s" + "%s" "%s", up ? "up" : "down", is_host ? "-host" : "-client", @@ -377,6 +382,7 @@ METHOD(listener_t, child_updown, bool, mark_in, mark_out, udp_enc, + use_ipcomp ? "PLUTO_IPCOMP='1' " : "", config->get_hostaccess(config) ? "PLUTO_HOST_ACCESS='1' " : "", dns, script); diff --git a/src/libcharon/plugins/updown/updown_plugin.c b/src/libcharon/plugins/updown/updown_plugin.c index 3c1aba5cc..d30267dee 100644 --- a/src/libcharon/plugins/updown/updown_plugin.c +++ b/src/libcharon/plugins/updown/updown_plugin.c @@ -58,7 +58,7 @@ static bool plugin_cb(private_updown_plugin_t *this, if (reg) { if (lib->settings->get_bool(lib->settings, - "charon.plugins.updown.dns_handler", FALSE)) + "%s.plugins.updown.dns_handler", FALSE, lib->ns)) { this->handler = updown_handler_create(); hydra->attributes->add_handler(hydra->attributes, diff --git a/src/libcharon/plugins/whitelist/Makefile.in b/src/libcharon/plugins/whitelist/Makefile.in index 218ecaaf7..aa8ad2e10 100644 --- a/src/libcharon/plugins/whitelist/Makefile.in +++ b/src/libcharon/plugins/whitelist/Makefile.in @@ -225,8 +225,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -294,6 +292,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -382,12 +385,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -402,6 +409,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/whitelist/whitelist_control.c b/src/libcharon/plugins/whitelist/whitelist_control.c index 996f263c9..c1b619c3c 100644 --- a/src/libcharon/plugins/whitelist/whitelist_control.c +++ b/src/libcharon/plugins/whitelist/whitelist_control.c @@ -157,7 +157,7 @@ whitelist_control_t *whitelist_control_create(whitelist_listener_t *listener) uri = lib->settings->get_str(lib->settings, "%s.plugins.whitelist.socket", "unix://" WHITELIST_SOCKET, - charon->name); + lib->ns); this->service = lib->streams->create_service(lib->streams, uri, 10); if (!this->service) { diff --git a/src/libcharon/plugins/whitelist/whitelist_listener.c b/src/libcharon/plugins/whitelist/whitelist_listener.c index 382ee3b8b..d0357b410 100644 --- a/src/libcharon/plugins/whitelist/whitelist_listener.c +++ b/src/libcharon/plugins/whitelist/whitelist_listener.c @@ -206,7 +206,7 @@ whitelist_listener_t *whitelist_listener_create() .ids = hashtable_create((hashtable_hash_t)hash, (hashtable_equals_t)equals, 32), .enabled = lib->settings->get_bool(lib->settings, - "%s.plugins.whitelist.enable", FALSE, charon->name), + "%s.plugins.whitelist.enable", FALSE, lib->ns), ); return &this->public; diff --git a/src/libcharon/plugins/xauth_eap/Makefile.in b/src/libcharon/plugins/xauth_eap/Makefile.in index c5eba1467..cf0c326e3 100644 --- a/src/libcharon/plugins/xauth_eap/Makefile.in +++ b/src/libcharon/plugins/xauth_eap/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/xauth_eap/xauth_eap.c b/src/libcharon/plugins/xauth_eap/xauth_eap.c index 5ac4f10d2..f597bb7ae 100644 --- a/src/libcharon/plugins/xauth_eap/xauth_eap.c +++ b/src/libcharon/plugins/xauth_eap/xauth_eap.c @@ -224,7 +224,7 @@ METHOD(xauth_method_t, process, status_t, name = lib->settings->get_str(lib->settings, "%s.plugins.xauth-eap.backend", "radius", - charon->name); + lib->ns); type = eap_type_from_string(name); if (!type) { diff --git a/src/libcharon/plugins/xauth_generic/Makefile.in b/src/libcharon/plugins/xauth_generic/Makefile.in index 47c216177..2d18f60df 100644 --- a/src/libcharon/plugins/xauth_generic/Makefile.in +++ b/src/libcharon/plugins/xauth_generic/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/xauth_noauth/Makefile.in b/src/libcharon/plugins/xauth_noauth/Makefile.in index 22244930d..8173631ae 100644 --- a/src/libcharon/plugins/xauth_noauth/Makefile.in +++ b/src/libcharon/plugins/xauth_noauth/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libcharon/plugins/xauth_pam/Makefile.am b/src/libcharon/plugins/xauth_pam/Makefile.am index a7d4f6436..1875f81d3 100644 --- a/src/libcharon/plugins/xauth_pam/Makefile.am +++ b/src/libcharon/plugins/xauth_pam/Makefile.am @@ -14,6 +14,7 @@ endif libstrongswan_xauth_pam_la_SOURCES = \ xauth_pam_plugin.h xauth_pam_plugin.c \ + xauth_pam_listener.h xauth_pam_listener.c \ xauth_pam.h xauth_pam.c libstrongswan_xauth_pam_la_LDFLAGS = -module -avoid-version -lpam diff --git a/src/libcharon/plugins/xauth_pam/Makefile.in b/src/libcharon/plugins/xauth_pam/Makefile.in index dbcc4f405..1ee269e04 100644 --- a/src/libcharon/plugins/xauth_pam/Makefile.in +++ b/src/libcharon/plugins/xauth_pam/Makefile.in @@ -129,7 +129,7 @@ am__installdirs = "$(DESTDIR)$(plugindir)" LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_xauth_pam_la_LIBADD = am_libstrongswan_xauth_pam_la_OBJECTS = xauth_pam_plugin.lo \ - xauth_pam.lo + xauth_pam_listener.lo xauth_pam.lo libstrongswan_xauth_pam_la_OBJECTS = \ $(am_libstrongswan_xauth_pam_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ @@ -417,6 +425,7 @@ AM_CFLAGS = \ @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-xauth-pam.la libstrongswan_xauth_pam_la_SOURCES = \ xauth_pam_plugin.h xauth_pam_plugin.c \ + xauth_pam_listener.h xauth_pam_listener.c \ xauth_pam.h xauth_pam.c libstrongswan_xauth_pam_la_LDFLAGS = -module -avoid-version -lpam @@ -511,6 +520,7 @@ distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xauth_pam.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xauth_pam_listener.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xauth_pam_plugin.Plo@am__quote@ .c.o: diff --git a/src/libcharon/plugins/xauth_pam/xauth_pam.c b/src/libcharon/plugins/xauth_pam/xauth_pam.c index 8ba2c764d..71c79ecc0 100644 --- a/src/libcharon/plugins/xauth_pam/xauth_pam.c +++ b/src/libcharon/plugins/xauth_pam/xauth_pam.c @@ -116,7 +116,11 @@ static void attr2string(char *buf, size_t len, chunk_t chunk) { if (chunk.len && chunk.len < len) { - snprintf(buf, len, "%.*s", (int)chunk.len, chunk.ptr); + chunk_t sane; + + chunk_printable(chunk, &sane, '?'); + snprintf(buf, len, "%.*s", (int)sane.len, sane.ptr); + chunk_clear(&sane); } } @@ -138,7 +142,7 @@ METHOD(xauth_method_t, process, status_t, /* trim to username part if email address given */ if (lib->settings->get_bool(lib->settings, "%s.plugins.xauth-pam.trim_email", - TRUE, charon->name)) + TRUE, lib->ns)) { pos = memchr(chunk.ptr, '@', chunk.len); if (pos) @@ -171,9 +175,8 @@ METHOD(xauth_method_t, process, status_t, service = lib->settings->get_str(lib->settings, "%s.plugins.xauth-pam.pam_service", lib->settings->get_str(lib->settings, - "%s.plugins.eap-gtc.pam_service", - "login", charon->name), - charon->name); + "%s.plugins.eap-gtc.pam_service", "login", lib->ns), + lib->ns); if (authenticate(service, user, pass)) { diff --git a/src/libcharon/plugins/xauth_pam/xauth_pam_listener.c b/src/libcharon/plugins/xauth_pam/xauth_pam_listener.c new file mode 100644 index 000000000..eb06f54bb --- /dev/null +++ b/src/libcharon/plugins/xauth_pam/xauth_pam_listener.c @@ -0,0 +1,144 @@ +/* + * Copyright (C) 2013 Endian srl + * Author: Andrea Bonomi - <a.bonomi@endian.com> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#define _GNU_SOURCE +#include <stdio.h> + +#include "xauth_pam_listener.h" + +#include <daemon.h> +#include <library.h> + +#include <security/pam_appl.h> + +typedef struct private_xauth_pam_listener_t private_xauth_pam_listener_t; + +/** + * Private data of an xauth_pam_listener_t object. + */ +struct private_xauth_pam_listener_t { + + /** + * Public xauth_pam_listener_t interface. + */ + xauth_pam_listener_t public; + + /** + * PAM service + */ + char *service; +}; + +/** + * PAM conv callback function + */ +static int conv(int num_msg, const struct pam_message **msg, + struct pam_response **resp, void *data) +{ + int i; + + for (i = 0; i < num_msg; i++) + { + /* ignore any text info, but fail on any interaction request */ + if (msg[i]->msg_style != PAM_TEXT_INFO) + { + return PAM_CONV_ERR; + } + } + return PAM_SUCCESS; +} + +METHOD(listener_t, ike_updown, bool, + private_xauth_pam_listener_t *this, ike_sa_t *ike_sa, bool up) +{ + struct pam_conv null_conv = { + .conv = conv, + }; + pam_handle_t *pamh = NULL; + char *user; + int ret; + + if (asprintf(&user, "%Y", ike_sa->get_other_eap_id(ike_sa)) != -1) + { + ret = pam_start(this->service, user, &null_conv, &pamh); + if (ret == PAM_SUCCESS) + { + if (up) + { + ret = pam_open_session(pamh, 0); + if (ret != PAM_SUCCESS) + { + DBG1(DBG_IKE, "XAuth pam_open_session for '%s' failed: %s", + user, pam_strerror(pamh, ret)); + } + } + else + { + ret = pam_close_session(pamh, 0); + if (ret != PAM_SUCCESS) + { + DBG1(DBG_IKE, "XAuth pam_close_session for '%s' failed: %s", + user, pam_strerror(pamh, ret)); + } + } + } + else + { + DBG1(DBG_IKE, "XAuth pam_start for '%s' failed: %s", + user, pam_strerror(pamh, ret)); + } + pam_end(pamh, ret); + free(user); + } + return TRUE; +} + +METHOD(xauth_pam_listener_t, listener_destroy, void, + private_xauth_pam_listener_t *this) +{ + free(this); +} + +xauth_pam_listener_t *xauth_pam_listener_create() +{ + private_xauth_pam_listener_t *this; + + INIT(this, + .public = { + .listener = { + .ike_updown = _ike_updown, + }, + .destroy = _listener_destroy, + }, + /* Look for PAM service, with a legacy fallback for the eap-gtc plugin. + * Default to "login". */ + .service = lib->settings->get_str(lib->settings, + "%s.plugins.xauth-pam.pam_service", + lib->settings->get_str(lib->settings, + "%s.plugins.eap-gtc.pam_service", + "login", lib->ns), + lib->ns), + ); + + return &this->public; +} diff --git a/src/libcharon/plugins/xauth_pam/xauth_pam_listener.h b/src/libcharon/plugins/xauth_pam/xauth_pam_listener.h new file mode 100644 index 000000000..5b15410f4 --- /dev/null +++ b/src/libcharon/plugins/xauth_pam/xauth_pam_listener.h @@ -0,0 +1,58 @@ +/* + * Copyright (C) 2013 Endian srl + * Author: Andrea Bonomi - <a.bonomi@endian.com> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +/** + * @defgroup xauth_pam_i xauth_pam + * @{ @ingroup xauth_pam + */ + +#ifndef XAUTH_PAM_LISENER_H_ +#define XAUTH_PAM_LISTENER_H_ + +typedef struct xauth_pam_listener_t xauth_pam_listener_t; + +#include <bus/listeners/listener.h> + +/** + * Listener + */ +struct xauth_pam_listener_t { + + /** + * Implements listener_t interface. + */ + listener_t listener; + + /** + * Destroy a xauth_pam_listener_t. + */ + void (*destroy)(xauth_pam_listener_t *this); +}; + +/** + * Create a xauth_pam_listener instance. + */ +xauth_pam_listener_t *xauth_pam_listener_create(); + + +#endif /** XAUTH_PAM_LISTENER_H_ @}*/ diff --git a/src/libcharon/plugins/xauth_pam/xauth_pam_plugin.c b/src/libcharon/plugins/xauth_pam/xauth_pam_plugin.c index 2ef9a6c8f..497ad3dd9 100644 --- a/src/libcharon/plugins/xauth_pam/xauth_pam_plugin.c +++ b/src/libcharon/plugins/xauth_pam/xauth_pam_plugin.c @@ -15,6 +15,7 @@ #include "xauth_pam_plugin.h" #include "xauth_pam.h" +#include "xauth_pam_listener.h" #include <daemon.h> @@ -22,26 +23,73 @@ #define CAP_AUDIT_WRITE 29 #endif +typedef struct private_xauth_pam_plugin_t private_xauth_pam_plugin_t; + +/** + * private data of xauth_pam plugin + */ +struct private_xauth_pam_plugin_t { + + /** + * implements plugin interface + */ + xauth_pam_plugin_t public; + + /** + * Listener + */ + xauth_pam_listener_t *listener; + + /** + * Do PAM session management? + */ + bool session; +}; + +/** + * Register XAuth method and listener + */ +static bool register_listener(private_xauth_pam_plugin_t *this, + plugin_feature_t *feature, bool reg, void *data) +{ + if (reg) + { + charon->bus->add_listener(charon->bus, &this->listener->listener); + } + else + { + charon->bus->remove_listener(charon->bus, &this->listener->listener); + } + return TRUE; +} + METHOD(plugin_t, get_name, char*, - xauth_pam_plugin_t *this) + private_xauth_pam_plugin_t *this) { return "xauth-pam"; } METHOD(plugin_t, get_features, int, - xauth_pam_plugin_t *this, plugin_feature_t *features[]) + private_xauth_pam_plugin_t *this, plugin_feature_t *features[]) { static plugin_feature_t f[] = { PLUGIN_CALLBACK(xauth_method_register, xauth_pam_create_server), PLUGIN_PROVIDE(XAUTH_SERVER, "pam"), + PLUGIN_CALLBACK((plugin_feature_callback_t)register_listener, NULL), + PLUGIN_PROVIDE(CUSTOM, "pam-session"), }; *features = f; + if (!this->session) + { + return 2; + } return countof(f); } METHOD(plugin_t, destroy, void, - xauth_pam_plugin_t *this) + private_xauth_pam_plugin_t *this) { + this->listener->destroy(this->listener), free(this); } @@ -50,7 +98,7 @@ METHOD(plugin_t, destroy, void, */ plugin_t *xauth_pam_plugin_create() { - xauth_pam_plugin_t *this; + private_xauth_pam_plugin_t *this; /* required for PAM authentication */ if (!lib->caps->keep(lib->caps, CAP_AUDIT_WRITE)) @@ -60,12 +108,17 @@ plugin_t *xauth_pam_plugin_create() } INIT(this, - .plugin = { - .get_name = _get_name, - .get_features = _get_features, - .destroy = _destroy, + .public = { + .plugin = { + .get_name = _get_name, + .get_features = _get_features, + .destroy = _destroy, + }, }, + .session = lib->settings->get_str(lib->settings, + "%s.plugins.xauth-pam.session", FALSE, lib->ns), + .listener = xauth_pam_listener_create(), ); - return &this->plugin; + return &this->public.plugin; } diff --git a/src/libcharon/processing/jobs/inactivity_job.c b/src/libcharon/processing/jobs/inactivity_job.c index 9ab69b417..197733979 100644 --- a/src/libcharon/processing/jobs/inactivity_job.c +++ b/src/libcharon/processing/jobs/inactivity_job.c @@ -73,12 +73,13 @@ METHOD(job_t, execute, job_requeue_t, { if (child_sa->get_reqid(child_sa) == this->reqid) { - time_t in, out, diff; + time_t in, out, install, diff; child_sa->get_usestats(child_sa, TRUE, &in, NULL, NULL); child_sa->get_usestats(child_sa, FALSE, &out, NULL, NULL); + install = child_sa->get_installtime(child_sa); - diff = time_monotonic(NULL) - max(in, out); + diff = time_monotonic(NULL) - max(max(in, out), install); if (diff >= this->timeout) { diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index 9c3876a94..720a58553 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -120,6 +120,11 @@ struct private_child_sa_t { time_t expire_time; /** + * absolute time when SA has been installed + */ + time_t install_time; + + /** * state of the CHILD_SA */ child_sa_state_t state; @@ -586,6 +591,12 @@ METHOD(child_sa_t, get_lifetime, time_t, return hard ? this->expire_time : this->rekey_time; } +METHOD(child_sa_t, get_installtime, time_t, + private_child_sa_t *this) +{ + return this->install_time; +} + METHOD(child_sa_t, alloc_spi, u_int32_t, private_child_sa_t *this, protocol_id_t protocol) { @@ -1140,6 +1151,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, .get_proposal = _get_proposal, .set_proposal = _set_proposal, .get_lifetime = _get_lifetime, + .get_installtime = _get_installtime, .get_usestats = _get_usestats, .get_mark = _get_mark, .has_encap = _has_encap, @@ -1170,6 +1182,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, .reqid = config->get_reqid(config), .mark_in = config->get_mark(config, TRUE), .mark_out = config->get_mark(config, FALSE), + .install_time = time_monotonic(NULL), ); this->config = config; diff --git a/src/libcharon/sa/child_sa.h b/src/libcharon/sa/child_sa.h index ed52d60b1..a0c6c357f 100644 --- a/src/libcharon/sa/child_sa.h +++ b/src/libcharon/sa/child_sa.h @@ -265,6 +265,13 @@ struct child_sa_t { time_t (*get_lifetime)(child_sa_t *this, bool hard); /** + * Get the absolute time when this SA has been installed. + * + * @return monotonic absolute install time + */ + time_t (*get_installtime)(child_sa_t *this); + + /** * Get last use time and the number of bytes processed. * * @param inbound TRUE for inbound traffic, FALSE for outbound diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index 028208782..2c15dc5eb 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -687,6 +687,14 @@ METHOD(ike_sa_t, set_state, void, DBG1(DBG_IKE, "maximum IKE_SA lifetime %ds", t); } trigger_dpd = this->peer_cfg->get_dpd(this->peer_cfg); + if (trigger_dpd) + { + /* Some peers delay the DELETE after rekeying an IKE_SA. + * If this delay is longer than our DPD delay, we would + * send a DPD request here. The IKE_SA is not ready to do + * so yet, so prevent that. */ + this->stats[STAT_INBOUND] = this->stats[STAT_ESTABLISHED]; + } } break; } @@ -1162,26 +1170,13 @@ METHOD(ike_sa_t, initiate, status_t, #endif /* ME */ ) { - bool is_anyaddr; - host_t *host; char *addr; - addr = this->ike_cfg->get_my_addr(this->ike_cfg); - host = this->ike_cfg->resolve_other(this->ike_cfg, AF_UNSPEC); - is_anyaddr = host && host->is_anyaddr(host); - DESTROY_IF(host); - - if (is_anyaddr || !this->retry_initiate_interval) + addr = this->ike_cfg->get_other_addr(this->ike_cfg); + if (!this->retry_initiate_interval) { - if (is_anyaddr) - { - DBG1(DBG_IKE, "unable to initiate to %s", addr); - } - else - { - DBG1(DBG_IKE, "unable to resolve %s, initiate aborted", - addr); - } + DBG1(DBG_IKE, "unable to resolve %s, initiate aborted", + addr); DESTROY_IF(child_cfg); charon->bus->alert(charon->bus, ALERT_PEER_ADDR_FAILED); return DESTROY_ME; @@ -2130,7 +2125,10 @@ METHOD(ike_sa_t, destroy, void, charon->bus->set_sa(charon->bus, &this->public); set_state(this, IKE_DESTROYING); - DESTROY_IF(this->task_manager); + if (this->task_manager) + { + this->task_manager->flush(this->task_manager); + } /* remove attributes first, as we pass the IKE_SA to the handler */ while (array_remove(this->attributes, ARRAY_TAIL, &entry)) @@ -2174,6 +2172,7 @@ METHOD(ike_sa_t, destroy, void, charon->bus->set_sa(charon->bus, NULL); array_destroy(this->child_sas); + DESTROY_IF(this->task_manager); DESTROY_IF(this->keymat); array_destroy(this->attributes); array_destroy(this->my_vips); @@ -2330,11 +2329,11 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, bool initiator, .attributes = array_create(sizeof(attribute_entry_t), 0), .unique_id = ref_get(&unique_id), .keepalive_interval = lib->settings->get_time(lib->settings, - "%s.keep_alive", KEEPALIVE_INTERVAL, charon->name), + "%s.keep_alive", KEEPALIVE_INTERVAL, lib->ns), .retry_initiate_interval = lib->settings->get_time(lib->settings, - "%s.retry_initiate_interval", 0, charon->name), + "%s.retry_initiate_interval", 0, lib->ns), .flush_auth_cfg = lib->settings->get_bool(lib->settings, - "%s.flush_auth_cfg", FALSE, charon->name), + "%s.flush_auth_cfg", FALSE, lib->ns), ); if (version == IKEV2) diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c index 5768803aa..f2f81cf33 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c @@ -2150,17 +2150,17 @@ ike_sa_manager_t *ike_sa_manager_create() } this->ikesa_limit = lib->settings->get_int(lib->settings, - "%s.ikesa_limit", 0, charon->name); + "%s.ikesa_limit", 0, lib->ns); this->table_size = get_nearest_powerof2(lib->settings->get_int( lib->settings, "%s.ikesa_table_size", - DEFAULT_HASHTABLE_SIZE, charon->name)); + DEFAULT_HASHTABLE_SIZE, lib->ns)); this->table_size = max(1, min(this->table_size, MAX_HASHTABLE_SIZE)); this->table_mask = this->table_size - 1; this->segment_count = get_nearest_powerof2(lib->settings->get_int( lib->settings, "%s.ikesa_table_segments", - DEFAULT_SEGMENT_COUNT, charon->name)); + DEFAULT_SEGMENT_COUNT, lib->ns)); this->segment_count = max(1, min(this->segment_count, this->table_size)); this->segment_mask = this->segment_count - 1; @@ -2200,6 +2200,6 @@ ike_sa_manager_t *ike_sa_manager_create() } this->reuse_ikesa = lib->settings->get_bool(lib->settings, - "%s.reuse_ikesa", TRUE, charon->name); + "%s.reuse_ikesa", TRUE, lib->ns); return &this->public; } diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c index 597416e36..8fc158bba 100644 --- a/src/libcharon/sa/ikev1/task_manager_v1.c +++ b/src/libcharon/sa/ikev1/task_manager_v1.c @@ -339,10 +339,8 @@ METHOD(task_manager_t, flush_queue, void, } } -/** - * flush all tasks in the task manager - */ -static void flush(private_task_manager_t *this) +METHOD(task_manager_t, flush, void, + private_task_manager_t *this) { flush_queue(this, TASK_QUEUE_QUEUED); flush_queue(this, TASK_QUEUE_PASSIVE); @@ -1581,7 +1579,7 @@ METHOD(task_manager_t, process_message, status_t, lib->scheduler->schedule_job(lib->scheduler, job, lib->settings->get_int(lib->settings, "%s.half_open_timeout", HALF_OPEN_IKE_SA_TIMEOUT, - charon->name)); + lib->ns)); } this->ike_sa->update_hosts(this->ike_sa, me, other, TRUE); charon->bus->message(charon->bus, msg, TRUE, TRUE); @@ -2070,6 +2068,7 @@ task_manager_v1_t *task_manager_v1_create(ike_sa_t *ike_sa) .adopt_child_tasks = _adopt_child_tasks, .busy = _busy, .create_task_enumerator = _create_task_enumerator, + .flush = _flush, .flush_queue = _flush_queue, .destroy = _destroy, }, @@ -2083,9 +2082,9 @@ task_manager_v1_t *task_manager_v1_create(ike_sa_t *ike_sa) .frag = { .exchange = ID_PROT, .max_packet = lib->settings->get_int(lib->settings, - "%s.max_packet", MAX_PACKET, charon->name), + "%s.max_packet", MAX_PACKET, lib->ns), .size = lib->settings->get_int(lib->settings, - "%s.fragment_size", MAX_FRAGMENT_SIZE, charon->name), + "%s.fragment_size", MAX_FRAGMENT_SIZE, lib->ns), }, .ike_sa = ike_sa, .rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK), @@ -2093,11 +2092,11 @@ task_manager_v1_t *task_manager_v1_create(ike_sa_t *ike_sa) .active_tasks = linked_list_create(), .passive_tasks = linked_list_create(), .retransmit_tries = lib->settings->get_int(lib->settings, - "%s.retransmit_tries", RETRANSMIT_TRIES, charon->name), + "%s.retransmit_tries", RETRANSMIT_TRIES, lib->ns), .retransmit_timeout = lib->settings->get_double(lib->settings, - "%s.retransmit_timeout", RETRANSMIT_TIMEOUT, charon->name), + "%s.retransmit_timeout", RETRANSMIT_TIMEOUT, lib->ns), .retransmit_base = lib->settings->get_double(lib->settings, - "%s.retransmit_base", RETRANSMIT_BASE, charon->name), + "%s.retransmit_base", RETRANSMIT_BASE, lib->ns), ); if (!this->rng) diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c index 46cbb879b..6cc3e04b3 100644 --- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c +++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c @@ -421,7 +421,7 @@ METHOD(task_t, process_r, status_t, case AUTH_PSK: if (!lib->settings->get_bool(lib->settings, "%s.i_dont_care" "_about_security_and_use_aggressive_mode_psk", - FALSE, charon->name)) + FALSE, lib->ns)) { DBG1(DBG_IKE, "Aggressive Mode PSK disabled for " "security reasons"); @@ -478,7 +478,7 @@ METHOD(task_t, process_r, status_t, while (TRUE) { if (this->ph1->verify_auth(this->ph1, this->method, message, - this->id_data)) + chunk_clone(this->id_data))) { break; } @@ -487,12 +487,10 @@ METHOD(task_t, process_r, status_t, this->method, TRUE, NULL); if (!this->peer_cfg) { - this->id_data = chunk_empty; return send_delete(this); } this->ike_sa->set_peer_cfg(this->ike_sa, this->peer_cfg); } - this->id_data = chunk_empty; if (!charon->bus->authorize(charon->bus, FALSE)) { diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c index 11155b287..e07ac0ab4 100644 --- a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c +++ b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c @@ -191,9 +191,9 @@ static void build(private_isakmp_vendor_t *this, message_t *message) int i; strongswan = lib->settings->get_bool(lib->settings, - "%s.send_vendor_id", FALSE, charon->name); + "%s.send_vendor_id", FALSE, lib->ns); cisco_unity = lib->settings->get_bool(lib->settings, - "%s.cisco_unity", FALSE, charon->name); + "%s.cisco_unity", FALSE, lib->ns); ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa); fragmentation = ike_cfg->fragmentation(ike_cfg) != FRAGMENTATION_NO; if (!this->initiator && fragmentation) diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 12ee594b9..6e7da9852 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -194,7 +194,7 @@ static void schedule_inactivity_timeout(private_quick_mode_t *this) if (timeout) { close_ike = lib->settings->get_bool(lib->settings, - "%s.inactivity_close_ike", FALSE, charon->name); + "%s.inactivity_close_ike", FALSE, lib->ns); lib->scheduler->schedule_job(lib->scheduler, (job_t*) inactivity_job_create(this->child_sa->get_reqid(this->child_sa), timeout, close_ike), timeout); diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c index 4d0683f0a..8c7ba8d55 100644 --- a/src/libcharon/sa/ikev2/keymat_v2.c +++ b/src/libcharon/sa/ikev2/keymat_v2.c @@ -278,6 +278,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, { DBG1(DBG_IKE, "no %N selected", transform_type_names, PSEUDO_RANDOM_FUNCTION); + chunk_clear(&secret); return FALSE; } this->prf_alg = alg; @@ -287,6 +288,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, DBG1(DBG_IKE, "%N %N not supported!", transform_type_names, PSEUDO_RANDOM_FUNCTION, pseudo_random_function_names, alg); + chunk_clear(&secret); return FALSE; } DBG4(DBG_IKE, "shared Diffie Hellman secret %B", &secret); @@ -339,6 +341,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, { DBG1(DBG_IKE, "PRF of old SA %N not supported!", pseudo_random_function_names, rekey_function); + chunk_clear(&secret); chunk_free(&full_nonce); chunk_free(&fixed_nonce); chunk_clear(&prf_plus_seed); @@ -450,17 +453,6 @@ METHOD(keymat_v2_t, derive_child_keys, bool, chunk_t seed, secret = chunk_empty; prf_plus_t *prf_plus; - if (dh) - { - if (dh->get_shared_secret(dh, &secret) != SUCCESS) - { - return FALSE; - } - DBG4(DBG_CHD, "DH secret %B", &secret); - } - seed = chunk_cata("mcc", secret, nonce_i, nonce_r); - DBG4(DBG_CHD, "seed %B", &seed); - if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &enc_alg, &enc_size)) { @@ -527,7 +519,21 @@ METHOD(keymat_v2_t, derive_child_keys, bool, { return FALSE; } + + if (dh) + { + if (dh->get_shared_secret(dh, &secret) != SUCCESS) + { + return FALSE; + } + DBG4(DBG_CHD, "DH secret %B", &secret); + } + seed = chunk_cata("scc", secret, nonce_i, nonce_r); + DBG4(DBG_CHD, "seed %B", &seed); + prf_plus = prf_plus_create(this->prf, TRUE, seed); + memwipe(seed.ptr, seed.len); + if (!prf_plus) { return FALSE; @@ -590,7 +596,7 @@ METHOD(keymat_v2_t, get_auth_octets, bool, idx = chunk_cata("cc", chunk, id->get_encoding(id)); DBG3(DBG_IKE, "IDx' %B", &idx); - DBG3(DBG_IKE, "SK_p %B", &skp); + DBG4(DBG_IKE, "SK_p %B", &skp); if (!this->prf->set_key(this->prf, skp) || !this->prf->allocate_bytes(this->prf, idx, &chunk)) { diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c index 8e6da1609..ac3be900f 100644 --- a/src/libcharon/sa/ikev2/task_manager_v2.c +++ b/src/libcharon/sa/ikev2/task_manager_v2.c @@ -184,10 +184,8 @@ METHOD(task_manager_t, flush_queue, void, } } -/** - * flush all tasks in the task manager - */ -static void flush(private_task_manager_t *this) +METHOD(task_manager_t, flush, void, + private_task_manager_t *this) { flush_queue(this, TASK_QUEUE_QUEUED); flush_queue(this, TASK_QUEUE_PASSIVE); @@ -1231,7 +1229,7 @@ METHOD(task_manager_t, process_message, status_t, lib->scheduler->schedule_job(lib->scheduler, job, lib->settings->get_int(lib->settings, "%s.half_open_timeout", HALF_OPEN_IKE_SA_TIMEOUT, - charon->name)); + lib->ns)); } return SUCCESS; } @@ -1569,6 +1567,7 @@ task_manager_v2_t *task_manager_v2_create(ike_sa_t *ike_sa) .adopt_child_tasks = _adopt_child_tasks, .busy = _busy, .create_task_enumerator = _create_task_enumerator, + .flush = _flush, .flush_queue = _flush_queue, .destroy = _destroy, }, @@ -1579,11 +1578,11 @@ task_manager_v2_t *task_manager_v2_create(ike_sa_t *ike_sa) .active_tasks = array_create(0, 0), .passive_tasks = array_create(0, 0), .retransmit_tries = lib->settings->get_int(lib->settings, - "%s.retransmit_tries", RETRANSMIT_TRIES, charon->name), + "%s.retransmit_tries", RETRANSMIT_TRIES, lib->ns), .retransmit_timeout = lib->settings->get_double(lib->settings, - "%s.retransmit_timeout", RETRANSMIT_TIMEOUT, charon->name), + "%s.retransmit_timeout", RETRANSMIT_TIMEOUT, lib->ns), .retransmit_base = lib->settings->get_double(lib->settings, - "%s.retransmit_base", RETRANSMIT_BASE, charon->name), + "%s.retransmit_base", RETRANSMIT_BASE, lib->ns), ); return &this->public; diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c index 7cfa537a9..df7bc96d6 100644 --- a/src/libcharon/sa/ikev2/tasks/child_create.c +++ b/src/libcharon/sa/ikev2/tasks/child_create.c @@ -293,7 +293,7 @@ static void schedule_inactivity_timeout(private_child_create_t *this) if (timeout) { close_ike = lib->settings->get_bool(lib->settings, - "%s.inactivity_close_ike", FALSE, charon->name); + "%s.inactivity_close_ike", FALSE, lib->ns); lib->scheduler->schedule_job(lib->scheduler, (job_t*) inactivity_job_create(this->child_sa->get_reqid(this->child_sa), timeout, close_ike), timeout); @@ -1072,7 +1072,7 @@ static void handle_child_sa_failure(private_child_create_t *this, { if (message->get_exchange_type(message) == IKE_AUTH && lib->settings->get_bool(lib->settings, - "%s.close_ike_on_child_failure", FALSE, charon->name)) + "%s.close_ike_on_child_failure", FALSE, lib->ns)) { /* we delay the delete for 100ms, as the IKE_AUTH response must arrive * first */ diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c b/src/libcharon/sa/ikev2/tasks/ike_auth.c index 8f83c4884..800dab07e 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth.c +++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c @@ -120,7 +120,7 @@ struct private_ike_auth_t { static bool multiple_auth_enabled() { return lib->settings->get_bool(lib->settings, - "%s.multiple_authentication", TRUE, charon->name); + "%s.multiple_authentication", TRUE, lib->ns); } /** diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c index 2cbe8f8c5..bd28b29d7 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c +++ b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c @@ -428,7 +428,7 @@ static void build_certreqs(private_ike_cert_pre_t *this, message_t *message) message->add_payload(message, (payload_t*)req); if (lib->settings->get_bool(lib->settings, - "%s.hash_and_url", FALSE, charon->name)) + "%s.hash_and_url", FALSE, lib->ns)) { message->add_notify(message, FALSE, HTTP_CERT_LOOKUP_SUPPORTED, chunk_empty); diff --git a/src/libcharon/sa/ikev2/tasks/ike_vendor.c b/src/libcharon/sa/ikev2/tasks/ike_vendor.c index 2730f5876..16ac16673 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_vendor.c +++ b/src/libcharon/sa/ikev2/tasks/ike_vendor.c @@ -42,24 +42,60 @@ struct private_ike_vendor_t { }; /** - * strongSwan specific vendor ID without version, MD5("strongSwan") + * Vendor ID database entry */ -static chunk_t strongswan_vid = chunk_from_chars( - 0x88,0x2f,0xe5,0x6d,0x6f,0xd2,0x0d,0xbc, - 0x22,0x51,0x61,0x3b,0x2e,0xbe,0x5b,0xeb -); +typedef struct { + /* Description */ + char *desc; + /* extension flag negotiated with vendor ID, if any */ + ike_extension_t extension; + /* length of vendor ID string, 0 for NULL terminated */ + int len; + /* vendor ID string */ + char *id; +} vid_data_t; + +/** + * Get the data of a vendor ID as a chunk + */ +static chunk_t get_vid_data(vid_data_t *data) +{ + return chunk_create(data->id, data->len ?: strlen(data->id)); +} + +/** + * IKEv2 Vendor ID database entry + */ +static vid_data_t vids[] = { + /* strongSwan MD5("strongSwan") */ + { "strongSwan", EXT_STRONGSWAN, 16, + "\x88\x2f\xe5\x6d\x6f\xd2\x0d\xbc\x22\x51\x61\x3b\x2e\xbe\x5b\xeb"}, + { "Cisco Delete Reason", 0, 0, + "CISCO-DELETE-REASON" }, + { "Cisco Copyright (c) 2009", 0, 0, + "CISCO(COPYRIGHT)&Copyright (c) 2009 Cisco Systems, Inc." }, + { "FRAGMENTATION", 0, 16, + "\x40\x48\xb7\xd5\x6e\xbc\xe8\x85\x25\xe7\xde\x7f\x00\xd6\xc2\xd3"}, +}; METHOD(task_t, build, status_t, private_ike_vendor_t *this, message_t *message) { - if (lib->settings->get_bool(lib->settings, - "%s.send_vendor_id", FALSE, charon->name)) - { - vendor_id_payload_t *vid; + vendor_id_payload_t *vid; + bool strongswan; + int i; - vid = vendor_id_payload_create_data(VENDOR_ID, - chunk_clone(strongswan_vid)); - message->add_payload(message, &vid->payload_interface); + strongswan = lib->settings->get_bool(lib->settings, + "%s.send_vendor_id", FALSE, lib->ns); + for (i = 0; i < countof(vids); i++) + { + if (vids[i].extension == EXT_STRONGSWAN && strongswan) + { + DBG2(DBG_IKE, "sending %s vendor ID", vids[i].desc); + vid = vendor_id_payload_create_data(VENDOR_ID, + chunk_clone(get_vid_data(&vids[i]))); + message->add_payload(message, &vid->payload_interface); + } } return this->initiator ? NEED_MORE : SUCCESS; @@ -70,6 +106,7 @@ METHOD(task_t, process, status_t, { enumerator_t *enumerator; payload_t *payload; + int i; enumerator = message->create_payload_enumerator(message); while (enumerator->enumerate(enumerator, &payload)) @@ -78,16 +115,26 @@ METHOD(task_t, process, status_t, { vendor_id_payload_t *vid; chunk_t data; + bool found = FALSE; vid = (vendor_id_payload_t*)payload; data = vid->get_data(vid); - if (chunk_equals(data, strongswan_vid)) + for (i = 0; i < countof(vids); i++) { - DBG1(DBG_IKE, "received strongSwan vendor ID"); - this->ike_sa->enable_extension(this->ike_sa, EXT_STRONGSWAN); + if (chunk_equals(get_vid_data(&vids[i]), data)) + { + DBG1(DBG_IKE, "received %s vendor ID", vids[i].desc); + if (vids[i].extension) + { + this->ike_sa->enable_extension(this->ike_sa, + vids[i].extension); + } + found = TRUE; + break; + } } - else + if (!found) { DBG1(DBG_ENC, "received unknown vendor ID: %#B", &data); } diff --git a/src/libcharon/sa/task_manager.h b/src/libcharon/sa/task_manager.h index a1ebb4117..e7a6bf463 100644 --- a/src/libcharon/sa/task_manager.h +++ b/src/libcharon/sa/task_manager.h @@ -261,6 +261,11 @@ struct task_manager_t { task_queue_t queue); /** + * Flush all tasks, regardless of the queue. + */ + void (*flush)(task_manager_t *this); + + /** * Flush a queue, cancelling all tasks. * * @param queue queue to flush diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c index 1f66d6ceb..7e55d6b0f 100644 --- a/src/libcharon/sa/trap_manager.c +++ b/src/libcharon/sa/trap_manager.c @@ -19,7 +19,6 @@ #include <hydra.h> #include <daemon.h> #include <threading/rwlock.h> -#include <threading/thread_value.h> #include <collections/linked_list.h> @@ -63,11 +62,6 @@ struct private_trap_manager_t { rwlock_t *lock; /** - * track if the current thread is installing a trap policy - */ - thread_value_t *installing; - - /** * listener to track acquiring IKE_SAs */ trap_listener_t listener; @@ -77,6 +71,8 @@ struct private_trap_manager_t { * A installed trap entry */ typedef struct { + /** name of the trapped CHILD_SA */ + char *name; /** ref to peer_cfg to initiate */ peer_cfg_t *peer_cfg; /** ref to instanciated CHILD_SA */ @@ -94,6 +90,7 @@ static void destroy_entry(entry_t *entry) { entry->child_sa->destroy(entry->child_sa); entry->peer_cfg->destroy(entry->peer_cfg); + free(entry->name); free(entry); } @@ -137,27 +134,42 @@ METHOD(trap_manager_t, install, u_int32_t, } this->lock->write_lock(this->lock); - this->installing->set(this->installing, this); enumerator = this->traps->create_enumerator(this->traps); while (enumerator->enumerate(enumerator, &entry)) { - if (streq(entry->child_sa->get_name(entry->child_sa), - child->get_name(child))) + if (streq(entry->name, child->get_name(child))) { - this->traps->remove_at(this->traps, enumerator); found = entry; + if (entry->child_sa) + { /* replace it with an updated version, if already installed */ + this->traps->remove_at(this->traps, enumerator); + } break; } } enumerator->destroy(enumerator); if (found) - { /* config might have changed so update everything */ - DBG1(DBG_CFG, "updating already routed CHILD_SA '%s'", - child->get_name(child)); + { + if (!found->child_sa) + { + DBG1(DBG_CFG, "CHILD_SA '%s' is already being routed", found->name); + this->lock->unlock(this->lock); + return 0; + } + /* config might have changed so update everything */ + DBG1(DBG_CFG, "updating already routed CHILD_SA '%s'", found->name); reqid = found->child_sa->get_reqid(found->child_sa); } + INIT(entry, + .name = strdup(child->get_name(child)), + .peer_cfg = peer->get_ref(peer), + ); + this->traps->insert_first(this->traps, entry); + /* don't hold lock while creating CHILD_SA and installing policies */ + this->lock->unlock(this->lock); + /* create and route CHILD_SA */ child_sa = child_sa_create(me, other, child, reqid, FALSE); @@ -185,24 +197,19 @@ METHOD(trap_manager_t, install, u_int32_t, if (status != SUCCESS) { DBG1(DBG_CFG, "installing trap failed"); + this->lock->write_lock(this->lock); + this->traps->remove(this->traps, entry, NULL); + this->lock->unlock(this->lock); + entry->child_sa = child_sa; + destroy_entry(entry); reqid = 0; - /* hold off destroying the CHILD_SA until we released the lock */ } else { - INIT(entry, - .child_sa = child_sa, - .peer_cfg = peer->get_ref(peer), - ); - this->traps->insert_last(this->traps, entry); reqid = child_sa->get_reqid(child_sa); - } - this->installing->set(this->installing, NULL); - this->lock->unlock(this->lock); - - if (status != SUCCESS) - { - child_sa->destroy(child_sa); + this->lock->write_lock(this->lock); + entry->child_sa = child_sa; + this->lock->unlock(this->lock); } if (found) { @@ -221,7 +228,8 @@ METHOD(trap_manager_t, uninstall, bool, enumerator = this->traps->create_enumerator(this->traps); while (enumerator->enumerate(enumerator, &entry)) { - if (entry->child_sa->get_reqid(entry->child_sa) == reqid) + if (entry->child_sa && + entry->child_sa->get_reqid(entry->child_sa) == reqid) { this->traps->remove_at(this->traps, enumerator); found = entry; @@ -236,7 +244,6 @@ METHOD(trap_manager_t, uninstall, bool, DBG1(DBG_CFG, "trap %d not found to uninstall", reqid); return FALSE; } - destroy_entry(found); return TRUE; } @@ -247,6 +254,10 @@ METHOD(trap_manager_t, uninstall, bool, static bool trap_filter(rwlock_t *lock, entry_t **entry, peer_cfg_t **peer_cfg, void *none, child_sa_t **child_sa) { + if (!(*entry)->child_sa) + { /* skip entries that are currently being installed */ + return FALSE; + } if (peer_cfg) { *peer_cfg = (*entry)->peer_cfg; @@ -271,28 +282,24 @@ METHOD(trap_manager_t, find_reqid, u_int32_t, private_trap_manager_t *this, child_cfg_t *child) { enumerator_t *enumerator; - child_cfg_t *current; entry_t *entry; u_int32_t reqid = 0; - if (this->installing->get(this->installing)) - { /* current thread holds the lock */ - return reqid; - } this->lock->read_lock(this->lock); enumerator = this->traps->create_enumerator(this->traps); while (enumerator->enumerate(enumerator, &entry)) { - current = entry->child_sa->get_config(entry->child_sa); - if (streq(current->get_name(current), child->get_name(child))) + if (streq(entry->name, child->get_name(child))) { - reqid = entry->child_sa->get_reqid(entry->child_sa); + if (entry->child_sa) + { + reqid = entry->child_sa->get_reqid(entry->child_sa); + } break; } } enumerator->destroy(enumerator); this->lock->unlock(this->lock); - return reqid; } @@ -310,7 +317,8 @@ METHOD(trap_manager_t, acquire, void, enumerator = this->traps->create_enumerator(this->traps); while (enumerator->enumerate(enumerator, &entry)) { - if (entry->child_sa->get_reqid(entry->child_sa) == reqid) + if (entry->child_sa && + entry->child_sa->get_reqid(entry->child_sa) == reqid) { found = entry; break; @@ -365,6 +373,7 @@ METHOD(trap_manager_t, acquire, void, else { ike_sa->destroy(ike_sa); + charon->bus->set_sa(charon->bus, NULL); } } peer->destroy(peer); @@ -445,7 +454,6 @@ METHOD(trap_manager_t, destroy, void, { charon->bus->remove_listener(charon->bus, &this->listener.listener); this->traps->destroy_function(this->traps, (void*)destroy_entry); - this->installing->destroy(this->installing); this->lock->destroy(this->lock); free(this); } @@ -476,7 +484,6 @@ trap_manager_t *trap_manager_create(void) }, .traps = linked_list_create(), .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), - .installing = thread_value_create(NULL), ); charon->bus->add_listener(charon->bus, &this->listener.listener); diff --git a/src/libcharon/sa/xauth/xauth_manager.c b/src/libcharon/sa/xauth/xauth_manager.c index 17eecc2c9..3aabe7eae 100644 --- a/src/libcharon/sa/xauth/xauth_manager.c +++ b/src/libcharon/sa/xauth/xauth_manager.c @@ -13,6 +13,9 @@ * for more details. */ +#define _GNU_SOURCE /* for stdndup() */ +#include <string.h> + #include "xauth_manager.h" #include <collections/linked_list.h> |