[svn-upgrade] Integrating new upstream version, strongswan (4.1.10)

8 files changed, 549 insertions, 30 deletions

diff --git a/src/manager/controller/auth_controller.c b/src/manager/controller/auth_controller.c
index fd4a3c7a5..e9b86941a 100644
--- a/src/manager/controller/auth_controller.c
+++ b/src/manager/controller/auth_controller.c
@@ -60,7 +60,7 @@ static void check(private_auth_controller_t *this, request_t *request)
 	if (username && password &&
 		this->manager->login(this->manager, username, password))
 	{
-		request->redirect(request, "status/ikesalist");
+		request->redirect(request, "ikesa/list");
 	}
 	else
 	{
diff --git a/src/manager/controller/config_controller.c b/src/manager/controller/config_controller.c
new file mode 100644
index 000000000..e7941ada4
--- /dev/null
+++ b/src/manager/controller/config_controller.c
@@ -0,0 +1,214 @@
+/**
+ * @file config_controller.c
+ *
+ * @brief Implementation of config_controller_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "config_controller.h"
+#include "../manager.h"
+#include "../gateway.h"
+
+#include <xml.h>
+
+#include <library.h>
+
+
+typedef struct private_config_controller_t private_config_controller_t;
+
+/**
+ * private data of the task manager
+ */
+struct private_config_controller_t {
+
+	/**
+	 * public functions
+	 */
+	config_controller_t public;
+	
+	/**
+	 * manager instance
+	 */
+	manager_t *manager;
+};
+
+/**
+ * read XML of a peerconfig element and fill template
+ */
+static void process_peerconfig(private_config_controller_t *this,
+							   enumerator_t *e, request_t *r)
+{
+	xml_t *xml;
+	enumerator_t *e1, *e2, *e3;
+	char *name, *value, *config = "", *child = "", *section = "";
+
+	while (e->enumerate(e, &xml, &name, &value))
+	{
+		if (streq(name, "name"))
+		{
+			config = value;	
+		}
+		else if (streq(name, "ikeconfig"))
+		{
+			e1 = xml->children(xml);
+			while (e1->enumerate(e1, &xml, &name, &value))
+			{
+				if (streq(name, "local") || streq(name, "remote"))
+				{
+					if (streq(value, "0.0.0.0") || streq(value, "::"))
+					{
+						value = "%any";
+					}
+					r->setf(r, "peercfgs.%s.ikecfg.%s=%s", config, name, value);
+				}
+			}
+			e1->destroy(e1);
+		}
+		else if (streq(name, "childconfiglist"))
+		{
+			e1 = xml->children(xml);
+			while (e1->enumerate(e1, &xml, &name, &value))
+			{
+				if (streq(name, "childconfig"))
+				{
+					int num = 0;
+					
+					e2 = xml->children(xml);
+					while (e2->enumerate(e2, &xml, &name, &value))
+					{
+						if (streq(name, "name"))
+						{
+							child = value;
+						}
+						else if (streq(name, "local") || streq(name, "remote"))
+						{
+							section = name;
+							e3 = xml->children(xml);
+							while (e3->enumerate(e3, &xml, &name, &value))
+							{
+								if (streq(name, "network"))
+								{
+									r->setf(r, "peercfgs.%s.childcfgs.%s.%s.networks.%d=%s",
+											config, child, section, ++num, value);
+								}
+							}
+							e3->destroy(e3);
+						}
+					}
+					e2->destroy(e2);
+				}
+			}
+			e1->destroy(e1);
+		}
+		else
+		{
+			r->setf(r, "peercfgs.%s.%s=%s", config, name, value);
+		}
+	}
+}
+
+static void list(private_config_controller_t *this, request_t *r)
+{
+	gateway_t *gateway;
+	xml_t *xml;
+	enumerator_t *e1, *e2;
+	char *name, *value;
+
+	gateway = this->manager->select_gateway(this->manager, 0);
+	e1 = gateway->query_configlist(gateway);
+	if (e1 == NULL)
+	{
+		r->set(r, "title", "Error");
+		r->set(r, "error", "querying the gateway failed");
+		r->render(r, "templates/error.cs");
+	}
+	else
+	{
+		r->set(r, "title", "Configuration overview");
+
+		while (e1->enumerate(e1, &xml, &name, &value))
+		{
+			if (streq(name, "peerconfig"))
+			{
+				e2 = xml->children(xml);
+				process_peerconfig(this, e2, r);
+				e2->destroy(e2);
+			}
+		}
+		e1->destroy(e1);
+
+		r->render(r, "templates/config/list.cs");
+	}
+}
+
+/**
+ * Implementation of controller_t.get_name
+ */
+static char* get_name(private_config_controller_t *this)
+{
+	return "config";
+}
+
+/**
+ * Implementation of controller_t.handle
+ */
+static void handle(private_config_controller_t *this,
+				   request_t *request, char *action)
+{
+	if (!this->manager->logged_in(this->manager))
+	{
+		return request->redirect(request, "auth/login");
+	}
+	if (this->manager->select_gateway(this->manager, 0) == NULL)
+	{
+		return request->redirect(request, "gateway/list");
+	}
+	if (action)
+	{
+		if (streq(action, "list"))
+		{
+			return list(this, request);
+		}
+	}
+	return request->redirect(request, "config/list");
+}
+
+/**
+ * Implementation of controller_t.destroy
+ */
+static void destroy(private_config_controller_t *this)
+{
+	free(this);
+}
+
+/*
+ * see header file
+ */
+controller_t *config_controller_create(context_t *context, void *param)
+{
+	private_config_controller_t *this = malloc_thing(private_config_controller_t);
+
+	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
+	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;
+	this->public.controller.destroy = (void(*)(controller_t*))destroy;
+	
+	this->manager = (manager_t*)context;
+	
+	return &this->public.controller;
+}
+
diff --git a/src/manager/controller/status_controller.h b/src/manager/controller/config_controller.h
index a736dda83..fcf5f5c49 100644
--- a/src/manager/controller/status_controller.h
+++ b/src/manager/controller/config_controller.h
@@ -1,7 +1,7 @@
 /**
- * @file status_controller.h
+ * @file config_controller.h
  * 
- * @brief Interface of status_controller_t.
+ * @brief Interface of config_controller_t.
  * 
  */
 
@@ -20,18 +20,18 @@
  * for more details.
  */
 
-#ifndef STATUS_CONTROLLER_H_
-#define STATUS_CONTROLLER_H_
+#ifndef CONFIG_CONTROLLER_H_
+#define CONFIG_CONTROLLER_H_
 
 
 #include <controller.h>
 
-typedef struct status_controller_t status_controller_t;
+typedef struct config_controller_t config_controller_t;
 
 /**
  * @brief Status controller.
  */
-struct status_controller_t {
+struct config_controller_t {
 
 	/**
 	 * Implements controller_t interface.
@@ -40,8 +40,8 @@ struct status_controller_t {
 };
 
 /**
- * @brief Create a status_controller controller instance.
+ * @brief Create a config_controller controller instance.
  */
-controller_t *status_controller_create(context_t *context, void *param);
+controller_t *config_controller_create(context_t *context, void *param);
 
-#endif /* STATUS_CONTROLLER_H_ */
+#endif /* CONFIG_CONTROLLER_H_ */
diff --git a/src/manager/controller/control_controller.c b/src/manager/controller/control_controller.c
new file mode 100644
index 000000000..12cb5e907
--- /dev/null
+++ b/src/manager/controller/control_controller.c
@@ -0,0 +1,211 @@
+/**
+ * @file control_controller.c
+ *
+ * @brief Implementation of control_controller_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "control_controller.h"
+#include "../manager.h"
+#include "../gateway.h"
+
+#include <xml.h>
+
+#include <library.h>
+
+
+typedef struct private_control_controller_t private_control_controller_t;
+
+/**
+ * private data of the task manager
+ */
+struct private_control_controller_t {
+
+	/**
+	 * public functions
+	 */
+	control_controller_t public;
+	
+	/**
+	 * manager instance
+	 */
+	manager_t *manager;
+};
+
+/**
+ * handle the result of a control operation
+ */
+static void handle_result(private_control_controller_t *this, request_t *r,
+						  enumerator_t *e)
+{
+	enumerator_t *e1;
+	xml_t *xml;
+	char *name, *value;
+	int num = 0;
+	
+	if (e)
+	{
+		while (e->enumerate(e, &xml, &name, &value))
+		{
+			if (streq(name, "status"))
+			{
+				if (value && atoi(value) == 0)
+				{
+					r->set(r, "result", "Operation executed successfully:");
+				}
+				else
+				{
+					r->set(r, "result", "Operation failed:");
+				}
+			}
+			else if (streq(name, "log"))
+			{
+				e1 = xml->children(xml);
+				while (e1->enumerate(e1, &xml, &name, &value))
+				{
+					if (streq(name, "item"))
+					{
+						r->setf(r, "log.%d=%s", ++num, value);
+					}
+				}
+				e1->destroy(e1);
+			}
+		}
+		e->destroy(e);
+		r->render(r, "templates/control/result.cs");
+	}
+	else
+	{
+		r->set(r, "title", "Error");
+		r->set(r, "error", "controlling the gateway failed");
+		r->render(r, "templates/error.cs");
+	}
+}
+
+/**
+ * initiate an IKE or CHILD SA
+ */
+static void initiate(private_control_controller_t *this, request_t *r,
+					 bool ike, char *config)
+{
+	gateway_t *gateway;
+	enumerator_t *e;
+
+	r->setf(r, "title=Establishing %s SA %s", ike ? "IKE" : "CHILD", config);
+	gateway = this->manager->select_gateway(this->manager, 0);
+	e = gateway->initiate(gateway, ike, config);
+	handle_result(this, r, e);
+}
+
+/**
+ * terminate an IKE or CHILD SA
+ */
+static void terminate(private_control_controller_t *this, request_t *r,
+					  bool ike, u_int32_t id)
+{
+	gateway_t *gateway;
+	enumerator_t *e;
+	
+	r->setf(r, "title=Terminate %s SA %d", ike ? "IKE" : "CHILD", id);
+	gateway = this->manager->select_gateway(this->manager, 0);
+	e = gateway->terminate(gateway, ike, id);
+	handle_result(this, r, e);
+}
+
+/**
+ * Implementation of controller_t.get_name
+ */
+static char* get_name(private_control_controller_t *this)
+{
+	return "control";
+}
+
+/**
+ * Implementation of controller_t.handle
+ */
+static void handle(private_control_controller_t *this,
+				   request_t *request, char *action, char *str)
+{
+	if (!this->manager->logged_in(this->manager))
+	{
+		return request->redirect(request, "auth/login");
+	}
+	if (this->manager->select_gateway(this->manager, 0) == NULL)
+	{
+		return request->redirect(request, "gateway/list");
+	}
+	if (action)
+	{
+		u_int32_t id;
+	
+		if (streq(action, "terminateike"))
+		{
+			if (str && (id = atoi(str)))
+			{
+				return terminate(this, request, TRUE, id);
+			}
+		}
+		if (streq(action, "terminatechild"))
+		{
+			if (str && (id = atoi(str)))
+			{
+				return terminate(this, request, FALSE, id);
+			}
+		}
+		if (streq(action, "initiateike"))
+		{
+			if (str)
+			{
+				return initiate(this, request, TRUE, str);
+			}
+		}
+		if (streq(action, "initiatechild"))
+		{
+			if (str)
+			{
+				return initiate(this, request, FALSE, str);
+			}
+		}
+	}
+	return request->redirect(request, "ikesa/list");
+}
+
+/**
+ * Implementation of controller_t.destroy
+ */
+static void destroy(private_control_controller_t *this)
+{
+	free(this);
+}
+
+/*
+ * see header file
+ */
+controller_t *control_controller_create(context_t *context, void *param)
+{
+	private_control_controller_t *this = malloc_thing(private_control_controller_t);
+
+	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
+	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;
+	this->public.controller.destroy = (void(*)(controller_t*))destroy;
+	
+	this->manager = (manager_t*)context;
+	
+	return &this->public.controller;
+}
+
diff --git a/src/manager/controller/control_controller.h b/src/manager/controller/control_controller.h
new file mode 100644
index 000000000..6a55170aa
--- /dev/null
+++ b/src/manager/controller/control_controller.h
@@ -0,0 +1,47 @@
+/**
+ * @file control_controller.h
+ * 
+ * @brief Interface of control_controller_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CONTROL_CONTROLLER_H_
+#define CONTROL_CONTROLLER_H_
+
+
+#include <controller.h>
+
+typedef struct control_controller_t control_controller_t;
+
+/**
+ * @brief Status controller.
+ */
+struct control_controller_t {
+
+	/**
+	 * Implements controller_t interface.
+	 */
+	controller_t controller;
+};
+
+/**
+ * @brief Create a control_controller controller instance.
+ */
+controller_t *control_controller_create(context_t *context, void *param);
+
+#endif /* CONTROL_CONTROLLER_H_ */
diff --git a/src/manager/controller/gateway_controller.c b/src/manager/controller/gateway_controller.c
index bdc779256..dff1cf3cf 100644
--- a/src/manager/controller/gateway_controller.c
+++ b/src/manager/controller/gateway_controller.c
@@ -82,7 +82,7 @@ static void _select(private_gateway_controller_t *this, request_t *request)
 	{
 		if (this->manager->select_gateway(this->manager, atoi(id)))
 		{
-			request->redirect(request, "status/ikesalist");
+			request->redirect(request, "ikesa/list");
 			return;
 		}
 	}
diff --git a/src/manager/controller/status_controller.c b/src/manager/controller/ikesa_controller.c
index bcdbd26ea..2b282b79c 100644
--- a/src/manager/controller/status_controller.c
+++ b/src/manager/controller/ikesa_controller.c
@@ -1,7 +1,7 @@
 /**
- * @file status_controller.c
+ * @file ikesa_controller.c
  *
- * @brief Implementation of status_controller_t.
+ * @brief Implementation of ikesa_controller_t.
  *
  */
 
@@ -20,7 +20,7 @@
  * for more details.
  */
 
-#include "status_controller.h"
+#include "ikesa_controller.h"
 #include "../manager.h"
 #include "../gateway.h"
 
@@ -29,17 +29,17 @@
 #include <library.h>
 
 
-typedef struct private_status_controller_t private_status_controller_t;
+typedef struct private_ikesa_controller_t private_ikesa_controller_t;
 
 /**
  * private data of the task manager
  */
-struct private_status_controller_t {
+struct private_ikesa_controller_t {
 
 	/**
 	 * public functions
 	 */
-	status_controller_t public;
+	ikesa_controller_t public;
 	
 	/**
 	 * manager instance
@@ -50,7 +50,7 @@ struct private_status_controller_t {
 /**
  * read XML of a childsa element and fill template
  */
-static void process_childsa(private_status_controller_t *this, char *id,
+static void process_childsa(private_ikesa_controller_t *this, char *id,
 							enumerator_t *e, request_t *r)
 {
 	xml_t *xml;
@@ -102,7 +102,7 @@ static void process_childsa(private_status_controller_t *this, char *id,
 /**
  * read XML of a ikesa element and fill template
  */
-static void process_ikesa(private_status_controller_t *this,
+static void process_ikesa(private_ikesa_controller_t *this,
 						  enumerator_t *e, request_t *r)
 {
 	xml_t *xml;
@@ -146,7 +146,7 @@ static void process_ikesa(private_status_controller_t *this,
 	}
 }
 
-static void ikesalist(private_status_controller_t *this, request_t *r)
+static void list(private_ikesa_controller_t *this, request_t *r)
 {
 	gateway_t *gateway;
 	xml_t *xml;
@@ -176,22 +176,22 @@ static void ikesalist(private_status_controller_t *this, request_t *r)
 		}
 		e1->destroy(e1);
 
-		r->render(r, "templates/status/ikesalist.cs");
+		r->render(r, "templates/ikesa/list.cs");
 	}
 }
 
 /**
  * Implementation of controller_t.get_name
  */
-static char* get_name(private_status_controller_t *this)
+static char* get_name(private_ikesa_controller_t *this)
 {
-	return "status";
+	return "ikesa";
 }
 
 /**
  * Implementation of controller_t.handle
  */
-static void handle(private_status_controller_t *this,
+static void handle(private_ikesa_controller_t *this,
 				   request_t *request, char *action)
 {
 	if (!this->manager->logged_in(this->manager))
@@ -204,18 +204,18 @@ static void handle(private_status_controller_t *this,
 	}
 	if (action)
 	{
-		if (streq(action, "ikesalist"))
+		if (streq(action, "list"))
 		{
-			return ikesalist(this, request);
+			return list(this, request);
 		}
 	}
-	return request->redirect(request, "status/ikesalist");
+	return request->redirect(request, "ikesa/list");
 }
 
 /**
  * Implementation of controller_t.destroy
  */
-static void destroy(private_status_controller_t *this)
+static void destroy(private_ikesa_controller_t *this)
 {
 	free(this);
 }
@@ -223,9 +223,9 @@ static void destroy(private_status_controller_t *this)
 /*
  * see header file
  */
-controller_t *status_controller_create(context_t *context, void *param)
+controller_t *ikesa_controller_create(context_t *context, void *param)
 {
-	private_status_controller_t *this = malloc_thing(private_status_controller_t);
+	private_ikesa_controller_t *this = malloc_thing(private_ikesa_controller_t);
 
 	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
 	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;
diff --git a/src/manager/controller/ikesa_controller.h b/src/manager/controller/ikesa_controller.h
new file mode 100644
index 000000000..753cccad1
--- /dev/null
+++ b/src/manager/controller/ikesa_controller.h
@@ -0,0 +1,47 @@
+/**
+ * @file ikesa_controller.h
+ * 
+ * @brief Interface of ikesa_controller_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef IKESA_CONTROLLER_H_
+#define IKESA_CONTROLLER_H_
+
+
+#include <controller.h>
+
+typedef struct ikesa_controller_t ikesa_controller_t;
+
+/**
+ * @brief Status controller.
+ */
+struct ikesa_controller_t {
+
+	/**
+	 * Implements controller_t interface.
+	 */
+	controller_t controller;
+};
+
+/**
+ * @brief Create a ikesa_controller controller instance.
+ */
+controller_t *ikesa_controller_create(context_t *context, void *param);
+
+#endif /* IKESA_CONTROLLER_H_ */