[svn-upgrade] Integrating new upstream version, strongswan (4.1.8)

6 files changed, 659 insertions, 0 deletions

diff --git a/src/manager/controller/auth_controller.c b/src/manager/controller/auth_controller.c
new file mode 100644
index 000000000..fd4a3c7a5
--- /dev/null
+++ b/src/manager/controller/auth_controller.c
@@ -0,0 +1,132 @@
+/**
+ * @file auth_controller.c
+ *
+ * @brief Implementation of auth_controller_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "auth_controller.h"
+#include "../manager.h"
+
+#include <library.h>
+
+
+typedef struct private_auth_controller_t private_auth_controller_t;
+
+/**
+ * private data of the task manager
+ */
+struct private_auth_controller_t {
+
+	/**
+	 * public functions
+	 */
+	auth_controller_t public;
+	
+	/**
+	 * manager instance
+	 */
+	manager_t *manager;
+};
+
+static void login(private_auth_controller_t *this, request_t *request)
+{
+	request->set(request, "action", "check");
+	request->set(request, "title", "Login");
+	request->render(request, "templates/auth/login.cs");
+}
+
+static void check(private_auth_controller_t *this, request_t *request)
+{
+	char *username, *password;
+	
+	username = request->get_query_data(request, "username");
+	password = request->get_query_data(request, "password");
+	if (username && password &&
+		this->manager->login(this->manager, username, password))
+	{
+		request->redirect(request, "status/ikesalist");
+	}
+	else
+	{
+		request->redirect(request, "auth/login");
+	}
+}
+
+static void logout(private_auth_controller_t *this, request_t *request)
+{
+	this->manager->logout(this->manager);
+	request->redirect(request, "auth/login");
+}
+
+/**
+ * Implementation of controller_t.get_name
+ */
+static char* get_name(private_auth_controller_t *this)
+{
+	return "auth";
+}
+
+/**
+ * Implementation of controller_t.handle
+ */
+static void handle(private_auth_controller_t *this,
+				   request_t *request, char *action)
+{
+	if (action)
+	{
+		if (streq(action, "login"))
+		{
+			return login(this, request);
+		}
+		else if (streq(action, "check")) 
+		{
+			return check(this, request);
+		}
+		else if (streq(action, "logout")) 
+		{
+			return logout(this, request);
+		}
+	}
+	request->redirect(request, "auth/login");
+}
+
+/**
+ * Implementation of controller_t.destroy
+ */
+static void destroy(private_auth_controller_t *this)
+{
+	free(this);
+}
+
+/*
+ * see header file
+ */
+controller_t *auth_controller_create(context_t *context, void *param)
+{
+	private_auth_controller_t *this = malloc_thing(private_auth_controller_t);
+
+	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
+	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;
+	this->public.controller.destroy = (void(*)(controller_t*))destroy;
+	
+	this->manager = (manager_t*)context;
+	
+	return &this->public.controller;
+}
+
diff --git a/src/manager/controller/auth_controller.h b/src/manager/controller/auth_controller.h
new file mode 100644
index 000000000..c90546a17
--- /dev/null
+++ b/src/manager/controller/auth_controller.h
@@ -0,0 +1,47 @@
+/**
+ * @file auth_controller.h
+ * 
+ * @brief Interface of auth_controller_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef AUTH_CONTROLLER_H_
+#define AUTH_CONTROLLER_H_
+
+
+#include <controller.h>
+
+typedef struct auth_controller_t auth_controller_t;
+
+/**
+ * @brief Authentication controller.
+ */
+struct auth_controller_t {
+
+	/**
+	 * Implements controller_t interface.
+	 */
+	controller_t controller;
+};
+
+/**
+ * @brief Create a auth_controller controller instance.
+ */
+controller_t *auth_controller_create(context_t *context, void *param);
+
+#endif /* AUTH_CONTROLLER_H_ */
diff --git a/src/manager/controller/gateway_controller.c b/src/manager/controller/gateway_controller.c
new file mode 100644
index 000000000..bdc779256
--- /dev/null
+++ b/src/manager/controller/gateway_controller.c
@@ -0,0 +1,148 @@
+/**
+ * @file gateway_controller.c
+ *
+ * @brief Implementation of gateway_controller_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "gateway_controller.h"
+#include "../manager.h"
+#include "../gateway.h"
+
+#include <library.h>
+
+
+typedef struct private_gateway_controller_t private_gateway_controller_t;
+
+/**
+ * private data of the gateway_controller
+ */
+struct private_gateway_controller_t {
+
+	/**
+	 * public functions
+	 */
+	gateway_controller_t public;
+	
+	/**
+	 * manager instance
+	 */
+	manager_t *manager;
+	
+};
+
+static void list(private_gateway_controller_t *this, request_t *request)
+{
+	enumerator_t *enumerator;
+	char *name, *address;
+	int id, port;
+	
+	enumerator = this->manager->create_gateway_enumerator(this->manager);
+	while (enumerator->enumerate(enumerator, &id, &name, &port, &address))
+	{
+		request->setf(request, "gateways.%d.name=%s", id, name);
+		if (port)
+		{
+			request->setf(request, "gateways.%d.address=tcp://%s:%d",
+						  id, address, port);
+		}
+		else
+		{
+			request->setf(request, "gateways.%d.address=unix://%s",
+						  id, IPSEC_PIDDIR"/charon.xml");
+		}
+	}
+	enumerator->destroy(enumerator);
+	request->set(request, "action", "select");
+	request->set(request, "title", "Choose gateway");
+	request->render(request, "templates/gateway/list.cs");
+}
+
+static void _select(private_gateway_controller_t *this, request_t *request)
+{
+	char *id;
+	
+	id = request->get_query_data(request, "gateway");
+	if (id)
+	{
+		if (this->manager->select_gateway(this->manager, atoi(id)))
+		{
+			request->redirect(request, "status/ikesalist");
+			return;
+		}
+	}
+	request->redirect(request, "gateway/list");
+}
+
+/**
+ * Implementation of controller_t.get_name
+ */
+static char* get_name(private_gateway_controller_t *this)
+{
+	return "gateway";
+}
+
+/**
+ * Implementation of controller_t.handle
+ */
+static void handle(private_gateway_controller_t *this,
+				   request_t *request, char *action)
+{
+	if (!this->manager->logged_in(this->manager))
+	{
+		return request->redirect(request, "auth/login");
+	}
+	if (action)
+	{
+		if (streq(action, "list"))
+		{
+			return list(this, request);
+		}
+		else if (streq(action, "select")) 
+		{
+			return _select(this, request);
+		}
+	}
+	request->redirect(request, "gateway/list");
+}
+
+
+/**
+ * Implementation of controller_t.destroy
+ */
+static void destroy(private_gateway_controller_t *this)
+{
+	free(this);
+}
+
+/*
+ * see header file
+ */
+controller_t *gateway_controller_create(context_t *context, void *param)
+{
+	private_gateway_controller_t *this = malloc_thing(private_gateway_controller_t);
+
+	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
+	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;
+	this->public.controller.destroy = (void(*)(controller_t*))destroy;
+	
+	this->manager = (manager_t*)context;
+	
+	return &this->public.controller;
+}
+
diff --git a/src/manager/controller/gateway_controller.h b/src/manager/controller/gateway_controller.h
new file mode 100644
index 000000000..5872e20e2
--- /dev/null
+++ b/src/manager/controller/gateway_controller.h
@@ -0,0 +1,47 @@
+/**
+ * @file gateway_controller.h
+ * 
+ * @brief Interface of gateway_controller_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef GATEWAY_CONTROLLER_H_
+#define GATEWAY_CONTROLLER_H_
+
+
+#include <controller.h>
+
+typedef struct gateway_controller_t gateway_controller_t;
+
+/**
+ * @brief Status controller.
+ */
+struct gateway_controller_t {
+
+	/**
+	 * Implements controller_t interface.
+	 */
+	controller_t controller;
+};
+
+/**
+ * @brief Create a gateway_controller controller instance.
+ */
+controller_t *gateway_controller_create(context_t *context, void *param);
+
+#endif /* GATEWAY_CONTROLLER_H_ */
diff --git a/src/manager/controller/status_controller.c b/src/manager/controller/status_controller.c
new file mode 100644
index 000000000..bcdbd26ea
--- /dev/null
+++ b/src/manager/controller/status_controller.c
@@ -0,0 +1,238 @@
+/**
+ * @file status_controller.c
+ *
+ * @brief Implementation of status_controller_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "status_controller.h"
+#include "../manager.h"
+#include "../gateway.h"
+
+#include <xml.h>
+
+#include <library.h>
+
+
+typedef struct private_status_controller_t private_status_controller_t;
+
+/**
+ * private data of the task manager
+ */
+struct private_status_controller_t {
+
+	/**
+	 * public functions
+	 */
+	status_controller_t public;
+	
+	/**
+	 * manager instance
+	 */
+	manager_t *manager;
+};
+
+/**
+ * read XML of a childsa element and fill template
+ */
+static void process_childsa(private_status_controller_t *this, char *id,
+							enumerator_t *e, request_t *r)
+{
+	xml_t *xml;
+	enumerator_t *e1, *e2;
+	char *name, *value, *reqid = "", *section = "";
+	int num = 0;
+	
+	while (e->enumerate(e, &xml, &name, &value))
+	{
+		if (streq(name, "reqid"))
+		{
+			reqid = value;
+		}
+		else if (streq(name, "local") || streq(name, "remote"))
+		{
+			section = name;
+			e1 = xml->children(xml);
+			while (e1->enumerate(e1, &xml, &name, &value))
+			{
+				if (streq(name, "networks"))
+				{
+					e2 = xml->children(xml);
+					while (e2->enumerate(e2, &xml, &name, &value))
+					{
+						if (streq(name, "network"))
+						{
+							r->setf(r, "ikesas.%s.childsas.%s.%s.networks.%d=%s",
+									id, reqid, section, ++num, value);
+						}
+					}
+					e2->destroy(e2);
+				}
+				else
+				{
+					r->setf(r, "ikesas.%s.childsas.%s.%s.%s=%s",
+							id, reqid, section, name, value);
+				}
+			}
+			e1->destroy(e1);
+		}
+		else
+		{
+			r->setf(r, "ikesas.%s.childsas.%s.%s=%s",
+					id, reqid, name, value);
+		}
+	}
+}
+
+/**
+ * read XML of a ikesa element and fill template
+ */
+static void process_ikesa(private_status_controller_t *this,
+						  enumerator_t *e, request_t *r)
+{
+	xml_t *xml;
+	enumerator_t *e1, *e2;
+	char *name, *value, *id = "", *section = "";
+
+	while (e->enumerate(e, &xml, &name, &value))
+	{
+		if (streq(name, "id"))
+		{
+			id = value;	
+		}
+		else if (streq(name, "local") || streq(name, "remote"))
+		{
+			section = name;
+			e1 = xml->children(xml);
+			while (e1->enumerate(e1, &xml, &name, &value))
+			{
+				r->setf(r, "ikesas.%s.%s.%s=%s", id, section, name, value);
+			}
+			e1->destroy(e1);
+		}
+		else if (streq(name, "childsalist"))
+		{
+			e1 = xml->children(xml);
+			while (e1->enumerate(e1, &xml, &name, &value))
+			{
+				if (streq(name, "childsa"))
+				{
+					e2 = xml->children(xml);
+					process_childsa(this, id, e2, r);
+					e2->destroy(e2);
+				}
+			}
+			e1->destroy(e1);
+		}
+		else
+		{
+			r->setf(r, "ikesas.%s.%s=%s", id, name, value);
+		}
+	}
+}
+
+static void ikesalist(private_status_controller_t *this, request_t *r)
+{
+	gateway_t *gateway;
+	xml_t *xml;
+	enumerator_t *e1, *e2;
+	char *name, *value;
+
+	gateway = this->manager->select_gateway(this->manager, 0);
+	e1 = gateway->query_ikesalist(gateway);
+	if (e1 == NULL)
+	{
+		r->set(r, "title", "Error");
+		r->set(r, "error", "querying the gateway failed");
+		r->render(r, "templates/error.cs");
+	}
+	else
+	{
+		r->set(r, "title", "IKE SA overview");
+
+		while (e1->enumerate(e1, &xml, &name, &value))
+		{
+			if (streq(name, "ikesa"))
+			{
+				e2 = xml->children(xml);
+				process_ikesa(this, e2, r);
+				e2->destroy(e2);
+			}
+		}
+		e1->destroy(e1);
+
+		r->render(r, "templates/status/ikesalist.cs");
+	}
+}
+
+/**
+ * Implementation of controller_t.get_name
+ */
+static char* get_name(private_status_controller_t *this)
+{
+	return "status";
+}
+
+/**
+ * Implementation of controller_t.handle
+ */
+static void handle(private_status_controller_t *this,
+				   request_t *request, char *action)
+{
+	if (!this->manager->logged_in(this->manager))
+	{
+		return request->redirect(request, "auth/login");
+	}
+	if (this->manager->select_gateway(this->manager, 0) == NULL)
+	{
+		return request->redirect(request, "gateway/list");
+	}
+	if (action)
+	{
+		if (streq(action, "ikesalist"))
+		{
+			return ikesalist(this, request);
+		}
+	}
+	return request->redirect(request, "status/ikesalist");
+}
+
+/**
+ * Implementation of controller_t.destroy
+ */
+static void destroy(private_status_controller_t *this)
+{
+	free(this);
+}
+
+/*
+ * see header file
+ */
+controller_t *status_controller_create(context_t *context, void *param)
+{
+	private_status_controller_t *this = malloc_thing(private_status_controller_t);
+
+	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
+	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;
+	this->public.controller.destroy = (void(*)(controller_t*))destroy;
+	
+	this->manager = (manager_t*)context;
+	
+	return &this->public.controller;
+}
+
diff --git a/src/manager/controller/status_controller.h b/src/manager/controller/status_controller.h
new file mode 100644
index 000000000..a736dda83
--- /dev/null
+++ b/src/manager/controller/status_controller.h
@@ -0,0 +1,47 @@
+/**
+ * @file status_controller.h
+ * 
+ * @brief Interface of status_controller_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef STATUS_CONTROLLER_H_
+#define STATUS_CONTROLLER_H_
+
+
+#include <controller.h>
+
+typedef struct status_controller_t status_controller_t;
+
+/**
+ * @brief Status controller.
+ */
+struct status_controller_t {
+
+	/**
+	 * Implements controller_t interface.
+	 */
+	controller_t controller;
+};
+
+/**
+ * @brief Create a status_controller controller instance.
+ */
+controller_t *status_controller_create(context_t *context, void *param);
+
+#endif /* STATUS_CONTROLLER_H_ */