diff options
Diffstat (limited to 'lib/libipsecpolicy')
| -rw-r--r-- | lib/libipsecpolicy/.cvsignore | 1 | ||||
| -rw-r--r-- | lib/libipsecpolicy/Makefile | 96 | ||||
| -rw-r--r-- | lib/libipsecpolicy/cgipolicy.c | 77 | ||||
| -rw-r--r-- | lib/libipsecpolicy/libipsecpolicy.h | 4 | ||||
| -rw-r--r-- | lib/libipsecpolicy/policyquery.c | 167 | ||||
| -rw-r--r-- | lib/libipsecpolicy/version.in.c | 38 |
6 files changed, 0 insertions, 383 deletions
diff --git a/lib/libipsecpolicy/.cvsignore b/lib/libipsecpolicy/.cvsignore deleted file mode 100644 index 17435c875..000000000 --- a/lib/libipsecpolicy/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -version.c diff --git a/lib/libipsecpolicy/Makefile b/lib/libipsecpolicy/Makefile deleted file mode 100644 index a23fa5d04..000000000 --- a/lib/libipsecpolicy/Makefile +++ /dev/null @@ -1,96 +0,0 @@ -# FreeS/WAN library -# Copyright (C) 2003 Michael Richardson <mcr@freeswan.org> -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation; either version 2 of the License, or (at your -# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# for more details. -# -# RCSID $Id: Makefile,v 1.1 2004/03/15 20:35:24 as Exp $ - - -FREESWANSRCDIR=../.. - -include ${FREESWANSRCDIR}/Makefile.inc -include ${FREESWANSRCDIR}/Makefile.ver - - -MANDIR=$(MANTREE)/man3 - -SRCS=policyquery.c cgipolicy.c - -OBJS=${SRCS:.c=.o} version.o - -KLIPSD=${FREESWANSRCDIR}/linux/include - -LIB=libipsecpolicy.a -# Original flags -CFLAGS=-I. -I${KLIPSD} -I${FREESWANSRCDIR} $(USERCOMPILE) -CFLAGS+= -Wall -CFLAGS+= -Wpointer-arith -CFLAGS+= -Wcast-qual -CFLAGS+= -Wstrict-prototypes -CFLAGS+= -Wbad-function-cast - -MANS= - -.PHONY: all install clean l t lt tar check depend checkprograms - -all: $(LIB) -programs: $(LIB) - -install: - @mkdir -p $(MANDIR) - @for f in $(MANS) ; \ - do \ - $(INSTALL) $(INSTMANFLAGS) $(SRCDIR)/$$f $(MANDIR)/ipsec_$$f || exit 1 ; \ - done - @$(FREESWANSRCDIR)/packaging/utils/manlink $(foreach man, $(MANS), ${SRCDIR}/$(man)) | \ - while read from to; \ - do \ - ln -s -f ipsec_$$from $(MANDIR)/$$to; \ - done - - -install_file_list: - @for f in $(MANS) ; \ - do \ - echo $(MANDIR)/ipsec_$$f;\ - done; - @$(FREESWANSRCDIR)/packaging/utils/manlink $(foreach man, $(MANS), ${SRCDIR}/$(man)) | \ - while read from to; \ - do \ - echo $(MANDIR)/$$to; \ - done - -$(LIB): $(OBJS) - $(AR) $(ARFLAGS) $(LIB) $(OBJS) - -$(OBJS): $(HDRS) - -# build version.c using version number from Makefile.ver -version.c: version.in.c ${FREESWANSRCDIR}/Makefile.ver - sed '/"/s/xxx/$(IPSECVERSION)/' version.in.c >$@ - -clean: - rm -f $(LIB) *.o try* core *.core $(EXTHDRS) $(EXTLIBS) version.c - - -tar: clean - tar -cvf /tmp/lib.tar Makefile [a-z]* - -check: - echo no checks in lib right now. - -depend: - makedepend -Y -- $(CFLAGS) -- $(SRCS) - -checkprograms: - -# DO NOT DELETE - diff --git a/lib/libipsecpolicy/cgipolicy.c b/lib/libipsecpolicy/cgipolicy.c deleted file mode 100644 index d28243e85..000000000 --- a/lib/libipsecpolicy/cgipolicy.c +++ /dev/null @@ -1,77 +0,0 @@ -/* routines that interface with pluto to get policy information - * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org> - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - * RCSID $Id: cgipolicy.c,v 1.1 2004/03/15 20:35:24 as Exp $ - */ - -#include <stddef.h> -#include <string.h> -#include <stdio.h> -#include <stdlib.h> -#include <errno.h> -#include <wait.h> -#include <unistd.h> -#include <fcntl.h> - -#include <sys/socket.h> -#include <sys/un.h> -#include <netinet/in.h> -#include <arpa/inet.h> - -#include <freeswan.h> -#include <freeswan/ipsec_policy.h> - -#include "libipsecpolicy.h" - -/* - * this version is appropriate for when one is called from a perl CGI, - * running under Apache. It extracts the appropriate things out of standard - * CGI environment variables, namely: - * $SERVER_ADDR us - * $REMOTE_ADDR them - */ - -err_t ipsec_policy_cgilookup(struct ipsec_policy_cmd_query *result) -{ - err_t ret; - char *us, *them; - - /* clear it all out */ - memset(result, 0, sizeof(*result)); - - /* setup it up */ - result->head.ipm_version = IPSEC_POLICY_MSG_REVISION; - result->head.ipm_msg_len = sizeof(*result); - result->head.ipm_msg_type = IPSEC_CMD_QUERY_HOSTPAIR; - result->head.ipm_msg_seq = ipsec_policy_seq(); - - - us = getenv("SERVER_ADDR"); - them = getenv("REMOTE_ADDR"); - if(!us || !them) { - return "$SERVER_ADDR and $REMOTE_ADDR must be set"; - } - - ret = ttoaddr(us, 0, AF_INET, &result->query_local); - if(ret != NULL) { - return ret; - } - - ret = ttoaddr(them, 0, AF_INET, &result->query_remote); - if(ret != NULL) { - return ret; - } - - return ipsec_policy_sendrecv((unsigned char *)result, sizeof(*result)); -} - diff --git a/lib/libipsecpolicy/libipsecpolicy.h b/lib/libipsecpolicy/libipsecpolicy.h deleted file mode 100644 index 2c4ebdc0c..000000000 --- a/lib/libipsecpolicy/libipsecpolicy.h +++ /dev/null @@ -1,4 +0,0 @@ - -extern u_int32_t ipsec_policy_seq(void); - - diff --git a/lib/libipsecpolicy/policyquery.c b/lib/libipsecpolicy/policyquery.c deleted file mode 100644 index 6555bdc08..000000000 --- a/lib/libipsecpolicy/policyquery.c +++ /dev/null @@ -1,167 +0,0 @@ -/* routines that interface with pluto to get policy information - * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org> - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - * RCSID $Id: policyquery.c,v 1.1 2004/03/15 20:35:25 as Exp $ - */ - -#include <stddef.h> -#include <string.h> -#include <stdio.h> -#include <stdlib.h> -#include <errno.h> -#include <wait.h> -#include <unistd.h> -#include <fcntl.h> - -#include <sys/socket.h> -#include <sys/un.h> -#include <netinet/in.h> -#include <arpa/inet.h> - -#include <freeswan.h> -#include <freeswan/ipsec_policy.h> - -#include "libipsecpolicy.h" - -static int policy_query_socket = -1; -static u_int32_t policy_seq = 1; - -u_int32_t ipsec_policy_seq(void) -{ - return ++policy_seq; -} - -err_t ipsec_policy_init(void) -{ - struct sockaddr_un sn; - - if(policy_query_socket != -1) { - return NULL; - } - - policy_query_socket = socket(PF_UNIX, SOCK_STREAM, 0); - if(policy_query_socket == -1) { - return "failed to open policy socket"; - } - - /* now connect it */ - sn.sun_family = AF_UNIX; - strcpy(sn.sun_path, IPSEC_POLICY_SOCKET); - - if(connect(policy_query_socket, (struct sockaddr *)&sn, sizeof(sn)) != 0) { - int saveerrno = errno; - close(policy_query_socket); - policy_query_socket=-1; - errno = saveerrno; - return "failed to connect policy socket"; - } - - /* okay, I think we are done */ - return NULL; -} - -err_t ipsec_policy_final(void) -{ - if(policy_query_socket != -1) { - close(policy_query_socket); - policy_query_socket = -1; - } - - return NULL; -} - -err_t ipsec_policy_readmsg(int policysock, - unsigned char *buf, - size_t buflen) -{ - struct ipsec_policy_msg_head ipmh; - - if(read(policysock, &ipmh, sizeof(ipmh)) - != sizeof(ipmh)) { - return "read failed"; - } - - /* got the header, sanitize it, and find out how much more to read */ - switch(ipmh.ipm_version) { - case IPSEC_POLICY_MSG_REVISION: - break; - - default: - /* XXX go deal with older versions, error for now */ - fprintf(stderr, "Bad magic header: %u\n", ipmh.ipm_version); - return "bad policy msg version magic"; - } - - if(ipmh.ipm_msg_len > buflen) { - return "buffer too small for this message"; - } - - buflen = ipmh.ipm_msg_len; - memcpy(buf, &ipmh, sizeof(ipmh)); - buf += sizeof(ipmh); - buflen -= sizeof(ipmh); - - if(read(policysock, buf, buflen) != buflen) { - return "short read from socket"; - } - - return NULL; -} - -err_t ipsec_policy_sendrecv(unsigned char *buf, - size_t buflen) -{ - err_t ret; - ipsec_policy_init(); - - if(write(policy_query_socket, buf, buflen) - != buflen) { - return "write failed"; - } - - ret = ipsec_policy_readmsg(policy_query_socket, - buf, buflen); - - ipsec_policy_final(); - - return ret; -} - - -err_t ipsec_policy_lookup(int fd, struct ipsec_policy_cmd_query *result) -{ - int len; - - /* clear it out */ - memset(result, 0, sizeof(*result)); - - /* setup it up */ - result->head.ipm_version = IPSEC_POLICY_MSG_REVISION; - result->head.ipm_msg_len = sizeof(*result); - result->head.ipm_msg_type = IPSEC_CMD_QUERY_HOSTPAIR; - result->head.ipm_msg_seq = ipsec_policy_seq(); - - /* suck out the data on the sockets */ - len = sizeof(result->query_local); - if(getsockname(fd, (struct sockaddr *)&result->query_local, &len) != 0) { - return "getsockname failed"; - } - - len = sizeof(result->query_remote); - if(getpeername(fd, (struct sockaddr *)&result->query_remote, &len) != 0) { - return "getpeername failed"; - } - - return ipsec_policy_sendrecv((unsigned char *)result, sizeof(*result)); -} - diff --git a/lib/libipsecpolicy/version.in.c b/lib/libipsecpolicy/version.in.c deleted file mode 100644 index 304c58c0c..000000000 --- a/lib/libipsecpolicy/version.in.c +++ /dev/null @@ -1,38 +0,0 @@ -/* - * libipsecpolicy version information - * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org> - * - * This library is free software; you can redistribute it and/or modify it - * under the terms of the GNU Library General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public - * License for more details. - * - * RCSID $Id: version.in.c,v 1.1 2004/03/15 20:35:25 as Exp $ - */ - -#define V "xxx" /* substituted in by Makefile */ -static const char ipsecpolicy_number[] = V; -static const char ipsecpolicy_string[] = "Linux FreeS/WAN policylib " V; - -/* - - ipsec_version_code - return IPsec version number/code, as string - */ -const char * -ipsec_version_code(void) -{ - return ipsecpolicy_number; -} - -/* - - ipsec_version_string - return full version string - */ -const char * -ipsec_version_string(void) -{ - return ipsecpolicy_string; -} |