diff options
Diffstat (limited to 'src/charon/config/connections')
-rw-r--r-- | src/charon/config/connections/connection.c | 404 | ||||
-rw-r--r-- | src/charon/config/connections/connection.h | 292 | ||||
-rwxr-xr-x | src/charon/config/connections/connection_store.h | 118 | ||||
-rw-r--r-- | src/charon/config/connections/local_connection_store.c | 237 | ||||
-rw-r--r-- | src/charon/config/connections/local_connection_store.h | 62 |
5 files changed, 0 insertions, 1113 deletions
diff --git a/src/charon/config/connections/connection.c b/src/charon/config/connections/connection.c deleted file mode 100644 index ffe508992..000000000 --- a/src/charon/config/connections/connection.c +++ /dev/null @@ -1,404 +0,0 @@ -/** - * @file connection.c - * - * @brief Implementation of connection_t. - * - */ - -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <string.h> - -#include <config/connections/connection.h> -#include <utils/linked_list.h> - -ENUM(cert_policy_names, CERT_ALWAYS_SEND, CERT_NEVER_SEND, - "CERT_ALWAYS_SEND", - "CERT_SEND_IF_ASKED", - "CERT_NEVER_SEND" -); - -typedef struct private_connection_t private_connection_t; - -/** - * Private data of an connection_t object - */ -struct private_connection_t { - - /** - * Public part - */ - connection_t public; - - /** - * Number of references hold by others to this connection - */ - refcount_t refcount; - - /** - * Name of the connection - */ - char *name; - - /** - * Does charon handle this connection? Or can he ignore it? - */ - bool ikev2; - - /** - * should we send a certificate request? - */ - cert_policy_t certreq_policy; - - /** - * should we send a certificates? - */ - cert_policy_t cert_policy; - - /** - * ID of us - */ - identification_t *my_id; - - /** - * Host information of my host. - */ - host_t *my_host; - - /** - * Host information of other host. - */ - host_t *other_host; - - /** - * Interval to send DPD liveness checks on inactivity - */ - u_int32_t dpd_delay; - - /** - * Number of retransmission sequences to send bevore giving up - */ - u_int32_t keyingtries; - - /** - * Supported proposals - */ - linked_list_t *proposals; - - /** - * Time before an SA gets invalid - */ - u_int32_t soft_lifetime; - - /** - * Time before an SA gets rekeyed - */ - u_int32_t hard_lifetime; - - /** - * Use full reauthentication instead of rekeying - */ - bool reauth; - - /** - * Time, which specifies the range of a random value - * substracted from soft_lifetime. - */ - u_int32_t jitter; -}; - -/** - * Implementation of connection_t.get_name. - */ -static char *get_name (private_connection_t *this) -{ - return this->name; -} - -/** - * Implementation of connection_t.is_ikev2. - */ -static bool is_ikev2 (private_connection_t *this) -{ - return this->ikev2; -} - -/** - * Implementation of connection_t.get_certreq_policy. - */ -static cert_policy_t get_certreq_policy (private_connection_t *this) -{ - return this->certreq_policy; -} - -/** - * Implementation of connection_t.get_cert_policy. - */ -static cert_policy_t get_cert_policy (private_connection_t *this) -{ - return this->cert_policy; -} - -/** - * Implementation of connection_t.get_my_host. - */ -static host_t *get_my_host (private_connection_t *this) -{ - return this->my_host; -} - -/** - * Implementation of connection_t.get_other_host. - */ -static host_t *get_other_host (private_connection_t *this) -{ - return this->other_host; -} - -/** - * Implementation of connection_t.get_proposals. - */ -static linked_list_t* get_proposals(private_connection_t *this) -{ - iterator_t *iterator; - proposal_t *current; - linked_list_t *proposals = linked_list_create(); - - iterator = this->proposals->create_iterator(this->proposals, TRUE); - while (iterator->iterate(iterator, (void**)¤t)) - { - current = current->clone(current); - proposals->insert_last(proposals, (void*)current); - } - iterator->destroy(iterator); - - return proposals; -} - -/** - * Implementation of connection_t.select_proposal. - */ -static proposal_t *select_proposal(private_connection_t *this, linked_list_t *proposals) -{ - iterator_t *stored_iter, *supplied_iter; - proposal_t *stored, *supplied, *selected; - - stored_iter = this->proposals->create_iterator(this->proposals, TRUE); - supplied_iter = proposals->create_iterator(proposals, TRUE); - - /* compare all stored proposals with all supplied. Stored ones are preferred. */ - while (stored_iter->iterate(stored_iter, (void**)&stored)) - { - supplied_iter->reset(supplied_iter); - - while (supplied_iter->iterate(supplied_iter, (void**)&supplied)) - { - selected = stored->select(stored, supplied); - if (selected) - { - /* they match, return */ - stored_iter->destroy(stored_iter); - supplied_iter->destroy(supplied_iter); - return selected; - } - } - } - /* no proposal match :-(, will result in a NO_PROPOSAL_CHOSEN... */ - stored_iter->destroy(stored_iter); - supplied_iter->destroy(supplied_iter); - - return NULL; -} - -/** - * Implementation of connection_t.add_proposal. - */ -static void add_proposal(private_connection_t *this, proposal_t *proposal) -{ - this->proposals->insert_last(this->proposals, proposal); -} - -/** - * Implementation of connection_t.get_dpd_delay. - */ -static u_int32_t get_dpd_delay(private_connection_t *this) -{ - return this->dpd_delay; -} - -/** - * Implementation of connection_t.get_keyingtries. - */ -static u_int32_t get_keyingtries(private_connection_t *this) -{ - return this->keyingtries; -} - -/** - * Implementation of connection_t.get_dh_group. - */ -static diffie_hellman_group_t get_dh_group(private_connection_t *this) -{ - iterator_t *iterator; - proposal_t *proposal; - algorithm_t *algo; - diffie_hellman_group_t dh_group = MODP_NONE; - - iterator = this->proposals->create_iterator(this->proposals, TRUE); - while (iterator->iterate(iterator, (void**)&proposal)) - { - if (proposal->get_algorithm(proposal, DIFFIE_HELLMAN_GROUP, &algo)) - { - dh_group = algo->algorithm; - break; - } - } - iterator->destroy(iterator); - return dh_group; -} - -/** - * Implementation of connection_t.check_dh_group. - */ -static bool check_dh_group(private_connection_t *this, diffie_hellman_group_t dh_group) -{ - iterator_t *prop_iter, *alg_iter; - proposal_t *proposal; - algorithm_t *algo; - - prop_iter = this->proposals->create_iterator(this->proposals, TRUE); - while (prop_iter->iterate(prop_iter, (void**)&proposal)) - { - alg_iter = proposal->create_algorithm_iterator(proposal, DIFFIE_HELLMAN_GROUP); - while (alg_iter->iterate(alg_iter, (void**)&algo)) - { - if (algo->algorithm == dh_group) - { - prop_iter->destroy(prop_iter); - alg_iter->destroy(alg_iter); - return TRUE; - } - } - alg_iter->destroy(alg_iter); - } - prop_iter->destroy(prop_iter); - return FALSE; -} -/** - * Implementation of connection_t.get_soft_lifetime - */ -static u_int32_t get_soft_lifetime(private_connection_t *this) -{ - if (this->jitter == 0) - { - return this->soft_lifetime ; - } - return this->soft_lifetime - (random() % this->jitter); -} - -/** - * Implementation of connection_t.get_hard_lifetime. - */ -static u_int32_t get_hard_lifetime(private_connection_t *this) -{ - return this->hard_lifetime; -} - -/** - * Implementation of connection_t.get_reauth. - */ -static bool get_reauth(private_connection_t *this) -{ - return this->reauth; -} - -/** - * Implementation of connection_t.get_ref. - */ -static void get_ref(private_connection_t *this) -{ - ref_get(&this->refcount); -} - -/** - * Implementation of connection_t.destroy. - */ -static void destroy(private_connection_t *this) -{ - if (ref_put(&this->refcount)) - { - this->proposals->destroy_offset(this->proposals, offsetof(proposal_t, destroy)); - this->my_host->destroy(this->my_host); - this->other_host->destroy(this->other_host); - free(this->name); - free(this); - } -} - -/** - * Described in header. - */ -connection_t * connection_create(char *name, bool ikev2, - cert_policy_t cert_policy, - cert_policy_t certreq_policy, - host_t *my_host, host_t *other_host, - u_int32_t dpd_delay, bool reauth, - u_int32_t keyingtries, - u_int32_t hard_lifetime, - u_int32_t soft_lifetime, u_int32_t jitter) -{ - private_connection_t *this = malloc_thing(private_connection_t); - - /* public functions */ - this->public.get_name = (char*(*)(connection_t*))get_name; - this->public.is_ikev2 = (bool(*)(connection_t*))is_ikev2; - this->public.get_cert_policy = (cert_policy_t(*)(connection_t*))get_cert_policy; - this->public.get_certreq_policy = (cert_policy_t(*)(connection_t*))get_certreq_policy; - this->public.get_my_host = (host_t*(*)(connection_t*))get_my_host; - this->public.get_other_host = (host_t*(*)(connection_t*))get_other_host; - this->public.get_proposals = (linked_list_t*(*)(connection_t*))get_proposals; - this->public.select_proposal = (proposal_t*(*)(connection_t*,linked_list_t*))select_proposal; - this->public.add_proposal = (void(*)(connection_t*, proposal_t*)) add_proposal; - this->public.get_dpd_delay = (u_int32_t(*)(connection_t*)) get_dpd_delay; - this->public.get_reauth = (bool(*)(connection_t*)) get_reauth; - this->public.get_keyingtries = (u_int32_t(*)(connection_t*)) get_keyingtries; - this->public.get_dh_group = (diffie_hellman_group_t(*)(connection_t*)) get_dh_group; - this->public.check_dh_group = (bool(*)(connection_t*,diffie_hellman_group_t)) check_dh_group; - this->public.get_soft_lifetime = (u_int32_t (*) (connection_t *))get_soft_lifetime; - this->public.get_hard_lifetime = (u_int32_t (*) (connection_t *))get_hard_lifetime; - this->public.get_ref = (void(*)(connection_t*))get_ref; - this->public.destroy = (void(*)(connection_t*))destroy; - - /* private variables */ - this->refcount = 1; - this->name = strdup(name); - this->ikev2 = ikev2; - this->cert_policy = cert_policy; - this->certreq_policy = certreq_policy; - this->my_host = my_host; - this->other_host = other_host; - this->dpd_delay = dpd_delay; - this->reauth = reauth; - this->keyingtries = keyingtries; - this->hard_lifetime = hard_lifetime; - this->soft_lifetime = soft_lifetime; - this->jitter = jitter; - - this->proposals = linked_list_create(); - - return &this->public; -} diff --git a/src/charon/config/connections/connection.h b/src/charon/config/connections/connection.h deleted file mode 100644 index d0788876f..000000000 --- a/src/charon/config/connections/connection.h +++ /dev/null @@ -1,292 +0,0 @@ -/** - * @file connection.h - * - * @brief Interface of connection_t. - * - */ - -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#ifndef CONNECTION_H_ -#define CONNECTION_H_ - -typedef enum cert_policy_t cert_policy_t; -typedef struct connection_t connection_t; - -#include <library.h> -#include <utils/host.h> -#include <utils/linked_list.h> -#include <utils/identification.h> -#include <config/proposal.h> -#include <crypto/diffie_hellman.h> - - -/** - * Certificate sending policy. This is also used for certificate - * requests when using this definition for the other peer. If - * it is CERT_NEVER_SEND, a certreq is omitted, otherwise its - * included. - * - * @ingroup config - * - * @warning These definitions must be the same as in pluto/starter, - * as they are sent over the stroke socket. - */ -enum cert_policy_t { - /** always send certificates, even when not requested */ - CERT_ALWAYS_SEND = 0, - /** send certificate upon cert request */ - CERT_SEND_IF_ASKED = 1, - /** never send a certificate, even when requested */ - CERT_NEVER_SEND = 2, -}; - -/** - * enum strings for cert_policy_t - * - * @ingroup config - */ -extern enum_name_t *cert_policy_names; - -/** - * @brief A connection_t defines the rules to set up an IKE_SA. - * - * @b Constructors: - * - connection_create() - * - * @ingroup config - */ -struct connection_t { - - /** - * @brief Get my address as host_t object. - * - * Object is NOT getting cloned. - * - * @param this calling object - * @return host information as host_t object - */ - host_t *(*get_my_host) (connection_t *this); - - /** - * @brief Get others address as host_t object. - * - * Object is NOT getting cloned. - * - * @param this calling object - * @return host information as host_t object - */ - host_t *(*get_other_host) (connection_t *this); - - /** - * @brief Returns a list of all supported proposals. - * - * Returned list and its proposals must be destroyed after usage. - * - * @param this calling object - * @return list containing all the proposals - */ - linked_list_t *(*get_proposals) (connection_t *this); - - /** - * @brief Adds a proposal to the list. - * - * The first added proposal has the highest priority, the last - * added the lowest. - * - * @param this calling object - * @param proposal proposal to add - */ - void (*add_proposal) (connection_t *this, proposal_t *proposal); - - /** - * @brief Select a proposed from suggested proposals. - * - * Returned proposal must be destroyed after usage. - * - * @param this calling object - * @param proposals list of proposals to select from - * @return selected proposal, or NULL if none matches. - */ - proposal_t *(*select_proposal) (connection_t *this, linked_list_t *proposals); - - /** - * @brief Get the DPD check interval. - * - * @param this calling object - * @return dpd_delay in seconds - */ - u_int32_t (*get_dpd_delay) (connection_t *this); - - /** - * @brief Should a full reauthentication be done instead of rekeying? - * - * @param this calling object - * @return TRUE to use full reauthentication - */ - bool (*get_reauth) (connection_t *this); - - /** - * @brief Get the max number of retransmission sequences. - * - * @param this calling object - * @return max number of retransmission sequences - */ - u_int32_t (*get_keyingtries) (connection_t *this); - - /** - * @brief Get the connection name. - * - * Name must not be freed, since it points to - * internal data. - * - * @param this calling object - * @return name of the connection - */ - char* (*get_name) (connection_t *this); - - /** - * @brief Check if the connection is marked as an IKEv2 connection. - * - * Since all connections (IKEv1+2) are loaded, but charon handles - * only those marked with IKEv2, this flag can tell us if we must - * ignore a connection on initiaton. Then pluto will do it for us. - * - * @param this calling object - * @return - TRUE, if this is an IKEv2 connection - */ - bool (*is_ikev2) (connection_t *this); - - /** - * @brief Should be sent a certificate request for this connection? - * - * A certificate request contains serials of our trusted CA certificates. - * This flag says if such a request is sent on connection setup to - * the peer. It should be omitted when CERT_SEND_NEVER, sended otherwise. - * - * @param this calling object - * @return certificate request sending policy - */ - cert_policy_t (*get_certreq_policy) (connection_t *this); - - /** - * @brief Should be sent a certificate for this connection? - * - * Return the policy used to send the certificate. - * - * @param this calling object - * @return certificate sending policy - */ - cert_policy_t (*get_cert_policy) (connection_t *this); - - /** - * @brief Get the DH group to use for connection initialization. - * - * @param this calling object - * @return dh group to use for initialization - */ - diffie_hellman_group_t (*get_dh_group) (connection_t *this); - - /** - * @brief Check if a suggested dh group is acceptable. - * - * If we guess a wrong DH group for IKE_SA_INIT, the other - * peer will send us a offer. But is this acceptable for us? - * - * @param this calling object - * @return TRUE if group acceptable - */ - bool (*check_dh_group) (connection_t *this, diffie_hellman_group_t dh_group); - - /** - * @brief Get the lifetime of a connection, before IKE_SA rekeying starts. - * - * A call to this function automatically adds a jitter to - * avoid simultanous rekeying. - * - * @param this calling object - * @return lifetime in seconds - */ - u_int32_t (*get_soft_lifetime) (connection_t *this); - - /** - * @brief Get the lifetime of a connection, before IKE_SA gets deleted. - * - * @param this calling object - * @return lifetime in seconds - */ - u_int32_t (*get_hard_lifetime) (connection_t *this); - - /** - * @brief Get a new reference to this connection. - * - * Get a new reference to this connection by increasing - * it's internal reference counter. - * Do not call get_ref or any other function until you - * already have a reference. Otherwise the object may get - * destroyed while calling get_ref(), - * - * @param this calling object - */ - void (*get_ref) (connection_t *this); - - /** - * @brief Destroys a connection_t object. - * - * Decrements the internal reference counter and - * destroys the connection when it reaches zero. - * - * @param this calling object - */ - void (*destroy) (connection_t *this); -}; - -/** - * @brief Creates a connection_t object. - * - * Supplied hosts become owned by connection, so - * do not modify or destroy them after a call to - * connection_create(). Name gets cloned internally. - * The retrasmit sequence number says how fast we give up when the peer - * does not respond. A high value may bridge-over temporary connection - * problems, a small value can detect dead peers faster. - * - * @param name connection identifier - * @param ikev2 TRUE if this is an IKEv2 connection - * @param cert_policy certificate send policy - * @param cert_req_policy certificate request send policy - * @param my_host host_t representing local address - * @param other_host host_t representing remote address - * @param dpd_delay interval of DPD liveness checks - * @param reauth use full reauthentication instead of rekeying - * @param keyingtries number of retransmit sequences to use - * @param hard_lifetime lifetime before deleting an IKE_SA - * @param soft_lifetime lifetime before rekeying an IKE_SA - * @param jitter range of randomization time - * @return connection_t object. - * - * @ingroup config - */ -connection_t * connection_create(char *name, bool ikev2, - cert_policy_t cert_pol, cert_policy_t req_pol, - host_t *my_host, host_t *other_host, - u_int32_t dpd_delay, bool reauth, - u_int32_t keyingtries, - u_int32_t hard_lifetime, u_int32_t soft_lifetime, - u_int32_t jitter); - -#endif /* CONNECTION_H_ */ diff --git a/src/charon/config/connections/connection_store.h b/src/charon/config/connections/connection_store.h deleted file mode 100755 index 70f209d3b..000000000 --- a/src/charon/config/connections/connection_store.h +++ /dev/null @@ -1,118 +0,0 @@ -/** - * @file connection_store.h - * - * @brief Interface connection_store_t. - * - */ - -/* - * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#ifndef CONNECTION_STORE_H_ -#define CONNECTION_STORE_H_ - -typedef struct connection_store_t connection_store_t; - -#include <library.h> -#include <config/connections/connection.h> -#include <utils/iterator.h> - -/** - * @brief The interface for a store of connection_t's. - * - * @b Constructors: - * - stroke_create() - * - * @ingroup config - */ -struct connection_store_t { - - /** - * @brief Returns a connection definition identified by two hosts. - * - * This call is usefull to get a connection identified by addresses. - * It may be used after kernel request for traffic protection. - * The returned connection gets created/cloned and therefore must - * be destroyed after usage. - * - * @param this calling object - * @param my_id own address of connection - * @param other_id others address of connection - * @return - * - connection_t, if found - * - NULL otherwise - */ - connection_t *(*get_connection_by_hosts)(connection_store_t *this, - host_t *my_host, host_t *other_host); - - /** - * @brief Returns a connection identified by its name. - * - * This call is usefull to get a connection identified its - * name, as on an connection setup. - * - * @param this calling object - * @param name name of the connection to get - * @return - * - connection_t, if found - * - NULL otherwise - */ - connection_t *(*get_connection_by_name) (connection_store_t *this, char *name); - - /** - * @brief Add a connection to the store. - * - * After a successful call, the connection is owned by the store and may - * not be manipulated nor destroyed. - * - * @param this calling object - * @param connection connection to add - * @return - * - SUCCESS, or - * - FAILED - */ - status_t (*add_connection) (connection_store_t *this, connection_t *connection); - - /** - * @brief Delete a connection from the store. - * - * Remove a connection from the connection store, identified - * by the connections name. - * - * @param this calling object - * @param name name of the connection to delete - * @return - * - SUCCESS, or - * - NOT_FOUND - */ - status_t (*delete_connection) (connection_store_t *this, char *name); - - /** - * @brief Get an iterator for the stored connections. - * - * @param this calling object - * @return iterator over all stored connections - */ - iterator_t* (*create_iterator) (connection_store_t *this); - - /** - * @brief Destroys a connection_store_t object. - * - * @param this calling object - */ - void (*destroy) (connection_store_t *this); -}; - -#endif /* CONNECTION_STORE_H_ */ diff --git a/src/charon/config/connections/local_connection_store.c b/src/charon/config/connections/local_connection_store.c deleted file mode 100644 index df4ec230a..000000000 --- a/src/charon/config/connections/local_connection_store.c +++ /dev/null @@ -1,237 +0,0 @@ -/** - * @file local_connection_store.c - * - * @brief Implementation of local_connection_store_t. - * - */ - -/* - * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <string.h> - -#include "local_connection_store.h" - -#include <daemon.h> -#include <utils/linked_list.h> - - -typedef struct private_local_connection_store_t private_local_connection_store_t; - -/** - * Private data of an local_connection_store_t object - */ -struct private_local_connection_store_t { - - /** - * Public part - */ - local_connection_store_t public; - - /** - * stored connection - */ - linked_list_t *connections; - - /** - * Mutex to exclusivly access connection list - */ - pthread_mutex_t mutex; -}; - - -/** - * Implementation of connection_store_t.get_connection_by_hosts. - */ -static connection_t *get_connection_by_hosts(private_local_connection_store_t *this, host_t *my_host, host_t *other_host) -{ - typedef enum { - PRIO_UNDEFINED= 0x00, - PRIO_ADDR_ANY= 0x01, - PRIO_ADDR_MATCH= 0x02 - } prio_t; - - prio_t best_prio = PRIO_UNDEFINED; - - iterator_t *iterator; - connection_t *candidate; - connection_t *found = NULL; - - DBG2(DBG_CFG, "looking for connection for host pair %H...%H", - my_host, other_host); - - pthread_mutex_lock(&(this->mutex)); - iterator = this->connections->create_iterator(this->connections, TRUE); - /* determine closest matching connection */ - while (iterator->iterate(iterator, (void**)&candidate)) - { - host_t *candidate_my_host; - host_t *candidate_other_host; - - candidate_my_host = candidate->get_my_host(candidate); - candidate_other_host = candidate->get_other_host(candidate); - - /* my_host addresses must match*/ - if (my_host->ip_equals(my_host, candidate_my_host)) - { - prio_t prio = PRIO_UNDEFINED; - - /* exact match of peer host address or wildcard address? */ - if (other_host->ip_equals(other_host, candidate_other_host)) - { - prio |= PRIO_ADDR_MATCH; - } - else if (candidate_other_host->is_anyaddr(candidate_other_host)) - { - prio |= PRIO_ADDR_ANY; - } - - DBG2(DBG_CFG, "candidate connection \"%s\": %H...%H (prio=%d)", - candidate->get_name(candidate), - candidate_my_host, candidate_other_host, prio); - - if (prio > best_prio) - { - found = candidate; - best_prio = prio; - } - } - } - iterator->destroy(iterator); - - if (found) - { - DBG2(DBG_CFG, "found matching connection \"%s\": %H...%H (prio=%d)", - found->get_name(found), found->get_my_host(found), - found->get_other_host(found), best_prio); - - /* give out a new reference to it */ - found->get_ref(found); - } - pthread_mutex_unlock(&(this->mutex)); - return found; -} - -/** - * Implementation of connection_store_t.get_connection_by_name. - */ -static connection_t *get_connection_by_name(private_local_connection_store_t *this, char *name) -{ - iterator_t *iterator; - connection_t *current, *found = NULL; - - pthread_mutex_lock(&(this->mutex)); - iterator = this->connections->create_iterator(this->connections, TRUE); - while (iterator->iterate(iterator, (void**)¤t)) - { - if (strcmp(name, current->get_name(current)) == 0) - { - found = current; - break; - } - } - iterator->destroy(iterator); - pthread_mutex_unlock(&(this->mutex)); - - if (found) - { - /* get a new reference for it */ - found->get_ref(found); - } - return found; -} - -/** - * Implementation of connection_store_t.delete_connection. - */ -static status_t delete_connection(private_local_connection_store_t *this, char *name) -{ - iterator_t *iterator; - connection_t *current; - bool found = FALSE; - - pthread_mutex_lock(&(this->mutex)); - iterator = this->connections->create_iterator(this->connections, TRUE); - while (iterator->iterate(iterator, (void **)¤t)) - { - if (strcmp(current->get_name(current), name) == 0) - { - /* remove connection from list, and destroy it */ - iterator->remove(iterator); - current->destroy(current); - found = TRUE; - break; - } - } - iterator->destroy(iterator); - pthread_mutex_unlock(&(this->mutex)); - if (found) - { - return SUCCESS; - } - return NOT_FOUND; -} - -/** - * Implementation of connection_store_t.add_connection. - */ -static status_t add_connection(private_local_connection_store_t *this, connection_t *connection) -{ - pthread_mutex_lock(&(this->mutex)); - this->connections->insert_last(this->connections, connection); - pthread_mutex_unlock(&(this->mutex)); - return SUCCESS; -} - -/** - * Implementation of connection_store_t.create_iterator. - */ -static iterator_t* create_iterator(private_local_connection_store_t *this) -{ - return this->connections->create_iterator_locked(this->connections, - &this->mutex); -} - -/** - * Implementation of connection_store_t.destroy. - */ -static void destroy (private_local_connection_store_t *this) -{ - pthread_mutex_lock(&(this->mutex)); - this->connections->destroy_offset(this->connections, offsetof(connection_t, destroy)); - pthread_mutex_unlock(&(this->mutex)); - free(this); -} - -/** - * Described in header. - */ -local_connection_store_t * local_connection_store_create(void) -{ - private_local_connection_store_t *this = malloc_thing(private_local_connection_store_t); - - this->public.connection_store.get_connection_by_hosts = (connection_t*(*)(connection_store_t*,host_t*,host_t*))get_connection_by_hosts; - this->public.connection_store.get_connection_by_name = (connection_t*(*)(connection_store_t*,char*))get_connection_by_name; - this->public.connection_store.delete_connection = (status_t(*)(connection_store_t*,char*))delete_connection; - this->public.connection_store.add_connection = (status_t(*)(connection_store_t*,connection_t*))add_connection; - this->public.connection_store.create_iterator = (iterator_t*(*)(connection_store_t*))create_iterator; - this->public.connection_store.destroy = (void(*)(connection_store_t*))destroy; - - /* private variables */ - this->connections = linked_list_create(); - pthread_mutex_init(&(this->mutex), NULL); - - return (&this->public); -} diff --git a/src/charon/config/connections/local_connection_store.h b/src/charon/config/connections/local_connection_store.h deleted file mode 100644 index e78ed809a..000000000 --- a/src/charon/config/connections/local_connection_store.h +++ /dev/null @@ -1,62 +0,0 @@ -/** - * @file local_connection_store.h - * - * @brief Interface of local_connection_store_t. - * - */ - -/* - * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#ifndef LOCAL_CONNECTION_H_ -#define LOCAL_CONNECTION_H_ - -typedef struct local_connection_store_t local_connection_store_t; - -#include <library.h> -#include <config/connections/connection_store.h> - -/** - * @brief A connection_store_t implementation using a simple connection list. - * - * The local_connection_store_t class implements the connection_store_t interface - * as simple as possible. connection_t's are stored in an in-memory list. - * - * @b Constructors: - * - local_connection_store_create() - * - * @todo Make thread-save first - * @todo Add remove_connection method - * - * @ingroup config - */ -struct local_connection_store_t { - - /** - * Implements connection_store_t interface - */ - connection_store_t connection_store; -}; - -/** - * @brief Creates a local_connection_store_t instance. - * - * @return connection store instance. - * - * @ingroup config - */ -local_connection_store_t * local_connection_store_create(void); - -#endif /* LOCAL_CONNECTION_H_ */ |