7 files changed, 500 insertions, 0 deletions

diff --git a/src/libcharon/plugins/maemo/org.strongswan.charon.service b/src/libcharon/plugins/maemo/org.strongswan.charon.service
new file mode 100644
index 000000000..7dd31ed60
--- /dev/null
+++ b/src/libcharon/plugins/maemo/org.strongswan.charon.service
@@ -0,0 +1,4 @@
+[D-BUS Service]
+Name=org.strongswan.charon
+Exec=/usr/bin/run-standalone.sh /usr/libexec/ipsec/charon
+User=root
diff --git a/src/libcharon/plugins/stroke/stroke_shared_key.c b/src/libcharon/plugins/stroke/stroke_shared_key.c
new file mode 100644
index 000000000..4f716e83a
--- /dev/null
+++ b/src/libcharon/plugins/stroke/stroke_shared_key.c
@@ -0,0 +1,140 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "stroke_shared_key.h"
+
+#include <utils/linked_list.h>
+
+typedef struct private_stroke_shared_key_t private_stroke_shared_key_t;
+
+/**
+ * private data of shared_key
+ */
+struct private_stroke_shared_key_t {
+
+	/**
+	 * implements shared_key_t
+	 */
+	stroke_shared_key_t public;
+
+	/**
+	 * type of this key
+	 */
+	shared_key_type_t type;
+
+	/**
+	 * data of the key
+	 */
+	chunk_t key;
+
+	/**
+	 * list of key owners, as identification_t
+	 */
+	linked_list_t *owners;
+
+	/**
+	 * reference counter
+	 */
+	refcount_t ref;
+};
+
+/**
+ * Implementation of shared_key_t.get_type.
+ */
+static shared_key_type_t get_type(private_stroke_shared_key_t *this)
+{
+	return this->type;
+}
+
+/**
+ * Implementation of shared_key_t.get_ref.
+ */
+static private_stroke_shared_key_t* get_ref(private_stroke_shared_key_t *this)
+{
+	ref_get(&this->ref);
+	return this;
+}
+
+/**
+ * Implementation of shared_key_t.get_key.
+ */
+static chunk_t get_key(private_stroke_shared_key_t *this)
+{
+	return this->key;
+}
+
+/**
+ * Implementation of stroke_shared_key_t.has_owner.
+ */
+static id_match_t has_owner(private_stroke_shared_key_t *this, identification_t *owner)
+{
+	enumerator_t *enumerator;
+	id_match_t match, best = ID_MATCH_NONE;
+	identification_t *current;
+
+	enumerator = this->owners->create_enumerator(this->owners);
+	while (enumerator->enumerate(enumerator, &current))
+	{
+		match  = owner->matches(owner, current);
+		if (match > best)
+		{
+			best = match;
+		}
+	}
+	enumerator->destroy(enumerator);
+	return best;
+}
+/**
+ * Implementation of stroke_shared_key_t.add_owner.
+ */
+static void add_owner(private_stroke_shared_key_t *this, identification_t *owner)
+{
+	this->owners->insert_last(this->owners, owner);
+}
+
+/**
+ * Implementation of stroke_shared_key_t.destroy
+ */
+static void destroy(private_stroke_shared_key_t *this)
+{
+	if (ref_put(&this->ref))
+	{
+		this->owners->destroy_offset(this->owners, offsetof(identification_t, destroy));
+		chunk_free(&this->key);
+		free(this);
+	}
+}
+
+/**
+ * create a shared key
+ */
+stroke_shared_key_t *stroke_shared_key_create(shared_key_type_t type, chunk_t key)
+{
+	private_stroke_shared_key_t *this = malloc_thing(private_stroke_shared_key_t);
+
+	this->public.shared.get_type = (shared_key_type_t(*)(shared_key_t*))get_type;
+	this->public.shared.get_key = (chunk_t(*)(shared_key_t*))get_key;
+	this->public.shared.get_ref = (shared_key_t*(*)(shared_key_t*))get_ref;
+	this->public.shared.destroy = (void(*)(shared_key_t*))destroy;
+	this->public.add_owner = (void(*)(stroke_shared_key_t*, identification_t *owner))add_owner;
+	this->public.has_owner = (id_match_t(*)(stroke_shared_key_t*, identification_t *owner))has_owner;
+
+	this->owners = linked_list_create();
+	this->type = type;
+	this->key = key;
+	this->ref = 1;
+
+	return &this->public;
+}
diff --git a/src/libcharon/plugins/stroke/stroke_shared_key.h b/src/libcharon/plugins/stroke/stroke_shared_key.h
new file mode 100644
index 000000000..05ad55083
--- /dev/null
+++ b/src/libcharon/plugins/stroke/stroke_shared_key.h
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup stroke_shared_key stroke_shared_key
+ * @{ @ingroup stroke
+ */
+
+#ifndef STROKE_SHARED_KEY_H_
+#define STROKE_SHARED_KEY_H_
+
+#include <utils/identification.h>
+#include <credentials/keys/shared_key.h>
+
+typedef struct stroke_shared_key_t stroke_shared_key_t;
+
+/**
+ * Shared key implementation for keys read from ipsec.secrets
+ */
+struct stroke_shared_key_t {
+
+	/**
+	 * Implements the shared_key_t interface.
+	 */
+	shared_key_t shared;
+
+	/**
+	 * Add an owner to the key.
+	 *
+	 * @param owner		owner to add
+	 */
+	void (*add_owner)(stroke_shared_key_t *this, identification_t *owner);
+
+	/**
+	 * Check if a key has a specific owner.
+	 *
+	 * @param owner		owner to check
+	 * @return			best match found
+	 */
+	id_match_t (*has_owner)(stroke_shared_key_t *this, identification_t *owner);
+};
+
+/**
+ * Create a stroke_shared_key instance.
+ */
+stroke_shared_key_t *stroke_shared_key_create(shared_key_type_t type, chunk_t key);
+
+#endif /** STROKE_SHARED_KEY_H_ @}*/
diff --git a/src/libcharon/tnccs/tnccs.c b/src/libcharon/tnccs/tnccs.c
new file mode 100644
index 000000000..2facf02c8
--- /dev/null
+++ b/src/libcharon/tnccs/tnccs.c
@@ -0,0 +1,22 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tnccs.h"
+
+ENUM(eap_type_names, TNCCS_1_1, TNCCS_2_0,
+	"TNCCS 1.1",
+	"TNCCS SOH",
+	"TNCCS 2.0",
+);
diff --git a/src/libcharon/tnccs/tnccs.h b/src/libcharon/tnccs/tnccs.h
new file mode 100644
index 000000000..583512e82
--- /dev/null
+++ b/src/libcharon/tnccs/tnccs.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tnccs tnccs
+ * @{ @ingroup libcharon
+ */
+
+#ifndef TNCCS_H_
+#define TNCCS_H_
+
+typedef enum tnccs_type_t tnccs_type_t;
+
+#include <library.h>
+
+/**
+ * Type of TNC Client/Server protocol
+ */
+enum tnccs_type_t {
+	TNCCS_1_1,
+	TNCCS_SOH,
+	TNCCS_2_0
+};
+
+/**
+ * enum names for tnccs_type_t.
+ */
+extern enum_name_t *tnccs_type_names;
+
+typedef struct tnccs_t tnccs_t;
+
+/**
+ * Constructor definition for a pluggable TNCCS protocol implementation.
+ *
+ * @param is_server		TRUE if TNC Server, FALSE if TNC Client
+ * @return				implementation of the tnccs_t interface
+ */
+typedef tnccs_t* (*tnccs_constructor_t)(bool is_server);
+
+#endif /** TNC_H_ @}*/
diff --git a/src/libcharon/tnccs/tnccs_manager.c b/src/libcharon/tnccs/tnccs_manager.c
new file mode 100644
index 000000000..0fd6737c0
--- /dev/null
+++ b/src/libcharon/tnccs/tnccs_manager.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tnccs_manager.h"
+
+#include <utils/linked_list.h>
+#include <threading/rwlock.h>
+
+typedef struct private_tnccs_manager_t private_tnccs_manager_t;
+typedef struct tnccs_entry_t tnccs_entry_t;
+
+/**
+ * TNCCS constructor entry
+ */
+struct tnccs_entry_t {
+
+	/**
+	 * TNCCS protocol type
+	 */
+	tnccs_type_t type;
+
+	/**
+	 * constructor function to create instance
+	 */
+	tnccs_constructor_t constructor;
+};
+
+/**
+ * private data of tnccs_manager
+ */
+struct private_tnccs_manager_t {
+
+	/**
+	 * public functions
+	 */
+	tnccs_manager_t public;
+
+	/**
+	 * list of tnccs_entry_t's
+	 */
+	linked_list_t *protocols;
+
+	/**
+	 * rwlock to lock methods
+	 */
+	rwlock_t *lock;
+};
+
+METHOD(tnccs_manager_t, add_method, void,
+	private_tnccs_manager_t *this, tnccs_type_t type,
+	tnccs_constructor_t constructor)
+{
+	tnccs_entry_t *entry = malloc_thing(tnccs_entry_t);
+
+	entry->type = type;
+	entry->constructor = constructor;
+
+	this->lock->write_lock(this->lock);
+	this->protocols->insert_last(this->protocols, entry);
+	this->lock->unlock(this->lock);
+}
+
+METHOD(tnccs_manager_t, remove_method, void,
+	private_tnccs_manager_t *this, tnccs_constructor_t constructor)
+{
+	enumerator_t *enumerator;
+	tnccs_entry_t *entry;
+
+	this->lock->write_lock(this->lock);
+	enumerator = this->protocols->create_enumerator(this->protocols);
+	while (enumerator->enumerate(enumerator, &entry))
+	{
+		if (constructor == entry->constructor)
+		{
+			this->protocols->remove_at(this->protocols, enumerator);
+			free(entry);
+		}
+	}
+	enumerator->destroy(enumerator);
+	this->lock->unlock(this->lock);
+}
+
+METHOD(tnccs_manager_t, create_instance, tnccs_t*,
+	private_tnccs_manager_t *this, tnccs_type_t type, bool is_server)
+{
+	enumerator_t *enumerator;
+	tnccs_entry_t *entry;
+	tnccs_t *protocol = NULL;
+
+	this->lock->read_lock(this->lock);
+	enumerator = this->protocols->create_enumerator(this->protocols);
+	while (enumerator->enumerate(enumerator, &entry))
+	{
+		if (type == entry->type)
+		{
+			protocol = entry->constructor(is_server);
+			if (protocol)
+			{
+				break;
+			}
+		}
+	}
+	enumerator->destroy(enumerator);
+	this->lock->unlock(this->lock);
+	return protocol;
+}
+
+METHOD(tnccs_manager_t, destroy, void,
+	private_tnccs_manager_t *this)
+{
+	this->protocols->destroy_function(this->protocols, free);
+	this->lock->destroy(this->lock);
+	free(this);
+}
+
+/*
+ * See header
+ */
+tnccs_manager_t *tnccs_manager_create()
+{
+	private_tnccs_manager_t *this;
+
+	INIT(this,
+			.public = {
+				.add_method = _add_method,
+				.remove_method = _remove_method,
+				.create_instance = _create_instance,
+				.destroy = _destroy,
+			},
+			.protocols = linked_list_create(),
+			.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
+	);
+
+	return &this->public;
+}
+
diff --git a/src/libcharon/tnccs/tnccs_manager.h b/src/libcharon/tnccs/tnccs_manager.h
new file mode 100644
index 000000000..2f4a961a7
--- /dev/null
+++ b/src/libcharon/tnccs/tnccs_manager.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tnccs_manager tnccs_manager
+ * @{ @ingroup tnccs
+ */
+
+#ifndef TNCCS_MANAGER_H_
+#define TNCCS_MANAGER_H_
+
+#include "tnccs.h"
+
+typedef struct tnccs_manager_t tnccs_manager_t;
+
+/**
+ * The TNCCS manager manages all TNCCS implementations and creates instances.
+ *
+ * A plugin registers its implemented TNCCS protocol with the manager by
+ * providing type and a constructor function. The manager then creates
+ * TNCCS protocol instances via the provided constructor.
+ */
+struct tnccs_manager_t {
+
+	/**
+	 * Register a TNCCS protocol implementation.
+	 *
+	 * @param type			TNCCS protocol type
+	 * @param constructor	constructor, returns a TNCCS protocol implementation
+	 */
+	void (*add_method)(tnccs_manager_t *this, tnccs_type_t type,
+					   tnccs_constructor_t constructor);
+
+	/**
+	 * Unregister a TNCCS protocol implementation using it's constructor.
+	 *
+	 * @param constructor	constructor function to remove, as added in add_method
+	 */
+	void (*remove_method)(tnccs_manager_t *this, tnccs_constructor_t constructor);
+
+	/**
+	 * Create a new TNCCS protocol instance.
+	 *
+	 * @param type			type of the TNCCS protocol
+	 * @param is_server		TRUE if TNC Server, FALSE if TNC Client
+	 * @return				TNCCS protocol instance, NULL if no constructor found
+	 */
+	tnccs_t* (*create_instance)(tnccs_manager_t *this, tnccs_type_t type,
+								bool is_server);
+
+	/**
+	 * Destroy a tnccs_manager instance.
+	 */
+	void (*destroy)(tnccs_manager_t *this);
+};
+
+/**
+ * Create a tnccs_manager instance.
+ */
+tnccs_manager_t *tnccs_manager_create();
+
+#endif /** TNCCS_MANAGER_H_ @}*/