From 15fb7904f4431a6e7c305fd08732458f7f885e7e Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Tue, 11 Mar 2014 20:48:48 +0100 Subject: Imported Upstream version 5.1.2 --- src/pool/Makefile.am | 7 ++ src/pool/Makefile.in | 128 +++++++++++++++++------ src/pool/mysql.sql | 281 ++++++++++++++++++++++++++++++++++++++++++++++++++ src/pool/pool.c | 13 ++- src/pool/sqlite.sql | 283 +++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 676 insertions(+), 36 deletions(-) create mode 100644 src/pool/mysql.sql create mode 100644 src/pool/sqlite.sql (limited to 'src/pool') diff --git a/src/pool/Makefile.am b/src/pool/Makefile.am index 8b429a4ba..b8d662e57 100644 --- a/src/pool/Makefile.am +++ b/src/pool/Makefile.am @@ -1,3 +1,5 @@ +if USE_ATTR_SQL + ipsec_PROGRAMS = pool pool_SOURCES = \ @@ -14,3 +16,8 @@ AM_CPPFLAGS = \ pool_LDADD = \ $(top_builddir)/src/libstrongswan/libstrongswan.la \ $(top_builddir)/src/libhydra/libhydra.la + +endif USE_ATTR_SQL + +templatesdir = $(pkgdatadir)/templates/database/sql +dist_templates_DATA = mysql.sql sqlite.sql diff --git a/src/pool/Makefile.in b/src/pool/Makefile.in index f8db9ae33..63489034f 100644 --- a/src/pool/Makefile.in +++ b/src/pool/Makefile.in @@ -14,6 +14,7 @@ @SET_MAKE@ + VPATH = @srcdir@ am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' am__make_running_with_option = \ @@ -78,10 +79,10 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -ipsec_PROGRAMS = pool$(EXEEXT) +@USE_ATTR_SQL_TRUE@ipsec_PROGRAMS = pool$(EXEEXT) subdir = src/pool DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/depcomp + $(top_srcdir)/depcomp $(dist_templates_DATA) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ $(top_srcdir)/m4/config/ltoptions.m4 \ @@ -99,14 +100,16 @@ mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = -am__installdirs = "$(DESTDIR)$(ipsecdir)" +am__installdirs = "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(templatesdir)" PROGRAMS = $(ipsec_PROGRAMS) -am_pool_OBJECTS = pool.$(OBJEXT) pool_attributes.$(OBJEXT) \ - pool_usage.$(OBJEXT) +am__pool_SOURCES_DIST = pool.c pool_attributes.c pool_attributes.h \ + pool_usage.h pool_usage.c +@USE_ATTR_SQL_TRUE@am_pool_OBJECTS = pool.$(OBJEXT) \ +@USE_ATTR_SQL_TRUE@ pool_attributes.$(OBJEXT) \ +@USE_ATTR_SQL_TRUE@ pool_usage.$(OBJEXT) pool_OBJECTS = $(am_pool_OBJECTS) -pool_DEPENDENCIES = \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(top_builddir)/src/libhydra/libhydra.la +@USE_ATTR_SQL_TRUE@pool_DEPENDENCIES = $(top_builddir)/src/libstrongswan/libstrongswan.la \ +@USE_ATTR_SQL_TRUE@ $(top_builddir)/src/libhydra/libhydra.la AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent @@ -146,12 +149,40 @@ am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(pool_SOURCES) -DIST_SOURCES = $(pool_SOURCES) +DIST_SOURCES = $(am__pool_SOURCES_DIST) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +DATA = $(dist_templates_DATA) am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -186,8 +217,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -255,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -343,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -363,6 +401,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ @@ -373,19 +412,21 @@ top_srcdir = @top_srcdir@ urandom_device = @urandom_device@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ -pool_SOURCES = \ - pool.c pool_attributes.c pool_attributes.h \ - pool_usage.h pool_usage.c +@USE_ATTR_SQL_TRUE@pool_SOURCES = \ +@USE_ATTR_SQL_TRUE@ pool.c pool_attributes.c pool_attributes.h \ +@USE_ATTR_SQL_TRUE@ pool_usage.h pool_usage.c -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libhydra \ - -DPLUGINS=\""${pool_plugins}\"" +@USE_ATTR_SQL_TRUE@AM_CPPFLAGS = \ +@USE_ATTR_SQL_TRUE@ -I$(top_srcdir)/src/libstrongswan \ +@USE_ATTR_SQL_TRUE@ -I$(top_srcdir)/src/libhydra \ +@USE_ATTR_SQL_TRUE@ -DPLUGINS=\""${pool_plugins}\"" -pool_LDADD = \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(top_builddir)/src/libhydra/libhydra.la +@USE_ATTR_SQL_TRUE@pool_LDADD = \ +@USE_ATTR_SQL_TRUE@ $(top_builddir)/src/libstrongswan/libstrongswan.la \ +@USE_ATTR_SQL_TRUE@ $(top_builddir)/src/libhydra/libhydra.la +templatesdir = $(pkgdatadir)/templates/database/sql +dist_templates_DATA = mysql.sql sqlite.sql all: all-am .SUFFIXES: @@ -513,6 +554,27 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs +install-dist_templatesDATA: $(dist_templates_DATA) + @$(NORMAL_INSTALL) + @list='$(dist_templates_DATA)'; test -n "$(templatesdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(templatesdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(templatesdir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(templatesdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(templatesdir)" || exit $$?; \ + done + +uninstall-dist_templatesDATA: + @$(NORMAL_UNINSTALL) + @list='$(dist_templates_DATA)'; test -n "$(templatesdir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(templatesdir)'; $(am__uninstall_files_from_dir) ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -598,9 +660,9 @@ distdir: $(DISTFILES) done check-am: all-am check: check-am -all-am: Makefile $(PROGRAMS) +all-am: Makefile $(PROGRAMS) $(DATA) installdirs: - for dir in "$(DESTDIR)$(ipsecdir)"; do \ + for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(templatesdir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -656,7 +718,7 @@ info: info-am info-am: -install-data-am: install-ipsecPROGRAMS +install-data-am: install-dist_templatesDATA install-ipsecPROGRAMS install-dvi: install-dvi-am @@ -702,7 +764,7 @@ ps: ps-am ps-am: -uninstall-am: uninstall-ipsecPROGRAMS +uninstall-am: uninstall-dist_templatesDATA uninstall-ipsecPROGRAMS .MAKE: install-am install-strip @@ -711,17 +773,19 @@ uninstall-am: uninstall-ipsecPROGRAMS distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-ipsecPROGRAMS install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ + install-data-am install-dist_templatesDATA install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am \ + install-ipsecPROGRAMS install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-am uninstall uninstall-am uninstall-ipsecPROGRAMS + tags tags-am uninstall uninstall-am \ + uninstall-dist_templatesDATA uninstall-ipsecPROGRAMS -pool.o : $(top_builddir)/config.status +@USE_ATTR_SQL_TRUE@pool.o : $(top_builddir)/config.status # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/pool/mysql.sql b/src/pool/mysql.sql new file mode 100644 index 000000000..1b437593d --- /dev/null +++ b/src/pool/mysql.sql @@ -0,0 +1,281 @@ + +DROP TABLE IF EXISTS `identities`; +CREATE TABLE `identities` ( + `id` int(10) unsigned NOT NULL auto_increment, + `type` tinyint(4) unsigned NOT NULL, + `data` varbinary(64) NOT NULL, + PRIMARY KEY (`id`), + UNIQUE (`type`, `data`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `child_configs`; +CREATE TABLE `child_configs` ( + `id` int(10) unsigned NOT NULL auto_increment, + `name` varchar(32) collate utf8_unicode_ci NOT NULL, + `lifetime` mediumint(8) unsigned NOT NULL default '1500', + `rekeytime` mediumint(8) unsigned NOT NULL default '1200', + `jitter` mediumint(8) unsigned NOT NULL default '60', + `updown` varchar(128) collate utf8_unicode_ci default NULL, + `hostaccess` tinyint(1) unsigned NOT NULL default '0', + `mode` tinyint(4) unsigned NOT NULL default '2', + `start_action` tinyint(4) unsigned NOT NULL default '0', + `dpd_action` tinyint(4) unsigned NOT NULL default '0', + `close_action` tinyint(4) unsigned NOT NULL default '0', + `ipcomp` tinyint(4) unsigned NOT NULL default '0', + `reqid` mediumint(8) unsigned NOT NULL default '0', + PRIMARY KEY (`id`), + INDEX (`name`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `child_config_traffic_selector`; +CREATE TABLE `child_config_traffic_selector` ( + `child_cfg` int(10) unsigned NOT NULL, + `traffic_selector` int(10) unsigned NOT NULL, + `kind` tinyint(3) unsigned NOT NULL, + INDEX (`child_cfg`, `traffic_selector`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `proposals`; +CREATE TABLE `proposals` ( + `id` int(10) unsigned NOT NULL auto_increment, + `proposal` varchar(128) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `child_config_proposal`; +CREATE TABLE `child_config_proposal` ( + `child_cfg` int(10) unsigned NOT NULL, + `prio` smallint(5) unsigned NOT NULL, + `prop` int(10) unsigned NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `ike_configs`; +CREATE TABLE `ike_configs` ( + `id` int(10) unsigned NOT NULL auto_increment, + `certreq` tinyint(3) unsigned NOT NULL default '1', + `force_encap` tinyint(1) NOT NULL default '0', + `local` varchar(128) collate utf8_unicode_ci NOT NULL, + `remote` varchar(128) collate utf8_unicode_ci NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `ike_config_proposal`; +CREATE TABLE `ike_config_proposal` ( + `ike_cfg` int(10) unsigned NOT NULL, + `prio` smallint(5) unsigned NOT NULL, + `prop` int(10) unsigned NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `peer_configs`; +CREATE TABLE `peer_configs` ( + `id` int(10) unsigned NOT NULL auto_increment, + `name` varchar(32) collate utf8_unicode_ci NOT NULL, + `ike_version` tinyint(3) unsigned NOT NULL default '2', + `ike_cfg` int(10) unsigned NOT NULL, + `local_id` varchar(64) collate utf8_unicode_ci NOT NULL, + `remote_id` varchar(64) collate utf8_unicode_ci NOT NULL, + `cert_policy` tinyint(3) unsigned NOT NULL default '1', + `uniqueid` tinyint(3) unsigned NOT NULL default '0', + `auth_method` tinyint(3) unsigned NOT NULL default '1', + `eap_type` tinyint(3) unsigned NOT NULL default '0', + `eap_vendor` smallint(5) unsigned NOT NULL default '0', + `keyingtries` tinyint(3) unsigned NOT NULL default '3', + `rekeytime` mediumint(8) unsigned NOT NULL default '7200', + `reauthtime` mediumint(8) unsigned NOT NULL default '0', + `jitter` mediumint(8) unsigned NOT NULL default '180', + `overtime` mediumint(8) unsigned NOT NULL default '300', + `mobike` tinyint(1) NOT NULL default '1', + `dpd_delay` mediumint(8) unsigned NOT NULL default '120', + `virtual` varchar(40) default NULL, + `pool` varchar(32) default NULL, + `mediation` tinyint(1) NOT NULL default '0', + `mediated_by` int(10) unsigned NOT NULL default '0', + `peer_id` int(10) unsigned NOT NULL default '0', + PRIMARY KEY (`id`), + INDEX (`name`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `peer_config_child_config`; +CREATE TABLE `peer_config_child_config` ( + `peer_cfg` int(10) unsigned NOT NULL, + `child_cfg` int(10) unsigned NOT NULL, + PRIMARY KEY (`peer_cfg`, `child_cfg`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS `traffic_selectors`; +CREATE TABLE `traffic_selectors` ( + `id` int(10) unsigned NOT NULL auto_increment, + `type` tinyint(3) unsigned NOT NULL default '7', + `protocol` smallint(5) unsigned NOT NULL default '0', + `start_addr` varbinary(16) default NULL, + `end_addr` varbinary(16) default NULL, + `start_port` smallint(5) unsigned NOT NULL default '0', + `end_port` smallint(5) unsigned NOT NULL default '65535', + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS certificates; +CREATE TABLE certificates ( + `id` int(10) unsigned NOT NULL auto_increment, + `type` tinyint(3) unsigned NOT NULL, + `keytype` tinyint(3) unsigned NOT NULL, + `data` BLOB NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS certificate_identity; +CREATE TABLE certificate_identity ( + `certificate` int(10) unsigned NOT NULL, + `identity` int(10) unsigned NOT NULL, + PRIMARY KEY (`certificate`, `identity`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS private_keys; +CREATE TABLE private_keys ( + `id` int(10) unsigned NOT NULL auto_increment, + `type` tinyint(3) unsigned NOT NULL, + `data` BLOB NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS private_key_identity; +CREATE TABLE private_key_identity ( + `private_key` int(10) unsigned NOT NULL, + `identity` int(10) unsigned NOT NULL, + PRIMARY KEY (`private_key`, `identity`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS shared_secrets; +CREATE TABLE shared_secrets ( + `id` int(10) unsigned NOT NULL auto_increment, + `type` tinyint(3) unsigned NOT NULL, + `data` varbinary(256) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS shared_secret_identity; +CREATE TABLE shared_secret_identity ( + `shared_secret` int(10) unsigned NOT NULL, + `identity` int(10) unsigned NOT NULL, + PRIMARY KEY (`shared_secret`, `identity`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS certificate_authorities; +CREATE TABLE certificate_authorities ( + `id` int(10) unsigned NOT NULL auto_increment, + `certificate` int(10) unsigned NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS certificate_distribution_points; +CREATE TABLE certificate_distribution_points ( + `id` int(10) unsigned NOT NULL auto_increment, + `ca` int(10) unsigned NOT NULL, + `type` tinyint(3) unsigned NOT NULL, + `uri` varchar(256) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS pools; +CREATE TABLE pools ( + `id` int(10) unsigned NOT NULL auto_increment, + `name` varchar(32) NOT NULL, + `start` varbinary(16) NOT NULL, + `end` varbinary(16) NOT NULL, + `timeout` int(10) unsigned NOT NULL, + PRIMARY KEY (`id`), + UNIQUE (`name`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS addresses; +CREATE TABLE addresses ( + `id` int(10) unsigned NOT NULL auto_increment, + `pool` int(10) unsigned NOT NULL, + `address` varbinary(16) NOT NULL, + `identity` int(10) unsigned NOT NULL DEFAULT 0, + `acquired` int(10) unsigned NOT NULL DEFAULT 0, + `released` int(10) unsigned NOT NULL DEFAULT 1, + PRIMARY KEY (`id`), + INDEX (`pool`), + INDEX (`identity`), + INDEX (`address`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + +DROP TABLE IF EXISTS leases; +CREATE TABLE leases ( + `id` int(10) unsigned NOT NULL auto_increment, + `address` int(10) unsigned NOT NULL, + `identity` int(10) unsigned NOT NULL, + `acquired` int(10) unsigned NOT NULL, + `released` int(10) unsigned DEFAULT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + +DROP TABLE IF EXISTS attribute_pools; +CREATE TABLE attribute_pools ( + `id` int(10) unsigned NOT NULL auto_increment, + `name` varchar(32) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + +DROP TABLE IF EXISTS attributes; +CREATE TABLE attributes ( + `id` int(10) unsigned NOT NULL auto_increment, + `identity` int(10) unsigned NOT NULL default '0', + `pool` int(10) unsigned NOT NULL default '0', + `type` int(10) unsigned NOT NULL, + `value` varbinary(16) NOT NULL, + PRIMARY KEY (`id`), + INDEX (`identity`), + INDEX (`pool`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + +DROP TABLE IF EXISTS ike_sas; +CREATE TABLE ike_sas ( + `local_spi` varbinary(8) NOT NULL, + `remote_spi` varbinary(8) NOT NULL, + `id` int(10) unsigned NOT NULL, + `initiator` tinyint(1) NOT NULL, + `local_id_type` tinyint(3) NOT NULL, + `local_id_data` varbinary(64) DEFAULT NULL, + `remote_id_type` tinyint(3) NOT NULL, + `remote_id_data` varbinary(64) DEFAULT NULL, + `host_family` tinyint(3) NOT NULL, + `local_host_data` varbinary(16) NOT NULL, + `remote_host_data` varbinary(16) NOT NULL, + `lastuse` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (`local_spi`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + +DROP TABLE IF EXISTS logs; +CREATE TABLE logs ( + `id` int(10) unsigned NOT NULL auto_increment, + `local_spi` varbinary(8) NOT NULL, + `signal` tinyint(3) NOT NULL, + `level` tinyint(3) NOT NULL, + `msg` varchar(256) NOT NULL, + `time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; + + diff --git a/src/pool/pool.c b/src/pool/pool.c index 05043cd8c..265974860 100644 --- a/src/pool/pool.c +++ b/src/pool/pool.c @@ -1212,7 +1212,7 @@ int main(int argc, char *argv[]) atexit(library_deinit); /* initialize library */ - if (!library_init(NULL)) + if (!library_init(NULL, "pool")) { exit(SS_RC_LIBSTRONGSWAN_INTEGRITY); } @@ -1227,11 +1227,16 @@ int main(int argc, char *argv[]) { exit(SS_RC_INITIALIZATION_FAILED); } - - uri = lib->settings->get_str(lib->settings, "libhydra.plugins.attr-sql.database", NULL); + /* TODO: make database URI or setting key configurable via command line */ + uri = lib->settings->get_str(lib->settings, + "pool.database", + lib->settings->get_str(lib->settings, + "charon.plugins.attr-sql.database", + lib->settings->get_str(lib->settings, + "libhydra.plugins.attr-sql.database", NULL))); if (!uri) { - fprintf(stderr, "database URI libhydra.plugins.attr-sql.database not set.\n"); + fprintf(stderr, "database URI pool.database not set.\n"); exit(SS_RC_INITIALIZATION_FAILED); } db = lib->db->create(lib->db, uri); diff --git a/src/pool/sqlite.sql b/src/pool/sqlite.sql new file mode 100644 index 000000000..78012630b --- /dev/null +++ b/src/pool/sqlite.sql @@ -0,0 +1,283 @@ + + +DROP TABLE IF EXISTS identities; +CREATE TABLE identities ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + type INTEGER NOT NULL, + data BLOB NOT NULL, + UNIQUE (type, data) +); + + +DROP TABLE IF EXISTS child_configs; +CREATE TABLE child_configs ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + name TEXT NOT NULL, + lifetime INTEGER NOT NULL DEFAULT '1500', + rekeytime INTEGER NOT NULL DEFAULT '1200', + jitter INTEGER NOT NULL DEFAULT '60', + updown TEXT DEFAULT NULL, + hostaccess INTEGER NOT NULL DEFAULT '0', + mode INTEGER NOT NULL DEFAULT '2', + start_action INTEGER NOT NULL DEFAULT '0', + dpd_action INTEGER NOT NULL DEFAULT '0', + close_action INTEGER NOT NULL DEFAULT '0', + ipcomp INTEGER NOT NULL DEFAULT '0', + reqid INTEGER NOT NULL DEFAULT '0' +); +DROP INDEX IF EXISTS child_configs_name; +CREATE INDEX child_configs_name ON child_configs ( + name +); + + +DROP TABLE IF EXISTS child_config_traffic_selector; +CREATE TABLE child_config_traffic_selector ( + child_cfg INTEGER NOT NULL, + traffic_selector INTEGER NOT NULL, + kind INTEGER NOT NULL +); +DROP INDEX IF EXISTS child_config_traffic_selector; +CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( + child_cfg, traffic_selector +); + +DROP TABLE IF EXISTS proposals; +CREATE TABLE proposals ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + proposal TEXT NOT NULL +); + + +DROP TABLE IF EXISTS child_config_proposal; +CREATE TABLE child_config_proposal ( + child_cfg INTEGER NOT NULL, + prio INTEGER NOT NULL, + prop INTEGER NOT NULL +); + + +DROP TABLE IF EXISTS ike_configs; +CREATE TABLE ike_configs ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + certreq INTEGER NOT NULL DEFAULT '1', + force_encap INTEGER NOT NULL DEFAULT '0', + local TEXT NOT NULL, + remote TEXT NOT NULL +); + + +DROP TABLE IF EXISTS ike_config_proposal; +CREATE TABLE ike_config_proposal ( + ike_cfg INTEGER NOT NULL, + prio INTEGER NOT NULL, + prop INTEGER NOT NULL +); + + +DROP TABLE IF EXISTS peer_configs; +CREATE TABLE peer_configs ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + name TEXT NOT NULL, + ike_version INTEGER NOT NULL DEFAULT '2', + ike_cfg INTEGER NOT NULL, + local_id TEXT NOT NULL, + remote_id TEXT NOT NULL, + cert_policy INTEGER NOT NULL DEFAULT '1', + uniqueid INTEGER NOT NULL DEFAULT '0', + auth_method INTEGER NOT NULL DEFAULT '1', + eap_type INTEGER NOT NULL DEFAULT '0', + eap_vendor INTEGER NOT NULL DEFAULT '0', + keyingtries INTEGER NOT NULL DEFAULT '3', + rekeytime INTEGER NOT NULL DEFAULT '7200', + reauthtime INTEGER NOT NULL DEFAULT '0', + jitter INTEGER NOT NULL DEFAULT '180', + overtime INTEGER NOT NULL DEFAULT '300', + mobike INTEGER NOT NULL DEFAULT '1', + dpd_delay INTEGER NOT NULL DEFAULT '120', + virtual TEXT DEFAULT NULL, + pool TEXT DEFAULT NULL, + mediation INTEGER NOT NULL DEFAULT '0', + mediated_by INTEGER NOT NULL DEFAULT '0', + peer_id INTEGER NOT NULL DEFAULT '0' +); +DROP INDEX IF EXISTS peer_configs_name; +CREATE INDEX peer_configs_name ON peer_configs ( + name +); + + +DROP TABLE IF EXISTS peer_config_child_config; +CREATE TABLE peer_config_child_config ( + peer_cfg INTEGER NOT NULL, + child_cfg INTEGER NOT NULL, + PRIMARY KEY (peer_cfg, child_cfg) +); + + +DROP TABLE IF EXISTS traffic_selectors; +CREATE TABLE traffic_selectors ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + type INTEGER NOT NULL DEFAULT '7', + protocol INTEGER NOT NULL DEFAULT '0', + start_addr BLOB DEFAULT NULL, + end_addr BLOB DEFAULT NULL, + start_port INTEGER NOT NULL DEFAULT '0', + end_port INTEGER NOT NULL DEFAULT '65535' +); + + +DROP TABLE IF EXISTS certificates; +CREATE TABLE certificates ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + type INTEGER NOT NULL, + keytype INTEGER NOT NULL, + data BLOB NOT NULL +); + + +DROP TABLE IF EXISTS certificate_identity; +CREATE TABLE certificate_identity ( + certificate INTEGER NOT NULL, + identity INTEGER NOT NULL, + PRIMARY KEY (certificate, identity) +); + + +DROP TABLE IF EXISTS private_keys; +CREATE TABLE private_keys ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + type INTEGER NOT NULL, + data BLOB NOT NULL +); + + +DROP TABLE IF EXISTS private_key_identity; +CREATE TABLE private_key_identity ( + private_key INTEGER NOT NULL, + identity INTEGER NOT NULL, + PRIMARY KEY (private_key, identity) +); + + +DROP TABLE IF EXISTS shared_secrets; +CREATE TABLE shared_secrets ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + type INTEGER NOT NULL, + data BLOB NOT NULL +); + + +DROP TABLE IF EXISTS shared_secret_identity; +CREATE TABLE shared_secret_identity ( + shared_secret INTEGER NOT NULL, + identity INTEGER NOT NULL, + PRIMARY KEY (shared_secret, identity) +); + + +DROP TABLE IF EXISTS certificate_authorities; +CREATE TABLE certificate_authorities ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + certificate INTEGER NOT NULL +); + + +DROP TABLE IF EXISTS certificate_distribution_points; +CREATE TABLE certificate_distribution_points ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + ca INTEGER NOT NULL, + type INTEGER NOT NULL, + uri TEXT NOT NULL +); + + +DROP TABLE IF EXISTS pools; +CREATE TABLE pools ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + name TEXT NOT NULL UNIQUE, + start BLOB NOT NULL, + end BLOB NOT NULL, + timeout INTEGER NOT NULL +); + +DROP TABLE IF EXISTS addresses; +CREATE TABLE addresses ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + pool INTEGER NOT NULL, + address BLOB NOT NULL, + identity INTEGER NOT NULL DEFAULT 0, + acquired INTEGER NOT NULL DEFAULT 0, + released INTEGER NOT NULL DEFAULT 1 +); +DROP INDEX IF EXISTS addresses_pool; +CREATE INDEX addresses_pool ON addresses ( + pool +); +DROP INDEX IF EXISTS addresses_address; +CREATE INDEX addresses_address ON addresses ( + address +); +DROP INDEX IF EXISTS addresses_identity; +CREATE INDEX addresses_identity ON addresses ( + identity +); + +DROP TABLE IF EXISTS leases; +CREATE TABLE leases ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + address INTEGER NOT NULL, + identity INTEGER NOT NULL, + acquired INTEGER NOT NULL, + released INTEGER NOT NULL +); + +DROP TABLE IF EXISTS attribute_pools; +CREATE TABLE attribute_pools ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + name TEXT NOT NULL +); + +DROP TABLE IF EXISTS attributes; +CREATE TABLE attributes ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + identity INTEGER NOT NULL DEFAULT 0, + pool INTEGER NOT NULL DEFAULT 0, + type INTEGER NOT NULL, + value BLOB NOT NULL +); +DROP INDEX IF EXISTS attributes_identity; +CREATE INDEX attributes_identity ON attributes ( + identity +); +DROP INDEX IF EXISTS attributes_pool; +CREATE INDEX attributes_pool ON attributes ( + pool +); + +DROP TABLE IF EXISTS ike_sas; +CREATE TABLE ike_sas ( + local_spi BLOB NOT NULL PRIMARY KEY, + remote_spi BLOB NOT NULL, + id INTEGER NOT NULL, + initiator INTEGER NOT NULL, + local_id_type INTEGER NOT NULL, + local_id_data BLOB DEFAULT NULL, + remote_id_type INTEGER NOT NULL, + remote_id_data BLOB DEFAULT NULL, + host_family INTEGER NOT NULL, + local_host_data BLOB NOT NULL, + remote_host_data BLOB NOT NULL, + created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP +); + +DROP TABLE IF EXISTS logs; +CREATE TABLE logs ( + id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, + local_spi BLOB NOT NULL, + signal INTEGER NOT NULL, + level INTEGER NOT NULL, + msg TEXT NOT NULL, + time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP +); + -- cgit v1.2.3