mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-04 00:00:14 -04:00
uci: Remove obsolete and broken plugin
The plugin was apparently broken for years because it uses functions that don't exist anymore. It was quite limited anyway, so it was never really used in OpenWrt to begin with (instead they generate configs in a custom init script).
This commit is contained in:
Tobias Brunner
parent
2b3a5172d8
commit
94cc07cab4
@ -233,7 +233,6 @@ ARG_ENABL_SET([socket-win], [enable Winsock2 based socket implementation for
|
||||
ARG_ENABL_SET([stroke], [enable the stroke configuration backend.])
|
||||
ARG_ENABL_SET([smp], [enable SMP configuration and control interface. Requires libxml.])
|
||||
ARG_ENABL_SET([sql], [enable SQL database configuration backend.])
|
||||
ARG_ENABL_SET([uci], [enable OpenWRT UCI configuration plugin.])
|
||||
ARG_DISBL_SET([vici], [disable strongSwan IKE generic IPC interface plugin.])
|
||||
# attribute provider/consumer plugins
|
||||
ARG_ENABL_SET([android-dns], [enable Android specific DNS handler.])
|
||||
@ -1235,11 +1234,6 @@ if test x$botan = xtrue; then
|
||||
LIBS=$saved_LIBS
|
||||
fi
|
||||
|
||||
if test x$uci = xtrue; then
|
||||
AC_CHECK_LIB([uci],[uci_alloc_context],[LIBS="$LIBS"],[AC_MSG_ERROR([UCI library libuci not found])],[])
|
||||
AC_CHECK_HEADER([uci.h],,[AC_MSG_ERROR([UCI header uci.h not found!])])
|
||||
fi
|
||||
|
||||
if test x$android_dns = xtrue; then
|
||||
AC_CHECK_LIB([cutils],[property_get],[LIBS="$LIBS"],[AC_MSG_ERROR([Android library libcutils not found])],[])
|
||||
AC_CHECK_HEADER([cutils/properties.h],,[AC_MSG_ERROR([Android header cutils/properties.h not found!])])
|
||||
@ -1672,7 +1666,6 @@ ADD_PLUGIN([led], [c charon])
|
||||
ADD_PLUGIN([duplicheck], [c charon])
|
||||
ADD_PLUGIN([coupling], [c charon])
|
||||
ADD_PLUGIN([radattr], [c charon])
|
||||
ADD_PLUGIN([uci], [c charon])
|
||||
ADD_PLUGIN([addrblock], [c charon])
|
||||
ADD_PLUGIN([unity], [c charon])
|
||||
ADD_PLUGIN([counters], [c charon])
|
||||
@ -1767,7 +1760,6 @@ AM_CONDITIONAL(USE_STROKE, test x$stroke = xtrue)
|
||||
AM_CONDITIONAL(USE_VICI, test x$vici = xtrue)
|
||||
AM_CONDITIONAL(USE_MEDSRV, test x$medsrv = xtrue)
|
||||
AM_CONDITIONAL(USE_MEDCLI, test x$medcli = xtrue)
|
||||
AM_CONDITIONAL(USE_UCI, test x$uci = xtrue)
|
||||
AM_CONDITIONAL(USE_OSX_ATTR, test x$osx_attr = xtrue)
|
||||
AM_CONDITIONAL(USE_P_CSCF, test x$p_cscf = xtrue)
|
||||
AM_CONDITIONAL(USE_ANDROID_DNS, test x$android_dns = xtrue)
|
||||
@ -2122,7 +2114,6 @@ AC_CONFIG_FILES([
|
||||
src/libcharon/plugins/medcli/Makefile
|
||||
src/libcharon/plugins/addrblock/Makefile
|
||||
src/libcharon/plugins/unity/Makefile
|
||||
src/libcharon/plugins/uci/Makefile
|
||||
src/libcharon/plugins/ha/Makefile
|
||||
src/libcharon/plugins/kernel_netlink/Makefile
|
||||
src/libcharon/plugins/kernel_pfkey/Makefile
|
||||
|
||||
@ -290,7 +290,7 @@ all|alpine|codeql|coverage|sonarcloud|no-dbg|no-testable-ke)
|
||||
CONFIG="--enable-all --disable-android-dns --disable-android-log
|
||||
--disable-kernel-pfroute --disable-keychain
|
||||
--disable-lock-profiler --disable-padlock --disable-fuzzing
|
||||
--disable-osx-attr --disable-tkm --disable-uci
|
||||
--disable-osx-attr --disable-tkm
|
||||
--disable-unwind-backtraces
|
||||
--disable-svc --disable-dbghelp-backtraces --disable-socket-win
|
||||
--disable-kernel-wfp --disable-kernel-iph --disable-winhttp"
|
||||
|
||||
@ -669,13 +669,6 @@ if MONOLITHIC
|
||||
endif
|
||||
endif
|
||||
|
||||
if USE_UCI
|
||||
SUBDIRS += plugins/uci
|
||||
if MONOLITHIC
|
||||
libcharon_la_LIBADD += plugins/uci/libstrongswan-uci.la
|
||||
endif
|
||||
endif
|
||||
|
||||
if USE_ADDRBLOCK
|
||||
SUBDIRS += plugins/addrblock
|
||||
if MONOLITHIC
|
||||
|
||||
@ -1,20 +0,0 @@
|
||||
AM_CPPFLAGS = \
|
||||
-I$(top_srcdir)/src/libstrongswan \
|
||||
-I$(top_srcdir)/src/libcharon
|
||||
|
||||
AM_CFLAGS = \
|
||||
$(PLUGIN_CFLAGS)
|
||||
|
||||
if MONOLITHIC
|
||||
noinst_LTLIBRARIES = libstrongswan-uci.la
|
||||
else
|
||||
plugin_LTLIBRARIES = libstrongswan-uci.la
|
||||
endif
|
||||
|
||||
libstrongswan_uci_la_SOURCES = \
|
||||
uci_plugin.h uci_plugin.c uci_parser.h uci_parser.c \
|
||||
uci_config.h uci_config.c uci_creds.h uci_creds.c \
|
||||
uci_control.h uci_control.c
|
||||
|
||||
libstrongswan_uci_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_uci_la_LIBADD = -luci
|
||||
@ -1,362 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
* Copyright (C) 2008 Tobias Brunner
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#define _GNU_SOURCE
|
||||
#include <string.h>
|
||||
|
||||
#include "uci_config.h"
|
||||
#include "uci_parser.h"
|
||||
|
||||
#include <daemon.h>
|
||||
|
||||
typedef struct private_uci_config_t private_uci_config_t;
|
||||
|
||||
/**
|
||||
* Private data of an uci_config_t object
|
||||
*/
|
||||
struct private_uci_config_t {
|
||||
|
||||
/**
|
||||
* Public part
|
||||
*/
|
||||
uci_config_t public;
|
||||
|
||||
/**
|
||||
* UCI parser context
|
||||
*/
|
||||
uci_parser_t *parser;
|
||||
};
|
||||
|
||||
/**
|
||||
* enumerator implementation for create_peer_cfg_enumerator
|
||||
*/
|
||||
typedef struct {
|
||||
/** implements enumerator */
|
||||
enumerator_t public;
|
||||
/** currently enumerated peer config */
|
||||
peer_cfg_t *peer_cfg;
|
||||
/** inner uci_parser section enumerator */
|
||||
enumerator_t *inner;
|
||||
} peer_enumerator_t;
|
||||
|
||||
/**
|
||||
* create a proposal from a string, with fallback to default
|
||||
*/
|
||||
static proposal_t *create_proposal(char *string, protocol_id_t proto)
|
||||
{
|
||||
proposal_t *proposal = NULL;
|
||||
|
||||
if (string)
|
||||
{
|
||||
proposal = proposal_create_from_string(proto, string);
|
||||
}
|
||||
if (!proposal)
|
||||
{ /* UCI default is aes/sha1 only */
|
||||
if (proto == PROTO_IKE)
|
||||
{
|
||||
proposal = proposal_create_from_string(proto,
|
||||
"aes128-aes192-aes256-sha1-modp1536-modp2048");
|
||||
}
|
||||
else
|
||||
{
|
||||
proposal = proposal_create_from_string(proto,
|
||||
"aes128-aes192-aes256-sha1");
|
||||
}
|
||||
}
|
||||
return proposal;
|
||||
}
|
||||
|
||||
/**
|
||||
* create an traffic selector, fallback to dynamic
|
||||
*/
|
||||
static traffic_selector_t *create_ts(char *string)
|
||||
{
|
||||
if (string)
|
||||
{
|
||||
traffic_selector_t *ts;
|
||||
|
||||
ts = traffic_selector_create_from_cidr(string, 0, 0, 65535);
|
||||
if (ts)
|
||||
{
|
||||
return ts;
|
||||
}
|
||||
}
|
||||
return traffic_selector_create_dynamic(0, 0, 65535);
|
||||
}
|
||||
|
||||
/**
|
||||
* create a rekey time from a string with hours, with fallback
|
||||
*/
|
||||
static u_int create_rekey(char *string)
|
||||
{
|
||||
u_int rekey = 0;
|
||||
|
||||
if (string)
|
||||
{
|
||||
rekey = atoi(string);
|
||||
if (rekey)
|
||||
{
|
||||
return rekey * 3600;
|
||||
}
|
||||
}
|
||||
/* every 12 hours */
|
||||
return 12 * 3600;
|
||||
}
|
||||
|
||||
METHOD(enumerator_t, peer_enumerator_enumerate, bool,
|
||||
peer_enumerator_t *this, va_list args)
|
||||
{
|
||||
char *name, *ike_proposal, *esp_proposal, *ike_rekey, *esp_rekey;
|
||||
char *local_id, *local_net, *remote_id, *remote_net;
|
||||
peer_cfg_t **cfg;
|
||||
child_cfg_t *child_cfg;
|
||||
ike_cfg_t *ike_cfg;
|
||||
auth_cfg_t *auth;
|
||||
ike_cfg_create_t ike = {
|
||||
.version = IKEV2,
|
||||
.local = "0.0.0.0",
|
||||
.local_port = charon->socket->get_port(charon->socket, FALSE),
|
||||
.remote = "0.0.0.0",
|
||||
.remote_port = IKEV2_UDP_PORT,
|
||||
.no_certreq = TRUE,
|
||||
};
|
||||
peer_cfg_create_t peer = {
|
||||
.cert_policy = CERT_SEND_IF_ASKED,
|
||||
.unique = UNIQUE_NO,
|
||||
.keyingtries = 1,
|
||||
.jitter_time = 1800,
|
||||
.over_time = 900,
|
||||
.dpd = 60,
|
||||
};
|
||||
child_cfg_create_t child = {
|
||||
.lifetime = {
|
||||
.time = {
|
||||
.life = create_rekey(esp_rekey) + 300,
|
||||
.rekey = create_rekey(esp_rekey),
|
||||
.jitter = 300
|
||||
},
|
||||
},
|
||||
.mode = MODE_TUNNEL,
|
||||
};
|
||||
|
||||
VA_ARGS_VGET(args, cfg);
|
||||
|
||||
/* defaults */
|
||||
name = "unnamed";
|
||||
local_id = NULL;
|
||||
remote_id = NULL;
|
||||
local_net = NULL;
|
||||
remote_net = NULL;
|
||||
ike_proposal = NULL;
|
||||
esp_proposal = NULL;
|
||||
ike_rekey = NULL;
|
||||
esp_rekey = NULL;
|
||||
|
||||
if (this->inner->enumerate(this->inner, &name, &local_id, &remote_id,
|
||||
&ike.local, &ike.remote, &local_net, &remote_net,
|
||||
&ike_proposal, &esp_proposal, &ike_rekey, &esp_rekey))
|
||||
{
|
||||
|
||||
DESTROY_IF(this->peer_cfg);
|
||||
ike_cfg = ike_cfg_create(&ike);
|
||||
ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE));
|
||||
peer.rekey_time = create_rekey(ike_rekey);
|
||||
this->peer_cfg = peer_cfg_create(name, ike_cfg, &peer);
|
||||
auth = auth_cfg_create();
|
||||
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
|
||||
auth->add(auth, AUTH_RULE_IDENTITY,
|
||||
identification_create_from_string(local_id));
|
||||
this->peer_cfg->add_auth_cfg(this->peer_cfg, auth, TRUE);
|
||||
|
||||
auth = auth_cfg_create();
|
||||
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
|
||||
if (remote_id)
|
||||
{
|
||||
auth->add(auth, AUTH_RULE_IDENTITY,
|
||||
identification_create_from_string(remote_id));
|
||||
}
|
||||
this->peer_cfg->add_auth_cfg(this->peer_cfg, auth, FALSE);
|
||||
|
||||
child_cfg = child_cfg_create(name, &child);
|
||||
child_cfg->add_proposal(child_cfg, create_proposal(esp_proposal, PROTO_ESP));
|
||||
child_cfg->add_traffic_selector(child_cfg, TRUE, create_ts(local_net));
|
||||
child_cfg->add_traffic_selector(child_cfg, FALSE, create_ts(remote_net));
|
||||
this->peer_cfg->add_child_cfg(this->peer_cfg, child_cfg);
|
||||
*cfg = this->peer_cfg;
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
METHOD(enumerator_t, peer_enumerator_destroy, void,
|
||||
peer_enumerator_t *this)
|
||||
{
|
||||
DESTROY_IF(this->peer_cfg);
|
||||
this->inner->destroy(this->inner);
|
||||
free(this);
|
||||
}
|
||||
|
||||
METHOD(backend_t, create_peer_cfg_enumerator, enumerator_t*,
|
||||
private_uci_config_t *this, identification_t *me, identification_t *other)
|
||||
{
|
||||
peer_enumerator_t *e;
|
||||
|
||||
INIT(e,
|
||||
.public = {
|
||||
.enumerate = enumerator_enumerate_default,
|
||||
.venumerate = _peer_enumerator_enumerate,
|
||||
.destroy = _peer_enumerator_destroy,
|
||||
},
|
||||
.inner = this->parser->create_section_enumerator(this->parser,
|
||||
"local_id", "remote_id", "local_addr", "remote_addr",
|
||||
"local_net", "remote_net", "ike_proposal", "esp_proposal",
|
||||
"ike_rekey", "esp_rekey", NULL),
|
||||
);
|
||||
if (!e->inner)
|
||||
{
|
||||
free(e);
|
||||
return NULL;
|
||||
}
|
||||
return &e->public;
|
||||
}
|
||||
|
||||
/**
|
||||
* enumerator implementation for create_ike_cfg_enumerator
|
||||
*/
|
||||
typedef struct {
|
||||
/** implements enumerator */
|
||||
enumerator_t public;
|
||||
/** currently enumerated ike config */
|
||||
ike_cfg_t *ike_cfg;
|
||||
/** inner uci_parser section enumerator */
|
||||
enumerator_t *inner;
|
||||
} ike_enumerator_t;
|
||||
|
||||
METHOD(enumerator_t, ike_enumerator_enumerate, bool,
|
||||
ike_enumerator_t *this, va_list args)
|
||||
{
|
||||
ike_cfg_t **cfg;
|
||||
ike_cfg_create_t ike = {
|
||||
.version = IKEV2,
|
||||
.local = "0.0.0.0",
|
||||
.local_port = charon->socket->get_port(charon->socket, FALSE),
|
||||
.remote = "0.0.0.0",
|
||||
.remote_port = IKEV2_UDP_PORT,
|
||||
.no_certreq = TRUE,
|
||||
};
|
||||
char *ike_proposal;
|
||||
|
||||
VA_ARGS_VGET(args, cfg);
|
||||
|
||||
/* defaults */
|
||||
ike_proposal = NULL;
|
||||
|
||||
if (this->inner->enumerate(this->inner, NULL,
|
||||
&ike.local, &ike.remote, &ike_proposal))
|
||||
{
|
||||
DESTROY_IF(this->ike_cfg);
|
||||
this->ike_cfg = ike_cfg_create(&ike);
|
||||
this->ike_cfg->add_proposal(this->ike_cfg,
|
||||
create_proposal(ike_proposal, PROTO_IKE));
|
||||
|
||||
*cfg = this->ike_cfg;
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
METHOD(enumerator_t, ike_enumerator_destroy, void,
|
||||
ike_enumerator_t *this)
|
||||
{
|
||||
DESTROY_IF(this->ike_cfg);
|
||||
this->inner->destroy(this->inner);
|
||||
free(this);
|
||||
}
|
||||
|
||||
METHOD(backend_t, create_ike_cfg_enumerator, enumerator_t*,
|
||||
private_uci_config_t *this, host_t *me, host_t *other)
|
||||
{
|
||||
ike_enumerator_t *e;
|
||||
|
||||
INIT(e,
|
||||
.public = {
|
||||
.enumerate = enumerator_enumerate_default,
|
||||
.venumerate = _ike_enumerator_enumerate,
|
||||
.destroy = _ike_enumerator_destroy,
|
||||
},
|
||||
.inner = this->parser->create_section_enumerator(this->parser,
|
||||
"local_addr", "remote_addr", "ike_proposal", NULL),
|
||||
);
|
||||
if (!e->inner)
|
||||
{
|
||||
free(e);
|
||||
return NULL;
|
||||
}
|
||||
return &e->public;
|
||||
}
|
||||
|
||||
METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
|
||||
private_uci_config_t *this, char *name)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
peer_cfg_t *current, *found = NULL;
|
||||
|
||||
enumerator = create_peer_cfg_enumerator(this, NULL, NULL);
|
||||
if (enumerator)
|
||||
{
|
||||
while (enumerator->enumerate(enumerator, ¤t))
|
||||
{
|
||||
if (streq(name, current->get_name(current)))
|
||||
{
|
||||
found = current->get_ref(current);
|
||||
break;
|
||||
}
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
return found;
|
||||
}
|
||||
|
||||
METHOD(uci_config_t, destroy, void,
|
||||
private_uci_config_t *this)
|
||||
{
|
||||
free(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* Described in header.
|
||||
*/
|
||||
uci_config_t *uci_config_create(uci_parser_t *parser)
|
||||
{
|
||||
private_uci_config_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.backend = {
|
||||
.create_peer_cfg_enumerator = _create_peer_cfg_enumerator,
|
||||
.create_ike_cfg_enumerator = _create_ike_cfg_enumerator,
|
||||
.get_peer_cfg_by_name = _get_peer_cfg_by_name,
|
||||
},
|
||||
.destroy = _destroy,
|
||||
},
|
||||
.parser = parser,
|
||||
);
|
||||
|
||||
return &this->public;
|
||||
}
|
||||
@ -1,56 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup uci_config_t uci_config
|
||||
* @{ @ingroup uci
|
||||
*/
|
||||
|
||||
#ifndef UCI_CONFIG_H_
|
||||
#define UCI_CONFIG_H_
|
||||
|
||||
#include "uci_parser.h"
|
||||
|
||||
#include <config/backend.h>
|
||||
|
||||
typedef struct uci_config_t uci_config_t;
|
||||
|
||||
/**
|
||||
* OpenWRT UCI configuration backend.
|
||||
*/
|
||||
struct uci_config_t {
|
||||
|
||||
/**
|
||||
* Implements backend_t interface
|
||||
*/
|
||||
backend_t backend;
|
||||
|
||||
/**
|
||||
* Destroy the backend.
|
||||
*/
|
||||
void (*destroy)(uci_config_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a UCI based configuration backend.
|
||||
*
|
||||
* @param parser UCI parser to use
|
||||
* @return configuration backend
|
||||
*/
|
||||
uci_config_t *uci_config_create(uci_parser_t *parser);
|
||||
|
||||
#endif /** UCI_CONFIG_H_ @}*/
|
||||
@ -1,303 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#define _GNU_SOURCE
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "uci_control.h"
|
||||
|
||||
#include <daemon.h>
|
||||
#include <threading/thread.h>
|
||||
#include <processing/jobs/callback_job.h>
|
||||
|
||||
#define FIFO_FILE "/var/run/charon.fifo"
|
||||
|
||||
|
||||
typedef struct private_uci_control_t private_uci_control_t;
|
||||
|
||||
/**
|
||||
* private data of uci_control_t
|
||||
*/
|
||||
struct private_uci_control_t {
|
||||
|
||||
/**
|
||||
* Public part
|
||||
*/
|
||||
uci_control_t public;
|
||||
};
|
||||
|
||||
/**
|
||||
* write answer to fifo
|
||||
*/
|
||||
static void write_fifo(private_uci_control_t *this, char *format, ...)
|
||||
{
|
||||
va_list args;
|
||||
FILE *out;
|
||||
|
||||
out = fopen(FIFO_FILE, "w");
|
||||
if (out)
|
||||
{
|
||||
va_start(args, format);
|
||||
vfprintf(out, format, args);
|
||||
va_end(args);
|
||||
fclose(out);
|
||||
}
|
||||
else
|
||||
{
|
||||
DBG1(DBG_CFG, "writing to UCI fifo failed: %s", strerror(errno));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* print IKE_SA status information
|
||||
*/
|
||||
static void status(private_uci_control_t *this, char *name)
|
||||
{
|
||||
enumerator_t *configs, *sas, *children;
|
||||
linked_list_t *list;
|
||||
ike_sa_t *ike_sa;
|
||||
child_sa_t *child_sa;
|
||||
peer_cfg_t *peer_cfg;
|
||||
char buf[2048];
|
||||
FILE *out = NULL;
|
||||
|
||||
configs = charon->backends->create_peer_cfg_enumerator(charon->backends,
|
||||
NULL, NULL, NULL, NULL, IKE_ANY);
|
||||
while (configs->enumerate(configs, &peer_cfg))
|
||||
{
|
||||
if (name && !streq(name, peer_cfg->get_name(peer_cfg)))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
sas = charon->controller->create_ike_sa_enumerator(
|
||||
charon->controller, TRUE);
|
||||
while (sas->enumerate(sas, &ike_sa))
|
||||
{
|
||||
if (!streq(ike_sa->get_name(ike_sa), peer_cfg->get_name(peer_cfg)))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
if (!out)
|
||||
{
|
||||
out = fmemopen(buf, sizeof(buf), "w");
|
||||
if (!out)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
}
|
||||
fprintf(out, "%-8s %-20D %-16H ", ike_sa->get_name(ike_sa),
|
||||
ike_sa->get_other_id(ike_sa), ike_sa->get_other_host(ike_sa));
|
||||
|
||||
children = ike_sa->create_child_sa_enumerator(ike_sa);
|
||||
while (children->enumerate(children, (void**)&child_sa))
|
||||
{
|
||||
list = linked_list_create_from_enumerator(
|
||||
child_sa->create_ts_enumerator(child_sa, FALSE));
|
||||
fprintf(out, "%#R", list);
|
||||
list->destroy(list);
|
||||
}
|
||||
children->destroy(children);
|
||||
fprintf(out, "\n");
|
||||
}
|
||||
sas->destroy(sas);
|
||||
}
|
||||
configs->destroy(configs);
|
||||
if (out)
|
||||
{
|
||||
fclose(out);
|
||||
write_fifo(this, "%s", buf);
|
||||
}
|
||||
else
|
||||
{
|
||||
write_fifo(this, "");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Initiate an IKE_SA
|
||||
*/
|
||||
static void initiate(private_uci_control_t *this, char *name)
|
||||
{
|
||||
peer_cfg_t *peer_cfg;
|
||||
child_cfg_t *child_cfg;
|
||||
enumerator_t *enumerator;
|
||||
|
||||
peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, name);
|
||||
if (peer_cfg)
|
||||
{
|
||||
enumerator = peer_cfg->create_child_cfg_enumerator(peer_cfg);
|
||||
if (enumerator->enumerate(enumerator, &child_cfg) &&
|
||||
charon->controller->initiate(charon->controller, peer_cfg,
|
||||
child_cfg->get_ref(child_cfg), controller_cb_empty,
|
||||
NULL, LEVEL_SILENT, 0, FALSE) == SUCCESS)
|
||||
{
|
||||
write_fifo(this, "connection '%s' established\n", name);
|
||||
}
|
||||
else
|
||||
{
|
||||
write_fifo(this, "establishing connection '%s' failed\n", name);
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
else
|
||||
{
|
||||
write_fifo(this, "no connection named '%s' found\n", name);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* terminate an IKE_SA
|
||||
*/
|
||||
static void terminate(private_uci_control_t *this, char *name)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
ike_sa_t *ike_sa;
|
||||
u_int id;
|
||||
|
||||
enumerator = charon->controller->create_ike_sa_enumerator(
|
||||
charon->controller, TRUE);
|
||||
while (enumerator->enumerate(enumerator, &ike_sa))
|
||||
{
|
||||
if (streq(name, ike_sa->get_name(ike_sa)))
|
||||
{
|
||||
id = ike_sa->get_unique_id(ike_sa);
|
||||
enumerator->destroy(enumerator);
|
||||
charon->controller->terminate_ike(charon->controller, id, FALSE,
|
||||
controller_cb_empty, NULL,
|
||||
LEVEL_SILENT, 0);
|
||||
write_fifo(this, "connection '%s' terminated\n", name);
|
||||
return;
|
||||
}
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
write_fifo(this, "no active connection named '%s'\n", name);
|
||||
}
|
||||
|
||||
/**
|
||||
* dispatch control request
|
||||
*/
|
||||
static void process(private_uci_control_t *this, char *message)
|
||||
{
|
||||
enumerator_t* enumerator;
|
||||
|
||||
enumerator = enumerator_create_token(message, " \n", "");
|
||||
if (enumerator->enumerate(enumerator, &message))
|
||||
{
|
||||
if (streq(message, "status"))
|
||||
{
|
||||
if (enumerator->enumerate(enumerator, &message))
|
||||
{
|
||||
status(this, message);
|
||||
}
|
||||
else
|
||||
{
|
||||
status(this, NULL);
|
||||
}
|
||||
}
|
||||
else if (streq(message, "up") &&
|
||||
enumerator->enumerate(enumerator, &message))
|
||||
{
|
||||
initiate(this, message);
|
||||
}
|
||||
else if (streq(message, "down") &&
|
||||
enumerator->enumerate(enumerator, &message))
|
||||
{
|
||||
terminate(this, message);
|
||||
}
|
||||
else
|
||||
{
|
||||
write_fifo(this, "usage: status [<name>] | up <name> | down <name>\n"
|
||||
" status format: name peer-id peer-addr tunnel(s)\n");
|
||||
}
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
|
||||
/**
|
||||
* read from fifo
|
||||
*/
|
||||
static job_requeue_t receive(private_uci_control_t *this)
|
||||
{
|
||||
char message[128];
|
||||
int len;
|
||||
bool oldstate;
|
||||
FILE *in;
|
||||
|
||||
memset(message, 0, sizeof(message));
|
||||
oldstate = thread_cancelability(TRUE);
|
||||
in = fopen(FIFO_FILE, "r");
|
||||
thread_cancelability(oldstate);
|
||||
if (in)
|
||||
{
|
||||
len = fread(message, 1, sizeof(message) - 1, in);
|
||||
fclose(in);
|
||||
if (len > 0)
|
||||
{
|
||||
process(this, message);
|
||||
}
|
||||
else
|
||||
{
|
||||
DBG1(DBG_DMN, "reading from UCI fifo failed: %s", strerror(errno));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
DBG1(DBG_DMN, "opening UCI fifo failed: %s", strerror(errno));
|
||||
}
|
||||
return JOB_REQUEUE_FAIR;
|
||||
}
|
||||
|
||||
METHOD(uci_control_t, destroy, void,
|
||||
private_uci_control_t *this)
|
||||
{
|
||||
unlink(FIFO_FILE);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* Described in header.
|
||||
*/
|
||||
uci_control_t *uci_control_create()
|
||||
{
|
||||
private_uci_control_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.destroy = _destroy,
|
||||
},
|
||||
);
|
||||
|
||||
unlink(FIFO_FILE);
|
||||
if (mkfifo(FIFO_FILE, S_IRUSR|S_IWUSR) != 0)
|
||||
{
|
||||
DBG1(DBG_CFG, "creating UCI control fifo '%s' failed: %s",
|
||||
FIFO_FILE, strerror(errno));
|
||||
}
|
||||
else
|
||||
{
|
||||
lib->processor->queue_job(lib->processor,
|
||||
(job_t*)callback_job_create_with_prio((callback_job_cb_t)receive,
|
||||
this, NULL, callback_job_cancel_thread,
|
||||
JOB_PRIO_CRITICAL));
|
||||
}
|
||||
return &this->public;
|
||||
}
|
||||
@ -1,43 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup uci_control_t uci_control
|
||||
* @{ @ingroup uci
|
||||
*/
|
||||
|
||||
#ifndef UCI_CONTROL_H_
|
||||
#define UCI_CONTROL_H_
|
||||
|
||||
typedef struct uci_control_t uci_control_t;
|
||||
|
||||
/**
|
||||
* UCI control interface, uses a simple FIFO file
|
||||
*/
|
||||
struct uci_control_t {
|
||||
|
||||
/**
|
||||
* Destroy the controller
|
||||
*/
|
||||
void (*destroy)(uci_control_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a UCI based configuration backend.
|
||||
*/
|
||||
uci_control_t *uci_control_create();
|
||||
|
||||
#endif /** UCI_CONTROL_H_ @}*/
|
||||
@ -1,177 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
* Copyright (C) 2008 Tobias Brunner
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include "uci_creds.h"
|
||||
|
||||
#include <daemon.h>
|
||||
#include <credentials/keys/shared_key.h>
|
||||
#include <utils/identification.h>
|
||||
|
||||
typedef struct private_uci_creds_t private_uci_creds_t;
|
||||
|
||||
/**
|
||||
* Private data of an uci_creds_t object
|
||||
*/
|
||||
struct private_uci_creds_t {
|
||||
/**
|
||||
* Public part
|
||||
*/
|
||||
uci_creds_t public;
|
||||
|
||||
/**
|
||||
* UCI parser context
|
||||
*/
|
||||
uci_parser_t *parser;
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
/** implements enumerator */
|
||||
enumerator_t public;
|
||||
/** inner UCI enumerator */
|
||||
enumerator_t *inner;
|
||||
/** currently enumerated shared shared */
|
||||
shared_key_t *current;
|
||||
/** local ID to match */
|
||||
identification_t *me;
|
||||
/** remote ID to match */
|
||||
identification_t *other;
|
||||
} shared_enumerator_t;
|
||||
|
||||
METHOD(enumerator_t, shared_enumerator_enumerate, bool,
|
||||
shared_enumerator_t *this, va_list args)
|
||||
{
|
||||
shared_key_t **key;
|
||||
id_match_t *me, *other;
|
||||
char *local_id, *remote_id, *psk;
|
||||
identification_t *local, *remote;
|
||||
|
||||
VA_ARGS_VGET(args, key, me, other);
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
/* defaults */
|
||||
local_id = "%any";
|
||||
remote_id = "%any";
|
||||
psk = NULL;
|
||||
|
||||
if (!this->inner->enumerate(this->inner, NULL,
|
||||
&local_id, &remote_id, &psk))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
if (psk == NULL)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
if (me)
|
||||
{
|
||||
local = identification_create_from_string(local_id);
|
||||
*me = this->me ? this->me->matches(this->me, local)
|
||||
: ID_MATCH_ANY;
|
||||
local->destroy(local);
|
||||
if (!*me)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
}
|
||||
if (other)
|
||||
{
|
||||
remote = identification_create_from_string(remote_id);
|
||||
*other = this->other ? this->other->matches(this->other, remote)
|
||||
: ID_MATCH_ANY;
|
||||
remote->destroy(remote);
|
||||
if (!*other)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
DESTROY_IF(this->current);
|
||||
this->current = shared_key_create(SHARED_IKE,
|
||||
chunk_clone(chunk_create(psk, strlen(psk))));
|
||||
*key = this->current;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(enumerator_t, shared_enumerator_destroy, void,
|
||||
shared_enumerator_t *this)
|
||||
{
|
||||
this->inner->destroy(this->inner);
|
||||
DESTROY_IF(this->current);
|
||||
free(this);
|
||||
}
|
||||
|
||||
METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
|
||||
private_uci_creds_t *this, shared_key_type_t type,
|
||||
identification_t *me, identification_t *other)
|
||||
{
|
||||
shared_enumerator_t *e;
|
||||
|
||||
if (type != SHARED_IKE)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
INIT(e,
|
||||
.public = {
|
||||
.enumerate = enumerator_enumerate_default,
|
||||
.venumerate = _shared_enumerator_enumerate,
|
||||
.destroy = _shared_enumerator_destroy,
|
||||
},
|
||||
.me = me,
|
||||
.other = other,
|
||||
.inner = this->parser->create_section_enumerator(this->parser,
|
||||
"local_id", "remote_id", "psk", NULL),
|
||||
);
|
||||
if (!e->inner)
|
||||
{
|
||||
free(e);
|
||||
return NULL;
|
||||
}
|
||||
return &e->public;
|
||||
}
|
||||
|
||||
METHOD(uci_creds_t, destroy, void,
|
||||
private_uci_creds_t *this)
|
||||
{
|
||||
free(this);
|
||||
}
|
||||
|
||||
uci_creds_t *uci_creds_create(uci_parser_t *parser)
|
||||
{
|
||||
private_uci_creds_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.credential_set = {
|
||||
.create_shared_enumerator = _create_shared_enumerator,
|
||||
.create_private_enumerator = (void*)return_null,
|
||||
.create_cert_enumerator = (void*)return_null,
|
||||
.create_cdp_enumerator = (void*)return_null,
|
||||
.cache_cert = (void*)nop,
|
||||
},
|
||||
.destroy = _destroy,
|
||||
},
|
||||
);
|
||||
|
||||
this->parser = parser;
|
||||
|
||||
return &this->public;
|
||||
}
|
||||
|
||||
@ -1,56 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup uci_creds_t uci_creds
|
||||
* @{ @ingroup uci
|
||||
*/
|
||||
|
||||
#ifndef UCI_CREDS_H_
|
||||
#define UCI_CREDS_H_
|
||||
|
||||
#include "uci_parser.h"
|
||||
|
||||
#include <credentials/credential_set.h>
|
||||
|
||||
typedef struct uci_creds_t uci_creds_t;
|
||||
|
||||
/**
|
||||
* OpenWRT UCI credential set implementation.
|
||||
*/
|
||||
struct uci_creds_t {
|
||||
|
||||
/**
|
||||
* Implements credential set interface.
|
||||
*/
|
||||
credential_set_t credential_set;
|
||||
|
||||
/**
|
||||
* Destroy the backend.
|
||||
*/
|
||||
void (*destroy)(uci_creds_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a UCI based credential set.
|
||||
*
|
||||
* @param parser UCI parser to use
|
||||
* @return credential set
|
||||
*/
|
||||
uci_creds_t *uci_creds_create(uci_parser_t *parser);
|
||||
|
||||
#endif /** UCI_CREDS_H_ @}*/
|
||||
@ -1,181 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include "uci_parser.h"
|
||||
|
||||
#include <stdarg.h>
|
||||
|
||||
#include <library.h>
|
||||
#include <uci.h>
|
||||
|
||||
typedef struct private_uci_parser_t private_uci_parser_t;
|
||||
|
||||
/**
|
||||
* Private data of an uci_parser_t object
|
||||
*/
|
||||
struct private_uci_parser_t {
|
||||
|
||||
/**
|
||||
* Public part
|
||||
*/
|
||||
uci_parser_t public;
|
||||
|
||||
/**
|
||||
* UCI package name this parser reads
|
||||
*/
|
||||
char *package;
|
||||
};
|
||||
|
||||
/**
|
||||
* enumerator implementation create_section_enumerator
|
||||
*/
|
||||
typedef struct {
|
||||
/** implements enumerator */
|
||||
enumerator_t public;
|
||||
/** currently enumerated uci section */
|
||||
struct uci_element *current;
|
||||
/** all uci ipsec config sections */
|
||||
struct uci_list *list;
|
||||
/** uci conntext */
|
||||
struct uci_context *ctx;
|
||||
/** ipsec uci package */
|
||||
struct uci_package *package;
|
||||
/** NULL terminated list of keywords */
|
||||
char *keywords[];
|
||||
} section_enumerator_t;
|
||||
|
||||
METHOD(enumerator_t, section_enumerator_enumerate, bool,
|
||||
section_enumerator_t *this, va_list args)
|
||||
{
|
||||
struct uci_element *element;
|
||||
char **value;
|
||||
int i;
|
||||
|
||||
if (&this->current->list == this->list)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
value = va_arg(args, char**);
|
||||
if (value)
|
||||
{
|
||||
if (uci_lookup(this->ctx, &element, this->package,
|
||||
this->current->name, "name") == UCI_OK)
|
||||
{ /* use "name" attribute as config name if available ... */
|
||||
*value = uci_to_option(element)->v.string;
|
||||
}
|
||||
else
|
||||
{ /* ... or the section name becomes config name */
|
||||
*value = uci_to_section(this->current)->type;
|
||||
}
|
||||
}
|
||||
|
||||
/* followed by keyword parameters */
|
||||
for (i = 0; this->keywords[i]; i++)
|
||||
{
|
||||
value = va_arg(args, char**);
|
||||
if (value && uci_lookup(this->ctx, &element, this->package,
|
||||
this->current->name, this->keywords[i]) == UCI_OK)
|
||||
{
|
||||
*value = uci_to_option(element)->v.string;
|
||||
}
|
||||
}
|
||||
|
||||
this->current = list_to_element(this->current->list.next);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(enumerator_t, section_enumerator_destroy, void,
|
||||
section_enumerator_t *this)
|
||||
{
|
||||
uci_free_context(this->ctx);
|
||||
free(this);
|
||||
}
|
||||
|
||||
METHOD(uci_parser_t, create_section_enumerator, enumerator_t*,
|
||||
private_uci_parser_t *this, ...)
|
||||
{
|
||||
section_enumerator_t *e;
|
||||
va_list args;
|
||||
int i;
|
||||
|
||||
/* allocate enumerator large enough to hold keyword pointers */
|
||||
i = 1;
|
||||
va_start(args, this);
|
||||
while (va_arg(args, char*))
|
||||
{
|
||||
i++;
|
||||
}
|
||||
va_end(args);
|
||||
INIT_EXTRA(e, sizeof(char*) * i,
|
||||
.public = {
|
||||
.enumerate = enumerator_enumerate_default,
|
||||
.venumerate = _section_enumerator_enumerate,
|
||||
.destroy = _section_enumerator_destroy,
|
||||
},
|
||||
);
|
||||
i = 0;
|
||||
va_start(args, this);
|
||||
do
|
||||
{
|
||||
e->keywords[i] = va_arg(args, char*);
|
||||
}
|
||||
while (e->keywords[i++]);
|
||||
va_end(args);
|
||||
|
||||
/* load uci context */
|
||||
e->ctx = uci_alloc_context();
|
||||
if (uci_load(e->ctx, this->package, &e->package) != UCI_OK)
|
||||
{
|
||||
section_enumerator_destroy(e);
|
||||
return NULL;
|
||||
}
|
||||
e->list = &e->package->sections;
|
||||
e->current = list_to_element(e->list->next);
|
||||
if (e->current->type != UCI_TYPE_SECTION)
|
||||
{
|
||||
section_enumerator_destroy(e);
|
||||
return NULL;
|
||||
}
|
||||
return &e->public;
|
||||
}
|
||||
|
||||
METHOD(uci_parser_t, destroy, void,
|
||||
private_uci_parser_t *this)
|
||||
{
|
||||
free(this->package);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* Described in header.
|
||||
*/
|
||||
uci_parser_t *uci_parser_create(char *package)
|
||||
{
|
||||
private_uci_parser_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.create_section_enumerator = _create_section_enumerator,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
.package = strdup(package),
|
||||
);
|
||||
|
||||
return &this->public;
|
||||
}
|
||||
|
||||
@ -1,60 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup uci_parser_t uci_parser
|
||||
* @{ @ingroup uci
|
||||
*/
|
||||
|
||||
#ifndef UCI_PARSER_H_
|
||||
#define UCI_PARSER_H_
|
||||
|
||||
#include <collections/enumerator.h>
|
||||
|
||||
typedef struct uci_parser_t uci_parser_t;
|
||||
|
||||
/**
|
||||
* Wrapper to parse UCI sections with an enumerator.
|
||||
*/
|
||||
struct uci_parser_t {
|
||||
|
||||
/**
|
||||
* Create an enumerator over a section.
|
||||
*
|
||||
* The enumerator returns a section name followed by values for the keywords
|
||||
* specified in the variable argument list of this function.
|
||||
*
|
||||
* @param ... variable argument list with keywords, NULL terminated
|
||||
* @return enumerator over sections
|
||||
*/
|
||||
enumerator_t* (*create_section_enumerator)(uci_parser_t *this, ...);
|
||||
|
||||
/**
|
||||
* Destroy the parser.
|
||||
*/
|
||||
void (*destroy)(uci_parser_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a UCI parser.
|
||||
*
|
||||
* @param package UCI package this parser should read
|
||||
* @return parser context
|
||||
*/
|
||||
uci_parser_t *uci_parser_create(char *package);
|
||||
|
||||
#endif /** UCI_PARSER_H_ @}*/
|
||||
@ -1,131 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include "uci_plugin.h"
|
||||
#include "uci_config.h"
|
||||
#include "uci_creds.h"
|
||||
#include "uci_control.h"
|
||||
|
||||
#include <daemon.h>
|
||||
|
||||
/**
|
||||
* UCI package name to use for lookups
|
||||
*/
|
||||
#define UCI_PACKAGE "strongswan"
|
||||
|
||||
typedef struct private_uci_plugin_t private_uci_plugin_t;
|
||||
|
||||
/**
|
||||
* private data of uci plugin
|
||||
*/
|
||||
struct private_uci_plugin_t {
|
||||
|
||||
/**
|
||||
* implements plugin interface
|
||||
*/
|
||||
uci_plugin_t public;
|
||||
|
||||
/**
|
||||
* UCI configuration backend
|
||||
*/
|
||||
uci_config_t *config;
|
||||
|
||||
/**
|
||||
* UCI credential set implementation
|
||||
*/
|
||||
uci_creds_t *creds;
|
||||
|
||||
/**
|
||||
* UCI parser wrapper
|
||||
*/
|
||||
uci_parser_t *parser;
|
||||
|
||||
/**
|
||||
* UCI control interface
|
||||
*/
|
||||
uci_control_t *control;
|
||||
};
|
||||
|
||||
METHOD(plugin_t, get_name, char*,
|
||||
private_uci_plugin_t *this)
|
||||
{
|
||||
return "uci";
|
||||
}
|
||||
|
||||
/**
|
||||
* Register backend
|
||||
*/
|
||||
static bool plugin_cb(private_uci_plugin_t *this,
|
||||
plugin_feature_t *feature, bool reg, void *cb_data)
|
||||
{
|
||||
if (reg)
|
||||
{
|
||||
charon->backends->add_backend(charon->backends, &this->config->backend);
|
||||
lib->credmgr->add_set(lib->credmgr, &this->creds->credential_set);
|
||||
}
|
||||
else
|
||||
{
|
||||
charon->backends->remove_backend(charon->backends,
|
||||
&this->config->backend);
|
||||
lib->credmgr->remove_set(lib->credmgr, &this->creds->credential_set);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(plugin_t, get_features, int,
|
||||
private_uci_plugin_t *this, plugin_feature_t *features[])
|
||||
{
|
||||
static plugin_feature_t f[] = {
|
||||
PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL),
|
||||
PLUGIN_PROVIDE(CUSTOM, "uci"),
|
||||
};
|
||||
*features = f;
|
||||
return countof(f);
|
||||
}
|
||||
|
||||
METHOD(plugin_t, destroy, void,
|
||||
private_uci_plugin_t *this)
|
||||
{
|
||||
this->config->destroy(this->config);
|
||||
this->creds->destroy(this->creds);
|
||||
this->parser->destroy(this->parser);
|
||||
this->control->destroy(this->control);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* see header file
|
||||
*/
|
||||
plugin_t *uci_plugin_create()
|
||||
{
|
||||
private_uci_plugin_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.plugin = {
|
||||
.get_name = _get_name,
|
||||
.get_features = _get_features,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
},
|
||||
.parser = uci_parser_create(UCI_PACKAGE),
|
||||
.control = uci_control_create(),
|
||||
);
|
||||
this->config = uci_config_create(this->parser);
|
||||
this->creds = uci_creds_create(this->parser);
|
||||
|
||||
return &this->public.plugin;
|
||||
}
|
||||
@ -1,44 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2008 Thomas Kallenberg
|
||||
* Copyright (C) 2008 Martin Willi
|
||||
*
|
||||
* Copyright (C) secunet Security Networks AG
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup uci uci
|
||||
* @ingroup cplugins
|
||||
*
|
||||
* @defgroup uci_plugin uci_plugin
|
||||
* @{ @ingroup uci
|
||||
*/
|
||||
|
||||
#ifndef UCI_PLUGIN_H_
|
||||
#define UCI_PLUGIN_H_
|
||||
|
||||
#include <plugins/plugin.h>
|
||||
|
||||
typedef struct uci_plugin_t uci_plugin_t;
|
||||
|
||||
/**
|
||||
* OpenWRT UCI (Unified Configuration Interface) configuration plugin.
|
||||
*/
|
||||
struct uci_plugin_t {
|
||||
|
||||
/**
|
||||
* implements plugin interface
|
||||
*/
|
||||
plugin_t plugin;
|
||||
};
|
||||
|
||||
#endif /** UCI_PLUGIN_H_ @}*/
|
||||
Loading…
x
Reference in New Issue
Block a user