Return to ipseckey_plugin.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / ipseckey |
1.1 misho 1: /* 2: * Copyright (C) 2013 Tobias Brunner 3: * Copyright (C) 2012 Reto Guadagnini 4: * HSR Hochschule fuer Technik Rapperswil 5: * 6: * This program is free software; you can redistribute it and/or modify it 7: * under the terms of the GNU General Public License as published by the 8: * Free Software Foundation; either version 2 of the License, or (at your 9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 10: * 11: * This program is distributed in the hope that it will be useful, but 12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14: * for more details. 15: */ 16: 17: #include "ipseckey_plugin.h" 18: 19: #include <daemon.h> 20: #include "ipseckey_cred.h" 21: 22: typedef struct private_ipseckey_plugin_t private_ipseckey_plugin_t; 23: 24: 25: /** 26: * private data of the ipseckey plugin 27: */ 28: struct private_ipseckey_plugin_t { 29: 30: /** 31: * implements plugin interface 32: */ 33: ipseckey_plugin_t public; 34: 35: /** 36: * credential set 37: */ 38: ipseckey_cred_t *cred; 39: 40: /** 41: * IPSECKEY based authentication enabled 42: */ 43: bool enabled; 44: }; 45: 46: METHOD(plugin_t, get_name, char*, 47: private_ipseckey_plugin_t *this) 48: { 49: return "ipseckey"; 50: } 51: 52: METHOD(plugin_t, reload, bool, 53: private_ipseckey_plugin_t *this) 54: { 55: bool enabled = lib->settings->get_bool(lib->settings, 56: "%s.plugins.ipseckey.enable", FALSE, lib->ns); 57: 58: if (enabled != this->enabled) 59: { 60: if (enabled) 61: { 62: lib->credmgr->add_set(lib->credmgr, &this->cred->set); 63: } 64: else 65: { 66: lib->credmgr->remove_set(lib->credmgr, &this->cred->set); 67: } 68: this->enabled = enabled; 69: } 70: DBG1(DBG_CFG, "ipseckey plugin is %sabled", this->enabled ? "en" : "dis"); 71: return TRUE; 72: } 73: 74: /** 75: * Create resolver and register credential set 76: */ 77: static bool plugin_cb(private_ipseckey_plugin_t *this, 78: plugin_feature_t *feature, bool reg, void *cb_data) 79: { 80: if (reg) 81: { 82: resolver_t *res; 83: 84: res = lib->resolver->create(lib->resolver); 85: if (!res) 86: { 87: DBG1(DBG_CFG, "failed to create a DNS resolver instance"); 88: return FALSE; 89: } 90: 91: this->cred = ipseckey_cred_create(res); 92: reload(this); 93: } 94: else 95: { 96: if (this->enabled) 97: { 98: lib->credmgr->remove_set(lib->credmgr, &this->cred->set); 99: } 100: this->cred->destroy(this->cred); 101: } 102: return TRUE; 103: } 104: 105: METHOD(plugin_t, get_features, int, 106: private_ipseckey_plugin_t *this, plugin_feature_t *features[]) 107: { 108: static plugin_feature_t f[] = { 109: PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL), 110: PLUGIN_PROVIDE(CUSTOM, "ipseckey"), 111: PLUGIN_DEPENDS(RESOLVER), 112: PLUGIN_DEPENDS(PUBKEY, KEY_RSA), 113: PLUGIN_DEPENDS(CERT_ENCODE, CERT_TRUSTED_PUBKEY), 114: }; 115: *features = f; 116: return countof(f); 117: } 118: 119: METHOD(plugin_t, destroy, void, 120: private_ipseckey_plugin_t *this) 121: { 122: free(this); 123: } 124: 125: /* 126: * see header file 127: */ 128: plugin_t *ipseckey_plugin_create() 129: { 130: private_ipseckey_plugin_t *this; 131: 132: INIT(this, 133: .public = { 134: .plugin = { 135: .get_name = _get_name, 136: .get_features = _get_features, 137: .reload = _reload, 138: .destroy = _destroy, 139: }, 140: }, 141: ); 142: 143: return &this->public.plugin; 144: }