Annotation of embedaddon/strongswan/src/libcharon/plugins/ipseckey/ipseckey_plugin.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2013 Tobias Brunner
3: * Copyright (C) 2012 Reto Guadagnini
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: #include "ipseckey_plugin.h"
18:
19: #include <daemon.h>
20: #include "ipseckey_cred.h"
21:
22: typedef struct private_ipseckey_plugin_t private_ipseckey_plugin_t;
23:
24:
25: /**
26: * private data of the ipseckey plugin
27: */
28: struct private_ipseckey_plugin_t {
29:
30: /**
31: * implements plugin interface
32: */
33: ipseckey_plugin_t public;
34:
35: /**
36: * credential set
37: */
38: ipseckey_cred_t *cred;
39:
40: /**
41: * IPSECKEY based authentication enabled
42: */
43: bool enabled;
44: };
45:
46: METHOD(plugin_t, get_name, char*,
47: private_ipseckey_plugin_t *this)
48: {
49: return "ipseckey";
50: }
51:
52: METHOD(plugin_t, reload, bool,
53: private_ipseckey_plugin_t *this)
54: {
55: bool enabled = lib->settings->get_bool(lib->settings,
56: "%s.plugins.ipseckey.enable", FALSE, lib->ns);
57:
58: if (enabled != this->enabled)
59: {
60: if (enabled)
61: {
62: lib->credmgr->add_set(lib->credmgr, &this->cred->set);
63: }
64: else
65: {
66: lib->credmgr->remove_set(lib->credmgr, &this->cred->set);
67: }
68: this->enabled = enabled;
69: }
70: DBG1(DBG_CFG, "ipseckey plugin is %sabled", this->enabled ? "en" : "dis");
71: return TRUE;
72: }
73:
74: /**
75: * Create resolver and register credential set
76: */
77: static bool plugin_cb(private_ipseckey_plugin_t *this,
78: plugin_feature_t *feature, bool reg, void *cb_data)
79: {
80: if (reg)
81: {
82: resolver_t *res;
83:
84: res = lib->resolver->create(lib->resolver);
85: if (!res)
86: {
87: DBG1(DBG_CFG, "failed to create a DNS resolver instance");
88: return FALSE;
89: }
90:
91: this->cred = ipseckey_cred_create(res);
92: reload(this);
93: }
94: else
95: {
96: if (this->enabled)
97: {
98: lib->credmgr->remove_set(lib->credmgr, &this->cred->set);
99: }
100: this->cred->destroy(this->cred);
101: }
102: return TRUE;
103: }
104:
105: METHOD(plugin_t, get_features, int,
106: private_ipseckey_plugin_t *this, plugin_feature_t *features[])
107: {
108: static plugin_feature_t f[] = {
109: PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL),
110: PLUGIN_PROVIDE(CUSTOM, "ipseckey"),
111: PLUGIN_DEPENDS(RESOLVER),
112: PLUGIN_DEPENDS(PUBKEY, KEY_RSA),
113: PLUGIN_DEPENDS(CERT_ENCODE, CERT_TRUSTED_PUBKEY),
114: };
115: *features = f;
116: return countof(f);
117: }
118:
119: METHOD(plugin_t, destroy, void,
120: private_ipseckey_plugin_t *this)
121: {
122: free(this);
123: }
124:
125: /*
126: * see header file
127: */
128: plugin_t *ipseckey_plugin_create()
129: {
130: private_ipseckey_plugin_t *this;
131:
132: INIT(this,
133: .public = {
134: .plugin = {
135: .get_name = _get_name,
136: .get_features = _get_features,
137: .reload = _reload,
138: .destroy = _destroy,
139: },
140: },
141: );
142:
143: return &this->public.plugin;
144: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>