Annotation of embedaddon/strongswan/src/libcharon/plugins/uci/uci_creds.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2008 Thomas Kallenberg
3: * Copyright (C) 2008 Martin Willi
4: * Copyright (C) 2008 Tobias Brunner
5: * HSR Hochschule fuer Technik Rapperswil
6: *
7: * This program is free software; you can redistribute it and/or modify it
8: * under the terms of the GNU General Public License as published by the
9: * Free Software Foundation; either version 2 of the License, or (at your
10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11: *
12: * This program is distributed in the hope that it will be useful, but
13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15: * for more details.
16: */
17:
18: #include "uci_creds.h"
19:
20: #include <daemon.h>
21: #include <credentials/keys/shared_key.h>
22: #include <utils/identification.h>
23:
24: typedef struct private_uci_creds_t private_uci_creds_t;
25:
26: /**
27: * Private data of an uci_creds_t object
28: */
29: struct private_uci_creds_t {
30: /**
31: * Public part
32: */
33: uci_creds_t public;
34:
35: /**
36: * UCI parser context
37: */
38: uci_parser_t *parser;
39: };
40:
41: typedef struct {
42: /** implements enumerator */
43: enumerator_t public;
44: /** inner UCI enumerator */
45: enumerator_t *inner;
46: /** currently enumerated shared shared */
47: shared_key_t *current;
48: /** local ID to match */
49: identification_t *me;
50: /** remote ID to match */
51: identification_t *other;
52: } shared_enumerator_t;
53:
54: METHOD(enumerator_t, shared_enumerator_enumerate, bool,
55: shared_enumerator_t *this, va_list args)
56: {
57: shared_key_t **key;
58: id_match_t *me, *other;
59: char *local_id, *remote_id, *psk;
60: identification_t *local, *remote;
61:
62: VA_ARGS_VGET(args, key, me, other);
63:
64: while (TRUE)
65: {
66: /* defaults */
67: local_id = "%any";
68: remote_id = "%any";
69: psk = NULL;
70:
71: if (!this->inner->enumerate(this->inner, NULL,
72: &local_id, &remote_id, &psk))
73: {
74: return FALSE;
75: }
76: if (psk == NULL)
77: {
78: continue;
79: }
80: if (me)
81: {
82: local = identification_create_from_string(local_id);
83: *me = this->me ? this->me->matches(this->me, local)
84: : ID_MATCH_ANY;
85: local->destroy(local);
86: if (!*me)
87: {
88: continue;
89: }
90: }
91: if (other)
92: {
93: remote = identification_create_from_string(remote_id);
94: *other = this->other ? this->other->matches(this->other, remote)
95: : ID_MATCH_ANY;
96: remote->destroy(remote);
97: if (!*other)
98: {
99: continue;
100: }
101: }
102: break;
103: }
104: DESTROY_IF(this->current);
105: this->current = shared_key_create(SHARED_IKE,
106: chunk_clone(chunk_create(psk, strlen(psk))));
107: *key = this->current;
108: return TRUE;
109: }
110:
111: METHOD(enumerator_t, shared_enumerator_destroy, void,
112: shared_enumerator_t *this)
113: {
114: this->inner->destroy(this->inner);
115: DESTROY_IF(this->current);
116: free(this);
117: }
118:
119: METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
120: private_uci_creds_t *this, shared_key_type_t type,
121: identification_t *me, identification_t *other)
122: {
123: shared_enumerator_t *e;
124:
125: if (type != SHARED_IKE)
126: {
127: return NULL;
128: }
129:
130: INIT(e,
131: .public = {
132: .enumerate = enumerator_enumerate_default,
133: .venumerate = _shared_enumerator_enumerate,
134: .destroy = _shared_enumerator_destroy,
135: },
136: .me = me,
137: .other = other,
138: .inner = this->parser->create_section_enumerator(this->parser,
139: "local_id", "remote_id", "psk", NULL),
140: );
141: if (!e->inner)
142: {
143: free(e);
144: return NULL;
145: }
146: return &e->public;
147: }
148:
149: METHOD(uci_creds_t, destroy, void,
150: private_uci_creds_t *this)
151: {
152: free(this);
153: }
154:
155: uci_creds_t *uci_creds_create(uci_parser_t *parser)
156: {
157: private_uci_creds_t *this;
158:
159: INIT(this,
160: .public = {
161: .credential_set = {
162: .create_shared_enumerator = _create_shared_enumerator,
163: .create_private_enumerator = (void*)return_null,
164: .create_cert_enumerator = (void*)return_null,
165: .create_cdp_enumerator = (void*)return_null,
166: .cache_cert = (void*)nop,
167: },
168: .destroy = _destroy,
169: },
170: );
171:
172: this->parser = parser;
173:
174: return &this->public;
175: }
176:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>