[thirdparty/strongswan.git] / src / libcharon / plugins / kernel_netlink / kernel_netlink_plugin.c

/*
 * Copyright (C) 2008 Tobias Brunner
 *
 * Copyright (C) secunet Security Networks AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */


#include "kernel_netlink_plugin.h"

#include "kernel_netlink_ipsec.h"
#include "kernel_netlink_net.h"

#include <sa/task_manager.h>

typedef struct private_kernel_netlink_plugin_t private_kernel_netlink_plugin_t;

/**
 * private data of kernel netlink plugin
 */
struct private_kernel_netlink_plugin_t {
	/**
	 * implements plugin interface
	 */
	kernel_netlink_plugin_t public;
};

METHOD(plugin_t, get_name, char*,
	private_kernel_netlink_plugin_t *this)
{
	return "kernel-netlink";
}

METHOD(plugin_t, get_features, int,
	private_kernel_netlink_plugin_t *this, plugin_feature_t *features[])
{
	static plugin_feature_t f[] = {
		PLUGIN_CALLBACK(kernel_ipsec_register, kernel_netlink_ipsec_create),
			PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
		PLUGIN_CALLBACK(kernel_net_register, kernel_netlink_net_create),
			PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
	};
	*features = f;
	return countof(f);
}

METHOD(plugin_t, reload, bool,
	private_kernel_netlink_plugin_t *this)
{
	u_int timeout;
	FILE *f;

	f = fopen("/proc/sys/net/core/xfrm_acq_expires", "w");
	if (f)
	{
		timeout = lib->settings->get_int(lib->settings,
							"%s.plugins.kernel-netlink.xfrm_acq_expires",
							task_manager_total_retransmit_timeout(), lib->ns);
		fprintf(f, "%u", timeout);
		fclose(f);
	}
	return TRUE;
}

METHOD(plugin_t, destroy, void,
	private_kernel_netlink_plugin_t *this)
{
	free(this);
}

/*
 * see header file
 */
plugin_t *kernel_netlink_plugin_create()
{
	private_kernel_netlink_plugin_t *this;

	if (!lib->caps->keep(lib->caps, CAP_NET_ADMIN))
	{	/* required to bind/use XFRM sockets / create/modify routing tables, but
		 * not if only the read-only parts of kernel-netlink-net are used, so
		 * we don't fail here */
		DBG1(DBG_KNL, "kernel-netlink plugin might require CAP_NET_ADMIN "
			 "capability");
	}

	INIT(this,
		.public = {
			.plugin = {
				.get_name = _get_name,
				.get_features = _get_features,
				.reload = _reload,
				.destroy = _destroy,
			},
		},
	);

	reload(this);

	return &this->public.plugin;
}
Commit	Line	Data
507f26f6 TB	1	/*
507f26f6 TB	2	* Copyright (C) 2008 Tobias Brunner
19ef2aec TB	3	*
19ef2aec TB	4	* Copyright (C) secunet Security Networks AG
507f26f6 TB	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2 of the License, or (at your
	9	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	10	*
	11	* This program is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	13	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	14	* for more details.
507f26f6 TB	15	*/
	16
	17
	18	#include "kernel_netlink_plugin.h"
	19
	20	#include "kernel_netlink_ipsec.h"
	21	#include "kernel_netlink_net.h"
	22
70855696 TB	23	#include <sa/task_manager.h>
70855696 TB	24
507f26f6 TB	25	typedef struct private_kernel_netlink_plugin_t private_kernel_netlink_plugin_t;
	26
	27	/**
	28	* private data of kernel netlink plugin
	29	*/
	30	struct private_kernel_netlink_plugin_t {
	31	/**
	32	* implements plugin interface
	33	*/
	34	kernel_netlink_plugin_t public;
	35	};
	36
787b5884 MW	37	METHOD(plugin_t, get_name, char*,
	38	private_kernel_netlink_plugin_t *this)
	39	{
	40	return "kernel-netlink";
	41	}
	42
278e5f3d MW	43	METHOD(plugin_t, get_features, int,
	44	private_kernel_netlink_plugin_t this, plugin_feature_t features[])
	45	{
	46	static plugin_feature_t f[] = {
	47	PLUGIN_CALLBACK(kernel_ipsec_register, kernel_netlink_ipsec_create),
	48	PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
	49	PLUGIN_CALLBACK(kernel_net_register, kernel_netlink_net_create),
	50	PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
	51	};
	52	*features = f;
	53	return countof(f);
	54	}
	55
70855696 TB	56	METHOD(plugin_t, reload, bool,
	57	private_kernel_netlink_plugin_t *this)
	58	{
	59	u_int timeout;
	60	FILE *f;
	61
	62	f = fopen("/proc/sys/net/core/xfrm_acq_expires", "w");
	63	if (f)
	64	{
	65	timeout = lib->settings->get_int(lib->settings,
	66	"%s.plugins.kernel-netlink.xfrm_acq_expires",
	67	task_manager_total_retransmit_timeout(), lib->ns);
	68	fprintf(f, "%u", timeout);
	69	fclose(f);
	70	}
	71	return TRUE;
	72	}
	73
52c03799 AS	74	METHOD(plugin_t, destroy, void,
52c03799 AS	75	private_kernel_netlink_plugin_t *this)
507f26f6	76	{
507f26f6 TB	77	free(this);
	78	}
	79
	80	/*
	81	* see header file
	82	*/
9ce567f8	83	plugin_t *kernel_netlink_plugin_create()
507f26f6	84	{
52c03799	85	private_kernel_netlink_plugin_t *this;
7daf5226	86
41b8546a	87	if (!lib->caps->keep(lib->caps, CAP_NET_ADMIN))
9fd2583e TB	88	{ /* required to bind/use XFRM sockets / create/modify routing tables, but
	89	* not if only the read-only parts of kernel-netlink-net are used, so
	90	* we don't fail here */
	91	DBG1(DBG_KNL, "kernel-netlink plugin might require CAP_NET_ADMIN "
41b8546a	92	"capability");
41b8546a TB	93	}
41b8546a TB	94
52c03799 AS	95	INIT(this,
	96	.public = {
	97	.plugin = {
787b5884	98	.get_name = _get_name,
278e5f3d	99	.get_features = _get_features,
70855696	100	.reload = _reload,
52c03799 AS	101	.destroy = _destroy,
	102	},
	103	},
	104	);
7daf5226	105
70855696 TB	106	reload(this);
70855696 TB	107
507f26f6 TB	108	return &this->public.plugin;
507f26f6 TB	109	}