]>
Commit | Line | Data |
---|---|---|
61c46386 MW |
1 | /* |
2 | * Copyright (C) 2008 Thomas Kallenberg | |
3 | * Copyright (C) 2008 Martin Willi | |
4 | * Copyright (C) 2008 Tobias Brunner | |
19ef2aec TB |
5 | * |
6 | * Copyright (C) secunet Security Networks AG | |
61c46386 MW |
7 | * |
8 | * This program is free software; you can redistribute it and/or modify it | |
9 | * under the terms of the GNU General Public License as published by the | |
10 | * Free Software Foundation; either version 2 of the License, or (at your | |
11 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, but | |
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
15 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
16 | * for more details. | |
61c46386 MW |
17 | */ |
18 | ||
19 | #include "uci_creds.h" | |
20 | ||
21 | #include <daemon.h> | |
22 | #include <credentials/keys/shared_key.h> | |
23 | #include <utils/identification.h> | |
24 | ||
25 | typedef struct private_uci_creds_t private_uci_creds_t; | |
26 | ||
27 | /** | |
28 | * Private data of an uci_creds_t object | |
29 | */ | |
30 | struct private_uci_creds_t { | |
31 | /** | |
32 | * Public part | |
33 | */ | |
34 | uci_creds_t public; | |
7daf5226 | 35 | |
61c46386 MW |
36 | /** |
37 | * UCI parser context | |
38 | */ | |
39 | uci_parser_t *parser; | |
40 | }; | |
41 | ||
42 | typedef struct { | |
43 | /** implements enumerator */ | |
44 | enumerator_t public; | |
b3ab7a48 | 45 | /** inner UCI enumerator */ |
61c46386 MW |
46 | enumerator_t *inner; |
47 | /** currently enumerated shared shared */ | |
48 | shared_key_t *current; | |
49 | /** local ID to match */ | |
50 | identification_t *me; | |
51 | /** remote ID to match */ | |
52 | identification_t *other; | |
53 | } shared_enumerator_t; | |
54 | ||
66633c05 | 55 | METHOD(enumerator_t, shared_enumerator_enumerate, bool, |
95a63bf2 | 56 | shared_enumerator_t *this, va_list args) |
61c46386 | 57 | { |
95a63bf2 TB |
58 | shared_key_t **key; |
59 | id_match_t *me, *other; | |
fdacb2f1 MW |
60 | char *local_id, *remote_id, *psk; |
61 | identification_t *local, *remote; | |
61c46386 | 62 | |
95a63bf2 TB |
63 | VA_ARGS_VGET(args, key, me, other); |
64 | ||
61c46386 MW |
65 | while (TRUE) |
66 | { | |
67 | /* defaults */ | |
68 | local_id = "%any"; | |
fdacb2f1 | 69 | remote_id = "%any"; |
61c46386 | 70 | psk = NULL; |
7daf5226 | 71 | |
fdacb2f1 MW |
72 | if (!this->inner->enumerate(this->inner, NULL, |
73 | &local_id, &remote_id, &psk)) | |
61c46386 MW |
74 | { |
75 | return FALSE; | |
76 | } | |
77 | if (psk == NULL) | |
78 | { | |
79 | continue; | |
80 | } | |
81 | if (me) | |
82 | { | |
83 | local = identification_create_from_string(local_id); | |
fdacb2f1 MW |
84 | *me = this->me ? this->me->matches(this->me, local) |
85 | : ID_MATCH_ANY; | |
61c46386 MW |
86 | local->destroy(local); |
87 | if (!*me) | |
88 | { | |
89 | continue; | |
90 | } | |
91 | } | |
fdacb2f1 MW |
92 | if (other) |
93 | { | |
94 | remote = identification_create_from_string(remote_id); | |
fdacb2f1 MW |
95 | *other = this->other ? this->other->matches(this->other, remote) |
96 | : ID_MATCH_ANY; | |
97 | remote->destroy(remote); | |
98 | if (!*other) | |
99 | { | |
100 | continue; | |
101 | } | |
102 | } | |
61c46386 MW |
103 | break; |
104 | } | |
105 | DESTROY_IF(this->current); | |
106 | this->current = shared_key_create(SHARED_IKE, | |
107 | chunk_clone(chunk_create(psk, strlen(psk)))); | |
108 | *key = this->current; | |
61c46386 MW |
109 | return TRUE; |
110 | } | |
111 | ||
66633c05 TB |
112 | METHOD(enumerator_t, shared_enumerator_destroy, void, |
113 | shared_enumerator_t *this) | |
61c46386 MW |
114 | { |
115 | this->inner->destroy(this->inner); | |
116 | DESTROY_IF(this->current); | |
117 | free(this); | |
118 | } | |
119 | ||
66633c05 TB |
120 | METHOD(credential_set_t, create_shared_enumerator, enumerator_t*, |
121 | private_uci_creds_t *this, shared_key_type_t type, | |
122 | identification_t *me, identification_t *other) | |
61c46386 MW |
123 | { |
124 | shared_enumerator_t *e; | |
7daf5226 | 125 | |
61c46386 MW |
126 | if (type != SHARED_IKE) |
127 | { | |
128 | return NULL; | |
129 | } | |
7daf5226 | 130 | |
66633c05 TB |
131 | INIT(e, |
132 | .public = { | |
95a63bf2 TB |
133 | .enumerate = enumerator_enumerate_default, |
134 | .venumerate = _shared_enumerator_enumerate, | |
66633c05 TB |
135 | .destroy = _shared_enumerator_destroy, |
136 | }, | |
137 | .me = me, | |
138 | .other = other, | |
139 | .inner = this->parser->create_section_enumerator(this->parser, | |
140 | "local_id", "remote_id", "psk", NULL), | |
141 | ); | |
61c46386 MW |
142 | if (!e->inner) |
143 | { | |
144 | free(e); | |
145 | return NULL; | |
146 | } | |
147 | return &e->public; | |
148 | } | |
149 | ||
66633c05 TB |
150 | METHOD(uci_creds_t, destroy, void, |
151 | private_uci_creds_t *this) | |
61c46386 MW |
152 | { |
153 | free(this); | |
154 | } | |
155 | ||
156 | uci_creds_t *uci_creds_create(uci_parser_t *parser) | |
157 | { | |
66633c05 TB |
158 | private_uci_creds_t *this; |
159 | ||
160 | INIT(this, | |
161 | .public = { | |
162 | .credential_set = { | |
163 | .create_shared_enumerator = _create_shared_enumerator, | |
164 | .create_private_enumerator = (void*)return_null, | |
165 | .create_cert_enumerator = (void*)return_null, | |
166 | .create_cdp_enumerator = (void*)return_null, | |
167 | .cache_cert = (void*)nop, | |
168 | }, | |
169 | .destroy = _destroy, | |
170 | }, | |
171 | ); | |
7daf5226 | 172 | |
61c46386 MW |
173 | this->parser = parser; |
174 | ||
175 | return &this->public; | |
176 | } | |
177 |