[thirdparty/strongswan.git] / src / libimcv / imcv.c

/*
 * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include "imcv.h"
#include "ietf/ietf_attr.h"
#include "ita/ita_attr.h"

#include <utils/debug.h>
#include <utils/utils.h>
#include <pen/pen.h>

#include <syslog.h>

#define IMCV_DEBUG_LEVEL			1
#define IMCV_DEFAULT_POLICY_SCRIPT	"ipsec _imv_policy"


/**
 * PA-TNC attribute manager
 */
pa_tnc_attr_manager_t *imcv_pa_tnc_attributes;

/**
 * Global IMV database
 */
imv_database_t *imcv_db;

/**
 * Reference count for libimcv
 */
static refcount_t libimcv_ref = 0;

/**
 * Reference count for libstrongswan
 */
static refcount_t libstrongswan_ref = 0;

/**
 * Global configuration of imcv dbg function
 */
static int  imcv_debug_level;
static bool imcv_stderr_quiet;

/**
 * imvc dbg function
 */
static void imcv_dbg(debug_t group, level_t level, char *fmt, ...)
{
	int priority = LOG_INFO;
	char buffer[8192];
	char *current = buffer, *next;
	va_list args;

	if (level <= imcv_debug_level)
	{
		if (!imcv_stderr_quiet)
		{
			va_start(args, fmt);
			fprintf(stderr, "[HSR] ");
			vfprintf(stderr, fmt, args);
			fprintf(stderr, "\n");
			va_end(args);
		}

		/* write in memory buffer first */
		va_start(args, fmt);
		vsnprintf(buffer, sizeof(buffer), fmt, args);
		va_end(args);

		/* do a syslog with every line */
		while (current)
		{
			next = strchr(current, '\n');
			if (next)
			{
				*(next++) = '\0';
			}
			syslog(priority, "[HSR] %s\n", current);
			current = next;
		}
	}
}

/**
 * Described in header.
 */
bool libimcv_init(bool is_imv)
{
	/* initialize libstrongswan library only once */
	if (lib)
	{
		/* did main program initialize libstrongswan? */
		if (libstrongswan_ref == 0)
		{
			ref_get(&libstrongswan_ref);
		}
	}
	else
	{
		/* we are the first to initialize libstrongswan */
		if (!library_init(NULL, "libimcv"))
		{
			return FALSE;
		}

		/* set the debug level and stderr output */
		imcv_debug_level =  lib->settings->get_int(lib->settings,
									"libimcv.debug_level", IMCV_DEBUG_LEVEL);
		imcv_stderr_quiet = lib->settings->get_int(lib->settings,
									"libimcv.stderr_quiet", FALSE);

		/* activate the imcv debugging hook */
		dbg = imcv_dbg;
		openlog("imcv", 0, LOG_DAEMON);

		if (!lib->plugins->load(lib->plugins,
				lib->settings->get_str(lib->settings, "libimcv.load",
					"random nonce gmp pubkey x509")))
		{
			library_deinit();
			return FALSE;
		}
	}
	ref_get(&libstrongswan_ref);

	lib->settings->add_fallback(lib->settings, "%s.imcv", "libimcv", lib->ns);
	lib->settings->add_fallback(lib->settings, "%s.plugins", "libimcv.plugins",
								lib->ns);

	if (libimcv_ref == 0)
	{
		char *uri, *script;

		/* initialize the PA-TNC attribute manager */
	 	imcv_pa_tnc_attributes = pa_tnc_attr_manager_create();
		imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_IETF,
							ietf_attr_create_from_data, ietf_attr_names);
		imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_ITA,
							ita_attr_create_from_data, ita_attr_names);

		/* attach global IMV database */
		if (is_imv)
		{
			uri = lib->settings->get_str(lib->settings,
						"%s.imcv.database", NULL, lib->ns);
			script = lib->settings->get_str(lib->settings,
						"%s.imcv.policy_script", IMCV_DEFAULT_POLICY_SCRIPT,
						lib->ns);
			if (uri)
			{
				imcv_db = imv_database_create(uri, script);
			}
		}
		DBG1(DBG_LIB, "libimcv initialized");
	}
	ref_get(&libimcv_ref);

	return TRUE;
}

/**
 * Described in header.
 */
void libimcv_deinit(void)
{
	if (ref_put(&libimcv_ref))
	{
		imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_IETF);
		imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_ITA);
		DESTROY_IF(imcv_pa_tnc_attributes);
		imcv_pa_tnc_attributes = NULL;
		DESTROY_IF(imcv_db);
		DBG1(DBG_LIB, "libimcv terminated");
	}
	if (ref_put(&libstrongswan_ref))
	{
		library_deinit();
	}
}
Commit	Line	Data
d4c8fe3c AS	1	/*
	2	* Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
	3	*
	4	* This program is free software; you can redistribute it and/or modify it
	5	* under the terms of the GNU General Public License as published by the
	6	* Free Software Foundation; either version 2 of the License, or (at your
	7	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	8	*
	9	* This program is distributed in the hope that it will be useful, but
	10	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	11	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	12	* for more details.
	13	*/
	14
	15	#include "imcv.h"
74eb850d AS	16	#include "ietf/ietf_attr.h"
74eb850d AS	17	#include "ita/ita_attr.h"
d4c8fe3c	18
f05b4272	19	#include <utils/debug.h>
bca34c37	20	#include <utils/utils.h>
74eb850d	21	#include <pen/pen.h>
d4c8fe3c AS	22
	23	#include <syslog.h>
	24
a6266485	25	#define IMCV_DEBUG_LEVEL 1
a6266485 AS	26	#define IMCV_DEFAULT_POLICY_SCRIPT "ipsec _imv_policy"
a6266485 AS	27
e01b02e1	28
d4c8fe3c	29	/**
74eb850d	30	* PA-TNC attribute manager
d4c8fe3c	31	*/
74eb850d AS	32	pa_tnc_attr_manager_t *imcv_pa_tnc_attributes;
74eb850d AS	33
a6266485 AS	34	/**
	35	* Global IMV database
	36	*/
	37	imv_database_t *imcv_db;
	38
74eb850d AS	39	/**
	40	* Reference count for libimcv
	41	*/
	42	static refcount_t libimcv_ref = 0;
	43
	44	/**
	45	* Reference count for libstrongswan
	46	*/
	47	static refcount_t libstrongswan_ref = 0;
d4c8fe3c AS	48
d4c8fe3c AS	49	/**
e01b02e1	50	* Global configuration of imcv dbg function
d4c8fe3c	51	*/
e01b02e1 AS	52	static int imcv_debug_level;
e01b02e1 AS	53	static bool imcv_stderr_quiet;
d4c8fe3c AS	54
d4c8fe3c AS	55	/**
e01b02e1	56	* imvc dbg function
d4c8fe3c	57	*/
e01b02e1	58	static void imcv_dbg(debug_t group, level_t level, char *fmt, ...)
d4c8fe3c AS	59	{
	60	int priority = LOG_INFO;
	61	char buffer[8192];
	62	char current = buffer, next;
	63	va_list args;
	64
e01b02e1	65	if (level <= imcv_debug_level)
d4c8fe3c	66	{
e01b02e1	67	if (!imcv_stderr_quiet)
d4c8fe3c AS	68	{
d4c8fe3c AS	69	va_start(args, fmt);
ad963975	70	fprintf(stderr, "[HSR] ");
d4c8fe3c AS	71	vfprintf(stderr, fmt, args);
	72	fprintf(stderr, "\n");
	73	va_end(args);
	74	}
	75
	76	/* write in memory buffer first */
	77	va_start(args, fmt);
	78	vsnprintf(buffer, sizeof(buffer), fmt, args);
	79	va_end(args);
	80
	81	/* do a syslog with every line */
	82	while (current)
	83	{
	84	next = strchr(current, '\n');
	85	if (next)
	86	{
	87	*(next++) = '\0';
	88	}
ad963975	89	syslog(priority, "[HSR] %s\n", current);
d4c8fe3c AS	90	current = next;
	91	}
	92	}
	93	}
	94
	95	/**
	96	* Described in header.
	97	*/
a6266485	98	bool libimcv_init(bool is_imv)
d4c8fe3c AS	99	{
	100	/* initialize libstrongswan library only once */
	101	if (lib)
	102	{
	103	/* did main program initialize libstrongswan? */
74eb850d	104	if (libstrongswan_ref == 0)
d4c8fe3c	105	{
74eb850d	106	ref_get(&libstrongswan_ref);
d4c8fe3c AS	107	}
	108	}
	109	else
	110	{
	111	/* we are the first to initialize libstrongswan */
34d3bfcf	112	if (!library_init(NULL, "libimcv"))
d4c8fe3c AS	113	{
	114	return FALSE;
	115	}
	116
e01b02e1 AS	117	/* set the debug level and stderr output */
	118	imcv_debug_level = lib->settings->get_int(lib->settings,
	119	"libimcv.debug_level", IMCV_DEBUG_LEVEL);
	120	imcv_stderr_quiet = lib->settings->get_int(lib->settings,
ad963975	121	"libimcv.stderr_quiet", FALSE);
f05b4272	122
e01b02e1 AS	123	/* activate the imcv debugging hook */
e01b02e1 AS	124	dbg = imcv_dbg;
d4c8fe3c	125	openlog("imcv", 0, LOG_DAEMON);
6e58f0a3	126
b18a5317	127	if (!lib->plugins->load(lib->plugins,
71d740ca AS	128	lib->settings->get_str(lib->settings, "libimcv.load",
71d740ca AS	129	"random nonce gmp pubkey x509")))
6e58f0a3 AS	130	{
	131	library_deinit();
	132	return FALSE;
	133	}
74eb850d AS	134	}
74eb850d AS	135	ref_get(&libstrongswan_ref);
d4c8fe3c	136
1ec34763 TB	137	lib->settings->add_fallback(lib->settings, "%s.imcv", "libimcv", lib->ns);
	138	lib->settings->add_fallback(lib->settings, "%s.plugins", "libimcv.plugins",
	139	lib->ns);
	140
74eb850d AS	141	if (libimcv_ref == 0)
74eb850d AS	142	{
a6266485 AS	143	char uri, script;
a6266485 AS	144
74eb850d AS	145	/* initialize the PA-TNC attribute manager */
	146	imcv_pa_tnc_attributes = pa_tnc_attr_manager_create();
	147	imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_IETF,
	148	ietf_attr_create_from_data, ietf_attr_names);
	149	imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_ITA,
	150	ita_attr_create_from_data, ita_attr_names);
a6266485 AS	151
	152	/* attach global IMV database */
	153	if (is_imv)
	154	{
	155	uri = lib->settings->get_str(lib->settings,
1ec34763	156	"%s.imcv.database", NULL, lib->ns);
a6266485	157	script = lib->settings->get_str(lib->settings,
1ec34763 TB	158	"%s.imcv.policy_script", IMCV_DEFAULT_POLICY_SCRIPT,
1ec34763 TB	159	lib->ns);
a6266485 AS	160	if (uri)
	161	{
	162	imcv_db = imv_database_create(uri, script);
	163	}
	164	}
d4c8fe3c AS	165	DBG1(DBG_LIB, "libimcv initialized");
d4c8fe3c AS	166	}
74eb850d	167	ref_get(&libimcv_ref);
d4c8fe3c AS	168
	169	return TRUE;
	170	}
	171
	172	/**
	173	* Described in header.
	174	*/
	175	void libimcv_deinit(void)
	176	{
74eb850d	177	if (ref_put(&libimcv_ref))
d4c8fe3c	178	{
74eb850d AS	179	imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_IETF);
	180	imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_ITA);
	181	DESTROY_IF(imcv_pa_tnc_attributes);
6bce8e1c	182	imcv_pa_tnc_attributes = NULL;
a6266485	183	DESTROY_IF(imcv_db);
d4c8fe3c	184	DBG1(DBG_LIB, "libimcv terminated");
74eb850d AS	185	}
	186	if (ref_put(&libstrongswan_ref))
	187	{
f05b4272	188	library_deinit();
d4c8fe3c AS	189	}
	190	}
	191