]> git.ipfire.org Git - people/ms/strongswan.git/blob - src/libcharon/plugins/ipseckey/ipseckey_plugin.c
projects / people / ms / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
libcharon: Use lib->ns instead of charon->name
[people/ms/strongswan.git] / src / libcharon / plugins / ipseckey / ipseckey_plugin.c
1 /*
2 * Copyright (C) 2013 Tobias Brunner
3 * Copyright (C) 2012 Reto Guadagnini
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "ipseckey_plugin.h"
18
19 #include <daemon.h>
20 #include "ipseckey_cred.h"
21
22 typedef struct private_ipseckey_plugin_t private_ipseckey_plugin_t;
23
24
25 /**
26 * private data of the ipseckey plugin
27 */
28 struct private_ipseckey_plugin_t {
29
30 /**
31 * implements plugin interface
32 */
33 ipseckey_plugin_t public;
34
35 /**
36 * credential set
37 */
38 ipseckey_cred_t *cred;
39
40 /**
41 * IPSECKEY based authentication enabled
42 */
43 bool enabled;
44 };
45
46 METHOD(plugin_t, get_name, char*,
47 private_ipseckey_plugin_t *this)
48 {
49 return "ipseckey";
50 }
51
52 METHOD(plugin_t, reload, bool,
53 private_ipseckey_plugin_t *this)
54 {
55 bool enabled = lib->settings->get_bool(lib->settings,
56 "%s.plugins.ipseckey.enable", FALSE, lib->ns);
57
58 if (enabled != this->enabled)
59 {
60 if (enabled)
61 {
62 lib->credmgr->add_set(lib->credmgr, &this->cred->set);
63 }
64 else
65 {
66 lib->credmgr->remove_set(lib->credmgr, &this->cred->set);
67 }
68 this->enabled = enabled;
69 }
70 DBG1(DBG_CFG, "ipseckey plugin is %sabled", this->enabled ? "en" : "dis");
71 return TRUE;
72 }
73
74 /**
75 * Create resolver and register credential set
76 */
77 static bool plugin_cb(private_ipseckey_plugin_t *this,
78 plugin_feature_t *feature, bool reg, void *cb_data)
79 {
80 if (reg)
81 {
82 resolver_t *res;
83
84 res = lib->resolver->create(lib->resolver);
85 if (!res)
86 {
87 DBG1(DBG_CFG, "failed to create a DNS resolver instance");
88 return FALSE;
89 }
90
91 this->cred = ipseckey_cred_create(res);
92 reload(this);
93 }
94 else
95 {
96 if (this->enabled)
97 {
98 lib->credmgr->remove_set(lib->credmgr, &this->cred->set);
99 }
100 this->cred->destroy(this->cred);
101 }
102 return TRUE;
103 }
104
105 METHOD(plugin_t, get_features, int,
106 private_ipseckey_plugin_t *this, plugin_feature_t *features[])
107 {
108 static plugin_feature_t f[] = {
109 PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL),
110 PLUGIN_PROVIDE(CUSTOM, "ipseckey"),
111 PLUGIN_DEPENDS(RESOLVER),
112 PLUGIN_DEPENDS(PUBKEY, KEY_RSA),
113 PLUGIN_DEPENDS(CERT_ENCODE, CERT_TRUSTED_PUBKEY),
114 };
115 *features = f;
116 return countof(f);
117 }
118
119 METHOD(plugin_t, destroy, void,
120 private_ipseckey_plugin_t *this)
121 {
122 free(this);
123 }
124
125 /*
126 * see header file
127 */
128 plugin_t *ipseckey_plugin_create()
129 {
130 private_ipseckey_plugin_t *this;
131
132 INIT(this,
133 .public = {
134 .plugin = {
135 .get_name = _get_name,
136 .get_features = _get_features,
137 .reload = _reload,
138 .destroy = _destroy,
139 },
140 },
141 );
142
143 return &this->public.plugin;
144 }
Michael's strongswan development tree