src/charon/plugins/medsrv/medsrv_config.c

   1 /*
   2  * Copyright (C) 2008 Martin Willi
   3  * Hochschule fuer Technik Rapperswil
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  *
  15  * $Id$
  16  */
  17
  18 #include <string.h>
  19
  20 #include "medsrv_config.h"
  21
  22 #include <daemon.h>
  23
  24 typedef struct private_medsrv_config_t private_medsrv_config_t;
  25
  26 /**
  27  * Private data of an medsrv_config_t object
  28  */
  29 struct private_medsrv_config_t {
  30
  31         /**
  32          * Public part
  33          */
  34         medsrv_config_t public;
  35
  36         /**
  37          * database connection
  38          */
  39         database_t *db;
  40
  41         /**
  42          * rekey time
  43          */
  44         int rekey;
  45
  46         /**
  47          * dpd delay
  48          */
  49         int dpd;
  50
  51         /**
  52          * default ike config
  53          */
  54         ike_cfg_t *ike;
  55 };
  56
  57 /**
  58  * implements backend_t.get_peer_cfg_by_name.
  59  */
  60 static peer_cfg_t *get_peer_cfg_by_name(private_medsrv_config_t *this, char *name)
  61 {
  62         return NULL;
  63 }
  64
  65 /**
  66  * Implementation of backend_t.create_ike_cfg_enumerator.
  67  */
  68 static enumerator_t* create_ike_cfg_enumerator(private_medsrv_config_t *this,
  69                                                                                            host_t *me, host_t *other)
  70 {
  71         return enumerator_create_single(this->ike, NULL);
  72 }
  73
  74 /**
  75  * Implementation of backend_t.create_peer_cfg_enumerator.
  76  */
  77 static enumerator_t* create_peer_cfg_enumerator(private_medsrv_config_t *this,
  78                                                                                                 identification_t *me,
  79                                                                                                 identification_t *other)
  80 {
  81         enumerator_t *e;
  82
  83         if (!me || !other || other->get_type(other) != ID_KEY_ID)
  84         {
  85                 return NULL;
  86         }
  87         e = this->db->query(this->db,
  88                         "SELECT CONCAT(Peer.Alias, CONCAT('@', User.Login)) FROM "
  89                         "Peer JOIN User ON Peer.IdUser = User.IdUser "
  90                         "WHERE Peer.KeyID = ?", DB_BLOB, other->get_encoding(other),
  91                         DB_TEXT);
  92         if (e)
  93         {
  94                 peer_cfg_t *peer_cfg;
  95                 char *name;
  96
  97                 if (e->enumerate(e, &name))
  98                 {
  99                         peer_cfg = peer_cfg_create(
 100                                 name, 2, this->ike->get_ref(this->ike),
 101                                 me->clone(me), other->clone(other),
 102                                 CERT_NEVER_SEND, UNIQUE_REPLACE, CONF_AUTH_PUBKEY,
 103                                 0, 0,                                                   /* EAP method, vendor */
 104                                 1, this->rekey*60, 0,                   /* keytries, rekey, reauth */
 105                                 this->rekey*5, this->rekey*3,   /* jitter, overtime */
 106                                 TRUE, this->dpd,                                /* mobike, dpddelay */
 107                                 NULL, NULL,                                     /* vip, pool */
 108                                 TRUE, NULL, NULL);                              /* mediation, med by, peer id */
 109                         e->destroy(e);
 110                         return enumerator_create_single(peer_cfg, (void*)peer_cfg->destroy);
 111                 }
 112                 e->destroy(e);
 113         }
 114         return NULL;
 115 }
 116
 117 /**
 118  * Implementation of medsrv_config_t.destroy.
 119  */
 120 static void destroy(private_medsrv_config_t *this)
 121 {
 122         this->ike->destroy(this->ike);
 123         free(this);
 124 }
 125
 126 /**
 127  * Described in header.
 128  */
 129 medsrv_config_t *medsrv_config_create(database_t *db)
 130 {
 131         private_medsrv_config_t *this = malloc_thing(private_medsrv_config_t);
 132
 133         this->public.backend.create_peer_cfg_enumerator = (enumerator_t*(*)(backend_t*, identification_t *me, identification_t *other))create_peer_cfg_enumerator;
 134         this->public.backend.create_ike_cfg_enumerator = (enumerator_t*(*)(backend_t*, host_t *me, host_t *other))create_ike_cfg_enumerator;
 135         this->public.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
 136         this->public.destroy = (void(*)(medsrv_config_t*))destroy;
 137
 138         this->db = db;
 139         this->rekey = lib->settings->get_int(lib->settings,
 140                                                                                  "medmanager.rekey", 20) * 60;
 141         this->dpd = lib->settings->get_int(lib->settings, "medmanager.dpd", 300);
 142         this->ike = ike_cfg_create(FALSE, FALSE, "0.0.0.0", "0.0.0.0");
 143         this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));
 144
 145         return &this->public;
 146 }
 147