33fbcc719c7dbcb8b15d85348589d7e5c4be6e3f
[strongswan.git] / src / charon / plugins / stroke / stroke_attribute.c
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "stroke_attribute.h"
17
18 #include <daemon.h>
19 #include <utils/linked_list.h>
20 #include <utils/hashtable.h>
21 #include <utils/mutex.h>
22
23 #define POOL_LIMIT (sizeof(uintptr_t)*8)
24
25 typedef struct private_stroke_attribute_t private_stroke_attribute_t;
26
27 /**
28 * private data of stroke_attribute
29 */
30 struct private_stroke_attribute_t {
31
32 /**
33 * public functions
34 */
35 stroke_attribute_t public;
36
37 /**
38 * list of pools, contains pool_t
39 */
40 linked_list_t *pools;
41
42 /**
43 * mutex to lock access to pools
44 */
45 mutex_t *mutex;
46 };
47
48 typedef struct {
49 /** name of the pool */
50 char *name;
51 /** base address of the pool */
52 host_t *base;
53 /** size of the pool */
54 int size;
55 /** next unused address */
56 int unused;
57 /** hashtable [identity => offset], for online leases */
58 hashtable_t *online;
59 /** hashtable [identity => offset], for offline leases */
60 hashtable_t *offline;
61 /** hashtable [identity => identity], handles identity references */
62 hashtable_t *ids;
63 } pool_t;
64
65 /**
66 * hashtable hash function for identities
67 */
68 static u_int id_hash(identification_t *id)
69 {
70 return chunk_hash(id->get_encoding(id));
71 }
72
73 /**
74 * hashtable equals function for identities
75 */
76 static bool id_equals(identification_t *a, identification_t *b)
77 {
78 return a->equals(a, b);
79 }
80
81 /**
82 * destroy a pool_t
83 */
84 static void pool_destroy(pool_t *this)
85 {
86 enumerator_t *enumerator;
87 identification_t *id;
88
89 enumerator = this->ids->create_enumerator(this->ids);
90 while (enumerator->enumerate(enumerator, &id, NULL))
91 {
92 id->destroy(id);
93 }
94 enumerator->destroy(enumerator);
95 this->ids->destroy(this->ids);
96 this->online->destroy(this->online);
97 this->offline->destroy(this->offline);
98 DESTROY_IF(this->base);
99 free(this->name);
100 free(this);
101 }
102
103 /**
104 * find a pool by name
105 */
106 static pool_t *find_pool(private_stroke_attribute_t *this, char *name)
107 {
108 enumerator_t *enumerator;
109 pool_t *current, *found = NULL;
110
111 enumerator = this->pools->create_enumerator(this->pools);
112 while (enumerator->enumerate(enumerator, &current))
113 {
114 if (streq(name, current->name))
115 {
116 found = current;
117 break;
118 }
119 }
120 enumerator->destroy(enumerator);
121 return found;
122 }
123
124 /**
125 * convert an pool offset to an address
126 */
127 host_t* offset2host(pool_t *pool, int offset)
128 {
129 chunk_t addr;
130 host_t *host;
131 u_int32_t *pos;
132
133 offset--;
134 if (offset > pool->size)
135 {
136 return NULL;
137 }
138
139 addr = chunk_clone(pool->base->get_address(pool->base));
140 if (pool->base->get_family(pool->base) == AF_INET6)
141 {
142 pos = (u_int32_t*)(addr.ptr + 12);
143 }
144 else
145 {
146 pos = (u_int32_t*)addr.ptr;
147 }
148 *pos = htonl(offset + ntohl(*pos));
149 host = host_create_from_chunk(pool->base->get_family(pool->base), addr, 0);
150 free(addr.ptr);
151 return host;
152 }
153
154 /**
155 * convert a host to a pool offset
156 */
157 int host2offset(pool_t *pool, host_t *addr)
158 {
159 chunk_t host, base;
160 u_int32_t hosti, basei;
161
162 if (addr->get_family(addr) != pool->base->get_family(pool->base))
163 {
164 return -1;
165 }
166 host = addr->get_address(addr);
167 base = pool->base->get_address(pool->base);
168 if (addr->get_family(addr) == AF_INET6)
169 {
170 /* only look at last /32 block */
171 if (!memeq(host.ptr, base.ptr, 12))
172 {
173 return -1;
174 }
175 host = chunk_skip(host, 12);
176 base = chunk_skip(base, 12);
177 }
178 hosti = ntohl(*(u_int32_t*)(host.ptr));
179 basei = ntohl(*(u_int32_t*)(base.ptr));
180 if (hosti > basei + pool->size)
181 {
182 return -1;
183 }
184 return hosti - basei + 1;
185 }
186
187 /**
188 * Implementation of attribute_provider_t.acquire_address
189 */
190 static host_t* acquire_address(private_stroke_attribute_t *this,
191 char *name, identification_t *id,
192 host_t *requested)
193 {
194 pool_t *pool;
195 uintptr_t offset = 0;
196 enumerator_t *enumerator;
197 identification_t *old_id;
198
199 this->mutex->lock(this->mutex);
200 pool = find_pool(this, name);
201 while (pool)
202 {
203 /* handle %config case by mirroring requested address */
204 if (pool->size == 0)
205 {
206 this->mutex->unlock(this->mutex);
207 return requested->clone(requested);
208 }
209
210 if (requested->get_family(requested) !=
211 pool->base->get_family(pool->base))
212 {
213 DBG1(DBG_CFG, "IP pool address family mismatch");
214 break;
215 }
216
217 /* check for a valid offline lease, refresh */
218 offset = (uintptr_t)pool->offline->remove(pool->offline, id);
219 if (offset)
220 {
221 id = pool->ids->get(pool->ids, id);
222 if (id)
223 {
224 DBG1(DBG_CFG, "reassigning offline lease to %Y", id);
225 pool->online->put(pool->online, id, (void*)offset);
226 break;
227 }
228 }
229
230 /* check for a valid online lease, reassign */
231 offset = (uintptr_t)pool->online->get(pool->online, id);
232 if (offset && offset == host2offset(pool, requested))
233 {
234 DBG1(DBG_CFG, "reassigning online lease to %Y", id);
235 break;
236 }
237
238 if (pool->unused < pool->size)
239 {
240 /* assigning offset, starting by 1. Handling 0 in hashtable
241 * is difficult. */
242 offset = ++pool->unused;
243 id = id->clone(id);
244 pool->ids->put(pool->ids, id, id);
245 pool->online->put(pool->online, id, (void*)offset);
246 DBG1(DBG_CFG, "assigning new lease to %Y", id);
247 break;
248 }
249 /* no more addresses, replace the first found offline lease */
250 enumerator = pool->offline->create_enumerator(pool->offline);
251 if (enumerator->enumerate(enumerator, &old_id, &offset))
252 {
253 offset = (uintptr_t)pool->offline->remove(pool->offline, old_id);
254 if (offset)
255 {
256 /* destroy reference to old ID */
257 old_id = pool->ids->remove(pool->ids, old_id);
258 DBG1(DBG_CFG, "reassigning existing offline lease of %Y to %Y",
259 old_id, id);
260 if (old_id)
261 {
262 old_id->destroy(old_id);
263 }
264 id = id->clone(id);
265 pool->ids->put(pool->ids, id, id);
266 pool->online->put(pool->online, id, (void*)offset);
267 enumerator->destroy(enumerator);
268 break;
269 }
270 }
271 enumerator->destroy(enumerator);
272
273 DBG1(DBG_CFG, "pool '%s' is full, unable to assign address", name);
274 break;
275 }
276 this->mutex->unlock(this->mutex);
277 if (offset)
278 {
279 return offset2host(pool, offset);
280 }
281 return NULL;
282 }
283
284 /**
285 * Implementation of attribute_provider_t.release_address
286 */
287 static bool release_address(private_stroke_attribute_t *this,
288 char *name, host_t *address, identification_t *id)
289 {
290 pool_t *pool;
291 bool found = FALSE;
292 uintptr_t offset;
293
294 this->mutex->lock(this->mutex);
295 pool = find_pool(this, name);
296 if (pool)
297 {
298 if (pool->size != 0)
299 {
300 offset = (uintptr_t)pool->online->remove(pool->online, id);
301 if (offset)
302 {
303 id = pool->ids->get(pool->ids, id);
304 if (id)
305 {
306 DBG1(DBG_CFG, "lease %H of %Y went offline", address, id);
307 pool->offline->put(pool->offline, id, (void*)offset);
308 found = TRUE;
309 }
310 }
311 }
312 }
313 this->mutex->unlock(this->mutex);
314 return found;
315 }
316
317 /**
318 * Implementation of stroke_attribute_t.add_pool.
319 */
320 static void add_pool(private_stroke_attribute_t *this, stroke_msg_t *msg)
321 {
322 if (msg->add_conn.other.sourceip_size)
323 {
324 pool_t *pool;
325
326 pool = malloc_thing(pool_t);
327 pool->base = NULL;
328 pool->size = 0;
329 pool->unused = 0;
330 pool->name = strdup(msg->add_conn.name);
331 pool->online = hashtable_create((hashtable_hash_t)id_hash,
332 (hashtable_equals_t)id_equals, 16);
333 pool->offline = hashtable_create((hashtable_hash_t)id_hash,
334 (hashtable_equals_t)id_equals, 16);
335 pool->ids = hashtable_create((hashtable_hash_t)id_hash,
336 (hashtable_equals_t)id_equals, 16);
337
338 /* if %config, add an empty pool, otherwise */
339 if (msg->add_conn.other.sourceip)
340 {
341 u_int32_t bits;
342 int family;
343
344 DBG1(DBG_CFG, "adding virtual IP address pool '%s': %s/%d",
345 msg->add_conn.name, msg->add_conn.other.sourceip,
346 msg->add_conn.other.sourceip_size);
347
348 pool->base = host_create_from_string(msg->add_conn.other.sourceip, 0);
349 if (!pool->base)
350 {
351 pool_destroy(pool);
352 DBG1(DBG_CFG, "virtual IP address invalid, discarded");
353 return;
354 }
355 family = pool->base->get_family(pool->base);
356 bits = (family == AF_INET ? 32 : 128) - msg->add_conn.other.sourceip_size;
357 if (bits > POOL_LIMIT)
358 {
359 bits = POOL_LIMIT;
360 DBG1(DBG_CFG, "virtual IP pool to large, limiting to %s/%d",
361 msg->add_conn.other.sourceip,
362 (family == AF_INET ? 32 : 128) - bits);
363 }
364 pool->size = 1 << (bits);
365
366 if (pool->size > 2)
367 { /* do not use first and last addresses of a block */
368 pool->unused++;
369 pool->size--;
370 }
371 }
372 this->mutex->lock(this->mutex);
373 this->pools->insert_last(this->pools, pool);
374 this->mutex->unlock(this->mutex);
375 }
376 }
377
378 /**
379 * Implementation of stroke_attribute_t.del_pool.
380 */
381 static void del_pool(private_stroke_attribute_t *this, stroke_msg_t *msg)
382 {
383 enumerator_t *enumerator;
384 pool_t *pool;
385
386 this->mutex->lock(this->mutex);
387 enumerator = this->pools->create_enumerator(this->pools);
388 while (enumerator->enumerate(enumerator, &pool))
389 {
390 if (streq(msg->del_conn.name, pool->name))
391 {
392 this->pools->remove_at(this->pools, enumerator);
393 pool_destroy(pool);
394 break;
395 }
396 }
397 enumerator->destroy(enumerator);
398 this->mutex->unlock(this->mutex);
399 }
400
401 /**
402 * Pool enumerator filter function, converts pool_t to name, size, ...
403 */
404 static bool pool_filter(void *mutex, pool_t **poolp, char **name,
405 void *d1, u_int *size, void *d2, u_int *online,
406 void *d3, u_int *offline)
407 {
408 pool_t *pool = *poolp;
409
410 *name = pool->name;
411 *size = pool->size;
412 *online = pool->online->get_count(pool->online);
413 *offline = pool->offline->get_count(pool->offline);
414 return TRUE;
415 }
416
417 /**
418 * Implementation of stroke_attribute_t.create_pool_enumerator
419 */
420 static enumerator_t* create_pool_enumerator(private_stroke_attribute_t *this)
421 {
422 this->mutex->lock(this->mutex);
423 return enumerator_create_filter(this->pools->create_enumerator(this->pools),
424 (void*)pool_filter,
425 this->mutex, (void*)this->mutex->unlock);
426 }
427
428 /**
429 * lease enumerator
430 */
431 typedef struct {
432 /** implemented enumerator interface */
433 enumerator_t public;
434 /** inner hash-table enumerator */
435 enumerator_t *inner;
436 /** enumerated pool */
437 pool_t *pool;
438 /** mutex to unlock on destruction */
439 mutex_t *mutex;
440 /** currently enumerated lease address */
441 host_t *current;
442 } lease_enumerator_t;
443
444 /**
445 * Implementation of lease_enumerator_t.enumerate
446 */
447 static bool lease_enumerate(lease_enumerator_t *this, identification_t **id_out,
448 host_t **addr_out, bool *online)
449 {
450 identification_t *id;
451 uintptr_t offset;
452
453 DESTROY_IF(this->current);
454 this->current = NULL;
455
456 if (this->inner->enumerate(this->inner, &id, NULL))
457 {
458 offset = (uintptr_t)this->pool->online->get(this->pool->online, id);
459 if (offset)
460 {
461 *id_out = id;
462 *addr_out = this->current = offset2host(this->pool, offset);
463 *online = TRUE;
464 return TRUE;
465 }
466 offset = (uintptr_t)this->pool->offline->get(this->pool->offline, id);
467 if (offset)
468 {
469 *id_out = id;
470 *addr_out = this->current = offset2host(this->pool, offset);
471 *online = FALSE;
472 return TRUE;
473 }
474 }
475 return FALSE;
476 }
477
478 /**
479 * Implementation of lease_enumerator_t.destroy
480 */
481 static void lease_enumerator_destroy(lease_enumerator_t *this)
482 {
483 DESTROY_IF(this->current);
484 this->inner->destroy(this->inner);
485 this->mutex->unlock(this->mutex);
486 free(this);
487 }
488
489 /**
490 * Implementation of stroke_attribute_t.create_lease_enumerator
491 */
492 static enumerator_t* create_lease_enumerator(private_stroke_attribute_t *this,
493 char *pool)
494 {
495 lease_enumerator_t *enumerator;
496
497 this->mutex->lock(this->mutex);
498 enumerator = malloc_thing(lease_enumerator_t);
499 enumerator->pool = find_pool(this, pool);
500 if (!enumerator->pool)
501 {
502 this->mutex->unlock(this->mutex);
503 free(enumerator);
504 return NULL;
505 }
506 enumerator->public.enumerate = (void*)lease_enumerate;
507 enumerator->public.destroy = (void*)lease_enumerator_destroy;
508 enumerator->inner = enumerator->pool->ids->create_enumerator(enumerator->pool->ids);
509 enumerator->mutex = this->mutex;
510 enumerator->current = NULL;
511 return &enumerator->public;
512 }
513
514 /**
515 * Implementation of stroke_attribute_t.destroy
516 */
517 static void destroy(private_stroke_attribute_t *this)
518 {
519 this->mutex->destroy(this->mutex);
520 this->pools->destroy_function(this->pools, (void*)pool_destroy);
521 free(this);
522 }
523
524 /*
525 * see header file
526 */
527 stroke_attribute_t *stroke_attribute_create()
528 {
529 private_stroke_attribute_t *this = malloc_thing(private_stroke_attribute_t);
530
531 this->public.provider.acquire_address = (host_t*(*)(attribute_provider_t *this, char*, identification_t *,host_t *))acquire_address;
532 this->public.provider.release_address = (bool(*)(attribute_provider_t *this, char*,host_t *, identification_t*))release_address;
533 this->public.provider.create_attribute_enumerator = (enumerator_t*(*)(attribute_provider_t*, identification_t *id))enumerator_create_empty;
534 this->public.add_pool = (void(*)(stroke_attribute_t*, stroke_msg_t *msg))add_pool;
535 this->public.del_pool = (void(*)(stroke_attribute_t*, stroke_msg_t *msg))del_pool;
536 this->public.create_pool_enumerator = (enumerator_t*(*)(stroke_attribute_t*))create_pool_enumerator;
537 this->public.create_lease_enumerator = (enumerator_t*(*)(stroke_attribute_t*, char *pool))create_lease_enumerator;
538 this->public.destroy = (void(*)(stroke_attribute_t*))destroy;
539
540 this->pools = linked_list_create();
541 this->mutex = mutex_create(MUTEX_RECURSIVE);
542
543 return &this->public;
544 }
545