first simple prototype of a UCI configuration plugin for OpenWRT
[strongswan.git] / src / charon / plugins / uci / uci_creds.c
1 /*
2 * Copyright (C) 2008 Thomas Kallenberg
3 * Copyright (C) 2008 Martin Willi
4 * Copyright (C) 2008 Tobias Brunner
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 *
17 * $Id$
18 */
19
20 #include "uci_creds.h"
21
22 #include <daemon.h>
23 #include <credentials/keys/shared_key.h>
24 #include <utils/identification.h>
25
26 typedef struct private_uci_creds_t private_uci_creds_t;
27
28 /**
29 * Private data of an uci_creds_t object
30 */
31 struct private_uci_creds_t {
32 /**
33 * Public part
34 */
35 uci_creds_t public;
36
37 /**
38 * UCI parser context
39 */
40 uci_parser_t *parser;
41 };
42
43 typedef struct {
44 /** implements enumerator */
45 enumerator_t public;
46 /** inneer UCI enumerator */
47 enumerator_t *inner;
48 /** currently enumerated shared shared */
49 shared_key_t *current;
50 /** local ID to match */
51 identification_t *me;
52 /** remote ID to match */
53 identification_t *other;
54 } shared_enumerator_t;
55
56 /**
57 * Implementation of shared_enumerator_t.public.enumerate
58 */
59 static bool shared_enumerator_enumerate(shared_enumerator_t *this,
60 shared_key_t **key, id_match_t *me, id_match_t *other)
61 {
62 char *local_id, *psk;
63 identification_t *local;
64
65 while (TRUE)
66 {
67 /* defaults */
68 local_id = "%any";
69 psk = NULL;
70
71 if (!this->inner->enumerate(this->inner, NULL, &local_id, &psk))
72 {
73 return FALSE;
74 }
75 if (psk == NULL)
76 {
77 continue;
78 }
79 if (me)
80 {
81 local = identification_create_from_string(local_id);
82 if (!local)
83 {
84 continue;
85 }
86 *me = this->me ? this->me->matches(this->me, local) : ID_MATCH_ANY;
87 local->destroy(local);
88 if (!*me)
89 {
90 continue;
91 }
92 }
93 break;
94 }
95 DESTROY_IF(this->current);
96 this->current = shared_key_create(SHARED_IKE,
97 chunk_clone(chunk_create(psk, strlen(psk))));
98 *key = this->current;
99 if (other)
100 {
101 *other = ID_MATCH_ANY;
102 }
103 return TRUE;
104 }
105
106 /**
107 * Implementation of shared_enumerator_t.public.destroy
108 */
109 static void shared_enumerator_destroy(shared_enumerator_t *this)
110 {
111 this->inner->destroy(this->inner);
112 DESTROY_IF(this->current);
113 free(this);
114 }
115
116 /**
117 * Implementation of backend_t.create_shared_cfg_enumerator.
118 */
119 static enumerator_t* create_shared_enumerator(private_uci_creds_t *this,
120 shared_key_type_t type,
121 identification_t *me,
122 identification_t *other)
123 {
124 shared_enumerator_t *e;
125
126 if (type != SHARED_IKE)
127 {
128 return NULL;
129 }
130
131 e = malloc_thing(shared_enumerator_t);
132 e->current = NULL;
133 e->public.enumerate = (void*)shared_enumerator_enumerate;
134 e->public.destroy = (void*)shared_enumerator_destroy;
135 e->me = me;
136 e->other = other;
137 e->inner = this->parser->create_section_enumerator(this->parser,
138 "local_id", "psk", NULL);
139 if (!e->inner)
140 {
141 free(e);
142 return NULL;
143 }
144 return &e->public;
145 }
146
147 /**
148 * Implementation of uci_creds_t.destroy
149 */
150 static void destroy(private_uci_creds_t *this)
151 {
152 free(this);
153 }
154
155 uci_creds_t *uci_creds_create(uci_parser_t *parser)
156 {
157 private_uci_creds_t *this = malloc_thing(private_uci_creds_t);
158
159 this->public.credential_set.create_shared_enumerator = (enumerator_t*(*)(credential_set_t*, shared_key_type_t, identification_t*, identification_t*))create_shared_enumerator;
160 this->public.credential_set.create_private_enumerator = (enumerator_t*(*) (credential_set_t*, key_type_t, identification_t*))return_null;
161 this->public.credential_set.create_cert_enumerator = (enumerator_t*(*) (credential_set_t*, certificate_type_t, key_type_t,identification_t *, bool))return_null;
162 this->public.credential_set.create_cdp_enumerator = (enumerator_t*(*) (credential_set_t *,certificate_type_t, identification_t *))return_null;
163 this->public.credential_set.cache_cert = (void (*)(credential_set_t *, certificate_t *))nop;
164 this->public.destroy = (void(*) (uci_creds_t*))destroy;
165
166 this->parser = parser;
167
168 return &this->public;
169 }
170