libhydra: Move kernel interface to libcharon
[strongswan.git] / src / libcharon / plugins / load_tester / load_tester_config.c
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "load_tester_config.h"
17
18 #include <netdb.h>
19
20 #include <daemon.h>
21 #include <attributes/mem_pool.h>
22 #include <collections/hashtable.h>
23 #include <threading/mutex.h>
24
25 #define UNIQUE_PORT_START 1025
26
27 typedef struct private_load_tester_config_t private_load_tester_config_t;
28
29 /**
30 * Private data of an load_tester_config_t object
31 */
32 struct private_load_tester_config_t {
33
34 /**
35 * Public part
36 */
37 load_tester_config_t public;
38
39 /**
40 * peer config
41 */
42 peer_cfg_t *peer_cfg;
43
44 /**
45 * virtual IP, if any
46 */
47 host_t *vip;
48
49 /**
50 * Initiator address
51 */
52 char *initiator;
53
54 /**
55 * Responder address
56 */
57 char *responder;
58
59 /**
60 * IP address pool
61 */
62 char *pool;
63
64 /**
65 * IKE proposal
66 */
67 proposal_t *proposal;
68
69 /**
70 * ESP proposal
71 */
72 proposal_t *esp;
73
74 /**
75 * Authentication method(s) to use/expect from initiator
76 */
77 char *initiator_auth;
78
79 /**
80 * Authentication method(s) use/expected from responder
81 */
82 char *responder_auth;
83
84 /**
85 * Initiator ID to enforce
86 */
87 char *initiator_id;
88
89 /**
90 * Initiator ID to to match against as responder
91 */
92 char *initiator_match;
93
94 /**
95 * Responder ID to enforce
96 */
97 char *responder_id;
98
99 /**
100 * IPsec mode, tunnel|transport|beet
101 */
102 char *mode;
103
104 /**
105 * Traffic Selector on initiator side, as proposed from initiator
106 */
107 char *initiator_tsi;
108
109 /**
110 * Traffic Selector on responder side, as proposed from initiator
111 */
112 char *initiator_tsr;
113
114 /**
115 * Traffic Selector on initiator side, as narrowed by responder
116 */
117 char *responder_tsi;
118
119 /**
120 * Traffic Selector on responder side, as narrowed by responder
121 */
122 char *responder_tsr;
123
124 /**
125 * Current port for unique initiator ports
126 */
127 u_int16_t unique_port;
128
129 /**
130 * IKE_SA rekeying delay
131 */
132 u_int ike_rekey;
133
134 /**
135 * CHILD_SA rekeying delay
136 */
137 u_int child_rekey;
138
139 /**
140 * DPD check delay
141 */
142 u_int dpd_delay;
143
144 /**
145 * DPD timeout (IKEv1 only)
146 */
147 u_int dpd_timeout;
148
149 /**
150 * incremental numbering of generated configs
151 */
152 refcount_t num;
153
154 /**
155 * Dynamic source port, if used
156 */
157 u_int16_t port;
158
159 /**
160 * IKE version to use for load testing
161 */
162 ike_version_t version;
163
164 /**
165 * List of pools to allocate external addresses dynamically, as mem_pool_t
166 */
167 linked_list_t *pools;
168
169 /**
170 * Address prefix to use when installing dynamic addresses
171 */
172 int prefix;
173
174 /**
175 * Keep addresses until shutdown?
176 */
177 bool keep;
178
179 /**
180 * Hashtable with leases in "pools", host_t => entry_t
181 */
182 hashtable_t *leases;
183
184 /**
185 * Mutex for leases hashtable
186 */
187 mutex_t *mutex;
188 };
189
190 /**
191 * Lease entry
192 */
193 typedef struct {
194 /** host reference, equal to key */
195 host_t *host;
196 /** associated identity */
197 identification_t *id;
198 } entry_t;
199
200 /**
201 * Destroy an entry_t
202 */
203 static void entry_destroy(entry_t *this)
204 {
205 this->host->destroy(this->host);
206 this->id->destroy(this->id);
207 free(this);
208 }
209
210 /**
211 * Hashtable hash function
212 */
213 static u_int hash(host_t *key)
214 {
215 return chunk_hash(key->get_address(key));
216 }
217
218 /**
219 * Hashtable equals function
220 */
221 static bool equals(host_t *a, host_t *b)
222 {
223 return a->ip_equals(a, b);
224 }
225
226 /**
227 * Load external addresses to use, if any
228 */
229 static void load_addrs(private_load_tester_config_t *this)
230 {
231 enumerator_t *enumerator, *tokens;
232 host_t *from, *to;
233 int bits;
234 char *iface, *token, *pos;
235 mem_pool_t *pool;
236
237 this->keep = lib->settings->get_bool(lib->settings,
238 "%s.plugins.load-tester.addrs_keep", FALSE, lib->ns);
239 this->prefix = lib->settings->get_int(lib->settings,
240 "%s.plugins.load-tester.addrs_prefix", 16, lib->ns);
241 enumerator = lib->settings->create_key_value_enumerator(lib->settings,
242 "%s.plugins.load-tester.addrs", lib->ns);
243 while (enumerator->enumerate(enumerator, &iface, &token))
244 {
245 tokens = enumerator_create_token(token, ",", " ");
246 while (tokens->enumerate(tokens, &token))
247 {
248 pos = strchr(token, '-');
249 if (pos)
250 { /* range */
251 *(pos++) = '\0';
252 /* trim whitespace */
253 while (*pos == ' ')
254 {
255 pos++;
256 }
257 while (token[strlen(token) - 1] == ' ')
258 {
259 token[strlen(token) - 1] = '\0';
260 }
261 from = host_create_from_string(token, 0);
262 to = host_create_from_string(pos, 0);
263 if (from && to)
264 {
265 pool = mem_pool_create_range(iface, from, to);
266 if (pool)
267 {
268 DBG1(DBG_CFG, "loaded load-tester address range "
269 "%H-%H on %s", from, to, iface);
270 this->pools->insert_last(this->pools, pool);
271 }
272 from->destroy(from);
273 to->destroy(to);
274 }
275 else
276 {
277 DBG1(DBG_CFG, "parsing load-tester address range %s-%s "
278 "failed, skipped", token, pos);
279 DESTROY_IF(from);
280 DESTROY_IF(to);
281 }
282 }
283 else
284 { /* subnet */
285 from = host_create_from_subnet(token, &bits);
286 if (from)
287 {
288 DBG1(DBG_CFG, "loaded load-tester address pool %H/%d on %s",
289 from, bits, iface);
290 pool = mem_pool_create(iface, from, bits);
291 from->destroy(from);
292 this->pools->insert_last(this->pools, pool);
293 }
294 else
295 {
296 DBG1(DBG_CFG, "parsing load-tester address %s failed, "
297 "skipped", token);
298 }
299 }
300 }
301 tokens->destroy(tokens);
302 }
303 enumerator->destroy(enumerator);
304 }
305
306 /**
307 * Generate auth config from string
308 */
309 static void generate_auth_cfg(private_load_tester_config_t *this, char *str,
310 peer_cfg_t *peer_cfg, bool local, int num)
311 {
312 enumerator_t *enumerator;
313 auth_cfg_t *auth;
314 identification_t *id;
315 auth_class_t class;
316 eap_type_t type;
317 char buf[128];
318 int rnd = 0;
319
320 enumerator = enumerator_create_token(str, "|", " ");
321 while (enumerator->enumerate(enumerator, &str))
322 {
323 id = NULL;
324 auth = auth_cfg_create();
325 rnd++;
326
327 if (this->initiator_id)
328 {
329 if (this->initiator_match && (!local && !num))
330 { /* as responder, use the secified identity that matches
331 * all used initiator identities, if given. */
332 snprintf(buf, sizeof(buf), this->initiator_match, rnd);
333 id = identification_create_from_string(buf);
334 }
335 else if ((local && num) || (!local && !num))
336 { /* as initiator, create peer specific identities */
337 snprintf(buf, sizeof(buf), this->initiator_id, num, rnd);
338 id = identification_create_from_string(buf);
339 }
340 }
341 if (this->responder_id)
342 {
343 if ((local && !num) || (!local && num))
344 {
345 snprintf(buf, sizeof(buf), this->responder_id, num, rnd);
346 id = identification_create_from_string(buf);
347 }
348 }
349
350 if (streq(str, "psk"))
351 { /* PSK authentication, use FQDNs */
352 class = AUTH_CLASS_PSK;
353 if (!id)
354 {
355 if ((local && !num) || (!local && num))
356 {
357 id = identification_create_from_string("srv.strongswan.org");
358 }
359 else if (local)
360 {
361 snprintf(buf, sizeof(buf), "c%d-r%d.strongswan.org",
362 num, rnd);
363 id = identification_create_from_string(buf);
364 }
365 else
366 {
367 id = identification_create_from_string("*.strongswan.org");
368 }
369 }
370 }
371 else if (strpfx(str, "eap"))
372 { /* EAP authentication, use a NAI */
373 class = AUTH_CLASS_EAP;
374 if (*(str + strlen("eap")) == '-')
375 {
376 type = eap_type_from_string(str + strlen("eap-"));
377 if (type)
378 {
379 auth->add(auth, AUTH_RULE_EAP_TYPE, type);
380 }
381 }
382 if (!id)
383 {
384 if (local && num)
385 {
386 snprintf(buf, sizeof(buf), "1%.10d%.4d@strongswan.org",
387 num, rnd);
388 id = identification_create_from_string(buf);
389 }
390 else
391 {
392 id = identification_create_from_encoding(ID_ANY, chunk_empty);
393 }
394 }
395 }
396 else if (strpfx(str, "xauth"))
397 { /* XAuth, use a username */
398 class = AUTH_CLASS_XAUTH;
399 if (*(str + strlen("xauth")) == '-')
400 {
401 auth->add(auth, AUTH_RULE_XAUTH_BACKEND, str + strlen("xauth-"));
402 }
403 if (!id)
404 {
405 if (local && num)
406 {
407 snprintf(buf, sizeof(buf), "cli-%.6d-%.2d", num, rnd);
408 id = identification_create_from_string(buf);
409 }
410 else
411 {
412 id = identification_create_from_encoding(ID_ANY, chunk_empty);
413 }
414 }
415 /* additionally set the ID as XAuth identity */
416 auth->add(auth, AUTH_RULE_XAUTH_IDENTITY, id->clone(id));
417 }
418 else
419 {
420 if (!streq(str, "pubkey"))
421 {
422 DBG1(DBG_CFG, "invalid authentication: '%s', fallback to pubkey",
423 str);
424 }
425 /* certificate authentication, use distinguished names */
426 class = AUTH_CLASS_PUBKEY;
427 if (!id)
428 {
429 if ((local && !num) || (!local && num))
430 {
431 id = identification_create_from_string(
432 "CN=srv, OU=load-test, O=strongSwan");
433 }
434 else if (local)
435 {
436 snprintf(buf, sizeof(buf),
437 "CN=c%d-r%d, OU=load-test, O=strongSwan", num, rnd);
438 id = identification_create_from_string(buf);
439 }
440 else
441 {
442 id = identification_create_from_string(
443 "CN=*, OU=load-test, O=strongSwan");
444 }
445 }
446 }
447 auth->add(auth, AUTH_RULE_AUTH_CLASS, class);
448 auth->add(auth, AUTH_RULE_IDENTITY, id);
449 peer_cfg->add_auth_cfg(peer_cfg, auth, local);
450 }
451 enumerator->destroy(enumerator);
452 }
453
454 /**
455 * Parse a protoport specifier
456 */
457 static bool parse_protoport(char *token, u_int16_t *from_port,
458 u_int16_t *to_port, u_int8_t *protocol)
459 {
460 char *sep, *port = "", *endptr;
461 struct protoent *proto;
462 struct servent *svc;
463 long int p;
464
465 sep = strrchr(token, ']');
466 if (!sep)
467 {
468 return FALSE;
469 }
470 *sep = '\0';
471
472 sep = strchr(token, '/');
473 if (sep)
474 { /* protocol/port */
475 *sep = '\0';
476 port = sep + 1;
477 }
478
479 if (streq(token, "%any"))
480 {
481 *protocol = 0;
482 }
483 else
484 {
485 proto = getprotobyname(token);
486 if (proto)
487 {
488 *protocol = proto->p_proto;
489 }
490 else
491 {
492 p = strtol(token, &endptr, 0);
493 if ((*token && *endptr) || p < 0 || p > 0xff)
494 {
495 return FALSE;
496 }
497 *protocol = (u_int8_t)p;
498 }
499 }
500 if (streq(port, "%any"))
501 {
502 *from_port = 0;
503 *to_port = 0xffff;
504 }
505 else if (streq(port, "%opaque"))
506 {
507 *from_port = 0xffff;
508 *to_port = 0;
509 }
510 else if (streq(port, "%unique"))
511 {
512 *from_port = *to_port = 0;
513 }
514 else if (*port)
515 {
516 svc = getservbyname(port, NULL);
517 if (svc)
518 {
519 *from_port = *to_port = ntohs(svc->s_port);
520 }
521 else
522 {
523 p = strtol(port, &endptr, 0);
524 if (p < 0 || p > 0xffff)
525 {
526 return FALSE;
527 }
528 *from_port = p;
529 if (*endptr == '-')
530 {
531 port = endptr + 1;
532 p = strtol(port, &endptr, 0);
533 if (p < 0 || p > 0xffff)
534 {
535 return FALSE;
536 }
537 }
538 *to_port = p;
539 if (*endptr)
540 {
541 return FALSE;
542 }
543 }
544 }
545 return TRUE;
546 }
547
548 /**
549 * Add a TS from a string to a child_cfg
550 */
551 static void add_ts(private_load_tester_config_t *this,
552 char *string, child_cfg_t *cfg, bool local, bool initiator)
553 {
554 traffic_selector_t *ts;
555
556 if (string)
557 {
558 enumerator_t *enumerator;
559 char *subnet, *pos;
560 u_int16_t from_port, to_port;
561 u_int8_t proto;
562
563 enumerator = enumerator_create_token(string, ",", " ");
564 while (enumerator->enumerate(enumerator, &subnet))
565 {
566 proto = 0;
567 from_port = 0;
568 to_port = 65535;
569
570 pos = strchr(subnet, '[');
571 if (pos)
572 {
573 *(pos++) = '\0';
574 if (!parse_protoport(pos, &from_port, &to_port, &proto))
575 {
576 DBG1(DBG_CFG, "invalid proto/port: %s, skipped subnet",
577 pos);
578 continue;
579 }
580 }
581 if (from_port == 0 && to_port == 0)
582 { /* %unique */
583 if (initiator)
584 {
585 from_port = this->unique_port++;
586 from_port = to_port = max(from_port, UNIQUE_PORT_START);
587 }
588 else
589 { /* not supported as responder, use %any */
590 to_port = 65535;
591 }
592 }
593 if (streq(subnet, "%dynamic"))
594 {
595 ts = traffic_selector_create_dynamic(proto,
596 from_port, to_port);
597 }
598 else
599 {
600 ts = traffic_selector_create_from_cidr(subnet, proto,
601 from_port, to_port);
602 }
603 if (ts)
604 {
605 cfg->add_traffic_selector(cfg, local, ts);
606 }
607 else
608 {
609 DBG1(DBG_CFG, "invalid subnet: %s, skipped", subnet);
610 }
611 }
612 enumerator->destroy(enumerator);
613 }
614 else
615 {
616 ts = traffic_selector_create_dynamic(0, 0, 65535);
617 if (ts)
618 {
619 cfg->add_traffic_selector(cfg, local, ts);
620 }
621 }
622 }
623
624 /**
625 * Allocate and install a dynamic external address to use
626 */
627 static host_t *allocate_addr(private_load_tester_config_t *this, uint num)
628 {
629 enumerator_t *enumerator;
630 mem_pool_t *pool;
631 host_t *found = NULL, *requested;
632 identification_t *id;
633 char *iface = NULL, buf[32];
634 entry_t *entry;
635
636 requested = host_create_any(AF_INET);
637 snprintf(buf, sizeof(buf), "ext-%d", num);
638 id = identification_create_from_string(buf);
639 enumerator = this->pools->create_enumerator(this->pools);
640 while (enumerator->enumerate(enumerator, &pool))
641 {
642 found = pool->acquire_address(pool, id, requested, MEM_POOL_NEW, NULL);
643 if (found)
644 {
645 iface = (char*)pool->get_name(pool);
646 break;
647 }
648 }
649 enumerator->destroy(enumerator);
650 requested->destroy(requested);
651
652 if (!found)
653 {
654 DBG1(DBG_CFG, "no address found to install as load-tester external IP");
655 id->destroy(id);
656 return NULL;
657 }
658 if (charon->kernel->add_ip(charon->kernel, found, this->prefix,
659 iface) != SUCCESS)
660 {
661 DBG1(DBG_CFG, "installing load-tester IP %H on %s failed", found, iface);
662 found->destroy(found);
663 id->destroy(id);
664 return NULL;
665 }
666 DBG1(DBG_CFG, "installed load-tester IP %H on %s", found, iface);
667 INIT(entry,
668 .host = found->clone(found),
669 .id = id,
670 );
671 this->mutex->lock(this->mutex);
672 entry = this->leases->put(this->leases, entry->host, entry);
673 this->mutex->unlock(this->mutex);
674 if (entry)
675 { /* shouldn't actually happen */
676 entry_destroy(entry);
677 }
678 return found;
679 }
680
681 /**
682 * Generate a new initiator config, num = 0 for responder config
683 */
684 static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
685 {
686 ike_cfg_t *ike_cfg;
687 child_cfg_t *child_cfg;
688 peer_cfg_t *peer_cfg;
689 char local[32], *remote;
690 host_t *addr;
691 ipsec_mode_t mode = MODE_TUNNEL;
692 lifetime_cfg_t lifetime = {
693 .time = {
694 .life = this->child_rekey * 2,
695 .rekey = this->child_rekey,
696 .jitter = 0
697 }
698 };
699
700 if (num)
701 { /* initiator */
702 if (this->pools->get_count(this->pools))
703 { /* using dynamically installed external addresses */
704 addr = allocate_addr(this, num);
705 if (!addr)
706 {
707 DBG1(DBG_CFG, "allocating external address failed");
708 return NULL;
709 }
710 snprintf(local, sizeof(local), "%H", addr);
711 addr->destroy(addr);
712 }
713 else
714 {
715 snprintf(local, sizeof(local), "%s", this->initiator);
716 }
717 remote = this->responder;
718 }
719 else
720 {
721 snprintf(local, sizeof(local), "%s", this->responder);
722 remote = this->initiator;
723 }
724
725 if (this->port && num)
726 {
727 ike_cfg = ike_cfg_create(this->version, TRUE, FALSE,
728 local, this->port + num - 1,
729 remote, IKEV2_NATT_PORT,
730 FRAGMENTATION_NO, 0);
731 }
732 else
733 {
734 ike_cfg = ike_cfg_create(this->version, TRUE, FALSE, local,
735 charon->socket->get_port(charon->socket, FALSE),
736 remote, IKEV2_UDP_PORT,
737 FRAGMENTATION_NO, 0);
738 }
739 ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal));
740 peer_cfg = peer_cfg_create("load-test", ike_cfg,
741 CERT_SEND_IF_ASKED, UNIQUE_NO, 1, /* keytries */
742 this->ike_rekey, 0, /* rekey, reauth */
743 0, this->ike_rekey, /* jitter, overtime */
744 FALSE, FALSE, TRUE, /* mobike, aggressive, pull */
745 this->dpd_delay, /* dpd_delay */
746 this->dpd_timeout, /* dpd_timeout */
747 FALSE, NULL, NULL);
748 if (this->vip)
749 {
750 peer_cfg->add_virtual_ip(peer_cfg, this->vip->clone(this->vip));
751 }
752 if (this->pool)
753 {
754 peer_cfg->add_pool(peer_cfg, this->pool);
755 }
756 if (num)
757 { /* initiator */
758 generate_auth_cfg(this, this->initiator_auth, peer_cfg, TRUE, num);
759 generate_auth_cfg(this, this->responder_auth, peer_cfg, FALSE, num);
760 }
761 else
762 { /* responder */
763 generate_auth_cfg(this, this->responder_auth, peer_cfg, TRUE, num);
764 generate_auth_cfg(this, this->initiator_auth, peer_cfg, FALSE, num);
765 }
766
767 if (this->mode)
768 {
769 if (streq(this->mode, "transport"))
770 {
771 mode = MODE_TRANSPORT;
772 }
773 else if (streq(this->mode, "beet"))
774 {
775 mode = MODE_BEET;
776 }
777 }
778
779 child_cfg = child_cfg_create("load-test", &lifetime, NULL, TRUE, mode,
780 ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
781 0, 0, NULL, NULL, 0);
782 child_cfg->add_proposal(child_cfg, this->esp->clone(this->esp));
783
784 if (num)
785 { /* initiator */
786 if (this->vip)
787 {
788 add_ts(this, NULL, child_cfg, TRUE, TRUE);
789 }
790 else
791 {
792 add_ts(this, this->initiator_tsi, child_cfg, TRUE, TRUE);
793 }
794 add_ts(this, this->initiator_tsr, child_cfg, FALSE, TRUE);
795 }
796 else
797 { /* responder */
798 add_ts(this, this->responder_tsr, child_cfg, TRUE, FALSE);
799 add_ts(this, this->responder_tsi, child_cfg, FALSE, FALSE);
800 }
801 peer_cfg->add_child_cfg(peer_cfg, child_cfg);
802 return peer_cfg;
803 }
804
805 METHOD(backend_t, create_peer_cfg_enumerator, enumerator_t*,
806 private_load_tester_config_t *this,
807 identification_t *me, identification_t *other)
808 {
809 return enumerator_create_single(this->peer_cfg, NULL);
810 }
811
812 METHOD(backend_t, create_ike_cfg_enumerator, enumerator_t*,
813 private_load_tester_config_t *this, host_t *me, host_t *other)
814 {
815 ike_cfg_t *ike_cfg;
816
817 ike_cfg = this->peer_cfg->get_ike_cfg(this->peer_cfg);
818 return enumerator_create_single(ike_cfg, NULL);
819 }
820
821 METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
822 private_load_tester_config_t *this, char *name)
823 {
824 if (streq(name, "load-test"))
825 {
826 return generate_config(this, (u_int)ref_get(&this->num));
827 }
828 return NULL;
829 }
830
831 METHOD(load_tester_config_t, delete_ip, void,
832 private_load_tester_config_t *this, host_t *ip)
833 {
834 enumerator_t *enumerator;
835 mem_pool_t *pool;
836 entry_t *entry;
837
838 if (this->keep)
839 {
840 return;
841 }
842
843 this->mutex->lock(this->mutex);
844 entry = this->leases->remove(this->leases, ip);
845 this->mutex->unlock(this->mutex);
846
847 if (entry)
848 {
849 enumerator = this->pools->create_enumerator(this->pools);
850 while (enumerator->enumerate(enumerator, &pool))
851 {
852 if (pool->release_address(pool, entry->host, entry->id))
853 {
854 charon->kernel->del_ip(charon->kernel, entry->host,
855 this->prefix, FALSE);
856 break;
857 }
858 }
859 enumerator->destroy(enumerator);
860 entry_destroy(entry);
861 }
862 }
863
864 /**
865 * Clean up leases for allocated external addresses, if have been kept
866 */
867 static void cleanup_leases(private_load_tester_config_t *this)
868 {
869 enumerator_t *pools, *leases;
870 mem_pool_t *pool;
871 identification_t *id;
872 host_t *addr;
873 entry_t *entry;
874 bool online;
875
876 pools = this->pools->create_enumerator(this->pools);
877 while (pools->enumerate(pools, &pool))
878 {
879 leases = pool->create_lease_enumerator(pool);
880 while (leases->enumerate(leases, &id, &addr, &online))
881 {
882 if (online)
883 {
884 charon->kernel->del_ip(charon->kernel, addr, this->prefix,
885 FALSE);
886 entry = this->leases->remove(this->leases, addr);
887 if (entry)
888 {
889 entry_destroy(entry);
890 }
891 }
892 }
893 leases->destroy(leases);
894 }
895 pools->destroy(pools);
896 }
897
898 METHOD(load_tester_config_t, destroy, void,
899 private_load_tester_config_t *this)
900 {
901 if (this->keep)
902 {
903 cleanup_leases(this);
904 }
905 this->mutex->destroy(this->mutex);
906 this->leases->destroy(this->leases);
907 this->pools->destroy_offset(this->pools, offsetof(mem_pool_t, destroy));
908 this->peer_cfg->destroy(this->peer_cfg);
909 DESTROY_IF(this->proposal);
910 DESTROY_IF(this->esp);
911 DESTROY_IF(this->vip);
912 free(this);
913 }
914
915 /**
916 * Described in header.
917 */
918 load_tester_config_t *load_tester_config_create()
919 {
920 private_load_tester_config_t *this;
921
922 INIT(this,
923 .public = {
924 .backend = {
925 .create_peer_cfg_enumerator = _create_peer_cfg_enumerator,
926 .create_ike_cfg_enumerator = _create_ike_cfg_enumerator,
927 .get_peer_cfg_by_name = _get_peer_cfg_by_name,
928 },
929 .delete_ip = _delete_ip,
930 .destroy = _destroy,
931 },
932 .pools = linked_list_create(),
933 .leases = hashtable_create((hashtable_hash_t)hash,
934 (hashtable_equals_t)equals, 256),
935 .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
936 .num = 1,
937 .unique_port = UNIQUE_PORT_START,
938 );
939
940 if (lib->settings->get_bool(lib->settings,
941 "%s.plugins.load-tester.request_virtual_ip", FALSE, lib->ns))
942 {
943 this->vip = host_create_from_string("0.0.0.0", 0);
944 }
945 this->pool = lib->settings->get_str(lib->settings,
946 "%s.plugins.load-tester.pool", NULL, lib->ns);
947 this->initiator = lib->settings->get_str(lib->settings,
948 "%s.plugins.load-tester.initiator", "0.0.0.0", lib->ns);
949 this->responder = lib->settings->get_str(lib->settings,
950 "%s.plugins.load-tester.responder", "127.0.0.1", lib->ns);
951
952 this->proposal = proposal_create_from_string(PROTO_IKE,
953 lib->settings->get_str(lib->settings,
954 "%s.plugins.load-tester.proposal", "aes128-sha1-modp768",
955 lib->ns));
956 if (!this->proposal)
957 { /* fallback */
958 this->proposal = proposal_create_from_string(PROTO_IKE,
959 "aes128-sha1-modp768");
960 }
961 this->esp = proposal_create_from_string(PROTO_ESP,
962 lib->settings->get_str(lib->settings,
963 "%s.plugins.load-tester.esp", "aes128-sha1", lib->ns));
964 if (!this->esp)
965 { /* fallback */
966 this->esp = proposal_create_from_string(PROTO_ESP, "aes128-sha1");
967 }
968
969 this->ike_rekey = lib->settings->get_int(lib->settings,
970 "%s.plugins.load-tester.ike_rekey", 0, lib->ns);
971 this->child_rekey = lib->settings->get_int(lib->settings,
972 "%s.plugins.load-tester.child_rekey", 600, lib->ns);
973 this->dpd_delay = lib->settings->get_int(lib->settings,
974 "%s.plugins.load-tester.dpd_delay", 0, lib->ns);
975 this->dpd_timeout = lib->settings->get_int(lib->settings,
976 "%s.plugins.load-tester.dpd_timeout", 0, lib->ns);
977
978 this->initiator_auth = lib->settings->get_str(lib->settings,
979 "%s.plugins.load-tester.initiator_auth", "pubkey", lib->ns);
980 this->responder_auth = lib->settings->get_str(lib->settings,
981 "%s.plugins.load-tester.responder_auth", "pubkey", lib->ns);
982 this->initiator_id = lib->settings->get_str(lib->settings,
983 "%s.plugins.load-tester.initiator_id", NULL, lib->ns);
984 this->initiator_match = lib->settings->get_str(lib->settings,
985 "%s.plugins.load-tester.initiator_match", NULL, lib->ns);
986 this->responder_id = lib->settings->get_str(lib->settings,
987 "%s.plugins.load-tester.responder_id", NULL, lib->ns);
988
989 this->mode = lib->settings->get_str(lib->settings,
990 "%s.plugins.load-tester.mode", NULL, lib->ns);
991 this->initiator_tsi = lib->settings->get_str(lib->settings,
992 "%s.plugins.load-tester.initiator_tsi", NULL, lib->ns);
993 this->responder_tsi =lib->settings->get_str(lib->settings,
994 "%s.plugins.load-tester.responder_tsi",
995 this->initiator_tsi, lib->ns);
996 this->initiator_tsr = lib->settings->get_str(lib->settings,
997 "%s.plugins.load-tester.initiator_tsr", NULL, lib->ns);
998 this->responder_tsr =lib->settings->get_str(lib->settings,
999 "%s.plugins.load-tester.responder_tsr",
1000 this->initiator_tsr, lib->ns);
1001
1002 this->port = lib->settings->get_int(lib->settings,
1003 "%s.plugins.load-tester.dynamic_port", 0, lib->ns);
1004 this->version = lib->settings->get_int(lib->settings,
1005 "%s.plugins.load-tester.version", IKE_ANY, lib->ns);
1006
1007 load_addrs(this);
1008
1009 this->peer_cfg = generate_config(this, 0);
1010
1011 return &this->public;
1012 }