Add an interactive mode in lookip tool, demonstrate lasting connections
[strongswan.git] / src / libcharon / plugins / lookip / lookip_listener.c
1 /*
2 * Copyright (C) 2012 Martin Willi
3 * Copyright (C) 2012 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "lookip_listener.h"
17
18 #include <daemon.h>
19 #include <utils/hashtable.h>
20 #include <utils/linked_list.h>
21 #include <threading/rwlock.h>
22
23 typedef struct private_lookip_listener_t private_lookip_listener_t;
24
25 /**
26 * Private data of an lookip_listener_t object.
27 */
28 struct private_lookip_listener_t {
29
30 /**
31 * Public lookip_listener_t interface.
32 */
33 lookip_listener_t public;
34
35 /**
36 * Lock for hashtable
37 */
38 rwlock_t *lock;
39
40 /**
41 * Hashtable with entries: host_t => entry_t
42 */
43 hashtable_t *entries;
44
45 /**
46 * List of registered listeners
47 */
48 linked_list_t *listeners;
49 };
50
51 /**
52 * Listener entry
53 */
54 typedef struct {
55 /** callback function */
56 lookip_callback_t cb;
57 /** user data for callback */
58 void *user;
59 } listener_entry_t;
60
61 /**
62 * Hashtable entry
63 */
64 typedef struct {
65 /** virtual IP, serves as lookup key */
66 host_t *vip;
67 /** peers external address */
68 host_t *other;
69 /** peer (EAP-)Identity */
70 identification_t *id;
71 /** associated connection name */
72 char *name;
73 } entry_t;
74
75 /**
76 * Destroy a hashtable entry
77 */
78 static void entry_destroy(entry_t *entry)
79 {
80 entry->vip->destroy(entry->vip);
81 entry->other->destroy(entry->other);
82 entry->id->destroy(entry->id);
83 free(entry->name);
84 free(entry);
85 }
86
87 /**
88 * Hashtable hash function
89 */
90 static u_int hash(host_t *key)
91 {
92 return chunk_hash(key->get_address(key));
93 }
94
95 /**
96 * Hashtable equals function
97 */
98 static bool equals(host_t *a, host_t *b)
99 {
100 return a->ip_equals(a, b);
101 }
102
103 /**
104 * Compare callback that invokes up callback of all registered listeners
105 */
106 static bool notify_up(listener_entry_t *listener, entry_t *entry)
107 {
108 if (!listener->cb(listener->user, TRUE, entry->vip, entry->other,
109 entry->id, entry->name))
110 {
111 free(listener);
112 return TRUE;
113 }
114 return FALSE;
115 }
116
117 /**
118 * Compare callback that invokes down callback of all registered listeners
119 */
120 static bool notify_down(listener_entry_t *listener, entry_t *entry)
121 {
122 if (!listener->cb(listener->user, FALSE, entry->vip, entry->other,
123 entry->id, entry->name))
124 {
125 free(listener);
126 return TRUE;
127 }
128 return FALSE;
129 }
130
131 /**
132 * Add a new entry to the hashtable
133 */
134 static void add_entry(private_lookip_listener_t *this, ike_sa_t *ike_sa)
135 {
136 enumerator_t *enumerator;
137 host_t *vip, *other;
138 identification_t *id;
139 entry_t *entry;
140
141 enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, FALSE);
142 while (enumerator->enumerate(enumerator, &vip))
143 {
144 other = ike_sa->get_other_host(ike_sa);
145 id = ike_sa->get_other_eap_id(ike_sa);
146
147 INIT(entry,
148 .vip = vip->clone(vip),
149 .other = other->clone(other),
150 .id = id->clone(id),
151 .name = strdup(ike_sa->get_name(ike_sa)),
152 );
153
154 this->lock->read_lock(this->lock);
155 this->listeners->remove(this->listeners, entry, (void*)notify_up);
156 this->lock->unlock(this->lock);
157
158 this->lock->write_lock(this->lock);
159 entry = this->entries->put(this->entries, entry->vip, entry);
160 this->lock->unlock(this->lock);
161 if (entry)
162 {
163 entry_destroy(entry);
164 }
165 }
166 enumerator->destroy(enumerator);
167 }
168
169 /**
170 * Remove an entry from the hashtable
171 */
172 static void remove_entry(private_lookip_listener_t *this, ike_sa_t *ike_sa)
173 {
174 enumerator_t *enumerator;
175 host_t *vip;
176 entry_t *entry;
177
178 enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, FALSE);
179 while (enumerator->enumerate(enumerator, &vip))
180 {
181 this->lock->write_lock(this->lock);
182 entry = this->entries->remove(this->entries, vip);
183 this->lock->unlock(this->lock);
184 if (entry)
185 {
186 this->lock->read_lock(this->lock);
187 this->listeners->remove(this->listeners, entry, (void*)notify_down);
188 this->lock->unlock(this->lock);
189
190 entry_destroy(entry);
191 }
192 }
193 enumerator->destroy(enumerator);
194 }
195
196 METHOD(listener_t, message_hook, bool,
197 private_lookip_listener_t *this, ike_sa_t *ike_sa,
198 message_t *message, bool incoming, bool plain)
199 {
200 if (plain && ike_sa->get_state(ike_sa) == IKE_ESTABLISHED &&
201 !incoming && !message->get_request(message))
202 {
203 if (ike_sa->get_version(ike_sa) == IKEV1 &&
204 message->get_exchange_type(message) == TRANSACTION)
205 {
206 add_entry(this, ike_sa);
207 }
208 if (ike_sa->get_version(ike_sa) == IKEV2 &&
209 message->get_exchange_type(message) == IKE_AUTH)
210 {
211 add_entry(this, ike_sa);
212 }
213 }
214 return TRUE;
215 }
216
217 METHOD(listener_t, ike_updown, bool,
218 private_lookip_listener_t *this, ike_sa_t *ike_sa, bool up)
219 {
220 if (!up)
221 {
222 remove_entry(this, ike_sa);
223 }
224 return TRUE;
225 }
226
227 METHOD(lookip_listener_t, lookup, int,
228 private_lookip_listener_t *this, host_t *vip,
229 lookip_callback_t cb, void *user)
230 {
231 entry_t *entry;
232 int matches = 0;
233
234 this->lock->read_lock(this->lock);
235 if (vip)
236 {
237 entry = this->entries->get(this->entries, vip);
238 if (entry)
239 {
240 cb(user, TRUE, entry->vip, entry->other, entry->id, entry->name);
241 matches ++;
242 }
243 }
244 else
245 {
246 enumerator_t *enumerator;
247
248 enumerator = this->entries->create_enumerator(this->entries);
249 while (enumerator->enumerate(enumerator, &vip, &entry))
250 {
251 cb(user, TRUE, entry->vip, entry->other, entry->id, entry->name);
252 matches++;
253 }
254 enumerator->destroy(enumerator);
255 }
256 this->lock->unlock(this->lock);
257
258 return matches;
259 }
260
261 METHOD(lookip_listener_t, add_listener, void,
262 private_lookip_listener_t *this, lookip_callback_t cb, void *user)
263 {
264 listener_entry_t *listener;
265
266 INIT(listener,
267 .cb = cb,
268 .user = user,
269 );
270
271 this->lock->write_lock(this->lock);
272 this->listeners->insert_last(this->listeners, listener);
273 this->lock->unlock(this->lock);
274 }
275
276 METHOD(lookip_listener_t, destroy, void,
277 private_lookip_listener_t *this)
278 {
279 this->listeners->destroy_function(this->listeners, free);
280 this->entries->destroy(this->entries);
281 this->lock->destroy(this->lock);
282 free(this);
283 }
284
285 /**
286 * See header
287 */
288 lookip_listener_t *lookip_listener_create()
289 {
290 private_lookip_listener_t *this;
291
292 INIT(this,
293 .public = {
294 .listener = {
295 .message = _message_hook,
296 .ike_updown = _ike_updown,
297 },
298 .lookup = _lookup,
299 .add_listener = _add_listener,
300 .destroy = _destroy,
301 },
302 .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
303 .entries = hashtable_create((hashtable_hash_t)hash,
304 (hashtable_equals_t)equals, 32),
305 .listeners = linked_list_create(),
306 );
307
308 return &this->public;
309 }