aee36d6bbe545b3fafe79842de2e77d1cf5c46fe
[strongswan.git] / src / libcharon / plugins / tnc_ifmap / tnc_ifmap_listener.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "tnc_ifmap_listener.h"
17 #include "tnc_ifmap_soap.h"
18
19 #include <daemon.h>
20 #include <debug.h>
21
22 typedef struct private_tnc_ifmap_listener_t private_tnc_ifmap_listener_t;
23
24 /**
25 * Private data of an tnc_ifmap_listener_t object.
26 */
27 struct private_tnc_ifmap_listener_t {
28
29 /**
30 * Public tnc_ifmap_listener_t interface.
31 */
32 tnc_ifmap_listener_t public;
33
34 /**
35 * TNC IF-MAP 2.0 SOAP interface
36 */
37 tnc_ifmap_soap_t *ifmap;
38
39 };
40
41 /**
42 * Publish metadata of a single IKE_SA
43 */
44 static bool publish_ike_sa(private_tnc_ifmap_listener_t *this,
45 ike_sa_t *ike_sa, bool up)
46 {
47 u_int32_t ike_sa_id;
48 identification_t *id, *eap_id;
49 bool is_user;
50 host_t *host;
51
52 ike_sa_id = ike_sa->get_unique_id(ike_sa);
53 id = ike_sa->get_other_id(ike_sa);
54 eap_id = ike_sa->get_other_eap_id(ike_sa);
55 host = ike_sa->get_other_host(ike_sa);
56
57 /* In the presence of an EAP Identity, treat it as a username */
58 is_user = !id->equals(id, eap_id);
59
60 return this->ifmap->publish_ike_sa(this->ifmap, ike_sa_id, eap_id, is_user,
61 host, up);
62 }
63
64 /**
65 * Publish all IKE_SA metadata
66 */
67 static bool reload_metadata(private_tnc_ifmap_listener_t *this)
68 {
69 enumerator_t *enumerator;
70 ike_sa_t *ike_sa;
71 bool success = TRUE;
72
73 enumerator = charon->controller->create_ike_sa_enumerator(
74 charon->controller, FALSE);
75 while (enumerator->enumerate(enumerator, &ike_sa))
76 {
77 if (ike_sa->get_state(ike_sa) != IKE_ESTABLISHED)
78 {
79 continue;
80 }
81 if (!publish_ike_sa(this, ike_sa, TRUE))
82 {
83 success = FALSE;
84 break;
85 }
86 }
87 enumerator->destroy(enumerator);
88
89 return success;
90 }
91
92 METHOD(listener_t, ike_updown, bool,
93 private_tnc_ifmap_listener_t *this, ike_sa_t *ike_sa, bool up)
94 {
95 publish_ike_sa(this, ike_sa, up);
96
97 return TRUE;
98 }
99
100 METHOD(tnc_ifmap_listener_t, destroy, void,
101 private_tnc_ifmap_listener_t *this)
102 {
103 DESTROY_IF(this->ifmap);
104 free(this);
105 }
106
107 /**
108 * See header
109 */
110 tnc_ifmap_listener_t *tnc_ifmap_listener_create(bool reload)
111 {
112 private_tnc_ifmap_listener_t *this;
113
114 INIT(this,
115 .public = {
116 .listener = {
117 .ike_updown = _ike_updown,
118 },
119 .destroy = _destroy,
120 },
121 .ifmap = tnc_ifmap_soap_create(),
122 );
123
124 if (!this->ifmap)
125 {
126 destroy(this);
127 return NULL;
128 }
129 if (!this->ifmap->newSession(this->ifmap))
130 {
131 destroy(this);
132 return NULL;
133 }
134 if (!this->ifmap->purgePublisher(this->ifmap))
135 {
136 destroy(this);
137 return NULL;
138 }
139 if (reload)
140 {
141 if (!reload_metadata(this))
142 {
143 destroy(this);
144 return NULL;
145 }
146 }
147
148 return &this->public;
149 }
150