src/libcharon/plugins/unity/unity_provider.c

   1 /*
   2  * Copyright (C) 2012 Martin Willi
   3  * Copyright (C) 2012 revosec AG
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include "unity_provider.h"
  17
  18 #include <daemon.h>
  19
  20 typedef struct private_unity_provider_t private_unity_provider_t;
  21
  22 /**
  23  * Private data of an unity_provider_t object.
  24  */
  25 struct private_unity_provider_t {
  26
  27         /**
  28          * Public unity_provider_t interface.
  29          */
  30         unity_provider_t public;
  31 };
  32
  33 /**
  34  * Attribute enumerator for traffic selector list
  35  */
  36 typedef struct {
  37         /** Implements enumerator_t */
  38         enumerator_t public;
  39         /** list of traffic selectors to enumerate */
  40         linked_list_t *list;
  41         /** currently enumerating subnet */
  42         u_char subnet[4];
  43         /** currently enumerating subnet mask */
  44         u_char mask[4];
  45 } attribute_enumerator_t;
  46
  47 METHOD(enumerator_t, attribute_enumerate, bool,
  48         attribute_enumerator_t *this, configuration_attribute_type_t *type,
  49         chunk_t *attr)
  50 {
  51         traffic_selector_t *ts;
  52         u_int8_t i, mask;
  53         host_t *net;
  54
  55         while (TRUE)
  56         {
  57                 if (this->list->remove_first(this->list, (void**)&ts) != SUCCESS)
  58                 {
  59                         return FALSE;
  60                 }
  61                 if (ts->get_type(ts) == TS_IPV4_ADDR_RANGE &&
  62                         ts->to_subnet(ts, &net, &mask))
  63                 {
  64                         ts->destroy(ts);
  65                         break;
  66                 }
  67                 ts->destroy(ts);
  68         }
  69
  70         memset(this->mask, 0, sizeof(this->mask));
  71         for (i = 0; i < sizeof(this->mask); i++)
  72         {
  73                 if (mask < 8)
  74                 {
  75                         this->mask[i] = 0xFF << (8 - mask);
  76                         break;
  77                 }
  78                 this->mask[i] = 0xFF;
  79                 mask -= 8;
  80         }
  81         memcpy(this->subnet, net->get_address(net).ptr, sizeof(this->subnet));
  82         net->destroy(net);
  83
  84         *type = UNITY_SPLIT_INCLUDE;
  85         *attr = chunk_create(this->subnet, sizeof(this->subnet) + sizeof(this->mask));
  86
  87         return TRUE;
  88 }
  89
  90 METHOD(enumerator_t, attribute_destroy, void,
  91         attribute_enumerator_t *this)
  92 {
  93         this->list->destroy_offset(this->list, offsetof(traffic_selector_t, destroy));
  94         free(this);
  95 }
  96
  97 METHOD(attribute_provider_t, create_attribute_enumerator, enumerator_t*,
  98         private_unity_provider_t *this, linked_list_t *pools, identification_t *id,
  99         linked_list_t *vips)
 100 {
 101         attribute_enumerator_t *attr_enum;
 102         enumerator_t *enumerator;
 103         linked_list_t *list, *current;
 104         traffic_selector_t *ts;
 105         ike_sa_t *ike_sa;
 106         peer_cfg_t *peer_cfg;
 107         child_cfg_t *child_cfg;
 108
 109         ike_sa = charon->bus->get_sa(charon->bus);
 110         if (!ike_sa || ike_sa->get_version(ike_sa) != IKEV1 ||
 111                 !ike_sa->supports_extension(ike_sa, EXT_CISCO_UNITY) ||
 112                 !vips->get_count(vips))
 113         {
 114                 return NULL;
 115         }
 116
 117         list = linked_list_create();
 118         peer_cfg = ike_sa->get_peer_cfg(ike_sa);
 119         enumerator = peer_cfg->create_child_cfg_enumerator(peer_cfg);
 120         while (enumerator->enumerate(enumerator, &child_cfg))
 121         {
 122                 current = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
 123                 while (current->remove_first(current, (void**)&ts) == SUCCESS)
 124                 {
 125                         list->insert_last(list, ts);
 126                 }
 127                 current->destroy(current);
 128         }
 129         enumerator->destroy(enumerator);
 130
 131         if (list->get_count(list) == 0)
 132         {
 133                 list->destroy(list);
 134                 return NULL;
 135         }
 136         INIT(attr_enum,
 137                 .public = {
 138                         .enumerate = (void*)_attribute_enumerate,
 139                         .destroy = _attribute_destroy,
 140                 },
 141                 .list = list,
 142         );
 143         return &attr_enum->public;
 144 }
 145
 146 METHOD(unity_provider_t, destroy, void,
 147         private_unity_provider_t *this)
 148 {
 149         free(this);
 150 }
 151
 152 /**
 153  * See header
 154  */
 155 unity_provider_t *unity_provider_create()
 156 {
 157         private_unity_provider_t *this;
 158
 159         INIT(this,
 160                 .public = {
 161                         .provider = {
 162                                 .acquire_address = (void*)return_null,
 163                                 .release_address = (void*)return_false,
 164                                 .create_attribute_enumerator = _create_attribute_enumerator,
 165                         },
 166                         .destroy = _destroy,
 167                 },
 168         );
 169
 170         return &this->public;
 171 }