As Unity responder, don't change the proposed TS at all, racoon doesn't like that
[strongswan.git] / src / libcharon / plugins / unity / unity_provider.c
1 /*
2 * Copyright (C) 2012 Martin Willi
3 * Copyright (C) 2012 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "unity_provider.h"
17
18 #include <daemon.h>
19
20 typedef struct private_unity_provider_t private_unity_provider_t;
21
22 /**
23 * Private data of an unity_provider_t object.
24 */
25 struct private_unity_provider_t {
26
27 /**
28 * Public unity_provider_t interface.
29 */
30 unity_provider_t public;
31 };
32
33 /**
34 * Attribute enumerator for traffic selector list
35 */
36 typedef struct {
37 /** Implements enumerator_t */
38 enumerator_t public;
39 /** list of traffic selectors to enumerate */
40 linked_list_t *list;
41 /** currently enumerating subnet */
42 u_char subnet[4];
43 /** currently enumerating subnet mask */
44 u_char mask[4];
45 } attribute_enumerator_t;
46
47 METHOD(enumerator_t, attribute_enumerate, bool,
48 attribute_enumerator_t *this, configuration_attribute_type_t *type,
49 chunk_t *attr)
50 {
51 traffic_selector_t *ts;
52 u_int8_t i, mask;
53 host_t *net;
54
55 while (TRUE)
56 {
57 if (this->list->remove_first(this->list, (void**)&ts) != SUCCESS)
58 {
59 return FALSE;
60 }
61 if (ts->get_type(ts) == TS_IPV4_ADDR_RANGE &&
62 ts->to_subnet(ts, &net, &mask))
63 {
64 ts->destroy(ts);
65 break;
66 }
67 ts->destroy(ts);
68 }
69
70 memset(this->mask, 0, sizeof(this->mask));
71 for (i = 0; i < sizeof(this->mask); i++)
72 {
73 if (mask < 8)
74 {
75 this->mask[i] = 0xFF << (8 - mask);
76 break;
77 }
78 this->mask[i] = 0xFF;
79 mask -= 8;
80 }
81 memcpy(this->subnet, net->get_address(net).ptr, sizeof(this->subnet));
82 net->destroy(net);
83
84 *type = UNITY_SPLIT_INCLUDE;
85 *attr = chunk_create(this->subnet, sizeof(this->subnet) + sizeof(this->mask));
86
87 return TRUE;
88 }
89
90 METHOD(enumerator_t, attribute_destroy, void,
91 attribute_enumerator_t *this)
92 {
93 this->list->destroy_offset(this->list, offsetof(traffic_selector_t, destroy));
94 free(this);
95 }
96
97 METHOD(attribute_provider_t, create_attribute_enumerator, enumerator_t*,
98 private_unity_provider_t *this, linked_list_t *pools, identification_t *id,
99 linked_list_t *vips)
100 {
101 attribute_enumerator_t *attr_enum;
102 enumerator_t *enumerator;
103 linked_list_t *list, *current;
104 traffic_selector_t *ts;
105 ike_sa_t *ike_sa;
106 peer_cfg_t *peer_cfg;
107 child_cfg_t *child_cfg;
108
109 ike_sa = charon->bus->get_sa(charon->bus);
110 if (!ike_sa || ike_sa->get_version(ike_sa) != IKEV1 ||
111 !ike_sa->supports_extension(ike_sa, EXT_CISCO_UNITY) ||
112 !vips->get_count(vips))
113 {
114 return NULL;
115 }
116
117 list = linked_list_create();
118 peer_cfg = ike_sa->get_peer_cfg(ike_sa);
119 enumerator = peer_cfg->create_child_cfg_enumerator(peer_cfg);
120 while (enumerator->enumerate(enumerator, &child_cfg))
121 {
122 current = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
123 while (current->remove_first(current, (void**)&ts) == SUCCESS)
124 {
125 list->insert_last(list, ts);
126 }
127 current->destroy(current);
128 }
129 enumerator->destroy(enumerator);
130
131 if (list->get_count(list) == 0)
132 {
133 list->destroy(list);
134 return NULL;
135 }
136 DBG1(DBG_CFG, "sending %N: %#R",
137 configuration_attribute_type_names, UNITY_SPLIT_INCLUDE, list);
138
139 INIT(attr_enum,
140 .public = {
141 .enumerate = (void*)_attribute_enumerate,
142 .destroy = _attribute_destroy,
143 },
144 .list = list,
145 );
146
147 return &attr_enum->public;
148 }
149
150 METHOD(unity_provider_t, destroy, void,
151 private_unity_provider_t *this)
152 {
153 free(this);
154 }
155
156 /**
157 * See header
158 */
159 unity_provider_t *unity_provider_create()
160 {
161 private_unity_provider_t *this;
162
163 INIT(this,
164 .public = {
165 .provider = {
166 .acquire_address = (void*)return_null,
167 .release_address = (void*)return_false,
168 .create_attribute_enumerator = _create_attribute_enumerator,
169 },
170 .destroy = _destroy,
171 },
172 );
173
174 return &this->public;
175 }