2fbe84818ce89b7f78a8851a95f85f48bee5d4a4
[strongswan.git] / src / libhydra / kernel / kernel_interface.c
1 /*
2 * Copyright (C) 2008-2012 Tobias Brunner
3 * Hochschule fuer Technik Rapperswil
4 * Copyright (C) 2010 Martin Willi
5 * Copyright (C) 2010 revosec AG
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /*
19 * Copyright (c) 2012 Nanoteq Pty Ltd
20 *
21 * Permission is hereby granted, free of charge, to any person obtaining a copy
22 * of this software and associated documentation files (the "Software"), to deal
23 * in the Software without restriction, including without limitation the rights
24 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
25 * copies of the Software, and to permit persons to whom the Software is
26 * furnished to do so, subject to the following conditions:
27 *
28 * The above copyright notice and this permission notice shall be included in
29 * all copies or substantial portions of the Software.
30 *
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
32 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
33 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
34 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
35 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
36 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
37 * THE SOFTWARE.
38 */
39
40 #include "kernel_interface.h"
41
42 #include <hydra.h>
43 #include <utils/debug.h>
44 #include <threading/mutex.h>
45 #include <collections/linked_list.h>
46
47 typedef struct private_kernel_interface_t private_kernel_interface_t;
48
49 typedef struct kernel_algorithm_t kernel_algorithm_t;
50
51 /**
52 * Mapping of IKE algorithms to kernel-specific algorithm identifiers
53 */
54 struct kernel_algorithm_t {
55
56 /**
57 * Transform type of the algorithm
58 */
59 transform_type_t type;
60
61 /**
62 * Identifier specified in IKE
63 */
64 u_int16_t ike;
65
66 /**
67 * Identifier as defined in pfkeyv2.h
68 */
69 u_int16_t kernel;
70
71 /**
72 * Name of the algorithm in linux crypto API
73 */
74 char *name;
75 };
76
77 /**
78 * Private data of a kernel_interface_t object.
79 */
80 struct private_kernel_interface_t {
81
82 /**
83 * Public part of kernel_interface_t object.
84 */
85 kernel_interface_t public;
86
87 /**
88 * Registered IPsec constructor
89 */
90 kernel_ipsec_constructor_t ipsec_constructor;
91
92 /**
93 * Registered net constructor
94 */
95 kernel_net_constructor_t net_constructor;
96
97 /**
98 * ipsec interface
99 */
100 kernel_ipsec_t *ipsec;
101
102 /**
103 * network interface
104 */
105 kernel_net_t *net;
106
107 /**
108 * mutex for listeners
109 */
110 mutex_t *mutex;
111
112 /**
113 * list of registered listeners
114 */
115 linked_list_t *listeners;
116
117 /**
118 * mutex for algorithm mappings
119 */
120 mutex_t *mutex_algs;
121
122 /**
123 * List of algorithm mappings (kernel_algorithm_t*)
124 */
125 linked_list_t *algorithms;
126
127 /**
128 * List of interface names to include or exclude (char*), NULL if interfaces
129 * are not filtered
130 */
131 linked_list_t *ifaces_filter;
132
133 /**
134 * TRUE to exclude interfaces listed in ifaces_filter, FALSE to consider
135 * only those listed there
136 */
137 bool ifaces_exclude;
138 };
139
140 METHOD(kernel_interface_t, get_spi, status_t,
141 private_kernel_interface_t *this, host_t *src, host_t *dst,
142 u_int8_t protocol, u_int32_t reqid, u_int32_t *spi)
143 {
144 if (!this->ipsec)
145 {
146 return NOT_SUPPORTED;
147 }
148 return this->ipsec->get_spi(this->ipsec, src, dst, protocol, reqid, spi);
149 }
150
151 METHOD(kernel_interface_t, get_cpi, status_t,
152 private_kernel_interface_t *this, host_t *src, host_t *dst,
153 u_int32_t reqid, u_int16_t *cpi)
154 {
155 if (!this->ipsec)
156 {
157 return NOT_SUPPORTED;
158 }
159 return this->ipsec->get_cpi(this->ipsec, src, dst, reqid, cpi);
160 }
161
162 METHOD(kernel_interface_t, add_sa, status_t,
163 private_kernel_interface_t *this, host_t *src, host_t *dst,
164 u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
165 u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
166 u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode, u_int16_t ipcomp,
167 u_int16_t cpi, bool encap, bool esn, bool inbound,
168 traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
169 {
170 if (!this->ipsec)
171 {
172 return NOT_SUPPORTED;
173 }
174 return this->ipsec->add_sa(this->ipsec, src, dst, spi, protocol, reqid,
175 mark, tfc, lifetime, enc_alg, enc_key, int_alg, int_key, mode,
176 ipcomp, cpi, encap, esn, inbound, src_ts, dst_ts);
177 }
178
179 METHOD(kernel_interface_t, update_sa, status_t,
180 private_kernel_interface_t *this, u_int32_t spi, u_int8_t protocol,
181 u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
182 bool encap, bool new_encap, mark_t mark)
183 {
184 if (!this->ipsec)
185 {
186 return NOT_SUPPORTED;
187 }
188 return this->ipsec->update_sa(this->ipsec, spi, protocol, cpi, src, dst,
189 new_src, new_dst, encap, new_encap, mark);
190 }
191
192 METHOD(kernel_interface_t, query_sa, status_t,
193 private_kernel_interface_t *this, host_t *src, host_t *dst,
194 u_int32_t spi, u_int8_t protocol, mark_t mark, u_int64_t *bytes)
195 {
196 if (!this->ipsec)
197 {
198 return NOT_SUPPORTED;
199 }
200 return this->ipsec->query_sa(this->ipsec, src, dst, spi, protocol, mark, bytes);
201 }
202
203 METHOD(kernel_interface_t, del_sa, status_t,
204 private_kernel_interface_t *this, host_t *src, host_t *dst, u_int32_t spi,
205 u_int8_t protocol, u_int16_t cpi, mark_t mark)
206 {
207 if (!this->ipsec)
208 {
209 return NOT_SUPPORTED;
210 }
211 return this->ipsec->del_sa(this->ipsec, src, dst, spi, protocol, cpi, mark);
212 }
213
214 METHOD(kernel_interface_t, flush_sas, status_t,
215 private_kernel_interface_t *this)
216 {
217 if (!this->ipsec)
218 {
219 return NOT_SUPPORTED;
220 }
221 return this->ipsec->flush_sas(this->ipsec);
222 }
223
224 METHOD(kernel_interface_t, add_policy, status_t,
225 private_kernel_interface_t *this, host_t *src, host_t *dst,
226 traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
227 policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa,
228 mark_t mark, policy_priority_t priority)
229 {
230 if (!this->ipsec)
231 {
232 return NOT_SUPPORTED;
233 }
234 return this->ipsec->add_policy(this->ipsec, src, dst, src_ts, dst_ts,
235 direction, type, sa, mark, priority);
236 }
237
238 METHOD(kernel_interface_t, query_policy, status_t,
239 private_kernel_interface_t *this, traffic_selector_t *src_ts,
240 traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
241 u_int32_t *use_time)
242 {
243 if (!this->ipsec)
244 {
245 return NOT_SUPPORTED;
246 }
247 return this->ipsec->query_policy(this->ipsec, src_ts, dst_ts,
248 direction, mark, use_time);
249 }
250
251 METHOD(kernel_interface_t, del_policy, status_t,
252 private_kernel_interface_t *this, traffic_selector_t *src_ts,
253 traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid,
254 mark_t mark, policy_priority_t priority)
255 {
256 if (!this->ipsec)
257 {
258 return NOT_SUPPORTED;
259 }
260 return this->ipsec->del_policy(this->ipsec, src_ts, dst_ts,
261 direction, reqid, mark, priority);
262 }
263
264 METHOD(kernel_interface_t, flush_policies, status_t,
265 private_kernel_interface_t *this)
266 {
267 if (!this->ipsec)
268 {
269 return NOT_SUPPORTED;
270 }
271 return this->ipsec->flush_policies(this->ipsec);
272 }
273
274 METHOD(kernel_interface_t, get_source_addr, host_t*,
275 private_kernel_interface_t *this, host_t *dest, host_t *src)
276 {
277 if (!this->net)
278 {
279 return NULL;
280 }
281 return this->net->get_source_addr(this->net, dest, src);
282 }
283
284 METHOD(kernel_interface_t, get_nexthop, host_t*,
285 private_kernel_interface_t *this, host_t *dest, host_t *src)
286 {
287 if (!this->net)
288 {
289 return NULL;
290 }
291 return this->net->get_nexthop(this->net, dest, src);
292 }
293
294 METHOD(kernel_interface_t, get_interface, bool,
295 private_kernel_interface_t *this, host_t *host, char **name)
296 {
297 if (!this->net)
298 {
299 return NULL;
300 }
301 return this->net->get_interface(this->net, host, name);
302 }
303
304 METHOD(kernel_interface_t, create_address_enumerator, enumerator_t*,
305 private_kernel_interface_t *this, kernel_address_type_t which)
306 {
307 if (!this->net)
308 {
309 return enumerator_create_empty();
310 }
311 return this->net->create_address_enumerator(this->net, which);
312 }
313
314 METHOD(kernel_interface_t, add_ip, status_t,
315 private_kernel_interface_t *this, host_t *virtual_ip, int prefix,
316 host_t *iface_ip)
317 {
318 if (!this->net)
319 {
320 return NOT_SUPPORTED;
321 }
322 return this->net->add_ip(this->net, virtual_ip, prefix, iface_ip);
323 }
324
325 METHOD(kernel_interface_t, del_ip, status_t,
326 private_kernel_interface_t *this, host_t *virtual_ip, int prefix)
327 {
328 if (!this->net)
329 {
330 return NOT_SUPPORTED;
331 }
332 return this->net->del_ip(this->net, virtual_ip, prefix);
333 }
334
335 METHOD(kernel_interface_t, add_route, status_t,
336 private_kernel_interface_t *this, chunk_t dst_net,
337 u_int8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name)
338 {
339 if (!this->net)
340 {
341 return NOT_SUPPORTED;
342 }
343 return this->net->add_route(this->net, dst_net, prefixlen, gateway,
344 src_ip, if_name);
345 }
346
347 METHOD(kernel_interface_t, del_route, status_t,
348 private_kernel_interface_t *this, chunk_t dst_net,
349 u_int8_t prefixlen, host_t *gateway, host_t *src_ip, char *if_name)
350 {
351 if (!this->net)
352 {
353 return NOT_SUPPORTED;
354 }
355 return this->net->del_route(this->net, dst_net, prefixlen, gateway,
356 src_ip, if_name);
357 }
358
359 METHOD(kernel_interface_t, bypass_socket, bool,
360 private_kernel_interface_t *this, int fd, int family)
361 {
362 if (!this->ipsec)
363 {
364 return FALSE;
365 }
366 return this->ipsec->bypass_socket(this->ipsec, fd, family);
367 }
368
369 METHOD(kernel_interface_t, enable_udp_decap, bool,
370 private_kernel_interface_t *this, int fd, int family, u_int16_t port)
371 {
372 if (!this->ipsec)
373 {
374 return FALSE;
375 }
376 return this->ipsec->enable_udp_decap(this->ipsec, fd, family, port);
377 }
378
379 METHOD(kernel_interface_t, is_interface_usable, bool,
380 private_kernel_interface_t *this, const char *iface)
381 {
382 status_t expected;
383
384 if (!this->ifaces_filter)
385 {
386 return TRUE;
387 }
388 expected = this->ifaces_exclude ? NOT_FOUND : SUCCESS;
389 return this->ifaces_filter->find_first(this->ifaces_filter, (void*)streq,
390 NULL, iface) == expected;
391 }
392
393 METHOD(kernel_interface_t, all_interfaces_usable, bool,
394 private_kernel_interface_t *this)
395 {
396 return this->ifaces_filter == NULL;
397 }
398
399 METHOD(kernel_interface_t, get_address_by_ts, status_t,
400 private_kernel_interface_t *this, traffic_selector_t *ts, host_t **ip)
401 {
402 enumerator_t *addrs;
403 host_t *host;
404 int family;
405 bool found = FALSE;
406
407 DBG2(DBG_KNL, "getting a local address in traffic selector %R", ts);
408
409 /* if we have a family which includes localhost, we do not
410 * search for an IP, we use the default */
411 family = ts->get_type(ts) == TS_IPV4_ADDR_RANGE ? AF_INET : AF_INET6;
412
413 if (family == AF_INET)
414 {
415 host = host_create_from_string("127.0.0.1", 0);
416 }
417 else
418 {
419 host = host_create_from_string("::1", 0);
420 }
421
422 if (ts->includes(ts, host))
423 {
424 *ip = host_create_any(family);
425 host->destroy(host);
426 DBG2(DBG_KNL, "using host %H", *ip);
427 return SUCCESS;
428 }
429 host->destroy(host);
430
431 addrs = create_address_enumerator(this, ADDR_TYPE_ALL);
432 while (addrs->enumerate(addrs, (void**)&host))
433 {
434 if (ts->includes(ts, host))
435 {
436 found = TRUE;
437 *ip = host->clone(host);
438 break;
439 }
440 }
441 addrs->destroy(addrs);
442
443 if (!found)
444 {
445 DBG2(DBG_KNL, "no local address found in traffic selector %R", ts);
446 return FAILED;
447 }
448
449 DBG2(DBG_KNL, "using host %H", *ip);
450 return SUCCESS;
451 }
452
453
454 METHOD(kernel_interface_t, add_ipsec_interface, void,
455 private_kernel_interface_t *this, kernel_ipsec_constructor_t constructor)
456 {
457 if (!this->ipsec)
458 {
459 this->ipsec_constructor = constructor;
460 this->ipsec = constructor();
461 }
462 }
463
464 METHOD(kernel_interface_t, remove_ipsec_interface, void,
465 private_kernel_interface_t *this, kernel_ipsec_constructor_t constructor)
466 {
467 if (constructor == this->ipsec_constructor && this->ipsec)
468 {
469 this->ipsec->destroy(this->ipsec);
470 this->ipsec = NULL;
471 }
472 }
473
474 METHOD(kernel_interface_t, add_net_interface, void,
475 private_kernel_interface_t *this, kernel_net_constructor_t constructor)
476 {
477 if (!this->net)
478 {
479 this->net_constructor = constructor;
480 this->net = constructor();
481 }
482 }
483
484 METHOD(kernel_interface_t, remove_net_interface, void,
485 private_kernel_interface_t *this, kernel_net_constructor_t constructor)
486 {
487 if (constructor == this->net_constructor && this->net)
488 {
489 this->net->destroy(this->net);
490 this->net = NULL;
491 }
492 }
493
494 METHOD(kernel_interface_t, add_listener, void,
495 private_kernel_interface_t *this, kernel_listener_t *listener)
496 {
497 this->mutex->lock(this->mutex);
498 this->listeners->insert_last(this->listeners, listener);
499 this->mutex->unlock(this->mutex);
500 }
501
502 METHOD(kernel_interface_t, remove_listener, void,
503 private_kernel_interface_t *this, kernel_listener_t *listener)
504 {
505 this->mutex->lock(this->mutex);
506 this->listeners->remove(this->listeners, listener, NULL);
507 this->mutex->unlock(this->mutex);
508 }
509
510 METHOD(kernel_interface_t, acquire, void,
511 private_kernel_interface_t *this, u_int32_t reqid,
512 traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
513 {
514 kernel_listener_t *listener;
515 enumerator_t *enumerator;
516 this->mutex->lock(this->mutex);
517 enumerator = this->listeners->create_enumerator(this->listeners);
518 while (enumerator->enumerate(enumerator, &listener))
519 {
520 if (listener->acquire &&
521 !listener->acquire(listener, reqid, src_ts, dst_ts))
522 {
523 this->listeners->remove_at(this->listeners, enumerator);
524 }
525 }
526 enumerator->destroy(enumerator);
527 this->mutex->unlock(this->mutex);
528 }
529
530 METHOD(kernel_interface_t, expire, void,
531 private_kernel_interface_t *this, u_int32_t reqid, u_int8_t protocol,
532 u_int32_t spi, bool hard)
533 {
534 kernel_listener_t *listener;
535 enumerator_t *enumerator;
536 this->mutex->lock(this->mutex);
537 enumerator = this->listeners->create_enumerator(this->listeners);
538 while (enumerator->enumerate(enumerator, &listener))
539 {
540 if (listener->expire &&
541 !listener->expire(listener, reqid, protocol, spi, hard))
542 {
543 this->listeners->remove_at(this->listeners, enumerator);
544 }
545 }
546 enumerator->destroy(enumerator);
547 this->mutex->unlock(this->mutex);
548 }
549
550 METHOD(kernel_interface_t, mapping, void,
551 private_kernel_interface_t *this, u_int32_t reqid, u_int32_t spi,
552 host_t *remote)
553 {
554 kernel_listener_t *listener;
555 enumerator_t *enumerator;
556 this->mutex->lock(this->mutex);
557 enumerator = this->listeners->create_enumerator(this->listeners);
558 while (enumerator->enumerate(enumerator, &listener))
559 {
560 if (listener->mapping &&
561 !listener->mapping(listener, reqid, spi, remote))
562 {
563 this->listeners->remove_at(this->listeners, enumerator);
564 }
565 }
566 enumerator->destroy(enumerator);
567 this->mutex->unlock(this->mutex);
568 }
569
570 METHOD(kernel_interface_t, migrate, void,
571 private_kernel_interface_t *this, u_int32_t reqid,
572 traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
573 policy_dir_t direction, host_t *local, host_t *remote)
574 {
575 kernel_listener_t *listener;
576 enumerator_t *enumerator;
577 this->mutex->lock(this->mutex);
578 enumerator = this->listeners->create_enumerator(this->listeners);
579 while (enumerator->enumerate(enumerator, &listener))
580 {
581 if (listener->migrate &&
582 !listener->migrate(listener, reqid, src_ts, dst_ts, direction,
583 local, remote))
584 {
585 this->listeners->remove_at(this->listeners, enumerator);
586 }
587 }
588 enumerator->destroy(enumerator);
589 this->mutex->unlock(this->mutex);
590 }
591
592 static bool call_roam(kernel_listener_t *listener, bool *roam)
593 {
594 return listener->roam && !listener->roam(listener, *roam);
595 }
596
597 METHOD(kernel_interface_t, roam, void,
598 private_kernel_interface_t *this, bool address)
599 {
600 this->mutex->lock(this->mutex);
601 this->listeners->remove(this->listeners, &address, (void*)call_roam);
602 this->mutex->unlock(this->mutex);
603 }
604
605 METHOD(kernel_interface_t, register_algorithm, void,
606 private_kernel_interface_t *this, u_int16_t alg_id, transform_type_t type,
607 u_int16_t kernel_id, char *kernel_name)
608 {
609 kernel_algorithm_t *algorithm;
610
611 INIT(algorithm,
612 .type = type,
613 .ike = alg_id,
614 .kernel = kernel_id,
615 .name = strdup(kernel_name),
616 );
617
618 this->mutex_algs->lock(this->mutex_algs);
619 this->algorithms->insert_first(this->algorithms, algorithm);
620 this->mutex_algs->unlock(this->mutex_algs);
621 }
622
623 METHOD(kernel_interface_t, lookup_algorithm, bool,
624 private_kernel_interface_t *this, u_int16_t alg_id, transform_type_t type,
625 u_int16_t *kernel_id, char **kernel_name)
626 {
627 kernel_algorithm_t *algorithm;
628 enumerator_t *enumerator;
629 bool found = FALSE;
630
631 this->mutex_algs->lock(this->mutex_algs);
632 enumerator = this->algorithms->create_enumerator(this->algorithms);
633 while (enumerator->enumerate(enumerator, &algorithm))
634 {
635 if (algorithm->type == type && algorithm->ike == alg_id)
636 {
637 if (kernel_id)
638 {
639 *kernel_id = algorithm->kernel;
640 }
641 if (kernel_name)
642 {
643 *kernel_name = algorithm->name;
644 }
645 found = TRUE;
646 break;
647 }
648 }
649 enumerator->destroy(enumerator);
650 this->mutex_algs->unlock(this->mutex_algs);
651 return found;
652 }
653
654 METHOD(kernel_interface_t, destroy, void,
655 private_kernel_interface_t *this)
656 {
657 kernel_algorithm_t *algorithm;
658
659 while (this->algorithms->remove_first(this->algorithms,
660 (void**)&algorithm) == SUCCESS)
661 {
662 free(algorithm->name);
663 free(algorithm);
664 }
665 this->algorithms->destroy(this->algorithms);
666 this->mutex_algs->destroy(this->mutex_algs);
667 DESTROY_IF(this->ipsec);
668 DESTROY_IF(this->net);
669 DESTROY_FUNCTION_IF(this->ifaces_filter, (void*)free);
670 this->listeners->destroy(this->listeners);
671 this->mutex->destroy(this->mutex);
672 free(this);
673 }
674
675 /*
676 * Described in header-file
677 */
678 kernel_interface_t *kernel_interface_create()
679 {
680 private_kernel_interface_t *this;
681 char *ifaces;
682
683 INIT(this,
684 .public = {
685 .get_spi = _get_spi,
686 .get_cpi = _get_cpi,
687 .add_sa = _add_sa,
688 .update_sa = _update_sa,
689 .query_sa = _query_sa,
690 .del_sa = _del_sa,
691 .flush_sas = _flush_sas,
692 .add_policy = _add_policy,
693 .query_policy = _query_policy,
694 .del_policy = _del_policy,
695 .flush_policies = _flush_policies,
696 .get_source_addr = _get_source_addr,
697 .get_nexthop = _get_nexthop,
698 .get_interface = _get_interface,
699 .create_address_enumerator = _create_address_enumerator,
700 .add_ip = _add_ip,
701 .del_ip = _del_ip,
702 .add_route = _add_route,
703 .del_route = _del_route,
704 .bypass_socket = _bypass_socket,
705 .enable_udp_decap = _enable_udp_decap,
706
707 .is_interface_usable = _is_interface_usable,
708 .all_interfaces_usable = _all_interfaces_usable,
709 .get_address_by_ts = _get_address_by_ts,
710 .add_ipsec_interface = _add_ipsec_interface,
711 .remove_ipsec_interface = _remove_ipsec_interface,
712 .add_net_interface = _add_net_interface,
713 .remove_net_interface = _remove_net_interface,
714
715 .add_listener = _add_listener,
716 .remove_listener = _remove_listener,
717 .register_algorithm = _register_algorithm,
718 .lookup_algorithm = _lookup_algorithm,
719 .acquire = _acquire,
720 .expire = _expire,
721 .mapping = _mapping,
722 .migrate = _migrate,
723 .roam = _roam,
724 .destroy = _destroy,
725 },
726 .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
727 .listeners = linked_list_create(),
728 .mutex_algs = mutex_create(MUTEX_TYPE_DEFAULT),
729 .algorithms = linked_list_create(),
730 );
731
732 ifaces = lib->settings->get_str(lib->settings,
733 "%s.interfaces_use", NULL, hydra->daemon);
734 if (!ifaces)
735 {
736 this->ifaces_exclude = TRUE;
737 ifaces = lib->settings->get_str(lib->settings,
738 "%s.interfaces_ignore", NULL, hydra->daemon);
739 }
740 if (ifaces)
741 {
742 enumerator_t *enumerator;
743 char *iface;
744
745 enumerator = enumerator_create_token(ifaces, ",", " ");
746 while (enumerator->enumerate(enumerator, &iface))
747 {
748 if (!this->ifaces_filter)
749 {
750 this->ifaces_filter = linked_list_create();
751 }
752 this->ifaces_filter->insert_last(this->ifaces_filter,
753 strdup(iface));
754 }
755 enumerator->destroy(enumerator);
756 }
757
758 return &this->public;
759 }
760