src/libimcv/imcv.c

   1 /*
   2  * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
   3  *
   4  * This program is free software; you can redistribute it and/or modify it
   5  * under the terms of the GNU General Public License as published by the
   6  * Free Software Foundation; either version 2 of the License, or (at your
   7  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   8  *
   9  * This program is distributed in the hope that it will be useful, but
  10  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * for more details.
  13  */
  14
  15 #include "imcv.h"
  16 #include "ietf/ietf_attr.h"
  17 #include "ita/ita_attr.h"
  18
  19 #include <utils/debug.h>
  20 #include <utils/utils.h>
  21 #include <pen/pen.h>
  22
  23 #include <syslog.h>
  24
  25 #define IMCV_DEBUG_LEVEL                        1
  26 #define IMCV_DEFAULT_POLICY_SCRIPT      "ipsec _imv_policy"
  27
  28
  29 /**
  30  * PA-TNC attribute manager
  31  */
  32 pa_tnc_attr_manager_t *imcv_pa_tnc_attributes;
  33
  34 /**
  35  * Global IMV database
  36  */
  37 imv_database_t *imcv_db;
  38
  39 /**
  40  * Reference count for libimcv
  41  */
  42 static refcount_t libimcv_ref = 0;
  43
  44 /**
  45  * Reference count for libstrongswan
  46  */
  47 static refcount_t libstrongswan_ref = 0;
  48
  49 /**
  50  * Global configuration of imcv dbg function
  51  */
  52 static int  imcv_debug_level;
  53 static bool imcv_stderr_quiet;
  54
  55 /**
  56  * imvc dbg function
  57  */
  58 static void imcv_dbg(debug_t group, level_t level, char *fmt, ...)
  59 {
  60         int priority = LOG_INFO;
  61         char buffer[8192];
  62         char *current = buffer, *next;
  63         va_list args;
  64
  65         if (level <= imcv_debug_level)
  66         {
  67                 if (!imcv_stderr_quiet)
  68                 {
  69                         va_start(args, fmt);
  70                         fprintf(stderr, "[HSR] ");
  71                         vfprintf(stderr, fmt, args);
  72                         fprintf(stderr, "\n");
  73                         va_end(args);
  74                 }
  75
  76                 /* write in memory buffer first */
  77                 va_start(args, fmt);
  78                 vsnprintf(buffer, sizeof(buffer), fmt, args);
  79                 va_end(args);
  80
  81                 /* do a syslog with every line */
  82                 while (current)
  83                 {
  84                         next = strchr(current, '\n');
  85                         if (next)
  86                         {
  87                                 *(next++) = '\0';
  88                         }
  89                         syslog(priority, "[HSR] %s\n", current);
  90                         current = next;
  91                 }
  92         }
  93 }
  94
  95 /**
  96  * Described in header.
  97  */
  98 bool libimcv_init(bool is_imv)
  99 {
 100         /* initialize libstrongswan library only once */
 101         if (lib)
 102         {
 103                 /* did main program initialize libstrongswan? */
 104                 if (libstrongswan_ref == 0)
 105                 {
 106                         ref_get(&libstrongswan_ref);
 107                 }
 108         }
 109         else
 110         {
 111                 /* we are the first to initialize libstrongswan */
 112                 if (!library_init(NULL, "libimcv"))
 113                 {
 114                         return FALSE;
 115                 }
 116
 117                 /* set the debug level and stderr output */
 118                 imcv_debug_level =  lib->settings->get_int(lib->settings,
 119                                                                         "libimcv.debug_level", IMCV_DEBUG_LEVEL);
 120                 imcv_stderr_quiet = lib->settings->get_int(lib->settings,
 121                                                                         "libimcv.stderr_quiet", FALSE);
 122
 123                 /* activate the imcv debugging hook */
 124                 dbg = imcv_dbg;
 125                 openlog("imcv", 0, LOG_DAEMON);
 126
 127                 if (!lib->plugins->load(lib->plugins,
 128                                 lib->settings->get_str(lib->settings, "libimcv.load",
 129                                         "random nonce gmp pubkey x509")))
 130                 {
 131                         library_deinit();
 132                         return FALSE;
 133                 }
 134         }
 135         ref_get(&libstrongswan_ref);
 136
 137         if (libimcv_ref == 0)
 138         {
 139                 char *uri, *script;
 140
 141                 /* initialize the PA-TNC attribute manager */
 142                 imcv_pa_tnc_attributes = pa_tnc_attr_manager_create();
 143                 imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_IETF,
 144                                                         ietf_attr_create_from_data, ietf_attr_names);
 145                 imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_ITA,
 146                                                         ita_attr_create_from_data, ita_attr_names);
 147
 148                 /* attach global IMV database */
 149                 if (is_imv)
 150                 {
 151                         uri = lib->settings->get_str(lib->settings,
 152                                                 "libimcv.database", NULL);
 153                         script = lib->settings->get_str(lib->settings,
 154                                                 "libimcv.policy_script", IMCV_DEFAULT_POLICY_SCRIPT);
 155                         if (uri)
 156                         {
 157                                 imcv_db = imv_database_create(uri, script);
 158                         }
 159                 }
 160                 DBG1(DBG_LIB, "libimcv initialized");
 161         }
 162         ref_get(&libimcv_ref);
 163
 164         return TRUE;
 165 }
 166
 167 /**
 168  * Described in header.
 169  */
 170 void libimcv_deinit(void)
 171 {
 172         if (ref_put(&libimcv_ref))
 173         {
 174                 imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_IETF);
 175                 imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_ITA);
 176                 DESTROY_IF(imcv_pa_tnc_attributes);
 177                 imcv_pa_tnc_attributes = NULL;
 178                 DESTROY_IF(imcv_db);
 179                 DBG1(DBG_LIB, "libimcv terminated");
 180         }
 181         if (ref_put(&libstrongswan_ref))
 182         {
 183                 library_deinit();
 184         }
 185 }
 186