e54931ad5aaa8a17d424e367833c8e276e5e37f3
[strongswan.git] / src / starter / starterstroke.c
1 /* Stroke for charon is the counterpart to whack from pluto
2 * Copyright (C) 2006 Martin Willi - Hochschule fuer Technik Rapperswil
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 *
14 * RCSID $Id: starterstroke.c $
15 */
16
17 #include <sys/types.h>
18 #include <sys/socket.h>
19 #include <sys/un.h>
20 #include <linux/stddef.h>
21 #include <unistd.h>
22 #include <stdlib.h>
23 #include <errno.h>
24 #include <netinet/in.h>
25 #include <arpa/inet.h>
26
27 #include <freeswan.h>
28
29 #include <constants.h>
30 #include <defs.h>
31 #include <log.h>
32
33 #include <stroke.h>
34
35 #include "starterstroke.h"
36 #include "confread.h"
37 #include "files.h"
38
39 static char* push_string(stroke_msg_t *msg, char *string)
40 {
41 u_int string_start = msg->length;
42
43 if (string == NULL || msg->length + strlen(string) >= sizeof(stroke_msg_t))
44 {
45 return NULL;
46 }
47 else
48 {
49 msg->length += strlen(string) + 1;
50 strcpy((char*)msg + string_start, string);
51 return (char*)string_start;
52 }
53 }
54
55 static int send_stroke_msg (stroke_msg_t *msg)
56 {
57 struct sockaddr_un ctl_addr = { AF_UNIX, CHARON_CTL_FILE };
58 int byte_count;
59 char buffer[64];
60
61 int sock = socket(AF_UNIX, SOCK_STREAM, 0);
62
63 if (sock < 0)
64 {
65 plog("socket() failed: %s", strerror(errno));
66 return -1;
67 }
68 if (connect(sock, (struct sockaddr *)&ctl_addr, offsetof(struct sockaddr_un, sun_path) + strlen(ctl_addr.sun_path)) < 0)
69 {
70 plog("connect(charon_ctl) failed: %s", strerror(errno));
71 close(sock);
72 return -1;
73 }
74
75 /* send message */
76 if (write(sock, msg, msg->length) != msg->length)
77 {
78 plog("write(charon_ctl) failed: %s", strerror(errno));
79 close(sock);
80 return -1;
81 }
82 while ((byte_count = read(sock, buffer, sizeof(buffer)-1)) > 0)
83 {
84 buffer[byte_count] = '\0';
85 plog("%s", buffer);
86 }
87 if (byte_count < 0)
88 {
89 plog("read() failed: %s", strerror(errno));
90 }
91
92 close(sock);
93 return 0;
94 }
95
96 static char* connection_name(starter_conn_t *conn)
97 {
98 /* if connection name is '%auto', create a new name like conn_xxxxx */
99 static char buf[32];
100
101 if (streq(conn->name, "%auto"))
102 {
103 sprintf(buf, "conn_%ld", conn->id);
104 return buf;
105 }
106 return conn->name;
107 }
108
109 static void ip_address2string(ip_address *addr, char *buffer, size_t len)
110 {
111 switch (((struct sockaddr*)addr)->sa_family)
112 {
113 case AF_INET:
114 {
115 struct sockaddr_in* sin = (struct sockaddr_in*)addr;
116 if (inet_ntop(AF_INET, &sin->sin_addr, buffer, len))
117 {
118 return;
119 }
120 break;
121 }
122 case AF_INET6:
123 {
124 struct sockaddr_in6* sin6 = (struct sockaddr_in6*)addr;
125 if (inet_ntop(AF_INET6, &sin6->sin6_addr, buffer, len))
126 {
127 return;
128 }
129 break;
130 }
131 default:
132 break;
133 }
134 /* failed */
135 snprintf(buffer, len, "0.0.0.0");
136 }
137
138
139 static void starter_stroke_add_end(stroke_msg_t *msg, stroke_end_t *msg_end, starter_end_t *conn_end)
140 {
141 char buffer[INET6_ADDRSTRLEN];
142
143 msg_end->id = push_string(msg, conn_end->id);
144 msg_end->cert = push_string(msg, conn_end->cert);
145 msg_end->ca = push_string(msg, conn_end->ca);
146 msg_end->updown = push_string(msg, conn_end->updown);
147 ip_address2string(&conn_end->addr, buffer, sizeof(buffer));
148 msg_end->address = push_string(msg, buffer);
149 ip_address2string(&conn_end->subnet.addr, buffer, sizeof(buffer));
150 msg_end->subnet = push_string(msg, buffer);
151 msg_end->subnet_mask = conn_end->subnet.maskbits;
152 msg_end->sendcert = conn_end->sendcert;
153 msg_end->protocol = conn_end->protocol;
154 msg_end->port = conn_end->port;
155 }
156
157 int starter_stroke_add_conn(starter_conn_t *conn)
158 {
159 stroke_msg_t msg;
160
161 msg.type = STR_ADD_CONN;
162 msg.length = offsetof(stroke_msg_t, buffer);
163 msg.add_conn.ikev2 = conn->keyexchange == KEY_EXCHANGE_IKEV2;
164 msg.add_conn.name = push_string(&msg, connection_name(conn));
165 if (conn->policy & POLICY_DONT_REKEY)
166 {
167 msg.add_conn.rekey.ipsec_lifetime = 0;
168 msg.add_conn.rekey.ike_lifetime = 0;
169 msg.add_conn.rekey.margin = 0;
170 msg.add_conn.rekey.tries = 0;
171 msg.add_conn.rekey.fuzz = 0;
172 }
173 else
174 {
175 msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds;
176 msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds;
177 msg.add_conn.rekey.margin = conn->sa_rekey_margin;
178 msg.add_conn.rekey.tries = conn->sa_keying_tries;
179 msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz;
180 }
181 msg.add_conn.algorithms.ike = push_string(&msg, conn->ike);
182 msg.add_conn.algorithms.esp = push_string(&msg, conn->esp);
183 msg.add_conn.dpd.delay = conn->dpd_delay;
184 msg.add_conn.dpd.action = conn->dpd_action;
185
186 starter_stroke_add_end(&msg, &msg.add_conn.me, &conn->right);
187 starter_stroke_add_end(&msg, &msg.add_conn.other, &conn->left);
188
189 return send_stroke_msg(&msg);
190 }
191
192 int starter_stroke_del_conn(starter_conn_t *conn)
193 {
194 stroke_msg_t msg;
195
196 msg.type = STR_DEL_CONN;
197 msg.length = offsetof(stroke_msg_t, buffer);
198 msg.del_conn.name = push_string(&msg, connection_name(conn));
199 return send_stroke_msg(&msg);
200 }
201
202 int starter_stroke_route_conn(starter_conn_t *conn)
203 {
204 stroke_msg_t msg;
205
206 msg.type = STR_ROUTE;
207 msg.length = offsetof(stroke_msg_t, buffer);
208 msg.route.name = push_string(&msg, connection_name(conn));
209 return send_stroke_msg(&msg);
210 }
211
212 int starter_stroke_initiate_conn(starter_conn_t *conn)
213 {
214 stroke_msg_t msg;
215
216 msg.type = STR_INITIATE;
217 msg.length = offsetof(stroke_msg_t, buffer);
218 msg.initiate.name = push_string(&msg, connection_name(conn));
219 return send_stroke_msg(&msg);
220 }