capabilities: Some plugins don't actually require capabilities at runtime
[strongswan.git] / src / libcharon / plugins / stroke / stroke_plugin.c
index a239242..767bdc6 100644 (file)
@@ -42,10 +42,45 @@ METHOD(plugin_t, get_name, char*,
        return "stroke";
 }
 
        return "stroke";
 }
 
+/**
+ * Register stroke plugin features
+ */
+static bool register_stroke(private_stroke_plugin_t *this,
+                                                       plugin_feature_t *feature, bool reg, void *data)
+{
+       if (reg)
+       {
+               this->socket = stroke_socket_create();
+       }
+       else
+       {
+               DESTROY_IF(this->socket);
+       }
+       return TRUE;
+}
+
+METHOD(plugin_t, get_features, int,
+       private_stroke_plugin_t *this, plugin_feature_t *features[])
+{
+       static plugin_feature_t f[] = {
+               PLUGIN_CALLBACK((plugin_feature_callback_t)register_stroke, NULL),
+                       PLUGIN_PROVIDE(CUSTOM, "stroke"),
+                               PLUGIN_SDEPEND(PRIVKEY, KEY_RSA),
+                               PLUGIN_SDEPEND(PRIVKEY, KEY_ECDSA),
+                               PLUGIN_SDEPEND(PRIVKEY, KEY_DSA),
+                               PLUGIN_SDEPEND(CERT_DECODE, CERT_ANY),
+                               PLUGIN_SDEPEND(CERT_DECODE, CERT_X509),
+                               PLUGIN_SDEPEND(CERT_DECODE, CERT_X509_CRL),
+                               PLUGIN_SDEPEND(CERT_DECODE, CERT_X509_AC),
+                               PLUGIN_SDEPEND(CERT_DECODE, CERT_TRUSTED_PUBKEY),
+       };
+       *features = f;
+       return countof(f);
+}
+
 METHOD(plugin_t, destroy, void,
        private_stroke_plugin_t *this)
 {
 METHOD(plugin_t, destroy, void,
        private_stroke_plugin_t *this)
 {
-       this->socket->destroy(this->socket);
        free(this);
 }
 
        free(this);
 }
 
@@ -56,21 +91,23 @@ plugin_t *stroke_plugin_create()
 {
        private_stroke_plugin_t *this;
 
 {
        private_stroke_plugin_t *this;
 
+       if (!lib->caps->check(lib->caps, CAP_CHOWN))
+       {       /* required to chown(2) stroke socket */
+               DBG1(DBG_CFG, "stroke plugin requires CAP_CHOWN capability");
+               return NULL;
+       }
+
        INIT(this,
                .public = {
                        .plugin = {
                                .get_name = _get_name,
        INIT(this,
                .public = {
                        .plugin = {
                                .get_name = _get_name,
+                               .reload = (void*)return_false,
+                               .get_features = _get_features,
                                .destroy = _destroy,
                        },
                },
                                .destroy = _destroy,
                        },
                },
-               .socket = stroke_socket_create(),
        );
 
        );
 
-       if (this->socket == NULL)
-       {
-               free(this);
-               return NULL;
-       }
        return &this->public.plugin;
 }
 
        return &this->public.plugin;
 }