Add a lookip listener that collects the information we are interested in
authorMartin Willi <martin@revosec.ch>
Wed, 3 Oct 2012 14:58:37 +0000 (16:58 +0200)
committerMartin Willi <martin@revosec.ch>
Wed, 24 Oct 2012 09:43:34 +0000 (11:43 +0200)
src/libcharon/plugins/lookip/Makefile.am
src/libcharon/plugins/lookip/lookip_listener.c [new file with mode: 0644]
src/libcharon/plugins/lookip/lookip_listener.h [new file with mode: 0644]
src/libcharon/plugins/lookip/lookip_plugin.c

index 00d2192..dfaa779 100644 (file)
@@ -8,6 +8,7 @@ else
 plugin_LTLIBRARIES = libstrongswan-lookip.la
 endif
 
-libstrongswan_lookip_la_SOURCES = lookip_plugin.h lookip_plugin.c
+libstrongswan_lookip_la_SOURCES = lookip_plugin.h lookip_plugin.c \
+       lookip_listener.h lookip_listener.c
 
 libstrongswan_lookip_la_LDFLAGS = -module -avoid-version
diff --git a/src/libcharon/plugins/lookip/lookip_listener.c b/src/libcharon/plugins/lookip/lookip_listener.c
new file mode 100644 (file)
index 0000000..c1cdf5e
--- /dev/null
@@ -0,0 +1,204 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "lookip_listener.h"
+
+#include <daemon.h>
+#include <utils/hashtable.h>
+#include <threading/rwlock.h>
+
+typedef struct private_lookip_listener_t private_lookip_listener_t;
+
+/**
+ * Private data of an lookip_listener_t object.
+ */
+struct private_lookip_listener_t {
+
+       /**
+        * Public lookip_listener_t interface.
+        */
+       lookip_listener_t public;
+
+       /**
+        * Lock for hashtable
+        */
+       rwlock_t *lock;
+
+       /**
+        * Hashtable with entries: host_t => entry_t
+        */
+       hashtable_t *entries;
+};
+
+/**
+ * Hashtable entry
+ */
+typedef struct {
+       /** virtual IP, serves as lookup key */
+       host_t *vip;
+       /** peers external address */
+       host_t *other;
+       /** peer (EAP-)Identity */
+       identification_t *id;
+       /** associated connection name */
+       char *name;
+} entry_t;
+
+/**
+ * Destroy a hashtable entry
+ */
+static void entry_destroy(entry_t *entry)
+{
+       entry->vip->destroy(entry->vip);
+       entry->other->destroy(entry->other);
+       entry->id->destroy(entry->id);
+       free(entry->name);
+       free(entry);
+}
+
+/**
+ * Hashtable hash function
+ */
+static u_int hash(host_t *key)
+{
+       return chunk_hash(key->get_address(key));
+}
+
+/**
+ * Hashtable equals function
+ */
+static bool equals(host_t *a, host_t *b)
+{
+       return a->ip_equals(a, b);
+}
+
+/**
+ * Add a new entry to the hashtable
+ */
+static void add_entry(private_lookip_listener_t *this, ike_sa_t *ike_sa)
+{
+       enumerator_t *enumerator;
+       host_t *vip, *other;
+       identification_t *id;
+       entry_t *entry;
+
+       enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, FALSE);
+       while (enumerator->enumerate(enumerator, &vip))
+       {
+               other = ike_sa->get_other_host(ike_sa);
+               id = ike_sa->get_other_eap_id(ike_sa);
+
+               INIT(entry,
+                       .vip = vip->clone(vip),
+                       .other = other->clone(other),
+                       .id = id->clone(id),
+                       .name = strdup(ike_sa->get_name(ike_sa)),
+               );
+
+               this->lock->write_lock(this->lock);
+               entry = this->entries->put(this->entries, entry->vip, entry);
+               this->lock->unlock(this->lock);
+               if (entry)
+               {
+                       entry_destroy(entry);
+               }
+       }
+       enumerator->destroy(enumerator);
+}
+
+/**
+ * Remove an entry from the hashtable
+ */
+static void remove_entry(private_lookip_listener_t *this, ike_sa_t *ike_sa)
+{
+       enumerator_t *enumerator;
+       host_t *vip;
+       entry_t *entry;
+
+       enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, FALSE);
+       while (enumerator->enumerate(enumerator, &vip))
+       {
+               this->lock->write_lock(this->lock);
+               entry = this->entries->remove(this->entries, vip);
+               this->lock->unlock(this->lock);
+               if (entry)
+               {
+                       entry_destroy(entry);
+               }
+       }
+       enumerator->destroy(enumerator);
+}
+
+METHOD(listener_t, message_hook, bool,
+       private_lookip_listener_t *this, ike_sa_t *ike_sa,
+       message_t *message, bool incoming, bool plain)
+{
+       if (plain && ike_sa->get_state(ike_sa) == IKE_ESTABLISHED &&
+               !incoming && !message->get_request(message))
+       {
+               if (ike_sa->get_version(ike_sa) == IKEV1 &&
+                       message->get_exchange_type(message) == TRANSACTION)
+               {
+                       add_entry(this, ike_sa);
+               }
+               if (ike_sa->get_version(ike_sa) == IKEV2 &&
+                       message->get_exchange_type(message) == IKE_AUTH)
+               {
+                       add_entry(this, ike_sa);
+               }
+       }
+       return TRUE;
+}
+
+METHOD(listener_t, ike_updown, bool,
+       private_lookip_listener_t *this, ike_sa_t *ike_sa, bool up)
+{
+       if (!up)
+       {
+               remove_entry(this, ike_sa);
+       }
+       return TRUE;
+}
+
+METHOD(lookip_listener_t, destroy, void,
+       private_lookip_listener_t *this)
+{
+       this->entries->destroy(this->entries);
+       this->lock->destroy(this->lock);
+       free(this);
+}
+
+/**
+ * See header
+ */
+lookip_listener_t *lookip_listener_create()
+{
+       private_lookip_listener_t *this;
+
+       INIT(this,
+               .public = {
+                       .listener = {
+                               .message = _message_hook,
+                               .ike_updown = _ike_updown,
+                       },
+                       .destroy = _destroy,
+               },
+               .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
+               .entries = hashtable_create((hashtable_hash_t)hash,
+                                                                       (hashtable_equals_t)equals, 32),
+       );
+
+       return &this->public;
+}
diff --git a/src/libcharon/plugins/lookip/lookip_listener.h b/src/libcharon/plugins/lookip/lookip_listener.h
new file mode 100644 (file)
index 0000000..daf979e
--- /dev/null
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2012 Martin Willi
+ * Copyright (C) 2012 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup lookip_listener lookip_listener
+ * @{ @ingroup lookip
+ */
+
+#ifndef LOOKIP_LISTENER_H_
+#define LOOKIP_LISTENER_H_
+
+#include <bus/listeners/listener.h>
+
+typedef struct lookip_listener_t lookip_listener_t;
+
+/**
+ * Listener collecting virtual IPs.
+ */
+struct lookip_listener_t {
+
+       /**
+        * Implements listener_t interface.
+        */
+       listener_t listener;
+
+       /**
+        * Destroy a lookip_listener_t.
+        */
+       void (*destroy)(lookip_listener_t *this);
+};
+
+/**
+ * Create a lookip_listener instance.
+ */
+lookip_listener_t *lookip_listener_create();
+
+#endif /** LOOKIP_LISTENER_H_ @}*/
index 5d8c698..73fa609 100644 (file)
@@ -15,6 +15,8 @@
 
 #include "lookip_plugin.h"
 
+#include "lookip_listener.h"
+
 #include <daemon.h>
 
 typedef struct private_lookip_plugin_t private_lookip_plugin_t;
@@ -28,6 +30,11 @@ struct private_lookip_plugin_t {
         * implements plugin interface
         */
        lookip_plugin_t public;
+
+       /**
+        * Listener collecting virtual IP assignements
+        */
+       lookip_listener_t *listener;
 };
 
 METHOD(plugin_t, get_name, char*,
@@ -39,6 +46,8 @@ METHOD(plugin_t, get_name, char*,
 METHOD(plugin_t, destroy, void,
        private_lookip_plugin_t *this)
 {
+       charon->bus->remove_listener(charon->bus, &this->listener->listener);
+       this->listener->destroy(this->listener);
        free(this);
 }
 
@@ -57,7 +66,10 @@ plugin_t *lookip_plugin_create()
                                .destroy = _destroy,
                        },
                },
+               .listener = lookip_listener_create(),
        );
 
+       charon->bus->add_listener(charon->bus, &this->listener->listener);
+
        return &this->public.plugin;
 }