- started implementation of netlink kernel interface
authorMartin Willi <martin@strongswan.org>
Sun, 4 Dec 2005 19:05:52 +0000 (19:05 -0000)
committerMartin Willi <martin@strongswan.org>
Sun, 4 Dec 2005 19:05:52 +0000 (19:05 -0000)
Source/charon/network/host.c
Source/charon/network/host.h
Source/charon/sa/Makefile.sa
Source/charon/sa/child_sa.c [new file with mode: 0644]
Source/charon/sa/child_sa.h [new file with mode: 0644]
Source/charon/threads/Makefile.threads
Source/charon/threads/kernel_interface.c [new file with mode: 0644]
Source/charon/threads/kernel_interface.h [new file with mode: 0644]

index 7313aed..e09bfac 100644 (file)
@@ -49,8 +49,10 @@ struct private_host_t {
        /**
         * low-lewel structure, wich stores the address
         */
-       sockaddr_t address;
-       
+       union {
+               struct sockaddr address;
+               struct sockaddr_in address4;
+       };
        /**
         * length of address structure
         */
@@ -84,9 +86,8 @@ static bool is_default_route (private_host_t *this)
                case AF_INET: 
                {
                        static u_int8_t default_route[4] = {0x00,0x00,0x00,0x00};
-                       struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address);
                        
-                       if (memcmp(default_route,&(sin->sin_addr.s_addr),4) == 0)
+                       if (memcmp(default_route,&(this->address4.sin_addr.s_addr),4) == 0)
                        {
                                return TRUE;
                        }
@@ -110,9 +111,11 @@ static char *get_address(private_host_t *this)
                case AF_INET: 
                {
                        char *string;
-                       struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address);
+                       /* we need to clone it, since inet_ntoa overwrites 
+                        * internal buffer on subsequent calls
+                        */
                        allocator_free(this->string);
-                       string = inet_ntoa(sin->sin_addr);
+                       string = inet_ntoa(this->address4.sin_addr);
                        this->string = allocator_alloc(strlen(string)+1);
                        strcpy(this->string, string);
                        return this->string;
@@ -138,8 +141,7 @@ static chunk_t get_address_as_chunk(private_host_t *this)
                        /* allocate 4 bytes for IPV4 address*/
                        address.ptr = allocator_alloc(4);
                        address.len = 4;
-                       struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address);
-                       memcpy(address.ptr,&(sin->sin_addr.s_addr),4);
+                       memcpy(address.ptr,&(this->address4.sin_addr.s_addr),4);
                }
                default:
                {
@@ -147,7 +149,27 @@ static chunk_t get_address_as_chunk(private_host_t *this)
                        return address;
                }
        }
-       
+}
+
+static xfrm_address_t get_xfrm_addr(private_host_t *this)
+{
+       switch (this->family) 
+       {
+               case AF_INET: 
+               {
+                       return (xfrm_address_t)(this->address4.sin_addr.s_addr);
+               }
+               default:
+               {
+                       /* todo */
+                       return (xfrm_address_t)(this->address4.sin_addr.s_addr);
+               }
+       }
+}
+
+static int get_family(private_host_t *this)
+{
+       return this->family;    
 }
 
 /**
@@ -159,8 +181,7 @@ static u_int16_t get_port(private_host_t *this)
        {
                case AF_INET: 
                {
-                       struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address);
-                       return ntohs(sin->sin_port);
+                       return ntohs(this->address4.sin_port);
                }
                default:
                {
@@ -198,10 +219,8 @@ static bool ip_is_equal(private_host_t *this, private_host_t *other)
                /* IPv4 */
                case AF_INET:
                {
-                       struct sockaddr_in *sin1 = (struct sockaddr_in*)&(this->address);
-                       struct sockaddr_in *sin2 = (struct sockaddr_in*)&(other->address);
-                       if ((sin1->sin_family == sin2->sin_family) &&
-                               (sin1->sin_addr.s_addr == sin2->sin_addr.s_addr))
+                       if ((this->address4.sin_family == other->address4.sin_family) &&
+                               (this->address4.sin_addr.s_addr == other->address4.sin_addr.s_addr))
                        {
                                return TRUE;    
                        }
@@ -229,6 +248,8 @@ static private_host_t *host_create_empty()
        this->public.get_sockaddr = (sockaddr_t* (*) (host_t*))get_sockaddr;
        this->public.get_sockaddr_len = (socklen_t*(*) (host_t*))get_sockaddr_len;
        this->public.clone = (host_t* (*) (host_t*))clone;
+       this->public.get_family = (int (*) (host_t*))get_family;
+       this->public.get_xfrm_addr = (xfrm_address_t (*) (host_t *))get_xfrm_addr;
        this->public.get_address = (char* (*) (host_t *))get_address;
        this->public.get_address_as_chunk = (chunk_t (*) (host_t *)) get_address_as_chunk;
        this->public.get_port = (u_int16_t (*) (host_t *))get_port;
@@ -255,10 +276,9 @@ host_t *host_create(int family, char *address, u_int16_t port)
                /* IPv4 */
                case AF_INET:
                {
-                       struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address);
-                       sin->sin_family = AF_INET;
-                       sin->sin_addr.s_addr = inet_addr(address);
-                       sin->sin_port = htons(port);
+                       this->address4.sin_family = AF_INET;
+                       this->address4.sin_addr.s_addr = inet_addr(address);
+                       this->address4.sin_port = htons(port);
                        this->socklen = sizeof(struct sockaddr_in);
                        return &(this->public);
                }
@@ -280,22 +300,20 @@ host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port)
        private_host_t *this = host_create_empty();
        
        this->family = family;
-
-       if (address.len == 4)
+       switch (family)
        {
-               switch (family)
+               /* IPv4 */
+               case AF_INET:
                {
-                       /* IPv4 */
-                       case AF_INET:
+                       if (address.len != 4)
                        {
-                               struct sockaddr_in *sin = (struct sockaddr_in*)&(this->address);
-                               sin->sin_family = AF_INET;
-                               memcpy(&(sin->sin_addr.s_addr),address.ptr,4);
-                               sin->sin_port = htons(port);
-                               this->socklen = sizeof(struct sockaddr_in);
-                               return &(this->public);
+                               break;  
                        }
-                       
+                       this->address4.sin_family = AF_INET;
+                       memcpy(&(this->address4.sin_addr.s_addr),address.ptr,4);
+                       this->address4.sin_port = htons(port);
+                       this->socklen = sizeof(struct sockaddr_in);
+                       return &(this->public);
                }
        }
        allocator_free(this);
index b5223ef..5727452 100644 (file)
@@ -29,6 +29,7 @@
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
+#include <linux/xfrm.h>
 
 #include <types.h>
 
@@ -75,6 +76,16 @@ struct host_t {
         */
        socklen_t *(*get_sockaddr_len) (host_t *this);
        
+       /**
+        * @brief Gets the address as xfrm_address_t.
+        */
+       xfrm_address_t (*get_xfrm_addr) (host_t *this);
+       
+       /**
+        * @brief Gets the address as xfrm_address_t.
+        */
+       int (*get_family) (host_t *this);
+       
        /** 
         * @brief get the address of this host
         * 
index b22a58b..4c3e11b 100644 (file)
@@ -29,5 +29,9 @@ $(BUILD_DIR)ike_sa.o :                        $(SA_DIR)ike_sa.c $(SA_DIR)ike_sa.h
 OBJS+= $(BUILD_DIR)authenticator.o
 $(BUILD_DIR)authenticator.o :  $(SA_DIR)authenticator.c $(SA_DIR)authenticator.h
                                                                $(CC) $(CFLAGS) -c -o $@ $<
+                                                               
+OBJS+= $(BUILD_DIR)child_sa.o
+$(BUILD_DIR)child_sa.o :               $(SA_DIR)child_sa.c $(SA_DIR)child_sa.h
+                                                               $(CC) $(CFLAGS) -c -o $@ $<
 
 include $(SA_DIR)states/Makefile.states
\ No newline at end of file
diff --git a/Source/charon/sa/child_sa.c b/Source/charon/sa/child_sa.c
new file mode 100644 (file)
index 0000000..b0ba55d
--- /dev/null
@@ -0,0 +1,82 @@
+/**
+ * @file child_sa.c
+ *
+ * @brief Implementation of child_sa_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "child_sa.h"
+
+
+#include <utils/allocator.h>
+
+typedef struct private_child_sa_t private_child_sa_t;
+
+/**
+ * Private data of an child_sa_t object
+ */
+struct private_child_sa_t {
+       /**
+        * Public part of a child_sa object
+        */
+       child_sa_t public;
+       
+       /**
+        * type of this child sa, ESP or AH
+        */
+       protocol_id_t sa_type;
+       
+       
+};
+
+
+/**
+ * implements child_sa_t.clone.
+ */
+static u_int32_t get_spi(private_child_sa_t *this)
+{
+       return 0;
+}
+
+/**
+ * implements child_sa_t.clone.
+ */
+static void destroy(private_child_sa_t *this)
+{
+       allocator_free(this);
+}
+
+/*
+ * Described in Header-File
+ */
+child_sa_t * child_sa_create(protocol_id_t sa_type, prf_plus_t *prf_plus)
+{
+       private_child_sa_t *this = allocator_alloc_thing(private_child_sa_t);
+
+       /* Public functions */
+       this->public.get_spi = (u_int32_t(*)(child_sa_t*))get_spi;
+       this->public.destroy = (void(*)(child_sa_t*))destroy;
+
+       /* private data */
+       this->sa_type = sa_type;
+       
+
+       
+       
+       return (&this->public);
+}
diff --git a/Source/charon/sa/child_sa.h b/Source/charon/sa/child_sa.h
new file mode 100644 (file)
index 0000000..da8883c
--- /dev/null
@@ -0,0 +1,56 @@
+/**
+ * @file child_sa.h
+ *
+ * @brief Interface of child_sa_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+
+#ifndef CHILD_SA_H_
+#define CHILD_SA_H_
+
+#include <types.h>
+#include <transforms/prf_plus.h>
+#include <encoding/payloads/proposal_substructure.h>
+
+typedef struct child_sa_t child_sa_t;
+
+/**
+ * @brief 
+ * @ingroup sa
+ */
+struct child_sa_t {
+       
+       u_int32_t (*get_spi) (child_sa_t *this);
+
+       /**
+        * @brief Destroys a child_sa.
+        *
+        * @param this                          child_sa_t object
+        */
+       void (*destroy) (child_sa_t *this);
+};
+
+/**
+ * @brief 
+ * 
+ * @ingroup sa
+ */
+child_sa_t * child_sa_create(protocol_id_t protocol_id, prf_plus_t *prf_plus);
+
+#endif /*CHILD_SA_H_*/
index 4ed507a..8c18d40 100644 (file)
@@ -33,3 +33,7 @@ $(BUILD_DIR)thread_pool.o :           $(THREADS_DIR)thread_pool.c $(THREADS_DIR)thread_po
 OBJS+= $(BUILD_DIR)prime_pool.o
 $(BUILD_DIR)prime_pool.o :             $(THREADS_DIR)prime_pool.c $(THREADS_DIR)prime_pool.h
                                                                $(CC) $(CFLAGS) -c -o $@ $<
+                                                               
+OBJS+= $(BUILD_DIR)kernel_interface.o
+$(BUILD_DIR)kernel_interface.o :$(THREADS_DIR)kernel_interface.c $(THREADS_DIR)kernel_interface.h
+                                                               $(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/charon/threads/kernel_interface.c b/Source/charon/threads/kernel_interface.c
new file mode 100644 (file)
index 0000000..ffc8390
--- /dev/null
@@ -0,0 +1,279 @@
+/**
+ * @file kernel_interface.c
+ *
+ * @brief Implementation of kernel_interface_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <linux/netlink.h>
+#include <linux/xfrm.h>
+#include <pthread.h>
+
+#include "kernel_interface.h"
+
+#include <utils/allocator.h>
+#include <utils/linked_list.h>
+#include <network/host.h>
+#include <encoding/payloads/proposal_substructure.h>
+
+
+typedef struct netlink_message_t netlink_message_t;
+
+struct netlink_message_t {
+       
+       /**
+        * header of the netlink message 
+        */
+       struct nlmsghdr hdr;
+
+       union {
+               struct nlmsgerr e;
+               struct xfrm_userspi_info spi;                       
+               struct xfrm_usersa_info sa;
+       };
+       
+       u_int8_t data[];
+};
+
+
+typedef struct private_kernel_interface_t private_kernel_interface_t;
+
+ /**
+ * @brief Private Variables and Functions of kernel_interface class
+ *
+ */
+struct private_kernel_interface_t {
+       /**
+        * Public part of the kernel_interface_t object
+        */
+       kernel_interface_t public;
+       
+       /**
+        * netlink communication socket
+        */
+       int socket;
+       
+       /**
+        * since we use multiple threads, we can't call
+        * getpid multiple times. The pid is set once.
+        */
+       pid_t pid;
+       
+       /**
+        * sequence number for messages
+        */
+       u_int32_t seq;
+       
+       /** 
+        * list of replies messages
+        */
+       linked_list_t *replies;
+       
+       /**
+        * Function for the thread, receives messages
+        */
+       void (*receive_messages) (private_kernel_interface_t *this);
+       
+       /**
+        * Sends a netlink_message_t down to the kernel
+        */
+       void (*send_message) (private_kernel_interface_t *this, netlink_message_t *request, netlink_message_t *response);
+};
+
+
+//static u_int32_t get_spi(private_kernel_interface_t *this, host_t *src, host_t *dest, protocol_id_t protocol, bool tunnel_mode)
+//{
+//     netlink_message_t request, response;
+//     
+//    memset(&request, 0, sizeof(request));
+//    request.hdr.nlmsg_flags = NLM_F_REQUEST;
+//    request.hdr.nlmsg_type = XFRM_MSG_ALLOCSPI;
+//     request.spi.info.saddr = src->get_xfrm_addr(src);
+//     request.spi.info.id.daddr = dest->get_xfrm_addr(dest);
+//    request.spi.info.mode = tunnel_mode;
+//    request.spi.info.id.proto = protocol;
+//    request.spi.info.family = src->get_family(src);
+//    request.spi.min = 0;
+//    request.spi.max = 50000;
+//    request.hdr.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(request.spi)));
+//
+//    this->send_message(this, &request, &response);
+//
+//    if (response.hdr.nlmsg_type == NLMSG_ERROR)
+//    {
+//             /* error handling */
+//    }
+//    else if (response.hdr.nlmsg_len < NLMSG_LENGTH(sizeof(response.sa)))
+//    {
+//             /* error handling */
+//    }
+//
+//    return response.sa.id.spi;
+//}
+//
+//
+//
+//static status_t send_message(private_kernel_interface_t *this, netlink_message_t *request, netlink_message_t *response)
+//{
+//     size_t length;
+//     ssize_t r;
+//     
+//     length = request->hdr.nlmsg_len;
+//     
+//     
+//     
+//
+//
+//    size_t len;
+//    ssize_t r;
+//
+//
+//
+//    request->hdr.nlmsg_seq = ++this->seq;
+//     length = request->hdr.nlmsg_len;
+//     
+//    do {
+//             r = write(netlinkfd, hdr, len);
+//    } while (r < 0 && errno == EINTR);
+//    
+//    if (r < 0)
+//    {
+//             return FAILED;
+//    }
+//    else if ((size_t)r != len)
+//    {
+//             return FAILED;
+//    }
+//    
+//    
+//    /* wait for receiver thread */
+//
+//    return TRUE;
+//}
+//
+//
+//static void receive_messages(private_kernel_interface_t *this)
+//{
+//     while(TRUE) 
+//     {
+//             netlink_message_t *response;
+//             
+//             
+//             socklen_t addr_length;
+//     struct sockaddr_nl addr;
+//             size_t length;
+//
+//             addr_length = sizeof(addr);
+//             length = recvfrom(netlinkfd, &rsp, sizeof(rsp), 0, (struct sockaddr*)&addr, &addr_length);
+//             if (r < 0)
+//             {
+//                     if (errno == EINTR)
+//             {
+//                             continue;
+//             }
+//             return FAILED;
+//             }
+//             else if ((size_t) r < sizeof(rsp.n))
+//             {
+//                     /* not enought bytes for header */
+//                     continue;
+//             }
+//             else if (addr.nl_pid != 0)
+//             {
+//                     /* not interested */
+//                 continue;
+//             }
+//             else if (rsp.n.nlmsg_seq != seq)
+//             {
+//                 DBG(DBG_KLIPS,
+//                     DBG_log("netlink: ignoring out of sequence (%u/%u) message %s"
+//                         , rsp.n.nlmsg_seq, seq
+//                         , sparse_val_show(xfrm_type_names, rsp.n.nlmsg_type)));
+//                 continue;
+//             }
+//             break;
+//    }
+//
+//    if (rsp.n.nlmsg_len > (size_t) r)
+//    {
+//             return FALSE;
+//    }
+//    else if (rsp.n.nlmsg_type != NLMSG_ERROR
+//    && (rbuf && rsp.n.nlmsg_type != rbuf->nlmsg_type))
+//    {
+//     loglog(RC_LOG_SERIOUS
+//         , "netlink recvfrom() of response to our %s message"
+//           " for %s %s was of wrong type (%s)"
+//         , sparse_val_show(xfrm_type_names, hdr->nlmsg_type)
+//         , description, text_said
+//         , sparse_val_show(xfrm_type_names, rsp.n.nlmsg_type));
+//     return FALSE;
+//    }
+//    else if (rbuf)
+//    {
+//     if ((size_t) r > rbuf_len)
+//     {
+//         loglog(RC_LOG_SERIOUS
+//             , "netlink recvfrom() of response to our %s message"
+//               " for %s %s was too long: %ld > %lu"
+//             , sparse_val_show(xfrm_type_names, hdr->nlmsg_type)
+//             , description, text_said
+//             , (long)r, (unsigned long)rbuf_len);
+//         return FALSE;
+//     }
+//     memcpy(rbuf, &rsp, r);
+//     return TRUE;
+//    }
+//    else if (rsp.n.nlmsg_type == NLMSG_ERROR && rsp.e.error)
+//    {
+//     loglog(RC_LOG_SERIOUS
+//         , "ERROR: netlink response for %s %s included errno %d: %s"
+//         , description, text_said
+//         , -rsp.e.error
+//         , strerror(-rsp.e.error));
+//     return FALSE;
+//    }        
+//}
+
+
+
+ /**
+ * implements kernel_interface_t.destroy
+ */
+static void destroy (private_kernel_interface_t *this)
+{      
+       allocator_free(this);
+}
+
+/*
+ * Documented in header
+ */
+kernel_interface_t *kernel_interface_create()
+{
+       private_kernel_interface_t *this = allocator_alloc_thing(private_kernel_interface_t);
+       
+       /* public functions */
+       this->public.destroy = (void(*)(kernel_interface_t*)) destroy;
+
+       /* private members */
+       this->socket = socket(PF_NETLINK, SOCK_RAW, NETLINK_XFRM);
+       
+       return (&this->public);
+}
diff --git a/Source/charon/threads/kernel_interface.h b/Source/charon/threads/kernel_interface.h
new file mode 100644 (file)
index 0000000..3ade974
--- /dev/null
@@ -0,0 +1,54 @@
+/**
+ * @file kernel_interface.h
+ *
+ * @brief Interface of kernel_interface_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef KERNEL_INTERFACE_H_
+#define KERNEL_INTERFACE_H_
+
+
+
+typedef struct kernel_interface_t kernel_interface_t;
+
+/**
+ * @brief 
+ * 
+ * @ingroup threads
+ */
+struct kernel_interface_t {
+
+       /**
+        * @brief Destroys a kernel_interface object.
+        *
+        * Stopps the prime thread and destroys the pool.
+        *
+        * @param kernel_interface_t    calling object
+        */
+       void (*destroy) (kernel_interface_t *kernel_interface);
+};
+
+/**
+ * @brief 
+ * 
+ * @ingroup threads
+ */
+kernel_interface_t *kernel_interface_create();
+
+#endif /*KERNEL_INTERFACE_H_*/