Added possibility to register custom proposal keywords
authorTobias Brunner <tobias@strongswan.org>
Thu, 13 Sep 2012 12:22:08 +0000 (14:22 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 13 Sep 2012 13:44:46 +0000 (15:44 +0200)
Keyword lookup and registration are handled via the new lib->proposal object.

scripts/crypt_burn.c
src/conftest/hooks/custom_proposal.c
src/libcharon/config/proposal.c
src/libstrongswan/crypto/proposal/proposal_keywords.c
src/libstrongswan/crypto/proposal/proposal_keywords.h
src/libstrongswan/crypto/transform.h
src/libstrongswan/library.c
src/libstrongswan/library.h
src/scepclient/scepclient.c

index c7990ed..449364a 100644 (file)
@@ -15,7 +15,6 @@
 
 #include <stdio.h>
 #include <library.h>
-#include <crypto/proposal/proposal_keywords.h>
 
 int main(int argc, char *argv[])
 {
@@ -47,7 +46,7 @@ int main(int argc, char *argv[])
                limit = atoi(argv[2]);
        }
 
-       token = proposal_get_token(argv[1]);
+       token = lib->proposal->get_token(lib->proposal, argv[1]);
        if (!token)
        {
                fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]);
index b09fe6e..38d4286 100644 (file)
@@ -19,7 +19,6 @@
 
 #include <encoding/payloads/sa_payload.h>
 #include <config/proposal.h>
-#include <crypto/proposal/proposal_keywords.h>
 
 typedef struct private_custom_proposal_t private_custom_proposal_t;
 
@@ -91,7 +90,7 @@ static linked_list_t* load_proposals(private_custom_proposal_t *this,
                        alg = strtoul(value, &end, 10);
                        if (end == value || errno)
                        {
-                               token = proposal_get_token(value);
+                               token = lib->proposal->get_token(lib->proposal, value);
                                if (!token)
                                {
                                        DBG1(DBG_CFG, "unknown algorithm: '%s', skipped", value);
index bf2bcd0..43b467f 100644 (file)
@@ -26,7 +26,6 @@
 #include <crypto/prfs/prf.h>
 #include <crypto/crypters/crypter.h>
 #include <crypto/signers/signer.h>
-#include <crypto/proposal/proposal_keywords.h>
 
 ENUM(protocol_id_names, PROTO_NONE, PROTO_IPCOMP,
        "PROTO_NONE",
@@ -562,8 +561,9 @@ static void check_proposal(private_proposal_t *this)
  */
 static bool add_string_algo(private_proposal_t *this, const char *alg)
 {
-       const proposal_token_t *token = proposal_get_token(alg);
+       const proposal_token_t *token;
 
+       token = lib->proposal->get_token(lib->proposal, alg);
        if (token == NULL)
        {
                DBG1(DBG_CFG, "algorithm '%s' not recognized", alg);
index bb6353d..7356dc3 100644 (file)
@@ -1,4 +1,19 @@
 /*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/*
  * Copyright (c) 2012 Nanoteq Pty Ltd
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
 #include "proposal_keywords.h"
 #include "proposal_keywords_static.h"
 
+#include <utils/linked_list.h>
+#include <threading/rwlock.h>
+
+typedef struct private_proposal_keywords_t private_proposal_keywords_t;
+
+struct private_proposal_keywords_t {
+
+       /**
+        * public interface
+        */
+       proposal_keywords_t public;
+
+       /**
+        * registered tokens, as proposal_token_t
+        */
+       linked_list_t * tokens;
+
+       /**
+        * rwlock to lock access to modules
+        */
+       rwlock_t *lock;
+};
+
+/**
+ * Find the token object for the algorithm specified.
+ */
+static const proposal_token_t* find_token(private_proposal_keywords_t *this,
+                                                                                 const char *str)
+{
+       proposal_token_t *token, *found = NULL;
+       enumerator_t *enumerator;
+
+       this->lock->read_lock(this->lock);
+       enumerator = this->tokens->create_enumerator(this->tokens);
+       while (enumerator->enumerate(enumerator, &token))
+       {
+               if (streq(token->name, str))
+               {
+                       found = token;
+                       break;
+               }
+       }
+       enumerator->destroy(enumerator);
+       this->lock->unlock(this->lock);
+       return found;
+}
+
+METHOD(proposal_keywords_t, get_token, const proposal_token_t*,
+       private_proposal_keywords_t *this, const char *str)
+{
+       const proposal_token_t *token = proposal_get_token_static(str, strlen(str));
+       return token ?: find_token(this, str);
+}
+
+METHOD(proposal_keywords_t, register_token, void,
+       private_proposal_keywords_t *this, const char *name, transform_type_t type,
+       u_int16_t algorithm, u_int16_t keysize)
+{
+       proposal_token_t *token;
+
+       INIT(token,
+               .name = strdup(name),
+               .type = type,
+               .algorithm = algorithm,
+               .keysize = keysize,
+       );
+
+       this->lock->write_lock(this->lock);
+       this->tokens->insert_first(this->tokens, token);
+       this->lock->unlock(this->lock);
+}
+
+METHOD(proposal_keywords_t, destroy, void,
+       private_proposal_keywords_t *this)
+{
+       proposal_token_t *token;
+
+       while (this->tokens->remove_first(this->tokens, (void**)&token) == SUCCESS)
+       {
+               free(token->name);
+               free(token);
+       }
+       this->tokens->destroy(this->tokens);
+       this->lock->destroy(this->lock);
+       free(this);
+}
+
 /*
- * see header file
+ * Described in header.
  */
-const proposal_token_t* proposal_get_token(const char *str)
+proposal_keywords_t *proposal_keywords_create()
 {
-       return proposal_get_token_static(str, strlen(str));
+       private_proposal_keywords_t *this;
+
+       INIT(this,
+               .public = {
+                       .get_token = _get_token,
+                       .register_token = _register_token,
+                       .destroy = _destroy,
+               },
+               .tokens = linked_list_create(),
+               .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
+       );
+
+       return &this->public;
 }
index ad9e82a..05f8958 100644 (file)
@@ -1,4 +1,19 @@
 /*
+ * Copyright (C) 2012 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/*
  * Copyright (c) 2012 Nanoteq Pty Ltd
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
 #ifndef PROPOSAL_KEYWORDS_H_
 #define PROPOSAL_KEYWORDS_H_
 
-#include <crypto/transform.h>
+typedef struct proposal_token_t proposal_token_t;
+typedef struct proposal_keywords_t proposal_keywords_t;
 
-typedef struct proposal_token proposal_token_t;
+#include <library.h>
+#include <crypto/transform.h>
 
 /**
  * Class representing a proposal token..
  */
-struct proposal_token {
+struct proposal_token_t {
 
        /**
         * The name of the token.
@@ -59,11 +76,40 @@ struct proposal_token {
 };
 
 /**
- * Returns a proposal token for the specified string if a token exists.
- *
- * @param str          the string containing the name of the token
- * @return                     proposal_tolen if found otherwise NULL
+ * Class to manage proposal keywords
+ */
+struct proposal_keywords_t {
+
+       /**
+        * Returns the proposal token for the specified string if a token exists.
+        *
+        * @param str           the string containing the name of the token
+        * @return                      proposal_token if found, NULL otherwise
+        */
+       const proposal_token_t *(*get_token)(proposal_keywords_t *this,
+                                                                                const char *str);
+
+       /**
+        * Register a new proposal token for an algorithm.
+        *
+        * @param name          the string containing the name of the token
+        * @param type          the transform_type_t for the token
+        * @param algorithm     the IKE id of the algorithm
+        * @param keysize       the key size associated with the specific algorithm
+        */
+       void (*register_token)(proposal_keywords_t *this, const char *name,
+                                                  transform_type_t type, u_int16_t algorithm,
+                                                  u_int16_t keysize);
+
+       /**
+        * Destroy a proposal_keywords_t instance.
+        */
+       void (*destroy)(proposal_keywords_t *this);
+};
+
+/**
+ * Create a proposal_keywords_t instance.
  */
-const proposal_token_t* proposal_get_token(const char *str);
+proposal_keywords_t *proposal_keywords_create();
 
 #endif /** PROPOSAL_KEYWORDS_H_ @}*/
index 1393c67..7469a37 100644 (file)
@@ -23,7 +23,7 @@
 
 typedef enum transform_type_t transform_type_t;
 
-#include <library.h>
+#include <enum.h>
 
 /**
  * Type of a transform, as in IKEv2 RFC 3.3.2.
index ed3f520..1179b46 100644 (file)
@@ -73,6 +73,7 @@ void library_deinit()
        this->public.creds->destroy(this->public.creds);
        this->public.encoding->destroy(this->public.encoding);
        this->public.crypto->destroy(this->public.crypto);
+       this->public.proposal->destroy(this->public.proposal);
        this->public.fetcher->destroy(this->public.fetcher);
        this->public.db->destroy(this->public.db);
        this->public.printf_hook->destroy(this->public.printf_hook);
@@ -182,6 +183,7 @@ bool library_init(char *settings)
        this->objects = hashtable_create((hashtable_hash_t)hash,
                                                                         (hashtable_equals_t)equals, 4);
        this->public.settings = settings_create(settings);
+       this->public.proposal = proposal_keywords_create();
        this->public.crypto = crypto_factory_create();
        this->public.creds = credential_factory_create();
        this->public.credmgr = credential_manager_create();
index 634128f..b79bd91 100644 (file)
@@ -82,6 +82,7 @@
 #include "processing/processor.h"
 #include "processing/scheduler.h"
 #include "crypto/crypto_factory.h"
+#include "crypto/proposal/proposal_keywords.h"
 #include "fetcher/fetcher_manager.h"
 #include "database/database_factory.h"
 #include "credentials/credential_factory.h"
@@ -120,6 +121,11 @@ struct library_t {
        printf_hook_t *printf_hook;
 
        /**
+        * Proposal keywords registry
+        */
+       proposal_keywords_t *proposal;
+
+       /**
         * crypto algorithm registry and factory
         */
        crypto_factory_t *crypto;
index 2444080..78b0d7e 100644 (file)
@@ -828,7 +828,7 @@ int main(int argc, char **argv)
 
                                if (strcaseeq("enc", type))
                                {
-                                       token = proposal_get_token(algo);
+                                       token = lib->proposal->get_token(lib->proposal, algo);
                                        if (token == NULL || token->type != ENCRYPTION_ALGORITHM)
                                        {
                                                usage("invalid algorithm specified");
@@ -846,7 +846,7 @@ int main(int argc, char **argv)
                                {
                                        hash_algorithm_t hash;
 
-                                       token = proposal_get_token(algo);
+                                       token = lib->proposal->get_token(lib->proposal, algo);
                                        if (token == NULL || token->type != INTEGRITY_ALGORITHM)
                                        {
                                                usage("invalid algorithm specified");