resolve: Move plugin back to libcharon
authorMartin Willi <martin@revosec.ch>
Tue, 4 Nov 2014 13:13:34 +0000 (14:13 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 20 Feb 2015 12:34:54 +0000 (13:34 +0100)
Since pluto is gone, all existing users build upon libcharon.

13 files changed:
configure.ac
src/libcharon/Makefile.am
src/libcharon/plugins/resolve/Makefile.am [new file with mode: 0644]
src/libcharon/plugins/resolve/resolve_handler.c [new file with mode: 0644]
src/libcharon/plugins/resolve/resolve_handler.h [new file with mode: 0644]
src/libcharon/plugins/resolve/resolve_plugin.c [new file with mode: 0644]
src/libcharon/plugins/resolve/resolve_plugin.h [new file with mode: 0644]
src/libhydra/Makefile.am
src/libhydra/plugins/resolve/Makefile.am [deleted file]
src/libhydra/plugins/resolve/resolve_handler.c [deleted file]
src/libhydra/plugins/resolve/resolve_handler.h [deleted file]
src/libhydra/plugins/resolve/resolve_plugin.c [deleted file]
src/libhydra/plugins/resolve/resolve_plugin.h [deleted file]

index f9b2350..9d55b39 100644 (file)
@@ -1265,7 +1265,7 @@ ADD_PLUGIN([kernel-iph],           [c charon])
 ADD_PLUGIN([kernel-pfkey],         [h charon starter nm cmd])
 ADD_PLUGIN([kernel-pfroute],       [h charon starter nm cmd])
 ADD_PLUGIN([kernel-netlink],       [h charon starter nm cmd])
-ADD_PLUGIN([resolve],              [h charon cmd])
+ADD_PLUGIN([resolve],              [c charon cmd])
 ADD_PLUGIN([socket-default],       [c charon nm cmd])
 ADD_PLUGIN([socket-dynamic],       [c charon cmd])
 ADD_PLUGIN([socket-win],           [c charon])
@@ -1481,6 +1481,7 @@ AM_CONDITIONAL(USE_SOCKET_WIN, test x$socket_win = xtrue)
 AM_CONDITIONAL(USE_FARP, test x$farp = xtrue)
 AM_CONDITIONAL(USE_ADDRBLOCK, test x$addrblock = xtrue)
 AM_CONDITIONAL(USE_UNITY, test x$unity = xtrue)
+AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
 
 #  hydra plugins
 # ---------------
@@ -1489,7 +1490,6 @@ AM_CONDITIONAL(USE_ATTR_SQL, test x$attr_sql = xtrue)
 AM_CONDITIONAL(USE_KERNEL_NETLINK, test x$kernel_netlink = xtrue)
 AM_CONDITIONAL(USE_KERNEL_PFKEY, test x$kernel_pfkey = xtrue)
 AM_CONDITIONAL(USE_KERNEL_PFROUTE, test x$kernel_pfroute = xtrue)
-AM_CONDITIONAL(USE_RESOLVE, test x$resolve = xtrue)
 
 #  other options
 # ---------------
@@ -1654,7 +1654,6 @@ AC_CONFIG_FILES([
        src/libhydra/plugins/kernel_netlink/Makefile
        src/libhydra/plugins/kernel_pfkey/Makefile
        src/libhydra/plugins/kernel_pfroute/Makefile
-       src/libhydra/plugins/resolve/Makefile
        src/libhydra/tests/Makefile
        src/libipsec/Makefile
        src/libsimaka/Makefile
@@ -1750,6 +1749,7 @@ AC_CONFIG_FILES([
        src/libcharon/plugins/dhcp/Makefile
        src/libcharon/plugins/unit_tester/Makefile
        src/libcharon/plugins/load_tester/Makefile
+       src/libcharon/plugins/resolve/Makefile
        src/stroke/Makefile
        src/ipsec/Makefile
        src/starter/Makefile
index e666950..7f7e321 100644 (file)
@@ -630,3 +630,10 @@ if MONOLITHIC
   libcharon_la_LIBADD += plugins/xauth_noauth/libstrongswan-xauth-noauth.la
 endif
 endif
+
+if USE_RESOLVE
+  SUBDIRS += plugins/resolve
+if MONOLITHIC
+  libcharon_la_LIBADD += plugins/resolve/libstrongswan-resolve.la
+endif
+endif
diff --git a/src/libcharon/plugins/resolve/Makefile.am b/src/libcharon/plugins/resolve/Makefile.am
new file mode 100644 (file)
index 0000000..9cfc370
--- /dev/null
@@ -0,0 +1,20 @@
+AM_CPPFLAGS = \
+       -I$(top_srcdir)/src/libstrongswan \
+       -I$(top_srcdir)/src/libhydra \
+       -I$(top_srcdir)/src/libcharon \
+       -DRESOLV_CONF=\"${resolv_conf}\"
+
+AM_CFLAGS = \
+       $(PLUGIN_CFLAGS)
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-resolve.la
+else
+plugin_LTLIBRARIES = libstrongswan-resolve.la
+endif
+
+libstrongswan_resolve_la_SOURCES = \
+       resolve_plugin.h resolve_plugin.c \
+       resolve_handler.h resolve_handler.c
+
+libstrongswan_resolve_la_LDFLAGS = -module -avoid-version
diff --git a/src/libcharon/plugins/resolve/resolve_handler.c b/src/libcharon/plugins/resolve/resolve_handler.c
new file mode 100644 (file)
index 0000000..1242ca6
--- /dev/null
@@ -0,0 +1,376 @@
+/*
+ * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "resolve_handler.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+#include <hydra.h>
+#include <utils/debug.h>
+#include <threading/mutex.h>
+
+/* path to resolvconf executable */
+#define RESOLVCONF_EXEC "/sbin/resolvconf"
+
+/* default prefix used for resolvconf interfaces (should have high prio) */
+#define RESOLVCONF_PREFIX "lo.inet.ipsec."
+
+typedef struct private_resolve_handler_t private_resolve_handler_t;
+
+/**
+ * Private data of an resolve_handler_t object.
+ */
+struct private_resolve_handler_t {
+
+       /**
+        * Public resolve_handler_t interface.
+        */
+       resolve_handler_t public;
+
+       /**
+        * resolv.conf file to use
+        */
+       char *file;
+
+       /**
+        * use resolvconf instead of writing directly to resolv.conf
+        */
+       bool use_resolvconf;
+
+       /**
+        * prefix to be used for interface names sent to resolvconf
+        */
+       char *iface_prefix;
+
+       /**
+        * Mutex to access file exclusively
+        */
+       mutex_t *mutex;
+};
+
+/**
+ * Writes the given nameserver to resolv.conf
+ */
+static bool write_nameserver(private_resolve_handler_t *this,
+                                                        identification_t *server, host_t *addr)
+{
+       FILE *in, *out;
+       char buf[1024];
+       size_t len;
+       bool handled = FALSE;
+
+       in = fopen(this->file, "r");
+       /* allows us to stream from in to out */
+       unlink(this->file);
+       out = fopen(this->file, "w");
+       if (out)
+       {
+               fprintf(out, "nameserver %H   # by strongSwan, from %Y\n", addr,
+                               server);
+               DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file);
+               handled = TRUE;
+
+               /* copy rest of the file */
+               if (in)
+               {
+                       while ((len = fread(buf, 1, sizeof(buf), in)))
+                       {
+                               ignore_result(fwrite(buf, 1, len, out));
+                       }
+               }
+               fclose(out);
+       }
+       if (in)
+       {
+               fclose(in);
+       }
+       return handled;
+}
+
+/**
+ * Removes the given nameserver from resolv.conf
+ */
+static void remove_nameserver(private_resolve_handler_t *this,
+                                                         identification_t *server, host_t *addr)
+{
+       FILE *in, *out;
+       char line[1024], matcher[512];
+
+       in = fopen(this->file, "r");
+       if (in)
+       {
+               /* allows us to stream from in to out */
+               unlink(this->file);
+               out = fopen(this->file, "w");
+               if (out)
+               {
+                       snprintf(matcher, sizeof(matcher),
+                                        "nameserver %H   # by strongSwan, from %Y\n",
+                                        addr, server);
+
+                       /* copy all, but matching line */
+                       while (fgets(line, sizeof(line), in))
+                       {
+                               if (strpfx(line, matcher))
+                               {
+                                       DBG1(DBG_IKE, "removing DNS server %H from %s",
+                                                addr, this->file);
+                               }
+                               else
+                               {
+                                       fputs(line, out);
+                               }
+                       }
+                       fclose(out);
+               }
+               fclose(in);
+       }
+}
+
+/**
+ * Add or remove the given nameserver by invoking resolvconf.
+ */
+static bool invoke_resolvconf(private_resolve_handler_t *this,
+                                                         identification_t *server, host_t *addr,
+                                                         bool install)
+{
+       char cmd[128];
+       bool success = TRUE;
+
+       /* we use the nameserver's IP address as part of the interface name to
+        * make them unique */
+       if (snprintf(cmd, sizeof(cmd), "%s %s %s%H", RESOLVCONF_EXEC,
+                               install ? "-a" : "-d", this->iface_prefix, addr) >= sizeof(cmd))
+       {
+               return FALSE;
+       }
+
+       if (install)
+       {
+               FILE *out;
+
+               out = popen(cmd, "w");
+               if (!out)
+               {
+                       return FALSE;
+               }
+               DBG1(DBG_IKE, "installing DNS server %H via resolvconf", addr);
+               fprintf(out, "nameserver %H\n", addr);
+               success = !ferror(out);
+               if (pclose(out))
+               {
+                       return FALSE;
+               }
+       }
+       else
+       {
+               ignore_result(system(cmd));
+       }
+       return success;
+}
+
+METHOD(attribute_handler_t, handle, bool,
+       private_resolve_handler_t *this, identification_t *server,
+       configuration_attribute_type_t type, chunk_t data)
+{
+       host_t *addr;
+       bool handled;
+
+       switch (type)
+       {
+               case INTERNAL_IP4_DNS:
+                       addr = host_create_from_chunk(AF_INET, data, 0);
+                       break;
+               case INTERNAL_IP6_DNS:
+                       addr = host_create_from_chunk(AF_INET6, data, 0);
+                       break;
+               default:
+                       return FALSE;
+       }
+
+       if (!addr || addr->is_anyaddr(addr))
+       {
+               DESTROY_IF(addr);
+               return FALSE;
+       }
+
+       this->mutex->lock(this->mutex);
+       if (this->use_resolvconf)
+       {
+               handled = invoke_resolvconf(this, server, addr, TRUE);
+       }
+       else
+       {
+               handled = write_nameserver(this, server, addr);
+       }
+       this->mutex->unlock(this->mutex);
+       addr->destroy(addr);
+
+       if (!handled)
+       {
+               DBG1(DBG_IKE, "adding DNS server failed");
+       }
+       return handled;
+}
+
+METHOD(attribute_handler_t, release, void,
+       private_resolve_handler_t *this, identification_t *server,
+       configuration_attribute_type_t type, chunk_t data)
+{
+       host_t *addr;
+       int family;
+
+       switch (type)
+       {
+               case INTERNAL_IP4_DNS:
+                       family = AF_INET;
+                       break;
+               case INTERNAL_IP6_DNS:
+                       family = AF_INET6;
+                       break;
+               default:
+                       return;
+       }
+       addr = host_create_from_chunk(family, data, 0);
+
+       this->mutex->lock(this->mutex);
+       if (this->use_resolvconf)
+       {
+               invoke_resolvconf(this, server, addr, FALSE);
+       }
+       else
+       {
+               remove_nameserver(this, server, addr);
+       }
+       this->mutex->unlock(this->mutex);
+
+       addr->destroy(addr);
+}
+
+/**
+ * Attribute enumerator implementation
+ */
+typedef struct {
+       /** implements enumerator_t interface */
+       enumerator_t public;
+       /** request IPv4 DNS? */
+       bool v4;
+       /** request IPv6 DNS? */
+       bool v6;
+} attribute_enumerator_t;
+
+static bool attribute_enumerate(attribute_enumerator_t *this,
+                                                               configuration_attribute_type_t *type,
+                                                               chunk_t *data)
+{
+       if (this->v4)
+       {
+               *type = INTERNAL_IP4_DNS;
+               *data = chunk_empty;
+               this->v4 = FALSE;
+               return TRUE;
+       }
+       if (this->v6)
+       {
+               *type = INTERNAL_IP6_DNS;
+               *data = chunk_empty;
+               this->v6 = FALSE;
+               return TRUE;
+       }
+       return FALSE;
+}
+
+/**
+ * Check if a list has a host of given family
+ */
+static bool has_host_family(linked_list_t *list, int family)
+{
+       enumerator_t *enumerator;
+       host_t *host;
+       bool found = FALSE;
+
+       enumerator = list->create_enumerator(list);
+       while (enumerator->enumerate(enumerator, &host))
+       {
+               if (host->get_family(host) == family)
+               {
+                       found = TRUE;
+                       break;
+               }
+       }
+       enumerator->destroy(enumerator);
+
+       return found;
+}
+
+METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
+       private_resolve_handler_t *this, identification_t *server,
+       linked_list_t *vips)
+{
+       attribute_enumerator_t *enumerator;
+
+       INIT(enumerator,
+               .public = {
+                       .enumerate = (void*)attribute_enumerate,
+                       .destroy = (void*)free,
+               },
+               .v4 = has_host_family(vips, AF_INET),
+               .v6 = has_host_family(vips, AF_INET6),
+       );
+       return &enumerator->public;
+}
+
+METHOD(resolve_handler_t, destroy, void,
+       private_resolve_handler_t *this)
+{
+       this->mutex->destroy(this->mutex);
+       free(this);
+}
+
+/**
+ * See header
+ */
+resolve_handler_t *resolve_handler_create()
+{
+       private_resolve_handler_t *this;
+       struct stat st;
+
+       INIT(this,
+               .public = {
+                       .handler = {
+                               .handle = _handle,
+                               .release = _release,
+                               .create_attribute_enumerator = _create_attribute_enumerator,
+                       },
+                       .destroy = _destroy,
+               },
+               .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+               .file = lib->settings->get_str(lib->settings, "%s.plugins.resolve.file",
+                                                                          RESOLV_CONF, lib->ns),
+       );
+
+       if (stat(RESOLVCONF_EXEC, &st) == 0)
+       {
+               this->use_resolvconf = TRUE;
+               this->iface_prefix = lib->settings->get_str(lib->settings,
+                                                               "%s.plugins.resolve.resolvconf.iface_prefix",
+                                                               RESOLVCONF_PREFIX, lib->ns);
+       }
+
+       return &this->public;
+}
diff --git a/src/libcharon/plugins/resolve/resolve_handler.h b/src/libcharon/plugins/resolve/resolve_handler.h
new file mode 100644 (file)
index 0000000..77bf978
--- /dev/null
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup resolve_handler resolve_handler
+ * @{ @ingroup resolve
+ */
+
+#ifndef RESOLVE_HANDLER_H_
+#define RESOLVE_HANDLER_H_
+
+#include <attributes/attribute_handler.h>
+
+typedef struct resolve_handler_t resolve_handler_t;
+
+/**
+ * Handle DNS configuration attributes by mangling a resolv.conf file.
+ */
+struct resolve_handler_t {
+
+       /**
+        * Implements the attribute_handler_t interface
+        */
+       attribute_handler_t handler;
+
+       /**
+        * Destroy a resolve_handler_t.
+        */
+       void (*destroy)(resolve_handler_t *this);
+};
+
+/**
+ * Create a resolve_handler instance.
+ */
+resolve_handler_t *resolve_handler_create();
+
+#endif /** RESOLVE_HANDLER_H_ @}*/
diff --git a/src/libcharon/plugins/resolve/resolve_plugin.c b/src/libcharon/plugins/resolve/resolve_plugin.c
new file mode 100644 (file)
index 0000000..00c025f
--- /dev/null
@@ -0,0 +1,101 @@
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "resolve_plugin.h"
+#include "resolve_handler.h"
+
+#include <hydra.h>
+
+typedef struct private_resolve_plugin_t private_resolve_plugin_t;
+
+/**
+ * private data of resolve plugin
+ */
+struct private_resolve_plugin_t {
+
+       /**
+        * implements plugin interface
+        */
+       resolve_plugin_t public;
+
+       /**
+        * The registered DNS attribute handler
+        */
+       resolve_handler_t *handler;
+};
+
+METHOD(plugin_t, get_name, char*,
+       private_resolve_plugin_t *this)
+{
+       return "resolve";
+}
+
+/**
+ * Register handler
+ */
+static bool plugin_cb(private_resolve_plugin_t *this,
+                                         plugin_feature_t *feature, bool reg, void *cb_data)
+{
+       if (reg)
+       {
+               hydra->attributes->add_handler(hydra->attributes,
+                                                                          &this->handler->handler);
+       }
+       else
+       {
+               hydra->attributes->remove_handler(hydra->attributes,
+                                                                                 &this->handler->handler);
+       }
+       return TRUE;
+}
+
+METHOD(plugin_t, get_features, int,
+       private_resolve_plugin_t *this, plugin_feature_t *features[])
+{
+       static plugin_feature_t f[] = {
+               PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL),
+                       PLUGIN_PROVIDE(CUSTOM, "resolve"),
+       };
+       *features = f;
+       return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+       private_resolve_plugin_t *this)
+{
+       this->handler->destroy(this->handler);
+       free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *resolve_plugin_create()
+{
+       private_resolve_plugin_t *this;
+
+       INIT(this,
+               .public = {
+                       .plugin = {
+                               .get_name = _get_name,
+                               .get_features = _get_features,
+                               .destroy = _destroy,
+                       },
+               },
+               .handler = resolve_handler_create(),
+       );
+
+       return &this->public.plugin;
+}
diff --git a/src/libcharon/plugins/resolve/resolve_plugin.h b/src/libcharon/plugins/resolve/resolve_plugin.h
new file mode 100644 (file)
index 0000000..0148b10
--- /dev/null
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup resolve resolve
+ * @ingroup cplugins
+ *
+ * @defgroup resolve_plugin resolve_plugin
+ * @{ @ingroup resolve
+ */
+
+#ifndef RESOLVE_PLUGIN_H_
+#define RESOLVE_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct resolve_plugin_t resolve_plugin_t;
+
+/**
+ * Plugin that writes received DNS servers in a resolv.conf file.
+ */
+struct resolve_plugin_t {
+
+       /**
+        * implements plugin interface
+        */
+       plugin_t plugin;
+};
+
+#endif /** RESOLVE_PLUGIN_H_ @}*/
index 7334cdc..71c42c3 100644 (file)
@@ -72,13 +72,6 @@ if MONOLITHIC
 endif
 endif
 
-if USE_RESOLVE
-  SUBDIRS += plugins/resolve
-if MONOLITHIC
-  libhydra_la_LIBADD += plugins/resolve/libstrongswan-resolve.la
-endif
-endif
-
 if MONOLITHIC
   SUBDIRS += .
 endif
diff --git a/src/libhydra/plugins/resolve/Makefile.am b/src/libhydra/plugins/resolve/Makefile.am
deleted file mode 100644 (file)
index 33c3e70..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-AM_CPPFLAGS = \
-       -I$(top_srcdir)/src/libstrongswan \
-       -I$(top_srcdir)/src/libhydra \
-       -DRESOLV_CONF=\"${resolv_conf}\"
-
-AM_CFLAGS = \
-       $(PLUGIN_CFLAGS)
-
-if MONOLITHIC
-noinst_LTLIBRARIES = libstrongswan-resolve.la
-else
-plugin_LTLIBRARIES = libstrongswan-resolve.la
-endif
-
-libstrongswan_resolve_la_SOURCES = \
-       resolve_plugin.h resolve_plugin.c \
-       resolve_handler.h resolve_handler.c
-
-libstrongswan_resolve_la_LDFLAGS = -module -avoid-version
diff --git a/src/libhydra/plugins/resolve/resolve_handler.c b/src/libhydra/plugins/resolve/resolve_handler.c
deleted file mode 100644 (file)
index 069466a..0000000
+++ /dev/null
@@ -1,377 +0,0 @@
-/*
- * Copyright (C) 2012 Tobias Brunner
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "resolve_handler.h"
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include <hydra.h>
-#include <utils/debug.h>
-#include <threading/mutex.h>
-
-/* path to resolvconf executable */
-#define RESOLVCONF_EXEC "/sbin/resolvconf"
-
-/* default prefix used for resolvconf interfaces (should have high prio) */
-#define RESOLVCONF_PREFIX "lo.inet.ipsec."
-
-typedef struct private_resolve_handler_t private_resolve_handler_t;
-
-/**
- * Private data of an resolve_handler_t object.
- */
-struct private_resolve_handler_t {
-
-       /**
-        * Public resolve_handler_t interface.
-        */
-       resolve_handler_t public;
-
-       /**
-        * resolv.conf file to use
-        */
-       char *file;
-
-       /**
-        * use resolvconf instead of writing directly to resolv.conf
-        */
-       bool use_resolvconf;
-
-       /**
-        * prefix to be used for interface names sent to resolvconf
-        */
-       char *iface_prefix;
-
-       /**
-        * Mutex to access file exclusively
-        */
-       mutex_t *mutex;
-};
-
-/**
- * Writes the given nameserver to resolv.conf
- */
-static bool write_nameserver(private_resolve_handler_t *this,
-                                                        identification_t *server, host_t *addr)
-{
-       FILE *in, *out;
-       char buf[1024];
-       size_t len;
-       bool handled = FALSE;
-
-       in = fopen(this->file, "r");
-       /* allows us to stream from in to out */
-       unlink(this->file);
-       out = fopen(this->file, "w");
-       if (out)
-       {
-               fprintf(out, "nameserver %H   # by strongSwan, from %Y\n", addr,
-                               server);
-               DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file);
-               handled = TRUE;
-
-               /* copy rest of the file */
-               if (in)
-               {
-                       while ((len = fread(buf, 1, sizeof(buf), in)))
-                       {
-                               ignore_result(fwrite(buf, 1, len, out));
-                       }
-               }
-               fclose(out);
-       }
-       if (in)
-       {
-               fclose(in);
-       }
-       return handled;
-}
-
-/**
- * Removes the given nameserver from resolv.conf
- */
-static void remove_nameserver(private_resolve_handler_t *this,
-                                                         identification_t *server, host_t *addr)
-{
-       FILE *in, *out;
-       char line[1024], matcher[512];
-
-       in = fopen(this->file, "r");
-       if (in)
-       {
-               /* allows us to stream from in to out */
-               unlink(this->file);
-               out = fopen(this->file, "w");
-               if (out)
-               {
-                       snprintf(matcher, sizeof(matcher),
-                                        "nameserver %H   # by strongSwan, from %Y\n",
-                                        addr, server);
-
-                       /* copy all, but matching line */
-                       while (fgets(line, sizeof(line), in))
-                       {
-                               if (strpfx(line, matcher))
-                               {
-                                       DBG1(DBG_IKE, "removing DNS server %H from %s",
-                                                addr, this->file);
-                               }
-                               else
-                               {
-                                       fputs(line, out);
-                               }
-                       }
-                       fclose(out);
-               }
-               fclose(in);
-       }
-}
-
-/**
- * Add or remove the given nameserver by invoking resolvconf.
- */
-static bool invoke_resolvconf(private_resolve_handler_t *this,
-                                                         identification_t *server, host_t *addr,
-                                                         bool install)
-{
-       char cmd[128];
-       bool success = TRUE;
-
-       /* we use the nameserver's IP address as part of the interface name to
-        * make them unique */
-       if (snprintf(cmd, sizeof(cmd), "%s %s %s%H", RESOLVCONF_EXEC,
-                               install ? "-a" : "-d", this->iface_prefix, addr) >= sizeof(cmd))
-       {
-               return FALSE;
-       }
-
-       if (install)
-       {
-               FILE *out;
-
-               out = popen(cmd, "w");
-               if (!out)
-               {
-                       return FALSE;
-               }
-               DBG1(DBG_IKE, "installing DNS server %H via resolvconf", addr);
-               fprintf(out, "nameserver %H\n", addr);
-               success = !ferror(out);
-               if (pclose(out))
-               {
-                       return FALSE;
-               }
-       }
-       else
-       {
-               ignore_result(system(cmd));
-       }
-       return success;
-}
-
-METHOD(attribute_handler_t, handle, bool,
-       private_resolve_handler_t *this, identification_t *server,
-       configuration_attribute_type_t type, chunk_t data)
-{
-       host_t *addr;
-       bool handled;
-
-       switch (type)
-       {
-               case INTERNAL_IP4_DNS:
-                       addr = host_create_from_chunk(AF_INET, data, 0);
-                       break;
-               case INTERNAL_IP6_DNS:
-                       addr = host_create_from_chunk(AF_INET6, data, 0);
-                       break;
-               default:
-                       return FALSE;
-       }
-
-       if (!addr || addr->is_anyaddr(addr))
-       {
-               DESTROY_IF(addr);
-               return FALSE;
-       }
-
-       this->mutex->lock(this->mutex);
-       if (this->use_resolvconf)
-       {
-               handled = invoke_resolvconf(this, server, addr, TRUE);
-       }
-       else
-       {
-               handled = write_nameserver(this, server, addr);
-       }
-       this->mutex->unlock(this->mutex);
-       addr->destroy(addr);
-
-       if (!handled)
-       {
-               DBG1(DBG_IKE, "adding DNS server failed");
-       }
-       return handled;
-}
-
-METHOD(attribute_handler_t, release, void,
-       private_resolve_handler_t *this, identification_t *server,
-       configuration_attribute_type_t type, chunk_t data)
-{
-       host_t *addr;
-       int family;
-
-       switch (type)
-       {
-               case INTERNAL_IP4_DNS:
-                       family = AF_INET;
-                       break;
-               case INTERNAL_IP6_DNS:
-                       family = AF_INET6;
-                       break;
-               default:
-                       return;
-       }
-       addr = host_create_from_chunk(family, data, 0);
-
-       this->mutex->lock(this->mutex);
-       if (this->use_resolvconf)
-       {
-               invoke_resolvconf(this, server, addr, FALSE);
-       }
-       else
-       {
-               remove_nameserver(this, server, addr);
-       }
-       this->mutex->unlock(this->mutex);
-
-       addr->destroy(addr);
-}
-
-/**
- * Attribute enumerator implementation
- */
-typedef struct {
-       /** implements enumerator_t interface */
-       enumerator_t public;
-       /** request IPv4 DNS? */
-       bool v4;
-       /** request IPv6 DNS? */
-       bool v6;
-} attribute_enumerator_t;
-
-static bool attribute_enumerate(attribute_enumerator_t *this,
-                                                               configuration_attribute_type_t *type,
-                                                               chunk_t *data)
-{
-       if (this->v4)
-       {
-               *type = INTERNAL_IP4_DNS;
-               *data = chunk_empty;
-               this->v4 = FALSE;
-               return TRUE;
-       }
-       if (this->v6)
-       {
-               *type = INTERNAL_IP6_DNS;
-               *data = chunk_empty;
-               this->v6 = FALSE;
-               return TRUE;
-       }
-       return FALSE;
-}
-
-/**
- * Check if a list has a host of given family
- */
-static bool has_host_family(linked_list_t *list, int family)
-{
-       enumerator_t *enumerator;
-       host_t *host;
-       bool found = FALSE;
-
-       enumerator = list->create_enumerator(list);
-       while (enumerator->enumerate(enumerator, &host))
-       {
-               if (host->get_family(host) == family)
-               {
-                       found = TRUE;
-                       break;
-               }
-       }
-       enumerator->destroy(enumerator);
-
-       return found;
-}
-
-METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
-       private_resolve_handler_t *this, identification_t *server,
-       linked_list_t *vips)
-{
-       attribute_enumerator_t *enumerator;
-
-       INIT(enumerator,
-               .public = {
-                       .enumerate = (void*)attribute_enumerate,
-                       .destroy = (void*)free,
-               },
-               .v4 = has_host_family(vips, AF_INET),
-               .v6 = has_host_family(vips, AF_INET6),
-       );
-       return &enumerator->public;
-}
-
-METHOD(resolve_handler_t, destroy, void,
-       private_resolve_handler_t *this)
-{
-       this->mutex->destroy(this->mutex);
-       free(this);
-}
-
-/**
- * See header
- */
-resolve_handler_t *resolve_handler_create()
-{
-       private_resolve_handler_t *this;
-       struct stat st;
-
-       INIT(this,
-               .public = {
-                       .handler = {
-                               .handle = _handle,
-                               .release = _release,
-                               .create_attribute_enumerator = _create_attribute_enumerator,
-                       },
-                       .destroy = _destroy,
-               },
-               .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
-               .file = lib->settings->get_str(lib->settings, "%s.plugins.resolve.file",
-                                                                          RESOLV_CONF, lib->ns),
-       );
-
-       if (stat(RESOLVCONF_EXEC, &st) == 0)
-       {
-               this->use_resolvconf = TRUE;
-               this->iface_prefix = lib->settings->get_str(lib->settings,
-                                                               "%s.plugins.resolve.resolvconf.iface_prefix",
-                                                               RESOLVCONF_PREFIX, lib->ns);
-       }
-
-       return &this->public;
-}
-
diff --git a/src/libhydra/plugins/resolve/resolve_handler.h b/src/libhydra/plugins/resolve/resolve_handler.h
deleted file mode 100644 (file)
index 77bf978..0000000
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup resolve_handler resolve_handler
- * @{ @ingroup resolve
- */
-
-#ifndef RESOLVE_HANDLER_H_
-#define RESOLVE_HANDLER_H_
-
-#include <attributes/attribute_handler.h>
-
-typedef struct resolve_handler_t resolve_handler_t;
-
-/**
- * Handle DNS configuration attributes by mangling a resolv.conf file.
- */
-struct resolve_handler_t {
-
-       /**
-        * Implements the attribute_handler_t interface
-        */
-       attribute_handler_t handler;
-
-       /**
-        * Destroy a resolve_handler_t.
-        */
-       void (*destroy)(resolve_handler_t *this);
-};
-
-/**
- * Create a resolve_handler instance.
- */
-resolve_handler_t *resolve_handler_create();
-
-#endif /** RESOLVE_HANDLER_H_ @}*/
diff --git a/src/libhydra/plugins/resolve/resolve_plugin.c b/src/libhydra/plugins/resolve/resolve_plugin.c
deleted file mode 100644 (file)
index 2fef09a..0000000
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include "resolve_plugin.h"
-#include "resolve_handler.h"
-
-#include <hydra.h>
-
-typedef struct private_resolve_plugin_t private_resolve_plugin_t;
-
-/**
- * private data of resolve plugin
- */
-struct private_resolve_plugin_t {
-
-       /**
-        * implements plugin interface
-        */
-       resolve_plugin_t public;
-
-       /**
-        * The registered DNS attribute handler
-        */
-       resolve_handler_t *handler;
-};
-
-METHOD(plugin_t, get_name, char*,
-       private_resolve_plugin_t *this)
-{
-       return "resolve";
-}
-
-/**
- * Register handler
- */
-static bool plugin_cb(private_resolve_plugin_t *this,
-                                         plugin_feature_t *feature, bool reg, void *cb_data)
-{
-       if (reg)
-       {
-               hydra->attributes->add_handler(hydra->attributes,
-                                                                          &this->handler->handler);
-       }
-       else
-       {
-               hydra->attributes->remove_handler(hydra->attributes,
-                                                                                 &this->handler->handler);
-       }
-       return TRUE;
-}
-
-METHOD(plugin_t, get_features, int,
-       private_resolve_plugin_t *this, plugin_feature_t *features[])
-{
-       static plugin_feature_t f[] = {
-               PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL),
-                       PLUGIN_PROVIDE(CUSTOM, "resolve"),
-       };
-       *features = f;
-       return countof(f);
-}
-
-METHOD(plugin_t, destroy, void,
-       private_resolve_plugin_t *this)
-{
-       this->handler->destroy(this->handler);
-       free(this);
-}
-
-/*
- * see header file
- */
-plugin_t *resolve_plugin_create()
-{
-       private_resolve_plugin_t *this;
-
-       INIT(this,
-               .public = {
-                       .plugin = {
-                               .get_name = _get_name,
-                               .get_features = _get_features,
-                               .destroy = _destroy,
-                       },
-               },
-               .handler = resolve_handler_create(),
-       );
-
-       return &this->public.plugin;
-}
-
diff --git a/src/libhydra/plugins/resolve/resolve_plugin.h b/src/libhydra/plugins/resolve/resolve_plugin.h
deleted file mode 100644 (file)
index 0148b10..0000000
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup resolve resolve
- * @ingroup cplugins
- *
- * @defgroup resolve_plugin resolve_plugin
- * @{ @ingroup resolve
- */
-
-#ifndef RESOLVE_PLUGIN_H_
-#define RESOLVE_PLUGIN_H_
-
-#include <plugins/plugin.h>
-
-typedef struct resolve_plugin_t resolve_plugin_t;
-
-/**
- * Plugin that writes received DNS servers in a resolv.conf file.
- */
-struct resolve_plugin_t {
-
-       /**
-        * implements plugin interface
-        */
-       plugin_t plugin;
-};
-
-#endif /** RESOLVE_PLUGIN_H_ @}*/