make use of the new trap-manager
authorMartin Willi <martin@strongswan.org>
Wed, 6 May 2009 17:48:21 +0000 (19:48 +0200)
committerMartin Willi <martin@strongswan.org>
Fri, 8 May 2009 08:03:58 +0000 (10:03 +0200)
src/charon/daemon.c
src/charon/daemon.h
src/charon/plugins/stroke/stroke_control.c
src/charon/processing/jobs/acquire_job.c
src/charon/processing/jobs/acquire_job.h
src/charon/sa/tasks/child_delete.c

index 8fe6e21..8b30588 100644 (file)
@@ -1,7 +1,7 @@
 /* 
  * Copyright (C) 2006-2009 Tobias Brunner
+ * Copyright (C) 2005-2009 Martin Willi
  * Copyright (C) 2006 Daniel Roethlisberger
- * Copyright (C) 2005-2008 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  * Hochschule fuer Technik Rapperswil
  *
@@ -180,6 +180,7 @@ static void destroy(private_daemon_t *this)
 #ifdef CAPABILITIES
        cap_free(this->caps);
 #endif /* CAPABILITIES */
+       DESTROY_IF(this->public.traps);
        DESTROY_IF(this->public.ike_sa_manager);
        DESTROY_IF(this->public.kernel_interface);
        DESTROY_IF(this->public.scheduler);
@@ -507,6 +508,7 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[])
        {
                return FALSE;
        }
+       this->public.traps = trap_manager_create();
        this->public.sender = sender_create();
        this->public.receiver = receiver_create();
        if (this->public.receiver == NULL)
@@ -557,6 +559,7 @@ private_daemon_t *daemon_create(void)
        /* NULL members for clean destruction */
        this->public.socket = NULL;
        this->public.ike_sa_manager = NULL;
+       this->public.traps = NULL;
        this->public.credentials = NULL;
        this->public.backends = NULL;
        this->public.attributes = NULL;
index edf9b4e..023bae4 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * Copyright (C) 2006-2007 Tobias Brunner
+ * Copyright (C) 2005-2009 Martin Willi
  * Copyright (C) 2006 Daniel Roethlisberger
- * Copyright (C) 2005-2008 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  * Hochschule fuer Technik Rapperswil
  *
@@ -157,6 +157,7 @@ typedef struct daemon_t daemon_t;
 #include <bus/listeners/file_logger.h>
 #include <bus/listeners/sys_logger.h>
 #include <sa/ike_sa_manager.h>
+#include <sa/trap_manager.h>
 #include <config/backend_manager.h>
 #include <config/attributes/attribute_manager.h>
 #include <credentials/credential_manager.h>
@@ -203,13 +204,18 @@ struct daemon_t {
         * A socket_t instance.
         */
        socket_t *socket;
-
+       
        /**
         * A ike_sa_manager_t instance.
         */
        ike_sa_manager_t *ike_sa_manager;
        
        /**
+        * Manager for triggering policies, called traps
+        */
+       trap_manager_t *traps;
+       
+       /**
         * Manager for the different configuration backends.
         */
        backend_manager_t *backends;
index 2c84c7e..6d099ec 100644 (file)
@@ -314,7 +314,6 @@ static void route(private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
 {
        peer_cfg_t *peer_cfg;
        child_cfg_t *child_cfg;
-       stroke_log_info_t info;
        
        peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
                                                                                                          msg->route.name);
@@ -337,10 +336,14 @@ static void route(private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
                return;
        }
        
-       info.out = out;
-       info.level = msg->output_verbosity;
-       charon->controller->route(charon->controller, peer_cfg, child_cfg,
-                                                         (controller_cb_t)stroke_log, &info);
+       if (charon->traps->install(charon->traps, peer_cfg, child_cfg))
+       {
+               fprintf(out, "configuration '%s' routed\n", msg->route.name);
+       }
+       else
+       {
+               fprintf(out, "routing configuration '%s' failed\n", msg->route.name);
+       }
        peer_cfg->destroy(peer_cfg);
        child_cfg->destroy(child_cfg);
 }
@@ -350,41 +353,24 @@ static void route(private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
  */
 static void unroute(private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
 {
-       char *name;
-       ike_sa_t *ike_sa;
+       child_sa_t *child_sa;
        enumerator_t *enumerator;
-       stroke_log_info_t info;
-       
-       name = msg->terminate.name;
-       
-       info.out = out;
-       info.level = msg->output_verbosity;
+       u_int32_t id;
        
-       enumerator = charon->controller->create_ike_sa_enumerator(charon->controller);
-       while (enumerator->enumerate(enumerator, &ike_sa))
+       enumerator = charon->traps->create_enumerator(charon->traps);
+       while (enumerator->enumerate(enumerator, NULL, &child_sa))
        {
-               child_sa_t *child_sa;
-               iterator_t *children;
-               u_int32_t id;
-
-               children = ike_sa->create_child_sa_iterator(ike_sa);
-               while (children->iterate(children, (void**)&child_sa))
+               if (streq(msg->unroute.name, child_sa->get_name(child_sa)))
                {
-                       if (child_sa->get_state(child_sa) == CHILD_ROUTED &&
-                               streq(name, child_sa->get_name(child_sa)))
-                       {
-                               id = child_sa->get_reqid(child_sa);
-                               children->destroy(children);
-                               enumerator->destroy(enumerator);
-                               charon->controller->unroute(charon->controller, id,
-                                                               (controller_cb_t)stroke_log, &info);
-                               return;
-                       }
+                       id = child_sa->get_reqid(child_sa);
+                       enumerator->destroy(enumerator);
+                       charon->traps->uninstall(charon->traps, id);
+                       fprintf(out, "configuration '%s' unrouted\n", msg->unroute.name);
+                       return;
                }
-               children->destroy(children);
        }
        enumerator->destroy(enumerator);
-       DBG1(DBG_CFG, "no such SA found");
+       fprintf(out, "configuration '%s' not found\n", msg->unroute.name);
 }
 
 /**
index 8e36569..90b221b 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006 Martin Willi
+ * Copyright (C) 2006-2009 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -33,12 +33,12 @@ struct private_acquire_job_t {
         * reqid of the child to rekey
         */
        u_int32_t reqid;
-
+       
        /**
         * acquired source traffic selector
         */
        traffic_selector_t *src_ts;
-
+       
        /**
         * acquired destination traffic selector
         */
@@ -60,24 +60,8 @@ static void destroy(private_acquire_job_t *this)
  */
 static void execute(private_acquire_job_t *this)
 {
-       ike_sa_t *ike_sa = NULL;
-       
-       if (this->reqid)
-       {
-               ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
-                                                                                                               this->reqid, TRUE);
-       }
-       if (ike_sa == NULL)
-       {
-               DBG1(DBG_JOB, "acquire job found no CHILD_SA with reqid {%d}",
-                        this->reqid);
-       }
-       else
-       {
-               ike_sa->acquire(ike_sa, this->reqid);
-               
-               charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
-       }
+       charon->traps->acquire(charon->traps, this->reqid,
+                                                  this->src_ts, this->dst_ts);
        destroy(this);
 }
 
@@ -90,14 +74,13 @@ acquire_job_t *acquire_job_create(u_int32_t reqid,
 {
        private_acquire_job_t *this = malloc_thing(private_acquire_job_t);
        
-       /* interface functions */
        this->public.job_interface.execute = (void (*) (job_t *)) execute;
        this->public.job_interface.destroy = (void (*)(job_t*)) destroy;
        
-       /* private variables */
        this->reqid = reqid;
        this->src_ts = src_ts;
        this->dst_ts = dst_ts;
        
        return &this->public;
 }
+
index e9f523a..a78e527 100644 (file)
@@ -42,9 +42,7 @@ struct acquire_job_t {
 /**
  * Creates a job of type ACQUIRE.
  *
- * We use the reqid to find the routed CHILD_SA.
- *
- * @param reqid                reqid of the CHILD_SA to acquire
+ * @param reqid                reqid of the trapped CHILD_SA to acquire
  * @param src_ts       source traffic selector
  * @param dst_ts       destination traffic selector
  * @return                     acquire_job_t object
index 04d7b7e..c6dc54e 100644 (file)
@@ -203,8 +203,9 @@ static status_t destroy_and_reestablish(private_child_delete_t *this)
                                        child_cfg->get_ref(child_cfg);
                                        status = this->ike_sa->initiate(this->ike_sa, child_cfg);
                                        break;
-                               case ACTION_ROUTE:
-                                       status = this->ike_sa->route(this->ike_sa, child_cfg);
+                               case ACTION_ROUTE:      
+                                       charon->traps->install(charon->traps,
+                                                       this->ike_sa->get_peer_cfg(this->ike_sa), child_cfg);
                                        break;
                                default:
                                        break;