prototype implemementation of an sqlite configuration backend
authorMartin Willi <martin@strongswan.org>
Tue, 18 Sep 2007 07:12:21 +0000 (07:12 -0000)
committerMartin Willi <martin@strongswan.org>
Tue, 18 Sep 2007 07:12:21 +0000 (07:12 -0000)
configure.in
src/charon/Makefile.am
src/charon/config/backend_manager.c
src/charon/config/backend_manager.h
src/charon/config/backends/backend.h
src/charon/config/backends/local_backend.c
src/charon/config/backends/sqlite_backend.c [new file with mode: 0644]
src/charon/config/backends/sqlite_backend.h [new file with mode: 0644]
src/charon/control/interfaces/dbus_interface.c
src/charon/control/interfaces/stroke_interface.c
src/libstrongswan/utils/identification.c

index ccc1bf1..dde4307 100644 (file)
@@ -176,6 +176,16 @@ AC_ARG_ENABLE(
 AM_CONDITIONAL(USE_LIBXML, test x$xml = xtrue)
 
 AC_ARG_ENABLE(
+    [sqlite],
+    AS_HELP_STRING([--enable-sqlite],[enable SQLite configuration backend (default is NO). Requires libsqlite3.]),
+    [if test x$enableval = xyes; then
+        sqlite=true
+        AC_DEFINE(LIBSQLITE)
+    fi]
+)
+AM_CONDITIONAL(USE_LIBSQLITE, test x$sqlite = xtrue)
+
+AC_ARG_ENABLE(
     [smartcard],
     AS_HELP_STRING([--enable-smartcard],[enable smartcard support (default is NO).]),
     [if test x$enableval = xyes; then
index 9812a32..ec4279e 100644 (file)
@@ -89,7 +89,7 @@ sa/tasks/task.c sa/tasks/task.h
 
 
 INCLUDES = -I${linuxdir} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon -I$(top_srcdir)/src/stroke
-AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \
+AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_PIDDIR=\"${piddir}\" \
        -DIPSEC_EAPDIR=\"${eapdir}\" -DIPSEC_BACKENDDIR=\"${backenddir}\" -DIPSEC_INTERFACEDIR=\"${interfacedir}\"
 charon_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lgmp -lpthread -lm -ldl
 
@@ -120,6 +120,13 @@ backend_LTLIBRARIES += liblocal.la
 liblocal_la_SOURCES = config/backends/local_backend.h config/backends/local_backend.c
 liblocal_la_LDFLAGS = -module
 
+if USE_LIBSQLITE
+  backend_LTLIBRARIES += libsqlite.la
+  libsqlite_la_SOURCES = config/backends/sqlite_backend.h config/backends/sqlite_backend.c
+  libsqlite_la_LIBADD = -lsqlite3
+  libsqlite_la_LDFLAGS = -module
+endif
+
 # build control interfaces, stroke interface is always built
 ############################################################
 interface_LTLIBRARIES =
index 6df68c7..b2104ac 100644 (file)
@@ -96,6 +96,22 @@ static peer_cfg_t *get_peer_cfg(private_backend_manager_t *this,
 }
 
 /**
+ * implements backend_manager_t.get_peer_cfg_by_name.
+ */                    
+static peer_cfg_t *get_peer_cfg_by_name(private_backend_manager_t *this, char *name)
+{
+       backend_t *backend;
+       peer_cfg_t *config = NULL;
+       iterator_t *iterator = this->backends->create_iterator(this->backends, TRUE);
+       while (config == NULL && iterator->iterate(iterator, (void**)&backend))
+       {
+               config = backend->get_peer_cfg_by_name(backend, name);
+       }
+       iterator->destroy(iterator);
+       return config;
+}
+
+/**
  * implements backend_manager_t.add_peer_cfg.
  */    
 static void add_peer_cfg(private_backend_manager_t *this, peer_cfg_t *config)
@@ -214,6 +230,7 @@ backend_manager_t *backend_manager_create()
        
        this->public.get_ike_cfg = (ike_cfg_t* (*)(backend_manager_t*, host_t*, host_t*))get_ike_cfg;
        this->public.get_peer_cfg = (peer_cfg_t* (*)(backend_manager_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
+       this->public.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_manager_t*,char*))get_peer_cfg_by_name;
        this->public.add_peer_cfg = (void (*)(backend_manager_t*,peer_cfg_t*))add_peer_cfg;
        this->public.create_iterator = (iterator_t* (*)(backend_manager_t*))create_iterator;
        this->public.destroy = (void (*)(backend_manager_t*))destroy;
index 22a19a2..7ca6d66 100644 (file)
@@ -88,6 +88,15 @@ struct backend_manager_t {
                                                                ca_info_t *other_ca_info);
        
        /**
+        * @brief Get a peer_config identified by it's name.
+        *
+        * @param this                          calling object
+        * @param name                          name of the peer_config
+        * @return                                      matching peer_config, or NULL if none found
+        */
+       peer_cfg_t* (*get_peer_cfg_by_name)(backend_manager_t *this, char *name);
+       
+       /**
         * @brief Add a peer_config to the first found writable backend.
         *
         * @param this          calling object
index acab660..592d1dd 100644 (file)
@@ -71,6 +71,15 @@ struct backend_t {
                                                                ca_info_t *other_ca_info);
        
        /**
+        * @brief Get a peer_cfg identified by it's name, or a name of its child.
+        *
+        * @param this                          calling object
+        * @param name                          
+        * @return                                      matching peer_config, or NULL if none found
+        */
+       peer_cfg_t *(*get_peer_cfg_by_name)(backend_t *this, char *name);
+       
+       /**
         * @brief Check if a backend is writable and implements writable_backend_t.
         *
         * @param this          calling object
index b579509..e04c72a 100644 (file)
@@ -225,6 +225,46 @@ static peer_cfg_t *get_peer_cfg(private_local_backend_t *this,
 }
 
 /**
+ * implements backend_t.get_peer_cfg_by_name.
+ */                    
+static peer_cfg_t *get_peer_cfg_by_name(private_local_backend_t *this, char *name)
+{
+       iterator_t *i1, *i2;
+       peer_cfg_t *current, *found = NULL;
+       child_cfg_t *child;
+
+       i1 = this->cfgs->create_iterator(this->cfgs, TRUE);
+       while (i1->iterate(i1, (void**)&current))
+       {
+        /* compare peer_cfgs name first */
+        if (streq(current->get_name(current), name))
+        {
+            found = current;
+            found->get_ref(found);
+            break;
+        }
+        /* compare all child_cfg names otherwise */
+        i2 = current->create_child_cfg_iterator(current);
+        while (i2->iterate(i2, (void**)&child))
+        {
+            if (streq(child->get_name(child), name))
+            {
+                found = current;
+                found->get_ref(found);
+                break;
+            }
+        }
+        i2->destroy(i2);
+        if (found)
+        {
+            break;
+        }
+       }
+       i1->destroy(i1);
+       return found;
+}
+
+/**
  * Implementation of backend_t.is_writable.
  */
 static bool is_writeable(private_local_backend_t *this)
@@ -268,6 +308,7 @@ backend_t *backend_create(void)
        
        this->public.backend.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg;
        this->public.backend.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
+       this->public.backend.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
     this->public.backend.backend.is_writeable = (bool(*) (backend_t*))is_writeable;
     this->public.backend.backend.destroy = (void (*)(backend_t*))destroy;
        this->public.backend.create_iterator = (iterator_t* (*)(writeable_backend_t*))create_iterator;
diff --git a/src/charon/config/backends/sqlite_backend.c b/src/charon/config/backends/sqlite_backend.c
new file mode 100644 (file)
index 0000000..2db90f9
--- /dev/null
@@ -0,0 +1,307 @@
+/**
+ * @file sqlite_backend.c
+ *
+ * @brief Implementation of sqlite_backend_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <sqlite3.h>
+
+#include "sqlite_backend.h"
+
+#include <daemon.h>
+
+
+typedef struct private_sqlite_backend_t private_sqlite_backend_t;
+
+/**
+ * Private data of an sqlite_backend_t object
+ */
+struct private_sqlite_backend_t {
+
+       /**
+        * Public part
+        */
+       sqlite_backend_t public;
+       
+       /**
+        * SQLite database handle
+        */
+       sqlite3 *db;
+};
+
+/**
+ * implements backen_t.get_ike_cfg.
+ */
+static ike_cfg_t *get_ike_cfg(private_sqlite_backend_t *this, 
+                                                         host_t *my_host, host_t *other_host)
+{
+       return NULL;
+}
+
+/**
+ * add TS with child "id" to "child_cfg"
+ */
+static void add_ts(private_sqlite_backend_t *this, child_cfg_t *child_cfg, int id)
+{
+       sqlite3_stmt *stmt;
+       
+       if (sqlite3_prepare_v2(this->db,
+               "SELECT type, protocol, start_addr, end_addr, start_port, end_port, kind "
+               "FROM traffic_selectors, child_config_traffic_selector "
+                       "ON traffic_selectors.oid = child_config_traffic_selector.traffic_selector "
+               "WHERE child_config_traffic_selector.child_cfg = ?;",
+               -1, &stmt, NULL) == SQLITE_OK &&
+               sqlite3_bind_int(stmt, 1, id) == SQLITE_OK)
+       {
+               while (sqlite3_step(stmt) == SQLITE_ROW)
+               {
+                       traffic_selector_t *ts;
+                       bool local = FALSE;
+                       enum {
+                               TS_LOCAL = 0,
+                               TS_REMOTE = 1,
+                               TS_LOCAL_DYNAMIC = 2,
+                               TS_REMOTE_DYNAMIC = 3,
+                       } kind;
+                       
+                       kind = sqlite3_column_int(stmt, 6);
+                       switch (kind)
+                       {
+                               case TS_LOCAL:
+                                       local = TRUE;
+                                       /* FALL */
+                               case TS_REMOTE:
+                                       ts = traffic_selector_create_from_string(
+                                               sqlite3_column_int(stmt, 1),                    /* protocol */
+                                               sqlite3_column_int(stmt, 0),                    /* type */
+                                               (char*)sqlite3_column_text(stmt, 2),    /* from addr */
+                                               sqlite3_column_int(stmt, 4),                    /* from port */
+                                               (char*)sqlite3_column_text(stmt, 3),    /* to addr */
+                                               sqlite3_column_int(stmt, 5));                   /* to port */
+                                       break;
+                               case TS_LOCAL_DYNAMIC:
+                                       local = TRUE;
+                                       /* FALL */
+                               case TS_REMOTE_DYNAMIC:
+                                       ts = traffic_selector_create_dynamic(
+                                               sqlite3_column_int(stmt, 1),                    /* protocol */
+                                               sqlite3_column_int(stmt, 0),                    /* type */
+                                               sqlite3_column_int(stmt, 4),                    /* from port */
+                                               sqlite3_column_int(stmt, 5));                   /* to port */
+                                       break;
+                               default:
+                                       continue;
+                       }
+                       if (ts)
+                       {
+                               child_cfg->add_traffic_selector(child_cfg, local, ts);
+                       }
+               }
+       }
+       sqlite3_finalize(stmt);
+}
+
+/**
+ * add childrens belonging to config with "id" to "peer_cfg"
+ */
+static void add_children(private_sqlite_backend_t *this, peer_cfg_t *peer_cfg, int id)
+{
+       sqlite3_stmt *stmt;
+       child_cfg_t *child_cfg;
+       
+       if (sqlite3_prepare_v2(this->db,
+               "SELECT child_configs.oid, name, updown, hostaccess, mode, "
+                          "lifetime, rekeytime, jitter "
+               "FROM child_configs, peer_config_child_config "
+                       "ON child_configs.oid = peer_config_child_config.child_cfg "
+               "WHERE peer_config_child_config.peer_cfg = ?;",
+               -1, &stmt, NULL) == SQLITE_OK &&
+               sqlite3_bind_int(stmt, 1, id) == SQLITE_OK)
+       {
+               while (sqlite3_step(stmt) == SQLITE_ROW)
+               {
+                       child_cfg = child_cfg_create(
+                                       (char*)sqlite3_column_text(stmt, 1),    /* name */
+                                       sqlite3_column_int(stmt, 5),                    /* lifetime */
+                                       sqlite3_column_int(stmt, 6),                    /* rekeytime */
+                                       sqlite3_column_int(stmt, 7),                    /* jitter */
+                                       (char*)sqlite3_column_text(stmt, 2),    /* updown */
+                                       sqlite3_column_int(stmt, 3),                    /* hostaccess */
+                                       sqlite3_column_int(stmt, 4));                   /* mode */
+                       add_ts(this, child_cfg, sqlite3_column_int(stmt, 0));
+                       child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
+                       peer_cfg->add_child_cfg(peer_cfg, child_cfg);
+               }
+       }
+       sqlite3_finalize(stmt);
+}
+
+/**
+ * processing function for get_peer_cfg and get_peer_cfg_by_name
+ */
+static peer_cfg_t *process_peer_cfg_row(private_sqlite_backend_t *this,
+                                                                               sqlite3_stmt *stmt)
+{
+       host_t *local_host, *remote_host, *local_vip = NULL, *remote_vip = NULL;
+       identification_t *local_id, *remote_id;
+       peer_cfg_t *peer_cfg;
+       ike_cfg_t *ike_cfg;
+
+       local_host = host_create_from_string((char*)sqlite3_column_text(stmt, 17), IKEV2_UDP_PORT);
+       remote_host = host_create_from_string((char*)sqlite3_column_text(stmt, 18), IKEV2_UDP_PORT);
+       if (sqlite3_column_text(stmt, 15))
+       {
+               local_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 15), 0);
+       }
+       if (sqlite3_column_text(stmt, 16))
+       {
+               remote_vip = host_create_from_string((char*)sqlite3_column_text(stmt, 16), 0);
+       }
+       local_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 2));
+       remote_id = identification_create_from_string((char*)sqlite3_column_text(stmt, 3));
+       if (local_host && remote_host && local_id && remote_id)
+       {
+               ike_cfg = ike_cfg_create(sqlite3_column_int(stmt, 19),  local_host, remote_host);               
+               ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
+               peer_cfg = peer_cfg_create(
+                       (char*)sqlite3_column_text(stmt, 1),            /* name */
+                       2, ike_cfg,     local_id, remote_id, NULL, NULL, linked_list_create(),
+                       sqlite3_column_int(stmt, 4),                            /* cert_policy */
+                       sqlite3_column_int(stmt, 5),                            /* auth_method */
+                       sqlite3_column_int(stmt, 6),                            /* eap_type */
+                       sqlite3_column_int(stmt, 7),                            /* keyingtries */
+                       sqlite3_column_int(stmt, 8),                            /* lifetime */
+                       sqlite3_column_int(stmt, 9),                            /* rekeytime */
+                       sqlite3_column_int(stmt, 10),                           /* jitter */
+                       sqlite3_column_int(stmt, 13),                           /* reauth */
+                       sqlite3_column_int(stmt, 14),                           /* mobike */
+                       sqlite3_column_int(stmt, 11),                           /* dpd_delay */
+                       sqlite3_column_int(stmt, 12),                           /* dpd_action */
+                       local_vip, remote_vip);
+               add_children(this, peer_cfg, sqlite3_column_int(stmt, 0));
+               return peer_cfg;
+       }
+       
+       DESTROY_IF(local_host);
+       DESTROY_IF(remote_host);
+       DESTROY_IF(local_id);
+       DESTROY_IF(remote_id);
+       DESTROY_IF(local_vip);
+       DESTROY_IF(remote_vip);
+       return NULL;
+}
+
+/**
+ * implements backend_t.get_peer_cfg.
+ */                    
+static peer_cfg_t *get_peer_cfg(private_sqlite_backend_t *this,
+                                                               identification_t *my_id, identification_t *other_id,
+                                                               ca_info_t *other_ca_info)
+{
+       sqlite3_stmt *stmt;
+       char local[256], remote[256];
+       peer_cfg_t *peer_cfg = NULL;
+
+       snprintf(local, sizeof(local), "%D",  my_id);
+       snprintf(remote, sizeof(remote), "%D", other_id);
+       
+       if (sqlite3_prepare_v2(this->db,
+                       "SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, "
+                                  "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, "
+                                  "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, "
+                                  "local, remote, certreq "
+                       "FROM peer_configs, ike_configs "
+                               "ON peer_configs.ike_cfg = ike_configs.oid "
+                       "WHERE local_id = ? and remote_id = ?;", -1, &stmt, NULL) == SQLITE_OK &&
+               sqlite3_bind_text(stmt, 1, local, -1, SQLITE_STATIC) == SQLITE_OK &&
+               sqlite3_bind_text(stmt, 2, remote, -1, SQLITE_STATIC) == SQLITE_OK &&
+               sqlite3_step(stmt) == SQLITE_ROW)
+       {
+               peer_cfg = process_peer_cfg_row(this, stmt);
+       }
+       sqlite3_finalize(stmt);
+       return peer_cfg;
+}
+
+/**
+ * implements backend_t.get_peer_cfg_by_name.
+ */                    
+static peer_cfg_t *get_peer_cfg_by_name(private_sqlite_backend_t *this, char *name)
+{
+       sqlite3_stmt *stmt;
+       peer_cfg_t *peer_cfg = NULL;
+       
+       if (sqlite3_prepare_v2(this->db,
+                       "SELECT peer_configs.oid, name, local_id, remote_id, cert_policy, "
+                                  "auth_method, eap_type, keyingtries, lifetime, rekeytime, jitter, "
+                                  "dpd_delay, dpd_action, reauth, mobike, local_vip, remote_vip, "
+                                  "local, remote, certreq "
+                       "FROM peer_configs, ike_configs "
+                               "ON peer_configs.ike_cfg = ike_configs.oid "
+                       "WHERE name = ? ;", -1, &stmt, NULL) == SQLITE_OK &&
+               sqlite3_bind_text(stmt, 1, name, -1, SQLITE_STATIC) == SQLITE_OK &&
+               sqlite3_step(stmt) == SQLITE_ROW)
+       {
+               peer_cfg = process_peer_cfg_row(this, stmt);
+       }
+       sqlite3_finalize(stmt);
+       return peer_cfg;
+}
+
+/**
+ * Implementation of backend_t.is_writable.
+ */
+static bool is_writeable(private_sqlite_backend_t *this)
+{
+    return FALSE;
+}
+
+/**
+ * Implementation of backend_t.destroy.
+ */
+static void destroy(private_sqlite_backend_t *this)
+{
+       sqlite3_close(this->db);
+    free(this);
+}
+
+/**
+ * Described in header.
+ */
+backend_t *backend_create(void)
+{
+       private_sqlite_backend_t *this = malloc_thing(private_sqlite_backend_t);
+
+       this->public.backend.get_ike_cfg = (ike_cfg_t* (*)(backend_t*, host_t*, host_t*))get_ike_cfg;
+       this->public.backend.get_peer_cfg = (peer_cfg_t* (*)(backend_t*,identification_t*,identification_t*,ca_info_t*))get_peer_cfg;
+       this->public.backend.get_peer_cfg_by_name = (peer_cfg_t* (*)(backend_t*,char*))get_peer_cfg_by_name;
+       this->public.backend.is_writeable = (bool(*) (backend_t*))is_writeable;
+       this->public.backend.destroy = (void (*)(backend_t*))destroy;
+       
+       if (sqlite3_open(IPSEC_DIR "/sqlite.db", &this->db) != SQLITE_OK)
+       {
+               DBG1(DBG_CFG, "opening SQLite database '" IPSEC_DIR "/sqlite.db' failed.");
+               destroy(this);
+               return NULL;
+       }
+       
+       return &this->public.backend;
+}
+
diff --git a/src/charon/config/backends/sqlite_backend.h b/src/charon/config/backends/sqlite_backend.h
new file mode 100644 (file)
index 0000000..4bc1465
--- /dev/null
@@ -0,0 +1,58 @@
+/**
+ * @file sqlite_backend.h
+ *
+ * @brief Interface of sqlite_backend_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+#ifndef SQLITE_BACKEND_H_
+#define SQLITE_BACKEND_H_
+
+typedef struct sqlite_backend_t sqlite_backend_t;
+
+#include <library.h>
+
+#include "backend.h"
+
+/**
+ * @brief An SQLite based configuration backend.
+ *
+ * @b Constructors:
+ *  - sqlite_backend_create()
+ * 
+ * @ingroup backends
+ */
+struct sqlite_backend_t {
+       
+       /**
+        * Implements backend_t interface
+        */
+       backend_t backend;
+};
+
+/**
+ * @brief Create a backend_t instance implemented as sqlite backend.
+ *
+ * @return backend instance
+ * 
+ * @ingroup backends
+ */
+backend_t *backend_create(void);
+
+#endif /* SQLITE_BACKEND_H_ */
+
index d93a5d0..10307af 100644 (file)
@@ -119,46 +119,6 @@ static child_cfg_t* get_child_from_peer(peer_cfg_t *peer_cfg, char *name)
 }
 
 /**
- * get a peer configuration by its name, or a name of its children
- */
-static peer_cfg_t *get_peer_cfg_by_name(char *name)
-{
-       iterator_t *i1, *i2;
-       peer_cfg_t *current, *found = NULL;
-       child_cfg_t *child;
-
-       i1 = charon->backends->create_iterator(charon->backends);
-       while (i1->iterate(i1, (void**)&current))
-       {
-               /* compare peer_cfgs name first */
-               if (streq(current->get_name(current), name))
-               {
-                       found = current;
-                       found->get_ref(found);
-                       break;
-               }
-               /* compare all child_cfg names otherwise */
-               i2 = current->create_child_cfg_iterator(current);
-               while (i2->iterate(i2, (void**)&child))
-               {
-                       if (streq(child->get_name(child), name))
-                       {
-                               found = current;
-                               found->get_ref(found);
-                               break;
-                       }
-               }
-               i2->destroy(i2);
-               if (found)
-               {
-                       break;
-               }
-       }
-       i1->destroy(i1);
-       return found;
-}
-
-/**
  * logging dummy
  */
 static bool dbus_log(void *param, signal_t signal, level_t level,
@@ -197,7 +157,7 @@ static bool start_connection(private_dbus_interface_t *this, DBusMessage* msg)
        }
        set_state(this, NM_VPN_STATE_STARTING);
        
-       peer_cfg = get_peer_cfg_by_name(name);
+       peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends, name);
        if (peer_cfg)
        {
                free(this->name);
index 1a82724..74bfa1a 100755 (executable)
@@ -719,46 +719,6 @@ static bool stroke_log(stroke_log_info_t *info, signal_t signal, level_t level,
 }
 
 /**
- * get a peer configuration by its name, or a name of its children
- */
-static peer_cfg_t *get_peer_cfg_by_name(char *name)
-{
-       iterator_t *i1, *i2;
-       peer_cfg_t *current, *found = NULL;
-       child_cfg_t *child;
-
-       i1 = charon->backends->create_iterator(charon->backends);
-       while (i1->iterate(i1, (void**)&current))
-       {
-               /* compare peer_cfgs name first */
-               if (streq(current->get_name(current), name))
-               {
-                       found = current;
-                       found->get_ref(found);
-                       break;
-               }
-               /* compare all child_cfg names otherwise */
-               i2 = current->create_child_cfg_iterator(current);
-               while (i2->iterate(i2, (void**)&child))
-               {
-                       if (streq(child->get_name(child), name))
-                       {
-                               found = current;
-                               found->get_ref(found);
-                               break;
-                       }
-               }
-               i2->destroy(i2);
-               if (found)
-               {
-                       break;
-               }
-       }
-       i1->destroy(i1);
-       return found;
-}
-
-/**
  * initiate a connection by name
  */
 static void stroke_initiate(stroke_msg_t *msg, FILE *out)
@@ -770,7 +730,8 @@ static void stroke_initiate(stroke_msg_t *msg, FILE *out)
        pop_string(msg, &(msg->initiate.name));
        DBG1(DBG_CFG, "received stroke: initiate '%s'", msg->initiate.name);
        
-       peer_cfg = get_peer_cfg_by_name(msg->initiate.name);
+       peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
+                                                                                                         msg->initiate.name);
        if (peer_cfg == NULL)
        {
                fprintf(out, "no config named '%s'\n", msg->initiate.name);
@@ -818,7 +779,8 @@ static void stroke_route(stroke_msg_t *msg, FILE *out)
        pop_string(msg, &(msg->route.name));
        DBG1(DBG_CFG, "received stroke: route '%s'", msg->route.name);
        
-       peer_cfg = get_peer_cfg_by_name(msg->route.name);
+       peer_cfg = charon->backends->get_peer_cfg_by_name(charon->backends,
+                                                                                                         msg->route.name);
        if (peer_cfg == NULL)
        {
                fprintf(out, "no config named '%s'\n", msg->route.name);
index 85279b8..90ed81e 100644 (file)
@@ -1058,8 +1058,15 @@ identification_t *identification_create_from_string(char *string)
                                
                                if (inet_pton(AF_INET, string, &address) <= 0)
                                {
-                                       free(this);
-                                       return NULL;
+                                       /* not IPv4, mostly FQDN */
+                                       this->type = ID_FQDN;
+                                       this->encoded.ptr = strdup(string);
+                                       this->encoded.len = strlen(string);
+                                       this->public.matches = (bool (*) 
+                                               (identification_t*,identification_t*,int*))matches_string;
+                                       this->public.equals = (bool (*)
+                                               (identification_t*,identification_t*))equals_strcasecmp;
+                                       return &(this->public);
                                }
                                this->encoded = chunk_clone(chunk);
                                this->type = ID_IPV4_ADDR;