fi
if test x$attr = xtrue; then
libhydra_plugins=${libhydra_plugins}" attr"
- pluto_plugins=${pluto_plugins}" attr"
fi
if test x$attr_sql = xtrue -o x$sql = xtrue; then
libhydra_plugins=${libhydra_plugins}" attr-sql"
- pluto_plugins=${pluto_plugins}" attr-sql"
+fi
+if test x$resolve = xtrue; then
+ libhydra_plugins=${libhydra_plugins}" resolve"
fi
AC_SUBST(libstrongswan_plugins)
src/libhydra/Makefile
src/libhydra/plugins/attr/Makefile
src/libhydra/plugins/attr_sql/Makefile
+ src/libhydra/plugins/resolve/Makefile
src/libfreeswan/Makefile
src/libsimaka/Makefile
src/pluto/Makefile
src/libcharon/plugins/stroke/Makefile
src/libcharon/plugins/updown/Makefile
src/libcharon/plugins/dhcp/Makefile
- src/libcharon/plugins/resolve/Makefile
src/libcharon/plugins/unit_tester/Makefile
src/libcharon/plugins/load_tester/Makefile
src/stroke/Makefile
endif
endif
-if USE_RESOLVE
- SUBDIRS += plugins/resolve
- PLUGINS += resolve
-if MONOLITHIC
- libcharon_la_LIBADD += plugins/resolve/libstrongswan-resolve.la
-endif
-endif
-
if USE_ANDROID
SUBDIRS += plugins/android
PLUGINS += android
+++ /dev/null
-
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
- -I$(top_srcdir)/src/libcharon
-
-AM_CFLAGS = -rdynamic \
- -DRESOLV_CONF=\"${resolv_conf}\"
-
-if MONOLITHIC
-noinst_LTLIBRARIES = libstrongswan-resolve.la
-else
-plugin_LTLIBRARIES = libstrongswan-resolve.la
-endif
-
-libstrongswan_resolve_la_SOURCES = \
- resolve_plugin.h resolve_plugin.c \
- resolve_handler.h resolve_handler.c
-
-libstrongswan_resolve_la_LDFLAGS = -module -avoid-version
+++ /dev/null
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "resolve_handler.h"
-
-#include <unistd.h>
-
-#include <daemon.h>
-#include <threading/mutex.h>
-
-typedef struct private_resolve_handler_t private_resolve_handler_t;
-
-/**
- * Private data of an resolve_handler_t object.
- */
-struct private_resolve_handler_t {
-
- /**
- * Public resolve_handler_t interface.
- */
- resolve_handler_t public;
-
- /**
- * resolv.conf file to use
- */
- char *file;
-
- /**
- * Mutex to access file exclusively
- */
- mutex_t *mutex;
-};
-
-/**
- * Implementation of attribute_handler_t.handle
- */
-static bool handle(private_resolve_handler_t *this, identification_t *server,
- configuration_attribute_type_t type, chunk_t data)
-{
- FILE *in, *out;
- char buf[1024];
- host_t *addr;
- size_t len;
- bool handled = FALSE;
-
- switch (type)
- {
- case INTERNAL_IP4_DNS:
- addr = host_create_from_chunk(AF_INET, data, 0);
- break;
- case INTERNAL_IP6_DNS:
- addr = host_create_from_chunk(AF_INET6, data, 0);
- break;
- default:
- return FALSE;
- }
-
- if (!addr || addr->is_anyaddr(addr))
- {
- DESTROY_IF(addr);
- return FALSE;
- }
- this->mutex->lock(this->mutex);
-
- in = fopen(this->file, "r");
- /* allows us to stream from in to out */
- unlink(this->file);
- out = fopen(this->file, "w");
- if (out)
- {
- fprintf(out, "nameserver %H # by strongSwan, from %Y\n", addr, server);
- DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file);
- handled = TRUE;
-
- /* copy rest of the file */
- if (in)
- {
- while ((len = fread(buf, 1, sizeof(buf), in)))
- {
- ignore_result(fwrite(buf, 1, len, out));
- }
- }
- fclose(out);
- }
- if (in)
- {
- fclose(in);
- }
- this->mutex->unlock(this->mutex);
- addr->destroy(addr);
-
- if (!handled)
- {
- DBG1(DBG_IKE, "adding DNS server failed", this->file);
- }
- return handled;
-}
-
-/**
- * Implementation of attribute_handler_t.release
- */
-static void release(private_resolve_handler_t *this, identification_t *server,
- configuration_attribute_type_t type, chunk_t data)
-{
- FILE *in, *out;
- char line[1024], matcher[512], *pos;
- host_t *addr;
- int family;
-
- switch (type)
- {
- case INTERNAL_IP4_DNS:
- family = AF_INET;
- break;
- case INTERNAL_IP6_DNS:
- family = AF_INET6;
- break;
- default:
- return;
- }
-
- this->mutex->lock(this->mutex);
-
- in = fopen(this->file, "r");
- if (in)
- {
- /* allows us to stream from in to out */
- unlink(this->file);
- out = fopen(this->file, "w");
- if (out)
- {
- addr = host_create_from_chunk(family, data, 0);
- snprintf(matcher, sizeof(matcher),
- "nameserver %H # by strongSwan, from %Y\n",
- addr, server);
-
- /* copy all, but matching line */
- while ((pos = fgets(line, sizeof(line), in)))
- {
- if (strneq(line, matcher, strlen(matcher)))
- {
- DBG1(DBG_IKE, "removing DNS server %H from %s",
- addr, this->file);
- }
- else
- {
- fputs(line, out);
- }
- }
- addr->destroy(addr);
- fclose(out);
- }
- fclose(in);
- }
-
- this->mutex->unlock(this->mutex);
-}
-
-/**
- * Attribute enumerator implementation
- */
-typedef struct {
- /** implements enumerator_t interface */
- enumerator_t public;
- /** virtual IP we are requesting */
- host_t *vip;
-} attribute_enumerator_t;
-
-/**
- * Implementation of create_attribute_enumerator().enumerate()
- */
-static bool attribute_enumerate(attribute_enumerator_t *this,
- configuration_attribute_type_t *type, chunk_t *data)
-{
- switch (this->vip->get_family(this->vip))
- {
- case AF_INET:
- *type = INTERNAL_IP4_DNS;
- break;
- case AF_INET6:
- *type = INTERNAL_IP6_DNS;
- break;
- default:
- return FALSE;
- }
- *data = chunk_empty;
- /* enumerate only once */
- this->public.enumerate = (void*)return_false;
- return TRUE;
-}
-
-/**
- * Implementation of attribute_handler_t.create_attribute_enumerator
- */
-static enumerator_t* create_attribute_enumerator(private_resolve_handler_t *this,
- identification_t *server, host_t *vip)
-{
- if (vip)
- {
- attribute_enumerator_t *enumerator;
-
- enumerator = malloc_thing(attribute_enumerator_t);
- enumerator->public.enumerate = (void*)attribute_enumerate;
- enumerator->public.destroy = (void*)free;
- enumerator->vip = vip;
-
- return &enumerator->public;
- }
- return enumerator_create_empty();
-}
-
-/**
- * Implementation of resolve_handler_t.destroy.
- */
-static void destroy(private_resolve_handler_t *this)
-{
- this->mutex->destroy(this->mutex);
- free(this);
-}
-
-/**
- * See header
- */
-resolve_handler_t *resolve_handler_create()
-{
- private_resolve_handler_t *this = malloc_thing(private_resolve_handler_t);
-
- this->public.handler.handle = (bool(*)(attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))handle;
- this->public.handler.release = (void(*)(attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))release;
- this->public.handler.create_attribute_enumerator = (enumerator_t*(*)(attribute_handler_t*, identification_t *server, host_t *vip))create_attribute_enumerator;
- this->public.destroy = (void(*)(resolve_handler_t*))destroy;
-
- this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
- this->file = lib->settings->get_str(lib->settings,
- "charon.plugins.resolve.file", RESOLV_CONF);
-
- return &this->public;
-}
-
+++ /dev/null
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup resolve_handler resolve_handler
- * @{ @ingroup resolve
- */
-
-#ifndef RESOLVE_HANDLER_H_
-#define RESOLVE_HANDLER_H_
-
-#include <attributes/attribute_handler.h>
-
-typedef struct resolve_handler_t resolve_handler_t;
-
-/**
- * Handle DNS configuration attributes by mangling a resolv.conf file.
- */
-struct resolve_handler_t {
-
- /**
- * Implements the attribute_handler_t interface
- */
- attribute_handler_t handler;
-
- /**
- * Destroy a resolve_handler_t.
- */
- void (*destroy)(resolve_handler_t *this);
-};
-
-/**
- * Create a resolve_handler instance.
- */
-resolve_handler_t *resolve_handler_create();
-
-#endif /** RESOLVE_HANDLER_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "resolve_plugin.h"
-#include "resolve_handler.h"
-
-#include <hydra.h>
-
-typedef struct private_resolve_plugin_t private_resolve_plugin_t;
-
-/**
- * private data of resolve plugin
- */
-struct private_resolve_plugin_t {
-
- /**
- * implements plugin interface
- */
- resolve_plugin_t public;
-
- /**
- * The registerd DNS attribute handler
- */
- resolve_handler_t *handler;
-};
-
-/**
- * Implementation of plugin_t.destroy
- */
-static void destroy(private_resolve_plugin_t *this)
-{
- hydra->attributes->remove_handler(hydra->attributes, &this->handler->handler);
- this->handler->destroy(this->handler);
- free(this);
-}
-
-/*
- * see header file
- */
-plugin_t *resolve_plugin_create()
-{
- private_resolve_plugin_t *this = malloc_thing(private_resolve_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
- this->handler = resolve_handler_create();
- hydra->attributes->add_handler(hydra->attributes, &this->handler->handler);
-
- return &this->public.plugin;
-}
-
+++ /dev/null
-/*
- * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup resolve resolve
- * @ingroup cplugins
- *
- * @defgroup resolve_plugin resolve_plugin
- * @{ @ingroup resolve
- */
-
-#ifndef RESOLVE_PLUGIN_H_
-#define RESOLVE_PLUGIN_H_
-
-#include <plugins/plugin.h>
-
-typedef struct resolve_plugin_t resolve_plugin_t;
-
-/**
- * Plugin that writes received DNS servers in a resolv.conf file.
- */
-struct resolve_plugin_t {
-
- /**
- * implements plugin interface
- */
- plugin_t plugin;
-};
-
-#endif /** RESOLVE_PLUGIN_H_ @}*/
endif
endif
+if USE_RESOLVE
+ SUBDIRS += plugins/resolve
+if MONOLITHIC
+ libhydra_la_LIBADD += plugins/resolve/libstrongswan-resolve.la
+endif
+endif
+
--- /dev/null
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
+ -I$(top_srcdir)/src/libcharon
+
+AM_CFLAGS = -rdynamic \
+ -DRESOLV_CONF=\"${resolv_conf}\"
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-resolve.la
+else
+plugin_LTLIBRARIES = libstrongswan-resolve.la
+endif
+
+libstrongswan_resolve_la_SOURCES = \
+ resolve_plugin.h resolve_plugin.c \
+ resolve_handler.h resolve_handler.c
+
+libstrongswan_resolve_la_LDFLAGS = -module -avoid-version
--- /dev/null
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "resolve_handler.h"
+
+#include <unistd.h>
+
+#include <hydra.h>
+#include <debug.h>
+#include <threading/mutex.h>
+
+typedef struct private_resolve_handler_t private_resolve_handler_t;
+
+/**
+ * Private data of an resolve_handler_t object.
+ */
+struct private_resolve_handler_t {
+
+ /**
+ * Public resolve_handler_t interface.
+ */
+ resolve_handler_t public;
+
+ /**
+ * resolv.conf file to use
+ */
+ char *file;
+
+ /**
+ * Mutex to access file exclusively
+ */
+ mutex_t *mutex;
+};
+
+/**
+ * Implementation of attribute_handler_t.handle
+ */
+static bool handle(private_resolve_handler_t *this, identification_t *server,
+ configuration_attribute_type_t type, chunk_t data)
+{
+ FILE *in, *out;
+ char buf[1024];
+ host_t *addr;
+ size_t len;
+ bool handled = FALSE;
+
+ switch (type)
+ {
+ case INTERNAL_IP4_DNS:
+ addr = host_create_from_chunk(AF_INET, data, 0);
+ break;
+ case INTERNAL_IP6_DNS:
+ addr = host_create_from_chunk(AF_INET6, data, 0);
+ break;
+ default:
+ return FALSE;
+ }
+
+ if (!addr || addr->is_anyaddr(addr))
+ {
+ DESTROY_IF(addr);
+ return FALSE;
+ }
+ this->mutex->lock(this->mutex);
+
+ in = fopen(this->file, "r");
+ /* allows us to stream from in to out */
+ unlink(this->file);
+ out = fopen(this->file, "w");
+ if (out)
+ {
+ fprintf(out, "nameserver %H # by strongSwan, from %Y\n", addr, server);
+ DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file);
+ handled = TRUE;
+
+ /* copy rest of the file */
+ if (in)
+ {
+ while ((len = fread(buf, 1, sizeof(buf), in)))
+ {
+ ignore_result(fwrite(buf, 1, len, out));
+ }
+ }
+ fclose(out);
+ }
+ if (in)
+ {
+ fclose(in);
+ }
+ this->mutex->unlock(this->mutex);
+ addr->destroy(addr);
+
+ if (!handled)
+ {
+ DBG1(DBG_IKE, "adding DNS server failed", this->file);
+ }
+ return handled;
+}
+
+/**
+ * Implementation of attribute_handler_t.release
+ */
+static void release(private_resolve_handler_t *this, identification_t *server,
+ configuration_attribute_type_t type, chunk_t data)
+{
+ FILE *in, *out;
+ char line[1024], matcher[512], *pos;
+ host_t *addr;
+ int family;
+
+ switch (type)
+ {
+ case INTERNAL_IP4_DNS:
+ family = AF_INET;
+ break;
+ case INTERNAL_IP6_DNS:
+ family = AF_INET6;
+ break;
+ default:
+ return;
+ }
+
+ this->mutex->lock(this->mutex);
+
+ in = fopen(this->file, "r");
+ if (in)
+ {
+ /* allows us to stream from in to out */
+ unlink(this->file);
+ out = fopen(this->file, "w");
+ if (out)
+ {
+ addr = host_create_from_chunk(family, data, 0);
+ snprintf(matcher, sizeof(matcher),
+ "nameserver %H # by strongSwan, from %Y\n",
+ addr, server);
+
+ /* copy all, but matching line */
+ while ((pos = fgets(line, sizeof(line), in)))
+ {
+ if (strneq(line, matcher, strlen(matcher)))
+ {
+ DBG1(DBG_IKE, "removing DNS server %H from %s",
+ addr, this->file);
+ }
+ else
+ {
+ fputs(line, out);
+ }
+ }
+ addr->destroy(addr);
+ fclose(out);
+ }
+ fclose(in);
+ }
+
+ this->mutex->unlock(this->mutex);
+}
+
+/**
+ * Attribute enumerator implementation
+ */
+typedef struct {
+ /** implements enumerator_t interface */
+ enumerator_t public;
+ /** virtual IP we are requesting */
+ host_t *vip;
+} attribute_enumerator_t;
+
+/**
+ * Implementation of create_attribute_enumerator().enumerate()
+ */
+static bool attribute_enumerate(attribute_enumerator_t *this,
+ configuration_attribute_type_t *type, chunk_t *data)
+{
+ switch (this->vip->get_family(this->vip))
+ {
+ case AF_INET:
+ *type = INTERNAL_IP4_DNS;
+ break;
+ case AF_INET6:
+ *type = INTERNAL_IP6_DNS;
+ break;
+ default:
+ return FALSE;
+ }
+ *data = chunk_empty;
+ /* enumerate only once */
+ this->public.enumerate = (void*)return_false;
+ return TRUE;
+}
+
+/**
+ * Implementation of attribute_handler_t.create_attribute_enumerator
+ */
+static enumerator_t* create_attribute_enumerator(private_resolve_handler_t *this,
+ identification_t *server, host_t *vip)
+{
+ if (vip)
+ {
+ attribute_enumerator_t *enumerator;
+
+ enumerator = malloc_thing(attribute_enumerator_t);
+ enumerator->public.enumerate = (void*)attribute_enumerate;
+ enumerator->public.destroy = (void*)free;
+ enumerator->vip = vip;
+
+ return &enumerator->public;
+ }
+ return enumerator_create_empty();
+}
+
+/**
+ * Implementation of resolve_handler_t.destroy.
+ */
+static void destroy(private_resolve_handler_t *this)
+{
+ this->mutex->destroy(this->mutex);
+ free(this);
+}
+
+/**
+ * See header
+ */
+resolve_handler_t *resolve_handler_create()
+{
+ private_resolve_handler_t *this = malloc_thing(private_resolve_handler_t);
+
+ this->public.handler.handle = (bool(*)(attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))handle;
+ this->public.handler.release = (void(*)(attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))release;
+ this->public.handler.create_attribute_enumerator = (enumerator_t*(*)(attribute_handler_t*, identification_t *server, host_t *vip))create_attribute_enumerator;
+ this->public.destroy = (void(*)(resolve_handler_t*))destroy;
+
+ this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ this->file = lib->settings->get_str(lib->settings,
+ "%s.plugins.resolve.file", RESOLV_CONF, hydra->daemon);
+
+ return &this->public;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup resolve_handler resolve_handler
+ * @{ @ingroup resolve
+ */
+
+#ifndef RESOLVE_HANDLER_H_
+#define RESOLVE_HANDLER_H_
+
+#include <attributes/attribute_handler.h>
+
+typedef struct resolve_handler_t resolve_handler_t;
+
+/**
+ * Handle DNS configuration attributes by mangling a resolv.conf file.
+ */
+struct resolve_handler_t {
+
+ /**
+ * Implements the attribute_handler_t interface
+ */
+ attribute_handler_t handler;
+
+ /**
+ * Destroy a resolve_handler_t.
+ */
+ void (*destroy)(resolve_handler_t *this);
+};
+
+/**
+ * Create a resolve_handler instance.
+ */
+resolve_handler_t *resolve_handler_create();
+
+#endif /** RESOLVE_HANDLER_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "resolve_plugin.h"
+#include "resolve_handler.h"
+
+#include <hydra.h>
+
+typedef struct private_resolve_plugin_t private_resolve_plugin_t;
+
+/**
+ * private data of resolve plugin
+ */
+struct private_resolve_plugin_t {
+
+ /**
+ * implements plugin interface
+ */
+ resolve_plugin_t public;
+
+ /**
+ * The registerd DNS attribute handler
+ */
+ resolve_handler_t *handler;
+};
+
+/**
+ * Implementation of plugin_t.destroy
+ */
+static void destroy(private_resolve_plugin_t *this)
+{
+ hydra->attributes->remove_handler(hydra->attributes, &this->handler->handler);
+ this->handler->destroy(this->handler);
+ free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *resolve_plugin_create()
+{
+ private_resolve_plugin_t *this = malloc_thing(private_resolve_plugin_t);
+
+ this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
+ this->handler = resolve_handler_create();
+ hydra->attributes->add_handler(hydra->attributes, &this->handler->handler);
+
+ return &this->public.plugin;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup resolve resolve
+ * @ingroup cplugins
+ *
+ * @defgroup resolve_plugin resolve_plugin
+ * @{ @ingroup resolve
+ */
+
+#ifndef RESOLVE_PLUGIN_H_
+#define RESOLVE_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct resolve_plugin_t resolve_plugin_t;
+
+/**
+ * Plugin that writes received DNS servers in a resolv.conf file.
+ */
+struct resolve_plugin_t {
+
+ /**
+ * implements plugin interface
+ */
+ plugin_t plugin;
+};
+
+#endif /** RESOLVE_PLUGIN_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "resolve_handler.h"
+
+#include <unistd.h>
+
+#include <hydra.h>
+#include <debug.h>
+#include <threading/mutex.h>
+
+typedef struct private_resolve_handler_t private_resolve_handler_t;
+
+/**
+ * Private data of an resolve_handler_t object.
+ */
+struct private_resolve_handler_t {
+
+ /**
+ * Public resolve_handler_t interface.
+ */
+ resolve_handler_t public;
+
+ /**
+ * resolv.conf file to use
+ */
+ char *file;
+
+ /**
+ * Mutex to access file exclusively
+ */
+ mutex_t *mutex;
+};
+
+/**
+ * Implementation of attribute_handler_t.handle
+ */
+static bool handle(private_resolve_handler_t *this, identification_t *server,
+ configuration_attribute_type_t type, chunk_t data)
+{
+ FILE *in, *out;
+ char buf[1024];
+ host_t *addr;
+ size_t len;
+ bool handled = FALSE;
+
+ switch (type)
+ {
+ case INTERNAL_IP4_DNS:
+ addr = host_create_from_chunk(AF_INET, data, 0);
+ break;
+ case INTERNAL_IP6_DNS:
+ addr = host_create_from_chunk(AF_INET6, data, 0);
+ break;
+ default:
+ return FALSE;
+ }
+
+ if (!addr || addr->is_anyaddr(addr))
+ {
+ DESTROY_IF(addr);
+ return FALSE;
+ }
+ this->mutex->lock(this->mutex);
+
+ in = fopen(this->file, "r");
+ /* allows us to stream from in to out */
+ unlink(this->file);
+ out = fopen(this->file, "w");
+ if (out)
+ {
+ fprintf(out, "nameserver %H # by strongSwan, from %Y\n", addr, server);
+ DBG1(DBG_IKE, "installing DNS server %H to %s", addr, this->file);
+ handled = TRUE;
+
+ /* copy rest of the file */
+ if (in)
+ {
+ while ((len = fread(buf, 1, sizeof(buf), in)))
+ {
+ ignore_result(fwrite(buf, 1, len, out));
+ }
+ }
+ fclose(out);
+ }
+ if (in)
+ {
+ fclose(in);
+ }
+ this->mutex->unlock(this->mutex);
+ addr->destroy(addr);
+
+ if (!handled)
+ {
+ DBG1(DBG_IKE, "adding DNS server failed", this->file);
+ }
+ return handled;
+}
+
+/**
+ * Implementation of attribute_handler_t.release
+ */
+static void release(private_resolve_handler_t *this, identification_t *server,
+ configuration_attribute_type_t type, chunk_t data)
+{
+ FILE *in, *out;
+ char line[1024], matcher[512], *pos;
+ host_t *addr;
+ int family;
+
+ switch (type)
+ {
+ case INTERNAL_IP4_DNS:
+ family = AF_INET;
+ break;
+ case INTERNAL_IP6_DNS:
+ family = AF_INET6;
+ break;
+ default:
+ return;
+ }
+
+ this->mutex->lock(this->mutex);
+
+ in = fopen(this->file, "r");
+ if (in)
+ {
+ /* allows us to stream from in to out */
+ unlink(this->file);
+ out = fopen(this->file, "w");
+ if (out)
+ {
+ addr = host_create_from_chunk(family, data, 0);
+ snprintf(matcher, sizeof(matcher),
+ "nameserver %H # by strongSwan, from %Y\n",
+ addr, server);
+
+ /* copy all, but matching line */
+ while ((pos = fgets(line, sizeof(line), in)))
+ {
+ if (strneq(line, matcher, strlen(matcher)))
+ {
+ DBG1(DBG_IKE, "removing DNS server %H from %s",
+ addr, this->file);
+ }
+ else
+ {
+ fputs(line, out);
+ }
+ }
+ addr->destroy(addr);
+ fclose(out);
+ }
+ fclose(in);
+ }
+
+ this->mutex->unlock(this->mutex);
+}
+
+/**
+ * Attribute enumerator implementation
+ */
+typedef struct {
+ /** implements enumerator_t interface */
+ enumerator_t public;
+ /** virtual IP we are requesting */
+ host_t *vip;
+} attribute_enumerator_t;
+
+/**
+ * Implementation of create_attribute_enumerator().enumerate()
+ */
+static bool attribute_enumerate(attribute_enumerator_t *this,
+ configuration_attribute_type_t *type, chunk_t *data)
+{
+ switch (this->vip->get_family(this->vip))
+ {
+ case AF_INET:
+ *type = INTERNAL_IP4_DNS;
+ break;
+ case AF_INET6:
+ *type = INTERNAL_IP6_DNS;
+ break;
+ default:
+ return FALSE;
+ }
+ *data = chunk_empty;
+ /* enumerate only once */
+ this->public.enumerate = (void*)return_false;
+ return TRUE;
+}
+
+/**
+ * Implementation of attribute_handler_t.create_attribute_enumerator
+ */
+static enumerator_t* create_attribute_enumerator(private_resolve_handler_t *this,
+ identification_t *server, host_t *vip)
+{
+ if (vip)
+ {
+ attribute_enumerator_t *enumerator;
+
+ enumerator = malloc_thing(attribute_enumerator_t);
+ enumerator->public.enumerate = (void*)attribute_enumerate;
+ enumerator->public.destroy = (void*)free;
+ enumerator->vip = vip;
+
+ return &enumerator->public;
+ }
+ return enumerator_create_empty();
+}
+
+/**
+ * Implementation of resolve_handler_t.destroy.
+ */
+static void destroy(private_resolve_handler_t *this)
+{
+ this->mutex->destroy(this->mutex);
+ free(this);
+}
+
+/**
+ * See header
+ */
+resolve_handler_t *resolve_handler_create()
+{
+ private_resolve_handler_t *this = malloc_thing(private_resolve_handler_t);
+
+ this->public.handler.handle = (bool(*)(attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))handle;
+ this->public.handler.release = (void(*)(attribute_handler_t*, identification_t*, configuration_attribute_type_t, chunk_t))release;
+ this->public.handler.create_attribute_enumerator = (enumerator_t*(*)(attribute_handler_t*, identification_t *server, host_t *vip))create_attribute_enumerator;
+ this->public.destroy = (void(*)(resolve_handler_t*))destroy;
+
+ this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ this->file = lib->settings->get_str(lib->settings,
+ "%s.plugins.resolve.file", RESOLV_CONF, hydra->daemon);
+
+ return &this->public;
+}
+
-DIPSEC_CONFDIR=\"${sysconfdir}\" \
-DIPSEC_PIDDIR=\"${piddir}\" \
-DSHARED_SECRETS_FILE=\"${sysconfdir}/ipsec.secrets\" \
--DPLUGINS=\""${pluto_plugins}\"" \
+-DPLUGINS=\""${pluto_plugins} ${libhydra_plugins}\"" \
-DPKCS11_DEFAULT_LIB=\"${default_pkcs11}\" \
-DKERNEL26_SUPPORT -DKERNEL26_HAS_KAME_DUPLICATES \
-DPLUTO -DKLIPS -DDEBUG
projects / strongswan.git / commitdiff