- first attempt for connection loading and starting via "stroke"
authorMartin Willi <martin@strongswan.org>
Tue, 14 Mar 2006 13:22:48 +0000 (13:22 -0000)
committerMartin Willi <martin@strongswan.org>
Tue, 14 Mar 2006 13:22:48 +0000 (13:22 -0000)
- some improvements here and there

21 files changed:
Source/charon/Makefile
Source/charon/config/Makefile.config
Source/charon/config/init_config.c
Source/charon/config/init_config.h
Source/charon/config/starter_configuration.c [deleted file]
Source/charon/config/starter_configuration.h [deleted file]
Source/charon/config/static_configuration.c
Source/charon/config/stroke_configuration.c [new file with mode: 0755]
Source/charon/config/stroke_configuration.h [new file with mode: 0644]
Source/charon/config/traffic_selector.c
Source/charon/config/traffic_selector.h
Source/charon/daemon.c
Source/charon/daemon.h
Source/charon/sa/child_sa.c
Source/charon/sa/ike_sa.c
Source/charon/sa/states/ike_sa_established.c
Source/charon/sa/states/initiator_init.c
Source/charon/testcases/init_config_test.c
Source/charon/threads/thread_pool.c
Source/charon/utils/logger_manager.c
Source/charon/utils/logger_manager.h

index 88928d2..14c0d59 100644 (file)
@@ -18,7 +18,7 @@ MAIN_DIR= ./
 
 LDFLAGS= -lgmp -lpthread
 
-CFLAGS+= -Wall -I. -g -DLEAK_DETECTIVE 
+CFLAGS+= -I. -Wall -g -DLEAK_DETECTIVE 
 
 # objects is extended by each included Makefile
 OBJS= 
index f4786be..b8b9662 100644 (file)
@@ -36,6 +36,6 @@ OBJS+= $(BUILD_DIR)static_configuration.o
 $(BUILD_DIR)static_configuration.o :           $(CONFIG_DIR)static_configuration.c $(CONFIG_DIR)static_configuration.h
                                                                                        $(CC) $(CFLAGS) -c -o $@ $<
 
-OBJS+= $(BUILD_DIR)starter_configuration.o
-$(BUILD_DIR)starter_configuration.o :          $(CONFIG_DIR)starter_configuration.c $(CONFIG_DIR)starter_configuration.h
+OBJS+= $(BUILD_DIR)stroke_configuration.o
+$(BUILD_DIR)stroke_configuration.o :           $(CONFIG_DIR)stroke_configuration.c $(CONFIG_DIR)stroke_configuration.h
                                                                                        $(CC) $(CFLAGS) -c -o $@ $<
\ No newline at end of file
index 92871dd..e639c2f 100644 (file)
@@ -215,7 +215,7 @@ static void destroy (private_init_config_t *this)
 /**
  * Described in header.
  */
-init_config_t * init_config_create(char * my_ip, char *other_ip, u_int16_t my_port, u_int16_t other_port)
+init_config_t * init_config_create(host_t *me, host_t *other)
 {
        private_init_config_t *this = allocator_alloc_thing(private_init_config_t);
 
@@ -232,8 +232,8 @@ init_config_t * init_config_create(char * my_ip, char *other_ip, u_int16_t my_po
        this->public.destroy = (void(*)(init_config_t*))destroy;
        
        /* private variables */
-       this->my_host = host_create(AF_INET,my_ip, my_port);
-       this->other_host = host_create(AF_INET,other_ip, other_port);
+       this->my_host = me;
+       this->other_host = other;
                
        this->proposals = linked_list_create();
 
index f63df61..e9f1aa5 100644 (file)
@@ -148,12 +148,18 @@ struct init_config_t {
 };
 
 /**
- * @brief Creates a init_config_t object.
+ * @brief Creates a init_config_t object from two host_t's.
  * 
+ * Supplied hosts become owned by init_config, so 
+ * do not modify or destroy them after a call to 
+ * init_config_create_from_hosts().
+ * 
+ * @param me           host_t object representing local address
+ * @param other                host_t object representing remote address
  * @return init_config_t object.
  * 
  * @ingroup config
  */
-init_config_t * init_config_create(char *my_ip, char *other_ip, u_int16_t my_port, u_int16_t other_port);
+init_config_t * init_config_create(host_t *me, host_t *other);
 
-#endif //_INIT_CONFIG_H_
+#endif /* _INIT_CONFIG_H_ */
diff --git a/Source/charon/config/starter_configuration.c b/Source/charon/config/starter_configuration.c
deleted file mode 100755 (executable)
index 938a2b7..0000000
+++ /dev/null
@@ -1,882 +0,0 @@
-/**
- * @file starter_configuration.c
- * 
- * @brief Implementation of starter_configuration_t.
- * 
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <pthread.h>
-
-#include "starter_configuration.h"
-
-#include <types.h>
-#include <daemon.h>
-#include <utils/allocator.h>
-
-
-/**
- * First retransmit timeout in milliseconds.
- * 
- * Timeout value is increasing in each retransmit round.
- */
-#define RETRANSMIT_TIMEOUT 3000
-
-/**
- * Timeout in milliseconds after that a half open IKE_SA gets deleted.
- */
-#define HALF_OPEN_IKE_SA_TIMEOUT 30000
-
-/**
- * Max retransmit count.
- * 0 for infinite. The max time a half open IKE_SA is alive is set by 
- * RETRANSMIT_TIMEOUT.
- */
-#define MAX_RETRANSMIT_COUNT 0
-
-
-struct sockaddr_un socket_addr = { AF_UNIX, "/var/run/pluto.ctl"};
-
-
-typedef struct preshared_secret_entry_t preshared_secret_entry_t;
-
-/**
- * A preshared secret entry combines an identifier and a 
- * preshared secret.
- */
-struct preshared_secret_entry_t {
-
-       /**
-        * Identification.
-        */
-       identification_t *identification;
-       
-       /**
-        * Preshared secret as chunk_t. The NULL termination is not included.
-        */     
-       chunk_t preshared_secret;
-};
-
-
-typedef struct rsa_private_key_entry_t rsa_private_key_entry_t;
-
-/**
- * Entry for a rsa private key.
- */
-struct rsa_private_key_entry_t {
-
-       /**
-        * Identification.
-        */
-       identification_t *identification;
-       
-       /**
-        * Private key.
-        */     
-       rsa_private_key_t* private_key;
-};
-
-typedef struct rsa_public_key_entry_t rsa_public_key_entry_t;
-
-/**
- * Entry for a rsa private key.
- */
-struct rsa_public_key_entry_t {
-
-       /**
-        * Identification.
-        */
-       identification_t *identification;
-       
-       /**
-        * Private key.
-        */     
-       rsa_public_key_t* public_key;
-};
-
-typedef struct configuration_entry_t configuration_entry_t;
-
-/**
- * A configuration entry combines a configuration name with a init and sa 
- * configuration represented as init_config_t and sa_config_t objects.
- * 
- * @b Constructors:
- *  - configuration_entry_create()
- */
-struct configuration_entry_t {
-       
-       /**
-        * Configuration name.
-        * 
-        */
-       char *name;
-       
-       /**
-        * Configuration for IKE_SA_INIT exchange.
-        */
-       init_config_t *init_config;
-
-       /**
-        * Configuration for all phases after IKE_SA_INIT exchange.
-        */
-       sa_config_t *sa_config;
-       
-       /**
-        * Destroys a configuration_entry_t
-        * 
-        * @param this                          calling object
-        */
-       void (*destroy) (configuration_entry_t *this);
-};
-
-/**
- * Implementation of configuration_entry_t.destroy.
- */
-static void configuration_entry_destroy (configuration_entry_t *this)
-{
-       allocator_free(this->name);
-       allocator_free(this);
-}
-
-/**
- * @brief Creates a configuration_entry_t object.
- * 
- * @param name                         name of the configuration entry (gets copied)
- * @param init_config  object of type init_config_t
- * @param sa_config            object of type sa_config_t
- */
-static configuration_entry_t * configuration_entry_create(char * name, init_config_t * init_config, sa_config_t * sa_config)
-{
-       configuration_entry_t *entry = allocator_alloc_thing(configuration_entry_t);
-
-       /* functions */
-       entry->destroy = configuration_entry_destroy;
-
-       /* private data */
-       entry->init_config = init_config;
-       entry->sa_config = sa_config;
-       entry->name = allocator_alloc(strlen(name) + 1);
-       strcpy(entry->name,name);
-       return entry;
-}
-
-typedef struct private_starter_configuration_t private_starter_configuration_t;
-
-/**
- * Private data of an starter_configuration_t object.
- */
-struct private_starter_configuration_t {
-
-       /**
-        * Public part of starter_configuration_t object.
-        */
-       starter_configuration_t public;
-
-       /**
-        * Holding all configurations.
-        */
-       linked_list_t *configurations;
-
-       /**
-        * Holding all managed init_configs.
-        */
-       linked_list_t *init_configs;
-
-       /**
-        * Holding all managed init_configs.
-        */
-       linked_list_t *sa_configs;
-       
-       /**
-        * Holding all managed preshared secrets.
-        */
-       linked_list_t *preshared_secrets;
-       
-       /**
-        * Holding all managed private secrets.
-        */
-       linked_list_t *rsa_private_keys;
-       
-       /**
-        * Holding all managed public secrets.
-        */
-       linked_list_t *rsa_public_keys;
-
-       /**
-        * Assigned logger_t object.
-        */
-       logger_t *logger;
-       
-       /**
-        * Max number of requests to be retransmitted.
-        * 0 for infinite.
-        */     
-       u_int32_t max_retransmit_count;
-       
-       /**
-        * First retransmit timeout in ms.
-        */
-       u_int32_t first_retransmit_timeout;
-       
-       /**
-        * Timeout in ms after that time a IKE_SA gets deleted.
-        */
-       u_int32_t half_open_ike_sa_timeout;
-       
-       int socket;
-       
-       pthread_t assigned_thread;
-
-       /**
-        * Adds a new IKE_SA configuration.
-        * 
-        * @param this                          calling object
-        * @param name                          name for the configuration
-        * @param init_config           init_config_t object
-        * @param sa_config                     sa_config_t object
-        */
-       void (*add_new_configuration) (private_starter_configuration_t *this, char *name, init_config_t *init_config, sa_config_t *sa_config);
-       
-       /**
-        * Adds a new preshared secret.
-        * 
-        * @param this                          calling object
-        * @param type                          type of identification
-        * @param id_string                     identification as string
-        * @param preshared_secret      preshared secret as string
-        */
-       void (*add_new_preshared_secret) (private_starter_configuration_t *this,id_type_t type, char *id_string, char *preshared_secret);
-       
-       /**
-        * Adds a new rsa private key.
-        * 
-        * @param this                          calling object
-        * @param type                          type of identification
-        * @param id_string                     identification as string
-        * @param key_pos                       location of key
-        * @param key_len                       length of key
-        */
-       void (*add_new_rsa_private_key) (private_starter_configuration_t *this,id_type_t type, char *id_string, u_int8_t *key_pos, size_t key_len);
-       
-       /**
-        * Adds a new rsa public key.
-        * 
-        * @param this                          calling object
-        * @param type                          type of identification
-        * @param id_string                     identification as string
-        * @param key_pos                       location of key
-        * @param key_len                       length of key
-        */
-       void (*add_new_rsa_public_key) (private_starter_configuration_t *this,id_type_t type, char *id_string, u_int8_t *key_pos, size_t key_len);
-       
-       void (*whack_receive) (private_starter_configuration_t *this);
-};
-
-/**
- * Implementation of private_starter_configuration_t.listen.
- */
-static void whack_receive(private_starter_configuration_t *this)
-{
-       u_int8_t buffer[5000];
-       struct sockaddr_un whackaddr;
-       int whackaddrlen = sizeof(whackaddr);
-       ssize_t n;
-       int whackfd;
-       
-       while (1)
-       {
-               whackfd = accept(this->socket, (struct sockaddr *)&whackaddr, &whackaddrlen);
-       
-               if (whackfd < 0)
-               {
-                       this->logger->log(this->logger, ERROR, "accept() failed in whack_handle()");
-                       continue;
-               }
-               if (fcntl(whackfd, F_SETFD, FD_CLOEXEC) < 0)
-               {
-                       this->logger->log(this->logger, ERROR, "failed to set CLOEXEC in whack_handle()");
-                       close(whackfd);
-                       continue;
-               }
-       
-               n = read(whackfd, &buffer, sizeof(buffer));
-       
-               if (n == -1)
-               {
-                       this->logger->log(this->logger, ERROR, "read() failed in whack_handle()");
-                       close(whackfd);
-                       continue;
-               }
-               this->logger->log_bytes(this->logger, CONTROL, "Whackinput", buffer, n);
-       }
-}
-
-
-/**
- * Implementation of starter_configuration_t.get_init_config_for_host.
- */
-static status_t get_init_config_for_host (private_starter_configuration_t *this, host_t *my_host, host_t *other_host,init_config_t **init_config)
-{
-       iterator_t *iterator;
-       status_t status = NOT_FOUND;
-       
-       iterator = this->configurations->create_iterator(this->configurations,TRUE);
-       
-       this->logger->log(this->logger, CONTROL|LEVEL1, "getting config for hosts %s - %s", 
-                                               my_host->get_address(my_host), other_host->get_address(other_host));
-       
-       while (iterator->has_next(iterator))
-       {
-               configuration_entry_t *entry;
-               host_t *config_my_host;
-               host_t *config_other_host;
-               
-               iterator->current(iterator,(void **) &entry);
-
-               config_my_host = entry->init_config->get_my_host(entry->init_config);
-               config_other_host = entry->init_config->get_other_host(entry->init_config);
-
-               /* first check if ip is equal */
-               if(config_other_host->ip_is_equal(config_other_host,other_host))
-               {
-                       this->logger->log(this->logger, CONTROL|LEVEL2, "config entry with remote host %s", 
-                                               config_other_host->get_address(config_other_host));
-                       /* could be right one, check my_host for default route*/
-                       if (config_my_host->is_default_route(config_my_host))
-                       {
-                               *init_config = entry->init_config;
-                               status = SUCCESS;
-                               break;
-                       }
-                       /* check now if host informations are the same */
-                       else if (config_my_host->ip_is_equal(config_my_host,my_host))
-                       {
-                               *init_config = entry->init_config;
-                               status = SUCCESS;
-                               break;
-                       }
-                       
-               }
-               /* Then check for wildcard hosts!
-                * TODO
-                * actually its only checked if other host with default route can be found! */
-               else if (config_other_host->is_default_route(config_other_host))
-               {
-                       /* could be right one, check my_host for default route*/
-                       if (config_my_host->is_default_route(config_my_host))
-                       {
-                               *init_config = entry->init_config;
-                               status = SUCCESS;
-                               break;
-                       }
-                       /* check now if host informations are the same */
-                       else if (config_my_host->ip_is_equal(config_my_host,my_host))
-                       {
-                               *init_config = entry->init_config;
-                               status = SUCCESS;
-                               break;
-                       }
-               }
-       }
-       
-       iterator->destroy(iterator);
-       
-       return status;
-}
-
-/**
- * Implementation of starter_configuration_t.get_init_config_for_name.
- */
-static status_t get_init_config_for_name (private_starter_configuration_t *this, char *name, init_config_t **init_config)
-{
-       iterator_t *iterator;
-       status_t status = NOT_FOUND;
-       
-       iterator = this->configurations->create_iterator(this->configurations,TRUE);
-       
-       while (iterator->has_next(iterator))
-       {
-               configuration_entry_t *entry;
-               iterator->current(iterator,(void **) &entry);
-
-               if (strcmp(entry->name,name) == 0)
-               {
-
-                       /* found configuration */
-                       *init_config = entry->init_config;
-                       status = SUCCESS;
-                       break;
-               }
-       }
-       
-       iterator->destroy(iterator);
-       
-       return status;
-}
-       
-/**
- * Implementation of starter_configuration_t.get_sa_config_for_name.
- */
-static status_t get_sa_config_for_name (private_starter_configuration_t *this, char *name, sa_config_t **sa_config)
-{
-       iterator_t *iterator;
-       status_t status = NOT_FOUND;
-       
-       iterator = this->configurations->create_iterator(this->configurations,TRUE);
-       
-       while (iterator->has_next(iterator))
-       {
-               configuration_entry_t *entry;
-               iterator->current(iterator,(void **) &entry);
-
-               if (strcmp(entry->name,name) == 0)
-               {
-                       /* found configuration */
-                       *sa_config = entry->sa_config;
-                       status = SUCCESS;
-                       break;
-               }
-       }
-       
-       iterator->destroy(iterator);
-       
-       return status;
-}
-
-/**
- * Implementation of starter_configuration_t.get_sa_config_for_init_config_and_id.
- */
-static status_t get_sa_config_for_init_config_and_id (private_starter_configuration_t *this, init_config_t *init_config, identification_t *other_id, identification_t *my_id,sa_config_t **sa_config)
-{      
-       iterator_t *iterator;
-       status_t status = NOT_FOUND;
-       
-       iterator = this->configurations->create_iterator(this->configurations,TRUE);
-       
-       while (iterator->has_next(iterator))
-       {
-               configuration_entry_t *entry;
-               iterator->current(iterator,(void **) &entry);
-
-               if (entry->init_config == init_config)
-               {
-                       identification_t *config_my_id = entry->sa_config->get_my_id(entry->sa_config);
-                       identification_t *config_other_id = entry->sa_config->get_other_id(entry->sa_config);
-
-                       /* host informations seem to be the same */
-                       if (config_other_id->equals(config_other_id,other_id))
-                       {
-                               /* other ids seems to match */
-                               
-                               if (my_id == NULL)
-                               {
-                                       /* first matching one is selected */
-                                       
-                                       /* TODO priorize found entries */
-                                       *sa_config = entry->sa_config;
-                                       status = SUCCESS;
-                                       break;
-                               }
-
-                               if (config_my_id->equals(config_my_id,my_id))
-                               {
-                                       *sa_config = entry->sa_config;
-                                       status = SUCCESS;
-                                       break;
-                               }
-
-                       }
-               }
-       }
-       
-       iterator->destroy(iterator);
-       
-       return status;
-}
-
-/**
- * Implementation of private_starter_configuration_t.add_new_configuration.
- */
-static void add_new_configuration (private_starter_configuration_t *this, char *name, init_config_t *init_config, sa_config_t *sa_config)
-{
-       iterator_t *iterator;
-       bool found;
-       
-       iterator = this->init_configs->create_iterator(this->init_configs,TRUE);
-       found = FALSE;
-       while (iterator->has_next(iterator))
-       {
-               init_config_t *found_init_config;
-               iterator->current(iterator,(void **) &found_init_config);
-               if (init_config == found_init_config)
-               {
-                       found = TRUE;
-                       break;
-               }
-       }
-       iterator->destroy(iterator);
-       if (!found)
-       {
-               this->init_configs->insert_first(this->init_configs,init_config);
-       }
-       
-       iterator = this->sa_configs->create_iterator(this->sa_configs,TRUE);
-       found = FALSE;
-       while (iterator->has_next(iterator))
-       {
-               sa_config_t *found_sa_config;
-               iterator->current(iterator,(void **) &found_sa_config);
-               if (sa_config == found_sa_config)
-               {
-                       found = TRUE;
-                       break;
-               }
-       }
-       iterator->destroy(iterator);
-       if (!found)
-       {
-               this->sa_configs->insert_first(this->sa_configs,sa_config);
-       }
-
-       this->configurations->insert_last(this->configurations,configuration_entry_create(name,init_config,sa_config));
-}
-
-/**
- * Implementation of private_starter_configuration_t.add_new_preshared_secret.
- */
-static void add_new_preshared_secret (private_starter_configuration_t *this,id_type_t type, char *id_string, char *preshared_secret)
-{
-       preshared_secret_entry_t *entry = allocator_alloc_thing(preshared_secret_entry_t);
-       
-       entry->identification = identification_create_from_string(type,id_string);
-       entry->preshared_secret.len = strlen(preshared_secret) + 1;
-       entry->preshared_secret.ptr = allocator_alloc(entry->preshared_secret.len);
-       memcpy(entry->preshared_secret.ptr,preshared_secret,entry->preshared_secret.len);
-       
-       this->preshared_secrets->insert_last(this->preshared_secrets,entry);
-}
-
-/**
- * Implementation of private_starter_configuration_t.add_new_preshared_secret.
- */
-static void add_new_rsa_public_key (private_starter_configuration_t *this, id_type_t type, char *id_string, u_int8_t* key_pos, size_t key_len)
-{
-       chunk_t key;
-       key.ptr = key_pos;
-       key.len = key_len;
-       
-       rsa_public_key_entry_t *entry = allocator_alloc_thing(rsa_public_key_entry_t);
-       
-       entry->identification = identification_create_from_string(type,id_string);
-       entry->public_key = rsa_public_key_create();
-       entry->public_key->set_key(entry->public_key, key);
-       
-       this->rsa_public_keys->insert_last(this->rsa_public_keys, entry);
-}
-
-/**
- * Implementation of private_starter_configuration_t.add_new_preshared_secret.
- */
-static void add_new_rsa_private_key (private_starter_configuration_t *this, id_type_t type, char *id_string, u_int8_t* key_pos, size_t key_len)
-{
-       chunk_t key;
-       key.ptr = key_pos;
-       key.len = key_len;
-       
-       rsa_private_key_entry_t *entry = allocator_alloc_thing(rsa_private_key_entry_t);
-       
-       entry->identification = identification_create_from_string(type,id_string);
-       entry->private_key = rsa_private_key_create();
-       entry->private_key->set_key(entry->private_key, key);
-       
-       this->rsa_private_keys->insert_last(this->rsa_private_keys, entry);
-}
-
-/**
- * Implementation of starter_configuration_t.get_shared_secret.
- */
-static status_t get_shared_secret(private_starter_configuration_t *this, identification_t *identification, chunk_t *preshared_secret)
-{
-       iterator_t *iterator;
-       
-       iterator = this->preshared_secrets->create_iterator(this->preshared_secrets,TRUE);
-       while (iterator->has_next(iterator))
-       {
-               preshared_secret_entry_t *entry;
-               iterator->current(iterator,(void **) &entry);
-               if (entry->identification->equals(entry->identification,identification))
-               {
-                       *preshared_secret = entry->preshared_secret;
-                       iterator->destroy(iterator);
-                       return SUCCESS;
-               }
-       }
-       iterator->destroy(iterator);
-       return NOT_FOUND;
-}
-
-/**
- * Implementation of starter_configuration_t.get_shared_secret.
- */
-static status_t get_rsa_public_key(private_starter_configuration_t *this, identification_t *identification, rsa_public_key_t **public_key)
-{
-       iterator_t *iterator;
-       
-       iterator = this->rsa_public_keys->create_iterator(this->rsa_public_keys,TRUE);
-       while (iterator->has_next(iterator))
-       {
-               rsa_public_key_entry_t *entry;
-               iterator->current(iterator,(void **) &entry);
-               if (entry->identification->equals(entry->identification,identification))
-               {
-                       *public_key = entry->public_key;
-                       iterator->destroy(iterator);
-                       return SUCCESS;
-               }
-       }
-       iterator->destroy(iterator);
-       return NOT_FOUND;
-}
-
-/**
- * Implementation of starter_configuration_t.get_shared_secret.
- */
-static status_t get_rsa_private_key(private_starter_configuration_t *this, identification_t *identification, rsa_private_key_t **private_key)
-{
-       iterator_t *iterator;
-       
-       iterator = this->rsa_private_keys->create_iterator(this->rsa_private_keys,TRUE);
-       while (iterator->has_next(iterator))
-       {
-               rsa_private_key_entry_t *entry;
-               iterator->current(iterator,(void **) &entry);
-               if (entry->identification->equals(entry->identification,identification))
-               {
-                       *private_key = entry->private_key;
-                       iterator->destroy(iterator);
-                       return SUCCESS;
-               }
-       }
-       iterator->destroy(iterator);
-       return NOT_FOUND;
-}
-
-/**
- * Implementation of starter_configuration_t.get_retransmit_timeout.
- */
-static status_t get_retransmit_timeout (private_starter_configuration_t *this, u_int32_t retransmit_count, u_int32_t *timeout)
-{
-       int new_timeout = this->first_retransmit_timeout, i;
-       if ((retransmit_count > this->max_retransmit_count) && (this->max_retransmit_count != 0))
-       {
-               return FAILED;
-       }
-       
-
-       for (i = 0; i < retransmit_count; i++)
-       {
-               new_timeout *= 2;
-       }
-       
-       *timeout = new_timeout;
-       
-       return SUCCESS;
-}
-
-/**
- * Implementation of starter_configuration_t.get_half_open_ike_sa_timeout.
- */
-static u_int32_t get_half_open_ike_sa_timeout (private_starter_configuration_t *this)
-{
-       return this->half_open_ike_sa_timeout;
-}
-
-/**
- * Implementation of starter_configuration_t.destroy.
- */
-static void destroy(private_starter_configuration_t *this)
-{
-       this->logger->log(this->logger,CONTROL | LEVEL1, "Going to destroy configuration backend ");
-
-       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy configuration entries");
-       while (this->configurations->get_count(this->configurations) > 0)
-       {
-               configuration_entry_t *entry;
-               this->configurations->remove_first(this->configurations,(void **) &entry);
-               entry->destroy(entry);
-       }
-       this->configurations->destroy(this->configurations);
-
-       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy sa_config_t objects");        
-       while (this->sa_configs->get_count(this->sa_configs) > 0)
-       {
-               sa_config_t *sa_config;
-               this->sa_configs->remove_first(this->sa_configs,(void **) &sa_config);
-               sa_config->destroy(sa_config);
-       }
-
-       this->sa_configs->destroy(this->sa_configs);
-       
-       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy init_config_t objects");
-       while (this->init_configs->get_count(this->init_configs) > 0)
-       {
-               init_config_t *init_config;
-               this->init_configs->remove_first(this->init_configs,(void **) &init_config);
-               init_config->destroy(init_config);
-       }
-       this->init_configs->destroy(this->init_configs);
-       
-       while (this->preshared_secrets->get_count(this->preshared_secrets) > 0)
-       {
-               preshared_secret_entry_t *entry;
-               this->preshared_secrets->remove_first(this->preshared_secrets,(void **) &entry);
-               entry->identification->destroy(entry->identification);
-               allocator_free_chunk(&(entry->preshared_secret));
-               allocator_free(entry);
-       }
-       this->preshared_secrets->destroy(this->preshared_secrets);
-
-       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy rsa private keys");   
-       while (this->rsa_private_keys->get_count(this->rsa_private_keys) > 0)
-       {
-               rsa_private_key_entry_t *entry;
-               this->rsa_private_keys->remove_first(this->rsa_private_keys,(void **) &entry);
-               entry->identification->destroy(entry->identification);
-               entry->private_key->destroy(entry->private_key);
-               allocator_free(entry);
-       }
-       this->rsa_private_keys->destroy(this->rsa_private_keys);
-
-       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy rsa public keys");
-       while (this->rsa_public_keys->get_count(this->rsa_public_keys) > 0)
-       {
-               rsa_public_key_entry_t *entry;
-               this->rsa_public_keys->remove_first(this->rsa_public_keys,(void **) &entry);
-               entry->identification->destroy(entry->identification);
-               entry->public_key->destroy(entry->public_key);
-               allocator_free(entry);
-       }
-       this->rsa_public_keys->destroy(this->rsa_public_keys);
-               
-       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy assigned logger");
-       charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
-       close(this->socket);
-       unlink(socket_addr.sun_path);
-       allocator_free(this);
-}
-
-/*
- * Described in header-file
- */
-starter_configuration_t *starter_configuration_create()
-{
-       private_starter_configuration_t *this = allocator_alloc_thing(private_starter_configuration_t);
-       mode_t old;
-       bool on = TRUE;
-
-       /* public functions */
-       this->public.configuration_interface.destroy = (void(*)(configuration_t*))destroy;
-       this->public.configuration_interface.get_init_config_for_name = (status_t (*) (configuration_t *, char *, init_config_t **)) get_init_config_for_name;
-       this->public.configuration_interface.get_init_config_for_host = (status_t (*) (configuration_t *, host_t *, host_t *,init_config_t **)) get_init_config_for_host;
-       this->public.configuration_interface.get_sa_config_for_name =(status_t (*) (configuration_t *, char *, sa_config_t **)) get_sa_config_for_name;
-       this->public.configuration_interface.get_sa_config_for_init_config_and_id =(status_t (*) (configuration_t *, init_config_t *, identification_t *, identification_t *,sa_config_t **)) get_sa_config_for_init_config_and_id;
-       this->public.configuration_interface.get_retransmit_timeout = (status_t (*) (configuration_t *, u_int32_t retransmit_count, u_int32_t *timeout))get_retransmit_timeout;
-       this->public.configuration_interface.get_half_open_ike_sa_timeout = (u_int32_t (*) (configuration_t *)) get_half_open_ike_sa_timeout;
-       this->public.configuration_interface.get_shared_secret = (status_t (*) (configuration_t *, identification_t *, chunk_t *))get_shared_secret;
-       this->public.configuration_interface.get_rsa_private_key = (status_t (*) (configuration_t *, identification_t *, rsa_private_key_t**))get_rsa_private_key;
-       this->public.configuration_interface.get_rsa_public_key = (status_t (*) (configuration_t *, identification_t *, rsa_public_key_t**))get_rsa_public_key;
-       
-       /* private functions */
-       this->add_new_configuration = add_new_configuration;
-       this->add_new_preshared_secret = add_new_preshared_secret;
-       this->add_new_rsa_public_key = add_new_rsa_public_key;
-       this->add_new_rsa_private_key = add_new_rsa_private_key;
-       this->whack_receive = whack_receive;
-       
-       this->logger = charon->logger_manager->create_logger(charon->logger_manager,CONFIG,NULL);
-       
-       /* set up unix socket */
-       this->socket = socket(AF_UNIX, SOCK_STREAM, 0);
-       if (this->socket == -1)
-       {
-               this->logger->log(this->logger, ERROR, "could not create whack socket");
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
-               allocator_free(this);
-               return NULL;
-       }
-       if (fcntl(this->socket, F_SETFD, FD_CLOEXEC) < 0)
-       {
-               this->logger->log(this->logger, ERROR, "could not FD_CLOEXEC on whack socket");
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
-               close(this->socket);
-               allocator_free(this);
-               return NULL;
-       }
-       if (setsockopt(this->socket, SOL_SOCKET, SO_REUSEADDR, (const void *)&on, sizeof(on)) < 0)
-       
-       old = umask(~S_IRWXU);
-       if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0)
-       {
-               this->logger->log(this->logger, ERROR, "could not bind whack socket: %s", strerror(errno));
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
-               close(this->socket);
-               allocator_free(this);
-               return NULL;
-       }
-       umask(old);
-       
-       if (listen(this->socket, 0) < 0)
-       {
-               this->logger->log(this->logger, ERROR, "could not listen on whack socket: %s", strerror(errno));
-               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
-               close(this->socket);
-               unlink(socket_addr.sun_path);
-               allocator_free(this);
-               return NULL;
-       }
-       
-       /* start a thread reading from the socket */
-       if (pthread_create(&(this->assigned_thread), NULL, (void*(*)(void*))this->whack_receive, this) != 0)
-       {
-               this->logger->log(this->logger, ERROR, "Could not spawn whack thread");
-               charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
-               close(this->socket);
-               unlink(socket_addr.sun_path);
-               allocator_free(this);
-       }
-       
-       /* private variables */
-       this->configurations = linked_list_create();
-       this->sa_configs = linked_list_create();
-       this->init_configs = linked_list_create();
-       this->preshared_secrets = linked_list_create();
-       this->rsa_private_keys = linked_list_create();
-       this->rsa_public_keys = linked_list_create();
-       this->max_retransmit_count = MAX_RETRANSMIT_COUNT;
-       this->first_retransmit_timeout = RETRANSMIT_TIMEOUT;
-       this->half_open_ike_sa_timeout = HALF_OPEN_IKE_SA_TIMEOUT;
-       
-       return (&this->public);
-}
diff --git a/Source/charon/config/starter_configuration.h b/Source/charon/config/starter_configuration.h
deleted file mode 100644 (file)
index 408b84e..0000000
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @file starter_configuration_t.h
- *
- * @brief Interface of starter_configuration_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#ifndef STARTER_CONFIGURATION_H_
-#define STARTER_CONFIGURATION_H_
-
-#include <config/configuration.h>
-
-
-typedef struct starter_configuration_t starter_configuration_t;
-
-/**
- * @brief A config backend which uses the ipsec starter
- * from pluto, wich parses config files.
- * 
- * This configuration implementation opens a Whack-Socket
- * and waits for input from ipsec starter.
- * 
- * @b Constructors:
- * - starter_configuration_create()
- * 
- * @ingroup config
- */
-struct starter_configuration_t { 
-
-       /**
-        * Implements configuration_t interface
-        */
-       configuration_t configuration_interface;
-};
-
-/**
- * @brief Creates an configuration using ipsec starter as input.
- * 
- * @return starter_configuration_t object
- * 
- * @ingroup config
- */
-starter_configuration_t *starter_configuration_create();
-
-#endif /*STARTER_CONFIGURATION_H_*/
index 0cec6e1..e0c76da 100755 (executable)
@@ -297,9 +297,15 @@ static void load_default_config (private_static_configuration_t *this)
        proposal_t *proposal;
        sa_config_t *sa_config_a, *sa_config_b;
        traffic_selector_t *ts;
+       host_t *alice, *bob, *any;
        
-       init_config_a = init_config_create("0.0.0.0","192.168.0.2",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
-       init_config_b = init_config_create("0.0.0.0","192.168.0.1",IKEV2_UDP_PORT,IKEV2_UDP_PORT);
+       bob = host_create(AF_INET, "192.168.0.2", IKEV2_UDP_PORT);
+       any = host_create(AF_INET, "0.0.0.0", IKEV2_UDP_PORT);
+       init_config_a = init_config_create(any, bob);
+       
+       alice = host_create(AF_INET, "192.168.0.1", IKEV2_UDP_PORT);
+       any = host_create(AF_INET, "0.0.0.0", IKEV2_UDP_PORT);
+       init_config_b = init_config_create(any, alice);
        
        /* IKE proposals for alice */
        proposal = proposal_create(1);
diff --git a/Source/charon/config/stroke_configuration.c b/Source/charon/config/stroke_configuration.c
new file mode 100755 (executable)
index 0000000..5110be1
--- /dev/null
@@ -0,0 +1,992 @@
+/**
+ * @file stroke_configuration.c
+ * 
+ * @brief Implementation of stroke_configuration_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <pthread.h>
+
+#include "stroke_configuration.h"
+
+#include <types.h>
+#include <daemon.h>
+#include <utils/allocator.h>
+#include <queues/jobs/initiate_ike_sa_job.h>
+
+/**
+ * First retransmit timeout in milliseconds.
+ * 
+ * Timeout value is increasing in each retransmit round.
+ */
+#define RETRANSMIT_TIMEOUT 3000
+
+/**
+ * Timeout in milliseconds after that a half open IKE_SA gets deleted.
+ */
+#define HALF_OPEN_IKE_SA_TIMEOUT 30000
+
+/**
+ * Max retransmit count.
+ * 0 for infinite. The max time a half open IKE_SA is alive is set by 
+ * RETRANSMIT_TIMEOUT.
+ */
+#define MAX_RETRANSMIT_COUNT 0
+
+
+struct sockaddr_un socket_addr = { AF_UNIX, "/var/run/charon.ctl"};
+
+
+typedef struct preshared_secret_entry_t preshared_secret_entry_t;
+
+/**
+ * A preshared secret entry combines an identifier and a 
+ * preshared secret.
+ */
+struct preshared_secret_entry_t {
+
+       /**
+        * Identification.
+        */
+       identification_t *identification;
+       
+       /**
+        * Preshared secret as chunk_t. The NULL termination is not included.
+        */     
+       chunk_t preshared_secret;
+};
+
+
+typedef struct rsa_private_key_entry_t rsa_private_key_entry_t;
+
+/**
+ * Entry for a rsa private key.
+ */
+struct rsa_private_key_entry_t {
+
+       /**
+        * Identification.
+        */
+       identification_t *identification;
+       
+       /**
+        * Private key.
+        */     
+       rsa_private_key_t* private_key;
+};
+
+typedef struct rsa_public_key_entry_t rsa_public_key_entry_t;
+
+/**
+ * Entry for a rsa private key.
+ */
+struct rsa_public_key_entry_t {
+
+       /**
+        * Identification.
+        */
+       identification_t *identification;
+       
+       /**
+        * Private key.
+        */     
+       rsa_public_key_t* public_key;
+};
+
+typedef struct configuration_entry_t configuration_entry_t;
+
+/**
+ * A configuration entry combines a configuration name with a init and sa 
+ * configuration represented as init_config_t and sa_config_t objects.
+ * 
+ * @b Constructors:
+ *  - configuration_entry_create()
+ */
+struct configuration_entry_t {
+       
+       /**
+        * Configuration name.
+        * 
+        */
+       char *name;
+       
+       /**
+        * Configuration for IKE_SA_INIT exchange.
+        */
+       init_config_t *init_config;
+
+       /**
+        * Configuration for all phases after IKE_SA_INIT exchange.
+        */
+       sa_config_t *sa_config;
+       
+       /**
+        * Destroys a configuration_entry_t
+        * 
+        * @param this                          calling object
+        */
+       void (*destroy) (configuration_entry_t *this);
+};
+
+/**
+ * Implementation of configuration_entry_t.destroy.
+ */
+static void configuration_entry_destroy (configuration_entry_t *this)
+{
+       allocator_free(this->name);
+       allocator_free(this);
+}
+
+/**
+ * @brief Creates a configuration_entry_t object.
+ * 
+ * @param name                         name of the configuration entry (gets copied)
+ * @param init_config  object of type init_config_t
+ * @param sa_config            object of type sa_config_t
+ */
+static configuration_entry_t * configuration_entry_create(char * name, init_config_t * init_config, sa_config_t * sa_config)
+{
+       configuration_entry_t *entry = allocator_alloc_thing(configuration_entry_t);
+
+       /* functions */
+       entry->destroy = configuration_entry_destroy;
+
+       /* private data */
+       entry->init_config = init_config;
+       entry->sa_config = sa_config;
+       entry->name = allocator_alloc(strlen(name) + 1);
+       strcpy(entry->name,name);
+       return entry;
+}
+
+typedef struct private_stroke_configuration_t private_stroke_configuration_t;
+
+/**
+ * Private data of an stroke_configuration_t object.
+ */
+struct private_stroke_configuration_t {
+
+       /**
+        * Public part of stroke_configuration_t object.
+        */
+       stroke_configuration_t public;
+
+       /**
+        * Holding all configurations.
+        */
+       linked_list_t *configurations;
+
+       /**
+        * Holding all managed init_configs.
+        */
+       linked_list_t *init_configs;
+
+       /**
+        * Holding all managed init_configs.
+        */
+       linked_list_t *sa_configs;
+       
+       /**
+        * Holding all managed preshared secrets.
+        */
+       linked_list_t *preshared_secrets;
+       
+       /**
+        * Holding all managed private secrets.
+        */
+       linked_list_t *rsa_private_keys;
+       
+       /**
+        * Holding all managed public secrets.
+        */
+       linked_list_t *rsa_public_keys;
+
+       /**
+        * Assigned logger_t object.
+        */
+       logger_t *logger;
+       
+       /**
+        * Max number of requests to be retransmitted.
+        * 0 for infinite.
+        */     
+       u_int32_t max_retransmit_count;
+       
+       /**
+        * First retransmit timeout in ms.
+        */
+       u_int32_t first_retransmit_timeout;
+       
+       /**
+        * Timeout in ms after that time a IKE_SA gets deleted.
+        */
+       u_int32_t half_open_ike_sa_timeout;
+       
+       int socket;
+       
+       pthread_t assigned_thread;
+
+       /**
+        * Adds a new IKE_SA configuration.
+        * 
+        * @param this                          calling object
+        * @param name                          name for the configuration
+        * @param init_config           init_config_t object
+        * @param sa_config                     sa_config_t object
+        */
+       void (*add_new_configuration) (private_stroke_configuration_t *this, char *name, init_config_t *init_config, sa_config_t *sa_config);
+       
+       /**
+        * Adds a new preshared secret.
+        * 
+        * @param this                          calling object
+        * @param type                          type of identification
+        * @param id_string                     identification as string
+        * @param preshared_secret      preshared secret as string
+        */
+       void (*add_new_preshared_secret) (private_stroke_configuration_t *this,id_type_t type, char *id_string, char *preshared_secret);
+       
+       /**
+        * Adds a new rsa private key.
+        * 
+        * @param this                          calling object
+        * @param type                          type of identification
+        * @param id_string                     identification as string
+        * @param key_pos                       location of key
+        * @param key_len                       length of key
+        */
+       void (*add_new_rsa_private_key) (private_stroke_configuration_t *this,id_type_t type, char *id_string, u_int8_t *key_pos, size_t key_len);
+       
+       /**
+        * Adds a new rsa public key.
+        * 
+        * @param this                          calling object
+        * @param type                          type of identification
+        * @param id_string                     identification as string
+        * @param key_pos                       location of key
+        * @param key_len                       length of key
+        */
+       void (*add_new_rsa_public_key) (private_stroke_configuration_t *this,id_type_t type, char *id_string, u_int8_t *key_pos, size_t key_len);
+       
+       void (*whack_receive) (private_stroke_configuration_t *this);
+};
+
+extern u_int8_t public_key_1[];
+extern u_int8_t private_key_1[];
+extern u_int8_t public_key_2[];
+extern u_int8_t private_key_2[];
+
+static void fix_string(stroke_msg_t *msg, char **string)
+{
+       /* check for sanity of string pointer and string */
+       if (string < (char**)msg ||
+               string > (char**)msg + sizeof(stroke_msg_t) ||
+               *string < (char*)msg->buffer - (u_int)msg ||
+               *string > (char*)(u_int)msg->length)
+       {
+               *string = "(invalid char* in stroke msg)";
+       }
+       else
+       {
+               *string = (char*)msg + (u_int)*string;
+       }
+}
+
+/**
+ * Implementation of private_stroke_configuration_t.listen.
+ */
+static void whack_receive(private_stroke_configuration_t *this)
+{
+       stroke_msg_t *msg;
+       u_int16_t msg_length;
+       struct sockaddr_un whackaddr;
+       int whackaddrlen = sizeof(whackaddr);
+       ssize_t n;
+       int whackfd;
+       
+       while (1)
+       {
+               whackfd = accept(this->socket, (struct sockaddr *)&whackaddr, &whackaddrlen);
+       
+               if (whackfd < 0)
+               {
+                       this->logger->log(this->logger, ERROR, "accepting stroke connection failed");
+                       continue;
+               }
+               
+               /* peek the length */
+               n = recv(whackfd, &msg_length, sizeof(msg_length), MSG_PEEK);
+               if (n != sizeof(msg_length))
+               {
+                       this->logger->log(this->logger, ERROR, "reading lenght of stroke message failed");
+                       close(whackfd);
+                       continue;
+               }
+               
+               /* read message */
+               msg = allocator_alloc(msg_length);
+               n = recv(whackfd, msg, msg_length, 0);
+               if (n != msg_length)
+               {
+                       this->logger->log(this->logger, ERROR, "reading stroke message failed");
+                       close(whackfd);
+                       continue;
+               }
+               
+               this->logger->log_bytes(this->logger, RAW|LEVEL1, "Whackinput", (void*)msg, msg_length);
+               
+               switch (msg->type)
+               {
+                       case STR_INITIATE:
+                       {
+                               initiate_ike_sa_job_t *job;
+                               fix_string(msg, &(msg->initiate.name));
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "received stroke: initiate \"%s\"", msg->initiate.name);
+                               job = initiate_ike_sa_job_create(msg->initiate.name);
+                               charon->job_queue->add(charon->job_queue, (job_t*)job);
+                               break;
+                       }
+                       case STR_INSTALL:
+                       {
+                               fix_string(msg, &(msg->install.name));
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "received stroke: install \"%s\"", msg->install.name);
+                               break;
+                       }
+                       case STR_ADD_CONN:
+                       {
+                               sa_config_t *sa_config;
+                               init_config_t *init_config;
+                               host_t *me, *other;
+                               proposal_t *proposal;
+                               traffic_selector_t *ts;
+                               
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "my id is: \"%p\"", msg->add_conn.me.id);
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "other id is: \"%p\"", msg->add_conn.other.id);
+                               fix_string(msg, &msg->add_conn.name);
+                               fix_string(msg, &msg->add_conn.me.id);
+                               fix_string(msg, &msg->add_conn.other.id);
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "received stroke: add connection \"%s\"", msg->add_conn.name);
+                               
+                               msg->add_conn.me.address.v4.sin_port = htons(500);
+                               msg->add_conn.other.address.v4.sin_port = htons(500);
+                               me = host_create_from_sockaddr(&msg->add_conn.me.address.saddr);
+                               other = host_create_from_sockaddr(&msg->add_conn.other.address.saddr);
+                               
+                               init_config = init_config_create(me, other);
+                               proposal = proposal_create(1);
+                               proposal->add_algorithm(proposal, IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16);
+                               proposal->add_algorithm(proposal, IKE, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+                               proposal->add_algorithm(proposal, IKE, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0);
+                               proposal->add_algorithm(proposal, IKE, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0);
+                               init_config->add_proposal(init_config, proposal);
+                               
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "my id is: \"%s\"", msg->add_conn.me.id);
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "other id is: \"%s\"", msg->add_conn.other.id);
+                               
+                               sa_config = sa_config_create(ID_IPV4_ADDR, msg->add_conn.me.id,
+                                                                                        ID_IPV4_ADDR, msg->add_conn.other.id,
+                                                                                        SHARED_KEY_MESSAGE_INTEGRITY_CODE, 30000);
+                               
+                               this->add_new_preshared_secret(this, ID_IPV4_ADDR, "192.168.0.1","verschluesselt");
+                               this->add_new_preshared_secret(this, ID_IPV4_ADDR, "192.168.0.2","verschluesselt");
+                               
+                               proposal = proposal_create(1);
+                               proposal->add_algorithm(proposal, ESP, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16);
+                               proposal->add_algorithm(proposal, ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+                               sa_config->add_proposal(sa_config, proposal);
+                               
+                               me = host_create_from_sockaddr(&msg->add_conn.me.subnet.saddr);
+                               ts = traffic_selector_create_from_subnet(me, msg->add_conn.me.subnet_netbits);
+                               sa_config->add_my_traffic_selector(sa_config,ts);
+                               chunk_t chunk = ts->get_to_address(ts);
+                               this->logger->log_chunk(this->logger, CONTROL|LEVEL1, "my toaddr", &chunk);
+                               other = host_create_from_sockaddr(&msg->add_conn.other.subnet.saddr);
+                               ts = traffic_selector_create_from_subnet(other, msg->add_conn.other.subnet_netbits);
+                               sa_config->add_other_traffic_selector(sa_config,ts);
+                               chunk = ts->get_to_address(ts);
+                               this->logger->log_chunk(this->logger, CONTROL|LEVEL1, "other toaddr", &chunk);
+                               
+                               this->add_new_configuration(this, msg->add_conn.name, init_config, sa_config);
+                               this->logger->log(this->logger, CONTROL|LEVEL1, "connection added \"%s\"", msg->add_conn.name);
+                               
+                               break;
+                       }
+                       case STR_DEL_CONN:
+                       default:
+                               this->logger->log(this->logger, ERROR, "received invalid stroke");
+               }
+               
+               allocator_free(msg);
+       }
+}
+
+
+/**
+ * Implementation of stroke_configuration_t.get_init_config_for_host.
+ */
+static status_t get_init_config_for_host (private_stroke_configuration_t *this, host_t *my_host, host_t *other_host,init_config_t **init_config)
+{
+       iterator_t *iterator;
+       status_t status = NOT_FOUND;
+       
+       iterator = this->configurations->create_iterator(this->configurations,TRUE);
+       
+       this->logger->log(this->logger, CONTROL|LEVEL1, "getting config for hosts %s - %s", 
+                                               my_host->get_address(my_host), other_host->get_address(other_host));
+       
+       while (iterator->has_next(iterator))
+       {
+               configuration_entry_t *entry;
+               host_t *config_my_host;
+               host_t *config_other_host;
+               
+               iterator->current(iterator,(void **) &entry);
+
+               config_my_host = entry->init_config->get_my_host(entry->init_config);
+               config_other_host = entry->init_config->get_other_host(entry->init_config);
+
+               /* first check if ip is equal */
+               if(config_other_host->ip_is_equal(config_other_host,other_host))
+               {
+                       this->logger->log(this->logger, CONTROL|LEVEL2, "config entry with remote host %s", 
+                                               config_other_host->get_address(config_other_host));
+                       /* could be right one, check my_host for default route*/
+                       if (config_my_host->is_default_route(config_my_host))
+                       {
+                               *init_config = entry->init_config;
+                               status = SUCCESS;
+                               break;
+                       }
+                       /* check now if host informations are the same */
+                       else if (config_my_host->ip_is_equal(config_my_host,my_host))
+                       {
+                               *init_config = entry->init_config;
+                               status = SUCCESS;
+                               break;
+                       }
+                       
+               }
+               /* Then check for wildcard hosts!
+                * TODO
+                * actually its only checked if other host with default route can be found! */
+               else if (config_other_host->is_default_route(config_other_host))
+               {
+                       /* could be right one, check my_host for default route*/
+                       if (config_my_host->is_default_route(config_my_host))
+                       {
+                               *init_config = entry->init_config;
+                               status = SUCCESS;
+                               break;
+                       }
+                       /* check now if host informations are the same */
+                       else if (config_my_host->ip_is_equal(config_my_host,my_host))
+                       {
+                               *init_config = entry->init_config;
+                               status = SUCCESS;
+                               break;
+                       }
+               }
+       }
+       
+       iterator->destroy(iterator);
+       
+       return status;
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_init_config_for_name.
+ */
+static status_t get_init_config_for_name (private_stroke_configuration_t *this, char *name, init_config_t **init_config)
+{
+       iterator_t *iterator;
+       status_t status = NOT_FOUND;
+       
+       iterator = this->configurations->create_iterator(this->configurations,TRUE);
+       
+       while (iterator->has_next(iterator))
+       {
+               configuration_entry_t *entry;
+               iterator->current(iterator,(void **) &entry);
+
+               if (strcmp(entry->name,name) == 0)
+               {
+
+                       /* found configuration */
+                       *init_config = entry->init_config;
+                       status = SUCCESS;
+                       break;
+               }
+       }
+       
+       iterator->destroy(iterator);
+       
+       return status;
+}
+       
+/**
+ * Implementation of stroke_configuration_t.get_sa_config_for_name.
+ */
+static status_t get_sa_config_for_name (private_stroke_configuration_t *this, char *name, sa_config_t **sa_config)
+{
+       iterator_t *iterator;
+       status_t status = NOT_FOUND;
+       
+       iterator = this->configurations->create_iterator(this->configurations,TRUE);
+       
+       while (iterator->has_next(iterator))
+       {
+               configuration_entry_t *entry;
+               iterator->current(iterator,(void **) &entry);
+
+               if (strcmp(entry->name,name) == 0)
+               {
+                       /* found configuration */
+                       *sa_config = entry->sa_config;
+                       status = SUCCESS;
+                       break;
+               }
+       }
+       
+       iterator->destroy(iterator);
+       
+       return status;
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_sa_config_for_init_config_and_id.
+ */
+static status_t get_sa_config_for_init_config_and_id (private_stroke_configuration_t *this, init_config_t *init_config, identification_t *other_id, identification_t *my_id,sa_config_t **sa_config)
+{      
+       iterator_t *iterator;
+       status_t status = NOT_FOUND;
+       
+       iterator = this->configurations->create_iterator(this->configurations,TRUE);
+       
+       while (iterator->has_next(iterator))
+       {
+               configuration_entry_t *entry;
+               iterator->current(iterator,(void **) &entry);
+
+               if (entry->init_config == init_config)
+               {
+                       identification_t *config_my_id = entry->sa_config->get_my_id(entry->sa_config);
+                       identification_t *config_other_id = entry->sa_config->get_other_id(entry->sa_config);
+
+                       /* host informations seem to be the same */
+                       if (config_other_id->equals(config_other_id,other_id))
+                       {
+                               /* other ids seems to match */
+                               
+                               if (my_id == NULL)
+                               {
+                                       /* first matching one is selected */
+                                       
+                                       /* TODO priorize found entries */
+                                       *sa_config = entry->sa_config;
+                                       status = SUCCESS;
+                                       break;
+                               }
+
+                               if (config_my_id->equals(config_my_id,my_id))
+                               {
+                                       *sa_config = entry->sa_config;
+                                       status = SUCCESS;
+                                       break;
+                               }
+
+                       }
+               }
+       }
+       
+       iterator->destroy(iterator);
+       
+       return status;
+}
+
+/**
+ * Implementation of private_stroke_configuration_t.add_new_configuration.
+ */
+static void add_new_configuration (private_stroke_configuration_t *this, char *name, init_config_t *init_config, sa_config_t *sa_config)
+{
+       iterator_t *iterator;
+       bool found;
+       
+       iterator = this->init_configs->create_iterator(this->init_configs,TRUE);
+       found = FALSE;
+       while (iterator->has_next(iterator))
+       {
+               init_config_t *found_init_config;
+               iterator->current(iterator,(void **) &found_init_config);
+               if (init_config == found_init_config)
+               {
+                       found = TRUE;
+                       break;
+               }
+       }
+       iterator->destroy(iterator);
+       if (!found)
+       {
+               this->init_configs->insert_first(this->init_configs,init_config);
+       }
+       
+       iterator = this->sa_configs->create_iterator(this->sa_configs,TRUE);
+       found = FALSE;
+       while (iterator->has_next(iterator))
+       {
+               sa_config_t *found_sa_config;
+               iterator->current(iterator,(void **) &found_sa_config);
+               if (sa_config == found_sa_config)
+               {
+                       found = TRUE;
+                       break;
+               }
+       }
+       iterator->destroy(iterator);
+       if (!found)
+       {
+               this->sa_configs->insert_first(this->sa_configs,sa_config);
+       }
+
+       this->configurations->insert_last(this->configurations,configuration_entry_create(name,init_config,sa_config));
+}
+
+/**
+ * Implementation of private_stroke_configuration_t.add_new_preshared_secret.
+ */
+static void add_new_preshared_secret (private_stroke_configuration_t *this,id_type_t type, char *id_string, char *preshared_secret)
+{
+       preshared_secret_entry_t *entry = allocator_alloc_thing(preshared_secret_entry_t);
+       
+       entry->identification = identification_create_from_string(type,id_string);
+       entry->preshared_secret.len = strlen(preshared_secret) + 1;
+       entry->preshared_secret.ptr = allocator_alloc(entry->preshared_secret.len);
+       memcpy(entry->preshared_secret.ptr,preshared_secret,entry->preshared_secret.len);
+       
+       this->preshared_secrets->insert_last(this->preshared_secrets,entry);
+}
+
+/**
+ * Implementation of private_stroke_configuration_t.add_new_preshared_secret.
+ */
+static void add_new_rsa_public_key (private_stroke_configuration_t *this, id_type_t type, char *id_string, u_int8_t* key_pos, size_t key_len)
+{
+       chunk_t key;
+       key.ptr = key_pos;
+       key.len = key_len;
+       
+       rsa_public_key_entry_t *entry = allocator_alloc_thing(rsa_public_key_entry_t);
+       
+       entry->identification = identification_create_from_string(type,id_string);
+       entry->public_key = rsa_public_key_create();
+       entry->public_key->set_key(entry->public_key, key);
+       
+       this->rsa_public_keys->insert_last(this->rsa_public_keys, entry);
+}
+
+/**
+ * Implementation of private_stroke_configuration_t.add_new_preshared_secret.
+ */
+static void add_new_rsa_private_key (private_stroke_configuration_t *this, id_type_t type, char *id_string, u_int8_t* key_pos, size_t key_len)
+{
+       chunk_t key;
+       key.ptr = key_pos;
+       key.len = key_len;
+       
+       rsa_private_key_entry_t *entry = allocator_alloc_thing(rsa_private_key_entry_t);
+       
+       entry->identification = identification_create_from_string(type,id_string);
+       entry->private_key = rsa_private_key_create();
+       entry->private_key->set_key(entry->private_key, key);
+       
+       this->rsa_private_keys->insert_last(this->rsa_private_keys, entry);
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_shared_secret.
+ */
+static status_t get_shared_secret(private_stroke_configuration_t *this, identification_t *identification, chunk_t *preshared_secret)
+{
+       iterator_t *iterator;
+       
+       iterator = this->preshared_secrets->create_iterator(this->preshared_secrets,TRUE);
+       while (iterator->has_next(iterator))
+       {
+               preshared_secret_entry_t *entry;
+               iterator->current(iterator,(void **) &entry);
+               if (entry->identification->equals(entry->identification,identification))
+               {
+                       *preshared_secret = entry->preshared_secret;
+                       iterator->destroy(iterator);
+                       return SUCCESS;
+               }
+       }
+       iterator->destroy(iterator);
+       return NOT_FOUND;
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_shared_secret.
+ */
+static status_t get_rsa_public_key(private_stroke_configuration_t *this, identification_t *identification, rsa_public_key_t **public_key)
+{
+       iterator_t *iterator;
+       
+       iterator = this->rsa_public_keys->create_iterator(this->rsa_public_keys,TRUE);
+       while (iterator->has_next(iterator))
+       {
+               rsa_public_key_entry_t *entry;
+               iterator->current(iterator,(void **) &entry);
+               if (entry->identification->equals(entry->identification,identification))
+               {
+                       *public_key = entry->public_key;
+                       iterator->destroy(iterator);
+                       return SUCCESS;
+               }
+       }
+       iterator->destroy(iterator);
+       return NOT_FOUND;
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_shared_secret.
+ */
+static status_t get_rsa_private_key(private_stroke_configuration_t *this, identification_t *identification, rsa_private_key_t **private_key)
+{
+       iterator_t *iterator;
+       
+       iterator = this->rsa_private_keys->create_iterator(this->rsa_private_keys,TRUE);
+       while (iterator->has_next(iterator))
+       {
+               rsa_private_key_entry_t *entry;
+               iterator->current(iterator,(void **) &entry);
+               if (entry->identification->equals(entry->identification,identification))
+               {
+                       *private_key = entry->private_key;
+                       iterator->destroy(iterator);
+                       return SUCCESS;
+               }
+       }
+       iterator->destroy(iterator);
+       return NOT_FOUND;
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_retransmit_timeout.
+ */
+static status_t get_retransmit_timeout (private_stroke_configuration_t *this, u_int32_t retransmit_count, u_int32_t *timeout)
+{
+       int new_timeout = this->first_retransmit_timeout, i;
+       if ((retransmit_count > this->max_retransmit_count) && (this->max_retransmit_count != 0))
+       {
+               return FAILED;
+       }
+       
+
+       for (i = 0; i < retransmit_count; i++)
+       {
+               new_timeout *= 2;
+       }
+       
+       *timeout = new_timeout;
+       
+       return SUCCESS;
+}
+
+/**
+ * Implementation of stroke_configuration_t.get_half_open_ike_sa_timeout.
+ */
+static u_int32_t get_half_open_ike_sa_timeout (private_stroke_configuration_t *this)
+{
+       return this->half_open_ike_sa_timeout;
+}
+
+/**
+ * Implementation of stroke_configuration_t.destroy.
+ */
+static void destroy(private_stroke_configuration_t *this)
+{
+       this->logger->log(this->logger,CONTROL | LEVEL1, "Going to destroy configuration backend ");
+
+       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy configuration entries");
+       while (this->configurations->get_count(this->configurations) > 0)
+       {
+               configuration_entry_t *entry;
+               this->configurations->remove_first(this->configurations,(void **) &entry);
+               entry->destroy(entry);
+       }
+       this->configurations->destroy(this->configurations);
+
+       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy sa_config_t objects");        
+       while (this->sa_configs->get_count(this->sa_configs) > 0)
+       {
+               sa_config_t *sa_config;
+               this->sa_configs->remove_first(this->sa_configs,(void **) &sa_config);
+               sa_config->destroy(sa_config);
+       }
+
+       this->sa_configs->destroy(this->sa_configs);
+       
+       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy init_config_t objects");
+       while (this->init_configs->get_count(this->init_configs) > 0)
+       {
+               init_config_t *init_config;
+               this->init_configs->remove_first(this->init_configs,(void **) &init_config);
+               init_config->destroy(init_config);
+       }
+       this->init_configs->destroy(this->init_configs);
+       
+       while (this->preshared_secrets->get_count(this->preshared_secrets) > 0)
+       {
+               preshared_secret_entry_t *entry;
+               this->preshared_secrets->remove_first(this->preshared_secrets,(void **) &entry);
+               entry->identification->destroy(entry->identification);
+               allocator_free_chunk(&(entry->preshared_secret));
+               allocator_free(entry);
+       }
+       this->preshared_secrets->destroy(this->preshared_secrets);
+
+       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy rsa private keys");   
+       while (this->rsa_private_keys->get_count(this->rsa_private_keys) > 0)
+       {
+               rsa_private_key_entry_t *entry;
+               this->rsa_private_keys->remove_first(this->rsa_private_keys,(void **) &entry);
+               entry->identification->destroy(entry->identification);
+               entry->private_key->destroy(entry->private_key);
+               allocator_free(entry);
+       }
+       this->rsa_private_keys->destroy(this->rsa_private_keys);
+
+       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy rsa public keys");
+       while (this->rsa_public_keys->get_count(this->rsa_public_keys) > 0)
+       {
+               rsa_public_key_entry_t *entry;
+               this->rsa_public_keys->remove_first(this->rsa_public_keys,(void **) &entry);
+               entry->identification->destroy(entry->identification);
+               entry->public_key->destroy(entry->public_key);
+               allocator_free(entry);
+       }
+       this->rsa_public_keys->destroy(this->rsa_public_keys);
+               
+       this->logger->log(this->logger,CONTROL | LEVEL2, "Destroy assigned logger");
+       charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
+       close(this->socket);
+       unlink(socket_addr.sun_path);
+       allocator_free(this);
+}
+
+/*
+ * Described in header-file
+ */
+stroke_configuration_t *stroke_configuration_create()
+{
+       private_stroke_configuration_t *this = allocator_alloc_thing(private_stroke_configuration_t);
+       mode_t old;
+       bool on = TRUE;
+
+       /* public functions */
+       this->public.configuration_interface.destroy = (void(*)(configuration_t*))destroy;
+       this->public.configuration_interface.get_init_config_for_name = (status_t (*) (configuration_t *, char *, init_config_t **)) get_init_config_for_name;
+       this->public.configuration_interface.get_init_config_for_host = (status_t (*) (configuration_t *, host_t *, host_t *,init_config_t **)) get_init_config_for_host;
+       this->public.configuration_interface.get_sa_config_for_name =(status_t (*) (configuration_t *, char *, sa_config_t **)) get_sa_config_for_name;
+       this->public.configuration_interface.get_sa_config_for_init_config_and_id =(status_t (*) (configuration_t *, init_config_t *, identification_t *, identification_t *,sa_config_t **)) get_sa_config_for_init_config_and_id;
+       this->public.configuration_interface.get_retransmit_timeout = (status_t (*) (configuration_t *, u_int32_t retransmit_count, u_int32_t *timeout))get_retransmit_timeout;
+       this->public.configuration_interface.get_half_open_ike_sa_timeout = (u_int32_t (*) (configuration_t *)) get_half_open_ike_sa_timeout;
+       this->public.configuration_interface.get_shared_secret = (status_t (*) (configuration_t *, identification_t *, chunk_t *))get_shared_secret;
+       this->public.configuration_interface.get_rsa_private_key = (status_t (*) (configuration_t *, identification_t *, rsa_private_key_t**))get_rsa_private_key;
+       this->public.configuration_interface.get_rsa_public_key = (status_t (*) (configuration_t *, identification_t *, rsa_public_key_t**))get_rsa_public_key;
+       
+       /* private functions */
+       this->add_new_configuration = add_new_configuration;
+       this->add_new_preshared_secret = add_new_preshared_secret;
+       this->add_new_rsa_public_key = add_new_rsa_public_key;
+       this->add_new_rsa_private_key = add_new_rsa_private_key;
+       this->whack_receive = whack_receive;
+       
+       this->logger = charon->logger_manager->create_logger(charon->logger_manager,CONFIG,NULL);
+       
+       /* set up unix socket */
+       this->socket = socket(AF_UNIX, SOCK_STREAM, 0);
+       if (this->socket == -1)
+       {
+               this->logger->log(this->logger, ERROR, "could not create whack socket");
+               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
+               allocator_free(this);
+               return NULL;
+       }
+       if (fcntl(this->socket, F_SETFD, FD_CLOEXEC) < 0)
+       {
+               this->logger->log(this->logger, ERROR, "could not FD_CLOEXEC on whack socket");
+               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
+               close(this->socket);
+               allocator_free(this);
+               return NULL;
+       }
+       if (setsockopt(this->socket, SOL_SOCKET, SO_REUSEADDR, (const void *)&on, sizeof(on)) < 0)
+       
+       old = umask(~S_IRWXU);
+       if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0)
+       {
+               this->logger->log(this->logger, ERROR, "could not bind whack socket: %s", strerror(errno));
+               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
+               close(this->socket);
+               allocator_free(this);
+               return NULL;
+       }
+       umask(old);
+       
+       if (listen(this->socket, 0) < 0)
+       {
+               this->logger->log(this->logger, ERROR, "could not listen on whack socket: %s", strerror(errno));
+               charon->logger_manager->destroy_logger(charon->logger_manager,this->logger);
+               close(this->socket);
+               unlink(socket_addr.sun_path);
+               allocator_free(this);
+               return NULL;
+       }
+       
+       /* start a thread reading from the socket */
+       if (pthread_create(&(this->assigned_thread), NULL, (void*(*)(void*))this->whack_receive, this) != 0)
+       {
+               this->logger->log(this->logger, ERROR, "Could not spawn whack thread");
+               charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
+               close(this->socket);
+               unlink(socket_addr.sun_path);
+               allocator_free(this);
+       }
+       
+       /* private variables */
+       this->configurations = linked_list_create();
+       this->sa_configs = linked_list_create();
+       this->init_configs = linked_list_create();
+       this->preshared_secrets = linked_list_create();
+       this->rsa_private_keys = linked_list_create();
+       this->rsa_public_keys = linked_list_create();
+       this->max_retransmit_count = MAX_RETRANSMIT_COUNT;
+       this->first_retransmit_timeout = RETRANSMIT_TIMEOUT;
+       this->half_open_ike_sa_timeout = HALF_OPEN_IKE_SA_TIMEOUT;
+       
+       return (&this->public);
+}
diff --git a/Source/charon/config/stroke_configuration.h b/Source/charon/config/stroke_configuration.h
new file mode 100644 (file)
index 0000000..558e43f
--- /dev/null
@@ -0,0 +1,111 @@
+/**
+ * @file stroke_configuration_t.h
+ *
+ * @brief Interface of stroke_configuration_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef STROKE_CONFIGURATION_H
+#define STROKE_CONFIGURATION_H
+
+#include <config/configuration.h>
+
+/**
+ * @brief A message sent over the unix socket.
+ * 
+ */
+typedef struct stroke_msg_t stroke_msg_t;
+
+struct stroke_msg_t {
+       /* length of this message with all strings */
+       u_int16_t length;
+       /* type of the message */
+       enum {
+               /* initiate a connection */
+               STR_INITIATE,
+               /* install SPD entries for a connection */
+               STR_INSTALL,
+               /* add a connection */
+               STR_ADD_CONN,
+               /* delete a connection */
+               STR_DEL_CONN,
+               /* more to come */
+       } type;
+       union {
+               /* data for STR_INITIATE, STR_INSTALL */
+               struct {
+                       char *name;
+               } initiate, install;
+               /* data for STR_ADD_CONN */
+               struct {
+                       char *name;
+                       struct {
+                               union {
+                                       u_int16_t family;
+                                       struct sockaddr saddr;
+                                       struct sockaddr_in v4;
+                                       struct sockaddr_in6 v6;
+                               } address;
+                               char *id;
+                               union {
+                                       u_int16_t family;
+                                       struct sockaddr saddr;
+                                       struct sockaddr_in v4;
+                                       struct sockaddr_in6 v6;
+                               } subnet;
+                               u_int8_t subnet_netbits;
+                       } me, other;
+               } add_conn;
+       };
+       u_int8_t buffer[];
+};
+
+
+typedef struct stroke_configuration_t stroke_configuration_t;
+
+/**
+ * @brief A config backend which uses a unix socket.
+ * 
+ * Allows config manipulation (as whack in pluto). This config
+ * is used by the ipsec_starter utility. This configuration 
+ * implementation opens a socket at /var/run/charon.ctl and 
+ * waits for input from ipsec starter.
+ * 
+ * @b Constructors:
+ * - stroke_configuration_create()
+ * 
+ * @ingroup config
+ */
+struct stroke_configuration_t {
+
+       /**
+        * Implements configuration_t interface
+        */
+       configuration_t configuration_interface;
+};
+
+/**
+ * @brief Creates an configuration with a unix socket interface.
+ * 
+ * @return stroke_configuration_t object
+ * 
+ * @ingroup config
+ */
+stroke_configuration_t *stroke_configuration_create();
+
+#endif /*STROKE_CONFIGURATION_H*/
index 33b1764..9f96718 100644 (file)
@@ -50,14 +50,14 @@ struct private_traffic_selector_t {
        u_int8_t protocol;
        
        /** 
-        * begin of address range 
+        * begin of address range, host order
         */
        union {
                u_int32_t from_addr_ipv4;
        };
        
        /**
-        * end of address range 
+        * end of address range, host order
         */
        union {
                u_int32_t to_addr_ipv4;
@@ -75,7 +75,7 @@ struct private_traffic_selector_t {
 };
 
 /**
- * internal generic constructor 
+ * internal generic constructor
  */
 static private_traffic_selector_t *traffic_selector_create(u_int8_t protocol, ts_type_t type, u_int16_t from_port, u_int16_t to_port);
 
@@ -207,6 +207,36 @@ static u_int8_t get_protocol(private_traffic_selector_t *this)
 }
 
 /**
+ * Implements traffic_selector_t.get_netmask.
+ */
+static u_int8_t get_netmask(private_traffic_selector_t *this)
+{
+       switch (this->type)
+       {
+               case TS_IPV4_ADDR_RANGE:
+               {
+                       u_int32_t from, to, bit;
+                       from = htonl(this->from_addr_ipv4);
+                       to = htonl(this->to_addr_ipv4);
+                       printf("%x - %x\n", from, to);
+                       for (bit = 0; bit < 32; bit++)
+                       {                               
+                               if ((1<<bit & from) != (1<<bit & to))
+                               {
+                                       return bit;
+                               }
+                       }
+                       return 0;
+               }
+               case TS_IPV6_ADDR_RANGE:
+               default:
+               {
+                       return 0;
+               }
+       }
+}
+
+/**
  * Implements traffic_selector_t.clone.
  */
 static traffic_selector_t *clone(private_traffic_selector_t *this)
@@ -270,9 +300,38 @@ traffic_selector_t *traffic_selector_create_from_bytes(u_int8_t protocol, ts_typ
        return (&this->public);
 }
 
+/*
+ * see header
+ */
+traffic_selector_t *traffic_selector_create_from_subnet(host_t *net, u_int8_t netbits)
+{
+       private_traffic_selector_t *this = traffic_selector_create(0, 0, 0, 65535);
+
+       switch (net->get_family(net))
+       {
+               case AF_INET:
+               {
+                       chunk_t from;
+                       
+                       this->type = TS_IPV4_ADDR_RANGE;
+                       from = net->get_address_as_chunk(net);
+                       this->from_addr_ipv4 = ntohl(*((u_int32_t*)from.ptr));
+                       this->to_addr_ipv4 = this->from_addr_ipv4 | ((1 << (32 - netbits)) - 1);
+                       allocator_free_chunk(&from);
+                       break;  
+               }
+               case AF_INET6:
+               default:
+               {
+                       allocator_free(this);
+                       return NULL;    
+               }
+       }
+       return (&this->public);
+}
 
 /*
- * Described in header-file
+ * see header
  */
 traffic_selector_t *traffic_selector_create_from_string(u_int8_t protocol, ts_type_t type, char *from_addr, u_int16_t from_port, char *to_addr, u_int16_t to_port)
 {
@@ -327,6 +386,7 @@ static private_traffic_selector_t *traffic_selector_create(u_int8_t protocol, ts
        this->public.get_to_port = (u_int16_t(*)(traffic_selector_t*))get_to_port;      
        this->public.get_type = (ts_type_t(*)(traffic_selector_t*))get_type;    
        this->public.get_protocol = (u_int8_t(*)(traffic_selector_t*))get_protocol;
+       this->public.get_netmask = (u_int8_t(*)(traffic_selector_t*))get_netmask;
        this->public.clone = (traffic_selector_t*(*)(traffic_selector_t*))clone;
        this->public.destroy = (void(*)(traffic_selector_t*))destroy;
        
@@ -337,4 +397,3 @@ static private_traffic_selector_t *traffic_selector_create(u_int8_t protocol, ts
        
        return this;
 }
-
index 553a73e..685b7d7 100644 (file)
@@ -66,12 +66,14 @@ typedef struct traffic_selector_t traffic_selector_t;
  * @brief Object representing a traffic selector entry.
  * 
  * A traffic selector defines an range of addresses
- * and a range of ports. 
+ * and a range of ports. IPv6 is not fully supported yet.
  * 
  * @b Constructors:
  * - traffic_selector_create_from_bytes()
  * - traffic_selector_create_from_string()
  * 
+ * @todo Add IPv6 support
+ * 
  * @ingroup config
  */
 struct traffic_selector_t {
@@ -161,6 +163,18 @@ struct traffic_selector_t {
         * @return                      protocol id
         */
        u_int8_t (*get_protocol) (traffic_selector_t *this);
+               
+       /**
+        * @brief Get the netmask of the address range.
+        * 
+        * Returns the number of bits associated to the subnet.
+        * (As the "24" in "192.168.0.0/24"). This is approximated
+        * if the address range is not a complete subnet!
+        * 
+        * @param this          calling obect
+        * @return                      netmask as "bits for subnet"
+        */
+       u_int8_t (*get_netmask) (traffic_selector_t *this);
        
        /**
         * @brief Destroys the ts object
@@ -208,4 +222,6 @@ traffic_selector_t *traffic_selector_create_from_string(u_int8_t protocol, ts_ty
  */
 traffic_selector_t *traffic_selector_create_from_bytes(u_int8_t protocol, ts_type_t type, chunk_t from_address, int16_t from_port, chunk_t to_address, u_int16_t to_port);
 
+traffic_selector_t *traffic_selector_create_from_subnet(host_t *net, u_int8_t netbits);
+
 #endif //_TRAFFIC_SELECTOR_H_
index db75809..8ecdb98 100644 (file)
@@ -23,6 +23,9 @@
 #include <stdio.h>
 #include <signal.h>
 #include <pthread.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
 
 #include "daemon.h" 
 
@@ -30,7 +33,7 @@
 #include <utils/allocator.h>
 #include <queues/jobs/initiate_ike_sa_job.h>
 #include <config/static_configuration.h>
-#include <config/starter_configuration.h>
+#include <config/stroke_configuration.h>
 
 
 typedef struct private_daemon_t private_daemon_t;
@@ -145,6 +148,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
        {
                /* initialization failed, terminate daemon */
                this->destroy(this);
+               unlink(PID_FILE);
                exit(-1);
        }
        else
@@ -184,7 +188,7 @@ static void initialize(private_daemon_t *this)
        this->public.job_queue = job_queue_create();
        this->public.event_queue = event_queue_create();
        this->public.send_queue = send_queue_create();
-       this->public.configuration = (configuration_t*)static_configuration_create();
+       this->public.configuration = (configuration_t*)stroke_configuration_create();
        
        this->public.sender = sender_create();
        this->public.receiver = receiver_create();
@@ -300,24 +304,40 @@ private_daemon_t *daemon_create()
 int main(int argc, char *argv[])
 {
        private_daemon_t *private_charon;
+       FILE *pid_file;
+       struct stat stb;
        
        /* allocation needs initialization, before any allocs are done */
        allocator_init();
-       
        private_charon = daemon_create();
        charon = (daemon_t*)private_charon;
+               
+       /* check/setup PID file */
+       if (stat(PID_FILE, &stb) == 0)
+       {
+               private_charon->logger->log(private_charon->logger, ERROR, 
+                                                                       "charon already running (\""PID_FILE"\" exists)");
+               private_charon->destroy(private_charon);
+               exit(-1);
+       }
+       pid_file = fopen(PID_FILE, "w");
+       if (pid_file)
+       {
+               fprintf(pid_file, "%d\n", getpid());
+               fclose(pid_file);
+       }
        
+       /* initialize and run daemon*/
        private_charon->initialize(private_charon);
-       
        if (argc == 2)
        {
                private_charon->build_test_job(private_charon,argv[1]);
        }
-
-       
        private_charon->run(private_charon);
        
+       /* normal termination, cleanup and exit */
        private_charon->destroy(private_charon);
+       unlink(PID_FILE);
        
 #ifdef LEAK_DETECTIVE
        report_memory_leaks(void);
index 3291743..db7b64c 100644 (file)
 #define IKEV2_UDP_PORT 500
 
 /**
+ * PID file, in which charon stores its process id
+ */
+#define PID_FILE "/var/run/charon.pid"
+
+/**
+ * Output of log, use NULL for syslog
+ */
+#define LOG_OUTPUT NULL
+
+/**
  * @brief Default loglevel for every logger context.
  * 
  * This is the maximum allowed level for ever context, the definiton
index adf4c62..455a5d3 100644 (file)
@@ -368,32 +368,6 @@ static status_t update(private_child_sa_t *this, proposal_t *proposal, prf_plus_
        return SUCCESS;
 }
 
-static u_int8_t get_mask(chunk_t start, chunk_t end)
-{
-       int byte, bit, mask = 0;
-       
-       if (start.len != end.len)
-       {
-               return 0;
-       }
-       for (byte = 0; byte < start.len; byte++)
-       {
-               for (bit = 7; bit >= 0; bit--)
-               {
-                       if ((*(start.ptr + byte) | (1<<bit)) ==
-                               (*(end.ptr + byte) | (1<<bit)))
-                       {
-                               mask++;
-                       }
-                       else
-                       {
-                               return mask;
-                       }
-               }
-       }
-       return start.len * 8;
-}
-
 static status_t add_policies(private_child_sa_t *this, linked_list_t *my_ts_list, linked_list_t *other_ts_list)
 {
        iterator_t *my_iter, *other_iter;
@@ -410,7 +384,7 @@ static status_t add_policies(private_child_sa_t *this, linked_list_t *my_ts_list
                {
                        /* set up policies for every entry in my_ts_list to every entry in other_ts_list */
                        int family;
-                       chunk_t from_addr, to_addr;
+                       chunk_t from_addr;
                        u_int16_t from_port, to_port;
                        policy_t *policy;
                        status_t status;
@@ -428,26 +402,22 @@ static status_t add_policies(private_child_sa_t *this, linked_list_t *my_ts_list
                        /* calculate net and ports for local side */
                        family = my_ts->get_type(my_ts) == TS_IPV4_ADDR_RANGE ? AF_INET : AF_INET6;
                        from_addr = my_ts->get_from_address(my_ts);
-                       to_addr = my_ts->get_to_address(my_ts);
                        from_port = my_ts->get_from_port(my_ts);
                        to_port = my_ts->get_to_port(my_ts);
                        from_port = (from_port != to_port) ? 0 : from_port;
                        policy->my_net = host_create_from_chunk(family, from_addr, from_port);
-                       policy->my_net_mask = get_mask(from_addr, to_addr);
+                       policy->my_net_mask = my_ts->get_netmask(my_ts);
                        allocator_free_chunk(&from_addr);
-                       allocator_free_chunk(&to_addr);
                        
                        /* calculate net and ports for remote side */
                        family = other_ts->get_type(other_ts) == TS_IPV4_ADDR_RANGE ? AF_INET : AF_INET6;
                        from_addr = other_ts->get_from_address(other_ts);
-                       to_addr = other_ts->get_to_address(other_ts);
                        from_port = other_ts->get_from_port(other_ts);
                        to_port = other_ts->get_to_port(other_ts);
                        from_port = (from_port != to_port) ? 0 : from_port;
                        policy->other_net = host_create_from_chunk(family, from_addr, from_port);
-                       policy->other_net_mask = get_mask(from_addr, to_addr);
+                       policy->other_net_mask = other_ts->get_netmask(other_ts);
                        allocator_free_chunk(&from_addr);
-                       allocator_free_chunk(&to_addr);
        
                        /* install 3 policies: out, in and forward */
                        status = charon->kernel_interface->add_policy(charon->kernel_interface,
index 7e4f7c7..2f226c2 100644 (file)
@@ -1031,45 +1031,36 @@ static void destroy (private_ike_sa_t *this)
                                          this->ike_sa_id->get_responder_spi(this->ike_sa_id),
                                          this->ike_sa_id->is_initiator(this->ike_sa_id) ? "initiator" : "responder");
 
-       /* destroy child sa's */
+       /* inform other peer of delete */
+       send_delete_ike_sa_request(this);
+       
        while (this->child_sas->remove_last(this->child_sas, (void**)&child_sa) == SUCCESS)
        {
                child_sa->destroy(child_sa);
        }
        this->child_sas->destroy(this->child_sas);
-       
        if (this->crypter_initiator != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy initiator crypter_t object");
                this->crypter_initiator->destroy(this->crypter_initiator);
        }
-       
        if (this->crypter_responder != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy responder crypter_t object");
                this->crypter_responder->destroy(this->crypter_responder);
        }
-       
        if (this->signer_initiator != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy initiator signer_t object");
                this->signer_initiator->destroy(this->signer_initiator);
        }
-
        if (this->signer_responder != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy responder signer_t object");
                this->signer_responder->destroy(this->signer_responder);
        }
-       
        if (this->prf != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy prf_t object");
                this->prf->destroy(this->prf);
        }
        if (this->child_prf != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy child_prf object");
                this->child_prf->destroy(this->child_prf);
        }
        if (this->prf_auth_i != NULL)
@@ -1080,45 +1071,25 @@ static void destroy (private_ike_sa_t *this)
        {
                this->prf_auth_r->destroy(this->prf_auth_r);
        }
-       
-       /* destroy ike_sa_id */
-       this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy ike_sa_id object");
        this->ike_sa_id->destroy(this->ike_sa_id);
-
-       /* destroy stored requested message */
        if (this->last_requested_message != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy last requested message");
                this->last_requested_message->destroy(this->last_requested_message);
        }
-       
-       /* destroy stored responded messages */
        if (this->last_responded_message != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy last responded message");
                this->last_responded_message->destroy(this->last_responded_message);
        }
-       
-       /* destroy stored host_t objects */
        if (this->me.host != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy my host_t object");
                this->me.host->destroy(this->me.host);
        }
-       
-       /* destroy stored host_t objects */
        if (this->other.host != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy other host_t object");
                this->other.host->destroy(this->other.host);
        }
-               
        this->randomizer->destroy(this->randomizer);
-
-       this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy current state object");
        this->current_state->destroy(this->current_state);
-       
-       this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy logger of IKE_SA");
        charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
 
        allocator_free(this);
index 56a643c..976ed76 100644 (file)
@@ -48,15 +48,6 @@ struct private_ike_sa_established_t {
        logger_t *logger;
        
        /**
-        * Process received DELETE payload and build DELETE payload for INFORMATIONAL response.
-        * 
-        * @param this                  calling object
-        * @param request               DELETE payload received in INFORMATIONAL request
-        * @param response              The created DELETE payload is added to this message_t object
-        */
-       status_t (*build_delete_payload) (private_ike_sa_established_t *this, delete_payload_t *request, message_t *response);
-       
-       /**
         * Process a notify payload
         * 
         * @param this                          calling object
@@ -145,6 +136,7 @@ static status_t process_message(private_ike_sa_established_t *this, message_t *m
                        case DELETE:
                        {
                                delete_request = (delete_payload_t *) payload;
+                               break;
                        }
                        default:
                        {
@@ -158,16 +150,21 @@ static status_t process_message(private_ike_sa_established_t *this, message_t *m
        payloads->destroy(payloads);
        
        if (delete_request)
-       {
-               status = this->build_delete_payload(this, delete_request, response);
-               if (status == DELETE_ME)
+       {       
+               if (delete_request->get_protocol_id(delete_request) == IKE)
                {
+                       this->logger->log(this->logger, AUDIT, "DELETE request for IKE_SA received");
                        response->destroy(response);
-                       return status;
+                       return DELETE_ME;
+               }
+               else
+               {
+                       this->logger->log(this->logger, AUDIT, "DELETE request for CHILD_SA received. Ignored");
+                       response->destroy(response);
+                       return SUCCESS;
                }
        }
        
-       
        status = this->ike_sa->send_response(this->ike_sa, response);
        /* message can now be sent (must not be destroyed) */
        if (status != SUCCESS)
@@ -181,23 +178,6 @@ static status_t process_message(private_ike_sa_established_t *this, message_t *m
 }
 
 /**
- * Implementation of private_ike_sa_established_t.build_sa_payload;
- */
-static status_t build_delete_payload (private_ike_sa_established_t *this, delete_payload_t *request, message_t *response_message)
-{
-       if (request->get_protocol_id(request) == IKE)
-       {
-               this->logger->log(this->logger, AUDIT, "DELETE request for IKE_SA received. Don't reply.");
-               /* IKE_SA has to get deleted */
-               return DELETE_ME;
-       }
-
-       this->logger->log(this->logger, AUDIT, "DELETE payload for CHILD_SAs not supported and handled.");
-
-       return SUCCESS;
-}
-
-/**
  * Implementation of private_ike_sa_established_t.process_notify_payload;
  */
 static status_t process_notify_payload (private_ike_sa_established_t *this, notify_payload_t *notify_payload, message_t *response)
@@ -250,7 +230,6 @@ ike_sa_established_t *ike_sa_established_create(protected_ike_sa_t *ike_sa)
        
        /* private functions */
        this->process_notify_payload = process_notify_payload;
-       this->build_delete_payload = build_delete_payload;
        
        /* private data */
        this->ike_sa = ike_sa;
index 46cbbcd..2e5843e 100644 (file)
@@ -159,7 +159,6 @@ status_t retry_initiate_connection (private_initiator_init_t *this, diffie_hellm
        if (dh_group == MODP_UNDEFINED)
        {
                this->logger->log(this->logger, AUDIT, "No DH group acceptable for initialization, Aborting");
-               message->destroy(message);
                return DELETE_ME;
        }
        
@@ -280,7 +279,7 @@ static void build_nonce_payload(private_initiator_init_t *this, message_t *reque
  */
 static status_t process_message(private_initiator_init_t *this, message_t *message)
 {
-       this->logger->log(this->logger, ERROR, "In state INITIATOR_INIT no message is processed");
+       this->logger->log(this->logger, ERROR, "In state INITIATOR_INIT, no message is processed");
        return FAILED;
 }
 
@@ -302,12 +301,10 @@ static void destroy(private_initiator_init_t *this)
        /* destroy diffie hellman object */
        if (this->diffie_hellman != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Destroy diffie_hellman_t object");
                this->diffie_hellman->destroy(this->diffie_hellman);
        }
        if (this->sent_nonce.ptr != NULL)
        {
-               this->logger->log(this->logger, CONTROL | LEVEL3, "Free memory of sent nonce");
                allocator_free(this->sent_nonce.ptr);
        }
        allocator_free(this);
index d75b00e..bd2721b 100644 (file)
@@ -31,7 +31,9 @@
  */
 void test_init_config(protected_tester_t *tester)
 {
-       init_config_t *init_config = init_config_create("192.168.0.1","192.168.0.2",500,500);
+       host_t *alice = host_create(AF_INET, "192.168.0.1", 500);
+       host_t *bob = host_create(AF_INET, "192.168.0.2", 500);
+       init_config_t *init_config = init_config_create(alice, bob);
        proposal_t *prop1, *prop2, *prop3, *prop4;//, *selected_one;
        linked_list_t *list;
        //status_t status;
index e4c94d9..8e14fc3 100644 (file)
@@ -233,26 +233,22 @@ static void process_incoming_packet_job(private_thread_pool_t *this, incoming_pa
                                
        if ((message->get_major_version(message) != IKE_MAJOR_VERSION) || 
                        (message->get_minor_version(message) != IKE_MINOR_VERSION))
-
        {
                this->worker_logger->log(this->worker_logger, ERROR | LEVEL2, "IKE version %d.%d not supported", 
-                                                                message->get_major_version(message),
-                                                                message->get_minor_version(message));  
+                                                                       message->get_major_version(message),
+                                                                       message->get_minor_version(message));   
                /*
-                * TODO send notify reply of type INVALID_MAJOR_VERSION for requests of type IKE_SA_INIT.
-                * 
                 * This check is not handled in state_t object of IKE_SA to increase speed.
                 */
-                if ((message->get_exchange_type(message) == IKE_SA_INIT) && (message->get_request(message)))
-                {
-                       message_t *response;
-                       message->get_ike_sa_id(message, &ike_sa_id);
-                       ike_sa_id->switch_initiator(ike_sa_id);
-                       response = message_create_notify_reply(message->get_destination(message),
-                                                                                                  message->get_source(message),
-                                                                                                  IKE_SA_INIT,
-                                                                                                  FALSE,ike_sa_id,INVALID_MAJOR_VERSION);
-
+               if ((message->get_exchange_type(message) == IKE_SA_INIT) && (message->get_request(message)))
+                       {
+                       message_t *response;
+                       message->get_ike_sa_id(message, &ike_sa_id);
+                       ike_sa_id->switch_initiator(ike_sa_id);
+                       response = message_create_notify_reply(message->get_destination(message),
+                                                                                                       message->get_source(message),
+                                                                                                       IKE_SA_INIT,
+                                                                                                       FALSE,ike_sa_id,INVALID_MAJOR_VERSION);
                        message->destroy(message);
                        ike_sa_id->destroy(ike_sa_id);
                        status = response->generate(response, NULL, NULL, &packet);
@@ -266,10 +262,9 @@ static void process_incoming_packet_job(private_thread_pool_t *this, incoming_pa
                        charon->send_queue->add(charon->send_queue, packet);
                        response->destroy(response);
                        return;
-                }
-               message->destroy(message);
-               
-                return;
+               }
+               message->destroy(message);
+               return;
        }
                                
        message->get_ike_sa_id(message, &ike_sa_id);
index bdc8aae..1136be1 100644 (file)
@@ -22,7 +22,8 @@
  
  
 #include "logger_manager.h"
+
+#include <daemon.h>
 #include <definitions.h>
 #include <utils/allocator.h>
 #include <utils/linked_list.h>
@@ -160,11 +161,11 @@ static logger_t *create_logger(private_logger_manager_t *this, logger_context_t
        context_name = mapping_find(logger_context_t_mappings,context);
        
        /* output to stdout, since we are debugging all days */
-       output = stdout;
+       output = LOG_OUTPUT;
        
        /* defaults */
        log_thread_ids = FALSE;
-       logger_level = this->public.get_logger_level(&(this->public),context);;
+       logger_level = this->public.get_logger_level(&(this->public),context);
 
        switch(context)
        {
index e934435..f160c0c 100644 (file)
@@ -69,6 +69,12 @@ typedef struct logger_manager_t logger_manager_t;
  * 
  * @see logger_t
  * 
+ * @todo We currently give out a new instance for every logger requested.
+ * This is unnecessary. One logger for each class would be sufficient.
+ * 
+ * @todo We could remove logger naming (additional to classes), since we have
+ * never used it (and probably never will).
+ * 
  * @ingroup utils
  */
 struct logger_manager_t {