set up basic infrastructure ha_sync plugin
authorMartin Willi <martin@strongswan.org>
Wed, 12 Nov 2008 13:28:18 +0000 (13:28 +0000)
committerMartin Willi <martin@revosec.ch>
Wed, 7 Apr 2010 11:55:11 +0000 (13:55 +0200)
src/charon/plugins/ha_sync/Makefile.am
src/charon/plugins/ha_sync/ha_sync_child.c
src/charon/plugins/ha_sync/ha_sync_child.h
src/charon/plugins/ha_sync/ha_sync_ike.c [new file with mode: 0644]
src/charon/plugins/ha_sync/ha_sync_ike.h [new file with mode: 0644]
src/charon/plugins/ha_sync/ha_sync_message.c [new file with mode: 0644]
src/charon/plugins/ha_sync/ha_sync_message.h [new file with mode: 0644]
src/charon/plugins/ha_sync/ha_sync_plugin.c
src/charon/plugins/ha_sync/ha_sync_socket.c [new file with mode: 0644]
src/charon/plugins/ha_sync/ha_sync_socket.h [new file with mode: 0644]

index be4e358..d3c4649 100644 (file)
@@ -4,7 +4,11 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
 AM_CFLAGS = -rdynamic
 
 plugin_LTLIBRARIES = libstrongswan-ha-sync.la
-libstrongswan_ha_sync_la_SOURCES = ha_sync_plugin.h ha_sync_plugin.c \
+libstrongswan_ha_sync_la_SOURCES = \
+  ha_sync_plugin.h ha_sync_plugin.c \
+  ha_sync_message.h ha_sync_message.c \
+  ha_sync_socket.h ha_sync_socket.c \
+  ha_sync_ike.h ha_sync_ike.c \
   ha_sync_child.h ha_sync_child.c
 libstrongswan_ha_sync_la_LDFLAGS = -module
 
index 1d05f20..ab6908e 100644 (file)
@@ -18,8 +18,6 @@
 #include "ha_sync_child.h"
 
 typedef struct private_ha_sync_child_t private_ha_sync_child_t;
-typedef struct serialized_child_sa_t serialized_child_sa_t;
-typedef struct serialized_ts_t serialized_ts_t;
 
 /**
  * Private data of an ha_sync_child_t object.
@@ -30,163 +28,20 @@ struct private_ha_sync_child_t {
         * Public ha_sync_child_t interface.
         */
        ha_sync_child_t public;
-};
-
-/* version number of serialization fromat */
-#define SERIALIZE_VERSION 1
-
-/**
- * A serialized traffic selector
- */
-struct serialized_ts_t {
-       u_int8_t type;
-       u_int8_t protocol;
-       u_int8_t dynamic;
-       struct {
-               u_int8_t addr[16];
-               u_int16_t port;
-       } from, to;
-};
-
-/**
- * A serialized CHILD_SA
- */
-struct serialized_child_sa_t {
-
-       u_int8_t version;
-
-       /* per CHILD values */
-       u_int8_t protocol;
-       u_int8_t mode;
-       u_int8_t encap;
-       u_int8_t ipcomp;
-       u_int32_t soft_lifetime;
-       u_int32_t hard_lifetime;
 
-       /* configuration name */
-       char config[32];
-
-       /* algs and keys */
-       struct {
-               u_int16_t alg;
-               u_int16_t keylen;
-               u_int8_t in[64], out[64];
-       } integrity, encryption;
-
-       struct {
-               u_int32_t spi;
-               u_int16_t cpi;
-
-               u_int8_t addr_fam;
-               u_int8_t addr[16];
-               u_int16_t port;
-
-               /* traffic selector, currently only one, TODO */
-               serialized_ts_t ts;
-       } in, out;
+       /**
+        * socket we use for syncing
+        */
+       ha_sync_socket_t *socket;
 };
 
 /**
- * Serialize a traffic selector list
+ * Implementation of listener_t.child_keys
  */
-static void serialize_ts_list(linked_list_t *ts_list, serialized_ts_t *ser)
+static bool child_keys(private_ha_sync_child_t *this, ike_sa_t *ike_sa,
+                                          child_sa_t *child_sa, diffie_hellman_t *dh,
+                                          chunk_t nonce_i, chunk_t nonce_r)
 {
-       enumerator_t *enumerator;
-       traffic_selector_t *ts;
-       chunk_t chunk;
-       int i = 0;
-
-       enumerator = ts_list->create_enumerator(ts_list);
-       if (enumerator->enumerate(enumerator, &ts))
-       {
-               ser->type = ts->get_type(ts);
-               ser->protocol = ts->get_protocol(ts);
-               ser->dynamic = ts->is_dynamic(ts);
-               ser->from.port = htons(ts->get_from_port(ts));
-               ser->to.port = htons(ts->get_to_port(ts));
-               chunk = ts->get_from_address(ts);
-               memcpy(ser->from.addr, chunk.ptr, min(chunk.len, sizeof(ser->from.addr)));
-               chunk = ts->get_to_address(ts);
-               memcpy(ser->to.addr, chunk.ptr, min(chunk.len, sizeof(ser->to.addr)));
-       }
-       enumerator->destroy(enumerator);
-}
-
-/**
- * Serialize a CHILD_SA
- */
-static chunk_t serialize(ike_sa_t *ike_sa, child_sa_t *child_sa)
-{
-       serialized_child_sa_t *ser;
-       child_cfg_t *config;
-       host_t *me, *other;
-       chunk_t chunk;
-
-       config = child_sa->get_config(child_sa);
-       me = ike_sa->get_my_host(ike_sa);
-       other = ike_sa->get_other_host(ike_sa);
-
-       ser = malloc_thing(serialized_child_sa_t);
-       memset(ser, 0, sizeof(serialized_child_sa_t));
-
-       ser->version = SERIALIZE_VERSION;
-       ser->protocol = child_sa->get_protocol(child_sa);
-       ser->mode = child_sa->get_mode(child_sa);
-       ser->encap = child_sa->has_encap(child_sa);
-       ser->ipcomp = child_sa->get_ipcomp(child_sa);
-       ser->soft_lifetime = child_sa->get_lifetime(child_sa, FALSE);
-       ser->hard_lifetime = child_sa->get_lifetime(child_sa, TRUE);
-       ser->in.spi = child_sa->get_spi(child_sa, TRUE);
-       ser->in.cpi = child_sa->get_cpi(child_sa, TRUE);
-       ser->out.spi = child_sa->get_spi(child_sa, FALSE);
-       ser->out.cpi = child_sa->get_cpi(child_sa, FALSE);
-       snprintf(ser->config, sizeof(ser->config), config->get_name(config));
-
-       ser->integrity.alg = child_sa->get_integrity(child_sa, TRUE, &chunk);
-       ser->integrity.keylen = chunk.len;
-       memcpy(ser->integrity.in, chunk.ptr, ser->integrity.keylen);
-       child_sa->get_integrity(child_sa, FALSE, &chunk);
-       memcpy(ser->integrity.out, chunk.ptr, ser->integrity.keylen);
-
-       ser->encryption.alg = child_sa->get_encryption(child_sa, TRUE, &chunk);
-       ser->encryption.keylen = chunk.len;
-       memcpy(ser->encryption.in, chunk.ptr, ser->encryption.keylen);
-       child_sa->get_integrity(child_sa, FALSE, &chunk);
-       memcpy(ser->encryption.out, chunk.ptr, ser->encryption.keylen);
-
-       ser->in.addr_fam = me->get_family(me);
-       ser->in.port = htons(me->get_port(me));
-       chunk = me->get_address(me);
-       memcpy(ser->in.addr, chunk.ptr, chunk.len);
-
-       ser->out.addr_fam = other->get_family(other);
-       ser->out.port = htons(other->get_port(other));
-       chunk = other->get_address(other);
-       memcpy(ser->out.addr, chunk.ptr, chunk.len);
-
-       serialize_ts_list(child_sa->get_traffic_selectors(child_sa, TRUE),
-                                         &ser->in.ts);
-       serialize_ts_list(child_sa->get_traffic_selectors(child_sa, FALSE),
-                                         &ser->out.ts);
-
-       return chunk_create((void*)ser, sizeof(serialized_child_sa_t));
-}
-
-/**
- * Listener implementation
- */
-static bool child_state_change(private_ha_sync_child_t *this, ike_sa_t *ike_sa,
-                                                          child_sa_t *child_sa, child_sa_state_t state)
-{
-       if (state == CHILD_INSTALLED)
-       {
-               chunk_t chunk;
-
-               chunk = serialize(ike_sa, child_sa);
-               DBG1(DBG_IKE, "NEW CHILD: %B", &chunk);
-
-               chunk_clear(&chunk);
-       }
        return TRUE;
 }
 
@@ -201,15 +56,16 @@ static void destroy(private_ha_sync_child_t *this)
 /**
  * See header
  */
-ha_sync_child_t *ha_sync_child_create()
+ha_sync_child_t *ha_sync_child_create(ha_sync_socket_t *socket)
 {
        private_ha_sync_child_t *this = malloc_thing(private_ha_sync_child_t);
 
        memset(&this->public.listener, 0, sizeof(listener_t));
-
-       this->public.listener.child_state_change = (void*)child_state_change;
+       this->public.listener.child_keys = (bool(*)(listener_t*, ike_sa_t *ike_sa, child_sa_t *child_sa, diffie_hellman_t *dh, chunk_t nonce_i, chunk_t nonce_r))child_keys;
        this->public.destroy = (void(*)(ha_sync_child_t*))destroy;
 
+       this->socket = socket;
+
        return &this->public;
 }
 
index 6b66c8c..8a5edcb 100644 (file)
@@ -23,6 +23,8 @@
 #ifndef HA_SYNC_CHILD_H_
 #define HA_SYNC_CHILD_H_
 
+#include "ha_sync_socket.h"
+
 #include <daemon.h>
 
 typedef struct ha_sync_child_t ha_sync_child_t;
@@ -45,7 +47,9 @@ struct ha_sync_child_t {
 
 /**
  * Create a ha_sync_child instance.
+ *
+ * @param socket               socket to use for sending synchronization messages
  */
-ha_sync_child_t *ha_sync_child_create();
+ha_sync_child_t *ha_sync_child_create(ha_sync_socket_t *socket);
 
 #endif /* HA_SYNC_CHILD_ @}*/
diff --git a/src/charon/plugins/ha_sync/ha_sync_ike.c b/src/charon/plugins/ha_sync/ha_sync_ike.c
new file mode 100644 (file)
index 0000000..e894e39
--- /dev/null
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+#include "ha_sync_ike.h"
+
+typedef struct private_ha_sync_ike_t private_ha_sync_ike_t;
+
+/**
+ * Private data of an ha_sync_ike_t object.
+ */
+struct private_ha_sync_ike_t {
+
+       /**
+        * Public ha_sync_ike_t interface.
+        */
+       ha_sync_ike_t public;
+
+       /**
+        * socket we use for syncing
+        */
+       ha_sync_socket_t *socket;
+};
+
+/**
+ * Implementation of listener_t.ike_keys
+ */
+static bool ike_keys(private_ha_sync_ike_t *this, ike_sa_t *ike_sa,
+                                        diffie_hellman_t *dh, chunk_t nonce_i, chunk_t nonce_r,
+                                        ike_sa_t *rekey)
+{
+       return TRUE;
+}
+
+/**
+ * Implementation of ha_sync_ike_t.destroy.
+ */
+static void destroy(private_ha_sync_ike_t *this)
+{
+       free(this);
+}
+
+/**
+ * See header
+ */
+ha_sync_ike_t *ha_sync_ike_create(ha_sync_socket_t *socket)
+{
+       private_ha_sync_ike_t *this = malloc_thing(private_ha_sync_ike_t);
+
+       memset(&this->public.listener, 0, sizeof(listener_t));
+       this->public.listener.ike_keys = (bool(*)(listener_t*, ike_sa_t *ike_sa, diffie_hellman_t *dh,chunk_t nonce_i, chunk_t nonce_r, ike_sa_t *rekey))ike_keys;
+       this->public.destroy = (void(*)(ha_sync_ike_t*))destroy;
+
+       this->socket = socket;
+
+       return &this->public;
+}
+
diff --git a/src/charon/plugins/ha_sync/ha_sync_ike.h b/src/charon/plugins/ha_sync/ha_sync_ike.h
new file mode 100644 (file)
index 0000000..f2d0343
--- /dev/null
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+/**
+ * @defgroup ha_sync_ike ha_sync_ike
+ * @{ @ingroup ha_sync
+ */
+
+#ifndef HA_SYNC_IKE_H_
+#define HA_SYNC_IKE_H_
+
+#include "ha_sync_socket.h"
+
+#include <daemon.h>
+
+typedef struct ha_sync_ike_t ha_sync_ike_t;
+
+/**
+ * Synchronize IKE_SAs.
+ */
+struct ha_sync_ike_t {
+
+       /**
+        * Implements bus listener interface.
+        */
+       listener_t listener;
+
+       /**
+        * Destroy a ha_sync_ike_t.
+        */
+       void (*destroy)(ha_sync_ike_t *this);
+};
+
+/**
+ * Create a ha_sync_ike instance.
+ *
+ * @param socket               socket to use for sending synchronization messages
+ */
+ha_sync_ike_t *ha_sync_ike_create(ha_sync_socket_t *socket);
+
+#endif /* HA_SYNC_IKE_ @}*/
diff --git a/src/charon/plugins/ha_sync/ha_sync_message.c b/src/charon/plugins/ha_sync/ha_sync_message.c
new file mode 100644 (file)
index 0000000..fcb601c
--- /dev/null
@@ -0,0 +1,207 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+#include "ha_sync_message.h"
+
+#include <arpa/inet.h>
+
+#include <daemon.h>
+
+typedef struct private_ha_sync_message_t private_ha_sync_message_t;
+
+/**
+ * Private data of an ha_sync_message_t object.
+ */
+struct private_ha_sync_message_t {
+
+       /**
+        * Public ha_sync_message_t interface.
+        */
+       ha_sync_message_t public;
+
+       /**
+        * Number of bytes allocted in buffer
+        */
+       size_t allocated;
+
+       /**
+        * Buffer containing encoded data
+        */
+       chunk_t buf;
+};
+
+/**
+ * Implementation of ha_sync_message_t.get_type
+ */
+static ha_sync_message_type_t get_type(private_ha_sync_message_t *this)
+{
+       return this->buf.ptr[1];
+}
+
+/**
+ * check for space in buffer, increase if necessary
+ */
+static void check_buf(private_ha_sync_message_t *this, size_t len)
+{
+       while (this->buf.len + len > this->allocated)
+       {       /* double size */
+               this->allocated = this->allocated * 2;
+               this->buf.ptr = realloc(this->buf.ptr, this->allocated);
+       }
+}
+
+/**
+ * Implementation of ha_sync_message_t.add_attribute
+ */
+static void add_attribute(private_ha_sync_message_t *this,
+                                                 ha_sync_message_attribute_t attribute,
+                                                 ha_sync_message_value_t value)
+{
+       size_t len;
+
+       check_buf(this, sizeof(u_int8_t));
+       this->buf.ptr[this->buf.len] = attribute;
+       this->buf.len += sizeof(u_int8_t);
+
+       switch (attribute)
+       {
+               case HA_SYNC_ENCAP_U8:
+               case HA_SYNC_MODE_U8:
+               case HA_SYNC_IPCOMP_U8:
+                       check_buf(this, sizeof(value.u8));
+                       this->buf.ptr[this->buf.len] = value.u8;
+                       this->buf.len += sizeof(value.u8);
+                       break;
+               case HA_SYNC_PORT_L_U16:
+               case HA_SYNC_PORT_R_U16:
+               case HA_SYNC_CPI_L_U16:
+               case HA_SYNC_CPI_R_U16:
+               case HA_SYNC_ALG_INTEG_U16:
+               case HA_SYNC_ALG_ENC_U16:
+                       check_buf(this, sizeof(value.u16));
+                       this->buf.ptr[this->buf.len] = htons(value.u16);
+                       this->buf.len += sizeof(value.u16);
+                       break;
+               case HA_SYNC_SPI_L_U32:
+               case HA_SYNC_SPI_R_U32:
+                       check_buf(this, sizeof(value.u32));
+                       this->buf.ptr[this->buf.len] = htonl(value.u32);
+                       this->buf.len += sizeof(value.u32);
+                       break;
+               case HA_SYNC_IPV4_L_CHNK:
+               case HA_SYNC_IPV4_R_CHNK:
+               case HA_SYNC_NONCE_I_CHNK:
+               case HA_SYNC_NONCE_R_CHNK:
+               case HA_SYNC_SECRET_CHNK:
+                       check_buf(this, value.chnk.len);
+                       memcpy(this->buf.ptr + this->buf.len, value.chnk.ptr, value.chnk.len);
+                       this->buf.len += value.chnk.len;
+                       break;
+               case HA_SYNC_CONFIG_STR:
+                       len = strlen(value.str) + 1;
+                       check_buf(this, len);
+                       memcpy(this->buf.ptr + this->buf.len, value.str, len);
+                       this->buf.len += len;
+                       break;
+               default:
+                       DBG1(DBG_CFG, "unable to encode, attribute %d unknown", attribute);
+                       this->buf.len -= sizeof(u_int8_t);
+                       break;
+       }
+}
+
+/**
+ * Implementation of ha_sync_message_t.create_attribute_enumerator
+ */
+static enumerator_t* create_attribute_enumerator(private_ha_sync_message_t *this)
+{
+       return enumerator_create_empty();
+}
+
+/**
+ * Implementation of ha_sync_message_t.get_encoding
+ */
+static chunk_t get_encoding(private_ha_sync_message_t *this)
+{
+       return this->buf;
+}
+
+/**
+ * Implementation of ha_sync_message_t.destroy.
+ */
+static void destroy(private_ha_sync_message_t *this)
+{
+       free(this->buf.ptr);
+       free(this);
+}
+
+
+static private_ha_sync_message_t *ha_sync_message_create_generic()
+{
+       private_ha_sync_message_t *this = malloc_thing(private_ha_sync_message_t);
+
+       this->public.get_type = (ha_sync_message_type_t(*)(ha_sync_message_t*))get_type;
+       this->public.add_attribute = (void(*)(ha_sync_message_t*, ha_sync_message_attribute_t attribute, ...))add_attribute;
+       this->public.create_attribute_enumerator = (enumerator_t*(*)(ha_sync_message_t*))create_attribute_enumerator;
+       this->public.get_encoding = (chunk_t(*)(ha_sync_message_t*))get_encoding;
+       this->public.destroy = (void(*)(ha_sync_message_t*))destroy;
+
+       return this;
+}
+
+/**
+ * See header
+ */
+ha_sync_message_t *ha_sync_message_create(ha_sync_message_type_t type)
+{
+       private_ha_sync_message_t *this = ha_sync_message_create_generic();
+
+       this->allocated = 64;
+       this->buf.ptr = malloc(this->allocated);
+       this->buf.len = 2;
+       this->buf.ptr[0] = HA_SYNC_MESSAGE_VERSION;
+       this->buf.ptr[1] = type;
+
+       return &this->public;
+}
+
+/**
+ * See header
+ */
+ha_sync_message_t *ha_sync_message_parse(chunk_t data)
+{
+       private_ha_sync_message_t *this;
+
+       if (data.len < 2)
+       {
+               DBG1(DBG_CFG, "HA sync message too short");
+               return NULL;
+       }
+       if (data.ptr[0] != HA_SYNC_MESSAGE_VERSION)
+       {
+               DBG1(DBG_CFG, "HA sync message has version %d, expected %d",
+                        data.ptr[0], HA_SYNC_MESSAGE_VERSION);
+               return NULL;
+       }
+
+       this = ha_sync_message_create_generic();
+       this->buf = chunk_clone(data);
+       this->allocated = this->buf.len;
+
+       return &this->public;
+}
+
diff --git a/src/charon/plugins/ha_sync/ha_sync_message.h b/src/charon/plugins/ha_sync/ha_sync_message.h
new file mode 100644 (file)
index 0000000..714becf
--- /dev/null
@@ -0,0 +1,137 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+/**
+ * @defgroup ha_sync_message ha_sync_message
+ * @{ @ingroup ha_sync
+ */
+
+#ifndef HA_SYNC_MESSAGE_H_
+#define HA_SYNC_MESSAGE_H_
+
+#include <library.h>
+
+/**
+ * Protocol version of this implementation
+ */
+#define HA_SYNC_MESSAGE_VERSION 1
+
+typedef struct ha_sync_message_t ha_sync_message_t;
+typedef enum ha_sync_message_type_t ha_sync_message_type_t;
+typedef enum ha_sync_message_attribute_t ha_sync_message_attribute_t;
+typedef union ha_sync_message_value_t ha_sync_message_value_t;
+
+/**
+ * Type of a sync message
+ */
+enum ha_sync_message_type_t {
+       HA_SYNC_CHILD_SA = 0,
+       HA_SYNC_IKE_SA,
+       HA_SYNC_IKE_MID,
+};
+
+/**
+ * Type of attributes contained in a message
+ */
+enum ha_sync_message_attribute_t {
+       HA_SYNC_CONFIG_STR = 0,
+       HA_SYNC_IPV4_L_CHNK,
+       HA_SYNC_IPV4_R_CHNK,
+       HA_SYNC_PORT_L_U16,
+       HA_SYNC_PORT_R_U16,
+       HA_SYNC_SPI_L_U32,
+       HA_SYNC_SPI_R_U32,
+       HA_SYNC_CPI_L_U16,
+       HA_SYNC_CPI_R_U16,
+       HA_SYNC_ENCAP_U8,
+       HA_SYNC_MODE_U8,
+       HA_SYNC_IPCOMP_U8,
+       HA_SYNC_NONCE_I_CHNK,
+       HA_SYNC_NONCE_R_CHNK,
+       HA_SYNC_SECRET_CHNK,
+       HA_SYNC_ALG_INTEG_U16,
+       HA_SYNC_ALG_ENC_U16,
+};
+
+/**
+ * Union to enumerate typed attributes in a message
+ */
+union ha_sync_message_value_t {
+       u_int8_t u8;
+       u_int32_t u32;
+       u_int16_t u16;
+       chunk_t chnk;
+       char *str;
+};
+
+/**
+ * Abstracted message passed between nodes in a HA cluster.
+ */
+struct ha_sync_message_t {
+
+       /**
+        * Get the type of the message.
+        *
+        * @return              message type
+        */
+       ha_sync_message_type_t (*get_type)(ha_sync_message_t *this);
+
+       /**
+        * Add an attribute to a message.
+        *
+        * @param attribute             attribute type to add
+        * @param ...                   attribute specific data
+        */
+       void (*add_attribute)(ha_sync_message_t *this,
+                                                 ha_sync_message_attribute_t attribute, ...);
+
+       /**
+        * Create an enumerator over all attributes in a message.
+        *
+        * @return                              enumerator over attribute, ha_sync_message_value_t
+        */
+       enumerator_t* (*create_attribute_enumerator)(ha_sync_message_t *this);
+
+       /**
+        * Get the message in a encoded form.
+        *
+        * @return                              chunk pointing to internal data
+        */
+       chunk_t (*get_encoding)(ha_sync_message_t *this);
+
+       /**
+        * Destroy a ha_sync_message_t.
+        */
+       void (*destroy)(ha_sync_message_t *this);
+};
+
+/**
+ * Create a new ha_sync_message instance, ready for adding attributes
+ *
+ * @param version                      protocol version to create a message from
+ * @param type                         type of the message
+ */
+ha_sync_message_t *ha_sync_message_create(ha_sync_message_type_t type);
+
+/**
+ * Create a ha_sync_message from encoded data.
+ *
+ * @param data                         encoded message data
+ */
+ha_sync_message_t *ha_sync_message_parse(chunk_t data);
+
+#endif /* HA_SYNC_MESSAGE_ @}*/
index 1dfa14d..d6d2fe3 100644 (file)
@@ -16,7 +16,9 @@
  */
 
 #include "ha_sync_plugin.h"
+#include "ha_sync_ike.h"
 #include "ha_sync_child.h"
+#include "ha_sync_socket.h"
 
 #include <daemon.h>
 #include <config/child_cfg.h>
@@ -34,7 +36,17 @@ struct private_ha_sync_plugin_t {
        ha_sync_plugin_t public;
 
        /**
-        * CHILD_SA sync
+        * Communication socket
+        */
+       ha_sync_socket_t *socket;
+
+       /**
+        * IKE_SA synchronization
+        */
+       ha_sync_ike_t *ike;
+
+       /**
+        * CHILD_SA synchronization
         */
        ha_sync_child_t *child;
 };
@@ -44,8 +56,11 @@ struct private_ha_sync_plugin_t {
  */
 static void destroy(private_ha_sync_plugin_t *this)
 {
+       charon->bus->remove_listener(charon->bus, &this->ike->listener);
        charon->bus->remove_listener(charon->bus, &this->child->listener);
+       this->ike->destroy(this->ike);
        this->child->destroy(this->child);
+       this->socket->destroy(this->socket);
        free(this);
 }
 
@@ -58,7 +73,15 @@ plugin_t *plugin_create()
 
        this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
 
-       this->child = ha_sync_child_create();
+       this->socket = ha_sync_socket_create();
+       if (!this->socket)
+       {
+               free(this);
+               return NULL;
+       }
+       this->ike = ha_sync_ike_create(this->socket);
+       this->child = ha_sync_child_create(this->socket);
+       charon->bus->add_listener(charon->bus, &this->ike->listener);
        charon->bus->add_listener(charon->bus, &this->child->listener);
 
        return &this->public.plugin;
diff --git a/src/charon/plugins/ha_sync/ha_sync_socket.c b/src/charon/plugins/ha_sync/ha_sync_socket.c
new file mode 100644 (file)
index 0000000..193d6cb
--- /dev/null
@@ -0,0 +1,185 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+#include "ha_sync_socket.h"
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <errno.h>
+#include <unistd.h>
+
+#include <daemon.h>
+#include <utils/host.h>
+
+typedef struct private_ha_sync_socket_t private_ha_sync_socket_t;
+
+/**
+ * Private data of an ha_sync_socket_t object.
+ */
+struct private_ha_sync_socket_t {
+
+       /**
+        * Public ha_sync_socket_t interface.
+        */
+       ha_sync_socket_t public;
+
+       /**
+        * UDP communication socket fd
+        */
+       int fd;
+};
+
+/**
+ * Implementation of ha_sync_socket_t.push
+ */
+static void push(private_ha_sync_socket_t *this, ha_sync_message_t *message)
+{
+       chunk_t data;
+
+       data = message->get_encoding(message);
+       if (send(this->fd, data.ptr, data.len, 0) < data.len)
+       {
+               DBG1(DBG_CFG, "pushing HA sync message failed: %s", strerror(errno));
+       }
+}
+
+/**
+ * Implementation of ha_sync_socket_t.pull
+ */
+static ha_sync_message_t *pull(private_ha_sync_socket_t *this)
+{
+       while (TRUE)
+       {
+               ha_sync_message_t *message;
+               char buf[1024];
+               ssize_t len;
+
+               len = recv(this->fd, buf, sizeof(buf), 0);
+               if (len <= 0)
+               {
+                       if (errno != EINTR)
+                       {
+                               DBG1(DBG_CFG, "pulling HA sync message failed: %s",
+                                        strerror(errno));
+                               sleep(1);
+                       }
+                       continue;
+               }
+               message = ha_sync_message_parse(chunk_create(buf, len));
+               if (message)
+               {
+                       return message;
+               }
+       }
+}
+
+/**
+ * read local/remote node address from config
+ */
+static host_t *get_host_config(char *key)
+{
+       char *value;
+       host_t *host;
+
+       value = lib->settings->get_str(lib->settings,
+                                                                  "charon.plugins.ha_sync.%s", NULL, key);
+       if (!value)
+       {
+               DBG1(DBG_CFG, "no %s node specified for HA sync", key);
+               return NULL;
+       }
+       host = host_create_from_dns(value, 0, HA_SYNC_PORT);
+       if (!host)
+       {
+               DBG1(DBG_CFG, "%s node '%s' is invalid", key, value);
+       }
+       return host;
+}
+
+/**
+ * Open and connect the HA sync socket
+ */
+static bool open_socket(private_ha_sync_socket_t *this)
+{
+       host_t *local, *remote;
+       bool success = TRUE;
+
+       local = get_host_config("local");
+       remote = get_host_config("remote");
+       if (!local || !remote)
+       {
+               DESTROY_IF(local);
+               DESTROY_IF(remote);
+               return FALSE;
+       }
+
+       this->fd = socket(local->get_family(local), SOCK_DGRAM, 0);
+       if (!this->fd)
+       {
+               DESTROY_IF(local);
+               DESTROY_IF(remote);
+               DBG1(DBG_CFG, "opening HA sync socket failed: %s", strerror(errno));
+               return FALSE;
+       }
+
+       if (bind(this->fd, local->get_sockaddr(local),
+                        *local->get_sockaddr_len(local)) == -1)
+       {
+               DBG1(DBG_CFG, "binding HA sync socket failed: %s", strerror(errno));
+               close(this->fd);
+               success = FALSE;
+       }
+       if (connect(this->fd, remote->get_sockaddr(remote),
+                               *remote->get_sockaddr_len(remote)) == -1)
+       {
+               DBG1(DBG_CFG, "connecting HA sync socket failed: %s", strerror(errno));
+               close(this->fd);
+               success = FALSE;
+       }
+       local->destroy(local);
+       remote->destroy(remote);
+       return success;
+}
+
+/**
+ * Implementation of ha_sync_socket_t.destroy.
+ */
+static void destroy(private_ha_sync_socket_t *this)
+{
+       close(this->fd);
+       free(this);
+}
+
+/**
+ * See header
+ */
+ha_sync_socket_t *ha_sync_socket_create()
+{
+       private_ha_sync_socket_t *this = malloc_thing(private_ha_sync_socket_t);
+
+       this->public.push = (void(*)(ha_sync_socket_t*, ha_sync_message_t*))push;
+       this->public.pull = (ha_sync_message_t*(*)(ha_sync_socket_t*))pull;
+       this->public.destroy = (void(*)(ha_sync_socket_t*))destroy;
+
+       if (!open_socket(this))
+       {
+               free(this);
+               return NULL;
+       }
+       return &this->public;
+}
+
diff --git a/src/charon/plugins/ha_sync/ha_sync_socket.h b/src/charon/plugins/ha_sync/ha_sync_socket.h
new file mode 100644 (file)
index 0000000..12fdef2
--- /dev/null
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+/**
+ * @defgroup ha_sync_socket ha_sync_socket
+ * @{ @ingroup ha_sync
+ */
+
+#ifndef HA_SYNC_SOCKET_H_
+#define HA_SYNC_SOCKET_H_
+
+#include "ha_sync_message.h"
+
+/**
+ * UDP port we use for communication
+ */
+#define HA_SYNC_PORT 4510
+
+typedef struct ha_sync_socket_t ha_sync_socket_t;
+
+/**
+ * Socket to send/received SA synchronization data
+ */
+struct ha_sync_socket_t {
+
+       /**
+        * Push synchronization information to the responsible node.
+        *
+        * @param message       message to send
+        */
+       void (*push)(ha_sync_socket_t *this, ha_sync_message_t *message);
+
+       /**
+        * Pull synchronization information from a peer we are responsible.
+        *
+        * @return                      received message
+        */
+       ha_sync_message_t *(*pull)(ha_sync_socket_t *this);
+
+       /**
+        * Destroy a ha_sync_socket_t.
+        */
+       void (*destroy)(ha_sync_socket_t *this);
+};
+
+/**
+ * Create a ha_sync_socket instance.
+ */
+ha_sync_socket_t *ha_sync_socket_create();
+
+#endif /* HA_SYNC_SOCKET_ @}*/