root/trunk/src/charon/plugins/nm/nm_plugin.c

Revision 4326, 2.6 kB (checked in by martin, 4 months ago)

implemented NetworkManager certificate/private key authentication using ssh-agent

Line 
1 /*
2  * Copyright (C) 2008 Martin Willi
3  * Hochschule fuer Technik Rapperswil
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License as published by the
7  * Free Software Foundation; either version 2 of the License, or (at your
8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
9  *
10  * This program is distributed in the hope that it will be useful, but
11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
13  * for more details.
14  *
15  * $Id$
16  */
17
18 #include "nm_plugin.h"
19 #include "nm_service.h"
20 #include "nm_creds.h"
21
22 #include <daemon.h>
23 #include <processing/jobs/callback_job.h>
24
25 #define CAP_DAC_OVERRIDE 1
26
27 typedef struct private_nm_plugin_t private_nm_plugin_t;
28
29 /**
30  * private data of nm plugin
31  */
32 struct private_nm_plugin_t {
33
34     /**
35      * implements plugin interface
36      */
37     nm_plugin_t public;
38    
39     /**
40      * NetworkManager service (VPNPlugin)
41      */
42     NMStrongswanPlugin *plugin;
43    
44     /**
45      * Glib main loop for a thread, handles DBUS calls
46      */
47     GMainLoop *loop;
48    
49     /**
50      * credential set registered at the daemon
51      */
52     nm_creds_t *creds;
53 };
54
55 /**
56  * NM plugin processing routine, creates and handles NMVPNPlugin
57  */
58 static job_requeue_t run(private_nm_plugin_t *this)
59 {
60     this->loop = g_main_loop_new(NULL, FALSE);
61     g_main_loop_run(this->loop);
62     g_main_loop_unref(this->loop);
63    
64     return JOB_REQUEUE_NONE;
65 }
66
67 /**
68  * Implementation of plugin_t.destroy
69  */
70 static void destroy(private_nm_plugin_t *this)
71 {
72     if (this->loop)
73     {
74         g_main_loop_quit(this->loop);
75     }
76     if (this->plugin)
77     {
78         g_object_unref(this->plugin);
79     }
80     charon->credentials->remove_set(charon->credentials, &this->creds->set);
81     this->creds->destroy(this->creds);
82     free(this);
83 }
84
85 /*
86  * see header file
87  */
88 plugin_t *plugin_create()
89 {
90     private_nm_plugin_t *this = malloc_thing(private_nm_plugin_t);
91    
92     this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
93    
94     this->loop = NULL;
95     g_type_init ();
96     if (!g_thread_supported())
97     {
98         g_thread_init(NULL);
99     }
100    
101     this->creds = nm_creds_create();
102     charon->credentials->add_set(charon->credentials, &this->creds->set);
103     this->plugin = nm_strongswan_plugin_new(this->creds);
104     if (!this->plugin)
105     {
106         DBG1(DBG_CFG, "DBUS binding failed");
107         destroy(this);
108         return NULL;
109     }
110    
111     /* bypass file permissions to read from users ssh-agent */
112     charon->keep_cap(charon, CAP_DAC_OVERRIDE);
113    
114     charon->processor->queue_job(charon->processor,
115          (job_t*)callback_job_create((callback_job_cb_t)run, this, NULL, NULL));
116    
117     return &this->public.plugin;
118 }
119
Note: See TracBrowser for help on using the browser.