strongswan源代码结构与数据结构
strongswan源代码分析
·
文章目录
strongswan Github下载地址
源代码结构
目录下内容
strongswan$ ls
Android.common.mk.in ChangeLog COPYING HACKING m4 README SECURITY.md TODO
Android.mk conf doc init Makefile.am README_LEGACY.md sonar-project.properties
AUTHORS configure.ac Doxyfile.in INSTALL man README.md src
autogen.sh CONTRIBUTING.md fuzz LICENSE NEWS scripts testing
| 文件夹 | 描述 |
|---|---|
| conf | 配置文件 |
| doc | RFC标准文档 |
| init | 初始化信息 |
| src | 源代码文件 |
| scripts | 脚本信息 |
| testing | 测试程序 |
Components
The src directory in the strongSwan distribution contains the following components:
| Component | Description |
|---|---|
| aikgen | Utility to generate an Attestation Identity Key bound to a TPM 1.2 |
| charon | The IKE keying daemon |
| charon-cmd | A command line IKE client |
| charon-nm | The back end for the NetworkManager D-BUS plugin |
| charon-svc | The Windows IKE service |
| charon-systemd | An IKE daemon similar to charon but specifically designed for use with systemd |
| charon-tkm | A variant of charon that is backed by a Trusted Key Manager (TKM) |
| checksum | Utility to generate checksums of built executables and libraries |
| conftest | Conformance test tool |
| frontends/android | VPN client for Android |
| frontends/gnome | NetworkManager plugin |
| frontends/osx | charon-xpc helper daemon for the native macOS application |
| ipsec | The legacy ipsec command line tool wrapping commands and other tools |
| libcharon | Contains most of the code and the plugins of the charon daemon |
| libfast | A lightweight framework to build native web applications using ClearSilver and FastCGI |
| libimcv | Various Integrity Measurement Collectors (IMCs), Integrity Measuremeent Validators (IMVs) and the library code shared by them |
| libipsec | A userland IPsec implementation used by kernel-libipsec and the Android VPN Client app |
| libpts | Contains code for TPM-based Platform Trust Services (PTS) and SWID tag handling |
| libpttls | Implements the PT-TLS protocol |
| libradius | RADIUS protocol implementation used by e.g. the eap-radius and tnc-pdp plugins |
| libsimaka | Contains code shared by several EAP-SIM/AKA plugins |
| libstrongswan | The strongSwan library with basic functions used by the daemons and utilities |
| libtls | TLS implementation used by the eap-tls, eap-ttls, eap-peap and other plugins |
| libtnccs | Implements the IF-TNCCS interface |
| libtncif | Implmements the IF-IMC/IF-IMV interfaces |
| manager | A deprecated graphical management application for charon based on libfast |
| medsrv | An experimental management front end for mediation servers based on libfast |
| pki | Public Key Infrastructure utility |
| pool | Utility to manage attributes and IP address pools provided by the attr-sql plugin |
| pt-tls-client | Integrity measurement client using the PT-TLS protocol |
| scepclient | Utility to enroll certificates using the SCEP protocol |
| sec-updater | Utility extracting information about security updates and backports of Linux repositories (e.g. Debian or Ubuntu) |
| starter | Legacy daemon that reads ipsec.conf and controls the keying daemon charon |
| stroke | Legacy command line utility to control charon via the stroke protocol |
| swanctl | Configuration and control utility that communicates via the vici interface |
| sw-collector | Utility extracting information about software package installation, update or removal events from the apt history log |
| tpm_extendpcr | Tool that extends a digest into a TPM PCR |
| _updown | Default script called by the updown plugin on tunnel up/down events |
| xfrmi | Create an XFRM interface |
libstrongswan/目录下文件描述
| 文件 | 描述 |
|---|---|
| backtrace.c backtrace.h | 回溯 |
| chunk.c chunk.h | 块 |
| debug.c debug.h | 调试 |
| integrity_checker.c integrity_checker.h | 完整性检查 |
| lexparser.c lexparser.h | |
| printf_hook/ | |
| utils/ utils.c utils.h | |
| compat/ | 兼容性 |
| enum.c enum.h | 枚举 |
| optionsfrom.c optionsfrom.h | 参数 |
| process.c process.h | 处理 |
| capabilities.c capabilities.h | 能力 |
| cpu_feature.c cpu_feature.h | CPU特性 |
| leak_detective.c leak_detective.h | 丢包检测 |
| identification.c identification.h | 识别 |
| parser_helper.c parser_helper.h | 解析帮助 |
| test.c test.h | 测试 |
数据结构
strongswan/src/libstrongswan/utils/utils/object.h
/**
* Object allocation/initialization macro, using designated initializer.
*/
#define INIT(this, ...) { (this) = malloc(sizeof(*(this))); \
*(this) = (typeof(*(this))){ __VA_ARGS__ }; }
/**
* Method declaration/definition macro, providing private and public interface.
*
* Defines a method name with this as first parameter and a return value ret,
* and an alias for this method with a _ prefix, having the this argument
* safely casted to the public interface iface.
* _name is provided a function pointer, but will get optimized out by GCC.
*/
#define METHOD(iface, name, ret, this, ...) \
static ret name(union {iface *_public; this;} \
__attribute__((transparent_union)), ##__VA_ARGS__); \
static typeof(name) *_##name = (typeof(name)*)name; \
static ret name(this, ##__VA_ARGS__)
/**
* Callback declaration/definition macro, allowing casted first parameter.
*
* This is very similar to METHOD, but instead of casting the first parameter
* to a public interface, it uses a void*. This allows type safe definition
* of a callback function, while using the real type for the first parameter.
*/
#define CALLBACK(name, ret, param1, ...) \
static ret _cb_##name(union {void *_generic; param1;} \
__attribute__((transparent_union)), ##__VA_ARGS__); \
static typeof(_cb_##name) *name = (typeof(_cb_##name)*)_cb_##name; \
static ret _cb_##name(param1, ##__VA_ARGS__)
strongswan/src/libstrongswan/utils/enum.h
/**
* Begin a new enum_name list.
*
* @param name name of the enum_name list
* @param first enum value of the first enum string
* @param last enum value of the last enum string
* @param ... a list of strings
*/
#define ENUM_BEGIN(name, first, last, ...) \
static enum_name_t name##last = {first, last + \
BUILD_ASSERT(((last)-(first)+1) == countof(((char*[]){__VA_ARGS__}))), \
NULL, { __VA_ARGS__ }}
/**
* Continue a enum name list started with ENUM_BEGIN.
*
* @param name name of the enum_name list
* @param first enum value of the first enum string
* @param last enum value of the last enum string
* @param prev enum value of the "last" defined in ENUM_BEGIN/previous ENUM_NEXT
* @param ... a list of strings
*/
#define ENUM_NEXT(name, first, last, prev, ...) \
static enum_name_t name##last = {first, last + \
BUILD_ASSERT(((last)-(first)+1) == countof(((char*[]){__VA_ARGS__}))), \
&name##prev, { __VA_ARGS__ }}
/**
* Complete enum name list started with ENUM_BEGIN.
*
* @param name name of the enum_name list
* @param prev enum value of the "last" defined in ENUM_BEGIN/previous ENUM_NEXT
*/
#define ENUM_END(name, prev) enum_name_t *name = &name##prev;
/**
* Define a enum name with only one range.
*
* This is a convenience macro to use when a enum_name list contains only
* one range, and is equal as defining ENUM_BEGIN followed by ENUM_END.
*
* @param name name of the enum_name list
* @param first enum value of the first enum string
* @param last enum value of the last enum string
* @param ... a list of strings
*/
#define ENUM(name, first, last, ...) \
ENUM_BEGIN(name, first, last, __VA_ARGS__); ENUM_END(name, last)
strongswan/src/libstrongswan/utils/chunk.h
typedef struct chunk_t chunk_t;
/**
* General purpose pointer/length abstraction.
*/
struct chunk_t {
/** Pointer to start of data */
u_char *ptr;
/** Length of data in bytes */
size_t len;
};
有“AI”的1024 = 2048,欢迎大家加入2048 AI社区
更多推荐
3
0- 0
已为社区贡献5条内容
所有评论(0)