Support hook suffixes to use the same hook multiple times
[strongswan.git] / src / conftest / conftest.c
1 /*
2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #define _GNU_SOURCE
17 #include <unistd.h>
18 #include <stdio.h>
19 #include <errno.h>
20 #include <signal.h>
21 #include <getopt.h>
22 #include <dlfcn.h>
23 #include <libgen.h>
24
25 #include "conftest.h"
26 #include "config.h"
27 #include "hooks/hook.h"
28
29 #include <threading/thread.h>
30
31 /**
32 * Conftest globals struct
33 */
34 conftest_t *conftest;
35
36 /**
37 * Print usage information
38 */
39 static void usage(FILE *out)
40 {
41 fprintf(out, "Usage:\n");
42 fprintf(out, " --help show usage information\n");
43 fprintf(out, " --version show conftest version\n");
44 fprintf(out, " --suite <file> global testsuite configuration "
45 "(default: ./suite.conf)\n");
46 fprintf(out, " --test <file> test specific configuration\n");
47 }
48
49 /**
50 * Handle SIGSEGV/SIGILL signals raised by threads
51 */
52 static void segv_handler(int signal)
53 {
54 fprintf(stderr, "thread %u received %d\n", thread_current_id(), signal);
55 abort();
56 }
57
58 /**
59 * Load suite and test specific configurations
60 */
61 static bool load_configs(char *suite_file, char *test_file)
62 {
63 if (!test_file)
64 {
65 fprintf(stderr, "Missing test configuration file.\n");
66 return FALSE;
67 }
68 if (access(suite_file, R_OK) != 0)
69 {
70 fprintf(stderr, "Reading suite configuration file '%s' failed: %s.\n",
71 suite_file, strerror(errno));
72 return FALSE;
73 }
74 if (access(test_file, R_OK) != 0)
75 {
76 fprintf(stderr, "Reading test configuration file '%s' failed: %s.\n",
77 test_file, strerror(errno));
78 return FALSE;
79 }
80 conftest->suite = settings_create(suite_file);
81 conftest->test = settings_create(test_file);
82 suite_file = dirname(suite_file);
83 test_file = dirname(test_file);
84 conftest->suite_dir = strdup(suite_file);
85 conftest->test_dir = strdup(test_file);
86 return TRUE;
87 }
88
89 /**
90 * Load certificates from the confiuguration file
91 */
92 static bool load_certs(settings_t *settings, char *dir)
93 {
94 enumerator_t *enumerator;
95 char *key, *value, wd[PATH_MAX];
96 certificate_t *cert;
97
98 if (getcwd(wd, sizeof(wd)) == NULL)
99 {
100 fprintf(stderr, "getting cwd failed: %s\n", strerror(errno));
101 return FALSE;
102 }
103 if (chdir(dir) != 0)
104 {
105 fprintf(stderr, "opening directory '%s' failed: %s\n",
106 dir, strerror(errno));
107 return FALSE;
108 }
109
110 enumerator = settings->create_key_value_enumerator(settings, "certs.trusted");
111 while (enumerator->enumerate(enumerator, &key, &value))
112 {
113 cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
114 BUILD_FROM_FILE, value, BUILD_END);
115 if (!cert)
116 {
117 fprintf(stderr, "loading trusted certificate "
118 "'%s' from '%s' failed\n", key, value);
119 enumerator->destroy(enumerator);
120 return FALSE;
121 }
122 conftest->creds->add_cert(conftest->creds, TRUE, cert);
123 }
124 enumerator->destroy(enumerator);
125
126 enumerator = settings->create_key_value_enumerator(settings, "certs.untrusted");
127 while (enumerator->enumerate(enumerator, &key, &value))
128 {
129 cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
130 BUILD_FROM_FILE, value, BUILD_END);
131 if (!cert)
132 {
133 fprintf(stderr, "loading untrusted certificate "
134 "'%s' from '%s' failed\n", key, value);
135 enumerator->destroy(enumerator);
136 return FALSE;
137 }
138 conftest->creds->add_cert(conftest->creds, FALSE, cert);
139 }
140 enumerator->destroy(enumerator);
141
142 if (chdir(wd) != 0)
143 {
144 fprintf(stderr, "opening directory '%s' failed: %s\n",
145 wd, strerror(errno));
146 return FALSE;
147 }
148 return TRUE;
149 }
150
151 /**
152 * Load private keys from the confiuguration file
153 */
154 static bool load_keys(settings_t *settings, char *dir)
155 {
156 enumerator_t *enumerator;
157 char *type, *value, wd[PATH_MAX];
158 private_key_t *key;
159 key_type_t key_type;
160
161 if (getcwd(wd, sizeof(wd)) == NULL)
162 {
163 fprintf(stderr, "getting cwd failed: %s\n", strerror(errno));
164 return FALSE;
165 }
166 if (chdir(dir) != 0)
167 {
168 fprintf(stderr, "opening directory '%s' failed: %s\n",
169 dir, strerror(errno));
170 return FALSE;
171 }
172
173 enumerator = settings->create_key_value_enumerator(settings, "keys");
174 while (enumerator->enumerate(enumerator, &type, &value))
175 {
176 if (strcaseeq(type, "ecdsa"))
177 {
178 key_type = KEY_ECDSA;
179 }
180 else if (strcaseeq(type, "rsa"))
181 {
182 key_type = KEY_RSA;
183 }
184 else
185 {
186 fprintf(stderr, "unkown key type: '%s'\n", type);
187 enumerator->destroy(enumerator);
188 return FALSE;
189 }
190 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, key_type,
191 BUILD_FROM_FILE, value, BUILD_END);
192 if (!key)
193 {
194 fprintf(stderr, "loading %s key from '%s' failed\n", type, value);
195 enumerator->destroy(enumerator);
196 return FALSE;
197 }
198 conftest->creds->add_key(conftest->creds, key);
199 }
200 enumerator->destroy(enumerator);
201
202 if (chdir(wd) != 0)
203 {
204 fprintf(stderr, "opening directory '%s' failed: %s\n",
205 wd, strerror(errno));
206 return FALSE;
207 }
208 return TRUE;
209 }
210
211 /**
212 * Load configured hooks
213 */
214 static bool load_hooks()
215 {
216 enumerator_t *enumerator;
217 char *name, *pos, buf[64];
218 hook_t *(*create)(char*);
219 hook_t *hook;
220
221 enumerator = conftest->test->create_section_enumerator(conftest->test,
222 "hooks");
223 while (enumerator->enumerate(enumerator, &name))
224 {
225 pos = strchr(name, '-');
226 if (pos)
227 {
228 snprintf(buf, sizeof(buf), "%.*s_hook_create", pos - name, name);
229 }
230 else
231 {
232 snprintf(buf, sizeof(buf), "%s_hook_create", name);
233 }
234 create = dlsym(RTLD_DEFAULT, buf);
235 if (create)
236 {
237 hook = create(name);
238 if (hook)
239 {
240 conftest->hooks->insert_last(conftest->hooks, hook);
241 charon->bus->add_listener(charon->bus, &hook->listener);
242 }
243 }
244 else
245 {
246 fprintf(stderr, "dlsym() for hook '%s' failed: %s\n", name, dlerror());
247 enumerator->destroy(enumerator);
248 return FALSE;
249 }
250 }
251 enumerator->destroy(enumerator);
252 return TRUE;
253 }
254
255 /**
256 * atexit() cleanup handler
257 */
258 static void cleanup()
259 {
260 hook_t *hook;
261
262 DESTROY_IF(conftest->suite);
263 DESTROY_IF(conftest->test);
264 lib->credmgr->remove_set(lib->credmgr, &conftest->creds->set);
265 conftest->creds->destroy(conftest->creds);
266 DESTROY_IF(conftest->actions);
267 while (conftest->hooks->remove_last(conftest->hooks,
268 (void**)&hook) == SUCCESS)
269 {
270 charon->bus->remove_listener(charon->bus, &hook->listener);
271 hook->destroy(hook);
272 }
273 conftest->hooks->destroy(conftest->hooks);
274 if (conftest->config)
275 {
276 if (charon->backends)
277 {
278 charon->backends->remove_backend(charon->backends,
279 &conftest->config->backend);
280 }
281 conftest->config->destroy(conftest->config);
282 }
283 free(conftest->suite_dir);
284 free(conftest->test_dir);
285 free(conftest);
286 libcharon_deinit();
287 libhydra_deinit();
288 library_deinit();
289 }
290
291 /**
292 * Main function, starts the conftest daemon.
293 */
294 int main(int argc, char *argv[])
295 {
296 struct sigaction action;
297 int status = 0;
298 sigset_t set;
299 int sig;
300 char *suite_file = "suite.conf", *test_file = NULL;
301 file_logger_t *logger;
302
303 if (!library_init(NULL))
304 {
305 library_deinit();
306 return SS_RC_LIBSTRONGSWAN_INTEGRITY;
307 }
308 if (!libhydra_init("conftest"))
309 {
310 libhydra_deinit();
311 library_deinit();
312 return SS_RC_INITIALIZATION_FAILED;
313 }
314 if (!libcharon_init())
315 {
316 libcharon_deinit();
317 libhydra_deinit();
318 library_deinit();
319 return SS_RC_INITIALIZATION_FAILED;
320 }
321
322 INIT(conftest,
323 .creds = mem_cred_create(),
324 );
325 logger = file_logger_create(stdout, NULL, FALSE);
326 logger->set_level(logger, DBG_ANY, LEVEL_CTRL);
327 charon->bus->add_listener(charon->bus, &logger->listener);
328 charon->file_loggers->insert_last(charon->file_loggers, logger);
329
330 lib->credmgr->add_set(lib->credmgr, &conftest->creds->set);
331 conftest->hooks = linked_list_create();
332 conftest->config = config_create();
333
334 atexit(cleanup);
335
336 while (TRUE)
337 {
338 struct option long_opts[] = {
339 { "help", no_argument, NULL, 'h' },
340 { "version", no_argument, NULL, 'v' },
341 { "suite", required_argument, NULL, 's' },
342 { "test", required_argument, NULL, 't' },
343 { 0,0,0,0 }
344 };
345 switch (getopt_long(argc, argv, "", long_opts, NULL))
346 {
347 case EOF:
348 break;
349 case 'h':
350 usage(stdout);
351 return 0;
352 case 'v':
353 printf("strongSwan %s conftest\n", VERSION);
354 return 0;
355 case 's':
356 suite_file = optarg;
357 continue;
358 case 't':
359 test_file = optarg;
360 continue;
361 default:
362 usage(stderr);
363 return 1;
364 }
365 break;
366 }
367
368 if (!load_configs(suite_file, test_file))
369 {
370 return 1;
371 }
372 if (!charon->initialize(charon))
373 {
374 return 1;
375 }
376 if (!load_certs(conftest->suite, conftest->suite_dir) ||
377 !load_certs(conftest->test, conftest->test_dir))
378 {
379 return 1;
380 }
381 if (!load_keys(conftest->suite, conftest->suite_dir) ||
382 !load_keys(conftest->test, conftest->test_dir))
383 {
384 return 1;
385 }
386 if (!load_hooks())
387 {
388 return 1;
389 }
390 charon->backends->add_backend(charon->backends, &conftest->config->backend);
391 conftest->config->load(conftest->config, conftest->suite);
392 conftest->config->load(conftest->config, conftest->test);
393 conftest->actions = actions_create();
394
395 /* set up thread specific handlers */
396 action.sa_handler = segv_handler;
397 action.sa_flags = 0;
398 sigemptyset(&action.sa_mask);
399 sigaddset(&action.sa_mask, SIGINT);
400 sigaddset(&action.sa_mask, SIGTERM);
401 sigaddset(&action.sa_mask, SIGHUP);
402 sigaction(SIGSEGV, &action, NULL);
403 sigaction(SIGILL, &action, NULL);
404 sigaction(SIGBUS, &action, NULL);
405 action.sa_handler = SIG_IGN;
406 sigaction(SIGPIPE, &action, NULL);
407 pthread_sigmask(SIG_SETMASK, &action.sa_mask, NULL);
408
409 /* start thread pool */
410 charon->start(charon);
411
412 /* handle SIGINT/SIGTERM in main thread */
413 sigemptyset(&set);
414 sigaddset(&set, SIGINT);
415 sigaddset(&set, SIGHUP);
416 sigaddset(&set, SIGTERM);
417 sigprocmask(SIG_BLOCK, &set, NULL);
418
419 while (sigwait(&set, &sig) == 0)
420 {
421 switch (sig)
422 {
423 case SIGINT:
424 case SIGTERM:
425 fprintf(stderr, "\nshutting down...\n");
426 break;
427 default:
428 continue;
429 }
430 break;
431 }
432 return status;
433 }