projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'nm-gtk4'
[strongswan.git] / src / libcharon / daemon.c
1 /*
2 * Copyright (C) 2006-2017 Tobias Brunner
3 * Copyright (C) 2005-2009 Martin Willi
4 * Copyright (C) 2006 Daniel Roethlisberger
5 * Copyright (C) 2005 Jan Hutter
6 * HSR Hochschule fuer Technik Rapperswil
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 */
18
19 /*
20 * Copyright (C) 2016 secunet Security Networks AG
21 * Copyright (C) 2016 Thomas Egerer
22 *
23 * Permission is hereby granted, free of charge, to any person obtaining a copy
24 * of this software and associated documentation files (the "Software"), to deal
25 * in the Software without restriction, including without limitation the rights
26 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
27 * copies of the Software, and to permit persons to whom the Software is
28 * furnished to do so, subject to the following conditions:
29 *
30 * The above copyright notice and this permission notice shall be included in
31 * all copies or substantial portions of the Software.
32 *
33 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
34 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
35 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
36 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
37 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
38 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
39 * THE SOFTWARE.
40 */
41
42 #include <stdio.h>
43 #include <sys/types.h>
44 #include <unistd.h>
45 #include <time.h>
46 #include <errno.h>
47
48 #ifdef HAVE_SYSLOG
49 #include <syslog.h>
50 #endif
51
52 #include "daemon.h"
53
54 #include <library.h>
55 #include <bus/listeners/sys_logger.h>
56 #include <bus/listeners/file_logger.h>
57 #include <collections/array.h>
58 #include <plugins/plugin_feature.h>
59 #include <kernel/kernel_handler.h>
60 #include <processing/jobs/start_action_job.h>
61 #include <threading/mutex.h>
62
63 #ifndef LOG_AUTHPRIV /* not defined on OpenSolaris */
64 #define LOG_AUTHPRIV LOG_AUTH
65 #endif
66
67 typedef struct private_daemon_t private_daemon_t;
68
69 /**
70 * Private additions to daemon_t, contains threads and internal functions.
71 */
72 struct private_daemon_t {
73 /**
74 * Public members of daemon_t.
75 */
76 daemon_t public;
77
78 /**
79 * Handler for kernel events
80 */
81 kernel_handler_t *kernel_handler;
82
83 /**
84 * A list of installed loggers (as logger_entry_t*)
85 */
86 linked_list_t *loggers;
87
88 /**
89 * Cached log levels for default loggers
90 */
91 level_t *levels;
92
93 /**
94 * Whether to log to stdout/err by default
95 */
96 bool to_stderr;
97
98 /**
99 * Identifier used for syslog (in the openlog call)
100 */
101 char *syslog_identifier;
102
103 /**
104 * Mutex for configured loggers
105 */
106 mutex_t *mutex;
107
108 /**
109 * Integrity check failed?
110 */
111 bool integrity_failed;
112
113 /**
114 * Number of times we have been initialized
115 */
116 refcount_t ref;
117 };
118
119 /**
120 * Register plugins if built statically
121 */
122 #ifdef STATIC_PLUGIN_CONSTRUCTORS
123 #include "plugin_constructors.c"
124 #endif
125
126 /**
127 * One and only instance of the daemon.
128 */
129 daemon_t *charon;
130
131 /**
132 * hook in library for debugging messages
133 */
134 extern void (*dbg) (debug_t group, level_t level, char *fmt, ...);
135
136 /**
137 * we store the previous debug function so we can reset it
138 */
139 static void (*dbg_old) (debug_t group, level_t level, char *fmt, ...);
140
141 /**
142 * Logging hook for library logs, spreads debug message over bus
143 */
144 static void dbg_bus(debug_t group, level_t level, char *fmt, ...)
145 {
146 va_list args;
147
148 va_start(args, fmt);
149 charon->bus->vlog(charon->bus, group, level, fmt, args);
150 va_end(args);
151 }
152
153 /**
154 * Data for registered custom loggers
155 */
156 typedef struct {
157 /**
158 * Name of the custom logger (also used for loglevel configuration)
159 */
160 char *name;
161
162 /**
163 * Constructor to be called for custom logger creation
164 */
165 custom_logger_constructor_t constructor;
166
167 } custom_logger_entry_t;
168
169 #define MAX_CUSTOM_LOGGERS 10
170
171 /**
172 * Static array for logger registration using __attribute__((constructor))
173 */
174 static custom_logger_entry_t custom_loggers[MAX_CUSTOM_LOGGERS];
175 static int custom_logger_count;
176
177 /**
178 * Described in header
179 */
180 void register_custom_logger(char *name,
181 custom_logger_constructor_t constructor)
182 {
183 if (custom_logger_count < MAX_CUSTOM_LOGGERS - 1)
184 {
185 custom_loggers[custom_logger_count].name = name;
186 custom_loggers[custom_logger_count].constructor = constructor;
187 custom_logger_count++;
188 }
189 else
190 {
191 fprintf(stderr, "failed to register custom logger, please increase "
192 "MAX_CUSTOM_LOGGERS");
193 }
194 }
195
196 /**
197 * Types of supported loggers
198 */
199 typedef enum {
200 /**
201 * Syslog logger instance
202 */
203 SYS_LOGGER,
204
205 /**
206 * File logger instance
207 */
208 FILE_LOGGER,
209
210 /**
211 * Custom logger instance
212 */
213 CUSTOM_LOGGER,
214
215 } logger_type_t;
216
217 /**
218 * Some metadata about configured loggers
219 */
220 typedef struct {
221 /**
222 * Target of the logger (syslog facility or filename)
223 */
224 char *target;
225
226 /**
227 * Type of logger
228 */
229 logger_type_t type;
230
231 /**
232 * The actual logger
233 */
234 union {
235 sys_logger_t *sys;
236 file_logger_t *file;
237 custom_logger_t *custom;
238 } logger;
239
240 } logger_entry_t;
241
242 /**
243 * Destroy a logger entry
244 */
245 static void logger_entry_destroy(logger_entry_t *this)
246 {
247 switch (this->type)
248 {
249 case FILE_LOGGER:
250 DESTROY_IF(this->logger.file);
251 break;
252 case SYS_LOGGER:
253 DESTROY_IF(this->logger.sys);
254 break;
255 case CUSTOM_LOGGER:
256 DESTROY_IF(this->logger.custom);
257 break;
258 }
259 free(this->target);
260 free(this);
261 }
262
263 /**
264 * Unregister and destroy a logger entry
265 */
266 static void logger_entry_unregister_destroy(logger_entry_t *this)
267 {
268 switch (this->type)
269 {
270 case FILE_LOGGER:
271 charon->bus->remove_logger(charon->bus, &this->logger.file->logger);
272 break;
273 case SYS_LOGGER:
274 charon->bus->remove_logger(charon->bus, &this->logger.sys->logger);
275 break;
276 case CUSTOM_LOGGER:
277 charon->bus->remove_logger(charon->bus,
278 &this->logger.custom->logger);
279 break;
280 }
281 logger_entry_destroy(this);
282 }
283
284 CALLBACK(logger_entry_match, bool,
285 logger_entry_t *this, va_list args)
286 {
287 logger_type_t type;
288 char *target;
289
290 VA_ARGS_VGET(args, target, type);
291 return this->type == type && streq(this->target, target);
292 }
293
294 /**
295 * Handle configured syslog identifier
296 *
297 * mutex must be locked when calling this function
298 */
299 static void handle_syslog_identifier(private_daemon_t *this)
300 {
301 #ifdef HAVE_SYSLOG
302 char *identifier;
303
304 identifier = lib->settings->get_str(lib->settings, "%s.syslog.identifier",
305 NULL, lib->ns);
306 if (identifier)
307 { /* set identifier, which is prepended to each log line */
308 if (!this->syslog_identifier ||
309 !streq(identifier, this->syslog_identifier))
310 {
311 closelog();
312 this->syslog_identifier = identifier;
313 openlog(this->syslog_identifier, 0, 0);
314 }
315 }
316 else if (this->syslog_identifier)
317 {
318 closelog();
319 this->syslog_identifier = NULL;
320 }
321 #endif /* HAVE_SYSLOG */
322 }
323
324 /**
325 * Convert the given string into a syslog facility, returns -1 if the facility
326 * is not supported
327 */
328 static int get_syslog_facility(char *facility)
329 {
330 #ifdef HAVE_SYSLOG
331 if (streq(facility, "daemon"))
332 {
333 return LOG_DAEMON;
334 }
335 else if (streq(facility, "auth"))
336 {
337 return LOG_AUTHPRIV;
338 }
339 #endif /* HAVE_SYSLOG */
340 return -1;
341 }
342
343 /**
344 * Returns an existing or newly created logger entry (if found, it is removed
345 * from the given linked list of existing loggers)
346 */
347 static logger_entry_t *get_logger_entry(char *target, logger_type_t type,
348 linked_list_t *existing,
349 custom_logger_constructor_t constructor)
350 {
351 logger_entry_t *entry;
352
353 if (!existing->find_first(existing, logger_entry_match, (void**)&entry,
354 target, type))
355 {
356 INIT(entry,
357 .target = strdup(target),
358 .type = type,
359 );
360 switch (type)
361 {
362 case FILE_LOGGER:
363 entry->logger.file = file_logger_create(target);
364 break;
365 case SYS_LOGGER:
366 #ifdef HAVE_SYSLOG
367 entry->logger.sys = sys_logger_create(
368 get_syslog_facility(target));
369 break;
370 #else
371 free(entry);
372 return NULL;
373 #endif /* HAVE_SYSLOG */
374 case CUSTOM_LOGGER:
375 if (constructor)
376 {
377 entry->logger.custom = constructor(target);
378 }
379 if (!entry->logger.custom)
380 {
381 free(entry);
382 return NULL;
383 }
384 break;
385 }
386 }
387 else
388 {
389 existing->remove(existing, entry, NULL);
390 }
391 return entry;
392 }
393
394 /**
395 * Create or reuse a syslog logger
396 */
397 static sys_logger_t *add_sys_logger(private_daemon_t *this, char *facility,
398 linked_list_t *current_loggers)
399 {
400 logger_entry_t *entry;
401
402 entry = get_logger_entry(facility, SYS_LOGGER, current_loggers, NULL);
403 if (entry)
404 {
405 this->loggers->insert_last(this->loggers, entry);
406 }
407 return entry ? entry->logger.sys : NULL;
408 }
409
410 /**
411 * Create or reuse a file logger
412 */
413 static file_logger_t *add_file_logger(private_daemon_t *this, char *filename,
414 linked_list_t *current_loggers)
415 {
416 logger_entry_t *entry;
417
418 entry = get_logger_entry(filename, FILE_LOGGER, current_loggers, NULL);
419 if (entry)
420 {
421 this->loggers->insert_last(this->loggers, entry);
422 }
423 return entry ? entry->logger.file : NULL;
424 }
425
426 /**
427 * Create or reuse a custom logger
428 */
429 static custom_logger_t *add_custom_logger(private_daemon_t *this,
430 custom_logger_entry_t *custom,
431 linked_list_t *current_loggers)
432 {
433 logger_entry_t *entry;
434
435 entry = get_logger_entry(custom->name, CUSTOM_LOGGER, current_loggers,
436 custom->constructor);
437 if (entry)
438 {
439 this->loggers->insert_last(this->loggers, entry);
440 }
441 return entry ? entry->logger.custom : NULL;
442 }
443
444 /**
445 * Load the given syslog logger configured in strongswan.conf
446 */
447 static void load_sys_logger(private_daemon_t *this, char *facility,
448 linked_list_t *current_loggers)
449 {
450 sys_logger_t *sys_logger;
451 debug_t group;
452 level_t def;
453 bool ike_name, log_level;
454 int map_level;
455
456 if (get_syslog_facility(facility) == -1)
457 {
458 return;
459 }
460
461 sys_logger = add_sys_logger(this, facility, current_loggers);
462 if (!sys_logger)
463 {
464 return;
465 }
466
467 ike_name = lib->settings->get_bool(lib->settings, "%s.syslog.%s.ike_name",
468 FALSE, lib->ns, facility);
469 log_level = lib->settings->get_bool(lib->settings, "%s.syslog.%s.log_level",
470 FALSE, lib->ns, facility);
471 map_level = lib->settings->get_int(lib->settings, "%s.syslog.%s.map_level",
472 -1, lib->ns, facility);
473
474 sys_logger->set_options(sys_logger, ike_name, log_level, map_level);
475
476 def = lib->settings->get_int(lib->settings, "%s.syslog.%s.default", 1,
477 lib->ns, facility);
478 for (group = 0; group < DBG_MAX; group++)
479 {
480 sys_logger->set_level(sys_logger, group,
481 lib->settings->get_int(lib->settings, "%s.syslog.%s.%N", def,
482 lib->ns, facility, debug_lower_names, group));
483 }
484 charon->bus->add_logger(charon->bus, &sys_logger->logger);
485 }
486
487 /**
488 * Load the given file logger configured in strongswan.conf
489 */
490 static void load_file_logger(private_daemon_t *this, char *section,
491 linked_list_t *current_loggers)
492 {
493 file_logger_t *file_logger;
494 debug_t group;
495 level_t def;
496 bool add_ms, ike_name, log_level, flush_line, append;
497 char *time_format, *filename;
498
499 time_format = lib->settings->get_str(lib->settings,
500 "%s.filelog.%s.time_format", NULL, lib->ns, section);
501 add_ms = lib->settings->get_bool(lib->settings,
502 "%s.filelog.%s.time_add_ms", FALSE, lib->ns, section);
503 ike_name = lib->settings->get_bool(lib->settings,
504 "%s.filelog.%s.ike_name", FALSE, lib->ns, section);
505 log_level = lib->settings->get_bool(lib->settings,
506 "%s.filelog.%s.log_level", FALSE, lib->ns, section);
507 flush_line = lib->settings->get_bool(lib->settings,
508 "%s.filelog.%s.flush_line", FALSE, lib->ns, section);
509 append = lib->settings->get_bool(lib->settings,
510 "%s.filelog.%s.append", TRUE, lib->ns, section);
511 filename = lib->settings->get_str(lib->settings,
512 "%s.filelog.%s.path", section, lib->ns, section);
513
514 file_logger = add_file_logger(this, filename, current_loggers);
515 if (!file_logger)
516 {
517 return;
518 }
519
520 file_logger->set_options(file_logger, time_format, add_ms, ike_name,
521 log_level);
522 file_logger->open(file_logger, flush_line, append);
523
524 def = lib->settings->get_int(lib->settings, "%s.filelog.%s.default", 1,
525 lib->ns, section);
526 for (group = 0; group < DBG_MAX; group++)
527 {
528 file_logger->set_level(file_logger, group,
529 lib->settings->get_int(lib->settings, "%s.filelog.%s.%N", def,
530 lib->ns, section, debug_lower_names, group));
531 }
532 charon->bus->add_logger(charon->bus, &file_logger->logger);
533 }
534
535 /**
536 * Load the given custom logger configured in strongswan.conf
537 */
538 static void load_custom_logger(private_daemon_t *this,
539 custom_logger_entry_t *entry,
540 linked_list_t *current_loggers)
541 {
542 custom_logger_t *custom_logger;
543 debug_t group;
544 level_t def;
545
546 custom_logger = add_custom_logger(this, entry, current_loggers);
547 if (!custom_logger)
548 {
549 return;
550 }
551
552 def = lib->settings->get_int(lib->settings, "%s.customlog.%s.default", 1,
553 lib->ns, entry->name);
554 for (group = 0; group < DBG_MAX; group++)
555 {
556 custom_logger->set_level(custom_logger, group,
557 lib->settings->get_int(lib->settings, "%s.customlog.%s.%N", def,
558 lib->ns, entry->name, debug_lower_names, group));
559 }
560 if (custom_logger->reload)
561 {
562 custom_logger->reload(custom_logger);
563 }
564 charon->bus->add_logger(charon->bus, &custom_logger->logger);
565 }
566
567 METHOD(daemon_t, load_loggers, void,
568 private_daemon_t *this)
569 {
570 enumerator_t *enumerator;
571 linked_list_t *current_loggers;
572 char *target;
573 int i;
574
575 this->mutex->lock(this->mutex);
576 handle_syslog_identifier(this);
577 current_loggers = this->loggers;
578 this->loggers = linked_list_create();
579 enumerator = lib->settings->create_section_enumerator(lib->settings,
580 "%s.syslog", lib->ns);
581 while (enumerator->enumerate(enumerator, &target))
582 {
583 load_sys_logger(this, target, current_loggers);
584 }
585 enumerator->destroy(enumerator);
586
587 enumerator = lib->settings->create_section_enumerator(lib->settings,
588 "%s.filelog", lib->ns);
589 while (enumerator->enumerate(enumerator, &target))
590 {
591 load_file_logger(this, target, current_loggers);
592 }
593 enumerator->destroy(enumerator);
594
595 for (i = 0; i < custom_logger_count; ++i)
596 {
597 load_custom_logger(this, &custom_loggers[i], current_loggers);
598 }
599
600 if (!this->loggers->get_count(this->loggers) && this->levels)
601 { /* setup legacy style default loggers configured via command-line */
602 file_logger_t *file_logger;
603 sys_logger_t *sys_logger;
604 debug_t group;
605
606 sys_logger = add_sys_logger(this, "daemon", current_loggers);
607 file_logger = add_file_logger(this, "stdout", current_loggers);
608 file_logger->open(file_logger, FALSE, FALSE);
609
610 for (group = 0; group < DBG_MAX; group++)
611 {
612 if (sys_logger)
613 {
614 sys_logger->set_level(sys_logger, group, this->levels[group]);
615 }
616 if (this->to_stderr)
617 {
618 file_logger->set_level(file_logger, group, this->levels[group]);
619 }
620 }
621 if (sys_logger)
622 {
623 charon->bus->add_logger(charon->bus, &sys_logger->logger);
624 }
625 charon->bus->add_logger(charon->bus, &file_logger->logger);
626
627 sys_logger = add_sys_logger(this, "auth", current_loggers);
628 if (sys_logger)
629 {
630 sys_logger->set_level(sys_logger, DBG_ANY, LEVEL_AUDIT);
631 charon->bus->add_logger(charon->bus, &sys_logger->logger);
632 }
633 }
634 /* unregister and destroy any unused remaining loggers */
635 current_loggers->destroy_function(current_loggers,
636 (void*)logger_entry_unregister_destroy);
637 this->mutex->unlock(this->mutex);
638 }
639
640 METHOD(daemon_t, set_default_loggers, void,
641 private_daemon_t *this, level_t levels[DBG_MAX], bool to_stderr)
642 {
643 debug_t group;
644
645 this->mutex->lock(this->mutex);
646 if (!levels)
647 {
648 free(this->levels);
649 this->levels = NULL;
650 }
651 else
652 {
653 if (!this->levels)
654 {
655 this->levels = calloc(sizeof(level_t), DBG_MAX);
656 }
657 for (group = 0; group < DBG_MAX; group++)
658 {
659 this->levels[group] = levels[group];
660 }
661 this->to_stderr = to_stderr;
662 }
663 this->mutex->unlock(this->mutex);
664 }
665
666 METHOD(daemon_t, set_level, void,
667 private_daemon_t *this, debug_t group, level_t level)
668 {
669 enumerator_t *enumerator;
670 logger_entry_t *entry;
671
672 /* we set the loglevel on ALL loggers */
673 this->mutex->lock(this->mutex);
674 enumerator = this->loggers->create_enumerator(this->loggers);
675 while (enumerator->enumerate(enumerator, &entry))
676 {
677 switch (entry->type)
678 {
679 case FILE_LOGGER:
680 entry->logger.file->set_level(entry->logger.file, group, level);
681 charon->bus->add_logger(charon->bus,
682 &entry->logger.file->logger);
683 break;
684 case SYS_LOGGER:
685 entry->logger.sys->set_level(entry->logger.sys, group, level);
686 charon->bus->add_logger(charon->bus,
687 &entry->logger.sys->logger);
688 break;
689 case CUSTOM_LOGGER:
690 entry->logger.custom->set_level(entry->logger.custom, group,
691 level);
692 charon->bus->add_logger(charon->bus,
693 &entry->logger.custom->logger);
694 break;
695 }
696 }
697 enumerator->destroy(enumerator);
698 this->mutex->unlock(this->mutex);
699 }
700
701 /**
702 * Clean up all daemon resources
703 */
704 static void destroy(private_daemon_t *this)
705 {
706 /* terminate all idle threads */
707 lib->processor->set_threads(lib->processor, 0);
708 /* make sure nobody waits for a DNS query */
709 lib->hosts->flush(lib->hosts);
710 /* close all IKE_SAs */
711 if (this->public.ike_sa_manager)
712 {
713 this->public.ike_sa_manager->flush(this->public.ike_sa_manager);
714 }
715 if (this->public.traps)
716 {
717 this->public.traps->flush(this->public.traps);
718 }
719 if (this->public.shunts)
720 {
721 this->public.shunts->flush(this->public.shunts);
722 }
723 if (this->public.sender)
724 {
725 this->public.sender->flush(this->public.sender);
726 }
727
728 /* cancel all threads and wait for their termination */
729 lib->processor->cancel(lib->processor);
730
731 #ifdef ME
732 DESTROY_IF(this->public.connect_manager);
733 DESTROY_IF(this->public.mediation_manager);
734 #endif /* ME */
735 /* make sure the cache and scheduler are clear before unloading plugins */
736 lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);
737 lib->scheduler->flush(lib->scheduler);
738 lib->plugins->unload(lib->plugins);
739 DESTROY_IF(this->public.attributes);
740 DESTROY_IF(this->kernel_handler);
741 DESTROY_IF(this->public.traps);
742 DESTROY_IF(this->public.shunts);
743 DESTROY_IF(this->public.redirect);
744 DESTROY_IF(this->public.controller);
745 DESTROY_IF(this->public.eap);
746 DESTROY_IF(this->public.xauth);
747 DESTROY_IF(this->public.backends);
748 DESTROY_IF(this->public.socket);
749 DESTROY_IF(this->public.kernel);
750
751 /* rehook library logging, shutdown logging */
752 dbg = dbg_old;
753 DESTROY_IF(this->public.bus);
754 this->loggers->destroy_function(this->loggers, (void*)logger_entry_destroy);
755 this->mutex->destroy(this->mutex);
756 free(this->levels);
757 free(this);
758 }
759
760 /**
761 * Run a set of configured scripts
762 */
763 static void run_scripts(private_daemon_t *this, char *verb)
764 {
765 struct {
766 char *name;
767 char *path;
768 } *script;
769 array_t *scripts = NULL;
770 enumerator_t *enumerator;
771 char *key, *value, *pos, buf[1024];
772 FILE *cmd;
773
774 /* copy the scripts so we don't hold any locks while executing them */
775 enumerator = lib->settings->create_key_value_enumerator(lib->settings,
776 "%s.%s-scripts", lib->ns, verb);
777 while (enumerator->enumerate(enumerator, &key, &value))
778 {
779 INIT(script,
780 .name = key,
781 .path = value,
782 );
783 array_insert_create(&scripts, ARRAY_TAIL, script);
784 }
785 enumerator->destroy(enumerator);
786
787 enumerator = array_create_enumerator(scripts);
788 while (enumerator->enumerate(enumerator, &script))
789 {
790 DBG1(DBG_DMN, "executing %s script '%s' (%s)", verb, script->name,
791 script->path);
792 cmd = popen(script->path, "r");
793 if (!cmd)
794 {
795 DBG1(DBG_DMN, "executing %s script '%s' (%s) failed: %s",
796 verb, script->name, script->path, strerror(errno));
797 }
798 else
799 {
800 while (TRUE)
801 {
802 if (!fgets(buf, sizeof(buf), cmd))
803 {
804 if (ferror(cmd))
805 {
806 DBG1(DBG_DMN, "reading from %s script '%s' (%s) failed",
807 verb, script->name, script->path);
808 }
809 break;
810 }
811 else
812 {
813 pos = buf + strlen(buf);
814 if (pos > buf && pos[-1] == '\n')
815 {
816 pos[-1] = '\0';
817 }
818 DBG1(DBG_DMN, "%s: %s", script->name, buf);
819 }
820 }
821 pclose(cmd);
822 }
823 free(script);
824 }
825 enumerator->destroy(enumerator);
826 array_destroy(scripts);
827 }
828
829 METHOD(daemon_t, start, void,
830 private_daemon_t *this)
831 {
832 /* start the engine, go multithreaded */
833 lib->processor->set_threads(lib->processor,
834 lib->settings->get_int(lib->settings, "%s.threads",
835 DEFAULT_THREADS, lib->ns));
836
837 run_scripts(this, "start");
838 }
839
840 /**
841 * Initialize/deinitialize sender and receiver
842 */
843 static bool sender_receiver_cb(void *plugin, plugin_feature_t *feature,
844 bool reg, private_daemon_t *this)
845 {
846 if (reg)
847 {
848 this->public.receiver = receiver_create();
849 if (!this->public.receiver)
850 {
851 return FALSE;
852 }
853 this->public.sender = sender_create();
854 }
855 else
856 {
857 DESTROY_IF(this->public.receiver);
858 DESTROY_IF(this->public.sender);
859 }
860 return TRUE;
861 }
862
863 /**
864 * Initialize/deinitialize IKE_SA/CHILD_SA managers
865 */
866 static bool sa_managers_cb(void *plugin, plugin_feature_t *feature,
867 bool reg, private_daemon_t *this)
868 {
869 if (reg)
870 {
871 this->public.ike_sa_manager = ike_sa_manager_create();
872 if (!this->public.ike_sa_manager)
873 {
874 return FALSE;
875 }
876 this->public.child_sa_manager = child_sa_manager_create();
877 }
878 else
879 {
880 DESTROY_IF(this->public.ike_sa_manager);
881 DESTROY_IF(this->public.child_sa_manager);
882 }
883 return TRUE;
884 }
885
886 METHOD(daemon_t, initialize, bool,
887 private_daemon_t *this, char *plugins)
888 {
889 plugin_feature_t features[] = {
890 PLUGIN_PROVIDE(CUSTOM, "libcharon"),
891 PLUGIN_DEPENDS(NONCE_GEN),
892 PLUGIN_DEPENDS(CUSTOM, "libcharon-sa-managers"),
893 PLUGIN_DEPENDS(CUSTOM, "libcharon-receiver"),
894 PLUGIN_DEPENDS(CUSTOM, "kernel-ipsec"),
895 PLUGIN_DEPENDS(CUSTOM, "kernel-net"),
896 PLUGIN_CALLBACK((plugin_feature_callback_t)sender_receiver_cb, this),
897 PLUGIN_PROVIDE(CUSTOM, "libcharon-receiver"),
898 PLUGIN_DEPENDS(HASHER, HASH_SHA1),
899 PLUGIN_DEPENDS(RNG, RNG_STRONG),
900 PLUGIN_DEPENDS(CUSTOM, "socket"),
901 PLUGIN_CALLBACK((plugin_feature_callback_t)sa_managers_cb, this),
902 PLUGIN_PROVIDE(CUSTOM, "libcharon-sa-managers"),
903 PLUGIN_DEPENDS(HASHER, HASH_SHA1),
904 PLUGIN_DEPENDS(RNG, RNG_WEAK),
905 };
906 lib->plugins->add_static_features(lib->plugins, lib->ns, features,
907 countof(features), TRUE, NULL, NULL);
908
909 /* load plugins, further infrastructure may need it */
910 if (!lib->plugins->load(lib->plugins, plugins))
911 {
912 return FALSE;
913 }
914
915 /* Queue start_action job */
916 lib->processor->queue_job(lib->processor, (job_t*)start_action_job_create());
917
918 #ifdef ME
919 this->public.connect_manager = connect_manager_create();
920 if (this->public.connect_manager == NULL)
921 {
922 return FALSE;
923 }
924 this->public.mediation_manager = mediation_manager_create();
925 #endif /* ME */
926
927 return TRUE;
928 }
929
930 /**
931 * Create the daemon.
932 */
933 private_daemon_t *daemon_create()
934 {
935 private_daemon_t *this;
936
937 INIT(this,
938 .public = {
939 .initialize = _initialize,
940 .start = _start,
941 .load_loggers = _load_loggers,
942 .set_default_loggers = _set_default_loggers,
943 .set_level = _set_level,
944 .bus = bus_create(),
945 },
946 .loggers = linked_list_create(),
947 .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
948 .ref = 1,
949 );
950 charon = &this->public;
951 this->public.kernel = kernel_interface_create();
952 this->public.attributes = attribute_manager_create();
953 this->public.controller = controller_create();
954 this->public.eap = eap_manager_create();
955 this->public.xauth = xauth_manager_create();
956 this->public.backends = backend_manager_create();
957 this->public.socket = socket_manager_create();
958 this->public.traps = trap_manager_create();
959 this->public.shunts = shunt_manager_create();
960 this->public.redirect = redirect_manager_create();
961 this->kernel_handler = kernel_handler_create();
962
963 return this;
964 }
965
966 /**
967 * Described in header.
968 */
969 void libcharon_deinit()
970 {
971 private_daemon_t *this = (private_daemon_t*)charon;
972
973 if (!this || !ref_put(&this->ref))
974 { /* have more users */
975 return;
976 }
977
978 run_scripts(this, "stop");
979
980 destroy(this);
981 charon = NULL;
982 }
983
984 /**
985 * Described in header.
986 */
987 bool libcharon_init()
988 {
989 private_daemon_t *this;
990
991 if (charon)
992 { /* already initialized, increase refcount */
993 this = (private_daemon_t*)charon;
994 ref_get(&this->ref);
995 return !this->integrity_failed;
996 }
997
998 this = daemon_create();
999
1000 /* for uncritical pseudo random numbers */
1001 srandom(time(NULL) + getpid());
1002
1003 /* set up hook to log dbg message in library via charons message bus */
1004 dbg_old = dbg;
1005 dbg = dbg_bus;
1006
1007 if (lib->integrity &&
1008 !lib->integrity->check(lib->integrity, "libcharon", libcharon_init))
1009 {
1010 dbg(DBG_DMN, 1, "integrity check of libcharon failed");
1011 this->integrity_failed = TRUE;
1012 }
1013 return !this->integrity_failed;
1014 }
strongSwan - IPsec VPN