Merge branch 'modular-load'
[strongswan.git] / src / libstrongswan / library.c
1 /*
2 * Copyright (C) 2009 Tobias Brunner
3 * Copyright (C) 2008 Martin Willi
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "library.h"
18
19 #include <stdlib.h>
20
21 #include <utils/debug.h>
22 #include <threading/thread.h>
23 #include <utils/identification.h>
24 #include <networking/host.h>
25 #include <collections/array.h>
26 #include <collections/hashtable.h>
27 #include <utils/backtrace.h>
28 #include <selectors/traffic_selector.h>
29
30 #define CHECKSUM_LIBRARY IPSEC_LIB_DIR"/libchecksum.so"
31
32 typedef struct private_library_t private_library_t;
33
34 /**
35 * private data of library
36 */
37 struct private_library_t {
38
39 /**
40 * public functions
41 */
42 library_t public;
43
44 /**
45 * Hashtable with registered objects (name => object)
46 */
47 hashtable_t *objects;
48
49 /**
50 * Integrity check failed?
51 */
52 bool integrity_failed;
53
54 /**
55 * Number of times we have been initialized
56 */
57 refcount_t ref;
58 };
59
60 /**
61 * library instance
62 */
63 library_t *lib = NULL;
64
65 #ifdef LEAK_DETECTIVE
66 /**
67 * Default leak report callback
68 */
69 static void report_leaks(void *user, int count, size_t bytes,
70 backtrace_t *bt, bool detailed)
71 {
72 fprintf(stderr, "%zu bytes total, %d allocations, %zu bytes average:\n",
73 bytes, count, bytes / count);
74 bt->log(bt, stderr, detailed);
75 }
76
77 /**
78 * Default leak report summary callback
79 */
80 static void sum_leaks(void* user, int count, size_t bytes, int whitelisted)
81 {
82 switch (count)
83 {
84 case 0:
85 fprintf(stderr, "No leaks detected");
86 break;
87 case 1:
88 fprintf(stderr, "One leak detected");
89 break;
90 default:
91 fprintf(stderr, "%d leaks detected, %zu bytes", count, bytes);
92 break;
93 }
94 fprintf(stderr, ", %d suppressed by whitelist\n", whitelisted);
95 }
96 #endif /* LEAK_DETECTIVE */
97
98 /**
99 * Deinitialize library
100 */
101 void library_deinit()
102 {
103 private_library_t *this = (private_library_t*)lib;
104 bool detailed;
105
106 if (!this || !ref_put(&this->ref))
107 { /* have more users */
108 return;
109 }
110
111 detailed = lib->settings->get_bool(lib->settings,
112 "%s.leak_detective.detailed", TRUE, lib->ns);
113
114 /* make sure the cache is clear before unloading plugins */
115 lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);
116
117 this->public.streams->destroy(this->public.streams);
118 this->public.watcher->destroy(this->public.watcher);
119 this->public.scheduler->destroy(this->public.scheduler);
120 this->public.processor->destroy(this->public.processor);
121 this->public.plugins->destroy(this->public.plugins);
122 this->public.hosts->destroy(this->public.hosts);
123 this->public.settings->destroy(this->public.settings);
124 this->public.credmgr->destroy(this->public.credmgr);
125 this->public.creds->destroy(this->public.creds);
126 this->public.encoding->destroy(this->public.encoding);
127 this->public.crypto->destroy(this->public.crypto);
128 this->public.caps->destroy(this->public.caps);
129 this->public.proposal->destroy(this->public.proposal);
130 this->public.fetcher->destroy(this->public.fetcher);
131 this->public.resolver->destroy(this->public.resolver);
132 this->public.db->destroy(this->public.db);
133 this->public.printf_hook->destroy(this->public.printf_hook);
134 this->objects->destroy(this->objects);
135 if (this->public.integrity)
136 {
137 this->public.integrity->destroy(this->public.integrity);
138 }
139
140 if (lib->leak_detective)
141 {
142 lib->leak_detective->report(lib->leak_detective, detailed);
143 lib->leak_detective->destroy(lib->leak_detective);
144 }
145
146 arrays_deinit();
147 threads_deinit();
148 backtrace_deinit();
149
150 free((void*)this->public.ns);
151 free(this);
152 lib = NULL;
153 }
154
155 METHOD(library_t, get, void*,
156 private_library_t *this, char *name)
157 {
158 return this->objects->get(this->objects, name);
159 }
160
161 METHOD(library_t, set, bool,
162 private_library_t *this, char *name, void *object)
163 {
164 if (object)
165 {
166 if (this->objects->get(this->objects, name))
167 {
168 return FALSE;
169 }
170 this->objects->put(this->objects, name, object);
171 return TRUE;
172 }
173 return this->objects->remove(this->objects, name) != NULL;
174 }
175
176 /**
177 * Hashtable hash function
178 */
179 static u_int hash(char *key)
180 {
181 return chunk_hash(chunk_create(key, strlen(key)));
182 }
183
184 /**
185 * Hashtable equals function
186 */
187 static bool equals(char *a, char *b)
188 {
189 return streq(a, b);
190 }
191
192 /**
193 * Number of words we write and memwipe() in memwipe check
194 */
195 #define MEMWIPE_WIPE_WORDS 16
196
197 /**
198 * Write magic to memory, and try to clear it with memwipe()
199 */
200 __attribute__((noinline))
201 static void do_magic(int *magic, int **out)
202 {
203 int buf[MEMWIPE_WIPE_WORDS], i;
204
205 *out = buf;
206 for (i = 0; i < countof(buf); i++)
207 {
208 buf[i] = *magic;
209 }
210 /* passing buf to dbg should make sure the compiler can't optimize out buf.
211 * we use directly dbg(3), as DBG3() might be stripped with DEBUG_LEVEL. */
212 dbg(DBG_LIB, 3, "memwipe() pre: %b", buf, sizeof(buf));
213 memwipe(buf, sizeof(buf));
214 }
215
216 /**
217 * Check if memwipe works as expected
218 */
219 static bool check_memwipe()
220 {
221 int magic = 0xCAFEBABE, *buf, i;
222
223 do_magic(&magic, &buf);
224
225 for (i = 0; i < MEMWIPE_WIPE_WORDS; i++)
226 {
227 if (buf[i] == magic)
228 {
229 DBG1(DBG_LIB, "memwipe() check failed: stackdir: %b",
230 buf, MEMWIPE_WIPE_WORDS * sizeof(int));
231 return FALSE;
232 }
233 }
234 return TRUE;
235 }
236
237 /*
238 * see header file
239 */
240 bool library_init(char *settings, const char *namespace)
241 {
242 private_library_t *this;
243 printf_hook_t *pfh;
244
245 if (lib)
246 { /* already initialized, increase refcount */
247 this = (private_library_t*)lib;
248 ref_get(&this->ref);
249 return !this->integrity_failed;
250 }
251
252 INIT(this,
253 .public = {
254 .get = _get,
255 .set = _set,
256 .ns = strdup(namespace ?: "libstrongswan"),
257 },
258 .ref = 1,
259 );
260 lib = &this->public;
261
262 backtrace_init();
263 threads_init();
264 arrays_init();
265
266 #ifdef LEAK_DETECTIVE
267 lib->leak_detective = leak_detective_create();
268 lib->leak_detective->set_report_cb(lib->leak_detective,
269 report_leaks, sum_leaks, NULL);
270 #endif /* LEAK_DETECTIVE */
271
272 pfh = printf_hook_create();
273 this->public.printf_hook = pfh;
274
275 pfh->add_handler(pfh, 'b', mem_printf_hook,
276 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
277 PRINTF_HOOK_ARGTYPE_END);
278 pfh->add_handler(pfh, 'B', chunk_printf_hook,
279 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
280 pfh->add_handler(pfh, 'H', host_printf_hook,
281 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
282 pfh->add_handler(pfh, 'N', enum_printf_hook,
283 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
284 PRINTF_HOOK_ARGTYPE_END);
285 pfh->add_handler(pfh, 'T', time_printf_hook,
286 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
287 PRINTF_HOOK_ARGTYPE_END);
288 pfh->add_handler(pfh, 'V', time_delta_printf_hook,
289 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_POINTER,
290 PRINTF_HOOK_ARGTYPE_END);
291 pfh->add_handler(pfh, 'Y', identification_printf_hook,
292 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
293 pfh->add_handler(pfh, 'R', traffic_selector_printf_hook,
294 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
295
296 this->objects = hashtable_create((hashtable_hash_t)hash,
297 (hashtable_equals_t)equals, 4);
298 this->public.settings = settings_create(settings);
299 /* all namespace settings may fall back to libstrongswan */
300 lib->settings->add_fallback(lib->settings, lib->ns, "libstrongswan");
301
302 this->public.hosts = host_resolver_create();
303 this->public.proposal = proposal_keywords_create();
304 this->public.caps = capabilities_create();
305 this->public.crypto = crypto_factory_create();
306 this->public.creds = credential_factory_create();
307 this->public.credmgr = credential_manager_create();
308 this->public.encoding = cred_encoding_create();
309 this->public.fetcher = fetcher_manager_create();
310 this->public.resolver = resolver_manager_create();
311 this->public.db = database_factory_create();
312 this->public.processor = processor_create();
313 this->public.scheduler = scheduler_create();
314 this->public.watcher = watcher_create();
315 this->public.streams = stream_manager_create();
316 this->public.plugins = plugin_loader_create();
317
318 if (!check_memwipe())
319 {
320 return FALSE;
321 }
322
323 if (lib->settings->get_bool(lib->settings,
324 "%s.integrity_test", FALSE, lib->ns))
325 {
326 #ifdef INTEGRITY_TEST
327 this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY);
328 if (!lib->integrity->check(lib->integrity, "libstrongswan", library_init))
329 {
330 DBG1(DBG_LIB, "integrity check of libstrongswan failed");
331 this->integrity_failed = TRUE;
332 }
333 #else /* !INTEGRITY_TEST */
334 DBG1(DBG_LIB, "integrity test enabled, but not supported");
335 this->integrity_failed = TRUE;
336 #endif /* INTEGRITY_TEST */
337 }
338
339 return !this->integrity_failed;
340 }