1 /* strongSwan Pluto launcher
2 * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 #include <sys/types.h>
26 #include "../pluto/constants.h"
27 #include "../pluto/defs.h"
28 #include "../pluto/log.h"
31 #include "invokepluto.h"
33 #include "starterwhack.h"
35 static int _pluto_pid
= 0;
36 static int _stop_requested
;
39 starter_pluto_pid(void)
45 starter_pluto_sigchild(pid_t pid
, int status
)
47 if (pid
== _pluto_pid
)
50 if (status
== SS_RC_LIBSTRONGSWAN_INTEGRITY
||
51 status
== SS_RC_DAEMON_INTEGRITY
)
53 plog("pluto has quit: integrity test of %s failed",
54 (status
== 64) ?
"libstrongswan" : "pluto");
57 else if (status
== SS_RC_INITIALIZATION_FAILED
)
59 plog("pluto has quit: initialization failed");
64 plog("pluto has died -- restart scheduled (%dsec)"
65 , PLUTO_RESTART_DELAY
);
66 alarm(PLUTO_RESTART_DELAY
); // restart in 5 sec
68 unlink(PLUTO_PID_FILE
);
73 starter_stop_pluto (void)
76 pid_t pid
= _pluto_pid
;
82 if (starter_whack_shutdown() == 0)
84 for (i
= 0; i
< 400; i
++)
86 usleep(20000); /* sleep for 20 ms */
89 plog("pluto stopped after %d ms", 20*(i
+1));
94 /* be more and more aggressive */
95 for (i
= 0; i
< 20 && (pid
= _pluto_pid
) != 0; i
++)
105 plog("starter_stop_pluto(): pluto does not respond, sending KILL");
111 usleep(100000); /* sleep for 100 ms */
115 plog("pluto stopped after %d ms", 8000 + 100*i
);
118 plog("starter_stop_pluto(): can't stop pluto !!!");
123 plog("stater_stop_pluto(): pluto is not started...");
128 #define ADD_DEBUG(v) { \
129 for (l = cfg->setup.plutodebug; l && *l; l++) if (streq(*l, v)) \
130 arg[argc++] = "--debug-" v; \
134 starter_start_pluto (starter_config_t
*cfg
, bool no_fork
, bool attach_gdb
)
142 PLUTO_CMD
, "--nofork"
143 , NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
144 , NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
145 , NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
146 , NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
149 printf ("starter_start_pluto entered\n");
154 arg
[argc
++] = "/usr/bin/gdb";
155 arg
[argc
++] = "--args";
156 arg
[argc
++] = PLUTO_CMD
;
157 arg
[argc
++] = "--nofork";
159 if (cfg
->setup
.plutostderrlog
|| no_fork
)
161 arg
[argc
++] = "--stderrlog";
163 if (cfg
->setup
.uniqueids
)
165 arg
[argc
++] = "--uniqueids";
172 ADD_DEBUG("emitting")
174 ADD_DEBUG("lifecycle")
180 ADD_DEBUG("controlmore")
182 if (cfg
->setup
.crlcheckinterval
> 0)
184 static char buf1
[15];
186 arg
[argc
++] = "--crlcheckinterval";
187 snprintf(buf1
, sizeof(buf1
), "%u", cfg
->setup
.crlcheckinterval
);
190 if (cfg
->setup
.cachecrls
)
192 arg
[argc
++] = "--cachecrls";
194 if (cfg
->setup
.strictcrlpolicy
)
196 arg
[argc
++] = "--strictcrlpolicy";
198 if (cfg
->setup
.nocrsend
)
200 arg
[argc
++] = "--nocrsend";
202 if (cfg
->setup
.nat_traversal
)
204 arg
[argc
++] = "--nat_traversal";
206 if (cfg
->setup
.force_keepalive
)
208 arg
[argc
++] = "--force_keepalive";
210 if (cfg
->setup
.keep_alive
)
212 static char buf2
[15];
214 arg
[argc
++] = "--keep_alive";
215 snprintf(buf2
, sizeof(buf2
), "%u", cfg
->setup
.keep_alive
);
218 if (cfg
->setup
.virtual_private
)
220 arg
[argc
++] = "--virtual_private";
221 arg
[argc
++] = cfg
->setup
.virtual_private
;
223 if (cfg
->setup
.pkcs11module
)
225 arg
[argc
++] = "--pkcs11module";
226 arg
[argc
++] = cfg
->setup
.pkcs11module
;
228 if (cfg
->setup
.pkcs11initargs
)
230 arg
[argc
++] = "--pkcs11initargs";
231 arg
[argc
++] = cfg
->setup
.pkcs11initargs
;
233 if (cfg
->setup
.pkcs11keepstate
)
235 arg
[argc
++] = "--pkcs11keepstate";
237 if (cfg
->setup
.pkcs11proxy
)
239 arg
[argc
++] = "--pkcs11proxy";
244 plog("starter_start_pluto(): pluto already started...");
249 unlink(PLUTO_CTL_FILE
);
252 if (cfg
->setup
.prepluto
)
253 ignore_result(system(cfg
->setup
.prepluto
));
259 plog("can't fork(): %s", strerror(errno
));
263 if (cfg
->setup
.plutostderrlog
)
265 int f
= creat(cfg
->setup
.plutostderrlog
, 00644);
267 /* redirect stderr to file */
270 plog("couldn't open stderr redirection file '%s'",
271 cfg
->setup
.plutostderrlog
);
279 sigprocmask(SIG_SETMASK
, 0, NULL
);
280 /* disable glibc's malloc checker, conflicts with leak detective */
281 setenv("MALLOC_CHECK_", "0", 1);
283 plog("can't execv(%s,...): %s", arg
[0], strerror(errno
));
288 for (i
= 0; i
< 500 && _pluto_pid
; i
++)
290 /* wait for pluto for a maximum of 500 x 20 ms = 10 s */
292 if (stat(PLUTO_CTL_FILE
, &stb
) == 0)
294 plog("pluto (%d) started after %d ms", _pluto_pid
, 20*(i
+1));
295 if (cfg
->setup
.postpluto
)
297 ignore_result(system(cfg
->setup
.postpluto
));
304 /* If pluto is started but with no ctl file, stop it */
305 plog("pluto too long to start... - kill kill");
306 for (i
= 0; i
< 20 && (pid
= _pluto_pid
) != 0; i
++)
316 usleep(20000); /* sleep for 20 ms */
321 plog("pluto refused to be started");