starter: Changed signal handling now that starter is multi-threaded.
[strongswan.git] / src / starter / starter.c
1 /* strongSwan IPsec starter
2 * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include <sys/types.h>
16 #include <sys/wait.h>
17 #include <sys/stat.h>
18 #include <stdlib.h>
19 #include <stdio.h>
20 #include <signal.h>
21 #include <unistd.h>
22 #include <sys/time.h>
23 #include <time.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <pwd.h>
28 #include <grp.h>
29 #include <pthread.h>
30
31 #include <freeswan.h>
32 #include <library.h>
33 #include <hydra.h>
34 #include <utils/backtrace.h>
35 #include <threading/thread.h>
36
37 #include "../pluto/constants.h"
38 #include "../pluto/defs.h"
39 #include "../pluto/log.h"
40
41 #include "confread.h"
42 #include "files.h"
43 #include "starterwhack.h"
44 #include "starterstroke.h"
45 #include "invokepluto.h"
46 #include "invokecharon.h"
47 #include "netkey.h"
48 #include "klips.h"
49 #include "cmp.h"
50 #include "interfaces.h"
51
52 /**
53 * Number of threads in the thread pool, if not specified in config.
54 */
55 #define DEFAULT_THREADS 4
56
57 /**
58 * Return codes defined by Linux Standard Base Core Specification 3.1
59 * in section 20.2. Init Script Actions
60 */
61 #define LSB_RC_SUCCESS 0 /* success */
62 #define LSB_RC_FAILURE 1 /* generic or unspecified error */
63 #define LSB_RC_INVALID_ARGUMENT 2 /* invalid or excess argument(s) */
64 #define LSB_RC_NOT_IMPLEMENTED 3 /* unimplemented feature (reload) */
65 #define LSB_RC_NOT_ALLOWED 4 /* user had insufficient privilege */
66 #define LSB_RC_NOT_INSTALLED 5 /* program is not installed */
67 #define LSB_RC_NOT_CONFIGURED 6 /* program is not configured */
68 #define LSB_RC_NOT_RUNNING 7 /* program is not running */
69
70 #define FLAG_ACTION_START_PLUTO 0x01
71 #define FLAG_ACTION_UPDATE 0x02
72 #define FLAG_ACTION_RELOAD 0x04
73 #define FLAG_ACTION_QUIT 0x08
74 #define FLAG_ACTION_LISTEN 0x10
75 #define FLAG_ACTION_START_CHARON 0x20
76
77 static unsigned int _action_ = 0;
78
79 /**
80 * Handle signals in the main thread
81 */
82 static void signal_handler(int signal)
83 {
84 switch (signal)
85 {
86 case SIGCHLD:
87 {
88 int status, exit_status = 0;
89 pid_t pid;
90 char *name = NULL;
91
92 while ((pid = waitpid(-1, &status, WNOHANG)) > 0)
93 {
94 if (pid == starter_pluto_pid())
95 {
96 name = " (Pluto)";
97 }
98 if (pid == starter_charon_pid())
99 {
100 name = " (Charon)";
101 }
102 if (WIFSIGNALED(status))
103 {
104 DBG(DBG_CONTROL,
105 DBG_log("child %d%s has been killed by sig %d\n",
106 pid, name?name:"", WTERMSIG(status))
107 )
108 }
109 else if (WIFSTOPPED(status))
110 {
111 DBG(DBG_CONTROL,
112 DBG_log("child %d%s has been stopped by sig %d\n",
113 pid, name?name:"", WSTOPSIG(status))
114 )
115 }
116 else if (WIFEXITED(status))
117 {
118 exit_status = WEXITSTATUS(status);
119 if (exit_status >= SS_RC_FIRST && exit_status <= SS_RC_LAST)
120 {
121 _action_ = FLAG_ACTION_QUIT;
122 }
123 DBG(DBG_CONTROL,
124 DBG_log("child %d%s has quit (exit code %d)\n",
125 pid, name?name:"", exit_status)
126 )
127 }
128 else
129 {
130 DBG(DBG_CONTROL,
131 DBG_log("child %d%s has quit", pid, name?name:"")
132 )
133 }
134 if (pid == starter_pluto_pid())
135 {
136 starter_pluto_sigchild(pid, exit_status);
137 }
138 if (pid == starter_charon_pid())
139 {
140 starter_charon_sigchild(pid, exit_status);
141 }
142 }
143 }
144 break;
145
146 case SIGALRM:
147 _action_ |= FLAG_ACTION_START_PLUTO;
148 _action_ |= FLAG_ACTION_START_CHARON;
149 break;
150
151 case SIGHUP:
152 _action_ |= FLAG_ACTION_UPDATE;
153 break;
154
155 case SIGTERM:
156 case SIGQUIT:
157 case SIGINT:
158 _action_ |= FLAG_ACTION_QUIT;
159 break;
160
161 case SIGUSR1:
162 _action_ |= FLAG_ACTION_RELOAD;
163 _action_ |= FLAG_ACTION_UPDATE;
164 break;
165
166 default:
167 plog("fsig(): unknown signal %d -- investigate", signal);
168 break;
169 }
170 }
171
172 /**
173 * Handle fatal signals raised by threads
174 */
175 static void fatal_signal_handler(int signal)
176 {
177 backtrace_t *backtrace;
178
179 plog("thread %u received %d", thread_current_id(), signal);
180 backtrace = backtrace_create(2);
181 backtrace->log(backtrace, stderr, TRUE);
182 backtrace->destroy(backtrace);
183
184 plog("killing ourself, received critical signal");
185 abort();
186 }
187
188 #ifdef GENERATE_SELFCERT
189 static void generate_selfcert()
190 {
191 struct stat stb;
192
193 /* if ipsec.secrets file is missing then generate RSA default key pair */
194 if (stat(SECRETS_FILE, &stb) != 0)
195 {
196 mode_t oldmask;
197 FILE *f;
198 uid_t uid = 0;
199 gid_t gid = 0;
200
201 #ifdef IPSEC_GROUP
202 {
203 char buf[1024];
204 struct group group, *grp;
205
206 if (getgrnam_r(IPSEC_GROUP, &group, buf, sizeof(buf), &grp) == 0 && grp)
207 {
208 gid = grp->gr_gid;
209 }
210 }
211 #endif
212 #ifdef IPSEC_USER
213 {
214 char buf[1024];
215 struct passwd passwd, *pwp;
216
217 if (getpwnam_r(IPSEC_USER, &passwd, buf, sizeof(buf), &pwp) == 0 && pwp)
218 {
219 uid = pwp->pw_uid;
220 }
221 }
222 #endif
223 setegid(gid);
224 seteuid(uid);
225 ignore_result(system("ipsec scepclient --out pkcs1 --out cert-self --quiet"));
226 seteuid(0);
227 setegid(0);
228
229 /* ipsec.secrets is root readable only */
230 oldmask = umask(0066);
231
232 f = fopen(SECRETS_FILE, "w");
233 if (f)
234 {
235 fprintf(f, "# /etc/ipsec.secrets - strongSwan IPsec secrets file\n");
236 fprintf(f, "\n");
237 fprintf(f, ": RSA myKey.der\n");
238 fclose(f);
239 }
240 ignore_result(chown(SECRETS_FILE, uid, gid));
241 umask(oldmask);
242 }
243 }
244 #endif /* GENERATE_SELFCERT */
245
246 static bool check_pid(char *pid_file)
247 {
248 struct stat stb;
249 FILE *pidfile;
250
251 if (stat(pid_file, &stb) == 0)
252 {
253 pidfile = fopen(pid_file, "r");
254 if (pidfile)
255 {
256 char buf[64];
257 pid_t pid = 0;
258 memset(buf, 0, sizeof(buf));
259 if (fread(buf, 1, sizeof(buf), pidfile))
260 {
261 buf[sizeof(buf) - 1] = '\0';
262 pid = atoi(buf);
263 }
264 fclose(pidfile);
265 if (pid && kill(pid, 0) == 0)
266 { /* such a process is running */
267 return TRUE;
268 }
269 }
270 plog("removing pidfile '%s', process not running", pid_file);
271 unlink(pid_file);
272 }
273 return FALSE;
274 }
275
276 static void usage(char *name)
277 {
278 fprintf(stderr, "Usage: starter [--nofork] [--auto-update <sec>] "
279 "[--debug|--debug-more|--debug-all]\n");
280 exit(LSB_RC_INVALID_ARGUMENT);
281 }
282
283 int main (int argc, char **argv)
284 {
285 starter_config_t *cfg = NULL;
286 starter_config_t *new_cfg;
287 starter_conn_t *conn, *conn2;
288 starter_ca_t *ca, *ca2;
289
290 struct sigaction action;
291 struct stat stb;
292
293 int i;
294 int id = 1;
295 struct timeval tv;
296 unsigned long auto_update = 0;
297 time_t last_reload;
298 bool no_fork = FALSE;
299 bool attach_gdb = FALSE;
300 bool load_warning = FALSE;
301
302 /* global variables defined in log.h */
303 log_to_stderr = TRUE;
304 base_debugging = DBG_NONE;
305
306 library_init(NULL);
307 atexit(library_deinit);
308
309 libhydra_init("starter");
310 atexit(libhydra_deinit);
311
312 /* parse command line */
313 for (i = 1; i < argc; i++)
314 {
315 if (streq(argv[i], "--debug"))
316 {
317 base_debugging |= DBG_CONTROL;
318 }
319 else if (streq(argv[i], "--debug-more"))
320 {
321 base_debugging |= DBG_CONTROLMORE;
322 }
323 else if (streq(argv[i], "--debug-all"))
324 {
325 base_debugging |= DBG_ALL;
326 }
327 else if (streq(argv[i], "--nofork"))
328 {
329 no_fork = TRUE;
330 }
331 else if (streq(argv[i], "--attach-gdb"))
332 {
333 no_fork = TRUE;
334 attach_gdb = TRUE;
335 }
336 else if (streq(argv[i], "--auto-update") && i+1 < argc)
337 {
338 auto_update = atoi(argv[++i]);
339 if (!auto_update)
340 usage(argv[0]);
341 }
342 else
343 {
344 usage(argv[0]);
345 }
346 }
347
348 /* Init */
349 init_log("ipsec_starter");
350 cur_debugging = base_debugging;
351
352 plog("Starting strongSwan "VERSION" IPsec [starter]...");
353
354 #ifdef LOAD_WARNING
355 load_warning = TRUE;
356 #endif
357
358 if (lib->settings->get_bool(lib->settings, "starter.load_warning", load_warning))
359 {
360 if (lib->settings->get_str(lib->settings, "charon.load", NULL) ||
361 lib->settings->get_str(lib->settings, "pluto.load", NULL))
362 {
363 plog("!! Your strongswan.conf contains manual plugin load options for");
364 plog("!! pluto and/or charon. This is recommended for experts only, see");
365 plog("!! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad");
366 }
367 }
368
369 /* verify that we can start */
370 if (getuid() != 0)
371 {
372 plog("permission denied (must be superuser)");
373 exit(LSB_RC_NOT_ALLOWED);
374 }
375
376 if (check_pid(PLUTO_PID_FILE))
377 {
378 plog("pluto is already running (%s exists) -- skipping pluto start",
379 PLUTO_PID_FILE);
380 }
381 else
382 {
383 _action_ |= FLAG_ACTION_START_PLUTO;
384 }
385 if (check_pid(CHARON_PID_FILE))
386 {
387 plog("charon is already running (%s exists) -- skipping charon start",
388 CHARON_PID_FILE);
389 }
390 else
391 {
392 _action_ |= FLAG_ACTION_START_CHARON;
393 }
394 if (stat(DEV_RANDOM, &stb) != 0)
395 {
396 plog("unable to start strongSwan IPsec -- no %s!", DEV_RANDOM);
397 exit(LSB_RC_FAILURE);
398 }
399
400 if (stat(DEV_URANDOM, &stb)!= 0)
401 {
402 plog("unable to start strongSwan IPsec -- no %s!", DEV_URANDOM);
403 exit(LSB_RC_FAILURE);
404 }
405
406 cfg = confread_load(CONFIG_FILE);
407 if (cfg == NULL || cfg->err > 0)
408 {
409 plog("unable to start strongSwan -- fatal errors in config");
410 if (cfg)
411 {
412 confread_free(cfg);
413 }
414 exit(LSB_RC_INVALID_ARGUMENT);
415 }
416
417 /* determine if we have a native netkey IPsec stack */
418 if (!starter_netkey_init())
419 {
420 plog("no netkey IPsec stack detected");
421 if (!starter_klips_init())
422 {
423 plog("no KLIPS IPsec stack detected");
424 plog("no known IPsec stack detected, ignoring!");
425 }
426 }
427
428 last_reload = time_monotonic(NULL);
429
430 if (check_pid(STARTER_PID_FILE))
431 {
432 plog("starter is already running (%s exists) -- no fork done",
433 STARTER_PID_FILE);
434 confread_free(cfg);
435 exit(LSB_RC_SUCCESS);
436 }
437
438 #ifdef GENERATE_SELFCERT
439 generate_selfcert();
440 #endif
441
442 /* fork if we're not debugging stuff */
443 if (!no_fork)
444 {
445 log_to_stderr = FALSE;
446
447 switch (fork())
448 {
449 case 0:
450 {
451 int fnull;
452
453 closefrom(3);
454
455 fnull = open("/dev/null", O_RDWR);
456 if (fnull >= 0)
457 {
458 dup2(fnull, STDIN_FILENO);
459 dup2(fnull, STDOUT_FILENO);
460 dup2(fnull, STDERR_FILENO);
461 close(fnull);
462 }
463
464 setsid();
465 }
466 break;
467 case -1:
468 plog("can't fork: %s", strerror(errno));
469 break;
470 default:
471 confread_free(cfg);
472 exit(LSB_RC_SUCCESS);
473 }
474 }
475
476 /* save pid file in /var/run/starter.pid */
477 {
478 FILE *fd = fopen(STARTER_PID_FILE, "w");
479
480 if (fd)
481 {
482 fprintf(fd, "%u\n", getpid());
483 fclose(fd);
484 }
485 }
486
487 /* load plugins */
488 if (!lib->plugins->load(lib->plugins, NULL,
489 lib->settings->get_str(lib->settings, "starter.load", PLUGINS)))
490 {
491 exit(LSB_RC_FAILURE);
492 }
493
494 /* we handle these signals in the main thread, so we don't want any
495 * of the others to catch them. install a handler for fatal signals. */
496 memset(&action, 0, sizeof(action));
497 sigemptyset(&action.sa_mask);
498 sigaddset(&action.sa_mask, SIGHUP);
499 sigaddset(&action.sa_mask, SIGINT);
500 sigaddset(&action.sa_mask, SIGTERM);
501 sigaddset(&action.sa_mask, SIGQUIT);
502 sigaddset(&action.sa_mask, SIGALRM);
503 sigaddset(&action.sa_mask, SIGCHLD);
504 sigaddset(&action.sa_mask, SIGUSR1);
505 pthread_sigmask(SIG_SETMASK, &action.sa_mask, NULL);
506
507 action.sa_handler = fatal_signal_handler;
508 sigaction(SIGSEGV, &action, NULL);
509 sigaction(SIGILL, &action, NULL);
510 sigaction(SIGBUS, &action, NULL);
511 action.sa_handler = SIG_IGN;
512 sigaction(SIGPIPE, &action, NULL);
513
514 /* we need threads to read events from the kernel */
515 lib->processor->set_threads(lib->processor,
516 lib->settings->get_int(lib->settings, "starter.threads",
517 DEFAULT_THREADS));
518
519 /* enable signals for main thread and install signal handler */
520 pthread_sigmask(SIG_UNBLOCK, &action.sa_mask, NULL);
521 action.sa_handler = signal_handler;
522 sigaction(SIGHUP, &action, NULL);
523 sigaction(SIGINT, &action, NULL);
524 sigaction(SIGTERM, &action, NULL);
525 sigaction(SIGQUIT, &action, NULL);
526 sigaction(SIGALRM, &action, NULL);
527 sigaction(SIGCHLD, &action, NULL);
528 sigaction(SIGUSR1, &action, NULL);
529
530 for (;;)
531 {
532 /*
533 * Stop pluto/charon (if started) and exit
534 */
535 if (_action_ & FLAG_ACTION_QUIT)
536 {
537 if (starter_pluto_pid())
538 {
539 starter_stop_pluto();
540 }
541 if (starter_charon_pid())
542 {
543 starter_stop_charon();
544 }
545 starter_netkey_cleanup();
546 confread_free(cfg);
547 unlink(STARTER_PID_FILE);
548 plog("ipsec starter stopped");
549 lib->plugins->unload(lib->plugins);
550 close_log();
551 exit(LSB_RC_SUCCESS);
552 }
553
554 /*
555 * Delete all connections. Will be added below
556 */
557 if (_action_ & FLAG_ACTION_RELOAD)
558 {
559 if (starter_pluto_pid() || starter_charon_pid())
560 {
561 for (conn = cfg->conn_first; conn; conn = conn->next)
562 {
563 if (conn->state == STATE_ADDED)
564 {
565 if (starter_charon_pid())
566 {
567 starter_stroke_del_conn(conn);
568 }
569 if (starter_pluto_pid())
570 {
571 starter_whack_del_conn(conn);
572 }
573 conn->state = STATE_TO_ADD;
574 }
575 }
576 for (ca = cfg->ca_first; ca; ca = ca->next)
577 {
578 if (ca->state == STATE_ADDED)
579 {
580 if (starter_charon_pid())
581 {
582 starter_stroke_del_ca(ca);
583 }
584 if (starter_pluto_pid())
585 {
586 starter_whack_del_ca(ca);
587 }
588 ca->state = STATE_TO_ADD;
589 }
590 }
591 }
592 _action_ &= ~FLAG_ACTION_RELOAD;
593 }
594
595 /*
596 * Update configuration
597 */
598 if (_action_ & FLAG_ACTION_UPDATE)
599 {
600 DBG(DBG_CONTROL,
601 DBG_log("Reloading config...")
602 );
603 new_cfg = confread_load(CONFIG_FILE);
604
605 if (new_cfg && (new_cfg->err + new_cfg->non_fatal_err == 0))
606 {
607 /* Switch to new config. New conn will be loaded below */
608 if (!starter_cmp_defaultroute(&new_cfg->defaultroute
609 , &cfg->defaultroute))
610 {
611 _action_ |= FLAG_ACTION_LISTEN;
612 }
613
614 if (!starter_cmp_pluto(cfg, new_cfg))
615 {
616 plog("Pluto has changed");
617 if (starter_pluto_pid())
618 starter_stop_pluto();
619 _action_ &= ~FLAG_ACTION_LISTEN;
620 _action_ |= FLAG_ACTION_START_PLUTO;
621 }
622 else
623 {
624 /* Only reload conn and ca sections if pluto is not killed */
625
626 /* Look for new connections that are already loaded */
627 for (conn = cfg->conn_first; conn; conn = conn->next)
628 {
629 if (conn->state == STATE_ADDED)
630 {
631 for (conn2 = new_cfg->conn_first; conn2; conn2 = conn2->next)
632 {
633 if (conn2->state == STATE_TO_ADD && starter_cmp_conn(conn, conn2))
634 {
635 conn->state = STATE_REPLACED;
636 conn2->state = STATE_ADDED;
637 conn2->id = conn->id;
638 break;
639 }
640 }
641 }
642 }
643
644 /* Remove conn sections that have become unused */
645 for (conn = cfg->conn_first; conn; conn = conn->next)
646 {
647 if (conn->state == STATE_ADDED)
648 {
649 if (starter_charon_pid())
650 {
651 starter_stroke_del_conn(conn);
652 }
653 if (starter_pluto_pid())
654 {
655 starter_whack_del_conn(conn);
656 }
657 }
658 }
659
660 /* Look for new ca sections that are already loaded */
661 for (ca = cfg->ca_first; ca; ca = ca->next)
662 {
663 if (ca->state == STATE_ADDED)
664 {
665 for (ca2 = new_cfg->ca_first; ca2; ca2 = ca2->next)
666 {
667 if (ca2->state == STATE_TO_ADD && starter_cmp_ca(ca, ca2))
668 {
669 ca->state = STATE_REPLACED;
670 ca2->state = STATE_ADDED;
671 break;
672 }
673 }
674 }
675 }
676
677 /* Remove ca sections that have become unused */
678 for (ca = cfg->ca_first; ca; ca = ca->next)
679 {
680 if (ca->state == STATE_ADDED)
681 {
682 if (starter_charon_pid())
683 {
684 starter_stroke_del_ca(ca);
685 }
686 if (starter_pluto_pid())
687 {
688 starter_whack_del_ca(ca);
689 }
690 }
691 }
692 }
693 confread_free(cfg);
694 cfg = new_cfg;
695 }
696 else
697 {
698 plog("can't reload config file due to errors -- keeping old one");
699 if (new_cfg)
700 {
701 confread_free(new_cfg);
702 }
703 }
704 _action_ &= ~FLAG_ACTION_UPDATE;
705 last_reload = time_monotonic(NULL);
706 }
707
708 /*
709 * Start pluto
710 */
711 if (_action_ & FLAG_ACTION_START_PLUTO)
712 {
713 if (cfg->setup.plutostart && !starter_pluto_pid())
714 {
715 DBG(DBG_CONTROL,
716 DBG_log("Attempting to start pluto...")
717 );
718
719 if (starter_start_pluto(cfg, no_fork, attach_gdb) == 0)
720 {
721 starter_whack_listen();
722 }
723 else
724 {
725 /* schedule next try */
726 alarm(PLUTO_RESTART_DELAY);
727 }
728 }
729 _action_ &= ~FLAG_ACTION_START_PLUTO;
730
731 for (ca = cfg->ca_first; ca; ca = ca->next)
732 {
733 if (ca->state == STATE_ADDED)
734 ca->state = STATE_TO_ADD;
735 }
736
737 for (conn = cfg->conn_first; conn; conn = conn->next)
738 {
739 if (conn->state == STATE_ADDED)
740 conn->state = STATE_TO_ADD;
741 }
742 }
743
744 /*
745 * Start charon
746 */
747 if (_action_ & FLAG_ACTION_START_CHARON)
748 {
749 if (cfg->setup.charonstart && !starter_charon_pid())
750 {
751 DBG(DBG_CONTROL,
752 DBG_log("Attempting to start charon...")
753 );
754 if (starter_start_charon(cfg, no_fork, attach_gdb))
755 {
756 /* schedule next try */
757 alarm(PLUTO_RESTART_DELAY);
758 }
759 starter_stroke_configure(cfg);
760 }
761 _action_ &= ~FLAG_ACTION_START_CHARON;
762 }
763
764 /*
765 * Tell pluto to reread its interfaces
766 */
767 if (_action_ & FLAG_ACTION_LISTEN)
768 {
769 if (starter_pluto_pid())
770 {
771 starter_whack_listen();
772 _action_ &= ~FLAG_ACTION_LISTEN;
773 }
774 }
775
776 /*
777 * Add stale conn and ca sections
778 */
779 if (starter_pluto_pid() || starter_charon_pid())
780 {
781 for (ca = cfg->ca_first; ca; ca = ca->next)
782 {
783 if (ca->state == STATE_TO_ADD)
784 {
785 if (starter_charon_pid())
786 {
787 starter_stroke_add_ca(ca);
788 }
789 if (starter_pluto_pid())
790 {
791 starter_whack_add_ca(ca);
792 }
793 ca->state = STATE_ADDED;
794 }
795 }
796
797 for (conn = cfg->conn_first; conn; conn = conn->next)
798 {
799 if (conn->state == STATE_TO_ADD)
800 {
801 if (conn->id == 0)
802 {
803 /* affect new unique id */
804 conn->id = id++;
805 }
806 if (starter_charon_pid())
807 {
808 starter_stroke_add_conn(cfg, conn);
809 }
810 if (starter_pluto_pid())
811 {
812 starter_whack_add_conn(conn);
813 }
814 conn->state = STATE_ADDED;
815
816 if (conn->startup == STARTUP_START)
817 {
818 if (starter_charon_pid())
819 {
820 starter_stroke_initiate_conn(conn);
821 }
822 if (conn->keyexchange == KEY_EXCHANGE_IKEV1)
823 {
824 if (starter_pluto_pid())
825 {
826 starter_whack_initiate_conn(conn);
827 }
828 }
829 }
830 else if (conn->startup == STARTUP_ROUTE)
831 {
832 if (starter_charon_pid())
833 {
834 starter_stroke_route_conn(conn);
835 }
836 if (conn->keyexchange == KEY_EXCHANGE_IKEV1)
837 {
838 if (starter_pluto_pid())
839 {
840 starter_whack_route_conn(conn);
841 }
842 }
843 }
844 }
845 }
846 }
847
848 /*
849 * If auto_update activated, when to stop select
850 */
851 if (auto_update)
852 {
853 time_t now = time_monotonic(NULL);
854
855 tv.tv_sec = (now < last_reload + auto_update)
856 ? (last_reload + auto_update-now) : 0;
857 tv.tv_usec = 0;
858 }
859
860 /*
861 * Wait for something to happen
862 */
863 if (select(0, NULL, NULL, NULL, auto_update ? &tv : NULL) == 0)
864 {
865 /* timeout -> auto_update */
866 _action_ |= FLAG_ACTION_UPDATE;
867 }
868 }
869 exit(LSB_RC_SUCCESS);
870 }
871