Disabled listening for kernel events in starter.
authorTobias Brunner <tobias@strongswan.org>
Thu, 7 Jun 2012 10:00:37 +0000 (12:00 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 8 Jun 2012 12:12:06 +0000 (14:12 +0200)
src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c
src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c

index 3bffadd..d0076b5 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2011 Tobias Brunner
+ * Copyright (C) 2006-2012 Tobias Brunner
  * Copyright (C) 2005-2009 Martin Willi
  * Copyright (C) 2008 Andreas Steffen
  * Copyright (C) 2006-2007 Fabian Hartmann, Noah Heusser
@@ -2645,7 +2645,7 @@ METHOD(kernel_ipsec_t, destroy, void,
 kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
 {
        private_kernel_netlink_ipsec_t *this;
-       struct sockaddr_nl addr;
+       bool register_for_events = TRUE;
        int fd;
 
        INIT(this,
@@ -2687,6 +2687,10 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
                /* no policy history for pluto */
                this->policy_history = FALSE;
        }
+       else if (streq(hydra->daemon, "starter"))
+       {       /* starter has no threads, so we do not register for kernel events */
+               register_for_events = FALSE;
+       }
 
        /* disable lifetimes for allocated SPIs in kernel */
        fd = open("/proc/sys/net/core/xfrm_acq_expires", O_WRONLY);
@@ -2703,28 +2707,33 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
                return NULL;
        }
 
-       memset(&addr, 0, sizeof(addr));
-       addr.nl_family = AF_NETLINK;
-
-       /* create and bind XFRM socket for ACQUIRE, EXPIRE, MIGRATE & MAPPING */
-       this->socket_xfrm_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_XFRM);
-       if (this->socket_xfrm_events <= 0)
+       if (register_for_events)
        {
-               DBG1(DBG_KNL, "unable to create XFRM event socket");
-               destroy(this);
-               return NULL;
-       }
-       addr.nl_groups = XFRMNLGRP(ACQUIRE) | XFRMNLGRP(EXPIRE) |
-                                        XFRMNLGRP(MIGRATE) | XFRMNLGRP(MAPPING);
-       if (bind(this->socket_xfrm_events, (struct sockaddr*)&addr, sizeof(addr)))
-       {
-               DBG1(DBG_KNL, "unable to bind XFRM event socket");
-               destroy(this);
-               return NULL;
+               struct sockaddr_nl addr;
+
+               memset(&addr, 0, sizeof(addr));
+               addr.nl_family = AF_NETLINK;
+
+               /* create and bind XFRM socket for ACQUIRE, EXPIRE, MIGRATE & MAPPING */
+               this->socket_xfrm_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_XFRM);
+               if (this->socket_xfrm_events <= 0)
+               {
+                       DBG1(DBG_KNL, "unable to create XFRM event socket");
+                       destroy(this);
+                       return NULL;
+               }
+               addr.nl_groups = XFRMNLGRP(ACQUIRE) | XFRMNLGRP(EXPIRE) |
+                                                XFRMNLGRP(MIGRATE) | XFRMNLGRP(MAPPING);
+               if (bind(this->socket_xfrm_events, (struct sockaddr*)&addr, sizeof(addr)))
+               {
+                       DBG1(DBG_KNL, "unable to bind XFRM event socket");
+                       destroy(this);
+                       return NULL;
+               }
+               this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
+                                                                                       this, NULL, NULL, JOB_PRIO_CRITICAL);
+               lib->processor->queue_job(lib->processor, (job_t*)this->job);
        }
-       this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
-                                                                               this, NULL, NULL, JOB_PRIO_CRITICAL);
-       lib->processor->queue_job(lib->processor, (job_t*)this->job);
 
        return &this->public;
 }
index c64a66b..a13cfc7 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008-2011 Tobias Brunner
+ * Copyright (C) 2008-2012 Tobias Brunner
  * Copyright (C) 2005-2008 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -1790,8 +1790,8 @@ METHOD(kernel_net_t, destroy, void,
 kernel_netlink_net_t *kernel_netlink_net_create()
 {
        private_kernel_netlink_net_t *this;
-       struct sockaddr_nl addr;
        enumerator_t *enumerator;
+       bool register_for_events = TRUE;
        char *exclude;
 
        INIT(this,
@@ -1831,6 +1831,11 @@ kernel_netlink_net_t *kernel_netlink_net_create()
        timerclear(&this->last_route_reinstall);
        timerclear(&this->last_roam);
 
+       if (streq(hydra->daemon, "starter"))
+       {       /* starter has no threads, so we do not register for kernel events */
+               register_for_events = FALSE;
+       }
+
        exclude = lib->settings->get_str(lib->settings,
                                        "%s.ignore_routing_tables", NULL, hydra->daemon);
        if (exclude)
@@ -1852,29 +1857,34 @@ kernel_netlink_net_t *kernel_netlink_net_create()
                enumerator->destroy(enumerator);
        }
 
-       memset(&addr, 0, sizeof(addr));
-       addr.nl_family = AF_NETLINK;
-
-       /* create and bind RT socket for events (address/interface/route changes) */
-       this->socket_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
-       if (this->socket_events < 0)
+       if (register_for_events)
        {
-               DBG1(DBG_KNL, "unable to create RT event socket");
-               destroy(this);
-               return NULL;
-       }
-       addr.nl_groups = RTMGRP_IPV4_IFADDR | RTMGRP_IPV6_IFADDR |
-                                        RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE | RTMGRP_LINK;
-       if (bind(this->socket_events, (struct sockaddr*)&addr, sizeof(addr)))
-       {
-               DBG1(DBG_KNL, "unable to bind RT event socket");
-               destroy(this);
-               return NULL;
-       }
+               struct sockaddr_nl addr;
+
+               memset(&addr, 0, sizeof(addr));
+               addr.nl_family = AF_NETLINK;
 
-       this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
-                                                                               this, NULL, NULL, JOB_PRIO_CRITICAL);
-       lib->processor->queue_job(lib->processor, (job_t*)this->job);
+               /* create and bind RT socket for events (address/interface/route changes) */
+               this->socket_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+               if (this->socket_events < 0)
+               {
+                       DBG1(DBG_KNL, "unable to create RT event socket");
+                       destroy(this);
+                       return NULL;
+               }
+               addr.nl_groups = RTMGRP_IPV4_IFADDR | RTMGRP_IPV6_IFADDR |
+                                                RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE | RTMGRP_LINK;
+               if (bind(this->socket_events, (struct sockaddr*)&addr, sizeof(addr)))
+               {
+                       DBG1(DBG_KNL, "unable to bind RT event socket");
+                       destroy(this);
+                       return NULL;
+               }
+
+               this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
+                                                                                       this, NULL, NULL, JOB_PRIO_CRITICAL);
+               lib->processor->queue_job(lib->processor, (job_t*)this->job);
+       }
 
        if (init_address_list(this) != SUCCESS)
        {
index 719c47a..8ad6748 100644 (file)
@@ -2524,6 +2524,7 @@ METHOD(kernel_ipsec_t, destroy, void,
 kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create()
 {
        private_kernel_pfkey_ipsec_t *this;
+       bool register_for_events = TRUE;
 
        INIT(this,
                .public = {
@@ -2557,6 +2558,10 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create()
        {       /* no routes for pluto, they are installed via updown script */
                this->install_routes = FALSE;
        }
+       else if (streq(hydra->daemon, "starter"))
+       {       /* starter has no threads, so we do not register for kernel events */
+               register_for_events = FALSE;
+       }
 
        /* create a PF_KEY socket to communicate with the kernel */
        this->socket = socket(PF_KEY, SOCK_RAW, PF_KEY_V2);
@@ -2567,27 +2572,30 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create()
                return NULL;
        }
 
-       /* create a PF_KEY socket for ACQUIRE & EXPIRE */
-       this->socket_events = socket(PF_KEY, SOCK_RAW, PF_KEY_V2);
-       if (this->socket_events <= 0)
+       if (register_for_events)
        {
-               DBG1(DBG_KNL, "unable to create PF_KEY event socket");
-               destroy(this);
-               return NULL;
-       }
+               /* create a PF_KEY socket for ACQUIRE & EXPIRE */
+               this->socket_events = socket(PF_KEY, SOCK_RAW, PF_KEY_V2);
+               if (this->socket_events <= 0)
+               {
+                       DBG1(DBG_KNL, "unable to create PF_KEY event socket");
+                       destroy(this);
+                       return NULL;
+               }
 
-       /* register the event socket */
-       if (register_pfkey_socket(this, SADB_SATYPE_ESP) != SUCCESS ||
-               register_pfkey_socket(this, SADB_SATYPE_AH) != SUCCESS)
-       {
-               DBG1(DBG_KNL, "unable to register PF_KEY event socket");
-               destroy(this);
-               return NULL;
-       }
+               /* register the event socket */
+               if (register_pfkey_socket(this, SADB_SATYPE_ESP) != SUCCESS ||
+                       register_pfkey_socket(this, SADB_SATYPE_AH) != SUCCESS)
+               {
+                       DBG1(DBG_KNL, "unable to register PF_KEY event socket");
+                       destroy(this);
+                       return NULL;
+               }
 
-       this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
-                                                                               this, NULL, NULL, JOB_PRIO_CRITICAL);
-       lib->processor->queue_job(lib->processor, (job_t*)this->job);
+               this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
+                                                                                       this, NULL, NULL, JOB_PRIO_CRITICAL);
+               lib->processor->queue_job(lib->processor, (job_t*)this->job);
+       }
 
        return &this->public;
 }
index 5464568..bd69417 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009 Tobias Brunner
+ * Copyright (C) 2009-2012 Tobias Brunner
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -672,6 +672,7 @@ METHOD(kernel_net_t, destroy, void,
 kernel_pfroute_net_t *kernel_pfroute_net_create()
 {
        private_kernel_pfroute_net_t *this;
+       bool register_for_events = TRUE;
 
        INIT(this,
                .public = {
@@ -692,6 +693,11 @@ kernel_pfroute_net_t *kernel_pfroute_net_create()
                .mutex_pfroute = mutex_create(MUTEX_TYPE_DEFAULT),
        );
 
+       if (streq(hydra->daemon, "starter"))
+       {   /* starter has no threads, so we do not register for kernel events */
+               register_for_events = FALSE;
+       }
+
        /* create a PF_ROUTE socket to communicate with the kernel */
        this->socket = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
        if (this->socket < 0)
@@ -701,18 +707,21 @@ kernel_pfroute_net_t *kernel_pfroute_net_create()
                return NULL;
        }
 
-       /* create a PF_ROUTE socket to receive events */
-       this->socket_events = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
-       if (this->socket_events < 0)
+       if (register_for_events)
        {
-               DBG1(DBG_KNL, "unable to create PF_ROUTE event socket");
-               destroy(this);
-               return NULL;
-       }
+               /* create a PF_ROUTE socket to receive events */
+               this->socket_events = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
+               if (this->socket_events < 0)
+               {
+                       DBG1(DBG_KNL, "unable to create PF_ROUTE event socket");
+                       destroy(this);
+                       return NULL;
+               }
 
-       this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
-                                                                               this, NULL, NULL, JOB_PRIO_CRITICAL);
-       lib->processor->queue_job(lib->processor, (job_t*)this->job);
+               this->job = callback_job_create_with_prio((callback_job_cb_t)receive_events,
+                                                                                       this, NULL, NULL, JOB_PRIO_CRITICAL);
+               lib->processor->queue_job(lib->processor, (job_t*)this->job);
+       }
 
        if (init_address_list(this) != SUCCESS)
        {