charon-cmd: add a stub for charon-cmd, a simple command line IKE client
authorMartin Willi <martin@revosec.ch>
Tue, 26 Mar 2013 10:26:22 +0000 (11:26 +0100)
committerMartin Willi <martin@revosec.ch>
Mon, 6 May 2013 13:28:26 +0000 (15:28 +0200)
configure.in
src/Makefile.am
src/charon-cmd/.gitignore [new file with mode: 0644]
src/charon-cmd/Makefile.am [new file with mode: 0644]
src/charon-cmd/charon-cmd.c [new file with mode: 0644]
src/checksum/Makefile.am

index 311b15c..a244f63 100644 (file)
@@ -241,6 +241,7 @@ ARG_ENABL_SET([bfd-backtraces], [use binutils libbfd to resolve backtraces for m
 ARG_ENABL_SET([unwind-backtraces],[use libunwind to create backtraces for memory leaks and segfaults.])
 ARG_ENABL_SET([unit-tests],     [enable unit tests using the check test framework.])
 ARG_ENABL_SET([tkm],            [enable Trusted Key Manager support.])
+ARG_ENABL_SET([cmd],            [enable the command line IKE client charon-cmd.])
 
 # ===================================
 #  option to disable default options
@@ -931,6 +932,7 @@ scripts_plugins=
 manager_plugins=
 medsrv_plugins=
 nm_plugins=
+cmd_plugins=
 
 # location specific lists for checksumming,
 # for src/libcharon, src/libhydra and src/libstrongswan
@@ -939,63 +941,63 @@ h_plugins=
 s_plugins=
 
 ADD_PLUGIN([test-vectors],         [s charon openac scepclient pki])
-ADD_PLUGIN([curl],                 [s charon scepclient scripts nm])
-ADD_PLUGIN([soup],                 [s charon scripts nm])
+ADD_PLUGIN([curl],                 [s charon scepclient scripts nm cmd])
+ADD_PLUGIN([soup],                 [s charon scripts nm cmd])
 ADD_PLUGIN([unbound],              [s charon scripts])
-ADD_PLUGIN([ldap],                 [s charon scepclient scripts nm])
+ADD_PLUGIN([ldap],                 [s charon scepclient scripts nm cmd])
 ADD_PLUGIN([mysql],                [s charon pool manager medsrv attest])
 ADD_PLUGIN([sqlite],               [s charon pool manager medsrv attest])
-ADD_PLUGIN([pkcs11],               [s charon pki nm])
-ADD_PLUGIN([aes],                  [s charon openac scepclient pki scripts nm])
-ADD_PLUGIN([des],                  [s charon openac scepclient pki scripts nm])
-ADD_PLUGIN([blowfish],             [s charon openac scepclient pki scripts nm])
-ADD_PLUGIN([sha1],                 [s charon openac scepclient pki scripts medsrv attest nm])
-ADD_PLUGIN([sha2],                 [s charon openac scepclient pki scripts medsrv attest nm])
-ADD_PLUGIN([md4],                  [s charon openac manager scepclient pki nm])
-ADD_PLUGIN([md5],                  [s charon openac scepclient pki scripts attest nm])
-ADD_PLUGIN([rdrand],               [s charon openac scepclient pki scripts medsrv attest nm])
-ADD_PLUGIN([random],               [s charon openac scepclient pki scripts medsrv attest nm])
-ADD_PLUGIN([nonce],                [s charon nm])
-ADD_PLUGIN([x509],                 [s charon openac scepclient pki scripts attest nm])
-ADD_PLUGIN([revocation],           [s charon nm])
-ADD_PLUGIN([constraints],          [s charon nm])
+ADD_PLUGIN([pkcs11],               [s charon pki nm cmd])
+ADD_PLUGIN([aes],                  [s charon openac scepclient pki scripts nm cmd])
+ADD_PLUGIN([des],                  [s charon openac scepclient pki scripts nm cmd])
+ADD_PLUGIN([blowfish],             [s charon openac scepclient pki scripts nm cmd])
+ADD_PLUGIN([sha1],                 [s charon openac scepclient pki scripts medsrv attest nm cmd])
+ADD_PLUGIN([sha2],                 [s charon openac scepclient pki scripts medsrv attest nm cmd])
+ADD_PLUGIN([md4],                  [s charon openac manager scepclient pki nm cmd])
+ADD_PLUGIN([md5],                  [s charon openac scepclient pki scripts attest nm cmd])
+ADD_PLUGIN([rdrand],               [s charon openac scepclient pki scripts medsrv attest nm cmd])
+ADD_PLUGIN([random],               [s charon openac scepclient pki scripts medsrv attest nm cmd])
+ADD_PLUGIN([nonce],                [s charon nm cmd])
+ADD_PLUGIN([x509],                 [s charon openac scepclient pki scripts attest nm cmd])
+ADD_PLUGIN([revocation],           [s charon nm cmd])
+ADD_PLUGIN([constraints],          [s charon nm cmd])
 ADD_PLUGIN([pubkey],               [s charon])
-ADD_PLUGIN([pkcs1],                [s charon openac scepclient pki scripts manager medsrv attest nm])
+ADD_PLUGIN([pkcs1],                [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
 ADD_PLUGIN([pkcs7],                [s scepclient pki])
-ADD_PLUGIN([pkcs8],                [s charon openac scepclient pki scripts manager medsrv attest nm])
+ADD_PLUGIN([pkcs8],                [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
 ADD_PLUGIN([pgp],                  [s charon])
 ADD_PLUGIN([dnskey],               [s charon])
 ADD_PLUGIN([ipseckey],             [c charon])
-ADD_PLUGIN([pem],                  [s charon openac scepclient pki scripts manager medsrv attest nm])
+ADD_PLUGIN([pem],                  [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
 ADD_PLUGIN([padlock],              [s charon])
-ADD_PLUGIN([openssl],              [s charon openac scepclient pki scripts manager medsrv attest nm])
-ADD_PLUGIN([gcrypt],               [s charon openac scepclient pki scripts manager medsrv attest nm])
-ADD_PLUGIN([af-alg],               [s charon openac scepclient pki scripts medsrv attest nm])
-ADD_PLUGIN([fips-prf],             [s charon nm])
-ADD_PLUGIN([gmp],                  [s charon openac scepclient pki scripts manager medsrv attest nm])
-ADD_PLUGIN([agent],                [s charon nm])
-ADD_PLUGIN([xcbc],                 [s charon nm])
-ADD_PLUGIN([cmac],                 [s charon nm])
-ADD_PLUGIN([hmac],                 [s charon scripts nm])
-ADD_PLUGIN([ctr],                  [s charon scripts nm])
-ADD_PLUGIN([ccm],                  [s charon scripts nm])
-ADD_PLUGIN([gcm],                  [s charon scripts nm])
+ADD_PLUGIN([openssl],              [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
+ADD_PLUGIN([gcrypt],               [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
+ADD_PLUGIN([af-alg],               [s charon openac scepclient pki scripts medsrv attest nm cmd])
+ADD_PLUGIN([fips-prf],             [s charon nm cmd])
+ADD_PLUGIN([gmp],                  [s charon openac scepclient pki scripts manager medsrv attest nm cmd])
+ADD_PLUGIN([agent],                [s charon nm cmd])
+ADD_PLUGIN([xcbc],                 [s charon nm cmd])
+ADD_PLUGIN([cmac],                 [s charon nm cmd])
+ADD_PLUGIN([hmac],                 [s charon scripts nm cmd])
+ADD_PLUGIN([ctr],                  [s charon scripts nm cmd])
+ADD_PLUGIN([ccm],                  [s charon scripts nm cmd])
+ADD_PLUGIN([gcm],                  [s charon scripts nm cmd])
 ADD_PLUGIN([attr],                 [h charon])
 ADD_PLUGIN([attr-sql],             [h charon])
 ADD_PLUGIN([load-tester],          [c charon])
-ADD_PLUGIN([kernel-pfkey],         [h charon starter nm])
-ADD_PLUGIN([kernel-pfroute],       [h charon starter nm])
+ADD_PLUGIN([kernel-pfkey],         [h charon starter nm cmd])
+ADD_PLUGIN([kernel-pfroute],       [h charon starter nm cmd])
 ADD_PLUGIN([kernel-klips],         [h charon starter])
-ADD_PLUGIN([kernel-netlink],       [h charon starter nm])
-ADD_PLUGIN([resolve],              [h charon])
-ADD_PLUGIN([socket-default],       [c charon nm])
+ADD_PLUGIN([kernel-netlink],       [h charon starter nm cmd])
+ADD_PLUGIN([resolve],              [h charon cmd])
+ADD_PLUGIN([socket-default],       [c charon nm cmd])
 ADD_PLUGIN([socket-dynamic],       [c charon])
 ADD_PLUGIN([farp],                 [c charon])
 ADD_PLUGIN([stroke],               [c charon])
 ADD_PLUGIN([smp],                  [c charon])
 ADD_PLUGIN([sql],                  [c charon])
 ADD_PLUGIN([updown],               [c charon])
-ADD_PLUGIN([eap-identity],         [c charon nm])
+ADD_PLUGIN([eap-identity],         [c charon nm cmd])
 ADD_PLUGIN([eap-sim],              [c charon])
 ADD_PLUGIN([eap-sim-file],         [c charon])
 ADD_PLUGIN([eap-sim-pcsc],         [c charon])
@@ -1004,16 +1006,16 @@ ADD_PLUGIN([eap-aka-3gpp2],        [c charon])
 ADD_PLUGIN([eap-simaka-sql],       [c charon])
 ADD_PLUGIN([eap-simaka-pseudonym], [c charon])
 ADD_PLUGIN([eap-simaka-reauth],    [c charon])
-ADD_PLUGIN([eap-md5],              [c charon nm])
-ADD_PLUGIN([eap-gtc],              [c charon nm])
-ADD_PLUGIN([eap-mschapv2],         [c charon nm])
+ADD_PLUGIN([eap-md5],              [c charon nm cmd])
+ADD_PLUGIN([eap-gtc],              [c charon nm cmd])
+ADD_PLUGIN([eap-mschapv2],         [c charon nm cmd])
 ADD_PLUGIN([eap-dynamic],          [c charon])
 ADD_PLUGIN([eap-radius],           [c charon])
-ADD_PLUGIN([eap-tls],              [c charon nm])
-ADD_PLUGIN([eap-ttls],             [c charon nm])
-ADD_PLUGIN([eap-peap],             [c charon nm])
+ADD_PLUGIN([eap-tls],              [c charon nm cmd])
+ADD_PLUGIN([eap-ttls],             [c charon nm cmd])
+ADD_PLUGIN([eap-peap],             [c charon nm cmd])
 ADD_PLUGIN([eap-tnc],              [c charon])
-ADD_PLUGIN([xauth-generic],        [c charon])
+ADD_PLUGIN([xauth-generic],        [c charon cmd])
 ADD_PLUGIN([xauth-eap],            [c charon])
 ADD_PLUGIN([xauth-pam],            [c charon])
 ADD_PLUGIN([xauth-noauth],         [c charon])
@@ -1057,6 +1059,7 @@ AC_SUBST(scripts_plugins)
 AC_SUBST(manager_plugins)
 AC_SUBST(medsrv_plugins)
 AC_SUBST(nm_plugins)
+AC_SUBST(cmd_plugins)
 
 AC_SUBST(c_plugins)
 AC_SUBST(h_plugins)
@@ -1209,9 +1212,9 @@ AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
-AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue)
-AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue -o x$tkm = xtrue)
-AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue)
+AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
+AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
+AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
 AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
@@ -1230,6 +1233,7 @@ AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
 AM_CONDITIONAL(USE_SILENT_RULES, test x$enable_silent_rules = xyes)
 AM_CONDITIONAL(UNITTESTS, test x$unit_tests = xtrue)
 AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
+AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
 
 # ========================
 #  set global definitions
@@ -1332,6 +1336,7 @@ AC_CONFIG_FILES([
        src/charon/Makefile
        src/charon-nm/Makefile
        src/charon-tkm/Makefile
+       src/charon-cmd/Makefile
        src/libcharon/Makefile
        src/libcharon/plugins/eap_aka/Makefile
        src/libcharon/plugins/eap_aka_3gpp2/Makefile
index 07953b0..47299b0 100644 (file)
@@ -104,6 +104,10 @@ if USE_TKM
   SUBDIRS += charon-tkm
 endif
 
+if USE_CMD
+  SUBDIRS += charon-cmd
+endif
+
 EXTRA_DIST = strongswan.conf
 
 install-exec-local :
diff --git a/src/charon-cmd/.gitignore b/src/charon-cmd/.gitignore
new file mode 100644 (file)
index 0000000..c02dfba
--- /dev/null
@@ -0,0 +1 @@
+charon-cmd
diff --git a/src/charon-cmd/Makefile.am b/src/charon-cmd/Makefile.am
new file mode 100644 (file)
index 0000000..de1580e
--- /dev/null
@@ -0,0 +1,22 @@
+sbin_PROGRAMS = charon-cmd
+
+charon_cmd_SOURCES = \
+charon-cmd.c
+
+charon-cmd.o : $(top_builddir)/config.status
+
+INCLUDES = \
+       -I$(top_srcdir)/src/libstrongswan \
+       -I$(top_srcdir)/src/libhydra \
+       -I$(top_srcdir)/src/libcharon
+
+AM_CFLAGS = \
+       -DIPSEC_DIR=\"${ipsecdir}\" \
+       -DIPSEC_PIDDIR=\"${piddir}\" \
+       -DPLUGINS=\""${cmd_plugins}\""
+
+charon_cmd_LDADD = \
+       $(top_builddir)/src/libstrongswan/libstrongswan.la \
+       $(top_builddir)/src/libhydra/libhydra.la \
+       $(top_builddir)/src/libcharon/libcharon.la \
+       -lm $(PTHREADLIB) $(DLLIB)
diff --git a/src/charon-cmd/charon-cmd.c b/src/charon-cmd/charon-cmd.c
new file mode 100644 (file)
index 0000000..b2cb6e8
--- /dev/null
@@ -0,0 +1,358 @@
+/*
+ * Copyright (C) 2006-2012 Tobias Brunner
+ * Copyright (C) 2005-2013 Martin Willi
+ * Copyright (C) 2006 Daniel Roethlisberger
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdio.h>
+#define _POSIX_PTHREAD_SEMANTICS /* for two param sigwait on OpenSolaris */
+#include <signal.h>
+#undef _POSIX_PTHREAD_SEMANTICS
+#include <pthread.h>
+#include <sys/types.h>
+#include <sys/utsname.h>
+#include <unistd.h>
+#include <getopt.h>
+
+#include <library.h>
+#include <hydra.h>
+#include <daemon.h>
+#include <utils/backtrace.h>
+#include <threading/thread.h>
+
+/**
+ * Loglevel configuration
+ */
+static level_t levels[DBG_MAX];
+
+/**
+ * hook in library for debugging messages
+ */
+extern void (*dbg) (debug_t group, level_t level, char *fmt, ...);
+
+/**
+ * Logging hook for library logs, using stderr output
+ */
+static void dbg_stderr(debug_t group, level_t level, char *fmt, ...)
+{
+       va_list args;
+
+       if (level <= 1)
+       {
+               va_start(args, fmt);
+               fprintf(stderr, "00[%N] ", debug_names, group);
+               vfprintf(stderr, fmt, args);
+               fprintf(stderr, "\n");
+               va_end(args);
+       }
+}
+
+/**
+ * Run the daemon and handle unix signals
+ */
+static void run()
+{
+       sigset_t set;
+
+       /* handle SIGINT, SIGHUP ans SIGTERM in this handler */
+       sigemptyset(&set);
+       sigaddset(&set, SIGINT);
+       sigaddset(&set, SIGHUP);
+       sigaddset(&set, SIGTERM);
+       sigprocmask(SIG_BLOCK, &set, NULL);
+
+       while (TRUE)
+       {
+               int sig;
+               int error;
+
+               error = sigwait(&set, &sig);
+               if (error)
+               {
+                       DBG1(DBG_DMN, "error %d while waiting for a signal", error);
+                       return;
+               }
+               switch (sig)
+               {
+                       case SIGHUP:
+                       {
+                               DBG1(DBG_DMN, "signal of type SIGHUP received. Reloading "
+                                        "configuration");
+                               if (lib->settings->load_files(lib->settings, NULL, FALSE))
+                               {
+                                       charon->load_loggers(charon, levels, TRUE);
+                                       lib->plugins->reload(lib->plugins, NULL);
+                               }
+                               else
+                               {
+                                       DBG1(DBG_DMN, "reloading config failed, keeping old");
+                               }
+                               break;
+                       }
+                       case SIGINT:
+                       {
+                               DBG1(DBG_DMN, "signal of type SIGINT received. Shutting down");
+                               charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+                               return;
+                       }
+                       case SIGTERM:
+                       {
+                               DBG1(DBG_DMN, "signal of type SIGTERM received. Shutting down");
+                               charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+                               return;
+                       }
+                       default:
+                       {
+                               DBG1(DBG_DMN, "unknown signal %d received. Ignored", sig);
+                               break;
+                       }
+               }
+       }
+}
+
+/**
+ * lookup UID and GID
+ */
+static bool lookup_uid_gid()
+{
+#ifdef IPSEC_USER
+       if (!charon->caps->resolve_uid(charon->caps, IPSEC_USER))
+       {
+               return FALSE;
+       }
+#endif
+#ifdef IPSEC_GROUP
+       if (!charon->caps->resolve_gid(charon->caps, IPSEC_GROUP))
+       {
+               return FALSE;
+       }
+#endif
+       return TRUE;
+}
+
+/**
+ * Handle SIGSEGV/SIGILL signals raised by threads
+ */
+static void segv_handler(int signal)
+{
+       backtrace_t *backtrace;
+
+       DBG1(DBG_DMN, "thread %u received %d", thread_current_id(), signal);
+       backtrace = backtrace_create(2);
+       backtrace->log(backtrace, stderr, TRUE);
+       backtrace->destroy(backtrace);
+
+       DBG1(DBG_DMN, "killing ourself, received critical signal");
+       abort();
+}
+
+/**
+ * Command line arguments, similar to "struct option", but with descriptions
+ */
+static struct {
+       /** long option name */
+       const char *lng;
+       /** short option name */
+       const char shrt;
+       /** takes argument */
+       int has_arg;
+       /** decription of argument */
+       const char *arg;
+       /** description to option */
+       const char *desc;
+} options[] = {
+       { "help", 'h', no_argument, "",
+         "print this usage information and exit" },
+       { "version", 'v', no_argument, "",
+         "show version information and exit" },
+};
+
+/**
+ * Print command line usage and exit
+ */
+static void usage(FILE *out, char *msg, char *binary)
+{
+       int i, pre, post, padto = 0, spacing = 2;
+
+       for (i = 0; i < countof(options); i++)
+       {
+               padto = max(padto, strlen(options[i].lng) + strlen(options[i].arg));
+       }
+       padto += spacing;
+
+       if (msg)
+       {
+               fprintf(out, "%s\n", msg);
+       }
+       fprintf(out, "Usage: %s\n", binary);
+       for (i = 0; i < countof(options); i++)
+       {
+               switch (options[i].has_arg)
+               {
+                       case required_argument:
+                               pre = '<';
+                               post = '>';
+                               break;
+                       case optional_argument:
+                               pre = '[';
+                               post = ']';
+                               break;
+                       case no_argument:
+                       default:
+                               pre = post = ' ';
+                               break;
+               }
+               fprintf(out, "  --%s (-%-c) %c%s%c %-*s%s\n",
+                       options[i].lng, options[i].shrt,
+                       pre, options[i].arg, post,
+                       padto - strlen(options[i].lng) - strlen(options[i].arg), "",
+                       options[i].desc);
+       }
+}
+
+/**
+ * Handle command line options
+ */
+static void handle_arguments(int argc, char *argv[])
+{
+       while (TRUE)
+       {
+               struct option long_opts[countof(options) + 1] = {};
+               char optstring[countof(options) * 3 + 1] = {};
+               int i, pos = 0;
+
+               for (i = 0; i < countof(options); i++)
+               {
+                       long_opts[i].name = options[i].lng;
+                       long_opts[i].val = options[i].shrt;
+                       long_opts[i].has_arg = options[i].has_arg;
+                       optstring[pos++] = options[i].shrt;
+                       switch (options[i].has_arg)
+                       {
+                               case optional_argument:
+                                       optstring[pos++] = ':';
+                                       /* FALL */
+                               case required_argument:
+                                       optstring[pos++] = ':';
+                                       /* FALL */
+                               case no_argument:
+                               default:
+                                       break;
+                       }
+               }
+
+               switch (getopt_long(argc, argv, optstring, long_opts, NULL))
+               {
+                       case EOF:
+                               break;
+                       case 'h':
+                               usage(stdout, NULL, argv[0]);
+                               exit(0);
+                       case 'v':
+                               printf("%s, strongSwan %s\n", "charon-cmd", VERSION);
+                               exit(0);
+                       default:
+                               usage(stderr, NULL, argv[0]);
+                               exit(1);
+               }
+               break;
+       }
+}
+
+/**
+ * Main function, starts the daemon.
+ */
+int main(int argc, char *argv[])
+{
+       struct sigaction action;
+       struct utsname utsname;
+       int group;
+
+       dbg = dbg_stderr;
+       atexit(library_deinit);
+       if (!library_init(NULL))
+       {
+               exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
+       }
+       if (lib->integrity)
+       {
+               if (!lib->integrity->check_file(lib->integrity, "charon-cmd", argv[0]))
+               {
+                       exit(SS_RC_DAEMON_INTEGRITY);
+               }
+       }
+       atexit(libhydra_deinit);
+       if (!libhydra_init("charon-cmd"))
+       {
+               exit(SS_RC_INITIALIZATION_FAILED);
+       }
+       atexit(libcharon_deinit);
+       if (!libcharon_init("charon-cmd"))
+       {
+               exit(SS_RC_INITIALIZATION_FAILED);
+       }
+       for (group = 0; group < DBG_MAX; group++)
+       {
+               levels[group] = LEVEL_CTRL;
+       }
+
+       handle_arguments(argc, argv);
+
+       if (!lookup_uid_gid())
+       {
+               exit(SS_RC_INITIALIZATION_FAILED);
+       }
+       charon->load_loggers(charon, levels, TRUE);
+
+       if (uname(&utsname) != 0)
+       {
+               memset(&utsname, 0, sizeof(utsname));
+       }
+       DBG1(DBG_DMN, "Starting charon-cmd IKE client (strongSwan %s, %s %s, %s)",
+                VERSION, utsname.sysname, utsname.release, utsname.machine);
+
+       if (!charon->initialize(charon,
+                       lib->settings->get_str(lib->settings, "charon-cmd.load", PLUGINS)))
+       {
+               exit(SS_RC_INITIALIZATION_FAILED);
+       }
+       if (!charon->caps->drop(charon->caps))
+       {
+               exit(SS_RC_INITIALIZATION_FAILED);
+       }
+
+       /* add handler for SEGV and ILL,
+        * INT, TERM and HUP are handled by sigwait() in run() */
+       action.sa_handler = segv_handler;
+       action.sa_flags = 0;
+       sigemptyset(&action.sa_mask);
+       sigaddset(&action.sa_mask, SIGINT);
+       sigaddset(&action.sa_mask, SIGTERM);
+       sigaddset(&action.sa_mask, SIGHUP);
+       sigaction(SIGSEGV, &action, NULL);
+       sigaction(SIGILL, &action, NULL);
+       sigaction(SIGBUS, &action, NULL);
+       action.sa_handler = SIG_IGN;
+       sigaction(SIGPIPE, &action, NULL);
+
+       pthread_sigmask(SIG_SETMASK, &action.sa_mask, NULL);
+
+       /* start daemon with thread-pool */
+       charon->start(charon);
+       /* wait for signal */
+       run();
+
+       return 0;
+}
index 9f69450..aabd96e 100644 (file)
@@ -84,6 +84,10 @@ if !MONOLITHIC
 endif
 endif
 
+if USE_CMD
+  exes += $(top_builddir)/src/charon-cmd/.libs/charon-cmd
+endif
+
 if USE_TOOLS
   exes += $(top_builddir)/src/openac/.libs/openac
   exes += $(top_builddir)/src/pki/.libs/pki