summaryrefslogtreecommitdiff
path: root/src/libcharon/daemon.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/daemon.c')
-rw-r--r--src/libcharon/daemon.c220
1 files changed, 46 insertions, 174 deletions
diff --git a/src/libcharon/daemon.c b/src/libcharon/daemon.c
index 4b8e1fadd..4f2831e42 100644
--- a/src/libcharon/daemon.c
+++ b/src/libcharon/daemon.c
@@ -19,14 +19,14 @@
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
-#include <syslog.h>
#include <time.h>
-#include <errno.h>
#ifdef CAPABILITIES
-#ifdef HAVE_SYS_CAPABILITY_H
-#include <sys/capability.h>
-#endif /* HAVE_SYS_CAPABILITY_H */
+# ifdef HAVE_SYS_CAPABILITY_H
+# include <sys/capability.h>
+# elif defined(CAPABILITIES_NATIVE)
+# include <linux/capability.h>
+# endif /* CAPABILITIES_NATIVE */
#endif /* CAPABILITIES */
#include "daemon.h"
@@ -34,10 +34,7 @@
#include <library.h>
#include <config/proposal.h>
#include <kernel/kernel_handler.h>
-
-#ifndef LOG_AUTHPRIV /* not defined on OpenSolaris */
-#define LOG_AUTHPRIV LOG_AUTH
-#endif
+#include <processing/jobs/start_action_job.h>
typedef struct private_daemon_t private_daemon_t;
@@ -62,7 +59,7 @@ struct private_daemon_t {
cap_t caps;
#endif /* CAPABILITIES_LIBCAP */
#ifdef CAPABILITIES_NATIVE
- struct __user_cap_data_struct caps;
+ struct __user_cap_data_struct caps[2];
#endif /* CAPABILITIES_NATIVE */
};
@@ -147,9 +144,16 @@ METHOD(daemon_t, keep_cap, void,
cap_set_flag(this->caps, CAP_PERMITTED, 1, &cap, CAP_SET);
#endif /* CAPABILITIES_LIBCAP */
#ifdef CAPABILITIES_NATIVE
- this->caps.effective |= 1 << cap;
- this->caps.permitted |= 1 << cap;
- this->caps.inheritable |= 1 << cap;
+ int i = 0;
+
+ if (cap >= 32)
+ {
+ i++;
+ cap -= 32;
+ }
+ this->caps[i].effective |= 1 << cap;
+ this->caps[i].permitted |= 1 << cap;
+ this->caps[i].inheritable |= 1 << cap;
#endif /* CAPABILITIES_NATIVE */
}
@@ -164,9 +168,15 @@ METHOD(daemon_t, drop_capabilities, bool,
#endif /* CAPABILITIES_LIBCAP */
#ifdef CAPABILITIES_NATIVE
struct __user_cap_header_struct header = {
- .version = _LINUX_CAPABILITY_VERSION,
+#if defined(_LINUX_CAPABILITY_VERSION_3)
+ .version = _LINUX_CAPABILITY_VERSION_3,
+#elif defined(_LINUX_CAPABILITY_VERSION_2)
+ .version = _LINUX_CAPABILITY_VERSION_2,
+#else
+ .version = _LINUX_CAPABILITY_VERSION_1,
+#endif
};
- if (capset(&header, &this->caps) != 0)
+ if (capset(&header, this->caps) != 0)
{
return FALSE;
}
@@ -202,155 +212,9 @@ static void print_plugins()
DBG1(DBG_DMN, "loaded plugins: %s", buf);
}
-/**
- * Initialize logging
- */
-static void initialize_loggers(private_daemon_t *this, bool use_stderr,
- level_t levels[])
-{
- sys_logger_t *sys_logger;
- file_logger_t *file_logger;
- enumerator_t *enumerator;
- char *facility, *filename;
- int loggers_defined = 0;
- debug_t group;
- level_t def;
- bool append, ike_name;
- FILE *file;
-
- /* setup sysloggers */
- enumerator = lib->settings->create_section_enumerator(lib->settings,
- "charon.syslog");
- while (enumerator->enumerate(enumerator, &facility))
- {
- loggers_defined++;
-
- ike_name = lib->settings->get_bool(lib->settings,
- "charon.syslog.%s.ike_name", FALSE, facility);
- if (streq(facility, "daemon"))
- {
- sys_logger = sys_logger_create(LOG_DAEMON, ike_name);
- }
- else if (streq(facility, "auth"))
- {
- sys_logger = sys_logger_create(LOG_AUTHPRIV, ike_name);
- }
- else
- {
- continue;
- }
- def = lib->settings->get_int(lib->settings,
- "charon.syslog.%s.default", 1, facility);
- for (group = 0; group < DBG_MAX; group++)
- {
- sys_logger->set_level(sys_logger, group,
- lib->settings->get_int(lib->settings,
- "charon.syslog.%s.%N", def,
- facility, debug_lower_names, group));
- }
- this->public.sys_loggers->insert_last(this->public.sys_loggers,
- sys_logger);
- this->public.bus->add_listener(this->public.bus, &sys_logger->listener);
- }
- enumerator->destroy(enumerator);
-
- /* and file loggers */
- enumerator = lib->settings->create_section_enumerator(lib->settings,
- "charon.filelog");
- while (enumerator->enumerate(enumerator, &filename))
- {
- loggers_defined++;
- if (streq(filename, "stderr"))
- {
- file = stderr;
- }
- else if (streq(filename, "stdout"))
- {
- file = stdout;
- }
- else
- {
- append = lib->settings->get_bool(lib->settings,
- "charon.filelog.%s.append", TRUE, filename);
- file = fopen(filename, append ? "a" : "w");
- if (file == NULL)
- {
- DBG1(DBG_DMN, "opening file %s for logging failed: %s",
- filename, strerror(errno));
- continue;
- }
- if (lib->settings->get_bool(lib->settings,
- "charon.filelog.%s.flush_line", FALSE, filename))
- {
- setlinebuf(file);
- }
- }
- file_logger = file_logger_create(file,
- lib->settings->get_str(lib->settings,
- "charon.filelog.%s.time_format", NULL, filename),
- lib->settings->get_bool(lib->settings,
- "charon.filelog.%s.ike_name", FALSE, filename));
- def = lib->settings->get_int(lib->settings,
- "charon.filelog.%s.default", 1, filename);
- for (group = 0; group < DBG_MAX; group++)
- {
- file_logger->set_level(file_logger, group,
- lib->settings->get_int(lib->settings,
- "charon.filelog.%s.%N", def,
- filename, debug_lower_names, group));
- }
- this->public.file_loggers->insert_last(this->public.file_loggers,
- file_logger);
- this->public.bus->add_listener(this->public.bus, &file_logger->listener);
-
- }
- enumerator->destroy(enumerator);
-
- /* set up legacy style default loggers provided via command-line */
- if (!loggers_defined)
- {
- /* set up default stdout file_logger */
- file_logger = file_logger_create(stdout, NULL, FALSE);
- this->public.bus->add_listener(this->public.bus, &file_logger->listener);
- this->public.file_loggers->insert_last(this->public.file_loggers,
- file_logger);
- /* set up default daemon sys_logger */
- sys_logger = sys_logger_create(LOG_DAEMON, FALSE);
- this->public.bus->add_listener(this->public.bus, &sys_logger->listener);
- this->public.sys_loggers->insert_last(this->public.sys_loggers,
- sys_logger);
- for (group = 0; group < DBG_MAX; group++)
- {
- sys_logger->set_level(sys_logger, group, levels[group]);
- if (use_stderr)
- {
- file_logger->set_level(file_logger, group, levels[group]);
- }
- }
-
- /* set up default auth sys_logger */
- sys_logger = sys_logger_create(LOG_AUTHPRIV, FALSE);
- this->public.bus->add_listener(this->public.bus, &sys_logger->listener);
- this->public.sys_loggers->insert_last(this->public.sys_loggers,
- sys_logger);
- sys_logger->set_level(sys_logger, DBG_ANY, LEVEL_AUDIT);
- }
-}
-
METHOD(daemon_t, initialize, bool,
- private_daemon_t *this, bool syslog, level_t levels[])
+ private_daemon_t *this)
{
- /* for uncritical pseudo random numbers */
- srandom(time(NULL) + getpid());
-
- /* setup bus and it's listeners first to enable log output */
- this->public.bus = bus_create();
- /* set up hook to log dbg message in library via charons message bus */
- dbg_old = dbg;
- dbg = dbg_bus;
-
- initialize_loggers(this, !syslog, levels);
-
DBG1(DBG_DMN, "Starting IKEv2 charon daemon (strongSwan "VERSION")");
if (lib->integrity)
@@ -362,16 +226,6 @@ METHOD(daemon_t, initialize, bool,
DBG1(DBG_DMN, "daemon 'charon': passed file integrity test");
}
- /* load secrets, ca certificates and crls */
- this->public.controller = controller_create();
- this->public.eap = eap_manager_create();
- this->public.sim = sim_manager_create();
- this->public.tnccs = tnccs_manager_create();
- this->public.backends = backend_manager_create();
- this->public.socket = socket_manager_create();
- this->public.traps = trap_manager_create();
- this->kernel_handler = kernel_handler_create();
-
/* load plugins, further infrastructure may need it */
if (!lib->plugins->load(lib->plugins, NULL,
lib->settings->get_str(lib->settings, "charon.load", PLUGINS)))
@@ -393,6 +247,9 @@ METHOD(daemon_t, initialize, bool,
return FALSE;
}
+ /* Queue start_action job */
+ lib->processor->queue_job(lib->processor, (job_t*)start_action_job_create());
+
#ifdef ME
this->public.connect_manager = connect_manager_create();
if (this->public.connect_manager == NULL)
@@ -418,10 +275,20 @@ private_daemon_t *daemon_create()
.drop_capabilities = _drop_capabilities,
.initialize = _initialize,
.start = _start,
+ .bus = bus_create(),
.file_loggers = linked_list_create(),
.sys_loggers = linked_list_create(),
},
);
+ charon = &this->public;
+ this->public.controller = controller_create();
+ this->public.eap = eap_manager_create();
+ this->public.sim = sim_manager_create();
+ this->public.tnccs = tnccs_manager_create();
+ this->public.backends = backend_manager_create();
+ this->public.socket = socket_manager_create();
+ this->public.traps = trap_manager_create();
+ this->kernel_handler = kernel_handler_create();
#ifdef CAPABILITIES
#ifdef CAPABILITIES_LIBCAP
@@ -442,7 +309,6 @@ private_daemon_t *daemon_create()
*/
void libcharon_deinit()
{
-
destroy((private_daemon_t*)charon);
charon = NULL;
}
@@ -455,7 +321,13 @@ bool libcharon_init()
private_daemon_t *this;
this = daemon_create();
- charon = &this->public;
+
+ /* for uncritical pseudo random numbers */
+ srandom(time(NULL) + getpid());
+
+ /* set up hook to log dbg message in library via charons message bus */
+ dbg_old = dbg;
+ dbg = dbg_bus;
lib->printf_hook->add_handler(lib->printf_hook, 'P',
proposal_printf_hook,
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 04:09:13 +0000