diff options
Diffstat (limited to 'src/libhydra')
22 files changed, 140 insertions, 69 deletions
diff --git a/src/libhydra/Android.mk b/src/libhydra/Android.mk index 429feed55..ff134da7b 100644 --- a/src/libhydra/Android.mk +++ b/src/libhydra/Android.mk @@ -26,7 +26,6 @@ LOCAL_SRC_FILES += $(call add_plugin, kernel-netlink) # build libhydra --------------------------------------------------------------- LOCAL_C_INCLUDES += \ - $(libvstr_PATH) \ $(strongswan_PATH)/src/include \ $(strongswan_PATH)/src/libstrongswan diff --git a/src/libhydra/Makefile.in b/src/libhydra/Makefile.in index d3c3ed459..5e0bf3f17 100644 --- a/src/libhydra/Makefile.in +++ b/src/libhydra/Makefile.in @@ -275,8 +275,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -344,6 +342,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -432,12 +435,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -452,6 +459,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/attributes/mem_pool.c b/src/libhydra/attributes/mem_pool.c index 77567ce48..cc45e5629 100644 --- a/src/libhydra/attributes/mem_pool.c +++ b/src/libhydra/attributes/mem_pool.c @@ -573,7 +573,7 @@ static private_mem_pool_t *create_generic(char *name) (hashtable_equals_t)id_equals, 16), .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .reassign_online = lib->settings->get_bool(lib->settings, - "%s.mem-pool.reassign_online", FALSE, hydra->daemon), + "%s.mem-pool.reassign_online", FALSE, lib->ns), ); return this; diff --git a/src/libhydra/hydra.c b/src/libhydra/hydra.c index f531bd5f4..1b5065081 100644 --- a/src/libhydra/hydra.c +++ b/src/libhydra/hydra.c @@ -59,7 +59,6 @@ void libhydra_deinit() this->public.attributes->destroy(this->public.attributes); this->public.kernel_interface->destroy(this->public.kernel_interface); - free((void*)this->public.daemon); free(this); hydra = NULL; } @@ -67,7 +66,7 @@ void libhydra_deinit() /** * Described in header. */ -bool libhydra_init(const char *daemon) +bool libhydra_init() { private_hydra_t *this; @@ -81,7 +80,6 @@ bool libhydra_init(const char *daemon) INIT(this, .public = { .attributes = attribute_manager_create(), - .daemon = strdup(daemon ?: "libhydra"), }, .ref = 1, ); diff --git a/src/libhydra/hydra.h b/src/libhydra/hydra.h index 2a8709d72..94209ff59 100644 --- a/src/libhydra/hydra.h +++ b/src/libhydra/hydra.h @@ -53,11 +53,6 @@ struct hydra_t { * kernel interface to communicate with kernel */ kernel_interface_t *kernel_interface; - - /** - * name of the daemon that initialized the library - */ - const char *daemon; }; /** @@ -70,15 +65,12 @@ extern hydra_t *hydra; /** * Initialize libhydra. * - * The daemon's name is used to load daemon-specific settings. - * * libhydra_init() may be called multiple times in a single process, but each - * caller should call libhydra_deinit() for each call to libhydra_init(). + * caller must call libhydra_deinit() for each call to libhydra_init(). * - * @param daemon name of the daemon that initializes the library * @return FALSE if integrity check failed */ -bool libhydra_init(const char *daemon); +bool libhydra_init(); /** * Deinitialize libhydra. diff --git a/src/libhydra/kernel/kernel_interface.c b/src/libhydra/kernel/kernel_interface.c index cbfddd03b..3e34d20a6 100644 --- a/src/libhydra/kernel/kernel_interface.c +++ b/src/libhydra/kernel/kernel_interface.c @@ -796,12 +796,12 @@ kernel_interface_t *kernel_interface_create() ); ifaces = lib->settings->get_str(lib->settings, - "%s.interfaces_use", NULL, hydra->daemon); + "%s.interfaces_use", NULL, lib->ns); if (!ifaces) { this->ifaces_exclude = TRUE; ifaces = lib->settings->get_str(lib->settings, - "%s.interfaces_ignore", NULL, hydra->daemon); + "%s.interfaces_ignore", NULL, lib->ns); } if (ifaces) { diff --git a/src/libhydra/plugins/attr/Makefile.in b/src/libhydra/plugins/attr/Makefile.in index af0a77fe3..e762b7757 100644 --- a/src/libhydra/plugins/attr/Makefile.in +++ b/src/libhydra/plugins/attr/Makefile.in @@ -215,8 +215,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/attr/attr_provider.c b/src/libhydra/plugins/attr/attr_provider.c index 1a2fa7f28..a27fd57b1 100644 --- a/src/libhydra/plugins/attr/attr_provider.c +++ b/src/libhydra/plugins/attr/attr_provider.c @@ -109,7 +109,7 @@ static void add_legacy_entry(private_attr_provider_t *this, char *key, int nr, host_t *host; char *str; - str = lib->settings->get_str(lib->settings, "%s.%s%d", NULL, hydra->daemon, + str = lib->settings->get_str(lib->settings, "%s.%s%d", NULL, lib->ns, key, nr); if (str) { @@ -179,7 +179,7 @@ static void load_entries(private_attr_provider_t *this) } enumerator = lib->settings->create_key_value_enumerator(lib->settings, - "%s.plugins.attr", hydra->daemon); + "%s.plugins.attr", lib->ns); while (enumerator->enumerate(enumerator, &key, &value)) { configuration_attribute_type_t type; @@ -190,6 +190,10 @@ static void load_entries(private_attr_provider_t *this) char *pos; int i, mask = -1, family; + if (streq(key, "load")) + { + continue; + } type = atoi(key); if (!type) { diff --git a/src/libhydra/plugins/attr_sql/Makefile.in b/src/libhydra/plugins/attr_sql/Makefile.in index 7b7b5de05..1d258f2fb 100644 --- a/src/libhydra/plugins/attr_sql/Makefile.in +++ b/src/libhydra/plugins/attr_sql/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/attr_sql/attr_sql_plugin.c b/src/libhydra/plugins/attr_sql/attr_sql_plugin.c index 702872c57..dde90051a 100644 --- a/src/libhydra/plugins/attr_sql/attr_sql_plugin.c +++ b/src/libhydra/plugins/attr_sql/attr_sql_plugin.c @@ -61,7 +61,7 @@ static bool open_database(private_attr_sql_plugin_t *this, char *uri; uri = lib->settings->get_str(lib->settings, - "libhydra.plugins.attr-sql.database", NULL); + "%s.plugins.attr-sql.database", NULL, lib->ns); if (!uri) { DBG1(DBG_CFG, "attr-sql plugin: database URI not set"); @@ -122,6 +122,8 @@ plugin_t *attr_sql_plugin_create() }, }, ); + lib->settings->add_fallback(lib->settings, "%s.plugins.attr-sql", + "libhydra.plugins.attr-sql", lib->ns); return &this->public.plugin; } diff --git a/src/libhydra/plugins/attr_sql/sql_attribute.c b/src/libhydra/plugins/attr_sql/sql_attribute.c index 0a06c419f..d527c3fba 100644 --- a/src/libhydra/plugins/attr_sql/sql_attribute.c +++ b/src/libhydra/plugins/attr_sql/sql_attribute.c @@ -457,7 +457,7 @@ sql_attribute_t *sql_attribute_create(database_t *db) }, .db = db, .history = lib->settings->get_bool(lib->settings, - "libhydra.plugins.attr-sql.lease_history", TRUE), + "%s.plugins.attr-sql.lease_history", TRUE, lib->ns), ); /* close any "online" leases in the case we crashed */ diff --git a/src/libhydra/plugins/kernel_klips/Makefile.in b/src/libhydra/plugins/kernel_klips/Makefile.in index a639ef6c3..c804c8e81 100644 --- a/src/libhydra/plugins/kernel_klips/Makefile.in +++ b/src/libhydra/plugins/kernel_klips/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c index a226162c3..a75ccf3b6 100644 --- a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c +++ b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c @@ -311,8 +311,8 @@ static status_t attach_ipsec_dev(char* name, char *phys_name) } mtu = lib->settings->get_int(lib->settings, - "%s.plugins.kernel-klips.ipsec_dev_mtu", 0, - hydra->daemon); + "%s.plugins.kernel-klips.ipsec_dev_mtu", 0, + lib->ns); if (mtu <= 0) { /* guess MTU as physical MTU - ESP overhead [- NAT-T overhead] @@ -2505,8 +2505,8 @@ METHOD(kernel_ipsec_t, del_policy, status_t, static void init_ipsec_devices(private_kernel_klips_ipsec_t *this) { int i, count = lib->settings->get_int(lib->settings, - "%s.plugins.kernel-klips.ipsec_dev_count", - DEFAULT_IPSEC_DEV_COUNT, hydra->daemon); + "%s.plugins.kernel-klips.ipsec_dev_count", + DEFAULT_IPSEC_DEV_COUNT, lib->ns); for (i = 0; i < count; ++i) { @@ -2611,7 +2611,7 @@ kernel_klips_ipsec_t *kernel_klips_ipsec_create() .mutex_pfkey = mutex_create(MUTEX_TYPE_DEFAULT), .install_routes = lib->settings->get_bool(lib->settings, "%s.install_routes", TRUE, - hydra->daemon), + lib->ns), ); /* initialize ipsec devices */ diff --git a/src/libhydra/plugins/kernel_netlink/Makefile.in b/src/libhydra/plugins/kernel_netlink/Makefile.in index 5f85da653..5910cfd92 100644 --- a/src/libhydra/plugins/kernel_netlink/Makefile.in +++ b/src/libhydra/plugins/kernel_netlink/Makefile.in @@ -219,8 +219,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c index 8352b9311..c864a92f4 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -1203,6 +1203,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t, struct nlmsghdr *hdr; struct xfrm_usersa_info *sa; u_int16_t icv_size = 64; + ipsec_mode_t original_mode = mode; status_t status = FAILED; /* if IPComp is used, we install an additional IPComp SA. if the cpi is 0 @@ -1213,7 +1214,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t, add_sa(this, src, dst, htonl(ntohs(cpi)), IPPROTO_COMP, reqid, mark, tfc, &lft, ENCR_UNDEFINED, chunk_empty, AUTH_UNDEFINED, chunk_empty, mode, ipcomp, 0, initiator, FALSE, FALSE, inbound, - NULL, NULL); + src_ts, dst_ts); ipcomp = IPCOMP_NONE; /* use transport mode ESP SA, IPComp uses tunnel mode */ mode = MODE_TRANSPORT; @@ -1243,7 +1244,12 @@ METHOD(kernel_ipsec_t, add_sa, status_t, break; case MODE_BEET: case MODE_TRANSPORT: - if(src_ts && dst_ts) + if (original_mode == MODE_TUNNEL) + { /* don't install selectors for switched SAs. because only one + * selector can be installed other traffic would get dropped */ + break; + } + if (src_ts && dst_ts) { sa->sel = ts2selector(src_ts, dst_ts); /* don't install proto/port on SA. This would break @@ -1459,8 +1465,8 @@ METHOD(kernel_ipsec_t, add_sa, status_t, goto failed; } - if (tfc) - { + if (tfc && protocol == IPPROTO_ESP && mode == MODE_TUNNEL) + { /* the kernel supports TFC padding only for tunnel mode ESP SAs */ u_int32_t *tfcpad; tfcpad = netlink_reserve(hdr, sizeof(request), XFRMA_TFCPAD, @@ -2679,15 +2685,15 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create() .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .policy_history = TRUE, .install_routes = lib->settings->get_bool(lib->settings, - "%s.install_routes", TRUE, hydra->daemon), + "%s.install_routes", TRUE, lib->ns), .replay_window = lib->settings->get_int(lib->settings, - "%s.replay_window", DEFAULT_REPLAY_WINDOW, hydra->daemon), + "%s.replay_window", DEFAULT_REPLAY_WINDOW, lib->ns), ); this->replay_bmp = (this->replay_window + sizeof(u_int32_t) * 8 - 1) / (sizeof(u_int32_t) * 8); - if (streq(hydra->daemon, "starter")) + if (streq(lib->ns, "starter")) { /* starter has no threads, so we do not register for kernel events */ register_for_events = FALSE; } @@ -2697,7 +2703,7 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create() { fprintf(f, "%u", lib->settings->get_int(lib->settings, "%s.plugins.kernel-netlink.xfrm_acq_expires", - DEFAULT_ACQUIRE_LIFETIME, hydra->daemon)); + DEFAULT_ACQUIRE_LIFETIME, lib->ns)); fclose(f); } diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c index d27075082..3cf317634 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c @@ -1962,10 +1962,13 @@ METHOD(kernel_net_t, add_route, status_t, this->routes_lock->unlock(this->routes_lock); return ALREADY_DONE; } - found = route_entry_clone(&route); - this->routes->put(this->routes, found, found); status = manage_srcroute(this, RTM_NEWROUTE, NLM_F_CREATE | NLM_F_EXCL, dst_net, prefixlen, gateway, src_ip, if_name); + if (status == SUCCESS) + { + found = route_entry_clone(&route); + this->routes->put(this->routes, found, found); + } this->routes_lock->unlock(this->routes_lock); return status; } @@ -2122,7 +2125,7 @@ static status_t manage_rule(private_kernel_netlink_net_t *this, int nlmsg_type, netlink_add_attribute(hdr, RTA_PRIORITY, chunk, sizeof(request)); fwmark = lib->settings->get_str(lib->settings, - "%s.plugins.kernel-netlink.fwmark", NULL, hydra->daemon); + "%s.plugins.kernel-netlink.fwmark", NULL, lib->ns); if (fwmark) { #ifdef HAVE_LINUX_FIB_RULES_H @@ -2282,30 +2285,30 @@ kernel_netlink_net_t *kernel_netlink_net_create() .condvar = rwlock_condvar_create(), .roam_lock = spinlock_create(), .routing_table = lib->settings->get_int(lib->settings, - "%s.routing_table", ROUTING_TABLE, hydra->daemon), + "%s.routing_table", ROUTING_TABLE, lib->ns), .routing_table_prio = lib->settings->get_int(lib->settings, - "%s.routing_table_prio", ROUTING_TABLE_PRIO, hydra->daemon), + "%s.routing_table_prio", ROUTING_TABLE_PRIO, lib->ns), .process_route = lib->settings->get_bool(lib->settings, - "%s.process_route", TRUE, hydra->daemon), + "%s.process_route", TRUE, lib->ns), .install_virtual_ip = lib->settings->get_bool(lib->settings, - "%s.install_virtual_ip", TRUE, hydra->daemon), + "%s.install_virtual_ip", TRUE, lib->ns), .install_virtual_ip_on = lib->settings->get_str(lib->settings, - "%s.install_virtual_ip_on", NULL, hydra->daemon), + "%s.install_virtual_ip_on", NULL, lib->ns), .roam_events = lib->settings->get_bool(lib->settings, - "%s.plugins.kernel-netlink.roam_events", TRUE, hydra->daemon), + "%s.plugins.kernel-netlink.roam_events", TRUE, lib->ns), ); timerclear(&this->last_route_reinstall); timerclear(&this->next_roam); check_kernel_features(this); - if (streq(hydra->daemon, "starter")) + if (streq(lib->ns, "starter")) { /* starter has no threads, so we do not register for kernel events */ register_for_events = FALSE; } exclude = lib->settings->get_str(lib->settings, - "%s.ignore_routing_tables", NULL, hydra->daemon); + "%s.ignore_routing_tables", NULL, lib->ns); if (exclude) { char *token; diff --git a/src/libhydra/plugins/kernel_pfkey/Makefile.in b/src/libhydra/plugins/kernel_pfkey/Makefile.in index 8903a460e..5d0e927de 100644 --- a/src/libhydra/plugins/kernel_pfkey/Makefile.in +++ b/src/libhydra/plugins/kernel_pfkey/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 98a6f81d5..4704d419f 100644 --- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -2861,10 +2861,10 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create() .mutex_pfkey = mutex_create(MUTEX_TYPE_DEFAULT), .install_routes = lib->settings->get_bool(lib->settings, "%s.install_routes", TRUE, - hydra->daemon), + lib->ns), ); - if (streq(hydra->daemon, "starter")) + if (streq(lib->ns, "starter")) { /* starter has no threads, so we do not register for kernel events */ register_for_events = FALSE; } diff --git a/src/libhydra/plugins/kernel_pfroute/Makefile.in b/src/libhydra/plugins/kernel_pfroute/Makefile.in index 29a70799f..8e01d2992 100644 --- a/src/libhydra/plugins/kernel_pfroute/Makefile.in +++ b/src/libhydra/plugins/kernel_pfroute/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c index bc10610cd..a8a57a5a2 100644 --- a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c +++ b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c @@ -1420,9 +1420,12 @@ METHOD(kernel_net_t, add_route, status_t, this->routes_lock->unlock(this->routes_lock); return ALREADY_DONE; } - found = route_entry_clone(&route); - this->routes->put(this->routes, found, found); status = manage_route(this, RTM_ADD, dst_net, prefixlen, gateway, if_name); + if (status == SUCCESS) + { + found = route_entry_clone(&route); + this->routes->put(this->routes, found, found); + } this->routes_lock->unlock(this->routes_lock); return status; } @@ -1782,7 +1785,7 @@ kernel_pfroute_net_t *kernel_pfroute_net_create() .net_changes_lock = mutex_create(MUTEX_TYPE_DEFAULT), .roam_lock = spinlock_create(), .vip_wait = lib->settings->get_int(lib->settings, - "%s.plugins.kernel-pfroute.vip_wait", 1000, hydra->daemon), + "%s.plugins.kernel-pfroute.vip_wait", 1000, lib->ns), ); timerclear(&this->last_route_reinstall); timerclear(&this->next_roam); @@ -1796,7 +1799,7 @@ kernel_pfroute_net_t *kernel_pfroute_net_create() return NULL; } - if (streq(hydra->daemon, "starter")) + if (streq(lib->ns, "starter")) { /* starter has no threads, so we do not register for kernel events */ if (shutdown(this->socket, SHUT_RD) != 0) diff --git a/src/libhydra/plugins/resolve/Makefile.in b/src/libhydra/plugins/resolve/Makefile.in index 28b4b8fcf..0e520f126 100644 --- a/src/libhydra/plugins/resolve/Makefile.in +++ b/src/libhydra/plugins/resolve/Makefile.in @@ -218,8 +218,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/libhydra/plugins/resolve/resolve_handler.c b/src/libhydra/plugins/resolve/resolve_handler.c index 2eee854a9..069466ab5 100644 --- a/src/libhydra/plugins/resolve/resolve_handler.c +++ b/src/libhydra/plugins/resolve/resolve_handler.c @@ -361,7 +361,7 @@ resolve_handler_t *resolve_handler_create() }, .mutex = mutex_create(MUTEX_TYPE_DEFAULT), .file = lib->settings->get_str(lib->settings, "%s.plugins.resolve.file", - RESOLV_CONF, hydra->daemon), + RESOLV_CONF, lib->ns), ); if (stat(RESOLVCONF_EXEC, &st) == 0) @@ -369,7 +369,7 @@ resolve_handler_t *resolve_handler_create() this->use_resolvconf = TRUE; this->iface_prefix = lib->settings->get_str(lib->settings, "%s.plugins.resolve.resolvconf.iface_prefix", - RESOLVCONF_PREFIX, hydra->daemon); + RESOLVCONF_PREFIX, lib->ns); } return &this->public; |