2006-04-20 11:48:57 +00:00
|
|
|
/*
|
2009-03-12 18:07:32 +00:00
|
|
|
* Copyright (C) 2009 Tobias Brunner
|
2008-03-13 14:14:44 +00:00
|
|
|
* Copyright (C) 2008 Martin Willi
|
2006-04-20 11:48:57 +00:00
|
|
|
* Hochschule fuer Technik Rapperswil
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
|
|
* under the terms of the GNU General Public License as published by the
|
|
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
* for more details.
|
|
|
|
*/
|
|
|
|
|
2006-10-18 11:46:13 +00:00
|
|
|
#include "library.h"
|
2006-04-20 11:48:57 +00:00
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
#include <stdlib.h>
|
2006-10-31 12:27:59 +00:00
|
|
|
|
2012-10-16 14:03:21 +00:00
|
|
|
#include <utils/debug.h>
|
2010-06-07 13:06:09 +00:00
|
|
|
#include <threading/thread.h>
|
|
|
|
#include <utils/identification.h>
|
2012-10-16 12:29:18 +00:00
|
|
|
#include <networking/host.h>
|
2012-10-16 12:54:16 +00:00
|
|
|
#include <collections/hashtable.h>
|
2012-07-11 15:37:09 +00:00
|
|
|
#include <utils/backtrace.h>
|
2010-06-07 13:06:09 +00:00
|
|
|
#include <selectors/traffic_selector.h>
|
2006-10-31 12:27:59 +00:00
|
|
|
|
2011-06-08 13:49:15 +00:00
|
|
|
#define CHECKSUM_LIBRARY IPSEC_LIB_DIR"/libchecksum.so"
|
2009-06-19 09:40:41 +00:00
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
typedef struct private_library_t private_library_t;
|
2006-10-31 12:27:59 +00:00
|
|
|
|
2007-02-12 15:56:47 +00:00
|
|
|
/**
|
2008-03-13 14:14:44 +00:00
|
|
|
* private data of library
|
2007-02-12 15:56:47 +00:00
|
|
|
*/
|
2008-03-13 14:14:44 +00:00
|
|
|
struct private_library_t {
|
2007-02-12 15:56:47 +00:00
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
/**
|
|
|
|
* public functions
|
|
|
|
*/
|
|
|
|
library_t public;
|
2011-07-06 13:19:13 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Hashtable with registered objects (name => object)
|
|
|
|
*/
|
|
|
|
hashtable_t *objects;
|
2012-10-25 12:33:09 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Integrity check failed?
|
|
|
|
*/
|
|
|
|
bool integrity_failed;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Number of times we have been initialized
|
|
|
|
*/
|
|
|
|
refcount_t ref;
|
2008-03-13 14:14:44 +00:00
|
|
|
};
|
2006-10-18 11:46:13 +00:00
|
|
|
|
2006-10-31 12:27:59 +00:00
|
|
|
/**
|
2008-03-13 14:14:44 +00:00
|
|
|
* library instance
|
2006-10-31 12:27:59 +00:00
|
|
|
*/
|
2012-10-25 12:33:09 +00:00
|
|
|
library_t *lib = NULL;
|
2006-10-31 12:27:59 +00:00
|
|
|
|
|
|
|
/**
|
2011-07-06 13:19:13 +00:00
|
|
|
* Deinitialize library
|
2006-10-31 12:27:59 +00:00
|
|
|
*/
|
2008-03-13 14:14:44 +00:00
|
|
|
void library_deinit()
|
2006-10-31 12:27:59 +00:00
|
|
|
{
|
2008-03-13 14:14:44 +00:00
|
|
|
private_library_t *this = (private_library_t*)lib;
|
2010-05-19 13:22:12 +00:00
|
|
|
bool detailed;
|
|
|
|
|
2012-10-25 12:33:09 +00:00
|
|
|
if (!this || !ref_put(&this->ref))
|
|
|
|
{ /* have more users */
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2010-05-19 13:22:12 +00:00
|
|
|
detailed = lib->settings->get_bool(lib->settings,
|
|
|
|
"libstrongswan.leak_detective.detailed", TRUE);
|
2008-03-13 14:14:44 +00:00
|
|
|
|
2011-12-15 11:20:09 +00:00
|
|
|
/* make sure the cache is clear before unloading plugins */
|
|
|
|
lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);
|
|
|
|
|
2010-07-15 12:26:19 +00:00
|
|
|
this->public.scheduler->destroy(this->public.scheduler);
|
|
|
|
this->public.processor->destroy(this->public.processor);
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.plugins->destroy(this->public.plugins);
|
2012-10-16 08:57:02 +00:00
|
|
|
this->public.hosts->destroy(this->public.hosts);
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.settings->destroy(this->public.settings);
|
2010-07-05 09:54:25 +00:00
|
|
|
this->public.credmgr->destroy(this->public.credmgr);
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.creds->destroy(this->public.creds);
|
2009-08-18 15:48:34 +00:00
|
|
|
this->public.encoding->destroy(this->public.encoding);
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.crypto->destroy(this->public.crypto);
|
2012-09-13 12:22:08 +00:00
|
|
|
this->public.proposal->destroy(this->public.proposal);
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.fetcher->destroy(this->public.fetcher);
|
2012-03-23 10:36:49 +00:00
|
|
|
this->public.resolver->destroy(this->public.resolver);
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.db->destroy(this->public.db);
|
|
|
|
this->public.printf_hook->destroy(this->public.printf_hook);
|
2011-10-26 15:35:18 +00:00
|
|
|
this->objects->destroy(this->objects);
|
2009-06-18 15:50:28 +00:00
|
|
|
if (this->public.integrity)
|
|
|
|
{
|
|
|
|
this->public.integrity->destroy(this->public.integrity);
|
|
|
|
}
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2011-04-29 12:52:32 +00:00
|
|
|
if (lib->leak_detective)
|
2006-10-31 12:27:59 +00:00
|
|
|
{
|
2011-04-29 12:52:32 +00:00
|
|
|
lib->leak_detective->report(lib->leak_detective, detailed);
|
|
|
|
lib->leak_detective->destroy(lib->leak_detective);
|
2006-10-31 12:27:59 +00:00
|
|
|
}
|
2009-12-17 14:58:12 +00:00
|
|
|
|
|
|
|
threads_deinit();
|
2012-07-11 15:37:09 +00:00
|
|
|
backtrace_deinit();
|
2009-12-17 14:58:12 +00:00
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
free(this);
|
|
|
|
lib = NULL;
|
2006-10-31 12:27:59 +00:00
|
|
|
}
|
|
|
|
|
2011-07-06 13:19:13 +00:00
|
|
|
METHOD(library_t, get, void*,
|
|
|
|
private_library_t *this, char *name)
|
|
|
|
{
|
|
|
|
return this->objects->get(this->objects, name);
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(library_t, set, bool,
|
|
|
|
private_library_t *this, char *name, void *object)
|
|
|
|
{
|
|
|
|
if (object)
|
|
|
|
{
|
|
|
|
if (this->objects->get(this->objects, name))
|
|
|
|
{
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
this->objects->put(this->objects, name, object);
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
return this->objects->remove(this->objects, name) != NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Hashtable hash function
|
|
|
|
*/
|
|
|
|
static u_int hash(char *key)
|
|
|
|
{
|
|
|
|
return chunk_hash(chunk_create(key, strlen(key)));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Hashtable equals function
|
|
|
|
*/
|
|
|
|
static bool equals(char *a, char *b)
|
|
|
|
{
|
|
|
|
return streq(a, b);
|
|
|
|
}
|
|
|
|
|
2013-04-18 10:37:39 +00:00
|
|
|
/**
|
|
|
|
* Write magic to memory, and try to clear it with memwipe()
|
|
|
|
*/
|
|
|
|
__attribute__((noinline))
|
|
|
|
static void do_magic(int magic, int **stack)
|
|
|
|
{
|
|
|
|
int buf[32], i;
|
|
|
|
|
|
|
|
/* tell caller where callee stack is (but don't point to buf) */
|
|
|
|
*stack = &i;
|
|
|
|
for (i = 0; i < countof(buf); i++)
|
|
|
|
{
|
|
|
|
buf[i] = magic;
|
|
|
|
}
|
|
|
|
/* passing buf to dbg should make sure the compiler can't optimize out buf.
|
|
|
|
* we use directly dbg(3), as DBG3() might be stripped with DEBUG_LEVEL. */
|
|
|
|
dbg(DBG_LIB, 3, "memwipe() pre: %b", buf, sizeof(buf));
|
|
|
|
memwipe(buf, sizeof(buf));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if memwipe works as expected
|
|
|
|
*/
|
|
|
|
static bool check_memwipe()
|
|
|
|
{
|
|
|
|
int magic = 0xCAFEBABE, *ptr, *deeper, i, stackdir = 1;
|
|
|
|
|
|
|
|
do_magic(magic, &deeper);
|
|
|
|
|
|
|
|
ptr = &magic;
|
|
|
|
if (deeper < ptr)
|
|
|
|
{ /* stack grows down */
|
|
|
|
stackdir = -1;
|
|
|
|
}
|
|
|
|
for (i = 0; i < 128; i++)
|
|
|
|
{
|
|
|
|
ptr = ptr + stackdir;
|
|
|
|
if (*ptr == magic)
|
|
|
|
{
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
/*
|
|
|
|
* see header file
|
2006-10-31 12:27:59 +00:00
|
|
|
*/
|
2009-06-19 10:01:52 +00:00
|
|
|
bool library_init(char *settings)
|
2006-10-31 12:27:59 +00:00
|
|
|
{
|
2011-07-06 13:19:13 +00:00
|
|
|
private_library_t *this;
|
2008-03-13 14:14:44 +00:00
|
|
|
printf_hook_t *pfh;
|
2011-07-06 13:19:13 +00:00
|
|
|
|
2012-10-25 12:33:09 +00:00
|
|
|
if (lib)
|
|
|
|
{ /* already initialized, increase refcount */
|
|
|
|
this = (private_library_t*)lib;
|
|
|
|
ref_get(&this->ref);
|
|
|
|
return !this->integrity_failed;
|
|
|
|
}
|
|
|
|
|
2011-07-06 13:19:13 +00:00
|
|
|
INIT(this,
|
|
|
|
.public = {
|
|
|
|
.get = _get,
|
|
|
|
.set = _set,
|
|
|
|
},
|
2012-10-25 12:33:09 +00:00
|
|
|
.ref = 1,
|
2011-07-06 13:19:13 +00:00
|
|
|
);
|
2008-03-13 14:14:44 +00:00
|
|
|
lib = &this->public;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2012-07-11 15:37:09 +00:00
|
|
|
backtrace_init();
|
2009-12-17 14:58:12 +00:00
|
|
|
threads_init();
|
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
#ifdef LEAK_DETECTIVE
|
2011-04-29 12:52:32 +00:00
|
|
|
lib->leak_detective = leak_detective_create();
|
2008-03-13 14:14:44 +00:00
|
|
|
#endif /* LEAK_DETECTIVE */
|
2007-01-20 15:13:05 +00:00
|
|
|
|
2008-03-13 14:14:44 +00:00
|
|
|
pfh = printf_hook_create();
|
|
|
|
this->public.printf_hook = pfh;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2009-03-12 18:07:32 +00:00
|
|
|
pfh->add_handler(pfh, 'b', mem_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
|
|
|
|
PRINTF_HOOK_ARGTYPE_END);
|
|
|
|
pfh->add_handler(pfh, 'B', chunk_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
|
|
|
|
pfh->add_handler(pfh, 'H', host_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
|
|
|
|
pfh->add_handler(pfh, 'N', enum_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
|
|
|
|
PRINTF_HOOK_ARGTYPE_END);
|
|
|
|
pfh->add_handler(pfh, 'T', time_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
|
|
|
|
PRINTF_HOOK_ARGTYPE_END);
|
|
|
|
pfh->add_handler(pfh, 'V', time_delta_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_POINTER,
|
|
|
|
PRINTF_HOOK_ARGTYPE_END);
|
2009-04-30 11:37:54 +00:00
|
|
|
pfh->add_handler(pfh, 'Y', identification_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
|
2010-06-07 13:06:09 +00:00
|
|
|
pfh->add_handler(pfh, 'R', traffic_selector_printf_hook,
|
|
|
|
PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2011-07-06 13:19:13 +00:00
|
|
|
this->objects = hashtable_create((hashtable_hash_t)hash,
|
|
|
|
(hashtable_equals_t)equals, 4);
|
2009-06-10 09:22:43 +00:00
|
|
|
this->public.settings = settings_create(settings);
|
2012-10-18 06:46:24 +00:00
|
|
|
this->public.hosts = host_resolver_create();
|
2012-09-13 12:22:08 +00:00
|
|
|
this->public.proposal = proposal_keywords_create();
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.crypto = crypto_factory_create();
|
|
|
|
this->public.creds = credential_factory_create();
|
2010-07-05 09:54:25 +00:00
|
|
|
this->public.credmgr = credential_manager_create();
|
2010-07-13 09:28:04 +00:00
|
|
|
this->public.encoding = cred_encoding_create();
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.fetcher = fetcher_manager_create();
|
2012-03-23 10:36:49 +00:00
|
|
|
this->public.resolver = resolver_manager_create();
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.db = database_factory_create();
|
2010-07-15 12:26:19 +00:00
|
|
|
this->public.processor = processor_create();
|
|
|
|
this->public.scheduler = scheduler_create();
|
2008-03-13 14:14:44 +00:00
|
|
|
this->public.plugins = plugin_loader_create();
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2013-04-18 10:37:39 +00:00
|
|
|
if (!check_memwipe())
|
|
|
|
{
|
|
|
|
DBG1(DBG_LIB, "memwipe() check failed");
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2009-06-18 15:50:28 +00:00
|
|
|
if (lib->settings->get_bool(lib->settings,
|
|
|
|
"libstrongswan.integrity_test", FALSE))
|
|
|
|
{
|
2009-06-19 15:37:08 +00:00
|
|
|
#ifdef INTEGRITY_TEST
|
2009-06-19 09:40:41 +00:00
|
|
|
this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY);
|
2009-06-19 15:27:57 +00:00
|
|
|
if (!lib->integrity->check(lib->integrity, "libstrongswan", library_init))
|
2009-06-18 15:51:22 +00:00
|
|
|
{
|
2010-03-31 15:28:46 +00:00
|
|
|
DBG1(DBG_LIB, "integrity check of libstrongswan failed");
|
2012-10-25 12:33:09 +00:00
|
|
|
this->integrity_failed = TRUE;
|
2009-06-18 15:51:22 +00:00
|
|
|
}
|
2009-06-19 15:37:08 +00:00
|
|
|
#else /* !INTEGRITY_TEST */
|
2010-03-31 15:28:46 +00:00
|
|
|
DBG1(DBG_LIB, "integrity test enabled, but not supported");
|
2012-10-25 12:33:09 +00:00
|
|
|
this->integrity_failed = TRUE;
|
2009-06-19 15:37:08 +00:00
|
|
|
#endif /* INTEGRITY_TEST */
|
2009-06-18 15:50:28 +00:00
|
|
|
}
|
2012-07-11 15:37:09 +00:00
|
|
|
|
2012-10-25 12:33:09 +00:00
|
|
|
return !this->integrity_failed;
|
2006-10-31 12:27:59 +00:00
|
|
|
}
|