Warn about manual plugin load directives for pluto/charon with --disable-load-warning compile option

2010-07-15 06:29:26 +02:00 · 2010-07-15 06:29:26 +02:00 · 3de510ca43
parent 83b957107f
commit 3de510ca43
3 changed files with 22 additions and 0 deletions
--- a/configure.in
+++ b/configure.in
@ -128,6 +128,7 @@ ARG_ENABL_SET([fast],           [enable libfast (FastCGI Application Server w/ t
 ARG_ENABL_SET([manager],        [enable web management console (proof of concept).])
 ARG_ENABL_SET([mediation],      [enable IKEv2 Mediation Extension.])
 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
+ARG_DISBL_SET([load-warning],   [disable the charon/pluto plugin load option warning in starter.])
 ARG_DISBL_SET([pluto],          [disable the IKEv1 keying daemon pluto.])
 ARG_DISBL_SET([xauth],          [disable xauth plugin.])
 ARG_DISBL_SET([threads],        [disable the use of threads in pluto. Charon always uses threads.])
@ -880,6 +881,7 @@ AM_CONDITIONAL(USE_FAST, test x$fast = xtrue)
 AM_CONDITIONAL(USE_MANAGER, test x$manager = xtrue)
 AM_CONDITIONAL(USE_ME, test x$mediation = xtrue)
 AM_CONDITIONAL(USE_INTEGRITY_TEST, test x$integrity_test = xtrue)
+AM_CONDITIONAL(USE_LOAD_WARNING, test x$load_warning = xtrue)
 AM_CONDITIONAL(USE_PLUTO, test x$pluto = xtrue)
 AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
--- a/src/starter/Makefile.am
+++ b/src/starter/Makefile.am
@ -39,6 +39,10 @@ if USE_CHARON
  AM_CFLAGS += -DSTART_CHARON
 endif

+if USE_LOAD_WARNING
+  AM_CFLAGS += -DLOAD_WARNING
+endif
+
 ipsec.conf.5:	ipsec.conf.5.in
 		sed \
 		-e "s:@IPSEC_VERSION@:$(PACKAGE_VERSION):" \
--- a/src/starter/starter.c
+++ b/src/starter/starter.c
@ -241,6 +241,7 @@ int main (int argc, char **argv)
 	time_t last_reload;
 	bool no_fork = FALSE;
 	bool attach_gdb = FALSE;
+	bool load_warning = FALSE;

 	/* global variables defined in log.h */
 	log_to_stderr = TRUE;
@ -300,6 +301,21 @@ int main (int argc, char **argv)

 	plog("Starting strongSwan "VERSION" IPsec [starter]...");

+#ifdef LOAD_WARNING
+	load_warning = TRUE;
+#endif
+
+	if (lib->settings->get_bool(lib->settings, "starter.load_warning", load_warning))
+	{
+		if (lib->settings->get_str(lib->settings, "charon.load", NULL) ||
+			lib->settings->get_str(lib->settings, "pluto.load", NULL))
+		{
+			plog("!! Your strongswan.conf contains manual plugin load options for");
+			plog("!! pluto and/or charon. This is recommended for experts only, see");
+			plog("!! http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad");
+		}
+	}
+
 	/* verify that we can start */
 	if (getuid() != 0)
 	{