introduced printf() specifiers for:
host_t (%H) identification_t (%D) chunk pointers (%B) memory pointer/length (%b) added a signaling bus: receives event and debug messages, sends them to its listeners stream_logger, sys_logger, file_logger added, listen to bus some other tweaks here and there
This commit is contained in:
parent
f91513e333
commit
47f5027807
|
@ -3,6 +3,10 @@
|
|||
ipsec_PROGRAMS = charon
|
||||
|
||||
charon_SOURCES = \
|
||||
bus/bus.c bus/bus.h \
|
||||
bus/listeners/stream_logger.c bus/listeners/stream_logger.h \
|
||||
bus/listeners/sys_logger.c bus/listeners/sys_logger.h \
|
||||
bus/listeners/file_logger.c bus/listeners/file_logger.h \
|
||||
config/connections/connection.c config/connections/connection.h \
|
||||
config/connections/local_connection_store.c config/connections/local_connection_store.h config/connections/connection_store.h \
|
||||
config/policies/policy.c config/policies/policy.h \
|
||||
|
|
|
@ -0,0 +1,142 @@
|
|||
/**
|
||||
* @file bus.c
|
||||
*
|
||||
* @brief Implementation of bus_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include "bus.h"
|
||||
|
||||
typedef struct private_bus_t private_bus_t;
|
||||
|
||||
/**
|
||||
* Private data of a bus_t object.
|
||||
*/
|
||||
struct private_bus_t {
|
||||
/**
|
||||
* Public part of a bus_t object.
|
||||
*/
|
||||
bus_t public;
|
||||
|
||||
/**
|
||||
* List of registered listeners implementing the bus_t interface
|
||||
*/
|
||||
linked_list_t *listeners;
|
||||
|
||||
/**
|
||||
* Thread local storage for a unique, simple thread ID
|
||||
*/
|
||||
pthread_key_t thread_id;
|
||||
|
||||
/**
|
||||
* Thread local storage the threads IKE_SA
|
||||
*/
|
||||
pthread_key_t thread_sa;
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* Get a unique thread number for a calling thread. Since
|
||||
* pthread_self returns large and ugly numbers, use this function
|
||||
* for logging; these numbers are incremental starting at 1
|
||||
*/
|
||||
static int get_thread_number(private_bus_t *this)
|
||||
{
|
||||
static int current_num = 0, stored_num;
|
||||
|
||||
stored_num = (int)pthread_getspecific(this->thread_id);
|
||||
if (stored_num == 0)
|
||||
{ /* first call of current thread */
|
||||
pthread_setspecific(this->thread_id, (void*)++current_num);
|
||||
return current_num;
|
||||
}
|
||||
else
|
||||
{
|
||||
return stored_num;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of bus_t.add_listener.
|
||||
*/
|
||||
static void add_listener(private_bus_t *this, bus_listener_t *listener)
|
||||
{
|
||||
this->listeners->insert_last(this->listeners, (void*)listener);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of bus_t.set_sa.
|
||||
*/
|
||||
static void set_sa(private_bus_t *this, ike_sa_t *ike_sa)
|
||||
{
|
||||
pthread_setspecific(this->thread_sa, ike_sa);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of bus_t.signal.
|
||||
*/
|
||||
static void signal_(private_bus_t *this, signal_t signal, level_t condition,
|
||||
char* format, ...)
|
||||
{
|
||||
iterator_t *iterator;
|
||||
bus_listener_t *listener;
|
||||
va_list args;
|
||||
ike_sa_t *ike_sa;
|
||||
int thread;
|
||||
|
||||
ike_sa = pthread_getspecific(this->thread_sa);
|
||||
thread = get_thread_number(this);
|
||||
va_start(args, format);
|
||||
|
||||
iterator = this->listeners->create_iterator(this->listeners, TRUE);
|
||||
while (iterator->iterate(iterator, (void**)&listener))
|
||||
{
|
||||
listener->signal(listener, thread, ike_sa,
|
||||
signal, condition, format, args);
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
va_end(args);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of bus_t.destroy.
|
||||
*/
|
||||
static void destroy(private_bus_t *this)
|
||||
{
|
||||
this->listeners->destroy(this->listeners);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header.
|
||||
*/
|
||||
bus_t *bus_create()
|
||||
{
|
||||
private_bus_t *this = malloc_thing(private_bus_t);
|
||||
|
||||
this->public.add_listener = (void(*)(bus_t*,bus_listener_t*))add_listener;
|
||||
this->public.set_sa = (void(*)(bus_t*,ike_sa_t*))set_sa;
|
||||
this->public.signal = (void(*)(bus_t*,signal_t,level_t,char*,...))signal_;
|
||||
this->public.destroy = (void(*)(bus_t*)) destroy;
|
||||
|
||||
this->listeners = linked_list_create();
|
||||
pthread_key_create(&this->thread_id, NULL);
|
||||
pthread_key_create(&this->thread_sa, NULL);
|
||||
|
||||
return &(this->public);
|
||||
}
|
|
@ -0,0 +1,232 @@
|
|||
/**
|
||||
* @file bus.h
|
||||
*
|
||||
* @brief Interface of bus_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#ifndef BUS_H_
|
||||
#define BUS_H_
|
||||
|
||||
#include <stdarg.h>
|
||||
|
||||
#include <sa/ike_sa.h>
|
||||
#include <sa/child_sa.h>
|
||||
|
||||
|
||||
/**
|
||||
* @brief Raise a signal for an occured event.
|
||||
*
|
||||
* @param sig signal_t signal description
|
||||
* @param level level for the signal
|
||||
* @param format printf() style format string
|
||||
* @param ... printf() style agument list
|
||||
*/
|
||||
#define SIG(sig, level, format, ...) charon->bus->signal(charon->bus, sig, level, format, ##__VA_ARGS__)
|
||||
|
||||
/**
|
||||
* @brief Set the IKE_SA the calling thread is using.
|
||||
*
|
||||
* @param ike_sa ike_sa to register, or NULL to unregister
|
||||
*/
|
||||
#define SIG_SA(ike_sa) charon->bus->set_sa(charon->bus, ike_sa)
|
||||
|
||||
/**
|
||||
* @brief Log a debug message via the signal bus.
|
||||
*
|
||||
* @param signal signal_t signal description
|
||||
* @param format printf() style format string
|
||||
* @param ... printf() style agument list
|
||||
*/
|
||||
#define DBG1(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG1, format, ##__VA_ARGS__)
|
||||
#define DBG2(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG2, format, ##__VA_ARGS__)
|
||||
#define DBG3(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG3, format, ##__VA_ARGS__)
|
||||
#define DBG4(sig, format, ...) charon->bus->signal(charon->bus, sig, LEV_DBG4, format, ##__VA_ARGS__)
|
||||
|
||||
|
||||
typedef enum signal_t signal_t;
|
||||
|
||||
enum signal_t {
|
||||
/** an IKE_SA has been established */
|
||||
SIG_IKE_UP,
|
||||
/** an IKE_SA has been closed */
|
||||
SIG_IKE_DOWN,
|
||||
/** an IKE_SA has been rekeyed */
|
||||
SIG_IKE_REKEY,
|
||||
/** a CHILD_SA has been installed */
|
||||
SIG_CHILD_UP,
|
||||
/** a CHILD_SA has been closed */
|
||||
SIG_CHILD_DOWN,
|
||||
/** a CHILD_SA has been rekeyed */
|
||||
SIG_CHILD_REKEY,
|
||||
/** a CHILD_SA has been routed */
|
||||
SIG_CHILD_ROUTE,
|
||||
/** a CHILD_SA has been unrouted */
|
||||
SIG_CHILD_UNROUTE,
|
||||
/** a remote peer has been authenticated using RSA digital signature */
|
||||
SIG_AUTH_RSA,
|
||||
/** a remote peer has been authenticated using preshared keys */
|
||||
SIG_AUTH_PSK,
|
||||
|
||||
/** debugging message printed from an IKE_SA */
|
||||
SIG_DBG_IKE,
|
||||
/** debugging message printed from a CHILD_SA */
|
||||
SIG_DBG_CHD,
|
||||
/** debugging message printed from job processing */
|
||||
SIG_DBG_JOB,
|
||||
/** debugging message printed from configuration backends */
|
||||
SIG_DBG_CFG,
|
||||
/** debugging message printed from kernel interface */
|
||||
SIG_DBG_KNL,
|
||||
/** debugging message printed from networking */
|
||||
SIG_DBG_NET,
|
||||
/** debugging message printed from message encoding/decoding */
|
||||
SIG_DBG_ENC,
|
||||
|
||||
SIG_MAX,
|
||||
};
|
||||
|
||||
typedef enum level_t level_t;
|
||||
|
||||
enum level_t {
|
||||
/** Signal indicates something has failed */
|
||||
LEV_FAILED,
|
||||
/** Signal indicates something was successful */
|
||||
LEV_SUCCESS,
|
||||
/** Debug level 1, control flow messages */
|
||||
LEV_DBG1,
|
||||
/** Debug level 2, more detail informational messages */
|
||||
LEV_DBG2,
|
||||
/** Debug level 3, RAW data output */
|
||||
LEV_DBG3,
|
||||
/** Debug level 4, RAW data with sensitive (private) data */
|
||||
LEV_DBG4,
|
||||
};
|
||||
|
||||
typedef struct bus_listener_t bus_listener_t;
|
||||
|
||||
/**
|
||||
* @brief Interface for registering at the signal bus.
|
||||
*
|
||||
* To receive signals from the bus, the client implementing the
|
||||
* bus_listener_t interface registers itself at the signal bus.
|
||||
*
|
||||
* @ingroup bus
|
||||
*/
|
||||
struct bus_listener_t {
|
||||
|
||||
/**
|
||||
* @brief Send a signal to a bus listener.
|
||||
*
|
||||
* A numerical identification for the thread is included, as the
|
||||
* associated IKE_SA, if any. Signal specifies the type of
|
||||
* the event occured, with a verbosity level. The format string specifies
|
||||
* an additional informational or error message with a printf() like
|
||||
* variable argument list. This is in the va_list form, as forwarding
|
||||
* a "..." parameters to functions is not (cleanly) possible.
|
||||
*
|
||||
* @param this listener
|
||||
* @param thread ID of the thread raised this signal
|
||||
* @param ike_sa IKE_SA associated to the event
|
||||
* @param singal kind of the signal (up, down, rekeyed, ...)
|
||||
* @param level level for signal
|
||||
* @param format printf() style format string
|
||||
* @param args vprintf() style va_list argument list
|
||||
*/
|
||||
void (*signal) (bus_listener_t *this, int thread, ike_sa_t *ike_sa,
|
||||
signal_t signal, level_t level, char* format, va_list args);
|
||||
};
|
||||
|
||||
|
||||
typedef struct bus_t bus_t;
|
||||
|
||||
/**
|
||||
* @brief Signal bus which sends signals to registered listeners.
|
||||
*
|
||||
* The signal bus is not much more than a multiplexer. A listener interested
|
||||
* in receiving event signals registers at the bus. Any signals sent to
|
||||
* are delivered to all registered listeners.
|
||||
*
|
||||
*
|
||||
* @ingroup bus
|
||||
*/
|
||||
struct bus_t {
|
||||
|
||||
/**
|
||||
* @brief Register a listener to the bus.
|
||||
*
|
||||
* A registered listener receives all signals which are sent to the bus.
|
||||
*
|
||||
* @param this bus
|
||||
* @param listener listener to register.
|
||||
*/
|
||||
void (*add_listener) (bus_t *this, bus_listener_t *listener);
|
||||
|
||||
/**
|
||||
* @brief Set the IKE_SA the calling thread is using.
|
||||
*
|
||||
* To associate an received signal to an IKE_SA without passing it as
|
||||
* parameter each time, the thread registers it's used IKE_SA each
|
||||
* time it checked it out. Before checking it in, the thread unregisters
|
||||
* the IKE_SA (by passing NULL). This IKE_SA is stored per-thread, so each
|
||||
* thread has one IKE_SA registered (or not).
|
||||
* There is a macro to simplify the call.
|
||||
* @see SIG_SA()
|
||||
*
|
||||
* @param this bus
|
||||
* @param ike_sa ike_sa to register, or NULL to unregister
|
||||
*/
|
||||
void (*set_sa) (bus_t *this, ike_sa_t *ike_sa);
|
||||
|
||||
/**
|
||||
* @brief Send a signal to the bus.
|
||||
*
|
||||
* A signal may belong to an IKE_SA and a CHILD_SA. If so, these
|
||||
* are supplied to the signal function. The signal specifies the type of
|
||||
* the event occured. The format string specifies an additional
|
||||
* informational or error message with a printf() like variable argument
|
||||
* list.
|
||||
* Some useful macros may be available to shorten this call.
|
||||
* @see SIG(), DBG1()
|
||||
*
|
||||
* @param this bus
|
||||
* @param singal kind of the signal (up, down, rekeyed, ...)
|
||||
* @param level status level of the signal to send
|
||||
* @param format printf() style format string
|
||||
* @param ... printf() style argument list
|
||||
*/
|
||||
void (*signal) (bus_t *this, signal_t signal, level_t level, char* format, ...);
|
||||
|
||||
/**
|
||||
* @brief Destroy the signal bus.
|
||||
*
|
||||
* @param this bus to destroy
|
||||
*/
|
||||
void (*destroy) (bus_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* @brief Create the signal bus which multiplexes signals to its listeners.
|
||||
*
|
||||
* @return signal bus instance
|
||||
*
|
||||
* @ingroup bus
|
||||
*/
|
||||
bus_t *bus_create();
|
||||
|
||||
#endif /* BUS_H_ */
|
|
@ -0,0 +1,179 @@
|
|||
/**
|
||||
* @file file_logger.c
|
||||
*
|
||||
* @brief Implementation of file_logger_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/* for fmemopen() */
|
||||
#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "file_logger.h"
|
||||
|
||||
#include <bus/listeners/stream_logger.h>
|
||||
|
||||
|
||||
typedef struct private_file_logger_t private_file_logger_t;
|
||||
|
||||
/**
|
||||
* Private data of a file_logger_t object
|
||||
*/
|
||||
struct private_file_logger_t {
|
||||
|
||||
/**
|
||||
* Public data.
|
||||
*/
|
||||
file_logger_t public;
|
||||
|
||||
/**
|
||||
* output file
|
||||
*/
|
||||
FILE *out;
|
||||
|
||||
/**
|
||||
* Internal used stream logger that does the dirty work
|
||||
*/
|
||||
stream_logger_t *logger;
|
||||
|
||||
/**
|
||||
* Memory stream used for stream_logger
|
||||
*/
|
||||
FILE *stream;
|
||||
|
||||
/**
|
||||
* Underlying buffer for stream
|
||||
*/
|
||||
char buffer[4096];
|
||||
};
|
||||
|
||||
|
||||
/**
|
||||
* Implementation of bus_listener_t.signal.
|
||||
*/
|
||||
static void signal_(private_file_logger_t *this, int thread, ike_sa_t* ike_sa,
|
||||
signal_t signal, level_t level,
|
||||
char *format, va_list args)
|
||||
{
|
||||
char line[512];
|
||||
char *prefix;
|
||||
FILE *reader;
|
||||
|
||||
switch (signal)
|
||||
{
|
||||
case SIG_IKE_UP:
|
||||
case SIG_IKE_DOWN:
|
||||
case SIG_IKE_REKEY:
|
||||
case SIG_DBG_IKE:
|
||||
prefix = "IKE";
|
||||
break;
|
||||
case SIG_DBG_CHD:
|
||||
prefix = "CHD";
|
||||
break;
|
||||
case SIG_DBG_JOB:
|
||||
prefix = "JOG";
|
||||
break;
|
||||
case SIG_DBG_CFG:
|
||||
prefix = "CFG";
|
||||
break;
|
||||
case SIG_DBG_KNL:
|
||||
prefix = "KNL";
|
||||
break;
|
||||
case SIG_DBG_NET:
|
||||
prefix = "NET";
|
||||
break;
|
||||
case SIG_DBG_ENC:
|
||||
prefix = "ENC";
|
||||
break;
|
||||
default:
|
||||
prefix = "???";
|
||||
break;
|
||||
}
|
||||
|
||||
flockfile(this->stream);
|
||||
/* reset memory stream */
|
||||
rewind(this->stream);
|
||||
memset(this->buffer, '\0', sizeof(this->buffer));
|
||||
/* log to memstream */
|
||||
this->logger->listener.signal(&this->logger->listener, thread, ike_sa,
|
||||
signal, level, format, args);
|
||||
/* flush is needed to append a '\0' */
|
||||
fflush(this->stream);
|
||||
|
||||
/* create a reader stream that reads out line by line */
|
||||
reader = fmemopen(this->buffer, sizeof(this->buffer), "r");
|
||||
|
||||
while (fgets(line, sizeof(line), reader))
|
||||
{
|
||||
if (line[0] == '\0')
|
||||
{
|
||||
/* abort on EOF */
|
||||
break;
|
||||
}
|
||||
else if (line[0] != '\n')
|
||||
{
|
||||
fprintf(this->out, "%.2d[%s] %s", thread, prefix, line);
|
||||
}
|
||||
}
|
||||
fclose(reader);
|
||||
funlockfile(this->stream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of file_logger_t.set_level.
|
||||
*/
|
||||
static void set_level(private_file_logger_t *this, signal_t signal, level_t max)
|
||||
{
|
||||
this->logger->set_level(this->logger, signal, max);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of file_logger_t.destroy.
|
||||
*/
|
||||
static void destroy(private_file_logger_t *this)
|
||||
{
|
||||
fclose(this->stream);
|
||||
this->logger->destroy(this->logger);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header.
|
||||
*/
|
||||
file_logger_t *file_logger_create(FILE *out)
|
||||
{
|
||||
private_file_logger_t *this = malloc_thing(private_file_logger_t);
|
||||
|
||||
/* public functions */
|
||||
this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
|
||||
this->public.set_level = (void(*)(file_logger_t*,signal_t,level_t))set_level;
|
||||
this->public.destroy = (void(*)(file_logger_t*))destroy;
|
||||
|
||||
/* private variables */
|
||||
this->out = out;
|
||||
this->stream = fmemopen(this->buffer, sizeof(this->buffer), "w");
|
||||
if (this->stream == NULL)
|
||||
{
|
||||
/* fallback to stderr */
|
||||
this->stream = stderr;
|
||||
}
|
||||
this->logger = stream_logger_create(this->stream);
|
||||
|
||||
return &this->public;
|
||||
}
|
|
@ -0,0 +1,74 @@
|
|||
/**
|
||||
* @file file_logger.h
|
||||
*
|
||||
* @brief Interface of file_logger_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#ifndef FILE_LOGGER_H_
|
||||
#define FILE_LOGGER_H_
|
||||
|
||||
#include <bus/bus.h>
|
||||
|
||||
|
||||
typedef struct file_logger_t file_logger_t;
|
||||
|
||||
/**
|
||||
* @brief Logger to files which implements bus_listener_t.
|
||||
*
|
||||
* @b Constructors:
|
||||
* - file_logger_create()
|
||||
*
|
||||
* @ingroup listeners
|
||||
*/
|
||||
struct file_logger_t {
|
||||
|
||||
/**
|
||||
* Implements the bus_listener_t interface.
|
||||
*/
|
||||
bus_listener_t listener;
|
||||
|
||||
/**
|
||||
* @brief Set the loglevel for a signal type.
|
||||
*
|
||||
* @param this stream_logger_t object
|
||||
* @param singal type of signal
|
||||
* @param level max level to log
|
||||
*/
|
||||
void (*set_level) (file_logger_t *this, signal_t signal, level_t level);
|
||||
|
||||
/**
|
||||
* @brief Destroys a file_logger_t object.
|
||||
*
|
||||
* @param this file_logger_t object
|
||||
*/
|
||||
void (*destroy) (file_logger_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* @brief Constructor to create a file_logger_t object.
|
||||
*
|
||||
* @param out FILE to write to
|
||||
* @return file_logger_t object
|
||||
*
|
||||
* @ingroup listeners
|
||||
*/
|
||||
file_logger_t *file_logger_create(FILE *out);
|
||||
|
||||
|
||||
#endif /* FILE_LOGGER_H_ */
|
|
@ -0,0 +1,141 @@
|
|||
/**
|
||||
* @file stream_logger.c
|
||||
*
|
||||
* @brief Implementation of stream_logger_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
|
||||
#include "stream_logger.h"
|
||||
|
||||
|
||||
typedef struct private_stream_logger_t private_stream_logger_t;
|
||||
|
||||
/**
|
||||
* @brief Private data of a stream_logger_t object.
|
||||
*/
|
||||
struct private_stream_logger_t {
|
||||
|
||||
/**
|
||||
* Public data
|
||||
*/
|
||||
stream_logger_t public;
|
||||
|
||||
/**
|
||||
* Maximum level to log
|
||||
*/
|
||||
level_t max;
|
||||
|
||||
/**
|
||||
* stream to write log output to
|
||||
*/
|
||||
FILE *out;
|
||||
};
|
||||
|
||||
/**
|
||||
* Implementation of bus_listener_t.signal.
|
||||
*/
|
||||
static void signal_(private_stream_logger_t *this, int thread,
|
||||
ike_sa_t* ike_sa, signal_t signal, level_t level,
|
||||
char *format, va_list args)
|
||||
{
|
||||
FILE *o = this->out;
|
||||
|
||||
flockfile(o);
|
||||
|
||||
if (level <= this->max)
|
||||
{
|
||||
/* then print the info */
|
||||
switch (signal)
|
||||
{
|
||||
case SIG_IKE_UP:
|
||||
{
|
||||
if (level == LEV_SUCCESS)
|
||||
{
|
||||
fprintf(o, "established: %H[%D]...%H[%D]\n",
|
||||
ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
|
||||
ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(o, "establishing failed: %H[%D]...%H[%D]:\n",
|
||||
ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
|
||||
ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
|
||||
fprintf(o, " ");
|
||||
vfprintf(o, format, args);
|
||||
fprintf(o, "\n");
|
||||
}
|
||||
break;
|
||||
}
|
||||
case SIG_DBG_IKE:
|
||||
case SIG_DBG_CHD:
|
||||
case SIG_DBG_JOB:
|
||||
case SIG_DBG_CFG:
|
||||
case SIG_DBG_KNL:
|
||||
case SIG_DBG_NET:
|
||||
case SIG_DBG_ENC:
|
||||
{
|
||||
vfprintf(o, format, args);
|
||||
fprintf(o, "\n");
|
||||
break;
|
||||
}
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
funlockfile(o);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of stream_logger_t.set_level.
|
||||
*/
|
||||
static void set_level(private_stream_logger_t *this, signal_t signal, level_t max)
|
||||
{
|
||||
this->max = max;
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of stream_logger_t.destroy.
|
||||
*/
|
||||
static void destroy(private_stream_logger_t *this)
|
||||
{
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header.
|
||||
*/
|
||||
stream_logger_t *stream_logger_create(FILE *out)
|
||||
{
|
||||
private_stream_logger_t *this = malloc_thing(private_stream_logger_t);
|
||||
|
||||
/* public functions */
|
||||
this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
|
||||
this->public.set_level = (void(*)(stream_logger_t*,signal_t,level_t))set_level;
|
||||
this->public.destroy = (void(*)(stream_logger_t*))destroy;
|
||||
|
||||
/* private variables */
|
||||
this->max = LEV_DBG4;
|
||||
this->out = out;
|
||||
|
||||
return &this->public;
|
||||
}
|
|
@ -0,0 +1,75 @@
|
|||
/**
|
||||
* @file stream_logger.h
|
||||
*
|
||||
* @brief Interface of stream_logger_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#ifndef STREAM_LOGGER_H_
|
||||
#define STREAM_LOGGER_H_
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#include <types.h>
|
||||
#include <bus/bus.h>
|
||||
|
||||
typedef struct stream_logger_t stream_logger_t;
|
||||
|
||||
/**
|
||||
* @brief Logger for a file stream which implements bus_listener_t.
|
||||
*
|
||||
* @b Constructors:
|
||||
* - stream_logger_create()
|
||||
*
|
||||
* @ingroup listeners
|
||||
*/
|
||||
struct stream_logger_t {
|
||||
|
||||
/**
|
||||
* Implements the bus_listener_t interface.
|
||||
*/
|
||||
bus_listener_t listener;
|
||||
|
||||
/**
|
||||
* @brief Set the loglevel for a signal type.
|
||||
*
|
||||
* @param this stream_logger_t object
|
||||
* @param singal type of signal
|
||||
* @param level max level to log
|
||||
*/
|
||||
void (*set_level) (stream_logger_t *this, signal_t signal, level_t level);
|
||||
|
||||
/**
|
||||
* @brief Destroys a stream_logger_t object.
|
||||
*
|
||||
* @param this stream_logger_t object
|
||||
*/
|
||||
void (*destroy) (stream_logger_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* @brief Constructor to create a stream_logger_t object.
|
||||
*
|
||||
* @param out output stream to log to
|
||||
* @return stream_logger_t object
|
||||
*
|
||||
* @ingroup utils
|
||||
*/
|
||||
stream_logger_t *stream_logger_create(FILE *out);
|
||||
|
||||
#endif /* STREAM_LOGGER_H_ */
|
|
@ -0,0 +1,181 @@
|
|||
/**
|
||||
* @file sys_logger.c
|
||||
*
|
||||
* @brief Implementation of sys_logger_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/* for open_memstream() */
|
||||
#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <pthread.h>
|
||||
|
||||
#include "sys_logger.h"
|
||||
|
||||
#include <bus/listeners/stream_logger.h>
|
||||
|
||||
|
||||
typedef struct private_sys_logger_t private_sys_logger_t;
|
||||
|
||||
/**
|
||||
* Private data of a sys_logger_t object
|
||||
*/
|
||||
struct private_sys_logger_t {
|
||||
|
||||
/**
|
||||
* Public data.
|
||||
*/
|
||||
sys_logger_t public;
|
||||
|
||||
/**
|
||||
* syslog facility to use
|
||||
*/
|
||||
int facility;
|
||||
|
||||
/**
|
||||
* Internal used stream logger that does the dirty work
|
||||
*/
|
||||
stream_logger_t *logger;
|
||||
|
||||
/**
|
||||
* Memory stream used for stream_logger
|
||||
*/
|
||||
FILE *stream;
|
||||
|
||||
/**
|
||||
* Underlying buffer for stream
|
||||
*/
|
||||
char buffer[4096];
|
||||
};
|
||||
|
||||
|
||||
/**
|
||||
* Implementation of bus_listener_t.signal.
|
||||
*/
|
||||
static void signal_(private_sys_logger_t *this, int thread, ike_sa_t* ike_sa,
|
||||
signal_t signal, level_t level,
|
||||
char *format, va_list args)
|
||||
{
|
||||
char line[512];
|
||||
char *prefix;
|
||||
FILE *reader;
|
||||
|
||||
switch (signal)
|
||||
{
|
||||
case SIG_IKE_UP:
|
||||
case SIG_IKE_DOWN:
|
||||
case SIG_IKE_REKEY:
|
||||
case SIG_DBG_IKE:
|
||||
prefix = "IKE";
|
||||
break;
|
||||
case SIG_DBG_CHD:
|
||||
prefix = "CHD";
|
||||
break;
|
||||
case SIG_DBG_JOB:
|
||||
prefix = "JOG";
|
||||
break;
|
||||
case SIG_DBG_CFG:
|
||||
prefix = "CFG";
|
||||
break;
|
||||
case SIG_DBG_KNL:
|
||||
prefix = "KNL";
|
||||
break;
|
||||
case SIG_DBG_NET:
|
||||
prefix = "NET";
|
||||
break;
|
||||
case SIG_DBG_ENC:
|
||||
prefix = "ENC";
|
||||
break;
|
||||
default:
|
||||
prefix = "???";
|
||||
break;
|
||||
}
|
||||
|
||||
flockfile(this->stream);
|
||||
/* reset memory stream */
|
||||
rewind(this->stream);
|
||||
memset(this->buffer, '\0', sizeof(this->buffer));
|
||||
/* log to memstream */
|
||||
this->logger->listener.signal(&this->logger->listener, thread, ike_sa,
|
||||
signal, level, format, args);
|
||||
/* flush is needed to append a '\0' */
|
||||
fflush(this->stream);
|
||||
|
||||
/* create a reader stream that reads out line by line */
|
||||
reader = fmemopen(this->buffer, sizeof(this->buffer), "r");
|
||||
|
||||
while (fgets(line, sizeof(line), reader))
|
||||
{
|
||||
if (line[0] == '\0')
|
||||
{
|
||||
/* abort on EOF */
|
||||
break;
|
||||
}
|
||||
else if (line[0] != '\n')
|
||||
{
|
||||
syslog(this->facility|LOG_INFO, "%.2d[%s] %s", thread, prefix, line);
|
||||
}
|
||||
}
|
||||
fclose(reader);
|
||||
funlockfile(this->stream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of sys_logger_t.set_level.
|
||||
*/
|
||||
static void set_level(private_sys_logger_t *this, signal_t signal, level_t max)
|
||||
{
|
||||
this->logger->set_level(this->logger, signal, max);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of sys_logger_t.destroy.
|
||||
*/
|
||||
static void destroy(private_sys_logger_t *this)
|
||||
{
|
||||
closelog();
|
||||
fclose(this->stream);
|
||||
this->logger->destroy(this->logger);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header.
|
||||
*/
|
||||
sys_logger_t *sys_logger_create(int facility)
|
||||
{
|
||||
private_sys_logger_t *this = malloc_thing(private_sys_logger_t);
|
||||
|
||||
/* public functions */
|
||||
this->public.listener.signal = (void(*)(bus_listener_t*,int,ike_sa_t*,signal_t,level_t,char*,va_list))signal_;
|
||||
this->public.set_level = (void(*)(sys_logger_t*,signal_t,level_t))set_level;
|
||||
this->public.destroy = (void(*)(sys_logger_t*))destroy;
|
||||
|
||||
/* private variables */
|
||||
this->facility = facility;
|
||||
this->stream = fmemopen(this->buffer, sizeof(this->buffer), "w");
|
||||
if (this->stream == NULL)
|
||||
{
|
||||
/* fallback to stderr */
|
||||
this->stream = stderr;
|
||||
}
|
||||
this->logger = stream_logger_create(this->stream);
|
||||
|
||||
return &this->public;
|
||||
}
|
|
@ -0,0 +1,76 @@
|
|||
/**
|
||||
* @file sys_logger.h
|
||||
*
|
||||
* @brief Interface of sys_logger_t.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#ifndef SYS_LOGGER_H_
|
||||
#define SYS_LOGGER_H_
|
||||
|
||||
#include <syslog.h>
|
||||
|
||||
#include <bus/bus.h>
|
||||
|
||||
|
||||
typedef struct sys_logger_t sys_logger_t;
|
||||
|
||||
/**
|
||||
* @brief Logger for syslog which implements bus_listener_t.
|
||||
*
|
||||
* @b Constructors:
|
||||
* - sys_logger_create()
|
||||
*
|
||||
* @ingroup listeners
|
||||
*/
|
||||
struct sys_logger_t {
|
||||
|
||||
/**
|
||||
* Implements the bus_listener_t interface.
|
||||
*/
|
||||
bus_listener_t listener;
|
||||
|
||||
/**
|
||||
* @brief Set the loglevel for a signal type.
|
||||
*
|
||||
* @param this stream_logger_t object
|
||||
* @param singal type of signal
|
||||
* @param level max level to log
|
||||
*/
|
||||
void (*set_level) (sys_logger_t *this, signal_t signal, level_t level);
|
||||
|
||||
/**
|
||||
* @brief Destroys a sys_logger_t object.
|
||||
*
|
||||
* @param this sys_logger_t object
|
||||
*/
|
||||
void (*destroy) (sys_logger_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* @brief Constructor to create a sys_logger_t object.
|
||||
*
|
||||
* @param facility syslog facility to use
|
||||
* @return sys_logger_t object
|
||||
*
|
||||
* @ingroup listeners
|
||||
*/
|
||||
sys_logger_t *sys_logger_create(int facility);
|
||||
|
||||
|
||||
#endif /* SYS_LOGGER_H_ */
|
|
@ -74,8 +74,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
|
|||
connection_t *candidate;
|
||||
connection_t *found = NULL;
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "looking for connection for host pair %s...%s",
|
||||
my_host->get_string(my_host), other_host->get_string(other_host));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"looking for connection for host pair %H...%H",
|
||||
my_host, other_host);
|
||||
|
||||
pthread_mutex_lock(&(this->mutex));
|
||||
iterator = this->connections->create_iterator(this->connections, TRUE);
|
||||
|
@ -106,10 +107,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
|
|||
}
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2,
|
||||
"candidate connection \"%s\": %s...%s (prio=%d)",
|
||||
"candidate connection \"%s\": %H...%H (prio=%d)",
|
||||
candidate->get_name(candidate),
|
||||
candidate_my_host->get_string(candidate_my_host),
|
||||
candidate_other_host->get_string(candidate_other_host),
|
||||
candidate_my_host, candidate_other_host,
|
||||
prio);
|
||||
|
||||
if (prio > best_prio)
|
||||
|
@ -127,10 +127,9 @@ static connection_t *get_connection_by_hosts(private_local_connection_store_t *t
|
|||
host_t *found_other_host = found->get_other_host(found);
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"found matching connection \"%s\": %s...%s (prio=%d)",
|
||||
"found matching connection \"%s\": %H...%H (prio=%d)",
|
||||
found->get_name(found),
|
||||
found_my_host->get_string(found_my_host),
|
||||
found_other_host->get_string(found_other_host),
|
||||
found_my_host, found_other_host,
|
||||
best_prio);
|
||||
|
||||
/* give out a new reference to it */
|
||||
|
@ -242,10 +241,8 @@ void log_connections(private_local_connection_store_t *this, logger_t *logger, c
|
|||
host_t *my_host = current->get_my_host(current);
|
||||
host_t *other_host = current->get_other_host(current);
|
||||
|
||||
logger->log(logger, CONTROL, " \"%s\": %s...%s",
|
||||
current->get_name(current),
|
||||
my_host->get_string(my_host),
|
||||
other_host->get_string(other_host));
|
||||
logger->log(logger, CONTROL, " \"%s\": %H...%H",
|
||||
current->get_name(current), my_host, other_host);
|
||||
}
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
|
|
|
@ -504,8 +504,8 @@ static bool verify(private_local_credential_store_t *this, x509_t *cert, bool *f
|
|||
identification_t *subject = cert->get_subject(cert);
|
||||
identification_t *issuer = cert->get_issuer(cert);
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "subject: '%s'", subject->get_string(subject));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "issuer: '%s'", issuer->get_string(issuer));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "subject: '%D'", subject);
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "issuer: '%D'", issuer);
|
||||
|
||||
ugh = cert->is_valid(cert, &until);
|
||||
if (ugh != NULL)
|
||||
|
|
|
@ -116,8 +116,8 @@ static policy_t *get_policy(private_local_policy_store_t *this,
|
|||
policy_t *candidate;
|
||||
policy_t *found = NULL;
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "searching policy for ID pair %s...%s",
|
||||
my_id->get_string(my_id), other_id->get_string(other_id));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"searching policy for ID pair %D...%D", my_id, other_id);
|
||||
|
||||
pthread_mutex_lock(&(this->mutex));
|
||||
iterator = this->policies->create_iterator(this->policies, TRUE);
|
||||
|
@ -151,19 +151,14 @@ static policy_t *get_policy(private_local_policy_store_t *this,
|
|||
{
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2,
|
||||
"candidate '%s' inacceptable due traffic selector mismatch",
|
||||
candidate->get_name(candidate),
|
||||
candidate_my_id->get_string(candidate_my_id),
|
||||
candidate_other_id->get_string(candidate_other_id),
|
||||
prio);
|
||||
candidate->get_name(candidate));
|
||||
continue;
|
||||
}
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2,
|
||||
"candidate policy '%s': %s...%s (prio=%d)",
|
||||
"candidate policy '%s': %D...%D (prio=%d)",
|
||||
candidate->get_name(candidate),
|
||||
candidate_my_id->get_string(candidate_my_id),
|
||||
candidate_other_id->get_string(candidate_other_id),
|
||||
prio);
|
||||
candidate_my_id, candidate_other_id, prio);
|
||||
|
||||
if (prio > best_prio)
|
||||
{
|
||||
|
@ -180,11 +175,9 @@ static policy_t *get_policy(private_local_policy_store_t *this,
|
|||
identification_t *found_other_id = found->get_other_id(found);
|
||||
|
||||
this->logger->log(this->logger, CONTROL,
|
||||
"found matching policy '%s': %s...%s (prio=%d)",
|
||||
"found matching policy '%s': %D...%D (prio=%d)",
|
||||
found->get_name(found),
|
||||
found_my_id->get_string(found_my_id),
|
||||
found_other_id->get_string(found_other_id),
|
||||
best_prio);
|
||||
found_my_id, found_other_id, best_prio);
|
||||
/* give out a new reference to it */
|
||||
found->get_ref(found);
|
||||
}
|
||||
|
|
|
@ -67,37 +67,15 @@ struct private_daemon_t {
|
|||
* The thread_id of main-thread.
|
||||
*/
|
||||
pthread_t main_thread_id;
|
||||
|
||||
/**
|
||||
* Main loop function.
|
||||
*
|
||||
* @param this calling object
|
||||
*/
|
||||
void (*run) (private_daemon_t *this);
|
||||
|
||||
/**
|
||||
* Initialize the daemon.
|
||||
*
|
||||
* @param this calling object
|
||||
* @param strict enforce a strict crl policy
|
||||
*/
|
||||
void (*initialize) (private_daemon_t *this, bool strict);
|
||||
|
||||
/**
|
||||
* Destroy the daemon.
|
||||
*
|
||||
* @param this calling object
|
||||
*/
|
||||
void (*destroy) (private_daemon_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
/**
|
||||
* One and only instance of the daemon.
|
||||
*/
|
||||
daemon_t *charon;
|
||||
|
||||
/**
|
||||
* Implementation of private_daemon_t.run.
|
||||
* Run the daemon and handle unix signals
|
||||
*/
|
||||
static void run(private_daemon_t *this)
|
||||
{
|
||||
|
@ -144,7 +122,47 @@ static void run(private_daemon_t *this)
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of daemon_t.kill.
|
||||
* Clean up all daemon resources
|
||||
*/
|
||||
static void destroy(private_daemon_t *this)
|
||||
{
|
||||
/* destruction is a non trivial task, we need to follow
|
||||
* a strict order to prevent threading issues!
|
||||
* Kill active threads first, except the sender, as
|
||||
* the killed IKE_SA want to send delete messages.
|
||||
*/
|
||||
/* we don't want to receive anything anymore... */
|
||||
DESTROY_IF(this->public.receiver);
|
||||
/* ignore all incoming user requests */
|
||||
DESTROY_IF(this->public.stroke);
|
||||
/* stop scheduing jobs */
|
||||
DESTROY_IF(this->public.scheduler);
|
||||
/* stop processing jobs */
|
||||
DESTROY_IF(this->public.thread_pool);
|
||||
/* shut down manager with all IKE SAs */
|
||||
DESTROY_IF(this->public.ike_sa_manager);
|
||||
/* all child SAs should be down now, so kill kernel interface */
|
||||
DESTROY_IF(this->public.kernel_interface);
|
||||
/* destroy other infrastructure */
|
||||
DESTROY_IF(this->public.bus);
|
||||
DESTROY_IF(this->public.outlog);
|
||||
DESTROY_IF(this->public.syslog);
|
||||
DESTROY_IF(this->public.job_queue);
|
||||
DESTROY_IF(this->public.event_queue);
|
||||
DESTROY_IF(this->public.configuration);
|
||||
DESTROY_IF(this->public.credentials);
|
||||
DESTROY_IF(this->public.connections);
|
||||
DESTROY_IF(this->public.policies);
|
||||
/* we hope the sender could send the outstanding deletes, but
|
||||
* we shut down here at any cost */
|
||||
DESTROY_IF(this->public.sender);
|
||||
DESTROY_IF(this->public.send_queue);
|
||||
DESTROY_IF(this->public.socket);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* Enforce daemon shutdown, with a given reason to do so.
|
||||
*/
|
||||
static void kill_daemon(private_daemon_t *this, char *reason)
|
||||
{
|
||||
|
@ -153,7 +171,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
|
|||
if (this->main_thread_id == pthread_self())
|
||||
{
|
||||
/* initialization failed, terminate daemon */
|
||||
this->destroy(this);
|
||||
destroy(this);
|
||||
unlink(PID_FILE);
|
||||
exit(-1);
|
||||
}
|
||||
|
@ -167,7 +185,7 @@ static void kill_daemon(private_daemon_t *this, char *reason)
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of private_daemon_t.initialize.
|
||||
* Initialize the daemon, optional with a strict crl policy
|
||||
*/
|
||||
static void initialize(private_daemon_t *this, bool strict)
|
||||
{
|
||||
|
@ -182,6 +200,11 @@ static void initialize(private_daemon_t *this, bool strict)
|
|||
this->public.job_queue = job_queue_create();
|
||||
this->public.event_queue = event_queue_create();
|
||||
this->public.send_queue = send_queue_create();
|
||||
this->public.bus = bus_create();
|
||||
this->public.outlog = file_logger_create(stdout);
|
||||
this->public.bus->add_listener(this->public.bus, &this->public.outlog->listener);
|
||||
this->public.syslog = sys_logger_create(LOG_DAEMON);
|
||||
this->public.bus->add_listener(this->public.bus, &this->public.syslog->listener);
|
||||
this->public.connections = (connection_store_t*)local_connection_store_create();
|
||||
this->public.policies = (policy_store_t*)local_policy_store_create();
|
||||
this->public.credentials = (credential_store_t*)local_credential_store_create(strict);
|
||||
|
@ -202,42 +225,8 @@ static void initialize(private_daemon_t *this, bool strict)
|
|||
}
|
||||
|
||||
/**
|
||||
* Destory all initiated objects
|
||||
* Handle SIGSEGV/SIGILL signals raised by threads
|
||||
*/
|
||||
static void destroy(private_daemon_t *this)
|
||||
{
|
||||
/* destruction is a non trivial task, we need to follow
|
||||
* a strict order to prevent threading issues!
|
||||
* Kill active threads first, except the sender, as
|
||||
* the killed IKE_SA want to send delete messages.
|
||||
*/
|
||||
/* we don't want to receive anything anymore... */
|
||||
DESTROY_IF(this->public.receiver);
|
||||
/* ignore all incoming user requests */
|
||||
DESTROY_IF(this->public.stroke);
|
||||
/* stop scheduing jobs */
|
||||
DESTROY_IF(this->public.scheduler);
|
||||
/* stop processing jobs */
|
||||
DESTROY_IF(this->public.thread_pool);
|
||||
/* shut down manager with all IKE SAs */
|
||||
DESTROY_IF(this->public.ike_sa_manager);
|
||||
/* all child SAs should be down now, so kill kernel interface */
|
||||
DESTROY_IF(this->public.kernel_interface);
|
||||
/* destroy other infrastructure */
|
||||
DESTROY_IF(this->public.job_queue);
|
||||
DESTROY_IF(this->public.event_queue);
|
||||
DESTROY_IF(this->public.configuration);
|
||||
DESTROY_IF(this->public.credentials);
|
||||
DESTROY_IF(this->public.connections);
|
||||
DESTROY_IF(this->public.policies);
|
||||
/* we hope the sender could send the outstanding deletes, but
|
||||
* we shut down here at any cost */
|
||||
DESTROY_IF(this->public.sender);
|
||||
DESTROY_IF(this->public.send_queue);
|
||||
DESTROY_IF(this->public.socket);
|
||||
free(this);
|
||||
}
|
||||
|
||||
void signal_handler(int signal)
|
||||
{
|
||||
void *array[20];
|
||||
|
@ -265,9 +254,7 @@ void signal_handler(int signal)
|
|||
}
|
||||
|
||||
/**
|
||||
* @brief Create the daemon.
|
||||
*
|
||||
* @return created daemon_t
|
||||
* Create the daemon.
|
||||
*/
|
||||
private_daemon_t *daemon_create(void)
|
||||
{
|
||||
|
@ -275,9 +262,6 @@ private_daemon_t *daemon_create(void)
|
|||
struct sigaction action;
|
||||
|
||||
/* assign methods */
|
||||
this->run = run;
|
||||
this->destroy = destroy;
|
||||
this->initialize = initialize;
|
||||
this->public.kill = (void (*) (daemon_t*,char*))kill_daemon;
|
||||
|
||||
/* NULL members for clean destruction */
|
||||
|
@ -296,6 +280,9 @@ private_daemon_t *daemon_create(void)
|
|||
this->public.kernel_interface = NULL;
|
||||
this->public.thread_pool = NULL;
|
||||
this->public.stroke = NULL;
|
||||
this->public.bus = NULL;
|
||||
this->public.outlog = NULL;
|
||||
this->public.syslog = NULL;
|
||||
|
||||
this->main_thread_id = pthread_self();
|
||||
|
||||
|
@ -322,6 +309,9 @@ private_daemon_t *daemon_create(void)
|
|||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* print command line usage and exit
|
||||
*/
|
||||
static void usage(const char *msg)
|
||||
{
|
||||
if (msg != NULL && *msg != '\0')
|
||||
|
@ -396,14 +386,14 @@ int main(int argc, char *argv[])
|
|||
"Starting Charon (strongSwan Version %s)", VERSION);
|
||||
|
||||
/* initialize daemon */
|
||||
private_charon->initialize(private_charon, strict_crl_policy);
|
||||
initialize(private_charon, strict_crl_policy);
|
||||
|
||||
/* check/setup PID file */
|
||||
if (stat(PID_FILE, &stb) == 0)
|
||||
{
|
||||
private_charon->logger->log(private_charon->logger, ERROR,
|
||||
"charon already running (\""PID_FILE"\" exists)");
|
||||
private_charon->destroy(private_charon);
|
||||
destroy(private_charon);
|
||||
exit(-1);
|
||||
}
|
||||
pid_file = fopen(PID_FILE, "w");
|
||||
|
@ -420,19 +410,17 @@ int main(int argc, char *argv[])
|
|||
while (list->remove_first(list, (void**)&host) == SUCCESS)
|
||||
{
|
||||
private_charon->logger->log(private_charon->logger, CONTROL,
|
||||
" %s", host->get_string(host));
|
||||
" %H", host);
|
||||
host->destroy(host);
|
||||
}
|
||||
list->destroy(list);
|
||||
|
||||
/* run daemon */
|
||||
private_charon->run(private_charon);
|
||||
run(private_charon);
|
||||
|
||||
/* normal termination, cleanup and exit */
|
||||
private_charon->destroy(private_charon);
|
||||
destroy(private_charon);
|
||||
unlink(PID_FILE);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -32,6 +32,9 @@
|
|||
#include <threads/thread_pool.h>
|
||||
#include <threads/stroke_interface.h>
|
||||
#include <network/socket.h>
|
||||
#include <bus/bus.h>
|
||||
#include <bus/listeners/file_logger.h>
|
||||
#include <bus/listeners/sys_logger.h>
|
||||
#include <sa/ike_sa_manager.h>
|
||||
#include <queues/send_queue.h>
|
||||
#include <queues/job_queue.h>
|
||||
|
@ -175,9 +178,17 @@
|
|||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup bus bus
|
||||
*
|
||||
* Signaling bus and its listeners.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* Name of the daemon.
|
||||
*
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
#define DAEMON_NAME "charon"
|
||||
|
@ -336,6 +347,21 @@ struct daemon_t {
|
|||
*/
|
||||
thread_pool_t *thread_pool;
|
||||
|
||||
/**
|
||||
* The signaling bus.
|
||||
*/
|
||||
bus_t *bus;
|
||||
|
||||
/**
|
||||
* A bus listener logging to stdout
|
||||
*/
|
||||
file_logger_t *outlog;
|
||||
|
||||
/**
|
||||
* A bus listener logging to syslog
|
||||
*/
|
||||
sys_logger_t *syslog;
|
||||
|
||||
/**
|
||||
* Kernel Interface to communicate with kernel
|
||||
*/
|
||||
|
|
|
@ -204,9 +204,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
|
|||
pkt->set_source(pkt, source);
|
||||
pkt->set_destination(pkt, dest);
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"received packet: from %s[%d] to %s[%d]",
|
||||
source->get_string(source), source->get_port(source),
|
||||
dest->get_string(dest), dest->get_port(dest));
|
||||
"received packet: from %#H to %#H", source, dest);
|
||||
data_offset = IP_LEN + UDP_LEN;
|
||||
/* remove non esp marker */
|
||||
if (dest->get_port(dest) == this->natt_port)
|
||||
|
@ -297,9 +295,7 @@ static status_t receiver(private_socket_t *this, packet_t **packet)
|
|||
pkt->set_source(pkt, source);
|
||||
pkt->set_destination(pkt, dest);
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"received packet: from %s[%d] to %s[%d]",
|
||||
source->get_string(source), source->get_port(source),
|
||||
dest->get_string(dest), dest->get_port(dest));
|
||||
"received packet: from %#H to %#H", source, dest);
|
||||
data_offset = UDP_LEN;
|
||||
/* remove non esp marker */
|
||||
if (dest->get_port(dest) == this->natt_port)
|
||||
|
@ -337,9 +333,8 @@ status_t sender(private_socket_t *this, packet_t *packet)
|
|||
dst = packet->get_destination(packet);
|
||||
data = packet->get_data(packet);
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "sending packet: from %s[%d] to %s[%d]",
|
||||
src->get_string(src), src->get_port(src),
|
||||
dst->get_string(dst), dst->get_port(dst));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"sending packet: from %#H to %#H", src, dst);
|
||||
|
||||
/* send data */
|
||||
sport = src->get_port(src);
|
||||
|
@ -575,6 +570,7 @@ static int open_send_socket(private_socket_t *this, int family, u_int16_t port)
|
|||
policy.sadb_x_policy_dir = IPSEC_DIR_OUTBOUND;
|
||||
policy.sadb_x_policy_reserved = 0;
|
||||
policy.sadb_x_policy_id = 0;
|
||||
policy.sadb_x_policy_priority = 0;
|
||||
|
||||
if (setsockopt(skt, ip_proto, ipsec_policy, &policy, sizeof(policy)) < 0)
|
||||
{
|
||||
|
@ -729,6 +725,7 @@ static int open_recv_socket(private_socket_t *this, int family)
|
|||
policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
|
||||
policy.sadb_x_policy_reserved = 0;
|
||||
policy.sadb_x_policy_id = 0;
|
||||
policy.sadb_x_policy_priority = 0;
|
||||
|
||||
if (setsockopt(skt, ip_proto, ipsec_policy, &policy, sizeof(policy)) < 0)
|
||||
{
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
/**
|
||||
* @file delete_child_sa_job.c
|
||||
*
|
||||
*
|
||||
* @brief Implementation of delete_child_sa_job_t.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -32,6 +32,7 @@ typedef struct private_delete_child_sa_job_t private_delete_child_sa_job_t;
|
|||
*/
|
||||
struct private_delete_child_sa_job_t {
|
||||
/**
|
||||
|
||||
* Public delete_child_sa_job_t interface.
|
||||
*/
|
||||
delete_child_sa_job_t public;
|
||||
|
|
|
@ -113,9 +113,8 @@ static status_t execute(private_incoming_packet_job_t *this)
|
|||
message = message_create_from_packet(this->packet->clone(this->packet));
|
||||
src = message->get_source(message);
|
||||
dst = message->get_destination(message);
|
||||
this->logger->log(this->logger, CONTROL, "received packet: from %s[%d] to %s[%d]",
|
||||
src->get_string(src), src->get_port(src),
|
||||
dst->get_string(dst), dst->get_port(dst));
|
||||
this->logger->log(this->logger, CONTROL,
|
||||
"received packet: from %#H to %#H", src, dst);
|
||||
|
||||
status = message->parse_header(message);
|
||||
if (status != SUCCESS)
|
||||
|
|
|
@ -111,9 +111,8 @@ static void add(private_send_queue_t *this, packet_t *packet)
|
|||
|
||||
src = packet->get_source(packet);
|
||||
dst = packet->get_destination(packet);
|
||||
this->logger->log(this->logger, CONTROL, "sending packet: from %s[%d] to %s[%d]",
|
||||
src->get_string(src), src->get_port(src),
|
||||
dst->get_string(dst), dst->get_port(dst));
|
||||
this->logger->log(this->logger, CONTROL,
|
||||
"sending packet: from %#H to %#H", src, dst);
|
||||
|
||||
pthread_mutex_lock(&this->mutex);
|
||||
this->list->insert_last(this->list, packet);
|
||||
|
|
|
@ -220,8 +220,9 @@ static status_t verify_auth_data (private_authenticator_t *this,
|
|||
&shared_key);
|
||||
if (status != SUCCESS)
|
||||
{
|
||||
this->logger->log(this->logger, ERROR, "no shared key found for '%s' and '%s'",
|
||||
my_id->get_string(my_id), other_id->get_string(other_id));
|
||||
this->logger->log(this->logger, ERROR,
|
||||
"no shared key found for '%D' - '%D'",
|
||||
my_id, other_id);
|
||||
chunk_free(&shared_key);
|
||||
break;
|
||||
}
|
||||
|
@ -234,7 +235,9 @@ static status_t verify_auth_data (private_authenticator_t *this,
|
|||
shared_key);
|
||||
chunk_free(&shared_key);
|
||||
|
||||
status = (auth_data.len == my_auth_data.len && memeq(auth_data.ptr, my_auth_data.ptr, my_auth_data.len))
|
||||
|
||||
status = (auth_data.len == my_auth_data.len &&
|
||||
memeq(auth_data.ptr, my_auth_data.ptr, my_auth_data.len))
|
||||
? SUCCESS : FAILED;
|
||||
chunk_free(&my_auth_data);
|
||||
break;
|
||||
|
@ -248,8 +251,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
|
|||
|
||||
if (public_key == NULL)
|
||||
{
|
||||
this->logger->log(this->logger, ERROR, "no RSA public key found for '%s'",
|
||||
other_id->get_string(other_id));
|
||||
this->logger->log(this->logger, ERROR,
|
||||
"no RSA public key found for '%D'", other_id);
|
||||
status = NOT_FOUND;
|
||||
break;
|
||||
}
|
||||
|
@ -266,9 +269,8 @@ static status_t verify_auth_data (private_authenticator_t *this,
|
|||
}
|
||||
}
|
||||
|
||||
this->logger->log(this->logger, CONTROL, "authentication of '%s' with %s %s",
|
||||
other_id->get_string(other_id),
|
||||
enum_name(&auth_method_names, auth_method),
|
||||
this->logger->log(this->logger, CONTROL, "authentication of '%D' with %s %s",
|
||||
other_id, enum_name(&auth_method_names, auth_method),
|
||||
(status == SUCCESS)? "successful":"failed");
|
||||
return status;
|
||||
}
|
||||
|
@ -284,9 +286,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
|
|||
identification_t *other_id,
|
||||
bool initiator)
|
||||
{
|
||||
this->logger->log(this->logger, CONTROL, "authentication of '%s' with %s (myself)",
|
||||
my_id->get_string(my_id),
|
||||
enum_name(&auth_method_names, this->auth_method));
|
||||
this->logger->log(this->logger, CONTROL,
|
||||
"authentication of '%D' with %s (myself)",
|
||||
my_id, enum_name(&auth_method_names, this->auth_method));
|
||||
|
||||
switch (this->auth_method)
|
||||
{
|
||||
|
@ -302,8 +304,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
|
|||
|
||||
if (status != SUCCESS)
|
||||
{
|
||||
this->logger->log(this->logger, ERROR, "no shared key found for '%s' and '%s'",
|
||||
my_id->get_string(my_id), other_id->get_string(other_id));
|
||||
this->logger->log(this->logger, ERROR,
|
||||
"no shared key found for '%D' - '%D'",
|
||||
my_id, other_id);
|
||||
return status;
|
||||
}
|
||||
|
||||
|
@ -330,14 +333,15 @@ static status_t compute_auth_data (private_authenticator_t *this,
|
|||
rsa_public_key_t *my_pubkey;
|
||||
rsa_private_key_t *my_key;
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, "looking for RSA public key belonging to '%s'",
|
||||
my_id->get_string(my_id));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"looking for RSA public key belonging to '%D'",
|
||||
my_id);
|
||||
|
||||
my_pubkey = charon->credentials->get_rsa_public_key(charon->credentials, my_id);
|
||||
if (my_pubkey == NULL)
|
||||
{
|
||||
this->logger->log(this->logger, ERROR, "no RSA public key found for '%s'",
|
||||
my_id->get_string(my_id));
|
||||
this->logger->log(this->logger, ERROR,
|
||||
"no RSA public key found for '%D'", my_id);
|
||||
return NOT_FOUND;
|
||||
}
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2, "matching RSA public key found");
|
||||
|
@ -351,8 +355,9 @@ static status_t compute_auth_data (private_authenticator_t *this,
|
|||
char buf[BUF_LEN];
|
||||
|
||||
chunk_to_hex(buf, BUF_LEN, my_pubkey->get_keyid(my_pubkey));
|
||||
this->logger->log(this->logger, ERROR, "no RSA private key found with for %s with keyid %s",
|
||||
my_id->get_string(my_id), buf);
|
||||
this->logger->log(this->logger, ERROR,
|
||||
"no RSA private key found with for %D with keyid %s",
|
||||
my_id, buf);
|
||||
return NOT_FOUND;
|
||||
}
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2, "matching RSA private key found");
|
||||
|
|
|
@ -296,15 +296,15 @@ static void updown(private_child_sa_t *this, bool up)
|
|||
"PLUTO_CONNECTION='%s' "
|
||||
"PLUTO_INTERFACE='%s' "
|
||||
"PLUTO_REQID='%u' "
|
||||
"PLUTO_ME='%s' "
|
||||
"PLUTO_MY_ID='%s' "
|
||||
"PLUTO_ME='%H' "
|
||||
"PLUTO_MY_ID='%D' "
|
||||
"PLUTO_MY_CLIENT='%s/%s' "
|
||||
"PLUTO_MY_CLIENT_NET='%s' "
|
||||
"PLUTO_MY_CLIENT_MASK='%s' "
|
||||
"PLUTO_MY_PORT='%u' "
|
||||
"PLUTO_MY_PROTOCOL='%u' "
|
||||
"PLUTO_PEER='%s' "
|
||||
"PLUTO_PEER_ID='%s' "
|
||||
"PLUTO_PEER='%H' "
|
||||
"PLUTO_PEER_ID='%D' "
|
||||
"PLUTO_PEER_CLIENT='%s/%s' "
|
||||
"PLUTO_PEER_CLIENT_NET='%s' "
|
||||
"PLUTO_PEER_CLIENT_MASK='%s' "
|
||||
|
@ -313,20 +313,20 @@ static void updown(private_child_sa_t *this, bool up)
|
|||
"%s"
|
||||
"%s",
|
||||
up ? "up" : "down",
|
||||
streq(this->me.addr->get_string(this->me.addr),
|
||||
my_client) ? "-host" : "-client",
|
||||
/* TODO: fix it: streq(this->me.addr->get_string(this->me.addr),
|
||||
my_client) ? "-host" :*/ "-client",
|
||||
this->me.addr->get_family(this->me.addr) == AF_INET ? "" : "-ipv6",
|
||||
this->name,
|
||||
ifname,
|
||||
this->reqid,
|
||||
this->me.addr->get_string(this->me.addr),
|
||||
this->me.id->get_string(this->me.id),
|
||||
this->me.addr,
|
||||
this->me.id,
|
||||
my_client, my_client_mask,
|
||||
my_client, my_client_mask,
|
||||
policy->my_ts->get_from_port(policy->my_ts),
|
||||
policy->my_ts->get_protocol(policy->my_ts),
|
||||
this->other.addr->get_string(this->other.addr),
|
||||
this->other.id->get_string(this->other.id),
|
||||
this->other.addr,
|
||||
this->other.id,
|
||||
other_client, other_client_mask,
|
||||
other_client, other_client_mask,
|
||||
policy->other_ts->get_from_port(policy->other_ts),
|
||||
|
@ -548,8 +548,8 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus
|
|||
|
||||
/* send SA down to the kernel */
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2,
|
||||
" SPI 0x%.8x, src %s dst %s",
|
||||
ntohl(spi), src->get_string(src), dst->get_string(dst));
|
||||
" SPI 0x%.8x, src %H dst %H",
|
||||
ntohl(spi), src, dst);
|
||||
status = charon->kernel_interface->add_sa(charon->kernel_interface,
|
||||
src, dst,
|
||||
spi, this->protocol,
|
||||
|
@ -937,12 +937,9 @@ static status_t update_sa_hosts(private_child_sa_t *this, host_t *new_me, host_t
|
|||
}
|
||||
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"updating %s SA 0x%x, from %s:%d..%s:%d to %s:%d..%s:%d",
|
||||
"updating %s SA 0x%x, from %#H..#H to %#H..%#H",
|
||||
mapping_find(protocol_id_m, this->protocol), ntohl(spi),
|
||||
src->get_string(src), src->get_port(src),
|
||||
dst->get_string(dst), dst->get_port(dst),
|
||||
new_src->get_string(new_src), new_src->get_port(new_src),
|
||||
new_dst->get_string(new_dst), new_dst->get_port(new_dst));
|
||||
src, dst, new_src, new_dst);
|
||||
|
||||
status = charon->kernel_interface->update_sa(charon->kernel_interface,
|
||||
dst, spi, this->protocol,
|
||||
|
|
|
@ -1363,11 +1363,9 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state)
|
|||
if (state == IKE_ESTABLISHED)
|
||||
{
|
||||
this->time.established = time(NULL);
|
||||
this->logger->log(this->logger, AUDIT, "IKE_SA established: %s[%s]...%s[%s]",
|
||||
this->my_host->get_string(this->my_host),
|
||||
this->my_id->get_string(this->my_id),
|
||||
this->other_host->get_string(this->other_host),
|
||||
this->other_id->get_string(this->other_id));
|
||||
this->logger->log(this->logger, AUDIT, "IKE_SA established: %H[%D]...%H[%D]",
|
||||
this->my_host, this->my_id,
|
||||
this->other_host, this->other_id);
|
||||
/* start DPD checks */
|
||||
send_dpd(this);
|
||||
}
|
||||
|
@ -1784,11 +1782,9 @@ static status_t rekey(private_ike_sa_t *this)
|
|||
rekey_ike_sa_t *rekey_ike_sa;
|
||||
|
||||
this->logger->log(this->logger, CONTROL,
|
||||
"rekeying IKE_SA between %s[%s]..%s[%s]",
|
||||
this->my_host->get_string(this->my_host),
|
||||
this->my_id->get_string(this->my_id),
|
||||
this->other_host->get_string(this->other_host),
|
||||
this->other_id->get_string(this->other_id));
|
||||
"rekeying IKE_SA between: %H[%D]...%H[%D]",
|
||||
this->my_host, this->my_id,
|
||||
this->other_host, this->other_id);
|
||||
|
||||
if (this->state != IKE_ESTABLISHED)
|
||||
{
|
||||
|
@ -1869,12 +1865,9 @@ static void log_status(private_ike_sa_t *this, logger_t *logger, char *name)
|
|||
mapping_find(ike_sa_state_m, this->state),
|
||||
this->ike_sa_id->get_initiator_spi(this->ike_sa_id),
|
||||
this->ike_sa_id->get_responder_spi(this->ike_sa_id));
|
||||
logger->log(logger, CONTROL, " \"%s\": %s[%s]...%s[%s]",
|
||||
this->name,
|
||||
this->my_host->get_string(this->my_host),
|
||||
this->my_id->get_string(this->my_id),
|
||||
this->other_host->get_string(this->other_host),
|
||||
this->other_id->get_string(this->other_id));
|
||||
logger->log(logger, CONTROL, " \"%s\": %H[%D]...%H[%D]",
|
||||
this->name, this->my_host, this->my_id,
|
||||
this->other_host, this->other_id);
|
||||
|
||||
iterator = this->child_sas->create_iterator(this->child_sas, TRUE);
|
||||
while (iterator->has_next(iterator))
|
||||
|
@ -1995,11 +1988,9 @@ static void destroy(private_ike_sa_t *this)
|
|||
DESTROY_IF(this->prf_auth_r);
|
||||
|
||||
this->logger->log(this->logger, AUDIT,
|
||||
"IKE_SA deleted between %s[%s]...%s[%s]",
|
||||
this->my_host->get_string(this->my_host),
|
||||
this->my_id->get_string(this->my_id),
|
||||
this->other_host->get_string(this->other_host),
|
||||
this->other_id->get_string(this->other_id));
|
||||
"IKE_SA deleted between: %H[%D]...%H[%D]",
|
||||
this->my_host, this->my_id,
|
||||
this->other_host, this->other_id);
|
||||
|
||||
DESTROY_IF(this->my_host);
|
||||
DESTROY_IF(this->other_host);
|
||||
|
|
|
@ -385,9 +385,8 @@ static ike_sa_t* checkout_by_id(private_ike_sa_manager_t *this,
|
|||
{
|
||||
/* looks good, we take this one */
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"found an existing IKE_SA for %s[%s]...%s[%s]",
|
||||
my_host->get_string(my_host), other_host->get_string(other_host),
|
||||
my_id->get_string(my_id), other_id->get_string(other_id));
|
||||
"found an existing IKE_SA for %H[%D]...%H[%D]",
|
||||
my_host, other_host, my_id, other_id);
|
||||
entry->checked_out = TRUE;
|
||||
ike_sa = entry->ike_sa;
|
||||
}
|
||||
|
@ -417,13 +416,12 @@ static ike_sa_t* checkout_by_id(private_ike_sa_manager_t *this,
|
|||
|
||||
/* check ike_sa out */
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1,
|
||||
"new IKE_SA created for IDs %s - %s",
|
||||
my_id->get_string(my_id), other_id->get_string(other_id));
|
||||
"new IKE_SA created for IDs %D - %D", my_id, other_id);
|
||||
new_ike_sa_entry->checked_out = TRUE;
|
||||
ike_sa = new_ike_sa_entry->ike_sa;
|
||||
}
|
||||
pthread_mutex_unlock(&(this->mutex));
|
||||
|
||||
SIG_SA(ike_sa);
|
||||
return ike_sa;
|
||||
}
|
||||
|
||||
|
@ -540,6 +538,8 @@ static ike_sa_t* checkout(private_ike_sa_manager_t *this, ike_sa_id_t *ike_sa_id
|
|||
}
|
||||
|
||||
pthread_mutex_unlock(&(this->mutex));
|
||||
|
||||
SIG_SA(ike_sa);
|
||||
return ike_sa;
|
||||
}
|
||||
|
||||
|
@ -575,6 +575,7 @@ static ike_sa_t* checkout_by_child(private_ike_sa_manager_t *this,
|
|||
iterator->destroy(iterator);
|
||||
pthread_mutex_unlock(&(this->mutex));
|
||||
|
||||
SIG_SA(ike_sa);
|
||||
return ike_sa;
|
||||
}
|
||||
|
||||
|
@ -679,6 +680,8 @@ static status_t checkin(private_ike_sa_manager_t *this, ike_sa_t *ike_sa)
|
|||
this->logger->log(this->logger, CONTROL|LEVEL2, "%d IKE_SAs in manager now",
|
||||
this->ike_sa_list->get_count(this->ike_sa_list));
|
||||
pthread_mutex_unlock(&(this->mutex));
|
||||
|
||||
SIG_SA(NULL);
|
||||
return retval;
|
||||
}
|
||||
|
||||
|
@ -725,6 +728,7 @@ static status_t checkin_and_destroy(private_ike_sa_manager_t *this, ike_sa_t *ik
|
|||
}
|
||||
|
||||
pthread_mutex_unlock(&(this->mutex));
|
||||
SIG_SA(NULL);
|
||||
return retval;
|
||||
}
|
||||
|
||||
|
|
|
@ -694,8 +694,8 @@ static status_t get_response(private_ike_auth_t *this, message_t *request,
|
|||
if (this->policy == NULL)
|
||||
{
|
||||
this->logger->log(this->logger, AUDIT,
|
||||
"no acceptable policy for IDs %s - %s found, deleting IKE_SA",
|
||||
my_id->get_string(my_id), other_id->get_string(other_id));
|
||||
"no acceptable policy for IDs %D - %D found, deleting IKE_SA",
|
||||
my_id, other_id);
|
||||
my_id->destroy(my_id);
|
||||
other_id->destroy(other_id);
|
||||
build_notify(AUTHENTICATION_FAILED, response, TRUE);
|
||||
|
@ -939,9 +939,8 @@ static status_t conclude(private_ike_auth_t *this, message_t *response,
|
|||
{
|
||||
other_id->destroy(other_id);
|
||||
this->logger->log(this->logger, AUDIT,
|
||||
"other peer uses unacceptable ID (%s, excepted %s), deleting IKE_SA",
|
||||
other_id->get_string(other_id),
|
||||
configured_other_id->get_string(configured_other_id));
|
||||
"other peer uses unacceptable ID (%D, excepted %D), deleting IKE_SA",
|
||||
other_id, configured_other_id);
|
||||
return DESTROY_ME;
|
||||
}
|
||||
/* update other ID. It was already set, but may contain wildcards */
|
||||
|
|
|
@ -570,8 +570,8 @@ static status_t get_response(private_ike_sa_init_t *this,
|
|||
response->add_payload(response, (payload_t*)notify);
|
||||
|
||||
this->logger->log(this->logger, AUDIT,
|
||||
"no connection for hosts %s...%s found, deleting IKE_SA",
|
||||
me->get_string(me), other->get_string(other));
|
||||
"no connection for hosts %H...%H found, deleting IKE_SA",
|
||||
me, other);
|
||||
return DESTROY_ME;
|
||||
}
|
||||
|
||||
|
|
|
@ -85,7 +85,7 @@ static char certificate_buffer[] = {
|
|||
*/
|
||||
void test_certificate(protected_tester_t *tester)
|
||||
{
|
||||
chunk_t certificate = {certificate_buffer, sizeof(certificate_buffer)};
|
||||
/*chunk_t certificate = {certificate_buffer, sizeof(certificate_buffer)};
|
||||
identification_t *id;
|
||||
x509_t *cert;
|
||||
|
||||
|
@ -95,7 +95,7 @@ void test_certificate(protected_tester_t *tester)
|
|||
id = cert->get_issuer(cert);
|
||||
tester->assert_true(tester, strcmp(id->get_string(id), "C=CH, O=Linux strongSwan, CN=maeno") == 0, "issuer");
|
||||
cert->destroy(cert);
|
||||
/*
|
||||
|
||||
cert = x509_create_from_file("scripts/complex1.der");
|
||||
id = cert->get_subject(cert);
|
||||
printf("Subject: %s\n", id->get_string(id));
|
||||
|
|
|
@ -354,9 +354,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg)
|
|||
{
|
||||
other_ca = identification_create_from_string("%any");
|
||||
}
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2, " my ca: '%s'", my_ca->get_string(my_ca));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2, " other ca:'%s'", other_ca->get_string(other_ca));
|
||||
this->logger->log(this->logger, CONTROL|LEVEL2, " updown:'%s'", msg->add_conn.me.updown);
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, " my ca: '%D'", my_ca);
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, " other ca:'%D'", other_ca);
|
||||
this->logger->log(this->logger, CONTROL|LEVEL1, " updown: '%s'", msg->add_conn.me.updown);
|
||||
|
||||
connection = connection_create(msg->add_conn.name,
|
||||
msg->add_conn.ikev2,
|
||||
|
@ -457,12 +457,9 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg)
|
|||
|
||||
/* add to global connection list */
|
||||
charon->connections->add_connection(charon->connections, connection);
|
||||
this->logger->log(this->logger, CONTROL, "added connection \"%s\": %s[%s]...%s[%s]",
|
||||
msg->add_conn.name,
|
||||
my_host->get_string(my_host),
|
||||
my_id->get_string(my_id),
|
||||
other_host->get_string(other_host),
|
||||
other_id->get_string(other_id));
|
||||
this->logger->log(this->logger, CONTROL,
|
||||
"added connection \"%s\": %H[%D]...%H[%D]", msg->add_conn.name,
|
||||
my_host, my_id, other_host, other_id);
|
||||
/* add to global policy list */
|
||||
charon->policies->add_policy(charon->policies, policy);
|
||||
return;
|
||||
|
@ -633,7 +630,7 @@ static void stroke_status(private_stroke_t *this, stroke_msg_t *msg)
|
|||
while (list->remove_first(list, (void**)&host) == SUCCESS)
|
||||
{
|
||||
this->stroke_logger->log(this->stroke_logger, CONTROL|LEVEL1,
|
||||
" %s", host->get_string(host));
|
||||
" %H", host);
|
||||
host->destroy(host);
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue