parent
6b3292da85
commit
fcfeb3220f
|
@ -3,7 +3,7 @@
|
|||
#---------------------------------------------------------------------------
|
||||
# Project related configuration options
|
||||
#---------------------------------------------------------------------------
|
||||
PROJECT_NAME = "charon - IKEv2 for strongSwan"
|
||||
PROJECT_NAME = "charon"
|
||||
PROJECT_NUMBER = 1.0
|
||||
OUTPUT_DIRECTORY = doc/api
|
||||
CREATE_SUBDIRS = NO
|
||||
|
@ -71,7 +71,7 @@ WARN_LOGFILE =
|
|||
# configuration options related to the input files
|
||||
#---------------------------------------------------------------------------
|
||||
INPUT = ./
|
||||
FILE_PATTERNS = *.h
|
||||
FILE_PATTERNS = *.h *.txt
|
||||
RECURSIVE = YES
|
||||
EXCLUDE =
|
||||
EXCLUDE_SYMLINKS = NO
|
||||
|
@ -88,7 +88,7 @@ FILTER_SOURCE_FILES = NO
|
|||
#---------------------------------------------------------------------------
|
||||
SOURCE_BROWSER = NO
|
||||
INLINE_SOURCES = NO
|
||||
STRIP_CODE_COMMENTS = YES
|
||||
STRIP_CODE_COMMENTS = NO
|
||||
REFERENCED_BY_RELATION = NO
|
||||
REFERENCES_RELATION = NO
|
||||
VERBATIM_HEADERS = YES
|
||||
|
|
|
@ -28,7 +28,7 @@ BINNAMELIB= $(BUILD_DIR)libstrongswan.so
|
|||
MAIN_DIR= ./
|
||||
|
||||
CFLAGS= -Icharon -Ilib -Istroke -fPIC -Wall -g -DLEAK_DETECTIVE
|
||||
# CFLAGS= -Icharon -Ilib -Istroke -fPIC -O3
|
||||
#CFLAGS= -Icharon -Ilib -Istroke -fPIC -O3
|
||||
|
||||
# objects is extended by each included Makefile
|
||||
CHARON_OBJS=
|
||||
|
|
|
@ -156,7 +156,7 @@ struct connection_t {
|
|||
linked_list_t *(*get_proposals) (connection_t *this);
|
||||
|
||||
/**
|
||||
* @brief Adds a proposal to the list..
|
||||
* @brief Adds a proposal to the list.
|
||||
*
|
||||
* The first added proposal has the highest priority, the last
|
||||
* added the lowest.
|
||||
|
|
|
@ -79,7 +79,7 @@ struct policy_t {
|
|||
void (*update_my_id) (policy_t *this, identification_t *my_id);
|
||||
|
||||
/**
|
||||
* @brief Update others ID.
|
||||
* @brief Update others id.
|
||||
*
|
||||
* It may be necessary to uptdate others ID, as it
|
||||
* is set to %any or to e.g. *@strongswan.org in
|
||||
|
|
|
@ -41,9 +41,11 @@
|
|||
#include <config/credential_store.h>
|
||||
|
||||
/**
|
||||
* @mainpage
|
||||
* @defgroup charon charon
|
||||
*
|
||||
* @section Threading Architecture
|
||||
* @brief IKEv2 keying daemon.
|
||||
*
|
||||
* @section Architecture
|
||||
*
|
||||
* All IKEv2 stuff is handled in charon. It uses a newer and more flexible
|
||||
* architecture than pluto. Charon uses a thread-pool, which allows parallel
|
||||
|
@ -95,8 +97,84 @@
|
|||
* netlink socket. It waits for kernel events and processes them appropriately.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup config config
|
||||
*
|
||||
* Classes implementing configuration related things.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup encoding encoding
|
||||
*
|
||||
* Classes used to encode and decode IKEv2 messages.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup payloads payloads
|
||||
*
|
||||
* Classes representing specific IKEv2 payloads.
|
||||
*
|
||||
* @ingroup encoding
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup network network
|
||||
*
|
||||
* Classes for network relevant stuff.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup queues queues
|
||||
*
|
||||
* Different kind of queues
|
||||
* (thread save lists).
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup jobs jobs
|
||||
*
|
||||
* Jobs used in job queue and event queue.
|
||||
*
|
||||
* @ingroup queues
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup sa sa
|
||||
*
|
||||
* Security associations for IKE and IPSec,
|
||||
* and some helper classes.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup states states
|
||||
*
|
||||
* Varius states in which an IKE SA can be.
|
||||
*
|
||||
* @ingroup sa
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup threads threads
|
||||
*
|
||||
* Threaded classes, which will do their job alone.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
|
||||
/**
|
||||
* Name of the daemon.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
#define DAEMON_NAME "charon"
|
||||
|
||||
|
@ -105,16 +183,22 @@
|
|||
*
|
||||
* There are several other threads, this defines
|
||||
* only the number of threads in thread_pool_t.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
#define NUMBER_OF_WORKING_THREADS 4
|
||||
|
||||
/**
|
||||
* UDP Port on which the daemon will listen for incoming traffic.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
#define IKEV2_UDP_PORT 500
|
||||
|
||||
/**
|
||||
* PID file, in which charon stores its process id
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
#define PID_FILE "/var/run/charon.pid"
|
||||
|
||||
|
@ -123,6 +207,8 @@ typedef struct daemon_t daemon_t;
|
|||
|
||||
/**
|
||||
* @brief Main class of daemon, contains some globals.
|
||||
*
|
||||
* @ingroup charon
|
||||
*/
|
||||
struct daemon_t {
|
||||
/**
|
||||
|
|
|
@ -173,6 +173,16 @@ struct proposal_substructure_t {
|
|||
*/
|
||||
void (*set_spi) (proposal_substructure_t *this, chunk_t spi);
|
||||
|
||||
/**
|
||||
* @brief Add this proposal_substructure to a proposal.
|
||||
*
|
||||
* Since a proposal_t may contain the data of multiple
|
||||
* proposal_sbustructure_t's, it may be necessary to call
|
||||
* the function multiple times with the same proposal.
|
||||
*
|
||||
* @param this calling proposal_substructure_t object
|
||||
* @param proposal proposal where the data should be added
|
||||
*/
|
||||
void (*add_to_proposal) (proposal_substructure_t *this, proposal_t *proposal);
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
strongSwans overall design
|
||||
============================
|
||||
/** @mainpage
|
||||
|
||||
@section design strongSwans overall design
|
||||
|
||||
IKEv1 and IKEv2 is handled in different keying daemons. The ole IKEv1 stuff is
|
||||
completely handled in pluto, as it was all the times. IKEv2 is handled in the
|
||||
new keying daemon, which is called charon.
|
||||
new keying daemon, which is called #charon.
|
||||
Daemon control is done over unix sockets. Pluto uses whack, as it did for years.
|
||||
Charon uses another socket interface, called stroke. Stroke uses another
|
||||
format as whack and therefore is not compatible to whack. The starter utility,
|
||||
|
@ -13,6 +14,7 @@ Pluto uses starter for some commands, for other it uses the whack utility. To be
|
|||
as close to pluto as possible, charon has the same split up of commands to
|
||||
starter and stroke. All commands are wrapped together in the ipsec script, which
|
||||
allows transparent control of both daemons.
|
||||
@verbatim
|
||||
|
||||
+-----------------------------------------+
|
||||
| ipsec |
|
||||
|
@ -40,6 +42,7 @@ allows transparent control of both daemons.
|
|||
| RAW Sock | | UDP/500 |
|
||||
+----------+ +---------+
|
||||
|
||||
@endverbatim
|
||||
Since IKEv2 uses the same port as IKEv1, both daemons must listen to UDP port
|
||||
500. Under Linux, there is no clean way to set up two sockets at the same port.
|
||||
To reslove this problem, charon uses a RAW socket, as they are used in network
|
||||
|
@ -47,82 +50,7 @@ sniffers. An installed Linux Socket Filter (LSF) filters out all none-IKEv2
|
|||
traffic. Pluto receives any IKE message, independant of charons behavior.
|
||||
Therefore plutos behavior is changed to discard any IKEv2 traffic silently.
|
||||
|
||||
To gain some reusability of the code, generic crypto and utility functions are
|
||||
separeted in a shared library, libstrongswan.
|
||||
|
||||
IKEv2 keying daemon: charon
|
||||
=============================
|
||||
|
||||
Threading modell
|
||||
------------------
|
||||
|
||||
All IKEv2 stuff is handled in charon. It uses a newer and more flexible
|
||||
architecture than pluto. Charon uses a thread-pool, which allows parallel
|
||||
execution SA-management. Beside the thread-pool, there are some special purpose
|
||||
threads which do their job for the common health of the daemon.
|
||||
|
||||
+------+
|
||||
| E Q |
|
||||
| v u |---+ +------+ +------+
|
||||
| e e | | | | | IKE- |
|
||||
| n u | +-----------+ | |--| SA |
|
||||
| t e | | | | I M | +------+
|
||||
+------------+ | - | | Scheduler | | K a |
|
||||
| receiver | +------+ | | | E n | +------+
|
||||
+----+-------+ +-----------+ | - a | | IKE- |
|
||||
| | +------+ | | S g |--| SA |
|
||||
+-------+--+ +-----| J Q |---+ +------------+ | A e | +------+
|
||||
-| socket | | o u | | | | - r |
|
||||
+-------+--+ | b e | | Thread- | | |
|
||||
| | - u | | Pool | | |
|
||||
+----+-------+ | e |------| |---| |
|
||||
| sender | +------+ +------------+ +------+
|
||||
+----+-------+
|
||||
| +------+
|
||||
| | S Q |
|
||||
| | e u |
|
||||
| | n e |
|
||||
+------------| d u |
|
||||
| - e |
|
||||
+--+---+
|
||||
|
||||
The thread-pool is the heart of the architecture. It processes jobs from a
|
||||
(fully synchronized) job-queue. Mostly, a job is associated with a specific
|
||||
IKE SA. These IKE SAs are synchronized, only one thread can work one an IKE SA.
|
||||
This makes it unnecesary to use further synchronisation methods once a IKE SA
|
||||
is checked out. The (rather complex) synchronization of IKE SAs is completely
|
||||
done in the IKE SA manager.
|
||||
The sceduler is responsible for event firing. It waits until a event in the
|
||||
(fully synchronized) event-queue is ready for processing and pushes the event
|
||||
down to the job-queue. A thread form the pool will pick it up as quick as
|
||||
possible. Every thread can queue events or jobs. Furter, an event can place a
|
||||
packet in the send-queue. The sender thread waits for those packets and sends
|
||||
them over the wire, via the socket. The receiver does exactly the opposite of
|
||||
the sender. It waits on the socket, reads in packets an places them on the
|
||||
job-queue for further processing by a thread from the pool.
|
||||
There are even more threads, not drawn in the upper scheme. The stroke thread
|
||||
is responsible for reading and processessing commands from another process. The
|
||||
kernel interface thread handles communication from and to the kernel via a
|
||||
netlink socket. It waits for kernel events and processes them appropriately.
|
||||
|
||||
|
||||
configuration backends
|
||||
------------------------
|
||||
|
||||
The configuration architecture for charon is complex, but is flexible and
|
||||
extensible. All configuration stuff is split up in multiple parts:
|
||||
|
||||
connection Defines a connection between two hosts. Proposals define with
|
||||
wich algorithms a IKE SA should be set up.
|
||||
policy Defines the rules to apply ontop of a connection. A policy is
|
||||
defined between two IDs. Proposals and traffic selectors allow
|
||||
fine grained configuration of the CHILD SAs (AH and ESP) to set
|
||||
up.
|
||||
credential A credential is something used for authentication, such as a
|
||||
preshared key, a RSA private or public key, certificate, ...
|
||||
configuration The configuration itself handles daemon related configuration
|
||||
stuff, such as interface binding or logging settings.
|
||||
|
||||
These configuration types are defined as interfaces, and are currently
|
||||
implemented only in the stroke class. Through the modular design, parts could be
|
||||
replaced with more powerful backends, such as a RADIUS server for the
|
||||
credentials, a SQL database for the connections, policy definitions on an LDAP
|
||||
server, and so on...
|
||||
*/
|
|
@ -3,3 +3,4 @@
|
|||
|
||||
- intiating the same connection twice makes trouble
|
||||
- leak_detective gets confused from libpthread (invalid frees)
|
||||
- installing to many SAs in the kernel at the same time causes troubles. Threading issue?
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
|
||||
+ = done, / = partial, - = todo, ordered by priority
|
||||
|
||||
|
||||
+ private key loading: der, without passphrase
|
||||
+ load all private keys from ipsec.d/private/ in stroke.c
|
||||
+ handle leftcert and rightcert in starterstroke.c/stroke.c
|
||||
|
@ -28,7 +29,7 @@
|
|||
+ integrate basic PEM loading
|
||||
+ port x509 stuff
|
||||
|
||||
- doxygen cleanup (charon/lib)
|
||||
+ doxygen cleanup (charon/lib)
|
||||
|
||||
- implement 3DES to load encrypted pem files
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@ $(BUILD_DIR)definitions.o : $(LIB_DIR)definitions.c $(LIB_DIR)definitions.h
|
|||
$(CC) $(CFLAGS) -c -o $@ $<
|
||||
|
||||
LIB_OBJS+= $(BUILD_DIR)library.o
|
||||
$(BUILD_DIR)library.o : $(LIB_DIR)library.c
|
||||
$(BUILD_DIR)library.o : $(LIB_DIR)library.c $(LIB_DIR)library.h
|
||||
$(CC) $(CFLAGS) -c -o $@ $<
|
||||
|
||||
include $(MAIN_DIR)lib/crypto/Makefile.transforms
|
||||
|
|
|
@ -60,133 +60,6 @@
|
|||
#endif
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* @defgroup config config
|
||||
*
|
||||
* Classes implementing configuration related things.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup encoding encoding
|
||||
*
|
||||
* Classes used to encode and decode IKEv2 messages.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup network network
|
||||
*
|
||||
* Classes for network relevant stuff.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup payloads payloads
|
||||
*
|
||||
* Classes representing specific IKEv2 payloads.
|
||||
*
|
||||
* @ingroup encoding
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup sa sa
|
||||
*
|
||||
* Security association and helper classes.
|
||||
*/
|
||||
|
||||
|
||||
/**
|
||||
* @defgroup states states
|
||||
*
|
||||
* Varius states in which an IKE SA can be.
|
||||
*
|
||||
* @ingroup sa
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup queues queues
|
||||
*
|
||||
* Different kind of queues.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup jobs jobs
|
||||
*
|
||||
* Jobs used in job queue and event queue.
|
||||
*
|
||||
* @ingroup queues
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup testcases testcases
|
||||
*
|
||||
* Testcases used to test the different classes in seperate module tests.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup transforms transforms
|
||||
*
|
||||
* Transform algorithms of different kind.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup rsa rsa
|
||||
*
|
||||
* RSA public key algorithm.
|
||||
*
|
||||
* @ingroup transforms
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup prfs prfs
|
||||
*
|
||||
* Pseudo random functions.
|
||||
*
|
||||
* @ingroup transforms
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup signers signers
|
||||
*
|
||||
* Symmetric signing algorithms, used to ensure message integrity.
|
||||
*
|
||||
* @ingroup transforms
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup crypters crypters
|
||||
*
|
||||
* Symmetric encryption algorithms, used to encrypt and decrypt.
|
||||
*
|
||||
* @ingroup transforms
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup hashers hashers
|
||||
*
|
||||
* Hashing algorithms.
|
||||
*
|
||||
* @ingroup transforms
|
||||
*/
|
||||
/**
|
||||
* @defgroup asn1 asn1
|
||||
*
|
||||
* ASN1 structure definition, en-/decoder of for DER
|
||||
*
|
||||
* @todo Implement a der_encoder_t class.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup utils utils
|
||||
*
|
||||
* Generic helper classes.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup threads threads
|
||||
*
|
||||
* Threaded classes, which will do their job alone.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Macro gives back larger of two values.
|
||||
*/
|
||||
|
@ -202,22 +75,15 @@
|
|||
*/
|
||||
#define POS printf("%s, line %d\n", __FILE__, __LINE__)
|
||||
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Macro to allocate a type as chunk_t.
|
||||
* Macro to allocate a sized type.
|
||||
*
|
||||
* @param thing object on which a sizeof is performed
|
||||
* @return chunk_t pointing to allocated memory
|
||||
* @return poiner to allocated memory
|
||||
*/
|
||||
#define malloc_thing(thing) ((thing*)malloc(sizeof(thing)))
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Mapping entry which defines the end of a mapping_t array.
|
||||
*/
|
||||
|
|
|
@ -0,0 +1,100 @@
|
|||
/**
|
||||
* @file library.h
|
||||
*
|
||||
* @brief Global library header.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (C) 2006 Martin Willi
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#ifndef LIBRARY_H_
|
||||
#define LIBRARY_H_
|
||||
|
||||
/**
|
||||
* @defgroup lib lib
|
||||
*
|
||||
* libstrongswan: library with various crypto related things.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup asn1 asn1
|
||||
*
|
||||
* ASN1 definitions, parser and generator functions.
|
||||
*
|
||||
* @ingroup lib
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup crypto crypto
|
||||
*
|
||||
* Crypto algorithms of different kind.
|
||||
*
|
||||
* @ingroup lib
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup crypters crypters
|
||||
*
|
||||
* Symmetric encryption algorithms, used for
|
||||
* encryption and decryption.
|
||||
*
|
||||
* @ingroup crypto
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup hashers hashers
|
||||
*
|
||||
* Hashing algorithms, such as MD5 or SHA1
|
||||
*
|
||||
* @ingroup crypto
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup prfs prfs
|
||||
*
|
||||
* Pseudo random functions, used to generate
|
||||
* pseude random byte sequences.
|
||||
*
|
||||
* @ingroup crypto
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup rsa rsa
|
||||
*
|
||||
* RSA private/public key algorithm.
|
||||
*
|
||||
* @ingroup crypto
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup signers signers
|
||||
*
|
||||
* Symmetric signing algorithms,
|
||||
* used to ensure message integrity.
|
||||
*
|
||||
* @ingroup crypto
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup utils utils
|
||||
*
|
||||
* Generic helper classes.
|
||||
*
|
||||
* @ingroup lib
|
||||
*/
|
||||
|
||||
|
||||
#endif /* LIBRARY_H_ */
|
|
@ -84,21 +84,6 @@ enum id_type_t {
|
|||
ID_KEY_ID = 11
|
||||
};
|
||||
|
||||
/**
|
||||
* Old pluto id format
|
||||
*
|
||||
* @deprecated Do not use any more, only here for pluto.
|
||||
*/
|
||||
// struct id {
|
||||
// /** ID_* value, pluto pendant to id_type_t */
|
||||
// int kind;
|
||||
// /** ID_IPV4_ADDR, ID_IPV6_ADDR */
|
||||
// ip_address ip_addr;
|
||||
// /** ID_FQDN, ID_USER_FQDN (with @) */
|
||||
// /** ID_KEY_ID, ID_DER_ASN_DN */
|
||||
// chunk_t name;
|
||||
// };
|
||||
|
||||
/**
|
||||
* String mappings for id_type_t.
|
||||
*/
|
||||
|
@ -158,17 +143,6 @@ struct identification_t {
|
|||
*/
|
||||
char *(*get_string) (identification_t *this);
|
||||
|
||||
/**
|
||||
* @brief Get the id in the format used in pluto.
|
||||
*
|
||||
* We do this in pluto style here, which means no memory
|
||||
* is allocated.
|
||||
*
|
||||
* @param this the identification_t object
|
||||
* @return string
|
||||
*/
|
||||
// void (*get_pluto_id) (identification_t *this, struct id *pluto_id);
|
||||
|
||||
/**
|
||||
* @brief Check if two identification_t objects are equal.
|
||||
*
|
||||
|
@ -232,18 +206,5 @@ identification_t * identification_create_from_string(id_type_t type, char *strin
|
|||
*/
|
||||
identification_t * identification_create_from_encoding(id_type_t type, chunk_t encoded);
|
||||
|
||||
/**
|
||||
* @brief Creates an identification_t object from the old pluto id format.
|
||||
*
|
||||
* Pluto uses struct id for identification stuff. Since we need to convert from
|
||||
* this format to our identification_t, we need this special constructor.
|
||||
*
|
||||
* @param id old pluto format id
|
||||
* @return identification_t object
|
||||
*
|
||||
* @ingroup utils
|
||||
*/
|
||||
// identification_t * identification_create_from_pluto_id(struct id *pluto_id);
|
||||
|
||||
|
||||
#endif /* IDENTIFICATION_H_ */
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/**
|
||||
* @file leak_detective.c
|
||||
*
|
||||
* @brief Implementation of leak_detective_t.
|
||||
* @brief Allocation hooks to find memory leaks.
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -31,7 +31,6 @@
|
|||
#include <dlfcn.h>
|
||||
#include <unistd.h>
|
||||
#include <syslog.h>
|
||||
#define __USE_GNU /* needed for recursiv mutex initializer */
|
||||
#include <pthread.h>
|
||||
|
||||
#include "leak_detective.h"
|
||||
|
@ -120,8 +119,7 @@ static bool installed = FALSE;
|
|||
/**
|
||||
* Mutex to exclusivly uninstall hooks, access heap list
|
||||
*/
|
||||
static pthread_mutex_t mutex = PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP;
|
||||
|
||||
static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
|
||||
|
||||
/**
|
||||
|
|
|
@ -145,8 +145,16 @@ struct logger_manager_t {
|
|||
*/
|
||||
extern logger_manager_t *logger_manager;
|
||||
|
||||
/**
|
||||
* Initialize the logger manager with all its logger.
|
||||
* Has to be called before logger_manager is accessed.
|
||||
*/
|
||||
void logger_manager_init();
|
||||
|
||||
/**
|
||||
* Free any resources hold by the logger manager. Do
|
||||
* not access logger_manager after this call.
|
||||
*/
|
||||
void logger_manager_cleanup();
|
||||
|
||||
#endif /*LOGGER_MANAGER_H_*/
|
||||
|
|
|
@ -23,14 +23,17 @@
|
|||
#ifndef STROKE_H_
|
||||
#define STROKE_H_
|
||||
|
||||
/**
|
||||
* Socket which is used to communicate between charon and stroke
|
||||
*/
|
||||
#define STROKE_SOCKET "/var/run/charon.ctl"
|
||||
|
||||
|
||||
typedef struct stroke_msg_t stroke_msg_t;
|
||||
|
||||
/**
|
||||
* @brief A stroke message sent over the unix socket.
|
||||
*
|
||||
*/
|
||||
typedef struct stroke_msg_t stroke_msg_t;
|
||||
|
||||
struct stroke_msg_t {
|
||||
/* length of this message with all strings */
|
||||
u_int16_t length;
|
||||
|
|
Loading…
Reference in New Issue