[apple/ipsec.git] / ipsec-tools / racoon / session.c

/*	$NetBSD: session.c,v 1.7.6.2 2007/08/01 11:52:22 vanhu Exp $	*/

/*	$KAME: session.c,v 1.32 2003/09/24 02:01:17 jinmei Exp $	*/

/*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the project nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include "config.h"

#include <sys/types.h>
#include <sys/param.h>
#include <sys/time.h>
#include <sys/socket.h>
#if HAVE_SYS_WAIT_H
# include <sys/wait.h>
#endif
#ifndef WEXITSTATUS
# define WEXITSTATUS(s)	((unsigned)(s) >> 8)
#endif
#ifndef WIFEXITED
# define WIFEXITED(s)	(((s) & 255) == 0)
#endif

#ifndef HAVE_NETINET6_IPSEC
#include <netinet/ipsec.h>
#else
#include <netinet6/ipsec.h>
#endif

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <signal.h>
#include <sys/stat.h>
#include <paths.h>

#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>

#include <resolv.h>
#include <TargetConditionals.h>

#include "libpfkey.h"

#include "var.h"
#include "misc.h"
#include "vmbuf.h"
#include "plog.h"
#include "debug.h"

#include "schedule.h"
#include "session.h"
#include "grabmyaddr.h"
#include "evt.h"
#include "cfparse_proto.h"
#include "isakmp_var.h"
#include "isakmp_xauth.h"
#include "isakmp_cfg.h"
#include "admin_var.h"
#include "admin.h"
#include "privsep.h"
#include "oakley.h"
#include "pfkey.h"
#include "handler.h"
#include "localconf.h"
#include "remoteconf.h"
#include "backupsa.h"
#ifdef ENABLE_NATT
#include "nattraversal.h"
#endif
#include "vpn_control_var.h"
#include "policy.h"
#include "algorithm.h" /* XXX ??? */

#include "sainfo.h"


extern pid_t racoon_pid;
static void close_session __P((void));
static void check_rtsock __P((void *));
static void initfds __P((void));
static void init_signal __P((void));
static int set_signal __P((int sig, RETSIGTYPE (*func) __P((int))));
static void check_sigreq __P((void));
static void check_flushsa_stub __P((void *));
static void check_flushsa __P((void));
static void auto_exit_do __P((void *));
static int close_sockets __P((void));

static fd_set mask0;
static fd_set maskdying;
static int nfds = 0;
static volatile sig_atomic_t sigreq[NSIG + 1];
static int dying = 0;
static struct sched *check_rtsock_sched = NULL;
int terminated = 0;

int
session(void)
{
	fd_set rfds;
	struct timeval *timeout;
	int error;
	struct myaddrs *p;
	char pid_file[MAXPATHLEN];
	FILE *fp;
	int i, update_fds;

	/* initialize schedular */
	sched_init();

	initmyaddr();

#ifndef __APPLE__
	if (isakmp_init() < 0) {
#else
	if (isakmp_init(false) < 0) {
#endif /* __APPLE__ */
		plog(LLV_ERROR2, LOCATION, NULL,
				"failed to initialize isakmp");
		exit(1);
	}

#ifdef ENABLE_ADMINPORT
	if (admin_init() < 0) {
		plog(LLV_ERROR2, LOCATION, NULL,
				"failed to initialize admin port");
		exit(1);
	}
#endif
#ifdef ENABLE_VPNCONTROL_PORT
	if (vpncontrol_init() < 0) {
		plog(LLV_ERROR2, LOCATION, NULL,
			"failed to initialize vpn control port");
		exit(1);
	}
	
#endif

	init_signal();
	initfds();

#ifndef __APPLE__
#ifdef ENABLE_NATT
	natt_keepalive_init ();
#endif
#endif

	if (privsep_init() != 0) {
		plog(LLV_ERROR2, LOCATION, NULL,
			"failed to initialize privsep");
		exit(1);
	}

	for (i = 0; i <= NSIG; i++)
		sigreq[i] = 0;

	/* write .pid file */
	if (!f_foreground) {
		racoon_pid = getpid();
		if (lcconf->pathinfo[LC_PATHTYPE_PIDFILE] == NULL) 
			strlcpy(pid_file, _PATH_VARRUN "racoon.pid", sizeof(pid_file));
		else if (lcconf->pathinfo[LC_PATHTYPE_PIDFILE][0] == '/') 
			strlcpy(pid_file, lcconf->pathinfo[LC_PATHTYPE_PIDFILE], sizeof(pid_file));
		else {
			strlcat(pid_file, _PATH_VARRUN, sizeof(pid_file));
			strlcat(pid_file, lcconf->pathinfo[LC_PATHTYPE_PIDFILE], sizeof(pid_file));
		} 
		fp = fopen(pid_file, "w");
		if (fp) {
			if (fchmod(fileno(fp),
				S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) {
				syslog(LOG_ERR, "%s", strerror(errno));
				fclose(fp);
				exit(1);
			}
			fprintf(fp, "%ld\n", (long)racoon_pid);
			fclose(fp);
		} else {
			plog(LLV_ERROR, LOCATION, NULL,
				"cannot open %s", pid_file);
		}
	}
	
	while (1) {
		if (!TAILQ_EMPTY(&lcconf->saved_msg_queue))
			pfkey_post_handler();
		update_fds = 0;
		/*
		 * asynchronous requests via signal.
		 * make sure to reset sigreq to 0.
		 */
		check_sigreq();

		/* scheduling */
		timeout = schedular();

		if (dying)
			rfds = maskdying;
		else
			rfds = mask0;
		error = select(nfds, &rfds, (fd_set *)0, (fd_set *)0, timeout);
		if (error < 0) {
			switch (errno) {
			case EINTR:
				continue;
			default:
				plog(LLV_ERROR2, LOCATION, NULL,
					"failed select (%s)\n",
					strerror(errno));
				/* serious socket problem - close all listening sockets and re-open */
				if (lcconf->autograbaddr) {
					isakmp_close(); 
					initfds();
					sched_new(5, check_rtsock, NULL);
				} else {
					isakmp_close_sockets();
					isakmp_open();
					initfds();
				}
				continue;
			}
			/*NOTREACHED*/
		}

#ifdef ENABLE_ADMINPORT
		if ((lcconf->sock_admin != -1) &&
		    (FD_ISSET(lcconf->sock_admin, &rfds)))
			admin_handler();
#endif
#ifdef ENABLE_VPNCONTROL_PORT
		{
			struct vpnctl_socket_elem *elem;
			struct vpnctl_socket_elem *t_elem;
			
			if ((lcconf->sock_vpncontrol != -1) &&
				(FD_ISSET(lcconf->sock_vpncontrol, &rfds))) {
				vpncontrol_handler();
				update_fds = 1;			//  in case new socket created - update mask
			}
			/* The handler may close and remove the list element
			 * so we can't rely on it being valid after calling
			 * the handler.
			 */
			LIST_FOREACH_SAFE(elem, &lcconf->vpnctl_comm_socks, chain, t_elem) {
				if ((elem->sock != -1) &&
					(FD_ISSET(elem->sock, &rfds)))
					if (vpncontrol_comm_handler(elem))
						update_fds = 1;		// socket closed by peer - update mask
			}
		}
#endif			

		for (p = lcconf->myaddrs; p; p = p->next) {
			if (!p->addr)
				continue;
			if (FD_ISSET(p->sock, &rfds))
				if ((error = isakmp_handler(p->sock)) == -2)
					break;
		}
		if (error == -2) {
			if (lcconf->autograbaddr) {
				/* serious socket problem - close all listening sockets and re-open */
				isakmp_close(); 
				initfds();
				sched_new(5, check_rtsock, NULL);
				continue;
			} else {
				isakmp_close_sockets();
				isakmp_open();
				initfds();
				continue;
			}
		}

		if (FD_ISSET(lcconf->sock_pfkey, &rfds))
			pfkey_handler();

		if (lcconf->rtsock >= 0 && FD_ISSET(lcconf->rtsock, &rfds)) {
			if (update_myaddrs() && lcconf->autograbaddr)
				if (check_rtsock_sched == NULL)	/* only schedule if not already done */
					check_rtsock_sched = sched_new(5, check_rtsock, NULL);
			// initfds();	//%%% BUG FIX - not needed here
		}
		if (update_fds) {
			initfds();
			update_fds = 0;
		}
	}
}


/* clear all status and exit program. */
static void
close_session()
{
	if ( terminated )
		flushph2(false);
	flushph1(false);
	close_sockets();
	backupsa_clean();

	plog(LLV_INFO, LOCATION, NULL, "racoon shutdown\n");
	exit(0);
}

static void
check_rtsock(p)
	void *p;
{	

	check_rtsock_sched = NULL;
	grab_myaddrs();
	isakmp_close_unused();

	autoconf_myaddrsport();
	isakmp_open();

	/* initialize socket list again */
	initfds();
}

static void
initfds()
{
	struct myaddrs *p;

	nfds = 0;

	FD_ZERO(&mask0);
	FD_ZERO(&maskdying);

#ifdef ENABLE_ADMINPORT
	if (lcconf->sock_admin != -1) {
		if (lcconf->sock_admin >= FD_SETSIZE) {
			plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - admin socket\n");
			exit(1);
		}
		FD_SET(lcconf->sock_admin, &mask0);
		/* XXX should we listen on admin socket when dying ?
		 */
#if 0
		FD_SET(lcconf->sock_admin, &maskdying);
#endif
		nfds = (nfds > lcconf->sock_admin ? nfds : lcconf->sock_admin);
	}
#endif
#ifdef ENABLE_VPNCONTROL_PORT
	{
		struct vpnctl_socket_elem *elem;
		
		if (lcconf->sock_vpncontrol != -1) {
			if (lcconf->sock_vpncontrol >= FD_SETSIZE) {
				plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - vpncontrol socket\n");
				exit(1);
			}
			FD_SET(lcconf->sock_vpncontrol, &mask0);
			nfds = (nfds > lcconf->sock_vpncontrol ? nfds : lcconf->sock_vpncontrol);
		}
		
		LIST_FOREACH(elem, &lcconf->vpnctl_comm_socks, chain) {
			if (elem->sock != -1) {
				if (elem->sock >= FD_SETSIZE) {
					plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun vpnctl_comm socket\n");
					exit(1);
				}
				FD_SET(elem->sock, &mask0);
				nfds = (nfds > elem->sock ? nfds : elem->sock);
			}
		}
	}
#endif

	if (lcconf->sock_pfkey >= FD_SETSIZE) {
		plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - pfkey socket\n");
		exit(1);
	}
	FD_SET(lcconf->sock_pfkey, &mask0);
	FD_SET(lcconf->sock_pfkey, &maskdying);
	nfds = (nfds > lcconf->sock_pfkey ? nfds : lcconf->sock_pfkey);
	if (lcconf->rtsock >= 0) {
		if (lcconf->rtsock >= FD_SETSIZE) {
			plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - rt socket\n");
			exit(1);
		}
		FD_SET(lcconf->rtsock, &mask0);
		nfds = (nfds > lcconf->rtsock ? nfds : lcconf->rtsock);
	}
	
	for (p = lcconf->myaddrs; p; p = p->next) {
		if (!p->addr)
			continue;
		if (p->sock < 0)
			continue;
		if (p->sock >= FD_SETSIZE) {
			plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - isakmp socket\n");
			exit(1);
		}
		FD_SET(p->sock, &mask0);
		nfds = (nfds > p->sock ? nfds : p->sock);
	}
	nfds++;
}


static int signals[] = {
	SIGHUP,
	SIGINT,
	SIGTERM,
	SIGUSR1,
	SIGUSR2,
	SIGCHLD,
	SIGPIPE,
	0
};

/*
 * asynchronous requests will actually dispatched in the
 * main loop in session().
 */
RETSIGTYPE
signal_handler(sig)
	int sig;
{
	/* Do not just set it to 1, because we may miss some signals by just setting
	 * values to 0/1
	 */
	sigreq[sig]++;
	if ( sig == SIGTERM ){
		terminated = 1;
	}
}

static void
check_sigreq()
{
	int sig;

	/* 
	 * XXX We are not able to tell if we got 
	 * several time the same signal. This is
	 * not a problem for the current code, 
	 * but we shall remember this limitation.
	 */
	for (sig = 0; sig <= NSIG; sig++) {
		if (sigreq[sig] == 0)
			continue;

		sigreq[sig]--;
		switch(sig) {
		case 0:
			return;
			
			/* Catch up childs, mainly scripts.
			 */
		case SIGCHLD:
	    {
			pid_t pid;
			int s;
			
			pid = wait(&s);
	    }
		break;

#ifdef DEBUG_RECORD_MALLOCATION
		/* 
		 * XXX This operation is signal handler unsafe and may lead to 
		 * crashes and security breaches: See Henning Brauer talk at
		 * EuroBSDCon 2005. Do not run in production with this option
		 * enabled.
		 */
		case SIGUSR2:
			DRM_dump();
			break;
#endif

		case SIGUSR1:
		case SIGHUP:
#ifdef ENABLE_HYBRID
			if ((isakmp_cfg_init(ISAKMP_CFG_INIT_WARM)) != 0) {
				plog(LLV_ERROR, LOCATION, NULL, 
		  	 	 "ISAKMP mode config structure reset failed, "
		  	 	 "not reloading\n");
				return;
			}
#endif
			if ( terminated )
				break;
				
			/* Save old configuration, load new one...  */
			isakmp_close();
			close(lcconf->rtsock);
			if (cfreparse(sig)) {
				plog(LLV_ERROR2, LOCATION, NULL,
					 "configuration read failed\n");
				exit(1);
			}
			if (lcconf->logfile_param == NULL)
				plogreset(lcconf->pathinfo[LC_PATHTYPE_LOGFILE]);
				
			initmyaddr();
			isakmp_cleanup();
#ifdef __APPLE__
			isakmp_init(true);
#else
			isakmp_init();
#endif /* __APPLE__ */
			initfds();
#if TARGET_OS_EMBEDDED
			if (no_remote_configs()) {
				EVT_PUSH(NULL, NULL, EVTT_RACOON_QUIT, NULL);
				pfkey_send_flush(lcconf->sock_pfkey, SADB_SATYPE_UNSPEC);
#ifdef ENABLE_FASTQUIT
				close_session();
#else
				sched_new(1, check_flushsa_stub, NULL);
#endif
				dying = 1;
			}
#endif
			break;

		case SIGINT:
		case SIGTERM:			
			plog(LLV_INFO, LOCATION, NULL, 
			    "caught signal %d\n", sig);
			EVT_PUSH(NULL, NULL, EVTT_RACOON_QUIT, NULL);
			pfkey_send_flush(lcconf->sock_pfkey, 
			    SADB_SATYPE_UNSPEC);
			if ( sig == SIGTERM ){
				terminated = 1;			/* in case if it hasn't been set yet */
				close_session();
			}
			else
				sched_new(1, check_flushsa_stub, NULL);

				dying = 1;
			break;

		default:
			plog(LLV_INFO, LOCATION, NULL, 
			    "caught signal %d\n", sig);
			break;
		}
	}
}

/*
 * waiting the termination of processing until sending DELETE message
 * for all inbound SA will complete.
 */
static void
check_flushsa_stub(p)
	void *p;
{

	check_flushsa();
}

static void
check_flushsa()
{
	vchar_t *buf;
	struct sadb_msg *msg, *end, *next;
	struct sadb_sa *sa;
	caddr_t mhp[SADB_EXT_MAX + 1];
	int n;

	buf = pfkey_dump_sadb(SADB_SATYPE_UNSPEC);
	if (buf == NULL) {
		plog(LLV_DEBUG, LOCATION, NULL,
		    "pfkey_dump_sadb: returned nothing.\n");
		return;
	}

	msg = (struct sadb_msg *)buf->v;
	end = (struct sadb_msg *)(buf->v + buf->l);

	/* counting SA except of dead one. */
	n = 0;
	while (msg < end) {
		if (PFKEY_UNUNIT64(msg->sadb_msg_len) < sizeof(*msg))
			break;
		next = (struct sadb_msg *)((caddr_t)msg + PFKEY_UNUNIT64(msg->sadb_msg_len));
		if (msg->sadb_msg_type != SADB_DUMP) {
			msg = next;
			continue;
		}

		if (pfkey_align(msg, mhp) || pfkey_check(mhp)) {
			plog(LLV_ERROR, LOCATION, NULL,
				"pfkey_check (%s)\n", ipsec_strerror());
			msg = next;
			continue;
		}

		sa = (struct sadb_sa *)(mhp[SADB_EXT_SA]);
		if (!sa) {
			msg = next;
			continue;
		}

		if (sa->sadb_sa_state != SADB_SASTATE_DEAD) {
			n++;
			msg = next;
			continue;
		}

		msg = next;
	}

	if (buf != NULL)
		vfree(buf);

	if (n) {
		sched_new(1, check_flushsa_stub, NULL);
		return;
	}

	close_session();
#if !TARGET_OS_EMBEDDED
	if (lcconf->vt)
		vproc_transaction_end(NULL, lcconf->vt);
#endif
}

void
auto_exit_do(void *p)
{
	EVT_PUSH(NULL, NULL, EVTT_RACOON_QUIT, NULL);
	plog(LLV_DEBUG, LOCATION, NULL,
				"performing auto exit\n");
	pfkey_send_flush(lcconf->sock_pfkey, SADB_SATYPE_UNSPEC);
	sched_new(1, check_flushsa_stub, NULL);
	dying = 1;
}

void
check_auto_exit(void)
{
	if (lcconf->auto_exit_sched != NULL) {	/* exit scheduled? */
		if (lcconf->auto_exit_state != LC_AUTOEXITSTATE_ENABLED
			|| vpn_control_connected()				/* vpn control connected */
			|| policies_installed())			/* policies installed in kernel */
			SCHED_KILL(lcconf->auto_exit_sched);
	} else {								/* exit not scheduled */
		if (lcconf->auto_exit_state == LC_AUTOEXITSTATE_ENABLED
			&& !vpn_control_connected()	
			&& !policies_installed())
				if (lcconf->auto_exit_delay == 0)
					auto_exit_do(NULL);		/* immediate exit */
				else
					lcconf->auto_exit_sched = sched_new(lcconf->auto_exit_delay, auto_exit_do, NULL);
	}
}


static void
init_signal()
{
	int i;

	for (i = 0; signals[i] != 0; i++)
		if (set_signal(signals[i], signal_handler) < 0) {
			plog(LLV_ERROR2, LOCATION, NULL,
				"failed to set_signal (%s)\n",
				strerror(errno));
			exit(1);
		}
}

static int
set_signal(sig, func)
	int sig;
	RETSIGTYPE (*func) __P((int));
{
	struct sigaction sa;

	memset((caddr_t)&sa, 0, sizeof(sa));
	sa.sa_handler = func;
	sa.sa_flags = SA_RESTART;

	if (sigemptyset(&sa.sa_mask) < 0)
		return -1;

	if (sigaction(sig, &sa, (struct sigaction *)0) < 0)
		return(-1);

	return 0;
}

static int
close_sockets()
{
	isakmp_close();
	pfkey_close(lcconf->sock_pfkey);
#ifdef ENABLE_ADMINPORT
	(void)admin_close();
#endif
#ifdef ENABLE_VPNCONTROL_PORT
	vpncontrol_close();
#endif
	return 0;
}
Commit	Line	Data
d1e348cf A	1	/* $NetBSD: session.c,v 1.7.6.2 2007/08/01 11:52:22 vanhu Exp $ */
d1e348cf A	2
52b7d2ce A	3	/* $KAME: session.c,v 1.32 2003/09/24 02:01:17 jinmei Exp $ */
	4
	5	/*
	6	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	7	* All rights reserved.
	8	*
	9	* Redistribution and use in source and binary forms, with or without
	10	* modification, are permitted provided that the following conditions
	11	* are met:
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	* 2. Redistributions in binary form must reproduce the above copyright
	15	* notice, this list of conditions and the following disclaimer in the
	16	* documentation and/or other materials provided with the distribution.
	17	* 3. Neither the name of the project nor the names of its contributors
	18	* may be used to endorse or promote products derived from this software
	19	* without specific prior written permission.
	20	*
	21	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	24	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	31	* SUCH DAMAGE.
	32	*/
	33
	34	#include "config.h"
	35
	36	#include <sys/types.h>
	37	#include <sys/param.h>
	38	#include <sys/time.h>
	39	#include <sys/socket.h>
	40	#if HAVE_SYS_WAIT_H
	41	# include <sys/wait.h>
	42	#endif
	43	#ifndef WEXITSTATUS
	44	# define WEXITSTATUS(s) ((unsigned)(s) >> 8)
	45	#endif
	46	#ifndef WIFEXITED
	47	# define WIFEXITED(s) (((s) & 255) == 0)
	48	#endif
	49
	50	#ifndef HAVE_NETINET6_IPSEC
	51	#include <netinet/ipsec.h>
	52	#else
	53	#include <netinet6/ipsec.h>
	54	#endif
	55
	56	#include <stdlib.h>
	57	#include <stdio.h>
	58	#include <string.h>
	59	#include <errno.h>
	60	#ifdef HAVE_UNISTD_H
	61	#include <unistd.h>
	62	#endif
	63	#include <signal.h>
	64	#include <sys/stat.h>
	65	#include <paths.h>
	66
d1e348cf A	67	#include <netinet/in.h>
	68	#include <netinet/ip.h>
	69	#include <netinet/ip_icmp.h>
	70
	71	#include <resolv.h>
	72	#include <TargetConditionals.h>
	73
52b7d2ce A	74	#include "libpfkey.h"
	75
	76	#include "var.h"
	77	#include "misc.h"
	78	#include "vmbuf.h"
	79	#include "plog.h"
	80	#include "debug.h"
	81
	82	#include "schedule.h"
	83	#include "session.h"
	84	#include "grabmyaddr.h"
	85	#include "evt.h"
	86	#include "cfparse_proto.h"
	87	#include "isakmp_var.h"
d1e348cf A	88	#include "isakmp_xauth.h"
d1e348cf A	89	#include "isakmp_cfg.h"
52b7d2ce A	90	#include "admin_var.h"
	91	#include "admin.h"
	92	#include "privsep.h"
	93	#include "oakley.h"
	94	#include "pfkey.h"
	95	#include "handler.h"
	96	#include "localconf.h"
	97	#include "remoteconf.h"
	98	#include "backupsa.h"
	99	#ifdef ENABLE_NATT
	100	#include "nattraversal.h"
	101	#endif
	102	#include "vpn_control_var.h"
	103	#include "policy.h"
d1e348cf A	104	#include "algorithm.h" /* XXX ??? */
	105
	106	#include "sainfo.h"
	107
	108
52b7d2ce A	109
	110	extern pid_t racoon_pid;
	111	static void close_session __P((void));
	112	static void check_rtsock __P((void *));
	113	static void initfds __P((void));
	114	static void init_signal __P((void));
	115	static int set_signal __P((int sig, RETSIGTYPE (*func) __P((int))));
	116	static void check_sigreq __P((void));
	117	static void check_flushsa_stub __P((void *));
	118	static void check_flushsa __P((void));
	119	static void auto_exit_do __P((void *));
	120	static int close_sockets __P((void));
	121
	122	static fd_set mask0;
	123	static fd_set maskdying;
	124	static int nfds = 0;
	125	static volatile sig_atomic_t sigreq[NSIG + 1];
	126	static int dying = 0;
	127	static struct sched *check_rtsock_sched = NULL;
d1e348cf	128	int terminated = 0;
52b7d2ce A	129
	130	int
	131	session(void)
	132	{
	133	fd_set rfds;
	134	struct timeval *timeout;
	135	int error;
	136	struct myaddrs *p;
	137	char pid_file[MAXPATHLEN];
	138	FILE *fp;
	139	int i, update_fds;
	140
	141	/* initialize schedular */
	142	sched_init();
	143
	144	initmyaddr();
	145
d1e348cf	146	#ifndef __APPLE__
52b7d2ce	147	if (isakmp_init() < 0) {
d1e348cf A	148	#else
	149	if (isakmp_init(false) < 0) {
	150	#endif /* __APPLE__ */
52b7d2ce A	151	plog(LLV_ERROR2, LOCATION, NULL,
	152	"failed to initialize isakmp");
	153	exit(1);
	154	}
	155
	156	#ifdef ENABLE_ADMINPORT
	157	if (admin_init() < 0) {
	158	plog(LLV_ERROR2, LOCATION, NULL,
	159	"failed to initialize admin port");
	160	exit(1);
	161	}
	162	#endif
	163	#ifdef ENABLE_VPNCONTROL_PORT
	164	if (vpncontrol_init() < 0) {
	165	plog(LLV_ERROR2, LOCATION, NULL,
	166	"failed to initialize vpn control port");
	167	exit(1);
	168	}
d1e348cf	169
52b7d2ce A	170	#endif
	171
	172	init_signal();
	173	initfds();
	174
	175	#ifndef __APPLE__
	176	#ifdef ENABLE_NATT
	177	natt_keepalive_init ();
	178	#endif
	179	#endif
	180
	181	if (privsep_init() != 0) {
	182	plog(LLV_ERROR2, LOCATION, NULL,
	183	"failed to initialize privsep");
	184	exit(1);
	185	}
	186
	187	for (i = 0; i <= NSIG; i++)
	188	sigreq[i] = 0;
	189
	190	/* write .pid file */
	191	if (!f_foreground) {
	192	racoon_pid = getpid();
	193	if (lcconf->pathinfo[LC_PATHTYPE_PIDFILE] == NULL)
d1e348cf	194	strlcpy(pid_file, _PATH_VARRUN "racoon.pid", sizeof(pid_file));
52b7d2ce	195	else if (lcconf->pathinfo[LC_PATHTYPE_PIDFILE][0] == '/')
d1e348cf	196	strlcpy(pid_file, lcconf->pathinfo[LC_PATHTYPE_PIDFILE], sizeof(pid_file));
52b7d2ce	197	else {
d1e348cf A	198	strlcat(pid_file, _PATH_VARRUN, sizeof(pid_file));
d1e348cf A	199	strlcat(pid_file, lcconf->pathinfo[LC_PATHTYPE_PIDFILE], sizeof(pid_file));
52b7d2ce A	200	}
	201	fp = fopen(pid_file, "w");
	202	if (fp) {
	203	if (fchmod(fileno(fp),
	204	S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH) == -1) {
	205	syslog(LOG_ERR, "%s", strerror(errno));
	206	fclose(fp);
	207	exit(1);
	208	}
	209	fprintf(fp, "%ld\n", (long)racoon_pid);
	210	fclose(fp);
	211	} else {
	212	plog(LLV_ERROR, LOCATION, NULL,
	213	"cannot open %s", pid_file);
	214	}
	215	}
d1e348cf	216
52b7d2ce	217	while (1) {
fd507379 A	218	if (!TAILQ_EMPTY(&lcconf->saved_msg_queue))
fd507379 A	219	pfkey_post_handler();
52b7d2ce A	220	update_fds = 0;
	221	/*
	222	* asynchronous requests via signal.
	223	* make sure to reset sigreq to 0.
	224	*/
	225	check_sigreq();
	226
	227	/* scheduling */
	228	timeout = schedular();
	229
	230	if (dying)
	231	rfds = maskdying;
	232	else
	233	rfds = mask0;
	234	error = select(nfds, &rfds, (fd_set )0, (fd_set )0, timeout);
	235	if (error < 0) {
	236	switch (errno) {
	237	case EINTR:
	238	continue;
	239	default:
	240	plog(LLV_ERROR2, LOCATION, NULL,
	241	"failed select (%s)\n",
	242	strerror(errno));
d1e348cf A	243	/* serious socket problem - close all listening sockets and re-open */
	244	if (lcconf->autograbaddr) {
	245	isakmp_close();
	246	initfds();
	247	sched_new(5, check_rtsock, NULL);
	248	} else {
	249	isakmp_close_sockets();
	250	isakmp_open();
	251	initfds();
	252	}
	253	continue;
52b7d2ce A	254	}
	255	/NOTREACHED/
	256	}
	257
	258	#ifdef ENABLE_ADMINPORT
	259	if ((lcconf->sock_admin != -1) &&
	260	(FD_ISSET(lcconf->sock_admin, &rfds)))
	261	admin_handler();
	262	#endif
	263	#ifdef ENABLE_VPNCONTROL_PORT
	264	{
	265	struct vpnctl_socket_elem *elem;
	266	struct vpnctl_socket_elem *t_elem;
	267
	268	if ((lcconf->sock_vpncontrol != -1) &&
	269	(FD_ISSET(lcconf->sock_vpncontrol, &rfds))) {
	270	vpncontrol_handler();
	271	update_fds = 1; // in case new socket created - update mask
	272	}
	273	/* The handler may close and remove the list element
	274	* so we can't rely on it being valid after calling
	275	* the handler.
	276	*/
	277	LIST_FOREACH_SAFE(elem, &lcconf->vpnctl_comm_socks, chain, t_elem) {
	278	if ((elem->sock != -1) &&
	279	(FD_ISSET(elem->sock, &rfds)))
	280	if (vpncontrol_comm_handler(elem))
	281	update_fds = 1; // socket closed by peer - update mask
	282	}
	283	}
d1e348cf	284	#endif
52b7d2ce A	285
	286	for (p = lcconf->myaddrs; p; p = p->next) {
	287	if (!p->addr)
	288	continue;
	289	if (FD_ISSET(p->sock, &rfds))
	290	if ((error = isakmp_handler(p->sock)) == -2)
	291	break;
	292	}
	293	if (error == -2) {
	294	if (lcconf->autograbaddr) {
	295	/* serious socket problem - close all listening sockets and re-open */
	296	isakmp_close();
	297	initfds();
	298	sched_new(5, check_rtsock, NULL);
	299	continue;
	300	} else {
	301	isakmp_close_sockets();
	302	isakmp_open();
	303	initfds();
	304	continue;
	305	}
	306	}
	307
	308	if (FD_ISSET(lcconf->sock_pfkey, &rfds))
	309	pfkey_handler();
	310
	311	if (lcconf->rtsock >= 0 && FD_ISSET(lcconf->rtsock, &rfds)) {
	312	if (update_myaddrs() && lcconf->autograbaddr)
	313	if (check_rtsock_sched == NULL) /* only schedule if not already done */
	314	check_rtsock_sched = sched_new(5, check_rtsock, NULL);
	315	// initfds(); //%%% BUG FIX - not needed here
	316	}
	317	if (update_fds) {
	318	initfds();
	319	update_fds = 0;
	320	}
	321	}
	322	}
	323
	324
	325	/* clear all status and exit program. */
	326	static void
	327	close_session()
	328	{
d1e348cf A	329	if ( terminated )
	330	flushph2(false);
	331	flushph1(false);
52b7d2ce A	332	close_sockets();
	333	backupsa_clean();
	334
	335	plog(LLV_INFO, LOCATION, NULL, "racoon shutdown\n");
	336	exit(0);
	337	}
	338
	339	static void
	340	check_rtsock(p)
	341	void *p;
	342	{
	343
	344	check_rtsock_sched = NULL;
	345	grab_myaddrs();
	346	isakmp_close_unused();
	347
	348	autoconf_myaddrsport();
	349	isakmp_open();
	350
	351	/* initialize socket list again */
	352	initfds();
	353	}
	354
	355	static void
	356	initfds()
	357	{
	358	struct myaddrs *p;
	359
	360	nfds = 0;
	361
	362	FD_ZERO(&mask0);
	363	FD_ZERO(&maskdying);
	364
	365	#ifdef ENABLE_ADMINPORT
	366	if (lcconf->sock_admin != -1) {
	367	if (lcconf->sock_admin >= FD_SETSIZE) {
	368	plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - admin socket\n");
	369	exit(1);
	370	}
	371	FD_SET(lcconf->sock_admin, &mask0);
	372	/* XXX should we listen on admin socket when dying ?
	373	*/
	374	#if 0
	375	FD_SET(lcconf->sock_admin, &maskdying);
	376	#endif
	377	nfds = (nfds > lcconf->sock_admin ? nfds : lcconf->sock_admin);
	378	}
	379	#endif
	380	#ifdef ENABLE_VPNCONTROL_PORT
	381	{
	382	struct vpnctl_socket_elem *elem;
	383
	384	if (lcconf->sock_vpncontrol != -1) {
	385	if (lcconf->sock_vpncontrol >= FD_SETSIZE) {
	386	plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - vpncontrol socket\n");
	387	exit(1);
	388	}
	389	FD_SET(lcconf->sock_vpncontrol, &mask0);
	390	nfds = (nfds > lcconf->sock_vpncontrol ? nfds : lcconf->sock_vpncontrol);
	391	}
	392
	393	LIST_FOREACH(elem, &lcconf->vpnctl_comm_socks, chain) {
	394	if (elem->sock != -1) {
	395	if (elem->sock >= FD_SETSIZE) {
396	plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun vpnctl_comm socket\n");
397	exit(1);
398	}
399	FD_SET(elem->sock, &mask0);
400	nfds = (nfds > elem->sock ? nfds : elem->sock);
401	}
402	}
403	}
52b7d2ce A	404	#endif
	405
	406	if (lcconf->sock_pfkey >= FD_SETSIZE) {
	407	plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - pfkey socket\n");
	408	exit(1);
	409	}
	410	FD_SET(lcconf->sock_pfkey, &mask0);
	411	FD_SET(lcconf->sock_pfkey, &maskdying);
	412	nfds = (nfds > lcconf->sock_pfkey ? nfds : lcconf->sock_pfkey);
	413	if (lcconf->rtsock >= 0) {
	414	if (lcconf->rtsock >= FD_SETSIZE) {
	415	plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - rt socket\n");
	416	exit(1);
	417	}
	418	FD_SET(lcconf->rtsock, &mask0);
	419	nfds = (nfds > lcconf->rtsock ? nfds : lcconf->rtsock);
	420	}
d1e348cf	421
52b7d2ce A	422	for (p = lcconf->myaddrs; p; p = p->next) {
	423	if (!p->addr)
	424	continue;
	425	if (p->sock < 0)
	426	continue;
	427	if (p->sock >= FD_SETSIZE) {
	428	plog(LLV_ERROR2, LOCATION, NULL, "fd_set overrun - isakmp socket\n");
	429	exit(1);
	430	}
	431	FD_SET(p->sock, &mask0);
	432	nfds = (nfds > p->sock ? nfds : p->sock);
	433	}
	434	nfds++;
	435	}
	436
d1e348cf	437
52b7d2ce A	438	static int signals[] = {
	439	SIGHUP,
	440	SIGINT,
	441	SIGTERM,
	442	SIGUSR1,
	443	SIGUSR2,
	444	SIGCHLD,
	445	SIGPIPE,
	446	0
	447	};
	448
	449	/*
	450	* asynchronous requests will actually dispatched in the
	451	* main loop in session().
	452	*/
	453	RETSIGTYPE
	454	signal_handler(sig)
	455	int sig;
	456	{
	457	/* Do not just set it to 1, because we may miss some signals by just setting
	458	* values to 0/1
	459	*/
	460	sigreq[sig]++;
d1e348cf A	461	if ( sig == SIGTERM ){
	462	terminated = 1;
	463	}
52b7d2ce A	464	}
	465
	466	static void
	467	check_sigreq()
	468	{
	469	int sig;
	470
	471	/*
	472	* XXX We are not able to tell if we got
	473	* several time the same signal. This is
	474	* not a problem for the current code,
	475	* but we shall remember this limitation.
	476	*/
	477	for (sig = 0; sig <= NSIG; sig++) {
	478	if (sigreq[sig] == 0)
	479	continue;
	480
	481	sigreq[sig]--;
	482	switch(sig) {
	483	case 0:
	484	return;
	485
	486	/* Catch up childs, mainly scripts.
	487	*/
	488	case SIGCHLD:
	489	{
	490	pid_t pid;
	491	int s;
	492
	493	pid = wait(&s);
	494	}
	495	break;
	496
	497	#ifdef DEBUG_RECORD_MALLOCATION
	498	/*
	499	* XXX This operation is signal handler unsafe and may lead to
	500	* crashes and security breaches: See Henning Brauer talk at
	501	* EuroBSDCon 2005. Do not run in production with this option
	502	* enabled.
	503	*/
	504	case SIGUSR2:
	505	DRM_dump();
	506	break;
	507	#endif
	508
d1e348cf	509	case SIGUSR1:
52b7d2ce	510	case SIGHUP:
d1e348cf A	511	#ifdef ENABLE_HYBRID
	512	if ((isakmp_cfg_init(ISAKMP_CFG_INIT_WARM)) != 0) {
	513	plog(LLV_ERROR, LOCATION, NULL,
	514	"ISAKMP mode config structure reset failed, "
	515	"not reloading\n");
	516	return;
	517	}
	518	#endif
	519	if ( terminated )
	520	break;
	521
52b7d2ce A	522	/* Save old configuration, load new one... */
	523	isakmp_close();
	524	close(lcconf->rtsock);
d1e348cf	525	if (cfreparse(sig)) {
52b7d2ce A	526	plog(LLV_ERROR2, LOCATION, NULL,
	527	"configuration read failed\n");
	528	exit(1);
	529	}
	530	if (lcconf->logfile_param == NULL)
	531	plogreset(lcconf->pathinfo[LC_PATHTYPE_LOGFILE]);
	532
	533	initmyaddr();
	534	isakmp_cleanup();
d1e348cf A	535	#ifdef __APPLE__
	536	isakmp_init(true);
	537	#else
52b7d2ce	538	isakmp_init();
d1e348cf	539	#endif /* __APPLE__ */
52b7d2ce	540	initfds();
d1e348cf A	541	#if TARGET_OS_EMBEDDED
	542	if (no_remote_configs()) {
	543	EVT_PUSH(NULL, NULL, EVTT_RACOON_QUIT, NULL);
	544	pfkey_send_flush(lcconf->sock_pfkey, SADB_SATYPE_UNSPEC);
	545	#ifdef ENABLE_FASTQUIT
	546	close_session();
	547	#else
	548	sched_new(1, check_flushsa_stub, NULL);
	549	#endif
	550	dying = 1;
	551	}
	552	#endif
52b7d2ce A	553	break;
	554
	555	case SIGINT:
	556	case SIGTERM:
	557	plog(LLV_INFO, LOCATION, NULL,
	558	"caught signal %d\n", sig);
	559	EVT_PUSH(NULL, NULL, EVTT_RACOON_QUIT, NULL);
	560	pfkey_send_flush(lcconf->sock_pfkey,
	561	SADB_SATYPE_UNSPEC);
d1e348cf A	562	if ( sig == SIGTERM ){
	563	terminated = 1; /* in case if it hasn't been set yet */
	564	close_session();
	565	}
	566	else
	567	sched_new(1, check_flushsa_stub, NULL);
	568
	569	dying = 1;
52b7d2ce A	570	break;
	571
	572	default:
	573	plog(LLV_INFO, LOCATION, NULL,
	574	"caught signal %d\n", sig);
	575	break;
	576	}
	577	}
	578	}
	579
	580	/*
	581	* waiting the termination of processing until sending DELETE message
	582	* for all inbound SA will complete.
	583	*/
	584	static void
	585	check_flushsa_stub(p)
	586	void *p;
	587	{
	588
	589	check_flushsa();
	590	}
	591
	592	static void
	593	check_flushsa()
	594	{
	595	vchar_t *buf;
	596	struct sadb_msg msg, end, *next;
	597	struct sadb_sa *sa;
	598	caddr_t mhp[SADB_EXT_MAX + 1];
	599	int n;
	600
	601	buf = pfkey_dump_sadb(SADB_SATYPE_UNSPEC);
	602	if (buf == NULL) {
	603	plog(LLV_DEBUG, LOCATION, NULL,
	604	"pfkey_dump_sadb: returned nothing.\n");
	605	return;
	606	}
	607
	608	msg = (struct sadb_msg *)buf->v;
	609	end = (struct sadb_msg *)(buf->v + buf->l);
	610
	611	/* counting SA except of dead one. */
	612	n = 0;
	613	while (msg < end) {
	614	if (PFKEY_UNUNIT64(msg->sadb_msg_len) < sizeof(*msg))
	615	break;
	616	next = (struct sadb_msg *)((caddr_t)msg + PFKEY_UNUNIT64(msg->sadb_msg_len));
	617	if (msg->sadb_msg_type != SADB_DUMP) {
	618	msg = next;
	619	continue;
	620	}
	621
	622	if (pfkey_align(msg, mhp) \|\| pfkey_check(mhp)) {
	623	plog(LLV_ERROR, LOCATION, NULL,
	624	"pfkey_check (%s)\n", ipsec_strerror());
	625	msg = next;
	626	continue;
	627	}
	628
	629	sa = (struct sadb_sa *)(mhp[SADB_EXT_SA]);
	630	if (!sa) {
	631	msg = next;
	632	continue;
	633	}
634
635	if (sa->sadb_sa_state != SADB_SASTATE_DEAD) {
636	n++;
637	msg = next;
638	continue;
639	}
640
641	msg = next;
642	}
643
644	if (buf != NULL)
645	vfree(buf);
646
647	if (n) {
648	sched_new(1, check_flushsa_stub, NULL);
649	return;
650	}
651
652	close_session();
d1e348cf A	653	#if !TARGET_OS_EMBEDDED
	654	if (lcconf->vt)
	655	vproc_transaction_end(NULL, lcconf->vt);
	656	#endif
52b7d2ce A	657	}
	658
	659	void
	660	auto_exit_do(void *p)
	661	{
	662	EVT_PUSH(NULL, NULL, EVTT_RACOON_QUIT, NULL);
d1e348cf A	663	plog(LLV_DEBUG, LOCATION, NULL,
d1e348cf A	664	"performing auto exit\n");
52b7d2ce A	665	pfkey_send_flush(lcconf->sock_pfkey, SADB_SATYPE_UNSPEC);
	666	sched_new(1, check_flushsa_stub, NULL);
	667	dying = 1;
	668	}
	669
	670	void
	671	check_auto_exit(void)
	672	{
52b7d2ce A	673	if (lcconf->auto_exit_sched != NULL) { /* exit scheduled? */
	674	if (lcconf->auto_exit_state != LC_AUTOEXITSTATE_ENABLED
	675	\|\| vpn_control_connected() /* vpn control connected */
d1e348cf	676	\|\| policies_installed()) /* policies installed in kernel */
52b7d2ce A	677	SCHED_KILL(lcconf->auto_exit_sched);
	678	} else { /* exit not scheduled */
	679	if (lcconf->auto_exit_state == LC_AUTOEXITSTATE_ENABLED
d1e348cf	680	&& !vpn_control_connected()
52b7d2ce A	681	&& !policies_installed())
	682	if (lcconf->auto_exit_delay == 0)
	683	auto_exit_do(NULL); /* immediate exit */
	684	else
	685	lcconf->auto_exit_sched = sched_new(lcconf->auto_exit_delay, auto_exit_do, NULL);
	686	}
	687	}
	688
	689
	690	static void
	691	init_signal()
	692	{
	693	int i;
	694
	695	for (i = 0; signals[i] != 0; i++)
	696	if (set_signal(signals[i], signal_handler) < 0) {
	697	plog(LLV_ERROR2, LOCATION, NULL,
	698	"failed to set_signal (%s)\n",
	699	strerror(errno));
	700	exit(1);
	701	}
	702	}
	703
	704	static int
	705	set_signal(sig, func)
	706	int sig;
	707	RETSIGTYPE (*func) __P((int));
	708	{
	709	struct sigaction sa;
	710
	711	memset((caddr_t)&sa, 0, sizeof(sa));
	712	sa.sa_handler = func;
	713	sa.sa_flags = SA_RESTART;
	714
	715	if (sigemptyset(&sa.sa_mask) < 0)
	716	return -1;
	717
	718	if (sigaction(sig, &sa, (struct sigaction *)0) < 0)
	719	return(-1);
	720
	721	return 0;
	722	}
	723
	724	static int
	725	close_sockets()
	726	{
	727	isakmp_close();
	728	pfkey_close(lcconf->sock_pfkey);
	729	#ifdef ENABLE_ADMINPORT
	730	(void)admin_close();
	731	#endif
	732	#ifdef ENABLE_VPNCONTROL_PORT
	733	vpncontrol_close();
	734	#endif
	735	return 0;
	736	}
	737
d1e348cf	738