#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
-#include <resolv.h>
#include <TargetConditionals.h>
#include <vproc_priv.h>
#include <dispatch/dispatch.h>
+#include <xpc/xpc.h>
+#include <os/transaction_private.h>
#include "libpfkey.h"
#include <libproc.h>
+#define IKEv1_TRANSACTION "IKEv1_Transaction"
+
extern pid_t racoon_pid;
extern int launchdlaunched;
static void close_session (int);
static int init_signal (void);
static int set_signal (int sig, RETSIGTYPE (*func) (int, siginfo_t *, void *));
-static void check_sigreq (void);
static void check_flushsa_stub (void *);
static void check_flushsa (void);
static void auto_exit_do (void *);
static volatile sig_atomic_t sigreq[NSIG + 1];
int terminated = 0;
+int pending_signal_handle = 0;
static int64_t racoon_keepalive = -1;
static NEPolicySessionRef policySession = NULL;
+static os_transaction_t g_ikev1_transaction = NULL;
+
/*
* This is used to (manually) update racoon's launchd keepalive, which is needed because racoon is (mostly)
* launched on demand and for <rdar://problem/8768510> requires a keepalive on dirty/failure exits.
"cannot open %s", pid_file);
}
}
-#if !TARGET_OS_EMBEDDED
+
+ if (g_ikev1_transaction == NULL) {
+ g_ikev1_transaction = os_transaction_create(IKEv1_TRANSACTION);
+ }
+
+#if !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
// enable keepalive for recovery (from crashes and bad exits... after init)
(void)launchd_update_racoon_keepalive(true);
-#endif // !TARGET_OS_EMBEDDED
+#endif // !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
// Off to the races!
if (!terminated) {
ike_session_flush_all_phase1(false);
close_sockets();
-#if !TARGET_OS_EMBEDDED
+ if (g_ikev1_transaction != NULL) {
+ os_release(g_ikev1_transaction);
+ g_ikev1_transaction = NULL;
+ }
+
+#if !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
// a clean exit, so disable launchd keepalive
(void)launchd_update_racoon_keepalive(false);
-#endif // !TARGET_OS_EMBEDDED
+#endif // !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
- plog(ASL_LEVEL_INFO, "racoon shutdown\n");
+ plog(ASL_LEVEL_NOTICE, "racoon shutdown\n");
exit(0);
}
return;
}
-#if !TARGET_OS_EMBEDDED
+#if !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
if (lcconf->vt)
vproc_transaction_end(NULL, lcconf->vt);
-#endif
+#endif // !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
close_session(0);
}
void
auto_exit_do(void *p)
{
- plog(ASL_LEVEL_DEBUG,
+ plog(ASL_LEVEL_NOTICE,
"performing auto exit\n");
#if ENABLE_NO_SA_FLUSH
close_session(0);
};
-static void
+void
check_sigreq()
{
int sig;
if (lcconf->logfile_param == NULL && logFileStr[0] == 0)
plogresetfile(lcconf->pathinfo[LC_PATHTYPE_LOGFILE]);
-#if TARGET_OS_EMBEDDED
+#if (TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
if (no_remote_configs(TRUE)) {
#if ENABLE_NO_SA_FLUSH
close_session(0);
dying();
#endif /* ENABLE_NO_SA_FLUSH */
}
-#endif
+#endif // (TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
break;
case SIGINT:
case SIGTERM:
- plog(ASL_LEVEL_INFO,
+ plog(ASL_LEVEL_NOTICE,
"caught signal %d\n", sig);
#if ENABLE_NO_SA_FLUSH
close_session(0);
break;
default:
- plog(ASL_LEVEL_INFO,
+ plog(ASL_LEVEL_NOTICE,
"caught signal %d\n", sig);
break;
}
signal_handler(int sig, siginfo_t *sigi, void *ctx)
{
#if 0
- plog(ASL_LEVEL_DEBUG,
+ plog(ASL_LEVEL_NOTICE,
"%s received signal %d from pid %d uid %d\n\n",
__FUNCTION__, sig, sigi->si_pid, sigi->si_uid);
#endif
if ( sig == SIGTERM ){
terminated = 1;
}
+
+ pending_signal_handle = 1;
dispatch_async(main_queue,
^{
- check_sigreq();
+ if (pending_signal_handle) {
+ check_sigreq();
+ pending_signal_handle = 0;
+ }
});
}
projects / apple / ipsec.git / blobdiff