void
app_shutdown(void)
{
run_application_hook(AH_SHUTDOWN);
log_template_global_deinit();
log_tags_global_deinit();
log_msg_global_deinit();
stats_destroy();
child_manager_deinit();
g_list_foreach(application_hooks, (GFunc) g_free, NULL);
g_list_free(application_hooks);
dns_cache_thread_deinit();
dns_cache_global_deinit();
hostname_global_deinit();
crypto_deinit();
msg_deinit();
/* NOTE: the iv_deinit() call should come here, but there's some exit
* synchronization issue in libivykis that causes use-after-free with the
* thread-local-state for the main thread and iv_work_pool worker threads.
* I've dropped a mail to Lennert about the issue, but I'm commenting this
* out for now to avoid it biting someone. Bazsi, 2013/12/23.
*
*
iv_deinit();
*/
}
void mvWLAN_deinit_crypt_lib(local_info_t *local)
{
if (timer_pending(&local->crypt_deinit_timer))
del_timer(&local->crypt_deinit_timer);
crypt_deinit_entries(local, 1);
#ifndef AP_WPA2
if (local->crypt) {
if (local->crypt->ops)
local->crypt->ops->deinit(local->crypt->priv);
kfree(local->crypt);
local->crypt = NULL;
}
#else
if (local->sysConfig->Mib802dot11->Privacy.RSNEnabled) {
if (local->tkip_crypt) {
if (local->tkip_crypt->ops)
local->tkip_crypt->ops->deinit(local->tkip_crypt->priv);
kfree(local->tkip_crypt);
local->tkip_crypt = NULL;
}
if (local->ccmp_crypt) {
if (local->ccmp_crypt->ops)
local->ccmp_crypt->ops->deinit(local->ccmp_crypt->priv);
kfree(local->ccmp_crypt);
local->ccmp_crypt = NULL;
}
local->crypt = local->multicast_crypt = NULL;
} else {
if (local->crypt) {
if (local->crypt->ops)
local->crypt->ops->deinit(local->crypt->priv);
kfree(local->crypt);
local->crypt = NULL;
}
}
#endif
crypto_deinit();
}
static void
stop(PluginOption *option)
{
if (!option)
{
ERROR("invalid option refernce\n");
return;
}
DEBUG("plugin stop\n");
thread_run = FALSE;
/* wait all threads to finish */
for (int j =0 ; j<active_thread_count+idle_thread_count; j++)
{
GThread *thread_id = g_ptr_array_index(thread_array,j);
if (!thread_id)
continue;
g_thread_join(thread_id);
}
/* call syslog-ng's crypto deinit */
if (active_thread_count+idle_thread_count>0)
crypto_deinit();
if (thread_lock)
g_mutex_free(thread_lock);
if (thread_start)
g_cond_free(thread_start);
if (thread_connected)
g_cond_free(thread_connected);
DEBUG("all %d+%d threads have been stoped\n",
active_thread_count,
idle_thread_count);
}
static struct context *
core_ctx_create(struct instance *nci)
{
rstatus_t status;
struct context *ctx;
srand((unsigned) time(NULL));
ctx = dn_alloc(sizeof(*ctx));
if (ctx == NULL) {
return NULL;
}
ctx->id = ++ctx_id;
ctx->cf = NULL;
ctx->stats = NULL;
ctx->evb = NULL;
array_null(&ctx->pool);
ctx->max_timeout = nci->stats_interval;
ctx->timeout = ctx->max_timeout;
ctx->dyn_state = INIT;
/* parse and create configuration */
ctx->cf = conf_create(nci->conf_filename);
if (ctx->cf == NULL) {
loga("Failed to create context!!!");
dn_free(ctx);
return NULL;
}
/* initialize server pool from configuration */
status = server_pool_init(&ctx->pool, &ctx->cf->pool, ctx);
if (status != DN_OK) {
loga("Failed to initialize server pool!!!");
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
/* crypto init */
status = crypto_init(ctx);
if (status != DN_OK) {
loga("Failed to initialize crypto!!!");
dn_free(ctx);
return NULL;
}
/* create stats per server pool */
ctx->stats = stats_create(nci->stats_port, nci->stats_addr, nci->stats_interval,
nci->hostname, &ctx->pool, ctx);
if (ctx->stats == NULL) {
loga("Failed to create stats!!!");
crypto_deinit();
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
/* initialize event handling for client, proxy and server */
ctx->evb = event_base_create(EVENT_SIZE, &core_core);
if (ctx->evb == NULL) {
loga("Failed to create socket event handling!!!");
crypto_deinit();
stats_destroy(ctx->stats);
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
/* preconnect? servers in server pool */
status = server_pool_preconnect(ctx);
if (status != DN_OK) {
loga("Failed to preconnect for server pool!!!");
crypto_deinit();
server_pool_disconnect(ctx);
event_base_destroy(ctx->evb);
stats_destroy(ctx->stats);
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
/* initialize proxy per server pool */
status = proxy_init(ctx);
if (status != DN_OK) {
loga("Failed to initialize proxy!!!");
crypto_deinit();
server_pool_disconnect(ctx);
event_base_destroy(ctx->evb);
stats_destroy(ctx->stats);
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
/* initialize dnode listener per server pool */
status = dnode_init(ctx);
if (status != DN_OK) {
loga("Failed to initialize dnode!!!");
crypto_deinit();
server_pool_disconnect(ctx);
event_base_destroy(ctx->evb);
stats_destroy(ctx->stats);
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
ctx->dyn_state = JOINING; //TODOS: change this to JOINING
/* initialize peers */
status = dnode_peer_init(&ctx->pool, ctx);
if (status != DN_OK) {
loga("Failed to initialize dnode peers!!!");
crypto_deinit();
dnode_deinit(ctx);
server_pool_disconnect(ctx);
event_base_destroy(ctx->evb);
stats_destroy(ctx->stats);
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
core_debug(ctx);
/* preconntect peers - probably start gossip here */
status = dnode_peer_pool_preconnect(ctx);
if (status != DN_OK) {
loga("Failed to preconnect dnode peers!!!");
crypto_deinit();
dnode_peer_deinit(&ctx->pool);
dnode_deinit(ctx);
server_pool_disconnect(ctx);
event_base_destroy(ctx->evb);
stats_destroy(ctx->stats);
server_pool_deinit(&ctx->pool);
conf_destroy(ctx->cf);
dn_free(ctx);
return NULL;
}
//init ring msg queue
CBUF_Init(C2G_InQ);
CBUF_Init(C2G_OutQ);
//init stats msg queue
CBUF_Init(C2S_InQ);
CBUF_Init(C2S_OutQ);
gossip_pool_init(ctx);
log_debug(LOG_VVERB, "created ctx %p id %"PRIu32"", ctx, ctx->id);
return ctx;
}
void vpn_thread(void *arg)
{
struct Ctunnel *ct;
struct Network *n;
int ret = 0;
time_t t, tl;
unsigned char *data = NULL;
unsigned char *rwind = NULL;
struct timeval tv;
fd_set rfd;
#ifdef HAVE_OPENSSL
do_encrypt = openssl_do_encrypt;
do_decrypt = openssl_do_decrypt;
crypto_init = openssl_crypto_init;
crypto_deinit = openssl_crypto_deinit;
crypto_reset = openssl_crypto_reset;
#else
do_encrypt = gcrypt_do_encrypt;
do_decrypt = gcrypt_do_decrypt;
crypto_init = gcrypt_crypto_init;
crypto_deinit = gcrypt_crypto_deinit;
crypto_reset = gcrypt_crypto_reset;
#endif
struct xfer_stats rx_st, tx_st;
t = tl = time(NULL);
ct = (struct Ctunnel *) arg;
if (ct->opt.comp == 1)
ct->comp = z_compress_init(ct->opt);
/* Data size, plus int for channel */
data = malloc(ct->opt.packet_size);
rwind = data;
xfer_stats_init(&tx_st, (int) t);
xfer_stats_init(&rx_st, (int) t);
if (ct->opt.stats == 1)
xfer_stats_print(stdout, &tx_st, &rx_st);
while (1) {
FD_ZERO(&rfd);
FD_SET(ct->net_srv->sockfd, &rfd);
FD_SET(ct->tunfd, &rfd);
//FD_SET(ct->p[0], &rfd);
tv.tv_sec = 10;
tv.tv_usec = 0;
if (ct->opt.proto == UDP) {
crypto_reset(ct->ectx, ct->opt, 1);
crypto_reset(ct->dctx, ct->opt, 0);
}
ret = select(ct->net_srv->sockfd + ct->tunfd, &rfd,
NULL, NULL, &tv);
// for ppp
//ret = select(ct->net_srv->sockfd + ct->tunfd, &rfd,
// NULL, NULL, NULL);
t = time(NULL);
if (ct->opt.stats == 1)
xfer_stats_print(stdout, &tx_st, &rx_st);
/* Not functioning
if (ret == 0 || (t > tl+10)) {
if (ct->opt.role != SERVER) {
ping(ct, ct->net_srv);
}
tl = t;
}
Need to redial server if connection timeout, make sure to
re-resolv address before connect
*/
if (ret > 0) {
n = ct->net_srv;
if (FD_ISSET(ct->tunfd, &rfd)) {
*data++ = PACKET_DATA;
ret = read(ct->tunfd, data, ct->opt.packet_size);
data = rwind;
if (ret > 0 && n) {
if ((ret = net_write(ct, n, data,
ret + sizeof(int), 1)) < 0)
ctunnel_log(stderr, LOG_CRIT,
"net_write:%d %s", __LINE__,
strerror(errno));
xfer_stats_update(&tx_st, ct->net_srv->rate.tx.total, t);
} else {
ctunnel_log(stderr, LOG_CRIT,
"tunfd read:%d %s", __LINE__,
strerror(errno));
}
}
if (FD_ISSET(ct->net_srv->sockfd, &rfd)) {
ret = net_read(ct, n, data,
ct->opt.packet_size, 1);
if (ret > 0) {
xfer_stats_update(&rx_st, ct->net_srv->rate.rx.total, t);
if (*data == PACKET_DATA) {
if ((connected(n) < 0) && (ct->opt.role == SERVER)) {
data = rwind;
*data++ = PACKET_REUP;
data = rwind;
net_write(ct, n, data, sizeof(int) * 2, 1);
} else {
data++;
write(ct->tunfd, data, ret - sizeof(int));
data = rwind;
}
}
if (*data == PACKET_CONRQ) {
ctunnel_log(stdout, LOG_INFO, "Connect request from %s",
inet_ntoa((struct in_addr)
ct->net_srv->addr.sin_addr));
vpn_handshake(ct);
}
/* Not functioning
if (*data == PACKET_PING) {
ct->seen = time(NULL);
if (ct->opt.role == SERVER)
ping(ct, ct->net_srv);
}
*/
if ((*data == PACKET_REUP) && ct->opt.role != SERVER) {
vpn_handshake(ct);
}
} else {
ctunnel_log(stderr, LOG_CRIT, "net_read:74 %s",
strerror(errno));
break;
}
}
}
}
FD_CLR(ct->net_srv->sockfd, &rfd);
FD_CLR(ct->tunfd, &rfd);
pthread_mutex_lock(&mutex);
threads[ct->id] = 2;
pthread_mutex_unlock(&mutex);
net_close(ct->net_srv);
free(data);
fprintf(stdout, "VPN Disconnect\n");
crypto_deinit(ct->ectx);
crypto_deinit(ct->dctx);
pthread_exit(0);
}
void *ctunnel_mainloop(void *arg)
{
struct Ctunnel *ct;
struct Network *net_srv;
struct Network *net_cli;
unsigned char *data;
fd_set rfd;
int ret = 0, dir = 0;
extern int threads[MAX_THREADS];
struct timeval tv;
#ifdef HAVE_OPENSSL
do_encrypt = openssl_do_encrypt;
do_decrypt = openssl_do_decrypt;
crypto_init = openssl_crypto_init;
crypto_deinit = openssl_crypto_deinit;
#else
do_encrypt = gcrypt_do_encrypt;
do_decrypt = gcrypt_do_decrypt;
crypto_init = gcrypt_crypto_init;
crypto_deinit = gcrypt_crypto_deinit;
#endif
ct = (struct Ctunnel *) arg;
if (ct->opt.proto == TCP) {
net_srv = calloc(1, sizeof(struct Network));
net_cli = calloc(1, sizeof(struct Network));
net_cli->sockfd = (int) ct->clisockfd;
net_srv->sockfd = (int) ct->srvsockfd;
} else {
net_srv = (struct Network *) ct->net_srv;
net_cli = (struct Network *) ct->net_cli;
}
if (ct->opt.proxy == 0) {
ct->ectx = crypto_init(ct->opt, 1);
ct->dctx = crypto_init(ct->opt, 0);
}
if (ct->opt.comp == 1)
ct->comp = z_compress_init(ct->opt);
data = calloc(1, sizeof(char *) * ct->opt.packet_size);
while (1) {
if (ct->opt.proto == UDP && ct->opt.proxy == 0) {
crypto_deinit(ct->ectx);
crypto_deinit(ct->dctx);
ct->ectx = crypto_init(ct->opt, 1);
ct->dctx = crypto_init(ct->opt, 0);
}
tv.tv_sec = 5;
tv.tv_usec = 0;
FD_ZERO(&rfd);
FD_SET(net_srv->sockfd, &rfd);
FD_SET(net_cli->sockfd, &rfd);
ret = select(net_srv->sockfd + net_cli->sockfd + 1, &rfd,
NULL, NULL, &tv);
if (ret < 0)
break;
if (FD_ISSET(net_srv->sockfd, &rfd)) {
if (ct->opt.role == 0)
dir = 0;
if (ct->opt.role == 1)
dir = 1;
ret = net_read(ct, net_srv, data, ct->opt.packet_size, dir);
if (ct->opt.role == 0)
dir = 1;
if (ct->opt.role == 1)
dir = 0;
ret = net_write(ct, net_cli, data, ret, dir);
memset(data, 0x00, sizeof(char *) * ct->opt.packet_size);
if (ret <= 0) /* Connection finished */
break;
}
if (FD_ISSET(net_cli->sockfd, &rfd)) {
if (ct->opt.role == 0)
dir = 1;
if (ct->opt.role == 1)
dir = 0;
ret = net_read(ct, net_cli, data, ct->opt.packet_size, dir);
if (ret <= 0)
break;
if (ct->opt.role == 0)
dir = 0;
if (ct->opt.role == 1)
dir = 1;
ret = net_write(ct, net_srv, data, ret, dir);
memset(data, 0x00, sizeof(char *) * ct->opt.packet_size);
if (ret <= 0) {
fprintf(stdout, "net_write %s:%d\n", __FILE__, __LINE__);
break;
}
}
if (ct->opt.proto == UDP && ct->opt.comp == 1) {
z_compress_reset(ct->comp);
}
memset(data, 0x00, sizeof(char *) * ct->opt.packet_size);
}
/* Connection closed */
FD_CLR(net_cli->sockfd, &rfd);
FD_CLR(net_srv->sockfd, &rfd);
if (ct->opt.proto == TCP) {
pthread_mutex_lock(&mutex);
threads[ct->id] = 2;
pthread_mutex_unlock(&mutex);
//fprintf(stdout, "THREAD: Exit %d\n", ct->id);
net_close(net_cli);
net_close(net_srv);
if (ct->opt.proxy == 0) {
crypto_deinit(ct->ectx);
crypto_deinit(ct->dctx);
}
if (ct->opt.comp == 1) {
z_compress_end(ct->comp);
}
free(net_cli);
free(net_srv);
}
//free(ct);
free(data);
if (ct->opt.proto == TCP)
pthread_exit(0);
return NULL;
}
