Example #1
0
void 
app_shutdown(void)
{
  run_application_hook(AH_SHUTDOWN);
  log_template_global_deinit();
  log_tags_global_deinit();
  log_msg_global_deinit();

  stats_destroy();
  child_manager_deinit();
  g_list_foreach(application_hooks, (GFunc) g_free, NULL);
  g_list_free(application_hooks);
  dns_cache_thread_deinit();
  dns_cache_global_deinit();
  hostname_global_deinit();
  crypto_deinit();
  msg_deinit();

  
  /* NOTE: the iv_deinit() call should come here, but there's some exit
   * synchronization issue in libivykis that causes use-after-free with the
   * thread-local-state for the main thread and iv_work_pool worker threads. 
   * I've dropped a mail to Lennert about the issue, but I'm commenting this
   * out for now to avoid it biting someone. Bazsi, 2013/12/23.
   *
   *

    iv_deinit();

   */
}
void mvWLAN_deinit_crypt_lib(local_info_t *local)
{
	if (timer_pending(&local->crypt_deinit_timer))
		del_timer(&local->crypt_deinit_timer);
	crypt_deinit_entries(local, 1);

#ifndef AP_WPA2
	if (local->crypt) {
		if (local->crypt->ops)
			local->crypt->ops->deinit(local->crypt->priv);
		kfree(local->crypt);
		local->crypt = NULL;
	}
#else
	if (local->sysConfig->Mib802dot11->Privacy.RSNEnabled) {

		if (local->tkip_crypt) {
			if (local->tkip_crypt->ops)
				local->tkip_crypt->ops->deinit(local->tkip_crypt->priv);
			kfree(local->tkip_crypt);
			local->tkip_crypt = NULL;
		}

		if (local->ccmp_crypt) {
			if (local->ccmp_crypt->ops)
				local->ccmp_crypt->ops->deinit(local->ccmp_crypt->priv);
			kfree(local->ccmp_crypt);
			local->ccmp_crypt = NULL;
		}

		local->crypt = local->multicast_crypt = NULL;

	} else {

		if (local->crypt) {
			if (local->crypt->ops)
				local->crypt->ops->deinit(local->crypt->priv);
			kfree(local->crypt);
			local->crypt = NULL;
		}

	}
#endif

	crypto_deinit();
}
Example #3
0
static void
stop(PluginOption *option)
{
  if (!option)
    {
      ERROR("invalid option refernce\n");
      return;
    }

  DEBUG("plugin stop\n");
  thread_run = FALSE;

  /* wait all threads to finish */
  for (int j =0 ; j<active_thread_count+idle_thread_count; j++)
    {
      GThread *thread_id = g_ptr_array_index(thread_array,j);
      if (!thread_id)
        continue;

      g_thread_join(thread_id);
    }

  /* call syslog-ng's crypto deinit */
  if (active_thread_count+idle_thread_count>0)
    crypto_deinit();

  if (thread_lock)
    g_mutex_free(thread_lock);

  if (thread_start)
    g_cond_free(thread_start);

  if (thread_connected)
    g_cond_free(thread_connected);

  DEBUG("all %d+%d threads have been stoped\n",
        active_thread_count,
        idle_thread_count);
}
Example #4
0
static struct context *
core_ctx_create(struct instance *nci)
{
	rstatus_t status;
	struct context *ctx;

	srand((unsigned) time(NULL));

	ctx = dn_alloc(sizeof(*ctx));
	if (ctx == NULL) {
		return NULL;
	}
	ctx->id = ++ctx_id;
	ctx->cf = NULL;
	ctx->stats = NULL;
	ctx->evb = NULL;
	array_null(&ctx->pool);
	ctx->max_timeout = nci->stats_interval;
	ctx->timeout = ctx->max_timeout;
	ctx->dyn_state = INIT;

	/* parse and create configuration */
	ctx->cf = conf_create(nci->conf_filename);
	if (ctx->cf == NULL) {
		loga("Failed to create context!!!");
		dn_free(ctx);
		return NULL;
	}

	/* initialize server pool from configuration */
	status = server_pool_init(&ctx->pool, &ctx->cf->pool, ctx);
	if (status != DN_OK) {
		loga("Failed to initialize server pool!!!");
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}


	/* crypto init */
    status = crypto_init(ctx);
    if (status != DN_OK) {
   	loga("Failed to initialize crypto!!!");
    	dn_free(ctx);
    	return NULL;
    }


	/* create stats per server pool */
	ctx->stats = stats_create(nci->stats_port, nci->stats_addr, nci->stats_interval,
			                  nci->hostname, &ctx->pool, ctx);
	if (ctx->stats == NULL) {
		loga("Failed to create stats!!!");
		crypto_deinit();
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	/* initialize event handling for client, proxy and server */
	ctx->evb = event_base_create(EVENT_SIZE, &core_core);
	if (ctx->evb == NULL) {
		loga("Failed to create socket event handling!!!");
		crypto_deinit();
		stats_destroy(ctx->stats);
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	/* preconnect? servers in server pool */
	status = server_pool_preconnect(ctx);
	if (status != DN_OK) {
		loga("Failed to preconnect for server pool!!!");
		crypto_deinit();
		server_pool_disconnect(ctx);
		event_base_destroy(ctx->evb);
		stats_destroy(ctx->stats);
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	/* initialize proxy per server pool */
	status = proxy_init(ctx);
	if (status != DN_OK) {
		loga("Failed to initialize proxy!!!");
		crypto_deinit();
		server_pool_disconnect(ctx);
		event_base_destroy(ctx->evb);
		stats_destroy(ctx->stats);
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	/* initialize dnode listener per server pool */
	status = dnode_init(ctx);
	if (status != DN_OK) {
		loga("Failed to initialize dnode!!!");
		crypto_deinit();
		server_pool_disconnect(ctx);
		event_base_destroy(ctx->evb);
		stats_destroy(ctx->stats);
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	ctx->dyn_state = JOINING;  //TODOS: change this to JOINING

	/* initialize peers */
	status = dnode_peer_init(&ctx->pool, ctx);
	if (status != DN_OK) {
		loga("Failed to initialize dnode peers!!!");
		crypto_deinit();
		dnode_deinit(ctx);
		server_pool_disconnect(ctx);
		event_base_destroy(ctx->evb);
		stats_destroy(ctx->stats);
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	core_debug(ctx);

	/* preconntect peers - probably start gossip here */
	status = dnode_peer_pool_preconnect(ctx);
	if (status != DN_OK) {
		loga("Failed to preconnect dnode peers!!!");
		crypto_deinit();
		dnode_peer_deinit(&ctx->pool);
		dnode_deinit(ctx);
		server_pool_disconnect(ctx);
		event_base_destroy(ctx->evb);
		stats_destroy(ctx->stats);
		server_pool_deinit(&ctx->pool);
		conf_destroy(ctx->cf);
		dn_free(ctx);
		return NULL;
	}

	//init ring msg queue
	CBUF_Init(C2G_InQ);
	CBUF_Init(C2G_OutQ);

	//init stats msg queue
	CBUF_Init(C2S_InQ);
	CBUF_Init(C2S_OutQ);

	gossip_pool_init(ctx);

	log_debug(LOG_VVERB, "created ctx %p id %"PRIu32"", ctx, ctx->id);

	return ctx;
}
Example #5
0
void vpn_thread(void *arg)
{
    struct Ctunnel *ct;
    struct Network *n;
    int ret = 0;
    time_t t, tl;
    unsigned char *data = NULL;
    unsigned char *rwind = NULL;
    struct timeval tv;
    fd_set rfd;
#ifdef HAVE_OPENSSL
    do_encrypt = openssl_do_encrypt;
    do_decrypt = openssl_do_decrypt;
    crypto_init = openssl_crypto_init;
    crypto_deinit = openssl_crypto_deinit;
    crypto_reset = openssl_crypto_reset;
#else
    do_encrypt = gcrypt_do_encrypt;
    do_decrypt = gcrypt_do_decrypt;
    crypto_init = gcrypt_crypto_init;
    crypto_deinit = gcrypt_crypto_deinit;
    crypto_reset = gcrypt_crypto_reset;
#endif
    struct xfer_stats rx_st, tx_st;

    t = tl = time(NULL);
    ct = (struct Ctunnel *) arg;

    if (ct->opt.comp == 1)
	ct->comp = z_compress_init(ct->opt);

    /* Data size, plus int for channel */
    data = malloc(ct->opt.packet_size);
    rwind = data;

    xfer_stats_init(&tx_st, (int) t);
    xfer_stats_init(&rx_st, (int) t);
    if (ct->opt.stats == 1)
	xfer_stats_print(stdout, &tx_st, &rx_st);

    while (1) {
	FD_ZERO(&rfd);
	FD_SET(ct->net_srv->sockfd, &rfd);
	FD_SET(ct->tunfd, &rfd);
	//FD_SET(ct->p[0], &rfd);

	tv.tv_sec = 10;
	tv.tv_usec = 0;

	if (ct->opt.proto == UDP) {
            crypto_reset(ct->ectx, ct->opt, 1);
            crypto_reset(ct->dctx, ct->opt, 0);
	}
	ret = select(ct->net_srv->sockfd + ct->tunfd, &rfd,
		     NULL, NULL, &tv);
	// for ppp
	//ret = select(ct->net_srv->sockfd + ct->tunfd, &rfd,
	//	     NULL, NULL, NULL);
	t = time(NULL);

	if (ct->opt.stats == 1)
	    xfer_stats_print(stdout, &tx_st, &rx_st);

        /* Not functioning 
	if (ret == 0 || (t > tl+10)) { 
	    if (ct->opt.role != SERVER) {
	    	ping(ct, ct->net_srv);
	    }
	    tl = t;
	}
	Need to redial server if connection timeout, make sure to
	re-resolv address before connect
	*/

	if (ret > 0) {
            n = ct->net_srv;
	    if (FD_ISSET(ct->tunfd, &rfd)) {
		*data++ = PACKET_DATA;
		ret = read(ct->tunfd, data, ct->opt.packet_size);
		data = rwind;
		if (ret > 0 && n) {
		    if ((ret = net_write(ct, n, data,
			           ret + sizeof(int), 1)) < 0)
			ctunnel_log(stderr, LOG_CRIT, 
			            "net_write:%d %s", __LINE__,
				    strerror(errno));
		    xfer_stats_update(&tx_st, ct->net_srv->rate.tx.total, t);
		} else {
		    ctunnel_log(stderr, LOG_CRIT,
		                "tunfd read:%d %s", __LINE__,
				strerror(errno));
		}
	    }
	    if (FD_ISSET(ct->net_srv->sockfd, &rfd)) {
		ret = net_read(ct, n, data,
			       ct->opt.packet_size, 1);
		if (ret > 0) {
		    xfer_stats_update(&rx_st, ct->net_srv->rate.rx.total, t);
		    if (*data == PACKET_DATA) {
			if ((connected(n) < 0) && (ct->opt.role == SERVER)) {
			    data = rwind;
			    *data++ = PACKET_REUP;
			    data = rwind;
			    net_write(ct, n, data, sizeof(int) * 2, 1);
			} else {
			    data++;
			    write(ct->tunfd, data, ret - sizeof(int));
			    data = rwind;
			}
		    }
		    if (*data == PACKET_CONRQ) {
			ctunnel_log(stdout, LOG_INFO, "Connect request from %s",
		                   inet_ntoa((struct in_addr)
			           ct->net_srv->addr.sin_addr));
		       vpn_handshake(ct);
		   }
		   /* Not functioning
		   if (*data == PACKET_PING) {
		       ct->seen = time(NULL);
		       if (ct->opt.role == SERVER) 
			   ping(ct, ct->net_srv);
		   }
		   */
		   if ((*data == PACKET_REUP) && ct->opt.role != SERVER) {
		       vpn_handshake(ct);
		   }

		} else {
		    ctunnel_log(stderr, LOG_CRIT, "net_read:74 %s",
				strerror(errno));
		    break;
		}
	    }
	}
    }
    FD_CLR(ct->net_srv->sockfd, &rfd);
    FD_CLR(ct->tunfd, &rfd);
    pthread_mutex_lock(&mutex);
    threads[ct->id] = 2;
    pthread_mutex_unlock(&mutex);
    net_close(ct->net_srv);
    free(data);
    fprintf(stdout, "VPN Disconnect\n");
    crypto_deinit(ct->ectx);
    crypto_deinit(ct->dctx);
    pthread_exit(0);
}
Example #6
0
void *ctunnel_mainloop(void *arg)
{
    struct Ctunnel *ct;
    struct Network *net_srv;
    struct Network *net_cli;
    unsigned char *data;
    fd_set rfd;
    int ret = 0, dir = 0;
    extern int threads[MAX_THREADS];
    struct timeval tv;
#ifdef HAVE_OPENSSL
    do_encrypt = openssl_do_encrypt;
    do_decrypt = openssl_do_decrypt;
    crypto_init = openssl_crypto_init;
    crypto_deinit = openssl_crypto_deinit;
#else
    do_encrypt = gcrypt_do_encrypt;
    do_decrypt = gcrypt_do_decrypt;
    crypto_init = gcrypt_crypto_init;
    crypto_deinit = gcrypt_crypto_deinit;
#endif

    ct = (struct Ctunnel *) arg;

    if (ct->opt.proto == TCP) {
	net_srv = calloc(1, sizeof(struct Network));
	net_cli = calloc(1, sizeof(struct Network));
	net_cli->sockfd = (int) ct->clisockfd;
	net_srv->sockfd = (int) ct->srvsockfd;
    } else {
	net_srv = (struct Network *) ct->net_srv;
	net_cli = (struct Network *) ct->net_cli;
    }

    if (ct->opt.proxy == 0) {
	ct->ectx = crypto_init(ct->opt, 1);
	ct->dctx = crypto_init(ct->opt, 0);
    }


    if (ct->opt.comp == 1)
	ct->comp = z_compress_init(ct->opt);

    data = calloc(1, sizeof(char *) * ct->opt.packet_size);

    while (1) {
	if (ct->opt.proto == UDP && ct->opt.proxy == 0) {
	    crypto_deinit(ct->ectx);
	    crypto_deinit(ct->dctx);
	    ct->ectx = crypto_init(ct->opt, 1);
	    ct->dctx = crypto_init(ct->opt, 0);
	}

	tv.tv_sec = 5;
	tv.tv_usec = 0;

	FD_ZERO(&rfd);
	FD_SET(net_srv->sockfd, &rfd);
	FD_SET(net_cli->sockfd, &rfd);
	ret = select(net_srv->sockfd + net_cli->sockfd + 1, &rfd,
		     NULL, NULL, &tv);
	if (ret < 0)
	    break;

	if (FD_ISSET(net_srv->sockfd, &rfd)) {
	    if (ct->opt.role == 0)
		dir = 0;
	    if (ct->opt.role == 1)
		dir = 1;

	    ret = net_read(ct, net_srv, data, ct->opt.packet_size, dir);

	    if (ct->opt.role == 0)
		dir = 1;
	    if (ct->opt.role == 1)
		dir = 0;

	    ret = net_write(ct, net_cli, data, ret, dir);

	    memset(data, 0x00, sizeof(char *) * ct->opt.packet_size);

	    if (ret <= 0) /* Connection finished */ 
		break;
	}
	if (FD_ISSET(net_cli->sockfd, &rfd)) {
	    if (ct->opt.role == 0)
		dir = 1;
	    if (ct->opt.role == 1)
		dir = 0;

	    ret = net_read(ct, net_cli, data, ct->opt.packet_size, dir);
	    if (ret <= 0)
		break;

	    if (ct->opt.role == 0)
		dir = 0;
	    if (ct->opt.role == 1)
		dir = 1;

	    ret = net_write(ct, net_srv, data, ret, dir);

	    memset(data, 0x00, sizeof(char *) * ct->opt.packet_size);

	    if (ret <= 0) {
		fprintf(stdout, "net_write %s:%d\n", __FILE__, __LINE__);
		break;
	    }
	}
	if (ct->opt.proto == UDP && ct->opt.comp == 1) {
	    z_compress_reset(ct->comp);
	}
	memset(data, 0x00, sizeof(char *) * ct->opt.packet_size);
    }
    /* Connection closed */
    FD_CLR(net_cli->sockfd, &rfd);
    FD_CLR(net_srv->sockfd, &rfd);

    if (ct->opt.proto == TCP) {
	pthread_mutex_lock(&mutex);
	threads[ct->id] = 2;
	pthread_mutex_unlock(&mutex);
	//fprintf(stdout, "THREAD: Exit %d\n", ct->id);
	net_close(net_cli);
	net_close(net_srv);
	if (ct->opt.proxy == 0) {
	    crypto_deinit(ct->ectx);
	    crypto_deinit(ct->dctx);
	}
	if (ct->opt.comp == 1) {
	    z_compress_end(ct->comp);
	}

	free(net_cli);
	free(net_srv);
    }
    //free(ct);
    free(data);
    if (ct->opt.proto == TCP)
	pthread_exit(0);
    return NULL;
}