void
__pmSecureServerShutdown(void)
{
PM_INIT_LOCKS();
PM_LOCK(secureserver_lock);
if (secure_server.certificate) {
CERT_DestroyCertificate(secure_server.certificate);
secure_server.certificate = NULL;
}
if (secure_server.private_key) {
SECKEY_DestroyPrivateKey(secure_server.private_key);
secure_server.private_key = NULL;
}
if (secure_server.ssl_session_cache_setup) {
SSL_ShutdownServerSessionIDCache();
secure_server.ssl_session_cache_setup = 0;
}
if (secure_server.initialized) {
NSS_Shutdown();
secure_server.initialized = 0;
}
PM_UNLOCK(secureserver_lock);
}
int
main(int argc, char * const argv[])
{
struct qnetd_instance instance;
struct qnetd_advanced_settings advanced_settings;
char *host_addr;
uint16_t host_port;
int foreground;
int debug_log;
int bump_log_priority;
enum tlv_tls_supported tls_supported;
int client_cert_required;
size_t max_clients;
PRIntn address_family;
int lock_file;
int another_instance_running;
if (qnetd_advanced_settings_init(&advanced_settings) != 0) {
errx(1, "Can't alloc memory for advanced settings");
}
cli_parse(argc, argv, &host_addr, &host_port, &foreground, &debug_log, &bump_log_priority,
&tls_supported, &client_cert_required, &max_clients, &address_family, &advanced_settings);
if (foreground) {
qnetd_log_init(QNETD_LOG_TARGET_STDERR);
} else {
qnetd_log_init(QNETD_LOG_TARGET_SYSLOG);
}
qnetd_log_set_debug(debug_log);
qnetd_log_set_priority_bump(bump_log_priority);
/*
* Daemonize
*/
if (!foreground) {
utils_tty_detach();
}
if ((lock_file = utils_flock(advanced_settings.lock_file, getpid(),
&another_instance_running)) == -1) {
if (another_instance_running) {
qnetd_log(LOG_ERR, "Another instance is running");
} else {
qnetd_log_err(LOG_ERR, "Can't acquire lock");
}
exit(1);
}
qnetd_log(LOG_DEBUG, "Initializing nss");
if (nss_sock_init_nss((tls_supported != TLV_TLS_UNSUPPORTED ?
advanced_settings.nss_db_dir : NULL)) != 0) {
qnetd_err_nss();
}
if (SSL_ConfigServerSessionIDCache(0, 0, 0, NULL) != SECSuccess) {
qnetd_err_nss();
}
if (qnetd_instance_init(&instance, tls_supported, client_cert_required,
max_clients, &advanced_settings) == -1) {
qnetd_log(LOG_ERR, "Can't initialize qnetd");
exit(1);
}
instance.host_addr = host_addr;
instance.host_port = host_port;
if (tls_supported != TLV_TLS_UNSUPPORTED && qnetd_instance_init_certs(&instance) == -1) {
qnetd_err_nss();
}
qnetd_log(LOG_DEBUG, "Initializing local socket");
if (qnetd_ipc_init(&instance) != 0) {
return (1);
}
qnetd_log(LOG_DEBUG, "Creating listening socket");
instance.server.socket = nss_sock_create_listen_socket(instance.host_addr,
instance.host_port, address_family);
if (instance.server.socket == NULL) {
qnetd_err_nss();
}
if (nss_sock_set_non_blocking(instance.server.socket) != 0) {
qnetd_err_nss();
}
if (PR_Listen(instance.server.socket, instance.advanced_settings->listen_backlog) !=
PR_SUCCESS) {
qnetd_err_nss();
}
global_instance = &instance;
signal_handlers_register();
qnetd_log(LOG_DEBUG, "Registering algorithms");
if (qnetd_algorithm_register_all() != 0) {
exit(1);
}
qnetd_log(LOG_DEBUG, "QNetd ready to provide service");
/*
* MAIN LOOP
*/
while (qnetd_poll(&instance) == 0) {
}
/*
* Cleanup
*/
qnetd_ipc_destroy(&instance);
if (PR_Close(instance.server.socket) != PR_SUCCESS) {
qnetd_warn_nss();
}
CERT_DestroyCertificate(instance.server.cert);
SECKEY_DestroyPrivateKey(instance.server.private_key);
SSL_ClearSessionCache();
SSL_ShutdownServerSessionIDCache();
qnetd_instance_destroy(&instance);
qnetd_advanced_settings_destroy(&advanced_settings);
if (NSS_Shutdown() != SECSuccess) {
qnetd_warn_nss();
}
if (PR_Cleanup() != PR_SUCCESS) {
qnetd_warn_nss();
}
qnetd_log_close();
return (0);
}
