knopwatchd.c

Revision 814, 23.9 kB (checked in by mbr, 1 year ago)

- Added the ability to force the fwknopd and knoptm daemons to restart

themselves (via knopwatchd) after a configurable timeout (see the
ENABLE_VOLUNTARY_EXITS and EXIT_INTERVAL variables in the
/etc/fwknop/fwknop.conf file). This feature is for those that want
fwknopd to go through its initialization routine periodically just in
case there is a logic (or other) bug that might result in fwknopd not
accepting a valid SPA packet. NOTE: This feature is disabled by default,
and is not normally needed since fwknopd is quite stable in most
deployments.

- Minor bugfix to have knopwatchd generate syslog messages whenever an

fwknop daemon needs to be restarted.

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

Line
1	/*
2	*****************************************************************************
3	*
4	* File: knopwatchd.c
5	*
6	* Purpose: knopwatchd checks on an interval of every five seconds to make
7	* sure that both knopmd and fwknop are running on the box. If
8	* either daemon has died, knopwatchd will restart it and notify
9	* each email address in EMAIL_ADDRESSES that the daemon has been
10	* restarted.
11	*
12	* Author: Michael Rash (mbr@cipherdyne.org)
13	*
14	* Credits: (see the CREDITS file)
15	*
16	* Version: 1.8
17	*
18	* Copyright (C) 2004-2007 Michael Rash (mbr@cipherdyne.org)
19	*
20	* License (GNU Public License):
21	*
22	* This program is distributed in the hope that it will be useful,
23	* but WITHOUT ANY WARRANTY; without even the implied warranty of
24	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25	* GNU General Public License for more details.
26	*
27	* You should have received a copy of the GNU General Public License
28	* along with this program; if not, write to the Free Software
29	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
30	* USA
31	*
32	*****************************************************************************
33	*
34	* $Id$
35	*/
36
37	/ includes /
38	#include "fwknop.h"
39
40	/ defines /
41	#define FWKNOP_CONF "/etc/fwknop/fwknop.conf"
42
43	/ globals /
44	unsigned short int fwknopd_syscalls_ctr = 0;
45	unsigned short int knopmd_syscalls_ctr = 0;
46	unsigned short int no_email = 0;
47	unsigned short int check_knopmd = 1;
48	unsigned short int check_knoptm = 0; / PCAP-based rule timeouts /
49	const char mail_redr[] = " < /dev/null > /dev/null 2>&1";
50	char hostname[MAX_GEN_LEN];
51	char mail_addrs[MAX_GEN_LEN];
52	char shCmd[MAX_GEN_LEN];
53	char mailCmd[MAX_GEN_LEN];
54	char config_file[MAX_PATH_LEN];
55	char fwknop_run_dir[MAX_PATH_LEN];
56	char alerting_methods[MAX_GEN_LEN];
57	char fwknopdCmd[MAX_PATH_LEN];
58	char fwknopd_pid_file[MAX_PATH_LEN];
59	char fwknopd_cmdline_file[MAX_PATH_LEN];
60	char knopmdCmd[MAX_PATH_LEN];
61	char knoptmCmd[MAX_PATH_LEN];
62	char knopmd_pid_file[MAX_PATH_LEN];
63	char knoptm_pid_file[MAX_PATH_LEN];
64	char knopwatchd_pid_file[MAX_PATH_LEN];
65	char char_knopwatchd_check_interval[MAX_NUM_LEN];
66	char char_knopwatchd_max_retries[MAX_NUM_LEN];
67	unsigned int knopwatchd_check_interval = 5; / default to 5 seconds /
68	unsigned int knopwatchd_max_retries = 10; / default to 10 tries /
69
70	static volatile sig_atomic_t received_sighup = 0;
71
72	/ prototypes /
73	static void parse_config(void);
74	static void expand_config_vars(void);
75	static void find_sub_var_value(
76	char *value,
77	char *sub_var,
78	char *pre_str,
79	char *post_str
80	);
81
82	static void check_process(
83	const char *pid_name,
84	const char *pid_file,
85	const char *cmdline_file,
86	const char *binary_path,
87	unsigned int max_retries
88	);
89	static void check_auth_mode(void);
90	static void incr_syscall_ctr(const char pid_name, unsigned* int max_retries);
91	static void reset_syscall_ctr(const char *pid_name);
92	static void give_up(const char *pid_name);
93	static void exec_binary(const char binary_path, const* char *cmdline_file);
94	static void sighup_handler(int sig);
95
96	/ main /
97	int main(int argc, char *argv[]) {
98	int cmdlopt;
99
100	#ifdef DEBUG
101	fprintf(stderr, "[+] Entering DEBUG mode...\n");
102	sleep(1);
103	#endif
104
105	strlcpy(config_file, FWKNOP_CONF, MAX_PATH_LEN);
106
107	/ handle command line arguments /
108	while((cmdlopt = getopt(argc, argv, "c:")) != -1) {
109	switch(cmdlopt) {
110	case 'c':
111	strlcpy(config_file, optarg, MAX_PATH_LEN);
112	break;
113	default:
114	printf("[+] Usage: knopwatchd [-c <config file>] ");
115	exit(EXIT_FAILURE);
116	}
117	}
118
119	#ifdef DEBUG
120	fprintf(stderr, "[+] parsing config_file: %s\n", config_file);
121	#endif
122
123	/ parse the config file /
124	parse_config();
125
126	/ see if we are supposed to disable all email alerts /
127	if (strncmp("noemail", alerting_methods, MAX_GEN_LEN) == 0)
128	no_email = 1;
129
130	/ first make sure there isn't another knopwatchd already running /
131	check_unique_pid(knopwatchd_pid_file, "knopwatchd");
132
133	#ifndef DEBUG
134	/ become a daemon /
135	daemonize_process(knopwatchd_pid_file);
136	#endif
137
138	/ install signal handler for HUP signals /
139	signal(SIGHUP, sighup_handler);
140
141	/ start doing the real work now that the daemon is running and*
142	* the config file has been processed */
143
144	/ MAIN LOOP /
145	for (;;) {
146	/ restart processes as necessary /
147	check_process("fwknopd", fwknopd_pid_file, fwknopd_cmdline_file,
148	fwknopdCmd, knopwatchd_max_retries);
149
150	if (check_knopmd)
151	check_process("knopmd", knopmd_pid_file, NULL,
152	knopmdCmd, knopwatchd_max_retries);
153
154	if (check_knoptm)
155	check_process("knoptm", knoptm_pid_file, NULL,
156	knoptmCmd, knopwatchd_max_retries);
157
158	/ sleep and then check to see if we received any signals /
159	sleep(knopwatchd_check_interval);
160
161	/ check for sighup /
162	if (received_sighup) {
163	received_sighup = 0;
164	#ifdef DEBUG
165	fprintf(stderr, "[+] re-parsing config file: %s\n", config_file);
166	#endif
167	/ reparse the config file since we received a*
168	* HUP signal */
169	parse_config();
170
171	slogr("fwknopd(knopwatchd)",
172	"received HUP signal, re-imported fwknop.conf");
173	}
174	}
175
176	/ this statement doesn't get executed, but for completeness... /
177	exit(EXIT_SUCCESS);
178	}
179	/***************** end main *****************/
180
181	static void check_process(
182	const char *pid_name,
183	const char *pid_file,
184	const char *cmdline_file,
185	const char *binary_path,
186	unsigned int max_retries)
187	{
188	FILE *pidfile_ptr;
189	pid_t pid;
190	unsigned short int restart = 0;
191	char mail_str[MAX_MSG_LEN] = "";
192	char syslog_str[MAX_MSG_LEN] = "";
193	char pid_line[MAX_PID_SIZE];
194
195	if ((pidfile_ptr = fopen(pid_file, "r")) == NULL) {
196	#ifdef DEBUG
197	fprintf(stderr, "[+] Could not open pid_file: %s\n", pid_file);
198	#endif
199	/ the pid file must not exist (or we can't read it), so*
200	* setup to start the appropriate process */
201	restart = 1;
202	}
203
204	/ read the first line of the pid_file, which will contain the*
205	* process id of any running pid_name process. */
206	if (! restart) {
207	if (fgets(pid_line, MAX_PID_SIZE, pidfile_ptr) == NULL) {
208	#ifdef DEBUG
209	fprintf(stderr, "[+] Could not read the pid_file: %s\n", pid_file);
210	#endif
211	/ see if we need to give up /
212	incr_syscall_ctr(pid_name, max_retries);
213	fclose(pidfile_ptr);
214	return;
215	}
216
217	/ convert the pid_line into an integer /
218	pid = atoi(pid_line);
219
220	/ close the pid_file now that we have read it /
221	fclose(pidfile_ptr);
222
223	if (kill(pid, 0) != 0) {
224	/ the process is not running so start it /
225	restart = 1;
226	}
227	}
228
229	if (restart) {
230	#ifdef DEBUG
231	fprintf(stderr, "[+] executing exec_binary(%s)\n", binary_path);
232	#endif
233	snprintf(mail_str, MAX_MSG_LEN,
234	*" -s \"[] knopwatchd: Restarting %s on %s\" %s%s"**,
235	pid_name, hostname, mail_addrs, mail_redr);
236	mail_str[MAX_MSG_LEN-1] = '\0';
237
238	#ifdef DEBUG
239	fprintf(stderr, "[+] sending mail: %s\n", mail_str);
240	#endif
241
242	snprintf(syslog_str, MAX_MSG_LEN,
243	"restarting %s on %s", pid_name, hostname);
244	slogr("fwknopd(knopwatchd)", syslog_str);
245
246	if (! no_email) {
247	/ send the email /
248	send_alert_email(shCmd, mailCmd, mail_str);
249	}
250
251	/ execute the binary_path fwknopd daemon /
252	exec_binary(binary_path, cmdline_file);
253
254	/ increment the number of times we have tried to restart the binary /
255	incr_syscall_ctr(pid_name, max_retries);
256	} else {
257	#ifdef DEBUG
258	fprintf(stderr, "[+] %s is running.\n", pid_name);
259	#endif
260	/ reset the syscall counter since the process is successfully*
261	* running. */
262	reset_syscall_ctr(pid_name);
263	}
264	return;
265	}
266
267	static void incr_syscall_ctr(const char pid_name, unsigned* int max_retries)
268	{
269	if (strcmp("fwknopd", pid_name) == 0) {
270	fwknopd_syscalls_ctr++;
271	#ifdef DEBUG
272	fprintf(stderr,
273	"[+] %s not running. Trying to restart (%d tries so far).\n",
274	pid_name, fwknopd_syscalls_ctr);
275	#endif
276	if (fwknopd_syscalls_ctr >= max_retries)
277	give_up(pid_name);
278	} else if (strcmp("knopmd", pid_name) == 0) {
279	knopmd_syscalls_ctr++;
280	#ifdef DEBUG
281	fprintf(stderr,
282	"[+] %s not running. Trying to restart (%d tries so far).\n",
283	pid_name, knopmd_syscalls_ctr);
284	#endif
285	if (knopmd_syscalls_ctr >= max_retries)
286	give_up(pid_name);
287	}
288	return;
289	}
290
291	static void reset_syscall_ctr(const char *pid_name)
292	{
293	if (strcmp("fwknopd", pid_name) == 0) {
294	fwknopd_syscalls_ctr = 0;
295	} else if (strcmp("knopmd", pid_name) == 0) {
296	knopmd_syscalls_ctr = 0;
297	}
298	return;
299	}
300
301	static void give_up(const char *pid_name)
302	{
303	char mail_str[MAX_MSG_LEN] = "";
304	#ifdef DEBUG
305	fprintf(stderr, *"[] Could not restart %s process. Exiting.\n"**, pid_name);
306	#endif
307	snprintf(mail_str, MAX_MSG_LEN,
308	*" -s \"[] knopwatchd: Could not restart %s on %s. Exiting.\" %s%s"**,
309	pid_name, hostname, mail_addrs, mail_redr);
310	mail_str[MAX_MSG_LEN-1] = '\0';
311
312	if (! no_email) {
313	/ Send the email /
314	send_alert_email(shCmd, mailCmd, mail_str);
315	}
316	exit(EXIT_FAILURE);
317	}
318
319	static void exec_binary(const char binary, const* char *cmdlinefile)
320	{
321	FILE *cmdline_ptr;
322	char *prog_argv[MAX_ARG_LEN];
323	char cmdline_buf[MAX_LINE_BUF];
324	char *index;
325	pid_t child_pid;
326	int arg_num=0, non_ws, i;
327
328	prog_argv[arg_num] = (char *) safe_malloc(strlen(binary)+1);
329	if (prog_argv[arg_num] == NULL) {
330	exit(EXIT_FAILURE);
331	}
332	strlcpy(prog_argv[arg_num], binary, strlen(binary)+1);
333	arg_num++;
334
335	if (cmdlinefile != NULL) {
336	/ restart binary with its command line arguments intact /
337	if ((cmdline_ptr = fopen(cmdlinefile, "r")) == NULL) {
338	exit(EXIT_FAILURE);
339	}
340	if ((fgets(cmdline_buf, MAX_LINE_BUF, cmdline_ptr)) == NULL) {
341	exit(EXIT_FAILURE);
342	}
343	fclose(cmdline_ptr);
344
345	/ initialize index to the beginning of the line /
346	index = cmdline_buf;
347
348	/ advance the index pointer through any whitespace*
349	* at the beginning of the line */
350	while (index == ' '* \|\| index == '\t'*) index++;
351
352	while (index != '\n'* && index != '\0'*) {
353	non_ws = 0;
354	while (index != ' '* && index != '\t'*
355	&& index != '\0' && index != '\n'*) {
356	index++;
357	non_ws++;
358	}
359	prog_argv[arg_num] = (char *) safe_malloc(non_ws+1);
360	if (prog_argv[arg_num] == NULL) {
361	exit(EXIT_FAILURE);
362	}
363	for (i=0; i<non_ws; i++)
364	prog_argv[arg_num][i] = *(index - (non_ws - i));
365	prog_argv[arg_num][i] = '\0';
366
367	arg_num++;
368
369	/ get past any whitespace /
370	while (index == ' '* \|\| index == '\t'*) index++;
371	}
372	}
373
374	if (arg_num >= MAX_ARG_LEN)
375	exit(EXIT_FAILURE);
376	prog_argv[arg_num] = NULL;
377
378	if ((child_pid = fork()) < 0)
379	/ could not fork /
380	exit(EXIT_FAILURE);
381	else if (child_pid > 0) {
382	wait(NULL);
383	for (i=0; i<=arg_num; i++) {
384	free(prog_argv[i]);
385	}
386	} else {
387	#ifdef DEBUG
388	fprintf(stderr, "[+] restarting %s\n", binary);
389	#endif
390	execve(binary, prog_argv, NULL); / don't use environment /
391	}
392	return;
393	}
394
395	static void parse_config(void)
396	{
397	FILE config_ptr; /* FILE pointer to the config file /
398	int linectr = 0;
399	char config_buf[MAX_LINE_BUF];
400	char char_knopwatchd_check_interval[MAX_NUM_LEN];
401	char char_knopwatchd_max_retries[MAX_NUM_LEN];
402	char *index;
403
404	/ first check to see if knopmd and knoptm should not be running (i.e.*
405	* AUTH_MODE in the fwknop.conf file is set to a pcap-based method).
406	* This will set check_knopmd and check_knoptm appropriately */
407	check_auth_mode();
408
409	if ((config_ptr = fopen(config_file, "r")) == NULL) {
410	perror(*"[] Could not open config file"**);
411	exit(EXIT_FAILURE);
412	}
413
414	/ increment through each line of the config file /
415	while ((fgets(config_buf, MAX_LINE_BUF, config_ptr)) != NULL) {
416	linectr++;
417	index = config_buf; / set the index pointer to the*
418	beginning of the line /*
419
420	/ advance the index pointer through any whitespace*
421	* at the beginning of the line */
422	while (index == ' '* \|\| index == '\t'*) index++;
423
424	/ skip comments and blank lines, etc. /
425	if ((index != '#') && (index != '\n') &&
426	(index != ';'*) && (index != NULL)) {
427
428	find_char_var("fwknopdCmd ", fwknopdCmd, index);
429	find_char_var("HOSTNAME ", hostname, index);
430	find_char_var("FWKNOP_RUN_DIR", fwknop_run_dir, index);
431	find_char_var("FWKNOP_PID_FILE ", fwknopd_pid_file, index);
432	find_char_var("FWKNOP_CMDLINE_FILE ", fwknopd_cmdline_file, index);
433	find_char_var("knopmdCmd ", knopmdCmd, index);
434	find_char_var("knoptmCmd ", knoptmCmd, index);
435	find_char_var("KNOPMD_PID_FILE ", knopmd_pid_file, index);
436	find_char_var("KNOPTM_PID_FILE ", knoptm_pid_file, index);
437	find_char_var("shCmd ", shCmd, index);
438	find_char_var("mailCmd ", mailCmd, index);
439	find_char_var("EMAIL_ADDRESSES ", mail_addrs, index);
440	find_char_var("KNOPWATCHD_CHECK_INTERVAL ",
441	char_knopwatchd_check_interval, index);
442	find_char_var("KNOPWATCHD_MAX_RETRIES ",
443	char_knopwatchd_max_retries, index);
444	find_char_var("KNOPWATCHD_PID_FILE ", knopwatchd_pid_file, index);
445	find_char_var("ALERTING_METHODS ", alerting_methods, index);
446	}
447	}
448	fclose(config_ptr);
449
450	if (fwknopdCmd[0] == '\0') {
451	fprintf(stderr, *"[] Could not get fwknopdCmd from %s\n"**,
452	config_file);
453	exit(EXIT_FAILURE);
454	}
455	if (hostname[0] == '\0') {
456	fprintf(stderr, *"[] Could not get HOSTNAME from %s\n"**,
457	config_file);
458	exit(EXIT_FAILURE);
459	}
460	if (fwknopd_pid_file[0] == '\0') {
461	fprintf(stderr, *"[] Could not get FWKNOP_PID_FILE from %s\n"**,
462	config_file);
463	exit(EXIT_FAILURE);
464	}
465	if (fwknopd_cmdline_file[0] == '\0') {
466	fprintf(stderr, *"[] Could not get FWKNOP_CMDLINE_FILE from %s\n"**,
467	config_file);
468	exit(EXIT_FAILURE);
469	}
470	if (knopmdCmd[0] == '\0') {
471	fprintf(stderr, *"[] Could not get knopmdCmd from %s\n"**,
472	config_file);
473	exit(EXIT_FAILURE);
474	}
475	if (knoptmCmd[0] == '\0') {
476	fprintf(stderr, *"[] Could not get knoptmCmd from %s\n"**,
477	config_file);
478	exit(EXIT_FAILURE);
479	}
480	if (knopmd_pid_file[0] == '\0') {
481	fprintf(stderr, *"[] Could not get KNOPMD_PID_FILE from %s\n"**,
482	config_file);
483	exit(EXIT_FAILURE);
484	}
485	if (knoptm_pid_file[0] == '\0') {
486	fprintf(stderr, *"[] Could not get KNOPTM_PID_FILE from %s\n"**,
487	config_file);
488	exit(EXIT_FAILURE);
489	}
490	if (shCmd[0] == '\0') {
491	fprintf(stderr, *"[] Could not get shCmd from %s\n"**,
492	config_file);
493	exit(EXIT_FAILURE);
494	}
495	if (mailCmd[0] == '\0') {
496	fprintf(stderr, *"[] Could not get mailCmd from %s\n"**,
497	config_file);
498	exit(EXIT_FAILURE);
499	}
500	if (mail_addrs[0] == '\0') {
501	fprintf(stderr, *"[] Could not get EMAIL_ADDRESSES from %s\n"**,
502	config_file);
503	exit(EXIT_FAILURE);
504	}
505	if (char_knopwatchd_check_interval[0] == '\0') {
506	fprintf(stderr, *"[] Could not get KNOPWATCHD_CHECK_INTERVAL from %s\n"**,
507	config_file);
508	exit(EXIT_FAILURE);
509	}
510	if (char_knopwatchd_max_retries[0] == '\0') {
511	fprintf(stderr, *"[] Could not get KNOPWATCHD_MAX_RETRIES from %s\n"**,
512	config_file);
513	exit(EXIT_FAILURE);
514	}
515	if (knopwatchd_pid_file[0] == '\0') {
516	fprintf(stderr, *"[] Could not get KNOPWATCHD_PID_FILE from %s\n"**,
517	config_file);
518	exit(EXIT_FAILURE);
519	}
520
521	/ resolve any embedded variables /
522	expand_config_vars();
523
524	knopwatchd_check_interval = atoi(char_knopwatchd_check_interval);
525	knopwatchd_max_retries = atoi(char_knopwatchd_max_retries);
526
527	return;
528	}
529
530	static void expand_config_vars(void)
531	{
532	char sub_var[MAX_GEN_LEN] = "";
533	char pre_str[MAX_GEN_LEN] = "";
534	char post_str[MAX_GEN_LEN] = "";
535	int found_sub_var = 1, resolve_ctr = 0;
536
537	while (found_sub_var) {
538	resolve_ctr++;
539	if (resolve_ctr >= 20) {
540	fprintf(stderr, *"[] Exceeded maximum variable resolution attempts.\n"**);
541	exit(EXIT_FAILURE);
542	}
543	found_sub_var = 0;
544	if (has_sub_var("EMAIL_ADDRESSES", mail_addrs, sub_var,
545	pre_str, post_str)) {
546	find_sub_var_value(mail_addrs, sub_var, pre_str, post_str);
547	found_sub_var = 1;
548	}
549
550	if (has_sub_var("HOSTNAME", hostname, sub_var,
551	pre_str, post_str)) {
552	find_sub_var_value(hostname, sub_var, pre_str, post_str);
553	found_sub_var = 1;
554	}
555
556	if (has_sub_var("FWKNOP_RUN_DIR", fwknop_run_dir, sub_var,
557	pre_str, post_str)) {
558	find_sub_var_value(fwknop_run_dir, sub_var, pre_str, post_str);
559	found_sub_var = 1;
560	}
561
562	if (has_sub_var("FWKNOP_PID_FILE", fwknopd_pid_file, sub_var,
563	pre_str, post_str)) {
564	find_sub_var_value(fwknopd_pid_file, sub_var, pre_str, post_str);
565	found_sub_var = 1;
566	}
567
568	if (has_sub_var("FWKNOP_CMDLINE_FILE", fwknopd_cmdline_file, sub_var,
569	pre_str, post_str)) {
570	find_sub_var_value(fwknopd_cmdline_file, sub_var, pre_str, post_str);
571	found_sub_var = 1;
572	}
573
574	if (has_sub_var("KNOPMD_PID_FILE", knopmd_pid_file, sub_var,
575	pre_str, post_str)) {
576	find_sub_var_value(knopmd_pid_file, sub_var, pre_str, post_str);
577	found_sub_var = 1;
578	}
579
580	if (has_sub_var("KNOPTM_PID_FILE", knoptm_pid_file, sub_var,
581	pre_str, post_str)) {
582	find_sub_var_value(knoptm_pid_file, sub_var, pre_str, post_str);
583	found_sub_var = 1;
584	}
585
586	if (has_sub_var("KNOPWATCHD_PID_FILE", knopwatchd_pid_file, sub_var,
587	pre_str, post_str)) {
588	find_sub_var_value(knopwatchd_pid_file, sub_var, pre_str, post_str);
589	found_sub_var = 1;
590	}
591
592	if (has_sub_var("KNOPWATCHD_CHECK_INTERVAL",
593	char_knopwatchd_check_interval, sub_var,
594	pre_str, post_str)) {
595	find_sub_var_value(char_knopwatchd_check_interval,
596	sub_var, pre_str, post_str);
597	found_sub_var = 1;
598	}
599
600	if (has_sub_var("KNOPWATCHD_MAX_RETRIES", char_knopwatchd_max_retries,
601	sub_var, pre_str, post_str)) {
602	find_sub_var_value(char_knopwatchd_max_retries,
603	sub_var, pre_str, post_str);
604	found_sub_var = 1;
605	}
606
607	if (has_sub_var("mailCmd", mailCmd, sub_var,
608	pre_str, post_str)) {
609	find_sub_var_value(mailCmd, sub_var, pre_str, post_str);
610	found_sub_var = 1;
611	}
612
613	if (has_sub_var("shCmd", shCmd, sub_var,
614	pre_str, post_str)) {
615	find_sub_var_value(shCmd, sub_var, pre_str, post_str);
616	found_sub_var = 1;
617	}
618
619	if (has_sub_var("knopmdCmd", knopmdCmd, sub_var,
620	pre_str, post_str)) {
621	find_sub_var_value(knopmdCmd, sub_var, pre_str, post_str);
622	found_sub_var = 1;
623	}
624
625	if (has_sub_var("fwknopdCmd", fwknopdCmd, sub_var,
626	pre_str, post_str)) {
627	find_sub_var_value(fwknopdCmd, sub_var, pre_str, post_str);
628	found_sub_var = 1;
629	}
630	}
631
632	return;
633	}
634
635	static void find_sub_var_value(char value, char* sub_var, char* *pre_str,
636	char *post_str)
637	{
638	int found_var = 0;
639	if (strncmp(sub_var, "EMAIL_ADDRESSES", MAX_GEN_LEN) == 0) {
640	strlcpy(sub_var, mail_addrs, MAX_GEN_LEN);
641	found_var = 1;
642	} else if (strncmp(sub_var, "HOSTNAME", MAX_GEN_LEN) == 0) {
643	strlcpy(sub_var, hostname, MAX_GEN_LEN);
644	found_var = 1;
645	} else if (strncmp(sub_var, "FWKNOP_RUN_DIR", MAX_GEN_LEN) == 0) {
646	strlcpy(sub_var, fwknop_run_dir, MAX_GEN_LEN);
647	found_var = 1;
648	} else if (strncmp(sub_var, "FWKNOP_PID_FILE", MAX_GEN_LEN) == 0) {
649	strlcpy(sub_var, fwknopd_pid_file, MAX_GEN_LEN);
650	found_var = 1;
651	} else if (strncmp(sub_var, "FWKNOP_CMDLINE_FILE", MAX_GEN_LEN) == 0) {
652	strlcpy(sub_var, fwknopd_cmdline_file, MAX_GEN_LEN);
653	found_var = 1;
654	} else if (strncmp(sub_var, "KNOPMD_PID_FILE", MAX_GEN_LEN) == 0) {
655	strlcpy(sub_var, knopmd_pid_file, MAX_GEN_LEN);
656	found_var = 1;
657	} else if (strncmp(sub_var, "KNOPTM_PID_FILE", MAX_GEN_LEN) == 0) {
658	strlcpy(sub_var, knoptm_pid_file, MAX_GEN_LEN);
659	found_var = 1;
660	} else if (strncmp(sub_var, "KNOPWATCHD_PID_FILE", MAX_GEN_LEN) == 0) {
661	strlcpy(sub_var, knopwatchd_pid_file, MAX_GEN_LEN);
662	found_var = 1;
663	} else if (strncmp(sub_var, "KNOPWATCDHD_CHECK_INTERVAL", MAX_GEN_LEN) == 0) {
664	strlcpy(sub_var, char_knopwatchd_check_interval, MAX_GEN_LEN);
665	found_var = 1;
666	} else if (strncmp(sub_var, "KNOPWATCDHD_MAX_RETRIES", MAX_GEN_LEN) == 0) {
667	strlcpy(sub_var, char_knopwatchd_max_retries, MAX_GEN_LEN);
668	found_var = 1;
669	} else if (strncmp(sub_var, "mailCmd", MAX_GEN_LEN) == 0) {
670	strlcpy(sub_var, mailCmd, MAX_GEN_LEN);
671	found_var = 1;
672	} else if (strncmp(sub_var, "shCmd", MAX_GEN_LEN) == 0) {
673	strlcpy(sub_var, shCmd, MAX_GEN_LEN);
674	found_var = 1;
675	} else if (strncmp(sub_var, "knopmdCmd", MAX_GEN_LEN) == 0) {
676	strlcpy(sub_var, knopmdCmd, MAX_GEN_LEN);
677	found_var = 1;
678	} else if (strncmp(sub_var, "fwknopdCmd", MAX_GEN_LEN) == 0) {
679	strlcpy(sub_var, fwknopdCmd, MAX_GEN_LEN);
680	found_var = 1;
681	}
682
683	if (found_var)
684
685	/ substitute the variable value /
686	expand_sub_var_value(value, sub_var, pre_str, post_str);
687
688	else {
689	fprintf(stderr, *"[] Could not resolve sub-var: %s to a value.\n"**,
690	sub_var);
691	exit(EXIT_FAILURE);
692	}
693	return;
694	}
695
696	static void check_auth_mode(void)
697	{
698	FILE config_ptr; /* FILE pointer to the config file /
699	char config_buf[MAX_LINE_BUF];
700	char auth_mode[MAX_GEN_LEN];
701	char *index;
702
703	if ((config_ptr = fopen(FWKNOP_CONF, "r")) == NULL) {
704	fprintf(stderr, "[-] Could not open %s for reading.\n",
705	FWKNOP_CONF);
706	exit(EXIT_FAILURE);
707	}
708
709	auth_mode[0] = '\0';
710
711	/ increment through each line of the config file /
712	while ((fgets(config_buf, MAX_LINE_BUF, config_ptr)) != NULL) {
713	/ set the index pointer to the beginning of the line /
714	index = config_buf;
715
716	/ advance the index pointer through any whitespace*
717	* at the beginning of the line */
718	while (index == ' '* \|\| index == '\t'*) index++;
719
720	/ skip comments and blank lines, etc. /
721	if ((index != '#') && (index != '\n') &&
722	(index != ';'*) && (index != NULL)) {
723
724	find_char_var("AUTH_MODE ", auth_mode, index);
725	}
726	}
727	fclose(config_ptr);
728
729	/ see if we are using the ULOG_PCAP mode /
730	if (strncmp(auth_mode, "ULOG_PCAP", MAX_GEN_LEN) == 0)
731	check_knopmd = 0;
732
733	/ see if we are using the PCAP mode /
734	if (strncmp(auth_mode, "PCAP", MAX_GEN_LEN) == 0) {
735	check_knopmd = 0;
736	check_knoptm = 1;
737	}
738
739	return;
740	}
741
742	static void sighup_handler(int sig)
743	{
744	received_sighup = 1;
745	}

Note: See TracBrowser for help on using the browser.

root/fwknop/tags/fwknop-1.8.4-pre1/knopwatchd.c

Download in other formats: