From: Linda K. <lin...@hp...> - 2011-12-15 04:42:04
|
This allows the networking tests to reset ipsec on the lblnet_test_server, which also flushes the state. Signed-off-by: Linda Knippers <lin...@hp...> --- audit/utils/network-server/lblnet_tst_server.c | 56 +++++++++++++++++++++++- 1 files changed, 55 insertions(+), 1 deletions(-) diff --git a/audit/utils/network-server/lblnet_tst_server.c b/audit/utils/network-server/lblnet_tst_server.c index 13abff3..c626768 100644 --- a/audit/utils/network-server/lblnet_tst_server.c +++ b/audit/utils/network-server/lblnet_tst_server.c @@ -211,12 +211,64 @@ void ctl_echo(int sock, char *param) } /** + * ctl_ipsec - Handle the "ipsec" control message + * @sock: socket + * @param: parameter string + * + * Description: + * Call service ipsec with the restart param string + * format: + * + * ipsec:restart + * + * This is intended to be used by ipsec audit tests to flush + * the test server between runs. + * + */ +void ctl_ipsec(int sock, char *param) +{ + char *action_str; + int rc; + + if (param == NULL) { + SMSG(SMSG_ERR, fprintf(log_fd, "error(ipsec): bad message\n")); + return; + } + + /* Close leaked sockets, or we will get AVC denials requesting policy rule: + * allow run_init_t inetd_exec_t:file execute; + * For development/debugging it's better NOT to close the socket and leave + * the function call in a commented. */ + /* net_hlp_socket_close(&sock); */ + + /* parse the control message */ + action_str = strtok(param, ","); + + SMSG(SMSG_NOTICE, fprintf(log_fd, "action = (%10s)\n", + (char *) action_str)); + + pid_t pID = fork(); + if (pID == 0) { + rc = execl("/sbin/service", + "/sbin/service", + "ipsec", (char *) action_str, (char *) NULL); + if (rc == -1) + SMSG(SMSG_ERR, fprintf(log_fd, "error(ipsec): execl failed (%d)\n", errno)); + + } else if (pID < 0) { + SMSG(SMSG_ERR, fprintf(log_fd, "error(ipsec): fork failed\n")); + return; + } else + SMSG(SMSG_NOTICE, fprintf(log_fd, "parent process continues\n")); +} + +/** * ctl_audit_remote_call - Handle the "audit_remote_call" control message * @sock: socket * @param: parameter string * * Description: - * Call given funtion in audit-remote test actions. The control message + * Call given function in audit-remote test actions. The control message * format: * * audite_remote_call:<action,mode,caller_ipv4> @@ -1215,6 +1267,8 @@ int main(int argc, char *argv[]) ctl_nccon(rem_sock, ctl_param); } else if (strcasecmp(ctl_cmd, "audit_remote_call") == 0) { ctl_audit_remote_call(rem_sock, ctl_param); + } else if (strcasecmp(ctl_cmd, "ipsec") == 0) { + ctl_ipsec(rem_sock, ctl_param); } else { SMSG(SMSG_WARN, fprintf(log_fd, -- 1.7.4.4 |