diff options
| author | Martin Willi <martin@strongswan.org> | 2009-06-18 17:50:28 +0200 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-06-22 15:47:17 +0200 |
| commit | 960e0c104013207a9057e6e320b9cbf068cff013 (patch) | |
| tree | b41327bc17143129a0f1f006dd0d9f0fea65cecf | |
| parent | 20d4fc97cf5e5663f0f4489b4ec72080b6de34a8 (diff) | |
| download | strongswan-960e0c104013207a9057e6e320b9cbf068cff013.tar.bz2 strongswan-960e0c104013207a9057e6e320b9cbf068cff013.tar.xz | |
check integrity of plugins before loading
| -rw-r--r-- | src/libstrongswan/library.c | 12 | ||||
| -rw-r--r-- | src/libstrongswan/library.h | 6 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/plugin_loader.c | 15 |
3 files changed, 33 insertions, 0 deletions
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c index 8e5a8a611..17956ff4e 100644 --- a/src/libstrongswan/library.c +++ b/src/libstrongswan/library.c @@ -20,6 +20,7 @@ #include <utils.h> #include <chunk.h> +#include <debug.h> #include <utils/identification.h> #include <utils/host.h> #ifdef LEAK_DETECTIVE @@ -65,6 +66,10 @@ void library_deinit() this->public.fetcher->destroy(this->public.fetcher); this->public.db->destroy(this->public.db); this->public.printf_hook->destroy(this->public.printf_hook); + if (this->public.integrity) + { + this->public.integrity->destroy(this->public.integrity); + } #ifdef LEAK_DETECTIVE if (this->detective) @@ -119,5 +124,12 @@ void library_init(char *settings) this->public.fetcher = fetcher_manager_create(); this->public.db = database_factory_create(); this->public.plugins = plugin_loader_create(); + this->public.integrity = NULL; + + if (lib->settings->get_bool(lib->settings, + "libstrongswan.integrity_test", FALSE)) + { + this->public.integrity = integrity_checker_create(); + } } diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h index 35c6b686a..f1cbb90eb 100644 --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -59,6 +59,7 @@ #include <utils.h> #include <chunk.h> #include <settings.h> +#include <integrity_checker.h> #include <plugins/plugin_loader.h> #include <crypto/crypto_factory.h> #include <fetcher/fetcher_manager.h> @@ -108,6 +109,11 @@ struct library_t { settings_t *settings; /** + * integrity checker to verify code integrity + */ + integrity_checker_t *integrity; + + /** * is leak detective running? */ bool leak_detective; diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index ad5a9e240..f124a8e8b 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -20,8 +20,10 @@ #include <dlfcn.h> #include <limits.h> #include <stdio.h> +#include <link.h> #include <debug.h> +#include <integrity_checker.h> #include <utils/linked_list.h> #include <plugins/plugin.h> @@ -61,6 +63,12 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path, name); + if (lib->integrity && + !lib->integrity->check_file(lib->integrity, name, file)) + { + DBG1("file integrity test of plugin '%s' failed", name); + return NULL; + } handle = dlopen(file, RTLD_LAZY); if (handle == NULL) { @@ -74,6 +82,13 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, dlclose(handle); return NULL; } + if (lib->integrity && + !lib->integrity->check_segment(lib->integrity, name, constructor)) + { + DBG1("segment integrity test of plugin '%s' failed", name); + dlclose(handle); + return NULL; + } plugin = constructor(); if (plugin == NULL) { |