X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Ftincctl.c;h=2db9f2356bb6d9f1805e18d918e2175350203b70;hb=6011197be5cdb18aa79713990d6a1887b9261d12;hp=f41e0307b6abeed018ba207df1a8e81a79bef35d;hpb=76955a6c8b7a76d00ed401853c9d283e32d9ce1c;p=tinc diff --git a/src/tincctl.c b/src/tincctl.c index f41e0307..2db9f235 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -1,6 +1,6 @@ /* tincctl.c -- Controlling a running tincd - Copyright (C) 2007-2016 Guus Sliepen + Copyright (C) 2007-2017 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -74,6 +74,9 @@ bool netnamegiven = false; char *scriptinterpreter = NULL; char *scriptextension = ""; static char *prompt; +char *device = NULL; +char *iface = NULL; +int debug_level = -1; static struct option const long_options[] = { {"batch", no_argument, NULL, 'b'}, @@ -89,7 +92,7 @@ static struct option const long_options[] = { static void version(void) { printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE, BUILD_VERSION, BUILD_DATE, BUILD_TIME, PROT_MAJOR, PROT_MINOR); - printf("Copyright (C) 1998-2016 Ivo Timmermans, Guus Sliepen and others.\n" + printf("Copyright (C) 1998-2017 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -446,11 +449,13 @@ static bool rsa_keygen(int bits, bool ask) { // Make sure the key size is a multiple of 8 bits. bits &= ~0x7; - // Force them to be between 1024 and 8192 bits long. - if(bits < 1024) - bits = 1024; - if(bits > 8192) - bits = 8192; + // Make sure that a valid key size is used. + if(bits < 1024 || bits > 8192) { + fprintf(stderr, "Invalid key size %d specified! It should be between 1024 and 8192 bits.\n", bits); + return false; + } else if(bits < 2048) { + fprintf(stderr, "WARNING: generating a weak %d bits RSA key! 2048 or more bits are recommended.\n", bits); + } fprintf(stderr, "Generating %d bits keys:\n", bits); @@ -560,6 +565,7 @@ bool sendline(int fd, char *format, ...) { va_start(ap, format); blen = vsnprintf(buffer, sizeof buffer, format, ap); + buffer[sizeof buffer - 1] = 0; va_end(ap); if(blen < 1 || blen >= sizeof buffer) @@ -720,6 +726,14 @@ bool connect_tincd(bool verbose) { fclose(f); #ifndef HAVE_MINGW + if ((pid == 0) || (kill(pid, 0) && (errno == ESRCH))) { + fprintf(stderr, "Could not find tincd running at pid %d\n", pid); + /* clean up the stale socket and pid file */ + unlink(pidfilename); + unlink(unixsocketname); + return false; + } + struct sockaddr_un sa; sa.sun_family = AF_UNIX; strncpy(sa.sun_path, unixsocketname, sizeof sa.sun_path); @@ -878,7 +892,7 @@ static int cmd_start(int argc, char *argv[]) { if(!pid) { close(pfd[0]); - char buf[100] = ""; + char buf[100]; snprintf(buf, sizeof buf, "%d", pfd[1]); setenv("TINC_UMBILICAL", buf, true); exit(execvp(c, nargv)); @@ -1384,7 +1398,7 @@ static int cmd_pid(int argc, char *argv[]) { return 1; } - if(!connect_tincd(true) && !pid) + if(!connect_tincd(true) || !pid) return 1; printf("%d\n", pid); @@ -2513,10 +2527,12 @@ static int cmd_verify(int argc, char *argv[]) { char *newline = memchr(data, '\n', len); if(!newline || (newline - data > MAX_STRING_SIZE - 1)) { fprintf(stderr, "Invalid input\n"); + free(data); return 1; } *newline++ = '\0'; + size_t skip = newline - data; char signer[MAX_STRING_SIZE] = ""; char sig[MAX_STRING_SIZE] = ""; @@ -2524,11 +2540,13 @@ static int cmd_verify(int argc, char *argv[]) { if(sscanf(data, "Signature = %s %ld %s", signer, &t, sig) != 3 || strlen(sig) != 86 || !t || !check_id(signer)) { fprintf(stderr, "Invalid input\n"); + free(data); return 1; } if(node && strcmp(node, signer)) { fprintf(stderr, "Signature is not made by %s\n", node); + free(data); return 1; } @@ -2543,6 +2561,8 @@ static int cmd_verify(int argc, char *argv[]) { memcpy(data + len, trailer, trailer_len); free(trailer); + newline = data + skip; + char fname[PATH_MAX]; snprintf(fname, sizeof fname, "%s" SLASH "hosts" SLASH "%s", confbase, node); FILE *fp = fopen(fname, "r"); @@ -2820,8 +2840,10 @@ static int cmd_shell(int argc, char *argv[]) { if(nargc == argc) continue; - if(!strcasecmp(nargv[argc], "exit") || !strcasecmp(nargv[argc], "quit")) + if(!strcasecmp(nargv[argc], "exit") || !strcasecmp(nargv[argc], "quit")) { + free(nargv); return result; + } bool found = false;