X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Ftincctl.c;h=a49654847f158d74c0cbafce1e9307a45c768122;hb=d1e01bc880a6970050e55f19bafe8eaf1f0b9be2;hp=fc747e7528d2e32ffd7acf21752a0745acb95307;hpb=ced4c1a327b321a6d73028a3a15b41b0be64d910;p=tinc

diff --git a/src/tincctl.c b/src/tincctl.c
index fc747e75..a4965484 100644
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -40,7 +40,6 @@
 #include "top.h"
 
 #ifdef HAVE_MINGW
-#define mkdir(a, b) mkdir(a)
 #define SCRIPTEXTENSION ".bat"
 #else
 #define SCRIPTEXTENSION ""
@@ -79,19 +78,11 @@ static struct WSAData wsa_state;
 
 static struct option const long_options[] = {
 	{"config", required_argument, NULL, 'c'},
-	{"debug", optional_argument, NULL, 0},
-	{"no-detach", no_argument, NULL, 0},
-	{"mlock", no_argument, NULL, 0},
 	{"net", required_argument, NULL, 'n'},
 	{"help", no_argument, NULL, 1},
 	{"version", no_argument, NULL, 2},
-	{"pidfile", required_argument, NULL, 5},
-	{"logfile", required_argument, NULL, 0},
-	{"bypass-security", no_argument, NULL, 0},
-	{"chroot", no_argument, NULL, 0},
-	{"user", required_argument, NULL, 0},
-	{"option", required_argument, NULL, 0},
-	{"force", no_argument, NULL, 6},
+	{"pidfile", required_argument, NULL, 3},
+	{"force", no_argument, NULL, 4},
 	{NULL, 0, NULL, 0}
 };
 
@@ -125,7 +116,7 @@ static void usage(bool status) {
 				"  del VARIABLE [VALUE]       Remove VARIABLE [only ones with watching VALUE]\n"
 				"  start [tincd options]      Start tincd.\n"
 				"  stop                       Stop tincd.\n"
-				"  restart                    Restart tincd.\n"
+				"  restart [tincd options]    Restart tincd.\n"
 				"  reload                     Partially reload configuration of running tincd.\n"
 				"  pid                        Show PID of currently running tincd.\n"
 				"  generate-keys [bits]       Generate new RSA and ECDSA public/private keypairs.\n"
@@ -163,7 +154,7 @@ static bool parse_options(int argc, char **argv) {
 	int r;
 	int option_index = 0;
 
-	while((r = getopt_long(argc, argv, "c:n:Dd::Lo:RU:", long_options, &option_index)) != EOF) {
+	while((r = getopt_long(argc, argv, "+c:n:", long_options, &option_index)) != EOF) {
 		switch (r) {
 			case 0:   /* long option */
 				break;
@@ -185,11 +176,11 @@ static bool parse_options(int argc, char **argv) {
 				show_version = true;
 				break;
 
-			case 5:   /* open control socket here */
+			case 3:   /* open control socket here */
 				pidfilename = xstrdup(optarg);
 				break;
 
-			case 6:   /* force */
+			case 4:   /* force */
 				force = true;
 				break;
 
@@ -236,6 +227,16 @@ static void disable_old_keys(const char *filename, const char *what) {
 
 	w = fopen(tmpfile, "w");
 
+#ifdef HAVE_FCHMOD
+	/* Let the temporary file have the same permissions as the original. */
+
+	if(w) {
+		struct stat st = {.st_mode = 0600};
+		fstat(fileno(r), &st);
+		fchmod(fileno(w), st.st_mode);
+	}
+#endif
+
 	while(fgets(buf, sizeof buf, r)) {
 		if(!block && !strncmp(buf, "-----BEGIN ", 11)) {
 			if((strstr(buf, " EC ") && strstr(what, "ECDSA")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) {
@@ -333,8 +334,6 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo
 		filename = buf2;
 	}
 
-	umask(0077); /* Disallow everything for group and other */
-
 	disable_old_keys(filename, what);
 
 	/* Open it first to keep the inode busy */
@@ -477,7 +476,8 @@ bool recvline(int fd, char *line, size_t len) {
 	char *newline = NULL;
 
 	if(!fd)
-abort();
+		abort();
+
 	while(!(newline = memchr(buffer, '\n', blen))) {
 		int result = recv(fd, buffer + blen, sizeof buffer - blen, 0);
 		if(result == -1 && errno == EINTR)
@@ -830,8 +830,16 @@ static int cmd_start(int argc, char *argv[]) {
 
 	free(nargv);
 
-	int status = -1;
-	if(waitpid(pid, &status, 0) != pid || !WIFEXITED(status) || WEXITSTATUS(status)) {
+	int status = -1, result;
+#ifdef SIGINT
+	signal(SIGINT, SIG_IGN);
+#endif
+	result = waitpid(pid, &status, 0);
+#ifdef SIGINT
+	signal(SIGINT, SIG_DFL);
+#endif
+
+	if(result != pid || !WIFEXITED(status) || WEXITSTATUS(status)) {
 		fprintf(stderr, "Error starting %s\n", c);
 		return 1;
 	}
@@ -879,7 +887,7 @@ static int cmd_stop(int argc, char *argv[]) {
 }
 
 static int cmd_restart(int argc, char *argv[]) {
-	cmd_stop(argc, argv);
+	cmd_stop(1, argv);
 	return cmd_start(argc, argv);
 }
 
@@ -1195,6 +1203,13 @@ static int cmd_pcap(int argc, char *argv[]) {
 	return 0;
 }
 
+#ifdef SIGINT
+static void sigint_handler(int sig) {
+	fprintf(stderr, "\n");
+	shutdown(fd, SHUT_RDWR);
+}
+#endif
+
 static int cmd_log(int argc, char *argv[]) {
 	if(argc > 2) {
 		fprintf(stderr, "Too many arguments!\n");
@@ -1204,7 +1219,18 @@ static int cmd_log(int argc, char *argv[]) {
 	if(!connect_tincd(true))
 		return 1;
 
+#ifdef SIGINT
+	signal(SIGINT, sigint_handler);
+#endif
+
 	logcontrol(fd, stdout, argc > 1 ? atoi(argv[1]) : -1);
+
+#ifdef SIGINT
+	signal(SIGINT, SIG_DFL);
+#endif
+
+	close(fd);
+	fd = -1;
 	return 0;
 }
 
@@ -1285,6 +1311,7 @@ const var_t variables[] = {
 	{"KeyExpire", VAR_SERVER},
 	{"LocalDiscovery", VAR_SERVER},
 	{"MACExpire", VAR_SERVER},
+	{"MaxConnectionBurst", VAR_SERVER},
 	{"MaxOutputBufferSize", VAR_SERVER},
 	{"MaxTimeout", VAR_SERVER},
 	{"Mode", VAR_SERVER | VAR_SAFE},
@@ -1395,6 +1422,7 @@ static int cmd_config(int argc, char *argv[]) {
 
 	/* Some simple checks. */
 	bool found = false;
+	bool warnonremove = false;
 
 	for(int i = 0; variables[i].name; i++) {
 		if(strcasecmp(variables[i].name, variable))
@@ -1433,6 +1461,16 @@ static int cmd_config(int argc, char *argv[]) {
 				return 1;
 		}
 
+		/* Change "add" into "set" for variables that do not allow multiple occurences.
+		   Turn on warnings when it seems variables might be removed unintentionally. */
+
+		if(action == 1 && !(variables[i].type & VAR_MULTIPLE)) {
+			warnonremove = true;
+			action = 0;
+		} else if(action == 0 && (variables[i].type & VAR_MULTIPLE)) {
+			warnonremove = true;
+		}
+
 		break;
 	}
 
@@ -1515,9 +1553,14 @@ static int cmd_config(int argc, char *argv[]) {
 				}
 			// Set
 			} else if(action == 0) {
+				// Warn if "set" was used for variables that can occur multiple times
+				if(warnonremove && strcasecmp(bvalue, value))
+					fprintf(stderr, "Warning: removing %s = %s\n", variable, bvalue);
+
 				// Already set? Delete the rest...
 				if(set)
 					continue;
+
 				// Otherwise, replace.
 				if(fprintf(tf, "%s = %s\n", variable, value) < 0) {
 					fprintf(stderr, "Error writing to temporary file %s: %s\n", tmpfile, strerror(errno));
@@ -1691,7 +1734,9 @@ static int cmd_init(int argc, char *argv[]) {
 			fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno));
 			return 1;
 		}
-		fchmod(fileno(f), 0755);
+		mode_t mask = umask(0);
+		umask(mask);
+		fchmod(fileno(f), 0755 & ~mask);
 		fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE <your vpn IP address> netmask <netmask of whole VPN>\n");
 		fclose(f);
 	}