- Let user choose whether keys are in the config files or separate

[tinc] / src / conf.c

diff --git a/src/conf.c b/src/conf.c
index e0cc11e..5aaa22a 100644 (file)
--- a/src/conf.c
+++ b/src/conf.c
@@ -19,12 +19,11 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: conf.c,v 1.9.4.33 2000/12/05 08:56:44 zarq Exp $
+    $Id: conf.c,v 1.9.4.36 2001/01/05 23:53:49 guus Exp $
 */
 
 #include "config.h"
 
-#include <assert.h>
 #include <ctype.h>
 #include <errno.h>
 #include <netdb.h>
@@ -35,6 +34,7 @@
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <unistd.h>
+#include <syslog.h>
 
 #include <xalloc.h>
 #include <utils.h> /* for cp */
@@ -63,15 +63,20 @@ static internal_config_t hazahaza[] = {
   { "Interface",    config_interface,      TYPE_NAME },
   { "InterfaceIP",  config_interfaceip,    TYPE_IP },
   { "KeyExpire",    config_keyexpire,      TYPE_INT },
+  { "MyVirtualIP",  config_dummy,          TYPE_IP },
+  { "MyOwnVPNIP",   config_dummy,          TYPE_IP },
   { "Name",         config_name,       TYPE_NAME },
   { "PingTimeout",  config_pingtimeout,    TYPE_INT },
   { "PrivateKey",   config_privatekey,     TYPE_NAME },
+  { "PrivateKeyFile", config_privatekeyfile, TYPE_NAME },
   { "TapDevice",    config_tapdevice,      TYPE_NAME },
+  { "VpnMask",      config_dummy,          TYPE_IP },
 /* Host configuration file keywords */
   { "Address",      config_address,        TYPE_NAME },
   { "IndirectData", config_indirectdata,   TYPE_BOOL },
   { "Port",         config_port,           TYPE_INT },
   { "PublicKey",    config_publickey,      TYPE_NAME },
+  { "PublicKeyFile", config_publickeyfile, TYPE_NAME },
   { "RestrictAddress", config_restrictaddress, TYPE_BOOL },
   { "RestrictHosts", config_restricthosts, TYPE_BOOL },
   { "RestrictPort", config_restrictport,   TYPE_BOOL },
@@ -229,7 +234,10 @@ int read_config_file(config_t **base, const char *fname)
   
 cp
   if((fp = fopen (fname, "r")) == NULL)
-    return -1;
+    {
+      syslog(LOG_ERR, _("Cannot open config file %s: %m"), fname);
+      return -1;
+    }
 
   bufsize = 100;
   buffer = xmalloc(bufsize);
@@ -270,7 +278,7 @@ cp
 
       if(((q = strtok(NULL, "\t\n\r =")) == NULL) || q[0] == '#')
        {
-         fprintf(stderr, _("No value for variable `%s' on line %d while reading config file %s"),
+         syslog(LOG_ERR, _("No value for variable `%s' on line %d while reading config file %s"),
                  hazahaza[i].name, lineno, fname);
          break;
        }
@@ -278,7 +286,7 @@ cp
       cfg = add_config_val(base, hazahaza[i].argtype, q);
       if(cfg == NULL)
        {
-         fprintf(stderr, _("Invalid value for variable `%s' on line %d while reading config file %s"),
+         syslog(LOG_ERR, _("Invalid value for variable `%s' on line %d while reading config file %s"),
                  hazahaza[i].name, lineno, fname);
          break;
        }
@@ -303,7 +311,7 @@ cp
   x = read_config_file(&config, fname);
   if(x == -1) /* System error */
     {
-      fprintf(stderr, _("Failed to read `%s': %m\n"),
+      syslog(LOG_ERR, _("Failed to read `%s': %m"),
              fname);
     }
   free(fname);
@@ -350,7 +358,7 @@ int isadir(const char* f)
 
   if(stat(f, &s) < 0)
     {
-      fprintf(stderr, _("Couldn't stat `%s': %m\n"),
+      syslog(LOG_ERR, _("Couldn't stat `%s': %m"),
              f);
       return -1;
     }
@@ -363,24 +371,29 @@ int is_safe_path(const char *file)
   char *p;
   struct stat s;
 
+  if(*file != '/')
+    {
+      syslog(LOG_ERR, _("`%s' is not an absolute path"), file);
+      return 0;
+    }
+
   p = strrchr(file, '/');
-  assert(p); /* p has to contain a / */
   *p = '\0';
   if(stat(file, &s) < 0)
     {
-      fprintf(stderr, _("Couldn't stat `%s': %m\n"),
+      syslog(LOG_ERR, _("Couldn't stat `%s': %m"),
              file);
       return 0;
     }
   if(s.st_uid != geteuid())
     {
-      fprintf(stderr, _("`%s' is owned by UID %d instead of %d.\n"),
+      syslog(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
              file, s.st_uid, geteuid());
       return 0;
     }
   if(S_ISLNK(s.st_mode))
     {
-      fprintf(stderr, _("Warning: `%s' is a symlink\n"),
+      syslog(LOG_WARNING, _("Warning: `%s' is a symlink"),
              file);
       /* fixme: read the symlink and start again */
     }
@@ -388,7 +401,7 @@ int is_safe_path(const char *file)
   *p = '/';
   if(stat(file, &s) < 0 && errno != ENOENT)
     {
-      fprintf(stderr, _("Couldn't stat `%s': %m\n"),
+      syslog(LOG_ERR, _("Couldn't stat `%s': %m"),
              file);
       return 0;
     }
@@ -396,20 +409,20 @@ int is_safe_path(const char *file)
     return 1;
   if(s.st_uid != geteuid())
     {
-      fprintf(stderr, _("`%s' is owned by UID %d instead of %d.\n"),
+      syslog(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
              file, s.st_uid, geteuid());
       return 0;
     }
   if(S_ISLNK(s.st_mode))
     {
-      fprintf(stderr, _("Warning: `%s' is a symlink\n"),
+      syslog(LOG_WARNING, _("Warning: `%s' is a symlink"),
              file);
       /* fixme: read the symlink and start again */
     }
   if(s.st_mode & 0007)
     {
       /* Accessible by others */
-      fprintf(stderr, _("`%s' has unsecure permissions.\n"),
+      syslog(LOG_ERR, _("`%s' has unsecure permissions"),
              file);
       return 0;
     }
@@ -437,12 +450,14 @@ FILE *ask_and_safe_open(const char* filename, const char* what)
       /* Ask for a file and/or directory name. */
       fprintf(stdout, _("Please enter a file to save %s to [%s]: "),
              what, filename);
-      fflush(stdout);  /* Don't wait for a newline */
+      fflush(stdout);
+
       if((fn = readline(stdin, NULL, NULL)) == NULL)
        {
          fprintf(stderr, _("Error while reading stdin: %m\n"));
          return NULL;
        }
+
       if(strlen(fn) == 0)
        /* User just pressed enter. */
        fn = xstrdup(filename);