X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=2e06a39e30b11afd75e9073087da30fac980c20e;hp=5d7f84131a327876d6e9bfdee72f798756e3679b;hb=7f87c3d9134612041d56180ea7fc3e6c37991f6b;hpb=f8f1007bf469d44480d95d0d78ddc156d00e059f diff --git a/src/net.c b/src/net.c index 5d7f8413..2e06a39e 100644 --- a/src/net.c +++ b/src/net.c @@ -17,17 +17,13 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.69 2000/11/08 00:10:49 guus Exp $ + $Id: net.c,v 1.35.4.74 2000/11/15 22:07:36 zarq Exp $ */ #include "config.h" -#include #include #include -/* SunOS really wants sys/socket.h BEFORE net/if.h */ -#include -#include #include #include #include @@ -39,9 +35,29 @@ #include #include #include -#include -#include -#include +/* SunOS really wants sys/socket.h BEFORE net/if.h, + and FreeBSD wants these lines below the rest. */ +#include +#include +#include + +#ifdef HAVE_OPENSSL_RAND_H +# include +#else +# include +#endif + +#ifdef HAVE_OPENSSL_EVP_H +# include +#else +# include +#endif + +#ifdef HAVE_OPENSSL_ERR_H +# include +#else +# include +#endif #ifdef HAVE_TUNTAP #include LINUX_IF_TUN_H @@ -52,6 +68,7 @@ #include "conf.h" #include "connlist.h" +#include "list.h" #include "meta.h" #include "net.h" #include "netutl.h" @@ -77,29 +94,14 @@ char *unknown = NULL; subnet_t mymac; -/* - Execute the given script. - This function doesn't really belong here. -*/ -int execute_script(const char *name) +list_t *child_pids; + +void _execute_script(const char *name) { + int error = 0; char *scriptname; - pid_t pid; char *s; - - if((pid = fork()) < 0) - { - syslog(LOG_ERR, _("System call `%s' failed: %m"), - "fork"); - return -1; - } - - if(pid) - { - return 0; - } - - /* Child here */ + int fd; if(netname) { @@ -113,21 +115,113 @@ int execute_script(const char *name) } #endif - chdir(confbase); /* This cannot fail since we already read config files from this directory. */ + if(chdir(confbase) < 0) + /* This cannot fail since we already read config files from this + directory. - Guus */ + /* Yes this can fail, somebody could have removed this directory + when we didn't pay attention. - Ivo */ + { + if(chdir("/") < 0) + /* Now if THIS fails, something wicked is going on. - Ivo */ + syslog(LOG_ERR, _("Couldn't chdir to `/': %m")); + + /* Continue anyway. */ + } asprintf(&scriptname, "%s/%s", confbase, name); - execl(scriptname, NULL); + /* Close all file descriptors */ + closelog(); + fcloseall(); + + /* Open standard input */ + if(open("/dev/null", O_RDONLY) < 0) + { + syslog(LOG_ERR, _("Opening `/dev/null' failed: %m")); + error = 1; + } + + if(!error) + { + /* Standard output directly goes to syslog */ + openlog(name, LOG_CONS | LOG_PID, LOG_DAEMON); + /* Standard error as well */ + if(dup2(1, 2) < 0) + { + syslog(LOG_ERR, _("System call `%s' failed: %m"), + "dup2"); + error = 1; + } + } + + if(error && debug_lvl > 1) + syslog(LOG_INFO, _("This means that any output the script generates will not be shown in syslog.")); + + execl(scriptname, NULL); /* No return on success */ if(errno != ENOENT) /* Ignore if the file does not exist */ syslog(LOG_WARNING, _("Error executing `%s': %m"), scriptname); /* No need to free things */ - exit(0); } +/* + Execute the given script. + This function doesn't really belong here. +*/ +int execute_script(const char *name) +{ + pid_t pid; + + if((pid = fork()) < 0) + { + syslog(LOG_ERR, _("System call `%s' failed: %m"), + "fork"); + return -1; + } + + if(pid) + { + list_append(child_pids, pid); + return 0; + } + + /* Child here */ + + _execute_script(name); +} + +int check_child(void *data) +{ + pid_t pid; + int status; + + pid = (pid_t) data; + pid = waitpid(pid, &status, WNOHANG); + if(WIFEXITED(status)) + { + if(WIFSIGNALED(status)) /* Child was killed by a signal */ + { + syslog(LOG_ERR, _("Child with PID %d was killed by signal %d (%s)"), + pid, WTERMSIG(status), strsignal(WTERMSIG(status))); + return -1; + } + if(WEXITSTATUS(status) != 0) + { + syslog(LOG_INFO, _("Child with PID %d exited with code %d"), + WEXITSTATUS(status)); + } + return -1; + } +} + +void check_children(void) +{ + list_forall_nodes(child_pids, check_child); +} + int xsend(conn_list_t *cl, vpn_packet_t *inpkt) { vpn_packet_t outpkt; @@ -485,6 +579,7 @@ cp if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -492,6 +587,7 @@ cp if(setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -500,6 +596,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "fcntl"); return -1; @@ -509,6 +606,7 @@ cp { if(setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, cfg->data.ptr, strlen(cfg->data.ptr))) { + close(nfd); syslog(LOG_ERR, _("Unable to bind listen socket to interface %s: %m"), cfg->data.ptr); return -1; } @@ -525,12 +623,14 @@ cp if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr))) { + close(nfd); syslog(LOG_ERR, _("Can't bind to port %hd/tcp: %m"), port); return -1; } if(listen(nfd, 3)) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "listen"); return -1; @@ -551,12 +651,14 @@ int setup_vpn_in_socket(int port) cp if((nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) { + close(nfd); syslog(LOG_ERR, _("Creating socket failed: %m")); return -1; } if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -565,6 +667,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "fcntl"); return -1; @@ -577,6 +680,7 @@ cp if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr))) { + close(nfd); syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), port); return -1; } @@ -615,6 +719,7 @@ cp if(connect(cl->meta_socket, (struct sockaddr *)&a, sizeof(a)) == -1) { + close(cl->meta_socket); syslog(LOG_ERR, _("%s port %hd: %m"), cl->hostname, cl->port); return -1; } @@ -622,6 +727,7 @@ cp flags = fcntl(cl->meta_socket, F_GETFL); if(fcntl(cl->meta_socket, F_SETFL, flags | O_NONBLOCK) < 0) { + close(cl->meta_socket); syslog(LOG_ERR, _("fcntl for %s port %d: %m"), cl->hostname, cl->port); return -1; @@ -825,6 +931,8 @@ cp myself->status.active = 1; syslog(LOG_NOTICE, _("Ready: listening on port %hd"), myself->port); + + child_pids = list_new(); cp return 0; } @@ -964,6 +1072,7 @@ cp if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -972,6 +1081,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "fcntl"); return -1; @@ -984,6 +1094,7 @@ cp if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr))) { + close(nfd); syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), myself->port); return -1; } @@ -994,6 +1105,7 @@ cp if(connect(nfd, (struct sockaddr *)&a, sizeof(a)) == -1) { + close(nfd); syslog(LOG_ERR, _("Connecting to %s port %d failed: %m"), cl->hostname, cl->port); return -1; @@ -1002,6 +1114,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd, cl->name, cl->hostname); return -1; @@ -1025,7 +1138,7 @@ conn_list_t *create_new_connection(int sfd) cp p = new_conn_list(); - if(getpeername(sfd, &ci, &len) < 0) + if(getpeername(sfd, (struct sockaddr *) &ci, (socklen_t *) &len) < 0) { syslog(LOG_ERR, _("System call `%s' failed: %m"), "getpeername"); @@ -1408,6 +1521,8 @@ cp if(FD_ISSET(tap_fd, &fset)) handle_tap_input(); } + + check_children(); } cp }