From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun, 18 Aug 2013 15:02:49 +0000 (+0200)
Subject: Create UNIX socket at the same time as the PID file is created.
X-Git-Tag: release-1.1pre9~38
X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=b180c1af99c559809d0e7b23fce3022817ec56a9

Create UNIX socket at the same time as the PID file is created.

The PID file was created before tinc-up was called, but the UNIX socket was
created afterwards, which meant one could not change the UNIX socket's owner or
permissions from the tinc-up script.
---

diff --git a/src/control.c b/src/control.c
index 84098be5..1f562134 100644
--- a/src/control.c
+++ b/src/control.c
@@ -175,9 +175,49 @@ bool init_control(void) {
 	free(localhost);
 	fclose(f);
 
+#ifndef HAVE_MINGW
+	int unix_fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if(unix_fd < 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not create UNIX socket: %s", sockstrerror(errno));
+		return false;
+	}
+
+	struct sockaddr_un sun;
+	sun.sun_family = AF_UNIX;
+	strncpy(sun.sun_path, unixsocketname, sizeof sun.sun_path);
+
+	if(connect(unix_fd, (struct sockaddr *)&sun, sizeof sun) >= 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "UNIX socket %s is still in use!", unixsocketname);
+		return false;
+	}
+
+	unlink(unixsocketname);
+
+	umask(mask | 077);
+	int result = bind(unix_fd, (struct sockaddr *)&sun, sizeof sun);
+	umask(mask);
+
+	if(result < 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno));
+		return false;
+	}
+
+	if(listen(unix_fd, 3) < 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not listen on UNIX socket %s: %s", unixsocketname, sockstrerror(errno));
+		return false;
+	}
+
+	io_add(&unix_socket, handle_new_unix_connection, &unix_socket, unix_fd, IO_READ);
+#endif
+
 	return true;
 }
 
 void exit_control(void) {
+#ifndef HAVE_MINGW
+	io_del(&unix_socket);
+	close(unix_socket.fd);
+#endif
+
 	unlink(pidfilename);
 }
diff --git a/src/net_setup.c b/src/net_setup.c
index 0fedafa8..6aeceaf3 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -850,42 +850,6 @@ static bool setup_myself(void) {
 
 	/* Open sockets */
 
-#ifndef HAVE_MINGW
-	int unix_fd = socket(AF_UNIX, SOCK_STREAM, 0);
-	if(unix_fd < 0) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Could not create UNIX socket: %s", sockstrerror(errno));
-		return false;
-	}
-
-	struct sockaddr_un sa;
-	sa.sun_family = AF_UNIX;
-	strncpy(sa.sun_path, unixsocketname, sizeof sa.sun_path);
-
-	if(connect(unix_fd, (struct sockaddr *)&sa, sizeof sa) >= 0) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "UNIX socket %s is still in use!", unixsocketname);
-		return false;
-	}
-
-	unlink(unixsocketname);
-
-	mode_t mask = umask(0);
-	umask(mask | 077);
-	int result = bind(unix_fd, (struct sockaddr *)&sa, sizeof sa);
-	umask(mask);
-
-	if(result < 0) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno));
-		return false;
-	}
-
-	if(listen(unix_fd, 3) < 0) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Could not listen on UNIX socket %s: %s", unixsocketname, sockstrerror(errno));
-		return false;
-	}
-
-	io_add(&unix_socket, handle_new_unix_connection, &unix_socket, unix_fd, IO_READ);
-#endif
-
 	if(!do_detach && getenv("LISTEN_FDS")) {
 		sockaddr_t sa;
 		socklen_t salen;
@@ -1069,11 +1033,6 @@ void close_network_connections(void) {
 		close(listen_socket[i].udp.fd);
 	}
 
-#ifndef HAVE_MINGW
-	io_del(&unix_socket);
-	close(unix_socket.fd);
-#endif
-
 	char *envp[5] = {NULL};
 	xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
 	xasprintf(&envp[1], "DEVICE=%s", device ? : "");