/*
tincd.c -- the main file for tincd
Copyright (C) 1998-2005 Ivo Timmermans
- 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
+ 2000-2017 Guus Sliepen <guus@tinc-vpn.org>
2008 Max Rijevski <maksuf@gmail.com>
2009 Michael Tokarev <mjt@tls.msk.ru>
2010 Julien Muchembled <jm@jmuchemb.eu>
#include <time.h>
#endif
+#ifdef HAVE_GETOPT_LONG
#include <getopt.h>
+#else
+#include "getopt.h"
+#endif
+
#include "pidfile.h"
#include "conf.h"
char *logfilename = NULL; /* log file location */
char **g_argv; /* a copy of the cmdline arguments */
-static int status;
+static int status = 1;
static struct option const long_options[] = {
{"config", required_argument, NULL, 'c'},
break;
case 'c': /* config file */
+ if(confbase) {
+ fprintf(stderr, "Only one configuration directory can be given.\n");
+ usage(true);
+ return false;
+ }
confbase = xstrdup(optarg);
break;
break;
#endif
- case 'd': /* inc debug level */
+ case 'd': /* increase debug level */
+ if(!optarg && optind < argc && *argv[optind] != '-')
+ optarg = argv[optind++];
if(optarg)
debug_level = atoi(optarg);
else
case 'k': /* kill old tincds */
#ifndef HAVE_MINGW
+ if(!optarg && optind < argc && *argv[optind] != '-')
+ optarg = argv[optind++];
if(optarg) {
if(!strcasecmp(optarg, "HUP"))
kill_tincd = SIGHUP;
case 'n': /* net name given */
/* netname "." is special: a "top-level name" */
- netname = strcmp(optarg, ".") != 0 ?
- xstrdup(optarg) : NULL;
+ if(netname) {
+ fprintf(stderr, "Only one netname can be given.\n");
+ usage(true);
+ return false;
+ }
+ if(optarg && strcmp(optarg, "."))
+ netname = xstrdup(optarg);
break;
case 'o': /* option */
break;
case 'K': /* generate public/private keypair */
+ if(!optarg && optind < argc && *argv[optind] != '-')
+ optarg = argv[optind++];
if(optarg) {
generate_keys = atoi(optarg);
case 4: /* write log entries to a file */
use_logfile = true;
- if(optarg)
+ if(!optarg && optind < argc && *argv[optind] != '-')
+ optarg = argv[optind++];
+ if(optarg) {
+ if(logfilename) {
+ fprintf(stderr, "Only one logfile can be given.\n");
+ usage(true);
+ return false;
+ }
logfilename = xstrdup(optarg);
+ }
break;
case 5: /* write PID to a file */
+ if(pidfilename) {
+ fprintf(stderr, "Only one pidfile can be given.\n");
+ usage(true);
+ return false;
+ }
pidfilename = xstrdup(optarg);
break;
}
}
+ if(optind < argc) {
+ fprintf(stderr, "%s: unrecognized argument '%s'\n", argv[0], argv[optind]);
+ usage(true);
+ return false;
+ }
+
return true;
}
/* This function prettyprints the key generation process */
-static void indicator(int a, int b, void *p) {
+static int indicator(int a, int b, BN_GENCB *cb) {
switch (a) {
case 0:
fprintf(stderr, ".");
default:
fprintf(stderr, "?");
}
+
+ return 1;
+}
+
+#ifndef HAVE_BN_GENCB_NEW
+BN_GENCB *BN_GENCB_new(void) {
+ return xmalloc_and_zero(sizeof(BN_GENCB));
+}
+
+void BN_GENCB_free(BN_GENCB *cb) {
+ free(cb);
}
+#endif
/*
Generate a public/private RSA keypair, and ask for a file to store
them in.
*/
static bool keygen(int bits) {
+ BIGNUM *e = NULL;
RSA *rsa_key;
FILE *f;
- char *name = NULL;
- char *filename;
+ char *pubname, *privname;
+ BN_GENCB *cb;
+ int result;
- get_config_string(lookup_config(config_tree, "Name"), &name);
+ fprintf(stderr, "Generating %d bits keys:\n", bits);
- if(name && !check_id(name)) {
- fprintf(stderr, "Invalid name for myself!\n");
- return false;
- }
+ cb = BN_GENCB_new();
+ if(!cb)
+ abort();
+ BN_GENCB_set(cb, indicator, NULL);
- fprintf(stderr, "Generating %d bits keys:\n", bits);
- rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL);
+ rsa_key = RSA_new();
+ BN_hex2bn(&e, "10001");
+ if(!rsa_key || !e)
+ abort();
- if(!rsa_key) {
+ result = RSA_generate_key_ex(rsa_key, bits, e, cb);
+
+ BN_free(e);
+ BN_GENCB_free(cb);
+
+ if(!result) {
fprintf(stderr, "Error during key generation!\n");
return false;
} else
fprintf(stderr, "Done.\n");
- xasprintf(&filename, "%s/rsa_key.priv", confbase);
- f = ask_and_open(filename, "private RSA key");
+ xasprintf(&privname, "%s/rsa_key.priv", confbase);
+ f = ask_and_open(privname, "private RSA key");
+ free(privname);
if(!f)
return false;
fputc('\n', f);
PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL);
fclose(f);
- free(filename);
- if(name)
- xasprintf(&filename, "%s/hosts/%s", confbase, name);
- else
- xasprintf(&filename, "%s/rsa_key.pub", confbase);
+ char *name = get_name();
- f = ask_and_open(filename, "public RSA key");
+ if(name) {
+ xasprintf(&pubname, "%s/hosts/%s", confbase, name);
+ free(name);
+ } else {
+ xasprintf(&pubname, "%s/rsa_key.pub", confbase);
+ }
+
+ f = ask_and_open(pubname, "public RSA key");
+ free(pubname);
if(!f)
return false;
fputc('\n', f);
PEM_write_RSAPublicKey(f, rsa_key);
fclose(f);
- free(filename);
- if(name)
- free(name);
return true;
}
#ifdef HAVE_MINGW
HKEY key;
char installdir[1024] = "";
- long len = sizeof(installdir);
+ DWORD len = sizeof(installdir);
#endif
if(netname)
#ifdef HAVE_MINGW
if(!RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\tinc", 0, KEY_READ, &key)) {
- if(!RegQueryValueEx(key, NULL, 0, 0, installdir, &len)) {
- if(!logfilename)
- xasprintf(&logfilename, "%s/log/%s.log", identname);
+ if(!RegQueryValueEx(key, NULL, 0, 0, (LPBYTE)installdir, &len)) {
if(!confbase) {
if(netname)
xasprintf(&confbase, "%s/%s", installdir, netname);
else
xasprintf(&confbase, "%s", installdir);
}
+ if(!logfilename)
+ xasprintf(&logfilename, "%s/tinc.log", confbase);
}
RegCloseKey(key);
if(*installdir)
"initgroups", strerror(errno));
return false;
}
+#ifndef __ANDROID__
+// Not supported in android NDK
endgrent();
endpwent();
+#endif
}
if (do_chroot) {
tzset(); /* for proper timestamps in logs */
make_names();
if(show_version) {
- printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE,
- VERSION, __DATE__, __TIME__, PROT_CURRENT);
- printf("Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.\n"
+ printf("%s version %s\n", PACKAGE, VERSION);
+ printf("Copyright (C) 1998-2017 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n"
g_argv = argv;
+ if(getenv("LISTEN_PID") && atoi(getenv("LISTEN_PID")) == getpid())
+ do_detach = false;
+#ifdef HAVE_UNSETENV
+ unsetenv("LISTEN_PID");
+#endif
+
init_configuration(&config_tree);
/* Slllluuuuuuurrrrp! */
EVP_cleanup();
ENGINE_cleanup();
CRYPTO_cleanup_all_ex_data();
+#ifdef HAVE_ERR_REMOVE_STATE
+ // OpenSSL claims this function was deprecated in 1.0.0,
+ // but valgrind's leak detector shows you still need to call it to make sure OpenSSL cleans up properly.
ERR_remove_state(0);
+#endif
ERR_free_strings();
exit_configuration(&config_tree);