-static int show_version;
-
-/* If nonzero, it will attempt to kill a running tincd and exit. */
-static int kill_tincd = 0;
-
-/* If zero, don't detach from the terminal. */
-static int do_detach = 1;
-
-char *identname; /* program name for syslog */
-char *netname = NULL; /* name of the vpn network */
-char *pidfilename; /* pid file location */
-static pid_t ppid; /* pid of non-detached part */
-char **g_argv; /* a copy of the cmdline arguments */
-
-void cleanup_and_exit(int);
-int detach(void);
-int kill_other(void);
-void make_names(void);
-RETSIGTYPE parent_exit(int a);
-void setup_signals(void);
-int write_pidfile(void);
-
-static struct option const long_options[] =
-{
- { "kill", no_argument, NULL, 'k' },
- { "net", required_argument, NULL, 'n' },
- { "timeout", required_argument, NULL, 'p' },
- { "help", no_argument, &show_help, 1 },
- { "version", no_argument, &show_version, 1 },
- { "no-detach", no_argument, &do_detach, 0 },
- { NULL, 0, NULL, 0 }
+static bool show_version = false;
+
+#ifdef HAVE_MLOCKALL
+/* If nonzero, disable swapping for this process. */
+static bool do_mlock = false;
+#endif
+
+#ifndef HAVE_WINDOWS
+/* If nonzero, chroot to netdir after startup. */
+static bool do_chroot = false;
+
+/* If !NULL, do setuid to given user after startup */
+static const char *switchuser = NULL;
+#endif
+
+char **g_argv; /* a copy of the cmdline arguments */
+
+static int status = 1;
+
+typedef enum option_t {
+ OPT_BAD_OPTION = '?',
+ OPT_LONG_OPTION = 0,
+
+ // Short options
+ OPT_CONFIG_FILE = 'c',
+ OPT_NETNAME = 'n',
+ OPT_NO_DETACH = 'D',
+ OPT_DEBUG = 'd',
+ OPT_MLOCK = 'L',
+ OPT_CHROOT = 'R',
+ OPT_CHANGE_USER = 'U',
+ OPT_SYSLOG = 's',
+ OPT_OPTION = 'o',
+
+ // Long options
+ OPT_HELP = 255,
+ OPT_VERSION,
+ OPT_NO_SECURITY,
+ OPT_LOGFILE,
+ OPT_PIDFILE,
+} option_t;
+
+static struct option const long_options[] = {
+ {"config", required_argument, NULL, OPT_CONFIG_FILE},
+ {"net", required_argument, NULL, OPT_NETNAME},
+ {"no-detach", no_argument, NULL, OPT_NO_DETACH},
+ {"debug", optional_argument, NULL, OPT_DEBUG},
+ {"mlock", no_argument, NULL, OPT_MLOCK},
+ {"chroot", no_argument, NULL, OPT_CHROOT},
+ {"user", required_argument, NULL, OPT_CHANGE_USER},
+ {"syslog", no_argument, NULL, OPT_SYSLOG},
+ {"option", required_argument, NULL, OPT_OPTION},
+ {"help", no_argument, NULL, OPT_HELP},
+ {"version", no_argument, NULL, OPT_VERSION},
+ {"bypass-security", no_argument, NULL, OPT_NO_SECURITY},
+ {"logfile", optional_argument, NULL, OPT_LOGFILE},
+ {"pidfile", required_argument, NULL, OPT_PIDFILE},
+ {NULL, 0, NULL, 0},