/*
tincd.c -- the main file for tincd
- Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
- 2000 Guus Sliepen <guus@sliepen.warande.net>
+ Copyright (C) 1998-2001 Ivo Timmermans <itimmermans@bigfoot.com>
+ 2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: tincd.c,v 1.10.4.32 2000/11/20 22:13:14 guus Exp $
+ $Id: tincd.c,v 1.10.4.51 2001/07/24 20:04:22 guus Exp $
*/
#include "config.h"
# include <sys/ioctl.h>
#endif
-#ifdef HAVE_OPENSSL_RAND_H
-# include <openssl/rand.h>
-#else
-# include <rand.h>
-#endif
-
-#ifdef HAVE_OPENSSL_RSA_H
-# include <openssl/rsa.h>
-#else
-# include <rsa.h>
-#endif
-
-#ifdef HAVE_OPENSSL_ERR_H
-# include <openssl/err.h>
-#else
-# include <err.h>
-#endif
-
-
+#include <openssl/rand.h>
+#include <openssl/rsa.h>
+#include <openssl/pem.h>
#include <utils.h>
#include <xalloc.h>
/* If nonzero, it will attempt to kill a running tincd and exit. */
static int kill_tincd = 0;
-/* If zero, don't detach from the terminal. */
-extern int do_detach;
-
/* If nonzero, generate public/private keypair for this host/net. */
static int generate_keys = 0;
char **environment; /* A pointer to the environment on
startup */
-void cleanup_and_exit(int);
-int kill_other(void);
-void make_names(void);
-int write_pidfile(void);
-
static struct option const long_options[] =
{
{ "config", required_argument, NULL, 'c' },
do_detach = 0;
break;
case 'd': /* inc debug level */
- debug_lvl++;
+ if(optarg)
+ debug_lvl = atoi(optarg);
+ else
+ debug_lvl++;
break;
case 'k': /* kill old tincds */
kill_tincd = 1;
generate_keys = atoi(optarg);
if(generate_keys < 512)
{
- fprintf(stderr, _("Invalid argument! BITS must be a number equal to or greater than 512.\n"));
+ fprintf(stderr, _("Invalid argument `%s'; BITS must be a number equal to or greater than 512.\n"),
+ optarg);
usage(1);
}
generate_keys &= ~7; /* Round it to bytes */
}
}
-/* Generate a public/private RSA keypair, and possibly store it into the configuration file. */
-
+/*
+ Generate a public/private RSA keypair, and ask for a file to store
+ them in.
+*/
int keygen(int bits)
{
RSA *rsa_key;
+ FILE *f;
+ config_t const *cfg;
+ char *filename;
fprintf(stderr, _("Generating %d bits keys:\n"), bits);
rsa_key = RSA_generate_key(bits, 0xFFFF, indicator, NULL);
+
if(!rsa_key)
{
- fprintf(stderr, _("Error during key generation!"));
+ fprintf(stderr, _("Error during key generation!\n"));
return -1;
}
else
fprintf(stderr, _("Done.\n"));
- fprintf(stderr, _("Please copy the private key to tinc.conf and the\npublic key to your host configuration file:\n\n"));
- printf("PublicKey = %s\n", BN_bn2hex(rsa_key->n));
- printf("PrivateKey = %s\n", BN_bn2hex(rsa_key->d));
+ if(config && (cfg = get_config_val(config, config_name)))
+ asprintf(&filename, "%s/hosts/%s", confbase, cfg->data.ptr);
+ else
+ asprintf(&filename, "%s/rsa_key.pub", confbase);
+
+ if((f = ask_and_safe_open(filename, _("public RSA key"), "a")) == NULL)
+ return -1;
+
+ if(ftell(f))
+ fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n"));
+
+ PEM_write_RSAPublicKey(f, rsa_key);
+ fclose(f);
+ free(filename);
- fflush(stdin);
+ asprintf(&filename, "%s/rsa_key.priv", confbase);
+ if((f = ask_and_safe_open(filename, _("private RSA key"), "a")) == NULL)
+ return -1;
+
+ if(ftell(f))
+ fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n"));
+
+ PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL);
+ fclose(f);
+ free(filename);
+
return 0;
}
if(netname)
{
if(!pidfilename)
- asprintf(&pidfilename, "/var/run/tinc.%s.pid", netname);
+ asprintf(&pidfilename, LOCALSTATEDIR "/run/tinc.%s.pid", netname);
if(!confbase)
asprintf(&confbase, "%s/tinc/%s", CONFDIR, netname);
else
- fprintf(stderr, _("Both netname and configuration directory given, using the latter...\n"));
+ syslog(LOG_INFO, _("Both netname and configuration directory given, using the latter..."));
if(!identname)
asprintf(&identname, "tinc.%s", netname);
}
else
{
if(!pidfilename)
- pidfilename = "/var/run/tinc.pid";
+ pidfilename = LOCALSTATEDIR "/run/tinc.pid";
if(!confbase)
asprintf(&confbase, "%s/tinc", CONFDIR);
if(!identname)
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
- /* Do some intl stuff right now */
-
- unknown = _("unknown");
-
environment = envp;
parse_options(argc, argv, envp);
if(show_version)
{
printf(_("%s version %s (built %s %s, protocol %d)\n"), PACKAGE, VERSION, __DATE__, __TIME__, PROT_CURRENT);
- printf(_("Copyright (C) 1998,1999,2000 Ivo Timmermans, Guus Sliepen and others.\n"
+ printf(_("Copyright (C) 1998-2001 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n"
if(geteuid())
{
- fprintf(stderr, _("You must be root to run this program. Sorry.\n"));
+ fprintf(stderr, _("You must be root to run this program.\n"));
return 1;
}
+#ifdef HAVE_SOLARIS
+ openlog("tinc", LOG_CONS, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */
+#else
+ openlog("tinc", LOG_PERROR, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */
+#endif
+
g_argv = argv;
make_names();
/* Slllluuuuuuurrrrp! */
-
+cp
RAND_load_file("/dev/urandom", 1024);
-
+cp
if(generate_keys)
- exit(keygen(generate_keys));
-
+ {
+ read_server_config();
+ exit(keygen(generate_keys));
+ }
+
if(kill_tincd)
exit(kill_other());
if(read_server_config())
- return 1;
-
- init_processes();
-
+ exit(1);
+cp
if(detach())
exit(0);
-
- if(debug_lvl >= DEBUG_ERROR)
- ERR_load_crypto_strings();
-
+cp
for(;;)
{
if(!setup_network_connections())
else
{
syslog(LOG_ERR, _("Not restarting."));
- exit(0);
+ exit(1);
}
}
}
-