/*
tincd.c -- the main file for tincd
- Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>
- 2000-2002 Guus Sliepen <guus@sliepen.warande.net>
+ Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
+ 2000-2002 Guus Sliepen <guus@sliepen.eu.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: tincd.c,v 1.10.4.59 2002/06/08 12:57:10 guus Exp $
+ $Id: tincd.c,v 1.10.4.62 2002/09/09 19:40:12 guus Exp $
*/
#include "config.h"
#include <signal.h>
#include <string.h>
#include <termios.h>
+#include <sys/mman.h>
#ifdef HAVE_SYS_IOCTL_H
# include <sys/ioctl.h>
/* If nonzero, use null ciphers and skip all key exchanges. */
int bypass_security = 0;
+/* If nonzero, disable swapping for this process. */
+int do_mlock = 0;
+
char *identname; /* program name for syslog */
char *pidfilename; /* pid file location */
char **g_argv; /* a copy of the cmdline arguments */
{ "generate-keys", optional_argument, NULL, 'K'},
{ "debug", optional_argument, NULL, 'd'},
{ "bypass-security", no_argument, &bypass_security, 1 },
+ { "mlock", no_argument, &do_mlock, 1},
{ NULL, 0, NULL, 0 }
};
" -D, --no-detach Don't fork and detach.\n"
" -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n"
" -k, --kill[=SIGNAL] Attempt to kill a running tincd and exit.\n"
- " -n, --net=NETNAME Connect to net NETNAME.\n"));
- printf(_(" -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n"
+ " -n, --net=NETNAME Connect to net NETNAME.\n"
+ " -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n"
+ " -L, --mlock Lock tinc into main memory.\n"
" --help Display this help and exit.\n"
" --version Output version information and exit.\n\n"));
printf(_("Report bugs to tinc@nl.linux.org.\n"));
int r;
int option_index = 0;
- while((r = getopt_long(argc, argv, "c:Dd::k::n:K::", long_options, &option_index)) != EOF)
+ while((r = getopt_long(argc, argv, "c:DLd::k::n:K::", long_options, &option_index)) != EOF)
{
switch(r)
{
case 'D': /* no detach */
do_detach = 0;
break;
+ case 'L': /* no detach */
+ do_mlock = 1;
+ break;
case 'd': /* inc debug level */
if(optarg)
debug_lvl = atoi(optarg);
else
asprintf(&filename, "%s/rsa_key.pub", confbase);
- if((f = ask_and_safe_open(filename, _("public RSA key"), "a")) == NULL)
+ f = ask_and_safe_open(filename, _("public RSA key"), "a");
+
+ if(!f)
return -1;
if(ftell(f))
free(filename);
asprintf(&filename, "%s/rsa_key.priv", confbase);
- if((f = ask_and_safe_open(filename, _("private RSA key"), "a")) == NULL)
+ f = ask_and_safe_open(filename, _("private RSA key"), "a");
+
+ if(!f)
return -1;
if(ftell(f))
openlog("tinc", LOG_PERROR, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */
#endif
+ /* Lock all pages into memory if requested */
+
+ if(do_mlock)
+#ifdef HAVE_MLOCKALL
+ if(mlockall(MCL_CURRENT | MCL_FUTURE))
+ {
+ syslog(LOG_ERR, _("System call `%s' failed: %s"), "mlockall", strerror(errno));
+#else
+ {
+ syslog(LOG_ERR, _("mlockall() not supported on this platform!"));
+#endif
+ return -1;
+ }
+
g_argv = argv;
make_names();
init_configuration(&config_tree);
/* Slllluuuuuuurrrrp! */
-cp
+ cp();
RAND_load_file("/dev/urandom", 1024);
#ifdef HAVE_SSLEAY_ADD_ALL_ALGORITHMS
OpenSSL_add_all_algorithms();
#endif
-cp
+ cp();
if(generate_keys)
{
read_server_config();
if(read_server_config())
exit(1);
-cp
+ cp();
if(detach())
exit(0);
-cp
+ cp();
for(;;)
{
if(!setup_network_connections())