X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;ds=sidebyside;f=src%2Ftincctl.c;h=f6e60fe6f263870935657c096279010ced04bc1b;hb=5fca595b80f5d2a6629d74e89ca2ef46ba9ae292;hp=fc747e7528d2e32ffd7acf21752a0745acb95307;hpb=ced4c1a327b321a6d73028a3a15b41b0be64d910;p=tinc

diff --git a/src/tincctl.c b/src/tincctl.c
index fc747e75..f6e60fe6 100644
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -40,7 +40,6 @@
 #include "top.h"
 
 #ifdef HAVE_MINGW
-#define mkdir(a, b) mkdir(a)
 #define SCRIPTEXTENSION ".bat"
 #else
 #define SCRIPTEXTENSION ""
@@ -79,19 +78,11 @@ static struct WSAData wsa_state;
 
 static struct option const long_options[] = {
 	{"config", required_argument, NULL, 'c'},
-	{"debug", optional_argument, NULL, 0},
-	{"no-detach", no_argument, NULL, 0},
-	{"mlock", no_argument, NULL, 0},
 	{"net", required_argument, NULL, 'n'},
 	{"help", no_argument, NULL, 1},
 	{"version", no_argument, NULL, 2},
-	{"pidfile", required_argument, NULL, 5},
-	{"logfile", required_argument, NULL, 0},
-	{"bypass-security", no_argument, NULL, 0},
-	{"chroot", no_argument, NULL, 0},
-	{"user", required_argument, NULL, 0},
-	{"option", required_argument, NULL, 0},
-	{"force", no_argument, NULL, 6},
+	{"pidfile", required_argument, NULL, 3},
+	{"force", no_argument, NULL, 4},
 	{NULL, 0, NULL, 0}
 };
 
@@ -125,7 +116,7 @@ static void usage(bool status) {
 				"  del VARIABLE [VALUE]       Remove VARIABLE [only ones with watching VALUE]\n"
 				"  start [tincd options]      Start tincd.\n"
 				"  stop                       Stop tincd.\n"
-				"  restart                    Restart tincd.\n"
+				"  restart [tincd options]    Restart tincd.\n"
 				"  reload                     Partially reload configuration of running tincd.\n"
 				"  pid                        Show PID of currently running tincd.\n"
 				"  generate-keys [bits]       Generate new RSA and ECDSA public/private keypairs.\n"
@@ -163,7 +154,7 @@ static bool parse_options(int argc, char **argv) {
 	int r;
 	int option_index = 0;
 
-	while((r = getopt_long(argc, argv, "c:n:Dd::Lo:RU:", long_options, &option_index)) != EOF) {
+	while((r = getopt_long(argc, argv, "+c:n:", long_options, &option_index)) != EOF) {
 		switch (r) {
 			case 0:   /* long option */
 				break;
@@ -185,11 +176,11 @@ static bool parse_options(int argc, char **argv) {
 				show_version = true;
 				break;
 
-			case 5:   /* open control socket here */
+			case 3:   /* open control socket here */
 				pidfilename = xstrdup(optarg);
 				break;
 
-			case 6:   /* force */
+			case 4:   /* force */
 				force = true;
 				break;
 
@@ -236,6 +227,16 @@ static void disable_old_keys(const char *filename, const char *what) {
 
 	w = fopen(tmpfile, "w");
 
+#ifdef HAVE_FCHMOD
+	/* Let the temporary file have the same permissions as the original. */
+
+	if(w) {
+		struct stat st = {.st_mode = 0600};
+		fstat(fileno(r), &st);
+		fchmod(fileno(w), st.st_mode);
+	}
+#endif
+
 	while(fgets(buf, sizeof buf, r)) {
 		if(!block && !strncmp(buf, "-----BEGIN ", 11)) {
 			if((strstr(buf, " EC ") && strstr(what, "ECDSA")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) {
@@ -333,8 +334,6 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo
 		filename = buf2;
 	}
 
-	umask(0077); /* Disallow everything for group and other */
-
 	disable_old_keys(filename, what);
 
 	/* Open it first to keep the inode busy */
@@ -477,7 +476,8 @@ bool recvline(int fd, char *line, size_t len) {
 	char *newline = NULL;
 
 	if(!fd)
-abort();
+		abort();
+
 	while(!(newline = memchr(buffer, '\n', blen))) {
 		int result = recv(fd, buffer + blen, sizeof buffer - blen, 0);
 		if(result == -1 && errno == EINTR)
@@ -879,7 +879,7 @@ static int cmd_stop(int argc, char *argv[]) {
 }
 
 static int cmd_restart(int argc, char *argv[]) {
-	cmd_stop(argc, argv);
+	cmd_stop(1, argv);
 	return cmd_start(argc, argv);
 }
 
@@ -1195,6 +1195,13 @@ static int cmd_pcap(int argc, char *argv[]) {
 	return 0;
 }
 
+#ifdef SIGINT
+static void sigint_handler(int sig) {
+	fprintf(stderr, "\n");
+	shutdown(fd, SHUT_RDWR);
+}
+#endif
+
 static int cmd_log(int argc, char *argv[]) {
 	if(argc > 2) {
 		fprintf(stderr, "Too many arguments!\n");
@@ -1204,7 +1211,18 @@ static int cmd_log(int argc, char *argv[]) {
 	if(!connect_tincd(true))
 		return 1;
 
+#ifdef SIGINT
+	signal(SIGINT, sigint_handler);
+#endif
+
 	logcontrol(fd, stdout, argc > 1 ? atoi(argv[1]) : -1);
+
+#ifdef SIGINT
+	signal(SIGINT, SIG_DFL);
+#endif
+
+	close(fd);
+	fd = -1;
 	return 0;
 }
 
@@ -1285,6 +1303,7 @@ const var_t variables[] = {
 	{"KeyExpire", VAR_SERVER},
 	{"LocalDiscovery", VAR_SERVER},
 	{"MACExpire", VAR_SERVER},
+	{"MaxConnectionBurst", VAR_SERVER},
 	{"MaxOutputBufferSize", VAR_SERVER},
 	{"MaxTimeout", VAR_SERVER},
 	{"Mode", VAR_SERVER | VAR_SAFE},
@@ -1691,7 +1710,9 @@ static int cmd_init(int argc, char *argv[]) {
 			fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno));
 			return 1;
 		}
-		fchmod(fileno(f), 0755);
+		mode_t mask = umask(0);
+		umask(mask);
+		fchmod(fileno(f), 0755 & ~mask);
 		fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE <your vpn IP address> netmask <netmask of whole VPN>\n");
 		fclose(f);
 	}