X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fcontrol.c;h=2e6be57679f0fbb5799ac25535ee3a423abe57bb;hb=refs%2Fheads%2F1.1-threads;hp=b72ea9eeb59778509c1aa8f368110163d8288928;hpb=01f47c46af514a9d7f39c143e4558a8426a0d3eb;p=tinc diff --git a/src/control.c b/src/control.c index b72ea9ee..2e6be576 100644 --- a/src/control.c +++ b/src/control.c @@ -12,105 +12,135 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - $Id$ + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include - #include "system.h" +#include "crypto.h" #include "conf.h" #include "control.h" +#include "control_common.h" +#include "graph.h" #include "logger.h" +#include "protocol.h" +#include "utils.h" #include "xalloc.h" -static int control_socket = -1; -static struct event control_event; -static splay_tree_t *control_socket_tree; -extern char *controlfilename; - -static void handle_control_data(int fd, short events, void *event) { - char buf[MAXBUFSIZE]; - size_t inlen; - - inlen = read(fd, buf, sizeof buf); - - if(inlen <= 0) { - logger(LOG_DEBUG, _("Closing control socket")); - event_del(event); - splay_delete(control_socket_tree, event); - close(fd); - } -} - -static void handle_new_control_socket(int fd, short events, void *data) { - int newfd; - struct event *ev; - - newfd = accept(fd, NULL, NULL); +char controlcookie[65]; +extern char *controlcookiename; - if(newfd < 0) { - logger(LOG_ERR, _("Accepting a new connection failed: %s"), strerror(errno)); - event_del(&control_event); - return; - } - - ev = xmalloc(sizeof *ev); - event_set(ev, newfd, EV_READ | EV_PERSIST, handle_control_data, ev); - event_add(ev, NULL); - splay_insert(control_socket_tree, ev); - - logger(LOG_DEBUG, _("Control socket connection accepted")); +static bool control_return(connection_t *c, int type, int error) { + return send_request(c, "%d %d %d", CONTROL, type, error); } -static int control_compare(const struct event *a, const struct event *b) { - return a < b ? -1 : a > b ? 1 : 0; +static bool control_ok(connection_t *c, int type) { + return control_return(c, type, 0); } -void init_control() { - struct sockaddr_un addr; +bool control_h(connection_t *c, char *request) { + int type; - control_socket_tree = splay_alloc_tree((splay_compare_t)control_compare, (splay_action_t)free); + if(!c->status.control || c->allow_request != CONTROL) { + logger(LOG_ERR, "Unauthorized control request from %s (%s)", c->name, c->hostname); + return false; + } - if(strlen(controlfilename) >= sizeof addr.sun_path) { - logger(LOG_ERR, _("Control socket filename too long!")); - return; + if(sscanf(request, "%*d %d", &type) != 1) { + logger(LOG_ERR, "Got bad %s from %s (%s)", "CONTROL", c->name, c->hostname); + return false; } - memset(&addr, 0, sizeof addr); - addr.sun_family = AF_UNIX; - strncpy(addr.sun_path, controlfilename, sizeof addr.sun_path - 1); + switch (type) { + case REQ_STOP: + running = false; + return control_ok(c, REQ_STOP); + + case REQ_DUMP_NODES: + return dump_nodes(c); + + case REQ_DUMP_EDGES: + return dump_edges(c); + + case REQ_DUMP_SUBNETS: + return dump_subnets(c); + + case REQ_DUMP_CONNECTIONS: + return dump_connections(c); + + case REQ_PURGE: + purge(); + return control_ok(c, REQ_PURGE); + + case REQ_SET_DEBUG: { + int new_level; + if(sscanf(request, "%*d %*d %d", &new_level) != 1) + return false; + send_request(c, "%d %d %d", CONTROL, REQ_SET_DEBUG, debug_level); + if(new_level >= 0) + debug_level = new_level; + return true; + } + + case REQ_RETRY: + retry(); + return control_ok(c, REQ_RETRY); + + case REQ_RELOAD: + logger(LOG_NOTICE, "Got '%s' command", "reload"); + int result = reload_configuration(); + return control_return(c, REQ_RELOAD, result); + + case REQ_DISCONNECT: { + char name[MAX_STRING_SIZE]; + connection_t *other; + splay_node_t *node, *next; + bool found = false; + + if(sscanf(request, "%*d %*d " MAX_STRING, name) != 1) + return control_return(c, REQ_DISCONNECT, -1); + + for(node = connection_tree->head; node; node = next) { + next = node->next; + other = node->data; + if(strcmp(other->name, name)) + continue; + terminate_connection(other, other->status.active); + found = true; + } + + return control_return(c, REQ_DISCONNECT, found ? 0 : -2); + } + + default: + return send_request(c, "%d %d", CONTROL, REQ_INVALID); + } +} - control_socket = socket(PF_UNIX, SOCK_STREAM, 0); +bool init_control() { + randomize(controlcookie, sizeof controlcookie / 2); + bin2hex(controlcookie, controlcookie, sizeof controlcookie / 2); + controlcookie[sizeof controlcookie - 1] = 0; - if(control_socket < 0) { - logger(LOG_ERR, _("Creating UNIX socket failed: %s"), strerror(errno)); - return; + FILE *f = fopen(controlcookiename, "w"); + if(!f) { + logger(LOG_ERR, "Cannot write control socket cookie file %s: %s", controlcookiename, strerror(errno)); + return false; } - unlink(controlfilename); - if(bind(control_socket, (struct sockaddr *)&addr, sizeof addr) < 0) { - logger(LOG_ERR, _("Can't bind to %s: %s\n"), controlfilename, strerror(errno)); - close(control_socket); - return; - } +#ifdef HAVE_FCHMOD + fchmod(fileno(f), 0600); +#else + chmod(controlcookiename, 0600); +#endif - if(listen(control_socket, 3) < 0) { - logger(LOG_ERR, _("Can't listen on %s: %s\n"), controlfilename, strerror(errno)); - close(control_socket); - return; - } + fprintf(f, "%s %s %d\n", controlcookie, myport, getpid()); + fclose(f); - event_set(&control_event, control_socket, EV_READ | EV_PERSIST, handle_new_control_socket, NULL); - event_add(&control_event, NULL); + return true; } void exit_control() { - if(control_socket >= 0) { - event_del(&control_event); - close(control_socket); - } + unlink(controlcookiename); }