X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fcontrol.c;h=bf8a12b51b3867ed8a1d82af4548ef8b2c146210;hb=3a316823b971396a428f020f401b9fe41252d98d;hp=cc5bbb0a016db770b90b93631e1b121d3b598ed9;hpb=f5bb64b36ae0807cdd3f241f81a8e933065437f6;p=tinc diff --git a/src/control.c b/src/control.c index cc5bbb0a..bf8a12b5 100644 --- a/src/control.c +++ b/src/control.c @@ -1,6 +1,6 @@ /* control.c -- Control socket handling. - Copyright (C) 2012 Guus Sliepen + Copyright (C) 2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -106,7 +106,7 @@ bool control_h(connection_t *c, const char *request) { for list_each(connection_t, other, connection_list) { if(strcmp(other->name, name)) continue; - terminate_connection(other, other->status.active); + terminate_connection(other, other->edge); found = true; } @@ -134,37 +134,36 @@ bool control_h(connection_t *c, const char *request) { } bool init_control(void) { - randomize(controlcookie, sizeof controlcookie / 2); - bin2hex(controlcookie, controlcookie, sizeof controlcookie / 2); + randomize(controlcookie, sizeof(controlcookie) / 2); + bin2hex(controlcookie, controlcookie, sizeof(controlcookie) / 2); + mode_t mask = umask(0); + umask(mask | 077); FILE *f = fopen(pidfilename, "w"); + umask(mask); + if(!f) { logger(DEBUG_ALWAYS, LOG_ERR, "Cannot write control socket cookie file %s: %s", pidfilename, strerror(errno)); return false; } -#ifdef HAVE_FCHMOD - fchmod(fileno(f), 0600); -#else - chmod(pidfilename, 0600); -#endif // Get the address and port of the first listening socket char *localhost = NULL; sockaddr_t sa; - socklen_t len = sizeof sa; + socklen_t len = sizeof(sa); // Make sure we have a valid address, and map 0.0.0.0 and :: to 127.0.0.1 and ::1. if(getsockname(listen_socket[0].tcp.fd, (struct sockaddr *)&sa, &len)) { - xasprintf(&localhost, "127.0.0.1 port %d", myport); + xasprintf(&localhost, "127.0.0.1 port %s", myport); } else { if(sa.sa.sa_family == AF_INET) { if(sa.in.sin_addr.s_addr == 0) sa.in.sin_addr.s_addr = htonl(0x7f000001); } else if(sa.sa.sa_family == AF_INET6) { static const uint8_t zero[16] = {0}; - if(!memcmp(sa.in6.sin6_addr.s6_addr, zero, sizeof zero)) + if(!memcmp(sa.in6.sin6_addr.s6_addr, zero, sizeof(zero))) sa.in6.sin6_addr.s6_addr[15] = 1; } @@ -176,9 +175,50 @@ bool init_control(void) { free(localhost); fclose(f); +#ifndef HAVE_MINGW + int unix_fd = socket(AF_UNIX, SOCK_STREAM, 0); + if(unix_fd < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not create UNIX socket: %s", sockstrerror(sockerrno)); + return false; + } + + struct sockaddr_un sa_un; + sa_un.sun_family = AF_UNIX; + strncpy(sa_un.sun_path, unixsocketname, sizeof(sa_un.sun_path)); + + if(connect(unix_fd, (struct sockaddr *)&sa_un, sizeof(sa_un)) >= 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "UNIX socket %s is still in use!", unixsocketname); + return false; + } + + unlink(unixsocketname); + + umask(mask | 077); + int result = bind(unix_fd, (struct sockaddr *)&sa_un, sizeof(sa_un)); + umask(mask); + + if(result < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(sockerrno)); + return false; + } + + if(listen(unix_fd, 3) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not listen on UNIX socket %s: %s", unixsocketname, sockstrerror(sockerrno)); + return false; + } + + io_add(&unix_socket, handle_new_unix_connection, &unix_socket, unix_fd, IO_READ); +#endif + return true; } void exit_control(void) { +#ifndef HAVE_MINGW + unlink(unixsocketname); + io_del(&unix_socket); + close(unix_socket.fd); +#endif + unlink(pidfilename); }