X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Ftincctl.c;h=4dd9726fe5a2ed6d52af3272ef173fa230a7f236;hb=a29e6b49ef7a184941ab8cda2de9487744a82f83;hp=a6b400b905e0c523fc96e26d5457907cb8ae5776;hpb=f830d756812a2860fe3b758d3fd8605ac338a552;p=tinc diff --git a/src/tincctl.c b/src/tincctl.c index a6b400b9..4dd9726f 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -41,13 +41,13 @@ #include "top.h" #include "version.h" #include "subnet.h" +#include "keys.h" #ifndef MSG_NOSIGNAL #define MSG_NOSIGNAL 0 #endif static char **orig_argv; -static int orig_argc; /* If nonzero, display usage information and exit. */ static bool show_help = false; @@ -71,7 +71,6 @@ static int result; bool force = false; bool tty = true; bool confbasegiven = false; -bool netnamegiven = false; char *scriptinterpreter = NULL; char *scriptextension = ""; static char *prompt; @@ -190,11 +189,13 @@ static bool parse_options(int argc, char **argv) { break; case 'c': /* config file */ + free(confbase); confbase = xstrdup(optarg); confbasegiven = true; break; case 'n': /* net name given */ + free(netname); netname = xstrdup(optarg); break; @@ -207,6 +208,7 @@ static bool parse_options(int argc, char **argv) { break; case 3: /* open control socket here */ + free(pidfilename); pidfilename = xstrdup(optarg); break; @@ -216,6 +218,7 @@ static bool parse_options(int argc, char **argv) { case '?': /* wrong options */ usage(true); + free_names(); return false; default: @@ -236,133 +239,13 @@ static bool parse_options(int argc, char **argv) { if(netname && (strpbrk(netname, "\\/") || *netname == '.')) { fprintf(stderr, "Invalid character in netname!\n"); + free_names(); return false; } return true; } -/* Open a file with the desired permissions, minus the umask. - Also, if we want to create an executable file, we call fchmod() - to set the executable bits. */ - -FILE *fopenmask(const char *filename, const char *mode, mode_t perms) { - mode_t mask = umask(0); - perms &= ~mask; - umask(~perms & 0777); - FILE *f = fopen(filename, mode); - - if(!f) { - fprintf(stderr, "Could not open %s: %s\n", filename, strerror(errno)); - return NULL; - } - -#ifdef HAVE_FCHMOD - - if((perms & 0444) && f) { - fchmod(fileno(f), perms); - } - -#endif - umask(mask); - return f; -} - -static void disable_old_keys(const char *filename, const char *what) { - char tmpfile[PATH_MAX] = ""; - char buf[1024]; - bool disabled = false; - bool block = false; - bool error = false; - - FILE *r = fopen(filename, "r"); - FILE *w = NULL; - - if(!r) { - return; - } - - int result = snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename); - - if(result < sizeof(tmpfile)) { - struct stat st = {.st_mode = 0600}; - fstat(fileno(r), &st); - w = fopenmask(tmpfile, "w", st.st_mode); - } - - while(fgets(buf, sizeof(buf), r)) { - if(!block && !strncmp(buf, "-----BEGIN ", 11)) { - if((strstr(buf, " ED25519 ") && strstr(what, "Ed25519")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) { - disabled = true; - block = true; - } - } - - bool ed25519pubkey = !strncasecmp(buf, "Ed25519PublicKey", 16) && strchr(" \t=", buf[16]) && strstr(what, "Ed25519"); - - if(ed25519pubkey) { - disabled = true; - } - - if(w) { - if(block || ed25519pubkey) { - fputc('#', w); - } - - if(fputs(buf, w) < 0) { - error = true; - break; - } - } - - if(block && !strncmp(buf, "-----END ", 9)) { - block = false; - } - } - - if(w) - if(fclose(w) < 0) { - error = true; - } - - if(ferror(r) || fclose(r) < 0) { - error = true; - } - - if(disabled) { - if(!w || error) { - fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n"); - - if(w) { - unlink(tmpfile); - } - - return; - } - -#ifdef HAVE_MINGW - // We cannot atomically replace files on Windows. - char bakfile[PATH_MAX] = ""; - snprintf(bakfile, sizeof(bakfile), "%s.bak", filename); - - if(rename(filename, bakfile) || rename(tmpfile, filename)) { - rename(bakfile, filename); -#else - - if(rename(tmpfile, filename)) { -#endif - fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n"); - } else { -#ifdef HAVE_MINGW - unlink(bakfile); -#endif - fprintf(stderr, "Warning: old key(s) found and disabled.\n"); - } - } - - unlink(tmpfile); -} - static FILE *ask_and_open(const char *filename, const char *what, const char *mode, bool ask, mode_t perms) { FILE *r; char directory[PATH_MAX] = "."; @@ -1000,10 +883,12 @@ static int cmd_start(int argc, char *argv[]) { #endif + char *default_c = "tincd"; + if(slash++) { xasprintf(&c, "%.*stincd", (int)(slash - program_name), program_name); } else { - c = "tincd"; + c = default_c; } int nargc = 0; @@ -1034,6 +919,12 @@ static int cmd_start(int argc, char *argv[]) { #ifdef HAVE_MINGW int status = spawnvp(_P_WAIT, c, nargv); + free(nargv); + + if(c != default_c) { + free(c); + } + if(status == -1) { fprintf(stderr, "Error starting %s: %s\n", c, strerror(errno)); return 1; @@ -1046,6 +937,11 @@ static int cmd_start(int argc, char *argv[]) { if(socketpair(AF_UNIX, SOCK_STREAM, 0, pfd)) { fprintf(stderr, "Could not create umbilical socket: %s\n", strerror(errno)); free(nargv); + + if(c != default_c) { + free(c); + } + return 1; } @@ -1054,6 +950,11 @@ static int cmd_start(int argc, char *argv[]) { if(pid == -1) { fprintf(stderr, "Could not fork: %s\n", strerror(errno)); free(nargv); + + if(c != default_c) { + free(c); + } + return 1; } @@ -1103,12 +1004,17 @@ static int cmd_start(int argc, char *argv[]) { signal(SIGINT, SIG_DFL); #endif - if(failure || result != pid || !WIFEXITED(status) || WEXITSTATUS(status)) { + bool failed = failure || result != pid || !WIFEXITED(status) || WEXITSTATUS(status); + + if(failed) { fprintf(stderr, "Error starting %s\n", c); - return 1; } - return 0; + if(c != default_c) { + free(c); + } + + return failed ? EXIT_FAILURE : EXIT_SUCCESS; #endif } @@ -1856,7 +1762,7 @@ static int cmd_config(int argc, char *argv[]) { char *node = NULL; char *variable; char *value; - int len; + size_t len; len = strcspn(line, "\t ="); value = line + len; @@ -1903,11 +1809,12 @@ static int cmd_config(int argc, char *argv[]) { found = true; variable = (char *)variables[i].name; - if(!strcasecmp(variable, "Subnet")) { + if(!strcasecmp(variable, "Subnet") && *value) { subnet_t s = {0}; if(!str2net(&s, value)) { fprintf(stderr, "Malformed subnet definition %s\n", value); + return 1; } if(!subnetcheck(s)) { @@ -1963,6 +1870,11 @@ static int cmd_config(int argc, char *argv[]) { if(node && !check_id(node)) { fprintf(stderr, "Invalid name for node.\n"); + + if(node != line) { + free(node); + } + return 1; } @@ -1971,6 +1883,11 @@ static int cmd_config(int argc, char *argv[]) { fprintf(stderr, "Warning: %s is not a known configuration variable!\n", variable); } else { fprintf(stderr, "%s: is not a known configuration variable! Use --force to use it anyway.\n", variable); + + if(node && node != line) { + free(node); + } + return 1; } } @@ -1980,6 +1897,11 @@ static int cmd_config(int argc, char *argv[]) { if(node) { snprintf(filename, sizeof(filename), "%s" SLASH "%s", hosts_dir, node); + + if(node != line) { + free(node); + node = NULL; + } } else { snprintf(filename, sizeof(filename), "%s", tinc_conf); } @@ -3339,11 +3261,15 @@ static int cmd_shell(int argc, char *argv[]) { return result; } +static void cleanup() { + free(tinc_conf); + free(hosts_dir); + free_names(); +} int main(int argc, char *argv[]) { program_name = argv[0]; orig_argv = argv; - orig_argc = argc; tty = isatty(0) && isatty(1); if(!parse_options(argc, argv)) { @@ -3353,6 +3279,7 @@ int main(int argc, char *argv[]) { make_names(false); xasprintf(&tinc_conf, "%s" SLASH "tinc.conf", confbase); xasprintf(&hosts_dir, "%s" SLASH "hosts", confbase); + atexit(cleanup); if(show_version) { version(); @@ -3374,7 +3301,8 @@ int main(int argc, char *argv[]) { #endif - srand(time(NULL)); + gettimeofday(&now, NULL); + srand(now.tv_sec + now.tv_usec); crypto_init(); if(optind >= argc) {