X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Ftincctl.c;h=664b2eaa1b4306761284afd2bb9b9aba3fb832e0;hb=f71ab70351e8d5dfdc91c9808d142cf93d2a5d61;hp=08f3018944b22587651c695131f31f9bfee8fcce;hpb=6048e276153ae3cb181fe9996b7ab43afdbae38c;p=tinc diff --git a/src/tincctl.c b/src/tincctl.c index 08f30189..664b2eaa 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -1,6 +1,6 @@ /* tincctl.c -- Controlling a running tincd - Copyright (C) 2007-2018 Guus Sliepen + Copyright (C) 2007-2021 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -40,6 +40,7 @@ #include "tincctl.h" #include "top.h" #include "version.h" +#include "subnet.h" #ifndef MSG_NOSIGNAL #define MSG_NOSIGNAL 0 @@ -92,6 +93,17 @@ static struct option const long_options[] = { static void version(void) { printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE, BUILD_VERSION, BUILD_DATE, BUILD_TIME, PROT_MAJOR, PROT_MINOR); + printf("Features:" +#ifdef HAVE_READLINE + " readline" +#endif +#ifdef HAVE_CURSES + " curses" +#endif +#ifndef DISABLE_LEGACY + " legacy_protocol" +#endif + "\n\n"); printf("Copyright (C) 1998-2018 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" @@ -125,12 +137,12 @@ static void usage(bool status) { " reload Partially reload configuration of running tincd.\n" " pid Show PID of currently running tincd.\n" #ifdef DISABLE_LEGACY - " generate-keys Generate a new Ed25519 public/private keypair.\n" + " generate-keys Generate a new Ed25519 public/private key pair.\n" #else - " generate-keys [bits] Generate new RSA and Ed25519 public/private keypairs.\n" - " generate-rsa-keys [bits] Generate a new RSA public/private keypair.\n" + " generate-keys [bits] Generate new RSA and Ed25519 public/private key pairs.\n" + " generate-rsa-keys [bits] Generate a new RSA public/private key pair.\n" #endif - " generate-ed25519-keys Generate a new Ed25519 public/private keypair.\n" + " generate-ed25519-keys Generate a new Ed25519 public/private key pair.\n" " dump Dump a list of one of the following things:\n" " [reachable] nodes - all known nodes in the VPN\n" " edges - all known connections in the VPN\n" @@ -237,7 +249,7 @@ static bool parse_options(int argc, char **argv) { FILE *fopenmask(const char *filename, const char *mode, mode_t perms) { mode_t mask = umask(0); perms &= ~mask; - umask(~perms); + umask(~perms & 0777); FILE *f = fopen(filename, mode); if(!f) { @@ -262,19 +274,21 @@ static void disable_old_keys(const char *filename, const char *what) { bool disabled = false; bool block = false; bool error = false; - FILE *r, *w; - r = fopen(filename, "r"); + FILE *r = fopen(filename, "r"); + FILE *w = NULL; if(!r) { return; } - snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename); + int result = snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename); - struct stat st = {.st_mode = 0600}; - fstat(fileno(r), &st); - w = fopenmask(tmpfile, "w", st.st_mode); + if(result < sizeof(tmpfile)) { + struct stat st = {.st_mode = 0600}; + fstat(fileno(r), &st); + w = fopenmask(tmpfile, "w", st.st_mode); + } while(fgets(buf, sizeof(buf), r)) { if(!block && !strncmp(buf, "-----BEGIN ", 11)) { @@ -416,7 +430,7 @@ ask_filename: } /* - Generate a public/private Ed25519 keypair, and ask for a file to store + Generate a public/private Ed25519 key pair, and ask for a file to store them in. */ static bool ed25519_keygen(bool ask) { @@ -424,7 +438,7 @@ static bool ed25519_keygen(bool ask) { FILE *f; char fname[PATH_MAX]; - fprintf(stderr, "Generating Ed25519 keypair:\n"); + fprintf(stderr, "Generating Ed25519 key pair:\n"); if(!(key = ecdsa_generate())) { fprintf(stderr, "Error during key generation!\n"); @@ -480,7 +494,7 @@ error: #ifndef DISABLE_LEGACY /* - Generate a public/private RSA keypair, and ask for a file to store + Generate a public/private RSA key pair, and ask for a file to store them in. */ static bool rsa_keygen(int bits, bool ask) { @@ -850,14 +864,17 @@ bool connect_tincd(bool verbose) { return false; } - struct sockaddr_un sa; + struct sockaddr_un sa = { + .sun_family = AF_UNIX, + }; - sa.sun_family = AF_UNIX; + if(strlen(unixsocketname) >= sizeof(sa.sun_path)) { + fprintf(stderr, "UNIX socket filename %s is too long!", unixsocketname); + return false; + } strncpy(sa.sun_path, unixsocketname, sizeof(sa.sun_path)); - sa.sun_path[sizeof(sa.sun_path) - 1] = 0; - fd = socket(AF_UNIX, SOCK_STREAM, 0); if(fd < 0) { @@ -1104,7 +1121,7 @@ static int cmd_stop(int argc, char *argv[]) { } #ifdef HAVE_MINGW - return remove_service(); + return remove_service() ? EXIT_SUCCESS : EXIT_FAILURE; #else if(!stop_tincd()) { @@ -1886,6 +1903,19 @@ static int cmd_config(int argc, char *argv[]) { found = true; variable = (char *)variables[i].name; + if(!strcasecmp(variable, "Subnet")) { + subnet_t s = {0}; + + if(!str2net(&s, value)) { + fprintf(stderr, "Malformed subnet definition %s\n", value); + } + + if(!subnetcheck(s)) { + fprintf(stderr, "Network address and prefix length do not match: %s\n", value); + return 1; + } + } + /* Discourage use of obsolete variables. */ if(variables[i].type & VAR_OBSOLETE && action >= 0) { @@ -3309,6 +3339,11 @@ static int cmd_shell(int argc, char *argv[]) { return result; } +static void cleanup() { + free(tinc_conf); + free(hosts_dir); + free_names(); +} int main(int argc, char *argv[]) { program_name = argv[0]; @@ -3323,6 +3358,7 @@ int main(int argc, char *argv[]) { make_names(false); xasprintf(&tinc_conf, "%s" SLASH "tinc.conf", confbase); xasprintf(&hosts_dir, "%s" SLASH "hosts", confbase); + atexit(cleanup); if(show_version) { version(); @@ -3344,7 +3380,8 @@ int main(int argc, char *argv[]) { #endif - srand(time(NULL)); + gettimeofday(&now, NULL); + srand(now.tv_sec + now.tv_usec); crypto_init(); if(optind >= argc) {