X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Ftincctl.c;h=ef29c992fcf5d712974d050fda8d6c1588ad582a;hb=9e917cc3b614d7a986416e6a2c3ea9ea583adacf;hp=4f6660a9272ced8729b17330b897e9a0390102c4;hpb=953f5b4231bbbb8269bb0c55b96a1c8c4bb34a59;p=tinc

diff --git a/src/tincctl.c b/src/tincctl.c
index 4f6660a9..ef29c992 100644
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -1,6 +1,6 @@
 /*
     tincctl.c -- Controlling a running tincd
-    Copyright (C) 2007-2018 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2007-2021 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -40,13 +40,14 @@
 #include "tincctl.h"
 #include "top.h"
 #include "version.h"
+#include "subnet.h"
+#include "keys.h"
 
 #ifndef MSG_NOSIGNAL
 #define MSG_NOSIGNAL 0
 #endif
 
 static char **orig_argv;
-static int orig_argc;
 
 /* If nonzero, display usage information and exit. */
 static bool show_help = false;
@@ -70,7 +71,6 @@ static int result;
 bool force = false;
 bool tty = true;
 bool confbasegiven = false;
-bool netnamegiven = false;
 char *scriptinterpreter = NULL;
 char *scriptextension = "";
 static char *prompt;
@@ -92,6 +92,17 @@ static struct option const long_options[] = {
 static void version(void) {
 	printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE,
 	       BUILD_VERSION, BUILD_DATE, BUILD_TIME, PROT_MAJOR, PROT_MINOR);
+	printf("Features:"
+#ifdef HAVE_READLINE
+	       " readline"
+#endif
+#ifdef HAVE_CURSES
+	       " curses"
+#endif
+#ifndef DISABLE_LEGACY
+	       " legacy_protocol"
+#endif
+	       "\n\n");
 	printf("Copyright (C) 1998-2018 Ivo Timmermans, Guus Sliepen and others.\n"
 	       "See the AUTHORS file for a complete list.\n\n"
 	       "tinc comes with ABSOLUTELY NO WARRANTY.  This is free software,\n"
@@ -125,12 +136,12 @@ static void usage(bool status) {
 		       "  reload                     Partially reload configuration of running tincd.\n"
 		       "  pid                        Show PID of currently running tincd.\n"
 #ifdef DISABLE_LEGACY
-		       "  generate-keys              Generate a new Ed25519 public/private keypair.\n"
+		       "  generate-keys              Generate a new Ed25519 public/private key pair.\n"
 #else
-		       "  generate-keys [bits]       Generate new RSA and Ed25519 public/private keypairs.\n"
-		       "  generate-rsa-keys [bits]   Generate a new RSA public/private keypair.\n"
+		       "  generate-keys [bits]       Generate new RSA and Ed25519 public/private key pairs.\n"
+		       "  generate-rsa-keys [bits]   Generate a new RSA public/private key pair.\n"
 #endif
-		       "  generate-ed25519-keys      Generate a new Ed25519 public/private keypair.\n"
+		       "  generate-ed25519-keys      Generate a new Ed25519 public/private key pair.\n"
 		       "  dump                       Dump a list of one of the following things:\n"
 		       "    [reachable] nodes        - all known nodes in the VPN\n"
 		       "    edges                    - all known connections in the VPN\n"
@@ -178,11 +189,13 @@ static bool parse_options(int argc, char **argv) {
 			break;
 
 		case 'c': /* config file */
+			free(confbase);
 			confbase = xstrdup(optarg);
 			confbasegiven = true;
 			break;
 
 		case 'n': /* net name given */
+			free(netname);
 			netname = xstrdup(optarg);
 			break;
 
@@ -195,6 +208,7 @@ static bool parse_options(int argc, char **argv) {
 			break;
 
 		case 3:   /* open control socket here */
+			free(pidfilename);
 			pidfilename = xstrdup(optarg);
 			break;
 
@@ -204,6 +218,7 @@ static bool parse_options(int argc, char **argv) {
 
 		case '?': /* wrong options */
 			usage(true);
+			free_names();
 			return false;
 
 		default:
@@ -224,131 +239,13 @@ static bool parse_options(int argc, char **argv) {
 
 	if(netname && (strpbrk(netname, "\\/") || *netname == '.')) {
 		fprintf(stderr, "Invalid character in netname!\n");
+		free_names();
 		return false;
 	}
 
 	return true;
 }
 
-/* Open a file with the desired permissions, minus the umask.
-   Also, if we want to create an executable file, we call fchmod()
-   to set the executable bits. */
-
-FILE *fopenmask(const char *filename, const char *mode, mode_t perms) {
-	mode_t mask = umask(0);
-	perms &= ~mask;
-	umask(~perms);
-	FILE *f = fopen(filename, mode);
-
-	if(!f) {
-		fprintf(stderr, "Could not open %s: %s\n", filename, strerror(errno));
-		return NULL;
-	}
-
-#ifdef HAVE_FCHMOD
-
-	if((perms & 0444) && f) {
-		fchmod(fileno(f), perms);
-	}
-
-#endif
-	umask(mask);
-	return f;
-}
-
-static void disable_old_keys(const char *filename, const char *what) {
-	char tmpfile[PATH_MAX] = "";
-	char buf[1024];
-	bool disabled = false;
-	bool block = false;
-	bool error = false;
-	FILE *r, *w;
-
-	r = fopen(filename, "r");
-
-	if(!r) {
-		return;
-	}
-
-	snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename);
-
-	struct stat st = {.st_mode = 0600};
-	fstat(fileno(r), &st);
-	w = fopenmask(tmpfile, "w", st.st_mode);
-
-	while(fgets(buf, sizeof(buf), r)) {
-		if(!block && !strncmp(buf, "-----BEGIN ", 11)) {
-			if((strstr(buf, " ED25519 ") && strstr(what, "Ed25519")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) {
-				disabled = true;
-				block = true;
-			}
-		}
-
-		bool ed25519pubkey = !strncasecmp(buf, "Ed25519PublicKey", 16) && strchr(" \t=", buf[16]) && strstr(what, "Ed25519");
-
-		if(ed25519pubkey) {
-			disabled = true;
-		}
-
-		if(w) {
-			if(block || ed25519pubkey) {
-				fputc('#', w);
-			}
-
-			if(fputs(buf, w) < 0) {
-				error = true;
-				break;
-			}
-		}
-
-		if(block && !strncmp(buf, "-----END ", 9)) {
-			block = false;
-		}
-	}
-
-	if(w)
-		if(fclose(w) < 0) {
-			error = true;
-		}
-
-	if(ferror(r) || fclose(r) < 0) {
-		error = true;
-	}
-
-	if(disabled) {
-		if(!w || error) {
-			fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
-
-			if(w) {
-				unlink(tmpfile);
-			}
-
-			return;
-		}
-
-#ifdef HAVE_MINGW
-		// We cannot atomically replace files on Windows.
-		char bakfile[PATH_MAX] = "";
-		snprintf(bakfile, sizeof(bakfile), "%s.bak", filename);
-
-		if(rename(filename, bakfile) || rename(tmpfile, filename)) {
-			rename(bakfile, filename);
-#else
-
-		if(rename(tmpfile, filename)) {
-#endif
-			fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
-		} else  {
-#ifdef HAVE_MINGW
-			unlink(bakfile);
-#endif
-			fprintf(stderr, "Warning: old key(s) found and disabled.\n");
-		}
-	}
-
-	unlink(tmpfile);
-}
-
 static FILE *ask_and_open(const char *filename, const char *what, const char *mode, bool ask, mode_t perms) {
 	FILE *r;
 	char directory[PATH_MAX] = ".";
@@ -388,7 +285,7 @@ ask_filename:
 		/* The directory is a relative path or a filename. */
 		getcwd(directory, sizeof(directory));
 
-		if(snprintf(buf2, sizeof(buf2), "%s" SLASH "%s", directory, filename) >= sizeof(buf2)) {
+		if((size_t)snprintf(buf2, sizeof(buf2), "%s" SLASH "%s", directory, filename) >= sizeof(buf2)) {
 			fprintf(stderr, "Filename too long: %s" SLASH "%s\n", directory, filename);
 
 			if(ask && tty) {
@@ -416,7 +313,7 @@ ask_filename:
 }
 
 /*
-  Generate a public/private Ed25519 keypair, and ask for a file to store
+  Generate a public/private Ed25519 key pair, and ask for a file to store
   them in.
 */
 static bool ed25519_keygen(bool ask) {
@@ -424,7 +321,7 @@ static bool ed25519_keygen(bool ask) {
 	FILE *f;
 	char fname[PATH_MAX];
 
-	fprintf(stderr, "Generating Ed25519 keypair:\n");
+	fprintf(stderr, "Generating Ed25519 key pair:\n");
 
 	if(!(key = ecdsa_generate())) {
 		fprintf(stderr, "Error during key generation!\n");
@@ -480,7 +377,7 @@ error:
 
 #ifndef DISABLE_LEGACY
 /*
-  Generate a public/private RSA keypair, and ask for a file to store
+  Generate a public/private RSA key pair, and ask for a file to store
   them in.
 */
 static bool rsa_keygen(int bits, bool ask) {
@@ -566,18 +463,18 @@ bool recvline(int fd, char *line, size_t len) {
 	}
 
 	while(!(newline = memchr(buffer, '\n', blen))) {
-		int result = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
+		ssize_t nrecv = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
 
-		if(result == -1 && sockerrno == EINTR) {
+		if(nrecv == -1 && sockerrno == EINTR) {
 			continue;
-		} else if(result <= 0) {
+		} else if(nrecv <= 0) {
 			return false;
 		}
 
-		blen += result;
+		blen += nrecv;
 	}
 
-	if(newline - buffer >= len) {
+	if((size_t)(newline - buffer) >= len) {
 		return false;
 	}
 
@@ -591,21 +488,17 @@ bool recvline(int fd, char *line, size_t len) {
 	return true;
 }
 
-bool recvdata(int fd, char *data, size_t len) {
-	if(len == -1) {
-		len = blen;
-	}
-
+static bool recvdata(int fd, char *data, size_t len) {
 	while(blen < len) {
-		int result = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
+		ssize_t nrecv = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
 
-		if(result == -1 && sockerrno == EINTR) {
+		if(nrecv == -1 && sockerrno == EINTR) {
 			continue;
-		} else if(result <= 0) {
+		} else if(nrecv <= 0) {
 			return false;
 		}
 
-		blen += result;
+		blen += nrecv;
 	}
 
 	memcpy(data, buffer, len);
@@ -618,7 +511,7 @@ bool recvdata(int fd, char *data, size_t len) {
 bool sendline(int fd, char *format, ...) {
 	static char buffer[4096];
 	char *p = buffer;
-	int blen = 0;
+	ssize_t blen;
 	va_list ap;
 
 	va_start(ap, format);
@@ -626,7 +519,7 @@ bool sendline(int fd, char *format, ...) {
 	buffer[sizeof(buffer) - 1] = 0;
 	va_end(ap);
 
-	if(blen < 1 || blen >= sizeof(buffer)) {
+	if(blen < 1 || (size_t)blen >= sizeof(buffer)) {
 		return false;
 	}
 
@@ -634,22 +527,22 @@ bool sendline(int fd, char *format, ...) {
 	blen++;
 
 	while(blen) {
-		int result = send(fd, p, blen, MSG_NOSIGNAL);
+		ssize_t nsend = send(fd, p, blen, MSG_NOSIGNAL);
 
-		if(result == -1 && sockerrno == EINTR) {
+		if(nsend == -1 && sockerrno == EINTR) {
 			continue;
-		} else if(result <= 0) {
+		} else if(nsend <= 0) {
 			return false;
 		}
 
-		p += result;
-		blen -= result;
+		p += nsend;
+		blen -= nsend;
 	}
 
 	return true;
 }
 
-static void pcap(int fd, FILE *out, int snaplen) {
+static void pcap(int fd, FILE *out, uint32_t snaplen) {
 	sendline(fd, "%d %d %d", CONTROL, REQ_PCAP, snaplen);
 	char data[9018];
 
@@ -665,7 +558,7 @@ static void pcap(int fd, FILE *out, int snaplen) {
 		0xa1b2c3d4,
 		2, 4,
 		0, 0,
-		snaplen ? : sizeof(data),
+		snaplen ? snaplen : sizeof(data),
 		1,
 	};
 
@@ -684,11 +577,12 @@ static void pcap(int fd, FILE *out, int snaplen) {
 	char line[32];
 
 	while(recvline(fd, line, sizeof(line))) {
-		int code, req, len;
-		int n = sscanf(line, "%d %d %d", &code, &req, &len);
+		int code, req;
+		size_t len;
+		int n = sscanf(line, "%d %d %zd", &code, &req, &len);
 		gettimeofday(&tv, NULL);
 
-		if(n != 3 || code != CONTROL || req != REQ_PCAP || len < 0 || len > sizeof(data)) {
+		if(n != 3 || code != CONTROL || req != REQ_PCAP || len > sizeof(data)) {
 			break;
 		}
 
@@ -715,7 +609,7 @@ static void logcontrol(int fd, FILE *out, int level) {
 		int code, req, len;
 		int n = sscanf(line, "%d %d %d", &code, &req, &len);
 
-		if(n != 3 || code != CONTROL || req != REQ_LOG || len < 0 || len > sizeof(data)) {
+		if(n != 3 || code != CONTROL || req != REQ_LOG || len < 0 || (size_t)len > sizeof(data)) {
 			break;
 		}
 
@@ -729,6 +623,24 @@ static void logcontrol(int fd, FILE *out, int level) {
 	}
 }
 
+static bool stop_tincd(void) {
+	if(!connect_tincd(true)) {
+		return false;
+	}
+
+	sendline(fd, "%d %d", CONTROL, REQ_STOP);
+
+	while(recvline(fd, line, sizeof(line))) {
+		// wait for tincd to close the connection...
+	}
+
+	close(fd);
+	pid = 0;
+	fd = -1;
+
+	return true;
+}
+
 #ifdef HAVE_MINGW
 static bool remove_service(void) {
 	SC_HANDLE manager = NULL;
@@ -746,7 +658,12 @@ static bool remove_service(void) {
 	service = OpenService(manager, identname, SERVICE_ALL_ACCESS);
 
 	if(!service) {
-		fprintf(stderr, "Could not open %s service: %s\n", identname, winerror(GetLastError()));
+		if(GetLastError() == ERROR_SERVICE_DOES_NOT_EXIST) {
+			success = stop_tincd();
+		} else {
+			fprintf(stderr, "Could not open %s service: %s\n", identname, winerror(GetLastError()));
+		}
+
 		goto exit;
 	}
 
@@ -831,14 +748,17 @@ bool connect_tincd(bool verbose) {
 		return false;
 	}
 
-	struct sockaddr_un sa;
+	struct sockaddr_un sa = {
+		.sun_family = AF_UNIX,
+	};
 
-	sa.sun_family = AF_UNIX;
+	if(strlen(unixsocketname) >= sizeof(sa.sun_path)) {
+		fprintf(stderr, "UNIX socket filename %s is too long!", unixsocketname);
+		return false;
+	}
 
 	strncpy(sa.sun_path, unixsocketname, sizeof(sa.sun_path));
 
-	sa.sun_path[sizeof(sa.sun_path) - 1] = 0;
-
 	fd = socket(AF_UNIX, SOCK_STREAM, 0);
 
 	if(fd < 0) {
@@ -887,7 +807,6 @@ bool connect_tincd(bool verbose) {
 		return false;
 	}
 
-#ifdef HAVE_MINGW
 	unsigned long arg = 0;
 
 	if(ioctlsocket(fd, FIONBIO, &arg) != 0) {
@@ -896,8 +815,6 @@ bool connect_tincd(bool verbose) {
 		}
 	}
 
-#endif
-
 	if(connect(fd, res->ai_addr, res->ai_addrlen) < 0) {
 		if(verbose) {
 			fprintf(stderr, "Cannot connect to %s port %s: %s\n", host, port, sockstrerror(sockerrno));
@@ -967,10 +884,12 @@ static int cmd_start(int argc, char *argv[]) {
 
 #endif
 
+	char *default_c = "tincd";
+
 	if(slash++) {
 		xasprintf(&c, "%.*stincd", (int)(slash - program_name), program_name);
 	} else {
-		c = "tincd";
+		c = default_c;
 	}
 
 	int nargc = 0;
@@ -1001,6 +920,12 @@ static int cmd_start(int argc, char *argv[]) {
 #ifdef HAVE_MINGW
 	int status = spawnvp(_P_WAIT, c, nargv);
 
+	free(nargv);
+
+	if(c != default_c) {
+		free(c);
+	}
+
 	if(status == -1) {
 		fprintf(stderr, "Error starting %s: %s\n", c, strerror(errno));
 		return 1;
@@ -1013,6 +938,11 @@ static int cmd_start(int argc, char *argv[]) {
 	if(socketpair(AF_UNIX, SOCK_STREAM, 0, pfd)) {
 		fprintf(stderr, "Could not create umbilical socket: %s\n", strerror(errno));
 		free(nargv);
+
+		if(c != default_c) {
+			free(c);
+		}
+
 		return 1;
 	}
 
@@ -1021,6 +951,11 @@ static int cmd_start(int argc, char *argv[]) {
 	if(pid == -1) {
 		fprintf(stderr, "Could not fork: %s\n", strerror(errno));
 		free(nargv);
+
+		if(c != default_c) {
+			free(c);
+		}
+
 		return 1;
 	}
 
@@ -1036,7 +971,6 @@ static int cmd_start(int argc, char *argv[]) {
 
 	free(nargv);
 
-	int status = -1, result;
 #ifdef SIGINT
 	signal(SIGINT, SIG_IGN);
 #endif
@@ -1044,7 +978,7 @@ static int cmd_start(int argc, char *argv[]) {
 	// Pass all log messages from the umbilical to stderr.
 	// A nul-byte right before closure means tincd started successfully.
 	bool failure = true;
-	char buf[1024];
+	uint8_t buf[1024];
 	ssize_t len;
 
 	while((len = read(pfd[0], buf, sizeof(buf))) > 0) {
@@ -1064,30 +998,40 @@ static int cmd_start(int argc, char *argv[]) {
 	close(pfd[0]);
 
 	// Make sure the child process is really gone.
-	result = waitpid(pid, &status, 0);
+	int status = -1;
+	pid_t result = waitpid(pid, &status, 0);
 
 #ifdef SIGINT
 	signal(SIGINT, SIG_DFL);
 #endif
 
-	if(failure || result != pid || !WIFEXITED(status) || WEXITSTATUS(status)) {
+	bool failed = failure || result != pid || !WIFEXITED(status) || WEXITSTATUS(status);
+
+	if(failed) {
 		fprintf(stderr, "Error starting %s\n", c);
-		return 1;
 	}
 
-	return 0;
+	if(c != default_c) {
+		free(c);
+	}
+
+	return failed ? EXIT_FAILURE : EXIT_SUCCESS;
 #endif
 }
 
 static int cmd_stop(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
 	}
 
-#ifndef HAVE_MINGW
+#ifdef HAVE_MINGW
+	return remove_service() ? EXIT_SUCCESS : EXIT_FAILURE;
+#else
 
-	if(!connect_tincd(true)) {
+	if(!stop_tincd()) {
 		if(pid) {
 			if(kill(pid, SIGTERM)) {
 				fprintf(stderr, "Could not send TERM signal to process with PID %d: %s\n", pid, strerror(errno));
@@ -1102,24 +1046,8 @@ static int cmd_stop(int argc, char *argv[]) {
 		return 1;
 	}
 
-	sendline(fd, "%d %d", CONTROL, REQ_STOP);
-
-	while(recvline(fd, line, sizeof(line))) {
-		// Wait for tincd to close the connection...
-	}
-
-#else
-
-	if(!remove_service()) {
-		return 1;
-	}
-
-#endif
-	close(fd);
-	pid = 0;
-	fd = -1;
-
 	return 0;
+#endif
 }
 
 static int cmd_restart(int argc, char *argv[]) {
@@ -1128,6 +1056,8 @@ static int cmd_restart(int argc, char *argv[]) {
 }
 
 static int cmd_reload(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -1176,7 +1106,7 @@ static int dump_invitations(void) {
 
 		char fname[PATH_MAX];
 
-		if(snprintf(fname, sizeof(fname), "%s" SLASH "%s", dname, ent->d_name) >= sizeof(fname)) {
+		if((size_t)snprintf(fname, sizeof(fname), "%s" SLASH "%s", dname, ent->d_name) >= sizeof(fname)) {
 			fprintf(stderr, "Filename too long: %s" SLASH "%s\n", dname, ent->d_name);
 			continue;
 		}
@@ -1346,7 +1276,7 @@ static int cmd_dump(int argc, char *argv[]) {
 					color = "green";
 				}
 
-				printf(" %s [label = \"%s\", color = \"%s\"%s];\n", node, node, color, strcmp(host, "MYSELF") ? "" : ", style = \"filled\"");
+				printf(" \"%s\" [label = \"%s\", color = \"%s\"%s];\n", node, node, color, strcmp(host, "MYSELF") ? "" : ", style = \"filled\"");
 			} else {
 				if(only_reachable && !status.reachable) {
 					continue;
@@ -1373,12 +1303,12 @@ static int cmd_dump(int argc, char *argv[]) {
 			}
 
 			if(do_graph) {
-				float w = 1 + 65536.0 / weight;
+				float w = 1.0f + 65536.0f / (float)weight;
 
 				if(do_graph == 1 && strcmp(node1, node2) > 0) {
-					printf(" %s -- %s [w = %f, weight = %f];\n", node1, node2, w, w);
+					printf(" \"%s\" -- \"%s\" [w = %f, weight = %f];\n", node1, node2, w, w);
 				} else if(do_graph == 2) {
-					printf(" %s -> %s [w = %f, weight = %f];\n", node1, node2, w, w);
+					printf(" \"%s\" -> \"%s\" [w = %f, weight = %f];\n", node1, node2, w, w);
 				}
 			} else {
 				printf("%s to %s at %s port %s local %s port %s options %x weight %d\n", from, to, host, port, local_host, local_port, options, weight);
@@ -1421,6 +1351,8 @@ static int cmd_dump(int argc, char *argv[]) {
 }
 
 static int cmd_purge(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -1465,6 +1397,8 @@ static int cmd_debug(int argc, char *argv[]) {
 }
 
 static int cmd_retry(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -1535,6 +1469,8 @@ static int cmd_disconnect(int argc, char *argv[]) {
 }
 
 static int cmd_top(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -1570,6 +1506,8 @@ static int cmd_pcap(int argc, char *argv[]) {
 
 #ifdef SIGINT
 static void sigint_handler(int sig) {
+	(void)sig;
+
 	fprintf(stderr, "\n");
 	shutdown(fd, SHUT_RDWR);
 }
@@ -1601,6 +1539,8 @@ static int cmd_log(int argc, char *argv[]) {
 }
 
 static int cmd_pid(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -1614,8 +1554,8 @@ static int cmd_pid(int argc, char *argv[]) {
 	return 0;
 }
 
-int rstrip(char *value) {
-	int len = strlen(value);
+size_t rstrip(char *value) {
+	size_t len = strlen(value);
 
 	while(len && strchr("\t\r\n ", value[len - 1])) {
 		value[--len] = 0;
@@ -1639,7 +1579,7 @@ char *get_my_name(bool verbose) {
 	char *value;
 
 	while(fgets(buf, sizeof(buf), f)) {
-		int len = strcspn(buf, "\t =");
+		size_t len = strcspn(buf, "\t =");
 		value = buf + len;
 		value += strspn(value, "\t ");
 
@@ -1678,7 +1618,7 @@ ecdsa_t *get_pubkey(FILE *f) {
 	char *value;
 
 	while(fgets(buf, sizeof(buf), f)) {
-		int len = strcspn(buf, "\t =");
+		size_t len = strcspn(buf, "\t =");
 		value = buf + len;
 		value += strspn(value, "\t ");
 
@@ -1707,18 +1647,18 @@ ecdsa_t *get_pubkey(FILE *f) {
 
 const var_t variables[] = {
 	/* Server configuration */
-	{"AddressFamily", VAR_SERVER},
+	{"AddressFamily", VAR_SERVER | VAR_SAFE},
 	{"AutoConnect", VAR_SERVER | VAR_SAFE},
 	{"BindToAddress", VAR_SERVER | VAR_MULTIPLE},
 	{"BindToInterface", VAR_SERVER},
 	{"Broadcast", VAR_SERVER | VAR_SAFE},
 	{"BroadcastSubnet", VAR_SERVER | VAR_MULTIPLE | VAR_SAFE},
 	{"ConnectTo", VAR_SERVER | VAR_MULTIPLE | VAR_SAFE},
-	{"DecrementTTL", VAR_SERVER},
+	{"DecrementTTL", VAR_SERVER | VAR_SAFE},
 	{"Device", VAR_SERVER},
 	{"DeviceStandby", VAR_SERVER},
 	{"DeviceType", VAR_SERVER},
-	{"DirectOnly", VAR_SERVER},
+	{"DirectOnly", VAR_SERVER | VAR_SAFE},
 	{"Ed25519PrivateKeyFile", VAR_SERVER},
 	{"ExperimentalProtocol", VAR_SERVER},
 	{"Forwarding", VAR_SERVER},
@@ -1728,34 +1668,34 @@ const var_t variables[] = {
 	{"IffOneQueue", VAR_SERVER},
 	{"Interface", VAR_SERVER},
 	{"InvitationExpire", VAR_SERVER},
-	{"KeyExpire", VAR_SERVER},
+	{"KeyExpire", VAR_SERVER | VAR_SAFE},
 	{"ListenAddress", VAR_SERVER | VAR_MULTIPLE},
-	{"LocalDiscovery", VAR_SERVER},
+	{"LocalDiscovery", VAR_SERVER | VAR_SAFE},
 	{"LogLevel", VAR_SERVER},
-	{"MACExpire", VAR_SERVER},
-	{"MaxConnectionBurst", VAR_SERVER},
-	{"MaxOutputBufferSize", VAR_SERVER},
-	{"MaxTimeout", VAR_SERVER},
+	{"MACExpire", VAR_SERVER | VAR_SAFE},
+	{"MaxConnectionBurst", VAR_SERVER | VAR_SAFE},
+	{"MaxOutputBufferSize", VAR_SERVER | VAR_SAFE},
+	{"MaxTimeout", VAR_SERVER | VAR_SAFE},
 	{"Mode", VAR_SERVER | VAR_SAFE},
 	{"Name", VAR_SERVER},
-	{"PingInterval", VAR_SERVER},
-	{"PingTimeout", VAR_SERVER},
+	{"PingInterval", VAR_SERVER | VAR_SAFE},
+	{"PingTimeout", VAR_SERVER | VAR_SAFE},
 	{"PriorityInheritance", VAR_SERVER},
 	{"PrivateKey", VAR_SERVER | VAR_OBSOLETE},
 	{"PrivateKeyFile", VAR_SERVER},
 	{"ProcessPriority", VAR_SERVER},
 	{"Proxy", VAR_SERVER},
-	{"ReplayWindow", VAR_SERVER},
+	{"ReplayWindow", VAR_SERVER | VAR_SAFE},
 	{"ScriptsExtension", VAR_SERVER},
 	{"ScriptsInterpreter", VAR_SERVER},
-	{"StrictSubnets", VAR_SERVER},
-	{"TunnelServer", VAR_SERVER},
-	{"UDPDiscovery", VAR_SERVER},
-	{"UDPDiscoveryKeepaliveInterval", VAR_SERVER},
-	{"UDPDiscoveryInterval", VAR_SERVER},
-	{"UDPDiscoveryTimeout", VAR_SERVER},
-	{"MTUInfoInterval", VAR_SERVER},
-	{"UDPInfoInterval", VAR_SERVER},
+	{"StrictSubnets", VAR_SERVER | VAR_SAFE},
+	{"TunnelServer", VAR_SERVER | VAR_SAFE},
+	{"UDPDiscovery", VAR_SERVER | VAR_SAFE},
+	{"UDPDiscoveryKeepaliveInterval", VAR_SERVER | VAR_SAFE},
+	{"UDPDiscoveryInterval", VAR_SERVER | VAR_SAFE},
+	{"UDPDiscoveryTimeout", VAR_SERVER | VAR_SAFE},
+	{"MTUInfoInterval", VAR_SERVER | VAR_SAFE},
+	{"UDPInfoInterval", VAR_SERVER | VAR_SAFE},
 	{"UDPRcvBuf", VAR_SERVER},
 	{"UDPSndBuf", VAR_SERVER},
 	{"UPnP", VAR_SERVER},
@@ -1766,12 +1706,12 @@ const var_t variables[] = {
 	/* Host configuration */
 	{"Address", VAR_HOST | VAR_MULTIPLE},
 	{"Cipher", VAR_SERVER | VAR_HOST},
-	{"ClampMSS", VAR_SERVER | VAR_HOST},
-	{"Compression", VAR_SERVER | VAR_HOST},
+	{"ClampMSS", VAR_SERVER | VAR_HOST | VAR_SAFE},
+	{"Compression", VAR_SERVER | VAR_HOST | VAR_SAFE},
 	{"Digest", VAR_SERVER | VAR_HOST},
 	{"Ed25519PublicKey", VAR_HOST},
 	{"Ed25519PublicKeyFile", VAR_SERVER | VAR_HOST},
-	{"IndirectData", VAR_SERVER | VAR_HOST},
+	{"IndirectData", VAR_SERVER | VAR_HOST | VAR_SAFE},
 	{"MACLength", VAR_SERVER | VAR_HOST},
 	{"PMTU", VAR_SERVER | VAR_HOST},
 	{"PMTUDiscovery", VAR_SERVER | VAR_HOST},
@@ -1779,7 +1719,7 @@ const var_t variables[] = {
 	{"PublicKey", VAR_HOST | VAR_OBSOLETE},
 	{"PublicKeyFile", VAR_SERVER | VAR_HOST | VAR_OBSOLETE},
 	{"Subnet", VAR_HOST | VAR_MULTIPLE | VAR_SAFE},
-	{"TCPOnly", VAR_SERVER | VAR_HOST},
+	{"TCPOnly", VAR_SERVER | VAR_HOST | VAR_SAFE},
 	{"Weight", VAR_HOST | VAR_SAFE},
 	{NULL, 0}
 };
@@ -1823,7 +1763,7 @@ static int cmd_config(int argc, char *argv[]) {
 	char *node = NULL;
 	char *variable;
 	char *value;
-	int len;
+	size_t len;
 
 	len = strcspn(line, "\t =");
 	value = line + len;
@@ -1870,6 +1810,20 @@ static int cmd_config(int argc, char *argv[]) {
 		found = true;
 		variable = (char *)variables[i].name;
 
+		if(!strcasecmp(variable, "Subnet") && *value) {
+			subnet_t s = {0};
+
+			if(!str2net(&s, value)) {
+				fprintf(stderr, "Malformed subnet definition %s\n", value);
+				return 1;
+			}
+
+			if(!subnetcheck(s)) {
+				fprintf(stderr, "Network address and prefix length do not match: %s\n", value);
+				return 1;
+			}
+		}
+
 		/* Discourage use of obsolete variables. */
 
 		if(variables[i].type & VAR_OBSOLETE && action >= 0) {
@@ -1917,6 +1871,11 @@ static int cmd_config(int argc, char *argv[]) {
 
 	if(node && !check_id(node)) {
 		fprintf(stderr, "Invalid name for node.\n");
+
+		if(node != line) {
+			free(node);
+		}
+
 		return 1;
 	}
 
@@ -1925,6 +1884,11 @@ static int cmd_config(int argc, char *argv[]) {
 			fprintf(stderr, "Warning: %s is not a known configuration variable!\n", variable);
 		} else {
 			fprintf(stderr, "%s: is not a known configuration variable! Use --force to use it anyway.\n", variable);
+
+			if(node && node != line) {
+				free(node);
+			}
+
 			return 1;
 		}
 	}
@@ -1934,6 +1898,11 @@ static int cmd_config(int argc, char *argv[]) {
 
 	if(node) {
 		snprintf(filename, sizeof(filename), "%s" SLASH "%s", hosts_dir, node);
+
+		if(node != line) {
+			free(node);
+			node = NULL;
+		}
 	} else {
 		snprintf(filename, sizeof(filename), "%s", tinc_conf);
 	}
@@ -1949,7 +1918,7 @@ static int cmd_config(int argc, char *argv[]) {
 	FILE *tf = NULL;
 
 	if(action >= -1) {
-		if(snprintf(tmpfile, sizeof(tmpfile), "%s.config.tmp", filename) >= sizeof(tmpfile)) {
+		if((size_t)snprintf(tmpfile, sizeof(tmpfile), "%s.config.tmp", filename) >= sizeof(tmpfile)) {
 			fprintf(stderr, "Filename too long: %s.config.tmp\n", filename);
 			return 1;
 		}
@@ -1976,9 +1945,8 @@ static int cmd_config(int argc, char *argv[]) {
 
 		// Parse line in a simple way
 		char *bvalue;
-		int len;
 
-		len = strcspn(buf2, "\t =");
+		size_t len = strcspn(buf2, "\t =");
 		bvalue = buf2 + len;
 		bvalue += strspn(bvalue, "\t ");
 
@@ -2202,7 +2170,7 @@ static int cmd_init(int argc, char *argv[]) {
 				return 1;
 			}
 
-			int len = rstrip(buf);
+			size_t len = rstrip(buf);
 
 			if(!len) {
 				fprintf(stderr, "No name given!\n");
@@ -2291,6 +2259,7 @@ static int cmd_init(int argc, char *argv[]) {
 
 static int cmd_generate_keys(int argc, char *argv[]) {
 #ifdef DISABLE_LEGACY
+	(void)argv;
 
 	if(argc > 1) {
 #else
@@ -2336,6 +2305,8 @@ static int cmd_generate_rsa_keys(int argc, char *argv[]) {
 #endif
 
 static int cmd_generate_ed25519_keys(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -2349,11 +2320,16 @@ static int cmd_generate_ed25519_keys(int argc, char *argv[]) {
 }
 
 static int cmd_help(int argc, char *argv[]) {
+	(void)argc;
+	(void)argv;
+
 	usage(false);
 	return 0;
 }
 
 static int cmd_version(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -2422,7 +2398,17 @@ static int cmd_edit(int argc, char *argv[]) {
 
 	char *command;
 #ifndef HAVE_MINGW
-	xasprintf(&command, "\"%s\" \"%s\"", getenv("VISUAL") ? : getenv("EDITOR") ? : "vi", filename);
+	const char *editor = getenv("VISUAL");
+
+	if(!editor) {
+		editor = getenv("EDITOR");
+	}
+
+	if(!editor) {
+		editor = "vi";
+	}
+
+	xasprintf(&command, "\"%s\" \"%s\"", editor, filename);
 #else
 	xasprintf(&command, "edit \"%s\"", filename);
 #endif
@@ -2471,6 +2457,8 @@ static int export(const char *name, FILE *out) {
 }
 
 static int cmd_export(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -2493,6 +2481,8 @@ static int cmd_export(int argc, char *argv[]) {
 }
 
 static int cmd_export_all(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -2533,6 +2523,8 @@ static int cmd_export_all(int argc, char *argv[]) {
 }
 
 static int cmd_import(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -2560,7 +2552,7 @@ static int cmd_import(int argc, char *argv[]) {
 				fclose(out);
 			}
 
-			if(snprintf(filename, sizeof(filename), "%s" SLASH "%s", hosts_dir, name) >= sizeof(filename)) {
+			if((size_t)snprintf(filename, sizeof(filename), "%s" SLASH "%s", hosts_dir, name) >= sizeof(filename)) {
 				fprintf(stderr, "Filename too long: %s" SLASH "%s\n", hosts_dir, name);
 				return 1;
 			}
@@ -2612,11 +2604,11 @@ static int cmd_import(int argc, char *argv[]) {
 }
 
 static int cmd_exchange(int argc, char *argv[]) {
-	return cmd_export(argc, argv) ? : cmd_import(argc, argv);
+	return cmd_export(argc, argv) ? 1 : cmd_import(argc, argv);
 }
 
 static int cmd_exchange_all(int argc, char *argv[]) {
-	return cmd_export_all(argc, argv) ? : cmd_import(argc, argv);
+	return cmd_export_all(argc, argv) ? 1 : cmd_import(argc, argv);
 }
 
 static int switch_network(char *name) {
@@ -2694,6 +2686,8 @@ static int cmd_network(int argc, char *argv[]) {
 }
 
 static int cmd_fsck(int argc, char *argv[]) {
+	(void)argv;
+
 	if(argc > 1) {
 		fprintf(stderr, "Too many arguments!\n");
 		return 1;
@@ -2704,11 +2698,11 @@ static int cmd_fsck(int argc, char *argv[]) {
 
 static void *readfile(FILE *in, size_t *len) {
 	size_t count = 0;
-	size_t alloced = 4096;
-	char *buf = xmalloc(alloced);
+	size_t bufsize = 4096;
+	char *buf = xmalloc(bufsize);
 
 	while(!feof(in)) {
-		size_t read = fread(buf + count, 1, alloced - count, in);
+		size_t read = fread(buf + count, 1, bufsize - count, in);
 
 		if(!read) {
 			break;
@@ -2716,9 +2710,9 @@ static void *readfile(FILE *in, size_t *len) {
 
 		count += read;
 
-		if(count >= alloced) {
-			alloced *= 2;
-			buf = xrealloc(buf, alloced);
+		if(count >= bufsize) {
+			bufsize *= 2;
+			buf = xrealloc(buf, bufsize);
 		}
 	}
 
@@ -2793,7 +2787,7 @@ static int cmd_sign(int argc, char *argv[]) {
 	long t = time(NULL);
 	char *trailer;
 	xasprintf(&trailer, " %s %ld", name, t);
-	int trailer_len = strlen(trailer);
+	size_t trailer_len = strlen(trailer);
 
 	data = xrealloc(data, len + trailer_len);
 	memcpy(data + len, trailer, trailer_len);
@@ -2908,7 +2902,7 @@ static int cmd_verify(int argc, char *argv[]) {
 
 	char *trailer;
 	xasprintf(&trailer, " %s %ld", signer, t);
-	int trailer_len = strlen(trailer);
+	size_t trailer_len = strlen(trailer);
 
 	data = xrealloc(data, len + trailer_len);
 	memcpy(data + len, trailer, trailer_len);
@@ -2962,48 +2956,48 @@ static const struct {
 	int (*function)(int argc, char *argv[]);
 	bool hidden;
 } commands[] = {
-	{"start", cmd_start},
-	{"stop", cmd_stop},
-	{"restart", cmd_restart},
-	{"reload", cmd_reload},
-	{"dump", cmd_dump},
-	{"list", cmd_dump},
-	{"purge", cmd_purge},
-	{"debug", cmd_debug},
-	{"retry", cmd_retry},
-	{"connect", cmd_connect},
-	{"disconnect", cmd_disconnect},
-	{"top", cmd_top},
-	{"pcap", cmd_pcap},
-	{"log", cmd_log},
-	{"pid", cmd_pid},
+	{"start", cmd_start, false},
+	{"stop", cmd_stop, false},
+	{"restart", cmd_restart, false},
+	{"reload", cmd_reload, false},
+	{"dump", cmd_dump, false},
+	{"list", cmd_dump, false},
+	{"purge", cmd_purge, false},
+	{"debug", cmd_debug, false},
+	{"retry", cmd_retry, false},
+	{"connect", cmd_connect, false},
+	{"disconnect", cmd_disconnect, false},
+	{"top", cmd_top, false},
+	{"pcap", cmd_pcap, false},
+	{"log", cmd_log, false},
+	{"pid", cmd_pid, false},
 	{"config", cmd_config, true},
-	{"add", cmd_config},
-	{"del", cmd_config},
-	{"get", cmd_config},
-	{"set", cmd_config},
-	{"init", cmd_init},
-	{"generate-keys", cmd_generate_keys},
+	{"add", cmd_config, false},
+	{"del", cmd_config, false},
+	{"get", cmd_config, false},
+	{"set", cmd_config, false},
+	{"init", cmd_init, false},
+	{"generate-keys", cmd_generate_keys, false},
 #ifndef DISABLE_LEGACY
-	{"generate-rsa-keys", cmd_generate_rsa_keys},
+	{"generate-rsa-keys", cmd_generate_rsa_keys, false},
 #endif
-	{"generate-ed25519-keys", cmd_generate_ed25519_keys},
-	{"help", cmd_help},
-	{"version", cmd_version},
-	{"info", cmd_info},
-	{"edit", cmd_edit},
-	{"export", cmd_export},
-	{"export-all", cmd_export_all},
-	{"import", cmd_import},
-	{"exchange", cmd_exchange},
-	{"exchange-all", cmd_exchange_all},
-	{"invite", cmd_invite},
-	{"join", cmd_join},
-	{"network", cmd_network},
-	{"fsck", cmd_fsck},
-	{"sign", cmd_sign},
-	{"verify", cmd_verify},
-	{NULL, NULL},
+	{"generate-ed25519-keys", cmd_generate_ed25519_keys, false},
+	{"help", cmd_help, false},
+	{"version", cmd_version, false},
+	{"info", cmd_info, false},
+	{"edit", cmd_edit, false},
+	{"export", cmd_export, false},
+	{"export-all", cmd_export_all, false},
+	{"import", cmd_import, false},
+	{"exchange", cmd_exchange, false},
+	{"exchange-all", cmd_exchange_all, false},
+	{"invite", cmd_invite, false},
+	{"join", cmd_join, false},
+	{"network", cmd_network, false},
+	{"fsck", cmd_fsck, false},
+	{"sign", cmd_sign, false},
+	{"verify", cmd_verify, false},
+	{NULL, NULL, false},
 };
 
 #ifdef HAVE_READLINE
@@ -3121,10 +3115,13 @@ static char *complete_info(const char *text, int state) {
 }
 
 static char *complete_nothing(const char *text, int state) {
+	(void)text;
+	(void)state;
 	return NULL;
 }
 
 static char **completion(const char *text, int start, int end) {
+	(void)end;
 	char **matches = NULL;
 
 	if(!start) {
@@ -3264,11 +3261,15 @@ static int cmd_shell(int argc, char *argv[]) {
 	return result;
 }
 
+static void cleanup() {
+	free(tinc_conf);
+	free(hosts_dir);
+	free_names();
+}
 
 int main(int argc, char *argv[]) {
 	program_name = argv[0];
 	orig_argv = argv;
-	orig_argc = argc;
 	tty = isatty(0) && isatty(1);
 
 	if(!parse_options(argc, argv)) {
@@ -3278,6 +3279,7 @@ int main(int argc, char *argv[]) {
 	make_names(false);
 	xasprintf(&tinc_conf, "%s" SLASH "tinc.conf", confbase);
 	xasprintf(&hosts_dir, "%s" SLASH "hosts", confbase);
+	atexit(cleanup);
 
 	if(show_version) {
 		version();
@@ -3299,7 +3301,8 @@ int main(int argc, char *argv[]) {
 
 #endif
 
-	srand(time(NULL));
+	gettimeofday(&now, NULL);
+	srand(now.tv_sec + now.tv_usec);
 	crypto_init();
 
 	if(optind >= argc) {