X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fconf.c;h=37bfe9469639d3fd423ff57566ec97e2ccc96e99;hp=9bc25a79cecdfc517fbab696f3af33ca2ecedb2e;hb=3ff76eb10acc55b6f269c1075de6bbaa5bc83516;hpb=b1ecbf977722ec473fc8007acd39eb0de581de1a

diff --git a/src/conf.c b/src/conf.c
index 9bc25a79..37bfe946 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -1,6 +1,6 @@
 /*
     conf.c -- configuration code
-    Copyright (C) 1998 Emphyrio,
+    Copyright (C) 1998 Robert van der Meulen
     Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
                             2000 Guus Sliepen <guus@sliepen.warande.net>
 			    2000 Cris van Pelt <tribbel@arise.dhs.org>
@@ -19,10 +19,9 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: conf.c,v 1.9.4.6 2000/07/02 13:36:18 guus Exp $
+    $Id: conf.c,v 1.9.4.23 2000/11/28 23:12:56 zarq Exp $
 */
 
-
 #include "config.h"
 
 #include <ctype.h>
@@ -31,46 +30,51 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <syslog.h>
 
 #include <xalloc.h>
+#include <utils.h> /* for cp */
 
 #include "conf.h"
 #include "netutl.h" /* for strtoip */
-#include <utils.h> /* for cp */
 
+#include "config.h"
 #include "system.h"
 
-config_t *config;
+config_t *config = NULL;
 int debug_lvl = 0;
 int timeout = 0; /* seconds before timeout */
-char *configfilename = NULL;
+char *confbase = NULL;           /* directory in which all config files are */
+char *netname = NULL;            /* name of the vpn network */
 
 /* Will be set if HUP signal is received. It will be processed when it is safe. */
 int sighup = 0;
 
-typedef struct internal_config_t {
-  char *name;
-  enum which_t which;
-  int argtype;
-} internal_config_t;
-
 /*
   These are all the possible configurable values
 */
 static internal_config_t hazahaza[] = {
-  { "AllowConnect", allowconnect,   TYPE_BOOL },   /* Is not used anywhere. Remove? */
-  { "ConnectTo",    upstreamip,     TYPE_NAME },
-  { "ConnectPort",  upstreamport,   TYPE_INT },
-  { "ListenPort",   listenport,     TYPE_INT },
-  { "MyOwnVPNIP",   myvpnip,        TYPE_IP },
-  { "MyVirtualIP",  myvpnip,        TYPE_IP },   /* an alias */
-  { "Passphrases",  passphrasesdir, TYPE_NAME },
-  { "PingTimeout",  pingtimeout,    TYPE_INT },
-  { "TapDevice",    tapdevice,      TYPE_NAME },
-  { "KeyExpire",    keyexpire,      TYPE_INT },
-  { "VpnMask",      vpnmask,        TYPE_IP },
-  { "Hostnames",    resolve_dns,    TYPE_BOOL },
-  { "IndirectData", indirectdata,   TYPE_BOOL },
+/* Main configuration file keywords */
+  { "Name",         config_name,       TYPE_NAME },
+  { "ConnectTo",    config_connectto,      TYPE_NAME },
+  { "PingTimeout",  config_pingtimeout,    TYPE_INT },
+  { "TapDevice",    config_tapdevice,      TYPE_NAME },
+  { "PrivateKey",   config_privatekey,     TYPE_NAME },
+  { "KeyExpire",    config_keyexpire,      TYPE_INT },
+  { "Hostnames",    config_hostnames,    TYPE_BOOL },
+  { "Interface",    config_interface,      TYPE_NAME },
+  { "InterfaceIP",  config_interfaceip,    TYPE_IP },
+/* Host configuration file keywords */
+  { "Address",      config_address,        TYPE_NAME },
+  { "Port",         config_port,           TYPE_INT },
+  { "PublicKey",    config_publickey,      TYPE_NAME },
+  { "Subnet",       config_subnet,         TYPE_IP },		/* Use IPv4 subnets only for now */
+  { "RestrictHosts", config_restricthosts, TYPE_BOOL },
+  { "RestrictSubnets", config_restrictsubnets, TYPE_BOOL },
+  { "RestrictAddress", config_restrictaddress, TYPE_BOOL },
+  { "RestrictPort", config_restrictport,   TYPE_BOOL },
+  { "IndirectData", config_indirectdata,   TYPE_BOOL },
+  { "TCPonly",      config_tcponly,        TYPE_BOOL },
   { NULL, 0, 0 }
 };
 
@@ -80,12 +84,12 @@ static internal_config_t hazahaza[] = {
 config_t *
 add_config_val(config_t **cfg, int argtype, char *val)
 {
-  config_t *p, *r;
+  config_t *p;
   char *q;
 cp
   p = (config_t*)xmalloc(sizeof(*p));
   p->data.val = 0;
-  
+
   switch(argtype)
     {
     case TYPE_INT:
@@ -113,52 +117,52 @@ cp
 
   if(p->data.val)
     {
-      if(*cfg)
-        {
-          r = *cfg;
-          while(r->next)
-            r = r->next;
-          r->next = p;
-        }
-      else
-        *cfg = p;
-      p->next = NULL;
+      p->next = *cfg;
+      *cfg = p;
+cp
       return p;
     }
-
-  free(p);
+  else
+    {
+      free(p);
 cp
-  return NULL;
+      return NULL;
+    }
 }
 
 /*
-  Get variable from a section in a configfile. returns -1 on failure.
+  Parse a configuration file and put the results in the configuration tree
+  starting at *base.
 */
-int
-readconfig(const char *fname, FILE *fp)
+int read_config_file(config_t **base, const char *fname)
 {
-  char *line, *temp_buf;
+  int err = -1;
+  FILE *fp;
+  char line[MAXBUFSIZE];	/* There really should not be any line longer than this... */
   char *p, *q;
   int i, lineno = 0;
   config_t *cfg;
 cp
-  line = (char *)xmalloc(80 * sizeof(char));
-  temp_buf = (char *)xmalloc(80 * sizeof(char));
-	
+  if((fp = fopen (fname, "r")) == NULL)
+    {
+      return -1;
+    }
+
   for(;;)
     {
-      if(fgets(line, 80, fp) == NULL)
-	return 0;
+      if(fgets(line, MAXBUFSIZE, fp) == NULL)
+        {
+          err = 0;
+          break;
+        }
+        
+      lineno++;
 
-      while(!index(line, '\n'))
+      if(!index(line, '\n'))
         {
-	  fgets(temp_buf, (strlen(line)+1) * 80, fp);
-	  if(!temp_buf)
-	    break;
-	  strcat(line, temp_buf);
-	  line = (char *)xrealloc(line, (strlen(line)+1) * sizeof(char));
+          syslog(LOG_ERR, _("Line %d too long while reading config file %s"), lineno, fname);
+          break;
         }        
-      lineno++;
 
       if((p = strtok(line, "\t\n\r =")) == NULL)
 	continue; /* no tokens on this line */
@@ -172,97 +176,74 @@ cp
 
       if(!hazahaza[i].name)
 	{
-	  fprintf(stderr, _("%s: %d: Invalid variable name `%s'.\n"),
-		  fname, lineno, p);
-	  return -1;
+	  syslog(LOG_ERR, _("Invalid variable name on line %d while reading config file %s"),
+		  lineno, fname);
+          break;
 	}
 
       if(((q = strtok(NULL, "\t\n\r =")) == NULL) || q[0] == '#')
 	{
-	  fprintf(stderr, _("%s: %d: No value given for `%s'.\n"),
-		  fname, lineno, hazahaza[i].name);
-	  return -1;
+	  fprintf(stderr, _("No value for variable on line %d while reading config file %s"),
+		  lineno, fname);
+	  break;
 	}
 
-      cfg = add_config_val(&config, hazahaza[i].argtype, q);
+      cfg = add_config_val(base, hazahaza[i].argtype, q);
       if(cfg == NULL)
 	{
-	  fprintf(stderr, _("%s: %d: Invalid value `%s' for variable `%s'.\n"),
-		  fname, lineno, q, hazahaza[i].name);
-	  return -1;
+	  fprintf(stderr, _("Invalid value for variable on line %d while reading config file %s"),
+		  lineno, fname);
+	  break;
 	}
 
       cfg->which = hazahaza[i].which;
       if(!config)
 	config = cfg;
     }
+
+  fclose (fp);
 cp
-  return 0;
+  return err;
 }
 
-/*
-  wrapper function for readconfig
-*/
-int
-read_config_file(const char *fname)
+int read_server_config()
 {
-  int err;
-  FILE *fp;
+  char *fname;
+  int x;
 cp
-  if((fp = fopen (fname, "r")) == NULL)
+  asprintf(&fname, "%s/tinc.conf", confbase);
+  x = read_config_file(&config, fname);
+  if(x != 0)
     {
-      fprintf(stderr, _("Could not open %s: %s\n"), fname, sys_errlist[errno]);
-      return 1;
+      fprintf(stderr, _("Failed to read `%s': %m\n"),
+	      fname);
     }
-
-  err = readconfig(fname, fp);
-  fclose (fp);
+  free(fname);
 cp
-  return err;
+  return x;  
 }
 
 /*
   Look up the value of the config option type
 */
-const config_t *
-get_config_val(which_t type)
+const config_t *get_config_val(config_t *p, which_t type)
 {
-  config_t *p;
 cp
-  for(p = config; p != NULL; p = p->next)
+  for(; p != NULL; p = p->next)
     if(p->which == type)
-      return p;
+      break;
 cp
-  /* Not found */
-  return NULL;
-}
-
-/*
-  Support for multiple config lines.
-  Index is used to get a specific value, 0 being the first, 1 the second etc.
-*/
-const config_t *
-get_next_config_val(which_t type, int index)
-{
-  config_t *p;
-cp  
-  for(p = config; p != NULL; p = p->next)
-    if(p->which == type)
-      if(--index < 0)
-        return p;
-cp  
-  /* Not found */
-  return NULL;
+  return p;
 }
 
 /*
   Remove the complete configuration tree.
 */
-void clear_config()
+void clear_config(config_t **base)
 {
   config_t *p, *next;
 cp
-  for(p = config; p != NULL; p = next)
+  for(p = *base; p != NULL; p = next)
     {
       next = p->next;
       if(p->data.ptr && (p->argtype == TYPE_NAME))
@@ -271,6 +252,50 @@ cp
         }
       free(p);
     }
-  config = NULL;
+  *base = NULL;
 cp
 }
+
+#define is_safe_file(p) 1
+
+FILE *ask_and_safe_open(const char* filename)
+{
+  FILE *r;
+  char *directory;
+  char *fn;
+  int len;
+
+  if(!isatty(0))
+    {
+      /* Argh, they are running us from a script or something.  Write
+         the files to the current directory and let them burn in hell
+         for ever. */
+      directory = "."; /* get_current_directory */
+    }
+  else
+    {
+      directory = ".";
+    }
+
+  len = strlen(filename) + strlen(directory) + 2; /* 1 for the / */
+  fn = xmalloc(len);
+  snprintf(fn, len, "%s/%s", directory, filename);
+
+  if(!is_safe_file(fn))
+    {
+      fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n"
+			"I will not create or overwrite this file.\n"),
+			fn);
+      return NULL;
+    }
+
+  if((r = fopen(fn, "w")) == NULL)
+    {
+      fprintf(stderr, _("Error opening file `%s': %m"),
+	      fn);
+    }
+
+  free(fn);
+  
+  return r;
+}