X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fcontrol.c;h=98eae804d7cc46b79b0d9448fbadd512d2984618;hp=b72ea9eeb59778509c1aa8f368110163d8288928;hb=0c7e0210d900185d4c1a9ffd969dc2a26d9523a9;hpb=01f47c46af514a9d7f39c143e4558a8426a0d3eb

diff --git a/src/control.c b/src/control.c
index b72ea9ee..98eae804 100644
--- a/src/control.c
+++ b/src/control.c
@@ -1,6 +1,6 @@
 /*
     control.c -- Control socket handling.
-    Copyright (C) 2007 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2013 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -12,105 +12,213 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     GNU General Public License for more details.
 
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-    $Id$
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
 
-#include <sys/un.h>
-
 #include "system.h"
+#include "crypto.h"
 #include "conf.h"
 #include "control.h"
+#include "control_common.h"
+#include "graph.h"
 #include "logger.h"
+#include "meta.h"
+#include "names.h"
+#include "net.h"
+#include "netutl.h"
+#include "protocol.h"
+#include "route.h"
+#include "utils.h"
 #include "xalloc.h"
 
-static int control_socket = -1;
-static struct event control_event;
-static splay_tree_t *control_socket_tree;
-extern char *controlfilename;
+char controlcookie[65];
+
+static bool control_return(connection_t *c, int type, int error) {
+	return send_request(c, "%d %d %d", CONTROL, type, error);
+}
+
+static bool control_ok(connection_t *c, int type) {
+	return control_return(c, type, 0);
+}
 
-static void handle_control_data(int fd, short events, void *event) {
-	char buf[MAXBUFSIZE];
-	size_t inlen;
+bool control_h(connection_t *c, const char *request) {
+	int type;
 
-	inlen = read(fd, buf, sizeof buf);
+	if(!c->status.control || c->allow_request != CONTROL) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Unauthorized control request from %s (%s)", c->name, c->hostname);
+		return false;
+	}
 
-	if(inlen <= 0) {
-		logger(LOG_DEBUG, _("Closing control socket"));
-		event_del(event);
-		splay_delete(control_socket_tree, event);
-		close(fd);
+	if(sscanf(request, "%*d %d", &type) != 1) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "CONTROL", c->name, c->hostname);
+		return false;
+	}
+
+	switch (type) {
+		case REQ_STOP:
+			event_exit();
+			return control_ok(c, REQ_STOP);
+
+		case REQ_DUMP_NODES:
+			return dump_nodes(c);
+
+		case REQ_DUMP_EDGES:
+			return dump_edges(c);
+
+		case REQ_DUMP_SUBNETS:
+			return dump_subnets(c);
+
+		case REQ_DUMP_CONNECTIONS:
+			return dump_connections(c);
+
+		case REQ_PURGE:
+			purge();
+			return control_ok(c, REQ_PURGE);
+
+		case REQ_SET_DEBUG: {
+			int new_level;
+			if(sscanf(request, "%*d %*d %d", &new_level) != 1)
+				return false;
+			send_request(c, "%d %d %d", CONTROL, REQ_SET_DEBUG, debug_level);
+			if(new_level >= 0)
+				debug_level = new_level;
+			return true;
+		}
+
+		case REQ_RETRY:
+			retry();
+			return control_ok(c, REQ_RETRY);
+
+		case REQ_RELOAD:
+			logger(DEBUG_ALWAYS, LOG_NOTICE, "Got '%s' command", "reload");
+			int result = reload_configuration();
+			return control_return(c, REQ_RELOAD, result);
+
+		case REQ_DISCONNECT: {
+			char name[MAX_STRING_SIZE];
+			bool found = false;
+
+			if(sscanf(request, "%*d %*d " MAX_STRING, name) != 1)
+				return control_return(c, REQ_DISCONNECT, -1);
+
+			for list_each(connection_t, other, connection_list) {
+				if(strcmp(other->name, name))
+					continue;
+				terminate_connection(other, other->edge);
+				found = true;
+			}
+
+			return control_return(c, REQ_DISCONNECT, found ? 0 : -2);
+		}
+
+		case REQ_DUMP_TRAFFIC:
+			return dump_traffic(c);
+
+		case REQ_PCAP:
+			sscanf(request, "%*d %*d %d", &c->outmaclength);
+			c->status.pcap = true;
+			pcap = true;
+			return true;
+
+		case REQ_LOG:
+			sscanf(request, "%*d %*d %d", &c->outcompression);
+			c->status.log = true;
+			logcontrol = true;
+			return true;
+
+		default:
+			return send_request(c, "%d %d", CONTROL, REQ_INVALID);
 	}
 }
 
-static void handle_new_control_socket(int fd, short events, void *data) {
-	int newfd;
-	struct event *ev;
+bool init_control(void) {
+	randomize(controlcookie, sizeof controlcookie / 2);
+	bin2hex(controlcookie, controlcookie, sizeof controlcookie / 2);
 
-	newfd = accept(fd, NULL, NULL);
+	mode_t mask = umask(0);
+	umask(mask | 077);
+	FILE *f = fopen(pidfilename, "w");
+	umask(mask);
 
-	if(newfd < 0) {
-		logger(LOG_ERR, _("Accepting a new connection failed: %s"), strerror(errno));
-		event_del(&control_event);
-		return;
+	if(!f) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Cannot write control socket cookie file %s: %s", pidfilename, strerror(errno));
+		return false;
 	}
 
-	ev = xmalloc(sizeof *ev);
-	event_set(ev, newfd, EV_READ | EV_PERSIST, handle_control_data, ev);
-	event_add(ev, NULL);
-	splay_insert(control_socket_tree, ev);
-
-	logger(LOG_DEBUG, _("Control socket connection accepted"));
-}
+	// Get the address and port of the first listening socket
 
-static int control_compare(const struct event *a, const struct event *b) {
-	return a < b ? -1 : a > b ? 1 : 0;
-}
+	char *localhost = NULL;
+	sockaddr_t sa;
+	socklen_t len = sizeof sa;
 
-void init_control() {
-	struct sockaddr_un addr;
+	// Make sure we have a valid address, and map 0.0.0.0 and :: to 127.0.0.1 and ::1.
 
-	control_socket_tree = splay_alloc_tree((splay_compare_t)control_compare, (splay_action_t)free);
+	if(getsockname(listen_socket[0].tcp.fd, (struct sockaddr *)&sa, &len)) {
+		xasprintf(&localhost, "127.0.0.1 port %s", myport);
+	} else {
+		if(sa.sa.sa_family == AF_INET) {
+			if(sa.in.sin_addr.s_addr == 0)
+				sa.in.sin_addr.s_addr = htonl(0x7f000001);
+		} else if(sa.sa.sa_family == AF_INET6) {
+			static const uint8_t zero[16] = {0};
+			if(!memcmp(sa.in6.sin6_addr.s6_addr, zero, sizeof zero))
+				sa.in6.sin6_addr.s6_addr[15] = 1;
+		}
 
-	if(strlen(controlfilename) >= sizeof addr.sun_path) {
-		logger(LOG_ERR, _("Control socket filename too long!"));
-		return;
+		localhost = sockaddr2hostname(&sa);
 	}
 
-	memset(&addr, 0, sizeof addr);
-	addr.sun_family = AF_UNIX;
-	strncpy(addr.sun_path, controlfilename, sizeof addr.sun_path - 1);
+	fprintf(f, "%d %s %s\n", (int)getpid(), controlcookie, localhost);
+
+	free(localhost);
+	fclose(f);
+
+#ifndef HAVE_MINGW
+	int unix_fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if(unix_fd < 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not create UNIX socket: %s", sockstrerror(sockerrno));
+		return false;
+	}
 
-	control_socket = socket(PF_UNIX, SOCK_STREAM, 0);
+	struct sockaddr_un sa_un;
+	sa_un.sun_family = AF_UNIX;
+	strncpy(sa_un.sun_path, unixsocketname, sizeof sa_un.sun_path);
 
-	if(control_socket < 0) {
-		logger(LOG_ERR, _("Creating UNIX socket failed: %s"), strerror(errno));
-		return;
+	if(connect(unix_fd, (struct sockaddr *)&sa_un, sizeof sa_un) >= 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "UNIX socket %s is still in use!", unixsocketname);
+		return false;
 	}
 
-	unlink(controlfilename);
-	if(bind(control_socket, (struct sockaddr *)&addr, sizeof addr) < 0) {
-		logger(LOG_ERR, _("Can't bind to %s: %s\n"), controlfilename, strerror(errno));
-		close(control_socket);
-		return;
+	unlink(unixsocketname);
+
+	umask(mask | 077);
+	int result = bind(unix_fd, (struct sockaddr *)&sa_un, sizeof sa_un);
+	umask(mask);
+
+	if(result < 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(sockerrno));
+		return false;
 	}
 
-	if(listen(control_socket, 3) < 0) {
-		logger(LOG_ERR, _("Can't listen on %s: %s\n"), controlfilename, strerror(errno));
-		close(control_socket);
-		return;
+	if(listen(unix_fd, 3) < 0) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not listen on UNIX socket %s: %s", unixsocketname, sockstrerror(sockerrno));
+		return false;
 	}
 
-	event_set(&control_event, control_socket, EV_READ | EV_PERSIST, handle_new_control_socket, NULL);
-	event_add(&control_event, NULL);
+	io_add(&unix_socket, handle_new_unix_connection, &unix_socket, unix_fd, IO_READ);
+#endif
+
+	return true;
 }
 
-void exit_control() {
-	if(control_socket >= 0) {
-		event_del(&control_event);
-		close(control_socket);
-	}
+void exit_control(void) {
+#ifndef HAVE_MINGW
+	unlink(unixsocketname);
+	io_del(&unix_socket);
+	close(unix_socket.fd);
+#endif
+
+	unlink(pidfilename);
 }