X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=09d98f41b4fe0c2b1df170d6f91786edfefdb50d;hp=bc32b7cc7763e0e14eb27e23d1a2a64da042fba0;hb=596e248bc588323cc7ee751286dbcaf677b5c653;hpb=f95cc86d0c14ca4c47e5459af4bb6d1170baa9f5 diff --git a/src/net.c b/src/net.c index bc32b7cc..09d98f41 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.68 2000/11/07 21:43:28 guus Exp $ + $Id: net.c,v 1.35.4.72 2000/11/15 01:28:21 zarq Exp $ */ #include "config.h" @@ -25,7 +25,8 @@ #include #include #include -#include +/* SunOS really wants sys/socket.h BEFORE net/if.h */ +#include #include #include #include @@ -33,15 +34,29 @@ #include #include #include -#include #include #include #include #include #include -#include -#include -#include + +#ifdef HAVE_OPENSSL_RAND_H +# include +#else +# include +#endif + +#ifdef HAVE_OPENSSL_EVP_H +# include +#else +# include +#endif + +#ifdef HAVE_OPENSSL_ERR_H +# include +#else +# include +#endif #ifdef HAVE_TUNTAP #include LINUX_IF_TUN_H @@ -86,6 +101,7 @@ int execute_script(const char *name) char *scriptname; pid_t pid; char *s; + int error; if((pid = fork()) < 0) { @@ -101,28 +117,69 @@ int execute_script(const char *name) /* Child here */ + error = 0; + if(netname) { asprintf(&s, "NETNAME=%s", netname); putenv(s); /* Don't free s! see man 3 putenv */ } +#ifdef HAVE_UNSETENV else { unsetenv("NETNAME"); } +#endif + + if(chdir(confbase) < 0) + /* This cannot fail since we already read config files from this + directory. - Guus */ + /* Yes this can fail, somebody could have removed this directory + when we didn't pay attention. - Ivo */ + { + if(chdir("/") < 0) + /* Now if THIS fails, something wicked is going on. - Ivo */ + syslog(LOG_ERR, _("Couldn't chdir to `/': %m")); - chdir(confbase); /* This cannot fail since we already read config files from this directory. */ + /* Continue anyway. */ + } asprintf(&scriptname, "%s/%s", confbase, name); - execl(scriptname, NULL); + /* Close all file descriptors */ + closelog(); + fcloseall(); + + /* Open standard input */ + if(open("/dev/null", O_RDONLY) < 0) + { + syslog(LOG_ERR, _("Opening `/dev/null' failed: %m")); + error = 1; + } + + if(!error) + { + /* Standard output directly goes to syslog */ + openlog(name, LOG_CONS | LOG_PID, LOG_DAEMON); + /* Standard error as well */ + if(dup2(1, 2) < 0) + { + syslog(LOG_ERR, _("System call `%s' failed: %m"), + "dup2"); + error = 1; + } + } + + if(error && debug_lvl > 1) + syslog(LOG_INFO, _("This means that any output the script generates will not be shown in syslog.")); + + execl(scriptname, NULL); /* No return on success */ if(errno != ENOENT) /* Ignore if the file does not exist */ syslog(LOG_WARNING, _("Error executing `%s': %m"), scriptname); /* No need to free things */ - exit(0); } @@ -483,6 +540,7 @@ cp if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -490,6 +548,7 @@ cp if(setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -498,6 +557,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "fcntl"); return -1; @@ -507,6 +567,7 @@ cp { if(setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, cfg->data.ptr, strlen(cfg->data.ptr))) { + close(nfd); syslog(LOG_ERR, _("Unable to bind listen socket to interface %s: %m"), cfg->data.ptr); return -1; } @@ -523,12 +584,14 @@ cp if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr))) { + close(nfd); syslog(LOG_ERR, _("Can't bind to port %hd/tcp: %m"), port); return -1; } if(listen(nfd, 3)) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "listen"); return -1; @@ -549,12 +612,14 @@ int setup_vpn_in_socket(int port) cp if((nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) { + close(nfd); syslog(LOG_ERR, _("Creating socket failed: %m")); return -1; } if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -563,6 +628,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "fcntl"); return -1; @@ -575,6 +641,7 @@ cp if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr))) { + close(nfd); syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), port); return -1; } @@ -613,6 +680,7 @@ cp if(connect(cl->meta_socket, (struct sockaddr *)&a, sizeof(a)) == -1) { + close(cl->meta_socket); syslog(LOG_ERR, _("%s port %hd: %m"), cl->hostname, cl->port); return -1; } @@ -620,6 +688,7 @@ cp flags = fcntl(cl->meta_socket, F_GETFL); if(fcntl(cl->meta_socket, F_SETFL, flags | O_NONBLOCK) < 0) { + close(cl->meta_socket); syslog(LOG_ERR, _("fcntl for %s port %d: %m"), cl->hostname, cl->port); return -1; @@ -962,6 +1031,7 @@ cp if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "setsockopt"); return -1; @@ -970,6 +1040,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("System call `%s' failed: %m"), "fcntl"); return -1; @@ -982,6 +1053,7 @@ cp if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr))) { + close(nfd); syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), myself->port); return -1; } @@ -992,6 +1064,7 @@ cp if(connect(nfd, (struct sockaddr *)&a, sizeof(a)) == -1) { + close(nfd); syslog(LOG_ERR, _("Connecting to %s port %d failed: %m"), cl->hostname, cl->port); return -1; @@ -1000,6 +1073,7 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { + close(nfd); syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd, cl->name, cl->hostname); return -1;