X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Ftincd.c;h=94f792cd449d3a52d8819c593eb3569efc575c0f;hp=f98afe41533fec14afb724e914139e9ca035f2df;hb=7db1b999c82611d6c68a5d79b4754db19669d5c6;hpb=cf49b2c0647554613874cce495e4a7937a9f7863 diff --git a/src/tincd.c b/src/tincd.c index f98afe41..94f792cd 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -1,7 +1,7 @@ /* tincd.c -- the main file for tincd - Copyright (C) 1998,1999,2000 Ivo Timmermans - 2000 Guus Sliepen + Copyright (C) 1998-2001 Ivo Timmermans + 2000,2001 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: tincd.c,v 1.10.4.35 2000/11/24 23:13:07 guus Exp $ + $Id: tincd.c,v 1.10.4.46 2001/05/28 08:56:57 guus Exp $ */ #include "config.h" @@ -56,6 +56,12 @@ # include #endif +#ifdef HAVE_OPENSSL_PEM_H +# include +#else +# include +#endif + #include @@ -82,9 +88,6 @@ static int show_version; /* If nonzero, it will attempt to kill a running tincd and exit. */ static int kill_tincd = 0; -/* If zero, don't detach from the terminal. */ -extern int do_detach; - /* If nonzero, generate public/private keypair for this host/net. */ static int generate_keys = 0; @@ -147,7 +150,10 @@ parse_options(int argc, char **argv, char **envp) do_detach = 0; break; case 'd': /* inc debug level */ - debug_lvl++; + if(optarg) + debug_lvl = atoi(optarg); + else + debug_lvl++; break; case 'k': /* kill old tincds */ kill_tincd = 1; @@ -162,7 +168,8 @@ parse_options(int argc, char **argv, char **envp) generate_keys = atoi(optarg); if(generate_keys < 512) { - fprintf(stderr, _("Invalid argument! BITS must be a number equal to or greater than 512.\n")); + fprintf(stderr, _("Invalid argument `%s'; BITS must be a number equal to or greater than 512.\n"), + optarg); usage(1); } generate_keys &= ~7; /* Round it to bytes */ @@ -211,14 +218,20 @@ void indicator(int a, int b, void *p) } } -/* Generate a public/private RSA keypair, and possibly store it into the configuration file. */ - +/* + Generate a public/private RSA keypair, and ask for a file to store + them in. +*/ int keygen(int bits) { RSA *rsa_key; + FILE *f; + config_t const *cfg; + char *filename; fprintf(stderr, _("Generating %d bits keys:\n"), bits); rsa_key = RSA_generate_key(bits, 0xFFFF, indicator, NULL); + if(!rsa_key) { fprintf(stderr, _("Error during key generation!")); @@ -227,11 +240,32 @@ int keygen(int bits) else fprintf(stderr, _("Done.\n")); - fprintf(stderr, _("Please copy the private key to tinc.conf and the\npublic key to your host configuration file:\n\n")); - printf("PublicKey = %s\n", BN_bn2hex(rsa_key->n)); - printf("PrivateKey = %s\n", BN_bn2hex(rsa_key->d)); + if(config && (cfg = get_config_val(config, config_name))) + asprintf(&filename, "%s/hosts/%s", confbase, cfg->data.ptr); + else + asprintf(&filename, "%s/rsa_key.priv", confbase); + + if((f = ask_and_safe_open(filename, _("public RSA key"), "a")) == NULL) + return -1; + + if(ftell(f)) + fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); + + PEM_write_RSAPublicKey(f, rsa_key); + fclose(f); + free(filename); - fflush(stdin); + asprintf(&filename, "%s/rsa_key.priv", confbase); + if((f = ask_and_safe_open(filename, _("private RSA key"), "a")) == NULL) + return -1; + + if(ftell(f)) + fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); + + PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL); + fclose(f); + free(filename); + return 0; } @@ -247,7 +281,7 @@ void make_names(void) if(!confbase) asprintf(&confbase, "%s/tinc/%s", CONFDIR, netname); else - fprintf(stderr, _("Both netname and configuration directory given, using the latter...\n")); + syslog(LOG_INFO, _("Both netname and configuration directory given, using the latter...")); if(!identname) asprintf(&identname, "tinc.%s", netname); } @@ -281,7 +315,7 @@ main(int argc, char **argv, char **envp) if(show_version) { printf(_("%s version %s (built %s %s, protocol %d)\n"), PACKAGE, VERSION, __DATE__, __TIME__, PROT_CURRENT); - printf(_("Copyright (C) 1998,1999,2000 Ivo Timmermans, Guus Sliepen and others.\n" + printf(_("Copyright (C) 1998-2001 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -295,30 +329,39 @@ main(int argc, char **argv, char **envp) if(geteuid()) { - fprintf(stderr, _("You must be root to run this program. Sorry.\n")); + fprintf(stderr, _("You must be root to run this program.\n")); return 1; } +#ifdef HAVE_SOLARIS + openlog("tinc", LOG_CONS, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */ +#else + openlog("tinc", LOG_PERROR, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */ +#endif + g_argv = argv; make_names(); /* Slllluuuuuuurrrrp! */ - +cp RAND_load_file("/dev/urandom", 1024); - +cp if(generate_keys) - exit(keygen(generate_keys)); - + { + read_server_config(); + exit(keygen(generate_keys)); + } + if(kill_tincd) exit(kill_other()); if(read_server_config()) - return 1; - + exit(1); +cp if(detach()) exit(0); - +cp if(debug_lvl >= DEBUG_ERROR) ERR_load_crypto_strings(); @@ -341,8 +384,7 @@ main(int argc, char **argv, char **envp) else { syslog(LOG_ERR, _("Not restarting.")); - exit(0); + exit(1); } } } -