X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Ftincd.c;h=9f94d8942ef1155c69b62932db643b27b14ddd28;hp=9879ecb6c6dfe6a63c2e07396ddb1f2f810293bd;hb=d917c8cb6b69475d568ccbe82389b9f2b3eb5e80;hpb=ed8ce60845dc0568840c64c692838136f342fa54 diff --git a/src/tincd.c b/src/tincd.c index 9879ecb6..9f94d894 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -87,10 +87,10 @@ static const char *switchuser = NULL; /* If nonzero, write log entries to a separate file. */ bool use_logfile = false; -char *identname = NULL; /* program name for syslog */ -char *logfilename = NULL; /* log file location */ +char *identname = NULL; /* program name for syslog */ +char *logfilename = NULL; /* log file location */ char *pidfilename = NULL; -char **g_argv; /* a copy of the cmdline arguments */ +char **g_argv; /* a copy of the cmdline arguments */ static int status = 1; @@ -123,7 +123,7 @@ static void usage(bool status) { program_name); else { printf("Usage: %s [option]...\n\n", program_name); - printf( " -c, --config=DIR Read configuration options from DIR.\n" + printf( " -c, --config=DIR Read configuration options from DIR.\n" " -D, --no-detach Don't fork and detach.\n" " -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n" " -n, --net=NETNAME Connect to net NETNAME.\n" @@ -133,7 +133,7 @@ static void usage(bool status) { " --bypass-security Disables meta protocol security, for debugging.\n" " -o, --option[HOST.]KEY=VALUE Set global/host configuration value.\n" " -R, --chroot chroot to NET dir at startup.\n" - " -U, --user=USER setuid to given USER at startup.\n" " --help Display this help and exit.\n" + " -U, --user=USER setuid to given USER at startup.\n" " --help Display this help and exit.\n" " --version Output version information and exit.\n\n"); printf("Report bugs to tinc@tinc-vpn.org.\n"); } @@ -149,18 +149,18 @@ static bool parse_options(int argc, char **argv) { while((r = getopt_long(argc, argv, "c:DLd::n:o:RU:", long_options, &option_index)) != EOF) { switch (r) { - case 0: /* long option */ + case 0: /* long option */ break; - case 'c': /* config file */ + case 'c': /* config file */ confbase = xstrdup(optarg); break; - case 'D': /* no detach */ + case 'D': /* no detach */ do_detach = false; break; - case 'L': /* no detach */ + case 'L': /* no detach */ #ifndef HAVE_MLOCKALL logger(DEBUG_ALWAYS, LOG_ERR, "%s not supported on this platform", "mlockall()"); return false; @@ -169,55 +169,55 @@ static bool parse_options(int argc, char **argv) { break; #endif - case 'd': /* inc debug level */ + case 'd': /* inc debug level */ if(optarg) debug_level = atoi(optarg); else debug_level++; break; - case 'n': /* net name given */ + case 'n': /* net name given */ netname = xstrdup(optarg); break; - case 'o': /* option */ + case 'o': /* option */ cfg = parse_config_line(optarg, NULL, ++lineno); if (!cfg) return false; list_insert_tail(cmdline_conf, cfg); break; - case 'R': /* chroot to NETNAME dir */ + case 'R': /* chroot to NETNAME dir */ do_chroot = true; break; - case 'U': /* setuid to USER */ + case 'U': /* setuid to USER */ switchuser = optarg; break; - case 1: /* show help */ + case 1: /* show help */ show_help = true; break; - case 2: /* show version */ + case 2: /* show version */ show_version = true; break; - case 3: /* bypass security */ + case 3: /* bypass security */ bypass_security = true; break; - case 4: /* write log entries to a file */ + case 4: /* write log entries to a file */ use_logfile = true; if(optarg) logfilename = xstrdup(optarg); break; - case 5: /* open control socket here */ + case 5: /* open control socket here */ pidfilename = xstrdup(optarg); break; - case '?': + case '?': /* wrong options */ usage(true); return false; @@ -231,11 +231,16 @@ static bool parse_options(int argc, char **argv) { /* netname "." is special: a "top-level name" */ - if(netname && !strcmp(netname, ".")) { + if(netname && (!*netname || !strcmp(netname, "."))) { free(netname); netname = NULL; } + if(netname && (strpbrk(netname, "\\/") || *netname == '.')) { + fprintf(stderr, "Invalid character in netname!\n"); + return false; + } + return true; } @@ -258,15 +263,15 @@ static void make_names(void) { if(!RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\tinc", 0, KEY_READ, &key)) { if(!RegQueryValueEx(key, NULL, 0, 0, installdir, &len)) { if(!logfilename) - xasprintf(&logfilename, "%s/log/%s.log", identname); + xasprintf(&logfilename, "%s" SLASH "log" SLASH "%s.log", identname); if(!confbase) { if(netname) - xasprintf(&confbase, "%s/%s", installdir, netname); + xasprintf(&confbase, "%s" SLASH "%s", installdir, netname); else xasprintf(&confbase, "%s", installdir); } if(!pidfilename) - xasprintf(&pidfilename, "%s/pid", confbase); + xasprintf(&pidfilename, "%s" SLASH "pid", confbase); } RegCloseKey(key); if(*installdir) @@ -275,19 +280,19 @@ static void make_names(void) { #endif if(!logfilename) - xasprintf(&logfilename, LOCALSTATEDIR "/log/%s.log", identname); + xasprintf(&logfilename, LOCALSTATEDIR SLASH "log" SLASH "%s.log", identname); if(!pidfilename) - xasprintf(&pidfilename, LOCALSTATEDIR "/run/%s.pid", identname); + xasprintf(&pidfilename, LOCALSTATEDIR SLASH "run" SLASH "%s.pid", identname); if(netname) { if(!confbase) - xasprintf(&confbase, CONFDIR "/tinc/%s", netname); + xasprintf(&confbase, CONFDIR SLASH "tinc" SLASH "%s", netname); else logger(DEBUG_ALWAYS, LOG_INFO, "Both netname and configuration directory given, using the latter..."); } else { if(!confbase) - xasprintf(&confbase, CONFDIR "/tinc"); + xasprintf(&confbase, CONFDIR SLASH "tinc"); } } @@ -324,11 +329,14 @@ static bool drop_privs(void) { "initgroups", strerror(errno)); return false; } +#ifndef __ANDROID__ +// Not supported in android NDK endgrent(); endpwent(); +#endif } if (do_chroot) { - tzset(); /* for proper timestamps in logs */ + tzset(); /* for proper timestamps in logs */ if (chroot(confbase) != 0 || chdir("/") != 0) { logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "chroot", strerror(errno)); @@ -361,7 +369,7 @@ int main(int argc, char **argv) { if(!parse_options(argc, argv)) return 1; - + make_names(); if(show_version) { @@ -426,7 +434,7 @@ int main2(int argc, char **argv) { InitializeCriticalSection(&mutex); EnterCriticalSection(&mutex); #endif - char *priority = NULL; + char *priority = NULL; if(!detach()) return 1; @@ -461,30 +469,27 @@ int main2(int argc, char **argv) { /* Change process priority */ - if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) { - if(!strcasecmp(priority, "Normal")) { - if (setpriority(NORMAL_PRIORITY_CLASS) != 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", - "setpriority", strerror(errno)); - goto end; - } - } else if(!strcasecmp(priority, "Low")) { - if (setpriority(BELOW_NORMAL_PRIORITY_CLASS) != 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", - "setpriority", strerror(errno)); - goto end; - } - } else if(!strcasecmp(priority, "High")) { - if (setpriority(HIGH_PRIORITY_CLASS) != 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", - "setpriority", strerror(errno)); - goto end; - } - } else { - logger(DEBUG_ALWAYS, LOG_ERR, "Invalid priority `%s`!", priority); - goto end; - } - } + if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) { + if(!strcasecmp(priority, "Normal")) { + if (setpriority(NORMAL_PRIORITY_CLASS) != 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setpriority", strerror(errno)); + goto end; + } + } else if(!strcasecmp(priority, "Low")) { + if (setpriority(BELOW_NORMAL_PRIORITY_CLASS) != 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setpriority", strerror(errno)); + goto end; + } + } else if(!strcasecmp(priority, "High")) { + if (setpriority(HIGH_PRIORITY_CLASS) != 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setpriority", strerror(errno)); + goto end; + } + } else { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid priority `%s`!", priority); + goto end; + } + } /* drop privileges */ if (!drop_privs())