/* -*-c-*-
*
- * $Id: daemon.c,v 1.1 1997/07/21 13:47:50 mdw Exp $
+ * $Id: daemon.c,v 1.10 1998/04/23 13:23:09 mdw Exp $
*
* Running a `become' daemon
*
- * (c) 1997 EBI
+ * (c) 1998 EBI
*/
-/*----- Licencing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of `become'
*
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with `become'; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with `become'; if not, write to the Free Software Foundation,
+ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/*----- Revision history --------------------------------------------------*
*
* $Log: daemon.c,v $
- * Revision 1.1 1997/07/21 13:47:50 mdw
+ * Revision 1.10 1998/04/23 13:23:09 mdw
+ * Support new interface to configuration file parser.
+ *
+ * Revision 1.9 1998/01/12 16:45:59 mdw
+ * Fix copyright date.
+ *
+ * Revision 1.8 1997/09/26 09:14:58 mdw
+ * Merged blowfish branch into trunk.
+ *
+ * Revision 1.7.2.1 1997/09/26 09:08:05 mdw
+ * Use the Blowfish encryption algorithm instead of IDEA. This is partly
+ * because I prefer Blowfish (without any particularly strong evidence) but
+ * mainly because IDEA is patented and Blowfish isn't.
+ *
+ * Revision 1.7 1997/09/17 10:23:23 mdw
+ * Fix a typo. Port numbers are in network order now, so don't change them.
+ *
+ * Revision 1.6 1997/09/09 18:17:06 mdw
+ * Allow default port to be given as a service name or port number.
+ *
+ * Revision 1.5 1997/08/20 16:17:10 mdw
+ * More sensible restart routine: `_reinit' functions replaced by `_end' and
+ * `_init' functions.
+ *
+ * Revision 1.4 1997/08/07 10:00:37 mdw
+ * (Log entry for previous version is bogus.) Read netgroups database.
+ * Give up privileges permanently on startup.
+ *
+ * Revision 1.2 1997/08/04 10:24:21 mdw
+ * Sources placed under CVS control.
+ *
+ * Revision 1.1 1997/07/21 13:47:50 mdw
* Initial revision
*
*/
/* --- Local headers --- */
#include "become.h"
+#include "blowfish.h"
#include "config.h"
#include "crypt.h"
#include "daemon.h"
-#include "idea.h"
#include "lexer.h"
#include "name.h"
+#include "netg.h"
#include "parser.h"
#include "rule.h"
#include "tx.h"
/*----- Arbitrary constants -----------------------------------------------*/
-#define daemon__awakeEvery (5 * 60) /* Awaken this often to rescan */
+#define daemon__awakeEvery (30 * 60) /* Awaken this often to rescan */
/*----- Static variables --------------------------------------------------*/
static volatile sig_atomic_t daemon__rescan = 0; /* Rescan as soon as poss */
#define daemon__signum daemon__rescan /* Alias for readbility */
static int daemon__readKey = 0; /* Have I read a key? */
-static unsigned char daemon__key[IDEA_KEYSIZE]; /* encryption key */
+static unsigned char daemon__key[BLOWFISH_KEYSIZE]; /* Encryption key */
static jmp_buf daemon__dieBuf; /* Jump here to kill the daemon */
/*----- Main code ---------------------------------------------------------*/
if ((fp = fopen(cf, "r")) == 0)
return (-1);
lexer_scan(fp);
- yyparse();
+ parse();
fclose(fp);
if (!daemon__readKey)
daemon_readKey(file_KEY);
daemon__rescan = 0;
+ T( trace(TRACE_DAEMON, "daemon: read config file"); )
return (0);
}
unsigned char rpl[crp_size]; /* Buffer for outgoing replies */
struct sockaddr_in sin; /* Address of packet sender */
char sender[64]; /* Sender's hostname (resolved) */
- unsigned char sk[IDEA_KEYSIZE]; /* Session key for reply */
+ unsigned char sk[BLOWFISH_KEYSIZE]; /* Session key for reply */
request rq; /* Request buffer for verification */
/* --- Read the message --- */
if (recvfrom(fd, (char *)buff, sizeof(buff), 0,
(struct sockaddr *)&sin, &slen) < 0) {
+ T( trace(TRACE_DAEMON, "daemon: error reading packet: %s",
+ strerror(errno)); )
syslog(LOG_INFO, "duff packet received: %e");
return;
}
he ? he->h_name : inet_ntoa(sin.sin_addr),
sizeof(sender));
syslog(LOG_DEBUG, "packet received from %s", sender);
+ T( trace(TRACE_DAEMON, "daemon: received request from %s", sender); )
}
/* --- Unpack the block --- */
if (crypt_unpackRequest(&rq, buff, daemon__key, sk, rpl) == 0) {
burn(buff);
+ T( trace(TRACE_DAEMON, "daemon: received corrupt or invalid request"); )
syslog(LOG_INFO, "packet from %s rejected", sender);
return;
}
/* --- Send the reply off --- */
sendto(fd, (char *)rpl, crp_size, 0, (struct sockaddr *)&sin, sizeof(sin));
+ T( trace(TRACE_DAEMON, "daemon: reply sent"); )
burn(rpl);
}
* user wants me to start on a funny port.
*/
- seteuid(getuid());
+ setuid(getuid());
/* --- Initialise bits of the program --- */
userdb_init();
userdb_local();
userdb_yp();
+ netg_init();
name_init();
rule_init();
openlog(quis(), 0, LOG_DAEMON);
* look it up in /etc/services under whatever name I was started as.
*/
- if (daemon__port <= 0) {
+ if (daemon__port == 0) {
struct servent *se = getservbyname(quis(), "udp");
if (!se)
- die("no idea which port to use");
- daemon__port = ntohs(se->s_port);
+ die("no idea which port to listen to");
+ daemon__port = se->s_port;
}
/* --- Now set up a socket --- */
if ((s = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
die("couldn't create socket: %s", strerror(errno));
sin.sin_family = AF_INET;
- sin.sin_port = htons(daemon__port);
+ sin.sin_port = daemon__port;
sin.sin_addr.s_addr = htonl(INADDR_ANY);
- if (bind(s, (struct sockaddr *)&sin, sizeof(sin)))
- die("couldn't bind socket to port: %s", strerror(errno));
+ if (bind(s, (struct sockaddr *)&sin, sizeof(sin))) {
+ die("couldn't bind socket to port %i: %s",
+ ntohs(daemon__port), strerror(errno));
+ }
}
/* --- Fork off into the sunset --- */
fprintf(fp, "%lu\n", (unsigned long)getpid());
fclose(fp);
}
+ T( trace(TRACE_DAEMON, "daemon: forked to pid %li", (long)getpid()); )
}
#endif
/* --- Program in daemon death mode --- */
if (setjmp(daemon__dieBuf)) {
- syslog(LOG_NOTICE, "killed by signal type %i", daemon__signum);
- remove(file_PID);
- exit(0);
- }
+#ifdef TRACING
+ if (daemon__signum == SIGQUIT && tracing() & TRACE_RULE) {
+ T( rule_dump(); )
+ signal(SIGQUIT, daemon__die);
+ } else
+#endif
+ {
+ T( trace(TRACE_DAEMON, "daemon: killed by signal %i",
+ daemon__signum); )
+ syslog(LOG_NOTICE, "killed by signal type %i", daemon__signum);
+ remove(file_PID);
+ exit(0);
+ }
+ } else {
- /* --- Set signal handlers --- */
+ /* --- Set signal handlers --- */
- signal(SIGHUP, daemon__restart);
- signal(SIGQUIT, daemon__restart);
- signal(SIGINT, daemon__die);
- signal(SIGTERM, daemon__die);
- signal(SIGSEGV, daemon__die);
- signal(SIGFPE, daemon__die);
- signal(SIGBUS, daemon__die);
+ signal(SIGHUP, daemon__restart);
+ signal(SIGQUIT, daemon__die);
+ signal(SIGINT, daemon__die);
+ signal(SIGTERM, daemon__die);
+ signal(SIGSEGV, daemon__die);
+ signal(SIGFPE, daemon__die);
+ signal(SIGBUS, daemon__die);
+ }
/* --- Now wait for something exciting to happen --- *
*
/* --- Now wait for something interesting --- */
+ T( trace(TRACE_DAEMON, "daemon: waiting for requests"); )
i = select(FD_SETSIZE, &fds, 0, 0, 0);
/* --- Now, see if I need to rescan the config --- */
if (daemon__rescan || time(0) - when > 0) {
daemon__rescan = 0;
syslog(LOG_INFO, "rescanning configuration file");
- userdb_reinit();
+ name_end();
+ rule_end();
+ netg_end();
+ userdb_end();
+ userdb_init();
userdb_local();
userdb_yp();
- rule_reinit();
- name_reinit();
+ netg_init();
+ rule_init();
+ name_init();
if (daemon__readConfig(cf))
syslog(LOG_ERR, "error reading configuration file");
when = time(0) + daemon__awakeEvery;