X-Git-Url: https://git.distorted.org.uk/~mdw/become/blobdiff_plain/c4f2d992e4a0fc068281376d89ec38de56dc2f58..c758e6541ca05409b178dd9629e9337494c49890:/src/daemon.c

diff --git a/src/daemon.c b/src/daemon.c
index eb36b39..cf293a1 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1,13 +1,13 @@
 /* -*-c-*-
  *
- * $Id: daemon.c,v 1.1 1997/07/21 13:47:50 mdw Exp $
+ * $Id: daemon.c,v 1.9 1998/01/12 16:45:59 mdw Exp $
  *
  * Running a `become' daemon
  *
- * (c) 1997 EBI
+ * (c) 1998 EBI
  */
 
-/*----- Licencing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
  *
  * This file is part of `become'
  *
@@ -22,14 +22,42 @@
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with `become'; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with `become'; if not, write to the Free Software Foundation,
+ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  */
 
 /*----- Revision history --------------------------------------------------*
  *
  * $Log: daemon.c,v $
- * Revision 1.1  1997/07/21 13:47:50  mdw
+ * Revision 1.9  1998/01/12 16:45:59  mdw
+ * Fix copyright date.
+ *
+ * Revision 1.8  1997/09/26 09:14:58  mdw
+ * Merged blowfish branch into trunk.
+ *
+ * Revision 1.7.2.1  1997/09/26 09:08:05  mdw
+ * Use the Blowfish encryption algorithm instead of IDEA.  This is partly
+ * because I prefer Blowfish (without any particularly strong evidence) but
+ * mainly because IDEA is patented and Blowfish isn't.
+ *
+ * Revision 1.7  1997/09/17 10:23:23  mdw
+ * Fix a typo.  Port numbers are in network order now, so don't change them.
+ *
+ * Revision 1.6  1997/09/09 18:17:06  mdw
+ * Allow default port to be given as a service name or port number.
+ *
+ * Revision 1.5  1997/08/20  16:17:10  mdw
+ * More sensible restart routine: `_reinit' functions replaced by `_end' and
+ * `_init' functions.
+ *
+ * Revision 1.4  1997/08/07 10:00:37  mdw
+ * (Log entry for previous version is bogus.)  Read netgroups database.
+ * Give up privileges permanently on startup.
+ *
+ * Revision 1.2  1997/08/04 10:24:21  mdw
+ * Sources placed under CVS control.
+ *
+ * Revision 1.1  1997/07/21  13:47:50  mdw
  * Initial revision
  *
  */
@@ -62,12 +90,13 @@
 /* --- Local headers --- */
 
 #include "become.h"
+#include "blowfish.h"
 #include "config.h"
 #include "crypt.h"
 #include "daemon.h"
-#include "idea.h"
 #include "lexer.h"
 #include "name.h"
+#include "netg.h"
 #include "parser.h"
 #include "rule.h"
 #include "tx.h"
@@ -76,7 +105,7 @@
 
 /*----- Arbitrary constants -----------------------------------------------*/
 
-#define daemon__awakeEvery (5 * 60)	/* Awaken this often to rescan */
+#define daemon__awakeEvery (30 * 60)	/* Awaken this often to rescan */
 
 /*----- Static variables --------------------------------------------------*/
 
@@ -85,7 +114,7 @@ static int daemon__port = -1;		/* No particular port yet */
 static volatile sig_atomic_t daemon__rescan = 0; /* Rescan as soon as poss */
 #define daemon__signum daemon__rescan	/* Alias for readbility */
 static int daemon__readKey = 0;		/* Have I read a key? */
-static unsigned char daemon__key[IDEA_KEYSIZE];	/* encryption key */
+static unsigned char daemon__key[BLOWFISH_KEYSIZE]; /* Encryption key */
 static jmp_buf daemon__dieBuf;		/* Jump here to kill the daemon */
 
 /*----- Main code ---------------------------------------------------------*/
@@ -152,6 +181,7 @@ static int daemon__readConfig(const char *cf)
   if (!daemon__readKey)
     daemon_readKey(file_KEY);
   daemon__rescan = 0;
+  T( trace(TRACE_DAEMON, "daemon: read config file"); )
   return (0);
 }
 
@@ -200,7 +230,7 @@ void daemon__read(int fd)
   unsigned char rpl[crp_size];		/* Buffer for outgoing replies */
   struct sockaddr_in sin;		/* Address of packet sender */
   char sender[64];			/* Sender's hostname (resolved) */
-  unsigned char sk[IDEA_KEYSIZE];	/* Session key for reply */
+  unsigned char sk[BLOWFISH_KEYSIZE];	/* Session key for reply */
   request rq;				/* Request buffer for verification */
 
   /* --- Read the message --- */
@@ -210,6 +240,8 @@ void daemon__read(int fd)
 
     if (recvfrom(fd, (char *)buff, sizeof(buff), 0,
 		 (struct sockaddr *)&sin, &slen) < 0) {
+      T( trace(TRACE_DAEMON, "daemon: error reading packet: %s",
+	       strerror(errno)); )
       syslog(LOG_INFO, "duff packet received: %e");
       return;
     }
@@ -226,12 +258,14 @@ void daemon__read(int fd)
 	    he ? he->h_name : inet_ntoa(sin.sin_addr),
 	    sizeof(sender));
     syslog(LOG_DEBUG, "packet received from %s", sender);
+    T( trace(TRACE_DAEMON, "daemon: received request from %s", sender); )
   }
 
   /* --- Unpack the block --- */
 
   if (crypt_unpackRequest(&rq, buff, daemon__key, sk, rpl) == 0) {
     burn(buff);
+    T( trace(TRACE_DAEMON, "daemon: received corrupt or invalid request"); )
     syslog(LOG_INFO, "packet from %s rejected", sender);
     return;
   }
@@ -254,6 +288,7 @@ void daemon__read(int fd)
   /* --- Send the reply off --- */
 
   sendto(fd, (char *)rpl, crp_size, 0, (struct sockaddr *)&sin, sizeof(sin));
+  T( trace(TRACE_DAEMON, "daemon: reply sent"); )
   burn(rpl);
 }
 
@@ -277,7 +312,7 @@ void daemon_init(const char *cf, int port)
    * user wants me to start on a funny port.
    */
 
-  seteuid(getuid());
+  setuid(getuid());
 
   /* --- Initialise bits of the program --- */
 
@@ -286,6 +321,7 @@ void daemon_init(const char *cf, int port)
   userdb_init();
   userdb_local();
   userdb_yp();
+  netg_init();
   name_init();
   rule_init();
   openlog(quis(), 0, LOG_DAEMON);
@@ -300,11 +336,11 @@ void daemon_init(const char *cf, int port)
    * look it up in /etc/services under whatever name I was started as.
    */
 
-  if (daemon__port <= 0) {
+  if (daemon__port == 0) {
     struct servent *se = getservbyname(quis(), "udp");
     if (!se)
-      die("no idea which port to use");
-    daemon__port = ntohs(se->s_port);
+      die("no idea which port to listen to");
+    daemon__port = se->s_port;
   }
 
   /* --- Now set up a socket --- */
@@ -315,10 +351,12 @@ void daemon_init(const char *cf, int port)
     if ((s = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
       die("couldn't create socket: %s", strerror(errno));
     sin.sin_family = AF_INET;
-    sin.sin_port = htons(daemon__port);
+    sin.sin_port = daemon__port;
     sin.sin_addr.s_addr = htonl(INADDR_ANY);
-    if (bind(s, (struct sockaddr *)&sin, sizeof(sin)))
-      die("couldn't bind socket to port: %s", strerror(errno));
+    if (bind(s, (struct sockaddr *)&sin, sizeof(sin))) {
+      die("couldn't bind socket to port %i: %s",
+	  ntohs(daemon__port), strerror(errno));
+    }
   }
 
   /* --- Fork off into the sunset --- */
@@ -345,26 +383,38 @@ void daemon_init(const char *cf, int port)
       fprintf(fp, "%lu\n", (unsigned long)getpid());
       fclose(fp);
     }
+    T( trace(TRACE_DAEMON, "daemon: forked to pid %li", (long)getpid()); )
   }
 #endif
 
   /* --- Program in daemon death mode --- */
 
   if (setjmp(daemon__dieBuf)) {
-    syslog(LOG_NOTICE, "killed by signal type %i", daemon__signum);
-    remove(file_PID);
-    exit(0);
-  }
+#ifdef TRACING
+    if (daemon__signum == SIGQUIT && tracing() & TRACE_RULE) {
+      T( rule_dump(); )
+      signal(SIGQUIT, daemon__die);
+    } else
+#endif
+    {
+      T( trace(TRACE_DAEMON, "daemon: killed by signal %i",
+	       daemon__signum); )
+      syslog(LOG_NOTICE, "killed by signal type %i", daemon__signum);
+      remove(file_PID);
+      exit(0);
+    }
+  } else {
 
-  /* --- Set signal handlers --- */
+    /* --- Set signal handlers --- */
 
-  signal(SIGHUP, daemon__restart);
-  signal(SIGQUIT, daemon__restart);
-  signal(SIGINT, daemon__die);
-  signal(SIGTERM, daemon__die);
-  signal(SIGSEGV, daemon__die);
-  signal(SIGFPE, daemon__die);
-  signal(SIGBUS, daemon__die);
+    signal(SIGHUP, daemon__restart);
+    signal(SIGQUIT, daemon__die);
+    signal(SIGINT, daemon__die);
+    signal(SIGTERM, daemon__die);
+    signal(SIGSEGV, daemon__die);
+    signal(SIGFPE, daemon__die);
+    signal(SIGBUS, daemon__die);
+  }
 
   /* --- Now wait for something exciting to happen --- *
    *
@@ -391,6 +441,7 @@ void daemon_init(const char *cf, int port)
 
       /* --- Now wait for something interesting --- */
 
+      T( trace(TRACE_DAEMON, "daemon: waiting for requests"); )
       i = select(FD_SETSIZE, &fds, 0, 0, 0);
 
       /* --- Now, see if I need to rescan the config --- */
@@ -398,11 +449,16 @@ void daemon_init(const char *cf, int port)
       if (daemon__rescan || time(0) - when > 0) {
 	daemon__rescan = 0;
 	syslog(LOG_INFO, "rescanning configuration file");
-	userdb_reinit();
+	name_end();
+	rule_end();
+	netg_end();
+	userdb_end();
+	userdb_init();
 	userdb_local();
 	userdb_yp();
-	rule_reinit();
-	name_reinit();
+	netg_init();
+	rule_init();
+	name_init();
 	if (daemon__readConfig(cf))
 	  syslog(LOG_ERR, "error reading configuration file");
 	when = time(0) + daemon__awakeEvery;