637400a5c7dce6f3258f9775826a72bdac9a0222
5 * (c) 2001 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of Trivial IP Encryption (TrIPE).
12 * TrIPE is free software: you can redistribute it and/or modify it under
13 * the terms of the GNU General Public License as published by the Free
14 * Software Foundation; either version 3 of the License, or (at your
15 * option) any later version.
17 * TrIPE is distributed in the hope that it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 * You should have received a copy of the GNU General Public License
23 * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
26 /*----- Header files ------------------------------------------------------*/
30 /*----- Global variables --------------------------------------------------*/
34 /*----- Static variables --------------------------------------------------*/
37 #define T_INTERVAL MIN(1)
39 static unsigned iv_nreasons
= 0;
40 static struct timeval iv_next
= { 0, 0 };
41 static int lpdone
= 0;
43 /*----- The interval timer ------------------------------------------------*/
45 /* --- @interval@ --- *
47 * Arguments: @struct timeval *tv@ = time when called
48 * @void *v@ = boring pointer
52 * Use: Called periodically to do housekeeping tasks.
55 static void interval(struct timeval
*tv
, void *v
)
57 T( trace(T_PEER
, "peer: interval timer"); )
59 rand_seed(RAND_GLOBAL
, MAXHASHSZ
);
61 iv_next
.tv_sec
+= T_INTERVAL
;
62 sel_addtimer(&sel
, &it
, &iv_next
, interval
, v
);
65 /* --- @iv_addreason@ --- *
71 * Use: Adds an `interval timer reason'; if there are no others, the
72 * interval timer is engaged.
75 void iv_addreason(void)
81 if (TV_CMP(&tv
, >=, &iv_next
)) interval(&tv
, 0);
82 else sel_addtimer(&sel
, &it
, &iv_next
, interval
, 0);
87 /* --- @iv_rmreason@ --- *
93 * Use: Removes an interval timer reason; if there are none left, the
94 * interval timer is disengaged.
97 void iv_rmreason(void)
99 assert(iv_nreasons
); iv_nreasons
--;
100 if (!iv_nreasons
) sel_rmtimer(&it
);
103 /*----- The main loop -----------------------------------------------------*/
105 /* --- @lp_init@ --- *
111 * Use: Initializes the main loop. Most importantly, this sets up
112 * the select multiplexor that everything else hooks onto.
117 rand_noisesrc(RAND_GLOBAL
, &noise_source
);
118 rand_seed(RAND_GLOBAL
, MAXHASHSZ
);
119 gettimeofday(&iv_next
, 0); iv_next
.tv_sec
+= T_INTERVAL
;
120 signal(SIGPIPE
, SIG_IGN
);
125 /* --- @lp_end@ --- *
131 * Use: Requests an exit from the main loop.
134 void lp_end(void) { lpdone
= 1; }
136 /* --- @lp_run@ --- *
140 * Returns: Zero on successful termination; @-1@ if things went wrong.
142 * Use: Cranks the main loop until it should be cranked no more.
152 if (!sel_select(&sel
)) nerr
= 0;
153 else if (errno
!= EINTR
&& errno
!= EAGAIN
) {
154 a_warn("SERVER", "select-error", "?ERRNO", A_END
);
157 a_warn("ABORT", "repeated-select-errors", A_END
);
166 /*----- Tunnel table ------------------------------------------------------*/
168 static const tunnel_ops
*tunnels
[] = {
181 /*----- Main code ---------------------------------------------------------*/
185 * Arguments: @int argc@ = number of command line arguments
186 * @char *argv[]@ = vector of arguments
188 * Returns: Zero if OK, nonzero on error.
190 * Use: Main program. Provides a simple VPN.
193 static void usage(FILE *fp
)
195 pquis(fp
, "Usage: $ [-DF] [-d DIR] [-b ADDR] [-p PORT] [-n TUNNEL]\n\
196 [-U USER] [-G GROUP] [-a SOCKET] [-m MODE] [-T TRACE-OPTS]\n\
197 [-k PRIV-KEYRING] [-K PUB-KEYRING] [-t KEY-TAG]\n");
200 static void version(FILE *fp
) { pquis(fp
, "$, version " VERSION
"\n"); }
202 static void help(FILE *fp
)
210 -h, --help Display this help text.\n\
211 -v, --version Display version number.\n\
212 -u, --usage Display pointless usage message.\n\
213 --tunnels Display IP tunnel drivers and exit.\n\
215 -4, --ipv4 Transport over IPv4 only.\n\
216 -6, --ipv6 Transport over IPv6 only.\n\
217 -D, --daemon Run in the background.\n\
218 -F, --foreground Quit when stdin reports end-of-file.\n\
219 -d, --directory=DIR Switch to directory DIR [default " CONFIGDIR
"].\n\
220 -b, --bind-address=ADDR Bind UDP socket to this IP ADDR.\n\
221 -p, --port=PORT Select UDP port to listen to "
222 "[default " STR(TRIPE_PORT
) "].\n\
223 -n, --tunnel=TUNNEL Seelect default tunnel driver.\n\
224 -U, --setuid=USER Set uid to USER after initialization.\n\
225 -G, --setgid=GROUP Set gid to GROUP after initialization.\n\
226 -k, --priv-keyring=FILE Get private key from FILE.\n\
227 -K, --pub-keyring=FILE Get public keys from FILE.\n\
228 -t, --tag=KEYTAG Use private key labelled TAG.\n\
229 -a, --admin-socket=FILE Use FILE as the adminstration socket.\n\
230 -m, --admin-perms=MODE Permissions to set on admin socket [default 600].\n\
232 -T, --trace=OPTIONS Turn on tracing options.\n\
237 int main(int argc
, char *argv
[])
239 const char *kr_priv
= "keyring", *kr_pub
= "keyring.pub";
240 const char *tag_priv
= 0;
241 const char *csock
= SOCKETDIR
"/tripesock";
242 int csockmode
= 0600;
243 const char *dir
= CONFIGDIR
;
245 const char *bindhost
= 0, *bindsvc
= STR(TRIPE_PORT
);
246 struct addrinfo aihint
= { 0 }, *ailist
;
247 const tunnel_ops
*dflt
= 0;
257 #define f_foreground 4u
260 T( trace_on(stderr
, 0); )
262 if ((p
= getenv("TRIPEDIR")) != 0)
264 if ((p
= getenv("TRIPESOCK")) != 0)
266 aihint
.ai_family
= AF_UNSPEC
;
269 static const struct option opts
[] = {
270 { "help", 0, 0, 'h' },
271 { "version", 0, 0, 'v' },
272 { "usage", 0, 0, 'u' },
273 { "tunnels", 0, 0, '0' },
275 { "ipv4", 0, 0, '4' },
276 { "ipv6", 0, 0, '6' },
277 { "daemon", 0, 0, 'D' },
278 { "foreground", 0, 0, 'F' },
279 { "uid", OPTF_ARGREQ
, 0, 'U' },
280 { "setuid", OPTF_ARGREQ
, 0, 'U' },
281 { "gid", OPTF_ARGREQ
, 0, 'G' },
282 { "setgid", OPTF_ARGREQ
, 0, 'G' },
283 { "bind-address", OPTF_ARGREQ
, 0, 'b' },
284 { "tunnel", OPTF_ARGREQ
, 0, 'n' },
285 { "port", OPTF_ARGREQ
, 0, 'p' },
286 { "directory", OPTF_ARGREQ
, 0, 'd' },
287 { "priv-keyring", OPTF_ARGREQ
, 0, 'k' },
288 { "pub-keyring", OPTF_ARGREQ
, 0, 'K' },
289 { "tag", OPTF_ARGREQ
, 0, 't' },
290 { "admin-socket", OPTF_ARGREQ
, 0, 'a' },
291 { "admin-perms", OPTF_ARGREQ
, 0, 'm' },
293 { "trace", OPTF_ARGREQ
, 0, 'T' },
299 i
= mdwopt(argc
, argv
, "hvu46DFU:G:b:n:p:d:k:K:t:a:m:" T("T:"),
315 aihint
.ai_family
= AF_INET
;
318 aihint
.ai_family
= AF_INET6
;
324 u
= u_getuser(optarg
, &g
);
327 g
= u_getgroup(optarg
);
341 for (i
= 0; i
< N(tunnels
); i
++)
342 if (mystrieq(optarg
, tunnels
[i
]->name
))
343 { dflt
= tunnels
[i
]; goto found_tun
; }
344 die(EXIT_FAILURE
, "unknown tunnel `%s'", optarg
);
361 csockmode
= strtol(optarg
, &p
, 8);
362 if (*p
) die(EXIT_FAILURE
, "bad permissions: `%s'", optarg
);
369 tr_flags
= traceopt(tr_opts
, optarg
, tr_flags
, 0);
370 trace_level(tr_flags
);
375 for (i
= 0; i
< N(tunnels
); i
++)
376 puts(tunnels
[i
]->name
);
385 if (optind
< argc
|| (f
& f_bogus
)) {
389 if (!(~f
& (f_daemon
| f_foreground
)))
390 die(EXIT_FAILURE
, "foreground operation for a daemon is silly");
392 aihint
.ai_protocol
= IPPROTO_UDP
;
393 aihint
.ai_socktype
= SOCK_DGRAM
;
394 aihint
.ai_flags
= AI_PASSIVE
| AI_ADDRCONFIG
;
395 if ((err
= getaddrinfo(bindhost
, bindsvc
, &aihint
, &ailist
)) != 0) {
396 die(EXIT_FAILURE
, "couldn't resolve hostname %c%s%c, port `%s': %s",
397 bindhost ?
'`' : '<',
398 bindhost ? bindhost
: "nil",
399 bindhost ?
'\'' : '>',
400 bindsvc
, gai_strerror(err
));
404 die(EXIT_FAILURE
, "can't set current directory to `%s': %s",
405 dir
, strerror(errno
));
410 if (!(f
& f_daemon
)) {
415 if (f
& f_foreground
)
417 a_create(STDIN_FILENO
, STDOUT_FILENO
, af
);
422 for (i
= 0; i
< N(tunnels
); i
++)
423 p_addtun(tunnels
[i
]);
424 if (dflt
) p_setdflttun(dflt
);
425 p_bind(ailist
); freeaddrinfo(ailist
);
427 for (i
= 0; tunnels
[i
]; i
++) {
428 if (tunnels
[i
]->flags
&TUNF_PRIVOPEN
) {
429 ps_split(f
& f_daemon
);
436 a_listen(csock
, u
, g
, csockmode
);
438 km_init(kr_priv
, kr_pub
, tag_priv
);
442 a_warn("SERVER", "daemon-error", "?ERRNO", A_END
);
459 /*----- That's all, folks -------------------------------------------------*/