~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
server/keyset.c: Return more informative error codes from ks_decrypt.
[tripe]
/
server
/
admin.c
diff --git
a/server/admin.c
b/server/admin.c
index
a62bbe2
..
8eb5ec3
100644
(file)
--- a/
server/admin.c
+++ b/
server/admin.c
@@
-1205,6
+1205,7
@@
static void a_doadd(admin_resop *r, int rc)
a_bgok(&add->r.bg);
}
a_bgok(&add->r.bg);
}
+ if (add->peer.tag) xfree(add->peer.tag);
xfree(add->peer.name);
}
xfree(add->peer.name);
}
@@
-1228,6
+1229,7
@@
static void acmd_add(admin *a, unsigned ac, char *av[])
add = xmalloc(sizeof(*add));
add->peer.name = 0;
add = xmalloc(sizeof(*add));
add->peer.name = 0;
+ add->peer.tag = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
add->peer.kxf = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
add->peer.kxf = 0;
@@
-1251,6
+1253,11
@@
static void acmd_add(admin *a, unsigned ac, char *av[])
})
OPTTIME("-keepalive", t, { add->peer.t_ka = t; })
OPT("-cork", { add->peer.kxf |= KXF_CORK; })
})
OPTTIME("-keepalive", t, { add->peer.t_ka = t; })
OPT("-cork", { add->peer.kxf |= KXF_CORK; })
+ OPTARG("-key", arg, {
+ if (add->peer.tag)
+ xfree(add->peer.tag);
+ add->peer.tag = xstrdup(arg);
+ })
});
/* --- Make sure someone's not got there already --- */
});
/* --- Make sure someone's not got there already --- */
@@
-1275,6
+1282,7
@@
bad_syntax:
a_fail(a, "bad-syntax", "add", "[OPTIONS] PEER ADDR ...", A_END);
fail:
if (add->peer.name) xfree(add->peer.name);
a_fail(a, "bad-syntax", "add", "[OPTIONS] PEER ADDR ...", A_END);
fail:
if (add->peer.name) xfree(add->peer.name);
+ if (add->peer.tag) xfree(add->peer.tag);
xfree(add);
return;
}
xfree(add);
return;
}
@@
-1785,6
+1793,7
@@
static void acmd_peerinfo(admin *a, unsigned ac, char *av[])
if ((p = a_findpeer(a, av[0])) != 0) {
ps = p_spec(p);
a_info(a, "tunnel=%s", ps->tops->name, A_END);
if ((p = a_findpeer(a, av[0])) != 0) {
ps = p_spec(p);
a_info(a, "tunnel=%s", ps->tops->name, A_END);
+ a_info(a, "key=%s", p_tag(p), A_END);
a_info(a, "keepalive=%lu", ps->t_ka, A_END);
a_ok(a);
}
a_info(a, "keepalive=%lu", ps->t_ka, A_END);
a_ok(a);
}
@@
-2204,19
+2213,21
@@
void a_daemon(void) { flags |= F_DAEMON; }
* Arguments: @const char *name@ = socket name to create
* @uid_t u@ = user to own the socket
* @gid_t g@ = group to own the socket
* Arguments: @const char *name@ = socket name to create
* @uid_t u@ = user to own the socket
* @gid_t g@ = group to own the socket
+ * @mode_t m@ = permissions to set on the socket
*
* Returns: ---
*
* Use: Creates the admin listening socket.
*/
*
* Returns: ---
*
* Use: Creates the admin listening socket.
*/
-void a_init(const char *name, uid_t u, gid_t g)
+void a_init(const char *name, uid_t u, gid_t g
, mode_t m
)
{
int fd;
int n = 5;
struct sockaddr_un sun;
struct sigaction sa;
size_t sz;
{
int fd;
int n = 5;
struct sockaddr_un sun;
struct sigaction sa;
size_t sz;
+ mode_t omask;
/* --- Create services table --- */
/* --- Create services table --- */
@@
-2234,7
+2245,7
@@
void a_init(const char *name, uid_t u, gid_t g)
/* --- Attempt to bind to the socket --- */
/* --- Attempt to bind to the socket --- */
- umask(0077);
+
omask =
umask(0077);
again:
if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
die(EXIT_FAILURE, "couldn't create socket: %s", strerror(errno));
again:
if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
die(EXIT_FAILURE, "couldn't create socket: %s", strerror(errno));
@@
-2265,12
+2276,15
@@
again:
close(fd);
goto again;
}
close(fd);
goto again;
}
- chmod(sun.sun_path, 0600);
if (chown(sun.sun_path, u, g)) {
if (chown(sun.sun_path, u, g)) {
- T( trace(T_ADMIN,
- "admin: failed to give away socket: %s",
- strerror(errno)); )
+ die(EXIT_FAILURE, "failed to set socket owner: %s",
+ strerror(errno));
+ }
+ if (chmod(sun.sun_path, m)) {
+ die(EXIT_FAILURE, "failed to set socket permissions: %s",
+ strerror(errno));
}
}
+ umask(omask);
fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
if (listen(fd, 5))
die(EXIT_FAILURE, "couldn't listen on socket: %s", strerror(errno));
fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
if (listen(fd, 5))
die(EXIT_FAILURE, "couldn't listen on socket: %s", strerror(errno));