*
* This file is part of Trivial IP Encryption (TrIPE).
*
- * TrIPE is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
+ * TrIPE is free software: you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or (at your
+ * option) any later version.
*
- * TrIPE is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
+ * TrIPE is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
*
* You should have received a copy of the GNU General Public License
- * along with TrIPE; if not, write to the Free Software Foundation,
- * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
*/
/*----- Header files ------------------------------------------------------*/
/*----- Static variables --------------------------------------------------*/
static pid_t kid = -1;
+static sig sig_chld;
/*----- Fetching a tunnel file descriptor ---------------------------------*/
* Use: Notices and reports child process death.
*/
-static void reap(int sig)
+static void reap(int sig, void *p)
{
pid_t k;
int st;
*
* Arguments: @int detachp@ = whether to detach the child from its terminal
*
- * Returns: ---
+ * Returns: Zero on success, @-1@ on failure.
*
* Use: Separates off the privileged tunnel-opening service from the
* rest of the server.
*/
-void ps_split(int detachp)
+int ps_split(int detachp)
{
pid_t kid;
int fd[2];
const char *helper;
if (socketpair(PF_UNIX, SOCK_STREAM, 0, fd)) {
- die(EXIT_FAILURE,
- "failed to create socket pair for privilege separation: %s",
- strerror(errno));
+ a_warn("PRIVSEP", "socketpair-create-failed", "?ERRNO", A_END);
+ return (-1);
}
helper = getenv("TRIPE_PRIVHELPER");
if (!helper) helper = PRIVSEP_HELPER;
fdflags(fd[0], 0, 0, FD_CLOEXEC, FD_CLOEXEC);
fdflags(fd[1], 0, 0, FD_CLOEXEC, FD_CLOEXEC);
- signal(SIGCHLD, reap);
+ sig_add(&sig_chld, SIGCHLD, reap, 0);
kid = fork();
if (kid == 0) {
signal(SIGCHLD, SIG_DFL);
T( trace(T_PRIVSEP, "privsep: forked child successfully"); )
close(fd[0]);
pc_fd = fd[1];
+ return (0);
}
/* --- @ps_quit@ --- *