X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/46dde0806919904d146851bf8bd93fac9915730b..b8f727eb436070ed90eb90c725e30c5e913b8ab9:/server/tripe.c diff --git a/server/tripe.c b/server/tripe.c index ebd8efc7..58bf8a18 100644 --- a/server/tripe.c +++ b/server/tripe.c @@ -9,19 +9,18 @@ * * This file is part of Trivial IP Encryption (TrIPE). * - * TrIPE is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * TrIPE is free software: you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at your + * option) any later version. * - * TrIPE is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * TrIPE is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. * * You should have received a copy of the GNU General Public License - * along with TrIPE; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * along with TrIPE. If not, see . */ /*----- Header files ------------------------------------------------------*/ @@ -73,7 +72,7 @@ static void interval(struct timeval *tv, void *v) static void usage(FILE *fp) { pquis(fp, "Usage: $ [-DF] [-d DIR] [-b ADDR] [-p PORT] [-n TUNNEL]\n\ - [-U USER] [-G GROUP] [-a SOCKET] [-T TRACE-OPTS]\n\ + [-U USER] [-G GROUP] [-a SOCKET] [-m MODE] [-T TRACE-OPTS]\n\ [-k PRIV-KEYRING] [-K PUB-KEYRING] [-t KEY-TAG]\n"); } @@ -105,6 +104,7 @@ Options:\n\ -K, --pub-keyring=FILE Get public keys from FILE.\n\ -t, --tag=KEYTAG Use private key labelled TAG.\n\ -a, --admin-socket=FILE Use FILE as the adminstration socket.\n\ +-m, --admin-perms=MODE Permissions to set on admin socket [default 600].\n\ " T( "\ -T, --trace=OPTIONS Turn on tracing options.\n\ " ) "\ @@ -114,8 +114,9 @@ Options:\n\ int main(int argc, char *argv[]) { const char *kr_priv = "keyring", *kr_pub = "keyring.pub"; - const char *tag_priv = "tripe-dh"; + const char *tag_priv = 0; const char *csock = SOCKETDIR "/tripesock"; + int csockmode = 0600; const char *dir = CONFIGDIR; const char *p; unsigned port = TRIPE_PORT; @@ -162,6 +163,7 @@ int main(int argc, char *argv[]) { "pub-keyring", OPTF_ARGREQ, 0, 'K' }, { "tag", OPTF_ARGREQ, 0, 't' }, { "admin-socket", OPTF_ARGREQ, 0, 'a' }, + { "admin-perms", OPTF_ARGREQ, 0, 'm' }, #ifndef NTRACE { "trace", OPTF_ARGREQ, 0, 'T' }, #endif @@ -169,7 +171,7 @@ int main(int argc, char *argv[]) { 0, 0, 0, 0 } }; - i = mdwopt(argc, argv, "hvuDFU:G:b:n:p:d:k:K:t:a:" T("T:"), + i = mdwopt(argc, argv, "hvuDFU:G:b:n:p:d:k:K:t:a:m:" T("T:"), opts, 0, 0, 0); if (i < 0) break; @@ -238,6 +240,11 @@ int main(int argc, char *argv[]) case 'a': csock = optarg; break; + case 'm': { + char *p; + csockmode = strtol(optarg, &p, 8); + if (*p) die(EXIT_FAILURE, "bad permissions: `%s'", optarg); + } break; case 't': tag_priv = optarg; break; @@ -288,9 +295,10 @@ int main(int argc, char *argv[]) af |= AF_FOREGROUND; a_create(STDIN_FILENO, STDOUT_FILENO, af); } + ps_split(f & f_daemon); + a_init(csock, u, g, csockmode); u_setugid(u, g); km_init(kr_priv, kr_pub, tag_priv); - a_init(csock); if (f & f_daemon) { if (daemonize()) die(EXIT_FAILURE, "couldn't become a daemon: %s", strerror(errno));