X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=src%2Ftincd.c;h=ac0cbc6c39cbe2683249b7119158d7cd80e74766;hb=08aabbf9317806bc50a9a6693ca866c8936ce26b;hp=7efc63243a774b30a1f61fcb31b8b7f4a48a540a;hpb=bf8e3ce13dba6109757c14dc0013a315a75d2ba3;p=meshlink diff --git a/src/tincd.c b/src/tincd.c index 7efc6324..ac0cbc6c 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -1,7 +1,7 @@ /* tincd.c -- the main file for tincd Copyright (C) 1998-2005 Ivo Timmermans - 2000-2007 Guus Sliepen + 2000-2009 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -31,18 +31,13 @@ #include #endif -#include -#include -#include -#include -#include - #include LZO1X_H #include #include "conf.h" #include "control.h" +#include "crypto.h" #include "device.h" #include "logger.h" #include "net.h" @@ -61,9 +56,6 @@ bool show_help = false; /* If nonzero, print the version on standard output and exit. */ bool show_version = false; -/* If nonzero, generate public/private keypair for this host/net. */ -int generate_keys = 0; - /* If nonzero, use null ciphers and skip all key exchanges. */ bool bypass_security = false; @@ -86,7 +78,6 @@ static struct option const long_options[] = { {"help", no_argument, NULL, 1}, {"version", no_argument, NULL, 2}, {"no-detach", no_argument, NULL, 'D'}, - {"generate-keys", optional_argument, NULL, 'K'}, {"debug", optional_argument, NULL, 'd'}, {"bypass-security", no_argument, NULL, 3}, {"mlock", no_argument, NULL, 'L'}, @@ -106,14 +97,14 @@ static void usage(bool status) program_name); else { printf(_("Usage: %s [option]...\n\n"), program_name); - printf(_(" -c, --config=DIR Read configuration options from DIR.\n" + printf(_( " -c, --config=DIR Read configuration options from DIR.\n" " -D, --no-detach Don't fork and detach.\n" " -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n" " -n, --net=NETNAME Connect to net NETNAME.\n" - " -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n" " -L, --mlock Lock tinc into main memory.\n" " --logfile[=FILENAME] Write log entries to a logfile.\n" " --controlsocket=FILENAME Open control socket at FILENAME.\n" + " --bypass-security Disables meta protocol security, for debugging.\n" " --help Display this help and exit.\n" " --version Output version information and exit.\n\n")); printf(_("Report bugs to tinc@tinc-vpn.org.\n")); @@ -125,7 +116,7 @@ static bool parse_options(int argc, char **argv) int r; int option_index = 0; - while((r = getopt_long(argc, argv, "c:DLd::n:K::", long_options, &option_index)) != EOF) { + while((r = getopt_long(argc, argv, "c:DLd::n:", long_options, &option_index)) != EOF) { switch (r) { case 0: /* long option */ break; @@ -153,22 +144,6 @@ static bool parse_options(int argc, char **argv) netname = xstrdup(optarg); break; - case 'K': /* generate public/private keypair */ - if(optarg) { - generate_keys = atoi(optarg); - - if(generate_keys < 512) { - fprintf(stderr, _("Invalid argument `%s'; BITS must be a number equal to or greater than 512.\n"), - optarg); - usage(true); - return false; - } - - generate_keys &= ~7; /* Round it to bytes */ - } else - generate_keys = 1024; - break; - case 1: /* show help */ show_help = true; break; @@ -203,103 +178,6 @@ static bool parse_options(int argc, char **argv) return true; } -/* This function prettyprints the key generation process */ - -static void indicator(int a, int b, void *p) -{ - switch (a) { - case 0: - fprintf(stderr, "."); - break; - - case 1: - fprintf(stderr, "+"); - break; - - case 2: - fprintf(stderr, "-"); - break; - - case 3: - switch (b) { - case 0: - fprintf(stderr, " p\n"); - break; - - case 1: - fprintf(stderr, " q\n"); - break; - - default: - fprintf(stderr, "?"); - } - break; - - default: - fprintf(stderr, "?"); - } -} - -/* - Generate a public/private RSA keypair, and ask for a file to store - them in. -*/ -static bool keygen(int bits) -{ - RSA *rsa_key; - FILE *f; - char *name = NULL; - char *filename; - - fprintf(stderr, _("Generating %d bits keys:\n"), bits); - rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL); - - if(!rsa_key) { - fprintf(stderr, _("Error during key generation!\n")); - return false; - } else - fprintf(stderr, _("Done.\n")); - - asprintf(&filename, "%s/rsa_key.priv", confbase); - f = ask_and_open(filename, _("private RSA key"), "a"); - - if(!f) - return false; - -#ifdef HAVE_FCHMOD - /* Make it unreadable for others. */ - fchmod(fileno(f), 0600); -#endif - - if(ftell(f)) - fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); - - PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL); - fclose(f); - free(filename); - - get_config_string(lookup_config(config_tree, "Name"), &name); - - if(name) - asprintf(&filename, "%s/hosts/%s", confbase, name); - else - asprintf(&filename, "%s/rsa_key.pub", confbase); - - f = ask_and_open(filename, _("public RSA key"), "a"); - - if(!f) - return false; - - if(ftell(f)) - fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); - - PEM_write_RSAPublicKey(f, rsa_key); - fclose(f); - free(filename); - - return true; -} - /* Set all files and paths according to netname */ @@ -308,7 +186,7 @@ static void make_names(void) #ifdef HAVE_MINGW HKEY key; char installdir[1024] = ""; - long len = sizeof(installdir); + long len = sizeof installdir; #endif if(netname) @@ -335,7 +213,7 @@ static void make_names(void) #endif if(!controlsocketname) - asprintf(&controlsocketname, LOCALSTATEDIR "/run/%s.control", identname); + asprintf(&controlsocketname, "%s/run/%s.control/socket", LOCALSTATEDIR, identname); if(!logfilename) asprintf(&logfilename, LOCALSTATEDIR "/log/%s.log", identname); @@ -351,6 +229,14 @@ static void make_names(void) } } +static void free_names() { + if (identname) free(identname); + if (netname) free(netname); + if (controlsocketname) free(controlsocketname); + if (logfilename) free(logfilename); + if (confbase) free(confbase); +} + int main(int argc, char **argv) { program_name = argv[0]; @@ -367,7 +253,7 @@ int main(int argc, char **argv) if(show_version) { printf(_("%s version %s (built %s %s, protocol %d)\n"), PACKAGE, VERSION, __DATE__, __TIME__, PROT_CURRENT); - printf(_("Copyright (C) 1998-2007 Ivo Timmermans, Guus Sliepen and others.\n" + printf(_("Copyright (C) 1998-2009 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -412,17 +298,7 @@ int main(int argc, char **argv) /* Slllluuuuuuurrrrp! */ srand(time(NULL)); - RAND_load_file("/dev/urandom", 1024); - - ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); - - OpenSSL_add_all_algorithms(); - - if(generate_keys) { - read_server_config(); - return !keygen(generate_keys); - } + crypto_init(); if(!read_server_config()) return 1; @@ -463,11 +339,11 @@ int main2(int argc, char **argv) /* Shutdown properly. */ - close_network_connections(); - ifdebug(CONNECTIONS) dump_device_stats(); + close_network_connections(); + end: logger(LOG_NOTICE, _("Terminating")); @@ -475,7 +351,7 @@ end: exit_control(); #endif - EVP_cleanup(); - + crypto_exit(); + return status; }