2 tincd.c -- the main file for tincd
3 Copyright (C) 1998-2005 Ivo Timmermans
4 2000-2014 Guus Sliepen <guus@meshlink.io>
5 2008 Max Rijevski <maksuf@gmail.com>
6 2009 Michael Tokarev <mjt@tls.msk.ru>
7 2010 Julien Muchembled <jm@jmuchemb.eu>
8 2010 Timothy Redaelli <timothy@redaelli.eu>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License along
21 with this program; if not, write to the Free Software Foundation, Inc.,
22 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27 /* Darwin (MacOS/X) needs the following definition... */
28 #ifndef _P1003_1B_VISIBLE
29 #define _P1003_1B_VISIBLE
32 #ifdef HAVE_SYS_MMAN_H
57 /* If nonzero, display usage information and exit. */
58 static bool show_help = false;
60 /* If nonzero, print the version on standard output and exit. */
61 static bool show_version = false;
63 /* If nonzero, use null ciphers and skip all key exchanges. */
64 bool bypass_security = false;
67 /* If nonzero, disable swapping for this process. */
68 static bool do_mlock = false;
72 /* If nonzero, chroot to netdir after startup. */
73 static bool do_chroot = false;
75 /* If !NULL, do setuid to given user after startup */
76 static const char *switchuser = NULL;
79 char **g_argv; /* a copy of the cmdline arguments */
81 static int status = 1;
83 static struct option const long_options[] = {
84 {"config", required_argument, NULL, 'c'},
85 {"net", required_argument, NULL, 'n'},
86 {"help", no_argument, NULL, 1},
87 {"version", no_argument, NULL, 2},
88 {"no-detach", no_argument, NULL, 'D'},
89 {"debug", optional_argument, NULL, 'd'},
90 {"bypass-security", no_argument, NULL, 3},
91 {"mlock", no_argument, NULL, 'L'},
92 {"chroot", no_argument, NULL, 'R'},
93 {"user", required_argument, NULL, 'U'},
94 {"option", required_argument, NULL, 'o'},
99 static struct WSAData wsa_state;
100 CRITICAL_SECTION mutex;
101 int main2(int argc, char **argv);
104 static void usage(bool status) {
106 fprintf(stderr, "Try `tincd --help\' for more information.\n");
108 printf("Usage: tincd [option]...\n\n");
109 printf( " -c, --config=DIR Read configuration options from DIR.\n"
110 " -D, --no-detach Don't fork and detach.\n"
111 " -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n"
112 " -n, --net=NETNAME Connect to net NETNAME.\n"
114 " -L, --mlock Lock tinc into main memory.\n"
116 " --bypass-security Disables meta protocol security, for debugging.\n"
117 " -o, --option[HOST.]KEY=VALUE Set global/host configuration value.\n"
119 " -R, --chroot chroot to NET dir at startup.\n"
120 " -U, --user=USER setuid to given USER at startup.\n"
122 " --help Display this help and exit.\n"
123 " --version Output version information and exit.\n\n");
124 printf("Report bugs to bugs@meshlink.io.\n");
128 static bool parse_options(int argc, char **argv) {
131 int option_index = 0;
134 cmdline_conf = list_alloc((list_action_t)free_config);
136 while((r = getopt_long(argc, argv, "c:DLd::n:o:RU:", long_options, &option_index)) != EOF) {
138 case 0: /* long option */
141 case 'c': /* config file */
142 confbase = xstrdup(optarg);
145 case 'L': /* no detach */
146 #ifndef HAVE_MLOCKALL
147 logger(DEBUG_ALWAYS, LOG_ERR, "The %s option is not supported on this platform.", argv[optind - 1]);
154 case 'd': /* increase debug level */
155 if(!optarg && optind < argc && *argv[optind] != '-')
156 optarg = argv[optind++];
158 debug_level = atoi(optarg);
163 case 'o': /* option */
164 cfg = parse_config_line(optarg, NULL, ++lineno);
167 list_insert_tail(cmdline_conf, cfg);
173 logger(DEBUG_ALWAYS, LOG_ERR, "The %s option is not supported on this platform.", argv[optind - 1]);
176 case 'R': /* chroot to NETNAME dir */
180 case 'U': /* setuid to USER */
185 case 1: /* show help */
189 case 2: /* show version */
193 case 3: /* bypass security */
194 bypass_security = true;
197 case '?': /* wrong options */
207 fprintf(stderr, "%s: unrecognized argument '%s'\n", argv[0], argv[optind]);
215 static bool drop_privs(void) {
219 struct passwd *pw = getpwnam(switchuser);
221 logger(DEBUG_ALWAYS, LOG_ERR, "unknown user `%s'", switchuser);
225 if (initgroups(switchuser, pw->pw_gid) != 0 ||
226 setgid(pw->pw_gid) != 0) {
227 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s",
228 "initgroups", strerror(errno));
232 // Not supported in android NDK
238 tzset(); /* for proper timestamps in logs */
239 if (chroot(confbase) != 0 || chdir("/") != 0) {
240 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s",
241 "chroot", strerror(errno));
245 confbase = xstrdup("");
248 if (setuid(uid) != 0) {
249 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s",
250 "setuid", strerror(errno));
258 # define setpriority(level) !SetPriorityClass(GetCurrentProcess(), (level))
260 # define NORMAL_PRIORITY_CLASS 0
261 # define BELOW_NORMAL_PRIORITY_CLASS 10
262 # define HIGH_PRIORITY_CLASS -10
263 # define setpriority(level) (setpriority(PRIO_PROCESS, 0, (level)))
266 int main(int argc, char **argv) {
267 if(!parse_options(argc, argv))
271 printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE,
272 VERSION, __DATE__, __TIME__, PROT_MAJOR, PROT_MINOR);
273 printf("Copyright (C) 1998-2014 Ivo Timmermans, Guus Sliepen and others.\n"
274 "See the AUTHORS file for a complete list.\n\n"
275 "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
276 "and you are welcome to redistribute it under certain conditions;\n"
277 "see the file COPYING for details.\n");
288 if(WSAStartup(MAKEWORD(2, 2), &wsa_state)) {
289 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "WSAStartup", winerror(GetLastError()));
294 openlogger("tinc", LOGMODE_STDERR);
298 init_configuration(&config_tree);
300 /* Slllluuuuuuurrrrp! */
302 gettimeofday(&now, NULL);
303 srand(now.tv_sec + now.tv_usec);
306 if(!read_server_config())
310 if(lzo_init() != LZO_E_OK) {
311 logger(DEBUG_ALWAYS, LOG_ERR, "Error initializing LZO compressor!");
316 char *priority = NULL;
319 /* Lock all pages into memory if requested.
320 * This has to be done after daemon()/fork() so it works for child.
321 * No need to do that in parent as it's very short-lived. */
322 if(do_mlock && mlockall(MCL_CURRENT | MCL_FUTURE) != 0) {
323 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "mlockall",
334 /* Change process priority */
336 if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) {
337 if(!strcasecmp(priority, "Normal")) {
338 if (setpriority(NORMAL_PRIORITY_CLASS) != 0) {
339 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setpriority", strerror(errno));
342 } else if(!strcasecmp(priority, "Low")) {
343 if (setpriority(BELOW_NORMAL_PRIORITY_CLASS) != 0) {
344 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setpriority", strerror(errno));
347 } else if(!strcasecmp(priority, "High")) {
348 if (setpriority(HIGH_PRIORITY_CLASS) != 0) {
349 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setpriority", strerror(errno));
353 logger(DEBUG_ALWAYS, LOG_ERR, "Invalid priority `%s`!", priority);
358 /* drop privileges */
362 /* Start main loop. It only exits when tinc is killed. */
364 logger(DEBUG_ALWAYS, LOG_NOTICE, "Ready");
366 try_outgoing_connections();
368 status = main_loop();
370 /* Shutdown properly. */
373 close_network_connections();
375 logger(DEBUG_ALWAYS, LOG_NOTICE, "Terminating");
381 exit_configuration(&config_tree);