--- gvpe/src/gvpe.C 2009/03/23 15:22:00 1.17 +++ gvpe/src/gvpe.C 2013/07/13 04:10:29 1.24 @@ -2,7 +2,7 @@ gvpe.C -- the main file for gvpe Copyright (C) 1998-2002 Ivo Timmermans 2000-2002 Guus Sliepen - 2003-2008 Marc Lehmann + 2003-2013 Marc Lehmann This file is part of GVPE. @@ -42,6 +42,7 @@ #include #include #include +#include #include #include #include @@ -77,15 +78,15 @@ static int do_detach = 1; static struct option const long_options[] = - { - {"config", required_argument, NULL, 'c'}, - {"help", no_argument, &show_help, 1}, - {"version", no_argument, &show_version, 1}, - {"no-detach", no_argument, &do_detach, 0}, - {"log-level", required_argument, NULL, 'l'}, - {"mlock", no_argument, &do_mlock, 1}, - {NULL, 0, NULL, 0} - }; +{ + {"config", required_argument, NULL, 'c'}, + {"help", no_argument, &show_help, 1}, + {"version", no_argument, &show_version, 1}, + {"no-detach", no_argument, &do_detach, 0}, + {"log-level", required_argument, NULL, 'l'}, + {"mlock", no_argument, &do_mlock, 1}, + {NULL, 0, NULL, 0} +}; static void usage (int status) @@ -108,7 +109,7 @@ exit (status); } -void +static void parse_options (int argc, char **argv, char **envp) { int r; @@ -151,10 +152,9 @@ } } -/* - Close network connections, and terminate neatly -*/ -void cleanup_and_exit(int c) +// close network connections, and terminate neatly +static void +cleanup_and_exit (int c) { network.shutdown_all (); @@ -166,35 +166,33 @@ exit (c); } -/* - Signal handlers. -*/ -RETSIGTYPE +// signal handlers +static RETSIGTYPE sigterm_handler (int a) { network.events |= vpn::EVENT_SHUTDOWN; network.event.start (); } -RETSIGTYPE +static RETSIGTYPE sighup_handler (int a) { network.events |= vpn::EVENT_RECONNECT; network.event.start (); } -RETSIGTYPE +static RETSIGTYPE sigusr1_handler (int a) { network.dump_status (); } -RETSIGTYPE +static RETSIGTYPE sigusr2_handler (int a) { } -void +static void setup_signals (void) { struct sigaction act; @@ -211,6 +209,52 @@ act.sa_handler = sigterm_handler; sigaction (SIGTERM, &act, NULL); } +static int rand_fd; + +// antique C++ requires external linkage :/ +void +reseed_rng (ev::timer &w, int revents) +{ + char buf [SEED_SIZE]; + int n = read (rand_fd, buf, sizeof (buf)); + + if (n > 0) + RAND_seed (buf, n); +} + +static void +setup_rng (void) +{ + if (!*conf.seed_dev) + return; + +#ifndef O_BINARY +# define O_BINARY 0 +#endif +#ifndef O_NONBLOCK +# define O_NONBLOCK 0 +#endif + + rand_fd = open (conf.seed_dev, O_RDONLY | O_NONBLOCK | O_BINARY); + + if (rand_fd < 0) + { + slog (L_ERR, _("unable to open seed device '%s': %s, exiting."), conf.seed_dev, strerror (errno)); + exit (EXIT_FAILURE); + } + + static ev::timer reseed_timer; + + if (conf.reseed) + { + reseed_timer.set (); + reseed_timer.set (conf.reseed, conf.reseed); + reseed_timer.start (EV_DEFAULT); + } + + reseed_rng (reseed_timer, 0); +} + int main (int argc, char **argv, char **envp) { @@ -235,7 +279,7 @@ VERSION, __DATE__, __TIME__, PROTOCOL_MAJOR, PROTOCOL_MINOR); printf (_("Built with kernel interface %s/%s.\n"), IFTYPE, IFSUBTYPE); printf (_ - ("Copyright (C) 2003-2008 Marc Lehmann and others.\n" + ("Copyright (C) 2003-2011 Marc Lehmann and others.\n" "See the AUTHORS file for a complete list.\n\n" "GVPE comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -275,7 +319,7 @@ set_loglevel (llevel != L_NONE ? llevel : conf.llevel); - RAND_load_file ("/dev/urandom", 1024); + setup_rng (); if (!THISNODE) { @@ -290,12 +334,13 @@ setup_signals (); if (!network.setup ()) - { - ev_loop (EV_DEFAULT_ 0); - cleanup_and_exit (EXIT_FAILURE); - } + if (network.drop_privileges ()) + { + ev_run (EV_DEFAULT_ 0); + cleanup_and_exit (EXIT_FAILURE); + } - slog (L_ERR, _("unrecoverable error while setting up network, exiting.")); + slog (L_CRIT, _("unrecoverable error while setting up network, exiting.")); cleanup_and_exit (EXIT_FAILURE); }