1 | /* |
1 | /* |
2 | util.C -- process management and other utility functions |
2 | util.C -- process management and other utility functions |
|
|
3 | Copyright (C) 2003-2011 Marc Lehmann <gvpe@schmorp.de> |
3 | |
4 | |
4 | Most of these are taken from tinc, see the AUTHORS file. |
5 | Some of these are taken from tinc, see the AUTHORS file. |
5 | |
6 | |
|
|
7 | This file is part of GVPE. |
|
|
8 | |
6 | This program is free software; you can redistribute it and/or modify |
9 | GVPE is free software; you can redistribute it and/or modify it |
7 | it under the terms of the GNU General Public License as published by |
10 | under the terms of the GNU General Public License as published by the |
8 | the Free Software Foundation; either version 2 of the License, or |
11 | Free Software Foundation; either version 3 of the License, or (at your |
9 | (at your option) any later version. |
12 | option) any later version. |
10 | |
13 | |
11 | This program is distributed in the hope that it will be useful, |
14 | This program is distributed in the hope that it will be useful, but |
12 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General |
14 | GNU General Public License for more details. |
17 | Public License for more details. |
15 | |
18 | |
16 | You should have received a copy of the GNU General Public License |
19 | You should have received a copy of the GNU General Public License along |
17 | along with this program; if not, write to the Free Software |
20 | with this program; if not, see <http://www.gnu.org/licenses/>. |
18 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
21 | |
|
|
22 | Additional permission under GNU GPL version 3 section 7 |
|
|
23 | |
|
|
24 | If you modify this Program, or any covered work, by linking or |
|
|
25 | combining it with the OpenSSL project's OpenSSL library (or a modified |
|
|
26 | version of that library), containing parts covered by the terms of the |
|
|
27 | OpenSSL or SSLeay licenses, the licensors of this Program grant you |
|
|
28 | additional permission to convey the resulting work. Corresponding |
|
|
29 | Source for a non-source form of such a combination shall include the |
|
|
30 | source code for the parts of OpenSSL used as well as that of the |
|
|
31 | covered work. |
19 | */ |
32 | */ |
20 | |
33 | |
21 | #include "config.h" |
34 | #include "config.h" |
22 | |
35 | |
23 | #include <cstdio> |
36 | #include <cstdio> |
|
|
37 | #include <cstdlib> |
24 | #include <cstring> |
38 | #include <cstring> |
|
|
39 | |
|
|
40 | #include <queue> |
25 | |
41 | |
26 | #include <errno.h> |
42 | #include <errno.h> |
27 | #include <signal.h> |
43 | #include <signal.h> |
28 | #include <sys/types.h> |
44 | #include <sys/types.h> |
|
|
45 | #include <sys/wait.h> |
29 | #include <unistd.h> |
46 | #include <unistd.h> |
30 | #include <time.h> |
47 | #include <time.h> |
31 | #include <sys/socket.h> |
|
|
32 | #include <netinet/in.h> |
|
|
33 | #include <arpa/inet.h> |
|
|
34 | |
48 | |
35 | #include <sys/mman.h> |
49 | #if ENABLE_PTHREADS |
|
|
50 | # include <pthread.h> |
|
|
51 | #endif |
36 | |
52 | |
37 | #include <openssl/rand.h> |
53 | #include "netcompat.h" |
38 | #include <openssl/rsa.h> |
|
|
39 | #include <openssl/pem.h> |
|
|
40 | #include <openssl/evp.h> |
|
|
41 | |
54 | |
42 | #include "gettext.h" |
55 | #include "gettext.h" |
43 | #include "pidfile.h" |
56 | #include "pidfile.h" |
44 | #include "dropin.h" |
57 | #include "dropin.h" |
45 | |
58 | |
46 | #include "global.h" |
59 | #include "global.h" |
47 | #include "conf.h" |
60 | #include "conf.h" |
|
|
61 | #include "util.h" |
48 | #include "slog.h" |
62 | #include "slog.h" |
49 | #include "protocol.h" |
|
|
50 | |
|
|
51 | time_t now; |
|
|
52 | |
63 | |
53 | int |
64 | int |
54 | write_pidfile (void) |
65 | write_pidfile (void) |
55 | { |
66 | { |
56 | int pid; |
67 | int pid; |
57 | |
68 | |
58 | pid = check_pid (pidfilename); |
69 | pid = check_pid (conf.pidfilename); |
59 | |
70 | |
60 | if (pid) |
71 | if (pid) |
61 | { |
72 | { |
62 | fprintf (stderr, _("A vped is already running with pid %d.\n"), pid); |
73 | fprintf (stderr, _("A gvpe daemon is already running with pid %d.\n"), pid); |
63 | return 1; |
74 | return 1; |
64 | } |
75 | } |
65 | |
76 | |
66 | /* if it's locked, write-protected, or whatever */ |
77 | /* if it's locked, write-protected, or whatever */ |
67 | if (!write_pid (pidfilename)) |
78 | if (!write_pid (conf.pidfilename)) |
68 | return 1; |
79 | return 1; |
69 | |
80 | |
70 | return 0; |
81 | return 0; |
71 | } |
82 | } |
72 | |
83 | |
73 | int |
84 | int |
74 | kill_other (int signal) |
85 | kill_other (int signal) |
75 | { |
86 | { |
76 | int pid; |
87 | int pid; |
77 | |
88 | |
78 | pid = read_pid (pidfilename); |
89 | pid = read_pid (conf.pidfilename); |
79 | |
90 | |
80 | if (!pid) |
91 | if (!pid) |
81 | { |
92 | { |
82 | fprintf (stderr, _("No other vped is running.\n")); |
93 | fprintf (stderr, _("No other gvpe daemon is running.\n")); |
83 | return 1; |
94 | return 1; |
84 | } |
95 | } |
85 | |
96 | |
86 | errno = 0; /* No error, sometimes errno is only changed on error */ |
97 | errno = 0; /* No error, sometimes errno is only changed on error */ |
87 | |
98 | |
88 | /* ESRCH is returned when no process with that pid is found */ |
99 | /* ESRCH is returned when no process with that pid is found */ |
89 | if (kill (pid, signal) && errno == ESRCH) |
100 | if (kill (pid, signal) && errno == ESRCH) |
90 | { |
101 | { |
91 | fprintf (stderr, _("The vped is no longer running. ")); |
102 | fprintf (stderr, _("The gvpe daemon is no longer running. ")); |
92 | |
103 | |
93 | fprintf (stderr, _("Removing stale lock file.\n")); |
104 | fprintf (stderr, _("Removing stale lock file.\n")); |
94 | remove_pid (pidfilename); |
105 | remove_pid (conf.pidfilename); |
95 | } |
106 | } |
96 | |
107 | |
97 | return 0; |
108 | return 0; |
98 | } |
109 | } |
99 | |
110 | |
… | |
… | |
119 | return -1; |
130 | return -1; |
120 | } |
131 | } |
121 | |
132 | |
122 | /* Now UPDATE the pid in the pidfile, because we changed it... */ |
133 | /* Now UPDATE the pid in the pidfile, because we changed it... */ |
123 | |
134 | |
124 | if (!write_pid (pidfilename)) |
135 | if (!write_pid (conf.pidfilename)) |
125 | return -1; |
136 | return -1; |
126 | |
137 | |
127 | log_to (LOGTO_SYSLOG); |
138 | log_to (LOGTO_SYSLOG); |
128 | } |
139 | } |
129 | else |
140 | else |
130 | log_to (LOGTO_SYSLOG | LOGTO_STDERR); |
141 | log_to (LOGTO_SYSLOG | LOGTO_STDERR); |
131 | |
142 | |
132 | slog (L_INFO, _("vped %s (%s %s) starting"), VERSION, __DATE__, __TIME__); |
143 | slog (L_INFO, _("gvpe daemon %s (%s %s) starting up."), VERSION, __DATE__, __TIME__); |
133 | |
144 | |
134 | return 0; |
145 | return 0; |
135 | } |
146 | } |
136 | |
147 | |
|
|
148 | /*****************************************************************************/ |
|
|
149 | |
|
|
150 | pid_t |
|
|
151 | run_script (const run_script_cb &cb, bool wait) |
|
|
152 | { |
|
|
153 | sigset_t oldset; |
|
|
154 | |
|
|
155 | if (wait) |
|
|
156 | { |
|
|
157 | sigset_t sigchld; |
|
|
158 | sigemptyset (&sigchld); |
|
|
159 | sigaddset (&sigchld, SIGCHLD); |
|
|
160 | sigprocmask (SIG_BLOCK, &sigchld, &oldset); |
|
|
161 | } |
|
|
162 | |
|
|
163 | pid_t pid = fork (); |
|
|
164 | |
|
|
165 | if (pid == 0) |
|
|
166 | { |
|
|
167 | sigprocmask (SIG_SETMASK, &oldset, 0); |
|
|
168 | |
|
|
169 | execl ("/bin/sh", "/bin/sh", "-c", cb (), (char *) 0); |
|
|
170 | exit (EXIT_FAILURE); |
|
|
171 | } |
|
|
172 | else if (pid > 0) |
|
|
173 | { |
|
|
174 | if (wait) |
|
|
175 | { |
|
|
176 | int status; |
|
|
177 | int res = waitpid (pid, &status, 0); |
|
|
178 | |
|
|
179 | sigprocmask (SIG_SETMASK, &oldset, 0); |
|
|
180 | |
|
|
181 | if (res < 0) |
|
|
182 | { |
|
|
183 | slog (L_WARN, _("waiting for an external command failed: %s."), |
|
|
184 | strerror (errno)); |
|
|
185 | return 0; |
|
|
186 | } |
|
|
187 | else if (!WIFEXITED (status) || WEXITSTATUS (status) != EXIT_SUCCESS) |
|
|
188 | { |
|
|
189 | slog (L_WARN, _("external command returned with exit status %d (%04x)."), |
|
|
190 | WEXITSTATUS (status), status); |
|
|
191 | return 0; |
|
|
192 | } |
|
|
193 | } |
|
|
194 | } |
|
|
195 | else |
|
|
196 | { |
|
|
197 | slog (L_ERR, _("unable to fork, exiting: %s"), strerror (errno)); |
|
|
198 | exit (EXIT_FAILURE); |
|
|
199 | } |
|
|
200 | |
|
|
201 | return pid; |
|
|
202 | } |
|
|
203 | |
|
|
204 | /*****************************************************************************/ |
|
|
205 | |
|
|
206 | #if 0 /* not yet used */ |
|
|
207 | |
|
|
208 | #if ENABLE_PTHREADS |
|
|
209 | struct async_cb |
|
|
210 | { |
|
|
211 | callback<void ()> work_cb; |
|
|
212 | callback<void ()> done_cb; |
|
|
213 | }; |
|
|
214 | |
|
|
215 | static ev::async async_done_w; |
|
|
216 | static std::queue< callback<void ()> > async_q; |
|
|
217 | |
|
|
218 | static callback<void ()> work_cb; |
|
|
219 | |
|
|
220 | static void * |
|
|
221 | async_exec (void *) |
|
|
222 | { |
|
|
223 | work_cb (); |
|
|
224 | async_done_w.send (); |
|
|
225 | |
|
|
226 | return 0; |
|
|
227 | } |
|
|
228 | |
|
|
229 | static void |
|
|
230 | async_q_next () |
|
|
231 | { |
|
|
232 | work_cb = async_q.front (); async_q.pop (); |
|
|
233 | |
|
|
234 | sigset_t fullsigset, oldsigset; |
|
|
235 | pthread_attr_t attr; |
|
|
236 | pthread_t tid; |
|
|
237 | |
|
|
238 | pthread_attr_init (&attr); |
|
|
239 | pthread_attr_setdetachstate (&attr, PTHREAD_CREATE_DETACHED); |
|
|
240 | //pthread_attr_setstacksize (&attr, PTHREAD_STACK_MIN < X_STACKSIZE ? X_STACKSIZE : PTHREAD_STACK_MIN); |
|
|
241 | sigfillset (&fullsigset); |
|
|
242 | pthread_sigmask (SIG_SETMASK, &fullsigset, &oldsigset); |
|
|
243 | |
|
|
244 | if (pthread_create (&tid, &attr, async_exec, 0)) |
|
|
245 | async_exec (0); |
|
|
246 | |
|
|
247 | pthread_sigmask (SIG_SETMASK, &oldsigset, 0); |
|
|
248 | pthread_attr_destroy (&attr); |
|
|
249 | } |
|
|
250 | |
|
|
251 | namespace { |
|
|
252 | void |
|
|
253 | async_done (ev::async &w, int revents) |
|
|
254 | { |
|
|
255 | callback<void ()> done_cb = async_q.front (); async_q.pop (); |
|
|
256 | |
|
|
257 | if (async_q.empty ()) |
|
|
258 | async_done_w.stop (); |
|
|
259 | else |
|
|
260 | async_q_next (); |
|
|
261 | |
|
|
262 | done_cb (); |
|
|
263 | } |
|
|
264 | }; |
|
|
265 | |
137 | void |
266 | void |
138 | make_names (void) |
267 | async (callback<void ()> work_cb, callback<void ()> done_cb) |
139 | { |
268 | { |
140 | if (!pidfilename) |
269 | bool was_empty = async_q.empty (); |
141 | pidfilename = LOCALSTATEDIR "/run/vped.pid"; |
|
|
142 | |
270 | |
143 | if (!confbase) |
271 | async_q.push (work_cb); |
144 | asprintf (&confbase, "%s/vpe", CONFDIR); |
272 | async_q.push (done_cb); |
145 | } |
|
|
146 | |
273 | |
147 | void pkt_queue::put (tap_packet *p) |
274 | if (was_empty) |
148 | { |
|
|
149 | if (queue[i]) |
|
|
150 | { |
|
|
151 | delete queue[i]; |
|
|
152 | j = (j + 1) % QUEUEDEPTH; |
|
|
153 | } |
275 | { |
154 | |
276 | async_done_w.set<async_done> (); |
155 | queue[i] = p; |
277 | async_done_w.start (); |
156 | |
278 | async_q_next (); |
157 | i = (i + 1) % QUEUEDEPTH; |
|
|
158 | } |
|
|
159 | |
|
|
160 | tap_packet *pkt_queue::get () |
|
|
161 | { |
|
|
162 | tap_packet *p = queue[j]; |
|
|
163 | |
|
|
164 | if (p) |
|
|
165 | { |
279 | } |
166 | queue[j] = 0; |
280 | } |
167 | j = (j + 1) % QUEUEDEPTH; |
281 | |
|
|
282 | #else |
|
|
283 | |
|
|
284 | void |
|
|
285 | async (callback<void ()> work_cb, callback<void ()> done_cb) |
|
|
286 | { |
|
|
287 | work_cb (); |
|
|
288 | done_cb (); |
|
|
289 | } |
|
|
290 | |
|
|
291 | #endif |
|
|
292 | |
|
|
293 | #endif |
|
|
294 | |
|
|
295 | /*****************************************************************************/ |
|
|
296 | |
|
|
297 | void hexdump (const char *header, void *data, int len) |
|
|
298 | { |
|
|
299 | u8 *p = (u8 *)data; |
|
|
300 | |
|
|
301 | printf ("%s:", header); |
|
|
302 | |
|
|
303 | while (len--) |
|
|
304 | printf (" %02x", *p++); |
|
|
305 | |
|
|
306 | printf ("\n"); |
|
|
307 | } |
|
|
308 | |
|
|
309 | /*****************************************************************************/ |
|
|
310 | |
|
|
311 | #if ENABLE_HTTP_PROXY |
|
|
312 | // works like strdup |
|
|
313 | u8 * |
|
|
314 | base64_encode (const u8 *data, unsigned int len) |
|
|
315 | { |
|
|
316 | const static char base64[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; |
|
|
317 | |
|
|
318 | unsigned int t, i; |
|
|
319 | const u8 *end = data + len; |
|
|
320 | u8 *res = new u8 [4 * ((len + 2) / 3) + 1]; |
|
|
321 | u8 *out = res; |
|
|
322 | |
|
|
323 | while (data <= end - 3) |
168 | } |
324 | { |
169 | |
325 | t = (((data[0] << 8) | data[1]) << 8) | data[2]; |
170 | return p; |
326 | data += 3; |
171 | } |
|
|
172 | |
|
|
173 | pkt_queue::pkt_queue () |
|
|
174 | { |
|
|
175 | memset (queue, 0, sizeof (queue)); |
|
|
176 | i = 0; |
|
|
177 | j = 0; |
|
|
178 | } |
|
|
179 | |
|
|
180 | pkt_queue::~pkt_queue () |
|
|
181 | { |
|
|
182 | for (i = QUEUEDEPTH; --i > 0; ) |
|
|
183 | delete queue[i]; |
|
|
184 | } |
|
|
185 | |
|
|
186 | sockinfo::operator const char *() |
|
|
187 | { |
|
|
188 | static char hostport[15 + 1 + 5 + 1]; |
|
|
189 | in_addr ia = { host }; |
|
|
190 | |
|
|
191 | sprintf (hostport, "%.15s:%d", inet_ntoa (ia), ntohs (port) & 0xffff); |
|
|
192 | |
|
|
193 | return hostport; |
|
|
194 | } |
|
|
195 | |
|
|
196 | bool u32_rate_limiter::can (u32 host) |
|
|
197 | { |
|
|
198 | iterator i; |
|
|
199 | |
|
|
200 | for (i = begin (); i != end (); ) |
|
|
201 | if (i->second <= now) |
|
|
202 | { |
327 | |
203 | erase (i); |
328 | *out++ = base64[(t >> 18) & 0x3f]; |
204 | i = begin (); |
329 | *out++ = base64[(t >> 12) & 0x3f]; |
|
|
330 | *out++ = base64[(t >> 6) & 0x3f]; |
|
|
331 | *out++ = base64[(t ) & 0x3f]; |
205 | } |
332 | } |
206 | else |
|
|
207 | ++i; |
|
|
208 | |
333 | |
209 | i = find (host); |
334 | for (t = 0, i = 0; data < end; i++) |
|
|
335 | t = (t << 8) | *data++; |
210 | |
336 | |
211 | if (i != end ()) |
337 | switch (i) |
212 | return false; |
338 | { |
|
|
339 | case 2: |
|
|
340 | *out++ = base64[(t >> 10) & 0x3f]; |
|
|
341 | *out++ = base64[(t >> 4) & 0x3f]; |
|
|
342 | *out++ = base64[(t << 2) & 0x3f]; |
|
|
343 | *out++ = '='; |
|
|
344 | break; |
|
|
345 | case 1: |
|
|
346 | *out++ = base64[(t >> 2) & 0x3f]; |
|
|
347 | *out++ = base64[(t << 4) & 0x3f]; |
|
|
348 | *out++ = '='; |
|
|
349 | *out++ = '='; |
|
|
350 | break; |
|
|
351 | } |
213 | |
352 | |
214 | insert (value_type (host, now + every)); |
353 | *out++ = 0; |
215 | |
354 | |
216 | return true; |
355 | return res; |
217 | } |
356 | } |
|
|
357 | #endif |
218 | |
358 | |
|
|
359 | void |
|
|
360 | id2mac (unsigned int id, void *m) |
|
|
361 | { |
|
|
362 | mac &p = *(mac *)m; |
|
|
363 | |
|
|
364 | if (id) |
|
|
365 | { |
|
|
366 | p[0] = 0xfe; |
|
|
367 | p[1] = 0xfd; |
|
|
368 | p[2] = 0x80; |
|
|
369 | p[3] = 0x00; |
|
|
370 | p[4] = id >> 8; |
|
|
371 | p[5] = id; |
|
|
372 | } |
|
|
373 | else |
|
|
374 | { |
|
|
375 | p[0] = 0xff; |
|
|
376 | p[1] = 0xff; |
|
|
377 | p[2] = 0xff; |
|
|
378 | p[3] = 0xff; |
|
|
379 | p[4] = 0xff; |
|
|
380 | p[5] = 0xff; |
|
|
381 | } |
|
|
382 | } |
|
|
383 | |