--- gvpe/src/util.C	2004/06/11 15:56:34	1.15
+++ gvpe/src/util.C	2014/01/09 08:15:05	1.28
@@ -1,22 +1,34 @@
 /*
     util.C -- process management and other utility functions
-    Copyright (C) 2003-2004 Marc Lehmann <pcg@goof.com>
+    Copyright (C) 2003-2011 Marc Lehmann <gvpe@schmorp.de>
     
     Some of these are taken from tinc, see the AUTHORS file.
  
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
- 
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
- 
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+    This file is part of GVPE.
+
+    GVPE is free software; you can redistribute it and/or modify it
+    under the terms of the GNU General Public License as published by the
+    Free Software Foundation; either version 3 of the License, or (at your
+    option) any later version.
+   
+    This program is distributed in the hope that it will be useful, but
+    WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
+    Public License for more details.
+   
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, see <http://www.gnu.org/licenses/>.
+   
+    Additional permission under GNU GPL version 3 section 7
+   
+    If you modify this Program, or any covered work, by linking or
+    combining it with the OpenSSL project's OpenSSL library (or a modified
+    version of that library), containing parts covered by the terms of the
+    OpenSSL or SSLeay licenses, the licensors of this Program grant you
+    additional permission to convey the resulting work.  Corresponding
+    Source for a non-source form of such a combination shall include the
+    source code for the parts of OpenSSL used as well as that of the
+    covered work.
 */
 
 #include "config.h"
@@ -25,6 +37,8 @@
 #include <cstdlib>
 #include <cstring>
 
+#include <queue>
+
 #include <errno.h>
 #include <signal.h>
 #include <sys/types.h>
@@ -32,6 +46,12 @@
 #include <unistd.h>
 #include <time.h>
 
+#if ENABLE_PTHREADS
+# include <pthread.h>
+#endif
+
+#include <openssl/rand.h>
+
 #include "netcompat.h"
 
 #include "gettext.h"
@@ -122,32 +142,174 @@
   else
     log_to (LOGTO_SYSLOG | LOGTO_STDERR);
 
-  slog (L_INFO, _("gvpe daemon %s (%s %s) starting"), VERSION, __DATE__, __TIME__);
+  slog (L_INFO, _("gvpe daemon %s (%s %s) starting up."), VERSION, __DATE__, __TIME__);
 
   return 0;
 }
 
-void run_script (const run_script_cb &cb, bool wait)
+/*****************************************************************************/
+
+pid_t
+run_script (const run_script_cb &cb, bool wait)
 {
-  int pid;
+  sigset_t oldset;
 
-  if ((pid = fork ()) == 0)
+  if (wait)
     {
-      char *filename;
-      asprintf (&filename, "%s/%s", confbase, cb());
-      execl (filename, filename, (char *) 0);
-      exit (126);
+      sigset_t sigchld;
+      sigemptyset (&sigchld);
+      sigaddset (&sigchld, SIGCHLD);
+      sigprocmask (SIG_BLOCK, &sigchld, &oldset);
+    }
+
+  pid_t pid = fork ();
+
+  if (pid == 0)
+    {
+      sigprocmask (SIG_SETMASK, &oldset, 0);
+
+      execl ("/bin/sh", "/bin/sh", "-c", cb (), (char *) 0);
+      exit (EXIT_FAILURE);
     }
   else if (pid > 0)
     {
       if (wait)
         {
-          waitpid (pid, 0, 0);
-          /* TODO: check status */
+          int status;
+          int res = waitpid (pid, &status, 0);
+
+          sigprocmask (SIG_SETMASK, &oldset, 0);
+
+          if (res < 0)
+            {
+              slog (L_WARN, _("waiting for an external command failed: %s."),
+                    strerror (errno));
+              return 0;
+            }
+          else if (!WIFEXITED (status) || WEXITSTATUS (status) != EXIT_SUCCESS)
+            {
+              slog (L_WARN, _("external command returned with exit status %d (%04x)."),
+                    WEXITSTATUS (status), status);
+              return 0;
+            }
         }
     }
+  else
+    {
+      slog (L_ERR, _("unable to fork, exiting: %s"), strerror (errno));
+      exit (EXIT_FAILURE);
+    }
+
+  return pid;
+}
+
+/*****************************************************************************/
+
+#if 0 /* not yet used */
+
+#if ENABLE_PTHREADS
+struct async_cb
+{
+  callback<void ()> work_cb;
+  callback<void ()> done_cb;
+};
+
+static ev::async async_done_w;
+static std::queue< callback<void ()> > async_q;
+
+static callback<void ()> work_cb;
+
+static void *
+async_exec (void *)
+{
+  work_cb ();
+  async_done_w.send ();
+
+  return 0;
+}
+
+static void
+async_q_next ()
+{
+  work_cb = async_q.front (); async_q.pop ();
+
+  sigset_t fullsigset, oldsigset;
+  pthread_attr_t attr;
+  pthread_t tid;
+
+  pthread_attr_init (&attr);
+  pthread_attr_setdetachstate (&attr, PTHREAD_CREATE_DETACHED);
+  //pthread_attr_setstacksize (&attr, PTHREAD_STACK_MIN < X_STACKSIZE ? X_STACKSIZE : PTHREAD_STACK_MIN);
+  sigfillset (&fullsigset);
+  pthread_sigmask (SIG_SETMASK, &fullsigset, &oldsigset);
+
+  if (pthread_create (&tid, &attr, async_exec, 0))
+    async_exec (0);
+
+  pthread_sigmask (SIG_SETMASK, &oldsigset, 0);
+  pthread_attr_destroy (&attr);
+}
+
+namespace {
+  void
+  async_done (ev::async &w, int revents)
+  {
+    callback<void ()> done_cb = async_q.front (); async_q.pop ();
+
+    if (async_q.empty ())
+      async_done_w.stop ();
+    else
+      async_q_next ();
+
+    done_cb ();
+  }
+};
+
+void
+async (callback<void ()> work_cb, callback<void ()> done_cb)
+{
+  bool was_empty = async_q.empty ();
+
+  async_q.push (work_cb);
+  async_q.push (done_cb);
+
+  if (was_empty)
+    {
+      async_done_w.set<async_done> ();
+      async_done_w.start ();
+      async_q_next ();
+    }
 }
 
+#else
+
+void
+async (callback<void ()> work_cb, callback<void ()> done_cb)
+{
+  work_cb ();
+  done_cb ();
+}
+
+#endif
+
+#endif
+
+/*****************************************************************************/
+
+void hexdump (const char *header, void *data, int len)
+{
+  u8 *p = (u8 *)data;
+
+  printf ("%s:", header);
+
+  while (len--)
+    printf (" %02x", *p++);
+
+  printf ("\n");
+}
+
+/*****************************************************************************/
+
 #if ENABLE_HTTP_PROXY
 // works like strdup
 u8 *
@@ -196,6 +358,19 @@
 }
 #endif
 
+bool
+slow_memeq (const void *a, const void *b, int len)
+{
+  volatile const u8 *pa = (const u8 *)a;
+  volatile const u8 *pb = (const u8 *)b;
+  u8 diff = 0;
+
+  while (len--)
+    diff |= *pa++ ^ *pb++;
+
+  return !diff;
+}
+
 void
 id2mac (unsigned int id, void *m)
 {
@@ -221,3 +396,17 @@
     }
 }
 
+/*****************************************************************************/
+
+void rand_fill (void *data, int len)
+{
+  int l = RAND_bytes ((unsigned char *)data, len);
+
+  if (l > 0)
+    return;
+  else if (l == 0)
+    slog (L_WARN, _("Not enough random entropy to generate secure keys. Using weaker pseudo-random session keys."));
+  else
+    fatal (_("RAND_bytes failed, aborting."));
+}
+