1 | /* |
1 | /* |
2 | util.C -- process management and other utility functions |
2 | util.C -- process management and other utility functions |
|
|
3 | Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
3 | |
4 | |
4 | Most of these are taken from tinc, see the AUTHORS file. |
5 | Some of these are taken from tinc, see the AUTHORS file. |
5 | |
6 | |
|
|
7 | This file is part of GVPE. |
|
|
8 | |
6 | This program is free software; you can redistribute it and/or modify |
9 | GVPE is free software; you can redistribute it and/or modify it |
7 | it under the terms of the GNU General Public License as published by |
10 | under the terms of the GNU General Public License as published by the |
8 | the Free Software Foundation; either version 2 of the License, or |
11 | Free Software Foundation; either version 3 of the License, or (at your |
9 | (at your option) any later version. |
12 | option) any later version. |
10 | |
13 | |
11 | This program is distributed in the hope that it will be useful, |
14 | This program is distributed in the hope that it will be useful, but |
12 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General |
14 | GNU General Public License for more details. |
17 | Public License for more details. |
15 | |
18 | |
16 | You should have received a copy of the GNU General Public License |
19 | You should have received a copy of the GNU General Public License along |
17 | along with this program; if not, write to the Free Software |
20 | with this program; if not, see <http://www.gnu.org/licenses/>. |
18 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
21 | |
|
|
22 | Additional permission under GNU GPL version 3 section 7 |
|
|
23 | |
|
|
24 | If you modify this Program, or any covered work, by linking or |
|
|
25 | combining it with the OpenSSL project's OpenSSL library (or a modified |
|
|
26 | version of that library), containing parts covered by the terms of the |
|
|
27 | OpenSSL or SSLeay licenses, the licensors of this Program grant you |
|
|
28 | additional permission to convey the resulting work. Corresponding |
|
|
29 | Source for a non-source form of such a combination shall include the |
|
|
30 | source code for the parts of OpenSSL used as well as that of the |
|
|
31 | covered work. |
19 | */ |
32 | */ |
20 | |
33 | |
21 | #include "config.h" |
34 | #include "config.h" |
22 | |
35 | |
23 | #include <cstdio> |
36 | #include <cstdio> |
|
|
37 | #include <cstdlib> |
24 | #include <cstring> |
38 | #include <cstring> |
25 | |
39 | |
26 | #include <errno.h> |
40 | #include <errno.h> |
27 | #include <signal.h> |
41 | #include <signal.h> |
28 | #include <sys/types.h> |
42 | #include <sys/types.h> |
|
|
43 | #include <sys/wait.h> |
29 | #include <unistd.h> |
44 | #include <unistd.h> |
30 | #include <time.h> |
45 | #include <time.h> |
31 | #include <sys/socket.h> |
|
|
32 | #include <netinet/in.h> |
|
|
33 | #include <arpa/inet.h> |
|
|
34 | |
46 | |
35 | #include <sys/mman.h> |
47 | #include "netcompat.h" |
36 | |
|
|
37 | #include <openssl/rand.h> |
|
|
38 | #include <openssl/rsa.h> |
|
|
39 | #include <openssl/pem.h> |
|
|
40 | #include <openssl/evp.h> |
|
|
41 | |
48 | |
42 | #include "gettext.h" |
49 | #include "gettext.h" |
43 | #include "pidfile.h" |
50 | #include "pidfile.h" |
44 | #include "dropin.h" |
51 | #include "dropin.h" |
45 | |
52 | |
46 | #include "global.h" |
53 | #include "global.h" |
47 | #include "conf.h" |
54 | #include "conf.h" |
|
|
55 | #include "util.h" |
48 | #include "slog.h" |
56 | #include "slog.h" |
49 | #include "protocol.h" |
|
|
50 | |
|
|
51 | time_t now; |
|
|
52 | |
57 | |
53 | int |
58 | int |
54 | write_pidfile (void) |
59 | write_pidfile (void) |
55 | { |
60 | { |
56 | int pid; |
61 | int pid; |
57 | |
62 | |
58 | pid = check_pid (pidfilename); |
63 | pid = check_pid (conf.pidfilename); |
59 | |
64 | |
60 | if (pid) |
65 | if (pid) |
61 | { |
66 | { |
62 | fprintf (stderr, _("A vped is already running with pid %d.\n"), pid); |
67 | fprintf (stderr, _("A gvpe daemon is already running with pid %d.\n"), pid); |
63 | return 1; |
68 | return 1; |
64 | } |
69 | } |
65 | |
70 | |
66 | /* if it's locked, write-protected, or whatever */ |
71 | /* if it's locked, write-protected, or whatever */ |
67 | if (!write_pid (pidfilename)) |
72 | if (!write_pid (conf.pidfilename)) |
68 | return 1; |
73 | return 1; |
69 | |
74 | |
70 | return 0; |
75 | return 0; |
71 | } |
76 | } |
72 | |
77 | |
73 | int |
78 | int |
74 | kill_other (int signal) |
79 | kill_other (int signal) |
75 | { |
80 | { |
76 | int pid; |
81 | int pid; |
77 | |
82 | |
78 | pid = read_pid (pidfilename); |
83 | pid = read_pid (conf.pidfilename); |
79 | |
84 | |
80 | if (!pid) |
85 | if (!pid) |
81 | { |
86 | { |
82 | fprintf (stderr, _("No other vped is running.\n")); |
87 | fprintf (stderr, _("No other gvpe daemon is running.\n")); |
83 | return 1; |
88 | return 1; |
84 | } |
89 | } |
85 | |
90 | |
86 | errno = 0; /* No error, sometimes errno is only changed on error */ |
91 | errno = 0; /* No error, sometimes errno is only changed on error */ |
87 | |
92 | |
88 | /* ESRCH is returned when no process with that pid is found */ |
93 | /* ESRCH is returned when no process with that pid is found */ |
89 | if (kill (pid, signal) && errno == ESRCH) |
94 | if (kill (pid, signal) && errno == ESRCH) |
90 | { |
95 | { |
91 | fprintf (stderr, _("The vped is no longer running. ")); |
96 | fprintf (stderr, _("The gvpe daemon is no longer running. ")); |
92 | |
97 | |
93 | fprintf (stderr, _("Removing stale lock file.\n")); |
98 | fprintf (stderr, _("Removing stale lock file.\n")); |
94 | remove_pid (pidfilename); |
99 | remove_pid (conf.pidfilename); |
95 | } |
100 | } |
96 | |
101 | |
97 | return 0; |
102 | return 0; |
98 | } |
103 | } |
99 | |
104 | |
… | |
… | |
119 | return -1; |
124 | return -1; |
120 | } |
125 | } |
121 | |
126 | |
122 | /* Now UPDATE the pid in the pidfile, because we changed it... */ |
127 | /* Now UPDATE the pid in the pidfile, because we changed it... */ |
123 | |
128 | |
124 | if (!write_pid (pidfilename)) |
129 | if (!write_pid (conf.pidfilename)) |
125 | return -1; |
130 | return -1; |
126 | |
131 | |
127 | log_to (LOGTO_SYSLOG); |
132 | log_to (LOGTO_SYSLOG); |
128 | } |
133 | } |
129 | else |
134 | else |
130 | log_to (LOGTO_SYSLOG | LOGTO_STDERR); |
135 | log_to (LOGTO_SYSLOG | LOGTO_STDERR); |
131 | |
136 | |
132 | slog (L_INFO, _("vped %s (%s %s) starting"), VERSION, __DATE__, __TIME__); |
137 | slog (L_INFO, _("gvpe daemon %s (%s %s) starting"), VERSION, __DATE__, __TIME__); |
133 | |
138 | |
134 | return 0; |
139 | return 0; |
135 | } |
140 | } |
136 | |
141 | |
|
|
142 | bool run_script (const run_script_cb &cb, bool wait) |
|
|
143 | { |
|
|
144 | if (wait) |
|
|
145 | signal (SIGCHLD, SIG_DFL); // this is extremely ugly, but I did not feel like implementing a complete wait() event logic. It's easier to write this long comment to make your editor happy. |
|
|
146 | |
|
|
147 | int pid = fork (); |
|
|
148 | |
|
|
149 | if (pid == 0) |
|
|
150 | { |
|
|
151 | execl ("/bin/sh", "/bin/sh", "-c", cb (), (char *) 0); |
|
|
152 | exit (EXIT_FAILURE); |
|
|
153 | } |
|
|
154 | else if (pid > 0) |
|
|
155 | { |
|
|
156 | if (wait) |
|
|
157 | { |
|
|
158 | int status; |
|
|
159 | int res = waitpid (pid, &status, 0); |
|
|
160 | |
|
|
161 | signal (SIGCHLD, SIG_IGN); |
|
|
162 | |
|
|
163 | if (res < 0) |
|
|
164 | { |
|
|
165 | slog (L_WARN, _("waiting for an external command failed: %s."), |
|
|
166 | strerror (errno)); |
|
|
167 | return false; |
|
|
168 | } |
|
|
169 | else if (!WIFEXITED (status) || WEXITSTATUS (status) != EXIT_SUCCESS) |
|
|
170 | { |
|
|
171 | slog (L_WARN, _("external command returned with exit status %d (%04x)."), |
|
|
172 | WEXITSTATUS (status), status); |
|
|
173 | return false; |
|
|
174 | } |
|
|
175 | } |
|
|
176 | } |
|
|
177 | else |
|
|
178 | { |
|
|
179 | slog (L_ERR, _("unable to fork, exiting: %s"), strerror (errno)); |
|
|
180 | exit (EXIT_FAILURE); |
|
|
181 | } |
|
|
182 | |
|
|
183 | return true; |
|
|
184 | } |
|
|
185 | |
|
|
186 | #if ENABLE_HTTP_PROXY |
|
|
187 | // works like strdup |
|
|
188 | u8 * |
|
|
189 | base64_encode (const u8 *data, unsigned int len) |
|
|
190 | { |
|
|
191 | const static char base64[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; |
|
|
192 | |
|
|
193 | unsigned int t, i; |
|
|
194 | const u8 *end = data + len; |
|
|
195 | u8 *res = new u8 [4 * ((len + 2) / 3) + 1]; |
|
|
196 | u8 *out = res; |
|
|
197 | |
|
|
198 | while (data <= end - 3) |
|
|
199 | { |
|
|
200 | t = (((data[0] << 8) | data[1]) << 8) | data[2]; |
|
|
201 | data += 3; |
|
|
202 | |
|
|
203 | *out++ = base64[(t >> 18) & 0x3f]; |
|
|
204 | *out++ = base64[(t >> 12) & 0x3f]; |
|
|
205 | *out++ = base64[(t >> 6) & 0x3f]; |
|
|
206 | *out++ = base64[(t ) & 0x3f]; |
|
|
207 | } |
|
|
208 | |
|
|
209 | for (t = 0, i = 0; data < end; i++) |
|
|
210 | t = (t << 8) | *data++; |
|
|
211 | |
|
|
212 | switch (i) |
|
|
213 | { |
|
|
214 | case 2: |
|
|
215 | *out++ = base64[(t >> 10) & 0x3f]; |
|
|
216 | *out++ = base64[(t >> 4) & 0x3f]; |
|
|
217 | *out++ = base64[(t << 2) & 0x3f]; |
|
|
218 | *out++ = '='; |
|
|
219 | break; |
|
|
220 | case 1: |
|
|
221 | *out++ = base64[(t >> 2) & 0x3f]; |
|
|
222 | *out++ = base64[(t << 4) & 0x3f]; |
|
|
223 | *out++ = '='; |
|
|
224 | *out++ = '='; |
|
|
225 | break; |
|
|
226 | } |
|
|
227 | |
|
|
228 | *out++ = 0; |
|
|
229 | |
|
|
230 | return res; |
|
|
231 | } |
|
|
232 | #endif |
|
|
233 | |
137 | void |
234 | void |
138 | make_names (void) |
235 | id2mac (unsigned int id, void *m) |
139 | { |
236 | { |
140 | if (!pidfilename) |
237 | mac &p = *(mac *)m; |
141 | pidfilename = LOCALSTATEDIR "/run/vped.pid"; |
|
|
142 | |
238 | |
143 | if (!confbase) |
|
|
144 | asprintf (&confbase, "%s/vpe", CONFDIR); |
|
|
145 | } |
|
|
146 | |
|
|
147 | void pkt_queue::put (tap_packet *p) |
|
|
148 | { |
|
|
149 | if (queue[i]) |
|
|
150 | { |
|
|
151 | delete queue[i]; |
|
|
152 | j = (j + 1) % QUEUEDEPTH; |
|
|
153 | } |
|
|
154 | |
|
|
155 | queue[i] = p; |
|
|
156 | |
|
|
157 | i = (i + 1) % QUEUEDEPTH; |
|
|
158 | } |
|
|
159 | |
|
|
160 | tap_packet *pkt_queue::get () |
|
|
161 | { |
|
|
162 | tap_packet *p = queue[j]; |
|
|
163 | |
|
|
164 | if (p) |
239 | if (id) |
165 | { |
|
|
166 | queue[j] = 0; |
|
|
167 | j = (j + 1) % QUEUEDEPTH; |
|
|
168 | } |
|
|
169 | |
|
|
170 | return p; |
|
|
171 | } |
|
|
172 | |
|
|
173 | pkt_queue::pkt_queue () |
|
|
174 | { |
|
|
175 | memset (queue, 0, sizeof (queue)); |
|
|
176 | i = 0; |
|
|
177 | j = 0; |
|
|
178 | } |
|
|
179 | |
|
|
180 | pkt_queue::~pkt_queue () |
|
|
181 | { |
|
|
182 | for (i = QUEUEDEPTH; --i > 0; ) |
|
|
183 | delete queue[i]; |
|
|
184 | } |
|
|
185 | |
|
|
186 | sockinfo::operator const char *() |
|
|
187 | { |
|
|
188 | static char hostport[15 + 1 + 5 + 1]; |
|
|
189 | in_addr ia = { host }; |
|
|
190 | |
|
|
191 | sprintf (hostport, "%.15s:%d", inet_ntoa (ia), ntohs (port) & 0xffff); |
|
|
192 | |
|
|
193 | return hostport; |
|
|
194 | } |
|
|
195 | |
|
|
196 | bool u32_rate_limiter::can (u32 host) |
|
|
197 | { |
|
|
198 | iterator i; |
|
|
199 | |
|
|
200 | for (i = begin (); i != end (); ) |
|
|
201 | if (i->second <= now) |
|
|
202 | { |
240 | { |
203 | erase (i); |
241 | p[0] = 0xfe; |
204 | i = begin (); |
242 | p[1] = 0xfd; |
|
|
243 | p[2] = 0x80; |
|
|
244 | p[3] = 0x00; |
|
|
245 | p[4] = id >> 8; |
|
|
246 | p[5] = id; |
205 | } |
247 | } |
206 | else |
248 | else |
207 | ++i; |
249 | { |
208 | |
250 | p[0] = 0xff; |
209 | i = find (host); |
251 | p[1] = 0xff; |
210 | |
252 | p[2] = 0xff; |
211 | if (i != end ()) |
253 | p[3] = 0xff; |
212 | return false; |
254 | p[4] = 0xff; |
213 | |
255 | p[5] = 0xff; |
214 | insert (value_type (host, now + every)); |
256 | } |
215 | |
|
|
216 | return true; |
|
|
217 | } |
257 | } |
218 | |
258 | |