summaryrefslogtreecommitdiff
path: root/src/anytun-controld.cpp
diff options
context:
space:
mode:
authorOthmar Gsenger <otti@anytun.org>2008-04-12 11:38:42 +0000
committerOthmar Gsenger <otti@anytun.org>2008-04-12 11:38:42 +0000
commitfffd213c8cba2135afda493d797c41c10354770e (patch)
treebb5eea1b12871d8c3fed0e687d83be3e504d11b2 /src/anytun-controld.cpp
parentsvn cleanup (diff)
big svn cleanup
Diffstat (limited to 'src/anytun-controld.cpp')
-rw-r--r--src/anytun-controld.cpp181
1 files changed, 181 insertions, 0 deletions
diff --git a/src/anytun-controld.cpp b/src/anytun-controld.cpp
new file mode 100644
index 0000000..204694e
--- /dev/null
+++ b/src/anytun-controld.cpp
@@ -0,0 +1,181 @@
+/*
+ * anytun
+ *
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007 anytun.org <satp@wirdorange.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program (see the file COPYING included with this
+ * distribution); if not, write to the Free Software Foundation, Inc.,
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include <iostream>
+#include <fstream>
+#include <poll.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "datatypes.h"
+
+#include "log.h"
+#include "signalController.h"
+#include "anymuxOptions.h"
+
+#include "muxSocket.h"
+#include "Sockets/ListenSocket.h"
+#include "Sockets/SocketHandler.h"
+
+
+class ThreadParam
+{
+public:
+ ThreadParam() : addr(""), port(0) {};
+ std::string addr;
+ u_int16_t port;
+};
+
+
+void* syncListener(void* p )
+{
+ ThreadParam* param = reinterpret_cast<ThreadParam*>(p);
+ SOCKETS_NAMESPACE::SocketHandler h;
+ SOCKETS_NAMESPACE::ListenSocket<MuxSocket> l(h,true);
+
+ if( l.Bind(param->addr, param->port) )
+ pthread_exit(NULL);
+
+ Utility::ResolveLocal(); // resolve local hostname
+ h.Add(&l);
+ h.Select(1,0);
+ while (1) {
+ h.Select(1,0);
+ }
+}
+
+void chrootAndDrop(std::string const& chrootdir, std::string const& username)
+{
+ if (getuid() != 0)
+ {
+ std::cerr << "this programm has to be run as root in order to run in a chroot" << std::endl;
+ exit(-1);
+ }
+
+ struct passwd *pw = getpwnam(username.c_str());
+ if(pw) {
+ if(chroot(chrootdir.c_str()))
+ {
+ std::cerr << "can't chroot to " << chrootdir << std::endl;
+ exit(-1);
+ }
+ cLog.msg(Log::PRIO_NOTICE) << "we are in chroot jail (" << chrootdir << ") now" << std::endl;
+ chdir("/");
+ if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid))
+ {
+ std::cerr << "can't drop to user " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
+ exit(-1);
+ }
+ cLog.msg(Log::PRIO_NOTICE) << "dropped user to " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
+ }
+ else
+ {
+ std::cerr << "unknown user " << username << std::endl;
+ exit(-1);
+ }
+}
+
+void daemonize()
+{
+ pid_t pid;
+
+ pid = fork();
+ if(pid) exit(0);
+ setsid();
+ pid = fork();
+ if(pid) exit(0);
+
+// std::cout << "running in background now..." << std::endl;
+
+ int fd;
+// for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
+ for (fd=0;fd<=2;fd++) // close all file descriptors
+ close(fd);
+ fd=open("/dev/null",O_RDWR); // stdin
+ dup(fd); // stdout
+ dup(fd); // stderr
+ umask(027);
+}
+
+int main(int argc, char* argv[])
+{
+ if(!gOpt.parse(argc, argv))
+ {
+ gOpt.printUsage();
+ exit(-1);
+ }
+
+ std::ifstream file( gOpt.getFileName().c_str() );
+ if( file.is_open() )
+ file.close();
+ else
+ {
+ std::cout << "ERROR: unable to open file!" << std::endl;
+ exit(-1);
+ }
+
+ std::ofstream pidFile;
+ if(gOpt.getPidFile() != "") {
+ pidFile.open(gOpt.getPidFile().c_str());
+ if(!pidFile.is_open()) {
+ std::cout << "can't open pid file" << std::endl;
+ }
+ }
+
+ if(gOpt.getChroot())
+ chrootAndDrop(gOpt.getChrootDir(), gOpt.getUsername());
+ if(gOpt.getDaemonize())
+ daemonize();
+
+ if(pidFile.is_open()) {
+ pid_t pid = getpid();
+ pidFile << pid;
+ pidFile.close();
+ }
+
+ SignalController sig;
+ sig.init();
+
+ ThreadParam p;
+ p.addr = gOpt.getBindToAddr();
+ p.port = gOpt.getBindToPort();
+ pthread_t syncListenerThread;
+ pthread_create(&syncListenerThread, NULL, syncListener, &p);
+
+ int ret = sig.run();
+
+ pthread_cancel(syncListenerThread);
+
+ pthread_join(syncListenerThread, NULL);
+
+ return ret;
+}
+