summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2008-12-27 01:37:51 +0000
committerChristian Pointner <equinox@anytun.org>2008-12-27 01:37:51 +0000
commite2f6f861375aea953866477f5736de5a4150d360 (patch)
tree87f75e1b143f1011e91b37fd5ca2bb5097f43fb5 /src
parentinitial directory checkin (diff)
initial checkin
damonizing chroot signal handling syslog
Diffstat (limited to 'src')
-rw-r--r--src/Makefile78
-rwxr-xr-xsrc/configure50
-rw-r--r--src/daemon.h107
-rw-r--r--src/log.c53
-rw-r--r--src/log.h61
-rw-r--r--src/signal.c80
-rw-r--r--src/signal.h42
-rw-r--r--src/uanytun.c55
8 files changed, 526 insertions, 0 deletions
diff --git a/src/Makefile b/src/Makefile
new file mode 100644
index 0000000..cd374f4
--- /dev/null
+++ b/src/Makefile
@@ -0,0 +1,78 @@
+##
+## ľAnytun
+##
+## ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+## featured implementation ľAnytun has no support for multiple connections
+## or synchronisation. It is a small single threaded implementation intended
+## to act as a client on small platforms.
+## The secure anycast tunneling protocol (satp) defines a protocol used
+## for communication between any combination of unicast and anycast
+## tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+## mode and allows tunneling of every ETHER TYPE protocol (e.g.
+## ethernet, ip, arp ...). satp directly includes cryptography and
+## message authentication based on the methodes used by SRTP. It is
+## intended to deliver a generic, scaleable and secure solution for
+## tunneling and relaying of packets of any protocol.
+##
+##
+## Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+##
+## This file is part of ľAnytun.
+##
+## ľAnytun is free software: you can redistribute it and/or modify
+## it under the terms of the GNU General Public License version 3 as
+## published by the Free Software Foundation.
+##
+## ľAnytun is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+##
+## You should have received a copy of the GNU General Public License
+## along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+##
+
+TARGET=$(shell uname -s)
+CC = gcc
+CCFLAGS = -g
+LD = gcc
+LDFLAGS = -g -Wall -O2 -lgcrypt -lgpg-error
+
+ifeq ($(TARGET),Linux)
+ LDFLAGS += -ldl
+endif
+ifeq ($(TARGET),OpenBSD)
+ LDFLAGS += -L/usr/local/lib
+endif
+
+OBJS = log.o \
+ signal.o \
+ uanytun.o
+
+EXECUTABLE = uanytun
+
+all: $(EXECUTABLE)
+
+uanytun: $(OBJS)
+ $(LD) $(OBJS) -o $@ $(LDFLAGS)
+
+uanytun.o: uanytun.c
+ $(CC) $(CCFLAGS) $< -c
+
+log.o: log.c log.h
+ $(CC) $(CCFLAGS) $< -c
+
+signal.o: signal.c signal.h
+ $(CC) $(CCFLAGS) $< -c
+
+distclean: clean
+ find . -name *.o -exec rm -f {} \;
+ rm -f tunDevice.c
+
+clean:
+ rm -f *.o
+ rm -f $(EXECUTABLE)
+
+ctags:
+ ctags -R --c++-kinds=+p --fields=+iaS --extra=+q .
+
diff --git a/src/configure b/src/configure
new file mode 100755
index 0000000..f487593
--- /dev/null
+++ b/src/configure
@@ -0,0 +1,50 @@
+#!/bin/sh
+#
+# ľAnytun
+#
+# ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+# featured implementation ľAnytun has no support for multiple connections
+# or synchronisation. It is a small single threaded implementation intended
+# to act as a client on small platforms.
+# The secure anycast tunneling protocol (satp) defines a protocol used
+# for communication between any combination of unicast and anycast
+# tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+# mode and allows tunneling of every ETHER TYPE protocol (e.g.
+# ethernet, ip, arp ...). satp directly includes cryptography and
+# message authentication based on the methodes used by SRTP. It is
+# intended to deliver a generic, scaleable and secure solution for
+# tunneling and relaying of packets of any protocol.
+#
+#
+# Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+#
+# This file is part of ľAnytun.
+#
+# ľAnytun is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3 as
+# published by the Free Software Foundation.
+#
+# ľAnytun is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+#
+
+TARGET=`uname -s`
+
+case $TARGET in
+ Linux)
+ rm -rf tunDevice.c
+ ln -sf linux/tunDevice.c
+ ;;
+ OpenBSD|FreeBSD|NetBSD)
+ rm -rf tunDevice.c
+ ln -sf bsd/tunDevice.c
+ ;;
+ *)
+ echo "Plattform not supported"
+ ;;
+esac
diff --git a/src/daemon.h b/src/daemon.h
new file mode 100644
index 0000000..085f563
--- /dev/null
+++ b/src/daemon.h
@@ -0,0 +1,107 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _DAEMON_H_
+#define _DAEMON_H_
+
+#include <poll.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+void chrootAndDrop(const char* chrootdir, const char* username)
+{
+ if (getuid() != 0)
+ {
+ fprintf(stderr, "this programm has to be run as root in order to run in a chroot\n");
+ exit(-1);
+ }
+
+ struct passwd *pw = getpwnam(username);
+ if(pw) {
+ if(chroot(chrootdir))
+ {
+ fprintf(stderr, "can't chroot to %s\n", chrootdir);
+ exit(-1);
+ }
+ log_printf(NOTICE, "we are in chroot jail (%s) now\n", chrootdir);
+ if(chdir("/"))
+ {
+ fprintf(stderr, "can't change to /\n");
+ exit(-1);
+ }
+ if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid))
+ {
+ fprintf(stderr, "can't drop to user %s %d:%d\n", username, pw->pw_uid, pw->pw_gid);
+ exit(-1);
+ }
+ log_printf(NOTICE, "dropped user to %s %d:%d\n", username, pw->pw_uid, pw->pw_gid);
+ }
+ else
+ {
+ fprintf(stderr, "unknown user %s\n", username);
+ exit(-1);
+ }
+}
+
+void daemonize()
+{
+ pid_t pid;
+
+ pid = fork();
+ if(pid) exit(0);
+ setsid();
+ pid = fork();
+ if(pid) exit(0);
+
+ int fd;
+ for (fd=0;fd<=2;fd++) // close all file descriptors
+ close(fd);
+ fd = open("/dev/null",O_RDWR); // stdin
+ if(fd == -1)
+ log_printf(WARNING, "can't open stdin (chroot and no link to /dev/null?)");
+ else {
+ if(dup(fd) == -1) // stdout
+ log_printf(WARNING, "can't open stdout");
+ if(dup(fd) == -1) // stderr
+ log_printf(WARNING, "can't open stderr");
+ }
+ umask(027);
+}
+
+#endif
+
diff --git a/src/log.c b/src/log.c
new file mode 100644
index 0000000..f9bda33
--- /dev/null
+++ b/src/log.c
@@ -0,0 +1,53 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdarg.h>
+#include "log.h"
+
+log_facility_t g_facility = DAEMON;
+
+void log_init(const char* name, log_facility_t facility)
+{
+ g_facility = facility;
+ openlog(name, LOG_PID | LOG_NDELAY, facility);
+}
+
+void log_printf(log_prio_t prio, const char* fmt, ...)
+{
+ va_list args;
+
+ va_start(args, fmt);
+ vsyslog(prio | g_facility, fmt, args);
+ va_end(args);
+}
diff --git a/src/log.h b/src/log.h
new file mode 100644
index 0000000..3b2196d
--- /dev/null
+++ b/src/log.h
@@ -0,0 +1,61 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _LOG_H_
+#define _LOG_H_
+
+#include <syslog.h>
+
+enum log_facility_enum { USER = LOG_USER, MAIL = LOG_MAIL,
+ DAEMON = LOG_DAEMON, AUTH = LOG_AUTH,
+ SYSLOG = LOG_SYSLOG, LPR = LOG_LPR,
+ NEWS = LOG_NEWS, UUCP = LOG_UUCP,
+ CRON = LOG_CRON, AUTHPRIV = LOG_AUTHPRIV,
+ FTP = LOG_FTP, LOCAL0 = LOG_LOCAL0,
+ LOCAL1 = LOG_LOCAL1, LOCAL2 = LOG_LOCAL2,
+ LOCAL3 = LOG_LOCAL3, LOCAL4 = LOG_LOCAL4,
+ LOCAL5 = LOG_LOCAL5, LOCAL6 = LOG_LOCAL6,
+ LOCAL7 = LOG_LOCAL7 };
+typedef enum log_facility_enum log_facility_t;
+
+enum log_prio_enum { EMERG = LOG_EMERG, ALERT = LOG_ALERT,
+ CRIT = LOG_CRIT, ERR = LOG_ERR,
+ WARNING = LOG_WARNING, NOTICE = LOG_NOTICE,
+ INFO = LOG_INFO, DEBUG = LOG_DEBUG };
+typedef enum log_prio_enum log_prio_t;
+
+void log_init(const char* name, log_facility_t facility);
+void log_printf(log_prio_t prio, const char* fmt, ...);
+
+#endif
diff --git a/src/signal.c b/src/signal.c
new file mode 100644
index 0000000..bb42331
--- /dev/null
+++ b/src/signal.c
@@ -0,0 +1,80 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "log.h"
+#include "signal.h"
+#include <signal.h>
+
+volatile sig_atomic_t signal_exit = 0;
+
+void signal_init()
+{
+ signal(SIGINT, handle_signal_exit);
+ signal(SIGQUIT, handle_signal_exit);
+ signal(SIGTERM, handle_signal_exit);
+
+ signal(SIGHUP, handle_signal);
+ signal(SIGUSR1, handle_signal);
+ signal(SIGUSR2, handle_signal);
+}
+
+void handle_signal(int sig)
+{
+ switch(sig) {
+ case SIGHUP: log_printf(NOTICE, "SIG-Hup caught"); break;
+ case SIGUSR1: log_printf(NOTICE, "SIG-Usr1 caught"); break;
+ case SIGUSR2: log_printf(NOTICE, "SIG-Usr2 caught"); break;
+ default: log_printf(NOTICE, "Signal %d caught, ignoring", sig); break;
+ }
+}
+
+void handle_signal_exit(int sig)
+{
+ switch(sig) {
+ case SIGINT: log_printf(NOTICE, "SIG-Int caught, exiting"); break;
+ case SIGQUIT: log_printf(NOTICE, "SIG-Quit caught, exiting"); break;
+ case SIGTERM: log_printf(NOTICE, "SIG-Term caught, exiting"); break;
+ default: log_printf(NOTICE, "Signal %d caught, ignoring", sig); return;
+ }
+
+ if (signal_exit)
+ raise (sig);
+ signal_exit = 1;
+
+ // do cleanup here
+
+ signal (sig, SIG_DFL);
+ raise (sig);
+}
+
diff --git a/src/signal.h b/src/signal.h
new file mode 100644
index 0000000..3dd0440
--- /dev/null
+++ b/src/signal.h
@@ -0,0 +1,42 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _SIGNAL_H_
+#define _SIGNAL_H_
+
+void signal_init();
+void handle_signal(int sig);
+void handle_signal_exit(int sig);
+
+#endif
diff --git a/src/uanytun.c b/src/uanytun.c
new file mode 100644
index 0000000..76aca3e
--- /dev/null
+++ b/src/uanytun.c
@@ -0,0 +1,55 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#include "log.h"
+#include "daemon.h"
+#include "signal.h"
+
+int main(int argc, char* argv[])
+{
+ log_init("uanytun", DAEMON);
+ signal_init();
+
+// chrootAndDrop("/var/run/", "nobody");
+ daemonize();
+ log_printf(INFO, "running in background now");
+
+ log_printf(INFO, "entering main loop");
+ while(1) sleep(1);
+}
+
+