chiark - git - ian - secnet.git/commit

fds etc.: Support non-forking persistent children

Polypath is are going to want to spawn a persistent child process,
which will not exec.  This child ought not to hold onto the various
important fds.

Otherwise, if the main secnet process dies but the child does not (for
some reason), the network interfaces, udp sockets, etc., set up by the
old secnet will remain owned by the child.

Introduce a new PHASE for this purpose (currently never entered).
Provide a convenient common hook function for closing a single fd.

Add phase hooks to:
* Close udp sockets (in the udp and polypath comm modules);
* Close the pipes to userv-ipif (slip netlink module);
* Close the tun device (tun netlink module);
* Zero out data transport keys, to improve forward secrecy in case
   the subprocess leaks somehow.  (Sadly we can't conveniently find
   the asymmmetric crypto session key negotiation state to wipe it.)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

author	Ian Jackson <ijackson@chiark.greenend.org.uk>
	Wed, 1 Oct 2014 22:21:56 +0000 (23:21 +0100)
committer	Ian Jackson <ijackson@chiark.greenend.org.uk>
	Thu, 2 Oct 2014 15:41:56 +0000 (16:41 +0100)
commit	a52afe260d8aaaf9dd277e17155bcd92b54e7afa
tree	6f595cb64cc8d6061de396a4695e5581fb6fbe60	tree \| snapshot
parent	02f4a4c7f8c77df8e49cf63b9371545cb5124fd4	commit \| diff

comm-common.h		diff \| blob \| history
polypath.c		diff \| blob \| history
process.c		diff \| blob \| history
secnet.h		diff \| blob \| history
site.c		diff \| blob \| history
slip.c		diff \| blob \| history
tun.c		diff \| blob \| history
udp.c		diff \| blob \| history
util.c		diff \| blob \| history