udp: Use commcommon->why_unwanted This is the one call site of comm_notify. (If we had had any comm that wasn't based on udp.c, that would have needed updating too.) No overall functional change: nothing ever sets this yet, so we always use the default message. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
comm: comm_notify takes the cc, not just the notify_list We're going to want this in a moment. No functional change. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp.c: Add a comment about the salen cast Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp.c: Add explicit cast to muffle bogus Clang warning. Clang is complaining (`-Wsign-compare') about the comparison between `salen' (`socklen_t', i.e., an `int' with a false moustache) and `size_t' (`unsigned int' in this case). I can see that some warnings of this kind are useful, but not this one. The usual arithmetic conversions apply, so `salen' is converted to `size_t'. If it was negative before, it's now very positive, which will trip the the comparison and call `FAIL' -- which seems like a plausible outcome. Muffle the warning by adding an explicit cast. This is ugly and pointless, though: other suggestions are welcome. Signed-off-by: Mark Wooding <mdw@distorted.org.uk> Acked-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Administrivia: Fix erroneous GPL3+ licence notices "version d or later" (!) Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
comm clientinfo: Provide clientinfo interface This will allow a comm client to provide information from its configuration dicts to the comm, so that a comm can be shared by multiple clients but still have client-specific configuration. Currently, this new interface has no callers, and no consumers. No comm clients call comm_if->_clientinfo(); they all just pass NULL. No comms take any notice of the clientinfo information; they always return NULL for the clientinfo*. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Copyright updates - update to GPLv3, etc. Update to GPLv3. secnet as actually installed is GPLv3+ anyway because it depends on python-ipaddr (Apache 2.0, which is GPLv2-incompatible), adns (now GPLv3+), and libgmp (now LGPLv3+). Also: * Add missing copyright notices and credits. * Get rid of old FSF street address; use URL instead. * Remove obsolete LICENCE.txt (which was for snprintf reimplementation). * Remove obsolete references to Cendio (for old ipaddr.py, now gone). Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp: Print more info in our comm_addr representations Include an index number (starting at 0) and the line number (but not filename) at which we were defined. This is allows the user to more easily see (for example) which comm_addrs actually belong to the same udp, even if they might have a different ix and thus be reported with different local addresses. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp: Insist on only one successful default socket setup If we default the addresses to use, we only insist that at least one of them can be successfully set up. (This is particularly significant when upgrading an existing secnet installation to the new secnet, with IPv6 support, but on a host with no IPv6, and no address configured in the config file. Without this patch, secnet would fail to start up because it would try, and fail, to bind the IPv6 address.) Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp: Provide st->addr_configured We are going to use it in udp_phase_hook. Rewrite the tests on caddrl in terms of this new boolean. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp, polypath: Log destination address in `some success' messages Replace the boolean parameter with a pointer to the destination address. (Conveniently this means that the calls relating to reception can remain unchanged and the ones relating to transmission produce a compile error until converted.) Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
authbind: Better logging of authbind failures Report the address and the authbind helper pathname. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp: Print `&' in address descriptions only if multiple sockets Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp, polypath: Log `experiencing success receiving', etc. We want to use the `experienced' mechanism to report success while receiving. But, previously, the udp_socks_afterpoll function which does the reciving didn't have a suitable description (`socksdesc') available: in particular, for polypath, it should print the interface name. Solve this as follows: * Add a `desc' field to struct udpsocks, set by udp_socks_register (for polypath this duplicates interf->name, but we don't really care much about that as it's only one pointer). * Add a new argument to udp_socks_register to ensure we catch all the creation sites. * Have have udp_sock_experienced take a struct udpsocks*. After all that, the new call to udp_sock_experienced is trivial. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp, polypath: Make specifying port optional There is no particular reason why a mobile site with no stable address ought to have to bind to a particular port. Doing so in those configurations can bring in additional complications. So, make specifying the port optional. udp_make_socket calls getsockname to find what port number it got. (We do this unconditionally as that's simplest.) This has more complicated fallout than appears at first glance. polypath needs to be able to match disappearances of the interface address, which is mostly processed in terms of the configured rather than obtained sockaddr. In polypath, we need to compare just the addresses when removing an interface address, because the port will have been assigned later. We also use the actual address in logging, rather than the one supplied by the interface monitor. To support these changes, we formalise udp_import_socket, and provide a new `ignoreport' option to iaddr_equal. The scope of the FAIL and FAIL_LG macros in udp.c becomes a bit wider. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
fds etc.: Support non-forking persistent children Polypath is are going to want to spawn a persistent child process, which will not exec. This child ought not to hold onto the various important fds. Otherwise, if the main secnet process dies but the child does not (for some reason), the network interfaces, udp sockets, etc., set up by the old secnet will remain owned by the child. Introduce a new PHASE for this purpose (currently never entered). Provide a convenient common hook function for closing a single fd. Add phase hooks to: * Close udp sockets (in the udp and polypath comm modules); * Close the pipes to userv-ipif (slip netlink module); * Close the tun device (tun netlink module); * Zero out data transport keys, to improve forward secrecy in case the subprocess leaks somehow. (Sadly we can't conveniently find the asymmmetric crypto session key negotiation state to wipe it.) Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp: Log transmission and reception errors, at least some of the time We keep a bitmask for each combination of - receive/send - address family - success/failure and log a message the first time each one occurs. We also provide a new utility function `af_name()' which is going to be used by polypath's logging. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
udp: Introduce some `us' convenience variables, etc. * Introduce appropriate `struct udpsock *us' in a few places, and use them as appropriate. We are going to make a few more places where these are used and this avoids some repetition. * Introduce an `af' variable for the intended destination address family at one point. We are going to want to reuse this. * Add a comment on a line `} else {' distant from its `if (..) {'. No functional change. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Introduce setnonblock() This involves reworking setcloexec()'s implementation so that we can reuse it. We now treat a failure to set O_NONBLOCK in udp_make_socket as a fatal, rather than recoverable, error. This is fine. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
process: Introduce afterfork() Rework set_default_signals into afterfork, which does the sigprocmask too. This is necessary for processes we fork after setup_signal_handling(), which otherwise inherit our blocking mask and non-default handlers. Call it after each fork() (except the ones we use for daemonising). As a consequence: - hackypar children will die if they get a terminating signal - our subprocesses such as `route' and `ifconfig' will inherit reasonable signal setups - it will be correct to call udp_make_socket during phase RUN (previously any authbind would get a strange signal setup) Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>