X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=secnet.c;h=ab562f1e8e6f0891c16ea84d68910d2a96917d6e;hb=08f344d3bdffe4bb83b47b5e2d53758ce231ebc4;hp=b0bb4b3d6a477b99af53376f4f7cfc951bffea9a;hpb=4efd681a66c15bc6f81eefc69396669e165e5e0f;p=secnet.git

diff --git a/secnet.c b/secnet.c
index b0bb4b3..ab562f1 100644
--- a/secnet.c
+++ b/secnet.c
@@ -4,33 +4,30 @@
  *
  */
 
-static char *version="secnet version " VERSION " $Date: 1996/03/13 22:27:41 $";
+extern char version[];
 
+#include "secnet.h"
 #include <stdio.h>
 #include <string.h>
 #include <getopt.h>
-#include <stdarg.h>
 #include <errno.h>
+#include <unistd.h>
 #include <sys/socket.h>
-#include <sys/poll.h>
-#include <sys/time.h>
-#include <netinet/in.h>
 #include <arpa/inet.h>
-#include <adns.h>
 #include <pwd.h>
-#include <sys/types.h>
 
-#include "secnet.h"
 #include "util.h"
 #include "conffile.h"
-#include "modules.h"
 
 /* Command-line options (possibly config-file options too) */
 static char *configfile="/etc/secnet/secnet.conf";
+bool_t just_check_config=False;
 static char *userid=NULL;
 static uid_t uid=0;
 static bool_t background=True;
 static char *pidfile=NULL;
+bool_t require_root_privileges=False;
+string_t require_root_privileges_explanation=NULL;
 
 /* Structures dealing with poll() call */
 struct poll_interest {
@@ -64,10 +61,11 @@ static void parse_options(int argc, char **argv)
 	    {"quiet", 0, 0, 'f'},
 	    {"debug", 1, 0, 'd'},
 	    {"config", 1, 0, 'c'},
+	    {"just-check-config", 0, 0, 'j'},
 	    {0,0,0,0}
 	};
 
-	c=getopt_long(argc, argv, "vwdnc:ft:",
+	c=getopt_long(argc, argv, "vwdnjc:ft:",
 		      long_options, &option_index);
 	if (c==-1)
 	    break;
@@ -81,6 +79,7 @@ static void parse_options(int argc, char **argv)
 		    "  -w, --nowarnings        suppress warnings\n"
 		    "  -v, --verbose           output extra diagnostics\n"
 		    "  -c, --config=filename   specify a configuration file\n"
+		    "  -j, --just-check-config stop after reading configfile\n"
 		    "  -n, --nodetach          do not run in background\n"
 		    "  -d, --debug=item,...    set debug options\n"
 		    "      --help              display this help and exit\n"
@@ -118,6 +117,10 @@ static void parse_options(int argc, char **argv)
 		fatal("secnet: no config filename specified");
 	    break;
 
+	case 'j':
+	    just_check_config=True;
+	    break;
+
 	case '?':
 	    break;
 
@@ -156,7 +159,7 @@ static void setup(dict_t *config)
 	fatal("configuration does not include a system/log facility\n");
     }
     log=init_log(l);
-    log->log(log->st,LOG_DEBUG,"secnet " VERSION ": logging started");
+    log->log(log->st,LOG_DEBUG,"%s: logging started",version);
 
     /* Who are we supposed to run as? */
     userid=dict_read_string(system,"userid",False,"system",loc);
@@ -177,22 +180,31 @@ static void setup(dict_t *config)
     /* Pidfile name */
     pidfile=dict_read_string(system,"pidfile",False,"system",loc);
 
+    /* Check whether we need root privileges */
+    if (require_root_privileges && uid!=0) {
+	fatal("the following configured feature (\"%s\") requires "
+	      "that secnet retain root privileges while running.\n",
+	      require_root_privileges_explanation);
+    }
+
     /* Go along site list, starting sites */
     l=dict_lookup(config,"sites");
     if (!l) {
-	fatal("configuration did not define any remote sites\n");
-    }
-    i=0;
-    while ((site=list_elem(l, i++))) {
-	struct site_if *s;
-	if (site->type!=t_closure) {
-	    cfgfatal(site->loc,"system","non-closure in site list");
-	}
-	if (site->data.closure->type!=CL_SITE) {
-	    cfgfatal(site->loc,"system","non-site closure in site list");
+	Message(M_WARNING,"secnet: configuration did not define any "
+		"remote sites\n");
+    } else {
+	i=0;
+	while ((site=list_elem(l, i++))) {
+	    struct site_if *s;
+	    if (site->type!=t_closure) {
+		cfgfatal(site->loc,"system","non-closure in site list");
+	    }
+	    if (site->data.closure->type!=CL_SITE) {
+		cfgfatal(site->loc,"system","non-site closure in site list");
+	    }
+	    s=site->data.closure->interface;
+	    s->control(s->st,True);
 	}
-	s=site->data.closure->interface;
-	s->control(s->st,True);
     }
 }
 
@@ -285,7 +297,6 @@ static void droppriv(void)
     /* Background now, if we're supposed to: we may be unable to write the
        pidfile if we don't. */
     if (background) {
-	printf("goto background\n");
 	/* Open the pidfile before forking - that way the parent can tell
 	   whether it succeeds */
 	if (pidfile) {
@@ -308,7 +319,6 @@ static void droppriv(void)
 	} else if (p==0) {
 	    /* Child process - all done, just carry on */
 	    if (pf) fclose(pf);
-	    printf("child\n");
 	} else {
 	    /* Error */
 	    fatal_perror("cannot fork");
@@ -345,6 +355,14 @@ int main(int argc, char **argv)
 
     enter_phase(PHASE_SETUP);
     setup(config);
+
+    if (just_check_config) {
+	Message(M_INFO,"configuration file check complete\n");
+	exit(0);
+    }
+
+    enter_phase(PHASE_GETRESOURCES);
+    /* Appropriate phase hooks will have been run */
     
     enter_phase(PHASE_DROPPRIV);
     droppriv();