/* Core interface of secnet, to be used by all modules */
+/*
+ * This file is part of secnet.
+ * See README for full list of copyright holders.
+ *
+ * secnet is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * secnet is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 3 along with secnet; if not, see
+ * https://www.gnu.org/licenses/gpl.html.
+ */
#ifndef secnet_h
#define secnet_h
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
+#include <limits.h>
+#include <fnmatch.h>
#include <sys/poll.h>
#include <sys/types.h>
#include <sys/wait.h>
/* from process.c */
extern void start_signal_handling(void);
+void afterfork(void);
+/* Must be called before exec in every child made after
+ start_signal_handling. Safe to call in earlier children too. */
+
+void childpersist_closefd_hook(void *fd_p, uint32_t newphase);
+/* Convenience hook function for use with add_hook PHASE_CHILDPERSIST.
+ With `int fd' in your state struct, pass fd_p=&fd. The hook checks
+ whether fd>=0, so you can use it for an fd which is only sometimes
+ open. This function will set fd to -1, so it is idempotent. */
+
/***** CONFIGURATION support *****/
extern bool_t just_check_config; /* If True then we're going to exit after
/* return value can safely be assigned to int32_t */
extern bool_t dict_read_bool(dict_t *dict, cstring_t key, bool_t required,
cstring_t desc, struct cloc loc, bool_t def);
+extern dict_t *dict_read_dict(dict_t *dict, cstring_t key, bool_t required,
+ cstring_t desc, struct cloc loc);
const char **dict_read_string_array(dict_t *dict, cstring_t key,
bool_t required, cstring_t desc,
struct cloc loc, const char *const *def);
extern void *safe_realloc_ary(void *p, size_t size, size_t count,
const char *message);
+#define NEW(p) \
+ ((p)=safe_malloc(sizeof(*(p)), \
+ __FILE__ ":" #p))
+#define NEW_ARY(p,count) \
+ ((p)=safe_malloc_ary(sizeof(*(p)),(count), \
+ __FILE__ ":" #p "[" #count "]"))
+#define REALLOC_ARY(p,count) \
+ ((p)=safe_realloc_ary((p),sizeof(*(p)),(count), \
+ __FILE__ ":" #p "[" #count "]"))
+
void setcloexec(int fd); /* cannot fail */
+void setnonblock(int fd); /* cannot fail */
void pipe_cloexec(int fd[2]); /* pipe(), setcloexec() twice; cannot fail */
extern int sys_cmd(const char *file, const char *argc, ...);
PHASE_DROPPRIV, /* Last chance for privileged operations */
PHASE_RUN,
PHASE_SHUTDOWN, /* About to die; delete key material, etc. */
+ PHASE_CHILDPERSIST, /* Forked long-term child: close fds, etc. */
/* Keep this last: */
NR_PHASES,
};
+/* Each module should, in its CHILDPERSIST hooks, close all fds which
+ constitute ownership of important operating system resources, or
+ which are used for IPC with other processes who want to get the
+ usual disconnection effects if the main secnet process dies.
+ CHILDPERSIST hooks are not run if the child is going to exec;
+ so fds such as described above should be CLOEXEC too. */
+
typedef void hook_fn(void *self, uint32_t newphase);
bool_t add_hook(uint32_t phase, hook_fn *f, void *state);
bool_t remove_hook(uint32_t phase, hook_fn *f, void *state);
extern uint32_t current_phase;
extern void enter_phase(uint32_t new_phase);
+void phase_hooks_init(void); /* for main() only */
+void clear_phase_hooks(uint32_t phase); /* for afterfork() */
+
/* Some features (like netlink 'soft' routes) require that secnet
retain root privileges. They should indicate that here when
appropriate. */
extern bool_t require_root_privileges;
extern cstring_t require_root_privileges_explanation;
+/* Some modules may want to know whether secnet is going to drop
+ privilege, so that they know whether to do privsep. Call only
+ in phases SETUP and later. */
+bool_t will_droppriv(void);
+
/***** END of program lifetime support *****/
/***** MODULE support *****/
extern init_module resolver_module;
extern init_module random_module;
extern init_module udp_module;
+extern init_module polypath_module;
extern init_module util_module;
extern init_module site_module;
extern init_module transform_eax_module;
/* RANDOMSRC interface */
-/* Return some random data. Returns TRUE for success. */
-typedef bool_t random_fn(void *st, int32_t bytes, uint8_t *buff);
+/* Return some random data. Cannot fail. */
+typedef void random_fn(void *st, int32_t bytes, uint8_t *buff);
struct random_if {
void *st;
int ix; /* see comment `Re comm_addr.ix' in udp.c */
};
+struct comm_clientinfo; /* private for comm */
+
+typedef struct comm_clientinfo *comm_clientinfo_fn(void *state, dict_t*,
+ struct cloc cloc);
+/* A comm client may call this during configuration, and then pass
+ * the resulting comm_clientinfo* to some or all sendmsg calls.
+ * The semantics depend on the dict and defined by the comm, and
+ * should be documented in README. */
+
/* Return True if the packet was processed, and shouldn't be passed to
any other potential receivers. (buf is freed iff True returned.) */
typedef bool_t comm_notify_fn(void *state, struct buffer_if *buf,
typedef void comm_release_notify_fn(void *commst, void *nst,
comm_notify_fn *fn);
typedef bool_t comm_sendmsg_fn(void *commst, struct buffer_if *buf,
- const struct comm_addr *dest);
+ const struct comm_addr *dest,
+ struct comm_clientinfo* /* 0 OK */);
/* Only returns false if (we know that) the local network
* environment is such that this address cannot work; transient
* or unknown/unexpected failures return true. */
/* Returned string is in a static buffer. */
struct comm_if {
void *st;
+ comm_clientinfo_fn *clientinfo;
comm_request_notify_fn *request_notify;
comm_release_notify_fn *release_notify;
comm_sendmsg_fn *sendmsg;
comm_addr_to_string_fn *addr_to_string;
};
-bool_t iaddr_equal(const union iaddr *ia, const union iaddr *ib);
+bool_t iaddr_equal(const union iaddr *ia, const union iaddr *ib,
+ bool_t ignoreport);
static inline const char *comm_addr_to_string(const struct comm_addr *ca)
{
static inline bool_t comm_addr_equal(const struct comm_addr *a,
const struct comm_addr *b)
{
- return a->comm==b->comm && iaddr_equal(&a->ia,&b->ia);
+ return a->comm==b->comm && iaddr_equal(&a->ia,&b->ia,False);
}
/* LOG interface */
typedef bool_t transform_valid_fn(void *st); /* 0: no key; 1: ok */
typedef void transform_delkey_fn(void *st);
typedef void transform_destroyinstance_fn(void *st);
-/* Returns:
- * 0: all is well
- * 1: for any other problem
- * 2: message decrypted but sequence number was out of range
- */
-typedef uint32_t transform_apply_fn(void *st, struct buffer_if *buf,
- const char **errmsg);
+
+typedef enum {
+ transform_apply_ok = 0, /* all is well (everyone may assume==0) */
+ transform_apply_err = 1, /* any other problem */
+ transform_apply_seqrange = 2,
+ /* message decrypted but sequence number was out of recent range */
+ transform_apply_seqdupe = 3,
+ /* message decrypted but was dupe of recent packet */
+} transform_apply_return;
+
+static inline bool_t
+transform_apply_return_badseq(transform_apply_return problem) {
+ return problem == transform_apply_seqrange ||
+ problem == transform_apply_seqdupe;
+}
+
+typedef transform_apply_return transform_apply_fn(void *st,
+ struct buffer_if *buf, const char **errmsg);
struct transform_inst_if {
void *st;