X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/53a941d3f97a50964587c6e9533b1e43e74a57a8..eb5f3fea8a65306e424a353951208b11bd3aac22:/server/tun-unet.c

diff --git a/server/tun-unet.c b/server/tun-unet.c
index 5ebcc790..88ce83d0 100644
--- a/server/tun-unet.c
+++ b/server/tun-unet.c
@@ -88,48 +88,65 @@ static void t_read(int fd, unsigned mode, void *v)
 
 static void t_init(void) { return; }
 
-/* --- @t_create@ --- *
+/* --- @t_open@ --- *
  *
- * Arguments:	@tunnel *t@ = pointer to tunnel block
- *		@peer *p@ = pointer to peer block
- *		@char *ifn@ = where to put the interface name
+ * Arguments:	@char **ifn@ = where to put the interface name
  *
- * Returns:	A tunnel block if it worked, or null on failure.
+ * Returns:	A file descriptor, or @-1@ on failure.
  *
- * Use:		Initializes a new tunnel.
+ * Use:		Opens a tunnel device.  This will run with root privileges
+ *		even if the rest of the server has dropped them.
  */
 
-static tunnel *t_create(peer *p, char **ifn)
+static int t_open(char **ifn)
 {
   int fd;
-  tunnel *t;
   int f;
   struct unet_info uni;
 
   if ((fd = open("/dev/unet", O_RDWR)) < 0) {
     a_warn("TUN", "-", "unet", "open-error", "/dev/unet", "?ERRNO", A_END);
-    return (0);
+    goto fail_0;
   }
-  fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
   if ((f = ioctl(fd, UNIOCGIFFLAGS)) < 0 ||
       ioctl(fd, UNIOCSIFFLAGS, f | IFF_POINTOPOINT)) {
     a_warn("TUN", "-", "unet", "config-error", "?ERRNO", A_END);
-    close(fd);
-    return (0);
+    goto fail_1;
+  }
+  if (ioctl(t->f.fd, UNIOCGINFO, &uni)) {
+    a_warn("TUN", "-", "unet", "getinfo-error", "?ERRNO", A_END);
+    goto fail_1;
   }
+  *ifn = xstrdup(uni.uni_ifname);
+  return (fd);
+
+fail_1:
+  close(fd);
+fail_0:
+  return (-1);
+}
+
+/* --- @t_create@ --- *
+ *
+ * Arguments:	@peer *p@ = pointer to peer block
+ *		@int fd@ = file descriptor of tunnel device
+ *		@char **ifn@ = where to put the interface name
+ *
+ * Returns:	A tunnel block if it worked, or null on failure.
+ *
+ * Use:		Initializes a new tunnel.
+ */
+
+static tunnel *t_create(peer *p, int fd, char **ifn)
+{
+  tunnel *t;
+
+  fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
   t = CREATE(tunnel);
   t->ops = &tun_unet;
   t->p = p;
   sel_initfile(&sel, &t->f, fd, SEL_READ, t_read, t);
   sel_addfile(&t->f);
-
-  if (ioctl(t->f.fd, UNIOCGINFO, &uni)) {
-    a_warn("TUN", "-", "unet", "getinfo-error", "?ERRNO", A_END);
-    return (0);
-  }
-  *ifn = xstrdup(uni.uni_ifname);
-  T( trace(T_TUNNEL, "tun-unet: attached interface %s to peer `%s'",
-	   *ifn, p_name(p)); )
   return (t);
 }
 
@@ -162,15 +179,12 @@ static void t_inject(tunnel *t, buf *b)
  */
 
 static void t_destroy(tunnel *t)
-{
-  sel_rmfile(&t->f);
-  close(t->f.fd);
-  DESTROY(t);
-}
+  { sel_rmfile(&t->f); close(t->f.fd); DESTROY(t); }
 
 const tunnel_ops tun_unet = {
   "unet",
   t_init,
+  t_open,
   t_create,
   0,
   t_inject,