+/*
+ * This file is part of secnet.
+ * See README for full list of copyright holders.
+ *
+ * secnet is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * secnet is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 3 along with secnet; if not, see
+ * https://www.gnu.org/licenses/gpl.html.
+ */
+
#include "secnet.h"
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <getopt.h>
#include <errno.h>
+#include <time.h>
#include <unistd.h>
#include <sys/socket.h>
#include <arpa/inet.h>
bool_t require_root_privileges=False;
cstring_t require_root_privileges_explanation=NULL;
+const char *const closure_type_names[] = {
+ [ CL_PURE ] = "PURE" ,
+ [ CL_RESOLVER ] = "RESOLVER" ,
+ [ CL_RANDOMSRC ] = "RANDOMSRC" ,
+ [ CL_SIGPUBKEY ] = "SIGPUBKEY" ,
+ [ CL_SIGPRIVKEY ] = "SIGPRIVKEY" ,
+ [ CL_COMM ] = "COMM" ,
+ [ CL_IPIF ] = "IPIF" ,
+ [ CL_LOG ] = "LOG" ,
+ [ CL_SITE ] = "SITE" ,
+ [ CL_TRANSFORM ] = "TRANSFORM" ,
+ [ CL_DH ] = "DH" ,
+ [ CL_HASH ] = "HASH" ,
+ [ CL_BUFFER ] = "BUFFER" ,
+ [ CL_NETLINK ] = "NETLINK" ,
+ [ CL_PRIVCACHE ] = "PRIVCACHE" ,
+};
+
+const char *closure_type_name(uint32_t ty, char buf[]) {
+ if (ty < ARRAY_SIZE(closure_type_names))
+ return closure_type_names[ty];
+ sprintf(buf, "CL#%.6u", (unsigned)ty);
+ buf[9] = 0;
+ return buf;
+}
+
static pid_t secnet_pid;
/* Structures dealing with poll() call */
struct poll_interest {
- beforepoll_fn *before;
+ beforepoll_fn *before; /* 0 if deregistered and waiting to be deleted */
afterpoll_fn *after;
void *state;
- int32_t max_nfds;
int32_t nfds;
cstring_t desc;
LIST_ENTRY(poll_interest) entry;
};
static LIST_HEAD(, poll_interest) reg = LIST_HEAD_INITIALIZER(®);
+static bool_t interest_isregistered(const struct poll_interest *i)
+{
+ return !!i->before;
+}
+
static bool_t finished=False;
/* Parse the command line options */
exit(0);
break;
+ case 'd':
+ message_level|=M_DEBUG_CONFIG|M_DEBUG_PHASE|M_DEBUG;
+ /* fall through */
case 'v':
message_level|=M_INFO|M_NOTICE|M_WARNING|M_ERR|M_SECURITY|
M_FATAL;
message_level&=(~M_WARNING);
break;
- case 'd':
- message_level|=M_DEBUG_CONFIG|M_DEBUG_PHASE|M_DEBUG;
- break;
-
case 'f':
message_level=M_FATAL;
break;
static void setup(dict_t *config)
{
list_t *l;
- item_t *site;
dict_t *system;
struct passwd *pw;
struct cloc loc;
- int i;
l=dict_lookup(config,"system");
"that secnet retain root privileges while running.",
require_root_privileges_explanation);
}
+}
+
+static void start_sites(dict_t *config) {
+ int i;
+ list_t *l;
+ item_t *site;
/* Go along site list, starting sites */
l=dict_lookup(config,sites_key);
cfgfatal(site->loc,"system","non-site closure in site list");
}
s=site->data.closure->interface;
- s->control(s->st,True);
+ s->startup(s->st);
}
}
}
-void register_for_poll(void *st, beforepoll_fn *before,
- afterpoll_fn *after, int32_t max_nfds, cstring_t desc)
+struct poll_interest *register_for_poll(void *st, beforepoll_fn *before,
+ afterpoll_fn *after, cstring_t desc)
{
struct poll_interest *i;
- i=safe_malloc(sizeof(*i),"register_for_poll");
+ NEW(i);
i->before=before;
i->after=after;
i->state=st;
- i->max_nfds=max_nfds;
i->nfds=0;
i->desc=desc;
LIST_INSERT_HEAD(®, i, entry);
- return;
+ return i;
+}
+
+void deregister_for_poll(struct poll_interest *i)
+{
+ /* We cannot simply throw this away because we're reentrantly
+ * inside the main loop, which needs to remember which range of
+ * fds corresponds to this now-obsolete interest */
+ i->before=0;
}
static void system_phase_hook(void *sst, uint32_t newphase)
static void run(void)
{
- struct poll_interest *i;
- int rv, nfds, remain, idx;
+ struct poll_interest *i, *itmp;
+ int rv, nfds, idx;
int timeout;
struct pollfd *fds=0;
int allocdfds=0, shortfall=0;
- Message(M_NOTICE,"%s [%d]: starting\n",version,secnet_pid);
-
do {
+#if USE_MONOTONIC
+ struct timespec ts;
+ if (clock_gettime(CLOCK_MONOTONIC, &ts)!=0) {
+ fatal_perror("main loop: clock_gettime(CLOCK_MONOTONIC,)");
+ }
+ tv_now_global.tv_sec = ts.tv_sec;
+ tv_now_global.tv_usec = ts.tv_nsec / 1000;
+#else /* !USE_MONOTONIC */
if (gettimeofday(&tv_now_global, NULL)!=0) {
fatal_perror("main loop: gettimeofday");
}
+#endif /* !USE_MONOTONIC */
now_global=((uint64_t)tv_now_global.tv_sec*(uint64_t)1000)+
((uint64_t)tv_now_global.tv_usec/(uint64_t)1000);
idx=0;
LIST_FOREACH(i, ®, entry) {
int check;
- for (check=0; check<i->nfds; check++) {
- if(fds[idx+check].revents & POLLNVAL) {
- fatal("run: poll (%s#%d) set POLLNVAL", i->desc, check);
+ if (interest_isregistered(i)) {
+ for (check=0; check<i->nfds; check++) {
+ if(fds[idx+check].revents & POLLNVAL) {
+ fatal("run: poll (%s#%d) set POLLNVAL", i->desc, check);
+ }
}
+ i->after(i->state, fds+idx, i->nfds);
}
- i->after(i->state, fds+idx, i->nfds);
idx+=i->nfds;
}
if (shortfall) {
allocdfds *= 2;
allocdfds += shortfall;
- fds=safe_realloc_ary(fds,sizeof(*fds),allocdfds, "run");
+ REALLOC_ARY(fds,allocdfds);
}
- remain=allocdfds;
shortfall=0;
idx=0;
timeout=-1;
- LIST_FOREACH(i, ®, entry) {
+ LIST_FOREACH_SAFE(i, ®, entry, itmp) {
+ int remain=allocdfds-idx;
nfds=remain;
- rv=i->before(i->state, fds+idx, &nfds, &timeout);
- if (rv!=0) {
- if (rv!=ERANGE)
- fatal("run: beforepoll_fn (%s) returns %d",i->desc,rv);
- assert(nfds < INT_MAX/4 - shortfall);
- shortfall += nfds-remain;
+ if (interest_isregistered(i)) {
+ rv=i->before(i->state, fds+idx, &nfds, &timeout);
+ if (rv!=0) {
+ if (rv!=ERANGE)
+ fatal("run: beforepoll_fn (%s) returns %d",i->desc,rv);
+ assert(nfds < INT_MAX/4 - shortfall);
+ shortfall += nfds-remain;
+ nfds=0;
+ timeout=0;
+ }
+ } else {
nfds=0;
- timeout=0;
}
if (timeout<-1) {
fatal("run: beforepoll_fn (%s) set timeout to %d",
i->desc,timeout);
}
+ if (!interest_isregistered(i)) {
+ /* check this here, rather than earlier, so that we
+ handle the case where i->before() calls deregister */
+ LIST_REMOVE(i, entry);
+ free(i);
+ continue;
+ }
idx+=nfds;
- remain-=nfds;
i->nfds=nfds;
}
do {
free(fds);
}
+bool_t will_droppriv(void)
+{
+ assert(current_phase >= PHASE_SETUP);
+ return !!uid;
+}
+
/* Surrender privileges, if necessary */
static void droppriv(void)
{
{
dict_t *config;
+ log_early_init();
+ phase_hooks_init();
+
enter_phase(PHASE_GETOPTS);
parse_options(argc,argv);
+ log_early_setlevel();
enter_phase(PHASE_READCONFIG);
config=read_conffile(configfile);
enter_phase(PHASE_SETUP);
setup(config);
+ start_sites(config);
if (just_check_config) {
Message(M_INFO,"configuration file check complete\n");
enter_phase(PHASE_DAEMONIZE);
become_daemon();
+ Message(M_NOTICE,"%s [%d]: starting\n",version,secnet_pid);
enter_phase(PHASE_GETRESOURCES);
/* Appropriate phase hooks will have been run */
~ianmdlvl / secnet.git / blobdiff