diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2010-11-26 22:05:28 +0100 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2010-11-26 22:05:28 +0100 |
commit | 525d75316848f79208101e48a54e21396464c98b (patch) | |
tree | 9475b2a3821d317a55ad118903839fed163e10d7 /plugin | |
parent | 5581ba10af35b94e750596312a9782255084aaeb (diff) | |
download | eurephia-525d75316848f79208101e48a54e21396464c98b.tar.gz eurephia-525d75316848f79208101e48a54e21396464c98b.tar.xz eurephia-525d75316848f79208101e48a54e21396464c98b.zip |
Move daemonize() code to be called in the firewall child thread only
The eurephia plug-in would daemonize the OpenVPN process by calling
daemonize() too early. This patch renames daemoinze() to efw_daemonize()
and calls it only in the firewall child process.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat (limited to 'plugin')
-rw-r--r-- | plugin/eurephia-auth.c | 31 | ||||
-rw-r--r-- | plugin/eurephia.c | 9 | ||||
-rw-r--r-- | plugin/eurephia.h | 2 | ||||
-rw-r--r-- | plugin/firewall/eurephiafw.c | 28 | ||||
-rw-r--r-- | plugin/firewall/eurephiafw.h | 2 |
5 files changed, 37 insertions, 35 deletions
diff --git a/plugin/eurephia-auth.c b/plugin/eurephia-auth.c index 3e9ff6d..03bf674 100644 --- a/plugin/eurephia-auth.c +++ b/plugin/eurephia-auth.c @@ -102,33 +102,6 @@ static void dump_env(FILE *f, const char *prefix, const char *envp[]) { #endif // ENABLE_DEBUG -/** - * daemonize if "daemon" environment variable is set. - * preserves stderr access after being daemonized, but - * only if "daemon_log_direct" environment variable is set. - * - * @param envp openvpn environmental table - */ -static void daemonize(const char *envp[]) -{ - char *daemon_string = GETENV_DAEMON(envp); - if( daemon_string && daemon_string[0] == '1' ) { - char *log_redirect = GETENV_DAEMONLOGREDIR(envp); - int fd = -1; - if( log_redirect && log_redirect[0] == '1' ) { - fd = dup (2); - } - if( daemon(0, 0) < 0 ) { - fprintf(stderr, "eurephia-auth: daemonization failed\n"); - } else if( fd >= 3 ) { - dup2(fd, 2); - close(fd); - } - free_nullsafe(NULL, log_redirect); - } - free_nullsafe(NULL, daemon_string); -} - /** * Prepares a eurephiaCTX (context) for the openvpn process and tells openvpn which hooks eurephia @@ -158,9 +131,7 @@ OPENVPN_EXPORT openvpn_plugin_handle_t openvpn_plugin_open_v1(unsigned int *type | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_LEARN_ADDRESS); // Setup a eurephia context - context = eurephiaInit(argv); - // Daemonize if requested - daemonize(envp); + context = eurephiaInit(argv, envp); return (openvpn_plugin_handle_t) context; } diff --git a/plugin/eurephia.c b/plugin/eurephia.c index 2d0556f..8587e93 100644 --- a/plugin/eurephia.c +++ b/plugin/eurephia.c @@ -63,7 +63,7 @@ * * @return returns a pointer to a eurephiaCTX context. On failure NULL is returned. */ -eurephiaCTX *eurephiaInit(const char **argv) +eurephiaCTX *eurephiaInit(const char const **argv, const char const **envp) { static struct option eurephia_opts[] = { {"log-destination", required_argument, 0, 'l'}, @@ -187,8 +187,13 @@ eurephiaCTX *eurephiaInit(const char **argv) fwintf = eGet_value(ctx->dbc->config, "firewall_interface"); if( fwintf != NULL ) { if( eFW_load(ctx, fwintf) ) { + const char *daemon_s = GETENV_DAEMON(envp); + const char *logredir_s = GETENV_DAEMONLOGREDIR(envp); + eurephia_log(ctx, LOG_INFO, 0, "Loaded firewall interface: %s", fwintf); - eFW_StartFirewall(ctx); + eFW_StartFirewall(ctx, + (daemon_s && (daemon_s[0] == '1')), + (logredir_s && logredir_s[0] == '1')); } else { eurephia_log(ctx, LOG_FATAL, 0, "Loading of firewall interface failed (%s)", fwintf); ctx->eurephia_fw_intf = NULL; diff --git a/plugin/eurephia.h b/plugin/eurephia.h index 6946d49..1b1416f 100644 --- a/plugin/eurephia.h +++ b/plugin/eurephia.h @@ -36,7 +36,7 @@ char *get_env(eurephiaCTX *ctx, int logmasking, size_t len, const char *envp[], const char *fmt, ... ); -eurephiaCTX *eurephiaInit(const char **argv); +eurephiaCTX *eurephiaInit(const char const **argv, const char const **envp); int eurephiaShutdown(eurephiaCTX *ctx); int eurephia_tlsverify(eurephiaCTX *ctx, const char **argv, const char *depth); diff --git a/plugin/firewall/eurephiafw.c b/plugin/firewall/eurephiafw.c index 12fb697..9ae126e 100644 --- a/plugin/firewall/eurephiafw.c +++ b/plugin/firewall/eurephiafw.c @@ -130,12 +130,35 @@ int eFW_load(eurephiaCTX *ctx, const char *intf) { /** + * daemonize the firewall thread if "daemon" environment variable is set. + * preserves stderr access after being daemonized, but + * only if "daemon_log_direct" environment variable is set. + * + * @param ctx eurephiaCTX - Used for error logging only + * @param logdir Set to 1 if logging should be redirected + */ +static void efw_daemonize(eurephiaCTX *ctx, const int logredir) +{ + int fd = -1; + if( logredir ) { + fd = dup (2); + } + if( daemon(0, 0) < 0 ) { + eurephia_log(ctx, LOG_WARNING, 0, "efw_daemonize() failed"); + } else if( fd >= 3 ) { + dup2(fd, 2); + close(fd); + } +} + + +/** * Starts the firewall thread. It is started as a separate process, to make sure it will run with * root privileges. * * @param ctx eurephiaCTX */ -void eFW_StartFirewall(eurephiaCTX *ctx) { +void eFW_StartFirewall(eurephiaCTX *ctx, const int daemon, const int logredir) { struct mq_attr mqattr; eurephiaCTX *shadowctx = NULL; eFWupdateRequest updreq; @@ -220,6 +243,9 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { } switch( ctx->fwcfg->fwproc_pid ) { case 0: // Child process + if( daemon ) { + efw_daemonize(ctx, logredir); + } eDBdisconnect(ctx); eFW_RunFirewall(&(*ctx->fwcfg).thrdata); exit(-1); // If our child process exits abnormally. diff --git a/plugin/firewall/eurephiafw.h b/plugin/firewall/eurephiafw.h index 7703fe5..72dc9bd 100644 --- a/plugin/firewall/eurephiafw.h +++ b/plugin/firewall/eurephiafw.h @@ -35,7 +35,7 @@ int eFW_load(eurephiaCTX *ctx, const char *intf); int eFW_unload(eurephiaCTX *ctx); -void eFW_StartFirewall(eurephiaCTX *ctx); +void eFW_StartFirewall(eurephiaCTX *ctx, const int daemon, const int logredir); void eFW_StopFirewall(eurephiaCTX *ctx); int eFW_UpdateFirewall(eurephiaCTX *ctx, eFWupdateRequest *request); |