diff options
| -rw-r--r-- | src/openvpn/init.c | 32 | ||||
| -rw-r--r-- | src/openvpn/init.h | 2 | ||||
| -rw-r--r-- | src/openvpn/openvpn.c | 4 | ||||
| -rw-r--r-- | src/openvpn/pkcs11.c | 5 | ||||
| -rw-r--r-- | src/openvpn/pkcs11.h | 3 |
5 files changed, 17 insertions, 29 deletions
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index d093f46..3daf5a4 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -922,23 +922,20 @@ do_persist_tuntap (const struct options *options) * Should we become a daemon? * Return true if we did it. */ -static bool +bool possibly_become_daemon (const struct options *options) { bool ret = false; if (options->daemon) { ASSERT (!options->inetd); - if (daemon (options->cd_dir != NULL, options->log) < 0) + /* Don't chdir immediately, but the end of the init sequence, if needed */ + if (daemon (1, options->log) < 0) msg (M_ERR, "daemon() failed or unsupported"); restore_signal_state (); if (options->log) set_std_files_to_null (true); -#if defined(ENABLE_PKCS11) - pkcs11_forkFixup (); -#endif - ret = true; } return ret; @@ -1824,15 +1821,11 @@ do_deferred_options (struct context *c, const unsigned int found) * Possible hold on initialization */ static bool -do_hold (struct context *c) +do_hold (void) { #ifdef ENABLE_MANAGEMENT if (management) { - /* if c is defined, daemonize before hold */ - if (c && c->options.daemon && management_should_daemonize (management)) - do_init_first_time (c); - /* block until management hold is released */ if (management_hold (management)) return true; @@ -1882,7 +1875,7 @@ socket_restart_pause (struct context *c) c->persist.restart_sleep_seconds = 0; /* do managment hold on context restart, i.e. second, third, fourth, etc. initialization */ - if (do_hold (NULL)) + if (do_hold ()) sec = 0; if (sec) @@ -1901,7 +1894,7 @@ do_startup_pause (struct context *c) if (!c->first_time) socket_restart_pause (c); else - do_hold (NULL); /* do management hold on first context initialization */ + do_hold (); /* do management hold on first context initialization */ } /* @@ -2759,7 +2752,7 @@ do_compute_occ_strings (struct context *c) static void do_init_first_time (struct context *c) { - if (c->first_time && !c->did_we_daemonize && !c->c0) + if (c->first_time && !c->c0) { struct context_0 *c0; @@ -2774,12 +2767,9 @@ do_init_first_time (struct context *c) /* get --writepid file descriptor */ get_pid_file (c->options.writepid, &c0->pid_state); - /* become a daemon if --daemon */ - c->did_we_daemonize = possibly_become_daemon (&c->options); - - /* should we disable paging? */ - if (c->options.mlock && c->did_we_daemonize) - platform_mlockall (true); /* call again in case we daemonized */ + /* perform postponed chdir if --daemon */ + if (c->did_we_daemonize && c->options.cd_dir == NULL) + platform_chdir("/"); /* save process ID in a file */ write_pid (&c0->pid_state); @@ -3237,7 +3227,7 @@ open_management (struct context *c) } /* initial management hold, called early, before first context initialization */ - do_hold (c); + do_hold (); if (IS_SIG (c)) { msg (M_WARN, "Signal received from management interface, exiting"); diff --git a/src/openvpn/init.h b/src/openvpn/init.h index 5a1d1dc..d1908ed 100644 --- a/src/openvpn/init.h +++ b/src/openvpn/init.h @@ -55,6 +55,8 @@ bool do_genkey (const struct options *options); bool do_persist_tuntap (const struct options *options); +bool possibly_become_daemon (const struct options *options); + void pre_setup (const struct options *options); void init_instance_handle_signals (struct context *c, const struct env_set *env, const unsigned int flags); diff --git a/src/openvpn/openvpn.c b/src/openvpn/openvpn.c index fd87fc1..2f327f3 100644 --- a/src/openvpn/openvpn.c +++ b/src/openvpn/openvpn.c @@ -229,6 +229,10 @@ openvpn_main (int argc, char *argv[]) if (do_test_crypto (&c.options)) break; + /* become a daemon if --daemon */ + if (c.first_time) + c.did_we_daemonize = possibly_become_daemon (&c.options); + #ifdef ENABLE_MANAGEMENT /* open management subsystem */ if (!open_management (&c)) diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index 3a15ef6..a1f13c5 100644 --- a/src/openvpn/pkcs11.c +++ b/src/openvpn/pkcs11.c @@ -336,11 +336,6 @@ pkcs11_terminate () { ); } -void -pkcs11_forkFixup () { - pkcs11h_forkFixup (); -} - bool pkcs11_addProvider ( const char * const provider, diff --git a/src/openvpn/pkcs11.h b/src/openvpn/pkcs11.h index 4261871..b49401c 100644 --- a/src/openvpn/pkcs11.h +++ b/src/openvpn/pkcs11.h @@ -38,9 +38,6 @@ pkcs11_initialize ( void pkcs11_terminate (); -void -pkcs11_forkFixup (); - bool pkcs11_addProvider ( const char * const provider, |