From 4e8451b913cca9c1633cc951fe5ef89194480dee Mon Sep 17 00:00:00 2001 From: garden Date: Thu, 21 Dec 2006 15:52:39 +0000 Subject: [PATCH] VDE 2.1.6, 2006-12-21 * Creation of changelog * vde_switch and slirpvde didn't detach from terminal when in daemon mode (thanks: Piotr Roszatycki) * Patch for group-level privileges; -m option added to vdeq and vdetap (thanks: Piotr Roszatycki) * Added #ifdefs for some signals, for better portability (thanks: Piotr Roszatycki) * Fixed LD_PRELOAD examples in vdetaplib help and man page (thanks: Piotr Roszatycki) * Typos in vde_switch man page * Typos in wirefilter man page (thanks: Helmut Grohne) * Missing cleanups in vdeq (thanks: Piotr Roszatycki) * Various fixes in vde_cryptcab source code; added callback to prevent direct calling of vde_cryptcab.c functions from within blowfish.c; added prototypes for some functions (thanks: Dann Frazier) * libvdetap should not use system calls but the next function in the dynamic library symbol list (thanks: Piotr Roszatycki) git-svn-id: https://vde.svn.sourceforge.net/svnroot/vde/trunk@126 d37a7db1-d92d-0410-89df-f68f52f87b57 --- vde-2/Changelog | 18 ++++++ vde-2/VERSION | 2 +- vde-2/configure.ac | 2 +- vde-2/consmgmt.c | 2 +- vde-2/datasock.c | 5 +- vde-2/doc/Makefile.am | 11 +++- vde-2/doc/vde_switch.1 | 3 +- vde-2/doc/vdeq.1 | 9 +++ vde-2/doc/{vdetaplib.1 => vdetaplib.1.in} | 9 +-- vde-2/doc/wirefilter.1 | 66 +++++---------------- vde-2/libvdeplug/libvdeplug.c | 6 +- vde-2/qemu/vdeq.c | 25 +++++++- vde-2/slirpvde/slirpvde.c | 11 +++- vde-2/vde_cryptcab/blowfish.c | 95 ++++++++++++++++--------------- vde-2/vde_cryptcab/blowfish.h | 23 +++++++- vde-2/vde_cryptcab/vde_cryptcab.c | 27 +++++---- vde-2/vde_plug/vde_plug.c | 4 ++ vde-2/vde_plug2tap/vde_plug2tap.c | 6 +- vde-2/vde_switch.c | 4 ++ vde-2/vdetaplib/libvdetap.c | 36 +++++++----- vde-2/vdetaplib/vdetap.c | 7 ++- vde-2/wirefilter/wirefilter.c | 4 ++ 22 files changed, 230 insertions(+), 145 deletions(-) create mode 100644 vde-2/Changelog rename vde-2/doc/{vdetaplib.1 => vdetaplib.1.in} (88%) diff --git a/vde-2/Changelog b/vde-2/Changelog new file mode 100644 index 0000000..02d8014 --- /dev/null +++ b/vde-2/Changelog @@ -0,0 +1,18 @@ +VDE 2.1.6, 2006-12-21 + * Creation of changelog + * vde_switch and slirpvde didn't detach from terminal when in daemon mode + (thanks: Piotr Roszatycki) + * Patch for group-level privileges; -m option added to vdeq and vdetap + (thanks: Piotr Roszatycki) + * Added #ifdefs for some signals, for better portability (thanks: Piotr + Roszatycki) + * Fixed LD_PRELOAD examples in vdetaplib help and man page (thanks: + Piotr Roszatycki) + * Typos in vde_switch man page + * Typos in wirefilter man page (thanks: Helmut Grohne) + * Missing cleanups in vdeq (thanks: Piotr Roszatycki) + * Various fixes in vde_cryptcab source code; added callback to prevent + direct calling of vde_cryptcab.c functions from within blowfish.c; + added prototypes for some functions (thanks: Dann Frazier) + * libvdetap should not use system calls but the next function in the + dynamic library symbol list (thanks: Piotr Roszatycki) diff --git a/vde-2/VERSION b/vde-2/VERSION index 7bd7c99..608c193 100644 --- a/vde-2/VERSION +++ b/vde-2/VERSION @@ -1 +1 @@ -VDE version 2.1.5 +VDE version 2.1.6 diff --git a/vde-2/configure.ac b/vde-2/configure.ac index 3314781..35582c0 100644 --- a/vde-2/configure.ac +++ b/vde-2/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT(vde2, [2.1.5], renzo@cs.unibo.it) +AC_INIT(vde2, [2.1.6], renzo@cs.unibo.it) AM_INIT_AUTOMAKE([foreign]) AC_CONFIG_SRCDIR([vde.h]) AC_CONFIG_HEADER([config.h]) diff --git a/vde-2/consmgmt.c b/vde-2/consmgmt.c index ff2a946..8b451bd 100644 --- a/vde-2/consmgmt.c +++ b/vde-2/consmgmt.c @@ -349,7 +349,7 @@ static void init(void) exit(1); } strcat(pidfile_path, "/"); - if (daemonize && daemon(0, 1)) { + if (daemonize && daemon(0, 0)) { printlog(LOG_ERR,"daemon: %s",strerror(errno)); exit(1); } diff --git a/vde-2/datasock.c b/vde-2/datasock.c index a70a0f8..4fefe3e 100644 --- a/vde-2/datasock.c +++ b/vde-2/datasock.c @@ -394,11 +394,12 @@ static void init(void) printlog(LOG_ERR,"Setting O_NONBLOCK on connection fd: %s",strerror(errno)); return; } - if (mkdir(ctl_socket, (mode & 0700 ? 0700 : 0) | - (mode & 0070 ? 0050 : 0) | (mode & 0007 ? 0005 : 0)) < 0) { + if (mkdir(ctl_socket, 0777) < 0) { printlog(LOG_ERR,"creating vde ctl dir: %s",strerror(errno)); return; } + chmod(ctl_socket, 02000 | (mode & 0700 ? 0700 : 0) | + (mode & 0070 ? 0070 : 0) | (mode & 0007 ? 0005 : 0)); sun.sun_family = AF_UNIX; snprintf(sun.sun_path,sizeof(sun.sun_path),"%s/ctl",ctl_socket); if(bind(connect_fd, (struct sockaddr *) &sun, sizeof(sun)) < 0){ diff --git a/vde-2/doc/Makefile.am b/vde-2/doc/Makefile.am index b61225e..26c16ed 100644 --- a/vde-2/doc/Makefile.am +++ b/vde-2/doc/Makefile.am @@ -1,5 +1,9 @@ -man_MANS = dpipe.1 slirpvde.1 unixterm.1 vde_plug.1 vdeq.1 vde_switch.1 vdetaplib.1 wirefilter.1 vde_cryptcab.1 vde_plug2tap.1 -EXTRA_DIST = $(man_MANS) +static_mans = dpipe.1 slirpvde.1 unixterm.1 vde_plug.1 vdeq.1 vde_switch.1 wirefilter.1 vde_cryptcab.1 vde_plug2tap.1 +EXTRA_DIST = $(static_mans) vdetaplib.1.in +man_MANS = $(static_mans) vdetaplib.1 + +vdetaplib.1: vdetaplib.1.in + sed 's/%LIBEXECDIR%/$(subst /,\/,$(libexecdir))/g' $< > $@ install-data-hook: rm -f $(DESTDIR)$(mandir)/man1/vdeqemu.1 @@ -7,3 +11,6 @@ install-data-hook: uninstall-local: rm -f $(DESTDIR)$(mandir)/man1/vdeqemu.1 + +clean: + rm -f vdetaplib.1 diff --git a/vde-2/doc/vde_switch.1 b/vde-2/doc/vde_switch.1 index 47f4497..2d89749 100644 --- a/vde-2/doc/vde_switch.1 +++ b/vde-2/doc/vde_switch.1 @@ -67,8 +67,7 @@ specify the directory when comm socket are created. The default value is "/tmp/vde.ctl" .TP .B \-mod "\fIoctalmode\fP" -specify the directory when comm socket are created. -The default value is "/tmp/vde.ctl" +specify the octal permissions for the comm sockets. .TP .B \-group "\fINAME\fP" specify the group owner for the comm socket. diff --git a/vde-2/doc/vdeq.1 b/vde-2/doc/vdeq.1 index f78cb3c..0922d1c 100644 --- a/vde-2/doc/vdeq.1 +++ b/vde-2/doc/vdeq.1 @@ -18,6 +18,10 @@ vdeq \- Virtual Distributed Ethernet wrapper for QEMU virtual machines .B vdeq .B qemu [ +.B \-m +.I octalmode +] +[ .B \-sock .I socketpath [ @@ -109,6 +113,11 @@ to the switch with local socket "/tmp/my.ctl". .SH OPTIONS .TP +.B -m, --mod +.I octalmode, +specify the mode for comm socket. +.br +.TP .B \-sock .I socketpath, specify the UNIX socket to be used by local programs for joining the VDE. diff --git a/vde-2/doc/vdetaplib.1 b/vde-2/doc/vdetaplib.1.in similarity index 88% rename from vde-2/doc/vdetaplib.1 rename to vde-2/doc/vdetaplib.1.in index 4095c1d..322b603 100644 --- a/vde-2/doc/vdetaplib.1 +++ b/vde-2/doc/vdetaplib.1.in @@ -8,20 +8,21 @@ No synopsis .SH DESCRIPTION \fBvdetaplib\fP is a library that emulates tap (tuntap level2 interface, see -in kernel sources ./Documentation/networking/tun.c) and connects +in kernel sources Documentation/networking/tun.c) and connects tap virtual interfaces to vde networks. -To use it, the libvdetab.so library must be preloaded (sh,ksh or bash syntax): +To use it, the libvdetab.so library must be preloaded +(sh, ksh or bash syntax): .RS .br .B -export LD_PRELOAD=/usr/local/lib/libvdetap.so +export LD_PRELOAD=%LIBEXECDIR%/libvdetap.so .RE (csh, tchs syntax): .RS .br .B -setenv LD_PRELOAD /usr/local/lib/libvdetap.so +setenv LD_PRELOAD %LIBEXECDIR%/libvdetap.so .RE If you want to divert all tap requests to a single vde_switch set the diff --git a/vde-2/doc/wirefilter.1 b/vde-2/doc/wirefilter.1 index b8a6c56..f3ccafe 100644 --- a/vde-2/doc/wirefilter.1 +++ b/vde-2/doc/wirefilter.1 @@ -3,71 +3,33 @@ wirefilter \- Wire packet filter for Virtual Distributed Ethernet .SH SYNOPSIS .B wirefilter -OPTIONS - -[ -.B \-l -.I loss -] - -[ -.B \-d -.I delay -] - -[ -.B \-D -.I dup -] - -[ -.B \-b -.I bandwidth -] - -[ -.B \-s -.I interface_speed -] - -[ -.B \-c -.I channel_capacity -] - -[ -.B \-n -.I noise_factor -] - -[ -.B \-m -.I mtu_size -] - -[ -.B \-M -.I mgmt socket -] - -[-N] +[\fB\-l\fI loss\fR] +[\fB\-d\fI delay\fR] +[\fB\-D\fI dup\fR] +[\fB\-b\fI bandwidth\fR] +[\fB\-s\fI interface_speed\fR] +[\fB\-c\fI channel_capacity\fR] +[\fB\-n\fI noise_factor\fR] +[\fB\-m\fI mtu_size\fR] +[\fB\-M\fI mgmt socket\fR] +[\fB-N\fR] .br .SH DESCRIPTION A \fBwirefilter\fP is able to emulate delays and packet loss on virtual wires. e.g.: -.br + .B -dpipe vde_plug /tmp/s1 = wirefilter -l 10 = vde_plug /tmp/s1 -.br +dpipe vde_plug /tmp/s1 = wirefilter -l 10 = vde_plug /tmp/s2 + creates a wire between two vde_switches (with sockets /tmp/s1 and /tmp/s2 respectively). This cable looses 10% of the packets in each direction. .SH OPTIONS .TP -.B \A-l "\fIloss\fP" +.B \-l "\fIloss\fP" percentage of loss as a floating point number. It is possible to specify different loss percentage for the two channels: LR20.5 means 20.5% of packet flowing left to right are lost, RL10 means 10% from right to left. diff --git a/vde-2/libvdeplug/libvdeplug.c b/vde-2/libvdeplug/libvdeplug.c index dfdef7c..97aeaa9 100644 --- a/vde-2/libvdeplug/libvdeplug.c +++ b/vde-2/libvdeplug/libvdeplug.c @@ -26,6 +26,9 @@ #include #include #include +#include +#include +#include #ifndef VDESTDSOCK #define VDESTDSOCK "/var/run/vde.ctl" @@ -64,7 +67,7 @@ VDECONN *vde_open_real(char *sockname,char *descr,int interface_version, char *group=NULL; int sockno=0; int res; - mode_t mode=0; + mode_t mode=0700; if (open_args != NULL) { if (interface_version == 1) { @@ -203,6 +206,7 @@ VDECONN *vde_open_real(char *sockname,char *descr,int interface_version, errno=err; return NULL; } + chmod(dataout.sun_path,mode); return conn; } diff --git a/vde-2/qemu/vdeq.c b/vde-2/qemu/vdeq.c index 27b4a38..bdf34a6 100644 --- a/vde-2/qemu/vdeq.c +++ b/vde-2/qemu/vdeq.c @@ -18,6 +18,8 @@ #include #include #include +#include +#include #include #include @@ -119,11 +121,15 @@ static void setsighandlers() { SIGVTALRM, "SIGVTALRM", 1 }, #ifdef VDE_LINUX { SIGPOLL, "SIGPOLL", 1 }, +#ifdef SIGSTKFLT { SIGSTKFLT, "SIGSTKFLT", 1 }, +#endif { SIGIO, "SIGIO", 1 }, { SIGPWR, "SIGPWR", 1 }, +#ifdef SIGUNUSED { SIGUNUSED, "SIGUNUSED", 1 }, #endif +#endif #ifdef VDE_DARWIN { SIGXCPU, "SIGXCPU", 1 }, { SIGXFSZ, "SIGXFSZ", 1 }, @@ -135,7 +141,7 @@ static void setsighandlers() for(i = 0; signals[i].sig != 0; i++) if(signal(signals[i].sig, signals[i].ignore ? SIG_IGN : sig_handler) < 0) - fprintlog(stderr,"Setting handler for %s: %s\n", signals[i].name, + fprintf(stderr,"Setting handler for %s: %s\n", signals[i].name, strerror(errno)); } @@ -244,6 +250,7 @@ int main(int argc, char **argv) int oldsyntax=0; int newsyntax=0; int ver; + mode_t mode; vdeqname=basename(argv[0]); //callerpwd=getpwuid(getuid()); @@ -293,6 +300,15 @@ int main(int argc, char **argv) } else argsock=NULL; + if (argc > 2 && ( + (strcmp(argv[1],"--mod")==0) || + (strcmp(argv[1],"-m")==0)) + ){ + sscanf(argv[2],"%o",&mode); + argv+=2; + argc-=2; + } + if (!newsyntax) { if (argsock == NULL) nb_nics=1; @@ -412,7 +428,7 @@ int main(int argc, char **argv) } setsighandlers(); for (i=0; i #include #include +#include #include +#include "misc.h" + #ifdef VDE_DARWIN # include # if defined HAVE_SYSLIMITS_H @@ -131,11 +134,15 @@ static void setsighandlers() { SIGVTALRM, "SIGVTALRM", 1 }, #ifdef VDE_LINUX { SIGPOLL, "SIGPOLL", 1 }, +#ifdef SIGSTKFLT { SIGSTKFLT, "SIGSTKFLT", 1 }, +#endif { SIGIO, "SIGIO", 1 }, { SIGPWR, "SIGPWR", 1 }, +#ifdef SIGUNUSED { SIGUNUSED, "SIGUNUSED", 1 }, #endif +#endif #ifdef VDE_DARWIN { SIGXCPU, "SIGXCPU", 1 }, { SIGXFSZ, "SIGXFSZ", 1 }, @@ -395,11 +402,13 @@ int main(int argc, char **argv) exit(1); } strcat(pidfile_path, "/"); - if (daemonize && daemon(0, 1)) { + if (daemonize && daemon(0, 0)) { printlog(LOG_ERR,"daemon: %s",strerror(errno)); exit(1); } + if(pidfile) save_pidfile(); + conn=vde_open(sockname,"slirpvde:",&open_args); lfd=stderr; slirp_init(netw); diff --git a/vde-2/vde_cryptcab/blowfish.c b/vde-2/vde_cryptcab/blowfish.c index 0a7a15e..8c64b99 100644 --- a/vde-2/vde_cryptcab/blowfish.c +++ b/vde-2/vde_cryptcab/blowfish.c @@ -27,6 +27,7 @@ #include #include "blowfish.h" +#include "crc32.h" unsigned char *crc32(unsigned char*,int); static unsigned long long mycounter=1; @@ -124,6 +125,45 @@ set_expire(struct peer *p) p->expire.tv_sec+=SESSION_TIMEOUT; } +/* + * Check progressive number validity in incoming datagram + */ +int +isvalid_timestamp(unsigned char *block, int size, struct peer *p) +{ + + + int i; + unsigned long long pktcounter=0; + for(i=0;i<8;i++){ + pktcounter+=block[size-12+i]<<(i*8); + } + if(pktcounter>p->counter){ + p->counter=pktcounter; + return 1; + }else{ + //fprintf(stderr,"bad timestamp!\n"); + return 0; + } + +} + +/* + * Check CRC32 Checksum from incoming datagram + */ +int +isvalid_crc32(unsigned char *block, int len) +{ + unsigned char *crc=(unsigned char *)crc32(block,len-4); + if(strncmp((char*)block+(len-4),(char*)crc,4)==0) + return 1; + else{ + + //fprintf(stderr,"bad crc32!\n"); + return 0; + } +} + /* * Returns peer list length. @@ -235,7 +275,7 @@ deny_access(struct peer *p) struct datagram *blowfish_select (int timeout) { unsigned peerlen; - int c,pollret; + int pollret; struct pollfd *pfd; static struct datagram *ret = NULL; struct peer *peerlist; @@ -243,7 +283,6 @@ struct datagram *blowfish_select (int timeout) pfd=malloc((1+numberofpeers())*sizeof(struct pollfd)); - u_int16_t vde_len; pfd[0].fd=nfd; pfd[0].events=POLLIN|POLLHUP; peerlist = populate_peerlist(pfd); @@ -448,44 +487,6 @@ set_timestamp(unsigned char *block) } -/* - * Check progressive number validity in incoming datagram - */ -int -isvalid_timestamp(unsigned char *block, int size, struct peer *p) -{ - - - int i; - unsigned long long pktcounter=0; - for(i=0;i<8;i++){ - pktcounter+=block[size-12+i]<<(i*8); - } - if(pktcounter>p->counter){ - p->counter=pktcounter; - return 1; - }else{ - //fprintf(stderr,"bad timestamp!\n"); - return 0; - } - -} - -/* - * Check CRC32 Checksum from incoming datagram - */ -int -isvalid_crc32(unsigned char *block, int len) -{ - unsigned char *crc=(unsigned char *)crc32(block,len-4); - if(strncmp((char*)block+(len-4),(char*)crc,4)==0) - return 1; - else{ - - //fprintf(stderr,"bad crc32!\n"); - return 0; - } -} /* * Send an udp datagram to specified peer. @@ -544,7 +545,7 @@ send_udp (char *data, size_t len, struct peer *p, unsigned char flags) struct peer *generate_key (struct peer *ret) { - int i, j, fd=-1, od=-1, createnow=0; + int i, fd=-1, od=-1, createnow=0; unsigned char key[16]; unsigned char iv[8]; unsigned char c; @@ -619,11 +620,11 @@ send_challenge(struct peer *p) * Send a "Auth OK" 4WHS packet. */ static void -send_auth_ok(struct peer *p) +send_auth_ok(struct peer *p, void (*callback)(struct peer*)) { send_udp(NULL,0,p,CMD_AUTH_OK); p->state=ST_AUTH; - vde_plug(p); + callback(p); set_expire(p); } @@ -666,7 +667,7 @@ rcv_login(struct datagram *pkt, struct peer *p) * or "access denied" */ void -rcv_response(struct datagram *pkt, struct peer *p) +rcv_response(struct datagram *pkt, struct peer *p, void (*callback)(struct peer*)) { unsigned char response[MAXPKT]; int rlen, tlen; @@ -687,7 +688,7 @@ rcv_response(struct datagram *pkt, struct peer *p) if (strncmp(response,p->challenge,128)==0){ p->state=ST_AUTH; - send_auth_ok(p); + send_auth_ok(p, callback); } else{ @@ -701,7 +702,7 @@ rcv_response(struct datagram *pkt, struct peer *p) * Send a login packet. This is the first phase of 4WHS */ void -login(struct peer *p) +blowfish_login(struct peer *p) { send_udp(p->id,FILENAMESIZE,p,CMD_LOGIN); } @@ -710,7 +711,7 @@ login(struct peer *p) * Initialize blowfish module. * Set udp socket and initialize crypto engine & CRC32. */ -int +void blowfish_init(int socketfd) { nfd=socketfd; diff --git a/vde-2/vde_cryptcab/blowfish.h b/vde-2/vde_cryptcab/blowfish.h index 92e5d3a..de0c10d 100644 --- a/vde-2/vde_cryptcab/blowfish.h +++ b/vde-2/vde_cryptcab/blowfish.h @@ -125,12 +125,15 @@ removepeer(struct peer *np); struct peer *generate_key (struct peer*); -int +void blowfish_init(int); struct datagram *blowfish_select(int timeout); +void +blowfish_login(struct peer *p); + void send_udp( char *data, size_t len, struct peer *p, unsigned char flags ); @@ -140,4 +143,22 @@ send_vde( const char *data, size_t len, struct peer *p); void autocleaner(int signo); +void +deny_access(struct peer *p); + +void +rcv_login(struct datagram *pkt, struct peer *p); + +struct peer +*getpeerbynewaddr(struct sockaddr_in saddr); + +void +rcv_response(struct datagram *pkt, struct peer *p, void (*callback)(struct peer*)); + +void +rcv_challenge(struct datagram *pkt, struct peer *p); + +struct peer +*getpeerbyid(struct datagram *pkt); + #endif diff --git a/vde-2/vde_cryptcab/vde_cryptcab.c b/vde-2/vde_cryptcab/vde_cryptcab.c index 355ebd6..38fc361 100644 --- a/vde-2/vde_cryptcab/vde_cryptcab.c +++ b/vde-2/vde_cryptcab/vde_cryptcab.c @@ -11,11 +11,13 @@ * compiling, linking, and/or using OpenSSL is allowed. */ +#define _GNU_SOURCE #include "config.h" #include "blowfish.h" #include #include #include +#include #include #include #include @@ -33,6 +35,7 @@ static char *remotehost; static int localport; static int remoteport; static int may_login=1; +static struct vde_open_args open_args={.port=0,.group=NULL,.mode=0700}; #ifndef HAVE_STRNDUP @@ -68,7 +71,7 @@ void zombie_carnage(int signo) */ static struct peer *generate_and_xmit(struct peer *ret){ char command[255]; - int i,res; + int res; struct hostent *target; //fprintf(stderr,"Generating new key..\n"); @@ -122,7 +125,7 @@ static void handover(struct peer *p) p->state=ST_OPENING; p->next=NULL; p->counter=0; - login(p); + blowfish_login(p); may_login=0; } @@ -185,8 +188,7 @@ int r; void vde_plug(struct peer *p) { - int r; - p->plug=vde_open(plugname,"vde_cryptcab",NULL); + p->plug=vde_open(plugname,"vde_cryptcab",&open_args); if(!p->plug) { perror ("libvdeplug"); @@ -222,7 +224,7 @@ static inline void try_to_login(struct peer *p) }; if(!may_login) return; - login(p); + blowfish_login(p); may_login=0; setitimer(ITIMER_REAL, &nxt, old); } @@ -234,7 +236,6 @@ int main(int argc, char **argv) { int wire; struct sockaddr_in myaddr; - struct sockaddr_in to; struct datagram *pkt; struct peer *p1; struct sigaction sa; @@ -256,7 +257,6 @@ int main(int argc, char **argv) const char sepusr='@'; const char sepport=':'; char *pusr,*pport; - struct itimerval old; static struct option long_options[] = { {"sock", 1, 0, 's'}, @@ -264,6 +264,7 @@ int main(int argc, char **argv) {"unix", 1, 0, 's'}, {"localport", 1, 0, 'p'}, {"connect",1,0,'c'}, + {"mod",1,0,'m'}, {"help",0,0,'h'}, {0, 0, 0, 0} }; @@ -313,6 +314,10 @@ int main(int argc, char **argv) localport=atoi(optarg); break; + case 'm': + sscanf(optarg,"%o",&(open_args.mode)); + break; + case 'h': default: Usage(); @@ -367,9 +372,9 @@ int main(int argc, char **argv) if(p1 && (p1->state==ST_AUTH || p1->state==ST_SERVER)){ vde_send(p1->plug,pkt->data,pkt->len,0); }else if(p1 && p1->state==ST_IDSENT){ - p1->state==ST_SERVER; + p1->state=ST_SERVER; }else{ - + deny_access(pkt->orig); } } @@ -391,7 +396,7 @@ int main(int argc, char **argv) case CMD_RESPONSE: if(!p1){ - p1=(struct peer*)getpeerbynewaddr(pkt->orig); + p1=(struct peer*)getpeerbynewaddr(pkt->orig->in_a); if(p1){ memcpy(&p1->in_a,&pkt->orig->in_a, sizeof(struct sockaddr_in)); bzero(&p1->handover_a,sizeof(struct sockaddr_in)); @@ -399,7 +404,7 @@ int main(int argc, char **argv) } if(p1){ - rcv_response(pkt, p1); + rcv_response(pkt, p1, vde_plug); } break; diff --git a/vde-2/vde_plug/vde_plug.c b/vde-2/vde_plug/vde_plug.c index 37a3860..57f3265 100644 --- a/vde-2/vde_plug/vde_plug.c +++ b/vde-2/vde_plug/vde_plug.c @@ -272,11 +272,15 @@ static void setsighandlers() { SIGVTALRM, "SIGVTALRM", 1 }, #ifdef VDE_LINUX { SIGPOLL, "SIGPOLL", 1 }, +#ifdef SIGSTKFLT { SIGSTKFLT, "SIGSTKFLT", 1 }, +#endif { SIGIO, "SIGIO", 1 }, { SIGPWR, "SIGPWR", 1 }, +#ifdef SIGUNUSED { SIGUNUSED, "SIGUNUSED", 1 }, #endif +#endif #ifdef VDE_DARWIN { SIGXCPU, "SIGXCPU", 1 }, { SIGXFSZ, "SIGXFSZ", 1 }, diff --git a/vde-2/vde_plug2tap/vde_plug2tap.c b/vde-2/vde_plug2tap/vde_plug2tap.c index 1bd4ee2..d2fa1ed 100644 --- a/vde-2/vde_plug2tap/vde_plug2tap.c +++ b/vde-2/vde_plug2tap/vde_plug2tap.c @@ -98,11 +98,15 @@ static void setsighandlers() { SIGVTALRM, "SIGVTALRM", 1 }, #ifdef VDE_LINUX { SIGPOLL, "SIGPOLL", 1 }, +#ifdef SIGSTKFLT { SIGSTKFLT, "SIGSTKFLT", 1 }, +#endif { SIGIO, "SIGIO", 1 }, { SIGPWR, "SIGPWR", 1 }, +#ifdef SIGUNUSED { SIGUNUSED, "SIGUNUSED", 1 }, #endif +#endif #ifdef VDE_DARWIN { SIGXCPU, "SIGXCPU", 1 }, { SIGXFSZ, "SIGXFSZ", 1 }, @@ -293,7 +297,7 @@ int main(int argc, char **argv) exit(1); } strcat(pidfile_path, "/"); - if (daemonize && daemon(0, 1)) { + if (daemonize && daemon(0, 0)) { printlog(LOG_ERR,"daemon: %s",strerror(errno)); exit(1); } diff --git a/vde-2/vde_switch.c b/vde-2/vde_switch.c index 9512a08..c2121ba 100644 --- a/vde-2/vde_switch.c +++ b/vde-2/vde_switch.c @@ -479,11 +479,15 @@ static void setsighandlers() { SIGVTALRM, "SIGVTALRM", 1 }, #ifdef VDE_LINUX { SIGPOLL, "SIGPOLL", 1 }, +#ifdef SIGSTKFLT { SIGSTKFLT, "SIGSTKFLT", 1 }, +#endif { SIGIO, "SIGIO", 1 }, { SIGPWR, "SIGPWR", 1 }, +#ifdef SIGUNUSED { SIGUNUSED, "SIGUNUSED", 1 }, #endif +#endif #ifdef VDE_DARWIN { SIGXCPU, "SIGXCPU", 1 }, { SIGXFSZ, "SIGXFSZ", 1 }, diff --git a/vde-2/vdetaplib/libvdetap.c b/vde-2/vdetaplib/libvdetap.c index 98bf7fd..89ab258 100644 --- a/vde-2/vdetaplib/libvdetap.c +++ b/vde-2/vdetaplib/libvdetap.c @@ -1,7 +1,10 @@ /* Copyright 2004 Renzo Davoli * Reseased under the GPLv2 */ +#define _GNU_SOURCE #include +#include +#include #include #include #include @@ -10,7 +13,6 @@ #include #include #include -#define __USE_LARGEFILE64 #include #include #include @@ -24,6 +26,21 @@ #define VDEALLTAP "VDEALLTAP" #define MAX 10 +#define nativesym(function, name) \ + { \ + char *msg; \ + if (native_##function == NULL) { \ + *(void **)(&native_##function) = dlsym(RTLD_NEXT, name); \ + if ((msg = dlerror()) != NULL) { \ + fprintf (stderr, "%s: dlsym(%s): %s\n", PACKAGE, name, msg); \ + } \ + } \ + } + +static int (*native_ioctl) (int d, int request, ...) = NULL; +static int (*native_open) (const char *pathname, int flags, ...) = NULL; +static int (*native_open64) (const char *pathname, int flags, ...) = NULL; + int tapfd[2] = {-1,-1}; static int tapcount=0; static int tuncount=0; @@ -59,9 +76,13 @@ static int addpid(int pid) { } } +void libvdetap_init (void) __attribute((constructor)); void libvdetap_init(void) { register int i; + nativesym(ioctl, "ioctl"); + nativesym(open, "open"); + nativesym(open64, "open64"); for (i=1;i