src/anytun-controld.cpp

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
  15  *                          Christian Pointner <satp@wirdorange.org>
  16  *
  17  *  This file is part of Anytun.
  18  *
  19  *  Anytun is free software: you can redistribute it and/or modify
  20  *  it under the terms of the GNU General Public License version 3 as
  21  *  published by the Free Software Foundation.
  22  *
  23  *  Anytun is distributed in the hope that it will be useful,
  24  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  25  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  26  *  GNU General Public License for more details.
  27  *
  28  *  You should have received a copy of the GNU General Public License
  29  *  along with anytun.  If not, see <http://www.gnu.org/licenses/>.
  30  */
  31
  32 #include <iostream>
  33 #include <fstream>
  34 #include <poll.h>
  35 #include <fcntl.h>
  36 #include <pwd.h>
  37 #include <grp.h>
  38
  39 #include "datatypes.h"
  40
  41 #include "log.h"
  42 #include "signalController.h"
  43 #include "anyCtrOptions.h"
  44
  45 #include "anyCtrSocket.h"
  46 #include "Sockets/ListenSocket.h"
  47 #include "Sockets/SocketHandler.h"
  48
  49
  50 class ThreadParam
  51 {
  52 public:
  53   ThreadParam() : addr(""), port(0) {};
  54   std::string addr;
  55   u_int16_t port;
  56 };
  57
  58
  59 void* syncListener(void* p )
  60 {
  61   ThreadParam* param = reinterpret_cast<ThreadParam*>(p);
  62         SOCKETS_NAMESPACE::SocketHandler h;
  63         SOCKETS_NAMESPACE::ListenSocket<MuxSocket> l(h,true);
  64
  65         if( l.Bind(param->addr, param->port) )
  66                 pthread_exit(NULL);
  67
  68         Utility::ResolveLocal(); // resolve local hostname
  69         h.Add(&l);
  70         h.Select(1,0);
  71         while (1) {
  72                 h.Select(1,0);
  73         }
  74 }
  75
  76 void chrootAndDrop(std::string const& chrootdir, std::string const& username)
  77 {
  78         if (getuid() != 0)
  79         {
  80           std::cerr << "this programm has to be run as root in order to run in a chroot" << std::endl;
  81                 exit(-1);
  82         }
  83
  84   struct passwd *pw = getpwnam(username.c_str());
  85         if(pw) {
  86                 if(chroot(chrootdir.c_str()))
  87                 {
  88       std::cerr << "can't chroot to " << chrootdir << std::endl;
  89       exit(-1);
  90                 }
  91     cLog.msg(Log::PRIO_NOTICE) << "we are in chroot jail (" << chrootdir << ") now" << std::endl;
  92     chdir("/");
  93                 if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid))
  94                 {
  95                         std::cerr << "can't drop to user " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
  96                         exit(-1);
  97                 }
  98     cLog.msg(Log::PRIO_NOTICE) << "dropped user to " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
  99         }
 100         else
 101   {
 102     std::cerr << "unknown user " << username << std::endl;
 103     exit(-1);
 104         }
 105 }
 106
 107 void daemonize()
 108 {
 109   pid_t pid;
 110
 111   pid = fork();
 112   if(pid) exit(0);
 113   setsid();
 114   pid = fork();
 115   if(pid) exit(0);
 116
 117 //  std::cout << "running in background now..." << std::endl;
 118
 119   int fd;
 120 //  for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
 121   for (fd=0;fd<=2;fd++) // close all file descriptors
 122     close(fd);
 123   fd=open("/dev/null",O_RDWR);        // stdin
 124   dup(fd);                            // stdout
 125   dup(fd);                            // stderr
 126   umask(027);
 127 }
 128
 129 int main(int argc, char* argv[])
 130 {
 131   if(!gOpt.parse(argc, argv))
 132   {
 133     gOpt.printUsage();
 134     exit(-1);
 135   }
 136
 137   std::ifstream file( gOpt.getFileName().c_str() );
 138   if( file.is_open() )
 139     file.close();
 140   else
 141   {
 142     std::cout << "ERROR: unable to open file!" << std::endl;
 143     exit(-1);
 144   }
 145
 146   std::ofstream pidFile;
 147   if(gOpt.getPidFile() != "") {
 148     pidFile.open(gOpt.getPidFile().c_str());
 149     if(!pidFile.is_open()) {
 150       std::cout << "can't open pid file" << std::endl;
 151     }
 152   }
 153
 154   if(gOpt.getChroot())
 155     chrootAndDrop(gOpt.getChrootDir(), gOpt.getUsername());
 156   if(gOpt.getDaemonize())
 157     daemonize();
 158
 159   if(pidFile.is_open()) {
 160     pid_t pid = getpid();
 161     pidFile << pid;
 162     pidFile.close();
 163   }
 164
 165   SignalController sig;
 166   sig.init();
 167
 168   ThreadParam p;
 169   p.addr = gOpt.getBindToAddr();
 170   p.port = gOpt.getBindToPort();
 171         pthread_t syncListenerThread;
 172         pthread_create(&syncListenerThread, NULL, syncListener, &p);
 173
 174         int ret = sig.run();
 175
 176         pthread_cancel(syncListenerThread);
 177
 178         pthread_join(syncListenerThread, NULL);
 179
 180   return ret;
 181 }
 182