+2009.12.02 -- Version 0.3.2
+
+* clenaups and improvements at configure and install target of Makefile
+* manpage cleanups
+* moved to new svn location
+
+2009.11.08 -- Version 0.3.1
+
+* switched to GPLv3 or higher
+* improved script execution
+* added signal handling without races
+* all log_targets print time now too
+
2009.05.01 -- Version 0.3
* updated to new protocol specification (extended label and crypto role)
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
The latter is more performant in most cases but there are some license
issues when using this library. It also needs more space when installed.
+
Linux
-----
build-essential
libssl-dev
+only for manpage:
+
+ asciidoc
+
OpenBSD/FreeBSD
---------------
using libgcrypt:
- gmake
- libgcrypt
- libgpg-error
+ devel/gmake
+ security/libgcrypt
using ssl crypto library:
- gmake
+ devel/gmake
+
+only for manpage:
+
+ textproc/asciidoc
+ textproc/libxslt
+ textproc/docbook-xsl
+ sysutils/readlink
+ misc/getopt
+
Installation
Getting the source via subversion:
----------------------------------
-svn co https://svn.chaos-at-home.org/uanytun/trunk uanytun
+
+svn co https://svn.anytun.org/uanytun/trunk uanytun
+cd uanytun
+
Building from source
--------------------
# ./configure --use-ssl-crypto
# make
-
Notes:
- try './configure --help' for further information
- if using openssl pre 0.9.8 you have to disable passphrase
# sudo make install
This will install anytun under the --prefix defined with configure.
-It also creates a user with name --username with home --userhome
-which can be changed by configure as well.
+
Uninstalling
------------
# sudo make purge
-This also removes the config files and deletes the user and it's
-home directory.
+This also removes the config files
+
+
+
+Usage:
+======
+
+init.d script
+-------------
+
+The init.d script can be used to start uanytun at boot time. It searches for
+configuration files which reside at $CONFIG_DIR. For each instance of uanytun
+which should be started there must be a directory containing at least a file
+named config. This file must contain all command line parameter which should
+be used when starting the daemon. One line for each parameter. Empty lines and
+lines starting with # are ignored. Besides the config file there may be a script
+named post-up.sh which will be called when the tun/tap device comes up.
+This is an example of how the init.d script can be used to start uanytun:
+
+# /etc/init.d/uanytun start client1 p2p-a
+
+In this case the script will start 2 instances of uanytun using the config files
+$CONFIG_DIR/client1/config and $CONFIG_DIR/p2p-a/config.
+If no instance name is specified the script will use the file $CONFIG_DIR/autostart
+to determine which instances to start or stop. This file must contain a list
+of instance names which should be used when no names are specified at the command
+line. One line for each name. Empty lines and lines starting with # are ignored.
## This file is part of uAnytun.
##
## uAnytun is free software: you can redistribute it and/or modify
-## it under the terms of the GNU General Public License version 3 as
-## published by the Free Software Foundation.
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation, either version 3 of the License, or
+## any later version.
##
## uAnytun is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
##
+VERSION=$(shell cat ../version)
+
+.PHONY: clean
+
all: manpage
uanytun.8: uanytun.8.txt
- a2x -f manpage uanytun.8.txt
+ a2x -f manpage $<
+ @ sed -i -e 's/\[FIXME: source\]/uanytun ${VERSION}/' $@
+ @ sed -i -e 's/\[FIXME: manual\]/uanytun user manual/' $@
+ @ sed -i -e 's/^uanytun$$/\\fBuanytun\\fR/' $@
+ @ sed -i -e 's/^ \[ \([^ ]*\)/ [ \\fB\1\\fR/' $@
manpage: uanytun.8
NAME
----
+
uanytun - micro anycast tunneling daemon
+
SYNOPSIS
--------
-*uanytun*
-[ *-h|--help* ]
-[ *-D|--nodaemonize* ]
-[ *-u|--username* <username> ]
-[ *-g|--groupname* <groupname> ]
-[ *-C|--chroot* <path> ]
-[ *-P|--write-pid* <filename> ]
-[ *-L|--log* <target>:<level>[,<param1>[,<param2>[..]]] ]
-[ *-i|--interface* <ip-address> ]
-[ *-p|--port* <port> ]
-[ *-r|--remote-host* <hostname|ip> ]
-[ *-o|--remote-port* <port> ]
-[ *-4|--ipv4-only* ]
-[ *-6|--ipv6-only* ]
-[ *-d|--dev* <name> ]
-[ *-t|--type* <tun|tap> ]
-[ *-n|--ifconfig* <local>/<prefix> ]
-[ *-x|--post-up-script* <script> ]
-[ *-m|--mux* <mux-id> ]
-[ *-s|--sender-id* <sender id> ]
-[ *-w|--window-size* <window size> ]
-[ *-k|--kd-prf* <kd-prf type> ]
-[ *-e|--role <role>* ]
-[ *-E|--passphrase* <pass phrase> ]
-[ *-K|--key* <master key> ]
-[ *-A|--salt* <master salt> ]
-[ *-c|--cipher* <cipher type> ]
-[ *-a|--auth-algo* <algo type> ]
-[ *-b|--auth-tag-length* <length> ]
+....
+uanytun
+ [ -h|--help ]
+ [ -D|--nodaemonize ]
+ [ -u|--username <username> ]
+ [ -g|--groupname <groupname> ]
+ [ -C|--chroot <path> ]
+ [ -P|--write-pid <filename> ]
+ [ -L|--log <target>:<level>[,<param1>[,<param2>[..]]] ]
+ [ -i|--interface <ip-address> ]
+ [ -p|--port <port> ]
+ [ -r|--remote-host <hostname|ip> ]
+ [ -o|--remote-port <port> ]
+ [ -4|--ipv4-only ]
+ [ -6|--ipv6-only ]
+ [ -d|--dev <name> ]
+ [ -t|--type <tun|tap> ]
+ [ -n|--ifconfig <local>/<prefix> ]
+ [ -x|--post-up-script <script> ]
+ [ -m|--mux <mux-id> ]
+ [ -s|--sender-id <sender id> ]
+ [ -w|--window-size <window size> ]
+ [ -k|--kd-prf <kd-prf type> ]
+ [ -e|--role <role> ]
+ [ -E|--passphrase <pass phrase> ]
+ [ -K|--key <master key> ]
+ [ -A|--salt <master salt> ]
+ [ -c|--cipher <cipher type> ]
+ [ -a|--auth-algo <algo type> ]
+ [ -b|--auth-tag-length <length> ]
+....
+
DESCRIPTION
-----------
small single threaded implementation intended to act as a client on small
platforms.
+
OPTIONS
-------
no difference between client and server. The following options can be
passed to the daemon:
--D|--nodaemonize
-~~~~~~~~~~~~~~~~
-
-This option instructs *uAnytun* to run in foreground
-instead of becoming a daemon which is the default.
-
--u|--username <username>
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-run as this user. If no group is specified (*-g*) the default group of
-the user is used. The default is to not drop privileges.
-
--g|--groupname <groupname>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-run as this group. If no username is specified (*-u*) this gets ignored.
-The default is to not drop privileges.
-
--C|--chroot <path>
-~~~~~~~~~~~~~~~~~~
-
-Instruct *uAnytun* to run in a chroot jail. The default is
-to not run in chroot.
-
--P|--write-pid <filename>
-~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Instruct *uAnytun* to write it's pid to this file. The default is
-to not create a pid file.
-
--L|--log <target>:<level>[,<param1>[,<param2>[..]]]
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-add log target to logging system. This can be invoked several times
-in order to log to different targets at the same time. Every target
-hast its own log level which is a number between 0 and 5. Where 0 means
-disabling log and 5 means debug messages are enabled.
-
-The following targets are supported:
-
-* *syslog* - log to syslog daemon, parameters <level>[,<logname>[,<facility>]]
-* *file* - log to file, parameters <level>[,<path>]
-* *stdout* - log to standard output, parameters <level>
-* *stderr* - log to standard error, parameters <level>
-
-The file target can be used more the once with different levels.
-If no target is provided at the command line a single target with the
-following config is added:
-
-*syslog:3,uanytun,daemon*
-
-
--i|--interface <ip address>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-This IP address is used as the sender address for outgoing
-packets. The default is to not use a special inteface and just
-bind on all interfaces.
-
--p|--port <port>
-~~~~~~~~~~~~~~~~
-
-local port to bind to
-
-The local UDP port that is used to send and receive the
-payload data. The two tunnel endpoints can use different
-ports. default: 4444
-
--r|--remote-host <hostname|ip>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-remote host
-
-This option can be used to specify the remote tunnel
-endpoint. In case of anycast tunnel endpoints, the
-anycast IP address has to be used. If you do not specify
-an address, it is automatically determined after receiving
-the first data packet.
-
--o|--remote-port <port>
-~~~~~~~~~~~~~~~~~~~~~~~
-
-remote port
-
-The UDP port used for payload data by the remote host
-(specified with -p on the remote host). If you do not specify
-a port, it is automatically determined after receiving
-the first data packet.
-
--4|--ipv4-only
-~~~~~~~~~~~~~~
-
-Resolv to IPv4 addresses only. The default is to resolv both
-IPv4 and IPv6 addresses.
-
--6|--ipv6-only
-~~~~~~~~~~~~~~
-
-Resolv to IPv6 addresses only. The default is to resolv both
-IPv4 and IPv6 addresses.
-
--d|--dev <name>
-~~~~~~~~~~~~~~~
-
-device name
-
-By default, tapN is used for Ethernet tunnel interfaces,
-and tunN for IP tunnels, respectively. This option can
-be used to manually override these defaults.
-
--t|--type <tun|tap>
-~~~~~~~~~~~~~~~~~~~
-
-device type
-
-Type of the tunnels to create. Use tap for Ethernet
-tunnels, tun for IP tunnels.
-
--n|--ifconfig <local>/<prefix>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-*<local>* the local IP address for the tun/tap device
+*-D, --nodaemonize*::
+ This option instructs *uAnytun* to run in foreground
+ instead of becoming a daemon which is the default.
+
+*-u, --username <username>*::
+ run as this user. If no group is specified (*-g*) the default group of
+ the user is used. The default is to not drop privileges.
+
+*-g, --groupname <groupname>*::
+ run as this group. If no username is specified (*-u*) this gets ignored.
+ The default is to not drop privileges.
+
+*-C, --chroot <path>*::
+ Instruct *uAnytun* to run in a chroot jail. The default is
+ to not run in chroot.
+
+*-P, --write-pid <filename>*::
+ Instruct *uAnytun* to write it's pid to this file. The default is
+ to not create a pid file.
+
+*-L, --log <target>:<level>[,<param1>[,<param2>[..]]]*::
+ add log target to logging system. This can be invoked several times
+ in order to log to different targets at the same time. Every target
+ hast its own log level which is a number between 0 and 5. Where 0 means
+ disabling log and 5 means debug messages are enabled. +
+ The file target can be used more the once with different levels.
+ If no target is provided at the command line a single target with the
+ config *syslog:3,uanytun,daemon* is added. +
+ The following targets are supported:
+
+ *syslog*;; log to syslog daemon, parameters <level>[,<logname>[,<facility>]]
+ *file*;; log to file, parameters <level>[,<path>]
+ *stdout*;; log to standard output, parameters <level>
+ *stderr*;; log to standard error, parameters <level>
+
+*-i, --interface <ip address>*::
+ This IP address is used as the sender address for outgoing
+ packets. The default is to not use a special inteface and just
+ bind on all interfaces.
+
+*-p, --port <port>*::
+ The local UDP port that is used to send and receive the
+ payload data. The two tunnel endpoints can use different
+ ports. default: 4444
+
+*-r, --remote-host <hostname|ip>*::
+ This option can be used to specify the remote tunnel
+ endpoint. In case of anycast tunnel endpoints, the
+ anycast IP address has to be used. If you do not specify
+ an address, it is automatically determined after receiving
+ the first data packet.
+
+*-o, --remote-port <port>*::
+ The UDP port used for payload data by the remote host
+ (specified with -p on the remote host). If you do not specify
+ a port, it is automatically determined after receiving
+ the first data packet.
+
+*-4, --ipv4-only*::
+ Resolv to IPv4 addresses only. The default is to resolv both
+ IPv4 and IPv6 addresses.
+
+*-6, --ipv6-only*::
+ Resolv to IPv6 addresses only. The default is to resolv both
+ IPv4 and IPv6 addresses.
+
+*-d, --dev <name>*::
+ device name +
+ By default, tapN is used for Ethernet tunnel interfaces,
+ and tunN for IP tunnels, respectively. This option can
+ be used to manually override these defaults.
+
+*-t, --type <tun|tap>*::
+ device type +
+ Type of the tunnels to create. Use tap for Ethernet
+ tunnels, tun for IP tunnels.
+
+*-n, --ifconfig <local>/<prefix>*::
+ The local IP address and prefix length. The remote tunnel endpoint
+ has to use a different IP address in the same subnet.
+
+ *<local>*;; the local IP address for the tun/tap device
+ *<prefix>*;; the prefix length of the network
+
+*-x, --post-up-script <script>*::
+ This option instructs *uAnytun* to run this script after the interface
+ is created. By default no script will be executed.
+
+*-m, --mux <mux-id>*::
+ the multiplex id to use. default: 0
+
+*-s, --sender-id <sender id>*::
+ Each anycast tunnel endpoint needs a unique sender id
+ (1, 2, 3, ...). It is needed to distinguish the senders
+ in case of replay attacks. As *uAnytun* does not support
+ synchronisation it can't be used as an anycast endpoint therefore
+ this option is quite useless but implemented for compability
+ reasons. default: 0
+
+*-w, --window-size <window size>*::
+ seqence window size +
+ Sometimes, packets arrive out of order on the receiver
+ side. This option defines the size of a list of received
+ packets' sequence numbers. If, according to this list,
+ a received packet has been previously received or has
+ been transmitted in the past, and is therefore not in
+ the list anymore, this is interpreted as a replay attack
+ and the packet is dropped. A value of 0 deactivates this
+ list and, as a consequence, the replay protection employed
+ by filtering packets according to their secuence number.
+ By default the sequence window is disabled and therefore a
+ window size of 0 is used.
+
+*-k, --kd--prf <kd-prf type>*::
+ key derivation pseudo random function +
+ The pseudo random function which is used for calculating the
+ session keys and session salt. +
+ Possible values:
+
+ *null*;; no random function, keys and salt are set to 0..00
+ *aes-ctr*;; AES in counter mode with 128 Bits, default value
+ *aes-ctr-128*;; AES in counter mode with 128 Bits
+ *aes-ctr-192*;; AES in counter mode with 192 Bits
+ *aes-ctr-256*;; AES in counter mode with 256 Bits
+
+*-e, --role <role>*::
+ SATP uses different session keys for inbound and outbound traffic. The
+ role parameter is used to determine which keys to use for outbound or
+ inbound packets. On both sides of a vpn connection different roles have
+ to be used. Possible values are *left* and *right*. You may also use
+ *alice* or *server* as a replacement for *left* and *bob* or *client* as
+ a replacement for *right*. By default *left* is used.
+
+*-E, --passphrase <pass phrase>*::
+ This passphrase is used to generate the master key and master salt.
+ For the master key the last n bits of the SHA256 digest of the
+ passphrase (where n is the length of the master key in bits) is used.
+ The master salt gets generated with the SHA1 digest.
+ You may force a specific key and or salt by using *--key* and *--salt*.
+
+*-K, --key <master key>*::
+ master key to use for key derivation +
+ Master key in hexadecimal notation, e.g.
+ 01a2b3c4d5e6f708a9b0cadbecfd0fa1, with a mandatory length
+ of 32, 48 or 64 characters (128, 192 or 256 bits).
+
+*-A, --salt <master salt>*::
+ master salt to use for key derivation +
+ Master salt in hexadecimal notation, e.g.
+ 01a2b3c4d5e6f708a9b0cadbecfd, with a mandatory length
+ of 28 characters (14 bytes).
+
+*-c, --cipher <cipher type>*::
+ payload encryption algorithm +
+ Encryption algorithm used for encrypting the payload +
+ Possible values:
+
+ *null*;; no encryption
+ *aes-ctr*;; AES in counter mode with 128 Bits, default value
+ *aes-ctr-128*;; AES in counter mode with 128 Bits
+ *aes-ctr-192*;; AES in counter mode with 192 Bits
+ *aes-ctr-256*;; AES in counter mode with 256 Bits
+
+*-a, --auth-algo <algo type>*::
+ message authentication algorithm +
+ This option sets the message authentication algorithm. +
+ If HMAC-SHA1 is used, the packet length is increased. The additional bytes
+ contain the authentication data. see *--auth-tag-length* for more info. +
+ Possible values:
+
+ *null*;; no message authentication
+ *sha1*;; HMAC-SHA1, default value
+
+*-b, --auth-tag-length <length>*::
+ The number of bytes to use for the auth tag. This value defaults to 10 bytes
+ unless the *null* auth algo is used in which case it defaults to 0.
-*<prefix>* the prefix length of the network
-
-The local IP address and prefix length. The remote tunnel endpoint
-has to use a different IP address in the same subnet.
-
--x|--post-up-script <script>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-This option instructs *uAnytun* to run this script after the interface
-is created. By default no script will be executed.
-
--m|--mux <mux-id>
-~~~~~~~~~~~~~~~~~
-
-the multiplex id to use. default: 0
-
--s|--sender-id <sender id>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Each anycast tunnel endpoint needs a unique sender id
-(1, 2, 3, ...). It is needed to distinguish the senders
-in case of replay attacks. As *uAnytun* does not support
-synchronisation it can't be used as an anycast endpoint therefore
-this option is quite useless but implemented for compability
-reasons. default: 0
-
--w|--window-size <window size>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-seqence window size
-
-Sometimes, packets arrive out of order on the receiver
-side. This option defines the size of a list of received
-packets' sequence numbers. If, according to this list,
-a received packet has been previously received or has
-been transmitted in the past, and is therefore not in
-the list anymore, this is interpreted as a replay attack
-and the packet is dropped. A value of 0 deactivates this
-list and, as a consequence, the replay protection employed
-by filtering packets according to their secuence number.
-By default the sequence window is disabled and therefore a
-window size of 0 is used.
-
--k|--kd--prf <kd-prf type>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-key derivation pseudo random function.
-
-The pseudo random function which is used for calculating the
-session keys and session salt.
-
-Possible values:
-
-* *null* - no random function, keys and salt are set to 0..00
-* *aes-ctr* - AES in counter mode with 128 Bits, default value
-* *aes-ctr-128* - AES in counter mode with 128 Bits
-* *aes-ctr-192* - AES in counter mode with 192 Bits
-* *aes-ctr-256* - AES in counter mode with 256 Bits
-
--e|--role <role>
-~~~~~~~~~~~~~~~~
-
-SATP uses different session keys for inbound and outbound traffic. The
-role parameter is used to determine which keys to use for outbound or
-inbound packets. On both sides of a vpn connection different roles have
-to be used. Possible values are *left* and *right*. You may also use
-*alice* or *server* as a replacement for *left* and *bob* or *client* as
-a replacement for *right*. By default *left* is used.
-
--E|--passphrase <pass phrase>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-This passphrase is used to generate the master key and master salt.
-For the master key the last n bits of the SHA256 digest of the
-passphrase (where n is the length of the master key in bits) is used.
-The master salt gets generated with the SHA1 digest.
-You may force a specific key and or salt by using *--key* and *--salt*.
-
--K|--key <master key>
-~~~~~~~~~~~~~~~~~~~~~
-
-master key to use for key derivation
-
-Master key in hexadecimal notation, eg
-01a2b3c4d5e6f708a9b0cadbecfd0fa1, with a mandatory length
-of 32, 48 or 64 characters (128, 192 or 256 bits).
-
--A|--salt <master salt>
-~~~~~~~~~~~~~~~~~~~~~~~
-
-master salt to use for key derivation
-
-Master salt in hexadecimal notation, eg
-01a2b3c4d5e6f708a9b0cadbecfd, with a mandatory length
-of 28 characters (14 bytes).
-
--c|--cipher <cipher type>
-~~~~~~~~~~~~~~~~~~~~~~~~~
-
-payload encryption algorithm
-
-Encryption algorithm used for encrypting the payload
-
-Possible values:
-
-* *null* - no encryption
-* *aes-ctr* - AES in counter mode with 128 Bits, default value
-* *aes-ctr-128* - AES in counter mode with 128 Bits
-* *aes-ctr-192* - AES in counter mode with 192 Bits
-* *aes-ctr-256* - AES in counter mode with 256 Bits
-
--a|--auth-algo <algo type>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-message authentication algorithm
-
-This option sets the message authentication algorithm.
-
-Possible values:
-
-* *null* - no message authentication
-* *sha1* - HMAC-SHA1, default value
-
-If HMAC-SHA1 is used, the packet length is increased. The additional bytes
-contain the authentication data. see *-b|--auth-tag-length* for more info.
-
--b|--auth-tag-length <length>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-The number of bytes to use for the auth tag. This value defaults to 10 bytes
-unless the *null* auth algo is used in which case it defaults to 0.
EXAMPLES
--------
uanytun -r hosta.example.com -t tun -n 192.168.123.2/30 -c aes-ctr-256 -k aes-ctr-256 \
-E have_a_very_safe_and_productive_day -e right
-
One unicast and one anycast tunnel endpoint:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Anycast tunnel endpoints:
^^^^^^^^^^^^^^^^^^^^^^^^^
As *uAnytun* can't work as an anycast endpoint it can't be used for this purpose. You
-have to use *anytun* for that job.
+have to use *Anytun* for that job.
BUGS
Most likely there are some bugs in *uAnytun*. If you find a bug, please let
the developers know at uanytun@anytun.org. Of course, patches are preferred.
+
AUTHORS
-------
Christian Pointner <equinox@anytun.org>
+
RESOURCES
---------
-------
Copyright \(C) 2008-2009 Christian Pointner. This program is free
-software; you can redistribute it and/or modify it under the terms
-of the GNU General Public License version 3 as published by the
-Free Software Foundation.
-
+software: you can redistribute it and/or modify it under the terms
+of the GNU General Public License as published by the Free Software
+Foundation, either version 3 of the License, or any later version.
log syslog:3,uanytun-client1,daemon
## change user and group after init
-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun
## chroot to users home directory
#chroot /var/run/uanytun
log syslog:3,uanytun-client2,daemon
## change user and group after init
-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun
## chroot to users home directory
#chroot /var/run/uanytun
log syslog:3,uanytun-client3,daemon
## change user and group after init
-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun
## chroot to users home directory
#chroot /var/run/uanytun
log syslog:3,uanytun-p2p-a,daemon
## change user and group after init
-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun
## chroot to users home directory
#chroot /var/run/uanytun
log syslog:3,uanytun-p2p-b,daemon
## change user and group after init
-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun
## chroot to users home directory
#chroot /var/run/uanytun
## This file is part of uAnytun.
##
## uAnytun is free software: you can redistribute it and/or modify
-## it under the terms of the GNU General Public License version 3 as
-## published by the Free Software Foundation.
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation, either version 3 of the License, or
+## any later version.
##
## uAnytun is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
EXECUTABLE := uanytun
CRYPT_OBJ := key_derivation.o \
- auth_algo.o
+ auth_algo.o
OBJ := log.o \
- string_list.o \
- sig_handler.o \
- options.o \
- tun.o \
- udp.o \
- plain_packet.o \
- encrypted_packet.o \
- seq_window.o \
- cipher.o \
- uanytun.o
+ string_list.o \
+ sig_handler.o \
+ sysexec.o \
+ options.o \
+ tun.o \
+ udp.o \
+ plain_packet.o \
+ encrypted_packet.o \
+ seq_window.o \
+ cipher.o \
+ uanytun.o
ifndef NO_CRYPT_OBJ
SRC := $(OBJ:%.o=%.c)
-.PHONY: clean distclean manpage install install-bin install-etc install-man remove purge
+.PHONY: clean cleanall distclean manpage install install-bin install-etc install-man uninstall remove purge
all: $(EXECUTABLE)
%.d: %.c
@set -e; rm -f $@; \
- $(CC) -MM $(CFLAGS) $< > $@.$$$$; \
- sed 's,\($*\)\.o[ :]*,\1.o $@ : ,g' < $@.$$$$ > $@; \
- rm -f $@.$$$$; echo '(re)building $@'
+ $(CC) -MM $(CFLAGS) $< > $@.$$$$; \
+ sed 's,\($*\)\.o[ :]*,\1.o $@ : ,g' < $@.$$$$ > $@; \
+ rm -f $@.$$$$; echo '(re)building $@'
ifneq ($(MAKECMDGOALS),distclean)
-include $(SRC:%.c=%.d)
endif
-uanytun: $(OBJ)
+$(EXECUTABLE): $(OBJ)
$(CC) $(OBJ) -o $@ $(LDFLAGS)
%.o: %.c
$(CC) $(CFLAGS) -c $<
-distclean: clean
+strip: $(EXECUTABLE)
+ $(STRIP) -s $(EXECUTABLE)
+
+distclean: cleanall
find . -name *.o -exec rm -f {} \;
find . -name "*.\~*" -exec rm -rf {} \;
rm -f include.mk
rm -f *.d.*
rm -f $(EXECUTABLE)
+cleanall: clean
+ $(MAKE) --directory="../doc/" clean
+
manpage:
$(MAKE) --directory="../doc/" manpage
-install: all install-bin install-etc install-man add-user
+
+INSTALL_TARGETS := install-bin install-etc
+REMOVE_TARGETS := remove-bin remove-etc
+
+ifdef MANDIR
+INSTALL_TARGETS += install-man
+REMOVE_TARGETS += remove-man
+endif
+
+ifdef EXAMPLESDIR
+INSTALL_TARGETS += install-examples
+REMOVE_TARGETS += remove-examples
+endif
+
+install: all $(INSTALL_TARGETS)
install-bin: $(EXECUTABLE)
- mkdir -p $(DESTDIR)$(SBINDIR)
- install -m 755 $(EXECUTABLE) $(DESTDIR)$(SBINDIR)
- $(STRIP) $(DESTDIR)$(SBINDIR)/$(EXECUTABLE)
+ $(INSTALL) -d $(DESTDIR)$(SBINDIR)
+ $(INSTALL) -m 755 $(EXECUTABLE) $(DESTDIR)$(SBINDIR)
install-etc:
- mkdir -p $(DESTDIR)$(ETCDIR)/uanytun
- install -m 644 ../etc/uanytun/autostart $(DESTDIR)$(ETCDIR)/uanytun/autostart
- @( cd '../etc/uanytun/' ; \
- for dir in `ls`; do \
- if [ -d $$dir ]; then \
- echo "install $$dir configuration" ; \
- cd $$dir ; \
- mkdir -p $(DESTDIR)$(ETCDIR)/uanytun/$$dir ; \
- install -m 600 config $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ; \
- sed -i 's#username uanytun#username $(USERNAME)#' $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ; \
- sed -i 's#groupname uanytun#groupname $(USERNAME)#' $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ; \
- sed -i 's#chroot /var/run/uanytun#chroot $(USERHOME)#' $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ; \
- if [ -e 'post-up.sh' ]; then \
- install -m 755 post-up.sh $(DESTDIR)$(ETCDIR)/uanytun/$$dir/post-up.sh ; \
- fi ; \
- cd .. ; \
- fi ; \
- done \
+ $(INSTALL) -d $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)
+ @ echo "example configurations can be found at $(EXAMPLESDIR)/$(EXECUTABLE)" > $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)/README
+ $(INSTALL) -d $(DESTDIR)$(ETCDIR)/init.d
+ @ sed -e 's#DAEMON=/usr/sbin/uanytun#DAEMON=$(SBINDIR)/$(EXECUTABLE)#' \
+ -e 's#CONFIG_DIR=/etc/uanytun#CONFIG_DIR=$(ETCDIR)/uanytun#' ../etc/init.d/uanytun > ../etc/init.d/uanytun.bak
+ $(INSTALL) -m 755 ../etc/init.d/uanytun.bak $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
+ rm -f ../etc/init.d/uanytun.bak
+
+install-examples:
+ $(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)
+ $(INSTALL) -m 644 ../etc/uanytun/autostart $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/autostart
+ @( cd '../etc/uanytun/' ; \
+ for dir in `ls`; do \
+ if [ -d $$dir ]; then \
+ echo "install $$dir configuration" ; \
+ cd $$dir ; \
+ $(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/$$dir ; \
+ $(INSTALL) -m 600 config $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/$$dir/config ; \
+ if [ -e 'post-up.sh' ]; then \
+ $(INSTALL) -m 755 post-up.sh $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/$$dir/post-up.sh ; \
+ fi ; \
+ cd .. ; \
+ fi ; \
+ done \
)
- mkdir -p $(DESTDIR)$(ETCDIR)/init.d
- install -m 755 ../etc/init.d/uanytun $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
- @ sed -i 's#DAEMON=/usr/sbin/uanytun#DAEMON=$(SBINDIR)/$(EXECUTABLE)#' $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
- @ sed -i 's#CONFIG_DIR=/etc/uanytun#CONFIG_DIR=$(ETCDIR)/uanytun#' $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
install-man: manpage
- mkdir -p $(DESTDIR)$(MANDIR)/man8/
- cp ../doc/uanytun.8 $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
- gzip $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
+ $(INSTALL) -d $(DESTDIR)$(MANDIR)/man8/
+ $(INSTALL) -m 644 ../doc/uanytun.8 $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
-add-user:
- @ adduser --system --group --home $(USERHOME) $(USERNAME)
+uninstall: remove
-remove-user:
- @ deluser $(USERNAME)
- @ rm -rf $(USERHOME)
+remove: $(REMOVE_TARGETS)
-remove:
+remove-bin:
rm -f $(DESTDIR)$(SBINDIR)/$(EXECUTABLE)
- rm -f $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8.gz
+
+remove-etc:
rm -f $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
-purge: remove remove-user
- rm -rf $(DESTDIR)$(ETCDIR)/uanytun/
+remove-examples:
+ rm -rf $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/
+
+remove-man:
+ rm -f $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
+
+purge: remove
+ rm -rf $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)/
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _AUTH_ALGO_H_
-#define _AUTH_ALGO_H_
+#ifndef UANYTUN_auth_algo_h_INCLUDED
+#define UANYTUN_auth_algo_h_INCLUDED
#ifndef USE_SSL_CRYPTO
#include <gcrypt.h>
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
if(!dev || !dev->actual_name_ || !dev->net_addr_ || !dev->net_mask_)
return;
-
- char* command = NULL;
- char* netmask;
char* end;
if(dev->type_ == TYPE_TAP) {
#if defined(__GNUC__) && defined(__OpenBSD__)
- end = " link0";
+ end = "link0";
#elif defined(__GNUC__) && defined(__FreeBSD__)
- end = " up";
+ end = "up";
#elif defined(__GNUC__) && defined(__NetBSD__)
- end = "";
+ end = NULL;
#else
#error This Device works just for OpenBSD, FreeBSD or NetBSD
#endif
}
else
- end = " up";
+ end = "up";
- asprintf(&command, "/sbin/ifconfig %s %s netmask %s mtu %d%s", dev->actual_name_, dev->net_addr_,
- dev->net_mask_, dev->mtu_, end);
- if(!command) {
+ char* mtu_str = NULL;
+ asprintf(&mtu_str, "%d", dev->mtu_);
+ if(!mtu_str) {
log_printf(ERROR, "Execution of ifconfig failed");
return;
}
- int result = system(command);
- if(result == -1)
- log_printf(ERROR, "Execution of ifconfig failed");
- else
- log_printf(NOTICE, "ifconfig returned %d", WEXITSTATUS(result));
+ char* const argv[] = { "/sbin/ifconfig", dev->actual_name_, dev->net_addr_, "netmask", dev->net_mask_, "mtu", mtu_str, end, NULL };
+ char* const evp[] = { NULL };
+ uanytun_exec("/sbin/ifconfig", argv, evp);
- free(command);
+ free(mtu_str);
}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _CIPHER_H_
-#define _CIPHER_H_
+#ifndef UANYTUN_cipher_h_INCLUDED
+#define UANYTUN_cipher_h_INCLUDED
#ifndef NO_CRYPT
#ifndef USE_SSL_CRYPTO
# This file is part of uAnytun.
#
# uAnytun is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 3 as
-# published by the Free Software Foundation.
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# any later version.
#
# uAnytun is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
TARGET=`uname -s`
+EBUILD_COMPAT=0
+
CFLAGS='-g -O2'
LDFLAGS='-g -Wall -O2'
V4_MAPPED=1
PREFIX='/usr/local'
-USERNAME='uanytun'
-USERHOME='/var/run/uanytun'
+SBINDIR=''
+ETCDIR=''
+MANDIR=''
+INSTALLMANPAGE=1
+EXAMPLESDIR=''
+INSTALLEXAMPLES=1
print_usage() {
echo "configure --help print this"
echo " --target=<TARGET> build target i.e. Linux (default: autodetect)"
echo " --prefix=<PREFIX> the installation prefix (default: /usr/local)"
- echo " --username=<USERNAME> create this user when installing (default: uanytun)"
- echo " --userhome=<PATH> the home directory of the user to be created (default: /var/run/uanytun)"
+ echo " --sbindir=<DIR> the path to the sbin directory (default: $PREFIX/sbin)"
+ echo " --sysconfdir=<DIR> the path to the system configuration directory (default: $PREFIX/etc"
+ echo " --mandir=<DIR> the path to the system man pages (default: $PREFIX/share/man)"
+ echo " --no-manpage dont't install manpage"
+ echo " --examplesdir=<DIR> the path to the examples files (default: $PREFIX/share/examples)"
+ echo " --no-examples dont't install example files"
echo " --use-ssl-crypto use ssl crypto library instead of libgcrypt"
echo " --no-crypto disable crypto at all (only NULL cipher)"
echo " --disable-passphrase disable master key and salt passphrase"
--prefix=*)
PREFIX=${arg#--prefix=}
;;
- --username=*)
- USERNAME=${arg#--username=}
+ --sbindir=*)
+ SBINDIR=${arg#--sbindir=}
+ ;;
+ --sysconfdir=*)
+ ETCDIR=${arg#--sysconfdir=}
+ ;;
+ --mandir=*)
+ MANDIR=${arg#--mandir=}
;;
- --userhome=*)
- USERHOME=${arg#--userhome=}
+ --no-manpage)
+ INSTALLMANPAGE=0
+ ;;
+ --examplesdir=*)
+ EXAMPLESDIR=${arg#--examplesdir=}
+ ;;
+ --no-examples)
+ INSTALLEXAMPLES=0
;;
--use-ssl-crypto)
CRYPTO_LIB='ssl'
--enable-v4-mapped)
V4_MAPPED=2
;;
+ --ebuild-compat)
+ EBUILD_COMPAT=1
+ ;;
--help)
print_usage
exit 0
;;
*)
- echo "Unknown argument: $arg"
- print_usage
- exit 1
+ ERRORS="$ERRORS $arg"
;;
esac
done
+if [ -n "$ERRORS" ] && [ $EBUILD_COMPAT -ne 1 ]; then
+ for error in $ERRORS; do
+ echo "Unknown argument: $error"
+ done
+
+ print_usage
+ exit 1
+fi
+
+
rm -f include.mk
case $TARGET in
Linux)
echo "WARNING: disabling V4 mapped addresses, this prevents uanytun from using IPv6 and IPv4 Sockets at the same time"
fi
-if [ "x$PREFIX" = "x/usr" ]; then
- ETCDIR=/etc
-else
- ETCDIR=$PREFIX/etc
+if [ -z "$SBINDIR" ]; then
+ SBINDIR=$PREFIX/sbin
+fi
+
+if [ -z "$ETCDIR" ]; then
+ ETCDIR=$PREFIX/etc
+fi
+
+if [ -z "$MANDIR" ]; then
+ MANDIR=$PREFIX/share/man
+fi
+
+if [ -z "$EXAMPLESDIR" ]; then
+ EXAMPLESDIR=$PREFIX/share/examples
fi
cat >> include.mk <<EOF
CC := gcc
CFLAGS := $CFLAGS
LDFLAGS := $LDFLAGS
+STRIP := strip
+INSTALL := install
-SBINDIR := $PREFIX/sbin
-MANDIR := $PREFIX/share/man
+PREFIX := $PREFIX
+SBINDIR := $SBINDIR
ETCDIR := $ETCDIR
-USERNAME := $USERNAME
-USERHOME := $USERHOME
EOF
+if [ $INSTALLMANPAGE -eq 1 ]; then
+ echo "MANDIR := $MANDIR" >> include.mk
+ echo "installing manpage"
+else
+ echo "not installing manpage"
+fi
+
+if [ $INSTALLEXAMPLES -eq 1 ]; then
+ echo "EXAMPLESDIR := $EXAMPLESDIR" >> include.mk
+ echo "installing example files"
+else
+ echo "not installing example files"
+fi
+
exit 0
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _DAEMON_H_
-#define _DAEMON_H_
+#ifndef UANYTUN_daemon_h_INCLUDED
+#define UANYTUN_daemon_h_INCLUDED
#include <poll.h>
#include <fcntl.h>
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _DATATYPES_H_
-#define _DATATYPES_H_
+#ifndef UANYTUN_datatypes_h_INCLUDED
+#define UANYTUN_datatypes_h_INCLUDED
#include <stdint.h>
#include <arpa/inet.h>
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _ENCRYPTED_PACKET_H_
-#define _ENCRYPTED_PACKET_H_
+#ifndef UANYTUN_encrypted_packet_h_INCLUDED
+#define UANYTUN_encrypted_packet_h_INCLUDED
#define ENCRYPTED_PACKET_SIZE_MAX 1600
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _KEY_DERIVATION_H_
-#define _KEY_DERIVATION_H_
+#ifndef UANYTUN_key_derivation_h_INCLUDED
+#define UANYTUN_key_derivation_h_INCLUDED
#ifndef USE_SSL_CRYPTO
#include <gcrypt.h>
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
#define DEFAULT_DEVICE "/dev/net/tun"
#include "log.h"
+#include "sysexec.h"
int tun_init(tun_device_t* dev, const char* dev_name, const char* dev_type, const char* ifcfg_addr, u_int16_t ifcfg_prefix){
if(!dev)
if(!dev || !dev->actual_name_ || !dev->net_addr_ || !dev->net_mask_)
return;
- char* command = NULL;
- asprintf(&command, "/sbin/ifconfig %s %s netmask %s mtu %d", dev->actual_name_, dev->net_addr_, dev->net_mask_, dev->mtu_);
- if(!command) {
+ char* mtu_str = NULL;
+ asprintf(&mtu_str, "%d", dev->mtu_);
+ if(!mtu_str) {
log_printf(ERROR, "Execution of ifconfig failed");
return;
}
- int result = system(command);
- if(result == -1)
- log_printf(ERROR, "Execution of ifconfig failed");
- else
- log_printf(NOTICE, "ifconfig returned %d", WEXITSTATUS(result));
+ char* const argv[] = { "/sbin/ifconfig", dev->actual_name_, dev->net_addr_, "netmask", dev->net_mask_, "mtu", mtu_str, NULL };
+ char* const evp[] = { NULL };
+ uanytun_exec("/sbin/ifconfig", argv, evp);
- free(command);
+ free(mtu_str);
}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
for(i=0; i < len; i++) {
if(((i+1)*3) >= (MSG_LENGTH_MAX - offset))
break;
- sprintf(ptr, "%02X ", buf[i]);
+ snprintf(ptr, 3, "%02X ", buf[i]);
ptr+=3;
}
}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _LOG_H_
-#define _LOG_H_
+#ifndef UANYTUN_log_h_INCLUDED
+#define UANYTUN_log_h_INCLUDED
#define MSG_LENGTH_MAX 150
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
+#ifndef UANYTUN_log_targets_h_INCLUDED
+#define UANYTUN_log_targets_h_INCLUDED
+
+#include <time.h>
+
+static char* get_time_formatted()
+{
+ char* time_string;
+ time_t t = time(NULL);
+ if(t < 0)
+ time_string = "<time read error>";
+ else {
+ time_string = ctime(&t);
+ if(!time_string)
+ time_string = "<time format error>";
+ else {
+ char* newline = strchr(time_string, '\n');
+ if(newline)
+ newline[0] = 0;
+ }
+ }
+ return time_string;
+}
+
enum syslog_facility_enum { USER = LOG_USER, MAIL = LOG_MAIL,
DAEMON = LOG_DAEMON, AUTH = LOG_AUTH,
SYSLOG = LOG_SYSLOG, LPR = LOG_LPR,
if(!self || !self->param_ || !self->opened_)
return;
- fprintf(((log_target_file_param_t*)(self->param_))->file_, "%s-%s\n", log_prio_to_string(prio), msg);
+ fprintf(((log_target_file_param_t*)(self->param_))->file_, "%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg);
fflush(((log_target_file_param_t*)(self->param_))->file_);
}
void log_target_stdout_log(log_target_t* self, log_prio_t prio, const char* msg)
{
- printf("%s-%s\n", log_prio_to_string(prio), msg);
+ printf("%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg);
}
log_target_t* log_target_stdout_new()
void log_target_stderr_log(log_target_t* self, log_prio_t prio, const char* msg)
{
- fprintf(stderr, "%s-%s\n", log_prio_to_string(prio), msg);
+ fprintf(stderr, "%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg);
}
log_target_t* log_target_stderr_new()
return tmp;
}
+
+#endif
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
if(ipv6_only)
opt->resolv_addr_type_ = IPV6_ONLY;
+#ifndef NO_CRYPT
if(role) {
if(!strcmp(role, "alice") || !strcmp(role, "server") || !strcmp(role, "left"))
opt->role_ = ROLE_LEFT;
}
free(role);
}
+#endif
return 0;
}
#endif
printf(" [-K|--key] <master key> master key to use for encryption\n");
printf(" [-A|--salt] <master salt> master salt to use for encryption\n");
- printf(" [-e|--role] <role> left (alice) or right (bob)");
+ printf(" [-e|--role] <role> left (alice) or right (bob)\n");
printf(" [-c|--cipher] <cipher type> payload encryption algorithm\n");
printf(" [-a|--auth-algo] <algo type> message authentication algorithm\n");
printf(" [-b|--auth-tag-length] <length> length of the auth tag\n");
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _OPTIONS_H_
-#define _OPTIONS_H_
+#ifndef UANYTUN_options_h_INCLUDED
+#define UANYTUN_options_h_INCLUDED
#include "string_list.h"
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _PLAIN_PACKET_H_
-#define _PLAIN_PACKET_H_
+#ifndef UANYTUN_plain_packet_h_INCLUDED
+#define UANYTUN_plain_packet_h_INCLUDED
#define PLAIN_PACKET_SIZE_MAX 1600
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _SEQ_WINDOW_H_
-#define _SEQ_WINDOW_H_
+#ifndef UANYTUN_seq_window_h_INCLUDED
+#define UANYTUN_seq_window_h_INCLUDED
struct seq_win_element_struct {
sender_id_t sender_id_;
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
#include "log.h"
#include <signal.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/select.h>
+#include <errno.h>
+
#include "sig_handler.h"
-volatile sig_atomic_t signal_exit = 0;
+#include <stdio.h>
+
+
+static int sig_pipe_fds[2];
+
-void signal_init()
+static void sig_handler(int sig)
{
- signal(SIGINT, handle_signal);
- signal(SIGQUIT, handle_signal);
- signal(SIGTERM, handle_signal);
- signal(SIGHUP, handle_signal);
- signal(SIGUSR1, handle_signal);
- signal(SIGUSR2, handle_signal);
+ sigset_t set;
+ int ret = read(sig_pipe_fds[0], &set, sizeof(sigset_t));
+ if(ret != sizeof(sigset_t))
+ sigemptyset(&set);
+
+ sigaddset(&set, sig);
+ ret = write(sig_pipe_fds[1], &set, sizeof(sigset_t));
+}
+
+
+int signal_init()
+{
+ if(pipe(sig_pipe_fds)) {
+ log_printf(ERROR, "signal handling init failed (pipe error: %s)", strerror(errno));
+ return -1;
+ }
+
+ int i;
+ for(i=0; i<2; ++i) {
+ int fd_flags = fcntl(sig_pipe_fds[i], F_GETFL);
+ if(fd_flags == -1) {
+ log_printf(ERROR, "signal handling init failed (pipe fd[%d] read flags error: %s)", i, strerror(errno));
+ return -1;
+ }
+ if(fcntl(sig_pipe_fds[i], F_SETFL, fd_flags | O_NONBLOCK) == -1){
+ log_printf(ERROR, "signal handling init failed (pipe fd[%d] write flags error: %s)", i, strerror(errno));
+ return -1;
+ }
+ }
+
+ struct sigaction act;
+ act.sa_handler = sig_handler;
+ sigfillset(&act.sa_mask);
+ act.sa_flags = 0;
+
+ if((sigaction(SIGINT, &act, NULL) < 0) ||
+ (sigaction(SIGQUIT, &act, NULL) < 0) ||
+ (sigaction(SIGTERM, &act, NULL) < 0) ||
+ (sigaction(SIGHUP, &act, NULL) < 0) ||
+ (sigaction(SIGUSR1, &act, NULL) < 0) ||
+ (sigaction(SIGUSR2, &act, NULL) < 0)) {
+
+ log_printf(ERROR, "signal handling init failed (sigaction error: %s)", strerror(errno));
+ close(sig_pipe_fds[0]);
+ close(sig_pipe_fds[1]);
+ }
+
+ return sig_pipe_fds[0];
}
-void handle_signal(int sig)
+int signal_handle()
{
- switch(sig) {
- case SIGINT: log_printf(NOTICE, "SIG-Int caught, exitting"); signal_exit = 1; break;
- case SIGQUIT: log_printf(NOTICE, "SIG-Quit caught, exitting"); signal_exit = 1; break;
- case SIGTERM: log_printf(NOTICE, "SIG-Term caught, exitting"); signal_exit = 1; break;
- case SIGHUP: log_printf(NOTICE, "SIG-Hup caught"); break;
- case SIGUSR1: log_printf(NOTICE, "SIG-Usr1 caught"); break;
- case SIGUSR2: log_printf(NOTICE, "SIG-Usr2 caught"); break;
- default: log_printf(NOTICE, "Signal %d caught, ignoring", sig); break;
+ sigset_t set, oldset, tmpset;
+
+ sigemptyset(&tmpset);
+ sigaddset(&tmpset, SIGINT);
+ sigaddset(&tmpset, SIGQUIT);
+ sigaddset(&tmpset, SIGTERM);
+ sigaddset(&tmpset, SIGHUP);
+ sigaddset(&tmpset, SIGUSR1);
+ sigaddset(&tmpset, SIGUSR2);
+ sigprocmask(SIG_BLOCK, &tmpset, &oldset);
+
+ int ret = read(sig_pipe_fds[0], &set, sizeof(sigset_t));
+ if(ret != sizeof(sigset_t))
+ sigemptyset(&set);
+
+ int return_value = 0;
+ int sig;
+ for(sig=1; sig < NSIG; ++sig) {
+ if(sigismember(&set, sig)) {
+ switch(sig) {
+ case SIGINT: log_printf(NOTICE, "SIG-Int caught, exitting"); return_value = 1; break;
+ case SIGQUIT: log_printf(NOTICE, "SIG-Quit caught, exitting"); return_value = 1; break;
+ case SIGTERM: log_printf(NOTICE, "SIG-Term caught, exitting"); return_value = 1; break;
+ case SIGHUP: log_printf(NOTICE, "SIG-Hup caught"); break;
+ case SIGUSR1: log_printf(NOTICE, "SIG-Usr1 caught"); break;
+ case SIGUSR2: log_printf(NOTICE, "SIG-Usr2 caught"); break;
+ default: log_printf(WARNING, "unknown signal %d caught, ignoring", sig); break;
+ }
+ sigdelset(&set, sig);
+ }
}
+
+ sigprocmask(SIG_SETMASK, &oldset, NULL);
+ return return_value;
+}
+
+void signal_stop()
+{
+ struct sigaction act;
+ act.sa_handler = SIG_DFL;
+ sigemptyset(&act.sa_mask);
+ act.sa_flags = 0;
+
+ sigaction(SIGINT, &act, NULL);
+ sigaction(SIGQUIT, &act, NULL);
+ sigaction(SIGTERM, &act, NULL);
+ sigaction(SIGHUP, &act, NULL);
+ sigaction(SIGUSR1, &act, NULL);
+ sigaction(SIGUSR2, &act, NULL);
+
+ close(sig_pipe_fds[0]);
+ close(sig_pipe_fds[1]);
}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _SIG_HANDLER_H_
-#define _SIG_HANDLER_H_
+#ifndef UANYTUN_sig_handler_h_INCLUDED
+#define UANYTUN_sig_handler_h_INCLUDED
-#include <signal.h>
-
-extern volatile sig_atomic_t signal_exit;
-
-void signal_init();
-void handle_signal(int sig);
+int signal_init();
+int signal_handle();
+void signal_stop();
#endif
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
tmp->next_->next_ = 0;
tmp->next_->string_ = strdup(string);
if(!tmp->next_->string_) {
- free(list->first_);
- list->first_ = NULL;
+ free(tmp->next_);
+ tmp->next_ = NULL;
return -2;
}
}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _STRING_LIST_H_
-#define _STRING_LIST_H_
+#ifndef UANYTUN_string_list_h_INCLUDED
+#define UANYTUN_string_list_h_INCLUDED
struct string_list_element_struct {
char* string_;
--- /dev/null
+/*
+ * uAnytun
+ *
+ * uAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation uAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of uAnytun.
+ *
+ * uAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
+ *
+ * uAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "datatypes.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <sys/wait.h>
+#include <sys/select.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "sysexec.h"
+#include "log.h"
+
+int uanytun_exec(const char* script, char* const argv[], char* const evp[])
+{
+ if(!script)
+ return -1;
+
+ int pipefd[2];
+ if(pipe(pipefd) == -1) {
+ log_printf(ERROR, "executing script '%s' pipe() error: %s", script, strerror(errno));
+ return -1;
+ }
+
+ pid_t pid;
+ pid = fork();
+ if(pid == -1) {
+ log_printf(ERROR, "executing script '%s' fork() error: %s", script, strerror(errno));
+ return -1;
+ }
+
+ if(!pid) {
+ int fd;
+ for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
+ if(fd != pipefd[1]) close(fd);
+
+ fd = open("/dev/null",O_RDWR); // stdin
+ if(fd == -1)
+ log_printf(WARNING, "can't open stdin");
+ else {
+ if(dup(fd) == -1) // stdout
+ log_printf(WARNING, "can't open stdout");
+ if(dup(fd) == -1) // stderr
+ log_printf(WARNING, "can't open stderr");
+ }
+ execve(script, argv, evp);
+ // if execve returns, an error occurred, but logging doesn't work
+ // because we closed all file descriptors, so just write errno to
+ // pipe and call exit
+ write(pipefd[1], (void*)(&errno), sizeof(errno));
+ exit(-1);
+ }
+ close(pipefd[1]);
+
+ int status = 0;
+ waitpid(pid, &status, 0);
+
+ fd_set rfds;
+ FD_ZERO(&rfds);
+ FD_SET(pipefd[0], &rfds);
+ struct timeval tv = { 0 , 0 };
+ if(select(pipefd[0]+1, &rfds, NULL, NULL, &tv) == 1) {
+ int err = 0;
+ if(read(pipefd[0], (void*)(&err), sizeof(err)) >= sizeof(err)) {
+ log_printf(NOTICE, "script '%s' exec() error: %s", script, strerror(err));
+ close(pipefd[0]);
+ return -1;
+ }
+ }
+ if(WIFEXITED(status))
+ log_printf(NOTICE, "script '%s' returned %d", script, WEXITSTATUS(status));
+ else if(WIFSIGNALED(status))
+ log_printf(NOTICE, "script '%s' terminated after signal %d", script, WTERMSIG(status));
+ else
+ log_printf(ERROR, "executing script '%s': unkown error", script);
+
+ close(pipefd[0]);
+ return status;
+}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _SYSEXEC_H_
-#define _SYSEXEC_H_
+#ifndef UANYTUN_sysexec_h_INCLUDED
+#define UANYTUN_sysexec_h_INCLUDED
-int exec_script(const char* script, const char* ifname)
-{
- if(!script || !ifname)
- return -1;
-
- pid_t pid;
- pid = fork();
- if(!pid) {
- int fd;
- for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
- close(fd);
-
- fd = open("/dev/null",O_RDWR); // stdin
- if(fd == -1)
- log_printf(WARNING, "can't open stdin");
- else {
- if(dup(fd) == -1) // stdout
- log_printf(WARNING, "can't open stdout");
- if(dup(fd) == -1) // stderr
- log_printf(WARNING, "can't open stderr");
- }
- execl("/bin/sh", "/bin/sh", script, ifname, NULL);
- // if execl return, an error occurred
- log_printf(ERROR, "error on executing script: %s", strerror(errno));
- return -1;
- }
- int status = 0;
- waitpid(pid, &status, 0);
- if(WIFEXITED(status))
- log_printf(NOTICE, "script '%s' returned %d", script, WEXITSTATUS(status));
- else if(WIFSIGNALED(status))
- log_printf(NOTICE, "script '%s' terminated after signal %d", script, WTERMSIG(status));
- else
- log_printf(ERROR, "executing script: unkown error");
-
- return status;
-
-}
+int uanytun_exec(const char* script, char* const argv[], char* const evp[]);
#endif
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _TUN_H_
-#define _TUN_H_
+#ifndef UANYTUN_tun_h_INCLUDED
+#define UANYTUN_tun_h_INCLUDED
#include <stdlib.h>
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _TUN_HELPER_H_
-#define _TUN_HELPER_H_
+#ifndef UANYTUN_tun_helper_h_INCLUDED
+#define UANYTUN_tun_helper_h_INCLUDED
#include <string.h>
#include <sys/socket.h>
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
encrypted_packet_t encrypted_packet;
encrypted_packet_init(&encrypted_packet, opt->auth_tag_length_);
seq_nr_t seq_nr = 0;
- fd_set readfds;
+ fd_set readfds, readyfds;
cipher_t c;
auth_algo_t aa;
if(ret)
return ret;
- signal_init();
+ FD_ZERO(&readfds);
+ FD_SET(dev->fd_, &readfds);
+ FD_SET(sock->fd_, &readfds);
+ int nfds = dev->fd_ > sock->fd_ ? dev->fd_ : sock->fd_;
+
int return_value = 0;
- while(!return_value) {
- FD_ZERO(&readfds);
- FD_SET(dev->fd_, &readfds);
- FD_SET(sock->fd_, &readfds);
- int nfds = dev->fd_ > sock->fd_ ? dev->fd_+1 : sock->fd_+1;
+ int sig_fd = signal_init();
+ if(sig_fd < 0)
+ return_value -1;
- int ret = select(nfds, &readfds, NULL, NULL, NULL);
+ FD_SET(sig_fd, &readfds);
+ nfds = (nfds < sig_fd) ? sig_fd : nfds;
+
+ while(!return_value) {
+ memcpy(&readyfds, &readfds, sizeof(readyfds));
+ int ret = select(nfds + 1, &readyfds, NULL, NULL, NULL);
if(ret == -1 && errno != EINTR) {
log_printf(ERROR, "select returned with error: %s", strerror(errno));
return_value = -1;
break;
}
- if(!ret)
+ if(!ret || ret == -1)
continue;
- if(signal_exit) {
- return_value = 1;
- break;
+ if(FD_ISSET(sig_fd, &readyfds)) {
+ if(signal_handle()) {
+ return_value = 1;
+ break;
+ }
}
- if(FD_ISSET(dev->fd_, &readfds)) {
+ if(FD_ISSET(dev->fd_, &readyfds)) {
return_value = process_tun_data(dev, sock, opt, &plain_packet, &encrypted_packet, &c, &aa, &kd, seq_nr);
seq_nr++;
if(return_value)
break;
}
- if(FD_ISSET(sock->fd_, &readfds)) {
+ if(FD_ISSET(sock->fd_, &readyfds)) {
return_value = process_sock_data(dev, sock, opt, &plain_packet, &encrypted_packet, &c, &aa, &kd, &seq_win);
if(return_value)
break;
key_derivation_close(&kd);
#endif
seq_win_clear(&seq_win);
+ signal_stop();
return return_value;
}
if(opt.post_up_script_) {
log_printf(NOTICE, "executing post-up script '%s'", opt.post_up_script_);
- int ret = exec_script(opt.post_up_script_, dev.actual_name_);
+ char* const argv[] = { opt.post_up_script_, dev.actual_name_, NULL };
+ char* const evp[] = { NULL };
+ int ret = uanytun_exec(opt.post_up_script_, argv, evp);
}
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* This file is part of uAnytun.
*
* uAnytun is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3 as
- * published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * any later version.
*
* uAnytun is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _UDP_H_
-#define _UDP_H_
+#ifndef UANYTUN_udp_h_INCLUDED
+#define UANYTUN_udp_h_INCLUDED
#include "options.h"