Imported Upstream version 0.3.2

diff --git a/ChangeLog b/ChangeLog
index 2034049..edeb953 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2009.12.02 -- Version 0.3.2
+
+* clenaups and improvements at configure and install target of Makefile
+* manpage cleanups
+* moved to new svn location
+
+2009.11.08 -- Version 0.3.1
+
+* switched to GPLv3 or higher
+* improved script execution
+* added signal handling without races
+* all log_targets print time now too
+       

 2009.05.01 -- Version 0.3
 
 * updated to new protocol specification (extended label and crypto role)
 2009.05.01 -- Version 0.3
 
 * updated to new protocol specification (extended label and crypto role)

diff --git a/LICENSE b/LICENSE
index 72582db..1406bb5 100644 (file)
--- a/LICENSE
+++ b/LICENSE
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/README b/README
index a5bc7ee..00a88bc 100644 (file)
--- a/README
+++ b/README
@@ -5,6 +5,7 @@ uAnytun can be built by using either libgcrypt or the openssl-crypto library.
 The latter is more performant in most cases but there are some license 
 issues when using this library. It also needs more space when installed.
 
 The latter is more performant in most cases but there are some license 
 issues when using this library. It also needs more space when installed.
 

+

 Linux
 -----
 
 Linux
 -----
 


@@ -18,19 +19,31 @@ using ssl crypto library:
  build-essential
  libssl-dev
 
  build-essential
  libssl-dev
 

+only for manpage:
+
+ asciidoc
+

 
 OpenBSD/FreeBSD
 ---------------
 
 using libgcrypt:
 
 
 OpenBSD/FreeBSD
 ---------------
 
 using libgcrypt:
 

- gmake
- libgcrypt
- libgpg-error
+ devel/gmake
+ security/libgcrypt

 
 using ssl crypto library:
 
 
 using ssl crypto library:
 

- gmake
+ devel/gmake
+
+only for manpage:
+
+ textproc/asciidoc
+ textproc/libxslt
+ textproc/docbook-xsl
+ sysutils/readlink
+ misc/getopt 
+

 
 
 Installation
 
 
 Installation


@@ -38,7 +51,10 @@ Installation
 
 Getting the source via subversion:
 ----------------------------------
 
 Getting the source via subversion:
 ----------------------------------

-svn co https://svn.chaos-at-home.org/uanytun/trunk uanytun
+
+svn co https://svn.anytun.org/uanytun/trunk uanytun
+cd uanytun
+

 
 Building from source
 --------------------
 
 Building from source
 --------------------


@@ -55,7 +71,6 @@ using ssl crypto library:
 # ./configure --use-ssl-crypto
 # make
 
 # ./configure --use-ssl-crypto
 # make
 

-

 Notes: 
   - try './configure --help' for further information
   - if using openssl pre 0.9.8 you have to disable passphrase
 Notes: 
   - try './configure --help' for further information
   - if using openssl pre 0.9.8 you have to disable passphrase


@@ -70,8 +85,7 @@ Installing
 # sudo make install
 
 This will install anytun under the --prefix defined with configure.
 # sudo make install
 
 This will install anytun under the --prefix defined with configure.

-It also creates a user with name --username  with home --userhome 
-which can be changed by configure as well.
+

 
 Uninstalling
 ------------
 
 Uninstalling
 ------------


@@ -82,5 +96,30 @@ This removes everytthing except for the config files
 
 # sudo make purge
 
 
 # sudo make purge
 

-This also removes the config files and deletes the user and it's
-home directory.
+This also removes the config files
+
+
+
+Usage:
+======
+
+init.d script
+-------------
+
+The init.d script can be used to start uanytun at boot time. It searches for 
+configuration files which reside at $CONFIG_DIR. For each instance of uanytun
+which should be started there must be a directory containing at least a file
+named config. This file must contain all command line parameter which should
+be used when starting the daemon. One line for each parameter. Empty lines and
+lines starting with # are ignored. Besides the config file there may be a script
+named post-up.sh which will be called when the tun/tap device comes up. 
+This is an example of how the init.d script can be used to start uanytun:
+
+# /etc/init.d/uanytun start client1 p2p-a
+
+In this case the script will start 2 instances of uanytun using the config files
+$CONFIG_DIR/client1/config and $CONFIG_DIR/p2p-a/config. 
+If no instance name is specified the script will use the file $CONFIG_DIR/autostart
+to determine which instances to start or stop. This file must contain a list 
+of instance names which should be used when no names are specified at the command 
+line. One line for each name. Empty lines and lines starting with # are ignored.

diff --git a/doc/Makefile b/doc/Makefile
index f49deda..97db23e 100644 (file)
--- a/doc/Makefile
+++ b/doc/Makefile
@@ -20,8 +20,9 @@
 ##  This file is part of uAnytun.
 ##
 ##  uAnytun is free software: you can redistribute it and/or modify
 ##  This file is part of uAnytun.
 ##
 ##  uAnytun is free software: you can redistribute it and/or modify

-##  it under the terms of the GNU General Public License version 3 as
-##  published by the Free Software Foundation.
+##  it under the terms of the GNU General Public License as published by
+##  the Free Software Foundation, either version 3 of the License, or
+##  any later version.

 ##
 ##  uAnytun is distributed in the hope that it will be useful,
 ##  but WITHOUT ANY WARRANTY; without even the implied warranty of
 ##
 ##  uAnytun is distributed in the hope that it will be useful,
 ##  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,10 +33,18 @@
 ##  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
 ##
 
 ##  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
 ##
 

+VERSION=$(shell cat ../version)
+
+.PHONY: clean 
+

 all: manpage
 
 uanytun.8: uanytun.8.txt
 all: manpage
 
 uanytun.8: uanytun.8.txt

-       a2x -f manpage uanytun.8.txt
+       a2x -f manpage $<
+       @ sed -i -e 's/\[FIXME: source\]/uanytun ${VERSION}/' $@
+       @ sed -i -e 's/\[FIXME: manual\]/uanytun user manual/' $@
+       @ sed -i -e 's/^uanytun$$/\\fBuanytun\\fR/' $@
+       @ sed -i -e 's/^  \[ \([^ ]*\)/  [ \\fB\1\\fR/' $@

 
 manpage: uanytun.8
 
 
 manpage: uanytun.8
 

diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt
index 311c54a..1ed21ca 100644 (file)
--- a/doc/uanytun.8.txt
+++ b/doc/uanytun.8.txt
@@ -3,40 +3,45 @@ uanytun(8)
 
 NAME
 ----
 
 NAME
 ----

+

 uanytun - micro anycast tunneling daemon
 
 uanytun - micro anycast tunneling daemon
 

+

 SYNOPSIS
 --------
 
 SYNOPSIS
 --------
 

-*uanytun*
-[ *-h|--help* ]
-[ *-D|--nodaemonize* ]
-[ *-u|--username* <username> ]
-[ *-g|--groupname* <groupname> ]
-[ *-C|--chroot* <path> ]
-[ *-P|--write-pid* <filename> ]
-[ *-L|--log* <target>:<level>[,<param1>[,<param2>[..]]] ]
-[ *-i|--interface* <ip-address> ]
-[ *-p|--port* <port> ]
-[ *-r|--remote-host* <hostname|ip> ]
-[ *-o|--remote-port* <port> ]
-[ *-4|--ipv4-only* ]
-[ *-6|--ipv6-only* ]
-[ *-d|--dev* <name> ]
-[ *-t|--type* <tun|tap> ]
-[ *-n|--ifconfig* <local>/<prefix> ]
-[ *-x|--post-up-script* <script> ]
-[ *-m|--mux* <mux-id> ]
-[ *-s|--sender-id* <sender id> ]
-[ *-w|--window-size* <window size> ]
-[ *-k|--kd-prf* <kd-prf type> ]
-[ *-e|--role <role>* ]
-[ *-E|--passphrase* <pass phrase> ]
-[ *-K|--key* <master key> ]
-[ *-A|--salt* <master salt> ]
-[ *-c|--cipher* <cipher type> ]
-[ *-a|--auth-algo* <algo type> ]
-[ *-b|--auth-tag-length* <length> ]
+....
+uanytun
+  [ -h|--help ]
+  [ -D|--nodaemonize ]
+  [ -u|--username <username> ]
+  [ -g|--groupname <groupname> ]
+  [ -C|--chroot <path> ]
+  [ -P|--write-pid <filename> ]
+  [ -L|--log <target>:<level>[,<param1>[,<param2>[..]]] ]
+  [ -i|--interface <ip-address> ]
+  [ -p|--port <port> ]
+  [ -r|--remote-host <hostname|ip> ]
+  [ -o|--remote-port <port> ]
+  [ -4|--ipv4-only ]
+  [ -6|--ipv6-only ]
+  [ -d|--dev <name> ]
+  [ -t|--type <tun|tap> ]
+  [ -n|--ifconfig <local>/<prefix> ]
+  [ -x|--post-up-script <script> ]
+  [ -m|--mux <mux-id> ]
+  [ -s|--sender-id <sender id> ]
+  [ -w|--window-size <window size> ]
+  [ -k|--kd-prf <kd-prf type> ]
+  [ -e|--role <role> ]
+  [ -E|--passphrase <pass phrase> ]
+  [ -K|--key <master key> ]
+  [ -A|--salt <master salt> ]
+  [ -c|--cipher <cipher type> ]
+  [ -a|--auth-algo <algo type> ]
+  [ -b|--auth-tag-length <length> ]
+....
+

 
 DESCRIPTION
 -----------
 
 DESCRIPTION
 -----------


@@ -50,6 +55,7 @@ uAnytun has no support for multiple connections or synchronisation. It is a
 small single threaded implementation intended to act as a client on small 
 platforms.
 
 small single threaded implementation intended to act as a client on small 
 platforms.
 

+

 OPTIONS
 -------
 
 OPTIONS
 -------
 


@@ -57,260 +63,183 @@ OPTIONS
 no difference between client and server. The following options can be
 passed to the daemon:
 
 no difference between client and server. The following options can be
 passed to the daemon:
 

--D|--nodaemonize
-~~~~~~~~~~~~~~~~
-
-This option instructs *uAnytun* to run in foreground
-instead of becoming a daemon which is the default.
-
--u|--username <username>
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-run as this user. If no group is specified (*-g*) the default group of 
-the user is used. The default is to not drop privileges.
-
--g|--groupname <groupname>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-run as this group. If no username is specified (*-u*) this gets ignored.
-The default is to not drop privileges.
-
--C|--chroot <path>
-~~~~~~~~~~~~~~~~~~
-
-Instruct *uAnytun* to run in a chroot jail. The default is 
-to not run in chroot.
-
--P|--write-pid <filename>
-~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Instruct *uAnytun* to write it's pid to this file. The default is 
-to not create a pid file.
-
--L|--log <target>:<level>[,<param1>[,<param2>[..]]]
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-add log target to logging system. This can be invoked several times
-in order to log to different targets at the same time. Every target 
-hast its own log level which is a number between 0 and 5. Where 0 means
-disabling log and 5 means debug messages are enabled.
-
-The following targets are supported:
-
-* *syslog* - log to syslog daemon, parameters <level>[,<logname>[,<facility>]]
-* *file* - log to file, parameters <level>[,<path>]
-* *stdout* - log to standard output, parameters <level>
-* *stderr* - log to standard error, parameters <level> 
-
-The file target can be used more the once with different levels.
-If no target is provided at the command line a single target with the 
-following config is added:
-
-*syslog:3,uanytun,daemon*
-
-
--i|--interface <ip address>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-This IP address is used as the sender address for outgoing
-packets. The default is to not use a special inteface and just
-bind on all interfaces.
-
--p|--port <port>
-~~~~~~~~~~~~~~~~
-
-local port to bind to
-
-The local UDP port that is used to send and receive the
-payload data. The two tunnel endpoints can use different
-ports. default: 4444
-
--r|--remote-host <hostname|ip>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-remote host
-
-This option can be used to specify the remote tunnel
-endpoint. In case of anycast tunnel endpoints, the
-anycast IP address has to be used. If you do not specify
-an address, it is automatically determined after receiving
-the first data packet.
-
--o|--remote-port <port>
-~~~~~~~~~~~~~~~~~~~~~~~
-
-remote port
-
-The UDP port used for payload data by the remote host
-(specified with -p on the remote host). If you do not specify
-a port, it is automatically determined after receiving
-the first data packet.
-
--4|--ipv4-only
-~~~~~~~~~~~~~~
-
-Resolv to IPv4 addresses only. The default is to resolv both
-IPv4 and IPv6 addresses.
-
--6|--ipv6-only
-~~~~~~~~~~~~~~
-
-Resolv to IPv6 addresses only. The default is to resolv both
-IPv4 and IPv6 addresses.
-
--d|--dev <name>
-~~~~~~~~~~~~~~~
-
-device name
-
-By default, tapN is used for Ethernet tunnel interfaces,
-and tunN for IP tunnels, respectively. This option can
-be used to manually override these defaults.
-
--t|--type <tun|tap>
-~~~~~~~~~~~~~~~~~~~
-
-device type
-
-Type of the tunnels to create. Use tap for Ethernet
-tunnels, tun for IP tunnels.
-
--n|--ifconfig <local>/<prefix>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-*<local>* the local IP address for the tun/tap device
+*-D, --nodaemonize*::
+   This option instructs *uAnytun* to run in foreground
+   instead of becoming a daemon which is the default.
+
+*-u, --username <username>*::
+   run as this user. If no group is specified (*-g*) the default group of 
+   the user is used. The default is to not drop privileges.
+
+*-g, --groupname <groupname>*::
+   run as this group. If no username is specified (*-u*) this gets ignored.
+   The default is to not drop privileges.
+
+*-C, --chroot <path>*::
+   Instruct *uAnytun* to run in a chroot jail. The default is 
+   to not run in chroot.
+
+*-P, --write-pid <filename>*::
+   Instruct *uAnytun* to write it's pid to this file. The default is 
+   to not create a pid file.
+
+*-L, --log <target>:<level>[,<param1>[,<param2>[..]]]*::
+   add log target to logging system. This can be invoked several times
+   in order to log to different targets at the same time. Every target 
+   hast its own log level which is a number between 0 and 5. Where 0 means
+   disabling log and 5 means debug messages are enabled. +
+   The file target can be used more the once with different levels.
+   If no target is provided at the command line a single target with the 
+   config *syslog:3,uanytun,daemon* is added. +
+   The following targets are supported:
+
+   *syslog*;; log to syslog daemon, parameters <level>[,<logname>[,<facility>]]
+   *file*;; log to file, parameters <level>[,<path>]
+   *stdout*;; log to standard output, parameters <level>
+   *stderr*;; log to standard error, parameters <level> 
+
+*-i, --interface <ip address>*::
+   This IP address is used as the sender address for outgoing
+   packets. The default is to not use a special inteface and just
+   bind on all interfaces.
+
+*-p, --port <port>*::
+   The local UDP port that is used to send and receive the
+   payload data. The two tunnel endpoints can use different
+   ports. default: 4444
+
+*-r, --remote-host <hostname|ip>*::
+   This option can be used to specify the remote tunnel
+   endpoint. In case of anycast tunnel endpoints, the
+   anycast IP address has to be used. If you do not specify
+   an address, it is automatically determined after receiving
+   the first data packet.
+
+*-o, --remote-port <port>*::
+   The UDP port used for payload data by the remote host
+   (specified with -p on the remote host). If you do not specify
+   a port, it is automatically determined after receiving
+   the first data packet.
+
+*-4, --ipv4-only*::
+   Resolv to IPv4 addresses only. The default is to resolv both
+   IPv4 and IPv6 addresses.
+
+*-6, --ipv6-only*::
+   Resolv to IPv6 addresses only. The default is to resolv both
+   IPv4 and IPv6 addresses.
+
+*-d, --dev <name>*::
+   device name +
+   By default, tapN is used for Ethernet tunnel interfaces,
+   and tunN for IP tunnels, respectively. This option can
+   be used to manually override these defaults.
+
+*-t, --type <tun|tap>*::
+   device type +
+   Type of the tunnels to create. Use tap for Ethernet
+   tunnels, tun for IP tunnels.
+
+*-n, --ifconfig <local>/<prefix>*::
+   The local IP address and prefix length. The remote tunnel endpoint
+   has to use a different IP address in the same subnet.
+
+   *<local>*;; the local IP address for the tun/tap device
+   *<prefix>*;; the prefix length of the network
+
+*-x, --post-up-script <script>*::
+   This option instructs *uAnytun* to run this script after the interface 
+   is created. By default no script will be executed.
+
+*-m, --mux <mux-id>*::
+   the multiplex id to use. default: 0
+
+*-s, --sender-id  <sender id>*::
+   Each anycast tunnel endpoint needs a unique sender id
+   (1, 2, 3, ...). It is needed to distinguish the senders
+   in case of replay attacks. As *uAnytun* does not support 
+   synchronisation it can't be used as an anycast endpoint therefore 
+   this option is quite useless but implemented for compability 
+   reasons. default: 0
+
+*-w, --window-size <window size>*::
+   seqence window size +
+   Sometimes, packets arrive out of order on the receiver
+   side. This option defines the size of a list of received
+   packets' sequence numbers. If, according to this list,
+   a received packet has been previously received or has
+   been transmitted in the past, and is therefore not in
+   the list anymore, this is interpreted as a replay attack
+   and the packet is dropped. A value of 0 deactivates this
+   list and, as a consequence, the replay protection employed
+   by filtering packets according to their secuence number.
+   By default the sequence window is disabled and therefore a
+   window size of 0 is used.
+
+*-k, --kd--prf <kd-prf type>*::
+   key derivation pseudo random function +
+   The pseudo random function which is used for calculating the 
+   session keys and session salt. +
+   Possible values:
+
+   *null*;; no random function, keys and salt are set to 0..00
+   *aes-ctr*;; AES in counter mode with 128 Bits, default value
+   *aes-ctr-128*;; AES in counter mode with 128 Bits
+   *aes-ctr-192*;; AES in counter mode with 192 Bits
+   *aes-ctr-256*;; AES in counter mode with 256 Bits
+
+*-e, --role <role>*::
+   SATP uses different session keys for inbound and outbound traffic. The
+   role parameter is used to determine which keys to use for outbound or
+   inbound packets. On both sides of a vpn connection different roles have 
+   to be used. Possible values are *left* and *right*. You may also use 
+   *alice* or *server* as a replacement for *left* and *bob* or *client* as 
+   a replacement for *right*. By default *left* is used.
+
+*-E, --passphrase <pass phrase>*::
+   This passphrase is used to generate the master key and master salt.
+   For the master key the last n bits of the SHA256 digest of the 
+   passphrase (where n is the length of the master key in bits) is used. 
+   The master salt gets generated with the SHA1 digest. 
+   You may force a specific key and or salt by using *--key* and *--salt*.
+
+*-K, --key <master key>*::
+   master key to use for key derivation +
+   Master key in hexadecimal notation, e.g.
+   01a2b3c4d5e6f708a9b0cadbecfd0fa1, with a mandatory length
+   of 32, 48 or 64 characters (128, 192 or 256 bits).
+
+*-A, --salt <master salt>*::
+   master salt to use for key derivation +
+   Master salt in hexadecimal notation, e.g.
+   01a2b3c4d5e6f708a9b0cadbecfd, with a mandatory length
+   of 28 characters (14 bytes).
+
+*-c, --cipher <cipher type>*::
+   payload encryption algorithm +
+   Encryption algorithm used for encrypting the payload +
+   Possible values:
+
+   *null*;; no encryption
+   *aes-ctr*;; AES in counter mode with 128 Bits, default value
+   *aes-ctr-128*;; AES in counter mode with 128 Bits
+   *aes-ctr-192*;; AES in counter mode with 192 Bits
+   *aes-ctr-256*;; AES in counter mode with 256 Bits
+
+*-a, --auth-algo <algo type>*::
+   message authentication algorithm +
+   This option sets the message authentication algorithm. +
+   If HMAC-SHA1 is used, the packet length is increased. The additional bytes 
+   contain the authentication data. see *--auth-tag-length* for more info. +
+   Possible values:
+
+   *null*;; no message authentication
+   *sha1*;; HMAC-SHA1, default value
+
+*-b, --auth-tag-length <length>*::
+   The number of bytes to use for the auth tag. This value defaults to 10 bytes 
+   unless the *null* auth algo is used in which case it defaults to 0. 

 
 

-*<prefix>* the prefix length of the network
-
-The local IP address and prefix length. The remote tunnel endpoint
-has to use a different IP address in the same subnet.
-
--x|--post-up-script <script>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-This option instructs *uAnytun* to run this script after the interface 
-is created. By default no script will be executed.
-
--m|--mux <mux-id>
-~~~~~~~~~~~~~~~~~
-
-the multiplex id to use. default: 0
-
--s|--sender-id  <sender id>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Each anycast tunnel endpoint needs a unique sender id
-(1, 2, 3, ...). It is needed to distinguish the senders
-in case of replay attacks. As *uAnytun* does not support 
-synchronisation it can't be used as an anycast endpoint therefore 
-this option is quite useless but implemented for compability 
-reasons. default: 0
-
--w|--window-size <window size>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-seqence window size
-
-Sometimes, packets arrive out of order on the receiver
-side. This option defines the size of a list of received
-packets' sequence numbers. If, according to this list,
-a received packet has been previously received or has
-been transmitted in the past, and is therefore not in
-the list anymore, this is interpreted as a replay attack
-and the packet is dropped. A value of 0 deactivates this
-list and, as a consequence, the replay protection employed
-by filtering packets according to their secuence number.
-By default the sequence window is disabled and therefore a
-window size of 0 is used.
-
--k|--kd--prf <kd-prf type>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-key derivation pseudo random function.
-
-The pseudo random function which is used for calculating the 
-session keys and session salt.
-
-Possible values:
-
-* *null* - no random function, keys and salt are set to 0..00
-* *aes-ctr* - AES in counter mode with 128 Bits, default value
-* *aes-ctr-128* - AES in counter mode with 128 Bits
-* *aes-ctr-192* - AES in counter mode with 192 Bits
-* *aes-ctr-256* - AES in counter mode with 256 Bits
-
--e|--role <role>
-~~~~~~~~~~~~~~~~
-
-SATP uses different session keys for inbound and outbound traffic. The
-role parameter is used to determine which keys to use for outbound or
-inbound packets. On both sides of a vpn connection different roles have 
-to be used. Possible values are *left* and *right*. You may also use 
-*alice* or *server* as a replacement for *left* and *bob* or *client* as 
-a replacement for *right*. By default *left* is used.
-
--E|--passphrase <pass phrase>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-This passphrase is used to generate the master key and master salt.
-For the master key the last n bits of the SHA256 digest of the 
-passphrase (where n is the length of the master key in bits) is used. 
-The master salt gets generated with the SHA1 digest. 
-You may force a specific key and or salt by using *--key* and *--salt*.
-
--K|--key <master key>
-~~~~~~~~~~~~~~~~~~~~~
-
-master key to use for key derivation
-
-Master key in hexadecimal notation, eg
-01a2b3c4d5e6f708a9b0cadbecfd0fa1, with a mandatory length
-of 32, 48 or 64 characters (128, 192 or 256 bits).
-
--A|--salt <master salt>
-~~~~~~~~~~~~~~~~~~~~~~~
-
-master salt to use for key derivation
-
-Master salt in hexadecimal notation, eg
-01a2b3c4d5e6f708a9b0cadbecfd, with a mandatory length
-of 28 characters (14 bytes).
-
--c|--cipher <cipher type>
-~~~~~~~~~~~~~~~~~~~~~~~~~
-
-payload encryption algorithm
-
-Encryption algorithm used for encrypting the payload
-
-Possible values:
-
-* *null* - no encryption
-* *aes-ctr* - AES in counter mode with 128 Bits, default value
-* *aes-ctr-128* - AES in counter mode with 128 Bits
-* *aes-ctr-192* - AES in counter mode with 192 Bits
-* *aes-ctr-256* - AES in counter mode with 256 Bits
-
--a|--auth-algo <algo type>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-message authentication algorithm
-
-This option sets the message authentication algorithm.
-
-Possible values:
-
-* *null* - no message authentication
-* *sha1* - HMAC-SHA1, default value
-
-If HMAC-SHA1 is used, the packet length is increased. The additional bytes 
-contain the authentication data. see *-b|--auth-tag-length* for more info.
-
--b|--auth-tag-length <length>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-The number of bytes to use for the auth tag. This value defaults to 10 bytes 
-unless the *null* auth algo is used in which case it defaults to 0. 

 
 EXAMPLES
 --------
 
 EXAMPLES
 --------


@@ -329,7 +258,6 @@ Host B:
 uanytun -r hosta.example.com -t tun -n 192.168.123.2/30 -c aes-ctr-256 -k aes-ctr-256 \
         -E have_a_very_safe_and_productive_day -e right
 
 uanytun -r hosta.example.com -t tun -n 192.168.123.2/30 -c aes-ctr-256 -k aes-ctr-256 \
         -E have_a_very_safe_and_productive_day -e right
 

-

 One unicast and one anycast tunnel endpoint:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  
 One unicast and one anycast tunnel endpoint:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  


@@ -341,7 +269,7 @@ uanytun -r anycast.anytun.org -d anytun0 -t tun -n 192.0.2.2/30 -a null -c null
 Anycast tunnel endpoints:
 ^^^^^^^^^^^^^^^^^^^^^^^^^
 As *uAnytun* can't work as an anycast endpoint it can't be used for this purpose. You
 Anycast tunnel endpoints:
 ^^^^^^^^^^^^^^^^^^^^^^^^^
 As *uAnytun* can't work as an anycast endpoint it can't be used for this purpose. You

-have to use *anytun* for that job.
+have to use *Anytun* for that job.

 
 
 BUGS
 
 
 BUGS


@@ -349,11 +277,13 @@ BUGS
 Most likely there are some bugs in *uAnytun*. If you find a bug, please let
 the developers know at uanytun@anytun.org. Of course, patches are preferred.
 
 Most likely there are some bugs in *uAnytun*. If you find a bug, please let
 the developers know at uanytun@anytun.org. Of course, patches are preferred.
 

+

 AUTHORS
 -------
 
 Christian Pointner <equinox@anytun.org>
 
 AUTHORS
 -------
 
 Christian Pointner <equinox@anytun.org>
 

+

 RESOURCES
 ---------
 
 RESOURCES
 ---------
 


@@ -364,7 +294,6 @@ COPYING
 -------
 
 Copyright \(C) 2008-2009 Christian Pointner. This  program is  free 
 -------
 
 Copyright \(C) 2008-2009 Christian Pointner. This  program is  free 

-software; you can redistribute it and/or modify it under the terms 
-of the GNU General Public License version 3 as published by the 
-Free Software Foundation.
-
+software: you can redistribute it and/or modify it under the terms 
+of the GNU General Public License as published by the Free Software 
+Foundation, either version 3 of the License, or any later version.

diff --git a/etc/uanytun/client1/config b/etc/uanytun/client1/config
index 03b0207..f013cb9 100644 (file)
--- a/etc/uanytun/client1/config
+++ b/etc/uanytun/client1/config
@@ -53,8 +53,8 @@ remote-port 4444
 log syslog:3,uanytun-client1,daemon
 
 ## change user and group after init
 log syslog:3,uanytun-client1,daemon
 
 ## change user and group after init

-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun

 
 ## chroot to users home directory
 #chroot /var/run/uanytun
 
 ## chroot to users home directory
 #chroot /var/run/uanytun

diff --git a/etc/uanytun/client2/config b/etc/uanytun/client2/config
index f84bf87..cac7cd6 100644 (file)
--- a/etc/uanytun/client2/config
+++ b/etc/uanytun/client2/config
@@ -53,8 +53,8 @@ remote-port 4444
 log syslog:3,uanytun-client2,daemon
 
 ## change user and group after init
 log syslog:3,uanytun-client2,daemon
 
 ## change user and group after init

-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun

 
 ## chroot to users home directory
 #chroot /var/run/uanytun
 
 ## chroot to users home directory
 #chroot /var/run/uanytun

diff --git a/etc/uanytun/client3/config b/etc/uanytun/client3/config
index ba6e35c..d8f261b 100644 (file)
--- a/etc/uanytun/client3/config
+++ b/etc/uanytun/client3/config
@@ -53,8 +53,8 @@ remote-port 4444
 log syslog:3,uanytun-client3,daemon
 
 ## change user and group after init
 log syslog:3,uanytun-client3,daemon
 
 ## change user and group after init

-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun

 
 ## chroot to users home directory
 #chroot /var/run/uanytun
 
 ## chroot to users home directory
 #chroot /var/run/uanytun

diff --git a/etc/uanytun/p2p-a/config b/etc/uanytun/p2p-a/config
index 5523ef3..0e73eff 100644 (file)
--- a/etc/uanytun/p2p-a/config
+++ b/etc/uanytun/p2p-a/config
@@ -61,8 +61,8 @@ remote-port 4445
 log syslog:3,uanytun-p2p-a,daemon
 
 ## change user and group after init
 log syslog:3,uanytun-p2p-a,daemon
 
 ## change user and group after init

-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun

 
 ## chroot to users home directory
 #chroot /var/run/uanytun
 
 ## chroot to users home directory
 #chroot /var/run/uanytun

diff --git a/etc/uanytun/p2p-b/config b/etc/uanytun/p2p-b/config
index 5ffe2c9..515033b 100644 (file)
--- a/etc/uanytun/p2p-b/config
+++ b/etc/uanytun/p2p-b/config
@@ -61,8 +61,8 @@ remote-port 4445
 log syslog:3,uanytun-p2p-b,daemon
 
 ## change user and group after init
 log syslog:3,uanytun-p2p-b,daemon
 
 ## change user and group after init

-username uanytun
-groupname uanytun
+#username uanytun
+#groupname uanytun

 
 ## chroot to users home directory
 #chroot /var/run/uanytun
 
 ## chroot to users home directory
 #chroot /var/run/uanytun

diff --git a/src/Makefile b/src/Makefile
index 358c612..4124575 100644 (file)
--- a/src/Makefile
+++ b/src/Makefile
@@ -20,8 +20,9 @@
 ##  This file is part of uAnytun.
 ##
 ##  uAnytun is free software: you can redistribute it and/or modify
 ##  This file is part of uAnytun.
 ##
 ##  uAnytun is free software: you can redistribute it and/or modify

-##  it under the terms of the GNU General Public License version 3 as
-##  published by the Free Software Foundation.
+##  it under the terms of the GNU General Public License as published by
+##  the Free Software Foundation, either version 3 of the License, or
+##  any later version.

 ##
 ##  uAnytun is distributed in the hope that it will be useful,
 ##  but WITHOUT ANY WARRANTY; without even the implied warranty of
 ##
 ##  uAnytun is distributed in the hope that it will be useful,
 ##  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -39,18 +40,19 @@ endif
 EXECUTABLE := uanytun
 
 CRYPT_OBJ := key_derivation.o \
 EXECUTABLE := uanytun
 
 CRYPT_OBJ := key_derivation.o \

-            auth_algo.o
+             auth_algo.o

 OBJ := log.o \
 OBJ := log.o \

-      string_list.o \
-      sig_handler.o \
-      options.o \
-      tun.o \
-      udp.o \
-      plain_packet.o \
-      encrypted_packet.o \
-      seq_window.o \
-      cipher.o \
-      uanytun.o
+       string_list.o \
+       sig_handler.o \
+       sysexec.o \
+       options.o \
+       tun.o \
+       udp.o \
+       plain_packet.o \
+       encrypted_packet.o \
+       seq_window.o \
+       cipher.o \
+       uanytun.o

 
 
 ifndef NO_CRYPT_OBJ
 
 
 ifndef NO_CRYPT_OBJ


@@ -59,28 +61,31 @@ endif
 
 SRC := $(OBJ:%.o=%.c)
 
 
 SRC := $(OBJ:%.o=%.c)
 

-.PHONY: clean distclean manpage install install-bin install-etc install-man remove purge
+.PHONY: clean cleanall distclean manpage install install-bin install-etc install-man uninstall remove purge

 
 all: $(EXECUTABLE)
 
 %.d: %.c
        @set -e; rm -f $@; \
 
 all: $(EXECUTABLE)
 
 %.d: %.c
        @set -e; rm -f $@; \

-        $(CC) -MM $(CFLAGS) $< > $@.$$$$; \
-   sed 's,\($*\)\.o[ :]*,\1.o $@ : ,g' < $@.$$$$ > $@; \
-   rm -f $@.$$$$; echo '(re)building $@'
+  $(CC) -MM $(CFLAGS) $< > $@.$$$$; \
+  sed 's,\($*\)\.o[ :]*,\1.o $@ : ,g' < $@.$$$$ > $@; \
+  rm -f $@.$$$$; echo '(re)building $@'

 
 ifneq ($(MAKECMDGOALS),distclean)
 -include $(SRC:%.c=%.d)
 endif
 
 
 ifneq ($(MAKECMDGOALS),distclean)
 -include $(SRC:%.c=%.d)
 endif
 

-uanytun: $(OBJ)
+$(EXECUTABLE): $(OBJ)

        $(CC) $(OBJ) -o $@ $(LDFLAGS)
 
 %.o: %.c
        $(CC) $(CFLAGS) -c $<
 
 
        $(CC) $(OBJ) -o $@ $(LDFLAGS)
 
 %.o: %.c
        $(CC) $(CFLAGS) -c $<
 
 

-distclean: clean
+strip: $(EXECUTABLE)
+       $(STRIP) -s $(EXECUTABLE)
+
+distclean: cleanall

        find . -name *.o -exec rm -f {} \;
        find . -name "*.\~*" -exec rm -rf {} \;
        rm -f include.mk
        find . -name *.o -exec rm -f {} \;
        find . -name "*.\~*" -exec rm -rf {} \;
        rm -f include.mk


@@ -92,57 +97,78 @@ clean:
        rm -f *.d.*
        rm -f $(EXECUTABLE)
 
        rm -f *.d.*
        rm -f $(EXECUTABLE)
 

+cleanall: clean
+       $(MAKE) --directory="../doc/" clean
+

 manpage:
        $(MAKE) --directory="../doc/" manpage
 
 manpage:
        $(MAKE) --directory="../doc/" manpage
 

-install: all install-bin install-etc install-man add-user
+
+INSTALL_TARGETS := install-bin install-etc
+REMOVE_TARGETS := remove-bin remove-etc
+
+ifdef MANDIR
+INSTALL_TARGETS += install-man
+REMOVE_TARGETS += remove-man
+endif
+
+ifdef EXAMPLESDIR
+INSTALL_TARGETS += install-examples
+REMOVE_TARGETS += remove-examples
+endif
+
+install: all $(INSTALL_TARGETS)

 
 install-bin: $(EXECUTABLE)
 
 install-bin: $(EXECUTABLE)

-       mkdir -p $(DESTDIR)$(SBINDIR)
-       install -m 755 $(EXECUTABLE) $(DESTDIR)$(SBINDIR)
-       $(STRIP) $(DESTDIR)$(SBINDIR)/$(EXECUTABLE)
+       $(INSTALL) -d $(DESTDIR)$(SBINDIR)
+       $(INSTALL) -m 755 $(EXECUTABLE) $(DESTDIR)$(SBINDIR)

 
 install-etc:
 
 install-etc:

-       mkdir -p $(DESTDIR)$(ETCDIR)/uanytun
-       install -m 644 ../etc/uanytun/autostart $(DESTDIR)$(ETCDIR)/uanytun/autostart
-       @( cd '../etc/uanytun/' ;                                                                                \
-     for dir in `ls`; do                                                                                   \
-       if [ -d $$dir ]; then                                                                               \
-         echo "install $$dir configuration" ;                                                              \
-         cd $$dir ;                                                                                        \
-         mkdir -p $(DESTDIR)$(ETCDIR)/uanytun/$$dir ;                                                      \
-         install -m 600 config $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ;                                  \
-         sed -i 's#username uanytun#username $(USERNAME)#' $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ;      \
-         sed -i 's#groupname uanytun#groupname $(USERNAME)#' $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ;    \
-         sed -i 's#chroot /var/run/uanytun#chroot $(USERHOME)#' $(DESTDIR)$(ETCDIR)/uanytun/$$dir/config ; \
-         if [ -e 'post-up.sh' ]; then                                                                      \
-           install -m 755 post-up.sh $(DESTDIR)$(ETCDIR)/uanytun/$$dir/post-up.sh ;                        \
-         fi ;                                                                                              \
-         cd .. ;                                                                                           \
-       fi ;                                                                                                \
-     done                                                                                                  \
+       $(INSTALL) -d $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)
+       @ echo "example configurations can be found at $(EXAMPLESDIR)/$(EXECUTABLE)" > $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)/README
+       $(INSTALL) -d $(DESTDIR)$(ETCDIR)/init.d
+       @ sed -e 's#DAEMON=/usr/sbin/uanytun#DAEMON=$(SBINDIR)/$(EXECUTABLE)#' \
+        -e 's#CONFIG_DIR=/etc/uanytun#CONFIG_DIR=$(ETCDIR)/uanytun#' ../etc/init.d/uanytun > ../etc/init.d/uanytun.bak
+       $(INSTALL) -m 755 ../etc/init.d/uanytun.bak $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
+       rm -f ../etc/init.d/uanytun.bak
+
+install-examples:
+       $(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)
+       $(INSTALL) -m 644 ../etc/uanytun/autostart $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/autostart
+       @( cd '../etc/uanytun/' ;                                                                        \
+     for dir in `ls`; do                                                                           \
+       if [ -d $$dir ]; then                                                                       \
+         echo "install $$dir configuration" ;                                                      \
+         cd $$dir ;                                                                                \
+         $(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/$$dir ;                              \
+         $(INSTALL) -m 600 config $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/$$dir/config ;            \
+         if [ -e 'post-up.sh' ]; then                                                              \
+           $(INSTALL) -m 755 post-up.sh $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/$$dir/post-up.sh ;  \
+         fi ;                                                                                      \
+         cd .. ;                                                                                   \
+       fi ;                                                                                        \
+     done                                                                                          \

    )
    )

-       mkdir -p $(DESTDIR)$(ETCDIR)/init.d
-       install -m 755 ../etc/init.d/uanytun $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
-       @ sed -i 's#DAEMON=/usr/sbin/uanytun#DAEMON=$(SBINDIR)/$(EXECUTABLE)#' $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
-       @ sed -i 's#CONFIG_DIR=/etc/uanytun#CONFIG_DIR=$(ETCDIR)/uanytun#' $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)

 
 install-man: manpage
 
 install-man: manpage

-       mkdir -p $(DESTDIR)$(MANDIR)/man8/
-       cp ../doc/uanytun.8 $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
-       gzip $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
+       $(INSTALL) -d $(DESTDIR)$(MANDIR)/man8/
+       $(INSTALL) -m 644 ../doc/uanytun.8 $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8

 
 

-add-user:
-       @ adduser --system --group --home $(USERHOME) $(USERNAME)
+uninstall: remove

 
 

-remove-user: 
-       @ deluser $(USERNAME)
-       @ rm -rf $(USERHOME)
+remove: $(REMOVE_TARGETS)

 
 

-remove:
+remove-bin:

        rm -f $(DESTDIR)$(SBINDIR)/$(EXECUTABLE)
        rm -f $(DESTDIR)$(SBINDIR)/$(EXECUTABLE)

-       rm -f $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8.gz
+
+remove-etc:

        rm -f $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
 
        rm -f $(DESTDIR)$(ETCDIR)/init.d/$(EXECUTABLE)
 

-purge: remove remove-user
-       rm -rf $(DESTDIR)$(ETCDIR)/uanytun/
+remove-examples:
+       rm -rf $(DESTDIR)$(EXAMPLESDIR)/$(EXECUTABLE)/
+
+remove-man:
+       rm -f $(DESTDIR)$(MANDIR)/man8/$(EXECUTABLE).8
+
+purge: remove
+       rm -rf $(DESTDIR)$(ETCDIR)/$(EXECUTABLE)/

diff --git a/src/auth_algo.c b/src/auth_algo.c
index d015cc5..69d4ec0 100644 (file)
--- a/src/auth_algo.c
+++ b/src/auth_algo.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/auth_algo.h b/src/auth_algo.h
index baf32c5..1f08a3f 100644 (file)
--- a/src/auth_algo.h
+++ b/src/auth_algo.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _AUTH_ALGO_H_
-#define _AUTH_ALGO_H_
+#ifndef UANYTUN_auth_algo_h_INCLUDED
+#define UANYTUN_auth_algo_h_INCLUDED

 
 #ifndef USE_SSL_CRYPTO
 #include <gcrypt.h>
 
 #ifndef USE_SSL_CRYPTO
 #include <gcrypt.h>

diff --git a/src/bsd/tun.c b/src/bsd/tun.c
index f193668..21d16a4 100644 (file)
--- a/src/bsd/tun.c
+++ b/src/bsd/tun.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -313,36 +314,31 @@ void tun_do_ifconfig(tun_device_t* dev)
   if(!dev || !dev->actual_name_ || !dev->net_addr_ || !dev->net_mask_)
     return;
 
   if(!dev || !dev->actual_name_ || !dev->net_addr_ || !dev->net_mask_)
     return;
 

-
-  char* command = NULL;
-  char* netmask;

   char* end;
   if(dev->type_ == TYPE_TAP) {
 #if defined(__GNUC__) && defined(__OpenBSD__)
   char* end;
   if(dev->type_ == TYPE_TAP) {
 #if defined(__GNUC__) && defined(__OpenBSD__)

-    end = " link0";
+    end = "link0";

 #elif defined(__GNUC__) && defined(__FreeBSD__)
 #elif defined(__GNUC__) && defined(__FreeBSD__)

-    end = " up";
+    end = "up";

 #elif defined(__GNUC__) && defined(__NetBSD__)
 #elif defined(__GNUC__) && defined(__NetBSD__)

-    end = "";
+    end = NULL;

 #else
  #error This Device works just for OpenBSD, FreeBSD or NetBSD
 #endif
   }
   else
 #else
  #error This Device works just for OpenBSD, FreeBSD or NetBSD
 #endif
   }
   else

-    end = " up";
+    end = "up";

 
 

-  asprintf(&command, "/sbin/ifconfig %s %s netmask %s mtu %d%s", dev->actual_name_, dev->net_addr_,
-                                                                 dev->net_mask_, dev->mtu_, end);
-  if(!command) {
+  char* mtu_str = NULL;
+  asprintf(&mtu_str, "%d", dev->mtu_);
+  if(!mtu_str) {

     log_printf(ERROR, "Execution of ifconfig failed");
     return;
   }
 
     log_printf(ERROR, "Execution of ifconfig failed");
     return;
   }
 

-  int result = system(command);
-  if(result == -1)
-    log_printf(ERROR, "Execution of ifconfig failed");
-  else
-    log_printf(NOTICE, "ifconfig returned %d", WEXITSTATUS(result));
+  char* const argv[] = { "/sbin/ifconfig", dev->actual_name_, dev->net_addr_, "netmask", dev->net_mask_, "mtu", mtu_str, end, NULL };
+  char* const evp[] = { NULL };
+  uanytun_exec("/sbin/ifconfig", argv, evp);

 
 

-  free(command);
+  free(mtu_str);

 }
 }

diff --git a/src/cipher.c b/src/cipher.c
index 5fba4af..a91facb 100644 (file)
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/cipher.h b/src/cipher.h
index f53e412..d65c761 100644 (file)
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _CIPHER_H_
-#define _CIPHER_H_
+#ifndef UANYTUN_cipher_h_INCLUDED
+#define UANYTUN_cipher_h_INCLUDED

 
 #ifndef NO_CRYPT
 #ifndef USE_SSL_CRYPTO
 
 #ifndef NO_CRYPT
 #ifndef USE_SSL_CRYPTO

diff --git a/src/configure b/src/configure
index d88e333..f4ed32d 100755 (executable)
--- a/src/configure
+++ b/src/configure
@@ -21,8 +21,9 @@
 #  This file is part of uAnytun.
 #
 #  uAnytun is free software: you can redistribute it and/or modify
 #  This file is part of uAnytun.
 #
 #  uAnytun is free software: you can redistribute it and/or modify

-#  it under the terms of the GNU General Public License version 3 as
-#  published by the Free Software Foundation.
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  any later version.

 #
 #  uAnytun is distributed in the hope that it will be useful,
 #  but WITHOUT ANY WARRANTY; without even the implied warranty of
 #
 #  uAnytun is distributed in the hope that it will be useful,
 #  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -35,6 +36,8 @@
 
 TARGET=`uname -s`
 
 
 TARGET=`uname -s`
 

+EBUILD_COMPAT=0
+

 CFLAGS='-g -O2'
 LDFLAGS='-g -Wall -O2'
 
 CFLAGS='-g -O2'
 LDFLAGS='-g -Wall -O2'
 


@@ -43,15 +46,23 @@ PASSPHRASE=1
 V4_MAPPED=1
 
 PREFIX='/usr/local'
 V4_MAPPED=1
 
 PREFIX='/usr/local'

-USERNAME='uanytun'
-USERHOME='/var/run/uanytun'
+SBINDIR=''
+ETCDIR=''
+MANDIR=''
+INSTALLMANPAGE=1
+EXAMPLESDIR=''
+INSTALLEXAMPLES=1

 
 print_usage() {
   echo "configure --help                    print this"
   echo "          --target=<TARGET>         build target i.e. Linux (default: autodetect)"
   echo "          --prefix=<PREFIX>         the installation prefix (default: /usr/local)"
 
 print_usage() {
   echo "configure --help                    print this"
   echo "          --target=<TARGET>         build target i.e. Linux (default: autodetect)"
   echo "          --prefix=<PREFIX>         the installation prefix (default: /usr/local)"

-  echo "          --username=<USERNAME>     create this user when installing (default: uanytun)"
-  echo "          --userhome=<PATH>         the home directory of the user to be created  (default: /var/run/uanytun)"
+  echo "          --sbindir=<DIR>           the path to the sbin directory (default: $PREFIX/sbin)"
+  echo "          --sysconfdir=<DIR>        the path to the system configuration directory (default: $PREFIX/etc"
+  echo "          --mandir=<DIR>            the path to the system man pages (default: $PREFIX/share/man)"
+  echo "          --no-manpage              dont't install manpage"
+  echo "          --examplesdir=<DIR>       the path to the examples files (default: $PREFIX/share/examples)"
+  echo "          --no-examples             dont't install example files"

   echo "          --use-ssl-crypto          use ssl crypto library instead of libgcrypt"
   echo "          --no-crypto               disable crypto at all (only NULL cipher)"
   echo "          --disable-passphrase      disable master key and salt passphrase"
   echo "          --use-ssl-crypto          use ssl crypto library instead of libgcrypt"
   echo "          --no-crypto               disable crypto at all (only NULL cipher)"
   echo "          --disable-passphrase      disable master key and salt passphrase"


@@ -70,11 +81,23 @@ do
   --prefix=*)
     PREFIX=${arg#--prefix=}
   ;;
   --prefix=*)
     PREFIX=${arg#--prefix=}
   ;;

-  --username=*)
-    USERNAME=${arg#--username=}
+  --sbindir=*)
+    SBINDIR=${arg#--sbindir=}
+  ;;
+  --sysconfdir=*)
+    ETCDIR=${arg#--sysconfdir=}
+  ;;
+  --mandir=*)
+    MANDIR=${arg#--mandir=}

   ;;
   ;;

-  --userhome=*)
-    USERHOME=${arg#--userhome=}
+  --no-manpage)
+    INSTALLMANPAGE=0
+  ;;
+  --examplesdir=*)
+    EXAMPLESDIR=${arg#--examplesdir=}
+  ;;
+  --no-examples)
+    INSTALLEXAMPLES=0

   ;;
   --use-ssl-crypto)
     CRYPTO_LIB='ssl'
   ;;
   --use-ssl-crypto)
     CRYPTO_LIB='ssl'


@@ -94,18 +117,29 @@ do
   --enable-v4-mapped)
     V4_MAPPED=2
   ;; 
   --enable-v4-mapped)
     V4_MAPPED=2
   ;; 

+  --ebuild-compat)
+    EBUILD_COMPAT=1
+  ;;

   --help)
     print_usage
     exit 0
   ;;
   *)
   --help)
     print_usage
     exit 0
   ;;
   *)

-    echo "Unknown argument: $arg"
-    print_usage
-    exit 1
+    ERRORS="$ERRORS $arg"

   ;;
   esac
 done
 
   ;;
   esac
 done
 

+if [ -n "$ERRORS" ] && [ $EBUILD_COMPAT -ne 1 ]; then
+  for error in $ERRORS; do
+    echo "Unknown argument: $error"
+  done
+
+  print_usage
+  exit 1
+fi
+
+

 rm -f include.mk
 case $TARGET in 
   Linux)
 rm -f include.mk
 case $TARGET in 
   Linux)


@@ -157,10 +191,20 @@ if [ $V4_MAPPED -eq 0 ]; then
   echo "WARNING: disabling V4 mapped addresses, this prevents uanytun from using IPv6 and IPv4 Sockets at the same time"
 fi
 
   echo "WARNING: disabling V4 mapped addresses, this prevents uanytun from using IPv6 and IPv4 Sockets at the same time"
 fi
 

-if [ "x$PREFIX" = "x/usr" ]; then
- ETCDIR=/etc
-else
- ETCDIR=$PREFIX/etc
+if [ -z "$SBINDIR" ]; then
+  SBINDIR=$PREFIX/sbin
+fi
+
+if [ -z "$ETCDIR" ]; then
+  ETCDIR=$PREFIX/etc
+fi
+
+if [ -z "$MANDIR" ]; then
+  MANDIR=$PREFIX/share/man
+fi
+
+if [ -z "$EXAMPLESDIR" ]; then
+  EXAMPLESDIR=$PREFIX/share/examples

 fi
 
 cat >> include.mk <<EOF
 fi
 
 cat >> include.mk <<EOF


@@ -172,12 +216,26 @@ TARGET := $TARGET
 CC := gcc
 CFLAGS := $CFLAGS
 LDFLAGS := $LDFLAGS
 CC := gcc
 CFLAGS := $CFLAGS
 LDFLAGS := $LDFLAGS

+STRIP := strip
+INSTALL := install

 
 

-SBINDIR := $PREFIX/sbin
-MANDIR := $PREFIX/share/man
+PREFIX := $PREFIX
+SBINDIR := $SBINDIR

 ETCDIR := $ETCDIR
 ETCDIR := $ETCDIR

-USERNAME := $USERNAME
-USERHOME := $USERHOME

 EOF
 
 EOF
 

+if [ $INSTALLMANPAGE -eq 1 ]; then
+  echo "MANDIR := $MANDIR" >> include.mk
+  echo "installing manpage"
+else
+  echo "not installing manpage"
+fi
+
+if [ $INSTALLEXAMPLES -eq 1 ]; then
+  echo "EXAMPLESDIR := $EXAMPLESDIR" >> include.mk
+  echo "installing example files"
+else
+  echo "not installing example files"
+fi
+

 exit 0
 exit 0

diff --git a/src/daemon.h b/src/daemon.h
index ac0516e..22e0ac0 100644 (file)
--- a/src/daemon.h
+++ b/src/daemon.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _DAEMON_H_
-#define _DAEMON_H_
+#ifndef UANYTUN_daemon_h_INCLUDED
+#define UANYTUN_daemon_h_INCLUDED

 
 #include <poll.h>
 #include <fcntl.h>
 
 #include <poll.h>
 #include <fcntl.h>

diff --git a/src/datatypes.h b/src/datatypes.h
index 3925f26..ae57112 100644 (file)
--- a/src/datatypes.h
+++ b/src/datatypes.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _DATATYPES_H_
-#define _DATATYPES_H_
+#ifndef UANYTUN_datatypes_h_INCLUDED
+#define UANYTUN_datatypes_h_INCLUDED

 
 #include <stdint.h>
 #include <arpa/inet.h>
 
 #include <stdint.h>
 #include <arpa/inet.h>

diff --git a/src/encrypted_packet.c b/src/encrypted_packet.c
index 53387f3..c6db3d8 100644 (file)
--- a/src/encrypted_packet.c
+++ b/src/encrypted_packet.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/encrypted_packet.h b/src/encrypted_packet.h
index e9cdc59..f654b2c 100644 (file)
--- a/src/encrypted_packet.h
+++ b/src/encrypted_packet.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _ENCRYPTED_PACKET_H_
-#define _ENCRYPTED_PACKET_H_
+#ifndef UANYTUN_encrypted_packet_h_INCLUDED
+#define UANYTUN_encrypted_packet_h_INCLUDED

 
 #define ENCRYPTED_PACKET_SIZE_MAX 1600
 
 
 #define ENCRYPTED_PACKET_SIZE_MAX 1600
 

diff --git a/src/key_derivation.c b/src/key_derivation.c
index e9ab15f..7e98416 100644 (file)
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/key_derivation.h b/src/key_derivation.h
index c6212f1..7f75685 100644 (file)
--- a/src/key_derivation.h
+++ b/src/key_derivation.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _KEY_DERIVATION_H_
-#define _KEY_DERIVATION_H_
+#ifndef UANYTUN_key_derivation_h_INCLUDED
+#define UANYTUN_key_derivation_h_INCLUDED

 
 #ifndef USE_SSL_CRYPTO
 #include <gcrypt.h>
 
 #ifndef USE_SSL_CRYPTO
 #include <gcrypt.h>

diff --git a/src/linux/tun.c b/src/linux/tun.c
index c2187a6..10037ea 100644 (file)
--- a/src/linux/tun.c
+++ b/src/linux/tun.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -54,6 +55,7 @@
 #define DEFAULT_DEVICE "/dev/net/tun"
 
 #include "log.h"
 #define DEFAULT_DEVICE "/dev/net/tun"
 
 #include "log.h"

+#include "sysexec.h"

 
 int tun_init(tun_device_t* dev, const char* dev_name, const char* dev_type, const char* ifcfg_addr, u_int16_t ifcfg_prefix){
   if(!dev) 
 
 int tun_init(tun_device_t* dev, const char* dev_name, const char* dev_type, const char* ifcfg_addr, u_int16_t ifcfg_prefix){
   if(!dev) 


@@ -189,18 +191,16 @@ void tun_do_ifconfig(tun_device_t* dev)
   if(!dev || !dev->actual_name_ || !dev->net_addr_ || !dev->net_mask_)
     return;
 
   if(!dev || !dev->actual_name_ || !dev->net_addr_ || !dev->net_mask_)
     return;
 

-  char* command = NULL;
-  asprintf(&command, "/sbin/ifconfig %s %s netmask %s mtu %d", dev->actual_name_, dev->net_addr_, dev->net_mask_, dev->mtu_);
-  if(!command) {
+  char* mtu_str = NULL;
+  asprintf(&mtu_str, "%d", dev->mtu_);
+  if(!mtu_str) {

     log_printf(ERROR, "Execution of ifconfig failed");
     return;
   }
 
     log_printf(ERROR, "Execution of ifconfig failed");
     return;
   }
 

-  int result = system(command);
-  if(result == -1)
-    log_printf(ERROR, "Execution of ifconfig failed");
-  else
-    log_printf(NOTICE, "ifconfig returned %d", WEXITSTATUS(result));
+  char* const argv[] = { "/sbin/ifconfig", dev->actual_name_, dev->net_addr_, "netmask", dev->net_mask_, "mtu", mtu_str, NULL };
+  char* const evp[] = { NULL };
+  uanytun_exec("/sbin/ifconfig", argv, evp);

 
 

-  free(command);
+  free(mtu_str);

 }
 }

diff --git a/src/log.c b/src/log.c
index 847baf7..43a0a5a 100644 (file)
--- a/src/log.c
+++ b/src/log.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -250,7 +251,7 @@ void log_print_hex_dump(log_prio_t prio, const u_int8_t* buf, u_int32_t len)
     for(i=0; i < len; i++) {
       if(((i+1)*3) >= (MSG_LENGTH_MAX - offset))
         break;
     for(i=0; i < len; i++) {
       if(((i+1)*3) >= (MSG_LENGTH_MAX - offset))
         break;

-      sprintf(ptr, "%02X ", buf[i]);
+      snprintf(ptr, 3, "%02X ", buf[i]);

       ptr+=3;
     }
   }
       ptr+=3;
     }
   }

diff --git a/src/log.h b/src/log.h
index 46ea867..2717622 100644 (file)
--- a/src/log.h
+++ b/src/log.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _LOG_H_
-#define _LOG_H_
+#ifndef UANYTUN_log_h_INCLUDED
+#define UANYTUN_log_h_INCLUDED

 
 #define MSG_LENGTH_MAX 150
 
 
 #define MSG_LENGTH_MAX 150
 

diff --git a/src/log_targets.h b/src/log_targets.h
index 0ea8e83..8db3812 100644 (file)
--- a/src/log_targets.h
+++ b/src/log_targets.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,6 +33,30 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

+#ifndef UANYTUN_log_targets_h_INCLUDED
+#define UANYTUN_log_targets_h_INCLUDED
+
+#include <time.h>
+
+static char* get_time_formatted()
+{
+  char* time_string;
+  time_t t = time(NULL);
+  if(t < 0) 
+    time_string = "<time read error>";
+  else {
+    time_string = ctime(&t);
+    if(!time_string)
+      time_string = "<time format error>";
+    else {
+      char* newline = strchr(time_string, '\n');
+      if(newline)
+        newline[0] = 0;
+    }
+  }
+  return time_string;
+}
+

 enum syslog_facility_enum { USER = LOG_USER, MAIL = LOG_MAIL,
                             DAEMON = LOG_DAEMON, AUTH = LOG_AUTH,
                             SYSLOG = LOG_SYSLOG, LPR = LOG_LPR,
 enum syslog_facility_enum { USER = LOG_USER, MAIL = LOG_MAIL,
                             DAEMON = LOG_DAEMON, AUTH = LOG_AUTH,
                             SYSLOG = LOG_SYSLOG, LPR = LOG_LPR,


@@ -235,7 +260,7 @@ void log_target_file_log(log_target_t* self, log_prio_t prio, const char* msg)
   if(!self || !self->param_ || !self->opened_)
     return;
 
   if(!self || !self->param_ || !self->opened_)
     return;
 

-  fprintf(((log_target_file_param_t*)(self->param_))->file_, "%s-%s\n", log_prio_to_string(prio), msg);
+  fprintf(((log_target_file_param_t*)(self->param_))->file_, "%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg);

   fflush(((log_target_file_param_t*)(self->param_))->file_);
 }
 
   fflush(((log_target_file_param_t*)(self->param_))->file_);
 }
 


@@ -284,7 +309,7 @@ log_target_t* log_target_file_new()
 
 void log_target_stdout_log(log_target_t* self, log_prio_t prio, const char* msg)
 {
 
 void log_target_stdout_log(log_target_t* self, log_prio_t prio, const char* msg)
 {

-  printf("%s-%s\n", log_prio_to_string(prio), msg);
+  printf("%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg);

 }
 
 log_target_t* log_target_stdout_new()
 }
 
 log_target_t* log_target_stdout_new()


@@ -311,7 +336,7 @@ log_target_t* log_target_stdout_new()
 
 void log_target_stderr_log(log_target_t* self, log_prio_t prio, const char* msg)
 {
 
 void log_target_stderr_log(log_target_t* self, log_prio_t prio, const char* msg)
 {

-  fprintf(stderr, "%s-%s\n", log_prio_to_string(prio), msg);
+  fprintf(stderr, "%s %s: %s\n", get_time_formatted(), log_prio_to_string(prio), msg);

 }
 
 log_target_t* log_target_stderr_new()
 }
 
 log_target_t* log_target_stderr_new()


@@ -334,3 +359,5 @@ log_target_t* log_target_stderr_new()
 
   return tmp;
 }
 
   return tmp;
 }

+
+#endif

diff --git a/src/options.c b/src/options.c
index 2300794..f5010bf 100644 (file)
--- a/src/options.c
+++ b/src/options.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -273,6 +274,7 @@ int options_parse(options_t* opt, int argc, char* argv[])
   if(ipv6_only)
     opt->resolv_addr_type_ = IPV6_ONLY;
 
   if(ipv6_only)
     opt->resolv_addr_type_ = IPV6_ONLY;
 

+#ifndef NO_CRYPT

   if(role) {
     if(!strcmp(role, "alice") || !strcmp(role, "server") || !strcmp(role, "left"))
       opt->role_ = ROLE_LEFT;
   if(role) {
     if(!strcmp(role, "alice") || !strcmp(role, "server") || !strcmp(role, "left"))
       opt->role_ = ROLE_LEFT;


@@ -284,6 +286,7 @@ int options_parse(options_t* opt, int argc, char* argv[])
     }
     free(role);
   }
     }
     free(role);
   }

+#endif

   return 0;
 }
 
   return 0;
 }
 


@@ -446,7 +449,7 @@ void options_print_usage()
 #endif
   printf("        [-K|--key] <master key>             master key to use for encryption\n");
   printf("        [-A|--salt] <master salt>           master salt to use for encryption\n");
 #endif
   printf("        [-K|--key] <master key>             master key to use for encryption\n");
   printf("        [-A|--salt] <master salt>           master salt to use for encryption\n");

-  printf("        [-e|--role] <role>                  left (alice) or right (bob)");
+  printf("        [-e|--role] <role>                  left (alice) or right (bob)\n");

   printf("        [-c|--cipher] <cipher type>         payload encryption algorithm\n");
   printf("        [-a|--auth-algo] <algo type>        message authentication algorithm\n");
   printf("        [-b|--auth-tag-length] <length>     length of the auth tag\n");
   printf("        [-c|--cipher] <cipher type>         payload encryption algorithm\n");
   printf("        [-a|--auth-algo] <algo type>        message authentication algorithm\n");
   printf("        [-b|--auth-tag-length] <length>     length of the auth tag\n");

diff --git a/src/options.h b/src/options.h
index 0f73a0b..ee7763d 100644 (file)
--- a/src/options.h
+++ b/src/options.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _OPTIONS_H_
-#define _OPTIONS_H_
+#ifndef UANYTUN_options_h_INCLUDED
+#define UANYTUN_options_h_INCLUDED

 
 #include "string_list.h"
 
 
 #include "string_list.h"
 

diff --git a/src/plain_packet.c b/src/plain_packet.c
index 1d7ba2b..6995d42 100644 (file)
--- a/src/plain_packet.c
+++ b/src/plain_packet.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/plain_packet.h b/src/plain_packet.h
index ed42893..6f1b385 100644 (file)
--- a/src/plain_packet.h
+++ b/src/plain_packet.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _PLAIN_PACKET_H_
-#define _PLAIN_PACKET_H_
+#ifndef UANYTUN_plain_packet_h_INCLUDED
+#define UANYTUN_plain_packet_h_INCLUDED

 
 #define PLAIN_PACKET_SIZE_MAX 1600
 
 
 #define PLAIN_PACKET_SIZE_MAX 1600
 

diff --git a/src/seq_window.c b/src/seq_window.c
index 6c49d2f..a855f68 100644 (file)
--- a/src/seq_window.c
+++ b/src/seq_window.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/seq_window.h b/src/seq_window.h
index 2191d53..385cbdb 100644 (file)
--- a/src/seq_window.h
+++ b/src/seq_window.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _SEQ_WINDOW_H_
-#define _SEQ_WINDOW_H_
+#ifndef UANYTUN_seq_window_h_INCLUDED
+#define UANYTUN_seq_window_h_INCLUDED

 
 struct seq_win_element_struct {
   sender_id_t sender_id_;
 
 struct seq_win_element_struct {
   sender_id_t sender_id_;

diff --git a/src/sig_handler.c b/src/sig_handler.c
index 6fd4b85..ca2e18f 100644 (file)
--- a/src/sig_handler.c
+++ b/src/sig_handler.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -36,29 +37,123 @@
 
 #include "log.h"
 #include <signal.h>
 
 #include "log.h"
 #include <signal.h>

+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/select.h>
+#include <errno.h>
+

 #include "sig_handler.h"
 
 #include "sig_handler.h"
 

-volatile sig_atomic_t signal_exit = 0;
+#include <stdio.h>
+
+
+static int sig_pipe_fds[2];
+

 
 

-void signal_init()
+static void sig_handler(int sig)

 {
 {

-  signal(SIGINT, handle_signal);
-  signal(SIGQUIT, handle_signal);
-  signal(SIGTERM, handle_signal);
-  signal(SIGHUP, handle_signal);
-  signal(SIGUSR1, handle_signal);
-  signal(SIGUSR2, handle_signal);
+  sigset_t set;
+  int ret = read(sig_pipe_fds[0], &set, sizeof(sigset_t));
+  if(ret != sizeof(sigset_t))
+    sigemptyset(&set);
+
+  sigaddset(&set, sig);
+  ret = write(sig_pipe_fds[1], &set, sizeof(sigset_t));
+}
+
+
+int signal_init()
+{
+  if(pipe(sig_pipe_fds)) {
+    log_printf(ERROR, "signal handling init failed (pipe error: %s)", strerror(errno));
+    return -1;
+  }
+
+  int i;
+  for(i=0; i<2; ++i) {
+    int fd_flags = fcntl(sig_pipe_fds[i], F_GETFL);
+    if(fd_flags == -1) {
+      log_printf(ERROR, "signal handling init failed (pipe fd[%d] read flags error: %s)", i, strerror(errno));
+      return -1;
+    }
+    if(fcntl(sig_pipe_fds[i], F_SETFL, fd_flags | O_NONBLOCK) == -1){
+      log_printf(ERROR, "signal handling init failed (pipe fd[%d] write flags error: %s)", i, strerror(errno));
+      return -1;
+    }
+  }
+
+  struct sigaction act;
+  act.sa_handler = sig_handler;
+  sigfillset(&act.sa_mask);
+  act.sa_flags = 0;
+
+  if((sigaction(SIGINT, &act, NULL) < 0) ||
+     (sigaction(SIGQUIT, &act, NULL) < 0) ||
+     (sigaction(SIGTERM, &act, NULL) < 0) ||
+     (sigaction(SIGHUP, &act, NULL) < 0) ||
+     (sigaction(SIGUSR1, &act, NULL) < 0) ||
+     (sigaction(SIGUSR2, &act, NULL) < 0)) {
+
+    log_printf(ERROR, "signal handling init failed (sigaction error: %s)", strerror(errno));
+    close(sig_pipe_fds[0]);
+    close(sig_pipe_fds[1]);
+  }
+
+  return sig_pipe_fds[0];

 }
 
 }
 

-void handle_signal(int sig)
+int signal_handle()

 {
 {

-  switch(sig) {
-  case SIGINT: log_printf(NOTICE, "SIG-Int caught, exitting"); signal_exit = 1; break;
-  case SIGQUIT: log_printf(NOTICE, "SIG-Quit caught, exitting"); signal_exit = 1; break;
-  case SIGTERM: log_printf(NOTICE, "SIG-Term caught, exitting"); signal_exit = 1; break;
-  case SIGHUP: log_printf(NOTICE, "SIG-Hup caught"); break;
-  case SIGUSR1: log_printf(NOTICE, "SIG-Usr1 caught"); break;
-  case SIGUSR2: log_printf(NOTICE, "SIG-Usr2 caught"); break;
-  default: log_printf(NOTICE, "Signal %d caught, ignoring", sig); break;
+  sigset_t set, oldset, tmpset;
+
+  sigemptyset(&tmpset);
+  sigaddset(&tmpset, SIGINT);
+  sigaddset(&tmpset, SIGQUIT);
+  sigaddset(&tmpset, SIGTERM);
+  sigaddset(&tmpset, SIGHUP);
+  sigaddset(&tmpset, SIGUSR1);
+  sigaddset(&tmpset, SIGUSR2);
+  sigprocmask(SIG_BLOCK, &tmpset, &oldset);
+
+  int ret = read(sig_pipe_fds[0], &set, sizeof(sigset_t));
+  if(ret != sizeof(sigset_t))
+    sigemptyset(&set);
+
+  int return_value = 0;
+  int sig;
+  for(sig=1; sig < NSIG; ++sig) {
+    if(sigismember(&set, sig)) {
+      switch(sig) {
+      case SIGINT: log_printf(NOTICE, "SIG-Int caught, exitting"); return_value = 1; break;
+      case SIGQUIT: log_printf(NOTICE, "SIG-Quit caught, exitting"); return_value = 1; break;
+      case SIGTERM: log_printf(NOTICE, "SIG-Term caught, exitting"); return_value = 1; break;
+      case SIGHUP: log_printf(NOTICE, "SIG-Hup caught"); break;
+      case SIGUSR1: log_printf(NOTICE, "SIG-Usr1 caught"); break;
+      case SIGUSR2: log_printf(NOTICE, "SIG-Usr2 caught"); break;
+      default: log_printf(WARNING, "unknown signal %d caught, ignoring", sig); break;
+      }
+      sigdelset(&set, sig);
+    }

   }
   }

+
+  sigprocmask(SIG_SETMASK, &oldset, NULL);
+  return return_value;
+}
+
+void signal_stop()
+{
+  struct sigaction act;
+  act.sa_handler = SIG_DFL;
+  sigemptyset(&act.sa_mask);
+  act.sa_flags = 0;
+
+  sigaction(SIGINT, &act, NULL);
+  sigaction(SIGQUIT, &act, NULL);
+  sigaction(SIGTERM, &act, NULL);
+  sigaction(SIGHUP, &act, NULL);
+  sigaction(SIGUSR1, &act, NULL);
+  sigaction(SIGUSR2, &act, NULL);
+
+  close(sig_pipe_fds[0]);
+  close(sig_pipe_fds[1]);

 }
 }

diff --git a/src/sig_handler.h b/src/sig_handler.h
index a7779be..1995e1a 100644 (file)
--- a/src/sig_handler.h
+++ b/src/sig_handler.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,14 +33,11 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _SIG_HANDLER_H_
-#define _SIG_HANDLER_H_
+#ifndef UANYTUN_sig_handler_h_INCLUDED
+#define UANYTUN_sig_handler_h_INCLUDED

 
 

-#include <signal.h>
-
-extern volatile sig_atomic_t signal_exit;
-
-void signal_init();
-void handle_signal(int sig);
+int signal_init();
+int signal_handle();
+void signal_stop();

 
 #endif
 
 #endif

diff --git a/src/string_list.c b/src/string_list.c
index f23fcdc..a4f4ab8 100644 (file)
--- a/src/string_list.c
+++ b/src/string_list.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -91,8 +92,8 @@ int string_list_add(string_list_t* list, const char* string)
     tmp->next_->next_ = 0;
     tmp->next_->string_ = strdup(string);
     if(!tmp->next_->string_) {
     tmp->next_->next_ = 0;
     tmp->next_->string_ = strdup(string);
     if(!tmp->next_->string_) {

-      free(list->first_);
-      list->first_ = NULL;
+      free(tmp->next_);
+      tmp->next_ = NULL;

       return -2;
     }
   }
       return -2;
     }
   }

diff --git a/src/string_list.h b/src/string_list.h
index fc1f4ac..cd054cb 100644 (file)
--- a/src/string_list.h
+++ b/src/string_list.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _STRING_LIST_H_
-#define _STRING_LIST_H_
+#ifndef UANYTUN_string_list_h_INCLUDED
+#define UANYTUN_string_list_h_INCLUDED

 
 struct string_list_element_struct {
   char* string_;
 
 struct string_list_element_struct {
   char* string_;

diff --git a/src/sysexec.c b/src/sysexec.c
new file mode 100644 (file)
index 0000000..2cea52e
--- /dev/null
+++ b/src/sysexec.c
@@ -0,0 +1,115 @@
+/*
+ *  uAnytun
+ *
+ *  uAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ *  featured implementation uAnytun has no support for multiple connections
+ *  or synchronisation. It is a small single threaded implementation intended
+ *  to act as a client on small platforms.
+ *  The secure anycast tunneling protocol (satp) defines a protocol used
+ *  for communication between any combination of unicast and anycast
+ *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
+ *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ *  ethernet, ip, arp ...). satp directly includes cryptography and
+ *  message authentication based on the methodes used by SRTP.  It is
+ *  intended to deliver a generic, scaleable and secure solution for
+ *  tunneling and relaying of packets of any protocol.
+ *  
+ *
+ *  Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ *  This file is part of uAnytun.
+ *
+ *  uAnytun is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.
+ *
+ *  uAnytun is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "datatypes.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <sys/wait.h>
+#include <sys/select.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "sysexec.h"
+#include "log.h"
+
+int uanytun_exec(const char* script, char* const argv[], char* const evp[])
+{
+  if(!script)
+    return -1;
+
+  int pipefd[2];
+  if(pipe(pipefd) == -1) {
+    log_printf(ERROR, "executing script '%s' pipe() error: %s", script, strerror(errno));
+    return -1;
+  }
+
+  pid_t pid;
+  pid = fork();
+  if(pid == -1) {
+    log_printf(ERROR, "executing script '%s' fork() error: %s", script, strerror(errno));
+    return -1;
+  }
+
+  if(!pid) {
+    int fd;
+    for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
+      if(fd != pipefd[1]) close(fd);
+
+    fd = open("/dev/null",O_RDWR);        // stdin
+    if(fd == -1)
+      log_printf(WARNING, "can't open stdin");
+    else {
+      if(dup(fd) == -1)   // stdout
+        log_printf(WARNING, "can't open stdout");
+      if(dup(fd) == -1)   // stderr
+        log_printf(WARNING, "can't open stderr");
+    }
+    execve(script, argv, evp);
+        // if execve returns, an error occurred, but logging doesn't work 
+        // because we closed all file descriptors, so just write errno to
+        // pipe and call exit
+    write(pipefd[1], (void*)(&errno), sizeof(errno));
+    exit(-1);
+  }
+  close(pipefd[1]);
+
+  int status = 0;
+  waitpid(pid, &status, 0);
+
+  fd_set rfds;
+  FD_ZERO(&rfds);
+  FD_SET(pipefd[0], &rfds);
+  struct timeval tv = { 0 , 0 };
+  if(select(pipefd[0]+1, &rfds, NULL, NULL, &tv) == 1) {
+    int err = 0;
+    if(read(pipefd[0], (void*)(&err), sizeof(err)) >= sizeof(err)) {
+      log_printf(NOTICE, "script '%s' exec() error: %s", script, strerror(err));
+      close(pipefd[0]);
+      return -1;
+    }
+  }
+  if(WIFEXITED(status))
+    log_printf(NOTICE, "script '%s' returned %d", script, WEXITSTATUS(status));  
+  else if(WIFSIGNALED(status))
+    log_printf(NOTICE, "script '%s' terminated after signal %d", script, WTERMSIG(status));
+  else
+    log_printf(ERROR, "executing script '%s': unkown error", script);
+
+  close(pipefd[0]);
+  return status;
+}

diff --git a/src/sysexec.h b/src/sysexec.h
index b724433..0aabde1 100644 (file)
--- a/src/sysexec.h
+++ b/src/sysexec.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,46 +33,9 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _SYSEXEC_H_
-#define _SYSEXEC_H_
+#ifndef UANYTUN_sysexec_h_INCLUDED
+#define UANYTUN_sysexec_h_INCLUDED

 
 

-int exec_script(const char* script, const char* ifname)
-{
-  if(!script || !ifname)
-    return -1;
-
-  pid_t pid;
-  pid = fork();
-  if(!pid) {
-    int fd;
-    for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
-      close(fd);
-
-    fd = open("/dev/null",O_RDWR);        // stdin
-    if(fd == -1)
-      log_printf(WARNING,  "can't open stdin");
-    else {
-      if(dup(fd) == -1)   // stdout
-        log_printf(WARNING,  "can't open stdout");
-      if(dup(fd) == -1)   // stderr
-        log_printf(WARNING,  "can't open stderr");
-    }
-    execl("/bin/sh", "/bin/sh", script, ifname, NULL);
-        // if execl return, an error occurred
-    log_printf(ERROR, "error on executing script: %s", strerror(errno));
-    return -1;
-  }
-  int status = 0;
-  waitpid(pid, &status, 0);
-  if(WIFEXITED(status))
-    log_printf(NOTICE, "script '%s' returned %d", script, WEXITSTATUS(status));  
-  else if(WIFSIGNALED(status))
-    log_printf(NOTICE, "script '%s' terminated after signal %d", script, WTERMSIG(status));
-  else
-    log_printf(ERROR, "executing script: unkown error");
-
-  return status;
-
-}
+int uanytun_exec(const char* script, char* const argv[], char* const evp[]);

 
 #endif
 
 #endif

diff --git a/src/tun.h b/src/tun.h
index 6e7c302..b74e0b1 100644 (file)
--- a/src/tun.h
+++ b/src/tun.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _TUN_H_
-#define _TUN_H_
+#ifndef UANYTUN_tun_h_INCLUDED
+#define UANYTUN_tun_h_INCLUDED

 
 #include <stdlib.h>
 
 
 #include <stdlib.h>
 

diff --git a/src/tun_helper.h b/src/tun_helper.h
index 396d902..bd9b438 100644 (file)
--- a/src/tun_helper.h
+++ b/src/tun_helper.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _TUN_HELPER_H_
-#define _TUN_HELPER_H_
+#ifndef UANYTUN_tun_helper_h_INCLUDED
+#define UANYTUN_tun_helper_h_INCLUDED

 
 #include <string.h>
 #include <sys/socket.h>
 
 #include <string.h>
 #include <sys/socket.h>

diff --git a/src/uanytun.c b/src/uanytun.c
index c9c6c44..0e36781 100644 (file)
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -249,7 +250,7 @@ int main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
   encrypted_packet_t encrypted_packet;
   encrypted_packet_init(&encrypted_packet, opt->auth_tag_length_);
   seq_nr_t seq_nr = 0;
   encrypted_packet_t encrypted_packet;
   encrypted_packet_init(&encrypted_packet, opt->auth_tag_length_);
   seq_nr_t seq_nr = 0;

-  fd_set readfds;
+  fd_set readfds, readyfds;

 
   cipher_t c;
   auth_algo_t aa;
 
   cipher_t c;
   auth_algo_t aa;


@@ -260,36 +261,45 @@ int main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
   if(ret)
     return ret;
 
   if(ret)
     return ret;
 

-  signal_init();
+  FD_ZERO(&readfds);
+  FD_SET(dev->fd_, &readfds);
+  FD_SET(sock->fd_, &readfds);
+  int nfds = dev->fd_ > sock->fd_ ? dev->fd_ : sock->fd_;
+

   int return_value = 0;
   int return_value = 0;

-  while(!return_value) {
-    FD_ZERO(&readfds);
-    FD_SET(dev->fd_, &readfds);
-    FD_SET(sock->fd_, &readfds);
-    int nfds = dev->fd_ > sock->fd_ ? dev->fd_+1 : sock->fd_+1;
+  int sig_fd = signal_init();
+  if(sig_fd < 0)
+    return_value -1;

 
 

-    int ret = select(nfds, &readfds, NULL, NULL, NULL);
+  FD_SET(sig_fd, &readfds);
+  nfds = (nfds < sig_fd) ? sig_fd : nfds;
+
+  while(!return_value) {
+    memcpy(&readyfds, &readfds, sizeof(readyfds));
+    int ret = select(nfds + 1, &readyfds, NULL, NULL, NULL);

     if(ret == -1 && errno != EINTR) {
       log_printf(ERROR, "select returned with error: %s", strerror(errno));
       return_value = -1;
       break;
     }
     if(ret == -1 && errno != EINTR) {
       log_printf(ERROR, "select returned with error: %s", strerror(errno));
       return_value = -1;
       break;
     }

-    if(!ret)
+    if(!ret || ret == -1)

       continue;
 
       continue;
 

-    if(signal_exit) {
-      return_value = 1;
-      break;
+    if(FD_ISSET(sig_fd, &readyfds)) {
+      if(signal_handle()) {
+        return_value = 1;
+        break;
+      }

     }
 
     }
 

-    if(FD_ISSET(dev->fd_, &readfds)) {
+    if(FD_ISSET(dev->fd_, &readyfds)) {

       return_value = process_tun_data(dev, sock, opt, &plain_packet, &encrypted_packet, &c, &aa, &kd, seq_nr);
       seq_nr++;
       if(return_value)
         break;
     }
 
       return_value = process_tun_data(dev, sock, opt, &plain_packet, &encrypted_packet, &c, &aa, &kd, seq_nr);
       seq_nr++;
       if(return_value)
         break;
     }
 

-    if(FD_ISSET(sock->fd_, &readfds)) {
+    if(FD_ISSET(sock->fd_, &readyfds)) {

       return_value = process_sock_data(dev, sock, opt, &plain_packet, &encrypted_packet, &c, &aa, &kd, &seq_win); 
       if(return_value)
         break;
       return_value = process_sock_data(dev, sock, opt, &plain_packet, &encrypted_packet, &c, &aa, &kd, &seq_win); 
       if(return_value)
         break;


@@ -302,6 +312,7 @@ int main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
   key_derivation_close(&kd);
 #endif
   seq_win_clear(&seq_win);
   key_derivation_close(&kd);
 #endif
   seq_win_clear(&seq_win);

+  signal_stop();

 
   return return_value;
 }
 
   return return_value;
 }


@@ -391,7 +402,9 @@ int main(int argc, char* argv[])
 
   if(opt.post_up_script_) {
     log_printf(NOTICE, "executing post-up script '%s'", opt.post_up_script_);
 
   if(opt.post_up_script_) {
     log_printf(NOTICE, "executing post-up script '%s'", opt.post_up_script_);

-    int ret = exec_script(opt.post_up_script_, dev.actual_name_);
+    char* const argv[] = { opt.post_up_script_, dev.actual_name_, NULL };
+    char* const evp[] = { NULL };
+    int ret = uanytun_exec(opt.post_up_script_, argv, evp);

   }
 
 
   }
 
 

diff --git a/src/udp.c b/src/udp.c
index 96e2e23..7f539a8 100644 (file)
--- a/src/udp.c
+++ b/src/udp.c
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

diff --git a/src/udp.h b/src/udp.h
index aacdae8..02a1c26 100644 (file)
--- a/src/udp.h
+++ b/src/udp.h
@@ -20,8 +20,9 @@
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify
  *  This file is part of uAnytun.
  *
  *  uAnytun is free software: you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 3 as
- *  published by the Free Software Foundation.
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  any later version.

  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *
  *  uAnytun is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of


@@ -32,8 +33,8 @@
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 
  *  along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
  */
 

-#ifndef _UDP_H_
-#define _UDP_H_
+#ifndef UANYTUN_udp_h_INCLUDED
+#define UANYTUN_udp_h_INCLUDED

 
 #include "options.h"
 
 
 #include "options.h"
 

diff --git a/version b/version
new file mode 100644 (file)
index 0000000..d15723f
--- /dev/null
+++ b/version
@@ -0,0 +1 @@
+0.3.2