tmp = silc_net_create_server(server->config->listen_port->port,
server->config->listen_port->listener_ip);
- if (tmp < 0)
+ if (tmp < 0) {
+ SILC_LOG_ERROR(("Could not create server listener: %s on %d",
+ server->config->listen_port->listener_ip,
+ server->config->listen_port->port));
goto err0;
+ }
sock = silc_realloc(sock, (sizeof(int *) * (sock_count + 1)));
sock[sock_count] = tmp;
return FALSE;
}
-/* Fork server to background and set gid+uid to non-root.
- Silcd will not run as root, so trying to set either user or group to
- root will cause silcd to exit. */
+/* Fork server to background and set gid+uid to non-root */
void silc_server_daemonise(SilcServer server)
+{
+ int i;
+
+ i = fork ();
+
+ if (i) {
+ if (i > 0) {
+ if (geteuid())
+ SILC_LOG_DEBUG(("Server started as user"));
+ else
+ SILC_LOG_DEBUG(("Server started as root. Dropping privileges."));
+
+ SILC_LOG_DEBUG(("Forking SILC server to background"));
+ exit(0);
+ } else {
+ SILC_LOG_DEBUG(("fork() failed, cannot proceed"));
+ exit(1);
+ }
+ }
+ setsid();
+}
+
+/* Drop root privligies. If this cannot be done, die. */
+
+void silc_server_drop(SilcServer server)
{
/* Are we executing silcd as root or a regular user? */
- if (geteuid()==0) {
-
+ if (!geteuid()) {
+
struct passwd *pw;
struct group *gr;
char *user, *group;
-
+
if (!server->config->identity || !server->config->identity->user ||
!server->config->identity->group) {
fprintf(stderr, "Error:"
"\tthe server as non-root user.\n");
exit(1);
}
-
+
/* Get the values given for user and group in configuration file */
user=server->config->identity->user;
group=server->config->identity->group;
-
+
/* Check whether the user/group information is text */
if (atoi(user)!=0 || atoi(group)!=0) {
SILC_LOG_DEBUG(("Invalid user and/or group information"));
fprintf(stderr, "Please assign them as names, not numbers\n");
exit(1);
}
-
+
/* Catch the nasty incident of string "0" returning 0 from atoi */
if (strcmp("0", user)==0 || strcmp("0", group)==0) {
SILC_LOG_DEBUG(("User and/or group configured to 0. Unacceptable"));
fprintf(stderr, "User and/or group configured to 0. Exiting\n");
exit(1);
}
-
+
pw=getpwnam(user);
gr=getgrnam(group);
fprintf(stderr, "No such group %s found\n", group);
exit(1);
}
-
+
/* Check whether user and/or group is set to root. If yes, exit
immediately. Otherwise, setgid and setuid server to user.group */
if (gr->gr_gid==0 || pw->pw_uid==0) {
"\tthe server as non-root user.\n");
exit(1);
} else {
- /* Fork server to background, making it a daemon */
- if (fork()) {
- SILC_LOG_DEBUG(("Server started as root. Dropping privileges."));
- SILC_LOG_DEBUG(("Forking SILC server to background"));
- exit(0);
- }
- setsid();
-
SILC_LOG_DEBUG(("Changing to group %s", group));
if(setgid(gr->gr_gid)==0) {
SILC_LOG_DEBUG(("Setgid to %s", group));
exit(1);
}
}
- } else {
- /* Fork server to background, making it a daemon */
- if (fork()) {
- SILC_LOG_DEBUG(("Server started as user"));
- SILC_LOG_DEBUG(("Forking SILC server to background"));
- exit(0);
- }
- setsid();
}
}
/* We now have the key material as the result of the key exchange
protocol. Take the key material into use. Free the raw key material
as soon as we've set them into use. */
- if (!silc_server_protocol_ke_set_keys(ctx->ske, ctx->sock, ctx->keymat,
+ if (!silc_server_protocol_ke_set_keys(server, ctx->ske,
+ ctx->sock, ctx->keymat,
ctx->ske->prop->cipher,
ctx->ske->prop->pkcs,
ctx->ske->prop->hash,
/* We now have the key material as the result of the key exchange
protocol. Take the key material into use. Free the raw key material
as soon as we've set them into use. */
- if (!silc_server_protocol_ke_set_keys(ctx->ske, ctx->sock, ctx->keymat,
+ if (!silc_server_protocol_ke_set_keys(server, ctx->ske,
+ ctx->sock, ctx->keymat,
ctx->ske->prop->cipher,
ctx->ske->prop->pkcs,
ctx->ske->prop->hash,
if (ret == -1)
SILC_LOG_ERROR(("Error receiving packet from connection "
- "%s:%d [%s]", sock->hostname, sock->port,
+ "%s:%d [%s] %s", sock->hostname, sock->port,
(sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
- "Router")));
+ "Router"), strerror(errno)));
return;
}
process all packets synchronously, since there might be packets in
queue that we are not able to decrypt without first processing the
packets before them. */
- if (sock->protocol && sock->protocol->protocol &&
- (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_KEY_EXCHANGE ||
- sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY)) {
+ if ((parser_context->packet->type == SILC_PACKET_REKEY ||
+ parser_context->packet->type == SILC_PACKET_REKEY_DONE) ||
+ (sock->protocol && sock->protocol->protocol &&
+ (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_KEY_EXCHANGE ||
+ sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY))) {
silc_server_packet_parse_real(server->schedule, 0, sock->sock,
parser_context);
become invalid now as well. */
if (user_data->id)
silc_server_remove_clients_by_server(server, user_data, TRUE);
+ if (server->server_type == SILC_SERVER)
+ silc_server_remove_channels_by_server(server, user_data);
} else {
/* Update the client entries of this server to the new backup
router. This also removes the clients that *really* was owned
silc_server_update_clients_by_server(server, user_data, backup_router,
TRUE, TRUE);
silc_server_update_servers_by_server(server, user_data, backup_router);
+ if (server->server_type == SILC_SERVER)
+ silc_server_update_channels_by_server(server, user_data,
+ backup_router);
}
/* Free the server entry */
}
if (!channel->channel_key)
- if (!silc_cipher_alloc(SILC_DEFAULT_CIPHER, &channel->channel_key))
+ if (!silc_cipher_alloc(SILC_DEFAULT_CIPHER, &channel->channel_key)) {
+ channel->channel_key = NULL;
return FALSE;
+ }
if (key_len)
len = key_len;
/* Create new cipher */
if (!silc_cipher_alloc(cipher, &channel->channel_key)) {
+ channel->channel_key = NULL;
channel = NULL;
goto out;
}
(*channel_ids)[i] = NULL;
silc_server_announce_get_channel_users(server, channel,
channel_users,
- channel_users_modes[i]);
+ &(*channel_users_modes)[i]);
(*channel_ids)[i] = channel->id;
i++;
&channel_ids, creation_time);
/* Get channels and channel users in global list */
- silc_server_announce_get_channels(server, server->global_list,
- &channels, &channel_users,
- &channel_users_modes,
- &channel_users_modes_c,
- &channel_ids, creation_time);
+ if (server->server_type != SILC_SERVER)
+ silc_server_announce_get_channels(server, server->global_list,
+ &channels, &channel_users,
+ &channel_users_modes,
+ &channel_users_modes_c,
+ &channel_ids, creation_time);
if (channels) {
silc_buffer_push(channels, channels->data - channels->head);
projects / silc.git / blobdiff