int main (int argc, char *argv[])
{
GtkBuilder *login;
GtkBuilder *builder;
GtkWidget *loginwindow;
GtkWidget *window;
GtkButton *loginbtn;
gtk_init( &argc, &argv );
/* Create builder */
builder = gtk_builder_new();
gtk_builder_add_from_file( builder, "ui.glade", NULL );
window = GTK_WIDGET( gtk_builder_get_object( builder, "window1" ) );
login = gtk_builder_new();
gtk_builder_add_from_file(login, "login.glade", NULL);
loginwindow = GTK_WIDGET(gtk_builder_get_object(login, "loginwindow"));
loginbtn = GTK_BUTTON(gtk_builder_get_object(login, "loginbtn"));
g_signal_connect(loginbtn, "clicked", G_CALLBACK(cb_login_button), NULL);
init_db();
init_login(login, loginwindow, window);
init_user(builder);
init_material(builder);
init_auth(builder);
init_inout(builder);
gtk_builder_connect_signals( login, NULL);
g_object_unref( G_OBJECT( login) );
gtk_builder_connect_signals( builder, NULL);
g_object_unref( G_OBJECT( builder ) );
gtk_widget_show(loginwindow);
gtk_main();
return( 0 );
}
static void set_up(void) {
server_rec *s = NULL;
if (p == NULL) {
p = permanent_pool = make_sub_pool(NULL);
}
pr_trace_use_stderr(TRUE);
init_stash();
init_auth();
s = pcalloc(p, sizeof(server_rec));
tests_stubs_set_main_server(s);
test_pwd.pw_name = PR_TEST_AUTH_NAME;
test_pwd.pw_uid = PR_TEST_AUTH_UID;
test_pwd.pw_gid = PR_TEST_AUTH_GID;
test_pwd.pw_dir = PR_TEST_AUTH_HOME;
test_pwd.pw_shell = PR_TEST_AUTH_SHELL;
test_grp.gr_name = PR_TEST_AUTH_NAME;
test_grp.gr_gid = PR_TEST_AUTH_GID;
/* Reset counters. */
setpwent_count = 0;
endpwent_count = 0;
getpwent_count = 0;
getpwnam_count = 0;
getpwuid_count = 0;
name2uid_count = 0;
uid2name_count = 0;
setgrent_count = 0;
endgrent_count = 0;
getgrent_count = 0;
getgrnam_count = 0;
getgrgid_count = 0;
name2gid_count = 0;
gid2name_count = 0;
getgroups_count = 0;
pr_auth_cache_clear();
}
void
setUp(void)
{
if (counter == 0) {
counter++;
init_auth(); // causes segfault if called more than once
}
/*
* init_auth() is called by tests_main.cpp earlier. It
* does not initialize global variables like
* authnumkeys, so let's reset them to zero here.
*/
authnumkeys = 0;
/*
* Especially, empty the key cache!
*/
cache_keyid = 0;
cache_type = 0;
cache_flags = 0;
cache_secret = NULL;
cache_secretsize = 0;
}
int ntpsim(int argc, char *argv[])
{
Event *curr_event;
struct timeval seed;
/* Initialize the local Clock
*/
simclock.local_time = 0;
simclock.adj = 0;
simclock.slew = 0;
/* Initialize the simulation
*/
simulation.num_of_servers = 0;
simulation.beep_delay = BEEP_DLY;
simulation.sim_time = 0;
simulation.end_time = SIM_TIME;
/*
* Initialize ntp variables
*/
initializing = 1;
init_auth();
init_util();
init_restrict();
init_mon();
init_timer();
init_lib();
init_request();
init_control();
init_peer();
init_proto();
init_io();
init_loopfilter();
mon_start(MON_OFF);
/* Call getconfig to parse the configuration file */
getconfig(argc, argv);
initializing = 0;
loop_config(LOOP_DRIFTCOMP, old_drift / 1e6);
/*
* Watch out here, we want the real time, not the silly stuff.
*/
gettimeofday(&seed, NULL);
ntp_srandom(seed.tv_usec);
/* Initialize the event queue */
event_queue = create_priority_queue((int(*)(void *, void*))
determine_event_ordering);
/* Initialize the receive queue */
recv_queue = create_priority_queue((int(*)(void *, void*))
determine_recv_buf_ordering);
/* Push a beep and a timer on the event queue */
enqueue(event_queue, event(0, BEEP));
enqueue(event_queue, event(simulation.sim_time + 1.0, TIMER));
/*
* Pop the queue until nothing is left or time is exceeded
*/
/* maxtime = simulation.sim_time + simulation.end_time;*/
while (simulation.sim_time <= simulation.end_time &&
(!empty(event_queue))) {
curr_event = dequeue(event_queue);
/* Update all the clocks to the time on the event */
sim_update_clocks(curr_event);
/* Execute the function associated with the event */
event_ptr[curr_event->function](curr_event);
free_node(curr_event);
}
return (0);
}
int
ntpdmain(
int argc,
char *argv[]
)
{
l_fp now;
struct recvbuf *rbuf;
const char * logfilename;
# ifdef HAVE_UMASK
mode_t uv;
# endif
# if defined(HAVE_GETUID) && !defined(MPE) /* MPE lacks the concept of root */
uid_t uid;
# endif
# if defined(HAVE_WORKING_FORK)
long wait_sync = 0;
int pipe_fds[2];
int rc;
int exit_code;
# ifdef _AIX
struct sigaction sa;
# endif
# if !defined(HAVE_SETSID) && !defined (HAVE_SETPGID) && defined(TIOCNOTTY)
int fid;
# endif
# endif /* HAVE_WORKING_FORK*/
# ifdef SCO5_CLOCK
int fd;
int zero;
# endif
# ifdef NEED_PTHREAD_WARMUP
my_pthread_warmup();
# endif
# ifdef HAVE_UMASK
uv = umask(0);
if (uv)
umask(uv);
else
umask(022);
# endif
saved_argc = argc;
saved_argv = argv;
progname = argv[0];
initializing = TRUE; /* mark that we are initializing */
parse_cmdline_opts(&argc, &argv);
# ifdef DEBUG
debug = OPT_VALUE_SET_DEBUG_LEVEL;
# ifdef HAVE_SETLINEBUF
setlinebuf(stdout);
# endif
# endif
if (HAVE_OPT(NOFORK) || HAVE_OPT(QUIT)
# ifdef DEBUG
|| debug
# endif
|| HAVE_OPT(SAVECONFIGQUIT))
nofork = TRUE;
init_logging(progname, NLOG_SYNCMASK, TRUE);
/* honor -l/--logfile option to log to a file */
if (HAVE_OPT(LOGFILE)) {
logfilename = OPT_ARG(LOGFILE);
syslogit = FALSE;
change_logfile(logfilename, FALSE);
} else {
logfilename = NULL;
if (nofork)
msyslog_term = TRUE;
if (HAVE_OPT(SAVECONFIGQUIT))
syslogit = FALSE;
}
msyslog(LOG_NOTICE, "%s: Starting", Version);
{
int i;
char buf[1024]; /* Secret knowledge of msyslog buf length */
char *cp = buf;
/* Note that every arg has an initial space character */
snprintf(cp, sizeof(buf), "Command line:");
cp += strlen(cp);
for (i = 0; i < saved_argc ; ++i) {
snprintf(cp, sizeof(buf) - (cp - buf),
" %s", saved_argv[i]);
cp += strlen(cp);
}
msyslog(LOG_INFO, "%s", buf);
}
/*
* Install trap handlers to log errors and assertion failures.
* Default handlers print to stderr which doesn't work if detached.
*/
isc_assertion_setcallback(assertion_failed);
isc_error_setfatal(library_fatal_error);
isc_error_setunexpected(library_unexpected_error);
/* MPE lacks the concept of root */
# if defined(HAVE_GETUID) && !defined(MPE)
uid = getuid();
if (uid && !HAVE_OPT( SAVECONFIGQUIT )) {
msyslog_term = TRUE;
msyslog(LOG_ERR,
"must be run as root, not uid %ld", (long)uid);
exit(1);
}
# endif
/*
* Enable the Multi-Media Timer for Windows?
*/
# ifdef SYS_WINNT
if (HAVE_OPT( MODIFYMMTIMER ))
set_mm_timer(MM_TIMER_HIRES);
# endif
#ifdef HAVE_DNSREGISTRATION
/*
* Enable mDNS registrations?
*/
if (HAVE_OPT( MDNS )) {
mdnsreg = TRUE;
}
#endif /* HAVE_DNSREGISTRATION */
if (HAVE_OPT( NOVIRTUALIPS ))
listen_to_virtual_ips = 0;
/*
* --interface, listen on specified interfaces
*/
if (HAVE_OPT( INTERFACE )) {
int ifacect = STACKCT_OPT( INTERFACE );
const char** ifaces = STACKLST_OPT( INTERFACE );
sockaddr_u addr;
while (ifacect-- > 0) {
add_nic_rule(
is_ip_address(*ifaces, AF_UNSPEC, &addr)
? MATCH_IFADDR
: MATCH_IFNAME,
*ifaces, -1, ACTION_LISTEN);
ifaces++;
}
}
if (HAVE_OPT( NICE ))
priority_done = 0;
# ifdef HAVE_SCHED_SETSCHEDULER
if (HAVE_OPT( PRIORITY )) {
config_priority = OPT_VALUE_PRIORITY;
config_priority_override = 1;
priority_done = 0;
}
# endif
# ifdef HAVE_WORKING_FORK
/* make sure the FDs are initialised */
pipe_fds[0] = -1;
pipe_fds[1] = -1;
do { /* 'loop' once */
if (!HAVE_OPT( WAIT_SYNC ))
break;
wait_sync = OPT_VALUE_WAIT_SYNC;
if (wait_sync <= 0) {
wait_sync = 0;
break;
}
/* -w requires a fork() even with debug > 0 */
nofork = FALSE;
if (pipe(pipe_fds)) {
exit_code = (errno) ? errno : -1;
msyslog(LOG_ERR,
"Pipe creation failed for --wait-sync: %m");
exit(exit_code);
}
waitsync_fd_to_close = pipe_fds[1];
} while (0); /* 'loop' once */
# endif /* HAVE_WORKING_FORK */
init_lib();
# ifdef SYS_WINNT
/*
* Start interpolation thread, must occur before first
* get_systime()
*/
init_winnt_time();
# endif
/*
* Initialize random generator and public key pair
*/
get_systime(&now);
ntp_srandom((int)(now.l_i * now.l_uf));
/*
* Detach us from the terminal. May need an #ifndef GIZMO.
*/
if (!nofork) {
# ifdef HAVE_WORKING_FORK
rc = fork();
if (-1 == rc) {
exit_code = (errno) ? errno : -1;
msyslog(LOG_ERR, "fork: %m");
exit(exit_code);
}
if (rc > 0) {
/* parent */
exit_code = wait_child_sync_if(pipe_fds[0],
wait_sync);
exit(exit_code);
}
/*
* child/daemon
* close all open files excepting waitsync_fd_to_close.
* msyslog() unreliable until after init_logging().
*/
closelog();
if (syslog_file != NULL) {
fclose(syslog_file);
syslog_file = NULL;
syslogit = TRUE;
}
close_all_except(waitsync_fd_to_close);
INSIST(0 == open("/dev/null", 0) && 1 == dup2(0, 1) \
&& 2 == dup2(0, 2));
init_logging(progname, 0, TRUE);
/* we lost our logfile (if any) daemonizing */
setup_logfile(logfilename);
# ifdef SYS_DOMAINOS
{
uid_$t puid;
status_$t st;
proc2_$who_am_i(&puid);
proc2_$make_server(&puid, &st);
}
# endif /* SYS_DOMAINOS */
# ifdef HAVE_SETSID
if (setsid() == (pid_t)-1)
msyslog(LOG_ERR, "setsid(): %m");
# elif defined(HAVE_SETPGID)
if (setpgid(0, 0) == -1)
msyslog(LOG_ERR, "setpgid(): %m");
# else /* !HAVE_SETSID && !HAVE_SETPGID follows */
# ifdef TIOCNOTTY
fid = open("/dev/tty", 2);
if (fid >= 0) {
ioctl(fid, (u_long)TIOCNOTTY, NULL);
close(fid);
}
# endif /* TIOCNOTTY */
ntp_setpgrp(0, getpid());
# endif /* !HAVE_SETSID && !HAVE_SETPGID */
# ifdef _AIX
/* Don't get killed by low-on-memory signal. */
sa.sa_handler = catch_danger;
sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART;
sigaction(SIGDANGER, &sa, NULL);
# endif /* _AIX */
# endif /* HAVE_WORKING_FORK */
}
# ifdef SCO5_CLOCK
/*
* SCO OpenServer's system clock offers much more precise timekeeping
* on the base CPU than the other CPUs (for multiprocessor systems),
* so we must lock to the base CPU.
*/
fd = open("/dev/at1", O_RDONLY);
if (fd >= 0) {
zero = 0;
if (ioctl(fd, ACPU_LOCK, &zero) < 0)
msyslog(LOG_ERR, "cannot lock to base CPU: %m");
close(fd);
}
# endif
/* Setup stack size in preparation for locking pages in memory. */
# if defined(HAVE_MLOCKALL)
# ifdef HAVE_SETRLIMIT
ntp_rlimit(RLIMIT_STACK, DFLT_RLIMIT_STACK * 4096, 4096, "4k");
# ifdef RLIMIT_MEMLOCK
/*
* The default RLIMIT_MEMLOCK is very low on Linux systems.
* Unless we increase this limit malloc calls are likely to
* fail if we drop root privilege. To be useful the value
* has to be larger than the largest ntpd resident set size.
*/
ntp_rlimit(RLIMIT_MEMLOCK, DFLT_RLIMIT_MEMLOCK * 1024 * 1024, 1024 * 1024, "MB");
# endif /* RLIMIT_MEMLOCK */
# endif /* HAVE_SETRLIMIT */
# else /* !HAVE_MLOCKALL follows */
# ifdef HAVE_PLOCK
# ifdef PROCLOCK
# ifdef _AIX
/*
* set the stack limit for AIX for plock().
* see get_aix_stack() for more info.
*/
if (ulimit(SET_STACKLIM, (get_aix_stack() - 8 * 4096)) < 0)
msyslog(LOG_ERR,
"Cannot adjust stack limit for plock: %m");
# endif /* _AIX */
# endif /* PROCLOCK */
# endif /* HAVE_PLOCK */
# endif /* !HAVE_MLOCKALL */
/*
* Set up signals we pay attention to locally.
*/
# ifdef SIGDIE1
signal_no_reset(SIGDIE1, finish);
signal_no_reset(SIGDIE2, finish);
signal_no_reset(SIGDIE3, finish);
signal_no_reset(SIGDIE4, finish);
# endif
# ifdef SIGBUS
signal_no_reset(SIGBUS, finish);
# endif
# if !defined(SYS_WINNT) && !defined(VMS)
# ifdef DEBUG
(void) signal_no_reset(MOREDEBUGSIG, moredebug);
(void) signal_no_reset(LESSDEBUGSIG, lessdebug);
# else
(void) signal_no_reset(MOREDEBUGSIG, no_debug);
(void) signal_no_reset(LESSDEBUGSIG, no_debug);
# endif /* DEBUG */
# endif /* !SYS_WINNT && !VMS */
/*
* Set up signals we should never pay attention to.
*/
# ifdef SIGPIPE
signal_no_reset(SIGPIPE, SIG_IGN);
# endif
/*
* Call the init_ routines to initialize the data structures.
*
* Exactly what command-line options are we expecting here?
*/
INIT_SSL();
init_auth();
init_util();
init_restrict();
init_mon();
init_timer();
init_request();
init_control();
init_peer();
# ifdef REFCLOCK
init_refclock();
# endif
set_process_priority();
init_proto(); /* Call at high priority */
init_io();
init_loopfilter();
mon_start(MON_ON); /* monitor on by default now */
/* turn off in config if unwanted */
/*
* Get the configuration. This is done in a separate module
* since this will definitely be different for the gizmo board.
*/
getconfig(argc, argv);
if (-1 == cur_memlock) {
# if defined(HAVE_MLOCKALL)
/*
* lock the process into memory
*/
if ( !HAVE_OPT(SAVECONFIGQUIT)
# ifdef RLIMIT_MEMLOCK
&& -1 != DFLT_RLIMIT_MEMLOCK
# endif
&& 0 != mlockall(MCL_CURRENT|MCL_FUTURE))
msyslog(LOG_ERR, "mlockall(): %m");
# else /* !HAVE_MLOCKALL follows */
# ifdef HAVE_PLOCK
# ifdef PROCLOCK
/*
* lock the process into memory
*/
if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(PROCLOCK))
msyslog(LOG_ERR, "plock(PROCLOCK): %m");
# else /* !PROCLOCK follows */
# ifdef TXTLOCK
/*
* Lock text into ram
*/
if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(TXTLOCK))
msyslog(LOG_ERR, "plock(TXTLOCK) error: %m");
# else /* !TXTLOCK follows */
msyslog(LOG_ERR, "plock() - don't know what to lock!");
# endif /* !TXTLOCK */
# endif /* !PROCLOCK */
# endif /* HAVE_PLOCK */
# endif /* !HAVE_MLOCKALL */
}
loop_config(LOOP_DRIFTINIT, 0);
report_event(EVNT_SYSRESTART, NULL, NULL);
initializing = FALSE;
# ifdef HAVE_DROPROOT
if (droproot) {
/* Drop super-user privileges and chroot now if the OS supports this */
# ifdef HAVE_LINUX_CAPABILITIES
/* set flag: keep privileges accross setuid() call (we only really need cap_sys_time): */
if (prctl( PR_SET_KEEPCAPS, 1L, 0L, 0L, 0L ) == -1) {
msyslog( LOG_ERR, "prctl( PR_SET_KEEPCAPS, 1L ) failed: %m" );
exit(-1);
}
# elif HAVE_SOLARIS_PRIVS
/* Nothing to do here */
# else
/* we need a user to switch to */
if (user == NULL) {
msyslog(LOG_ERR, "Need user name to drop root privileges (see -u flag!)" );
exit(-1);
}
# endif /* HAVE_LINUX_CAPABILITIES || HAVE_SOLARIS_PRIVS */
if (user != NULL) {
if (isdigit((unsigned char)*user)) {
sw_uid = (uid_t)strtoul(user, &endp, 0);
if (*endp != '\0')
goto getuser;
if ((pw = getpwuid(sw_uid)) != NULL) {
free(user);
user = estrdup(pw->pw_name);
sw_gid = pw->pw_gid;
} else {
errno = 0;
msyslog(LOG_ERR, "Cannot find user ID %s", user);
exit (-1);
}
} else {
getuser:
errno = 0;
if ((pw = getpwnam(user)) != NULL) {
sw_uid = pw->pw_uid;
sw_gid = pw->pw_gid;
} else {
if (errno)
msyslog(LOG_ERR, "getpwnam(%s) failed: %m", user);
else
msyslog(LOG_ERR, "Cannot find user `%s'", user);
exit (-1);
}
}
}
if (group != NULL) {
if (isdigit((unsigned char)*group)) {
sw_gid = (gid_t)strtoul(group, &endp, 0);
if (*endp != '\0')
goto getgroup;
} else {
getgroup:
if ((gr = getgrnam(group)) != NULL) {
sw_gid = gr->gr_gid;
} else {
errno = 0;
msyslog(LOG_ERR, "Cannot find group `%s'", group);
exit (-1);
}
}
}
if (chrootdir ) {
/* make sure cwd is inside the jail: */
if (chdir(chrootdir)) {
msyslog(LOG_ERR, "Cannot chdir() to `%s': %m", chrootdir);
exit (-1);
}
if (chroot(chrootdir)) {
msyslog(LOG_ERR, "Cannot chroot() to `%s': %m", chrootdir);
exit (-1);
}
if (chdir("/")) {
msyslog(LOG_ERR, "Cannot chdir() to`root after chroot(): %m");
exit (-1);
}
}
# ifdef HAVE_SOLARIS_PRIVS
if ((lowprivs = priv_str_to_set(LOWPRIVS, ",", NULL)) == NULL) {
msyslog(LOG_ERR, "priv_str_to_set() failed:%m");
exit(-1);
}
if ((highprivs = priv_allocset()) == NULL) {
msyslog(LOG_ERR, "priv_allocset() failed:%m");
exit(-1);
}
(void) getppriv(PRIV_PERMITTED, highprivs);
(void) priv_intersect(highprivs, lowprivs);
if (setppriv(PRIV_SET, PRIV_PERMITTED, lowprivs) == -1) {
msyslog(LOG_ERR, "setppriv() failed:%m");
exit(-1);
}
# endif /* HAVE_SOLARIS_PRIVS */
if (user && initgroups(user, sw_gid)) {
msyslog(LOG_ERR, "Cannot initgroups() to user `%s': %m", user);
exit (-1);
}
if (group && setgid(sw_gid)) {
msyslog(LOG_ERR, "Cannot setgid() to group `%s': %m", group);
exit (-1);
}
if (group && setegid(sw_gid)) {
msyslog(LOG_ERR, "Cannot setegid() to group `%s': %m", group);
exit (-1);
}
if (group) {
if (0 != setgroups(1, &sw_gid)) {
msyslog(LOG_ERR, "setgroups(1, %d) failed: %m", sw_gid);
exit (-1);
}
}
else if (pw)
if (0 != initgroups(pw->pw_name, pw->pw_gid)) {
msyslog(LOG_ERR, "initgroups(<%s>, %d) filed: %m", pw->pw_name, pw->pw_gid);
exit (-1);
}
if (user && setuid(sw_uid)) {
msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user);
exit (-1);
}
if (user && seteuid(sw_uid)) {
msyslog(LOG_ERR, "Cannot seteuid() to user `%s': %m", user);
exit (-1);
}
# if !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS)
/*
* for now assume that the privilege to bind to privileged ports
* is associated with running with uid 0 - should be refined on
* ports that allow binding to NTP_PORT with uid != 0
*/
disable_dynamic_updates |= (sw_uid != 0); /* also notifies routing message listener */
# endif /* !HAVE_LINUX_CAPABILITIES && !HAVE_SOLARIS_PRIVS */
if (disable_dynamic_updates && interface_interval) {
interface_interval = 0;
msyslog(LOG_INFO, "running as non-root disables dynamic interface tracking");
}
# ifdef HAVE_LINUX_CAPABILITIES
{
/*
* We may be running under non-root uid now, but we still hold full root privileges!
* We drop all of them, except for the crucial one or two: cap_sys_time and
* cap_net_bind_service if doing dynamic interface tracking.
*/
cap_t caps;
char *captext;
captext = (0 != interface_interval)
? "cap_sys_time,cap_net_bind_service=pe"
: "cap_sys_time=pe";
caps = cap_from_text(captext);
if (!caps) {
msyslog(LOG_ERR,
"cap_from_text(%s) failed: %m",
captext);
exit(-1);
}
if (-1 == cap_set_proc(caps)) {
msyslog(LOG_ERR,
"cap_set_proc() failed to drop root privs: %m");
exit(-1);
}
cap_free(caps);
}
# endif /* HAVE_LINUX_CAPABILITIES */
# ifdef HAVE_SOLARIS_PRIVS
if (priv_delset(lowprivs, "proc_setid") == -1) {
msyslog(LOG_ERR, "priv_delset() failed:%m");
exit(-1);
}
if (setppriv(PRIV_SET, PRIV_PERMITTED, lowprivs) == -1) {
msyslog(LOG_ERR, "setppriv() failed:%m");
exit(-1);
}
priv_freeset(lowprivs);
priv_freeset(highprivs);
# endif /* HAVE_SOLARIS_PRIVS */
root_dropped = TRUE;
fork_deferred_worker();
} /* if (droproot) */
# endif /* HAVE_DROPROOT */
/* libssecomp sandboxing */
#if defined (LIBSECCOMP) && (KERN_SECCOMP)
scmp_filter_ctx ctx;
if ((ctx = seccomp_init(SCMP_ACT_KILL)) < 0)
msyslog(LOG_ERR, "%s: seccomp_init(SCMP_ACT_KILL) failed: %m", __func__);
else {
msyslog(LOG_DEBUG, "%s: seccomp_init(SCMP_ACT_KILL) succeeded", __func__);
}
#ifdef __x86_64__
int scmp_sc[] = {
SCMP_SYS(adjtimex),
SCMP_SYS(bind),
SCMP_SYS(brk),
SCMP_SYS(chdir),
SCMP_SYS(clock_gettime),
SCMP_SYS(clock_settime),
SCMP_SYS(close),
SCMP_SYS(connect),
SCMP_SYS(exit_group),
SCMP_SYS(fstat),
SCMP_SYS(fsync),
SCMP_SYS(futex),
SCMP_SYS(getitimer),
SCMP_SYS(getsockname),
SCMP_SYS(ioctl),
SCMP_SYS(lseek),
SCMP_SYS(madvise),
SCMP_SYS(mmap),
SCMP_SYS(munmap),
SCMP_SYS(open),
SCMP_SYS(poll),
SCMP_SYS(read),
SCMP_SYS(recvmsg),
SCMP_SYS(rename),
SCMP_SYS(rt_sigaction),
SCMP_SYS(rt_sigprocmask),
SCMP_SYS(rt_sigreturn),
SCMP_SYS(select),
SCMP_SYS(sendto),
SCMP_SYS(setitimer),
SCMP_SYS(setsid),
SCMP_SYS(socket),
SCMP_SYS(stat),
SCMP_SYS(time),
SCMP_SYS(write),
};
#endif
#ifdef __i386__
int scmp_sc[] = {
SCMP_SYS(_newselect),
SCMP_SYS(adjtimex),
SCMP_SYS(brk),
SCMP_SYS(chdir),
SCMP_SYS(clock_gettime),
SCMP_SYS(clock_settime),
SCMP_SYS(close),
SCMP_SYS(exit_group),
SCMP_SYS(fsync),
SCMP_SYS(futex),
SCMP_SYS(getitimer),
SCMP_SYS(madvise),
SCMP_SYS(mmap),
SCMP_SYS(mmap2),
SCMP_SYS(munmap),
SCMP_SYS(open),
SCMP_SYS(poll),
SCMP_SYS(read),
SCMP_SYS(rename),
SCMP_SYS(rt_sigaction),
SCMP_SYS(rt_sigprocmask),
SCMP_SYS(select),
SCMP_SYS(setitimer),
SCMP_SYS(setsid),
SCMP_SYS(sigprocmask),
SCMP_SYS(sigreturn),
SCMP_SYS(socketcall),
SCMP_SYS(stat64),
SCMP_SYS(time),
SCMP_SYS(write),
};
#endif
{
int i;
for (i = 0; i < COUNTOF(scmp_sc); i++) {
if (seccomp_rule_add(ctx,
SCMP_ACT_ALLOW, scmp_sc[i], 0) < 0) {
msyslog(LOG_ERR,
"%s: seccomp_rule_add() failed: %m",
__func__);
}
}
}
if (seccomp_load(ctx) < 0)
msyslog(LOG_ERR, "%s: seccomp_load() failed: %m",
__func__);
else {
msyslog(LOG_DEBUG, "%s: seccomp_load() succeeded", __func__);
}
#endif /* LIBSECCOMP and KERN_SECCOMP */
# ifdef HAVE_IO_COMPLETION_PORT
for (;;) {
GetReceivedBuffers();
# else /* normal I/O */
BLOCK_IO_AND_ALARM();
was_alarmed = FALSE;
for (;;) {
if (alarm_flag) { /* alarmed? */
was_alarmed = TRUE;
alarm_flag = FALSE;
}
if (!was_alarmed && !has_full_recv_buffer()) {
/*
* Nothing to do. Wait for something.
*/
io_handler();
}
if (alarm_flag) { /* alarmed? */
was_alarmed = TRUE;
alarm_flag = FALSE;
}
if (was_alarmed) {
UNBLOCK_IO_AND_ALARM();
/*
* Out here, signals are unblocked. Call timer routine
* to process expiry.
*/
timer();
was_alarmed = FALSE;
BLOCK_IO_AND_ALARM();
}
# endif /* !HAVE_IO_COMPLETION_PORT */
# ifdef DEBUG_TIMING
{
l_fp pts;
l_fp tsa, tsb;
int bufcount = 0;
get_systime(&pts);
tsa = pts;
# endif
rbuf = get_full_recv_buffer();
while (rbuf != NULL) {
if (alarm_flag) {
was_alarmed = TRUE;
alarm_flag = FALSE;
}
UNBLOCK_IO_AND_ALARM();
if (was_alarmed) {
/* avoid timer starvation during lengthy I/O handling */
timer();
was_alarmed = FALSE;
}
/*
* Call the data procedure to handle each received
* packet.
*/
if (rbuf->receiver != NULL) {
# ifdef DEBUG_TIMING
l_fp dts = pts;
L_SUB(&dts, &rbuf->recv_time);
DPRINTF(2, ("processing timestamp delta %s (with prec. fuzz)\n", lfptoa(&dts, 9)));
collect_timing(rbuf, "buffer processing delay", 1, &dts);
bufcount++;
# endif
(*rbuf->receiver)(rbuf);
} else {
msyslog(LOG_ERR, "fatal: receive buffer callback NULL");
abort();
}
BLOCK_IO_AND_ALARM();
freerecvbuf(rbuf);
rbuf = get_full_recv_buffer();
}
# ifdef DEBUG_TIMING
get_systime(&tsb);
L_SUB(&tsb, &tsa);
if (bufcount) {
collect_timing(NULL, "processing", bufcount, &tsb);
DPRINTF(2, ("processing time for %d buffers %s\n", bufcount, lfptoa(&tsb, 9)));
}
}
# endif
/*
* Go around again
*/
# ifdef HAVE_DNSREGISTRATION
if (mdnsreg && (current_time - mdnsreg ) > 60 && mdnstries && sys_leap != LEAP_NOTINSYNC) {
mdnsreg = current_time;
msyslog(LOG_INFO, "Attempting to register mDNS");
if ( DNSServiceRegister (&mdns, 0, 0, NULL, "_ntp._udp", NULL, NULL,
htons(NTP_PORT), 0, NULL, NULL, NULL) != kDNSServiceErr_NoError ) {
if (!--mdnstries) {
msyslog(LOG_ERR, "Unable to register mDNS, giving up.");
} else {
msyslog(LOG_INFO, "Unable to register mDNS, will try later.");
}
} else {
msyslog(LOG_INFO, "mDNS service registered.");
mdnsreg = FALSE;
}
}
# endif /* HAVE_DNSREGISTRATION */
}
UNBLOCK_IO_AND_ALARM();
return 1;
}
#endif /* !SIM */
#if !defined(SIM) && defined(SIGDIE1)
/*
* finish - exit gracefully
*/
static RETSIGTYPE
finish(
int sig
)
{
const char *sig_desc;
sig_desc = NULL;
#ifdef HAVE_STRSIGNAL
sig_desc = strsignal(sig);
#endif
if (sig_desc == NULL)
sig_desc = "";
msyslog(LOG_NOTICE, "%s exiting on signal %d (%s)", progname,
sig, sig_desc);
/* See Bug 2513 and Bug 2522 re the unlink of PIDFILE */
# ifdef HAVE_DNSREGISTRATION
if (mdns != NULL)
DNSServiceRefDeallocate(mdns);
# endif
peer_cleanup();
exit(0);
}
#endif /* !SIM && SIGDIE1 */
#ifndef SIM
/*
* wait_child_sync_if - implements parent side of -w/--wait-sync
*/
# ifdef HAVE_WORKING_FORK
static int
wait_child_sync_if(
int pipe_read_fd,
long wait_sync
)
{
int rc;
int exit_code;
time_t wait_end_time;
time_t cur_time;
time_t wait_rem;
fd_set readset;
struct timeval wtimeout;
if (0 == wait_sync)
return 0;
/* waitsync_fd_to_close used solely by child */
close(waitsync_fd_to_close);
wait_end_time = time(NULL) + wait_sync;
do {
cur_time = time(NULL);
wait_rem = (wait_end_time > cur_time)
? (wait_end_time - cur_time)
: 0;
wtimeout.tv_sec = wait_rem;
wtimeout.tv_usec = 0;
FD_ZERO(&readset);
FD_SET(pipe_read_fd, &readset);
rc = select(pipe_read_fd + 1, &readset, NULL, NULL,
&wtimeout);
if (-1 == rc) {
if (EINTR == errno)
continue;
exit_code = (errno) ? errno : -1;
msyslog(LOG_ERR,
"--wait-sync select failed: %m");
return exit_code;
}
if (0 == rc) {
/*
* select() indicated a timeout, but in case
* its timeouts are affected by a step of the
* system clock, select() again with a zero
* timeout to confirm.
*/
FD_ZERO(&readset);
FD_SET(pipe_read_fd, &readset);
wtimeout.tv_sec = 0;
wtimeout.tv_usec = 0;
rc = select(pipe_read_fd + 1, &readset, NULL,
NULL, &wtimeout);
if (0 == rc) /* select() timeout */
break;
else /* readable */
return 0;
} else /* readable */
return 0;
} while (wait_rem > 0);
fprintf(stderr, "%s: -w/--wait-sync %ld timed out.\n",
progname, wait_sync);
return ETIMEDOUT;
}
OM_uint32 _gsskrb5_init_sec_context
(OM_uint32 * minor_status,
const gss_cred_id_t initiator_cred_handle,
gss_ctx_id_t * context_handle,
const gss_name_t target_name,
const gss_OID mech_type,
OM_uint32 req_flags,
OM_uint32 time_req,
const gss_channel_bindings_t input_chan_bindings,
const gss_buffer_t input_token,
gss_OID * actual_mech_type,
gss_buffer_t output_token,
OM_uint32 * ret_flags,
OM_uint32 * time_rec
)
{
gsskrb5_cred cred = (gsskrb5_cred)initiator_cred_handle;
krb5_const_principal name = (krb5_const_principal)target_name;
gsskrb5_ctx ctx;
OM_uint32 ret;
GSSAPI_KRB5_INIT ();
output_token->length = 0;
output_token->value = NULL;
if (context_handle == NULL) {
*minor_status = 0;
return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE;
}
if (ret_flags)
*ret_flags = 0;
if (time_rec)
*time_rec = 0;
if (target_name == GSS_C_NO_NAME) {
if (actual_mech_type)
*actual_mech_type = GSS_C_NO_OID;
*minor_status = 0;
return GSS_S_BAD_NAME;
}
if (mech_type != GSS_C_NO_OID &&
!gss_oid_equal(mech_type, GSS_KRB5_MECHANISM))
return GSS_S_BAD_MECH;
if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) {
OM_uint32 ret;
if (*context_handle != GSS_C_NO_CONTEXT) {
*minor_status = 0;
return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE;
}
ret = _gsskrb5_create_ctx(minor_status,
context_handle,
input_chan_bindings,
INITIATOR_START);
if (ret)
return ret;
}
if (*context_handle == GSS_C_NO_CONTEXT) {
*minor_status = 0;
return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE;
}
ctx = (gsskrb5_ctx) *context_handle;
HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
switch (ctx->state) {
case INITIATOR_START:
ret = init_auth(minor_status,
cred,
ctx,
name,
mech_type,
req_flags,
time_req,
input_chan_bindings,
input_token,
actual_mech_type,
output_token,
ret_flags,
time_rec);
break;
case INITIATOR_WAIT_FOR_MUTAL:
ret = repl_mutual(minor_status,
ctx,
mech_type,
req_flags,
time_req,
input_chan_bindings,
input_token,
actual_mech_type,
output_token,
ret_flags,
time_rec);
break;
case INITIATOR_READY:
/*
* If we get there, the caller have called
* gss_init_sec_context() one time too many.
*/
*minor_status = 0;
ret = GSS_S_BAD_STATUS;
break;
default:
*minor_status = 0;
ret = GSS_S_BAD_STATUS;
break;
}
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
/* destroy context in case of error */
if (GSS_ERROR(ret)) {
OM_uint32 min2;
_gsskrb5_delete_sec_context(&min2, context_handle, GSS_C_NO_BUFFER);
}
return ret;
}
/*
* The actual main function.
*/
int
sntp_main (
int argc,
char **argv,
const char *sntpVersion
)
{
int i;
int exitcode;
int optct;
struct event_config * evcfg;
/* Initialize logging system - sets up progname */
sntp_init_logging(argv[0]);
if (!libevent_version_ok())
exit(EX_SOFTWARE);
init_lib();
init_auth();
optct = ntpOptionProcess(&sntpOptions, argc, argv);
argc -= optct;
argv += optct;
debug = OPT_VALUE_SET_DEBUG_LEVEL;
TRACE(2, ("init_lib() done, %s%s\n",
(ipv4_works)
? "ipv4_works "
: "",
(ipv6_works)
? "ipv6_works "
: ""));
ntpver = OPT_VALUE_NTPVERSION;
steplimit = OPT_VALUE_STEPLIMIT / 1e3;
gap.tv_usec = max(0, OPT_VALUE_GAP * 1000);
gap.tv_usec = min(gap.tv_usec, 999999);
if (HAVE_OPT(LOGFILE))
open_logfile(OPT_ARG(LOGFILE));
msyslog(LOG_INFO, "%s", sntpVersion);
if (0 == argc && !HAVE_OPT(BROADCAST) && !HAVE_OPT(CONCURRENT)) {
printf("%s: Must supply at least one of -b hostname, -c hostname, or hostname.\n",
progname);
exit(EX_USAGE);
}
/*
** Eventually, we probably want:
** - separate bcst and ucst timeouts (why?)
** - multiple --timeout values in the commandline
*/
response_timeout = OPT_VALUE_TIMEOUT;
response_tv.tv_sec = response_timeout;
response_tv.tv_usec = 0;
/* IPv6 available? */
if (isc_net_probeipv6() != ISC_R_SUCCESS) {
ai_fam_pref = AF_INET;
TRACE(1, ("No ipv6 support available, forcing ipv4\n"));
} else {
/* Check for options -4 and -6 */
if (HAVE_OPT(IPV4))
ai_fam_pref = AF_INET;
else if (HAVE_OPT(IPV6))
ai_fam_pref = AF_INET6;
}
/* TODO: Parse config file if declared */
/*
** Init the KOD system.
** For embedded systems with no writable filesystem,
** -K /dev/null can be used to disable KoD storage.
*/
kod_init_kod_db(OPT_ARG(KOD), FALSE);
// HMS: Should we use arg-defalt for this too?
if (HAVE_OPT(KEYFILE))
auth_init(OPT_ARG(KEYFILE), &keys);
/*
** Considering employing a variable that prevents functions of doing
** anything until everything is initialized properly
**
** HMS: What exactly does the above mean?
*/
event_set_log_callback(&sntp_libevent_log_cb);
if (debug > 0)
event_enable_debug_mode();
#ifdef WORK_THREAD
evthread_use_pthreads();
/* we use libevent from main thread only, locks should be academic */
if (debug > 0)
evthread_enable_lock_debuging();
#endif
evcfg = event_config_new();
if (NULL == evcfg) {
printf("%s: event_config_new() failed!\n", progname);
return -1;
}
#ifndef HAVE_SOCKETPAIR
event_config_require_features(evcfg, EV_FEATURE_FDS);
#endif
/* all libevent calls are from main thread */
/* event_config_set_flag(evcfg, EVENT_BASE_FLAG_NOLOCK); */
base = event_base_new_with_config(evcfg);
event_config_free(evcfg);
if (NULL == base) {
printf("%s: event_base_new() failed!\n", progname);
return -1;
}
/* wire into intres resolver */
worker_per_query = TRUE;
addremove_io_fd = &sntp_addremove_fd;
open_sockets();
if (HAVE_OPT(BROADCAST)) {
int cn = STACKCT_OPT( BROADCAST );
const char ** cp = STACKLST_OPT( BROADCAST );
while (cn-- > 0) {
handle_lookup(*cp, CTX_BCST);
cp++;
}
}
if (HAVE_OPT(CONCURRENT)) {
int cn = STACKCT_OPT( CONCURRENT );
const char ** cp = STACKLST_OPT( CONCURRENT );
while (cn-- > 0) {
handle_lookup(*cp, CTX_UCST | CTX_CONC);
cp++;
}
}
for (i = 0; i < argc; ++i)
handle_lookup(argv[i], CTX_UCST);
gettimeofday_cached(base, &start_tv);
event_base_dispatch(base);
event_base_free(base);
if (!time_adjusted &&
(ENABLED_OPT(STEP) || ENABLED_OPT(SLEW)))
exitcode = 1;
else
exitcode = 0;
return exitcode;
}
/*
* Main program. Initialize us, disconnect us from the tty if necessary,
* and loop waiting for I/O and/or timer expiries.
*/
int
ntpdmain(
int argc,
char *argv[]
)
{
l_fp now;
struct recvbuf *rbuf;
#ifdef _AIX /* HMS: ifdef SIGDANGER? */
struct sigaction sa;
#endif
progname = argv[0];
initializing = 1; /* mark that we are initializing */
process_commandline_opts(&argc, &argv);
init_logging(progname, 1); /* Open the log file */
char *error = NULL;
if (sandbox_init("ntpd", SANDBOX_NAMED, &error) == -1) {
msyslog(LOG_ERR, "sandbox_init(ntpd, SANDBOX_NAMED) failed: %s", error);
sandbox_free_error(error);
}
#ifdef HAVE_UMASK
{
mode_t uv;
uv = umask(0);
if(uv)
(void) umask(uv);
else
(void) umask(022);
}
#endif
#if defined(HAVE_GETUID) && !defined(MPE) /* MPE lacks the concept of root */
{
uid_t uid;
uid = getuid();
if (uid && !HAVE_OPT( SAVECONFIGQUIT )) {
msyslog(LOG_ERR, "ntpd: must be run as root, not uid %ld", (long)uid);
printf("must be run as root, not uid %ld\n", (long)uid);
exit(1);
}
}
#endif
/* getstartup(argc, argv); / * startup configuration, may set debug */
#ifdef DEBUG
debug = DESC(DEBUG_LEVEL).optOccCt;
DPRINTF(1, ("%s\n", Version));
#endif
/* honor -l/--logfile option to log to a file */
setup_logfile();
/*
* Enable the Multi-Media Timer for Windows?
*/
#ifdef SYS_WINNT
if (HAVE_OPT( MODIFYMMTIMER ))
set_mm_timer(MM_TIMER_HIRES);
#endif
if (HAVE_OPT( NOFORK ) || HAVE_OPT( QUIT )
#ifdef DEBUG
|| debug
#endif
|| HAVE_OPT( SAVECONFIGQUIT ))
nofork = 1;
if (HAVE_OPT( NOVIRTUALIPS ))
listen_to_virtual_ips = 0;
/*
* --interface, listen on specified interfaces
*/
if (HAVE_OPT( INTERFACE )) {
int ifacect = STACKCT_OPT( INTERFACE );
const char** ifaces = STACKLST_OPT( INTERFACE );
isc_netaddr_t netaddr;
while (ifacect-- > 0) {
add_nic_rule(
is_ip_address(*ifaces, &netaddr)
? MATCH_IFADDR
: MATCH_IFNAME,
*ifaces, -1, ACTION_LISTEN);
ifaces++;
}
}
if (HAVE_OPT( NICE ))
priority_done = 0;
#if defined(HAVE_SCHED_SETSCHEDULER)
if (HAVE_OPT( PRIORITY )) {
config_priority = OPT_VALUE_PRIORITY;
config_priority_override = 1;
priority_done = 0;
}
#endif
#ifdef SYS_WINNT
/*
* Start interpolation thread, must occur before first
* get_systime()
*/
init_winnt_time();
#endif
/*
* Initialize random generator and public key pair
*/
get_systime(&now);
ntp_srandom((int)(now.l_i * now.l_uf));
#if !defined(VMS)
# ifndef NODETACH
/*
* Detach us from the terminal. May need an #ifndef GIZMO.
*/
if (!nofork) {
/*
* Install trap handlers to log errors and assertion
* failures. Default handlers print to stderr which
* doesn't work if detached.
*/
isc_assertion_setcallback(assertion_failed);
isc_error_setfatal(library_fatal_error);
isc_error_setunexpected(library_unexpected_error);
# ifndef SYS_WINNT
# ifdef HAVE_DAEMON
daemon(0, 0);
# else /* not HAVE_DAEMON */
if (fork()) /* HMS: What about a -1? */
exit(0);
{
#if !defined(F_CLOSEM)
u_long s;
int max_fd;
#endif /* !FCLOSEM */
if (syslog_file != NULL) {
fclose(syslog_file);
syslog_file = NULL;
}
#if defined(F_CLOSEM)
/*
* From 'Writing Reliable AIX Daemons,' SG24-4946-00,
* by Eric Agar (saves us from doing 32767 system
* calls)
*/
if (fcntl(0, F_CLOSEM, 0) == -1)
msyslog(LOG_ERR, "ntpd: failed to close open files(): %m");
#else /* not F_CLOSEM */
# if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX)
max_fd = sysconf(_SC_OPEN_MAX);
# else /* HAVE_SYSCONF && _SC_OPEN_MAX */
max_fd = getdtablesize();
# endif /* HAVE_SYSCONF && _SC_OPEN_MAX */
for (s = 0; s < max_fd; s++)
(void) close((int)s);
#endif /* not F_CLOSEM */
(void) open("/", 0);
(void) dup2(0, 1);
(void) dup2(0, 2);
init_logging(progname, 0);
/* we lost our logfile (if any) daemonizing */
setup_logfile();
#ifdef SYS_DOMAINOS
{
uid_$t puid;
status_$t st;
proc2_$who_am_i(&puid);
proc2_$make_server(&puid, &st);
}
#endif /* SYS_DOMAINOS */
#if defined(HAVE_SETPGID) || defined(HAVE_SETSID)
# ifdef HAVE_SETSID
if (setsid() == (pid_t)-1)
msyslog(LOG_ERR, "ntpd: setsid(): %m");
# else
if (setpgid(0, 0) == -1)
msyslog(LOG_ERR, "ntpd: setpgid(): %m");
# endif
#else /* HAVE_SETPGID || HAVE_SETSID */
{
# if defined(TIOCNOTTY)
int fid;
fid = open("/dev/tty", 2);
if (fid >= 0)
{
(void) ioctl(fid, (u_long) TIOCNOTTY, (char *) 0);
(void) close(fid);
}
# endif /* defined(TIOCNOTTY) */
# ifdef HAVE_SETPGRP_0
(void) setpgrp();
# else /* HAVE_SETPGRP_0 */
(void) setpgrp(0, getpid());
# endif /* HAVE_SETPGRP_0 */
}
#endif /* HAVE_SETPGID || HAVE_SETSID */
#ifdef _AIX
/* Don't get killed by low-on-memory signal. */
sa.sa_handler = catch_danger;
sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART;
(void) sigaction(SIGDANGER, &sa, NULL);
#endif /* _AIX */
}
# endif /* not HAVE_DAEMON */
# endif /* SYS_WINNT */
}
# endif /* NODETACH */
#endif /* VMS */
#ifdef SCO5_CLOCK
/*
* SCO OpenServer's system clock offers much more precise timekeeping
* on the base CPU than the other CPUs (for multiprocessor systems),
* so we must lock to the base CPU.
*/
{
int fd = open("/dev/at1", O_RDONLY);
if (fd >= 0) {
int zero = 0;
if (ioctl(fd, ACPU_LOCK, &zero) < 0)
msyslog(LOG_ERR, "cannot lock to base CPU: %m");
close( fd );
} /* else ...
* If we can't open the device, this probably just isn't
* a multiprocessor system, so we're A-OK.
*/
}
#endif
#if defined(HAVE_MLOCKALL) && defined(MCL_CURRENT) && defined(MCL_FUTURE)
# ifdef HAVE_SETRLIMIT
/*
* Set the stack limit to something smaller, so that we don't lock a lot
* of unused stack memory.
*/
{
struct rlimit rl;
/* HMS: must make the rlim_cur amount configurable */
if (getrlimit(RLIMIT_STACK, &rl) != -1
&& (rl.rlim_cur = 50 * 4096) < rl.rlim_max)
{
if (setrlimit(RLIMIT_STACK, &rl) == -1)
{
msyslog(LOG_ERR,
"Cannot adjust stack limit for mlockall: %m");
}
}
# ifdef RLIMIT_MEMLOCK
/*
* The default RLIMIT_MEMLOCK is very low on Linux systems.
* Unless we increase this limit malloc calls are likely to
* fail if we drop root privlege. To be useful the value
* has to be larger than the largest ntpd resident set size.
*/
rl.rlim_cur = rl.rlim_max = 32*1024*1024;
if (setrlimit(RLIMIT_MEMLOCK, &rl) == -1) {
msyslog(LOG_ERR, "Cannot set RLIMIT_MEMLOCK: %m");
}
# endif /* RLIMIT_MEMLOCK */
}
# endif /* HAVE_SETRLIMIT */
/*
* lock the process into memory
*/
if (mlockall(MCL_CURRENT|MCL_FUTURE) < 0)
msyslog(LOG_ERR, "mlockall(): %m");
#else /* not (HAVE_MLOCKALL && MCL_CURRENT && MCL_FUTURE) */
# ifdef HAVE_PLOCK
# ifdef PROCLOCK
# ifdef _AIX
/*
* set the stack limit for AIX for plock().
* see get_aix_stack() for more info.
*/
if (ulimit(SET_STACKLIM, (get_aix_stack() - 8*4096)) < 0)
{
msyslog(LOG_ERR,"Cannot adjust stack limit for plock on AIX: %m");
}
# endif /* _AIX */
/*
* lock the process into memory
*/
if (plock(PROCLOCK) < 0)
msyslog(LOG_ERR, "plock(PROCLOCK): %m");
# else /* not PROCLOCK */
# ifdef TXTLOCK
/*
* Lock text into ram
*/
if (plock(TXTLOCK) < 0)
msyslog(LOG_ERR, "plock(TXTLOCK) error: %m");
# else /* not TXTLOCK */
msyslog(LOG_ERR, "plock() - don't know what to lock!");
# endif /* not TXTLOCK */
# endif /* not PROCLOCK */
# endif /* HAVE_PLOCK */
#endif /* not (HAVE_MLOCKALL && MCL_CURRENT && MCL_FUTURE) */
/*
* Set up signals we pay attention to locally.
*/
#ifdef SIGDIE1
(void) signal_no_reset(SIGDIE1, finish);
#endif /* SIGDIE1 */
#ifdef SIGDIE2
(void) signal_no_reset(SIGDIE2, finish);
#endif /* SIGDIE2 */
#ifdef SIGDIE3
(void) signal_no_reset(SIGDIE3, finish);
#endif /* SIGDIE3 */
#ifdef SIGDIE4
(void) signal_no_reset(SIGDIE4, finish);
#endif /* SIGDIE4 */
#ifdef SIGBUS
(void) signal_no_reset(SIGBUS, finish);
#endif /* SIGBUS */
#if !defined(SYS_WINNT) && !defined(VMS)
# ifdef DEBUG
(void) signal_no_reset(MOREDEBUGSIG, moredebug);
(void) signal_no_reset(LESSDEBUGSIG, lessdebug);
# else
(void) signal_no_reset(MOREDEBUGSIG, no_debug);
(void) signal_no_reset(LESSDEBUGSIG, no_debug);
# endif /* DEBUG */
#endif /* !SYS_WINNT && !VMS */
/*
* Set up signals we should never pay attention to.
*/
#if defined SIGPIPE
(void) signal_no_reset(SIGPIPE, SIG_IGN);
#endif /* SIGPIPE */
/*
* Call the init_ routines to initialize the data structures.
*
* Exactly what command-line options are we expecting here?
*/
init_auth();
init_util();
init_restrict();
init_mon();
init_timer();
init_lib();
init_request();
init_control();
init_peer();
#ifdef REFCLOCK
init_refclock();
#endif
set_process_priority();
init_proto(); /* Call at high priority */
init_io();
init_loopfilter();
mon_start(MON_ON); /* monitor on by default now */
/* turn off in config if unwanted */
/*
* Get the configuration. This is done in a separate module
* since this will definitely be different for the gizmo board.
*/
getconfig(argc, argv);
NLOG(NLOG_SYSINFO) /* 'if' clause for syslog */
msyslog(LOG_NOTICE, "%s", Version);
report_event(EVNT_SYSRESTART, NULL, NULL);
loop_config(LOOP_DRIFTCOMP, old_drift);
initializing = 0;
#ifdef HAVE_DROPROOT
if( droproot ) {
/* Drop super-user privileges and chroot now if the OS supports this */
#ifdef HAVE_LINUX_CAPABILITIES
/* set flag: keep privileges accross setuid() call (we only really need cap_sys_time): */
if (prctl( PR_SET_KEEPCAPS, 1L, 0L, 0L, 0L ) == -1) {
msyslog( LOG_ERR, "prctl( PR_SET_KEEPCAPS, 1L ) failed: %m" );
exit(-1);
}
#else
/* we need a user to switch to */
if (user == NULL) {
msyslog(LOG_ERR, "Need user name to drop root privileges (see -u flag!)" );
exit(-1);
}
#endif /* HAVE_LINUX_CAPABILITIES */
if (user != NULL) {
if (isdigit((unsigned char)*user)) {
sw_uid = (uid_t)strtoul(user, &endp, 0);
if (*endp != '\0')
goto getuser;
if ((pw = getpwuid(sw_uid)) != NULL) {
user = strdup(pw->pw_name);
if (NULL == user) {
msyslog(LOG_ERR, "strdup() failed: %m");
exit (-1);
}
sw_gid = pw->pw_gid;
} else {
errno = 0;
msyslog(LOG_ERR, "Cannot find user ID %s", user);
exit (-1);
}
} else {
getuser:
errno = 0;
if ((pw = getpwnam(user)) != NULL) {
sw_uid = pw->pw_uid;
sw_gid = pw->pw_gid;
} else {
if (errno)
msyslog(LOG_ERR, "getpwnam(%s) failed: %m", user);
else
msyslog(LOG_ERR, "Cannot find user `%s'", user);
exit (-1);
}
}
}
if (group != NULL) {
if (isdigit((unsigned char)*group)) {
sw_gid = (gid_t)strtoul(group, &endp, 0);
if (*endp != '\0')
goto getgroup;
} else {
getgroup:
if ((gr = getgrnam(group)) != NULL) {
sw_gid = gr->gr_gid;
} else {
errno = 0;
msyslog(LOG_ERR, "Cannot find group `%s'", group);
exit (-1);
}
}
}
if (chrootdir ) {
/* make sure cwd is inside the jail: */
if (chdir(chrootdir)) {
msyslog(LOG_ERR, "Cannot chdir() to `%s': %m", chrootdir);
exit (-1);
}
if (chroot(chrootdir)) {
msyslog(LOG_ERR, "Cannot chroot() to `%s': %m", chrootdir);
exit (-1);
}
if (chdir("/")) {
msyslog(LOG_ERR, "Cannot chdir() to`root after chroot(): %m");
exit (-1);
}
}
if (user && initgroups(user, sw_gid)) {
msyslog(LOG_ERR, "Cannot initgroups() to user `%s': %m", user);
exit (-1);
}
if (group && setgid(sw_gid)) {
msyslog(LOG_ERR, "Cannot setgid() to group `%s': %m", group);
exit (-1);
}
if (group && setegid(sw_gid)) {
msyslog(LOG_ERR, "Cannot setegid() to group `%s': %m", group);
exit (-1);
}
if (user && setuid(sw_uid)) {
msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user);
exit (-1);
}
if (user && seteuid(sw_uid)) {
msyslog(LOG_ERR, "Cannot seteuid() to user `%s': %m", user);
exit (-1);
}
#ifndef HAVE_LINUX_CAPABILITIES
/*
* for now assume that the privilege to bind to privileged ports
* is associated with running with uid 0 - should be refined on
* ports that allow binding to NTP_PORT with uid != 0
*/
disable_dynamic_updates |= (sw_uid != 0); /* also notifies routing message listener */
#endif
if (disable_dynamic_updates && interface_interval) {
interface_interval = 0;
msyslog(LOG_INFO, "running in unprivileged mode disables dynamic interface tracking");
}
#ifdef HAVE_LINUX_CAPABILITIES
do {
/*
* We may be running under non-root uid now, but we still hold full root privileges!
* We drop all of them, except for the crucial one or two: cap_sys_time and
* cap_net_bind_service if doing dynamic interface tracking.
*/
cap_t caps;
char *captext = (interface_interval)
? "cap_sys_time,cap_net_bind_service=ipe"
: "cap_sys_time=ipe";
if( ! ( caps = cap_from_text( captext ) ) ) {
msyslog( LOG_ERR, "cap_from_text() failed: %m" );
exit(-1);
}
if( cap_set_proc( caps ) == -1 ) {
msyslog( LOG_ERR, "cap_set_proc() failed to drop root privileges: %m" );
exit(-1);
}
cap_free( caps );
} while(0);
#endif /* HAVE_LINUX_CAPABILITIES */
} /* if( droproot ) */
#endif /* HAVE_DROPROOT */
/*
* Use select() on all on all input fd's for unlimited
* time. select() will terminate on SIGALARM or on the
* reception of input. Using select() means we can't do
* robust signal handling and we get a potential race
* between checking for alarms and doing the select().
* Mostly harmless, I think.
*/
/* On VMS, I suspect that select() can't be interrupted
* by a "signal" either, so I take the easy way out and
* have select() time out after one second.
* System clock updates really aren't time-critical,
* and - lacking a hardware reference clock - I have
* yet to learn about anything else that is.
*/
#if defined(HAVE_IO_COMPLETION_PORT)
for (;;) {
GetReceivedBuffers();
#else /* normal I/O */
BLOCK_IO_AND_ALARM();
was_alarmed = 0;
for (;;)
{
# if !defined(HAVE_SIGNALED_IO)
extern fd_set activefds;
extern int maxactivefd;
fd_set rdfdes;
int nfound;
# endif
if (alarm_flag) /* alarmed? */
{
was_alarmed = 1;
alarm_flag = 0;
}
if (!was_alarmed && has_full_recv_buffer() == ISC_FALSE)
{
/*
* Nothing to do. Wait for something.
*/
# ifndef HAVE_SIGNALED_IO
rdfdes = activefds;
# if defined(VMS) || defined(SYS_VXWORKS)
/* make select() wake up after one second */
{
struct timeval t1;
t1.tv_sec = 1; t1.tv_usec = 0;
nfound = select(maxactivefd+1, &rdfdes, (fd_set *)0,
(fd_set *)0, &t1);
}
# else
nfound = select(maxactivefd+1, &rdfdes, (fd_set *)0,
(fd_set *)0, (struct timeval *)0);
# endif /* VMS */
if (nfound > 0)
{
l_fp ts;
get_systime(&ts);
(void)input_handler(&ts);
}
else if (nfound == -1 && errno != EINTR)
msyslog(LOG_ERR, "select() error: %m");
# ifdef DEBUG
else if (debug > 5)
msyslog(LOG_DEBUG, "select(): nfound=%d, error: %m", nfound);
# endif /* DEBUG */
# else /* HAVE_SIGNALED_IO */
wait_for_signal();
# endif /* HAVE_SIGNALED_IO */
if (alarm_flag) /* alarmed? */
{
was_alarmed = 1;
alarm_flag = 0;
}
}
if (was_alarmed)
{
UNBLOCK_IO_AND_ALARM();
/*
* Out here, signals are unblocked. Call timer routine
* to process expiry.
*/
timer();
was_alarmed = 0;
BLOCK_IO_AND_ALARM();
}
#endif /* ! HAVE_IO_COMPLETION_PORT */
#ifdef DEBUG_TIMING
{
l_fp pts;
l_fp tsa, tsb;
int bufcount = 0;
get_systime(&pts);
tsa = pts;
#endif
rbuf = get_full_recv_buffer();
while (rbuf != NULL)
{
if (alarm_flag)
{
was_alarmed = 1;
alarm_flag = 0;
}
UNBLOCK_IO_AND_ALARM();
if (was_alarmed)
{ /* avoid timer starvation during lengthy I/O handling */
timer();
was_alarmed = 0;
}
/*
* Call the data procedure to handle each received
* packet.
*/
if (rbuf->receiver != NULL) /* This should always be true */
{
#ifdef DEBUG_TIMING
l_fp dts = pts;
L_SUB(&dts, &rbuf->recv_time);
DPRINTF(2, ("processing timestamp delta %s (with prec. fuzz)\n", lfptoa(&dts, 9)));
collect_timing(rbuf, "buffer processing delay", 1, &dts);
bufcount++;
#endif
(rbuf->receiver)(rbuf);
} else {
msyslog(LOG_ERR, "receive buffer corruption - receiver found to be NULL - ABORTING");
abort();
}
BLOCK_IO_AND_ALARM();
freerecvbuf(rbuf);
rbuf = get_full_recv_buffer();
}
#ifdef DEBUG_TIMING
get_systime(&tsb);
L_SUB(&tsb, &tsa);
if (bufcount) {
collect_timing(NULL, "processing", bufcount, &tsb);
DPRINTF(2, ("processing time for %d buffers %s\n", bufcount, lfptoa(&tsb, 9)));
}
}
#endif
/*
* Go around again
*/
#ifdef HAVE_DNSREGISTRATION
if (mdnsreg && (current_time - mdnsreg ) > 60 && mdnstries && sys_leap != LEAP_NOTINSYNC) {
mdnsreg = current_time;
msyslog(LOG_INFO, "Attemping to register mDNS");
if ( DNSServiceRegister (&mdns, 0, 0, NULL, "_ntp._udp", NULL, NULL,
htons(NTP_PORT), 0, NULL, NULL, NULL) != kDNSServiceErr_NoError ) {
if (!--mdnstries) {
msyslog(LOG_ERR, "Unable to register mDNS, giving up.");
} else {
msyslog(LOG_INFO, "Unable to register mDNS, will try later.");
}
} else {
msyslog(LOG_INFO, "mDNS service registered.");
mdnsreg = 0;
}
}
#endif /* HAVE_DNSREGISTRATION */
}
UNBLOCK_IO_AND_ALARM();
return 1;
}
#ifdef SIGDIE2
/*
* finish - exit gracefully
*/
static RETSIGTYPE
finish(
int sig
)
{
msyslog(LOG_NOTICE, "ntpd exiting on signal %d", sig);
#ifdef HAVE_DNSREGISTRATION
if (mdns != NULL)
DNSServiceRefDeallocate(mdns);
#endif
switch (sig) {
# ifdef SIGBUS
case SIGBUS:
printf("\nfinish(SIGBUS)\n");
exit(0);
# endif
case 0: /* Should never happen... */
return;
default:
exit(0);
}
}
/*
* main - parse arguments and handle options
*/
int
ntpdcmain(
int argc,
char *argv[]
)
{
delay_time.l_ui = 0;
delay_time.l_uf = DEFDELAY;
#ifdef SYS_VXWORKS
clear_globals();
taskPrioritySet(taskIdSelf(), 100 );
#endif
init_lib(); /* sets up ipv4_works, ipv6_works */
ssl_applink();
init_auth();
/* Check to see if we have IPv6. Otherwise default to IPv4 */
if (!ipv6_works)
ai_fam_default = AF_INET;
progname = argv[0];
{
int optct = ntpOptionProcess(&ntpdcOptions, argc, argv);
argc -= optct;
argv += optct;
}
if (HAVE_OPT(IPV4))
ai_fam_templ = AF_INET;
else if (HAVE_OPT(IPV6))
ai_fam_templ = AF_INET6;
else
ai_fam_templ = ai_fam_default;
if (HAVE_OPT(COMMAND)) {
int cmdct = STACKCT_OPT( COMMAND );
const char** cmds = STACKLST_OPT( COMMAND );
while (cmdct-- > 0) {
ADDCMD(*cmds++);
}
}
debug = OPT_VALUE_SET_DEBUG_LEVEL;
if (HAVE_OPT(INTERACTIVE)) {
interactive = 1;
}
if (HAVE_OPT(NUMERIC)) {
showhostnames = 0;
}
if (HAVE_OPT(LISTPEERS)) {
ADDCMD("listpeers");
}
if (HAVE_OPT(PEERS)) {
ADDCMD("peers");
}
if (HAVE_OPT(SHOWPEERS)) {
ADDCMD("dmpeers");
}
if (ntp_optind == argc) {
ADDHOST(DEFHOST);
} else {
for (; ntp_optind < argc; ntp_optind++)
ADDHOST(argv[ntp_optind]);
}
if (numcmds == 0 && interactive == 0
&& isatty(fileno(stdin)) && isatty(fileno(stderr))) {
interactive = 1;
}
#ifndef SYS_WINNT /* Under NT cannot handle SIGINT, WIN32 spawns a handler */
if (interactive)
(void) signal_no_reset(SIGINT, abortcmd);
#endif /* SYS_WINNT */
/*
* Initialize the packet data buffer
*/
pktdatasize = INITDATASIZE;
pktdata = emalloc(INITDATASIZE);
if (numcmds == 0) {
(void) openhost(chosts[0]);
getcmds();
} else {
int ihost;
int icmd;
for (ihost = 0; ihost < numhosts; ihost++) {
if (openhost(chosts[ihost]))
for (icmd = 0; icmd < numcmds; icmd++) {
if (numhosts > 1)
printf ("--- %s ---\n",chosts[ihost]);
docmd(ccmds[icmd]);
}
}
}
#ifdef SYS_WINNT
WSACleanup();
#endif
return(0);
} /* main end */
int
main(int argc, char *argv[])
{
/* Check to see if the user is running us as root, which is a nono */
if(geteuid() == 0)
{
fprintf(stderr, "Don't run ircd as root!!!\n");
return -1;
}
/*
* save server boot time right away, so getrusage works correctly
*/
set_time();
/*
* Setup corefile size immediately after boot -kre
*/
setup_corefile();
/*
* set initialVMTop before we allocate any memory
*/
initialVMTop = get_vm_top();
ServerRunning = 0;
/* It ain't random, but it ought to be a little harder to guess */
srand(SystemTime.tv_sec ^ (SystemTime.tv_usec | (getpid() << 20)));
memset(&me, 0, sizeof(me));
memset(&meLocalUser, 0, sizeof(meLocalUser));
me.localClient = &meLocalUser;
/* Make sure all lists are zeroed */
memset(&unknown_list, 0, sizeof(unknown_list));
memset(&lclient_list, 0, sizeof(lclient_list));
memset(&serv_list, 0, sizeof(serv_list));
memset(&global_serv_list, 0, sizeof(global_serv_list));
memset(&oper_list, 0, sizeof(oper_list));
dlinkAddTail(&me, &me.node, &global_client_list);
memset((void *) &Count, 0, sizeof(Count));
memset((void *) &ServerInfo, 0, sizeof(ServerInfo));
memset((void *) &AdminInfo, 0, sizeof(AdminInfo));
/* Initialise the channel capability usage counts... */
init_chcap_usage_counts();
ConfigFileEntry.dpath = DPATH;
ConfigFileEntry.configfile = CPATH; /* Server configuration file */
ConfigFileEntry.klinefile = KPATH; /* Server kline file */
ConfigFileEntry.dlinefile = DLPATH; /* dline file */
ConfigFileEntry.xlinefile = XPATH;
ConfigFileEntry.resvfile = RESVPATH;
ConfigFileEntry.connect_timeout = 30; /* Default to 30 */
myargv = argv;
umask(077); /* better safe than sorry --SRB */
parseargs(&argc, &argv, myopts);
if(printVersion)
{
printf("ircd: version %s\n", ircd_version);
exit(EXIT_SUCCESS);
}
if(chdir(ConfigFileEntry.dpath))
{
fprintf(stderr, "Unable to chdir to %s: %s\n", ConfigFileEntry.dpath, strerror(errno));
exit(EXIT_FAILURE);
}
setup_signals();
#ifdef __CYGWIN__
server_state_foreground = 1;
#endif
if (testing_conf)
server_state_foreground = 1;
/* We need this to initialise the fd array before anything else */
fdlist_init();
if(!server_state_foreground)
{
comm_close_all();
}
/* Check if there is pidfile and daemon already running */
if(!testing_conf)
{
check_pidfile(pidFileName);
if(!server_state_foreground)
make_daemon();
else
print_startup(getpid());
}
init_netio(); /* This needs to be setup early ! -- adrian */
/* Init the event subsystem */
eventInit();
init_sys();
init_main_logfile();
initBlockHeap();
init_dlink_nodes();
init_patricia();
newconf_init();
init_s_conf();
init_s_newconf();
linebuf_init(); /* set up some linebuf stuff to control paging */
init_hash();
clear_scache_hash_table(); /* server cache name table */
init_host_hash();
clear_hash_parse();
init_client();
initUser();
init_channels();
initclass();
initwhowas();
init_stats();
init_hook();
init_reject();
init_cache();
init_monitor();
load_all_modules(1);
#ifndef STATIC_MODULES
load_core_modules(1);
#endif
init_auth(); /* Initialise the auth code */
init_resolver(); /* Needs to be setup before the io loop */
if (testing_conf)
fprintf(stderr, "\nBeginning config test\n");
read_conf_files(YES); /* cold start init conf files */
rehash_bans(0);
#ifndef STATIC_MODULES
mod_add_path(MODULE_DIR);
mod_add_path(MODULE_DIR "/autoload");
#endif
initialize_server_capabs(); /* Set up default_server_capabs */
initialize_global_set_options();
if(ServerInfo.name == NULL)
{
fprintf(stderr, "ERROR: No server name specified in serverinfo block.\n");
ilog(L_MAIN, "No server name specified in serverinfo block.");
exit(EXIT_FAILURE);
}
strlcpy(me.name, ServerInfo.name, sizeof(me.name));
if(ServerInfo.sid[0] == '\0')
{
fprintf(stderr, "ERROR: No server sid specified in serverinfo block.\n");
ilog(L_MAIN, "No server sid specified in serverinfo block.");
exit(EXIT_FAILURE);
}
strcpy(me.id, ServerInfo.sid);
init_uid();
/* serverinfo{} description must exist. If not, error out. */
if(ServerInfo.description == NULL)
{
fprintf(stderr, "ERROR: No server description specified in serverinfo block.\n");
ilog(L_MAIN, "ERROR: No server description specified in serverinfo block.");
exit(EXIT_FAILURE);
}
strlcpy(me.info, ServerInfo.description, sizeof(me.info));
if (testing_conf)
{
fprintf(stderr, "\nConfig testing complete.\n");
fflush(stderr);
exit(EXIT_SUCCESS);
}
me.from = &me;
me.servptr = &me;
SetMe(&me);
make_server(&me);
me.serv->up = me.name;
startup_time = CurrentTime;
add_to_client_hash(me.name, &me);
add_to_id_hash(me.id, &me);
dlinkAddAlloc(&me, &global_serv_list);
check_class();
write_pidfile(pidFileName);
load_help();
open_logfiles();
ilog(L_MAIN, "Server Ready");
eventAddIsh("cleanup_glines", cleanup_glines, NULL, CLEANUP_GLINES_TIME);
/* We want try_connections to be called as soon as possible now! -- adrian */
/* No, 'cause after a restart it would cause all sorts of nick collides */
/* um. by waiting even longer, that just means we have even *more*
* nick collisions. what a stupid idea. set an event for the IO loop --fl
*/
eventAddIsh("try_connections", try_connections, NULL, STARTUP_CONNECTIONS_TIME);
eventAddOnce("try_connections_startup", try_connections, NULL, 0);
eventAddIsh("collect_zipstats", collect_zipstats, NULL, ZIPSTATS_TIME);
/* Setup the timeout check. I'll shift it later :) -- adrian */
eventAddIsh("comm_checktimeouts", comm_checktimeouts, NULL, 1);
if(ConfigServerHide.links_delay > 0)
eventAddIsh("cache_links", cache_links, NULL,
ConfigServerHide.links_delay);
else
ConfigServerHide.links_disabled = 1;
if(splitmode)
eventAdd("check_splitmode", check_splitmode, NULL, 2);
ServerRunning = 1;
io_loop();
return 0;
}
int
main (int argc, char *argv[])
{
/* Check to see if the user is running
* us as root, which is a nono
*/
if (geteuid () == 0)
{
fprintf (stderr, "Don't run ircd as root!!!\n");
return (-1);
}
/* save server boot time right away, so getrusage works correctly */
set_time ();
/* Setup corefile size immediately after boot -kre */
setup_corefile ();
/* set initialVMTop before we allocate any memory */
initialVMTop = get_vm_top ();
ServerRunning = 0;
/* It ain't random, but it ought to be a little harder to guess */
srand (SystemTime.tv_sec ^ (SystemTime.tv_usec | (getpid () << 20)));
memset (&me, 0, sizeof (me));
memset (&meLocalUser, 0, sizeof (meLocalUser));
me.localClient = &meLocalUser;
dlinkAdd (&me, &me.node, &global_client_list); /* Pointer to beginning
of Client list */
memset (&ServerInfo, 0, sizeof (ServerInfo));
/* Initialise the channel capability usage counts... */
init_chcap_usage_counts ();
ConfigFileEntry.dpath = DPATH;
ConfigFileEntry.configfile = CPATH; /* Server configuration file */
ConfigFileEntry.klinefile = KPATH; /* Server kline file */
ConfigFileEntry.xlinefile = XPATH; /* Server xline file */
ConfigFileEntry.dlinefile = DLPATH; /* dline file */
ConfigFileEntry.cresvfile = CRESVPATH; /* channel resv file */
ConfigFileEntry.nresvfile = NRESVPATH; /* nick resv file */
myargv = argv;
umask (077); /* better safe than sorry --SRB */
parseargs (&argc, &argv, myopts);
build_version ();
if (printVersion)
{
printf ("ircd: version %s\n", ircd_version);
exit (EXIT_SUCCESS);
}
if (chdir (ConfigFileEntry.dpath))
{
perror ("chdir");
exit (EXIT_FAILURE);
}
if (!server_state.foreground)
make_daemon ();
else
print_startup (getpid ());
#ifdef HAVE_LIBCRYPTO
dh_init();
fprintf(stderr, "SSL: Initialize\n");
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
ServerInfo.ctx = SSL_CTX_new(SSLv23_server_method());
if (!ServerInfo.ctx) {
ERR_print_errors_fp(stderr);
return 0;
}
fprintf(stderr, "SSL: Client based SSL connections are enabled.\n");
#endif
setup_signals ();
/* We need this to initialise the fd array before anything else */
fdlist_init ();
if (!server_state.foreground)
close_all_connections (); /* this needs to be before init_netio()! */
else
check_can_use_v6 (); /* Done in close_all_connections normally */
init_log (logFileName);
init_netio (); /* This needs to be setup early ! -- adrian */
/* Check if there is pidfile and daemon already running */
check_pidfile (pidFileName);
/* Init the event subsystem */
eventInit ();
init_sys ();
#ifndef NOBALLOC
initBlockHeap ();
#endif
init_dlink_nodes ();
init_slink_nodes ();
initialize_message_files ();
dbuf_init ();
init_hash ();
init_ip_hash_table (); /* client host ip hash table */
init_host_hash (); /* Host-hashtable. */
clear_hash_parse ();
init_client ();
init_user ();
init_channels ();
init_class ();
init_whowas ();
init_stats ();
init_hooks ();
read_conf_files (1); /* cold start init conf files */
initServerMask ();
init_uid ();
init_auth (); /* Initialise the auth code */
init_resolver (); /* Needs to be setup before the io loop */
init_reject (); /* Set up the reject code. */
init_umodes (); /* Set up the usermode system. */
initialize_foundation_signals(); /* register things that modules need */
#ifdef HAVE_LIBCRYPTO
bio_spare_fd = save_spare_fd ("SSL private key validation");
#endif /* HAVE_LIBCRYPTO */
initialize_server_capabs (); /* Set up default_server_capabs */
initialize_global_set_options ();
if (ServerInfo.name == NULL)
{
fprintf (stderr,
"ERROR: No server name specified in serverinfo block.\n");
ilog (L_CRIT, "No server name specified in serverinfo block.");
exit (EXIT_FAILURE);
}
strlcpy (me.name, ServerInfo.name, sizeof (me.name));
/* serverinfo{} description must exist. If not, error out. */
if (ServerInfo.description == NULL)
{
fprintf (stderr,
"ERROR: No server description specified in serverinfo block.\n");
ilog (L_CRIT,
"ERROR: No server description specified in serverinfo block.");
exit (EXIT_FAILURE);
}
strlcpy (me.info, ServerInfo.description, sizeof (me.info));
me.from = &me;
me.servptr = &me;
SetMe (&me);
make_server (&me);
strlcpy (me.serv->up, me.name, sizeof (me.serv->up));
me.lasttime = me.since = me.firsttime = CurrentTime;
hash_add_client (&me);
/* add ourselves to global_serv_list */
dlinkAdd (&me, make_dlink_node (), &global_serv_list);
check_class ();
#ifndef STATIC_MODULES
if (chdir (MODPATH))
{
ilog (L_CRIT, "Could not load core modules. Terminating!");
exit (EXIT_FAILURE);
}
mod_set_base ();
load_all_modules (1);
load_core_modules (1);
/* Go back to DPATH after checking to see if we can chdir to MODPATH */
chdir (ConfigFileEntry.dpath);
#else
load_all_modules (1);
#endif
write_pidfile (pidFileName);
ilog (L_NOTICE, "Server Ready");
eventAddIsh ("cleanup_tklines", cleanup_tklines, NULL,
CLEANUP_TKLINES_TIME);
/* We want try_connections to be called as soon as possible now! -- adrian */
/* No, 'cause after a restart it would cause all sorts of nick collides */
eventAddIsh ("try_connections", try_connections, NULL,
STARTUP_CONNECTIONS_TIME);
eventAddIsh ("collect_zipstats", collect_zipstats, NULL, ZIPSTATS_TIME);
/* Setup the timeout check. I'll shift it later :) -- adrian */
eventAddIsh ("comm_checktimeouts", comm_checktimeouts, NULL, 1);
if (splitmode)
eventAddIsh ("check_splitmode", check_splitmode, NULL, 60);
ServerRunning = 1;
io_loop ();
return (0);
}