Allow control-C to stop tincd without stopping the tinc shell.

[oweals/tinc.git] / src / tincctl.c

diff --git a/src/tincctl.c b/src/tincctl.c
index 4c5102b2a5cb751e3329c918281ef74a7a47422d..a49654847f158d74c0cbafce1e9307a45c768122 100644 (file)
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -227,6 +227,16 @@ static void disable_old_keys(const char *filename, const char *what) {
 
        w = fopen(tmpfile, "w");
 
+#ifdef HAVE_FCHMOD
+       /* Let the temporary file have the same permissions as the original. */
+
+       if(w) {
+               struct stat st = {.st_mode = 0600};
+               fstat(fileno(r), &st);
+               fchmod(fileno(w), st.st_mode);
+       }
+#endif
+
        while(fgets(buf, sizeof buf, r)) {
                if(!block && !strncmp(buf, "-----BEGIN ", 11)) {
                        if((strstr(buf, " EC ") && strstr(what, "ECDSA")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) {
@@ -324,8 +334,6 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo
                filename = buf2;
        }
 
-       umask(0077); /* Disallow everything for group and other */
-
        disable_old_keys(filename, what);
 
        /* Open it first to keep the inode busy */
@@ -822,8 +830,16 @@ static int cmd_start(int argc, char *argv[]) {
 
        free(nargv);
 
-       int status = -1;
-       if(waitpid(pid, &status, 0) != pid || !WIFEXITED(status) || WEXITSTATUS(status)) {
+       int status = -1, result;
+#ifdef SIGINT
+       signal(SIGINT, SIG_IGN);
+#endif
+       result = waitpid(pid, &status, 0);
+#ifdef SIGINT
+       signal(SIGINT, SIG_DFL);
+#endif
+
+       if(result != pid || !WIFEXITED(status) || WEXITSTATUS(status)) {
                fprintf(stderr, "Error starting %s\n", c);
                return 1;
        }
@@ -1406,6 +1422,7 @@ static int cmd_config(int argc, char *argv[]) {
 
        /* Some simple checks. */
        bool found = false;
+       bool warnonremove = false;
 
        for(int i = 0; variables[i].name; i++) {
                if(strcasecmp(variables[i].name, variable))
@@ -1444,6 +1461,16 @@ static int cmd_config(int argc, char *argv[]) {
                                return 1;
                }
 
+               /* Change "add" into "set" for variables that do not allow multiple occurences.
+                  Turn on warnings when it seems variables might be removed unintentionally. */
+
+               if(action == 1 && !(variables[i].type & VAR_MULTIPLE)) {
+                       warnonremove = true;
+                       action = 0;
+               } else if(action == 0 && (variables[i].type & VAR_MULTIPLE)) {
+                       warnonremove = true;
+               }
+
                break;
        }
 
@@ -1526,9 +1553,14 @@ static int cmd_config(int argc, char *argv[]) {
                                }
                        // Set
                        } else if(action == 0) {
+                               // Warn if "set" was used for variables that can occur multiple times
+                               if(warnonremove && strcasecmp(bvalue, value))
+                                       fprintf(stderr, "Warning: removing %s = %s\n", variable, bvalue);
+
                                // Already set? Delete the rest...
                                if(set)
                                        continue;
+
                                // Otherwise, replace.
                                if(fprintf(tf, "%s = %s\n", variable, value) < 0) {
                                        fprintf(stderr, "Error writing to temporary file %s: %s\n", tmpfile, strerror(errno));
@@ -1702,7 +1734,9 @@ static int cmd_init(int argc, char *argv[]) {
                        fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno));
                        return 1;
                }
-               fchmod(fileno(f), 0755);
+               mode_t mask = umask(0);
+               umask(mask);
+               fchmod(fileno(f), 0755 & ~mask);
                fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE <your vpn IP address> netmask <netmask of whole VPN>\n");
                fclose(f);
        }