diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2017-12-19 16:13:35 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2017-12-19 16:13:35 +0100 |
| commit | 252ab35c2e9944d87e750afc3852a487f596cbbd (patch) | |
| tree | 8bf15760e3ef09f0b645c4cf4577570018e8bbff /src | |
| parent | a0f97ecfd138d12fcac3177ea1ce9f15df0f7fd4 (diff) | |
ptunnel-ng:
* optional feature disabled warning
* SeLinux enabled flag
* cosmetics
# Bitte geben Sie eine Commit-Beschreibung für Ihre Änderungen ein. Zeilen,
Diffstat (limited to 'src')
| -rw-r--r-- | src/options.c | 52 | ||||
| -rw-r--r-- | src/options.h | 5 | ||||
| -rw-r--r-- | src/ptunnel.c | 6 | ||||
| -rw-r--r-- | src/ptunnel.h | 2 | ||||
| -rw-r--r-- | src/utils.c | 2 |
5 files changed, 43 insertions, 24 deletions
diff --git a/src/options.c b/src/options.c index d8061bd..89fcde8 100644 --- a/src/options.c +++ b/src/options.c @@ -72,6 +72,9 @@ static const struct option_usage usage[] = { }, /** --libpcap */ {"interface", 0, OPT_STR, {.str = "eth0"}, +#ifdef HAVE_PCAP + "(Not available on this platform.)\n" +#endif "Enable libpcap on the given device.\n" }, /** --logfile */ @@ -84,8 +87,7 @@ static const struct option_usage usage[] = { }, /** --passwd */ {"password", 0, OPT_STR, {.str = NULL}, - "Set password (must be same on client and proxy)\n" - "If no password is set, you will be asked during runtime.\n" + "Set a password (must be same on client and proxy)\n" }, /** --udp */ {NULL, 0, OPT_BOOL, {.num = 0}, @@ -98,35 +100,48 @@ static const struct option_usage usage[] = { "Unprivileged mode will only work on some systems, and is in general less reliable\n" "than running in privileged mode.\n" }, - /** --base64 */ - {NULL, 0, OPT_BOOL, {.num = 0}, - "Base64 encode/decode all outoging/incoming packets."}, -#ifndef WIN32 /** --daemon */ {"pidfile", 0, OPT_STR, {.str = "/run/ptunnel.pid"}, +#ifdef WIN32 + "(Not available on this platform.)\n" +#endif "Run in background, the PID will be written in the file supplied as argument\n" }, /** --syslog */ {NULL, 0, OPT_BOOL, {.num = 0}, +#ifdef WIN32 + "(Not available on this platform.)\n" +#endif "Output debug to syslog instead of standard out.\n" }, /** --user */ {"user", 0, OPT_STR, {.str = "nobody"}, +#ifdef WIN32 + "(Not available on this platform.)\n" +#endif "When started in privileged mode, drop down to user's rights as soon as possible\n" }, /** --group */ {"group", 0, OPT_STR, {.str = "nogroup"}, +#ifdef WIN32 + "(Not available on this platform.)\n" +#endif "When started in privileged mode, drop down to group's rights as soon as possible\n" }, /** --chroot */ {"directory", 0, OPT_STR, {.str = "/var/lib/ptunnel"}, +#ifdef WIN32 + "(Not available on this platform.)\n" +#endif "When started in privileged mode, restrict file access to the specified directory\n" }, -#endif /** --setcon */ - {NULL, 0, OPT_STR, {.num = 0}, + {"context", 0, OPT_STR, {.str = "ptunnel"}, +#ifndef HAVE_SELINUX + "(Not available on this platform.)\n" +#endif "Set SELinux context when all there is left to do are network I/O operations\n" - "To combine with -chroot you will have to `mount --bind /proc /chrootdir/proc`\n" + "To combine with --chroot you will have to `mount --bind /proc /chrootdir/proc`\n" }, /** --help */ {"help", 0, OPT_STR, {.str = NULL}, "this\n"}, @@ -147,15 +162,12 @@ static struct option long_options[] = { {"passwd", required_argument, 0, 'P'}, {"udp", no_argument, &opts.udp, 1 }, {"unprivileged", no_argument, &opts.unprivileged, 1 }, - {"base64", no_argument, &opts.base64, 1 }, -#ifndef WIN32 {"daemon", optional_argument, 0, 'd'}, {"syslog", no_argument, 0, 'S'}, {"user", optional_argument, 0, 'u'}, {"group", optional_argument, 0, 'g'}, {"chroot", optional_argument, 0, 'C'}, -#endif - {"setcon", no_argument, 0, 'e'}, + {"setcon", optional_argument, 0, 'e'}, {"help", no_argument, 0, 'h'}, {NULL,0,0,0} }; @@ -217,6 +229,9 @@ static void set_options_defaults(void) { opts.root_dir = strdup(*(char **)get_default_optval(OPT_STR, "chroot")); #endif +#ifdef HAVE_SELINUX + opts.selinux_context = strdup(*(char **)get_default_optval(OPT_STR, "setcon")); +#endif } static void print_multiline(const char *prefix, const char *multiline) { @@ -331,7 +346,7 @@ int parse_options(int argc, char **argv) { /* parse command line arguments */ while (1) { - c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::eh", &long_options[0], &optind); + c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::e::h", &long_options[0], &optind); if (c == -1) break; switch (c) { @@ -450,12 +465,15 @@ int parse_options(int argc, char **argv) { case 'S': case 'u': case 'g': - case 't': + case 'C': pt_log(kLog_error, "-%c: feature not supported\n", c); exit(1); #endif case 'e': #ifdef HAVE_SELINUX + opts.selinux = 1; + if (!optarg) + break; if (opts.selinux_context) free(opts.selinux_context); opts.selinux_context = strdup(optarg); @@ -499,9 +517,5 @@ int parse_options(int argc, char **argv) { } else opts.log_file = tmp_log; } - if (opts.base64 != 0) { - pt_log(kLog_debug, "Base64 enabled."); - } - return 0; } diff --git a/src/options.h b/src/options.h index 8678d60..9029b6a 100644 --- a/src/options.h +++ b/src/options.h @@ -51,8 +51,6 @@ struct options { int udp; /** unpriviledged mode */ int unprivileged; - /** use base64 encoded packets */ - int base64; #ifndef WIN32 /** run as daemon if non zero value */ @@ -72,6 +70,9 @@ struct options { #endif #ifdef HAVE_SELINUX + /** Non zero value if uer wants SeLinux */ + int selinux; + /** SeLinux context name */ char *selinux_context; #endif }; diff --git a/src/ptunnel.c b/src/ptunnel.c index 95ebbac..85f3b5f 100644 --- a/src/ptunnel.c +++ b/src/ptunnel.c @@ -506,8 +506,10 @@ void* pt_proxy(void *args) { if (opts.uid && -1 == setuid(opts.uid)) pt_log(kLog_error, "setuid(%d): %s\n", opts.uid, strerror(errno)); #ifdef HAVE_SELINUX - if (NULL != opts.selinux_context && -1 == setcon(opts.selinux_context)) - pt_log(kLog_error, "setcon(%s) failed: %s\n", opts.selinux_context, strerror(errno)); + if (opts.selinux) { + if (NULL != opts.selinux_context && -1 == setcon(opts.selinux_context)) + pt_log(kLog_error, "setcon(%s) failed: %s\n", opts.selinux_context, strerror(errno)); + } #endif #endif diff --git a/src/ptunnel.h b/src/ptunnel.h index 7ce15e3..c5a9e9b 100644 --- a/src/ptunnel.h +++ b/src/ptunnel.h @@ -66,7 +66,9 @@ #include <signal.h> #include <stdint.h> #include <stdbool.h> +#ifdef HAVE_PCAP #include <pcap.h> +#endif #include "pkt.h" #include "pdesc.h" diff --git a/src/utils.c b/src/utils.c index 0872619..996baf7 100644 --- a/src/utils.c +++ b/src/utils.c @@ -39,7 +39,7 @@ void pt_log(int level, const char *fmt, ...) { #else if (opts.log_file != stdout) #endif - fflush(opts.log_file); + fflush(opts.log_file); } } |