summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-03-20 16:43:23 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-03-20 16:43:23 +0000
commitb668ce81c0061c6c3b0f62d1cfb2b3ae10d9527a (patch)
tree449c50ae1aefc6174d3ee81413a158ff42d83de0
parent476bf8f7fcedcb4bc23b900715716f3fac897fdb (diff)
make sure the command fifo is ready before isakmpd returns. This
resolves a startup race when interacting with ipsecctl. Suggested by and discussed with moritz@ ok moritz@
-rw-r--r--sbin/isakmpd/init.c3
-rw-r--r--sbin/isakmpd/isakmpd.c5
-rw-r--r--sbin/isakmpd/monitor.c58
-rw-r--r--sbin/isakmpd/monitor.h4
4 files changed, 10 insertions, 60 deletions
diff --git a/sbin/isakmpd/init.c b/sbin/isakmpd/init.c
index 59d5aefc07e..37e494727fd 100644
--- a/sbin/isakmpd/init.c
+++ b/sbin/isakmpd/init.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: init.c,v 1.37 2005/05/26 05:14:17 hshoexer Exp $ */
+/* $OpenBSD: init.c,v 1.38 2006/03/20 16:43:22 hshoexer Exp $ */
/* $EOM: init.c,v 1.25 2000/03/30 14:27:24 ho Exp $ */
/*
@@ -94,7 +94,6 @@ init(void)
udp_init();
nat_t_init();
udp_encap_init();
- monitor_ui_init();
}
/* Reinitialize, either after a SIGHUP reception or by FIFO UI cmd. */
diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c
index eef80cd7e93..dc2f33da604 100644
--- a/sbin/isakmpd/isakmpd.c
+++ b/sbin/isakmpd/isakmpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: isakmpd.c,v 1.90 2005/12/20 22:03:53 moritz Exp $ */
+/* $OpenBSD: isakmpd.c,v 1.91 2006/03/20 16:43:22 hshoexer Exp $ */
/* $EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $ */
/*
@@ -389,6 +389,9 @@ main(int argc, char *argv[])
setprotoent(1);
setservent(1);
+ /* Open command fifo */
+ ui_init();
+
set_slave_signals();
/* Daemonize before forking unpriv'ed child */
if (!debug)
diff --git a/sbin/isakmpd/monitor.c b/sbin/isakmpd/monitor.c
index 84686c61268..ad98eb42478 100644
--- a/sbin/isakmpd/monitor.c
+++ b/sbin/isakmpd/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.63 2006/01/02 10:42:51 hshoexer Exp $ */
+/* $OpenBSD: monitor.c,v 1.64 2006/03/20 16:43:22 hshoexer Exp $ */
/*
* Copyright (c) 2003 Håkan Olsson. All rights reserved.
@@ -70,11 +70,10 @@ static void m_priv_getfd(void);
static void m_priv_setsockopt(void);
static void m_priv_req_readdir(void);
static void m_priv_bind(void);
-static void m_priv_ui_init(void);
static void m_priv_pfkey_open(void);
-static int m_priv_local_sanitize_path(char *, size_t, int);
-static int m_priv_check_sockopt(int, int);
-static int m_priv_check_bind(const struct sockaddr *, socklen_t);
+static int m_priv_local_sanitize_path(char *, size_t, int);
+static int m_priv_check_sockopt(int, int);
+static int m_priv_check_bind(const struct sockaddr *, socklen_t);
static void set_monitor_signals(void);
static void sig_pass_to_chld(int);
@@ -167,25 +166,6 @@ monitor_exit(int code)
exit(code);
}
-void
-monitor_ui_init(void)
-{
- int err, cmd;
-
- cmd = MONITOR_UI_INIT;
- must_write(&cmd, sizeof cmd);
-
- must_read(&err, sizeof err);
- if (err != 0)
- log_fatal("monitor_ui_init: parent could not create FIFO "
- "\"%s\"", ui_fifo);
-
- ui_socket = mm_receive_fd(m_state.s);
- if (ui_socket < 0)
- log_fatal("monitor_ui_init: parent could not create FIFO "
- "\"%s\"", ui_fifo);
-}
-
int
monitor_pf_key_v2_open(void)
{
@@ -452,12 +432,6 @@ monitor_loop(int debug)
m_priv_getfd();
break;
- case MONITOR_UI_INIT:
- LOG_DBG((LOG_MISC, 80,
- "monitor_loop: MONITOR_UI_INIT"));
- m_priv_ui_init();
- break;
-
case MONITOR_PFKEY_OPEN:
LOG_DBG((LOG_MISC, 80,
"monitor_loop: MONITOR_PFKEY_OPEN"));
@@ -504,30 +478,6 @@ monitor_loop(int debug)
/* Privileged: called by monitor_loop. */
static void
-m_priv_ui_init(void)
-{
- int err = 0;
-
- ui_init();
-
- if (ui_socket < 0)
- err = -1;
-
- must_write(&err, sizeof err);
-
- if (ui_socket >= 0 && mm_send_fd(m_state.s, ui_socket)) {
- log_error("m_priv_ui_init: read/write operation failed");
- close(ui_socket);
- return;
- }
-
- /* In case of stdin, we do not close the socket. */
- if (ui_socket > 0)
- close(ui_socket);
-}
-
-/* Privileged: called by monitor_loop. */
-static void
m_priv_pfkey_open(void)
{
int fd, err = 0;
diff --git a/sbin/isakmpd/monitor.h b/sbin/isakmpd/monitor.h
index 8011fb31abe..1590b48d390 100644
--- a/sbin/isakmpd/monitor.h
+++ b/sbin/isakmpd/monitor.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.h,v 1.17 2005/05/28 18:52:12 hshoexer Exp $ */
+/* $OpenBSD: monitor.h,v 1.18 2006/03/20 16:43:22 hshoexer Exp $ */
/*
* Copyright (c) 2003 Håkan Olsson. All rights reserved.
@@ -35,7 +35,6 @@
#define ISAKMP_PORT_DEFAULT 500
enum monitor_reqtypes {
- MONITOR_UI_INIT,
MONITOR_PFKEY_OPEN,
MONITOR_GET_FD,
MONITOR_SETSOCKOPT,
@@ -61,7 +60,6 @@ int monitor_req_readdir(const char *);
int monitor_readdir(char *, size_t);
void monitor_init_done(void);
-void monitor_ui_init(void);
int monitor_pf_key_v2_open(void);
void monitor_exit(int);