From c61370f06e2afa38fa166adeb58247df3f8d1680 Mon Sep 17 00:00:00 2001
From: Steffan Karger <steffan@karger.me>
Date: Mon, 13 Apr 2015 22:03:55 +0200
Subject: [PATCH] Call daemon() before initializing crypto library
But keep the chdir to / at the place where deamon() was before, to preserve
the current behaviour wrt relative paths in the config.
This should fix the issue reported in trac #480, without changing the
behaviour visible to the end user.
Note that calling platform_mlockall() can now also be done at a single
place, right after calling possibly_become_daemon().
Signed-off-by: Steffan Karger <steffan@karger.me>
---
src/openvpn/init.c | 26 ++++++++++++++------------
1 file changed, 14 insertions(+), 12 deletions(-)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 73c6aff..54860b6 100644
|
a
|
b
|
possibly_become_daemon (const struct options *options) |
| 923 | 923 | if (options->daemon) |
| 924 | 924 | { |
| 925 | 925 | ASSERT (!options->inetd); |
| 926 | | if (daemon (options->cd_dir != NULL, options->log) < 0) |
| | 926 | /* Don't chdir now, but the end of the init sequence, if needed */ |
| | 927 | if (daemon (1, options->log) < 0) |
| 927 | 928 | msg (M_ERR, "daemon() failed or unsupported"); |
| 928 | 929 | restore_signal_state (); |
| 929 | 930 | if (options->log) |
| … |
… |
do_compute_occ_strings (struct context *c) |
| 2743 | 2744 | static void |
| 2744 | 2745 | do_init_first_time (struct context *c) |
| 2745 | 2746 | { |
| 2746 | | if (c->first_time && !c->did_we_daemonize && !c->c0) |
| | 2747 | if (c->first_time && !c->c0) |
| 2747 | 2748 | { |
| 2748 | 2749 | struct context_0 *c0; |
| 2749 | 2750 | |
| … |
… |
do_init_first_time (struct context *c) |
| 2758 | 2759 | /* get --writepid file descriptor */ |
| 2759 | 2760 | get_pid_file (c->options.writepid, &c0->pid_state); |
| 2760 | 2761 | |
| 2761 | | /* become a daemon if --daemon */ |
| 2762 | | c->did_we_daemonize = possibly_become_daemon (&c->options); |
| 2763 | | |
| 2764 | | /* should we disable paging? */ |
| 2765 | | if (c->options.mlock && c->did_we_daemonize) |
| 2766 | | platform_mlockall (true); /* call again in case we daemonized */ |
| | 2762 | /* perform postponed chdir if --daemon */ |
| | 2763 | if (c->did_we_daemonize && c->options.cd_dir == NULL) |
| | 2764 | platform_chdir("/"); |
| 2767 | 2765 | |
| 2768 | 2766 | /* save process ID in a file */ |
| 2769 | 2767 | write_pid (&c0->pid_state); |
| … |
… |
init_instance (struct context *c, const struct env_set *env, const unsigned int |
| 3335 | 3333 | link_socket_mode = LS_MODE_TCP_ACCEPT_FROM; |
| 3336 | 3334 | } |
| 3337 | 3335 | |
| 3338 | | /* should we disable paging? */ |
| 3339 | | if (c->first_time && options->mlock) |
| 3340 | | platform_mlockall (true); |
| 3341 | | |
| 3342 | 3336 | #if P2MP |
| 3343 | 3337 | /* get passwords if undefined */ |
| 3344 | 3338 | if (auth_retry_get () == AR_INTERACT) |
| … |
… |
init_instance (struct context *c, const struct env_set *env, const unsigned int |
| 3356 | 3350 | if (c->mode == CM_P2P || c->mode == CM_TOP) |
| 3357 | 3351 | do_option_warnings (c); |
| 3358 | 3352 | |
| | 3353 | /* become a daemon if --daemon */ |
| | 3354 | if (c->first_time) |
| | 3355 | c->did_we_daemonize = possibly_become_daemon (&c->options); |
| | 3356 | |
| | 3357 | /* should we disable paging? */ |
| | 3358 | if (c->first_time && options->mlock) |
| | 3359 | platform_mlockall (true); |
| | 3360 | |
| 3359 | 3361 | #ifdef ENABLE_PLUGIN |
| 3360 | 3362 | /* initialize plugins */ |
| 3361 | 3363 | if (c->mode == CM_P2P || c->mode == CM_TOP) |
