Ticket #480: 150413-Call-daemon-before-initializing-crypto-library.patch

File 150413-Call-daemon-before-initializing-crypto-library.patch, 3.0 KB (added by Steffan Karger, 6 years ago)
  • src/openvpn/init.c

    From c61370f06e2afa38fa166adeb58247df3f8d1680 Mon Sep 17 00:00:00 2001
    From: Steffan Karger <steffan@karger.me>
    Date: Mon, 13 Apr 2015 22:03:55 +0200
    Subject: [PATCH] Call daemon() before initializing crypto library
    
    But keep the chdir to / at the place where deamon() was before, to preserve
    the current behaviour wrt relative paths in the config.
    
    This should fix the issue reported in trac #480, without changing the
    behaviour visible to the end user.
    
    Note that calling platform_mlockall() can now also be done at a single
    place, right after calling possibly_become_daemon().
    
    Signed-off-by: Steffan Karger <steffan@karger.me>
    ---
     src/openvpn/init.c | 26 ++++++++++++++------------
     1 file changed, 14 insertions(+), 12 deletions(-)
    
    diff --git a/src/openvpn/init.c b/src/openvpn/init.c
    index 73c6aff..54860b6 100644
    a b possibly_become_daemon (const struct options *options) 
    923923  if (options->daemon)
    924924    {
    925925      ASSERT (!options->inetd);
    926       if (daemon (options->cd_dir != NULL, options->log) < 0)
     926      /* Don't chdir now, but the end of the init sequence, if needed */
     927      if (daemon (1, options->log) < 0)
    927928        msg (M_ERR, "daemon() failed or unsupported");
    928929      restore_signal_state ();
    929930      if (options->log)
    do_compute_occ_strings (struct context *c) 
    27432744static void
    27442745do_init_first_time (struct context *c)
    27452746{
    2746   if (c->first_time && !c->did_we_daemonize && !c->c0)
     2747  if (c->first_time && !c->c0)
    27472748    {
    27482749      struct context_0 *c0;
    27492750
    do_init_first_time (struct context *c) 
    27582759      /* get --writepid file descriptor */
    27592760      get_pid_file (c->options.writepid, &c0->pid_state);
    27602761
    2761       /* become a daemon if --daemon */
    2762       c->did_we_daemonize = possibly_become_daemon (&c->options);
    2763 
    2764       /* should we disable paging? */
    2765       if (c->options.mlock && c->did_we_daemonize)
    2766         platform_mlockall (true);       /* call again in case we daemonized */
     2762      /* perform postponed chdir if --daemon */
     2763      if (c->did_we_daemonize && c->options.cd_dir == NULL)
     2764        platform_chdir("/");
    27672765
    27682766      /* save process ID in a file */
    27692767      write_pid (&c0->pid_state);
    init_instance (struct context *c, const struct env_set *env, const unsigned int 
    33353333        link_socket_mode = LS_MODE_TCP_ACCEPT_FROM;
    33363334    }
    33373335
    3338   /* should we disable paging? */
    3339   if (c->first_time && options->mlock)
    3340     platform_mlockall (true);
    3341 
    33423336#if P2MP
    33433337  /* get passwords if undefined */
    33443338  if (auth_retry_get () == AR_INTERACT)
    init_instance (struct context *c, const struct env_set *env, const unsigned int 
    33563350  if (c->mode == CM_P2P || c->mode == CM_TOP)
    33573351    do_option_warnings (c);
    33583352
     3353  /* become a daemon if --daemon */
     3354  if (c->first_time)
     3355    c->did_we_daemonize = possibly_become_daemon (&c->options);
     3356
     3357  /* should we disable paging? */
     3358  if (c->first_time && options->mlock)
     3359    platform_mlockall (true);
     3360
    33593361#ifdef ENABLE_PLUGIN
    33603362  /* initialize plugins */
    33613363  if (c->mode == CM_P2P || c->mode == CM_TOP)