diff --git a/src/config.c b/src/config.c index a9d2bdb2..cdb8cd08 100644 --- a/src/config.c +++ b/src/config.c @@ -84,6 +84,7 @@ const struct vpn_config invalid_cfg = { .user_agent = NULL, .hostcheck = NULL, .check_virtual_desktop = NULL, + .daemonize = 0 }; /* @@ -452,6 +453,15 @@ int load_config(struct vpn_config *cfg, const char *filename) } else if (strcmp(key, "check-virtual-desktop") == 0) { free(cfg->check_virtual_desktop); cfg->check_virtual_desktop = strdup(val); + } else if (strcmp(key, "daemonize") == 0) { + int daemonize = strtob(val); + + if (daemonize < 0) { + log_warn("Bad daemonize in config file: \"%s\".\n", + val); + continue; + } + cfg->daemonize = daemonize; } else { log_warn("Bad key in config file: \"%s\".\n", key); goto err_free; @@ -604,4 +614,6 @@ void merge_config(struct vpn_config *dst, struct vpn_config *src) dst->hostcheck = src->hostcheck; if (src->check_virtual_desktop != invalid_cfg.check_virtual_desktop) dst->check_virtual_desktop = src->check_virtual_desktop; + if (src->daemonize != invalid_cfg.daemonize) + dst->daemonize = src->daemonize; } diff --git a/src/config.h b/src/config.h index 6c317eed..fc09b632 100644 --- a/src/config.h +++ b/src/config.h @@ -129,6 +129,7 @@ struct vpn_config { char *user_agent; char *hostcheck; char *check_virtual_desktop; + int daemonize; }; int add_trusted_cert(struct vpn_config *cfg, const char *digest); diff --git a/src/main.c b/src/main.c index f299bd77..f29fc2e4 100644 --- a/src/main.c +++ b/src/main.c @@ -142,7 +142,8 @@ PPPD_USAGE \ " certificate will be matched against this value.\n" \ " is the X509 certificate's sha256 sum.\n" \ " This option can be used multiple times to trust\n" \ -" several certificates.\n" +" several certificates.\n" \ +" --daemonize Run in daemon mode.\n" #define help_options_part2 \ " --insecure-ssl Do not disable insecure SSL protocols/ciphers.\n" \ @@ -181,13 +182,13 @@ PPPD_USAGE \ " trusted-cert = certificatedigest4daa8c5fe6c...\n" \ " trusted-cert = othercertificatedigest6631bf...\n" \ " For a full-featured config see man openfortivpn(1).\n" - int main(int argc, char **argv) { int ret = EXIT_FAILURE; const char *config_file = SYSCONFDIR "/openfortivpn/config"; const char *host; char *port_str; + pid_t process_id = 0; struct vpn_config cfg = { .gateway_host = {'\0'}, @@ -206,6 +207,7 @@ int main(int argc, char **argv) .use_syslog = 0, .half_internet_routes = 0, .persistent = 0, + .daemonize = 0, #if HAVE_RESOLVCONF .use_resolvconf = USE_RESOLVCONF, #endif @@ -265,6 +267,7 @@ int main(int argc, char **argv) {"cipher-list", required_argument, NULL, 0}, {"min-tls", required_argument, NULL, 0}, {"seclevel-1", no_argument, &cli_cfg.seclevel_1, 1}, + {"daemonize", no_argument, &cli_cfg.daemonize, 1}, #if HAVE_USR_SBIN_PPPD {"pppd-use-peerdns", required_argument, NULL, 0}, {"pppd-no-peerdns", no_argument, &cli_cfg.pppd_use_peerdns, 0}, @@ -567,6 +570,24 @@ int main(int argc, char **argv) // Then apply CLI config merge_config(&cfg, &cli_cfg); + if (cfg.daemonize) { + if (cfg.use_syslog == 0) { + log_info("Sorry, only syslog is available when running in Daemon mode"); + cfg.use_syslog = 1; + } + process_id = fork(); + // Indication of fork() failure + if (process_id < 0) { + printf("Forking failure! Cannot start daemon!\n"); + exit(1); + } + // PARENT PROCESS. Need to kill it. + if (process_id > 0) { + printf("Started as daemon with PID: %u\n", process_id); + /* Killing parent process */ + exit(0); + } + } set_syslog(cfg.use_syslog); // Read host and port from the command line