j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

- route.c is now used to determine destination

Browse source 
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
This commit is contained in:
Guus Sliepen 2001-03-04 13:59:32 +00:00
parent d2a54597e0
commit 34f9e6cf2d
8 changed files with 187 additions and 198 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/Makefile.am
View file

@ -1,15 +1,15 @@
## Produce this file with automake to get Makefile.in ## Produce this file with automake to get Makefile.in
# $Id: Makefile.am,v 1.4.4.12 2001/02/11 11:50:09 guus Exp $ # $Id: Makefile.am,v 1.4.4.13 2001/03/04 13:59:25 guus Exp $
sbin_PROGRAMS = tincd sbin_PROGRAMS = tincd
tincd_SOURCES = conf.c connection.c meta.c net.c netutl.c process.c \ tincd_SOURCES = conf.c connection.c meta.c net.c netutl.c process.c \
protocol.c subnet.c tincd.c protocol.c route.c subnet.c tincd.c
INCLUDES = @INCLUDES@ -I$(top_builddir) -I$(top_srcdir)/lib -I$(top_srcdir)/intl INCLUDES = @INCLUDES@ -I$(top_builddir) -I$(top_srcdir)/lib -I$(top_srcdir)/intl
noinst_HEADERS = conf.h connection.h meta.h net.h netutl.h process.h \ noinst_HEADERS = conf.h connection.h meta.h net.h netutl.h process.h \
protocol.h subnet.h protocol.h route.h subnet.h
LIBS = @LIBS@ @INTLLIBS@ LIBS = @LIBS@ @INTLLIBS@

10
src/connection.c
View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.c,v 1.1.2.9 2001/01/07 17:08:56 guus Exp $ $Id: connection.c,v 1.1.2.10 2001/03/04 13:59:25 guus Exp $
*/ */
#include "config.h" #include "config.h"
@ -190,15 +190,15 @@ void dump_connection_list(void)
cp cp
syslog(LOG_DEBUG, _("Connection list:")); syslog(LOG_DEBUG, _("Connection list:"));
syslog(LOG_DEBUG, _(" %s at %s port %hd flags %d sockets %d, %d status %04x"), syslog(LOG_DEBUG, _(" %s at %s port %hd options %ld sockets %d, %d status %04x"),
myself->name, myself->hostname, myself->port, myself->flags, myself->name, myself->hostname, myself->port, myself->options,
myself->socket, myself->meta_socket, myself->status); myself->socket, myself->meta_socket, myself->status);
for(node = connection_tree->head; node; node = node->next) for(node = connection_tree->head; node; node = node->next)
{ {
cl = (connection_t *)node->data; cl = (connection_t *)node->data;
syslog(LOG_DEBUG, _(" %s at %s port %hd flags %d sockets %d, %d status %04x"), syslog(LOG_DEBUG, _(" %s at %s port %hd options %ld sockets %d, %d status %04x"),
cl->name, cl->hostname, cl->port, cl->flags, cl->name, cl->hostname, cl->port, cl->options,
cl->socket, cl->meta_socket, cl->status); cl->socket, cl->meta_socket, cl->status);
} }

3
src/connection.h
View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.h,v 1.1.2.7 2001/01/07 20:19:29 guus Exp $ $Id: connection.h,v 1.1.2.8 2001/03/04 13:59:25 guus Exp $
*/ */
#ifndef __TINC_CONNECTION_H__ #ifndef __TINC_CONNECTION_H__
@ -70,7 +70,6 @@ typedef struct connection_t {
short unsigned int port; /* port number for UDP traffic */ short unsigned int port; /* port number for UDP traffic */
long int options; /* options turned on for this connection */ long int options; /* options turned on for this connection */
int flags; /* his flags */
int socket; /* our udp vpn socket */ int socket; /* our udp vpn socket */
int meta_socket; /* our tcp meta socket */ int meta_socket; /* our tcp meta socket */
status_bits_t status; /* status info */ status_bits_t status; /* status info */

240
src/net.c
View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net.c,v 1.35.4.101 2001/03/01 21:32:01 guus Exp $ $Id: net.c,v 1.35.4.102 2001/03/04 13:59:25 guus Exp $
*/ */
#include "config.h" #include "config.h"
@ -85,6 +85,7 @@
#include "protocol.h" #include "protocol.h"
#include "subnet.h" #include "subnet.h"
#include "process.h" #include "process.h"
#include "route.h"
#include "system.h" #include "system.h"
@ -103,34 +104,43 @@ int keyexpires = 0;
char *unknown = NULL; char *unknown = NULL;
subnet_t mymac; void send_udppacket(connection_t *cl, vpn_packet_t *inpkt)
int xsend(connection_t *cl, vpn_packet_t *inpkt)
{ {
vpn_packet_t outpkt; vpn_packet_t outpkt;
int outlen, outpad; int outlen, outpad;
EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx;
struct sockaddr_in to; struct sockaddr_in to;
socklen_t tolen = sizeof(to); socklen_t tolen = sizeof(to);
vpn_packet_t *copy;
cp cp
outpkt.len = inpkt->len; if(!cl->status.validkey)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"),
cl->name, cl->hostname);
/* Since packet is on the stack of handle_tap_input(),
we have to make a copy of it first. */
copy = xmalloc(sizeof(vpn_packet_t));
memcpy(copy, inpkt, sizeof(vpn_packet_t));
list_insert_tail(cl->queue, copy);
if(!cl->status.waitingforkey)
send_req_key(myself, cl);
return;
}
/* Encrypt the packet. */ /* Encrypt the packet. */
outpkt.len = inpkt->len;
EVP_EncryptInit(&ctx, cl->cipher_pkttype, cl->cipher_pktkey, cl->cipher_pktkey + cl->cipher_pkttype->key_len); EVP_EncryptInit(&ctx, cl->cipher_pkttype, cl->cipher_pktkey, cl->cipher_pktkey + cl->cipher_pkttype->key_len);
EVP_EncryptUpdate(&ctx, outpkt.data, &outlen, inpkt->data, inpkt->len); EVP_EncryptUpdate(&ctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
EVP_EncryptFinal(&ctx, outpkt.data + outlen, &outpad); EVP_EncryptFinal(&ctx, outpkt.data + outlen, &outpad);
outlen += outpad + 2; outlen += outpad + 2;
/* Bypass
outlen = outpkt.len + 2;
memcpy(&outpkt, inpkt, outlen);
*/
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
outlen, cl->name, cl->hostname);
total_socket_out += outlen; total_socket_out += outlen;
to.sin_family = AF_INET; to.sin_family = AF_INET;
@ -141,13 +151,22 @@ cp
{ {
syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"), syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
cl->name, cl->hostname); cl->name, cl->hostname);
return -1; return;
} }
cp cp
return 0;
} }
int xrecv(connection_t *cl, vpn_packet_t *inpkt) void receive_packet(connection_t *cl, vpn_packet_t *packet)
{
cp
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), packet->len, cl->name, cl->hostname);
route_incoming(cl, packet);
cp
}
void receive_udppacket(connection_t *cl, vpn_packet_t *inpkt)
{ {
vpn_packet_t outpkt; vpn_packet_t outpkt;
int outlen, outpad; int outlen, outpad;
@ -162,24 +181,17 @@ cp
EVP_DecryptFinal(&ctx, outpkt.data + outlen, &outpad); EVP_DecryptFinal(&ctx, outpkt.data + outlen, &outpad);
outlen += outpad; outlen += outpad;
/* Bypass receive_packet(cl, &outpkt);
outlen = outpkt.len+2;
memcpy(&outpkt, inpkt, outlen);
*/
cp cp
return receive_packet(cl, &outpkt);
} }
int receive_packet(connection_t *cl, vpn_packet_t *packet) void accept_packet(vpn_packet_t *packet)
{ {
cp
if(debug_lvl >= DEBUG_TRAFFIC) if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_ERR, _("Writing packet of %d bytes to tap device"), syslog(LOG_DEBUG, _("Writing packet of %d bytes to tap device"),
packet->len); packet->len);
/* Fix mac address */
memcpy(packet->data, mymac.net.mac.address.x, 6);
if(taptype == TAP_TYPE_TUNTAP) if(taptype == TAP_TYPE_TUNTAP)
{ {
if(write(tap_fd, packet->data, packet->len) < 0) if(write(tap_fd, packet->data, packet->len) < 0)
@ -195,40 +207,26 @@ int receive_packet(connection_t *cl, vpn_packet_t *packet)
total_tap_out += packet->len + 2; total_tap_out += packet->len + 2;
} }
cp cp
return 0;
} }
/* /*
send a packet to the given vpn ip. send a packet to the given vpn ip.
*/ */
int send_packet(ip_t to, vpn_packet_t *packet) void send_packet(connection_t *cl, vpn_packet_t *packet)
{ {
connection_t *cl;
subnet_t *subnet;
vpn_packet_t *copy;
cp cp
if((subnet = lookup_subnet_ipv4(&to)) == NULL) if(debug_lvl >= DEBUG_TRAFFIC)
{ syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
if(debug_lvl >= DEBUG_TRAFFIC) packet->len, cl->name, cl->hostname);
{
syslog(LOG_NOTICE, _("Trying to look up %d.%d.%d.%d in connection list failed!"),
IP_ADDR_V(to));
}
return -1;
}
cl = subnet->owner;
if(cl == myself) if(cl == myself)
{ {
if(debug_lvl >= DEBUG_TRAFFIC) if(debug_lvl >= DEBUG_TRAFFIC)
{ {
syslog(LOG_NOTICE, _("Packet with destination %d.%d.%d.%d is looping back to us!"), syslog(LOG_NOTICE, _("Packet is looping back to us!"));
IP_ADDR_V(to));
} }
return -1; return;
} }
if(!cl->status.active) if(!cl->status.active)
@ -237,34 +235,18 @@ cp
syslog(LOG_INFO, _("%s (%s) is not active, dropping packet"), syslog(LOG_INFO, _("%s (%s) is not active, dropping packet"),
cl->name, cl->hostname); cl->name, cl->hostname);
return 0; return;
} }
if(!cl->status.validkey) /* Check if it has to go via TCP or UDP... */
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"),
cl->name, cl->hostname);
/* Since packet is on the stack of handle_tap_input(),
we have to make a copy of it first. */
copy = xmalloc(sizeof(vpn_packet_t));
memcpy(copy, packet, sizeof(vpn_packet_t));
list_insert_tail(cl->queue, copy);
if(!cl->status.waitingforkey)
send_req_key(myself, cl); /* Keys should be sent to the host running the tincd */
return 0;
}
/* Check if it has to go via UDP or TCP... */
cp cp
if(cl->options & OPTION_TCPONLY) if((cl->options | myself->options) & OPTION_TCPONLY)
return send_tcppacket(cl, packet); {
if(send_tcppacket(cl, packet))
terminate_connection(cl);
}
else else
return xsend(cl, packet); send_udppacket(cl, packet);
} }
void flush_queue(connection_t *cl) void flush_queue(connection_t *cl)
@ -273,11 +255,11 @@ void flush_queue(connection_t *cl)
cp cp
if(debug_lvl >= DEBUG_TRAFFIC) if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("Flushing queue for %s (%s)"), cl->name, cl->hostname); syslog(LOG_INFO, _("Flushing queue for %s (%s)"), cl->name, cl->hostname);
for(node = cl->queue->head; node; node = next) for(node = cl->queue->head; node; node = next)
{ {
next = node->next; next = node->next;
xsend(cl, (vpn_packet_t *)node->data); send_udppacket(cl, (vpn_packet_t *)node->data);
list_delete_node(cl->queue, node); list_delete_node(cl->queue, node);
} }
cp cp
@ -297,7 +279,7 @@ int setup_tap_fd(void)
# endif # endif
#endif #endif
cp cp
if((cfg = get_config_val(config, config_tapdevice))) if((cfg = get_config_val(config, config_tapdevice)))
tapfname = cfg->data.ptr; tapfname = cfg->data.ptr;
else else
@ -328,7 +310,7 @@ cp
taptype = TAP_TYPE_ETHERTAP; taptype = TAP_TYPE_ETHERTAP;
/* Set default MAC address for ethertap devices */ /* Set default MAC address for ethertap devices */
mymac.type = SUBNET_MAC; mymac.type = SUBNET_MAC;
mymac.net.mac.address.x[0] = 0xfe; mymac.net.mac.address.x[0] = 0xfe;
mymac.net.mac.address.x[1] = 0xfd; mymac.net.mac.address.x[1] = 0xfd;
@ -387,7 +369,7 @@ cp
} }
/* Optimize TCP settings */ /* Optimize TCP settings */
option = 1; option = 1;
setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option)); setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option));
setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, &option, sizeof(option)); setsockopt(nfd, SOL_SOCKET, SO_KEEPALIVE, &option, sizeof(option));
@ -395,7 +377,7 @@ cp
option = IPTOS_LOWDELAY; option = IPTOS_LOWDELAY;
setsockopt(nfd, SOL_IP, IP_TOS, &option, sizeof(option)); setsockopt(nfd, SOL_IP, IP_TOS, &option, sizeof(option));
if((cfg = get_config_val(config, config_interface))) if((cfg = get_config_val(config, config_interface)))
{ {
if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, cfg->data.ptr, strlen(cfg->data.ptr))) if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, cfg->data.ptr, strlen(cfg->data.ptr)))
@ -409,7 +391,7 @@ cp
memset(&a, 0, sizeof(a)); memset(&a, 0, sizeof(a));
a.sin_family = AF_INET; a.sin_family = AF_INET;
a.sin_port = htons(port); a.sin_port = htons(port);
if((cfg = get_config_val(config, config_interfaceip))) if((cfg = get_config_val(config, config_interfaceip)))
a.sin_addr.s_addr = htonl(cfg->data.ip->address); a.sin_addr.s_addr = htonl(cfg->data.ip->address);
else else
@ -516,16 +498,16 @@ cp
} }
/* Optimize TCP settings */ /* Optimize TCP settings */
option = 1; option = 1;
setsockopt(cl->meta_socket, SOL_SOCKET, SO_KEEPALIVE, &option, sizeof(option)); setsockopt(cl->meta_socket, SOL_SOCKET, SO_KEEPALIVE, &option, sizeof(option));
setsockopt(cl->meta_socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option)); setsockopt(cl->meta_socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
option = IPTOS_LOWDELAY; option = IPTOS_LOWDELAY;
setsockopt(cl->meta_socket, SOL_IP, IP_TOS, &option, sizeof(option)); setsockopt(cl->meta_socket, SOL_IP, IP_TOS, &option, sizeof(option));
/* Connect */ /* Connect */
a.sin_family = AF_INET; a.sin_family = AF_INET;
a.sin_port = htons(cl->port); a.sin_port = htons(cl->port);
a.sin_addr.s_addr = htonl(cl->address); a.sin_addr.s_addr = htonl(cl->address);
@ -572,21 +554,21 @@ cp
ncn = new_connection(); ncn = new_connection();
asprintf(&ncn->name, "%s", name); asprintf(&ncn->name, "%s", name);
if(read_host_config(ncn)) if(read_host_config(ncn))
{ {
syslog(LOG_ERR, _("Error reading host configuration file for %s"), ncn->name); syslog(LOG_ERR, _("Error reading host configuration file for %s"), ncn->name);
free_connection(ncn); free_connection(ncn);
return -1; return -1;
} }
if(!(cfg = get_config_val(ncn->config, config_address))) if(!(cfg = get_config_val(ncn->config, config_address)))
{ {
syslog(LOG_ERR, _("No address specified for %s"), ncn->name); syslog(LOG_ERR, _("No address specified for %s"), ncn->name);
free_connection(ncn); free_connection(ncn);
return -1; return -1;
} }
if(!(h = gethostbyname(cfg->data.ptr))) if(!(h = gethostbyname(cfg->data.ptr)))
{ {
syslog(LOG_ERR, _("Error looking up `%s': %m"), cfg->data.ptr); syslog(LOG_ERR, _("Error looking up `%s': %m"), cfg->data.ptr);
@ -596,7 +578,7 @@ cp
ncn->address = ntohl(*((ip_t*)(h->h_addr_list[0]))); ncn->address = ntohl(*((ip_t*)(h->h_addr_list[0])));
ncn->hostname = hostlookup(htonl(ncn->address)); ncn->hostname = hostlookup(htonl(ncn->address));
if(setup_outgoing_meta_socket(ncn) < 0) if(setup_outgoing_meta_socket(ncn) < 0)
{ {
syslog(LOG_ERR, _("Could not set up a meta connection to %s"), syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
@ -660,10 +642,10 @@ cp
} }
else else
return -1; return -1;
} }
/* Else, check if a harnessed public key is in the config file */ /* Else, check if a harnessed public key is in the config file */
asprintf(&fname, "%s/hosts/%s", confbase, cl->name); asprintf(&fname, "%s/hosts/%s", confbase, cl->name);
if((fp = fopen(fname, "r"))) if((fp = fopen(fname, "r")))
{ {
@ -713,7 +695,7 @@ cp
cfg->data.ptr); cfg->data.ptr);
return -1; return -1;
} }
} }
else else
{ {
syslog(LOG_ERR, _("No private key for tinc daemon specified!")); syslog(LOG_ERR, _("No private key for tinc daemon specified!"));
@ -735,7 +717,7 @@ cp
myself = new_connection(); myself = new_connection();
asprintf(&myself->hostname, "MYSELF"); asprintf(&myself->hostname, "MYSELF");
myself->flags = 0; myself->options = 0;
myself->protocol_version = PROT_CURRENT; myself->protocol_version = PROT_CURRENT;
if(!(cfg = get_config_val(config, config_name))) /* Not acceptable */ if(!(cfg = get_config_val(config, config_name))) /* Not acceptable */
@ -763,7 +745,7 @@ cp
if(read_rsa_public_key(myself)) if(read_rsa_public_key(myself))
return -1; return -1;
cp cp
/* /*
if(RSA_check_key(myself->rsa_key) != 1) if(RSA_check_key(myself->rsa_key) != 1)
@ -779,11 +761,11 @@ cp
if((cfg = get_config_val(myself->config, config_indirectdata))) if((cfg = get_config_val(myself->config, config_indirectdata)))
if(cfg->data.val == stupid_true) if(cfg->data.val == stupid_true)
myself->flags |= EXPORTINDIRECTDATA; myself->options |= OPTION_INDIRECT;
if((cfg = get_config_val(myself->config, config_tcponly))) if((cfg = get_config_val(myself->config, config_tcponly)))
if(cfg->data.val == stupid_true) if(cfg->data.val == stupid_true)
myself->flags |= TCPONLY; myself->options |= OPTION_TCPONLY;
/* Read in all the subnets specified in the host configuration file */ /* Read in all the subnets specified in the host configuration file */
@ -793,18 +775,18 @@ cp
net->type = SUBNET_IPV4; net->type = SUBNET_IPV4;
net->net.ipv4.address = cfg->data.ip->address; net->net.ipv4.address = cfg->data.ip->address;
net->net.ipv4.mask = cfg->data.ip->mask; net->net.ipv4.mask = cfg->data.ip->mask;
/* Teach newbies what subnets are... */ /* Teach newbies what subnets are... */
if((net->net.ipv4.address & net->net.ipv4.mask) != net->net.ipv4.address) if((net->net.ipv4.address & net->net.ipv4.mask) != net->net.ipv4.address)
{ {
syslog(LOG_ERR, _("Network address and subnet mask do not match!")); syslog(LOG_ERR, _("Network address and subnet mask do not match!"));
return -1; return -1;
} }
subnet_add(myself, net); subnet_add(myself, net);
} }
if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
{ {
syslog(LOG_ERR, _("Unable to set up a listening TCP socket!")); syslog(LOG_ERR, _("Unable to set up a listening TCP socket!"));
@ -830,11 +812,11 @@ cp
keylifetime = 3600; keylifetime = 3600;
else else
keylifetime = cfg->data.val; keylifetime = cfg->data.val;
keyexpires = time(NULL) + keylifetime; keyexpires = time(NULL) + keylifetime;
cp cp
/* Check some options */ /* Check some options */
if((cfg = get_config_val(config, config_indirectdata))) if((cfg = get_config_val(config, config_indirectdata)))
{ {
if(cfg->data.val == stupid_true) if(cfg->data.val == stupid_true)
@ -846,6 +828,10 @@ cp
if(cfg->data.val == stupid_true) if(cfg->data.val == stupid_true)
myself->options |= OPTION_TCPONLY; myself->options |= OPTION_TCPONLY;
} }
if(myself->options & OPTION_TCPONLY)
myself->options |= OPTION_INDIRECT;
/* Activate ourselves */ /* Activate ourselves */
myself->status.active = 1; myself->status.active = 1;
@ -914,7 +900,7 @@ cp
/* Run tinc-up script to further initialize the tap interface */ /* Run tinc-up script to further initialize the tap interface */
execute_script("tinc-up"); execute_script("tinc-up");
if(setup_myself() < 0) if(setup_myself() < 0)
return -1; return -1;
@ -929,7 +915,7 @@ cp
return 0; return 0;
cfg = get_config_val(upstreamcfg, config_connectto); /* Or else we try the next ConnectTo line */ cfg = get_config_val(upstreamcfg, config_connectto); /* Or else we try the next ConnectTo line */
} }
if(do_detach) if(do_detach)
{ {
signal(SIGALRM, sigalrm_handler); signal(SIGALRM, sigalrm_handler);
@ -1008,7 +994,7 @@ cp
p->buffer = xmalloc(MAXBUFSIZE); p->buffer = xmalloc(MAXBUFSIZE);
p->buflen = 0; p->buflen = 0;
p->last_ping_time = time(NULL); p->last_ping_time = time(NULL);
if(debug_lvl >= DEBUG_CONNECTIONS) if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_NOTICE, _("Connection from %s port %d"), syslog(LOG_NOTICE, _("Connection from %s port %d"),
p->hostname, htons(ci.sin_port)); p->hostname, htons(ci.sin_port));
@ -1047,7 +1033,7 @@ cp
udp socket and write it to the ethertap udp socket and write it to the ethertap
device after being decrypted device after being decrypted
*/ */
int handle_incoming_vpn_data(void) void handle_incoming_vpn_data(void)
{ {
vpn_packet_t pkt; vpn_packet_t pkt;
int x, l = sizeof(x); int x, l = sizeof(x);
@ -1060,36 +1046,30 @@ cp
{ {
syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m"), syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m"),
__FILE__, __LINE__, myself->socket); __FILE__, __LINE__, myself->socket);
return -1; return;
} }
if(x) if(x)
{ {
syslog(LOG_ERR, _("Incoming data socket error: %s"), strerror(x)); syslog(LOG_ERR, _("Incoming data socket error: %s"), strerror(x));
return -1; return;
} }
if((lenin = recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, (struct sockaddr *)&from, &fromlen)) <= 0) if((lenin = recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, (struct sockaddr *)&from, &fromlen)) <= 0)
{ {
syslog(LOG_ERR, _("Receiving packet failed: %m")); syslog(LOG_ERR, _("Receiving packet failed: %m"));
return -1; return;
} }
cl = lookup_connection(ntohl(from.sin_addr.s_addr), ntohs(from.sin_port)); cl = lookup_connection(ntohl(from.sin_addr.s_addr), ntohs(from.sin_port));
if(!cl) if(!cl)
{ {
syslog(LOG_WARNING, _("Received UDP packets on port %hd from unknown source %x:%hd"), myself->port, ntohl(from.sin_addr.s_addr), ntohs(from.sin_port)); syslog(LOG_WARNING, _("Received UDP packets on port %hd from unknown source %x:%hd"), myself->port, ntohl(from.sin_addr.s_addr), ntohs(from.sin_port));
return 0; return;
}
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), lenin,
cl->name, cl->hostname);
} }
receive_udppacket(cl, &pkt);
cp cp
return xrecv(cl, &pkt);
} }
/* /*
@ -1108,9 +1088,9 @@ cp
if(debug_lvl >= DEBUG_CONNECTIONS) if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_NOTICE, _("Closing connection with %s (%s)"), syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
cl->name, cl->hostname); cl->name, cl->hostname);
cl->status.remove = 1; cl->status.remove = 1;
if(cl->socket) if(cl->socket)
close(cl->socket); close(cl->socket);
if(cl->status.meta) if(cl->status.meta)
@ -1118,7 +1098,7 @@ cp
if(cl->status.meta) if(cl->status.meta)
{ {
/* Find all connections that were lost because they were behind cl /* Find all connections that were lost because they were behind cl
(the connection that was dropped). */ (the connection that was dropped). */
@ -1150,7 +1130,7 @@ cp
} }
/* Check if this was our outgoing connection */ /* Check if this was our outgoing connection */
if(cl->status.outgoing) if(cl->status.outgoing)
{ {
cl->status.outgoing = 0; cl->status.outgoing = 0;
@ -1232,7 +1212,7 @@ cp
} }
connection_add(ncn); connection_add(ncn);
send_id(ncn); send_id(ncn);
cp cp
return 0; return 0;
@ -1263,9 +1243,9 @@ cp
{ {
terminate_connection(p); terminate_connection(p);
return; return;
} }
} }
if(FD_ISSET(myself->meta_socket, f)) if(FD_ISSET(myself->meta_socket, f))
handle_new_meta_connection(); handle_new_meta_connection();
cp cp
@ -1279,7 +1259,7 @@ void handle_tap_input(void)
{ {
vpn_packet_t vp; vpn_packet_t vp;
int lenin; int lenin;
cp cp
if(taptype == TAP_TYPE_TUNTAP) if(taptype == TAP_TYPE_TUNTAP)
{ {
if((lenin = read(tap_fd, vp.data, MTU)) <= 0) if((lenin = read(tap_fd, vp.data, MTU)) <= 0)
@ -1313,7 +1293,7 @@ cp
syslog(LOG_DEBUG, _("Read packet of length %d from tap device"), vp.len); syslog(LOG_DEBUG, _("Read packet of length %d from tap device"), vp.len);
} }
send_packet(ntohl(*((unsigned long*)(&vp.data[30]))), &vp); route_outgoing(&vp);
cp cp
} }
@ -1361,10 +1341,10 @@ cp
} }
sleep(5); sleep(5);
if(setup_network_connections()) if(setup_network_connections())
return; return;
continue; continue;
} }
@ -1383,7 +1363,7 @@ cp
{ {
if(debug_lvl >= DEBUG_STATUS) if(debug_lvl >= DEBUG_STATUS)
syslog(LOG_INFO, _("Regenerating symmetric key")); syslog(LOG_INFO, _("Regenerating symmetric key"));
RAND_bytes(myself->cipher_pktkey, myself->cipher_pktkeylength); RAND_bytes(myself->cipher_pktkey, myself->cipher_pktkeylength);
send_key_changed(myself, NULL); send_key_changed(myself, NULL);
keyexpires = time(NULL) + keylifetime; keyexpires = time(NULL) + keylifetime;

12
src/net.h
View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net.h,v 1.9.4.28 2001/02/27 16:37:28 guus Exp $ $Id: net.h,v 1.9.4.29 2001/03/04 13:59:28 guus Exp $
*/ */
#ifndef __TINC_NET_H__ #ifndef __TINC_NET_H__
@ -47,11 +47,6 @@
#define MAXBUFSIZE 4096 /* Probably way too much, but it must fit every possible request. */ #define MAXBUFSIZE 4096 /* Probably way too much, but it must fit every possible request. */
/* flags */
#define INDIRECTDATA 0x0001 /* Used to indicate that this host has to be reached indirect */
#define EXPORTINDIRECTDATA 0x0002 /* Used to indicate uplink that it has to tell others to do INDIRECTDATA */
#define TCPONLY 0x0004 /* Tells sender to send packets over TCP instead of UDP (for firewalls) */
/* tap types */ /* tap types */
#define TAP_TYPE_ETHERTAP 0 #define TAP_TYPE_ETHERTAP 0
#define TAP_TYPE_TUNTAP 1 #define TAP_TYPE_TUNTAP 1
@ -112,8 +107,9 @@ extern char *status_text[10];
extern int str2opt(const char *); extern int str2opt(const char *);
extern char *opt2str(int); extern char *opt2str(int);
extern int send_packet(ip_t, vpn_packet_t *); extern void send_packet(connection_t *, vpn_packet_t *);
extern int receive_packet(connection_t *, vpn_packet_t *); extern void receive_packet(connection_t *, vpn_packet_t *);
extern void accept_packet(vpn_packet_t *);
extern int setup_network_connections(void); extern int setup_network_connections(void);
extern void close_network_connections(void); extern void close_network_connections(void);
extern void main_loop(void); extern void main_loop(void);

18
src/protocol.c
View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol.c,v 1.28.4.84 2001/03/02 11:25:56 guus Exp $ $Id: protocol.c,v 1.28.4.85 2001/03/04 13:59:28 guus Exp $
*/ */
#include "config.h" #include "config.h"
@ -119,7 +119,7 @@ int receive_request(connection_t *cl)
cp cp
if(sscanf(cl->buffer, "%d", &request) == 1) if(sscanf(cl->buffer, "%d", &request) == 1)
{ {
if((request < 0) || (request > 255) || (request_handlers[request] == NULL)) if((request < 0) || (request >= LAST) || (request_handlers[request] == NULL))
{ {
syslog(LOG_ERR, _("Unknown request from %s (%s)"), syslog(LOG_ERR, _("Unknown request from %s (%s)"),
cl->name, cl->hostname); cl->name, cl->hostname);
@ -1264,7 +1264,7 @@ cp
int send_tcppacket(connection_t *cl, vpn_packet_t *packet) int send_tcppacket(connection_t *cl, vpn_packet_t *packet)
{ {
int x; int x;
cp
x = send_request(cl->nexthop, "%d %hd", PACKET, packet->len); x = send_request(cl->nexthop, "%d %hd", PACKET, packet->len);
if(x) if(x)
@ -1278,8 +1278,8 @@ int tcppacket_h(connection_t *cl)
vpn_packet_t packet; vpn_packet_t packet;
char *p; char *p;
int todo, x; int todo, x;
cp
if(sscanf(cl->buffer, "%*d %hd", packet.len) != 1) if(sscanf(cl->buffer, "%*d %hd", &packet.len) != 1)
{ {
syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"), cl->name, cl->hostname); syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"), cl->name, cl->hostname);
return -1; return -1;
@ -1289,7 +1289,7 @@ int tcppacket_h(connection_t *cl)
p = packet.data; p = packet.data;
todo = packet.len; todo = packet.len;
while(todo) while(todo)
{ {
x = read(cl->meta_socket, p, todo); x = read(cl->meta_socket, p, todo);
@ -1299,7 +1299,7 @@ int tcppacket_h(connection_t *cl)
if(x==0) if(x==0)
syslog(LOG_NOTICE, _("Connection closed by %s (%s)"), cl->name, cl->hostname); syslog(LOG_NOTICE, _("Connection closed by %s (%s)"), cl->name, cl->hostname);
else else
if(errno==EINTR) if(errno==EINTR || errno==EAGAIN) /* FIXME: select() or poll() or reimplement this evil hack */
continue; continue;
else else
syslog(LOG_ERR, _("Error during reception of PACKET from %s (%s): %m"), cl->name, cl->hostname); syslog(LOG_ERR, _("Error during reception of PACKET from %s (%s): %m"), cl->name, cl->hostname);
@ -1311,7 +1311,9 @@ int tcppacket_h(connection_t *cl)
p += x; p += x;
} }
return receive_packet(cl, &packet); receive_packet(cl, &packet);
cp
return 0;
} }
/* Jumptable for the request handlers */ /* Jumptable for the request handlers */

89
src/route.c
View file

@ -17,11 +17,12 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: route.c,v 1.1.2.6 2001/01/07 17:09:06 guus Exp $ $Id: route.c,v 1.1.2.7 2001/03/04 13:59:32 guus Exp $
*/ */
#include "config.h" #include "config.h"
#include <netinet/in.h>
#include <utils.h> #include <utils.h>
#include <xalloc.h> #include <xalloc.h>
#include <syslog.h> #include <syslog.h>
@ -34,15 +35,15 @@
#include "system.h" #include "system.h"
int routing_mode = RMODE_ROUTER; int routing_mode = RMODE_ROUTER;
subnet_t mymac;
void learn_mac(connection_t *source, mac_t *address) void learn_mac(connection_t *source, mac_t *address)
{ {
connection_t *old;
subnet_t *subnet; subnet_t *subnet;
cp cp
old = lookup_subnet_mac(address)->owner; subnet = lookup_subnet_mac(address);
if(!old) if(!subnet)
{ {
subnet = new_subnet(); subnet = new_subnet();
subnet->type = SUBNET_MAC; subnet->type = SUBNET_MAC;
@ -50,23 +51,22 @@ cp
memcpy(&subnet->net.mac.address, address, sizeof(mac_t)); memcpy(&subnet->net.mac.address, address, sizeof(mac_t));
subnet_add(source, subnet); subnet_add(source, subnet);
if(DEBUG_LVL >= DEBUG_TRAFFIC) if(debug_lvl >= DEBUG_TRAFFIC)
{ {
syslog(LOG_DEBUG, _("Learned new MAC address %x:%x:%x:%x:%x:%x from %s (%s)"), syslog(LOG_DEBUG, _("Learned new MAC address %x:%x:%x:%x:%x:%x from %s (%s)"),
address->address.x[0], address->x[0],
address->address.x[1], address->x[1],
address->address.x[2], address->x[2],
address->address.x[3], address->x[3],
address->address.x[4], address->x[4],
address->address.x[5], address->x[5],
cl->name, cl->hostname); source->name, source->hostname);
} }
} }
} }
connection_t *route_mac(connection_t *source, vpn_packet_t *packet) connection_t *route_mac(connection_t *source, vpn_packet_t *packet)
{ {
connection_t *oldsrc, *dst;
subnet_t *subnet; subnet_t *subnet;
cp cp
/* Learn source address */ /* Learn source address */
@ -75,39 +75,47 @@ cp
/* Lookup destination address */ /* Lookup destination address */
dst = lookup_subnet_mac((mac_t *)(&packet->data[6]))->owner; subnet = lookup_subnet_mac((mac_t *)(&packet->data[6]));
if(!dst) if(!subnet)
if(debug_lvl >= DEBUG_TRAFFIC) {
{ if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_WARNING, _("Cannot route packet: unknown destination address %x:%x:%x:%x:%x:%x"), {
packet->data[6], syslog(LOG_WARNING, _("Cannot route packet: unknown destination address %x:%x:%x:%x:%x:%x"),
packet->data[7], packet->data[6],
packet->data[8], packet->data[7],
packet->data[9], packet->data[8],
packet->data[10], packet->data[9],
packet->data[11]); packet->data[10],
} packet->data[11]);
}
return NULL;
}
cp cp
return dst; return subnet->owner;
} }
connection_t *route_ipv4(vpn_packet_t *packet) connection_t *route_ipv4(vpn_packet_t *packet)
{ {
ipv4_t dest; ipv4_t dest;
connection_t *cl; subnet_t *subnet;
cp cp
dest = ntohl(*((unsigned long*)(&packet->data[30]))); dest = ntohl(*((unsigned long*)(&packet->data[30])));
cl = lookup_subnet_ipv4(&dest)->owner; subnet = lookup_subnet_ipv4(&dest);
if(!cl)
if(debug_lvl >= DEBUG_TRAFFIC) if(!subnet)
{ {
syslog(LOG_WARNING, _("Cannot route packet: unknown destination address %d.%d.%d.%d"), if(debug_lvl >= DEBUG_TRAFFIC)
packet->data[30], packet->data[31], packet->data[32], packet->data[33]); {
} syslog(LOG_WARNING, _("Cannot route packet: unknown destination address %d.%d.%d.%d"),
packet->data[30], packet->data[31], packet->data[32], packet->data[33]);
}
return NULL;
}
cp cp
return cl; return subnet->owner;
} }
connection_t *route_ipv6(vpn_packet_t *packet) connection_t *route_ipv6(vpn_packet_t *packet)
@ -124,7 +132,7 @@ cp
void route_outgoing(vpn_packet_t *packet) void route_outgoing(vpn_packet_t *packet)
{ {
unsigned short int type; unsigned short int type;
avl_tree_t *node; avl_node_t *node;
connection_t *cl; connection_t *cl;
cp cp
/* FIXME: multicast? */ /* FIXME: multicast? */
@ -148,11 +156,12 @@ cp
} }
return; return;
} }
send_packet(cl, packet); if(cl)
send_packet(cl, packet);
break; break;
case RMODE_SWITCH: case RMODE_SWITCH:
cl = route_mac(packet); cl = route_mac(myself, packet);
if(cl) if(cl)
send_packet(cl, packet); send_packet(cl, packet);
break; break;
@ -173,8 +182,10 @@ void route_incoming(connection_t *source, vpn_packet_t *packet)
switch(routing_mode) switch(routing_mode)
{ {
case RMODE_SWITCH: case RMODE_SWITCH:
learn_mac(source, &packet->data[0]); learn_mac(source, (mac_t *)(&packet->data[0]));
break; break;
case RMODE_ROUTER:
memcpy(packet->data, mymac.net.mac.address.x, 6);
} }
accept_packet(packet); accept_packet(packet);

7
src/route.h
View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: route.h,v 1.1.2.2 2001/01/07 17:09:06 guus Exp $ $Id: route.h,v 1.1.2.3 2001/03/04 13:59:32 guus Exp $
*/ */
#ifndef __TINC_ROUTE_H__ #ifndef __TINC_ROUTE_H__
@ -31,8 +31,9 @@ enum
}; };
extern int routing_mode; extern int routing_mode;
extern subnet_t mymac;
extern connection_t *route_incoming(connection_t *, vpn_packet_t *); extern void route_incoming(connection_t *, vpn_packet_t *);
extern connection_t *route_outgoing(connection_t *, vpn_packet_t *); extern void route_outgoing(vpn_packet_t *);
#endif /* __TINC_ROUTE_H__ */ #endif /* __TINC_ROUTE_H__ */