j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Updating HEAD branch #4; Merging CABAL -> HEAD.

Browse source
This commit is contained in:
Ivo Timmermans 2002-04-09 15:26:01 +00:00
parent e64ef59df4
commit 462ab530e5
58 changed files with 9898 additions and 2867 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
acconfig.h
View file

@ -36,7 +36,6 @@
/* Define to 1 if you have the stpcpy function. */
#undef HAVE_STPCPY
/* For getopt */
#if HAVE_STDLIB_H
# define getopt system_getopt
@ -44,6 +43,20 @@
# undef getopt
#endif
/* Linux */
#undef HAVE_LINUX
/* FreeBSD */
#undef HAVE_FREEBSD
/* OpenBSD */
#undef HAVE_OPENBSD
/* Solaris */
#undef HAVE_SOLARIS
/* NetBSD */
#undef HAVE_NETBSD
/* Define to the location of the kernel sources */
#undef CONFIG_TINC_KERNELDIR
@ -53,3 +66,12 @@
/* Define to the location of if_tun.h */
#undef LINUX_IF_TUN_H
/* Define to 1 if support for jumbograms is enabled */
#undef ENABLE_JUMBOGRAMS
/* Define to 1 if checkpoint tracing is enabled */
#undef ENABLE_TRACING
/* Define to enable use of old SSLeay_add_all_algorithms() function */
#undef HAVE_SSLEAY_ADD_ALL_ALGORITHMS

3
doc/es/Makefile.am Normal file
View file

@ -0,0 +1,3 @@
## Process this file with automake to get Makefile.in
# Nothing to see here, go away!

15
doc/sample-config/hosts/alpha Normal file
View file

@ -0,0 +1,15 @@
# Sample host configuration file
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.234.35.67
# Portnumber for incoming connections. Default is 655.
Port = 655
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.1.0/24
# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----

16
doc/sample-config/hosts/beta Normal file
View file

@ -0,0 +1,16 @@
# Sample host configuration file
# This file was generated by host beta.
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.45.67.189
# Portnumber for incoming connections. Default is 655.
Port = 6500
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.2.0/24
# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----

1
doc/sample-config/rsa_key.priv Normal file
View file

@ -0,0 +1 @@
# Generate this file with `tincd -n example -K`

4
doc/sample-config/tinc-down Normal file
View file

@ -0,0 +1,4 @@
#!/bin/sh
# This file closes down the tap device.
ifconfig $INTERFACE down

15
doc/sample-config/tinc-up Normal file
View file

@ -0,0 +1,15 @@
#!/bin/sh
# This file sets up the tap device.
# It gives you the freedom to do anything you want with it.
# Use the correct name for the tap device:
# For the Linux tun/tap device $INTERFACE is set to the right name,
# but for ethertap and FreeBSD this is tap0, tap1, tap2 etcetera,
# for Solaris and OpenBSD it is tun0, tun1, etcetera.
# Set hardware ethernet address (required!)
ifconfig $INTERFACE hw ether fe:fd:0:0:0:0
# Give it the right ip and netmask. Remember, the subnet of the
# tap device must be larger than that of the individual Subnets
# as defined in the host configuration file!
ifconfig $INTERFACE 192.168.1.1 netmask 255.255.0.0 -arp

25
doc/sample-config/tinc.conf Normal file
View file

@ -0,0 +1,25 @@
# Sample tinc configuration file
# This is a comment.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.
# The name of this tinc host. Required.
Name = alpha
# The internet host to connect with.
# Comment these out to make yourself a listen-only connection
# You must use the name of another tinc host.
# May be used multiple times for redundance.
ConnectTo = beta
# The tap device tinc will use. Required.
# Default is /dev/tap0 for ethertap or FreeBSD,
# /dev/tun0 for Solaris and OpenBSD,
# and /dev/misc/net/tun for Linux tun/tap device.
Device = /dev/misc/net/tun
# The file in which the private key for this host is stored. Required.
PrivateKeyFile = /etc/tinc/example/rsa_key.priv

723
lib/avl_tree.c Normal file
View file

@ -0,0 +1,723 @@
/*
avl_tree.c -- avl_ tree and linked list convenience
Copyright (C) 1998 Michael H. Buselli
2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>,
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
2000,2001 Wessel Dankers <wsl@nl.linux.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Original AVL tree library by Michael H. Buselli <cosine@cosine.org>.
Modified 2000-11-28 by Wessel Dankers <wsl@nl.linux.org> to use counts
instead of depths, to add the ->next and ->prev and to generally obfuscate
the code. Mail me if you found a bug.
Cleaned up and incorporated some of the ideas from the red-black tree
library for inclusion into tinc (http://tinc.nl.linux.org/) by
Guus Sliepen <guus@sliepen.warande.net>.
$Id: avl_tree.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include <stdio.h>
#include <stdlib.h>
#include <xalloc.h>
#include "avl_tree.h"
#ifdef AVL_COUNT
#define AVL_NODE_COUNT(n) ((n) ? (n)->count : 0)
#define AVL_L_COUNT(n) (AVL_NODE_COUNT((n)->left))
#define AVL_R_COUNT(n) (AVL_NODE_COUNT((n)->right))
#define AVL_CALC_COUNT(n) (AVL_L_COUNT(n) + AVL_R_COUNT(n) + 1)
#endif
#ifdef AVL_DEPTH
#define AVL_NODE_DEPTH(n) ((n) ? (n)->depth : 0)
#define L_AVL_DEPTH(n) (AVL_NODE_DEPTH((n)->left))
#define R_AVL_DEPTH(n) (AVL_NODE_DEPTH((n)->right))
#define AVL_CALC_DEPTH(n) ((L_AVL_DEPTH(n)>R_AVL_DEPTH(n)?L_AVL_DEPTH(n):R_AVL_DEPTH(n)) + 1)
#endif
#ifndef AVL_DEPTH
int lg(unsigned int u)
{
int r = 1;
if (!u)
return 0;
if (u & 0xffff0000)
{
u >>= 16;
r += 16;
}
if (u & 0x0000ff00)
{
u >>= 8;
r += 8;
}
if (u & 0x000000f0)
{
u >>= 4;
r += 4;
}
if (u & 0x0000000c)
{
u >>= 2;
r += 2;
}
if (u & 0x00000002)
r++;
return r;
}
#endif
/* Internal helper functions */
int avl_check_balance(avl_node_t *node)
{
#ifdef AVL_DEPTH
int d;
d = R_AVL_DEPTH(node) - L_AVL_DEPTH(node);
return d < -1 ? -1 : d > 1 ? 1 : 0;
#else
/* int d;
* d = lg(AVL_R_COUNT(node)) - lg(AVL_L_COUNT(node));
* d = d<-1?-1:d>1?1:0;
*/
int pl, r;
pl = lg(AVL_L_COUNT(node));
r = AVL_R_COUNT(node);
if (r >> pl + 1)
return 1;
if (pl < 2 || r >> pl - 2)
return 0;
return -1;
#endif
}
void avl_rebalance(avl_tree_t *tree, avl_node_t *node)
{
avl_node_t *child;
avl_node_t *gchild;
avl_node_t *parent;
avl_node_t **superparent;
parent = node;
while (node)
{
parent = node->parent;
superparent = parent ? node == parent->left ? &parent->left : &parent->right : &tree->root;
switch (avl_check_balance(node))
{
case -1:
child = node->left;
#ifdef AVL_DEPTH
if(L_AVL_DEPTH(child) >= R_AVL_DEPTH(child)) {
#else
if (AVL_L_COUNT(child) >= AVL_R_COUNT(child))
{
#endif
node->left = child->right;
if (node->left)
node->left->parent = node;
child->right = node;
node->parent = child;
*superparent = child;
child->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
#endif
} else
{
gchild = child->right;
node->left = gchild->right;
if (node->left)
node->left->parent = node;
child->right = gchild->left;
if (child->right)
child->right->parent = child;
gchild->right = node;
if (gchild->right)
gchild->right->parent = gchild;
gchild->left = child;
if (gchild->left)
gchild->left->parent = gchild;
*superparent = gchild;
gchild->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
gchild->count = AVL_CALC_COUNT(gchild);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
gchild->depth = AVL_CALC_DEPTH(gchild);
#endif
}
break;
case 1:
child = node->right;
#ifdef AVL_DEPTH
if(R_AVL_DEPTH(child) >= L_AVL_DEPTH(child)) {
#else
if (AVL_R_COUNT(child) >= AVL_L_COUNT(child))
{
#endif
node->right = child->left;
if (node->right)
node->right->parent = node;
child->left = node;
node->parent = child;
*superparent = child;
child->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
#endif
} else
{
gchild = child->left;
node->right = gchild->left;
if (node->right)
node->right->parent = node;
child->left = gchild->right;
if (child->left)
child->left->parent = child;
gchild->left = node;
if (gchild->left)
gchild->left->parent = gchild;
gchild->right = child;
if (gchild->right)
gchild->right->parent = gchild;
*superparent = gchild;
gchild->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
gchild->count = AVL_CALC_COUNT(gchild);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
gchild->depth = AVL_CALC_DEPTH(gchild);
#endif
}
break;
default:
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
#endif
}
node = parent;
}
}
/* (De)constructors */
avl_tree_t *avl_alloc_tree(avl_compare_t compare, avl_action_t delete)
{
avl_tree_t *tree;
tree = xmalloc_and_zero(sizeof(avl_tree_t));
tree->compare = compare;
tree->delete = delete;
return tree;
}
void avl_free_tree(avl_tree_t *tree)
{
free(tree);
}
avl_node_t *avl_alloc_node(void)
{
avl_node_t *node;
node = xmalloc_and_zero(sizeof(avl_node_t));
return node;
}
void avl_free_node(avl_tree_t *tree, avl_node_t *node)
{
if(node->data && tree->delete)
tree->delete(node->data);
free(node);
}
/* Searching */
void *avl_search(const avl_tree_t *tree, const void *data)
{
avl_node_t *node;
node = avl_search_node(tree, data);
return node?node->data:NULL;
}
void *avl_search_closest(const avl_tree_t *tree, const void *data, int *result)
{
avl_node_t *node;
node = avl_search_closest_node(tree, data, result);
return node?node->data:NULL;
}
void *avl_search_closest_smaller(const avl_tree_t *tree, const void *data)
{
avl_node_t *node;
node = avl_search_closest_smaller_node(tree, data);
return node?node->data:NULL;
}
void *avl_search_closest_greater(const avl_tree_t *tree, const void *data)
{
avl_node_t *node;
node = avl_search_closest_greater_node(tree, data);
return node?node->data:NULL;
}
avl_node_t *avl_search_node(const avl_tree_t *tree, const void *data)
{
avl_node_t *node;
int result;
node = avl_search_closest_node(tree, data, &result);
return result?NULL:node;
}
avl_node_t *avl_search_closest_node(const avl_tree_t *tree, const void *data, int *result)
{
avl_node_t *node;
int c;
node = tree->root;
if (!node)
{
if(result)
*result = 0;
return NULL;
}
for (;;)
{
c = tree->compare(data, node->data);
if (c < 0)
{
if (node->left)
node = node->left;
else
{
if(result)
*result = -1;
break;
}
}
else if (c > 0)
{
if (node->right)
node = node->right;
else
{
if(result)
*result = 1;
break;
}
}
else
{
if(result)
*result = 0;
break;
}
}
return node;
}
avl_node_t *avl_search_closest_smaller_node(const avl_tree_t *tree, const void *data)
{
avl_node_t *node;
int result;
node = avl_search_closest_node(tree, data, &result);
if(result < 0)
node = node->prev;
return node;
}
avl_node_t *avl_search_closest_greater_node(const avl_tree_t *tree, const void *data)
{
avl_node_t *node;
int result;
node = avl_search_closest_node(tree, data, &result);
if(result > 0)
node = node->next;
return node;
}
/* Insertion and deletion */
avl_node_t *avl_insert(avl_tree_t *tree, void *data)
{
avl_node_t *closest, *new;
int result;
if (!tree->root)
{
new = avl_alloc_node();
new->data = data;
avl_insert_top(tree, new);
}
else
{
closest = avl_search_closest_node(tree, data, &result);
switch(result)
{
case -1:
new = avl_alloc_node();
new->data = data;
avl_insert_before(tree, closest, new);
break;
case 1:
new = avl_alloc_node();
new->data = data;
avl_insert_after(tree, closest, new);
break;
default:
return NULL;
}
}
#ifdef AVL_COUNT
new->count = 1;
#endif
#ifdef AVL_DEPTH
new->depth = 1;
#endif
return new;
}
avl_node_t *avl_insert_node(avl_tree_t *tree, avl_node_t *node)
{
avl_node_t *closest;
int result;
if (!tree->root)
avl_insert_top(tree, node);
else
{
closest = avl_search_closest_node(tree, node->data, &result);
switch(result)
{
case -1:
avl_insert_before(tree, closest, node);
break;
case 1:
avl_insert_after(tree, closest, node);
break;
case 0:
return NULL;
}
}
#ifdef AVL_COUNT
node->count = 1;
#endif
#ifdef AVL_DEPTH
node->depth = 1;
#endif
return node;
}
void avl_insert_top(avl_tree_t *tree, avl_node_t *node)
{
node->prev = node->next = node->parent = NULL;
tree->head = tree->tail = tree->root = node;
}
void avl_insert_before(avl_tree_t *tree, avl_node_t *before, avl_node_t *node)
{
if (!before)
return tree->tail ? avl_insert_after(tree, tree->tail, node) : avl_insert_top(tree, node);
node->next = before;
node->parent = before;
node->prev = before->prev;
if(before->left)
return avl_insert_after(tree, before->prev, node);
if (before->prev)
before->prev->next = node;
else
tree->head = node;
before->prev = node;
before->left = node;
avl_rebalance(tree, before->parent);
}
void avl_insert_after(avl_tree_t *tree, avl_node_t *after, avl_node_t *node)
{
if (!after)
return tree->head ? avl_insert_before(tree, tree->head, node) : avl_insert_top(tree, node);
if(after->right)
return avl_insert_before(tree, after->next, node);
node->prev = after;
node->parent = after;
node->next = after->next;
if (after->next)
after->next->prev = node;
else
tree->tail = node;
after->next = node;
after->right = node;
avl_rebalance(tree, after->parent);
}
avl_node_t *avl_unlink(avl_tree_t *tree, void *data)
{
avl_node_t *node;
node = avl_search_node(tree, data);
if(node)
avl_unlink_node(tree, node);
return node;
}
void avl_unlink_node(avl_tree_t *tree, avl_node_t *node)
{
avl_node_t *parent;
avl_node_t **superparent;
avl_node_t *subst, *left, *right;
avl_node_t *balnode;
if (node->prev)
node->prev->next = node->next;
else
tree->head = node->next;
if (node->next)
node->next->prev = node->prev;
else
tree->tail = node->prev;
parent = node->parent;
superparent = parent ? node == parent->left ? &parent->left : &parent->right : &tree->root;
left = node->left;
right = node->right;
if (!left)
{
*superparent = right;
if (right)
right->parent = parent;
balnode = parent;
} else if (!right)
{
*superparent = left;
left->parent = parent;
balnode = parent;
} else
{
subst = node->prev;
if (subst == left)
{
balnode = subst;
} else
{
balnode = subst->parent;
balnode->right = subst->left;
if (balnode->right)
balnode->right->parent = balnode;
subst->left = left;
left->parent = subst;
}
subst->right = right;
subst->parent = parent;
right->parent = subst;
*superparent = subst;
}
avl_rebalance(tree, balnode);
node->next = node->prev = node->parent = node->left = node->right = NULL;
#ifdef AVL_COUNT
node->count = 0;
#endif
#ifdef AVL_DEPTH
node->depth = 0;
#endif
}
void avl_delete_node(avl_tree_t *tree, avl_node_t *node)
{
avl_unlink_node(tree, node);
avl_free_node(tree, node);
}
void avl_delete(avl_tree_t *tree, void *data)
{
avl_node_t *node;
node = avl_search_node(tree, data);
if (node)
avl_delete_node(tree, node);
}
/* Fast tree cleanup */
void avl_delete_tree(avl_tree_t *tree)
{
avl_node_t *node, *next;
for(node = tree->root; node; node = next)
{
next = node->next;
avl_free_node(tree, node);
}
avl_free_tree(tree);
}
/* Tree walking */
void avl_foreach(avl_tree_t *tree, avl_action_t action)
{
avl_node_t *node, *next;
for(node = tree->head; node; node = next)
{
next = node->next;
action(node->data);
}
}
void avl_foreach_node(avl_tree_t *tree, avl_action_t action)
{
avl_node_t *node, *next;
for(node = tree->head; node; node = next)
{
next = node->next;
action(node);
}
}
/* Indexing */
#ifdef AVL_COUNT
unsigned int avl_count(avl_tree_t *tree)
{
return AVL_NODE_COUNT(tree->root);
}
avl_node_t *avl_get_node(const avl_tree_t *tree, unsigned int index)
{
avl_node_t *node;
unsigned int c;
node = tree->root;
while (node)
{
c = AVL_L_COUNT(node);
if (index < c)
{
node = node->left;
} else if (index > c)
{
node = node->right;
index -= c + 1;
} else
{
return node;
}
}
return NULL;
}
unsigned int avl_index(const avl_node_t *node)
{
avl_node_t *next;
unsigned int index;
index = AVL_L_COUNT(node);
while ((next = node->parent))
{
if (node == next->right)
index += AVL_L_COUNT(next) + 1;
node = next;
}
return index;
}
#endif
#ifdef AVL_DEPTH
unsigned int avl_depth(avl_tree_t *tree)
{
return AVL_NODE_DEPTH(tree->root);
}
#endif

145
lib/avl_tree.h Normal file
View file

@ -0,0 +1,145 @@
/*
avl_tree.h -- header file for avl_tree.c
Copyright (C) 1998 Michael H. Buselli
2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>,
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
2000,2001 Wessel Dankers <wsl@nl.linux.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Original AVL tree library by Michael H. Buselli <cosine@cosine.org>.
Modified 2000-11-28 by Wessel Dankers <wsl@nl.linux.org> to use counts
instead of depths, to add the ->next and ->prev and to generally obfuscate
the code. Mail me if you found a bug.
Cleaned up and incorporated some of the ideas from the red-black tree
library for inclusion into tinc (http://tinc.nl.linux.org/) by
Guus Sliepen <guus@sliepen.warande.net>.
$Id: avl_tree.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __AVL_TREE_H__
#define __AVL_TREE_H__
#ifndef AVL_DEPTH
#ifndef AVL_COUNT
#define AVL_DEPTH
#endif
#endif
typedef struct avl_node_t {
/* Linked list part */
struct avl_node_t *next;
struct avl_node_t *prev;
/* Tree part */
struct avl_node_t *parent;
struct avl_node_t *left;
struct avl_node_t *right;
#ifdef AVL_COUNT
unsigned int count;
#endif
#ifdef AVL_DEPTH
unsigned char depth;
#endif
/* Payload */
void *data;
} avl_node_t;
typedef int (*avl_compare_t) (const void *, const void *);
typedef void (*avl_action_t) (const void *);
typedef void (*avl_action_node_t) (const avl_node_t *);
typedef struct avl_tree_t {
/* Linked list part */
avl_node_t *head;
avl_node_t *tail;
/* Tree part */
avl_node_t *root;
avl_compare_t compare;
avl_action_t delete;
} avl_tree_t;
/* (De)constructors */
extern avl_tree_t *avl_alloc_tree(avl_compare_t, avl_action_t);
extern void avl_free_tree(avl_tree_t *);
extern avl_node_t *avl_alloc_node(void);
extern void avl_free_node(avl_tree_t *tree, avl_node_t *);
/* Insertion and deletion */
extern avl_node_t *avl_insert(avl_tree_t *, void *);
extern avl_node_t *avl_insert_node(avl_tree_t *, avl_node_t *);
extern void avl_insert_top(avl_tree_t *, avl_node_t *);
extern void avl_insert_before(avl_tree_t *, avl_node_t *, avl_node_t *);
extern void avl_insert_after(avl_tree_t *, avl_node_t *, avl_node_t *);
extern avl_node_t *avl_unlink(avl_tree_t *, void *);
extern void avl_unlink_node(avl_tree_t *tree, avl_node_t *);
extern void avl_delete(avl_tree_t *, void *);
extern void avl_delete_node(avl_tree_t *, avl_node_t *);
/* Fast tree cleanup */
extern void avl_delete_tree(avl_tree_t *);
/* Searching */
extern void *avl_search(const avl_tree_t *, const void *);
extern void *avl_search_closest(const avl_tree_t *, const void *, int *);
extern void *avl_search_closest_smaller(const avl_tree_t *, const void *);
extern void *avl_search_closest_greater(const avl_tree_t *, const void *);
extern avl_node_t *avl_search_node(const avl_tree_t *, const void *);
extern avl_node_t *avl_search_closest_node(const avl_tree_t *, const void *, int *);
extern avl_node_t *avl_search_closest_smaller_node(const avl_tree_t *, const void *);
extern avl_node_t *avl_search_closest_greater_node(const avl_tree_t *, const void *);
/* Tree walking */
extern void avl_foreach(avl_tree_t *, avl_action_t);
extern void avl_foreach_node(avl_tree_t *, avl_action_t);
/* Indexing */
#ifdef AVL_COUNT
extern unsigned int avl_count(avl_tree_t *);
extern avl_node_t *avl_get_node(const avl_tree_t *, unsigned int);
extern unsigned int avl_index(const avl_node_t *);
#endif
#ifdef AVL_DEPTH
extern unsigned int avl_depth(avl_tree_t *);
#endif
#endif /* __AVL_TREE_H__ */

171
lib/dropin.c Normal file
View file

@ -0,0 +1,171 @@
/*
dropin.c -- a set of drop-in replacements for libc functions
Copyright (C) 2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>,
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: dropin.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <xalloc.h>
#include <system.h>
#include <errno.h>
#ifndef HAVE_DAEMON
/*
Replacement for the daemon() function.
The daemon() function is for programs wishing to detach themselves
from the controlling terminal and run in the background as system
daemons.
Unless the argument nochdir is non-zero, daemon() changes the
current working directory to the root (``/'').
Unless the argument noclose is non-zero, daemon() will redirect
standard input, standard output and standard error to /dev/null.
*/
int daemon(int nochdir, int noclose)
{
pid_t pid;
int fd;
pid = fork();
/* Check if forking failed */
if(pid < 0)
{
perror("fork");
exit(-1);
}
/* If we are the parent, terminate */
if(pid)
exit(0);
/* Detach by becoming the new process group leader */
if(setsid() < 0)
{
perror("setsid");
return -1;
}
/* Change working directory to the root (to avoid keeping mount
points busy) */
if(!nochdir)
{
chdir("/");
}
/* Redirect stdin/out/err to /dev/null */
if(!noclose)
{
fd = open("/dev/null", O_RDWR);
if(fd < 0)
{
perror("opening /dev/null");
return -1;
}
else
{
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
}
}
return 0;
}
#endif
#ifndef HAVE_GET_CURRENT_DIR_NAME
/*
Replacement for the GNU get_current_dir_name function:
get_current_dir_name will malloc(3) an array big enough to hold the
current directory name. If the environment variable PWD is set, and
its value is correct, then that value will be returned.
*/
char *get_current_dir_name(void)
{
size_t size;
char *buf;
char *r;
/* Start with 100 bytes. If this turns out to be insufficient to
contain the working directory, double the size. */
size = 100;
buf = xmalloc(size);
errno = 0; /* Success */
r = getcwd(buf, size);
/* getcwd returns NULL and sets errno to ERANGE if the bufferspace
is insufficient to contain the entire working directory. */
while(r == NULL && errno == ERANGE)
{
free(buf);
size <<= 1; /* double the size */
buf = xmalloc(size);
r = getcwd(buf, size);
}
return buf;
}
#endif
#ifndef HAVE_ASPRINTF
int asprintf(char **buf, const char *fmt, ...)
{
int status;
va_list ap;
int len;
len = 4096;
*buf = xmalloc(len);
va_start(ap, fmt);
status = vsnprintf (*buf, len, fmt, ap);
va_end (ap);
if(status >= 0)
*buf = xrealloc(*buf, status);
if(status > len-1)
{
len = status;
va_start(ap, fmt);
status = vsnprintf (*buf, len, fmt, ap);
va_end (ap);
}
return status;
}
#endif

38
lib/dropin.h Normal file
View file

@ -0,0 +1,38 @@
/*
dropin.h -- header file for dropin.c
Copyright (C) 2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>,
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: dropin.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __DROPIN_H__
#define __DROPIN_H__
#ifndef HAVE_DAEMON
extern int daemon(int, int);
#endif
#ifndef HAVE_GET_CURRENT_DIR_NAME
extern char* get_current_dir_name(void);
#endif
#ifndef HAVE_ASPRINTF
extern int asprintf(char **, const char *, ...);
#endif
#endif /* __DROPIN_H__ */

265
lib/list.c
View file

@ -1,7 +1,7 @@
/*
list.c -- functions to deal with double linked lists
Copyright (C) 2000 Ivo Timmermans <itimmermans@bigfoot.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,130 +17,181 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: list.c,v 1.1 2000/10/20 16:44:32 zarq Exp $
$Id: list.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <string.h>
#include <stdlib.h>
#include <error.h>
#include <list.h>
#include <xalloc.h>
#include <system.h>
/*
list_new
#include "list.h"
Initialize a new list.
*/
list_t *list_new(void)
/* (De)constructors */
list_t *list_alloc(list_action_t delete)
{
list_t *list;
list = xmalloc_and_zero(sizeof(list_t));
list->delete = delete;
return list;
}
/*
list_delete
Delete the element pointed to by idx from the list.
*/
list_node_t *list_delete(list_t *list, list_node_t *idx)
void list_free(list_t *list)
{
list_node_t *res;
if(!list)
return NULL;
if(!idx)
return NULL;
if(list->callbacks->delete != NULL)
if(list->callbacks->delete(idx->data))
error(ERR_WARNING, N_("List callback[delete] failed for %08lx - freeing anyway"), idx->data);
free(idx->data);
if(idx->prev == NULL)
/* First element in list */
{
res = idx->next;
list->head = idx->next;
}
if(idx->next == NULL)
/* Last element in list */
{
res = NULL;
list->tail = idx->prev;
}
if(idx->prev != NULL && idx->next != NULL)
/* Neither first nor last element */
{
idx->prev->next = idx->next;
idx->next->prev = idx->prev;
}
if(list->head == NULL)
list->tail = NULL;
else
if(list->tail == NULL)
list->head = NULL;
free(idx);
return res;
}
/*
list_forall_nodes
Call function() on each element in the list. If this function
returns non-zero, the element will be removed from the list.
*/
void list_forall_nodes(list_t *list, int (*function)(void *data))
{
list_node_t *p;
int res;
if(!list) /* no list given */
return;
if(!function) /* no function given */
return;
if(!list->head) /* list is empty */
return;
for(p = list->head; p != NULL; p = p->next)
{
res = function(p->data);
if(res != 0)
p = list_delete(list, p);
}
}
/*
list_destroy
Free all datastructures contained in this list. It uses the delete
callback for this list to free each element.
*/
void list_destroy(list_t *list)
{
if(!list)
return;
list_destroy_nodes(list);
free(list);
}
/*
list_append
Append a new node to the list that points to data.
*/
list_append(list_t *list, void *data)
list_node_t *list_alloc_node(void)
{
list_node_t *n;
n = xmalloc_and_zero(sizeof(list_node_t));
n->data = data;
n->prev = list->tail;
list->tail->next = n;
list->tail = n;
list_node_t *node;
node = xmalloc_and_zero(sizeof(list_node_t));
return node;
}
void list_free_node(list_t *list, list_node_t *node)
{
if(node->data && list->delete)
list->delete(node->data);
free(node);
}
/* Insertion and deletion */
list_node_t *list_insert_head(list_t *list, void *data)
{
list_node_t *node;
node = list_alloc_node();
node->data = data;
node->prev = NULL;
node->next = list->head;
list->head = node;
if(node->next)
node->next->prev = node;
else
list->tail = node;
list->count++;
return node;
}
list_node_t *list_insert_tail(list_t *list, void *data)
{
list_node_t *node;
node = list_alloc_node();
node->data = data;
node->next = NULL;
node->prev = list->tail;
list->tail = node;
if(node->prev)
node->prev->next = node;
else
list->head = node;
list->count++;
return node;
}
void list_unlink_node(list_t *list, list_node_t *node)
{
if(node->prev)
node->prev->next = node->next;
else
list->head = node->next;
if(node->next)
node->next->prev = node->prev;
else
list->tail = node->prev;
list->count--;
}
void list_delete_node(list_t *list, list_node_t *node)
{
list_unlink_node(list, node);
list_free_node(list, node);
}
void list_delete_head(list_t *list)
{
list_delete_node(list, list->head);
}
void list_delete_tail(list_t *list)
{
list_delete_node(list, list->tail);
}
/* Head/tail lookup */
void *list_get_head(list_t *list)
{
if(list->head)
return list->head->data;
else
return NULL;
}
void *list_get_tail(list_t *list)
{
if(list->tail)
return list->tail->data;
else
return NULL;
}
/* Fast list deletion */
void list_delete_list(list_t *list)
{
list_node_t *node, *next;
for(node = list->head; node; node = next)
{
next = node->next;
list_free_node(list, node);
}
list_free(list);
}
/* Traversing */
void list_foreach_node(list_t *list, list_action_node_t action)
{
list_node_t *node, *next;
for(node = list->head; node; node = next)
{
next = node->next;
action(node);
}
}
void list_foreach(list_t *list, list_action_t action)
{
list_node_t *node, *next;
for(node = list->head; node; node = next)
{
next = node->next;
if(node->data)
action(node->data);
}
}

60
lib/list.h
View file

@ -1,7 +1,7 @@
/*
list.h -- header file for list.c
Copyright (C) 2000 Ivo Timmermans <itimmermans@bigfoot.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,28 +17,66 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: list.h,v 1.1 2000/10/20 16:44:32 zarq Exp $
$Id: list.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_LIST_H__
#define __TINC_LIST_H__
typedef struct list_callbacks_t {
int (*delete) (void *);
} list_callbacks_t;
typedef struct list_node_t {
void *data;
typedef struct list_node_t
{
struct list_node_t *prev;
struct list_node_t *next;
/* Payload */
void *data;
} list_node_t;
typedef struct list_t {
typedef void (*list_action_t) (const void *);
typedef void (*list_action_node_t) (const list_node_t *);
typedef struct list_t
{
list_node_t *head;
list_node_t *tail;
list_callbacks_t *callbacks;
int count;
/* Callbacks */
list_action_t delete;
} list_t;
/* (De)constructors */
extern list_t *list_alloc(list_action_t);
extern void list_free(list_t *);
extern list_node_t *list_alloc_node(void);
extern void list_free_node(list_t *, list_node_t *);
/* Insertion and deletion */
extern list_node_t *list_insert_head(list_t *, void *);
extern list_node_t *list_insert_tail(list_t *, void *);
extern void list_unlink_node(list_t *, list_node_t *);
extern void list_delete_node(list_t *, list_node_t *);
extern void list_delete_head(list_t *);
extern void list_delete_tail(list_t *);
/* Head/tail lookup */
extern void *list_get_head(list_t *);
extern void *list_get_tail(list_t *);
/* Fast list deletion */
extern void list_delete_list(list_t *);
/* Traversing */
extern void list_foreach(list_t *, list_action_t);
extern void list_foreach_node(list_t *, list_action_node_t);
#endif /* __TINC_LIST_H__ */

9
lib/pidfile.c
View file

@ -32,6 +32,8 @@
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <sys/types.h>
#include <fcntl.h>
/* read_pid
*
@ -71,6 +73,7 @@ int check_pid (char *pidfile)
* be found -- GW
*/
/* But... errno is usually changed only on error.. */
errno = 0;
if (kill(pid, 0) && errno == ESRCH)
return(0);
@ -93,13 +96,15 @@ int write_pid (char *pidfile)
fprintf(stderr, "Can't open or create %s.\n", pidfile);
return 0;
}
#ifdef HAVE_FLOCK
if (flock(fd, LOCK_EX|LOCK_NB) == -1) {
fscanf(f, "%d", &pid);
fclose(f);
printf("Can't lock, lock is held by pid %d.\n", pid);
return 0;
}
#endif
pid = getpid();
if (!fprintf(f,"%d\n", pid)) {
@ -109,11 +114,13 @@ int write_pid (char *pidfile)
}
fflush(f);
#ifdef HAVE_FLOCK
if (flock(fd, LOCK_UN) == -1) {
printf("Can't unlock pidfile %s, %s.\n", pidfile, strerror(errno));
close(fd);
return 0;
}
#endif
close(fd);
return pid;

596
lib/rbl.c Normal file
View file

@ -0,0 +1,596 @@
/*
rbl.c -- red-black tree + linked list convenience
Copyright (C) 2000 Ivo Timmermans <itimmermans@bigfoot.com>,
2000 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: rbl.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <xalloc.h>
#include "rbl.h"
#include <system.h>
/* Allocate a new rbl node */
rbl_t *new_rbl()
{
return (rbl_t *)xmalloc_and_zero(sizeof(rbl_t));
}
/* Free a rbl node */
void free_rbl(rbl_t *rbl)
{
if(rbl->data && rbl->tree->delete)
rbl->tree->delete(rbl->data);
free(rbl);
}
/* Allocate a new rbltree header */
rbltree_t *new_rbltree(rbl_compare_t compare, rbl_action_t delete)
{
rbltree_t *tree;
tree = (rbltree_t *)xmalloc_and_zero(sizeof(rbltree_t));
if(tree)
{
tree->compare = compare;
tree->delete = delete;
}
return tree;
}
/* Free a rbltree header */
void free_rbltree(rbltree_t *tree)
{
free(tree);
}
/* Search closest match in the tree */
rbl_t *rbl_search_closest_rbl(rbltree_t *tree, void *data)
{
rbl_t *rbl, *next;
int result;
next = rbl = tree->top;
while(next)
{
rbl = next;
result = tree->compare(data, rbl->data);
if(result < 0)
next = rbl->left;
else if(result > 0)
next = rbl->right;
else
break;
}
return rbl;
}
/* Search closest match in the tree */
rbl_t *rbl_search_closest_greater_rbl(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_closest_rbl(tree, data);
if(rbl)
{
if(tree->compare(data, rbl->data) > 0)
rbl = rbl->next;
}
return rbl;
}
/* Search closest match in the tree */
rbl_t *rbl_search_closest_smaller_rbl(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_closest_rbl(tree, data);
if(rbl)
{
if(tree->compare(data, rbl->data) < 0)
rbl = rbl->next;
}
return rbl;
}
void *rbl_search_closest(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_closest_rbl(tree, data);
if(rbl)
return rbl->data;
else
return NULL;
}
void *rbl_search_closest_greater(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_closest_greater_rbl(tree, data);
if(rbl)
return rbl->data;
else
return NULL;
}
void *rbl_search_closest_smaller(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_closest_smaller_rbl(tree, data);
if(rbl)
return rbl->data;
else
return NULL;
}
/* Search exact match or return NULL pointer */
rbl_t *rbl_search_rbl(rbltree_t *tree, void *data)
{
rbl_t *rbl;
int result;
rbl = tree->top;
while(rbl)
{
result = tree->compare(data, rbl->data);
if(result < 0)
rbl = rbl->left;
else if(result > 0)
rbl = rbl->right;
else
return rbl;
}
return NULL;
}
void *rbl_search(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_rbl(tree, data);
if(rbl)
return rbl->data;
else
return NULL;
}
/* Red-black tree operations taken from Introduction to Algorithms,
Cormen, Leiserson & Rivest, chapter 14.
*/
void rbl_left_rotate(rbl_t *x)
{
rbl_t *y;
y = x->right;
x->right = y->left;
if(y->left)
y->left->parent = x;
y->parent = x->parent;
if(!x->parent)
x->tree->top = y;
else
if(x == x->parent->left)
x->parent->left = y;
else
x->parent->right = y;
y->left = x;
x->parent = y;
}
void rbl_right_rotate(rbl_t *y)
{
rbl_t *x;
x = y->left;
y->left = x->right;
if(x->right)
x->right->parent = y;
x->parent = y->parent;
if(!y->parent)
y->tree->top = x;
else
if(y == y->parent->right)
y->parent->right = x;
else
y->parent->left = x;
x->right = y;
y->parent = x;
}
/* Insert a node into the rbl tree */
rbl_t *rbl_insert_rbl(rbltree_t *tree, rbl_t *rbl)
{
rbl_t *closest, *x, *y;
int result;
rbl->tree = tree;
/* Binary tree and linked list insert */
if(tree->top)
{
closest = rbl_search_closest_rbl(tree, rbl->data);
result = tree->compare(rbl->data, closest->data);
if(result < 0)
{
closest->left = rbl;
rbl->prev = closest->prev;
rbl->next = closest;
closest->prev = rbl;
if(rbl->prev)
rbl->prev->next = rbl;
else
tree->head = rbl;
}
else if(result > 0)
{
closest->right = rbl;
rbl->next = closest->next;
rbl->prev = closest;
closest->next = rbl;
if(rbl->next)
rbl->next->prev = rbl;
else
tree->tail = rbl;
}
else
return closest; /* Ofcourse, we cannot add two identical things */
rbl->parent = closest;
}
else
{
tree->top = rbl;
tree->head = rbl;
tree->tail = rbl;
}
/* Red-black part of insert */
x = rbl;
x->color = RBL_RED;
while(x != tree->top && x->parent->color == RBL_RED)
{
if(x->parent == x->parent->parent->left)
{
y = x->parent->parent->right;
if(y && y->color == RBL_RED)
{
x->parent->color = RBL_BLACK;
y->color = RBL_BLACK;
x->parent->parent->color = RBL_RED;
x = x->parent->parent;
}
else
{
if(x == x->parent->right)
{
x = x->parent;
rbl_left_rotate(x);
}
x->parent->color = RBL_BLACK;
x->parent->parent->color = RBL_RED;
rbl_right_rotate(x->parent->parent);
}
}
else
{
y = x->parent->parent->left;
if(y && y->color == RBL_RED)
{
x->parent->color = RBL_BLACK;
y->color = RBL_BLACK;
x->parent->parent->color = RBL_RED;
x = x->parent->parent;
}
else
{
if(x == x->parent->left)
{
x = x->parent;
rbl_right_rotate(x);
}
x->parent->color = RBL_BLACK;
x->parent->parent->color = RBL_RED;
rbl_left_rotate(x->parent->parent);
}
}
}
tree->top->color = RBL_BLACK;
return rbl;
}
/* Create a new node and insert it into the tree */
rbl_t *rbl_insert(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = new_rbl();
rbl->data = data;
if(rbl_insert_rbl(tree, rbl) == rbl)
return rbl;
else
{
free_rbl(rbl);
return NULL;
}
}
/* Restore red-black property after violation due to a deletion */
void rbl_delete_fixup(rbl_t *x)
{
rbl_t *w;
while(x != x->tree->top && x->color == RBL_BLACK)
{
if(x == x->parent->left)
{
w = x->parent->right;
if(w->color == RBL_RED)
{
w->color = RBL_BLACK;
x->parent->color = RBL_RED;
rbl_left_rotate(x->parent);
w = x->parent->right;
}
if(w->left->color == RBL_BLACK && w->right->color == RBL_BLACK)
{
w->color = RBL_RED;
x = x->parent;
}
else
{
if(w->right->color == RBL_BLACK)
{
w->left->color = RBL_BLACK;
w->color = RBL_RED;
rbl_right_rotate(w);
w = x->parent->right;
}
w->color = x->parent->color;
x->parent->color = RBL_BLACK;
w->right->color = RBL_BLACK;
rbl_left_rotate(x->parent);
x = x->tree->top;
}
}
else
{
w = x->parent->left;
if(w->color == RBL_RED)
{
w->color = RBL_BLACK;
x->parent->color = RBL_RED;
rbl_right_rotate(x->parent);
w = x->parent->left;
}
if(w->right->color == RBL_BLACK && w->left->color == RBL_BLACK)
{
w->color = RBL_RED;
x = x->parent;
}
else
{
if(w->left->color == RBL_BLACK)
{
w->right->color = RBL_BLACK;
w->color = RBL_RED;
rbl_left_rotate(w);
w = x->parent->left;
}
w->color = x->parent->color;
x->parent->color = RBL_BLACK;
w->left->color = RBL_BLACK;
rbl_right_rotate(x->parent);
x = x->tree->top;
}
}
}
x->color = RBL_BLACK;
}
/* Unlink node from the tree, but keep the node intact. */
rbl_t *rbl_unlink_rbl(rbl_t *rbl)
{
rbl_t *x, *y;
/* Binary tree delete */
if(rbl->left && rbl->right)
y = rbl->next;
else
y = rbl;
if(y->left)
x = y->left;
else
x = y->right;
if(x)
x->parent = y->parent;
if(!y->parent)
rbl->tree->top = x;
else
if(y == y->parent->left)
y->parent->left = x;
else
y->parent->right = x;
if(y != rbl)
{
y->left = rbl->left;
y->right = rbl->right;
y->parent = rbl->parent;
if(rbl == rbl->parent->left)
rbl->parent->left = y;
else
rbl->parent->right = y;
}
/* Linked list delete */
if(rbl->prev)
rbl->prev->next = rbl->next;
else
rbl->tree->head = rbl->next;
if(rbl->next)
rbl->next->prev = rbl->prev;
else
rbl->tree->tail = rbl->prev;
/* Red-black part of delete */
if(y->color == RBL_BLACK && x)
rbl_delete_fixup(x);
return rbl;
}
/* Search node in tree and unlink it */
rbl_t *rbl_unlink(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_search_rbl(tree, data);
if(rbl)
rbl_unlink_rbl(rbl);
return rbl;
}
/* Unlink node and free it */
void rbl_delete_rbl(rbl_t *rbl)
{
rbl_unlink_rbl(rbl);
free_rbl(rbl);
}
/* Search node in tree, unlink and free it */
void rbl_delete(rbltree_t *tree, void *data)
{
rbl_t *rbl;
rbl = rbl_unlink(tree, data);
if(rbl)
free_rbl(rbl);
}
/* Optimized unlinking for a complete tree */
void rbl_unlink_rbltree(rbltree_t *tree)
{
rbl_t *rbl, *next;
for(rbl = tree->head; rbl; rbl = next)
{
next = rbl->next;
rbl->tree = NULL;
rbl->parent = NULL;
rbl->left = NULL;
rbl->right = NULL;
rbl->prev = NULL;
rbl->next = NULL;
}
tree->top = NULL;
tree->head = NULL;
tree->tail = NULL;
}
/* Optimized deletion for a complete tree */
void rbl_delete_rbltree(rbltree_t *tree)
{
rbl_t *rbl, *next;
for(rbl = tree->head; rbl; rbl = next)
{
next = rbl->next;
free_rbl(rbl);
}
tree->top = NULL;
tree->head = NULL;
tree->tail = NULL;
}
/* Do action for each list entry (in order)
Deletion of entry for which action is called is allowed.
*/
void rbl_foreach(rbltree_t *tree, rbl_action_t action)
{
rbl_t *rbl, *next;
for(rbl = tree->head; rbl; rbl = next)
{
next = rbl->next;
action(rbl->data);
}
}
void rbl_foreach_rbl(rbltree_t *tree, rbl_action_rbl_t action)
{
rbl_t *rbl, *next;
for(rbl = tree->head; rbl; rbl = next)
{
next = rbl->next;
action(rbl);
}
}

104
lib/rbl.h Normal file
View file

@ -0,0 +1,104 @@
/*
rbl.h -- header file for rbl.c
Copyright (C) 2000 Ivo Timmermans <itimmermans@bigfoot.com>,
2000 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: rbl.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __RBL_H__
#define __RBL_H__
#define RBL_FOREACH(tree,rbl) for(rbl = tree->head; rbl; rbl = rbl->next)
typedef struct rbl_t
{
/* 'red-black tree' part */
struct rbltree_t *tree;
int color;
struct rbl_t *parent;
struct rbl_t *left;
struct rbl_t *right;
/* 'linked list' part */
struct rbl_t *prev;
struct rbl_t *next;
/* payload */
void *data;
} rbl_t;
typedef int (*rbl_compare_t) (const void *, const void *);
typedef void (*rbl_action_t) (const void *);
typedef void (*rbl_action_rbl_t) (const struct rbl_t *);
typedef struct rbltree_t
{
/* callback functions */
rbl_compare_t compare;
rbl_action_t delete;
/* tree part */
struct rbl_t *top;
/* linked list */
struct rbl_t *head;
struct rbl_t *tail;
} rbltree_t;
enum color
{
RBL_RED,
RBL_BLACK
} color;
extern rbltree_t *new_rbltree(rbl_compare_t, rbl_action_t);
extern void free_rbltree(rbltree_t *);
extern rbl_t *new_rbl(void);
extern void free_rbl(rbl_t *);
extern void *rbl_search(rbltree_t *, void *);
extern void *rbl_search_closest(rbltree_t *, void *);
extern void *rbl_search_closest_greater(rbltree_t *, void *);
extern void *rbl_search_closest_smaller(rbltree_t *, void *);
extern rbl_t *rbl_search_rbl(rbltree_t *, void *);
extern rbl_t *rbl_search_closest_rbl(rbltree_t *, void *);
extern rbl_t *rbl_search_closest_greater_rbl(rbltree_t *, void *);
extern rbl_t *rbl_search_closest_smaller_rbl(rbltree_t *, void *);
extern rbl_t *rbl_insert(rbltree_t *, void *);
extern rbl_t *rbl_unlink(rbltree_t *, void *);
extern void rbl_delete(rbltree_t *, void *);
extern rbl_t *rbl_insert_rbl(rbltree_t *, rbl_t *);
extern rbl_t *rbl_unlink_rbl(rbl_t *);
extern void rbl_delete_rbl(rbl_t *);
extern void rbl_unlink_rbltree(rbltree_t *);
extern void rbl_delete_rbltree(rbltree_t *);
extern void rbl_foreach(rbltree_t *, rbl_action_t);
extern void rbl_foreach_rbl(rbltree_t *, rbl_action_rbl_t);
#endif /* __RBL_H__ */

39
lib/utils.c
View file

@ -1,7 +1,7 @@
/*
utils.c -- gathering of some stupid small functions
Copyright (C) 1999,2000 Ivo Timmermans <zarq@iname.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 1999-2001 Ivo Timmermans <zarq@iname.com>
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -26,10 +26,13 @@
#include <utils.h>
#include <syslog.h>
#include <xalloc.h>
volatile int (cp_line[]) = {0, 0, 0, 0, 0, 0, 0, 0};
volatile char (*cp_file[]) = {"?", "?", "?", "?", "?", "?", "?", "?"};
#ifdef ENABLE_TRACING
volatile int (cp_line[]) = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
volatile char (*cp_file[]) = {"?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?"};
volatile int cp_index = 0;
#endif
char *hexadecimals = "0123456789ABCDEF";
@ -59,16 +62,26 @@ void bin2hex(char *src, char *dst, int length)
}
}
char *cp_trace()
#ifdef ENABLE_TRACING
void cp_trace()
{
syslog(LOG_DEBUG, "Checkpoint trace: %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d ...",
cp_file[(cp_index+7)%8], cp_line[(cp_index+7)%8],
cp_file[(cp_index+6)%8], cp_line[(cp_index+6)%8],
cp_file[(cp_index+5)%8], cp_line[(cp_index+5)%8],
cp_file[(cp_index+4)%8], cp_line[(cp_index+4)%8],
cp_file[(cp_index+3)%8], cp_line[(cp_index+3)%8],
cp_file[(cp_index+2)%8], cp_line[(cp_index+2)%8],
cp_file[(cp_index+1)%8], cp_line[(cp_index+1)%8],
syslog(LOG_DEBUG, "Checkpoint trace: %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d <- %s:%d...",
cp_file[(cp_index+15)%16], cp_line[(cp_index+15)%16],
cp_file[(cp_index+14)%16], cp_line[(cp_index+14)%16],
cp_file[(cp_index+13)%16], cp_line[(cp_index+13)%16],
cp_file[(cp_index+12)%16], cp_line[(cp_index+12)%16],
cp_file[(cp_index+11)%16], cp_line[(cp_index+11)%16],
cp_file[(cp_index+10)%16], cp_line[(cp_index+10)%16],
cp_file[(cp_index+9)%16], cp_line[(cp_index+9)%16],
cp_file[(cp_index+8)%16], cp_line[(cp_index+8)%16],
cp_file[(cp_index+7)%16], cp_line[(cp_index+7)%16],
cp_file[(cp_index+6)%16], cp_line[(cp_index+6)%16],
cp_file[(cp_index+5)%16], cp_line[(cp_index+5)%16],
cp_file[(cp_index+4)%16], cp_line[(cp_index+4)%16],
cp_file[(cp_index+3)%16], cp_line[(cp_index+3)%16],
cp_file[(cp_index+2)%16], cp_line[(cp_index+2)%16],
cp_file[(cp_index+1)%16], cp_line[(cp_index+1)%16],
cp_file[cp_index], cp_line[cp_index]
);
}
#endif

30
lib/utils.h
View file

@ -1,7 +1,7 @@
/*
utils.h -- header file for utils.c
Copyright (C) 1999,2000 Ivo Timmermans <zarq@iname.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 1999-2001 Ivo Timmermans <zarq@iname.com>
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -24,24 +24,34 @@
#include <ctype.h>
enum {
DEBUG_CONNECTIONS = 0,
DEBUG_PROTOCOL,
DEBUG_STATUS,
DEBUG_ERROR,
DEBUG_META
DEBUG_NOTHING = 0, /* Quiet mode, only show starting/stopping of the daemon */
DEBUG_CONNECTIONS = 1, /* Show (dis)connects of other tinc daemons via TCP */
DEBUG_ERROR = 2, /* Show error messages received from other hosts */
DEBUG_STATUS = 2, /* Show status messages received from other hosts */
DEBUG_PROTOCOL = 3, /* Show the requests that are sent/received */
DEBUG_META = 4, /* Show contents of every request that is sent/received */
DEBUG_TRAFFIC = 5, /* Show network traffic information */
DEBUG_PACKET = 6, /* Show contents of each packet that is being sent/received */
DEBUG_SCARY_THINGS = 10 /* You have been warned */
};
#define min(a,b) (((a)<(b))?(a):(b))
#ifdef ENABLE_TRACING
extern volatile int cp_line[];
extern volatile char *cp_file[];
extern volatile int cp_index;
extern void cp_trace(void);
#define cp { cp_line[cp_index] = __LINE__; cp_file[cp_index] = __FILE__; cp_index++; cp_index %= 8; }
#define ecp { fprintf(stderr, "Explicit checkpoint in %s line %d\n", __FILE__, __LINE__); }
#define cp { cp_line[cp_index] = __LINE__; cp_file[cp_index] = __FILE__; cp_index++; cp_index %= 16; }
#define ecp { fprintf(stderr, "Explicit checkpoint in %s line %d\n", __FILE__, __LINE__); }
#else
#define cp
#define ecp
#define cp_trace()
#endif
extern void hex2bin(char *src, char *dst, int length);
extern void bin2hex(char *src, char *dst, int length);
extern char *cp_trace(void);
#endif /* __TINC_UTILS_H__ */

2
lib/xalloc.h
View file

@ -22,3 +22,5 @@ void *xmalloc PARAMS ((size_t n));
void *xmalloc_and_zero PARAMS ((size_t n));
void *xcalloc PARAMS ((size_t n, size_t s));
void *xrealloc PARAMS ((void *p, size_t n));
char *xstrdup PARAMS ((const char *s));

13
lib/xmalloc.c
View file

@ -21,6 +21,7 @@
#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#if STDC_HEADERS
# include <stdlib.h>
@ -124,6 +125,18 @@ xrealloc (p, n)
return p;
}
/* Duplicate a string */
char *xstrdup(const char *s)
{
char *p;
p = strdup(s);
if(!p)
xalloc_fail ((int)strlen(s));
return p;
}
#ifdef NOT_USED
/* Allocate memory for N elements of S bytes, with error checking. */

691
src/conf.c
View file

@ -1,9 +1,9 @@
/*
conf.c -- configuration code
Copyright (C) 1998 Emphyrio,
Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
2000 Cris van Pelt <tribbel@arise.dhs.org>
Copyright (C) 1998 Robert van der Meulen
1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
2000 Cris van Pelt <tribbel@arise.dhs.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -19,9 +19,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: conf.c,v 1.10 2000/10/18 20:12:08 zarq Exp $
$Id: conf.c,v 1.11 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <ctype.h>
#include <errno.h>
@ -30,178 +31,396 @@
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <syslog.h>
#include <string.h>
#include <xalloc.h>
#include <utils.h> /* for cp */
#include <avl_tree.h>
#include "conf.h"
#include "netutl.h" /* for strtoip */
#include <utils.h> /* for cp */
#include "netutl.h" /* for str2address */
#include "config.h"
#include "connlist.h"
#include "system.h"
config_t *config = NULL;
avl_tree_t *config_tree;
int debug_lvl = 0;
int timeout = 0; /* seconds before timeout */
int pingtimeout = 0; /* seconds before timeout */
char *confbase = NULL; /* directory in which all config files are */
char *netname = NULL; /* name of the vpn network */
/* Will be set if HUP signal is received. It will be processed when it is safe. */
int sighup = 0;
/*
These are all the possible configurable values
*/
static internal_config_t hazahaza[] = {
/* Main configuration file keywords */
{ "Name", tincname, TYPE_NAME },
{ "ConnectTo", connectto, TYPE_NAME },
{ "PingTimeout", pingtimeout, TYPE_INT },
{ "TapDevice", tapdevice, TYPE_NAME },
{ "TapSubnet", tapsubnet, TYPE_IP },
{ "PrivateKey", privatekey, TYPE_NAME },
{ "KeyExpire", keyexpire, TYPE_INT },
{ "Hostnames", resolve_dns, TYPE_BOOL },
{ "Interface", interface, TYPE_NAME },
{ "InterfaceIP", interfaceip, TYPE_IP },
/* Host configuration file keywords */
{ "Address", address, TYPE_NAME },
{ "Port", port, TYPE_INT },
{ "PublicKey", publickey, TYPE_NAME },
{ "Subnet", subnet, TYPE_NAME },
{ "RestrictHosts", restricthosts, TYPE_BOOL },
{ "RestrictSubnets", restrictsubnets, TYPE_BOOL },
{ "RestrictAddress", restrictaddress, TYPE_BOOL },
{ "RestrictPort", restrictport, TYPE_BOOL },
{ "IndirectData", indirectdata, TYPE_BOOL },
{ "TCPonly", tcponly, TYPE_BOOL },
{ NULL, 0, 0 }
};
/*
Add given value to the list of configs cfg
*/
config_t *
add_config_val(config_t **cfg, int argtype, char *val)
int config_compare(config_t *a, config_t *b)
{
config_t *p, *r;
char *q;
cp
p = (config_t*)xmalloc(sizeof(*p));
p->data.val = 0;
int result;
switch(argtype)
result = strcasecmp(a->variable, b->variable);
if(result)
return result;
result = a->line - b->line;
if(result)
return result;
else
return strcmp(a->file, b->file);
}
void init_configuration(avl_tree_t **config_tree)
{
cp
*config_tree = avl_alloc_tree((avl_compare_t)config_compare, (avl_action_t)free_config);
cp
}
void exit_configuration(avl_tree_t **config_tree)
{
cp
avl_delete_tree(*config_tree);
*config_tree = NULL;
cp
}
config_t *new_config(void)
{
config_t *cfg;
cp
cfg = (config_t *)xmalloc_and_zero(sizeof(*cfg));
return cfg;
}
void free_config(config_t *cfg)
{
cp
if(cfg->variable)
free(cfg->variable);
if(cfg->value)
free(cfg->value);
if(cfg->file)
free(cfg->file);
free(cfg);
cp
}
void config_add(avl_tree_t *config_tree, config_t *cfg)
{
cp
avl_insert(config_tree, cfg);
cp
}
config_t *lookup_config(avl_tree_t *config_tree, char *variable)
{
config_t cfg, *found;
cp
cfg.variable = variable;
cfg.file = "";
cfg.line = 0;
found = avl_search_closest_greater(config_tree, &cfg);
if(!found)
return NULL;
if(strcasecmp(found->variable, variable))
return NULL;
return found;
}
config_t *lookup_config_next(avl_tree_t *config_tree, config_t *cfg)
{
avl_node_t *node;
config_t *found;
cp
node = avl_search_node(config_tree, cfg);
if(node)
{
case TYPE_INT:
p->data.val = strtol(val, &q, 0);
if(q && *q)
p->data.val = 0;
break;
case TYPE_NAME:
p->data.ptr = xmalloc(strlen(val) + 1);
strcpy(p->data.ptr, val);
break;
case TYPE_IP:
p->data.ip = strtoip(val);
break;
case TYPE_BOOL:
if(!strcasecmp("yes", val))
p->data.val = stupid_true;
else if(!strcasecmp("no", val))
p->data.val = stupid_false;
else
p->data.val = 0;
if(node->next)
{
found = (config_t *)node->next->data;
if(!strcasecmp(found->variable, cfg->variable))
return found;
}
}
p->argtype = argtype;
return NULL;
}
if(p->data.val)
{
p->next = *cfg;
*cfg = p;
int get_config_bool(config_t *cfg, int *result)
{
cp
return p;
if(!cfg)
return 0;
if(!strcasecmp(cfg->value, "yes"))
{
*result = 1;
return 1;
}
else if(!strcasecmp(cfg->value, "no"))
{
*result = 0;
return 1;
}
syslog(LOG_ERR, _("\"yes\" or \"no\" expected for configuration variable %s in %s line %d"),
cfg->variable, cfg->file, cfg->line);
return 0;
}
int get_config_int(config_t *cfg, int *result)
{
cp
if(!cfg)
return 0;
if(sscanf(cfg->value, "%d", result) == 1)
return 1;
syslog(LOG_ERR, _("Integer expected for configuration variable %s in %s line %d"),
cfg->variable, cfg->file, cfg->line);
return 0;
}
int get_config_string(config_t *cfg, char **result)
{
cp
if(!cfg)
return 0;
*result = xstrdup(cfg->value);
return 1;
}
int get_config_address(config_t *cfg, struct addrinfo **result)
{
struct addrinfo *ai;
cp
if(!cfg)
return 0;
ai = str2addrinfo(cfg->value, NULL, 0);
if(ai)
{
*result = ai;
return 1;
}
syslog(LOG_ERR, _("Hostname or IP address expected for configuration variable %s in %s line %d"),
cfg->variable, cfg->file, cfg->line);
return 0;
}
int get_config_port(config_t *cfg, port_t *result)
{
cp
if(!cfg)
return 0;
if(sscanf(cfg->value, "%hu", result) == 1)
{
*result = htons(*result);
return 1;
}
syslog(LOG_ERR, _("Port number expected for configuration variable %s in %s line %d"),
cfg->variable, cfg->file, cfg->line);
return 0;
}
int get_config_subnet(config_t *cfg, subnet_t **result)
{
subnet_t *subnet;
cp
if(!cfg)
return 0;
subnet = str2net(cfg->value);
if(!subnet)
{
syslog(LOG_ERR, _("Subnet expected for configuration variable %s in %s line %d"),
cfg->variable, cfg->file, cfg->line);
return 0;
}
/* Teach newbies what subnets are... */
if(((subnet->type == SUBNET_IPV4) && maskcheck((char *)&subnet->net.ipv4.address, subnet->net.ipv4.prefixlength, sizeof(ipv4_t)))
|| ((subnet->type == SUBNET_IPV6) && maskcheck((char *)&subnet->net.ipv6.address, subnet->net.ipv6.prefixlength, sizeof(ipv6_t))))
{
syslog(LOG_ERR, _("Network address and prefix length do not match for configuration variable %s in %s line %d"),
cfg->variable, cfg->file, cfg->line);
free(subnet);
return 0;
}
*result = subnet;
return 1;
}
/*
Read exactly one line and strip the trailing newline if any. If the
file was on EOF, return NULL. Otherwise, return all the data in a
dynamically allocated buffer.
If line is non-NULL, it will be used as an initial buffer, to avoid
unnecessary mallocing each time this function is called. If buf is
given, and buf needs to be expanded, the var pointed to by buflen
will be increased.
*/
char *readline(FILE *fp, char **buf, size_t *buflen)
{
char *newline = NULL;
char *p;
char *line; /* The array that contains everything that has been read
so far */
char *idx; /* Read into this pointer, which points to an offset
within line */
size_t size, newsize; /* The size of the current array pointed to by
line */
size_t maxlen; /* Maximum number of characters that may be read with
fgets. This is newsize - oldsize. */
if(feof(fp))
return NULL;
if((buf != NULL) && (buflen != NULL))
{
size = *buflen;
line = *buf;
}
else
{
free(p);
cp
return NULL;
size = 100;
line = xmalloc(size);
}
maxlen = size;
idx = line;
*idx = 0;
for(;;)
{
errno = 0;
p = fgets(idx, maxlen, fp);
if(p == NULL) /* EOF or error */
{
if(feof(fp))
break;
/* otherwise: error; let the calling function print an error
message if applicable */
free(line);
return NULL;
}
newline = strchr(p, '\n');
if(newline == NULL)
/* We haven't yet read everything to the end of the line */
{
newsize = size << 1;
line = xrealloc(line, newsize);
idx = &line[size - 1];
maxlen = newsize - size + 1;
size = newsize;
}
else
{
*newline = '\0'; /* kill newline */
break; /* yay */
}
}
if((buf != NULL) && (buflen != NULL))
{
*buflen = size;
*buf = line;
}
return line;
}
/*
Parse a configuration file and put the results in the configuration tree
starting at *base.
*/
int read_config_file(config_t **base, const char *fname)
int read_config_file(avl_tree_t *config_tree, const char *fname)
{
int err = -1;
int err = -2; /* Parse error */
FILE *fp;
char line[MAXBUFSIZE]; /* There really should not be any line longer than this... */
char *p, *q;
int i, lineno = 0;
char *buffer, *line;
char *variable, *value;
int lineno = 0, ignore = 0;
config_t *cfg;
size_t bufsize;
cp
if((fp = fopen (fname, "r")) == NULL)
{
return -1;
syslog(LOG_ERR, _("Cannot open config file %s: %s"), fname, strerror(errno));
return -3;
}
bufsize = 100;
buffer = xmalloc(bufsize);
for(;;)
{
if(fgets(line, MAXBUFSIZE, fp) == NULL)
{
err = 0;
break;
}
if((line = readline(fp, &buffer, &bufsize)) == NULL)
{
err = -1;
break;
}
if(feof(fp))
{
err = 0;
break;
}
lineno++;
if(!index(line, '\n'))
{
syslog(LOG_ERR, _("Line %d too long while reading config file %s"), lineno, fname);
break;
}
if((p = strtok(line, "\t\n\r =")) == NULL)
if((variable = strtok(line, "\t =")) == NULL)
continue; /* no tokens on this line */
if(p[0] == '#')
if(variable[0] == '#')
continue; /* comment: ignore */
for(i = 0; hazahaza[i].name != NULL; i++)
if(!strcasecmp(hazahaza[i].name, p))
break;
if(!strcmp(variable, "-----BEGIN"))
ignore = 1;
if(!hazahaza[i].name)
{
syslog(LOG_ERR, _("Invalid variable name on line %d while reading config file %s"),
lineno, fname);
break;
}
if(!ignore)
{
if(((value = strtok(NULL, "\t\n\r =")) == NULL) || value[0] == '#')
{
syslog(LOG_ERR, _("No value for variable `%s' on line %d while reading config file %s"),
variable, lineno, fname);
break;
}
if(((q = strtok(NULL, "\t\n\r =")) == NULL) || q[0] == '#')
{
fprintf(stderr, _("No value for variable on line %d while reading config file %s"),
lineno, fname);
break;
}
cfg = new_config();
cfg->variable = xstrdup(variable);
cfg->value = xstrdup(value);
cfg->file = xstrdup(fname);
cfg->line = lineno;
cfg = add_config_val(base, hazahaza[i].argtype, q);
if(cfg == NULL)
{
fprintf(stderr, _("Invalid value for variable on line %d while reading config file %s"),
lineno, fname);
break;
}
config_add(config_tree, cfg);
}
cfg->which = hazahaza[i].which;
if(!config)
config = cfg;
if(!strcmp(variable, "-----END"))
ignore = 0;
}
free(buffer);
fclose (fp);
cp
return err;
@ -213,56 +432,192 @@ int read_server_config()
int x;
cp
asprintf(&fname, "%s/tinc.conf", confbase);
x = read_config_file(&config, fname);
x = read_config_file(config_tree, fname);
if(x == -1) /* System error: complain */
{
syslog(LOG_ERR, _("Failed to read `%s': %s"), fname, strerror(errno));
}
free(fname);
cp
return x;
return x;
}
/*
Look up the value of the config option type
*/
const config_t *get_config_val(config_t *p, which_t type)
int isadir(const char* f)
{
cp
for(; p != NULL; p = p->next)
if(p->which == type)
break;
cp
return p;
struct stat s;
if(stat(f, &s) < 0)
return 0;
else
return S_ISDIR(s.st_mode);
}
/*
Support for multiple config lines.
Index is used to get a specific value, 0 being the first, 1 the second etc.
*/
const config_t *get_next_config_val(config_t *p, which_t type, int index)
int is_safe_path(const char *file)
{
cp
for(; p != NULL; p = p->next)
if(p->which == type)
if(--index < 0)
break;
cp
return p;
}
char *p;
const char *f;
char x;
struct stat s;
char l[MAXBUFSIZE];
/*
Remove the complete configuration tree.
*/
void clear_config(config_t **base)
{
config_t *p, *next;
cp
for(p = *base; p != NULL; p = next)
if(*file != '/')
{
next = p->next;
if(p->data.ptr && (p->argtype == TYPE_NAME))
{
free(p->data.ptr);
}
free(p);
syslog(LOG_ERR, _("`%s' is not an absolute path"), file);
return 0;
}
*base = NULL;
cp
p = strrchr(file, '/');
if(p == file) /* It's in the root */
p++;
x = *p;
*p = '\0';
f = file;
check1:
if(lstat(f, &s) < 0)
{
syslog(LOG_ERR, _("Couldn't stat `%s': %s"), f, strerror(errno));
return 0;
}
if(s.st_uid != geteuid())
{
syslog(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
f, s.st_uid, geteuid());
return 0;
}
if(S_ISLNK(s.st_mode))
{
syslog(LOG_WARNING, _("Warning: `%s' is a symlink"),
f);
if(readlink(f, l, MAXBUFSIZE) < 0)
{
syslog(LOG_ERR, _("Unable to read symbolic link `%s': %s"), f, strerror(errno));
return 0;
}
f = l;
goto check1;
}
*p = x;
f = file;
check2:
if(lstat(f, &s) < 0 && errno != ENOENT)
{
syslog(LOG_ERR, _("Couldn't stat `%s': %s"), f, strerror(errno));
return 0;
}
if(errno == ENOENT)
return 1;
if(s.st_uid != geteuid())
{
syslog(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
f, s.st_uid, geteuid());
return 0;
}
if(S_ISLNK(s.st_mode))
{
syslog(LOG_WARNING, _("Warning: `%s' is a symlink"),
f);
if(readlink(f, l, MAXBUFSIZE) < 0)
{
syslog(LOG_ERR, _("Unable to read symbolic link `%s': %s"), f, strerror(errno));
return 0;
}
f = l;
goto check2;
}
if(s.st_mode & 0007)
{
/* Accessible by others */
syslog(LOG_ERR, _("`%s' has unsecure permissions"),
f);
return 0;
}
return 1;
}
FILE *ask_and_safe_open(const char* filename, const char* what, const char* mode)
{
FILE *r;
char *directory;
char *fn;
/* Check stdin and stdout */
if(!isatty(0) || !isatty(1))
{
/* Argh, they are running us from a script or something. Write
the files to the current directory and let them burn in hell
for ever. */
fn = xstrdup(filename);
}
else
{
/* Ask for a file and/or directory name. */
fprintf(stdout, _("Please enter a file to save %s to [%s]: "),
what, filename);
fflush(stdout);
if((fn = readline(stdin, NULL, NULL)) == NULL)
{
fprintf(stderr, _("Error while reading stdin: %s\n"), strerror(errno));
return NULL;
}
if(strlen(fn) == 0)
/* User just pressed enter. */
fn = xstrdup(filename);
}
if((strchr(fn, '/') == NULL) || (fn[0] != '/'))
{
/* The directory is a relative path or a filename. */
char *p;
directory = get_current_dir_name();
asprintf(&p, "%s/%s", directory, fn);
free(fn);
free(directory);
fn = p;
}
umask(0077); /* Disallow everything for group and other */
/* Open it first to keep the inode busy */
if((r = fopen(fn, mode)) == NULL)
{
fprintf(stderr, _("Error opening file `%s': %s\n"),
fn, strerror(errno));
free(fn);
return NULL;
}
/* Then check the file for nasty attacks */
if(!is_safe_path(fn)) /* Do not permit any directories that are
readable or writeable by other users. */
{
fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n"
"I will not create or overwrite this file.\n"),
fn);
fclose(r);
free(fn);
return NULL;
}
free(fn);
return r;
}

101
src/conf.h
View file

@ -1,7 +1,7 @@
/*
conf.h -- header for conf.c
Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,85 +17,54 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: conf.h,v 1.7 2000/10/18 20:12:08 zarq Exp $
$Id: conf.h,v 1.8 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_CONF_H__
#define __TINC_CONF_H__
#define MAXTIMEOUT 900 /* Maximum timeout value for retries. Should this be a configuration option? */
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
typedef struct ip_mask_t {
unsigned long ip;
unsigned long mask;
} ip_mask_t;
typedef enum which_t {
tincname = 1,
connectto,
pingtimeout,
tapdevice,
tapsubnet,
privatekey,
keyexpire,
resolve_dns,
interface,
interfaceip,
address,
port,
publickey,
subnet,
restricthosts,
restrictsubnets,
restrictaddress,
restrictport,
indirectdata,
tcponly,
} which_t;
#include <avl_tree.h>
#include "net.h"
#include "subnet.h"
typedef struct config_t {
struct config_t *next;
which_t which;
int argtype;
union data {
unsigned long val;
void *ptr;
ip_mask_t *ip;
struct config_t *next; /* For nested configs! */
} data;
char *variable;
char *value;
char *file;
int line;
} config_t;
typedef struct internal_config_t {
char *name;
enum which_t which;
int argtype;
} internal_config_t;
extern avl_tree_t *config_tree;
enum {
stupid_false = 1,
stupid_true
};
enum {
TYPE_NAME = 1,
TYPE_INT,
TYPE_IP,
TYPE_BOOL
};
extern config_t *config;
extern int debug_lvl;
extern int timeout;
extern int upstreamindex;
extern int sighup;
extern int pingtimeout;
extern int maxtimeout;
extern int bypass_security;
extern char *confbase;
extern char *netname;
extern config_t *add_config_val(config_t **, int, char *);
extern int read_config_file(config_t **, const char *);
extern const config_t *get_config_val(config_t *, which_t type);
extern const config_t *get_next_config_val(config_t *, which_t type, int);
extern void clear_config();
extern void init_configuration(avl_tree_t **);
extern void exit_configuration(avl_tree_t **);
extern config_t *new_config(void);
extern void free_config(config_t *);
extern void config_add(avl_tree_t *, config_t *);
extern config_t *lookup_config(avl_tree_t *, char *);
extern config_t *lookup_config_next(avl_tree_t *, config_t *);
extern int get_config_bool(config_t *, int *);
extern int get_config_int(config_t *, int *);
extern int get_config_port(config_t *, port_t *);
extern int get_config_string(config_t *, char **);
extern int get_config_address(config_t *, struct addrinfo **);
struct subnet_t; /* Needed for next line. */
extern int get_config_subnet(config_t *, struct subnet_t **);
extern int read_config_file(avl_tree_t *, const char *);
extern int read_server_config(void);
extern FILE *ask_and_safe_open(const char*, const char*, const char *);
extern int is_safe_path(const char *);
#endif /* __TINC_CONF_H__ */

137
src/connection.c Normal file
View file

@ -0,0 +1,137 @@
/*
connection.c -- connection list management
Copyright (C) 2000-2002 Guus Sliepen <guus@sliepen.warande.net>,
2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <stdio.h>
#include <syslog.h>
#include <string.h>
#include <sys/time.h>
#include <avl_tree.h>
#include <list.h>
#include "net.h" /* Don't ask. */
#include "netutl.h"
#include "config.h"
#include "conf.h"
#include <utils.h>
#include "subnet.h"
#include "xalloc.h"
#include "system.h"
avl_tree_t *connection_tree; /* Meta connections */
int connection_compare(connection_t *a, connection_t *b)
{
return a - b;
}
void init_connections(void)
{
cp
connection_tree = avl_alloc_tree((avl_compare_t)connection_compare, NULL);
cp
}
void exit_connections(void)
{
cp
avl_delete_tree(connection_tree);
cp
}
connection_t *new_connection(void)
{
connection_t *c;
cp
c = (connection_t *)xmalloc_and_zero(sizeof(connection_t));
if(!c)
return NULL;
gettimeofday(&c->start, NULL);
cp
return c;
}
void free_connection(connection_t *c)
{
cp
if(c->hostname)
free(c->hostname);
if(c->inkey)
free(c->inkey);
if(c->outkey)
free(c->outkey);
if(c->mychallenge)
free(c->mychallenge);
if(c->hischallenge)
free(c->hischallenge);
free(c);
cp
}
void connection_add(connection_t *c)
{
cp
avl_insert(connection_tree, c);
cp
}
void connection_del(connection_t *c)
{
cp
avl_delete(connection_tree, c);
cp
}
void dump_connections(void)
{
avl_node_t *node;
connection_t *c;
cp
syslog(LOG_DEBUG, _("Connections:"));
for(node = connection_tree->head; node; node = node->next)
{
c = (connection_t *)node->data;
syslog(LOG_DEBUG, _(" %s at %s options %lx socket %d status %04x"),
c->name, c->hostname, c->options, c->socket, c->status);
}
syslog(LOG_DEBUG, _("End of connections."));
cp
}
int read_connection_config(connection_t *c)
{
char *fname;
int x;
cp
asprintf(&fname, "%s/hosts/%s", confbase, c->name);
x = read_config_file(c->config_tree, fname);
free(fname);
cp
return x;
}

121
src/connection.h Normal file
View file

@ -0,0 +1,121 @@
/*
connection.h -- header for connection.c
Copyright (C) 2000-2002 Guus Sliepen <guus@sliepen.warande.net>,
2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_CONNECTION_H__
#define __TINC_CONNECTION_H__
#include <sys/time.h>
#include <avl_tree.h>
#include <list.h>
#ifdef HAVE_OPENSSL_EVP_H
# include <openssl/evp.h>
#else
# include <evp.h>
#endif
#ifdef HAVE_OPENSSL_RSA_H
# include <openssl/rsa.h>
#else
# include <rsa.h>
#endif
#include "net.h"
#include "conf.h"
#include "node.h"
#include "edge.h"
#define OPTION_INDIRECT 0x0001
#define OPTION_TCPONLY 0x0002
typedef struct connection_status_t {
int pinged:1; /* sent ping */
int active:1; /* 1 if active.. */
int connecting:1; /* 1 if we are waiting for a non-blocking connect() to finish */
int termreq:1; /* the termination of this connection was requested */
int remove:1; /* Set to 1 if you want this connection removed */
int timeout:1; /* 1 if gotten timeout */
int encryptout:1; /* 1 if we can encrypt outgoing traffic */
int decryptin:1; /* 1 if we have to decrypt incoming traffic */
int mst:1; /* 1 if this connection is part of a minimum spanning tree */
int unused:18;
} connection_status_t;
typedef struct connection_t {
char *name; /* name he claims to have */
sockaddr_t address; /* his real (internet) ip */
char *hostname; /* the hostname of its real ip */
int protocol_version; /* used protocol */
int socket; /* socket used for this connection */
long int options; /* options for this connection */
struct connection_status_t status; /* status info */
int estimated_weight; /* estimation for the weight of the edge for this connection */
struct timeval start; /* time this connection was started, used for above estimation */
struct outgoing_t *outgoing; /* used to keep track of outgoing connections */
struct node_t *node; /* node associated with the other end */
struct edge_t *edge; /* edge associated with this connection */
RSA *rsa_key; /* his public/private key */
const EVP_CIPHER *incipher; /* Cipher he will use to send data to us */
const EVP_CIPHER *outcipher; /* Cipher we will use to send data to him */
EVP_CIPHER_CTX *inctx; /* Context of encrypted meta data that will come from him to us */
EVP_CIPHER_CTX *outctx; /* Context of encrypted meta data that will be sent from us to him */
char *inkey; /* His symmetric meta key + iv */
char *outkey; /* Our symmetric meta key + iv */
int inkeylength; /* Length of his key + iv */
int outkeylength; /* Length of our key + iv */
const EVP_MD *indigest;
const EVP_MD *outdigest;
int inmaclength;
int outmaclength;
int incompression;
int outcompression;
char *mychallenge; /* challenge we received from him */
char *hischallenge; /* challenge we sent to him */
char buffer[MAXBUFSIZE]; /* metadata input buffer */
int buflen; /* bytes read into buffer */
int tcplen; /* length of incoming TCPpacket */
int allow_request; /* defined if there's only one request possible */
time_t last_ping_time; /* last time we saw some activity from the other end */
avl_tree_t *config_tree; /* Pointer to configuration tree belonging to him */
} connection_t;
extern avl_tree_t *connection_tree;
extern void init_connections(void);
extern void exit_connections(void);
extern connection_t *new_connection(void);
extern void free_connection(connection_t *);
extern void connection_add(connection_t *);
extern void connection_del(connection_t *);
extern void dump_connections(void);
extern int read_connection_config(connection_t *);
#endif /* __TINC_CONNECTION_H__ */

36
src/device.h Normal file
View file

@ -0,0 +1,36 @@
/*
net.h -- generic header for device.c
Copyright (C) 2001-2002 Ivo Timmermans <zarq@iname.com>
2001-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_DEVICE_H__
#define __TINC_DEVICE_H__
extern int device_fd;
extern char *device;
extern char *interface;
extern int setup_device(void);
extern void close_device(void);
extern int read_packet(vpn_packet_t *);
extern int write_packet(vpn_packet_t *);
extern void dump_device_stats(void);
#endif /* __TINC_DEVICE_H__ */

211
src/edge.c Normal file
View file

@ -0,0 +1,211 @@
/*
edge.c -- edge tree management
Copyright (C) 2000-2002 Guus Sliepen <guus@sliepen.warande.net>,
2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: edge.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <stdio.h>
#include <syslog.h>
#include <string.h>
#include <avl_tree.h>
#include <list.h>
#include "net.h" /* Don't ask. */
#include "netutl.h"
#include "config.h"
#include "conf.h"
#include <utils.h>
#include "subnet.h"
#include "xalloc.h"
#include "system.h"
avl_tree_t *edge_tree; /* Tree with all known edges (replaces active_tree) */
avl_tree_t *edge_weight_tree; /* Tree with all edges, sorted on weight */
int edge_compare(edge_t *a, edge_t *b)
{
int result;
result = strcmp(a->from.node->name, b->from.node->name);
if(result)
return result;
else
return strcmp(a->to.node->name, b->to.node->name);
}
/* Evil edge_compare() from a parallel universe ;)
int edge_compare(edge_t *a, edge_t *b)
{
int result;
return (result = strcmp(a->from.node->name, b->from.node->name)) || (result = strcmp(a->to.node->name, b->to.node->name)), result;
}
*/
int edge_name_compare(edge_t *a, edge_t *b)
{
int result;
char *name_a1, *name_a2, *name_b1, *name_b2;
if(strcmp(a->from.node->name, a->to.node->name) < 0)
name_a1 = a->from.node->name, name_a2 = a->to.node->name;
else
name_a1 = a->to.node->name, name_a2 = a->from.node->name;
if(strcmp(b->from.node->name, b->to.node->name) < 0)
name_b1 = b->from.node->name, name_b2 = b->to.node->name;
else
name_b1 = b->to.node->name, name_b2 = b->from.node->name;
result = strcmp(name_a1, name_b1);
if(result)
return result;
else
return strcmp(name_a2, name_b2);
}
int edge_weight_compare(edge_t *a, edge_t *b)
{
int result;
result = a->weight - b->weight;
if(result)
return result;
else
return edge_name_compare(a, b);
}
void init_edges(void)
{
cp
edge_tree = avl_alloc_tree((avl_compare_t)edge_compare, NULL);
edge_weight_tree = avl_alloc_tree((avl_compare_t)edge_weight_compare, NULL);
cp
}
avl_tree_t *new_edge_tree(void)
{
cp
return avl_alloc_tree((avl_compare_t)edge_name_compare, NULL);
cp
}
void free_edge_tree(avl_tree_t *edge_tree)
{
cp
avl_delete_tree(edge_tree);
cp
}
void exit_edges(void)
{
cp
avl_delete_tree(edge_tree);
cp
}
/* Creation and deletion of connection elements */
edge_t *new_edge(void)
{
edge_t *e;
cp
e = (edge_t *)xmalloc_and_zero(sizeof(*e));
cp
return e;
}
void free_edge(edge_t *e)
{
cp
free(e);
cp
}
void edge_add(edge_t *e)
{
cp
avl_insert(edge_tree, e);
avl_insert(edge_weight_tree, e);
avl_insert(e->from.node->edge_tree, e);
avl_insert(e->to.node->edge_tree, e);
cp
}
void edge_del(edge_t *e)
{
cp
avl_delete(edge_tree, e);
avl_delete(edge_weight_tree, e);
avl_delete(e->from.node->edge_tree, e);
avl_delete(e->to.node->edge_tree, e);
cp
}
edge_t *lookup_edge(node_t *from, node_t *to)
{
edge_t v, *result;
cp
v.from.node = from;
v.to.node = to;
result = avl_search(edge_tree, &v);
if(result)
return result;
cp
v.from.node = to;
v.to.node = from;
return avl_search(edge_tree, &v);
}
void dump_edges(void)
{
avl_node_t *node;
edge_t *e;
char *from_udp, *to_udp;
cp
syslog(LOG_DEBUG, _("Edges:"));
for(node = edge_tree->head; node; node = node->next)
{
e = (edge_t *)node->data;
from_udp = sockaddr2hostname(&e->from.udpaddress);
to_udp = sockaddr2hostname(&e->to.udpaddress);
syslog(LOG_DEBUG, _(" %s at %s - %s at %s options %lx weight %d"),
e->from.node->name, from_udp,
e->to.node->name, to_udp,
e->options, e->weight);
free(from_udp);
free(to_udp);
}
syslog(LOG_DEBUG, _("End of edges."));
cp
}

62
src/edge.h Normal file
View file

@ -0,0 +1,62 @@
/*
edge.h -- header for edge.c
Copyright (C) 2001-2002 Guus Sliepen <guus@sliepen.warande.net>,
2001-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: edge.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_EDGE_H__
#define __TINC_EDGE_H__
#include <avl_tree.h>
#include "net.h"
#include "node.h"
#include "connection.h"
typedef struct halfconnection_t {
struct node_t *node; /* node associated with this end of the connection */
// sockaddr_t tcpaddress; /* real (internet) ip on this end of the meta connection */
sockaddr_t udpaddress; /* real (internet) ip on this end of the vpn connection */
} halfconnection_t;
typedef struct edge_t {
struct halfconnection_t from;
struct halfconnection_t to;
long int options; /* options turned on for this edge */
int weight; /* weight of this edge */
struct connection_t *connection; /* connection associated with this edge, if available */
} edge_t;
extern avl_tree_t *edge_tree; /* Tree with all known edges (replaces active_tree) */
extern avl_tree_t *edge_weight_tree; /* Tree with all known edges sorted on weight */
extern void init_edges(void);
extern void exit_edges(void);
extern edge_t *new_edge(void);
extern void free_edge(edge_t *);
extern avl_tree_t *new_edge_tree(void);
extern void free_edge_tree(avl_tree_t *);
extern void edge_add(edge_t *);
extern void edge_del(edge_t *);
extern edge_t *lookup_edge(struct node_t *, struct node_t *);
extern void dump_edges(void);
#endif /* __TINC_EDGE_H__ */

110
src/event.c Normal file
View file

@ -0,0 +1,110 @@
/*
event.c -- event queue
Copyright (C) 2002 Guus Sliepen <guus@sliepen.warande.net>,
2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: event.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <xalloc.h>
#include <string.h>
#include <utils.h>
#include <avl_tree.h>
#include <time.h>
#include "event.h"
#include "system.h"
avl_tree_t *event_tree;
extern time_t now;
int id;
int event_compare(event_t *a, event_t *b)
{
if(a->time > b->time)
return 1;
if(a->time < b->time)
return -1;
return a->id - b->id;
}
void init_events(void)
{
cp
event_tree = avl_alloc_tree((avl_compare_t)event_compare, NULL);
cp
}
void exit_events(void)
{
cp
avl_delete_tree(event_tree);
cp
}
event_t *new_event(void)
{
event_t *event;
cp
event = (event_t *)xmalloc_and_zero(sizeof(*event));
cp
return event;
}
void free_event(event_t *event)
{
cp
free(event);
cp
}
void event_add(event_t *event)
{
cp
event->id = ++id;
avl_insert(event_tree, event);
cp
}
void event_del(event_t *event)
{
cp
avl_delete(event_tree, event);
cp
}
event_t *get_expired_event(void)
{
event_t *event;
cp
if(event_tree->head)
{
event = (event_t *)event_tree->head->data;
if(event->time < now)
{
avl_delete(event_tree, event);
return event;
}
}
cp
return NULL;
}

48
src/event.h Normal file
View file

@ -0,0 +1,48 @@
/*
event.h -- header for event.c
Copyright (C) 2002 Guus Sliepen <guus@sliepen.warande.net>,
2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: event.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_EVENT_H__
#define __TINC_EVENT_H__
#include <time.h>
#include <avl_tree.h>
avl_tree_t *event_tree;
typedef void (*event_handler_t)(void *);
typedef struct {
time_t time;
int id;
event_handler_t handler;
void *data;
} event_t;
extern void init_events(void);
extern void exit_events(void);
extern event_t *new_event(void);
extern void free_event(event_t *);
extern void event_add(event_t *);
extern void event_del(event_t *);
extern event_t *get_expired_event(void);
#endif /* __TINC_EVENT_H__ */

290
src/graph.c Normal file
View file

@ -0,0 +1,290 @@
/*
graph.c -- graph algorithms
Copyright (C) 2001-2002 Guus Sliepen <guus@sliepen.warande.net>,
2001-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: graph.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
/* We need to generate two trees from the graph:
1. A minimum spanning tree for broadcasts,
2. A single-source shortest path tree for unicasts.
Actually, the first one alone would suffice but would make unicast packets
take longer routes than necessary.
For the MST algorithm we can choose from Prim's or Kruskal's. I personally
favour Kruskal's, because we make an extra AVL tree of edges sorted on
weights (metric). That tree only has to be updated when an edge is added or
removed, and during the MST algorithm we just have go linearly through that
tree, adding safe edges until #edges = #nodes - 1. The implementation here
however is not so fast, because I tried to avoid having to make a forest and
merge trees.
For the SSSP algorithm Dijkstra's seems to be a nice choice. Currently a
simple breadth-first search is presented here.
The SSSP algorithm will also be used to determine whether nodes are directly,
indirectly or not reachable from the source. It will also set the correct
destination address and port of a node if possible.
*/
#include "config.h"
#include <stdio.h>
#include <syslog.h>
#include "config.h"
#include <string.h>
#if defined(HAVE_FREEBSD) || defined(HAVE_OPENBSD)
#include <sys/param.h>
#endif
#include <netinet/in.h>
#include <avl_tree.h>
#include <utils.h>
#include "netutl.h"
#include "node.h"
#include "edge.h"
#include "connection.h"
#include "process.h"
#include "system.h"
/* Implementation of Kruskal's algorithm.
Running time: O(EN)
Please note that sorting on weight is already done by add_edge().
*/
void mst_kruskal(void)
{
avl_node_t *node, *next;
edge_t *e;
node_t *n;
connection_t *c;
int nodes = 0;
int safe_edges = 0;
int skipped;
/* Clear MST status on connections */
for(node = connection_tree->head; node; node = node->next)
{
c = (connection_t *)node->data;
c->status.mst = 0;
}
/* Do we have something to do at all? */
if(!edge_weight_tree->head)
return;
if(debug_lvl >= DEBUG_SCARY_THINGS)
syslog(LOG_DEBUG, "Running Kruskal's algorithm:");
/* Clear visited status on nodes */
for(node = node_tree->head; node; node = node->next)
{
n = (node_t *)node->data;
n->status.visited = 0;
nodes++;
}
/* Starting point */
((edge_t *)edge_weight_tree->head->data)->from.node->status.visited = 1;
/* Add safe edges */
for(skipped = 0, node = edge_weight_tree->head; node; node = next)
{
next = node->next;
e = (edge_t *)node->data;
if(e->from.node->status.visited == e->to.node->status.visited)
{
skipped = 1;
continue;
}
e->from.node->status.visited = 1;
e->to.node->status.visited = 1;
if(e->connection)
e->connection->status.mst = 1;
safe_edges++;
if(debug_lvl >= DEBUG_SCARY_THINGS)
syslog(LOG_DEBUG, " Adding edge %s - %s weight %d", e->from.node->name, e->to.node->name, e->weight);
if(skipped)
{
next = edge_weight_tree->head;
continue;
}
}
if(debug_lvl >= DEBUG_SCARY_THINGS)
syslog(LOG_DEBUG, "Done, counted %d nodes and %d safe edges.", nodes, safe_edges);
}
/* Implementation of a simple breadth-first search algorithm.
Running time: O(E)
*/
void sssp_bfs(void)
{
avl_node_t *node, *from, *next, *to;
edge_t *e;
node_t *n;
halfconnection_t to_hc, from_hc;
avl_tree_t *todo_tree;
int indirect;
char *name;
todo_tree = avl_alloc_tree(NULL, NULL);
/* Clear visited status on nodes */
for(node = node_tree->head; node; node = node->next)
{
n = (node_t *)node->data;
n->status.visited = 0;
n->status.indirect = 1;
}
/* Begin with myself */
myself->status.visited = 1;
myself->status.indirect = 0;
myself->nexthop = myself;
myself->via = myself;
node = avl_alloc_node();
node->data = myself;
avl_insert_top(todo_tree, node);
/* Loop while todo_tree is filled */
while(todo_tree->head)
{
for(from = todo_tree->head; from; from = next) /* "from" is the node from which we start */
{
next = from->next;
n = (node_t *)from->data;
for(to = n->edge_tree->head; to; to = to->next) /* "to" is the edge connected to "from" */
{
e = (edge_t *)to->data;
if(e->from.node == n) /* "from_hc" is the halfconnection with .node == from */
to_hc = e->to, from_hc = e->from;
else
to_hc = e->from, from_hc = e->to;
/* Situation:
/
/
------(n)from_hc-----to_hc
\
\
n->address is set to the to_hc.udpaddress of the edge left of n.
We are currently examining the edge right of n:
- If from_hc.udpaddress != n->address, then to_hc.node is probably
not reachable for the nodes left of n. We do as if the indirectdata
flag is set on edge e.
- If edge e provides for better reachability of to_hc.node, update
to_hc.node and (re)add it to the todo_tree to (re)examine the reachability
of nodes behind it.
*/
indirect = n->status.indirect || e->options & OPTION_INDIRECT || ((n != myself) && sockaddrcmp(&n->address, &from_hc.udpaddress));
if(to_hc.node->status.visited && (!to_hc.node->status.indirect || indirect))
continue;
to_hc.node->status.visited = 1;
to_hc.node->status.indirect = indirect;
to_hc.node->nexthop = (n->nexthop == myself) ? to_hc.node : n->nexthop;
to_hc.node->via = indirect ? n->via : to_hc.node;
to_hc.node->options = e->options;
if(sockaddrcmp(&to_hc.node->address, &to_hc.udpaddress))
{
node = avl_unlink(node_udp_tree, to_hc.node);
to_hc.node->address = to_hc.udpaddress;
if(to_hc.node->hostname)
free(to_hc.node->hostname);
to_hc.node->hostname = sockaddr2hostname(&to_hc.udpaddress);
avl_insert_node(node_udp_tree, node);
}
node = avl_alloc_node();
node->data = to_hc.node;
avl_insert_before(todo_tree, from, node);
}
avl_delete_node(todo_tree, from);
}
}
avl_free_tree(todo_tree);
/* Check reachability status. */
for(node = node_tree->head; node; node = next)
{
next = node->next;
n = (node_t *)node->data;
if(n->status.visited)
{
if(!n->status.reachable)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Node %s (%s) became reachable"), n->name, n->hostname);
n->status.reachable = 1;
asprintf(&name, "hosts/%s-up", n->name);
execute_script(name);
free(name);
}
}
else
{
if(n->status.reachable)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Node %s (%s) became unreachable"), n->name, n->hostname);
n->status.reachable = 0;
n->status.validkey = 0;
n->status.waitingforkey = 0;
n->sent_seqno = 0;
asprintf(&name, "hosts/%s-down", n->name);
execute_script(name);
free(name);
}
}
}
}
void graph(void)
{
mst_kruskal();
sssp_bfs();
}

25
src/graph.h Normal file
View file

@ -0,0 +1,25 @@
/*
graph.h -- header for graph.c
Copyright (C) 2001-2002 Guus Sliepen <guus@sliepen.warande.net>,
2001-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: graph.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
extern void graph(void);
extern void mst_kruskal(void);
extern void sssp_bfs(void);

210
src/meta.c Normal file
View file

@ -0,0 +1,210 @@
/*
meta.c -- handle the meta communication
Copyright (C) 2000-2002 Guus Sliepen <guus@sliepen.warande.net>,
2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: meta.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <utils.h>
#include <avl_tree.h>
#include <errno.h>
#include <syslog.h>
#include <unistd.h>
#include <string.h>
/* This line must be below the rest for FreeBSD */
#include <sys/types.h>
#include <sys/socket.h>
#include <openssl/evp.h>
#include "net.h"
#include "connection.h"
#include "system.h"
#include "protocol.h"
int send_meta(connection_t *c, char *buffer, int length)
{
char *bufp;
int outlen;
char outbuf[MAXBUFSIZE];
cp
if(debug_lvl >= DEBUG_META)
syslog(LOG_DEBUG, _("Sending %d bytes of metadata to %s (%s)"), length,
c->name, c->hostname);
if(c->status.encryptout)
{
EVP_EncryptUpdate(c->outctx, outbuf, &outlen, buffer, length);
bufp = outbuf;
length = outlen;
}
else
bufp = buffer;
if(write(c->socket, bufp, length) < 0)
{
syslog(LOG_ERR, _("Sending meta data to %s (%s) failed: %s"), c->name, c->hostname, strerror(errno));
return -1;
}
cp
return 0;
}
void broadcast_meta(connection_t *from, char *buffer, int length)
{
avl_node_t *node;
connection_t *c;
cp
for(node = connection_tree->head; node; node = node->next)
{
c = (connection_t *)node->data;
if(c != from && c->status.active)
send_meta(c, buffer, length);
}
cp
}
int receive_meta(connection_t *c)
{
int x, l = sizeof(x);
int oldlen, i;
int lenin, reqlen;
int decrypted = 0;
char inbuf[MAXBUFSIZE];
cp
if(getsockopt(c->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
{
syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%s %s (%s)"), __FILE__, __LINE__, c->socket, strerror(errno),
c->name, c->hostname);
return -1;
}
if(x)
{
syslog(LOG_ERR, _("Metadata socket error for %s (%s): %s"),
c->name, c->hostname, strerror(x));
return -1;
}
/* Strategy:
- Read as much as possible from the TCP socket in one go.
- Decrypt it.
- Check if a full request is in the input buffer.
- If yes, process request and remove it from the buffer,
then check again.
- If not, keep stuff in buffer and exit.
*/
lenin = read(c->socket, c->buffer + c->buflen, MAXBUFSIZE - c->buflen);
if(lenin<=0)
{
if(lenin==0)
{
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_NOTICE, _("Connection closed by %s (%s)"),
c->name, c->hostname);
}
else
if(errno==EINTR)
return 0;
else
syslog(LOG_ERR, _("Metadata socket read error for %s (%s): %s"),
c->name, c->hostname, strerror(errno));
return -1;
}
oldlen = c->buflen;
c->buflen += lenin;
while(lenin)
{
/* Decrypt */
if(c->status.decryptin && !decrypted)
{
EVP_DecryptUpdate(c->inctx, inbuf, &lenin, c->buffer + oldlen, lenin);
memcpy(c->buffer + oldlen, inbuf, lenin);
decrypted = 1;
}
/* Are we receiving a TCPpacket? */
if(c->tcplen)
{
if(c->tcplen <= c->buflen)
{
receive_tcppacket(c, c->buffer, c->tcplen);
c->buflen -= c->tcplen;
lenin -= c->tcplen;
memmove(c->buffer, c->buffer + c->tcplen, c->buflen);
oldlen = 0;
c->tcplen = 0;
continue;
}
else
{
break;
}
}
/* Otherwise we are waiting for a request */
reqlen = 0;
for(i = oldlen; i < c->buflen; i++)
{
if(c->buffer[i] == '\n')
{
c->buffer[i] = '\0'; /* replace end-of-line by end-of-string so we can use sscanf */
reqlen = i + 1;
break;
}
}
if(reqlen)
{
if(receive_request(c))
return -1;
c->buflen -= reqlen;
lenin -= reqlen;
memmove(c->buffer, c->buffer + reqlen, c->buflen);
oldlen = 0;
continue;
}
else
{
break;
}
}
if(c->buflen >= MAXBUFSIZE)
{
syslog(LOG_ERR, _("Metadata read buffer overflow for %s (%s)"),
c->name, c->hostname);
return -1;
}
c->last_ping_time = now;
cp
return 0;
}

32
src/meta.h Normal file
View file

@ -0,0 +1,32 @@
/*
meta.h -- header for meta.c
Copyright (C) 2000-2002 Guus Sliepen <guus@sliepen.warande.net>,
2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: meta.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_META_H__
#define __TINC_META_H__
#include "connection.h"
extern int send_meta(connection_t *, const char *, int);
extern int broadcast_meta(connection_t *, const char *, int);
extern int receive_meta(connection_t *);
#endif /* __TINC_META_H__ */

1349
src/net.c
View file

File diff suppressed because it is too large Load diff

153
src/net.h
View file

@ -1,6 +1,7 @@
/*
net.h -- header for net.c
Copyright (C) 1998,1999,2000 Ivo Timmermans <zarq@iname.com>
Copyright (C) 1998-2002 Ivo Timmermans <zarq@iname.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -16,49 +17,47 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net.h,v 1.10 2000/10/18 20:12:09 zarq Exp $
$Id: net.h,v 1.11 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_NET_H__
#define __TINC_NET_H__
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <sys/time.h>
#include "config.h"
#define MAXSIZE 1700 /* should be a bit more than the MTU for the tapdevice */
#define MTU 1600
#define MAC_ADDR_S "%02x:%02x:%02x:%02x:%02x:%02x"
#define MAC_ADDR_V(x) ((unsigned char*)&(x))[0],((unsigned char*)&(x))[1], \
((unsigned char*)&(x))[2],((unsigned char*)&(x))[3], \
((unsigned char*)&(x))[4],((unsigned char*)&(x))[5]
#define IP_ADDR_S "%d.%d.%d.%d"
#ifdef WORDS_BIGENDIAN
# define IP_ADDR_V(x) ((unsigned char*)&(x))[0],((unsigned char*)&(x))[1], \
((unsigned char*)&(x))[2],((unsigned char*)&(x))[3]
#ifdef ENABLE_JUMBOGRAMS
#define MTU 9014 /* 9000 bytes payload + 14 bytes ethernet header */
#define MAXSIZE 9100 /* MTU + header (seqno) and trailer (CBC padding and HMAC) */
#define MAXBUFSIZE 9100 /* Must support TCP packets of length 9000. */
#else
# define IP_ADDR_V(x) ((unsigned char*)&(x))[3],((unsigned char*)&(x))[2], \
((unsigned char*)&(x))[1],((unsigned char*)&(x))[0]
#define MTU 1514 /* 1500 bytes payload + 14 bytes ethernet header */
#define MAXSIZE 1600 /* MTU + header (seqno) and trailer (CBC padding and HMAC) */
#define MAXBUFSIZE 2100 /* Quite large but needed for support of keys up to 8192 bits. */
#endif
#define MAXBUFSIZE 4096 /* Probably way too much, but it must fit every possible request. */
#define MAXSOCKETS 128 /* Overkill... */
/* flags */
#define INDIRECTDATA 0x0001 /* Used to indicate that this host has to be reached indirect */
#define EXPORTINDIRECTDATA 0x0002 /* Used to indicate uplink that it has to tell others to do INDIRECTDATA */
#define TCPONLY 0x0004 /* Tells sender to send packets over TCP instead of UDP (for firewalls) */
#define MAXQUEUELENGTH 8 /* Maximum number of packats in a single queue */
typedef struct mac_t
{
unsigned char x[6];
} mac_t;
typedef unsigned long ipv4_t;
typedef struct ipv4_t
{
unsigned char x[4];
} ipv4_t;
typedef ipv4_t ip_t; /* alias for ipv4_t */
typedef struct ip_mask_t {
ipv4_t address;
ipv4_t mask;
} ip_mask_t;
typedef struct ipv6_t
{
@ -69,37 +68,25 @@ typedef unsigned short port_t;
typedef short length_t;
typedef union {
struct sockaddr sa;
struct sockaddr_in in;
struct sockaddr_in6 in6;
} sockaddr_t;
#ifdef SA_LEN
#define SALEN(s) SA_LEN(&s)
#else
#define SALEN(s) (s.sa_family==AF_INET?sizeof(struct sockaddr_in):sizeof(struct sockaddr_in6))
#endif
typedef struct vpn_packet_t {
length_t len; /* the actual number of bytes in the `data' field */
length_t len; /* the actual number of bytes in the `data' field */
int priority; /* priority or TOS */
unsigned int seqno; /* 32 bits sequence number (network byte order of course) */
unsigned char data[MAXSIZE];
} vpn_packet_t;
typedef struct passphrase_t {
unsigned short len;
unsigned char *phrase;
} passphrase_t;
typedef struct status_bits_t {
int pinged:1; /* sent ping */
int got_pong:1; /* received pong */
int meta:1; /* meta connection exists */
int active:1; /* 1 if active.. */
int outgoing:1; /* I myself asked for this conn */
int termreq:1; /* the termination of this connection was requested */
int remove:1; /* Set to 1 if you want this connection removed */
int timeout:1; /* 1 if gotten timeout */
int validkey:1; /* 1 if we currently have a valid key for him */
int waitingforkey:1; /* 1 if we already sent out a request */
int dataopen:1; /* 1 if we have a valid UDP connection open */
int encryptout:1; /* 1 if we can encrypt outgoing traffic */
int decryptin:1; /* 1 if we have to decrypt incoming traffic */
int unused:18;
} status_bits_t;
typedef struct option_bits_t {
int unused:32;
} option_bits_t;
typedef struct queue_element_t {
void *packet;
struct queue_element_t *prev;
@ -111,36 +98,56 @@ typedef struct packet_queue_t {
queue_element_t *tail;
} packet_queue_t;
typedef struct enc_key_t {
int length;
char *key;
time_t expiry;
} enc_key_t;
typedef struct outgoing_t {
char *name;
int timeout;
struct config_t *cfg;
struct addrinfo *ai;
struct addrinfo *aip;
} outgoing_t;
extern int tap_fd;
typedef struct listen_socket_t {
int tcp;
int udp;
sockaddr_t sa;
} listen_socket_t;
extern int total_tap_in;
extern int total_tap_out;
extern int total_socket_in;
extern int total_socket_out;
extern int maxtimeout;
extern int seconds_till_retry;
extern int addressfamily;
extern char *unknown;
extern char *request_name[];
extern char *status_text[];
extern char *request_name[256];
extern char *status_text[10];
#include "connection.h" /* Yes, very strange placement indeed, but otherwise the typedefs get all tangled up */
#include "connlist.h" /* Yes, very strange placement indeed, but otherwise the typedefs get all tangled up */
extern listen_socket_t listen_socket[MAXSOCKETS];
extern int listen_sockets;
extern int keyexpires;
extern int keylifetime;
extern int do_prune;
extern int do_purge;
extern char *myport;
extern time_t now;
extern int str2opt(const char *);
extern char *opt2str(int);
extern int send_packet(ip_t, vpn_packet_t *);
extern void retry_outgoing(outgoing_t *);
extern void handle_incoming_vpn_data(int);
extern void finish_connecting(connection_t *);
extern void do_outgoing_connection(connection_t *);
extern int handle_new_meta_connection(int);
extern int setup_listen_socket(sockaddr_t *);
extern int setup_vpn_in_socket(sockaddr_t *);
extern void send_packet(struct node_t *, vpn_packet_t *);
extern void receive_packet(struct node_t *, vpn_packet_t *);
extern void receive_tcppacket(struct connection_t *, char *, int);
extern void broadcast_packet(struct node_t *, vpn_packet_t *);
extern int setup_network_connections(void);
extern void setup_outgoing_connection(struct outgoing_t *);
extern void try_outgoing_connections(void);
extern void close_network_connections(void);
extern void main_loop(void);
extern int setup_vpn_connection(conn_list_t *);
extern void terminate_connection(conn_list_t *);
extern void flush_queues(conn_list_t *);
extern int xrecv(vpn_packet_t *);
extern void add_queue(packet_queue_t **, void *, size_t);
extern void terminate_connection(connection_t *, int);
extern void flush_queue(struct node_t *);
extern int read_rsa_public_key(struct connection_t *);
#endif /* __TINC_NET_H__ */

431
src/net_packet.c Normal file
View file

@ -0,0 +1,431 @@
/*
net_packet.c -- Handles in- and outgoing VPN packets
Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_packet.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <netinet/in.h>
#ifdef HAVE_LINUX
#include <netinet/ip.h>
#include <netinet/tcp.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <sys/time.h>
#include <sys/types.h>
#include <syslog.h>
#include <unistd.h>
#include <sys/ioctl.h>
/* SunOS really wants sys/socket.h BEFORE net/if.h,
and FreeBSD wants these lines below the rest. */
#include <arpa/inet.h>
#include <sys/socket.h>
#include <net/if.h>
#include <openssl/rand.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/hmac.h>
#ifndef HAVE_RAND_PSEUDO_BYTES
#define RAND_pseudo_bytes RAND_bytes
#endif
#include <zlib.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include <list.h>
#include "conf.h"
#include "connection.h"
#include "meta.h"
#include "net.h"
#include "netutl.h"
#include "process.h"
#include "protocol.h"
#include "subnet.h"
#include "graph.h"
#include "process.h"
#include "route.h"
#include "device.h"
#include "event.h"
#include "system.h"
int keylifetime = 0;
int keyexpires = 0;
#define MAX_SEQNO 1073741824
/* VPN packet I/O */
void receive_udppacket(node_t *n, vpn_packet_t *inpkt)
{
vpn_packet_t pkt1, pkt2;
vpn_packet_t *pkt[] = {&pkt1, &pkt2, &pkt1, &pkt2};
int nextpkt = 0;
vpn_packet_t *outpkt = pkt[0];
int outlen, outpad;
long int complen = MTU + 12;
EVP_CIPHER_CTX ctx;
char hmac[EVP_MAX_MD_SIZE];
cp
/* Check the message authentication code */
if(myself->digest && myself->maclength)
{
inpkt->len -= myself->maclength;
HMAC(myself->digest, myself->key, myself->keylength, (char *)&inpkt->seqno, inpkt->len, hmac, NULL);
if(memcmp(hmac, (char *)&inpkt->seqno + inpkt->len, myself->maclength))
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Got unauthenticated packet from %s (%s)"), n->name, n->hostname);
return;
}
}
/* Decrypt the packet */
if(myself->cipher)
{
outpkt = pkt[nextpkt++];
EVP_DecryptInit(&ctx, myself->cipher, myself->key, myself->key + myself->cipher->key_len);
EVP_DecryptUpdate(&ctx, (char *)&outpkt->seqno, &outlen, (char *)&inpkt->seqno, inpkt->len);
EVP_DecryptFinal(&ctx, (char *)&outpkt->seqno + outlen, &outpad);
outpkt->len = outlen + outpad;
inpkt = outpkt;
}
/* Check the sequence number */
inpkt->len -= sizeof(inpkt->seqno);
inpkt->seqno = ntohl(inpkt->seqno);
if(inpkt->seqno <= n->received_seqno)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Got late or replayed packet from %s (%s), seqno %d"), n->name, n->hostname, inpkt->seqno);
return;
}
n->received_seqno = inpkt->seqno;
if(n->received_seqno > MAX_SEQNO)
keyexpires = 0;
/* Decompress the packet */
if(myself->compression)
{
outpkt = pkt[nextpkt++];
if(uncompress(outpkt->data, &complen, inpkt->data, inpkt->len) != Z_OK)
{
syslog(LOG_ERR, _("Error while uncompressing packet from %s (%s)"), n->name, n->hostname);
return;
}
outpkt->len = complen;
inpkt = outpkt;
}
receive_packet(n, inpkt);
cp
}
void receive_tcppacket(connection_t *c, char *buffer, int len)
{
vpn_packet_t outpkt;
cp
outpkt.len = len;
memcpy(outpkt.data, buffer, len);
receive_packet(c->node, &outpkt);
cp
}
void receive_packet(node_t *n, vpn_packet_t *packet)
{
cp
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), packet->len, n->name, n->hostname);
route_incoming(n, packet);
cp
}
void send_udppacket(node_t *n, vpn_packet_t *inpkt)
{
vpn_packet_t pkt1, pkt2;
vpn_packet_t *pkt[] = {&pkt1, &pkt2, &pkt1, &pkt2};
int nextpkt = 0;
vpn_packet_t *outpkt;
int origlen;
int outlen, outpad;
long int complen = MTU + 12;
EVP_CIPHER_CTX ctx;
vpn_packet_t *copy;
static int priority = 0;
int origpriority;
int sock;
cp
/* Make sure we have a valid key */
if(!n->status.validkey)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"),
n->name, n->hostname);
/* Since packet is on the stack of handle_tap_input(),
we have to make a copy of it first. */
copy = xmalloc(sizeof(vpn_packet_t));
memcpy(copy, inpkt, sizeof(vpn_packet_t));
list_insert_tail(n->queue, copy);
if(n->queue->count > MAXQUEUELENGTH)
list_delete_head(n->queue);
if(!n->status.waitingforkey)
send_req_key(n->nexthop->connection, myself, n);
n->status.waitingforkey = 1;
return;
}
origlen = inpkt->len;
origpriority = inpkt->priority;
/* Compress the packet */
if(n->compression)
{
outpkt = pkt[nextpkt++];
if(compress2(outpkt->data, &complen, inpkt->data, inpkt->len, n->compression) != Z_OK)
{
syslog(LOG_ERR, _("Error while compressing packet to %s (%s)"), n->name, n->hostname);
return;
}
outpkt->len = complen;
inpkt = outpkt;
}
/* Add sequence number */
inpkt->seqno = htonl(++(n->sent_seqno));
inpkt->len += sizeof(inpkt->seqno);
/* Encrypt the packet */
if(n->cipher)
{
outpkt = pkt[nextpkt++];
EVP_EncryptInit(&ctx, n->cipher, n->key, n->key + n->cipher->key_len);
EVP_EncryptUpdate(&ctx, (char *)&outpkt->seqno, &outlen, (char *)&inpkt->seqno, inpkt->len);
EVP_EncryptFinal(&ctx, (char *)&outpkt->seqno + outlen, &outpad);
outpkt->len = outlen + outpad;
inpkt = outpkt;
}
/* Add the message authentication code */
if(n->digest && n->maclength)
{
HMAC(n->digest, n->key, n->keylength, (char *)&inpkt->seqno, inpkt->len, (char *)&inpkt->seqno + inpkt->len, &outlen);
inpkt->len += n->maclength;
}
/* Determine which socket we have to use */
for(sock = 0; sock < listen_sockets; sock++)
if(n->address.sa.sa_family == listen_socket[sock].sa.sa.sa_family)
break;
if(sock >= listen_sockets)
sock = 0; /* If none is available, just use the first and hope for the best. */
/* Send the packet */
#if defined(SOL_IP) && defined(IP_TOS)
if(priorityinheritance && origpriority != priority && listen_socket[sock].sa.sa.sa_family == AF_INET)
{
priority = origpriority;
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_DEBUG, _("Setting outgoing packet priority to %d"), priority);
if(setsockopt(sock, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */
syslog(LOG_ERR, _("System call `%s' failed: %s"), "setsockopt", strerror(errno));
}
#endif
if((sendto(listen_socket[sock].udp, (char *)&inpkt->seqno, inpkt->len, 0, &(n->address.sa), SALEN(n->address.sa))) < 0)
{
syslog(LOG_ERR, _("Error sending packet to %s (%s): %s"),
n->name, n->hostname, strerror(errno));
return;
}
inpkt->len = origlen;
cp
}
/*
send a packet to the given vpn ip.
*/
void send_packet(node_t *n, vpn_packet_t *packet)
{
node_t *via;
cp
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
packet->len, n->name, n->hostname);
if(n == myself)
{
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_NOTICE, _("Packet is looping back to us!"));
}
return;
}
if(!n->status.reachable)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("Node %s (%s) is not reachable"),
n->name, n->hostname);
return;
}
via = (n->via == myself)?n->nexthop:n->via;
if(via != n && debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_ERR, _("Sending packet to %s via %s (%s)"),
n->name, via->name, n->via->hostname);
if((myself->options | via->options) & OPTION_TCPONLY)
{
if(send_tcppacket(via->connection, packet))
terminate_connection(via->connection, 1);
}
else
send_udppacket(via, packet);
}
/* Broadcast a packet using the minimum spanning tree */
void broadcast_packet(node_t *from, vpn_packet_t *packet)
{
avl_node_t *node;
connection_t *c;
cp
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("Broadcasting packet of %d bytes from %s (%s)"),
packet->len, from->name, from->hostname);
for(node = connection_tree->head; node; node = node->next)
{
c = (connection_t *)node->data;
if(c->status.active && c->status.mst && c != from->nexthop->connection)
send_packet(c->node, packet);
}
cp
}
void flush_queue(node_t *n)
{
list_node_t *node, *next;
cp
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("Flushing queue for %s (%s)"), n->name, n->hostname);
for(node = n->queue->head; node; node = next)
{
next = node->next;
send_udppacket(n, (vpn_packet_t *)node->data);
list_delete_node(n->queue, node);
}
cp
}
void handle_incoming_vpn_data(int sock)
{
vpn_packet_t pkt;
int x, l = sizeof(x);
char *hostname;
sockaddr_t from;
socklen_t fromlen = sizeof(from);
node_t *n;
cp
if(getsockopt(sock, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
{
syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%s"),
__FILE__, __LINE__, sock, strerror(errno));
cp_trace();
exit(1);
}
if(x)
{
syslog(LOG_ERR, _("Incoming data socket error: %s"), strerror(x));
return;
}
if((pkt.len = recvfrom(sock, (char *)&pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen)) <= 0)
{
syslog(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno));
return;
}
sockaddrunmap(&from); /* Some braindead IPv6 implementations do stupid things. */
n = lookup_node_udp(&from);
if(!n)
{
hostname = sockaddr2hostname(&from);
syslog(LOG_WARNING, _("Received UDP packet from unknown source %s"), hostname);
free(hostname);
return;
}
if(n->connection)
n->connection->last_ping_time = now;
receive_udppacket(n, &pkt);
cp
}

564
src/net_setup.c Normal file
View file

@ -0,0 +1,564 @@
/*
net_setup.c -- Setup.
Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_setup.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <netinet/in.h>
#ifdef HAVE_LINUX
#include <netinet/ip.h>
#include <netinet/tcp.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <sys/time.h>
#include <sys/types.h>
#include <syslog.h>
#include <unistd.h>
#include <sys/ioctl.h>
/* SunOS really wants sys/socket.h BEFORE net/if.h,
and FreeBSD wants these lines below the rest. */
#include <arpa/inet.h>
#include <sys/socket.h>
#include <net/if.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include <list.h>
#include "conf.h"
#include "connection.h"
#include "meta.h"
#include "net.h"
#include "netutl.h"
#include "process.h"
#include "protocol.h"
#include "subnet.h"
#include "graph.h"
#include "process.h"
#include "route.h"
#include "device.h"
#include "event.h"
#include "system.h"
char *myport;
int read_rsa_public_key(connection_t *c)
{
FILE *fp;
char *fname;
char *key;
cp
if(!c->rsa_key)
c->rsa_key = RSA_new();
/* First, check for simple PublicKey statement */
if(get_config_string(lookup_config(c->config_tree, "PublicKey"), &key))
{
BN_hex2bn(&c->rsa_key->n, key);
BN_hex2bn(&c->rsa_key->e, "FFFF");
free(key);
return 0;
}
/* Else, check for PublicKeyFile statement and read it */
if(get_config_string(lookup_config(c->config_tree, "PublicKeyFile"), &fname))
{
if(is_safe_path(fname))
{
if((fp = fopen(fname, "r")) == NULL)
{
syslog(LOG_ERR, _("Error reading RSA public key file `%s': %s"),
fname, strerror(errno));
free(fname);
return -1;
}
free(fname);
c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
fclose(fp);
if(!c->rsa_key)
{
syslog(LOG_ERR, _("Reading RSA public key file `%s' failed: %s"),
fname, strerror(errno));
return -1;
}
return 0;
}
else
{
free(fname);
return -1;
}
}
/* Else, check if a harnessed public key is in the config file */
asprintf(&fname, "%s/hosts/%s", confbase, c->name);
if((fp = fopen(fname, "r")))
{
c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
fclose(fp);
}
free(fname);
if(c->rsa_key)
return 0;
else
{
syslog(LOG_ERR, _("No public key for %s specified!"), c->name);
return -1;
}
}
int read_rsa_private_key(void)
{
FILE *fp;
char *fname, *key;
cp
if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key))
{
myself->connection->rsa_key = RSA_new();
BN_hex2bn(&myself->connection->rsa_key->d, key);
BN_hex2bn(&myself->connection->rsa_key->e, "FFFF");
free(key);
return 0;
}
if(!get_config_string(lookup_config(config_tree, "PrivateKeyFile"), &fname))
asprintf(&fname, "%s/rsa_key.priv", confbase);
if(is_safe_path(fname))
{
if((fp = fopen(fname, "r")) == NULL)
{
syslog(LOG_ERR, _("Error reading RSA private key file `%s': %s"),
fname, strerror(errno));
free(fname);
return -1;
}
free(fname);
myself->connection->rsa_key = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
fclose(fp);
if(!myself->connection->rsa_key)
{
syslog(LOG_ERR, _("Reading RSA private key file `%s' failed: %s"),
fname, strerror(errno));
return -1;
}
return 0;
}
free(fname);
return -1;
}
/*
Configure node_t myself and set up the local sockets (listen only)
*/
int setup_myself(void)
{
config_t *cfg;
subnet_t *subnet;
char *name, *hostname, *mode, *afname, *cipher, *digest;
struct addrinfo hint, *ai, *aip;
int choice, err;
cp
myself = new_node();
myself->connection = new_connection();
init_configuration(&myself->connection->config_tree);
asprintf(&myself->hostname, _("MYSELF"));
asprintf(&myself->connection->hostname, _("MYSELF"));
myself->connection->options = 0;
myself->connection->protocol_version = PROT_CURRENT;
if(!get_config_string(lookup_config(config_tree, "Name"), &name)) /* Not acceptable */
{
syslog(LOG_ERR, _("Name for tinc daemon required!"));
return -1;
}
if(check_id(name))
{
syslog(LOG_ERR, _("Invalid name for myself!"));
free(name);
return -1;
}
myself->name = name;
myself->connection->name = xstrdup(name);
cp
if(read_rsa_private_key())
return -1;
if(read_connection_config(myself->connection))
{
syslog(LOG_ERR, _("Cannot open host configuration file for myself!"));
return -1;
}
if(read_rsa_public_key(myself->connection))
return -1;
cp
if(!get_config_string(lookup_config(myself->connection->config_tree, "Port"), &myport))
asprintf(&myport, "655");
/* Read in all the subnets specified in the host configuration file */
cfg = lookup_config(myself->connection->config_tree, "Subnet");
while(cfg)
{
if(!get_config_subnet(cfg, &subnet))
return -1;
subnet_add(myself, subnet);
cfg = lookup_config_next(myself->connection->config_tree, cfg);
}
cp
/* Check some options */
if(get_config_bool(lookup_config(config_tree, "IndirectData"), &choice))
if(choice)
myself->options |= OPTION_INDIRECT;
if(get_config_bool(lookup_config(config_tree, "TCPOnly"), &choice))
if(choice)
myself->options |= OPTION_TCPONLY;
if(get_config_bool(lookup_config(myself->connection->config_tree, "IndirectData"), &choice))
if(choice)
myself->options |= OPTION_INDIRECT;
if(get_config_bool(lookup_config(myself->connection->config_tree, "TCPOnly"), &choice))
if(choice)
myself->options |= OPTION_TCPONLY;
if(myself->options & OPTION_TCPONLY)
myself->options |= OPTION_INDIRECT;
if(get_config_string(lookup_config(config_tree, "Mode"), &mode))
{
if(!strcasecmp(mode, "router"))
routing_mode = RMODE_ROUTER;
else if (!strcasecmp(mode, "switch"))
routing_mode = RMODE_SWITCH;
else if (!strcasecmp(mode, "hub"))
routing_mode = RMODE_HUB;
else
{
syslog(LOG_ERR, _("Invalid routing mode!"));
return -1;
}
free(mode);
}
else
routing_mode = RMODE_ROUTER;
get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance);
#if !defined(SOL_IP) || !defined(IP_TOS)
if(priorityinheritance)
syslog(LOG_WARNING, _("PriorityInheritance not supported on this platform"));
#endif
if(!get_config_int(lookup_config(config_tree, "MACExpire"), &macexpire))
macexpire= 600;
if(get_config_int(lookup_config(myself->connection->config_tree, "MaxTimeout"), &maxtimeout))
{
if(maxtimeout <= 0)
{
syslog(LOG_ERR, _("Bogus maximum timeout!"));
return -1;
}
}
else
maxtimeout = 900;
if(get_config_string(lookup_config(config_tree, "AddressFamily"), &afname))
{
if(!strcasecmp(afname, "IPv4"))
addressfamily = AF_INET;
else if (!strcasecmp(afname, "IPv6"))
addressfamily = AF_INET6;
else if (!strcasecmp(afname, "any"))
addressfamily = AF_UNSPEC;
else
{
syslog(LOG_ERR, _("Invalid address family!"));
return -1;
}
free(afname);
}
else
addressfamily = AF_INET;
get_config_bool(lookup_config(config_tree, "Hostnames"), &hostnames);
cp
/* Generate packet encryption key */
if(get_config_string(lookup_config(myself->connection->config_tree, "Cipher"), &cipher))
{
if(!strcasecmp(cipher, "none"))
{
myself->cipher = NULL;
}
else
{
if(!(myself->cipher = EVP_get_cipherbyname(cipher)))
{
syslog(LOG_ERR, _("Unrecognized cipher type!"));
return -1;
}
}
}
else
myself->cipher = EVP_bf_cbc();
if(myself->cipher)
myself->keylength = myself->cipher->key_len + myself->cipher->iv_len;
else
myself->keylength = 1;
myself->connection->outcipher = EVP_bf_ofb();
myself->key = (char *)xmalloc(myself->keylength);
RAND_pseudo_bytes(myself->key, myself->keylength);
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
keyexpires = now + keylifetime;
/* Check if we want to use message authentication codes... */
if(get_config_string(lookup_config(myself->connection->config_tree, "Digest"), &digest))
{
if(!strcasecmp(digest, "none"))
{
myself->digest = NULL;
}
else
{
if(!(myself->digest = EVP_get_digestbyname(digest)))
{
syslog(LOG_ERR, _("Unrecognized digest type!"));
return -1;
}
}
}
else
myself->digest = EVP_sha1();
myself->connection->outdigest = EVP_sha1();
if(get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->maclength))
{
if(myself->digest)
{
if(myself->maclength > myself->digest->md_size)
{
syslog(LOG_ERR, _("MAC length exceeds size of digest!"));
return -1;
}
else if (myself->maclength < 0)
{
syslog(LOG_ERR, _("Bogus MAC length!"));
return -1;
}
}
}
else
myself->maclength = 4;
myself->connection->outmaclength = 0;
/* Compression */
if(get_config_int(lookup_config(myself->connection->config_tree, "Compression"), &myself->compression))
{
if(myself->compression < 0 || myself->compression > 9)
{
syslog(LOG_ERR, _("Bogus compression level!"));
return -1;
}
}
else
myself->compression = 0;
myself->connection->outcompression = 0;
cp
/* Done */
myself->nexthop = myself;
myself->via = myself;
myself->status.active = 1;
myself->status.reachable = 1;
node_add(myself);
graph();
cp
/* Open sockets */
memset(&hint, 0, sizeof(hint));
hint.ai_family = addressfamily;
hint.ai_socktype = SOCK_STREAM;
hint.ai_protocol = IPPROTO_TCP;
hint.ai_flags = AI_PASSIVE;
if((err = getaddrinfo(NULL, myport, &hint, &ai)) || !ai)
{
syslog(LOG_ERR, _("System call `%s' failed: %s"), "getaddrinfo", gai_strerror(err));
return -1;
}
for(aip = ai; aip; aip = aip->ai_next)
{
if((listen_socket[listen_sockets].tcp = setup_listen_socket((sockaddr_t *)aip->ai_addr)) < 0)
continue;
if((listen_socket[listen_sockets].udp = setup_vpn_in_socket((sockaddr_t *)aip->ai_addr)) < 0)
continue;
if(debug_lvl >= DEBUG_CONNECTIONS)
{
hostname = sockaddr2hostname((sockaddr_t *)aip->ai_addr);
syslog(LOG_NOTICE, _("Listening on %s"), hostname);
free(hostname);
}
listen_socket[listen_sockets].sa.sa = *aip->ai_addr;
listen_sockets++;
}
freeaddrinfo(ai);
if(listen_sockets)
syslog(LOG_NOTICE, _("Ready"));
else
{
syslog(LOG_ERR, _("Unable to create any listening socket!"));
return -1;
}
cp
return 0;
}
/*
setup all initial network connections
*/
int setup_network_connections(void)
{
cp
now = time(NULL);
init_connections();
init_subnets();
init_nodes();
init_edges();
init_events();
init_requests();
if(get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout))
{
if(pingtimeout < 1)
{
pingtimeout = 86400;
}
}
else
pingtimeout = 60;
if(setup_device() < 0)
return -1;
/* Run tinc-up script to further initialize the tap interface */
execute_script("tinc-up");
if(setup_myself() < 0)
return -1;
try_outgoing_connections();
cp
return 0;
}
/*
close all open network connections
*/
void close_network_connections(void)
{
avl_node_t *node, *next;
connection_t *c;
int i;
cp
for(node = connection_tree->head; node; node = next)
{
next = node->next;
c = (connection_t *)node->data;
if(c->outgoing)
free(c->outgoing->name), free(c->outgoing), c->outgoing = NULL;
terminate_connection(c, 0);
}
if(myself && myself->connection)
terminate_connection(myself->connection, 0);
for(i = 0; i < listen_sockets; i++)
{
close(listen_socket[i].tcp);
close(listen_socket[i].udp);
}
exit_requests();
exit_events();
exit_edges();
exit_subnets();
exit_nodes();
exit_connections();
execute_script("tinc-down");
close_device();
cp
return;
}

484
src/net_socket.c Normal file
View file

@ -0,0 +1,484 @@
/*
net_socket.c -- Handle various kinds of sockets.
Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_socket.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <netinet/in.h>
#ifdef HAVE_LINUX
#include <netinet/ip.h>
#include <netinet/tcp.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <sys/time.h>
#include <sys/types.h>
#include <syslog.h>
#include <unistd.h>
#include <sys/ioctl.h>
/* SunOS really wants sys/socket.h BEFORE net/if.h,
and FreeBSD wants these lines below the rest. */
#include <arpa/inet.h>
#include <sys/socket.h>
#include <net/if.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include <list.h>
#include "conf.h"
#include "connection.h"
#include "meta.h"
#include "net.h"
#include "netutl.h"
#include "process.h"
#include "protocol.h"
#include "subnet.h"
#include "graph.h"
#include "process.h"
#include "route.h"
#include "device.h"
#include "event.h"
#include "system.h"
int addressfamily = AF_INET;
int maxtimeout = 900;
int seconds_till_retry = 5;
listen_socket_t listen_socket[MAXSOCKETS];
int listen_sockets = 0;
/* Setup sockets */
int setup_listen_socket(sockaddr_t *sa)
{
int nfd, flags;
char *addrstr;
int option;
#if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
char *interface;
struct ifreq ifr;
#endif
cp
if((nfd = socket(sa->sa.sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0)
{
syslog(LOG_ERR, _("Creating metasocket failed: %s"), strerror(errno));
return -1;
}
flags = fcntl(nfd, F_GETFL);
if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
{
close(nfd);
syslog(LOG_ERR, _("System call `%s' failed: %s"), "fcntl", strerror(errno));
return -1;
}
/* Optimize TCP settings */
option = 1;
setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option));
#if defined(SOL_TCP) && defined(TCP_NODELAY)
setsockopt(nfd, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
#endif
#if defined(SOL_IP) && defined(IP_TOS) && defined(IPTOS_LOWDELAY)
option = IPTOS_LOWDELAY;
setsockopt(nfd, SOL_IP, IP_TOS, &option, sizeof(option));
#endif
if(get_config_string(lookup_config(config_tree, "BindToInterface"), &interface))
{
#if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_ifrn.ifrn_name, interface, IFNAMSIZ);
if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr)))
{
close(nfd);
syslog(LOG_ERR, _("Can't bind to interface %s: %s"), interface, strerror(errno));
return -1;
}
#else
syslog(LOG_WARNING, _("BindToDevice not supported on this platform"));
#endif
}
if(bind(nfd, &sa->sa, SALEN(sa->sa)))
{
close(nfd);
addrstr = sockaddr2hostname(sa);
syslog(LOG_ERR, _("Can't bind to %s/tcp: %s"), addrstr, strerror(errno));
free(addrstr);
return -1;
}
if(listen(nfd, 3))
{
close(nfd);
syslog(LOG_ERR, _("System call `%s' failed: %s"), "listen", strerror(errno));
return -1;
}
cp
return nfd;
}
int setup_vpn_in_socket(sockaddr_t *sa)
{
int nfd, flags;
char *addrstr;
int option;
#if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
char *interface;
struct ifreq ifr;
#endif
cp
if((nfd = socket(sa->sa.sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0)
{
syslog(LOG_ERR, _("Creating UDP socket failed: %s"), strerror(errno));
return -1;
}
flags = fcntl(nfd, F_GETFL);
if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
{
close(nfd);
syslog(LOG_ERR, _("System call `%s' failed: %s"), "fcntl", strerror(errno));
return -1;
}
option = 1;
setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option));
#if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
if(get_config_string(lookup_config(config_tree, "BindToInterface"), &interface))
{
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_ifrn.ifrn_name, interface, IFNAMSIZ);
if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr)))
{
close(nfd);
syslog(LOG_ERR, _("Can't bind to interface %s: %s"), interface, strerror(errno));
return -1;
}
}
#endif
if(bind(nfd, &sa->sa, SALEN(sa->sa)))
{
close(nfd);
addrstr = sockaddr2hostname(sa);
syslog(LOG_ERR, _("Can't bind to %s/udp: %s"), addrstr, strerror(errno));
free(addrstr);
return -1;
}
cp
return nfd;
}
void retry_outgoing(outgoing_t *outgoing)
{
event_t *event;
cp
outgoing->timeout += 5;
if(outgoing->timeout > maxtimeout)
outgoing->timeout = maxtimeout;
event = new_event();
event->handler = (event_handler_t)setup_outgoing_connection;
event->time = now + outgoing->timeout;
event->data = outgoing;
event_add(event);
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), outgoing->timeout);
cp
}
int setup_outgoing_socket(connection_t *c)
{
int option;
cp
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_INFO, _("Trying to connect to %s (%s)"), c->name, c->hostname);
c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
if(c->socket == -1)
{
syslog(LOG_ERR, _("Creating socket for %s failed: %s"), c->hostname, strerror(errno));
return -1;
}
/* Optimize TCP settings */
#ifdef HAVE_LINUX
option = 1;
setsockopt(c->socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
option = IPTOS_LOWDELAY;
setsockopt(c->socket, SOL_IP, IP_TOS, &option, sizeof(option));
#endif
/* Connect */
if(connect(c->socket, &c->address.sa, SALEN(c->address.sa)) == -1)
{
close(c->socket);
syslog(LOG_ERR, _("Error while connecting to %s (%s): %s"), c->name, c->hostname, strerror(errno));
return -1;
}
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_INFO, _("Connected to %s (%s)"), c->name, c->hostname);
cp
return 0;
}
void finish_connecting(connection_t *c)
{
cp
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_INFO, _("Connected to %s (%s)"), c->name, c->hostname);
c->last_ping_time = now;
send_id(c);
cp
}
void do_outgoing_connection(connection_t *c)
{
char *address, *port;
int option, result, flags;
cp
begin:
if(!c->outgoing->ai)
{
if(!c->outgoing->cfg)
{
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_ERR, _("Could not set up a meta connection to %s"), c->name);
c->status.remove = 1;
retry_outgoing(c->outgoing);
return;
}
get_config_string(c->outgoing->cfg, &address);
if(!get_config_string(lookup_config(c->config_tree, "Port"), &port))
asprintf(&port, "655");
c->outgoing->ai = str2addrinfo(address, port, SOCK_STREAM);
free(address);
free(port);
c->outgoing->aip = c->outgoing->ai;
c->outgoing->cfg = lookup_config_next(c->config_tree, c->outgoing->cfg);
}
if(!c->outgoing->aip)
{
freeaddrinfo(c->outgoing->ai);
c->outgoing->ai = NULL;
goto begin;
}
memcpy(&c->address, c->outgoing->aip->ai_addr, c->outgoing->aip->ai_addrlen);
c->outgoing->aip = c->outgoing->aip->ai_next;
if(c->hostname)
free(c->hostname);
c->hostname = sockaddr2hostname(&c->address);
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_INFO, _("Trying to connect to %s (%s)"), c->name, c->hostname);
c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
if(c->socket == -1)
{
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_ERR, _("Creating socket for %s failed: %s"), c->hostname, strerror(errno));
goto begin;
}
/* Optimize TCP settings */
#ifdef HAVE_LINUX
option = 1;
setsockopt(c->socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
option = IPTOS_LOWDELAY;
setsockopt(c->socket, SOL_IP, IP_TOS, &option, sizeof(option));
#endif
/* Non-blocking */
flags = fcntl(c->socket, F_GETFL);
if(fcntl(c->socket, F_SETFL, flags | O_NONBLOCK) < 0)
{
syslog(LOG_ERR, _("fcntl for %s: %s"), c->hostname, strerror(errno));
}
/* Connect */
result = connect(c->socket, &c->address.sa, SALEN(c->address.sa));
if(result == -1)
{
if(errno == EINPROGRESS)
{
c->status.connecting = 1;
return;
}
close(c->socket);
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_ERR, _("%s: %s"), c->hostname, strerror(errno));
goto begin;
}
finish_connecting(c);
return;
cp
}
void setup_outgoing_connection(outgoing_t *outgoing)
{
connection_t *c;
node_t *n;
cp
n = lookup_node(outgoing->name);
if(n)
if(n->connection)
{
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_INFO, _("Already connected to %s"), outgoing->name);
n->connection->outgoing = outgoing;
return;
}
c = new_connection();
c->name = xstrdup(outgoing->name);
c->outcipher = myself->connection->outcipher;
c->outdigest = myself->connection->outdigest;
c->outmaclength = myself->connection->outmaclength;
c->outcompression = myself->connection->outcompression;
init_configuration(&c->config_tree);
read_connection_config(c);
outgoing->cfg = lookup_config(c->config_tree, "Address");
if(!outgoing->cfg)
{
syslog(LOG_ERR, _("No address specified for %s"), c->name);
free_connection(c);
free(outgoing->name);
free(outgoing);
return;
}
c->outgoing = outgoing;
c->last_ping_time = now;
connection_add(c);
do_outgoing_connection(c);
}
/*
accept a new tcp connect and create a
new connection
*/
int handle_new_meta_connection(int sock)
{
connection_t *c;
sockaddr_t sa;
int fd, len = sizeof(sa);
cp
if((fd = accept(sock, &sa.sa, &len)) < 0)
{
syslog(LOG_ERR, _("Accepting a new connection failed: %s"), strerror(errno));
return -1;
}
sockaddrunmap(&sa);
c = new_connection();
c->outcipher = myself->connection->outcipher;
c->outdigest = myself->connection->outdigest;
c->outmaclength = myself->connection->outmaclength;
c->outcompression = myself->connection->outcompression;
c->address = sa;
c->hostname = sockaddr2hostname(&sa);
c->socket = fd;
c->last_ping_time = now;
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_NOTICE, _("Connection from %s"), c->hostname);
connection_add(c);
c->allow_request = ID;
send_id(c);
cp
return 0;
}
void try_outgoing_connections(void)
{
static config_t *cfg = NULL;
char *name;
outgoing_t *outgoing;
cp
for(cfg = lookup_config(config_tree, "ConnectTo"); cfg; cfg = lookup_config_next(config_tree, cfg))
{
get_config_string(cfg, &name);
if(check_id(name))
{
syslog(LOG_ERR, _("Invalid name for outgoing connection in %s line %d"), cfg->file, cfg->line);
free(name);
continue;
}
outgoing = xmalloc_and_zero(sizeof(*outgoing));
outgoing->name = name;
setup_outgoing_connection(outgoing);
}
}

278
src/netutl.c
View file

@ -1,6 +1,7 @@
/*
netutl.c -- some supporting network utility code
Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -16,119 +17,230 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: netutl.c,v 1.13 2000/10/18 20:12:09 zarq Exp $
$Id: netutl.c,v 1.14 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <arpa/inet.h>
#include <fcntl.h>
#include <netdb.h>
#include <netinet/in.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <sys/socket.h>
#include <syslog.h>
#include <arpa/inet.h>
#include <utils.h>
#include <xalloc.h>
#include "errno.h"
#include "conf.h"
#include "encr.h"
#include "net.h"
#include "netutl.h"
#include "system.h"
int hostnames = 0;
/*
free a queue and all of its elements
Turn a string into a struct addrinfo.
Return NULL on failure.
*/
void destroy_queue(packet_queue_t *pq)
struct addrinfo *str2addrinfo(char *address, char *service, int socktype)
{
queue_element_t *p, *q;
struct addrinfo hint, *ai;
int err;
cp
for(p = pq->head; p != NULL; p = q)
memset(&hint, 0, sizeof(hint));
hint.ai_family = addressfamily;
hint.ai_socktype = socktype;
if((err = getaddrinfo(address, service, &hint, &ai)))
{
q = p->next;
if(p->packet)
free(p->packet);
free(p);
}
free(pq);
cp
}
char *hostlookup(unsigned long addr)
{
char *name;
struct hostent *host = NULL;
struct in_addr in;
config_t const *cfg;
int lookup_hostname;
cp
in.s_addr = addr;
lookup_hostname = 0;
if((cfg = get_config_val(config, resolve_dns)) != NULL)
if(cfg->data.val == stupid_true)
lookup_hostname = 1;
if(lookup_hostname)
host = gethostbyaddr((char *)&in, sizeof(in), AF_INET);
if(!lookup_hostname || !host)
{
asprintf(&name, "%s", inet_ntoa(in));
}
else
{
asprintf(&name, "%s", host->h_name);
}
cp
return name;
}
/*
Turn a string into an IP addy with netmask
return NULL on failure
*/
ip_mask_t *strtoip(char *str)
{
ip_mask_t *ip;
int masker;
char *q, *p;
struct hostent *h;
cp
p = str;
if((q = strchr(p, '/')))
{
*q = '\0';
q++; /* q now points to netmask part, or NULL if no mask */
}
if(!(h = gethostbyname(p)))
{
fprintf(stderr, _("Error looking up `%s': %s\n"), p, strerror(errno));
if(debug_lvl >= DEBUG_ERROR)
syslog(LOG_WARNING, _("Error looking up %s port %s: %s\n"), address, service, gai_strerror(err));
cp_trace();
return NULL;
}
masker = 0;
if(q)
{
masker = strtol(q, &p, 10);
if(q == p || (*p))
return NULL;
}
ip = xmalloc(sizeof(*ip));
ip->ip = ntohl(*((ip_t*)(h->h_addr_list[0])));
ip->mask = masker ? ~((1 << (32 - masker)) - 1) : 0;
cp
return ip;
return ai;
}
sockaddr_t str2sockaddr(char *address, char *port)
{
struct addrinfo hint, *ai;
sockaddr_t result;
int err;
cp
memset(&hint, 0, sizeof(hint));
hint.ai_family = AF_UNSPEC;
hint.ai_flags = AI_NUMERICHOST;
hint.ai_socktype = SOCK_STREAM;
if((err = getaddrinfo(address, port, &hint, &ai) || !ai))
{
syslog(LOG_ERR, _("Error looking up %s port %s: %s\n"), address, port, gai_strerror(err));
cp_trace();
raise(SIGFPE);
exit(0);
}
result = *(sockaddr_t *)ai->ai_addr;
freeaddrinfo(ai);
cp
return result;
}
void sockaddr2str(sockaddr_t *sa, char **addrstr, char **portstr)
{
char address[NI_MAXHOST];
char port[NI_MAXSERV];
char *scopeid;
int err;
cp
if((err = getnameinfo(&sa->sa, SALEN(sa->sa), address, sizeof(address), port, sizeof(port), NI_NUMERICHOST|NI_NUMERICSERV)))
{
syslog(LOG_ERR, _("Error while translating addresses: %s"), gai_strerror(err));
cp_trace();
raise(SIGFPE);
exit(0);
}
#ifdef HAVE_LINUX
if((scopeid = strchr(address, '%')))
*scopeid = '\0'; /* Descope. */
#endif
*addrstr = xstrdup(address);
*portstr = xstrdup(port);
cp
}
char *sockaddr2hostname(sockaddr_t *sa)
{
char *str;
char address[NI_MAXHOST] = "unknown";
char port[NI_MAXSERV] = "unknown";
int err;
cp
if((err = getnameinfo(&sa->sa, SALEN(sa->sa), address, sizeof(address), port, sizeof(port), hostnames?0:(NI_NUMERICHOST|NI_NUMERICSERV))))
{
syslog(LOG_ERR, _("Error while looking up hostname: %s"), gai_strerror(err));
}
asprintf(&str, _("%s port %s"), address, port);
cp
return str;
}
int sockaddrcmp(sockaddr_t *a, sockaddr_t *b)
{
int result;
cp
result = a->sa.sa_family - b->sa.sa_family;
if(result)
return result;
switch(a->sa.sa_family)
{
case AF_UNSPEC:
return 0;
case AF_INET:
result = memcmp(&a->in.sin_addr, &b->in.sin_addr, sizeof(a->in.sin_addr));
if(result)
return result;
return memcmp(&a->in.sin_port, &b->in.sin_port, sizeof(a->in.sin_port));
case AF_INET6:
result = memcmp(&a->in6.sin6_addr, &b->in6.sin6_addr, sizeof(a->in6.sin6_addr));
if(result)
return result;
return memcmp(&a->in6.sin6_port, &b->in6.sin6_port, sizeof(a->in6.sin6_port));
default:
syslog(LOG_ERR, _("sockaddrcmp() was called with unknown address family %d, exitting!"), a->sa.sa_family);
cp_trace();
raise(SIGFPE);
exit(0);
}
cp
}
void sockaddrunmap(sockaddr_t *sa)
{
if(sa->sa.sa_family == AF_INET6 && IN6_IS_ADDR_V4MAPPED(&sa->in6.sin6_addr))
{
sa->in.sin_addr.s_addr = ((uint32_t *)&sa->in6.sin6_addr)[3];
sa->in.sin_family = AF_INET;
}
}
/* Subnet mask handling */
int maskcmp(char *a, char *b, int masklen, int len)
{
int i, m, result;
cp
for(m = masklen, i = 0; m >= 8; m -= 8, i++)
if((result = a[i] - b[i]))
return result;
if(m)
return (a[i] & (0x100 - (1 << (8 - m)))) - (b[i] & (0x100 - (1 << (8 - m))));
return 0;
}
void mask(char *a, int masklen, int len)
{
int i;
cp
i = masklen / 8;
masklen %= 8;
if(masklen)
a[i++] &= (0x100 - (1 << masklen));
for(; i < len; i++)
a[i] = 0;
}
void maskcpy(char *a, char *b, int masklen, int len)
{
int i, m;
cp
for(m = masklen, i = 0; m >= 8; m -= 8, i++)
a[i] = b[i];
if(m)
{
a[i] = b[i] & (0x100 - (1 << m));
i++;
}
for(; i < len; i++)
a[i] = 0;
}
int maskcheck(char *a, int masklen, int len)
{
int i;
cp
i = masklen / 8;
masklen %= 8;
if(masklen)
if(a[i++] & (char)~(0x100 - (1 << masklen)))
return -1;
for(; i < len; i++)
if(a[i] != 0)
return -1;
return 0;
}

23
src/netutl.h
View file

@ -1,6 +1,7 @@
/*
netutl.h -- header file for netutl.c
Copyright (C) 1998,1999,2000 Ivo Timmermans <zarq@iname.com>
Copyright (C) 1998-2002 Ivo Timmermans <zarq@iname.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -16,16 +17,30 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: netutl.h,v 1.3 2000/10/18 20:12:09 zarq Exp $
$Id: netutl.h,v 1.4 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_NETUTL_H__
#define __TINC_NETUTL_H__
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include "net.h"
#include "conf.h"
extern int hostnames;
extern char *hostlookup(unsigned long);
extern ip_mask_t *strtoip(char*);
extern struct addrinfo *str2addrinfo(char *, char *, int);
extern sockaddr_t str2sockaddr(char *, char *);
extern void sockaddr2str(sockaddr_t *, char **, char **);
extern char *sockaddr2hostname(sockaddr_t *);
extern int sockaddrcmp(sockaddr_t *, sockaddr_t *);
extern void sockaddrunmap(sockaddr_t *);
extern int maskcmp(char *, char *, int, int);
extern void maskcpy(char *, char *, int, int);
extern void mask(char *, int, int);
extern int maskcheck(char *, int, int);
#endif /* __TINC_NETUTL_H__ */

173
src/node.c Normal file
View file

@ -0,0 +1,173 @@
/*
node.c -- node tree management
Copyright (C) 2001-2002 Guus Sliepen <guus@sliepen.warande.net>,
2001-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: node.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <string.h>
#include <syslog.h>
#include <avl_tree.h>
#include "node.h"
#include "netutl.h"
#include "net.h"
#include <utils.h>
#include <xalloc.h>
#include "system.h"
avl_tree_t *node_tree; /* Known nodes, sorted by name */
avl_tree_t *node_udp_tree; /* Known nodes, sorted by address and port */
node_t *myself;
int node_compare(node_t *a, node_t *b)
{
return strcmp(a->name, b->name);
}
int node_udp_compare(node_t *a, node_t *b)
{
int result;
cp
result = sockaddrcmp(&a->address, &b->address);
if(result)
return result;
return (a->name && b->name)?strcmp(a->name, b->name):0;
}
void init_nodes(void)
{
cp
node_tree = avl_alloc_tree((avl_compare_t)node_compare, NULL);
node_udp_tree = avl_alloc_tree((avl_compare_t)node_udp_compare, NULL);
cp
}
void exit_nodes(void)
{
cp
avl_delete_tree(node_tree);
avl_delete_tree(node_udp_tree);
cp
}
node_t *new_node(void)
{
node_t *n = (node_t *)xmalloc_and_zero(sizeof(*n));
cp
n->subnet_tree = new_subnet_tree();
n->edge_tree = new_edge_tree();
n->queue = list_alloc((list_action_t)free);
cp
return n;
}
void free_node(node_t *n)
{
cp
if(n->queue)
list_delete_list(n->queue);
if(n->name)
free(n->name);
if(n->hostname)
free(n->hostname);
if(n->key)
free(n->key);
if(n->subnet_tree)
free_subnet_tree(n->subnet_tree);
if(n->edge_tree)
free_edge_tree(n->edge_tree);
free(n);
cp
}
void node_add(node_t *n)
{
cp
avl_insert(node_tree, n);
avl_insert(node_udp_tree, n);
cp
}
void node_del(node_t *n)
{
avl_node_t *node, *next;
edge_t *e;
subnet_t *s;
cp
for(node = n->subnet_tree->head; node; node = next)
{
next = node->next;
s = (subnet_t *)node->data;
subnet_del(n, s);
}
for(node = n->subnet_tree->head; node; node = next)
{
next = node->next;
e = (edge_t *)node->data;
edge_del(e);
}
cp
avl_delete(node_tree, n);
avl_delete(node_udp_tree, n);
cp
}
node_t *lookup_node(char *name)
{
node_t n;
cp
n.name = name;
return avl_search(node_tree, &n);
}
node_t *lookup_node_udp(sockaddr_t *sa)
{
node_t n;
cp
n.address = *sa;
n.name = NULL;
return avl_search(node_udp_tree, &n);
}
void dump_nodes(void)
{
avl_node_t *node;
node_t *n;
cp
syslog(LOG_DEBUG, _("Nodes:"));
for(node = node_tree->head; node; node = node->next)
{
n = (node_t *)node->data;
syslog(LOG_DEBUG, _(" %s at %s cipher %d digest %d maclength %d compression %d options %lx status %04x nexthop %s via %s"),
n->name, n->hostname, n->cipher?n->cipher->nid:0, n->digest?n->digest->type:0, n->maclength, n->compression, n->options,
n->status, n->nexthop?n->nexthop->name:"-", n->via?n->via->name:"-");
}
syslog(LOG_DEBUG, _("End of nodes."));
cp
}

88
src/node.h Normal file
View file

@ -0,0 +1,88 @@
/*
node.h -- header for node.c
Copyright (C) 2001-2002 Guus Sliepen <guus@sliepen.warande.net>,
2001-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: node.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_NODE_H__
#define __TINC_NODE_H__
#include <avl_tree.h>
#include "subnet.h"
#include "connection.h"
typedef struct node_status_t {
int active:1; /* 1 if active.. */
int validkey:1; /* 1 if we currently have a valid key for him */
int waitingforkey:1; /* 1 if we already sent out a request */
int visited:1; /* 1 if this node has been visited by one of the graph algorithms */
int reachable:1; /* 1 if this node is reachable in the graph */
int indirect:1; /* 1 if this node is not directly reachable by us */
int unused:26;
} node_status_t;
typedef struct node_t {
char *name; /* name of this node */
long int options; /* options turned on for this node */
sockaddr_t address; /* his real (internet) ip to send UDP packets to */
char *hostname; /* the hostname of its real ip */
struct node_status_t status;
const EVP_CIPHER *cipher; /* Cipher type for UDP packets */
char *key; /* Cipher key and iv */
int keylength; /* Cipher key and iv length*/
const EVP_MD *digest; /* Digest type for MAC */
int maclength; /* Length of MAC */
int compression; /* Compressionlevel, 0 = no compression */
list_t *queue; /* Queue for packets awaiting to be encrypted */
struct node_t *nexthop; /* nearest node from us to him */
struct node_t *via; /* next hop for UDP packets */
avl_tree_t *subnet_tree; /* Pointer to a tree of subnets belonging to this node */
avl_tree_t *edge_tree; /* Edges with this node as one of the endpoints */
struct connection_t *connection; /* Connection associated with this node (if a direct connection exists) */
unsigned int sent_seqno; /* Sequence number last sent to this node */
unsigned int received_seqno; /* Sequence number last received from this node */
} node_t;
extern struct node_t *myself;
extern avl_tree_t *node_tree;
extern avl_tree_t *node_udp_tree;
extern void init_nodes(void);
extern void exit_nodes(void);
extern node_t *new_node(void);
extern void free_node(node_t *);
extern void node_add(node_t *);
extern void node_del(node_t *);
extern node_t *lookup_node(char *);
extern node_t *lookup_node_udp(sockaddr_t *);
extern void dump_nodes(void);
#endif /* __TINC_NODE_H__ */

507
src/process.c Normal file
View file

@ -0,0 +1,507 @@
/*
process.c -- process management functions
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: process.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <syslog.h>
#include <sys/ioctl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <stdlib.h>
#include <unistd.h>
#include <termios.h>
#include <pidfile.h>
#include <utils.h>
#include <xalloc.h>
#include "conf.h"
#include "process.h"
#include "subnet.h"
#include "device.h"
#include "connection.h"
#include "device.h"
#include "system.h"
/* If zero, don't detach from the terminal. */
int do_detach = 1;
extern char *identname;
extern char *pidfilename;
extern char **g_argv;
sigset_t emptysigset;
static int saved_debug_lvl = 0;
extern int sighup;
extern int sigalrm;
extern int do_purge;
void memory_full(int size)
{
syslog(LOG_ERR, _("Memory exhausted (couldn't allocate %d bytes), exitting."), size);
cp_trace();
exit(1);
}
/* Some functions the less gifted operating systems might lack... */
#ifndef HAVE_FCLOSEALL
int fcloseall(void)
{
fflush(stdin);
fflush(stdout);
fflush(stderr);
fclose(stdin);
fclose(stdout);
fclose(stderr);
return 0;
}
#endif
/*
Close network connections, and terminate neatly
*/
void cleanup_and_exit(int c)
{
cp
close_network_connections();
if(debug_lvl > DEBUG_NOTHING)
dump_device_stats();
syslog(LOG_NOTICE, _("Terminating"));
closelog();
exit(c);
}
/*
check for an existing tinc for this net, and write pid to pidfile
*/
int write_pidfile(void)
{
int pid;
cp
if((pid = check_pid(pidfilename)))
{
if(netname)
fprintf(stderr, _("A tincd is already running for net `%s' with pid %d.\n"),
netname, pid);
else
fprintf(stderr, _("A tincd is already running with pid %d.\n"), pid);
return 1;
}
/* if it's locked, write-protected, or whatever */
if(!write_pid(pidfilename))
return 1;
cp
return 0;
}
/*
kill older tincd for this net
*/
int kill_other(int signal)
{
int pid;
cp
if(!(pid = read_pid(pidfilename)))
{
if(netname)
fprintf(stderr, _("No other tincd is running for net `%s'.\n"), netname);
else
fprintf(stderr, _("No other tincd is running.\n"));
return 1;
}
errno = 0; /* No error, sometimes errno is only changed on error */
/* ESRCH is returned when no process with that pid is found */
if(kill(pid, signal) && errno == ESRCH)
{
if(netname)
fprintf(stderr, _("The tincd for net `%s' is no longer running. "), netname);
else
fprintf(stderr, _("The tincd is no longer running. "));
fprintf(stderr, _("Removing stale lock file.\n"));
remove_pid(pidfilename);
}
cp
return 0;
}
/*
Detach from current terminal, write pidfile, kill parent
*/
int detach(void)
{
cp
setup_signals();
/* First check if we can open a fresh new pidfile */
if(write_pidfile())
return -1;
/* If we succeeded in doing that, detach */
closelog();
if(do_detach)
{
if(daemon(0, 0) < 0)
{
fprintf(stderr, _("Couldn't detach from terminal: %s"), strerror(errno));
return -1;
}
/* Now UPDATE the pid in the pidfile, because we changed it... */
if(!write_pid(pidfilename))
return -1;
}
openlog(identname, LOG_CONS | LOG_PID, LOG_DAEMON);
if(debug_lvl > DEBUG_NOTHING)
syslog(LOG_NOTICE, _("tincd %s (%s %s) starting, debug level %d"),
VERSION, __DATE__, __TIME__, debug_lvl);
else
syslog(LOG_NOTICE, _("tincd %s starting"), VERSION);
xalloc_fail_func = memory_full;
cp
return 0;
}
/*
Execute the program name, with sane environment. All output will be
redirected to syslog.
*/
void _execute_script(const char *scriptname) __attribute__ ((noreturn));
void _execute_script(const char *scriptname)
{
char *s;
cp
#ifdef HAVE_UNSETENV
unsetenv("NETNAME");
unsetenv("DEVICE");
unsetenv("INTERFACE");
#endif
if(netname)
{
asprintf(&s, "NETNAME=%s", netname);
putenv(s); /* Don't free s! see man 3 putenv */
}
if(device)
{
asprintf(&s, "DEVICE=%s", device);
putenv(s); /* Don't free s! see man 3 putenv */
}
if(interface)
{
asprintf(&s, "INTERFACE=%s", interface);
putenv(s); /* Don't free s! see man 3 putenv */
}
chdir("/");
/* Close all file descriptors */
closelog(); /* <- this means we cannot use syslog() here anymore! */
fcloseall();
execl(scriptname, NULL);
/* No return on success */
if(errno != ENOENT) /* Ignore if the file does not exist */
exit(1); /* Some error while trying execl(). */
else
exit(0);
}
/*
Fork and execute the program pointed to by name.
*/
int execute_script(const char *name)
{
pid_t pid;
int status;
struct stat s;
char *scriptname;
cp
asprintf(&scriptname, "%s/%s", confbase, name);
/* First check if there is a script */
if(stat(scriptname, &s))
return 0;
if((pid = fork()) < 0)
{
syslog(LOG_ERR, _("System call `%s' failed: %s"), "fork", strerror(errno));
return -1;
}
if(pid)
{
if(debug_lvl >= DEBUG_STATUS)
syslog(LOG_INFO, _("Executing script %s"), name);
free(scriptname);
if(waitpid(pid, &status, 0) == pid)
{
if(WIFEXITED(status)) /* Child exited by itself */
{
if(WEXITSTATUS(status))
{
syslog(LOG_ERR, _("Process %d (%s) exited with non-zero status %d"), pid, name, WEXITSTATUS(status));
return -1;
}
else
return 0;
}
else if(WIFSIGNALED(status)) /* Child was killed by a signal */
{
syslog(LOG_ERR, _("Process %d (%s) was killed by signal %d (%s)"),
pid, name, WTERMSIG(status), strsignal(WTERMSIG(status)));
return -1;
}
else /* Something strange happened */
{
syslog(LOG_ERR, _("Process %d (%s) terminated abnormally"), pid, name);
return -1;
}
}
else
{
syslog(LOG_ERR, _("System call `%s' failed: %s"), "waitpid", strerror(errno));
return -1;
}
}
cp
/* Child here */
_execute_script(scriptname);
}
/*
Signal handlers.
*/
RETSIGTYPE
sigterm_handler(int a)
{
if(debug_lvl > DEBUG_NOTHING)
syslog(LOG_NOTICE, _("Got TERM signal"));
cleanup_and_exit(0);
}
RETSIGTYPE
sigquit_handler(int a)
{
if(debug_lvl > DEBUG_NOTHING)
syslog(LOG_NOTICE, _("Got QUIT signal"));
cleanup_and_exit(0);
}
RETSIGTYPE
fatal_signal_square(int a)
{
syslog(LOG_ERR, _("Got another fatal signal %d (%s): not restarting."), a, strsignal(a));
cp_trace();
exit(1);
}
RETSIGTYPE
fatal_signal_handler(int a)
{
struct sigaction act;
syslog(LOG_ERR, _("Got fatal signal %d (%s)"), a, strsignal(a));
cp_trace();
if(do_detach)
{
syslog(LOG_NOTICE, _("Trying to re-execute in 5 seconds..."));
act.sa_handler = fatal_signal_square;
act.sa_mask = emptysigset;
act.sa_flags = 0;
sigaction(SIGSEGV, &act, NULL);
close_network_connections();
sleep(5);
remove_pid(pidfilename);
execvp(g_argv[0], g_argv);
}
else
{
syslog(LOG_NOTICE, _("Not restarting."));
exit(1);
}
}
RETSIGTYPE
sighup_handler(int a)
{
if(debug_lvl > DEBUG_NOTHING)
syslog(LOG_NOTICE, _("Got HUP signal"));
sighup = 1;
}
RETSIGTYPE
sigint_handler(int a)
{
if(saved_debug_lvl)
{
syslog(LOG_NOTICE, _("Reverting to old debug level (%d)"),
saved_debug_lvl);
debug_lvl = saved_debug_lvl;
saved_debug_lvl = 0;
}
else
{
syslog(LOG_NOTICE, _("Temporarily setting debug level to 5. Kill me with SIGINT again to go back to level %d."),
debug_lvl);
saved_debug_lvl = debug_lvl;
debug_lvl = 5;
}
}
RETSIGTYPE
sigalrm_handler(int a)
{
if(debug_lvl > DEBUG_NOTHING)
syslog(LOG_NOTICE, _("Got ALRM signal"));
sigalrm = 1;
}
RETSIGTYPE
sigusr1_handler(int a)
{
dump_connections();
}
RETSIGTYPE
sigusr2_handler(int a)
{
dump_device_stats();
dump_nodes();
dump_edges();
dump_subnets();
}
RETSIGTYPE
sigwinch_handler(int a)
{
extern int do_purge;
do_purge = 1;
}
RETSIGTYPE
unexpected_signal_handler(int a)
{
syslog(LOG_WARNING, _("Got unexpected signal %d (%s)"), a, strsignal(a));
cp_trace();
}
RETSIGTYPE
ignore_signal_handler(int a)
{
if(debug_lvl >= DEBUG_SCARY_THINGS)
{
syslog(LOG_DEBUG, _("Ignored signal %d (%s)"), a, strsignal(a));
cp_trace();
}
}
struct {
int signal;
void (*handler)(int);
} sighandlers[] = {
{ SIGHUP, sighup_handler },
{ SIGTERM, sigterm_handler },
{ SIGQUIT, sigquit_handler },
{ SIGSEGV, fatal_signal_handler },
{ SIGBUS, fatal_signal_handler },
{ SIGILL, fatal_signal_handler },
{ SIGPIPE, ignore_signal_handler },
{ SIGINT, sigint_handler },
{ SIGUSR1, sigusr1_handler },
{ SIGUSR2, sigusr2_handler },
{ SIGCHLD, ignore_signal_handler },
{ SIGALRM, sigalrm_handler },
{ SIGWINCH, sigwinch_handler },
{ 0, NULL }
};
void
setup_signals(void)
{
int i;
struct sigaction act;
sigemptyset(&emptysigset);
act.sa_handler = NULL;
act.sa_mask = emptysigset;
act.sa_flags = 0;
/* Set a default signal handler for every signal, errors will be
ignored. */
for(i = 0; i < NSIG; i++)
{
if(!do_detach)
act.sa_handler = SIG_DFL;
else
act.sa_handler = unexpected_signal_handler;
sigaction(i, &act, NULL);
}
/* If we didn't detach, allow coredumps */
if(!do_detach)
sighandlers[3].handler = SIG_DFL;
/* Then, for each known signal that we want to catch, assign a
handler to the signal, with error checking this time. */
for(i = 0; sighandlers[i].signal; i++)
{
act.sa_handler = sighandlers[i].handler;
if(sigaction(sighandlers[i].signal, &act, NULL) < 0)
fprintf(stderr, _("Installing signal handler for signal %d (%s) failed: %s\n"),
sighandlers[i].signal, strsignal(sighandlers[i].signal), strerror(errno));
}
}

36
src/process.h Normal file
View file

@ -0,0 +1,36 @@
/*
process.h -- header file for process.c
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: process.h,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_PROCESS_H__
#define __TINC_PROCESS_H__
#include "config.h"
extern int do_detach;
extern void setup_signals(void);
extern int execute_script(const char *);
extern int detach(void);
extern int kill_other(int);
extern void cleanup_and_exit(int);
#endif /* __TINC_PROCESS_H__ */

1025
src/protocol.c
View file

File diff suppressed because it is too large Load diff

109
src/protocol.h
View file

@ -1,7 +1,7 @@
/*
protocol.h -- header for protocol.c
Copyright (C) 1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 1999-2001 Ivo Timmermans <itimmermans@bigfoot.com>,
2000,2001 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,63 +17,104 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol.h,v 1.6 2000/10/18 20:12:09 zarq Exp $
$Id: protocol.h,v 1.7 2002/04/09 15:26:00 zarq Exp $
*/
#ifndef __TINC_PROTOCOL_H__
#define __TINC_PROTOCOL_H__
#include "net.h"
#include "node.h"
#include "subnet.h"
/* Protocol version. Different versions are incompatible,
incompatible version have different protocols.
*/
#define PROT_CURRENT 8
/* Length of the challenge. Since the challenge will also
contain the key for the symmetric cipher, it must be
quite large.
*/
#define CHAL_LENGTH 1024 /* Okay, this is probably waaaaaaaaaaay too large */
#define PROT_CURRENT 14
/* Request numbers */
enum {
ALL = -1, /* Guardian for allow_request */
ID = 0, CHALLENGE, CHAL_REPLY, ACK,
ID = 0, METAKEY, CHALLENGE, CHAL_REPLY, ACK,
STATUS, ERROR, TERMREQ,
PING, PONG,
ADD_HOST, DEL_HOST,
PING, PONG,
// ADD_NODE, DEL_NODE,
ADD_SUBNET, DEL_SUBNET,
ADD_EDGE, DEL_EDGE,
KEY_CHANGED, REQ_KEY, ANS_KEY,
PACKET,
LAST /* Guardian for the highest request number */
};
extern int (*request_handlers[])(conn_list_t*);
typedef struct past_request_t {
char *request;
time_t firstseen;
} past_request_t;
extern int send_id(conn_list_t*);
extern int send_challenge(conn_list_t*);
extern int send_chal_reply(conn_list_t*);
extern int send_ack(conn_list_t*);
extern int send_status(conn_list_t*, int, char*);
extern int send_error(conn_list_t*, int, char*);
extern int send_termreq(conn_list_t*);
extern int send_ping(conn_list_t*);
extern int send_pong(conn_list_t*);
extern int send_add_host(conn_list_t*, conn_list_t*);
extern int send_del_host(conn_list_t*, conn_list_t*);
extern int send_add_subnet(conn_list_t*, conn_list_t*, subnet_t*);
extern int send_del_subnet(conn_list_t*, conn_list_t*, subnet_t*);
extern int send_key_changed(conn_list_t*, conn_list_t*);
extern int send_req_key(conn_list_t*, conn_list_t*);
extern int send_ans_key(conn_list_t*, conn_list_t*, char*);
/* Maximum size of strings in a request */
/* Old functions */
#define MAX_STRING_SIZE 2048
#define MAX_STRING "%2048s"
extern int send_tcppacket(conn_list_t *, void *, int);
extern int notify_others(conn_list_t *, conn_list_t *, int (*function)(conn_list_t*, conn_list_t*));
/* Basic functions */
extern int send_request(connection_t*, const char*, ...);
extern int receive_request(connection_t *);
extern int check_id(char *);
extern void init_requests(void);
extern void exit_requests(void);
extern int seen_request(char *);
extern void age_past_requests(void);
/* Requests */
extern int send_id(connection_t *);
extern int send_metakey(connection_t *);
extern int send_challenge(connection_t *);
extern int send_chal_reply(connection_t *);
extern int send_ack(connection_t *);
extern int send_status(connection_t *, int, char *);
extern int send_error(connection_t *, int, char *);
extern int send_termreq(connection_t *);
extern int send_ping(connection_t *);
extern int send_pong(connection_t *);
// extern int send_add_node(connection_t *, node_t *);
// extern int send_del_node(connection_t *, node_t *);
extern int send_add_subnet(connection_t *, subnet_t *);
extern int send_del_subnet(connection_t *, subnet_t *);
extern int send_add_edge(connection_t *, edge_t *);
extern int send_del_edge(connection_t *, edge_t *);
extern int send_key_changed(connection_t *, node_t *);
extern int send_req_key(connection_t *, node_t *, node_t *);
extern int send_ans_key(connection_t *, node_t *, node_t *);
extern int send_tcppacket(connection_t *, vpn_packet_t *);
/* Request handlers */
extern int (*request_handlers[])(connection_t *);
extern int id_h(connection_t *);
extern int metakey_h(connection_t *);
extern int challenge_h(connection_t *);
extern int chal_reply_h(connection_t *);
extern int ack_h(connection_t *);
extern int status_h(connection_t *);
extern int error_h(connection_t *);
extern int termreq_h(connection_t *);
extern int ping_h(connection_t *);
extern int pong_h(connection_t *);
// extern int add_node_h(connection_t *);
// extern int del_node_h(connection_t *);
extern int add_subnet_h(connection_t *);
extern int del_subnet_h(connection_t *);
extern int add_edge_h(connection_t *);
extern int del_edge_h(connection_t *);
extern int key_changed_h(connection_t *);
extern int req_key_h(connection_t *);
extern int ans_key_h(connection_t *);
extern int tcppacket_h(connection_t *);
#endif /* __TINC_PROTOCOL_H__ */

605
src/protocol_auth.c Normal file
View file

@ -0,0 +1,605 @@
/*
protocol_auth.c -- handle the meta-protocol, authentication
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_auth.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <stdio.h>
#include <stdarg.h>
#include <errno.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
#include <openssl/evp.h>
#ifndef HAVE_RAND_PSEUDO_BYTES
#define RAND_pseudo_bytes RAND_bytes
#endif
#include "conf.h"
#include "net.h"
#include "netutl.h"
#include "protocol.h"
#include "meta.h"
#include "connection.h"
#include "node.h"
#include "edge.h"
#include "graph.h"
#include "system.h"
int send_id(connection_t *c)
{
cp
return send_request(c, "%d %s %d", ID, myself->connection->name, myself->connection->protocol_version);
}
int id_h(connection_t *c)
{
char name[MAX_STRING_SIZE];
int bla;
cp
if(sscanf(c->buffer, "%*d "MAX_STRING" %d", name, &c->protocol_version) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "ID", c->name, c->hostname);
return -1;
}
/* Check if identity is a valid name */
if(check_id(name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ID", c->name, c->hostname, "invalid name");
return -1;
}
/* If we set c->name in advance, make sure we are connected to the right host */
if(c->name)
{
if(strcmp(c->name, name))
{
syslog(LOG_ERR, _("Peer %s is %s instead of %s"), c->hostname, name, c->name);
return -1;
}
}
else
c->name = xstrdup(name);
/* Check if version matches */
if(c->protocol_version != myself->connection->protocol_version)
{
syslog(LOG_ERR, _("Peer %s (%s) uses incompatible version %d"),
c->name, c->hostname, c->protocol_version);
return -1;
}
if(bypass_security)
{
if(!c->config_tree)
init_configuration(&c->config_tree);
c->allow_request = ACK;
return send_ack(c);
}
if(!c->config_tree)
{
init_configuration(&c->config_tree);
if((bla = read_connection_config(c)))
{
syslog(LOG_ERR, _("Peer %s had unknown identity (%s)"), c->hostname, c->name);
return -1;
}
}
if(read_rsa_public_key(c))
{
return -1;
}
/* Check some options */
if((get_config_bool(lookup_config(c->config_tree, "IndirectData"), &bla) && bla) || myself->options & OPTION_INDIRECT)
c->options |= OPTION_INDIRECT;
if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &bla) && bla) || myself->options & OPTION_TCPONLY)
c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
c->allow_request = METAKEY;
cp
return send_metakey(c);
}
int send_metakey(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
int len, x;
cp
len = RSA_size(c->rsa_key);
/* Allocate buffers for the meta key */
if(!c->outkey)
c->outkey = xmalloc(len);
if(!c->outctx)
c->outctx = xmalloc(sizeof(*c->outctx));
cp
/* Copy random data to the buffer */
RAND_bytes(c->outkey, len);
/* The message we send must be smaller than the modulus of the RSA key.
By definition, for a key of k bits, the following formula holds:
2^(k-1) <= modulus < 2^(k)
Where ^ means "to the power of", not "xor".
This means that to be sure, we must choose our message < 2^(k-1).
This can be done by setting the most significant bit to zero.
*/
c->outkey[0] &= 0x7F;
if(debug_lvl >= DEBUG_SCARY_THINGS)
{
bin2hex(c->outkey, buffer, len);
buffer[len*2] = '\0';
syslog(LOG_DEBUG, _("Generated random meta key (unencrypted): %s"), buffer);
}
/* Encrypt the random data
We do not use one of the PKCS padding schemes here.
This is allowed, because we encrypt a totally random string
with a length equal to that of the modulus of the RSA key.
*/
if(RSA_public_encrypt(len, c->outkey, buffer, c->rsa_key, RSA_NO_PADDING) != len)
{
syslog(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), c->name, c->hostname);
return -1;
}
cp
/* Convert the encrypted random data to a hexadecimal formatted string */
bin2hex(buffer, buffer, len);
buffer[len*2] = '\0';
/* Send the meta key */
x = send_request(c, "%d %d %d %d %d %s", METAKEY,
c->outcipher?c->outcipher->nid:0, c->outdigest?c->outdigest->type:0,
c->outmaclength, c->outcompression, buffer);
/* Further outgoing requests are encrypted with the key we just generated */
if(c->outcipher)
{
EVP_EncryptInit(c->outctx, c->outcipher,
c->outkey + len - c->outcipher->key_len,
c->outkey + len - c->outcipher->key_len - c->outcipher->iv_len);
c->status.encryptout = 1;
}
cp
return x;
}
int metakey_h(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
int cipher, digest, maclength, compression;
int len;
cp
if(sscanf(c->buffer, "%*d %d %d %d %d "MAX_STRING, &cipher, &digest, &maclength, &compression, buffer) != 5)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "METAKEY", c->name, c->hostname);
return -1;
}
cp
len = RSA_size(myself->connection->rsa_key);
/* Check if the length of the meta key is all right */
if(strlen(buffer) != len*2)
{
syslog(LOG_ERR, _("Possible intruder %s (%s): %s"), c->name, c->hostname, "wrong keylength");
return -1;
}
/* Allocate buffers for the meta key */
cp
if(!c->inkey)
c->inkey = xmalloc(len);
if(!c->inctx)
c->inctx = xmalloc(sizeof(*c->inctx));
/* Convert the challenge from hexadecimal back to binary */
cp
hex2bin(buffer,buffer,len);
/* Decrypt the meta key */
cp
if(RSA_private_decrypt(len, buffer, c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) /* See challenge() */
{
syslog(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), c->name, c->hostname);
return -1;
}
if(debug_lvl >= DEBUG_SCARY_THINGS)
{
bin2hex(c->inkey, buffer, len);
buffer[len*2] = '\0';
syslog(LOG_DEBUG, _("Received random meta key (unencrypted): %s"), buffer);
}
/* All incoming requests will now be encrypted. */
cp
/* Check and lookup cipher and digest algorithms */
if(cipher)
{
c->incipher = EVP_get_cipherbynid(cipher);
if(!c->incipher)
{
syslog(LOG_ERR, _("%s (%s) uses unknown cipher!"), c->name, c->hostname);
return -1;
}
EVP_DecryptInit(c->inctx, c->incipher,
c->inkey + len - c->incipher->key_len,
c->inkey + len - c->incipher->key_len - c->incipher->iv_len);
c->status.decryptin = 1;
}
else
{
c->incipher = NULL;
}
c->inmaclength = maclength;
if(digest)
{
c->indigest = EVP_get_digestbynid(digest);
if(!c->indigest)
{
syslog(LOG_ERR, _("Node %s (%s) uses unknown digest!"), c->name, c->hostname);
return -1;
}
if(c->inmaclength > c->indigest->md_size || c->inmaclength < 0)
{
syslog(LOG_ERR, _("%s (%s) uses bogus MAC length!"), c->name, c->hostname);
return -1;
}
}
else
{
c->indigest = NULL;
}
c->incompression = compression;
c->allow_request = CHALLENGE;
cp
return send_challenge(c);
}
int send_challenge(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
int len, x;
cp
/* CHECKME: what is most reasonable value for len? */
len = RSA_size(c->rsa_key);
/* Allocate buffers for the challenge */
if(!c->hischallenge)
c->hischallenge = xmalloc(len);
cp
/* Copy random data to the buffer */
RAND_bytes(c->hischallenge, len);
cp
/* Convert to hex */
bin2hex(c->hischallenge, buffer, len);
buffer[len*2] = '\0';
cp
/* Send the challenge */
x = send_request(c, "%d %s", CHALLENGE, buffer);
cp
return x;
}
int challenge_h(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
int len;
cp
if(sscanf(c->buffer, "%*d "MAX_STRING, buffer) != 1)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "CHALLENGE", c->name, c->hostname);
return -1;
}
len = RSA_size(myself->connection->rsa_key);
/* Check if the length of the challenge is all right */
if(strlen(buffer) != len*2)
{
syslog(LOG_ERR, _("Possible intruder %s (%s): %s"), c->name, c->hostname, "wrong challenge length");
return -1;
}
/* Allocate buffers for the challenge */
if(!c->mychallenge)
c->mychallenge = xmalloc(len);
/* Convert the challenge from hexadecimal back to binary */
hex2bin(buffer,c->mychallenge,len);
c->allow_request = CHAL_REPLY;
/* Rest is done by send_chal_reply() */
cp
return send_chal_reply(c);
}
int send_chal_reply(connection_t *c)
{
char hash[EVP_MAX_MD_SIZE*2+1];
EVP_MD_CTX ctx;
cp
/* Calculate the hash from the challenge we received */
EVP_DigestInit(&ctx, c->indigest);
EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key));
EVP_DigestFinal(&ctx, hash, NULL);
/* Convert the hash to a hexadecimal formatted string */
bin2hex(hash,hash,c->indigest->md_size);
hash[c->indigest->md_size*2] = '\0';
/* Send the reply */
cp
return send_request(c, "%d %s", CHAL_REPLY, hash);
}
int chal_reply_h(connection_t *c)
{
char hishash[MAX_STRING_SIZE];
char myhash[EVP_MAX_MD_SIZE];
EVP_MD_CTX ctx;
cp
if(sscanf(c->buffer, "%*d "MAX_STRING, hishash) != 1)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "CHAL_REPLY", c->name, c->hostname);
return -1;
}
/* Check if the length of the hash is all right */
if(strlen(hishash) != c->outdigest->md_size*2)
{
syslog(LOG_ERR, _("Possible intruder %s (%s): %s"), c->name, c->hostname, _("wrong challenge reply length"));
return -1;
}
/* Convert the hash to binary format */
hex2bin(hishash, hishash, c->outdigest->md_size);
/* Calculate the hash from the challenge we sent */
EVP_DigestInit(&ctx, c->outdigest);
EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key));
EVP_DigestFinal(&ctx, myhash, NULL);
/* Verify the incoming hash with the calculated hash */
if(memcmp(hishash, myhash, c->outdigest->md_size))
{
syslog(LOG_ERR, _("Possible intruder %s (%s): %s"), c->name, c->hostname, _("wrong challenge reply"));
if(debug_lvl >= DEBUG_SCARY_THINGS)
{
bin2hex(myhash, hishash, SHA_DIGEST_LENGTH);
hishash[SHA_DIGEST_LENGTH*2] = '\0';
syslog(LOG_DEBUG, _("Expected challenge reply: %s"), hishash);
}
return -1;
}
/* Identity has now been positively verified.
Send an acknowledgement with the rest of the information needed.
*/
c->allow_request = ACK;
cp
return send_ack(c);
}
int send_ack(connection_t *c)
{
/* ACK message contains rest of the information the other end needs
to create node_t and edge_t structures. */
int x;
char *address, *port;
struct timeval now;
cp
/* Estimate weight */
gettimeofday(&now, NULL);
c->estimated_weight = (now.tv_sec - c->start.tv_sec) * 1000 + (now.tv_usec - c->start.tv_usec) / 1000;
sockaddr2str(&c->address, &address, &port);
x = send_request(c, "%d %s %s %d %lx", ACK, myport, address, c->estimated_weight, c->options);
free(address);
free(port);
cp
return x;
}
void send_everything(connection_t *c)
{
avl_node_t *node, *node2;
node_t *n;
subnet_t *s;
edge_t *e;
/* Send all known subnets */
for(node = node_tree->head; node; node = node->next)
{
n = (node_t *)node->data;
for(node2 = n->subnet_tree->head; node2; node2 = node2->next)
{
s = (subnet_t *)node2->data;
send_add_subnet(c, s);
}
}
/* Send all known edges */
for(node = edge_tree->head; node; node = node->next)
{
e = (edge_t *)node->data;
if(e == c->edge)
continue;
send_add_edge(c, e);
}
}
int ack_h(connection_t *c)
{
char myaddress[MAX_STRING_SIZE];
char hisport[MAX_STRING_SIZE];
char *hisaddress, *dummy;
int weight;
long int options;
node_t *n;
connection_t *other;
avl_node_t *node;
cp
if(sscanf(c->buffer, "%*d "MAX_STRING" "MAX_STRING" %d %lx", hisport, myaddress, &weight, &options) != 4)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "ACK", c->name, c->hostname);
return -1;
}
/* Check if we already have a node_t for him */
n = lookup_node(c->name);
if(!n)
{
n = new_node();
n->name = xstrdup(c->name);
node_add(n);
}
else
{
if(n->connection)
{
/* Oh dear, we already have a connection to this node. */
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_DEBUG, _("Established a second connection with %s (%s), closing old connection"), n->name, n->hostname);
terminate_connection(n->connection, 0);
}
/* FIXME: check if information in existing node matches that of the other end of this connection */
}
n->connection = c;
c->node = n;
c->options |= options;
/* Create an edge_t for this connection */
c->edge = new_edge();
cp
c->edge->from.node = myself;
c->edge->from.udpaddress = str2sockaddr(myaddress, myport);
c->edge->to.node = n;
sockaddr2str(&c->address, &hisaddress, &dummy);
c->edge->to.udpaddress = str2sockaddr(hisaddress, hisport);
free(hisaddress);
free(dummy);
c->edge->weight = (weight + c->estimated_weight) / 2;
c->edge->connection = c;
c->edge->options = c->options;
cp
edge_add(c->edge);
/* Activate this connection */
c->allow_request = ALL;
c->status.active = 1;
if(debug_lvl >= DEBUG_CONNECTIONS)
syslog(LOG_NOTICE, _("Connection with %s (%s) activated"), c->name, c->hostname);
cp
/* Send him everything we know */
send_everything(c);
/* Notify others of this connection */
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_add_edge(other, c->edge);
}
/* Run MST and SSSP algorithms */
graph();
cp
return 0;
}

298
src/protocol_edge.c Normal file
View file

@ -0,0 +1,298 @@
/*
protocol_edge.c -- handle the meta-protocol, edges
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_edge.c,v 1.2 2002/04/09 15:26:00 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <stdio.h>
#include <stdarg.h>
#include <errno.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include "conf.h"
#include "net.h"
#include "netutl.h"
#include "protocol.h"
#include "meta.h"
#include "connection.h"
#include "node.h"
#include "edge.h"
#include "graph.h"
#include "system.h"
int send_add_edge(connection_t *c, edge_t *e)
{
int x;
char *from_udpaddress, *from_udpport;
char *to_udpaddress, *to_udpport;
cp
sockaddr2str(&e->from.udpaddress, &from_udpaddress, &from_udpport);
sockaddr2str(&e->to.udpaddress, &to_udpaddress, &to_udpport);
x = send_request(c, "%d %lx %s %s %s %s %s %s %lx %d", ADD_EDGE, random(),
e->from.node->name, from_udpaddress, from_udpport,
e->to.node->name, to_udpaddress, to_udpport,
e->options, e->weight);
free(from_udpaddress);
free(from_udpport);
free(to_udpaddress);
free(to_udpport);
cp
return x;
}
int add_edge_h(connection_t *c)
{
connection_t *other;
edge_t *e;
node_t *from, *to;
char from_name[MAX_STRING_SIZE];
char to_name[MAX_STRING_SIZE];
char from_address[MAX_STRING_SIZE];
char from_udpport[MAX_STRING_SIZE];
char to_address[MAX_STRING_SIZE];
char to_udpport[MAX_STRING_SIZE];
sockaddr_t from_udpaddress;
sockaddr_t to_udpaddress;
long int options;
int weight;
avl_node_t *node;
cp
if(sscanf(c->buffer, "%*d %*x "MAX_STRING" "MAX_STRING" "MAX_STRING" "MAX_STRING" "MAX_STRING" "MAX_STRING" %lx %d",
from_name, from_address, from_udpport,
to_name, to_address, to_udpport,
&options, &weight) != 8)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "ADD_EDGE", c->name, c->hostname);
return -1;
}
/* Check if names are valid */
if(check_id(from_name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_EDGE", c->name, c->hostname, _("invalid name"));
return -1;
}
if(check_id(to_name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_EDGE", c->name, c->hostname, _("invalid name"));
return -1;
}
if(seen_request(c->buffer))
return 0;
/* Lookup nodes */
from = lookup_node(from_name);
if(!from)
{
from = new_node();
from->name = xstrdup(from_name);
node_add(from);
}
to = lookup_node(to_name);
if(!to)
{
to = new_node();
to->name = xstrdup(to_name);
node_add(to);
}
/* Convert addresses */
from_udpaddress = str2sockaddr(from_address, from_udpport);
to_udpaddress = str2sockaddr(to_address, to_udpport);
/* Check if edge already exists */
e = lookup_edge(from, to);
if(e)
{
if(e->weight != weight || e->options != options
|| ((e->from.node == from) && (sockaddrcmp(&e->from.udpaddress, &from_udpaddress)|| sockaddrcmp(&e->to.udpaddress, &to_udpaddress)))
|| ((e->from.node == to) && (sockaddrcmp(&e->from.udpaddress, &to_udpaddress) || sockaddrcmp(&e->to.udpaddress, &from_udpaddress)))
)
{
if(from == myself || to == myself)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for ourself which does not match existing entry"), "ADD_EDGE", c->name, c->hostname);
send_add_edge(c, e);
return 0;
}
else
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) which does not match existing entry"), "ADD_EDGE", c->name, c->hostname);
edge_del(e);
}
}
else
return 0;
}
else if(from == myself || to == myself)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for ourself which does not exist"), "ADD_EDGE", c->name, c->hostname);
e = new_edge();
e->from.node = from;
e->to.node = to;
send_del_edge(c, e);
free_edge(e);
return 0;
}
e = new_edge();
e->from.node = from;
e->from.udpaddress = from_udpaddress;
e->to.node = to;
e->to.udpaddress = to_udpaddress;
e->options = options;
e->weight = weight;
edge_add(e);
/* Tell the rest about the new edge */
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_request(other, "%s", c->buffer);
}
/* Run MST before or after we tell the rest? */
graph();
cp
return 0;
}
int send_del_edge(connection_t *c, edge_t *e)
{
cp
return send_request(c, "%d %lx %s %s", DEL_EDGE, random(),
e->from.node->name, e->to.node->name);
}
int del_edge_h(connection_t *c)
{
edge_t *e;
char from_name[MAX_STRING_SIZE];
char to_name[MAX_STRING_SIZE];
node_t *from, *to;
connection_t *other;
avl_node_t *node;
cp
if(sscanf(c->buffer, "%*d %*x "MAX_STRING" "MAX_STRING"", from_name, to_name) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "DEL_EDGE",
c->name, c->hostname);
return -1;
}
/* Check if names are valid */
if(check_id(from_name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_EDGE", c->name, c->hostname, _("invalid name"));
return -1;
}
if(check_id(to_name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_EDGE", c->name, c->hostname, _("invalid name"));
return -1;
}
if(seen_request(c->buffer))
return 0;
/* Lookup nodes */
from = lookup_node(from_name);
if(!from)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_ERR, _("Got %s from %s (%s) which does not appear in the edge tree"), "DEL_EDGE", c->name, c->hostname);
return 0;
}
to = lookup_node(to_name);
if(!to)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_ERR, _("Got %s from %s (%s) which does not appear in the edge tree"), "DEL_EDGE", c->name, c->hostname);
return 0;
}
/* Check if edge exists */
e = lookup_edge(from, to);
if(!e)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) which does not appear in the edge tree"), "DEL_EDGE", c->name, c->hostname);
return 0;
}
if(e->from.node == myself || e->to.node == myself)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for ourself"), "DEL_EDGE", c->name, c->hostname);
send_add_edge(c, e); /* Send back a correction */
return 0;
}
/* Tell the rest about the deleted edge */
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_request(other, "%s", c->buffer);
}
/* Delete the edge */
edge_del(e);
/* Run MST before or after we tell the rest? */
graph();
cp
return 0;
}

286
src/protocol_key.c Normal file
View file

@ -0,0 +1,286 @@
/*
protocol_key.c -- handle the meta-protocol, key exchange
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_key.c,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <stdio.h>
#include <stdarg.h>
#include <errno.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include "conf.h"
#include "net.h"
#include "netutl.h"
#include "protocol.h"
#include "meta.h"
#include "connection.h"
#include "node.h"
#include "edge.h"
#include "system.h"
int mykeyused = 0;
int send_key_changed(connection_t *c, node_t *n)
{
connection_t *other;
avl_node_t *node;
cp
/* Only send this message if some other daemon requested our key previously.
This reduces unnecessary key_changed broadcasts.
*/
if(n == myself && !mykeyused)
return 0;
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_request(other, "%d %lx %s", KEY_CHANGED, random(), n->name);
}
cp
return 0;
}
int key_changed_h(connection_t *c)
{
char name[MAX_STRING_SIZE];
avl_node_t *node;
connection_t *other;
node_t *n;
cp
if(sscanf(c->buffer, "%*d %*x "MAX_STRING, name) != 1)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "KEY_CHANGED",
c->name, c->hostname);
return -1;
}
if(seen_request(c->buffer))
return 0;
n = lookup_node(name);
if(!n)
{
syslog(LOG_ERR, _("Got %s from %s (%s) origin %s which does not exist"), "KEY_CHANGED",
c->name, c->hostname, name);
return -1;
}
n->status.validkey = 0;
n->status.waitingforkey = 0;
n->sent_seqno = 0;
/* Tell the others */
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_request(other, "%s", c->buffer);
}
cp
return 0;
}
int send_req_key(connection_t *c, node_t *from, node_t *to)
{
cp
return send_request(c, "%d %s %s", REQ_KEY,
from->name, to->name);
}
int req_key_h(connection_t *c)
{
char from_name[MAX_STRING_SIZE];
char to_name[MAX_STRING_SIZE];
node_t *from, *to;
cp
if(sscanf(c->buffer, "%*d "MAX_STRING" "MAX_STRING, from_name, to_name) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "REQ_KEY",
c->name, c->hostname);
return -1;
}
from = lookup_node(from_name);
if(!from)
{
syslog(LOG_ERR, _("Got %s from %s (%s) origin %s which does not exist in our connection list"), "REQ_KEY",
c->name, c->hostname, from_name);
return -1;
}
to = lookup_node(to_name);
if(!to)
{
syslog(LOG_ERR, _("Got %s from %s (%s) destination %s which does not exist in our connection list"), "REQ_KEY",
c->name, c->hostname, to_name);
return -1;
}
/* Check if this key request is for us */
if(to == myself) /* Yes, send our own key back */
{
mykeyused = 1;
from->received_seqno = 0;
send_ans_key(c, myself, from);
}
else
{
/* Proxy keys
if(to->status.validkey)
{
send_ans_key(c, to, from);
}
else
*/
send_req_key(to->nexthop->connection, from, to);
}
cp
return 0;
}
int send_ans_key(connection_t *c, node_t *from, node_t *to)
{
char key[MAX_STRING_SIZE];
cp
bin2hex(from->key, key, from->keylength);
key[from->keylength * 2] = '\0';
cp
return send_request(c, "%d %s %s %s %d %d %d %d", ANS_KEY,
from->name, to->name, key, from->cipher?from->cipher->nid:0, from->digest?from->digest->type:0, from->maclength, from->compression);
}
int ans_key_h(connection_t *c)
{
char from_name[MAX_STRING_SIZE];
char to_name[MAX_STRING_SIZE];
char key[MAX_STRING_SIZE];
int cipher, digest, maclength, compression;
node_t *from, *to;
cp
if(sscanf(c->buffer, "%*d "MAX_STRING" "MAX_STRING" "MAX_STRING" %d %d %d %d", from_name, to_name, key, &cipher, &digest, &maclength, &compression) != 7)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "ANS_KEY",
c->name, c->hostname);
return -1;
}
from = lookup_node(from_name);
if(!from)
{
syslog(LOG_ERR, _("Got %s from %s (%s) origin %s which does not exist in our connection list"), "ANS_KEY",
c->name, c->hostname, from_name);
return -1;
}
to = lookup_node(to_name);
if(!to)
{
syslog(LOG_ERR, _("Got %s from %s (%s) destination %s which does not exist in our connection list"), "ANS_KEY",
c->name, c->hostname, to_name);
return -1;
}
/* Forward it if necessary */
if(to != myself)
{
return send_request(to->nexthop->connection, "%s", c->buffer);
}
/* Update our copy of the origin's packet key */
if(from->key)
free(from->key);
from->key = xstrdup(key);
from->keylength = strlen(key) / 2;
hex2bin(from->key, from->key, from->keylength);
from->key[from->keylength] = '\0';
from->status.validkey = 1;
from->status.waitingforkey = 0;
/* Check and lookup cipher and digest algorithms */
if(cipher)
{
from->cipher = EVP_get_cipherbynid(cipher);
if(!from->cipher)
{
syslog(LOG_ERR, _("Node %s (%s) uses unknown cipher!"), from->name, from->hostname);
return -1;
}
if(from->keylength != from->cipher->key_len + from->cipher->iv_len)
{
syslog(LOG_ERR, _("Node %s (%s) uses wrong keylength!"), from->name, from->hostname);
return -1;
}
}
else
{
from->cipher = NULL;
}
from->maclength = maclength;
if(digest)
{
from->digest = EVP_get_digestbynid(digest);
if(!from->digest)
{
syslog(LOG_ERR, _("Node %s (%s) uses unknown digest!"), from->name, from->hostname);
return -1;
}
if(from->maclength > from->digest->md_size || from->maclength < 0)
{
syslog(LOG_ERR, _("Node %s (%s) uses bogus MAC length!"), from->name, from->hostname);
return -1;
}
}
else
{
from->digest = NULL;
}
from->compression = compression;
flush_queue(from);
cp
return 0;
}

198
src/protocol_misc.c Normal file
View file

@ -0,0 +1,198 @@
/*
protocol_misc.c -- handle the meta-protocol, miscellaneous functions
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_misc.c,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <stdio.h>
#include <stdarg.h>
#include <errno.h>
#include <utils.h>
#include "conf.h"
#include "net.h"
#include "netutl.h"
#include "protocol.h"
#include "meta.h"
#include "connection.h"
#include "system.h"
/* Status and error notification routines */
int send_status(connection_t *c, int statusno, char *statusstring)
{
cp
if(!statusstring)
statusstring = status_text[statusno];
cp
return send_request(c, "%d %d %s", STATUS, statusno, statusstring);
}
int status_h(connection_t *c)
{
int statusno;
char statusstring[MAX_STRING_SIZE];
cp
if(sscanf(c->buffer, "%*d %d "MAX_STRING, &statusno, statusstring) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "STATUS",
c->name, c->hostname);
return -1;
}
if(debug_lvl >= DEBUG_STATUS)
{
syslog(LOG_NOTICE, _("Status message from %s (%s): %s: %s"),
c->name, c->hostname, status_text[statusno], statusstring);
}
cp
return 0;
}
int send_error(connection_t *c, int err, char *errstring)
{
cp
if(!errstring)
errstring = strerror(err);
return send_request(c, "%d %d %s", ERROR, err, errstring);
}
int error_h(connection_t *c)
{
int err;
char errorstring[MAX_STRING_SIZE];
cp
if(sscanf(c->buffer, "%*d %d "MAX_STRING, &err, errorstring) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "ERROR",
c->name, c->hostname);
return -1;
}
if(debug_lvl >= DEBUG_ERROR)
{
syslog(LOG_NOTICE, _("Error message from %s (%s): %s: %s"),
c->name, c->hostname, strerror(err), errorstring);
}
terminate_connection(c, c->status.active);
cp
return 0;
}
int send_termreq(connection_t *c)
{
cp
return send_request(c, "%d", TERMREQ);
}
int termreq_h(connection_t *c)
{
cp
terminate_connection(c, c->status.active);
cp
return 0;
}
int send_ping(connection_t *c)
{
cp
c->status.pinged = 1;
c->last_ping_time = now;
cp
return send_request(c, "%d", PING);
}
int ping_h(connection_t *c)
{
cp
return send_pong(c);
}
int send_pong(connection_t *c)
{
cp
return send_request(c, "%d", PONG);
}
int pong_h(connection_t *c)
{
cp
c->status.pinged = 0;
/* Succesful connection, reset timeout if this is an outgoing connection. */
if(c->outgoing)
c->outgoing->timeout = 0;
cp
return 0;
}
/* Sending and receiving packets via TCP */
int send_tcppacket(connection_t *c, vpn_packet_t *packet)
{
int x;
cp
/* Evil hack. */
x = send_request(c, "%d %hd", PACKET, packet->len);
if(x)
return x;
cp
return send_meta(c, packet->data, packet->len);
}
int tcppacket_h(connection_t *c)
{
short int len;
cp
if(sscanf(c->buffer, "%*d %hd", &len) != 1)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "PACKET", c->name, c->hostname);
return -1;
}
/* Set reqlen to len, this will tell receive_meta() that a tcppacket is coming. */
c->tcplen = len;
cp
return 0;
}
/* Status strings */
char (*status_text[]) = {
"Warning",
};
/* Error strings */
char (*error_text[]) = {
"Error",
};

237
src/protocol_subnet.c Normal file
View file

@ -0,0 +1,237 @@
/*
protocol_subnet.c -- handle the meta-protocol, subnets
Copyright (C) 1999-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_subnet.c,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <stdio.h>
#include <stdarg.h>
#include <errno.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include "conf.h"
#include "net.h"
#include "netutl.h"
#include "protocol.h"
#include "meta.h"
#include "connection.h"
#include "node.h"
#include "edge.h"
#include "graph.h"
#include "system.h"
int send_add_subnet(connection_t *c, subnet_t *subnet)
{
int x;
char *netstr;
cp
x = send_request(c, "%d %lx %s %s", ADD_SUBNET, random(),
subnet->owner->name, netstr = net2str(subnet));
free(netstr);
cp
return x;
}
int add_subnet_h(connection_t *c)
{
char subnetstr[MAX_STRING_SIZE];
char name[MAX_STRING_SIZE];
node_t *owner;
connection_t *other;
subnet_t *s;
avl_node_t *node;
cp
if(sscanf(c->buffer, "%*d %*x "MAX_STRING" "MAX_STRING, name, subnetstr) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "ADD_SUBNET", c->name, c->hostname);
return -1;
}
/* Check if owner name is a valid */
if(check_id(name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_SUBNET", c->name, c->hostname, _("invalid name"));
return -1;
}
/* Check if subnet string is valid */
if(!(s = str2net(subnetstr)))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_SUBNET", c->name, c->hostname, _("invalid subnet string"));
return -1;
}
if(seen_request(c->buffer))
return 0;
/* Check if the owner of the new subnet is in the connection list */
owner = lookup_node(name);
if(!owner)
{
owner = new_node();
owner->name = xstrdup(name);
node_add(owner);
}
/* Check if we already know this subnet */
if(lookup_subnet(owner, s))
{
free_subnet(s);
return 0;
}
/* If we don't know this subnet, but we are the owner, retaliate with a DEL_SUBNET */
if(owner == myself)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for ourself"), "ADD_SUBNET", c->name, c->hostname);
s->owner = myself;
send_del_subnet(c, s);
return 0;
}
/* If everything is correct, add the subnet to the list of the owner */
subnet_add(owner, s);
/* Tell the rest */
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_request(other, "%s", c->buffer);
}
cp
return 0;
}
int send_del_subnet(connection_t *c, subnet_t *s)
{
int x;
char *netstr;
cp
netstr = net2str(s);
x = send_request(c, "%d %lx %s %s", DEL_SUBNET, random(), s->owner->name, netstr);
free(netstr);
cp
return x;
}
int del_subnet_h(connection_t *c)
{
char subnetstr[MAX_STRING_SIZE];
char name[MAX_STRING_SIZE];
node_t *owner;
connection_t *other;
subnet_t *s, *find;
avl_node_t *node;
cp
if(sscanf(c->buffer, "%*d %*x "MAX_STRING" "MAX_STRING, name, subnetstr) != 2)
{
syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "DEL_SUBNET", c->name, c->hostname);
return -1;
}
/* Check if owner name is a valid */
if(check_id(name))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_SUBNET", c->name, c->hostname, _("invalid name"));
return -1;
}
/* Check if the owner of the new subnet is in the connection list */
if(!(owner = lookup_node(name)))
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for %s which is not in our node tree"),
"DEL_SUBNET", c->name, c->hostname, name);
return 0;
}
/* Check if subnet string is valid */
if(!(s = str2net(subnetstr)))
{
syslog(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_SUBNET", c->name, c->hostname, _("invalid subnet string"));
return -1;
}
if(seen_request(c->buffer))
return 0;
/* If everything is correct, delete the subnet from the list of the owner */
s->owner = owner;
find = lookup_subnet(owner, s);
free_subnet(s);
if(!find)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for %s which does not appear in his subnet tree"),
"DEL_SUBNET", c->name, c->hostname, name);
return 0;
}
/* If we are the owner of this subnet, retaliate with an ADD_SUBNET */
if(owner == myself)
{
if(debug_lvl >= DEBUG_PROTOCOL)
syslog(LOG_WARNING, _("Got %s from %s (%s) for ourself"), "DEL_SUBNET", c->name, c->hostname);
send_add_subnet(c, find);
return 0;
}
/* Tell the rest */
for(node = connection_tree->head; node; node = node->next)
{
other = (connection_t *)node->data;
if(other->status.active && other != c)
send_request(other, "%s", c->buffer);
}
/* Finally, delete it. */
subnet_del(owner, find);
cp
return 0;
}

493
src/route.c Normal file
View file

@ -0,0 +1,493 @@
/*
route.c -- routing
Copyright (C) 2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>,
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: route.c,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#include "config.h"
#if defined(HAVE_FREEBSD) || defined(HAVE_OPENBSD)
#include <sys/param.h>
#endif
#include <sys/socket.h>
#include <netinet/in.h>
#if defined(HAVE_SOLARIS) || defined(HAVE_OPENBSD)
#include <net/if.h>
#define ETHER_ADDR_LEN 6
#else
#include <net/ethernet.h>
#endif
#include <netinet/ip6.h>
#include <netinet/icmp6.h>
#include <netinet/if_ether.h>
#include <utils.h>
#include <xalloc.h>
#include <syslog.h>
#include <string.h>
#include <avl_tree.h>
#include "net.h"
#include "connection.h"
#include "subnet.h"
#include "route.h"
#include "protocol.h"
#include "device.h"
#include "system.h"
int routing_mode = RMODE_ROUTER;
int priorityinheritance = 0;
int macexpire = 600;
subnet_t mymac;
void learn_mac(mac_t *address)
{
subnet_t *subnet;
avl_node_t *node;
connection_t *c;
cp
subnet = lookup_subnet_mac(address);
/* If we don't know this MAC address yet, store it */
if(!subnet || subnet->owner!=myself)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("Learned new MAC address %hx:%hx:%hx:%hx:%hx:%hx"),
address->x[0], address->x[1], address->x[2], address->x[3], address->x[4], address->x[5]);
subnet = new_subnet();
subnet->type = SUBNET_MAC;
memcpy(&subnet->net.mac.address, address, sizeof(mac_t));
subnet_add(myself, subnet);
/* And tell all other tinc daemons it's our MAC */
for(node = connection_tree->head; node; node = node->next)
{
c = (connection_t *)node->data;
if(c->status.active)
send_add_subnet(c, subnet);
}
}
subnet->net.mac.lastseen = now;
}
void age_mac(void)
{
subnet_t *s;
connection_t *c;
avl_node_t *node, *next, *node2;
cp
for(node = myself->subnet_tree->head; node; node = next)
{
next = node->next;
s = (subnet_t *)node->data;
if(s->type == SUBNET_MAC && s->net.mac.lastseen && s->net.mac.lastseen + macexpire < now)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_INFO, _("MAC address %hx:%hx:%hx:%hx:%hx:%hx expired"),
s->net.mac.address.x[0], s->net.mac.address.x[1], s->net.mac.address.x[2], s->net.mac.address.x[3], s->net.mac.address.x[4], s->net.mac.address.x[5]);
for(node2 = connection_tree->head; node2; node2 = node2->next)
{
c = (connection_t *)node2->data;
if(c->status.active)
send_del_subnet(c, s);
}
subnet_del(myself, s);
}
}
cp
}
node_t *route_mac(vpn_packet_t *packet)
{
subnet_t *subnet;
cp
/* Learn source address */
learn_mac((mac_t *)(&packet->data[6]));
/* Lookup destination address */
subnet = lookup_subnet_mac((mac_t *)(&packet->data[0]));
if(subnet)
return subnet->owner;
else
return NULL;
}
node_t *route_ipv4(vpn_packet_t *packet)
{
subnet_t *subnet;
cp
if(priorityinheritance)
packet->priority = packet->data[15];
subnet = lookup_subnet_ipv4((ipv4_t *)&packet->data[30]);
cp
if(!subnet)
{
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: unknown IPv4 destination address %d.%d.%d.%d"),
packet->data[30], packet->data[31], packet->data[32], packet->data[33]);
}
return NULL;
}
cp
return subnet->owner;
}
node_t *route_ipv6(vpn_packet_t *packet)
{
subnet_t *subnet;
cp
subnet = lookup_subnet_ipv6((ipv6_t *)&packet->data[38]);
cp
if(!subnet)
{
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: unknown IPv6 destination address %hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx"),
ntohs(*(short unsigned int *)&packet->data[38]),
ntohs(*(short unsigned int *)&packet->data[40]),
ntohs(*(short unsigned int *)&packet->data[42]),
ntohs(*(short unsigned int *)&packet->data[44]),
ntohs(*(short unsigned int *)&packet->data[46]),
ntohs(*(short unsigned int *)&packet->data[48]),
ntohs(*(short unsigned int *)&packet->data[50]),
ntohs(*(short unsigned int *)&packet->data[52]));
}
return NULL;
}
cp
return subnet->owner;
}
unsigned short int inet_checksum(unsigned short int *data, int len, unsigned short int prevsum)
{
unsigned long int checksum = prevsum ^ 0xFFFF;
while(len--)
checksum += ntohs(*data++);
while(checksum >> 16)
checksum = (checksum & 0xFFFF) + (checksum >> 16);
return checksum ^ 0xFFFF;
}
void route_neighborsol(vpn_packet_t *packet)
{
struct ip6_hdr *hdr;
struct nd_neighbor_solicit *ns;
struct nd_opt_hdr *opt;
subnet_t *subnet;
short unsigned int checksum;
struct {
struct in6_addr ip6_src; /* source address */
struct in6_addr ip6_dst; /* destination address */
uint32_t length;
uint8_t junk[4];
} pseudo;
cp
hdr = (struct ip6_hdr *)(packet->data + 14);
ns = (struct nd_neighbor_solicit *)(packet->data + 14 + sizeof(*hdr));
opt = (struct nd_opt_hdr *)(packet->data + 14 + sizeof(*hdr) + sizeof(*ns));
/* First, snatch the source address from the neighbor solicitation packet */
memcpy(mymac.net.mac.address.x, packet->data + 6, 6);
/* Check if this is a valid neighbor solicitation request */
if(ns->nd_ns_hdr.icmp6_type != ND_NEIGHBOR_SOLICIT ||
opt->nd_opt_type != ND_OPT_SOURCE_LINKADDR)
{
if(debug_lvl > DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: received unknown type neighbor solicitation request"));
}
return;
}
/* Create pseudo header */
memcpy(&pseudo.ip6_src, &hdr->ip6_src, 16);
memcpy(&pseudo.ip6_dst, &hdr->ip6_dst, 16);
pseudo.length = htonl(sizeof(*ns) + sizeof(*opt) + 6);
pseudo.junk[0] = pseudo.junk[1] = pseudo.junk[2] = 0;
pseudo.junk[3] = IPPROTO_ICMPV6;
/* Generate checksum */
checksum = inet_checksum((unsigned short int *)&pseudo, sizeof(pseudo)/2, ~0);
checksum = inet_checksum((unsigned short int *)ns, sizeof(*ns)/2 + 4, checksum);
if(checksum)
{
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_WARNING, _("Cannot route packet: checksum error for neighbor solicitation request"));
return;
}
/* Check if the IPv6 address exists on the VPN */
subnet = lookup_subnet_ipv6((ipv6_t *)&ns->nd_ns_target);
if(!subnet)
{
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: neighbor solicitation request for unknown address %hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx"),
ntohs(((uint16_t *)&ns->nd_ns_target)[0]), ntohs(((uint16_t *)&ns->nd_ns_target)[1]), ntohs(((uint16_t *)&ns->nd_ns_target)[2]), ntohs(((uint16_t *)&ns->nd_ns_target)[3]),
ntohs(((uint16_t *)&ns->nd_ns_target)[4]), ntohs(((uint16_t *)&ns->nd_ns_target)[5]), ntohs(((uint16_t *)&ns->nd_ns_target)[6]), ntohs(((uint16_t *)&ns->nd_ns_target)[7]));
}
return;
}
/* Check if it is for our own subnet */
if(subnet->owner == myself)
return; /* silently ignore */
/* Create neighbor advertation reply */
memcpy(packet->data, packet->data + ETHER_ADDR_LEN, ETHER_ADDR_LEN); /* copy destination address */
packet->data[ETHER_ADDR_LEN*2 - 1] ^= 0xFF; /* mangle source address so it looks like it's not from us */
memcpy(&hdr->ip6_dst, &hdr->ip6_src, 16); /* swap destination and source protocol address */
memcpy(&hdr->ip6_src, &ns->nd_ns_target, 16); /* ... */
memcpy((char *)opt + sizeof(*opt), packet->data + ETHER_ADDR_LEN, 6); /* add fake source hard addr */
ns->nd_ns_hdr.icmp6_cksum = 0;
ns->nd_ns_hdr.icmp6_type = ND_NEIGHBOR_ADVERT;
ns->nd_ns_hdr.icmp6_dataun.icmp6_un_data8[0] = 0x40; /* Set solicited flag */
ns->nd_ns_hdr.icmp6_dataun.icmp6_un_data8[1] = ns->nd_ns_hdr.icmp6_dataun.icmp6_un_data8[2] = ns->nd_ns_hdr.icmp6_dataun.icmp6_un_data8[3] = 0;
opt->nd_opt_type = ND_OPT_TARGET_LINKADDR;
/* Create pseudo header */
memcpy(&pseudo.ip6_src, &hdr->ip6_src, 16);
memcpy(&pseudo.ip6_dst, &hdr->ip6_dst, 16);
pseudo.length = htonl(sizeof(*ns) + sizeof(*opt) + 6);
pseudo.junk[0] = pseudo.junk[1] = pseudo.junk[2] = 0;
pseudo.junk[3] = IPPROTO_ICMPV6;
/* Generate checksum */
checksum = inet_checksum((unsigned short int *)&pseudo, sizeof(pseudo)/2, ~0);
checksum = inet_checksum((unsigned short int *)ns, sizeof(*ns)/2 + 4, checksum);
ns->nd_ns_hdr.icmp6_cksum = htons(checksum);
write_packet(packet);
cp
}
void route_arp(vpn_packet_t *packet)
{
struct ether_arp *arp;
subnet_t *subnet;
unsigned char ipbuf[4];
cp
/* First, snatch the source address from the ARP packet */
memcpy(mymac.net.mac.address.x, packet->data + 6, 6);
/* This routine generates replies to ARP requests.
You don't need to set NOARP flag on the interface anymore (which is broken on FreeBSD).
Most of the code here is taken from choparp.c by Takamichi Tateoka (tree@mma.club.uec.ac.jp)
*/
arp = (struct ether_arp *)(packet->data + 14);
/* Check if this is a valid ARP request */
if(ntohs(arp->arp_hrd) != ARPHRD_ETHER ||
ntohs(arp->arp_pro) != ETHERTYPE_IP ||
(int) (arp->arp_hln) != ETHER_ADDR_LEN ||
(int) (arp->arp_pln) != 4 ||
ntohs(arp->arp_op) != ARPOP_REQUEST )
{
if(debug_lvl > DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: received unknown type ARP request"));
}
return;
}
/* Check if the IPv4 address exists on the VPN */
subnet = lookup_subnet_ipv4((ipv4_t *)arp->arp_tpa);
if(!subnet)
{
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: ARP request for unknown address %d.%d.%d.%d"),
arp->arp_tpa[0], arp->arp_tpa[1], arp->arp_tpa[2], arp->arp_tpa[3]);
}
return;
}
/* Check if it is for our own subnet */
if(subnet->owner == myself)
return; /* silently ignore */
memcpy(packet->data, packet->data + ETHER_ADDR_LEN, ETHER_ADDR_LEN); /* copy destination address */
packet->data[ETHER_ADDR_LEN*2 - 1] ^= 0xFF; /* mangle source address so it looks like it's not from us */
memcpy(ipbuf, arp->arp_tpa, 4); /* save protocol addr */
memcpy(arp->arp_tpa, arp->arp_spa, 4); /* swap destination and source protocol address */
memcpy(arp->arp_spa, ipbuf, 4); /* ... */
memcpy(arp->arp_tha, arp->arp_sha, 10); /* set target hard/proto addr */
memcpy(arp->arp_sha, packet->data + ETHER_ADDR_LEN, ETHER_ADDR_LEN); /* add fake source hard addr */
arp->arp_op = htons(ARPOP_REPLY);
write_packet(packet);
cp
}
void route_outgoing(vpn_packet_t *packet)
{
unsigned short int type;
node_t *n = NULL;
cp
/* FIXME: multicast? */
switch(routing_mode)
{
case RMODE_ROUTER:
type = ntohs(*((unsigned short*)(&packet->data[12])));
switch(type)
{
case 0x0800:
n = route_ipv4(packet);
break;
case 0x86DD:
if(packet->data[20] == IPPROTO_ICMPV6 && packet->data[54] == ND_NEIGHBOR_SOLICIT)
{
route_neighborsol(packet);
return;
}
n = route_ipv6(packet);
break;
case 0x0806:
route_arp(packet);
return;
default:
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_WARNING, _("Cannot route packet: unknown type %hx"), type);
}
return;
}
if(n)
send_packet(n, packet);
break;
case RMODE_SWITCH:
n = route_mac(packet);
if(n)
send_packet(n, packet);
else
broadcast_packet(myself, packet);
break;
case RMODE_HUB:
broadcast_packet(myself, packet);
break;
}
}
void route_incoming(node_t *source, vpn_packet_t *packet)
{
switch(routing_mode)
{
case RMODE_ROUTER:
{
node_t *n = NULL;
unsigned short int type;
type = ntohs(*((unsigned short*)(&packet->data[12])));
switch(type)
{
case 0x0800:
n = route_ipv4(packet);
break;
case 0x86DD:
n = route_ipv6(packet);
break;
default:
n = myself;
break;
}
if(n)
{
if(n == myself)
{
memcpy(packet->data, mymac.net.mac.address.x, 6);
write_packet(packet);
}
else
send_packet(n, packet);
}
}
break;
case RMODE_SWITCH:
{
subnet_t *subnet;
subnet = lookup_subnet_mac((mac_t *)(&packet->data[0]));
if(subnet)
{
if(subnet->owner == myself)
write_packet(packet);
else
send_packet(subnet->owner, packet);
}
else
{
broadcast_packet(source, packet);
write_packet(packet);
}
}
break;
case RMODE_HUB:
broadcast_packet(source, packet); /* Spread it on */
write_packet(packet);
break;
}
}

41
src/route.h Normal file
View file

@ -0,0 +1,41 @@
/*
route.h -- header file for route.c
Copyright (C) 2000-2002 Ivo Timmermans <zarq@iname.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: route.h,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#ifndef __TINC_ROUTE_H__
#define __TINC_ROUTE_H__
enum
{
RMODE_HUB = 0,
RMODE_SWITCH,
RMODE_ROUTER,
};
extern int routing_mode;
extern int priorityinheritance;
extern int macexpire;
extern void age_mac(void);
extern void route_incoming(node_t *, vpn_packet_t *);
extern void route_outgoing(vpn_packet_t *);
#endif /* __TINC_ROUTE_H__ */

394
src/subnet.c Normal file
View file

@ -0,0 +1,394 @@
/*
subnet.c -- handle subnet lookups and lists
Copyright (C) 2000-2002 Guus Sliepen <guus@sliepen.warande.net>,
2000-2002 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: subnet.c,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#include "config.h"
#include <stdio.h>
#include <syslog.h>
#include <string.h>
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <netinet/in.h>
#include <utils.h>
#include <xalloc.h>
#include <avl_tree.h>
#include "conf.h"
#include "net.h"
#include "node.h"
#include "subnet.h"
#include "netutl.h"
#include "system.h"
/* lists type of subnet */
avl_tree_t *subnet_tree;
/* Subnet comparison */
int subnet_compare_mac(subnet_t *a, subnet_t *b)
{
cp
return memcmp(&a->net.mac.address, &b->net.mac.address, sizeof(mac_t));
}
int subnet_compare_ipv4(subnet_t *a, subnet_t *b)
{
int result;
cp
result = memcmp(&a->net.ipv4.address, &b->net.ipv4.address, sizeof(ipv4_t));
if(result)
return result;
return a->net.ipv4.prefixlength - b->net.ipv4.prefixlength;
}
int subnet_compare_ipv6(subnet_t *a, subnet_t *b)
{
int result;
cp
result = memcmp(&a->net.ipv6.address, &b->net.ipv6.address, sizeof(ipv6_t));
if(result)
return result;
return a->net.ipv6.prefixlength - b->net.ipv6.prefixlength;
}
int subnet_compare(subnet_t *a, subnet_t *b)
{
int result;
cp
result = a->type - b->type;
if(result)
return result;
switch(a->type)
{
case SUBNET_MAC:
return subnet_compare_mac(a, b);
case SUBNET_IPV4:
return subnet_compare_ipv4(a, b);
case SUBNET_IPV6:
return subnet_compare_ipv6(a, b);
default:
syslog(LOG_ERR, _("subnet_compare() was called with unknown subnet type %d, exitting!"), a->type);
cp_trace();
exit(0);
}
return 0;
}
/* Initialising trees */
void init_subnets(void)
{
cp
subnet_tree = avl_alloc_tree((avl_compare_t)subnet_compare, (avl_action_t)free_subnet);
cp
}
void exit_subnets(void)
{
cp
avl_delete_tree(subnet_tree);
cp
}
avl_tree_t *new_subnet_tree(void)
{
cp
return avl_alloc_tree((avl_compare_t)subnet_compare, NULL);
cp
}
void free_subnet_tree(avl_tree_t *subnet_tree)
{
cp
avl_delete_tree(subnet_tree);
cp
}
/* Allocating and freeing space for subnets */
subnet_t *new_subnet(void)
{
cp
return (subnet_t *)xmalloc(sizeof(subnet_t));
}
void free_subnet(subnet_t *subnet)
{
cp
free(subnet);
}
/* Adding and removing subnets */
void subnet_add(node_t *n, subnet_t *subnet)
{
cp
subnet->owner = n;
avl_insert(subnet_tree, subnet);
cp
avl_insert(n->subnet_tree, subnet);
cp
}
void subnet_del(node_t *n, subnet_t *subnet)
{
cp
avl_delete(n->subnet_tree, subnet);
cp
avl_delete(subnet_tree, subnet);
cp
}
/* Ascii representation of subnets */
subnet_t *str2net(char *subnetstr)
{
int i, l;
subnet_t *subnet;
unsigned short int x[8];
cp
subnet = new_subnet();
cp
if(sscanf(subnetstr, "%hu.%hu.%hu.%hu/%d",
&x[0], &x[1], &x[2], &x[3],
&l) == 5)
{
subnet->type = SUBNET_IPV4;
subnet->net.ipv4.prefixlength = l;
for(i = 0; i < 4; i++)
subnet->net.ipv4.address.x[i] = x[i];
return subnet;
}
if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx/%d",
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7],
&l) == 9)
{
subnet->type = SUBNET_IPV6;
subnet->net.ipv6.prefixlength = l;
for(i = 0; i < 8; i++)
subnet->net.ipv6.address.x[i] = htons(x[i]);
return subnet;
}
if(sscanf(subnetstr, "%hu.%hu.%hu.%hu",
&x[0], &x[1], &x[2], &x[3]) == 4)
{
subnet->type = SUBNET_IPV4;
subnet->net.ipv4.prefixlength = 32;
for(i = 0; i < 4; i++)
subnet->net.ipv4.address.x[i] = x[i];
return subnet;
}
if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx",
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7]) == 8)
{
subnet->type = SUBNET_IPV6;
subnet->net.ipv6.prefixlength = 128;
for(i = 0; i < 8; i++)
subnet->net.ipv6.address.x[i] = htons(x[i]);
return subnet;
}
if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx",
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5]) == 6)
{
subnet->type = SUBNET_MAC;
for(i = 0; i < 6; i++)
subnet->net.mac.address.x[i] = x[i];
return subnet;
}
free(subnet);
return NULL;
}
char *net2str(subnet_t *subnet)
{
char *netstr;
cp
switch(subnet->type)
{
case SUBNET_MAC:
asprintf(&netstr, "%hx:%hx:%hx:%hx:%hx:%hx",
subnet->net.mac.address.x[0],
subnet->net.mac.address.x[1],
subnet->net.mac.address.x[2],
subnet->net.mac.address.x[3],
subnet->net.mac.address.x[4],
subnet->net.mac.address.x[5]);
break;
case SUBNET_IPV4:
asprintf(&netstr, "%hu.%hu.%hu.%hu/%d",
subnet->net.ipv4.address.x[0],
subnet->net.ipv4.address.x[1],
subnet->net.ipv4.address.x[2],
subnet->net.ipv4.address.x[3],
subnet->net.ipv4.prefixlength);
break;
case SUBNET_IPV6:
asprintf(&netstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx/%d",
ntohs(subnet->net.ipv6.address.x[0]),
ntohs(subnet->net.ipv6.address.x[1]),
ntohs(subnet->net.ipv6.address.x[2]),
ntohs(subnet->net.ipv6.address.x[3]),
ntohs(subnet->net.ipv6.address.x[4]),
ntohs(subnet->net.ipv6.address.x[5]),
ntohs(subnet->net.ipv6.address.x[6]),
ntohs(subnet->net.ipv6.address.x[7]),
subnet->net.ipv6.prefixlength);
break;
default:
syslog(LOG_ERR, _("net2str() was called with unknown subnet type %d, exitting!"), subnet->type);
cp_trace();
exit(0);
}
cp
return netstr;
}
/* Subnet lookup routines */
subnet_t *lookup_subnet(node_t *owner, subnet_t *subnet)
{
cp
return avl_search(owner->subnet_tree, subnet);
}
subnet_t *lookup_subnet_mac(mac_t *address)
{
subnet_t subnet, *p;
cp
subnet.type = SUBNET_MAC;
memcpy(&subnet.net.mac.address, address, sizeof(mac_t));
p = (subnet_t *)avl_search(subnet_tree, &subnet);
cp
return p;
}
subnet_t *lookup_subnet_ipv4(ipv4_t *address)
{
subnet_t subnet, *p;
cp
subnet.type = SUBNET_IPV4;
memcpy(&subnet.net.ipv4.address, address, sizeof(ipv4_t));
subnet.net.ipv4.prefixlength = 32;
do
{
/* Go find subnet */
p = (subnet_t *)avl_search_closest_smaller(subnet_tree, &subnet);
/* Check if the found subnet REALLY matches */
cp
if(p)
{
if(p->type != SUBNET_IPV4)
{
p = NULL;
break;
}
if (!maskcmp((char *)address, (char *)&p->net.ipv4.address, p->net.ipv4.prefixlength, sizeof(ipv4_t)))
break;
else
{
/* Otherwise, see if there is a bigger enclosing subnet */
subnet.net.ipv4.prefixlength = p->net.ipv4.prefixlength - 1;
maskcpy((char *)&subnet.net.ipv4.address, (char *)&p->net.ipv4.address, subnet.net.ipv4.prefixlength, sizeof(ipv4_t));
}
}
} while (p);
cp
return p;
}
subnet_t *lookup_subnet_ipv6(ipv6_t *address)
{
subnet_t subnet, *p;
cp
subnet.type = SUBNET_IPV6;
memcpy(&subnet.net.ipv6.address, address, sizeof(ipv6_t));
subnet.net.ipv6.prefixlength = 128;
do
{
/* Go find subnet */
p = (subnet_t *)avl_search_closest_smaller(subnet_tree, &subnet);
/* Check if the found subnet REALLY matches */
cp
if(p)
{
if(p->type != SUBNET_IPV6)
return NULL;
if (!maskcmp((char *)address, (char *)&p->net.ipv6.address, p->net.ipv6.prefixlength, sizeof(ipv6_t)))
break;
else
{
/* Otherwise, see if there is a bigger enclosing subnet */
subnet.net.ipv6.prefixlength = p->net.ipv6.prefixlength - 1;
maskcpy((char *)&subnet.net.ipv6.address, (char *)&p->net.ipv6.address, subnet.net.ipv6.prefixlength, sizeof(ipv6_t));
}
}
} while (p);
cp
return p;
}
void dump_subnets(void)
{
char *netstr;
subnet_t *subnet;
avl_node_t *node;
cp
syslog(LOG_DEBUG, _("Subnet list:"));
for(node = subnet_tree->head; node; node = node->next)
{
subnet = (subnet_t *)node->data;
netstr = net2str(subnet);
syslog(LOG_DEBUG, _(" %s owner %s"), netstr, subnet->owner->name);
free(netstr);
}
syslog(LOG_DEBUG, _("End of subnet list."));
cp
}

88
src/subnet.h Normal file
View file

@ -0,0 +1,88 @@
/*
subnet.h -- header for subnet.c
Copyright (C) 2000,2001 Guus Sliepen <guus@sliepen.warande.net>,
2000,2001 Ivo Timmermans <itimmermans@bigfoot.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: subnet.h,v 1.2 2002/04/09 15:26:01 zarq Exp $
*/
#ifndef __TINC_SUBNET_H__
#define __TINC_SUBNET_H__
#include "net.h"
enum
{
SUBNET_MAC = 0,
SUBNET_IPV4,
SUBNET_IPV6,
SUBNET_TYPES /* Guardian */
};
typedef struct subnet_mac_t
{
mac_t address;
time_t lastseen;
} subnet_mac_t;
typedef struct subnet_ipv4_t
{
ipv4_t address;
int prefixlength;
} subnet_ipv4_t;
typedef struct subnet_ipv6_t
{
ipv6_t address;
int prefixlength;
} subnet_ipv6_t;
#include "node.h"
typedef struct subnet_t {
struct node_t *owner; /* the owner of this subnet */
struct node_t *uplink; /* the uplink which we should send packets to for this subnet */
int type; /* subnet type (IPv4? IPv6? MAC? something even weirder?) */
/* And now for the actual subnet: */
union net
{
subnet_mac_t mac;
subnet_ipv4_t ipv4;
subnet_ipv6_t ipv6;
} net;
} subnet_t;
extern subnet_t *new_subnet(void);
extern void free_subnet(subnet_t *);
extern void init_subnets(void);
extern void exit_subnets(void);
extern avl_tree_t *new_subnet_tree(void);
extern void free_subnet_tree(avl_tree_t *);
extern void subnet_add(struct node_t *, subnet_t *);
extern void subnet_del(struct node_t *, subnet_t *);
extern char *net2str(subnet_t *);
extern subnet_t *str2net(char *);
extern subnet_t *lookup_subnet(struct node_t *, subnet_t *);
extern subnet_t *lookup_subnet_mac(mac_t *);
extern subnet_t *lookup_subnet_ipv4(ipv4_t *);
extern subnet_t *lookup_subnet_ipv6(ipv6_t *);
extern void dump_subnets(void);
#endif /* __TINC_SUBNET_H__ */

526
src/tincd.c
View file

@ -1,7 +1,7 @@
/*
tincd.c -- the main file for tincd
Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
Copyright (C) 1998-2002 Ivo Timmermans <itimmermans@bigfoot.com>
2000-2002 Guus Sliepen <guus@sliepen.warande.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,13 +17,13 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: tincd.c,v 1.11 2000/10/18 20:12:10 zarq Exp $
$Id: tincd.c,v 1.12 2002/04/09 15:26:01 zarq Exp $
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <fcntl.h>
#include <getopt.h>
#include <signal.h>
#include <stdio.h>
@ -31,20 +31,27 @@
#include <syslog.h>
#include <unistd.h>
#include <signal.h>
#include <string.h>
#include <termios.h>
#ifdef HAVE_SYS_IOCTL_H
# include <sys/ioctl.h>
#endif
#include <pidfile.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <utils.h>
#include <xalloc.h>
#include "conf.h"
#include "encr.h"
#include "net.h"
#include "netutl.h"
#include "process.h"
#include "protocol.h"
#include "subnet.h"
#include "system.h"
@ -52,38 +59,37 @@
char *program_name;
/* If nonzero, display usage information and exit. */
static int show_help;
int show_help;
/* If nonzero, print the version on standard output and exit. */
static int show_version;
int show_version;
/* If nonzero, it will attempt to kill a running tincd and exit. */
static int kill_tincd = 0;
int kill_tincd = 0;
/* If zero, don't detach from the terminal. */
static int do_detach = 1;
/* If nonzero, generate public/private keypair for this host/net. */
int generate_keys = 0;
/* If nonzero, use null ciphers and skip all key exchanges. */
int bypass_security = 0;
char *identname; /* program name for syslog */
char *pidfilename; /* pid file location */
static pid_t ppid; /* pid of non-detached part */
char **g_argv; /* a copy of the cmdline arguments */
void cleanup_and_exit(int);
int detach(void);
int kill_other(void);
void make_names(void);
RETSIGTYPE parent_exit(int a);
void setup_signals(void);
int write_pidfile(void);
char **environment; /* A pointer to the environment on
startup */
static struct option const long_options[] =
{
{ "kill", no_argument, NULL, 'k' },
{ "config", required_argument, NULL, 'c' },
{ "kill", optional_argument, NULL, 'k' },
{ "net", required_argument, NULL, 'n' },
{ "timeout", required_argument, NULL, 'p' },
{ "help", no_argument, &show_help, 1 },
{ "version", no_argument, &show_version, 1 },
{ "no-detach", no_argument, &do_detach, 0 },
{ "generate-keys", optional_argument, NULL, 'K'},
{ "debug", optional_argument, NULL, 'd'},
{ "bypass-security", no_argument, &bypass_security, 1 },
{ NULL, 0, NULL, 0 }
};
@ -95,14 +101,14 @@ usage(int status)
else
{
printf(_("Usage: %s [option]...\n\n"), program_name);
printf(_(" -c, --config=DIR Read configuration options from DIR.\n"
" -D, --no-detach Don't fork and detach.\n"
" -d Increase debug level.\n"
" -k, --kill Attempt to kill a running tincd and exit.\n"
" -n, --net=NETNAME Connect to net NETNAME.\n"
" -t, --timeout=TIMEOUT Seconds to wait before giving a timeout.\n"));
printf(_(" --help Display this help and exit.\n"
" --version Output version information and exit.\n\n"));
printf(_(" -c, --config=DIR Read configuration options from DIR.\n"
" -D, --no-detach Don't fork and detach.\n"
" -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n"
" -k, --kill[=SIGNAL] Attempt to kill a running tincd and exit.\n"
" -n, --net=NETNAME Connect to net NETNAME.\n"));
printf(_(" -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n"
" --help Display this help and exit.\n"
" --version Output version information and exit.\n\n"));
printf(_("Report bugs to tinc@nl.linux.org.\n"));
}
exit(status);
@ -113,38 +119,77 @@ parse_options(int argc, char **argv, char **envp)
{
int r;
int option_index = 0;
config_t *p;
while((r = getopt_long(argc, argv, "c:Ddkn:t:", long_options, &option_index)) != EOF)
while((r = getopt_long(argc, argv, "c:Dd::k::n:K::", long_options, &option_index)) != EOF)
{
switch(r)
{
case 0: /* long option */
break;
case 'c': /* config file */
confbase = xmalloc(strlen(optarg)+1);
strcpy(confbase, optarg);
break;
case 'D': /* no detach */
do_detach = 0;
break;
case 'd': /* inc debug level */
debug_lvl++;
break;
case 'k': /* kill old tincds */
kill_tincd = 1;
break;
case 'n': /* net name given */
netname = xmalloc(strlen(optarg)+1);
strcpy(netname, optarg);
break;
case 't': /* timeout */
if(!(p = add_config_val(&config, TYPE_INT, optarg)))
{
printf(_("Invalid timeout value `%s'.\n"), optarg);
usage(1);
}
break;
case 'c': /* config file */
confbase = xmalloc(strlen(optarg)+1);
strcpy(confbase, optarg);
break;
case 'D': /* no detach */
do_detach = 0;
break;
case 'd': /* inc debug level */
if(optarg)
debug_lvl = atoi(optarg);
else
debug_lvl++;
break;
case 'k': /* kill old tincds */
if(optarg)
{
if(!strcasecmp(optarg, "HUP"))
kill_tincd = SIGHUP;
else if(!strcasecmp(optarg, "TERM"))
kill_tincd = SIGTERM;
else if(!strcasecmp(optarg, "KILL"))
kill_tincd = SIGKILL;
else if(!strcasecmp(optarg, "USR1"))
kill_tincd = SIGUSR1;
else if(!strcasecmp(optarg, "USR2"))
kill_tincd = SIGUSR2;
else if(!strcasecmp(optarg, "WINCH"))
kill_tincd = SIGWINCH;
else if(!strcasecmp(optarg, "INT"))
kill_tincd = SIGINT;
else if(!strcasecmp(optarg, "ALRM"))
kill_tincd = SIGALRM;
else
{
kill_tincd = atoi(optarg);
if(!kill_tincd)
{
fprintf(stderr, _("Invalid argument `%s'; SIGNAL must be a number or one of HUP, TERM, KILL, USR1, USR2, WINCH, INT or ALRM.\n"), optarg);
usage(1);
}
}
}
else
kill_tincd = SIGTERM;
break;
case 'n': /* net name given */
netname = xmalloc(strlen(optarg)+1);
strcpy(netname, optarg);
break;
case 'K': /* generate public/private keypair */
if(optarg)
{
generate_keys = atoi(optarg);
if(generate_keys < 512)
{
fprintf(stderr, _("Invalid argument `%s'; BITS must be a number equal to or greater than 512.\n"),
optarg);
usage(1);
}
generate_keys &= ~7; /* Round it to bytes */
}
else
generate_keys = 1024;
break;
case '?':
usage(1);
default:
@ -153,134 +198,88 @@ parse_options(int argc, char **argv, char **envp)
}
}
void memory_full(int size)
/* This function prettyprints the key generation process */
void indicator(int a, int b, void *p)
{
syslog(LOG_ERR, _("Memory exhausted (last is %s:%d) (couldn't allocate %d bytes), exiting."), cp_file, cp_line, size);
exit(1);
switch(a)
{
case 0:
fprintf(stderr, ".");
break;
case 1:
fprintf(stderr, "+");
break;
case 2:
fprintf(stderr, "-");
break;
case 3:
switch(b)
{
case 0:
fprintf(stderr, " p\n");
break;
case 1:
fprintf(stderr, " q\n");
break;
default:
fprintf(stderr, "?");
}
break;
default:
fprintf(stderr, "?");
}
}
/*
Detach from current terminal, write pidfile, kill parent
Generate a public/private RSA keypair, and ask for a file to store
them in.
*/
int detach(void)
int keygen(int bits)
{
int fd;
pid_t pid;
RSA *rsa_key;
FILE *f;
char *name = NULL;
char *filename;
if(do_detach)
fprintf(stderr, _("Generating %d bits keys:\n"), bits);
rsa_key = RSA_generate_key(bits, 0xFFFF, indicator, NULL);
if(!rsa_key)
{
ppid = getpid();
if((pid = fork()) < 0)
{
perror("fork");
return -1;
}
if(pid) /* parent process */
{
signal(SIGTERM, parent_exit);
// sleep(600); /* wait 10 minutes */
exit(1);
}
fprintf(stderr, _("Error during key generation!\n"));
return -1;
}
if(write_pidfile())
else
fprintf(stderr, _("Done.\n"));
get_config_string(lookup_config(config_tree, "Name"), &name);
if(name)
asprintf(&filename, "%s/hosts/%s", confbase, name);
else
asprintf(&filename, "%s/rsa_key.pub", confbase);
if((f = ask_and_safe_open(filename, _("public RSA key"), "a")) == NULL)
return -1;
if(do_detach)
{
if((fd = open("/dev/tty", O_RDWR)) >= 0)
{
if(ioctl(fd, TIOCNOTTY, NULL))
{
perror("ioctl");
return -1;
}
close(fd);
}
if(ftell(f))
fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n"));
if(setsid() < 0)
return -1;
PEM_write_RSAPublicKey(f, rsa_key);
fclose(f);
free(filename);
kill(ppid, SIGTERM);
}
chdir("/"); /* avoid keeping a mointpoint busy */
asprintf(&filename, "%s/rsa_key.priv", confbase);
if((f = ask_and_safe_open(filename, _("private RSA key"), "a")) == NULL)
return -1;
openlog(identname, LOG_CONS | LOG_PID, LOG_DAEMON);
if(ftell(f))
fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n"));
if(debug_lvl > 0)
syslog(LOG_NOTICE, _("tincd %s (%s %s) starting, debug level %d"),
VERSION, __DATE__, __TIME__, debug_lvl);
else
syslog(LOG_NOTICE, _("tincd %s starting"), VERSION, debug_lvl);
xalloc_fail_func = memory_full;
return 0;
}
/*
Close network connections, and terminate neatly
*/
void cleanup_and_exit(int c)
{
close_network_connections();
if(debug_lvl > 0)
syslog(LOG_INFO, _("Total bytes written: tap %d, socket %d; bytes read: tap %d, socket %d"),
total_tap_out, total_socket_out, total_tap_in, total_socket_in);
closelog();
kill(ppid, SIGTERM);
exit(c);
}
/*
check for an existing tinc for this net, and write pid to pidfile
*/
int write_pidfile(void)
{
int pid;
if((pid = check_pid(pidfilename)))
{
if(netname)
fprintf(stderr, _("A tincd is already running for net `%s' with pid %d.\n"),
netname, pid);
else
fprintf(stderr, _("A tincd is already running with pid %d.\n"), pid);
return 1;
}
/* if it's locked, write-protected, or whatever */
if(!write_pid(pidfilename))
return 1;
return 0;
}
/*
kill older tincd for this net
*/
int kill_other(void)
{
int pid;
if(!(pid = read_pid(pidfilename)))
{
if(netname)
fprintf(stderr, _("No other tincd is running for net `%s'.\n"), netname);
else
fprintf(stderr, _("No other tincd is running.\n"));
return 1;
}
errno = 0; /* No error, sometimes errno is only changed on error */
/* ESRCH is returned when no process with that pid is found */
if(kill(pid, SIGTERM) && errno == ESRCH)
fprintf(stderr, _("Removing stale lock file.\n"));
remove_pid(pidfilename);
PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL);
fclose(f);
free(filename);
return 0;
}
@ -293,17 +292,18 @@ void make_names(void)
if(netname)
{
if(!pidfilename)
asprintf(&pidfilename, "/var/run/tinc.%s.pid", netname);
asprintf(&pidfilename, LOCALSTATEDIR "/run/tinc.%s.pid", netname);
if(!confbase)
asprintf(&confbase, "%s/tinc/%s", CONFDIR, netname);
else
syslog(LOG_INFO, _("Both netname and configuration directory given, using the latter..."));
if(!identname)
asprintf(&identname, "tinc.%s", netname);
}
else
{
netname = "bla";
if(!pidfilename)
pidfilename = "/var/run/tinc.pid";
pidfilename = LOCALSTATEDIR "/run/tinc.pid";
if(!confbase)
asprintf(&confbase, "%s/tinc", CONFDIR);
if(!identname)
@ -320,20 +320,17 @@ main(int argc, char **argv, char **envp)
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
/* Do some intl stuff right now */
unknown = _("unknown");
environment = envp;
parse_options(argc, argv, envp);
if(show_version)
{
printf(_("%s version %s (built %s %s, protocol %d)\n"), PACKAGE, VERSION, __DATE__, __TIME__, PROT_CURRENT);
printf(_("Copyright (C) 1998,1999,2000 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n"
"see the file COPYING for details.\n"));
printf(_("Copyright (C) 1998-2002 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n"
"see the file COPYING for details.\n"));
return 0;
}
@ -341,164 +338,63 @@ main(int argc, char **argv, char **envp)
if(show_help)
usage(0);
if(geteuid())
{
fprintf(stderr, _("You must be root to run this program. Sorry.\n"));
return 1;
}
#ifdef HAVE_SOLARIS
openlog("tinc", LOG_CONS, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */
#else
openlog("tinc", LOG_PERROR, LOG_DAEMON); /* Catch all syslog() calls issued before detaching */
#endif
g_argv = argv;
make_names();
init_configuration(&config_tree);
/* Slllluuuuuuurrrrp! */
cp
RAND_load_file("/dev/urandom", 1024);
#ifdef HAVE_SSLEAY_ADD_ALL_ALGORITHMS
SSLeay_add_all_algorithms();
#else
OpenSSL_add_all_algorithms();
#endif
cp
if(generate_keys)
{
read_server_config();
exit(keygen(generate_keys));
}
if(kill_tincd)
exit(kill_other());
exit(kill_other(kill_tincd));
if(read_server_config())
return 1;
setup_signals();
exit(1);
cp
if(detach())
exit(0);
/* FIXME: wt* is this suppose to do?
if(security_init())
return 1;
*/
cp
for(;;)
{
if(!setup_network_connections())
{
main_loop();
cleanup_and_exit(1);
}
}
syslog(LOG_ERR, _("Unrecoverable error"));
cp_trace();
if(do_detach)
{
syslog(LOG_NOTICE, _("Restarting in %d seconds!"), MAXTIMEOUT);
sleep(MAXTIMEOUT);
syslog(LOG_NOTICE, _("Restarting in %d seconds!"), maxtimeout);
sleep(maxtimeout);
}
else
{
syslog(LOG_ERR, _("Aieee! Not restarting."));
exit(0);
syslog(LOG_ERR, _("Not restarting."));
exit(1);
}
}
}
RETSIGTYPE
sigterm_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, _("Got TERM signal"));
cleanup_and_exit(0);
}
RETSIGTYPE
sigquit_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, _("Got QUIT signal"));
cleanup_and_exit(0);
}
RETSIGTYPE
sigsegv_square(int a)
{
syslog(LOG_ERR, _("Got another SEGV signal: not restarting"));
exit(0);
}
RETSIGTYPE
sigsegv_handler(int a)
{
syslog(LOG_ERR, _("Got SEGV signal"));
cp_trace();
if(do_detach)
{
syslog(LOG_NOTICE, _("Trying to re-execute in 5 seconds..."));
signal(SIGSEGV, sigsegv_square);
close_network_connections();
sleep(5);
remove_pid(pidfilename);
execvp(g_argv[0], g_argv);
}
else
{
syslog(LOG_NOTICE, _("Aieee! Not restarting."));
exit(0);
}
}
RETSIGTYPE
sighup_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, _("Got HUP signal, rereading configuration and restarting"));
sighup = 1;
}
RETSIGTYPE
sigint_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, _("Got INT signal, exiting"));
cleanup_and_exit(0);
}
RETSIGTYPE
sigusr1_handler(int a)
{
dump_conn_list();
}
RETSIGTYPE
sigusr2_handler(int a)
{
if(debug_lvl > 1)
syslog(LOG_NOTICE, _("Got USR2 signal, forcing new key generation"));
/* FIXME: reprogram this.
regenerate_keys();
*/
}
RETSIGTYPE
sighuh(int a)
{
syslog(LOG_WARNING, _("Got unexpected signal %d (%s)"), a, strsignal(a));
cp_trace();
}
void
setup_signals(void)
{
int i;
for(i=0;i<32;i++)
signal(i,sighuh);
if(signal(SIGTERM, SIG_IGN) != SIG_ERR)
signal(SIGTERM, sigterm_handler);
if(signal(SIGQUIT, SIG_IGN) != SIG_ERR)
signal(SIGQUIT, sigquit_handler);
if(signal(SIGSEGV, SIG_IGN) != SIG_ERR)
signal(SIGSEGV, sigsegv_handler);
if(signal(SIGHUP, SIG_IGN) != SIG_ERR)
signal(SIGHUP, sighup_handler);
signal(SIGPIPE, SIG_IGN);
if(signal(SIGINT, SIG_IGN) != SIG_ERR)
signal(SIGINT, sigint_handler);
signal(SIGUSR1, sigusr1_handler);
signal(SIGUSR2, sigusr2_handler);
// signal(SIGCHLD, parent_exit);
}
RETSIGTYPE parent_exit(int a)
{
exit(0);
}

7
system.h
View file

@ -41,5 +41,12 @@
#endif
#define N_(Text) Text
#ifndef HAVE_STRSIGNAL
# define strsignal(p) ""
#endif
/* Other functions */
#include <dropin.h>
#endif /* __TINC_SYSTEM_H__ */