Merge branch 'master' into 1.1
Conflicts: doc/tincd.8.in lib/pidfile.c src/graph.c src/net.c src/net.h src/net_packet.c src/net_setup.c src/net_socket.c src/netutl.c src/node.c src/node.h src/protocol_auth.c src/protocol_key.c src/tincd.c
This commit is contained in:
Guus Sliepen
commit
5a132550de
23 changed files with 534 additions and 183 deletions
|
|
@ -60,7 +60,7 @@ bool add_subnet_h(connection_t *c, char *request)
|
|||
return false;
|
||||
}
|
||||
|
||||
/* Check if owner name is a valid */
|
||||
/* Check if owner name is valid */
|
||||
|
||||
if(!check_id(name)) {
|
||||
logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_SUBNET", c->name,
|
||||
|
|
@ -127,8 +127,11 @@ bool add_subnet_h(connection_t *c, char *request)
|
|||
free_subnet(allowed);
|
||||
}
|
||||
|
||||
if(!cfg)
|
||||
if(!cfg) {
|
||||
logger(LOG_WARNING, _("Unauthorized %s from %s (%s) for %s"),
|
||||
"ADD_SUBNET", c->name, c->hostname, subnetstr);
|
||||
return false;
|
||||
}
|
||||
|
||||
free_subnet(allowed);
|
||||
}
|
||||
|
|
@ -176,7 +179,7 @@ bool del_subnet_h(connection_t *c, char *request)
|
|||
return false;
|
||||
}
|
||||
|
||||
/* Check if owner name is a valid */
|
||||
/* Check if owner name is valid */
|
||||
|
||||
if(!check_id(name)) {
|
||||
logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_SUBNET", c->name,
|
||||
|
|
@ -184,19 +187,6 @@ bool del_subnet_h(connection_t *c, char *request)
|
|||
return false;
|
||||
}
|
||||
|
||||
/* Check if the owner of the new subnet is in the connection list */
|
||||
|
||||
owner = lookup_node(name);
|
||||
|
||||
if(!owner) {
|
||||
ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for %s which is not in our node tree"),
|
||||
"DEL_SUBNET", c->name, c->hostname, name);
|
||||
return true;
|
||||
}
|
||||
|
||||
if(tunnelserver && owner != myself && owner != c->node)
|
||||
return false;
|
||||
|
||||
/* Check if subnet string is valid */
|
||||
|
||||
if(!str2net(&s, subnetstr)) {
|
||||
|
|
@ -208,6 +198,23 @@ bool del_subnet_h(connection_t *c, char *request)
|
|||
if(seen_request(request))
|
||||
return true;
|
||||
|
||||
/* Check if the owner of the subnet being deleted is in the connection list */
|
||||
|
||||
owner = lookup_node(name);
|
||||
|
||||
if(tunnelserver && owner != myself && owner != c->node) {
|
||||
/* in case of tunnelserver, ignore indirect subnet deletion */
|
||||
ifdebug(PROTOCOL) logger(LOG_WARNING, _("Ignoring indirect %s from %s (%s) for %s"),
|
||||
"DEL_SUBNET", c->name, c->hostname, subnetstr);
|
||||
return true;
|
||||
}
|
||||
|
||||
if(!owner) {
|
||||
ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for %s which is not in our node tree"),
|
||||
"DEL_SUBNET", c->name, c->hostname, name);
|
||||
return true;
|
||||
}
|
||||
|
||||
/* If everything is correct, delete the subnet from the list of the owner */
|
||||
|
||||
s.owner = owner;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue